From: no author Date: Thu, 23 Sep 1999 22:13:13 +0000 (+0000) Subject: This commit was manufactured by cvs2svn to create tag X-Git-Tag: krb5-1.1-final X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=1e310221bdf0e557024af7d8213d3d2f2e38d226;p=krb5.git This commit was manufactured by cvs2svn to create tag 'krb5-1-1-final'. git-svn-id: svn://anonsvn.mit.edu/krb5/tags/krb5-1-1-final@11850 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/README b/README index 43e70c938..51c2c438e 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ - Kerberos Version 5, Release 1.0 + Kerberos Version 5, Release 1.1 Release Notes @@ -8,11 +8,11 @@ Unpacking the Source Distribution --------------------------------- The source distribution of Kerberos 5 comes in three gzipped tarfiles, -krb5-1.0.src.tar.gz, krb5-1.0.doc.tar.gz, and krb5-1.0.crypto.tar.gz. -The krb5-1.0.doc.tar.gz contains the doc/ directory and this README -file. The krb5-1.0.src.tar.gz contains the src/ directory and this +krb5-1.1.src.tar.gz, krb5-1.1.doc.tar.gz, and krb5-1.1.crypto.tar.gz. +The krb5-1.1.doc.tar.gz contains the doc/ directory and this README +file. The krb5-1.1.src.tar.gz contains the src/ directory and this README file, except for the crypto library sources, which are in -krb5-1.0.crypto.tar.gz. +krb5-1.1.crypto.tar.gz. Instruction on how to extract the entire distribution follow. These directions assume that you want to extract into a directory called @@ -22,56 +22,21 @@ If you have the GNU tar program and gzip installed, you can simply do: mkdir DIST cd DIST - gtar zxpf krb5-1.0.src.tar.gz - gtar zxpf krb5-1.0.crypto.tar.gz - gtar zxpf krb5-1.0.doc.tar.gz + gtar zxpf krb5-1.1.src.tar.gz + gtar zxpf krb5-1.1.crypto.tar.gz + gtar zxpf krb5-1.1.doc.tar.gz If you don't have GNU tar, you will need to get the FSF gzip distribution and use gzcat: mkdir DIST cd DIST - gzcat krb5-1.0.src.tar.gz | tar xpf - - gzcat krb5-1.0.crypto.tar.gz | tar xpf - - gzcat krb5-1.0.doc.tar.gz | tar xpf - - -Both of these methods will extract the sources into DIST/krb5-1.0/src -and the documentation into DIST/krb5-1.0/doc. - -Unpacking the Binary Distribution ---------------------------------- - -Binary distributions of Kerberos V5 are provided merely as convenience -to those people who wish to try out Kerberos V5 without needing to do -a full compile of Kerberos. - -MIT and the MIT Kerberos V5 development team make no guarantees that -we will continue to supply binary distributions for future releases of -Kerberos V5, or for any operating system/platform in particular. -These binary distributions have been prepared by members of the MIT -Kerberos V5 development team, or by volunteers who have graciously -agreed to test the pre-release snapshot. Each binary build is PGP -signed by the person who prepared the binary distribution for that -particular platform. - -While the binary distribution is *supposed* to correspond exactly to -the 1.0 Kerberos V5 source release, you have no way of knowing whether -the person who prepared the binary release might have inserted a -trojan horse, or a trapdoor. For all you know, the binary -distribution might be mailing all of your Kerberos keys to -kremvax!boris. (The same is true for the source distribution, but at -least you can audit the code yourself!) - -For this reason, if you are planning on using Kerberos V5 in -production, we strongly suggest that you obtain the source -distribution and compile it from source yourself. - -The binary distributions have been compiled so that they will install -in /usr/local. To install, su to root and and type the command: - - cd /usr/local - gunzip < /tmp/krb5-1.0..tar.gz | tar xvf - + gzcat krb5-1.1.src.tar.gz | tar xpf - + gzcat krb5-1.1.crypto.tar.gz | tar xpf - + gzcat krb5-1.1.doc.tar.gz | tar xpf - +Both of these methods will extract the sources into DIST/krb5-1.1/src +and the documentation into DIST/krb5-1.1/doc. Building and Installing Kerberos 5 ---------------------------------- @@ -80,12 +45,17 @@ The first file you should look at is doc/install.ps; it contains the notes for building and installing Kerberos 5. The info file krb5-install.info has the same information in info file format. You can view this using the GNU emacs info-mode, or by using the -standalone info file viewer from the Free Software Foundation. +standalone info file viewer from the Free Software Foundation. This +is also available as an HTML file, install.html. Other good files to look at are admin-guide.ps and user-guide.ps, which contain the system administrator's guide, and the user's guide, respectively. They are also available as info files -kerberos-admin.info and krb5-user.info, respectively. +kerberos-admin.info and krb5-user.info, respectively. These files are +also available as HTML files. + +If you are attempting to build under Windows, please see the +src/windows/README file. Reporting Bugs -------------- @@ -99,54 +69,53 @@ If you are not able to use krb5-send-pr because you haven't been able compile and install Kerberos V5 on any platform, you may send mail to krb5-bugs@mit.edu. -Notes and Major Changes ------------------------ - -* We are now using the GNATS system to track bug reports for Kerberos -V5. It is therefore helpful for people to use the krb5-send-pr -program when reporting bugs. The old interface of sending mail to -krb5-bugs@mit.edu will still work; however, bug reports sent in this -fashion may experience a delay in being processed. - -* The default keytab name has changed from /etc/v5srvtab to -/etc/krb5.keytab. - -* login.krb5 no longer defaults to getting krb4 tickets. - -* The Windows (win16) DLL, LIBKRB5.DLL, has been renamed to -KRB5_16.DLL. This change was necessary to distinguish it from the -win32 version, which will be named KRB5_32.DLL. Note that the -GSSAPI.DLL file has not been renamed, because this name was specified -in a draft standard for the Windows 16 GSSAPI bindings. (The 32-bit -version of the GSSAPI DLL will be named GSSAPI32.DLL.) - -* The directory structure used for installations has changed. In -particular, files previously located in $prefix/lib/krb5kdc are now -normally located in $sysconfdir/krb5kdc. With the normal configure -options, this means the KDC database goes in /usr/local/var/krb5kdc by -default. If you wish to have the old behavior, then you would use a -configure line like the following: - - configure --prefix=/usr/local --sysconfdir=/usr/local/lib - -* kshd has been modified to accept krb4 encrypted rcp connections; for -this to work, the v4rcp program must be in the bin directory. - -* The gssrpc library has symbol collisions with the rpc library in -some of the libcs in certain operating systems without shared -libraries, notably some ports of NetBSD and MkLinux. For those -platforms which have rpc in libc and also contain NIS in libc, -compiling with static libraries will not work because of this -conflict. NetBSD users can either upgrade to the current tree, which -includes shared libraries for more ports, choose not to build kadmind -or kadmin, or recompile NetBSD without NIS support. MkLinux users -must either recompile without NIS or not build the administration -system. +Notes, Major Changes, and Known Bugs +------------------------------------ + +* Triple DES support is included; however, it is only usable for + service keys at the moment, due to a large number of compatibility + issues. For example, the GSSAPI library has some (buggy) support + for a triple DES session key, but it is intentionally disabled. + ** Do not use triple-DES in your config files except as described in + ** the documentation. + +* The principal database now uses the btree backend of Berkeley DB. + This should result in improved KDC performance. + +* The lib/rpc tests do not appear to work under NetBSD-1.4, for + reasons that are not completely clear at the moment, but probably + have something to do with portmapper interfacing. This should not + affect other operations, such as kadmind operation. + +* Shared library builds are under a new framework; at this point only + Solaris (2.x), Irix (6.5), NetBSD (1.4 i386), and possibly Linux are + known to work. All other working shared library builds may be + figments of your imagination. + +* Many existing databases, especially those converted from krb4 + original databases, may contain expiration dates in 1999. You + should make sure to update these expiration dates, and also change + any config file entries that have two-digit years. + +* Hardware preauthentication is known to be broken; this will be fixed + in an upcoming release. + +* krb524d now defaults to forking into the background; use + "krb524d -nofork" to avoid forking. + +* Not all reported bugs have been fixed in this release, due to time + constraints. We are planning to make another release in the near + future with more complete triple DES support, and additional + bugfixes. Many of the bugs in our database are reported against + what is now quite old code, or require hardware that we do not have, + which make them difficult to reproduce and debug. We will work on + these older bugs and some externally submitted patches for the + following release. Copyright Notice and Legal Administrivia ---------------------------------------- -Copyright (C) 1996 by the Massachusetts Institute of Technology. +Copyright (C) 1985-1999 by the Massachusetts Institute of Technology. All rights reserved. @@ -162,16 +131,19 @@ notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. +permission. Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original MIT software. +M.I.T. makes no representations about the suitability of this software +for any purpose. It is provided "as is" without express or implied +warranty. THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. Individual source code files are copyright MIT, Cygnus Support, -OpenVision, Oracle, Sun Soft, and others. +OpenVision, Oracle, Sun Soft, FundsXpress, and others. Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, and Zephyr are trademarks of the Massachusetts Institute of Technology @@ -253,7 +225,9 @@ Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for their many suggestions and bug fixes. Thanks to the members of the Kerberos V5 development team at MIT, both -past and present: Jay Berkenbilt, Richard Basch, John Carr, Don -Davis, Nancy Gilman, Sam Hartman, Marc Horowitz, Barry Jaspan, John -Kohl, Cliff Neuman, Kevin Mitchell, Paul Park, Ezra Peisach, Chris -Provenzano, Jon Rochlis, Jeff Schiller, Harry Tsai, Ted Ts'o, Tom Yu. +past and present: Danillo Almeida, Jay Berkenbilt, Richard Basch, John +Carr, Don Davis, Alexandra Ellwood, Nancy Gilman, Matt Hancher, Sam +Hartman, Paul Hill, Marc Horowitz, Eva Jacobus, Barry Jaspan, Geoffrey +King, John Kohl, Scott McGuire, Kevin Mitchell, Cliff Neuman, Paul +Park, Ezra Peisach, Chris Provenzano, Ken Raeburn, Jon Rochlis, Jeff +Schiller, Brad Thompson, Harry Tsai, Ted Ts'o, Marshall Vale, Tom Yu. diff --git a/doc/ChangeLog b/doc/ChangeLog index 49002f24f..38af2b888 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,45 @@ +1999-09-22 Tom Yu + + * copyright.texinfo: Update copyright again. + +1999-09-17 Tom Yu + + * copyright.texinfo: Update copyright notice somewhat. + + * install.texinfo: Update info on upgrading a KDC for 1.1. + +1999-09-08 Ken Raeburn + + * install.texinfo (Mac OS X Configuration): Revised text from + Alexis, with more explanations of what's going on. + +1999-09-07 Ken Raeburn + + * definitions.texinfo: Update for 1.1 release. + + * admin.texinfo (Adding or Modifying Principals): Mention des3 + enctype for host keys. + + * build.texinfo: Replace "krb5-1.0" with "krb5-@value{RELEASE}" + throughout. + (Shared Library Support): Cut supported-OS list down to Solaris + and Irix for now. + + * install.texinfo: Update EDITION to 1.1. + (MacOS X Configuration): New node, with info from Brad Thompson. + (Encryption Types and Salt Types): Mention des3. + +1999-08-31 Ken Raeburn + + * admin.texinfo (Kadmin Options): Describe -e option. + (The User/Kerberos Interaction): Renamed from User--Kerberos to + avoid an apparent makeinfo 1.68 bug. + (realms (kdc.conf)): Document kdc_supported_enctypes, and mention + how des3 can be used there. Add des-cbc-crc:v4 to both enctype + lists, in the descriptions and in the examples. Delete + encryption_type, which doesn't exist. + (Date Format): Avoid 2-digit years, and add a warning about them. + Fri Dec 13 15:10:44 1996 Tom Yu * admin.texinfo (The User--Kerberos Interaction): The environment diff --git a/doc/admin.texinfo b/doc/admin.texinfo index 7e70d28c7..2ea716b25 100644 --- a/doc/admin.texinfo +++ b/doc/admin.texinfo @@ -139,7 +139,7 @@ Service for Open Network Systems}, a paper presented at Winter USENIX * Kerberos Realms:: * The Ticket-Granting Ticket:: * Network Services and the Master Database:: -* The User--Kerberos Interaction:: +* The User/Kerberos Interaction:: * Definitions:: @end menu @@ -210,7 +210,7 @@ just a file in @code{/tmp}. The credentials cache is also called the @dfn{ticket file}, especially in Kerberos V4 documentation. Note, however, that a credentials cache does not have to be stored in a file. -@node Network Services and the Master Database, The User--Kerberos Interaction, The Ticket-Granting Ticket, How Kerberos Works +@node Network Services and the Master Database, The User/Kerberos Interaction, The Ticket-Granting Ticket, How Kerberos Works @section Network Services and the Master Database The master database also contains entries for all network services that @@ -258,8 +258,8 @@ services that run as root are usually stored in the keytab file of the service's password, and must be kept secure. Data which is meant to be read only by the service is encrypted using this key. -@node The User--Kerberos Interaction, Definitions, Network