+2002-07-12 Ken Raeburn <raeburn@mit.edu>
+
+ * Makefile.in (SRCS, OBJS, STLIBOBJS): Don't build util_dup.c.
+ * util_set.c (g_set_destroy): Don't compile this unused function.
+
2002-07-12 Alexandra Ellwood <lxs@mit.edu>
* gssapi_generic.h: allow inclusion by C++
$(srcdir)/rel_buffer.c \
$(srcdir)/rel_oid_set.c \
$(srcdir)/util_buffer.c \
- $(srcdir)/util_dup.c \
$(srcdir)/util_oid.c \
$(srcdir)/util_ordering.c \
$(srcdir)/util_set.c \
$(OUTPRE)rel_buffer.$(OBJEXT) \
$(OUTPRE)rel_oid_set.$(OBJEXT) \
$(OUTPRE)util_buffer.$(OBJEXT) \
- $(OUTPRE)util_dup.$(OBJEXT) \
$(OUTPRE)util_oid.$(OBJEXT) \
$(OUTPRE)util_ordering.$(OBJEXT) \
$(OUTPRE)util_set.$(OBJEXT) \
rel_buffer.o \
rel_oid_set.o \
util_buffer.o \
- util_dup.o \
util_oid.o \
util_ordering.o \
util_set.o \
+++ /dev/null
-/*
- * Copyright 1993 by OpenVision Technologies, Inc.
- *
- * Permission to use, copy, modify, distribute, and sell this software
- * and its documentation for any purpose is hereby granted without fee,
- * provided that the above copyright notice appears in all copies and
- * that both that copyright notice and this permission notice appear in
- * supporting documentation, and that the name of OpenVision not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. OpenVision makes no
- * representations about the suitability of this software for any
- * purpose. It is provided "as is" without express or implied warranty.
- *
- * OPENVISION DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
- * EVENT SHALL OPENVISION BE LIABLE FOR ANY SPECIAL, INDIRECT OR
- * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
- * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
- * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- * PERFORMANCE OF THIS SOFTWARE.
- */
-
-/*
- * $Id$
- */
-
-#include "gssapiP_generic.h"
-#include <string.h>
-
-char * g_strdup(str)
- char *str;
-{
- char *ret;
-
- if ((ret = (char *) xmalloc(strlen(str)+1)) == NULL)
- return(NULL);
-
- strcpy(ret, str);
-
- return(ret);
-}
return(0);
}
+#if 0
int g_set_destroy(g_set *s)
{
g_set next;
return(0);
}
+#endif
int g_set_entry_add(g_set *s, void *key, void *value)
{
a filter on the default enctypes and use the resulting list.
(make_ap_req_v2): Delete unused function.
+ * k5mech.c, pname_to_uid.c, util_ctxsetup.c: Deleted.
+ * Makefile.in (SRCS, OBJS, STLIBOBJS): Don't compile
+ util_ctxsetup.c.
+ * rel_oid.c (krb5_gss_internal_release_oid): Now static.
+ * util_crypt.c (kg_encrypt_size): Function deleted.
+ * gssapiP_krb5.h (struct kg2_option, kg2_parse_token,
+ kg2_intersect_ctypes, krb5_gss_internal_release_oid,
+ kg_encrypt_size): Declarations deleted.
