aboutsummaryrefslogtreecommitdiff
path: root/crypto/heimdal/lib
diff options
context:
space:
mode:
authorAssar Westerlund <assar@FreeBSD.org>2001-02-13 16:46:19 +0000
committerAssar Westerlund <assar@FreeBSD.org>2001-02-13 16:46:19 +0000
commit5e9cd1ae3e10592ed70e7575551cba1bbab04d84 (patch)
treee66aa570ad1d12c43b32a7313b0f8e28971bf8a9 /crypto/heimdal/lib
parentb904de74b0b03f5b30d36efb081268953ddb6788 (diff)
downloadsrc-5e9cd1ae3e10592ed70e7575551cba1bbab04d84.tar.gz
src-5e9cd1ae3e10592ed70e7575551cba1bbab04d84.zip
Notes
Diffstat (limited to 'crypto/heimdal/lib')
-rw-r--r--crypto/heimdal/lib/45/Makefile.in265
-rw-r--r--crypto/heimdal/lib/45/mk_req.c27
-rw-r--r--crypto/heimdal/lib/Makefile.am9
-rw-r--r--crypto/heimdal/lib/Makefile.in249
-rw-r--r--crypto/heimdal/lib/asn1/Makefile.am99
-rw-r--r--crypto/heimdal/lib/asn1/Makefile.in498
-rw-r--r--crypto/heimdal/lib/asn1/asn1-common.h16
-rw-r--r--crypto/heimdal/lib/asn1/asn1_print.c7
-rw-r--r--crypto/heimdal/lib/asn1/der.h10
-rw-r--r--crypto/heimdal/lib/asn1/der_get.c31
-rw-r--r--crypto/heimdal/lib/asn1/der_length.c20
-rw-r--r--crypto/heimdal/lib/asn1/der_put.c38
-rw-r--r--crypto/heimdal/lib/asn1/gen.c36
-rw-r--r--crypto/heimdal/lib/asn1/gen_copy.c5
-rw-r--r--crypto/heimdal/lib/asn1/gen_decode.c413
-rw-r--r--crypto/heimdal/lib/asn1/gen_encode.c288
-rw-r--r--crypto/heimdal/lib/asn1/gen_free.c5
-rw-r--r--crypto/heimdal/lib/asn1/gen_length.c170
-rw-r--r--crypto/heimdal/lib/asn1/gen_locl.h7
-rw-r--r--crypto/heimdal/lib/asn1/k5.asn1161
-rw-r--r--crypto/heimdal/lib/asn1/lex.h11
-rw-r--r--crypto/heimdal/lib/asn1/lex.l26
-rw-r--r--crypto/heimdal/lib/asn1/parse.y34
-rw-r--r--crypto/heimdal/lib/asn1/pkinit.asn1189
-rw-r--r--crypto/heimdal/lib/asn1/rfc2459.asn121
-rw-r--r--crypto/heimdal/lib/asn1/x509.asn123
-rw-r--r--crypto/heimdal/lib/auth/ChangeLog31
-rw-r--r--crypto/heimdal/lib/auth/Makefile.in237
-rw-r--r--crypto/heimdal/lib/auth/afskauthlib/Makefile.am25
-rw-r--r--crypto/heimdal/lib/auth/afskauthlib/Makefile.in231
-rw-r--r--crypto/heimdal/lib/auth/afskauthlib/verify.c27
-rw-r--r--crypto/heimdal/lib/auth/pam/Makefile.in194
-rw-r--r--crypto/heimdal/lib/auth/pam/pam.c80
-rw-r--r--crypto/heimdal/lib/auth/pam/pam.conf.add64
-rw-r--r--crypto/heimdal/lib/auth/sia/Makefile.am54
-rw-r--r--crypto/heimdal/lib/auth/sia/Makefile.in286
-rw-r--r--crypto/heimdal/lib/auth/sia/sia.c10
-rw-r--r--crypto/heimdal/lib/com_err/ChangeLog127
-rw-r--r--crypto/heimdal/lib/com_err/Makefile.am24
-rw-r--r--crypto/heimdal/lib/com_err/Makefile.in649
-rw-r--r--crypto/heimdal/lib/com_err/com_err.c151
-rw-r--r--crypto/heimdal/lib/com_err/com_err.h56
-rw-r--r--crypto/heimdal/lib/com_err/com_right.h66
-rw-r--r--crypto/heimdal/lib/com_err/compile_et.c235
-rw-r--r--crypto/heimdal/lib/com_err/compile_et.h79
-rw-r--r--crypto/heimdal/lib/com_err/error.c91
-rw-r--r--crypto/heimdal/lib/com_err/lex.h39
-rw-r--r--crypto/heimdal/lib/com_err/lex.l126
-rw-r--r--crypto/heimdal/lib/com_err/parse.y167
-rw-r--r--crypto/heimdal/lib/com_err/roken_rename.h39
-rw-r--r--crypto/heimdal/lib/gssapi/8003.c83
-rw-r--r--crypto/heimdal/lib/gssapi/ChangeLog103
-rw-r--r--crypto/heimdal/lib/gssapi/Makefile.am10
-rw-r--r--crypto/heimdal/lib/gssapi/Makefile.in325
-rw-r--r--crypto/heimdal/lib/gssapi/accept_sec_context.c122
-rw-r--r--crypto/heimdal/lib/gssapi/acquire_cred.c63
-rw-r--r--crypto/heimdal/lib/gssapi/add_oid_set_member.c24
-rw-r--r--crypto/heimdal/lib/gssapi/address_to_krb5addr.c75
-rw-r--r--crypto/heimdal/lib/gssapi/copy_ccache.c56
-rw-r--r--crypto/heimdal/lib/gssapi/decapsulate.c10
-rw-r--r--crypto/heimdal/lib/gssapi/encapsulate.c7
-rw-r--r--crypto/heimdal/lib/gssapi/export_sec_context.c27
-rw-r--r--crypto/heimdal/lib/gssapi/external.c37
-rw-r--r--crypto/heimdal/lib/gssapi/get_mic.c212
-rw-r--r--crypto/heimdal/lib/gssapi/gssapi.h49
-rw-r--r--crypto/heimdal/lib/gssapi/gssapi_locl.h17
-rw-r--r--crypto/heimdal/lib/gssapi/import_sec_context.c37
-rw-r--r--crypto/heimdal/lib/gssapi/init.c12
-rw-r--r--crypto/heimdal/lib/gssapi/init_sec_context.c389
-rw-r--r--crypto/heimdal/lib/gssapi/release_buffer.c5
-rw-r--r--crypto/heimdal/lib/gssapi/release_cred.c4
-rw-r--r--crypto/heimdal/lib/gssapi/release_name.c5
-rw-r--r--crypto/heimdal/lib/gssapi/release_oid_set.c5
-rw-r--r--crypto/heimdal/lib/gssapi/unwrap.c266
-rw-r--r--crypto/heimdal/lib/gssapi/verify_mic.c191
-rw-r--r--crypto/heimdal/lib/gssapi/wrap.c305
-rw-r--r--crypto/heimdal/lib/hdb/Makefile.am32
-rw-r--r--crypto/heimdal/lib/hdb/Makefile.in312
-rw-r--r--crypto/heimdal/lib/hdb/common.c21
-rw-r--r--crypto/heimdal/lib/hdb/convert_db.c28
-rw-r--r--crypto/heimdal/lib/hdb/db.c24
-rw-r--r--crypto/heimdal/lib/hdb/db3.c310
-rw-r--r--crypto/heimdal/lib/hdb/hdb-ldap.c1344
-rw-r--r--crypto/heimdal/lib/hdb/hdb-private.h12
-rw-r--r--crypto/heimdal/lib/hdb/hdb-protos.h53
-rw-r--r--crypto/heimdal/lib/hdb/hdb.asn16
-rw-r--r--crypto/heimdal/lib/hdb/hdb.c219
-rw-r--r--crypto/heimdal/lib/hdb/hdb.h13
-rw-r--r--crypto/heimdal/lib/hdb/hdb_err.et3
-rw-r--r--crypto/heimdal/lib/hdb/hdb_locl.h6
-rw-r--r--crypto/heimdal/lib/hdb/keytab.c122
-rw-r--r--crypto/heimdal/lib/hdb/mkey.c475
-rw-r--r--crypto/heimdal/lib/hdb/ndbm.c25
-rw-r--r--crypto/heimdal/lib/hdb/print.c50
-rw-r--r--crypto/heimdal/lib/kadm5/ChangeLog201
-rw-r--r--crypto/heimdal/lib/kadm5/Makefile.am112
-rw-r--r--crypto/heimdal/lib/kadm5/Makefile.in458
-rw-r--r--crypto/heimdal/lib/kadm5/acl.c139
-rw-r--r--crypto/heimdal/lib/kadm5/admin.h465
-rw-r--r--crypto/heimdal/lib/kadm5/bump_pw_expire.c59
-rw-r--r--crypto/heimdal/lib/kadm5/chpass_c.c50
-rw-r--r--crypto/heimdal/lib/kadm5/chpass_s.c87
-rw-r--r--crypto/heimdal/lib/kadm5/common_glue.c14
-rw-r--r--crypto/heimdal/lib/kadm5/context_s.c16
-rw-r--r--crypto/heimdal/lib/kadm5/create_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/create_s.c19
-rw-r--r--crypto/heimdal/lib/kadm5/delete_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/delete_s.c8
-rw-r--r--crypto/heimdal/lib/kadm5/destroy_s.c37
-rw-r--r--crypto/heimdal/lib/kadm5/dump_log.c25
-rw-r--r--crypto/heimdal/lib/kadm5/ent_setup.c9
-rw-r--r--crypto/heimdal/lib/kadm5/get_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/get_princs_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/get_s.c24
-rw-r--r--crypto/heimdal/lib/kadm5/init_c.c119
-rw-r--r--crypto/heimdal/lib/kadm5/init_s.c16
-rw-r--r--crypto/heimdal/lib/kadm5/iprop.h15
-rw-r--r--crypto/heimdal/lib/kadm5/ipropd_master.c191
-rw-r--r--crypto/heimdal/lib/kadm5/ipropd_slave.c208
-rw-r--r--crypto/heimdal/lib/kadm5/kadm5-private.h245
-rw-r--r--crypto/heimdal/lib/kadm5/kadm5-protos.h516
-rw-r--r--crypto/heimdal/lib/kadm5/kadm5_locl.h6
-rw-r--r--crypto/heimdal/lib/kadm5/keys.c112
-rw-r--r--crypto/heimdal/lib/kadm5/log.c173
-rw-r--r--crypto/heimdal/lib/kadm5/modify_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/modify_s.c10
-rw-r--r--crypto/heimdal/lib/kadm5/password_quality.c4
-rw-r--r--crypto/heimdal/lib/kadm5/private.h179
-rw-r--r--crypto/heimdal/lib/kadm5/privs_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/randkey_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/randkey_s.c13
-rw-r--r--crypto/heimdal/lib/kadm5/rename_c.c6
-rw-r--r--crypto/heimdal/lib/kadm5/rename_s.c10
-rw-r--r--crypto/heimdal/lib/kadm5/send_recv.c4
-rw-r--r--crypto/heimdal/lib/kadm5/set_keys.c400
-rw-r--r--crypto/heimdal/lib/kadm5/truncate_log.c88
-rw-r--r--crypto/heimdal/lib/kafs/ChangeLog44
-rw-r--r--crypto/heimdal/lib/kafs/Makefile.am4
-rw-r--r--crypto/heimdal/lib/kafs/Makefile.in613
-rw-r--r--crypto/heimdal/lib/kafs/afskrb.c14
-rw-r--r--crypto/heimdal/lib/kafs/afssys.c9
-rw-r--r--crypto/heimdal/lib/kafs/afssysdefs.h12
-rw-r--r--crypto/heimdal/lib/kafs/dlfcn.c4
-rw-r--r--crypto/heimdal/lib/kafs/kafs.357
-rw-r--r--crypto/heimdal/lib/kdfs/ChangeLog11
-rw-r--r--crypto/heimdal/lib/kdfs/Makefile.am10
-rw-r--r--crypto/heimdal/lib/kdfs/Makefile.in557
-rw-r--r--crypto/heimdal/lib/kdfs/k5dfspag.c362
-rw-r--r--crypto/heimdal/lib/krb5/Makefile.am54
-rw-r--r--crypto/heimdal/lib/krb5/Makefile.in716
-rw-r--r--crypto/heimdal/lib/krb5/acl.c189
-rw-r--r--crypto/heimdal/lib/krb5/addr_families.c4
-rw-r--r--crypto/heimdal/lib/krb5/appdefault.c123
-rw-r--r--crypto/heimdal/lib/krb5/auth_context.c114
-rw-r--r--crypto/heimdal/lib/krb5/build_auth.c11
-rw-r--r--crypto/heimdal/lib/krb5/cache.c8
-rw-r--r--crypto/heimdal/lib/krb5/changepw.c93
-rw-r--r--crypto/heimdal/lib/krb5/config_file.c50
-rw-r--r--crypto/heimdal/lib/krb5/constants.c6
-rw-r--r--crypto/heimdal/lib/krb5/context.c49
-rw-r--r--crypto/heimdal/lib/krb5/convert_creds.c28
-rw-r--r--crypto/heimdal/lib/krb5/crc.c6
-rw-r--r--crypto/heimdal/lib/krb5/crypto.c895
-rw-r--r--crypto/heimdal/lib/krb5/eai_to_heim_errno.c69
-rw-r--r--crypto/heimdal/lib/krb5/expand_hostname.c4
-rw-r--r--crypto/heimdal/lib/krb5/fcache.c137
-rw-r--r--crypto/heimdal/lib/krb5/generate_seq_number.c6
-rw-r--r--crypto/heimdal/lib/krb5/get_addrs.c285
-rw-r--r--crypto/heimdal/lib/krb5/get_cred.c60
-rw-r--r--crypto/heimdal/lib/krb5/get_for_creds.c57
-rw-r--r--crypto/heimdal/lib/krb5/get_in_tkt.c46
-rw-r--r--crypto/heimdal/lib/krb5/get_port.c6
-rw-r--r--crypto/heimdal/lib/krb5/heim_err.et20
-rw-r--r--crypto/heimdal/lib/krb5/init_creds.c54
-rw-r--r--crypto/heimdal/lib/krb5/init_creds_pw.c27
-rw-r--r--crypto/heimdal/lib/krb5/kerberos.873
-rw-r--r--crypto/heimdal/lib/krb5/keyblock.c4
-rw-r--r--crypto/heimdal/lib/krb5/keytab_keyfile.c79
-rw-r--r--crypto/heimdal/lib/krb5/keytab_krb4.c8
-rw-r--r--crypto/heimdal/lib/krb5/krb5-private.h3
-rw-r--r--crypto/heimdal/lib/krb5/krb5-protos.h295
-rw-r--r--crypto/heimdal/lib/krb5/krb5.conf.5139
-rw-r--r--crypto/heimdal/lib/krb5/krb5.h107
-rw-r--r--crypto/heimdal/lib/krb5/krb5_425_conv_principal.311
-rw-r--r--crypto/heimdal/lib/krb5/krb5_appdefault.357
-rw-r--r--crypto/heimdal/lib/krb5/krb5_auth_context.3284
-rw-r--r--crypto/heimdal/lib/krb5/krb5_build_principal.312
-rw-r--r--crypto/heimdal/lib/krb5/krb5_config.371
-rw-r--r--crypto/heimdal/lib/krb5/krb5_context.320
-rw-r--r--crypto/heimdal/lib/krb5/krb5_create_checksum.38
-rw-r--r--crypto/heimdal/lib/krb5/krb5_crypto_init.36
-rw-r--r--crypto/heimdal/lib/krb5/krb5_encrypt.38
-rw-r--r--crypto/heimdal/lib/krb5/krb5_err.et26
-rw-r--r--crypto/heimdal/lib/krb5/krb5_free_principal.37
-rw-r--r--crypto/heimdal/lib/krb5/krb5_init_context.338
-rw-r--r--crypto/heimdal/lib/krb5/krb5_locl.h24
-rw-r--r--crypto/heimdal/lib/krb5/krb5_openlog.325
-rw-r--r--crypto/heimdal/lib/krb5/krb5_parse_name.36
-rw-r--r--crypto/heimdal/lib/krb5/krb5_sname_to_principal.38
-rw-r--r--crypto/heimdal/lib/krb5/krb5_unparse_name.38
-rw-r--r--crypto/heimdal/lib/krb5/krb5_warn.314
-rw-r--r--crypto/heimdal/lib/krb5/krbhst.c38
-rw-r--r--crypto/heimdal/lib/krb5/log.c18
-rw-r--r--crypto/heimdal/lib/krb5/mcache.c163
-rw-r--r--crypto/heimdal/lib/krb5/mk_priv.c17
-rw-r--r--crypto/heimdal/lib/krb5/mk_rep.c28
-rw-r--r--crypto/heimdal/lib/krb5/mk_req.c78
-rw-r--r--crypto/heimdal/lib/krb5/mk_req_ext.c25
-rw-r--r--crypto/heimdal/lib/krb5/mk_safe.c20
-rw-r--r--crypto/heimdal/lib/krb5/principal.c93
-rw-r--r--crypto/heimdal/lib/krb5/prog_setup.c10
-rw-r--r--crypto/heimdal/lib/krb5/rd_cred.c142
-rw-r--r--crypto/heimdal/lib/krb5/rd_priv.c26
-rw-r--r--crypto/heimdal/lib/krb5/rd_rep.c6
-rw-r--r--crypto/heimdal/lib/krb5/rd_req.c103
-rw-r--r--crypto/heimdal/lib/krb5/rd_safe.c21
-rw-r--r--crypto/heimdal/lib/krb5/read_message.c42
-rw-r--r--crypto/heimdal/lib/krb5/recvauth.c6
-rw-r--r--crypto/heimdal/lib/krb5/replay.c57
-rw-r--r--crypto/heimdal/lib/krb5/send_to_kdc.c77
-rw-r--r--crypto/heimdal/lib/krb5/sock_principal.c20
-rw-r--r--crypto/heimdal/lib/krb5/store.c53
-rw-r--r--crypto/heimdal/lib/krb5/store_emem.c6
-rw-r--r--crypto/heimdal/lib/krb5/store_fd.c10
-rw-r--r--crypto/heimdal/lib/krb5/store_mem.c6
-rw-r--r--crypto/heimdal/lib/krb5/string-to-key-test.c11
-rw-r--r--crypto/heimdal/lib/krb5/test_get_addrs.c78
-rw-r--r--crypto/heimdal/lib/krb5/time.c15
-rw-r--r--crypto/heimdal/lib/krb5/verify_krb5_conf.833
-rw-r--r--crypto/heimdal/lib/krb5/verify_user.c10
-rw-r--r--crypto/heimdal/lib/krb5/warn.c5
-rw-r--r--crypto/heimdal/lib/krb5/write_message.c40
-rw-r--r--crypto/heimdal/lib/roken/ChangeLog261
-rw-r--r--crypto/heimdal/lib/roken/Makefile.am114
-rw-r--r--crypto/heimdal/lib/roken/Makefile.in796
-rw-r--r--crypto/heimdal/lib/roken/acconfig.h36
-rw-r--r--crypto/heimdal/lib/roken/acinclude.m49
-rw-r--r--crypto/heimdal/lib/roken/config.h.in1
-rw-r--r--crypto/heimdal/lib/roken/environment.c103
-rw-r--r--crypto/heimdal/lib/roken/err.hin68
-rw-r--r--crypto/heimdal/lib/roken/esetenv.c48
-rw-r--r--crypto/heimdal/lib/roken/fnmatch.hin49
-rw-r--r--crypto/heimdal/lib/roken/getaddrinfo-test.c6
-rw-r--r--crypto/heimdal/lib/roken/getaddrinfo.c51
-rw-r--r--crypto/heimdal/lib/roken/getaddrinfo_hostspec.c25
-rw-r--r--crypto/heimdal/lib/roken/getarg.318
-rw-r--r--crypto/heimdal/lib/roken/getarg.c13
-rw-r--r--crypto/heimdal/lib/roken/getifaddrs.c271
-rw-r--r--crypto/heimdal/lib/roken/getnameinfo_verified.c9
-rw-r--r--crypto/heimdal/lib/roken/getusershell.c147
-rw-r--r--crypto/heimdal/lib/roken/glob.hin84
-rw-r--r--crypto/heimdal/lib/roken/ifaddrs.hin64
-rw-r--r--crypto/heimdal/lib/roken/inet_ntop.c19
-rw-r--r--crypto/heimdal/lib/roken/inet_pton.c21
-rwxr-xr-xcrypto/heimdal/lib/roken/install-sh251
-rw-r--r--crypto/heimdal/lib/roken/make-print-version.c6
-rw-r--r--crypto/heimdal/lib/roken/mini_inetd.c32
-rwxr-xr-xcrypto/heimdal/lib/roken/missing190
-rwxr-xr-xcrypto/heimdal/lib/roken/mkinstalldirs40
-rw-r--r--crypto/heimdal/lib/roken/print_version.c6
-rw-r--r--crypto/heimdal/lib/roken/putenv.c24
-rw-r--r--crypto/heimdal/lib/roken/resolve.c128
-rw-r--r--crypto/heimdal/lib/roken/resolve.h47
-rw-r--r--crypto/heimdal/lib/roken/roken-common.h44
-rw-r--r--crypto/heimdal/lib/roken/roken.awk6
-rw-r--r--crypto/heimdal/lib/roken/roken.h.in41
-rw-r--r--crypto/heimdal/lib/roken/rtbl.c278
-rw-r--r--crypto/heimdal/lib/roken/rtbl.h57
-rw-r--r--crypto/heimdal/lib/roken/signal.c7
-rw-r--r--crypto/heimdal/lib/roken/simple_exec.c19
-rw-r--r--crypto/heimdal/lib/roken/snprintf.c49
-rw-r--r--crypto/heimdal/lib/roken/socket.c24
-rw-r--r--crypto/heimdal/lib/roken/strftime.c4
-rw-r--r--crypto/heimdal/lib/roken/strsep_copy.c67
-rw-r--r--crypto/heimdal/lib/roken/timeval.c84
-rw-r--r--crypto/heimdal/lib/roken/unvis.c288
-rw-r--r--crypto/heimdal/lib/roken/verr.c7
-rw-r--r--crypto/heimdal/lib/roken/verrx.c7
-rw-r--r--crypto/heimdal/lib/roken/vis.c301
-rw-r--r--crypto/heimdal/lib/roken/vis.hin86
-rw-r--r--crypto/heimdal/lib/roken/vsyslog.c72
-rw-r--r--crypto/heimdal/lib/roken/vwarn.c7
-rw-r--r--crypto/heimdal/lib/roken/vwarnx.c7
-rw-r--r--crypto/heimdal/lib/roken/warnerr.c8
-rw-r--r--crypto/heimdal/lib/roken/write_pid.c95
-rw-r--r--crypto/heimdal/lib/roken/xdbm.h8
-rw-r--r--crypto/heimdal/lib/sl/ChangeLog46
-rw-r--r--crypto/heimdal/lib/sl/Makefile.am15
-rw-r--r--crypto/heimdal/lib/sl/Makefile.in388
-rw-r--r--crypto/heimdal/lib/sl/lex.l15
-rw-r--r--crypto/heimdal/lib/sl/make_cmds.h11
-rw-r--r--crypto/heimdal/lib/sl/parse.y9
-rw-r--r--crypto/heimdal/lib/sl/roken_rename.h7
-rw-r--r--crypto/heimdal/lib/sl/sl.c133
-rw-r--r--crypto/heimdal/lib/sl/sl.h11
-rw-r--r--crypto/heimdal/lib/sl/ss.c49
-rw-r--r--crypto/heimdal/lib/sl/ss.h6
-rw-r--r--crypto/heimdal/lib/vers/ChangeLog13
-rw-r--r--crypto/heimdal/lib/vers/Makefile.am28
-rw-r--r--crypto/heimdal/lib/vers/Makefile.in574
-rw-r--r--crypto/heimdal/lib/vers/make-print-version.c68
-rw-r--r--crypto/heimdal/lib/vers/print_version.c78
-rw-r--r--crypto/heimdal/lib/vers/vers.h41
303 files changed, 21907 insertions, 6820 deletions
diff --git a/crypto/heimdal/lib/45/Makefile.in b/crypto/heimdal/lib/45/Makefile.in
index 9b0c7fcd68c4..66dfc0f4ec65 100644
--- a/crypto/heimdal/lib/45/Makefile.in
+++ b/crypto/heimdal/lib/45/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.5 1999/03/20 13:58:17 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.5 1999/03/20 13:58:17 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4)
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
@@ -178,6 +192,7 @@ lib_LIBRARIES = @EXTRA_LIB45@
EXTRA_LIBRARIES = lib45.a
lib45_a_SOURCES = get_ad_tkt.c mk_req.c 45_locl.h
+subdir = lib/45
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -187,32 +202,34 @@ LIBRARIES = $(lib_LIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
+lib45_a_AR = $(AR) cru
lib45_a_LIBADD =
-lib45_a_OBJECTS = get_ad_tkt.$(OBJEXT) mk_req.$(OBJEXT)
+am_lib45_a_OBJECTS = get_ad_tkt.$(OBJEXT) mk_req.$(OBJEXT)
+lib45_a_OBJECTS = $(am_lib45_a_OBJECTS)
AR = ar
-CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(lib45_a_SOURCES)
+depcomp =
DIST_COMMON = Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
SOURCES = $(lib45_a_SOURCES)
-OBJECTS = $(lib45_a_OBJECTS)
+OBJECTS = $(am_lib45_a_OBJECTS)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/45/Makefile
@@ -249,24 +266,11 @@ install-libLIBRARIES: $(lib_LIBRARIES)
uninstall-libLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LIBRARIES)'; for p in $$list; do \
+ echo " rm -f $(DESTDIR)$(libdir)/$$p"; \
rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -278,15 +282,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -299,28 +294,38 @@ maintainer-clean-libtool:
lib45.a: $(lib45_a_OBJECTS) $(lib45_a_DEPENDENCIES)
-rm -f lib45.a
- $(AR) cru lib45.a $(lib45_a_OBJECTS) $(lib45_a_LIBADD)
+ $(lib45_a_AR) lib45.a $(lib45_a_OBJECTS) $(lib45_a_LIBADD)
$(RANLIB) lib45.a
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -333,17 +338,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/45
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -372,7 +376,7 @@ uninstall: uninstall-am
all-am: Makefile $(LIBRARIES) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libdir)
@@ -386,6 +390,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-libLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-tags \
mostlyclean-generic
@@ -422,8 +427,8 @@ mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \
distdir info-am info dvi-am dvi check-local check check-am \
installcheck-am installcheck install-exec-am install-exec \
install-data-local install-data-am install-data install-am install \
-uninstall-am uninstall all-local all-redirect all-am all installdirs \
-mostlyclean-generic distclean-generic clean-generic \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
+installdirs mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
@@ -432,7 +437,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -444,8 +452,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -514,87 +522,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/45/mk_req.c b/crypto/heimdal/lib/45/mk_req.c
index 7074ebf97b4e..db909c2e7634 100644
--- a/crypto/heimdal/lib/45/mk_req.c
+++ b/crypto/heimdal/lib/45/mk_req.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -35,12 +35,13 @@
#include "45_locl.h"
-RCSID("$Id: mk_req.c,v 1.2 1999/12/02 17:05:01 joda Exp $");
+RCSID("$Id: mk_req.c,v 1.6 2000/04/11 00:49:35 assar Exp $");
static int lifetime = 255;
static void
-build_request(KTEXT req, char *name, char *inst, char *realm,
+build_request(KTEXT req,
+ const char *name, const char *inst, const char *realm,
u_int32_t checksum)
{
struct timeval tv;
@@ -61,20 +62,31 @@ build_request(KTEXT req, char *name, char *inst, char *realm,
krb5_data_free(&data);
}
+#ifdef KRB_MK_REQ_CONST
int
-krb_mk_req(KTEXT authent, char *service, char *instance, char *realm,
+krb_mk_req(KTEXT authent,
+ const char *service, const char *instance, const char *realm,
int32_t checksum)
+#else
+int
+krb_mk_req(KTEXT authent,
+ char *service, char *instance, char *realm,
+ int32_t checksum)
+
+#endif
{
CREDENTIALS cr;
KTEXT_ST req;
krb5_storage *sp;
int code;
- char *myrealm;
+ /* XXX get user realm */
+ const char *myrealm = realm;
krb5_data a;
code = krb_get_cred(service, instance, realm, &cr);
if(code || time(NULL) > krb_life_to_time(cr.issue_date, cr.lifetime)){
- code = get_ad_tkt(service, instance, realm, lifetime);
+ code = get_ad_tkt((char *)service,
+ (char *)instance, (char *)realm, lifetime);
if(code == KSUCCESS)
code = krb_get_cred(service, instance, realm, &cr);
}
@@ -82,9 +94,6 @@ krb_mk_req(KTEXT authent, char *service, char *instance, char *realm,
if(code)
return code;
- /* XXX get user realm */
- myrealm = realm;
-
sp = krb5_storage_emem();
krb5_store_int8(sp, KRB_PROT_VERSION);
diff --git a/crypto/heimdal/lib/Makefile.am b/crypto/heimdal/lib/Makefile.am
index c600c22ecdc4..ed228d12cdb2 100644
--- a/crypto/heimdal/lib/Makefile.am
+++ b/crypto/heimdal/lib/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.16 1999/04/01 15:03:37 joda Exp $
+# $Id: Makefile.am,v 1.21 2000/11/15 23:11:05 assar Exp $
include $(top_srcdir)/Makefile.am.common
@@ -8,6 +8,9 @@ endif
if OTP
dir_otp = otp
endif
+if DCE
+dir_dce = kdfs
+endif
-SUBDIRS = roken editline com_err sl asn1 des krb5 \
- kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp)
+SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \
+ kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) $(dir_dce)
diff --git a/crypto/heimdal/lib/Makefile.in b/crypto/heimdal/lib/Makefile.in
index 4c8aa71cf274..22a350f33438 100644
--- a/crypto/heimdal/lib/Makefile.in
+++ b/crypto/heimdal/lib/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.16 1999/04/01 15:03:37 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.21 2000/11/15 23:11:05 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,32 +170,31 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
-@KRB4_TRUE@dir_45 = 45
-@OTP_TRUE@dir_otp = otp
+@KRB4_TRUE@dir_45 = @KRB4_TRUE@45
+@OTP_TRUE@dir_otp = @OTP_TRUE@otp
+@DCE_TRUE@dir_dce = @DCE_TRUE@kdfs
-SUBDIRS = roken editline com_err sl asn1 des krb5 kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp)
+SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \
+ kafs hdb kadm5 gssapi auth $(dir_45) $(dir_otp) $(dir_dce)
+subdir = lib
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../include/config.h
CONFIG_CLEAN_FILES =
@@ -185,16 +202,17 @@ CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES =
+depcomp =
DIST_COMMON = Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
-DIST_SUBDIRS = roken editline com_err sl asn1 des krb5 kafs hdb kadm5 \
-gssapi auth 45 otp
+DIST_SUBDIRS = @DIR_roken@ vers editline com_err sl asn1 @DIR_des@ krb5 \
+kafs hdb kadm5 gssapi auth 45 otp kdfs
all: all-redirect
.SUFFIXES:
.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x
@@ -213,8 +231,6 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
# (which will cause the Makefiles to be regenerated when you run `make');
# (2) otherwise, pass the desired values on the `make' command line.
-@SET_MAKE@
-
all-recursive install-data-recursive install-exec-recursive \
installdirs-recursive install-recursive uninstall-recursive \
check-recursive installcheck-recursive info-recursive dvi-recursive:
@@ -242,7 +258,7 @@ maintainer-clean-recursive:
dot_seen=no; \
rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \
rev="$$subdir $$rev"; \
- test "$$subdir" = "." && dot_seen=yes; \
+ if test "$$subdir" = "."; then dot_seen=yes; else :; fi; \
done; \
test "$$dot_seen" = "no" && rev=". $$rev"; \
target=`echo $@ | sed s/-recursive//`; \
@@ -263,15 +279,17 @@ tags-recursive:
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SUBDIRS)'; for subdir in $$list; do \
@@ -279,12 +297,14 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \
fi; \
done; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -297,17 +317,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
for subdir in $(DIST_SUBDIRS); do \
@@ -315,7 +334,6 @@ distdir: $(DISTFILES)
test -d $(distdir)/$$subdir \
|| mkdir $(distdir)/$$subdir \
|| exit 1; \
- chmod 777 $(distdir)/$$subdir; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \
|| exit 1; \
fi; \
@@ -346,7 +364,7 @@ uninstall: uninstall-recursive
all-am: Makefile all-local
all-redirect: all-recursive
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs: installdirs-recursive
installdirs-am:
@@ -360,6 +378,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-tags mostlyclean-generic
mostlyclean: mostlyclean-recursive
@@ -380,19 +399,19 @@ maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \
maintainer-clean: maintainer-clean-recursive
-.PHONY: install-data-recursive uninstall-data-recursive \
-install-exec-recursive uninstall-exec-recursive installdirs-recursive \
-uninstalldirs-recursive all-recursive check-recursive \
-installcheck-recursive info-recursive dvi-recursive \
-mostlyclean-recursive distclean-recursive clean-recursive \
+.PHONY: install-recursive uninstall-recursive install-data-recursive \
+uninstall-data-recursive install-exec-recursive \
+uninstall-exec-recursive installdirs-recursive uninstalldirs-recursive \
+all-recursive check-recursive installcheck-recursive info-recursive \
+dvi-recursive mostlyclean-recursive distclean-recursive clean-recursive \
maintainer-clean-recursive tags tags-recursive mostlyclean-tags \
distclean-tags clean-tags maintainer-clean-tags distdir info-am info \
dvi-am dvi check-local check check-am installcheck-am installcheck \
install-exec-am install-exec install-data-local install-data-am \
install-data install-am install uninstall-am uninstall all-local \
-all-redirect all-am all installdirs-am installdirs mostlyclean-generic \
-distclean-generic clean-generic maintainer-clean-generic clean \
-mostlyclean distclean maintainer-clean
+all-redirect all-am all install-strip installdirs-am installdirs \
+mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
install-suid-programs:
@@ -400,7 +419,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -412,8 +434,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -482,87 +504,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/asn1/Makefile.am b/crypto/heimdal/lib/asn1/Makefile.am
index 97fb2bbd6ef5..8f894411c761 100644
--- a/crypto/heimdal/lib/asn1/Makefile.am
+++ b/crypto/heimdal/lib/asn1/Makefile.am
@@ -1,62 +1,67 @@
-# $Id: Makefile.am,v 1.54 1999/12/21 17:03:42 assar Exp $
+# $Id: Makefile.am,v 1.59 2001/01/30 01:46:53 assar Exp $
include $(top_srcdir)/Makefile.am.common
YFLAGS = -d
lib_LTLIBRARIES = libasn1.la
-libasn1_la_LDFLAGS = -version-info 1:4:0
+libasn1_la_LDFLAGS = -version-info 4:0:2
BUILT_SOURCES = \
$(gen_files:.x=.c) \
asn1_err.h \
asn1_err.c
-gen_files = \
- asn1_APOptions.x \
- asn1_AP_REP.x \
- asn1_AP_REQ.x \
- asn1_AS_REP.x \
- asn1_AS_REQ.x \
- asn1_Authenticator.x \
- asn1_AuthorizationData.x \
- asn1_Checksum.x \
- asn1_EncAPRepPart.x \
- asn1_EncASRepPart.x \
- asn1_EncKDCRepPart.x \
- asn1_EncKrbCredPart.x \
- asn1_EncKrbPrivPart.x \
- asn1_EncTGSRepPart.x \
- asn1_EncTicketPart.x \
- asn1_EncryptedData.x \
- asn1_EncryptionKey.x \
- asn1_ETYPE_INFO.x \
- asn1_ETYPE_INFO_ENTRY.x \
- asn1_HostAddress.x \
- asn1_HostAddresses.x \
- asn1_KDCOptions.x \
- asn1_KDC_REP.x \
- asn1_KDC_REQ.x \
- asn1_KDC_REQ_BODY.x \
- asn1_KRB_CRED.x \
- asn1_KRB_ERROR.x \
- asn1_KRB_PRIV.x \
- asn1_KRB_SAFE.x \
- asn1_KRB_SAFE_BODY.x \
- asn1_KerberosTime.x \
- asn1_KrbCredInfo.x \
- asn1_LastReq.x \
- asn1_METHOD_DATA.x \
- asn1_PA_DATA.x \
- asn1_PA_ENC_TS_ENC.x \
- asn1_Principal.x \
- asn1_PrincipalName.x \
- asn1_Realm.x \
- asn1_TGS_REP.x \
- asn1_TGS_REQ.x \
- asn1_Ticket.x \
- asn1_TicketFlags.x \
- asn1_TransitedEncoding.x
+gen_files = \
+ asn1_APOptions.x \
+ asn1_AP_REP.x \
+ asn1_AP_REQ.x \
+ asn1_AS_REP.x \
+ asn1_AS_REQ.x \
+ asn1_Authenticator.x \
+ asn1_AuthorizationData.x \
+ asn1_CKSUMTYPE.x \
+ asn1_Checksum.x \
+ asn1_ETYPE_INFO.x \
+ asn1_ETYPE_INFO_ENTRY.x \
+ asn1_EncAPRepPart.x \
+ asn1_EncASRepPart.x \
+ asn1_EncKDCRepPart.x \
+ asn1_EncKrbCredPart.x \
+ asn1_EncKrbPrivPart.x \
+ asn1_EncTGSRepPart.x \
+ asn1_EncTicketPart.x \
+ asn1_EncryptedData.x \
+ asn1_EncryptionKey.x \
+ asn1_HostAddress.x \
+ asn1_HostAddresses.x \
+ asn1_KDCOptions.x \
+ asn1_KDC_REP.x \
+ asn1_KDC_REQ.x \
+ asn1_KDC_REQ_BODY.x \
+ asn1_KRB_CRED.x \
+ asn1_KRB_ERROR.x \
+ asn1_KRB_PRIV.x \
+ asn1_KRB_SAFE.x \
+ asn1_KRB_SAFE_BODY.x \
+ asn1_KerberosTime.x \
+ asn1_KrbCredInfo.x \
+ asn1_LastReq.x \
+ asn1_MESSAGE_TYPE.x \
+ asn1_METHOD_DATA.x \
+ asn1_NAME_TYPE.x \
+ asn1_PADATA_TYPE.x \
+ asn1_PA_DATA.x \
+ asn1_PA_ENC_TS_ENC.x \
+ asn1_Principal.x \
+ asn1_PrincipalName.x \
+ asn1_Realm.x \
+ asn1_TGS_REP.x \
+ asn1_TGS_REQ.x \
+ asn1_Ticket.x \
+ asn1_TicketFlags.x \
+ asn1_TransitedEncoding.x \
+ asn1_UNSIGNED.x
noinst_PROGRAMS = asn1_compile asn1_print
diff --git a/crypto/heimdal/lib/asn1/Makefile.in b/crypto/heimdal/lib/asn1/Makefile.in
index 25acf1a3f901..7652c107653f 100644
--- a/crypto/heimdal/lib/asn1/Makefile.in
+++ b/crypto/heimdal/lib/asn1/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.54 1999/12/21 17:03:42 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.59 2001/01/30 01:46:53 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,36 +170,84 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
YFLAGS = -d
lib_LTLIBRARIES = libasn1.la
-libasn1_la_LDFLAGS = -version-info 1:4:0
-
-BUILT_SOURCES = $(gen_files:.x=.c) asn1_err.h asn1_err.c
-
-
-gen_files = asn1_APOptions.x asn1_AP_REP.x asn1_AP_REQ.x asn1_AS_REP.x asn1_AS_REQ.x asn1_Authenticator.x asn1_AuthorizationData.x asn1_Checksum.x asn1_EncAPRepPart.x asn1_EncASRepPart.x asn1_EncKDCRepPart.x asn1_EncKrbCredPart.x asn1_EncKrbPrivPart.x asn1_EncTGSRepPart.x asn1_EncTicketPart.x asn1_EncryptedData.x asn1_EncryptionKey.x asn1_ETYPE_INFO.x asn1_ETYPE_INFO_ENTRY.x asn1_HostAddress.x asn1_HostAddresses.x asn1_KDCOptions.x asn1_KDC_REP.x asn1_KDC_REQ.x asn1_KDC_REQ_BODY.x asn1_KRB_CRED.x asn1_KRB_ERROR.x asn1_KRB_PRIV.x asn1_KRB_SAFE.x asn1_KRB_SAFE_BODY.x asn1_KerberosTime.x asn1_KrbCredInfo.x asn1_LastReq.x asn1_METHOD_DATA.x asn1_PA_DATA.x asn1_PA_ENC_TS_ENC.x asn1_Principal.x asn1_PrincipalName.x asn1_Realm.x asn1_TGS_REP.x asn1_TGS_REQ.x asn1_Ticket.x asn1_TicketFlags.x asn1_TransitedEncoding.x
+libasn1_la_LDFLAGS = -version-info 4:0:2
+
+BUILT_SOURCES = \
+ $(gen_files:.x=.c) \
+ asn1_err.h \
+ asn1_err.c
+
+
+gen_files = \
+ asn1_APOptions.x \
+ asn1_AP_REP.x \
+ asn1_AP_REQ.x \
+ asn1_AS_REP.x \
+ asn1_AS_REQ.x \
+ asn1_Authenticator.x \
+ asn1_AuthorizationData.x \
+ asn1_CKSUMTYPE.x \
+ asn1_Checksum.x \
+ asn1_ETYPE_INFO.x \
+ asn1_ETYPE_INFO_ENTRY.x \
+ asn1_EncAPRepPart.x \
+ asn1_EncASRepPart.x \
+ asn1_EncKDCRepPart.x \
+ asn1_EncKrbCredPart.x \
+ asn1_EncKrbPrivPart.x \
+ asn1_EncTGSRepPart.x \
+ asn1_EncTicketPart.x \
+ asn1_EncryptedData.x \
+ asn1_EncryptionKey.x \
+ asn1_HostAddress.x \
+ asn1_HostAddresses.x \
+ asn1_KDCOptions.x \
+ asn1_KDC_REP.x \
+ asn1_KDC_REQ.x \
+ asn1_KDC_REQ_BODY.x \
+ asn1_KRB_CRED.x \
+ asn1_KRB_ERROR.x \
+ asn1_KRB_PRIV.x \
+ asn1_KRB_SAFE.x \
+ asn1_KRB_SAFE_BODY.x \
+ asn1_KerberosTime.x \
+ asn1_KrbCredInfo.x \
+ asn1_LastReq.x \
+ asn1_MESSAGE_TYPE.x \
+ asn1_METHOD_DATA.x \
+ asn1_NAME_TYPE.x \
+ asn1_PADATA_TYPE.x \
+ asn1_PA_DATA.x \
+ asn1_PA_ENC_TS_ENC.x \
+ asn1_Principal.x \
+ asn1_PrincipalName.x \
+ asn1_Realm.x \
+ asn1_TGS_REP.x \
+ asn1_TGS_REQ.x \
+ asn1_Ticket.x \
+ asn1_TicketFlags.x \
+ asn1_TransitedEncoding.x \
+ asn1_UNSIGNED.x
noinst_PROGRAMS = asn1_compile asn1_print
@@ -189,26 +255,41 @@ check_PROGRAMS = check-der
TESTS = check-der
-asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c gen_glue.c
+asn1_compile_SOURCES = parse.y lex.l main.c hash.c symbol.c gen.c \
+ gen_encode.c gen_decode.c gen_free.c gen_length.c gen_copy.c \
+ gen_glue.c
-libasn1_la_SOURCES = der_get.c der_put.c der_free.c der_length.c der_copy.c timegm.c $(BUILT_SOURCES)
+libasn1_la_SOURCES = \
+ der_get.c \
+ der_put.c \
+ der_free.c \
+ der_length.c \
+ der_copy.c \
+ timegm.c \
+ $(BUILT_SOURCES)
-asn1_compile_LDADD = $(LIB_roken) $(LEXLIB)
+asn1_compile_LDADD = \
+ $(LIB_roken) $(LEXLIB)
-check_der_LDADD = libasn1.la ../com_err/libcom_err.la $(LIB_roken)
+check_der_LDADD = \
+ libasn1.la \
+ ../com_err/libcom_err.la \
+ $(LIB_roken)
asn1_print_LDADD = $(check_der_LDADD)
-CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) $(gen_files) asn1_files
+CLEANFILES = lex.c parse.c parse.h asn1.h $(BUILT_SOURCES) \
+ $(gen_files) asn1_files
include_HEADERS = asn1.h asn1_err.h der.h
EXTRA_DIST = asn1_err.et
+subdir = lib/asn1
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -218,66 +299,72 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
libasn1_la_LIBADD =
-libasn1_la_OBJECTS = der_get.lo der_put.lo der_free.lo der_length.lo \
+am_libasn1_la_OBJECTS = der_get.lo der_put.lo der_free.lo der_length.lo \
der_copy.lo timegm.lo asn1_APOptions.lo asn1_AP_REP.lo asn1_AP_REQ.lo \
asn1_AS_REP.lo asn1_AS_REQ.lo asn1_Authenticator.lo \
-asn1_AuthorizationData.lo asn1_Checksum.lo asn1_EncAPRepPart.lo \
+asn1_AuthorizationData.lo asn1_CKSUMTYPE.lo asn1_Checksum.lo \
+asn1_ETYPE_INFO.lo asn1_ETYPE_INFO_ENTRY.lo asn1_EncAPRepPart.lo \
asn1_EncASRepPart.lo asn1_EncKDCRepPart.lo asn1_EncKrbCredPart.lo \
asn1_EncKrbPrivPart.lo asn1_EncTGSRepPart.lo asn1_EncTicketPart.lo \
-asn1_EncryptedData.lo asn1_EncryptionKey.lo asn1_ETYPE_INFO.lo \
-asn1_ETYPE_INFO_ENTRY.lo asn1_HostAddress.lo asn1_HostAddresses.lo \
-asn1_KDCOptions.lo asn1_KDC_REP.lo asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo \
-asn1_KRB_CRED.lo asn1_KRB_ERROR.lo asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo \
-asn1_KRB_SAFE_BODY.lo asn1_KerberosTime.lo asn1_KrbCredInfo.lo \
-asn1_LastReq.lo asn1_METHOD_DATA.lo asn1_PA_DATA.lo \
-asn1_PA_ENC_TS_ENC.lo asn1_Principal.lo asn1_PrincipalName.lo \
-asn1_Realm.lo asn1_TGS_REP.lo asn1_TGS_REQ.lo asn1_Ticket.lo \
-asn1_TicketFlags.lo asn1_TransitedEncoding.lo asn1_err.lo
+asn1_EncryptedData.lo asn1_EncryptionKey.lo asn1_HostAddress.lo \
+asn1_HostAddresses.lo asn1_KDCOptions.lo asn1_KDC_REP.lo \
+asn1_KDC_REQ.lo asn1_KDC_REQ_BODY.lo asn1_KRB_CRED.lo asn1_KRB_ERROR.lo \
+asn1_KRB_PRIV.lo asn1_KRB_SAFE.lo asn1_KRB_SAFE_BODY.lo \
+asn1_KerberosTime.lo asn1_KrbCredInfo.lo asn1_LastReq.lo \
+asn1_MESSAGE_TYPE.lo asn1_METHOD_DATA.lo asn1_NAME_TYPE.lo \
+asn1_PADATA_TYPE.lo asn1_PA_DATA.lo asn1_PA_ENC_TS_ENC.lo \
+asn1_Principal.lo asn1_PrincipalName.lo asn1_Realm.lo asn1_TGS_REP.lo \
+asn1_TGS_REQ.lo asn1_Ticket.lo asn1_TicketFlags.lo \
+asn1_TransitedEncoding.lo asn1_UNSIGNED.lo asn1_err.lo
+libasn1_la_OBJECTS = $(am_libasn1_la_OBJECTS)
check_PROGRAMS = check-der$(EXEEXT)
noinst_PROGRAMS = asn1_compile$(EXEEXT) asn1_print$(EXEEXT)
PROGRAMS = $(noinst_PROGRAMS)
-check_der_SOURCES = check-der.c
-check_der_OBJECTS = check-der.$(OBJEXT)
-check_der_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la
-check_der_LDFLAGS =
-asn1_compile_OBJECTS = parse.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) \
+am_asn1_compile_OBJECTS = parse.$(OBJEXT) lex.$(OBJEXT) main.$(OBJEXT) \
hash.$(OBJEXT) symbol.$(OBJEXT) gen.$(OBJEXT) gen_encode.$(OBJEXT) \
gen_decode.$(OBJEXT) gen_free.$(OBJEXT) gen_length.$(OBJEXT) \
gen_copy.$(OBJEXT) gen_glue.$(OBJEXT)
+asn1_compile_OBJECTS = $(am_asn1_compile_OBJECTS)
asn1_compile_DEPENDENCIES =
asn1_compile_LDFLAGS =
asn1_print_SOURCES = asn1_print.c
asn1_print_OBJECTS = asn1_print.$(OBJEXT)
asn1_print_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la
asn1_print_LDFLAGS =
-LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
-CFLAGS = @CFLAGS@
+check_der_SOURCES = check-der.c
+check_der_OBJECTS = check-der.$(OBJEXT)
+check_der_DEPENDENCIES = libasn1.la ../com_err/libcom_err.la
+check_der_LDFLAGS =
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libasn1_la_SOURCES) $(asn1_compile_SOURCES) \
+asn1_print.c check-der.c
HEADERS = $(include_HEADERS)
-DIST_COMMON = Makefile.am Makefile.in lex.c parse.c
+depcomp =
+DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in lex.c parse.c \
+parse.h
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
-SOURCES = $(libasn1_la_SOURCES) check-der.c $(asn1_compile_SOURCES) asn1_print.c
-OBJECTS = $(libasn1_la_OBJECTS) check-der.$(OBJEXT) $(asn1_compile_OBJECTS) asn1_print.$(OBJEXT)
+SOURCES = $(libasn1_la_SOURCES) $(asn1_compile_SOURCES) asn1_print.c check-der.c
+OBJECTS = $(am_libasn1_la_OBJECTS) $(am_asn1_compile_OBJECTS) asn1_print.$(OBJEXT) check-der.$(OBJEXT)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .s .x .y
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/asn1/Makefile
@@ -300,31 +387,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -336,15 +410,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -376,10 +441,6 @@ distclean-noinstPROGRAMS:
maintainer-clean-noinstPROGRAMS:
-check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES)
- @rm -f check-der$(EXEEXT)
- $(LINK) $(check_der_LDFLAGS) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS)
-
asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES)
@rm -f asn1_compile$(EXEEXT)
$(LINK) $(asn1_compile_LDFLAGS) $(asn1_compile_OBJECTS) $(asn1_compile_LDADD) $(LIBS)
@@ -387,6 +448,16 @@ asn1_compile$(EXEEXT): $(asn1_compile_OBJECTS) $(asn1_compile_DEPENDENCIES)
asn1_print$(EXEEXT): $(asn1_print_OBJECTS) $(asn1_print_DEPENDENCIES)
@rm -f asn1_print$(EXEEXT)
$(LINK) $(asn1_print_LDFLAGS) $(asn1_print_OBJECTS) $(asn1_print_LDADD) $(LIBS)
+
+check-der$(EXEEXT): $(check_der_OBJECTS) $(check_der_DEPENDENCIES)
+ @rm -f check-der$(EXEEXT)
+ $(LINK) $(check_der_LDFLAGS) $(check_der_OBJECTS) $(check_der_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
.l.c:
$(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@
.y.c:
@@ -402,35 +473,42 @@ install-includeHEADERS: $(include_HEADERS)
$(mkinstalldirs) $(DESTDIR)$(includedir)
@list='$(include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
done
uninstall-includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(includedir)/$$p; \
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -440,48 +518,76 @@ distclean-tags:
-rm -f TAGS ID
maintainer-clean-tags:
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; \
+ srcdir=$(srcdir); export srcdir; \
+ list='$(TESTS)'; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *" $$tst "*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *" $$tst "*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/asn1
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
-check-TESTS: $(TESTS)
- @failed=0; all=0; \
- srcdir=$(srcdir); export srcdir; \
- for tst in $(TESTS); do \
- if test -f $$tst; then dir=.; \
- else dir="$(srcdir)"; fi; \
- if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \
- all=`expr $$all + 1`; \
- echo "PASS: $$tst"; \
- elif test $$? -ne 77; then \
- all=`expr $$all + 1`; \
- failed=`expr $$failed + 1`; \
- echo "FAIL: $$tst"; \
- fi; \
- done; \
- if test "$$failed" -eq 0; then \
- banner="All $$all tests passed"; \
- else \
- banner="$$failed of $$all tests failed"; \
- fi; \
- dashes=`echo "$$banner" | sed s/./=/g`; \
- echo "$$dashes"; \
- echo "$$banner"; \
- echo "$$dashes"; \
- test "$$failed" -eq 0
info-am:
info: info-am
dvi-am:
@@ -508,7 +614,7 @@ uninstall: uninstall-am
all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir)
@@ -523,7 +629,8 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
- -test -z "lexlparsehparsec$(BUILT_SOURCES)" || rm -f lexl parseh parsec $(BUILT_SOURCES)
+ -rm -f Makefile.in
+ -test -z "lex.cparse.hparse.c$(BUILT_SOURCES)" || rm -f lex.c parse.h parse.c $(BUILT_SOURCES)
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-checkPROGRAMS \
mostlyclean-noinstPROGRAMS mostlyclean-tags \
@@ -566,12 +673,13 @@ maintainer-clean-checkPROGRAMS mostlyclean-noinstPROGRAMS \
distclean-noinstPROGRAMS clean-noinstPROGRAMS \
maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \
install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
-maintainer-clean-tags distdir check-TESTS info-am info dvi-am dvi \
+maintainer-clean-tags check-TESTS distdir info-am info dvi-am dvi \
check-local check check-am installcheck-am installcheck install-exec-am \
install-exec install-data-local install-data-am install-data install-am \
install uninstall-am uninstall all-local all-redirect all-am all \
-installdirs mostlyclean-generic distclean-generic clean-generic \
-maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+install-strip installdirs mostlyclean-generic distclean-generic \
+clean-generic maintainer-clean-generic clean mostlyclean distclean \
+maintainer-clean
install-suid-programs:
@@ -579,7 +687,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -591,8 +702,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -661,87 +772,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/asn1/asn1-common.h b/crypto/heimdal/lib/asn1/asn1-common.h
new file mode 100644
index 000000000000..d3a30f275680
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/asn1-common.h
@@ -0,0 +1,16 @@
+/* $Id: asn1-common.h,v 1.1 2000/04/14 15:41:31 joda Exp $ */
+
+#include <stddef.h>
+#include <time.h>
+
+#ifndef __asn1_common_definitions__
+#define __asn1_common_definitions__
+
+typedef struct octet_string {
+ size_t length;
+ void *data;
+} octet_string;
+
+typedef char *general_string;
+
+#endif
diff --git a/crypto/heimdal/lib/asn1/asn1_print.c b/crypto/heimdal/lib/asn1/asn1_print.c
index 92e64193aefc..e66ac225a53e 100644
--- a/crypto/heimdal/lib/asn1/asn1_print.c
+++ b/crypto/heimdal/lib/asn1/asn1_print.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -37,7 +37,7 @@
#include <getarg.h>
#include <err.h>
-RCSID("$Id: asn1_print.c,v 1.5 1999/12/02 17:05:01 joda Exp $");
+RCSID("$Id: asn1_print.c,v 1.6 2000/12/29 03:34:16 assar Exp $");
static struct et_list *et_list;
@@ -99,6 +99,9 @@ loop (unsigned char *buf, size_t len, int indent)
ret = der_get_tag (buf, len, &class, &type, &tag, &sz);
if (ret)
errx (1, "der_get_tag: %s", com_right (et_list, ret));
+ if (sz > len)
+ errx (1, "unreasonable length (%u) > %u",
+ (unsigned)sz, (unsigned)len);
buf += sz;
len -= sz;
for (i = 0; i < indent; ++i)
diff --git a/crypto/heimdal/lib/asn1/der.h b/crypto/heimdal/lib/asn1/der.h
index 37158af401dc..f031f8120f8e 100644
--- a/crypto/heimdal/lib/asn1/der.h
+++ b/crypto/heimdal/lib/asn1/der.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: der.h,v 1.18 1999/12/02 17:05:01 joda Exp $ */
+/* $Id: der.h,v 1.20 2001/01/29 08:31:27 assar Exp $ */
#ifndef __DER_H__
#define __DER_H__
@@ -66,7 +66,7 @@ enum {
time_t timegm (struct tm *);
#endif
-void time2generalizedtime (time_t t, octet_string *s);
+int time2generalizedtime (time_t t, octet_string *s);
int der_get_int (const unsigned char *p, size_t len, int *ret, size_t *size);
int der_get_length (const unsigned char *p, size_t len,
@@ -87,6 +87,7 @@ int der_match_tag_and_length (const unsigned char *p, size_t len,
size_t *length_ret, size_t *size);
int decode_integer (const unsigned char*, size_t, int*, size_t*);
+int decode_unsigned (const unsigned char*, size_t, unsigned*, size_t*);
int decode_general_string (const unsigned char*, size_t,
general_string*, size_t*);
int decode_octet_string (const unsigned char*, size_t, octet_string*, size_t*);
@@ -105,6 +106,8 @@ int der_put_length_and_tag (unsigned char*, size_t, size_t,
int encode_integer (unsigned char *p, size_t len,
const int *data, size_t*);
+int encode_unsigned (unsigned char *p, size_t len,
+ const unsigned *data, size_t*);
int encode_general_string (unsigned char *p, size_t len,
const general_string *data, size_t*);
int encode_octet_string (unsigned char *p, size_t len,
@@ -119,6 +122,7 @@ void free_generalized_time (time_t *t);
size_t length_len (size_t len);
size_t length_integer (const int *data);
+size_t length_unsigned (const unsigned *data);
size_t length_general_string (const general_string *data);
size_t length_octet_string (const octet_string *k);
size_t length_generalized_time (const time_t *t);
diff --git a/crypto/heimdal/lib/asn1/der_get.c b/crypto/heimdal/lib/asn1/der_get.c
index 9f0616bcef6d..1a180da819fd 100644
--- a/crypto/heimdal/lib/asn1/der_get.c
+++ b/crypto/heimdal/lib/asn1/der_get.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "der_locl.h"
-RCSID("$Id: der_get.c,v 1.27 1999/12/02 17:05:01 joda Exp $");
+RCSID("$Id: der_get.c,v 1.28 2000/04/06 17:19:53 assar Exp $");
#include <version.h>
@@ -225,6 +225,33 @@ decode_integer (const unsigned char *p, size_t len,
}
int
+decode_unsigned (const unsigned char *p, size_t len,
+ unsigned *num, size_t *size)
+{
+ size_t ret = 0;
+ size_t l, reallen;
+ int e;
+
+ e = der_match_tag (p, len, UNIV, PRIM, UT_Integer, &l);
+ if (e) return e;
+ p += l;
+ len -= l;
+ ret += l;
+ e = der_get_length (p, len, &reallen, &l);
+ if (e) return e;
+ p += l;
+ len -= l;
+ ret += l;
+ e = der_get_unsigned (p, reallen, num, &l);
+ if (e) return e;
+ p += l;
+ len -= l;
+ ret += l;
+ if(size) *size = ret;
+ return 0;
+}
+
+int
decode_general_string (const unsigned char *p, size_t len,
general_string *str, size_t *size)
{
diff --git a/crypto/heimdal/lib/asn1/der_length.c b/crypto/heimdal/lib/asn1/der_length.c
index 5db95bae37cb..d488f8fe351a 100644
--- a/crypto/heimdal/lib/asn1/der_length.c
+++ b/crypto/heimdal/lib/asn1/der_length.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,10 @@
#include "der_locl.h"
-RCSID("$Id: der_length.c,v 1.10 1999/12/02 17:05:01 joda Exp $");
+RCSID("$Id: der_length.c,v 1.11 2000/04/06 17:20:26 assar Exp $");
static size_t
-length_unsigned (unsigned val)
+len_unsigned (unsigned val)
{
size_t ret = 0;
@@ -48,7 +48,7 @@ length_unsigned (unsigned val)
}
static size_t
-length_int (int val)
+len_int (int val)
{
size_t ret = 0;
@@ -73,13 +73,21 @@ length_len (size_t len)
if (len < 128)
return 1;
else
- return length_unsigned (len) + 1;
+ return len_unsigned (len) + 1;
}
size_t
length_integer (const int *data)
{
- size_t len = length_int (*data);
+ size_t len = len_int (*data);
+
+ return 1 + length_len(len) + len;
+}
+
+size_t
+length_unsigned (const unsigned *data)
+{
+ size_t len = len_unsigned (*data);
return 1 + length_len(len) + len;
}
diff --git a/crypto/heimdal/lib/asn1/der_put.c b/crypto/heimdal/lib/asn1/der_put.c
index ce2165461d4d..1eda91767a4f 100644
--- a/crypto/heimdal/lib/asn1/der_put.c
+++ b/crypto/heimdal/lib/asn1/der_put.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "der_locl.h"
-RCSID("$Id: der_put.c,v 1.22 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: der_put.c,v 1.24 2001/01/29 08:31:27 assar Exp $");
/*
* All encoding functions take a pointer `p' to first position in
@@ -221,6 +221,31 @@ encode_integer (unsigned char *p, size_t len, const int *data, size_t *size)
}
int
+encode_unsigned (unsigned char *p, size_t len, const unsigned *data,
+ size_t *size)
+{
+ unsigned num = *data;
+ size_t ret = 0;
+ size_t l;
+ int e;
+
+ e = der_put_unsigned (p, len, num, &l);
+ if(e)
+ return e;
+ p -= l;
+ len -= l;
+ ret += l;
+ e = der_put_length_and_tag (p, len, l, UNIV, PRIM, UT_Integer, &l);
+ if (e)
+ return e;
+ p -= l;
+ len -= l;
+ ret += l;
+ *size = ret;
+ return 0;
+}
+
+int
encode_general_string (unsigned char *p, size_t len,
const general_string *data, size_t *size)
{
@@ -268,17 +293,20 @@ encode_octet_string (unsigned char *p, size_t len,
return 0;
}
-void
+int
time2generalizedtime (time_t t, octet_string *s)
{
struct tm *tm;
s->data = malloc(16);
+ if (s->data == NULL)
+ return ENOMEM;
s->length = 15;
tm = gmtime (&t);
sprintf (s->data, "%04d%02d%02d%02d%02d%02dZ", tm->tm_year + 1900,
tm->tm_mon + 1, tm->tm_mday, tm->tm_hour, tm->tm_min,
tm->tm_sec);
+ return 0;
}
int
@@ -290,7 +318,9 @@ encode_generalized_time (unsigned char *p, size_t len,
octet_string k;
int e;
- time2generalizedtime (*t, &k);
+ e = time2generalizedtime (*t, &k);
+ if (e)
+ return e;
e = der_put_octet_string (p, len, &k, &l);
free (k.data);
if (e)
diff --git a/crypto/heimdal/lib/asn1/gen.c b/crypto/heimdal/lib/asn1/gen.c
index bca45168951e..54212d985faa 100644
--- a/crypto/heimdal/lib/asn1/gen.c
+++ b/crypto/heimdal/lib/asn1/gen.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,18 +33,24 @@
#include "gen_locl.h"
-RCSID("$Id: gen.c,v 1.41 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: gen.c,v 1.44 2000/06/19 15:17:52 joda Exp $");
FILE *headerfile, *codefile, *logfile;
#define STEM "asn1"
-static char *orig_filename;
+static const char *orig_filename;
static char header[1024];
static char headerbase[1024] = STEM;
+const char *
+filename (void)
+{
+ return orig_filename;
+}
+
void
-init_generate (char *filename, char *base)
+init_generate (const char *filename, const char *base)
{
orig_filename = filename;
if(base)
@@ -91,7 +97,7 @@ init_generate (char *filename, char *base)
}
void
-close_generate ()
+close_generate (void)
{
fprintf (headerfile, "#endif /* __%s_h__ */\n", headerbase);
@@ -126,6 +132,10 @@ define_asn1 (int level, Type *t)
space(level);
fprintf (headerfile, "INTEGER");
break;
+ case TUInteger:
+ space(level);
+ fprintf (headerfile, "UNSIGNED INTEGER");
+ break;
case TOctetString:
space(level);
fprintf (headerfile, "OCTET STRING");
@@ -217,7 +227,21 @@ define_type (int level, char *name, Type *t, int typedefp)
break;
case TInteger:
space(level);
- fprintf (headerfile, "int %s;\n", name);
+ if(t->members == NULL) {
+ fprintf (headerfile, "int %s;\n", name);
+ } else {
+ Member *m;
+ int tag = -1;
+ fprintf (headerfile, "enum %s {\n", typedefp ? name : "");
+ for (m = t->members; m && m->val != tag; m = m->next) {
+ if(tag == -1)
+ tag = m->val;
+ space (level + 1);
+ fprintf(headerfile, "%s = %d%s\n", m->gen_name, m->val,
+ m->next->val == tag ? "" : ",");
+ }
+ fprintf (headerfile, "} %s;\n", name);
+ }
break;
case TUInteger:
space(level);
diff --git a/crypto/heimdal/lib/asn1/gen_copy.c b/crypto/heimdal/lib/asn1/gen_copy.c
index f9aa4894c887..7d414a971b33 100644
--- a/crypto/heimdal/lib/asn1/gen_copy.c
+++ b/crypto/heimdal/lib/asn1/gen_copy.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen_copy.c,v 1.10 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: gen_copy.c,v 1.11 2000/04/06 17:22:05 assar Exp $");
static void
copy_primitive (const char *typename, const char *from, const char *to)
@@ -54,6 +54,7 @@ copy_type (const char *from, const char *to, const Type *t)
t->symbol->gen_name, from, to);
break;
case TInteger:
+ case TUInteger:
fprintf(codefile, "*(%s) = *(%s);\n", to, from);
break;
case TOctetString:
diff --git a/crypto/heimdal/lib/asn1/gen_decode.c b/crypto/heimdal/lib/asn1/gen_decode.c
index 078ac44527a2..bed19a921af9 100644
--- a/crypto/heimdal/lib/asn1/gen_decode.c
+++ b/crypto/heimdal/lib/asn1/gen_decode.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen_decode.c,v 1.11 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: gen_decode.c,v 1.15 2001/01/29 08:36:45 assar Exp $");
static void
decode_primitive (const char *typename, const char *name)
@@ -48,215 +48,228 @@ decode_primitive (const char *typename, const char *name)
static void
decode_type (const char *name, const Type *t)
{
- switch (t->type) {
- case TType:
+ switch (t->type) {
+ case TType:
#if 0
- decode_type (name, t->symbol->type);
+ decode_type (name, t->symbol->type);
#endif
- fprintf (codefile,
- "e = decode_%s(p, len, %s, &l);\n"
- "FORW;\n",
- t->symbol->gen_name, name);
- break;
- case TInteger:
- decode_primitive ("integer", name);
- break;
- case TOctetString:
- decode_primitive ("octet_string", name);
- break;
- case TBitString: {
- Member *m;
- int tag = -1;
- int pos;
+ fprintf (codefile,
+ "e = decode_%s(p, len, %s, &l);\n"
+ "FORW;\n",
+ t->symbol->gen_name, name);
+ break;
+ case TInteger:
+ if(t->members == NULL)
+ decode_primitive ("integer", name);
+ else {
+ char *s;
+ asprintf(&s, "(int*)%s", name);
+ if(s == NULL)
+ errx (1, "out of memory");
+ decode_primitive ("integer", s);
+ free(s);
+ }
+ break;
+ case TUInteger:
+ decode_primitive ("unsigned", name);
+ break;
+ case TOctetString:
+ decode_primitive ("octet_string", name);
+ break;
+ case TBitString: {
+ Member *m;
+ int tag = -1;
+ int pos;
- fprintf (codefile,
- "e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString,"
- "&reallen, &l);\n"
- "FORW;\n"
- "if(len < reallen)\n"
- "return ASN1_OVERRUN;\n"
- "p++;\n"
- "len--;\n"
- "reallen--;\n"
- "ret++;\n");
- pos = 0;
- for (m = t->members; m && tag != m->val; m = m->next) {
- while (m->val / 8 > pos / 8) {
fprintf (codefile,
- "p++; len--; reallen--; ret++;\n");
- pos += 8;
- }
- fprintf (codefile,
- "%s->%s = (*p >> %d) & 1;\n",
- name, m->gen_name, 7 - m->val % 8);
- if (tag == -1)
- tag = m->val;
+ "e = der_match_tag_and_length (p, len, UNIV, PRIM, UT_BitString,"
+ "&reallen, &l);\n"
+ "FORW;\n"
+ "if(len < reallen)\n"
+ "return ASN1_OVERRUN;\n"
+ "p++;\n"
+ "len--;\n"
+ "reallen--;\n"
+ "ret++;\n");
+ pos = 0;
+ for (m = t->members; m && tag != m->val; m = m->next) {
+ while (m->val / 8 > pos / 8) {
+ fprintf (codefile,
+ "p++; len--; reallen--; ret++;\n");
+ pos += 8;
+ }
+ fprintf (codefile,
+ "%s->%s = (*p >> %d) & 1;\n",
+ name, m->gen_name, 7 - m->val % 8);
+ if (tag == -1)
+ tag = m->val;
+ }
+ fprintf (codefile,
+ "p += reallen; len -= reallen; ret += reallen;\n");
+ break;
}
- fprintf (codefile,
- "p += reallen; len -= reallen; ret += reallen;\n");
- break;
- }
- case TSequence: {
- Member *m;
- int tag = -1;
+ case TSequence: {
+ Member *m;
+ int tag = -1;
- if (t->members == NULL)
- break;
+ if (t->members == NULL)
+ break;
- fprintf (codefile,
- "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,"
- "&reallen, &l);\n"
- "FORW;\n"
- "{\n"
- "int dce_fix;\n"
- "if((dce_fix = fix_dce(reallen, &len)) < 0)\n"
- "return ASN1_BAD_FORMAT;\n");
+ fprintf (codefile,
+ "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,"
+ "&reallen, &l);\n"
+ "FORW;\n"
+ "{\n"
+ "int dce_fix;\n"
+ "if((dce_fix = fix_dce(reallen, &len)) < 0)\n"
+ "return ASN1_BAD_FORMAT;\n");
- for (m = t->members; m && tag != m->val; m = m->next) {
- char *s;
+ for (m = t->members; m && tag != m->val; m = m->next) {
+ char *s;
- asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name);
- if (0 && m->type->type == TType){
- if(m->optional)
- fprintf (codefile,
- "%s = malloc(sizeof(*%s));\n", s, s);
- fprintf (codefile,
- "e = decode_seq_%s(p, len, %d, %d, %s, &l);\n",
- m->type->symbol->gen_name,
- m->val,
- m->optional,
- s);
- if(m->optional)
- fprintf (codefile,
- "if (e == ASN1_MISSING_FIELD) {\n"
- "free(%s);\n"
- "%s = NULL;\n"
- "e = l = 0;\n"
- "}\n",
- s, s);
+ asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name);
+ if (0 && m->type->type == TType){
+ if(m->optional)
+ fprintf (codefile,
+ "%s = malloc(sizeof(*%s));\n"
+ "if(%s == NULL) return ENOMEM;\n", s, s, s);
+ fprintf (codefile,
+ "e = decode_seq_%s(p, len, %d, %d, %s, &l);\n",
+ m->type->symbol->gen_name,
+ m->val,
+ m->optional,
+ s);
+ if(m->optional)
+ fprintf (codefile,
+ "if (e == ASN1_MISSING_FIELD) {\n"
+ "free(%s);\n"
+ "%s = NULL;\n"
+ "e = l = 0;\n"
+ "}\n",
+ s, s);
- fprintf (codefile, "FORW;\n");
+ fprintf (codefile, "FORW;\n");
- }else{
- fprintf (codefile, "{\n"
- "size_t newlen, oldlen;\n\n"
- "e = der_match_tag (p, len, CONTEXT, CONS, %d, &l);\n",
- m->val);
- fprintf (codefile,
- "if (e)\n");
- if(m->optional)
- /* XXX should look at e */
- fprintf (codefile,
- "%s = NULL;\n", s);
- else
- fprintf (codefile,
- "return e;\n");
- fprintf (codefile,
- "else {\n");
- fprintf (codefile,
- "p += l;\n"
- "len -= l;\n"
- "ret += l;\n"
- "e = der_get_length (p, len, &newlen, &l);\n"
- "FORW;\n"
- "{\n"
+ }else{
+ fprintf (codefile, "{\n"
+ "size_t newlen, oldlen;\n\n"
+ "e = der_match_tag (p, len, CONTEXT, CONS, %d, &l);\n",
+ m->val);
+ fprintf (codefile,
+ "if (e)\n");
+ if(m->optional)
+ /* XXX should look at e */
+ fprintf (codefile,
+ "%s = NULL;\n", s);
+ else
+ fprintf (codefile,
+ "return e;\n");
+ fprintf (codefile,
+ "else {\n");
+ fprintf (codefile,
+ "p += l;\n"
+ "len -= l;\n"
+ "ret += l;\n"
+ "e = der_get_length (p, len, &newlen, &l);\n"
+ "FORW;\n"
+ "{\n"
- "int dce_fix;\n"
- "oldlen = len;\n"
- "if((dce_fix = fix_dce(newlen, &len)) < 0)"
- "return ASN1_BAD_FORMAT;\n");
- if (m->optional)
- fprintf (codefile,
- "%s = malloc(sizeof(*%s));\n",
- s, s);
- decode_type (s, m->type);
- fprintf (codefile,
- "if(dce_fix){\n"
- "e = der_match_tag_and_length (p, len, "
- "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n"
- "FORW;\n"
- "}else \n"
- "len = oldlen - newlen;\n"
- "}\n"
- "}\n");
- fprintf (codefile,
- "}\n");
- }
- if (tag == -1)
- tag = m->val;
- free (s);
- }
- fprintf(codefile,
- "if(dce_fix){\n"
- "e = der_match_tag_and_length (p, len, "
- "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n"
- "FORW;\n"
- "}\n"
- "}\n");
+ "int dce_fix;\n"
+ "oldlen = len;\n"
+ "if((dce_fix = fix_dce(newlen, &len)) < 0)"
+ "return ASN1_BAD_FORMAT;\n");
+ if (m->optional)
+ fprintf (codefile,
+ "%s = malloc(sizeof(*%s));\n"
+ "if(%s == NULL) return ENOMEM;\n", s, s, s);
+ decode_type (s, m->type);
+ fprintf (codefile,
+ "if(dce_fix){\n"
+ "e = der_match_tag_and_length (p, len, "
+ "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n"
+ "FORW;\n"
+ "}else \n"
+ "len = oldlen - newlen;\n"
+ "}\n"
+ "}\n");
+ fprintf (codefile,
+ "}\n");
+ }
+ if (tag == -1)
+ tag = m->val;
+ free (s);
+ }
+ fprintf(codefile,
+ "if(dce_fix){\n"
+ "e = der_match_tag_and_length (p, len, "
+ "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n"
+ "FORW;\n"
+ "}\n"
+ "}\n");
- break;
- }
- case TSequenceOf: {
- char *n;
+ break;
+ }
+ case TSequenceOf: {
+ char *n;
- fprintf (codefile,
- "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,"
- "&reallen, &l);\n"
- "FORW;\n"
- "if(len < reallen)\n"
- "return ASN1_OVERRUN;\n"
- "len = reallen;\n");
+ fprintf (codefile,
+ "e = der_match_tag_and_length (p, len, UNIV, CONS, UT_Sequence,"
+ "&reallen, &l);\n"
+ "FORW;\n"
+ "if(len < reallen)\n"
+ "return ASN1_OVERRUN;\n"
+ "len = reallen;\n");
- fprintf (codefile,
- "{\n"
- "size_t origlen = len;\n"
- "int oldret = ret;\n"
- "ret = 0;\n"
- "(%s)->len = 0;\n"
- "(%s)->val = NULL;\n"
- "while(ret < origlen) {\n"
- "(%s)->len++;\n"
- "(%s)->val = realloc((%s)->val, sizeof(*((%s)->val)) * (%s)->len);\n",
- name, name, name, name, name, name, name);
- asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name);
- decode_type (n, t->subtype);
- fprintf (codefile,
- "len = origlen - ret;\n"
- "}\n"
- "ret += oldret;\n"
- "}\n");
- free (n);
- break;
- }
- case TGeneralizedTime:
- decode_primitive ("generalized_time", name);
- break;
- case TGeneralString:
- decode_primitive ("general_string", name);
- break;
- case TApplication:
- fprintf (codefile,
- "e = der_match_tag_and_length (p, len, APPL, CONS, %d, "
- "&reallen, &l);\n"
- "FORW;\n"
- "{\n"
- "int dce_fix;\n"
- "if((dce_fix = fix_dce(reallen, &len)) < 0)\n"
- "return ASN1_BAD_FORMAT;\n",
- t->application);
- decode_type (name, t->subtype);
- fprintf(codefile,
- "if(dce_fix){\n"
- "e = der_match_tag_and_length (p, len, "
- "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n"
- "FORW;\n"
- "}\n"
- "}\n");
+ fprintf (codefile,
+ "{\n"
+ "size_t origlen = len;\n"
+ "int oldret = ret;\n"
+ "ret = 0;\n"
+ "(%s)->len = 0;\n"
+ "(%s)->val = NULL;\n"
+ "while(ret < origlen) {\n"
+ "(%s)->len++;\n"
+ "(%s)->val = realloc((%s)->val, sizeof(*((%s)->val)) * (%s)->len);\n",
+ name, name, name, name, name, name, name);
+ asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name);
+ decode_type (n, t->subtype);
+ fprintf (codefile,
+ "len = origlen - ret;\n"
+ "}\n"
+ "ret += oldret;\n"
+ "}\n");
+ free (n);
+ break;
+ }
+ case TGeneralizedTime:
+ decode_primitive ("generalized_time", name);
+ break;
+ case TGeneralString:
+ decode_primitive ("general_string", name);
+ break;
+ case TApplication:
+ fprintf (codefile,
+ "e = der_match_tag_and_length (p, len, APPL, CONS, %d, "
+ "&reallen, &l);\n"
+ "FORW;\n"
+ "{\n"
+ "int dce_fix;\n"
+ "if((dce_fix = fix_dce(reallen, &len)) < 0)\n"
+ "return ASN1_BAD_FORMAT;\n",
+ t->application);
+ decode_type (name, t->subtype);
+ fprintf(codefile,
+ "if(dce_fix){\n"
+ "e = der_match_tag_and_length (p, len, "
+ "(Der_class)0, (Der_type)0, 0, &reallen, &l);\n"
+ "FORW;\n"
+ "}\n"
+ "}\n");
- break;
- default :
- abort ();
- }
+ break;
+ default :
+ abort ();
+ }
}
void
@@ -282,17 +295,10 @@ generate_type_decode (const Symbol *s)
switch (s->type->type) {
case TInteger:
- fprintf (codefile, "return decode_integer (p, len, data, size);\n");
- break;
+ case TUInteger:
case TOctetString:
- fprintf (codefile, "return decode_octet_string (p, len, data, size);\n");
- break;
case TGeneralizedTime:
- fprintf (codefile, "return decode_generalized_time (p, len, data, size);\n");
- break;
case TGeneralString:
- fprintf (codefile, "return decode_general_string (p, len, data, size);\n");
- break;
case TBitString:
case TSequence:
case TSequenceOf:
@@ -303,6 +309,7 @@ generate_type_decode (const Symbol *s)
"size_t l;\n"
"int i, e;\n\n");
fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */
+ fprintf(codefile, "reallen = 0;\n"); /* hack to avoid `unused variable' */
decode_type ("data", s->type);
fprintf (codefile,
diff --git a/crypto/heimdal/lib/asn1/gen_encode.c b/crypto/heimdal/lib/asn1/gen_encode.c
index 9e9b293437b8..367ca37508c7 100644
--- a/crypto/heimdal/lib/asn1/gen_encode.c
+++ b/crypto/heimdal/lib/asn1/gen_encode.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen_encode.c,v 1.9 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: gen_encode.c,v 1.11 2000/06/19 15:19:08 joda Exp $");
static void
encode_primitive (const char *typename, const char *name)
@@ -48,154 +48,166 @@ encode_primitive (const char *typename, const char *name)
static void
encode_type (const char *name, const Type *t)
{
- switch (t->type) {
- case TType:
+ switch (t->type) {
+ case TType:
#if 0
- encode_type (name, t->symbol->type);
+ encode_type (name, t->symbol->type);
#endif
- fprintf (codefile,
- "e = encode_%s(p, len, %s, &l);\n"
- "BACK;\n",
- t->symbol->gen_name, name);
- break;
- case TInteger:
- encode_primitive ("integer", name);
- break;
- case TOctetString:
- encode_primitive ("octet_string", name);
- break;
- case TBitString: {
- Member *m;
- int pos;
- int rest;
- int tag = -1;
-
- if (t->members == NULL)
- break;
-
- fprintf (codefile, "{\n"
- "unsigned char c = 0;\n");
- pos = t->members->prev->val;
- /* fix for buggy MIT (and OSF?) code */
- if (pos > 31)
- abort ();
- /*
- * It seems that if we do not always set pos to 31 here, the MIT
- * code will do the wrong thing.
- *
- * I hate ASN.1 (and DER), but I hate it even more when everybody
- * has to screw it up differently.
- */
- pos = 31;
- rest = 7 - (pos % 8);
-
- for (m = t->members->prev; m && tag != m->val; m = m->prev) {
- while (m->val / 8 < pos / 8) {
fprintf (codefile,
- "*p-- = c; len--; ret++;\n"
- "c = 0;\n");
- pos -= 8;
- }
- fprintf (codefile,
- "if(%s->%s) c |= 1<<%d;\n", name, m->gen_name,
- 7 - m->val % 8);
-
- if (tag == -1)
- tag = m->val;
- }
+ "e = encode_%s(p, len, %s, &l);\n"
+ "BACK;\n",
+ t->symbol->gen_name, name);
+ break;
+ case TInteger:
+ if(t->members == NULL)
+ encode_primitive ("integer", name);
+ else {
+ char *s;
+ asprintf(&s, "(const int*)%s", name);
+ if(s == NULL)
+ errx(1, "out of memory");
+ encode_primitive ("integer", s);
+ free(s);
+ }
+ break;
+ case TUInteger:
+ encode_primitive ("unsigned", name);
+ break;
+ case TOctetString:
+ encode_primitive ("octet_string", name);
+ break;
+ case TBitString: {
+ Member *m;
+ int pos;
+ int rest;
+ int tag = -1;
- fprintf (codefile,
- "*p-- = c;\n"
- "*p-- = %d;\n"
- "len -= 2;\n"
- "ret += 2;\n"
- "}\n\n"
- "e = der_put_length_and_tag (p, len, ret, UNIV, PRIM,"
- "UT_BitString, &l);\n"
- "BACK;\n",
- rest);
- break;
- }
- case TSequence: {
- Member *m;
- int tag = -1;
+ if (t->members == NULL)
+ break;
- if (t->members == NULL)
- break;
+ fprintf (codefile, "{\n"
+ "unsigned char c = 0;\n");
+ pos = t->members->prev->val;
+ /* fix for buggy MIT (and OSF?) code */
+ if (pos > 31)
+ abort ();
+ /*
+ * It seems that if we do not always set pos to 31 here, the MIT
+ * code will do the wrong thing.
+ *
+ * I hate ASN.1 (and DER), but I hate it even more when everybody
+ * has to screw it up differently.
+ */
+ pos = 31;
+ rest = 7 - (pos % 8);
- for (m = t->members->prev; m && tag != m->val; m = m->prev) {
- char *s;
+ for (m = t->members->prev; m && tag != m->val; m = m->prev) {
+ while (m->val / 8 < pos / 8) {
+ fprintf (codefile,
+ "*p-- = c; len--; ret++;\n"
+ "c = 0;\n");
+ pos -= 8;
+ }
+ fprintf (codefile,
+ "if(%s->%s) c |= 1<<%d;\n", name, m->gen_name,
+ 7 - m->val % 8);
- asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name);
- if (m->optional)
- fprintf (codefile,
- "if(%s)\n",
- s);
+ if (tag == -1)
+ tag = m->val;
+ }
+
+ fprintf (codefile,
+ "*p-- = c;\n"
+ "*p-- = %d;\n"
+ "len -= 2;\n"
+ "ret += 2;\n"
+ "}\n\n"
+ "e = der_put_length_and_tag (p, len, ret, UNIV, PRIM,"
+ "UT_BitString, &l);\n"
+ "BACK;\n",
+ rest);
+ break;
+ }
+ case TSequence: {
+ Member *m;
+ int tag = -1;
+
+ if (t->members == NULL)
+ break;
+
+ for (m = t->members->prev; m && tag != m->val; m = m->prev) {
+ char *s;
+
+ asprintf (&s, "%s(%s)->%s", m->optional ? "" : "&", name, m->gen_name);
+ if (m->optional)
+ fprintf (codefile,
+ "if(%s)\n",
+ s);
#if 1
- fprintf (codefile, "{\n"
- "int oldret = ret;\n"
- "ret = 0;\n");
+ fprintf (codefile, "{\n"
+ "int oldret = ret;\n"
+ "ret = 0;\n");
#endif
- encode_type (s, m->type);
- fprintf (codefile,
- "e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, "
- "%d, &l);\n"
- "BACK;\n",
- m->val);
+ encode_type (s, m->type);
+ fprintf (codefile,
+ "e = der_put_length_and_tag (p, len, ret, CONTEXT, CONS, "
+ "%d, &l);\n"
+ "BACK;\n",
+ m->val);
#if 1
- fprintf (codefile,
- "ret += oldret;\n"
- "}\n");
+ fprintf (codefile,
+ "ret += oldret;\n"
+ "}\n");
#endif
- if (tag == -1)
- tag = m->val;
- free (s);
+ if (tag == -1)
+ tag = m->val;
+ free (s);
+ }
+ fprintf (codefile,
+ "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n"
+ "BACK;\n");
+ break;
}
- fprintf (codefile,
- "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n"
- "BACK;\n");
- break;
- }
- case TSequenceOf: {
- char *n;
+ case TSequenceOf: {
+ char *n;
- fprintf (codefile,
- "for(i = (%s)->len - 1; i >= 0; --i) {\n"
+ fprintf (codefile,
+ "for(i = (%s)->len - 1; i >= 0; --i) {\n"
#if 1
- "int oldret = ret;\n"
- "ret = 0;\n",
+ "int oldret = ret;\n"
+ "ret = 0;\n",
#else
- ,
+ ,
#endif
- name);
- asprintf (&n, "&(%s)->val[i]", name);
- encode_type (n, t->subtype);
- fprintf (codefile,
+ name);
+ asprintf (&n, "&(%s)->val[i]", name);
+ encode_type (n, t->subtype);
+ fprintf (codefile,
#if 1
- "ret += oldret;\n"
+ "ret += oldret;\n"
#endif
- "}\n"
- "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n"
- "BACK;\n");
- free (n);
- break;
- }
- case TGeneralizedTime:
- encode_primitive ("generalized_time", name);
- break;
- case TGeneralString:
- encode_primitive ("general_string", name);
- break;
- case TApplication:
- encode_type (name, t->subtype);
- fprintf (codefile,
- "e = der_put_length_and_tag (p, len, ret, APPL, CONS, %d, &l);\n"
- "BACK;\n",
- t->application);
- break;
- default:
- abort ();
- }
+ "}\n"
+ "e = der_put_length_and_tag (p, len, ret, UNIV, CONS, UT_Sequence, &l);\n"
+ "BACK;\n");
+ free (n);
+ break;
+ }
+ case TGeneralizedTime:
+ encode_primitive ("generalized_time", name);
+ break;
+ case TGeneralString:
+ encode_primitive ("general_string", name);
+ break;
+ case TApplication:
+ encode_type (name, t->subtype);
+ fprintf (codefile,
+ "e = der_put_length_and_tag (p, len, ret, APPL, CONS, %d, &l);\n"
+ "BACK;\n",
+ t->application);
+ break;
+ default:
+ abort ();
+ }
}
void
@@ -217,17 +229,10 @@ generate_type_encode (const Symbol *s)
switch (s->type->type) {
case TInteger:
- fprintf (codefile, "return encode_integer (p, len, data, size);\n");
- break;
+ case TUInteger:
case TOctetString:
- fprintf (codefile, "return encode_octet_string (p, len, data, size);\n");
- break;
case TGeneralizedTime:
- fprintf (codefile, "return encode_generalized_time (p, len, data, size);\n");
- break;
case TGeneralString:
- fprintf (codefile, "return encode_general_string (p, len, data, size);\n");
- break;
case TBitString:
case TSequence:
case TSequenceOf:
@@ -239,7 +244,8 @@ generate_type_encode (const Symbol *s)
"int i, e;\n\n");
fprintf(codefile, "i = 0;\n"); /* hack to avoid `unused variable' */
- encode_type ("data", s->type);
+ encode_type("data", s->type);
+
fprintf (codefile, "*size = ret;\n"
"return 0;\n");
break;
diff --git a/crypto/heimdal/lib/asn1/gen_free.c b/crypto/heimdal/lib/asn1/gen_free.c
index 0f6078bed1de..20ae52111769 100644
--- a/crypto/heimdal/lib/asn1/gen_free.c
+++ b/crypto/heimdal/lib/asn1/gen_free.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen_free.c,v 1.7 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: gen_free.c,v 1.8 2000/04/06 17:24:02 assar Exp $");
static void
free_primitive (const char *typename, const char *name)
@@ -52,6 +52,7 @@ free_type (const char *name, const Type *t)
fprintf (codefile, "free_%s(%s);\n", t->symbol->gen_name, name);
break;
case TInteger:
+ case TUInteger:
break;
case TOctetString:
free_primitive ("octet_string", name);
diff --git a/crypto/heimdal/lib/asn1/gen_length.c b/crypto/heimdal/lib/asn1/gen_length.c
index 1c3566d0f3c0..ca2af6f706d3 100644
--- a/crypto/heimdal/lib/asn1/gen_length.c
+++ b/crypto/heimdal/lib/asn1/gen_length.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen_length.c,v 1.7 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: gen_length.c,v 1.10 2000/06/21 22:40:53 assar Exp $");
static void
length_primitive (const char *typename,
@@ -46,91 +46,103 @@ length_primitive (const char *typename,
static void
length_type (const char *name, const Type *t, const char *variable)
{
- switch (t->type) {
- case TType:
+ switch (t->type) {
+ case TType:
#if 0
- length_type (name, t->symbol->type);
+ length_type (name, t->symbol->type);
#endif
- fprintf (codefile, "%s += length_%s(%s);\n",
- variable, t->symbol->gen_name, name);
- break;
- case TInteger:
- length_primitive ("integer", name, variable);
- break;
- case TOctetString:
- length_primitive ("octet_string", name, variable);
- break;
- case TBitString: {
- /*
- * XXX - Hope this is correct
- * look at TBitString case in `encode_type'
- */
- fprintf (codefile, "%s += 7;\n", variable);
- break;
- }
- case TSequence: {
- Member *m;
- int tag = -1;
+ fprintf (codefile, "%s += length_%s(%s);\n",
+ variable, t->symbol->gen_name, name);
+ break;
+ case TInteger:
+ if(t->members == NULL)
+ length_primitive ("integer", name, variable);
+ else {
+ char *s;
+ asprintf(&s, "(const int*)%s", name);
+ if(s == NULL)
+ errx (1, "out of memory");
+ length_primitive ("integer", s, variable);
+ free(s);
+ }
+ break;
+ case TUInteger:
+ length_primitive ("unsigned", name, variable);
+ break;
+ case TOctetString:
+ length_primitive ("octet_string", name, variable);
+ break;
+ case TBitString: {
+ /*
+ * XXX - Hope this is correct
+ * look at TBitString case in `encode_type'
+ */
+ fprintf (codefile, "%s += 7;\n", variable);
+ break;
+ }
+ case TSequence: {
+ Member *m;
+ int tag = -1;
- if (t->members == NULL)
- break;
+ if (t->members == NULL)
+ break;
- for (m = t->members; m && tag != m->val; m = m->next) {
- char *s;
+ for (m = t->members; m && tag != m->val; m = m->next) {
+ char *s;
- asprintf (&s, "%s(%s)->%s",
- m->optional ? "" : "&", name, m->gen_name);
- if (m->optional)
- fprintf (codefile, "if(%s)", s);
- fprintf (codefile, "{\n"
- "int oldret = %s;\n"
- "%s = 0;\n", variable, variable);
- length_type (s, m->type, "ret");
- fprintf (codefile, "%s += 1 + length_len(%s) + oldret;\n",
- variable, variable);
- fprintf (codefile, "}\n");
- if (tag == -1)
- tag = m->val;
- free (s);
- }
- fprintf (codefile,
- "%s += 1 + length_len(%s);\n", variable, variable);
- break;
- }
- case TSequenceOf: {
- char *n;
+ asprintf (&s, "%s(%s)->%s",
+ m->optional ? "" : "&", name, m->gen_name);
+ if (m->optional)
+ fprintf (codefile, "if(%s)", s);
+ fprintf (codefile, "{\n"
+ "int oldret = %s;\n"
+ "%s = 0;\n", variable, variable);
+ length_type (s, m->type, "ret");
+ fprintf (codefile, "%s += 1 + length_len(%s) + oldret;\n",
+ variable, variable);
+ fprintf (codefile, "}\n");
+ if (tag == -1)
+ tag = m->val;
+ free (s);
+ }
+ fprintf (codefile,
+ "%s += 1 + length_len(%s);\n", variable, variable);
+ break;
+ }
+ case TSequenceOf: {
+ char *n;
- fprintf (codefile,
- "{\n"
- "int oldret = %s;\n"
- "int i;\n"
- "%s = 0;\n",
- variable, variable);
+ fprintf (codefile,
+ "{\n"
+ "int oldret = %s;\n"
+ "int i;\n"
+ "%s = 0;\n",
+ variable, variable);
- fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name);
- asprintf (&n, "&(%s)->val[i]", name);
- length_type(n, t->subtype, variable);
- fprintf (codefile, "}\n");
+ fprintf (codefile, "for(i = (%s)->len - 1; i >= 0; --i){\n", name);
+ asprintf (&n, "&(%s)->val[i]", name);
+ length_type(n, t->subtype, variable);
+ fprintf (codefile, "}\n");
- fprintf (codefile,
- "%s += 1 + length_len(%s) + oldret;\n"
- "}\n", variable, variable);
- free(n);
- break;
- }
- case TGeneralizedTime:
- length_primitive ("generalized_time", name, variable);
- break;
- case TGeneralString:
- length_primitive ("general_string", name, variable);
- break;
- case TApplication:
- length_type (name, t->subtype, variable);
- fprintf (codefile, "ret += 1 + length_len (ret);\n");
- break;
- default :
- abort ();
- }
+ fprintf (codefile,
+ "%s += 1 + length_len(%s) + oldret;\n"
+ "}\n", variable, variable);
+ free(n);
+ break;
+ }
+ case TGeneralizedTime:
+ length_primitive ("generalized_time", name, variable);
+ break;
+ case TGeneralString:
+ length_primitive ("general_string", name, variable);
+ break;
+ case TApplication:
+ length_type (name, t->subtype, variable);
+ fprintf (codefile, "ret += 1 + length_len (ret);\n");
+ break;
+ default :
+ abort ();
+ }
}
void
diff --git a/crypto/heimdal/lib/asn1/gen_locl.h b/crypto/heimdal/lib/asn1/gen_locl.h
index 7ee37aee22dd..acf6bc1aad03 100644
--- a/crypto/heimdal/lib/asn1/gen_locl.h
+++ b/crypto/heimdal/lib/asn1/gen_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: gen_locl.h,v 1.6 1999/12/02 17:05:02 joda Exp $ */
+/* $Id: gen_locl.h,v 1.7 2000/04/09 09:21:56 assar Exp $ */
#ifndef __GEN_LOCL_H__
#define __GEN_LOCL_H__
@@ -63,7 +63,8 @@ void generate_type_copy (const Symbol *s);
void generate_type_maybe (const Symbol *s);
void generate_glue (const Symbol *s);
-void init_generate (char *filename, char *basename);
+void init_generate (const char *filename, const char *basename);
+const char *filename (void);
void close_generate(void);
int yyparse(void);
diff --git a/crypto/heimdal/lib/asn1/k5.asn1 b/crypto/heimdal/lib/asn1/k5.asn1
index a7f41992280a..c5382f3d7e66 100644
--- a/crypto/heimdal/lib/asn1/k5.asn1
+++ b/crypto/heimdal/lib/asn1/k5.asn1
@@ -1,16 +1,89 @@
+-- $Id: k5.asn1,v 1.23 2000/12/11 06:30:35 assar Exp $
+
KERBEROS5 DEFINITIONS ::=
BEGIN
-nt-unknown INTEGER ::= 0 -- Name type not known
-nt-principal INTEGER ::= 1 -- Just the name of the principal as in
-nt-srv-inst INTEGER ::= 2 -- Service and other unique instance (krbtgt)
-nt-srv-hst INTEGER ::= 3 -- Service with host name as instance
-nt-srv-xhst INTEGER ::= 4 -- Service with host as remaining components
-nt-uid INTEGER ::= 5 -- Unique ID
+NAME-TYPE ::= INTEGER {
+ KRB5_NT_UNKNOWN(0), -- Name type not known
+ KRB5_NT_PRINCIPAL(1), -- Just the name of the principal as in
+ KRB5_NT_SRV_INST(2), -- Service and other unique instance (krbtgt)
+ KRB5_NT_SRV_HST(3), -- Service with host name as instance
+ KRB5_NT_SRV_XHST(4), -- Service with host as remaining components
+ KRB5_NT_UID(5), -- Unique ID
+ KRB5_NT_X500_PRINCIPAL(6) -- PKINIT
+}
+
+-- message types
+
+MESSAGE-TYPE ::= INTEGER {
+ krb-as-req(10), -- Request for initial authentication
+ krb-as-rep(11), -- Response to KRB_AS_REQ request
+ krb-tgs-req(12), -- Request for authentication based on TGT
+ krb-tgs-rep(13), -- Response to KRB_TGS_REQ request
+ krb-ap-req(14), -- application request to server
+ krb-ap-rep(15), -- Response to KRB_AP_REQ_MUTUAL
+ krb-safe(20), -- Safe (checksummed) application message
+ krb-priv(21), -- Private (encrypted) application message
+ krb-cred(22), -- Private (encrypted) message to forward credentials
+ krb-error(30) -- Error response
+}
+
+
+-- pa-data types
+
+PADATA-TYPE ::= INTEGER {
+ KRB5-PADATA-NONE(0),
+ KRB5-PADATA-TGS-REQ(1),
+ KRB5-PADATA-AP-REQ(1),
+ KRB5-PADATA-ENC-TIMESTAMP(2),
+ KRB5-PADATA-PW-SALT(3),
+ KRB5-PADATA-ENC-UNIX-TIME(5),
+ KRB5-PADATA-SANDIA-SECUREID(6),
+ KRB5-PADATA-SESAME(7),
+ KRB5-PADATA-OSF-DCE(8),
+ KRB5-PADATA-CYBERSAFE-SECUREID(9),
+ KRB5-PADATA-AFS3-SALT(10),
+ KRB5-PADATA-ETYPE-INFO(11),
+ KRB5-PADATA-SAM-CHALLENGE(12), -- (sam/otp)
+ KRB5-PADATA-SAM-RESPONSE(13), -- (sam/otp)
+ KRB5-PADATA-PK-AS-REQ(14), -- (PKINIT)
+ KRB5-PADATA-PK-AS-REP(15), -- (PKINIT)
+ KRB5-PADATA-PK-AS-SIGN(16), -- (PKINIT)
+ KRB5-PADATA-PK-KEY-REQ(17), -- (PKINIT)
+ KRB5-PADATA-PK-KEY-REP(18), -- (PKINIT)
+ KRB5-PADATA-USE-SPECIFIED-KVNO(20),
+ KRB5-PADATA-SAM-REDIRECT(21), -- (sam/otp)
+ KRB5-PADATA-GET-FROM-TYPED-DATA(22),
+ KRB5-PADATA-SAM-ETYPE-INFO(23)
+}
+
+-- checksumtypes
+
+CKSUMTYPE ::= INTEGER {
+ CKSUMTYPE_NONE(0),
+ CKSUMTYPE_CRC32(1),
+ CKSUMTYPE_RSA_MD4(2),
+ CKSUMTYPE_RSA_MD4_DES(3),
+ CKSUMTYPE_DES_MAC(4),
+ CKSUMTYPE_DES_MAC_K(5),
+ CKSUMTYPE_RSA_MD4_DES_K(6),
+ CKSUMTYPE_RSA_MD5(7),
+ CKSUMTYPE_RSA_MD5_DES(8),
+ CKSUMTYPE_RSA_MD5_DES3(9),
+ -- CKSUMTYPE_SHA1(10),
+ CKSUMTYPE_HMAC_SHA1_DES3(12),
+ CKSUMTYPE_SHA1(1000), -- correct value? 10 (9 also)
+ CKSUMTYPE_HMAC_MD5(-138), -- unofficial microsoft number
+ CKSUMTYPE_HMAC_MD5_ENC(-1138) -- even more unofficial
+}
+
+-- this is sugar to make something ASN1 does not have: unsigned
+
+UNSIGNED ::= INTEGER (0..4294967295)
Realm ::= GeneralString
PrincipalName ::= SEQUENCE {
- name-type[0] INTEGER,
+ name-type[0] NAME-TYPE,
name-string[1] SEQUENCE OF GeneralString
}
@@ -81,6 +154,7 @@ KDCOptions ::= BIT STRING {
unused10(10),
unused11(11),
request-anonymous(14),
+ canonicalize(15),
disable-transited-check(26),
renewable-ok(27),
enc-tkt-in-skey(28),
@@ -133,7 +207,7 @@ EncTicketPart ::= [APPLICATION 3] SEQUENCE {
}
Checksum ::= SEQUENCE {
- cksumtype[0] INTEGER,
+ cksumtype[0] CKSUMTYPE,
checksum[1] OCTET STRING
}
@@ -145,13 +219,13 @@ Authenticator ::= [APPLICATION 2] SEQUENCE {
cusec[4] INTEGER,
ctime[5] KerberosTime,
subkey[6] EncryptionKey OPTIONAL,
- seq-number[7] INTEGER OPTIONAL,
+ seq-number[7] UNSIGNED OPTIONAL,
authorization-data[8] AuthorizationData OPTIONAL
}
PA-DATA ::= SEQUENCE {
-- might be encoded AP-REQ
- padata-type[1] INTEGER,
+ padata-type[1] PADATA-TYPE,
padata-value[2] OCTET STRING
}
@@ -185,7 +259,7 @@ KDC-REQ-BODY ::= SEQUENCE {
KDC-REQ ::= SEQUENCE {
pvno[1] INTEGER,
- msg-type[2] INTEGER,
+ msg-type[2] MESSAGE-TYPE,
padata[3] METHOD-DATA OPTIONAL,
req-body[4] KDC-REQ-BODY
}
@@ -203,7 +277,7 @@ PA-ENC-TS-ENC ::= SEQUENCE {
KDC-REP ::= SEQUENCE {
pvno[0] INTEGER,
- msg-type[1] INTEGER,
+ msg-type[1] MESSAGE-TYPE,
padata[2] METHOD-DATA OPTIONAL,
crealm[3] Realm,
cname[4] PrincipalName,
@@ -234,7 +308,7 @@ EncTGSRepPart ::= [APPLICATION 26] EncKDCRepPart
AP-REQ ::= [APPLICATION 14] SEQUENCE {
pvno[0] INTEGER,
- msg-type[1] INTEGER,
+ msg-type[1] MESSAGE-TYPE,
ap-options[2] APOptions,
ticket[3] Ticket,
authenticator[4] EncryptedData
@@ -242,7 +316,7 @@ AP-REQ ::= [APPLICATION 14] SEQUENCE {
AP-REP ::= [APPLICATION 15] SEQUENCE {
pvno[0] INTEGER,
- msg-type[1] INTEGER,
+ msg-type[1] MESSAGE-TYPE,
enc-part[2] EncryptedData
}
@@ -250,42 +324,42 @@ EncAPRepPart ::= [APPLICATION 27] SEQUENCE {
ctime[0] KerberosTime,
cusec[1] INTEGER,
subkey[2] EncryptionKey OPTIONAL,
- seq-number[3] INTEGER OPTIONAL
+ seq-number[3] UNSIGNED OPTIONAL
}
KRB-SAFE-BODY ::= SEQUENCE {
user-data[0] OCTET STRING,
timestamp[1] KerberosTime OPTIONAL,
usec[2] INTEGER OPTIONAL,
- seq-number[3] INTEGER OPTIONAL,
+ seq-number[3] UNSIGNED OPTIONAL,
s-address[4] HostAddress OPTIONAL,
r-address[5] HostAddress OPTIONAL
}
KRB-SAFE ::= [APPLICATION 20] SEQUENCE {
pvno[0] INTEGER,
- msg-type[1] INTEGER,
+ msg-type[1] MESSAGE-TYPE,
safe-body[2] KRB-SAFE-BODY,
cksum[3] Checksum
}
KRB-PRIV ::= [APPLICATION 21] SEQUENCE {
pvno[0] INTEGER,
- msg-type[1] INTEGER,
+ msg-type[1] MESSAGE-TYPE,
enc-part[3] EncryptedData
}
EncKrbPrivPart ::= [APPLICATION 28] SEQUENCE {
user-data[0] OCTET STRING,
timestamp[1] KerberosTime OPTIONAL,
usec[2] INTEGER OPTIONAL,
- seq-number[3] INTEGER OPTIONAL,
+ seq-number[3] UNSIGNED OPTIONAL,
s-address[4] HostAddress OPTIONAL, -- sender's addr
r-address[5] HostAddress OPTIONAL -- recip's addr
}
KRB-CRED ::= [APPLICATION 22] SEQUENCE {
pvno[0] INTEGER,
- msg-type[1] INTEGER, -- KRB_CRED
+ msg-type[1] MESSAGE-TYPE, -- KRB_CRED
tickets[2] SEQUENCE OF Ticket,
enc-part[3] EncryptedData
}
@@ -315,7 +389,7 @@ EncKrbCredPart ::= [APPLICATION 29] SEQUENCE {
KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
pvno[0] INTEGER,
- msg-type[1] INTEGER,
+ msg-type[1] MESSAGE-TYPE,
ctime[2] KerberosTime OPTIONAL,
cusec[3] INTEGER OPTIONAL,
stime[4] KerberosTime,
@@ -331,51 +405,6 @@ KRB-ERROR ::= [APPLICATION 30] SEQUENCE {
pvno INTEGER ::= 5 -- current Kerberos protocol version number
--- message types
-
-krb-as-req INTEGER ::= 10 -- Request for initial authentication
-krb-as-rep INTEGER ::= 11 -- Response to KRB_AS_REQ request
-krb-tgs-req INTEGER ::= 12 -- Request for authentication based on TGT
-krb-tgs-rep INTEGER ::= 13 -- Response to KRB_TGS_REQ request
-krb-ap-req INTEGER ::= 14 -- application request to server
-krb-ap-rep INTEGER ::= 15 -- Response to KRB_AP_REQ_MUTUAL
-krb-safe INTEGER ::= 20 -- Safe (checksummed) application message
-krb-priv INTEGER ::= 21 -- Private (encrypted) application message
-krb-cred INTEGER ::= 22 -- Private (encrypted) message to forward credentials
-krb-error INTEGER ::= 30 -- Error response
-
--- pa-data types
-
-pa-tgs-req INTEGER ::= 1
-pa-enc-timestamp INTEGER ::= 2
-pa-pw-salt INTEGER ::= 3
-pa-enc-unix-time INTEGER ::= 5
-pa-sandia-secureid INTEGER ::= 6
-pa-sesame INTEGER ::= 7
-pa-osf-dce INTEGER ::= 8
-pa-cybersafe-secureid INTEGER ::= 9
-pa-afs3-salt INTEGER ::= 10
-pa-etype-info INTEGER ::= 11
-sam-challenge INTEGER ::= 12 -- (sam/otp)
-sam-response INTEGER ::= 13 -- (sam/otp)
-pa-pk-as-req INTEGER ::= 14 -- (pkinit)
-pa-pk-as-rep INTEGER ::= 15 -- (pkinit)
-pa-pk-as-sign INTEGER ::= 16 -- (pkinit)
-pa-pk-key-req INTEGER ::= 17 -- (pkinit)
-pa-pk-key-rep INTEGER ::= 18 -- (pkinit)
--- checksumtypes
-
-CRC32 INTEGER ::= 1
-rsa-md4 INTEGER ::= 2
-rsa-md4-des INTEGER ::= 3
-des-mac INTEGER ::= 4
-des-mac-k INTEGER ::= 5
-rsa-md4-des-k INTEGER ::= 6
-rsa-md5 INTEGER ::= 7
-rsa-md5-des INTEGER ::= 8
-rsa-md5-des3 INTEGER ::= 9
-hmac-sha1-des3 INTEGER ::= 12
-
-- transited encodings
DOMAIN-X500-COMPRESS INTEGER ::= 1
diff --git a/crypto/heimdal/lib/asn1/lex.h b/crypto/heimdal/lib/asn1/lex.h
index 66d708c3ccd2..9f5cadf92b84 100644
--- a/crypto/heimdal/lib/asn1/lex.h
+++ b/crypto/heimdal/lib/asn1/lex.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,6 +31,11 @@
* SUCH DAMAGE.
*/
-/* $Id: lex.h,v 1.3 1999/12/02 17:05:02 joda Exp $ */
+/* $Id: lex.h,v 1.5 2000/07/01 20:21:34 assar Exp $ */
-void error_message (char *, ...);
+#include <roken.h>
+
+void error_message (const char *, ...)
+__attribute__ ((format (printf, 1, 2)));
+
+int yylex(void);
diff --git a/crypto/heimdal/lib/asn1/lex.l b/crypto/heimdal/lib/asn1/lex.l
index b3fbf713b19a..ffb6fd560544 100644
--- a/crypto/heimdal/lib/asn1/lex.l
+++ b/crypto/heimdal/lib/asn1/lex.l
@@ -1,6 +1,6 @@
%{
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,7 +32,7 @@
* SUCH DAMAGE.
*/
-/* $Id: lex.l,v 1.10 1999/12/02 17:05:02 joda Exp $ */
+/* $Id: lex.l,v 1.15 2000/07/02 04:08:02 assar Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
@@ -46,17 +46,22 @@
#endif
#include "symbol.h"
#include "parse.h"
-
-void error_message(char *, ...);
+#include "lex.h"
+#include "gen_locl.h"
static unsigned lineno = 1;
-/* ","|"{"|"}"|"("|")"|"["|"]"|"|" { return *yytext; } */
+#define YY_NO_UNPUT
+
+#undef ECHO
+
%}
%%
INTEGER { return INTEGER; }
+IMPORTS { return IMPORTS; }
+FROM { return FROM; }
SEQUENCE { return SEQUENCE; }
OF { return OF; }
OCTET { return OCTET; }
@@ -70,15 +75,16 @@ BEGIN { return TBEGIN; }
END { return END; }
DEFINITIONS { return DEFINITIONS; }
EXTERNAL { return EXTERNAL; }
-[,{}()|] { return *yytext; }
+[,;{}()|] { return *yytext; }
"[" { return *yytext; }
"]" { return *yytext; }
::= { return EEQUAL; }
---[^\n]*\n { ; }
+--[^\n]*\n { ++lineno; }
-?[0-9]+ { yylval.constant = atoi(yytext); return CONSTANT; }
[A-Za-z][-A-Za-z0-9_]* { yylval.name = strdup (yytext); return IDENTIFIER; }
[ \t] ;
-\n { lineno++; }
+\n { ++lineno; }
+\.\. { return DOTDOT; }
. { error_message("Ignoring char(%c)\n", *yytext); }
%%
@@ -91,12 +97,12 @@ yywrap ()
#endif
void
-error_message (char *format, ...)
+error_message (const char *format, ...)
{
va_list args;
va_start (args, format);
- fprintf (stderr, ":%d: ", lineno);
+ fprintf (stderr, "%s:%d: ", filename(), lineno);
vfprintf (stderr, format, args);
va_end (args);
}
diff --git a/crypto/heimdal/lib/asn1/parse.y b/crypto/heimdal/lib/asn1/parse.y
index f9e82b50fd49..4b8e590ae9da 100644
--- a/crypto/heimdal/lib/asn1/parse.y
+++ b/crypto/heimdal/lib/asn1/parse.y
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: parse.y,v 1.12 1999/12/02 17:05:02 joda Exp $ */
+/* $Id: parse.y,v 1.16 2000/07/08 11:35:47 assar Exp $ */
%{
#ifdef HAVE_CONFIG_H
@@ -44,11 +44,10 @@
#include "lex.h"
#include "gen_locl.h"
-RCSID("$Id: parse.y,v 1.12 1999/12/02 17:05:02 joda Exp $");
+RCSID("$Id: parse.y,v 1.16 2000/07/08 11:35:47 assar Exp $");
static Type *new_type (Typetype t);
void yyerror (char *);
-int yylex(void);
static void append (Member *l, Member *r);
@@ -63,6 +62,8 @@ static void append (Member *l, Member *r);
%token INTEGER SEQUENCE OF OCTET STRING GeneralizedTime GeneralString
%token BIT APPLICATION OPTIONAL EEQUAL TBEGIN END DEFINITIONS EXTERNAL
+%token DOTDOT
+%token IMPORTS FROM
%token <name> IDENTIFIER
%token <constant> CONSTANT
@@ -81,16 +82,24 @@ specification :
| specification declaration
;
-declaration : extern_decl
+declaration : imports_decl
| type_decl
| constant_decl
;
-extern_decl : IDENTIFIER EXTERNAL
+referencenames : IDENTIFIER ',' referencenames
{
Symbol *s = addsym($1);
s->stype = Stype;
}
+ | IDENTIFIER
+ {
+ Symbol *s = addsym($1);
+ s->stype = Stype;
+ }
+ ;
+
+imports_decl : IMPORTS referencenames FROM IDENTIFIER ';'
;
type_decl : IDENTIFIER EEQUAL type
@@ -112,6 +121,19 @@ constant_decl : IDENTIFIER type EEQUAL constant
;
type : INTEGER { $$ = new_type(TInteger); }
+ | INTEGER '(' constant DOTDOT constant ')' {
+ if($3 != 0)
+ error_message("Only 0 supported as low range");
+ if($5 != INT_MIN && $5 != UINT_MAX && $5 != INT_MAX)
+ error_message("Only %u supported as high range",
+ UINT_MAX);
+ $$ = new_type(TUInteger);
+ }
+ | INTEGER '{' bitdecls '}'
+ {
+ $$ = new_type(TInteger);
+ $$->members = $3;
+ }
| OCTET STRING { $$ = new_type(TOctetString); }
| GeneralString { $$ = new_type(TGeneralString); }
| GeneralizedTime { $$ = new_type(TGeneralizedTime); }
diff --git a/crypto/heimdal/lib/asn1/pkinit.asn1 b/crypto/heimdal/lib/asn1/pkinit.asn1
new file mode 100644
index 000000000000..92c5de75daac
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/pkinit.asn1
@@ -0,0 +1,189 @@
+PKINIT DEFINITIONS ::= BEGIN
+
+IMPORTS EncryptionKey, PrincipalName, Realm, KerberosTime, TypedData
+ FROM krb5;
+IMPORTS SignedData, EnvelopedData FROM CMS;
+IMPORTS CertificateSerialNumber, AttributeTypeAndValue, Name FROM X509;
+
+
+-- 3.1
+
+CertPrincipalName ::= SEQUENCE {
+ name-type[0] INTEGER,
+ name-string[1] SEQUENCE OF UTF8String
+}
+
+
+-- 3.2.2
+
+
+TrustedCertifiers ::= SEQUENCE OF PrincipalName
+ -- X.500 name encoded as a principal name
+ -- see Section 3.1
+CertificateIndex ::= INTEGER
+ -- 0 = 1st certificate,
+ -- (in order of encoding)
+ -- 1 = 2nd certificate, etc
+
+PA-PK-AS-REP ::= CHOICE {
+ -- PA TYPE 15
+ dhSignedData[0] SignedData,
+ -- Defined in CMS and used only with
+ -- Diffie-Hellman key exchange (if the
+ -- client public value was present in the
+ -- request).
+ -- This choice MUST be supported
+ -- by compliant implementations.
+ encKeyPack[1] EnvelopedData
+ -- Defined in CMS
+ -- The temporary key is encrypted
+ -- using the client public key
+ -- key
+ -- SignedReplyKeyPack, encrypted
+ -- with the temporary key, is also
+ -- included.
+}
+
+
+
+KdcDHKeyInfo ::= SEQUENCE {
+ -- used only when utilizing Diffie-Hellman
+ nonce[0] INTEGER,
+ -- binds responce to the request
+ subjectPublicKey[2] BIT STRING
+ -- Equals public exponent (g^a mod p)
+ -- INTEGER encoded as payload of
+ -- BIT STRING
+}
+
+ReplyKeyPack ::= SEQUENCE {
+ -- not used for Diffie-Hellman
+ replyKey[0] EncryptionKey,
+ -- used to encrypt main reply
+ -- ENCTYPE is at least as strong as
+ -- ENCTYPE of session key
+ nonce[1] INTEGER
+ -- binds response to the request
+ -- must be same as the nonce
+ -- passed in the PKAuthenticator
+}
+
+-- subjectAltName EXTENSION ::= {
+-- SYNTAX GeneralNames
+-- IDENTIFIED BY id-ce-subjectAltName
+-- }
+
+OtherName ::= SEQUENCE {
+ type-id OBJECT IDENTIFIER,
+ value[0] OCTET STRING
+-- value[0] EXPLICIT ANY DEFINED BY type-id
+}
+
+GeneralName ::= CHOICE {
+ otherName [0] OtherName,
+ ...
+}
+
+GeneralNames ::= SEQUENCE -- SIZE(1..MAX)
+ OF GeneralName
+
+KerberosName ::= SEQUENCE {
+ realm[0] Realm,
+ -- as defined in RFC 1510
+ principalName[1] CertPrincipalName
+ -- defined above
+}
+
+
+-- krb5 OBJECT IDENTIFIER ::= {
+-- iso (1) org (3) dod (6) internet (1) security (5) kerberosv5 (2)
+-- }
+
+-- krb5PrincipalName OBJECT IDENTIFIER ::= { krb5 2 }
+
+-- 3.2.1
+
+
+IssuerAndSerialNumber ::= SEQUENCE {
+ issuer Name,
+ serialNumber CertificateSerialNumber
+}
+
+TrustedCas ::= CHOICE {
+ principalName[0] KerberosName,
+ -- as defined below
+ caName[1] Name,
+ -- fully qualified X.500 name
+ -- as defined by X.509
+ issuerAndSerial[2] IssuerAndSerialNumber
+ -- Since a CA may have a number of
+ -- certificates, only one of which
+ -- a client trusts
+}
+
+PA-PK-AS-REQ ::= SEQUENCE {
+ -- PA TYPE 14
+ signedAuthPack[0] SignedData,
+ -- defined in CMS [11]
+ -- AuthPack (below) defines the data
+ -- that is signed
+ trustedCertifiers[1] SEQUENCE OF TrustedCas OPTIONAL,
+ -- CAs that the client trusts
+ kdcCert[2] IssuerAndSerialNumber OPTIONAL,
+ -- as defined in CMS [11]
+ -- specifies a particular KDC
+ -- certificate if the client
+ -- already has it;
+ encryptionCert[3] IssuerAndSerialNumber OPTIONAL
+ -- For example, this may be the
+ -- client's Diffie-Hellman
+ -- certificate, or it may be the
+ -- client's RSA encryption
+ -- certificate.
+}
+
+PKAuthenticator ::= SEQUENCE {
+ kdcName[0] PrincipalName,
+ kdcRealm[1] Realm,
+ cusec[2] INTEGER,
+ -- for replay prevention as in RFC1510
+ ctime[3] KerberosTime,
+ -- for replay prevention as in RFC1510
+ nonce[4] INTEGER
+}
+
+-- This is the real definition of AlgorithmIdentifier
+-- AlgorithmIdentifier ::= SEQUENCE {
+-- algorithm ALGORITHM.&id,
+-- parameters ALGORITHM.&Type
+-- } -- as specified by the X.509 recommendation[10]
+
+-- But we'll use this one instead:
+
+AlgorithmIdentifier ::= SEQUENCE {
+ algorithm OBJECT IDENTIFIER,
+ parameters CHOICE {
+ a INTEGER
+ }
+}
+
+
+
+SubjectPublicKeyInfo ::= SEQUENCE {
+ algorithm AlgorithmIdentifier,
+ -- dhKeyAgreement
+ subjectPublicKey BIT STRING
+ -- for DH, equals
+ -- public exponent (INTEGER encoded
+ -- as payload of BIT STRING)
+} -- as specified by the X.509 recommendation[10]
+
+AuthPack ::= SEQUENCE {
+ pkAuthenticator[0] PKAuthenticator,
+ clientPublicValue[1] SubjectPublicKeyInfo OPTIONAL
+ -- if client is using Diffie-Hellman
+ -- (ephemeral-ephemeral only)
+}
+
+
+END
diff --git a/crypto/heimdal/lib/asn1/rfc2459.asn1 b/crypto/heimdal/lib/asn1/rfc2459.asn1
new file mode 100644
index 000000000000..c9adec6093c6
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/rfc2459.asn1
@@ -0,0 +1,21 @@
+RFC2459 DEFINITIONS ::= BEGIN
+
+AttributeType ::= OBJECT-IDENTIFIER
+
+AttributeValue ::= OCTET STRING --ANY DEFINED BY AttributeType
+
+AttributeTypeAndValue ::= SEQUENCE {
+ type AttributeType,
+ value AttributeValue
+}
+
+RelativeDistinguishedName ::= --SET
+SEQUENCE OF AttributeTypeAndValue
+
+RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+
+Name ::= CHOICE { -- RFC2459
+ x RDNSequence
+}
+
+END \ No newline at end of file
diff --git a/crypto/heimdal/lib/asn1/x509.asn1 b/crypto/heimdal/lib/asn1/x509.asn1
new file mode 100644
index 000000000000..4a15844c8563
--- /dev/null
+++ b/crypto/heimdal/lib/asn1/x509.asn1
@@ -0,0 +1,23 @@
+X509 DEFINITIONS ::= BEGIN
+
+CertificateSerialNumber ::= INTEGER -- X.509 '97
+
+AttributeType ::= OBJECT-IDENTIFIER
+
+AttributeValue ::= OCTET STRING --ANY DEFINED BY AttributeType
+
+AttributeTypeAndValue ::= SEQUENCE {
+ type AttributeType,
+ value AttributeValue
+}
+
+RelativeDistinguishedName ::= --SET
+SEQUENCE OF AttributeTypeAndValue
+
+RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+
+Name ::= CHOICE { -- RFC2459
+ x RDNSequence
+}
+
+END \ No newline at end of file
diff --git a/crypto/heimdal/lib/auth/ChangeLog b/crypto/heimdal/lib/auth/ChangeLog
index 9b1ebaf33527..79d39e9b3d3f 100644
--- a/crypto/heimdal/lib/auth/ChangeLog
+++ b/crypto/heimdal/lib/auth/ChangeLog
@@ -1,3 +1,30 @@
+2001-01-29 Assar Westerlund <assar@sics.se>
+
+ * sia/Makefile.am (libsia_krb5.so): actually run ld in the case
+ shared library case
+
+2000-12-31 Assar Westerlund <assar@sics.se>
+
+ * sia/sia.c (siad_ses_init): handle krb5_init_context failure
+ consistently
+ * afskauthlib/verify.c (verify_krb5): handle krb5_init_context
+ failure consistently
+
+2000-11-30 Johan Danielsson <joda@pdc.kth.se>
+
+ * afskauthlib/Makefile.am: use libtool
+
+ * afskauthlib/Makefile.am: work with krb4 only
+
+2000-07-30 Johan Danielsson <joda@pdc.kth.se>
+
+ * sia/Makefile.am: don't compress library, since 5.0 seems to have
+ a problem with this
+
+2000-07-02 Assar Westerlund <assar@sics.se>
+
+ * afskauthlib/verify.c: fixes for pag setting
+
1999-12-30 Assar Westerlund <assar@sics.se>
* sia/Makefile.am: try to link with shared libraries if we don't
@@ -29,6 +56,10 @@
* afskauthlib/verify.c (verify_krb5): remove krb5_kuserok. use
krb5_verify_user_lrealm
+1999-08-27 Johan Danielsson <joda@pdc.kth.se>
+
+ * pam/Makefile.in: link with res_search/dn_expand libraries
+
1999-08-11 Johan Danielsson <joda@pdc.kth.se>
* afskauthlib/verify.c: make this compile w/o krb4
diff --git a/crypto/heimdal/lib/auth/Makefile.in b/crypto/heimdal/lib/auth/Makefile.in
index aab069e54158..95673acf1cef 100644
--- a/crypto/heimdal/lib/auth/Makefile.in
+++ b/crypto/heimdal/lib/auth/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,29 +170,26 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
SUBDIRS = @LIB_AUTH_SUBDIRS@
DIST_SUBDIRS = afskauthlib pam sia
+subdir = lib/auth
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -182,13 +197,14 @@ CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES =
+depcomp =
DIST_COMMON = ChangeLog Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
all: all-redirect
.SUFFIXES:
@@ -208,8 +224,6 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
# (which will cause the Makefiles to be regenerated when you run `make');
# (2) otherwise, pass the desired values on the `make' command line.
-@SET_MAKE@
-
all-recursive install-data-recursive install-exec-recursive \
installdirs-recursive install-recursive uninstall-recursive \
check-recursive installcheck-recursive info-recursive dvi-recursive:
@@ -237,7 +251,7 @@ maintainer-clean-recursive:
dot_seen=no; \
rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \
rev="$$subdir $$rev"; \
- test "$$subdir" = "." && dot_seen=yes; \
+ if test "$$subdir" = "."; then dot_seen=yes; else :; fi; \
done; \
test "$$dot_seen" = "no" && rev=". $$rev"; \
target=`echo $@ | sed s/-recursive//`; \
@@ -258,15 +272,17 @@ tags-recursive:
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
list='$(SUBDIRS)'; for subdir in $$list; do \
@@ -274,12 +290,14 @@ TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \
fi; \
done; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -292,17 +310,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/auth
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
for subdir in $(DIST_SUBDIRS); do \
@@ -310,7 +327,6 @@ distdir: $(DISTFILES)
test -d $(distdir)/$$subdir \
|| mkdir $(distdir)/$$subdir \
|| exit 1; \
- chmod 777 $(distdir)/$$subdir; \
(cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \
|| exit 1; \
fi; \
@@ -341,7 +357,7 @@ uninstall: uninstall-recursive
all-am: Makefile all-local
all-redirect: all-recursive
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs: installdirs-recursive
installdirs-am:
@@ -355,6 +371,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-tags mostlyclean-generic
mostlyclean: mostlyclean-recursive
@@ -375,19 +392,19 @@ maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \
maintainer-clean: maintainer-clean-recursive
-.PHONY: install-data-recursive uninstall-data-recursive \
-install-exec-recursive uninstall-exec-recursive installdirs-recursive \
-uninstalldirs-recursive all-recursive check-recursive \
-installcheck-recursive info-recursive dvi-recursive \
-mostlyclean-recursive distclean-recursive clean-recursive \
+.PHONY: install-recursive uninstall-recursive install-data-recursive \
+uninstall-data-recursive install-exec-recursive \
+uninstall-exec-recursive installdirs-recursive uninstalldirs-recursive \
+all-recursive check-recursive installcheck-recursive info-recursive \
+dvi-recursive mostlyclean-recursive distclean-recursive clean-recursive \
maintainer-clean-recursive tags tags-recursive mostlyclean-tags \
distclean-tags clean-tags maintainer-clean-tags distdir info-am info \
dvi-am dvi check-local check check-am installcheck-am installcheck \
install-exec-am install-exec install-data-local install-data-am \
install-data install-am install uninstall-am uninstall all-local \
-all-redirect all-am all installdirs-am installdirs mostlyclean-generic \
-distclean-generic clean-generic maintainer-clean-generic clean \
-mostlyclean distclean maintainer-clean
+all-redirect all-am all install-strip installdirs-am installdirs \
+mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
install-suid-programs:
@@ -395,7 +412,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -407,8 +427,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -477,87 +497,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am
index 7dd6d5283fe9..d3e771c1dadf 100644
--- a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am
+++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $
+# $Id: Makefile.am,v 1.5 2000/11/30 01:39:09 joda Exp $
include $(top_srcdir)/Makefile.am.common
@@ -17,22 +17,33 @@ OBJS = verify.o
CLEANFILES = $(foo_DATA) $(OBJS) so_locations
afskauthlib.so: $(OBJS)
- $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L)
+ $(LINK) -shared $(OBJS) $(L)
.c.o:
$(COMPILE) -c $<
if KRB4
-KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a
+KAFS = $(top_builddir)/lib/kafs/libkafs.la
endif
+if KRB5
L = \
$(KAFS) \
- $(top_builddir)/lib/krb5/.libs/libkrb5.a \
- $(top_builddir)/lib/asn1/.libs/libasn1.a \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la \
$(LIB_krb4) \
- $(top_builddir)/lib/des/.libs/libdes.a \
- $(top_builddir)/lib/roken/.libs/libroken.a \
+ $(top_builddir)/lib/des/libdes.la \
+ $(top_builddir)/lib/roken/libroken.la \
-lc
+else
+
+L = \
+ $(KAFS) \
+ $(LIB_krb4) \
+ $(top_builddir)/lib/des/libdes.la \
+ $(top_builddir)/lib/roken/libroken.la \
+ -lc
+endif
+
$(OBJS): $(top_builddir)/include/config.h
diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in
index d3a404172cf2..7ba1c6e822a1 100644
--- a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in
+++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.5 2000/11/30 01:39:09 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o
-INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4)
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
@@ -183,10 +197,23 @@ OBJS = verify.o
CLEANFILES = $(foo_DATA) $(OBJS) so_locations
-@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a
-
-L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/roken/.libs/libroken.a -lc
-
+@KRB4_TRUE@KAFS = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la
+
+@KRB5_TRUE@L = @KRB5_TRUE@\
+@KRB5_TRUE@ $(KAFS) \
+@KRB5_TRUE@ $(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la \
+@KRB5_TRUE@ $(LIB_krb4) \
+@KRB5_TRUE@ $(top_builddir)/lib/des/libdes.la \
+@KRB5_TRUE@ $(top_builddir)/lib/roken/libroken.la \
+@KRB5_TRUE@ -lc
+@KRB5_FALSE@L = @KRB5_FALSE@\
+@KRB5_FALSE@ $(KAFS) \
+@KRB5_FALSE@ $(LIB_krb4) \
+@KRB5_FALSE@ $(top_builddir)/lib/des/libdes.la \
+@KRB5_FALSE@ $(top_builddir)/lib/roken/libroken.la \
+@KRB5_FALSE@ -lc
+subdir = lib/auth/afskauthlib
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../../include/config.h
CONFIG_CLEAN_FILES =
@@ -194,15 +221,16 @@ CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES =
DATA = $(foo_DATA)
+depcomp =
DIST_COMMON = Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
all: all-redirect
.SUFFIXES:
@@ -219,19 +247,18 @@ install-fooDATA: $(foo_DATA)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(foodir)
@list='$(foo_DATA)'; for p in $$list; do \
- if test -f $(srcdir)/$$p; then \
- echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \
- $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \
- else if test -f $$p; then \
- echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \
- $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \
- fi; fi; \
+ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f; \
done
uninstall-fooDATA:
@$(NORMAL_UNINSTALL)
- list='$(foo_DATA)'; for p in $$list; do \
- rm -f $(DESTDIR)$(foodir)/$$p; \
+ @list='$(foo_DATA)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(foodir)/$$f"; \
+ rm -f $(DESTDIR)$(foodir)/$$f; \
done
tags: TAGS
TAGS:
@@ -239,17 +266,16 @@ TAGS:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/auth/afskauthlib
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -278,7 +304,7 @@ uninstall: uninstall-am
all-am: Makefile $(DATA) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(foodir)
@@ -293,6 +319,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-generic
mostlyclean: mostlyclean-am
@@ -316,7 +343,7 @@ maintainer-clean: maintainer-clean-am
dvi-am dvi check-local check check-am installcheck-am installcheck \
install-exec-am install-exec install-data-local install-data-am \
install-data install-am install uninstall-am uninstall all-local \
-all-redirect all-am all installdirs mostlyclean-generic \
+all-redirect all-am all install-strip installdirs mostlyclean-generic \
distclean-generic clean-generic maintainer-clean-generic clean \
mostlyclean distclean maintainer-clean
@@ -326,7 +353,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -338,8 +368,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -408,87 +438,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
@@ -526,7 +477,7 @@ check-local::
fi
afskauthlib.so: $(OBJS)
- $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L)
+ $(LINK) -shared $(OBJS) $(L)
.c.o:
$(COMPILE) -c $<
diff --git a/crypto/heimdal/lib/auth/afskauthlib/verify.c b/crypto/heimdal/lib/auth/afskauthlib/verify.c
index 1c23119f9fc7..e0e31b62c992 100644
--- a/crypto/heimdal/lib/auth/afskauthlib/verify.c
+++ b/crypto/heimdal/lib/auth/afskauthlib/verify.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: verify.c,v 1.20 1999/12/02 16:58:37 joda Exp $");
+RCSID("$Id: verify.c,v 1.24 2000/12/31 07:57:08 assar Exp $");
#endif
#include <unistd.h>
#include <sys/types.h>
@@ -123,7 +123,11 @@ verify_krb5(struct passwd *pwd,
krb5_ccache ccache;
krb5_principal principal;
- krb5_init_context(&context);
+ ret = krb5_init_context(&context);
+ if (ret) {
+ syslog(LOG_AUTH|LOG_DEBUG, "krb5_init_context failed: %d", ret);
+ goto out;
+ }
ret = krb5_parse_name (context, pwd->pw_name, &principal);
if (ret) {
@@ -193,9 +197,11 @@ verify_krb5(struct passwd *pwd,
if (!pag_set && k_hasafs()) {
k_setpag();
pag_set = 1;
+ }
+
+ if (pag_set)
krb5_afslog_uid_home(context, ccache, NULL, NULL,
pwd->pw_uid, pwd->pw_dir);
- }
#endif
out:
if(ret && !quiet)
@@ -222,8 +228,9 @@ verify_krb4(struct passwd *pwd,
if (!pag_set && k_hasafs()) {
k_setpag ();
pag_set = 1;
+ }
+ if (pag_set)
krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir);
- }
} else if (!quiet)
printf ("%s\n", krb_get_err_text (ret));
}
@@ -242,6 +249,12 @@ afs_verify(char *name,
if(pwd == NULL)
return 1;
+
+ if (!pag_set && k_hasafs()) {
+ k_setpag();
+ pag_set=1;
+ }
+
if (ret)
ret = unix_verify_user (name, password);
#ifdef KRB5
@@ -277,10 +290,10 @@ afs_gettktstring (void)
}
}
#ifdef KRB5
- setenv("KRB5CCNAME",krb5ccname,1);
+ esetenv("KRB5CCNAME",krb5ccname,1);
#endif
#ifdef KRB4
- setenv("KRBTKFILE",krbtkfile,1);
+ esetenv("KRBTKFILE",krbtkfile,1);
return krbtkfile;
#else
return "";
diff --git a/crypto/heimdal/lib/auth/pam/Makefile.in b/crypto/heimdal/lib/auth/pam/Makefile.in
index 37f8d22f1dd3..87759deb8d8b 100644
--- a/crypto/heimdal/lib/auth/pam/Makefile.in
+++ b/crypto/heimdal/lib/auth/pam/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,26 +170,23 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
+subdir = lib/auth/pam
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../../include/config.h
CONFIG_CLEAN_FILES =
@@ -179,13 +194,14 @@ CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES =
+depcomp =
DIST_COMMON = Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
all: all-redirect
.SUFFIXES:
@@ -203,17 +219,16 @@ TAGS:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/auth/pam
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -242,7 +257,7 @@ uninstall: uninstall-am
all-am: Makefile all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
@@ -255,6 +270,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-generic
mostlyclean: mostlyclean-am
@@ -277,8 +293,8 @@ maintainer-clean: maintainer-clean-am
.PHONY: tags distdir info-am info dvi-am dvi check-local check check-am \
installcheck-am installcheck install-exec-am install-exec \
install-data-local install-data-am install-data install-am install \
-uninstall-am uninstall all-local all-redirect all-am all installdirs \
-mostlyclean-generic distclean-generic clean-generic \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
+installdirs mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
@@ -287,7 +303,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -299,8 +318,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -369,87 +388,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c
index 1a385e0cf103..c207756898c1 100644
--- a/crypto/heimdal/lib/auth/pam/pam.c
+++ b/crypto/heimdal/lib/auth/pam/pam.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include<config.h>
-RCSID("$Id: pam.c,v 1.24 2000/02/18 14:33:06 bg Exp $");
+RCSID("$Id: pam.c,v 1.26 2000/10/04 20:22:15 bg Exp $");
#endif
#include <stdio.h>
@@ -60,12 +60,12 @@ RCSID("$Id: pam.c,v 1.24 2000/02/18 14:33:06 bg Exp $");
#endif
static void
-log_error(int level, const char *format, ...)
+psyslog(int level, const char *format, ...)