Services and the Master Database, How Kerberos Works -@section The User--Kerberos Interaction +@node The User/Kerberos Interaction, Definitions, Network Services and the Master Database, How Kerberos Works +@section The User/Kerberos Interaction Suppose that you walk up to a host intending to login to it, and then @samp{rlogin} to the machine @samp{laughter}. Here's what happens: @@ -324,7 +324,7 @@ login. @end enumerate @end enumerate -@node Definitions, , The User--Kerberos Interaction, How Kerberos Works +@node Definitions, , The User/Kerberos Interaction, How Kerberos Works @section Definitions Following are definitions of some of the Kerberos terminology. @@ -839,10 +839,6 @@ in this realm. not allowed as passwords. The default is @code{@value{ROOTDIR}/var/krb5kdc/kadm5.dict}. -@itemx encryption_type -(Encryption type string.) Specifies the encryption type used for this -realm. Only "des-cbc-crc" is supported at this time. - @itemx kadmind_port (Port number.) Specifies the port that the kadmind daemon is to listen for this realm. The assigned port for kadmind is 749. @@ -875,9 +871,25 @@ valid ticket may be renewed in this realm. @itemx supported_enctypes List of key:salt strings. Specifies the default key/salt combinations -of principals for this realm. Since only the encryption type -"des-cbc-crc" is supported, you should set this tag to -@samp{des-cbc-crc:normal}. +of principals for this realm. Any principals created through +@code{kadmin} will have keys of these types. Since only the encryption +type "des-cbc-crc" is supported, you should set this tag to +@samp{des-cbc-crc:normal des-cbc-crc:v4}. + +@itemx kdc_supported_enctypes +List of key:salt strings. Specifies the permitted key/salt combinations +of principals for this realm. You should set this tag to +@samp{des-cbc-crc:normal des-cbc-crc:v4}. + +@b{Note:} You may also use @samp{des3-cbc-sha1:normal} before +@samp{des-cbc-crc:normal} if you wish to support triple-DES service keys +in addition to DES service keys. In order to create such service keys, +you must use the @code{-e} option to @code{kadmin.local}, running on the +KDC system itself; the remote @code{kadmin} client does not allow this +option. We do not currently support the use of triple-DES keys anywhere +other than for service keys. + + @end table @node Sample kdc.conf File, , realms (kdc.conf), kdc.conf @@ -896,7 +908,8 @@ Here's an example of a @code{kdc.conf} file: max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s master_key_type = des-cbc-crc - supported_enctypes = des-cbc-crc:normal + supported_enctypes = des-cbc-crc:normal des-cbc-crc:v4 + kdc_supported_enctypes = des-cbc-crc:normal des-cbc-crc:v4 @} [logging] @@ -993,6 +1006,16 @@ unauthorized users gain read access to the script. @item @b{-q} @i{query} Pass @i{query} directly to @code{kadmin}. This is useful for writing scripts that pass specific queries to @code{kadmin}. + +@item @b{-e} @i{"enctypes ..."} +@b{(For @code{kadmin.local} only.)} +Sets the list of cryptosystem and salt types to be used for any new keys +created. Available types include @samp{des3-cbc-sha1:normal}, +@samp{des-cbc-crc:normal}, and @samp{des-cbc-crc:v4}. In this release, +the @samp{des3-cbc-sha1:normal} type should only be used when +registering service principals; for any services that may request +tickets themselves to initiate some action, it should be combined with +one or more of the other types. @end table @node Date Format, Principals, Kadmin Options, Administrating Kerberos Database Entries @@ -1016,12 +1039,15 @@ tomorrow now "second Monday" fortnight -"3/31/92 10:00:07 PST" -"January 23, 1987 10:05pm" +"3/31/1992 10:00:07 PST" +"January 23, 2007 10:05pm" "22:00 GMT" @end group @end smallexample +Two-digit years are allowed in places, but the use of this form is not +recommended. + Note that if the date specification contains spaces, you must enclose it in double quotes. Note also that you cannot use a number without a unit. (I.e., ``"60 seconds"'' is correct, but ``60'' is incorrect.) @@ -1382,7 +1408,11 @@ Removes the policy @i{policyname} from the principal @item -randkey Sets the key for the principal to a random value (@code{add_principal} -only). @value{COMPANY} recommends using this option for host keys. +only). @value{COMPANY} recommends using this option for host keys. You +may also wish to use the @b{kadmin.local} command-line options @b{-e +"des3-cbc-sha1:normal des-cbc-crc:normal"}@xref{Kadmin Options} on the +KDC machine itself for host keys and other service keys that are +security-critical. @item -pw @i{password} Sets the key of the principal to the specified string and does not diff --git a/doc/api/ChangeLog b/doc/api/ChangeLog index a26f66faa..b1145f18f 100644 --- a/doc/api/ChangeLog +++ b/doc/api/ChangeLog @@ -1,3 +1,8 @@ +1999-08-30 Ken Raeburn + + * libdes.tex: Don't use ncs style; it's availability is dependent + on the local TeX installation. + 1999-01-20 Theodore Ts'o * krb5.tex (krb5_mk_safe): Fix reference to a non-existent flag. diff --git a/doc/api/libdes.tex b/doc/api/libdes.tex index c53c81350..71e75c59b 100644 --- a/doc/api/libdes.tex +++ b/doc/api/libdes.tex @@ -1,4 +1,4 @@ -\documentstyle[ncs,fixunder,functions,twoside]{article} +\documentstyle[fixunder,functions,twoside]{article} \setlength{\oddsidemargin}{0.25in} \setlength{\evensidemargin}{-0.25in} \setlength{\topmargin}{-.5in} diff --git a/doc/build.texinfo b/doc/build.texinfo index bee77fe88..78aa8b450 100644 --- a/doc/build.texinfo +++ b/doc/build.texinfo @@ -38,17 +38,17 @@ link tree for your build tree. The first step in each of these build procedures is to unpack the source distribution. The Kerberos V5 distribution comes in two compressed tar files. The first file, which is generally named -@file{krb5-1.0.src.tar.gz}, contains the sources for all of Kerberos +@file{krb5-@value{RELEASE}.src.tar.gz}, contains the sources for all of Kerberos except for the crypto library, which is found in the file -@file{krb5-1.0.crypto.tar.gz}. +@file{krb5-@value{RELEASE}.crypto.tar.gz}. Both files should be unpacked in the same directory, such as -@file{/u1/krb5-1.0}. (In the rest of this document, we will assume that +@file{/u1/krb5-@value{RELEASE}}. (In the rest of this document, we will assume that you have chosen to unpack the Kerberos V5 source distribution in this directory. Note that the tarfiles will by default all unpack into the -@file{./krb5-1.0} directory, so that if your current directory is +@file{./krb5-@value{RELEASE}} directory, so that if your current directory is @file{/u1} when you unpack the tarfiles, you will get -@file{/u1/krb5-1.0/src}, etc.) +@file{/u1/krb5-@value{RELEASE}/src}, etc.) @node Doing the Build, Testing the Build, Unpacking the Sources, Building Kerberos V5 @@ -77,7 +77,7 @@ use the following abbreviated procedure. @enumerate @item - @code{cd /u1/krb5-1.0/src} + @code{cd /u1/krb5-@value{RELEASE}/src} @item @code{./configure} @item @@ -100,9 +100,9 @@ you might use the following procedure: @enumerate @item -@code{mkdir /u1/krb5-1.0/pmax} +@code{mkdir /u1/krb5-@value{RELEASE}/pmax} @item - @code{cd /u1/krb5-1.0/pmax} + @code{cd /u1/krb5-@value{RELEASE}/pmax} @item @code{../src/configure} @item @@ -122,11 +122,11 @@ you might use the following procedure: @enumerate @item - @code{mkdir /u1/krb5-1.0/solaris} + @code{mkdir /u1/krb5-@value{RELEASE}/solaris} @item - @code{cd /u1/krb5-1.0/solaris} + @code{cd /u1/krb5-@value{RELEASE}/solaris} @item - @code{/u1/krb5-1.0/src/util/lndir `pwd`/../src} + @code{/u1/krb5-@value{RELEASE}/src/util/lndir `pwd`/../src} @item @code{./configure} @item @@ -397,8 +397,10 @@ variables when using the programs. Except where noted, multiple versions of the libraries may be installed on the same system and continue to work. -Currently the supported platforms are: NetBSD 1.0A, AIX 3.2.5, AIX 4.1, -Solaris 2.4 (aka SunOS 5.4), Alpha OSF/1 >= 2.1, HP-UX >= 9.X. +Currently the supported platforms are +@comment NetBSD 1.0A, AIX 3.2.5, AIX 4.1, +Solaris 2.6 (aka SunOS 5.6) and Irix 6.5. +@comment Alpha OSF/1 >= 2.1, HP-UX >= 9.X. To enable shared libraries on the above platforms, run the configure script with the option @samp{--enable-shared}. @@ -475,11 +477,11 @@ NetBSD and FreeBSD.) @node HPUX, Solaris versions 2.0 through 2.3, BSDI, OS Incompatibilities @subsection HPUX -The native compiler for HPUX currently will not work, because it is not -a full ANSI C compiler. The optional compiler (c89) should work as long -as you give it the @samp{+Olibcalls -D_HPUX_SOURCE} (this has only been -tested for HPUX 9.0). At this point, using GCC is probably your best -bet. +The native (bundled) compiler for HPUX currently will not work, because +it is not a full ANSI C compiler. The optional compiler (c89) should +work as long as you give it the @samp{+Olibcalls -D_HPUX_SOURCE} (this +has only been tested for HPUX 9.0). At this point, using GCC is +probably your best bet. @node Solaris versions 2.0 through 2.3, Solaris 2.X, HPUX, OS Incompatibilities @subsection Solaris versions 2.0 through 2.3 @@ -496,7 +498,7 @@ Workarounds: @enumerate @item - Supply your own resolver library. (such as bind-4.9.3pl1 availavle + Supply your own resolver library. (such as bind-4.9.3pl1 available from ftp.vix.com) @item @@ -605,7 +607,7 @@ that you have made a change that will require that all the @code{--force} option: @example -% cd /u1/krb5-1.0/src +% cd /u1/krb5-@value{RELEASE}/src % ./util/reconf --force @end example @@ -625,7 +627,7 @@ Then follow the instructions for building packaged source trees (above). To install the binaries into a binary tree, do: @example -% cd /u1/krb5-1.0/src +% cd /u1/krb5-@value{RELEASE}/src % make all % make install DESTDIR=somewhere-else @end example diff --git a/doc/copyright.texinfo b/doc/copyright.texinfo index 04601e203..7ea4758e2 100644 --- a/doc/copyright.texinfo +++ b/doc/copyright.texinfo @@ -1,4 +1,4 @@ -Copyright @copyright{} 1990, 1991, 1992, 1993, 1994, 1995, 1996 by the Massachusetts Institute of Technology. +Copyright @copyright{} 1985-1999 by the Massachusetts Institute of Technology. @quotation Export of software employing encryption from the United States of @@ -13,9 +13,12 @@ hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the -software without specific, written prior permission. M.I.T. makes no -representations about the suitability of this software for any purpose. -It is provided ``as is'' without express or implied warranty. +software without specific, written prior permission. Furthermore if you +modify this software you must label your software as modified software +and not distribute it in such a fashion that it might be confused with +the original MIT software. M.I.T. makes no representations about the +suitability of this software for any purpose. It is provided ``as is'' +without express or implied warranty. @iftex @vskip 12pt diff --git a/doc/definitions.texinfo b/doc/definitions.texinfo index 19b2b0f55..079809d2c 100644 --- a/doc/definitions.texinfo +++ b/doc/definitions.texinfo @@ -19,8 +19,8 @@ @set RANDOMUSER johndoe @set RANDOMUSER1 jennifer @set RANDOMUSER2 david -@set RELEASE 1.0 -@set PREVRELEASE beta 7 +@set RELEASE 1.1 +@set PREVRELEASE 1.0 @set INSTALLDIR /usr/@value{LCPRODUCT} @set PREVINSTALLDIR @value{INSTALLDIR} @set ROOTDIR /usr/local diff --git a/doc/install.texinfo b/doc/install.texinfo index f5c4396a8..c780e70d7 100644 --- a/doc/install.texinfo +++ b/doc/install.texinfo @@ -16,7 +16,7 @@ @end iftex @include definitions.texinfo -@set EDITION 1.0 +@set EDITION 1.1 @finalout @c don't print black warning boxes @@ -1057,10 +1057,10 @@ Each machine running Kerberos must have a @code{/etc/krb5.conf} file. (@xref{krb5.conf}) @need 4000 -Also, you must add the appropriate Kerberos services to each client -machine's @code{/etc/services} file. If you are using the default -configuration for @value{PRODUCT}, you should be able to just insert the -following code: +Also, for most UNIX systems, you must add the appropriate Kerberos +services to each client machine's @code{/etc/services} file. If you are +using the default configuration for @value{PRODUCT}, you should be able +to just insert the following code: @smallexample @group @@ -1095,6 +1095,94 @@ to switch the port number for @code{kerberos} to 750 and create a @code{kerberos-sec} service (tcp and udp) on port 88, so the Kerberos V4 KDC(s) will continue to work properly. +@menu +* Mac OS X Configuration:: +@end menu + +@node Mac OS X Configuration, , Client Machine Configuration Files, Client Machine Configuration Files +@subsubsection Mac OS X Configuration + +To install Kerberos V5 on Mac OS X and Mac OS X Server, follow the +directions for generic Unix-based OS's, except for the +@code{/etc/services} updates described above. + +Mac OS X and Mac OS X Server use a database called NetInfo to store +the contents of files normally found in @code{/etc}. Instead of +modifying @code{/etc/services}, you should run the following commands +to add the Kerberos service entries to NetInfo: + +@smallexample +@group +$ niutil -create . /services/kerberos +$ niutil -createprop . /services/kerberos name kerberos kdc +$ niutil -createprop . /services/kerberos port 750 +$ niutil -createprop . /services/kerberos protocol tcp udp +$ niutil -create . /services/krbupdate +$ niutil -createprop . /services/krbupdate name krbupdate kreg +$ niutil -createprop . /services/krbupdate port 760 +$ niutil -createprop . /services/krbupdate protocol tcp +$ niutil -create . /services/kpasswd +$ niutil -createprop . /services/kpasswd name kpasswd kpwd +$ niutil -createprop . /services/kpasswd port 761 +$ niutil -createprop . /services/kpasswd protocol tcp +$ niutil -create . /services/klogin +$ niutil -createprop . /services/klogin port 543 +$ niutil -createprop . /services/klogin protocol tcp +$ niutil -create . /services/eklogin +$ niutil -createprop . /services/eklogin port 2105 +$ niutil -createprop . /services/eklogin protocol tcp +$ niutil -create . /services/kshell +$ niutil -createprop . /services/kshell name kshell krcmd +$ niutil -createprop . /services/kshell port 544 +$ niutil -createprop . /services/kshell protocol tcp +@end group +@end smallexample + +In addition to adding services to NetInfo, you must also modify the +resolver configuration in NetInfo so that the machine resolves its own +hostname as a FQDN (fully qualified domain name). By default, Mac OS X +and Mac OS X Server machines query NetInfo to resolve hostnames before +falling back to DNS. Because NetInfo has an unqualified name for all +the machines in the NetInfo database, the machine's own hostname will +resolve to an unqualified name. Kerberos needs a FQDN to look up keys +in the machine's keytab file. + +Fortunately, you can change the @code{lookupd} caching order to query +DNS first. Run the following NetInfo commands and reboot the machine: + +@smallexample +@group +$ niutil -create . /locations/lookupd/hosts +$ niutil -createprop . /locations/lookupd/hosts LookupOrder CacheAgent DNSAgent + NIAgent NILAgent +@end group +@end smallexample + +Once you have rebooted, you can verify that the resolver now behaves +correctly. Compile the Kerberos 5 distribution and run: + +@smallexample +@group +$ cd .../src/tests/resolve +$ ./resolve +@end group +@end smallexample + +This will tell you whether or not your machine returns FQDNs on name +lookups. If the test still fails, you can also try turning off DNS +caching. Run the following commands and reboot: + +@smallexample +@group +$ niutil -create . /locations/lookupd/hosts +$ niutil -createprop . /locations/lookupd/hosts LookupOrder DNSAgent + CacheAgent NIAgent NILAgent +@end group +@end smallexample + +The remainder of the setup of a Mac OS X client machine or application +server should be the same as for other UNIX-based systems. + @node UNIX Application Servers, , Installing and Configuring UNIX Client Machines, Installing Kerberos V5 @section UNIX Application Servers @@ -1186,15 +1274,15 @@ telnet stream tcp nowait root @value{ROOTDIR}/sbin/telnetd @subsection The Keytab File All Kerberos server machines need a @dfn{keytab} file, called -@code{/etc/krb5.keytab} (@xref{Upgrading the application servers}), to -authenticate to the KDC. The keytab file is an encrypted, local, -on-disk copy of the host's key. The keytab file, like the stash file -(@ref{Create the Database}) is a potential point-of-entry for a -break-in, and if compromised, would allow unrestricted access to its -host. The keytab file should be readable only by root, and should exist -only on the machine's local disk. The file should not be part of any -backup of the machine, unless access to the backup data is secured as -tightly as access to the machine's root password itself. +@code{/etc/krb5.keytab}, to authenticate to the KDC. The keytab file is +an encrypted, local, on-disk copy of the host's key. The keytab file, +like the stash file (@ref{Create the Database}) is a potential +point-of-entry for a break-in, and if compromised, would allow +unrestricted access to its host. The keytab file should be readable +only by root, and should exist only on the machine's local disk. The +file should not be part of any backup of the machine, unless access to +the backup data is secured as tightly as access to the machine's root +password itself. In order to generate a keytab for a host, the host must have a principal in the Kerberos database. The procedure for adding hosts to the @@ -1267,22 +1355,11 @@ should be readable only by root. @node Upgrading Existing Kerberos V5 Installations, Bug Reports for Kerberos V5, Installing Kerberos V5, Top @chapter Upgrading Existing @value{PRODUCT} Installations -@menu -* Upgrading existing Master and Slave KDCs to the current release:: -* Upgrading the application servers:: -@end menu - -@node Upgrading existing Master and Slave KDCs to the current release, Upgrading the application servers, Upgrading Existing Kerberos V5 Installations, Upgrading Existing Kerberos V5 Installations -@section Upgrading existing Master and Slave KDCs to the current release - If you already have an existing Kerberos database that you created with a prior release of Kerberos 5, you can upgrade it to work with the -current release with the @code{kdb5_util} command. As of Kerberos 5 -version 1.0, this upgrade process is only necessary if you are using a -Kerberos database created with Kerberos 5 beta 6 or earlier; newer -installations can continue to be used without modification. The process -for upgrading a Master KDC involves the following steps (the lines -beginning with => indicate a continuation of the previous line): +current release with the @code{kdb5_util} command. The process for +upgrading a Master KDC involves the following steps (the lines beginning +with => indicate a continuation of the previous line): @enumerate @@ -1290,28 +1367,16 @@ beginning with => indicate a continuation of the previous line): server processes, if any. @item Dumping your existing Kerberos database to an ASCII file with -@code{kdb5_edit}'s ``dump'' command: +@code{kdb5_util}'s ``dump'' command: @smallexample @group -@b{shell%} kdb5_edit -r @value{PRIMARYREALM} -R 'dump_db' > +@b{shell%} kdb5_util -r @value{PRIMARYREALM} dump @result{} @value{ROOTDIR}/var/krb5kdc/old-kdb-dump @b{shell%} @end group @end smallexample -@item If you were using OpenV*Secure or AXXiON*Authenticate, dumping your -policy database to an ASCII file with the @code{ovsec_adm_export} -command: - -@smallexample -@group -@b{shell%} ovsec_adm_export -r @value{PRIMARYREALM} > -@result{} @value{ROOTDIR}/var/krb5kdc/old-adb-dump -@b{shell%} -@end group -@end smallexample - @item Creating a new Master KDC installation (@xref{Install the Master KDC}). If you have a stash file for your current database, choose any new master password but then copy your existing stash file to the @@ -1328,50 +1393,11 @@ your current database, you must choose the same master password. @end group @end smallexample -@item If you were using OpenV*Secure or AXXiON*Authenticate, merging -your policy database with @code{kdb5_util}'s ``load'' command with the -``-update'' option: - -@smallexample -@group -@b{shell%} kdb5_util load -update @value{ROOTDIR}/var/krb5kdc/old-adb-dump -@b{shell%} -@end group -@end smallexample - @end enumerate -The process for upgrading a Slave KDC is simpler. All you have to do is -make sure that the stash file on the Slave KDC is correct, stop the old -server processes on the Slave KDC, install the new server binaries, and -re-start the server processes. The Slave KDC database will be upgraded -automatically when the next propagation is run. Note that if you -changed your master key when creating your new Master KDC database, you -will have to run a Slave KDC propagation before you can restart the -server processes on the Slave KDC itself; otherwise, the new stash file -that you create on the slave will not match the old database that exists -until the propagation occurs, and the server processes will not start. - -@node Upgrading the application servers, , Upgrading existing Master and Slave KDCs to the current release, Upgrading Existing Kerberos V5 Installations -@section Upgrading the application servers - -The default keytab name has changed from @code{/etc/v5srvtab} to -@code{/etc/krb5.keytab}. You should rename the old keytab files on all -of your application servers when you update their server binaries. -Alternatively, you may add a relation to the library configuration file -to override the new name, for example: - -@smallexample -@group -[libdefaults] - default_keytab_name = /etc/v5srvtab -@end group -@end smallexample - -The keytab name defaulted to /etc/v5srvtab in prior releases of Kerberos -V5. It was called a @dfn{srvtab} in Kerberos V4. The @code{v5srvtab} -file has been renamed to @code{krb5.keytab} to reflect the change in -terminology. +To update a Slave KDC, you must stop the old server processes on the +Slave KDC, install the new server binaries, reload the most recent slave +dump file, and re-start the server processes. @node Bug Reports for Kerberos V5, Files, Upgrading Existing Kerberos V5 Installations, Top @chapter Bug Reports for @value{PRODUCT} @@ -1471,10 +1497,12 @@ To add Kerberos V4 support, change the @code{supported_enctypes} line to: @node Encryption Types and Salt Types, , kdc.conf, kdc.conf @appendixsubsec Encryption Types and Salt Types -Currently, @value{PRODUCT} supports only DES encryption. The encoding -type is @code{des-cbc-crc}. The @dfn{salt} is additional information -encoded within the key that tells what kind of key it is. The only -salts that you will be likely to encounter are: +Currently, @value{PRODUCT} supports only DES and triple-DES encryption; +however, triple-DES is currently supported only for service keys, not +for user keys or session keys. The encoding types include +@code{des-cbc-crc} and @code{des3-cbc-sha1}. The @dfn{salt} is +additional information encoded within the key that tells what kind of +key it is. The only salts that you will be likely to encounter are: @itemize @bullet @item @dfn{normal}, which @value{COMPANY} recommends using for all of diff --git a/src/ChangeLog b/src/ChangeLog index 2eab397b1..d7af63217 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,31 @@ +1999-09-16 Ken Raeburn + + * aclocal.m4 (KRB5_LIB_PARAMS): For Rhapsody, add "-undefined + warning" when building shared libs, and remove "-static" from + CC_LINK_STATIC. + +1999-09-14 Ken Raeburn + + * aclocal.m4 (KRB5_LIB_PARAMS): Treat Rhapsody like Mac OS 10. + +1999-09-08 Danilo Almeida + + * Makefile.in: Add install target for windows. Remove references + to unused mit directory. + +1999-08-27 Danilo Almeida + + * Makefile.in: Add some missing dirs needed for generating a proper + kerbsrc.zip. Make krbsrc83.zip obsolete. + +1999-08-13 Brad Thompson + + * aclocal.m4: Added MacOS X shared library support. + +1999-08-09 Danilo Almeida + + * Makefile.in: Build kpasswd under windows. + 1999-07-22 Tom Yu * Makefile.in (install-mkdirs): Use mkinstalldirs rather than diff --git a/src/Makefile.in b/src/Makefile.in index d4aba1439..3b87f80bc 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -131,6 +131,7 @@ config-windows:: Makefile-windows WINMAKEFILES=Makefile \ clients\Makefile clients\kdestroy\Makefile \ clients\kinit\Makefile clients\klist\Makefile \ + clients\kpasswd\Makefile \ include\Makefile include\krb5\Makefile \ lib\Makefile lib\crypto\Makefile \ lib\crypto\crc32\Makefile lib\crypto\des\Makefile \ @@ -175,6 +176,8 @@ WINMAKEFILES=Makefile \ ##DOS## $(WCONFIG) config < $@.in > $@ ##DOS##clients\klist\Makefile: clients\klist\Makefile.in $(MKFDEP) ##DOS## $(WCONFIG) config < $@.in > $@ +##DOS##clients\kpasswd\Makefile: clients\kpasswd\Makefile.in $(MKFDEP) +##DOS## $(WCONFIG) config < $@.in > $@ ##DOS##include\Makefile: include\Makefile.in $(MKFDEP) ##DOS## $(WCONFIG) config < $@.in > $@ ##DOS##include\krb5\Makefile: include\krb5\Makefile.in $(MKFDEP) @@ -300,6 +303,7 @@ ren2long: ZIP=zip FILES= ./* \ clients/* clients/kdestroy/* clients/kinit/* clients/klist/* \ + clients/kpasswd/* \ config/* include/* include/kerberosIV/* \ include/krb5/* include/krb5/stock/* include/sys/* lib/* \ lib/crypto/* lib/crypto/crc32/* lib/crypto/des/* lib/crypto/dk/* \ @@ -312,9 +316,9 @@ FILES= ./* \ lib/krb5/ccache/* lib/krb5/ccache/file/* lib/krb5/ccache/memory/* \ lib/krb5/ccache/stdio/* lib/krb5/ccache/ccapi/* \ lib/krb5/error_tables/* \ - lib/krb5/keytab/* lib/krb5/keytab/file/* \ + lib/krb5/keytab/* lib/krb5/keytab/file/* lib/krb5/keytab/srvtab/* \ lib/krb5/os/* lib/krb5/posix/* lib/krb5/rcache/* \ - util/et/* util/profile/* + util/* util/et/* util/profile/* WINFILES= util/windows/* windows/* windows/lib/* windows/cns/* \ windows/wintel/* windows/gss/* windows/gina/* @@ -323,9 +327,6 @@ MACFILES= mac/* mac/libraries/* config/* include/* \ include/krb5/* include/krb5/stock/* include/sys/* \ ./patchlevel.h -MITWINFILES= mit/windows/include/* -MITWINBINARYFILES= mit/windows/lib/* - WINBINARYFILES= windows/*/*.ico windows/*/*.doc windows/*/*.hlp \ windows/*/*.hpj windows/lib/*.lib @@ -364,10 +365,6 @@ kerbsrc.win: kerbsrc.zip winfile.list: echo $(FILES) $(WINFILES) | tr ' ' \\012 | \ sed -f config/winexclude.sed > winfile.list - if test -d mit ; then \ - echo $(MITWINFILES) | tr ' ' \\012 | \ - sed -f config/winexclude.sed >> winfile.list ; \ - fi MAC_SUBDIRS = lib util macfile.list: @@ -381,29 +378,25 @@ dos-Makefile: prep-windows: dos-Makefile awk-windows-mac -# Not supported.... -krbsrc83.zip: dos-Makefile awk-windows-mac winfile.list - rm -f krbsrc83.zip - $(ZIP) -@Dlk krbsrc83.zip < winfile.list - $(ZIP) -Dk krbsrc83.zip $(WINBINARYFILES) - if test -d mit ; then \ - $(ZIP) -rDk krbsrc83.zip $(MITWINBINARYFILES) ; \ - fi - rm -f $(CLEANUP) +krbsrc83.zip: krbsrc83-is-obsolete + +krbsrc83-is-obsolete: + @echo "Win16 and krbsrc83.zip are no longer supported." + @echo "We don't support building under 8.3 restricted filesystems" + @echo "anymore. You can still build for Win32 on filesystems" + @echo "without 8.3 restrictions using kerbsrc.zip" + @echo " " kerbsrc.zip: dos-Makefile awk-windows-mac winfile.list rm -f kerbsrc.zip $(ZIP) -@Dl kerbsrc.zip < winfile.list $(ZIP) -D kerbsrc.zip $(WINBINARYFILES) - if test -d mit ; then \ - $(ZIP) -rD kerbsrc.zip $(MITWINBINARYFILES) ; \ - fi rm -f $(CLEANUP) kerbsrc-nt.zip: kerbsrc-nt-is-obsolete kerbsrc-nt-is-obsolete: - @echo "Kerbsrc-nt.zip is now obsolete. Just use and build kerbsrc.zip" + @echo "kerbsrc-nt.zip is now obsolete. Just use and build kerbsrc.zip" @echo "We don't support building under 8.3 restricted filesystems" @echo "anymore, so what was kerbsrc-nt.zip is now kerbsrc.zip." @echo " " @@ -503,20 +496,35 @@ awk-windows-mac: $(ETOUT) $(HOUT) clean-windows-mac: rm -f $(CLEANUP) -KBINDIR=kbin - distclean-windows: config\rm.bat $(CLEANUP:^/=^\) config\rm.bat $(WINMAKEFILES) config\rm.bat $(KBINDIR)\*.dll $(KBINDIR)\*.exe @if exist $(KBINDIR)\nul rmdir $(KBINDIR) -mkbin: - @if not exist $(KBINDIR)\nul mkdir $(KBINDIR) - $(CP) lib\$(OUTPRE)*.dll $(KBINDIR)\. - $(CP) windows\cns\$(OUTPRE)krb5.exe $(KBINDIR)\. - $(CP) windows\wintel\$(OUTPRE)telnet.exe $(KBINDIR)\. - $(CP) windows\gss\$(OUTPRE)gss.exe $(KBINDIR)\. - $(CP) clients\klist\$(OUTPRE)klist.exe $(KBINDIR)\. - $(CP) clients\kinit\$(OUTPRE)kinit.exe $(KBINDIR)\. - $(CP) clients\kdestroy\$(OUTPRE)kdestroy.exe $(KBINDIR)\. +install-windows:: + @if "$(KRB_INSTALL_DIR)"=="" @echo KRB_INSTALL_DIR is not defined! Please define it. + @if "$(KRB_INSTALL_DIR)"=="" @dir /b \nul\nul + @if not exist "$(KRB_INSTALL_DIR)\$(NULL)" @echo The directory $(KRB_INSTALL_DIR) does not exist. Please create it. + @if not exist "$(KRB_INSTALL_DIR)\$(NULL)" @dir /b $(KRB_INSTALL_DIR)\nul + @if not exist "$(KRB_INSTALL_DIR)\include\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\include" + @if not exist "$(KRB_INSTALL_DIR)\include\gssapi\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\include\gssapi" + @if not exist "$(KRB_INSTALL_DIR)\lib\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\lib" + @if not exist "$(KRB_INSTALL_DIR)\bin\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\bin" + $(CP) include\krb5.