More KfM merge work
authorTom Yu <tlyu@mit.edu>
Thu, 12 Dec 2002 21:25:51 +0000 (21:25 +0000)
committerTom Yu <tlyu@mit.edu>
Thu, 12 Dec 2002 21:25:51 +0000 (21:25 +0000)
Create new file FSp-glue.c including KfM functions that had previously
been scattered through various other files.

Port RealmsConfig-glue.c from KfM, including old Unix-ish krb4
configuration code as fallback.  Remove other files containing old
realm/config file support.

Add KRB5_CALLCONV to krb_get_in_tkt_creds.

Fix various functions to take const char* as arguments now that
tkt_string() returns const.

Assorted minor cleanup.

Implement krb_get_err_text in terms of com_err.  Implement gross
kludge to force krb_err_txt to remain in sync with com_err.

ticket: 1189
status: open

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15046 dc483132-0cff-0310-8789-dd5450dbe970

27 files changed:
src/appl/telnet/libtelnet/ChangeLog
src/appl/telnet/libtelnet/kerberos.c
src/appl/telnet/libtelnet/strcasecmp.c
src/include/kerberosIV/ChangeLog
src/include/kerberosIV/des.h
src/include/kerberosIV/krb.h
src/kdc/ChangeLog
src/kdc/kerberos_v4.c
src/lib/krb4/ChangeLog
src/lib/krb4/FSp-glue.c [new file with mode: 0644]
src/lib/krb4/Makefile.in
src/lib/krb4/RealmsConfig-glue.c [new file with mode: 0644]
src/lib/krb4/dest_tkt.c
src/lib/krb4/err_txt.c
src/lib/krb4/g_admhst.c [deleted file]
src/lib/krb4/g_in_tkt.c
src/lib/krb4/g_krbhst.c [deleted file]
src/lib/krb4/g_krbrlm.c [deleted file]
src/lib/krb4/g_svc_in_tkt.c
src/lib/krb4/g_tf_fname.c
src/lib/krb4/g_tf_realm.c
src/lib/krb4/in_tkt.c
src/lib/krb4/krb4int.h
src/lib/krb4/krb_err.et
src/lib/krb4/realmofhost.c [deleted file]
src/lib/krb4/send_to_kdc.c
src/lib/krb4/tf_util.c

index add745afd5bb6e698020794c1fd806673620e3b4..17b61b5c567e777f71a46f8dc727f590ca35f18a 100644 (file)
@@ -1,3 +1,10 @@
+2002-12-12  Tom Yu  <tlyu@mit.edu>
+
+       * kerberos.c (kerberos4_send, kerberos4_is): Use
+       krb_get_err_text() instead of krb_err_txt array.
+
+       * strcasecmp.c: Include sys/types.h rather than sys/cdefs.h.
+
 2002-11-15  Ezra Peisach  <epeisach@bu.edu>
 
        * enc-proto.h, enc_des.c, encrypt.c: Unsigned/signed cleanups.
index 3a722064a833d885e43f83fd88a3ab88f4b130be..56a07319101b55e4e5e87bc472325c82001c2a53 100644 (file)
@@ -242,11 +242,11 @@ kerberos4_send(ap)
                return(0);
        }
        if ((r = krb_mk_req(&kauth, KRB_SERVICE_NAME, instance, realm, 0))) {
-               printf("mk_req failed: %s\r\n", krb_err_txt[r]);
+               printf("mk_req failed: %s\r\n", krb_get_err_text(r));
                return(0);
        }
        if ((r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred))) {
-               printf("get_cred failed: %s\r\n", krb_err_txt[r]);
+               printf("get_cred failed: %s\r\n", krb_get_err_text(r));
                return(0);
        }
        if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) {
@@ -395,7 +395,7 @@ kerberos4_is(ap, data, cnt)
                                    instance, 0, &adat, ""))) {
                        if (auth_debug_mode)
                                printf("Kerberos failed him as %s\r\n", name);
-                       Data(ap, KRB_REJECT, (const void *)krb_err_txt[r], -1);
+                       Data(ap, KRB_REJECT, (const void *)krb_get_err_text(r), -1);
                        auth_finished(ap, AUTH_REJECT);
                        return;
                }
index 3c1140b0fa822c7c981a9ae66171efd60d5ca770..edd9f141553418f75b6610c33854437abf8a6e8d 100644 (file)
@@ -35,7 +35,7 @@
 #define const
 #endif
 
-#include <sys/cdefs.h>
+#include <sys/types.h>
 #ifdef HAVE_STRING_H
 #include <string.h>
 #else
index 5deb71aeec710745acd00c6dd20f18814c700c5f..3c51cea3932d8312e0e27e4c4d777b029aa3cefe 100644 (file)
@@ -1,3 +1,12 @@
+2002-12-12  Tom Yu  <tlyu@mit.edu>
+
+       * krb.h: Change _WINDOWS->_WIN32.  Add symbols for
+       RealmsConfig-glue.c.  Remove explicit errno declaration.  Fix some
+       prototypes of functions in RealmsConfig-glue.c to take const char*
+       for realm.  Update prorotypes of functions that may take a ticket
+       file name to take const char*.  Collect prototypes of FSp-glue.c
+       functions together.
+
 2002-12-04  Tom Yu  <tlyu@mit.edu>
 
        * des.h: Move explicit definition of _WINDOWS to precede
index 25826f751bbfde55f17a1ae64015a29fb3c9c39d..37e934398449a437aba91de914e2d1a1c3546e49 100644 (file)
@@ -110,10 +110,7 @@ KRBINT_END_DECLS
 #ifndef KRB5INT_CRYPTO_DES_INT
 #define DES_DEFS
 
-#if defined(_WIN32) && !defined(_WINDOWS)
-#define _WINDOWS
-#endif
-#if defined(_WINDOWS)
+#if defined(_WIN32)
 #ifndef KRB4
 #define KRB4 1
 #endif
index fe28111c49ed5bf47468500bddbf1a17b220ae24..9e9a151cef5aa7e6f221054bc62fd2b12d2c603b 100644 (file)
 
 /* Need some defs from des.h    */
 #include <kerberosIV/des.h>
-
-#include <kerberosIV/krb_err.h>                /* XXX FIXME! */
-
+#include <kerberosIV/krb_err.h>
 #include <profile.h>
 
-#ifdef _WINDOWS
+#ifdef _WIN32
 #include <time.h>
-#endif /* _WINDOWS */
+#endif /* _WIN32 */
 
 #ifdef __cplusplus
 #ifndef KRBINT_BEGIN_DECLS
@@ -75,9 +73,8 @@ KRBINT_BEGIN_DECLS
 #define KRB_INT32      DES_INT32
 #define KRB_UINT32     DES_UINT32
 
-/* Text describing error codes */
 #define                MAX_KRB_ERRORS  256
-extern const char *const krb_err_txt[MAX_KRB_ERRORS];
+extern const char * const * const krb_err_txt;
 
 /* General definitions */
 #define                KSUCCESS        0
@@ -212,12 +209,12 @@ typedef struct msg_dat MSG_DAT;
 
 
 /* Location of ticket file for save_cred and get_cred */
-#ifdef _WINDOWS
+#ifdef _WIN32
 #define TKT_FILE        "\\kerberos\\ticket.ses"
 #else
 #define TKT_FILE        tkt_string()
 #define TKT_ROOT        "/tmp/tkt"
-#endif /* PC */
+#endif /* _WIN32 */
 
 /*
  * Error codes are now defined as offsets from com_err (krb_err.et)
@@ -355,7 +352,7 @@ typedef struct msg_dat MSG_DAT;
 #endif /* ATHENA_COMPAT */
 
 
-#ifdef _WINDOWS
+#ifdef _WIN32
 #define        TIME_GMT_UNIXSEC        win_time_gmt_unixsec((unsigned KRB4_32 *)0)
 #define        TIME_GMT_UNIXSEC_US(us) win_time_gmt_unixsec((us))
 #define        CONVERT_TIME_EPOCH      win_time_get_epoch()
@@ -368,8 +365,22 @@ typedef struct msg_dat MSG_DAT;
 #define        TIME_GMT_UNIXSEC        unix_time_gmt_unixsec((unsigned KRB4_32 *)0)
 #define        TIME_GMT_UNIXSEC_US(us) unix_time_gmt_unixsec((us))
 #define        CONVERT_TIME_EPOCH      ((long)0)       /* Unix epoch is Krb epoch */
-#endif /*_WINDOWS*/
-
+#endif /* _WIN32 */
+
+/* Constants for KerberosProfileLib */
+#define        REALMS_V4_PROF_REALMS_SECTION           "v4 realms"
+#define        REALMS_V4_PROF_KDC                      "kdc"
+#define        REALMS_V4_PROF_ADMIN_KDC                "admin_server"
+#define        REALMS_V4_PROF_KPASSWD_KDC              "kpasswd_server"
+#define        REALMS_V4_PROF_DOMAIN_SECTION           "v4 domain_realm"
+#define        REALMS_V4_PROF_LIBDEFAULTS_SECTION      "libdefaults"
+#define        REALMS_V4_PROF_LOCAL_REALM              "default_realm"
+#define        REALMS_V4_PROF_STK                      "string_to_key_type"
+#define        REALMS_V4_MIT_STK                       "mit_string_to_key"
+#define        REALMS_V4_AFS_STK                       "afs_string_to_key"
+#define        REALMS_V4_COLUMBIA_STK                  "columbia_string_to_key"
+#define        REALMS_V4_DEFAULT_REALM                 "default_realm"
+#define        REALMS_V4_NO_ADDRESSES                  "noaddresses"
 
 /* ask to disable IP address checking in the library */
 extern int krb_ignore_ip_address;
@@ -384,14 +395,6 @@ extern int krb_debug;
 #define        DEB(x)  /* nothing */
 #endif
 
-/*
- * Some Unixes don't declare errno in <errno.h>...
- * Move this out to individual c-*.h files if it becomes troublesome.
- */
-#if !defined(errno) && !defined(_WINDOWS)
-extern int errno;
-#endif
-
 /* Define a couple of function types including parameters.  These
    are needed on MS-Windows to convert arguments of the function pointers
    to the proper types during calls.  */
@@ -449,7 +452,7 @@ int KRB5_CALLCONV krb_get_in_tkt_creds(char *, char *, char *, char *, char *,
 
 /* g_krbhst.c */
 int KRB5_CALLCONV krb_get_krbhst
-       (char *host, char *realm, int idx);
+       (char *host, const char *realm, int idx);
 /* g_krbrlm.c */
 int KRB5_CALLCONV krb_get_lrealm
        (char *realm, int idx);
@@ -477,18 +480,13 @@ int KRB5_CALLCONV krb_get_svc_in_tkt
        (char *k_user, char *instance, char *realm,
                   char *service, char *sinstance,
                   int life, char *srvtab);
-#if TARGET_OS_MAC && defined(__FILES__)
-int KRB5_CALLCONV
-FSp_krb_get_svc_in_tkt(char *, char *, char *, char *, char *,
-    int, const FSSpec *);
-#endif
 
 /* g_tf_fname.c */
 int KRB5_CALLCONV krb_get_tf_fullname
-       (char *ticket_file, char *name, char *inst, char *realm);
+       (const char *ticket_file, char *name, char *inst, char *realm);
 /* g_tf_realm.c */
 int KRB5_CALLCONV krb_get_tf_realm
-       (char *ticket_file, char *realm);
+       (const char *ticket_file, char *realm);
 /* g_tkt_svc.c */
 int KRB5_CALLCONV krb_get_ticket_for_service
        (char *serviceName,
@@ -504,7 +502,7 @@ int KRB5_CALLCONV krb_in_tkt
 int KRB5_CALLCONV kname_parse
        (char *name, char *inst, char *realm,
                   char *fullname);
-/* From KfM XXX to be merged*/
+/* Merged from KfM */
 int KRB5_CALLCONV kname_unparse
        (char *, const char *, const char *, const char *);
 
@@ -587,10 +585,6 @@ int KRB5_CALLCONV put_svc_key
        (char *sfile,
                   char *name, char *inst, char *realm,
                   int newvno, char *key);
-#if TARGET_OS_MAC && defined(__FILES__)
-int KRB5_CALLCONV FSp_put_svc_key(const FSSpec *, char *, char *, char *,
-    int, char *);
-#endif
 
 /* rd_err.c */
 int KRB5_CALLCONV krb_rd_err
@@ -626,10 +620,6 @@ int KRB5_CALLCONV read_service_key
 int KRB5_CALLCONV get_service_key
        (char *service, char *instance, char *realm,
                   int *kvno, char *file, char *key);
-#if TARGET_OS_MAC && defined(__FILES__)
-int KRB5_CALLCONV FSp_read_service_key(char *, char *, char *,
-    int, const FSSpec*, char *);
-#endif
 
 /* realmofhost.c */
 char * KRB5_CALLCONV krb_realmofhost
@@ -669,7 +659,7 @@ void KRB5_CALLCONV krb_set_tkt_string
        (char *);
 
 /* tf_util.c */
-int KRB5_CALLCONV tf_init (char *tf_name, int rw);
+int KRB5_CALLCONV tf_init (const char *tf_name, int rw);
 
 int KRB5_CALLCONV tf_get_pname (char *p);
 
@@ -727,6 +717,16 @@ extern int krb_set_key_krb5(krb5_context ctx, krb5_keyblock *key);
 
 #endif
 
+/* FSp-glue.c */
+#if TARGET_OS_MAC && defined(__FILES__)
+int KRB5_CALLCONV FSp_krb_get_svc_in_tkt(char *, char *, char *, char *,
+                                        char *, int, const FSSpec *);
+int KRB5_CALLCONV FSp_put_svc_key(const FSSpec *, char *, char *, char *,
+                                 int, char *);
+int KRB5_CALLCONV FSp_read_service_key(char *, char *, char *,
+                                      int, const FSSpec*, char *);
+#endif
+
 #if TARGET_OS_MAC
 /*
  * KfM krb.hin had the following, probably inherited from CNS:
@@ -756,11 +756,11 @@ dest_all_tkts(void);
 int KRB5_CALLCONV krb_change_password(char *, char *, char *, char *, char *);
 
 /*
- * RealmConfig-glue.c from KfM XXX to be merged
+ * RealmsConfig-glue.c -- merged from KfM
  */
-extern int KRB5_CALLCONV krb_get_profile(profile_t *profile);
+int KRB5_CALLCONV krb_get_profile(profile_t *);
 