{
va_list args;
va_start(args, format);
openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH);
- vsyslog(level | LOG_AUTH, format, args);
+ vsyslog(level, format, args);
va_end(args);
closelog();
}
@@ -115,7 +115,7 @@ parse_ctrl(int argc, const char **argv)
break;
if (j >= KRB4_CTRLS)
- log_error(LOG_ALERT, "unrecognized option [%s]", *argv);
+ psyslog(LOG_ALERT, "unrecognized option [%s]", *argv);
else
ctrl_flags |= krb4_args[j].flag;
}
@@ -128,13 +128,13 @@ pdeb(const char *format, ...)
if (ctrl_off(KRB4_DEBUG))
return;
va_start(args, format);
- openlog("pam_krb4", LOG_PID, LOG_AUTH);
- vsyslog(LOG_DEBUG | LOG_AUTH, format, args);
+ openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH);
+ vsyslog(LOG_DEBUG, format, args);
va_end(args);
closelog();
}
-#define ENTRY(f) pdeb("%s() ruid = %d euid = %d", f, getuid(), geteuid())
+#define ENTRY(func) pdeb("%s() flags = %d ruid = %d euid = %d", func, flags, getuid(), geteuid())
static void
set_tkt_string(uid_t uid)
@@ -182,9 +182,14 @@ verify_pass(pam_handle_t *pamh,
old_euid = geteuid();
setreuid(0, 0);
ret = krb_verify_user(name, inst, realm, pass, krb_verify, NULL);
- if (setreuid(old_ruid, old_euid) != 0)
+ pdeb("krb_verify_user(`%s', `%s', `%s', pw, %d, NULL) returns %s",
+ name, inst, realm, krb_verify,
+ krb_get_err_text(ret));
+ setreuid(old_ruid, old_euid);
+ if (getuid() != old_ruid || geteuid() != old_euid)
{
- log_error(LOG_ALERT , "setreuid(%d, %d) failed", old_ruid, old_euid);
+ psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d",
+ old_ruid, old_euid, __LINE__);
exit(1);
}
@@ -220,7 +225,7 @@ krb4_auth(pam_handle_t *pamh,
ret = pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass);
if (ret != PAM_SUCCESS)
{
- log_error(LOG_ERR , "pam_get_item returned error to get-password");
+ psyslog(LOG_ERR , "pam_get_item returned error to get-password");
return ret;
}
else if (pass != 0 && verify_pass(pamh, name, inst, pass) == PAM_SUCCESS)
@@ -271,6 +276,8 @@ pam_sm_authenticate(pam_handle_t *pamh,
struct passwd *pw;
uid_t uid = -1;
const char *name, *inst;
+ char realm[REALM_SZ];
+ realm[0] = 0;
parse_ctrl(argc, argv);
ENTRY("pam_sm_authenticate");
@@ -316,11 +323,9 @@ pam_sm_authenticate(pam_handle_t *pamh,
*/
if (ret == PAM_SUCCESS && inst[0] != 0)
{
- char realm[REALM_SZ];
uid_t old_euid = geteuid();
uid_t old_ruid = getuid();
- realm[0] = 0;
setreuid(0, 0); /* To read ticket file. */
if (krb_get_tf_fullname(tkt_string(), 0, 0, realm) != KSUCCESS)
ret = PAM_SERVICE_ERR;
@@ -334,28 +339,44 @@ pam_sm_authenticate(pam_handle_t *pamh,
if (ret != PAM_SUCCESS)
{
dest_tkt(); /* Passwd known, ok to kill ticket. */
- log_error(LOG_NOTICE,
- "%s.%s@%s is not allowed to log in as %s",
- name, inst, realm, user);
+ psyslog(LOG_NOTICE,
+ "%s.%s@%s is not allowed to log in as %s",
+ name, inst, realm, user);
}
- if (setreuid(old_ruid, old_euid) != 0)
+ setreuid(old_ruid, old_euid);
+ if (getuid() != old_ruid || geteuid() != old_euid)
{
- log_error(LOG_ALERT , "setreuid(%d, %d) failed", old_ruid, old_euid);
+ psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d",
+ old_ruid, old_euid, __LINE__);
exit(1);
}
}
if (ret == PAM_SUCCESS)
- chown(tkt_string(), uid, -1);
-
- /* Sun dtlogin unlock screen does not call any other pam_* funcs. */
- if (ret == PAM_SUCCESS
- && ctrl_on(KRB4_REAFSLOG)
- && k_hasafs()
- && (pw = getpwnam(user)) != 0)
- krb_afslog_uid_home(/*cell*/ 0,/*realm_hint*/ 0, pw->pw_uid, pw->pw_dir);
+ {
+ psyslog(LOG_INFO,
+ "%s.%s@%s authenticated as user %s",
+ name, inst, realm, user);
+ if (chown(tkt_string(), uid, -1) == -1)
+ {
+ dest_tkt();
+ psyslog(LOG_ALERT , "chown(%s, %d, -1) failed", tkt_string(), uid);
+ exit(1);
+ }
+ }
+ /*
+ * Kludge alert!!! Sun dtlogin unlock screen fails to call
+ * pam_setcred(3) with PAM_REFRESH_CRED after a successful
+ * authentication attempt, sic.
+ *
+ * This hack is designed as a workaround to that problem.
+ */
+ if (ctrl_on(KRB4_REAFSLOG))
+ if (ret == PAM_SUCCESS)
+ pam_sm_setcred(pamh, PAM_REFRESH_CRED, argc, argv);
+
return ret;
}
@@ -364,14 +385,13 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
parse_ctrl(argc, argv);
ENTRY("pam_sm_setcred");
- pdeb("flags = 0x%x", flags);
switch (flags & ~PAM_SILENT) {
case 0:
case PAM_ESTABLISH_CRED:
if (k_hasafs())
k_setpag();
- /* Fill PAG with credentials below. */
+ /* Fall through, fill PAG with credentials below. */
case PAM_REINITIALIZE_CRED:
case PAM_REFRESH_CRED:
if (k_hasafs())
@@ -393,7 +413,7 @@ pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
k_unlog();
break;
default:
- log_error(LOG_ALERT , "pam_sm_setcred: unknown flags 0x%x", flags);
+ psyslog(LOG_ALERT , "pam_sm_setcred: unknown flags 0x%x", flags);
break;
}
@@ -417,9 +437,7 @@ pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char**argv)
ENTRY("pam_sm_close_session");
/* This isn't really kosher, but it's handy. */
- dest_tkt();
- if (k_hasafs())
- k_unlog();
+ pam_sm_setcred(pamh, PAM_DELETE_CRED, argc, argv);
return PAM_SUCCESS;
}
diff --git a/crypto/heimdal/lib/auth/pam/pam.conf.add b/crypto/heimdal/lib/auth/pam/pam.conf.add
index 64a4915dbf48..7db3e3d85a30 100644
--- a/crypto/heimdal/lib/auth/pam/pam.conf.add
+++ b/crypto/heimdal/lib/auth/pam/pam.conf.add
@@ -32,36 +32,52 @@ To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch:
#
# Password management
---------------------------------------------------------------------------
-To enable PAM in /bin/login and xdm under Red Hat 6.1 apply these patches:
+To enable PAM in /bin/login and xdm under Red Hat 6.? apply these patches:
---- /etc/pam.d/login~ Thu Jul 8 00:14:02 1999
-+++ /etc/pam.d/login Mon Aug 30 14:33:12 1999
+--- /etc/pam.d/login~ Tue Dec 7 12:01:35 1999
++++ /etc/pam.d/login Wed May 31 16:27:55 2000
@@ -1,9 +1,12 @@
#%PAM-1.0
+# Updated to work with kerberos
-+auth sufficient /lib/security/pam_krb4.so
- auth required /lib/security/pam_securetty.so
- auth required /lib/security/pam_pwdb.so shadow nullok
- auth required /lib/security/pam_nologin.so
- account required /lib/security/pam_pwdb.so
- password required /lib/security/pam_cracklib.so
- password required /lib/security/pam_pwdb.so nullok use_authtok shadow
-+session required /lib/security/pam_krb4.so
- session required /lib/security/pam_pwdb.so
- session optional /lib/security/pam_console.so
---- /etc/pam.d/xdm~ Mon Jun 14 17:39:05 1999
-+++ /etc/pam.d/xdm Mon Aug 30 14:54:51 1999
-@@ -1,8 +1,10 @@
++auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1
+ auth required /lib/security/pam_securetty.so
+ auth required /lib/security/pam_pwdb.so shadow nullok
+ auth required /lib/security/pam_nologin.so
+ account required /lib/security/pam_pwdb.so
+ password required /lib/security/pam_cracklib.so
+ password required /lib/security/pam_pwdb.so nullok use_authtok md5 shadow
++session required /usr/athena/lib/pam_krb4.so.1.0.1
+ session required /lib/security/pam_pwdb.so
+ session optional /lib/security/pam_console.so
+--- /etc/pam.d/xdm~ Wed May 31 16:33:54 2000
++++ /etc/pam.d/xdm Wed May 31 16:28:29 2000
+@@ -1,8 +1,11 @@
#%PAM-1.0
-+auth sufficient /lib/security/pam_krb4.so
- auth required /lib/security/pam_pwdb.so shadow nullok
- auth required /lib/security/pam_nologin.so
- account required /lib/security/pam_pwdb.so
- password required /lib/security/pam_cracklib.so
- password required /lib/security/pam_pwdb.so shadow nullok use_authtok
-+session required /lib/security/pam_krb4.so
- session required /lib/security/pam_pwdb.so
++# Updated to work with kerberos
++auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1
+ auth required /lib/security/pam_pwdb.so shadow nullok
+ auth required /lib/security/pam_nologin.so
+ account required /lib/security/pam_pwdb.so
+ password required /lib/security/pam_cracklib.so
+ password required /lib/security/pam_pwdb.so shadow nullok use_authtok
++session required /usr/athena/lib/pam_krb4.so.1.0.1
+ session required /lib/security/pam_pwdb.so
session optional /lib/security/pam_console.so
+--- /etc/pam.d/gdm~ Wed May 31 16:33:54 2000
++++ /etc/pam.d/gdm Wed May 31 16:34:28 2000
+@@ -1,8 +1,11 @@
+ #%PAM-1.0
++# Updated to work with kerberos
++auth sufficient /usr/athena/lib/pam_krb4.so.1.0.1
+ auth required /lib/security/pam_pwdb.so shadow nullok
+ auth required /lib/security/pam_nologin.so
+ account required /lib/security/pam_pwdb.so
+ password required /lib/security/pam_cracklib.so
+ password required /lib/security/pam_pwdb.so shadow nullok use_authtok
++session required /usr/athena/lib/pam_krb4.so.1.0.1
+ session required /lib/security/pam_pwdb.so
+ session optional /lib/security/pam_console.so
+
--------------------------------------------------------------------------
This stuff may work under some other system.
diff --git a/crypto/heimdal/lib/auth/sia/Makefile.am b/crypto/heimdal/lib/auth/sia/Makefile.am
index efba5c028f7f..276da1541ecb 100644
--- a/crypto/heimdal/lib/auth/sia/Makefile.am
+++ b/crypto/heimdal/lib/auth/sia/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $
+# $Id: Makefile.am,v 1.8 2001/01/29 22:38:36 assar Exp $
include $(top_srcdir)/Makefile.am.common
@@ -17,6 +17,7 @@ KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a
KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so
endif
+if KRB5
L = \
$(KAFS) \
$(top_builddir)/lib/krb5/.libs/libkrb5.a \
@@ -39,26 +40,69 @@ L_shared = \
$(LIB_getpwnam_r) \
-lc
-EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch
+MOD = libsia_krb5.so
+
+else
+
+L = \
+ $(KAFS) \
+ $(top_builddir)/lib/kadm/.libs/libkadm.a \
+ $(top_builddir)/lib/krb/.libs/libkrb.a \
+ $(top_builddir)/lib/des/.libs/libdes.a \
+ $(top_builddir)/lib/com_err/.libs/libcom_err.a \
+ $(top_builddir)/lib/roken/.libs/libroken.a \
+ $(LIB_getpwnam_r) \
+ -lc
+
+L_shared = \
+ $(KAFS_S) \
+ $(top_builddir)/lib/kadm/.libs/libkadm.so \
+ $(top_builddir)/lib/krb/.libs/libkrb.so \
+ $(top_builddir)/lib/des/.libs/libdes.so \
+ $(top_builddir)/lib/com_err/.libs/libcom_err.so \
+ $(top_builddir)/lib/roken/.libs/libroken.so \
+ $(LIB_getpwnam_r) \
+ -lc
+
+MOD = libsia_krb4.so
+
+endif
+
+EXTRA_DIST = sia.c krb4_matrix.conf krb4+c2_matrix.conf \
+ krb5_matrix.conf krb5+c2_matrix.conf security.patch
foodir = $(libdir)
-foo_DATA = libsia_krb5.so
+foo_DATA = $(MOD)
LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\*
OBJS = sia.o posix_getpw.o
libsia_krb5.so: $(OBJS)
- if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \
+ @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
else \
echo "missing libraries"; exit 1; \
fi
ostrip -x -z $@
-CLEANFILES = libsia_krb5.so $(OBJS) so_locations
+libsia_krb4.so: $(OBJS)
+ @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
+ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
+ elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
+ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
+ else \
+ echo "missing libraries"; exit 1; \
+ fi
+ ostrip -x $@
+
+CLEANFILES = $(MOD) $(OBJS) so_locations
SUFFIXES += .c .o
diff --git a/crypto/heimdal/lib/auth/sia/Makefile.in b/crypto/heimdal/lib/auth/sia/Makefile.in
index fb36b4ec8282..a93d31f86667 100644
--- a/crypto/heimdal/lib/auth/sia/Makefile.in
+++ b/crypto/heimdal/lib/auth/sia/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,30 +95,42 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.8 2001/01/29 22:38:36 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o
-INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4)
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -135,6 +150,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -143,6 +159,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -151,24 +169,20 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
@@ -176,25 +190,65 @@ WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT)
DEFS = @DEFS@
-@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a
-@KRB4_TRUE@KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so
-
-L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/com_err/.libs/libcom_err.a $(top_builddir)/lib/roken/.libs/libroken.a $(LIB_getpwnam_r) -lc
-
+@KRB4_TRUE@KAFS = @KRB4_TRUE@$(top_builddir)/lib/kafs/.libs/libkafs.a
+@KRB4_TRUE@KAFS_S = @KRB4_TRUE@$(top_builddir)/lib/kafs/.libs/libkafs.so
+
+@KRB5_TRUE@L = @KRB5_TRUE@\
+@KRB5_TRUE@ $(KAFS) \
+@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.a \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.a \
+@KRB5_TRUE@ $(LIB_krb4) \
+@KRB5_TRUE@ $(top_builddir)/lib/des/.libs/libdes.a \
+@KRB5_TRUE@ $(top_builddir)/lib/com_err/.libs/libcom_err.a \
+@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.a \
+@KRB5_TRUE@ $(LIB_getpwnam_r) \
+@KRB5_TRUE@ -lc
+@KRB5_FALSE@L = @KRB5_FALSE@\
+@KRB5_FALSE@ $(KAFS) \
+@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.a \
+@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.a \
+@KRB5_FALSE@ $(top_builddir)/lib/des/.libs/libdes.a \
+@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.a \
+@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.a \
+@KRB5_FALSE@ $(LIB_getpwnam_r) \
+@KRB5_FALSE@ -lc
+
+@KRB5_TRUE@L_shared = @KRB5_TRUE@\
+@KRB5_TRUE@ $(KAFS_S) \
+@KRB5_TRUE@ $(top_builddir)/lib/krb5/.libs/libkrb5.so \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/.libs/libasn1.so \
+@KRB5_TRUE@ $(LIB_krb4) \
+@KRB5_TRUE@ $(top_builddir)/lib/des/.libs/libdes.so \
+@KRB5_TRUE@ $(top_builddir)/lib/com_err/.libs/libcom_err.so \
+@KRB5_TRUE@ $(top_builddir)/lib/roken/.libs/libroken.so \
+@KRB5_TRUE@ $(LIB_getpwnam_r) \
+@KRB5_TRUE@ -lc
+@KRB5_FALSE@L_shared = @KRB5_FALSE@\
+@KRB5_FALSE@ $(KAFS_S) \
+@KRB5_FALSE@ $(top_builddir)/lib/kadm/.libs/libkadm.so \
+@KRB5_FALSE@ $(top_builddir)/lib/krb/.libs/libkrb.so \
+@KRB5_FALSE@ $(top_builddir)/lib/des/.libs/libdes.so \
+@KRB5_FALSE@ $(top_builddir)/lib/com_err/.libs/libcom_err.so \
+@KRB5_FALSE@ $(top_builddir)/lib/roken/.libs/libroken.so \
+@KRB5_FALSE@ $(LIB_getpwnam_r) \
+@KRB5_FALSE@ -lc
+
+@KRB5_TRUE@MOD = @KRB5_TRUE@libsia_krb5.so
+@KRB5_FALSE@MOD = @KRB5_FALSE@libsia_krb4.so
+
+EXTRA_DIST = sia.c krb4_matrix.conf krb4+c2_matrix.conf \
+ krb5_matrix.conf krb5+c2_matrix.conf security.patch
-L_shared = $(KAFS_S) $(top_builddir)/lib/krb5/.libs/libkrb5.so $(top_builddir)/lib/asn1/.libs/libasn1.so $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.so $(top_builddir)/lib/com_err/.libs/libcom_err.so $(top_builddir)/lib/roken/.libs/libroken.so $(LIB_getpwnam_r) -lc
-
-
-EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch
foodir = $(libdir)
-foo_DATA = libsia_krb5.so
+foo_DATA = $(MOD)
LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\*
OBJS = sia.o posix_getpw.o
-CLEANFILES = libsia_krb5.so $(OBJS) so_locations
+CLEANFILES = $(MOD) $(OBJS) so_locations
+subdir = lib/auth/sia
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../../include/config.h
CONFIG_CLEAN_FILES =
@@ -202,15 +256,16 @@ CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES =
DATA = $(foo_DATA)
+depcomp =
DIST_COMMON = Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
all: all-redirect
.SUFFIXES:
@@ -227,19 +282,18 @@ install-fooDATA: $(foo_DATA)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(foodir)
@list='$(foo_DATA)'; for p in $$list; do \
- if test -f $(srcdir)/$$p; then \
- echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \
- $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \
- else if test -f $$p; then \
- echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \
- $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \
- fi; fi; \
+ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f; \
done
uninstall-fooDATA:
@$(NORMAL_UNINSTALL)
- list='$(foo_DATA)'; for p in $$list; do \
- rm -f $(DESTDIR)$(foodir)/$$p; \
+ @list='$(foo_DATA)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(foodir)/$$f"; \
+ rm -f $(DESTDIR)$(foodir)/$$f; \
done
tags: TAGS
TAGS:
@@ -247,17 +301,16 @@ TAGS:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/auth/sia
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -286,7 +339,7 @@ uninstall: uninstall-am
all-am: Makefile $(DATA) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(foodir)
@@ -301,6 +354,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-generic
mostlyclean: mostlyclean-am
@@ -324,7 +378,7 @@ maintainer-clean: maintainer-clean-am
dvi-am dvi check-local check check-am installcheck-am installcheck \
install-exec-am install-exec install-data-local install-data-am \
install-data install-am install uninstall-am uninstall all-local \
-all-redirect all-am all installdirs mostlyclean-generic \
+all-redirect all-am all install-strip installdirs mostlyclean-generic \
distclean-generic clean-generic maintainer-clean-generic clean \
mostlyclean distclean maintainer-clean
@@ -334,7 +388,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -346,8 +403,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -416,87 +473,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
@@ -534,15 +512,29 @@ check-local::
fi
libsia_krb5.so: $(OBJS)
- if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \
+ @if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
else \
echo "missing libraries"; exit 1; \
fi
ostrip -x -z $@
+libsia_krb4.so: $(OBJS)
+ @if test -f $(top_builddir)/lib/krb/.libs/libkrb.a; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L)"; \
+ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \
+ elif test -f $(top_builddir)/lib/krb/.libs/libkrb.so; then \
+ echo "ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared)"; \
+ ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \
+ else \
+ echo "missing libraries"; exit 1; \
+ fi
+ ostrip -x $@
+
.c.o:
$(COMPILE) -c $<
diff --git a/crypto/heimdal/lib/auth/sia/sia.c b/crypto/heimdal/lib/auth/sia/sia.c
index 01e2ac005037..08945910ae5e 100644
--- a/crypto/heimdal/lib/auth/sia/sia.c
+++ b/crypto/heimdal/lib/auth/sia/sia.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "sia_locl.h"
-RCSID("$Id: sia.c,v 1.33 1999/12/20 09:46:44 joda Exp $");
+RCSID("$Id: sia.c,v 1.34 2000/12/31 07:57:46 assar Exp $");
int
siad_init(void)
@@ -51,13 +51,17 @@ siad_chk_invoker(void)
int
siad_ses_init(SIAENTITY *entity, int pkgind)
{
+ krb5_error_code ret;
struct state *s = malloc(sizeof(*s));
+
SIA_DEBUG(("DEBUG", "siad_ses_init"));
if(s == NULL)
return SIADFAIL;
memset(s, 0, sizeof(*s));
#ifdef SIA_KRB5
- krb5_init_context(&s->context);
+ ret = krb5_init_context(&s->context);
+ if (ret)
+ return SIADFAIL;
#endif
entity->mech[pkgind] = (int*)s;
return SIADSUCCESS;
diff --git a/crypto/heimdal/lib/com_err/ChangeLog b/crypto/heimdal/lib/com_err/ChangeLog
new file mode 100644
index 000000000000..1ca005bce825
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/ChangeLog
@@ -0,0 +1,127 @@
+2000-08-16 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: bump version to 1:1:0
+
+2000-07-31 Assar Westerlund <assar@sics.se>
+
+ * com_right.h (initialize_error_table_r): fix prototype
+
+2000-04-05 Assar Westerlund <assar@sics.se>
+
+ * com_err.c (_et_lit): explicitly initialize it to NULL to make
+ dyld on Darwin/MacOS X happy
+
+2000-01-16 Assar Westerlund <assar@sics.se>
+
+ * com_err.h: remove __P definition (now in com_right.h). this
+ file always includes com_right.h so that's where it should reside.
+ * com_right.h: moved __P here and added it to the function
+ prototypes
+ * com_err.h (error_table_name): add __P
+
+1999-07-03 Assar Westerlund <assar@sics.se>
+
+ * parse.y (statement): use asprintf
+
+1999-06-13 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in: make it solaris make vpath-safe
+
+Thu Apr 1 11:13:53 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * compile_et.c: use getargs
+
+Sat Mar 20 00:16:30 1999 Assar Westerlund <assar@sics.se>
+
+ * compile_et.c: static-ize
+
+Thu Mar 18 11:22:13 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * Makefile.am: include Makefile.am.common
+
+Tue Mar 16 22:30:05 1999 Assar Westerlund <assar@sics.se>
+
+ * parse.y: use YYACCEPT instead of return
+
+Sat Mar 13 22:22:56 1999 Assar Westerlund <assar@sics.se>
+
+ * compile_et.c (generate_h): cast when calling is* to get rid of a
+ warning
+
+Thu Mar 11 15:00:51 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * parse.y: prototype for error_message
+
+Sun Nov 22 10:39:02 1998 Assar Westerlund <assar@sics.se>
+
+ * compile_et.h: include ctype and roken
+
+ * compile_et.c: include err.h
+ (generate_h): remove unused variable
+
+ * Makefile.in (WFLAGS): set
+
+Fri Nov 20 06:58:59 1998 Assar Westerlund <assar@sics.se>
+
+ * lex.l: undef ECHO to work around AIX lex bug
+
+Sun Sep 27 02:23:59 1998 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * com_err.c (error_message): try to pass code to strerror, to see
+ if it might be an errno code (this if broken, but some MIT code
+ seems to expect this behaviour)
+
+Sat Sep 26 17:42:39 1998 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * compile_et.c: <foo_err.h> -> "foo_err.h"
+
+Tue Jun 30 17:17:36 1998 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in: add str{cpy,cat}_truncate
+
+Mon May 25 05:24:39 1998 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in (clean): try to remove shared library debris
+
+Sun Apr 19 09:50:17 1998 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in: add symlink magic for linux
+
+Sun Apr 5 09:22:11 1998 Assar Westerlund <assar@sics.se>
+
+ * parse.y: define alloca to malloc in case we're using bison but
+ don't have alloca
+
+Tue Mar 24 05:13:01 1998 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in: link with snprintf (From Derrick J Brashear
+ <shadow@dementia.org>)
+
+Fri Feb 27 05:01:42 1998 Assar Westerlund <assar@sics.se>
+
+ * parse.y: initialize ec->next
+
+Thu Feb 26 02:22:25 1998 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: @LEXLIB@
+
+Sat Feb 21 15:18:54 1998 assar westerlund <assar@sics.se>
+
+ * Makefile.in: set YACC and LEX
+
+Tue Feb 17 22:20:27 1998 Bjoern Groenvall <bg@sics.se>
+
+ * com_right.h: Change typedefs so that one may mix MIT compile_et
+ generated code with krb4 dito.
+
+Tue Feb 17 16:30:55 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * compile_et.c (generate): Always return a value.
+
+ * parse.y: Files don't have to end with `end'.
+
+Mon Feb 16 16:09:20 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * lex.l (getstring): Replace getc() with input().
+
+ * Makefile.am: Fixes for new compile_et.
diff --git a/crypto/heimdal/lib/com_err/Makefile.am b/crypto/heimdal/lib/com_err/Makefile.am
new file mode 100644
index 000000000000..8e1810801541
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/Makefile.am
@@ -0,0 +1,24 @@
+# $Id: Makefile.am,v 1.24 2000/08/16 11:24:54 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+YFLAGS = -d
+
+lib_LTLIBRARIES = libcom_err.la
+libcom_err_la_LDFLAGS = -version-info 1:1:0
+
+bin_PROGRAMS = compile_et
+
+include_HEADERS = com_err.h com_right.h
+
+compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l
+
+libcom_err_la_SOURCES = error.c com_err.c roken_rename.h
+
+CLEANFILES = lex.c parse.c parse.h
+
+$(compile_et_OBJECTS): parse.h
+
+compile_et_LDADD = \
+ $(LIB_roken) \
+ $(LEXLIB)
diff --git a/crypto/heimdal/lib/com_err/Makefile.in b/crypto/heimdal/lib/com_err/Makefile.in
new file mode 100644
index 000000000000..986e078caae3
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/Makefile.in
@@ -0,0 +1,649 @@
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
+
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = ../..
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+
+@SET_MAKE@
+host_alias = @host_alias@
+host_triplet = @host@
+AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
+AWK = @AWK@
+CANONICAL_HOST = @CANONICAL_HOST@
+CATMAN = @CATMAN@
+CATMANEXT = @CATMANEXT@
+CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
+EXEEXT = @EXEEXT@
+EXTRA_LIB45 = @EXTRA_LIB45@
+GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
+INCLUDE_ = @INCLUDE_@
+LEX = @LEX@
+LIBOBJS = @LIBOBJS@
+LIBTOOL = @LIBTOOL@
+LIB_ = @LIB_@
+LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
+LIB_kdb = @LIB_kdb@
+LIB_otp = @LIB_otp@
+LIB_roken = @LIB_roken@
+LIB_security = @LIB_security@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
+NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
+NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+STRIP = @STRIP@
+VERSION = @VERSION@
+VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
+WFLAGS = @WFLAGS@
+WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
+WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
+YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.24 2000/08/16 11:24:54 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
+
+AUTOMAKE_OPTIONS = foreign no-dependencies
+
+SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
+
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
+
+AM_CFLAGS = $(WFLAGS)
+
+CP = cp
+
+COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
+
+buildinclude = $(top_builddir)/include
+
+LIB_XauReadAuth = @LIB_XauReadAuth@
+LIB_crypt = @LIB_crypt@
+LIB_dbm_firstkey = @LIB_dbm_firstkey@
+LIB_dbopen = @LIB_dbopen@
+LIB_dlopen = @LIB_dlopen@
+LIB_dn_expand = @LIB_dn_expand@
+LIB_el_init = @LIB_el_init@
+LIB_getattr = @LIB_getattr@
+LIB_gethostbyname = @LIB_gethostbyname@
+LIB_getpwent_r = @LIB_getpwent_r@
+LIB_getpwnam_r = @LIB_getpwnam_r@
+LIB_getsockopt = @LIB_getsockopt@
+LIB_logout = @LIB_logout@
+LIB_logwtmp = @LIB_logwtmp@
+LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
+LIB_readline = @LIB_readline@
+LIB_res_search = @LIB_res_search@
+LIB_setpcred = @LIB_setpcred@
+LIB_setsockopt = @LIB_setsockopt@
+LIB_socket = @LIB_socket@
+LIB_syslog = @LIB_syslog@
+LIB_tgetent = @LIB_tgetent@
+
+LIBS = @LIBS@
+
+HESIODLIB = @HESIODLIB@
+HESIODINCLUDE = @HESIODINCLUDE@
+INCLUDE_hesiod = @INCLUDE_hesiod@
+LIB_hesiod = @LIB_hesiod@
+
+INCLUDE_krb4 = @INCLUDE_krb4@
+LIB_krb4 = @LIB_krb4@
+
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
+INCLUDE_readline = @INCLUDE_readline@
+
+LEXLIB = @LEXLIB@
+
+NROFF_MAN = groff -mandoc -Tascii
+
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
+
+CHECK_LOCAL = $(PROGRAMS)
+
+YFLAGS = -d
+
+lib_LTLIBRARIES = libcom_err.la
+libcom_err_la_LDFLAGS = -version-info 1:1:0
+
+bin_PROGRAMS = compile_et
+
+include_HEADERS = com_err.h com_right.h
+
+compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l
+
+libcom_err_la_SOURCES = error.c com_err.c roken_rename.h
+
+CLEANFILES = lex.c parse.c parse.h
+
+compile_et_LDADD = \
+ $(LIB_roken) \
+ $(LEXLIB)
+
+subdir = lib/com_err
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = ../../include/config.h
+CONFIG_CLEAN_FILES =
+LTLIBRARIES = $(lib_LTLIBRARIES)
+
+
+DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
+CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
+X_CFLAGS = @X_CFLAGS@
+X_LIBS = @X_LIBS@
+X_EXTRA_LIBS = @X_EXTRA_LIBS@
+X_PRE_LIBS = @X_PRE_LIBS@
+libcom_err_la_LIBADD =
+am_libcom_err_la_OBJECTS = error.lo com_err.lo
+libcom_err_la_OBJECTS = $(am_libcom_err_la_OBJECTS)
+bin_PROGRAMS = compile_et$(EXEEXT)
+PROGRAMS = $(bin_PROGRAMS)
+
+am_compile_et_OBJECTS = compile_et.$(OBJEXT) parse.$(OBJEXT) \
+lex.$(OBJEXT)
+compile_et_OBJECTS = $(am_compile_et_OBJECTS)
+compile_et_DEPENDENCIES =
+compile_et_LDFLAGS =
+COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libcom_err_la_SOURCES) $(compile_et_SOURCES)
+HEADERS = $(include_HEADERS)
+
+depcomp =
+DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in \
+lex.c parse.c parse.h
+
+
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+
+GZIP_ENV = --best
+SOURCES = $(libcom_err_la_SOURCES) $(compile_et_SOURCES)
+OBJECTS = $(am_libcom_err_la_OBJECTS) $(am_compile_et_OBJECTS)
+
+all: all-redirect
+.SUFFIXES:
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y
+$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
+ cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/com_err/Makefile
+
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ cd $(top_builddir) \
+ && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+
+mostlyclean-libLTLIBRARIES:
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+
+distclean-libLTLIBRARIES:
+
+maintainer-clean-libLTLIBRARIES:
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(libdir)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
+ else :; fi; \
+ done
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
+ done
+
+mostlyclean-compile:
+ -rm -f *.o core *.core
+ -rm -f *.$(OBJEXT)
+
+clean-compile:
+
+distclean-compile:
+ -rm -f *.tab.c
+
+maintainer-clean-compile:
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+
+maintainer-clean-libtool:
+
+libcom_err.la: $(libcom_err_la_OBJECTS) $(libcom_err_la_DEPENDENCIES)
+ $(LINK) -rpath $(libdir) $(libcom_err_la_LDFLAGS) $(libcom_err_la_OBJECTS) $(libcom_err_la_LIBADD) $(LIBS)
+
+mostlyclean-binPROGRAMS:
+
+clean-binPROGRAMS:
+ -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS)
+
+distclean-binPROGRAMS:
+
+maintainer-clean-binPROGRAMS:
+
+install-binPROGRAMS: $(bin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(bindir)
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ if test -f $$p; then \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \
+ $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \
+ else :; fi; \
+ done
+
+uninstall-binPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " rm -f $(DESTDIR)$(bindir)/$$f"; \
+ rm -f $(DESTDIR)$(bindir)/$$f; \
+ done
+
+compile_et$(EXEEXT): $(compile_et_OBJECTS) $(compile_et_DEPENDENCIES)
+ @rm -f compile_et$(EXEEXT)
+ $(LINK) $(compile_et_LDFLAGS) $(compile_et_OBJECTS) $(compile_et_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
+.l.c:
+ $(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@
+.y.c:
+ $(YACC) $(AM_YFLAGS) $(YFLAGS) $< && mv y.tab.c $*.c
+ if test -f y.tab.h; then \
+ if cmp -s y.tab.h $*.h; then rm -f y.tab.h; else mv y.tab.h $*.h; fi; \
+ else :; fi
+parse.h: parse.c
+
+
+install-includeHEADERS: $(include_HEADERS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(includedir)
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
+ done
+
+uninstall-includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
+ done
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique $(LISP)
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+ -rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+
+distdir: $(DISTFILES)
+ @for file in $(DISTFILES); do \
+ d=$(srcdir); \
+ if test -d $$d/$$file; then \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
+info-am:
+info: info-am
+dvi-am:
+dvi: dvi-am
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-local
+check: check-am
+installcheck-am:
+installcheck: installcheck-am
+install-exec-am: install-libLTLIBRARIES install-binPROGRAMS
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-exec: install-exec-am
+
+install-data-am: install-includeHEADERS install-data-local
+install-data: install-data-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-am
+uninstall-am: uninstall-libLTLIBRARIES uninstall-binPROGRAMS \
+ uninstall-includeHEADERS
+uninstall: uninstall-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
+all-redirect: all-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
+installdirs:
+ $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(bindir) \
+ $(DESTDIR)$(includedir)
+
+
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -rm -f Makefile $(CONFIG_CLEAN_FILES)
+ -rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+ -rm -f Makefile.in
+ -test -z "lex.cparse.hparse.c" || rm -f lex.c parse.h parse.c
+mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
+ mostlyclean-libtool mostlyclean-binPROGRAMS \
+ mostlyclean-tags mostlyclean-generic
+
+mostlyclean: mostlyclean-am
+
+clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \
+ clean-binPROGRAMS clean-tags clean-generic \
+ mostlyclean-am
+
+clean: clean-am
+
+distclean-am: distclean-libLTLIBRARIES distclean-compile \
+ distclean-libtool distclean-binPROGRAMS distclean-tags \
+ distclean-generic clean-am
+ -rm -f libtool
+
+distclean: distclean-am
+
+maintainer-clean-am: maintainer-clean-libLTLIBRARIES \
+ maintainer-clean-compile maintainer-clean-libtool \
+ maintainer-clean-binPROGRAMS maintainer-clean-tags \
+ maintainer-clean-generic distclean-am
+ @echo "This command is intended for maintainers to use;"
+ @echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-am
+
+.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \
+clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \
+uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \
+distclean-compile clean-compile maintainer-clean-compile \
+mostlyclean-libtool distclean-libtool clean-libtool \
+maintainer-clean-libtool mostlyclean-binPROGRAMS distclean-binPROGRAMS \
+clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \
+install-binPROGRAMS uninstall-includeHEADERS install-includeHEADERS \
+tags mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \
+distdir info-am info dvi-am dvi check-local check check-am \
+installcheck-am installcheck install-exec-am install-exec \
+install-data-local install-data-am install-data install-am install \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
+installdirs mostlyclean-generic distclean-generic clean-generic \
+maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+
+
+install-suid-programs:
+ @foo='$(bin_SUIDS)'; \
+ for file in $$foo; do \
+ x=$(DESTDIR)$(bindir)/$$file; \
+ if chown 0:0 $$x && chmod u+s $$x; then :; else \
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
+
+install-exec-hook: install-suid-programs
+
+install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
+ @foo='$(include_HEADERS) $(build_HEADERZ)'; \
+ for f in $$foo; do \
+ f=`basename $$f`; \
+ if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+ else file="$$f"; fi; \
+ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
+ : ; else \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
+ fi ; \
+ done
+
+all-local: install-build-headers
+#NROFF_MAN = nroff -man
+.1.cat1:
+ $(NROFF_MAN) $< > $@
+.3.cat3:
+ $(NROFF_MAN) $< > $@
+.5.cat5:
+ $(NROFF_MAN) $< > $@
+.8.cat8:
+ $(NROFF_MAN) $< > $@
+
+dist-cat1-mans:
+ @foo='$(man1_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.1) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat3-mans:
+ @foo='$(man3_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.3) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat5-mans:
+ @foo='$(man5_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.5) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat8-mans:
+ @foo='$(man8_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.8) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
+
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+install-data-local: install-cat-mans
+
+.et.h:
+ $(COMPILE_ET) $<
+.et.c:
+ $(COMPILE_ET) $<
+
+.x.c:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
+
+check-local::
+ @foo='$(CHECK_LOCAL)'; \
+ if test "$$foo"; then \
+ failed=0; all=0; \
+ for i in $$foo; do \
+ all=`expr $$all + 1`; \
+ if ./$$i --version > /dev/null 2>&1; then \
+ echo "PASS: $$i"; \
+ else \
+ echo "FAIL: $$i"; \
+ failed=`expr $$failed + 1`; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="$$failed of $$all tests failed"; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
+
+$(compile_et_OBJECTS): parse.h
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/crypto/heimdal/lib/com_err/com_err.c b/crypto/heimdal/lib/com_err/com_err.c
new file mode 100644
index 000000000000..25c679ef6100
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/com_err.c
@@ -0,0 +1,151 @@
+/*
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: com_err.c,v 1.15 2000/04/04 22:04:55 assar Exp $");
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <roken.h>
+#include "com_err.h"
+
+struct et_list *_et_list = NULL;
+
+
+const char *
+error_message (long code)
+{
+ static char msg[128];
+ const char *p = com_right(_et_list, code);
+ if (p == NULL)
+ p = strerror(code);
+ if (p != NULL && *p != '\0') {
+ strncpy(msg, p, sizeof(msg) - 1);
+ msg[sizeof(msg) - 1] = 0;
+ } else
+ sprintf(msg, "Unknown error %ld", code);
+ return msg;
+}
+
+int
+init_error_table(const char **msgs, long base, int count)
+{
+ initialize_error_table_r(&_et_list, msgs, count, base);
+ return 0;
+}
+
+static void
+default_proc (const char *whoami, long code, const char *fmt, va_list args)
+{
+ if (whoami)
+ fprintf(stderr, "%s: ", whoami);
+ if (code)
+ fprintf(stderr, "%s ", error_message(code));
+ if (fmt)
+ vfprintf(stderr, fmt, args);
+ fprintf(stderr, "\r\n"); /* ??? */
+}
+
+static errf com_err_hook = default_proc;
+
+void
+com_err_va (const char *whoami,
+ long code,
+ const char *fmt,
+ va_list args)
+{
+ (*com_err_hook) (whoami, code, fmt, args);
+}
+
+void
+com_err (const char *whoami,
+ long code,
+ const char *fmt,
+ ...)
+{
+ va_list ap;
+ va_start(ap, fmt);
+ com_err_va (whoami, code, fmt, ap);
+ va_end(ap);
+}
+
+errf
+set_com_err_hook (errf new)
+{
+ errf old = com_err_hook;
+
+ if (new)
+ com_err_hook = new;
+ else
+ com_err_hook = default_proc;
+
+ return old;
+}
+
+errf
+reset_com_err_hook (void)
+{
+ return set_com_err_hook(NULL);
+}
+
+#define ERRCODE_RANGE 8 /* # of bits to shift table number */
+#define BITS_PER_CHAR 6 /* # bits to shift per character in name */
+
+static const char char_set[] =
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_";
+
+static char buf[6];
+
+const char *
+error_table_name(int num)
+{
+ int ch;
+ int i;
+ char *p;
+
+ /* num = aa aaa abb bbb bcc ccc cdd ddd d?? ??? ??? */
+ p = buf;
+ num >>= ERRCODE_RANGE;
+ /* num = ?? ??? ??? aaa aaa bbb bbb ccc ccc ddd ddd */
+ num &= 077777777;
+ /* num = 00 000 000 aaa aaa bbb bbb ccc ccc ddd ddd */
+ for (i = 4; i >= 0; i--) {
+ ch = (num >> BITS_PER_CHAR * i) & ((1 << BITS_PER_CHAR) - 1);
+ if (ch != 0)
+ *p++ = char_set[ch-1];
+ }
+ *p = '\0';
+ return(buf);
+}
diff --git a/crypto/heimdal/lib/com_err/com_err.h b/crypto/heimdal/lib/com_err/com_err.h
new file mode 100644
index 000000000000..9703336a0337
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/com_err.h
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: com_err.h,v 1.6 2000/01/16 04:51:16 assar Exp $ */
+
+/* MIT compatible com_err library */
+
+#ifndef __COM_ERR_H__
+#define __COM_ERR_H__
+
+#include <com_right.h>
+
+typedef void (*errf) __P((const char *, long, const char *, va_list));
+
+const char * error_message __P((long));
+int init_error_table __P((const char**, long, int));
+
+void com_err_va __P((const char *, long, const char *, va_list));
+void com_err __P((const char *, long, const char *, ...));
+
+errf set_com_err_hook __P((errf));
+errf reset_com_err_hook __P((void));
+
+const char *error_table_name __P((int num));
+
+#endif /* __COM_ERR_H__ */
diff --git a/crypto/heimdal/lib/com_err/com_right.h b/crypto/heimdal/lib/com_err/com_right.h
new file mode 100644
index 000000000000..c87bb0d1def8
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/com_right.h
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: com_right.h,v 1.11 2000/07/31 01:11:08 assar Exp $ */
+
+#ifndef __COM_RIGHT_H__
+#define __COM_RIGHT_H__
+
+#ifdef __STDC__
+#include <stdarg.h>
+#endif
+
+#ifndef __P
+#ifdef __STDC__
+#define __P(X) X
+#else
+#define __P(X) ()
+#endif
+#endif
+
+struct error_table {
+ char const * const * msgs;
+ long base;
+ int n_msgs;
+};
+struct et_list {
+ struct et_list *next;
+ struct error_table *table;
+};
+extern struct et_list *_et_list;
+
+const char *com_right __P((struct et_list *list, long code));
+void initialize_error_table_r __P((struct et_list **, const char **, int, long));
+void free_error_table __P((struct et_list *));
+
+#endif /* __COM_RIGHT_H__ */
diff --git a/crypto/heimdal/lib/com_err/compile_et.c b/crypto/heimdal/lib/com_err/compile_et.c
new file mode 100644
index 000000000000..f982dcd5a5ff
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/compile_et.c
@@ -0,0 +1,235 @@
+/*
+ * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#undef ROKEN_RENAME
+#include "compile_et.h"
+#include <getarg.h>
+
+RCSID("$Id: compile_et.c,v 1.13 1999/12/02 16:58:38 joda Exp $");
+
+#include <roken.h>
+#include <err.h>
+#include "parse.h"
+
+int numerror;
+extern FILE *yyin;
+
+extern void yyparse(void);
+
+long base;
+int number;
+char *prefix;
+char *id_str;
+
+char name[128];
+char Basename[128];
+
+#ifdef YYDEBUG
+extern int yydebug = 1;
+#endif
+
+char *filename;
+char hfn[128];
+char cfn[128];
+
+struct error_code *codes = NULL;
+
+static int
+generate_c(void)
+{
+ int n;
+ struct error_code *ec;
+
+ FILE *c_file = fopen(cfn, "w");
+ if(c_file == NULL)
+ return 1;
+
+ fprintf(c_file, "/* Generated from %s */\n", filename);
+ if(id_str)
+ fprintf(c_file, "/* %s */\n", id_str);
+ fprintf(c_file, "\n");
+ fprintf(c_file, "#include <stddef.h>\n");
+ fprintf(c_file, "#include <com_err.h>\n");
+ fprintf(c_file, "#include \"%s\"\n", hfn);
+ fprintf(c_file, "\n");
+
+ fprintf(c_file, "static const char *text[] = {\n");
+
+ for(ec = codes, n = 0; ec; ec = ec->next, n++) {
+ while(n < ec->number) {
+ fprintf(c_file, "\t/* %03d */ \"Reserved %s error (%d)\",\n",
+ n, name, n);
+ n++;
+
+ }
+ fprintf(c_file, "\t/* %03d */ \"%s\",\n", ec->number, ec->string);
+ }
+
+ fprintf(c_file, "\tNULL\n");
+ fprintf(c_file, "};\n");
+ fprintf(c_file, "\n");
+ fprintf(c_file,
+ "void initialize_%s_error_table_r(struct et_list **list)\n",
+ name);
+ fprintf(c_file, "{\n");
+ fprintf(c_file,
+ " initialize_error_table_r(list, text, "
+ "%s_num_errors, ERROR_TABLE_BASE_%s);\n", name, name);
+ fprintf(c_file, "}\n");
+ fprintf(c_file, "\n");
+ fprintf(c_file, "void initialize_%s_error_table(void)\n", name);
+ fprintf(c_file, "{\n");
+ fprintf(c_file,
+ " init_error_table(text, ERROR_TABLE_BASE_%s, "
+ "%s_num_errors);\n", name, name);
+ fprintf(c_file, "}\n");
+
+ fclose(c_file);
+ return 0;
+}
+
+static int
+generate_h(void)
+{
+ struct error_code *ec;
+ char fn[128];
+ FILE *h_file = fopen(hfn, "w");
+ char *p;
+
+ if(h_file == NULL)
+ return 1;
+
+ snprintf(fn, sizeof(fn), "__%s__", hfn);
+ for(p = fn; *p; p++)
+ if(!isalnum((unsigned char)*p))
+ *p = '_';
+
+ fprintf(h_file, "/* Generated from %s */\n", filename);
+ if(id_str)
+ fprintf(h_file, "/* %s */\n", id_str);
+ fprintf(h_file, "\n");
+ fprintf(h_file, "#ifndef %s\n", fn);
+ fprintf(h_file, "#define %s\n", fn);
+ fprintf(h_file, "\n");
+ fprintf(h_file, "#include <com_right.h>\n");
+ fprintf(h_file, "\n");
+ fprintf(h_file,
+ "void initialize_%s_error_table_r(struct et_list **);\n",
+ name);
+ fprintf(h_file, "\n");
+ fprintf(h_file, "void initialize_%s_error_table(void);\n", name);
+ fprintf(h_file, "#define init_%s_err_tbl initialize_%s_error_table\n",
+ name, name);
+ fprintf(h_file, "\n");
+ fprintf(h_file, "typedef enum %s_error_number{\n", name);
+ fprintf(h_file, "\tERROR_TABLE_BASE_%s = %ld,\n", name, base);
+ fprintf(h_file, "\t%s_err_base = %ld,\n", name, base);
+
+ for(ec = codes; ec; ec = ec->next) {
+ fprintf(h_file, "\t%s = %ld,\n", ec->name, base + ec->number);
+ }
+
+ fprintf(h_file, "\t%s_num_errors = %d\n", name, number);
+ fprintf(h_file, "} %s_error_number;\n", name);
+ fprintf(h_file, "\n");
+ fprintf(h_file, "#endif /* %s */\n", fn);
+
+
+ fclose(h_file);
+ return 0;
+}
+
+static int
+generate(void)
+{
+ return generate_c() || generate_h();
+}
+
+int version_flag;
+int help_flag;
+struct getargs args[] = {
+ { "version", 0, arg_flag, &version_flag },
+ { "help", 0, arg_flag, &help_flag }
+};
+int num_args = sizeof(args) / sizeof(args[0]);
+
+static void
+usage(int code)
+{
+ arg_printusage(args, num_args, NULL, "error-table");
+ exit(code);
+}
+
+int
+main(int argc, char **argv)
+{
+ char *p;
+ int optind = 0;
+
+ set_progname(argv[0]);
+ if(getarg(args, num_args, argc, argv, &optind))
+ usage(1);
+ if(help_flag)
+ usage(0);
+ if(version_flag) {
+ print_version(NULL);
+ exit(0);
+ }
+
+ if(optind == argc)
+ usage(1);
+ filename = argv[optind];
+ yyin = fopen(filename, "r");
+ if(yyin == NULL)
+ err(1, "%s", filename);
+
+
+ p = strrchr(filename, '/');
+ if(p)
+ p++;
+ else
+ p = filename;
+ strncpy(Basename, p, sizeof(Basename));
+ Basename[sizeof(Basename) - 1] = '\0';
+
+ Basename[strcspn(Basename, ".")] = '\0';
+
+ snprintf(hfn, sizeof(hfn), "%s.h", Basename);
+ snprintf(cfn, sizeof(cfn), "%s.c", Basename);
+
+ yyparse();
+ if(numerror)
+ return 1;
+
+ return generate();
+}
diff --git a/crypto/heimdal/lib/com_err/compile_et.h b/crypto/heimdal/lib/com_err/compile_et.h
new file mode 100644
index 000000000000..86dd1131a7a7
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/compile_et.h
@@ -0,0 +1,79 @@
+/*
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: compile_et.h,v 1.6 2000/07/01 20:21:48 assar Exp $ */
+
+#ifndef __COMPILE_ET_H__
+#define __COMPILE_ET_H__
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <ctype.h>
+#include <roken.h>
+
+extern long base;
+extern int number;
+extern char *prefix;
+extern char name[128];
+extern char *id_str;
+extern char *filename;
+extern int numerror;
+
+struct error_code {
+ unsigned number;
+ char *name;
+ char *string;
+ struct error_code *next, **tail;
+};
+
+extern struct error_code *codes;
+
+#define APPEND(L, V) \
+do { \
+ if((L) == NULL) { \
+ (L) = (V); \
+ (L)->tail = &(V)->next; \
+ (L)->next = NULL; \
+ }else{ \
+ *(L)->tail = (V); \
+ (L)->tail = &(V)->next; \
+ } \
+}while(0)
+
+#endif /* __COMPILE_ET_H__ */
diff --git a/crypto/heimdal/lib/com_err/error.c b/crypto/heimdal/lib/com_err/error.c
new file mode 100644
index 000000000000..d1220076d3da
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/error.c
@@ -0,0 +1,91 @@
+/*
+ * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: error.c,v 1.14 1999/12/02 16:58:38 joda Exp $");
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <com_right.h>
+
+const char *
+com_right(struct et_list *list, long code)
+{
+ struct et_list *p;
+ for (p = list; p; p = p->next) {
+ if (code >= p->table->base && code < p->table->base + p->table->n_msgs)
+ return p->table->msgs[code - p->table->base];
+ }
+ return NULL;
+}
+
+struct foobar {
+ struct et_list etl;
+ struct error_table et;
+};
+
+void
+initialize_error_table_r(struct et_list **list,
+ const char **messages,
+ int num_errors,
+ long base)
+{
+ struct et_list *et;
+ struct foobar *f;
+ for (et = *list; et; et = et->next)
+ if (et->table->msgs == messages)
+ return;
+ f = malloc(sizeof(*f));
+ if (f == NULL)
+ return;
+ et = &f->etl;
+ et->table = &f->et;
+ et->table->msgs = messages;
+ et->table->n_msgs = num_errors;
+ et->table->base = base;
+ et->next = *list;
+ *list = et;
+}
+
+
+void
+free_error_table(struct et_list *et)
+{
+ while(et){
+ struct et_list *p = et;
+ et = et->next;
+ free(p);
+ }
+}
diff --git a/crypto/heimdal/lib/com_err/lex.h b/crypto/heimdal/lib/com_err/lex.h
new file mode 100644
index 000000000000..9912bf4f0943
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/lex.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: lex.h,v 1.1 2000/06/22 00:42:52 assar Exp $ */
+
+void error_message (const char *, ...)
+__attribute__ ((format (printf, 1, 2)));
+
+int yylex(void);
diff --git a/crypto/heimdal/lib/com_err/lex.l b/crypto/heimdal/lib/com_err/lex.l
new file mode 100644
index 000000000000..e98db6f86579
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/lex.l
@@ -0,0 +1,126 @@
+%{
+/*
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * This is to handle the definition of this symbol in some AIX
+ * headers, which will conflict with the definition that lex will
+ * generate for it. It's only a problem for AIX lex.
+ */
+
+#undef ECHO
+
+#include "compile_et.h"
+#include "parse.h"
+#include "lex.h"
+
+RCSID("$Id: lex.l,v 1.6 2000/06/22 00:42:52 assar Exp $");
+
+static unsigned lineno = 1;
+static int getstring(void);
+
+#define YY_NO_UNPUT
+
+#undef ECHO
+
+%}
+
+
+%%
+et { return ET; }
+error_table { return ET; }
+ec { return EC; }
+error_code { return EC; }
+prefix { return PREFIX; }
+index { return INDEX; }
+id { return ID; }
+end { return END; }
+[0-9]+ { yylval.number = atoi(yytext); return NUMBER; }
+#[^\n]* ;
+[ \t] ;
+\n { lineno++; }
+\" { return getstring(); }
+[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; }
+. { return *yytext; }
+%%
+
+#ifndef yywrap /* XXX */
+int
+yywrap ()
+{
+ return 1;
+}
+#endif
+
+static int
+getstring(void)
+{
+ char x[128];
+ int i = 0;
+ int c;
+ int quote = 0;
+ while((c = input()) != EOF){
+ if(quote) {
+ x[i++] = c;
+ quote = 0;
+ continue;
+ }
+ if(c == '\n'){
+ error_message("unterminated string");
+ lineno++;
+ break;
+ }
+ if(c == '\\'){
+ quote++;
+ continue;
+ }
+ if(c == '\"')
+ break;
+ x[i++] = c;
+ }
+ x[i] = '\0';
+ yylval.string = strdup(x);
+ return STRING;
+}
+
+void
+error_message (const char *format, ...)
+{
+ va_list args;
+
+ va_start (args, format);
+ fprintf (stderr, "%s:%d:", filename, lineno);
+ vfprintf (stderr, format, args);
+ va_end (args);
+ numerror++;
+}
diff --git a/crypto/heimdal/lib/com_err/parse.y b/crypto/heimdal/lib/com_err/parse.y
new file mode 100644
index 000000000000..82e99ffb809b
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/parse.y
@@ -0,0 +1,167 @@
+%{
+/*
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "compile_et.h"
+#include "lex.h"
+
+RCSID("$Id: parse.y,v 1.11 2000/06/22 00:42:52 assar Exp $");
+
+void yyerror (char *s);
+static long name2number(const char *str);
+
+extern char *yytext;
+
+/* This is for bison */
+
+#if !defined(alloca) && !defined(HAVE_ALLOCA)
+#define alloca(x) malloc(x)
+#endif
+
+%}
+
+%union {
+ char *string;
+ int number;
+}
+
+%token ET INDEX PREFIX EC ID END
+%token <string> STRING
+%token <number> NUMBER
+
+%%
+
+file : /* */
+ | header statements
+ ;
+
+header : id et
+ | et
+ ;
+
+id : ID STRING
+ {
+ id_str = $2;
+ }
+ ;
+
+et : ET STRING
+ {
+ base = name2number($2);
+ strncpy(name, $2, sizeof(name));
+ name[sizeof(name) - 1] = '\0';
+ free($2);
+ }
+ | ET STRING STRING
+ {
+ base = name2number($2);
+ strncpy(name, $3, sizeof(name));
+ name[sizeof(name) - 1] = '\0';
+ free($2);
+ free($3);
+ }
+ ;
+
+statements : statement
+ | statements statement
+ ;
+
+statement : INDEX NUMBER
+ {
+ number = $2;
+ }
+ | PREFIX STRING
+ {
+ prefix = realloc(prefix, strlen($2) + 2);
+ strcpy(prefix, $2);
+ strcat(prefix, "_");
+ free($2);
+ }
+ | PREFIX
+ {
+ prefix = realloc(prefix, 1);
+ *prefix = '\0';
+ }
+ | EC STRING ',' STRING
+ {
+ struct error_code *ec = malloc(sizeof(*ec));
+
+ ec->next = NULL;
+ ec->number = number;
+ if(prefix && *prefix != '\0') {
+ asprintf (&ec->name, "%s%s", prefix, $2);
+ free($2);
+ } else
+ ec->name = $2;
+ ec->string = $4;
+ APPEND(codes, ec);
+ number++;
+ }
+ | END
+ {
+ YYACCEPT;
+ }
+ ;
+
+%%
+
+static long
+name2number(const char *str)
+{
+ const char *p;
+ long base = 0;
+ const char *x = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+ "abcdefghijklmnopqrstuvwxyz0123456789_";
+ if(strlen(str) > 4) {
+ yyerror("table name too long");
+ return 0;
+ }
+ for(p = str; *p; p++){
+ char *q = strchr(x, *p);
+ if(q == NULL) {
+ yyerror("invalid character in table name");
+ return 0;
+ }
+ base = (base << 6) + (q - x) + 1;
+ }
+ base <<= 8;
+ if(base > 0x7fffffff)
+ base = -(0xffffffff - base + 1);
+ return base;
+}
+
+void
+yyerror (char *s)
+{
+ error_message ("%s\n", s);
+}
diff --git a/crypto/heimdal/lib/com_err/roken_rename.h b/crypto/heimdal/lib/com_err/roken_rename.h
new file mode 100644
index 000000000000..173c9a7d5ae9
--- /dev/null
+++ b/crypto/heimdal/lib/com_err/roken_rename.h
@@ -0,0 +1,39 @@
+/*
+ * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:38 joda Exp $ */
+
+#ifndef __roken_rename_h__
+#define __roken_rename_h__
+
+#endif /* __roken_rename_h__ */
diff --git a/crypto/heimdal/lib/gssapi/8003.c b/crypto/heimdal/lib/gssapi/8003.c
index f37fe0458722..c0d888165184 100644
--- a/crypto/heimdal/lib/gssapi/8003.c
+++ b/crypto/heimdal/lib/gssapi/8003.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: 8003.c,v 1.6 2000/01/25 23:10:13 assar Exp $");
+RCSID("$Id: 8003.c,v 1.8 2001/01/29 02:08:58 assar Exp $");
static krb5_error_code
encode_om_uint32(OM_uint32 n, u_char *p)
@@ -59,30 +59,30 @@ hash_input_chan_bindings (const gss_channel_bindings_t b,
u_char num[4];
MD5_CTX md5;
- MD5Init(&md5);
+ MD5_Init(&md5);
encode_om_uint32 (b->initiator_addrtype, num);
- MD5Update (&md5, num, sizeof(num));
+ MD5_Update (&md5, num, sizeof(num));
encode_om_uint32 (b->initiator_address.length, num);
- MD5Update (&md5, num, sizeof(num));
+ MD5_Update (&md5, num, sizeof(num));
if (b->initiator_address.length)
- MD5Update (&md5,
+ MD5_Update (&md5,
b->initiator_address.value,
b->initiator_address.length);
encode_om_uint32 (b->acceptor_addrtype, num);
- MD5Update (&md5, num, sizeof(num));
+ MD5_Update (&md5, num, sizeof(num));
encode_om_uint32 (b->acceptor_address.length, num);
- MD5Update (&md5, num, sizeof(num));
+ MD5_Update (&md5, num, sizeof(num));
if (b->acceptor_address.length)
- MD5Update (&md5,
+ MD5_Update (&md5,
b->acceptor_address.value,
b->acceptor_address.length);
encode_om_uint32 (b->application_data.length, num);
- MD5Update (&md5, num, sizeof(num));
+ MD5_Update (&md5, num, sizeof(num));
if (b->application_data.length)
- MD5Update (&md5,
+ MD5_Update (&md5,
b->application_data.value,
b->application_data.length);
- MD5Final (p, &md5);
+ MD5_Final (p, &md5);
return 0;
}
@@ -90,12 +90,20 @@ krb5_error_code
gssapi_krb5_create_8003_checksum (
const gss_channel_bindings_t input_chan_bindings,
OM_uint32 flags,
+ krb5_data *fwd_data,
Checksum *result)
{
u_char *p;
+ /*
+ * see rfc1964 (section 1.1.1 (Initial Token), and the checksum value
+ * field's format)
+ */
result->cksumtype = 0x8003;
- result->checksum.length = 24;
+ if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG))
+ result->checksum.length = 24 + 4 + fwd_data->length;
+ else
+ result->checksum.length = 24;
result->checksum.data = malloc (result->checksum.length);
if (result->checksum.data == NULL)
return ENOMEM;
@@ -111,8 +119,31 @@ gssapi_krb5_create_8003_checksum (
p += 16;
encode_om_uint32 (flags, p);
p += 4;
+
+ if (fwd_data->length > 0 && (flags & GSS_C_DELEG_FLAG)) {
+#if 0
+ u_char *tmp;
+
+ result->checksum.length = 28 + fwd_data->length;
+ tmp = realloc(result->checksum.data, result->checksum.length);
+ if (tmp == NULL)
+ return ENOMEM;
+ result->checksum.data = tmp;
+
+ p = (u_char*)result->checksum.data + 24;
+#endif
+ *p++ = (1 >> 0) & 0xFF; /* DlgOpt */ /* == 1 */
+ *p++ = (1 >> 8) & 0xFF; /* DlgOpt */ /* == 0 */
+ *p++ = (fwd_data->length >> 0) & 0xFF; /* Dlgth */
+ *p++ = (fwd_data->length >> 8) & 0xFF; /* Dlgth */
+ memcpy(p, (unsigned char *) fwd_data->data, fwd_data->length);
+
+ p += fwd_data->length;
+
if (p - (u_char *)result->checksum.data != result->checksum.length)
- abort ();
+ abort();
+ }
+
return 0;
}
@@ -120,14 +151,16 @@ krb5_error_code
gssapi_krb5_verify_8003_checksum(
const gss_channel_bindings_t input_chan_bindings,
Checksum *cksum,
- OM_uint32 *flags)
+ OM_uint32 *flags,
+ krb5_data *fwd_data)
{
unsigned char hash[16];
unsigned char *p;
OM_uint32 length;
+ int DlgOpt;
/* XXX should handle checksums > 24 bytes */
- if(cksum->cksumtype != 0x8003 || cksum->checksum.length != 24)
+ if(cksum->cksumtype != 0x8003)
return GSS_S_BAD_BINDINGS;
p = cksum->checksum.data;
@@ -147,6 +180,24 @@ gssapi_krb5_verify_8003_checksum(
p += sizeof(hash);
decode_om_uint32(p, flags);
+
+ if (cksum->checksum.length > 24 && (*flags & GSS_C_DELEG_FLAG)) {
+
+ p += 4;
+
+ DlgOpt = (p[0] << 0) | (p[1] << 8 );
+ if (DlgOpt != 1)
+ return GSS_S_BAD_BINDINGS;
+
+ p += 2;
+ fwd_data->length = (p[0] << 0) | (p[1] << 8);
+ fwd_data->data = malloc(fwd_data->length);
+ if (fwd_data->data == NULL)
+ return ENOMEM;
+
+ p += 2;
+ memcpy(fwd_data->data, p, fwd_data->length);
+ }
return 0;
}
diff --git a/crypto/heimdal/lib/gssapi/ChangeLog b/crypto/heimdal/lib/gssapi/ChangeLog
index ba765baf0167..e335d4db1e61 100644
--- a/crypto/heimdal/lib/gssapi/ChangeLog
+++ b/crypto/heimdal/lib/gssapi/ChangeLog
@@ -1,3 +1,106 @@
+2001-01-30 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libgssapi_la_LDFLAGS): bump version to 3:0:2
+ * acquire_cred.c, init_sec_context.c, release_cred.c: add support
+ for getting creds from a keytab, from fvdl@netbsd.org
+
+ * copy_ccache.c: add gss_krb5_copy_ccache
+
+2001-01-27 Assar Westerlund <assar@sics.se>
+
+ * get_mic.c: cast parameters to des function to non-const pointers
+ to handle the case where these functions actually take non-const
+ des_cblock *
+
+2001-01-09 Assar Westerlund <assar@sics.se>
+
+ * accept_sec_context.c (gss_accept_sec_context): use krb5_rd_cred2
+ instead of krb5_rd_cred
+
+2000-12-11 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:3:1
+
+2000-12-08 Assar Westerlund <assar@sics.se>
+
+ * wrap.c (wrap_des3): use the checksum as ivec when encrypting the
+ sequence number
+ * unwrap.c (unwrap_des3): use the checksum as ivec when encrypting
+ the sequence number
+ * init_sec_context.c (init_auth): always zero fwd_data
+
+2000-12-06 Johan Danielsson <joda@pdc.kth.se>
+
+ * accept_sec_context.c: de-pointerise auth_context parameter to
+ krb5_mk_rep
+
+2000-11-15 Assar Westerlund <assar@sics.se>
+
+ * init_sec_context.c (init_auth): update to new
+ krb5_build_authenticator
+
+2000-09-19 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libgssapi_la_LDFLAGS): bump to 2:2:1
+
+2000-08-27 Assar Westerlund <assar@sics.se>
+
+ * init_sec_context.c: actually pay attention to `time_req'
+ * init_sec_context.c: re-organize. leak less memory.
+ * gssapi_locl.h (gssapi_krb5_encapsulate, gss_krb5_getsomekey):
+ update prototypes add assert.h
+ * gssapi.h (GSS_KRB5_CONF_C_QOP_DES, GSS_KRB5_CONF_C_QOP_DES3_KD):
+ add
+ * verify_mic.c: re-organize and add 3DES code
+ * wrap.c: re-organize and add 3DES code
+ * unwrap.c: re-organize and add 3DES code
+ * get_mic.c: re-organize and add 3DES code
+ * encapsulate.c (gssapi_krb5_encapsulate): do not free `in_data',
+ let the caller do that. fix the callers.
+
+2000-08-16 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: bump version to 2:1:1
+
+2000-07-29 Assar Westerlund <assar@sics.se>
+
+ * decapsulate.c (gssapi_krb5_verify_header): sanity-check length
+
+2000-07-25 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: bump version to 2:0:1
+
+2000-07-22 Assar Westerlund <assar@sics.se>
+
+ * gssapi.h: update OID for GSS_C_NT_HOSTBASED_SERVICE and other
+ details from rfc2744
+
+2000-06-29 Assar Westerlund <assar@sics.se>
+
+ * address_to_krb5addr.c (gss_address_to_krb5addr): actually use
+ `int' instead of `sa_family_t' for the address family.
+
+2000-06-21 Assar Westerlund <assar@sics.se>
+
+ * add support for token delegation. From Daniel Kouril
+ <kouril@ics.muni.cz> and Miroslav Ruda <ruda@ics.muni.cz>
+
+2000-05-15 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libgssapi_la_LDFLAGS): set version to 1:1:1
+
+2000-04-12 Assar Westerlund <assar@sics.se>
+
+ * release_oid_set.c (gss_release_oid_set): clear set for
+ robustness. From GOMBAS Gabor <gombasg@inf.elte.hu>
+ * release_name.c (gss_release_name): reset input_name for
+ robustness. From GOMBAS Gabor <gombasg@inf.elte.hu>
+ * release_buffer.c (gss_release_buffer): set value to NULL to be
+ more robust. From GOMBAS Gabor <gombasg@inf.elte.hu>
+ * add_oid_set_member.c (gss_add_oid_set_member): actually check if
+ the oid is a member first. leave the oid_set unchanged if realloc
+ fails.
+
2000-02-13 Assar Westerlund <assar@sics.se>
* Makefile.am: set version to 1:0:1
diff --git a/crypto/heimdal/lib/gssapi/Makefile.am b/crypto/heimdal/lib/gssapi/Makefile.am
index 07d4e6517ee1..a086e295fb6a 100644
--- a/crypto/heimdal/lib/gssapi/Makefile.am
+++ b/crypto/heimdal/lib/gssapi/Makefile.am
@@ -1,11 +1,11 @@
-# $Id: Makefile.am,v 1.21 2000/02/13 20:34:49 assar Exp $
+# $Id: Makefile.am,v 1.30 2001/01/30 01:51:53 assar Exp $
include $(top_srcdir)/Makefile.am.common
-INCLUDES += -I$(srcdir)/../krb5
+INCLUDES += -I$(srcdir)/../krb5 $(INCLUDE_krb4)
lib_LTLIBRARIES = libgssapi.la
-libgssapi_la_LDFLAGS = -version-info 1:0:1
+libgssapi_la_LDFLAGS = -version-info 3:0:2
include_HEADERS = gssapi.h
@@ -17,6 +17,7 @@ libgssapi_la_SOURCES = \
canonicalize_name.c \
compare_name.c \
context_time.c \
+ copy_ccache.c \
create_emtpy_oid_set.c \
decapsulate.c \
delete_sec_context.c \
@@ -45,4 +46,5 @@ libgssapi_la_SOURCES = \
unwrap.c \
v1.c \
verify_mic.c \
- wrap.c
+ wrap.c \
+ address_to_krb5addr.c
diff --git a/crypto/heimdal/lib/gssapi/Makefile.in b/crypto/heimdal/lib/gssapi/Makefile.in
index 31ea81304588..41739345d4aa 100644
--- a/crypto/heimdal/lib/gssapi/Makefile.in
+++ b/crypto/heimdal/lib/gssapi/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.21 2000/02/13 20:34:49 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.30 2001/01/30 01:51:53 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include -I$(srcdir)/../krb5
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) -I$(srcdir)/../krb5 $(INCLUDE_krb4)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,34 +170,69 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
lib_LTLIBRARIES = libgssapi.la
-libgssapi_la_LDFLAGS = -version-info 1:0:1
+libgssapi_la_LDFLAGS = -version-info 3:0:2
include_HEADERS = gssapi.h
-libgssapi_la_SOURCES = 8003.c accept_sec_context.c acquire_cred.c add_oid_set_member.c canonicalize_name.c compare_name.c context_time.c create_emtpy_oid_set.c decapsulate.c delete_sec_context.c display_name.c display_status.c duplicate_name.c encapsulate.c export_sec_context.c export_name.c external.c get_mic.c gssapi.h gssapi_locl.h import_name.c import_sec_context.c indicate_mechs.c init.c init_sec_context.c inquire_context.c inquire_cred.c release_buffer.c release_cred.c release_name.c release_oid_set.c test_oid_set_member.c unwrap.c v1.c verify_mic.c wrap.c
+libgssapi_la_SOURCES = \
+ 8003.c \
+ accept_sec_context.c \
+ acquire_cred.c \
+ add_oid_set_member.c \
+ canonicalize_name.c \
+ compare_name.c \
+ context_time.c \
+ copy_ccache.c \
+ create_emtpy_oid_set.c \
+ decapsulate.c \
+ delete_sec_context.c \
+ display_name.c \
+ display_status.c \
+ duplicate_name.c \
+ encapsulate.c \
+ export_sec_context.c \
+ export_name.c \
+ external.c \
+ get_mic.c \
+ gssapi.h \
+ gssapi_locl.h \
+ import_name.c \
+ import_sec_context.c \
+ indicate_mechs.c \
+ init.c \
+ init_sec_context.c \
+ inquire_context.c \
+ inquire_cred.c \
+ release_buffer.c \
+ release_cred.c \
+ release_name.c \
+ release_oid_set.c \
+ test_oid_set_member.c \
+ unwrap.c \
+ v1.c \
+ verify_mic.c \
+ wrap.c \
+ address_to_krb5addr.c
+subdir = lib/gssapi
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -189,42 +242,43 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
libgssapi_la_LIBADD =
-libgssapi_la_OBJECTS = 8003.lo accept_sec_context.lo acquire_cred.lo \
+am_libgssapi_la_OBJECTS = 8003.lo accept_sec_context.lo acquire_cred.lo \
add_oid_set_member.lo canonicalize_name.lo compare_name.lo \
-context_time.lo create_emtpy_oid_set.lo decapsulate.lo \
+context_time.lo copy_ccache.lo create_emtpy_oid_set.lo decapsulate.lo \
delete_sec_context.lo display_name.lo display_status.lo \
duplicate_name.lo encapsulate.lo export_sec_context.lo export_name.lo \
external.lo get_mic.lo import_name.lo import_sec_context.lo \
indicate_mechs.lo init.lo init_sec_context.lo inquire_context.lo \
inquire_cred.lo release_buffer.lo release_cred.lo release_name.lo \
release_oid_set.lo test_oid_set_member.lo unwrap.lo v1.lo verify_mic.lo \
-wrap.lo
-CFLAGS = @CFLAGS@
+wrap.lo address_to_krb5addr.lo
+libgssapi_la_OBJECTS = $(am_libgssapi_la_OBJECTS)
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libgssapi_la_SOURCES)
HEADERS = $(include_HEADERS)
-DIST_COMMON = ChangeLog Makefile.am Makefile.in
+depcomp =
+DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
SOURCES = $(libgssapi_la_SOURCES)
-OBJECTS = $(libgssapi_la_OBJECTS)
+OBJECTS = $(am_libgssapi_la_OBJECTS)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/gssapi/Makefile
@@ -247,31 +301,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -283,15 +324,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -304,41 +336,54 @@ maintainer-clean-libtool:
libgssapi.la: $(libgssapi_la_OBJECTS) $(libgssapi_la_DEPENDENCIES)
$(LINK) -rpath $(libdir) $(libgssapi_la_LDFLAGS) $(libgssapi_la_OBJECTS) $(libgssapi_la_LIBADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
install-includeHEADERS: $(include_HEADERS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(includedir)
@list='$(include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
done
uninstall-includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(includedir)/$$p; \
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -351,17 +396,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/gssapi
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -390,7 +434,7 @@ uninstall: uninstall-am
all-am: Makefile $(LTLIBRARIES) $(HEADERS) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir)
@@ -404,6 +448,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-tags \
mostlyclean-generic
@@ -441,8 +486,8 @@ install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \
check-am installcheck-am installcheck install-exec-am install-exec \
install-data-local install-data-am install-data install-am install \
-uninstall-am uninstall all-local all-redirect all-am all installdirs \
-mostlyclean-generic distclean-generic clean-generic \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
+installdirs mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
@@ -451,7 +496,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -463,8 +511,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -533,87 +581,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/gssapi/accept_sec_context.c b/crypto/heimdal/lib/gssapi/accept_sec_context.c
index 3f61ae11a9c1..a606c553f723 100644
--- a/crypto/heimdal/lib/gssapi/accept_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/accept_sec_context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: accept_sec_context.c,v 1.17 2000/02/12 21:24:08 assar Exp $");
+RCSID("$Id: accept_sec_context.c,v 1.21 2001/01/09 18:47:11 assar Exp $");
static krb5_keytab gss_keytab;
@@ -75,9 +75,11 @@ gss_accept_sec_context
OM_uint32 flags;
krb5_ticket *ticket = NULL;
krb5_keytab keytab = NULL;
+ krb5_data fwd_data;
gssapi_krb5_init ();
+ krb5_data_zero (&fwd_data);
output_token->length = 0;
output_token->value = NULL;
@@ -103,6 +105,70 @@ gss_accept_sec_context
goto failure;
}
+ if (input_chan_bindings != GSS_C_NO_CHANNEL_BINDINGS
+ && input_chan_bindings->application_data.length ==
+ 2 * sizeof((*context_handle)->auth_context->local_port)
+ ) {
+
+ /* Port numbers are expected to be in application_data.value,
+ * initator's port first */
+
+ krb5_address initiator_addr, acceptor_addr;
+
+ memset(&initiator_addr, 0, sizeof(initiator_addr));
+ memset(&acceptor_addr, 0, sizeof(acceptor_addr));
+
+ (*context_handle)->auth_context->remote_port =
+ *(int16_t *) input_chan_bindings->application_data.value;
+
+ (*context_handle)->auth_context->local_port =
+ *((int16_t *) input_chan_bindings->application_data.value + 1);
+
+
+ kret = gss_address_to_krb5addr(input_chan_bindings->acceptor_addrtype,
+ &input_chan_bindings->acceptor_address,
+ (*context_handle)->auth_context->local_port,
+ &acceptor_addr);
+ if (kret) {
+ *minor_status = kret;
+ ret = GSS_S_BAD_BINDINGS;
+ goto failure;
+ }
+
+ kret = gss_address_to_krb5addr(input_chan_bindings->initiator_addrtype,
+ &input_chan_bindings->initiator_address,
+ (*context_handle)->auth_context->remote_port,
+ &initiator_addr);
+ if (kret) {
+ krb5_free_address (gssapi_krb5_context, &acceptor_addr);
+ *minor_status = kret;
+ ret = GSS_S_BAD_BINDINGS;
+ goto failure;
+ }
+
+ kret = krb5_auth_con_setaddrs(gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ &acceptor_addr, /* local address */
+ &initiator_addr); /* remote address */
+
+ krb5_free_address (gssapi_krb5_context, &initiator_addr);
+ krb5_free_address (gssapi_krb5_context, &acceptor_addr);
+
+#if 0
+ free(input_chan_bindings->application_data.value);
+ input_chan_bindings->application_data.value = NULL;
+ input_chan_bindings->application_data.length = 0;
+#endif
+
+ if (kret) {
+ *minor_status = kret;
+ ret = GSS_S_BAD_BINDINGS;
+ goto failure;
+ }
+ }
+
+
+
{
int32_t tmp;
@@ -183,7 +249,8 @@ gss_accept_sec_context
kret = gssapi_krb5_verify_8003_checksum(input_chan_bindings,
authenticator->cksum,
- &flags);
+ &flags,
+ &fwd_data);
krb5_free_authenticator(gssapi_krb5_context, &authenticator);
if (kret) {
ret = GSS_S_FAILURE;
@@ -191,6 +258,49 @@ gss_accept_sec_context
}
}
+ if (fwd_data.length > 0 && (flags & GSS_C_DELEG_FLAG)) {
+
+ krb5_ccache ccache;
+
+ if (delegated_cred_handle == NULL || *delegated_cred_handle == NULL)
+ /* XXX Create a new delegated_cred_handle? */
+ kret = krb5_cc_default (gssapi_krb5_context, &ccache);
+
+ else {
+ if ((*delegated_cred_handle)->ccache == NULL)
+ kret = krb5_cc_gen_new (gssapi_krb5_context,
+ &krb5_mcc_ops,
+ &(*delegated_cred_handle)->ccache);
+ ccache = (*delegated_cred_handle)->ccache;
+ }
+
+ if (kret) {
+ flags &= ~GSS_C_DELEG_FLAG;
+ goto end_fwd;
+ }
+
+ kret = krb5_cc_initialize(gssapi_krb5_context,
+ ccache,
+ *src_name);
+ if (kret) {
+ flags &= ~GSS_C_DELEG_FLAG;
+ goto end_fwd;
+ }
+
+ kret = krb5_rd_cred2(gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ ccache,
+ &fwd_data);
+ if (kret) {
+ flags &= ~GSS_C_DELEG_FLAG;
+ goto end_fwd;
+ }
+
+end_fwd:
+ free(fwd_data.data);
+ }
+
+
flags |= GSS_C_TRANS_FLAG;
if (ret_flags)
@@ -208,16 +318,16 @@ gss_accept_sec_context
krb5_data outbuf;
kret = krb5_mk_rep (gssapi_krb5_context,
- &(*context_handle)->auth_context,
+ (*context_handle)->auth_context,
&outbuf);
if (kret) {
- krb5_data_free (&outbuf);
ret = GSS_S_FAILURE;
goto failure;
}
ret = gssapi_krb5_encapsulate (&outbuf,
output_token,
"\x02\x00");
+ krb5_data_free (&outbuf);
if (ret) {
kret = 0;
goto failure;
@@ -236,6 +346,8 @@ gss_accept_sec_context
return GSS_S_COMPLETE;
failure:
+ if (fwd_data.length > 0)
+ free(fwd_data.data);
if (ticket != NULL)
krb5_free_ticket (gssapi_krb5_context, ticket);
krb5_auth_con_free (gssapi_krb5_context,
diff --git a/crypto/heimdal/lib/gssapi/acquire_cred.c b/crypto/heimdal/lib/gssapi/acquire_cred.c
index 821bbc3e71ec..341d06daf89c 100644
--- a/crypto/heimdal/lib/gssapi/acquire_cred.c
+++ b/crypto/heimdal/lib/gssapi/acquire_cred.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: acquire_cred.c,v 1.3 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: acquire_cred.c,v 1.4 2001/01/30 00:49:05 assar Exp $");
OM_uint32 gss_acquire_cred
(OM_uint32 * minor_status,
@@ -48,21 +48,67 @@ OM_uint32 gss_acquire_cred
{
gss_cred_id_t handle;
OM_uint32 ret;
+ krb5_principal def_princ;
+ krb5_ccache ccache;
+ krb5_error_code pret = -1, kret = 0;
+ krb5_keytab kt;
+ krb5_creds cred;
+ krb5_get_init_creds_opt opt;
handle = (gss_cred_id_t)malloc(sizeof(*handle));
if (handle == GSS_C_NO_CREDENTIAL) {
return GSS_S_FAILURE;
}
+ memset(handle, 0, sizeof (*handle));
ret = gss_duplicate_name(minor_status, desired_name, &handle->principal);
if (ret) {
return ret;
}
+ if (krb5_cc_default(gssapi_krb5_context, &ccache) == 0 &&
+ (pret = krb5_cc_get_principal(gssapi_krb5_context, ccache,
+ &def_princ)) == 0 &&
+ krb5_principal_compare(gssapi_krb5_context, handle->principal,
+ def_princ) == TRUE) {
+ handle->ccache = ccache;
+ handle->keytab = NULL;
+ } else {
+ kret = krb5_kt_default(gssapi_krb5_context, &kt);
+ if (kret != 0)
+ goto out;
+ krb5_get_init_creds_opt_init(&opt);
+ memset(&cred, 0, sizeof(cred));
+ kret = krb5_get_init_creds_keytab(gssapi_krb5_context, &cred,
+ handle->principal, kt, 0, NULL, &opt);
+ if (kret != 0) {
+ krb5_kt_close(gssapi_krb5_context, kt);
+ goto out;
+ }
+ kret = krb5_cc_gen_new(gssapi_krb5_context, &krb5_mcc_ops, &ccache);
+ if (kret != 0) {
+ krb5_kt_close(gssapi_krb5_context, kt);
+ goto out;
+ }
+ kret = krb5_cc_initialize(gssapi_krb5_context, ccache, cred.client);
+ if (kret != 0) {
+ krb5_kt_close(gssapi_krb5_context, kt);
+ krb5_cc_close(gssapi_krb5_context, ccache);
+ goto out;
+ }
+ kret = krb5_cc_store_cred(gssapi_krb5_context, ccache, &cred);
+ if (kret != 0) {
+ krb5_kt_close(gssapi_krb5_context, kt);
+ krb5_cc_close(gssapi_krb5_context, ccache);
+ goto out;
+ }
+ handle->ccache = ccache;
+ handle->keytab = kt;
+ }
+
+
/* XXX */
handle->lifetime = time_req;
-
- handle->keytab = NULL;
handle->usage = cred_usage;
ret = gss_create_empty_oid_set(minor_status, &handle->mechanisms);
@@ -83,5 +129,14 @@ OM_uint32 gss_acquire_cred
*output_cred_handle = handle;
+out:
+ if (pret == 0)
+ krb5_free_principal(gssapi_krb5_context, def_princ);
+
+ if (kret != 0) {
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+ }
+
return GSS_S_COMPLETE;
}
diff --git a/crypto/heimdal/lib/gssapi/add_oid_set_member.c b/crypto/heimdal/lib/gssapi/add_oid_set_member.c
index 996c5cfeb8c6..b8144ffeaebe 100644
--- a/crypto/heimdal/lib/gssapi/add_oid_set_member.c
+++ b/crypto/heimdal/lib/gssapi/add_oid_set_member.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: add_oid_set_member.c,v 1.3 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: add_oid_set_member.c,v 1.6 2000/07/02 04:44:11 assar Exp $");
OM_uint32 gss_add_oid_set_member (
OM_uint32 * minor_status,
@@ -41,13 +41,23 @@ OM_uint32 gss_add_oid_set_member (
gss_OID_set * oid_set
)
{
- size_t n = (*oid_set)->count;
+ gss_OID tmp;
+ size_t n;
+ OM_uint32 res;
+ int present;
- (*oid_set)->elements = realloc ((*oid_set)->elements,
- n * sizeof(gss_OID_desc));
- if ((*oid_set)->elements == NULL) {
+ res = gss_test_oid_set_member(minor_status, member_oid, *oid_set, &present);
+ if (res != GSS_S_COMPLETE)
+ return res;
+
+ if (present)
+ return GSS_S_COMPLETE;
+
+ n = (*oid_set)->count + 1;
+ tmp = realloc ((*oid_set)->elements, n * sizeof(gss_OID_desc));
+ if (tmp == NULL)
return GSS_S_FAILURE;
- }
+ (*oid_set)->elements = tmp;
(*oid_set)->count = n;
(*oid_set)->elements[n-1] = *member_oid;
return GSS_S_COMPLETE;
diff --git a/crypto/heimdal/lib/gssapi/address_to_krb5addr.c b/crypto/heimdal/lib/gssapi/address_to_krb5addr.c
new file mode 100644
index 000000000000..1d8c1b6a5c34
--- /dev/null
+++ b/crypto/heimdal/lib/gssapi/address_to_krb5addr.c
@@ -0,0 +1,75 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gssapi_locl.h"
+
+#include <roken.h>
+
+krb5_error_code
+gss_address_to_krb5addr(OM_uint32 gss_addr_type,
+ gss_buffer_desc *gss_addr,
+ int16_t port,
+ krb5_address *address)
+{
+ int addr_type;
+ struct sockaddr sa;
+ int sa_size = sizeof(sa);
+ krb5_error_code problem;
+
+ if (gss_addr == NULL)
+ return GSS_S_FAILURE;
+
+ switch (gss_addr_type) {
+#ifdef HAVE_IPV6
+ case GSS_C_AF_INET6: addr_type = AF_INET6;
+ break;
+#endif /* HAVE_IPV6 */
+
+ case GSS_C_AF_INET: addr_type = AF_INET;
+ break;
+ default:
+ return GSS_S_FAILURE;
+ }
+
+ problem = krb5_h_addr2sockaddr (addr_type,
+ gss_addr->value,
+ &sa,
+ &sa_size,
+ port);
+ if (problem)
+ return GSS_S_FAILURE;
+
+ problem = krb5_sockaddr2address (&sa, address);
+
+ return problem;
+}
diff --git a/crypto/heimdal/lib/gssapi/copy_ccache.c b/crypto/heimdal/lib/gssapi/copy_ccache.c
new file mode 100644
index 000000000000..f91acab4c397
--- /dev/null
+++ b/crypto/heimdal/lib/gssapi/copy_ccache.c
@@ -0,0 +1,56 @@
+/*
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "gssapi_locl.h"
+
+RCSID("$Id: copy_ccache.c,v 1.1 2001/01/30 00:35:47 assar Exp $");
+
+OM_uint32
+gss_krb5_copy_ccache(OM_uint32 *minor,
+ gss_cred_id_t cred,
+ krb5_ccache out)
+{
+ krb5_error_code kret;
+
+ if (cred->ccache == NULL) {
+ *minor = EINVAL;
+ return GSS_S_FAILURE;
+ }
+
+ kret = krb5_cc_copy_cache(gssapi_krb5_context, cred->ccache, out);
+ if (kret) {
+ *minor = kret;
+ return GSS_S_FAILURE;
+ }
+ return GSS_S_COMPLETE;
+}
diff --git a/crypto/heimdal/lib/gssapi/decapsulate.c b/crypto/heimdal/lib/gssapi/decapsulate.c
index e3603c7e0d62..b0a0f1ea513b 100644
--- a/crypto/heimdal/lib/gssapi/decapsulate.c
+++ b/crypto/heimdal/lib/gssapi/decapsulate.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: decapsulate.c,v 1.5 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: decapsulate.c,v 1.6 2000/07/29 05:48:13 assar Exp $");
OM_uint32
gssapi_krb5_verify_header(u_char **str,
@@ -44,18 +44,20 @@ gssapi_krb5_verify_header(u_char **str,
int e;
u_char *p = *str;
+ if (total_len < 1)
+ return GSS_S_DEFECTIVE_TOKEN;
if (*p++ != 0x60)
return GSS_S_DEFECTIVE_TOKEN;
e = der_get_length (p, total_len - 1, &len, &len_len);
if (e || 1 + len_len + len != total_len)
- abort ();
+ return GSS_S_DEFECTIVE_TOKEN;
p += len_len;
if (*p++ != 0x06)
return GSS_S_DEFECTIVE_TOKEN;
e = der_get_length (p, total_len - 1 - len_len - 1,
&mech_len, &foo);
if (e)
- abort ();
+ return GSS_S_DEFECTIVE_TOKEN;
p += foo;
if (mech_len != GSS_KRB5_MECHANISM->length)
return GSS_S_BAD_MECH;
diff --git a/crypto/heimdal/lib/gssapi/encapsulate.c b/crypto/heimdal/lib/gssapi/encapsulate.c
index 1b8636bc5a4d..2732b23e090f 100644
--- a/crypto/heimdal/lib/gssapi/encapsulate.c
+++ b/crypto/heimdal/lib/gssapi/encapsulate.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: encapsulate.c,v 1.4 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: encapsulate.c,v 1.5 2000/08/27 02:46:23 assar Exp $");
void
gssapi_krb5_encap_length (size_t data_len,
@@ -78,7 +78,7 @@ gssapi_krb5_make_header (u_char *p,
OM_uint32
gssapi_krb5_encapsulate(
- krb5_data *in_data,
+ const krb5_data *in_data,
gss_buffer_t output_token,
u_char *type
)
@@ -95,6 +95,5 @@ gssapi_krb5_encapsulate(
p = gssapi_krb5_make_header (output_token->value, len, type);
memcpy (p, in_data->data, in_data->length);
- krb5_data_free (in_data);
return GSS_S_COMPLETE;
}
diff --git a/crypto/heimdal/lib/gssapi/export_sec_context.c b/crypto/heimdal/lib/gssapi/export_sec_context.c
index d982be7af8cc..7116f95e438c 100644
--- a/crypto/heimdal/lib/gssapi/export_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/export_sec_context.c
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: export_sec_context.c,v 1.2 2000/02/12 21:25:24 assar Exp $");
+RCSID("$Id: export_sec_context.c,v 1.3 2000/07/08 11:42:22 assar Exp $");
OM_uint32
gss_export_sec_context (
@@ -44,8 +44,6 @@ gss_export_sec_context (
{
krb5_storage *sp;
krb5_auth_context ac;
- unsigned char auth_buf[1024];
- size_t sz;
int ret;
krb5_data data;
gss_buffer_desc buffer;
@@ -97,16 +95,21 @@ gss_export_sec_context (
krb5_store_int32 (sp, ac->remote_seqnumber);
#if 0
- ret = encode_Authenticator (auth_buf, sizeof(auth_buf),
- ac->authenticator, &sz);
- if (ret) {
- krb5_storage_free (sp);
- *minor_status = ret;
- return GSS_S_FAILURE;
+ {
+ size_t sz;
+ unsigned char auth_buf[1024];
+
+ ret = encode_Authenticator (auth_buf, sizeof(auth_buf),
+ ac->authenticator, &sz);
+ if (ret) {
+ krb5_storage_free (sp);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ data.data = auth_buf;
+ data.length = sz;
+ krb5_store_data (sp, data);
}
- data.data = auth_buf;
- data.length = sz;
- krb5_store_data (sp, data);
#endif
krb5_store_int32 (sp, ac->keytype);
krb5_store_int32 (sp, ac->cksumtype);
diff --git a/crypto/heimdal/lib/gssapi/external.c b/crypto/heimdal/lib/gssapi/external.c
index 19e830689eb1..dca35ea94318 100644
--- a/crypto/heimdal/lib/gssapi/external.c
+++ b/crypto/heimdal/lib/gssapi/external.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: external.c,v 1.4 1999/12/02 17:05:03 joda Exp $");
+RCSID("$Id: external.c,v 1.5 2000/07/22 03:45:28 assar Exp $");
/*
* The implementation must reserve static storage for a
@@ -94,15 +94,38 @@ gss_OID GSS_C_NT_STRING_UID_NAME = &gss_c_nt_string_uid_name_oid_desc;
* gss_OID_desc object containing the value
* {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
* corresponding to an object-identifier value of
- * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
- * 6(nametypes), 2(gss-host-based-services)}. The constant
- * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point
- * to that gss_OID_desc.
+ * {iso(1) org(3) dod(6) internet(1) security(5)
+ * nametypes(6) gss-host-based-services(2)). The constant
+ * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
+ * to that gss_OID_desc. This is a deprecated OID value, and
+ * implementations wishing to support hostbased-service names
+ * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
+ * defined below, to identify such names;
+ * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
+ * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
+ * parameter, but should not be emitted by GSS-API
+ * implementations
*/
-static gss_OID_desc gss_c_nt_hostbased_service_oid_desc =
+static gss_OID_desc gss_c_nt_hostbased_service_x_oid_desc =
{6, (void *)"\x2b\x06\x01\x05\x06\x02"};
+gss_OID GSS_C_NT_HOSTBASED_SERVICE_X = &gss_c_nt_hostbased_service_x_oid_desc;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
+ * "\x01\x02\x01\x04"}, corresponding to an
+ * object-identifier value of {iso(1) member-body(2)
+ * Unites States(840) mit(113554) infosys(1) gssapi(2)
+ * generic(1) service_name(4)}. The constant
+ * GSS_C_NT_HOSTBASED_SERVICE should be initialized
+ * to point to that gss_OID_desc.
+ */
+static gss_OID_desc gss_c_nt_hostbased_service_oid_desc =
+{10, (void *)"\x2a\x86\x48\x86\xf7\x12" "\x01\x02\x01\x04"};
+
gss_OID GSS_C_NT_HOSTBASED_SERVICE = &gss_c_nt_hostbased_service_oid_desc;
/*
diff --git a/crypto/heimdal/lib/gssapi/get_mic.c b/crypto/heimdal/lib/gssapi/get_mic.c
index 8dd1b6f9a1e7..a2110047221f 100644
--- a/crypto/heimdal/lib/gssapi/get_mic.c
+++ b/crypto/heimdal/lib/gssapi/get_mic.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,21 +33,23 @@
#include "gssapi_locl.h"
-RCSID("$Id: get_mic.c,v 1.11 2000/01/25 23:19:22 assar Exp $");
+RCSID("$Id: get_mic.c,v 1.15 2001/01/29 02:08:58 assar Exp $");
-OM_uint32 gss_get_mic
+static OM_uint32
+mic_des
(OM_uint32 * minor_status,
const gss_ctx_id_t context_handle,
gss_qop_t qop_req,
const gss_buffer_t message_buffer,
- gss_buffer_t message_token
+ gss_buffer_t message_token,
+ krb5_keyblock *key
)
{
u_char *p;
MD5_CTX md5;
u_char hash[16];
des_key_schedule schedule;
- des_cblock key;
+ des_cblock deskey;
des_cblock zero;
int32_t seq_number;
size_t len, total_len;
@@ -56,42 +58,44 @@ OM_uint32 gss_get_mic
message_token->length = total_len;
message_token->value = malloc (total_len);
- if (message_token->value == NULL)
+ if (message_token->value == NULL) {
+ *minor_status = ENOMEM;
return GSS_S_FAILURE;
+ }
p = gssapi_krb5_make_header(message_token->value,
len,
- "\x01\x01");
+ "\x01\x01"); /* TOK_ID */
- memcpy (p, "\x00\x00", 2);
+ memcpy (p, "\x00\x00", 2); /* SGN_ALG = DES MAC MD5 */
p += 2;
- memcpy (p, "\xff\xff\xff\xff", 4);
+
+ memcpy (p, "\xff\xff\xff\xff", 4); /* Filler */
p += 4;
- /* Fill in later */
+ /* Fill in later (SND-SEQ) */
memset (p, 0, 16);
p += 16;
/* checksum */
- MD5Init (&md5);
- MD5Update (&md5, p - 24, 8);
- MD5Update (&md5, message_buffer->value,
- message_buffer->length);
- MD5Final (hash, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, p - 24, 8);
+ MD5_Update (&md5, message_buffer->value, message_buffer->length);
+ MD5_Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
- gss_krb5_getsomekey(context_handle, &key);
- des_set_key (&key, schedule);
- des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
+ memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
+ des_set_key (&deskey, schedule);
+ des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
- memcpy (p - 8, hash, 8);
+ memcpy (p - 8, hash, 8); /* SGN_CKSUM */
/* sequence number */
krb5_auth_getlocalseqnumber (gssapi_krb5_context,
context_handle->auth_context,
&seq_number);
- p -= 16;
+ p -= 16; /* SND_SEQ */
p[0] = (seq_number >> 0) & 0xFF;
p[1] = (seq_number >> 8) & 0xFF;
p[2] = (seq_number >> 16) & 0xFF;
@@ -100,16 +104,178 @@ OM_uint32 gss_get_mic
(context_handle->more_flags & LOCAL) ? 0 : 0xFF,
4);
- des_set_key (&key, schedule);
- des_cbc_encrypt ((const void *)p, (void *)p, 8,
+ des_set_key (&deskey, schedule);
+ des_cbc_encrypt ((void *)p, (void *)p, 8,
schedule, (des_cblock *)(p + 8), DES_ENCRYPT);
krb5_auth_setlocalseqnumber (gssapi_krb5_context,
context_handle->auth_context,
++seq_number);
- memset (key, 0, sizeof(key));
+ memset (deskey, 0, sizeof(deskey));
memset (schedule, 0, sizeof(schedule));
return GSS_S_COMPLETE;
}
+
+static OM_uint32
+mic_des3
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ gss_qop_t qop_req,
+ const gss_buffer_t message_buffer,
+ gss_buffer_t message_token,
+ krb5_keyblock *key
+ )
+{
+ u_char *p;
+ Checksum cksum;
+ u_char seq[8];
+
+ int32_t seq_number;
+ size_t len, total_len;
+
+ krb5_crypto crypto;
+ krb5_error_code kret;
+ krb5_data encdata;
+ char *tmp;
+
+ gssapi_krb5_encap_length (36, &len, &total_len);
+
+ message_token->length = total_len;
+ message_token->value = malloc (total_len);
+ if (message_token->value == NULL) {
+ *minor_status = ENOMEM;
+ return GSS_S_FAILURE;
+ }
+
+ p = gssapi_krb5_make_header(message_token->value,
+ len,
+ "\x01\x01"); /* TOK-ID */
+
+ memcpy (p, "\x04\x00", 2); /* SGN_ALG = HMAC SHA1 DES3-KD */
+ p += 2;
+
+ memcpy (p, "\xff\xff\xff\xff", 4); /* filler */
+ p += 4;
+
+ /* this should be done in parts */
+
+ tmp = malloc (message_buffer->length + 8);
+ if (tmp == NULL) {
+ free (message_token->value);
+ *minor_status = ENOMEM;
+ return GSS_S_FAILURE;
+ }
+ memcpy (tmp, p - 8, 8);
+ memcpy (tmp + 8, message_buffer->value, message_buffer->length);
+
+ kret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto);
+ if (kret) {
+ free (message_token->value);
+ free (tmp);
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+ }
+
+ kret = krb5_create_checksum (gssapi_krb5_context,
+ crypto,
+ KRB5_KU_USAGE_SIGN,
+ tmp,
+ message_buffer->length + 8,
+ &cksum);
+ free (tmp);
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ if (kret) {
+ free (message_token->value);
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+ }
+
+ memcpy (p + 8, cksum.checksum.data, cksum.checksum.length);
+
+ /* sequence number */
+ krb5_auth_getlocalseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ &seq_number);
+
+ seq[0] = (seq_number >> 0) & 0xFF;
+ seq[1] = (seq_number >> 8) & 0xFF;
+ seq[2] = (seq_number >> 16) & 0xFF;
+ seq[3] = (seq_number >> 24) & 0xFF;
+ memset (seq + 4,
+ (context_handle->more_flags & LOCAL) ? 0 : 0xFF,
+ 4);
+
+ kret = krb5_crypto_init(gssapi_krb5_context, key,
+ ETYPE_DES3_CBC_NONE, &crypto);
+ if (kret) {
+ free (message_token->value);
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+ }
+
+ kret = krb5_encrypt (gssapi_krb5_context,
+ crypto,
+ KRB5_KU_USAGE_SEQ,
+ seq, 8, &encdata);
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ if (kret) {
+ free (message_token->value);
+ *minor_status = kret;
+ return GSS_S_FAILURE;
+ }
+
+ assert (encdata.length == 8);
+
+ memcpy (p, encdata.data, encdata.length);
+ krb5_data_free (&encdata);
+
+ p += 8 + cksum.checksum.length;
+
+ memcpy (p, message_buffer->value, message_buffer->length);
+
+ krb5_auth_setlocalseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ ++seq_number);
+
+ free_Checksum (&cksum);
+ return GSS_S_COMPLETE;
+}
+
+OM_uint32 gss_get_mic
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ gss_qop_t qop_req,
+ const gss_buffer_t message_buffer,
+ gss_buffer_t message_token
+ )
+{
+ krb5_keyblock *key;
+ OM_uint32 ret;
+ krb5_keytype keytype;
+
+ ret = gss_krb5_getsomekey(context_handle, &key);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
+
+ switch (keytype) {
+ case KEYTYPE_DES :
+ ret = mic_des (minor_status, context_handle, qop_req,
+ message_buffer, message_token, key);
+ break;
+ case KEYTYPE_DES3 :
+ ret = mic_des3 (minor_status, context_handle, qop_req,
+ message_buffer, message_token, key);
+ break;
+ default :
+ *minor_status = KRB5_PROG_ETYPE_NOSUPP;
+ ret = GSS_S_FAILURE;
+ break;
+ }
+ krb5_free_keyblock (gssapi_krb5_context, key);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/gssapi/gssapi.h b/crypto/heimdal/lib/gssapi/gssapi.h
index 4c1b606bec41..156a5113f5d6 100644
--- a/crypto/heimdal/lib/gssapi/gssapi.h
+++ b/crypto/heimdal/lib/gssapi/gssapi.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: gssapi.h,v 1.14 1999/12/02 17:05:03 joda Exp $ */
+/* $Id: gssapi.h,v 1.20 2001/01/30 00:35:48 assar Exp $ */
#ifndef GSSAPI_H_
#define GSSAPI_H_
@@ -55,6 +55,8 @@
typedef u_int32_t OM_uint32;
+typedef u_int32_t gss_uint32;
+
/*
* This is to avoid having to include <krb5.h>
*/
@@ -89,6 +91,8 @@ typedef struct gss_OID_set_desc_struct {
struct krb5_keytab_data;
+struct krb5_ccache_data;
+
typedef int gss_cred_usage_t;
typedef struct gss_cred_id_t_desc_struct {
@@ -97,6 +101,7 @@ typedef struct gss_cred_id_t_desc_struct {
OM_uint32 lifetime;
gss_cred_usage_t usage;
gss_OID_set mechanisms;
+ struct krb5_ccache_data *ccache;
} gss_cred_id_t_desc;
typedef gss_cred_id_t_desc *gss_cred_id_t;
@@ -203,6 +208,9 @@ typedef OM_uint32 gss_qop_t;
*/
#define GSS_C_QOP_DEFAULT 0
+#define GSS_KRB5_CONF_C_QOP_DES 0x0100
+#define GSS_KRB5_CONF_C_QOP_DES3_KD 0x0200
+
/*
* Expiration time of 2^32-1 seconds means infinite lifetime for a
* credential or security context
@@ -253,10 +261,30 @@ extern gss_OID GSS_C_NT_STRING_UID_NAME;
* gss_OID_desc object containing the value
* {6, (void *)"\x2b\x06\x01\x05\x06\x02"},
* corresponding to an object-identifier value of
- * {1(iso), 3(org), 6(dod), 1(internet), 5(security),
- * 6(nametypes), 2(gss-host-based-services)}. The constant
- * GSS_C_NT_HOSTBASED_SERVICE should be initialized to point
- * to that gss_OID_desc.
+ * {iso(1) org(3) dod(6) internet(1) security(5)
+ * nametypes(6) gss-host-based-services(2)). The constant
+ * GSS_C_NT_HOSTBASED_SERVICE_X should be initialized to point
+ * to that gss_OID_desc. This is a deprecated OID value, and
+ * implementations wishing to support hostbased-service names
+ * should instead use the GSS_C_NT_HOSTBASED_SERVICE OID,
+ * defined below, to identify such names;
+ * GSS_C_NT_HOSTBASED_SERVICE_X should be accepted a synonym
+ * for GSS_C_NT_HOSTBASED_SERVICE when presented as an input
+ * parameter, but should not be emitted by GSS-API
+ * implementations
+ */
+extern gss_OID GSS_C_NT_HOSTBASED_SERVICE_X;
+
+/*
+ * The implementation must reserve static storage for a
+ * gss_OID_desc object containing the value
+ * {10, (void *)"\x2a\x86\x48\x86\xf7\x12"
+ * "\x01\x02\x01\x04"}, corresponding to an
+ * object-identifier value of {iso(1) member-body(2)
+ * Unites States(840) mit(113554) infosys(1) gssapi(2)
+ * generic(1) service_name(4)}. The constant
+ * GSS_C_NT_HOSTBASED_SERVICE should be initialized
+ * to point to that gss_OID_desc.
*/
extern gss_OID GSS_C_NT_HOSTBASED_SERVICE;
@@ -295,6 +323,10 @@ extern gss_OID GSS_KRB5_NT_STRING_UID_NAME;
extern gss_OID GSS_KRB5_MECHANISM;
+/* for compatibility with MIT api */
+
+#define gss_mech_krb5 GSS_KRB5_MECHANISM
+
/* Major status codes */
#define GSS_S_COMPLETE 0
@@ -739,4 +771,9 @@ OM_uint32 gss_unseal
OM_uint32 gsskrb5_register_acceptor_identity
(char *identity);
+OM_uint32 gss_krb5_copy_ccache
+ (OM_uint32 *minor,
+ gss_cred_id_t cred,
+ struct krb5_ccache_data *out);
+
#endif /* GSSAPI_H_ */
diff --git a/crypto/heimdal/lib/gssapi/gssapi_locl.h b/crypto/heimdal/lib/gssapi/gssapi_locl.h
index 53f9cdc8b250..d8d0624fbf19 100644
--- a/crypto/heimdal/lib/gssapi/gssapi_locl.h
+++ b/crypto/heimdal/lib/gssapi/gssapi_locl.h
@@ -31,13 +31,14 @@
* SUCH DAMAGE.