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\win-mac.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\profile.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\com_err.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\gssapi\gssapi.h "$(KRB_INSTALL_DIR)\include\gssapi\." + $(CP) include\gssapi\gssapi_krb5.h "$(KRB_INSTALL_DIR)\include\gssapi\." + $(CP) lib\$(OUTPRE)*.lib "$(KRB_INSTALL_DIR)\lib\." + $(CP) lib\$(OUTPRE)*.dll "$(KRB_INSTALL_DIR)\bin\." + $(CP) windows\cns\$(OUTPRE)krb5.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) windows\wintel\$(OUTPRE)telnet.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) windows\gss\$(OUTPRE)gss.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\klist\$(OUTPRE)klist.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\kinit\$(OUTPRE)kinit.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\kdestroy\$(OUTPRE)kdestroy.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\kpasswd\$(OUTPRE)kpasswd.exe "$(KRB_INSTALL_DIR)\bin\." + @if exist "$(KRB_INSTALL_DIR)\bin\krb4_32.dll" del "$(KRB_INSTALL_DIR)\bin\krb4_32.dll" + @if exist "$(KRB_INSTALL_DIR)\lib\krb4_32.lib" del "$(KRB_INSTALL_DIR)\lib\krb4_32.lib" diff --git a/src/aclocal.m4 b/src/aclocal.m4 index aca3d0bc7..4544e45f1 100644 --- a/src/aclocal.m4 +++ b/src/aclocal.m4 @@ -1093,6 +1093,19 @@ mips-*-netbsd*) PROFFLAGS=-pg ;; +*-*-macos10* | *-*-rhapsody*) + PICFLAGS=-fno-common + SHLIBVEXT='.$(LIBMAJOR).$(LIBMINOR).dylib' + SHLIBSEXT='.$(LIBMAJOR).dylib' + SHLIB_EXPFLAGS='$(SHLIB_DIRS) $(SHLIB_EXPLIBS)' + SHLIBEXT=.dylib + SHOBJEXT=.so + LDCOMBINE='cc -undefined warning -dynamiclib -dylib_compatibility_version=$(LIBMAJOR).$(LIBMINOR) -dylib_current_version=$(LIBMAJOR).$(LIBMINOR)' + CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) -dynamic' + CC_LINK_STATIC='$(CC) $(PROG_LIBPATH)' + RUN_ENV='DYLD_LIBRARY_PATH=`echo $(PROG_LIBPATH) | sed -e "s/-L//g" -e "s/ /:/g"`; export DYLD_LIBRARY_PATH;' + ;; + *-*-solaris*) if test "$krb5_cv_prog_gcc" = yes; then PICFLAGS=-fpic diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index 1a941cd53..1fe7f5abb 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,24 @@ +1999-08-24 Tom Yu + + * Makefile.in (kshd): Remove $(LOGINLIBS) from kshd dependencies. + +1999-08-23 Ken Raeburn + + * krlogin.c (main): Error out if -D isn't followed by another + argument. Based on patch from Brad Thompson. + + * krshd.c (v4_kdata, v4_ticket): Don't define if KRB5_KRB4_COMPAT + is not defined. Patch from Brad Thompson. + + * kcmd.c (kcmd): If krb5_get_credentials returns a nonzero error + code, print an error message before returning. + +1999-08-17 Ken Raeburn + + * krlogin.c (main): If ospeed is outside of compiled-in table + index range but not high enough to be a baud rate, use the highest + rate in the table. + 1999-08-02 Ken Raeburn and Brad Thompson diff --git a/src/appl/bsd/Makefile.in b/src/appl/bsd/Makefile.in index 3eb020fb9..faeaff4c3 100644 --- a/src/appl/bsd/Makefile.in +++ b/src/appl/bsd/Makefile.in @@ -63,7 +63,7 @@ install:: ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ fi -kshd: krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(LOGINLIBS) $(PTY_DEPLIB) $(UTIL_DEPLIB) $(KRB4COMPAT_DEPLIBS) +kshd: krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(UTIL_DEPLIB) $(KRB4COMPAT_DEPLIBS) $(CC_LINK) -o kshd krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(LOGINLIBS) $(PTY_LIB) $(UTIL_LIB) $(KRB4COMPAT_LIBS) klogind: krlogind.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(UTIL_DEPLIB) $(KRB4COMPAT_DEPLIBS) diff --git a/src/appl/bsd/fieldbits.h b/src/appl/bsd/fieldbits.h index 0c587abe6..a9d1f9c55 100644 --- a/src/appl/bsd/fieldbits.h +++ b/src/appl/bsd/fieldbits.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c index 6b0eafcde..0e68f88e7 100644 --- a/src/appl/bsd/kcmd.c +++ b/src/appl/bsd/kcmd.c @@ -339,7 +339,11 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm, status = krb5_get_credentials(bsd_context, 0, cc, get_cred, &ret_cred); krb5_free_creds(bsd_context, get_cred); (void) krb5_cc_close(bsd_context, cc); - if (status) goto bad2; + if (status) { + fprintf (stderr, "error getting credentials: %s\n", + error_message (status)); + goto bad2; + } /* Reset internal flags; these should not be sent. */ authopts &= (~OPTS_FORWARD_CREDS); diff --git a/src/appl/bsd/krlogin.c b/src/appl/bsd/krlogin.c index 0bfb3ef57..0a8e7902e 100644 --- a/src/appl/bsd/krlogin.c +++ b/src/appl/bsd/krlogin.c @@ -383,6 +383,11 @@ main(argc, argv) if (argc > 0 && !strcmp(*argv, "-D")) { argv++; argc--; + if (*argv == NULL) { + fprintf (stderr, + "rlogin: -D flag must be followed by the debug port.\n"); + exit (1); + } debug_port = htons(atoi(*argv)); argv++; argc--; goto another; @@ -545,6 +550,10 @@ main(argc, argv) /* On some systems, ospeed is the baud rate itself, not a table index. */ sprintf (term + strlen (term), "%d", ospeed); + else if (ospeed >= sizeof(speeds)/sizeof(char*)) + /* Past end of table, but not high enough to + look like a real speed. */ + (void) strcat (term, speeds[sizeof(speeds)/sizeof(char*) - 1]); else { (void) strcat(term, speeds[ospeed]); } diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index 2a1391704..3844087bb 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -529,8 +529,10 @@ char *kremuser; krb5_principal client; krb5_authenticator *kdata; +#ifdef KRB5_KRB4_COMPAT AUTH_DAT *v4_kdata; KTEXT v4_ticket; +#endif int auth_sys = 0; /* Which version of Kerberos used to authenticate */ diff --git a/src/appl/gssftp/ftp/ChangeLog b/src/appl/gssftp/ftp/ChangeLog index 4c287d294..64a6890d5 100644 --- a/src/appl/gssftp/ftp/ChangeLog +++ b/src/appl/gssftp/ftp/ChangeLog @@ -1,3 +1,12 @@ +1999-09-21 Ken Raeburn + + * ftp.c (getreply): Don't declare strpbrk or strstr functions if + they're defined as macros. + +1999-08-27 Tom Yu + + * ftp.c: Diable krb5-mech2 for now. + Tue May 11 11:58:00 1999 Ezra Peisach * ftp.c: Inclusion of gssapi_krb5.h requires gssapi_generic.h. diff --git a/src/appl/gssftp/ftp/ftp.c b/src/appl/gssftp/ftp/ftp.c index c6e47bdec..24049eabe 100644 --- a/src/appl/gssftp/ftp/ftp.c +++ b/src/appl/gssftp/ftp/ftp.c @@ -541,7 +541,12 @@ getreply(expecteof) sigtype cmdabort(); char ibuf[FTP_BUFSIZ], obuf[FTP_BUFSIZ]; int safe = 0; - extern char *strpbrk(), *strstr(); +#ifndef strpbrk + extern char *strpbrk(); +#endif +#ifndef strstr + extern char *strstr(); +#endif ibuf[0] = '\0'; if (reply_parse) reply_ptr = reply_buf; @@ -1877,9 +1882,7 @@ struct { const gss_OID_desc * const * mech_type; char *service_name; } gss_trials[] = { - { &gss_mech_krb5_v2, "ftp" }, { &gss_mech_krb5, "ftp" }, - { &gss_mech_krb5_v2, "host" }, { &gss_mech_krb5, "host" }, }; int n_gss_trials = sizeof(gss_trials)/sizeof(gss_trials[0]); diff --git a/src/appl/gssftp/ftpd/ChangeLog b/src/appl/gssftp/ftpd/ChangeLog index c84e77028..3d5aa408e 100644 --- a/src/appl/gssftp/ftpd/ChangeLog +++ b/src/appl/gssftp/ftpd/ChangeLog @@ -1,3 +1,10 @@ +1999-09-21 Ken Raeburn + + * ftpd.c (checkuser): Only call fclose on file handle if it's not + NULL. + (send_file_list): Don't declare strpbrk function if it's defined + as a macro. + Thu Mar 25 23:13:56 1999 Tom Yu * ftpd.c (login): Check that the luid is not the uid we want to diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c index d4987affc..52be05fb6 100644 --- a/src/appl/gssftp/ftpd/ftpd.c +++ b/src/appl/gssftp/ftpd/ftpd.c @@ -840,8 +840,8 @@ checkuser(name) } } } + (void) fclose(fd); } - (void) fclose(fd); return (0); } @@ -2018,7 +2018,9 @@ void myoob() { char *cp, *cs; +#ifndef strpbrk extern char *strpbrk(); +#endif /* only process if transfer occurring */ if (!transflag) @@ -2486,7 +2488,9 @@ send_file_list(whichfiles) FILE *dout = NULL; register char **dirlist, *dirname; int simple = 0; +#ifndef strpbrk char *strpbrk(); +#endif int ret = 0; if (strpbrk(whichfiles, "~{[*?") != NULL) { diff --git a/src/appl/sample/sample.h b/src/appl/sample/sample.h index aac9ad13e..6c81d9351 100644 --- a/src/appl/sample/sample.h +++ b/src/appl/sample/sample.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/sample/sclient/sclient.M b/src/appl/sample/sclient/sclient.M index 4eb934a64..1b5a8d6b7 100644 --- a/src/appl/sample/sclient/sclient.M +++ b/src/appl/sample/sclient/sclient.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/appl/sample/sclient/sclient.c b/src/appl/sample/sclient/sclient.c index c5c79123f..3b8bb98c6 100644 --- a/src/appl/sample/sclient/sclient.c +++ b/src/appl/sample/sclient/sclient.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/sample/sserver/sserver.M b/src/appl/sample/sserver/sserver.M index e879067e6..4323fd11b 100644 --- a/src/appl/sample/sserver/sserver.M +++ b/src/appl/sample/sserver/sserver.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/appl/sample/sserver/sserver.c b/src/appl/sample/sserver/sserver.c index e3b08962c..06579f4a6 100644 --- a/src/appl/sample/sserver/sserver.c +++ b/src/appl/sample/sserver/sserver.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/simple/client/sim_client.c b/src/appl/simple/client/sim_client.c index 0838757c4..b010794ee 100644 --- a/src/appl/simple/client/sim_client.c +++ b/src/appl/simple/client/sim_client.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/simple/server/sim_server.c b/src/appl/simple/server/sim_server.c index 7f1a824e4..6e4f4e1cc 100644 --- a/src/appl/simple/server/sim_server.c +++ b/src/appl/simple/server/sim_server.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/simple/simple.h b/src/appl/simple/simple.h index f908e2ca1..f230592e6 100644 --- a/src/appl/simple/simple.h +++ b/src/appl/simple/simple.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/telnet/libtelnet/ChangeLog b/src/appl/telnet/libtelnet/ChangeLog index c3a779a42..73985a2da 100644 --- a/src/appl/telnet/libtelnet/ChangeLog +++ b/src/appl/telnet/libtelnet/ChangeLog @@ -1,3 +1,11 @@ +1999-08-31 17:28 Jeffrey Altman + + * kerberos5.c: Corrections to yesterday's change. + +1999-08-30 16:55 Jeffrey Altman + + * kerberos5.c: Ensure that only "host" service tickets are accepted. + Wed Feb 3 22:59:27 1999 Theodore Y. Ts'o * kerberos5.c: Increase size of str_data so that we can accept diff --git a/src/appl/telnet/libtelnet/auth-proto.h b/src/appl/telnet/libtelnet/auth-proto.h index c14f6ed06..b1a0bb0b8 100644 --- a/src/appl/telnet/libtelnet/auth-proto.h +++ b/src/appl/telnet/libtelnet/auth-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/auth.c b/src/appl/telnet/libtelnet/auth.c index 428613566..f10ffb7aa 100644 --- a/src/appl/telnet/libtelnet/auth.c +++ b/src/appl/telnet/libtelnet/auth.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/auth.h b/src/appl/telnet/libtelnet/auth.h index b01a58dd5..0fe8bcf6f 100644 --- a/src/appl/telnet/libtelnet/auth.h +++ b/src/appl/telnet/libtelnet/auth.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/enc-proto.h b/src/appl/telnet/libtelnet/enc-proto.h index 48f91430f..2a17d44f4 100644 --- a/src/appl/telnet/libtelnet/enc-proto.h +++ b/src/appl/telnet/libtelnet/enc-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/encrypt.c b/src/appl/telnet/libtelnet/encrypt.c index 15f2a88b2..8833188bc 100644 --- a/src/appl/telnet/libtelnet/encrypt.c +++ b/src/appl/telnet/libtelnet/encrypt.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/encrypt.h b/src/appl/telnet/libtelnet/encrypt.h index d4274d8ca..00c72cd06 100644 --- a/src/appl/telnet/libtelnet/encrypt.h +++ b/src/appl/telnet/libtelnet/encrypt.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/kerberos.c b/src/appl/telnet/libtelnet/kerberos.c index ed32392c9..734466e86 100644 --- a/src/appl/telnet/libtelnet/kerberos.c +++ b/src/appl/telnet/libtelnet/kerberos.