-#ifdef _WINDOWS
+#ifdef _WIN32
 HINSTANCE get_lib_instance(void);
 unsigned int krb_get_notification_message(void);
 char * KRB5_CALLCONV krb_get_default_user(void);
index 7978904ea71577a514974e3d634509aa05faa4f2..aa5d3446e84c852813d580c5d1e79c99c83d7de4 100644 (file)
@@ -1,3 +1,8 @@
+2002-12-12  Tom Yu  <tlyu@mit.edu>
+
+       * kerberos_v4.c (kerberos_v4): Use krb_get_err_text() instead of
+       krb_err_txt array.
+
 2002-11-26  Tom Yu  <tlyu@mit.edu>
 
        * Makefile.in: Update dependencies.
index d8a7ce452977fc3211b2babbeb75fbaa223767a3..a27f95a7cc9dbc427bc8cf0f8192d573bcf1ae2a 100644 (file)
@@ -837,7 +837,7 @@ kerberos_v4(struct sockaddr_in *client, KTEXT pkt)
 
            if (kerno) {
                klog(L_ERR_UNK, "FAILED krb_rd_req from %s: %s",
-                    inet_ntoa(client_host), krb_err_txt[kerno]);
+                    inet_ntoa(client_host), krb_get_err_text(kerno));
                req_name_ptr = req_inst_ptr = req_realm_ptr = "";
                kerb_err_reply(client, pkt, kerno, "krb_rd_req failed");
                return;
index e105880a0282e076b0ffb4a9f0cb5fa40732aa1d..b5e1fd40eeefe4478255b7b4abf4f17d90f177d3 100644 (file)
@@ -1,3 +1,52 @@
+2002-12-12  Tom Yu  <tlyu@mit.edu>
+
+       * FSp-glue.c: Extracted and ported from various files from KfM.
+       Not built on Unix.
+
+       * Makefile.in: Removed srcdir references from various SRCS
+       variables.  Stop building krb_err.o because of gross hack in
+       err_txt.c.  Adjust some dependency generation things.
+       (REALMDBOBJS): Use RealmsConfig-glue instead of lots of other
+       files.
+       (LOCALINCLUDES): Use current directory, so we can pick up
+       krb_err.c as an include file.
+
+       * RealmsConfig-glue.c: Ported from KfM and cleaned up.  Old
+       REALMDBSRCS inlined here too.
+
+       * g_admhst.c, g_in_tkt.c, g_krbhst.c, g_krbrlm.c, realmofhost.c:
+       Removed.  Functionality is now in RealmsConfig-glue.c.
+
+       * g_in_tkt.c (krb_get_in_tkt_creds): Add KRB5_CALLCONV.
+
+       * dest_tkt.c (dest_tkt): TKT_FILE now assigned to a const char *,
+       due to change in tkt_string() return type.
+
+       * err_txt.c: Much grossness.  Suck in krb_err.c here, so we can
+       use the static array to initialize the krb_err_txt array.
+
+       * g_in_tkt.c: Call krb4int_send_to_kdc_addr() on MacOS.
+
+       * g_svc_in_tkt.c: Fix up copyright notice; punt gratuitous
+       definition of NULL.
+
+       * g_tf_fname.c (krb_get_tf_fullname): Takes a const char * for
+       ticket file name now, due to change in tkt_string() return type.
+
+       * g_tf_realm.c (krb_get_tf_realm): Takes a const char * for ticket
+       file name now, due to change in tkt_string() return type.
+
+       * in_tkt.c: Include errno.h.
+       (in_tkt): TKT_FILE now assigned to a const char *, due to change
+       in tkt_string() return type.
+
+       * krb4int.h: Add prototype for krb_get_in_tkt_preauth_creds().
+       Fix _WINDOWS->_WIN32.
+
+       * krb_err.et: Sync somewhat with old contents of err_txt.c.
+
+       * tf_util.c (tf_init): Takes const char *tf_name now.
+
 2002-12-06  Tom Yu  <tlyu@mit.edu>
 
        * g_ad_tkt.c (get_ad_tkt): Add KRB5_CALLCONV.
diff --git a/src/lib/krb4/FSp-glue.c b/src/lib/krb4/FSp-glue.c
new file mode 100644 (file)
index 0000000..a3b35dc
--- /dev/null
@@ -0,0 +1,105 @@
+/*
+ * lib/krb4/FSp-glue.c
+ *
+ * Copyright 1985, 1986, 1987, 1988, 2002 by the Massachusetts
+ * Institute of Technology.  All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * MacOS-specific glue for using FSSpecs to deal with srvtabs.
+ */
+
+#include "krb.h"
+#include "krb4int.h"
+#include <stdio.h>
+#include <string.h>
+
+#if TARGET_OS_MAC && defined(__FILES__)
+
+#include <Kerberos/KerberosFullPath.h>
+
+static int FSp_srvtab_to_key(char *, char *, char *, char *, C_Block);
+
+int KRB5_CALLCONV
+FSp_read_service_key(
+    char *service,              /* Service Name */
+    char *instance,             /* Instance name or "*" */
+    char *realm,                /* Realm */
+    int kvno,                   /* Key version number */
+    const FSSpec *filespec,     /* Filespec */
+    char *key)                  /* Pointer to key to be filled in */
+{
+    int retval = KFAILURE;
+    char *file = NULL;
+    if (filespec != NULL) {
+        if (FSpGetFullPOSIXPath (filespec, &file) != noErr) {
+            return retval;
+        }
+    }
+    retval = read_service_key(service, instance, realm, kvno, file, key);
+    if (file != NULL) {
+        free (file);
+    }
+    return retval;
+}
+
+int KRB5_CALLCONV
+FSp_put_svc_key(
+    const FSSpec *sfilespec,
+    char *name,
+    char *inst,
+    char *realm,
+    int newvno,
+    char *key)
+{
+    int retval = KFAILURE;
+    char *sfile = NULL;
+    if (sfilespec != NULL) {
+        if (FSpGetFullPOSIXPath (sfilespec, &sfile) != noErr) {
+            return retval;
+        }
+    }
+    retval = put_svc_key(sfile, name, inst, realm, newvno, key);
+    if (sfile != NULL) {
+        free (sfile);
+    }
+    return retval;
+}
+
+int KRB5_CALLCONV
+FSp_krb_get_svc_in_tkt(
+    char *user, char *instance, char *realm, 
+    char *service, char *sinstance, int life,
+    const FSSpec *srvtab)
+{
+    /* Cast the FSSpec into the password field.  It will be pulled out again */
+    /* by FSp_srvtab_to_key and used to read the real password */
+    return krb_get_in_tkt(user, instance, realm, service, sinstance,
+                          life, FSp_srvtab_to_key, NULL, (char *)srvtab);
+}
+
+static int FSp_srvtab_to_key(char *user, char *instance, char *realm, 
+                            char *srvtab, C_Block key)
+{
+    /* FSp_read_service_key correctly handles a NULL FSSpecPtr */
+    return FSp_read_service_key(user, instance, realm, 0,
+                               (FSSpec *)srvtab, (char *)key);
+}
+#endif
index 4a5c0063d01812b507cf4b3492a9f030b31ab0ce..f6356a8ed212e6c606e5e4da790cf13878cbcf67 100644 (file)
@@ -2,7 +2,7 @@ thisconfigdir=.
 myfulldir=lib/krb4
 mydir=.
 BUILDTOP=$(REL)..$(S)..
-LOCALINCLUDES = -I$(BUILDTOP)/include/kerberosIV -I$(srcdir)/../../include/kerberosIV
+LOCALINCLUDES = -I$(BUILDTOP)/include/kerberosIV -I$(srcdir)/../../include/kerberosIV -I.
 
 ##DOS##BUILDTOP = ..\..
 ##DOS##LIBNAME=$(OUTPRE)krb4.lib
@@ -73,46 +73,46 @@ OBJS        = \
        $(LIB_KRB_HOSTOBJS) $(SERVER_KRB_OBJS) $(NETIO_OBJS) $(REALMDBOBJS)
 
 SRCS = \
-       $(srcdir)/change_password.c \
-       $(srcdir)/cr_auth_repl.c \
-       $(srcdir)/cr_ciph.c \
-       $(srcdir)/cr_tkt.c \
-       $(srcdir)/debug.c \
-       $(srcdir)/decomp_tkt.c \
-       $(srcdir)/g_ad_tkt.c \
-       $(srcdir)/g_pw_in_tkt.c \
-       $(srcdir)/g_phost.c \
-       $(srcdir)/g_pw_tkt.c \
-       $(srcdir)/g_tkt_svc.c \
-       $(srcdir)/getst.c \
-       $(srcdir)/gethostname.c \
+       change_password.c \
+       cr_auth_repl.c \
+       cr_ciph.c \
+       cr_tkt.c \
+       debug.c \
+       decomp_tkt.c \
+       g_ad_tkt.c \
+       g_pw_in_tkt.c \
+       g_phost.c \
+       g_pw_tkt.c \
+       g_tkt_svc.c \
+       getst.c \
+       gethostname.c \
        kadm_err.c \
-       $(srcdir)/kadm_net.c \
-       $(srcdir)/kadm_stream.c \
-       $(srcdir)/kname_parse.c \
-       $(srcdir)/err_txt.c \
-       $(srcdir)/lifetime.c \
-       $(srcdir)/g_in_tkt.c \
-       $(srcdir)/mk_auth.c \
-       $(srcdir)/mk_err.c \
-       $(srcdir)/mk_priv.c \
-       $(srcdir)/mk_req.c \
-       $(srcdir)/mk_safe.c \
-       $(srcdir)/month_sname.c \
-       $(srcdir)/pkt_cipher.c \
-       $(srcdir)/pkt_clen.c \
-       $(srcdir)/prot_client.c \
-       $(srcdir)/prot_common.c \
-       $(srcdir)/prot_kdc.c \
-       $(srcdir)/rd_err.c \
-       $(srcdir)/rd_priv.c \
-       $(srcdir)/rd_safe.c \
-       $(srcdir)/send_to_kdc.c \
-       $(srcdir)/stime.c \
-       $(srcdir)/strnlen.c \
-       $(srcdir)/rd_preauth.c \
-       $(srcdir)/mk_preauth.c \
-       $(srcdir)/unix_time.c \
+       kadm_net.c \
+       kadm_stream.c \
+       kname_parse.c \
+       err_txt.c \
+       lifetime.c \
+       g_in_tkt.c \
+       mk_auth.c \
+       mk_err.c \
+       mk_priv.c \
+       mk_req.c \
+       mk_safe.c \
+       month_sname.c \
+       pkt_cipher.c \
+       pkt_clen.c \
+       prot_client.c \
+       prot_common.c \
+       prot_kdc.c \
+       rd_err.c \
+       rd_priv.c \
+       rd_safe.c \
+       send_to_kdc.c \
+       stime.c \
+       strnlen.c \
+       rd_preauth.c \
+       mk_preauth.c \
+       unix_time.c \
        $(OSSRCS) $(CACHESRCS) $(SETENVSRCS) $(STRCASESRCS) $(SHMSRCS) \
        $(LIB_KRB_HOSTSRCS) $(SERVER_KRB_SRCS) $(NETIO_SRCS) $(REALMDBSRCS)
 
@@ -123,7 +123,7 @@ STOBJLISTS=OBJS.ST
 # These objects implement the time computation routines.
 #
 OSOBJS = $(OUTPRE)unix_time.$(OBJEXT)
-OSSRCS = $(srcdir)/unix_time.c
+OSSRCS = unix_time.c
 
 ##DOS##OSOBJS = $(OUTPRE)win_time.obj
 
@@ -131,10 +131,12 @@ OSSRCS = $(srcdir)/unix_time.c
 # These objects implement ticket cacheing for Unix.  They are
 # replaced by other files when compiling for Windows or Mac.
 #
-CACHESRCS=$(srcdir)/tf_util.c $(srcdir)/dest_tkt.c $(srcdir)/in_tkt.c \
-       $(srcdir)/tkt_string.c $(srcdir)/g_tf_fname.c \
-       $(srcdir)/g_tf_realm.c $(srcdir)/g_cred.c $(srcdir)/save_creds.c
-CACHEOBJS=$(OUTPRE)tf_util.$(OBJEXT) $(OUTPRE)dest_tkt.$(OBJEXT) $(OUTPRE)in_tkt.$(OBJEXT) \
+CACHESRCS = \
+       tf_util.c       dest_tkt.c      in_tkt.c \
+       tkt_string.c    g_tf_fname.c    g_tf_realm.c \
+       g_cred.c        save_creds.c
+CACHEOBJS = \
+       $(OUTPRE)tf_util.$(OBJEXT) $(OUTPRE)dest_tkt.$(OBJEXT) $(OUTPRE)in_tkt.$(OBJEXT) \
        $(OUTPRE)tkt_string.$(OBJEXT) $(OUTPRE)g_tf_fname.$(OBJEXT) $(OUTPRE)g_tf_realm.$(OBJEXT) \
        $(OUTPRE)g_cred.$(OBJEXT) $(OUTPRE)save_creds.$(OBJEXT)
 
@@ -149,34 +151,33 @@ CACHEOBJS=$(OUTPRE)tf_util.$(OBJEXT) $(OUTPRE)dest_tkt.$(OBJEXT) $(OUTPRE)in_tkt
 CNFFILE = g_cnffile
 ##DOS##CNFFILE = win_store
 
-REALMDBSRCS= $(srcdir)/$(CNFFILE).c $(srcdir)/g_krbhst.c $(srcdir)/g_krbrlm.c \
-       $(srcdir)/g_admhst.c $(srcdir)/realmofhost.c 
-REALMDBOBJS= $(OUTPRE)$(CNFFILE).$(OBJEXT) $(OUTPRE)g_krbhst.$(OBJEXT) $(OUTPRE)g_krbrlm.$(OBJEXT) \
-       $(OUTPRE)g_admhst.$(OBJEXT) $(OUTPRE)realmofhost.$(OBJEXT) 
+REALMDBSRCS=$(CNFFILE).c RealmsConfig-glue.c
+REALMDBOBJS=$(OUTPRE)$(CNFFILE).$(OBJEXT) $(OUTPRE)RealmsConfig-glue.$(OBJEXT)
 