*/
-/* $Id: gssapi_locl.h,v 1.12 2000/02/12 21:26:26 assar Exp $ */
+/* $Id: gssapi_locl.h,v 1.14 2000/08/27 04:19:00 assar Exp $ */
#ifndef GSSAPI_LOCL_H
#define GSSAPI_LOCL_H
#include <krb5_locl.h>
#include <gssapi.h>
+#include <assert.h>
extern krb5_context gssapi_krb5_context;
@@ -47,17 +48,19 @@ krb5_error_code
gssapi_krb5_create_8003_checksum (
const gss_channel_bindings_t input_chan_bindings,
OM_uint32 flags,
+ krb5_data *fwd_data,
Checksum *result);
krb5_error_code
gssapi_krb5_verify_8003_checksum (
const gss_channel_bindings_t input_chan_bindings,
Checksum *cksum,
- OM_uint32 *flags);
+ OM_uint32 *flags,
+ krb5_data *fwd_data);
OM_uint32
gssapi_krb5_encapsulate(
- krb5_data *in_data,
+ const krb5_data *in_data,
gss_buffer_t output_token,
u_char *type);
@@ -84,7 +87,13 @@ gssapi_krb5_verify_header(u_char **str,
OM_uint32
gss_krb5_getsomekey(const gss_ctx_id_t context_handle,
- des_cblock *key);
+ krb5_keyblock **key);
+
+krb5_error_code
+gss_address_to_krb5addr(OM_uint32 gss_addr_type,
+ gss_buffer_desc *gss_addr,
+ int16_t port,
+ krb5_address *address);
/* sec_context flags */
diff --git a/crypto/heimdal/lib/gssapi/import_sec_context.c b/crypto/heimdal/lib/gssapi/import_sec_context.c
index 2667637fbba4..7d177a84074f 100644
--- a/crypto/heimdal/lib/gssapi/import_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/import_sec_context.c
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: import_sec_context.c,v 1.2 2000/02/12 21:26:00 assar Exp $");
+RCSID("$Id: import_sec_context.c,v 1.3 2000/07/08 11:56:03 assar Exp $");
OM_uint32
gss_import_sec_context (
@@ -51,7 +51,6 @@ gss_import_sec_context (
krb5_data data;
gss_buffer_desc buffer;
krb5_keyblock keyblock;
- size_t sz;
int32_t tmp;
int32_t flags;
@@ -121,21 +120,25 @@ gss_import_sec_context (
krb5_ret_int32 (sp, &ac->remote_seqnumber);
#if 0
- krb5_ret_data (sp, &data);
- ac->authenticator = malloc (sizeof (*ac->authenticator));
- if (ac->authenticator == NULL) {
- *minor_status = ENOMEM;
- ret = GSS_S_FAILURE;
- goto failure;
- }
-
- kret = decode_Authenticator (data.data, data.length,
- ac->authenticator, &sz);
- krb5_data_free (&data);
- if (kret) {
- *minor_status = kret;
- ret = GSS_S_FAILURE;
- goto failure;
+ {
+ size_t sz;
+
+ krb5_ret_data (sp, &data);
+ ac->authenticator = malloc (sizeof (*ac->authenticator));
+ if (ac->authenticator == NULL) {
+ *minor_status = ENOMEM;
+ ret = GSS_S_FAILURE;
+ goto failure;
+ }
+
+ kret = decode_Authenticator (data.data, data.length,
+ ac->authenticator, &sz);
+ krb5_data_free (&data);
+ if (kret) {
+ *minor_status = kret;
+ ret = GSS_S_FAILURE;
+ goto failure;
+ }
}
#endif
diff --git a/crypto/heimdal/lib/gssapi/init.c b/crypto/heimdal/lib/gssapi/init.c
index 2c0149038dd5..6b19c46e3c32 100644
--- a/crypto/heimdal/lib/gssapi/init.c
+++ b/crypto/heimdal/lib/gssapi/init.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,11 +33,15 @@
#include "gssapi_locl.h"
-RCSID("$Id: init.c,v 1.4 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: init.c,v 1.5 2000/12/31 07:58:37 assar Exp $");
void
gssapi_krb5_init (void)
{
- if(gssapi_krb5_context == NULL)
- krb5_init_context (&gssapi_krb5_context);
+ krb5_error_code ret;
+
+ if(gssapi_krb5_context == NULL) {
+ ret = krb5_init_context (&gssapi_krb5_context);
+ /* and what do we do when that failed? */
+ }
}
diff --git a/crypto/heimdal/lib/gssapi/init_sec_context.c b/crypto/heimdal/lib/gssapi/init_sec_context.c
index 2f9bbc9ab5d2..7b05d9180ad6 100644
--- a/crypto/heimdal/lib/gssapi/init_sec_context.c
+++ b/crypto/heimdal/lib/gssapi/init_sec_context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,24 +33,163 @@
#include "gssapi_locl.h"
-RCSID("$Id: init_sec_context.c,v 1.18 1999/12/26 18:31:36 assar Exp $");
+RCSID("$Id: init_sec_context.c,v 1.25 2001/01/30 22:49:56 assar Exp $");
+
+/*
+ * copy the addresses from `input_chan_bindings' (if any) to
+ * the auth context `ac'
+ */
+
+static OM_uint32
+set_addresses (krb5_auth_context ac,
+ const gss_channel_bindings_t input_chan_bindings)
+{
+ /* Port numbers are expected to be in application_data.value,
+ * initator's port first */
+
+ krb5_address initiator_addr, acceptor_addr;
+ krb5_error_code kret;
+
+ if (input_chan_bindings == GSS_C_NO_CHANNEL_BINDINGS
+ || input_chan_bindings->application_data.length !=
+ 2 * sizeof(ac->local_port))
+ return 0;
+
+ memset(&initiator_addr, 0, sizeof(initiator_addr));
+ memset(&acceptor_addr, 0, sizeof(acceptor_addr));
+
+ ac->local_port =
+ *(int16_t *) input_chan_bindings->application_data.value;
+
+ ac->remote_port =
+ *((int16_t *) input_chan_bindings->application_data.value + 1);
+
+ kret = gss_address_to_krb5addr(input_chan_bindings->acceptor_addrtype,
+ &input_chan_bindings->acceptor_address,
+ ac->remote_port,
+ &acceptor_addr);
+ if (kret)
+ return kret;
+
+ kret = gss_address_to_krb5addr(input_chan_bindings->initiator_addrtype,
+ &input_chan_bindings->initiator_address,
+ ac->local_port,
+ &initiator_addr);
+ if (kret) {
+ krb5_free_address (gssapi_krb5_context, &acceptor_addr);
+ return kret;
+ }
+
+ kret = krb5_auth_con_setaddrs(gssapi_krb5_context,
+ ac,
+ &initiator_addr, /* local address */
+ &acceptor_addr); /* remote address */
+
+ krb5_free_address (gssapi_krb5_context, &initiator_addr);
+ krb5_free_address (gssapi_krb5_context, &acceptor_addr);
+
+#if 0
+ free(input_chan_bindings->application_data.value);
+ input_chan_bindings->application_data.value = NULL;
+ input_chan_bindings->application_data.length = 0;
+#endif
+
+ return kret;
+}
+
+/*
+ * handle delegated creds in init-sec-context
+ */
+
+static void
+do_delegation (krb5_auth_context ac,
+ krb5_ccache ccache,
+ krb5_creds *cred,
+ const gss_name_t target_name,
+ krb5_data *fwd_data,
+ int *flags)
+{
+ krb5_creds creds;
+ krb5_kdc_flags fwd_flags;
+ krb5_keyblock *subkey;
+ krb5_error_code kret;
+
+ memset (&creds, 0, sizeof(creds));
+ krb5_data_zero (fwd_data);
+
+ kret = krb5_generate_subkey (gssapi_krb5_context, &cred->session, &subkey);
+ if (kret)
+ goto out;
+
+ kret = krb5_auth_con_setlocalsubkey(gssapi_krb5_context, ac, subkey);
+ krb5_free_keyblock (gssapi_krb5_context, subkey);
+ if (kret)
+ goto out;
+
+ kret = krb5_cc_get_principal(gssapi_krb5_context, ccache, &creds.client);
+ if (kret)
+ goto out;
+
+ kret = krb5_build_principal(gssapi_krb5_context,
+ &creds.server,
+ strlen(creds.client->realm),
+ creds.client->realm,
+ KRB5_TGS_NAME,
+ creds.client->realm,
+ NULL);
+ if (kret)
+ goto out;
+
+ creds.times.endtime = 0;
+
+ fwd_flags.i = 0;
+ fwd_flags.b.forwarded = 1;
+ fwd_flags.b.forwardable = 1;
+
+ if ( /*target_name->name.name_type != KRB5_NT_SRV_HST ||*/
+ target_name->name.name_string.len < 2)
+ goto out;
+
+ kret = krb5_get_forwarded_creds(gssapi_krb5_context,
+ ac,
+ ccache,
+ fwd_flags.i,
+ target_name->name.name_string.val[1],
+ &creds,
+ fwd_data);
+
+ out:
+ if (kret)
+ *flags &= ~GSS_C_DELEG_FLAG;
+ else
+ *flags |= GSS_C_DELEG_FLAG;
+
+ if (creds.client)
+ krb5_free_principal(gssapi_krb5_context, creds.client);
+ if (creds.server)
+ krb5_free_principal(gssapi_krb5_context, creds.server);
+}
+
+/*
+ * first stage of init-sec-context
+ */
static OM_uint32
init_auth
- (OM_uint32 * minor_status,
- const gss_cred_id_t initiator_cred_handle,
- gss_ctx_id_t * context_handle,
- const gss_name_t target_name,
- const gss_OID mech_type,
- OM_uint32 req_flags,
- OM_uint32 time_req,
- const gss_channel_bindings_t input_chan_bindings,
- const gss_buffer_t input_token,
- gss_OID * actual_mech_type,
- gss_buffer_t output_token,
- OM_uint32 * ret_flags,
- OM_uint32 * time_rec
- )
+(OM_uint32 * minor_status,
+ const gss_cred_id_t initiator_cred_handle,
+ gss_ctx_id_t * context_handle,
+ const gss_name_t target_name,
+ const gss_OID mech_type,
+ OM_uint32 req_flags,
+ OM_uint32 time_req,
+ const gss_channel_bindings_t input_chan_bindings,
+ const gss_buffer_t input_token,
+ gss_OID * actual_mech_type,
+ gss_buffer_t output_token,
+ OM_uint32 * ret_flags,
+ OM_uint32 * time_rec
+ )
{
OM_uint32 ret = GSS_S_FAILURE;
krb5_error_code kret;
@@ -63,12 +202,13 @@ init_auth
krb5_data authenticator;
Checksum cksum;
krb5_enctype enctype;
+ krb5_data fwd_data;
output_token->length = 0;
output_token->value = NULL;
- outbuf.length = 0;
- outbuf.data = NULL;
+ krb5_data_zero(&outbuf);
+ krb5_data_zero(&fwd_data);
*minor_status = 0;
@@ -78,12 +218,12 @@ init_auth
return GSS_S_FAILURE;
}
- (*context_handle)->auth_context = NULL;
- (*context_handle)->source = NULL;
- (*context_handle)->target = NULL;
- (*context_handle)->flags = 0;
- (*context_handle)->more_flags = 0;
- (*context_handle)->ticket = NULL;
+ (*context_handle)->auth_context = NULL;
+ (*context_handle)->source = NULL;
+ (*context_handle)->target = NULL;
+ (*context_handle)->flags = 0;
+ (*context_handle)->more_flags = 0;
+ (*context_handle)->ticket = NULL;
kret = krb5_auth_con_init (gssapi_krb5_context,
&(*context_handle)->auth_context);
@@ -93,6 +233,14 @@ init_auth
goto failure;
}
+ kret = set_addresses ((*context_handle)->auth_context,
+ input_chan_bindings);
+ if (kret) {
+ *minor_status = kret;
+ ret = GSS_S_BAD_BINDINGS;
+ goto failure;
+ }
+
{
int32_t tmp;
@@ -108,36 +256,15 @@ init_auth
if (actual_mech_type)
*actual_mech_type = GSS_KRB5_MECHANISM;
- flags = 0;
- ap_options = 0;
- if (req_flags & GSS_C_DELEG_FLAG)
- ; /* XXX */
- if (req_flags & GSS_C_MUTUAL_FLAG) {
- flags |= GSS_C_MUTUAL_FLAG;
- ap_options |= AP_OPTS_MUTUAL_REQUIRED;
- }
- if (req_flags & GSS_C_REPLAY_FLAG)
- ; /* XXX */
- if (req_flags & GSS_C_SEQUENCE_FLAG)
- ; /* XXX */
- if (req_flags & GSS_C_ANON_FLAG)
- ; /* XXX */
- flags |= GSS_C_CONF_FLAG;
- flags |= GSS_C_INTEG_FLAG;
- flags |= GSS_C_SEQUENCE_FLAG;
- flags |= GSS_C_TRANS_FLAG;
-
- if (ret_flags)
- *ret_flags = flags;
- (*context_handle)->flags = flags;
- (*context_handle)->more_flags = LOCAL;
-
- kret = krb5_cc_default (gssapi_krb5_context, &ccache);
- if (kret) {
- *minor_status = kret;
- ret = GSS_S_FAILURE;
- goto failure;
- }
+ if (initiator_cred_handle == GSS_C_NO_CREDENTIAL) {
+ kret = krb5_cc_default (gssapi_krb5_context, &ccache);
+ if (kret) {
+ *minor_status = kret;
+ ret = GSS_S_FAILURE;
+ goto failure;
+ }
+ } else
+ ccache = initiator_cred_handle->ccache;
kret = krb5_cc_get_principal (gssapi_krb5_context,
ccache,
@@ -160,8 +287,14 @@ init_auth
memset(&this_cred, 0, sizeof(this_cred));
this_cred.client = (*context_handle)->source;
this_cred.server = (*context_handle)->target;
- this_cred.times.endtime = 0;
- this_cred.session.keytype = ETYPE_DES_CBC_CRC;
+ if (time_req) {
+ krb5_timestamp ts;
+
+ krb5_timeofday (gssapi_krb5_context, &ts);
+ this_cred.times.endtime = ts + time_req;
+ } else
+ this_cred.times.endtime = 0;
+ this_cred.session.keytype = 0;
kret = krb5_get_credentials (gssapi_krb5_context,
KRB5_TC_MATCH_KEYTYPE,
@@ -179,9 +312,38 @@ init_auth
(*context_handle)->auth_context,
&cred->session);
+ flags = 0;
+ ap_options = 0;
+ if (req_flags & GSS_C_DELEG_FLAG)
+ do_delegation ((*context_handle)->auth_context,
+ ccache, cred, target_name, &fwd_data, &flags);
+
+ if (req_flags & GSS_C_MUTUAL_FLAG) {
+ flags |= GSS_C_MUTUAL_FLAG;
+ ap_options |= AP_OPTS_MUTUAL_REQUIRED;
+ }
+
+ if (req_flags & GSS_C_REPLAY_FLAG)
+ ; /* XXX */
+ if (req_flags & GSS_C_SEQUENCE_FLAG)
+ ; /* XXX */
+ if (req_flags & GSS_C_ANON_FLAG)
+ ; /* XXX */
+ flags |= GSS_C_CONF_FLAG;
+ flags |= GSS_C_INTEG_FLAG;
+ flags |= GSS_C_SEQUENCE_FLAG;
+ flags |= GSS_C_TRANS_FLAG;
+
+ if (ret_flags)
+ *ret_flags = flags;
+ (*context_handle)->flags = flags;
+ (*context_handle)->more_flags = LOCAL;
+
kret = gssapi_krb5_create_8003_checksum (input_chan_bindings,
flags,
+ &fwd_data,
&cksum);
+ krb5_data_free (&fwd_data);
if (kret) {
*minor_status = kret;
ret = GSS_S_FAILURE;
@@ -202,15 +364,14 @@ init_auth
}
#endif
-
-
kret = krb5_build_authenticator (gssapi_krb5_context,
(*context_handle)->auth_context,
enctype,
cred,
&cksum,
&auth,
- &authenticator);
+ &authenticator,
+ KRB5_KU_AP_REQ_AUTH);
if (kret) {
*minor_status = kret;
@@ -231,14 +392,14 @@ init_auth
goto failure;
}
- ret = gssapi_krb5_encapsulate (&outbuf,
- output_token,
- "\x01\x00");
+ ret = gssapi_krb5_encapsulate (&outbuf, output_token, "\x01\x00");
if (ret) {
*minor_status = kret;
goto failure;
}
+ krb5_data_free (&outbuf);
+
if (flags & GSS_C_MUTUAL_FLAG) {
return GSS_S_CONTINUE_NEEDED;
} else {
@@ -246,7 +407,7 @@ init_auth
return GSS_S_COMPLETE;
}
-failure:
+ failure:
krb5_auth_con_free (gssapi_krb5_context,
(*context_handle)->auth_context);
if((*context_handle)->source)
@@ -278,33 +439,31 @@ repl_mutual
OM_uint32 * time_rec
)
{
- OM_uint32 ret;
- krb5_error_code kret;
- krb5_data indata;
- krb5_ap_rep_enc_part *repl;
-
- ret = gssapi_krb5_decapsulate (input_token,
- &indata,
- "\x02\x00");
- if (ret) {
+ OM_uint32 ret;
+ krb5_error_code kret;
+ krb5_data indata;
+ krb5_ap_rep_enc_part *repl;
+
+ ret = gssapi_krb5_decapsulate (input_token, &indata, "\x02\x00");
+ if (ret) {
/* XXX - Handle AP_ERROR */
- return GSS_S_FAILURE;
- }
+ return GSS_S_FAILURE;
+ }
- kret = krb5_rd_rep (gssapi_krb5_context,
- (*context_handle)->auth_context,
- &indata,
- &repl);
- if (kret)
- return GSS_S_FAILURE;
- krb5_free_ap_rep_enc_part (gssapi_krb5_context,
- repl);
+ kret = krb5_rd_rep (gssapi_krb5_context,
+ (*context_handle)->auth_context,
+ &indata,
+ &repl);
+ if (kret)
+ return GSS_S_FAILURE;
+ krb5_free_ap_rep_enc_part (gssapi_krb5_context,
+ repl);
- output_token->length = 0;
+ output_token->length = 0;
- (*context_handle)->more_flags |= OPEN;
+ (*context_handle)->more_flags |= OPEN;
- return GSS_S_COMPLETE;
+ return GSS_S_COMPLETE;
}
/*
@@ -327,34 +486,34 @@ OM_uint32 gss_init_sec_context
OM_uint32 * time_rec
)
{
- gssapi_krb5_init ();
-
- if (input_token == GSS_C_NO_BUFFER || input_token->length == 0)
- return init_auth (minor_status,
- initiator_cred_handle,
- context_handle,
- target_name,
- mech_type,
- req_flags,
- time_req,
- input_chan_bindings,
- input_token,
- actual_mech_type,
- output_token,
- ret_flags,
- time_rec);
- else
- return repl_mutual(minor_status,
- initiator_cred_handle,
- context_handle,
- target_name,
- mech_type,
- req_flags,
- time_req,
- input_chan_bindings,
- input_token,
- actual_mech_type,
- output_token,
- ret_flags,
- time_rec);
+ gssapi_krb5_init ();
+
+ if (input_token == GSS_C_NO_BUFFER || input_token->length == 0)
+ return init_auth (minor_status,
+ initiator_cred_handle,
+ context_handle,
+ target_name,
+ mech_type,
+ req_flags,
+ time_req,
+ input_chan_bindings,
+ input_token,
+ actual_mech_type,
+ output_token,
+ ret_flags,
+ time_rec);
+ else
+ return repl_mutual(minor_status,
+ initiator_cred_handle,
+ context_handle,
+ target_name,
+ mech_type,
+ req_flags,
+ time_req,
+ input_chan_bindings,
+ input_token,
+ actual_mech_type,
+ output_token,
+ ret_flags,
+ time_rec);
}
diff --git a/crypto/heimdal/lib/gssapi/release_buffer.c b/crypto/heimdal/lib/gssapi/release_buffer.c
index 85f971f12231..f399a1816fed 100644
--- a/crypto/heimdal/lib/gssapi/release_buffer.c
+++ b/crypto/heimdal/lib/gssapi/release_buffer.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: release_buffer.c,v 1.3 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: release_buffer.c,v 1.4 2000/04/12 09:47:23 assar Exp $");
OM_uint32 gss_release_buffer
(OM_uint32 * minor_status,
@@ -41,6 +41,7 @@ OM_uint32 gss_release_buffer
)
{
free (buffer->value);
+ buffer->value = NULL;
buffer->length = 0;
return GSS_S_COMPLETE;
}
diff --git a/crypto/heimdal/lib/gssapi/release_cred.c b/crypto/heimdal/lib/gssapi/release_cred.c
index 0ee876e386a3..87ad5121cc76 100644
--- a/crypto/heimdal/lib/gssapi/release_cred.c
+++ b/crypto/heimdal/lib/gssapi/release_cred.c
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: release_cred.c,v 1.4 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: release_cred.c,v 1.5 2001/01/30 00:49:05 assar Exp $");
OM_uint32 gss_release_cred
(OM_uint32 * minor_status,
@@ -49,6 +49,8 @@ OM_uint32 gss_release_cred
krb5_free_principal(gssapi_krb5_context, (*cred_handle)->principal);
if ((*cred_handle)->keytab != NULL)
krb5_kt_close(gssapi_krb5_context, (*cred_handle)->keytab);
+ if ((*cred_handle)->ccache != NULL)
+ krb5_cc_close(gssapi_krb5_context, (*cred_handle)->ccache);
gss_release_oid_set(NULL, &(*cred_handle)->mechanisms);
free(*cred_handle);
*cred_handle = GSS_C_NO_CREDENTIAL;
diff --git a/crypto/heimdal/lib/gssapi/release_name.c b/crypto/heimdal/lib/gssapi/release_name.c
index 7c0fcd36c0a7..ce18a91177ae 100644
--- a/crypto/heimdal/lib/gssapi/release_name.c
+++ b/crypto/heimdal/lib/gssapi/release_name.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: release_name.c,v 1.4 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: release_name.c,v 1.5 2000/04/12 09:48:27 assar Exp $");
OM_uint32 gss_release_name
(OM_uint32 * minor_status,
@@ -43,5 +43,6 @@ OM_uint32 gss_release_name
gssapi_krb5_init ();
krb5_free_principal(gssapi_krb5_context,
*input_name);
+ *input_name = GSS_C_NO_NAME;
return GSS_S_COMPLETE;
}
diff --git a/crypto/heimdal/lib/gssapi/release_oid_set.c b/crypto/heimdal/lib/gssapi/release_oid_set.c
index fe7171ed6b55..42257889f41d 100644
--- a/crypto/heimdal/lib/gssapi/release_oid_set.c
+++ b/crypto/heimdal/lib/gssapi/release_oid_set.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "gssapi_locl.h"
-RCSID("$Id: release_oid_set.c,v 1.3 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: release_oid_set.c,v 1.4 2000/04/19 13:06:13 assar Exp $");
OM_uint32 gss_release_oid_set
(OM_uint32 * minor_status,
@@ -42,5 +42,6 @@ OM_uint32 gss_release_oid_set
{
free ((*set)->elements);
free (*set);
+ *set = GSS_C_NO_OID_SET;
return GSS_S_COMPLETE;
}
diff --git a/crypto/heimdal/lib/gssapi/unwrap.c b/crypto/heimdal/lib/gssapi/unwrap.c
index 210bab1fce26..588517e15ac8 100644
--- a/crypto/heimdal/lib/gssapi/unwrap.c
+++ b/crypto/heimdal/lib/gssapi/unwrap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,11 +33,11 @@
#include "gssapi_locl.h"
-RCSID("$Id: unwrap.c,v 1.11 2000/01/25 23:13:38 assar Exp $");
+RCSID("$Id: unwrap.c,v 1.15 2001/01/29 02:08:58 assar Exp $");
OM_uint32
gss_krb5_getsomekey(const gss_ctx_id_t context_handle,
- des_cblock *key)
+ krb5_keyblock **key)
{
/* XXX this is ugly, and probably incorrect... */
krb5_keyblock *skey;
@@ -54,18 +54,19 @@ gss_krb5_getsomekey(const gss_ctx_id_t context_handle,
&skey);
if(skey == NULL)
return GSS_S_FAILURE;
- memcpy(key, skey->keyvalue.data, sizeof(*key));
- krb5_free_keyblock(gssapi_krb5_context, skey);
+ *key = skey;
return 0;
}
-OM_uint32 gss_unwrap
+static OM_uint32
+unwrap_des
(OM_uint32 * minor_status,
const gss_ctx_id_t context_handle,
const gss_buffer_t input_message_buffer,
gss_buffer_t output_message_buffer,
int * conf_state,
- gss_qop_t * qop_state
+ gss_qop_t * qop_state,
+ krb5_keyblock *key
)
{
u_char *p, *pad;
@@ -73,7 +74,7 @@ OM_uint32 gss_unwrap
MD5_CTX md5;
u_char hash[16], seq_data[8];
des_key_schedule schedule;
- des_cblock key;
+ des_cblock deskey;
des_cblock zero;
int i;
int32_t seq_number;
@@ -109,19 +110,20 @@ OM_uint32 gss_unwrap
if(cstate) {
/* decrypt data */
- gss_krb5_getsomekey(context_handle, &key);
- for (i = 0; i < sizeof(key); ++i)
- key[i] ^= 0xf0;
- des_set_key (&key, schedule);
+ memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
+
+ for (i = 0; i < sizeof(deskey); ++i)
+ deskey[i] ^= 0xf0;
+ des_set_key (&deskey, schedule);
memset (&zero, 0, sizeof(zero));
- des_cbc_encrypt ((const void *)p,
+ des_cbc_encrypt ((void *)p,
(void *)p,
input_message_buffer->length - len,
schedule,
&zero,
DES_DECRYPT);
- memset (key, 0, sizeof(key));
+ memset (deskey, 0, sizeof(deskey));
memset (schedule, 0, sizeof(schedule));
}
/* check pad */
@@ -134,15 +136,15 @@ OM_uint32 gss_unwrap
if (i != 0)
return GSS_S_BAD_MIC;
- MD5Init (&md5);
- MD5Update (&md5, p - 24, 8);
- MD5Update (&md5, p, input_message_buffer->length - len);
- MD5Final (hash, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, p - 24, 8);
+ MD5_Update (&md5, p, input_message_buffer->length - len);
+ MD5_Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
- gss_krb5_getsomekey(context_handle, &key);
- des_set_key (&key, schedule);
- des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
+ memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
+ des_set_key (&deskey, schedule);
+ des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
if (memcmp (p - 8, hash, 8) != 0)
return GSS_S_BAD_MIC;
@@ -161,11 +163,11 @@ OM_uint32 gss_unwrap
4);
p -= 16;
- des_set_key (&key, schedule);
- des_cbc_encrypt ((const void *)p, (void *)p, 8,
+ des_set_key (&deskey, schedule);
+ des_cbc_encrypt ((void *)p, (void *)p, 8,
schedule, (des_cblock *)hash, DES_DECRYPT);
- memset (key, 0, sizeof(key));
+ memset (deskey, 0, sizeof(deskey));
memset (schedule, 0, sizeof(schedule));
if (memcmp (p, seq_data, 8) != 0) {
@@ -179,7 +181,7 @@ OM_uint32 gss_unwrap
/* copy out data */
output_message_buffer->length = input_message_buffer->length
- - len - 8 - padlength;
+ - len - padlength - 8;
output_message_buffer->value = malloc(output_message_buffer->length);
if(output_message_buffer->length != 0 && output_message_buffer->value == NULL)
return GSS_S_FAILURE;
@@ -188,3 +190,217 @@ OM_uint32 gss_unwrap
output_message_buffer->length);
return GSS_S_COMPLETE;
}
+
+static OM_uint32
+unwrap_des3
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ const gss_buffer_t input_message_buffer,
+ gss_buffer_t output_message_buffer,
+ int * conf_state,
+ gss_qop_t * qop_state,
+ krb5_keyblock *key
+ )
+{
+ u_char *p, *pad;
+ size_t len;
+ u_char seq[8];
+ krb5_data seq_data;
+ u_char cksum[20];
+ int i;
+ int32_t seq_number;
+ size_t padlength;
+ OM_uint32 ret;
+ int cstate;
+ krb5_crypto crypto;
+ Checksum csum;
+ int cmp;
+
+ p = input_message_buffer->value;
+ ret = gssapi_krb5_verify_header (&p,
+ input_message_buffer->length,
+ "\x02\x01");
+ if (ret)
+ return ret;
+
+ if (memcmp (p, "\x04\x00", 2) != 0) /* HMAC SHA1 DES3_KD */
+ return GSS_S_BAD_SIG;
+ p += 2;
+ if (memcmp (p, "\x02\x00", 2) == 0) {
+ cstate = 1;
+ } else if (memcmp (p, "\xff\xff", 2) == 0) {
+ cstate = 0;
+ } else
+ return GSS_S_BAD_MIC;
+ p += 2;
+ if(conf_state != NULL)
+ *conf_state = cstate;
+ if (memcmp (p, "\xff\xff", 2) != 0)
+ return GSS_S_DEFECTIVE_TOKEN;
+ p += 2;
+ p += 28;
+
+ len = p - (u_char *)input_message_buffer->value;
+
+ if(cstate) {
+ /* decrypt data */
+ krb5_data tmp;
+
+ ret = krb5_crypto_init(gssapi_krb5_context, key,
+ ETYPE_DES3_CBC_NONE, &crypto);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ ret = krb5_decrypt(gssapi_krb5_context, crypto, KRB5_KU_USAGE_SEAL,
+ p, input_message_buffer->length - len, &tmp);
+ krb5_crypto_destroy(gssapi_krb5_context, crypto);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ assert (tmp.length == input_message_buffer->length - len);
+
+ memcpy (p, tmp.data, tmp.length);
+ krb5_data_free(&tmp);
+ }
+ /* check pad */
+
+ pad = (u_char *)input_message_buffer->value + input_message_buffer->length - 1;
+ padlength = *pad;
+
+ for (i = padlength; i > 0 && *pad == padlength; i--, pad--)
+ ;
+ if (i != 0)
+ return GSS_S_BAD_MIC;
+
+ /* verify sequence number */
+
+ krb5_auth_getremoteseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ &seq_number);
+ seq[0] = (seq_number >> 0) & 0xFF;
+ seq[1] = (seq_number >> 8) & 0xFF;
+ seq[2] = (seq_number >> 16) & 0xFF;
+ seq[3] = (seq_number >> 24) & 0xFF;
+ memset (seq + 4,
+ (context_handle->more_flags & LOCAL) ? 0xFF : 0,
+ 4);
+
+ p -= 28;
+
+ ret = krb5_crypto_init(gssapi_krb5_context, key,
+ ETYPE_DES3_CBC_NONE_IVEC, &crypto);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ {
+ des_cblock ivec;
+
+ memcpy(&ivec, p + 8, 8);
+ ret = krb5_decrypt_ivec (gssapi_krb5_context,
+ crypto,
+ KRB5_KU_USAGE_SEQ,
+ p, 8, &seq_data,
+ &ivec);
+ }
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ if (seq_data.length != 8) {
+ krb5_data_free (&seq_data);
+ return GSS_S_BAD_MIC;
+ }
+
+ cmp = memcmp (seq, seq_data.data, seq_data.length);
+ krb5_data_free (&seq_data);
+ if (cmp != 0) {
+ return GSS_S_BAD_MIC;
+ }
+
+ krb5_auth_setremoteseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ ++seq_number);
+
+ /* verify checksum */
+
+ memcpy (cksum, p + 8, 20);
+
+ memcpy (p + 20, p - 8, 8);
+
+ csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3;
+ csum.checksum.length = 20;
+ csum.checksum.data = cksum;
+
+ ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ ret = krb5_verify_checksum (gssapi_krb5_context, crypto,
+ KRB5_KU_USAGE_SIGN,
+ p + 20,
+ input_message_buffer->length - len + 8,
+ &csum);
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ /* copy out data */
+
+ output_message_buffer->length = input_message_buffer->length
+ - len - padlength - 8;
+ output_message_buffer->value = malloc(output_message_buffer->length);
+ if(output_message_buffer->length != 0 && output_message_buffer->value == NULL)
+ return GSS_S_FAILURE;
+ memcpy (output_message_buffer->value,
+ p + 36,
+ output_message_buffer->length);
+ return GSS_S_COMPLETE;
+}
+
+OM_uint32 gss_unwrap
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ const gss_buffer_t input_message_buffer,
+ gss_buffer_t output_message_buffer,
+ int * conf_state,
+ gss_qop_t * qop_state
+ )
+{
+ krb5_keyblock *key;
+ OM_uint32 ret;
+ krb5_keytype keytype;
+
+ ret = gss_krb5_getsomekey(context_handle, &key);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
+
+ switch (keytype) {
+ case KEYTYPE_DES :
+ ret = unwrap_des (minor_status, context_handle,
+ input_message_buffer, output_message_buffer,
+ conf_state, qop_state, key);
+ break;
+ case KEYTYPE_DES3 :
+ ret = unwrap_des3 (minor_status, context_handle,
+ input_message_buffer, output_message_buffer,
+ conf_state, qop_state, key);
+ break;
+ default :
+ *minor_status = KRB5_PROG_ETYPE_NOSUPP;
+ ret = GSS_S_FAILURE;
+ break;
+ }
+ krb5_free_keyblock (gssapi_krb5_context, key);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/gssapi/verify_mic.c b/crypto/heimdal/lib/gssapi/verify_mic.c
index 1cc4c520cb13..608de674afcf 100644
--- a/crypto/heimdal/lib/gssapi/verify_mic.c
+++ b/crypto/heimdal/lib/gssapi/verify_mic.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,22 +33,24 @@
#include "gssapi_locl.h"
-RCSID("$Id: verify_mic.c,v 1.9 2000/01/25 23:14:47 assar Exp $");
+RCSID("$Id: verify_mic.c,v 1.12 2001/01/29 02:08:59 assar Exp $");
-OM_uint32 gss_verify_mic
+static OM_uint32
+verify_mic_des
(OM_uint32 * minor_status,
const gss_ctx_id_t context_handle,
const gss_buffer_t message_buffer,
const gss_buffer_t token_buffer,
- gss_qop_t * qop_state
+ gss_qop_t * qop_state,
+ krb5_keyblock *key
)
{
u_char *p;
MD5_CTX md5;
u_char hash[16], seq_data[8];
des_key_schedule schedule;
- des_cblock key;
des_cblock zero;
+ des_cblock deskey;
int32_t seq_number;
OM_uint32 ret;
@@ -68,25 +70,20 @@ OM_uint32 gss_verify_mic
p += 16;
/* verify checksum */
- MD5Init (&md5);
- MD5Update (&md5, p - 24, 8);
- MD5Update (&md5, message_buffer->value,
+ MD5_Init (&md5);
+ MD5_Update (&md5, p - 24, 8);
+ MD5_Update (&md5, message_buffer->value,
message_buffer->length);
- MD5Final (hash, &md5);
+ MD5_Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
-#if 0
- memcpy (&key, context_handle->auth_context->key.keyvalue.data,
- sizeof(key));
-#endif
- memcpy (&key, context_handle->auth_context->remote_subkey->keyvalue.data,
- sizeof(key));
-
- des_set_key (&key, schedule);
- des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
+ memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
+
+ des_set_key (&deskey, schedule);
+ des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
if (memcmp (p - 8, hash, 8) != 0) {
- memset (key, 0, sizeof(key));
+ memset (deskey, 0, sizeof(deskey));
memset (schedule, 0, sizeof(schedule));
return GSS_S_BAD_MIC;
}
@@ -105,11 +102,11 @@ OM_uint32 gss_verify_mic
4);
p -= 16;
- des_set_key (&key, schedule);
- des_cbc_encrypt ((const void *)p, (void *)p, 8,
+ des_set_key (&deskey, schedule);
+ des_cbc_encrypt ((void *)p, (void *)p, 8,
schedule, (des_cblock *)hash, DES_DECRYPT);
- memset (key, 0, sizeof(key));
+ memset (deskey, 0, sizeof(deskey));
memset (schedule, 0, sizeof(schedule));
if (memcmp (p, seq_data, 8) != 0) {
@@ -122,3 +119,153 @@ OM_uint32 gss_verify_mic
return GSS_S_COMPLETE;
}
+
+static OM_uint32
+verify_mic_des3
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ const gss_buffer_t message_buffer,
+ const gss_buffer_t token_buffer,
+ gss_qop_t * qop_state,
+ krb5_keyblock *key
+ )
+{
+ u_char *p;
+ u_char seq[8];
+ int32_t seq_number;
+ OM_uint32 ret;
+ krb5_crypto crypto;
+ krb5_data seq_data;
+ int cmp;
+ Checksum csum;
+ char *tmp;
+
+ p = token_buffer->value;
+ ret = gssapi_krb5_verify_header (&p,
+ token_buffer->length,
+ "\x01\x01");
+ if (ret)
+ return ret;
+
+ if (memcmp(p, "\x04\x00", 2) != 0) /* SGN_ALG = HMAC SHA1 DES3-KD */
+ return GSS_S_BAD_SIG;
+ p += 2;
+ if (memcmp (p, "\xff\xff\xff\xff", 4) != 0)
+ return GSS_S_BAD_MIC;
+ p += 4;
+
+ ret = krb5_crypto_init(gssapi_krb5_context, key,
+ ETYPE_DES3_CBC_NONE, &crypto);
+ if (ret){
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ /* verify sequence number */
+
+ ret = krb5_decrypt (gssapi_krb5_context,
+ crypto,
+ KRB5_KU_USAGE_SEQ,
+ p, 8, &seq_data);
+ if (ret) {
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ if (seq_data.length != 8) {
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ krb5_data_free (&seq_data);
+ return GSS_S_BAD_MIC;
+ }
+
+ krb5_auth_getremoteseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ &seq_number);
+ seq[0] = (seq_number >> 0) & 0xFF;
+ seq[1] = (seq_number >> 8) & 0xFF;
+ seq[2] = (seq_number >> 16) & 0xFF;
+ seq[3] = (seq_number >> 24) & 0xFF;
+ memset (seq + 4,
+ (context_handle->more_flags & LOCAL) ? 0xFF : 0,
+ 4);
+ cmp = memcmp (seq, seq_data.data, seq_data.length);
+ krb5_data_free (&seq_data);
+ if (cmp != 0) {
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ return GSS_S_BAD_MIC;
+ }
+
+ /* verify checksum */
+
+ tmp = malloc (message_buffer->length + 8);
+ if (tmp == NULL) {
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ *minor_status = ENOMEM;
+ return GSS_S_FAILURE;
+ }
+
+ memcpy (tmp, p - 8, 8);
+ memcpy (tmp + 8, message_buffer->value, message_buffer->length);
+
+ csum.cksumtype = CKSUMTYPE_HMAC_SHA1_DES3;
+ csum.checksum.length = 20;
+ csum.checksum.data = p + 8;
+
+ ret = krb5_verify_checksum (gssapi_krb5_context, crypto,
+ KRB5_KU_USAGE_SIGN,
+ tmp, message_buffer->length + 8,
+ &csum);
+ free (tmp);
+ if (ret) {
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ *minor_status = ret;
+ return GSS_S_BAD_MIC;
+ }
+
+ krb5_auth_setremoteseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ ++seq_number);
+
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ return GSS_S_COMPLETE;
+}
+
+OM_uint32
+gss_verify_mic
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ const gss_buffer_t message_buffer,
+ const gss_buffer_t token_buffer,
+ gss_qop_t * qop_state
+ )
+{
+ krb5_keyblock *key;
+ OM_uint32 ret;
+ krb5_keytype keytype;
+
+ ret = krb5_auth_con_getremotesubkey (gssapi_krb5_context,
+ context_handle->auth_context,
+ &key);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
+ switch (keytype) {
+ case KEYTYPE_DES :
+ ret = verify_mic_des (minor_status, context_handle,
+ message_buffer, token_buffer, qop_state, key);
+ break;
+ case KEYTYPE_DES3 :
+ ret = verify_mic_des3 (minor_status, context_handle,
+ message_buffer, token_buffer, qop_state, key);
+ break;
+ default :
+ *minor_status = KRB5_PROG_ETYPE_NOSUPP;
+ ret = GSS_S_FAILURE;
+ break;
+ }
+ krb5_free_keyblock (gssapi_krb5_context, key);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/gssapi/wrap.c b/crypto/heimdal/lib/gssapi/wrap.c
index c71f2b12e94c..1d9f51d30a80 100644
--- a/crypto/heimdal/lib/gssapi/wrap.c
+++ b/crypto/heimdal/lib/gssapi/wrap.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,9 +33,26 @@
#include "gssapi_locl.h"
-RCSID("$Id: wrap.c,v 1.11 2000/01/25 23:15:44 assar Exp $");
+RCSID("$Id: wrap.c,v 1.15 2001/01/29 02:08:59 assar Exp $");
-OM_uint32 gss_wrap_size_limit (
+static OM_uint32
+sub_wrap_size (
+ OM_uint32 req_output_size,
+ OM_uint32 * max_input_size,
+ int blocksize,
+ int extrasize
+ )
+{
+ size_t len, total_len, padlength;
+ padlength = blocksize - (req_output_size % blocksize);
+ len = req_output_size + 8 + padlength + extrasize;
+ gssapi_krb5_encap_length(len, &len, &total_len);
+ *max_input_size = (OM_uint32)total_len;
+ return GSS_S_COMPLETE;
+}
+
+OM_uint32
+gss_wrap_size_limit (
OM_uint32 * minor_status,
const gss_ctx_id_t context_handle,
int conf_req_flag,
@@ -44,36 +61,58 @@ OM_uint32 gss_wrap_size_limit (
OM_uint32 * max_input_size
)
{
- size_t len, total_len, padlength;
- padlength = 8 - (req_output_size % 8);
- len = req_output_size + 8 + padlength + 22;
- gssapi_krb5_encap_length(len, &len, &total_len);
- *max_input_size = (OM_uint32)total_len;
- return GSS_S_COMPLETE;
+ krb5_keyblock *key;
+ OM_uint32 ret;
+ krb5_keytype keytype;
+
+ ret = gss_krb5_getsomekey(context_handle, &key);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
+
+ switch (keytype) {
+ case KEYTYPE_DES :
+ ret = sub_wrap_size(req_output_size, max_input_size, 8, 22);
+ break;
+ case KEYTYPE_DES3 :
+ ret = sub_wrap_size(req_output_size, max_input_size, 8, 34);
+ break;
+ default :
+ *minor_status = KRB5_PROG_ETYPE_NOSUPP;
+ ret = GSS_S_FAILURE;
+ break;
+ }
+ krb5_free_keyblock (gssapi_krb5_context, key);
+ return ret;
}
-OM_uint32 gss_wrap
+static OM_uint32
+wrap_des
(OM_uint32 * minor_status,
const gss_ctx_id_t context_handle,
int conf_req_flag,
gss_qop_t qop_req,
const gss_buffer_t input_message_buffer,
int * conf_state,
- gss_buffer_t output_message_buffer
+ gss_buffer_t output_message_buffer,
+ krb5_keyblock *key
)
{
u_char *p;
MD5_CTX md5;
u_char hash[16];
des_key_schedule schedule;
- des_cblock key;
+ des_cblock deskey;
des_cblock zero;
int i;
int32_t seq_number;
- size_t len, total_len, padlength;
+ size_t len, total_len, padlength, datalen;
padlength = 8 - (input_message_buffer->length % 8);
- len = input_message_buffer->length + 8 + padlength + 22;
+ datalen = input_message_buffer->length + padlength + 8;
+ len = datalen + 22;
gssapi_krb5_encap_length (len, &len, &total_len);
output_message_buffer->length = total_len;
@@ -83,8 +122,7 @@ OM_uint32 gss_wrap
p = gssapi_krb5_make_header(output_message_buffer->value,
len,
- "\x02\x01");
-
+ "\x02\x01"); /* TOK_ID */
/* SGN_ALG */
memcpy (p, "\x00\x00", 2);
@@ -110,15 +148,15 @@ OM_uint32 gss_wrap
memset (p + 8 + input_message_buffer->length, padlength, padlength);
/* checksum */
- MD5Init (&md5);
- MD5Update (&md5, p - 24, 8);
- MD5Update (&md5, p, input_message_buffer->length + padlength + 8);
- MD5Final (hash, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, p - 24, 8);
+ MD5_Update (&md5, p, datalen);
+ MD5_Final (hash, &md5);
memset (&zero, 0, sizeof(zero));
- gss_krb5_getsomekey(context_handle, &key);
- des_set_key (&key, schedule);
- des_cbc_cksum ((const void *)hash, (void *)hash, sizeof(hash),
+ memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
+ des_set_key (&deskey, schedule);
+ des_cbc_cksum ((void *)hash, (void *)hash, sizeof(hash),
schedule, &zero);
memcpy (p - 8, hash, 8);
@@ -136,8 +174,8 @@ OM_uint32 gss_wrap
(context_handle->more_flags & LOCAL) ? 0 : 0xFF,
4);
- des_set_key (&key, schedule);
- des_cbc_encrypt ((const void *)p, (void *)p, 8,
+ des_set_key (&deskey, schedule);
+ des_cbc_encrypt ((void *)p, (void *)p, 8,
schedule, (des_cblock *)(p + 8), DES_ENCRYPT);
krb5_auth_setlocalseqnumber (gssapi_krb5_context,
@@ -148,22 +186,225 @@ OM_uint32 gss_wrap
p += 16;
if(conf_req_flag) {
- gss_krb5_getsomekey(context_handle, &key);
- for (i = 0; i < sizeof(key); ++i)
- key[i] ^= 0xf0;
- des_set_key (&key, schedule);
+ memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
+
+ for (i = 0; i < sizeof(deskey); ++i)
+ deskey[i] ^= 0xf0;
+ des_set_key (&deskey, schedule);
memset (&zero, 0, sizeof(zero));
- des_cbc_encrypt ((const void *)p,
+ des_cbc_encrypt ((void *)p,
(void *)p,
- 8 + input_message_buffer->length + padlength,
+ datalen,
schedule,
&zero,
DES_ENCRYPT);
- memset (key, 0, sizeof(key));
+ memset (deskey, 0, sizeof(deskey));
memset (schedule, 0, sizeof(schedule));
}
if(conf_state != NULL)
*conf_state = conf_req_flag;
return GSS_S_COMPLETE;
}
+
+static OM_uint32
+wrap_des3
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ int conf_req_flag,
+ gss_qop_t qop_req,
+ const gss_buffer_t input_message_buffer,
+ int * conf_state,
+ gss_buffer_t output_message_buffer,
+ krb5_keyblock *key
+ )
+{
+ u_char *p;
+ u_char seq[8];
+ int32_t seq_number;
+ size_t len, total_len, padlength, datalen;
+ u_int32_t ret;
+ krb5_crypto crypto;
+ Checksum cksum;
+ krb5_data encdata;
+
+ padlength = 8 - (input_message_buffer->length % 8);
+ datalen = input_message_buffer->length + padlength + 8;
+ len = datalen + 34;
+ gssapi_krb5_encap_length (len, &len, &total_len);
+
+ output_message_buffer->length = total_len;
+ output_message_buffer->value = malloc (total_len);
+ if (output_message_buffer->value == NULL)
+ return GSS_S_FAILURE;
+
+ p = gssapi_krb5_make_header(output_message_buffer->value,
+ len,
+ "\x02\x01"); /* TOK_ID */
+
+ /* SGN_ALG */
+ memcpy (p, "\x04\x00", 2); /* HMAC SHA1 DES3-KD */
+ p += 2;
+ /* SEAL_ALG */
+ if(conf_req_flag)
+ memcpy (p, "\x02\x00", 2); /* DES3-KD */
+ else
+ memcpy (p, "\xff\xff", 2);
+ p += 2;
+ /* Filler */
+ memcpy (p, "\xff\xff", 2);
+ p += 2;
+
+ /* calculate checksum (the above + confounder + data + pad) */
+
+ memcpy (p + 20, p - 8, 8);
+ des_new_random_key((des_cblock*)(p + 28));
+ memcpy (p + 28 + 8, input_message_buffer->value,
+ input_message_buffer->length);
+ memset (p + 28 + 8 + input_message_buffer->length, padlength, padlength);
+
+ ret = krb5_crypto_init(gssapi_krb5_context, key, 0, &crypto);
+ if (ret) {
+ free (output_message_buffer->value);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ ret = krb5_create_checksum (gssapi_krb5_context,
+ crypto,
+ KRB5_KU_USAGE_SIGN,
+ p + 20,
+ datalen + 8,
+ &cksum);
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ if (ret) {
+ free (output_message_buffer->value);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ /* zero out SND_SEQ + SGN_CKSUM in case */
+ memset (p, 0, 28);
+
+ memcpy (p + 8, cksum.checksum.data, cksum.checksum.length);
+ free_Checksum (&cksum);
+
+ /* sequence number */
+ krb5_auth_getlocalseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ &seq_number);
+
+ seq[0] = (seq_number >> 0) & 0xFF;
+ seq[1] = (seq_number >> 8) & 0xFF;
+ seq[2] = (seq_number >> 16) & 0xFF;
+ seq[3] = (seq_number >> 24) & 0xFF;
+ memset (seq + 4,
+ (context_handle->more_flags & LOCAL) ? 0 : 0xFF,
+ 4);
+
+
+ ret = krb5_crypto_init(gssapi_krb5_context, key, ETYPE_DES3_CBC_NONE_IVEC,
+ &crypto);
+ if (ret) {
+ free (output_message_buffer->value);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ {
+ des_cblock ivec;
+
+ memcpy (&ivec, p + 8, 8);
+ ret = krb5_encrypt_ivec (gssapi_krb5_context,
+ crypto,
+ KRB5_KU_USAGE_SEQ,
+ seq, 8, &encdata,
+ &ivec);
+ }
+ krb5_crypto_destroy (gssapi_krb5_context, crypto);
+ if (ret) {
+ free (output_message_buffer->value);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+
+ assert (encdata.length == 8);
+
+ memcpy (p, encdata.data, encdata.length);
+ krb5_data_free (&encdata);
+
+ krb5_auth_setlocalseqnumber (gssapi_krb5_context,
+ context_handle->auth_context,
+ ++seq_number);
+
+ /* encrypt the data */
+ p += 28;
+
+ if(conf_req_flag) {
+ krb5_data tmp;
+
+ ret = krb5_crypto_init(gssapi_krb5_context, key,
+ ETYPE_DES3_CBC_NONE, &crypto);
+ if (ret) {
+ free (output_message_buffer->value);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ ret = krb5_encrypt(gssapi_krb5_context, crypto, KRB5_KU_USAGE_SEAL,
+ p, datalen, &tmp);
+ krb5_crypto_destroy(gssapi_krb5_context, crypto);
+ if (ret) {
+ free (output_message_buffer->value);
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ assert (tmp.length == datalen);
+
+ memcpy (p, tmp.data, datalen);
+ krb5_data_free(&tmp);
+ }
+ if(conf_state != NULL)
+ *conf_state = conf_req_flag;
+ return GSS_S_COMPLETE;
+}
+
+OM_uint32 gss_wrap
+ (OM_uint32 * minor_status,
+ const gss_ctx_id_t context_handle,
+ int conf_req_flag,
+ gss_qop_t qop_req,
+ const gss_buffer_t input_message_buffer,
+ int * conf_state,
+ gss_buffer_t output_message_buffer
+ )
+{
+ krb5_keyblock *key;
+ OM_uint32 ret;
+ krb5_keytype keytype;
+
+ ret = gss_krb5_getsomekey(context_handle, &key);
+ if (ret) {
+ *minor_status = ret;
+ return GSS_S_FAILURE;
+ }
+ krb5_enctype_to_keytype (gssapi_krb5_context, key->keytype, &keytype);
+
+ switch (keytype) {
+ case KEYTYPE_DES :
+ ret = wrap_des (minor_status, context_handle, conf_req_flag,
+ qop_req, input_message_buffer, conf_state,
+ output_message_buffer, key);
+ break;
+ case KEYTYPE_DES3 :
+ ret = wrap_des3 (minor_status, context_handle, conf_req_flag,
+ qop_req, input_message_buffer, conf_state,
+ output_message_buffer, key);
+ break;
+ default :
+ *minor_status = KRB5_PROG_ETYPE_NOSUPP;
+ ret = GSS_S_FAILURE;
+ break;
+ }
+ krb5_free_keyblock (gssapi_krb5_context, key);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/hdb/Makefile.am b/crypto/heimdal/lib/hdb/Makefile.am
index 6c4341e7d27f..f3aba3b522ab 100644
--- a/crypto/heimdal/lib/hdb/Makefile.am
+++ b/crypto/heimdal/lib/hdb/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $
+# $Id: Makefile.am,v 1.43 2001/01/30 01:49:16 assar Exp $
include $(top_srcdir)/Makefile.am.common
@@ -13,27 +13,33 @@ CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files
noinst_PROGRAMS = convert_db
LDADD = libhdb.la \
+ $(LIB_openldap) \
../krb5/libkrb5.la \
../asn1/libasn1.la \
- ../des/libdes.la \
+ $(LIB_des) \
$(LIB_roken) \
$(DBLIB)
lib_LTLIBRARIES = libhdb.la
-libhdb_la_LDFLAGS = -version-info 4:1:1
-
-libhdb_la_SOURCES = \
- keytab.c \
- hdb.c \
- common.c \
- db.c \
- ndbm.c \
- print.c \
- $(BUILT_SOURCES)
+libhdb_la_LDFLAGS = -version-info 7:0:0
+
+libhdb_la_SOURCES = \
+ common.c \
+ db.c \
+ db3.c \
+ hdb-ldap.c \
+ hdb.c \
+ keytab.c \
+ mkey.c \
+ ndbm.c \
+ print.c \
+ $(BUILT_SOURCES)
+
+INCLUDES += $(INCLUDE_openldap)
include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h
-libhdb_la_LIBADD =
+libhdb_la_LIBADD = $(LIB_openldap)
$(libhdb_la_OBJECTS): $(srcdir)/hdb-protos.h $(srcdir)/hdb-private.h
diff --git a/crypto/heimdal/lib/hdb/Makefile.in b/crypto/heimdal/lib/hdb/Makefile.in
index ef925509766c..ad12e787b184 100644
--- a/crypto/heimdal/lib/hdb/Makefile.in
+++ b/crypto/heimdal/lib/hdb/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.33 2000/01/06 21:45:41 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.43 2001/01/30 01:49:16 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include -I../asn1 -I$(srcdir)/../asn1
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) -I../asn1 -I$(srcdir)/../asn1 $(INCLUDE_openldap)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,28 +170,25 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
-BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c asn1_Salt.c hdb_err.c hdb_err.h
+BUILT_SOURCES = asn1_Key.c asn1_Event.c asn1_HDBFlags.c asn1_hdb_entry.c \
+ asn1_Salt.c hdb_err.c hdb_err.h
foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x
@@ -181,18 +196,35 @@ foo = asn1_Key.x asn1_Event.x asn1_HDBFlags.x asn1_hdb_entry.x asn1_Salt.x
CLEANFILES = $(BUILT_SOURCES) $(foo) hdb_asn1.h asn1_files
noinst_PROGRAMS = convert_db
-LDADD = libhdb.la ../krb5/libkrb5.la ../asn1/libasn1.la ../des/libdes.la $(LIB_roken) $(DBLIB)
+LDADD = libhdb.la \
+ $(LIB_openldap) \
+ ../krb5/libkrb5.la \
+ ../asn1/libasn1.la \
+ $(LIB_des) \
+ $(LIB_roken) \
+ $(DBLIB)
lib_LTLIBRARIES = libhdb.la
-libhdb_la_LDFLAGS = -version-info 4:1:1
+libhdb_la_LDFLAGS = -version-info 7:0:0
-libhdb_la_SOURCES = keytab.c hdb.c common.c db.c ndbm.c print.c $(BUILT_SOURCES)
+libhdb_la_SOURCES = \
+ common.c \
+ db.c \
+ db3.c \
+ hdb-ldap.c \
+ hdb.c \
+ keytab.c \
+ mkey.c \
+ ndbm.c \
+ print.c \
+ $(BUILT_SOURCES)
include_HEADERS = hdb.h hdb_err.h hdb_asn1.h hdb-protos.h hdb-private.h
-libhdb_la_LIBADD =
+libhdb_la_LIBADD = $(LIB_openldap)
+subdir = lib/hdb
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -202,15 +234,15 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
libhdb_la_DEPENDENCIES =
-libhdb_la_OBJECTS = keytab.lo hdb.lo common.lo db.lo ndbm.lo print.lo \
-asn1_Key.lo asn1_Event.lo asn1_HDBFlags.lo asn1_hdb_entry.lo \
-asn1_Salt.lo hdb_err.lo
+am_libhdb_la_OBJECTS = common.lo db.lo db3.lo hdb-ldap.lo hdb.lo \
+keytab.lo mkey.lo ndbm.lo print.lo asn1_Key.lo asn1_Event.lo \
+asn1_HDBFlags.lo asn1_hdb_entry.lo asn1_Salt.lo hdb_err.lo
+libhdb_la_OBJECTS = $(am_libhdb_la_OBJECTS)
noinst_PROGRAMS = convert_db$(EXEEXT)
PROGRAMS = $(noinst_PROGRAMS)
@@ -218,28 +250,29 @@ convert_db_SOURCES = convert_db.c
convert_db_OBJECTS = convert_db.$(OBJEXT)
convert_db_LDADD = $(LDADD)
convert_db_DEPENDENCIES = libhdb.la ../krb5/libkrb5.la \
-../asn1/libasn1.la ../des/libdes.la
+../asn1/libasn1.la
convert_db_LDFLAGS =
-CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libhdb_la_SOURCES) convert_db.c
HEADERS = $(include_HEADERS)
-DIST_COMMON = Makefile.am Makefile.in
+depcomp =
+DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
SOURCES = $(libhdb_la_SOURCES) convert_db.c
-OBJECTS = $(libhdb_la_OBJECTS) convert_db.$(OBJEXT)
+OBJECTS = $(am_libhdb_la_OBJECTS) convert_db.$(OBJEXT)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/hdb/Makefile
@@ -262,31 +295,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -298,15 +318,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -332,41 +343,54 @@ maintainer-clean-noinstPROGRAMS:
convert_db$(EXEEXT): $(convert_db_OBJECTS) $(convert_db_DEPENDENCIES)
@rm -f convert_db$(EXEEXT)
$(LINK) $(convert_db_LDFLAGS) $(convert_db_OBJECTS) $(convert_db_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
install-includeHEADERS: $(include_HEADERS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(includedir)
@list='$(include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
done
uninstall-includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(includedir)/$$p; \
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -379,17 +403,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/hdb
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -418,7 +441,7 @@ uninstall: uninstall-am
all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir)
@@ -433,6 +456,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
-test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-noinstPROGRAMS \
@@ -474,8 +498,8 @@ install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
maintainer-clean-tags distdir info-am info dvi-am dvi check-local check \
check-am installcheck-am installcheck install-exec-am install-exec \
install-data-local install-data-am install-data install-am install \
-uninstall-am uninstall all-local all-redirect all-am all installdirs \
-mostlyclean-generic distclean-generic clean-generic \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
+installdirs mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
@@ -484,7 +508,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -496,8 +523,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -566,87 +593,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/hdb/common.c b/crypto/heimdal/lib/hdb/common.c
index 6e95667359e6..befde78e6f98 100644
--- a/crypto/heimdal/lib/hdb/common.c
+++ b/crypto/heimdal/lib/hdb/common.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "hdb_locl.h"
-RCSID("$Id: common.c,v 1.6 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: common.c,v 1.8 2001/01/30 01:22:17 assar Exp $");
int
hdb_principal2key(krb5_context context, krb5_principal p, krb5_data *key)
@@ -102,7 +102,7 @@ krb5_error_code
_hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry)
{
krb5_data key, value;
- int code;
+ int code = 0;
hdb_principal2key(context, entry->principal, &key);
code = db->_get(context, db, key, &value);
@@ -110,10 +110,13 @@ _hdb_fetch(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry)
if(code)
return code;
hdb_value2entry(context, &value, entry);
- if (db->master_key_set && (flags & HDB_F_DECRYPT))
- hdb_unseal_keys (db, entry);
+ if (db->master_key_set && (flags & HDB_F_DECRYPT)) {
+ code = hdb_unseal_keys (context, db, entry);
+ if (code)
+ hdb_free_entry(context, entry);
+ }
krb5_data_free(&value);
- return 0;
+ return code;
}
krb5_error_code
@@ -123,7 +126,11 @@ _hdb_store(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry)
int code;
hdb_principal2key(context, entry->principal, &key);
- hdb_seal_keys(db, entry);
+ code = hdb_seal_keys(context, db, entry);
+ if (code) {
+ krb5_data_free(&key);
+ return code;
+ }
hdb_entry2value(context, entry, &value);
code = db->_put(context, db, flags & HDB_F_REPLACE, key, value);
krb5_data_free(&value);
diff --git a/crypto/heimdal/lib/hdb/convert_db.c b/crypto/heimdal/lib/hdb/convert_db.c
index b25780927959..1a7ebb43bb1a 100644
--- a/crypto/heimdal/lib/hdb/convert_db.c
+++ b/crypto/heimdal/lib/hdb/convert_db.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -38,9 +38,10 @@
*/
#include "hdb_locl.h"
-#include "getarg.h"
+#include <getarg.h>
+#include <err.h>
-RCSID("$Id: convert_db.c,v 1.8 1999/05/09 22:47:47 assar Exp $");
+RCSID("$Id: convert_db.c,v 1.11 2001/01/25 12:45:01 assar Exp $");
static krb5_error_code
update_keytypes(krb5_context context, HDB *db, hdb_entry *entry, void *data)
@@ -132,7 +133,6 @@ main(int argc, char **argv)
krb5_error_code ret;
krb5_context context;
HDB *db, *new;
- EncryptionKey key;
int optind = 0;
int master_key_set = 0;
@@ -151,29 +151,23 @@ main(int argc, char **argv)
ret = krb5_init_context(&context);
if(ret != 0)
- krb5_err(NULL, 1, ret, "krb5_init_context");
+ errx(1, "krb5_init_context failed: %d", ret);
ret = hdb_create(context, &db, old_database);
if(ret != 0)
krb5_err(context, 1, ret, "hdb_create");
- ret = hdb_read_master_key(context, mkeyfile, &key);
- if(ret == 0) {
- if(key.keytype == KEYTYPE_DES)
- key.keytype = ETYPE_DES_CBC_MD5;
-
- ret = hdb_set_master_key(context, db, key);
- if (ret)
- krb5_err(context, 1, ret, "hdb_set_master_key");
- master_key_set = 1;
- }
+ ret = hdb_set_master_keyfile(context, db, mkeyfile);
+ if (ret)
+ krb5_err(context, 1, ret, "hdb_set_master_keyfile");
+ master_key_set = 1;
ret = hdb_create(context, &new, new_database);
if(ret != 0)
krb5_err(context, 1, ret, "hdb_create");
if (master_key_set) {
- ret = hdb_set_master_key(context, new, key);
+ ret = hdb_set_master_keyfile(context, new, mkeyfile);
if (ret)
- krb5_err(context, 1, ret, "hdb_set_master_key");
+ krb5_err(context, 1, ret, "hdb_set_master_keyfile");
}
ret = db->open(context, db, O_RDONLY, 0);
if(ret == HDB_ERR_BADVERSION) {
diff --git a/crypto/heimdal/lib/hdb/db.c b/crypto/heimdal/lib/hdb/db.c
index 46994378da26..6f9c6889d5d2 100644
--- a/crypto/heimdal/lib/hdb/db.c
+++ b/crypto/heimdal/lib/hdb/db.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,9 +33,9 @@
#include "hdb_locl.h"
-RCSID("$Id: db.c,v 1.25 1999/12/02 17:05:04 joda Exp $");
+RCSID("$Id: db.c,v 1.28 2001/01/30 01:24:00 assar Exp $");
-#ifdef HAVE_DB_H
+#if defined(HAVE_DB_H) && DB_VERSION_MAJOR < 3
static krb5_error_code
DB_close(krb5_context context, HDB *db)
@@ -102,13 +102,21 @@ DB_seq(krb5_context context, HDB *db,
data.length = value.size;
if (hdb_value2entry(context, &data, entry))
return DB_seq(context, db, flags, entry, R_NEXT);
- if (db->master_key_set && (flags & HDB_F_DECRYPT))
- hdb_unseal_keys (db, entry);
- if (entry->principal == NULL) {
+ if (db->master_key_set && (flags & HDB_F_DECRYPT)) {
+ code = hdb_unseal_keys (context, db, entry);
+ if (code)
+ hdb_free_entry (context, entry);
+ }
+ if (code == 0 && entry->principal == NULL) {
entry->principal = malloc(sizeof(*entry->principal));
- hdb_key2principal(context, &key_data, entry->principal);
+ if (entry->principal == NULL) {
+ code = ENOMEM;
+ hdb_free_entry (context, entry);
+ } else {
+ hdb_key2principal(context, &key_data, entry->principal);
+ }
}
- return 0;
+ return code;
}
diff --git a/crypto/heimdal/lib/hdb/db3.c b/crypto/heimdal/lib/hdb/db3.c
new file mode 100644
index 000000000000..a682071a6077
--- /dev/null
+++ b/crypto/heimdal/lib/hdb/db3.c
@@ -0,0 +1,310 @@
+/*
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "hdb_locl.h"
+
+RCSID("$Id: db3.c,v 1.6 2001/01/30 01:24:00 assar Exp $");
+
+#if defined(HAVE_DB_H) && DB_VERSION_MAJOR == 3
+static krb5_error_code
+DB_close(krb5_context context, HDB *db)
+{
+ DB *d = (DB*)db->db;
+ DBC *dbcp = (DBC*)db->dbc;
+
+ dbcp->c_close(dbcp);
+ db->dbc = 0;
+ d->close(d, 0);
+ return 0;
+}
+
+static krb5_error_code
+DB_destroy(krb5_context context, HDB *db)
+{
+ krb5_error_code ret;
+
+ ret = hdb_clear_master_key (context, db);
+ free(db->name);
+ free(db);
+ return ret;
+}
+
+static krb5_error_code
+DB_lock(krb5_context context, HDB *db, int operation)
+{
+ DB *d = (DB*)db->db;
+ int fd;
+ if ((*d->fd)(d, &fd))
+ return HDB_ERR_CANT_LOCK_DB;
+ return hdb_lock(fd, operation);
+}
+
+static krb5_error_code
+DB_unlock(krb5_context context, HDB *db)
+{
+ DB *d = (DB*)db->db;
+ int fd;
+ if ((*d->fd)(d, &fd))
+ return HDB_ERR_CANT_LOCK_DB;
+ return hdb_unlock(fd);
+}
+
+
+static krb5_error_code
+DB_seq(krb5_context context, HDB *db,
+ unsigned flags, hdb_entry *entry, int flag)
+{
+ DB *d = (DB*)db->db;
+ DBT key, value;
+ DBC *dbcp = db->dbc;
+ krb5_data key_data, data;
+ int code;
+
+ memset(&key, 0, sizeof(DBT));
+ memset(&value, 0, sizeof(DBT));
+ if (db->lock(context, db, HDB_RLOCK))
+ return HDB_ERR_DB_INUSE;
+ code = dbcp->c_get(dbcp, &key, &value, flag);
+ db->unlock(context, db); /* XXX check value */
+ if (code == DB_NOTFOUND)
+ return HDB_ERR_NOENTRY;
+ if (code)
+ return code;
+
+ key_data.data = key.data;
+ key_data.length = key.size;
+ data.data = value.data;
+ data.length = value.size;
+ if (hdb_value2entry(context, &data, entry))
+ return DB_seq(context, db, flags, entry, DB_NEXT);
+ if (db->master_key_set && (flags & HDB_F_DECRYPT)) {
+ code = hdb_unseal_keys (context, db, entry);
+ if (code)
+ hdb_free_entry (context, entry);
+ }
+ if (entry->principal == NULL) {
+ entry->principal = malloc(sizeof(*entry->principal));
+ if (entry->principal == NULL) {
+ code = ENOMEM;
+ hdb_free_entry (context, entry);
+ } else {
+ hdb_key2principal(context, &key_data, entry->principal);
+ }
+ }
+ return 0;
+}
+
+
+static krb5_error_code
+DB_firstkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry)
+{
+ return DB_seq(context, db, flags, entry, DB_FIRST);
+}
+
+
+static krb5_error_code
+DB_nextkey(krb5_context context, HDB *db, unsigned flags, hdb_entry *entry)
+{
+ return DB_seq(context, db, flags, entry, DB_NEXT);
+}
+
+static krb5_error_code
+DB_rename(krb5_context context, HDB *db, const char *new_name)
+{
+ int ret;
+ char *old, *new;
+
+ asprintf(&old, "%s.db", db->name);
+ asprintf(&new, "%s.db", new_name);
+ ret = rename(old, new);
+ free(old);
+ free(new);
+ if(ret)
+ return errno;
+
+ free(db->name);
+ db->name = strdup(new_name);
+ return 0;
+}
+
+static krb5_error_code
+DB__get(krb5_context context, HDB *db, krb5_data key, krb5_data *reply)
+{
+ DB *d = (DB*)db->db;
+ DBT k, v;
+ int code;
+
+ memset(&k, 0, sizeof(DBT));
+ memset(&v, 0, sizeof(DBT));
+ k.data = key.data;
+ k.size = key.length;
+ k.flags = 0;
+ if ((code = db->lock(context, db, HDB_RLOCK)))
+ return code;
+ code = d->get(d, NULL, &k, &v, 0);
+ db->unlock(context, db);
+ if(code == DB_NOTFOUND)
+ return HDB_ERR_NOENTRY;
+ if(code)
+ return code;
+
+ krb5_data_copy(reply, v.data, v.size);
+ return 0;
+}
+
+static krb5_error_code
+DB__put(krb5_context context, HDB *db, int replace,
+ krb5_data key, krb5_data value)
+{
+ DB *d = (DB*)db->db;
+ DBT k, v;
+ int code;
+
+ memset(&k, 0, sizeof(DBT));
+ memset(&v, 0, sizeof(DBT));
+ k.data = key.data;
+ k.size = key.length;
+ k.flags = 0;
+ v.data = value.data;
+ v.size = value.length;
+ v.flags = 0;
+ if ((code = db->lock(context, db, HDB_WLOCK)))
+ return code;
+ code = d->put(d, NULL, &k, &v, replace ? 0 : DB_NOOVERWRITE);
+ db->unlock(context, db);
+ if(code == DB_KEYEXIST)
+ return HDB_ERR_EXISTS;
+ if(code)
+ return errno;
+ return 0;
+}
+
+static krb5_error_code
+DB__del(krb5_context context, HDB *db, krb5_data key)
+{
+ DB *d = (DB*)db->db;
+ DBT k;
+ krb5_error_code code;
+ memset(&k, 0, sizeof(DBT));
+ k.data = key.data;
+ k.size = key.length;
+ k.flags = 0;
+ code = db->lock(context, db, HDB_WLOCK);
+ if(code)
+ return code;
+ code = d->del(d, NULL, &k, 0);
+ db->unlock(context, db);
+ if(code == DB_NOTFOUND)
+ return HDB_ERR_NOENTRY;
+ if(code)
+ return code;
+ return 0;
+}
+
+static krb5_error_code
+DB_open(krb5_context context, HDB *db, int flags, mode_t mode)
+{
+ char *fn;
+ krb5_error_code ret;
+ DB *d;
+ int myflags = 0;
+
+ if (flags & O_CREAT)
+ myflags |= DB_CREATE;
+
+ if (flags & O_EXCL)
+ myflags |= DB_EXCL;
+
+ if (flags & O_RDONLY)
+ myflags |= DB_RDONLY;
+
+ if (flags & O_TRUNC)
+ myflags |= DB_TRUNCATE;
+
+ asprintf(&fn, "%s.db", db->name);
+ if (fn == NULL)
+ return ENOMEM;
+ db_create(&d, NULL, 0);
+ db->db = d;
+ if ((ret = d->open(db->db, fn, NULL, DB_BTREE, myflags, mode))) {
+ if(ret == ENOENT)
+ /* try to open without .db extension */
+ if (d->open(db->db, db->name, NULL, DB_BTREE, myflags, mode)) {
+ free(fn);
+ return ret;
+ }
+ }
+ free(fn);
+
+ ret = d->cursor(d, NULL, (DBC **)&db->dbc, 0);
+ if (ret)
+ return ret;
+
+ if((flags & O_ACCMODE) == O_RDONLY)
+ ret = hdb_check_db_format(context, db);
+ else
+ ret = hdb_init_db(context, db);
+ if(ret == HDB_ERR_NOENTRY)
+ return 0;
+ return ret;
+}
+
+krb5_error_code
+hdb_db_create(krb5_context context, HDB **db,
+ const char *filename)
+{
+ *db = malloc(sizeof(**db));
+ if (*db == NULL)
+ return ENOMEM;
+
+ (*db)->db = NULL;
+ (*db)->name = strdup(filename);
+ (*db)->master_key_set = 0;
+ (*db)->openp = 0;
+ (*db)->open = DB_open;
+ (*db)->close = DB_close;
+ (*db)->fetch = _hdb_fetch;
+ (*db)->store = _hdb_store;
+ (*db)->remove = _hdb_remove;
+ (*db)->firstkey = DB_firstkey;
+ (*db)->nextkey= DB_nextkey;
+ (*db)->lock = DB_lock;
+ (*db)->unlock = DB_unlock;
+ (*db)->rename = DB_rename;
+ (*db)->_get = DB__get;
+ (*db)->_put = DB__put;
+ (*db)->_del = DB__del;
+ (*db)->destroy = DB_destroy;
+ return 0;
+}
+#endif
diff --git a/crypto/heimdal/lib/hdb/hdb-ldap.c b/crypto/heimdal/lib/hdb/hdb-ldap.c
new file mode 100644
index 000000000000..6d264b428153
--- /dev/null
+++ b/crypto/heimdal/lib/hdb/hdb-ldap.c
@@ -0,0 +1,1344 @@
+/*
+ * Copyright (c) 1999 - 2001, PADL Software Pty Ltd.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of PADL Software nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "hdb_locl.h"
+
+RCSID("$Id: hdb-ldap.c,v 1.7 2001/01/30 16:59:08 assar Exp $");
+
+#ifdef OPENLDAP
+
+#include <ldap.h>
+#include <lber.h>
+#include <ctype.h>
+#include <sys/un.h>
+
+static krb5_error_code LDAP__connect(krb5_context context, HDB * db);
+
+static krb5_error_code
+LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
+ hdb_entry * ent);
+
+static char *krb5kdcentry_attrs[] =
+ { "krb5PrincipalName", "cn", "krb5PrincipalRealm",
+ "krb5KeyVersionNumber", "krb5Key",
+ "krb5ValidStart", "krb5ValidEnd", "krb5PasswordEnd",
+ "krb5MaxLife", "krb5MaxRenew", "krb5KDCFlags", "krb5EncryptionType",
+ "modifiersName", "modifyTimestamp", "creatorsName", "createTimestamp",
+ NULL
+};
+
+static char *krb5principal_attrs[] =
+ { "krb5PrincipalName", "cn", "krb5PrincipalRealm",
+ "modifiersName", "modifyTimestamp", "creatorsName", "createTimestamp",
+ NULL
+};
+
+/* based on samba: source/passdb/ldap.c */
+static krb5_error_code
+LDAP_addmod_len(LDAPMod *** modlist, int modop, const char *attribute,
+ unsigned char *value, size_t len)
+{
+ LDAPMod **mods = *modlist;
+ int i, j;
+
+ if (mods == NULL) {
+ mods = (LDAPMod **) calloc(1, sizeof(LDAPMod *));
+ if (mods == NULL) {
+ return ENOMEM;
+ }
+ mods[0] = NULL;
+ }
+
+ for (i = 0; mods[i] != NULL; ++i) {
+ if ((mods[i]->mod_op & (~LDAP_MOD_BVALUES)) == modop
+ && (!strcasecmp(mods[i]->mod_type, attribute))) {
+ break;
+ }
+ }
+
+ if (mods[i] == NULL) {
+ mods = (LDAPMod **) realloc(mods, (i + 2) * sizeof(LDAPMod *));
+ if (mods == NULL) {
+ return ENOMEM;
+ }
+ mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod));
+ if (mods[i] == NULL) {
+ return ENOMEM;
+ }
+ mods[i]->mod_op = modop | LDAP_MOD_BVALUES;
+ mods[i]->mod_bvalues = NULL;
+ mods[i]->mod_type = strdup(attribute);
+ if (mods[i]->mod_type == NULL) {
+ return ENOMEM;
+ }
+ mods[i + 1] = NULL;
+ }
+
+ if (value != NULL) {
+ j = 0;
+ if (mods[i]->mod_bvalues != NULL) {
+ for (; mods[i]->mod_bvalues[j] != NULL; j++);
+ }
+ mods[i]->mod_bvalues =
+ (struct berval **) realloc(mods[i]->mod_bvalues,
+ (j + 2) * sizeof(struct berval *));
+ if (mods[i]->mod_bvalues == NULL) {
+ return ENOMEM;
+ }
+ /* Caller allocates memory on our behalf, unlike LDAP_addmod. */
+ mods[i]->mod_bvalues[j] =
+ (struct berval *) malloc(sizeof(struct berval));
+ if (mods[i]->mod_bvalues[j] == NULL) {
+ return ENOMEM;
+ }
+ mods[i]->mod_bvalues[j]->bv_val = value;
+ mods[i]->mod_bvalues[j]->bv_len = len;
+ mods[i]->mod_bvalues[j + 1] = NULL;
+ }
+ *modlist = mods;
+ return 0;
+}
+
+static krb5_error_code
+LDAP_addmod(LDAPMod *** modlist, int modop, const char *attribute,
+ const char *value)
+{
+ LDAPMod **mods = *modlist;
+ int i, j;
+
+ if (mods == NULL) {
+ mods = (LDAPMod **) calloc(1, sizeof(LDAPMod *));
+ if (mods == NULL) {
+ return ENOMEM;
+ }
+ mods[0] = NULL;
+ }
+
+ for (i = 0; mods[i] != NULL; ++i) {
+ if (mods[i]->mod_op == modop
+ && (!strcasecmp(mods[i]->mod_type, attribute))) {
+ break;
+ }
+ }
+
+ if (mods[i] == NULL) {
+ mods = (LDAPMod **) realloc(mods, (i + 2) * sizeof(LDAPMod *));
+ if (mods == NULL) {
+ return ENOMEM;
+ }
+ mods[i] = (LDAPMod *) malloc(sizeof(LDAPMod));
+ if (mods[i] == NULL) {
+ return ENOMEM;
+ }
+ mods[i]->mod_op = modop;
+ mods[i]->mod_values = NULL;
+ mods[i]->mod_type = strdup(attribute);
+ if (mods[i]->mod_type == NULL) {
+ return ENOMEM;
+ }
+ mods[i + 1] = NULL;
+ }
+
+ if (value != NULL) {
+ j = 0;
+ if (mods[i]->mod_values != NULL) {
+ for (; mods[i]->mod_values[j] != NULL; j++);
+ }
+ mods[i]->mod_values = (char **) realloc(mods[i]->mod_values,
+ (j + 2) * sizeof(char *));
+ if (mods[i]->mod_values == NULL) {
+ return ENOMEM;
+ }
+ mods[i]->mod_values[j] = strdup(value);
+ if (mods[i]->mod_values[j] == NULL) {
+ return ENOMEM;
+ }
+ mods[i]->mod_values[j + 1] = NULL;
+ }
+ *modlist = mods;
+ return 0;
+}
+
+static krb5_error_code
+LDAP_addmod_generalized_time(LDAPMod *** mods, int modop,
+ const char *attribute, KerberosTime * time)
+{
+ char buf[22];
+ struct tm *tm;
+
+ /* XXX not threadsafe */
+ tm = gmtime(time);
+ strftime(buf, sizeof(buf), "%Y%m%d%H%M%SZ", tm);
+
+ return LDAP_addmod(mods, modop, attribute, buf);
+}
+
+static krb5_error_code
+LDAP_get_string_value(HDB * db, LDAPMessage * entry,
+ const char *attribute, char **ptr)
+{
+ char **vals;
+ int ret;
+
+ vals = ldap_get_values((LDAP *) db->db, entry, (char *) attribute);
+ if (vals == NULL) {
+ return HDB_ERR_NOENTRY;
+ }
+ *ptr = strdup(vals[0]);
+ if (*ptr == NULL) {
+ ret = ENOMEM;
+ } else {
+ ret = 0;
+ }
+
+ ldap_value_free(vals);
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP_get_integer_value(HDB * db, LDAPMessage * entry,
+ const char *attribute, int *ptr)
+{
+ char **vals;
+
+ vals = ldap_get_values((LDAP *) db->db, entry, (char *) attribute);
+ if (vals == NULL) {
+ return HDB_ERR_NOENTRY;
+ }
+ *ptr = atoi(vals[0]);
+ ldap_value_free(vals);
+ return 0;
+}
+
+static krb5_error_code
+LDAP_get_generalized_time_value(HDB * db, LDAPMessage * entry,
+ const char *attribute, KerberosTime * kt)
+{
+ char *tmp, *gentime;
+ struct tm tm;
+ int ret;
+
+ *kt = 0;
+
+ ret = LDAP_get_string_value(db, entry, attribute, &gentime);
+ if (ret != 0) {
+ return ret;
+ }
+
+ tmp = strptime(gentime, "%Y%m%d%H%M%SZ", &tm);
+ if (tmp == NULL) {
+ free(gentime);
+ return HDB_ERR_NOENTRY;
+ }
+
+ free(gentime);
+
+ *kt = timegm(&tm);
+
+ return 0;
+}
+
+static krb5_error_code
+LDAP_entry2mods(krb5_context context, HDB * db, hdb_entry * ent,
+ LDAPMessage * msg, LDAPMod *** pmods)
+{
+ krb5_error_code ret;
+ krb5_boolean is_new_entry;
+ int rc, i;
+ char *tmp = NULL;
+ LDAPMod **mods = NULL;
+ hdb_entry orig;
+ unsigned long oflags, nflags;
+
+ if (msg != NULL) {
+ ret = LDAP_message2entry(context, db, msg, &orig);
+ if (ret != 0) {
+ goto out;
+ }
+ is_new_entry = FALSE;
+ } else {
+ /* to make it perfectly obvious we're depending on
+ * orig being intiialized to zero */
+ memset(&orig, 0, sizeof(orig));
+ is_new_entry = TRUE;
+ }
+
+ if (is_new_entry) {
+ ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "top");
+ if (ret != 0) {
+ goto out;
+ }
+ /* person is the structural object class */
+ ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass", "person");
+ if (ret != 0) {
+ goto out;
+ }
+ ret =
+ LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass",
+ "krb5Principal");
+ if (ret != 0) {
+ goto out;
+ }
+ ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "objectClass",
+ "krb5KDCEntry");
+ if (ret != 0) {
+ goto out;
+ }
+ }
+
+ if (is_new_entry ||
+ krb5_principal_compare(context, ent->principal, orig.principal) ==
+ FALSE) {
+ ret = krb5_unparse_name(context, ent->principal, &tmp);
+ if (ret != 0) {
+ goto out;
+ }
+ ret =
+ LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5PrincipalName", tmp);
+ if (ret != 0) {
+ free(tmp);
+ goto out;
+ }
+ free(tmp);
+ }
+
+ if (ent->kvno != orig.kvno) {
+ rc = asprintf(&tmp, "%d", ent->kvno);
+ if (rc < 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret =
+ LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5KeyVersionNumber",
+ tmp);
+ free(tmp);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+
+ if (ent->valid_start) {
+ if (orig.valid_end == NULL
+ || (*(ent->valid_start) != *(orig.valid_start))) {
+ ret =
+ LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE,
+ "krb5ValidStart",
+ ent->valid_start);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+ }
+
+ if (ent->valid_end) {
+ if (orig.valid_end == NULL
+ || (*(ent->valid_end) != *(orig.valid_end))) {
+ ret =
+ LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE,
+ "krb5ValidEnd",
+ ent->valid_end);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+ }
+
+ if (ent->pw_end) {
+ if (orig.pw_end == NULL || (*(ent->pw_end) != *(orig.pw_end))) {
+ ret =
+ LDAP_addmod_generalized_time(&mods, LDAP_MOD_REPLACE,
+ "krb5PasswordEnd",
+ ent->pw_end);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+ }
+
+ if (ent->max_life) {
+ if (orig.max_life == NULL
+ || (*(ent->max_life) != *(orig.max_life))) {
+ rc = asprintf(&tmp, "%d", *(ent->max_life));
+ if (rc < 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5MaxLife", tmp);
+ free(tmp);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+ }
+
+ if (ent->max_renew) {
+ if (orig.max_renew == NULL
+ || (*(ent->max_renew) != *(orig.max_renew))) {
+ rc = asprintf(&tmp, "%d", *(ent->max_renew));
+ if (rc < 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret =
+ LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5MaxRenew", tmp);
+ free(tmp);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+ }
+
+ memset(&oflags, 0, sizeof(oflags));
+ memcpy(&oflags, &orig.flags, sizeof(HDBFlags));
+ memset(&nflags, 0, sizeof(nflags));
+ memcpy(&nflags, &ent->flags, sizeof(HDBFlags));
+
+ if (memcmp(&oflags, &nflags, sizeof(HDBFlags))) {
+ rc = asprintf(&tmp, "%lu", nflags);
+ if (rc < 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret = LDAP_addmod(&mods, LDAP_MOD_REPLACE, "krb5KDCFlags", tmp);
+ free(tmp);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+
+ if (is_new_entry == FALSE && orig.keys.len > 0) {
+ /* for the moment, clobber and replace keys. */
+ ret = LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5Key", NULL);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+
+ for (i = 0; i < ent->keys.len; i++) {
+ unsigned char *buf;
+ size_t len;
+ Key new;
+
+ ret = copy_Key(&ent->keys.val[i], &new);
+ if (ret != 0) {
+ goto out;
+ }
+
+ len = length_Key(&new);
+ buf = malloc(len);
+ if (buf == NULL) {
+ ret = ENOMEM;
+ free_Key(&new);
+ goto out;
+ }
+
+ ret = encode_Key(buf + len - 1, len, &new, &len);
+ if (ret != 0) {
+ free(buf);
+ free_Key(&new);
+ goto out;
+ }
+ free_Key(&new);
+
+ /* addmod_len _owns_ the key, doesn't need to copy it */
+ ret = LDAP_addmod_len(&mods, LDAP_MOD_ADD, "krb5Key", buf, len);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+
+ if (ent->etypes) {
+ /* clobber and replace encryption types. */
+ if (is_new_entry == FALSE) {
+ ret =
+ LDAP_addmod(&mods, LDAP_MOD_DELETE, "krb5EncryptionType",
+ NULL);
+ }
+ for (i = 0; i < ent->etypes->len; i++) {
+ rc = asprintf(&tmp, "%d", ent->etypes->val[i]);
+ if (rc < 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+ free(tmp);
+ ret =
+ LDAP_addmod(&mods, LDAP_MOD_ADD, "krb5EncryptionType",
+ tmp);
+ if (ret != 0) {
+ goto out;
+ }
+ }
+ }
+
+ /* for clarity */
+ ret = 0;
+
+ out:
+
+ if (ret == 0) {
+ *pmods = mods;
+ } else if (mods != NULL) {
+ ldap_mods_free(mods, 1);
+ *pmods = NULL;
+ }
+
+ if (msg != NULL) {
+ hdb_free_entry(context, &orig);
+ }
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP_dn2principal(krb5_context context, HDB * db, const char *dn,
+ krb5_principal * principal)
+{
+ krb5_error_code ret;
+ int rc;
+ char **values;
+ LDAPMessage *res = NULL, *e;
+
+ rc = 1;
+ (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, &rc);
+ rc = ldap_search_s((LDAP *) db->db, db->name, LDAP_SCOPE_BASE,
+ "(objectclass=krb5Principal)", krb5principal_attrs,
+ 0, &res);
+
+ if (rc != LDAP_SUCCESS) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ e = ldap_first_entry((LDAP *) db->db, res);
+ if (e == NULL) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ values = ldap_get_values((LDAP *) db->db, e, "krb5PrincipalName");
+ if (values == NULL) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ ret = krb5_parse_name(context, values[0], principal);
+ ldap_value_free(values);
+
+ out:
+ if (res != NULL) {
+ ldap_msgfree(res);
+ }
+ return ret;
+}
+
+static krb5_error_code
+LDAP__lookup_princ(krb5_context context, HDB * db, const char *princname,
+ LDAPMessage ** msg)
+{
+ krb5_error_code ret;
+ int rc;
+ char *filter = NULL;
+
+ (void) LDAP__connect(context, db);
+
+ rc =
+ asprintf(&filter,
+ "(&(objectclass=krb5KDCEntry)(krb5PrincipalName=%s))",
+ princname);
+ if (rc < 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+
+ rc = 1;
+ (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, (void *) &rc);
+
+ rc = ldap_search_s((LDAP *) db->db, db->name, LDAP_SCOPE_ONELEVEL, filter,
+ krb5kdcentry_attrs, 0, msg);
+ if (rc != LDAP_SUCCESS) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ ret = 0;
+
+ out:
+ if (filter != NULL) {
+ free(filter);
+ }
+ return ret;
+}
+
+static krb5_error_code
+LDAP_principal2message(krb5_context context, HDB * db,
+ krb5_principal princ, LDAPMessage ** msg)
+{
+ char *princname = NULL;
+ krb5_error_code ret;
+
+ ret = krb5_unparse_name(context, princ, &princname);
+ if (ret != 0) {
+ return ret;
+ }
+
+ ret = LDAP__lookup_princ(context, db, princname, msg);
+ free(princname);
+
+ return ret;
+}
+
+/*
+ * Construct an hdb_entry from a directory entry.
+ */
+static krb5_error_code
+LDAP_message2entry(krb5_context context, HDB * db, LDAPMessage * msg,
+ hdb_entry * ent)
+{
+ char *unparsed_name = NULL, *dn = NULL;
+ int ret;
+ unsigned long tmp;
+ struct berval **keys;
+ char **values;
+
+ memset(ent, 0, sizeof(*ent));
+ memset(&ent->flags, 0, sizeof(HDBFlags));
+
+ ret =
+ LDAP_get_string_value(db, msg, "krb5PrincipalName",
+ &unparsed_name);
+ if (ret != 0) {
+ return ret;
+ }
+
+ ret = krb5_parse_name(context, unparsed_name, &ent->principal);
+ if (ret != 0) {
+ goto out;
+ }
+
+ ret =
+ LDAP_get_integer_value(db, msg, "krb5KeyVersionNumber",
+ &ent->kvno);
+ if (ret != 0) {
+ ent->kvno = 0;
+ }
+
+ keys = ldap_get_values_len((LDAP *) db->db, msg, "krb5Key");
+ if (keys != NULL) {
+ int i;
+ size_t l;
+
+ ent->keys.len = ldap_count_values_len(keys);
+ ent->keys.val = (Key *) calloc(ent->keys.len, sizeof(Key));
+ for (i = 0; i < ent->keys.len; i++) {
+ decode_Key((unsigned char *) keys[i]->bv_val,
+ (size_t) keys[i]->bv_len, &ent->keys.val[i], &l);
+ }
+ ber_bvecfree(keys);
+ } else {
+#if 1
+ /*
+ * This violates the ASN1 but it allows a principal to
+ * be related to a general directory entry without creating
+ * the keys. Hopefully it's OK.
+ */
+ ent->keys.len = 0;
+ ent->keys.val = NULL;
+#else
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+#endif
+ }
+
+ ret =
+ LDAP_get_generalized_time_value(db, msg, "createTimestamp",
+ &ent->created_by.time);
+ if (ret != 0) {
+ ent->created_by.time = time(NULL);
+ }
+
+ ent->created_by.principal = NULL;
+
+ ret = LDAP_get_string_value(db, msg, "creatorsName", &dn);
+ if (ret == 0) {
+ if (LDAP_dn2principal(context, db, dn, &ent->created_by.principal)
+ != 0) {
+ ent->created_by.principal = NULL;
+ }
+ free(dn);
+ }
+
+ ent->modified_by = (Event *) malloc(sizeof(Event));
+ if (ent->modified_by == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret =
+ LDAP_get_generalized_time_value(db, msg, "modifyTimestamp",
+ &ent->modified_by->time);
+ if (ret == 0) {
+ ret = LDAP_get_string_value(db, msg, "modifiersName", &dn);
+ if (LDAP_dn2principal
+ (context, db, dn, &ent->modified_by->principal) != 0) {
+ ent->modified_by->principal = NULL;
+ }
+ free(dn);
+ } else {
+ free(ent->modified_by);
+ ent->modified_by = NULL;
+ }
+
+ if ((ent->valid_start = (KerberosTime *) malloc(sizeof(KerberosTime)))
+ == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret =
+ LDAP_get_generalized_time_value(db, msg, "krb5ValidStart",
+ ent->valid_start);
+ if (ret != 0) {
+ /* OPTIONAL */
+ free(ent->valid_start);
+ ent->valid_start = NULL;
+ }
+
+ if ((ent->valid_end = (KerberosTime *) malloc(sizeof(KerberosTime))) ==
+ NULL) {ret = ENOMEM;
+ goto out;
+ }
+ ret =
+ LDAP_get_generalized_time_value(db, msg, "krb5ValidEnd",
+ ent->valid_end);
+ if (ret != 0) {
+ /* OPTIONAL */
+ free(ent->valid_end);
+ ent->valid_end = NULL;
+ }
+
+ if ((ent->pw_end = (KerberosTime *) malloc(sizeof(KerberosTime))) ==
+ NULL) {ret = ENOMEM;
+ goto out;
+ }
+ ret =
+ LDAP_get_generalized_time_value(db, msg, "krb5PasswordEnd",
+ ent->pw_end);
+ if (ret != 0) {
+ /* OPTIONAL */
+ free(ent->pw_end);
+ ent->pw_end = NULL;
+ }
+
+ ent->max_life = (int *) malloc(sizeof(int));
+ if (ent->max_life == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret = LDAP_get_integer_value(db, msg, "krb5MaxLife", ent->max_life);
+ if (ret != 0) {
+ free(ent->max_life);
+ ent->max_life = NULL;
+ }
+
+ ent->max_renew = (int *) malloc(sizeof(int));
+ if (ent->max_renew == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ret = LDAP_get_integer_value(db, msg, "krb5MaxRenew", ent->max_renew);
+ if (ret != 0) {
+ free(ent->max_renew);
+ ent->max_renew = NULL;
+ }
+
+ values = ldap_get_values((LDAP *) db->db, msg, "krb5KDCFlags");
+ if (values != NULL) {
+ tmp = strtoul(values[0], (char **) NULL, 10);
+ if (tmp == ULONG_MAX && errno == ERANGE) {
+ ret = ERANGE;
+ goto out;
+ }
+ } else {
+ tmp = 0;
+ }
+ memcpy(&ent->flags, &tmp, sizeof(HDBFlags));
+
+ values = ldap_get_values((LDAP *) db->db, msg, "krb5EncryptionType");
+ if (values != NULL) {
+ int i;
+
+ ent->etypes = malloc(sizeof(*(ent->etypes)));
+ if (ent->etypes == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ ent->etypes->len = ldap_count_values(values);
+ ent->etypes->val = calloc(ent->etypes->len, sizeof(int));
+ for (i = 0; i < ent->etypes->len; i++) {
+ ent->etypes->val[i] = atoi(values[i]);
+ }
+ ldap_value_free(values);
+ }
+
+ ret = 0;
+
+ out:
+ if (unparsed_name != NULL) {
+ free(unparsed_name);
+ }
+
+ if (ret != 0) {
+ /* I don't think this frees ent itself. */
+ hdb_free_entry(context, ent);
+ }
+
+ return ret;
+}
+
+static krb5_error_code LDAP_close(krb5_context context, HDB * db)
+{
+ LDAP *ld = (LDAP *) db->db;
+
+ ldap_unbind(ld);
+ db->db = NULL;
+ return 0;
+}
+
+static krb5_error_code
+LDAP_lock(krb5_context context, HDB * db, int operation)
+{
+ return 0;
+}
+
+static krb5_error_code LDAP_unlock(krb5_context context, HDB * db)
+{
+ return 0;
+}
+
+static krb5_error_code
+LDAP_seq(krb5_context context, HDB * db, unsigned flags, hdb_entry * entry)
+{
+ int msgid, rc, parserc;
+ krb5_error_code ret;
+ LDAPMessage *e;
+
+ msgid = db->openp; /* BOGUS OVERLOADING */
+ if (msgid < 0) {
+ return HDB_ERR_NOENTRY;
+ }
+
+ do {
+ rc = ldap_result((LDAP *) db->db, msgid, LDAP_MSG_ONE, NULL, &e);
+ switch (rc) {
+ case LDAP_RES_SEARCH_ENTRY:
+ /* We have an entry. Parse it. */
+ ret = LDAP_message2entry(context, db, e, entry);
+ ldap_msgfree(e);
+ break;
+ case LDAP_RES_SEARCH_RESULT:
+ /* We're probably at the end of the results. If not, abandon. */
+ parserc =
+ ldap_parse_result((LDAP *) db->db, e, NULL, NULL, NULL,
+ NULL, NULL, 1);
+ if (parserc != LDAP_SUCCESS
+ && parserc != LDAP_MORE_RESULTS_TO_RETURN) {
+ ldap_abandon((LDAP *) db->db, msgid);
+ }
+ ret = HDB_ERR_NOENTRY;
+ db->openp = -1;
+ break;
+ case 0:
+ case -1:
+ default:
+ /* Some unspecified error (timeout?). Abandon. */
+ ldap_msgfree(e);
+ ldap_abandon((LDAP *) db->db, msgid);
+ ret = HDB_ERR_NOENTRY;
+ db->openp = -1;
+ break;
+ }
+ } while (rc == LDAP_RES_SEARCH_REFERENCE);
+
+ if (ret == 0) {
+ if (db->master_key_set && (flags & HDB_F_DECRYPT)) {
+ ret = hdb_unseal_keys(context, db, entry);
+ if (ret)
+ hdb_free_entry(context,entry);
+ }
+ }
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP_firstkey(krb5_context context, HDB * db, unsigned flags,
+ hdb_entry * entry)
+{
+ int msgid;
+
+ (void) LDAP__connect(context, db);
+
+ msgid = LDAP_NO_LIMIT;
+ (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, &msgid);
+
+ msgid = ldap_search((LDAP *) db->db, db->name,
+ LDAP_SCOPE_ONELEVEL, "(objectclass=krb5KDCEntry)",
+ krb5kdcentry_attrs, 0);
+ if (msgid < 0) {
+ return HDB_ERR_NOENTRY;
+ }
+
+ db->openp = msgid;
+
+ return LDAP_seq(context, db, flags, entry);
+}
+
+static krb5_error_code
+LDAP_nextkey(krb5_context context, HDB * db, unsigned flags,
+ hdb_entry * entry)
+{
+ return LDAP_seq(context, db, flags, entry);
+}
+
+static krb5_error_code
+LDAP_rename(krb5_context context, HDB * db, const char *new_name)
+{
+ return HDB_ERR_DB_INUSE;
+}
+
+static krb5_boolean LDAP__is_user_namingcontext(const char *ctx,
+ char *const *subschema)
+{
+ char *const *p;
+
+ if (!strcasecmp(ctx, "CN=MONITOR")
+ || !strcasecmp(ctx, "CN=CONFIG")) {
+ return FALSE;
+ }
+
+ if (subschema != NULL) {
+ for (p = subschema; *p != NULL; p++) {
+ if (!strcasecmp(ctx, *p)) {
+ return FALSE;
+ }
+ }
+ }
+
+ return TRUE;
+}
+
+static krb5_error_code LDAP__connect(krb5_context context, HDB * db)
+{
+ int rc;
+ krb5_error_code ret;
+ char *attrs[] = { "namingContexts", "subschemaSubentry", NULL };
+ LDAPMessage *res = NULL, *e;
+
+ if (db->db != NULL) {
+ /* connection has been opened. ping server. */
+ struct sockaddr_un addr;
+ socklen_t len;
+ int sd;
+
+ if (ldap_get_option((LDAP *) db->db, LDAP_OPT_DESC, &sd) == 0 &&
+ getpeername(sd, (struct sockaddr *) &addr, &len) < 0) {
+ /* the other end has died. reopen. */
+ LDAP_close(context, db);
+ }
+ }
+
+ if (db->db != NULL) {
+ /* server is UP */
+ return 0;
+ }
+
+ rc = ldap_initialize((LDAP **) & db->db, "ldapi:///");
+ if (rc != LDAP_SUCCESS) {
+ return HDB_ERR_NOENTRY;
+ }
+
+ rc = LDAP_VERSION3;
+ (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_PROTOCOL_VERSION, &rc);
+
+ /* XXX set db->name to the search base */
+ rc = ldap_search_s((LDAP *) db->db, "", LDAP_SCOPE_BASE,
+ "(objectclass=*)", attrs, 0, &res);
+ if (rc != LDAP_SUCCESS) {
+ ret = HDB_ERR_BADVERSION;
+ goto out;
+ }
+
+ e = ldap_first_entry((LDAP *) db->db, res);
+ if (e == NULL) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ if (db->name == NULL) {
+ char **contexts = NULL, **schema_contexts, **p;
+
+ contexts = ldap_get_values((LDAP *) db->db, e, "namingContexts");
+ if (contexts == NULL) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ schema_contexts =
+ ldap_get_values((LDAP *) db->db, e, "subschemaSubentry");
+
+ if (db->name != NULL) {
+ free(db->name);
+ db->name = NULL;
+ }
+
+ for (p = contexts; *p != NULL; p++) {
+ if (LDAP__is_user_namingcontext(*p, schema_contexts)) {
+ break;
+ }
+ }
+
+ db->name = strdup(*p);
+ if (db->name == NULL) {
+ ldap_value_free(contexts);
+ ret = ENOMEM;
+ goto out;
+ }
+
+ ldap_value_free(contexts);
+ if (schema_contexts != NULL) {
+ ldap_value_free(schema_contexts);
+ }
+ }
+
+ ret = 0;
+
+ out:
+
+ if (res != NULL) {
+ ldap_msgfree(res);
+ }
+
+ if (ret != 0) {
+ if (db->db != NULL) {
+ ldap_unbind((LDAP *) db->db);
+ db->db = NULL;
+ }
+ }
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP_open(krb5_context context, HDB * db, int flags, mode_t mode)
+{
+ krb5_error_code ret;
+
+ /* Not the right place for this. */
+#ifdef HAVE_SIGACTION
+ {
+ struct sigaction sa;
+
+ sa.sa_flags = 0;
+ sa.sa_handler = SIG_IGN;
+ sigemptyset(&sa.sa_mask);
+
+ sigaction(SIGPIPE, &sa, NULL);
+ }
+#else
+ signal(SIGPIPE, SIG_IGN);
+#endif
+
+ if (db->name != NULL) {
+ free(db->name);
+ db->name = NULL;
+ }
+
+ ret = LDAP__connect(context, db);
+ if (ret != 0) {
+ return ret;
+ }
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP_fetch(krb5_context context, HDB * db, unsigned flags,
+ hdb_entry * entry)
+{
+ LDAPMessage *msg, *e;
+ krb5_error_code ret;
+
+ ret = LDAP_principal2message(context, db, entry->principal, &msg);
+ if (ret != 0) {
+ return ret;
+ }
+
+ e = ldap_first_entry((LDAP *) db->db, msg);
+ if (e == NULL) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ ret = LDAP_message2entry(context, db, e, entry);
+ if (ret == 0) {
+ if (db->master_key_set && (flags & HDB_F_DECRYPT)) {
+ ret = hdb_unseal_keys(context, db, entry);
+ if (ret)
+ hdb_free_entry(context,entry);
+ }
+ }
+
+ out:
+ ldap_msgfree(msg);
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP_store(krb5_context context, HDB * db, unsigned flags,
+ hdb_entry * entry)
+{
+ LDAPMod **mods = NULL;
+ krb5_error_code ret;
+ LDAPMessage *msg = NULL, *e = NULL;
+ char *dn = NULL, *name = NULL;
+
+ ret = krb5_unparse_name(context, entry->principal, &name);
+ if (ret != 0) {
+ goto out;
+ }
+
+ ret = LDAP__lookup_princ(context, db, name, &msg);
+ if (ret == 0) {
+ e = ldap_first_entry((LDAP *) db->db, msg);
+ }
+
+ ret = hdb_seal_keys(context, db, entry);
+ if (ret)
+ goto out;
+
+ /* turn new entry into LDAPMod array */
+ ret = LDAP_entry2mods(context, db, entry, e, &mods);
+ if (ret != 0) {
+ goto out;
+ }
+
+ if (e == NULL) {
+ /* Doesn't exist yet. */
+ char *p;
+
+ e = NULL;
+
+ /* normalize the naming attribute */
+ for (p = name; *p != '\0'; p++) {
+ *p = (char) tolower((int) *p);
+ }
+
+ /*
+ * We could do getpwnam() on the local component of
+ * the principal to find cn/sn but that's probably
+ * bad thing to do from inside a KDC. Better leave
+ * it to management tools.
+ */
+ ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "cn", name);
+ if (ret < 0) {
+ goto out;
+ }
+
+ ret = LDAP_addmod(&mods, LDAP_MOD_ADD, "sn", name);
+ if (ret < 0) {
+ goto out;
+ }
+
+ ret = asprintf(&dn, "cn=%s,%s", name, db->name);
+ if (ret < 0) {
+ ret = ENOMEM;
+ goto out;
+ }
+ } else if (flags & HDB_F_REPLACE) {
+ /* Entry exists, and we're allowed to replace it. */
+ dn = ldap_get_dn((LDAP *) db->db, e);
+ } else {
+ /* Entry exists, but we're not allowed to replace it. Bail. */
+ ret = HDB_ERR_EXISTS;
+ goto out;
+ }
+
+ /* write entry into directory */
+ if (e == NULL) {
+ /* didn't exist before */
+ ret = ldap_add_s((LDAP *) db->db, dn, mods);
+ } else {
+ /* already existed, send deltas only */
+ ret = ldap_modify_s((LDAP *) db->db, dn, mods);
+ }
+
+ if (ret == LDAP_SUCCESS) {
+ ret = 0;
+ } else {
+ ret = HDB_ERR_CANT_LOCK_DB;
+ }
+
+ out:
+ /* free stuff */
+ if (dn != NULL) {
+ free(dn);
+ }
+
+ if (msg != NULL) {
+ ldap_msgfree(msg);
+ }
+
+ if (mods != NULL) {
+ ldap_mods_free(mods, 1);
+ }
+
+ if (name != NULL) {
+ free(name);
+ }
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP_remove(krb5_context context, HDB * db, hdb_entry * entry)
+{
+ krb5_error_code ret;
+ LDAPMessage *msg, *e;
+ char *dn = NULL;
+
+ ret = LDAP_principal2message(context, db, entry->principal, &msg);
+ if (ret != 0) {
+ goto out;
+ }
+
+ e = ldap_first_entry((LDAP *) db->db, msg);
+ if (e == NULL) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ dn = ldap_get_dn((LDAP *) db->db, e);
+ if (dn == NULL) {
+ ret = HDB_ERR_NOENTRY;
+ goto out;
+ }
+
+ ret = LDAP_NO_LIMIT;
+ (void) ldap_set_option((LDAP *) db->db, LDAP_OPT_SIZELIMIT, &ret);
+
+ ret = ldap_delete_s((LDAP *) db->db, dn);
+ if (ret == LDAP_SUCCESS) {
+ ret = 0;
+ } else {
+ ret = HDB_ERR_CANT_LOCK_DB;
+ }
+
+ out:
+ if (dn != NULL) {
+ free(dn);
+ }
+
+ if (msg != NULL) {
+ ldap_msgfree(msg);
+ }
+
+ return ret;
+}
+
+static krb5_error_code
+LDAP__get(krb5_context context, HDB * db, krb5_data key, krb5_data * reply)
+{
+ fprintf(stderr, "LDAP__get not implemented\n");
+ abort();
+ return 0;
+}
+
+static krb5_error_code
+LDAP__put(krb5_context context, HDB * db, int replace,
+ krb5_data key, krb5_data value)
+{
+ fprintf(stderr, "LDAP__put not implemented\n");
+ abort();
+ return 0;
+}
+
+static krb5_error_code
+LDAP__del(krb5_context context, HDB * db, krb5_data key)
+{
+ fprintf(stderr, "LDAP__del not implemented\n");
+ abort();
+ return 0;
+}
+
+static krb5_error_code LDAP_destroy(krb5_context context, HDB * db)
+{
+ krb5_error_code ret;
+
+ ret = hdb_clear_master_key(context, db);
+ free(db->name);
+ free(db);
+
+ return ret;
+}
+
+krb5_error_code
+hdb_ldap_create(krb5_context context, HDB ** db, const char *filename)
+{
+ *db = malloc(sizeof(**db));
+ if (*db == NULL)
+ return ENOMEM;
+
+ (*db)->db = NULL;
+/* (*db)->name = strdup(filename); */
+ (*db)->name = NULL;
+ (*db)->master_key_set = 0;
+ (*db)->openp = 0;
+ (*db)->open = LDAP_open;
+ (*db)->close = LDAP_close;
+ (*db)->fetch = LDAP_fetch;
+ (*db)->store = LDAP_store;
+ (*db)->remove = LDAP_remove;
+ (*db)->firstkey = LDAP_firstkey;
+ (*db)->nextkey = LDAP_nextkey;
+ (*db)->lock = LDAP_lock;
+ (*db)->unlock = LDAP_unlock;
+ (*db)->rename = LDAP_rename;
+ /* can we ditch these? */
+ (*db)->_get = LDAP__get;
+ (*db)->_put = LDAP__put;
+ (*db)->_del = LDAP__del;
+ (*db)->destroy = LDAP_destroy;
+
+ return 0;
+}
+
+#endif /* OPENLDAP */
diff --git a/crypto/heimdal/lib/hdb/hdb-private.h b/crypto/heimdal/lib/hdb/hdb-private.h
index ce868bd98098..7563d36a3fef 100644
--- a/crypto/heimdal/lib/hdb/hdb-private.h
+++ b/crypto/heimdal/lib/hdb/hdb-private.h
@@ -26,12 +26,6 @@ _hdb_remove __P((
HDB *db,
hdb_entry *entry));
-void
-_hdb_seal_keys_int __P((
- hdb_entry *ent,
- int key_version,
- krb5_data schedule));
-
krb5_error_code
_hdb_store __P((
krb5_context context,
@@ -39,10 +33,4 @@ _hdb_store __P((
unsigned flags,
hdb_entry *entry));
-void
-_hdb_unseal_keys_int __P((
- hdb_entry *ent,
- int key_version,
- krb5_data schedule));
-
#endif /* __hdb_private_h__ */
diff --git a/crypto/heimdal/lib/hdb/hdb-protos.h b/crypto/heimdal/lib/hdb/hdb-protos.h
index e0f15b1dde46..dbb00a502122 100644
--- a/crypto/heimdal/lib/hdb/hdb-protos.h
+++ b/crypto/heimdal/lib/hdb/hdb-protos.h
@@ -14,6 +14,12 @@
#endif
krb5_error_code
+hdb_add_master_key __P((
+ krb5_context context,
+ krb5_keyblock *key,
+ hdb_master_key *inout));
+
+krb5_error_code
hdb_check_db_format __P((
krb5_context context,
HDB *db));
@@ -70,6 +76,11 @@ hdb_free_entry __P((
void
hdb_free_key __P((Key *key));
+void
+hdb_free_master_key __P((
+ krb5_context context,
+ hdb_master_key mkey));
+
krb5_error_code
hdb_init_db __P((
krb5_context context,
@@ -82,6 +93,12 @@ hdb_key2principal __P((
krb5_principal p));
krb5_error_code
+hdb_ldap_create __P((
+ krb5_context context,
+ HDB ** db,
+ const char *filename));
+
+krb5_error_code
hdb_lock __P((
int fd,
int operation));
@@ -95,7 +112,7 @@ hdb_ndbm_create __P((
krb5_error_code
hdb_next_enctype2key __P((
krb5_context context,
- hdb_entry *e,
+ const hdb_entry *e,
krb5_enctype enctype,
Key **key));
@@ -115,25 +132,34 @@ hdb_print_entry __P((
krb5_error_code
hdb_process_master_key __P((
krb5_context context,
- EncryptionKey key,
- krb5_data *schedule));
+ int kvno,
+ krb5_keyblock *key,
+ krb5_enctype etype,
+ hdb_master_key *mkey));
krb5_error_code
hdb_read_master_key __P((
krb5_context context,
const char *filename,
- EncryptionKey *key));
+ hdb_master_key *mkey));
-void
+krb5_error_code
hdb_seal_keys __P((
+ krb5_context context,
HDB *db,
hdb_entry *ent));
krb5_error_code
+hdb_seal_keys_mkey __P((
+ krb5_context context,
+ hdb_entry *ent,
+ hdb_master_key mkey));
+
+krb5_error_code
hdb_set_master_key __P((
krb5_context context,
HDB *db,
- EncryptionKey key));
+ krb5_keyblock *key));
krb5_error_code
hdb_set_master_keyfile __P((
@@ -144,15 +170,28 @@ hdb_set_master_keyfile __P((
krb5_error_code
hdb_unlock __P((int fd));
-void
+krb5_error_code
hdb_unseal_keys __P((
+ krb5_context context,
HDB *db,
hdb_entry *ent));
+krb5_error_code
+hdb_unseal_keys_mkey __P((
+ krb5_context context,
+ hdb_entry *ent,
+ hdb_master_key mkey));
+
int
hdb_value2entry __P((
krb5_context context,
krb5_data *value,
hdb_entry *ent));
+krb5_error_code
+hdb_write_master_key __P((
+ krb5_context context,
+ const char *filename,
+ hdb_master_key mkey));
+
#endif /* __hdb_protos_h__ */
diff --git a/crypto/heimdal/lib/hdb/hdb.asn1 b/crypto/heimdal/lib/hdb/hdb.asn1
index 99537d6ded1c..2a20cd1c97be 100644
--- a/crypto/heimdal/lib/hdb/hdb.asn1
+++ b/crypto/heimdal/lib/hdb/hdb.asn1
@@ -1,10 +1,8 @@
--- $Id: hdb.asn1,v 1.7 1999/05/03 16:48:52 joda Exp $
+-- $Id: hdb.asn1,v 1.8 2000/06/19 15:22:22 joda Exp $
HDB DEFINITIONS ::=
BEGIN
-EncryptionKey EXTERNAL
-KerberosTime EXTERNAL
-Principal EXTERNAL
+IMPORTS EncryptionKey, KerberosTime, Principal FROM krb5;
HDB_DB_FORMAT INTEGER ::= 2 -- format of database,
-- update when making changes
diff --git a/crypto/heimdal/lib/hdb/hdb.c b/crypto/heimdal/lib/hdb/hdb.c
index edf6677e6041..1565f038d3a0 100644
--- a/crypto/heimdal/lib/hdb/hdb.c
+++ b/crypto/heimdal/lib/hdb/hdb.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,17 +33,42 @@
#include "hdb_locl.h"
-RCSID("$Id: hdb.c,v 1.35 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: hdb.c,v 1.42 2000/11/15 23:12:15 assar Exp $");
+
+struct hdb_method {
+ const char *prefix;
+ krb5_error_code (*create)(krb5_context, HDB **, const char *filename);
+};
+
+static struct hdb_method methods[] = {
+#ifdef HAVE_DB_H
+ {"db:", hdb_db_create},
+#endif
+#if defined(HAVE_NDBM_H) || defined(HAVE_GDBM_NDBM_H)
+ {"ndbm:", hdb_ndbm_create},
+#endif
+#ifdef OPENLDAP
+ {"ldap:", hdb_ldap_create},
+#endif
+#ifdef HAVE_DB_H
+ {"", hdb_db_create},
+#elif defined(HAVE_NDBM_H)
+ {"", hdb_ndbm_create},
+#elif defined(OPENLDAP)
+ {"", hdb_ldap_create},
+#endif
+ {NULL, NULL}
+};
krb5_error_code
hdb_next_enctype2key(krb5_context context,
- hdb_entry *e,
+ const hdb_entry *e,
krb5_enctype enctype,
Key **key)
{
Key *k;
- for (k = *key ? *key : e->keys.val;
+ for (k = *key ? (*key) + 1 : e->keys.val;
k < e->keys.val + e->keys.len;
k++)
if(k->key.keytype == enctype){
@@ -63,108 +88,6 @@ hdb_enctype2key(krb5_context context,
return hdb_next_enctype2key(context, e, enctype, key);
}
-/* this is a bit ugly, but will get better when the crypto framework
- gets fixed */
-
-krb5_error_code
-hdb_process_master_key(krb5_context context, EncryptionKey key,
- krb5_data *schedule)
-{
- krb5_error_code ret;
-
- if(key.keytype != ETYPE_DES_CBC_MD5)
- return KRB5_PROG_KEYTYPE_NOSUPP;
-
- ret = krb5_data_alloc (schedule, sizeof(des_key_schedule));
- if (ret)
- return ret;
-
- des_set_key((des_cblock*)key.keyvalue.data, schedule->data);
- return 0;
-}
-
-krb5_error_code
-hdb_read_master_key(krb5_context context, const char *filename,
- EncryptionKey *key)
-{
- FILE *f;
- unsigned char buf[256];
- size_t len;
- krb5_error_code ret;
- if(filename == NULL)
- filename = HDB_DB_DIR "/m-key";
- f = fopen(filename, "r");
- if(f == NULL)
- return errno;
- len = fread(buf, 1, sizeof(buf), f);
- if(ferror(f))
- ret = errno;
- else
- ret = decode_EncryptionKey(buf, len, key, &len);
- fclose(f);
- memset(buf, 0, sizeof(buf));
- return ret;
-}
-
-void
-_hdb_unseal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule)
-{
- int i;
- for(i = 0; i < ent->keys.len; i++){
- des_cblock iv;
- int num = 0;
- if(ent->keys.val[i].mkvno == NULL)
- continue;
- if(*ent->keys.val[i].mkvno != key_version)
- ;
- memset(&iv, 0, sizeof(iv));
-
- des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data,
- ent->keys.val[i].key.keyvalue.data,
- ent->keys.val[i].key.keyvalue.length,
- schedule.data, &iv, &num, 0);
- free(ent->keys.val[i].mkvno);
- ent->keys.val[i].mkvno = NULL;
- }
-}
-
-void
-hdb_unseal_keys(HDB *db, hdb_entry *ent)
-{
- if (db->master_key_set == 0)
- return;
- _hdb_unseal_keys_int(ent, db->master_key_version, db->master_key);
-}
-
-void
-_hdb_seal_keys_int(hdb_entry *ent, int key_version, krb5_data schedule)
-{
- int i;
- for(i = 0; i < ent->keys.len; i++){
- des_cblock iv;
- int num = 0;
-
- if(ent->keys.val[i].mkvno != NULL)
- continue;
- memset(&iv, 0, sizeof(iv));
- des_cfb64_encrypt(ent->keys.val[i].key.keyvalue.data,
- ent->keys.val[i].key.keyvalue.data,
- ent->keys.val[i].key.keyvalue.length,
- schedule.data, &iv, &num, 1);
- ent->keys.val[i].mkvno = malloc(sizeof(*ent->keys.val[i].mkvno));
- *ent->keys.val[i].mkvno = key_version;
- }
-}
-
-void
-hdb_seal_keys(HDB *db, hdb_entry *ent)
-{
- if (db->master_key_set == 0)
- return;
-
- _hdb_seal_keys_int(ent, db->master_key_version, db->master_key);
-}
-
void
hdb_free_key(Key *key)
{
@@ -179,7 +102,8 @@ hdb_free_key(Key *key)
krb5_error_code
hdb_lock(int fd, int operation)
{
- int i, code;
+ int i, code = 0;
+
for(i = 0; i < 3; i++){
code = flock(fd, (operation == HDB_RLOCK ? LOCK_SH : LOCK_EX) | LOCK_NB);
if(code == 0 || errno != EWOULDBLOCK)
@@ -281,69 +205,36 @@ hdb_init_db(krb5_context context, HDB *db)
return ret;
}
-krb5_error_code
-hdb_create(krb5_context context, HDB **db, const char *filename)
-{
- krb5_error_code ret = 0;
- if(filename == NULL)
- filename = HDB_DEFAULT_DB;
- initialize_hdb_error_table_r(&context->et_list);
-#ifdef HAVE_DB_H
- ret = hdb_db_create(context, db, filename);
-#elif HAVE_NDBM_H
- ret = hdb_ndbm_create(context, db, filename);
-#else
- krb5_errx(context, 1, "No database support! (hdb_create)");
-#endif
- return ret;
-}
+/*
+ * find the relevant method for `filename', returning a pointer to the
+ * rest in `rest'.
+ * return NULL if there's no such method.
+ */
-krb5_error_code
-hdb_set_master_key (krb5_context context,
- HDB *db,
- EncryptionKey key)
+static const struct hdb_method *
+find_method (const char *filename, const char **rest)
{
- krb5_error_code ret;
+ const struct hdb_method *h;
- ret = hdb_process_master_key(context, key, &db->master_key);
- if (ret)
- return ret;
-#if 0 /* XXX - why? */
- des_set_random_generator_seed(key.keyvalue.data);
-#endif
- db->master_key_set = 1;
- db->master_key_version = 0; /* XXX */
- return 0;
+ for (h = methods; h->prefix != NULL; ++h)
+ if (strncmp (filename, h->prefix, strlen(h->prefix)) == 0) {
+ *rest = filename + strlen(h->prefix);
+ return h;
+ }
+ return NULL;
}
krb5_error_code
-hdb_set_master_keyfile (krb5_context context,
- HDB *db,
- const char *keyfile)
+hdb_create(krb5_context context, HDB **db, const char *filename)
{
- EncryptionKey key;
- krb5_error_code ret;
-
- ret = hdb_read_master_key(context, keyfile, &key);
- if (ret) {
- if (ret != ENOENT)
- return ret;
- return 0;
- }
- ret = hdb_set_master_key(context, db, key);
- memset(key.keyvalue.data, 0, key.keyvalue.length);
- free_EncryptionKey(&key);
- return ret;
-}
+ const struct hdb_method *h;
+ const char *residual;
-krb5_error_code
-hdb_clear_master_key (krb5_context context,
- HDB *db)
-{
- if (db->master_key_set) {
- memset(db->master_key.data, 0, db->master_key.length);
- krb5_data_free(&db->master_key);
- db->master_key_set = 0;
- }
- return 0;
+ if(filename == NULL)
+ filename = HDB_DEFAULT_DB;
+ initialize_hdb_error_table_r(&context->et_list);
+ h = find_method (filename, &residual);
+ if (h == NULL)
+ krb5_errx(context, 1, "No database support! (hdb_create)");
+ return (*h->create)(context, db, residual);
}
diff --git a/crypto/heimdal/lib/hdb/hdb.h b/crypto/heimdal/lib/hdb/hdb.h
index f4cb001da819..21d739b98b86 100644
--- a/crypto/heimdal/lib/hdb/hdb.h
+++ b/crypto/heimdal/lib/hdb/hdb.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: hdb.h,v 1.26 1999/12/02 17:05:05 joda Exp $ */
+/* $Id: hdb.h,v 1.31 2000/07/08 16:03:37 joda Exp $ */
#ifndef __HDB_H__
#define __HDB_H__
@@ -46,12 +46,17 @@ enum hdb_lockop{ HDB_RLOCK, HDB_WLOCK };
#define HDB_F_DECRYPT 1 /* decrypt keys */
#define HDB_F_REPLACE 2 /* replace entry */
+/* key usage for master key */
+#define HDB_KU_MKEY 0x484442
+
+typedef struct hdb_master_key_data *hdb_master_key;
+
typedef struct HDB{
void *db;
+ void *dbc;
char *name;
int master_key_set;
- krb5_data master_key;
- int master_key_version;
+ hdb_master_key master_key;
int openp;
krb5_error_code (*open)(krb5_context, struct HDB*, int, mode_t);
diff --git a/crypto/heimdal/lib/hdb/hdb_err.et b/crypto/heimdal/lib/hdb/hdb_err.et
index a08a2d4b4f2e..9929a56311e5 100644
--- a/crypto/heimdal/lib/hdb/hdb_err.et
+++ b/crypto/heimdal/lib/hdb/hdb_err.et
@@ -3,7 +3,7 @@
#
# This might look like a com_err file, but is not
#
-id "$Id: hdb_err.et,v 1.4 1998/02/16 16:29:15 joda Exp $"
+id "$Id: hdb_err.et,v 1.5 2001/01/28 23:05:52 assar Exp $"
error_table hdb
@@ -22,5 +22,6 @@ error_code BADLOCKMODE, "Invalid kdb lock mode"
error_code CANT_LOCK_DB, "Insufficient access to lock database"
error_code EXISTS, "Entry already exists in database"
error_code BADVERSION, "Wrong database version"
+error_code NO_MKEY, "No correct master key"
end
diff --git a/crypto/heimdal/lib/hdb/hdb_locl.h b/crypto/heimdal/lib/hdb/hdb_locl.h
index 5d0a6d01a4e5..1c825fa550ba 100644
--- a/crypto/heimdal/lib/hdb/hdb_locl.h
+++ b/crypto/heimdal/lib/hdb/hdb_locl.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: hdb_locl.h,v 1.13 2000/02/06 05:17:05 assar Exp $ */
+/* $Id: hdb_locl.h,v 1.14 2000/11/14 06:57:17 assar Exp $ */
#ifndef __HDB_LOCL_H__
#define __HDB_LOCL_H__
@@ -67,8 +67,10 @@
#include <db.h>
#endif
-#ifdef HAVE_NDBM_H
+#if defined(HAVE_NDBM_H)
#include <ndbm.h>
+#elif defined(HAVE_GDBM_NDBM_H)
+#include <gdbm/ndbm.h>
#endif
int hdb_principal2key(krb5_context, krb5_principal, krb5_data*);
diff --git a/crypto/heimdal/lib/hdb/keytab.c b/crypto/heimdal/lib/hdb/keytab.c
index d9be75d34be6..5de3cc518ef6 100644
--- a/crypto/heimdal/lib/hdb/keytab.c
+++ b/crypto/heimdal/lib/hdb/keytab.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -35,20 +35,24 @@
/* keytab backend for HDB databases */
-RCSID("$Id: keytab.c,v 1.2 1999/08/26 13:24:05 joda Exp $");
+RCSID("$Id: keytab.c,v 1.3 2000/08/27 04:31:42 assar Exp $");
struct hdb_data {
char *dbname;
char *mkey;
- HDB *db;
};
+/*
+ * the format for HDB keytabs is:
+ * HDB:[database:mkey]
+ */
+
static krb5_error_code
hdb_resolve(krb5_context context, const char *name, krb5_keytab id)
{
- krb5_error_code ret;
struct hdb_data *d;
const char *db, *mkey;
+
d = malloc(sizeof(*d));
if(d == NULL)
return ENOMEM;
@@ -74,7 +78,7 @@ hdb_resolve(krb5_context context, const char *name, krb5_keytab id)
free(d);
return ENOMEM;
}
- strncpy(d->dbname, db, mkey - db);
+ memmove(d->dbname, db, mkey - db);
d->dbname[mkey - db] = '\0';
}
d->mkey = strdup(mkey + 1);
@@ -84,21 +88,6 @@ hdb_resolve(krb5_context context, const char *name, krb5_keytab id)
return ENOMEM;
}
}
- ret = hdb_create(context, &d->db, d->dbname);
- if(ret) {
- free(d->dbname);
- free(d->mkey);
- free(d);
- return ret;
- }
- ret = hdb_set_master_keyfile (context, d->db, d->mkey);
- if(ret) {
- (*d->db->destroy)(context, d->db);
- free(d->dbname);
- free(d->mkey);
- free(d);
- return ret;
- }
id->data = d;
return 0;
}
@@ -107,7 +96,9 @@ static krb5_error_code
hdb_close(krb5_context context, krb5_keytab id)
{
struct hdb_data *d = id->data;
- (*d->db->destroy)(context, d->db);
+
+ free(d->dbname);
+ free(d->mkey);
free(d);
return 0;
}
@@ -119,6 +110,7 @@ hdb_get_name(krb5_context context,
size_t namesize)
{
struct hdb_data *d = id->data;
+
snprintf(name, namesize, "%s%s%s",
d->dbname ? d->dbname : "",
(d->dbname || d->mkey) ? ":" : "",
@@ -126,6 +118,68 @@ hdb_get_name(krb5_context context,
return 0;
}
+static void
+set_config (krb5_context context,
+ krb5_config_binding *binding,
+ const char **dbname,
+ const char **mkey)
+{
+ *dbname = krb5_config_get_string(context, binding, "dbname", NULL);
+ *mkey = krb5_config_get_string(context, binding, "mkey_file", NULL);
+}
+
+/*
+ * try to figure out the database (`dbname') and master-key (`mkey')
+ * that should be used for `principal'.
+ */
+
+static void
+find_db (krb5_context context,
+ const char **dbname,
+ const char **mkey,
+ krb5_const_principal principal)
+{
+ krb5_config_binding *top_bind = NULL;
+ krb5_config_binding *default_binding = NULL;
+ krb5_config_binding *db;
+ krb5_realm *prealm = krb5_princ_realm(context, (krb5_principal)principal);
+
+ *dbname = *mkey = NULL;
+
+ while ((db = (krb5_config_binding *)
+ krb5_config_get_next(context,
+ NULL,
+ &top_bind,
+ krb5_config_list,
+ "kdc",
+ "database",
+ NULL)) != NULL) {
+ const char *p;
+
+ p = krb5_config_get_string (context, db, "realm", NULL);
+ if (p == NULL) {
+ if(default_binding) {
+ krb5_warnx(context, "WARNING: more than one realm-less "
+ "database specification");
+ krb5_warnx(context, "WARNING: using the first encountered");
+ } else
+ default_binding = db;
+ } else if (strcmp (*prealm, p) == 0) {
+ set_config (context, db, dbname, mkey);
+ break;
+ }
+ }
+ if (*dbname == NULL && default_binding != NULL)
+ set_config (context, default_binding, dbname, mkey);
+ if (*dbname == NULL)
+ *dbname = HDB_DEFAULT_DB;
+}
+
+/*
+ * find the keytab entry in `id' for `principal, kvno, enctype' and return
+ * it in `entry'. return 0 or an error code
+ */
+
static krb5_error_code
hdb_get_entry(krb5_context context,
krb5_keytab id,
@@ -138,13 +192,32 @@ hdb_get_entry(krb5_context context,
krb5_error_code ret;
struct hdb_data *d = id->data;
int i;
+ HDB *db;
+ const char *dbname = d->dbname;
+ const char *mkey = d->mkey;
+
+ if (dbname == NULL)
+ find_db (context, &dbname, &mkey, principal);
- ret = (*d->db->open)(context, d->db, O_RDONLY, 0);
+ ret = hdb_create (context, &db, dbname);
if (ret)
return ret;
+ ret = hdb_set_master_keyfile (context, db, mkey);
+ if (ret) {
+ (*db->destroy)(context, db);
+ return ret;
+ }
+
+ ret = (*db->open)(context, db, O_RDONLY, 0);
+ if (ret) {
+ (*db->destroy)(context, db);
+ return ret;
+ }
ent.principal = (krb5_principal)principal;
- ret = (*d->db->fetch)(context, d->db, HDB_F_DECRYPT, &ent);
- (*d->db->close)(context, d->db);
+ ret = (*db->fetch)(context, db, HDB_F_DECRYPT, &ent);
+ (*db->close)(context, db);
+ (*db->destroy)(context, db);
+
if(ret == HDB_ERR_NOENTRY)
return KRB5_KT_NOTFOUND;
else if(ret)
@@ -184,4 +257,3 @@ krb5_kt_ops hdb_kt_ops = {
NULL, /* add */
NULL /* remove */
};
-
diff --git a/crypto/heimdal/lib/hdb/mkey.c b/crypto/heimdal/lib/hdb/mkey.c
new file mode 100644
index 000000000000..2c853334f398
--- /dev/null
+++ b/crypto/heimdal/lib/hdb/mkey.c
@@ -0,0 +1,475 @@
+/*
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "hdb_locl.h"
+#ifndef O_BINARY
+#define O_BINARY 0
+#endif
+
+RCSID("$Id: mkey.c,v 1.8 2001/01/30 01:20:57 assar Exp $");
+
+struct hdb_master_key_data {
+ krb5_keytab_entry keytab;
+ krb5_crypto crypto;
+ struct hdb_master_key_data *next;
+};
+
+void
+hdb_free_master_key(krb5_context context, hdb_master_key mkey)
+{
+ struct hdb_master_key_data *ptr;
+ while(mkey) {
+ krb5_kt_free_entry(context, &mkey->keytab);
+ krb5_crypto_destroy(context, mkey->crypto);
+ ptr = mkey;
+ mkey = mkey->next;
+ free(ptr);
+ }
+}
+
+krb5_error_code
+hdb_process_master_key(krb5_context context,
+ int kvno, krb5_keyblock *key, krb5_enctype etype,
+ hdb_master_key *mkey)
+{
+ krb5_error_code ret;
+ *mkey = calloc(1, sizeof(**mkey));
+ if(*mkey == NULL)
+ return ENOMEM;
+ (*mkey)->keytab.vno = kvno;
+ ret = krb5_parse_name(context, "K/M", &(*mkey)->keytab.principal);
+ ret = krb5_copy_keyblock_contents(context, key, &(*mkey)->keytab.keyblock);
+ if(ret) {
+ free(*mkey);
+ *mkey = NULL;
+ return ret;
+ }
+ if(etype != 0)
+ (*mkey)->keytab.keyblock.keytype = etype;
+ (*mkey)->keytab.timestamp = time(NULL);
+ ret = krb5_crypto_init(context, key, etype, &(*mkey)->crypto);
+ if(ret) {
+ krb5_free_keyblock_contents(context, &(*mkey)->keytab.keyblock);
+ free(*mkey);
+ *mkey = NULL;
+ }
+ return ret;
+}
+
+krb5_error_code
+hdb_add_master_key(krb5_context context, krb5_keyblock *key,
+ hdb_master_key *inout)
+{
+ int vno = 0;
+ hdb_master_key p;
+ krb5_error_code ret;
+
+ for(p = *inout; p; p = p->next)
+ vno = max(vno, p->keytab.vno);
+ vno++;
+ ret = hdb_process_master_key(context, vno, key, 0, &p);
+ if(ret)
+ return ret;
+ p->next = *inout;
+ *inout = p;
+ return 0;
+}
+
+static krb5_error_code
+read_master_keytab(krb5_context context, const char *filename,
+ hdb_master_key *mkey)
+{
+ krb5_error_code ret;
+ krb5_keytab id;
+ krb5_kt_cursor cursor;
+ krb5_keytab_entry entry;
+ hdb_master_key p;
+
+ ret = krb5_kt_resolve(context, filename, &id);
+ if(ret)
+ return ret;
+
+ ret = krb5_kt_start_seq_get(context, id, &cursor);
+ if(ret)
+ goto out;
+ *mkey = NULL;
+ while(krb5_kt_next_entry(context, id, &entry, &cursor) == 0) {
+ p = calloc(1, sizeof(*p));
+ p->keytab = entry;
+ ret = krb5_crypto_init(context, &p->keytab.keyblock, 0, &p->crypto);
+ p->next = *mkey;
+ *mkey = p;
+ }
+ krb5_kt_end_seq_get(context, id, &cursor);
+ out:
+ krb5_kt_close(context, id);
+ return ret;
+}
+
+/* read a MIT master keyfile */
+static krb5_error_code
+read_master_mit(krb5_context context, const char *filename,
+ hdb_master_key *mkey)
+{
+ int fd;
+ krb5_error_code ret;
+ krb5_storage *sp;
+ u_int16_t enctype;
+ krb5_keyblock key;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if(fd < 0)
+ return errno;
+ sp = krb5_storage_from_fd(fd);
+ if(sp == NULL) {
+ close(fd);
+ return errno;
+ }
+ krb5_storage_set_flags(sp, KRB5_STORAGE_HOST_BYTEORDER);
+#if 0
+ /* could possibly use ret_keyblock here, but do it with more
+ checks for now */
+ ret = krb5_ret_keyblock(sp, &key);
+#else
+ ret = krb5_ret_int16(sp, &enctype);
+ if((htons(enctype) & 0xff00) == 0x3000) {
+ ret = HEIM_ERR_BAD_MKEY;
+ goto out;
+ }
+ key.keytype = enctype;
+ ret = krb5_ret_data(sp, &key.keyvalue);
+ if(ret)
+ goto out;
+#endif
+ ret = hdb_process_master_key(context, 0, &key, 0, mkey);
+ krb5_free_keyblock_contents(context, &key);
+ out:
+ krb5_storage_free(sp);
+ close(fd);
+ return ret;
+}
+
+/* read an old master key file */
+static krb5_error_code
+read_master_encryptionkey(krb5_context context, const char *filename,
+ hdb_master_key *mkey)
+{
+ int fd;
+ krb5_keyblock key;
+ krb5_error_code ret;
+ unsigned char buf[256];
+ ssize_t len;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if(fd < 0)
+ return errno;
+
+ len = read(fd, buf, sizeof(buf));
+ close(fd);
+ if(len < 0)
+ return errno;
+
+ ret = decode_EncryptionKey(buf, len, &key, &len);
+ memset(buf, 0, sizeof(buf));
+ if(ret)
+ return ret;
+
+ /* Originally, the keytype was just that, and later it got changed
+ to des-cbc-md5, but we always used des in cfb64 mode. This
+ should cover all cases, but will break if someone has hacked
+ this code to really use des-cbc-md5 -- but then that's not my
+ problem. */
+ if(key.keytype == KEYTYPE_DES || key.keytype == ETYPE_DES_CBC_MD5)
+ key.keytype = ETYPE_DES_CFB64_NONE;
+
+ ret = hdb_process_master_key(context, 0, &key, 0, mkey);
+ krb5_free_keyblock_contents(context, &key);
+ return ret;
+}
+
+/* read a krb4 /.k style file */
+static krb5_error_code
+read_master_krb4(krb5_context context, const char *filename,
+ hdb_master_key *mkey)
+{
+ int fd;
+ krb5_keyblock key;
+ krb5_error_code ret;
+ unsigned char buf[256];
+ ssize_t len;
+
+ fd = open(filename, O_RDONLY | O_BINARY);
+ if(fd < 0)
+ return errno;
+
+ len = read(fd, buf, sizeof(buf));
+ close(fd);
+ if(len < 0)
+ return errno;
+
+ memset(&key, 0, sizeof(key));
+ key.keytype = ETYPE_DES_PCBC_NONE;
+ ret = krb5_data_copy(&key.keyvalue, buf, len);
+ memset(buf, 0, sizeof(buf));
+ if(ret)
+ return ret;
+
+ ret = hdb_process_master_key(context, 0, &key, 0, mkey);
+ krb5_free_keyblock_contents(context, &key);
+ return ret;
+}
+
+krb5_error_code
+hdb_read_master_key(krb5_context context, const char *filename,
+ hdb_master_key *mkey)
+{
+ FILE *f;
+ unsigned char buf[16];
+ krb5_error_code ret;
+
+ off_t len;
+
+ *mkey = NULL;
+
+ if(filename == NULL)
+ filename = HDB_DB_DIR "/m-key";
+
+ f = fopen(filename, "r");
+ if(f == NULL)
+ return errno;
+
+ if(fread(buf, 1, 2, f) != 2) {
+ fclose(f);
+ return HEIM_ERR_EOF;
+ }
+
+ fseek(f, 0, SEEK_END);
+ len = ftell(f);
+
+ if(fclose(f) != 0)
+ return errno;
+
+ if(len < 0)
+ return errno;
+
+ if(len == 8) {
+ ret = read_master_krb4(context, filename, mkey);
+ } else if(buf[0] == 0x30 && len <= 127 && buf[1] == len - 2) {
+ ret = read_master_encryptionkey(context, filename, mkey);
+ } else if(buf[0] == 5 && buf[1] >= 1 && buf[1] <= 2) {
+ ret = read_master_keytab(context, filename, mkey);
+ } else {
+ ret = read_master_mit(context, filename, mkey);
+ }
+ return ret;
+}
+
+krb5_error_code
+hdb_write_master_key(krb5_context context, const char *filename,
+ hdb_master_key mkey)
+{
+ krb5_error_code ret;
+ hdb_master_key p;
+ krb5_keytab kt;
+
+ if(filename == NULL)
+ filename = HDB_DB_DIR "/m-key";
+
+ ret = krb5_kt_resolve(context, filename, &kt);
+ if(ret)
+ return ret;
+
+ for(p = mkey; p; p = p->next) {
+ ret = krb5_kt_add_entry(context, kt, &p->keytab);
+ }
+
+ krb5_kt_close(context, kt);
+
+ return ret;
+}
+
+static hdb_master_key
+find_master_key(Key *key, hdb_master_key mkey)
+{
+ hdb_master_key ret = NULL;
+ while(mkey) {
+ if(ret == NULL && mkey->keytab.vno == 0)
+ ret = mkey;
+ if(key->mkvno == NULL) {
+ if(ret == NULL || mkey->keytab.vno > ret->keytab.vno)
+ ret = mkey;
+ } else if(mkey->keytab.vno == *key->mkvno)
+ return mkey;
+ mkey = mkey->next;
+ }
+ return ret;
+}
+
+krb5_error_code
+hdb_unseal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
+{
+ int i;
+ krb5_error_code ret;
+ krb5_data res;
+ Key *k;
+
+ for(i = 0; i < ent->keys.len; i++){
+ hdb_master_key key;
+
+ k = &ent->keys.val[i];
+ if(k->mkvno == NULL)
+ continue;
+
+ key = find_master_key(&ent->keys.val[i], mkey);
+
+ if (key == NULL)
+ return HDB_ERR_NO_MKEY;
+
+ ret = krb5_decrypt(context, key->crypto, HDB_KU_MKEY,
+ k->key.keyvalue.data,
+ k->key.keyvalue.length,
+ &res);
+ if (ret)
+ return ret;
+
+ memset(k->key.keyvalue.data, 0, k->key.keyvalue.length);
+ free(k->key.keyvalue.data);
+ k->key.keyvalue = res;
+ free(k->mkvno);
+ k->mkvno = NULL;
+ }
+ return 0;
+}
+
+krb5_error_code
+hdb_unseal_keys(krb5_context context, HDB *db, hdb_entry *ent)
+{
+ if (db->master_key_set == 0)
+ return 0;
+ return hdb_unseal_keys_mkey(context, ent, db->master_key);
+}
+
+krb5_error_code
+hdb_seal_keys_mkey(krb5_context context, hdb_entry *ent, hdb_master_key mkey)
+{
+ int i;
+ krb5_error_code ret;
+ krb5_data res;
+ for(i = 0; i < ent->keys.len; i++){
+ Key *k = &ent->keys.val[i];
+ hdb_master_key key;
+
+ if(k->mkvno != NULL)
+ continue;
+
+ key = find_master_key(k, mkey);
+
+ if (key == NULL)
+ return HDB_ERR_NO_MKEY;
+
+ ret = krb5_encrypt(context, key->crypto, HDB_KU_MKEY,
+ k->key.keyvalue.data,
+ k->key.keyvalue.length,
+ &res);
+ if (ret)
+ return ret;
+
+ memset(k->key.keyvalue.data, 0, k->key.keyvalue.length);
+ free(k->key.keyvalue.data);
+ k->key.keyvalue = res;
+
+ k->mkvno = malloc(sizeof(*k->mkvno));
+ if (k->mkvno == NULL)
+ return ENOMEM;
+ *k->mkvno = key->keytab.vno;
+ }
+ return 0;
+}
+
+krb5_error_code
+hdb_seal_keys(krb5_context context, HDB *db, hdb_entry *ent)
+{
+ if (db->master_key_set == 0)
+ return 0;
+
+ return hdb_seal_keys_mkey(context, ent, db->master_key);
+}
+
+krb5_error_code
+hdb_set_master_key (krb5_context context,
+ HDB *db,
+ krb5_keyblock *key)
+{
+ krb5_error_code ret;
+ hdb_master_key mkey;
+
+ ret = hdb_process_master_key(context, 0, key, 0, &mkey);
+ if (ret)
+ return ret;
+ db->master_key = mkey;
+#if 0 /* XXX - why? */
+ des_set_random_generator_seed(key.keyvalue.data);
+#endif
+ db->master_key_set = 1;
+ return 0;
+}
+
+krb5_error_code
+hdb_set_master_keyfile (krb5_context context,
+ HDB *db,
+ const char *keyfile)
+{
+ hdb_master_key key;
+ krb5_error_code ret;
+
+ ret = hdb_read_master_key(context, keyfile, &key);
+ if (ret) {
+ if (ret != ENOENT)
+ return ret;
+ return 0;
+ }
+ db->master_key = key;
+ db->master_key_set = 1;
+ return ret;
+}
+
+krb5_error_code
+hdb_clear_master_key (krb5_context context,
+ HDB *db)
+{
+ if (db->master_key_set) {
+ hdb_free_master_key(context, db->master_key);
+ db->master_key_set = 0;
+ }
+ return 0;
+}
diff --git a/crypto/heimdal/lib/hdb/ndbm.c b/crypto/heimdal/lib/hdb/ndbm.c
index 79ca978e74bb..b4335f9af6be 100644
--- a/crypto/heimdal/lib/hdb/ndbm.c
+++ b/crypto/heimdal/lib/hdb/ndbm.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,9 +33,9 @@
#include "hdb_locl.h"
-RCSID("$Id: ndbm.c,v 1.26 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: ndbm.c,v 1.30 2001/01/30 01:24:00 assar Exp $");
-#ifdef HAVE_NDBM_H
+#if defined(HAVE_NDBM_H) || defined(HAVE_GDBM_NDBM_H)
struct ndbm_db {
DBM *db;
@@ -75,7 +75,7 @@ NDBM_seq(krb5_context context, HDB *db,
struct ndbm_db *d = (struct ndbm_db *)db->db;
datum key, value;
krb5_data key_data, data;
- krb5_error_code ret;
+ krb5_error_code ret = 0;
if(first)
key = dbm_firstkey(d->db);
@@ -93,13 +93,21 @@ NDBM_seq(krb5_context context, HDB *db,
data.length = value.dsize;
if(hdb_value2entry(context, &data, entry))
return NDBM_seq(context, db, flags, entry, 0);
- if (db->master_key_set && (flags & HDB_F_DECRYPT))
- hdb_unseal_keys (db, entry);
+ if (db->master_key_set && (flags & HDB_F_DECRYPT)) {
+ ret = hdb_unseal_keys (context, db, entry);
+ if (ret)
+ hdb_free_entry (context, entry);
+ }
if (entry->principal == NULL) {
entry->principal = malloc (sizeof(*entry->principal));
- hdb_key2principal (context, &key_data, entry->principal);
+ if (entry->principal == NULL) {
+ ret = ENOMEM;
+ hdb_free_entry (context, entry);
+ } else {
+ hdb_key2principal (context, &key_data, entry->principal);
+ }
}
- return 0;
+ return ret;
}
@@ -312,5 +320,4 @@ hdb_ndbm_create(krb5_context context, HDB **db,
return 0;
}
-
#endif
diff --git a/crypto/heimdal/lib/hdb/print.c b/crypto/heimdal/lib/hdb/print.c
index 5db316618cf9..903e78b79902 100644
--- a/crypto/heimdal/lib/hdb/print.c
+++ b/crypto/heimdal/lib/hdb/print.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "hdb_locl.h"
#include <ctype.h>
-RCSID("$Id: print.c,v 1.4 1999/12/26 13:50:22 assar Exp $");
+RCSID("$Id: print.c,v 1.5 2001/01/26 15:08:36 joda Exp $");
/*
This is the present contents of a dump line. This might change at
@@ -75,9 +75,14 @@ append_hex(char *str, krb5_data *data)
p[data->length + 1] = '\"';
memcpy(p + 1, data->data, data->length);
}else{
- p = calloc(1, data->length * 2 + 1);
- for(i = 0; i < data->length; i++)
- sprintf(p + 2 * i, "%02x", ((u_char*)data->data)[i]);
+ const char *xchars = "0123456789abcdef";
+ char *q = p = malloc(data->length * 2 + 1);
+ for(i = 0; i < data->length; i++) {
+ unsigned char c = ((u_char*)data->data)[i];
+ *q++ = xchars[(c & 0xf0) >> 4];
+ *q++ = xchars[(c & 0xf)];
+ }
+ *q = '\0';
}
strcat(str, p);
free(p);
@@ -123,6 +128,7 @@ hdb_entry2string(krb5_context context, hdb_entry *ent, char **str)
{
char *p;
char buf[1024] = "";
+ char tmp[32];
int i;
krb5_error_code ret;
@@ -134,29 +140,26 @@ hdb_entry2string(krb5_context context, hdb_entry *ent, char **str)
strlcat(buf, " ", sizeof(buf));
free(p);
/* --- kvno */
- asprintf(&p, "%d", ent->kvno);
- strlcat(buf, p, sizeof(buf));
- free(p);
+ snprintf(tmp, sizeof(tmp), "%d", ent->kvno);
+ strlcat(buf, tmp, sizeof(buf));
/* --- keys */
for(i = 0; i < ent->keys.len; i++){
/* --- mkvno, keytype */
if(ent->keys.val[i].mkvno)
- asprintf(&p, ":%d:%d:",
+ snprintf(tmp, sizeof(tmp), ":%d:%d:",
*ent->keys.val[i].mkvno,
ent->keys.val[i].key.keytype);
else
- asprintf(&p, "::%d:",
+ snprintf(tmp, sizeof(tmp), "::%d:",
ent->keys.val[i].key.keytype);
- strlcat(buf, p, sizeof(buf));
- free(p);
+ strlcat(buf, tmp, sizeof(buf));
/* --- keydata */
append_hex(buf, &ent->keys.val[i].key.keyvalue);
strlcat(buf, ":", sizeof(buf));
/* --- salt */
if(ent->keys.val[i].salt){
- asprintf(&p, "%u/", ent->keys.val[i].salt->type);
- strlcat(buf, p, sizeof(buf));
- free(p);
+ snprintf(tmp, sizeof(tmp), "%u/", ent->keys.val[i].salt->type);
+ strlcat(buf, tmp, sizeof(buf));
append_hex(buf, &ent->keys.val[i].salt->salt);
}else
strlcat(buf, "-", sizeof(buf));
@@ -196,28 +199,25 @@ hdb_entry2string(krb5_context context, hdb_entry *ent, char **str)
/* --- max life */
if(ent->max_life){
- asprintf(&p, "%d", *ent->max_life);
- strlcat(buf, p, sizeof(buf));
- free(p);
+ snprintf(tmp, sizeof(tmp), "%d", *ent->max_life);
+ strlcat(buf, tmp, sizeof(buf));
}else
strlcat(buf, "-", sizeof(buf));
strlcat(buf, " ", sizeof(buf));
/* --- max renewable life */
if(ent->max_renew){
- asprintf(&p, "%d", *ent->max_renew);
- strlcat(buf, p, sizeof(buf));
- free(p);
+ snprintf(tmp, sizeof(tmp), "%d", *ent->max_renew);
+ strlcat(buf, tmp, sizeof(buf));
}else
strlcat(buf, "-", sizeof(buf));
strlcat(buf, " ", sizeof(buf));
/* --- flags */
- asprintf(&p, "%d", HDBFlags2int(ent->flags));
- strlcat(buf, p, sizeof(buf));
- free(p);
-
+ snprintf(tmp, sizeof(tmp), "%d", HDBFlags2int(ent->flags));
+ strlcat(buf, tmp, sizeof(buf));
+
*str = strdup(buf);
return 0;
diff --git a/crypto/heimdal/lib/kadm5/ChangeLog b/crypto/heimdal/lib/kadm5/ChangeLog
index f5a6ee4907a1..0d2699de3e3f 100644
--- a/crypto/heimdal/lib/kadm5/ChangeLog
+++ b/crypto/heimdal/lib/kadm5/ChangeLog
@@ -1,3 +1,204 @@
+2001-01-30 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: bump versions
+
+2000-12-31 Assar Westerlund <assar@sics.se>
+
+ * init_s.c (*): handle krb5_init_context failure consistently
+ * init_c.c (init_context): handle krb5_init_context failure
+ consistently
+
+2000-12-11 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:2:0
+
+2000-11-16 Assar Westerlund <assar@sics.se>
+
+ * set_keys.c (make_keys): clean-up salting loop and try not to
+ leak memory
+
+ * ipropd_master.c (main): check for fd's being too large to select
+ on
+
+2000-08-16 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkadm5srv_la_LDFLAGS): bump version to 7:1:0
+
+2000-08-10 Assar Westerlund <assar@sics.se>
+
+ * acl.c (fetch_acl): fix wrong cases, use krb5_principal_match
+
+2000-08-07 Assar Westerlund <assar@sics.se>
+
+ * ipropd_master.c (main): ignore SIGPIPE
+
+2000-08-06 Assar Westerlund <assar@sics.se>
+
+ * ipropd_slave.c (receive_everything): make `fd' an int instead of
+ a pointer. From Derrick J Brashear <shadow@dementia.org>
+
+2000-08-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * admin.h: change void** to void*
+
+2000-07-25 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: bump versions to 7:0:0 and 6:0:2
+
+2000-07-24 Assar Westerlund <assar@sics.se>
+
+ * log.c (kadm5_log_get_version): rename kadm5_log_get_version_fd
+ and make a new that takes a context
+ (kadm5_log_nop): add logging of missing lengths
+ (kadm5_log_truncate): new function
+
+ * dump_log.c (print_entry): update and correct
+ * randkey_s.c: call _kadm5_bump_pw_expire
+ * truncate_log.c: new program for truncating the log
+ * Makefile.am (sbin_PROGRAMS): add truncate_log
+ (C_SOURCES): add bump_pw_expire.c
+ * bump_pw_expire.c: new function for extending password expiration
+
+2000-07-22 Assar Westerlund <assar@sics.se>
+
+ * keys.c: new file with _kadm5_free_keys, _kadm5_init_keys
+
+ * set_keys.c (free_keys, init_keys): elevate to internal kadm5
+ functions
+
+ * chpass_s.c (kadm5_s_chpass_principal_cond): new function
+ * Makefile.am (C_SOURCES): add keys.c
+ * init_c.c: remove unused variable and handle some parameters
+ being NULL
+
+2000-07-22 Johan Danielsson <joda@pdc.kth.se>
+
+ * ipropd_slave.c: use krb5_read_priv_message
+
+ * ipropd_master.c: use krb5_{read,write}_priv_message
+
+ * init_c.c: use krb5_write_priv_message
+
+2000-07-11 Johan Danielsson <joda@pdc.kth.se>
+
+ * ipropd_slave.c: no need to call gethostname, since
+ sname_to_principal will
+
+ * send_recv.c: assert that we have a connected socket
+
+ * get_princs_c.c: call _kadm5_connect
+
+ * rename_c.c: call _kadm5_connect
+
+ * randkey_c.c: call _kadm5_connect
+
+ * privs_c.c: call _kadm5_connect
+
+ * modify_c.c: call _kadm5_connect
+
+ * get_c.c: call _kadm5_connect
+
+ * delete_c.c: call _kadm5_connect
+
+ * create_c.c: call _kadm5_connect
+
+ * chpass_c.c: call _kadm5_connect
+
+ * private.h: add more fields to client context; remove prototypes
+
+ * admin.h: remove prototypes
+
+ * kadm5-protos.h: move public prototypes here
+
+ * kadm5-private.h: move private prototypes here
+
+ * init_c.c: break out connection code to separate function, and
+ defer calling it until we actually do something
+
+2000-07-07 Assar Westerlund <assar@sics.se>
+
+ * set_keys.c (make_keys): also support `[kadmin]use_v4_salt' for
+ backwards compatability
+
+2000-06-26 Johan Danielsson <joda@pdc.kth.se>
+
+ * set_keys.c (_kadm5_set_keys): rewrite this to be more easily
+ adaptable to different salts
+
+2000-06-19 Johan Danielsson <joda@pdc.kth.se>
+
+ * get_s.c: pa_* -> KRB5_PADATA_*
+
+2000-06-16 Assar Westerlund <assar@sics.se>
+
+ * ipropd_slave.c: change default keytab to default keytab (as in
+ typically FILE:/etc/krb5.keytab)
+
+2000-06-08 Assar Westerlund <assar@sics.se>
+
+ * ipropd_slave.c: bug fixes, for actually writing the full dump to
+ the database. based on a patch from Love <lha@stacken.kth.se>
+
+2000-06-07 Assar Westerlund <assar@sics.se>
+
+ * acl.c: add support for patterns of principals
+ * log.c (kadm5_log_replay_create): handle more NULL pointers
+ (should they really happen?)
+ * log.c (kadm5_log_replay_modify): handle max_life == NULL and
+ max_renew == NULL
+
+ * ipropd_master.c: use syslog. be less verbose
+ * ipropd_slave.c: use syslog
+
+2000-06-05 Assar Westerlund <assar@sics.se>
+
+ * private.h (kadm_ops): add kadm_nop more prototypes
+ * log.c (kadm5_log_set_version, kadm5_log_reinit, kadm5_log_nop,
+ kadm5_log_replay_nop): add
+ * ipropd_slave.c: and some more improvements
+ * ipropd_master.c: lots of improvements
+ * iprop.h (IPROP_PORT, IPROP_SERVICE): add
+ (iprop_cmd): add new commands
+
+ * dump_log.c: add nop
+
+2000-05-15 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 5:1:1
+
+2000-05-12 Assar Westerlund <assar@sics.se>
+
+ * get_s.c (kadm5_s_get_principal): set life, rlife to INT_MAX as a
+ fallback. handle not having any creator.
+ * destroy_s.c (kadm5_s_destroy): free all allocated memory
+ * context_s.c (set_field): free variable if it's already set
+ (find_db_spec): malloc space for all strings
+
+2000-04-05 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (LDADD): add LIB_openldap
+
+2000-04-03 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkadm5srv_la_LDFLAGS): set version to 6:0:1
+ (libkadm5clnt_la_LDFLAGS): set version to 5:0:1
+
+2000-03-24 Assar Westerlund <assar@sics.se>
+
+ * set_keys.c (_kadm5_set_keys2): rewrite
+ (_kadm5_set_keys3): add
+
+ * private.h (struct kadm_func): add chpass_principal_with_key
+ * init_c.c (set_funcs): add chpass_principal_with_key
+
+2000-03-23 Assar Westerlund <assar@sics.se>
+
+ * context_s.c (set_funcs): add chpass_principal_with_key
+ * common_glue.c (kadm5_chpass_principal_with_key): add
+ * chpass_s.c: comment-ize and change calling convention for
+ _kadm5_set_keys*
+ * chpass_c.c (kadm5_c_chpass_principal_with_key): add
+
2000-02-07 Assar Westerlund <assar@sics.se>
* Makefile.am (libkadm5clnt_la_LDFLAGS): set version to 4:2:0
diff --git a/crypto/heimdal/lib/kadm5/Makefile.am b/crypto/heimdal/lib/kadm5/Makefile.am
index 89399d45a49f..d554b18fb482 100644
--- a/crypto/heimdal/lib/kadm5/Makefile.am
+++ b/crypto/heimdal/lib/kadm5/Makefile.am
@@ -1,18 +1,19 @@
-# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $
+# $Id: Makefile.am,v 1.44 2001/01/30 01:56:00 assar Exp $
include $(top_srcdir)/Makefile.am.common
lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la
-libkadm5srv_la_LDFLAGS = -version-info 5:1:0
-libkadm5clnt_la_LDFLAGS = -version-info 4:2:0
-sbin_PROGRAMS = dump_log replay_log
+libkadm5srv_la_LDFLAGS = -version-info 7:3:0
+libkadm5clnt_la_LDFLAGS = -version-info 6:1:2
+sbin_PROGRAMS = dump_log replay_log truncate_log
libexec_PROGRAMS = ipropd-master ipropd-slave
kadm5includedir = $(includedir)/kadm5
buildkadm5include = $(buildinclude)/kadm5
-kadm5include_HEADERS = kadm5_err.h admin.h private.h
+kadm5include_HEADERS = kadm5_err.h admin.h private.h \
+ kadm5-protos.h kadm5-private.h
install-build-headers:: $(kadm5include_HEADERS)
@foo='$(kadm5include_HEADERS)'; \
@@ -27,55 +28,57 @@ install-build-headers:: $(kadm5include_HEADERS)
fi ; \
done
-C_SOURCES = \
- admin.h \
- chpass_c.c \
- common_glue.c \
- create_c.c \
- delete_c.c \
- destroy_c.c \
- flush_c.c \
- free.c \
- get_c.c \
- get_princs_c.c \
- init_c.c \
- kadm5_err.c \
- kadm5_locl.h \
- marshall.c \
- modify_c.c \
- private.h \
- privs_c.c \
- randkey_c.c \
- rename_c.c \
+C_SOURCES = \
+ admin.h \
+ chpass_c.c \
+ common_glue.c \
+ create_c.c \
+ delete_c.c \
+ destroy_c.c \
+ flush_c.c \
+ free.c \
+ get_c.c \
+ get_princs_c.c \
+ init_c.c \
+ kadm5_err.c \
+ kadm5_locl.h \
+ marshall.c \
+ modify_c.c \
+ private.h \
+ privs_c.c \
+ randkey_c.c \
+ rename_c.c \
send_recv.c
-S_SOURCES = \
- acl.c \
- admin.h \
- chpass_s.c \
- common_glue.c \
- context_s.c \
- create_s.c \
- delete_s.c \
- destroy_s.c \
- ent_setup.c \
- error.c \
- flush_s.c \
- free.c \
- get_princs_s.c \
- get_s.c \
- init_s.c \
- kadm5_err.c \
- kadm5_locl.h \
- log.c \
- marshall.c \
- modify_s.c \
- private.h \
- privs_s.c \
- randkey_s.c \
- rename_s.c \
- set_keys.c \
- set_modifier.c \
+S_SOURCES = \
+ acl.c \
+ admin.h \
+ bump_pw_expire.c \
+ chpass_s.c \
+ common_glue.c \
+ context_s.c \
+ create_s.c \
+ delete_s.c \
+ destroy_s.c \
+ ent_setup.c \
+ error.c \
+ flush_s.c \
+ free.c \
+ get_princs_s.c \
+ get_s.c \
+ init_s.c \
+ kadm5_err.c \
+ kadm5_locl.h \
+ keys.c \
+ log.c \
+ marshall.c \
+ modify_s.c \
+ private.h \
+ privs_s.c \
+ randkey_s.c \
+ rename_s.c \
+ set_keys.c \
+ set_modifier.c \
password_quality.c
libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c
@@ -89,12 +92,15 @@ ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h
ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h
+truncate_log_SOURCES = truncate_log.c
+
LDADD = \
libkadm5srv.la \
$(top_builddir)/lib/hdb/libhdb.la \
+ $(LIB_openldap) \
$(top_builddir)/lib/krb5/libkrb5.la \
$(top_builddir)/lib/asn1/libasn1.la \
- $(top_builddir)/lib/des/libdes.la \
+ $(LIB_des) \
$(LIB_roken) \
$(DBLIB) \
$(LIB_dlopen)
diff --git a/crypto/heimdal/lib/kadm5/Makefile.in b/crypto/heimdal/lib/kadm5/Makefile.in
index 233ef9db9866..a281b23694c0 100644
--- a/crypto/heimdal/lib/kadm5/Makefile.in
+++ b/crypto/heimdal/lib/kadm5/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.33 2000/02/07 03:37:27 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.44 2001/01/30 01:56:00 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,43 +170,90 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
lib_LTLIBRARIES = libkadm5srv.la libkadm5clnt.la
-libkadm5srv_la_LDFLAGS = -version-info 5:1:0
-libkadm5clnt_la_LDFLAGS = -version-info 4:2:0
-sbin_PROGRAMS = dump_log replay_log
+libkadm5srv_la_LDFLAGS = -version-info 7:3:0
+libkadm5clnt_la_LDFLAGS = -version-info 6:1:2
+sbin_PROGRAMS = dump_log replay_log truncate_log
libexec_PROGRAMS = ipropd-master ipropd-slave
kadm5includedir = $(includedir)/kadm5
buildkadm5include = $(buildinclude)/kadm5
-kadm5include_HEADERS = kadm5_err.h admin.h private.h
-
-C_SOURCES = admin.h chpass_c.c common_glue.c create_c.c delete_c.c destroy_c.c flush_c.c free.c get_c.c get_princs_c.c init_c.c kadm5_err.c kadm5_locl.h marshall.c modify_c.c private.h privs_c.c randkey_c.c rename_c.c send_recv.c
-
-
-S_SOURCES = acl.c admin.h chpass_s.c common_glue.c context_s.c create_s.c delete_s.c destroy_s.c ent_setup.c error.c flush_s.c free.c get_princs_s.c get_s.c init_s.c kadm5_err.c kadm5_locl.h log.c marshall.c modify_s.c private.h privs_s.c randkey_s.c rename_s.c set_keys.c set_modifier.c password_quality.c
+kadm5include_HEADERS = kadm5_err.h admin.h private.h \
+ kadm5-protos.h kadm5-private.h
+
+
+C_SOURCES = \
+ admin.h \
+ chpass_c.c \
+ common_glue.c \
+ create_c.c \
+ delete_c.c \
+ destroy_c.c \
+ flush_c.c \
+ free.c \
+ get_c.c \
+ get_princs_c.c \
+ init_c.c \
+ kadm5_err.c \
+ kadm5_locl.h \
+ marshall.c \
+ modify_c.c \
+ private.h \
+ privs_c.c \
+ randkey_c.c \
+ rename_c.c \
+ send_recv.c
+
+
+S_SOURCES = \
+ acl.c \
+ admin.h \
+ bump_pw_expire.c \
+ chpass_s.c \
+ common_glue.c \
+ context_s.c \
+ create_s.c \
+ delete_s.c \
+ destroy_s.c \
+ ent_setup.c \
+ error.c \
+ flush_s.c \
+ free.c \
+ get_princs_s.c \
+ get_s.c \
+ init_s.c \
+ kadm5_err.c \
+ kadm5_locl.h \
+ keys.c \
+ log.c \
+ marshall.c \
+ modify_s.c \
+ private.h \
+ privs_s.c \
+ randkey_s.c \
+ rename_s.c \
+ set_keys.c \
+ set_modifier.c \
+ password_quality.c
libkadm5srv_la_SOURCES = $(S_SOURCES) server_glue.c
@@ -202,10 +267,22 @@ ipropd_master_SOURCES = ipropd_master.c iprop.h kadm5_locl.h
ipropd_slave_SOURCES = ipropd_slave.c iprop.h kadm5_locl.h
-LDADD = libkadm5srv.la $(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la $(LIB_roken) $(DBLIB) $(LIB_dlopen)
+truncate_log_SOURCES = truncate_log.c
+
+LDADD = \
+ libkadm5srv.la \
+ $(top_builddir)/lib/hdb/libhdb.la \
+ $(LIB_openldap) \
+ $(top_builddir)/lib/krb5/libkrb5.la \
+ $(top_builddir)/lib/asn1/libasn1.la \
+ $(LIB_des) \
+ $(LIB_roken) \
+ $(DBLIB) \
+ $(LIB_dlopen)
CLEANFILES = kadm5_err.c kadm5_err.h
+subdir = lib/kadm5
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -215,70 +292,87 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
-libkadm5srv_la_LIBADD =
-libkadm5srv_la_OBJECTS = acl.lo chpass_s.lo common_glue.lo context_s.lo \
-create_s.lo delete_s.lo destroy_s.lo ent_setup.lo error.lo flush_s.lo \
-free.lo get_princs_s.lo get_s.lo init_s.lo kadm5_err.lo log.lo \
-marshall.lo modify_s.lo privs_s.lo randkey_s.lo rename_s.lo set_keys.lo \
-set_modifier.lo password_quality.lo server_glue.lo
libkadm5clnt_la_LIBADD =
-libkadm5clnt_la_OBJECTS = chpass_c.lo common_glue.lo create_c.lo \
+am_libkadm5clnt_la_OBJECTS = chpass_c.lo common_glue.lo create_c.lo \
delete_c.lo destroy_c.lo flush_c.lo free.lo get_c.lo get_princs_c.lo \
init_c.lo kadm5_err.lo marshall.lo modify_c.lo privs_c.lo randkey_c.lo \
rename_c.lo send_recv.lo client_glue.lo
+libkadm5clnt_la_OBJECTS = $(am_libkadm5clnt_la_OBJECTS)
+libkadm5srv_la_LIBADD =
+am_libkadm5srv_la_OBJECTS = acl.lo bump_pw_expire.lo chpass_s.lo \
+common_glue.lo context_s.lo create_s.lo delete_s.lo destroy_s.lo \
+ent_setup.lo error.lo flush_s.lo free.lo get_princs_s.lo get_s.lo \
+init_s.lo kadm5_err.lo keys.lo log.lo marshall.lo modify_s.lo \
+privs_s.lo randkey_s.lo rename_s.lo set_keys.lo set_modifier.lo \
+password_quality.lo server_glue.lo
+libkadm5srv_la_OBJECTS = $(am_libkadm5srv_la_OBJECTS)
libexec_PROGRAMS = ipropd-master$(EXEEXT) ipropd-slave$(EXEEXT)
-sbin_PROGRAMS = dump_log$(EXEEXT) replay_log$(EXEEXT)
+sbin_PROGRAMS = dump_log$(EXEEXT) replay_log$(EXEEXT) \
+truncate_log$(EXEEXT)
PROGRAMS = $(libexec_PROGRAMS) $(sbin_PROGRAMS)
-ipropd_master_OBJECTS = ipropd_master.$(OBJEXT)
+am_dump_log_OBJECTS = dump_log.$(OBJEXT)
+dump_log_OBJECTS = $(am_dump_log_OBJECTS)
+dump_log_LDADD = $(LDADD)
+dump_log_DEPENDENCIES = libkadm5srv.la \
+$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
+dump_log_LDFLAGS =
+am_ipropd_master_OBJECTS = ipropd_master.$(OBJEXT)
+ipropd_master_OBJECTS = $(am_ipropd_master_OBJECTS)
ipropd_master_LDADD = $(LDADD)
ipropd_master_DEPENDENCIES = libkadm5srv.la \
$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \
-$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la
+$(top_builddir)/lib/asn1/libasn1.la
ipropd_master_LDFLAGS =
-ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT)
+am_ipropd_slave_OBJECTS = ipropd_slave.$(OBJEXT)
+ipropd_slave_OBJECTS = $(am_ipropd_slave_OBJECTS)
ipropd_slave_LDADD = $(LDADD)
ipropd_slave_DEPENDENCIES = libkadm5srv.la \
$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \
-$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la
+$(top_builddir)/lib/asn1/libasn1.la
ipropd_slave_LDFLAGS =
-dump_log_OBJECTS = dump_log.$(OBJEXT)
-dump_log_LDADD = $(LDADD)
-dump_log_DEPENDENCIES = libkadm5srv.la \
-$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \
-$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la
-dump_log_LDFLAGS =
-replay_log_OBJECTS = replay_log.$(OBJEXT)
+am_replay_log_OBJECTS = replay_log.$(OBJEXT)
+replay_log_OBJECTS = $(am_replay_log_OBJECTS)
replay_log_LDADD = $(LDADD)
replay_log_DEPENDENCIES = libkadm5srv.la \
$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \
-$(top_builddir)/lib/asn1/libasn1.la $(top_builddir)/lib/des/libdes.la
+$(top_builddir)/lib/asn1/libasn1.la
replay_log_LDFLAGS =
-CFLAGS = @CFLAGS@
+am_truncate_log_OBJECTS = truncate_log.$(OBJEXT)
+truncate_log_OBJECTS = $(am_truncate_log_OBJECTS)
+truncate_log_LDADD = $(LDADD)
+truncate_log_DEPENDENCIES = libkadm5srv.la \
+$(top_builddir)/lib/hdb/libhdb.la $(top_builddir)/lib/krb5/libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
+truncate_log_LDFLAGS =
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libkadm5clnt_la_SOURCES) $(libkadm5srv_la_SOURCES) \
+$(dump_log_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) \
+$(replay_log_SOURCES) $(truncate_log_SOURCES)
HEADERS = $(kadm5include_HEADERS)
-DIST_COMMON = ChangeLog Makefile.am Makefile.in
+depcomp =
+DIST_COMMON = $(kadm5include_HEADERS) ChangeLog Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
-SOURCES = $(libkadm5srv_la_SOURCES) $(libkadm5clnt_la_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) $(dump_log_SOURCES) $(replay_log_SOURCES)
-OBJECTS = $(libkadm5srv_la_OBJECTS) $(libkadm5clnt_la_OBJECTS) $(ipropd_master_OBJECTS) $(ipropd_slave_OBJECTS) $(dump_log_OBJECTS) $(replay_log_OBJECTS)
+SOURCES = $(libkadm5clnt_la_SOURCES) $(libkadm5srv_la_SOURCES) $(dump_log_SOURCES) $(ipropd_master_SOURCES) $(ipropd_slave_SOURCES) $(replay_log_SOURCES) $(truncate_log_SOURCES)
+OBJECTS = $(am_libkadm5clnt_la_OBJECTS) $(am_libkadm5srv_la_OBJECTS) $(am_dump_log_OBJECTS) $(am_ipropd_master_OBJECTS) $(am_ipropd_slave_OBJECTS) $(am_replay_log_OBJECTS) $(am_truncate_log_OBJECTS)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kadm5/Makefile
@@ -301,31 +395,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -337,15 +418,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -356,12 +428,12 @@ distclean-libtool:
maintainer-clean-libtool:
-libkadm5srv.la: $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_DEPENDENCIES)
- $(LINK) -rpath $(libdir) $(libkadm5srv_la_LDFLAGS) $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_LIBADD) $(LIBS)
-
libkadm5clnt.la: $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_DEPENDENCIES)
$(LINK) -rpath $(libdir) $(libkadm5clnt_la_LDFLAGS) $(libkadm5clnt_la_OBJECTS) $(libkadm5clnt_la_LIBADD) $(LIBS)
+libkadm5srv.la: $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_DEPENDENCIES)
+ $(LINK) -rpath $(libdir) $(libkadm5srv_la_LDFLAGS) $(libkadm5srv_la_OBJECTS) $(libkadm5srv_la_LIBADD) $(LIBS)
+
mostlyclean-libexecPROGRAMS:
clean-libexecPROGRAMS:
@@ -376,15 +448,18 @@ install-libexecPROGRAMS: $(libexec_PROGRAMS)
$(mkinstalldirs) $(DESTDIR)$(libexecdir)
@list='$(libexec_PROGRAMS)'; for p in $$list; do \
if test -f $$p; then \
- echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \
- $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f"; \
+ $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libexecdir)/$$f; \
else :; fi; \
done
uninstall-libexecPROGRAMS:
@$(NORMAL_UNINSTALL)
- list='$(libexec_PROGRAMS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(libexecdir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+ @list='$(libexec_PROGRAMS)'; for p in $$list; do \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " rm -f $(DESTDIR)$(libexecdir)/$$f"; \
+ rm -f $(DESTDIR)$(libexecdir)/$$f; \
done
mostlyclean-sbinPROGRAMS:
@@ -401,17 +476,24 @@ install-sbinPROGRAMS: $(sbin_PROGRAMS)
$(mkinstalldirs) $(DESTDIR)$(sbindir)
@list='$(sbin_PROGRAMS)'; for p in $$list; do \
if test -f $$p; then \
- echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \
- $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(sbindir)/$$f"; \
+ $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(sbindir)/$$f; \
else :; fi; \
done
uninstall-sbinPROGRAMS:
@$(NORMAL_UNINSTALL)
- list='$(sbin_PROGRAMS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(sbindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+ @list='$(sbin_PROGRAMS)'; for p in $$list; do \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " rm -f $(DESTDIR)$(sbindir)/$$f"; \
+ rm -f $(DESTDIR)$(sbindir)/$$f; \
done
+dump_log$(EXEEXT): $(dump_log_OBJECTS) $(dump_log_DEPENDENCIES)
+ @rm -f dump_log$(EXEEXT)
+ $(LINK) $(dump_log_LDFLAGS) $(dump_log_OBJECTS) $(dump_log_LDADD) $(LIBS)
+
ipropd-master$(EXEEXT): $(ipropd_master_OBJECTS) $(ipropd_master_DEPENDENCIES)
@rm -f ipropd-master$(EXEEXT)
$(LINK) $(ipropd_master_LDFLAGS) $(ipropd_master_OBJECTS) $(ipropd_master_LDADD) $(LIBS)
@@ -420,48 +502,61 @@ ipropd-slave$(EXEEXT): $(ipropd_slave_OBJECTS) $(ipropd_slave_DEPENDENCIES)
@rm -f ipropd-slave$(EXEEXT)
$(LINK) $(ipropd_slave_LDFLAGS) $(ipropd_slave_OBJECTS) $(ipropd_slave_LDADD) $(LIBS)
-dump_log$(EXEEXT): $(dump_log_OBJECTS) $(dump_log_DEPENDENCIES)
- @rm -f dump_log$(EXEEXT)
- $(LINK) $(dump_log_LDFLAGS) $(dump_log_OBJECTS) $(dump_log_LDADD) $(LIBS)
-
replay_log$(EXEEXT): $(replay_log_OBJECTS) $(replay_log_DEPENDENCIES)
@rm -f replay_log$(EXEEXT)
$(LINK) $(replay_log_LDFLAGS) $(replay_log_OBJECTS) $(replay_log_LDADD) $(LIBS)
+truncate_log$(EXEEXT): $(truncate_log_OBJECTS) $(truncate_log_DEPENDENCIES)
+ @rm -f truncate_log$(EXEEXT)
+ $(LINK) $(truncate_log_LDFLAGS) $(truncate_log_OBJECTS) $(truncate_log_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
+
install-kadm5includeHEADERS: $(kadm5include_HEADERS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(kadm5includedir)
@list='$(kadm5include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(kadm5includedir)/$$f; \
done
uninstall-kadm5includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(kadm5include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(kadm5includedir)/$$p; \
+ @list='$(kadm5include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(kadm5includedir)/$$f"; \
+ rm -f $(DESTDIR)$(kadm5includedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -474,17 +569,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/kadm5
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -515,7 +609,7 @@ uninstall: uninstall-am
all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(libexecdir) \
$(DESTDIR)$(sbindir) $(DESTDIR)$(kadm5includedir)
@@ -531,6 +625,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-libexecPROGRAMS \
mostlyclean-sbinPROGRAMS mostlyclean-tags \
@@ -578,8 +673,9 @@ clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \
check-local check check-am installcheck-am installcheck install-exec-am \
install-exec install-data-local install-data-am install-data install-am \
install uninstall-am uninstall all-local all-redirect all-am all \
-installdirs mostlyclean-generic distclean-generic clean-generic \
-maintainer-clean-generic clean mostlyclean distclean maintainer-clean
+install-strip installdirs mostlyclean-generic distclean-generic \
+clean-generic maintainer-clean-generic clean mostlyclean distclean \
+maintainer-clean
install-suid-programs:
@@ -587,7 +683,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -599,8 +698,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -669,87 +768,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/kadm5/acl.c b/crypto/heimdal/lib/kadm5/acl.c
index 3f42c60d7739..c9631713d789 100644
--- a/crypto/heimdal/lib/kadm5/acl.c
+++ b/crypto/heimdal/lib/kadm5/acl.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: acl.c,v 1.10 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: acl.c,v 1.12 2000/08/10 19:24:08 assar Exp $");
static struct units acl_units[] = {
{ "all", KADM5_PRIV_ALL },
@@ -68,58 +68,112 @@ _kadm5_privs_to_string(u_int32_t privs, char *string, size_t len)
return 0;
}
-kadm5_ret_t
-_kadm5_acl_init(kadm5_server_context *context)
+/*
+ * retrieve the right for the current caller on `princ' (NULL means all)
+ * and store them in `ret_flags'
+ * return 0 or an error.