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c index 73b2c8780..371329823 100644 --- a/src/appl/telnet/libtelnet/kerberos5.c +++ b/src/appl/telnet/libtelnet/kerberos5.c @@ -52,7 +52,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ @@ -377,7 +380,7 @@ kerberos5_is(ap, data, cnt) #ifdef ENCRYPTION Session_Key skey; #endif - char errbuf[128]; + char errbuf[320]; char *name; char *getenv(); krb5_data inbuf; @@ -423,6 +426,27 @@ kerberos5_is(ap, data, cnt) (void) strcat(errbuf, error_message(r)); goto errout; } + + /* 256 bytes should be much larger than any reasonable first component */ + /* of a service name especially since the default is of length 4. */ + if (krb5_princ_component(telnet_context,ticket->server,0)->length < 256) { + char princ[256]; + strncpy(princ, + krb5_princ_component(telnet_context, ticket->server,0)->data, + krb5_princ_component(telnet_context, ticket->server,0)->length); + princ[krb5_princ_component(telnet_context, + ticket->server,0)->length] = '\0'; + if ( strcmp("host", princ) ) + { + (void) sprintf(errbuf, "incorrect service name: \"%s\" != \"%s\"", + princ, "host"); + goto errout; + } + } else { + (void) strcpy(errbuf, "service name too long"); + goto errout; + } + r = krb5_auth_con_getauthenticator(telnet_context, auth_context, &authenticator); @@ -557,7 +581,7 @@ kerberos5_is(ap, data, cnt) errout: { - char eerrbuf[128+9]; + char eerrbuf[329]; strcpy(eerrbuf, "telnetd: "); strcat(eerrbuf, errbuf); diff --git a/src/appl/telnet/libtelnet/key-proto.h b/src/appl/telnet/libtelnet/key-proto.h index ffaeb86fa..a70aab9a5 100644 --- a/src/appl/telnet/libtelnet/key-proto.h +++ b/src/appl/telnet/libtelnet/key-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/misc-proto.h b/src/appl/telnet/libtelnet/misc-proto.h index ca9ae4b1b..3924a4651 100644 --- a/src/appl/telnet/libtelnet/misc-proto.h +++ b/src/appl/telnet/libtelnet/misc-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/user_user/client.c b/src/appl/user_user/client.c index 9fb0c7ad0..b5dcd0de8 100644 --- a/src/appl/user_user/client.c +++ b/src/appl/user_user/client.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/user_user/server.c b/src/appl/user_user/server.c index d6fb4fca9..d7cda69e8 100644 --- a/src/appl/user_user/server.c +++ b/src/appl/user_user/server.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/clients/ChangeLog b/src/clients/ChangeLog index 7aa79e60a..84c16224b 100644 --- a/src/clients/ChangeLog +++ b/src/clients/ChangeLog @@ -1,3 +1,7 @@ +1999-08-09 Danilo Almeida + + * Makefile.in: Build kpasswd under windows. + Tue May 18 19:52:56 1999 Danilo Almeida * Makefile.in: Remove - from recursive Win32 make invocation. diff --git a/src/clients/Makefile.in b/src/clients/Makefile.in index ada6fd0c1..931bdc0c9 100644 --- a/src/clients/Makefile.in +++ b/src/clients/Makefile.in @@ -16,6 +16,9 @@ all-windows:: @echo Making all in clients\kinit cd ..\kinit $(MAKE) -$(MFLAGS) + @echo Making all in clients\kpasswd + cd ..\kpasswd + $(MAKE) -$(MFLAGS) cd .. clean-windows:: diff --git a/src/clients/kdestroy/ChangeLog b/src/clients/kdestroy/ChangeLog index f3d51232b..164834415 100644 --- a/src/clients/kdestroy/ChangeLog +++ b/src/clients/kdestroy/ChangeLog @@ -1,3 +1,7 @@ +1999-08-09 Danilo Almeida + + * Makefile.in: Use standard windows exe link flags. + Mon May 10 15:09:31 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/clients/kdestroy/Makefile.in b/src/clients/kdestroy/Makefile.in index 9489d2fa9..c569e42d2 100644 --- a/src/clients/kdestroy/Makefile.in +++ b/src/clients/kdestroy/Makefile.in @@ -22,7 +22,7 @@ kdestroy: kdestroy.o $(KRB5_BASE_DEPLIBS) ##WIN32##all-windows:: $(OUTPRE)kdestroy.exe ##WIN32##$(OUTPRE)kdestroy.exe: $(OUTPRE)kdestroy.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB) -##WIN32## link /nologo /out:$@ $** +##WIN32## link $(LINKOPTS2) -out:$@ $** clean-unix:: diff --git a/src/clients/kdestroy/kdestroy.M b/src/clients/kdestroy/kdestroy.M index 9886dad58..68ce7033e 100644 --- a/src/clients/kdestroy/kdestroy.M +++ b/src/clients/kdestroy/kdestroy.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/kdestroy/kdestroy.c b/src/clients/kdestroy/kdestroy.c index b52ccb246..6fdbc652a 100644 --- a/src/clients/kdestroy/kdestroy.c +++ b/src/clients/kdestroy/kdestroy.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/clients/kinit/ChangeLog b/src/clients/kinit/ChangeLog index fa18f1004..c7563c71a 100644 --- a/src/clients/kinit/ChangeLog +++ b/src/clients/kinit/ChangeLog @@ -1,3 +1,17 @@ +1999-08-25 Ken Raeburn + + * kinit.c (optind, optarg) [sun]: Declare on SunOS 4. Maybe + declare unconditionally, in the future. + +1999-08-12 Ken Raeburn + + * kinit.c (main): Initialize cache_name to null, in case it's not + set. + +1999-08-09 Danilo Almeida + + * Makefile.in: Use standard windows exe link flags. + Mon May 10 15:13:37 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/clients/kinit/Makefile.in b/src/clients/kinit/Makefile.in index 071d653f7..cff0dc9db 100644 --- a/src/clients/kinit/Makefile.in +++ b/src/clients/kinit/Makefile.in @@ -21,7 +21,7 @@ kinit: kinit.o $(KRB5_BASE_DEPLIBS) ##WIN32##all-windows:: $(OUTPRE)kinit.exe ##WIN32##$(OUTPRE)kinit.exe: $(OUTPRE)kinit.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB) -##WIN32## link /nologo /out:$@ $** +##WIN32## link $(LINKOPTS2) -out:$@ $** clean-unix:: diff --git a/src/clients/kinit/kinit.M b/src/clients/kinit/kinit.M index 6681967f4..e87536c91 100644 --- a/src/clients/kinit/kinit.M +++ b/src/clients/kinit/kinit.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c index c29b26e6c..777b44e0d 100644 --- a/src/clients/kinit/kinit.c +++ b/src/clients/kinit/kinit.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -33,6 +36,11 @@ #else #ifdef HAVE_UNISTD_H #include +#ifdef sun +/* SunOS4 unistd didn't declare these; okay to make unconditional? */ +extern int optind; +extern char *optarg; +#endif /* sun */ #else extern int optind; extern char *optarg; @@ -101,7 +109,7 @@ main(argc, argv) krb5_get_init_creds_opt opts; char *service_name = NULL; krb5_keytab keytab = NULL; - char *cache_name; + char *cache_name = NULL; krb5_ccache ccache = NULL; enum { INIT_PW, INIT_KT, RENEW, VALIDATE} action; int errflg = 0, idx, i; diff --git a/src/clients/klist/ChangeLog b/src/clients/klist/ChangeLog index 3f1cc6930..98cd6e662 100644 --- a/src/clients/klist/ChangeLog +++ b/src/clients/klist/ChangeLog @@ -1,3 +1,17 @@ +1999-09-01 Danilo Almeida + + * klist.c (do_ccache, show_credential): Use krb5_free_unparsed_name + instead of free. + +1999-08-26 Danilo Almeida + + * klist.c (show_credential): Index addresses array with i + in a loop instead of 1. (Thanks to jaltman@columbia.edu) + +1999-08-09 Danilo Almeida + + * Makefile.in: Use standard windows exe link flags. + Mon May 10 15:13:58 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/clients/klist/Makefile.in b/src/clients/klist/Makefile.in index b9be31653..5c5af91db 100644 --- a/src/clients/klist/Makefile.in +++ b/src/clients/klist/Makefile.in @@ -21,7 +21,7 @@ klist: klist.o $(KRB5_BASE_DEPLIBS) ##WIN32##all-windows:: $(OUTPRE)klist.exe ##WIN32##$(OUTPRE)klist.exe: $(OUTPRE)klist.obj $(KLIB) $(CLIB) -##WIN32## link /nologo /out:$@ $** wsock32.lib +##WIN32## link $(LINKOPTS2) -out:$@ $** wsock32.lib clean-unix:: diff --git a/src/clients/klist/klist.M b/src/clients/klist/klist.M index 99b42b985..3a352416c 100644 --- a/src/clients/klist/klist.M +++ b/src/clients/klist/klist.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c index 5d79a52e4..333142c14 100644 --- a/src/clients/klist/klist.c +++ b/src/clients/klist/klist.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -248,7 +251,7 @@ void do_keytab(name) printf(")"); } printf("\n"); - free(pname); + krb5_free_unparsed_name(kcontext, pname); } if (code && code != KRB5_KT_END) { com_err(progname, code, "while scanning keytab"); @@ -447,7 +450,7 @@ show_credential(progname, kcontext, cred) retval = krb5_unparse_name(kcontext, cred->server, &sname); if (retval) { com_err(progname, retval, "while unparsing server name"); - free(name); + krb5_free_unparsed_name(kcontext, name); return; } if (!cred->times.starttime) @@ -527,15 +530,15 @@ show_credential(progname, kcontext, cred) for (i=1; cred->addresses[i]; i++) { printf(", "); - one_addr(cred->addresses[1]); + one_addr(cred->addresses[i]); } printf("\n"); } } - free(name); - free(sname); + krb5_free_unparsed_name(kcontext, name); + krb5_free_unparsed_name(kcontext, sname); } void one_addr(a) diff --git a/src/clients/kpasswd/ChangeLog b/src/clients/kpasswd/ChangeLog index 46f98c554..c61e68898 100644 --- a/src/clients/kpasswd/ChangeLog +++ b/src/clients/kpasswd/ChangeLog @@ -1,3 +1,8 @@ +1999-08-09 Danilo Almeida + + * kpasswd.c: + * Makefile.in: Build kpasswd under windows. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/clients/kpasswd/Makefile.in b/src/clients/kpasswd/Makefile.in index 2b7490820..dddc05b95 100644 --- a/src/clients/kpasswd/Makefile.in +++ b/src/clients/kpasswd/Makefile.in @@ -14,17 +14,17 @@ kpasswd: kpasswd.o $(KRB5_BASE_DEPLIBS) kpasswd.o: $(srcdir)/kpasswd.c all-unix:: kpasswd -all-windows:: kpasswd.exe clean-unix:: $(RM) kpasswd.o kpasswd -clean-windows:: - $(RM) kpasswd.obj kpasswd.exe - install-all install-kdc install-server install-client install-unix:: $(INSTALL_PROGRAM) kpasswd $(DESTDIR)$(CLIENT_BINDIR)/`echo kpasswd|sed '$(transform)'` $(INSTALL_DATA) $(srcdir)/kpasswd.M $(DESTDIR)$(CLIENT_MANDIR)/`echo kpasswd|sed '$(transform)'`.1; -kpasswd.exe: kpasswd.obj - link /out:kpasswd.exe kpasswd.obj $(BUILDTOP)\lib\libkrb5.lib +##WIN32##INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 +##WIN32##CFLAGS = $(CCOPTS2) $(INCLUDES) + +##WIN32##all-windows:: $(OUTPRE)kpasswd.exe +##WIN32##$(OUTPRE)kpasswd.exe: $(OUTPRE)kpasswd.obj $(KLIB) $(CLIB) +##WIN32## link $(LINKOPTS2) -out:$@ $** diff --git a/src/clients/kpasswd/kpasswd.M b/src/clients/kpasswd/kpasswd.M index 5428898ef..f88a13451 100644 --- a/src/clients/kpasswd/kpasswd.M +++ b/src/clients/kpasswd/kpasswd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/kpasswd/kpasswd.c b/src/clients/kpasswd/kpasswd.c index 711c4ecd6..2e719d6de 100644 --- a/src/clients/kpasswd/kpasswd.c +++ b/src/clients/kpasswd/kpasswd.c @@ -1,20 +1,51 @@ #include #include -#include + +#ifndef _WIN32 #include +#endif #include #define P1 "Enter new password: " #define P2 "Enter it again: " +#ifdef HAVE_PWD_H +#include + +void get_name_from_passwd_file(program_name, kcontext, me) + char * program_name; + krb5_context kcontext; + krb5_principal * me; +{ + struct passwd *pw; + krb5_error_code code; + if (pw = getpwuid((int) getuid())) { + if ((code = krb5_parse_name(kcontext, pw->pw_name, me))) { + com_err (program_name, code, "when parsing name %s", pw->pw_name); + exit(1); + } + } else { + fprintf(stderr, "Unable to identify user from password file\n"); + exit(1); + } +} +#else /* HAVE_PWD_H */ +void get_name_from_passwd_file(kcontext, me) + krb5_context kcontext; + krb5_principal * me; +{ + fprintf(stderr, "Unable to identify user\n"); + exit(1); +} +#endif /* HAVE_PWD_H */ + int main(int argc, char *argv[]) { krb5_error_code ret; krb5_context context; krb5_principal princ; char *pname; - struct passwd *pwd; krb5_ccache ccache; krb5_get_init_creds_opt opts; krb5_creds creds; @@ -40,7 +71,9 @@ int main(int argc, char *argv[]) exit(1); } +#if 0 krb5_init_ets(context); +#endif /* in order, use the first of: - a name specified on the command line @@ -70,15 +103,8 @@ int main(int argc, char *argv[]) com_err(argv[0], ret, "closing ccache"); exit(1); } - } else if (pwd = getpwuid(getuid())) { - if (ret = krb5_parse_name(context, pwd->pw_name, &princ)) { - com_err(argv[0], ret, "parsing client name"); - exit(1); - } } else { - com_err(argv[0], 0, - "no matching password entry while looking for username"); - exit(1); + get_name_from_passwd_file(argv[0], context, &princ); } krb5_get_init_creds_opt_init(&opts); diff --git a/src/clients/ksu/ChangeLog b/src/clients/ksu/ChangeLog index 44dc8989d..620e14d14 100644 --- a/src/clients/ksu/ChangeLog +++ b/src/clients/ksu/ChangeLog @@ -1,3 +1,9 @@ +1999-08-23 Ken Raeburn + + * heuristic.c (find_ticket): Use flag KRB5_TC_SUPPORTED_KTYPES + when calling krb5_cc_retrieve_cred. + * krb_auth_su.c (krb5_auth_check, krb5_fast_auth): Ditto. + Fri Mar 12 18:52:18 1999 Tom Yu * main.c (main): Fix cleanup code for setluid() failure. diff --git a/src/clients/ksu/heuristic.c b/src/clients/ksu/heuristic.c index 40858fb3a..a8a180090 100644 --- a/src/clients/ksu/heuristic.c +++ b/src/clients/ksu/heuristic.c @@ -451,7 +451,7 @@ krb5_error_code find_ticket (context, cc, client, server, found) if (retval= krb5_copy_principal(context, server, &tgtq.server)) return retval ; - retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY, + retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt); if (! retval) retval = krb5_check_exp(context, tgt.times); diff --git a/src/clients/ksu/krb_auth_su.c b/src/clients/ksu/krb_auth_su.c index e5a489f91..fb0f547fb 100644 --- a/src/clients/ksu/krb_auth_su.c +++ b/src/clients/ksu/krb_auth_su.c @@ -125,8 +125,9 @@ krb5_boolean zero_password; } if (auth_debug){ dump_principal(context, "local tgt principal name", tgtq.server ); } - retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, &tgt); + retval = krb5_cc_retrieve_cred(context, cc, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, + &tgtq, &tgt); if (! retval) retval = krb5_check_exp(context, tgt.times); @@ -260,8 +261,9 @@ krb5_error_code retval; return (FALSE) ; } - if ((retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, &tgt))){ + if ((retval = krb5_cc_retrieve_cred(context, cc, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, + &tgtq, &tgt))){ if (auth_debug) com_err(prog_name, retval,"While Retrieving credentials"); return (FALSE) ; diff --git a/src/config-files/kdc.conf.M b/src/config-files/kdc.conf.M index 318e5cea7..81ce6047a 100644 --- a/src/config-files/kdc.conf.M +++ b/src/config-files/kdc.conf.M @@ -12,7 +12,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/config-files/krb5.conf.M b/src/config-files/krb5.conf.M index f9f3f3d91..143601e7a 100644 --- a/src/config-files/krb5.conf.M +++ b/src/config-files/krb5.conf.M @@ -12,7 +12,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/config/ChangeLog b/src/config/ChangeLog index 22bc43380..5213425e4 100644 --- a/src/config/ChangeLog +++ b/src/config/ChangeLog @@ -1,3 +1,28 @@ +1999-09-14 Danilo Almeida + + * win-pre.in: Fix DNS error messages to