 #
 # These objects are only used on server or debug implementations of Kerberos,
 # and they cause some major or minor sort of trouble for some
 # client-only platform (Mac or Windows).
 #
-SERVER_KRB_SRCS=$(srcdir)/klog.c $(srcdir)/kuserok.c $(srcdir)/log.c \
-               $(srcdir)/kntoln.c $(srcdir)/fgetst.c $(srcdir)/rd_svc_key.c \
-               $(srcdir)/cr_err_repl.c $(srcdir)/rd_req.c \
-               $(srcdir)/g_svc_in_tkt.c $(srcdir)/recvauth.c \
-               krb_err.c $(srcdir)/ad_print.c \
-               $(srcdir)/cr_death_pkt.c $(srcdir)/kparse.c \
-               $(srcdir)/put_svc_key.c $(srcdir)/sendauth.c 
-SERVER_KRB_OBJS=$(OUTPRE)klog.$(OBJEXT) $(OUTPRE)kuserok.$(OBJEXT) $(OUTPRE)log.$(OBJEXT) \
-               $(OUTPRE)kntoln.$(OBJEXT) \
-               $(OUTPRE)fgetst.$(OBJEXT) $(OUTPRE)rd_svc_key.$(OBJEXT) $(OUTPRE)cr_err_repl.$(OBJEXT) \
-               $(OUTPRE)rd_req.$(OBJEXT) $(OUTPRE)g_svc_in_tkt.$(OBJEXT) $(OUTPRE)recvauth.$(OBJEXT) \
-               $(OUTPRE)krb_err.$(OBJEXT) $(OUTPRE)ad_print.$(OBJEXT) $(OUTPRE)cr_death_pkt.$(OBJEXT) \
-               $(OUTPRE)kparse.$(OBJEXT) $(OUTPRE)put_svc_key.$(OBJEXT) $(OUTPRE)sendauth.$(OBJEXT)
+SERVER_KRB_SRCS = \
+       klog.c          kuserok.c       log.c \
+       kntoln.c \
+       fgetst.c        rd_svc_key.c    cr_err_repl.c \
+       rd_req.c        g_svc_in_tkt.c  recvauth.c \
+       ad_print.c      cr_death_pkt.c \
+       kparse.c        put_svc_key.c   sendauth.c
+SERVER_KRB_OBJS = \
+       $(OUTPRE)klog.$(OBJEXT) $(OUTPRE)kuserok.$(OBJEXT) $(OUTPRE)log.$(OBJEXT) \
+       $(OUTPRE)kntoln.$(OBJEXT) \
+       $(OUTPRE)fgetst.$(OBJEXT) $(OUTPRE)rd_svc_key.$(OBJEXT) $(OUTPRE)cr_err_repl.$(OBJEXT) \
+       $(OUTPRE)rd_req.$(OBJEXT) $(OUTPRE)g_svc_in_tkt.$(OBJEXT) $(OUTPRE)recvauth.$(OBJEXT) \
+       $(OUTPRE)ad_print.$(OBJEXT) $(OUTPRE)cr_death_pkt.$(OBJEXT) \
+       $(OUTPRE)kparse.$(OBJEXT) $(OUTPRE)put_svc_key.$(OBJEXT) $(OUTPRE)sendauth.$(OBJEXT)
 #
 # These objects are included on Unix and Windows (for kstream and kadm)
 # but not under Mac (there are no file descriptors).
 #
-NETIO_SRCS=$(srcdir)/netread.c $(srcdir)/netwrite.c
+NETIO_SRCS=netread.c netwrite.c
 NETIO_OBJS=$(OUTPRE)netread.$(OBJEXT) $(OUTPRE)netwrite.$(OBJEXT)
 
 #
@@ -184,19 +185,17 @@ NETIO_OBJS=$(OUTPRE)netread.$(OBJEXT) $(OUTPRE)netwrite.$(OBJEXT)
 # (time-of-day access, etc).  They are replaced in Mac and Windows
 # by other _glue.* routines.
 #
-LIB_KRB_HOSTSRCS=$(srcdir)/unix_glue.c
+LIB_KRB_HOSTSRCS=unix_glue.c
 LIB_KRB_HOSTOBJS=$(OUTPRE)unix_glue.$(OBJEXT)
 
 ##DOS##LIB_KRB_HOSTOBJS=$(OUTPRE)win_glue.obj
 
 ARCHIVEARGS= $@ $(OBJS)
 
-CODE=$(SRCS) Makefile.in krb_err.et
-
 # We want *library* compiler options...
 DBG=$(DBG_LIB)
 
-all-unix:: krb_err.h kadm_err.h includes all-liblinks
+all-unix:: includes all-liblinks
 
 ##DOS##LIBOBJS = $(OBJS)
 
@@ -207,8 +206,9 @@ krb_err.c: krb_err.et
 kadm_err.h: kadm_err.et
 kadm_err.c: kadm_err.et
 
-depend:: krb_err.h kadm_err.h
-depend:: $(CODE) 
+depend-dependencies: krb_err.h $(EHDRDIR)$(S)krb_err.h \
+       kadm_err.h $(EHDRDIR)$(S)kadm_err.h \
+       krb_err.c
 
 includes: $(EHDRDIR)$(S)krb_err.h $(EHDRDIR)$(S)kadm_err.h
 
@@ -221,8 +221,6 @@ clean-unix::
        $(RM) $(EHDRDIR)/krb_err.h
        $(RM) $(EHDRDIR)/kadm_err.h
 
-
-
 #install-unix::
 #      $(INSTALL_DATA) krb_err.h $(DESTDIR)$(KRB5_INCDIR)/kerberosIV/krb_err.h
 
@@ -322,10 +320,10 @@ kadm_stream.so kadm_stream.po $(OUTPRE)kadm_stream.$(OBJEXT): kadm_stream.c $(SR
 kname_parse.so kname_parse.po $(OUTPRE)kname_parse.$(OBJEXT): kname_parse.c $(SRCTOP)/include/kerberosIV/krb.h \
   $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
   $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h
-err_txt.so err_txt.po $(OUTPRE)err_txt.$(OBJEXT): err_txt.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h
+err_txt.so err_txt.po $(OUTPRE)err_txt.$(OBJEXT): err_txt.c $(SRCTOP)/include/kerberosIV/krb.h \
+  $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
+  $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h krb4int.h \
+  krb_err.c
 lifetime.so lifetime.po $(OUTPRE)lifetime.$(OBJEXT): lifetime.c $(SRCTOP)/include/kerberosIV/krb.h \
   $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
   $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h
@@ -386,12 +384,14 @@ rd_safe.so rd_safe.po $(OUTPRE)rd_safe.$(OBJEXT): rd_safe.c $(SRCTOP)/include/ke
   $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/kerberosIV/prot.h \
   $(SRCTOP)/include/kerberosIV/lsb_addr_cmp.h $(SRCTOP)/include/kerberosIV/mit-copyright.h \
   $(SRCTOP)/include/port-sockets.h $(BUILDTOP)/include/krb5/autoconf.h
-send_to_kdc.so send_to_kdc.po $(OUTPRE)send_to_kdc.$(OBJEXT): send_to_kdc.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h $(SRCTOP)/include/kerberosIV/krbports.h \
+send_to_kdc.so send_to_kdc.po $(OUTPRE)send_to_kdc.$(OBJEXT): send_to_kdc.c $(SRCTOP)/include/kerberosIV/krb.h \
+  $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
+  $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/kerberosIV/krbports.h \
   $(SRCTOP)/include/kerberosIV/prot.h $(SRCTOP)/include/port-sockets.h \
-  $(BUILDTOP)/include/krb5/autoconf.h
+  $(BUILDTOP)/include/krb5/autoconf.h $(SRCTOP)/include/fake-addrinfo.h \
+  $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/k5-int.h \
+  $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5.h \
+  $(SRCTOP)/include/krb5/kdb.h krb4int.h
 stime.so stime.po $(OUTPRE)stime.$(OBJEXT): stime.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
   $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
   $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
@@ -409,9 +409,6 @@ mk_preauth.so mk_preauth.po $(OUTPRE)mk_preauth.$(OBJEXT): mk_preauth.c $(SRCTOP
 unix_time.so unix_time.po $(OUTPRE)unix_time.$(OBJEXT): unix_time.c $(SRCTOP)/include/kerberosIV/krb.h \
   $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
   $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h
-unix_time.so unix_time.po $(OUTPRE)unix_time.$(OBJEXT): unix_time.c $(SRCTOP)/include/kerberosIV/krb.h \
-  $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
-  $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h
 tf_util.so tf_util.po $(OUTPRE)tf_util.$(OBJEXT): tf_util.c $(SRCTOP)/include/kerberosIV/krb.h \
   $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
   $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/k5-int.h \
@@ -433,10 +430,9 @@ g_tf_fname.so g_tf_fname.po $(OUTPRE)g_tf_fname.$(OBJEXT): g_tf_fname.c $(SRCTOP
   $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
   $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
   $(BUILDTOP)/include/profile.h
-g_tf_realm.so g_tf_realm.po $(OUTPRE)g_tf_realm.$(OBJEXT): g_tf_realm.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h
+g_tf_realm.so g_tf_realm.po $(OUTPRE)g_tf_realm.$(OBJEXT): g_tf_realm.c $(SRCTOP)/include/kerberosIV/krb.h \
+  $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
+  $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h
 g_cred.so g_cred.po $(OUTPRE)g_cred.$(OBJEXT): g_cred.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
   $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
   $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
@@ -483,17 +479,15 @@ rd_req.so rd_req.po $(OUTPRE)rd_req.$(OBJEXT): rd_req.c $(SRCTOP)/include/kerber
   $(SRCTOP)/include/kerberosIV/krb.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
   $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/kerberosIV/prot.h \
   $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb54proto.h
-g_svc_in_tkt.so g_svc_in_tkt.po $(OUTPRE)g_svc_in_tkt.$(OBJEXT): g_svc_in_tkt.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h $(SRCTOP)/include/kerberosIV/prot.h \
+g_svc_in_tkt.so g_svc_in_tkt.po $(OUTPRE)g_svc_in_tkt.$(OBJEXT): g_svc_in_tkt.c $(SRCTOP)/include/kerberosIV/krb.h \
+  $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
+  $(COM_ERR_DEPS) $(BUILDTOP)/include/profile.h $(SRCTOP)/include/kerberosIV/prot.h \
   krb4int.h
 recvauth.so recvauth.po $(OUTPRE)recvauth.$(OBJEXT): recvauth.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
   $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
   $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
   $(BUILDTOP)/include/profile.h $(SRCTOP)/include/port-sockets.h \
   $(BUILDTOP)/include/krb5/autoconf.h
-krb_err.so krb_err.po $(OUTPRE)krb_err.$(OBJEXT): krb_err.c $(COM_ERR_DEPS)
 ad_print.so ad_print.po $(OUTPRE)ad_print.$(OBJEXT): ad_print.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
   $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
   $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
@@ -531,22 +525,9 @@ g_cnffile.so g_cnffile.po $(OUTPRE)g_cnffile.$(OBJEXT): g_cnffile.c $(SRCTOP)/in
   $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/port-sockets.h \
   $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \
   krb4int.h
-g_krbhst.so g_krbhst.po $(OUTPRE)g_krbhst.$(OBJEXT): g_krbhst.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h krb4int.h $(SRCTOP)/include/port-sockets.h \
-  $(BUILDTOP)/include/krb5/autoconf.h
-g_krbrlm.so g_krbrlm.po $(OUTPRE)g_krbrlm.$(OBJEXT): g_krbrlm.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h krb4int.h
-g_admhst.so g_admhst.po $(OUTPRE)g_admhst.$(OBJEXT): g_admhst.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h krb4int.h
-realmofhost.so realmofhost.po $(OUTPRE)realmofhost.$(OBJEXT): realmofhost.c $(SRCTOP)/include/kerberosIV/mit-copyright.h \
-  $(SRCTOP)/include/kerberosIV/krb.h $(SRCTOP)/include/kerberosIV/des.h \
-  $(BUILDTOP)/include/kerberosIV/krb_err.h $(COM_ERR_DEPS) \
-  $(BUILDTOP)/include/profile.h $(SRCTOP)/include/port-sockets.h \
-  $(BUILDTOP)/include/krb5/autoconf.h krb4int.h
+RealmsConfig-glue.so RealmsConfig-glue.po $(OUTPRE)RealmsConfig-glue.$(OBJEXT): RealmsConfig-glue.c \
+  $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/kerberosIV/krb.h \
+  $(SRCTOP)/include/kerberosIV/des.h $(BUILDTOP)/include/kerberosIV/krb_err.h \
+  krb4int.h $(SRCTOP)/include/port-sockets.h $(BUILDTOP)/include/krb5/autoconf.h \
+  $(BUILDTOP)/include/krb5.h
 