+ */
+
+static kadm5_ret_t
+fetch_acl (kadm5_server_context *context,
+ krb5_const_principal princ,
+ unsigned *ret_flags)
{
- FILE *f;
- char buf[128];
- krb5_principal princ;
- int flags;
- krb5_error_code ret;
-
- krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ);
- ret = krb5_principal_compare(context->context, context->caller, princ);
- krb5_free_principal(context->context, princ);
- if(ret != 0){
- context->acl_flags = KADM5_PRIV_ALL;
- return 0;
- }
+ unsigned flags = -1;
+ FILE *f = fopen(context->config.acl_file, "r");
+ krb5_error_code ret = 0;
+
+ if(f != NULL) {
+ char buf[256];
- flags = -1;
- f = fopen(context->config.acl_file, "r");
- if(f){
- while(fgets(buf, sizeof(buf), f)){
+ while(fgets(buf, sizeof(buf), f) != NULL){
char *foo = NULL, *p;
+ krb5_principal this_princ;
+
+ flags = -1;
p = strtok_r(buf, " \t\n", &foo);
if(p == NULL)
continue;
- ret = krb5_parse_name(context->context, p, &princ);
+ ret = krb5_parse_name(context->context, p, &this_princ);
if(ret)
continue;
if(!krb5_principal_compare(context->context,
- context->caller, princ)){
- krb5_free_principal(context->context, princ);
+ context->caller, this_princ)) {
+ krb5_free_principal(context->context, this_princ);
continue;
}
- krb5_free_principal(context->context, princ);
- p = strtok_r(NULL, "\n", &foo);
+ krb5_free_principal(context->context, this_princ);
+ p = strtok_r(NULL, " \t\n", &foo);
if(p == NULL)
continue;
ret = _kadm5_string_to_privs(p, &flags);
- break;
+ if (ret)
+ break;
+ p = strtok_r(NULL, "\n", &foo);
+ if (p == NULL) {
+ ret = 0;
+ break;
+ }
+ if (princ != NULL) {
+ krb5_principal pattern_princ;
+ krb5_boolean tmp;
+
+ ret = krb5_parse_name (context->context, p, &pattern_princ);
+ if (ret)
+ break;
+ tmp = krb5_principal_match (context->context,
+ princ, pattern_princ);
+ krb5_free_principal (context->context, pattern_princ);
+ if (tmp) {
+ ret = 0;
+ break;
+ }
+ }
}
fclose(f);
}
if(flags == -1)
flags = 0;
- context->acl_flags = flags;
- return 0;
+ if (ret == 0)
+ *ret_flags = flags;
+ return ret;
}
+/*
+ * set global acl flags in `context' for the current caller.
+ * return 0 on success or an error
+ */
+
kadm5_ret_t
-_kadm5_acl_check_permission(kadm5_server_context *context, unsigned op)
+_kadm5_acl_init(kadm5_server_context *context)
{
- unsigned res = ~context->acl_flags & op;
+ krb5_principal princ;
+ krb5_error_code ret;
+
+ ret = krb5_parse_name(context->context, KADM5_ADMIN_SERVICE, &princ);
+ if (ret)
+ return ret;
+ ret = krb5_principal_compare(context->context, context->caller, princ);
+ krb5_free_principal(context->context, princ);
+ if(ret != 0) {
+ context->acl_flags = KADM5_PRIV_ALL;
+ return 0;
+ }
+
+ return fetch_acl (context, NULL, &context->acl_flags);
+}
+
+/*
+ * check if `flags' allows `op'
+ * return 0 if OK or an error
+ */
+
+static kadm5_ret_t
+check_flags (unsigned op,
+ unsigned flags)
+{
+ unsigned res = ~flags & op;
+
if(res & KADM5_PRIV_GET)
return KADM5_AUTH_GET;
if(res & KADM5_PRIV_ADD)
@@ -136,3 +190,26 @@ _kadm5_acl_check_permission(kadm5_server_context *context, unsigned op)
return KADM5_AUTH_INSUFFICIENT;
return 0;
}
+
+/*
+ * return 0 if the current caller in `context' is allowed to perform
+ * `op' on `princ' and otherwise an error
+ * princ == NULL if it's not relevant.
+ */
+
+kadm5_ret_t
+_kadm5_acl_check_permission(kadm5_server_context *context,
+ unsigned op,
+ krb5_const_principal princ)
+{
+ kadm5_ret_t ret;
+ unsigned princ_flags;
+
+ ret = check_flags (op, context->acl_flags);
+ if (ret == 0)
+ return ret;
+ ret = fetch_acl (context, princ, &princ_flags);
+ if (ret)
+ return ret;
+ return check_flags (op, princ_flags);
+}
diff --git a/crypto/heimdal/lib/kadm5/admin.h b/crypto/heimdal/lib/kadm5/admin.h
index 6cb08a373963..d9bd85f9638e 100644
--- a/crypto/heimdal/lib/kadm5/admin.h
+++ b/crypto/heimdal/lib/kadm5/admin.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
-/* $Id: admin.h,v 1.15 1999/12/02 17:05:05 joda Exp $ */
+/* $Id: admin.h,v 1.18 2000/08/04 11:26:21 joda Exp $ */
#ifndef __KADM5_ADMIN_H__
#define __KADM5_ADMIN_H__
@@ -105,14 +105,14 @@ typedef struct _krb5_key_data {
int16_t key_data_kvno; /* Key Version */
int16_t key_data_type[2]; /* Array of types */
int16_t key_data_length[2]; /* Array of lengths */
- void** key_data_contents[2];/* Array of pointers */
+ void* key_data_contents[2];/* Array of pointers */
} krb5_key_data;
typedef struct _krb5_tl_data {
struct _krb5_tl_data* tl_data_next;
int16_t tl_data_type;
int16_t tl_data_length;
- void **tl_data_contents;
+ void* tl_data_contents;
} krb5_tl_data;
typedef struct _kadm5_principal_ent_t {
@@ -204,462 +204,7 @@ typedef struct _kadm5_config_params {
typedef krb5_error_code kadm5_ret_t;
-kadm5_ret_t
-kadm5_c_chpass_principal __P((
- void *server_handle,
- krb5_principal princ,
- char *password));
-
-kadm5_ret_t
-kadm5_c_create_principal __P((
- void *server_handle,
- kadm5_principal_ent_t princ,
- u_int32_t mask,
- char *password));
-
-kadm5_ret_t
-kadm5_c_delete_principal __P((
- void *server_handle,
- krb5_principal princ));
-
-kadm5_ret_t
-kadm5_c_destroy __P((void *server_handle));
-
-kadm5_ret_t
-kadm5_c_flush __P((void *server_handle));
-
-kadm5_ret_t
-kadm5_c_get_principal __P((
- void *server_handle,
- krb5_principal princ,
- kadm5_principal_ent_t out,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_c_get_principals __P((
- void *server_handle,
- const char *exp,
- char ***princs,
- int *count));
-
-kadm5_ret_t
-kadm5_c_get_privs __P((
- void *server_handle,
- u_int32_t *privs));
-
-kadm5_ret_t
-kadm5_c_init_with_creds __P((
- const char *client_name,
- krb5_ccache ccache,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_c_init_with_creds_ctx __P((
- krb5_context context,
- const char *client_name,
- krb5_ccache ccache,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_c_init_with_password __P((
- const char *client_name,
- const char *password,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_c_init_with_password_ctx __P((
- krb5_context context,
- const char *client_name,
- const char *password,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_c_init_with_skey __P((
- const char *client_name,
- const char *keytab,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_c_init_with_skey_ctx __P((
- krb5_context context,
- const char *client_name,
- const char *keytab,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_c_modify_principal __P((
- void *server_handle,
- kadm5_principal_ent_t princ,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_c_randkey_principal __P((
- void *server_handle,
- krb5_principal princ,
- krb5_keyblock **new_keys,
- int *n_keys));
-
-kadm5_ret_t
-kadm5_c_rename_principal __P((
- void *server_handle,
- krb5_principal source,
- krb5_principal target));
-
-kadm5_ret_t
-kadm5_chpass_principal __P((
- void *server_handle,
- krb5_principal princ,
- char *password));
-
-kadm5_ret_t
-kadm5_create_principal __P((
- void *server_handle,
- kadm5_principal_ent_t princ,
- u_int32_t mask,
- char *password));
-
-kadm5_ret_t
-kadm5_delete_principal __P((
- void *server_handle,
- krb5_principal princ));
-
-kadm5_ret_t
-kadm5_destroy __P((void *server_handle));
-
-kadm5_ret_t
-kadm5_flush __P((void *server_handle));
-
-void
-kadm5_free_key_data __P((
- void *server_handle,
- int16_t *n_key_data,
- krb5_key_data *key_data));
-
-void
-kadm5_free_name_list __P((
- void *server_handle,
- char **names,
- int *count));
-
-void
-kadm5_free_principal_ent __P((
- void *server_handle,
- kadm5_principal_ent_t princ));
-
-kadm5_ret_t
-kadm5_get_principal __P((
- void *server_handle,
- krb5_principal princ,
- kadm5_principal_ent_t out,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_get_principals __P((
- void *server_handle,
- const char *exp,
- char ***princs,
- int *count));
-
-kadm5_ret_t
-kadm5_get_privs __P((
- void *server_handle,
- u_int32_t *privs));
-
-kadm5_ret_t
-kadm5_init_with_creds __P((
- const char *client_name,
- krb5_ccache ccache,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_init_with_creds_ctx __P((
- krb5_context context,
- const char *client_name,
- krb5_ccache ccache,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_init_with_password __P((
- const char *client_name,
- const char *password,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_init_with_password_ctx __P((
- krb5_context context,
- const char *client_name,
- const char *password,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_init_with_skey __P((
- const char *client_name,
- const char *keytab,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_init_with_skey_ctx __P((
- krb5_context context,
- const char *client_name,
- const char *keytab,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_modify_principal __P((
- void *server_handle,
- kadm5_principal_ent_t princ,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_randkey_principal __P((
- void *server_handle,
- krb5_principal princ,
- krb5_keyblock **new_keys,
- int *n_keys));
-
-kadm5_ret_t
-kadm5_rename_principal __P((
- void *server_handle,
- krb5_principal source,
- krb5_principal target));
-
-kadm5_ret_t
-kadm5_ret_key_data __P((
- krb5_storage *sp,
- krb5_key_data *key));
-
-kadm5_ret_t
-kadm5_ret_principal_ent __P((
- krb5_storage *sp,
- kadm5_principal_ent_t princ));
-
-kadm5_ret_t
-kadm5_ret_principal_ent_mask __P((
- krb5_storage *sp,
- kadm5_principal_ent_t princ,
- u_int32_t *mask));
-
-kadm5_ret_t
-kadm5_ret_tl_data __P((
- krb5_storage *sp,
- krb5_tl_data *tl));
-
-kadm5_ret_t
-kadm5_s_chpass_principal __P((
- void *server_handle,
- krb5_principal princ,
- char *password));
-
-kadm5_ret_t
-kadm5_s_chpass_principal_with_key __P((
- void *server_handle,
- krb5_principal princ,
- int n_key_data,
- krb5_key_data *key_data));
-
-kadm5_ret_t
-kadm5_s_create_principal __P((
- void *server_handle,
- kadm5_principal_ent_t princ,
- u_int32_t mask,
- char *password));
-
-kadm5_ret_t
-kadm5_s_create_principal_with_key __P((
- void *server_handle,
- kadm5_principal_ent_t princ,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_s_delete_principal __P((
- void *server_handle,
- krb5_principal princ));
-
-kadm5_ret_t
-kadm5_s_destroy __P((void *server_handle));
-
-kadm5_ret_t
-kadm5_s_flush __P((void *server_handle));
-
-kadm5_ret_t
-kadm5_s_get_principal __P((
- void *server_handle,
- krb5_principal princ,
- kadm5_principal_ent_t out,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_s_get_principals __P((
- void *server_handle,
- const char *exp,
- char ***princs,
- int *count));
-
-kadm5_ret_t
-kadm5_s_get_privs __P((
- void *server_handle,
- u_int32_t *privs));
-
-kadm5_ret_t
-kadm5_s_init_with_creds __P((
- const char *client_name,
- krb5_ccache ccache,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_s_init_with_creds_ctx __P((
- krb5_context context,
- const char *client_name,
- krb5_ccache ccache,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_s_init_with_password __P((
- const char *client_name,
- const char *password,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_s_init_with_password_ctx __P((
- krb5_context context,
- const char *client_name,
- const char *password,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_s_init_with_skey __P((
- const char *client_name,
- const char *keytab,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_s_init_with_skey_ctx __P((
- krb5_context context,
- const char *client_name,
- const char *keytab,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle));
-
-kadm5_ret_t
-kadm5_s_modify_principal __P((
- void *server_handle,
- kadm5_principal_ent_t princ,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_s_randkey_principal __P((
- void *server_handle,
- krb5_principal princ,
- krb5_keyblock **new_keys,
- int *n_keys));
-
-kadm5_ret_t
-kadm5_s_rename_principal __P((
- void *server_handle,
- krb5_principal source,
- krb5_principal target));
-
-kadm5_ret_t
-kadm5_store_key_data __P((
- krb5_storage *sp,
- krb5_key_data *key));
-
-kadm5_ret_t
-kadm5_store_principal_ent __P((
- krb5_storage *sp,
- kadm5_principal_ent_t princ));
-
-kadm5_ret_t
-kadm5_store_principal_ent_mask __P((
- krb5_storage *sp,
- kadm5_principal_ent_t princ,
- u_int32_t mask));
-
-kadm5_ret_t
-kadm5_store_tl_data __P((
- krb5_storage *sp,
- krb5_tl_data *tl));
-
-void
-kadm5_setup_passwd_quality_check(krb5_context context,
- const char *check_library,
- const char *check_function);
-
-const char *
-kadm5_check_password_quality (krb5_context context,
- krb5_principal principal,
- krb5_data *pwd_data);
+#include "kadm5-protos.h"
#if 0
/* unimplemented functions */
diff --git a/crypto/heimdal/lib/kadm5/bump_pw_expire.c b/crypto/heimdal/lib/kadm5/bump_pw_expire.c
new file mode 100644
index 000000000000..a185c20daff2
--- /dev/null
+++ b/crypto/heimdal/lib/kadm5/bump_pw_expire.c
@@ -0,0 +1,59 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "kadm5_locl.h"
+
+RCSID("$Id: bump_pw_expire.c,v 1.1 2000/07/24 03:47:54 assar Exp $");
+
+/*
+ * extend password_expiration if it's defined
+ */
+
+kadm5_ret_t
+_kadm5_bump_pw_expire(kadm5_server_context *context,
+ hdb_entry *ent)
+{
+ if (ent->pw_end != NULL) {
+ time_t life;
+
+ life = krb5_config_get_time_default(context->context,
+ NULL,
+ 365 * 24 * 60 * 60,
+ "kadmin",
+ "password_lifetime",
+ NULL);
+
+ *(ent->pw_end) = time(NULL) + life;
+ }
+ return 0;
+}
diff --git a/crypto/heimdal/lib/kadm5/chpass_c.c b/crypto/heimdal/lib/kadm5/chpass_c.c
index aaec48f65d62..b06b8cd2a771 100644
--- a/crypto/heimdal/lib/kadm5/chpass_c.c
+++ b/crypto/heimdal/lib/kadm5/chpass_c.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: chpass_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: chpass_c.c,v 1.5 2000/07/11 15:59:14 joda Exp $");
kadm5_ret_t
kadm5_c_chpass_principal(void *server_handle,
@@ -47,6 +47,10 @@ kadm5_c_chpass_principal(void *server_handle,
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
@@ -68,3 +72,45 @@ kadm5_c_chpass_principal(void *server_handle,
krb5_data_free (&reply);
return tmp;
}
+
+kadm5_ret_t
+kadm5_c_chpass_principal_with_key(void *server_handle,
+ krb5_principal princ,
+ int n_key_data,
+ krb5_key_data *key_data)
+{
+ kadm5_client_context *context = server_handle;
+ kadm5_ret_t ret;
+ krb5_storage *sp;
+ unsigned char buf[1024];
+ int32_t tmp;
+ krb5_data reply;
+ int i;
+
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
+ sp = krb5_storage_from_mem(buf, sizeof(buf));
+ if (sp == NULL)
+ return ENOMEM;
+ krb5_store_int32(sp, kadm_chpass_with_key);
+ krb5_store_principal(sp, princ);
+ krb5_store_int32(sp, n_key_data);
+ for (i = 0; i < n_key_data; ++i)
+ kadm5_store_key_data (sp, &key_data[i]);
+ ret = _kadm5_client_send(context, sp);
+ krb5_storage_free(sp);
+ ret = _kadm5_client_recv(context, &reply);
+ if(ret)
+ return ret;
+ sp = krb5_storage_from_data (&reply);
+ if (sp == NULL) {
+ krb5_data_free (&reply);
+ return ENOMEM;
+ }
+ krb5_ret_int32(sp, &tmp);
+ krb5_storage_free(sp);
+ krb5_data_free (&reply);
+ return tmp;
+}
diff --git a/crypto/heimdal/lib/kadm5/chpass_s.c b/crypto/heimdal/lib/kadm5/chpass_s.c
index e915124e6e59..21334694573f 100644
--- a/crypto/heimdal/lib/kadm5/chpass_s.c
+++ b/crypto/heimdal/lib/kadm5/chpass_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,16 +33,21 @@
#include "kadm5_locl.h"
-RCSID("$Id: chpass_s.c,v 1.8 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: chpass_s.c,v 1.13 2001/01/30 01:24:28 assar Exp $");
-kadm5_ret_t
-kadm5_s_chpass_principal(void *server_handle,
- krb5_principal princ,
- char *password)
+static kadm5_ret_t
+change(void *server_handle,
+ krb5_principal princ,
+ char *password,
+ int cond)
{
kadm5_server_context *context = server_handle;
hdb_entry ent;
kadm5_ret_t ret;
+ Key *keys;
+ size_t num_keys;
+ int cmp = 1;
+
ent.principal = princ;
ret = context->db->open(context->context, context->db, O_RDWR, 0);
if(ret)
@@ -51,19 +56,42 @@ kadm5_s_chpass_principal(void *server_handle,
0, &ent);
if(ret == HDB_ERR_NOENTRY)
goto out;
+
+ num_keys = ent.keys.len;
+ keys = ent.keys.val;
+
+ ent.keys.len = 0;
+ ent.keys.val = NULL;
+
ret = _kadm5_set_keys(context, &ent, password);
- if(ret)
+ if(ret) {
+ _kadm5_free_keys (server_handle, num_keys, keys);
+ goto out2;
+ }
+ if (cond)
+ cmp = _kadm5_cmp_keys (ent.keys.val, ent.keys.len,
+ keys, num_keys);
+ _kadm5_free_keys (server_handle, num_keys, keys);
+
+ if (cmp == 0)
goto out2;
+
ret = _kadm5_set_modifier(context, &ent);
if(ret)
goto out2;
- hdb_seal_keys(context->db, &ent);
+ ret = _kadm5_bump_pw_expire(context, &ent);
+ if (ret)
+ goto out2;
+
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret)
+ goto out2;
kadm5_log_modify (context,
&ent,
KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME |
- KADM5_KEY_DATA | KADM5_KVNO);
+ KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION);
ret = context->db->store(context->context, context->db,
HDB_F_REPLACE, &ent);
@@ -74,6 +102,36 @@ out:
return _kadm5_error_code(ret);
}
+
+
+/*
+ * change the password of `princ' to `password' if it's not already that.
+ */
+
+kadm5_ret_t
+kadm5_s_chpass_principal_cond(void *server_handle,
+ krb5_principal princ,
+ char *password)
+{
+ return change (server_handle, princ, password, 1);
+}
+
+/*
+ * change the password of `princ' to `password'
+ */
+
+kadm5_ret_t
+kadm5_s_chpass_principal(void *server_handle,
+ krb5_principal princ,
+ char *password)
+{
+ return change (server_handle, princ, password, 0);
+}
+
+/*
+ * change keys for `princ' to `keys'
+ */
+
kadm5_ret_t
kadm5_s_chpass_principal_with_key(void *server_handle,
krb5_principal princ,
@@ -90,19 +148,24 @@ kadm5_s_chpass_principal_with_key(void *server_handle,
ret = context->db->fetch(context->context, context->db, 0, &ent);
if(ret == HDB_ERR_NOENTRY)
goto out;
- ret = _kadm5_set_keys2(&ent, n_key_data, key_data);
+ ret = _kadm5_set_keys2(context, &ent, n_key_data, key_data);
if(ret)
goto out2;
ret = _kadm5_set_modifier(context, &ent);
if(ret)
goto out2;
+ ret = _kadm5_bump_pw_expire(context, &ent);
+ if (ret)
+ goto out2;
- hdb_seal_keys(context->db, &ent);
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret)
+ goto out2;
kadm5_log_modify (context,
&ent,
KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME |
- KADM5_KEY_DATA | KADM5_KVNO);
+ KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION);
ret = context->db->store(context->context, context->db,
HDB_F_REPLACE, &ent);
diff --git a/crypto/heimdal/lib/kadm5/common_glue.c b/crypto/heimdal/lib/kadm5/common_glue.c
index 38c551c29e7a..b508282690dc 100644
--- a/crypto/heimdal/lib/kadm5/common_glue.c
+++ b/crypto/heimdal/lib/kadm5/common_glue.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: common_glue.c,v 1.4 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: common_glue.c,v 1.5 2000/03/23 22:58:26 assar Exp $");
#define __CALL(F, P) (*((kadm5_common_context*)server_handle)->funcs.F)P;
@@ -46,6 +46,16 @@ kadm5_chpass_principal(void *server_handle,
}
kadm5_ret_t
+kadm5_chpass_principal_with_key(void *server_handle,
+ krb5_principal princ,
+ int n_key_data,
+ krb5_key_data *key_data)
+{
+ return __CALL(chpass_principal_with_key,
+ (server_handle, princ, n_key_data, key_data));
+}
+
+kadm5_ret_t
kadm5_create_principal(void *server_handle,
kadm5_principal_ent_t princ,
u_int32_t mask,
diff --git a/crypto/heimdal/lib/kadm5/context_s.c b/crypto/heimdal/lib/kadm5/context_s.c
index fc525767e9d2..805f4f09a857 100644
--- a/crypto/heimdal/lib/kadm5/context_s.c
+++ b/crypto/heimdal/lib/kadm5/context_s.c
@@ -33,14 +33,14 @@
#include "kadm5_locl.h"
-RCSID("$Id: context_s.c,v 1.13 2000/01/06 21:40:08 assar Exp $");
+RCSID("$Id: context_s.c,v 1.15 2000/05/12 15:22:33 assar Exp $");
static void
set_funcs(kadm5_server_context *c)
{
#define SET(C, F) (C)->funcs.F = kadm5_s_ ## F
SET(c, chpass_principal);
- SET(c, chpass_principal);
+ SET(c, chpass_principal_with_key);
SET(c, create_principal);
SET(c, delete_principal);
SET(c, destroy);
@@ -66,6 +66,10 @@ set_field(krb5_context context, krb5_config_binding *binding,
char **variable)
{
const char *p;
+
+ if (*variable != NULL)
+ free (*variable);
+
p = krb5_config_get_string(context, binding, name, NULL);
if(p)
*variable = strdup(p);
@@ -153,10 +157,10 @@ find_db_spec(kadm5_server_context *ctx)
if(default_binding)
set_config(ctx, default_binding);
else {
- ctx->config.dbname = strdup(HDB_DEFAULT_DB);
- ctx->config.acl_file = HDB_DB_DIR "/kadmind.acl";
- ctx->config.stash_file = HDB_DB_DIR "/m-key";
- ctx->log_context.log_file = HDB_DB_DIR "/log";
+ ctx->config.dbname = strdup(HDB_DEFAULT_DB);
+ ctx->config.acl_file = strdup(HDB_DB_DIR "/kadmind.acl");
+ ctx->config.stash_file = strdup(HDB_DB_DIR "/m-key");
+ ctx->log_context.log_file = strdup(HDB_DB_DIR "/log");
memset(&ctx->log_context.socket_name, 0,
sizeof(ctx->log_context.socket_name));
ctx->log_context.socket_name.sun_family = AF_UNIX;
diff --git a/crypto/heimdal/lib/kadm5/create_c.c b/crypto/heimdal/lib/kadm5/create_c.c
index 45eb3e212345..8d81cb3c559f 100644
--- a/crypto/heimdal/lib/kadm5/create_c.c
+++ b/crypto/heimdal/lib/kadm5/create_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: create_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: create_c.c,v 1.4 2000/07/11 15:59:21 joda Exp $");
kadm5_ret_t
kadm5_c_create_principal(void *server_handle,
@@ -48,6 +48,10 @@ kadm5_c_create_principal(void *server_handle,
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/create_s.c b/crypto/heimdal/lib/kadm5/create_s.c
index 6e352f6b9f55..287211b33216 100644
--- a/crypto/heimdal/lib/kadm5/create_s.c
+++ b/crypto/heimdal/lib/kadm5/create_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: create_s.c,v 1.16 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: create_s.c,v 1.19 2001/01/30 01:24:28 assar Exp $");
static kadm5_ret_t
get_default(kadm5_server_context *context, krb5_principal princ,
@@ -87,7 +87,8 @@ create_principal(kadm5_server_context *context,
def_mask = KADM5_ATTRIBUTES | KADM5_MAX_LIFE | KADM5_MAX_RLIFE;
}
- ret = _kadm5_setup_entry(ent, mask | def_mask,
+ ret = _kadm5_setup_entry(context,
+ ent, mask | def_mask,
princ, mask,
defent, def_mask);
if(defent)
@@ -119,11 +120,13 @@ kadm5_s_create_principal_with_key(void *server_handle,
if(ret)
goto out;
- ret = _kadm5_set_keys2(&ent, princ->n_key_data, princ->key_data);
+ ret = _kadm5_set_keys2(context, &ent, princ->n_key_data, princ->key_data);
if(ret)
goto out;
- hdb_seal_keys(context->db, &ent);
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret)
+ goto out;
kadm5_log_create (context, &ent);
@@ -174,8 +177,12 @@ kadm5_s_create_principal(void *server_handle,
ent.keys.val[2].salt->type = hdb_pw_salt;
ent.keys.val[3].key.keytype = ETYPE_DES3_CBC_SHA1;
ret = _kadm5_set_keys(context, &ent, password);
+ if (ret)
+ goto out;
- hdb_seal_keys(context->db, &ent);
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret)
+ goto out;
kadm5_log_create (context, &ent);
diff --git a/crypto/heimdal/lib/kadm5/delete_c.c b/crypto/heimdal/lib/kadm5/delete_c.c
index 71a3cf0f9012..7575c5e438f8 100644
--- a/crypto/heimdal/lib/kadm5/delete_c.c
+++ b/crypto/heimdal/lib/kadm5/delete_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: delete_c.c,v 1.3 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: delete_c.c,v 1.4 2000/07/11 15:59:29 joda Exp $");
kadm5_ret_t
kadm5_c_delete_principal(void *server_handle, krb5_principal princ)
@@ -45,6 +45,10 @@ kadm5_c_delete_principal(void *server_handle, krb5_principal princ)
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/delete_s.c b/crypto/heimdal/lib/kadm5/delete_s.c
index ef326587bf02..2f2bf881d29f 100644
--- a/crypto/heimdal/lib/kadm5/delete_s.c
+++ b/crypto/heimdal/lib/kadm5/delete_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: delete_s.c,v 1.7 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: delete_s.c,v 1.9 2001/01/30 01:24:28 assar Exp $");
kadm5_ret_t
kadm5_s_delete_principal(void *server_handle, krb5_principal princ)
@@ -57,7 +57,9 @@ kadm5_s_delete_principal(void *server_handle, krb5_principal princ)
goto out;
}
- hdb_seal_keys(context->db, &ent);
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret)
+ goto out;
kadm5_log_delete (context, princ);
diff --git a/crypto/heimdal/lib/kadm5/destroy_s.c b/crypto/heimdal/lib/kadm5/destroy_s.c
index 22158d0fa8e5..a8ad3285d446 100644
--- a/crypto/heimdal/lib/kadm5/destroy_s.c
+++ b/crypto/heimdal/lib/kadm5/destroy_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,35 @@
#include "kadm5_locl.h"
-RCSID("$Id: destroy_s.c,v 1.5 1999/12/02 17:05:05 joda Exp $");
+RCSID("$Id: destroy_s.c,v 1.6 2000/05/12 15:23:13 assar Exp $");
+
+/*
+ * dealloc a `kadm5_config_params'
+ */
+
+static void
+destroy_config (kadm5_config_params *c)
+{
+ free (c->realm);
+ free (c->dbname);
+ free (c->acl_file);
+ free (c->stash_file);
+}
+
+/*
+ * dealloc a kadm5_log_context
+ */
+
+static void
+destroy_kadm5_log_context (kadm5_log_context *c)
+{
+ free (c->log_file);
+ close (c->socket_fd);
+}
+
+/*
+ * destroy a kadm5 handle
+ */
kadm5_ret_t
kadm5_s_destroy(void *server_handle)
@@ -43,8 +71,11 @@ kadm5_s_destroy(void *server_handle)
krb5_context kcontext = context->context;
ret = context->db->destroy(kcontext, context->db);
+ destroy_kadm5_log_context (&context->log_context);
+ destroy_config (&context->config);
+ krb5_free_principal (kcontext, context->caller);
if(context->my_context)
krb5_free_context(kcontext);
+ free (context);
return ret;
}
-
diff --git a/crypto/heimdal/lib/kadm5/dump_log.c b/crypto/heimdal/lib/kadm5/dump_log.c
index 68a3f534dd6a..691f2d3c384c 100644
--- a/crypto/heimdal/lib/kadm5/dump_log.c
+++ b/crypto/heimdal/lib/kadm5/dump_log.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -34,7 +34,7 @@
#include "iprop.h"
#include "parse_time.h"
-RCSID("$Id: dump_log.c,v 1.9 1999/12/04 19:49:43 assar Exp $");
+RCSID("$Id: dump_log.c,v 1.11 2000/07/24 04:30:11 assar Exp $");
static char *op_names[] = {
"get",
@@ -45,7 +45,9 @@ static char *op_names[] = {
"modify",
"randkey",
"get_privs",
- "get_princs"
+ "get_princs",
+ "chpass_with_key",
+ "nop"
};
static void
@@ -70,7 +72,7 @@ print_entry(kadm5_server_context *server_context,
strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S", localtime(&timestamp));
- if(op < kadm_get || op > kadm_get_princs) {
+ if(op < kadm_get || op > kadm_nop) {
printf("unknown op: %d\n", op);
sp->seek(sp, end, SEEK_SET);
return;
@@ -130,11 +132,11 @@ print_entry(kadm5_server_context *server_context,
printf(" expires = %s\n", t);
}
if(mask & KADM5_PW_EXPIRATION) {
- if(ent.valid_end == NULL) {
+ if(ent.pw_end == NULL) {
strcpy(t, "never");
} else {
strftime(t, sizeof(t), "%Y-%m-%d %H:%M:%S",
- localtime(ent.valid_end));
+ localtime(ent.pw_end));
}
printf(" password exp = %s\n", t);
}
@@ -197,16 +199,19 @@ print_entry(kadm5_server_context *server_context,
}
hdb_free_entry(context, &ent);
break;
+ case kadm_nop :
+ break;
default:
abort();
}
sp->seek(sp, end, SEEK_SET);
}
-char *realm;
-int version_flag;
-int help_flag;
-struct getargs args[] = {
+static char *realm;
+static int version_flag;
+static int help_flag;
+
+static struct getargs args[] = {
{ "realm", 'r', arg_string, &realm },
{ "version", 0, arg_flag, &version_flag },
{ "help", 0, arg_flag, &help_flag }
diff --git a/crypto/heimdal/lib/kadm5/ent_setup.c b/crypto/heimdal/lib/kadm5/ent_setup.c
index 46653c7cbbd6..29fab740bacf 100644
--- a/crypto/heimdal/lib/kadm5/ent_setup.c
+++ b/crypto/heimdal/lib/kadm5/ent_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: ent_setup.c,v 1.11 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: ent_setup.c,v 1.12 2000/03/23 23:02:35 assar Exp $");
#define set_value(X, V) do { if((X) == NULL) (X) = malloc(sizeof(*(X))); *(X) = V; } while(0)
#define set_null(X) do { if((X) != NULL) free((X)); (X) = NULL; } while (0)
@@ -62,7 +62,8 @@ attr_to_flags(unsigned attr, HDBFlags *flags)
*/
kadm5_ret_t
-_kadm5_setup_entry(hdb_entry *ent,
+_kadm5_setup_entry(kadm5_server_context *context,
+ hdb_entry *ent,
u_int32_t mask,
kadm5_principal_ent_t princ,
u_int32_t princ_mask,
@@ -129,7 +130,7 @@ _kadm5_setup_entry(hdb_entry *ent,
}
if(mask & KADM5_KEY_DATA
&& princ_mask & KADM5_KEY_DATA) {
- _kadm5_set_keys2(ent, princ->n_key_data, princ->key_data);
+ _kadm5_set_keys2(context, ent, princ->n_key_data, princ->key_data);
}
if(mask & KADM5_TL_DATA) {
/* XXX */
diff --git a/crypto/heimdal/lib/kadm5/get_c.c b/crypto/heimdal/lib/kadm5/get_c.c
index 9ca672a5e7e1..279a77aa6bd7 100644
--- a/crypto/heimdal/lib/kadm5/get_c.c
+++ b/crypto/heimdal/lib/kadm5/get_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: get_c.c,v 1.5 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: get_c.c,v 1.6 2000/07/11 15:59:36 joda Exp $");
kadm5_ret_t
kadm5_c_get_principal(void *server_handle,
@@ -48,6 +48,10 @@ kadm5_c_get_principal(void *server_handle,
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/get_princs_c.c b/crypto/heimdal/lib/kadm5/get_princs_c.c
index 0956052272d9..3536cdfc5ff6 100644
--- a/crypto/heimdal/lib/kadm5/get_princs_c.c
+++ b/crypto/heimdal/lib/kadm5/get_princs_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: get_princs_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: get_princs_c.c,v 1.4 2000/07/11 16:00:19 joda Exp $");
kadm5_ret_t
kadm5_c_get_principals(void *server_handle,
@@ -48,6 +48,10 @@ kadm5_c_get_principals(void *server_handle,
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/get_s.c b/crypto/heimdal/lib/kadm5/get_s.c
index 12613b6b6d46..08519009c8c4 100644
--- a/crypto/heimdal/lib/kadm5/get_s.c
+++ b/crypto/heimdal/lib/kadm5/get_s.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: get_s.c,v 1.11 1999/12/26 19:38:23 assar Exp $");
+RCSID("$Id: get_s.c,v 1.13 2000/06/19 16:11:31 joda Exp $");
kadm5_ret_t
kadm5_s_get_principal(void *server_handle,
@@ -78,8 +78,12 @@ kadm5_s_get_principal(void *server_handle,
out->attributes |= ent.flags.server ? 0 : KRB5_KDB_DISALLOW_SVR;
out->attributes |= ent.flags.change_pw ? KRB5_KDB_PWCHANGE_SERVICE : 0;
}
- if(mask & KADM5_MAX_LIFE && ent.max_life)
- out->max_life = *ent.max_life;
+ if(mask & KADM5_MAX_LIFE) {
+ if(ent.max_life)
+ out->max_life = *ent.max_life;
+ else
+ out->max_life = INT_MAX;
+ }
if(mask & KADM5_MOD_TIME) {
if(ent.modified_by)
out->mod_date = ent.modified_by->time;
@@ -92,10 +96,12 @@ kadm5_s_get_principal(void *server_handle,
ret = krb5_copy_principal(context->context,
ent.modified_by->principal,
&out->mod_name);
- } else
+ } else if(ent.created_by.principal != NULL)
ret = krb5_copy_principal(context->context,
ent.created_by.principal,
&out->mod_name);
+ else
+ out->mod_name = NULL;
}
if(ret)
goto out;
@@ -115,8 +121,12 @@ kadm5_s_get_principal(void *server_handle,
/* XXX implement */;
if(mask & KADM5_POLICY)
out->policy = NULL;
- if(mask & KADM5_MAX_RLIFE && ent.max_renew)
- out->max_renewable_life = *ent.max_renew;
+ if(mask & KADM5_MAX_RLIFE) {
+ if(ent.max_renew)
+ out->max_renewable_life = *ent.max_renew;
+ else
+ out->max_renewable_life = INT_MAX;
+ }
if(mask & KADM5_LAST_SUCCESS)
/* XXX implement */;
if(mask & KADM5_LAST_FAILED)
@@ -140,7 +150,7 @@ kadm5_s_get_principal(void *server_handle,
if(key->salt)
kd->key_data_type[1] = key->salt->type;
else
- kd->key_data_type[1] = pa_pw_salt;
+ kd->key_data_type[1] = KRB5_PADATA_PW_SALT;
/* setup key */
kd->key_data_length[0] = key->key.keyvalue.length;
kd->key_data_contents[0] = malloc(kd->key_data_length[0]);
diff --git a/crypto/heimdal/lib/kadm5/init_c.c b/crypto/heimdal/lib/kadm5/init_c.c
index 098e9c87fada..e4df034261ae 100644
--- a/crypto/heimdal/lib/kadm5/init_c.c
+++ b/crypto/heimdal/lib/kadm5/init_c.c
@@ -37,14 +37,14 @@
#include <netinet/in.h>
#include <netdb.h>
-RCSID("$Id: init_c.c,v 1.35 2000/01/28 03:20:18 assar Exp $");
+RCSID("$Id: init_c.c,v 1.40 2000/12/31 08:00:23 assar Exp $");
static void
set_funcs(kadm5_client_context *c)
{
#define SET(C, F) (C)->funcs.F = kadm5 ## _c_ ## F
SET(c, chpass_principal);
- SET(c, chpass_principal);
+ SET(c, chpass_principal_with_key);
SET(c, create_principal);
SET(c, delete_principal);
SET(c, destroy);
@@ -288,21 +288,10 @@ get_cred_cache(krb5_context context,
return ret;
}
-static kadm5_ret_t
-kadm5_c_init_with_context(krb5_context context,
- const char *client_name,
- const char *password,
- krb5_prompter_fct prompter,
- const char *keytab,
- krb5_ccache ccache,
- const char *service_name,
- kadm5_config_params *realm_params,
- unsigned long struct_version,
- unsigned long api_version,
- void **server_handle)
+static kadm5_ret_t
+kadm_connect(kadm5_client_context *ctx)
{
kadm5_ret_t ret;
- kadm5_client_context *ctx;
krb5_principal server;
krb5_ccache cc;
int s;
@@ -311,15 +300,12 @@ kadm5_c_init_with_context(krb5_context context,
int error;
char portstr[NI_MAXSERV];
char *hostname, *slash;
+ krb5_context context = ctx->context;
memset (&hints, 0, sizeof(hints));
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
-
- ret = _kadm5_c_init_context(&ctx, realm_params, context);
- if(ret)
- return ret;
-
+
snprintf (portstr, sizeof(portstr), "%u", ntohs(ctx->kadmind_port));
hostname = ctx->admin_server;
@@ -347,8 +333,9 @@ kadm5_c_init_with_context(krb5_context context,
krb5_warnx (context, "failed to contact %s", hostname);
return KADM5_FAILURE;
}
- ret = get_cred_cache(context, client_name, service_name,
- password, prompter, keytab, ccache, &cc);
+ ret = get_cred_cache(context, ctx->client_name, ctx->service_name,
+ NULL, ctx->prompter, ctx->keytab,
+ ctx->ccache, &cc);
if(ret) {
freeaddrinfo (ai);
@@ -358,7 +345,7 @@ kadm5_c_init_with_context(krb5_context context,
ret = krb5_parse_name(context, KADM5_ADMIN_SERVICE, &server);
if(ret) {
freeaddrinfo (ai);
- if(ccache == NULL)
+ if(ctx->ccache == NULL)
krb5_cc_close(context, cc);
close(s);
return ret;
@@ -370,19 +357,18 @@ kadm5_c_init_with_context(krb5_context context,
server, AP_OPTS_MUTUAL_REQUIRED,
NULL, NULL, cc, NULL, NULL, NULL);
if(ret == 0) {
- krb5_data params, enc_data;
- ret = _kadm5_marshal_params(context, realm_params, &params);
-
- ret = krb5_mk_priv(context,
- ctx->ac,
- &params,
- &enc_data,
- NULL);
-
- ret = krb5_write_message(context, &s, &enc_data);
+ krb5_data params;
+ ret = _kadm5_marshal_params(context, ctx->realm_params, &params);
+ ret = krb5_write_priv_message(context, ctx->ac, &s, &params);
krb5_data_free(&params);
- krb5_data_free(&enc_data);
+ if(ret) {
+ freeaddrinfo (ai);
+ close(s);
+ if(ctx->ccache == NULL)
+ krb5_cc_close(context, cc);
+ return ret;
+ }
} else if(ret == KRB5_SENDAUTH_BADAPPLVERS) {
close(s);
@@ -396,8 +382,6 @@ kadm5_c_init_with_context(krb5_context context,
freeaddrinfo (ai);
return errno;
}
- freeaddrinfo (ai);
-
ret = krb5_sendauth(context, &ctx->ac, &s,
KADMIN_OLD_APPL_VERSION, NULL,
server, AP_OPTS_MUTUAL_REQUIRED,
@@ -410,13 +394,70 @@ kadm5_c_init_with_context(krb5_context context,
}
krb5_free_principal(context, server);
- if(ccache == NULL)
+ if(ctx->ccache == NULL)
krb5_cc_close(context, cc);
if(ret) {
close(s);
return ret;
}
ctx->sock = s;
+
+ return 0;
+}
+
+kadm5_ret_t
+_kadm5_connect(void *handle)
+{
+ kadm5_client_context *ctx = handle;
+ if(ctx->sock == -1)
+ return kadm_connect(ctx);
+ return 0;
+}
+
+static kadm5_ret_t
+kadm5_c_init_with_context(krb5_context context,
+ const char *client_name,
+ const char *password,
+ krb5_prompter_fct prompter,
+ const char *keytab,
+ krb5_ccache ccache,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle)
+{
+ kadm5_ret_t ret;
+ kadm5_client_context *ctx;
+ krb5_ccache cc;
+
+ ret = _kadm5_c_init_context(&ctx, realm_params, context);
+ if(ret)
+ return ret;
+
+ if(password != NULL && *password != '\0') {
+ ret = get_cred_cache(context, client_name, service_name,
+ password, prompter, keytab, ccache, &cc);
+ if(ret)
+ return ret; /* XXX */
+ ccache = cc;
+ }
+
+
+ if (client_name != NULL)
+ ctx->client_name = strdup(client_name);
+ else
+ ctx->client_name = NULL;
+ if (service_name != NULL)
+ ctx->service_name = strdup(service_name);
+ else
+ ctx->service_name = NULL;
+ ctx->prompter = prompter;
+ ctx->keytab = keytab;
+ ctx->ccache = ccache;
+ ctx->realm_params = realm_params;
+ ctx->sock = -1;
+
*server_handle = ctx;
return 0;
}
@@ -437,7 +478,9 @@ init_context(const char *client_name,
kadm5_ret_t ret;
kadm5_server_context *ctx;
- krb5_init_context(&context);
+ ret = krb5_init_context(&context);
+ if (ret)
+ return ret;
ret = kadm5_c_init_with_context(context,
client_name,
password,
diff --git a/crypto/heimdal/lib/kadm5/init_s.c b/crypto/heimdal/lib/kadm5/init_s.c
index 6c1f3d144d15..bf5d036d8f7a 100644
--- a/crypto/heimdal/lib/kadm5/init_s.c
+++ b/crypto/heimdal/lib/kadm5/init_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: init_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: init_s.c,v 1.10 2000/12/31 08:01:16 assar Exp $");
static kadm5_ret_t
@@ -113,7 +113,9 @@ kadm5_s_init_with_password(const char *client_name,
kadm5_ret_t ret;
kadm5_server_context *ctx;
- krb5_init_context(&context);
+ ret = krb5_init_context(&context);
+ if (ret)
+ return ret;
ret = kadm5_s_init_with_password_ctx(context,
client_name,
password,
@@ -163,7 +165,9 @@ kadm5_s_init_with_skey(const char *client_name,
kadm5_ret_t ret;
kadm5_server_context *ctx;
- krb5_init_context(&context);
+ ret = krb5_init_context(&context);
+ if (ret)
+ return ret;
ret = kadm5_s_init_with_skey_ctx(context,
client_name,
keytab,
@@ -213,7 +217,9 @@ kadm5_s_init_with_creds(const char *client_name,
kadm5_ret_t ret;
kadm5_server_context *ctx;
- krb5_init_context(&context);
+ ret = krb5_init_context(&context);
+ if (ret)
+ return ret;
ret = kadm5_s_init_with_creds_ctx(context,
client_name,
ccache,
diff --git a/crypto/heimdal/lib/kadm5/iprop.h b/crypto/heimdal/lib/kadm5/iprop.h
index 499f51544e20..a8f2b7f4fbca 100644
--- a/crypto/heimdal/lib/kadm5/iprop.h
+++ b/crypto/heimdal/lib/kadm5/iprop.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: iprop.h,v 1.4 1999/12/02 17:05:06 joda Exp $ */
+/* $Id: iprop.h,v 1.5 2000/06/05 17:02:43 assar Exp $ */
#ifndef __IPROP_H__
#define __IPROP_H__
@@ -48,6 +48,15 @@
#define IPROP_NAME "iprop"
-enum iprop_cmd { I_HAVE = 1, FOR_YOU = 2 };
+#define IPROP_SERVICE "iprop"
+
+#define IPROP_PORT 2121
+
+enum iprop_cmd { I_HAVE = 1,
+ FOR_YOU = 2,
+ TELL_YOU_EVERYTHING = 3,
+ ONE_PRINC = 4,
+ NOW_YOU_HAVE = 5
+};
#endif /* __IPROP_H__ */
diff --git a/crypto/heimdal/lib/kadm5/ipropd_master.c b/crypto/heimdal/lib/kadm5/ipropd_master.c
index b2e71a736dd2..99cddc4de5f8 100644
--- a/crypto/heimdal/lib/kadm5/ipropd_master.c
+++ b/crypto/heimdal/lib/kadm5/ipropd_master.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,9 @@
#include "iprop.h"
-RCSID("$Id: ipropd_master.c,v 1.12 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: ipropd_master.c,v 1.21 2000/11/15 23:12:45 assar Exp $");
+
+static krb5_log_facility *log_facility;
static int
make_signal_socket (krb5_context context)
@@ -46,8 +48,7 @@ make_signal_socket (krb5_context context)
krb5_err (context, 1, errno, "socket AF_UNIX");
memset (&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
- strncpy (addr.sun_path, KADM5_LOG_SIGNAL, sizeof(addr.sun_path));
- addr.sun_path[sizeof(addr.sun_path) - 1] = '\0';
+ strlcpy (addr.sun_path, KADM5_LOG_SIGNAL, sizeof(addr.sun_path));
unlink (addr.sun_path);
if (bind (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
krb5_err (context, 1, errno, "bind %s", addr.sun_path);
@@ -67,7 +68,8 @@ make_listen_socket (krb5_context context)
setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, &one, sizeof(one));
memset (&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
- addr.sin_port = htons(4711);
+ addr.sin_port = krb5_getportbyname (context,
+ IPROP_SERVICE, "tcp", IPROP_PORT);
if(bind(fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
krb5_err (context, 1, errno, "bind");
if (listen(fd, SOMAXCONN) < 0)
@@ -109,12 +111,12 @@ check_acl (krb5_context context, const char *name)
}
static void
-add_slave (krb5_context context, slave **root, int fd)
+add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd)
{
krb5_principal server;
krb5_error_code ret;
slave *s;
- int addr_len;
+ socklen_t addr_len;
krb5_ticket *ticket = NULL;
char hostname[128];
@@ -141,7 +143,7 @@ add_slave (krb5_context context, slave **root, int fd)
}
ret = krb5_recvauth (context, &s->ac, &s->fd,
- IPROP_VERSION, server, 0, NULL, &ticket);
+ IPROP_VERSION, server, 0, keytab, &ticket);
krb5_free_principal (context, server);
if (ret) {
krb5_warn (context, ret, "krb5_recvauth");
@@ -157,7 +159,7 @@ add_slave (krb5_context context, slave **root, int fd)
goto error;
}
krb5_free_ticket (context, ticket);
- printf ("connection from %s\n", s->name);
+ krb5_warnx (context, "connection from %s", s->name);
s->version = 0;
s->next = *root;
@@ -191,24 +193,87 @@ remove_slave (krb5_context context, slave *s, slave **root)
free (s);
}
+struct prop_context {
+ krb5_auth_context auth_context;
+ int fd;
+};
+
+static int
+prop_one (krb5_context context, HDB *db, hdb_entry *entry, void *v)
+{
+ krb5_error_code ret;
+ krb5_data data;
+ struct slave *slave = (struct slave *)v;
+
+ ret = hdb_entry2value (context, entry, &data);
+ if (ret)
+ return ret;
+ ret = krb5_data_realloc (&data, data.length + 4);
+ if (ret) {
+ krb5_data_free (&data);
+ return ret;
+ }
+ memmove ((char *)data.data + 4, data.data, data.length - 4);
+ _krb5_put_int (data.data, ONE_PRINC, 4);
+
+ ret = krb5_write_priv_message (context, slave->ac, &slave->fd, &data);
+ krb5_data_free (&data);
+ return ret;
+}
+
static int
-send_complete (krb5_context context, slave *s)
+send_complete (krb5_context context, slave *s,
+ const char *database, u_int32_t current_version)
{
- abort ();
+ krb5_error_code ret;
+ HDB *db;
+ krb5_data data;
+ char buf[8];
+
+ ret = hdb_create (context, &db, database);
+ if (ret)
+ krb5_err (context, 1, ret, "hdb_create: %s", database);
+ ret = db->open (context, db, O_RDONLY, 0);
+ if (ret)
+ krb5_err (context, 1, ret, "db->open");
+
+ _krb5_put_int(buf, TELL_YOU_EVERYTHING, 4);
+
+ data.data = buf;
+ data.length = 4;
+
+ ret = krb5_write_priv_message(context, s->ac, &s->fd, &data);
+
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_write_priv_message");
+
+ ret = hdb_foreach (context, db, 0, prop_one, s);
+ if (ret)
+ krb5_err (context, 1, ret, "hdb_foreach");
+
+ _krb5_put_int (buf, NOW_YOU_HAVE, 4);
+ _krb5_put_int (buf + 4, current_version, 4);
+ data.length = 8;
+
+ ret = krb5_write_priv_message(context, s->ac, &s->fd, &data);
+
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_write_priv_message");
+
+ return 0;
}
static int
send_diffs (krb5_context context, slave *s, int log_fd,
- u_int32_t current_version)
+ const char *database, u_int32_t current_version)
{
- krb5_storage *sp, *data_sp;
+ krb5_storage *sp;
u_int32_t ver;
time_t timestamp;
enum kadm_ops op;
u_int32_t len;
off_t right, left;
krb5_data data;
- krb5_data priv_data;
int ret = 0;
if (s->version == current_version)
@@ -216,18 +281,16 @@ send_diffs (krb5_context context, slave *s, int log_fd,
sp = kadm5_log_goto_end (log_fd);
right = sp->seek(sp, 0, SEEK_CUR);
- printf ("%ld, looking for %d\n", (long)right, s->version);
for (;;) {
if (kadm5_log_previous (sp, &ver, &timestamp, &op, &len))
abort ();
- printf ("version = %d\n", ver);
left = sp->seek(sp, -16, SEEK_CUR);
if (ver == s->version)
return 0;
if (ver == s->version + 1)
break;
if (left == 0)
- return send_complete (context, s);
+ return send_complete (context, s, database, current_version);
}
krb5_data_alloc (&data, right - left + 4);
sp->fetch (sp, (char *)data.data + 4, data.length - 4);
@@ -235,17 +298,10 @@ send_diffs (krb5_context context, slave *s, int log_fd,
_krb5_put_int(data.data, FOR_YOU, 4);
- ret = krb5_mk_priv (context, s->ac, &data, &priv_data, NULL);
- krb5_data_free(&data);
- if (ret) {
- krb5_warn (context, ret, "krb_mk_priv");
- return 0;
- }
+ ret = krb5_write_priv_message(context, s->ac, &s->fd, &data);
- ret = krb5_write_message (context, &s->fd, &priv_data);
- krb5_data_free (&priv_data);
if (ret) {
- krb5_warn (context, ret, "krb5_write_message");
+ krb5_warn (context, ret, "krb5_write_priv_message");
return 1;
}
return 0;
@@ -253,26 +309,16 @@ send_diffs (krb5_context context, slave *s, int log_fd,
static int
process_msg (krb5_context context, slave *s, int log_fd,
- u_int32_t current_version)
+ const char *database, u_int32_t current_version)
{
int ret = 0;
- krb5_data in, out;
+ krb5_data out;
krb5_storage *sp;
int32_t tmp;
- ret = krb5_read_message (context, &s->fd, &in);
- if (ret)
- return 1;
-
- if(in.length == 0) {
- krb5_warnx(context, "process_msg: short message");
- return 1;
- }
-
- ret = krb5_rd_priv (context, s->ac, &in, &out, NULL);
- krb5_data_free (&in);
- if (ret) {
- krb5_warn (context, ret, "krb5_rd_priv");
+ ret = krb5_read_priv_message(context, s->ac, &s->fd, &out);
+ if(ret) {
+ krb5_warn (context, ret, "error reading message from %s", s->name);
return 1;
}
@@ -282,7 +328,7 @@ process_msg (krb5_context context, slave *s, int log_fd,
case I_HAVE :
krb5_ret_int32 (sp, &tmp);
s->version = tmp;
- ret = send_diffs (context, s, log_fd, current_version);
+ ret = send_diffs (context, s, log_fd, database, current_version);
break;
case FOR_YOU :
default :
@@ -294,15 +340,21 @@ process_msg (krb5_context context, slave *s, int log_fd,
return ret;
}
-char *realm;
-int version_flag;
-int help_flag;
-struct getargs args[] = {
+static char *realm;
+static int version_flag;
+static int help_flag;
+static char *keytab_str = "HDB:";
+static char *database;
+
+static struct getargs args[] = {
{ "realm", 'r', arg_string, &realm },
+ { "keytab", 'k', arg_string, &keytab_str,
+ "keytab to get authentication from", "kspec" },
+ { "database", 'd', arg_string, &database, "database", "file"},
{ "version", 0, arg_flag, &version_flag },
{ "help", 0, arg_flag, &help_flag }
};
-int num_args = sizeof(args) / sizeof(args[0]);
+static int num_args = sizeof(args) / sizeof(args[0]);
int
main(int argc, char **argv)
@@ -316,7 +368,7 @@ main(int argc, char **argv)
int log_fd;
slave *slaves = NULL;
u_int32_t current_version, old_version = 0;
-
+ krb5_keytab keytab;
int optind;
optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL);
@@ -328,17 +380,28 @@ main(int argc, char **argv)
exit(0);
}
+ krb5_openlog (context, "ipropd-master", &log_facility);
+ krb5_set_warn_dest(context, log_facility);
+
+ ret = krb5_kt_register(context, &hdb_kt_ops);
+ if(ret)
+ krb5_err(context, 1, ret, "krb5_kt_register");
+
+ ret = krb5_kt_resolve(context, keytab_str, &keytab);
+ if(ret)
+ krb5_err(context, 1, ret, "krb5_kt_resolve: %s", keytab_str);
+
memset(&conf, 0, sizeof(conf));
if(realm) {
conf.mask |= KADM5_CONFIG_REALM;
conf.realm = realm;
}
- ret = kadm5_init_with_password_ctx (context,
- KADM5_ADMIN_SERVICE,
- NULL,
- KADM5_ADMIN_SERVICE,
- &conf, 0, 0,
- &kadm_handle);
+ ret = kadm5_init_with_skey_ctx (context,
+ KADM5_ADMIN_SERVICE,
+ NULL,
+ KADM5_ADMIN_SERVICE,
+ &conf, 0, 0,
+ &kadm_handle);
if (ret)
krb5_err (context, 1, ret, "kadm5_init_with_password_ctx");
@@ -352,6 +415,8 @@ main(int argc, char **argv)
signal_fd = make_signal_socket (context);
listen_fd = make_listen_socket (context);
+ signal (SIGPIPE, SIG_IGN);
+
for (;;) {
slave *p;
fd_set readset;
@@ -359,6 +424,9 @@ main(int argc, char **argv)
struct timeval to = {30, 0};
u_int32_t vers;
+ if (signal_fd >= FD_SETSIZE || listen_fd >= FD_SETSIZE)
+ krb5_errx (context, 1, "fd too large");
+
FD_ZERO(&readset);
FD_SET(signal_fd, &readset);
max_fd = max(max_fd, signal_fd);
@@ -381,38 +449,37 @@ main(int argc, char **argv)
if (ret == 0) {
old_version = current_version;
- kadm5_log_get_version (log_fd, &current_version);
+ kadm5_log_get_version_fd (log_fd, &current_version);
if (current_version > old_version)
for (p = slaves; p != NULL; p = p->next)
- send_diffs (context, p, log_fd, current_version);
+ send_diffs (context, p, log_fd, database, current_version);
}
if (ret && FD_ISSET(signal_fd, &readset)) {
struct sockaddr_un peer_addr;
- int peer_len = sizeof(peer_addr);
+ socklen_t peer_len = sizeof(peer_addr);
if(recvfrom(signal_fd, &vers, sizeof(vers), 0,
(struct sockaddr *)&peer_addr, &peer_len) < 0) {
krb5_warn (context, errno, "recvfrom");
continue;
}
- printf ("signal: %u\n", vers);
--ret;
old_version = current_version;
- kadm5_log_get_version (log_fd, &current_version);
+ kadm5_log_get_version_fd (log_fd, &current_version);
for (p = slaves; p != NULL; p = p->next)
- send_diffs (context, p, log_fd, current_version);
+ send_diffs (context, p, log_fd, database, current_version);
}
for(p = slaves; p != NULL && ret--; p = p->next)
if (FD_ISSET(p->fd, &readset)) {
- if(process_msg (context, p, log_fd, current_version))
+ if(process_msg (context, p, log_fd, database, current_version))
remove_slave (context, p, &slaves);
}
if (ret && FD_ISSET(listen_fd, &readset)) {
- add_slave (context, &slaves, listen_fd);
+ add_slave (context, keytab, &slaves, listen_fd);
--ret;
}
diff --git a/crypto/heimdal/lib/kadm5/ipropd_slave.c b/crypto/heimdal/lib/kadm5/ipropd_slave.c
index 76884eb00c89..8d8bf25ae495 100644
--- a/crypto/heimdal/lib/kadm5/ipropd_slave.c
+++ b/crypto/heimdal/lib/kadm5/ipropd_slave.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,9 @@
#include "iprop.h"
-RCSID("$Id: ipropd_slave.c,v 1.10 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: ipropd_slave.c,v 1.21 2000/08/06 02:06:19 assar Exp $");
+
+static krb5_log_facility *log_facility;
static int
connect_to_master (krb5_context context, const char *master)
@@ -47,7 +49,8 @@ connect_to_master (krb5_context context, const char *master)
krb5_err (context, 1, errno, "socket AF_INET");
memset (&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
- addr.sin_port = htons(4711);
+ addr.sin_port = krb5_getportbyname (context,
+ IPROP_SERVICE, "tcp", IPROP_PORT);
he = roken_gethostbyname (master);
if (he == NULL)
krb5_errx (context, 1, "gethostbyname: %s", hstrerror(h_errno));
@@ -58,31 +61,37 @@ connect_to_master (krb5_context context, const char *master)
}
static void
-get_creds(krb5_context context, krb5_ccache *cache, const char *host)
+get_creds(krb5_context context, const char *keytab_str,
+ krb5_ccache *cache, const char *host)
{
krb5_keytab keytab;
krb5_principal client;
krb5_error_code ret;
krb5_get_init_creds_opt init_opts;
-#if 0
- krb5_preauthtype preauth = KRB5_PADATA_ENC_TIMESTAMP;
-#endif
krb5_creds creds;
- char my_hostname[128];
char *server;
+ char keytab_buf[256];
- ret = krb5_kt_default(context, &keytab);
- if(ret) krb5_err(context, 1, ret, "krb5_kt_default");
+ ret = krb5_kt_register(context, &hdb_kt_ops);
+ if(ret)
+ krb5_err(context, 1, ret, "krb5_kt_register");
- gethostname (my_hostname, sizeof(my_hostname));
- ret = krb5_sname_to_principal (context, my_hostname, IPROP_NAME,
+ if (keytab_str == NULL) {
+ ret = krb5_kt_default_name (context, keytab_buf, sizeof(keytab_buf));
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_kt_default_name");
+ keytab_str = keytab_buf;
+ }
+
+ ret = krb5_kt_resolve(context, keytab_str, &keytab);
+ if(ret)
+ krb5_err(context, 1, ret, "%s", keytab_str);
+
+ ret = krb5_sname_to_principal (context, NULL, IPROP_NAME,
KRB5_NT_SRV_HST, &client);
if (ret) krb5_err(context, 1, ret, "krb5_sname_to_principal");
krb5_get_init_creds_opt_init(&init_opts);
-#if 0
- krb5_get_init_creds_opt_set_preauth_list(&init_opts, &preauth, 1);
-#endif
asprintf (&server, "%s/%s", IPROP_NAME, host);
if (server == NULL)
@@ -134,21 +143,15 @@ ihave (krb5_context context, krb5_auth_context auth_context,
}
static void
-receive (krb5_context context,
- krb5_storage *sp,
- kadm5_server_context *server_context)
+receive_loop (krb5_context context,
+ krb5_storage *sp,
+ kadm5_server_context *server_context)
{
int ret;
off_t left, right;
void *buf;
int32_t vers;
- ret = server_context->db->open(context,
- server_context->db,
- O_RDWR | O_CREAT, 0);
- if (ret)
- krb5_err (context, 1, ret, "db->open");
-
do {
int32_t len, timestamp, tmp;
enum kadm_ops op;
@@ -166,7 +169,7 @@ receive (krb5_context context,
left = sp->seek (sp, -16, SEEK_CUR);
right = sp->seek (sp, 0, SEEK_END);
buf = malloc (right - left);
- if (buf == NULL) {
+ if (buf == NULL && (right - left) != 0) {
krb5_warnx (context, "malloc: no memory");
return;
}
@@ -197,21 +200,120 @@ receive (krb5_context context,
server_context->log_context.version = vers;
sp->seek (sp, 8, SEEK_CUR);
}
+}
+
+static void
+receive (krb5_context context,
+ krb5_storage *sp,
+ kadm5_server_context *server_context)
+{
+ int ret;
+
+ ret = server_context->db->open(context,
+ server_context->db,
+ O_RDWR | O_CREAT, 0600);
+ if (ret)
+ krb5_err (context, 1, ret, "db->open");
+
+ receive_loop (context, sp, server_context);
+
+ ret = server_context->db->close (context, server_context->db);
+ if (ret)
+ krb5_err (context, 1, ret, "db->close");
+}
+
+static void
+receive_everything (krb5_context context, int fd,
+ kadm5_server_context *server_context,
+ krb5_auth_context auth_context)
+{
+ int ret;
+ krb5_data data;
+ int32_t vno;
+ int32_t opcode;
+
+ ret = server_context->db->open(context,
+ server_context->db,
+ O_RDWR | O_CREAT | O_TRUNC, 0600);
+ if (ret)
+ krb5_err (context, 1, ret, "db->open");
+
+ do {
+ krb5_storage *sp;
+
+ ret = krb5_read_priv_message(context, auth_context, &fd, &data);
+
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_read_priv_message");
+
+ sp = krb5_storage_from_data (&data);
+ krb5_ret_int32 (sp, &opcode);
+ if (opcode == ONE_PRINC) {
+ krb5_data fake_data;
+ hdb_entry entry;
+
+ fake_data.data = (char *)data.data + 4;
+ fake_data.length = data.length - 4;
+
+ ret = hdb_value2entry (context, &fake_data, &entry);
+ if (ret)
+ krb5_err (context, 1, ret, "hdb_value2entry");
+ ret = server_context->db->store(server_context->context,
+ server_context->db,
+ 0, &entry);
+ if (ret)
+ krb5_err (context, 1, ret, "hdb_store");
+
+ hdb_free_entry (context, &entry);
+ krb5_data_free (&data);
+ }
+ } while (opcode == ONE_PRINC);
+
+ if (opcode != NOW_YOU_HAVE)
+ krb5_errx (context, 1, "receive_everything: strange %d", opcode);
+
+ _krb5_get_int ((char *)data.data + 4, &vno, 4);
+
+ ret = kadm5_log_reinit (server_context);
+ if (ret)
+ krb5_err(context, 1, ret, "kadm5_log_reinit");
+
+ ret = kadm5_log_set_version (server_context, vno - 1);
+ if (ret)
+ krb5_err (context, 1, ret, "kadm5_log_set_version");
+
+ ret = kadm5_log_nop (server_context);
+ if (ret)
+ krb5_err (context, 1, ret, "kadm5_log_nop");
+
+ krb5_data_free (&data);
ret = server_context->db->close (context, server_context->db);
if (ret)
krb5_err (context, 1, ret, "db->close");
}
-char *realm;
-int version_flag;
-int help_flag;
-struct getargs args[] = {
+static char *realm;
+static int version_flag;
+static int help_flag;
+static char *keytab_str;
+
+static struct getargs args[] = {
{ "realm", 'r', arg_string, &realm },
+ { "keytab", 'k', arg_string, &keytab_str,
+ "keytab to get authentication from", "kspec" },
{ "version", 0, arg_flag, &version_flag },
{ "help", 0, arg_flag, &help_flag }
};
-int num_args = sizeof(args) / sizeof(args[0]);
+
+static int num_args = sizeof(args) / sizeof(args[0]);
+
+static void
+usage (int code, struct getargs *args, int num_args)
+{
+ arg_printusage (args, num_args, NULL, "master");
+ exit (code);
+}
int
main(int argc, char **argv)
@@ -227,16 +329,32 @@ main(int argc, char **argv)
krb5_principal server;
int optind;
+ const char *master;
- optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL);
+ optind = krb5_program_setup(&context, argc, argv, args, num_args, usage);
if(help_flag)
- krb5_std_usage(0, args, num_args);
+ usage (0, args, num_args);
if(version_flag) {
print_version(NULL);
exit(0);
}
+ argc -= optind;
+ argv += optind;
+
+ if (argc != 1)
+ usage (1, args, num_args);
+
+ master = argv[0];
+
+ krb5_openlog (context, "ipropd-master", &log_facility);
+ krb5_set_warn_dest(context, log_facility);
+
+ ret = krb5_kt_register(context, &hdb_kt_ops);
+ if(ret)
+ krb5_err(context, 1, ret, "krb5_kt_register");
+
memset(&conf, 0, sizeof(conf));
if(realm) {
conf.mask |= KADM5_CONFIG_REALM;
@@ -257,11 +375,11 @@ main(int argc, char **argv)
if (ret)
krb5_err (context, 1, ret, "kadm5_log_init");
- get_creds(context, &ccache, argv[1]);
+ get_creds(context, keytab_str, &ccache, master);
- master_fd = connect_to_master (context, argv[1]);
+ master_fd = connect_to_master (context, master);
- ret = krb5_sname_to_principal (context, argv[1], IPROP_NAME,
+ ret = krb5_sname_to_principal (context, master, IPROP_NAME,
KRB5_NT_SRV_HST, &server);
if (ret)
krb5_err (context, 1, ret, "krb5_sname_to_principal");
@@ -279,18 +397,14 @@ main(int argc, char **argv)
for (;;) {
int ret;
- krb5_data data, out;
+ krb5_data out;
krb5_storage *sp;
int32_t tmp;
- ret = krb5_read_message (context, &master_fd, &data);
- if (ret)
- krb5_err (context, 1, ret, "krb5_read_message");
+ ret = krb5_read_priv_message(context, auth_context, &master_fd, &out);
- ret = krb5_rd_priv (context, auth_context, &data, &out, NULL);
- krb5_data_free (&data);
if (ret)
- krb5_err (context, 1, ret, "krb5_rd_priv");
+ krb5_err (context, 1, ret, "krb5_read_priv_message");
sp = krb5_storage_from_mem (out.data, out.length);
krb5_ret_int32 (sp, &tmp);
@@ -300,7 +414,13 @@ main(int argc, char **argv)
ihave (context, auth_context, master_fd,
server_context->log_context.version);
break;
+ case TELL_YOU_EVERYTHING :
+ receive_everything (context, master_fd, server_context,
+ auth_context);
+ break;
+ case NOW_YOU_HAVE :
case I_HAVE :
+ case ONE_PRINC :
default :
krb5_warnx (context, "Ignoring command %d", tmp);
break;
@@ -308,6 +428,6 @@ main(int argc, char **argv)
krb5_storage_free (sp);
krb5_data_free (&out);
}
-
+
return 0;
-}
+ }
diff --git a/crypto/heimdal/lib/kadm5/kadm5-private.h b/crypto/heimdal/lib/kadm5/kadm5-private.h
new file mode 100644
index 000000000000..4e74a2be1442
--- /dev/null
+++ b/crypto/heimdal/lib/kadm5/kadm5-private.h
@@ -0,0 +1,245 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: kadm5-private.h,v 1.3 2000/07/24 04:31:17 assar Exp $ */
+
+#ifndef __kadm5_privatex_h__
+#define __kadm5_privatex_h__
+
+kadm5_ret_t _kadm5_privs_to_string (u_int32_t, char*, size_t);
+
+kadm5_ret_t _kadm5_string_to_privs (const char*, u_int32_t*);
+
+HDB *_kadm5_s_get_db (void *);
+
+kadm5_ret_t
+_kadm5_acl_check_permission __P((
+ kadm5_server_context *context,
+ unsigned op,
+ krb5_const_principal princ));
+
+kadm5_ret_t
+_kadm5_acl_init __P((kadm5_server_context *context));
+
+kadm5_ret_t
+_kadm5_c_init_context __P((
+ kadm5_client_context **ctx,
+ kadm5_config_params *params,
+ krb5_context context));
+
+kadm5_ret_t
+_kadm5_client_recv __P((
+ kadm5_client_context *context,
+ krb5_data *reply));
+
+kadm5_ret_t
+_kadm5_client_send __P((
+ kadm5_client_context *context,
+ krb5_storage *sp));
+
+kadm5_ret_t
+_kadm5_connect __P((void*));
+
+kadm5_ret_t
+_kadm5_error_code __P((kadm5_ret_t code));
+
+kadm5_ret_t
+_kadm5_s_init_context __P((
+ kadm5_server_context **ctx,
+ kadm5_config_params *params,
+ krb5_context context));
+
+kadm5_ret_t
+_kadm5_set_keys __P((
+ kadm5_server_context *context,
+ hdb_entry *ent,
+ const char *password));
+
+kadm5_ret_t
+_kadm5_set_keys2 __P((
+ kadm5_server_context *context,
+ hdb_entry *ent,
+ int16_t n_key_data,
+ krb5_key_data *key_data));
+
+kadm5_ret_t
+_kadm5_set_keys3 __P((
+ kadm5_server_context *context,
+ hdb_entry *ent,
+ int n_keys,
+ krb5_keyblock *keyblocks));
+
+kadm5_ret_t
+_kadm5_set_keys_randomly __P((kadm5_server_context *context,
+ hdb_entry *ent,
+ krb5_keyblock **new_keys,
+ int *n_keys));
+
+kadm5_ret_t
+_kadm5_set_modifier __P((
+ kadm5_server_context *context,
+ hdb_entry *ent));
+
+kadm5_ret_t
+_kadm5_bump_pw_expire __P((kadm5_server_context *context,
+ hdb_entry *ent));
+
+kadm5_ret_t
+_kadm5_setup_entry __P((
+ kadm5_server_context *context,
+ hdb_entry *ent,
+ u_int32_t mask,
+ kadm5_principal_ent_t princ,
+ u_int32_t princ_mask,
+ kadm5_principal_ent_t def,
+ u_int32_t def_mask));
+
+kadm5_ret_t
+kadm5_log_get_version_fd (int fd, u_int32_t *ver);
+
+kadm5_ret_t
+kadm5_log_get_version (kadm5_server_context *context, u_int32_t *ver);
+
+kadm5_ret_t
+kadm5_log_set_version (kadm5_server_context *context, u_int32_t vno);
+
+kadm5_ret_t
+kadm5_log_init (kadm5_server_context *context);
+
+kadm5_ret_t
+kadm5_log_reinit (kadm5_server_context *context);
+
+kadm5_ret_t
+kadm5_log_create (kadm5_server_context *context,
+ hdb_entry *ent);
+
+kadm5_ret_t
+kadm5_log_delete (kadm5_server_context *context,
+ krb5_principal princ);
+
+kadm5_ret_t
+kadm5_log_rename (kadm5_server_context *context,
+ krb5_principal source,
+ hdb_entry *ent);
+
+kadm5_ret_t
+kadm5_log_modify (kadm5_server_context *context,
+ hdb_entry *ent,
+ u_int32_t mask);
+
+kadm5_ret_t
+kadm5_log_nop (kadm5_server_context *context);
+
+kadm5_ret_t
+kadm5_log_end (kadm5_server_context *context);
+
+kadm5_ret_t
+kadm5_log_foreach (kadm5_server_context *context,
+ void (*func)(kadm5_server_context *server_context,
+ u_int32_t ver,
+ time_t timestamp,
+ enum kadm_ops op,
+ u_int32_t len,
+ krb5_storage *sp));
+
+kadm5_ret_t
+kadm5_log_replay_create (kadm5_server_context *context,
+ u_int32_t ver,
+ u_int32_t len,
+ krb5_storage *sp);
+
+kadm5_ret_t
+kadm5_log_replay_delete (kadm5_server_context *context,
+ u_int32_t ver,
+ u_int32_t len,
+ krb5_storage *sp);
+
+kadm5_ret_t
+kadm5_log_replay_rename (kadm5_server_context *context,
+ u_int32_t ver,
+ u_int32_t len,
+ krb5_storage *sp);
+
+kadm5_ret_t
+kadm5_log_replay_modify (kadm5_server_context *context,
+ u_int32_t ver,
+ u_int32_t len,
+ krb5_storage *sp);
+
+kadm5_ret_t
+kadm5_log_replay_nop (kadm5_server_context *context,
+ u_int32_t ver,
+ u_int32_t len,
+ krb5_storage *sp);
+
+kadm5_ret_t
+kadm5_log_replay (kadm5_server_context *context,
+ enum kadm_ops op,
+ u_int32_t ver,
+ u_int32_t len,
+ krb5_storage *sp);
+
+krb5_storage *
+kadm5_log_goto_end (int fd);
+
+kadm5_ret_t
+kadm5_log_previous (krb5_storage *sp,
+ u_int32_t *ver,
+ time_t *timestamp,
+ enum kadm_ops *op,
+ u_int32_t *len);
+
+kadm5_ret_t
+kadm5_log_truncate (kadm5_server_context *server_context);
+
+kadm5_ret_t
+_kadm5_marshal_params __P((krb5_context context,
+ kadm5_config_params *params,
+ krb5_data *out));
+
+kadm5_ret_t
+_kadm5_unmarshal_params __P((krb5_context context,
+ krb5_data *in,
+ kadm5_config_params *params));
+
+void
+_kadm5_free_keys (kadm5_server_context *context,
+ int len, Key *keys);
+
+void
+_kadm5_init_keys (Key *keys, int len);
+
+int
+_kadm5_cmp_keys(Key *keys1, int len1, Key *keys2, int len2);
+
+#endif /* __kadm5_privatex_h__ */
diff --git a/crypto/heimdal/lib/kadm5/kadm5-protos.h b/crypto/heimdal/lib/kadm5/kadm5-protos.h
new file mode 100644
index 000000000000..070492bb4a57
--- /dev/null
+++ b/crypto/heimdal/lib/kadm5/kadm5-protos.h
@@ -0,0 +1,516 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: kadm5-protos.h,v 1.2 2000/07/22 05:52:01 assar Exp $ */
+
+#ifndef __kadm5_protos_h__
+#define __kadm5_protos_h__
+
+kadm5_ret_t
+kadm5_c_chpass_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ char *password));
+
+kadm5_ret_t
+kadm5_c_chpass_principal_with_key __P((
+ void *server_handle,
+ krb5_principal princ,
+ int n_key_data,
+ krb5_key_data *key_data));
+
+kadm5_ret_t
+kadm5_c_create_principal __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask,
+ char *password));
+
+kadm5_ret_t
+kadm5_c_delete_principal __P((
+ void *server_handle,
+ krb5_principal princ));
+
+kadm5_ret_t
+kadm5_c_destroy __P((void *server_handle));
+
+kadm5_ret_t
+kadm5_c_flush __P((void *server_handle));
+
+kadm5_ret_t
+kadm5_c_get_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ kadm5_principal_ent_t out,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_c_get_principals __P((
+ void *server_handle,
+ const char *exp,
+ char ***princs,
+ int *count));
+
+kadm5_ret_t
+kadm5_c_get_privs __P((
+ void *server_handle,
+ u_int32_t *privs));
+
+kadm5_ret_t
+kadm5_c_init_with_creds __P((
+ const char *client_name,
+ krb5_ccache ccache,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_c_init_with_creds_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ krb5_ccache ccache,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_c_init_with_password __P((
+ const char *client_name,
+ const char *password,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_c_init_with_password_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ const char *password,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_c_init_with_skey __P((
+ const char *client_name,
+ const char *keytab,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_c_init_with_skey_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ const char *keytab,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_c_modify_principal __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_c_randkey_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ krb5_keyblock **new_keys,
+ int *n_keys));
+
+kadm5_ret_t
+kadm5_c_rename_principal __P((
+ void *server_handle,
+ krb5_principal source,
+ krb5_principal target));
+
+kadm5_ret_t
+kadm5_chpass_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ char *password));
+
+kadm5_ret_t
+kadm5_chpass_principal_with_key __P((
+ void *server_handle,
+ krb5_principal princ,
+ int n_key_data,
+ krb5_key_data *key_data));
+
+kadm5_ret_t
+kadm5_create_principal __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask,
+ char *password));
+
+kadm5_ret_t
+kadm5_delete_principal __P((
+ void *server_handle,
+ krb5_principal princ));
+
+kadm5_ret_t
+kadm5_destroy __P((void *server_handle));
+
+kadm5_ret_t
+kadm5_flush __P((void *server_handle));
+
+void
+kadm5_free_key_data __P((
+ void *server_handle,
+ int16_t *n_key_data,
+ krb5_key_data *key_data));
+
+void
+kadm5_free_name_list __P((
+ void *server_handle,
+ char **names,
+ int *count));
+
+void
+kadm5_free_principal_ent __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ));
+
+kadm5_ret_t
+kadm5_get_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ kadm5_principal_ent_t out,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_get_principals __P((
+ void *server_handle,
+ const char *exp,
+ char ***princs,
+ int *count));
+
+kadm5_ret_t
+kadm5_get_privs __P((
+ void *server_handle,
+ u_int32_t *privs));
+
+kadm5_ret_t
+kadm5_init_with_creds __P((
+ const char *client_name,
+ krb5_ccache ccache,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_init_with_creds_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ krb5_ccache ccache,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_init_with_password __P((
+ const char *client_name,
+ const char *password,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_init_with_password_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ const char *password,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_init_with_skey __P((
+ const char *client_name,
+ const char *keytab,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_init_with_skey_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ const char *keytab,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_modify_principal __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_randkey_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ krb5_keyblock **new_keys,
+ int *n_keys));
+
+kadm5_ret_t
+kadm5_rename_principal __P((
+ void *server_handle,
+ krb5_principal source,
+ krb5_principal target));
+
+kadm5_ret_t
+kadm5_ret_key_data __P((
+ krb5_storage *sp,
+ krb5_key_data *key));
+
+kadm5_ret_t
+kadm5_ret_principal_ent __P((
+ krb5_storage *sp,
+ kadm5_principal_ent_t princ));
+
+kadm5_ret_t
+kadm5_ret_principal_ent_mask __P((
+ krb5_storage *sp,
+ kadm5_principal_ent_t princ,
+ u_int32_t *mask));
+
+kadm5_ret_t
+kadm5_ret_tl_data __P((
+ krb5_storage *sp,
+ krb5_tl_data *tl));
+
+kadm5_ret_t
+kadm5_s_chpass_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ char *password));
+
+kadm5_ret_t
+kadm5_s_chpass_principal_cond __P((
+ void *server_handle,
+ krb5_principal princ,
+ char *password));
+
+kadm5_ret_t
+kadm5_s_chpass_principal_with_key __P((
+ void *server_handle,
+ krb5_principal princ,
+ int n_key_data,
+ krb5_key_data *key_data));
+
+kadm5_ret_t
+kadm5_s_create_principal __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask,
+ char *password));
+
+kadm5_ret_t
+kadm5_s_create_principal_with_key __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_s_delete_principal __P((
+ void *server_handle,
+ krb5_principal princ));
+
+kadm5_ret_t
+kadm5_s_destroy __P((void *server_handle));
+
+kadm5_ret_t
+kadm5_s_flush __P((void *server_handle));
+
+kadm5_ret_t
+kadm5_s_get_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ kadm5_principal_ent_t out,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_s_get_principals __P((
+ void *server_handle,
+ const char *exp,
+ char ***princs,
+ int *count));
+
+kadm5_ret_t
+kadm5_s_get_privs __P((
+ void *server_handle,
+ u_int32_t *privs));
+
+kadm5_ret_t
+kadm5_s_init_with_creds __P((
+ const char *client_name,
+ krb5_ccache ccache,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_s_init_with_creds_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ krb5_ccache ccache,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_s_init_with_password __P((
+ const char *client_name,
+ const char *password,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_s_init_with_password_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ const char *password,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_s_init_with_skey __P((
+ const char *client_name,
+ const char *keytab,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_s_init_with_skey_ctx __P((
+ krb5_context context,
+ const char *client_name,
+ const char *keytab,
+ const char *service_name,
+ kadm5_config_params *realm_params,
+ unsigned long struct_version,
+ unsigned long api_version,
+ void **server_handle));
+
+kadm5_ret_t
+kadm5_s_modify_principal __P((
+ void *server_handle,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_s_randkey_principal __P((
+ void *server_handle,
+ krb5_principal princ,
+ krb5_keyblock **new_keys,
+ int *n_keys));
+
+kadm5_ret_t
+kadm5_s_rename_principal __P((
+ void *server_handle,
+ krb5_principal source,
+ krb5_principal target));
+
+kadm5_ret_t
+kadm5_store_key_data __P((
+ krb5_storage *sp,
+ krb5_key_data *key));
+
+kadm5_ret_t
+kadm5_store_principal_ent __P((
+ krb5_storage *sp,
+ kadm5_principal_ent_t princ));
+
+kadm5_ret_t
+kadm5_store_principal_ent_mask __P((
+ krb5_storage *sp,
+ kadm5_principal_ent_t princ,
+ u_int32_t mask));
+
+kadm5_ret_t
+kadm5_store_tl_data __P((
+ krb5_storage *sp,
+ krb5_tl_data *tl));
+
+void
+kadm5_setup_passwd_quality_check(krb5_context context,
+ const char *check_library,
+ const char *check_function);
+
+const char *
+kadm5_check_password_quality (krb5_context context,
+ krb5_principal principal,
+ krb5_data *pwd_data);
+
+#endif /* __kadm5_protos_h__ */
diff --git a/crypto/heimdal/lib/kadm5/kadm5_locl.h b/crypto/heimdal/lib/kadm5/kadm5_locl.h
index 9344a2c13bad..6f634ed8c02b 100644
--- a/crypto/heimdal/lib/kadm5/kadm5_locl.h
+++ b/crypto/heimdal/lib/kadm5/kadm5_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: kadm5_locl.h,v 1.21 1999/12/02 17:05:06 joda Exp $ */
+/* $Id: kadm5_locl.h,v 1.23 2000/07/08 11:57:40 assar Exp $ */
#ifndef __KADM5_LOCL_H__
#define __KADM5_LOCL_H__
@@ -45,6 +45,7 @@
#include <string.h>
#include <errno.h>
#include <assert.h>
+#include <limits.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
@@ -76,6 +77,7 @@
#include "admin.h"
#include "kadm5_err.h"
#include <hdb.h>
+#include <der.h>
#include <roken.h>
#include <parse_units.h>
#include "private.h"
diff --git a/crypto/heimdal/lib/kadm5/keys.c b/crypto/heimdal/lib/kadm5/keys.c
new file mode 100644
index 000000000000..3ae21abb4761
--- /dev/null
+++ b/crypto/heimdal/lib/kadm5/keys.c
@@ -0,0 +1,112 @@
+/*
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "kadm5_locl.h"
+
+RCSID("$Id: keys.c,v 1.1 2000/07/22 05:53:02 assar Exp $");
+
+/*
+ * free all the memory used by (len, keys)
+ */
+
+void
+_kadm5_free_keys (kadm5_server_context *context,
+ int len, Key *keys)
+{
+ int i;
+
+ for (i = 0; i < len; ++i) {
+ free (keys[i].mkvno);
+ keys[i].mkvno = NULL;
+ if (keys[i].salt != NULL) {
+ free_Salt(keys[i].salt);
+ free(keys[i].salt);
+ keys[i].salt = NULL;
+ }
+ krb5_free_keyblock_contents(context->context, &keys[i].key);
+ }
+ free (keys);
+}
+
+/*
+ * null-ify `len', `keys'
+ */
+
+void
+_kadm5_init_keys (Key *keys, int len)
+{
+ int i;
+
+ for (i = 0; i < len; ++i) {
+ keys[i].mkvno = NULL;
+ keys[i].salt = NULL;
+ keys[i].key.keyvalue.length = 0;
+ keys[i].key.keyvalue.data = NULL;
+ }
+}
+
+/*
+ * return 0 iff `keys1, len1' and `keys2, len2' are identical
+ */
+
+int
+_kadm5_cmp_keys(Key *keys1, int len1, Key *keys2, int len2)
+{
+ int i;
+
+ if (len1 != len2)
+ return 1;
+
+ for (i = 0; i < len1; ++i) {
+ if ((keys1[i].salt != NULL && keys2[i].salt == NULL)
+ || (keys1[i].salt == NULL && keys2[i].salt != NULL))
+ return 1;
+ if (keys1[i].salt != NULL) {
+ if (keys1[i].salt->type != keys2[i].salt->type)
+ return 1;
+ if (keys1[i].salt->salt.length != keys2[i].salt->salt.length)
+ return 1;
+ if (memcmp (keys1[i].salt->salt.data, keys2[i].salt->salt.data,
+ keys1[i].salt->salt.length) != 0)
+ return 1;
+ }
+ if (keys1[i].key.keytype != keys2[i].key.keytype)
+ return 1;
+ if (keys1[i].key.keyvalue.length != keys2[i].key.keyvalue.length)
+ return 1;
+ if (memcmp (keys1[i].key.keyvalue.data, keys2[i].key.keyvalue.data,
+ keys1[i].key.keyvalue.length) != 0)
+ return 1;
+ }
+ return 0;
+}
diff --git a/crypto/heimdal/lib/kadm5/log.c b/crypto/heimdal/lib/kadm5/log.c
index e9dc38ce3934..875f749daca9 100644
--- a/crypto/heimdal/lib/kadm5/log.c
+++ b/crypto/heimdal/lib/kadm5/log.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: log.c,v 1.13 1999/12/04 19:50:35 assar Exp $");
+RCSID("$Id: log.c,v 1.18 2000/07/24 04:32:17 assar Exp $");
/*
* A log record consists of:
@@ -49,8 +49,8 @@ RCSID("$Id: log.c,v 1.13 1999/12/04 19:50:35 assar Exp $");
*/
kadm5_ret_t
-kadm5_log_get_version (int fd,
- u_int32_t *ver)
+kadm5_log_get_version_fd (int fd,
+ u_int32_t *ver)
{
int ret;
krb5_storage *sp;
@@ -73,6 +73,21 @@ kadm5_log_get_version (int fd,
}
kadm5_ret_t
+kadm5_log_get_version (kadm5_server_context *context, u_int32_t *ver)
+{
+ return kadm5_log_get_version_fd (context->log_context.log_fd, ver);
+}
+
+kadm5_ret_t
+kadm5_log_set_version (kadm5_server_context *context, u_int32_t vno)
+{
+ kadm5_log_context *log_context = &context->log_context;
+
+ log_context->version = vno;
+ return 0;
+}
+
+kadm5_ret_t
kadm5_log_init (kadm5_server_context *context)
{
int fd;
@@ -89,7 +104,7 @@ kadm5_log_init (kadm5_server_context *context)
return errno;
}
- ret = kadm5_log_get_version (fd, &log_context->version);
+ ret = kadm5_log_get_version_fd (fd, &log_context->version);
if (ret)
return ret;
@@ -98,6 +113,30 @@ kadm5_log_init (kadm5_server_context *context)
}
kadm5_ret_t
+kadm5_log_reinit (kadm5_server_context *context)
+{
+ int fd;
+ kadm5_log_context *log_context = &context->log_context;
+
+ if (log_context->log_fd != -1) {
+ close (log_context->log_fd);
+ log_context->log_fd = -1;
+ }
+ fd = open (log_context->log_file, O_RDWR | O_CREAT | O_TRUNC, 0600);
+ if (fd < 0)
+ return errno;
+ if (flock (fd, LOCK_EX) < 0) {
+ close (fd);
+ return errno;
+ }
+
+ log_context->version = 0;
+ log_context->log_fd = fd;
+ return 0;
+}
+
+
+kadm5_ret_t
kadm5_log_end (kadm5_server_context *context)
{
kadm5_log_context *log_context = &context->log_context;
@@ -483,14 +522,22 @@ kadm5_log_replay_modify (kadm5_server_context *context,
if (ret)
return ret;
if (mask & KADM5_PRINC_EXPIRE_TIME) {
- if (ent.valid_end == NULL)
- ent.valid_end = malloc(sizeof(*ent.valid_end));
- *ent.valid_end = *log_ent.valid_end;
+ if (log_ent.valid_end == NULL) {
+ ent.valid_end = NULL;
+ } else {
+ if (ent.valid_end == NULL)
+ ent.valid_end = malloc(sizeof(*ent.valid_end));
+ *ent.valid_end = *log_ent.valid_end;
+ }
}
if (mask & KADM5_PW_EXPIRATION) {
- if (ent.pw_end == NULL)
- ent.pw_end = malloc(sizeof(*ent.pw_end));
- *ent.pw_end = *log_ent.pw_end;
+ if (log_ent.pw_end == NULL) {
+ ent.pw_end = NULL;
+ } else {
+ if (ent.pw_end == NULL)
+ ent.pw_end = malloc(sizeof(*ent.pw_end));
+ *ent.pw_end = *log_ent.pw_end;
+ }
}
if (mask & KADM5_LAST_PWD_CHANGE) {
abort (); /* XXX */
@@ -499,9 +546,13 @@ kadm5_log_replay_modify (kadm5_server_context *context,
ent.flags = log_ent.flags;
}
if (mask & KADM5_MAX_LIFE) {
- if (ent.max_life == NULL)
- ent.max_life = malloc (sizeof(*ent.max_life));
- *ent.max_life = *log_ent.max_life;
+ if (log_ent.max_life == NULL) {
+ ent.max_life = NULL;
+ } else {
+ if (ent.max_life == NULL)
+ ent.max_life = malloc (sizeof(*ent.max_life));
+ *ent.max_life = *log_ent.max_life;
+ }
}
if ((mask & KADM5_MOD_TIME) && (mask & KADM5_MOD_NAME)) {
if (ent.modified_by == NULL) {
@@ -526,9 +577,13 @@ kadm5_log_replay_modify (kadm5_server_context *context,
abort (); /* XXX */
}
if (mask & KADM5_MAX_RLIFE) {
- if (ent.max_renew == NULL)
- ent.max_renew = malloc (sizeof(*ent.max_renew));
- *ent.max_renew = *log_ent.max_renew;
+ if (log_ent.max_renew == NULL) {
+ ent.max_renew = NULL;
+ } else {
+ if (ent.max_renew == NULL)
+ ent.max_renew = malloc (sizeof(*ent.max_renew));
+ *ent.max_renew = *log_ent.max_renew;
+ }
}
if (mask & KADM5_LAST_SUCCESS) {
abort (); /* XXX */
@@ -563,6 +618,51 @@ kadm5_log_replay_modify (kadm5_server_context *context,
}
/*
+ * Add a `nop' operation to the log.
+ */
+
+kadm5_ret_t
+kadm5_log_nop (kadm5_server_context *context)
+{
+ krb5_storage *sp;
+ kadm5_ret_t ret;
+ kadm5_log_context *log_context = &context->log_context;
+
+ sp = krb5_storage_emem();
+ ret = kadm5_log_preamble (context, sp, kadm_nop);
+ if (ret) {
+ krb5_storage_free (sp);
+ return ret;
+ }
+ krb5_store_int32 (sp, 0);
+ krb5_store_int32 (sp, 0);
+ ret = kadm5_log_postamble (log_context, sp);
+ if (ret) {
+ krb5_storage_free (sp);
+ return ret;
+ }
+ ret = kadm5_log_flush (log_context, sp);
+ krb5_storage_free (sp);
+ if (ret)
+ return ret;
+ ret = kadm5_log_end (context);
+ return ret;
+}
+
+/*
+ * Read a `nop' log operation from `sp' and apply it.
+ */
+
+kadm5_ret_t
+kadm5_log_replay_nop (kadm5_server_context *context,
+ u_int32_t ver,
+ u_int32_t len,
+ krb5_storage *sp)
+{
+ return 0;
+}
+
+/*
* Call `func' for each log record in the log in `context'
*/
@@ -660,7 +760,46 @@ kadm5_log_replay (kadm5_server_context *context,
return kadm5_log_replay_rename (context, ver, len, sp);
case kadm_modify :
return kadm5_log_replay_modify (context, ver, len, sp);
+ case kadm_nop :
+ return kadm5_log_replay_nop (context, ver, len, sp);
default :
return KADM5_FAILURE;
}
}
+
+/*
+ * truncate the log - i.e. create an empty file with just (nop vno + 2)
+ */
+
+kadm5_ret_t
+kadm5_log_truncate (kadm5_server_context *server_context)
+{
+ kadm5_ret_t ret;
+ u_int32_t vno;
+
+ ret = kadm5_log_init (server_context);
+ if (ret)
+ return ret;
+
+ ret = kadm5_log_get_version (server_context, &vno);
+ if (ret)
+ return ret;
+
+ ret = kadm5_log_reinit (server_context);
+ if (ret)
+ return ret;
+
+ ret = kadm5_log_set_version (server_context, vno + 1);
+ if (ret)
+ return ret;
+
+ ret = kadm5_log_nop (server_context);
+ if (ret)
+ return ret;
+
+ ret = kadm5_log_end (server_context);
+ if (ret)
+ return ret;
+ return 0;
+
+}
diff --git a/crypto/heimdal/lib/kadm5/modify_c.c b/crypto/heimdal/lib/kadm5/modify_c.c
index 2a64ccc98484..8d8ca56bb268 100644
--- a/crypto/heimdal/lib/kadm5/modify_c.c
+++ b/crypto/heimdal/lib/kadm5/modify_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: modify_c.c,v 1.3 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: modify_c.c,v 1.4 2000/07/11 15:59:46 joda Exp $");
kadm5_ret_t
kadm5_c_modify_principal(void *server_handle,
@@ -47,6 +47,10 @@ kadm5_c_modify_principal(void *server_handle,
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/modify_s.c b/crypto/heimdal/lib/kadm5/modify_s.c
index 4157202fcd12..8c595a957bef 100644
--- a/crypto/heimdal/lib/kadm5/modify_s.c
+++ b/crypto/heimdal/lib/kadm5/modify_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: modify_s.c,v 1.9 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: modify_s.c,v 1.12 2001/01/30 01:24:28 assar Exp $");
static kadm5_ret_t
modify_principal(void *server_handle,
@@ -56,14 +56,16 @@ modify_principal(void *server_handle,
ret = context->db->fetch(context->context, context->db, 0, &ent);
if(ret)
goto out;
- ret = _kadm5_setup_entry(&ent, mask, princ, mask, NULL, 0);
+ ret = _kadm5_setup_entry(context, &ent, mask, princ, mask, NULL, 0);
if(ret)
goto out2;
ret = _kadm5_set_modifier(context, &ent);
if(ret)
goto out2;
- hdb_seal_keys(context->db, &ent);
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret)
+ goto out2;
kadm5_log_modify (context,
&ent,
diff --git a/crypto/heimdal/lib/kadm5/password_quality.c b/crypto/heimdal/lib/kadm5/password_quality.c
index 86d35f36628b..bc1463fed9f7 100644
--- a/crypto/heimdal/lib/kadm5/password_quality.c
+++ b/crypto/heimdal/lib/kadm5/password_quality.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: password_quality.c,v 1.3 1999/12/02 17:05:06 joda Exp $");
+RCSID("$Id: password_quality.c,v 1.4 2000/07/05 13:14:45 joda Exp $");
#ifdef HAVE_DLFCN_H
#include <dlfcn.h>
@@ -57,8 +57,6 @@ typedef const char* (*passwd_quality_check_func)(krb5_context,
static passwd_quality_check_func passwd_quality_check = simple_passwd_quality;
#ifdef HAVE_DLOPEN
-extern const char *check_library;
-extern const char *check_function;
#define PASSWD_VERSION 0
diff --git a/crypto/heimdal/lib/kadm5/private.h b/crypto/heimdal/lib/kadm5/private.h
index e56a0f5cb1f0..bcdf3630c346 100644
--- a/crypto/heimdal/lib/kadm5/private.h
+++ b/crypto/heimdal/lib/kadm5/private.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: private.h,v 1.10 1999/12/04 23:09:34 assar Exp $ */
+/* $Id: private.h,v 1.14 2000/07/11 15:58:57 joda Exp $ */
#ifndef __kadm5_private_h__
#define __kadm5_private_h__
@@ -51,6 +51,8 @@ struct kadm_func {
kadm5_ret_t (*randkey_principal) (void*, krb5_principal,
krb5_keyblock**, int*);
kadm5_ret_t (*rename_principal) (void*, krb5_principal, krb5_principal);
+ kadm5_ret_t (*chpass_principal_with_key) (void *, krb5_principal,
+ int, krb5_key_data *);
};
/* XXX should be integrated */
@@ -86,7 +88,7 @@ typedef struct kadm5_server_context {
krb5_principal caller;
unsigned acl_flags;
kadm5_log_context log_context;
-}kadm5_server_context;
+} kadm5_server_context;
typedef struct kadm5_client_context {
krb5_context context;
@@ -98,6 +100,12 @@ typedef struct kadm5_client_context {
char *admin_server;
int kadmind_port;
int sock;
+ char *client_name;
+ char *service_name;
+ krb5_prompter_fct prompter;
+ const char *keytab;
+ krb5_ccache ccache;
+ kadm5_config_params *realm_params;
}kadm5_client_context;
enum kadm_ops {
@@ -109,7 +117,9 @@ enum kadm_ops {
kadm_modify,
kadm_randkey,
kadm_get_privs,
- kadm_get_princs
+ kadm_get_princs,
+ kadm_chpass_with_key,
+ kadm_nop
};
#define KADMIN_APPL_VERSION "KADM0.1"
@@ -117,165 +127,6 @@ enum kadm_ops {
#define KADM5_LOG_SIGNAL HDB_DB_DIR "/signal"
-kadm5_ret_t _kadm5_privs_to_string (u_int32_t, char*, size_t);
-
-kadm5_ret_t _kadm5_string_to_privs (const char*, u_int32_t*);
-
-HDB *_kadm5_s_get_db (void *);
-
-kadm5_ret_t
-_kadm5_acl_check_permission __P((
- kadm5_server_context *context,
- unsigned op));
-
-kadm5_ret_t
-_kadm5_acl_init __P((kadm5_server_context *context));
-
-kadm5_ret_t
-_kadm5_c_init_context __P((
- kadm5_client_context **ctx,
- kadm5_config_params *params,
- krb5_context context));
-
-kadm5_ret_t
-_kadm5_client_recv __P((
- kadm5_client_context *context,
- krb5_data *reply));
-
-kadm5_ret_t
-_kadm5_client_send __P((
- kadm5_client_context *context,
- krb5_storage *sp));
-
-kadm5_ret_t
-_kadm5_error_code __P((kadm5_ret_t code));
-
-kadm5_ret_t
-_kadm5_s_init_context __P((
- kadm5_server_context **ctx,
- kadm5_config_params *params,
- krb5_context context));
-
-kadm5_ret_t
-_kadm5_set_keys __P((
- kadm5_server_context *context,
- hdb_entry *ent,
- const char *password));
-
-kadm5_ret_t
-_kadm5_set_keys2 __P((
- hdb_entry *ent,
- int16_t n_key_data,
- krb5_key_data *key_data));
-
-kadm5_ret_t
-_kadm5_set_keys_randomly __P((kadm5_server_context *context,
- hdb_entry *ent,
- krb5_keyblock **new_keys,
- int *n_keys));
-
-kadm5_ret_t
-_kadm5_set_modifier __P((
- kadm5_server_context *context,
- hdb_entry *ent));
-
-kadm5_ret_t
-_kadm5_setup_entry __P((
- hdb_entry *ent,
- u_int32_t mask,
- kadm5_principal_ent_t princ,
- u_int32_t princ_mask,
- kadm5_principal_ent_t def,
- u_int32_t def_mask));
-
-kadm5_ret_t
-kadm5_log_get_version (int fd,
- u_int32_t *ver);
-
-kadm5_ret_t
-kadm5_log_init (kadm5_server_context *context);
-
-kadm5_ret_t
-kadm5_log_create (kadm5_server_context *context,
- hdb_entry *ent);
-
-kadm5_ret_t
-kadm5_log_delete (kadm5_server_context *context,
- krb5_principal princ);
-
-kadm5_ret_t
-kadm5_log_rename (kadm5_server_context *context,
- krb5_principal source,
- hdb_entry *ent);
-
-kadm5_ret_t
-kadm5_log_modify (kadm5_server_context *context,
- hdb_entry *ent,
- u_int32_t mask);
-
-kadm5_ret_t
-kadm5_log_end (kadm5_server_context *context);
-
-kadm5_ret_t
-kadm5_log_foreach (kadm5_server_context *context,
- void (*func)(kadm5_server_context *server_context,
- u_int32_t ver,
- time_t timestamp,
- enum kadm_ops op,
- u_int32_t len,
- krb5_storage *sp));
-
-kadm5_ret_t
-kadm5_log_replay_create (kadm5_server_context *context,
- u_int32_t ver,
- u_int32_t len,
- krb5_storage *sp);
-
-kadm5_ret_t
-kadm5_log_replay_delete (kadm5_server_context *context,
- u_int32_t ver,
- u_int32_t len,
- krb5_storage *sp);
-
-kadm5_ret_t
-kadm5_log_replay_rename (kadm5_server_context *context,
- u_int32_t ver,
- u_int32_t len,
- krb5_storage *sp);
-
-kadm5_ret_t
-kadm5_log_replay_modify (kadm5_server_context *context,
- u_int32_t ver,
- u_int32_t len,
- krb5_storage *sp);
-
-kadm5_ret_t
-kadm5_log_replay (kadm5_server_context *context,
- enum kadm_ops op,
- u_int32_t ver,
- u_int32_t len,
- krb5_storage *sp);
-
-krb5_storage *
-kadm5_log_goto_end (int fd);
-
-kadm5_ret_t
-kadm5_log_previous (krb5_storage *sp,
- u_int32_t *ver,
- time_t *timestamp,
- enum kadm_ops *op,
- u_int32_t *len);
-
-kadm5_ret_t
-_kadm5_marshal_params __P((krb5_context context,
- kadm5_config_params *params,
- krb5_data *out));
-
-kadm5_ret_t
-_kadm5_unmarshal_params __P((krb5_context context,
- krb5_data *in,
- kadm5_config_params *params));
-
-
+#include "kadm5-private.h"
#endif /* __kadm5_private_h__ */
diff --git a/crypto/heimdal/lib/kadm5/privs_c.c b/crypto/heimdal/lib/kadm5/privs_c.c
index 25d49761cdd0..83d293cfbf4e 100644
--- a/crypto/heimdal/lib/kadm5/privs_c.c
+++ b/crypto/heimdal/lib/kadm5/privs_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: privs_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: privs_c.c,v 1.4 2000/07/11 15:59:54 joda Exp $");
kadm5_ret_t
kadm5_c_get_privs(void *server_handle, u_int32_t *privs)
@@ -45,6 +45,10 @@ kadm5_c_get_privs(void *server_handle, u_int32_t *privs)
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/randkey_c.c b/crypto/heimdal/lib/kadm5/randkey_c.c
index 7531b6e9f096..eedf697906dd 100644
--- a/crypto/heimdal/lib/kadm5/randkey_c.c
+++ b/crypto/heimdal/lib/kadm5/randkey_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: randkey_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: randkey_c.c,v 1.4 2000/07/11 16:00:02 joda Exp $");
kadm5_ret_t
kadm5_c_randkey_principal(void *server_handle,
@@ -48,6 +48,10 @@ kadm5_c_randkey_principal(void *server_handle,
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/randkey_s.c b/crypto/heimdal/lib/kadm5/randkey_s.c
index 25c857174501..9780b111310f 100644
--- a/crypto/heimdal/lib/kadm5/randkey_s.c
+++ b/crypto/heimdal/lib/kadm5/randkey_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: randkey_s.c,v 1.10 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: randkey_s.c,v 1.13 2001/01/30 01:24:28 assar Exp $");
/*
* Set the keys of `princ' to random values, returning the random keys
@@ -68,13 +68,18 @@ kadm5_s_randkey_principal(void *server_handle,
ret = _kadm5_set_modifier(context, &ent);
if(ret)
goto out3;
+ ret = _kadm5_bump_pw_expire(context, &ent);
+ if (ret)
+ goto out2;
- hdb_seal_keys(context->db, &ent);
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret)
+ goto out2;
kadm5_log_modify (context,
&ent,
KADM5_PRINCIPAL | KADM5_MOD_NAME | KADM5_MOD_TIME |
- KADM5_KEY_DATA | KADM5_KVNO);
+ KADM5_KEY_DATA | KADM5_KVNO | KADM5_PW_EXPIRATION);
ret = context->db->store(context->context, context->db,
HDB_F_REPLACE, &ent);
diff --git a/crypto/heimdal/lib/kadm5/rename_c.c b/crypto/heimdal/lib/kadm5/rename_c.c
index d33e611dedd3..95ccf2503669 100644
--- a/crypto/heimdal/lib/kadm5/rename_c.c
+++ b/crypto/heimdal/lib/kadm5/rename_c.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: rename_c.c,v 1.3 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: rename_c.c,v 1.4 2000/07/11 16:00:08 joda Exp $");
kadm5_ret_t
kadm5_c_rename_principal(void *server_handle,
@@ -47,6 +47,10 @@ kadm5_c_rename_principal(void *server_handle,
int32_t tmp;
krb5_data reply;
+ ret = _kadm5_connect(server_handle);
+ if(ret)
+ return ret;
+
sp = krb5_storage_from_mem(buf, sizeof(buf));
if (sp == NULL)
return ENOMEM;
diff --git a/crypto/heimdal/lib/kadm5/rename_s.c b/crypto/heimdal/lib/kadm5/rename_s.c
index e7f9038baba0..a478e0acd92d 100644
--- a/crypto/heimdal/lib/kadm5/rename_s.c
+++ b/crypto/heimdal/lib/kadm5/rename_s.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: rename_s.c,v 1.9 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: rename_s.c,v 1.11 2001/01/30 01:24:29 assar Exp $");
kadm5_ret_t
kadm5_s_rename_principal(void *server_handle,
@@ -82,7 +82,11 @@ kadm5_s_rename_principal(void *server_handle,
ent2.principal = ent.principal;
ent.principal = target;
- hdb_seal_keys(context->db, &ent);
+ ret = hdb_seal_keys(context->context, context->db, &ent);
+ if (ret) {
+ ent.principal = ent2.principal;
+ goto out2;
+ }
kadm5_log_rename (context,
source,
diff --git a/crypto/heimdal/lib/kadm5/send_recv.c b/crypto/heimdal/lib/kadm5/send_recv.c
index 51f6972c12f3..796cd050c868 100644
--- a/crypto/heimdal/lib/kadm5/send_recv.c
+++ b/crypto/heimdal/lib/kadm5/send_recv.c
@@ -33,7 +33,7 @@
#include "kadm5_locl.h"
-RCSID("$Id: send_recv.c,v 1.7 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: send_recv.c,v 1.8 2000/07/11 16:00:58 joda Exp $");
kadm5_ret_t
_kadm5_client_send(kadm5_client_context *context, krb5_storage *sp)
@@ -43,6 +43,8 @@ _kadm5_client_send(kadm5_client_context *context, krb5_storage *sp)
size_t len;
krb5_storage *sock;
+ assert(context->sock != -1);
+
len = sp->seek(sp, 0, SEEK_CUR);
ret = krb5_data_alloc(&msg, len);
sp->seek(sp, 0, SEEK_SET);
diff --git a/crypto/heimdal/lib/kadm5/set_keys.c b/crypto/heimdal/lib/kadm5/set_keys.c
index e4d5d1a64878..f3f4e36a0e2d 100644
--- a/crypto/heimdal/lib/kadm5/set_keys.c
+++ b/crypto/heimdal/lib/kadm5/set_keys.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,173 +33,347 @@
#include "kadm5_locl.h"
-RCSID("$Id: set_keys.c,v 1.18 1999/12/04 23:11:01 assar Exp $");
+RCSID("$Id: set_keys.c,v 1.23 2000/11/15 23:13:30 assar Exp $");
/*
- * free all the memory used by (len, keys)
+ * the known and used DES enctypes
*/
-static void
-free_keys (kadm5_server_context *context,
- int len, Key *keys)
+static krb5_enctype des_types[] = { ETYPE_DES_CBC_CRC,
+ ETYPE_DES_CBC_MD4,
+ ETYPE_DES_CBC_MD5 };
+static unsigned n_des_types = sizeof(des_types) / sizeof(des_types[0]);
+
+static krb5_error_code
+make_keys(krb5_context context, krb5_principal principal, const char *password,
+ Key **keys_ret, size_t *num_keys_ret)
{
+ krb5_enctype all_etypes[] = { ETYPE_DES3_CBC_SHA1,
+ ETYPE_DES_CBC_MD5,
+ ETYPE_DES_CBC_MD4,
+ ETYPE_DES_CBC_CRC };
+
+
+ krb5_enctype e;
+
+ krb5_error_code ret = 0;
+ char **ktypes, **kp;
+
+ Key *keys = NULL, *tmp;
+ int num_keys = 0;
+ Key key;
+
int i;
+ char *v4_ktypes[] = {"des3:pw-salt", "v4", NULL};
+
+ ktypes = krb5_config_get_strings(context, NULL, "kadmin",
+ "default_keys", NULL);
+
+ /* for each entry in `default_keys' try to parse it as a sequence
+ of etype:salttype:salt, syntax of this if something like:
+ [(des|des3|etype):](pw|afs3)[:string], if etype is omitted it
+ means everything, and if string is omitted is means the default
+ string (for that principal). Additional special values:
+ v5 == pw-salt, and
+ v4 == pw-salt:
+ */
+
+ if (ktypes == NULL
+ && krb5_config_get_bool (context, NULL, "kadmin",
+ "use_v4_salt", NULL))
+ ktypes = v4_ktypes;
+
+ for(kp = ktypes; kp && *kp; kp++) {
+ krb5_enctype *etypes;
+ int num_etypes;
+ krb5_salt salt;
+ krb5_boolean salt_set;
+
+ const char *p;
+ char buf[3][256];
+ int num_buf = 0;
+
+ p = *kp;
+ if(strcmp(p, "v5") == 0)
+ p = "pw-salt";
+ else if(strcmp(p, "v4") == 0)
+ p = "des:pw-salt:";
+
+ /* split p in a list of :-separated strings */
+ for(num_buf = 0; num_buf < 3; num_buf++)
+ if(strsep_copy(&p, ":", buf[num_buf], sizeof(buf[num_buf])) == -1)
+ break;
+
+ etypes = NULL;
+ num_etypes = 0;
+ memset(&salt, 0, sizeof(salt));
+ salt_set = FALSE;
+
+ for(i = 0; i < num_buf; i++) {
+ if(etypes == NULL) {
+ /* this might be a etype specifier */
+ /* XXX there should be a string_to_etypes handling
+ special cases like `des' and `all' */
+ if(strcmp(buf[i], "des") == 0) {
+ etypes = all_etypes + 1;
+ num_etypes = 3;
+ continue;
+ } else if(strcmp(buf[i], "des3") == 0) {
+ e = ETYPE_DES3_CBC_SHA1;
+ etypes = &e;
+ num_etypes = 1;
+ continue;
+ } else {
+ ret = krb5_string_to_enctype(context, buf[i], &e);
+ if(ret == 0) {
+ etypes = &e;
+ num_etypes = 1;
+ continue;
+ }
+ }
+ }
+ if(salt.salttype == 0) {
+ /* interpret string as a salt specifier, if no etype
+ is set, this sets default values */
+ /* XXX should perhaps use string_to_salttype, but that
+ interface sucks */
+ if(strcmp(buf[i], "pw-salt") == 0) {
+ if(etypes == NULL) {
+ etypes = all_etypes;
+ num_etypes = 4;
+ }
+ salt.salttype = KRB5_PW_SALT;
+ } else if(strcmp(buf[i], "afs3-salt") == 0) {
+ if(etypes == NULL) {
+ etypes = all_etypes + 1;
+ num_etypes = 3;
+ }
+ salt.salttype = KRB5_AFS3_SALT;
+ }
+ } else {
+ /* if there is a final string, use it as the string to
+ salt with, this is mostly useful with null salt for
+ v4 compat, and a cell name for afs compat */
+ salt.saltvalue.data = buf[i];
+ salt.saltvalue.length = strlen(buf[i]);
+ salt_set = TRUE;
+ }
+ }
- for (i = 0; i < len; ++i) {
- free (keys[i].mkvno);
- keys[i].mkvno = NULL;
- if (keys[i].salt != NULL) {
- free_Salt(keys[i].salt);
- free(keys[i].salt);
- keys[i].salt = NULL;
+ if(etypes == NULL || salt.salttype == 0) {
+ krb5_warnx(context, "bad value for default_keys `%s'", *kp);
+ continue;
}
- krb5_free_keyblock_contents(context->context, &keys[i].key);
- }
- free (keys);
-}
-/*
- * null-ify `len', `keys'
- */
+ if(!salt_set && salt.salttype == KRB5_PW_SALT)
+ /* make up default salt */
+ ret = krb5_get_pw_salt(context, principal, &salt);
+ memset(&key, 0, sizeof(key));
+ for(i = 0; i < num_etypes; i++) {
+ ret = krb5_string_to_key_salt (context,
+ etypes[i],
+ password,
+ salt,
+ &key.key);
+
+ if(ret)
+ goto out;
-static void
-init_keys (Key *keys, int len)
-{
- int i;
+ if (salt.salttype != KRB5_PW_SALT || salt_set) {
+ key.salt = malloc (sizeof(*key.salt));
+ if (key.salt == NULL) {
+ free_Key(&key);
+ ret = ENOMEM;
+ goto out;
+ }
+ key.salt->type = salt.salttype;
+ krb5_data_zero (&key.salt->salt);
+
+ /* is the salt has not been set explicitly, it will be
+ the default salt, so there's no need to explicitly
+ copy it */
+ if (salt_set) {
+ ret = krb5_data_copy(&key.salt->salt,
+ salt.saltvalue.data,
+ salt.saltvalue.length);
+ if (ret) {
+ free_Key(&key);
+ goto out;
+ }
+ }
+ }
+ tmp = realloc(keys, (num_keys + 1) * sizeof(*keys));
+ if(tmp == NULL) {
+ free_Key(&key);
+ ret = ENOMEM;
+ goto out;
+ }
+ keys = tmp;
+ keys[num_keys++] = key;
+ }
+ }
- for (i = 0; i < len; ++i) {
- keys[i].mkvno = NULL;
- keys[i].salt = NULL;
- keys[i].key.keyvalue.length = 0;
- keys[i].key.keyvalue.data = NULL;
+ if(num_keys == 0) {
+ /* if we didn't manage to find a single valid key, create a
+ default set */
+ /* XXX only do this is there is no `default_keys'? */
+ krb5_salt v5_salt;
+ tmp = realloc(keys, (num_keys + 4) * sizeof(*keys));
+ if(tmp == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
+ keys = tmp;
+ ret = krb5_get_pw_salt(context, principal, &v5_salt);
+ if(ret)
+ goto out;
+ for(i = 0; i < 4; i++) {
+ memset(&key, 0, sizeof(key));
+ ret = krb5_string_to_key_salt(context, all_etypes[i], password,
+ v5_salt, &key.key);
+ if(ret) {
+ krb5_free_salt(context, v5_salt);
+ goto out;
+ }
+ keys[num_keys++] = key;
+ }
+ krb5_free_salt(context, v5_salt);
}
+
+ out:
+ if(ret == 0) {
+ *keys_ret = keys;
+ *num_keys_ret = num_keys;
+ } else {
+ for(i = 0; i < num_keys; i++) {
+ free_Key(&keys[i]);
+ }
+ free(keys);
+ }
+ return ret;
}
/*
- * the known and used DES enctypes
+ * Set the keys of `ent' to the string-to-key of `password'
*/
-static krb5_enctype des_types[] = { ETYPE_DES_CBC_CRC,
- ETYPE_DES_CBC_MD4,
- ETYPE_DES_CBC_MD5 };
+kadm5_ret_t
+_kadm5_set_keys(kadm5_server_context *context,
+ hdb_entry *ent,
+ const char *password)
+{
+ kadm5_ret_t ret;
+ Key *keys;
+ size_t num_keys;
-static unsigned n_des_types = 3;
+ ret = make_keys(context->context, ent->principal, password,
+ &keys, &num_keys);
+
+ if(ret)
+ return ret;
+
+ _kadm5_free_keys (context, ent->keys.len, ent->keys.val);
+ ent->keys.val = keys;
+ ent->keys.len = num_keys;
+ ent->kvno++;
+ return 0;
+}
/*
- * Set the keys of `ent' to the string-to-key of `password'
+ * Set the keys of `ent' to (`n_key_data', `key_data')
*/
kadm5_ret_t
-_kadm5_set_keys(kadm5_server_context *context,
- hdb_entry *ent,
- const char *password)
+_kadm5_set_keys2(kadm5_server_context *context,
+ hdb_entry *ent,
+ int16_t n_key_data,
+ krb5_key_data *key_data)
{
- kadm5_ret_t ret = 0;
+ krb5_error_code ret;
int i;
unsigned len;
Key *keys;
- krb5_salt salt;
- krb5_boolean v4_salt = FALSE;
- len = n_des_types + 1;
+ len = n_key_data;
keys = malloc (len * sizeof(*keys));
if (keys == NULL)
return ENOMEM;
- init_keys (keys, len);
-
- salt.salttype = KRB5_PW_SALT;
- salt.saltvalue.length = 0;
- salt.saltvalue.data = NULL;
+ _kadm5_init_keys (keys, len);
- if (krb5_config_get_bool (context->context,
- NULL, "kadmin", "use_v4_salt", NULL)) {
- v4_salt = TRUE;
- } else {
- ret = krb5_get_pw_salt (context->context, ent->principal, &salt);
- if (ret)
+ for(i = 0; i < n_key_data; i++) {
+ keys[i].mkvno = NULL;
+ keys[i].key.keytype = key_data[i].key_data_type[0];
+ ret = krb5_data_copy(&keys[i].key.keyvalue,
+ key_data[i].key_data_contents[0],
+ key_data[i].key_data_length[0]);
+ if(ret)
goto out;
- }
+ if(key_data[i].key_data_ver == 2) {
+ Salt *salt;
- for (i = 0; i < n_des_types; ++i) {
- ret = krb5_string_to_key_salt (context->context,
- des_types[i],
- password,
- salt,
- &keys[i].key);
- if (ret)
- goto out;
- if (v4_salt) {
- keys[i].salt = malloc (sizeof(*keys[i].salt));
- if (keys[i].salt == NULL) {
+ salt = malloc(sizeof(*salt));
+ if(salt == NULL) {
ret = ENOMEM;
goto out;
}
- keys[i].salt->type = salt.salttype;
- ret = copy_octet_string (&salt.saltvalue, &keys[i].salt->salt);
- if (ret)
- goto out;
- }
+ keys[i].salt = salt;
+ salt->type = key_data[i].key_data_type[1];
+ krb5_data_copy(&salt->salt,
+ key_data[i].key_data_contents[1],
+ key_data[i].key_data_length[1]);
+ } else
+ keys[i].salt = NULL;
}
-
- ret = krb5_string_to_key (context->context,
- ETYPE_DES3_CBC_SHA1,
- password,
- ent->principal,
- &keys[n_des_types].key);
- if (ret)
- goto out;
-
- free_keys (context, ent->keys.len, ent->keys.val);
+ _kadm5_free_keys (context, ent->keys.len, ent->keys.val);
ent->keys.len = len;
ent->keys.val = keys;
ent->kvno++;
- return ret;
-out:
- krb5_data_free (&salt.saltvalue);
- free_keys (context, len, keys);
+ return 0;
+ out:
+ _kadm5_free_keys (context, len, keys);
return ret;
}
/*
- * Set the keys of `ent' to (`n_key_data', `key_data')
+ * Set the keys of `ent' to `n_keys, keys'
*/
kadm5_ret_t
-_kadm5_set_keys2(hdb_entry *ent,
- int16_t n_key_data,
- krb5_key_data *key_data)
+_kadm5_set_keys3(kadm5_server_context *context,
+ hdb_entry *ent,
+ int n_keys,
+ krb5_keyblock *keyblocks)
{
krb5_error_code ret;
int i;
+ unsigned len;
+ Key *keys;
- ent->keys.len = n_key_data;
- ent->keys.val = malloc(ent->keys.len * sizeof(*ent->keys.val));
- if(ent->keys.val == NULL)
+ len = n_keys;
+ keys = malloc (len * sizeof(*keys));
+ if (keys == NULL)
return ENOMEM;
- for(i = 0; i < n_key_data; i++) {
- ent->keys.val[i].mkvno = NULL;
- ent->keys.val[i].key.keytype = key_data[i].key_data_type[0];
- ret = krb5_data_copy(&ent->keys.val[i].key.keyvalue,
- key_data[i].key_data_contents[0],
- key_data[i].key_data_length[0]);
+
+ _kadm5_init_keys (keys, len);
+
+ for(i = 0; i < n_keys; i++) {
+ keys[i].mkvno = NULL;
+ ret = krb5_copy_keyblock_contents (context->context,
+ &keyblocks[i],
+ &keys[i].key);
if(ret)
- return ret;
- if(key_data[i].key_data_ver == 2) {
- Salt *salt;
- salt = malloc(sizeof(*salt));
- if(salt == NULL)
- return ENOMEM;
- ent->keys.val[i].salt = salt;
- salt->type = key_data[i].key_data_type[1];
- krb5_data_copy(&salt->salt,
- key_data[i].key_data_contents[1],
- key_data[i].key_data_length[1]);
- } else
- ent->keys.val[i].salt = NULL;
+ goto out;
+ keys[i].salt = NULL;
}
+ _kadm5_free_keys (context, ent->keys.len, ent->keys.val);
+ ent->keys.len = len;
+ ent->keys.val = keys;
ent->kvno++;
return 0;
+ out:
+ _kadm5_free_keys (context, len, keys);
+ return ret;
}
/*
@@ -235,7 +409,7 @@ _kadm5_set_keys_randomly (kadm5_server_context *context,
return ENOMEM;
}
- init_keys (hkeys, len);
+ _kadm5_init_keys (hkeys, len);
ret = krb5_generate_random_keyblock (context->context,
des_types[0],
@@ -276,7 +450,7 @@ _kadm5_set_keys_randomly (kadm5_server_context *context,
if (ret)
goto out;
- free_keys (context, ent->keys.len, ent->keys.val);
+ _kadm5_free_keys (context, ent->keys.len, ent->keys.val);
ent->keys.len = len;
ent->keys.val = hkeys;
ent->kvno++;
@@ -287,6 +461,6 @@ out:
for (i = 0; i < len; ++i)
krb5_free_keyblock_contents (context->context, &keys[i]);
free (keys);
- free_keys (context, len, hkeys);
+ _kadm5_free_keys (context, len, hkeys);
return ret;
}
diff --git a/crypto/heimdal/lib/kadm5/truncate_log.c b/crypto/heimdal/lib/kadm5/truncate_log.c
new file mode 100644
index 000000000000..215fdd7d3cb3
--- /dev/null
+++ b/crypto/heimdal/lib/kadm5/truncate_log.c
@@ -0,0 +1,88 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "iprop.h"
+
+RCSID("$Id: truncate_log.c,v 1.1 2000/07/24 04:27:06 assar Exp $");
+
+static char *realm;
+static int version_flag;
+static int help_flag;
+
+static struct getargs args[] = {
+ { "realm", 'r', arg_string, &realm },
+ { "version", 0, arg_flag, &version_flag },
+ { "help", 0, arg_flag, &help_flag }
+};
+
+static int num_args = sizeof(args) / sizeof(args[0]);
+
+int
+main(int argc, char **argv)
+{
+ krb5_context context;
+ krb5_error_code ret;
+ void *kadm_handle;
+ kadm5_server_context *server_context;
+ kadm5_config_params conf;
+
+ krb5_program_setup(&context, argc, argv, args, num_args, NULL);
+
+ if(help_flag)
+ krb5_std_usage(0, args, num_args);
+ if(version_flag) {
+ print_version(NULL);
+ exit(0);
+ }
+
+ memset(&conf, 0, sizeof(conf));
+ if(realm) {
+ conf.mask |= KADM5_CONFIG_REALM;
+ conf.realm = realm;
+ }
+
+ ret = kadm5_init_with_password_ctx (context,
+ KADM5_ADMIN_SERVICE,
+ NULL,
+ KADM5_ADMIN_SERVICE,
+ &conf, 0, 0,
+ &kadm_handle);
+ if (ret)
+ krb5_err (context, 1, ret, "kadm5_init_with_password_ctx");
+
+ server_context = (kadm5_server_context *)kadm_handle;
+
+ ret = kadm5_log_truncate (server_context);
+ krb5_err (context, 1, ret, "kadm5_log_truncate");
+ return 0;
+}
diff --git a/crypto/heimdal/lib/kafs/ChangeLog b/crypto/heimdal/lib/kafs/ChangeLog
index 09ea01ed95e5..180f2c42d13d 100644
--- a/crypto/heimdal/lib/kafs/ChangeLog
+++ b/crypto/heimdal/lib/kafs/ChangeLog
@@ -1,3 +1,47 @@
+2000-12-11 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkafs_la_LDFLAGS): set version to 2:3:2
+
+2000-11-17 Assar Westerlund <assar@sics.se>
+
+ * afssysdefs.h: solaris 8 apperently uses 65
+
+2000-09-19 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkafs_la_LDFLAGS): bump version to 2:2:2
+
+2000-09-12 Johan Danielsson <joda@pdc.kth.se>
+
+ * dlfcn.c: correct arguments to some snprintf:s
+
+2000-07-25 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: bump version to 2:1:2
+
+2000-04-03 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: set version to 2:0:2
+
+2000-03-20 Assar Westerlund <assar@sics.se>
+
+ * afssysdefs.h: make versions later than 5.7 of solaris also use
+ 73
+
+2000-03-16 Assar Westerlund <assar@sics.se>
+
+ * afskrb.c (afslog_uid_int): use krb_get_tf_fullname instead of
+ krb_get_default_principal
+
+2000-03-15 Assar Westerlund <assar@sics.se>
+
+ * afssys.c (map_syscall_name_to_number): ignore # at
+ beginning-of-line
+
+2000-03-13 Assar Westerlund <assar@sics.se>
+
+ * afssysdefs.h: add 230 for MacOS X per information from
+ <warner.c@apple.com>
+
1999-12-06 Assar Westerlund <assar@sics.se>
* Makefile.am: set version to 1:2:1
diff --git a/crypto/heimdal/lib/kafs/Makefile.am b/crypto/heimdal/lib/kafs/Makefile.am
index 2460e555e266..955758859a5d 100644
--- a/crypto/heimdal/lib/kafs/Makefile.am
+++ b/crypto/heimdal/lib/kafs/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.19 2000/01/06 15:14:27 assar Exp $
+# $Id: Makefile.am,v 1.23 2000/12/11 00:44:50 assar Exp $
include $(top_srcdir)/Makefile.am.common
@@ -41,7 +41,7 @@ endif # KRB4
lib_LTLIBRARIES = $(AFSLIBS)
-libkafs_la_LDFLAGS = -version-info 1:2:1
+libkafs_la_LDFLAGS = -version-info 2:3:2
foodir = $(libdir)
foo_DATA = $(AFS_EXTRA_LIBS)
# EXTRA_DATA = afslib.so
diff --git a/crypto/heimdal/lib/kafs/Makefile.in b/crypto/heimdal/lib/kafs/Makefile.in
index 32b69cb76a83..147f3279e098 100644
--- a/crypto/heimdal/lib/kafs/Makefile.in
+++ b/crypto/heimdal/lib/kafs/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.19 2000/01/06 15:14:27 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,25 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -91,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.23 2000/12/11 00:44:50 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) $(AFS_EXTRA_DEFS)
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) $(INCLUDE_krb4) $(AFS_EXTRA_DEFS)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -135,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -143,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -151,45 +170,41 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
-@KRB4_TRUE@AFSLIBS = libkafs.la
+@KRB4_TRUE@AFSLIBS = @KRB4_TRUE@libkafs.la
@KRB4_FALSE@AFSLIBS =
-@KRB4_TRUE@@AIX_TRUE@AFSL_EXP = $(srcdir)/afsl.exp
+@KRB4_TRUE@@AIX_TRUE@AFSL_EXP = @KRB4_TRUE@@AIX_TRUE@$(srcdir)/afsl.exp
@KRB4_TRUE@@AIX_FALSE@AFSL_EXP =
-@KRB4_TRUE@@AIX_TRUE@@AIX4_TRUE@AFS_EXTRA_LD = -bnoentry
-@KRB4_TRUE@@AIX_TRUE@@AIX4_FALSE@AFS_EXTRA_LD = -e _nostart
+@KRB4_TRUE@@AIX_TRUE@@AIX4_TRUE@AFS_EXTRA_LD = @KRB4_TRUE@@AIX_TRUE@@AIX4_TRUE@-bnoentry
+@KRB4_TRUE@@AIX_TRUE@@AIX4_FALSE@AFS_EXTRA_LD = @KRB4_TRUE@@AIX_TRUE@@AIX4_FALSE@-e _nostart
@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_TRUE@AIX_SRC =
-@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_FALSE@AIX_SRC = dlfcn.c
-@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AIX_SRC = afslib.c
+@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_FALSE@AIX_SRC = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@@HAVE_DLOPEN_FALSE@dlfcn.c
+@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AIX_SRC = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.c
@KRB4_TRUE@@AIX_FALSE@AIX_SRC =
-@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_LIBS = afslib.so
+@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_LIBS = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@afslib.so
@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_LIBS =
@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_TRUE@AFS_EXTRA_DEFS =
-@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_DEFS = -DSTATIC_AFS
+@KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@AFS_EXTRA_DEFS = @KRB4_TRUE@@AIX_TRUE@@AIX_DYNAMIC_AFS_FALSE@-DSTATIC_AFS
lib_LTLIBRARIES = $(AFSLIBS)
-libkafs_la_LDFLAGS = -version-info 1:2:1
+libkafs_la_LDFLAGS = -version-info 2:3:2
foodir = $(libdir)
foo_DATA = $(AFS_EXTRA_LIBS)
# EXTRA_DATA = afslib.so
@@ -198,7 +213,7 @@ CLEANFILES = $(AFS_EXTRA_LIBS)
include_HEADERS = kafs.h
-@KRB5_TRUE@afskrb5_c = afskrb5.c
+@KRB5_TRUE@afskrb5_c = @KRB5_TRUE@afskrb5.c
libkafs_la_SOURCES = afssys.c afskrb.c $(afskrb5_c) common.c $(AIX_SRC) kafs_locl.h afssysdefs.h
#afslib_so_SOURCES = afslib.c
@@ -208,6 +223,7 @@ EXTRA_libkafs_la_SOURCES = afskrb5.c dlfcn.c afslib.c dlfcn.h
EXTRA_DIST = README.dlfcn afsl.exp afslib.exp
man_MANS = kafs.3
+subdir = lib/kafs
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -217,186 +233,187 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
libkafs_la_LIBADD =
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_FALSE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@dlfcn.lo
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@dlfcn.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@afskrb5.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_TRUE@common.lo
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_TRUE@@KRB4_FALSE@@KRB5_TRUE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@common.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_FALSE@@HAVE_DLOPEN_TRUE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb5.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo \
-@AIX_TRUE@@KRB4_TRUE@@KRB5_TRUE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afslib.lo
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@libkafs_la_OBJECTS = \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afssys.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@afskrb.lo \
-@AIX_FALSE@@KRB4_FALSE@@KRB5_FALSE@@HAVE_DLOPEN_FALSE@@AIX_DYNAMIC_AFS_FALSE@common.lo
-CFLAGS = @CFLAGS@
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afslib.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afslib.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afslib.lo
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_FALSE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afslib.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_FALSE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_FALSE@dlfcn.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@common.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_FALSE@@KRB4_TRUE@@KRB5_TRUE@dlfcn.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_FALSE@@KRB5_TRUE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_FALSE@common.lo
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@am_libkafs_la_OBJECTS = \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afssys.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@afskrb5.lo \
+@AIX_DYNAMIC_AFS_TRUE@@AIX_TRUE@@HAVE_DLOPEN_TRUE@@KRB4_TRUE@@KRB5_TRUE@common.lo
+libkafs_la_OBJECTS = $(am_libkafs_la_OBJECTS)
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libkafs_la_SOURCES) $(EXTRA_libkafs_la_SOURCES)
man3dir = $(mandir)/man3
MANS = $(man_MANS)
DATA = $(foo_DATA)
HEADERS = $(include_HEADERS)
-DIST_COMMON = ChangeLog Makefile.am Makefile.in
+depcomp =
+DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
SOURCES = $(libkafs_la_SOURCES) $(EXTRA_libkafs_la_SOURCES)
-OBJECTS = $(libkafs_la_OBJECTS)
+OBJECTS = $(am_libkafs_la_OBJECTS)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kafs/Makefile
@@ -419,31 +436,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -455,15 +459,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -476,6 +471,12 @@ maintainer-clean-libtool:
libkafs.la: $(libkafs_la_OBJECTS) $(libkafs_la_DEPENDENCIES)
$(LINK) -rpath $(libdir) $(libkafs_la_LDFLAGS) $(libkafs_la_OBJECTS) $(libkafs_la_LIBADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
install-man3:
$(mkinstalldirs) $(DESTDIR)$(man3dir)
@@ -490,6 +491,7 @@ install-man3:
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \
@@ -505,6 +507,7 @@ uninstall-man3:
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \
rm -f $(DESTDIR)$(man3dir)/$$inst; \
@@ -520,19 +523,18 @@ install-fooDATA: $(foo_DATA)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(foodir)
@list='$(foo_DATA)'; for p in $$list; do \
- if test -f $(srcdir)/$$p; then \
- echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \
- $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \
- else if test -f $$p; then \
- echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \
- $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \
- fi; fi; \
+ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(foodir)/$$f; \
done
uninstall-fooDATA:
@$(NORMAL_UNINSTALL)
- list='$(foo_DATA)'; for p in $$list; do \
- rm -f $(DESTDIR)$(foodir)/$$p; \
+ @list='$(foo_DATA)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(foodir)/$$f"; \
+ rm -f $(DESTDIR)$(foodir)/$$f; \
done
install-includeHEADERS: $(include_HEADERS)
@@ -540,35 +542,42 @@ install-includeHEADERS: $(include_HEADERS)
$(mkinstalldirs) $(DESTDIR)$(includedir)
@list='$(include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
done
uninstall-includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(includedir)/$$p; \
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -581,17 +590,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/kafs
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -622,7 +630,7 @@ uninstall: uninstall-am
all-am: Makefile $(LTLIBRARIES) $(MANS) $(DATA) $(HEADERS) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(mandir)/man3 \
$(DESTDIR)$(foodir) $(DESTDIR)$(includedir)
@@ -638,6 +646,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-tags \
mostlyclean-generic
@@ -677,7 +686,7 @@ distclean-tags clean-tags maintainer-clean-tags distdir info-am info \
dvi-am dvi check-local check check-am installcheck-am installcheck \
install-exec-am install-exec install-data-local install-data-am \
install-data install-am install uninstall-am uninstall all-local \
-all-redirect all-am all installdirs mostlyclean-generic \
+all-redirect all-am all install-strip installdirs mostlyclean-generic \
distclean-generic clean-generic maintainer-clean-generic clean \
mostlyclean distclean maintainer-clean
@@ -687,7 +696,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -699,8 +711,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -769,87 +781,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/kafs/afskrb.c b/crypto/heimdal/lib/kafs/afskrb.c
index 805750dad605..ea7ca534e609 100644
--- a/crypto/heimdal/lib/kafs/afskrb.c
+++ b/crypto/heimdal/lib/kafs/afskrb.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kafs_locl.h"
-RCSID("$Id: afskrb.c,v 1.13 1999/12/02 16:58:39 joda Exp $");
+RCSID("$Id: afskrb.c,v 1.14 2000/03/16 05:35:56 assar Exp $");
struct krb_kafs_data {
const char *realm;
@@ -69,13 +69,9 @@ afslog_uid_int(kafs_data *data,
return _kafs_afslog_all_local_cells (data, uid, homedir);
/* Extract realm from ticket file. */
- {
- char name[ANAME_SZ], inst[INST_SZ];
-
- ret = krb_get_default_principal(name, inst, realm);
- if (ret != KSUCCESS)
- return ret;
- }
+ ret = krb_get_tf_fullname(tkt_string(), NULL, NULL, realm);
+ if (ret != KSUCCESS)
+ return ret;
ret = _kafs_get_cred(data, cell, realm_hint, realm, &c);
diff --git a/crypto/heimdal/lib/kafs/afssys.c b/crypto/heimdal/lib/kafs/afssys.c
index d49a65ac6c84..c64b382dba97 100644
--- a/crypto/heimdal/lib/kafs/afssys.c
+++ b/crypto/heimdal/lib/kafs/afssys.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 200 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "kafs_locl.h"
-RCSID("$Id: afssys.c,v 1.65 1999/12/02 16:58:40 joda Exp $");
+RCSID("$Id: afssys.c,v 1.67 2000/07/08 12:06:03 assar Exp $");
int _kafs_debug; /* this should be done in a better way */
@@ -113,6 +113,9 @@ map_syscall_name_to_number (const char *str, int *res)
if (f == NULL)
return -1;
while (fgets (buf, sizeof(buf), f) != NULL) {
+ if (buf[0] == '#')
+ continue;
+
if (strncmp (str, buf, str_len) == 0) {
char *begptr = buf + str_len;
char *endptr;
@@ -280,7 +283,7 @@ int
k_hasafs(void)
{
#if !defined(NO_AFS) && defined(SIGSYS)
- RETSIGTYPE (*saved_func)();
+ RETSIGTYPE (*saved_func)(int);
#endif
int saved_errno;
char *env = getenv ("AFS_SYSCALL");
diff --git a/crypto/heimdal/lib/kafs/afssysdefs.h b/crypto/heimdal/lib/kafs/afssysdefs.h
index 574b33f70af6..800921fe16fa 100644
--- a/crypto/heimdal/lib/kafs/afssysdefs.h
+++ b/crypto/heimdal/lib/kafs/afssysdefs.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: afssysdefs.h,v 1.21 1999/12/02 16:58:40 joda Exp $ */
+/* $Id: afssysdefs.h,v 1.24 2000/11/17 01:07:47 assar Exp $ */
/*
* This section is for machines using single entry point AFS syscalls!
