kcmd.c (kcmd()): Don't pass any data to sendauth() to be
authorChris Provenzano <proven@mit.edu>
Mon, 27 Mar 1995 14:03:41 +0000 (14:03 +0000)
committerChris Provenzano <proven@mit.edu>
Mon, 27 Mar 1995 14:03:41 +0000 (14:03 +0000)
cchecksummed. The remote side doesn't check it anyway.

krcp.c (send_auth()): Use new calling convention for krb5_rd_req().

krshd.c (recvauth()): Use new calling convention for krb5_compat_recvauth().

krlogind.c (recvauth()): Use new calling convention for krb5_compat_recvauth().

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@5250 dc483132-0cff-0310-8789-dd5450dbe970

src/appl/bsd/ChangeLog
src/appl/bsd/kcmd.c
src/appl/bsd/krcp.c
src/appl/bsd/krlogind.c
src/appl/bsd/krshd.c

index 66c703db27f1b714433e923674f485e3cfb2cb3e..c416395f3db569a25d20dd3abb0d0bfc7ecc9449 100644 (file)
@@ -1,3 +1,13 @@
+Mon Mar 27 07:56:26 1995 Chris Provenzano (proven@mit.edu)
+
+        * krcp.c (send_auth()): Use new calling convention for krb5_rd_req().
+
+        * krshd.c (recvauth()): Use new calling convention for 
+               krb5_compat_recvauth().
+
+        * krlogind.c (recvauth()): Use new calling convention for 
+               krb5_compat_recvauth().
+
 Thu Mar 23 23:23:25 1995  Theodore Y. Ts'o  <tytso@dcl>
 
        * Makefile.in (krshd): Move $(K4LIB) after $(KLIB) so that if
@@ -27,6 +37,11 @@ Tue Mar 14 16:08:08 1995    <tytso@rsx-11.mit.edu>
        * krlogind.c (main, doit): Minor type fixes to gethostbyname(),
                accept().
 
+Tue Mar 14 12:30:23 1995  Chris Provenzano (proven@mit.edu)
+
+       * kcmd.c (kcmd()): Don't pass any data to sendauth() to be 
+               checksummed. The remote side doesn't check it anyway.
+
 Fri Mar 10 18:32:22 1995  Theodore Y. Ts'o  <tytso@dcl>
 
        * kcmd.c (kcmd): Initialize ret_cred to zero so that in case of an
index 5bda9ff35a6579f43c98b7b4e1cd1a432124256e..ef33d39b59d4fd55c6a1a6fe5fbdd701b418d554 100644 (file)
@@ -97,8 +97,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
     krb5_error_code status;
     krb5_error *err_ret;
     krb5_ap_rep_enc_part *rep_ret;
-    krb5_data in_data;
-    char *tmpstr = 0;
     krb5_error *error = 0;
     int sin_len;
     krb5_ccache cc;
@@ -129,11 +127,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
     sin_len = strlen(host_save) + strlen(service)
       + (realm ? strlen(realm): 0) + 3;
     if ( sin_len < 20 ) sin_len = 20;
-    tmpstr = (char *) malloc(sin_len);
-    if ( tmpstr == (char *) 0){
-       fprintf(stderr,"kcmd: no memory\n");
-       return(-1);
-    }
     
     if (!(get_cred = (krb5_creds *)calloc(1, sizeof(krb5_creds)))) {
         fprintf(stderr,"kcmd: no memory\n");
@@ -178,7 +171,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
 #else
            sigsetmask(oldmask);
 #endif /* POSIX_SIGNALS */
-           if (tmpstr) krb5_xfree(tmpstr);
            krb5_free_creds(bsd_context, get_cred);
            return (-1);
        }
@@ -225,7 +217,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
 #else
        sigsetmask(oldmask);
 #endif /* POSIX_SIGNALS */
-       if (tmpstr) krb5_xfree(tmpstr);
        krb5_free_creds(bsd_context, get_cred);
        return (-1);
     }
@@ -280,9 +271,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
         goto bad2;
     }
     
-    in_data.data = tmpstr;
-    in_data.length = strlen(tmpstr);
-    
     status = krb5_cc_default(bsd_context, &cc);
     if (status) goto bad2;
 
@@ -304,12 +292,7 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
        authentication. */
     status = krb5_sendauth(bsd_context, &auth_context, (krb5_pointer) &s,
                            "KCMDV0.1", ret_cred->client, ret_cred->server,
-                          authopts,
-                           &in_data,
-                           ret_cred,
-                           0,          /* We have the credentials */
-                           &error,             /* No error return */
-                           &rep_ret, NULL);
+                          authopts, NULL, ret_cred, 0, &error, &rep_ret, NULL);
     if (status) {
        printf("Couldn't authenticate to server: %s\n", error_message(status));
        if (error) {
@@ -380,7 +363,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
     sigsetmask(oldmask);
 #endif /* POSIX_SIGNALS */
     *sock = s;
-    if (tmpstr) krb5_xfree(tmpstr);
     