diff --git a/src/lib/krb4/RealmsConfig-glue.c b/src/lib/krb4/RealmsConfig-glue.c
new file mode 100644 (file)
index 0000000..927c10b
--- /dev/null
@@ -0,0 +1,685 @@
+/*
+ * lib/krb4/RealmsConfig-glue.c
+ *
+ * Copyright 1985-2002 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ *
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * These calls implement the layer of Kerberos v4 library which
+ * accesses realms configuration by calling into the Kerberos Profile
+ * library.
+ */
+
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <ctype.h>
+#include <errno.h>
+#if TARGET_OS_MAC
+#include <CoreServices/CoreServices.h>
+#endif
+
+#include "profile.h"
+#include "krb.h"
+#include "krb4int.h"
+#include "port-sockets.h"
+
+#if USE_CCAPI
+#include <Kerberos/CredentialsCache.h>
+#endif
+
+#define KRB5_PRIVATE 1
+/* For krb5_get_default_config_files and krb5_free_config_files */
+#include "krb5.h"
+#undef KRB5_PRIVATE
+
+/* These two *must* be kept in sync to avoid buffer overflows. */
+#define SCNSCRATCH     "%1023s"
+#define SCRATCHSZ      1024
+#if SCRATCHSZ < MAXHOSTNAMELEN
+#error "SCRATCHSZ must be at least MAXHOSTNAMELEN"
+#endif
+
+/*
+ * Returns to the caller an initialized profile using the same files
+ * as Kerberos4Lib would.
+ */
+int KRB5_CALLCONV
+krb_get_profile(profile_t* profile)
+{
+    int                        retval = KSUCCESS;
+    profile_filespec_t *files = NULL;
+
+    /* Use krb5 to get the config files */
+    retval = krb5_get_default_config_files(&files);
+
+    if (retval == KSUCCESS) {
+       retval = profile_init((const_profile_filespec_t *)files, profile);
+    }
+
+    if (files) {
+       krb5_free_config_files(files);
+    }
+
+    if (retval == ENOENT) {
+       /* No edu.mit.Kerberos file */
+       return KFAILURE;
+    }
+
+    if ((retval == PROF_SECTION_NOTOP) ||
+       (retval == PROF_SECTION_SYNTAX) ||
+       (retval == PROF_RELATION_SYNTAX) ||
+       (retval == PROF_EXTRA_CBRACE) ||
+       (retval == PROF_MISSING_OBRACE)) {
+       /* Bad config file format */
+       return retval;
+    }
+
+    return retval;
+}
+
+/* Caller must ensure that n >= 1 and that pointers are non-NULL. */
+static int
+krb_prof_get_nth(
+    char       *ret,
+    size_t     retlen,
+    const char *realm,
+    int                n,
+    const char *sec,
+    const char *key)
+{
+    int                result;
+    long       profErr;
+    profile_t  profile = NULL;
+    const      char *names[4];
+    void       *iter = NULL;
+    char       *name = NULL;
+    char       *value = NULL;
+    int                i;
+
+    result = KFAILURE;
+
+    profErr = krb_get_profile(&profile);
+    if (profErr) {
+       /*
+        * Can krb_get_profile() return errors that change PROFILE?
+        */
+       goto cleanup;
+    }
+    names[0] = sec;
+    names[1] = realm;
+    names[2] = key;
+    names[3] = NULL;
+    profErr = profile_iterator_create(profile, names,
+                                     PROFILE_ITER_RELATIONS_ONLY, &iter);
+    if (profErr)
+       goto cleanup;
+
+    result = KSUCCESS;
+    for (i = 1; i <= n; i++) {
+       if (name != NULL)
+           profile_release_string(name);
+       if (value != NULL)
+           profile_release_string(value);
+       name = value = NULL;
+
+       profErr = profile_iterator(&iter, &name, &value);
+       if (profErr || (name == NULL)) {
+           result = KFAILURE;
+           break;
+       }
+    }
+    if (result == KSUCCESS) {
+       /* Return error rather than truncating. */
+       if (strlen(value) >= retlen)
+           result = KFAILURE;
+       else
+           strncpy(ret, value, retlen);
+    }
+cleanup:
+    if (name != NULL)
+       profile_release_string(name);
+    if (value != NULL)
+       profile_release_string(value);
+    if (iter != NULL)
+       profile_iterator_free(&iter);
+    if (profile != NULL)
+       profile_abandon(profile);
+    return result;
+}
+
+/*
+ * Index -> realm name mapping
+ *
+ * Not really. The original implementation has a cryptic comment
+ * indicating that the function can only work for n = 1, and always
+ * returns the default realm. I don't know _why_ that's the case, but
+ * I have to do it that way...
+ *
+ * Old description from g_krbrlm.c:
+ *
+ * krb_get_lrealm takes a pointer to a string, and a number, n.  It fills
+ * in the string, r, with the name of the nth realm specified on the
+ * first line of the kerberos config file (KRB_CONF, defined in "krb.h").
+ * It returns 0 (KSUCCESS) on success, and KFAILURE on failure.  If the
+ * config file does not exist, and if n=1, a successful return will occur
+ * with r = KRB_REALM (also defined in "krb.h").
+ *
+ * NOTE: for archaic & compatibility reasons, this routine will only return
+ * valid results when n = 1.
+ *
+ * For the format of the KRB_CONF file, see comments describing the routine
+ * krb_get_krbhst().  This will also look in KRB_FB_CONF is
+ * ATHENA_CONF_FALLBACK is defined.
+ */
+int KRB5_CALLCONV
+krb_get_lrealm(
+    char       *realm,
+    int                n)
+{
+    long       profErr = 0;
+    char       *realmString = NULL;
+    char       *realmStringV4 = NULL;
+    profile_t  profile = NULL;
+    int                result;
+    FILE       *cnffile = NULL;
+    char       scratch[SCRATCHSZ];
+
+    if (n != 1 || realm == NULL)
+       return KFAILURE;
+
+    result = KFAILURE;         /* Start out with failure. */
+
+    profErr = krb_get_profile(&profile);
+    if (profErr)
+       goto cleanup;
+
+    profErr = profile_get_string(profile, REALMS_V4_PROF_LIBDEFAULTS_SECTION,
+                                REALMS_V4_DEFAULT_REALM, NULL, NULL,
+                                &realmString);
+    if (profErr || realmString == NULL)
+       goto cleanup;
+
+    if (strlen(realmString) >= REALM_SZ)
+       goto cleanup;
+    strncpy(realm, realmString, REALM_SZ);
+    /*
+     * Step 2: the default realm is actually v5 realm, so we have to
+     * check for the case where v4 and v5 realms are different.
+     */
+    profErr = profile_get_string(profile, "realms", realm, "v4_realm",
+                                NULL, &realmStringV4);
+    if (profErr || realmStringV4 == NULL)
+       goto cleanup;
+
+    if (strlen(realmStringV4) >= REALM_SZ)
+       goto cleanup;
+    strncpy(realm, realmStringV4, REALM_SZ);
+    result = KSUCCESS;
+cleanup:
+    if (realmString != NULL)
+       profile_release_string(realmString);
+    if (realmStringV4 != NULL)
+       profile_release_string(realmStringV4);
+    if (profile != NULL)
+       profile_abandon(profile);
+
+    if (result == KSUCCESS)
+       return result;
+    /*
+     * Do old-style config file lookup.
+     */
+    do {
+       cnffile = krb__get_cnffile();
+       if (cnffile == NULL)
+           break;
+       if (fscanf(cnffile, SCNSCRATCH, scratch) == 1) {
+           if (strlen(scratch) >= REALM_SZ)
+               result = KFAILURE;
+           else {
+               strncpy(realm, scratch, REALM_SZ);
+               result = KSUCCESS;
+           }
+       }
+       fclose(cnffile);
+    } while (0);
+    if (result == KFAILURE && strlen(KRB_REALM) < REALM_SZ) {
+       strncpy(realm, KRB_REALM, REALM_SZ);
+       result = KSUCCESS;
+    }
+    return result;
+}
+
+/*
+ * Realm, index -> admin KDC mapping
+ *
+ * Old description from g_admhst.c:
+ *
+ * Given a Kerberos realm, find a host on which the Kerberos database
+ * administration server can be found.
+ *
+ * krb_get_admhst takes a pointer to be filled in, a pointer to the name
+ * of the realm for which a server is desired, and an integer n, and
+ * returns (in h) the nth administrative host entry from the configuration
+ * file (KRB_CONF, defined in "krb.h") associated with the specified realm.
+ * If ATHENA_CONF_FALLBACK is defined, also look in old location.
+ *
+ * On error, get_admhst returns KFAILURE. If all goes well, the routine
+ * returns KSUCCESS.
+ *
+ * For the format of the KRB_CONF file, see comments describing the routine
+ * krb_get_krbhst().
+ *
+ * This is a temporary hack to allow us to find the nearest system running
+ * a Kerberos admin server.  In the long run, this functionality will be
+ * provided by a nameserver.
+ */
+int KRB5_CALLCONV
+krb_get_admhst(
+    char       *host,
+    char       *realm,
+    int                n)
+{
+    int                result;
+    int                i;
+    FILE       *cnffile;
+    char       linebuf[BUFSIZ];
+    char       trealm[SCRATCHSZ];
+    char       thost[SCRATCHSZ];
+    char       scratch[SCRATCHSZ];
+
+    if (n < 1 || host == NULL || realm == NULL)
+       return KFAILURE;
+
+    result = krb_prof_get_nth(host, MAXHOSTNAMELEN, realm, n,
+                             REALMS_V4_PROF_REALMS_SECTION,
+                             REALMS_V4_PROF_ADMIN_KDC);
+    if (result == KSUCCESS)
+       return result;
+
+    /*
+     * Do old-style config file lookup.
+     */
+    cnffile = krb__get_cnffile();
+    if (cnffile == NULL)
+       return KFAILURE;
+    result = KSUCCESS;
+    for (i = 0; i < n;) {
+       if (fgets(linebuf, BUFSIZ, cnffile) == NULL) {
+           result = KFAILURE;
+           break;
+       }
+       if (!strchr(linebuf, '\n')) {
+           result = KFAILURE;
+           break;
+       }
+       /*
+        * Need to scan for a token after 'admin' to make sure that
+        * admin matched correctly.
+        */
+       if (sscanf(linebuf, SCNSCRATCH " " SCNSCRATCH " admin " SCNSCRATCH,
+                  trealm, thost, scratch) != 3)
+           continue;
+       if (!strcmp(trealm, realm))
+           i++;
+    }
+    fclose(cnffile);
+    if (result == KSUCCESS && strlen(thost) < MAXHOSTNAMELEN)
+       strncpy(host, thost, MAXHOSTNAMELEN);
+    else
+       result = KFAILURE;
+    return result;
+}
+
+/*
+ * Realm, index -> kpasswd KDC mapping
+ */
+int KRB5_CALLCONV
+krb_get_kpasswdhst(
+    char       *host,
+    char       *realm,
+    int                n)
+{
+    if (n < 1 || host == NULL || realm == NULL)
+       return KFAILURE;
+
+    return krb_prof_get_nth(host, MAXHOSTNAMELEN, realm, n,
+                           REALMS_V4_PROF_REALMS_SECTION,
+                           REALMS_V4_PROF_KPASSWD_KDC);
+}
+
+static int
+get_krbhst_default(h, r, n)
+    char *h;
+    char *r;
+    int n;
+{
+    if (n != 1)
+       return KFAILURE;
+    if (strlen(KRB_HOST) + 1 + strlen(r) >= MAXHOSTNAMELEN)
+       return KFAILURE;
+    /* KRB_HOST.REALM (ie. kerberos.CYGNUS.COM) */
+    strncpy(h, KRB_HOST, MAXHOSTNAMELEN);
+    strcat(h, ".");
+    strcat(h, r);
+    return KSUCCESS;
+}
+
+/*
+ * Realm, index -> KDC mapping
+ *
+ * Old description from g_krbhst.c:
+ *
+ * Given a Kerberos realm, find a host on which the Kerberos authenti-
+ * cation server can be found.
+ *
+ * krb_get_krbhst takes a pointer to be filled in, a pointer to the name
+ * of the realm for which a server is desired, and an integer, n, and
+ * returns (in h) the nth entry from the configuration file (KRB_CONF,
+ * defined in "krb.h") associated with the specified realm.
+ *
+ * On end-of-file, krb_get_krbhst returns KFAILURE.  If n=1 and the
+ * configuration file does not exist, krb_get_krbhst will return KRB_HOST
+ * (also defined in "krb.h").  If all goes well, the routine returnes
+ * KSUCCESS.
+ *
+ * The KRB_CONF file contains the name of the local realm in the first
+ * line (not used by this routine), followed by lines indicating realm/host
+ * entries.  The words "admin server" following the hostname indicate that
+ * the host provides an administrative database server.
+ * This will also look in KRB_FB_CONF if ATHENA_CONF_FALLBACK is defined.
+ *
+ * For example:
+ *
+ *     ATHENA.MIT.EDU
+ *     ATHENA.MIT.EDU kerberos-1.mit.edu admin server
+ *     ATHENA.MIT.EDU kerberos-2.mit.edu
+ *     LCS.MIT.EDU kerberos.lcs.mit.edu admin server
+ *
+ * This is a temporary hack to allow us to find the nearest system running
+ * kerberos.  In the long run, this functionality will be provided by a
+ * nameserver.
+ */
+int KRB5_CALLCONV
+krb_get_krbhst(
+    char       *host,
+    const char *realm,
+    int                n)
+{
+    int                result;
+    int                i;
+    FILE       *cnffile;
+    char       linebuf[BUFSIZ];
+    char       tr[SCRATCHSZ];
+    char       scratch[SCRATCHSZ];
+
+    if (n < 1 || host == NULL || realm == NULL)
+       return KFAILURE;
+
+    result = krb_prof_get_nth(host, MAXHOSTNAMELEN, realm, n,
+                             REALMS_V4_PROF_REALMS_SECTION,
+                             REALMS_V4_PROF_KDC);
+    if (result == KSUCCESS)
+       return result;
+    /*
+     * Do old-style config file lookup.
+     */
+    do {
+       cnffile = krb__get_cnffile();
+       if (cnffile == NULL)
+           break;
+       /* Skip default realm name. */
+       if (fscanf(cnffile, SCNSCRATCH, tr) == EOF) {
+           fclose(cnffile);
+           break;
+       }
+       result = KSUCCESS;
+       for (i = 0; i < n;) {
+           if (fgets(linebuf, BUFSIZ, cnffile) == NULL) {
+               result = KFAILURE;
+               break;
+           }
+           if (!strchr(linebuf, '\n')) {
+               result = KFAILURE;
+               break;
+           }
+           if ((sscanf(linebuf, SCNSCRATCH " " SCNSCRATCH,
+                       tr, scratch) != 2))
+               continue;
+           if (!strcmp(tr, realm))
+               i++;
+       }
+       fclose(cnffile);
+       if (result == KSUCCESS && strlen(scratch) < MAXHOSTNAMELEN)
+           strncpy(host, scratch, MAXHOSTNAMELEN);
+       else
+           result = KFAILURE;
+    } while (0);
+    if (result == KFAILURE)
+       result = get_krbhst_default(host, realm, n);
+    return result;
+}
+
+#if USE_CCAPI
+/*
+ * Realm -> string_to_key mapping
+ */
+int KRB5_CALLCONV
+krb_get_stk(
+    KRB_UINT32 *type,
+    char       *realm)
+{
+    long       profErr = 0;
+    const char *names[] = {REALMS_V4_PROF_REALMS_SECTION, NULL,
+                           REALMS_V4_PROF_STK, NULL};
+    profile_t  profile = NULL;
+    void       *iter = NULL;
+    char       *name = NULL;
+    char       *value = NULL;
+    int                found = 0;
+
+    names[1] = realm;
+
+    profErr = krb_get_profile(&profile);
+    if (profErr) {
+       goto cleanup;
+    }
+
+    profErr = profile_iterator_create(profile, names,
+                                     PROFILE_ITER_RELATIONS_ONLY, &iter);
+    if (profErr) {
+       goto cleanup;
+    }
+
+    profErr = profile_iterator(&iter, &name, &value);
+    if (profErr) {
+       goto cleanup;
+    }
+
+    if (name != NULL) {
+       if (!strncmp(value, REALMS_V4_MIT_STK, strlen(REALMS_V4_MIT_STK))) {
+           *type = cc_v4_stk_des;
+           found = 1;
+       } else if (!strncmp(value, REALMS_V4_AFS_STK,
+                           strlen(REALMS_V4_AFS_STK))) {
+           *type = cc_v4_stk_afs;
+           found = 1;
+       } else if (!strncmp(value, REALMS_V4_COLUMBIA_STK,
+                           strlen(REALMS_V4_COLUMBIA_STK))) {
+           *type = cc_v4_stk_columbia_special;
+           found = 1;
+       }
+    }
+
+cleanup:
+    if (name != NULL)
+       profile_release_string(name);
+    if (value != NULL)
+       profile_release_string(value);
+    if (iter != NULL)
+       profile_iterator_free(&iter);
+    if (profile != NULL)
+       profile_abandon(profile);
+
+    /* If this fails, we just rely on autodetecting the realm */
+    if (!found) {
+       *type = cc_v4_stk_unknown;
+    }
+    return KSUCCESS;
+}
+#endif /* USE_CCAPI */
+
+/*
+ * Hostname -> realm name mapping
+ *
+ * Old description from realmofhost.c:
+ *
+ * Given a fully-qualified domain-style primary host name,
+ * return the name of the Kerberos realm for the host.
+ * If the hostname contains no discernable domain, or an error occurs,
+ * return the local realm name, as supplied by get_krbrlm().
+ * If the hostname contains a domain, but no translation is found,
+ * the hostname's domain is converted to upper-case and returned.
+ *
+ * The format of each line of the translation file is:
+ * domain_name kerberos_realm
+ * -or-
+ * host_name kerberos_realm
+ *
+ * domain_name should be of the form .XXX.YYY (e.g. .LCS.MIT.EDU)
+ * host names should be in the usual form (e.g. FOO.BAR.BAZ)
+ */
+char * KRB5_CALLCONV
+krb_realmofhost(char *host)
+{
+    /* Argh! */
+    static char        realm[REALM_SZ];
+    char       *lhost;
+    const char *names[] = {REALMS_V4_PROF_DOMAIN_SECTION, NULL, NULL};
+    char       **values = NULL;
+    profile_t  profile = NULL;
+    long       profErr;
+    char       hostname[MAXHOSTNAMELEN];
+    char       *p;
+    char       *domain;
+    FILE       *trans_file = NULL;
+    int                retval;
+    char       thost[SCRATCHSZ];
+    char       trealm[SCRATCHSZ];
+    struct hostent     *h;
+
+    /* Return local realm if all else fails */
+    krb_get_lrealm(realm, 1);
+
+    /* Forward-resolve in case domain is missing. */
+    h = gethostbyname(host);
+    if (h == NULL)
+       lhost = host;
+    else
+       lhost = h->h_name;
+
+    if (strlen(lhost) >= MAXHOSTNAMELEN)
+       return realm;
+    strncpy(hostname, lhost, MAXHOSTNAMELEN);
+
+    /* Remove possible trailing dot. */
+    p = strrchr(hostname, '.');
+    if (p != NULL && p[1] == '\0')
+       *p = '\0';
+    domain = strchr(hostname, '.');
+    /*
+     * If the hostname is just below the top, e.g., CYGNUS.COM, then
+     * we special-case it; if someone really wants a realm called COM
+     * they will just have to specify it properly.
+     */
+    if (domain != NULL) {
+       domain++;
+       p = strchr(domain, '.');
+       if (p == NULL)
+           domain = lhost;
+       if (strlen(domain) < REALM_SZ) {
+           strncpy(realm, domain, REALM_SZ);
+           /* Upcase realm name. */
+           for (p = hostname; *p != '\0'; p++) {
+               if (*p > 0 && islower((unsigned char)*p))
+                   *p = toupper((unsigned char)*p);
+           }
+       }
+    }
+    /* Downcase hostname. */
+    for (p = hostname; *p != '\0'; p++) {
+       if (*p > 0 && isupper((unsigned char)*p))
+           *p = tolower((unsigned char)*p);
+    }
+
+    profErr = krb_get_profile(&profile);
+    if (profErr)
+       goto cleanup;
+
+    for (domain = hostname; domain != NULL && *domain != '\0';) {
+       names[1] = domain;
+       values = NULL;
+       profErr = profile_get_values(profile, names, &values);
+       if (!profErr && strlen(values[0]) < REALM_SZ) {
+           /* Found, return it */
+           strncpy(realm, values[0], REALM_SZ);
+           profile_free_list(values);
+           break;
+       } else {
+           /* Skip over leading dot. */
+           if (*domain == '.')
+               domain++;
+           domain = strchr(domain, '.');
+       }
+       profile_free_list(values);
+    }
+cleanup:
+    if (profile != NULL)
+       profile_abandon(profile);
+
+    trans_file = krb__get_realmsfile();
+    if (trans_file == NULL)
+       return realm;
+    domain = strchr(hostname, '.');
+    for (;;) {
+       retval = fscanf(trans_file, SCNSCRATCH " " SCNSCRATCH,
+                       thost, trealm);
+       if (retval == EOF)
+           break;
+       if (retval != 2 || strlen(trealm) >= REALM_SZ)
+           continue;           /* Ignore malformed lines. */
+       /* Attempt to match domain. */
+       if (*thost == '.') {
+           if (domain && !strcasecmp(thost, domain)) {
+               strncpy(realm, trealm, REALM_SZ);
+               continue;       /* Try again for an exact match. */
+           }
+       } else {
+           /* Hostname must match exactly. */
+           if (!strcasecmp(thost, hostname)) {
+               strncpy(realm, trealm, REALM_SZ);
+               break;
+           }
+       }
+    }
+    fclose(trans_file);
+    return realm;
+}
index fd9ae68acb6acfb4fd79ea1db57b95ddb866d5c9..5fd234443b4eea729150a482e9d69f12e0c655ef 100644 (file)
@@ -67,7 +67,7 @@
 int KRB5_CALLCONV
 dest_tkt()
 {
-    char *file = TKT_FILE;
+    const char *file = TKT_FILE;
     int i,fd;
     extern int errno;
     int ret;
index 0a6fdeb49f816901a2e6ddf26858a43ce96ca2a8..64663b3d7ef71fa0bad0672703083f38439619d9 100644 (file)
 /*
- * err_txt.c
+ * lib/krb4/err_txt.c
  *
- * Copyright 1988 by the Massachusetts Institute of Technology.
+ * Copyright 1988, 2002 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
  *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
  */
 