@@ -54,6 +54,10 @@
#define AFS_SYSCALL 73
#endif
+#if SunOS >= 58
+#define AFS_SYSCALL 65
+#endif
+
#if defined(__hpux)
#define AFS_SYSCALL 50
#define AFS_SYSCALL2 49
@@ -82,6 +86,10 @@
#define AFS_SYSCALL 210
#endif
+#ifdef __APPLE__ /* MacOS X */
+#define AFS_SYSCALL 230
+#endif
+
#ifdef SYS_afs_syscall
#define AFS_SYSCALL3 SYS_afs_syscall
#endif
diff --git a/crypto/heimdal/lib/kafs/dlfcn.c b/crypto/heimdal/lib/kafs/dlfcn.c
index e664fe3e5da6..728cf5cdd768 100644
--- a/crypto/heimdal/lib/kafs/dlfcn.c
+++ b/crypto/heimdal/lib/kafs/dlfcn.c
@@ -115,12 +115,12 @@ void *dlopen(const char *path, int mode)
}
if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) {
errvalid++;
- snprintf (errbuf, "calloc: %s", strerror(errno));
+ snprintf (errbuf, sizeof(errbuf), "calloc: %s", strerror(errno));
return NULL;
}
if ((mp->name = strdup(path)) == NULL) {
errvalid++;
- snprintf (errbuf, "strdup: %s", strerror(errno));
+ snprintf (errbuf, sizeof(errbuf), "strdup: %s", strerror(errno));
free(mp);
return NULL;
}
diff --git a/crypto/heimdal/lib/kafs/kafs.3 b/crypto/heimdal/lib/kafs/kafs.3
index 4a7b5efb8c4f..0b6b0502fa0b 100644
--- a/crypto/heimdal/lib/kafs/kafs.3
+++ b/crypto/heimdal/lib/kafs/kafs.3
@@ -1,4 +1,4 @@
-.\" $Id: kafs.3,v 1.3 1998/06/30 15:41:52 assar Exp $
+.\" $Id: kafs.3,v 1.4 2001/01/11 16:16:29 assar Exp $
.\"
.Dd May 7, 1997
.Os KTH-KRB
@@ -11,8 +11,8 @@
.Nm k_afs_cell_of_file ,
.Nm krb_afslog ,
.Nm krb_afslog_uid
-\" .Nm krb5_afslog ,
-\" .Nm krb5_afslog_uid
+.\" .Nm krb5_afslog ,
+.\" .Nm krb5_afslog_uid
.Nd AFS library
.Sh SYNOPSIS
.Fd #include <kafs.h>
@@ -30,10 +30,10 @@
.Fn krb_afslog "char *cell" "char *realm"
.Ft int
.Fn krb_afslog_uid "char *cell" "char *realm" "uid_t uid"
-\" .Ft krb5_error_code
-\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid"
-\" .Ft krb5_error_code
-\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm"
+.\" .Ft krb5_error_code
+.\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid"
+.\" .Ft krb5_error_code
+.\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm"
.Sh DESCRIPTION
.Fn k_hasafs
initializes some library internal structures, and tests for the
@@ -41,7 +41,7 @@ presense of AFS in the kernel, none of the other functions should be
called before
.Fn k_hasafs
is called, or if it fails.
-
+.Pp
.Fn krb_afslog ,
and
.Fn krb_afslog_uid
@@ -66,22 +66,22 @@ field in the token,
.Fn krb_afslog_uid
will use
.Fa uid .
-
-\" .Fn krb5_afslog ,
-\" and
-\" .Fn krb5_afslog_uid
-\" are the Kerberos 5 equivalents of
-\" .Fn krb_afslog ,
-\" and
-\" .Fn krb_afslog_uid .
-\" The extra arguments are the ubiquitous context, and the cache id where
-\" to store any obtained tickets. Since AFS servers normally can't handle
-\" Kerberos 5 tickets directly, these functions will first obtain version
-\" 5 tickets for the requested cells, and then convert them to version 4
-\" tickets, that can be stashed in the kernel. To convert tickets the
-\" .Fn krb524_convert_creds_kdc
-\" function will be used.
-
+.Pp
+.\" .Fn krb5_afslog ,
+.\" and
+.\" .Fn krb5_afslog_uid
+.\" are the Kerberos 5 equivalents of
+.\" .Fn krb_afslog ,
+.\" and
+.\" .Fn krb_afslog_uid .
+.\" The extra arguments are the ubiquitous context, and the cache id where
+.\" to store any obtained tickets. Since AFS servers normally can't handle
+.\" Kerberos 5 tickets directly, these functions will first obtain version
+.\" 5 tickets for the requested cells, and then convert them to version 4
+.\" tickets, that can be stashed in the kernel. To convert tickets the
+.\" .Fn krb524_convert_creds_kdc
+.\" function will be used.
+.\" .Pp
.Fn k_afs_cell_of_file
will in
.Fa cell
@@ -89,23 +89,22 @@ return the cell of a specified file, no more than
.Fa len
characters is put in
.Fa cell .
-
+.Pp
.Fn k_pioctl
does a
.Fn pioctl
syscall with the specified arguments. This function is equivalent to
.Fn lpioctl .
-
+.Pp
.Fn k_setpag
initializes a new PAG.
-
+.Pp
.Fn k_unlog
removes destroys all tokens in the current PAG.
-
.Sh ENVIRONMENT
The following environment variable affect the mode of operation of
.Nm kafs :
-.Bl -tag
+.Bl -tag -width AFS_SYSCALL
.It Ev AFS_SYSCALL
Normally,
.Nm kafs
diff --git a/crypto/heimdal/lib/kdfs/ChangeLog b/crypto/heimdal/lib/kdfs/ChangeLog
new file mode 100644
index 000000000000..6b52fd2f37de
--- /dev/null
+++ b/crypto/heimdal/lib/kdfs/ChangeLog
@@ -0,0 +1,11 @@
+2000-12-11 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libkdfs_la_LDFLAGS): set version to 0:1:0
+
+2000-07-02 Assar Westerlund <assar@sics.se>
+
+ * k5dfspag.c: use krb5.h instead of krb5_locl.h
+
+ * initial import from Ake Sandgren <ake@cs.umu.se>
+
+
diff --git a/crypto/heimdal/lib/kdfs/Makefile.am b/crypto/heimdal/lib/kdfs/Makefile.am
new file mode 100644
index 000000000000..c51d55e7edec
--- /dev/null
+++ b/crypto/heimdal/lib/kdfs/Makefile.am
@@ -0,0 +1,10 @@
+# $Id: Makefile.am,v 1.2 2000/12/11 00:46:47 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+lib_LTLIBRARIES = libkdfs.la
+
+libkdfs_la_SOURCES = \
+ k5dfspag.c
+
+libkdfs_la_LDFLAGS = -version-info 0:1:0
diff --git a/crypto/heimdal/lib/kdfs/Makefile.in b/crypto/heimdal/lib/kdfs/Makefile.in
new file mode 100644
index 000000000000..124a9089f996
--- /dev/null
+++ b/crypto/heimdal/lib/kdfs/Makefile.in
@@ -0,0 +1,557 @@
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
+
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = ../..
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+
+@SET_MAKE@
+host_alias = @host_alias@
+host_triplet = @host@
+AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
+AWK = @AWK@
+CANONICAL_HOST = @CANONICAL_HOST@
+CATMAN = @CATMAN@
+CATMANEXT = @CATMANEXT@
+CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
+EXEEXT = @EXEEXT@
+EXTRA_LIB45 = @EXTRA_LIB45@
+GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
+INCLUDE_ = @INCLUDE_@
+LEX = @LEX@
+LIBOBJS = @LIBOBJS@
+LIBTOOL = @LIBTOOL@
+LIB_ = @LIB_@
+LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
+LIB_kdb = @LIB_kdb@
+LIB_otp = @LIB_otp@
+LIB_roken = @LIB_roken@
+LIB_security = @LIB_security@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
+NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
+NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+STRIP = @STRIP@
+VERSION = @VERSION@
+VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
+WFLAGS = @WFLAGS@
+WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
+WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
+YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.2 2000/12/11 00:46:47 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
+
+AUTOMAKE_OPTIONS = foreign no-dependencies
+
+SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
+
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
+
+AM_CFLAGS = $(WFLAGS)
+
+CP = cp
+
+COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
+
+buildinclude = $(top_builddir)/include
+
+LIB_XauReadAuth = @LIB_XauReadAuth@
+LIB_crypt = @LIB_crypt@
+LIB_dbm_firstkey = @LIB_dbm_firstkey@
+LIB_dbopen = @LIB_dbopen@
+LIB_dlopen = @LIB_dlopen@
+LIB_dn_expand = @LIB_dn_expand@
+LIB_el_init = @LIB_el_init@
+LIB_getattr = @LIB_getattr@
+LIB_gethostbyname = @LIB_gethostbyname@
+LIB_getpwent_r = @LIB_getpwent_r@
+LIB_getpwnam_r = @LIB_getpwnam_r@
+LIB_getsockopt = @LIB_getsockopt@
+LIB_logout = @LIB_logout@
+LIB_logwtmp = @LIB_logwtmp@
+LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
+LIB_readline = @LIB_readline@
+LIB_res_search = @LIB_res_search@
+LIB_setpcred = @LIB_setpcred@
+LIB_setsockopt = @LIB_setsockopt@
+LIB_socket = @LIB_socket@
+LIB_syslog = @LIB_syslog@
+LIB_tgetent = @LIB_tgetent@
+
+LIBS = @LIBS@
+
+HESIODLIB = @HESIODLIB@
+HESIODINCLUDE = @HESIODINCLUDE@
+INCLUDE_hesiod = @INCLUDE_hesiod@
+LIB_hesiod = @LIB_hesiod@
+
+INCLUDE_krb4 = @INCLUDE_krb4@
+LIB_krb4 = @LIB_krb4@
+
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
+INCLUDE_readline = @INCLUDE_readline@
+
+LEXLIB = @LEXLIB@
+
+NROFF_MAN = groff -mandoc -Tascii
+
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
+
+CHECK_LOCAL = $(PROGRAMS)
+
+lib_LTLIBRARIES = libkdfs.la
+
+libkdfs_la_SOURCES = \
+ k5dfspag.c
+
+
+libkdfs_la_LDFLAGS = -version-info 0:1:0
+subdir = lib/kdfs
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = ../../include/config.h
+CONFIG_CLEAN_FILES =
+LTLIBRARIES = $(lib_LTLIBRARIES)
+
+
+DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
+CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
+X_CFLAGS = @X_CFLAGS@
+X_LIBS = @X_LIBS@
+X_EXTRA_LIBS = @X_EXTRA_LIBS@
+X_PRE_LIBS = @X_PRE_LIBS@
+libkdfs_la_LIBADD =
+am_libkdfs_la_OBJECTS = k5dfspag.lo
+libkdfs_la_OBJECTS = $(am_libkdfs_la_OBJECTS)
+COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libkdfs_la_SOURCES)
+depcomp =
+DIST_COMMON = ChangeLog Makefile.am Makefile.in
+
+
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+
+GZIP_ENV = --best
+SOURCES = $(libkdfs_la_SOURCES)
+OBJECTS = $(am_libkdfs_la_OBJECTS)
+
+all: all-redirect
+.SUFFIXES:
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
+ cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/kdfs/Makefile
+
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ cd $(top_builddir) \
+ && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+
+mostlyclean-libLTLIBRARIES:
+
+clean-libLTLIBRARIES:
+ -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES)
+
+distclean-libLTLIBRARIES:
+
+maintainer-clean-libLTLIBRARIES:
+
+install-libLTLIBRARIES: $(lib_LTLIBRARIES)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(libdir)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ if test -f $$p; then \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
+ else :; fi; \
+ done
+
+uninstall-libLTLIBRARIES:
+ @$(NORMAL_UNINSTALL)
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
+ done
+
+mostlyclean-compile:
+ -rm -f *.o core *.core
+ -rm -f *.$(OBJEXT)
+
+clean-compile:
+
+distclean-compile:
+ -rm -f *.tab.c
+
+maintainer-clean-compile:
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+
+maintainer-clean-libtool:
+
+libkdfs.la: $(libkdfs_la_OBJECTS) $(libkdfs_la_DEPENDENCIES)
+ $(LINK) -rpath $(libdir) $(libkdfs_la_LDFLAGS) $(libkdfs_la_OBJECTS) $(libkdfs_la_LIBADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique $(LISP)
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+ -rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+
+distdir: $(DISTFILES)
+ @for file in $(DISTFILES); do \
+ d=$(srcdir); \
+ if test -d $$d/$$file; then \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
+info-am:
+info: info-am
+dvi-am:
+dvi: dvi-am
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-local
+check: check-am
+installcheck-am:
+installcheck: installcheck-am
+install-exec-am: install-libLTLIBRARIES
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-exec: install-exec-am
+
+install-data-am: install-data-local
+install-data: install-data-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-am
+uninstall-am: uninstall-libLTLIBRARIES
+uninstall: uninstall-am
+all-am: Makefile $(LTLIBRARIES) all-local
+all-redirect: all-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
+installdirs:
+ $(mkinstalldirs) $(DESTDIR)$(libdir)
+
+
+mostlyclean-generic:
+
+clean-generic:
+
+distclean-generic:
+ -rm -f Makefile $(CONFIG_CLEAN_FILES)
+ -rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+ -rm -f Makefile.in
+mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
+ mostlyclean-libtool mostlyclean-tags \
+ mostlyclean-generic
+
+mostlyclean: mostlyclean-am
+
+clean-am: clean-libLTLIBRARIES clean-compile clean-libtool clean-tags \
+ clean-generic mostlyclean-am
+
+clean: clean-am
+
+distclean-am: distclean-libLTLIBRARIES distclean-compile \
+ distclean-libtool distclean-tags distclean-generic \
+ clean-am
+ -rm -f libtool
+
+distclean: distclean-am
+
+maintainer-clean-am: maintainer-clean-libLTLIBRARIES \
+ maintainer-clean-compile maintainer-clean-libtool \
+ maintainer-clean-tags maintainer-clean-generic \
+ distclean-am
+ @echo "This command is intended for maintainers to use;"
+ @echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-am
+
+.PHONY: mostlyclean-libLTLIBRARIES distclean-libLTLIBRARIES \
+clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \
+uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \
+distclean-compile clean-compile maintainer-clean-compile \
+mostlyclean-libtool distclean-libtool clean-libtool \
+maintainer-clean-libtool tags mostlyclean-tags distclean-tags \
+clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \
+check-local check check-am installcheck-am installcheck install-exec-am \
+install-exec install-data-local install-data-am install-data install-am \
+install uninstall-am uninstall all-local all-redirect all-am all \
+install-strip installdirs mostlyclean-generic distclean-generic \
+clean-generic maintainer-clean-generic clean mostlyclean distclean \
+maintainer-clean
+
+
+install-suid-programs:
+ @foo='$(bin_SUIDS)'; \
+ for file in $$foo; do \
+ x=$(DESTDIR)$(bindir)/$$file; \
+ if chown 0:0 $$x && chmod u+s $$x; then :; else \
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
+
+install-exec-hook: install-suid-programs
+
+install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
+ @foo='$(include_HEADERS) $(build_HEADERZ)'; \
+ for f in $$foo; do \
+ f=`basename $$f`; \
+ if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+ else file="$$f"; fi; \
+ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
+ : ; else \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
+ fi ; \
+ done
+
+all-local: install-build-headers
+#NROFF_MAN = nroff -man
+.1.cat1:
+ $(NROFF_MAN) $< > $@
+.3.cat3:
+ $(NROFF_MAN) $< > $@
+.5.cat5:
+ $(NROFF_MAN) $< > $@
+.8.cat8:
+ $(NROFF_MAN) $< > $@
+
+dist-cat1-mans:
+ @foo='$(man1_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.1) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat3-mans:
+ @foo='$(man3_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.3) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat5-mans:
+ @foo='$(man5_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.5) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat8-mans:
+ @foo='$(man8_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.8) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
+
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+install-data-local: install-cat-mans
+
+.et.h:
+ $(COMPILE_ET) $<
+.et.c:
+ $(COMPILE_ET) $<
+
+.x.c:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
+
+check-local::
+ @foo='$(CHECK_LOCAL)'; \
+ if test "$$foo"; then \
+ failed=0; all=0; \
+ for i in $$foo; do \
+ all=`expr $$all + 1`; \
+ if ./$$i --version > /dev/null 2>&1; then \
+ echo "PASS: $$i"; \
+ else \
+ echo "FAIL: $$i"; \
+ failed=`expr $$failed + 1`; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="$$failed of $$all tests failed"; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/crypto/heimdal/lib/kdfs/k5dfspag.c b/crypto/heimdal/lib/kdfs/k5dfspag.c
new file mode 100644
index 000000000000..3e48a850663d
--- /dev/null
+++ b/crypto/heimdal/lib/kdfs/k5dfspag.c
@@ -0,0 +1,362 @@
+/*
+ * lib/krb5/os/k5dfspag.c
+ *
+ * New Kerberos module to issue the DFS PAG syscalls.
+ * It also contains the routine to fork and exec the
+ * k5dcecon routine to do most of the work.
+ *
+ * This file is designed to be as independent of DCE
+ * and DFS as possible. The only dependencies are on
+ * the syscall numbers. If DFS not running or not installed,
+ * the sig handlers will catch and the signal and
+ * will continue.
+ *
+ * krb5_dfs_newpag and krb5_dfs_getpag should not be real
+ * Kerberos routines, since they should be setpag and getpag
+ * in the DCE library, but without the DCE baggage.
+ * Thus they don't have context, and don't return a krb5 error.
+ *
+ *
+ *
+ * krb5_dfs_pag()
+ */
+
+#include <krb5.h>
+
+#ifdef DCE
+
+#include <stdio.h>
+#include <sys/stat.h>
+#include <sys/wait.h>
+#include <fcntl.h>
+#include <sys/param.h>
+
+/* Only run this DFS PAG code on systems with POSIX
+ * All that we are interested in dor:, AIX 4.x,
+ * Solaris 2.5.x, HPUX 10.x Even SunOS 4.1.4, AIX 3.2.5
+ * and SGI 5.3 are OK. This simplifies
+ * the build/configure which I don't want to change now.
+ * All of them also have waitpid as well.
+ */
+
+#define POSIX_SETJMP
+#define POSIX_SIGNALS
+#define HAVE_WAITPID
+
+#include <signal.h>
+#include <setjmp.h>
+#ifndef POSIX_SETJMP
+#undef sigjmp_buf
+#undef sigsetjmp
+#undef siglongjmp
+#define sigjmp_buf jmp_buf
+#define sigsetjmp(j,s) setjmp(j)
+#define siglongjmp longjmp
+#endif
+
+#ifdef POSIX_SIGNALS
+typedef struct sigaction handler;
+#define handler_init(H,F) (sigemptyset(&(H).sa_mask), \
+ (H).sa_flags=0, \
+ (H).sa_handler=(F))
+#define handler_swap(S,NEW,OLD) sigaction(S, &NEW, &OLD)
+#define handler_set(S,OLD) sigaction(S, &OLD, NULL)
+#else
+typedef sigtype (*handler)();
+#define handler_init(H,F) ((H) = (F))
+#define handler_swap(S,NEW,OLD) ((OLD) = signal ((S), (NEW)))
+#define handler_set(S,OLD) (signal ((S), (OLD)))
+#endif
+
+#define krb5_sigtype void
+#define WAIT_USES_INT
+typedef krb5_sigtype sigtype;
+
+
+/*
+ * Need some syscall numbers based on different systems.
+ * These are based on:
+ * HPUX 10.10 /opt/dce/include/dcedfs/syscall.h
+ * Solaris 2.5 /opt/dcelocal/share/include/dcedfs/syscall.h
+ * AIX 4.2 - needs some funny games with load and kafs_syscall
+ * to get the kernel extentions. There should be a better way!
+ *
+ * DEE 5/27/97
+ *
+ */
+
+
+#define AFSCALL_SETPAG 2
+#define AFSCALL_GETPAG 11
+
+#if defined(sun)
+#define AFS_SYSCALL 72
+
+#elif defined(hpux)
+/* assume HPUX 10 + or is it 50 */
+#define AFS_SYSCALL 326
+
+#elif defined(_AIX)
+#ifndef DPAGAIX
+#define DPAGAIX LIBEXECDIR ## "/dpagaix"
+#endif
+int *load();
+static int (*dpagaix)(int, int, int, int, int, int) = 0;
+
+#elif defined(sgi) || defined(_sgi)
+#define AFS_SYSCALL 206+1000
+
+#else
+#define AFS_SYSCALL (Unknown_DFS_AFS_SYSCALL)
+#endif
+
+
+#ifdef WAIT_USES_INT
+ int wait_status;
+#else /* WAIT_USES_INT */
+ union wait wait_status;
+#endif /* WAIT_USES_INT */
+
+#ifndef K5DCECON
+#define K5DCECON LIBEXECDIR ## "/k5dcecon"
+#endif
+
+/*
+ * mysig()
+ *
+ * signal handler if DFS not running
+ *
+ */
+
+static sigjmp_buf setpag_buf;
+
+static sigtype mysig()
+{
+ siglongjmp(setpag_buf, 1);
+}
+
+/*
+ * krb5_dfs_pag_syscall()
+ *
+ * wrapper for the syscall with signal handlers
+ *
+ */
+
+static int krb5_dfs_pag_syscall(opt1,opt2)
+ int opt1;
+ int opt2;
+{
+ handler sa1, osa1;
+ handler sa2, osa2;
+ int pag = -2;
+
+ handler_init (sa1, mysig);
+ handler_init (sa2, mysig);
+ handler_swap (SIGSYS, sa1, osa1);
+ handler_swap (SIGSEGV, sa2, osa2);
+
+ if (sigsetjmp(setpag_buf, 1) == 0) {
+
+#if defined(_AIX)
+ if (!dpagaix)
+ dpagaix = load(DPAGAIX, 0, 0);
+ if (dpagaix)
+ pag = (*dpagaix)(opt1, opt2, 0, 0, 0, 0);
+#else
+ pag = syscall(AFS_SYSCALL, opt1, opt2, 0, 0, 0, 0);
+#endif
+
+ handler_set (SIGSYS, osa1);
+ handler_set (SIGSEGV, osa2);
+ return(pag);
+ }
+
+ /* syscall failed! return 0 */
+ handler_set (SIGSYS, osa1);
+ handler_set (SIGSEGV, osa2);
+ return(-2);
+}
+
+/*
+ * krb5_dfs_newpag()
+ *
+ * issue a DCE/DFS setpag system call to set the newpag
+ * for this process. This takes advantage of a currently
+ * undocumented feature of the Transarc port of DFS.
+ * Even in DCE 1.2.2 for which the source is available,
+ * (but no vendors have released), this feature is not
+ * there, but it should be, or could be added.
+ * If new_pag is zero, then the syscall will get a new pag
+ * and return its value.
+ */
+
+int krb5_dfs_newpag(new_pag)
+ int new_pag;
+{
+ return(krb5_dfs_pag_syscall(AFSCALL_SETPAG, new_pag));
+}
+
+/*
+ * krb5_dfs_getpag()
+ *
+ * get the current PAG. Used mostly as a test.
+ */
+
+int krb5_dfs_getpag()
+{
+ return(krb5_dfs_pag_syscall(AFSCALL_GETPAG, 0));
+}
+
+/*
+ * krb5_dfs_pag()
+ *
+ * Given a principal and local username,
+ * fork and exec the k5dcecon module to create
+ * refresh or join a new DCE/DFS
+ * Process Authentication Group (PAG)
+ *
+ * This routine should be called after krb5_kuserok has
+ * determined that this combination of local user and
+ * principal are acceptable for the local host.
+ *
+ * It should also be called after a forwarded ticket has
+ * been received, and the KRB5CCNAME environment variable
+ * has been set to point at it. k5dcecon will convert this
+ * to a new DCE context and a new pag and replace KRB5CCNAME
+ * in the environment.
+ *
+ * If there is no forwarded ticket, k5dcecon will attempt
+ * to join an existing PAG for the same principal and local
+ * user.
+ *
+ * And it should be called before access to the home directory
+ * as this may be in DFS, not accessable by root, and require
+ * the PAG to have been setup.
+ *
+ * The krb5_afs_pag can be called after this routine to
+ * use the the cache obtained by k5dcecon to get an AFS token.
+ * DEE - 7/97
+ */
+
+int krb5_dfs_pag(context, flag, principal, luser)
+ krb5_context context;
+ int flag; /* 1 if a forwarded TGT is to be used */
+ krb5_principal principal;
+ const char *luser;
+
+{
+
+ struct stat stx;
+ int fd[2];
+ int i,j;
+ int pid;
+ int new_pag;
+ int pag;
+ char newccname[MAXPATHLEN] = "";
+ char *princ;
+ int err;
+ struct sigaction newsig, oldsig;
+
+#ifdef WAIT_USES_INT
+ int wait_status;
+#else /* WAIT_USES_INT */
+ union wait wait_status;
+#endif /* WAIT_USES_INT */
+
+ if (krb5_unparse_name(context, principal, &princ))
+ return(0);
+
+ /* test if DFS is running or installed */
+ if (krb5_dfs_getpag() == -2)
+ return(0); /* DFS not running, dont try */
+
+ if (pipe(fd) == -1)
+ return(0);
+
+ /* Make sure that telnetd.c's SIGCHLD action don't happen right now... */
+ memset((char *)&newsig, 0, sizeof(newsig));
+ newsig.sa_handler = SIG_IGN;
+ sigaction(SIGCHLD, &newsig, &oldsig);
+
+ pid = fork();
+ if (pid <0)
+ return(0);
+
+ if (pid == 0) { /* child process */
+
+ close(1); /* close stdout */
+ dup(fd[1]); /* point stdout at pipe here */
+ close(fd[0]); /* don't use end of pipe here */
+ close(fd[1]); /* pipe now as stdout */
+
+ execl(K5DCECON, "k5dcecon",
+ (flag) ? "-f" : "-s" ,
+ "-l", luser,
+ "-p", princ, (char *)0);
+
+ exit(127); /* incase execl fails */
+ }
+
+ /* parent, wait for child to finish */
+
+ close(fd[1]); /* dont need this end of pipe */
+
+/* #if defined(sgi) || defined(_sgi) */
+ /* wait_status.w_status = 0; */
+ /* waitpid((pid_t) pid, &wait_status.w_status, 0); */
+/* #else */
+
+
+ wait_status = 0;
+#ifdef HAVE_WAITPID
+ err = waitpid((pid_t) pid, &wait_status, 0);
+#else /* HAVE_WAITPID */
+ err = wait4(pid, &wait_status, 0, (struct rusage *) NULL);
+#endif /* HAVE_WAITPID */
+/* #endif */
+
+ sigaction(SIGCHLD, &oldsig, 0);
+ if (WIFEXITED(wait_status)){
+ if (WEXITSTATUS(wait_status) == 0) {
+ i = 1;
+ j = 0;
+ while (i != 0) {
+ i = read(fd[0], &newccname[j], sizeof(newccname)-1-j);
+ if ( i > 0)
+ j += i;
+ if (j >= sizeof(newccname)-1)
+ i = 0;
+ }
+ close(fd[0]);
+ if (j > 0) {
+ newccname[j] = '\0';
+ esetenv("KRB5CCNAME",newccname,1);
+ sscanf(&newccname[j-8],"%8x",&new_pag);
+ if (new_pag && strncmp("FILE:/opt/dcelocal/var/security/creds/dcecred_", newccname, 46) == 0) {
+ if((pag = krb5_dfs_newpag(new_pag)) != -2) {
+ return(pag);
+ }
+ }
+ }
+ }
+ }
+ return(0); /* something not right */
+}
+
+#else /* DCE */
+
+/*
+ * krb5_dfs_pag - dummy version for the lib for systems
+ * which don't have DFS, or the needed setpag kernel code.
+ */
+
+krb5_boolean
+krb5_dfs_pag(context, principal, luser)
+ krb5_context context;
+ krb5_principal principal;
+ const char *luser;
+{
+ return(0);
+}
+
+#endif /* DCE */
diff --git a/crypto/heimdal/lib/krb5/Makefile.am b/crypto/heimdal/lib/krb5/Makefile.am
index df8ac6d84fe6..395f29ddc385 100644
--- a/crypto/heimdal/lib/krb5/Makefile.am
+++ b/crypto/heimdal/lib/krb5/Makefile.am
@@ -1,24 +1,22 @@
-# $Id: Makefile.am,v 1.98 2000/02/19 18:53:56 assar Exp $
+# $Id: Makefile.am,v 1.119 2001/01/30 01:50:52 assar Exp $
include $(top_srcdir)/Makefile.am.common
-INCLUDES += $(INCLUDE_krb4)
-
bin_PROGRAMS = verify_krb5_conf
-noinst_PROGRAMS = dump_config
+noinst_PROGRAMS = dump_config test_get_addrs
check_PROGRAMS = n-fold-test string-to-key-test
TESTS = n-fold-test string-to-key-test
-if KRB4
-KRB4LIB = $(LIB_krb4)
-keytab_krb4_c = keytab_krb4.c
-endif
-
LDADD = libkrb5.la \
- $(KRB4LIB) \
- $(top_builddir)/lib/des/libdes.la \
+ $(LIB_des) \
+ $(top_builddir)/lib/asn1/libasn1.la \
+ $(LIB_roken)
+
+libkrb5_la_LIBADD = \
+ ../com_err/error.lo ../com_err/com_err.lo \
+ $(LIB_des) \
$(top_builddir)/lib/asn1/libasn1.la \
$(LIB_roken)
@@ -27,10 +25,12 @@ lib_LTLIBRARIES = libkrb5.la
ERR_FILES = krb5_err.c heim_err.c
libkrb5_la_SOURCES = \
+ acl.c \
add_et_list.c \
addr_families.c \
address.c \
aname_to_localname.c \
+ appdefault.c \
asn1_glue.c \
auth_context.c \
build_ap_req.c \
@@ -48,6 +48,7 @@ libkrb5_la_SOURCES = \
creds.c \
crypto.c \
data.c \
+ eai_to_heim_errno.c \
expand_hostname.c \
fcache.c \
free.c \
@@ -71,8 +72,8 @@ libkrb5_la_SOURCES = \
keytab.c \
keytab_file.c \
keytab_memory.c \
- $(keytab_krb4_c) \
keytab_keyfile.c \
+ keytab_krb4.c \
krbhst.c \
kuserok.c \
log.c \
@@ -99,6 +100,7 @@ libkrb5_la_SOURCES = \
rd_safe.c \
read_message.c \
recvauth.c \
+ replay.c \
send_to_kdc.c \
sendauth.c \
set_default_realm.c \
@@ -117,9 +119,7 @@ libkrb5_la_SOURCES = \
write_message.c \
$(ERR_FILES)
-EXTRA_libkrb5_la_SOURCES = keytab_krb4.c
-
-libkrb5_la_LDFLAGS = -version-info 9:1:0
+libkrb5_la_LDFLAGS = -version-info 15:0:0
$(libkrb5_la_OBJECTS): $(srcdir)/krb5-protos.h $(srcdir)/krb5-private.h
@@ -129,11 +129,25 @@ $(srcdir)/krb5-protos.h:
$(srcdir)/krb5-private.h:
cd $(srcdir); perl ../../cf/make-proto.pl -p krb5-private.h $(libkrb5_la_SOURCES) || rm -f krb5-private.h
-libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo
-
-man_MANS = krb5.conf.5 krb5_warn.3 krb5_openlog.3 \
- krb5_425_conv_principal.3 krb5_build_principal.3 krb5_free_principal.3 \
- krb5_parse_name.3 krb5_sname_to_principal.3 krb5_unparse_name.3
+#libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo
+
+man_MANS = \
+ kerberos.8 \
+ krb5.conf.5 \
+ krb5_425_conv_principal.3 \
+ krb5_appdefault.3 \
+ krb5_build_principal.3 \
+ krb5_config.3 \
+ krb5_free_principal.3 \
+ krb5_openlog.3 \
+ krb5_parse_name.3 \
+ krb5_sname_to_principal.3 \
+ krb5_unparse_name.3 \
+ krb5_warn.3 \
+ verify_krb5_conf.8 \
+ krb5_auth_context.3 \
+ krb5_context.3 \
+ krb5_init_context.3
include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h
diff --git a/crypto/heimdal/lib/krb5/Makefile.in b/crypto/heimdal/lib/krb5/Makefile.in
index dbca9de206d5..be103d29d310 100644
--- a/crypto/heimdal/lib/krb5/Makefile.in
+++ b/crypto/heimdal/lib/krb5/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.98 2000/02/19 18:53:56 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.119 2001/01/30 01:50:52 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4)
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,59 +170,170 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
bin_PROGRAMS = verify_krb5_conf
-noinst_PROGRAMS = dump_config
+noinst_PROGRAMS = dump_config test_get_addrs
check_PROGRAMS = n-fold-test string-to-key-test
TESTS = n-fold-test string-to-key-test
-@KRB4_TRUE@KRB4LIB = $(LIB_krb4)
-@KRB4_TRUE@keytab_krb4_c = keytab_krb4.c
+LDADD = libkrb5.la \
+ $(LIB_des) \
+ $(top_builddir)/lib/asn1/libasn1.la \
+ $(LIB_roken)
+
-LDADD = libkrb5.la $(KRB4LIB) $(top_builddir)/lib/des/libdes.la $(top_builddir)/lib/asn1/libasn1.la $(LIB_roken)
+libkrb5_la_LIBADD = \
+ ../com_err/error.lo ../com_err/com_err.lo \
+ $(LIB_des) \
+ $(top_builddir)/lib/asn1/libasn1.la \
+ $(LIB_roken)
lib_LTLIBRARIES = libkrb5.la
ERR_FILES = krb5_err.c heim_err.c
-libkrb5_la_SOURCES = add_et_list.c addr_families.c address.c aname_to_localname.c asn1_glue.c auth_context.c build_ap_req.c build_auth.c cache.c changepw.c codec.c config_file.c config_file_netinfo.c convert_creds.c constants.c context.c copy_host_realm.c crc.c creds.c crypto.c data.c expand_hostname.c fcache.c free.c free_host_realm.c generate_seq_number.c generate_subkey.c get_addrs.c get_cred.c get_default_principal.c get_default_realm.c get_for_creds.c get_host_realm.c get_in_tkt.c get_in_tkt_pw.c get_in_tkt_with_keytab.c get_in_tkt_with_skey.c get_port.c init_creds.c init_creds_pw.c keyblock.c keytab.c keytab_file.c keytab_memory.c $(keytab_krb4_c) keytab_keyfile.c krbhst.c kuserok.c log.c mcache.c misc.c mk_error.c mk_priv.c mk_rep.c mk_req.c mk_req_ext.c mk_safe.c net_read.c net_write.c n-fold.c padata.c principal.c prog_setup.c prompter_posix.c rd_cred.c rd_error.c rd_priv.c rd_rep.c rd_req.c rd_safe.c read_message.c recvauth.c send_to_kdc.c sendauth.c set_default_realm.c sock_principal.c store.c store_emem.c store_fd.c store_mem.c ticket.c time.c transited.c verify_init.c verify_user.c version.c warn.c write_message.c $(ERR_FILES)
-
-
-EXTRA_libkrb5_la_SOURCES = keytab_krb4.c
-
-libkrb5_la_LDFLAGS = -version-info 9:1:0
-
-libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo
-
-man_MANS = krb5.conf.5 krb5_warn.3 krb5_openlog.3 krb5_425_conv_principal.3 krb5_build_principal.3 krb5_free_principal.3 krb5_parse_name.3 krb5_sname_to_principal.3 krb5_unparse_name.3
+libkrb5_la_SOURCES = \
+ acl.c \
+ add_et_list.c \
+ addr_families.c \
+ address.c \
+ aname_to_localname.c \
+ appdefault.c \
+ asn1_glue.c \
+ auth_context.c \
+ build_ap_req.c \
+ build_auth.c \
+ cache.c \
+ changepw.c \
+ codec.c \
+ config_file.c \
+ config_file_netinfo.c \
+ convert_creds.c \
+ constants.c \
+ context.c \
+ copy_host_realm.c \
+ crc.c \
+ creds.c \
+ crypto.c \
+ data.c \
+ eai_to_heim_errno.c \
+ expand_hostname.c \
+ fcache.c \
+ free.c \
+ free_host_realm.c \
+ generate_seq_number.c \
+ generate_subkey.c \
+ get_addrs.c \
+ get_cred.c \
+ get_default_principal.c \
+ get_default_realm.c \
+ get_for_creds.c \
+ get_host_realm.c \
+ get_in_tkt.c \
+ get_in_tkt_pw.c \
+ get_in_tkt_with_keytab.c \
+ get_in_tkt_with_skey.c \
+ get_port.c \
+ init_creds.c \
+ init_creds_pw.c \
+ keyblock.c \
+ keytab.c \
+ keytab_file.c \
+ keytab_memory.c \
+ keytab_keyfile.c \
+ keytab_krb4.c \
+ krbhst.c \
+ kuserok.c \
+ log.c \
+ mcache.c \
+ misc.c \
+ mk_error.c \
+ mk_priv.c \
+ mk_rep.c \
+ mk_req.c \
+ mk_req_ext.c \
+ mk_safe.c \
+ net_read.c \
+ net_write.c \
+ n-fold.c \
+ padata.c \
+ principal.c \
+ prog_setup.c \
+ prompter_posix.c \
+ rd_cred.c \
+ rd_error.c \
+ rd_priv.c \
+ rd_rep.c \
+ rd_req.c \
+ rd_safe.c \
+ read_message.c \
+ recvauth.c \
+ replay.c \
+ send_to_kdc.c \
+ sendauth.c \
+ set_default_realm.c \
+ sock_principal.c \
+ store.c \
+ store_emem.c \
+ store_fd.c \
+ store_mem.c \
+ ticket.c \
+ time.c \
+ transited.c \
+ verify_init.c \
+ verify_user.c \
+ version.c \
+ warn.c \
+ write_message.c \
+ $(ERR_FILES)
+
+
+libkrb5_la_LDFLAGS = -version-info 15:0:0
+
+#libkrb5_la_LIBADD = ../com_err/error.lo ../com_err/com_err.lo
+
+man_MANS = \
+ kerberos.8 \
+ krb5.conf.5 \
+ krb5_425_conv_principal.3 \
+ krb5_appdefault.3 \
+ krb5_build_principal.3 \
+ krb5_config.3 \
+ krb5_free_principal.3 \
+ krb5_openlog.3 \
+ krb5_parse_name.3 \
+ krb5_sname_to_principal.3 \
+ krb5_unparse_name.3 \
+ krb5_warn.3 \
+ verify_krb5_conf.8 \
+ krb5_auth_context.3 \
+ krb5_context.3 \
+ krb5_init_context.3
include_HEADERS = krb5.h krb5-protos.h krb5-private.h krb5_err.h heim_err.h
CLEANFILES = krb5_err.c krb5_err.h heim_err.c heim_err.h
+subdir = lib/krb5
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -214,128 +343,94 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
-libkrb5_la_DEPENDENCIES = ../com_err/error.lo ../com_err/com_err.lo
-@KRB4_TRUE@libkrb5_la_OBJECTS = add_et_list.lo addr_families.lo \
-@KRB4_TRUE@address.lo aname_to_localname.lo asn1_glue.lo \
-@KRB4_TRUE@auth_context.lo build_ap_req.lo build_auth.lo cache.lo \
-@KRB4_TRUE@changepw.lo codec.lo config_file.lo config_file_netinfo.lo \
-@KRB4_TRUE@convert_creds.lo constants.lo context.lo copy_host_realm.lo \
-@KRB4_TRUE@crc.lo creds.lo crypto.lo data.lo expand_hostname.lo \
-@KRB4_TRUE@fcache.lo free.lo free_host_realm.lo generate_seq_number.lo \
-@KRB4_TRUE@generate_subkey.lo get_addrs.lo get_cred.lo \
-@KRB4_TRUE@get_default_principal.lo get_default_realm.lo \
-@KRB4_TRUE@get_for_creds.lo get_host_realm.lo get_in_tkt.lo \
-@KRB4_TRUE@get_in_tkt_pw.lo get_in_tkt_with_keytab.lo \
-@KRB4_TRUE@get_in_tkt_with_skey.lo get_port.lo init_creds.lo \
-@KRB4_TRUE@init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \
-@KRB4_TRUE@keytab_memory.lo keytab_krb4.lo keytab_keyfile.lo krbhst.lo \
-@KRB4_TRUE@kuserok.lo log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo \
-@KRB4_TRUE@mk_rep.lo mk_req.lo mk_req_ext.lo mk_safe.lo net_read.lo \
-@KRB4_TRUE@net_write.lo n-fold.lo padata.lo principal.lo prog_setup.lo \
-@KRB4_TRUE@prompter_posix.lo rd_cred.lo rd_error.lo rd_priv.lo \
-@KRB4_TRUE@rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \
-@KRB4_TRUE@send_to_kdc.lo sendauth.lo set_default_realm.lo \
-@KRB4_TRUE@sock_principal.lo store.lo store_emem.lo store_fd.lo \
-@KRB4_TRUE@store_mem.lo ticket.lo time.lo transited.lo verify_init.lo \
-@KRB4_TRUE@verify_user.lo version.lo warn.lo write_message.lo \
-@KRB4_TRUE@krb5_err.lo heim_err.lo
-@KRB4_FALSE@libkrb5_la_OBJECTS = add_et_list.lo addr_families.lo \
-@KRB4_FALSE@address.lo aname_to_localname.lo asn1_glue.lo \
-@KRB4_FALSE@auth_context.lo build_ap_req.lo build_auth.lo cache.lo \
-@KRB4_FALSE@changepw.lo codec.lo config_file.lo config_file_netinfo.lo \
-@KRB4_FALSE@convert_creds.lo constants.lo context.lo copy_host_realm.lo \
-@KRB4_FALSE@crc.lo creds.lo crypto.lo data.lo expand_hostname.lo \
-@KRB4_FALSE@fcache.lo free.lo free_host_realm.lo generate_seq_number.lo \
-@KRB4_FALSE@generate_subkey.lo get_addrs.lo get_cred.lo \
-@KRB4_FALSE@get_default_principal.lo get_default_realm.lo \
-@KRB4_FALSE@get_for_creds.lo get_host_realm.lo get_in_tkt.lo \
-@KRB4_FALSE@get_in_tkt_pw.lo get_in_tkt_with_keytab.lo \
-@KRB4_FALSE@get_in_tkt_with_skey.lo get_port.lo init_creds.lo \
-@KRB4_FALSE@init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \
-@KRB4_FALSE@keytab_memory.lo keytab_keyfile.lo krbhst.lo kuserok.lo \
-@KRB4_FALSE@log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo mk_rep.lo \
-@KRB4_FALSE@mk_req.lo mk_req_ext.lo mk_safe.lo net_read.lo net_write.lo \
-@KRB4_FALSE@n-fold.lo padata.lo principal.lo prog_setup.lo \
-@KRB4_FALSE@prompter_posix.lo rd_cred.lo rd_error.lo rd_priv.lo \
-@KRB4_FALSE@rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \
-@KRB4_FALSE@send_to_kdc.lo sendauth.lo set_default_realm.lo \
-@KRB4_FALSE@sock_principal.lo store.lo store_emem.lo store_fd.lo \
-@KRB4_FALSE@store_mem.lo ticket.lo time.lo transited.lo verify_init.lo \
-@KRB4_FALSE@verify_user.lo version.lo warn.lo write_message.lo \
-@KRB4_FALSE@krb5_err.lo heim_err.lo
+libkrb5_la_DEPENDENCIES = ../com_err/error.lo ../com_err/com_err.lo \
+$(top_builddir)/lib/asn1/libasn1.la
+am_libkrb5_la_OBJECTS = acl.lo add_et_list.lo addr_families.lo \
+address.lo aname_to_localname.lo appdefault.lo asn1_glue.lo \
+auth_context.lo build_ap_req.lo build_auth.lo cache.lo changepw.lo \
+codec.lo config_file.lo config_file_netinfo.lo convert_creds.lo \
+constants.lo context.lo copy_host_realm.lo crc.lo creds.lo crypto.lo \
+data.lo eai_to_heim_errno.lo expand_hostname.lo fcache.lo free.lo \
+free_host_realm.lo generate_seq_number.lo generate_subkey.lo \
+get_addrs.lo get_cred.lo get_default_principal.lo get_default_realm.lo \
+get_for_creds.lo get_host_realm.lo get_in_tkt.lo get_in_tkt_pw.lo \
+get_in_tkt_with_keytab.lo get_in_tkt_with_skey.lo get_port.lo \
+init_creds.lo init_creds_pw.lo keyblock.lo keytab.lo keytab_file.lo \
+keytab_memory.lo keytab_keyfile.lo keytab_krb4.lo krbhst.lo kuserok.lo \
+log.lo mcache.lo misc.lo mk_error.lo mk_priv.lo mk_rep.lo mk_req.lo \
+mk_req_ext.lo mk_safe.lo net_read.lo net_write.lo n-fold.lo padata.lo \
+principal.lo prog_setup.lo prompter_posix.lo rd_cred.lo rd_error.lo \
+rd_priv.lo rd_rep.lo rd_req.lo rd_safe.lo read_message.lo recvauth.lo \
+replay.lo send_to_kdc.lo sendauth.lo set_default_realm.lo \
+sock_principal.lo store.lo store_emem.lo store_fd.lo store_mem.lo \
+ticket.lo time.lo transited.lo verify_init.lo verify_user.lo version.lo \
+warn.lo write_message.lo krb5_err.lo heim_err.lo
+libkrb5_la_OBJECTS = $(am_libkrb5_la_OBJECTS)
bin_PROGRAMS = verify_krb5_conf$(EXEEXT)
check_PROGRAMS = n-fold-test$(EXEEXT) string-to-key-test$(EXEEXT)
-noinst_PROGRAMS = dump_config$(EXEEXT)
+noinst_PROGRAMS = dump_config$(EXEEXT) test_get_addrs$(EXEEXT)
PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS)
-verify_krb5_conf_SOURCES = verify_krb5_conf.c
-verify_krb5_conf_OBJECTS = verify_krb5_conf.$(OBJEXT)
-verify_krb5_conf_LDADD = $(LDADD)
-@KRB4_TRUE@verify_krb5_conf_DEPENDENCIES = libkrb5.la \
-@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la
-@KRB4_FALSE@verify_krb5_conf_DEPENDENCIES = libkrb5.la \
-@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la
-verify_krb5_conf_LDFLAGS =
+dump_config_SOURCES = dump_config.c
+dump_config_OBJECTS = dump_config.$(OBJEXT)
+dump_config_LDADD = $(LDADD)
+dump_config_DEPENDENCIES = libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
+dump_config_LDFLAGS =
n_fold_test_SOURCES = n-fold-test.c
n_fold_test_OBJECTS = n-fold-test.$(OBJEXT)
n_fold_test_LDADD = $(LDADD)
-@KRB4_TRUE@n_fold_test_DEPENDENCIES = libkrb5.la \
-@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la
-@KRB4_FALSE@n_fold_test_DEPENDENCIES = libkrb5.la \
-@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la
+n_fold_test_DEPENDENCIES = libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
n_fold_test_LDFLAGS =
string_to_key_test_SOURCES = string-to-key-test.c
string_to_key_test_OBJECTS = string-to-key-test.$(OBJEXT)
string_to_key_test_LDADD = $(LDADD)
-@KRB4_TRUE@string_to_key_test_DEPENDENCIES = libkrb5.la \
-@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la
-@KRB4_FALSE@string_to_key_test_DEPENDENCIES = libkrb5.la \
-@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la
+string_to_key_test_DEPENDENCIES = libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
string_to_key_test_LDFLAGS =
-dump_config_SOURCES = dump_config.c
-dump_config_OBJECTS = dump_config.$(OBJEXT)
-dump_config_LDADD = $(LDADD)
-@KRB4_TRUE@dump_config_DEPENDENCIES = libkrb5.la \
-@KRB4_TRUE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_TRUE@$(top_builddir)/lib/asn1/libasn1.la
-@KRB4_FALSE@dump_config_DEPENDENCIES = libkrb5.la \
-@KRB4_FALSE@$(top_builddir)/lib/des/libdes.la \
-@KRB4_FALSE@$(top_builddir)/lib/asn1/libasn1.la
-dump_config_LDFLAGS =
-CFLAGS = @CFLAGS@
+test_get_addrs_SOURCES = test_get_addrs.c
+test_get_addrs_OBJECTS = test_get_addrs.$(OBJEXT)
+test_get_addrs_LDADD = $(LDADD)
+test_get_addrs_DEPENDENCIES = libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
+test_get_addrs_LDFLAGS =
+verify_krb5_conf_SOURCES = verify_krb5_conf.c
+verify_krb5_conf_OBJECTS = verify_krb5_conf.$(OBJEXT)
+verify_krb5_conf_LDADD = $(LDADD)
+verify_krb5_conf_DEPENDENCIES = libkrb5.la \
+$(top_builddir)/lib/asn1/libasn1.la
+verify_krb5_conf_LDFLAGS =
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libkrb5_la_SOURCES) dump_config.c n-fold-test.c \
+string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
man3dir = $(mandir)/man3
man5dir = $(mandir)/man5
+man8dir = $(mandir)/man8
MANS = $(man_MANS)
HEADERS = $(include_HEADERS)
-DIST_COMMON = Makefile.am Makefile.in
+depcomp =
+DIST_COMMON = $(include_HEADERS) Makefile.am Makefile.in
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
-SOURCES = $(libkrb5_la_SOURCES) $(EXTRA_libkrb5_la_SOURCES) verify_krb5_conf.c n-fold-test.c string-to-key-test.c dump_config.c
-OBJECTS = $(libkrb5_la_OBJECTS) verify_krb5_conf.$(OBJEXT) n-fold-test.$(OBJEXT) string-to-key-test.$(OBJEXT) dump_config.$(OBJEXT)
+SOURCES = $(libkrb5_la_SOURCES) dump_config.c n-fold-test.c string-to-key-test.c test_get_addrs.c verify_krb5_conf.c
+OBJECTS = $(am_libkrb5_la_OBJECTS) dump_config.$(OBJEXT) n-fold-test.$(OBJEXT) string-to-key-test.$(OBJEXT) test_get_addrs.$(OBJEXT) verify_krb5_conf.$(OBJEXT)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/krb5/Makefile
@@ -358,31 +453,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -394,15 +476,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -430,15 +503,18 @@ install-binPROGRAMS: $(bin_PROGRAMS)
$(mkinstalldirs) $(DESTDIR)$(bindir)
@list='$(bin_PROGRAMS)'; for p in $$list; do \
if test -f $$p; then \
- echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`"; \
- $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $$p $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \
+ $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \
else :; fi; \
done
uninstall-binPROGRAMS:
@$(NORMAL_UNINSTALL)
- list='$(bin_PROGRAMS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(bindir)/`echo $$p|sed 's/$(EXEEXT)$$//'|sed '$(transform)'|sed 's/$$/$(EXEEXT)/'`; \
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " rm -f $(DESTDIR)$(bindir)/$$f"; \
+ rm -f $(DESTDIR)$(bindir)/$$f; \
done
mostlyclean-checkPROGRAMS:
@@ -459,9 +535,9 @@ distclean-noinstPROGRAMS:
maintainer-clean-noinstPROGRAMS:
-verify_krb5_conf$(EXEEXT): $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_DEPENDENCIES)
- @rm -f verify_krb5_conf$(EXEEXT)
- $(LINK) $(verify_krb5_conf_LDFLAGS) $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_LDADD) $(LIBS)
+dump_config$(EXEEXT): $(dump_config_OBJECTS) $(dump_config_DEPENDENCIES)
+ @rm -f dump_config$(EXEEXT)
+ $(LINK) $(dump_config_LDFLAGS) $(dump_config_OBJECTS) $(dump_config_LDADD) $(LIBS)
n-fold-test$(EXEEXT): $(n_fold_test_OBJECTS) $(n_fold_test_DEPENDENCIES)
@rm -f n-fold-test$(EXEEXT)
@@ -471,9 +547,19 @@ string-to-key-test$(EXEEXT): $(string_to_key_test_OBJECTS) $(string_to_key_test_
@rm -f string-to-key-test$(EXEEXT)
$(LINK) $(string_to_key_test_LDFLAGS) $(string_to_key_test_OBJECTS) $(string_to_key_test_LDADD) $(LIBS)
-dump_config$(EXEEXT): $(dump_config_OBJECTS) $(dump_config_DEPENDENCIES)
- @rm -f dump_config$(EXEEXT)
- $(LINK) $(dump_config_LDFLAGS) $(dump_config_OBJECTS) $(dump_config_LDADD) $(LIBS)
+test_get_addrs$(EXEEXT): $(test_get_addrs_OBJECTS) $(test_get_addrs_DEPENDENCIES)
+ @rm -f test_get_addrs$(EXEEXT)
+ $(LINK) $(test_get_addrs_LDFLAGS) $(test_get_addrs_OBJECTS) $(test_get_addrs_LDADD) $(LIBS)
+
+verify_krb5_conf$(EXEEXT): $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_DEPENDENCIES)
+ @rm -f verify_krb5_conf$(EXEEXT)
+ $(LINK) $(verify_krb5_conf_LDFLAGS) $(verify_krb5_conf_OBJECTS) $(verify_krb5_conf_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
install-man3:
$(mkinstalldirs) $(DESTDIR)$(man3dir)
@@ -488,6 +574,7 @@ install-man3:
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man3dir)/$$inst; \
@@ -503,6 +590,7 @@ uninstall-man3:
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man3dir)/$$inst"; \
rm -f $(DESTDIR)$(man3dir)/$$inst; \
@@ -521,6 +609,7 @@ install-man5:
else file=$$i; fi; \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst"; \
$(INSTALL_DATA) $$file $(DESTDIR)$(man5dir)/$$inst; \
@@ -536,51 +625,94 @@ uninstall-man5:
for i in $$list; do \
ext=`echo $$i | sed -e 's/^.*\\.//'`; \
inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
inst=`echo $$inst | sed '$(transform)'`.$$ext; \
echo " rm -f $(DESTDIR)$(man5dir)/$$inst"; \
rm -f $(DESTDIR)$(man5dir)/$$inst; \
done
+
+install-man8:
+ $(mkinstalldirs) $(DESTDIR)$(man8dir)
+ @list='$(man8_MANS)'; \
+ l2='$(man_MANS)'; for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \
+ else file=$$i; fi; \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst"; \
+ $(INSTALL_DATA) $$file $(DESTDIR)$(man8dir)/$$inst; \
+ done
+
+uninstall-man8:
+ @list='$(man8_MANS)'; \
+ l2='$(man_MANS)'; for i in $$l2; do \
+ case "$$i" in \
+ *.8*) list="$$list $$i" ;; \
+ esac; \
+ done; \
+ for i in $$list; do \
+ ext=`echo $$i | sed -e 's/^.*\\.//'`; \
+ inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \
+ inst=`echo $$inst | sed -e 's/^.*\///'`; \
+ inst=`echo $$inst | sed '$(transform)'`.$$ext; \
+ echo " rm -f $(DESTDIR)$(man8dir)/$$inst"; \
+ rm -f $(DESTDIR)$(man8dir)/$$inst; \
+ done
install-man: $(MANS)
@$(NORMAL_INSTALL)
- $(MAKE) $(AM_MAKEFLAGS) install-man3 install-man5
+ $(MAKE) $(AM_MAKEFLAGS) install-man3 install-man5 install-man8
uninstall-man:
@$(NORMAL_UNINSTALL)
- $(MAKE) $(AM_MAKEFLAGS) uninstall-man3 uninstall-man5
+ $(MAKE) $(AM_MAKEFLAGS) uninstall-man3 uninstall-man5 uninstall-man8
install-includeHEADERS: $(include_HEADERS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(includedir)
@list='$(include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
done
uninstall-includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(includedir)/$$p; \
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -590,48 +722,76 @@ distclean-tags:
-rm -f TAGS ID
maintainer-clean-tags:
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; \
+ srcdir=$(srcdir); export srcdir; \
+ list='$(TESTS)'; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *" $$tst "*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *" $$tst "*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/krb5
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
-check-TESTS: $(TESTS)
- @failed=0; all=0; \
- srcdir=$(srcdir); export srcdir; \
- for tst in $(TESTS); do \
- if test -f $$tst; then dir=.; \
- else dir="$(srcdir)"; fi; \
- if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \
- all=`expr $$all + 1`; \
- echo "PASS: $$tst"; \
- elif test $$? -ne 77; then \
- all=`expr $$all + 1`; \
- failed=`expr $$failed + 1`; \
- echo "FAIL: $$tst"; \
- fi; \
- done; \
- if test "$$failed" -eq 0; then \
- banner="All $$all tests passed"; \
- else \
- banner="$$failed of $$all tests failed"; \
- fi; \
- dashes=`echo "$$banner" | sed s/./=/g`; \
- echo "$$dashes"; \
- echo "$$banner"; \
- echo "$$dashes"; \
- test "$$failed" -eq 0
info-am:
info: info-am
dvi-am:
@@ -659,11 +819,11 @@ uninstall: uninstall-am
all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(MANS) $(HEADERS) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
$(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(bindir) \
$(DESTDIR)$(mandir)/man3 $(DESTDIR)$(mandir)/man5 \
- $(DESTDIR)$(includedir)
+ $(DESTDIR)$(mandir)/man8 $(DESTDIR)$(includedir)
mostlyclean-generic:
@@ -676,6 +836,7 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-binPROGRAMS \
mostlyclean-checkPROGRAMS mostlyclean-noinstPROGRAMS \
@@ -720,15 +881,16 @@ install-binPROGRAMS mostlyclean-checkPROGRAMS distclean-checkPROGRAMS \
clean-checkPROGRAMS maintainer-clean-checkPROGRAMS \
mostlyclean-noinstPROGRAMS distclean-noinstPROGRAMS \
clean-noinstPROGRAMS maintainer-clean-noinstPROGRAMS install-man3 \
-uninstall-man3 install-man5 uninstall-man5 install-man uninstall-man \
-uninstall-includeHEADERS install-includeHEADERS tags mostlyclean-tags \
-distclean-tags clean-tags maintainer-clean-tags distdir check-TESTS \
-info-am info dvi-am dvi check-local check check-am installcheck-am \
-installcheck install-exec-am install-exec install-data-local \
-install-data-am install-data install-am install uninstall-am uninstall \
-all-local all-redirect all-am all installdirs mostlyclean-generic \
-distclean-generic clean-generic maintainer-clean-generic clean \
-mostlyclean distclean maintainer-clean
+uninstall-man3 install-man5 uninstall-man5 install-man8 uninstall-man8 \
+install-man uninstall-man uninstall-includeHEADERS \
+install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
+maintainer-clean-tags check-TESTS distdir info-am info dvi-am dvi \
+check-local check check-am installcheck-am installcheck install-exec-am \
+install-exec install-data-local install-data-am install-data install-am \
+install uninstall-am uninstall all-local all-redirect all-am all \
+install-strip installdirs mostlyclean-generic distclean-generic \
+clean-generic maintainer-clean-generic clean mostlyclean distclean \
+maintainer-clean
install-suid-programs:
@@ -736,7 +898,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -748,8 +913,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -818,87 +983,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/krb5/acl.c b/crypto/heimdal/lib/krb5/acl.c
new file mode 100644
index 000000000000..0106251ff580
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/acl.c
@@ -0,0 +1,189 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "krb5_locl.h"
+#include <fnmatch.h>
+
+RCSID("$Id: acl.c,v 1.1 2000/06/12 11:17:52 joda Exp $");
+
+struct acl_field {
+ enum { acl_string, acl_fnmatch, acl_retval } type;
+ union {
+ const char *cstr;
+ char **retv;
+ } u;
+ struct acl_field *next, **last;
+};
+
+static void
+acl_free_list(struct acl_field *acl)
+{
+ struct acl_field *next;
+ while(acl != NULL) {
+ next = acl->next;
+ free(acl);
+ acl = next;
+ }
+}
+
+static krb5_error_code
+acl_parse_format(krb5_context context,
+ struct acl_field **acl_ret,
+ const char *format,
+ va_list ap)
+{
+ const char *p;
+ struct acl_field *acl = NULL, *tmp;
+
+ for(p = format; *p != '\0'; p++) {
+ tmp = malloc(sizeof(*tmp));
+ if(tmp == NULL) {
+ acl_free_list(acl);
+ return ENOMEM;
+ }
+ if(*p == 's') {
+ tmp->type = acl_string;
+ tmp->u.cstr = va_arg(ap, const char*);
+ } else if(*p == 'f') {
+ tmp->type = acl_fnmatch;
+ tmp->u.cstr = va_arg(ap, const char*);
+ } else if(*p == 'r') {
+ tmp->type = acl_retval;
+ tmp->u.retv = va_arg(ap, char **);
+ }
+ tmp->next = NULL;
+ if(acl == NULL)
+ acl = tmp;
+ else
+ *acl->last = tmp;
+ acl->last = &tmp->next;
+ }
+ *acl_ret = acl;
+ return 0;
+}
+
+static krb5_boolean
+acl_match_field(krb5_context context,
+ const char *string,
+ struct acl_field *field)
+{
+ if(field->type == acl_string) {
+ return !strcmp(string, field->u.cstr);
+ } else if(field->type == acl_fnmatch) {
+ return !fnmatch(string, field->u.cstr, 0);
+ } else if(field->type == acl_retval) {
+ *field->u.retv = strdup(string);
+ return TRUE;
+ }
+ return FALSE;
+}
+
+static krb5_boolean
+acl_match_acl(krb5_context context,
+ struct acl_field *acl,
+ const char *string)
+{
+ char buf[256];
+ for(;strsep_copy(&string, " \t", buf, sizeof(buf)) != -1;
+ acl = acl->next) {
+ if(buf[0] == '\0')
+ continue; /* skip ws */
+ if(!acl_match_field(context, buf, acl)) {
+ return FALSE;
+ }
+ }
+ return TRUE;
+}
+
+
+krb5_error_code
+krb5_acl_match_string(krb5_context context,
+ const char *acl_string,
+ const char *format,
+ ...)
+{
+ krb5_error_code ret;
+ struct acl_field *acl;
+
+ va_list ap;
+ va_start(ap, format);
+ ret = acl_parse_format(context, &acl, format, ap);
+ va_end(ap);
+ if(ret)
+ return ret;
+
+ ret = acl_match_acl(context, acl, acl_string);
+
+ acl_free_list(acl);
+ return ret ? 0 : EACCES;
+}
+
+krb5_error_code
+krb5_acl_match_file(krb5_context context,
+ const char *file,
+ const char *format,
+ ...)
+{
+ krb5_error_code ret;
+ struct acl_field *acl;
+ char buf[256];
+ va_list ap;
+ FILE *f;
+
+ f = fopen(file, "r");
+ if(f == NULL)
+ return errno;
+
+ va_start(ap, format);
+ ret = acl_parse_format(context, &acl, format, ap);
+ va_end(ap);
+ if(ret) {
+ fclose(f);
+ return ret;
+ }
+
+ ret = EACCES; /* XXX */
+ while(fgets(buf, sizeof(buf), f)) {
+ if(buf[0] == '#')
+ continue;
+ if(acl_match_acl(context, acl, buf)) {
+ ret = 0;
+ goto out;
+ }
+ }
+
+ out:
+ fclose(f);
+ acl_free_list(acl);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/krb5/addr_families.c b/crypto/heimdal/lib/krb5/addr_families.c
index 9b17abdabccd..339d23b89b3d 100644
--- a/crypto/heimdal/lib/krb5/addr_families.c
+++ b/crypto/heimdal/lib/krb5/addr_families.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: addr_families.c,v 1.23 2000/02/16 02:09:00 assar Exp $");
+RCSID("$Id: addr_families.c,v 1.24 2000/07/08 13:05:43 joda Exp $");
struct addr_operations {
int af;
@@ -523,7 +523,7 @@ krb5_parse_address(krb5_context context,
error = getaddrinfo (string, NULL, NULL, &ai);
if (error)
- return -1;
+ return krb5_eai_to_heim_errno(error);
n = 0;
for (a = ai; a != NULL; a = a->ai_next)
diff --git a/crypto/heimdal/lib/krb5/appdefault.c b/crypto/heimdal/lib/krb5/appdefault.c
new file mode 100644
index 000000000000..081dec0d72a8
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/appdefault.c
@@ -0,0 +1,123 @@
+/*
+ * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "krb5_locl.h"
+
+RCSID("$Id: appdefault.c,v 1.3 2001/01/10 00:19:58 assar Exp $");
+
+void
+krb5_appdefault_boolean(krb5_context context, const char *appname,
+ krb5_realm realm, const char *option,
+ krb5_boolean def_val, krb5_boolean *ret_val)
+{
+
+ if(appname == NULL)
+ appname = __progname;
+ def_val = krb5_config_get_bool_default(context, NULL, def_val,
+ "appdefaults",
+ option,
+ NULL);
+ if(realm != NULL)
+ def_val = krb5_config_get_bool_default(context, NULL, def_val,
+ "appdefaults",
+ realm,
+ option,
+ NULL);
+ if(appname != NULL) {
+ def_val = krb5_config_get_bool_default(context, NULL, def_val,
+ "appdefaults",
+ appname,
+ option,
+ NULL);
+ if(realm != NULL)
+ def_val = krb5_config_get_bool_default(context, NULL, def_val,
+ "appdefaults",
+ appname,
+ realm,
+ option,
+ NULL);
+ }
+ *ret_val = def_val;
+}
+
+void
+krb5_appdefault_string(krb5_context context, const char *appname,
+ krb5_realm realm, const char *option,
+ const char *def_val, char **ret_val)
+{
+ if(appname == NULL)
+ appname = __progname;
+ def_val = krb5_config_get_string_default(context, NULL, def_val,
+ "appdefaults",
+ option,
+ NULL);
+ if(realm != NULL)
+ def_val = krb5_config_get_string_default(context, NULL, def_val,
+ "appdefaults",
+ realm,
+ option,
+ NULL);
+ if(appname != NULL) {
+ def_val = krb5_config_get_string_default(context, NULL, def_val,
+ "appdefaults",
+ appname,
+ option,
+ NULL);
+ if(realm != NULL)
+ def_val = krb5_config_get_string_default(context, NULL, def_val,
+ "appdefaults",
+ appname,
+ realm,
+ option,
+ NULL);
+ }
+ if(def_val != NULL)
+ *ret_val = strdup(def_val);
+ else
+ *ret_val = NULL;
+}
+
+void
+krb5_appdefault_time(krb5_context context, const char *appname,
+ krb5_realm realm, const char *option,
+ time_t def_val, time_t *ret_val)
+{
+ time_t t;
+ char tstr[32];
+ char *val;
+ snprintf(tstr, sizeof(tstr), "%ld", (long)def_val);
+ krb5_appdefault_string(context, appname, realm, option, tstr, &val);
+ t = parse_time (val, NULL);
+ free(val);
+ *ret_val = t;
+}
diff --git a/crypto/heimdal/lib/krb5/auth_context.c b/crypto/heimdal/lib/krb5/auth_context.c
index 94b1376297a6..a37c4ddcc196 100644
--- a/crypto/heimdal/lib/krb5/auth_context.c
+++ b/crypto/heimdal/lib/krb5/auth_context.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: auth_context.c,v 1.50 1999/12/02 17:05:07 joda Exp $");
+RCSID("$Id: auth_context.c,v 1.55 2000/12/10 20:01:05 assar Exp $");
krb5_error_code
krb5_auth_con_init(krb5_context context,
@@ -67,20 +67,21 @@ krb5_error_code
krb5_auth_con_free(krb5_context context,
krb5_auth_context auth_context)
{
- krb5_free_authenticator(context, &auth_context->authenticator);
- if(auth_context->local_address){
- free_HostAddress(auth_context->local_address);
- free(auth_context->local_address);
- }
- if(auth_context->remote_address){
- free_HostAddress(auth_context->remote_address);
- free(auth_context->remote_address);
- }
- if(auth_context->keyblock)
+ if (auth_context != NULL) {
+ krb5_free_authenticator(context, &auth_context->authenticator);
+ if(auth_context->local_address){
+ free_HostAddress(auth_context->local_address);
+ free(auth_context->local_address);
+ }
+ if(auth_context->remote_address){
+ free_HostAddress(auth_context->remote_address);
+ free(auth_context->remote_address);
+ }
krb5_free_keyblock(context, auth_context->keyblock);
- krb5_free_keyblock(context, auth_context->remote_subkey);
- krb5_free_keyblock(context, auth_context->local_subkey);
- free (auth_context);
+ krb5_free_keyblock(context, auth_context->remote_subkey);
+ krb5_free_keyblock(context, auth_context->local_subkey);
+ free (auth_context);
+ }
return 0;
}
@@ -128,49 +129,71 @@ krb5_auth_con_setaddrs(krb5_context context,
}
krb5_error_code
-krb5_auth_con_setaddrs_from_fd (krb5_context context,
- krb5_auth_context auth_context,
- void *p_fd)
+krb5_auth_con_genaddrs(krb5_context context,
+ krb5_auth_context auth_context,
+ int fd, int flags)
{
- int fd = *((int *)p_fd);
krb5_error_code ret;
krb5_address local_k_address, remote_k_address;
krb5_address *lptr = NULL, *rptr = NULL;
struct sockaddr_storage ss_local, ss_remote;
struct sockaddr *local = (struct sockaddr *)&ss_local;
struct sockaddr *remote = (struct sockaddr *)&ss_remote;
- int len;
-
- if (auth_context->local_address == NULL) {
- len = sizeof(ss_local);
- if(getsockname(fd, local, &len) < 0) {
- ret = errno;
- goto out;
+ socklen_t len;
+
+ if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR) {
+ if (auth_context->local_address == NULL) {
+ len = sizeof(ss_local);
+ if(getsockname(fd, local, &len) < 0) {
+ ret = errno;
+ goto out;
+ }
+ krb5_sockaddr2address (local, &local_k_address);
+ if(flags & KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR) {
+ krb5_sockaddr2port (local, &auth_context->local_port);
+ } else
+ auth_context->local_port = 0;
+ lptr = &local_k_address;
}
- krb5_sockaddr2address (local, &local_k_address);
- krb5_sockaddr2port (local, &auth_context->local_port);
- lptr = &local_k_address;
}
- if (auth_context->remote_address == NULL) {
+ if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR) {
len = sizeof(ss_remote);
if(getpeername(fd, remote, &len) < 0) {
ret = errno;
goto out;
}
krb5_sockaddr2address (remote, &remote_k_address);
- krb5_sockaddr2port (remote, &auth_context->remote_port);
+ if(flags & KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR) {
+ krb5_sockaddr2port (remote, &auth_context->remote_port);
+ } else
+ auth_context->remote_port = 0;
rptr = &remote_k_address;
}
ret = krb5_auth_con_setaddrs (context,
auth_context,
lptr,
rptr);
-out:
+ out:
if (lptr)
krb5_free_address (context, lptr);
if (rptr)
krb5_free_address (context, rptr);
return ret;
+
+}
+
+krb5_error_code
+krb5_auth_con_setaddrs_from_fd (krb5_context context,
+ krb5_auth_context auth_context,
+ void *p_fd)
+{
+ int fd = *(int*)p_fd;
+ int flags = 0;
+ if(auth_context->local_address == NULL)
+ flags |= KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR;
+ if(auth_context->remote_address == NULL)
+ flags |= KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR;
+ return krb5_auth_con_genaddrs(context, auth_context, fd, flags);
}
krb5_error_code
@@ -396,6 +419,24 @@ krb5_auth_con_setuserkey(krb5_context context,
return krb5_copy_keyblock(context, keyblock, &auth_context->keyblock);
}
+krb5_error_code
+krb5_auth_con_getrcache(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_rcache *rcache)
+{
+ *rcache = auth_context->rcache;
+ return 0;
+}
+
+krb5_error_code
+krb5_auth_con_setrcache(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_rcache rcache)
+{
+ auth_context->rcache = rcache;
+ return 0;
+}
+
#if 0 /* not implemented */
krb5_error_code
@@ -414,13 +455,4 @@ krb5_auth_con_setivector(krb5_context context,
krb5_abortx(context, "unimplemented krb5_auth_con_setivector called");
}
-
-krb5_error_code
-krb5_auth_con_setrcache(krb5_context context,
- krb5_auth_context auth_context,
- krb5_rcache rcache)
-{
- krb5_abortx(context, "unimplemented krb5_auth_con_setrcache called");
-}
-
#endif /* not implemented */
diff --git a/crypto/heimdal/lib/krb5/build_auth.c b/crypto/heimdal/lib/krb5/build_auth.c
index a38393bbf359..c75b2f1def13 100644
--- a/crypto/heimdal/lib/krb5/build_auth.c
+++ b/crypto/heimdal/lib/krb5/build_auth.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: build_auth.c,v 1.32 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: build_auth.c,v 1.34 2000/11/15 06:58:51 assar Exp $");
krb5_error_code
krb5_build_authenticator (krb5_context context,
@@ -42,7 +42,8 @@ krb5_build_authenticator (krb5_context context,
krb5_creds *cred,
Checksum *cksum,
Authenticator **auth_result,
- krb5_data *result)
+ krb5_data *result,
+ krb5_key_usage usage)
{
Authenticator *auth;
u_char *buf = NULL;
@@ -126,9 +127,11 @@ krb5_build_authenticator (krb5_context context,
} while(ret == ASN1_OVERFLOW);
ret = krb5_crypto_init(context, &cred->session, enctype, &crypto);
+ if (ret)
+ goto fail;
ret = krb5_encrypt (context,
crypto,
- KRB5_KU_AP_REQ_AUTH,
+ usage /* KRB5_KU_AP_REQ_AUTH */,
buf + buf_size - len,
len,
result);
diff --git a/crypto/heimdal/lib/krb5/cache.c b/crypto/heimdal/lib/krb5/cache.c
index e78d4deb23da..121f44f28f27 100644
--- a/crypto/heimdal/lib/krb5/cache.c
+++ b/crypto/heimdal/lib/krb5/cache.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: cache.c,v 1.44 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: cache.c,v 1.45 2000/12/05 09:18:29 joda Exp $");
/*
* Add a new ccache type with operations `ops', overwriting any
@@ -356,7 +356,9 @@ krb5_cc_remove_cred(krb5_context context,
krb5_flags which,
krb5_creds *cred)
{
- return id->ops->remove_cred(context, id, which, cred);
+ if(id->ops->remove_cred == NULL)
+ return EACCES; /* XXX */
+ return (*id->ops->remove_cred)(context, id, which, cred);
}
/*
diff --git a/crypto/heimdal/lib/krb5/changepw.c b/crypto/heimdal/lib/krb5/changepw.c
index 56c89a00f030..407abf0e1da4 100644
--- a/crypto/heimdal/lib/krb5/changepw.c
+++ b/crypto/heimdal/lib/krb5/changepw.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: changepw.c,v 1.20 2000/02/07 13:40:18 joda Exp $");
+RCSID("$Id: changepw.c,v 1.30 2000/12/10 23:10:10 assar Exp $");
static krb5_error_code
get_kdc_address (krb5_context context,
@@ -52,10 +52,12 @@ get_kdc_address (krb5_context context,
return ret;
port = ntohs(krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT));
- error = roken_getaddrinfo_hostspec(*hostlist, port, ai);
+ error = roken_getaddrinfo_hostspec2(*hostlist, SOCK_DGRAM, port, ai);
krb5_free_krbhst (context, hostlist);
- return error;
+ if(error)
+ return krb5_eai_to_heim_errno(error);
+ return 0;
}
static krb5_error_code
@@ -138,7 +140,12 @@ out2:
static void
str2data (krb5_data *d,
- char *fmt,
+ const char *fmt,
+ ...) __attribute__ ((format (printf, 2, 3)));
+
+static void
+str2data (krb5_data *d,
+ const char *fmt,
...)
{
va_list args;
@@ -261,6 +268,7 @@ krb5_change_password (krb5_context context,
int sock;
int i;
struct addrinfo *ai, *a;
+ int done = 0;
ret = krb5_auth_con_init (context, &auth_context);
if (ret)
@@ -270,58 +278,71 @@ krb5_change_password (krb5_context context,
if (ret)
goto out;
- krb5_auth_con_setflags (context, auth_context,
- KRB5_AUTH_CONTEXT_DO_SEQUENCE);
+ for (a = ai; !done && a != NULL; a = a->ai_next) {
+ int replied = 0;
- for (a = ai; a != NULL; a = a->ai_next) {
sock = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
if (sock < 0)
continue;
- for (i = 0; i < 5; ++i) {
+ for (i = 0; !done && i < 5; ++i) {
fd_set fdset;
struct timeval tv;
- ret = send_request (context,
- &auth_context,
- creds,
- sock,
- a->ai_addr,
- a->ai_addrlen,
- newpw);
- if (ret)
+ if (!replied) {
+ replied = 0;
+ ret = send_request (context,
+ &auth_context,
+ creds,
+ sock,
+ a->ai_addr,
+ a->ai_addrlen,
+ newpw);
+ if (ret) {
+ close(sock);
+ goto out;
+ }
+ }
+
+ if (sock >= FD_SETSIZE) {
+ ret = ERANGE;
+ close (sock);
goto out;
+ }
FD_ZERO(&fdset);
FD_SET(sock, &fdset);
tv.tv_usec = 0;
- tv.tv_sec = 1 << i;
+ tv.tv_sec = 1 + (1 << i);
ret = select (sock + 1, &fdset, NULL, NULL, &tv);
- if (ret < 0 && errno != EINTR)
+ if (ret < 0 && errno != EINTR) {
+ close(sock);
goto out;
- if (ret == 1)
- break;
- }
- if (i == 5) {
- ret = KRB5_KDC_UNREACH;
- close (sock);
- continue;
+ }
+ if (ret == 1) {
+ ret = process_reply (context,
+ auth_context,
+ sock,
+ result_code,
+ result_code_string,
+ result_string);
+ if (ret == 0)
+ done = 1;
+ else if (i > 0 && ret == KRB5KRB_AP_ERR_MUT_FAIL)
+ replied = 1;
+ } else {
+ ret = KRB5_KDC_UNREACH;
+ }
}
-
- ret = process_reply (context,
- auth_context,
- sock,
- result_code,
- result_code_string,
- result_string);
close (sock);
- if (ret == 0)
- break;
}
freeaddrinfo (ai);
out:
krb5_auth_con_free (context, auth_context);
- return ret;
+ if (done)
+ return 0;
+ else
+ return ret;
}
diff --git a/crypto/heimdal/lib/krb5/config_file.c b/crypto/heimdal/lib/krb5/config_file.c
index 3d1ff1e7a23e..d5d8a42b5c74 100644
--- a/crypto/heimdal/lib/krb5/config_file.c
+++ b/crypto/heimdal/lib/krb5/config_file.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997, 1998, 1999, 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
-RCSID("$Id: config_file.c,v 1.38 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: config_file.c,v 1.41 2000/08/16 07:40:36 assar Exp $");
#ifndef HAVE_NETINFO
@@ -210,7 +210,7 @@ krb5_config_parse_file_debug (const char *fname,
krb5_config_section *s;
krb5_config_binding *b;
char buf[BUFSIZ];
- int ret;
+ int ret = 0;
s = NULL;
b = NULL;
@@ -218,7 +218,7 @@ krb5_config_parse_file_debug (const char *fname,
f = fopen (fname, "r");
if (f == NULL) {
*error_message = "cannot open file";
- return -1;
+ return ENOENT;
}
*res = NULL;
while (fgets(buf, sizeof(buf), f) != NULL) {
@@ -234,20 +234,23 @@ krb5_config_parse_file_debug (const char *fname,
continue;
if (*p == '[') {
ret = parse_section(p, &s, res, error_message);
- if (ret)
- return ret;
+ if (ret) {
+ goto out;
+ }
b = NULL;
} else if (*p == '}') {
*error_message = "unmatched }";
- return -1;
+ ret = -1;
+ goto out;
} else if(*p != '\0') {
ret = parse_binding(f, lineno, p, &b, &s->u.list, error_message);
if (ret)
- return ret;
+ goto out;
}
}
+out:
fclose (f);
- return 0;
+ return ret;
}
krb5_error_code
@@ -422,6 +425,35 @@ krb5_config_vget_string (krb5_context context,
return krb5_config_vget (context, c, krb5_config_string, args);
}
+const char *
+krb5_config_vget_string_default (krb5_context context,
+ krb5_config_section *c,
+ const char *def_value,
+ va_list args)
+{
+ const char *ret;
+
+ ret = krb5_config_vget_string (context, c, args);
+ if (ret == NULL)
+ ret = def_value;
+ return ret;
+}
+
+const char *
+krb5_config_get_string_default (krb5_context context,
+ krb5_config_section *c,
+ const char *def_value,
+ ...)
+{
+ const char *ret;
+ va_list args;
+
+ va_start(args, def_value);
+ ret = krb5_config_vget_string_default (context, c, def_value, args);
+ va_end(args);
+ return ret;
+}
+
char **
krb5_config_vget_strings(krb5_context context,
krb5_config_section *c,
diff --git a/crypto/heimdal/lib/krb5/constants.c b/crypto/heimdal/lib/krb5/constants.c
index 8314c2698925..946fd4d13923 100644
--- a/crypto/heimdal/lib/krb5/constants.c
+++ b/crypto/heimdal/lib/krb5/constants.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: constants.c,v 1.4 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: constants.c,v 1.5 2000/07/14 21:53:01 joda Exp $");
const char krb5_config_file[] = "/etc/krb5.conf";
-const char krb5_defkeyname[] = "/etc/v5srvtab";
+const char krb5_defkeyname[] = KEYTAB_DEFAULT;
diff --git a/crypto/heimdal/lib/krb5/context.c b/crypto/heimdal/lib/krb5/context.c
index fb3fb617b072..0cfac9a1e6e6 100644
--- a/crypto/heimdal/lib/krb5/context.c
+++ b/crypto/heimdal/lib/krb5/context.c
@@ -33,16 +33,12 @@
#include "krb5_locl.h"
-RCSID("$Id: context.c,v 1.53 2000/02/11 17:43:43 assar Exp $");
+RCSID("$Id: context.c,v 1.59 2000/12/15 17:11:51 joda Exp $");
#define INIT_FIELD(C, T, E, D, F) \
(C)->E = krb5_config_get_ ## T ## _default ((C), NULL, (D), \
"libdefaults", F, NULL)
-#ifdef KRB4
-extern krb5_kt_ops krb4_fkt_ops;
-#endif
-
/*
* Set the list of etypes `ret_etypes' from the configuration variable
* `name'
@@ -89,27 +85,26 @@ init_context_from_config_file(krb5_context context)
INIT_FIELD(context, time, kdc_timeout, 3, "kdc_timeout");
INIT_FIELD(context, int, max_retries, 3, "max_retries");
- context->http_proxy = krb5_config_get_string(context, NULL, "libdefaults",
- "http_proxy", NULL);
+ INIT_FIELD(context, string, http_proxy, NULL, "http_proxy");
set_etypes (context, "default_etypes", &context->etypes);
set_etypes (context, "default_etypes_des", &context->etypes_des);
/* default keytab name */
- context->default_keytab = krb5_config_get_string(context, NULL,
- "libdefaults",
- "default_keytab_name",
- NULL);
- if(context->default_keytab == NULL)
- context->default_keytab = KEYTAB_DEFAULT;
-
- context->time_fmt = krb5_config_get_string(context, NULL, "libdefaults",
- "time_format", NULL);
- if(context->time_fmt == NULL)
- context->time_fmt = "%Y-%m-%dT%H:%M:%S";
- context->log_utc = krb5_config_get_bool(context, NULL, "libdefaults",
- "log_utc", NULL);
+ INIT_FIELD(context, string, default_keytab,
+ KEYTAB_DEFAULT, "default_keytab_name");
+
+ INIT_FIELD(context, string, time_fmt,
+ "%Y-%m-%dT%H:%M:%S", "time_format");
+
+ INIT_FIELD(context, string, date_fmt,
+ "%Y-%m-%d", "date_format");
+ INIT_FIELD(context, bool, log_utc,
+ FALSE, "log_utc");
+
+
+
/* init dns-proxy slime */
tmp = krb5_config_get_string(context, NULL, "libdefaults",
"dns_proxy", NULL);
@@ -136,7 +131,6 @@ init_context_from_config_file(krb5_context context)
INIT_FIELD(context, bool, scan_interfaces, TRUE, "scan_interfaces");
INIT_FIELD(context, bool, srv_lookup, TRUE, "srv_lookup");
INIT_FIELD(context, bool, srv_try_txt, FALSE, "srv_try_txt");
- INIT_FIELD(context, bool, srv_try_rfc2052, TRUE, "srv_try_rfc2052");
INIT_FIELD(context, int, fcache_vno, 0, "fcache_version");
context->cc_ops = NULL;
@@ -148,10 +142,8 @@ init_context_from_config_file(krb5_context context)
context->kt_types = NULL;
krb5_kt_register (context, &krb5_fkt_ops);
krb5_kt_register (context, &krb5_mkt_ops);
-#ifdef KRB4
- krb5_kt_register (context, &krb4_fkt_ops);
-#endif
krb5_kt_register (context, &krb5_akf_ops);
+ krb5_kt_register (context, &krb4_fkt_ops);
return 0;
}
@@ -187,8 +179,10 @@ krb5_init_context(krb5_context *context)
#endif
ret = init_context_from_config_file(p);
- if(ret)
+ if(ret) {
+ krb5_free_context(p);
return ret;
+ }
*context = p;
return 0;
@@ -211,12 +205,17 @@ krb5_free_context(krb5_context context)
free(context);
}
+/*
+ * set `etype' to a malloced list of the default enctypes
+ */
+
static krb5_error_code
default_etypes(krb5_enctype **etype)
{
krb5_enctype p[] = {
ETYPE_DES3_CBC_SHA1,
ETYPE_DES3_CBC_MD5,
+ ETYPE_ARCFOUR_HMAC_MD5,
ETYPE_DES_CBC_MD5,
ETYPE_DES_CBC_MD4,
ETYPE_DES_CBC_CRC,
diff --git a/crypto/heimdal/lib/krb5/convert_creds.c b/crypto/heimdal/lib/krb5/convert_creds.c
index 24dea0b3283d..8459ee34c63d 100644
--- a/crypto/heimdal/lib/krb5/convert_creds.c
+++ b/crypto/heimdal/lib/krb5/convert_creds.c
@@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
-RCSID("$Id: convert_creds.c,v 1.13 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: convert_creds.c,v 1.15 2000/07/11 19:30:04 joda Exp $");
static krb5_error_code
check_ticket_flags(TicketFlags f)
@@ -166,10 +166,32 @@ krb524_convert_creds_kdc(krb5_context context,
if(ret)
goto out2;
- ret = krb5_sendto_kdc (context,
+ {
+ char **hostlist;
+ int port;
+ port = krb5_getportbyname (context, "krb524", "udp", 4444);
+
+ ret = krb5_get_krbhst (context, krb5_princ_realm(context,
+ v5_creds->server),
+ &hostlist);
+ if(ret)
+ goto out2;
+
+ ret = krb5_sendto (context,
&v5_creds->ticket,
- krb5_princ_realm(context, v5_creds->server),
+ hostlist,
+ port,
&reply);
+ if(ret == KRB5_KDC_UNREACH) {
+ port = krb5_getportbyname (context, "kerberos", "udp", 88);
+ ret = krb5_sendto (context,
+ &v5_creds->ticket,
+ hostlist,
+ port,
+ &reply);
+ }
+ krb5_free_krbhst (context, hostlist);
+ }
if (ret)
goto out2;
sp = krb5_storage_from_mem(reply.data, reply.length);
diff --git a/crypto/heimdal/lib/krb5/crc.c b/crypto/heimdal/lib/krb5/crc.c
index 2f9ef95028f3..c7cedd8c9efa 100644
--- a/crypto/heimdal/lib/krb5/crc.c
+++ b/crypto/heimdal/lib/krb5/crc.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: crc.c,v 1.8 1999/12/02 17:05:08 joda Exp $");
+RCSID("$Id: crc.c,v 1.9 2000/08/03 01:45:14 assar Exp $");
static u_long table[256];
@@ -63,7 +63,7 @@ _krb5_crc_init_table(void)
}
u_int32_t
-_krb5_crc_update (char *p, size_t len, u_int32_t res)
+_krb5_crc_update (const char *p, size_t len, u_int32_t res)
{
while (len--)
res = table[(res ^ *p++) & 0xFF] ^ (res >> 8);
diff --git a/crypto/heimdal/lib/krb5/crypto.c b/crypto/heimdal/lib/krb5/crypto.c
index aef45b1c869b..0415542cf726 100644
--- a/crypto/heimdal/lib/krb5/crypto.c
+++ b/crypto/heimdal/lib/krb5/crypto.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
-RCSID("$Id: crypto.c,v 1.29 2000/01/25 23:06:55 assar Exp $");
+RCSID("$Id: crypto.c,v 1.43 2001/01/30 17:10:55 assar Exp $");
#undef CRYPTO_DEBUG
#ifdef CRYPTO_DEBUG
@@ -65,6 +65,7 @@ struct krb5_crypto_data {
#define F_DERIVED 4 /* uses derived keys */
#define F_VARIANT 8 /* uses `variant' keys (6.4.3) */
#define F_PSEUDO 16 /* not a real protocol type */
+#define F_SPECIAL 32 /* backwards */
struct salt_type {
krb5_salttype type;
@@ -93,9 +94,16 @@ struct checksum_type {
size_t blocksize;
size_t checksumsize;
unsigned flags;
- void (*checksum)(krb5_context, struct key_data*, void*, size_t, Checksum*);
- krb5_error_code (*verify)(krb5_context, struct key_data*,
- void*, size_t, Checksum*);
+ void (*checksum)(krb5_context context,
+ struct key_data *key,
+ const void *buf, size_t len,
+ unsigned usage,
+ Checksum *csum);
+ krb5_error_code (*verify)(krb5_context context,
+ struct key_data *key,
+ const void *buf, size_t len,
+ unsigned usage,
+ Checksum *csum);
};
struct encryption_type {
@@ -107,7 +115,11 @@ struct encryption_type {
struct checksum_type *cksumtype;
struct checksum_type *keyed_checksum;
unsigned flags;
- void (*encrypt)(struct key_data *, void *, size_t, int);
+ krb5_error_code (*encrypt)(struct key_data *key,
+ void *data, size_t len,
+ krb5_boolean encrypt,
+ int usage,
+ void *ivec);
};
#define ENCRYPTION_USAGE(U) (((U) << 8) | 0xAA)
@@ -189,7 +201,8 @@ DES_AFS3_CMU_string_to_key (krb5_data pw,
for(i = 0; i < 8; i++) {
char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^
- ((i < cell.length) ? ((char*)cell.data)[i] : 0);
+ ((i < cell.length) ?
+ tolower(((unsigned char*)cell.data)[i]) : 0);
password[i] = c ? c : 'X';
}
password[8] = '\0';
@@ -219,23 +232,25 @@ DES_AFS3_Transarc_string_to_key (krb5_data pw,
size_t passlen;
memcpy(password, pw.data, min(pw.length, sizeof(password)));
- if(pw.length < sizeof(password))
- memcpy(password + pw.length,
- cell.data, min(cell.length,
- sizeof(password) - pw.length));
+ if(pw.length < sizeof(password)) {
+ int len = min(cell.length, sizeof(password) - pw.length);
+ int i;
+
+ memcpy(password + pw.length, cell.data, len);
+ for (i = pw.length; i < pw.length + len; ++i)
+ password[i] = tolower((unsigned char)password[i]);
+ }
passlen = min(sizeof(password), pw.length + cell.length);
memcpy(&ivec, "kerberos", 8);
memcpy(&temp_key, "kerberos", 8);
des_set_odd_parity (&temp_key);
des_set_key (&temp_key, schedule);
- des_cbc_cksum ((const void *)password, &ivec, passlen,
- schedule, &ivec);
+ des_cbc_cksum ((des_cblock *)password, &ivec, passlen, schedule, &ivec);
memcpy(&temp_key, &ivec, 8);
des_set_odd_parity (&temp_key);
des_set_key (&temp_key, schedule);
- des_cbc_cksum ((const void *)password, key, passlen,
- schedule, &ivec);
+ des_cbc_cksum ((des_cblock *)password, key, passlen, schedule, &ivec);
memset(&schedule, 0, sizeof(schedule));
memset(&temp_key, 0, sizeof(temp_key));
memset(&ivec, 0, sizeof(ivec));
@@ -339,8 +354,8 @@ DES3_string_to_key(krb5_context context,
des_set_key(keys + i, s[i]);
}
memset(&ivec, 0, sizeof(ivec));
- des_ede3_cbc_encrypt((const void *)tmp,
- (void *)tmp, sizeof(tmp),
+ des_ede3_cbc_encrypt((des_cblock *)tmp,
+ (des_cblock *)tmp, sizeof(tmp),
s[0], s[1], s[2], &ivec, DES_ENCRYPT);
memset(s, 0, sizeof(s));
memset(&ivec, 0, sizeof(ivec));
@@ -416,7 +431,7 @@ ARCFOUR_string_to_key(krb5_context context,
int i;
MD4_CTX m;
- len = 2 * (password.length + salt.saltvalue.length);
+ len = 2 * password.length;
s = malloc (len);
if (len != 0 && s == NULL)
return ENOMEM;
@@ -424,15 +439,11 @@ ARCFOUR_string_to_key(krb5_context context,
*p++ = ((char *)password.data)[i];
*p++ = 0;
}
- for (i = 0; i < salt.saltvalue.length; ++i) {
- *p++ = ((char *)salt.saltvalue.data)[i];
- *p++ = 0;
- }
- MD4Init (&m);
- MD4Update (&m, s, len);
+ MD4_Init (&m);
+ MD4_Update (&m, s, len);
key->keytype = enctype;
krb5_data_alloc (&key->keyvalue, 16);
- MD4Final (key->keyvalue.data, &m);
+ MD4_Final (key->keyvalue.data, &m);
memset (s, 0, len);
free (s);
return 0;
@@ -670,6 +681,11 @@ krb5_string_to_key (krb5_context context,
return krb5_string_to_key_data(context, enctype, pw, principal, key);
}
+/*
+ * Do a string -> key for encryption type `enctype' operation on
+ * `password' (with salt `salt'), returning the resulting key in `key'
+ */
+
krb5_error_code
krb5_string_to_key_data_salt (krb5_context context,
krb5_enctype enctype,
@@ -687,6 +703,12 @@ krb5_string_to_key_data_salt (krb5_context context,
return HEIM_ERR_SALTTYPE_NOSUPP;
}
+/*
+ * Do a string -> key for encryption type `enctype' operation on the
+ * string `password' (with salt `salt'), returning the resulting key
+ * in `key'
+ */
+
krb5_error_code
krb5_string_to_key_salt (krb5_context context,
krb5_enctype enctype,
@@ -759,6 +781,8 @@ _key_schedule(krb5_context context,
if(kt->schedule == NULL)
return 0;
+ if (key->schedule != NULL)
+ return 0;
ALLOC(key->schedule, 1);
if(key->schedule == NULL)
return ENOMEM;
@@ -779,8 +803,9 @@ _key_schedule(krb5_context context,
static void
NONE_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
}
@@ -788,8 +813,9 @@ NONE_checksum(krb5_context context,
static void
CRC32_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
u_int32_t crc;
@@ -805,22 +831,24 @@ CRC32_checksum(krb5_context context,
static void
RSA_MD4_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
MD4_CTX m;
- MD4Init (&m);
- MD4Update (&m, data, len);
- MD4Final (C->checksum.data, &m);
+ MD4_Init (&m);
+ MD4_Update (&m, data, len);
+ MD4_Final (C->checksum.data, &m);
}
static void
RSA_MD4_DES_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *cksum)
{
MD4_CTX md4;
@@ -828,13 +856,13 @@ RSA_MD4_DES_checksum(krb5_context context,
unsigned char *p = cksum->checksum.data;
krb5_generate_random_block(p, 8);
- MD4Init (&md4);
- MD4Update (&md4, p, 8);
- MD4Update (&md4, data, len);
- MD4Final (p + 8, &md4);
+ MD4_Init (&md4);
+ MD4_Update (&md4, p, 8);
+ MD4_Update (&md4, data, len);
+ MD4_Final (p + 8, &md4);
memset (&ivec, 0, sizeof(ivec));
- des_cbc_encrypt((const void *)p,
- (void *)p,
+ des_cbc_encrypt((des_cblock*)p,
+ (des_cblock*)p,
24,
key->schedule->data,
&ivec,
@@ -844,8 +872,9 @@ RSA_MD4_DES_checksum(krb5_context context,
static krb5_error_code
RSA_MD4_DES_verify(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
MD4_CTX md4;
@@ -861,10 +890,10 @@ RSA_MD4_DES_verify(krb5_context context,
key->schedule->data,
&ivec,
DES_DECRYPT);
- MD4Init (&md4);
- MD4Update (&md4, tmp, 8); /* confounder */
- MD4Update (&md4, data, len);
- MD4Final (res, &md4);
+ MD4_Init (&md4);
+ MD4_Update (&md4, tmp, 8); /* confounder */
+ MD4_Update (&md4, data, len);
+ MD4_Final (res, &md4);
if(memcmp(res, tmp + 8, sizeof(res)) != 0)
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
memset(tmp, 0, sizeof(tmp));
@@ -875,22 +904,24 @@ RSA_MD4_DES_verify(krb5_context context,
static void
RSA_MD5_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
MD5_CTX m;
- MD5Init (&m);
- MD5Update(&m, data, len);
- MD5Final (C->checksum.data, &m);
+ MD5_Init (&m);
+ MD5_Update(&m, data, len);
+ MD5_Final (C->checksum.data, &m);
}
static void
RSA_MD5_DES_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
MD5_CTX md5;
@@ -898,13 +929,13 @@ RSA_MD5_DES_checksum(krb5_context context,
unsigned char *p = C->checksum.data;
krb5_generate_random_block(p, 8);
- MD5Init (&md5);
- MD5Update (&md5, p, 8);
- MD5Update (&md5, data, len);
- MD5Final (p + 8, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, p, 8);
+ MD5_Update (&md5, data, len);
+ MD5_Final (p + 8, &md5);
memset (&ivec, 0, sizeof(ivec));
- des_cbc_encrypt((const void *)p,
- (void *)p,
+ des_cbc_encrypt((des_cblock*)p,
+ (des_cblock*)p,
24,
key->schedule->data,
&ivec,
@@ -914,8 +945,9 @@ RSA_MD5_DES_checksum(krb5_context context,
static krb5_error_code
RSA_MD5_DES_verify(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
MD5_CTX md5;
@@ -932,10 +964,10 @@ RSA_MD5_DES_verify(krb5_context context,
sched[0],
&ivec,
DES_DECRYPT);
- MD5Init (&md5);
- MD5Update (&md5, tmp, 8); /* confounder */
- MD5Update (&md5, data, len);
- MD5Final (res, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, tmp, 8); /* confounder */
+ MD5_Update (&md5, data, len);
+ MD5_Final (res, &md5);
if(memcmp(res, tmp + 8, sizeof(res)) != 0)
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
memset(tmp, 0, sizeof(tmp));
@@ -946,8 +978,9 @@ RSA_MD5_DES_verify(krb5_context context,
static void
RSA_MD5_DES3_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
MD5_CTX md5;
@@ -956,13 +989,13 @@ RSA_MD5_DES3_checksum(krb5_context context,
des_key_schedule *sched = key->schedule->data;
krb5_generate_random_block(p, 8);
- MD5Init (&md5);
- MD5Update (&md5, p, 8);
- MD5Update (&md5, data, len);
- MD5Final (p + 8, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, p, 8);
+ MD5_Update (&md5, data, len);
+ MD5_Final (p + 8, &md5);
memset (&ivec, 0, sizeof(ivec));
- des_ede3_cbc_encrypt((const void *)p,
- (void *)p,
+ des_ede3_cbc_encrypt((des_cblock*)p,
+ (des_cblock*)p,
24,
sched[0], sched[1], sched[2],
&ivec,
@@ -972,8 +1005,9 @@ RSA_MD5_DES3_checksum(krb5_context context,
static krb5_error_code
RSA_MD5_DES3_verify(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
MD5_CTX md5;
@@ -990,10 +1024,10 @@ RSA_MD5_DES3_verify(krb5_context context,
sched[0], sched[1], sched[2],
&ivec,
DES_DECRYPT);
- MD5Init (&md5);
- MD5Update (&md5, tmp, 8); /* confounder */
- MD5Update (&md5, data, len);
- MD5Final (res, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, tmp, 8); /* confounder */
+ MD5_Update (&md5, data, len);
+ MD5_Final (res, &md5);
if(memcmp(res, tmp + 8, sizeof(res)) != 0)
ret = KRB5KRB_AP_ERR_BAD_INTEGRITY;
memset(tmp, 0, sizeof(tmp));
@@ -1004,23 +1038,25 @@ RSA_MD5_DES3_verify(krb5_context context,
static void
SHA1_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *C)
{
- SHA1_CTX m;
+ SHA_CTX m;
- SHA1Init(&m);
- SHA1Update(&m, data, len);
- SHA1Final(C->checksum.data, &m);
+ SHA1_Init(&m);
+ SHA1_Update(&m, data, len);
+ SHA1_Final(C->checksum.data, &m);
}
/* HMAC according to RFC2104 */
static void
hmac(krb5_context context,
struct checksum_type *cm,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
struct key_data *keyblock,
Checksum *result)
{
@@ -1034,6 +1070,7 @@ hmac(krb5_context context,
keyblock,
keyblock->key->keyvalue.data,
keyblock->key->keyvalue.length,
+ usage,
result);
key = result->checksum.data;
key_len = result->checksum.length;
@@ -1050,11 +1087,12 @@ hmac(krb5_context context,
opad[i] ^= key[i];
}
memcpy(ipad + cm->blocksize, data, len);
- (*cm->checksum)(context, keyblock, ipad, cm->blocksize + len, result);
+ (*cm->checksum)(context, keyblock, ipad, cm->blocksize + len,
+ usage, result);
memcpy(opad + cm->blocksize, result->checksum.data,
result->checksum.length);
(*cm->checksum)(context, keyblock, opad,
- cm->blocksize + cm->checksumsize, result);
+ cm->blocksize + cm->checksumsize, usage, result);
memset(ipad, 0, cm->blocksize + len);
free(ipad);
memset(opad, 0, cm->blocksize + cm->checksumsize);
@@ -1064,13 +1102,84 @@ hmac(krb5_context context,
static void
HMAC_SHA1_DES3_checksum(krb5_context context,
struct key_data *key,
- void *data,
+ const void *data,
size_t len,
+ unsigned usage,
Checksum *result)
{
struct checksum_type *c = _find_checksum(CKSUMTYPE_SHA1);
- hmac(context, c, data, len, key, result);
+ hmac(context, c, data, len, usage, key, result);
+}
+
+/*
+ * checksum according to section 5. of draft-brezak-win2k-krb-rc4-hmac-03.txt
+ */
+
+static void
+HMAC_MD5_checksum(krb5_context context,
+ struct key_data *key,
+ const void *data,
+ size_t len,
+ unsigned usage,
+ Checksum *result)
+{
+ MD5_CTX md5;
+ struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5);
+ const char signature[] = "signaturekey";
+ Checksum ksign_c;
+ struct key_data ksign;
+ krb5_keyblock kb;
+ unsigned char t[4];
+ unsigned char tmp[16];
+ unsigned char ksign_c_data[16];
+
+ ksign_c.checksum.length = sizeof(ksign_c_data);
+ ksign_c.checksum.data = ksign_c_data;
+ hmac(context, c, signature, sizeof(signature), 0, key, &ksign_c);
+ ksign.key = &kb;
+ kb.keyvalue = ksign_c.checksum;
+ MD5_Init (&md5);
+ t[0] = (usage >> 0) & 0xFF;
+ t[1] = (usage >> 8) & 0xFF;
+ t[2] = (usage >> 16) & 0xFF;
+ t[3] = (usage >> 24) & 0xFF;
+ MD5_Update (&md5, t, 4);
+ MD5_Update (&md5, data, len);
+ MD5_Final (tmp, &md5);
+ hmac(context, c, tmp, sizeof(tmp), 0, &ksign, result);
+}
+
+/*
+ * same as previous but being used while encrypting.
+ */
+
+static void
+HMAC_MD5_checksum_enc(krb5_context context,
+ struct key_data *key,
+ const void *data,
+ size_t len,
+ unsigned usage,
+ Checksum *result)
+{
+ struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5);
+ Checksum ksign_c;
+ struct key_data ksign;
+ krb5_keyblock kb;
+ unsigned char t[4];
+ unsigned char ksign_c_data[16];
+
+ t[0] = (usage >> 0) & 0xFF;
+ t[1] = (usage >> 8) & 0xFF;
+ t[2] = (usage >> 16) & 0xFF;
+ t[3] = (usage >> 24) & 0xFF;
+
+ ksign_c.checksum.length = sizeof(ksign_c_data);
+ ksign_c.checksum.data = ksign_c_data;
+ hmac(context, c, t, sizeof(t), 0, key, &ksign_c);
+ ksign.key = &kb;
+ kb.keyvalue = ksign_c.checksum;
+ hmac(context, c, data, len, 0, &ksign, result);
}
struct checksum_type checksum_none = {
@@ -1116,7 +1225,7 @@ struct checksum_type checksum_des_mac = {
0,
0,
0,
- DES_MAC_checksum,
+ DES_MAC_checksum
};
struct checksum_type checksum_des_mac_k = {
CKSUMTYPE_DES_MAC_K,
@@ -1124,7 +1233,7 @@ struct checksum_type checksum_des_mac_k = {
0,
0,
0,
- DES_MAC_K_checksum,
+ DES_MAC_K_checksum
};
struct checksum_type checksum_rsa_md4_des_k = {
CKSUMTYPE_RSA_MD4_DES_K,
@@ -1132,8 +1241,8 @@ struct checksum_type checksum_rsa_md4_des_k = {
0,
0,
0,
- RSA_MD4_DES_K_checksum,
- RSA_MD4_DES_K_verify,
+ RSA_MD4_DES_K_checksum,
+ RSA_MD4_DES_K_verify
};
#endif
struct checksum_type checksum_rsa_md5 = {
@@ -1152,7 +1261,7 @@ struct checksum_type checksum_rsa_md5_des = {
24,
F_KEYED | F_CPROOF | F_VARIANT,
RSA_MD5_DES_checksum,
- RSA_MD5_DES_verify,
+ RSA_MD5_DES_verify
};
struct checksum_type checksum_rsa_md5_des3 = {
CKSUMTYPE_RSA_MD5_DES3,
@@ -1161,7 +1270,7 @@ struct checksum_type checksum_rsa_md5_des3 = {
24,
F_KEYED | F_CPROOF | F_VARIANT,
RSA_MD5_DES3_checksum,
- RSA_MD5_DES3_verify,
+ RSA_MD5_DES3_verify
};
struct checksum_type checksum_sha1 = {
CKSUMTYPE_SHA1,
@@ -1182,6 +1291,26 @@ struct checksum_type checksum_hmac_sha1_des3 = {
NULL
};
+struct checksum_type checksum_hmac_md5 = {
+ CKSUMTYPE_HMAC_MD5,
+ "hmac-md5",
+ 64,
+ 16,
+ F_KEYED | F_CPROOF,
+ HMAC_MD5_checksum,
+ NULL
+};
+
+struct checksum_type checksum_hmac_md5_enc = {
+ CKSUMTYPE_HMAC_MD5_ENC,
+ "hmac-md5-enc",
+ 64,
+ 16,
+ F_KEYED | F_CPROOF | F_PSEUDO,
+ HMAC_MD5_checksum_enc,
+ NULL
+};
+
struct checksum_type *checksum_types[] = {
&checksum_none,
&checksum_crc32,
@@ -1196,7 +1325,9 @@ struct checksum_type *checksum_types[] = {
&checksum_rsa_md5_des,
&checksum_rsa_md5_des3,
&checksum_sha1,
- &checksum_hmac_sha1_des3
+ &checksum_hmac_sha1_des3,
+ &checksum_hmac_md5,
+ &checksum_hmac_md5_enc
};
static int num_checksums = sizeof(checksum_types) / sizeof(checksum_types[0]);
@@ -1257,13 +1388,15 @@ do_checksum (krb5_context context,
keyed_checksum = (ct->flags & F_KEYED) != 0;
if(keyed_checksum && crypto == NULL)
return KRB5_PROG_SUMTYPE_NOSUPP; /* XXX */
- if(keyed_checksum)
+ if(keyed_checksum) {
ret = get_checksum_key(context, crypto, usage, ct, &dkey);
- else
+ if (ret)
+ return ret;
+ } else
dkey = NULL;
result->cksumtype = ct->type;
krb5_data_alloc(&result->checksum, ct->checksumsize);
- (*ct->checksum)(context, dkey, data, len, result);
+ (*ct->checksum)(context, dkey, data, len, usage, result);
return 0;
}
@@ -1329,13 +1462,13 @@ verify_checksum(krb5_context context,
else
dkey = NULL;
if(ct->verify)
- return (*ct->verify)(context, dkey, data, len, cksum);
+ return (*ct->verify)(context, dkey, data, len, usage, cksum);
ret = krb5_data_alloc (&c.checksum, ct->checksumsize);
if (ret)
return ret;
- (*ct->checksum)(context, dkey, data, len, &c);
+ (*ct->checksum)(context, dkey, data, len, usage, &c);
if(c.checksum.length != cksum->checksum.length ||
memcmp(c.checksum.data, cksum->checksum.data, c.checksum.length))
@@ -1394,62 +1527,297 @@ krb5_checksum_is_collision_proof(krb5_context context,
* *
************************************************************/
-static void
+static krb5_error_code
NULL_encrypt(struct key_data *key,
void *data,
size_t len,
- krb5_boolean encrypt)
+ krb5_boolean encrypt,
+ int usage,
+ void *ivec)
{
+ return 0;
}
-static void
+static krb5_error_code
DES_CBC_encrypt_null_ivec(struct key_data *key,
void *data,
size_t len,
- krb5_boolean encrypt)
+ krb5_boolean encrypt,
+ int usage,
+ void *ignore_ivec)
{
des_cblock ivec;
des_key_schedule *s = key->schedule->data;
memset(&ivec, 0, sizeof(ivec));
des_cbc_encrypt(data, data, len, *s, &ivec, encrypt);
+ return 0;
}
-static void
+static krb5_error_code
DES_CBC_encrypt_key_ivec(struct key_data *key,
void *data,
size_t len,
- krb5_boolean encrypt)
+ krb5_boolean encrypt,
+ int usage,
+ void *ignore_ivec)
{
des_cblock ivec;
des_key_schedule *s = key->schedule->data;
memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
des_cbc_encrypt(data, data, len, *s, &ivec, encrypt);
+ return 0;
}
-static void
+static krb5_error_code
DES3_CBC_encrypt(struct key_data *key,
void *data,
size_t len,
- krb5_boolean encrypt)
+ krb5_boolean encrypt,
+ int usage,
+ void *ignore_ivec)
{
des_cblock ivec;
des_key_schedule *s = key->schedule->data;
memset(&ivec, 0, sizeof(ivec));
des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], &ivec, encrypt);
+ return 0;
}
-static void
+static krb5_error_code
+DES3_CBC_encrypt_ivec(struct key_data *key,
+ void *data,
+ size_t len,
+ krb5_boolean encrypt,
+ int usage,
+ void *ivec)
+{
+ des_key_schedule *s = key->schedule->data;
+
+ des_ede3_cbc_encrypt(data, data, len, s[0], s[1], s[2], ivec, encrypt);
+ return 0;
+}
+
+static krb5_error_code
+DES_CFB64_encrypt_null_ivec(struct key_data *key,
+ void *data,
+ size_t len,
+ krb5_boolean encrypt,
+ int usage,
+ void *ignore_ivec)
+{
+ des_cblock ivec;
+ int num = 0;
+ des_key_schedule *s = key->schedule->data;
+ memset(&ivec, 0, sizeof(ivec));
+
+ des_cfb64_encrypt(data, data, len, *s, &ivec, &num, encrypt);
+ return 0;
+}
+
+static krb5_error_code
+DES_PCBC_encrypt_key_ivec(struct key_data *key,
+ void *data,
+ size_t len,
+ krb5_boolean encrypt,
+ int usage,
+ void *ignore_ivec)
+{
+ des_cblock ivec;
+ des_key_schedule *s = key->schedule->data;
+ memcpy(&ivec, key->key->keyvalue.data, sizeof(ivec));
+
+ des_pcbc_encrypt(data, data, len, *s, &ivec, encrypt);
+ return 0;
+}
+
+/*
+ * section 6 of draft-brezak-win2k-krb-rc4-hmac-03
+ *
+ * warning: not for small children
+ */
+
+static krb5_error_code
+ARCFOUR_subencrypt(struct key_data *key,
+ void *data,
+ size_t len,
+ int usage,
+ void *ivec)
+{
+ struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5);
+ Checksum k1_c, k2_c, k3_c, cksum;
+ struct key_data ke;
+ krb5_keyblock kb;
+ unsigned char t[4];
+ RC4_KEY rc4_key;
+ char *cdata = (char *)data;
+ unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16];
+
+ t[0] = (usage >> 0) & 0xFF;
+ t[1] = (usage >> 8) & 0xFF;
+ t[2] = (usage >> 16) & 0xFF;
+ t[3] = (usage >> 24) & 0xFF;
+
+ k1_c.checksum.length = sizeof(k1_c_data);
+ k1_c.checksum.data = k1_c_data;
+
+ hmac(NULL, c, t, sizeof(t), 0, key, &k1_c);
+
+ memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data));
+
+ k2_c.checksum.length = sizeof(k2_c_data);
+ k2_c.checksum.data = k2_c_data;
+
+ ke.key = &kb;
+ kb.keyvalue = k2_c.checksum;
+
+ cksum.checksum.length = 16;
+ cksum.checksum.data = data;
+
+ hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum);
+
+ ke.key = &kb;
+ kb.keyvalue = k1_c.checksum;
+
+ k3_c.checksum.length = sizeof(k3_c_data);
+ k3_c.checksum.data = k3_c_data;
+
+ hmac(NULL, c, data, 16, 0, &ke, &k3_c);
+
+ RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data);
+ RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16);
+ memset (k1_c_data, 0, sizeof(k1_c_data));
+ memset (k2_c_data, 0, sizeof(k2_c_data));
+ memset (k3_c_data, 0, sizeof(k3_c_data));
+ return 0;
+}
+
+static krb5_error_code
+ARCFOUR_subdecrypt(struct key_data *key,
+ void *data,
+ size_t len,
+ int usage,
+ void *ivec)
+{
+ struct checksum_type *c = _find_checksum (CKSUMTYPE_RSA_MD5);
+ Checksum k1_c, k2_c, k3_c, cksum;
+ struct key_data ke;
+ krb5_keyblock kb;
+ unsigned char t[4];
+ RC4_KEY rc4_key;
+ char *cdata = (char *)data;
+ unsigned char k1_c_data[16], k2_c_data[16], k3_c_data[16];
+ unsigned char cksum_data[16];
+
+ t[0] = (usage >> 0) & 0xFF;
+ t[1] = (usage >> 8) & 0xFF;
+ t[2] = (usage >> 16) & 0xFF;
+ t[3] = (usage >> 24) & 0xFF;
+
+ k1_c.checksum.length = sizeof(k1_c_data);
+ k1_c.checksum.data = k1_c_data;
+
+ hmac(NULL, c, t, sizeof(t), 0, key, &k1_c);
+
+ memcpy (k2_c_data, k1_c_data, sizeof(k1_c_data));
+
+ k2_c.checksum.length = sizeof(k2_c_data);
+ k2_c.checksum.data = k2_c_data;
+
+ ke.key = &kb;
+ kb.keyvalue = k1_c.checksum;
+
+ k3_c.checksum.length = sizeof(k3_c_data);
+ k3_c.checksum.data = k3_c_data;
+
+ hmac(NULL, c, cdata, 16, 0, &ke, &k3_c);
+
+ RC4_set_key (&rc4_key, k3_c.checksum.length, k3_c.checksum.data);
+ RC4 (&rc4_key, len - 16, cdata + 16, cdata + 16);
+
+ ke.key = &kb;
+ kb.keyvalue = k2_c.checksum;
+
+ cksum.checksum.length = 16;
+ cksum.checksum.data = cksum_data;
+
+ hmac(NULL, c, cdata + 16, len - 16, 0, &ke, &cksum);
+
+ memset (k1_c_data, 0, sizeof(k1_c_data));
+ memset (k2_c_data, 0, sizeof(k2_c_data));
+ memset (k3_c_data, 0, sizeof(k3_c_data));
+
+ if (memcmp (cksum.checksum.data, data, 16) != 0)
+ return KRB5KRB_AP_ERR_BAD_INTEGRITY;
+ else
+ return 0;
+}
+
+/*
+ * convert the usage numbers used in
+ * draft-ietf-cat-kerb-key-derivation-00.txt to the ones in
+ * draft-brezak-win2k-krb-rc4-hmac-03.txt
+ */
+
+static int
+usage2arcfour (int usage)
+{
+ switch (usage) {
+ case KRB5_KU_PA_ENC_TIMESTAMP :
+ return 1;
+ case KRB5_KU_TICKET :
+ return 8;
+ case KRB5_KU_AS_REP_ENC_PART :
+ return 8;
+ case KRB5_KU_TGS_REQ_AUTH_DAT_SESSION :
+ case KRB5_KU_TGS_REQ_AUTH_DAT_SUBKEY :
+ case KRB5_KU_TGS_REQ_AUTH_CKSUM :
+ case KRB5_KU_TGS_REQ_AUTH :
+ return 7;
+ case KRB5_KU_TGS_REP_ENC_PART_SESSION :
+ case KRB5_KU_TGS_REP_ENC_PART_SUB_KEY :
+ return 8;
+ case KRB5_KU_AP_REQ_AUTH_CKSUM :
+ case KRB5_KU_AP_REQ_AUTH :
+ case KRB5_KU_AP_REQ_ENC_PART :
+ return 11;
+ case KRB5_KU_KRB_PRIV :
+ return 0;
+ case KRB5_KU_KRB_CRED :
+ case KRB5_KU_KRB_SAFE_CKSUM :
+ case KRB5_KU_OTHER_ENCRYPTED :
+ case KRB5_KU_OTHER_CKSUM :
+ case KRB5_KU_KRB_ERROR :
+ case KRB5_KU_AD_KDC_ISSUED :
+ case KRB5_KU_MANDATORY_TICKET_EXTENSION :
+ case KRB5_KU_AUTH_DATA_TICKET_EXTENSION :
+ case KRB5_KU_USAGE_SEAL :
+ case KRB5_KU_USAGE_SIGN :
+ case KRB5_KU_USAGE_SEQ :
+ default :
+ abort ();
+ }
+}
+
+static krb5_error_code
ARCFOUR_encrypt(struct key_data *key,
void *data,
size_t len,
- krb5_boolean encrypt)
+ krb5_boolean encrypt,
+ int usage,
+ void *ivec)
{
+ usage = usage2arcfour (usage);
+ if (encrypt)
+ return ARCFOUR_subencrypt (key, data, len, usage, ivec);
+ else
+ return ARCFOUR_subdecrypt (key, data, len, usage, ivec);
}
+
/*
* these should currently be in reverse preference order.