+
2002-07-01 Ken Raeburn <raeburn@mit.edu>
* gssapi_krb5.c (gss_mech_krb5_v2, gss_mech_set_krb5_v2,
$(srcdir)/unseal.c \
$(srcdir)/util_cksum.c \
$(srcdir)/util_crypt.c \
- $(srcdir)/util_ctxsetup.c \
$(srcdir)/util_seed.c \
$(srcdir)/util_seqnum.c \
$(srcdir)/val_cred.c \
$(OUTPRE)unseal.$(OBJEXT) \
$(OUTPRE)util_cksum.$(OBJEXT) \
$(OUTPRE)util_crypt.$(OBJEXT) \
- $(OUTPRE)util_ctxsetup.$(OBJEXT) \
$(OUTPRE)util_seed.$(OBJEXT) \
$(OUTPRE)util_seqnum.$(OBJEXT) \
$(OUTPRE)val_cred.$(OBJEXT) \
unseal.o \
util_cksum.o \
util_crypt.o \
- util_ctxsetup.o \
util_seed.o \
util_seqnum.o \
val_cred.o \
$(BUILDTOP)/include/profile.h gssapiP_krb5.h $(srcdir)/../generic/gssapiP_generic.h \
$(srcdir)/../generic/gssapi_generic.h $(BUILDTOP)/include/gssapi/gssapi.h \
../generic/gssapi_err_generic.h gssapi_krb5.h gssapi_err_krb5.h
-util_ctxsetup.so util_ctxsetup.po $(OUTPRE)util_ctxsetup.$(OBJEXT): util_ctxsetup.c gssapiP_krb5.h \
- $(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \
- $(srcdir)/../generic/gssapi_generic.h $(BUILDTOP)/include/gssapi/gssapi.h \
- ../generic/gssapi_err_generic.h gssapi_krb5.h gssapi_err_krb5.h
util_seed.so util_seed.po $(OUTPRE)util_seed.$(OBJEXT): util_seed.c gssapiP_krb5.h \
$(BUILDTOP)/include/krb5.h $(COM_ERR_DEPS) $(srcdir)/../generic/gssapiP_generic.h \
$(srcdir)/../generic/gssapi_generic.h $(BUILDTOP)/include/gssapi/gssapi.h \
extern void *kg_vdb;
-struct kg2_option {
- int option_id; /* set by caller */
- int length; /* filled in by parser */
- unsigned char *data; /* filled in by parser. points inside
- passed-in token, so nothing needs to
- be freed */
-};
-
/* helper macros */
#define kg_save_name(name) g_save_name(&kg_vdb,name)
krb5_error_code kg_make_confounder (krb5_context context,
krb5_keyblock *key, unsigned char *buf);
-int kg_encrypt_size (krb5_context context,
- krb5_keyblock *key, int n);
-
krb5_error_code kg_encrypt (krb5_context context,
krb5_keyblock *key, int usage,
krb5_pointer iv,
OM_uint32 kg_get_context (OM_uint32 *minor_status,
krb5_context *context);
-OM_uint32
-kg2_parse_token (OM_uint32 *minor_status,
- unsigned char *ptr,
- int length,
- krb5_ui_4 *flags,
- int *nctypes, /* OUT */
- krb5_cksumtype **ctypes, /* OUT */
- int noptions,
- struct kg2_option *options, /* INOUT */
- krb5_data *kmsg,
- krb5_data *mic);
-
-void kg2_intersect_ctypes (int *nc1,
- krb5_cksumtype *c1,
- int nc2,
- const krb5_cksumtype *c2);
-
/** declarations of internal name mechanism functions **/
OM_uint32 krb5_gss_acquire_cred
gss_OID * /* oid */
);
-OM_uint32 krb5_gss_internal_release_oid
-(OM_uint32 *, /* minor_status */
- gss_OID * /* oid */
- );
-
OM_uint32 krb5_gss_inquire_names_for_mech
(OM_uint32 *, /* minor_status */
gss_OID, /* mechanism */
+++ /dev/null
-/*
- * Copyright (c) 1995, by Sun Microsystems, Inc.
- * All rights reserved.
- */
-
-/* XXX: I know where to find this header, but it really is using a
- * private interface. I dont want to export the gss_mechanism
- * structure, so I hide it in a non-published header. Thats ok,
- * we know where to find it.
- */
-#if defined(__MWERKS__) || defined(applec) || defined(THINK_C)
-#include "mglueP.h"
-#else
-#include "../mechglue/mglueP.h"
-#endif
-
-#include "gssapiP_krb5.h"
-/*
- * These are the extern declarations, one group per mechanism. They are
- * contained in the files named <mech>_gssd_extern_srvr.conf.