wshelper instead of + version server. + +1999-09-08 Danilo Almeida + + * win-pre.in: Fix DNS flags it does not try to depend on mit dir. + Define NULL so we can do directory existence checks via the shell + under both NT and 9x. + +1999-08-23 Ken Raeburn + + * config.guess: Recognize Rhapsody OS. + * config.sub: Recognize OS name "rhapsody*". + +1999-08-17 Ken Raeburn + + * post.in (*-recurse): If an error occurs when using -k, report an + error after finishing all the subdirectories. + +1999-08-13 Brad Thompson + + * config.sub: Now recognizes MacOS 10 as a valid OS. + 1999-07-30 Ken Raeburn * config.guess: Add MacOS 10 support. (Submitted to autoconf diff --git a/src/config/config.guess b/src/config/config.guess index c4cdae72f..98fea7b84 100644 --- a/src/config/config.guess +++ b/src/config/config.guess @@ -810,6 +810,19 @@ EOF BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit 0 ;; +# MIT addition + Power\ Macintosh:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit 0 ;; +# MIT addition + powerpc:Rhapsody:*:*) + echo powerpc-unknown-rhapsody${UNAME_RELEASE} + exit 0 ;; +# MIT addition + i?86:Rhapsody:*:*) + echo i386-unknown-rhapsody${UNAME_RELEASE} + exit 0 ;; +# MIT addition Power\ Macintosh:Mac\ OS:*:*) echo powerpc-apple-macos${UNAME_RELEASE} exit 0 ;; diff --git a/src/config/config.sub b/src/config/config.sub index 00bea6e6a..995263424 100644 --- a/src/config/config.sub +++ b/src/config/config.sub @@ -714,7 +714,7 @@ case $os in | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -uxpv* | -beos*) + | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -macos* | -rhapsody*) # Remember, each alternative MUST END IN *, to match a version number. ;; -linux*) diff --git a/src/config/post.in b/src/config/post.in index 82bf72882..6a318288a 100644 --- a/src/config/post.in +++ b/src/config/post.in @@ -54,12 +54,13 @@ $(srcdir)/$(thisconfigdir)/configure: $(srcdir)/$(thisconfigdir)/configure.in \ all-recurse clean-recurse distclean-recurse install-recurse check-recurse Makefiles-recurse: @case "`echo 'x$(MFLAGS)'|sed -e 's/^x//' -e 's/ --.*$$//'`" \ - in *[ik]*) e=:;; *) e="exit 1";; esac; \ + in *[ik]*) e="status=1" ;; *) e="exit 1";; esac; \ if test -z "$(MY_SUBDIRS)" ; then \ do_subdirs="$(SUBDIRS)" ; \ else \ do_subdirs="$(MY_SUBDIRS)" ; \ fi; \ + status=0; \ if test -n "$$do_subdirs" && test -z "$(NORECURSE)"; then \ for i in $$do_subdirs ; do \ if test -d $$i ; then \ @@ -68,7 +69,7 @@ all-recurse clean-recurse distclean-recurse install-recurse check-recurse Makefi echo "making $$target in $(CURRENT_DIR)$$i..."; \ if (cd $$i ; $(MAKE) CC="$(CC)" CCOPTS="$(CCOPTS)" \ CURRENT_DIR=$(CURRENT_DIR)$$i/ $$target) then :; \ - else $$e; fi; \ + else eval $$e; fi; \ ;; \ esac; \ else \ @@ -76,4 +77,5 @@ all-recurse clean-recurse distclean-recurse install-recurse check-recurse Makefi fi; \ done; \ else :; \ - fi + fi;\ + exit $$status diff --git a/src/config/win-pre.in b/src/config/win-pre.in index 8ed8a5175..25522fd2f 100644 --- a/src/config/win-pre.in +++ b/src/config/win-pre.in @@ -38,6 +38,11 @@ CPU=i386 # End of figuring out CPU # +!if "$(OS)" == "Windows_NT" +NULL= +!else +NULL=nul +!endif # NOTE: ^ is an escape char for NMAKE. !ifdef NODEBUG @@ -111,13 +116,24 @@ LOPTS=-debug LINKOPTS=-incremental:no $(LOPTS) -nologo -dll -entry:DllMain LINKOPTS2=-incremental:no $(LOPTS) -nologo -!if defined(KRB5_USE_DNS) -DNSFLAGS= -DKRB5_DNS_LOOKUP -DWSHELPER + +!if defined(KRB5_USE_DNS) +!if !defined(DNS_INC) +!message Must define DNS_INC to point to wshelper includes dir! +!error +!endif +!if !defined(DNS_LIB) +!message Must define DNS_LIB to point to wshelper library! +!error +!endif +DNSLIBS=$(DNS_LIB) +DNSFLAGS=-I$(DNS_INC) -DKRB5_DNS_LOOKUP -DWSHELPER !else +DNSLIBS= DNSFLAGS= !endif -CPPFLAGS = -I$(SRCTOP)\include -I$(SRCTOP)\include\krb5 -I$(SRCTOP)\mit\windows\include $(DNSFLAGS) +CPPFLAGS = -I$(SRCTOP)\include -I$(SRCTOP)\include\krb5 $(DNSFLAGS) DEFS = $(CPPFLAGS) CFLAGS2 = $(CCOPTS2) $(DEFS) diff --git a/src/include/ChangeLog b/src/include/ChangeLog index 2eabec100..f0b87cd10 100644 --- a/src/include/ChangeLog +++ b/src/include/ChangeLog @@ -1,3 +1,52 @@ +1999-09-08 Tom Yu + + * Makefile.in (install): Install port-sockets.h, needed by + kerberosIV/krb.h. + +1999-08-31 Jeffrey Altman + + * k5-int.h: Add #define ANSI_STDIO for Windows builds so that + stdio opens files in binary mode instead of text + mode. This is necessary for Ctrl-Z transparency. + +1999-08-30 Ken Raeburn + + * configure.in: Check for memmove and bcopy. + + * Makefile.in (install): Install profile.h since krb5.h will use + it. + +1999-08-26 Danilo Almeida + + * krb5.hin (krb5_kuserok): Fix calling convention to make it + consistent with rest of krb5 exports before we start exporting + this from the Windows DLL. + +1999-08-25 Danilo Almeida + + * k5-int.h (krb5_cc_retrieve_cred_default): Fix calling convention + to make it consistent with actual calling convention. + +1999-08-23 Ken Raeburn + + * krb5.hin (KRB5_TC_SUPPORTED_KTYPES): New flag. + * k5-int.h (krb5_cc_retrieve_cred_default): Declare. + +1999-08-18 Tom Yu + + * krb5.hin: Re-align des3-cbc-sha1 and hmac-sha1-des3 to agree + with new number assignments; also rename symbols a little bit. + +1999-08-09 Danilo Almeida + + * win-mac.h: Define MAXPATHLEN only if not already defined. This + avoids warnings under Windows. + +1999-08-04 Danilo Almeida + + * k5-int.h: Keep invariant that profile_in_memory member of context + is only sensible if KRB5_DNS_LOOKUP is defined. + 1999-08-03 Ken Raeburn * krb5.hin: Wrap all declarations in `extern "C"' for C++, not diff --git a/src/include/Makefile.in b/src/include/Makefile.in index db023fc69..e77a99168 100644 --- a/src/include/Makefile.in +++ b/src/include/Makefile.in @@ -69,5 +69,8 @@ clean-windows:: cd .. @echo Making clean in include -install:: krb5.h +install:: krb5.h profile.h $(INSTALL_DATA) krb5.h $(DESTDIR)$(KRB5_INCDIR)$(S)krb5.h + $(INSTALL_DATA) profile.h $(DESTDIR)$(KRB5_INCDIR)$(S)profile.h + $(INSTALL_DATA) $(srcdir)/port-sockets.h \ + $(DESTDIR)$(KRB5_INCDIR)$(S)port-sockets.h diff --git a/src/include/configure.in b/src/include/configure.in index 8a4c03d15..c99448ecf 100644 --- a/src/include/configure.in +++ b/src/include/configure.in @@ -5,7 +5,7 @@ AC_PROG_INSTALL AC_PROG_AWK AC_PROG_LEX AC_CONST -AC_CHECK_FUNCS(strdup labs setvbuf) +AC_CHECK_FUNCS(strdup labs setvbuf memmove bcopy) HAVE_YYLINENO CHECK_DIRENT AC_TYPE_UID_T diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 2f7fb7f4f..303a5b544 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -32,7 +32,11 @@ * be used in advertising or publicity pertaining to distribution of the * software. Title to copyright in this software and any associated * documentation shall at all times remain with M.I.T., and USER agrees to - * preserve same. + * preserve same. + * + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. */ /* @@ -102,6 +106,7 @@ #define INI_KRB_CCACHE "krb5cc" /* Location of the ccache */ #define INI_KRB5_CONF "krb5.ini" /* Location of krb5.conf file */ #define HAVE_LABS +#define ANSI_STDIO #endif @@ -990,7 +995,9 @@ struct _krb5_context { krb5_boolean profile_secure; int fcc_default_format; int scc_default_format; +#ifdef KRB5_DNS_LOOKUP krb5_boolean profile_in_memory; +#endif /* KRB5_DNS_LOOKUP */ }; /* could be used in a table to find an etype and initialize a block */ @@ -1472,6 +1479,11 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_ser_unpack_bytes krb5_octet FAR * FAR *, size_t FAR *)); + +krb5_error_code KRB5_CALLCONV krb5_cc_retrieve_cred_default + KRB5_PROTOTYPE((krb5_context, krb5_ccache, krb5_flags, + krb5_creds *, krb5_creds *)); + #if defined(macintosh) && defined(__CFM68K__) && !defined(__USING_STATIC_LIBS__) #pragma import reset #endif diff --git a/src/include/k5-util.h b/src/include/k5-util.h index 643b936d2..f245dcb6e 100644 --- a/src/include/k5-util.h +++ b/src/include/k5-util.h @@ -32,7 +32,11 @@ * be used in advertising or publicity pertaining to distribution of the * software. Title to copyright in this software and any associated * documentation shall at all times remain with M.I.T., and USER agrees to - * preserve same. + * preserve same. + * + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. */ /* diff --git a/src/include/kerberosIV/addr_comp.h b/src/include/kerberosIV/addr_comp.h index b4ebcd33e..ccf3a8d05 100644 --- a/src/include/kerberosIV/addr_comp.h +++ b/src/include/kerberosIV/addr_comp.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/admin_server.h b/src/include/kerberosIV/admin_server.h index a50c1b918..3da415518 100644 --- a/src/include/kerberosIV/admin_server.h +++ b/src/include/kerberosIV/admin_server.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/des.h b/src/include/kerberosIV/des.h index b9a69d5d8..86556083c 100644 --- a/src/include/kerberosIV/des.h +++ b/src/include/kerberosIV/des.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/highc.h b/src/include/kerberosIV/highc.h index a7ee8820a..c45a85502 100644 --- a/src/include/kerberosIV/highc.h +++ b/src/include/kerberosIV/highc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/kadm.h b/src/include/kerberosIV/kadm.h index 35c29d1b8..e3f47c059 100644 --- a/src/include/kerberosIV/kadm.h +++ b/src/include/kerberosIV/kadm.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/kdc.h b/src/include/kerberosIV/kdc.h index 6a9804eaf..095420c28 100644 --- a/src/include/kerberosIV/kdc.h +++ b/src/include/kerberosIV/kdc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/klog.h b/src/include/kerberosIV/klog.h index 0d9f0ce07..a7e1afb0b 100644 --- a/src/include/kerberosIV/klog.h +++ b/src/include/kerberosIV/klog.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/kparse.h b/src/include/kerberosIV/kparse.h index 839f4b90a..3562565be 100644 --- a/src/include/kerberosIV/kparse.h +++ b/src/include/kerberosIV/kparse.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/krb.h b/src/include/kerberosIV/krb.h index f18f42a04..fe8830be4 100644 --- a/src/include/kerberosIV/krb.h +++ b/src/include/kerberosIV/krb.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/krb_conf.h b/src/include/kerberosIV/krb_conf.h index d57bcb4b4..3edeaf941 100644 --- a/src/include/kerberosIV/krb_conf.h +++ b/src/include/kerberosIV/krb_conf.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/krb_db.h b/src/include/kerberosIV/krb_db.h index dc2265d96..3e3b1dda6 100644 --- a/src/include/kerberosIV/krb_db.h +++ b/src/include/kerberosIV/krb_db.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/mit-copyright.h b/src/include/kerberosIV/mit-copyright.h index 380d7bc75..e00865769 100644 --- a/src/include/kerberosIV/mit-copyright.h +++ b/src/include/kerberosIV/mit-copyright.h @@ -6,14 +6,17 @@ It is the responsibility of any person or organization contemplating export to obtain such a license before exporting. -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +WITHIN THAT CONSTRAINT, Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of +permission. Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. +M.I.T. makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/include/kerberosIV/passwd_server.h b/src/include/kerberosIV/passwd_server.h index fb2ac3e9f..e0a32c54c 100644 --- a/src/include/kerberosIV/passwd_server.h +++ b/src/include/kerberosIV/passwd_server.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/principal.h b/src/include/kerberosIV/principal.h index d220130cf..2960870be 100644 --- a/src/include/kerberosIV/principal.h +++ b/src/include/kerberosIV/principal.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/prot.h b/src/include/kerberosIV/prot.h index d051be3fb..4e365b4b2 100644 --- a/src/include/kerberosIV/prot.h +++ b/src/include/kerberosIV/prot.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5.hin b/src/include/krb5.hin index 0f4836a0b..3d9f55c47 100644 --- a/src/include/krb5.hin +++ b/src/include/krb5.hin @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -363,8 +366,8 @@ typedef struct _krb5_enc_data { /* XXX deprecated? */ #define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */ #define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */ -#define ENCTYPE_DES3_HMAC_SHA1 0x0007 #define ENCTYPE_DES_HMAC_SHA1 0x0008 +#define ENCTYPE_DES3_CBC_SHA1 0x0010 #define ENCTYPE_UNKNOWN 0x01ff /* local crud */ /* marc's DES-3 with 32-bit length */ @@ -379,7 +382,7 @@ typedef struct _krb5_enc_data { #define CKSUMTYPE_RSA_MD5 0x0007 #define CKSUMTYPE_RSA_MD5_DES 0x0008 #define CKSUMTYPE_NIST_SHA 0x0009 -#define CKSUMTYPE_HMAC_SHA1 0x000a +#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c #ifndef krb5_roundup /* round x up to nearest multiple of y */ @@ -1168,24 +1171,25 @@ typedef struct _krb5_cc_ops { #define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040 #define KRB5_TC_MATCH_2ND_TKT 0x00000080 #define KRB5_TC_MATCH_KTYPE 0x00000100 +#define KRB5_TC_SUPPORTED_KTYPES 0x00000200 /* for set_flags and other functions */ #define KRB5_TC_OPENCLOSE 0x00000001 -#define krb5_cc_initialize(context, cache, principal) krb5_x((cache)->ops->init,(context, cache, principal)) -#define krb5_cc_gen_new(context, cache) krb5_x((*cache)->ops->gen_new,(context, cache)) -#define krb5_cc_destroy(context, cache) krb5_x((cache)->ops->destroy,(context, cache)) -#define krb5_cc_close(context, cache) krb5_x((cache)->ops->close,(context, cache)) -#define krb5_cc_store_cred(context, cache, creds) krb5_x((cache)->ops->store,(context, cache, creds)) -#define krb5_cc_retrieve_cred(context, cache, flags, mcreds, creds) krb5_x((cache)->ops->retrieve,(context, cache, flags, mcreds, creds)) -#define krb5_cc_get_principal(context, cache, principal) krb5_x((cache)->ops->get_princ,(context, cache, principal)) -#define krb5_cc_start_seq_get(context, cache, cursor) krb5_x((cache)->ops->get_first,(context, cache, cursor)) -#define