- */
+ * (only relevant for !F_PSEUDO) */
static struct encryption_type etypes[] = {
{
@@ -1496,6 +1864,17 @@ static struct encryption_type etypes[] = {
0,
DES_CBC_encrypt_null_ivec,
},
+ {
+ ETYPE_ARCFOUR_HMAC_MD5,
+ "arcfour-hmac-md5",
+ 1,
+ 8,
+ &keytype_arcfour,
+ &checksum_hmac_md5_enc,
+ &checksum_hmac_md5_enc,
+ F_SPECIAL,
+ ARCFOUR_encrypt
+ },
{
ETYPE_DES3_CBC_MD5,
"des3-cbc-md5",
@@ -1541,6 +1920,28 @@ static struct encryption_type etypes[] = {
DES_CBC_encrypt_null_ivec,
},
{
+ ETYPE_DES_CFB64_NONE,
+ "des-cfb64-none",
+ 1,
+ 0,
+ &keytype_des,
+ &checksum_none,
+ NULL,
+ F_PSEUDO,
+ DES_CFB64_encrypt_null_ivec,
+ },
+ {
+ ETYPE_DES_PCBC_NONE,
+ "des-pcbc-none",
+ 8,
+ 0,
+ &keytype_des,
+ &checksum_none,
+ NULL,
+ F_PSEUDO,
+ DES_PCBC_encrypt_key_ivec,
+ },
+ {
ETYPE_DES3_CBC_NONE,
"des3-cbc-none",
8,
@@ -1549,8 +1950,19 @@ static struct encryption_type etypes[] = {
&checksum_none,
NULL,
F_PSEUDO,
- DES_CBC_encrypt_null_ivec,
+ DES3_CBC_encrypt,
},
+ {
+ ETYPE_DES3_CBC_NONE_IVEC,
+ "des3-cbc-none-ivec",
+ 8,
+ 0,
+ &keytype_des3_derived,
+ &checksum_none,
+ NULL,
+ F_PSEUDO,
+ DES3_CBC_encrypt_ivec,
+ }
};
static unsigned num_etypes = sizeof(etypes) / sizeof(etypes[0]);
@@ -1706,6 +2118,12 @@ derived_crypto(krb5_context context,
return (crypto->et->flags & F_DERIVED) != 0;
}
+static krb5_boolean
+special_crypto(krb5_context context,
+ krb5_crypto crypto)
+{
+ return (crypto->et->flags & F_SPECIAL) != 0;
+}
#define CHECKSUMSIZE(C) ((C)->checksumsize)
#define CHECKSUMTYPE(C) ((C)->type)
@@ -1716,7 +2134,8 @@ encrypt_internal_derived(krb5_context context,
unsigned usage,
void *data,
size_t len,
- krb5_data *result)
+ krb5_data *result,
+ void *ivec)
{
size_t sz, block_sz, checksum_sz;
Checksum cksum;
@@ -1745,14 +2164,17 @@ encrypt_internal_derived(krb5_context context,
p,
block_sz,
&cksum);
- if(ret == 0 && cksum.checksum.length != checksum_sz)
- ret = KRB5_CRYPTO_INTERNAL;
+ if(ret == 0 && cksum.checksum.length != checksum_sz) {
+ free_Checksum (&cksum);
+ ret = KRB5_CRYPTO_INTERNAL;
+ }
if(ret) {
memset(p, 0, block_sz + checksum_sz);
free(p);
return ret;
}
memcpy(p + block_sz, cksum.checksum.data, cksum.checksum.length);
+ free_Checksum (&cksum);
ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey);
if(ret) {
memset(p, 0, block_sz + checksum_sz);
@@ -1768,7 +2190,7 @@ encrypt_internal_derived(krb5_context context,
#ifdef CRYPTO_DEBUG
krb5_crypto_debug(context, 1, block_sz, dkey->key);
#endif
- (*et->encrypt)(dkey, p, block_sz, 1);
+ (*et->encrypt)(dkey, p, block_sz, 1, usage, ivec);
result->data = p;
result->length = block_sz + checksum_sz;
return 0;
@@ -1779,7 +2201,8 @@ encrypt_internal(krb5_context context,
krb5_crypto crypto,
void *data,
size_t len,
- krb5_data *result)
+ krb5_data *result,
+ void *ivec)
{
size_t sz, block_sz, checksum_sz;
Checksum cksum;
@@ -1830,19 +2253,49 @@ encrypt_internal(krb5_context context,
#ifdef CRYPTO_DEBUG
krb5_crypto_debug(context, 1, block_sz, crypto->key.key);
#endif
- (*et->encrypt)(&crypto->key, p, block_sz, 1);
+ (*et->encrypt)(&crypto->key, p, block_sz, 1, 0, ivec);
result->data = p;
result->length = block_sz;
return 0;
}
static krb5_error_code
+encrypt_internal_special(krb5_context context,
+ krb5_crypto crypto,
+ int usage,
+ void *data,
+ size_t len,
+ krb5_data *result,
+ void *ivec)
+{
+ struct encryption_type *et = crypto->et;
+ size_t cksum_sz = CHECKSUMSIZE(et->cksumtype);
+ size_t sz = len + cksum_sz + et->confoundersize;
+ char *tmp, *p;
+
+ tmp = malloc (sz);
+ if (tmp == NULL)
+ return ENOMEM;
+ p = tmp;
+ memset (p, 0, cksum_sz);
+ p += cksum_sz;
+ krb5_generate_random_block(p, et->confoundersize);
+ p += et->confoundersize;
+ memcpy (p, data, len);
+ (*et->encrypt)(&crypto->key, tmp, sz, TRUE, usage, ivec);
+ result->data = tmp;
+ result->length = sz;
+ return 0;
+}
+
+static krb5_error_code
decrypt_internal_derived(krb5_context context,
krb5_crypto crypto,
unsigned usage,
void *data,
size_t len,
- krb5_data *result)
+ krb5_data *result,
+ void *ivec)
{
size_t checksum_sz;
Checksum cksum;
@@ -1852,12 +2305,15 @@ decrypt_internal_derived(krb5_context context,
struct encryption_type *et = crypto->et;
unsigned long l;
+ checksum_sz = CHECKSUMSIZE(et->keyed_checksum);
+ if (len < checksum_sz)
+ return EINVAL; /* better error code? */
+
p = malloc(len);
if(len != 0 && p == NULL)
return ENOMEM;
memcpy(p, data, len);
- checksum_sz = CHECKSUMSIZE(et->keyed_checksum);
len -= checksum_sz;
ret = _get_derived_key(context, crypto, ENCRYPTION_USAGE(usage), &dkey);
@@ -1873,7 +2329,7 @@ decrypt_internal_derived(krb5_context context,
#ifdef CRYPTO_DEBUG
krb5_crypto_debug(context, 0, len, dkey->key);
#endif
- (*et->encrypt)(dkey, p, len, 0);
+ (*et->encrypt)(dkey, p, len, 0, usage, ivec);
cksum.checksum.data = p + len;
cksum.checksum.length = checksum_sz;
@@ -1905,7 +2361,8 @@ decrypt_internal(krb5_context context,
krb5_crypto crypto,
void *data,
size_t len,
- krb5_data *result)
+ krb5_data *result,
+ void *ivec)
{
krb5_error_code ret;
unsigned char *p;
@@ -1927,11 +2384,11 @@ decrypt_internal(krb5_context context,
#ifdef CRYPTO_DEBUG
krb5_crypto_debug(context, 0, len, crypto->key.key);
#endif
- (*et->encrypt)(&crypto->key, p, len, 0);
+ (*et->encrypt)(&crypto->key, p, len, 0, 0, ivec);
ret = krb5_data_copy(&cksum.checksum, p + et->confoundersize, checksum_sz);
if(ret) {
- free(p);
- return ret;
+ free(p);
+ return ret;
}
memset(p + et->confoundersize, 0, checksum_sz);
cksum.cksumtype = CHECKSUMTYPE(et->cksumtype);
@@ -1952,6 +2409,54 @@ decrypt_internal(krb5_context context,
return 0;
}
+static krb5_error_code
+decrypt_internal_special(krb5_context context,
+ krb5_crypto crypto,
+ int usage,
+ void *data,
+ size_t len,
+ krb5_data *result,
+ void *ivec)
+{
+ struct encryption_type *et = crypto->et;
+ size_t cksum_sz = CHECKSUMSIZE(et->cksumtype);
+ size_t sz = len - cksum_sz - et->confoundersize;
+ char *cdata = (char *)data;
+ char *tmp;
+
+ tmp = malloc (sz);
+ if (tmp == NULL)
+ return ENOMEM;
+
+ (*et->encrypt)(&crypto->key, data, len, FALSE, usage, ivec);
+
+ memcpy (tmp, cdata + cksum_sz + et->confoundersize, sz);
+
+ result->data = tmp;
+ result->length = sz;
+ return 0;
+}
+
+
+krb5_error_code
+krb5_encrypt_ivec(krb5_context context,
+ krb5_crypto crypto,
+ unsigned usage,
+ void *data,
+ size_t len,
+ krb5_data *result,
+ void *ivec)
+{
+ if(derived_crypto(context, crypto))
+ return encrypt_internal_derived(context, crypto, usage,
+ data, len, result, ivec);
+ else if (special_crypto(context, crypto))
+ return encrypt_internal_special (context, crypto, usage,
+ data, len, result, ivec);
+ else
+ return encrypt_internal(context, crypto, data, len, result, ivec);
+}
+
krb5_error_code
krb5_encrypt(krb5_context context,
krb5_crypto crypto,
@@ -1960,11 +2465,7 @@ krb5_encrypt(krb5_context context,
size_t len,
krb5_data *result)
{
- if(derived_crypto(context, crypto))
- return encrypt_internal_derived(context, crypto, usage,
- data, len, result);
- else
- return encrypt_internal(context, crypto, data, len, result);
+ return krb5_encrypt_ivec(context, crypto, usage, data, len, result, NULL);
}
krb5_error_code
@@ -1986,6 +2487,25 @@ krb5_encrypt_EncryptedData(krb5_context context,
}
krb5_error_code
+krb5_decrypt_ivec(krb5_context context,
+ krb5_crypto crypto,
+ unsigned usage,
+ void *data,
+ size_t len,
+ krb5_data *result,
+ void *ivec)
+{
+ if(derived_crypto(context, crypto))
+ return decrypt_internal_derived(context, crypto, usage,
+ data, len, result, ivec);
+ else if (special_crypto (context, crypto))
+ return decrypt_internal_special(context, crypto, usage,
+ data, len, result, ivec);
+ else
+ return decrypt_internal(context, crypto, data, len, result, ivec);
+}
+
+krb5_error_code
krb5_decrypt(krb5_context context,
krb5_crypto crypto,
unsigned usage,
@@ -1993,18 +2513,15 @@ krb5_decrypt(krb5_context context,
size_t len,
krb5_data *result)
{
- if(derived_crypto(context, crypto))
- return decrypt_internal_derived(context, crypto, usage,
- data, len, result);
- else
- return decrypt_internal(context, crypto, data, len, result);
+ return krb5_decrypt_ivec (context, crypto, usage, data, len, result,
+ NULL);
}
krb5_error_code
krb5_decrypt_EncryptedData(krb5_context context,
krb5_crypto crypto,
unsigned usage,
- EncryptedData *e,
+ const EncryptedData *e,
krb5_data *result)
{
return krb5_decrypt(context, crypto, usage,
@@ -2091,7 +2608,7 @@ derive_key(krb5_context context,
ret = _key_schedule(context, key);
if(ret)
return ret;
- if(et->blocksize * 8 < kt->bits ||
+ if(et->blocksize * 8 < kt->bits ||
len != et->blocksize) {
nblocks = (kt->bits + et->blocksize * 8 - 1) / (et->blocksize * 8);
k = malloc(nblocks * et->blocksize);
@@ -2103,16 +2620,18 @@ derive_key(krb5_context context,
memcpy(k + i * et->blocksize,
k + (i - 1) * et->blocksize,
et->blocksize);
- (*et->encrypt)(key, k + i * et->blocksize, et->blocksize, 1);
+ (*et->encrypt)(key, k + i * et->blocksize, et->blocksize, 1, 0,
+ NULL);
}
} else {
+ /* this case is probably broken, but won't be run anyway */
void *c = malloc(len);
size_t res_len = (kt->bits + 7) / 8;
if(len != 0 && c == NULL)
return ENOMEM;
memcpy(c, constant, len);
- (*et->encrypt)(key, c, len, 1);
+ (*et->encrypt)(key, c, len, 1, 0, NULL);
k = malloc(res_len);
if(res_len != 0 && k == NULL)
return ENOMEM;
@@ -2265,6 +2784,35 @@ krb5_string_to_key_derived(krb5_context context,
return ret;
}
+static size_t
+wrapped_length (krb5_context context,
+ krb5_crypto crypto,
+ size_t data_len)
+{
+ struct encryption_type *et = crypto->et;
+ size_t blocksize = et->blocksize;
+ size_t res;
+
+ res = et->confoundersize + et->cksumtype->checksumsize + data_len;
+ res = (res + blocksize - 1) / blocksize * blocksize;
+ return res;
+}
+
+static size_t
+wrapped_length_dervied (krb5_context context,
+ krb5_crypto crypto,
+ size_t data_len)
+{
+ struct encryption_type *et = crypto->et;
+ size_t blocksize = et->blocksize;
+ size_t res;
+
+ res = et->confoundersize + data_len;
+ res = (res + blocksize - 1) / blocksize * blocksize;
+ res += et->cksumtype->checksumsize;
+ return res;
+}
+
/*
* Return the size of an encrypted packet of length `data_len'
*/
@@ -2274,13 +2822,10 @@ krb5_get_wrapped_length (krb5_context context,
krb5_crypto crypto,
size_t data_len)
{
- struct encryption_type *et = crypto->et;
- size_t blocksize = et->blocksize;
- size_t res;
-
- res = (data_len + blocksize - 1) / blocksize * blocksize;
- res = res + et->confoundersize + et->cksumtype->checksumsize;
- return res;
+ if (derived_crypto (context, crypto))
+ return wrapped_length_dervied (context, crypto, data_len);
+ else
+ return wrapped_length (context, crypto, data_len);
}
#ifdef CRYPTO_DEBUG
@@ -2293,9 +2838,9 @@ krb5_get_keyid(krb5_context context,
MD5_CTX md5;
unsigned char tmp[16];
- MD5Init (&md5);
- MD5Update (&md5, key->keyvalue.data, key->keyvalue.length);
- MD5Final (tmp, &md5);
+ MD5_Init (&md5);
+ MD5_Update (&md5, key->keyvalue.data, key->keyvalue.length);
+ MD5_Final (tmp, &md5);
*keyid = (tmp[12] << 24) | (tmp[13] << 16) | (tmp[14] << 8) | tmp[15];
return 0;
}
@@ -2319,3 +2864,69 @@ krb5_crypto_debug(krb5_context context,
}
#endif /* CRYPTO_DEBUG */
+
+#if 0
+int
+main()
+{
+#if 0
+ int i;
+ krb5_context context;
+ krb5_crypto crypto;
+ struct key_data *d;
+ krb5_keyblock key;
+ char constant[4];
+ unsigned usage = ENCRYPTION_USAGE(3);
+ krb5_error_code ret;
+
+ ret = krb5_init_context(&context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
+
+ key.keytype = ETYPE_NEW_DES3_CBC_SHA1;
+ key.keyvalue.data = "\xb3\x85\x58\x94\xd9\xdc\x7c\xc8"
+ "\x25\xe9\x85\xab\x3e\xb5\xfb\x0e"
+ "\xc8\xdf\xab\x26\x86\x64\x15\x25";
+ key.keyvalue.length = 24;
+
+ krb5_crypto_init(context, &key, 0, &crypto);
+
+ d = _new_derived_key(crypto, usage);
+ if(d == NULL)
+ return ENOMEM;
+ krb5_copy_keyblock(context, crypto->key.key, &d->key);
+ _krb5_put_int(constant, usage, 4);
+ derive_key(context, crypto->et, d, constant, sizeof(constant));
+ return 0;
+#else
+ int i;
+ krb5_context context;
+ krb5_crypto crypto;
+ struct key_data *d;
+ krb5_keyblock key;
+ krb5_error_code ret;
+ Checksum res;
+
+ char *data = "what do ya want for nothing?";
+
+ ret = krb5_init_context(&context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
+
+ key.keytype = ETYPE_NEW_DES3_CBC_SHA1;
+ key.keyvalue.data = "Jefe";
+ /* "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+ "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"; */
+ key.keyvalue.length = 4;
+
+ d = calloc(1, sizeof(*d));
+
+ d->key = &key;
+ res.checksum.length = 20;
+ res.checksum.data = malloc(res.checksum.length);
+ HMAC_SHA1_DES3_checksum(context, d, data, 28, &res);
+
+ return 0;
+#endif
+}
+#endif
diff --git a/crypto/heimdal/lib/krb5/eai_to_heim_errno.c b/crypto/heimdal/lib/krb5/eai_to_heim_errno.c
new file mode 100644
index 000000000000..b9272ddd6fd5
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/eai_to_heim_errno.c
@@ -0,0 +1,69 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include <krb5_locl.h>
+
+RCSID("$Id: eai_to_heim_errno.c,v 1.1 2000/07/08 13:03:36 joda Exp $");
+
+krb5_error_code
+krb5_eai_to_heim_errno(int eai_errno)
+{
+ switch(eai_errno) {
+ case EAI_NOERROR:
+ return 0;
+ case EAI_ADDRFAMILY:
+ return HEIM_EAI_ADDRFAMILY;
+ case EAI_AGAIN:
+ return HEIM_EAI_AGAIN;
+ case EAI_BADFLAGS:
+ return HEIM_EAI_BADFLAGS;
+ case EAI_FAIL:
+ return HEIM_EAI_FAIL;
+ case EAI_FAMILY:
+ return HEIM_EAI_FAMILY;
+ case EAI_MEMORY:
+ return HEIM_EAI_MEMORY;
+ case EAI_NODATA:
+ return HEIM_EAI_NODATA;
+ case EAI_NONAME:
+ return HEIM_EAI_NONAME;
+ case EAI_SERVICE:
+ return HEIM_EAI_SERVICE;
+ case EAI_SOCKTYPE:
+ return HEIM_EAI_SOCKTYPE;
+ case EAI_SYSTEM:
+ return errno;
+ default:
+ return HEIM_EAI_UNKNOWN; /* XXX */
+ }
+}
diff --git a/crypto/heimdal/lib/krb5/expand_hostname.c b/crypto/heimdal/lib/krb5/expand_hostname.c
index 3e98e8819e85..72c5718bc586 100644
--- a/crypto/heimdal/lib/krb5/expand_hostname.c
+++ b/crypto/heimdal/lib/krb5/expand_hostname.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: expand_hostname.c,v 1.8 2000/02/20 02:25:29 assar Exp $");
+RCSID("$Id: expand_hostname.c,v 1.9 2000/02/23 03:12:07 assar Exp $");
static krb5_error_code
copy_hostname(krb5_context context,
@@ -130,7 +130,7 @@ krb5_expand_hostname_realms (krb5_context context,
for (a = ai; a != NULL; a = a->ai_next) {
if (a->ai_canonname != NULL) {
- ret = copy_hostname (context, orig_hostname, new_hostname);
+ ret = copy_hostname (context, a->ai_canonname, new_hostname);
if (ret) {
freeaddrinfo (ai);
return ret;
diff --git a/crypto/heimdal/lib/krb5/fcache.c b/crypto/heimdal/lib/krb5/fcache.c
index df88e6f9c91e..fbdb3a1a6ce9 100644
--- a/crypto/heimdal/lib/krb5/fcache.c
+++ b/crypto/heimdal/lib/krb5/fcache.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: fcache.c,v 1.22 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: fcache.c,v 1.31 2000/12/05 09:15:10 joda Exp $");
typedef struct krb5_fcache{
char *filename;
@@ -83,28 +83,86 @@ fcc_resolve(krb5_context context, krb5_ccache *id, const char *res)
return 0;
}
+/*
+ * Try to scrub the contents of `filename' safely.
+ */
+
+static int
+scrub_file (int fd)
+{
+ off_t pos;
+ char buf[128];
+
+ pos = lseek(fd, 0, SEEK_END);
+ if (pos < 0)
+ return errno;
+ if (lseek(fd, 0, SEEK_SET) < 0)
+ return errno;
+ memset(buf, 0, sizeof(buf));
+ while(pos > 0) {
+ ssize_t tmp = write(fd, buf, min(sizeof(buf), pos));
+
+ if (tmp < 0)
+ return errno;
+ pos -= tmp;
+ }
+ fsync (fd);
+ return 0;
+}
+
+/*
+ * Erase `filename' if it exists, trying to remove the contents if
+ * it's `safe'. We always try to remove the file, it it exists. It's
+ * only overwritten if it's a regular file (not a symlink and not a
+ * hardlink)
+ */
+
static krb5_error_code
erase_file(const char *filename)
{
int fd;
- off_t pos;
- char buf[128];
+ struct stat sb1, sb2;
+ int ret;
+
+ ret = lstat (filename, &sb1);
+ if (ret < 0)
+ return errno;
fd = open(filename, O_RDWR | O_BINARY);
- if(fd < 0){
+ if(fd < 0) {
if(errno == ENOENT)
return 0;
else
return errno;
}
- pos = lseek(fd, 0, SEEK_END);
- lseek(fd, 0, SEEK_SET);
- memset(buf, 0, sizeof(buf));
- while(pos > 0)
- pos -= write(fd, buf, sizeof(buf));
- close(fd);
- unlink(filename);
- return 0;
+ if (unlink(filename) < 0) {
+ close (fd);
+ return errno;
+ }
+
+ ret = fstat (fd, &sb2);
+ if (ret < 0) {
+ close (fd);
+ return errno;
+ }
+
+ /* check if someone was playing with symlinks */
+
+ if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) {
+ close (fd);
+ return EPERM;
+ }
+
+ /* there are still hard links to this file */
+
+ if (sb2.st_nlink != 0) {
+ close (fd);
+ return 0;
+ }
+
+ ret = scrub_file (fd);
+ close (fd);
+ return ret;
}
static krb5_error_code
@@ -116,7 +174,7 @@ fcc_gen_new(krb5_context context, krb5_ccache *id)
f = malloc(sizeof(*f));
if(f == NULL)
return KRB5_CC_NOMEM;
- asprintf(&file, "/tmp/krb5cc_XXXXXX"); /* XXX */
+ asprintf (&file, "%sXXXXXX", KRB5_DEFAULT_CCFILE_ROOT);
if(file == NULL) {
free(f);
return KRB5_CC_NOMEM;
@@ -166,12 +224,11 @@ fcc_initialize(krb5_context context,
krb5_principal primary_principal)
{
krb5_fcache *f = FCACHE(id);
- int ret;
+ int ret = 0;
int fd;
char *filename = f->filename;
- if((ret = erase_file(filename)))
- return ret;
+ unlink (filename);
fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600);
if(fd == -1)
@@ -183,27 +240,29 @@ fcc_initialize(krb5_context context,
f->version = context->fcache_vno;
else
f->version = KRB5_FCC_FVNO_4;
- krb5_store_int8(sp, 5);
- krb5_store_int8(sp, f->version);
+ ret |= krb5_store_int8(sp, 5);
+ ret |= krb5_store_int8(sp, f->version);
storage_set_flags(context, sp, f->version);
- if(f->version == KRB5_FCC_FVNO_4) {
+ if(f->version == KRB5_FCC_FVNO_4 && ret == 0) {
/* V4 stuff */
if (context->kdc_sec_offset) {
- krb5_store_int16 (sp, 12); /* length */
- krb5_store_int16 (sp, FCC_TAG_DELTATIME); /* Tag */
- krb5_store_int16 (sp, 8); /* length of data */
- krb5_store_int32 (sp, context->kdc_sec_offset);
- krb5_store_int32 (sp, context->kdc_usec_offset);
+ ret |= krb5_store_int16 (sp, 12); /* length */
+ ret |= krb5_store_int16 (sp, FCC_TAG_DELTATIME); /* Tag */
+ ret |= krb5_store_int16 (sp, 8); /* length of data */
+ ret |= krb5_store_int32 (sp, context->kdc_sec_offset);
+ ret |= krb5_store_int32 (sp, context->kdc_usec_offset);
} else {
- krb5_store_int16 (sp, 0);
+ ret |= krb5_store_int16 (sp, 0);
}
}
- krb5_store_principal(sp, primary_principal);
+ ret |= krb5_store_principal(sp, primary_principal);
krb5_storage_free(sp);
}
- close(fd);
+ if(close(fd) < 0)
+ if (ret == 0)
+ ret = errno;
- return 0;
+ return ret;
}
static krb5_error_code
@@ -232,6 +291,7 @@ fcc_store_cred(krb5_context context,
krb5_ccache id,
krb5_creds *creds)
{
+ int ret;
int fd;
char *f;
@@ -244,11 +304,13 @@ fcc_store_cred(krb5_context context,
krb5_storage *sp;
sp = krb5_storage_from_fd(fd);
storage_set_flags(context, sp, FCACHE(id)->version);
- krb5_store_creds(sp, creds);
+ ret = krb5_store_creds(sp, creds);
krb5_storage_free(sp);
}
- close(fd);
- return 0; /* XXX */
+ if (close(fd) < 0)
+ if (ret == 0)
+ ret = errno;
+ return ret;
}
static krb5_error_code
@@ -274,12 +336,17 @@ init_fcc (krb5_context context,
int fd;
int8_t pvno, tag;
krb5_storage *sp;
+ krb5_error_code ret;
fd = open(fcache->filename, O_RDONLY | O_BINARY);
if(fd < 0)
return errno;
sp = krb5_storage_from_fd(fd);
- krb5_ret_int8(sp, &pvno);
+ ret = krb5_ret_int8(sp, &pvno);
+ if(ret == KRB5_CC_END)
+ return ENOENT;
+ if(ret)
+ return ret;
if(pvno != 5) {
krb5_storage_free(sp);
close(fd);
@@ -341,10 +408,10 @@ fcc_get_principal(krb5_context context,
ret = init_fcc (context, f, &sp, &fd);
if (ret)
return ret;
- krb5_ret_principal(sp, principal);
+ ret = krb5_ret_principal(sp, principal);
krb5_storage_free(sp);
close(fd);
- return 0;
+ return ret;
}
static krb5_error_code
diff --git a/crypto/heimdal/lib/krb5/generate_seq_number.c b/crypto/heimdal/lib/krb5/generate_seq_number.c
index a000ea1e6c36..3ebe562c2274 100644
--- a/crypto/heimdal/lib/krb5/generate_seq_number.c
+++ b/crypto/heimdal/lib/krb5/generate_seq_number.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,12 +33,12 @@
#include <krb5_locl.h>
-RCSID("$Id: generate_seq_number.c,v 1.6 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: generate_seq_number.c,v 1.7 2000/04/08 21:20:45 assar Exp $");
krb5_error_code
krb5_generate_seq_number(krb5_context context,
const krb5_keyblock *key,
- int32_t *seqno)
+ u_int32_t *seqno)
{
krb5_error_code ret;
krb5_keyblock *subkey;
diff --git a/crypto/heimdal/lib/krb5/get_addrs.c b/crypto/heimdal/lib/krb5/get_addrs.c
index 65a1b3c7bdd5..7b9d74c17464 100644
--- a/crypto/heimdal/lib/krb5/get_addrs.c
+++ b/crypto/heimdal/lib/krb5/get_addrs.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: get_addrs.c,v 1.35 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: get_addrs.c,v 1.40 2000/12/10 20:07:05 assar Exp $");
#ifdef __osf__
/* hate */
@@ -43,42 +43,35 @@ struct mbuf;
#ifdef HAVE_NET_IF_H
#include <net/if.h>
#endif
-
-#ifdef HAVE_SYS_SOCKIO_H
-#include <sys/sockio.h>
-#endif /* HAVE_SYS_SOCKIO_H */
-
-#ifdef HAVE_NETINET_IN6_VAR_H
-#include <netinet/in6_var.h>
-#endif /* HAVE_NETINET_IN6_VAR_H */
+#include <ifaddrs.h>
static krb5_error_code
gethostname_fallback (krb5_addresses *res)
{
- krb5_error_code err;
- char hostname[MAXHOSTNAMELEN];
- struct hostent *hostent;
-
- if (gethostname (hostname, sizeof(hostname)))
- return errno;
- hostent = roken_gethostbyname (hostname);
- if (hostent == NULL)
- return errno;
- res->len = 1;
- res->val = malloc (sizeof(*res->val));
- if (res->val == NULL)
- return ENOMEM;
- res->val[0].addr_type = hostent->h_addrtype;
- res->val[0].address.data = NULL;
- res->val[0].address.length = 0;
- err = krb5_data_copy (&res->val[0].address,
- hostent->h_addr,
- hostent->h_length);
- if (err) {
- free (res->val);
- return err;
- }
- return 0;
+ krb5_error_code err;
+ char hostname[MAXHOSTNAMELEN];
+ struct hostent *hostent;
+
+ if (gethostname (hostname, sizeof(hostname)))
+ return errno;
+ hostent = roken_gethostbyname (hostname);
+ if (hostent == NULL)
+ return errno;
+ res->len = 1;
+ res->val = malloc (sizeof(*res->val));
+ if (res->val == NULL)
+ return ENOMEM;
+ res->val[0].addr_type = hostent->h_addrtype;
+ res->val[0].address.data = NULL;
+ res->val[0].address.length = 0;
+ err = krb5_data_copy (&res->val[0].address,
+ hostent->h_addr,
+ hostent->h_length);
+ if (err) {
+ free (res->val);
+ return err;
+ }
+ return 0;
}
enum {
@@ -94,143 +87,96 @@ enum {
*/
static krb5_error_code
-find_all_addresses (krb5_context context,
- krb5_addresses *res, int flags,
- int af, int siocgifconf, int siocgifflags,
- size_t ifreq_sz)
+find_all_addresses (krb5_context context, krb5_addresses *res, int flags)
{
- krb5_error_code ret;
- int fd;
- size_t buf_size;
- char *buf;
- struct ifconf ifconf;
- int num, j = 0;
- char *p;
- size_t sz;
- struct sockaddr sa_zero;
- struct ifreq *ifr;
- krb5_address lo_addr;
- int got_lo = FALSE;
-
- buf = NULL;
- res->val = NULL;
-
- memset (&sa_zero, 0, sizeof(sa_zero));
- fd = socket(af, SOCK_DGRAM, 0);
- if (fd < 0)
- return -1;
+ struct sockaddr sa_zero;
+ struct ifaddrs *ifa0, *ifa;
+ krb5_error_code ret = ENXIO;
+ int num, idx;
- buf_size = 8192;
- for (;;) {
- buf = malloc(buf_size);
- if (buf == NULL) {
- ret = ENOMEM;
- goto error_out;
- }
- ifconf.ifc_len = buf_size;
- ifconf.ifc_buf = buf;
- if (ioctl (fd, siocgifconf, &ifconf) < 0) {
- ret = errno;
- goto error_out;
- }
- /*
- * Can the difference between a full and a overfull buf
- * be determined?
- */
+ res->val = NULL;
- if (ifconf.ifc_len < buf_size)
- break;
- free (buf);
- buf_size *= 2;
- }
+ if (getifaddrs(&ifa0) == -1)
+ return (errno);
- num = ifconf.ifc_len / ifreq_sz;
- res->len = num;
- res->val = calloc(num, sizeof(*res->val));
- if (res->val == NULL) {
- ret = ENOMEM;
- goto error_out;
- }
-
- j = 0;
- for (p = ifconf.ifc_buf;
- p < ifconf.ifc_buf + ifconf.ifc_len;
- p += sz) {
- struct ifreq ifreq;
- struct sockaddr *sa;
-
- ifr = (struct ifreq *)p;
- sa = &ifr->ifr_addr;
-
- sz = ifreq_sz;
-#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
- sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len);
-#endif
-#ifdef SA_LEN
- sz = max(sz, SA_LEN(sa));
-#endif
- memcpy (ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name));
+ memset(&sa_zero, 0, sizeof(sa_zero));
- if (ioctl(fd, siocgifflags, &ifreq) < 0) {
- ret = errno;
- goto error_out;
- }
+ /* First, count all the ifaddrs. */
+ for (ifa = ifa0, num = 0; ifa != NULL; ifa = ifa->ifa_next, num++)
+ /* nothing */;
- if (!(ifreq.ifr_flags & IFF_UP))
- continue;
- if (memcmp (sa, &sa_zero, sizeof(sa_zero)) == 0)
- continue;
- if (krb5_sockaddr_uninteresting (sa))
- continue;
+ if (num == 0) {
+ freeifaddrs(ifa0);
+ return (ENXIO);
+ }
- if (ifreq.ifr_flags & IFF_LOOPBACK) {
- if (flags & LOOP_IF_NONE) {
- ret = krb5_sockaddr2address (sa, &lo_addr);
- if (ret)
- goto error_out;
- got_lo = TRUE;
- continue;
- } else if((flags & LOOP) == 0)
- continue;
- }
+ /* Allocate storage for them. */
+ res->val = calloc(num, sizeof(*res->val));
+ if (res->val == NULL) {
+ freeifaddrs(ifa0);
+ return (ENOMEM);
+ }
- ret = krb5_sockaddr2address (sa, &res->val[j]);
- if (ret)
- goto error_out;
- ++j;
- }
- if ((flags & LOOP_IF_NONE) && got_lo) {
- if (j == 0)
- res->val[j++] = lo_addr;
- else
- krb5_free_address (context, &lo_addr);
- }
+ /* Now traverse the list. */
+ for (ifa = ifa0, idx = 0; ifa != NULL; ifa = ifa->ifa_next) {
+ if ((ifa->ifa_flags & IFF_UP) == 0)
+ continue;
+ if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0)
+ continue;
+ if (krb5_sockaddr_uninteresting(ifa->ifa_addr))
+ continue;
+
+ if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) {
+ /* We'll deal with the LOOP_IF_NONE case later. */
+ if ((flags & LOOP) == 0)
+ continue;
+ }
- if (j != num) {
- void *tmp;
+ ret = krb5_sockaddr2address(ifa->ifa_addr, &res->val[idx]);
+ if (ret) {
+ /*
+ * The most likely error here is going to be "Program
+ * lacks support for address type". This is no big
+ * deal -- just continue, and we'll listen on the
+ * addresses who's type we *do* support.
+ */
+ continue;
+ }
+ idx++;
+ }
- res->len = j;
- tmp = realloc (res->val, j * sizeof(*res->val));
- if (j != 0 && tmp == NULL) {
- ret = ENOMEM;
- goto error_out;
- }
- res->val = tmp;
- }
- ret = 0;
- goto cleanup;
+ /*
+ * If no addresses were found, and LOOP_IF_NONE is set, then find
+ * the loopback addresses and add them to our list.
+ */
+ if ((flags & LOOP_IF_NONE) != 0 && idx == 0) {
+ for (ifa = ifa0; ifa != NULL; ifa = ifa->ifa_next) {
+ if ((ifa->ifa_flags & IFF_UP) == 0)
+ continue;
+ if (memcmp(ifa->ifa_addr, &sa_zero, sizeof(sa_zero)) == 0)
+ continue;
+ if (krb5_sockaddr_uninteresting(ifa->ifa_addr))
+ continue;
+
+ if ((ifa->ifa_flags & IFF_LOOPBACK) != 0) {
+ ret = krb5_sockaddr2address(ifa->ifa_addr, &res->val[idx]);
+ if (ret) {
+ /*
+ * See comment above.
+ */
+ continue;
+ }
+ idx++;
+ }
+ }
+ }
-error_out:
- if (got_lo)
- krb5_free_address (context, &lo_addr);
- while(j--) {
- krb5_free_address (context, &res->val[j]);
- }
- free (res->val);
-cleanup:
- close (fd);
- free (buf);
- return ret;
+ freeifaddrs(ifa0);
+ if (ret)
+ free(res->val);
+ else
+ res->len = idx; /* Now a count. */
+ return (ret);
}
static krb5_error_code
@@ -239,26 +185,9 @@ get_addrs_int (krb5_context context, krb5_addresses *res, int flags)
krb5_error_code ret = -1;
if (flags & SCAN_INTERFACES) {
-#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS)
- if (ret)
- ret = find_all_addresses (context, res, flags,
- AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS,
- sizeof(struct in6_ifreq));
-#endif
-#if defined(HAVE_IPV6) && defined(SIOCGIFCONF)
- if (ret)
- ret = find_all_addresses (context, res, flags,
- AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS,
- sizeof(struct ifreq));
-#endif
-#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS)
- if (ret)
- ret = find_all_addresses (context, res, flags,
- AF_INET, SIOCGIFCONF, SIOCGIFFLAGS,
- sizeof(struct ifreq));
+ ret = find_all_addresses (context, res, flags);
if(ret || res->len == 0)
ret = gethostname_fallback (res);
-#endif
} else
ret = 0;
diff --git a/crypto/heimdal/lib/krb5/get_cred.c b/crypto/heimdal/lib/krb5/get_cred.c
index 61951c1a4daf..e649cfeac91d 100644
--- a/crypto/heimdal/lib/krb5/get_cred.c
+++ b/crypto/heimdal/lib/krb5/get_cred.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_cred.c,v 1.75 1999/12/02 17:05:09 joda Exp $");
+RCSID("$Id: get_cred.c,v 1.82 2001/01/19 04:29:44 assar Exp $");
/*
* Take the `body' and encode it into `padata' using the credentials
@@ -82,12 +82,13 @@ make_pa_tgs_req(krb5_context context,
in_data.data = buf + buf_size - len;
ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds,
&padata->padata_value,
- KRB5_KU_TGS_REQ_AUTH_CKSUM);
+ KRB5_KU_TGS_REQ_AUTH_CKSUM,
+ KRB5_KU_TGS_REQ_AUTH);
out:
free (buf);
if(ret)
return ret;
- padata->padata_type = pa_tgs_req;
+ padata->padata_type = KRB5_PADATA_TGS_REQ;
return 0;
}
@@ -191,6 +192,10 @@ init_tgs_req (krb5_context context,
ret = ENOMEM;
goto fail;
}
+
+ /* some versions of some code might require that the client be
+ present in TGS-REQs, but this is clearly against the spec */
+
ret = copy_PrincipalName(&in_creds->server->name, t->req_body.sname);
if (ret)
goto fail;
@@ -273,6 +278,7 @@ init_tgs_req (krb5_context context,
}
fail:
if (ret)
+ /* XXX - don't free addresses? */
free_TGS_REQ (t);
return ret;
}
@@ -320,7 +326,9 @@ decrypt_tkt_with_subkey (krb5_context context,
size_t size;
krb5_crypto crypto;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
usage,
@@ -329,7 +337,9 @@ decrypt_tkt_with_subkey (krb5_context context,
krb5_crypto_destroy(context, crypto);
if(ret && subkey){
/* DCE compat -- try to decrypt with subkey */
- krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto);
+ ret = krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_TGS_REP_ENC_PART_SUB_KEY,
@@ -471,6 +481,7 @@ get_cred_kdc(krb5_context context,
&krbtgt->addresses,
nonce,
TRUE,
+ flags.b.request_anonymous,
decrypt_tkt_with_subkey,
subkey);
krb5_free_kdc_rep(context, &rep);
@@ -610,7 +621,7 @@ get_cred_from_kdc_flags(krb5_context context,
{
krb5_error_code ret;
krb5_creds *tgt, tmp_creds;
- krb5_realm client_realm, server_realm;
+ krb5_const_realm client_realm, server_realm, try_realm;
*out_creds = NULL;
@@ -620,9 +631,15 @@ get_cred_from_kdc_flags(krb5_context context,
ret = krb5_copy_principal(context, in_creds->client, &tmp_creds.client);
if(ret)
return ret;
+
+ try_realm = krb5_config_get_string(context, NULL, "libdefaults",
+ "capath", server_realm, NULL);
+ if (try_realm == NULL)
+ try_realm = client_realm;
+
ret = krb5_make_principal(context,
&tmp_creds.server,
- client_realm,
+ try_realm,
KRB5_TGS_NAME,
server_realm,
NULL);
@@ -642,8 +659,10 @@ get_cred_from_kdc_flags(krb5_context context,
else {
ret = get_cred_kdc_la(context, ccache, flags,
in_creds, &tgts, *out_creds);
- if (ret)
+ if (ret) {
free (*out_creds);
+ *out_creds = NULL;
+ }
}
krb5_free_creds_contents(context, &tgts);
krb5_free_principal(context, tmp_creds.server);
@@ -656,8 +675,7 @@ get_cred_from_kdc_flags(krb5_context context,
/* XXX this can loop forever */
while(1){
general_string tgt_inst;
- krb5_kdc_flags f;
- f.i = 0;
+
ret = get_cred_from_kdc_flags(context, flags, ccache, &tmp_creds,
&tgt, ret_tgts);
if(ret) {
@@ -698,8 +716,10 @@ get_cred_from_kdc_flags(krb5_context context,
else {
ret = get_cred_kdc_la(context, ccache, flags,
in_creds, tgt, *out_creds);
- if (ret)
+ if (ret) {
free (*out_creds);
+ *out_creds = NULL;
+ }
}
krb5_free_creds(context, tgt);
return ret;
@@ -729,20 +749,24 @@ krb5_get_credentials_with_flags(krb5_context context,
{
krb5_error_code ret;
krb5_creds **tgts;
+ krb5_creds *res_creds;
int i;
- *out_creds = calloc(1, sizeof(**out_creds));
- if (*out_creds == NULL)
+ *out_creds = NULL;
+ res_creds = calloc(1, sizeof(*res_creds));
+ if (res_creds == NULL)
return ENOMEM;
ret = krb5_cc_retrieve_cred(context,
ccache,
in_creds->session.keytype ?
KRB5_TC_MATCH_KEYTYPE : 0,
- in_creds, *out_creds);
- if(ret == 0)
+ in_creds, res_creds);
+ if(ret == 0) {
+ *out_creds = res_creds;
return 0;
- free(*out_creds);
+ }
+ free(res_creds);
if(ret != KRB5_CC_END)
return ret;
if(options & KRB5_GC_CACHED)
@@ -752,7 +776,7 @@ krb5_get_credentials_with_flags(krb5_context context,
tgts = NULL;
ret = get_cred_from_kdc_flags(context, flags, ccache,
in_creds, out_creds, &tgts);
- for(i = 0; tgts && tgts[i]; i++){
+ for(i = 0; tgts && tgts[i]; i++) {
krb5_cc_store_cred(context, ccache, tgts[i]);
krb5_free_creds(context, tgts[i]);
}
diff --git a/crypto/heimdal/lib/krb5/get_for_creds.c b/crypto/heimdal/lib/krb5/get_for_creds.c
index 977515facd26..103b7571714c 100644
--- a/crypto/heimdal/lib/krb5/get_for_creds.c
+++ b/crypto/heimdal/lib/krb5/get_for_creds.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_for_creds.c,v 1.21 1999/12/20 00:57:37 assar Exp $");
+RCSID("$Id: get_for_creds.c,v 1.27 2000/08/18 06:47:40 assar Exp $");
static krb5_error_code
add_addrs(krb5_context context,
@@ -41,7 +41,7 @@ add_addrs(krb5_context context,
struct addrinfo *ai)
{
krb5_error_code ret;
- unsigned n, i;
+ unsigned n, i, j;
void *tmp;
struct addrinfo *a;
@@ -57,11 +57,18 @@ add_addrs(krb5_context context,
goto fail;
}
addr->val = tmp;
+ for (j = i; j < addr->len; ++j) {
+ addr->val[i].addr_type = 0;
+ krb5_data_zero(&addr->val[i].address);
+ }
for (a = ai; a != NULL; a = a->ai_next) {
- ret = krb5_sockaddr2address (a->ai_addr, &addr->val[i++]);
- if (ret)
+ ret = krb5_sockaddr2address (a->ai_addr, &addr->val[i]);
+ if (ret == 0)
+ ++i;
+ else if (ret != KRB5_PROG_ATYPE_NOSUPP)
goto fail;
}
+ addr->len = i;
return 0;
fail:
krb5_free_addresses (context, addr);
@@ -137,7 +144,7 @@ krb5_get_forwarded_creds (krb5_context context,
ret = getaddrinfo (hostname, NULL, NULL, &ai);
if (ret)
- return ret;
+ return krb5_eai_to_heim_errno(ret);
ret = add_addrs (context, &addrs, ai);
freeaddrinfo (ai);
@@ -194,22 +201,26 @@ krb5_get_forwarded_creds (krb5_context context,
}
*enc_krb_cred_part.usec = usec;
- ret = krb5_make_addrport (&enc_krb_cred_part.s_address,
- auth_context->local_address,
- auth_context->local_port);
- if (ret)
- goto out4;
-
- ALLOC(enc_krb_cred_part.r_address, 1);
- if (enc_krb_cred_part.r_address == NULL) {
- ret = ENOMEM;
- goto out4;
+ if (auth_context->local_address && auth_context->local_port) {
+ ret = krb5_make_addrport (&enc_krb_cred_part.s_address,
+ auth_context->local_address,
+ auth_context->local_port);
+ if (ret)
+ goto out4;
}
- ret = krb5_copy_address (context, auth_context->remote_address,
- enc_krb_cred_part.r_address);
- if (ret)
- goto out4;
+ if (auth_context->remote_address) {
+ ALLOC(enc_krb_cred_part.r_address, 1);
+ if (enc_krb_cred_part.r_address == NULL) {
+ ret = ENOMEM;
+ goto out4;
+ }
+
+ ret = krb5_copy_address (context, auth_context->remote_address,
+ enc_krb_cred_part.r_address);
+ if (ret)
+ goto out4;
+ }
/* fill ticket_info.val[0] */
@@ -252,7 +263,11 @@ krb5_get_forwarded_creds (krb5_context context,
return ret;
}
- krb5_crypto_init(context, auth_context->local_subkey, 0, &crypto);
+ ret = krb5_crypto_init(context, auth_context->local_subkey, 0, &crypto);
+ if (ret) {
+ free_KRB_CRED(&cred);
+ return ret;
+ }
ret = krb5_encrypt_EncryptedData (context,
crypto,
KRB5_KU_KRB_CRED,
diff --git a/crypto/heimdal/lib/krb5/get_in_tkt.c b/crypto/heimdal/lib/krb5/get_in_tkt.c
index e043d1d3e4f3..84afe5e4d65f 100644
--- a/crypto/heimdal/lib/krb5/get_in_tkt.c
+++ b/crypto/heimdal/lib/krb5/get_in_tkt.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: get_in_tkt.c,v 1.94 2000/02/06 05:18:20 assar Exp $");
+RCSID("$Id: get_in_tkt.c,v 1.97 2000/08/18 06:47:54 assar Exp $");
krb5_error_code
krb5_init_etype (krb5_context context,
@@ -85,7 +85,9 @@ decrypt_tkt (krb5_context context,
size_t size;
krb5_crypto crypto;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
@@ -124,6 +126,7 @@ _krb5_extract_ticket(krb5_context context,
krb5_addresses *addrs,
unsigned nonce,
krb5_boolean allow_server_mismatch,
+ krb5_boolean ignore_cname,
krb5_decrypt_proc decrypt_proc,
krb5_const_pointer decryptarg)
{
@@ -133,20 +136,26 @@ _krb5_extract_ticket(krb5_context context,
time_t tmp_time;
krb5_timestamp sec_now;
- /* compare client */
-
ret = principalname2krb5_principal (&tmp_principal,
rep->kdc_rep.cname,
rep->kdc_rep.crealm);
if (ret)
goto out;
- tmp = krb5_principal_compare (context, tmp_principal, creds->client);
- krb5_free_principal (context, tmp_principal);
- if (!tmp) {
- ret = KRB5KRB_AP_ERR_MODIFIED;
- goto out;
+
+ /* compare client */
+
+ if (!ignore_cname) {
+ tmp = krb5_principal_compare (context, tmp_principal, creds->client);
+ if (!tmp) {
+ krb5_free_principal (context, tmp_principal);
+ ret = KRB5KRB_AP_ERR_MODIFIED;
+ goto out;
+ }
}
-
+
+ krb5_free_principal (context, creds->client);
+ creds->client = tmp_principal;
+
/* extract ticket */
{
unsigned char *buf;
@@ -314,7 +323,9 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
if (ret)
return ret;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_encrypt_EncryptedData(context,
crypto,
KRB5_KU_PA_ENC_TIMESTAMP,
@@ -333,7 +344,7 @@ make_pa_enc_timestamp(krb5_context context, PA_DATA *pa,
free_EncryptedData(&encdata);
if (ret)
return ret;
- pa->padata_type = pa_enc_timestamp;
+ pa->padata_type = KRB5_PADATA_ENC_TIMESTAMP;
pa->padata_value.length = 0;
krb5_data_copy(&pa->padata_value,
buf + sizeof(buf) - len,
@@ -575,10 +586,10 @@ set_ptypes(krb5_context context,
NULL);
for(i = 0; i < md.len; i++){
switch(md.val[i].padata_type){
- case pa_enc_timestamp:
+ case KRB5_PADATA_ENC_TIMESTAMP:
*ptypes = ptypes2;
break;
- case pa_etype_info:
+ case KRB5_PADATA_ETYPE_INFO:
*preauth = &preauth2;
ALLOC_SEQ(*preauth, 1);
(*preauth)->val[0].type = KRB5_PADATA_ENC_TIMESTAMP;
@@ -588,6 +599,8 @@ set_ptypes(krb5_context context,
&(*preauth)->val[0].info,
NULL);
break;
+ default:
+ break;
}
}
free_METHOD_DATA(&md);
@@ -707,12 +720,12 @@ krb5_get_in_cred(krb5_context context,
if(rep.kdc_rep.padata){
int index = 0;
pa = krb5_find_padata(rep.kdc_rep.padata->val, rep.kdc_rep.padata->len,
- pa_pw_salt, &index);
+ KRB5_PADATA_PW_SALT, &index);
if(pa == NULL) {
index = 0;
pa = krb5_find_padata(rep.kdc_rep.padata->val,
rep.kdc_rep.padata->len,
- pa_afs3_salt, &index);
+ KRB5_PADATA_AFS3_SALT, &index);
}
}
if(pa) {
@@ -741,6 +754,7 @@ krb5_get_in_cred(krb5_context context,
NULL,
nonce,
FALSE,
+ opts.b.request_anonymous,
decrypt_proc,
decryptarg);
memset (key->keyvalue.data, 0, key->keyvalue.length);
diff --git a/crypto/heimdal/lib/krb5/get_port.c b/crypto/heimdal/lib/krb5/get_port.c
index 17bb45f67d43..6c517414bc0d 100644
--- a/crypto/heimdal/lib/krb5/get_port.c
+++ b/crypto/heimdal/lib/krb5/get_port.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_port.c,v 1.7 1999/12/02 17:05:10 joda Exp $");
+RCSID("$Id: get_port.c,v 1.8 2001/01/27 19:24:34 joda Exp $");
int
krb5_getportbyname (krb5_context context,
@@ -44,8 +44,10 @@ krb5_getportbyname (krb5_context context,
struct servent *sp;
if ((sp = roken_getservbyname (service, proto)) == NULL) {
+#if 0
krb5_warnx(context, "%s/%s unknown service, using default port %d",
service, proto, default_port);
+#endif
return htons(default_port);
} else
return sp->s_port;
diff --git a/crypto/heimdal/lib/krb5/heim_err.et b/crypto/heimdal/lib/krb5/heim_err.et
index 5ec35434f396..09145f2dea25 100644
--- a/crypto/heimdal/lib/krb5/heim_err.et
+++ b/crypto/heimdal/lib/krb5/heim_err.et
@@ -3,7 +3,7 @@
#
# This might look like a com_err file, but is not
#
-id "$Id: heim_err.et,v 1.7 1999/08/25 20:49:17 joda Exp $"
+id "$Id: heim_err.et,v 1.10 2000/07/08 13:02:11 joda Exp $"
error_table heim
@@ -14,5 +14,23 @@ error_code V4_PRINC_NO_CONV, "Failed to convert v4 principal"
error_code SALTTYPE_NOSUPP, "Salt type is not supported by enctype"
error_code NOHOST, "Host not found"
error_code OPNOTSUPP, "Operation not supported"
+error_code EOF, "End of file"
+error_code BAD_MKEY, "Failed to get the master key"
+
+index 128
+prefix HEIM_EAI
+#error_code NOERROR, "no error"
+error_code UNKNOWN, "unknown error from getaddrinfo"
+error_code ADDRFAMILY, "address family for nodename not supported"
+error_code AGAIN, "temporary failure in name resolution"
+error_code BADFLAGS, "invalid value for ai_flags"
+error_code FAIL, "non-recoverable failure in name resolution"
+error_code FAMILY, "ai_family not supported"
+error_code MEMORY, "memory allocation failure"
+error_code NODATA, "no address associated with nodename"
+error_code NONAME, "nodename nor servname provided, or not known"
+error_code SERVICE, "servname not supported for ai_socktype"
+error_code SOCKTYPE, "ai_socktype not supported"
+error_code SYSTEM, "system error returned in errno"
end
diff --git a/crypto/heimdal/lib/krb5/init_creds.c b/crypto/heimdal/lib/krb5/init_creds.c
index 404fa5a2acb4..f6c571adda7f 100644
--- a/crypto/heimdal/lib/krb5/init_creds.c
+++ b/crypto/heimdal/lib/krb5/init_creds.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: init_creds.c,v 1.2 1999/12/02 17:05:10 joda Exp $");
+RCSID("$Id: init_creds.c,v 1.5 2001/01/05 16:27:39 joda Exp $");
void
krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt)
@@ -43,6 +43,48 @@ krb5_get_init_creds_opt_init(krb5_get_init_creds_opt *opt)
}
void
+krb5_get_init_creds_opt_set_default_flags(krb5_context context,
+ const char *appname,
+ krb5_realm realm,
+ krb5_get_init_creds_opt *opt)
+{
+ krb5_boolean b;
+ time_t t;
+
+ krb5_appdefault_boolean(context, appname, realm, "forwardable", FALSE, &b);
+ krb5_get_init_creds_opt_set_forwardable(opt, b);
+
+ krb5_appdefault_boolean(context, appname, realm, "proxiable", FALSE, &b);
+ krb5_get_init_creds_opt_set_proxiable (opt, b);
+
+ krb5_appdefault_time(context, appname, realm, "ticket_life", 0, &t);
+ if(t != 0)
+ krb5_get_init_creds_opt_set_tkt_life(opt, t);
+
+ krb5_appdefault_time(context, appname, realm, "renewable_life", 0, &t);
+ if(t != 0)
+ krb5_get_init_creds_opt_set_renew_life(opt, t);
+
+#if 0
+ krb5_appdefault_boolean(context, appname, realm, "anonymous", FALSE, &b);
+ krb5_get_init_creds_opt_set_anonymous (opt, b);
+
+ krb5_get_init_creds_opt_set_etype_list(opt, enctype,
+ etype_str.num_strings);
+
+ krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt,
+ krb5_data *salt);
+
+ krb5_get_init_creds_opt_set_preauth_list(krb5_get_init_creds_opt *opt,
+ krb5_preauthtype *preauth_list,
+ int preauth_list_length);
+ krb5_get_init_creds_opt_set_address_list(krb5_get_init_creds_opt *opt,
+ krb5_addresses *addresses);
+#endif
+}
+
+
+void
krb5_get_init_creds_opt_set_tkt_life(krb5_get_init_creds_opt *opt,
krb5_deltat tkt_life)
{
@@ -109,3 +151,11 @@ krb5_get_init_creds_opt_set_salt(krb5_get_init_creds_opt *opt,
opt->flags |= KRB5_GET_INIT_CREDS_OPT_SALT;
opt->salt = salt;
}
+
+void
+krb5_get_init_creds_opt_set_anonymous(krb5_get_init_creds_opt *opt,
+ int anonymous)
+{
+ opt->flags |= KRB5_GET_INIT_CREDS_OPT_ANONYMOUS;
+ opt->anonymous = anonymous;
+}
diff --git a/crypto/heimdal/lib/krb5/init_creds_pw.c b/crypto/heimdal/lib/krb5/init_creds_pw.c
index 3caf93967fdc..8881d13ab46f 100644
--- a/crypto/heimdal/lib/krb5/init_creds_pw.c
+++ b/crypto/heimdal/lib/krb5/init_creds_pw.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: init_creds_pw.c,v 1.38 2000/02/07 03:17:20 assar Exp $");
+RCSID("$Id: init_creds_pw.c,v 1.44 2000/07/24 03:46:40 assar Exp $");
static int
get_config_time (krb5_context context,
@@ -178,9 +178,9 @@ print_expire (krb5_context context,
if (lr->val[i].lr_type == 6
&& lr->val[i].lr_value <= t) {
char *p;
+ time_t tmp = lr->val[i].lr_value;
- asprintf (&p, "Your password will expire at %s",
- ctime(&lr->val[i].lr_value));
+ asprintf (&p, "Your password will expire at %s", ctime(&tmp));
(*prompter) (context, data, p, 0, NULL);
free (p);
return;
@@ -190,9 +190,9 @@ print_expire (krb5_context context,
if (rep->enc_part.key_expiration
&& *rep->enc_part.key_expiration <= t) {
char *p;
+ time_t t = *rep->enc_part.key_expiration;
- asprintf (&p, "Your password/account will expire at %s",
- ctime(rep->enc_part.key_expiration));
+ asprintf (&p, "Your password/account will expire at %s", ctime(&t));
(*prompter) (context, data, p, 0, NULL);
free (p);
}
@@ -263,6 +263,8 @@ get_init_creds_common(krb5_context context,
}
if (options->flags & KRB5_GET_INIT_CREDS_OPT_SALT)
; /* XXX */
+ if (options->flags & KRB5_GET_INIT_CREDS_OPT_ANONYMOUS)
+ flags->b.request_anonymous = options->anonymous;
return 0;
}
@@ -291,9 +293,12 @@ change_password (krb5_context context,
krb5_get_init_creds_opt_init (&options);
krb5_get_init_creds_opt_set_tkt_life (&options, 60);
- krb5_get_init_creds_opt_set_preauth_list (&options,
- old_options->preauth_list,
- old_options->preauth_list_length);
+ krb5_get_init_creds_opt_set_forwardable (&options, FALSE);
+ krb5_get_init_creds_opt_set_proxiable (&options, FALSE);
+ if (old_options->flags & KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST)
+ krb5_get_init_creds_opt_set_preauth_list (&options,
+ old_options->preauth_list,
+ old_options->preauth_list_length);
krb5_data_zero (&result_code_string);
krb5_data_zero (&result_string);
@@ -438,6 +443,12 @@ krb5_get_init_creds_password(krb5_context context,
done = 1;
break;
case KRB5KDC_ERR_KEY_EXPIRED :
+ /* try to avoid recursion */
+
+ if (in_tkt_service != NULL
+ && strcmp (in_tkt_service, "kadmin/changepw") == 0)
+ goto out;
+
ret = change_password (context,
client,
password,
diff --git a/crypto/heimdal/lib/krb5/kerberos.8 b/crypto/heimdal/lib/krb5/kerberos.8
new file mode 100644
index 000000000000..1b2ec91e05cc
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/kerberos.8
@@ -0,0 +1,73 @@
+.\" $Id: kerberos.8,v 1.1 2000/09/01 15:52:24 joda Exp $
+.\"
+.Dd September 1, 2000
+.Dt KERBEROS 8
+.Os HEIMDAL
+.Sh NAME
+.Nm kerberos
+.Nd introduction to the Kerberos system
+.Sh DESCRIPTION
+Kerberos is a network authentication system. It's purpose is to
+securely authenticate users and services in an insecure network
+environment.
+.Pp
+This is done with a Kerberos server acting as a trusted third party,
+keeping a database with secret keys for all users and services
+(collectively called
+.Em principals ) .
+.Pp
+Each principal belongs to exactly one
+.Em realm ,
+which is the administrative domain in Kerberos. A realm usually
+corresponds to an organisation, and the realm should normally be
+derived from that organisation's domain name. A realm is served by one
+or more Kerberos servers.
+.Pp
+The authentication process involves exchange of
+.Sq tickets
+and
+.Sq authenticators
+which together prove the principal's identity.
+.Pp
+When you login to the Kerberos system, either through the normal
+system login or with the
+.Xr kinit 1
+program, you acquire a
+.Em ticket granting ticket
+which allows you to get new tickets for other services, such as
+.Ic telnet
+or
+.Ic ftp ,
+without giving your password.
+.Pp
+For more information on how Kerberos works, and other general Kerberos
+questions see the Kerberos FAQ at
+.Ad http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html .
+
+For setup instructions see the Heimdal Texinfo manual.
+.Sh SEE ALSO
+.Xr ftp 1
+.Xr kdestroy 1 ,
+.Xr kinit 1 ,
+.Xr klist 1 ,
+.Xr kpasswd 1 ,
+.Xr telnet 1
+.Sh HISTORY
+The Kerberos authentication system was developed in the late 1980's as
+part of the Athena Project at the Massachusetts Institute of
+Technology. Versions one through three never reached outside MIT, but
+version 4 was (and still is) quite popular, especially in the academic
+community, but is also used in commercial products like the AFS
+filesystem.
+.Pp
+The problems with version 4 are that it has many limitations, the code
+was not too well written (since it had been developed over a long
+time), and it has a number of known security problems. To resolve many
+of these issues work on version five started, and resulted in IETF
+RFC1510 in 1993. Since then much work has been put into the further
+development, and a new RFC will hopefully appear soon.
+.Pp
+This manual manual page is part of the
+.Nm Heimdal
+Kerberos 5 distribution, which has been in development at the Royal
+Institute of Technology in Stockholm, Sweden, since about 1997.
diff --git a/crypto/heimdal/lib/krb5/keyblock.c b/crypto/heimdal/lib/krb5/keyblock.c
index 89732a0d4afa..124d9bcac232 100644
--- a/crypto/heimdal/lib/krb5/keyblock.c
+++ b/crypto/heimdal/lib/krb5/keyblock.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,6 +33,8 @@
#include "krb5_locl.h"
+RCSID("$Id: keyblock.c,v 1.11 2000/03/23 03:38:25 assar Exp $");
+
void
krb5_free_keyblock_contents(krb5_context context,
krb5_keyblock *keyblock)
diff --git a/crypto/heimdal/lib/krb5/keytab_keyfile.c b/crypto/heimdal/lib/krb5/keytab_keyfile.c
index fa14e624f00e..ffdf35cf6176 100644
--- a/crypto/heimdal/lib/krb5/keytab_keyfile.c
+++ b/crypto/heimdal/lib/krb5/keytab_keyfile.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: keytab_keyfile.c,v 1.7 2000/01/02 04:00:22 assar Exp $");
+RCSID("$Id: keytab_keyfile.c,v 1.9 2000/07/02 16:14:16 assar Exp $");
/* afs keyfile operations --------------------------------------- */
@@ -221,7 +221,7 @@ akf_next_entry(krb5_context context,
goto out;
}
- entry->vno = (int8_t) kvno;
+ entry->vno = kvno;
entry->keyblock.keytype = ETYPE_DES_CBC_MD5;
entry->keyblock.keyvalue.length = 8;
@@ -235,6 +235,8 @@ akf_next_entry(krb5_context context,
ret = cursor->sp->fetch(cursor->sp, entry->keyblock.keyvalue.data, 8);
if(ret != 8)
ret = (ret < 0) ? errno : KRB5_KT_END;
+ else
+ ret = 0;
entry->timestamp = time(NULL);
@@ -260,7 +262,7 @@ akf_add_entry(krb5_context context,
{
struct akf_data *d = id->data;
int fd, created = 0;
- int32_t kvno;
+ krb5_error_code ret;
fd = open (d->filename, O_RDWR | O_BINARY);
if (fd < 0) {
@@ -274,29 +276,68 @@ akf_add_entry(krb5_context context,
if (entry->keyblock.keyvalue.length == 8
&& entry->keyblock.keytype == ETYPE_DES_CBC_MD5) {
- int32_t len = 0;
+ int32_t len;
+ krb5_storage *sp;
- if (!created) {
- if (lseek (fd, 0, SEEK_SET))
+ sp = krb5_storage_from_fd(fd);
+ if(sp == NULL) {
+ close(fd);
+ return ENOMEM;
+ }
+ if (created)
+ len = 0;
+ else {
+ if((*sp->seek)(sp, 0, SEEK_SET) < 0) {
+ krb5_storage_free(sp);
+ close(fd);
return errno;
+ }
- if (read (fd, &len, sizeof(len)) != sizeof(len))
- return errno;
+ ret = krb5_ret_int32(sp, &len);
+ if(ret) {
+ krb5_storage_free(sp);
+ close(fd);
+ return ret;
+ }
}
- len += 1;
-
- if (lseek (fd, 0, SEEK_SET))
- return errno;
-
- if (write (fd, &len, sizeof(len)) != sizeof(len))
+ len++;
+
+ if((*sp->seek)(sp, 0, SEEK_SET) < 0) {
+ krb5_storage_free(sp);
+ close(fd);
return errno;
+ }
+
+ ret = krb5_store_int32(sp, len);
+ if(ret) {
+ krb5_storage_free(sp);
+ close(fd);
+ return ret;
+ }
+
- if (lseek (fd, 4 + (len-1) * (8+4), SEEK_SET))
+ if((*sp->seek)(sp, (len - 1) * (8 + 4), SEEK_CUR) < 0) {
+ krb5_storage_free(sp);
+ close(fd);
return errno;
-
- kvno = entry->vno;
- write(fd, &kvno, sizeof(kvno));
- write(fd, entry->keyblock.keyvalue.data, 8);
+ }
+
+ ret = krb5_store_int32(sp, entry->vno);
+ if(ret) {
+ krb5_storage_free(sp);
+ close(fd);
+ return ret;
+ }
+ ret = sp->store(sp, entry->keyblock.keyvalue.data,
+ entry->keyblock.keyvalue.length);
+ if(ret != entry->keyblock.keyvalue.length) {
+ krb5_storage_free(sp);
+ close(fd);
+ if(ret < 0)
+ return errno;
+ return ENOTTY;
+ }
+ krb5_storage_free(sp);
}
close (fd);
return 0;
diff --git a/crypto/heimdal/lib/krb5/keytab_krb4.c b/crypto/heimdal/lib/krb5/keytab_krb4.c
index b1f425c575ed..e41f8498dc00 100644
--- a/crypto/heimdal/lib/krb5/keytab_krb4.c
+++ b/crypto/heimdal/lib/krb5/keytab_krb4.c
@@ -32,9 +32,8 @@
*/
#include "krb5_locl.h"
-#include <krb.h>
-RCSID("$Id: keytab_krb4.c,v 1.5 2000/01/06 08:04:58 assar Exp $");
+RCSID("$Id: keytab_krb4.c,v 1.6 2000/12/15 17:10:40 joda Exp $");
struct krb4_kt_data {
char *filename;
@@ -227,6 +226,9 @@ krb4_kt_add_entry (krb5_context context,
struct krb4_kt_data *d = id->data;
krb5_error_code ret;
int fd;
+#define ANAME_SZ 40
+#define INST_SZ 40
+#define REALM_SZ 40
char service[ANAME_SZ];
char instance[INST_SZ];
char realm[REALM_SZ];
@@ -258,7 +260,7 @@ krb4_kt_add_entry (krb5_context context,
return 0;
}
-krb5_kt_ops krb4_fkt_ops = {
+const krb5_kt_ops krb4_fkt_ops = {
"krb4",
krb4_kt_resolve,
krb4_kt_get_name,
diff --git a/crypto/heimdal/lib/krb5/krb5-private.h b/crypto/heimdal/lib/krb5/krb5-private.h
index b24328a43abd..c65369506057 100644
--- a/crypto/heimdal/lib/krb5/krb5-private.h
+++ b/crypto/heimdal/lib/krb5/krb5-private.h
@@ -18,7 +18,7 @@ _krb5_crc_init_table __P((void));
u_int32_t
_krb5_crc_update __P((
- char *p,
+ const char *p,
size_t len,
u_int32_t res));
@@ -33,6 +33,7 @@ _krb5_extract_ticket __P((
krb5_addresses *addrs,
unsigned nonce,
krb5_boolean allow_server_mismatch,
+ krb5_boolean ignore_cname,
krb5_decrypt_proc decrypt_proc,
krb5_const_pointer decryptarg));
diff --git a/crypto/heimdal/lib/krb5/krb5-protos.h b/crypto/heimdal/lib/krb5/krb5-protos.h
index 59402a754d95..628f560e9831 100644
--- a/crypto/heimdal/lib/krb5/krb5-protos.h
+++ b/crypto/heimdal/lib/krb5/krb5-protos.h
@@ -66,6 +66,20 @@ krb5_abortx __P((
__attribute__ ((noreturn, format (printf, 2, 3)));
krb5_error_code
+krb5_acl_match_file __P((
+ krb5_context context,
+ const char *file,
+ const char *format,
+ ...));
+
+krb5_error_code
+krb5_acl_match_string __P((
+ krb5_context context,
+ const char *acl_string,
+ const char *format,
+ ...));
+
+krb5_error_code
krb5_add_et_list __P((
krb5_context context,
void (*func)(struct et_list **)));
@@ -130,6 +144,33 @@ krb5_anyaddr __P((
int *sa_size,
int port));
+void
+krb5_appdefault_boolean __P((
+ krb5_context context,
+ const char *appname,
+ krb5_realm realm,
+ const char *option,
+ krb5_boolean def_val,
+ krb5_boolean *ret_val));
+
+void
+krb5_appdefault_string __P((
+ krb5_context context,
+ const char *appname,
+ krb5_realm realm,
+ const char *option,
+ const char *def_val,
+ char **ret_val));
+
+void
+krb5_appdefault_time __P((
+ krb5_context context,
+ const char *appname,
+ krb5_realm realm,
+ const char *option,
+ time_t def_val,
+ time_t *ret_val));
+
krb5_error_code
krb5_append_addresses __P((
krb5_context context,
@@ -142,6 +183,13 @@ krb5_auth_con_free __P((
krb5_auth_context auth_context));
krb5_error_code
+krb5_auth_con_genaddrs __P((
+ krb5_context context,
+ krb5_auth_context auth_context,
+ int fd,
+ int flags));
+
+krb5_error_code
krb5_auth_con_getaddrs __P((
krb5_context context,
krb5_auth_context auth_context,
@@ -167,6 +215,12 @@ krb5_auth_con_getlocalsubkey __P((
krb5_keyblock **keyblock));
krb5_error_code
+krb5_auth_con_getrcache __P((
+ krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_rcache *rcache));
+
+krb5_error_code
krb5_auth_con_getremotesubkey __P((
krb5_context context,
krb5_auth_context auth_context,
@@ -209,6 +263,12 @@ krb5_auth_con_setlocalsubkey __P((
krb5_keyblock *keyblock));
krb5_error_code
+krb5_auth_con_setrcache __P((
+ krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_rcache rcache));
+
+krb5_error_code
krb5_auth_con_setremotesubkey __P((
krb5_context context,
krb5_auth_context auth_context,
@@ -291,7 +351,8 @@ krb5_build_authenticator __P((
krb5_creds *cred,
Checksum *cksum,
Authenticator **auth_result,
- krb5_data *result));
+ krb5_data *result,
+ krb5_key_usage usage));
krb5_error_code
krb5_build_principal __P((
@@ -545,6 +606,13 @@ krb5_config_get_string __P((
krb5_config_section *c,
...));
+const char *
+krb5_config_get_string_default __P((
+ krb5_context context,
+ krb5_config_section *c,
+ const char *def_value,
+ ...));
+
char**
krb5_config_get_strings __P((
krb5_context context,
@@ -629,6 +697,13 @@ krb5_config_vget_string __P((
krb5_config_section *c,
va_list args));
+const char *
+krb5_config_vget_string_default __P((
+ krb5_context context,
+ krb5_config_section *c,
+ const char *def_value,
+ va_list args));
+
char **
krb5_config_vget_strings __P((
krb5_context context,
@@ -827,10 +902,20 @@ krb5_decrypt_EncryptedData __P((
krb5_context context,
krb5_crypto crypto,
unsigned usage,
- EncryptedData *e,
+ const EncryptedData *e,
krb5_data *result));
krb5_error_code
+krb5_decrypt_ivec __P((
+ krb5_context context,
+ krb5_crypto crypto,
+ unsigned usage,
+ void *data,
+ size_t len,
+ krb5_data *result,
+ void *ivec));
+
+krb5_error_code
krb5_decrypt_ticket __P((
krb5_context context,
Ticket *ticket,
@@ -853,6 +938,9 @@ krb5_domain_x500_encode __P((
krb5_data *encoding));
krb5_error_code
+krb5_eai_to_heim_errno __P((int eai_errno));
+
+krb5_error_code
krb5_encode_Authenticator __P((
krb5_context context,
void *data,
@@ -928,6 +1016,16 @@ krb5_encrypt_EncryptedData __P((
EncryptedData *result));
krb5_error_code
+krb5_encrypt_ivec __P((
+ krb5_context context,
+ krb5_crypto crypto,
+ unsigned usage,
+ void *data,
+ size_t len,
+ krb5_data *result,
+ void *ivec));
+
+krb5_error_code
krb5_enctype_to_keytype __P((
krb5_context context,
krb5_enctype etype,
@@ -988,6 +1086,14 @@ krb5_find_padata __P((
int *index));
krb5_error_code
+krb5_format_time __P((
+ krb5_context context,
+ time_t t,
+ char *s,
+ size_t len,
+ krb5_boolean include_time));
+
+krb5_error_code
krb5_free_address __P((
krb5_context context,
krb5_address *address));
@@ -1106,7 +1212,7 @@ krb5_error_code
krb5_generate_seq_number __P((
krb5_context context,
const krb5_keyblock *key,
- int32_t *seqno));
+ u_int32_t *seqno));
krb5_error_code
krb5_generate_subkey __P((
@@ -1291,6 +1397,18 @@ krb5_get_init_creds_opt_set_address_list __P((
krb5_addresses *addresses));
void
+krb5_get_init_creds_opt_set_anonymous __P((
+ krb5_get_init_creds_opt *opt,
+ int anonymous));
+
+void
+krb5_get_init_creds_opt_set_default_flags __P((
+ krb5_context context,
+ const char *appname,
+ krb5_realm realm,
+ krb5_get_init_creds_opt *opt));
+
+void
krb5_get_init_creds_opt_set_etype_list __P((
krb5_get_init_creds_opt *opt,
krb5_enctype *etype_list,
@@ -1373,6 +1491,12 @@ krb5_get_pw_salt __P((
krb5_const_principal principal,
krb5_salt *salt));
+krb5_error_code
+krb5_get_server_rcache __P((
+ krb5_context context,
+ const krb5_data *piece,
+ krb5_rcache *id));
+
krb5_boolean
krb5_get_use_admin_kdc __P((krb5_context context));
@@ -1623,7 +1747,7 @@ krb5_mk_priv __P((
krb5_error_code
krb5_mk_rep __P((
krb5_context context,
- krb5_auth_context *auth_context,
+ krb5_auth_context auth_context,
krb5_data *outbuf));
krb5_error_code
@@ -1638,6 +1762,16 @@ krb5_mk_req __P((
krb5_data *outbuf));
krb5_error_code
+krb5_mk_req_exact __P((
+ krb5_context context,
+ krb5_auth_context *auth_context,
+ const krb5_flags ap_req_options,
+ const krb5_principal server,
+ krb5_data *in_data,
+ krb5_ccache ccache,
+ krb5_data *outbuf));
+
+krb5_error_code
krb5_mk_req_extended __P((
krb5_context context,
krb5_auth_context *auth_context,
@@ -1654,7 +1788,8 @@ krb5_mk_req_internal __P((
krb5_data *in_data,
krb5_creds *in_creds,
krb5_data *outbuf,
- krb5_key_usage usage));
+ krb5_key_usage checksum_usage,
+ krb5_key_usage encrypt_usage));
krb5_error_code
krb5_mk_safe __P((
@@ -1732,6 +1867,12 @@ krb5_principal_compare_any_realm __P((
krb5_const_principal princ1,
krb5_const_principal princ2));
+krb5_boolean
+krb5_principal_match __P((
+ krb5_context context,
+ krb5_const_principal princ,
+ krb5_const_principal pattern));
+
krb5_error_code
krb5_print_address __P((
const krb5_address *addr,
@@ -1757,9 +1898,94 @@ krb5_prompter_posix __P((
krb5_prompt prompts[]));
krb5_error_code
+krb5_rc_close __P((
+ krb5_context context,
+ krb5_rcache id));
+
+krb5_error_code
+krb5_rc_default __P((
+ krb5_context context,
+ krb5_rcache *id));
+
+const char *
+krb5_rc_default_name __P((krb5_context context));
+
+const char *
+krb5_rc_default_type __P((krb5_context context));
+
+krb5_error_code
+krb5_rc_destroy __P((
+ krb5_context context,
+ krb5_rcache id));
+
+krb5_error_code
+krb5_rc_expunge __P((
+ krb5_context context,
+ krb5_rcache id));
+
+krb5_error_code
+krb5_rc_get_lifespan __P((
+ krb5_context context,
+ krb5_rcache id,
+ krb5_deltat *auth_lifespan));
+
+const char*
+krb5_rc_get_name __P((
+ krb5_context context,
+ krb5_rcache id));
+
+const char*
+krb5_rc_get_type __P((
+ krb5_context context,
+ krb5_rcache id));
+
+krb5_error_code
+krb5_rc_initialize __P((
+ krb5_context context,
+ krb5_rcache id,
+ krb5_deltat auth_lifespan));
+
+krb5_error_code
+krb5_rc_recover __P((
+ krb5_context context,
+ krb5_rcache id));
+
+krb5_error_code
+krb5_rc_resolve __P((
+ krb5_context context,
+ krb5_rcache id,
+ const char *name));
+
+krb5_error_code
+krb5_rc_resolve_full __P((
+ krb5_context context,
+ krb5_rcache *id,
+ const char *string_name));
+
+krb5_error_code
+krb5_rc_resolve_type __P((
+ krb5_context context,
+ krb5_rcache *id,
+ const char *type));
+
+krb5_error_code
+krb5_rc_store __P((
+ krb5_context context,
+ krb5_rcache id,
+ krb5_donot_replay *rep));
+
+krb5_error_code
krb5_rd_cred __P((
krb5_context context,
krb5_auth_context auth_context,
+ krb5_data *in_data,
+ krb5_creds ***ret_creds,
+ krb5_replay_data *out_data));
+
+krb5_error_code
+krb5_rd_cred2 __P((
+ krb5_context context,
+ krb5_auth_context auth_context,
krb5_ccache ccache,
krb5_data *in_data));
@@ -1818,6 +2044,20 @@ krb5_read_message __P((
krb5_pointer p_fd,
krb5_data *data));
+krb5_error_code
+krb5_read_priv_message __P((
+ krb5_context context,
+ krb5_auth_context ac,
+ krb5_pointer p_fd,
+ krb5_data *data));
+
+krb5_error_code
+krb5_read_safe_message __P((
+ krb5_context context,
+ krb5_auth_context ac,
+ krb5_pointer p_fd,
+ krb5_data *data));
+
krb5_boolean
krb5_realm_compare __P((
krb5_context context,
@@ -1936,6 +2176,14 @@ krb5_sendauth __P((
krb5_creds **out_creds));
krb5_error_code
+krb5_sendto __P((
+ krb5_context context,
+ const krb5_data *send,
+ char **hostlist,
+ int port,
+ krb5_data *receive));
+
+krb5_error_code
krb5_sendto_kdc __P((
krb5_context context,
const krb5_data *send,
@@ -1943,6 +2191,14 @@ krb5_sendto_kdc __P((
krb5_data *receive));
krb5_error_code
+krb5_sendto_kdc2 __P((
+ krb5_context context,
+ const krb5_data *send,
+ const krb5_realm *realm,
+ krb5_data *receive,
+ krb5_boolean master));
+
+krb5_error_code
krb5_set_default_in_tkt_etypes __P((
krb5_context context,
const krb5_enctype *etypes));
@@ -2102,7 +2358,7 @@ krb5_store_string __P((
krb5_error_code
krb5_store_stringz __P((
krb5_storage *sp,
- char *s));
+ const char *s));
krb5_error_code
krb5_store_times __P((
@@ -2232,6 +2488,18 @@ krb5_verify_ap_req __P((
krb5_ticket **ticket));
krb5_error_code
+krb5_verify_ap_req2 __P((
+ krb5_context context,
+ krb5_auth_context *auth_context,
+ krb5_ap_req *ap_req,
+ krb5_const_principal server,
+ krb5_keyblock *keyblock,
+ krb5_flags flags,
+ krb5_flags *ap_req_options,
+ krb5_ticket **ticket,
+ krb5_key_usage usage));
+
+krb5_error_code
krb5_verify_authenticator_checksum __P((
krb5_context context,
krb5_auth_context ac,
@@ -2355,6 +2623,21 @@ krb5_write_message __P((
krb5_data *data));
krb5_error_code
+krb5_write_priv_message __P((
+ krb5_context context,
+ krb5_auth_context ac,
+ krb5_pointer p_fd,
+ krb5_data *data));
+
+krb5_error_code
+krb5_write_safe_message __P((
+ krb5_context context,
+ krb5_auth_context ac,
+ krb5_boolean priv,
+ krb5_pointer p_fd,
+ krb5_data *data));
+
+krb5_error_code
krb5_xfree __P((void *ptr));
krb5_error_code
diff --git a/crypto/heimdal/lib/krb5/krb5.conf.5 b/crypto/heimdal/lib/krb5/krb5.conf.5
index 2a0adb6859dd..51f6cfbcab25 100644
--- a/crypto/heimdal/lib/krb5/krb5.conf.5
+++ b/crypto/heimdal/lib/krb5/krb5.conf.5
@@ -1,4 +1,4 @@
-.\" $Id: krb5.conf.5,v 1.7 1999/11/04 01:57:28 assar Exp $
+.\" $Id: krb5.conf.5,v 1.12 2001/01/19 04:53:24 assar Exp $
.\"
.Dd April 11, 1999
.Dt KRB5.CONF 5
@@ -46,7 +46,6 @@ name:
.Li STRINGs
consists of one or more non-white space characters.
Currently recognised sections and bindings are:
-
.Bl -tag -width "xxx" -offset indent
.It Li [libdefaults]
.Bl -tag -width "xxx" -offset indent
@@ -65,7 +64,24 @@ Maximum time to wait for a reply from the kdc, default is 3 seconds.
These are decribed in the
.Xr krb5_425_conv_principal 3
manual page.
-.It Li capath = Va realm-routing-table
+.It Li capath = {
+.Bl -tag -width "xxx" -offset indent
+.It Va destination-realm Li = Va next-hop-realm
+.It ...
+.El
+Normally, all requests to realms different from the one of the current
+client are sent to this KDC to get cross-realm tickets.
+If this KDC does not have a cross-realm key with the desired realm and
+the hierarchical path to that realm does not work, a path can be
+configured using this directive.
+The text shown above instructs the KDC to try to obtain a cross-realm
+ticket to
+.Va next-hop-realm
+when the desired realm is
+.Va destination-realm .
+This configuration should preferably be done on the KDC where it will
+help all its clients but can also be done on the client itself.
+.It Li }
.It Li default_etypes = Va etypes...
A list of default etypes to use.
.It Li default_etypes_des = Va etypes...
@@ -113,10 +129,18 @@ perid.
.It Va REALM Li = {
.Bl -tag -width "xxx" -offset indent
.It Li kdc = Va host[:port]
-Specifies a kdc for this realm. If the optional port is absent, the
+Specifies a list of kdcs for this realm. If the optional port is absent, the
default value for the
.Dq kerberos/udp
service will be used.
+The kdcs will be used in the order that they are specified.
+.It Li admin_server = Va host[:port]
+Specifies the admin server for this realm, where all the modifications
+to the database are perfomed.
+.It Li kpasswd_server = Va host[:port]
+Points to the server where all the password changes are perfomed.
+If there is no such entry, the kpasswd port on the admin_server host
+will be tried.
.It Li v4_instance_convert
.It Li v4_name_convert
.It Li default_domain
@@ -136,7 +160,100 @@ for logging. See the
.Xr krb5_openlog 3
manual page for a list of defined destinations.
.El
+.It Li [kdc]
+.Bl -tag -width "xxx" -offset indent
+.It database Li = {
+.Bl -tag -width "xxx" -offset indent
+.It dbname Li = Va DATABASENAME
+use this database for this realm.
+.It realm Li = Va REALM
+specifies the realm that will be stored in this database.
+.It mkey_file Li = Pa FILENAME
+use this keytab file for the master key of this database.
+If not specified
+.Va DATABASENAME Ns .mkey
+will be used.
+.It acl_file Li = PA FILENAME
+use this file for the ACL list of this database.
+.It log_file Li = Pa FILENAME
+use this file as the log of changes performed to the database. This
+file is used by
+.Nm ipropd-master
+for propagating changes to slaves.
+.El
+.It Li }
+.It max-request = Va SIZE
+Maximum size of a kdc request.
+.It require-preauth = Va BOOL
+If set pre-authentication is required. Since krb4 requests are not
+pre-authenticated they will be rejected.
+.It ports = Va "list of ports"
+list of ports the kdc should listen to.
+.It addresses = Va "list of interfaces"
+list of addresses the kdc should bind to.
+.It enable-kerberos4 = Va BOOL
+turn on kerberos4 support.
+.It v4-realm = Va REALM
+to what realm v4 requests should be mapped.
+.It enable-524 = Va BOOL
+should the Kerberos 524 converting facility be turned on. Default is same as
+.Va enable-kerberos4 .
+.It enable-http = Va BOOL
+should the kdc answer kdc-requests over http.
+.It enable-kaserver = Va BOOL
+if this kdc should emulate the AFS kaserver.
+.It check-ticket-addresses = Va BOOL
+verify the addresses in the tickets used in tgs requests.
+.\" XXX
+.It allow-null-ticket-addresses = Va BOOL
+allow addresses-less tickets.
+.\" XXX
+.It allow-anonymous = Va BOOL
+if the kdc is allowed to hand out anonymous tickets.
+.It encode_as_rep_as_tgs_rep = Va BOOL
+encode as-rep as tgs-rep tobe compatible with mistakes older DCE secd did.
+.\" XXX
+.It kdc_warn_pwexpire = Va TIME
+the time before expiration that the user should be warned that her
+password is about to expire.
+.It logging = Va Logging
+What type of logging the kdc should use, see also [logging]/kdc.
.El
+.It Li [kadmin]
+.Bl -tag -width "xxx" -offset indent
+.It require-preauth = Va BOOL
+If pre-authentication is required to talk to the kadmin server.
+.It default_keys = Va keytypes...
+for each entry in
+.Va default_keys
+try to parse it as a sequence of
+.Va etype:salttype:salt
+syntax of this if something like:
+.Pp
+[(des|des3|etype):](pw-salt|afs3-salt)[:string]
+.Pp
+if
+.Ar etype
+is omitted it means everything, and if string is omitted is means the default string (for that principal). Additional special values of keyttypes are:
+.Bl -tag -width "xxx" -offset indent
+.It v5
+The kerberos 5 salt
+.Va pw-salt
+.It v4
+The kerberos 4 type
+.Va des:pw-salt:
+.El
+.It use_v4_salt = Va BOOL
+When true, this is the same as
+.Pp
+.Va default_keys = Va des3:pw-salt Va v4
+.Pp
+and is only left for backwards compatability.
+.El
+.El
+.Sh ENVIRONMENT
+.Ev KRB5_CONFIG
+points to the configuration file to read.
.Sh EXAMPLE
.Bd -literal -offset indent
[lib_defaults]
@@ -160,7 +277,21 @@ manual page for a list of defined destinations.
kdc = SYSLOG:INFO
default = SYSLOG:INFO:USER
.Ed
+.Sh DIAGNOSTICS
+Since
+.Nm
+is read and parsed by the krb5 library, there is not a lot of
+opportunities for programs to report parsing errors in any useful
+format.
+To help overcome this problem, there is a program
+.Nm verify_krb5_conf
+that reads
+.Nm
+and tries to emit useful diagnostics from parsing errors. Note that
+this program does not have any way of knowing what options are
+actually used and thus cannot warn about unknown or misspelt ones.
.Sh SEE ALSO
+.Xr verify_krb5_conf 8 ,
.Xr krb5_openlog 3 ,
.Xr krb5_425_conv_principal 3 ,
.Xr strftime 3 ,
diff --git a/crypto/heimdal/lib/krb5/krb5.h b/crypto/heimdal/lib/krb5/krb5.h
index 15837e06f307..65a8a1649d6d 100644
--- a/crypto/heimdal/lib/krb5/krb5.h
+++ b/crypto/heimdal/lib/krb5/krb5.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: krb5.h,v 1.164 2000/02/06 07:40:57 assar Exp $ */
+/* $Id: krb5.h,v 1.179 2000/12/15 17:11:12 joda Exp $ */
#ifndef __KRB5_H__
#define __KRB5_H__
@@ -68,24 +68,7 @@ typedef octet_string krb5_data;
struct krb5_crypto_data;
typedef struct krb5_crypto_data *krb5_crypto;
-typedef enum krb5_cksumtype {
- CKSUMTYPE_NONE = 0,
- CKSUMTYPE_CRC32 = 1,
- CKSUMTYPE_RSA_MD4 = 2,
- CKSUMTYPE_RSA_MD4_DES = 3,
- CKSUMTYPE_DES_MAC = 4,
- CKSUMTYPE_DES_MAC_K = 5,
- CKSUMTYPE_RSA_MD4_DES_K = 6,
- CKSUMTYPE_RSA_MD5 = 7,
- CKSUMTYPE_RSA_MD5_DES = 8,
- CKSUMTYPE_RSA_MD5_DES3 = 9,
-/* CKSUMTYPE_SHA1 = 10,*/
- CKSUMTYPE_HMAC_SHA1_DES3 = 12,
- CKSUMTYPE_SHA1 = 1000, /* correct value? */
- CKSUMTYPE_HMAC_MD5 = -138, /* unofficial microsoft number */
- CKSUMTYPE_HMAC_MD5_ENC = -1138 /* even more unofficial */
-} krb5_cksumtype;
-
+typedef CKSUMTYPE krb5_cksumtype;
typedef enum krb5_enctype {
ETYPE_NULL = 0,
@@ -101,17 +84,14 @@ typedef enum krb5_enctype {
ETYPE_ARCFOUR_HMAC_MD5 = 23,
ETYPE_ARCFOUR_HMAC_MD5_56 = 24,
ETYPE_ENCTYPE_PK_CROSS = 48,
- ETYPE_DES_CBC_NONE = 0x1000,
- ETYPE_DES3_CBC_NONE = 0x1001
+ ETYPE_DES_CBC_NONE = -0x1000,
+ ETYPE_DES3_CBC_NONE = -0x1001,
+ ETYPE_DES_CFB64_NONE = -0x1002,
+ ETYPE_DES_PCBC_NONE = -0x1003,
+ ETYPE_DES3_CBC_NONE_IVEC = -0x1004
} krb5_enctype;
-typedef enum krb5_preauthtype {
- KRB5_PADATA_NONE = 0,
- KRB5_PADATA_AP_REQ,
- KRB5_PADATA_TGS_REQ = 1,
- KRB5_PADATA_ENC_TIMESTAMP = 2,
- KRB5_PADATA_ENC_SECURID
-} krb5_preauthtype;
+typedef PADATA_TYPE krb5_preauthtype;
typedef enum krb5_key_usage {
KRB5_KU_PA_ENC_TIMESTAMP = 1,
@@ -165,14 +145,28 @@ typedef enum krb5_key_usage {
KRB5_KU_OTHER_ENCRYPTED = 16,
/* Data which is defined in some specification outside of
Kerberos to be encrypted using an RFC1510 encryption type. */
- KRB5_KU_OTHER_CKSUM = 17
+ KRB5_KU_OTHER_CKSUM = 17,
/* Data which is defined in some specification outside of
Kerberos to be checksummed using an RFC1510 checksum type. */
+ KRB5_KU_KRB_ERROR = 18,
+ /* Krb-error checksum */
+ KRB5_KU_AD_KDC_ISSUED = 19,
+ /* AD-KDCIssued checksum */
+ KRB5_KU_MANDATORY_TICKET_EXTENSION = 20,
+ /* Checksum for Mandatory Ticket Extensions */
+ KRB5_KU_AUTH_DATA_TICKET_EXTENSION = 21,
+ /* Checksum in Authorization Data in Ticket Extensions */
+ KRB5_KU_USAGE_SEAL = 22,
+ /* seal in GSSAPI krb5 mechanism */
+ KRB5_KU_USAGE_SIGN = 23,
+ /* sign in GSSAPI krb5 mechanism */
+ KRB5_KU_USAGE_SEQ = 24
+ /* SEQ in GSSAPI krb5 mechanism */
} krb5_key_usage;
typedef enum krb5_salttype {
- KRB5_PW_SALT = pa_pw_salt,
- KRB5_AFS3_SALT = pa_afs3_salt
+ KRB5_PW_SALT = KRB5_PADATA_PW_SALT,
+ KRB5_AFS3_SALT = KRB5_PADATA_AFS3_SALT
}krb5_salttype;
typedef struct krb5_salt {
@@ -221,7 +215,14 @@ typedef AP_REQ krb5_ap_req;
struct krb5_cc_ops;
-#define KRB5_DEFAULT_CCROOT "FILE:/tmp/krb5cc_"
+#define KRB5_DEFAULT_CCFILE_ROOT "/tmp/krb5cc_"
+
+#define KRB5_DEFAULT_CCROOT "FILE:" KRB5_DEFAULT_CCFILE_ROOT
+
+#define KRB5_ACCEPT_NULL_ADDRESSES(C) \
+ krb5_config_get_bool_default((C), NULL, TRUE, \
+ "libdefaults", "accept_null_addresses", \
+ NULL)
typedef void *krb5_cc_cursor;
@@ -373,18 +374,9 @@ typedef struct krb5_context_data {
version */
int num_kt_types; /* # of registered keytab types */
struct krb5_keytab_data *kt_types; /* registered keytab types */
+ const char *date_fmt;
} krb5_context_data;
-enum {
- KRB5_NT_UNKNOWN = 0,
- KRB5_NT_PRINCIPAL = 1,
- KRB5_NT_SRV_INST = 2,
- KRB5_NT_SRV_HST = 3,
- KRB5_NT_SRV_XHST = 4,
- KRB5_NT_UID = 5
-};
-
-
typedef struct krb5_ticket {
EncTicketPart ticket;
krb5_principal client;
@@ -397,7 +389,7 @@ typedef krb5_authenticator_data *krb5_authenticator;
struct krb5_rcache_data;
typedef struct krb5_rcache_data *krb5_rcache;
-typedef Authenticator krb5_donot_reply;
+typedef Authenticator krb5_donot_replay;
#define KRB5_STORAGE_HOST_BYTEORDER 0x01
#define KRB5_STORAGE_PRINCIPAL_WRONG_NUM_COMPONENTS 0x02
@@ -407,7 +399,7 @@ typedef Authenticator krb5_donot_reply;
typedef struct krb5_storage {
void *data;
ssize_t (*fetch)(struct krb5_storage*, void*, size_t);
- ssize_t (*store)(struct krb5_storage*, void*, size_t);
+ ssize_t (*store)(struct krb5_storage*, const void*, size_t);
off_t (*seek)(struct krb5_storage*, off_t, int);
void (*free)(struct krb5_storage*);
krb5_flags flags;
@@ -456,11 +448,27 @@ struct krb5_keytab_key_proc_args {
typedef struct krb5_keytab_key_proc_args krb5_keytab_key_proc_args;
+typedef struct krb5_replay_data {
+ krb5_timestamp timestamp;
+ u_int32_t usec;
+ u_int32_t seq;
+} krb5_replay_data;
+
+/* flags for krb5_auth_con_setflags */
enum {
KRB5_AUTH_CONTEXT_DO_TIME = 1,
KRB5_AUTH_CONTEXT_RET_TIME = 2,
KRB5_AUTH_CONTEXT_DO_SEQUENCE = 4,
- KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8
+ KRB5_AUTH_CONTEXT_RET_SEQUENCE = 8,
+ KRB5_AUTH_CONTEXT_PERMIT_ALL = 16
+};
+
+/* flags for krb5_auth_con_genaddrs */
+enum {
+ KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR = 1,
+ KRB5_AUTH_CONTEXT_GENERATE_LOCAL_FULL_ADDR = 3,
+ KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR = 4,
+ KRB5_AUTH_CONTEXT_GENERATE_REMOTE_FULL_ADDR = 12
};
typedef struct krb5_auth_context_data {
@@ -474,8 +482,8 @@ typedef struct krb5_auth_context_data {
krb5_keyblock *local_subkey;
krb5_keyblock *remote_subkey;
- int32_t local_seqnumber;
- int32_t remote_seqnumber;
+ u_int32_t local_seqnumber;
+ u_int32_t remote_seqnumber;
krb5_authenticator authenticator;
@@ -494,7 +502,7 @@ typedef struct {
KRB_ERROR error;
} krb5_kdc_rep;
-extern char *heimdal_version, *heimdal_long_version;
+extern const char *heimdal_version, *heimdal_long_version;
typedef void (*krb5_log_log_func_t)(const char*, const char*, void*);
typedef void (*krb5_log_close_func_t)(void*);
@@ -549,6 +557,7 @@ typedef struct _krb5_get_init_creds_opt {
krb5_deltat renew_life;
int forwardable;
int proxiable;
+ int anonymous;
krb5_enctype *etype_list;
int etype_list_length;
krb5_addresses *address_list;
@@ -570,6 +579,7 @@ typedef struct _krb5_get_init_creds_opt {
#define KRB5_GET_INIT_CREDS_OPT_ADDRESS_LIST 0x0020
#define KRB5_GET_INIT_CREDS_OPT_PREAUTH_LIST 0x0040
#define KRB5_GET_INIT_CREDS_OPT_SALT 0x0080
+#define KRB5_GET_INIT_CREDS_OPT_ANONYMOUS 0x0100
typedef struct _krb5_verify_init_creds_opt {
krb5_flags flags;
@@ -584,6 +594,7 @@ extern const krb5_cc_ops krb5_mcc_ops;
extern const krb5_kt_ops krb5_fkt_ops;
extern const krb5_kt_ops krb5_mkt_ops;
extern const krb5_kt_ops krb5_akf_ops;
+extern const krb5_kt_ops krb4_fkt_ops;
#define KRB5_KPASSWD_SUCCESS 0
#define KRB5_KPASSWD_MALFORMED 0
diff --git a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3 b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3
index 231c3ff15e73..ff90c64fa76c 100644
--- a/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_425_conv_principal.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_425_conv_principal.3,v 1.3 1999/04/11 01:47:22 joda Exp $
+.\" $Id: krb5_425_conv_principal.3,v 1.4 2001/01/26 22:43:21 assar Exp $
.Dd April 11, 1999
.Dt KRB5_425_CONV_PRINCIPAL 3
.Os HEIMDAL
@@ -8,21 +8,15 @@
.Nm krb5_425_conv_principal_ext ,
.Nm krb5_524_conv_principal
.Nd Converts to and from version 4 principals
-
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_425_conv_principal "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_principal *principal"
-
.Ft krb5_error_code
.Fn krb5_425_conv_principal_ext "krb5_context context" "const char *name" "const char *instance" "const char *realm" "krb5_boolean (*func)(krb5_context, krb5_principal)" "krb5_boolean resolve" "krb5_principal *principal"
-
.Ft krb5_error_code
.Fn krb5_524_conv_principal "krb5_context context" "const krb5_principal principal" "char *name" "char *instance" "char *realm"
-
.Sh DESCRIPTION
-
Converting between version 4 and version 5 principals can at best be
described as a mess.
.Pp
@@ -124,9 +118,7 @@ instances found to belong to a host principal. The
and
.Fa realm
should be at least 40 characters long.
-
.Sh EXAMPLES
-
Since this is confusing an example is in place.
.Pp
Assume that we have the
@@ -188,7 +180,6 @@ the second example will result in
.Dq ftp/b-host.foo.com
(because of the default domain). And all of this is of course only
valid if you have working name resolving.
-
.Sh SEE ALSO
.Xr krb5_build_principal 3 ,
.Xr krb5_free_principal 3 ,
diff --git a/crypto/heimdal/lib/krb5/krb5_appdefault.3 b/crypto/heimdal/lib/krb5/krb5_appdefault.3
new file mode 100644
index 000000000000..3ce6fc9432bd
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/krb5_appdefault.3
@@ -0,0 +1,57 @@
+.\" Copyright (c) 2000 Kungliga Tekniska Högskolan
+.\" $Id: krb5_appdefault.3,v 1.3 2001/01/05 16:29:42 joda Exp $
+.Dd July 25, 2000
+.Dt KRB5_APPDEFAULT 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_appdefault_boolean ,
+.Nm krb5_appdefault_string ,
+.Nm krb5_appdefault_time
+.Nd Get application configuration value
+
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+
+.Ft void
+.Fn krb5_appdefault_boolean "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "krb5_boolean def_val" "krb5_boolean *ret_val"
+.Ft void
+.Fn krb5_appdefault_string "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "const char *def_val" "char **ret_val"
+.Ft void
+.Fn krb5_appdefault_time "krb5_context context" "const char *appname" "krb5_realm realm" "const char *option" "time_t def_val" "time_t *ret_val"
+
+.Sh DESCRIPTION
+
+These functions get application application defaults from the
+.Dv appdefaults
+section of the
+.Xr krb5.conf 5
+configuration file. These defaults can be specified per application,
+and/or per realm.
+
+These values will be looked for in
+.Xr krb5.conf 5 ,
+in order of descending importance.
+.Bd -literal -offset indent
+[appdefaults]
+ appname = {
+ realm = {
+ option = value
+ }
+ }
+ appname = {
+ option = value
+ }
+ realm = {
+ option = value
+ }
+ option = value
+.Ed
+
+If the realm is omitted it will not be used for resolving values. If
+no value can be found,
+.Fa def_val
+is returned instead.
+
+.Sh SEE ALSO
+.Xr krb5_config 3 ,
+.Xr krb5.conf 5
diff --git a/crypto/heimdal/lib/krb5/krb5_auth_context.3 b/crypto/heimdal/lib/krb5/krb5_auth_context.3
new file mode 100644
index 000000000000..42a96ecac2dc
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/krb5_auth_context.3
@@ -0,0 +1,284 @@
+.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
+.\" $Id: krb5_auth_context.3,v 1.1 2001/01/28 19:47:33 assar Exp $
+.Dd Jan 21, 2001
+.Dt KRB5_AUTH_CONTEXT 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_auth_context ,
+.Nm krb5_auth_con_init ,
+.Nm krb5_auth_con_free ,
+.Nm krb5_auth_con_setflags ,
+.Nm krb5_auth_con_getflags ,
+.Nm krb5_auth_con_setaddrs ,
+.Nm krb5_auth_con_setaddrs_from_fd ,
+.Nm krb5_auth_con_getaddrs ,
+.Nm krb5_auth_con_genaddrs ,
+.Nm krb5_auth_con_getkey ,
+.Nm krb5_auth_con_setkey ,
+.Nm krb5_auth_con_getuserkey ,
+.Nm krb5_auth_con_setuserkey ,
+.Nm krb5_auth_con_getlocalsubkey ,
+.Nm krb5_auth_con_setlocalsubkey ,
+.Nm krb5_auth_con_getremotesubkey ,
+.Nm krb5_auth_con_setremotesubkey ,
+.Nm krb5_auth_setcksumtype ,
+.Nm krb5_auth_getcksumtype ,
+.Nm krb5_auth_setkeytype ,
+.Nm krb5_auth_getkeytype ,
+.Nm krb5_auth_getlocalseqnumber ,
+.Nm krb5_auth_setlocalseqnumber ,
+.Nm krb5_auth_getremoteseqnumber ,
+.Nm krb5_auth_setremoteseqnumber ,
+.Nm krb5_auth_getauthenticator ,
+.Nm krb5_auth_con_getrcache ,
+.Nm krb5_auth_con_setrcache ,
+.Nm krb5_auth_con_initivector ,
+.Nm krb5_auth_con_setivector
+.Nd manage authetication on connection level.
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+.Ft krb5_error_code
+.Fo krb5_auth_con_init
+.Fa "krb5_context context"
+.Fa "krb5_auth_context *auth_context"
+.Fc
+.Ft void
+.Fo krb5_auth_con_free
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_setflags
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "int32_t flags"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_getflags
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "int32_t *flags"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_setaddrs
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "krb5_address *local_addr"
+.Fa "krb5_address *remote_addr"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_getaddrs
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "krb5_address **local_addr"
+.Fa "krb5_address **remote_addr"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_genaddrs
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "int fd"
+.Fa "int flags"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_setaddrs_from_fd
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "void *p_fd"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_getkey
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "krb5_keyblock **keyblock"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_getlocalsubkey
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "krb5_keyblock **keyblock"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_getremotesubkey
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fa "krb5_keyblock **keyblock"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_initivector
+.Fa "krb5_context context"
+.Fa "krb5_auth_context auth_context"
+.Fc
+.Ft krb5_error_code
+.Fo krb5_auth_con_setivector
+.Fa "krb5_context context"
+.Fa "krb5_auth_context *auth_context"
+.Fa "krb5_pointer ivector"
+.Fc
+.Sh DESCRIPTION
+The
+.Nm krb5_auth_context
+structure holds all context related to an authenticated connection, in
+a similar way to
+.Nm krb5_context
+that holds the context for the thread or process.
+.Nm krb5_auth_context
+is used by various functions that are directly related to
+authentication between the server/client. Example of data that this
+structure contains are varius flags, addresses of client and server,
+port numbers, keyblocks (and subkeys), sequence numbers, replay cache,
+and checksum-type.
+.Pp
+.Fn krb5_auth_con_init
+allocates and initilizes the
+.Nm krb5_auth_context
+structure. Default values can be changed with
+.Fn krb5_auth_con_setcksumtype
+and
+.Fn krb5_auth_con_setflags .
+The
+.Nm auth_context
+structure must be freed by
+.Fn krb5_auth_con_free .
+.Pp
+.Fn krb5_auth_con_getflags
+and
+.Fn krb5_auth_con_setflags
+gets and modifies the flags for a
+.Nm krb5_auth_context
+structure. Possible flags to set are:
+.Bl -tag -width Ds
+.It Dv KRB5_AUTH_CONTEXT_DO_TIME
+check timestamp on incoming packets.
+.\".It Dv KRB5_AUTH_CONTEXT_RET_TIME
+.It Dv KRB5_AUTH_CONTEXT_DO_SEQUENCE
+Generate and check sequence-number on each packet.
+.\".It Dv KRB5_AUTH_CONTEXT_RET_SEQUENCE
+.\".It Dv KRB5_AUTH_CONTEXT_PERMIT_ALL
+.El
+.Pp
+.Fn krb5_auth_con_setaddrs ,
+.Fn krb5_auth_con_setaddrs_from_fd
+and
+.Fn krb5_auth_con_getaddrs
+gets and sets the addresses that are checked when a packet is received.
+It is mandatory to set an address for the remote
+host. If the local address is not set, it iss deduced from the underlaying
+operating system.
+.Fn krb5_auth_con_getaddrs
+will call
+.Fn krb5_free_address
+on any address that is passed in
+.Fa local_addr
+or
+.Fa remote_addr .
+.Fn krb5_auth_con_setaddr
+allows passing in a
+.Dv NULL
+pointer as
+.Fa local_addr
+and
+.Fa remote_addr ,
+in that case it will just not set that address.
+.Pp
+.Fn krb5_auth_con_setaddrs_from_fd
+fetches the addresses from a file descriptor.
+.Pp
+.Fn krb5_auth_con_genaddrs
+fetches the address information from the given file descriptor
+.Fa fd
+depending on the bitmap argument
+.Fa flags .
+.Pp
+Possible values on
+.Fa flags
+are:
+.Bl -tag -width Ds
+.It Va KRB5_AUTH_CONTEXT_GENERATE_LOCAL_ADDR
+fetches the local address from
+.Fa fd .
+.It Va KRB5_AUTH_CONTEXT_GENERATE_REMOTE_ADDR
+fetches the remote address from
+.Fa fd .
+.El
+.Pp
+.Fn krb5_auth_con_setkey ,
+.Fn krb5_auth_con_setuserkey
+and
+.Fn krb5_auth_con_getkey
+gets and sets the key used for this auth context. The keyblock returned by
+.Fn krb5_auth_con_getkey
+should be freed with
+.Fn krb5_free_keyblock .
+The keyblock send into
+.Fn krb5_auth_con_setkey
+is copied into the
+.Nm krb5_auth_context ,
+and thus no special handling is needed.
+.Dv NULL
+is not a valid keyblock to
+.Fn krb5_auth_con_setkey .
+.Pp
+.Fn krb5_auth_con_setuserkey
+is only useful when doing user to user authentication.
+.Fn krb5_auth_con_setkey
+is equivalent to
+.Fn krb5_auth_con_setuserkey .
+.Pp
+.Fn krb5_auth_con_getlocalsubkey ,
+.Fn krb5_auth_con_setlocalsubkey ,
+.Fn krb5_auth_con_getremotesubkey
+and
+.Fn krb5_auth_con_setremotesubkey
+gets and sets the keyblock for the local and remote subkey. The keyblock returned by
+.Fn krb5_auth_con_getlocalsubkey
+and
+.Fn krb5_auth_con_getremotesubkey
+must be freed with
+.Fn krb5_free_keyblock .
+.Pp
+.Fn krb5_auth_setcksumtype
+and
+.Fn krb5_auth_getcksumtype
+sets and gets the checksum type that should be used for this
+connection.
+.Pp
+.Fn krb5_auth_getremoteseqnumber
+.Fn krb5_auth_setremoteseqnumber ,
+.Fn krb5_auth_getlocalseqnumber
+and
+.Fn krb5_auth_setlocalseqnumber
+gets and sets the sequence-number for the local and remote
+sequence-number counter.
+.Pp
+.Fn krb5_auth_setkeytype
+and
+.Fn krb5_auth_getkeytype
+gets and gets the keytype of the keyblock in
+.Nm krb5_auth_context .
+.Pp
+.Fn krb5_auth_getauthenticator
+Retrieves the authenticator that was used during mutual
+authentication. The
+.Dv authenticator
+returned should be freed by calling
+.Fn krb5_free_authenticator .
+.Pp
+.Fn krb5_auth_con_getrcache
+and
+.Fn krb5_auth_con_setrcache
+gets and sets the replay-cache.
+.Pp
+.Fn krb5_auth_con_initivector
+allocates memory for and zeros the initial vector in the
+.Fa auth_context
+keyblock.
+.Pp
+.Fn krb5_auth_con_setivector
+sets the i_vector portion of
+.Fa auth_context
+to
+.Fa ivector .
+.Sh SEE ALSO
+.Xr krb5_context 3 ,
+.Xr kerberos 8
diff --git a/crypto/heimdal/lib/krb5/krb5_build_principal.3 b/crypto/heimdal/lib/krb5/krb5_build_principal.3
index 16ccf72ace3a..db703a42ddb6 100644
--- a/crypto/heimdal/lib/krb5/krb5_build_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_build_principal.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_build_principal.3,v 1.1 1997/08/14 00:03:16 joda Exp $
+.\" $Id: krb5_build_principal.3,v 1.2 2001/01/26 22:43:21 assar Exp $
.Dd August 8, 1997
.Dt KRB5_BUILD_PRINCIPAL 3
.Os HEIMDAL
@@ -10,28 +10,19 @@
.Nm krb5_build_principal_va_ext ,
.Nm krb5_make_principal
.Nd Principal creation functions
-
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_build_principal "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..."
-
.Ft krb5_error_code
.Fn krb5_build_principal_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "..."
-
.Ft krb5_error_code
.Fn krb5_build_principal_va "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap"
-
.Ft krb5_error_code
.Fn krb5_build_principal_va_ext "krb5_context context" "krb5_principal *principal" "int realm_len" "krb5_const_realm realm" "va_list ap"
-
.Ft krb5_error_code
.Fn krb5_make_principal "krb5_context context" "krb5_principal *principal" "krb5_const_realm realm" "..."
-
-
.Sh DESCRIPTION
-
These functions create a Kerberos 5 principal from a realm and a list
of components.
All of these functions return an allocated principal in the
@@ -65,7 +56,6 @@ is a wrapper around
If the realm is
.Dv NULL ,
the default realm will be used.
-
.Sh BUGS
You can not have a NUL in a component. Until someone can give a good
example of where it would be a good idea to have NUL's in a component,
diff --git a/crypto/heimdal/lib/krb5/krb5_config.3 b/crypto/heimdal/lib/krb5/krb5_config.3
new file mode 100644
index 000000000000..b5a74db93b79
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/krb5_config.3
@@ -0,0 +1,71 @@
+.\" Copyright (c) 2000 Kungliga Tekniska Högskolan
+.\" $Id: krb5_config.3,v 1.1 2000/07/25 10:22:46 joda Exp $
+.Dd July 25, 2000
+.Dt KRB5_CONFIG 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_config_get_bool_default ,
+.Nm krb5_config_get_int_default ,
+.Nm krb5_config_get_string_default ,
+.Nm krb5_config_get_time_default
+.Nd Get configuration value
+
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+
+.Ft krb5_boolean
+.Fn krb5_config_get_bool_default "krb5_context context" "krb5_config_section *c" "krb5_boolean def_value" "..."
+.Ft int
+.Fn krb5_config_get_int_default "krb5_context context" "krb5_config_section *c" "int def_value" "..."
+.Ft const char*
+.Fn krb5_config_get_string_default "krb5_context context" "krb5_config_section *c" "const char *def_value" "..."
+.Ft int
+.Fn krb5_config_get_time_default "krb5_context context" "krb5_config_section *c" "int def_value" "..."
+
+.Sh DESCRIPTION
+
+These functions get values from the
+.Xr krb5.conf 5
+configuration file, or another configuration database specified by the
+.Fa c
+parameter.
+
+The variable arguments should be a list of strings naming each
+subsection to look for. For example:
+
+.Bd -literal -offset indent
+krb5_config_get_bool_default(context, NULL, FALSE, "libdefaults", "log_utc", NULL)
+.Ed
+
+gets the boolean value for the
+.Dv log_utc
+option, defaulting to
+.Dv FALSE .
+
+.Fn krb5_config_get_bool_default
+will convert the option value to a boolean value, where
+.Sq yes ,
+.Sq true ,
+and any non-zero number means
+.Dv TRUE ,
+and any other value
+.Dv FALSE .
+
+.Fn krb5_config_get_int_default
+will convert the value to an integer.
+
+.Fn krb5_config_get_time_default
+will convert the value to a period of time (not a time stamp) in
+seconds, so the string
+.Sq 2 weeks
+will be converted to
+1209600 (2 * 7 * 24 * 60 * 60).
+
+.Sh BUGS
+
+Other than for the string case, there's no way to tell whether there
+was a value specified or not.
+
+.Sh SEE ALSO
+.Xr krb5_appdefault 3 ,
+.Xr krb5.conf 5
diff --git a/crypto/heimdal/lib/krb5/krb5_context.3 b/crypto/heimdal/lib/krb5/krb5_context.3
new file mode 100644
index 000000000000..83a768d1a6b4
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/krb5_context.3
@@ -0,0 +1,20 @@
+.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
+.\" $Id: krb5_context.3,v 1.1 2001/01/28 21:39:29 assar Exp $
+.Dd Jan 21, 2001
+.Dt KRB5_CONTEXT 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_context
+.Sh DESCRIPTION
+The
+.Nm
+structure is designed to hold all per thread state. All global
+variables that are context specific are stored in this struture,
+including default encryption types, credential-cache (ticket file), and
+default realms.
+.Pp
+The internals of the structure should never be accessed directly,
+functions exist for extracting information.
+.Sh SEE ALSO
+.Xr krb5_init_context 3 ,
+.Xr kerberos 8
diff --git a/crypto/heimdal/lib/krb5/krb5_create_checksum.3 b/crypto/heimdal/lib/krb5/krb5_create_checksum.3
index e2362a98acb9..9472ed6d9ebc 100644
--- a/crypto/heimdal/lib/krb5/krb5_create_checksum.3
+++ b/crypto/heimdal/lib/krb5/krb5_create_checksum.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
-.\" $Id: krb5_create_checksum.3,v 1.1 1999/04/18 13:47:11 joda Exp $
+.\" $Id: krb5_create_checksum.3,v 1.2 2001/01/26 22:43:21 assar Exp $
.Dd April 7, 1999
.Dt NAME 3
.Os HEIMDAL
@@ -12,19 +12,14 @@
.Nd creates and verifies checksums
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_create_checksum "krb5_context context" "krb5_crypto crypto" "unsigned usage_or_type" "void *data" "size_t len" "Checksum *result"
-
.Ft krb5_error_code
.Fn krb5_verify_checksum "krb5_context context" "krb5_crypto crypto" "krb5_key_usage usage" "void *data" "size_t len" "Checksum *cksum"
-
.Ft krb5_boolean
.Fn krb5_checksum_is_collision_proof "krb5_context context" "krb5_cksumtype type"
-
.Ft krb5_boolean
.Fn krb5_checksum_is_keyed "krb5_context context" "krb5_cksumtype type"
-
.Sh DESCRIPTION
These functions are used to create and verify checksums.
.Fn krb5_create_checksum
@@ -60,7 +55,6 @@ value is a function of both the data, and a separate key). Examples of
keyed hash algorithms are HMAC-SHA1-DES3, and RSA-MD5-DES. The
.Dq plain
hash functions MD5, and SHA1 are not keyed.
-
.\" .Sh EXAMPLE
.\" .Sh BUGS
.Sh SEE ALSO
diff --git a/crypto/heimdal/lib/krb5/krb5_crypto_init.3 b/crypto/heimdal/lib/krb5/krb5_crypto_init.3
index 29db8c1e59e8..7d4656718d0a 100644
--- a/crypto/heimdal/lib/krb5/krb5_crypto_init.3
+++ b/crypto/heimdal/lib/krb5/krb5_crypto_init.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
-.\" $Id: krb5_crypto_init.3,v 1.1 1999/04/18 13:47:21 joda Exp $
+.\" $Id: krb5_crypto_init.3,v 1.2 2001/01/26 22:43:22 assar Exp $
.Dd April 7, 1999
.Dt NAME 3
.Os HEIMDAL
@@ -9,13 +9,10 @@
.Nd initialize encryption context
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_crypto_init "krb5_context context" "krb5_keyblock *key" "krb5_enctype enctype" "krb5_crypto *crypto"
-
.Ft krb5_error_code
.Fn krb5_crypto_destroy "krb5_context context" "krb5_crypto crypto"
-
.Sh DESCRIPTION
These functions are used to initialize an encryption context that can
be used to encrypt or checksum data.
@@ -33,7 +30,6 @@ with the
.Pp
.Fn krb5_crypto_destroy
frees a previously allocated encrypion context.
-
.\" .Sh EXAMPLE
.\" .Sh BUGS
.Sh SEE ALSO
diff --git a/crypto/heimdal/lib/krb5/krb5_encrypt.3 b/crypto/heimdal/lib/krb5/krb5_encrypt.3
index d8cc89eee3d2..291e5034d31b 100644
--- a/crypto/heimdal/lib/krb5/krb5_encrypt.3
+++ b/crypto/heimdal/lib/krb5/krb5_encrypt.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
-.\" $Id: krb5_encrypt.3,v 1.1 1999/04/18 13:47:30 joda Exp $
+.\" $Id: krb5_encrypt.3,v 1.2 2001/01/26 22:43:22 assar Exp $
.Dd April 7, 1999
.Dt KRB5_ENCRYPT 3
.Os HEIMDAL
@@ -11,19 +11,14 @@
.Nd encrypt and decrypt data
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_encrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result"
-
.Ft krb5_error_code
.Fn krb5_encrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "int kvno" "EncryptedData *result"
-
.Ft krb5_error_code
.Fn krb5_decrypt "krb5_context context" "krb5_crypto crypto" "unsigned usage" "void *data" "size_t len" "krb5_data *result"
-
.Ft krb5_error_code
.Fn krb5_decrypt_EncryptedData "krb5_context context" "krb5_crypto crypto" "unsigned usage" "EncryptedData *e" "krb5_data *result"
-
.Sh DESCRIPTION
These functions are used to encrypt and decrypt data.
.Pp
@@ -52,7 +47,6 @@ is not zero, it will be put in the
and
.Fn krb5_decrypt_EncryptedData
works similarly.
-
.\" .Sh EXAMPLE
.\" .Sh BUGS
.Sh SEE ALSO
diff --git a/crypto/heimdal/lib/krb5/krb5_err.et b/crypto/heimdal/lib/krb5/krb5_err.et
index 895ae66d8142..34279239eaed 100644
--- a/crypto/heimdal/lib/krb5/krb5_err.et
+++ b/crypto/heimdal/lib/krb5/krb5_err.et
@@ -3,7 +3,7 @@
#
# This might look like a com_err file, but is not
#
-id "$Id: krb5_err.et,v 1.8 2000/02/07 12:54:17 joda Exp $"
+id "$Id: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $"
error_table krb5
@@ -68,10 +68,30 @@ index 60
error_code GENERIC, "Generic error (see e-text)"
error_code FIELD_TOOLONG, "Field is too long for this implementation"
-# 62-127 are reserved
+# pkinit
+index 62
+prefix KDC_ERROR
+error_code CLIENT_NOT_TRUSTED, "Client not trusted"
+error_code KDC_NOT_TRUSTED, "KDC not trusted"
+error_code INVALID_SIG, "Invalid signature"
+error_code KEY_TOO_WEAK, "Key too weak"
+error_code CERTIFICATE_MISMATCH, "Certificate mismatch"
+prefix KRB5_AP_ERR
+error_code USER_TO_USER_REQUIRED, "User to user required"
+prefix KDC_ERROR
+error_code CANT_VERIFY_CERTIFICATE, "Cannot verify certificate"
+error_code INVALID_CERTIFICATE, "Invalid certificate"
+error_code REVOKED_CERTIFICATE, "Revoked certificate"
+error_code REVOCATION_STATUS_UNKNOWN, "Revocation status unknown"
+error_code REVOCATION_STATUS_UNAVAILABLE,"Revocation status unavailable"
+error_code CLIENT_NAME_MISMATCH, "Client name mismatch"
+error_code KDC_NAME_MISMATCH, "KDC name mismatch"
+
+# 77-127 are reserved
+
index 128
prefix
-error_code KRB5_ERR_RCSID, "$Id: krb5_err.et,v 1.8 2000/02/07 12:54:17 joda Exp $"
+error_code KRB5_ERR_RCSID, "$Id: krb5_err.et,v 1.9 2000/04/06 00:41:37 assar Exp $"
error_code KRB5_LIBOS_BADLOCKFLAG, "Invalid flag for file lock mode"
error_code KRB5_LIBOS_CANTREADPWD, "Cannot read password"
diff --git a/crypto/heimdal/lib/krb5/krb5_free_principal.3 b/crypto/heimdal/lib/krb5/krb5_free_principal.3
index ba5888af3d9a..1f318ccb4c2d 100644
--- a/crypto/heimdal/lib/krb5/krb5_free_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_free_principal.3
@@ -1,27 +1,22 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_free_principal.3,v 1.1 1997/08/14 00:03:17 joda Exp $
+.\" $Id: krb5_free_principal.3,v 1.2 2001/01/26 22:43:22 assar Exp $
.Dd August 8, 1997
.Dt KRB5_FREE_PRINCIPAL 3
.Os HEIMDAL
.Sh NAME
.Nm krb5_free_principal
.Nd Principal free function
-
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft void
.Fn krb5_free_principal "krb5_context context" "krb5_principal principal"
-
.Sh DESCRIPTION
-
The
.Fn krb5_free_principal
will free a principal that has been created with
.Fn krb5_build_principal ,
.Fn krb5_parse_name ,
or with some other function.
-
.Sh SEE ALSO
.Xr krb5_425_conv_principal 3 ,
.Xr krb5_build_principal 3 ,
diff --git a/crypto/heimdal/lib/krb5/krb5_init_context.3 b/crypto/heimdal/lib/krb5/krb5_init_context.3
new file mode 100644
index 000000000000..7e27ec238ba3
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/krb5_init_context.3
@@ -0,0 +1,38 @@
+.\" Copyright (c) 2001 Kungliga Tekniska Högskolan
+.\" $Id: krb5_init_context.3,v 1.1 2001/01/28 21:39:29 assar Exp $
+.Dd Jan 21, 2001
+.Dt KRB5_CONTEXT 3
+.Os HEIMDAL
+.Sh NAME
+.Nm krb5_init_context ,
+.Nm krb5_free_context
+.Sh SYNOPSIS
+.Fd #include <krb5.h>
+.Ft krb5_error_code
+.Fn krb5_init_context "krb5_context *context"
+.Ft void
+.Fn krb5_free_context "krb5_context *context"
+.Sh DESCRIPTION
+The
+.Fn krb5_init_context
+function initializes the
+.Fa context
+structure and reads the configration file
+.Pa /etc/krb5.conf .
+.Pp
+The structure should be freed by calling
+.Fn krb5_free_context
+when it is no longer being used.
+.Sh RETURN VALUES
+.Fn krb5_init_context
+returns 0 to indicate success.
+Otherwise an errno code is returned.
+Failure means either that something bad happened during initialization
+(typically
+.Bq ENOMEM )
+or that Kerberos should not be used
+.Bq ENXIO .
+.Sh SEE ALSO
+.Xr krb5_context 3 ,
+.Xr errno 2 ,
+.Xr kerberos 8
diff --git a/crypto/heimdal/lib/krb5/krb5_locl.h b/crypto/heimdal/lib/krb5/krb5_locl.h
index b7093b1b14d0..7ea90385cbe2 100644
--- a/crypto/heimdal/lib/krb5/krb5_locl.h
+++ b/crypto/heimdal/lib/krb5/krb5_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: krb5_locl.h,v 1.63 1999/12/02 17:05:11 joda Exp $ */
+/* $Id: krb5_locl.h,v 1.64 2001/01/29 02:09:00 assar Exp $ */
#ifndef __KRB5_LOCL_H__
#define __KRB5_LOCL_H__
@@ -109,11 +109,31 @@ struct sockaddr_dl;
#include <parse_time.h>
#include <base64.h>
+#ifdef HAVE_OPENSSL_DES_H
+#include <openssl/des.h>
+#else
#include <des.h>
+#endif
+#ifdef HAVE_OPENSSL_MD4_H
+#include <openssl/md4.h>
+#else
#include <md4.h>
+#endif
+#ifdef HAVE_OPENSSL_MD5_H
+#include <openssl/md5.h>
+#else
#include <md5.h>
+#endif
+#ifdef HAVE_OPENSSL_SHA_H
+#include <openssl/sha.h>
+#else
#include <sha.h>
+#endif
+#ifdef HAVE_OPENSSL_RC4_H
+#include <openssl/rc4.h>
+#else
#include <rc4.h>
+#endif
#include <asn1.h>
#include <der.h>
diff --git a/crypto/heimdal/lib/krb5/krb5_openlog.3 b/crypto/heimdal/lib/krb5/krb5_openlog.3
index 87040ba89c91..55764759ceb4 100644
--- a/crypto/heimdal/lib/krb5/krb5_openlog.3
+++ b/crypto/heimdal/lib/krb5/krb5_openlog.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_openlog.3,v 1.4 1999/04/07 14:06:32 joda Exp $
+.\" $Id: krb5_openlog.3,v 1.5 2001/01/26 22:43:22 assar Exp $
.Dd August 6, 1997
.Dt KRB5_OPENLOG 3
.Os HEIMDAL
@@ -16,40 +16,28 @@
.Nd Heimdal logging functions
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
-.\" ouch!
-.ds xx \\*(fP\fR(\fP\\*(lI*\\*(fP
-.ds xy \fR)\|\fP
-.Fn "\\*(lItypedef void \\*(xxkrb5_log_log_func_t\\*(xy" "const char *time" "const char *message" "void *data"
-.Fn "\\*(lItypedef void \\*(xxkrb5_log_close_func_t\\*(xy" "void *data"
-
+.Ft "typedef void"
+.Fn "\*(lp*krb5_log_log_func_t\*(rp" "const char *time" "const char *message" "void *data"
+.Ft "typedef void"
+.Fn "\*(lp*krb5_log_close_func_t\*(rp" "void *data"
.Ft krb5_error_code
.Fn krb5_addlog_dest "krb5_context context" "krb5_log_facility *facility" "const char *destination"
-
.Ft krb5_error_code
.Fn krb5_addlog_func "krb5_context context" "krb5_log_facility *facility" "int min" "int max" "krb5_log_log_func_t log" "krb5_log_close_func_t close" "void *data"
-
.Ft krb5_error_code
.Fn krb5_closelog "krb5_context context" "krb5_log_facility *facility"
-
.Ft krb5_error_code
.Fn krb5_initlog "krb5_context context" "const char *program" "krb5_log_facility **facility"
-
.Ft krb5_error_code
.Fn krb5_log "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "..."
-
.Ft krb5_error_code
.Fn krb5_log_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "..."
-
.Ft krb5_error_code
.Fn krb5_openlog "krb5_context context" "const char *program" "krb5_log_facility **facility"
-
.Ft krb5_error_code
.Fn krb5_vlog "krb5_context context" "krb5_log_facility *facility" "int level" "const char *format" "va_list arglist"
-
.Ft krb5_error_code
.Fn krb5_vlog_msg "krb5_context context" "krb5_log_facility *facility" "char **reply" "int level" "const char *format" "va_list arglist"
-
.Sh DESCRIPTION
These functions logs messages to one or more destinations.
.Pp
@@ -97,7 +85,6 @@ is a standard
.Fn printf
style format string (but see the BUGS section).
.Pp
-
If you want better control of where things gets logged, you can instead of using
.Fn krb5_openlog
call
@@ -135,9 +122,7 @@ calls
and then calls
.Fn krb5_addlog_dest
for each destination found.
-
.Ss Destinations
-
The defined destinations (as specified in
.Pa krb5.conf )
follows:
diff --git a/crypto/heimdal/lib/krb5/krb5_parse_name.3 b/crypto/heimdal/lib/krb5/krb5_parse_name.3
index db9236c774f7..c5b0c1d67a1b 100644
--- a/crypto/heimdal/lib/krb5/krb5_parse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_parse_name.3
@@ -1,20 +1,16 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_parse_name.3,v 1.1 1997/08/14 00:03:17 joda Exp $
+.\" $Id: krb5_parse_name.3,v 1.2 2001/01/26 22:43:22 assar Exp $
.Dd August 8, 1997
.Dt KRB5_PARSE_NAME 3
.Os HEIMDAL
.Sh NAME
.Nm krb5_parse_name
.Nd String to principal conversion
-
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_parse_name "krb5_context context" "const char *name" "krb5_principal *principal"
-
.Sh DESCRIPTION
-
.Fn krb5_parse_name
converts a string representation of a princpal name to
.Nm krb5_principal .
diff --git a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3 b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3
index aea4150189e0..2c9f40575544 100644
--- a/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3
+++ b/crypto/heimdal/lib/krb5/krb5_sname_to_principal.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_sname_to_principal.3,v 1.1 1997/08/14 00:03:18 joda Exp $
+.\" $Id: krb5_sname_to_principal.3,v 1.2 2001/01/26 22:43:22 assar Exp $
.Dd August 8, 1997
.Dt KRB5_PRINCIPAL 3
.Os HEIMDAL
@@ -7,18 +7,13 @@
.Nm krb5_sname_to_principal ,
.Nm krb5_sock_to_principal
.Nd Create a service principal
-
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_sname_to_principal "krb5_context context" "const char *hostname" "const char *sname" "int32_t type" "krb5_principal *principal"
-
.Ft krb5_error_code
.Fn krb5_sock_to_principal "krb5_context context" "int socket" "const char *sname" "int32_t type" "krb5_principal *principal"
-
.Sh DESCRIPTION
-
These functions create a
.Dq service
principal that can, for instance, be used to lookup a key in a keytab. For both these function the
@@ -49,7 +44,6 @@ of the passed
which should be a bound
.Dv AF_INET
socket.
-
.Sh SEE ALSO
.Xr krb5_425_conv_principal 3 ,
.Xr krb5_build_principal 3 ,
diff --git a/crypto/heimdal/lib/krb5/krb5_unparse_name.3 b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
index 13277d6b8d44..5a744aff3983 100644
--- a/crypto/heimdal/lib/krb5/krb5_unparse_name.3
+++ b/crypto/heimdal/lib/krb5/krb5_unparse_name.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_unparse_name.3,v 1.1 1997/08/14 00:03:19 joda Exp $
+.\" $Id: krb5_unparse_name.3,v 1.2 2001/01/26 22:43:22 assar Exp $
.Dd August 8, 1997
.Dt KRB5_UNPARSE_NAME 3
.Os HEIMDAL
@@ -7,25 +7,19 @@
.Nm krb5_unparse_name
.\" .Nm krb5_unparse_name_ext
.Nd Principal to string conversion
-
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_unparse_name "krb5_context context" "krb5_principal principal" "char **name"
-
.\" .Ft krb5_error_code
.\" .Fn krb5_unparse_name_ext "krb5_context context" "krb5_const_principal principal" "char **name" "size_t *size"
-
.Sh DESCRIPTION
-
This function takes a
.Fa principal ,
and will convert in to a printable representation with the same syntax as decribed in
.Xr krb5_parse_name 3 .
.Fa *name
will point to allocated data and should be freed by the caller.
-
.Sh SEE ALSO
.Xr krb5_425_conv_principal 3 ,
.Xr krb5_build_principal 3 ,
diff --git a/crypto/heimdal/lib/krb5/krb5_warn.3 b/crypto/heimdal/lib/krb5/krb5_warn.3
index 521da0e7a06a..ae3a330c0f85 100644
--- a/crypto/heimdal/lib/krb5/krb5_warn.3
+++ b/crypto/heimdal/lib/krb5/krb5_warn.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1997 Kungliga Tekniska Högskolan
-.\" $Id: krb5_warn.3,v 1.2 1997/08/08 03:45:55 joda Exp $
+.\" $Id: krb5_warn.3,v 1.3 2001/01/26 22:43:23 assar Exp $
.Dd August 8, 1997
.Dt KRB5_WARN 3
.Os HEIMDAL
@@ -16,36 +16,25 @@
.Nd Heimdal warning and error functions
.Sh SYNOPSIS
.Fd #include <krb5.h>
-
.Ft krb5_error_code
.Fn krb5_err "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "..."
-
.Ft krb5_error_code
.Fn krb5_errx "krb5_context context" "int eval" "const char *format" "..."
-
.Ft krb5_error_code
.Fn krb5_verr "krb5_context context" "int eval" "krb5_error_code code" "const char *format" "va_list ap"
-
.Ft krb5_error_code
.Fn krb5_verrx "krb5_context context" "int eval" "const char *format" "va_list ap"
-
.Ft krb5_error_code
.Fn krb5_vwarn "krb5_context context" "krb5_error_code code" "const char *format" "va_list ap"
-
.Ft krb5_error_code
.Fn krb5_vwarnx "krb5_context context" "const char *format" "va_list ap"
-
.Ft krb5_error_code
.Fn krb5_warn "krb5_context context" "krb5_error_code code" "const char *format" "..."
-
.Ft krb5_error_code
.Fn krb5_warnx "krb5_context context" "const char *format" "..."
-
.Ft krb5_error_code
.Fn krb5_set_warn_dest "krb5_context context" "krb5_log_facility *facility"
-
.Sh DESCRIPTION
-
These functions prints a warning message to some destination.
.Fa format
is a printf style format specifying the message to print. The forms not ending in an
@@ -68,6 +57,5 @@ Messages logged with the
functions have a log level of 1, while the
.Dq err
functions logs with level 0.
-
.Sh SEE ALSO
.Xr krb5_openlog 3
diff --git a/crypto/heimdal/lib/krb5/krbhst.c b/crypto/heimdal/lib/krb5/krbhst.c
index 8d5c4e407180..b257e8b0b049 100644
--- a/crypto/heimdal/lib/krb5/krbhst.c
+++ b/crypto/heimdal/lib/krb5/krbhst.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -34,7 +34,7 @@
#include "krb5_locl.h"
#include <resolve.h>
-RCSID("$Id: krbhst.c,v 1.23 1999/12/11 23:14:25 assar Exp $");
+RCSID("$Id: krbhst.c,v 1.25 2001/01/19 04:30:54 assar Exp $");
/*
* assuming that `*res' contains `*count' strings, add a copy of `string'.
@@ -58,6 +58,11 @@ add_string(char ***res, int *count, const char *string)
return 0;
}
+/*
+ * do a SRV lookup for `realm, proto, service' returning the result
+ * in `res, count'
+ */
+
static krb5_error_code
srv_find_realm(krb5_context context, char ***res, int *count,
const char *realm, const char *proto, const char *service)
@@ -131,7 +136,7 @@ get_krbhst (krb5_context context,
"realms", *realm, conf_string, NULL);
for(r = res, count = 0; r && *r; r++, count++);
- if(context->srv_lookup) {
+ if(count == 0 && context->srv_lookup) {
char *s[] = { "udp", "tcp", "http" }, **q;
for(q = s; q < s + sizeof(s) / sizeof(s[0]); q++) {
ret = srv_find_realm(context, &res, &count, *realm, *q,
@@ -157,6 +162,10 @@ get_krbhst (krb5_context context,
return 0;
}
+/*
+ * set `hostlist' to a malloced list of kadmin servers.
+ */
+
krb5_error_code
krb5_get_krb_admin_hst (krb5_context context,
const krb5_realm *realm,
@@ -166,15 +175,30 @@ krb5_get_krb_admin_hst (krb5_context context,
hostlist);
}
+/*
+ * set `hostlist' to a malloced list of changepw servers.
+ */
+
krb5_error_code
krb5_get_krb_changepw_hst (krb5_context context,
const krb5_realm *realm,
char ***hostlist)
{
- return get_krbhst (context, realm, "admin_server", "kpasswd",
- hostlist);
+ krb5_error_code ret;
+
+ ret = get_krbhst (context, realm, "kpasswd_server", "kpasswd",
+ hostlist);
+ if (ret)
+ return ret;
+ ret = get_krbhst (context, realm, "admin_server", "kpasswd",
+ hostlist);
+ return ret;
}
+/*
+ * set `hostlist' to a malloced list of kerberos servers.