-#include "mit-copyright.h"
 #include "krb.h"
+#include "krb4int.h"
 
 /*
- * This file contains an array of error text strings.
- * The associated error codes (which are defined in "krb.h")
- * follow the string in the comments at the end of each line.
+ * This is gross.  We want krb_err_txt to match the contents of the
+ * com_err error table, but the text is static in krb_err.c.  To avoid
+ * multiple registrations of the error table, we also want to override
+ * initialize_krb_error_table() in case someone decides to call it.
  */
+#undef initialize_krb_error_table
+#define initialize_krb_error_table     krb4int_init_krb_err_tbl
+void krb4int_init_krb_err_tbl(void);
+#include "krb_err.c"
+#undef initialize_krb_error_table
 
-const
-/* Some C compilers (like ThinkC when producing a driver) can't grok
-   initialized multimentional arrays! */
-#ifdef MULTIDIMENSIONAL_ERR_TXT
- char krb_err_txt[256][60] = {  
-#else 
- char *const krb_err_txt [256] = { 
-#endif
-  "OK",                                                        /* 000 */
-  "Principal expired (kerberos)",                      /* 001 */
-  "Service expired (kerberos)",                                /* 002 */
-  "Authentication expired (kerberos)",                 /* 003 */
-  "Unknown protocol version number (kerberos)",        /* 004 */
-  "Principal: Incorrect master key version (kerberos)", /* 005 */
-  "Service: Incorrect master key version (kerberos)",   /* 006 */
-  "Bad byte order (kerberos)",                         /* 007 */
-  "Principal unknown (kerberos)",                      /* 008 */
-  "Principal not unique (kerberos)",                   /* 009 */
-  "Principal has null key (kerberos)",                 /* 010 */
-  "Reserved error message 11 (kerberos)",              /* 011 */
-  "Reserved error message 12 (kerberos)",              /* 012 */
-  "Reserved error message 13 (kerberos)",              /* 013 */
-  "Reserved error message 14 (kerberos)",              /* 014 */
-  "Reserved error message 15 (kerberos)",              /* 015 */
-  "Reserved error message 16 (kerberos)",              /* 016 */
-  "Reserved error message 17 (kerberos)",              /* 017 */
-  "Reserved error message 18 (kerberos)",              /* 018 */
-  "Reserved error message 19 (kerberos)",              /* 019 */
-  "Permission Denied (kerberos)",                      /* 020 */
-  "Can't read ticket file (krb_get_cred)",             /* 021 */
-  "Can't find ticket (krb_get_cred)",                  /* 022 */
-  "Reserved error message 23 (krb_get_cred)",          /* 023 */
-  "Reserved error message 24 (krb_get_cred)",          /* 024 */
-  "Reserved error message 25 (krb_get_cred)",          /* 025 */
-  "Ticket granting ticket expired (krb_mk_req)",       /* 026 */
-  "Reserved error message 27 (krb_mk_req)",            /* 027 */
-  "Reserved error message 28 (krb_mk_req)",            /* 028 */
-  "Reserved error message 29 (krb_mk_req)",            /* 029 */
-  "Reserved error message 30 (krb_mk_req)",            /* 030 */
-  "Can't decode authenticator (krb_rd_req)",           /* 031 */
-  "Ticket expired (krb_rd_req)",                       /* 032 */
-  "Ticket issue date too far in the future (krb_rd_req)",/* 033 */
-  "Repeat request (krb_rd_req)",                       /* 034 */
-  "Ticket for wrong server (krb_rd_req)",              /* 035 */
-  "Request inconsistent (krb_rd_req)",                 /* 036 */
-  "Time is out of bounds (krb_rd_req)",                        /* 037 */
-  "Incorrect network address (krb_rd_req)",            /* 038 */
-  "Protocol version mismatch (krb_rd_req)",            /* 039 */
-  "Illegal message type (krb_rd_req)",                 /* 040 */
-  "Message integrity error (krb_rd_req)",              /* 041 */
-  "Message duplicate or out of order (krb_rd_req)",    /* 042 */
-  "Unauthorized request (krb_rd_req)",                 /* 043 */
-  "Reserved error message 44 (krb_rd_req)",            /* 044 */
-  "Reserved error message 45 (krb_rd_req)",            /* 045 */
-  "Reserved error message 46 (krb_rd_req)",            /* 046 */
-  "Reserved error message 47 (krb_rd_req)",            /* 047 */
-  "Reserved error message 48 (krb_rd_req)",            /* 048 */
-  "Reserved error message 49 (krb_rd_req)",            /* 049 */
-  "Reserved error message 50 (krb_rd_req)",            /* 050 */
-  "Current password is NULL (get_pw_tkt)",             /* 051 */
-  "Current password incorrect (get_pw_tkt)",           /* 052 */
-  "Protocol error (gt_pw_tkt)",                                /* 053 */
-  "Error returned by KDC (gt_pw_tkt)",                 /* 054 */
-  "Null ticket returned by KDC (gt_pw_tkt)",           /* 055 */
-  "Retry count exceeded (send_to_kdc)",                        /* 056 */
-  "Can't send request (send_to_kdc)",                  /* 057 */
-  "Reserved error message 58 (send_to_kdc)",           /* 058 */
-  "Reserved error message 59 (send_to_kdc)",           /* 059 */
-  "Reserved error message 60 (send_to_kdc)",           /* 060 */
-  "Warning: Not ALL tickets returned",                 /* 061 */
-  "Password incorrect",                                        /* 062 */
-  "Protocol error (get_intkt)",                                /* 063 */
-  "Reserved error message 64 (get_in_tkt)",            /* 064 */
-  "Reserved error message 65 (get_in_tkt)",            /* 065 */
-  "Reserved error message 66 (get_in_tkt)",            /* 066 */
-  "Reserved error message 67 (get_in_tkt)",            /* 067 */
-  "Reserved error message 68 (get_in_tkt)",            /* 068 */
-  "Reserved error message 69 (get_in_tkt)",            /* 069 */
-  "Generic error (get_intkt)",                         /* 070 */
-  "Don't have ticket granting ticket (get_ad_tkt)",    /* 071 */
-  "Reserved error message 72 (get_ad_tkt)",            /* 072 */
-  "Reserved error message 73 (get_ad_tkt)",            /* 073 */
-  "Reserved error message 74 (get_ad_tkt)",            /* 074 */
-  "Reserved error message 75 (get_ad_tkt)",            /* 075 */
-  "You have no tickets cached",                                /* 076 */
-  "Can't access ticket file (tf_util)",                        /* 077 */
-  "Can't lock ticket file; try later (tf_util)",       /* 078 */
-  "Bad ticket file format (tf_util)",                  /* 079 */
-  "Read ticket file before tf_init (tf_util)",         /* 080 */
-  "Bad Kerberos name format (kname_parse)",            /* 081 */
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "(reserved)",
-  "Generic kerberos error (kfailure)",                 /* 255 */
-};
+void initialize_krb_error_table(void);
 