- */
-
-/* ident "@(#)krb5_gssd_extern_srvr.conf 1.10 95/08/01 SMI" */
-
-OM_uint32 krb5_gss_internal_release_oid
- (void *, /* context */
- OM_uint32 *, /* minor_status */
- gss_OID * /* OID */
- );
-
-extern OM_uint32 krb5_gss_get_context
- (void**
- );
-
-extern int krb5_pname_to_uid
- (void *, /* context */
- char *, /* principal name */
- gss_OID, /* name_type */
- gss_OID, /* mech_type */
- uid_t * /* uid (OUT) */
- );
-
-/*
- * This is the declaration of the mechs_array table for Kerberos V5.
- * If the gss_mechanism structure changes, so should this array! I
- * told you it was a private interface!
- */
-
-/* ident "@(#)krb5_gssd_init_srvr.conf 1.16 95/08/07 SMI" */
-
-static struct gss_config krb5_mechanism =
- {{5,"\053\005\001\005\002"},
- 0, /* context, to be filled */
- krb5_gss_acquire_cred,
- krb5_gss_release_cred,
- krb5_gss_init_sec_context,
- krb5_gss_accept_sec_context,
- krb5_gss_process_context_token,
- krb5_gss_delete_sec_context,
- krb5_gss_context_time,
- krb5_gss_sign,
- krb5_gss_verify,
- krb5_gss_seal,
- krb5_gss_unseal,
- krb5_gss_display_status,
- krb5_gss_indicate_mechs,
- krb5_gss_compare_name,
- krb5_gss_display_name,
- krb5_gss_import_name,
- krb5_gss_release_name,
- krb5_gss_inquire_cred,
- krb5_gss_add_cred,
- krb5_gss_export_sec_context,
- krb5_gss_import_sec_context,
- krb5_gss_inquire_cred_by_mech,
- krb5_gss_inquire_names_for_mech,
- krb5_gss_inquire_context,
- krb5_gss_internal_release_oid,
- krb5_gss_wrap_size_limit,
- krb5_pname_to_uid,
- };
-
-#include "k5-int.h"
-
-
-OM_uint32
-krb5_gss_get_context(context)
-void ** context;
-{
- if (context == NULL)
- return GSS_S_FAILURE;
- if (kg_context) {
- *context = kg_context;
- return (GSS_S_COMPLETE);
- }
- if (krb5_init_context(&kg_context))
- return GSS_S_FAILURE;
- if (krb5_ser_context_init(kg_context) ||
- krb5_ser_auth_context_init(kg_context) ||
- krb5_ser_ccache_init(kg_context) ||
- krb5_ser_rcache_init(kg_context) ||
- krb5_ser_keytab_init(kg_context) ||
- kg_ser_context_init(kg_context)) {
- krb5_free_context(kg_context);
- kg_context = 0;
- return (GSS_S_FAILURE);
- }
- *context = kg_context;
- return GSS_S_COMPLETE;
-}
-
-gss_mechanism
-krb5_gss_initialize()
-{
- krb5_gss_get_context(&(krb5_mechanism.context));
- return (&krb5_mechanism);
-}
+++ /dev/null
-/* #ident "@(#)krb5_pname_to_uid.c 1.2 95/05/11 SMI" */
-
-/*
- * krb5 mechanism specific routine for pname_to_uid
- *
- * Copyright 1995 Sun Microsystems, Inc.
- *
- * Permission to use, copy, modify, distribute, and sell this software
- * and its documentation for any purpose is hereby granted without fee,
- * provided that the above copyright notice appears in all copies and
- * that both that copyright notice and this permission notice appear in
- * supporting documentation, and that the name of Sun Microsystems not be used
- * in advertising or publicity pertaining to distribution of the software
- * without specific, written prior permission. Sun Microsystems makes no
- * representations about the suitability of this software for any
- * purpose. It is provided "as is" without express or implied warranty.