+ */
+
krb5_error_code
krb5_get_krbhst (krb5_context context,
const krb5_realm *realm,
@@ -183,6 +207,10 @@ krb5_get_krbhst (krb5_context context,
return get_krbhst (context, realm, "kdc", "kerberos", hostlist);
}
+/*
+ * free all memory associated with `hostlist'
+ */
+
krb5_error_code
krb5_free_krbhst (krb5_context context,
char **hostlist)
diff --git a/crypto/heimdal/lib/krb5/log.c b/crypto/heimdal/lib/krb5/log.c
index e1511e255f91..37bff1dff7ba 100644
--- a/crypto/heimdal/lib/krb5/log.c
+++ b/crypto/heimdal/lib/krb5/log.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: log.c,v 1.21 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: log.c,v 1.25 2000/09/17 21:46:07 assar Exp $");
struct facility {
int min;
@@ -56,14 +56,14 @@ log_realloc(krb5_log_facility *f)
return fp;
}
-struct s2i{
+struct s2i {
char *s;
int val;
};
#define L(X) { #X, LOG_ ## X }
-struct s2i syslogvals[] = {
+static struct s2i syslogvals[] = {
L(EMERG),
L(ALERT),
L(CRIT),
@@ -356,18 +356,22 @@ krb5_vlog_msg(krb5_context context,
__attribute__((format (printf, 5, 0)))
{
char *msg;
+ const char *actual;
char buf[64];
time_t t;
int i;
vasprintf(&msg, fmt, ap);
+ if (msg != NULL)
+ actual = msg;
+ else
+ actual = fmt;
t = time(NULL);
- strftime(buf, sizeof(buf), context->time_fmt,
- context->log_utc ? gmtime(&t) : localtime(&t));
+ krb5_format_time(context, t, buf, sizeof(buf), TRUE);
for(i = 0; i < fac->len; i++)
if(fac->val[i].min <= level &&
(fac->val[i].max < 0 || fac->val[i].max >= level))
- (*fac->val[i].log)(buf, msg, fac->val[i].data);
+ (*fac->val[i].log)(buf, actual, fac->val[i].data);
*reply = msg;
return 0;
}
diff --git a/crypto/heimdal/lib/krb5/mcache.c b/crypto/heimdal/lib/krb5/mcache.c
index d45deea13d19..29c5cfd14a47 100644
--- a/crypto/heimdal/lib/krb5/mcache.c
+++ b/crypto/heimdal/lib/krb5/mcache.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,43 +33,97 @@
#include "krb5_locl.h"
-RCSID("$Id: mcache.c,v 1.10 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: mcache.c,v 1.12 2000/11/15 02:12:51 assar Exp $");
typedef struct krb5_mcache {
+ char *name;
+ unsigned int refcnt;
krb5_principal primary_principal;
struct link {
krb5_creds cred;
struct link *next;
} *creds;
+ struct krb5_mcache *next;
} krb5_mcache;
+static struct krb5_mcache *mcc_head;
+
+#define MCACHE(X) ((krb5_mcache *)(X)->data.data)
+
+#define MISDEAD(X) ((X)->primary_principal == NULL)
+
#define MCC_CURSOR(C) ((struct link*)(C))
static char*
mcc_get_name(krb5_context context,
krb5_ccache id)
{
- return ""; /* XXX */
+ return MCACHE(id)->name;
+}
+
+static krb5_mcache *
+mcc_alloc(const char *name)
+{
+ krb5_mcache *m;
+ ALLOC(m, 1);
+ if(m == NULL)
+ return NULL;
+ if(name == NULL)
+ asprintf(&m->name, "%p", m);
+ else
+ m->name = strdup(name);
+ if(m->name == NULL) {
+ free(m);
+ return NULL;
+ }
+ m->refcnt = 1;
+ m->primary_principal = NULL;
+ m->creds = NULL;
+ m->next = mcc_head;
+ mcc_head = m;
+ return m;
}
static krb5_error_code
mcc_resolve(krb5_context context, krb5_ccache *id, const char *res)
{
- krb5_abortx(context, "unimplemented mcc_resolve called");
+ krb5_mcache *m;
+
+ for (m = mcc_head; m != NULL; m = m->next)
+ if (strcmp(m->name, res) == 0)
+ break;
+
+ if (m != NULL) {
+ m->refcnt++;
+ (*id)->data.data = m;
+ (*id)->data.length = sizeof(*m);
+ return 0;
+ }
+
+ m = mcc_alloc(res);
+ if (m == NULL)
+ return KRB5_CC_NOMEM;
+
+ (*id)->data.data = m;
+ (*id)->data.length = sizeof(*m);
+
+ return 0;
}
+
static krb5_error_code
mcc_gen_new(krb5_context context, krb5_ccache *id)
{
krb5_mcache *m;
- m = malloc (sizeof(*m));
+ m = mcc_alloc(NULL);
+
if (m == NULL)
return KRB5_CC_NOMEM;
- m->primary_principal = NULL;
- m->creds = NULL;
+
(*id)->data.data = m;
(*id)->data.length = sizeof(*m);
+
return 0;
}
@@ -78,37 +132,25 @@ mcc_initialize(krb5_context context,
krb5_ccache id,
krb5_principal primary_principal)
{
- krb5_error_code ret;
- krb5_mcache *m;
-
- m = (krb5_mcache *)id->data.data;
-
- ret = krb5_copy_principal (context,
- primary_principal,
- &m->primary_principal);
- if (ret)
- return ret;
- return 0;
+ return krb5_copy_principal (context,
+ primary_principal,
+ &MCACHE(id)->primary_principal);
}
static krb5_error_code
mcc_close(krb5_context context,
krb5_ccache id)
{
- krb5_mcache *m = (krb5_mcache *)id->data.data;
- struct link *l;
+ krb5_mcache *m = MCACHE(id);
- krb5_free_principal (context, m->primary_principal);
- l = m->creds;
- while (l != NULL) {
- struct link *old;
+ if (--m->refcnt != 0)
+ return 0;
- krb5_free_creds_contents (context, &l->cred);
- old = l;
- l = l->next;
- free (old);
+ if (MISDEAD(m)) {
+ free (m->name);
+ krb5_data_free(&id->data);
}
- krb5_data_free(&id->data);
+
return 0;
}
@@ -116,6 +158,35 @@ static krb5_error_code
mcc_destroy(krb5_context context,
krb5_ccache id)
{
+ krb5_mcache **n, *m = MCACHE(id);
+ struct link *l;
+
+ if (m->refcnt == 0)
+ krb5_abortx(context, "mcc_destroy: refcnt already 0");
+
+ if (!MISDEAD(m)) {
+ /* if this is an active mcache, remove it from the linked
+ list, and free all data */
+ for(n = &mcc_head; n && *n; n = &(*n)->next) {
+ if(m == *n) {
+ *n = m->next;
+ break;
+ }
+ }
+ krb5_free_principal (context, m->primary_principal);
+ m->primary_principal = NULL;
+
+ l = m->creds;
+ while (l != NULL) {
+ struct link *old;
+
+ krb5_free_creds_contents (context, &l->cred);
+ old = l;
+ l = l->next;
+ free (old);
+ }
+ m->creds = NULL;
+ }
return 0;
}
@@ -124,10 +195,13 @@ mcc_store_cred(krb5_context context,
krb5_ccache id,
krb5_creds *creds)
{
+ krb5_mcache *m = MCACHE(id);
krb5_error_code ret;
- krb5_mcache *m = (krb5_mcache *)id->data.data;
struct link *l;
+ if (MISDEAD(m))
+ return ENOENT;
+
l = malloc (sizeof(*l));
if (l == NULL)
return KRB5_CC_NOMEM;
@@ -148,7 +222,10 @@ mcc_get_principal(krb5_context context,
krb5_ccache id,
krb5_principal *principal)
{
- krb5_mcache *m = (krb5_mcache *)id->data.data;
+ krb5_mcache *m = MCACHE(id);
+
+ if (MISDEAD(m))
+ return ENOENT;
return krb5_copy_principal (context,
m->primary_principal,
@@ -160,7 +237,11 @@ mcc_get_first (krb5_context context,
krb5_ccache id,
krb5_cc_cursor *cursor)
{
- krb5_mcache *m = (krb5_mcache *)id->data.data;
+ krb5_mcache *m = MCACHE(id);
+
+ if (MISDEAD(m))
+ return ENOENT;
+
*cursor = m->creds;
return 0;
}
@@ -171,8 +252,12 @@ mcc_get_next (krb5_context context,
krb5_cc_cursor *cursor,
krb5_creds *creds)
{
+ krb5_mcache *m = MCACHE(id);
struct link *l;
+ if (MISDEAD(m))
+ return ENOENT;
+
l = *cursor;
if (l != NULL) {
*cursor = l->next;
@@ -195,9 +280,19 @@ static krb5_error_code
mcc_remove_cred(krb5_context context,
krb5_ccache id,
krb5_flags which,
- krb5_creds *cred)
+ krb5_creds *mcreds)
{
- return 0; /* XXX */
+ krb5_mcache *m = MCACHE(id);
+ struct link **q, *p;
+ for(q = &m->creds, p = *q; p; p = *q) {
+ if(krb5_compare_creds(context, which, mcreds, &p->cred)) {
+ *q = p->next;
+ krb5_free_cred_contents(context, &p->cred);
+ free(p);
+ } else
+ q = &p->next;
+ }
+ return 0;
}
static krb5_error_code
diff --git a/crypto/heimdal/lib/krb5/mk_priv.c b/crypto/heimdal/lib/krb5/mk_priv.c
index 1ee2bed033f0..c880f106ee45 100644
--- a/crypto/heimdal/lib/krb5/mk_priv.c
+++ b/crypto/heimdal/lib/krb5/mk_priv.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_priv.c,v 1.25 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: mk_priv.c,v 1.28 2000/08/18 06:48:07 assar Exp $");
/*
*
@@ -52,7 +52,7 @@ krb5_mk_priv(krb5_context context,
u_char *buf;
size_t buf_size;
size_t len;
- int tmp_seq;
+ u_int32_t tmp_seq;
krb5_keyblock *key;
int32_t sec, usec;
KerberosTime sec2;
@@ -76,7 +76,7 @@ krb5_mk_priv(krb5_context context,
usec2 = usec;
part.usec = &usec2;
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
- tmp_seq = ++auth_context->local_seqnumber;
+ tmp_seq = auth_context->local_seqnumber;
part.seq_number = &tmp_seq;
} else {
part.seq_number = NULL;
@@ -117,7 +117,11 @@ krb5_mk_priv(krb5_context context,
s.enc_part.etype = key->keytype;
s.enc_part.kvno = NULL;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret) {
+ free (buf);
+ return ret;
+ }
ret = krb5_encrypt (context,
crypto,
KRB5_KU_KRB_PRIV,
@@ -159,6 +163,9 @@ krb5_mk_priv(krb5_context context,
}
memcpy (outbuf->data, buf + buf_size - len, len);
free (buf);
+ if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
+ auth_context->local_seqnumber =
+ (auth_context->local_seqnumber + 1) & 0xFFFFFFFF;
return 0;
fail:
diff --git a/crypto/heimdal/lib/krb5/mk_rep.c b/crypto/heimdal/lib/krb5/mk_rep.c
index 060be033b13b..ad750b074e31 100644
--- a/crypto/heimdal/lib/krb5/mk_rep.c
+++ b/crypto/heimdal/lib/krb5/mk_rep.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,11 +33,11 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_rep.c,v 1.16 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: mk_rep.c,v 1.18 2000/12/06 20:57:23 joda Exp $");
krb5_error_code
krb5_mk_rep(krb5_context context,
- krb5_auth_context *auth_context,
+ krb5_auth_context auth_context,
krb5_data *outbuf)
{
krb5_error_code ret;
@@ -53,21 +53,21 @@ krb5_mk_rep(krb5_context context,
memset (&body, 0, sizeof(body));
- body.ctime = (*auth_context)->authenticator->ctime;
- body.cusec = (*auth_context)->authenticator->cusec;
+ body.ctime = auth_context->authenticator->ctime;
+ body.cusec = auth_context->authenticator->cusec;
body.subkey = NULL;
- if ((*auth_context)->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
+ if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
krb5_generate_seq_number (context,
- (*auth_context)->keyblock,
- &(*auth_context)->local_seqnumber);
+ auth_context->keyblock,
+ &auth_context->local_seqnumber);
body.seq_number = malloc (sizeof(*body.seq_number));
if (body.seq_number == NULL)
return ENOMEM;
- *(body.seq_number) = (*auth_context)->local_seqnumber;
+ *(body.seq_number) = auth_context->local_seqnumber;
} else
body.seq_number = NULL;
- ap.enc_part.etype = (*auth_context)->keyblock->keytype;
+ ap.enc_part.etype = auth_context->keyblock->keytype;
ap.enc_part.kvno = NULL;
buf_size = length_EncAPRepPart(&body);
@@ -84,8 +84,12 @@ krb5_mk_rep(krb5_context context,
&len);
free_EncAPRepPart (&body);
- krb5_crypto_init(context, (*auth_context)->keyblock,
- 0 /* ap.enc_part.etype */, &crypto);
+ ret = krb5_crypto_init(context, auth_context->keyblock,
+ 0 /* ap.enc_part.etype */, &crypto);
+ if (ret) {
+ free (buf);
+ return ret;
+ }
ret = krb5_encrypt (context,
crypto,
KRB5_KU_AP_REQ_ENC_PART,
diff --git a/crypto/heimdal/lib/krb5/mk_req.c b/crypto/heimdal/lib/krb5/mk_req.c
index 55ecd4692805..a30c19e58e76 100644
--- a/crypto/heimdal/lib/krb5/mk_req.c
+++ b/crypto/heimdal/lib/krb5/mk_req.c
@@ -33,23 +33,19 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_req.c,v 1.20 2000/01/16 10:22:42 assar Exp $");
+RCSID("$Id: mk_req.c,v 1.22 2000/11/15 06:50:53 assar Exp $");
krb5_error_code
-krb5_mk_req(krb5_context context,
- krb5_auth_context *auth_context,
- const krb5_flags ap_req_options,
- const char *service,
- const char *hostname,
- krb5_data *in_data,
- krb5_ccache ccache,
- krb5_data *outbuf)
+krb5_mk_req_exact(krb5_context context,
+ krb5_auth_context *auth_context,
+ const krb5_flags ap_req_options,
+ const krb5_principal server,
+ krb5_data *in_data,
+ krb5_ccache ccache,
+ krb5_data *outbuf)
{
krb5_error_code ret;
krb5_creds this_cred, *cred;
- char **realms;
- krb5_data realm_data;
- char *real_hostname;
memset(&this_cred, 0, sizeof(this_cred));
@@ -58,34 +54,18 @@ krb5_mk_req(krb5_context context,
if(ret)
return ret;
- ret = krb5_expand_hostname_realms (context, hostname,
- &real_hostname, &realms);
+ ret = krb5_copy_principal (context, server, &this_cred.server);
if (ret) {
- krb5_free_principal (context, this_cred.client);
+ krb5_free_creds_contents (context, &this_cred);
return ret;
}
- realm_data.length = strlen(*realms);
- realm_data.data = *realms;
-
- ret = krb5_build_principal (context, &this_cred.server,
- strlen(*realms),
- *realms,
- service,
- real_hostname,
- NULL);
- free (real_hostname);
- krb5_free_host_realm (context, realms);
-
- if (ret) {
- krb5_free_principal (context, this_cred.client);
- return ret;
- }
this_cred.times.endtime = 0;
if (auth_context && *auth_context && (*auth_context)->keytype)
this_cred.session.keytype = (*auth_context)->keytype;
ret = krb5_get_credentials (context, 0, ccache, &this_cred, &cred);
+ krb5_free_creds_contents(context, &this_cred);
if (ret)
return ret;
@@ -96,3 +76,39 @@ krb5_mk_req(krb5_context context,
cred,
outbuf);
}
+
+krb5_error_code
+krb5_mk_req(krb5_context context,
+ krb5_auth_context *auth_context,
+ const krb5_flags ap_req_options,
+ const char *service,
+ const char *hostname,
+ krb5_data *in_data,
+ krb5_ccache ccache,
+ krb5_data *outbuf)
+{
+ krb5_error_code ret;
+ char **realms;
+ char *real_hostname;
+ krb5_principal server;
+
+ ret = krb5_expand_hostname_realms (context, hostname,
+ &real_hostname, &realms);
+ if (ret)
+ return ret;
+
+ ret = krb5_build_principal (context, &server,
+ strlen(*realms),
+ *realms,
+ service,
+ real_hostname,
+ NULL);
+ free (real_hostname);
+ krb5_free_host_realm (context, realms);
+ if (ret)
+ return ret;
+ ret = krb5_mk_req_exact (context, auth_context, ap_req_options,
+ server, in_data, ccache, outbuf);
+ krb5_free_principal (context, server);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/krb5/mk_req_ext.c b/crypto/heimdal/lib/krb5/mk_req_ext.c
index 2b7b886e6bb0..f0f572c38ab3 100644
--- a/crypto/heimdal/lib/krb5/mk_req_ext.c
+++ b/crypto/heimdal/lib/krb5/mk_req_ext.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_req_ext.c,v 1.21 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: mk_req_ext.c,v 1.24 2000/11/15 07:01:26 assar Exp $");
krb5_error_code
krb5_mk_req_internal(krb5_context context,
@@ -42,7 +42,8 @@ krb5_mk_req_internal(krb5_context context,
krb5_data *in_data,
krb5_creds *in_creds,
krb5_data *outbuf,
- krb5_key_usage usage)
+ krb5_key_usage checksum_usage,
+ krb5_key_usage encrypt_usage)
{
krb5_error_code ret;
krb5_data authenticator;
@@ -88,6 +89,11 @@ krb5_mk_req_internal(krb5_context context,
krb5_free_keyblock(context, ac->keyblock);
krb5_copy_keyblock(context, &in_creds->session, &ac->keyblock);
+ /* it's unclear what type of checksum we can use. try the best one, except:
+ * a) if it's configured differently for the current realm, or
+ * b) if the session key is des-cbc-crc
+ */
+
if (in_data) {
if(ac->keyblock->keytype == ETYPE_DES_CBC_CRC) {
/* this is to make DCE secd (and older MIT kdcs?) happy */
@@ -99,10 +105,13 @@ krb5_mk_req_internal(krb5_context context,
&c);
} else {
krb5_crypto crypto;
- krb5_crypto_init(context, ac->keyblock, 0, &crypto);
+
+ ret = krb5_crypto_init(context, ac->keyblock, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_create_checksum(context,
crypto,
- usage,
+ checksum_usage,
in_data->data,
in_data->length,
&c);
@@ -120,7 +129,8 @@ krb5_mk_req_internal(krb5_context context,
in_creds,
c_opt,
NULL,
- &authenticator);
+ &authenticator,
+ encrypt_usage);
if (c_opt)
free_Checksum (c_opt);
if (ret)
@@ -147,5 +157,6 @@ krb5_mk_req_extended(krb5_context context,
in_data,
in_creds,
outbuf,
- KRB5_KU_AP_REQ_AUTH_CKSUM);
+ KRB5_KU_AP_REQ_AUTH_CKSUM,
+ KRB5_KU_AP_REQ_AUTH);
}
diff --git a/crypto/heimdal/lib/krb5/mk_safe.c b/crypto/heimdal/lib/krb5/mk_safe.c
index 4d848a6d783c..2803d386b338 100644
--- a/crypto/heimdal/lib/krb5/mk_safe.c
+++ b/crypto/heimdal/lib/krb5/mk_safe.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: mk_safe.c,v 1.20 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: mk_safe.c,v 1.24 2000/08/18 06:48:40 assar Exp $");
krb5_error_code
krb5_mk_safe(krb5_context context,
@@ -50,7 +50,7 @@ krb5_mk_safe(krb5_context context,
u_char *buf = NULL;
size_t buf_size;
size_t len;
- int tmp_seq;
+ u_int32_t tmp_seq;
krb5_crypto crypto;
s.pvno = 5;
@@ -64,7 +64,7 @@ krb5_mk_safe(krb5_context context,
usec2 = usec2;
s.safe_body.usec = &usec2;
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
- tmp_seq = ++auth_context->local_seqnumber;
+ tmp_seq = auth_context->local_seqnumber;
s.safe_body.seq_number = &tmp_seq;
} else
s.safe_body.seq_number = NULL;
@@ -76,13 +76,20 @@ krb5_mk_safe(krb5_context context,
s.cksum.checksum.data = NULL;
s.cksum.checksum.length = 0;
-
buf_size = length_KRB_SAFE(&s);
buf = malloc(buf_size + 128); /* add some for checksum */
if(buf == NULL)
return ENOMEM;
ret = encode_KRB_SAFE (buf + buf_size - 1, buf_size, &s, &len);
+ if (ret) {
+ free (buf);
+ return ret;
+ }
ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
+ if (ret) {
+ free (buf);
+ return ret;
+ }
ret = krb5_create_checksum(context,
crypto,
KRB5_KU_KRB_SAFE_CKSUM,
@@ -111,5 +118,8 @@ krb5_mk_safe(krb5_context context,
}
memcpy (outbuf->data, buf + buf_size - len, len);
free (buf);
+ if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE)
+ auth_context->local_seqnumber =
+ (auth_context->local_seqnumber + 1) & 0xFFFFFFFF;
return 0;
}
diff --git a/crypto/heimdal/lib/krb5/principal.c b/crypto/heimdal/lib/krb5/principal.c
index 2999868e9a6f..7be1d9312ca7 100644
--- a/crypto/heimdal/lib/krb5/principal.c
+++ b/crypto/heimdal/lib/krb5/principal.c
@@ -38,9 +38,10 @@
#ifdef HAVE_ARPA_NAMESER_H
#include <arpa/nameser.h>
#endif
+#include <fnmatch.h>
#include "resolve.h"
-RCSID("$Id: principal.c,v 1.63 2000/02/07 03:19:05 assar Exp $");
+RCSID("$Id: principal.c,v 1.73 2000/10/16 03:42:14 assar Exp $");
#define princ_num_comp(P) ((P)->name.name_string.len)
#define princ_type(P) ((P)->name.name_type)
@@ -494,6 +495,9 @@ krb5_copy_principal(krb5_context context,
return 0;
}
+/*
+ * return TRUE iff princ1 == princ2 (without considering the realm)
+ */
krb5_boolean
krb5_principal_compare_any_realm(krb5_context context,
@@ -510,6 +514,10 @@ krb5_principal_compare_any_realm(krb5_context context,
return TRUE;
}
+/*
+ * return TRUE iff princ1 == princ2
+ */
+
krb5_boolean
krb5_principal_compare(krb5_context context,
krb5_const_principal princ1,
@@ -520,6 +528,9 @@ krb5_principal_compare(krb5_context context,
return krb5_principal_compare_any_realm(context, princ1, princ2);
}
+/*
+ * return TRUE iff realm(princ1) == realm(princ2)
+ */
krb5_boolean
krb5_realm_compare(krb5_context context,
@@ -529,22 +540,52 @@ krb5_realm_compare(krb5_context context,
return strcmp(princ_realm(princ1), princ_realm(princ2)) == 0;
}
+/*
+ * return TRUE iff princ matches pattern
+ */
+
+krb5_boolean
+krb5_principal_match(krb5_context context,
+ krb5_const_principal princ,
+ krb5_const_principal pattern)
+{
+ int i;
+ if(princ_num_comp(princ) != princ_num_comp(pattern))
+ return FALSE;
+ if(fnmatch(princ_realm(pattern), princ_realm(princ), 0) != 0)
+ return FALSE;
+ for(i = 0; i < princ_num_comp(princ); i++){
+ if(fnmatch(princ_ncomp(pattern, i), princ_ncomp(princ, i), 0) != 0)
+ return FALSE;
+ }
+ return TRUE;
+}
+
+
struct v4_name_convert {
const char *from;
const char *to;
} default_v4_name_convert[] = {
- { "ftp", "ftp" },
- { "hprop", "hprop" },
- { "pop", "pop" },
- { "rcmd", "host" },
+ { "ftp", "ftp" },
+ { "hprop", "hprop" },
+ { "pop", "pop" },
+ { "imap", "imap" },
+ { "rcmd", "host" },
{ NULL, NULL }
};
+/*
+ * return the converted instance name of `name' in `realm'.
+ * look in the configuration file and then in the default set above.
+ * return NULL if no conversion is appropriate.
+ */
+
static const char*
get_name_conversion(krb5_context context, const char *realm, const char *name)
{
struct v4_name_convert *q;
const char *p;
+
p = krb5_config_get_string(context, NULL, "realms", realm,
"v4_name_convert", "host", name, NULL);
if(p == NULL)
@@ -577,6 +618,12 @@ get_name_conversion(krb5_context context, const char *realm, const char *name)
return NULL;
}
+/*
+ * convert the v4 principal `name.instance@realm' to a v5 principal in `princ'.
+ * if `resolve', use DNS.
+ * if `func', use that function for validating the conversion
+ */
+
krb5_error_code
krb5_425_conv_principal_ext(krb5_context context,
const char *name,
@@ -589,7 +636,7 @@ krb5_425_conv_principal_ext(krb5_context context,
const char *p;
krb5_error_code ret;
krb5_principal pr;
- char host[128];
+ char host[MAXHOSTNAMELEN];
/* do the following: if the name is found in the
`v4_name_convert:host' part, is is assumed to be a `host' type
@@ -635,7 +682,17 @@ krb5_425_conv_principal_ext(krb5_context context,
inst = hp->h_name;
#endif
if(inst) {
- ret = krb5_make_principal(context, &pr, realm, name, inst, NULL);
+ char *low_inst = strdup(inst);
+
+ if (low_inst == NULL) {
+#ifdef USE_RESOLVER
+ dns_free_data(r);
+#endif
+ return ENOMEM;
+ }
+ ret = krb5_make_principal(context, &pr, realm, name, low_inst,
+ NULL);
+ free (low_inst);
if(ret == 0) {
if(func == NULL || (*func)(context, pr)){
*princ = pr;
@@ -673,8 +730,7 @@ krb5_425_conv_principal_ext(krb5_context context,
p = krb5_config_get_string(context, NULL, "realms", realm,
"default_domain", NULL);
if(p == NULL){
- /* should this be an error or should it silently
- succeed? */
+ /* this should be an error, just faking a name is not good */
return HEIM_ERR_V4_PRINC_NO_CONV;
}
@@ -801,6 +857,13 @@ name_convert(krb5_context context, const char *name, const char *realm,
return -1;
}
+/*
+ * convert the v5 principal in `principal' into a v4 corresponding one
+ * in `name, instance, realm'
+ * this is limited interface since there's no length given for these
+ * three parameters. They have to be 40 bytes each (ANAME_SZ).
+ */
+
krb5_error_code
krb5_524_conv_principal(krb5_context context,
const krb5_principal principal,
@@ -811,6 +874,7 @@ krb5_524_conv_principal(krb5_context context,
const char *n, *i, *r;
char tmpinst[40];
int type = princ_type(principal);
+ const int aname_sz = 40;
r = principal->realm;
@@ -846,15 +910,12 @@ krb5_524_conv_principal(krb5_context context,
i = tmpinst;
}
- if(strlen(r) >= 40)
+ if (strlcpy (name, n, aname_sz) >= aname_sz)
return KRB5_PARSE_MALFORMED;
- if(strlen(n) >= 40)
+ if (strlcpy (instance, i, aname_sz) >= aname_sz)
return KRB5_PARSE_MALFORMED;
- if(strlen(i) >= 40)
+ if (strlcpy (realm, r, aname_sz) >= aname_sz)
return KRB5_PARSE_MALFORMED;
- strcpy(realm, r);
- strcpy(name, n);
- strcpy(instance, i);
return 0;
}
@@ -870,7 +931,7 @@ krb5_sname_to_principal (krb5_context context,
krb5_principal *ret_princ)
{
krb5_error_code ret;
- char localhost[128];
+ char localhost[MAXHOSTNAMELEN];
char **realms, *host = NULL;
if(type != KRB5_NT_SRV_HST && type != KRB5_NT_UNKNOWN)
diff --git a/crypto/heimdal/lib/krb5/prog_setup.c b/crypto/heimdal/lib/krb5/prog_setup.c
index 4693d08a5e61..dc3b119f2958 100644
--- a/crypto/heimdal/lib/krb5/prog_setup.c
+++ b/crypto/heimdal/lib/krb5/prog_setup.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,8 +33,9 @@
#include "krb5_locl.h"
#include <getarg.h>
+#include <err.h>
-RCSID("$Id: prog_setup.c,v 1.6 1999/12/02 17:05:11 joda Exp $");
+RCSID("$Id: prog_setup.c,v 1.8 2001/01/25 11:20:32 assar Exp $");
void
krb5_std_usage(int code, struct getargs *args, int num_args)
@@ -48,13 +49,16 @@ krb5_program_setup(krb5_context *context, int argc, char **argv,
struct getargs *args, int num_args,
void (*usage)(int, struct getargs*, int))
{
+ krb5_error_code ret;
int optind = 0;
if(usage == NULL)
usage = krb5_std_usage;
set_progname(argv[0]);
- krb5_init_context(context);
+ ret = krb5_init_context(context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
if(getarg(args, num_args, argc, argv, &optind))
(*usage)(1, args, num_args);
diff --git a/crypto/heimdal/lib/krb5/rd_cred.c b/crypto/heimdal/lib/krb5/rd_cred.c
index 71b79b13e6f3..ca8ff027e9cc 100644
--- a/crypto/heimdal/lib/krb5/rd_cred.c
+++ b/crypto/heimdal/lib/krb5/rd_cred.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,13 +33,14 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_cred.c,v 1.9 2000/02/06 05:19:52 assar Exp $");
+RCSID("$Id: rd_cred.c,v 1.12 2001/01/04 16:19:00 joda Exp $");
krb5_error_code
-krb5_rd_cred (krb5_context context,
- krb5_auth_context auth_context,
- krb5_ccache ccache,
- krb5_data *in_data)
+krb5_rd_cred(krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_data *in_data,
+ krb5_creds ***ret_creds,
+ krb5_replay_data *out_data)
{
krb5_error_code ret;
size_t len;
@@ -49,9 +50,9 @@ krb5_rd_cred (krb5_context context,
krb5_crypto crypto;
int i;
- ret = decode_KRB_CRED (in_data->data, in_data->length,
- &cred, &len);
- if (ret)
+ ret = decode_KRB_CRED(in_data->data, in_data->length,
+ &cred, &len);
+ if(ret)
return ret;
if (cred.pvno != 5) {
@@ -64,16 +65,32 @@ krb5_rd_cred (krb5_context context,
goto out;
}
- krb5_crypto_init(context, auth_context->remote_subkey, 0, &crypto);
- ret = krb5_decrypt_EncryptedData(context,
- crypto,
- KRB5_KU_KRB_CRED,
- &cred.enc_part,
- &enc_krb_cred_part_data);
- krb5_crypto_destroy(context, crypto);
- if (ret)
- goto out;
-
+ if (cred.enc_part.etype == ETYPE_NULL) {
+ /* DK: MIT GSS-API Compatibility */
+ enc_krb_cred_part_data.length = cred.enc_part.cipher.length;
+ enc_krb_cred_part_data.data = cred.enc_part.cipher.data;
+ } else {
+ if (auth_context->remote_subkey)
+ ret = krb5_crypto_init(context, auth_context->remote_subkey,
+ 0, &crypto);
+ else
+ ret = krb5_crypto_init(context, auth_context->keyblock,
+ 0, &crypto);
+ /* DK: MIT rsh */
+
+ if (ret)
+ goto out;
+
+ ret = krb5_decrypt_EncryptedData(context,
+ crypto,
+ KRB5_KU_KRB_CRED,
+ &cred.enc_part,
+ &enc_krb_cred_part_data);
+
+ krb5_crypto_destroy(context, crypto);
+ if (ret)
+ goto out;
+ }
ret = krb5_decode_EncKrbCredPart (context,
enc_krb_cred_part_data.data,
@@ -86,7 +103,8 @@ krb5_rd_cred (krb5_context context,
/* check sender address */
if (enc_krb_cred_part.s_address
- && auth_context->remote_address) {
+ && auth_context->remote_address
+ && auth_context->remote_port) {
krb5_address *a;
int cmp;
@@ -113,6 +131,7 @@ krb5_rd_cred (krb5_context context,
/* check receiver address */
if (enc_krb_cred_part.r_address
+ && auth_context->local_address
&& !krb5_address_compare (context,
auth_context->local_address,
enc_krb_cred_part.r_address)) {
@@ -135,51 +154,104 @@ krb5_rd_cred (krb5_context context,
}
}
- /* XXX - check replay cache */
+ if(out_data != NULL) {
+ if(enc_krb_cred_part.timestamp)
+ out_data->timestamp = *enc_krb_cred_part.timestamp;
+ else
+ out_data->timestamp = 0;
+ if(enc_krb_cred_part.usec)
+ out_data->usec = *enc_krb_cred_part.usec;
+ else
+ out_data->usec = 0;
+ if(enc_krb_cred_part.nonce)
+ out_data->seq = *enc_krb_cred_part.nonce;
+ else
+ out_data->seq = 0;
+ }
+
+ /* Convert to NULL terminated list of creds */
- /* Store the creds in the ccache */
+ *ret_creds = calloc(enc_krb_cred_part.ticket_info.len + 1,
+ sizeof(**ret_creds));
for (i = 0; i < enc_krb_cred_part.ticket_info.len; ++i) {
KrbCredInfo *kci = &enc_krb_cred_part.ticket_info.val[i];
- krb5_creds creds;
+ krb5_creds *creds;
u_char buf[1024];
size_t len;
- memset (&creds, 0, sizeof(creds));
+ creds = calloc(1, sizeof(*creds));
+ if(creds == NULL) {
+ ret = ENOMEM;
+ goto out;
+ }
ret = encode_Ticket (buf + sizeof(buf) - 1, sizeof(buf),
&cred.tickets.val[i],
&len);
if (ret)
goto out;
- krb5_data_copy (&creds.ticket, buf + sizeof(buf) - len, len);
- copy_EncryptionKey (&kci->key, &creds.session);
+ krb5_data_copy (&creds->ticket, buf + sizeof(buf) - len, len);
+ copy_EncryptionKey (&kci->key, &creds->session);
if (kci->prealm && kci->pname)
- principalname2krb5_principal (&creds.client,
+ principalname2krb5_principal (&creds->client,
*kci->pname,
*kci->prealm);
if (kci->flags)
- creds.flags.b = *kci->flags;
+ creds->flags.b = *kci->flags;
if (kci->authtime)
- creds.times.authtime = *kci->authtime;
+ creds->times.authtime = *kci->authtime;
if (kci->starttime)
- creds.times.starttime = *kci->starttime;
+ creds->times.starttime = *kci->starttime;
if (kci->endtime)
- creds.times.endtime = *kci->endtime;
+ creds->times.endtime = *kci->endtime;
if (kci->renew_till)
- creds.times.renew_till = *kci->renew_till;
+ creds->times.renew_till = *kci->renew_till;
if (kci->srealm && kci->sname)
- principalname2krb5_principal (&creds.server,
+ principalname2krb5_principal (&creds->server,
*kci->sname,
*kci->srealm);
if (kci->caddr)
krb5_copy_addresses (context,
kci->caddr,
- &creds.addresses);
- krb5_cc_store_cred (context, ccache, &creds);
+ &creds->addresses);
+
+ (*ret_creds)[i] = creds;
+
}
+ (*ret_creds)[i] = NULL;
+ return 0;
out:
free_KRB_CRED (&cred);
+ if(*ret_creds) {
+ for(i = 0; (*ret_creds)[i]; i++)
+ krb5_free_creds(context, (*ret_creds)[i]);
+ free(*ret_creds);
+ }
return ret;
}
+
+krb5_error_code
+krb5_rd_cred2 (krb5_context context,
+ krb5_auth_context auth_context,
+ krb5_ccache ccache,
+ krb5_data *in_data)
+{
+ krb5_error_code ret;
+ krb5_creds **creds;
+ int i;
+
+ ret = krb5_rd_cred(context, auth_context, in_data, &creds, NULL);
+ if(ret)
+ return ret;
+
+ /* Store the creds in the ccache */
+
+ for(i = 0; creds && creds[i]; i++) {
+ krb5_cc_store_cred(context, ccache, creds[i]);
+ krb5_free_creds(context, creds[i]);
+ }
+ free(creds);
+ return 0;
+}
diff --git a/crypto/heimdal/lib/krb5/rd_priv.c b/crypto/heimdal/lib/krb5/rd_priv.c
index c4d7bea8ec12..62350bae3dc3 100644
--- a/crypto/heimdal/lib/krb5/rd_priv.c
+++ b/crypto/heimdal/lib/krb5/rd_priv.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_priv.c,v 1.23 2000/02/06 05:20:13 assar Exp $");
+RCSID("$Id: rd_priv.c,v 1.27 2001/01/19 04:27:09 assar Exp $");
krb5_error_code
krb5_rd_priv(krb5_context context,
@@ -72,7 +72,9 @@ krb5_rd_priv(krb5_context context,
else
key = auth_context->keyblock;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret)
+ goto failure;
ret = krb5_decrypt_EncryptedData(context,
crypto,
KRB5_KU_KRB_PRIV,
@@ -124,13 +126,19 @@ krb5_rd_priv(krb5_context context,
/* XXX - check replay cache */
- /* check sequence number */
+ /* check sequence number. since MIT krb5 cannot generate a sequence
+ number of zero but instead generates no sequence number, we accept that
+ */
+
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
- if (part.seq_number == NULL ||
- *part.seq_number != ++auth_context->remote_seqnumber) {
- ret = KRB5KRB_AP_ERR_BADORDER;
- goto failure_part;
- }
+ if ((part.seq_number == NULL
+ && auth_context->remote_seqnumber != 0)
+ || (part.seq_number != NULL
+ && *part.seq_number != auth_context->remote_seqnumber)) {
+ ret = KRB5KRB_AP_ERR_BADORDER;
+ goto failure_part;
+ }
+ auth_context->remote_seqnumber++;
}
ret = krb5_data_copy (outbuf, part.user_data.data, part.user_data.length);
diff --git a/crypto/heimdal/lib/krb5/rd_rep.c b/crypto/heimdal/lib/krb5/rd_rep.c
index e2c401c33919..20f20339cc37 100644
--- a/crypto/heimdal/lib/krb5/rd_rep.c
+++ b/crypto/heimdal/lib/krb5/rd_rep.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_rep.c,v 1.19 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: rd_rep.c,v 1.20 2000/08/18 06:49:03 assar Exp $");
krb5_error_code
krb5_rd_rep(krb5_context context,
@@ -62,7 +62,9 @@ krb5_rd_rep(krb5_context context,
goto out;
}
- krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
+ ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
+ if (ret)
+ goto out;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_AP_REQ_ENC_PART,
diff --git a/crypto/heimdal/lib/krb5/rd_req.c b/crypto/heimdal/lib/krb5/rd_req.c
index bcf4ecf0987c..922137a7398b 100644
--- a/crypto/heimdal/lib/krb5/rd_req.c
+++ b/crypto/heimdal/lib/krb5/rd_req.c
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_req.c,v 1.41 2000/02/07 13:31:55 joda Exp $");
+RCSID("$Id: rd_req.c,v 1.44 2000/11/15 23:16:28 assar Exp $");
static krb5_error_code
decrypt_tkt_enc_part (krb5_context context,
@@ -46,7 +46,9 @@ decrypt_tkt_enc_part (krb5_context context,
size_t len;
krb5_crypto crypto;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_TICKET,
@@ -66,19 +68,29 @@ static krb5_error_code
decrypt_authenticator (krb5_context context,
EncryptionKey *key,
EncryptedData *enc_part,
- Authenticator *authenticator)
+ Authenticator *authenticator,
+ krb5_key_usage usage)
{
krb5_error_code ret;
krb5_data plain;
size_t len;
krb5_crypto crypto;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
- KRB5_KU_AP_REQ_AUTH,
+ usage /* KRB5_KU_AP_REQ_AUTH */,
enc_part,
&plain);
+ /* for backwards compatibility, also try the old usage */
+ if (ret && usage == KRB5_KU_TGS_REQ_AUTH)
+ ret = krb5_decrypt_EncryptedData (context,
+ crypto,
+ KRB5_KU_AP_REQ_AUTH,
+ enc_part,
+ &plain);
krb5_crypto_destroy(context, crypto);
if (ret)
return ret;
@@ -136,10 +148,14 @@ krb5_decrypt_ticket(krb5_context context,
start = *t.starttime;
if(start - now > context->max_skew
|| (t.flags.invalid
- && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID)))
+ && !(flags & KRB5_VERIFY_AP_REQ_IGNORE_INVALID))) {
+ free_EncTicketPart(&t);
return KRB5KRB_AP_ERR_TKT_NYV;
- if(now - t.endtime > context->max_skew)
+ }
+ if(now - t.endtime > context->max_skew) {
+ free_EncTicketPart(&t);
return KRB5KRB_AP_ERR_TKT_EXPIRED;
+ }
}
if(out)
@@ -222,19 +238,40 @@ krb5_verify_ap_req(krb5_context context,
krb5_flags *ap_req_options,
krb5_ticket **ticket)
{
+ return krb5_verify_ap_req2 (context,
+ auth_context,
+ ap_req,
+ server,
+ keyblock,
+ flags,
+ ap_req_options,
+ ticket,
+ KRB5_KU_AP_REQ_AUTH);
+}
+
+krb5_error_code
+krb5_verify_ap_req2(krb5_context context,
+ krb5_auth_context *auth_context,
+ krb5_ap_req *ap_req,
+ krb5_const_principal server,
+ krb5_keyblock *keyblock,
+ krb5_flags flags,
+ krb5_flags *ap_req_options,
+ krb5_ticket **ticket,
+ krb5_key_usage usage)
+{
krb5_ticket t;
krb5_auth_context ac;
krb5_error_code ret;
- if(auth_context) {
- if(*auth_context == NULL){
- krb5_auth_con_init(context, &ac);
- *auth_context = ac;
- }else
- ac = *auth_context;
- } else
- krb5_auth_con_init(context, &ac);
-
+ if (auth_context && *auth_context) {
+ ac = *auth_context;
+ } else {
+ ret = krb5_auth_con_init (context, &ac);
+ if (ret)
+ return ret;
+ }
+
if (ap_req->ap_options.use_session_key && ac->keyblock){
ret = krb5_decrypt_ticket(context, &ap_req->ticket,
ac->keyblock,
@@ -249,7 +286,7 @@ krb5_verify_ap_req(krb5_context context,
flags);
if(ret)
- return ret;
+ goto out;
principalname2krb5_principal(&t.server, ap_req->ticket.sname,
ap_req->ticket.realm);
@@ -263,11 +300,10 @@ krb5_verify_ap_req(krb5_context context,
ret = decrypt_authenticator (context,
&t.ticket.key,
&ap_req->authenticator,
- ac->authenticator);
- if (ret){
- /* XXX free data */
- return ret;
- }
+ ac->authenticator,
+ usage);
+ if (ret)
+ goto out2;
{
krb5_principal p1, p2;
@@ -282,8 +318,10 @@ krb5_verify_ap_req(krb5_context context,
res = krb5_principal_compare (context, p1, p2);
krb5_free_principal (context, p1);
krb5_free_principal (context, p2);
- if (!res)
- return KRB5KRB_AP_ERR_BADMATCH;
+ if (!res) {
+ ret = KRB5KRB_AP_ERR_BADMATCH;
+ goto out2;
+ }
}
/* check addresses */
@@ -292,8 +330,10 @@ krb5_verify_ap_req(krb5_context context,
&& ac->remote_address
&& !krb5_address_search (context,
ac->remote_address,
- t.ticket.caddr))
- return KRB5KRB_AP_ERR_BADADDR;
+ t.ticket.caddr)) {
+ ret = KRB5KRB_AP_ERR_BADADDR;
+ goto out2;
+ }
if (ac->authenticator->seq_number)
ac->remote_seqnumber = *ac->authenticator->seq_number;
@@ -322,7 +362,18 @@ krb5_verify_ap_req(krb5_context context,
**ticket = t;
} else
krb5_free_ticket (context, &t);
+ if (auth_context) {
+ if (*auth_context == NULL)
+ *auth_context = ac;
+ } else
+ krb5_auth_con_free (context, ac);
return 0;
+ out2:
+ krb5_free_ticket (context, &t);
+ out:
+ if (auth_context == NULL || *auth_context == NULL)
+ krb5_auth_con_free (context, ac);
+ return ret;
}
diff --git a/crypto/heimdal/lib/krb5/rd_safe.c b/crypto/heimdal/lib/krb5/rd_safe.c
index fb7cc2d22368..07628d9e6c34 100644
--- a/crypto/heimdal/lib/krb5/rd_safe.c
+++ b/crypto/heimdal/lib/krb5/rd_safe.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: rd_safe.c,v 1.19 2000/02/06 05:20:51 assar Exp $");
+RCSID("$Id: rd_safe.c,v 1.23 2001/01/19 04:25:37 assar Exp $");
static krb5_error_code
verify_checksum(krb5_context context,
@@ -65,7 +65,9 @@ verify_checksum(krb5_context context,
buf_size,
safe,
&len);
- krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
+ ret = krb5_crypto_init(context, auth_context->keyblock, 0, &crypto);
+ if (ret)
+ goto out;
ret = krb5_verify_checksum (context,
crypto,
KRB5_KU_KRB_SAFE_CKSUM,
@@ -144,13 +146,20 @@ krb5_rd_safe(krb5_context context,
}
/* XXX - check replay cache */
- /* check sequence number */
+ /* check sequence number. since MIT krb5 cannot generate a sequence
+ number of zero but instead generates no sequence number, we accept that
+ */
+
if (auth_context->flags & KRB5_AUTH_CONTEXT_DO_SEQUENCE) {
- if (safe.safe_body.seq_number == NULL ||
- *safe.safe_body.seq_number != ++auth_context->remote_seqnumber) {
+ if ((safe.safe_body.seq_number == NULL
+ && auth_context->remote_seqnumber != 0)
+ || (safe.safe_body.seq_number != NULL
+ && *safe.safe_body.seq_number !=
+ auth_context->remote_seqnumber)) {
ret = KRB5KRB_AP_ERR_BADORDER;
goto failure;
}
+ auth_context->remote_seqnumber++;
}
ret = verify_checksum (context, auth_context, &safe);
diff --git a/crypto/heimdal/lib/krb5/read_message.c b/crypto/heimdal/lib/krb5/read_message.c
index f2cae03d06bb..45d6b62d88bc 100644
--- a/crypto/heimdal/lib/krb5/read_message.c
+++ b/crypto/heimdal/lib/krb5/read_message.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: read_message.c,v 1.5 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: read_message.c,v 1.7 2000/07/21 22:54:09 joda Exp $");
krb5_error_code
krb5_read_message (krb5_context context,
@@ -49,7 +49,7 @@ krb5_read_message (krb5_context context,
return errno;
if(ret < 4) {
data->length = 0;
- return 0;
+ return HEIM_ERR_EOF;
}
len = (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
ret = krb5_data_alloc (data, len);
@@ -61,3 +61,41 @@ krb5_read_message (krb5_context context,
}
return 0;
}
+
+krb5_error_code
+krb5_read_priv_message(krb5_context context,
+ krb5_auth_context ac,
+ krb5_pointer p_fd,
+ krb5_data *data)
+{
+ krb5_error_code ret;
+ krb5_data packet;
+
+ ret = krb5_read_message(context, p_fd, &packet);
+ if(ret)
+ return ret;
+ ret = krb5_rd_priv (context, ac, &packet, data, NULL);
+ krb5_data_free(&packet);
+ if(ret)
+ return ret;
+ return ret;
+}
+
+krb5_error_code
+krb5_read_safe_message(krb5_context context,
+ krb5_auth_context ac,
+ krb5_pointer p_fd,
+ krb5_data *data)
+{
+ krb5_error_code ret;
+ krb5_data packet;
+
+ ret = krb5_read_message(context, p_fd, &packet);
+ if(ret)
+ return ret;
+ ret = krb5_rd_safe (context, ac, &packet, data, NULL);
+ krb5_data_free(&packet);
+ if(ret)
+ return ret;
+ return ret;
+}
diff --git a/crypto/heimdal/lib/krb5/recvauth.c b/crypto/heimdal/lib/krb5/recvauth.c
index 49fe7b66f9f1..3c11254c0386 100644
--- a/crypto/heimdal/lib/krb5/recvauth.c
+++ b/crypto/heimdal/lib/krb5/recvauth.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: recvauth.c,v 1.12 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: recvauth.c,v 1.13 2000/12/06 20:59:05 joda Exp $");
/*
* See `sendauth.c' for the format.
@@ -177,7 +177,7 @@ krb5_recvauth_match_version(krb5_context context,
return errno;
if (ap_options & AP_OPTS_MUTUAL_REQUIRED) {
- ret = krb5_mk_rep (context, auth_context, &data);
+ ret = krb5_mk_rep (context, *auth_context, &data);
if (ret)
return ret;
diff --git a/crypto/heimdal/lib/krb5/replay.c b/crypto/heimdal/lib/krb5/replay.c
index 3ca68e806b72..2935cfcd94f8 100644
--- a/crypto/heimdal/lib/krb5/replay.c
+++ b/crypto/heimdal/lib/krb5/replay.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,6 +32,9 @@
*/
#include "krb5_locl.h"
+#include <vis.h>
+
+RCSID("$Id: replay.c,v 1.7 2001/01/29 02:09:00 assar Exp $");
struct krb5_rcache_data {
char *name;
@@ -82,6 +85,12 @@ krb5_rc_default_name(krb5_context context)
return "FILE:/var/run/default_rcache";
}
+const char *
+krb5_rc_default_type(krb5_context context)
+{
+ return "FILE";
+}
+
krb5_error_code
krb5_rc_default(krb5_context context,
krb5_rcache *id)
@@ -140,20 +149,20 @@ checksum_authenticator(Authenticator *auth, void *data)
MD5_CTX md5;
int i;
- MD5Init (&md5);
- MD5Update (&md5, auth->crealm, strlen(auth->crealm));
+ MD5_Init (&md5);
+ MD5_Update (&md5, auth->crealm, strlen(auth->crealm));
for(i = 0; i < auth->cname.name_string.len; i++)
- MD5Update(&md5, auth->cname.name_string.val[i],
- strlen(auth->cname.name_string.val[i]));
- MD5Update (&md5, &auth->ctime, sizeof(auth->ctime));
- MD5Update (&md5, &auth->cusec, sizeof(auth->cusec));
- MD5Final (&md5, data);
+ MD5_Update(&md5, auth->cname.name_string.val[i],
+ strlen(auth->cname.name_string.val[i]));
+ MD5_Update (&md5, &auth->ctime, sizeof(auth->ctime));
+ MD5_Update (&md5, &auth->cusec, sizeof(auth->cusec));
+ MD5_Final (data, &md5);
}
krb5_error_code
krb5_rc_store(krb5_context context,
krb5_rcache id,
- krb5_donot_reply *rep)
+ krb5_donot_replay *rep)
{
struct rc_entry ent, tmp;
time_t t;
@@ -209,6 +218,7 @@ krb5_rc_get_lifespan(krb5_context context,
}
return KRB5_RC_IO_UNKNOWN;
}
+
const char*
krb5_rc_get_name(krb5_context context,
krb5_rcache id)
@@ -223,3 +233,32 @@ krb5_rc_get_type(krb5_context context,
return "FILE";
}
+krb5_error_code
+krb5_get_server_rcache(krb5_context context,
+ const krb5_data *piece,
+ krb5_rcache *id)
+{
+ krb5_rcache rcache;
+ krb5_error_code ret;
+
+ char *tmp = malloc(4 * piece->length + 1);
+ char *name;
+ if(tmp == NULL)
+ return ENOMEM;
+ strvisx(tmp, piece->data, piece->length, VIS_WHITE | VIS_OCTAL);
+#ifdef HAVE_GETEUID
+ asprintf(&name, "FILE:rc_%s_%u", tmp, geteuid());
+#else
+ asprintf(&name, "FILE:rc_%s", tmp);
+#endif
+ free(tmp);
+ if(name == NULL)
+ return ENOMEM;
+
+ ret = krb5_rc_resolve_full(context, &rcache, name);
+ free(name);
+ if(ret)
+ return ret;
+ *id = rcache;
+ return ret;
+}
diff --git a/crypto/heimdal/lib/krb5/send_to_kdc.c b/crypto/heimdal/lib/krb5/send_to_kdc.c
index 2872322bafc8..e2b884d34cbd 100644
--- a/crypto/heimdal/lib/krb5/send_to_kdc.c
+++ b/crypto/heimdal/lib/krb5/send_to_kdc.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: send_to_kdc.c,v 1.36 2000/01/06 07:59:11 assar Exp $");
+RCSID("$Id: send_to_kdc.c,v 1.40 2000/11/15 01:48:23 assar Exp $");
/*
* send the data in `req' on the socket `fd' (which is datagram iff udp)
@@ -54,6 +54,10 @@ recv_loop (int fd,
int ret;
int nbytes;
+ if (fd >= FD_SETSIZE) {
+ return -1;
+ }
+
krb5_data_zero(rep);
do {
FD_ZERO(&fdset);
@@ -237,7 +241,8 @@ send_via_proxy (krb5_context context,
const krb5_data *send,
krb5_data *receive)
{
- char *proxy = strdup(context->http_proxy);
+ char *proxy2 = strdup(context->http_proxy);
+ char *proxy = proxy2;
char *prefix;
char *colon;
struct addrinfo hints;
@@ -246,6 +251,11 @@ send_via_proxy (krb5_context context,
int s;
char portstr[NI_MAXSERV];
+ if (proxy == NULL)
+ return ENOMEM;
+ if (strncmp (proxy, "http://", 7) == 0)
+ proxy += 7;
+
colon = strchr(proxy, ':');
if(colon != NULL)
*colon++ = '\0';
@@ -254,10 +264,10 @@ send_via_proxy (krb5_context context,
hints.ai_socktype = SOCK_STREAM;
snprintf (portstr, sizeof(portstr), "%d",
ntohs(init_port (colon, htons(80))));
- ret = getaddrinfo (proxy, portstr, NULL, &ai);
- free (proxy);
+ ret = getaddrinfo (proxy, portstr, &hints, &ai);
+ free (proxy2);
if (ret)
- return ret;
+ return krb5_eai_to_heim_errno(ret);
for (a = ai; a != NULL; a = a->ai_next) {
s = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
@@ -295,26 +305,17 @@ send_via_proxy (krb5_context context,
*/
krb5_error_code
-krb5_sendto_kdc (krb5_context context,
- const krb5_data *send,
- const krb5_realm *realm,
- krb5_data *receive)
+krb5_sendto (krb5_context context,
+ const krb5_data *send,
+ char **hostlist,
+ int port,
+ krb5_data *receive)
{
- krb5_error_code ret;
- char **hostlist, **hp, *p;
+ krb5_error_code ret = 0;
+ char **hp, *p;
int fd;
- int port;
int i;
- port = krb5_getportbyname (context, "kerberos", "udp", 88);
-
- if (context->use_admin_kdc)
- ret = krb5_get_krb_admin_hst (context, realm, &hostlist);
- else
- ret = krb5_get_krbhst (context, realm, &hostlist);
- if (ret)
- return ret;
-
for (i = 0; i < context->max_retries; ++i)
for (hp = hostlist; (p = *hp); ++hp) {
char *colon;
@@ -390,6 +391,38 @@ krb5_sendto_kdc (krb5_context context,
}
ret = KRB5_KDC_UNREACH;
out:
- krb5_free_krbhst (context, hostlist);
return ret;
}
+
+krb5_error_code
+krb5_sendto_kdc2(krb5_context context,
+ const krb5_data *send,
+ const krb5_realm *realm,
+ krb5_data *receive,
+ krb5_boolean master)
+{
+ krb5_error_code ret;
+ char **hostlist;
+ int port;
+
+ port = krb5_getportbyname (context, "kerberos", "udp", 88);
+
+ if (master || context->use_admin_kdc)
+ ret = krb5_get_krb_admin_hst (context, realm, &hostlist);
+ else
+ ret = krb5_get_krbhst (context, realm, &hostlist);
+ if (ret)
+ return ret;
+ ret = krb5_sendto(context, send, hostlist, port, receive);
+ krb5_free_krbhst (context, hostlist);
+ return ret;
+}
+
+krb5_error_code
+krb5_sendto_kdc(krb5_context context,
+ const krb5_data *send,
+ const krb5_realm *realm,
+ krb5_data *receive)
+{
+ return krb5_sendto_kdc2(context, send, realm, receive, FALSE);
+}
diff --git a/crypto/heimdal/lib/krb5/sock_principal.c b/crypto/heimdal/lib/krb5/sock_principal.c
index bfd4eb4e2a91..477622d37c5f 100644
--- a/crypto/heimdal/lib/krb5/sock_principal.c
+++ b/crypto/heimdal/lib/krb5/sock_principal.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: sock_principal.c,v 1.9 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: sock_principal.c,v 1.11 2000/08/09 20:53:11 assar Exp $");
krb5_error_code
krb5_sock_to_principal (krb5_context context,
@@ -46,10 +46,11 @@ krb5_sock_to_principal (krb5_context context,
krb5_address address;
struct sockaddr_storage __ss;
struct sockaddr *sa = (struct sockaddr *)&__ss;
- int len = sizeof(__ss);
+ socklen_t len = sizeof(__ss);
struct hostent *hostent;
int family;
char hname[256];
+ char *tmp;
if (getsockname (sock, sa, &len) < 0)
return errno;
@@ -65,7 +66,18 @@ krb5_sock_to_principal (krb5_context context,
if (hostent == NULL)
return h_errno;
- strlcpy(hname, hostent->h_name, sizeof(hname));
+ tmp = hostent->h_name;
+ if (strchr(tmp, '.') == NULL) {
+ char **a;
+
+ for (a = hostent->h_aliases; a != NULL && *a != NULL; ++a)
+ if (strchr(*a, '.') != NULL) {
+ tmp = *a;
+ break;
+ }
+ }
+
+ strlcpy(hname, tmp, sizeof(hname));
return krb5_sname_to_principal (context,
hname,
sname,
diff --git a/crypto/heimdal/lib/krb5/store.c b/crypto/heimdal/lib/krb5/store.c
index 17b154747b8c..5f9d659829e2 100644
--- a/crypto/heimdal/lib/krb5/store.c
+++ b/crypto/heimdal/lib/krb5/store.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: store.c,v 1.32 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: store.c,v 1.34 2000/04/11 00:46:09 assar Exp $");
void
krb5_storage_set_flags(krb5_storage *sp, krb5_flags flags)
@@ -275,8 +275,7 @@ krb5_ret_string(krb5_storage *sp,
}
krb5_error_code
-krb5_store_stringz(krb5_storage *sp,
- char *s)
+krb5_store_stringz(krb5_storage *sp, const char *s)
{
size_t len = strlen(s) + 1;
ssize_t ret;
@@ -554,20 +553,46 @@ krb5_ret_authdata(krb5_storage *sp, krb5_authdata *auth)
return ret;
}
+/*
+ * store `creds' on `sp' returning error or zero
+ */
+
krb5_error_code
krb5_store_creds(krb5_storage *sp, krb5_creds *creds)
{
- krb5_store_principal(sp, creds->client);
- krb5_store_principal(sp, creds->server);
- krb5_store_keyblock(sp, creds->session);
- krb5_store_times(sp, creds->times);
- krb5_store_int8(sp, 0); /* this is probably the
+ int ret;
+
+ ret = krb5_store_principal(sp, creds->client);
+ if (ret)
+ return ret;
+ ret = krb5_store_principal(sp, creds->server);
+ if (ret)
+ return ret;
+ ret = krb5_store_keyblock(sp, creds->session);
+ if (ret)
+ return ret;
+ ret = krb5_store_times(sp, creds->times);
+ if (ret)
+ return ret;
+ ret = krb5_store_int8(sp, 0); /* this is probably the
enc-tkt-in-skey bit from KDCOptions */
- krb5_store_int32(sp, creds->flags.i);
- krb5_store_addrs(sp, creds->addresses);
- krb5_store_authdata(sp, creds->authdata);
- krb5_store_data(sp, creds->ticket);
- krb5_store_data(sp, creds->second_ticket);
+ if (ret)
+ return ret;
+ ret = krb5_store_int32(sp, creds->flags.i);
+ if (ret)
+ return ret;
+ ret = krb5_store_addrs(sp, creds->addresses);
+ if (ret)
+ return ret;
+ ret = krb5_store_authdata(sp, creds->authdata);
+ if (ret)
+ return ret;
+ ret = krb5_store_data(sp, creds->ticket);
+ if (ret)
+ return ret;
+ ret = krb5_store_data(sp, creds->second_ticket);
+ if (ret)
+ return ret;
return 0;
}
diff --git a/crypto/heimdal/lib/krb5/store_emem.c b/crypto/heimdal/lib/krb5/store_emem.c
index d2497efd5826..4d531c6a10db 100644
--- a/crypto/heimdal/lib/krb5/store_emem.c
+++ b/crypto/heimdal/lib/krb5/store_emem.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 200 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: store_emem.c,v 1.9 1999/12/02 17:05:12 joda Exp $");
+RCSID("$Id: store_emem.c,v 1.10 2000/05/19 14:39:49 assar Exp $");
typedef struct emem_storage{
unsigned char *base;
@@ -54,7 +54,7 @@ emem_fetch(krb5_storage *sp, void *data, size_t size)
}
static ssize_t
-emem_store(krb5_storage *sp, void *data, size_t size)
+emem_store(krb5_storage *sp, const void *data, size_t size)
{
emem_storage *s = (emem_storage*)sp->data;
if(size > s->base + s->size - s->ptr){
diff --git a/crypto/heimdal/lib/krb5/store_fd.c b/crypto/heimdal/lib/krb5/store_fd.c
index e4c507c2c54b..2c795bdd8817 100644
--- a/crypto/heimdal/lib/krb5/store_fd.c
+++ b/crypto/heimdal/lib/krb5/store_fd.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: store_fd.c,v 1.6 1999/12/02 17:05:13 joda Exp $");
+RCSID("$Id: store_fd.c,v 1.8 2001/01/29 02:32:35 assar Exp $");
typedef struct fd_storage{
int fd;
@@ -44,13 +44,13 @@ typedef struct fd_storage{
static ssize_t
fd_fetch(krb5_storage *sp, void *data, size_t size)
{
- return read(FD(sp), data, size);
+ return net_read(FD(sp), data, size);
}
static ssize_t
-fd_store(krb5_storage *sp, void *data, size_t size)
+fd_store(krb5_storage *sp, const void *data, size_t size)
{
- return write(FD(sp), data, size);
+ return net_write(FD(sp), data, size);
}
static off_t
diff --git a/crypto/heimdal/lib/krb5/store_mem.c b/crypto/heimdal/lib/krb5/store_mem.c
index a8019e635dfd..e6c277a57531 100644
--- a/crypto/heimdal/lib/krb5/store_mem.c
+++ b/crypto/heimdal/lib/krb5/store_mem.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: store_mem.c,v 1.9 1999/12/02 17:05:13 joda Exp $");
+RCSID("$Id: store_mem.c,v 1.10 2000/05/19 14:39:02 assar Exp $");
typedef struct mem_storage{
unsigned char *base;
@@ -53,7 +53,7 @@ mem_fetch(krb5_storage *sp, void *data, size_t size)
}
static ssize_t
-mem_store(krb5_storage *sp, void *data, size_t size)
+mem_store(krb5_storage *sp, const void *data, size_t size)
{
mem_storage *s = (mem_storage*)sp->data;
if(size > s->base + s->size - s->ptr)
diff --git a/crypto/heimdal/lib/krb5/string-to-key-test.c b/crypto/heimdal/lib/krb5/string-to-key-test.c
index 0e884d0e810f..6e6c0b69bdbe 100644
--- a/crypto/heimdal/lib/krb5/string-to-key-test.c
+++ b/crypto/heimdal/lib/krb5/string-to-key-test.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,7 +32,7 @@
#include "krb5_locl.h"
-RCSID("$Id: string-to-key-test.c,v 1.2 1999/10/28 23:10:38 assar Exp $");
+RCSID("$Id: string-to-key-test.c,v 1.4 2000/12/31 08:03:54 assar Exp $");
enum { MAXSIZE = 24 };
@@ -60,6 +60,9 @@ static struct testcase {
{0x7f, 0x40, 0x67, 0xb9, 0xbc, 0xc4, 0x40, 0xfb, 0x43, 0x73, 0xd9,
0xd3, 0xcd, 0x7c, 0xc7, 0x67, 0xe6, 0x79, 0x94, 0xd0, 0xa8, 0x34,
0xdf, 0x62}},
+ {"does/not@MATTER", "foo", ETYPE_ARCFOUR_HMAC_MD5,
+ {0xac, 0x8e, 0x65, 0x7f, 0x83, 0xdf, 0x82, 0xbe,
+ 0xea, 0x5d, 0x43, 0xbd, 0xaf, 0x78, 0x00, 0xcc}},
{NULL}
};
@@ -71,7 +74,9 @@ main(int argc, char **argv)
krb5_error_code ret;
int val = 0;
- krb5_init_context (&context);
+ ret = krb5_init_context (&context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
for (t = tests; t->principal_name; ++t) {
krb5_keyblock key;
diff --git a/crypto/heimdal/lib/krb5/test_get_addrs.c b/crypto/heimdal/lib/krb5/test_get_addrs.c
new file mode 100644
index 000000000000..96a8f89bf570
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/test_get_addrs.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of KTH nor the names of its contributors may be
+ * used to endorse or promote products derived from this software without
+ * specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY
+ * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE
+ * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+ * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+ * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+ * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */
+
+#include "krb5_locl.h"
+#include <err.h>
+
+RCSID("$Id: test_get_addrs.c,v 1.3 2001/01/25 12:45:15 assar Exp $");
+
+/* print all addresses that we find */
+
+static void
+print_addresses (krb5_context context, const krb5_addresses *addrs)
+{
+ int i;
+ char buf[256];
+ size_t len;
+
+ for (i = 0; i < addrs->len; ++i) {
+ krb5_print_address (&addrs->val[i], buf, sizeof(buf), &len);
+ printf ("%s\n", buf);
+ }
+}
+
+int
+main(int argc, char **argv)
+{
+ krb5_context context;
+ krb5_error_code ret;
+ krb5_addresses addrs;
+
+ ret = krb5_init_context(&context);
+ if (ret)
+ errx (1, "krb5_init_context failed: %d", ret);
+
+ ret = krb5_get_all_client_addrs (context, &addrs);
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_get_all_client_addrs");
+ printf ("client addresses\n");
+ print_addresses (context, &addrs);
+ krb5_free_addresses (context, &addrs);
+
+ ret = krb5_get_all_server_addrs (context, &addrs);
+ if (ret)
+ krb5_err (context, 1, ret, "krb5_get_all_server_addrs");
+ printf ("server addresses\n");
+ print_addresses (context, &addrs);
+ krb5_free_addresses (context, &addrs);
+ return 0;
+}
diff --git a/crypto/heimdal/lib/krb5/time.c b/crypto/heimdal/lib/krb5/time.c
index e5a1185c5bd8..98121b496c10 100644
--- a/crypto/heimdal/lib/krb5/time.c
+++ b/crypto/heimdal/lib/krb5/time.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: time.c,v 1.3 2000/02/06 05:21:53 assar Exp $");
+RCSID("$Id: time.c,v 1.4 2000/06/29 08:20:52 joda Exp $");
/*
* return ``corrected'' time in `timeret'.
@@ -64,3 +64,16 @@ krb5_us_timeofday (krb5_context context,
*usec = tv.tv_usec; /* XXX */
return 0;
}
+
+krb5_error_code
+krb5_format_time(krb5_context context, time_t t,
+ char *s, size_t len, krb5_boolean include_time)
+{
+ struct tm *tm;
+ if(context->log_utc)
+ tm = gmtime (&t);
+ else
+ tm = localtime(&t);
+ strftime(s, len, include_time ? context->time_fmt : context->date_fmt, tm);
+ return 0;
+}
diff --git a/crypto/heimdal/lib/krb5/verify_krb5_conf.8 b/crypto/heimdal/lib/krb5/verify_krb5_conf.8
new file mode 100644
index 000000000000..55cdc92fa005
--- /dev/null
+++ b/crypto/heimdal/lib/krb5/verify_krb5_conf.8
@@ -0,0 +1,33 @@
+.\" $Id: verify_krb5_conf.8,v 1.2 2000/03/04 14:07:50 assar Exp $
+.\"
+.Dd March 4, 2000
+.Dt VERIFY_KRB5_CONF 8
+.Os HEIMDAL
+.Sh NAME
+.Nm verify_krb5_conf
+.Nd
+does a crude test that
+.Pa krb5.conf
+does not contain any obvious syntax error
+.Sh SYNOPSIS
+.Nm
+.Ar [config-file]
+.Sh DESCRIPTION
+.Nm
+reads the configuration file
+.Pa krb5.conf ,
+or the file given on the command line,
+and parses it, thereby verifying that the syntax is not correctly wrong.
+Since that file is read by almost all Kerberos programs but most of
+them have no way of notifying the user that it could not be parsed,
+this program is useful.
+.Sh ENVIRONMENT
+.Ev KRB5_CONFIG
+points to the configuration file to read.
+.Sh FILES
+.Xr krb5.conf 5
+.Sh SEE ALSO
+.Xr krb5.conf 5
+.Sh BUGS
+It should know about what variables are actually used and warn about
+unknown ones.
diff --git a/crypto/heimdal/lib/krb5/verify_user.c b/crypto/heimdal/lib/krb5/verify_user.c
index 10c22cb7e72c..758bc60d0134 100644
--- a/crypto/heimdal/lib/krb5/verify_user.c
+++ b/crypto/heimdal/lib/krb5/verify_user.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: verify_user.c,v 1.11 1999/12/02 17:05:13 joda Exp $");
+RCSID("$Id: verify_user.c,v 1.12 2001/01/04 17:40:00 joda Exp $");
static krb5_error_code
verify_common (krb5_context context,
@@ -101,6 +101,9 @@ krb5_verify_user(krb5_context context,
krb5_creds cred;
krb5_get_init_creds_opt_init (&opt);
+ krb5_get_init_creds_opt_set_default_flags(context, NULL,
+ *krb5_princ_realm(context, principal),
+ &opt);
ret = krb5_get_init_creds_password (context,
&cred,
@@ -152,6 +155,9 @@ krb5_verify_user_lrealm(krb5_context context,
free (*krb5_princ_realm (context, principal));
krb5_princ_set_realm (context, principal, &tmp);
+ krb5_get_init_creds_opt_set_default_flags(context, NULL,
+ *krb5_princ_realm(context, principal),
+ &opt);
ret = krb5_get_init_creds_password (context,
&cred,
principal,
diff --git a/crypto/heimdal/lib/krb5/warn.c b/crypto/heimdal/lib/krb5/warn.c
index b202f7dc4b9a..1f594fb839de 100644
--- a/crypto/heimdal/lib/krb5/warn.c
+++ b/crypto/heimdal/lib/krb5/warn.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -34,7 +34,7 @@
#include "krb5_locl.h"
#include <err.h>
-RCSID("$Id: warn.c,v 1.10 1999/12/02 17:05:13 joda Exp $");
+RCSID("$Id: warn.c,v 1.11 2000/08/16 07:37:41 assar Exp $");
static krb5_error_code
_warnerr(krb5_context context, int do_errtext,
@@ -44,6 +44,7 @@ _warnerr(krb5_context context, int do_errtext,
const char *args[2], **arg;
char *msg = NULL;
+ args[0] = args[1] = NULL;
arg = args;
if(fmt){
strcat(xfmt, "%s");
diff --git a/crypto/heimdal/lib/krb5/write_message.c b/crypto/heimdal/lib/krb5/write_message.c
index b7f2c2865ce6..2e394b66aef8 100644
--- a/crypto/heimdal/lib/krb5/write_message.c
+++ b/crypto/heimdal/lib/krb5/write_message.c
@@ -33,7 +33,7 @@
#include "krb5_locl.h"
-RCSID("$Id: write_message.c,v 1.4 1999/12/02 17:05:13 joda Exp $");
+RCSID("$Id: write_message.c,v 1.6 2000/07/21 23:49:09 joda Exp $");
krb5_error_code
krb5_write_message (krb5_context context,
@@ -44,12 +44,42 @@ krb5_write_message (krb5_context context,
u_int8_t buf[4];
len = data->length;
- buf[0] = (len >> 24) & 0xFF;
- buf[1] = (len >> 16) & 0xFF;
- buf[2] = (len >> 8) & 0xFF;
- buf[3] = (len >> 0) & 0xFF;
+ _krb5_put_int(buf, len, 4);
if (krb5_net_write (context, p_fd, buf, 4) != 4
|| krb5_net_write (context, p_fd, data->data, len) != len)
return errno;
return 0;
}
+
+krb5_error_code
+krb5_write_priv_message(krb5_context context,
+ krb5_auth_context ac,
+ krb5_pointer p_fd,
+ krb5_data *data)
+{
+ krb5_error_code ret;
+ krb5_data packet;
+ ret = krb5_mk_priv (context, ac, data, &packet, NULL);
+ if(ret)
+ return ret;
+ ret = krb5_write_message(context, p_fd, &packet);
+ krb5_data_free(&packet);
+ return ret;
+}
+
+krb5_error_code
+krb5_write_safe_message(krb5_context context,
+ krb5_auth_context ac,
+ krb5_boolean priv,
+ krb5_pointer p_fd,
+ krb5_data *data)
+{
+ krb5_error_code ret;
+ krb5_data packet;
+ ret = krb5_mk_safe (context, ac, data, &packet, NULL);
+ if(ret)
+ return ret;
+ ret = krb5_write_message(context, p_fd, &packet);
+ krb5_data_free(&packet);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/roken/ChangeLog b/crypto/heimdal/lib/roken/ChangeLog
index 6da4be0f9fd1..2e3ee9d5b820 100644
--- a/crypto/heimdal/lib/roken/ChangeLog
+++ b/crypto/heimdal/lib/roken/ChangeLog
@@ -1,3 +1,264 @@
+2001-01-30 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libroken_la_LDFLAGS): bump version to 11:1:2
+ * print_version.c (print_version): add 2001
+
+2001-01-29 Assar Westerlund <assar@sics.se>
+
+ * getifaddrs.c (getifaddrs2): copy the entire sockaddr
+
+ * roken-common.h (_PATH_BSHELL): add
+
+2001-01-27 Assar Westerlund <assar@sics.se>
+
+ * roken.h.in: move __attribute__ to roken-common.h
+
+ * esetenv.c (esetenv): cast to handle a setenv that takes a `char
+ * which is the case on Unicos
+
+2000-12-29 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (EXTRA_libroken_la_SOURCES): ifaddrs.h ->
+ ifaddrs.hin
+
+2000-12-25 Assar Westerlund <assar@sics.se>
+
+ * getarg.c (print_arg): add a case for arg_strings
+
+2000-12-15 Johan Danielsson <joda@pdc.kth.se>
+
+ * snprintf.c (append_string): handle NULL strings by printing
+ `(null)'
+
+2000-12-12 Johan Danielsson <joda@pdc.kth.se>
+
+ * roken-common.h: add c++ externs
+
+ * roken.h.in: fix last commit differently
+
+2000-12-11 Assar Westerlund <assar@sics.se>
+
+ * err.hin (warnerr): remove, it's not part of the err.h interface
+ * roken-common.h (warnerr): moved here from err.hin
+ * Makefile.am (libroken_la_LDFLAGS): set version to 11:0:2
+ * vis.c: s/u_int32_t/unsigned/ for systems that do not define
+ u_int32_t
+
+2000-12-10 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: rename some headers to avoid conflict with possible
+ system headers
+
+2000-12-06 Johan Danielsson <joda@pdc.kth.se>
+
+ * vis.c: make sure _DIAGASSERT is defined
+
+ * unvis.c: make sure _DIAGASSERT is defined
+
+ * Makefile.am: unvis.c, and vis.h
+
+ * vis.h: vis.h from NetBSD
+
+ * unvis.c: unvis from NetBSD
+
+ * roken.h.in: cleanup previous
+
+ * roken-common.h: make `extern "C"' into a macro, this make emacs
+ much happier
+
+ * vis.c: strvis implementation from NetBSD
+
+ * roken.h.in: add prototypes for strvis*
+
+2000-12-05 Johan Danielsson <joda@pdc.kth.se>
+
+ * ifaddrs.h: fix freeifaddrs prototype, and add ifa_broadaddr
+ macro
+
+ * getifaddrs.c: free some memory
+
+2000-12-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * ifaddrs.h: getifaddrs implementation using SIOCGIFCONFIG etc
+
+ * getifaddrs.c: getifaddrs implementation using SIOCGIFCONFIG etc
+
+2000-10-08 Assar Westerlund <assar@sics.se>
+
+ * mini_inetd.c (mini_inetd): check that fds are not too large to
+ select on
+
+2000-09-24 Assar Westerlund <assar@sics.se>
+
+ * esetenv.c: new file/function
+
+2000-08-16 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: bump version to 10:0:1
+
+2000-08-10 Assar Westerlund <assar@sics.se>
+
+ * mini_inetd.c (accept_it): type-correctness on parameters to
+ accept
+
+2000-08-07 Johan Danielsson <joda@pdc.kth.se>
+
+ * roken.h.in: add proto compat for getsockname
+
+2000-08-04 Johan Danielsson <joda@pdc.kth.se>
+
+ * write_pid.c: conditionalise pidfile
+
+ * write_pid.c: add pidfile function
+
+2000-07-25 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: bump version to 9:0:0
+
+ * warnerr.c: add get_progname
+
+2000-07-24 Assar Westerlund <assar@sics.se>
+
+ * getaddrinfo.c (add_hostent): if there's no fqdn in `he' try
+ reverse resolving to see if there's a fuller name there. don't
+ use just-freed memory
+
+2000-07-22 Assar Westerlund <assar@sics.se>
+
+ * xdbm.h: do not define ndbm functions in terms of dbm functions
+ if we're using db
+
+2000-07-20 Assar Westerlund <assar@sics.se>
+
+ * rtbl.c (rtbl_format): avoid printing an empty row at the end
+
+2000-07-19 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: make this compatible with `make dist'
+
+ * Makefile.am: revert version number for now
+
+2000-07-18 Johan Danielsson <joda@pdc.kth.se>
+
+ * configure.in: AM_PROG_LIBTOOL -> AC_PROG_LIBTOOL
+
+2000-07-17 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: set ACLOCAL_AMFLAGS
+
+2000-07-15 Johan Danielsson <joda@pdc.kth.se>
+
+ * getaddrinfo_hostspec.c: add new function that takes socktype
+ hint as parameter
+
+2000-07-09 Assar Westerlund <assar@sics.se>
+
+ * rtbl.c (rtbl_add_column): initialize `col' completely
+
+ * configure.in: bring headers and functions more in-line with
+ what's actually being used
+
+2000-07-08 Johan Danielsson <joda@pdc.kth.se>
+
+ * roken.h.in: declare ether_addr and sockaddr_dl for AIX
+
+ * rtbl.{c,h}: simple table functions
+
+2000-07-08 Assar Westerlund <assar@sics.se>
+
+ * configure.in (AM_INIT_AUTOMAKE): bump version to 10
+ * configure.in (AC_BROKEN): add strsep_copy
+ * Makefile.am (ACLOCAL): fetch files from cf
+
+2000-07-01 Assar Westerlund <assar@sics.se>
+
+ * roken-common.h (pid_file_*): fix protos
+
+2000-06-28 Assar Westerlund <assar@sics.se>
+
+ * getnameinfo_verified.c (getnameinfo_verified): free memory
+ returned from getaddrinfo
+
+2000-06-27 Assar Westerlund <assar@sics.se>
+
+ * resolve.c: export string_to_type and type_to_string
+ * resolve.c: add key,sig,cert update test-program
+ * resolve.h: add key,sig,cert
+
+2000-06-21 Assar Westerlund <assar@sics.se>
+
+ * resolve.h: add T_SIG, T_KEY
+ * resolve.c: add SIG and KEY
+ * Makefile.am (libroken_la_SOURCES): add environment.c and
+ write_pid.c
+
+ * write_pid.c: new file for writing a pid file.
+
+ * environment.c: new file with functionality for reading
+ /etc/environment. From Ake Sandgren <ake@cs.umu.se>
+
+2000-06-12 Johan Danielsson <joda@pdc.kth.se>
+
+ * strsep_copy.c: strsep, but with const stringp so returns string
+ in separate buffer
+
+2000-05-23 Assar Westerlund <assar@sics.se>
+
+ * vsyslog.c (vsyslog): calculate length of new format string
+ correctly
+
+2000-05-22 Johan Danielsson <joda@pdc.kth.se>
+
+ * getusershell.c: implment the AIX version use
+ /etc/security/login.cfg
+
+2000-05-21 Assar Westerlund <assar@sics.se>
+
+ * vsyslog.c (vsyslog): actually handle `%m'
+
+2000-05-15 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libroken_la_LDFLAGS): set version to 8:1:3
+
+ * roken-common.h: moved __attribute__ to roken.h.in
+
+2000-04-14 Assar Westerlund <assar@sics.se>
+
+ * getaddrinfo_hostspec.c (roken_getaddrinfo_hostspec): copy the
+ correct length from `hostspec'. based on a patch from Love
+ <lha@s3.kth.se>
+
+2000-04-09 Assar Westerlund <assar@sics.se>
+
+ * xdbm.h: only include one of db.h and the dbm-series
+
+2000-04-05 Assar Westerlund <assar@sics.se>
+
+ * resolve.c (_resolve_debug): explicitly set to zero. this moves
+ the variable from bss to data and the dynamic linker on MacOS
+ X/Darwin seems unhappy with stuff in the bss segment.
+
+2000-04-03 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: set version to 8:0:3
+
+2000-03-11 Assar Westerlund <assar@sics.se>
+
+ * roken.h.in (_SS_PAD1SIZE): try to write an inpenetrable
+ expression that also works on Crays
+
+2000-03-09 Assar Westerlund <assar@sics.se>
+
+ * getarg.c (arg_match_short): backup optind when there's a missing
+ argument so that the error can point at the flag and not the
+ non-existant argument
+
+2000-03-03 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in (SOURCES): add timeval.c
+ * Makefile.am (libroken_la_SOURCES): add timeval.c
+ * timeval.c: new file
+
2000-02-19 Assar Westerlund <assar@sics.se>
* Makefile.am: set version to 7:1:2
diff --git a/crypto/heimdal/lib/roken/Makefile.am b/crypto/heimdal/lib/roken/Makefile.am
index 3d303f89917f..23f2d59132e6 100644
--- a/crypto/heimdal/lib/roken/Makefile.am
+++ b/crypto/heimdal/lib/roken/Makefile.am
@@ -1,35 +1,45 @@
-# $Id: Makefile.am,v 1.70 2000/02/19 18:53:13 assar Exp $
+# $Id: Makefile.am,v 1.94 2001/01/30 01:53:30 assar Exp $
-include $(top_srcdir)/Makefile.am.common
+AUTOMAKE_OPTIONS = foreign no-dependencies
-CLEANFILES = roken.h make-roken.c print_version.h
+AM_CFLAGS += $(WFLAGS)
+
+## ACLOCAL = @ACLOCAL@ -I cf
+ACLOCAL_AMFLAGS = -I ../../cf
+
+CLEANFILES = roken.h make-roken.c $(XHEADERS)
lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 7:1:2
+libroken_la_LDFLAGS = -version-info 11:1:2
+
+noinst_PROGRAMS = make-roken
+
+nodist_make_roken_SOURCES = make-roken.c
-noinst_PROGRAMS = make-roken make-print-version
+check_PROGRAMS = parse_bytes-test \
+ strpftime-test \
+ getaddrinfo-test
-check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test
TESTS = $(check_PROGRAMS)
-getaddrinfo_test_LDADD = libroken.la
-parse_bytes_test_LDADD = libroken.la
-strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c
+LIB_crypt = @LIB_crypt@
-if KRB4
-if KRB5
-## need to link with des here; otherwise, if krb4 is shared the link
-## will fail with unresolved references
-make_print_version_LDADD += $(LIB_krb4) -ldes
-endif
-endif
+common_LDADD = libroken.la $(LIB_crypt)
+
+strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c
+##snprintf_test_SOURCES = snprintf-test.c snprintf.c
+##snprintf_test_LDADD = $(common_LDADD) -lm
+getaddrinfo_test_LDADD = $(common_LDADD)
+parse_bytes_test_LDADD = $(common_LDADD)
libroken_la_SOURCES = \
base64.c \
concat.c \
emalloc.c \
+ environment.c \
eread.c \
erealloc.c \
+ esetenv.c \
estrdup.c \
ewrite.c \
getaddrinfo_hostspec.c \
@@ -46,17 +56,23 @@ libroken_la_SOURCES = \
parse_bytes.c \
parse_time.c \
parse_units.c \
- print_version.c \
resolve.c \
roken_gethostby.c \
+ rtbl.c \
+ rtbl.h \
signal.c \
simple_exec.c \
snprintf.c \
socket.c \
strcollect.c \
+ timeval.c \
tm2time.c \
+ unvis.c \
verify.c \
+ vis.c \
+ vis.h \
warnerr.c \
+ write_pid.c \
xdbm.h
EXTRA_libroken_la_SOURCES = \
@@ -64,12 +80,12 @@ EXTRA_libroken_la_SOURCES = \
copyhostent.c \
daemon.c \
err.c \
- err.h \
+ err.hin \
errx.c \
fchown.c \
flock.c \
fnmatch.c \
- fnmatch.h \
+ fnmatch.hin \
freeaddrinfo.c \
freehostent.c \
gai_strerror.c \
@@ -79,15 +95,16 @@ EXTRA_libroken_la_SOURCES = \
geteuid.c \
getgid.c \
gethostname.c \
+ getifaddrs.c \
getipnodebyaddr.c \
getipnodebyname.c \
- getnameinfo.c \
getopt.c \
gettimeofday.c \
getuid.c \
getusershell.c \
- glob.h \
+ glob.hin \
hstrerror.c \
+ ifaddrs.hin \
inet_aton.c \
inet_ntop.c \
inet_pton.c \
@@ -117,6 +134,7 @@ EXTRA_libroken_la_SOURCES = \
strnlen.c \
strptime.c \
strsep.c \
+ strsep_copy.c \
strtok_r.c \
strupr.c \
swab.c \
@@ -130,20 +148,13 @@ EXTRA_libroken_la_SOURCES = \
warnx.c \
writev.c
-EXTRA_DIST = resource.h roken.awk roken.def roken.dsp roken.h.in \
- roken.mak roken.rc
-
-
+EXTRA_DIST = roken.awk roken.h.in
libroken_la_LIBADD = @LTLIBOBJS@
-$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h
-
-include_HEADERS = $(err_h) base64.h getarg.h \
- parse_bytes.h parse_time.h parse_units.h \
- resolve.h roken.h roken-common.h
+$(LTLIBOBJS) $(libroken_la_OBJECTS): $(include_HEADERS) roken.h
-build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h
+BUILT_SOURCES = make-roken.c roken.h
if have_err_h
err_h =
@@ -163,6 +174,40 @@ else
glob_h = glob.h
endif
+if have_ifaddrs_h
+ifaddrs_h =
+else
+ifaddrs_h = ifaddrs.h
+endif
+
+if have_vis_h
+vis_h =
+else
+vis_h = vis.h
+endif
+
+## these are controlled by configure
+XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h)
+
+include_HEADERS = \
+ base64.h \
+ getarg.h \
+ parse_bytes.h \
+ parse_time.h \
+ parse_units.h \
+ resolve.h \
+ roken-common.h \
+ rtbl.h \
+ xdbm.h \
+ $(XHEADERS)
+
+nodist_include_HEADERS = roken.h
+
+
+SUFFIXES += .hin
+.hin.h:
+ cp $< $@
+
roken.h: make-roken$(EXEEXT)
@./make-roken$(EXEEXT) > tmp.h ;\
if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \
@@ -170,10 +215,3 @@ roken.h: make-roken$(EXEEXT)
make-roken.c: roken.h.in roken.awk
$(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c
-
-print_version.lo: print_version.h
-
-print_version.h: make-print-version$(EXEEXT)
- ./make-print-version$(EXEEXT) print_version.h
-
-make-print-version.o: $(top_builddir)/include/version.h
diff --git a/crypto/heimdal/lib/roken/Makefile.in b/crypto/heimdal/lib/roken/Makefile.in
index 6db39734f3cd..c779d468438c 100644
--- a/crypto/heimdal/lib/roken/Makefile.in
+++ b/crypto/heimdal/lib/roken/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.70 2000/02/19 18:53:13 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,124 +95,210 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
-AUTOMAKE_OPTIONS = foreign no-dependencies
+# $Id: Makefile.am,v 1.94 2001/01/30 01:53:30 assar Exp $
-SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include
+AUTOMAKE_OPTIONS = foreign no-dependencies
AM_CFLAGS = $(WFLAGS)
-COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
-
-buildinclude = $(top_builddir)/include
+ACLOCAL_AMFLAGS = -I ../../cf
-LIB_XauReadAuth = @LIB_XauReadAuth@
-LIB_crypt = @LIB_crypt@
-LIB_dbm_firstkey = @LIB_dbm_firstkey@
-LIB_dbopen = @LIB_dbopen@
-LIB_dlopen = @LIB_dlopen@
-LIB_dn_expand = @LIB_dn_expand@
-LIB_el_init = @LIB_el_init@
-LIB_getattr = @LIB_getattr@
-LIB_gethostbyname = @LIB_gethostbyname@
-LIB_getpwent_r = @LIB_getpwent_r@
-LIB_getpwnam_r = @LIB_getpwnam_r@
-LIB_getsockopt = @LIB_getsockopt@
-LIB_logout = @LIB_logout@
-LIB_logwtmp = @LIB_logwtmp@
-LIB_odm_initialize = @LIB_odm_initialize@
-LIB_readline = @LIB_readline@
-LIB_res_search = @LIB_res_search@
-LIB_setpcred = @LIB_setpcred@
-LIB_setsockopt = @LIB_setsockopt@
-LIB_socket = @LIB_socket@
-LIB_syslog = @LIB_syslog@
-LIB_tgetent = @LIB_tgetent@
-
-HESIODLIB = @HESIODLIB@
-HESIODINCLUDE = @HESIODINCLUDE@
-INCLUDE_hesiod = @INCLUDE_hesiod@
-LIB_hesiod = @LIB_hesiod@
-
-INCLUDE_krb4 = @INCLUDE_krb4@
-LIB_krb4 = @LIB_krb4@
-
-INCLUDE_readline = @INCLUDE_readline@
-
-LEXLIB = @LEXLIB@
-
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
-NROFF_MAN = groff -mandoc -Tascii
-
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
-
-CHECK_LOCAL = $(PROGRAMS)
-
-CLEANFILES = roken.h make-roken.c print_version.h
+CLEANFILES = roken.h make-roken.c $(XHEADERS)
lib_LTLIBRARIES = libroken.la
-libroken_la_LDFLAGS = -version-info 7:1:2
+libroken_la_LDFLAGS = -version-info 11:1:2
-noinst_PROGRAMS = make-roken make-print-version
+noinst_PROGRAMS = make-roken
-check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test
-TESTS = $(check_PROGRAMS)
+nodist_make_roken_SOURCES = make-roken.c
-getaddrinfo_test_LDADD = libroken.la
-parse_bytes_test_LDADD = libroken.la
-strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c
+check_PROGRAMS = parse_bytes-test \
+ strpftime-test \
+ getaddrinfo-test
-@KRB4_TRUE@@KRB5_TRUE@make_print_version_LDADD = $(LIB_krb4) -ldes
-libroken_la_SOURCES = base64.c concat.c emalloc.c eread.c erealloc.c estrdup.c ewrite.c getaddrinfo_hostspec.c get_default_username.c get_window_size.c getarg.c getnameinfo_verified.c issuid.c k_getpwnam.c k_getpwuid.c mini_inetd.c net_read.c net_write.c parse_bytes.c parse_time.c parse_units.c print_version.c resolve.c roken_gethostby.c signal.c simple_exec.c snprintf.c socket.c strcollect.c tm2time.c verify.c warnerr.c xdbm.h
-
-
-EXTRA_libroken_la_SOURCES = chown.c copyhostent.c daemon.c err.c err.h errx.c fchown.c flock.c fnmatch.c fnmatch.h freeaddrinfo.c freehostent.c gai_strerror.c getaddrinfo.c getdtablesize.c getegid.c geteuid.c getgid.c gethostname.c getipnodebyaddr.c getipnodebyname.c getnameinfo.c getopt.c gettimeofday.c getuid.c getusershell.c glob.h hstrerror.c inet_aton.c inet_ntop.c inet_pton.c initgroups.c innetgr.c iruserok.c lstat.c memmove.c mkstemp.c putenv.c rcmd.c readv.c recvmsg.c sendmsg.c setegid.c setenv.c seteuid.c strcasecmp.c strdup.c strerror.c strftime.c strlcat.c strlcpy.c strlwr.c strncasecmp.c strndup.c strnlen.c strptime.c strsep.c strtok_r.c strupr.c swab.c unsetenv.c verr.c verrx.c vsyslog.c vwarn.c vwarnx.c warn.c warnx.c writev.c
+TESTS = $(check_PROGRAMS)
+LIB_crypt = @LIB_crypt@
-EXTRA_DIST = resource.h roken.awk roken.def roken.dsp roken.h.in roken.mak roken.rc
+common_LDADD = libroken.la $(LIB_crypt)
+strpftime_test_SOURCES = strpftime-test.c strftime.c strptime.c snprintf.c
+getaddrinfo_test_LDADD = $(common_LDADD)
+parse_bytes_test_LDADD = $(common_LDADD)
+
+libroken_la_SOURCES = \
+ base64.c \
+ concat.c \
+ emalloc.c \
+ environment.c \
+ eread.c \
+ erealloc.c \
+ esetenv.c \
+ estrdup.c \
+ ewrite.c \
+ getaddrinfo_hostspec.c \
+ get_default_username.c \
+ get_window_size.c \
+ getarg.c \
+ getnameinfo_verified.c \
+ issuid.c \
+ k_getpwnam.c \
+ k_getpwuid.c \
+ mini_inetd.c \
+ net_read.c \
+ net_write.c \
+ parse_bytes.c \
+ parse_time.c \
+ parse_units.c \
+ resolve.c \
+ roken_gethostby.c \
+ rtbl.c \
+ rtbl.h \
+ signal.c \
+ simple_exec.c \
+ snprintf.c \
+ socket.c \
+ strcollect.c \
+ timeval.c \
+ tm2time.c \
+ unvis.c \
+ verify.c \
+ vis.c \
+ vis.h \
+ warnerr.c \
+ write_pid.c \
+ xdbm.h
+
+
+EXTRA_libroken_la_SOURCES = \
+ chown.c \
+ copyhostent.c \
+ daemon.c \
+ err.c \
+ err.hin \
+ errx.c \
+ fchown.c \
+ flock.c \
+ fnmatch.c \
+ fnmatch.hin \
+ freeaddrinfo.c \
+ freehostent.c \
+ gai_strerror.c \
+ getaddrinfo.c \
+ getdtablesize.c \
+ getegid.c \
+ geteuid.c \
+ getgid.c \
+ gethostname.c \
+ getifaddrs.c \
+ getipnodebyaddr.c \
+ getipnodebyname.c \
+ getopt.c \
+ gettimeofday.c \
+ getuid.c \
+ getusershell.c \
+ glob.hin \
+ hstrerror.c \
+ ifaddrs.hin \
+ inet_aton.c \
+ inet_ntop.c \
+ inet_pton.c \
+ initgroups.c \
+ innetgr.c \
+ iruserok.c \
+ lstat.c \
+ memmove.c \
+ mkstemp.c \
+ putenv.c \
+ rcmd.c \
+ readv.c \
+ recvmsg.c \
+ sendmsg.c \
+ setegid.c \
+ setenv.c \
+ seteuid.c \
+ strcasecmp.c \
+ strdup.c \
+ strerror.c \
+ strftime.c \
+ strlcat.c \
+ strlcpy.c \
+ strlwr.c \
+ strncasecmp.c \
+ strndup.c \
+ strnlen.c \
+ strptime.c \
+ strsep.c \
+ strsep_copy.c \
+ strtok_r.c \
+ strupr.c \
+ swab.c \
+ unsetenv.c \
+ verr.c \
+ verrx.c \
+ vsyslog.c \
+ vwarn.c \
+ vwarnx.c \
+ warn.c \
+ warnx.c \
+ writev.c
+
+
+EXTRA_DIST = roken.awk roken.h.in
libroken_la_LIBADD = @LTLIBOBJS@
-include_HEADERS = $(err_h) base64.h getarg.h parse_bytes.h parse_time.h parse_units.h resolve.h roken.h roken-common.h
-
-
-build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h
+BUILT_SOURCES = make-roken.c roken.h
@have_err_h_TRUE@err_h =
-@have_err_h_FALSE@err_h = err.h
+@have_err_h_FALSE@err_h = @have_err_h_FALSE@err.h
@have_fnmatch_h_TRUE@fnmatch_h =
-@have_fnmatch_h_FALSE@fnmatch_h = fnmatch.h
+@have_fnmatch_h_FALSE@fnmatch_h = @have_fnmatch_h_FALSE@fnmatch.h
@have_glob_h_TRUE@glob_h =
-@have_glob_h_FALSE@glob_h = glob.h
+@have_glob_h_FALSE@glob_h = @have_glob_h_FALSE@glob.h
+@have_ifaddrs_h_TRUE@ifaddrs_h =
+@have_ifaddrs_h_FALSE@ifaddrs_h = @have_ifaddrs_h_FALSE@ifaddrs.h
+@have_vis_h_TRUE@vis_h =
+@have_vis_h_FALSE@vis_h = @have_vis_h_FALSE@vis.h
+
+XHEADERS = $(err_h) $(fnmatch_h) $(glob_h) $(ifaddrs_h) $(vis_h)
+
+include_HEADERS = \
+ base64.h \
+ getarg.h \
+ parse_bytes.h \
+ parse_time.h \
+ parse_units.h \
+ resolve.h \
+ roken-common.h \
+ rtbl.h \
+ xdbm.h \
+ $(XHEADERS)
+
+
+nodist_include_HEADERS = roken.h
+
+SUFFIXES = .hin
+subdir = lib/roken
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -225,63 +314,64 @@ X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
libroken_la_DEPENDENCIES = @LTLIBOBJS@
-libroken_la_OBJECTS = base64.lo concat.lo emalloc.lo eread.lo \
-erealloc.lo estrdup.lo ewrite.lo getaddrinfo_hostspec.lo \
-get_default_username.lo get_window_size.lo getarg.lo \
-getnameinfo_verified.lo issuid.lo k_getpwnam.lo k_getpwuid.lo \
+am_libroken_la_OBJECTS = base64.lo concat.lo emalloc.lo environment.lo \
+eread.lo erealloc.lo esetenv.lo estrdup.lo ewrite.lo \
+getaddrinfo_hostspec.lo get_default_username.lo get_window_size.lo \
+getarg.lo getnameinfo_verified.lo issuid.lo k_getpwnam.lo k_getpwuid.lo \
mini_inetd.lo net_read.lo net_write.lo parse_bytes.lo parse_time.lo \
-parse_units.lo print_version.lo resolve.lo roken_gethostby.lo signal.lo \
-simple_exec.lo snprintf.lo socket.lo strcollect.lo tm2time.lo verify.lo \
-warnerr.lo
+parse_units.lo resolve.lo roken_gethostby.lo rtbl.lo signal.lo \
+simple_exec.lo snprintf.lo socket.lo strcollect.lo timeval.lo \
+tm2time.lo unvis.lo verify.lo vis.lo warnerr.lo write_pid.lo
+libroken_la_OBJECTS = $(am_libroken_la_OBJECTS)
check_PROGRAMS = parse_bytes-test$(EXEEXT) strpftime-test$(EXEEXT) \
getaddrinfo-test$(EXEEXT)
-noinst_PROGRAMS = make-roken$(EXEEXT) make-print-version$(EXEEXT)
+noinst_PROGRAMS = make-roken$(EXEEXT)
PROGRAMS = $(noinst_PROGRAMS)
+getaddrinfo_test_SOURCES = getaddrinfo-test.c
+getaddrinfo_test_OBJECTS = getaddrinfo-test.$(OBJEXT)
+getaddrinfo_test_DEPENDENCIES = libroken.la
+getaddrinfo_test_LDFLAGS =
+nodist_make_roken_OBJECTS = make-roken.$(OBJEXT)
+make_roken_OBJECTS = $(nodist_make_roken_OBJECTS)
+make_roken_LDADD = $(LDADD)
+make_roken_DEPENDENCIES =
+make_roken_LDFLAGS =
parse_bytes_test_SOURCES = parse_bytes-test.c
parse_bytes_test_OBJECTS = parse_bytes-test.$(OBJEXT)
parse_bytes_test_DEPENDENCIES = libroken.la
parse_bytes_test_LDFLAGS =
-strpftime_test_OBJECTS = strpftime-test.$(OBJEXT) strftime.$(OBJEXT) \
+am_strpftime_test_OBJECTS = strpftime-test.$(OBJEXT) strftime.$(OBJEXT) \
strptime.$(OBJEXT) snprintf.$(OBJEXT)
+strpftime_test_OBJECTS = $(am_strpftime_test_OBJECTS)
strpftime_test_LDADD = $(LDADD)
strpftime_test_DEPENDENCIES =
strpftime_test_LDFLAGS =
-getaddrinfo_test_SOURCES = getaddrinfo-test.c
-getaddrinfo_test_OBJECTS = getaddrinfo-test.$(OBJEXT)
-getaddrinfo_test_DEPENDENCIES = libroken.la
-getaddrinfo_test_LDFLAGS =
-make_roken_SOURCES = make-roken.c
-make_roken_OBJECTS = make-roken.$(OBJEXT)
-make_roken_LDADD = $(LDADD)
-make_roken_DEPENDENCIES =
-make_roken_LDFLAGS =
-make_print_version_SOURCES = make-print-version.c
-make_print_version_OBJECTS = make-print-version.$(OBJEXT)
-@KRB4_TRUE@@KRB5_TRUE@make_print_version_DEPENDENCIES =
-make_print_version_LDFLAGS =
-CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
-HEADERS = $(include_HEADERS)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) \
+getaddrinfo-test.c parse_bytes-test.c $(strpftime_test_SOURCES)
+HEADERS = $(include_HEADERS) $(nodist_include_HEADERS)
-DIST_COMMON = ChangeLog Makefile.am Makefile.in getcap.c glob.c \
-make-print-version.c
+depcomp =
+DIST_COMMON = $(include_HEADERS) ChangeLog Makefile.am Makefile.in \
+acinclude.m4 getcap.c getcwd.c getnameinfo.c glob.c install-sh \
+make-print-version.c missing mkinstalldirs
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
-SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) parse_bytes-test.c $(strpftime_test_SOURCES) getaddrinfo-test.c make-roken.c make-print-version.c
-OBJECTS = $(libroken_la_OBJECTS) parse_bytes-test.$(OBJEXT) $(strpftime_test_OBJECTS) getaddrinfo-test.$(OBJEXT) make-roken.$(OBJEXT) make-print-version.$(OBJEXT)
+SOURCES = $(libroken_la_SOURCES) $(EXTRA_libroken_la_SOURCES) getaddrinfo-test.c $(nodist_make_roken_SOURCES) parse_bytes-test.c $(strpftime_test_SOURCES)
+OBJECTS = $(am_libroken_la_OBJECTS) getaddrinfo-test.$(OBJEXT) $(nodist_make_roken_OBJECTS) parse_bytes-test.$(OBJEXT) $(am_strpftime_test_OBJECTS)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .s .x
-$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
+.SUFFIXES: .c .h .hin .lo .o .obj
+$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4)
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/roken/Makefile
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@@ -303,31 +393,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -339,15 +416,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -379,14 +447,6 @@ distclean-noinstPROGRAMS:
maintainer-clean-noinstPROGRAMS:
-parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES)
- @rm -f parse_bytes-test$(EXEEXT)
- $(LINK) $(parse_bytes_test_LDFLAGS) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS)
-
-strpftime-test$(EXEEXT): $(strpftime_test_OBJECTS) $(strpftime_test_DEPENDENCIES)
- @rm -f strpftime-test$(EXEEXT)
- $(LINK) $(strpftime_test_LDFLAGS) $(strpftime_test_OBJECTS) $(strpftime_test_LDADD) $(LIBS)
-
getaddrinfo-test$(EXEEXT): $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_DEPENDENCIES)
@rm -f getaddrinfo-test$(EXEEXT)
$(LINK) $(getaddrinfo_test_LDFLAGS) $(getaddrinfo_test_OBJECTS) $(getaddrinfo_test_LDADD) $(LIBS)
@@ -395,44 +455,79 @@ make-roken$(EXEEXT): $(make_roken_OBJECTS) $(make_roken_DEPENDENCIES)
@rm -f make-roken$(EXEEXT)
$(LINK) $(make_roken_LDFLAGS) $(make_roken_OBJECTS) $(make_roken_LDADD) $(LIBS)
-make-print-version$(EXEEXT): $(make_print_version_OBJECTS) $(make_print_version_DEPENDENCIES)
- @rm -f make-print-version$(EXEEXT)
- $(LINK) $(make_print_version_LDFLAGS) $(make_print_version_OBJECTS) $(make_print_version_LDADD) $(LIBS)
+parse_bytes-test$(EXEEXT): $(parse_bytes_test_OBJECTS) $(parse_bytes_test_DEPENDENCIES)
+ @rm -f parse_bytes-test$(EXEEXT)
+ $(LINK) $(parse_bytes_test_LDFLAGS) $(parse_bytes_test_OBJECTS) $(parse_bytes_test_LDADD) $(LIBS)
+
+strpftime-test$(EXEEXT): $(strpftime_test_OBJECTS) $(strpftime_test_DEPENDENCIES)
+ @rm -f strpftime-test$(EXEEXT)
+ $(LINK) $(strpftime_test_LDFLAGS) $(strpftime_test_OBJECTS) $(strpftime_test_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
install-includeHEADERS: $(include_HEADERS)
@$(NORMAL_INSTALL)
$(mkinstalldirs) $(DESTDIR)$(includedir)
@list='$(include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
done
uninstall-includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(includedir)/$$p; \
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
+ done
+
+install-nodist_includeHEADERS: $(nodist_include_HEADERS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(includedir)
+ @list='$(nodist_include_HEADERS)'; for p in $$list; do \
+ if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
+ done
+
+uninstall-nodist_includeHEADERS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(nodist_include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -442,77 +537,104 @@ distclean-tags:
-rm -f TAGS ID
maintainer-clean-tags:
+check-TESTS: $(TESTS)
+ @failed=0; all=0; xfail=0; xpass=0; \
+ srcdir=$(srcdir); export srcdir; \
+ list='$(TESTS)'; \
+ if test -n "$$list"; then \
+ for tst in $$list; do \
+ if test -f ./$$tst; then dir=./; \
+ elif test -f $$tst; then dir=; \
+ else dir="$(srcdir)/"; fi; \
+ if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *" $$tst "*) \
+ xpass=`expr $$xpass + 1`; \
+ failed=`expr $$failed + 1`; \
+ echo "XPASS: $$tst"; \
+ ;; \
+ *) \
+ echo "PASS: $$tst"; \
+ ;; \
+ esac; \
+ elif test $$? -ne 77; then \
+ all=`expr $$all + 1`; \
+ case " $(XFAIL_TESTS) " in \
+ *" $$tst "*) \
+ xfail=`expr $$xfail + 1`; \
+ echo "XFAIL: $$tst"; \
+ ;; \
+ *) \
+ failed=`expr $$failed + 1`; \
+ echo "FAIL: $$tst"; \
+ ;; \
+ esac; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ if test "$$xfail" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="All $$all tests behaved as expected ($$xfail expected failures)"; \
+ fi; \
+ else \
+ if test "$$xpass" -eq 0; then \
+ banner="$$failed of $$all tests failed"; \
+ else \
+ banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \
+ fi; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/roken
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
- $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
-check-TESTS: $(TESTS)
- @failed=0; all=0; \
- srcdir=$(srcdir); export srcdir; \
- for tst in $(TESTS); do \
- if test -f $$tst; then dir=.; \
- else dir="$(srcdir)"; fi; \
- if $(TESTS_ENVIRONMENT) $$dir/$$tst; then \
- all=`expr $$all + 1`; \
- echo "PASS: $$tst"; \
- elif test $$? -ne 77; then \
- all=`expr $$all + 1`; \
- failed=`expr $$failed + 1`; \
- echo "FAIL: $$tst"; \
- fi; \
- done; \
- if test "$$failed" -eq 0; then \
- banner="All $$all tests passed"; \
- else \
- banner="$$failed of $$all tests failed"; \
- fi; \
- dashes=`echo "$$banner" | sed s/./=/g`; \
- echo "$$dashes"; \
- echo "$$banner"; \
- echo "$$dashes"; \
- test "$$failed" -eq 0
info-am:
info: info-am
dvi-am:
dvi: dvi-am
check-am: all-am
$(MAKE) $(AM_MAKEFLAGS) $(check_PROGRAMS)
- $(MAKE) $(AM_MAKEFLAGS) check-TESTS check-local
+ $(MAKE) $(AM_MAKEFLAGS) check-TESTS
check: check-am
installcheck-am:
installcheck: installcheck-am
install-exec-am: install-libLTLIBRARIES
- @$(NORMAL_INSTALL)
- $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
install-exec: install-exec-am
-install-data-am: install-includeHEADERS install-data-local
+install-data-am: install-includeHEADERS install-nodist_includeHEADERS
install-data: install-data-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
install: install-am
-uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS
+uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS \
+ uninstall-nodist_includeHEADERS
uninstall: uninstall-am
-all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS)
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
- $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir)
+ $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) \
+ $(DESTDIR)$(nodist_includedir)
mostlyclean-generic:
@@ -525,6 +647,8 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
+ -rm -f Makefile.in
+ -test -z "$(BUILT_SOURCES)" || rm -f $(BUILT_SOURCES)
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
mostlyclean-libtool mostlyclean-checkPROGRAMS \
mostlyclean-noinstPROGRAMS mostlyclean-tags \
@@ -566,220 +690,19 @@ distclean-checkPROGRAMS clean-checkPROGRAMS \
maintainer-clean-checkPROGRAMS mostlyclean-noinstPROGRAMS \
distclean-noinstPROGRAMS clean-noinstPROGRAMS \
maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \
-install-includeHEADERS tags mostlyclean-tags distclean-tags clean-tags \
-maintainer-clean-tags distdir check-TESTS info-am info dvi-am dvi \
-check-local check check-am installcheck-am installcheck install-exec-am \
-install-exec install-data-local install-data-am install-data install-am \
-install uninstall-am uninstall all-local all-redirect all-am all \
+install-includeHEADERS uninstall-nodist_includeHEADERS \
+install-nodist_includeHEADERS tags mostlyclean-tags distclean-tags \
+clean-tags maintainer-clean-tags check-TESTS distdir info-am info \
+dvi-am dvi check check-am installcheck-am installcheck install-exec-am \
+install-exec install-data-am install-data install-am install \
+uninstall-am uninstall all-redirect all-am all install-strip \
installdirs mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
-install-suid-programs:
- @foo='$(bin_SUIDS)'; \
- for file in $$foo; do \
- x=$(DESTDIR)$(bindir)/$$file; \
- if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
-
-install-exec-hook: install-suid-programs
-
-install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
- @foo='$(include_HEADERS) $(build_HEADERZ)'; \
- for f in $$foo; do \
- f=`basename $$f`; \
- if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
- else file="$$f"; fi; \
- if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
- : ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
- fi ; \
- done
-
-all-local: install-build-headers
-#NROFF_MAN = nroff -man
-.1.cat1:
- $(NROFF_MAN) $< > $@
-.3.cat3:
- $(NROFF_MAN) $< > $@
-.5.cat5:
- $(NROFF_MAN) $< > $@
-.8.cat8:
- $(NROFF_MAN) $< > $@
-
-dist-cat1-mans:
- @foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done ;\
- for i in $$foo; do \
- x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
- echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
- $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
- done
-
-dist-cat3-mans:
- @foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done ;\
- for i in $$foo; do \
- x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
- echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
- $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
- done
-
-dist-cat5-mans:
- @foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done ;\
- for i in $$foo; do \
- x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
- echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
- $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
- done
-
-dist-cat8-mans:
- @foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done ;\
- for i in $$foo; do \
- x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
- echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
- $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
- done
-
-dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
-
-install-data-local: install-cat-mans
-
-.et.h:
- $(COMPILE_ET) $<
-.et.c:
- $(COMPILE_ET) $<
-
-.x.c:
- @cmp -s $< $@ 2> /dev/null || cp $< $@
-
-check-local::
- @foo='$(CHECK_LOCAL)'; \
- if test "$$foo"; then \
- failed=0; all=0; \
- for i in $$foo; do \
- all=`expr $$all + 1`; \
- if ./$$i --version > /dev/null 2>&1; then \
- echo "PASS: $$i"; \
- else \
- echo "FAIL: $$i"; \
- failed=`expr $$failed + 1`; \
- fi; \
- done; \
- if test "$$failed" -eq 0; then \
- banner="All $$all tests passed"; \
- else \
- banner="$$failed of $$all tests failed"; \
- fi; \
- dashes=`echo "$$banner" | sed s/./=/g`; \
- echo "$$dashes"; \
- echo "$$banner"; \
- echo "$$dashes"; \
- test "$$failed" -eq 0; \
- fi
-
-$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h
+$(LTLIBOBJS) $(libroken_la_OBJECTS): $(include_HEADERS) roken.h
+.hin.h:
+ cp $< $@
roken.h: make-roken$(EXEEXT)
@./make-roken$(EXEEXT) > tmp.h ;\
@@ -789,13 +712,6 @@ roken.h: make-roken$(EXEEXT)
make-roken.c: roken.h.in roken.awk
$(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c
-print_version.lo: print_version.h
-
-print_version.h: make-print-version$(EXEEXT)
- ./make-print-version$(EXEEXT) print_version.h
-
-make-print-version.o: $(top_builddir)/include/version.h
-
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.
.NOEXPORT:
diff --git a/crypto/heimdal/lib/roken/acconfig.h b/crypto/heimdal/lib/roken/acconfig.h
new file mode 100644
index 000000000000..5fbe685ce386
--- /dev/null
+++ b/crypto/heimdal/lib/roken/acconfig.h
@@ -0,0 +1,36 @@
+@BOTTOM@
+
+#ifdef BROKEN_REALLOC
+#define realloc(X, Y) isoc_realloc((X), (Y))
+#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y))
+#endif
+
+#ifdef VOID_RETSIGTYPE
+#define SIGRETURN(x) return
+#else
+#define SIGRETURN(x) return (RETSIGTYPE)(x)
+#endif
+
+#define RCSID(msg) \
+static /**/const char *const rcsid[] = { (const char *)rcsid, "\100(#)" msg }
+
+#undef PROTOTYPES
+
+/* Maximum values on all known systems */
+#define MaxHostNameLen (64+4)
+#define MaxPathLen (1024+4)
+
+/*
+ * Define NDBM if you are using the 4.3 ndbm library (which is part of
+ * libc). If not defined, 4.2 dbm will be assumed.
+ */
+#if defined(HAVE_DBM_FIRSTKEY)
+#define NDBM
+#endif
+
+/*
+ * Defining this enables lots of useful (and used) extensions on
+ * glibc-based systems such as Linux
+ */
+
+#define _GNU_SOURCE
diff --git a/crypto/heimdal/lib/roken/acinclude.m4 b/crypto/heimdal/lib/roken/acinclude.m4
new file mode 100644
index 000000000000..1d0197c5ce37
--- /dev/null
+++ b/crypto/heimdal/lib/roken/acinclude.m4
@@ -0,0 +1,9 @@
+dnl $Id$
+dnl
+dnl Only put things that for some reason can't live in the `cf'
+dnl directory in this file.
+dnl
+
+dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $
+dnl
+define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl
diff --git a/crypto/heimdal/lib/roken/config.h.in b/crypto/heimdal/lib/roken/config.h.in
new file mode 100644
index 000000000000..b3df98912148
--- /dev/null
+++ b/crypto/heimdal/lib/roken/config.h.in
@@ -0,0 +1 @@
+/*autoheader*/
diff --git a/crypto/heimdal/lib/roken/environment.c b/crypto/heimdal/lib/roken/environment.c
new file mode 100644
index 000000000000..62c732c5b47b
--- /dev/null
+++ b/crypto/heimdal/lib/roken/environment.c
@@ -0,0 +1,103 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: environment.c,v 1.1 2000/06/21 02:05:03 assar Exp $");
+#endif
+
+#include <stdio.h>
+#include <string.h>
+#include "roken.h"
+
+/*
+ * return count of environment assignments from `file' and
+ * list of malloced strings in `env'
+ */
+
+int
+read_environment(const char *file, char ***env)
+{
+ int i, k;
+ FILE *F;
+ char **l;
+ char buf[BUFSIZ], *p, *r;
+
+ if ((F = fopen(file, "r")) == NULL) {
+ return 0;
+ }
+
+ i = 0;
+ if (*env) {
+ l = *env;
+ while (*l != NULL) {
+ i++;
+ l++;
+ }
+ }
+ l = *env;
+ /* This is somewhat more relaxed on what it accepts then
+ * Wietses sysv_environ from K4 was...
+ */
+ while (fgets(buf, BUFSIZ, F) != NULL) {
+ if (buf[0] == '#')
+ continue;
+
+ p = strchr(buf, '#');
+ if (p != NULL)
+ *p = '\0';
+
+ p = buf;
+ while (*p == ' ' || *p == '\t' || *p == '\n') p++;
+ if (*p == '\0')
+ continue;
+
+ k = strlen(p);
+ if (p[k-1] == '\n')
+ p[k-1] = '\0';
+
+ /* Here one should check that is is a 'valid' env string... */
+ r = strchr(p, '=');
+ if (r == NULL)
+ continue;
+
+ l = realloc(l, (i+1) * sizeof (char *));
+ l[i++] = strdup(p);
+ }
+ fclose(F);
+ l = realloc(l, (i+1) * sizeof (char *));
+ l[i] = NULL;
+ *env = l;
+ return i;
+}
diff --git a/crypto/heimdal/lib/roken/err.hin b/crypto/heimdal/lib/roken/err.hin
new file mode 100644
index 000000000000..1fa7774bd0fe
--- /dev/null
+++ b/crypto/heimdal/lib/roken/err.hin
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: err.hin,v 1.16 2000/12/11 04:40:59 assar Exp $ */
+
+#ifndef __ERR_H__
+#define __ERR_H__
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdarg.h>
+
+extern const char *__progname;
+
+#if !defined(__GNUC__) && !defined(__attribute__)
+#define __attribute__(x)
+#endif
+
+void verr(int eval, const char *fmt, va_list ap)
+ __attribute__ ((noreturn, format (printf, 2, 0)));
+void err(int eval, const char *fmt, ...)
+ __attribute__ ((noreturn, format (printf, 2, 3)));
+void verrx(int eval, const char *fmt, va_list ap)
+ __attribute__ ((noreturn, format (printf, 2, 0)));
+void errx(int eval, const char *fmt, ...)
+ __attribute__ ((noreturn, format (printf, 2, 3)));
+void vwarn(const char *fmt, va_list ap)
+ __attribute__ ((format (printf, 1, 0)));
+void warn(const char *fmt, ...)
+ __attribute__ ((format (printf, 1, 2)));
+void vwarnx(const char *fmt, va_list ap)
+ __attribute__ ((format (printf, 1, 0)));
+void warnx(const char *fmt, ...)
+ __attribute__ ((format (printf, 1, 2)));
+
+#endif /* __ERR_H__ */
diff --git a/crypto/heimdal/lib/roken/esetenv.c b/crypto/heimdal/lib/roken/esetenv.c
new file mode 100644
index 000000000000..cb357527c34b
--- /dev/null
+++ b/crypto/heimdal/lib/roken/esetenv.c
@@ -0,0 +1,48 @@
+/*
+ * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: esetenv.c,v 1.3 2001/01/27 05:28:38 assar Exp $");
+#endif
+
+#include "roken.h"
+
+#include <err.h>
+
+void
+esetenv(const char *var, const char *val, int rewrite)
+{
+ if (setenv ((char *)var, (char *)val, rewrite))
+ errx (1, "failed setting environment variable %s", var);
+}
diff --git a/crypto/heimdal/lib/roken/fnmatch.hin b/crypto/heimdal/lib/roken/fnmatch.hin
new file mode 100644
index 000000000000..95c91d600b64
--- /dev/null
+++ b/crypto/heimdal/lib/roken/fnmatch.hin
@@ -0,0 +1,49 @@
+/* $NetBSD: fnmatch.h,v 1.5 1994/10/26 00:55:53 cgd Exp $ */
+
+/*-
+ * Copyright (c) 1992, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)fnmatch.h 8.1 (Berkeley) 6/2/93
+ */
+
+#ifndef _FNMATCH_H_
+#define _FNMATCH_H_
+
+#define FNM_NOMATCH 1 /* Match failed. */
+
+#define FNM_NOESCAPE 0x01 /* Disable backslash escaping. */
+#define FNM_PATHNAME 0x02 /* Slash must be matched by slash. */
+#define FNM_PERIOD 0x04 /* Period must be matched by period. */
+
+int fnmatch (const char *, const char *, int);
+
+#endif /* !_FNMATCH_H_ */
diff --git a/crypto/heimdal/lib/roken/getaddrinfo-test.c b/crypto/heimdal/lib/roken/getaddrinfo-test.c
index ede9c956894f..0e3afc5f1e81 100644
--- a/crypto/heimdal/lib/roken/getaddrinfo-test.c
+++ b/crypto/heimdal/lib/roken/getaddrinfo-test.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getaddrinfo-test.c,v 1.2 1999/12/03 04:10:07 assar Exp $");
+RCSID("$Id: getaddrinfo-test.c,v 1.3 2000/07/08 14:22:09 assar Exp $");
#endif
#include "roken.h"
@@ -122,7 +122,7 @@ main(int argc, char **argv)
usage (0);
if (version_flag) {
- print_version (NULL);
+ fprintf (stderr, "%s from %s-%s)\n", __progname, PACKAGE, VERSION);
return 0;
}
diff --git a/crypto/heimdal/lib/roken/getaddrinfo.c b/crypto/heimdal/lib/roken/getaddrinfo.c
index db18742d20d1..4b94d3d7df79 100644
--- a/crypto/heimdal/lib/roken/getaddrinfo.c
+++ b/crypto/heimdal/lib/roken/getaddrinfo.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getaddrinfo.c,v 1.6 1999/12/20 00:56:44 assar Exp $");
+RCSID("$Id: getaddrinfo.c,v 1.9 2000/07/24 02:34:20 assar Exp $");
#endif
#include "roken.h"
@@ -215,27 +215,56 @@ get_null (const struct addrinfo *hints,
return 0;
}
+/*
+ * Try to find a fqdn (with `.') in he if possible, else return h_name
+ */
+
+static char *
+find_fqdn (const struct hostent *he)
+{
+ char *ret = he->h_name;
+ char **h;
+
+ if (strchr (ret, '.') == NULL)
+ for (h = he->h_aliases; *h; ++h) {
+ if (strchr (*h, '.') != NULL) {
+ ret = *h;
+ break;
+ }
+ }
+ return ret;
+}
+
static int
add_hostent (int port, int protocol, int socktype,
struct addrinfo ***current,
int (*func)(struct addrinfo *, void *data, int port),
struct hostent *he, int *flags)
{
- char **h;
int ret;
char *canonname = NULL;
+ char **h;
if (*flags & AI_CANONNAME) {
- canonname = he->h_name;
-
- if (strchr (he->h_name, '.') == NULL)
- for (h = he->h_aliases; *h; ++h) {
- if (strchr (*h, '.') != NULL) {
- canonname = *h;
- break;
- }
+ struct hostent *he2 = NULL;
+
+ canonname = find_fqdn (he);
+ if (strchr (canonname, '.') == NULL) {
+ int error;
+
+ he2 = getipnodebyaddr (he->h_addr_list[0], he->h_length,
+ he->h_addrtype, &error);
+ if (he2 != NULL) {
+ char *tmp = find_fqdn (he2);
+
+ if (strchr (tmp, '.') != NULL)
+ canonname = tmp;
}
+ }
+
canonname = strdup (canonname);
+ if (he2 != NULL)
+ freehostent (he2);
if (canonname == NULL)
return EAI_MEMORY;
}
diff --git a/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c b/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c
index 76e5d2bfc2dd..7f6b0d1da945 100644
--- a/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c
+++ b/crypto/heimdal/lib/roken/getaddrinfo_hostspec.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getaddrinfo_hostspec.c,v 1.1 2000/02/07 13:38:22 joda Exp $");
+RCSID("$Id: getaddrinfo_hostspec.c,v 1.3 2000/07/15 12:50:32 joda Exp $");
#endif
#include "roken.h"
@@ -41,14 +41,16 @@ RCSID("$Id: getaddrinfo_hostspec.c,v 1.1 2000/02/07 13:38:22 joda Exp $");
/* getaddrinfo via string specifying host and port */
int
-roken_getaddrinfo_hostspec(const char *hostspec,
- int port,
- struct addrinfo **ai)
+roken_getaddrinfo_hostspec2(const char *hostspec,
+ int socktype,
+ int port,
+ struct addrinfo **ai)
{
const char *p;
char portstr[NI_MAXSERV];
char host[MAXHOSTNAMELEN];
struct addrinfo hints;
+ int hostspec_len;
struct hst {
const char *prefix;
@@ -64,6 +66,8 @@ roken_getaddrinfo_hostspec(const char *hostspec,
};
memset(&hints, 0, sizeof(hints));
+
+ hints.ai_socktype = socktype;
for(hstp = hst; hstp->prefix; hstp++) {
if(strncmp(hostspec, hstp->prefix, strlen(hstp->prefix)) == 0) {
@@ -81,9 +85,20 @@ roken_getaddrinfo_hostspec(const char *hostspec,
char *end;
port = strtol (p + 1, &end, 0);
+ hostspec_len = p - hostspec;
+ } else {
+ hostspec_len = strlen(hostspec);
}
snprintf (portstr, sizeof(portstr), "%u", port);
- snprintf (host, sizeof(host), "%.*s", p - hostspec, hostspec);
+ snprintf (host, sizeof(host), "%.*s", hostspec_len, hostspec);
return getaddrinfo (host, portstr, &hints, ai);
}
+
+int
+roken_getaddrinfo_hostspec(const char *hostspec,
+ int port,
+ struct addrinfo **ai)
+{
+ return roken_getaddrinfo_hostspec2(hostspec, 0, port, ai);
+}
diff --git a/crypto/heimdal/lib/roken/getarg.3 b/crypto/heimdal/lib/roken/getarg.3
index 78a88028caf4..e3b5c9fe4149 100644
--- a/crypto/heimdal/lib/roken/getarg.3
+++ b/crypto/heimdal/lib/roken/getarg.3
@@ -1,5 +1,5 @@
.\" Copyright (c) 1999 Kungliga Tekniska Högskolan
-.\" $Id: getarg.3,v 1.2 1999/10/18 17:14:31 joda Exp $
+.\" $Id: getarg.3,v 1.3 2001/01/11 16:16:30 assar Exp $
.Dd September 24, 1999
.Dt GETARG 3
.Os ROKEN
@@ -9,13 +9,10 @@
.Nd collect command line options
.Sh SYNOPSIS
.Fd #include <getarg.h>
-
.Ft int
.Fn getarg "struct getargs *args" "size_t num_args" "int argc" "char **argv" "int *optind"
-
.Ft void
.Fn arg_printusage "struct getargs *args" "size_t num_args" "const char *progname" "const char *extra_string"
-
.Sh DESCRIPTION
.Fn getarg
collects any command line options given to a program in an easily used way.
@@ -45,7 +42,8 @@ take the same
and
.Fa num_args
as getarg;
-.Fa progname is the name of the program (to be used in the help text), and
+.Fa progname
+is the name of the program (to be used in the help text), and
.Fa extra_string
is a string to print after the actual options to indicate more
arguments. The usefulness of this function is realised only be people
@@ -55,7 +53,6 @@ the code does.
The
.Fa getargs
struct has the following elements.
-
.Bd -literal
struct getargs{
const char *long_name;
@@ -176,7 +173,7 @@ and
.Fa *optarg ,
but to do this correct you (more or less) have to know about the inner
workings of getarg.
-
+.Pp
You can skip parts of arguments by increasing
.Fa *optarg
(you could
@@ -233,8 +230,6 @@ and if you're really confused you can do it multiple times
.Pf ( Fl -no-no-help= Ns Ar false ,
or even
.Fl -no-no-help= Ns Ar maybe ) .
-
-.Pp
.Sh EXAMPLE
.Bd -literal
#include <stdio.h>
@@ -276,11 +271,11 @@ main(int argc, char **argv)
exit (0);
}
if (destination == NULL) {
- fprintf(stderr, "%s: must specify destination\n", progname);
+ fprintf(stderr, "%s: must specify destination\en", progname);
exit(1);
}
if (strcmp(source, destination) == 0) {
- fprintf(stderr, "%s: destination must be different from source\n");
+ fprintf(stderr, "%s: destination must be different from source\en");
exit(1);
}
/* include more stuff here ... */
@@ -298,7 +293,6 @@ Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city]
-w tons, --weight=tons weight of shippment
-c, --no-catalog include product catalog
.Ed
-
.Sh BUGS
It should be more flexible, so it would be possible to use other more
complicated option syntaxes, such as what
diff --git a/crypto/heimdal/lib/roken/getarg.c b/crypto/heimdal/lib/roken/getarg.c
index d9a03a5c5781..342388e06e30 100644
--- a/crypto/heimdal/lib/roken/getarg.c
+++ b/crypto/heimdal/lib/roken/getarg.c
@@ -33,10 +33,12 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getarg.c,v 1.34 2000/02/13 21:06:43 assar Exp $");
+RCSID("$Id: getarg.c,v 1.37 2000/12/25 17:03:15 assar Exp $");
#endif
#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
#include <roken.h>
#include "getarg.h"
@@ -56,11 +58,12 @@ print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg)
if(longp)
strlcat(string, "= Ns", len);
strlcat(string, " Ar ", len);
- }else
+ } else {
if (longp)
strlcat (string, "=", len);
else
strlcat (string, " ", len);
+ }
if (arg->arg_help)
s = arg->arg_help;
@@ -68,6 +71,8 @@ print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg)
s = "integer";
else if (arg->type == arg_string)
s = "string";
+ else if (arg->type == arg_strings)
+ s = "strings";
else if (arg->type == arg_double)
s = "float";
else
@@ -461,8 +466,10 @@ arg_match_short (struct getargs *args, size_t num_args,
++*optind;
optarg = rargv[*optind];
}
- if(optarg == NULL)
+ if(optarg == NULL) {
+ --*optind;
return ARG_ERR_NO_ARG;
+ }
if(args[k].type == arg_integer) {
int tmp;
if(sscanf(optarg, "%d", &tmp) != 1)
diff --git a/crypto/heimdal/lib/roken/getifaddrs.c b/crypto/heimdal/lib/roken/getifaddrs.c
new file mode 100644
index 000000000000..e8e3e5467f09
--- /dev/null
+++ b/crypto/heimdal/lib/roken/getifaddrs.c
@@ -0,0 +1,271 @@
+/*
+ * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: getifaddrs.c,v 1.4 2001/01/28 23:02:46 assar Exp $");
+#endif
+#include "roken.h"
+
+#ifdef __osf__
+/* hate */
+struct rtentry;
+struct mbuf;
+#endif
+#ifdef HAVE_NET_IF_H
+#include <net/if.h>
+#endif
+
+#ifdef HAVE_SYS_SOCKIO_H
+#include <sys/sockio.h>
+#endif /* HAVE_SYS_SOCKIO_H */
+
+#ifdef HAVE_NETINET_IN6_VAR_H
+#include <netinet/in6_var.h>
+#endif /* HAVE_NETINET_IN6_VAR_H */
+
+#include <ifaddrs.h>
+
+static int
+getifaddrs2(struct ifaddrs **ifap,
+ int af, int siocgifconf, int siocgifflags,
+ size_t ifreq_sz)
+{
+ int ret;
+ int fd;
+ size_t buf_size;
+ char *buf;
+ struct ifconf ifconf;
+ int num, j = 0;
+ char *p;
+ size_t sz;
+ struct sockaddr sa_zero;
+ struct ifreq *ifr;
+
+ struct ifaddrs *start, **end = &start;
+
+ buf = NULL;
+
+ memset (&sa_zero, 0, sizeof(sa_zero));
+ fd = socket(af, SOCK_DGRAM, 0);
+ if (fd < 0)
+ return -1;
+
+ buf_size = 8192;
+ for (;;) {
+ buf = calloc(1, buf_size);
+ if (buf == NULL) {
+ ret = ENOMEM;
+ goto error_out;
+ }
+ ifconf.ifc_len = buf_size;
+ ifconf.ifc_buf = buf;
+
+ /*
+ * Solaris returns EINVAL when the buffer is too small.
+ */
+ if (ioctl (fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) {
+ ret = errno;
+ goto error_out;
+ }
+ /*
+ * Can the difference between a full and a overfull buf
+ * be determined?
+ */
+
+ if (ifconf.ifc_len < buf_size)
+ break;
+ free (buf);
+ buf_size *= 2;
+ }
+
+ num = ifconf.ifc_len / ifreq_sz;
+ j = 0;
+ for (p = ifconf.ifc_buf;
+ p < ifconf.ifc_buf + ifconf.ifc_len;
+ p += sz) {
+ struct ifreq ifreq;
+ struct sockaddr *sa;
+ size_t salen;
+
+ ifr = (struct ifreq *)p;
+ sa = &ifr->ifr_addr;
+
+ sz = ifreq_sz;
+ salen = sizeof(struct sockaddr);
+#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
+ salen = sa->sa_len;
+ sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len);
+#endif
+#ifdef SA_LEN
+ salen = SA_LEN(sa);
+ sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa));
+#endif
+ memset (&ifreq, 0, sizeof(ifreq));
+ memcpy (ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name));
+
+ if (ioctl(fd, siocgifflags, &ifreq) < 0) {
+ ret = errno;
+ goto error_out;
+ }
+
+ *end = malloc(sizeof(**end));
+
+ (*end)->ifa_next = NULL;
+ (*end)->ifa_name = strdup(ifr->ifr_name);
+ (*end)->ifa_flags = ifreq.ifr_flags;
+ (*end)->ifa_addr = malloc(salen);
+ memcpy((*end)->ifa_addr, sa, salen);
+ (*end)->ifa_netmask = NULL;
+
+#if 0
+ /* fix these when we actually need them */
+ if(ifreq.ifr_flags & IFF_BROADCAST) {
+ (*end)->ifa_broadaddr = malloc(sizeof(ifr->ifr_broadaddr));
+ memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr,
+ sizeof(ifr->ifr_broadaddr));
+ } else if(ifreq.ifr_flags & IFF_POINTOPOINT) {
+ (*end)->ifa_dstaddr = malloc(sizeof(ifr->ifr_dstaddr));
+ memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr,
+ sizeof(ifr->ifr_dstaddr));
+ } else
+ (*end)->ifa_dstaddr = NULL;
+#else
+ (*end)->ifa_dstaddr = NULL;
+#endif
+
+ (*end)->ifa_data = NULL;
+
+ end = &(*end)->ifa_next;
+
+ }
+ *ifap = start;
+ free(buf);
+ return 0;
+ error_out:
+ free(buf);
+ errno = ret;
+ return -1;
+}
+
+int
+getifaddrs(struct ifaddrs **ifap)
+{
+ int ret = -1;
+ errno = ENXIO;
+#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS)
+ if (ret)
+ ret = getifaddrs2 (ifap, AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS,
+ sizeof(struct in6_ifreq));
+#endif
+#if defined(HAVE_IPV6) && defined(SIOCGIFCONF)
+ if (ret)
+ ret = getifaddrs2 (ifap, AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS,
+ sizeof(struct ifreq));
+#endif
+#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS)
+ if (ret)
+ ret = getifaddrs2 (ifap, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS,
+ sizeof(struct ifreq));
+#endif
+ return ret;
+}
+
+void
+freeifaddrs(struct ifaddrs *ifp)
+{
+ struct ifaddrs *p, *q;
+
+ for(p = ifp; p; ) {
+ free(p->ifa_name);
+ if(p->ifa_addr)
+ free(p->ifa_addr);
+ if(p->ifa_dstaddr)
+ free(p->ifa_dstaddr);
+ if(p->ifa_netmask)
+ free(p->ifa_netmask);
+ if(p->ifa_data)
+ free(p->ifa_data);
+ q = p;
+ p = p->ifa_next;
+ free(q);
+ }
+}
+
+#ifdef TEST
+
+void
+print_addr(const char *s, struct sockaddr *sa)
+{
+ int i;
+ printf(" %s=%d/", s, sa->sa_family);
+#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN
+ for(i = 0; i < sa->sa_len - ((long)sa->sa_data - (long)&sa->sa_family); i++)
+ printf("%02x", ((unsigned char*)sa->sa_data)[i]);
+#else
+ for(i = 0; i < sizeof(sa->sa_data); i++)
+ printf("%02x", ((unsigned char*)sa->sa_data)[i]);
+#endif
+ printf("\n");
+}
+
+void
+print_ifaddrs(struct ifaddrs *x)
+{
+ struct ifaddrs *p;
+
+ for(p = x; p; p = p->ifa_next) {
+ printf("%s\n", p->ifa_name);
+ printf(" flags=%x\n", p->ifa_flags);
+ if(p->ifa_addr)
+ print_addr("addr", p->ifa_addr);
+ if(p->ifa_dstaddr)
+ print_addr("dstaddr", p->ifa_dstaddr);
+ if(p->ifa_netmask)
+ print_addr("netmask", p->ifa_netmask);
+ printf(" %p\n", p->ifa_data);
+ }
+}
+
+int
+main()
+{
+ struct ifaddrs *a = NULL, *b;
+ getifaddrs2(&a, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, sizeof(struct ifreq));
+ print_ifaddrs(a);
+ printf("---\n");
+ getifaddrs(&b);
+ print_ifaddrs(b);
+ return 0;
+}
+#endif
diff --git a/crypto/heimdal/lib/roken/getnameinfo_verified.c b/crypto/heimdal/lib/roken/getnameinfo_verified.c
index 2a23d24dd06a..30384ed3a027 100644
--- a/crypto/heimdal/lib/roken/getnameinfo_verified.c
+++ b/crypto/heimdal/lib/roken/getnameinfo_verified.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: getnameinfo_verified.c,v 1.2 1999/12/05 10:52:09 assar Exp $");
+RCSID("$Id: getnameinfo_verified.c,v 1.3 2000/06/28 01:21:53 assar Exp $");
#endif
#include "roken.h"
@@ -58,9 +58,12 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
return ret;
for (a = ai; a != NULL; a = a->ai_next) {
if (a->ai_addrlen == salen
- && memcmp (a->ai_addr, sa, salen) == 0)
+ && memcmp (a->ai_addr, sa, salen) == 0) {
+ freeaddrinfo (ai);
return 0;
+ }
}
+ freeaddrinfo (ai);
if (flags & NI_NAMEREQD)
return EAI_NONAME;
ret = getnameinfo (sa, salen, host, hostlen, serv, servlen,
diff --git a/crypto/heimdal/lib/roken/getusershell.c b/crypto/heimdal/lib/roken/getusershell.c
index 87a48ece19b5..eb990f3be243 100644
--- a/crypto/heimdal/lib/roken/getusershell.c
+++ b/crypto/heimdal/lib/roken/getusershell.c
@@ -35,12 +35,13 @@
#include <config.h>
#endif
-RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $");
+RCSID("$Id: getusershell.c,v 1.10 2000/05/22 09:11:59 joda Exp $");
#ifndef HAVE_GETUSERSHELL
#include <stdio.h>
#include <stdlib.h>
+#include <string.h>
#ifdef HAVE_PATHS_H
#include <paths.h>
#endif
@@ -54,6 +55,14 @@ RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $");
#include <sys/param.h>
#endif
+#ifdef HAVE_USERSEC_H
+struct aud_rec;
+#include <usersec.h>
+#endif
+#ifdef HAVE_USERCONF_H
+#include <userconf.h>
+#endif
+
#ifndef _PATH_SHELLS
#define _PATH_SHELLS "/etc/shells"
#endif
@@ -81,80 +90,102 @@ static char **initshells (void);
char *
getusershell()
{
- char *ret;
-
- if (curshell == NULL)
- curshell = initshells();
- ret = *curshell;
- if (ret != NULL)
- curshell++;
- return (ret);
+ char *ret;
+
+ if (curshell == NULL)
+ curshell = initshells();
+ ret = *curshell;
+ if (ret != NULL)
+ curshell++;
+ return (ret);
}
void
endusershell()
{
-
- if (shells != NULL)
- free(shells);
- shells = NULL;
- if (strings != NULL)
- free(strings);
- strings = NULL;
- curshell = NULL;
+ if (shells != NULL)
+ free(shells);
+ shells = NULL;
+ if (strings != NULL)
+ free(strings);
+ strings = NULL;
+ curshell = NULL;
}
void
setusershell()
{
-
- curshell = initshells();
+ curshell = initshells();
}
static char **
initshells()
{
- char **sp, *cp;
- FILE *fp;
- struct stat statb;
+ char **sp, *cp;
+#ifdef HAVE_GETCONFATTR
+ char *tmp;
+ int nsh;
+#else
+ FILE *fp;
+#endif
+ struct stat statb;
+
+ free(shells);
+ shells = NULL;
+ free(strings);
+ strings = NULL;
+#ifdef HAVE_GETCONFATTR
+ if(getconfattr(SC_SYS_LOGIN, SC_SHELLS, &tmp, SEC_LIST) != 0)
+ return okshells;
+
+ for(cp = tmp, nsh = 0; *cp; cp += strlen(cp) + 1, nsh++);
- if (shells != NULL)
- free(shells);
+ shells = calloc(nsh + 1, sizeof(*shells));
+ if(shells == NULL)
+ return okshells;
+
+ strings = malloc(cp - tmp);
+ if(strings == NULL) {
+ free(shells);
shells = NULL;
- if (strings != NULL)
- free(strings);
- strings = NULL;
- if ((fp = fopen(_PATH_SHELLS, "r")) == NULL)
- return (okshells);
- if (fstat(fileno(fp), &statb) == -1) {
- fclose(fp);
- return (okshells);
- }
- if ((strings = malloc((u_int)statb.st_size)) == NULL) {
- fclose(fp);
- return (okshells);
- }
- shells = calloc((unsigned)statb.st_size / 3, sizeof (char *));
- if (shells == NULL) {
- fclose(fp);
- free(strings);
- strings = NULL;
- return (okshells);
- }
- sp = shells;
- cp = strings;
- while (fgets(cp, MaxPathLen + 1, fp) != NULL) {
- while (*cp != '#' && *cp != '/' && *cp != '\0')
- cp++;
- if (*cp == '#' || *cp == '\0')
- continue;
- *sp++ = cp;
- while (!isspace(*cp) && *cp != '#' && *cp != '\0')
- cp++;
- *cp++ = '\0';
- }
- *sp = NULL;
+ return okshells;
+ }
+ memcpy(strings, tmp, cp - tmp);
+ for(sp = shells, cp = strings; *cp; cp += strlen(cp) + 1, sp++)
+ *sp = cp;
+#else
+ if ((fp = fopen(_PATH_SHELLS, "r")) == NULL)
+ return (okshells);
+ if (fstat(fileno(fp), &statb) == -1) {
fclose(fp);
- return (shells);
+ return (okshells);
+ }
+ if ((strings = malloc((u_int)statb.st_size)) == NULL) {
+ fclose(fp);
+ return (okshells);
+ }
+ shells = calloc((unsigned)statb.st_size / 3, sizeof (char *));
+ if (shells == NULL) {
+ fclose(fp);
+ free(strings);
+ strings = NULL;
+ return (okshells);
+ }
+ sp = shells;
+ cp = strings;
+ while (fgets(cp, MaxPathLen + 1, fp) != NULL) {
+ while (*cp != '#' && *cp != '/' && *cp != '\0')
+ cp++;
+ if (*cp == '#' || *cp == '\0')
+ continue;
+ *sp++ = cp;
+ while (!isspace(*cp) && *cp != '#' && *cp != '\0')
+ cp++;
+ *cp++ = '\0';
+ }
+ fclose(fp);
+#endif
+ *sp = NULL;
+ return (shells);
}
#endif /* HAVE_GETUSERSHELL */
diff --git a/crypto/heimdal/lib/roken/glob.hin b/crypto/heimdal/lib/roken/glob.hin
new file mode 100644
index 000000000000..bece48a89cd7
--- /dev/null
+++ b/crypto/heimdal/lib/roken/glob.hin
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 1989, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * This code is derived from software contributed to Berkeley by
+ * Guido van Rossum.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)glob.h 8.1 (Berkeley) 6/2/93
+ */
+
+#ifndef _GLOB_H_
+#define _GLOB_H_
+
+struct stat;
+typedef struct {
+ int gl_pathc; /* Count of total paths so far. */
+ int gl_matchc; /* Count of paths matching pattern. */
+ int gl_offs; /* Reserved at beginning of gl_pathv. */
+ int gl_flags; /* Copy of flags parameter to glob. */
+ char **gl_pathv; /* List of paths matching pattern. */
+ /* Copy of errfunc parameter to glob. */
+ int (*gl_errfunc) (const char *, int);
+
+ /*
+ * Alternate filesystem access methods for glob; replacement
+ * versions of closedir(3), readdir(3), opendir(3), stat(2)
+ * and lstat(2).
+ */
+ void (*gl_closedir) (void *);
+ struct dirent *(*gl_readdir) (void *);
+ void *(*gl_opendir) (const char *);
+ int (*gl_lstat) (const char *, struct stat *);
+ int (*gl_stat) (const char *, struct stat *);
+} glob_t;
+
+#define GLOB_APPEND 0x0001 /* Append to output from previous call. */
+#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */
+#define GLOB_ERR 0x0004 /* Return on error. */
+#define GLOB_MARK 0x0008 /* Append / to matching directories. */
+#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */
+#define GLOB_NOSORT 0x0020 /* Don't sort. */
+
+#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */
+#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */
+#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */
+#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */
+#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */
+#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */
+
+#define GLOB_NOSPACE (-1) /* Malloc call failed. */
+#define GLOB_ABEND (-2) /* Unignored error. */
+
+int glob (const char *, int, int (*)(const char *, int), glob_t *);
+void globfree (glob_t *);
+
+#endif /* !_GLOB_H_ */
diff --git a/crypto/heimdal/lib/roken/ifaddrs.hin b/crypto/heimdal/lib/roken/ifaddrs.hin
new file mode 100644
index 000000000000..d2b9be8ccc6d
--- /dev/null
+++ b/crypto/heimdal/lib/roken/ifaddrs.hin
@@ -0,0 +1,64 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: ifaddrs.hin,v 1.3 2000/12/11 00:01:13 assar Exp $ */
+
+#ifndef __ifaddrs_h__
+#define __ifaddrs_h__
+
+/*
+ * the interface is defined in terms of the fields below, and this is
+ * sometimes #define'd, so there seems to be no simple way of solving
+ * this and this seemed the best. */
+
+#undef ifa_dstaddr
+
+struct ifaddrs {
+ struct ifaddrs *ifa_next;
+ char *ifa_name;
+ unsigned int ifa_flags;
+ struct sockaddr *ifa_addr;
+ struct sockaddr *ifa_netmask;
+ struct sockaddr *ifa_dstaddr;
+ void *ifa_data;
+};
+
+#ifndef ifa_broadaddr
+#define ifa_broadaddr ifa_dstaddr
+#endif
+
+int getifaddrs(struct ifaddrs**);
+
+void freeifaddrs(struct ifaddrs*);
+
+#endif /* __ifaddrs_h__ */
diff --git a/crypto/heimdal/lib/roken/inet_ntop.c b/crypto/heimdal/lib/roken/inet_ntop.c
index f79a35eb334b..382b35121fdf 100644
--- a/crypto/heimdal/lib/roken/inet_ntop.c
+++ b/crypto/heimdal/lib/roken/inet_ntop.c
@@ -33,24 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: inet_ntop.c,v 1.3 1999/12/02 16:58:47 joda Exp $");
-#endif
-
-#include <errno.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN6_H
-#include <netinet/in6.h>
-#endif
-#ifdef HAVE_NETINET6_IN6_H
-#include <netinet6/in6.h>
+RCSID("$Id: inet_ntop.c,v 1.4 2000/07/27 16:24:00 assar Exp $");
#endif
#include <roken.h>
diff --git a/crypto/heimdal/lib/roken/inet_pton.c b/crypto/heimdal/lib/roken/inet_pton.c
index 9b195c23dafc..d9c976c8c732 100644
--- a/crypto/heimdal/lib/roken/inet_pton.c
+++ b/crypto/heimdal/lib/roken/inet_pton.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,24 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: inet_pton.c,v 1.2 1999/12/02 16:58:47 joda Exp $");
-#endif
-
-#include <errno.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN6_H
-#include <netinet/in6.h>
-#endif
-#ifdef HAVE_NETINET6_IN6_H
-#include <netinet6/in6.h>
+RCSID("$Id: inet_pton.c,v 1.3 2000/07/27 04:56:13 assar Exp $");
#endif
#include <roken.h>
diff --git a/crypto/heimdal/lib/roken/install-sh b/crypto/heimdal/lib/roken/install-sh
new file mode 100755
index 000000000000..e9de23842dcd
--- /dev/null
+++ b/crypto/heimdal/lib/roken/install-sh
@@ -0,0 +1,251 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission. M.I.T. makes no representations about the
+# suitability of this software for any purpose. It is provided "as is"
+# without express or implied warranty.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch. It can only install one file at a time, a restriction
+# shared with many OS's install programs.