+/* YUCK -- depends on naming of the static table. */
+const char * const * const krb_err_txt = text;
+
+static int inited = 0;
+
+void
+krb4int_et_init(void)
+{
+    if (inited)
+       return;
+    add_error_table(&et_krb_error_table);
+    inited = 1;\
+}
+
+void
+initialize_krb_error_table(void)
+{
+    krb4int_et_init();
+}
+
+void
+krb4int_et_fini(void)
+{
+    if (inited)
+       remove_error_table(&et_krb_error_table);
+}
 
 const char * KRB5_CALLCONV
-krb_get_err_text (code)
+krb_get_err_text(code)
     int code;
 {
-    if (code >= 0 && code < (sizeof (krb_err_txt))/(sizeof *krb_err_txt))
-       return krb_err_txt[code];
+    krb4int_et_init();
+    /*
+     * Shift krb error code into com_err number space.
+     */
+    if (code >= 0 && code < MAX_KRB_ERRORS)
+       return error_message(ERROR_TABLE_BASE_krb + code);
     else
        return "Invalid Kerberos error code";
 }
diff --git a/src/lib/krb4/g_admhst.c b/src/lib/krb4/g_admhst.c
deleted file mode 100644 (file)
index 9d844a9..0000000
+++ /dev/null
@@ -1,78 +0,0 @@
-/*
- * g_admhst.c
- *
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- */
-
-#include "mit-copyright.h"
-#include <stdio.h>
-#include "krb.h"
-#include <string.h>
-#include "krb4int.h"
-
-/*
- * Given a Kerberos realm, find a host on which the Kerberos database
- * administration server can be found.
- *
- * krb_get_admhst takes a pointer to be filled in, a pointer to the name
- * of the realm for which a server is desired, and an integer n, and
- * returns (in h) the nth administrative host entry from the configuration
- * file (KRB_CONF, defined in "krb.h") associated with the specified realm.
- * If ATHENA_CONF_FALLBACK is defined, also look in old location.
- *
- * On error, get_admhst returns KFAILURE. If all goes well, the routine
- * returns KSUCCESS.
- *
- * For the format of the KRB_CONF file, see comments describing the routine
- * krb_get_krbhst().
- *
- * This is a temporary hack to allow us to find the nearest system running
- * a Kerberos admin server.  In the long run, this functionality will be
- * provided by a nameserver.
- */
-
-int KRB5_CALLCONV
-krb_get_admhst(h, r, n)
-    char *h;
-    char *r;
-    int n;
-{
-    FILE *cnffile;
-    char tr[REALM_SZ];
-    char linebuf[BUFSIZ];
-    char scratch[64];
-    register int i;
-
-    cnffile = krb__get_cnffile();
-    if (!cnffile)
-            return(KFAILURE);
-    if (fgets(linebuf, BUFSIZ, cnffile) == NULL) {
-       /* error reading */
-       (void) fclose(cnffile);
-       return(KFAILURE);
-    }
-    if (!strchr(linebuf, '\n')) {
-       /* didn't all fit into buffer, punt */
-       (void) fclose(cnffile);
-       return(KFAILURE);
-    }
-    for (i = 0; i < n; ) {
-       /* run through the file, looking for admin host */
-       if (fgets(linebuf, BUFSIZ, cnffile) == NULL) {
-            (void) fclose(cnffile);
-            return(KFAILURE);
-        }
-       /* need to scan for a token after 'admin' to make sure that
-          admin matched correctly */
-       if (sscanf(linebuf, "%s %s admin %s", tr, h, scratch) != 3)
-           continue;
-        if (!strcmp(tr,r))
-            i++;
-    }
-    (void) fclose(cnffile);
-    return(KSUCCESS);
-}
index 7ad0534828578285f640fdac1fbb11b1bb543404..09253daa85f73a4e08135753449b46cbcafd4a2b 100644 (file)
@@ -1,8 +1,8 @@
 /*
  * lib/krb4/g_in_tkt.c
  *
- * Copyright 1986, 1987, 1988, 2000, 2001 by the Massachusetts
- * Institute of Technology.  All Rights Reserved.
+ * Copyright 1986-2002 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
  *
  * Export of this software from the United States of America may
  *   require a specific license from the United States Government.
@@ -157,6 +157,9 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
 
     int msg_byte_order;
     int kerror;
+#if TARGET_OS_MAC
+    socklen_t addrlen;
+#endif
 #if 0
     unsigned long exp_date;
 #endif
@@ -213,8 +216,10 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
 
     /* SEND THE REQUEST AND RECEIVE THE RETURN PACKET */
     rpkt->length = 0;
-#if 0 /* XXX */
-    kerror = send_to_kdc_addr(pkt, rpkt, realm, local_addr);
+#if TARGET_OS_MAC
+    addrlen = sizeof(struct sockaddr_in)
+    kerror = krb4int_send_to_kdc_addr(pkt, rpkt, realm,
+                                     local_addr, &addrlen);
 #else
     kerror = send_to_kdc(pkt, rpkt, realm);
 #endif
@@ -443,7 +448,7 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life,
     return kerror;
 }
 
-int
+int KRB5_CALLCONV
 krb_get_in_tkt_creds(user, instance, realm, service, sinstance, life,
                     key_proc, decrypt_proc, arg, creds)
     char *user;
diff --git a/src/lib/krb4/g_krbhst.c b/src/lib/krb4/g_krbhst.c
deleted file mode 100644 (file)
index bc9c045..0000000
+++ /dev/null
@@ -1,97 +0,0 @@
-/*
- * g_krbhst.c
- *
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- */
-
-#include "mit-copyright.h"
-#include <stdio.h>
-#include "krb.h"
-#include <string.h>
-#include "krb4int.h"
-#include "port-sockets.h"
-
-/*
- * Given a Kerberos realm, find a host on which the Kerberos authenti-
- * cation server can be found.
- *
- * krb_get_krbhst takes a pointer to be filled in, a pointer to the name
- * of the realm for which a server is desired, and an integer, n, and
- * returns (in h) the nth entry from the configuration file (KRB_CONF,
- * defined in "krb.h") associated with the specified realm.
- *
- * On end-of-file, krb_get_krbhst returns KFAILURE.  If n=1 and the
- * configuration file does not exist, krb_get_krbhst will return KRB_HOST
- * (also defined in "krb.h").  If all goes well, the routine returnes
- * KSUCCESS.
- *
- * The KRB_CONF file contains the name of the local realm in the first
- * line (not used by this routine), followed by lines indicating realm/host
- * entries.  The words "admin server" following the hostname indicate that 
- * the host provides an administrative database server.
- * This will also look in KRB_FB_CONF if ATHENA_CONF_FALLBACK is defined.
- *
- * For example:
- *
- *     ATHENA.MIT.EDU
- *     ATHENA.MIT.EDU kerberos-1.mit.edu admin server
- *     ATHENA.MIT.EDU kerberos-2.mit.edu
- *     LCS.MIT.EDU kerberos.lcs.mit.edu admin server
- *
- * This is a temporary hack to allow us to find the nearest system running
- * kerberos.  In the long run, this functionality will be provided by a
- * nameserver.
- */
-
-static int
-get_krbhst_default(h, r, n)
-     char *h;
-     char *r;
-     int n;
-{
-    if (n==1) {
-        (void) strncpy(h,KRB_HOST,MAXHOSTNAMELEN-1);
-       h[MAXHOSTNAMELEN-1] = '\0';
-       (void) strncat(h,".",MAXHOSTNAMELEN-1-strlen(h));
-       (void) strncat(h,r,MAXHOSTNAMELEN-1-strlen(h));
-                               /* KRB_HOST.REALM (ie. kerberos.CYGNUS.COM) */
-       return(KSUCCESS);
-    }
-    else
-        return(KFAILURE);
-}
-
-int KRB5_CALLCONV
-krb_get_krbhst(h,r,n)
-    char *h;
-    char *r;
-    int n;
-{
-    FILE *cnffile;
-    char tr[REALM_SZ];
-    char linebuf[BUFSIZ];
-    register int i;
-
-    cnffile = krb__get_cnffile();
-    if (!cnffile)
-        return get_krbhst_default(h, r, n);
-    if (fscanf(cnffile,"%39s",tr) == EOF) /* XXX assumes REALM_SZ == 40 */
-        return get_krbhst_default(h, r, n);
-    /* run through the file, looking for the nth server for this realm */
-    for (i = 1; i <= n;) {
-       if (fgets(linebuf, BUFSIZ, cnffile) == NULL) {
-            (void) fclose(cnffile);
-            return get_krbhst_default(h, r, n);
-        }
-       if (sscanf(linebuf, "%39s %1023s", tr, h) != 2) /* REALM_SZ == 40 */
-           continue;
-        if (!strcmp(tr,r))
-            i++;
-    }
-    (void) fclose(cnffile);
-    return(KSUCCESS);
-}
diff --git a/src/lib/krb4/g_krbrlm.c b/src/lib/krb4/g_krbrlm.c
deleted file mode 100644 (file)
index 608e1b8..0000000
+++ /dev/null
@@ -1,63 +0,0 @@
-/*
- * g_krbrlm.c
- *
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- */
-
-#include "mit-copyright.h"
-#include <stdio.h>
-#include "krb.h"
-#include <string.h>
-#include "krb4int.h"
-
-/*
- * krb_get_lrealm takes a pointer to a string, and a number, n.  It fills
- * in the string, r, with the name of the nth realm specified on the
- * first line of the kerberos config file (KRB_CONF, defined in "krb.h").
- * It returns 0 (KSUCCESS) on success, and KFAILURE on failure.  If the
- * config file does not exist, and if n=1, a successful return will occur
- * with r = KRB_REALM (also defined in "krb.h").
- *
- * NOTE: for archaic & compatibility reasons, this routine will only return
- * valid results when n = 1.
- *
- * For the format of the KRB_CONF file, see comments describing the routine
- * krb_get_krbhst().  This will also look in KRB_FB_CONF is
- * ATHENA_CONF_FALLBACK is defined.
- */
-int KRB5_CALLCONV
-krb_get_lrealm(r,n)
-    char *r;
-    int n;
-{
-    FILE *cnffile;
-
-    if (n > 1)
-       return(KFAILURE);  /* Temporary restriction */
-
-    cnffile = krb__get_cnffile();
-    if (!cnffile) {
-       if (n == 1) {
-           (void) strncpy(r, KRB_REALM, REALM_SZ);
-           r[REALM_SZ - 1] = '\0';
-           return(KSUCCESS);
-       }
-       else
-           return(KFAILURE);
-    }
-
-    /*
-     * XXX This assumes REALM_SZ == 40,
-     * and that r is 40 characters long.
-     */
-    if (fscanf(cnffile,"%39s",r) != 1) {
-        (void) fclose(cnffile);
-        return(KFAILURE);
-    }
-    (void) fclose(cnffile);
-    return(KSUCCESS);
-}
index b41126dca36116f9a141a1a202280b96c3186bea..7b15f62ae621d0c4c0b5243c435dc65e661d3203 100644 (file)
@@ -1,21 +1,34 @@
 /*
- * g_svc_in_tkt.c
+ * lib/krb4/g_svc_in_tkt.c
  *
  * Copyright 1987, 1988 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
  *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
  */
 
-#include "mit-copyright.h"
+#include <string.h>
+#include <stdlib.h>
 #include "krb.h"
 #include "prot.h"
 #include "krb4int.h"
-#include <string.h>
-
-#ifndef NULL
-#define NULL 0
-#endif
 
 /*
  * This file contains two routines: srvtab_to_key(), which gets
index 36a2f8645b6aadc55f3b11718be7c4d7825b982a..e03fe24b10c1508cfc0b6ff3b9181336ec76881f 100644 (file)
@@ -28,7 +28,7 @@
 
 int KRB5_CALLCONV
 krb_get_tf_fullname(ticket_file, name, instance, realm)
-  char *ticket_file;
+  const char *ticket_file;
   char *name;
   char *instance;
   char *realm;
index 92e109996331f4ebeb28d15cb6d06dc84782237a..fe99e61e1cd5563d7df0e8839bb980346cc75c57 100644 (file)
@@ -1,13 +1,29 @@
 /*
- * g_tf_realm.c
+ * lib/krb4/g_tf_realm.c
  *
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology.
+ * Copyright 1987-2002 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
  *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
  */
 
-#include "mit-copyright.h"
 #include "krb.h"
 
 /*
@@ -22,9 +38,7 @@
  */
 
 int KRB5_CALLCONV
-krb_get_tf_realm(ticket_file, realm)
-  char *ticket_file;
-  char *realm;
+krb_get_tf_realm(const char *ticket_file, char *realm)
 {
-    return(krb_get_tf_fullname(ticket_file, (char *)0, (char *)0, realm));
+    return krb_get_tf_fullname(ticket_file, NULL, NULL, realm);
 }
index c70c6c55b2fcab82719c44253a1cc2b4e26ab1c6..b76cd70521802d921c6cef51d2bc20b4eafb21e0 100644 (file)
@@ -26,6 +26,7 @@
 
 #include <stdio.h>
 #include <string.h>
+#include <errno.h>
 #include "krb.h"
 #include <fcntl.h>
 #include <sys/stat.h>
@@ -72,7 +73,7 @@ in_tkt(pname,pinst)
     uid_t me, metoo, getuid(), geteuid();
     struct stat statpre, statpost;
     int count;
-    char *file = TKT_FILE;
+    const char *file = TKT_FILE;
     int fd;
     register int i;
     char charbuf[BUFSIZ];
index 6819653d83aa671abcdea2078b60355227c7db04..82a66f649f4f522d6a2ed5c572de4f2ed2e912d8 100644 (file)
@@ -1,4 +1,29 @@
-/* A series of private prototypes that we are not exporting but should
+/*
+ * lib/krb4/krb4int.h
+ *
+ * Copyright 2001-2002 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
+ *
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
+ *
+ * A series of private prototypes that we are not exporting but should
  * be available for self consistancy in the library.
  */
 
@@ -25,6 +50,12 @@ int krb_get_svc_in_tkt_preauth(char *, char *, char *, char *, char *, int, char
 /* gethostname.c */
 int k_gethostname(char *, int);
 
+/* g_in_tkt.c */
+int krb_get_in_tkt_preauth_creds(char *, char *, char *,
+                                char *, char *, int,
+                                key_proc_type, decrypt_tkt_type,
+                                char *, char *, int, CREDENTIALS *);
+
 /* klog.c */
 void kset_logfile(char *);
 
@@ -55,12 +86,17 @@ int krb_start_session(char *);
 
 int krb_end_session(char *);
 
-#ifndef _WINDOWS
+#ifndef _WIN32
 /* For windows users, these are defined in krb.h */
 char *krb_get_default_user (void);
 
 int krb_set_default_user (char *);
 #endif
 
+/* RealmConfig-glue.c */
+int krb_get_kpasswdhst(char *, char *, int);
+int krb_get_stk(KRB_UINT32 *type, char *realm);
 