- *
- * SUN MICROSYSTEMS DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE,
- * INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO
- * EVENT SHALL SUN MICROSYSTEMS BE LIABLE FOR ANY SPECIAL, INDIRECT OR
- * CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF
- * USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
- * OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR
- * PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include "gssapiP_krb5.h"
-#if !defined(_WIN32) && !defined(macintosh)
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#endif
-#include <string.h>
-#include <pwd.h>
-#include <sys/types.h>
-#endif /* !_WIN32 && !macintosh */
-
-/*
- * This function will probably get replaced with the gsscred stuff...
- */
-
-int
-krb5_pname_to_uid(context, pname, name_type, mech_type, uid)
-krb5_context context;
-char * pname;
-gss_OID name_type;
-gss_OID mech_type;
-uid_t * uid;
-{
-#if defined(_WIN32) || defined(macintosh)
- return (0); /* failure */
-#else
-
- struct passwd *pw;
- static unsigned char krb5principalname[] =
- {"\052\206\110\206\367\022\001\002\002\001"};
- krb5_principal principal;
- char lname[256];
- krb5_error_code stat;
-
-/*
- * check that the name_type is the Kerberos Principal Name form
- * [1.2.840.113554.1.2.2.1] or NULL.
- */
- if(name_type->length !=0)
- if((name_type->length != 10) ||
- (memcmp(name_type->elements, krb5principalname, 10) != 0))
- return(0);
-
- /* get the name and realm parts of the Kerberos Principal Name */
-
- if (krb5_parse_name(context, pname, &principal)) {
- return(0);
- }
-
- stat = krb5_aname_to_localname(context, principal,
- sizeof(lname), lname);
- krb5_free_principal(context, principal);
-
- if (stat)
- return(0);
-
-/*
- * call getpwnam() and return uid result if successful.
- * Otherwise, return failure.
- */
-
- if(pw = getpwnam(lname)) {
- *uid = pw->pw_uid;
- return(1);
- } else {
- return(0);
- }
-
-#endif
-}
*/
#include "gssapiP_krb5.h"
+static OM_uint32 krb5_gss_internal_release_oid (OM_uint32 *, /* minor_status */
+ gss_OID * /* oid */
+ );
+
OM_uint32
krb5_gss_release_oid(minor_status, oid)
OM_uint32 *minor_status;
}
}
-
-OM_uint32
+static OM_uint32
krb5_gss_internal_release_oid(minor_status, oid)
OM_uint32 *minor_status;
gss_OID *oid;
return(krb5_c_random_make_octets(context, &lrandom));
}
-int
-kg_encrypt_size(context, key, n)
- krb5_context context;
- krb5_keyblock *key;
- int n;
-{
- krb5_error_code code;
- size_t enclen;
-
- code = krb5_c_encrypt_length(context, key->enctype, n, &enclen);
- if (code)
- return(-1); /* XXX */
-
- return(enclen);
-}
-
krb5_error_code
kg_encrypt(context, key, usage, iv, in, out, length)
krb5_context context;
+++ /dev/null
-/*
- * Copyright (C) 1998 by the FundsXpress, INC.
- *
- * All rights reserved.
- *
- * Export of this software from the United States of America may require
- * a specific license from the United States Government. It is the
- * responsibility of any person or organization contemplating export to
- * obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of FundsXpress. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. FundsXpress makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR
- * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED
- * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE.
- */
-
-#include "gssapiP_krb5.h"
-
-/* from the token, flags is stored directly. nctypes/ctypes is
- allocated and returns the length and list of ctypes in the token.