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+transformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+ case $1 in
+ -c) instcmd="$cpprog"
+ shift
+ continue;;
+
+ -d) dir_arg=true
+ shift
+ continue;;
+
+ -m) chmodcmd="$chmodprog $2"
+ shift
+ shift
+ continue;;
+
+ -o) chowncmd="$chownprog $2"
+ shift
+ shift
+ continue;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift
+ shift
+ continue;;
+
+ -s) stripcmd="$stripprog"
+ shift
+ continue;;
+
+ -t=*) transformarg=`echo $1 | sed 's/-t=//'`
+ shift
+ continue;;
+
+ -b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+ shift
+ continue;;
+
+ *) if [ x"$src" = x ]
+ then
+ src=$1
+ else
+ # this colon is to work around a 386BSD /bin/sh bug
+ :
+ dst=$1
+ fi
+ shift
+ continue;;
+ esac
+done
+
+if [ x"$src" = x ]
+then
+ echo "install: no input file specified"
+ exit 1
+else
+ true
+fi
+
+if [ x"$dir_arg" != x ]; then
+ dst=$src
+ src=""
+
+ if [ -d $dst ]; then
+ instcmd=:
+ chmodcmd=""
+ else
+ instcmd=mkdir
+ fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad
+# if $src (and thus $dsttmp) contains '*'.
+
+ if [ -f $src -o -d $src ]
+ then
+ true
+ else
+ echo "install: $src does not exist"
+ exit 1
+ fi
+
+ if [ x"$dst" = x ]
+ then
+ echo "install: no destination specified"
+ exit 1
+ else
+ true
+ fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+ if [ -d $dst ]
+ then
+ dst="$dst"/`basename $src`
+ else
+ true
+ fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+# this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+ pathcomp="${pathcomp}${1}"
+ shift
+
+ if [ ! -d "${pathcomp}" ] ;
+ then
+ $mkdirprog "${pathcomp}"
+ else
+ true
+ fi
+
+ pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+ $doit $instcmd $dst &&
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+ if [ x"$transformarg" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ dstfile=`basename $dst $transformbasename |
+ sed $transformarg`$transformbasename
+ fi
+
+# don't allow the sed command to completely eliminate the filename
+
+ if [ x"$dstfile" = x ]
+ then
+ dstfile=`basename $dst`
+ else
+ true
+ fi
+
+# Make a temp file name in the proper directory.
+
+ dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+ $doit $instcmd $src $dsttmp &&
+
+ trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing. If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+ if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+ if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+ if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+ if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+ $doit $rmcmd -f $dstdir/$dstfile &&
+ $doit $mvcmd $dsttmp $dstdir/$dstfile
+
+fi &&
+
+
+exit 0
diff --git a/crypto/heimdal/lib/roken/make-print-version.c b/crypto/heimdal/lib/roken/make-print-version.c
index d08e023da950..b29cf3134064 100644
--- a/crypto/heimdal/lib/roken/make-print-version.c
+++ b/crypto/heimdal/lib/roken/make-print-version.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,13 +33,13 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: make-print-version.c,v 1.2 1999/12/02 16:58:51 joda Exp $");
+RCSID("$Id: make-print-version.c,v 1.3 2000/08/16 11:30:04 assar Exp $");
#endif
#include <stdio.h>
#ifdef KRB5
-extern char *heimdal_version;
+extern const char *heimdal_version;
#endif
#ifdef KRB4
extern char *krb4_version;
diff --git a/crypto/heimdal/lib/roken/mini_inetd.c b/crypto/heimdal/lib/roken/mini_inetd.c
index 9b8a650211eb..bb31962ae982 100644
--- a/crypto/heimdal/lib/roken/mini_inetd.c
+++ b/crypto/heimdal/lib/roken/mini_inetd.c
@@ -33,35 +33,11 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: mini_inetd.c,v 1.25 2000/01/26 00:54:48 assar Exp $");
-#endif
-
-#include <stdio.h>
-
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN6_H
-#include <netinet/in6.h>
-#endif
-#ifdef HAVE_NETINET6_IN6_H
-#include <netinet6/in6.h>
+RCSID("$Id: mini_inetd.c,v 1.28 2000/10/08 13:38:47 assar Exp $");
#endif
#include <err.h>
-#include <roken.h>
+#include "roken.h"
/*
* accept a connection on `s' and pretend it's served by inetd.
@@ -72,7 +48,7 @@ accept_it (int s)
{
int s2;
- s2 = accept(s, NULL, 0);
+ s2 = accept(s, NULL, NULL);
if(s2 < 0)
err (1, "accept");
close(s);
@@ -127,6 +103,8 @@ mini_inetd (int port)
err (1, "bind");
if (listen (fds[i], SOMAXCONN) < 0)
err (1, "listen");
+ if (fds[i] >= FD_SETSIZE)
+ errx (1, "fd too large");
FD_SET(fds[i], &orig_read_set);
max_fd = max(max_fd, fds[i]);
++i;
diff --git a/crypto/heimdal/lib/roken/missing b/crypto/heimdal/lib/roken/missing
new file mode 100755
index 000000000000..7789652e877f
--- /dev/null
+++ b/crypto/heimdal/lib/roken/missing
@@ -0,0 +1,190 @@
+#! /bin/sh
+# Common stub for a few missing GNU programs while installing.
+# Copyright (C) 1996, 1997 Free Software Foundation, Inc.
+# Franc,ois Pinard <pinard@iro.umontreal.ca>, 1996.
+
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2, or (at your option)
+# any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
+# 02111-1307, USA.
+
+if test $# -eq 0; then
+ echo 1>&2 "Try \`$0 --help' for more information"
+ exit 1
+fi
+
+case "$1" in
+
+ -h|--h|--he|--hel|--help)
+ echo "\
+$0 [OPTION]... PROGRAM [ARGUMENT]...
+
+Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an
+error status if there is no known handling for PROGRAM.
+
+Options:
+ -h, --help display this help and exit
+ -v, --version output version information and exit
+
+Supported PROGRAM values:
+ aclocal touch file \`aclocal.m4'
+ autoconf touch file \`configure'
+ autoheader touch file \`config.h.in'
+ automake touch all \`Makefile.in' files
+ bison create \`y.tab.[ch]', if possible, from existing .[ch]
+ flex create \`lex.yy.c', if possible, from existing .c
+ lex create \`lex.yy.c', if possible, from existing .c
+ makeinfo touch the output file
+ yacc create \`y.tab.[ch]', if possible, from existing .[ch]"
+ ;;
+
+ -v|--v|--ve|--ver|--vers|--versi|--versio|--version)
+ echo "missing - GNU libit 0.0"
+ ;;
+
+ -*)
+ echo 1>&2 "$0: Unknown \`$1' option"
+ echo 1>&2 "Try \`$0 --help' for more information"
+ exit 1
+ ;;
+
+ aclocal)
+ echo 1>&2 "\
+WARNING: \`$1' is missing on your system. You should only need it if
+ you modified \`acinclude.m4' or \`configure.in'. You might want
+ to install the \`Automake' and \`Perl' packages. Grab them from
+ any GNU archive site."
+ touch aclocal.m4
+ ;;
+
+ autoconf)
+ echo 1>&2 "\
+WARNING: \`$1' is missing on your system. You should only need it if
+ you modified \`configure.in'. You might want to install the
+ \`Autoconf' and \`GNU m4' packages. Grab them from any GNU
+ archive site."
+ touch configure
+ ;;
+
+ autoheader)
+ echo 1>&2 "\
+WARNING: \`$1' is missing on your system. You should only need it if
+ you modified \`acconfig.h' or \`configure.in'. You might want
+ to install the \`Autoconf' and \`GNU m4' packages. Grab them
+ from any GNU archive site."
+ files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' configure.in`
+ test -z "$files" && files="config.h"
+ touch_files=
+ for f in $files; do
+ case "$f" in
+ *:*) touch_files="$touch_files "`echo "$f" |
+ sed -e 's/^[^:]*://' -e 's/:.*//'`;;
+ *) touch_files="$touch_files $f.in";;
+ esac
+ done
+ touch $touch_files
+ ;;
+
+ automake)
+ echo 1>&2 "\
+WARNING: \`$1' is missing on your system. You should only need it if
+ you modified \`Makefile.am', \`acinclude.m4' or \`configure.in'.
+ You might want to install the \`Automake' and \`Perl' packages.
+ Grab them from any GNU archive site."
+ find . -type f -name Makefile.am -print |
+ sed 's/\.am$/.in/' |
+ while read f; do touch "$f"; done
+ ;;
+
+ bison|yacc)
+ echo 1>&2 "\
+WARNING: \`$1' is missing on your system. You should only need it if
+ you modified a \`.y' file. You may need the \`Bison' package
+ in order for those modifications to take effect. You can get
+ \`Bison' from any GNU archive site."
+ rm -f y.tab.c y.tab.h
+ if [ $# -ne 1 ]; then
+ eval LASTARG="\${$#}"
+ case "$LASTARG" in
+ *.y)
+ SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'`
+ if [ -f "$SRCFILE" ]; then
+ cp "$SRCFILE" y.tab.c
+ fi
+ SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'`
+ if [ -f "$SRCFILE" ]; then
+ cp "$SRCFILE" y.tab.h
+ fi
+ ;;
+ esac
+ fi
+ if [ ! -f y.tab.h ]; then
+ echo >y.tab.h
+ fi
+ if [ ! -f y.tab.c ]; then
+ echo 'main() { return 0; }' >y.tab.c
+ fi
+ ;;
+
+ lex|flex)
+ echo 1>&2 "\
+WARNING: \`$1' is missing on your system. You should only need it if
+ you modified a \`.l' file. You may need the \`Flex' package
+ in order for those modifications to take effect. You can get
+ \`Flex' from any GNU archive site."
+ rm -f lex.yy.c
+ if [ $# -ne 1 ]; then
+ eval LASTARG="\${$#}"
+ case "$LASTARG" in
+ *.l)
+ SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'`
+ if [ -f "$SRCFILE" ]; then
+ cp "$SRCFILE" lex.yy.c
+ fi
+ ;;
+ esac
+ fi
+ if [ ! -f lex.yy.c ]; then
+ echo 'main() { return 0; }' >lex.yy.c
+ fi
+ ;;
+
+ makeinfo)
+ echo 1>&2 "\
+WARNING: \`$1' is missing on your system. You should only need it if
+ you modified a \`.texi' or \`.texinfo' file, or any other file
+ indirectly affecting the aspect of the manual. The spurious
+ call might also be the consequence of using a buggy \`make' (AIX,
+ DU, IRIX). You might want to install the \`Texinfo' package or
+ the \`GNU make' package. Grab either from any GNU archive site."
+ file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'`
+ if test -z "$file"; then
+ file=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'`
+ file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $file`
+ fi
+ touch $file
+ ;;
+
+ *)
+ echo 1>&2 "\
+WARNING: \`$1' is needed, and you do not seem to have it handy on your
+ system. You might have modified some files without having the
+ proper tools for further handling them. Check the \`README' file,
+ it often tells you about the needed prerequirements for installing
+ this package. You may also peek at any GNU archive site, in case
+ some other package would contain this missing \`$1' program."
+ exit 1
+ ;;
+esac
+
+exit 0
diff --git a/crypto/heimdal/lib/roken/mkinstalldirs b/crypto/heimdal/lib/roken/mkinstalldirs
new file mode 100755
index 000000000000..6b3b5fc5d4d3
--- /dev/null
+++ b/crypto/heimdal/lib/roken/mkinstalldirs
@@ -0,0 +1,40 @@
+#! /bin/sh
+# mkinstalldirs --- make directory hierarchy
+# Author: Noah Friedman <friedman@prep.ai.mit.edu>
+# Created: 1993-05-16
+# Public domain
+
+# $Id$
+
+errstatus=0
+
+for file
+do
+ set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
+ shift
+
+ pathcomp=
+ for d
+ do
+ pathcomp="$pathcomp$d"
+ case "$pathcomp" in
+ -* ) pathcomp=./$pathcomp ;;
+ esac
+
+ if test ! -d "$pathcomp"; then
+ echo "mkdir $pathcomp"
+
+ mkdir "$pathcomp" || lasterr=$?
+
+ if test ! -d "$pathcomp"; then
+ errstatus=$lasterr
+ fi
+ fi
+
+ pathcomp="$pathcomp/"
+ done
+done
+
+exit $errstatus
+
+# mkinstalldirs ends here
diff --git a/crypto/heimdal/lib/roken/print_version.c b/crypto/heimdal/lib/roken/print_version.c
index 3b35ee1a246d..8b505fa335e8 100644
--- a/crypto/heimdal/lib/roken/print_version.c
+++ b/crypto/heimdal/lib/roken/print_version.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: print_version.c,v 1.6 2000/02/06 06:52:32 assar Exp $");
+RCSID("$Id: print_version.c,v 1.7 2001/01/30 03:05:29 assar Exp $");
#endif
#include "roken.h"
@@ -72,7 +72,7 @@ print_version(const char *progname)
}
}
fprintf(stderr, "%s (%s)\n", progname, msg);
- fprintf(stderr, "Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan\n");
+ fprintf(stderr, "Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan\n");
if(num_args != 0)
free(msg);
}
diff --git a/crypto/heimdal/lib/roken/putenv.c b/crypto/heimdal/lib/roken/putenv.c
index 80951d12c534..a6bdf6001d62 100644
--- a/crypto/heimdal/lib/roken/putenv.c
+++ b/crypto/heimdal/lib/roken/putenv.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: putenv.c,v 1.6 1999/12/02 16:58:51 joda Exp $");
+RCSID("$Id: putenv.c,v 1.7 2000/03/26 23:08:24 assar Exp $");
#endif
#include <stdlib.h>
@@ -47,30 +47,34 @@ extern char **environ;
* Makes the value of the environment variable name equal to
* value by altering an existing variable or creating a new one.
*/
-int putenv(const char *string)
+
+int
+putenv(const char *string)
{
int i;
+ const char *eq = (const char *)strchr(string, '=');
int len;
- len = string - strchr(string, '=') + 1;
+ if (eq == NULL)
+ return 1;
+ len = eq - string;
- if(environ == NULL){
+ if(environ == NULL) {
environ = malloc(sizeof(char*));
if(environ == NULL)
return 1;
environ[0] = NULL;
}
- for(i = 0; environ[i]; i++)
- if(strncmp(string, environ[i], len)){
- environ[len] = string;
+ for(i = 0; environ[i] != NULL; i++)
+ if(strncmp(string, environ[i], len) == 0) {
+ environ[i] = string;
return 0;
}
- environ = realloc(environ, sizeof(char*) * (i + 1));
+ environ = realloc(environ, sizeof(char*) * (i + 2));
if(environ == NULL)
return 1;
- environ[i] = string;
+ environ[i] = string;
environ[i+1] = NULL;
return 0;
}
-
diff --git a/crypto/heimdal/lib/roken/resolve.c b/crypto/heimdal/lib/roken/resolve.c
index 8840740532cc..76df2877fe64 100644
--- a/crypto/heimdal/lib/roken/resolve.c
+++ b/crypto/heimdal/lib/roken/resolve.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -43,7 +43,7 @@
#endif
#include "resolve.h"
-RCSID("$Id: resolve.c,v 1.22 1999/12/02 16:58:52 joda Exp $");
+RCSID("$Id: resolve.c,v 1.26 2000/06/27 01:15:53 assar Exp $");
#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND)
@@ -56,18 +56,22 @@ static struct stot{
DECL(A),
DECL(NS),
DECL(CNAME),
+ DECL(SOA),
DECL(PTR),
DECL(MX),
DECL(TXT),
DECL(AFSDB),
+ DECL(SIG),
+ DECL(KEY),
DECL(SRV),
+ DECL(NAPTR),
{NULL, 0}
};
-int _resolve_debug;
+int _resolve_debug = 0;
-static int
-string_to_type(const char *name)
+int
+dns_string_to_type(const char *name)
{
struct stot *p = stot;
for(p = stot; p->name; p++)
@@ -76,8 +80,8 @@ string_to_type(const char *name)
return -1;
}
-static const char *
-type_to_string(int type)
+const char *
+dns_type_to_string(int type)
{
struct stot *p = stot;
for(p = stot; p->name; p++)
@@ -235,7 +239,72 @@ parse_reply(unsigned char *data, int len)
(*rr)->u.txt[*p] = 0;
break;
}
-
+ case T_KEY : {
+ size_t key_len;
+
+ key_len = size - 4;
+ (*rr)->u.key = malloc (sizeof(*(*rr)->u.key) + key_len - 1);
+ if ((*rr)->u.key == NULL) {
+ dns_free_data (r);
+ return NULL;
+ }
+
+ (*rr)->u.key->flags = (p[0] << 8) | p[1];
+ (*rr)->u.key->protocol = p[2];
+ (*rr)->u.key->algorithm = p[3];
+ (*rr)->u.key->key_len = key_len;
+ memcpy ((*rr)->u.key->key_data, p + 4, key_len);
+ break;
+ }
+ case T_SIG : {
+ size_t sig_len;
+
+ status = dn_expand (data, data + len, p + 18, host, sizeof(host));
+ if (status < 0) {
+ dns_free_data (r);
+ return NULL;
+ }
+ sig_len = len - 18 - status;
+ (*rr)->u.sig = malloc(sizeof(*(*rr)->u.sig)
+ + strlen(host) + sig_len);
+ if ((*rr)->u.sig == NULL) {
+ dns_free_data (r);
+ return NULL;
+ }
+ (*rr)->u.sig->type = (p[0] << 8) | p[1];
+ (*rr)->u.sig->algorithm = p[2];
+ (*rr)->u.sig->labels = p[3];
+ (*rr)->u.sig->orig_ttl = (p[4] << 24) | (p[5] << 16)
+ | (p[6] << 8) | p[7];
+ (*rr)->u.sig->sig_expiration = (p[8] << 24) | (p[9] << 16)
+ | (p[10] << 8) | p[11];
+ (*rr)->u.sig->sig_inception = (p[12] << 24) | (p[13] << 16)
+ | (p[14] << 8) | p[15];
+ (*rr)->u.sig->key_tag = (p[16] << 8) | p[17];
+ (*rr)->u.sig->sig_len = sig_len;
+ memcpy ((*rr)->u.sig->sig_data, p + 18 + status, sig_len);
+ (*rr)->u.sig->signer = &(*rr)->u.sig->sig_data[sig_len];
+ strcpy((*rr)->u.sig->signer, host);
+ break;
+ }
+
+ case T_CERT : {
+ size_t cert_len;
+
+ cert_len = size - 5;
+ (*rr)->u.cert = malloc (sizeof(*(*rr)->u.cert) + cert_len - 1);
+ if ((*rr)->u.cert == NULL) {
+ dns_free_data (r);
+ return NULL;
+ }
+
+ (*rr)->u.cert->type = (p[0] << 8) | p[1];
+ (*rr)->u.cert->tag = (p[2] << 8) | p[3];
+ (*rr)->u.cert->algorithm = p[4];
+ (*rr)->u.cert->cert_len = cert_len;
+ memcpy ((*rr)->u.cert->cert_data, p + 5, cert_len);
+ break;
+ }
default:
(*rr)->u.data = (unsigned char*)malloc(size);
if(size != 0 && (*rr)->u.data == NULL) {
@@ -263,13 +332,13 @@ dns_lookup_int(const char *domain, int rr_class, int rr_type)
old_options = _res.options;
_res.options |= RES_DEBUG;
fprintf(stderr, "dns_lookup(%s, %d, %s)\n", domain,
- rr_class, type_to_string(rr_type));
+ rr_class, dns_type_to_string(rr_type));
}
len = res_search(domain, rr_class, rr_type, reply, sizeof(reply));
if (_resolve_debug) {
_res.options = old_options;
fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n",
- domain, rr_class, type_to_string(rr_type), len);
+ domain, rr_class, dns_type_to_string(rr_type), len);
}
if (len >= 0)
r = parse_reply(reply, len);
@@ -281,7 +350,7 @@ dns_lookup(const char *domain, const char *type_name)
{
int type;
- type = string_to_type(type_name);
+ type = dns_string_to_type(type_name);
if(type == -1) {
if(_resolve_debug)
fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n",
@@ -318,30 +387,49 @@ main(int argc, char **argv)
return 1;
}
for(rr = r->head; rr;rr=rr->next){
- printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl);
+ printf("%s %s %d ", rr->domain, dns_type_to_string(rr->type), rr->ttl);
switch(rr->type){
case T_NS:
+ case T_CNAME:
+ case T_PTR:
printf("%s\n", (char*)rr->u.data);
break;
case T_A:
- printf("%d.%d.%d.%d\n",
- ((unsigned char*)rr->u.data)[0],
- ((unsigned char*)rr->u.data)[1],
- ((unsigned char*)rr->u.data)[2],
- ((unsigned char*)rr->u.data)[3]);
+ printf("%s\n", inet_ntoa(*rr->u.a));
break;
case T_MX:
case T_AFSDB:{
- struct mx_record *mx = (struct mx_record*)rr->u.data;
- printf("%d %s\n", mx->preference, mx->domain);
+ printf("%d %s\n", rr->u.mx->preference, rr->u.mx->domain);
break;
}
case T_SRV:{
- struct srv_record *srv = (struct srv_record*)rr->u.data;
+ struct srv_record *srv = rr->u.srv;
printf("%d %d %d %s\n", srv->priority, srv->weight,
srv->port, srv->target);
break;
}
+ case T_TXT: {
+ printf("%s\n", rr->u.txt);
+ break;
+ }
+ case T_SIG : {
+ struct sig_record *sig = rr->u.sig;
+ const char *type_string = dns_type_to_string (sig->type);
+
+ printf ("type %u (%s), algorithm %u, labels %u, orig_ttl %u, sig_expiration %u, sig_inception %u, key_tag %u, signer %s\n",
+ sig->type, type_string ? type_string : "",
+ sig->algorithm, sig->labels, sig->orig_ttl,
+ sig->sig_expiration, sig->sig_inception, sig->key_tag,
+ sig->signer);
+ break;
+ }
+ case T_KEY : {
+ struct key_record *key = rr->u.key;
+
+ printf ("flags %u, protocol %u, algorithm %u\n",
+ key->flags, key->protocol, key->algorithm);
+ break;
+ }
default:
printf("\n");
break;
diff --git a/crypto/heimdal/lib/roken/resolve.h b/crypto/heimdal/lib/roken/resolve.h
index c90f6b54ada5..1c2e9a79ff2c 100644
--- a/crypto/heimdal/lib/roken/resolve.h
+++ b/crypto/heimdal/lib/roken/resolve.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: resolve.h,v 1.8 1999/12/02 16:58:52 joda Exp $ */
+/* $Id: resolve.h,v 1.12 2000/10/15 21:28:56 assar Exp $ */
#ifndef __RESOLVE_H__
#define __RESOLVE_H__
@@ -44,12 +44,21 @@
#ifndef T_AFSDB
#define T_AFSDB 18
#endif
+#ifndef T_SIG
+#define T_SIG 24
+#endif
+#ifndef T_KEY
+#define T_KEY 25
+#endif
#ifndef T_SRV
#define T_SRV 33
#endif
#ifndef T_NAPTR
#define T_NAPTR 35
#endif
+#ifndef T_CERT
+#define T_CERT 37
+#endif
struct dns_query{
char *domain;
@@ -69,6 +78,35 @@ struct srv_record{
char target[1];
};
+struct key_record {
+ unsigned flags;
+ unsigned protocol;
+ unsigned algorithm;
+ size_t key_len;
+ u_char key_data[1];
+};
+
+struct sig_record {
+ unsigned type;
+ unsigned algorithm;
+ unsigned labels;
+ unsigned orig_ttl;
+ unsigned sig_expiration;
+ unsigned sig_inception;
+ unsigned key_tag;
+ char *signer;
+ unsigned sig_len;
+ char sig_data[1]; /* also includes signer */
+};
+
+struct cert_record {
+ unsigned type;
+ unsigned tag;
+ unsigned algorithm;
+ size_t cert_len;
+ u_char cert_data[1];
+};
+
struct resource_record{
char *domain;
unsigned type;
@@ -82,6 +120,9 @@ struct resource_record{
struct srv_record *srv;
struct in_addr *a;
char *txt;
+ struct key_record *key;
+ struct cert_record *cert;
+ struct sig_record *sig;
}u;
struct resource_record *next;
};
@@ -99,5 +140,7 @@ struct dns_reply{
struct dns_reply* dns_lookup(const char *, const char *);
void dns_free_data(struct dns_reply *);
+int dns_string_to_type(const char *name);
+const char *dns_type_to_string(int type);
#endif /* __RESOLVE_H__ */
diff --git a/crypto/heimdal/lib/roken/roken-common.h b/crypto/heimdal/lib/roken/roken-common.h
index 8bdc986976c1..2227336d3821 100644
--- a/crypto/heimdal/lib/roken/roken-common.h
+++ b/crypto/heimdal/lib/roken/roken-common.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,11 +31,19 @@
* SUCH DAMAGE.
*/
-/* $Id: roken-common.h,v 1.27 2000/02/14 02:24:44 assar Exp $ */
+/* $Id: roken-common.h,v 1.42 2001/01/29 02:09:09 assar Exp $ */
#ifndef __ROKEN_COMMON_H__
#define __ROKEN_COMMON_H__
+#ifdef __cplusplus
+#define ROKEN_CPP_START extern "C" {
+#define ROKEN_CPP_END }
+#else
+#define ROKEN_CPP_START
+#define ROKEN_CPP_END
+#endif
+
#ifndef INADDR_NONE
#define INADDR_NONE 0xffffffff
#endif
@@ -116,12 +124,20 @@
#define _PATH_HEQUIV "/etc/hosts.equiv"
#endif
+#ifndef _PATH_VARRUN
+#define _PATH_VARRUN "/var/run/"
+#endif
+
+#ifndef _PATH_BSHELL
+#define _PATH_BSHELL "/bin/sh"
+#endif
+
#ifndef MAXPATHLEN
#define MAXPATHLEN (1024+4)
#endif
#ifndef SIG_ERR
-#define SIG_ERR ((RETSIGTYPE (*)())-1)
+#define SIG_ERR ((RETSIGTYPE (*)(int))-1)
#endif
/*
@@ -233,9 +249,11 @@
#define __attribute__(x)
#endif
+ROKEN_CPP_START
+
#if IRIX != 4 /* fix for compiler bug */
#ifdef RETSIGTYPE
-typedef RETSIGTYPE (*SigAction)(/* int??? */);
+typedef RETSIGTYPE (*SigAction)(int);
SigAction signal(int iSig, SigAction pAction); /* BSD compatible */
#endif
#endif
@@ -244,6 +262,7 @@ int ROKEN_LIB_FUNCTION simple_execve(const char*, char*const[], char*const[]);
int ROKEN_LIB_FUNCTION simple_execvp(const char*, char *const[]);
int ROKEN_LIB_FUNCTION simple_execlp(const char*, ...);
int ROKEN_LIB_FUNCTION simple_execle(const char*, ...);
+int ROKEN_LIB_FUNCTION simple_execl(const char *file, ...);
void ROKEN_LIB_FUNCTION print_version(const char *);
@@ -255,6 +274,9 @@ ssize_t ROKEN_LIB_FUNCTION eread (int fd, void *buf, size_t nbytes);
ssize_t ROKEN_LIB_FUNCTION ewrite (int fd, const void *buf, size_t nbytes);
void
+esetenv(const char *var, const char *val, int rewrite);
+
+void
socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port);
size_t
@@ -290,5 +312,19 @@ vstrcollect(va_list *ap);
char **
strcollect(char *first, ...);
+void timevalfix(struct timeval *t1);
+void timevaladd(struct timeval *t1, const struct timeval *t2);
+void timevalsub(struct timeval *t1, const struct timeval *t2);
+
+char *pid_file_write (const char *progname);
+void pid_file_delete (char **);
+
+int
+read_environment(const char *file, char ***env);
+
+void warnerr(int doerrno, const char *fmt, va_list ap)
+ __attribute__ ((format (printf, 2, 0)));
+
+ROKEN_CPP_END
#endif /* __ROKEN_COMMON_H__ */
diff --git a/crypto/heimdal/lib/roken/roken.awk b/crypto/heimdal/lib/roken/roken.awk
index 626fae5906e0..c1676f757708 100644
--- a/crypto/heimdal/lib/roken/roken.awk
+++ b/crypto/heimdal/lib/roken/roken.awk
@@ -1,3 +1,5 @@
+# $Id: roken.awk,v 1.6 2000/08/16 01:56:30 assar Exp $
+
BEGIN {
print "#include <stdio.h>"
print "#ifdef HAVE_CONFIG_H"
@@ -13,8 +15,10 @@ BEGIN {
print "puts(\"\");"
}
END {
+ print "puts(\"#define ROKEN_VERSION \" VERSION );"
+ print "puts(\"\");"
print "puts(\"#endif /* __ROKEN_H__ */\");"
- print "exit(0);"
+ print "return 0;"
print "}"
}
diff --git a/crypto/heimdal/lib/roken/roken.h.in b/crypto/heimdal/lib/roken/roken.h.in
index 3abe6eb951cd..b16ae5d62cda 100644
--- a/crypto/heimdal/lib/roken/roken.h.in
+++ b/crypto/heimdal/lib/roken/roken.h.in
@@ -1,6 +1,6 @@
/* -*- C -*- */
/*
- * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,13 +32,18 @@
* SUCH DAMAGE.
*/
-/* $Id: roken.h.in,v 1.135 2000/02/14 02:24:20 assar Exp $ */
+/* $Id: roken.h.in,v 1.148 2001/01/27 05:28:09 assar Exp $ */
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
#include <signal.h>
+
+#ifdef _AIX
+struct ether_addr;
+struct sockaddr_dl;
+#endif
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
@@ -109,9 +114,6 @@
#include <paths.h>
#endif
-#ifdef __cplusplus
-extern "C" {
-#endif
#ifndef ROKEN_LIB_FUNCTION
#if defined(__BORLANDC__)
@@ -125,6 +127,8 @@ extern "C" {
#include <roken-common.h>
+ROKEN_CPP_START
+
#if !defined(HAVE_SETSID) && defined(HAVE__SETSID)
#define setsid _setsid
#endif
@@ -196,6 +200,10 @@ size_t strnlen(const char*, size_t);
char *strsep(char**, const char*);
#endif
+#if !defined(HAVE_STRSEP_COPY) || defined(NEED_STRSEP_COPY_PROTO)
+ssize_t strsep_copy(const char**, const char*, char*, size_t);
+#endif
+
#ifndef HAVE_STRCASECMP
int strcasecmp(const char *s1, const char *s2);
#endif
@@ -340,6 +348,10 @@ int
mkstemp(char *template);
#endif
+#ifndef HAVE_PIDFILE
+void pidfile (const char*);
+#endif
+
#ifndef HAVE_FLOCK
#ifndef LOCK_SH
#define LOCK_SH 1 /* Shared lock */
@@ -450,7 +462,7 @@ typedef unsigned short sa_family_t;
typedef unsigned char roken_sa_family_t;
-#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof (roken_sa_family_t) - sizeof(unsigned char))
+#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t) - sizeof(unsigned char)) % _SS_ALIGNSIZE)
#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + sizeof(unsigned char) + _SS_PAD1SIZE + _SS_ALIGNSIZE))
struct sockaddr_storage {
@@ -464,7 +476,7 @@ struct sockaddr_storage {
typedef unsigned short roken_sa_family_t;
-#define _SS_PAD1SIZE (_SS_ALIGNSIZE - sizeof (roken_sa_family_t))
+#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t)) % _SS_ALIGNSIZE)
#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + _SS_PAD1SIZE + _SS_ALIGNSIZE))
struct sockaddr_storage {
@@ -521,8 +533,8 @@ getnameinfo_verified(const struct sockaddr *sa, socklen_t salen,
char *serv, size_t servlen,
int flags);
-int
-roken_getaddrinfo_hostspec(const char *, int, struct addrinfo **);
+int roken_getaddrinfo_hostspec(const char *, int, struct addrinfo **);
+int roken_getaddrinfo_hostspec2(const char *, int, int, struct addrinfo **);
#ifndef HAVE_STRFTIME
size_t
@@ -569,8 +581,13 @@ struct hostent* roken_gethostbyaddr(const void*, size_t, int);
#define roken_openlog(a,b,c) openlog((char *)a,b,c)
#endif
+#ifdef GETSOCKNAME_PROTO_COMPATIBLE
+#define roken_getsockname(a,b,c) getsockname(a,b,c)
+#else
+#define roken_getsockname(a,b,c) getsockname(a, b, (void*)c)
+#endif
+
void set_progname(char *argv0);
+const char *get_progname(void);
-#ifdef __cplusplus
-}
-#endif
+ROKEN_CPP_END
diff --git a/crypto/heimdal/lib/roken/rtbl.c b/crypto/heimdal/lib/roken/rtbl.c
new file mode 100644
index 000000000000..098b601f5107
--- /dev/null
+++ b/crypto/heimdal/lib/roken/rtbl.c
@@ -0,0 +1,278 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID ("$Id: rtbl.c,v 1.3 2000/07/20 14:42:31 assar Exp $");
+#endif
+#include "roken.h"
+#include "rtbl.h"
+
+struct column_entry {
+ char *data;
+};
+
+struct column_data {
+ char *header;
+ char *prefix;
+ int width;
+ unsigned flags;
+ size_t num_rows;
+ struct column_entry *rows;
+};
+
+struct rtbl_data {
+ char *column_prefix;
+ size_t num_columns;
+ struct column_data **columns;
+};
+
+rtbl_t
+rtbl_create (void)
+{
+ return calloc (1, sizeof (struct rtbl_data));
+}
+
+static struct column_data *
+rtbl_get_column (rtbl_t table, const char *column)
+{
+ int i;
+ for(i = 0; i < table->num_columns; i++)
+ if(strcmp(table->columns[i]->header, column) == 0)
+ return table->columns[i];
+ return NULL;
+}
+
+void
+rtbl_destroy (rtbl_t table)
+{
+ int i, j;
+
+ for (i = 0; i < table->num_columns; i++) {
+ struct column_data *c = table->columns[i];
+
+ for (j = 0; j < c->num_rows; j++)
+ free (c->rows[j].data);
+ free (c->header);
+ free (c->prefix);
+ free (c);
+ }
+ free (table->column_prefix);
+ free (table->columns);
+}
+
+int
+rtbl_add_column (rtbl_t table, const char *header, unsigned int flags)
+{
+ struct column_data *col, **tmp;
+
+ tmp = realloc (table->columns, (table->num_columns + 1) * sizeof (*tmp));
+ if (tmp == NULL)
+ return ENOMEM;
+ table->columns = tmp;
+ col = malloc (sizeof (*col));
+ if (col == NULL)
+ return ENOMEM;
+ col->header = strdup (header);
+ if (col->header == NULL) {
+ free (col);
+ return ENOMEM;
+ }
+ col->prefix = NULL;
+ col->width = 0;
+ col->flags = flags;
+ col->num_rows = 0;
+ col->rows = NULL;
+ table->columns[table->num_columns++] = col;
+ return 0;
+}
+
+static void
+column_compute_width (struct column_data *column)
+{
+ int i;
+
+ column->width = strlen (column->header);
+ for (i = 0; i < column->num_rows; i++)
+ column->width = max (column->width, strlen (column->rows[i].data));
+}
+
+int
+rtbl_set_prefix (rtbl_t table, const char *prefix)
+{
+ if (table->column_prefix)
+ free (table->column_prefix);
+ table->column_prefix = strdup (prefix);
+ if (table->column_prefix == NULL)
+ return ENOMEM;
+ return 0;
+}
+
+int
+rtbl_set_column_prefix (rtbl_t table, const char *column,
+ const char *prefix)
+{
+ struct column_data *c = rtbl_get_column (table, column);
+
+ if (c == NULL)
+ return -1;
+ if (c->prefix)
+ free (c->prefix);
+ c->prefix = strdup (prefix);
+ if (c->prefix == NULL)
+ return ENOMEM;
+ return 0;
+}
+
+
+static const char *
+get_column_prefix (rtbl_t table, struct column_data *c)
+{
+ if (c == NULL)
+ return "";
+ if (c->prefix)
+ return c->prefix;
+ if (table->column_prefix)
+ return table->column_prefix;
+ return "";
+}
+
+int
+rtbl_add_column_entry (rtbl_t table, const char *column, const char *data)
+{
+ struct column_entry row, *tmp;
+
+ struct column_data *c = rtbl_get_column (table, column);
+
+ if (c == NULL)
+ return -1;
+
+ row.data = strdup (data);
+ if (row.data == NULL)
+ return ENOMEM;
+ tmp = realloc (c->rows, (c->num_rows + 1) * sizeof (*tmp));
+ if (tmp == NULL) {
+ free (row.data);
+ return ENOMEM;
+ }
+ c->rows = tmp;
+ c->rows[c->num_rows++] = row;
+ return 0;
+}
+
+int
+rtbl_format (rtbl_t table, FILE * f)
+{
+ int i, j;
+
+ for (i = 0; i < table->num_columns; i++)
+ column_compute_width (table->columns[i]);
+ for (i = 0; i < table->num_columns; i++) {
+ struct column_data *c = table->columns[i];
+
+ fprintf (f, "%s", get_column_prefix (table, c));
+ fprintf (f, "%-*s", (int)c->width, c->header);
+ }
+ fprintf (f, "\n");
+
+ for (j = 0;; j++) {
+ int flag = 0;
+
+ for (i = 0; flag == 0 && i < table->num_columns; ++i) {
+ struct column_data *c = table->columns[i];
+
+ if (c->num_rows > j) {
+ ++flag;
+ break;
+ }
+ }
+ if (flag == 0)
+ break;
+
+ for (i = 0; i < table->num_columns; i++) {
+ int w;
+ struct column_data *c = table->columns[i];
+
+ w = c->width;
+
+ if ((c->flags & RTBL_ALIGN_RIGHT) == 0)
+ w = -w;
+ fprintf (f, "%s", get_column_prefix (table, c));
+ if (c->num_rows <= j)
+ fprintf (f, "%*s", w, "");
+ else
+ fprintf (f, "%*s", w, c->rows[j].data);
+ }
+ fprintf (f, "\n");
+ }
+ return 0;
+}
+
+#ifdef TEST
+int
+main (int argc, char **argv)
+{
+ rtbl_t table;
+ unsigned int a, b, c, d;
+
+ table = rtbl_create ();
+ rtbl_add_column (table, "Issued", 0, &a);
+ rtbl_add_column (table, "Expires", 0, &b);
+ rtbl_add_column (table, "Foo", RTBL_ALIGN_RIGHT, &d);
+ rtbl_add_column (table, "Principal", 0, &c);
+
+ rtbl_add_column_entry (table, a, "Jul 7 21:19:29");
+ rtbl_add_column_entry (table, b, "Jul 8 07:19:29");
+ rtbl_add_column_entry (table, d, "73");
+ rtbl_add_column_entry (table, d, "0");
+ rtbl_add_column_entry (table, d, "-2000");
+ rtbl_add_column_entry (table, c, "krbtgt/NADA.KTH.SE@NADA.KTH.SE");
+
+ rtbl_add_column_entry (table, a, "Jul 7 21:19:29");
+ rtbl_add_column_entry (table, b, "Jul 8 07:19:29");
+ rtbl_add_column_entry (table, c, "afs/pdc.kth.se@NADA.KTH.SE");
+
+ rtbl_add_column_entry (table, a, "Jul 7 21:19:29");
+ rtbl_add_column_entry (table, b, "Jul 8 07:19:29");
+ rtbl_add_column_entry (table, c, "afs@NADA.KTH.SE");
+
+ rtbl_set_prefix (table, " ");
+ rtbl_set_column_prefix (table, a, "");
+
+ rtbl_format (table, stdout);
+
+ rtbl_destroy (table);
+
+}
+
+#endif
diff --git a/crypto/heimdal/lib/roken/rtbl.h b/crypto/heimdal/lib/roken/rtbl.h
new file mode 100644
index 000000000000..16496a7fd205
--- /dev/null
+++ b/crypto/heimdal/lib/roken/rtbl.h
@@ -0,0 +1,57 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifndef __rtbl_h__
+#define __rtbl_h__
+
+struct rtbl_data;
+typedef struct rtbl_data *rtbl_t;
+
+#define RTBL_ALIGN_LEFT 0
+#define RTBL_ALIGN_RIGHT 1
+
+rtbl_t rtbl_create (void);
+
+void rtbl_destroy (rtbl_t);
+
+int rtbl_set_prefix (rtbl_t, const char*);
+
+int rtbl_set_column_prefix (rtbl_t, const char*, const char*);
+
+int rtbl_add_column (rtbl_t, const char*, unsigned int);
+
+int rtbl_add_column_entry (rtbl_t, const char*, const char*);
+
+int rtbl_format (rtbl_t, FILE*);
+
+#endif /* __rtbl_h__ */
diff --git a/crypto/heimdal/lib/roken/signal.c b/crypto/heimdal/lib/roken/signal.c
index 85f36ee33d04..1d482a0e3d80 100644
--- a/crypto/heimdal/lib/roken/signal.c
+++ b/crypto/heimdal/lib/roken/signal.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,11 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: signal.c,v 1.10 1999/12/14 01:37:58 assar Exp $");
+RCSID("$Id: signal.c,v 1.12 2000/07/08 12:39:06 assar Exp $");
#endif
#include <signal.h>
+#include "roken.h"
/*
* We would like to always use this signal but there is a link error
@@ -49,8 +50,6 @@ RCSID("$Id: signal.c,v 1.10 1999/12/14 01:37:58 assar Exp $");
* Do we need any extra hacks for SIGCLD and/or SIGCHLD?
*/
-typedef RETSIGTYPE (*SigAction)(/* int??? */);
-
SigAction
signal(int iSig, SigAction pAction)
{
diff --git a/crypto/heimdal/lib/roken/simple_exec.c b/crypto/heimdal/lib/roken/simple_exec.c
index 4aa22fafd4cb..c7e22d91424c 100644
--- a/crypto/heimdal/lib/roken/simple_exec.c
+++ b/crypto/heimdal/lib/roken/simple_exec.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: simple_exec.c,v 1.7 2000/01/09 10:58:51 assar Exp $");
+RCSID("$Id: simple_exec.c,v 1.8 2000/11/05 16:41:06 joda Exp $");
#endif
#include <stdarg.h>
@@ -148,3 +148,20 @@ simple_execle(const char *file, ... /* ,char *const envp[] */)
free(argv);
return ret;
}
+
+int
+simple_execl(const char *file, ...)
+{
+ va_list ap;
+ char **argv;
+ int ret;
+
+ va_start(ap, file);
+ argv = vstrcollect(&ap);
+ va_end(ap);
+ if(argv == NULL)
+ return -1;
+ ret = simple_execve(file, argv, environ);
+ free(argv);
+ return ret;
+}
diff --git a/crypto/heimdal/lib/roken/snprintf.c b/crypto/heimdal/lib/roken/snprintf.c
index 4f69e66f43a7..205dc5891ade 100644
--- a/crypto/heimdal/lib/roken/snprintf.c
+++ b/crypto/heimdal/lib/roken/snprintf.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: snprintf.c,v 1.25 2000/02/16 01:38:52 assar Exp $");
+RCSID("$Id: snprintf.c,v 1.28 2000/12/15 14:04:42 joda Exp $");
#endif
#include <stdio.h>
#include <stdarg.h>
@@ -214,28 +214,31 @@ append_string (struct state *state,
int prec,
int flags)
{
- if(prec != -1)
- width -= prec;
- else
- width -= strlen((char *)arg);
- if(!(flags & minus_flag))
- while(width-- > 0)
- if((*state->append_char) (state, ' '))
- return 1;
- if (prec != -1) {
- while (*arg && prec--)
- if ((*state->append_char) (state, *arg++))
- return 1;
- } else {
- while (*arg)
- if ((*state->append_char) (state, *arg++))
- return 1;
- }
- if(flags & minus_flag)
- while(width-- > 0)
- if((*state->append_char) (state, ' '))
- return 1;
- return 0;
+ if(arg == NULL)
+ arg = (unsigned char*)"(null)";
+
+ if(prec != -1)
+ width -= prec;
+ else
+ width -= strlen((char *)arg);
+ if(!(flags & minus_flag))
+ while(width-- > 0)
+ if((*state->append_char) (state, ' '))
+ return 1;
+ if (prec != -1) {
+ while (*arg && prec--)
+ if ((*state->append_char) (state, *arg++))
+ return 1;
+ } else {
+ while (*arg)
+ if ((*state->append_char) (state, *arg++))
+ return 1;
+ }
+ if(flags & minus_flag)
+ while(width-- > 0)
+ if((*state->append_char) (state, ' '))
+ return 1;
+ return 0;
}
static int
diff --git a/crypto/heimdal/lib/roken/socket.c b/crypto/heimdal/lib/roken/socket.c
index 6e9c3dfe9b0a..d8463d55dc43 100644
--- a/crypto/heimdal/lib/roken/socket.c
+++ b/crypto/heimdal/lib/roken/socket.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,28 +33,10 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: socket.c,v 1.3 1999/12/02 16:58:52 joda Exp $");
-#endif
-
-#include <string.h>
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
+RCSID("$Id: socket.c,v 1.5 2000/07/27 04:41:06 assar Exp $");
#endif
#include <roken.h>
-
#include <err.h>
/*
@@ -246,9 +228,9 @@ socket_set_port (struct sockaddr *sa, int port)
void
socket_set_debug (int sock)
{
+#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
int on = 1;
-#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
if (setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)) < 0)
warn ("setsockopt SO_DEBUG (ignored)");
#endif
diff --git a/crypto/heimdal/lib/roken/strftime.c b/crypto/heimdal/lib/roken/strftime.c
index b90614bb4c4e..6056073db3b6 100644
--- a/crypto/heimdal/lib/roken/strftime.c
+++ b/crypto/heimdal/lib/roken/strftime.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -35,7 +35,7 @@
#endif
#include "roken.h"
-RCSID("$Id: strftime.c,v 1.10 1999/11/13 04:18:33 assar Exp $");
+RCSID("$Id: strftime.c,v 1.11 2000/07/08 14:22:12 assar Exp $");
static const char *abb_weekdays[] = {
"Sun",
diff --git a/crypto/heimdal/lib/roken/strsep_copy.c b/crypto/heimdal/lib/roken/strsep_copy.c
new file mode 100644
index 000000000000..f09702234c75
--- /dev/null
+++ b/crypto/heimdal/lib/roken/strsep_copy.c
@@ -0,0 +1,67 @@
+/*
+ * Copyright (c) 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: strsep_copy.c,v 1.3 2000/06/29 03:13:36 assar Exp $");
+#endif
+
+#include <string.h>
+
+#include "roken.h"
+
+#ifndef HAVE_STRSEP_COPY
+
+/* strsep, but with const stringp, so return string in buf */
+
+ssize_t
+strsep_copy(const char **stringp, const char *delim, char *buf, size_t len)
+{
+ const char *save = *stringp;
+ size_t l;
+ if(save == NULL)
+ return -1;
+ *stringp = *stringp + strcspn(*stringp, delim);
+ l = min(len, *stringp - save);
+ memcpy(buf, save, l);
+ buf[l] = '\0';
+
+ l = *stringp - save;
+ if(**stringp == '\0')
+ *stringp = NULL;
+ else
+ (*stringp)++;
+ return l;
+}
+
+#endif
diff --git a/crypto/heimdal/lib/roken/timeval.c b/crypto/heimdal/lib/roken/timeval.c
new file mode 100644
index 000000000000..ea4dee861810
--- /dev/null
+++ b/crypto/heimdal/lib/roken/timeval.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/*
+ * Timeval stuff
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: timeval.c,v 1.1 2000/03/03 09:02:42 assar Exp $");
+#endif
+
+#include "roken.h"
+
+/*
+ * Make `t1' consistent.
+ */
+
+void
+timevalfix(struct timeval *t1)
+{
+ if (t1->tv_usec < 0) {
+ t1->tv_sec--;
+ t1->tv_usec += 1000000;
+ }
+ if (t1->tv_usec >= 1000000) {
+ t1->tv_sec++;
+ t1->tv_usec -= 1000000;
+ }
+}
+
+/*
+ * t1 += t2
+ */
+
+void
+timevaladd(struct timeval *t1, const struct timeval *t2)
+{
+ t1->tv_sec += t2->tv_sec;
+ t1->tv_usec += t2->tv_usec;
+ timevalfix(t1);
+}
+
+/*
+ * t1 -= t2
+ */
+
+void
+timevalsub(struct timeval *t1, const struct timeval *t2)
+{
+ t1->tv_sec -= t2->tv_sec;
+ t1->tv_usec -= t2->tv_usec;
+ timevalfix(t1);
+}
diff --git a/crypto/heimdal/lib/roken/unvis.c b/crypto/heimdal/lib/roken/unvis.c
new file mode 100644
index 000000000000..363564c04966
--- /dev/null
+++ b/crypto/heimdal/lib/roken/unvis.c
@@ -0,0 +1,288 @@
+/* $NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $ */
+
+/*-
+ * Copyright (c) 1989, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#if 1
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: unvis.c,v 1.2 2000/12/06 21:41:46 joda Exp $");
+#endif
+#include <roken.h>
+#ifndef _DIAGASSERT
+#define _DIAGASSERT(X)
+#endif
+#else
+#include <sys/cdefs.h>
+#if defined(LIBC_SCCS) && !defined(lint)
+#if 0
+static char sccsid[] = "@(#)unvis.c 8.1 (Berkeley) 6/4/93";
+#else
+__RCSID("$NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $");
+#endif
+#endif /* LIBC_SCCS and not lint */
+
+#define __LIBC12_SOURCE__
+
+#include "namespace.h"
+#endif
+#include <sys/types.h>
+
+#include <assert.h>
+#include <ctype.h>
+#include <stdio.h>
+#include <vis.h>
+
+#if 0
+#ifdef __weak_alias
+__weak_alias(strunvis,_strunvis)
+__weak_alias(unvis,_unvis)
+#endif
+
+__warn_references(unvis,
+ "warning: reference to compatibility unvis(); include <vis.h> for correct reference")
+#endif
+
+/*
+ * decode driven by state machine
+ */
+#define S_GROUND 0 /* haven't seen escape char */
+#define S_START 1 /* start decoding special sequence */
+#define S_META 2 /* metachar started (M) */
+#define S_META1 3 /* metachar more, regular char (-) */
+#define S_CTRL 4 /* control char started (^) */
+#define S_OCTAL2 5 /* octal digit 2 */
+#define S_OCTAL3 6 /* octal digit 3 */
+
+#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7')
+
+/*
+ * unvis - decode characters previously encoded by vis
+ */
+#ifndef HAVE_UNVIS
+int
+unvis(char *cp, int c, int *astate, int flag)
+{
+
+ _DIAGASSERT(cp != NULL);
+ _DIAGASSERT(astate != NULL);
+
+ if (flag & UNVIS_END) {
+ if (*astate == S_OCTAL2 || *astate == S_OCTAL3) {
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ }
+ return (*astate == S_GROUND ? UNVIS_NOCHAR : UNVIS_SYNBAD);
+ }
+
+ switch (*astate) {
+
+ case S_GROUND:
+ *cp = 0;
+ if (c == '\\') {
+ *astate = S_START;
+ return (0);
+ }
+ *cp = c;
+ return (UNVIS_VALID);
+
+ case S_START:
+ switch(c) {
+ case '\\':
+ *cp = c;
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case '0': case '1': case '2': case '3':
+ case '4': case '5': case '6': case '7':
+ *cp = (c - '0');
+ *astate = S_OCTAL2;
+ return (0);
+ case 'M':
+ *cp = (char)0200;
+ *astate = S_META;
+ return (0);
+ case '^':
+ *astate = S_CTRL;
+ return (0);
+ case 'n':
+ *cp = '\n';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 'r':
+ *cp = '\r';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 'b':
+ *cp = '\b';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 'a':
+ *cp = '\007';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 'v':
+ *cp = '\v';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 't':
+ *cp = '\t';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 'f':
+ *cp = '\f';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 's':
+ *cp = ' ';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case 'E':
+ *cp = '\033';
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+ case '\n':
+ /*
+ * hidden newline
+ */
+ *astate = S_GROUND;
+ return (UNVIS_NOCHAR);
+ case '$':
+ /*
+ * hidden marker
+ */
+ *astate = S_GROUND;
+ return (UNVIS_NOCHAR);
+ }
+ *astate = S_GROUND;
+ return (UNVIS_SYNBAD);
+
+ case S_META:
+ if (c == '-')
+ *astate = S_META1;
+ else if (c == '^')
+ *astate = S_CTRL;
+ else {
+ *astate = S_GROUND;
+ return (UNVIS_SYNBAD);
+ }
+ return (0);
+
+ case S_META1:
+ *astate = S_GROUND;
+ *cp |= c;
+ return (UNVIS_VALID);
+
+ case S_CTRL:
+ if (c == '?')
+ *cp |= 0177;
+ else
+ *cp |= c & 037;
+ *astate = S_GROUND;
+ return (UNVIS_VALID);
+
+ case S_OCTAL2: /* second possible octal digit */
+ if (isoctal(c)) {
+ /*
+ * yes - and maybe a third
+ */
+ *cp = (*cp << 3) + (c - '0');
+ *astate = S_OCTAL3;
+ return (0);
+ }
+ /*
+ * no - done with current sequence, push back passed char
+ */
+ *astate = S_GROUND;
+ return (UNVIS_VALIDPUSH);
+
+ case S_OCTAL3: /* third possible octal digit */
+ *astate = S_GROUND;
+ if (isoctal(c)) {
+ *cp = (*cp << 3) + (c - '0');
+ return (UNVIS_VALID);
+ }
+ /*
+ * we were done, push back passed char
+ */
+ return (UNVIS_VALIDPUSH);
+
+ default:
+ /*
+ * decoder in unknown state - (probably uninitialized)
+ */
+ *astate = S_GROUND;
+ return (UNVIS_SYNBAD);
+ }
+}
+#endif
+
+/*
+ * strunvis - decode src into dst
+ *
+ * Number of chars decoded into dst is returned, -1 on error.
+ * Dst is null terminated.
+ */
+
+#ifndef HAVE_STRUNVIS
+int
+strunvis(char *dst, const char *src)
+{
+ char c;
+ char *start = dst;
+ int state = 0;
+
+ _DIAGASSERT(src != NULL);
+ _DIAGASSERT(dst != NULL);
+
+ while ((c = *src++) != '\0') {
+ again:
+ switch (unvis(dst, c, &state, 0)) {
+ case UNVIS_VALID:
+ dst++;
+ break;
+ case UNVIS_VALIDPUSH:
+ dst++;
+ goto again;
+ case 0:
+ case UNVIS_NOCHAR:
+ break;
+ default:
+ return (-1);
+ }
+ }
+ if (unvis(dst, c, &state, UNVIS_END) == UNVIS_VALID)
+ dst++;
+ *dst = '\0';
+ return (dst - start);
+}
+#endif
diff --git a/crypto/heimdal/lib/roken/verr.c b/crypto/heimdal/lib/roken/verr.c
index 511e6402e030..67b4512c9d6b 100644
--- a/crypto/heimdal/lib/roken/verr.c
+++ b/crypto/heimdal/lib/roken/verr.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,11 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: verr.c,v 1.8 1999/12/02 16:58:53 joda Exp $");
+RCSID("$Id: verr.c,v 1.10 2001/01/25 12:41:39 assar Exp $");
#endif
-#include "err.h"
+#include "roken.h"
+#include <err.h>
void
verr(int eval, const char *fmt, va_list ap)
diff --git a/crypto/heimdal/lib/roken/verrx.c b/crypto/heimdal/lib/roken/verrx.c
index f4578d322bc7..5df5c8ddf8b0 100644
--- a/crypto/heimdal/lib/roken/verrx.c
+++ b/crypto/heimdal/lib/roken/verrx.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,11 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: verrx.c,v 1.8 1999/12/02 16:58:53 joda Exp $");
+RCSID("$Id: verrx.c,v 1.10 2001/01/25 12:41:39 assar Exp $");
#endif
-#include "err.h"
+#include "roken.h"
+#include <err.h>
void
verrx(int eval, const char *fmt, va_list ap)
diff --git a/crypto/heimdal/lib/roken/vis.c b/crypto/heimdal/lib/roken/vis.c
new file mode 100644
index 000000000000..82a6ba5d006e
--- /dev/null
+++ b/crypto/heimdal/lib/roken/vis.c
@@ -0,0 +1,301 @@
+/* $NetBSD: vis.c,v 1.19 2000/01/22 22:42:45 mycroft Exp $ */
+
+/*-
+ * Copyright (c) 1999 The NetBSD Foundation, Inc.
+ * Copyright (c) 1989, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+
+#if 1
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: vis.c,v 1.3 2000/12/10 23:10:48 assar Exp $");
+#endif
+#include <roken.h>
+#ifndef _DIAGASSERT
+#define _DIAGASSERT(X)
+#endif
+#else
+#include <sys/cdefs.h>
+#if !defined(lint)
+__RCSID("$NetBSD: vis.c,v 1.19 2000/01/22 22:42:45 mycroft Exp $");
+#endif /* not lint */
+#endif
+
+#if 0
+#include "namespace.h"
+#endif
+#include <sys/types.h>
+
+#include <assert.h>
+#include <ctype.h>
+#include <limits.h>
+#include <stdio.h>
+#include <string.h>
+#include <vis.h>
+
+#if 0
+#ifdef __weak_alias
+__weak_alias(strsvis,_strsvis)
+__weak_alias(strsvisx,_strsvisx)
+__weak_alias(strvis,_strvis)
+__weak_alias(strvisx,_strvisx)
+__weak_alias(svis,_svis)
+__weak_alias(vis,_vis)
+#endif
+#endif
+
+#undef BELL
+#if defined(__STDC__)
+#define BELL '\a'
+#else
+#define BELL '\007'
+#endif
+
+#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7')
+#define iswhite(c) (c == ' ' || c == '\t' || c == '\n')
+#define issafe(c) (c == '\b' || c == BELL || c == '\r')
+
+#define MAXEXTRAS 5
+
+
+#define MAKEEXTRALIST(flag, extra) \
+do { \
+ char *pextra = extra; \
+ if (flag & VIS_SP) *pextra++ = ' '; \
+ if (flag & VIS_TAB) *pextra++ = '\t'; \
+ if (flag & VIS_NL) *pextra++ = '\n'; \
+ if ((flag & VIS_NOSLASH) == 0) *pextra++ = '\\'; \
+ *pextra = '\0'; \
+} while (/*CONSTCOND*/0)
+
+/*
+ * This is SVIS, the central macro of vis.
+ * dst: Pointer to the destination buffer
+ * c: Character to encode
+ * flag: Flag word
+ * nextc: The character following 'c'
+ * extra: Pointer to the list of extra characters to be
+ * backslash-protected.
+ */
+#define SVIS(dst, c, flag, nextc, extra) \
+do { \
+ int isextra, isc; \
+ isextra = strchr(extra, c) != NULL; \
+ if (!isextra && isascii(c) && (isgraph(c) || iswhite(c) || \
+ ((flag & VIS_SAFE) && issafe(c)))) { \
+ *dst++ = c; \
+ break; \
+ } \
+ isc = 0; \
+ if (flag & VIS_CSTYLE) { \
+ switch (c) { \
+ case '\n': \
+ isc = 1; *dst++ = '\\'; *dst++ = 'n'; \
+ break; \
+ case '\r': \
+ isc = 1; *dst++ = '\\'; *dst++ = 'r'; \
+ break; \
+ case '\b': \
+ isc = 1; *dst++ = '\\'; *dst++ = 'b'; \
+ break; \
+ case BELL: \
+ isc = 1; *dst++ = '\\'; *dst++ = 'a'; \
+ break; \
+ case '\v': \
+ isc = 1; *dst++ = '\\'; *dst++ = 'v'; \
+ break; \
+ case '\t': \
+ isc = 1; *dst++ = '\\'; *dst++ = 't'; \
+ break; \
+ case '\f': \
+ isc = 1; *dst++ = '\\'; *dst++ = 'f'; \
+ break; \
+ case ' ': \
+ isc = 1; *dst++ = '\\'; *dst++ = 's'; \
+ break; \
+ case '\0': \
+ isc = 1; *dst++ = '\\'; *dst++ = '0'; \
+ if (isoctal(nextc)) { \
+ *dst++ = '0'; \
+ *dst++ = '0'; \
+ } \
+ } \
+ } \
+ if (isc) break; \
+ if (isextra || ((c & 0177) == ' ') || (flag & VIS_OCTAL)) { \
+ *dst++ = '\\'; \
+ *dst++ = (u_char)(((unsigned)(u_char)c >> 6) & 03) + '0'; \
+ *dst++ = (u_char)(((unsigned)(u_char)c >> 3) & 07) + '0'; \
+ *dst++ = (c & 07) + '0'; \
+ } else { \
+ if ((flag & VIS_NOSLASH) == 0) *dst++ = '\\'; \
+ if (c & 0200) { \
+ c &= 0177; *dst++ = 'M'; \
+ } \
+ if (iscntrl(c)) { \
+ *dst++ = '^'; \
+ if (c == 0177) \
+ *dst++ = '?'; \
+ else \
+ *dst++ = c + '@'; \
+ } else { \
+ *dst++ = '-'; *dst++ = c; \
+ } \
+ } \
+} while (/*CONSTCOND*/0)
+
+
+/*
+ * svis - visually encode characters, also encoding the characters
+ * pointed to by `extra'
+ */
+#ifndef HAVE_SVIS
+char *
+svis(char *dst, int c, int flag, int nextc, const char *extra)
+{
+ _DIAGASSERT(dst != NULL);
+ _DIAGASSERT(extra != NULL);
+
+ SVIS(dst, c, flag, nextc, extra);
+ *dst = '\0';
+ return(dst);
+}
+#endif
+
+
+/*
+ * strsvis, strsvisx - visually encode characters from src into dst
+ *
+ * Extra is a pointer to a \0-terminated list of characters to
+ * be encoded, too. These functions are useful e. g. to
+ * encode strings in such a way so that they are not interpreted
+ * by a shell.
+ *
+ * Dst must be 4 times the size of src to account for possible
+ * expansion. The length of dst, not including the trailing NULL,
+ * is returned.
+ *
+ * Strsvisx encodes exactly len bytes from src into dst.
+ * This is useful for encoding a block of data.
+ */
+#ifndef HAVE_STRSVIS
+int
+strsvis(char *dst, const char *src, int flag, const char *extra)
+{
+ char c;
+ char *start;
+
+ _DIAGASSERT(dst != NULL);
+ _DIAGASSERT(src != NULL);
+ _DIAGASSERT(extra != NULL);
+
+ for (start = dst; (c = *src++) != '\0'; /* empty */)
+ SVIS(dst, c, flag, *src, extra);
+ *dst = '\0';
+ return (dst - start);
+}
+#endif
+
+
+#ifndef HAVE_STRVISX
+int
+strsvisx(char *dst, const char *src, size_t len, int flag, const char *extra)
+{
+ char c;
+ char *start;
+
+ _DIAGASSERT(dst != NULL);
+ _DIAGASSERT(src != NULL);
+ _DIAGASSERT(extra != NULL);
+
+ for (start = dst; len > 0; len--) {
+ c = *src++;
+ SVIS(dst, c, flag, len ? *src : '\0', extra);
+ }
+ *dst = '\0';
+ return (dst - start);
+}
+#endif
+
+
+/*
+ * vis - visually encode characters
+ */
+#ifndef HAVE_VIS
+char *
+vis(char *dst, int c, int flag, int nextc)
+{
+ char extra[MAXEXTRAS];
+
+ _DIAGASSERT(dst != NULL);
+
+ MAKEEXTRALIST(flag, extra);
+ SVIS(dst, c, flag, nextc, extra);
+ *dst = '\0';
+ return (dst);
+}
+#endif
+
+
+/*
+ * strvis, strvisx - visually encode characters from src into dst
+ *
+ * Dst must be 4 times the size of src to account for possible
+ * expansion. The length of dst, not including the trailing NULL,
+ * is returned.
+ *
+ * Strvisx encodes exactly len bytes from src into dst.
+ * This is useful for encoding a block of data.
+ */
+#ifndef HAVE_STRVIS
+int
+strvis(char *dst, const char *src, int flag)
+{
+ char extra[MAXEXTRAS];
+
+ MAKEEXTRALIST(flag, extra);
+ return (strsvis(dst, src, flag, extra));
+}
+#endif
+
+
+#ifndef HAVE_STRVISX
+int
+strvisx(char *dst, const char *src, size_t len, int flag)
+{
+ char extra[MAXEXTRAS];
+
+ MAKEEXTRALIST(flag, extra);
+ return (strsvisx(dst, src, len, flag, extra));
+}
+#endif
diff --git a/crypto/heimdal/lib/roken/vis.hin b/crypto/heimdal/lib/roken/vis.hin
new file mode 100644
index 000000000000..a9d09da95829
--- /dev/null
+++ b/crypto/heimdal/lib/roken/vis.hin
@@ -0,0 +1,86 @@
+/* $NetBSD: vis.h,v 1.11 1999/11/25 16:55:50 wennmach Exp $ */
+/* $Id: vis.hin,v 1.1 2000/12/06 21:35:47 joda Exp $ */
+
+/*-
+ * Copyright (c) 1990, 1993
+ * The Regents of the University of California. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the University of
+ * California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * @(#)vis.h 8.1 (Berkeley) 6/2/93
+ */
+
+#ifndef _VIS_H_
+#define _VIS_H_
+
+/*
+ * to select alternate encoding format
+ */
+#define VIS_OCTAL 0x01 /* use octal \ddd format */
+#define VIS_CSTYLE 0x02 /* use \[nrft0..] where appropiate */
+
+/*
+ * to alter set of characters encoded (default is to encode all
+ * non-graphic except space, tab, and newline).
+ */
+#define VIS_SP 0x04 /* also encode space */
+#define VIS_TAB 0x08 /* also encode tab */
+#define VIS_NL 0x10 /* also encode newline */
+#define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL)
+#define VIS_SAFE 0x20 /* only encode "unsafe" characters */
+
+/*
+ * other
+ */
+#define VIS_NOSLASH 0x40 /* inhibit printing '\' */
+
+/*
+ * unvis return codes
+ */
+#define UNVIS_VALID 1 /* character valid */
+#define UNVIS_VALIDPUSH 2 /* character valid, push back passed char */
+#define UNVIS_NOCHAR 3 /* valid sequence, no character produced */
+#define UNVIS_SYNBAD -1 /* unrecognized escape sequence */
+#define UNVIS_ERROR -2 /* decoder in unknown state (unrecoverable) */
+
+/*
+ * unvis flags
+ */
+#define UNVIS_END 1 /* no more characters */
+
+char *vis (char *, int, int, int);
+char *svis (char *, int, int, int, const char *);
+int strvis (char *, const char *, int);
+int strsvis (char *, const char *, int, const char *);
+int strvisx (char *, const char *, size_t, int);
+int strsvisx (char *, const char *, size_t, int, const char *);
+int strunvis (char *, const char *);
+int unvis (char *, int, int *, int);
+
+#endif /* !_VIS_H_ */
diff --git a/crypto/heimdal/lib/roken/vsyslog.c b/crypto/heimdal/lib/roken/vsyslog.c
index 22e6a35a80c0..c72cf3373eec 100644
--- a/crypto/heimdal/lib/roken/vsyslog.c
+++ b/crypto/heimdal/lib/roken/vsyslog.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: vsyslog.c,v 1.3 1999/12/02 16:58:54 joda Exp $");
+RCSID("$Id: vsyslog.c,v 1.6 2000/05/22 22:09:25 assar Exp $");
#endif
#ifndef HAVE_VSYSLOG
@@ -44,14 +44,72 @@ RCSID("$Id: vsyslog.c,v 1.3 1999/12/02 16:58:54 joda Exp $");
#include "roken.h"
+/*
+ * the theory behind this is that we might be trying to call vsyslog
+ * when there's no memory left, and we should try to be as useful as
+ * possible. And the format string should say something about what's
+ * failing.
+ */
+
+static void
+simple_vsyslog(int pri, const char *fmt, va_list ap)
+{
+ syslog (pri, "%s", fmt);
+}
+
+/*
+ * do like syslog but with a `va_list'
+ */
+
void
vsyslog(int pri, const char *fmt, va_list ap)
{
- char *p;
+ char *fmt2;
+ const char *p;
+ char *p2;
+ int saved_errno = errno;
+ int fmt_len = strlen (fmt);
+ int fmt2_len = fmt_len;
+ char *buf;
- vasprintf (&p, fmt, ap);
- syslog (pri, "%s", p);
- free (p);
-}
+ fmt2 = malloc (fmt_len + 1);
+ if (fmt2 == NULL) {
+ simple_vsyslog (pri, fmt, ap);
+ return;
+ }
+ for (p = fmt, p2 = fmt2; *p != '\0'; ++p) {
+ if (p[0] == '%' && p[1] == 'm') {
+ const char *e = strerror (saved_errno);
+ int e_len = strlen (e);
+ char *tmp;
+ int pos;
+
+ pos = p2 - fmt2;
+ fmt2_len += e_len - 2;
+ tmp = realloc (fmt2, fmt2_len + 1);
+ if (tmp == NULL) {
+ free (fmt2);
+ simple_vsyslog (pri, fmt, ap);
+ return;
+ }
+ fmt2 = tmp;
+ p2 = fmt2 + pos;
+ memmove (p2, e, e_len);
+ p2 += e_len;
+ ++p;
+ } else
+ *p2++ = *p;
+ }
+ *p2 = '\0';
+
+ vasprintf (&buf, fmt2, ap);
+ free (fmt2);
+ if (buf == NULL) {
+ simple_vsyslog (pri, fmt, ap);
+ return;
+ }
+ syslog (pri, "%s", buf);
+ free (buf);
+}
#endif
diff --git a/crypto/heimdal/lib/roken/vwarn.c b/crypto/heimdal/lib/roken/vwarn.c
index 15f9a3827650..4034b1b8b29b 100644
--- a/crypto/heimdal/lib/roken/vwarn.c
+++ b/crypto/heimdal/lib/roken/vwarn.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,11 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: vwarn.c,v 1.8 1999/12/02 16:58:54 joda Exp $");
+RCSID("$Id: vwarn.c,v 1.10 2001/01/25 12:41:39 assar Exp $");
#endif
-#include "err.h"
+#include "roken.h"
+#include <err.h>
void
vwarn(const char *fmt, va_list ap)
diff --git a/crypto/heimdal/lib/roken/vwarnx.c b/crypto/heimdal/lib/roken/vwarnx.c
index 48f1ffd46bfc..7449a75b3caf 100644
--- a/crypto/heimdal/lib/roken/vwarnx.c
+++ b/crypto/heimdal/lib/roken/vwarnx.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,11 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: vwarnx.c,v 1.8 1999/12/02 16:58:54 joda Exp $");
+RCSID("$Id: vwarnx.c,v 1.10 2001/01/25 12:41:39 assar Exp $");
#endif
-#include "err.h"
+#include "roken.h"
+#include <err.h>
void
vwarnx(const char *fmt, va_list ap)
diff --git a/crypto/heimdal/lib/roken/warnerr.c b/crypto/heimdal/lib/roken/warnerr.c
index 4df375da67f5..f57c90e0fd61 100644
--- a/crypto/heimdal/lib/roken/warnerr.c
+++ b/crypto/heimdal/lib/roken/warnerr.c
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: warnerr.c,v 1.8 1999/12/02 16:58:54 joda Exp $");
+RCSID("$Id: warnerr.c,v 1.9 2000/07/25 09:54:05 joda Exp $");
#endif
#include "roken.h"
@@ -43,6 +43,12 @@ RCSID("$Id: warnerr.c,v 1.8 1999/12/02 16:58:54 joda Exp $");
const char *__progname;
#endif
+const char *
+get_progname(void)
+{
+ return __progname;
+}
+
void
set_progname(char *argv0)
{
diff --git a/crypto/heimdal/lib/roken/write_pid.c b/crypto/heimdal/lib/roken/write_pid.c
new file mode 100644
index 000000000000..7d4fa24626e7
--- /dev/null
+++ b/crypto/heimdal/lib/roken/write_pid.c
@@ -0,0 +1,95 @@
+/*
+ * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: write_pid.c,v 1.4 2000/08/04 11:19:41 joda Exp $");
+#endif
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <unistd.h>
+#include <roken.h>
+
+#include "roken.h"
+
+char *
+pid_file_write (const char *progname)
+{
+ FILE *fp;
+ char *ret;
+
+ asprintf (&ret, "%s%s.pid", _PATH_VARRUN, progname);
+ if (ret == NULL)
+ return NULL;
+ fp = fopen (ret, "w");
+ if (fp == NULL) {
+ free (ret);
+ return NULL;
+ }
+ fprintf (fp, "%u", (unsigned)getpid());
+ fclose (fp);
+ return ret;
+}
+
+void
+pid_file_delete (char **filename)
+{
+ if (*filename != NULL) {
+ unlink (*filename);
+ free (*filename);
+ *filename = NULL;
+ }
+}
+
+#ifndef HAVE_PIDFILE
+static char *pidfile_path;
+
+static void
+pidfile_cleanup(void)
+{
+ if(pidfile_path != NULL)
+ pid_file_delete(&pidfile_path);
+}
+
+void
+pidfile(const char *basename)
+{
+ if(pidfile_path != NULL)
+ return;
+ if(basename == NULL)
+ basename = __progname;
+ pidfile_path = pid_file_write(basename);
+ atexit(pidfile_cleanup);
+}
+#endif
diff --git a/crypto/heimdal/lib/roken/xdbm.h b/crypto/heimdal/lib/roken/xdbm.h
index 78d7330d8c85..429c3d14336b 100644
--- a/crypto/heimdal/lib/roken/xdbm.h
+++ b/crypto/heimdal/lib/roken/xdbm.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: xdbm.h,v 1.8 2000/02/06 05:03:27 assar Exp $ */
+/* $Id: xdbm.h,v 1.12 2000/08/16 03:57:21 assar Exp $ */
/* Generic *dbm include file */
@@ -43,13 +43,17 @@
#include <db.h>
#endif
+#ifndef DBM_INSERT
#if defined(HAVE_NDBM_H)
#include <ndbm.h>
+#elif defined(HAVE_GDBM_NDBM_H)
+#include <gdbm/ndbm.h>
#elif defined(HAVE_DBM_H)
#include <dbm.h>
#elif defined(HAVE_RPCSVC_DBM_H)
#include <rpcsvc/dbm.h>
#endif
+#endif
/* Macros to convert ndbm names to dbm names.
* Note that dbm_nextkey() cannot be simply converted using a macro, since
@@ -58,7 +62,7 @@
* Instead, all routines call "dbm_next" instead.
*/
-#ifndef NDBM
+#if !defined(NDBM) && !defined(HAVE_DB_H)
typedef char DBM;
#define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0))
diff --git a/crypto/heimdal/lib/sl/ChangeLog b/crypto/heimdal/lib/sl/ChangeLog
index eca72177f5ee..1893e1c5e82e 100644
--- a/crypto/heimdal/lib/sl/ChangeLog
+++ b/crypto/heimdal/lib/sl/ChangeLog
@@ -1,3 +1,49 @@
+2001-01-26 Johan Danielsson <joda@pdc.kth.se>
+
+ * sl.h: proto
+
+ * sl.c (sl_command_loop): try to handle user pressing C-c
+
+2000-12-11 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am (libss_la_LDFLAGS): bump version to 1:2:1
+
+2000-08-19 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: add dependencies for libss/libsl shared libraries
+
+2000-07-25 Johan Danielsson <joda@pdc.kth.se>
+
+ * Makefile.am: bump ss version to 1:1:1
+
+2000-06-27 Assar Westerlund <assar@sics.se>
+
+ * parse.y (yyerror): static-ize
+ * make_cmds.h (error_message, yylex): add prototypes
+ * lex.l: fix prototypes and kill warnings
+
+2000-05-24 Assar Westerlund <assar@sics.se>
+
+ * ss.h (SS_ET_COMMAND_NOT_FOUND): add
+ * ss.c: check allocation and return some other error codes too
+
+2000-04-29 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in: add LIB_tgetent. From Derrick J Brashear
+ <shadow@dementia.org>
+
+2000-04-03 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: set version to 1:0:1
+
+2000-03-07 Assar Westerlund <assar@sics.se>
+
+ * sl.h (SL_BADCOMMAND): define
+ (sl_apropos): add prototype
+
+ * sl.c: mandoc-generation
+ (sl_apropos): stolen from arla
+
2000-01-06 Assar Westerlund <assar@sics.se>
* Makefile.am: bump both versions to 0:1:0
diff --git a/crypto/heimdal/lib/sl/Makefile.am b/crypto/heimdal/lib/sl/Makefile.am
index e572e21052f1..df013066844e 100644
--- a/crypto/heimdal/lib/sl/Makefile.am
+++ b/crypto/heimdal/lib/sl/Makefile.am
@@ -1,4 +1,4 @@
-# $Id: Makefile.am,v 1.15 2000/01/06 21:52:20 assar Exp $
+# $Id: Makefile.am,v 1.21 2001/01/26 15:00:09 joda Exp $
include $(top_srcdir)/Makefile.am.common
@@ -7,8 +7,11 @@ YFLAGS = -d
include_HEADERS = sl.h
lib_LTLIBRARIES = libsl.la libss.la
-libsl_la_LDFLAGS = -version-info 0:1:0
-libss_la_LDFLAGS = -version-info 0:1:0
+libsl_la_LDFLAGS = -version-info 1:1:1
+libss_la_LDFLAGS = -version-info 1:3:1
+
+libsl_la_LIBADD = @LIB_readline@
+libss_la_LIBADD = @LIB_readline@
RENAME_SRC = roken_rename.h strtok_r.c snprintf.c
@@ -19,7 +22,7 @@ EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h
# install these?
-noinst_PROGRAMS = mk_cmds
+bin_PROGRAMS = mk_cmds
mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l
@@ -34,8 +37,8 @@ CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c
$(mk_cmds_OBJECTS): parse.h
-LDADD = \
- $(LIB_roken) \
+LDADD = \
+ $(LIB_roken) \
$(LEXLIB)
strtok_r.c:
diff --git a/crypto/heimdal/lib/sl/Makefile.in b/crypto/heimdal/lib/sl/Makefile.in
index 634cd741e679..6c1088b2a792 100644
--- a/crypto/heimdal/lib/sl/Makefile.in
+++ b/crypto/heimdal/lib/sl/Makefile.in
@@ -1,6 +1,6 @@
-# Makefile.in generated automatically by automake 1.4 from Makefile.am
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
-# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
# This Makefile.in is free software; the Free Software Foundation
# gives unlimited permission to copy and/or distribute it,
# with or without modifications, as long as this notice is preserved.
@@ -10,15 +10,6 @@
# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
# PARTICULAR PURPOSE.
-# $Id: Makefile.am,v 1.15 2000/01/06 21:52:20 assar Exp $
-
-
-# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
-
-
-# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $
-
-
SHELL = @SHELL@
srcdir = @srcdir@
@@ -40,8 +31,6 @@ mandir = @mandir@
includedir = @includedir@
oldincludedir = /usr/include
-DESTDIR =
-
pkgdatadir = $(datadir)/@PACKAGE@
pkglibdir = $(libdir)/@PACKAGE@
pkgincludedir = $(includedir)/@PACKAGE@
@@ -54,9 +43,10 @@ AUTOMAKE = @AUTOMAKE@
AUTOHEADER = @AUTOHEADER@
INSTALL = @INSTALL@
-INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS)
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
INSTALL_DATA = @INSTALL_DATA@
INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
transform = @program_transform_name@
NORMAL_INSTALL = :
@@ -65,26 +55,39 @@ POST_INSTALL = :
NORMAL_UNINSTALL = :
PRE_UNINSTALL = :
POST_UNINSTALL = :
+
+@SET_MAKE@
host_alias = @host_alias@
host_triplet = @host@
-AFS_EXTRA_LD = @AFS_EXTRA_LD@
AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
AWK = @AWK@
CANONICAL_HOST = @CANONICAL_HOST@
CATMAN = @CATMAN@
CATMANEXT = @CATMANEXT@
CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
EXEEXT = @EXEEXT@
EXTRA_LIB45 = @EXTRA_LIB45@
GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
INCLUDE_ = @INCLUDE_@
-LD = @LD@
LEX = @LEX@
LIBOBJS = @LIBOBJS@
LIBTOOL = @LIBTOOL@
LIB_ = @LIB_@
LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
LIB_kdb = @LIB_kdb@
LIB_otp = @LIB_otp@
LIB_roken = @LIB_roken@
@@ -92,31 +95,43 @@ LIB_security = @LIB_security@
LN_S = @LN_S@
LTLIBOBJS = @LTLIBOBJS@
MAKEINFO = @MAKEINFO@
-MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@
-MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@
-MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@
NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
-NM = @NM@
NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
OBJEXT = @OBJEXT@
PACKAGE = @PACKAGE@
RANLIB = @RANLIB@
+STRIP = @STRIP@
VERSION = @VERSION@
VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
WFLAGS = @WFLAGS@
WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.21 2001/01/26 15:00:09 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
AUTOMAKE_OPTIONS = foreign no-dependencies
SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
-INCLUDES = -I$(top_builddir)/include
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
AM_CFLAGS = $(WFLAGS)
+CP = cp
+
COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
buildinclude = $(top_builddir)/include
@@ -136,6 +151,7 @@ LIB_getsockopt = @LIB_getsockopt@
LIB_logout = @LIB_logout@
LIB_logwtmp = @LIB_logwtmp@
LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
LIB_readline = @LIB_readline@
LIB_res_search = @LIB_res_search@
LIB_setpcred = @LIB_setpcred@
@@ -144,6 +160,8 @@ LIB_socket = @LIB_socket@
LIB_syslog = @LIB_syslog@
LIB_tgetent = @LIB_tgetent@
+LIBS = @LIBS@
+
HESIODLIB = @HESIODLIB@
HESIODINCLUDE = @HESIODINCLUDE@
INCLUDE_hesiod = @INCLUDE_hesiod@
@@ -152,24 +170,20 @@ LIB_hesiod = @LIB_hesiod@
INCLUDE_krb4 = @INCLUDE_krb4@
LIB_krb4 = @LIB_krb4@
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
INCLUDE_readline = @INCLUDE_readline@
LEXLIB = @LEXLIB@
-cat1dir = $(mandir)/cat1
-cat3dir = $(mandir)/cat3
-cat5dir = $(mandir)/cat5
-cat8dir = $(mandir)/cat8
-
-MANRX = \(.*\)\.\([0-9]\)
-CATSUFFIX = @CATSUFFIX@
-
NROFF_MAN = groff -mandoc -Tascii
-@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
-@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la
-@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
CHECK_LOCAL = $(PROGRAMS)
@@ -178,8 +192,11 @@ YFLAGS = -d
include_HEADERS = sl.h
lib_LTLIBRARIES = libsl.la libss.la
-libsl_la_LDFLAGS = -version-info 0:1:0
-libss_la_LDFLAGS = -version-info 0:1:0
+libsl_la_LDFLAGS = -version-info 1:1:1
+libss_la_LDFLAGS = -version-info 1:3:1
+
+libsl_la_LIBADD = @LIB_readline@
+libss_la_LIBADD = @LIB_readline@
RENAME_SRC = roken_rename.h strtok_r.c snprintf.c
@@ -190,7 +207,7 @@ EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h
# install these?
-noinst_PROGRAMS = mk_cmds
+bin_PROGRAMS = mk_cmds
mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l
@@ -203,8 +220,11 @@ ssinclude_HEADERS = ss.h
CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c
-LDADD = $(LIB_roken) $(LEXLIB)
+LDADD = \
+ $(LIB_roken) \
+ $(LEXLIB)
+subdir = lib/sl
mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
CONFIG_HEADER = ../../include/config.h
CONFIG_CLEAN_FILES =
@@ -214,43 +234,48 @@ LTLIBRARIES = $(lib_LTLIBRARIES)
DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
CPPFLAGS = @CPPFLAGS@
LDFLAGS = @LDFLAGS@
-LIBS = @LIBS@
X_CFLAGS = @X_CFLAGS@
X_LIBS = @X_LIBS@
X_EXTRA_LIBS = @X_EXTRA_LIBS@
X_PRE_LIBS = @X_PRE_LIBS@
-libsl_la_LIBADD =
-libsl_la_OBJECTS = sl.lo
-libss_la_LIBADD =
-libss_la_OBJECTS = sl.lo ss.lo
-noinst_PROGRAMS = mk_cmds$(EXEEXT)
-PROGRAMS = $(noinst_PROGRAMS)
-
-mk_cmds_OBJECTS = make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT)
+libsl_la_DEPENDENCIES =
+am_libsl_la_OBJECTS = sl.lo
+libsl_la_OBJECTS = $(am_libsl_la_OBJECTS)
+libss_la_DEPENDENCIES =
+am_libss_la_OBJECTS = sl.lo ss.lo
+libss_la_OBJECTS = $(am_libss_la_OBJECTS)
+bin_PROGRAMS = mk_cmds$(EXEEXT)
+PROGRAMS = $(bin_PROGRAMS)
+
+am_mk_cmds_OBJECTS = make_cmds.$(OBJEXT) parse.$(OBJEXT) lex.$(OBJEXT)
+mk_cmds_OBJECTS = $(am_mk_cmds_OBJECTS)
mk_cmds_LDADD = $(LDADD)
mk_cmds_DEPENDENCIES =
mk_cmds_LDFLAGS =
-LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
-CFLAGS = @CFLAGS@
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
+LEX_OUTPUT_ROOT = @LEX_OUTPUT_ROOT@
CCLD = $(CC)
-LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libsl_la_SOURCES) $(EXTRA_libsl_la_SOURCES) \
+$(libss_la_SOURCES) $(mk_cmds_SOURCES) $(EXTRA_mk_cmds_SOURCES)
HEADERS = $(include_HEADERS) $(ssinclude_HEADERS)
-DIST_COMMON = ChangeLog Makefile.am Makefile.in lex.c parse.c
+depcomp =
+DIST_COMMON = $(include_HEADERS) $(ssinclude_HEADERS) ChangeLog \
+Makefile.am Makefile.in lex.c parse.c parse.h
-DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST)
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
-TAR = tar
GZIP_ENV = --best
SOURCES = $(libsl_la_SOURCES) $(EXTRA_libsl_la_SOURCES) $(libss_la_SOURCES) $(mk_cmds_SOURCES) $(EXTRA_mk_cmds_SOURCES)
-OBJECTS = $(libsl_la_OBJECTS) $(libss_la_OBJECTS) $(mk_cmds_OBJECTS)
+OBJECTS = $(am_libsl_la_OBJECTS) $(am_libss_la_OBJECTS) $(am_mk_cmds_OBJECTS)
all: all-redirect
.SUFFIXES:
-.SUFFIXES: .1 .3 .5 .8 .S .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .s .x .y
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .l .lo .o .obj .x .y
$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/sl/Makefile
@@ -273,31 +298,18 @@ install-libLTLIBRARIES: $(lib_LTLIBRARIES)
$(mkinstalldirs) $(DESTDIR)$(libdir)
@list='$(lib_LTLIBRARIES)'; for p in $$list; do \
if test -f $$p; then \
- echo "$(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p"; \
- $(LIBTOOL) --mode=install $(INSTALL) $$p $(DESTDIR)$(libdir)/$$p; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p"; \
+ $(LIBTOOL) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(libdir)/$$p; \
else :; fi; \
done
uninstall-libLTLIBRARIES:
@$(NORMAL_UNINSTALL)
- list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ @list='$(lib_LTLIBRARIES)'; for p in $$list; do \
+ echo " $(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p"; \
$(LIBTOOL) --mode=uninstall rm -f $(DESTDIR)$(libdir)/$$p; \
done
-.c.o:
- $(COMPILE) -c $<
-
-# FIXME: We should only use cygpath when building on Windows,
-# and only if it is available.
-.c.obj:
- $(COMPILE) -c `cygpath -w $<`
-
-.s.o:
- $(COMPILE) -c $<
-
-.S.o:
- $(COMPILE) -c $<
-
mostlyclean-compile:
-rm -f *.o core *.core
-rm -f *.$(OBJEXT)
@@ -309,15 +321,6 @@ distclean-compile:
maintainer-clean-compile:
-.c.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.s.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
-.S.lo:
- $(LIBTOOL) --mode=compile $(COMPILE) -c $<
-
mostlyclean-libtool:
-rm -f *.lo
@@ -334,18 +337,43 @@ libsl.la: $(libsl_la_OBJECTS) $(libsl_la_DEPENDENCIES)
libss.la: $(libss_la_OBJECTS) $(libss_la_DEPENDENCIES)
$(LINK) -rpath $(libdir) $(libss_la_LDFLAGS) $(libss_la_OBJECTS) $(libss_la_LIBADD) $(LIBS)
-mostlyclean-noinstPROGRAMS:
+mostlyclean-binPROGRAMS:
+
+clean-binPROGRAMS:
+ -test -z "$(bin_PROGRAMS)" || rm -f $(bin_PROGRAMS)
-clean-noinstPROGRAMS:
- -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS)
+distclean-binPROGRAMS:
-distclean-noinstPROGRAMS:
+maintainer-clean-binPROGRAMS:
-maintainer-clean-noinstPROGRAMS:
+install-binPROGRAMS: $(bin_PROGRAMS)
+ @$(NORMAL_INSTALL)
+ $(mkinstalldirs) $(DESTDIR)$(bindir)
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ if test -f $$p; then \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f"; \
+ $(LIBTOOL) --mode=install $(INSTALL_PROGRAM) $(INSTALL_STRIP_FLAG) $$p $(DESTDIR)$(bindir)/$$f; \
+ else :; fi; \
+ done
+
+uninstall-binPROGRAMS:
+ @$(NORMAL_UNINSTALL)
+ @list='$(bin_PROGRAMS)'; for p in $$list; do \
+ f="`echo $$p|sed -e 's/$(EXEEXT)$$//' -e '$(transform)' -e 's/$$/$(EXEEXT)/'`"; \
+ echo " rm -f $(DESTDIR)$(bindir)/$$f"; \
+ rm -f $(DESTDIR)$(bindir)/$$f; \
+ done
mk_cmds$(EXEEXT): $(mk_cmds_OBJECTS) $(mk_cmds_DEPENDENCIES)
@rm -f mk_cmds$(EXEEXT)
$(LINK) $(mk_cmds_LDFLAGS) $(mk_cmds_OBJECTS) $(mk_cmds_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
.l.c:
$(LEX) $(AM_LFLAGS) $(LFLAGS) $< && mv $(LEX_OUTPUT_ROOT).c $@
.y.c:
@@ -361,14 +389,17 @@ install-includeHEADERS: $(include_HEADERS)
$(mkinstalldirs) $(DESTDIR)$(includedir)
@list='$(include_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(includedir)/$$f; \
done
uninstall-includeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(include_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(includedir)/$$p; \
+ @list='$(include_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(includedir)/$$f"; \
+ rm -f $(DESTDIR)$(includedir)/$$f; \
done
install-ssincludeHEADERS: $(ssinclude_HEADERS)
@@ -376,35 +407,42 @@ install-ssincludeHEADERS: $(ssinclude_HEADERS)
$(mkinstalldirs) $(DESTDIR)$(ssincludedir)
@list='$(ssinclude_HEADERS)'; for p in $$list; do \
if test -f "$$p"; then d= ; else d="$(srcdir)/"; fi; \
- echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$p"; \
- $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$p; \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$f"; \
+ $(INSTALL_DATA) $$d$$p $(DESTDIR)$(ssincludedir)/$$f; \
done
uninstall-ssincludeHEADERS:
@$(NORMAL_UNINSTALL)
- list='$(ssinclude_HEADERS)'; for p in $$list; do \
- rm -f $(DESTDIR)$(ssincludedir)/$$p; \
+ @list='$(ssinclude_HEADERS)'; for p in $$list; do \
+ f="`echo $$p | sed -e 's|^.*/||'`"; \
+ echo " rm -f $(DESTDIR)$(ssincludedir)/$$f"; \
+ rm -f $(DESTDIR)$(ssincludedir)/$$f; \
done
tags: TAGS
-ID: $(HEADERS) $(SOURCES) $(LISP)
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
- here=`pwd` && cd $(srcdir) \
- && mkid -f$$here/ID $$unique $(LISP)
+ mkid -fID $$unique $(LISP)
-TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP)
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
tags=; \
here=`pwd`; \
- list='$(SOURCES) $(HEADERS)'; \
- unique=`for i in $$list; do echo $$i; done | \
- awk ' { files[$$0] = 1; } \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
END { for (i in files) print i; }'`; \
test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
- || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS)
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
mostlyclean-tags:
@@ -417,17 +455,16 @@ maintainer-clean-tags:
distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
-subdir = lib/sl
-
distdir: $(DISTFILES)
@for file in $(DISTFILES); do \
d=$(srcdir); \
if test -d $$d/$$file; then \
- cp -pr $$/$$file $(distdir)/$$file; \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
else \
test -f $(distdir)/$$file \
- || ln $$d/$$file $(distdir)/$$file 2> /dev/null \
- || cp -p $$d/$$file $(distdir)/$$file || :; \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
fi; \
done
$(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
@@ -440,7 +477,7 @@ check-am: all-am
check: check-am
installcheck-am:
installcheck: installcheck-am
-install-exec-am: install-libLTLIBRARIES
+install-exec-am: install-libLTLIBRARIES install-binPROGRAMS
@$(NORMAL_INSTALL)
$(MAKE) $(AM_MAKEFLAGS) install-exec-hook
install-exec: install-exec-am
@@ -452,16 +489,16 @@ install-data: install-data-am
install-am: all-am
@$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
install: install-am
-uninstall-am: uninstall-libLTLIBRARIES uninstall-includeHEADERS \
- uninstall-ssincludeHEADERS
+uninstall-am: uninstall-libLTLIBRARIES uninstall-binPROGRAMS \
+ uninstall-includeHEADERS uninstall-ssincludeHEADERS
uninstall: uninstall-am
all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(HEADERS) all-local
all-redirect: all-am
install-strip:
- $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
installdirs:
- $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(includedir) \
- $(DESTDIR)$(ssincludedir)
+ $(mkinstalldirs) $(DESTDIR)$(libdir) $(DESTDIR)$(bindir) \
+ $(DESTDIR)$(includedir) $(DESTDIR)$(ssincludedir)
mostlyclean-generic:
@@ -474,29 +511,30 @@ distclean-generic:
-rm -f config.cache config.log stamp-h stamp-h[0-9]*
maintainer-clean-generic:
- -test -z "lexlparsehparsec" || rm -f lexl parseh parsec
+ -rm -f Makefile.in
+ -test -z "lex.cparse.hparse.c" || rm -f lex.c parse.h parse.c
mostlyclean-am: mostlyclean-libLTLIBRARIES mostlyclean-compile \
- mostlyclean-libtool mostlyclean-noinstPROGRAMS \
+ mostlyclean-libtool mostlyclean-binPROGRAMS \
mostlyclean-tags mostlyclean-generic
mostlyclean: mostlyclean-am
clean-am: clean-libLTLIBRARIES clean-compile clean-libtool \
- clean-noinstPROGRAMS clean-tags clean-generic \
+ clean-binPROGRAMS clean-tags clean-generic \
mostlyclean-am
clean: clean-am
distclean-am: distclean-libLTLIBRARIES distclean-compile \
- distclean-libtool distclean-noinstPROGRAMS \
- distclean-tags distclean-generic clean-am
+ distclean-libtool distclean-binPROGRAMS distclean-tags \
+ distclean-generic clean-am
-rm -f libtool
distclean: distclean-am
maintainer-clean-am: maintainer-clean-libLTLIBRARIES \
maintainer-clean-compile maintainer-clean-libtool \
- maintainer-clean-noinstPROGRAMS maintainer-clean-tags \
+ maintainer-clean-binPROGRAMS maintainer-clean-tags \
maintainer-clean-generic distclean-am
@echo "This command is intended for maintainers to use;"
@echo "it deletes files that may require special tools to rebuild."
@@ -508,15 +546,15 @@ clean-libLTLIBRARIES maintainer-clean-libLTLIBRARIES \
uninstall-libLTLIBRARIES install-libLTLIBRARIES mostlyclean-compile \
distclean-compile clean-compile maintainer-clean-compile \
mostlyclean-libtool distclean-libtool clean-libtool \
-maintainer-clean-libtool mostlyclean-noinstPROGRAMS \
-distclean-noinstPROGRAMS clean-noinstPROGRAMS \
-maintainer-clean-noinstPROGRAMS uninstall-includeHEADERS \
-install-includeHEADERS uninstall-ssincludeHEADERS \
-install-ssincludeHEADERS tags mostlyclean-tags distclean-tags \
-clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \
-check-local check check-am installcheck-am installcheck install-exec-am \
-install-exec install-data-local install-data-am install-data install-am \
-install uninstall-am uninstall all-local all-redirect all-am all \
+maintainer-clean-libtool mostlyclean-binPROGRAMS distclean-binPROGRAMS \
+clean-binPROGRAMS maintainer-clean-binPROGRAMS uninstall-binPROGRAMS \
+install-binPROGRAMS uninstall-includeHEADERS install-includeHEADERS \
+uninstall-ssincludeHEADERS install-ssincludeHEADERS tags \
+mostlyclean-tags distclean-tags clean-tags maintainer-clean-tags \
+distdir info-am info dvi-am dvi check-local check check-am \
+installcheck-am installcheck install-exec-am install-exec \
+install-data-local install-data-am install-data install-am install \
+uninstall-am uninstall all-local all-redirect all-am all install-strip \
installdirs mostlyclean-generic distclean-generic clean-generic \
maintainer-clean-generic clean mostlyclean distclean maintainer-clean
@@ -526,7 +564,10 @@ install-suid-programs:
for file in $$foo; do \
x=$(DESTDIR)$(bindir)/$$file; \
if chown 0:0 $$x && chmod u+s $$x; then :; else \
- chmod 0 $$x; fi; done
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
install-exec-hook: install-suid-programs
@@ -538,8 +579,8 @@ install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
else file="$$f"; fi; \
if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
: ; else \
- echo " cp $$file $(buildinclude)/$$f"; \
- cp $$file $(buildinclude)/$$f; \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
fi ; \
done
@@ -608,87 +649,8 @@ dist-cat8-mans:
dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
-install-cat1-mans:
- @ext=1;\
- foo='$(man1_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.1) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat1dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat3-mans:
- @ext=3;\
- foo='$(man3_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.3) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat3dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat5-mans:
- @ext=5;\
- foo='$(man5_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.5) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat5dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat8-mans:
- @ext=8;\
- foo='$(man8_MANS)'; \
- bar='$(man_MANS)'; \
- for i in $$bar; do \
- case $$i in \
- *.8) foo="$$foo $$i";; \
- esac; done; \
- if test "$$foo"; then \
- $(mkinstalldirs) $(DESTDIR)$(cat8dir); \
- for x in $$foo; do \
- f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \
- if test -f "$(srcdir)/$$f"; then \
- b=`echo $$x | sed 's!$(MANRX)!\1!'`; \
- echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\
- $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\
- fi; \
- done ;\
- fi
-
-install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
install-data-local: install-cat-mans
diff --git a/crypto/heimdal/lib/sl/lex.l b/crypto/heimdal/lib/sl/lex.l
index b7c1c4432346..c83e5d197b93 100644
--- a/crypto/heimdal/lib/sl/lex.l
+++ b/crypto/heimdal/lib/sl/lex.l
@@ -1,6 +1,6 @@
%{
/*
- * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,14 +32,17 @@
* SUCH DAMAGE.
*/
+#undef ECHO
+
#include "make_cmds.h"
#include "parse.h"
-RCSID("$Id: lex.l,v 1.3 1999/12/02 16:58:55 joda Exp $");
+RCSID("$Id: lex.l,v 1.5 2000/12/05 09:21:46 joda Exp $");
static unsigned lineno = 1;
-void error_message(char *, ...);
-int getstring(void);
+static int getstring(void);
+
+#define YY_NO_UNPUT
%}
@@ -66,7 +69,7 @@ yywrap ()
}
#endif
-int
+static int
getstring(void)
{
char x[128];
@@ -102,7 +105,7 @@ getstring(void)
}
void
-error_message (char *format, ...)
+error_message (const char *format, ...)
{
va_list args;
diff --git a/crypto/heimdal/lib/sl/make_cmds.h b/crypto/heimdal/lib/sl/make_cmds.h
index 24dbd60d6c59..6d64d979f402 100644
--- a/crypto/heimdal/lib/sl/make_cmds.h
+++ b/crypto/heimdal/lib/sl/make_cmds.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: make_cmds.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */
+/* $Id: make_cmds.h,v 1.3 2000/06/27 02:36:56 assar Exp $ */
#ifndef __MAKE_CMDS_H__
#define __MAKE_CMDS_H__
@@ -45,6 +45,8 @@
#include <stdlib.h>
#include <stdarg.h>
+#include <roken.h>
+
extern char *filename;
extern char *table_name;
extern int numerror;
@@ -66,4 +68,9 @@ struct string_list {
void add_command(char*, char*, struct string_list*, unsigned);
+void error_message(const char *, ...)
+ __attribute__ ((format (printf, 1,2)));
+
+int yylex (void);
+
#endif /* __MAKE_CMDS_H__ */
diff --git a/crypto/heimdal/lib/sl/parse.y b/crypto/heimdal/lib/sl/parse.y
index 18ef5cadda7c..deff9336375e 100644
--- a/crypto/heimdal/lib/sl/parse.y
+++ b/crypto/heimdal/lib/sl/parse.y
@@ -1,6 +1,6 @@
%{
/*
- * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,9 @@
*/
#include "make_cmds.h"
-RCSID("$Id: parse.y,v 1.6 1999/12/16 10:34:11 assar Exp $");
+RCSID("$Id: parse.y,v 1.7 2000/06/27 02:37:18 assar Exp $");
-void yyerror (char *s);
-void error_message(char *, ...);
+static void yyerror (char *s);
struct string_list* append_string(struct string_list*, char*);
void free_string_list(struct string_list *list);
@@ -129,7 +128,7 @@ flag : STRING
%%
-void
+static void
yyerror (char *s)
{
error_message ("%s\n", s);
diff --git a/crypto/heimdal/lib/sl/roken_rename.h b/crypto/heimdal/lib/sl/roken_rename.h
index c668802ac5d5..1d3d8930e1d1 100644
--- a/crypto/heimdal/lib/sl/roken_rename.h
+++ b/crypto/heimdal/lib/sl/roken_rename.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*/
-/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:55 joda Exp $ */
+/* $Id: roken_rename.h,v 1.4 2000/05/31 20:07:56 assar Exp $ */
#ifndef __roken_rename_h__
#define __roken_rename_h__
@@ -57,5 +57,8 @@
#ifndef HAVE_VSNPRINTF
#define vsnprintf _sl_vsnprintf
#endif
+#ifndef HAVE_STRUPR
+#define strupr _sl_strupr
+#endif
#endif /* __roken_rename_h__ */
diff --git a/crypto/heimdal/lib/sl/sl.c b/crypto/heimdal/lib/sl/sl.c
index 688ca8b22a25..ebc7657cc015 100644
--- a/crypto/heimdal/lib/sl/sl.c
+++ b/crypto/heimdal/lib/sl/sl.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,10 +33,101 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: sl.c,v 1.25 1999/12/02 16:58:55 joda Exp $");
+RCSID("$Id: sl.c,v 1.28 2001/01/26 14:58:26 joda Exp $");
#endif
#include "sl_locl.h"
+#include <setjmp.h>
+
+static size_t
+print_sl (FILE *stream, int mdoc, int longp, SL_cmd *c)
+ __attribute__ ((unused));
+
+static size_t
+print_sl (FILE *stream, int mdoc, int longp, SL_cmd *c)
+{
+ if(mdoc){
+ if(longp)
+ fprintf(stream, "= Ns");
+ fprintf(stream, " Ar ");
+ }else
+ if (longp)
+ putc ('=', stream);
+ else
+ putc (' ', stream);
+
+ return 1;
+}
+
+static void
+mandoc_template(SL_cmd *cmds,
+ const char *extra_string)
+{
+ SL_cmd *c, *prev;
+ char timestr[64], cmd[64];
+ const char *p;
+ time_t t;
+
+ printf(".\\\" Things to fix:\n");
+ printf(".\\\" * correct section, and operating system\n");
+ printf(".\\\" * remove Op from mandatory flags\n");
+ printf(".\\\" * use better macros for arguments (like .Pa for files)\n");
+ printf(".\\\"\n");
+ t = time(NULL);
+ strftime(timestr, sizeof(timestr), "%b %d, %Y", localtime(&t));
+ printf(".Dd %s\n", timestr);
+ p = strrchr(__progname, '/');
+ if(p) p++; else p = __progname;
+ strncpy(cmd, p, sizeof(cmd));
+ cmd[sizeof(cmd)-1] = '\0';
+ strupr(cmd);
+
+ printf(".Dt %s SECTION\n", cmd);
+ printf(".Os OPERATING_SYSTEM\n");
+ printf(".Sh NAME\n");
+ printf(".Nm %s\n", p);
+ printf(".Nd\n");
+ printf("in search of a description\n");
+ printf(".Sh SYNOPSIS\n");
+ printf(".Nm\n");
+ for(c = cmds; c->name; ++c) {
+/* if (c->func == NULL)
+ continue; */
+ printf(".Op Fl %s", c->name);
+/* print_sl(stdout, 1, 0, c);*/
+ printf("\n");
+
+ }
+ if (extra_string && *extra_string)
+ printf (".Ar %s\n", extra_string);
+ printf(".Sh DESCRIPTION\n");
+ printf("Supported options:\n");
+ printf(".Bl -tag -width Ds\n");
+ prev = NULL;
+ for(c = cmds; c->name; ++c) {
+ if (c->func) {
+ if (prev)
+ printf ("\n%s\n", prev->usage);
+
+ printf (".It Fl %s", c->name);
+ prev = c;
+ } else
+ printf (", %s\n", c->name);
+ }
+ if (prev)
+ printf ("\n%s\n", prev->usage);
+
+ printf(".El\n");
+ printf(".\\\".Sh ENVIRONMENT\n");
+ printf(".\\\".Sh FILES\n");
+ printf(".\\\".Sh EXAMPLES\n");
+ printf(".\\\".Sh DIAGNOSTICS\n");
+ printf(".\\\".Sh SEE ALSO\n");
+ printf(".\\\".Sh STANDARDS\n");
+ printf(".\\\".Sh HISTORY\n");
+ printf(".\\\".Sh AUTHORS\n");
+ printf(".\\\".Sh BUGS\n");
+}
static SL_cmd *
sl_match (SL_cmd *cmds, char *cmd, int exactp)
@@ -66,6 +157,11 @@ sl_help (SL_cmd *cmds, int argc, char **argv)
{
SL_cmd *c, *prev_c;
+ if (getenv("SLMANDOC")) {
+ mandoc_template(cmds, NULL);
+ return;
+ }
+
if (argc == 1) {
prev_c = NULL;
for (c = cmds; c->name; ++c) {
@@ -178,9 +274,28 @@ sl_make_argv(char *line, int *ret_argc, char ***ret_argv)
return 0;
}
+static jmp_buf sl_jmp;
+
+static void sl_sigint(int sig)
+{
+ longjmp(sl_jmp, 1);
+}
+
+static char *sl_readline(const char *prompt)
+{
+ char *s;
+ void (*old)(int);
+ old = signal(SIGINT, sl_sigint);
+ if(setjmp(sl_jmp))
+ printf("\n");
+ s = readline((char*)prompt);
+ signal(SIGINT, old);
+ return s;
+}
+
/* return values: 0 on success, -1 on fatal error, or return value of command */
int
-sl_command_loop(SL_cmd *cmds, char *prompt, void **data)
+sl_command_loop(SL_cmd *cmds, const char *prompt, void **data)
{
int ret = 0;
char *buf;
@@ -188,7 +303,7 @@ sl_command_loop(SL_cmd *cmds, char *prompt, void **data)
char **argv;
ret = 0;
- buf = readline(prompt);
+ buf = sl_readline(prompt);
if(buf == NULL)
return 1;
@@ -213,7 +328,7 @@ sl_command_loop(SL_cmd *cmds, char *prompt, void **data)
}
int
-sl_loop(SL_cmd *cmds, char *prompt)
+sl_loop(SL_cmd *cmds, const char *prompt)
{
void *data = NULL;
int ret;
@@ -221,3 +336,11 @@ sl_loop(SL_cmd *cmds, char *prompt)
;
return ret;
}
+
+void
+sl_apropos (SL_cmd *cmd, const char *topic)
+{
+ for (; cmd->name != NULL; ++cmd)
+ if (cmd->usage != NULL && strstr(cmd->usage, topic) != NULL)
+ printf ("%-20s%s\n", cmd->name, cmd->usage);
+}
diff --git a/crypto/heimdal/lib/sl/sl.h b/crypto/heimdal/lib/sl/sl.h
index 1a6d3fa6e6e1..5b3e4b7d643d 100644
--- a/crypto/heimdal/lib/sl/sl.h
+++ b/crypto/heimdal/lib/sl/sl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -31,11 +31,13 @@
* SUCH DAMAGE.
*/
-/* $Id: sl.h,v 1.7 1999/12/02 16:58:55 joda Exp $ */
+/* $Id: sl.h,v 1.9 2001/01/26 14:58:41 joda Exp $ */
#ifndef _SL_H
#define _SL_H
+#define SL_BADCOMMAND -1
+
typedef int (*cmd_func)(int, char **);
struct sl_cmd {
@@ -48,10 +50,11 @@ struct sl_cmd {
typedef struct sl_cmd SL_cmd;
void sl_help (SL_cmd *, int argc, char **argv);
-int sl_loop (SL_cmd *, char *prompt);
-int sl_command_loop (SL_cmd *cmds, char *prompt, void **data);
+int sl_loop (SL_cmd *, const char *prompt);
+int sl_command_loop (SL_cmd *cmds, const char *prompt, void **data);
int sl_command (SL_cmd *cmds, int argc, char **argv);
int sl_make_argv(char*, int*, char***);
+void sl_apropos (SL_cmd *cmd, const char *topic);
#endif /* _SL_H */
diff --git a/crypto/heimdal/lib/sl/ss.c b/crypto/heimdal/lib/sl/ss.c
index f3c0546b4d78..7655a9ec3689 100644
--- a/crypto/heimdal/lib/sl/ss.c
+++ b/crypto/heimdal/lib/sl/ss.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -35,7 +35,7 @@
#include <com_err.h>
#include "ss.h"
-RCSID("$Id: ss.c,v 1.4 1999/12/02 16:58:55 joda Exp $");
+RCSID("$Id: ss.c,v 1.6 2000/05/25 00:14:58 assar Exp $");
struct ss_subst {
char *name;
@@ -55,14 +55,34 @@ ss_create_invocation(const char *subsystem,
int *code)
{
struct ss_subst *ss;
+
if(num_subsystems >= sizeof(subsystems) / sizeof(subsystems[0])) {
*code = 17;
return 0;
}
ss = &subsystems[num_subsystems];
- ss->name = subsystem ? strdup(subsystem) : NULL;
- ss->version = version ? strdup(version) : NULL;
- ss->info = info ? strdup(info) : NULL;
+ ss->name = ss->version = ss->info = NULL;
+ if (subsystem != NULL) {
+ ss->name = strdup (subsystem);
+ if (ss->name == NULL) {
+ *code = ENOMEM;
+ return 0;
+ }
+ }
+ if (version != NULL) {
+ ss->version = strdup (version);
+ if (ss->version == NULL) {
+ *code = ENOMEM;
+ return 0;
+ }
+ }
+ if (info != NULL) {
+ ss->info = strdup (info);
+ if (ss->info == NULL) {
+ *code = ENOMEM;
+ return 0;
+ }
+ }
ss->table = table;
*code = 0;
return num_subsystems++;
@@ -87,8 +107,12 @@ int
ss_execute_command(int index, char **argv)
{
int argc = 0;
+ int ret;
+
while(argv[argc++]);
- sl_command(subsystems[index].table, argc, argv);
+ ret = sl_command(subsystems[index].table, argc, argv);
+ if (ret == SL_BADCOMMAND)
+ return SS_ET_COMMAND_NOT_FOUND;
return 0;
}
@@ -98,10 +122,15 @@ ss_execute_line (int index, const char *line)
char *buf = strdup(line);
int argc;
char **argv;
+ int ret;
+ if (buf == NULL)
+ return ENOMEM;
sl_make_argv(buf, &argc, &argv);
- sl_command(subsystems[index].table, argc, argv);
+ ret = sl_command(subsystems[index].table, argc, argv);
free(buf);
+ if (ret == SL_BADCOMMAND)
+ return SS_ET_COMMAND_NOT_FOUND;
return 0;
}
@@ -109,9 +138,9 @@ int
ss_listen (int index)
{
char *prompt = malloc(strlen(subsystems[index].name) + 3);
- if(prompt == NULL) {
- abort();
- }
+ if (prompt == NULL)
+ return ENOMEM;
+
strcpy(prompt, subsystems[index].name);
strcat(prompt, ": ");
sl_loop(subsystems[index].table, prompt);
diff --git a/crypto/heimdal/lib/sl/ss.h b/crypto/heimdal/lib/sl/ss.h
index 0d9d2977b7ac..0149fa18aaf6 100644
--- a/crypto/heimdal/lib/sl/ss.h
+++ b/crypto/heimdal/lib/sl/ss.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -30,7 +30,7 @@
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
-/* $Id: ss.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */
+/* $Id: ss.h,v 1.3 2000/05/25 00:15:21 assar Exp $ */
/* SS compatibility for SL */
@@ -52,4 +52,6 @@ int ss_listen (int);
void ss_perror (int, long, const char*);
int ss_quit (int argc, char**);
+#define SS_ET_COMMAND_NOT_FOUND (-1)
+
#endif /* __ss_h__ */
diff --git a/crypto/heimdal/lib/vers/ChangeLog b/crypto/heimdal/lib/vers/ChangeLog
new file mode 100644
index 000000000000..459c94009ccd
--- /dev/null
+++ b/crypto/heimdal/lib/vers/ChangeLog
@@ -0,0 +1,13 @@
+2001-01-31 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: remove -static turning this into a convenience
+ library
+
+2000-11-15 Assar Westerlund <assar@sics.se>
+
+ * Makefile.am: make the library static and don't install it
+
+2000-07-08 Assar Westerlund <assar@sics.se>
+
+ * make-print-version.c (heimdal_version, krb4_version): const-ize,
+ based on thorpej@netbsd.org's change to NetBSD
diff --git a/crypto/heimdal/lib/vers/Makefile.am b/crypto/heimdal/lib/vers/Makefile.am
new file mode 100644
index 000000000000..87ef2467ad6e
--- /dev/null
+++ b/crypto/heimdal/lib/vers/Makefile.am
@@ -0,0 +1,28 @@
+# $Id: Makefile.am,v 1.3 2001/01/31 03:50:48 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+CLEANFILES = print_version.h
+
+noinst_LTLIBRARIES = libvers.la
+
+build_HEADERZ = vers.h
+
+noinst_PROGRAMS = make-print-version
+
+if KRB4
+if KRB5
+## need to link with des here; otherwise, if krb4 is shared the link
+## will fail with unresolved references
+make_print_version_LDADD += $(LIB_krb4) -ldes
+endif
+endif
+
+libvers_la_SOURCES = print_version.c
+
+print_version.lo: print_version.h
+
+print_version.h: make-print-version$(EXEEXT)
+ ./make-print-version$(EXEEXT) print_version.h
+
+make-print-version.o: $(top_builddir)/include/version.h
diff --git a/crypto/heimdal/lib/vers/Makefile.in b/crypto/heimdal/lib/vers/Makefile.in
new file mode 100644
index 000000000000..8b8da036d8fd
--- /dev/null
+++ b/crypto/heimdal/lib/vers/Makefile.in
@@ -0,0 +1,574 @@
+# Makefile.in generated automatically by automake 1.4a from Makefile.am
+
+# Copyright (C) 1994, 1995-9, 2000 Free Software Foundation, Inc.
+# This Makefile.in is free software; the Free Software Foundation
+# gives unlimited permission to copy and/or distribute it,
+# with or without modifications, as long as this notice is preserved.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+# even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.
+
+SHELL = @SHELL@
+
+srcdir = @srcdir@
+top_srcdir = @top_srcdir@
+VPATH = @srcdir@
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+bindir = @bindir@
+sbindir = @sbindir@
+libexecdir = @libexecdir@
+datadir = @datadir@
+sysconfdir = @sysconfdir@
+sharedstatedir = @sharedstatedir@
+localstatedir = @localstatedir@
+libdir = @libdir@
+infodir = @infodir@
+mandir = @mandir@
+includedir = @includedir@
+oldincludedir = /usr/include
+
+pkgdatadir = $(datadir)/@PACKAGE@
+pkglibdir = $(libdir)/@PACKAGE@
+pkgincludedir = $(includedir)/@PACKAGE@
+
+top_builddir = ../..
+
+ACLOCAL = @ACLOCAL@
+AUTOCONF = @AUTOCONF@
+AUTOMAKE = @AUTOMAKE@
+AUTOHEADER = @AUTOHEADER@
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+INSTALL_STRIP_FLAG =
+transform = @program_transform_name@
+
+NORMAL_INSTALL = :
+PRE_INSTALL = :
+POST_INSTALL = :
+NORMAL_UNINSTALL = :
+PRE_UNINSTALL = :
+POST_UNINSTALL = :
+
+@SET_MAKE@
+host_alias = @host_alias@
+host_triplet = @host@
+AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@
+AMDEP = @AMDEP@
+AMTAR = @AMTAR@
+AS = @AS@
+AWK = @AWK@
+CANONICAL_HOST = @CANONICAL_HOST@
+CATMAN = @CATMAN@
+CATMANEXT = @CATMANEXT@
+CC = @CC@
+CPP = @CPP@
+CXX = @CXX@
+CXXCPP = @CXXCPP@
+DBLIB = @DBLIB@
+DEPDIR = @DEPDIR@
+DIR_des = @DIR_des@
+DIR_roken = @DIR_roken@
+DLLTOOL = @DLLTOOL@
+EXEEXT = @EXEEXT@
+EXTRA_LIB45 = @EXTRA_LIB45@
+GROFF = @GROFF@
+INCLUDES_roken = @INCLUDES_roken@
+INCLUDE_ = @INCLUDE_@
+LEX = @LEX@
+LIBOBJS = @LIBOBJS@
+LIBTOOL = @LIBTOOL@
+LIB_ = @LIB_@
+LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@
+LIB_des = @LIB_des@
+LIB_des_appl = @LIB_des_appl@
+LIB_kdb = @LIB_kdb@
+LIB_otp = @LIB_otp@
+LIB_roken = @LIB_roken@
+LIB_security = @LIB_security@
+LN_S = @LN_S@
+LTLIBOBJS = @LTLIBOBJS@
+MAKEINFO = @MAKEINFO@
+NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@
+NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@
+NROFF = @NROFF@
+OBJDUMP = @OBJDUMP@
+OBJEXT = @OBJEXT@
+PACKAGE = @PACKAGE@
+RANLIB = @RANLIB@
+STRIP = @STRIP@
+VERSION = @VERSION@
+VOID_RETSIGTYPE = @VOID_RETSIGTYPE@
+WFLAGS = @WFLAGS@
+WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@
+WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@
+YACC = @YACC@
+dpagaix_CFLAGS = @dpagaix_CFLAGS@
+dpagaix_LDADD = @dpagaix_LDADD@
+install_sh = @install_sh@
+
+# $Id: Makefile.am,v 1.3 2001/01/31 03:50:48 assar Exp $
+
+
+# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $
+
+
+# $Id: Makefile.am.common,v 1.23 2000/12/05 09:11:09 joda Exp $
+
+
+AUTOMAKE_OPTIONS = foreign no-dependencies
+
+SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x
+
+INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken)
+
+AM_CFLAGS = $(WFLAGS)
+
+CP = cp
+
+COMPILE_ET = $(top_builddir)/lib/com_err/compile_et
+
+buildinclude = $(top_builddir)/include
+
+LIB_XauReadAuth = @LIB_XauReadAuth@
+LIB_crypt = @LIB_crypt@
+LIB_dbm_firstkey = @LIB_dbm_firstkey@
+LIB_dbopen = @LIB_dbopen@
+LIB_dlopen = @LIB_dlopen@
+LIB_dn_expand = @LIB_dn_expand@
+LIB_el_init = @LIB_el_init@
+LIB_getattr = @LIB_getattr@
+LIB_gethostbyname = @LIB_gethostbyname@
+LIB_getpwent_r = @LIB_getpwent_r@
+LIB_getpwnam_r = @LIB_getpwnam_r@
+LIB_getsockopt = @LIB_getsockopt@
+LIB_logout = @LIB_logout@
+LIB_logwtmp = @LIB_logwtmp@
+LIB_odm_initialize = @LIB_odm_initialize@
+LIB_pidfile = @LIB_pidfile@
+LIB_readline = @LIB_readline@
+LIB_res_search = @LIB_res_search@
+LIB_setpcred = @LIB_setpcred@
+LIB_setsockopt = @LIB_setsockopt@
+LIB_socket = @LIB_socket@
+LIB_syslog = @LIB_syslog@
+LIB_tgetent = @LIB_tgetent@
+
+LIBS = @LIBS@
+
+HESIODLIB = @HESIODLIB@
+HESIODINCLUDE = @HESIODINCLUDE@
+INCLUDE_hesiod = @INCLUDE_hesiod@
+LIB_hesiod = @LIB_hesiod@
+
+INCLUDE_krb4 = @INCLUDE_krb4@
+LIB_krb4 = @LIB_krb4@
+
+INCLUDE_openldap = @INCLUDE_openldap@
+LIB_openldap = @LIB_openldap@
+
+INCLUDE_readline = @INCLUDE_readline@
+
+LEXLIB = @LEXLIB@
+
+NROFF_MAN = groff -mandoc -Tascii
+
+@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS)
+
+@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \
+@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la
+@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la
+
+CHECK_LOCAL = $(PROGRAMS)
+
+CLEANFILES = print_version.h
+
+noinst_LTLIBRARIES = libvers.la
+
+build_HEADERZ = vers.h
+
+noinst_PROGRAMS = make-print-version
+
+@KRB4_TRUE@@KRB5_TRUE@make_print_version_LDADD = @KRB4_TRUE@@KRB5_TRUE@ $(LIB_krb4) -ldes
+
+libvers_la_SOURCES = print_version.c
+subdir = lib/vers
+mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs
+CONFIG_HEADER = ../../include/config.h
+CONFIG_CLEAN_FILES =
+LTLIBRARIES = $(noinst_LTLIBRARIES)
+
+
+DEFS = @DEFS@ -I. -I$(srcdir) -I../../include
+CPPFLAGS = @CPPFLAGS@
+LDFLAGS = @LDFLAGS@
+X_CFLAGS = @X_CFLAGS@
+X_LIBS = @X_LIBS@
+X_EXTRA_LIBS = @X_EXTRA_LIBS@
+X_PRE_LIBS = @X_PRE_LIBS@
+libvers_la_LDFLAGS =
+libvers_la_LIBADD =
+am_libvers_la_OBJECTS = print_version.lo
+libvers_la_OBJECTS = $(am_libvers_la_OBJECTS)
+noinst_PROGRAMS = make-print-version$(EXEEXT)
+PROGRAMS = $(noinst_PROGRAMS)
+
+make_print_version_SOURCES = make-print-version.c
+make_print_version_OBJECTS = make-print-version.$(OBJEXT)
+@KRB4_TRUE@@KRB5_TRUE@make_print_version_DEPENDENCIES =
+make_print_version_LDFLAGS =
+COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
+CFLAGS = @CFLAGS@
+CCLD = $(CC)
+LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@
+DIST_SOURCES = $(libvers_la_SOURCES) make-print-version.c
+depcomp =
+DIST_COMMON = ChangeLog Makefile.am Makefile.in
+
+
+DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST)
+
+GZIP_ENV = --best
+SOURCES = $(libvers_la_SOURCES) make-print-version.c
+OBJECTS = $(am_libvers_la_OBJECTS) make-print-version.$(OBJEXT)
+
+all: all-redirect
+.SUFFIXES:
+.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .lo .o .obj .x
+$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common
+ cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/vers/Makefile
+
+Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
+ cd $(top_builddir) \
+ && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status
+
+
+mostlyclean-noinstLTLIBRARIES:
+
+clean-noinstLTLIBRARIES:
+ -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES)
+
+distclean-noinstLTLIBRARIES:
+
+maintainer-clean-noinstLTLIBRARIES:
+
+mostlyclean-compile:
+ -rm -f *.o core *.core
+ -rm -f *.$(OBJEXT)
+
+clean-compile:
+
+distclean-compile:
+ -rm -f *.tab.c
+
+maintainer-clean-compile:
+
+mostlyclean-libtool:
+ -rm -f *.lo
+
+clean-libtool:
+ -rm -rf .libs _libs
+
+distclean-libtool:
+
+maintainer-clean-libtool:
+
+libvers.la: $(libvers_la_OBJECTS) $(libvers_la_DEPENDENCIES)
+ $(LINK) $(libvers_la_LDFLAGS) $(libvers_la_OBJECTS) $(libvers_la_LIBADD) $(LIBS)
+
+mostlyclean-noinstPROGRAMS:
+
+clean-noinstPROGRAMS:
+ -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS)
+
+distclean-noinstPROGRAMS:
+
+maintainer-clean-noinstPROGRAMS:
+
+make-print-version$(EXEEXT): $(make_print_version_OBJECTS) $(make_print_version_DEPENDENCIES)
+ @rm -f make-print-version$(EXEEXT)
+ $(LINK) $(make_print_version_LDFLAGS) $(make_print_version_OBJECTS) $(make_print_version_LDADD) $(LIBS)
+.c.o:
+ $(COMPILE) -c $<
+.c.obj:
+ $(COMPILE) -c `cygpath -w $<`
+.c.lo:
+ $(LTCOMPILE) -c -o $@ $<
+
+tags: TAGS
+
+ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES)
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ mkid -fID $$unique $(LISP)
+
+TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \
+ $(TAGS_FILES) $(LISP)
+ tags=; \
+ here=`pwd`; \
+ list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \
+ unique=`for i in $$list; do \
+ if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \
+ done | \
+ $(AWK) ' { files[$$0] = 1; } \
+ END { for (i in files) print i; }'`; \
+ test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \
+ || etags $(ETAGS_ARGS) $$tags $$unique $(LISP)
+
+mostlyclean-tags:
+
+clean-tags:
+
+distclean-tags:
+ -rm -f TAGS ID
+
+maintainer-clean-tags:
+
+distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir)
+
+distdir: $(DISTFILES)
+ @for file in $(DISTFILES); do \
+ d=$(srcdir); \
+ if test -d $$d/$$file; then \
+ cp -pR $$d/$$file $(distdir) \
+ || exit 1; \
+ else \
+ test -f $(distdir)/$$file \
+ || cp -p $$d/$$file $(distdir)/$$file \
+ || exit 1; \
+ fi; \
+ done
+ $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook
+info-am:
+info: info-am
+dvi-am:
+dvi: dvi-am
+check-am: all-am
+ $(MAKE) $(AM_MAKEFLAGS) check-local
+check: check-am
+installcheck-am:
+installcheck: installcheck-am
+install-exec-am:
+ @$(NORMAL_INSTALL)
+ $(MAKE) $(AM_MAKEFLAGS) install-exec-hook
+install-exec: install-exec-am
+
+install-data-am: install-data-local
+install-data: install-data-am
+
+install-am: all-am
+ @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am
+install: install-am
+uninstall-am:
+uninstall: uninstall-am
+all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) all-local
+all-redirect: all-am
+install-strip:
+ $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install
+installdirs:
+
+
+mostlyclean-generic:
+
+clean-generic:
+ -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES)
+
+distclean-generic:
+ -rm -f Makefile $(CONFIG_CLEAN_FILES)
+ -rm -f config.cache config.log stamp-h stamp-h[0-9]*
+
+maintainer-clean-generic:
+ -rm -f Makefile.in
+mostlyclean-am: mostlyclean-noinstLTLIBRARIES mostlyclean-compile \
+ mostlyclean-libtool mostlyclean-noinstPROGRAMS \
+ mostlyclean-tags mostlyclean-generic
+
+mostlyclean: mostlyclean-am
+
+clean-am: clean-noinstLTLIBRARIES clean-compile clean-libtool \
+ clean-noinstPROGRAMS clean-tags clean-generic \
+ mostlyclean-am
+
+clean: clean-am
+
+distclean-am: distclean-noinstLTLIBRARIES distclean-compile \
+ distclean-libtool distclean-noinstPROGRAMS \
+ distclean-tags distclean-generic clean-am
+ -rm -f libtool
+
+distclean: distclean-am
+
+maintainer-clean-am: maintainer-clean-noinstLTLIBRARIES \
+ maintainer-clean-compile maintainer-clean-libtool \
+ maintainer-clean-noinstPROGRAMS maintainer-clean-tags \
+ maintainer-clean-generic distclean-am
+ @echo "This command is intended for maintainers to use;"
+ @echo "it deletes files that may require special tools to rebuild."
+
+maintainer-clean: maintainer-clean-am
+
+.PHONY: mostlyclean-noinstLTLIBRARIES distclean-noinstLTLIBRARIES \
+clean-noinstLTLIBRARIES maintainer-clean-noinstLTLIBRARIES \
+mostlyclean-compile distclean-compile clean-compile \
+maintainer-clean-compile mostlyclean-libtool distclean-libtool \
+clean-libtool maintainer-clean-libtool mostlyclean-noinstPROGRAMS \
+distclean-noinstPROGRAMS clean-noinstPROGRAMS \
+maintainer-clean-noinstPROGRAMS tags mostlyclean-tags distclean-tags \
+clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \
+check-local check check-am installcheck-am installcheck install-exec-am \
+install-exec install-data-local install-data-am install-data install-am \
+install uninstall-am uninstall all-local all-redirect all-am all \
+install-strip installdirs mostlyclean-generic distclean-generic \
+clean-generic maintainer-clean-generic clean mostlyclean distclean \
+maintainer-clean
+
+
+install-suid-programs:
+ @foo='$(bin_SUIDS)'; \
+ for file in $$foo; do \
+ x=$(DESTDIR)$(bindir)/$$file; \
+ if chown 0:0 $$x && chmod u+s $$x; then :; else \
+ echo "*"; \
+ echo "* Failed to install $$x setuid root"; \
+ echo "*"; \
+ fi; done
+
+install-exec-hook: install-suid-programs
+
+install-build-headers:: $(include_HEADERS) $(build_HEADERZ)
+ @foo='$(include_HEADERS) $(build_HEADERZ)'; \
+ for f in $$foo; do \
+ f=`basename $$f`; \
+ if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \
+ else file="$$f"; fi; \
+ if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \
+ : ; else \
+ echo " $(CP) $$file $(buildinclude)/$$f"; \
+ $(CP) $$file $(buildinclude)/$$f; \
+ fi ; \
+ done
+
+all-local: install-build-headers
+#NROFF_MAN = nroff -man
+.1.cat1:
+ $(NROFF_MAN) $< > $@
+.3.cat3:
+ $(NROFF_MAN) $< > $@
+.5.cat5:
+ $(NROFF_MAN) $< > $@
+.8.cat8:
+ $(NROFF_MAN) $< > $@
+
+dist-cat1-mans:
+ @foo='$(man1_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.1) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat3-mans:
+ @foo='$(man3_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.3) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat5-mans:
+ @foo='$(man5_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.5) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-cat8-mans:
+ @foo='$(man8_MANS)'; \
+ bar='$(man_MANS)'; \
+ for i in $$bar; do \
+ case $$i in \
+ *.8) foo="$$foo $$i";; \
+ esac; done ;\
+ for i in $$foo; do \
+ x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \
+ echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \
+ $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \
+ done
+
+dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans
+
+install-cat-mans:
+ $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS)
+
+install-data-local: install-cat-mans
+
+.et.h:
+ $(COMPILE_ET) $<
+.et.c:
+ $(COMPILE_ET) $<
+
+.x.c:
+ @cmp -s $< $@ 2> /dev/null || cp $< $@
+
+check-local::
+ @foo='$(CHECK_LOCAL)'; \
+ if test "$$foo"; then \
+ failed=0; all=0; \
+ for i in $$foo; do \
+ all=`expr $$all + 1`; \
+ if ./$$i --version > /dev/null 2>&1; then \
+ echo "PASS: $$i"; \
+ else \
+ echo "FAIL: $$i"; \
+ failed=`expr $$failed + 1`; \
+ fi; \
+ done; \
+ if test "$$failed" -eq 0; then \
+ banner="All $$all tests passed"; \
+ else \
+ banner="$$failed of $$all tests failed"; \
+ fi; \
+ dashes=`echo "$$banner" | sed s/./=/g`; \
+ echo "$$dashes"; \
+ echo "$$banner"; \
+ echo "$$dashes"; \
+ test "$$failed" -eq 0; \
+ fi
+
+print_version.lo: print_version.h
+
+print_version.h: make-print-version$(EXEEXT)
+ ./make-print-version$(EXEEXT) print_version.h
+
+make-print-version.o: $(top_builddir)/include/version.h
+
+# Tell versions [3.59,3.63) of GNU make to not export all variables.
+# Otherwise a system limit (for SysV at least) may be exceeded.
+.NOEXPORT:
diff --git a/crypto/heimdal/lib/vers/make-print-version.c b/crypto/heimdal/lib/vers/make-print-version.c
new file mode 100644
index 000000000000..6102e75abde5
--- /dev/null
+++ b/crypto/heimdal/lib/vers/make-print-version.c
@@ -0,0 +1,68 @@
+/*
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: make-print-version.c,v 1.2 2000/07/08 10:46:36 assar Exp $");
+#endif
+
+#include <stdio.h>
+
+#ifdef KRB5
+extern const char *heimdal_version;
+#endif
+#ifdef KRB4
+extern const char *krb4_version;
+#endif
+#include <version.h>
+
+int
+main(int argc, char **argv)
+{
+ FILE *f;
+ if(argc != 2)
+ return 1;
+ f = fopen(argv[1], "w");
+ if(f == NULL)
+ return 1;
+ fprintf(f, "#define VERSIONLIST { ");
+#ifdef KRB5
+ fprintf(f, "\"%s\", ", heimdal_version);
+#endif
+#ifdef KRB4
+ fprintf(f, "\"%s\", ", krb4_version);
+#endif
+ fprintf(f, "}\n");
+ fclose(f);
+ return 0;
+}
diff --git a/crypto/heimdal/lib/vers/print_version.c b/crypto/heimdal/lib/vers/print_version.c
new file mode 100644
index 000000000000..cb324d0917f9
--- /dev/null
+++ b/crypto/heimdal/lib/vers/print_version.c
@@ -0,0 +1,78 @@
+/*
+ * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+RCSID("$Id: print_version.c,v 1.1 2000/07/01 19:47:35 assar Exp $");
+#endif
+#include "roken.h"
+
+#include "print_version.h"
+
+void
+print_version(const char *progname)
+{
+ const char *arg[] = VERSIONLIST;
+ const int num_args = sizeof(arg) / sizeof(arg[0]);
+ char *msg;
+ size_t len = 0;
+ int i;
+
+ if(progname == NULL)
+ progname = __progname;
+
+ if(num_args == 0)
+ msg = "no version information";
+ else {
+ for(i = 0; i < num_args; i++) {
+ if(i > 0)
+ len += 2;
+ len += strlen(arg[i]);
+ }
+ msg = malloc(len + 1);
+ if(msg == NULL) {
+ fprintf(stderr, "%s: out of memory\n", progname);
+ return;
+ }
+ msg[0] = '\0';
+ for(i = 0; i < num_args; i++) {
+ if(i > 0)
+ strcat(msg, ", ");
+ strcat(msg, arg[i]);
+ }
+ }
+ fprintf(stderr, "%s (%s)\n", progname, msg);
+ fprintf(stderr, "Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan\n");
+ if(num_args != 0)
+ free(msg);
+}
diff --git a/crypto/heimdal/lib/vers/vers.h b/crypto/heimdal/lib/vers/vers.h
new file mode 100644
index 000000000000..cc70355f42fa
--- /dev/null
+++ b/crypto/heimdal/lib/vers/vers.h
@@ -0,0 +1,41 @@
+/*
+ * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: vers.h,v 1.1 2000/07/01 19:47:36 assar Exp $ */
+
+#ifndef __VERS_H__
+#define __VERS_H__
+
+void print_version(const char *);
+
+#endif /* __VERS_H__ */