-
+/* err_txt.c */
+void krb4int_et_init(void);
+void krb4int_et_fini(void);
index 7ee5dd5f9d46eaf0d7cfb40c405518af3fdb3a40..c4f225d6c931b68bd69223591b7921d5b78dba3a 100644 (file)
                        "Kerberos auth expired"
 
        ec              KRBET_KDC_PKT_VER,
-                       "Incorrect kerberos master key version"
+                       "Unknown kerberos protocol version"
 
        ec              KRBET_KDC_P_MKEY_VER,
-                       "Incorrect kerberos master key version"
+                       "Incorrect kerberos master key version for principal"
 
        ec              KRBET_KDC_S_MKEY_VER,
-                       "Incorrect kerberos master key version"
+                       "Incorrect kerberos master key version for service"
 
        ec              KRBET_KDC_BYTE_ORDER,
-                       "Kerberos error: byte order unknown"
+                       "Bad byte order (kerberos)"
 
        ec              KRBET_KDC_PR_UNKNOWN,
                        "Kerberos principal unknown"
                        "Kerberos principal has null key"
 
        ec              KRBET_KRB_RES11,
-                       "Reserved 11"
+                       "Reserved error message 11 (kerberos)"
 
        ec              KRBET_KRB_RES12,
-                       "Reserved 12"
+                       "Reserved error message 12 (kerberos)"
   
        ec              KRBET_KRB_RES13,
-                       "Reserved 13"
+                       "Reserved error message 13 (kerberos)"
 
        ec              KRBET_KRB_RES14,
-                       "Reserved 14"
+                       "Reserved error message 14 (kerberos)"
 
        ec              KRBET_KRB_RES15,
-                       "Reserved 15"
+                       "Reserved error message 15 (kerberos)"
 
        ec              KRBET_KRB_RES16,
-                       "Reserved 16"
+                       "Reserved error message 16 (kerberos)"
 
        ec              KRBET_KRB_RES17,
-                       "Reserved 17"
+                       "Reserved error message 17 (kerberos)"
 
        ec              KRBET_KRB_RES18,
-                       "Reserved 18"
+                       "Reserved error message 18 (kerberos)"
 
        ec              KRBET_KRB_RES19,
-                       "Reserved 19"
+                       "Reserved error message 19 (kerberos)"
 
        ec              KRBET_KDC_GEN_ERR,
                        "Generic error from Kerberos KDC"
                        "Can't find Kerberos ticket or TGT"
 
        ec              KRBET_KRB_RES23,
-                       "Reserved 23"
+                       "Reserved error message 23 (krb_get_cred)"
 
        ec              KRBET_KRB_RES24,
-                       "Reserved 24"
+                       "Reserved error message 24 (krb_get_cred)"
 
        ec              KRBET_KRB_RES25,
-                       "Reserved 25"
+                       "Reserved error message 25 (krb_get_cred)"
 
        ec              KRBET_MK_AP_TGTEXP,
                        "Kerberos TGT Expired"
 
        ec              KRBET_KRB_RES27,
-                       "Reserved 27"
+                       "Reserved error message 27 (krb_mk_req)"
 
        ec              KRBET_KRB_RES28,
-                       "Reserved 28"
+                       "Reserved error message 28 (krb_mk_req)"
 
        ec              KRBET_KRB_RES29,
-                       "Reserved 29"
+                       "Reserved error message 29 (krb_mk_req)"
 
        ec              KRBET_KRB_RES30,
-                       "Reserved 30"
+                       "Reserved error message 30 (krb_mk_req)"
 
        ec              KRBET_RD_AP_UNDEC,
-                       "Kerberos error: Can't decode authenticator"
+                       "Can't decode authenticator (krb_rd_req)"
 
        ec              KRBET_RD_AP_EXP,
-                       "Kerberos ticket expired"
+                       "Kerberos ticket expired (krb_rd_req)"
 
        ec              KRBET_RD_AP_NYV,
-                       "Kerberos ticket not yet valid"
+                       "Kerberos ticket not yet valid (krb_rd_req)"
 
        ec              KRBET_RD_AP_REPEAT,
-                       "Kerberos error: Repeated request"
+                       "Repeated request (krb_rd_req)"
 
        ec              KRBET_RD_AP_NOT_US,
-                       "The kerberos ticket isn't for us"
+                       "Kerberos ticket is for wrong server (krb_rd_req)"
 
        ec              KRBET_RD_AP_INCON,
                        "Kerberos request inconsistent"
 
        ec              KRBET_RD_AP_TIME,
-                       "Kerberos error: time is out of bounds"
+                       "Time is out of bounds (krb_rd_req)"
 
        ec              KRBET_RD_AP_BADD,
-                       "Kerberos error: incorrect net address"
+                       "Incorrect net address (krb_rd_req)"
 
        ec              KRBET_RD_AP_VERSION,
-                       "Kerberos protocol version mismatch"
+                       "Kerberos protocol version mismatch (krb_rd_req)"
 
        ec              KRBET_RD_AP_MSG_TYPE,
-                       "Kerberos error: invalid msg type"
+                       "Invalid msg type (krb_rd_req)"
 
        ec              KRBET_RD_AP_MODIFIED,
-                       "Kerberos error: message stream modified"
+                       "Message integrity error (krb_rd_req)"
 
        ec              KRBET_RD_AP_ORDER,
-                       "Kerberos error: message out of order"
+                       "Message out of order (krb_rd_req)"
 
        ec              KRBET_RD_AP_UNAUTHOR,
-                       "Kerberos error: unauthorized request"
+                       "Unauthorized request (krb_rd_req)"
 
        ec              KRBET_KRB_RES44,
-                       "Reserved 44"
+                       "Reserved error message 44 (krb_rd_req)"
 
        ec              KRBET_KRB_RES45,
-                       "Reserved 45"
+                       "Reserved error message 45 (krb_rd_req)"
 
        ec              KRBET_KRB_RES46,
-                       "Reserved 46"
+                       "Reserved error message 46 (krb_rd_req)"
 
        ec              KRBET_KRB_RES47,
-                       "Reserved 47"
+                       "Reserved error message 47 (krb_rd_req)"
 
        ec              KRBET_KRB_RES48,
-                       "Reserved 48"
+                       "Reserved error message 48 (krb_rd_req)"
 
        ec              KRBET_KRB_RES49,
-                       "Reserved 49"
+                       "Reserved error message 49 (krb_rd_req)"
 
        ec              KRBET_KRB_RES50,
-                       "Reserved 50"
+                       "Reserved error message 50 (krb_rd_req)"
 
        ec              KRBET_GT_PW_NULL,
-                       "Kerberos error: current PW is null"
+                       "Current password is null (get_pw_tkt)"
 
        ec              KRBET_GT_PW_BADPW,
-                       "Kerberos error: Incorrect current password"
+                       "Incorrect current password (get_pw_tkt)"
 
        ec              KRBET_GT_PW_PROT,
-                       "Kerberos protocol error"
+                       "Protocol error (get_pw_tkt)"
 
        ec              KRBET_GT_PW_KDCERR,
-                       "Error returned by Kerberos KDC"
+                       "Error returned by KDC (get_pw_tkt)"
 
        ec              KRBET_GT_PW_NULLTKT,
-                       "Null Kerberos ticket returned by KDC"
+                       "Null Kerberos ticket returned by KDC (get_pw_tkt)"
 
        ec              KRBET_SKDC_RETRY,
-                       "Kerberos error: Retry count exceeded"
+                       "Retry count exceeded (send_to_kdc)"
 
        ec              KRBET_SKDC_CANT,
-                       "Kerberos error: Can't send request"
+                       "Can't send request (send_to_kdc)"
 
        ec              KRBET_KRB_RES58,
-                       "Reserved 58"
+                       "Reserved error message 58 (send_to_kdc)"
 
        ec              KRBET_KRB_RES59,
-                       "Reserved 59"
+                       "Reserved error message 59 (send_to_kdc)"
 
        ec              KRBET_KRB_RES60,
-                       "Reserved 60"
+                       "Reserved error message 60 (send_to_kdc)"
 
        ec              KRBET_INTK_W_NOTALL,
                        "Kerberos error: not all tickets returned"
 
        ec              KRBET_INTK_BADPW,
-                       "Kerberos error: incorrect password"
+                       "Incorrect password (get_in_tkt)"
 
        ec              KRBET_INTK_PROT,
-                       "Kerberos error: Protocol Error"
+                       "Protocol error (get_in_tkt)"
 
        ec              KRBET_KRB_RES64,
-                       "Reserved 64"
+                       "Reserved error message 64 (get_in_tkt)"
 
        ec              KRBET_KRB_RES65,
-                       "Reserved 65"
+                       "Reserved error message 65 (get_in_tkt)"
 
        ec              KRBET_KRB_RES66,
-                       "Reserved 66"
+                       "Reserved error message 66 (get_in_tkt)"
 
        ec              KRBET_KRB_RES67,
-                       "Reserved 67"
+                       "Reserved error message 67 (get_in_tkt)"
 
        ec              KRBET_KRB_RES68,
-                       "Reserved 68"
+                       "Reserved error message 68 (get_in_tkt)"
 
        ec              KRBET_KRB_RES69,
-                       "Reserved 69"
+                       "Reserved error message 69 (get_in_tkt)"
 
        ec              KRBET_INTK_ERR,
-                       "Other error"
+                       "Other error (get_in_tkt)"
 
        ec              KRBET_AD_NOTGT,
-                       "Don't have Kerberos ticket-granting ticket"
+                       "Don't have Kerberos ticket-granting ticket (get_ad_tkt)"
 
        ec              KRBET_KRB_RES72,
-                       "Reserved 72"
+                       "Reserved error message 72 (get_ad_tkt)"
 
        ec              KRBET_KRB_RES73,
-                       "Reserved 73"
+                       "Reserved error message 73 (get_ad_tkt)"
 
        ec              KRBET_KRB_RES74,
-                       "Reserved 74"
+                       "Reserved error message 74 (get_ad_tkt)"
 
        ec              KRBET_KRB_RES75,
-                       "Reserved 75"
+                       "Reserved error message 75 (get_ad_tkt)"
 
        ec              KRBET_NO_TKT_FIL,
                        "You have no tickets cached"
 
        ec              KRBET_TKT_FIL_ACC,
-                       "Couldn't access ticket file"
+                       "Couldn't access ticket file (tf_util)"
 
        ec              KRBET_TKT_FIL_LCK,
-                       "Couldn't lock ticket file"
+                       "Couldn't lock ticket file (tf_util)"
 
        ec              KRBET_TKT_FIL_FMT,
-                       "Bad ticket file format"
+                       "Bad ticket file format (tf_util)"
 
        ec              KRBET_TKT_FIL_INI,
-                       "tf_init not called first"
+                       "tf_init not called before reading from ticket file (tf_util)"
 
        ec              KRBET_KNAME_FMT,
-                       "Bad Kerberos name format"
+                       "Bad Kerberos name format (kname_parse)"
 
-       end
+       ec              KRBET_RES82,
+                       "Reserved error message 82"
+
+       ec              KRBET_RES83,
+                       "Reserved error message 83"
+
+       ec              KRBET_RES84,
+                       "Reserved error message 84"
+
+       ec              KRBET_RES85,
+                       "Reserved error message 85"
+
+       ec              KRBET_RES86,
+                       "Reserved error message 86"
+
+       ec              KRBET_RES87,
+                       "Reserved error message 87"
+
+       ec              KRBET_RES88,
+                       "Reserved error message 88"
+
+       ec              KRBET_RES89,
+                       "Reserved error message 89"
+
+       ec              KRBET_RES90,
+                       "Reserved error message 90"
+
+       ec              KRBET_RES91,
+                       "Reserved error message 91"
+
+       ec              KRBET_RES92,
+                       "Reserved error message 92"
+
+       ec              KRBET_RES93,
+                       "Reserved error message 93"
+
+       ec              KRBET_RES94,
+                       "Reserved error message 94"
+
+       ec              KRBET_RES95,
+                       "Reserved error message 95"
+
+       ec              KRBET_RES96,
+                       "Reserved error message 96"
+
+       ec              KRBET_RES97,
+                       "Reserved error message 97"
+
+       ec              KRBET_RES98,
+                       "Reserved error message 98"
+
+       ec              KRBET_RES99,
+                       "Reserved error message 99"
+
+       ec              KRBET_RES100,
+                       "Reserved error message 100"
+
+       ec              KRBET_RES101,
+                       "Reserved error message 101"
+
+       ec              KRBET_RES102,
+                       "Reserved error message 102"
+
+       ec              KRBET_RES103,
+                       "Reserved error message 103"
+
+       ec              KRBET_RES104,
+                       "Reserved error message 104"
+
+       ec              KRBET_RES105,
+                       "Reserved error message 105"
+
+       ec              KRBET_RES106,
+                       "Reserved error message 106"
+
+       ec              KRBET_RES107,
+                       "Reserved error message 107"
+
+       ec              KRBET_RES108,
+                       "Reserved error message 108"
+
+       ec              KRBET_RES109,
+                       "Reserved error message 109"
+
+       ec              KRBET_RES110,
+                       "Reserved error message 110"
+
+       ec              KRBET_RES111,
+                       "Reserved error message 111"
+
+       ec              KRBET_RES112,
+                       "Reserved error message 112"
+
+       ec              KRBET_RES113,
+                       "Reserved error message 113"
+
+       ec              KRBET_RES114,
+                       "Reserved error message 114"
+
+       ec              KRBET_RES115,
+                       "Reserved error message 115"
+
+       ec              KRBET_RES116,
+                       "Reserved error message 116"
+
+       ec              KRBET_RES117,
+                       "Reserved error message 117"
+
+       ec              KRBET_RES118,
+                       "Reserved error message 118"
+
+       ec              KRBET_RES119,
+                       "Reserved error message 119"
+
+       ec              KRBET_RES120,
+                       "Reserved error message 120"
+
+       ec              KRBET_RES121,
+                       "Reserved error message 121"
+
+       ec              KRBET_RES122,
+                       "Reserved error message 122"
+
+       ec              KRBET_RES123,
+                       "Reserved error message 123"
+
+       ec              KRBET_RES124,
+                       "Reserved error message 124"
+
+       ec              KRBET_RES125,
+                       "Reserved error message 125"
+
+       ec              KRBET_RES126,
+                       "Reserved error message 126"
+
+       ec              KRBET_RES127,
+                       "Reserved error message 127"
+
+       ec              KRBET_RES128,
+                       "Reserved error message 128"
+
+       ec              KRBET_RES129,
+                       "Reserved error message 129"
+
+       ec              KRBET_RES130,
+                       "Reserved error message 130"
+
+       ec              KRBET_RES131,
+                       "Reserved error message 131"
+
+       ec              KRBET_RES132,
+                       "Reserved error message 132"
+
+       ec              KRBET_RES133,
+                       "Reserved error message 133"
+
+       ec              KRBET_RES134,
+                       "Reserved error message 134"
+
+       ec              KRBET_RES135,
+                       "Reserved error message 135"
+
+       ec              KRBET_RES136,
+                       "Reserved error message 136"
+
+       ec              KRBET_RES137,
+                       "Reserved error message 137"
+
+       ec              KRBET_RES138,
+                       "Reserved error message 138"
+
+       ec              KRBET_RES139,
+                       "Reserved error message 139"
+
+       ec              KRBET_RES140,
+                       "Reserved error message 140"
+
+       ec              KRBET_RES141,
+                       "Reserved error message 141"
+
+       ec              KRBET_RES142,
+                       "Reserved error message 142"
+
+       ec              KRBET_RES143,
+                       "Reserved error message 143"
+
+       ec              KRBET_RES144,
+                       "Reserved error message 144"
+
+       ec              KRBET_RES145,
+                       "Reserved error message 145"
+
+       ec              KRBET_RES146,
+                       "Reserved error message 146"
+
+       ec              KRBET_RES147,
+                       "Reserved error message 147"
+
+       ec              KRBET_RES148,
+                       "Reserved error message 148"
+
+       ec              KRBET_RES149,
+                       "Reserved error message 149"
+
+       ec              KRBET_RES150,
+                       "Reserved error message 150"
+
+       ec              KRBET_RES151,
+                       "Reserved error message 151"
+
+       ec              KRBET_RES152,
+                       "Reserved error message 152"
+
+       ec              KRBET_RES153,
+                       "Reserved error message 153"
+
+       ec              KRBET_RES154,
+                       "Reserved error message 154"
+
+       ec              KRBET_RES155,
+                       "Reserved error message 155"
+
+       ec              KRBET_RES156,
+                       "Reserved error message 156"
+
+       ec              KRBET_RES157,
+                       "Reserved error message 157"
+
+       ec              KRBET_RES158,
+                       "Reserved error message 158"
+
+       ec              KRBET_RES159,
+                       "Reserved error message 159"
+
+       ec              KRBET_RES160,
+                       "Reserved error message 160"
+
+       ec              KRBET_RES161,
+                       "Reserved error message 161"
+
+       ec              KRBET_RES162,
+                       "Reserved error message 162"
+
+       ec              KRBET_RES163,
+                       "Reserved error message 163"
+
+       ec              KRBET_RES164,
+                       "Reserved error message 164"
+
+       ec              KRBET_RES165,
+                       "Reserved error message 165"
+
+       ec              KRBET_RES166,
+                       "Reserved error message 166"
+
+       ec              KRBET_RES167,
+                       "Reserved error message 167"
+
+       ec              KRBET_RES168,
+                       "Reserved error message 168"
 