krb5_cc_next_cred(context, cache, cursor, creds) krb5_x((cache)->ops->get_next,(context, cache, cursor, creds)) -#define krb5_cc_end_seq_get(context, cache, cursor) krb5_x((cache)->ops->end_get,(context, cache, cursor)) -#define krb5_cc_remove_cred(context, cache, flags, creds) krb5_x((cache)->ops->remove_cred,(context, cache,flags, creds)) -#define krb5_cc_set_flags(context, cache, flags) krb5_x((cache)->ops->set_flags,(context, cache, flags)) -#define krb5_cc_get_name(context, cache) krb5_xc((cache)->ops->get_name,(context, cache)) -#define krb5_cc_get_type(context, cache) ((cache)->ops->prefix) +#define krb5_cc_initialize(context, cache, principal) krb5_x ((cache)->ops->init,(context, cache, principal)) +#define krb5_cc_gen_new(context, cache) krb5_x ((*cache)->ops->gen_new,(context, cache)) +#define krb5_cc_destroy(context, cache) krb5_x ((cache)->ops->destroy,(context, cache)) +#define krb5_cc_close(context, cache) krb5_x ((cache)->ops->close,(context, cache)) +#define krb5_cc_store_cred(context, cache, creds) krb5_x ((cache)->ops->store,(context, cache, creds)) +#define krb5_cc_retrieve_cred(context, cache, flags, mcreds, creds) krb5_x ((cache)->ops->retrieve,(context, cache, flags, mcreds, creds)) +#define krb5_cc_get_principal(context, cache, principal) krb5_x ((cache)->ops->get_princ,(context, cache, principal)) +#define krb5_cc_start_seq_get(context, cache, cursor) krb5_x ((cache)->ops->get_first,(context, cache, cursor)) +#define krb5_cc_next_cred(context, cache, cursor, creds) krb5_x ((cache)->ops->get_next,(context, cache, cursor, creds)) +#define krb5_cc_end_seq_get(context, cache, cursor) krb5_x ((cache)->ops->end_get,(context, cache, cursor)) +#define krb5_cc_remove_cred(context, cache, flags, creds) krb5_x ((cache)->ops->remove_cred,(context, cache,flags, creds)) +#define krb5_cc_set_flags(context, cache, flags) krb5_x ((cache)->ops->set_flags,(context, cache, flags)) +#define krb5_cc_get_name(context, cache) krb5_xc((cache)->ops->get_name,(context, cache)) +#define krb5_cc_get_type(context, cache) ((cache)->ops->prefix) extern krb5_cc_ops *krb5_cc_dfl_ops; @@ -2153,7 +2157,7 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_get_realm_domain KRB5_PROTOTYPE((krb5_context, const char *, char ** )); -krb5_boolean krb5_kuserok +KRB5_DLLIMP krb5_boolean KRB5_CALLCONV krb5_kuserok KRB5_PROTOTYPE((krb5_context, krb5_principal, const char *)); KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_auth_con_genaddrs diff --git a/src/include/krb5/adm.h b/src/include/krb5/adm.h index b4ec50852..b3a2b6af3 100644 --- a/src/include/krb5/adm.h +++ b/src/include/krb5/adm.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/adm_defs.h b/src/include/krb5/adm_defs.h index 0c4ed05c3..4ac70031a 100644 --- a/src/include/krb5/adm_defs.h +++ b/src/include/krb5/adm_defs.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/adm_proto.h b/src/include/krb5/adm_proto.h index 5e9b984bc..bcfe0aee9 100644 --- a/src/include/krb5/adm_proto.h +++ b/src/include/krb5/adm_proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/copyright.h b/src/include/krb5/copyright.h index c0785988a..b1740ce3c 100644 --- a/src/include/krb5/copyright.h +++ b/src/include/krb5/copyright.h @@ -32,5 +32,9 @@ * be used in advertising or publicity pertaining to distribution of the * software. Title to copyright in this software and any associated * documentation shall at all times remain with M.I.T., and USER agrees to - * preserve same. + * preserve same. + * + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. */ diff --git a/src/include/krb5/k5-config.h b/src/include/krb5/k5-config.h deleted file mode 100644 index 9d2ec6c18..000000000 --- a/src/include/krb5/k5-config.h +++ /dev/null @@ -1,311 +0,0 @@ -/* - * Copyright 1990,1991,1994,1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * Configuration definition file. - */ - - -#ifndef KRB5_CONFIG__ -#define KRB5_CONFIG__ - -#ifdef _MSDOS -/* - * Machine-type definitions: PC Clone 386 running Microloss Windows - */ - -/* Kerberos Windows initialization file */ -#define KERBEROS_INI "kerberos.ini" -#define INI_FILES "Files" -#define INI_KRB_CCACHE "krb5cc" /* Location of the ccache */ -#define INI_KRB5_CONF "krb5.ini" /* Location of krb5.conf file */ - -#define KRB5_DBM_COMPAT__ /* Don't load dbm.h */ -#define KRB5_KDB5__ /* Don't load kdb.h */ -#define KRB5_KDB5_DBM__ /* Don't load kdb_dbm.h */ - -#define BITS16 -#define SIZEOF_INT 2 -#define SIZEOF_SHORT 2 -#define SIZEOF_LONG 4 -#define MAXHOSTNAMELEN 512 -#define MAXPATHLEN 256 /* Also for Windows temp files */ - -#define KRB5_USE_INET -#define MSDOS_FILESYSTEM -#define USE_STRING_H -#define HAVE_SRAND -#define HAVE_ERRNO -#define HAS_STRDUP -#define NO_USERID -#define NOFCHMOD -#define NOCHMOD -#define NO_PASSWORD -#define WM_KERBEROS5_CHANGED "Kerberos5 Changed" - -#define HAS_ANSI_VOLATILE -#define HAS_VOID_TYPE -#define KRB5_PROVIDE_PROTOTYPES -#define HAVE_STDARG_H -#define HAVE_SYS_TYPES_H - -#ifndef _SIZE_T_DEFINED -typedef unsigned int size_t; -#define _SIZE_T_DEFINED -#endif - -#ifndef KRB5_SYSTYPES__ -#define KRB5_SYSTYPES__ -#include -typedef unsigned long u_long; /* Not part of sys/types.h on the pc */ -typedef unsigned int u_int; -typedef unsigned short u_short; -typedef unsigned char u_char; -#endif /* KRB5_SYSTYPES__ */ - -#ifndef INTERFACE -#define INTERFACE __far __export __pascal -#define INTERFACE_C __far __export __cdecl -#endif - -/* - * The following defines are needed to make work - * in stdc mode (/Za flag). Winsock.h needs . - */ -#define FAR _far -#define NEAR _near -#define _far __far -#define _near __near -#define _pascal __pascal -#define _cdecl __cdecl -#define _huge __huge - -#ifdef NEED_WINDOWS -#include -#endif - -#ifdef NEED_LOWLEVEL_IO -/* Ugly. Microsoft, in stdc mode, doesn't support the low-level i/o - * routines directly. Rather, they only export the _ version. - * The following defines works around this problem. - */ -#include -#include -#include -#include -#include -#define O_RDONLY _O_RDONLY -#define O_WRONLY _O_WRONLY -#define O_RDWR _O_RDWR -#define O_APPEND _O_APPEND -#define O_CREAT _O_CREAT -#define O_TRUNC _O_TRUNC -#define O_EXCL _O_EXCL -#define O_TEXT _O_TEXT -#define O_BINARY _O_BINARY -#define O_NOINHERIT _O_NOINHERIT -#define stat _stat -#define unlink _unlink -#define lseek _lseek -#define write _write -#define open _open -#define close _close -#define read _read -#define fstat _fstat -#define mktemp _mktemp -#define dup _dup - -#define getpid _getpid -#endif - -#ifdef NEED_SYSERROR -/* Only needed by util/et/error_message.c but let's keep the source clean */ -#define sys_nerr _sys_nerr -#define sys_errlist _sys_errlist -#endif - -/* XXX these should be parameterized soon... */ -#define PROVIDE_DES_CBC_MD5 -#define PROVIDE_DES_CBC_CRC -#define PROVIDE_RAW_DES_CBC -#define PROVIDE_CRC32 -#define PROVIDE_DES_CBC_CKSUM -#define PROVIDE_RSA_MD4 -#define PROVIDE_RSA_MD5 -#define DEFAULT_PWD_STRING1 "Enter password:" -#define DEFAULT_PWD_STRING2 "Re-enter password for verification:" - -/* Functions with slightly different names on the PC -*/ -#define strcasecmp _stricmp -#define strdup _strdup -#define off_t _off_t - -#else /* Rest of include file is for non-Microloss-Windows */ - -#if defined(_MACINTOSH) -#include - -typedef struct { - int dummy; -} datum; - -#include - -#ifdef NEED_LOWLEVEL_IO -#include -#endif - -#ifndef _MWERKS -/* there is no for mpw */ -typedef unsigned long mode_t; -typedef unsigned long ino_t; -typedef unsigned long dev_t; -typedef short nlink_t; -typedef unsigned long uid_t; -typedef unsigned long gid_t; -typedef long off_t; -struct stat -{ - mode_t st_mode; /* File mode; see #define's below */ - ino_t st_ino; /* File serial number */ - dev_t st_dev; /* ID of device containing this file */ - nlink_t st_nlink; /* Number of links */ - uid_t st_uid; /* User ID of the file's owner */ - gid_t st_gid; /* Group ID of the file's group */ - dev_t st_rdev; /* Device type */ - off_t st_size; /* File size in bytes */ - unsigned long st_atime; /* Time of last access */ - unsigned long st_mtime; /* Time of last data modification */ - unsigned long st_ctime; /* Time of last file status change */ - long st_blksize; /* Optimal blocksize */ - long st_blocks; /* blocks allocated for file */ -}; - -int stat(const char *path, struct stat *buf); -int fstat(int fildes, struct stat *buf); - -#endif /* _MWERKS */ - -#define EFBIG 1000 - -#define NOFCHMOD 1 -#define NOCHMOD 1 -#define _MACSOCKAPI_ - -#define THREEPARAMOPEN(x,y,z) open(x,y) -#define MAXPATHLEN 255 - -/* protocol families same as address families */ -#define PF_INET AF_INET - -/* XXX these should be parameterized soon... */ -#define PROVIDE_DES_CBC_MD5 -#define PROVIDE_DES_CBC_CRC -#define PROVIDE_RAW_DES_CBC -#define PROVIDE_CRC32 -#define PROVIDE_DES_CBC_CKSUM -#define PROVIDE_RSA_MD4 -#define PROVIDE_RSA_MD5 - -#else /* _MACINTOSH */ -#define THREEPARAMOPEN(x,y,z) open(x,y,z) -#endif /* _MACINTOSH */ - -#ifndef KRB5_AUTOCONF__ -#define KRB5_AUTOCONF__ -#include "autoconf.h" -#endif - -#ifndef KRB5_SYSTYPES__ -#define KRB5_SYSTYPES__ - -#ifdef HAVE_SYS_TYPES_H /* From autoconf.h */ -#include -#else /* HAVE_SYS_TYPES_H */ -typedef unsigned long u_long; -typedef unsigned int u_int; -typedef unsigned short u_short; -typedef unsigned char u_char; -#endif /* HAVE_SYS_TYPES_H */ -#endif /* KRB5_SYSTYPES__ */ - -#ifdef SYSV -/* Change srandom and random to use rand and srand */ -/* Taken from the Sandia changes. XXX We should really just include */ -/* srandom and random into Kerberos release, since rand() is a really */ -/* bad random number generator.... [tytso:19920616.2231EDT] */ -#define random() rand() -#define srandom(a) srand(a) -#ifndef unicos61 -#define utimes(a,b) utime(a,b) -#endif /* unicos61 */ -#endif /* SYSV */ - -/* XXX these should be parameterized soon... */ -#define PROVIDE_DES_CBC_MD5 -#define PROVIDE_DES_CBC_CRC -#define PROVIDE_RAW_DES_CBC -#define PROVIDE_CRC32 -#define PROVIDE_DES_CBC_CKSUM -#define PROVIDE_RSA_MD4 -#define PROVIDE_RSA_MD5 - -#define DEFAULT_PWD_STRING1 "Enter password:" -#define DEFAULT_PWD_STRING2 "Re-enter password for verification:" - -#define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */ -#define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */ -#define KRB5_KDB_EXPIRATION 2145830400 /* Thu Jan 1 00:00:00 2038 UTC */ - -/* - * For paranoid DOE types that don't want to give helpful error - * messages to the client....er, attacker - */ -#undef KRBCONF_VAGUE_ERRORS - -/* - * Define this if you want the KDC to modify the Kerberos database; - * this allows the last request information to be updated, as well as - * the failure count information. - * - * Note that this doesn't work if you're using slave servers!!! It - * also causes the database to be modified (and thus need to be - * locked) frequently. - */ -#undef KRBCONF_KDC_MODIFIES_KDB - -/* - * Windows requires a different api interface to each function. Here - * just define it as NULL. - */ -#define INTERFACE -#define INTERFACE_C -#define FAR -#define NEAR -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -#ifndef HAS_LABS -#define labs(x) abs(x) -#endif - -#endif /* _MSDOS */ -#endif /* KRB5_CONFIG__ */ diff --git a/src/include/krb5/kdb.h b/src/include/krb5/kdb.h index 5471da6e1..8316efefc 100644 --- a/src/include/krb5/kdb.h +++ b/src/include/krb5/kdb.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/kdb_dbc.h b/src/include/krb5/kdb_dbc.h index e0bbd1b47..4165ca2a7 100644 --- a/src/include/krb5/kdb_dbc.h +++ b/src/include/krb5/kdb_dbc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/kdb_dbm.h b/src/include/krb5/kdb_dbm.h index cb652aadf..57eb53623 100644 --- a/src/include/krb5/kdb_dbm.h +++ b/src/include/krb5/kdb_dbm.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/kdb_kt.h b/src/include/krb5/kdb_kt.h index cdbda714f..3b795e482 100644 --- a/src/include/krb5/kdb_kt.h +++ b/src/include/krb5/kdb_kt.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/stock/ChangeLog b/src/include/krb5/stock/ChangeLog index bd5356337..60e3d30b7 100644 --- a/src/include/krb5/stock/ChangeLog +++ b/src/include/krb5/stock/ChangeLog @@ -1,3 +1,7 @@ +1999-09-20 Ken Raeburn + + * osconf.h (KPASSWD_PORTNAME): Define. + Tue Jan 20 23:19:53 1998 Tom Yu * osconf.h: Add DEFAULT_KPASSWD_PORT to support Cygnus chpw. diff --git a/src/include/krb5/stock/osconf.h b/src/include/krb5/stock/osconf.h index b234d995a..452d9c696 100644 --- a/src/include/krb5/stock/osconf.h +++ b/src/include/krb5/stock/osconf.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -67,6 +70,7 @@ #define KRB5_DEFAULT_SEC_PORT 750 #define DEFAULT_KPASSWD_PORT 464 +#define KPASSWD_PORTNAME "kpasswd" #define DEFAULT_KDC_PORTLIST "88,750" diff --git a/src/include/win-mac.h b/src/include/win-mac.h index d39e08b25..e2d37e00f 100644 --- a/src/include/win-mac.h +++ b/src/include/win-mac.h @@ -100,7 +100,9 @@ typedef unsigned char u_char; #endif /* KRB5_SYSTYPES__ */ #define MAXHOSTNAMELEN 512 +#ifndef MAXPATHLEN #define MAXPATHLEN 256 /* Also for Windows temp files */ +#endif #define HAVE_NETINET_IN_H #define MSDOS_FILESYSTEM diff --git a/src/kadmin/cli/ChangeLog b/src/kadmin/cli/ChangeLog index a43021458..a32feb5d1 100644 --- a/src/kadmin/cli/ChangeLog +++ b/src/kadmin/cli/ChangeLog @@ -1,3 +1,9 @@ +1999-08-18 Ken Raeburn + + * getdate.y (Convert): Check for year past 2038. + (RelativeMonth): Check for error return from Convert. + (get_date): Check for error return from RelativeMonth. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/cli/dump.c b/src/kadmin/cli/dump.c index 9a85a2e99..162e35d9c 100644 --- a/src/kadmin/cli/dump.c +++ b/src/kadmin/cli/dump.