     /* pass back credentials if wanted */
     if (cred) krb5_copy_creds(bsd_context, ret_cred, cred);
@@ -397,7 +379,6 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
 #else
     sigsetmask(oldmask);
 #endif /* POSIX_SIGNALS */
-    if (tmpstr) krb5_xfree(tmpstr);
     if (ret_cred)
       krb5_free_creds(bsd_context, ret_cred);
     return (status);
index 7aaf4bd05f6ab56b661492d5374e4d340a6d5a6e..f8152f8ede13a6337f6bf9e85f8d72190f10067f 100644 (file)
@@ -1139,21 +1139,6 @@ char **save_argv(argc, argv)
 #define SIZEOF_INADDR sizeof(struct in_addr)
 #endif
 
-krb5_error_code tgt_keyproc(context, keyprocarg, principal, vno, keytype, key)
-     krb5_context context;
-     krb5_pointer keyprocarg;
-     krb5_principal principal;
-     krb5_kvno vno;
-     krb5_keytype keytype;
-     krb5_keyblock ** key;
-{
-    krb5_creds *creds = (krb5_creds *)keyprocarg;
-    
-    return krb5_copy_keyblock(context, &creds->keyblock, key);
-}
-
-
-
 void send_auth()
 {
     int sin_len;
@@ -1161,9 +1146,10 @@ void send_auth()
     krb5_ccache cc;
     krb5_creds in_creds, *out_creds;
     krb5_data reply, princ_data;
-    krb5_tkt_authent *authdat;
     krb5_error_code status;
     krb5_address faddr;
+    krb5_ticket * ticket = NULL;
+    krb5_auth_context * auth_context = NULL;
     
     
     if (status = krb5_cc_default(bsd_context, &cc)){
@@ -1246,17 +1232,21 @@ void send_auth()
     faddr.addrtype = foreign.sin_family;
     faddr.length = SIZEOF_INADDR;
     faddr.contents = (krb5_octet *) &foreign.sin_addr;
+
+    if (krb5_auth_con_init(bsd_context, &auth_context))
+       exit(1);
+
+    krb5_auth_con_setaddrs(bsd_context, auth_context, NULL, &faddr);
+    
+    if (krb5_auth_con_setuseruserkey(bsd_context, auth_context,
+                                    &out_creds->keyblock))
+       exit(1);
     
     /* read the ap_req to get the session key */
-    status = krb5_rd_req(bsd_context, &reply,
+    status = krb5_rd_req(bsd_context, &auth_context, &reply,
                         0,               /* don't know server's name... */
-                        &faddr,
-                        0,               /* no fetchfrom */
-                        tgt_keyproc,
-                        (krb5_pointer)out_creds, /* credentials as arg to
-                                                 keyproc */
-                        0,               /* no rcache for the moment XXX */
-                        &authdat);
+                        NULL,            /* default keytab */
+                        NULL, & ticket);
     krb5_xfree(reply.data);
     if (status) {
        fprintf(stderr, "rcp: send_auth failed krb5_rd_req: %s\n",
@@ -1264,9 +1254,8 @@ void send_auth()
        exit(1);
     }
     
-    krb5_copy_keyblock(bsd_context, authdat->ticket->enc_part2->session,
+    krb5_copy_keyblock(bsd_context, ticket->enc_part2->session,
                       &session_key);
-    krb5_free_tkt_authent(bsd_context, authdat);
     krb5_free_creds(bsd_context, out_creds);
     
     krb5_use_keytype(bsd_context, &eblock, session_key->keytype);
index 1f9dac7be81e34a3bd9f62df8f7513f1726b5a83..d64e2addda0df5ea9697e6760e8c8ba560158b62 100644 (file)
@@ -1484,6 +1484,7 @@ int default_realm(principal)
 krb5_error_code
 recvauth()
 {
+    krb5_auth_context * auth_context = NULL;
     krb5_error_code status;
     struct sockaddr_in peersin, laddr;
     char krb_vers[KRB_SENDAUTH_VLEN + 1];
@@ -1524,34 +1525,29 @@ recvauth()
 
     strcpy(v4_instance, "*");
 