+       ec              KRBET_RES169,
+                       "Reserved error message 169"
+
+       ec              KRBET_RES170,
+                       "Reserved error message 170"
+
+       ec              KRBET_RES171,
+                       "Reserved error message 171"
+
+       ec              KRBET_RES172,
+                       "Reserved error message 172"
+
+       ec              KRBET_RES173,
+                       "Reserved error message 173"
+
+       ec              KRBET_RES174,
+                       "Reserved error message 174"
+
+       ec              KRBET_RES175,
+                       "Reserved error message 175"
+
+       ec              KRBET_RES176,
+                       "Reserved error message 176"
+
+       ec              KRBET_RES177,
+                       "Reserved error message 177"
+
+       ec              KRBET_RES178,
+                       "Reserved error message 178"
+
+       ec              KRBET_RES179,
+                       "Reserved error message 179"
+
+       ec              KRBET_RES180,
+                       "Reserved error message 180"
+
+       ec              KRBET_RES181,
+                       "Reserved error message 181"
+
+       ec              KRBET_RES182,
+                       "Reserved error message 182"
+
+       ec              KRBET_RES183,
+                       "Reserved error message 183"
+
+       ec              KRBET_RES184,
+                       "Reserved error message 184"
+
+       ec              KRBET_RES185,
+                       "Reserved error message 185"
+
+       ec              KRBET_RES186,
+                       "Reserved error message 186"
+
+       ec              KRBET_RES187,
+                       "Reserved error message 187"
+
+       ec              KRBET_RES188,
+                       "Reserved error message 188"
+
+       ec              KRBET_RES189,
+                       "Reserved error message 189"
+
+       ec              KRBET_RES190,
+                       "Reserved error message 190"
+
+       ec              KRBET_RES191,
+                       "Reserved error message 191"
+
+       ec              KRBET_RES192,
+                       "Reserved error message 192"
+
+       ec              KRBET_RES193,
+                       "Reserved error message 193"
+
+       ec              KRBET_RES194,
+                       "Reserved error message 194"
+
+       ec              KRBET_RES195,
+                       "Reserved error message 195"
+
+       ec              KRBET_RES196,
+                       "Reserved error message 196"
+
+       ec              KRBET_RES197,
+                       "Reserved error message 197"
+
+       ec              KRBET_RES198,
+                       "Reserved error message 198"
+
+       ec              KRBET_RES199,
+                       "Reserved error message 199"
+
+       ec              KRBET_RES200,
+                       "Reserved error message 200"
+
+       ec              KRBET_RES201,
+                       "Reserved error message 201"
+
+       ec              KRBET_RES202,
+                       "Reserved error message 202"
+
+       ec              KRBET_RES203,
+                       "Reserved error message 203"
+
+       ec              KRBET_RES204,
+                       "Reserved error message 204"
+
+       ec              KRBET_RES205,
+                       "Reserved error message 205"
+
+       ec              KRBET_RES206,
+                       "Reserved error message 206"
+
+       ec              KRBET_RES207,
+                       "Reserved error message 207"
+
+       ec              KRBET_RES208,
+                       "Reserved error message 208"
+
+       ec              KRBET_RES209,
+                       "Reserved error message 209"
+
+       ec              KRBET_RES210,
+                       "Reserved error message 210"
+
+       ec              KRBET_RES211,
+                       "Reserved error message 211"
+
+       ec              KRBET_RES212,
+                       "Reserved error message 212"
+
+       ec              KRBET_RES213,
+                       "Reserved error message 213"
+
+       ec              KRBET_RES214,
+                       "Reserved error message 214"
+
+       ec              KRBET_RES215,
+                       "Reserved error message 215"
+
+       ec              KRBET_RES216,
+                       "Reserved error message 216"
+
+       ec              KRBET_RES217,
+                       "Reserved error message 217"
+
+       ec              KRBET_RES218,
+                       "Reserved error message 218"
+
+       ec              KRBET_RES219,
+                       "Reserved error message 219"
+
+       ec              KRBET_RES220,
+                       "Reserved error message 220"
+
+       ec              KRBET_RES221,
+                       "Reserved error message 221"
+
+       ec              KRBET_RES222,
+                       "Reserved error message 222"
+
+       ec              KRBET_RES223,
+                       "Reserved error message 223"
+
+       ec              KRBET_RES224,
+                       "Reserved error message 224"
+
+       ec              KRBET_RES225,
+                       "Reserved error message 225"
+
+       ec              KRBET_RES226,
+                       "Reserved error message 226"
+
+       ec              KRBET_RES227,
+                       "Reserved error message 227"
+
+       ec              KRBET_RES228,
+                       "Reserved error message 228"
+
+       ec              KRBET_RES229,
+                       "Reserved error message 229"
+
+       ec              KRBET_RES230,
+                       "Reserved error message 230"
+
+       ec              KRBET_RES231,
+                       "Reserved error message 231"
+
+       ec              KRBET_RES232,
+                       "Reserved error message 232"
+
+       ec              KRBET_RES233,
+                       "Reserved error message 233"
+
+       ec              KRBET_RES234,
+                       "Reserved error message 234"
+
+       ec              KRBET_RES235,
+                       "Reserved error message 235"
+
+       ec              KRBET_RES236,
+                       "Reserved error message 236"
+
+       ec              KRBET_RES237,
+                       "Reserved error message 237"
+
+       ec              KRBET_RES238,
+                       "Reserved error message 238"
+
+       ec              KRBET_RES239,
+                       "Reserved error message 239"
+
+       ec              KRBET_RES240,
+                       "Reserved error message 240"
+
+       ec              KRBET_RES241,
+                       "Reserved error message 241"
+
+       ec              KRBET_RES242,
+                       "Reserved error message 242"
+
+       ec              KRBET_RES243,
+                       "Reserved error message 243"
+
+       ec              KRBET_RES244,
+                       "Reserved error message 244"
+
+       ec              KRBET_RES245,
+                       "Reserved error message 245"
+
+       ec              KRBET_RES246,
+                       "Reserved error message 246"
+
+       ec              KRBET_RES247,
+                       "Reserved error message 247"
+
+       ec              KRBET_RES248,
+                       "Reserved error message 248"
+
+       ec              KRBET_RES249,
+                       "Reserved error message 249"
+
+       ec              KRBET_RES250,
+                       "Reserved error message 250"
+
+       ec              KRBET_RES251,
+                       "Reserved error message 251"
+
+       ec              KRBET_RES252,
+                       "Reserved error message 252"
+
+       ec              KRBET_RES253,
+                       "Reserved error message 253"
+
+       ec              KRBET_RES254,
+                       "Reserved error message 254"
+
+       ec              KRBET_KFAILURE,
+                       "Generic kerberos error (kfailure)"
+       end
diff --git a/src/lib/krb4/realmofhost.c b/src/lib/krb4/realmofhost.c
deleted file mode 100644 (file)
index d818a89..0000000
+++ /dev/null
@@ -1,152 +0,0 @@
-/*
- * realmofhost.c
- *
- * Copyright 1988 by the Massachusetts Institute of Technology.
- *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
- *
- * routine to convert hostname into realm name.
- */
-
-#include "mit-copyright.h"
-#include "krb.h"
-
-#include <string.h>
-#include <stdio.h>
-#include <ctype.h>
-#ifdef HAVE_STDLIB_H
-#include <stdlib.h>
-#else
-extern char *malloc();
-#endif
-#include "port-sockets.h"
-#include "krb4int.h"
-
-/*
- * krb_realmofhost.
- * Given a fully-qualified domain-style primary host name,
- * return the name of the Kerberos realm for the host.
- * If the hostname contains no discernable domain, or an error occurs,
- * return the local realm name, as supplied by get_krbrlm().
- * If the hostname contains a domain, but no translation is found,
- * the hostname's domain is converted to upper-case and returned.
- *
- * The format of each line of the translation file is:
- * domain_name kerberos_realm
- * -or-
- * host_name kerberos_realm
- *
- * domain_name should be of the form .XXX.YYY (e.g. .LCS.MIT.EDU)
- * host names should be in the usual form (e.g. FOO.BAR.BAZ)
- */
-
-static char ret_realm[REALM_SZ+1];
-
-char * KRB5_CALLCONV
-krb_realmofhost(host)
-    char *host;
-{
-       char *domain;
-       FILE *trans_file;
-       /*
-        * This used to be MAXHOSTNAMELEN, but we don't know how big
-        * that will necessarily be on all systems, so assume 1024.
-        */
-       char trans_host[1024];
-       char trans_realm[REALM_SZ+1];
-       int retval;
-       struct hostent *h;
-       char *lhost;
-
-       /* First, canonicalize it.  This is in case the caller
-          didn't have a fully qualified domain name.  */
-       if ((h=gethostbyname(host)) == NULL)
-               lhost = host;
-       else {
-               lhost = h->h_name;
-#ifdef DO_REVERSE_RESOLVE
-               if (h->h_addr_list != NULL && h->h_addr_list[0] != NULL) {
-                       char *rev_addr; int rev_type, rev_len;
-
-                       rev_type = h->h_addrtype;
-                       rev_len = h->h_length;
-                       rev_addr = malloc(rev_len);
-                       if (rev_addr != NULL) {
-                               memcpy(rev_addr, h->h_addr_list[0], rev_len);
-                               h = gethostbyaddr(rev_addr, rev_len, rev_type);
-                               free(rev_addr);
-                               if (h == NULL)
-                                       lhost = host;
-                               else
-                                       lhost = h->h_name;
-                       }
-               }
-#endif
-       }
-
-       domain = strchr(lhost, '.');
-
-       /* prepare default */
-       if (domain) {
-               char *cp;
-
-               /* If the domain is just below the top, e.g., CYGNUS.COM,
-                  then we special-case it; if someone really wants a
-                  realm called COM they will just have to specify it
-                  properly. */
-               if (((cp = strchr(domain+1, '.')) == (char *) 0)
-                   /* Handle root domain properly (COM.): */
-                   || (*(cp + 1) == '\0'))
-                 domain = lhost - 1;   /* -1 fakes "period" before domain */
-
-               strncpy(ret_realm, domain+1, REALM_SZ);
-               ret_realm[REALM_SZ] = '\0';
-               /* Upper-case realm */
-               for (cp = ret_realm; *cp; cp++)
-                       if (islower((int) (*cp)))
-                               *cp = toupper((int) *cp);
-       } else {
-               krb_get_lrealm(ret_realm, 1);
-       }
-
-       if ((trans_file = krb__get_realmsfile()) == (FILE *) 0)
-               /* krb_errno = KRB_NO_TRANS */
-               return(ret_realm);
-
-       /* loop while not exact match, and more entries to read */
-       while (1) {
-               /* XXX REALM_SZ == 40 */
-               if ((retval = fscanf(trans_file, "%1023s %40s",
-                                    trans_host, trans_realm)) != 2) {
-                       if (retval == EOF)
-                         break;
-                       continue;       /* ignore broken lines */
-               }
-               trans_host[(MAXHOSTNAMELEN <= 1023) ? MAXHOSTNAMELEN : 1023]
-                       = '\0';
-               trans_realm[REALM_SZ] = '\0';
-               if (trans_host[0] == '.') {
-                 /* want domain match only */
-                 if (domain && (strlen(trans_host) == strlen(domain))
-                     && !strcasecmp (trans_host, domain)) {
-                   /* got domain match, save for later */
-                   (void) strncpy (ret_realm, trans_realm,
-                                   sizeof(ret_realm) - 1);
-                   ret_realm[sizeof(ret_realm) - 1] = '\0';
-                   continue;
-                 }
-               } else {
-                 /* want exact match of hostname */
-                 if ((strlen(lhost) == strlen(trans_host)) &&
-                     !strcasecmp (trans_host, lhost)) {
-                   (void) strncpy (ret_realm, trans_realm,
-                                   sizeof(ret_realm) - 1);
-                   ret_realm[sizeof(ret_realm) - 1] = '\0';
-                   break;
-                 }
-               }
-       }
-       fclose (trans_file);
-       return ret_realm;
-}
index ce602105d8dd88a1f7831d89685030afbcb6da36..b7401650a07bdf095df235c7e8f40397e467dc33 100644 (file)
@@ -1,14 +1,29 @@
 /*
- * send_to_kdc.c
+ * lib/krb4/send_to_kdc.c
  *
- * Copyright 1987, 1988 by the Massachusetts Institute of Technology.
+ * Copyright 1987-2002 by the Massachusetts Institute of Technology.
+ * All Rights Reserved.
  *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
  */
 
-#include "mit-copyright.h"
-
 #include "krb.h"
 #include "krbports.h"
 #include "prot.h"
index 473c597ad303d048a479b0096a2c2dc451d77936..7de4b0ac426bf61318ba639af6abe4918ad6e290 100644 (file)
@@ -184,7 +184,7 @@ static int tf_gets (char *, int), tf_read (char *, int);
  */
 
 int KRB5_CALLCONV tf_init(tf_name, rw)
-    char   *tf_name;
+    const char   *tf_name;
     int rw;
 {
     int     wflag;