- noptions/options lists all the options which the caller cares
- about. Those which are present in the token are filled in; the
- order and length are not changed. If an error is returned, the
- option list is in an indeterminate state. */
-
-OM_uint32
-kg2_parse_token(minor_status, ptr, token_length, flags, nctypes, ctypes,
- noptions, options, kmsg, mic)
- OM_uint32 *minor_status;
- unsigned char *ptr;
- int token_length;
- krb5_ui_4 *flags;
- int *nctypes; /* OUT */
- krb5_cksumtype **ctypes; /* OUT */
- int noptions;
- struct kg2_option *options; /* INOUT */
- krb5_data *kmsg;
- krb5_data *mic;
-{
- int field_length, i;
- int opt_id;
-
- *ctypes = 0;
-
- /* read the flags */
-
- if (token_length < 4)
- goto defective;
- *flags = (ptr[0]<<24) | (ptr[1]<<16) | (ptr[2]<<8) | ptr[3];
- ptr += 4;
- token_length -= 4;
-
- /* read out the token list */
-
- if (token_length < 2)
- goto defective;
- field_length = (ptr[0]<<8) | ptr[1];
- ptr += 2;
- token_length -= 2;
-
- *nctypes = field_length;
-
- if (*nctypes == 0) {
- *minor_status = 0;
- return(GSS_S_DEFECTIVE_TOKEN);
- }
-
- if ((*ctypes = (krb5_cksumtype *)
- malloc((*nctypes) * sizeof(krb5_cksumtype))) == NULL) {
- *minor_status = ENOMEM;
- return(GSS_S_FAILURE);
- }
-
- for (i=0; i<field_length; i++) {
- if (token_length < 4)
- goto defective;
-
- (*ctypes)[i] = (krb5_cksumtype) ((ptr[0]<<24) | (ptr[1]<<16) |
- (ptr[2]<<8) | ptr[3]);
- ptr += 4;
- token_length -= 4;
- }
-
- do {
- if (token_length < 4)
- goto defective;
- opt_id = (ptr[0]<<8) | ptr[1];
- field_length = (ptr[2]<<8) | ptr[3];
- ptr += 4;
- token_length -= 4;
-
- if (token_length < field_length)
- goto defective;
-
- for (i=0; i<noptions; i++) {
- if (options[i].option_id == opt_id) {
- options[i].length = field_length;
- options[i].data = ptr;
- break;
- }
- }
-
- ptr += field_length;
- token_length -= field_length;
- } while (opt_id);
-
- if (token_length < 2)
- goto defective;
- field_length = (ptr[0]<<8) | ptr[1];
- ptr += 2;
- token_length -= 2;
-
- if (token_length < field_length)
- goto defective;
-
- kmsg->length = field_length;
- kmsg->data = ptr;
-
- ptr += field_length;
- token_length -= field_length;
-
- /* if there's anything left, assume it's a mic. the mic isn't
- necessarily present */
-
- if (mic && token_length) {
- if (token_length < 2)
- goto defective;
- field_length = (ptr[0]<<8) | ptr[1];
- ptr += 2;
- token_length -= 2;
-
- if (token_length < field_length)
- goto defective;
-
- mic->length = field_length;
- mic->data = ptr;
-
- ptr += field_length;
- token_length -= field_length;
- } else if (mic) {
- mic->length = 0;
- mic->data = ptr;
- }
-
- if (token_length)
- goto defective;
-
- return(GSS_S_COMPLETE);
-
-defective:
- if (*ctypes)
- free(*ctypes);
-
- *minor_status = 0;
- return(GSS_S_DEFECTIVE_TOKEN);
-}
-
-/* nc1/c1 will be modified to contain the intersection of the
- two lists. */
-
-void
-kg2_intersect_ctypes(nc1, c1, nc2, c2)
- int *nc1;
- krb5_cksumtype *c1;
- int nc2;
- const krb5_cksumtype *c2;
-{
- int i, j, count;
- krb5_cksumtype tmp;
-
- count = 0;
-
- for (i=0; i<*nc1; i++) {
- /* first, check to make sure that c1[i] isn't a duplicate in c1 */
- for (j=0; j<i; j++)
- if (c1[i] == c1[j])
- break;
- if (j<i)
- continue;
- /* check if c1[i] is in c2. If it is, keep it by swapping
- it into c1[count] and incrementing count. If count < i, then
- that field has already been looked at and skipped as
- not intersecting, which is ok. */
-
- for (j=0; j<nc2; j++)
- if (c1[i] == c2[j])
- break;
- if ((j<nc2) && (count != i)) {
- tmp = c1[count];
- c1[count] = c1[i];
- c1[i] = tmp;
- }
- count++;
- }
-
- *nc1 = count;
-}
-
projects / krb5.git / commitdiff