-    status = krb5_compat_recvauth(bsd_context, &netf,
+    if (status = krb5_auth_con_init(bsd_context, &auth_context))
+        return status;
+    krb5_auth_con_setaddrs(bsd_context, auth_context, NULL, &peeraddr);
+
+    if (status = krb5_compat_recvauth(bsd_context, &auth_context, &netf,
                                  "KCMDV0.1",
-                                 server, /* Specify daemon principal */
-                                 &peeraddr, /* We do want to match */
-                                            /* this against caddrs in */
-                                            /* the ticket */
-                                 0, /* use v5srvtab */
-                                 0, /* no keyproc */
-                                 0, /* no keyprocarg */
-                                 0, /* default rc_type */
-                                 0, /* no flags */
+                                 server,       /* Specify daemon principal */
+                                 0,            /* default rc_type */
+                                 0,            /* no flags */
+                                 NULL,         /* default keytab */
 
                                  do_encrypt ? KOPT_DO_MUTUAL : 0, /*v4_opts*/
-                                 "rcmd", /* v4_service */
-                                 v4_instance, /* v4_instance */
-                                 &peersin, /* foriegn address */
-                                 &laddr, /* our local address */
-                                 "", /* use default srvtab */
-
-                                 &auth_sys, /* which authentication system */
-                                 0, /* no seq number */
-                                 &client, /* return client */
-                                 &ticket, /* return ticket */
-                                 &kdata, /* return authenticator */
-                                 
-                                 &v4_kdata, v4_schedule, v4_version);
-
-    if (status) {
+                                 "rcmd",       /* v4_service */
+                                 v4_instance,  /* v4_instance */
+                                 &peersin,     /* foriegn address */
+                                 &laddr,       /* our local address */
+                                 "",           /* use default srvtab */
+
+                                 &ticket,      /* return ticket */
+                                 &auth_sys,    /* which authentication system*/
+                                 &v4_kdata, v4_schedule, v4_version)) {
+
        if (auth_sys == KRB5_RECVAUTH_V5) {
            /*
             * clean up before exiting
@@ -1566,6 +1562,10 @@ recvauth()
     getstr(netf, lusername, sizeof (lusername), "locuser");
     getstr(netf, term, sizeof(term), "Terminal type");
 
+    if (status = krb5_copy_principal(bsd_context, ticket->enc_part2->client, 
+                                    &client))
+       return status;
+
 #ifdef KRB5_KRB4_COMPAT
     if (auth_sys == KRB5_RECVAUTH_V4) {
 
index 538d9bc0a381e45e2740329b4c89064c4722d8a5..0a2ffc28f86bc4c2da30c1354b2d6cd2b7cfc5ac 100644 (file)
@@ -1513,6 +1513,7 @@ recvauth(netf, peersin, peeraddr)
      struct sockaddr_in peersin;
      krb5_address peeraddr;
 {
+    krb5_auth_context *auth_context = NULL;
     krb5_error_code status;
     struct sockaddr_in laddr;
     char krb_vers[KRB_SENDAUTH_VLEN + 1];
@@ -1543,18 +1544,17 @@ recvauth(netf, peersin, peeraddr)
 
     strcpy(v4_instance, "*");
 
-    status = krb5_compat_recvauth(bsd_context, &netf,
+    if (status = krb5_auth_con_init(bsd_context, &auth_context))
+       return status;
+
+    krb5_auth_con_setaddrs(bsd_context, auth_context, NULL, &peeraddr);
+
+    status = krb5_compat_recvauth(bsd_context, &auth_context, &netf,
                                  "KCMDV0.1",
                                  server, /* Specify daemon principal */
-                                 &peeraddr, /* We do want to match */
-                                            /* this against caddrs in */
-                                            /* the ticket */
-                                 0, /* use v5srvtab */
-                                 0, /* no keyproc */
-                                 0, /* no keyprocarg */
-                                 0, /* default rc_type */
-                                 0, /* no flags */
-
+                                 0,            /* default rc_type */
+                                 0,            /* no flags */
+                                 NULL,         /* default keytab */
                                  0,            /* v4_opts */
                                  "rcmd",       /* v4_service */
                                  v4_instance,  /* v4_instance */
@@ -1562,12 +1562,8 @@ recvauth(netf, peersin, peeraddr)
                                  &laddr,       /* our local address */
                                  "",           /* use default srvtab */
 
-                                 &auth_sys, /* which authentication system */
-                                 0,            /* no seq number */
-                                 &client,      /* return client */
                                  &ticket,      /* return ticket */
-                                 &kdata,       /* return authenticator */
-                                 
+                                 &auth_sys,    /* which authentication system*/
                                  &v4_kdata, 0, v4_version);
 
     if (status) {
@@ -1606,7 +1602,8 @@ recvauth(netf, peersin, peeraddr)
        
     getstr(netf, remuser, sizeof(locuser), "remuser");
 
-    if (status = krb5_unparse_name(bsd_context, client, &kremuser))
+    if (status = krb5_unparse_name(bsd_context, ticket->enc_part2->client, 
+                                  &kremuser))
        return status;
     
     /* Setup eblock for encrypted sessions. */