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/cli/getdate.y b/src/kadmin/cli/getdate.y index c10c6a046..321603f9f 100644 --- a/src/kadmin/cli/getdate.y +++ b/src/kadmin/cli/getdate.y @@ -125,6 +125,7 @@ static char RCS[] = #define EPOCH 1970 +#define EPOCH_END 2038 /* assumes 32 bits */ #define HOUR(x) ((time_t)(x) * 60) #define SECSPERDAY (24L * 60L * 60L) @@ -595,11 +596,12 @@ Convert(Month, Day, Year, Hours, Minutes, Seconds, Meridian, DSTmode) if (Year < 0) Year = -Year; - if (Year < 100) + if (Year < 1900) Year += 1900; DaysInMonth[1] = Year % 4 == 0 && (Year % 100 != 0 || Year % 400 == 0) ? 29 : 28; if (Year < EPOCH + || Year > EPOCH_END || Month < 1 || Month > 12 /* Lint fluff: "conversion from long may lose accuracy" */ || Day < 1 || Day > DaysInMonth[(int)--Month]) @@ -661,6 +663,7 @@ RelativeMonth(Start, RelMonth) struct tm *tm; time_t Month; time_t Year; + time_t ret; if (RelMonth == 0) return 0; @@ -668,10 +671,12 @@ RelativeMonth(Start, RelMonth) Month = 12 * tm->tm_year + tm->tm_mon + RelMonth; Year = Month / 12; Month = Month % 12 + 1; - return DSTcorrect(Start, - Convert(Month, (time_t)tm->tm_mday, Year, - (time_t)tm->tm_hour, (time_t)tm->tm_min, (time_t)tm->tm_sec, - MER24, DSTmaybe)); + ret = Convert(Month, (time_t)tm->tm_mday, Year, + (time_t)tm->tm_hour, (time_t)tm->tm_min, (time_t)tm->tm_sec, + MER24, DSTmaybe); + if (ret == -1) + return ret; + return DSTcorrect(Start, ret); } @@ -861,6 +866,7 @@ get_date(p, now) struct my_timeb ftz; time_t Start; time_t tod; + time_t delta; yyInput = p; if (now == NULL) { @@ -972,7 +978,10 @@ get_date(p, now) * thoroughness? */ Start += yyRelSeconds; - Start += RelativeMonth(Start, yyRelMonth); + delta = RelativeMonth(Start, yyRelMonth); + if (delta == (time_t) -1) + return -1; + Start += delta; /* * Now, if you specified a day of week and counter, add it in. By diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c index d8419de09..591cda469 100644 --- a/src/kadmin/cli/kadmin.c +++ b/src/kadmin/cli/kadmin.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/cli/kadmin_ct.ct b/src/kadmin/cli/kadmin_ct.ct index c1e966f78..9ecef0da7 100644 --- a/src/kadmin/cli/kadmin_ct.ct +++ b/src/kadmin/cli/kadmin_ct.ct @@ -13,7 +13,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/kadmin/cli/ss_wrapper.c b/src/kadmin/cli/ss_wrapper.c index 89e94b36b..d20737ae5 100644 --- a/src/kadmin/cli/ss_wrapper.c +++ b/src/kadmin/cli/ss_wrapper.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c index e0db37bb2..4378e310c 100644 --- a/src/kadmin/dbutil/dump.c +++ b/src/kadmin/dbutil/dump.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/dumpv4.c b/src/kadmin/dbutil/dumpv4.c index 9eb203c3a..84a505dc9 100644 --- a/src/kadmin/dbutil/dumpv4.c +++ b/src/kadmin/dbutil/dumpv4.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c index 5aa7ae11e..8cfa6e7a0 100644 --- a/src/kadmin/dbutil/kdb5_create.c +++ b/src/kadmin/dbutil/kdb5_create.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_destroy.c b/src/kadmin/dbutil/kdb5_destroy.c index c5f47ca2f..51fe7ac01 100644 --- a/src/kadmin/dbutil/kdb5_destroy.c +++ b/src/kadmin/dbutil/kdb5_destroy.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_edit.M b/src/kadmin/dbutil/kdb5_edit.M index 4281ac947..217c266b1 100644 --- a/src/kadmin/dbutil/kdb5_edit.M +++ b/src/kadmin/dbutil/kdb5_edit.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/kadmin/dbutil/kdb5_stash.c b/src/kadmin/dbutil/kdb5_stash.c index c682f3a56..419d14f66 100644 --- a/src/kadmin/dbutil/kdb5_stash.c +++ b/src/kadmin/dbutil/kdb5_stash.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index e421f15ec..92b1c2139 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_util.h b/src/kadmin/dbutil/kdb5_util.h index b580e2f6a..843b7dd99 100644 --- a/src/kadmin/dbutil/kdb5_util.h +++ b/src/kadmin/dbutil/kdb5_util.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/loadv4.c b/src/kadmin/dbutil/loadv4.c index b7df142bd..fb9c2e186 100644 --- a/src/kadmin/dbutil/loadv4.c +++ b/src/kadmin/dbutil/loadv4.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/tcl_wrapper.c b/src/kadmin/dbutil/tcl_wrapper.c index 10b860c9f..ab4f25b19 100644 --- a/src/kadmin/dbutil/tcl_wrapper.c +++ b/src/kadmin/dbutil/tcl_wrapper.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/util.c b/src/kadmin/dbutil/util.c index 5fdb7aad2..246a6cb74 100644 --- a/src/kadmin/dbutil/util.c +++ b/src/kadmin/dbutil/util.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/ktutil/ktutil.c b/src/kadmin/ktutil/ktutil.c index 0106ed758..105df1ecc 100644 --- a/src/kadmin/ktutil/ktutil.c +++ b/src/kadmin/ktutil/ktutil.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/ktutil/ktutil.h b/src/kadmin/ktutil/ktutil.h index 0f14defb7..be097226b 100644 --- a/src/kadmin/ktutil/ktutil.h +++ b/src/kadmin/ktutil/ktutil.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/ktutil/ktutil_ct.ct b/src/kadmin/ktutil/ktutil_ct.ct index 1f0269f6d..0ddb9f30d 100644 --- a/src/kadmin/ktutil/ktutil_ct.ct +++ b/src/kadmin/ktutil/ktutil_ct.ct @@ -13,7 +13,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c index 8429169f3..d1401614a 100644 --- a/src/kadmin/ktutil/ktutil_funcs.c +++ b/src/kadmin/ktutil/ktutil_funcs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/passwd/kpasswd.M b/src/kadmin/passwd/kpasswd.M index c3da8ae31..185c1f595 100644 --- a/src/kadmin/passwd/kpasswd.M +++ b/src/kadmin/passwd/kpasswd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/kadmin/v4server/unit-test/ChangeLog b/src/kadmin/v4server/unit-test/ChangeLog index 5de301820..ebc0d2e42 100644 --- a/src/kadmin/v4server/unit-test/ChangeLog +++ b/src/kadmin/v4server/unit-test/ChangeLog @@ -1,3 +1,11 @@ +1999-08-31 Ken Raeburn + + * lib/helpers.exp (unexpire): Move expiration date ahead a few + decades. + + * Makefile.in (check- check-ok): Disable tests until the tests get + updated for non-OVSEC mode, etc. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/v4server/unit-test/Makefile.in b/src/kadmin/v4server/unit-test/Makefile.in index 783c26ddf..b1f9c6346 100644 --- a/src/kadmin/v4server/unit-test/Makefile.in +++ b/src/kadmin/v4server/unit-test/Makefile.in @@ -8,13 +8,19 @@ BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) check:: check-@DO_V4_TEST@ -check-:: +# When the tests get updated, nuke this and delete "-not" from the next two. +check- check-ok:: + @echo "+++" + @echo "+++ WARNING: kadmin/v4server unit tests out of date; not run." + @echo "+++" + +check--not:: @echo "+++" @echo "+++ WARNING: kadmin/v4server unit tests not run." @echo "+++ Either Athena compatibility, tcl, runtest, or Perl is unavailable." @echo "+++" -check-ok unit-test:: unit-test-setup unit-test-body unit-test-cleanup +check-ok-not unit-test:: unit-test-setup unit-test-body unit-test-cleanup unit-test-setup:: $(ENV_SETUP) $(START_SERVERS_LOCAL) -v4files -kdcport 750 -keysalt des-cbc-crc:v4 diff --git a/src/kadmin/v4server/unit-test/lib/helpers.exp b/src/kadmin/v4server/unit-test/lib/helpers.exp index 8338d3703..a3087dc14 100644 --- a/src/kadmin/v4server/unit-test/lib/helpers.exp +++ b/src/kadmin/v4server/unit-test/lib/helpers.exp @@ -215,7 +215,7 @@ proc unexpire { name fullname } { # While we're at it, make sure they aren't expired. exp_prog "$name: kadmin.local" $kadmin_local "" 0 { "kadmin.local:" { - send "modprinc -expire \"May 6, 1999\" $fullname\n" + send "modprinc -expire \"May 6, 2029\" $fullname\n" } } { -re "Principal .* modified." { send "quit\n" } diff --git a/src/kadmin/v5passwdd/adm_conn.c b/src/kadmin/v5passwdd/adm_conn.c index 4d888782a..2a3ea585e 100644 --- a/src/kadmin/v5passwdd/adm_conn.c +++ b/src/kadmin/v5passwdd/adm_conn.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/adm_rw.c b/src/kadmin/v5passwdd/adm_rw.c index 334ad9d13..2a5e48e23 100644 --- a/src/kadmin/v5passwdd/adm_rw.c +++ b/src/kadmin/v5passwdd/adm_rw.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/kadm5_defs.h b/src/kadmin/v5passwdd/kadm5_defs.h index 67339bc15..08650bd83 100644 --- a/src/kadmin/v5passwdd/kadm5_defs.h +++ b/src/kadmin/v5passwdd/kadm5_defs.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/kpasswd.c b/src/kadmin/v5passwdd/kpasswd.c index e9785858b..f8a04ae8b 100644 --- a/src/kadmin/v5passwdd/kpasswd.c +++ b/src/kadmin/v5passwdd/kpasswd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/proto_serv.c b/src/kadmin/v5passwdd/proto_serv.c index 5978786a2..6c7e22772 100644 --- a/src/kadmin/v5passwdd/proto_serv.c +++ b/src/kadmin/v5passwdd/proto_serv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/srv_net.c b/src/kadmin/v5passwdd/srv_net.c index a16a0bffd..94a93128e 100644 --- a/src/kadmin/v5passwdd/srv_net.c +++ b/src/kadmin/v5passwdd/srv_net.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/v5passwd.M b/src/kadmin/v5passwdd/v5passwd.M index 90688a8db..bdea7784f 100644 --- a/src/kadmin/v5passwdd/v5passwd.M +++ b/src/kadmin/v5passwdd/v5passwd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog index 40d581f31..3128d5329 100644 --- a/src/kdc/ChangeLog +++ b/src/kdc/ChangeLog @@ -1,3 +1,19 @@ +1999-09-13 Tom Yu + + * do_tgs_req.c (process_tgs_req): Don't try to take the 2nd + component of a principal that doesn't have 2 components. + +1999-08-18 Tom Yu + + * kerberos_v4.c (compat_decrypt_key): Align DES3 enctypes with + current names. + (kerb_get_principal): Align DES3 enctypes with current names. + +1999-08-17 Ken Raeburn + + * kdc_util.c (select_session_keytype): If none of the requested + ktypes are NULL or single-DES, force des-cbc-crc. + 1999-06-30 Ken Raeburn * Makefile.in (CFLAGS): Define NOCACHE. diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c index 824a3af0d..43b612ad5 100644 --- a/src/kdc/dispatch.c +++ b/src/kdc/dispatch.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index 34eeb66c1..158747ee5 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c index 7faf748da..e5c6d1ac7 100644 --- a/src/kdc/do_tgs_req.c +++ b/src/kdc/do_tgs_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -167,15 +170,19 @@ tgt_again: * should do our best to find such a TGS in this db */ if (firstpass && krb5_is_tgs_principal(request->server) == TRUE) { - krb5_data *server_1 = krb5_princ_component(kdc_context, request->server, 1); - krb5_data *tgs_1 = krb5_princ_component(kdc_context, tgs_server, 1); - - if (server_1->length != tgs_1->length || - memcmp(server_1->data, tgs_1->data, tgs_1->length)) { - krb5_db_free_principal(kdc_context, &server, nprincs); - find_alternate_tgs(request, &server, &more, &nprincs); - firstpass = 0; - goto tgt_again; + if (krb5_princ_size(kdc_context, request->server) == 2) { + krb5_data *server_1 = + krb5_princ_component(kdc_context, request->server, 1); + krb5_data *tgs_1 = + krb5_princ_component(kdc_context, tgs_server, 1); + + if (server_1->length != tgs_1->length || + memcmp(server_1->data, tgs_1->data, tgs_1->length)) { + krb5_db_free_principal(kdc_context, &server, nprincs); + find_alternate_tgs(request, &server, &more, &nprincs); + firstpass = 0; + goto tgt_again; + } } } krb5_db_free_principal(kdc_context, &server, nprincs); @@ -707,6 +714,12 @@ int *nprincs; *nprincs = 0; *more = FALSE; + /* + * Call to krb5_princ_component is normally not safe but is so + * here only because find_alternate_tgs() is only called from + * somewhere that has already checked the number of components in + * the principal. + */ if ((retval = krb5_walk_realm_tree(kdc_context, krb5_princ_realm(kdc_context, request->server), krb5_princ_component(kdc_context, request->server, 1), diff --git a/src/kdc/extern.c b/src/kdc/extern.c index c3f92ac07..1c636e03e 100644 --- a/src/kdc/extern.c +++ b/src/kdc/extern.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/extern.h b/src/kdc/extern.h index c31e5c70e..3757672c0 100644 --- a/src/kdc/extern.h +++ b/src/kdc/extern.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/kdc5_err.et b/src/kdc/kdc5_err.et index ab3feb10c..9d0ce877c 100644 --- a/src/kdc/kdc5_err.et +++ b/src/kdc/kdc5_err.et @@ -15,7 +15,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index d1b1b3637..b1d56144e 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 51d4d7807..30f7338c3 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -1389,15 +1392,39 @@ select_session_keytype(context, server, nktypes, ktype) krb5_enctype *ktype; { int i; + krb5_enctype dfl = 0; for (i = 0; i < nktypes; i++) { if (!valid_enctype(ktype[i])) continue; - if (dbentry_supports_enctype(context, server, ktype[i])) - return (ktype[i]); + if (dbentry_supports_enctype(context, server, ktype[i])) { + switch (ktype[i]) { + case ENCTYPE_NULL: + case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES_CBC_MD4: + case ENCTYPE_DES_CBC_MD5: + case ENCTYPE_DES_CBC_RAW: + case ENCTYPE_DES_HMAC_SHA1: + return ktype[i]; + + default: + /* For now, too much of our code supports only + single-DES. For example, the GSSAPI Kerberos + mechanism needs to be modified. If someone tries + using other key types, force single-DES for the + session key. + + This weird way of setting it here is so that a + requested single-DES enctype listed after DES3 can + be used, and this fallback enctype will be used + only if *no* single-DES enctypes were requested. */ + dfl = ENCTYPE_DES_CBC_CRC; + break; + } + } } - return 0; + return dfl; } /* diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h index 6e8789239..d985708cf 100644 --- a/src/kdc/kdc_util.h +++ b/src/kdc/kdc_util.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index 4dbd4252c..1dc50a9d5 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -384,7 +387,7 @@ compat_decrypt_key (in5, out4, out5, issrv) retval = -1; } else { /* KLUDGE! If it's a non-raw des3 key, bash its enctype */ - if (out5->enctype == ENCTYPE_DES3_HMAC_SHA1 || + if (out5->enctype == ENCTYPE_DES3_CBC_SHA1 || out5->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1) out5->enctype = ENCTYPE_DES3_CBC_RAW; } @@ -486,7 +489,7 @@ kerb_get_principal(name, inst, principal, maxn, more, k5key, kvno, issrv) ENCTYPE_LOCAL_DES3_HMAC_SHA1, -1, kvno, &pkey) && krb5_dbe_find_enctype(kdc_context, &entries, - ENCTYPE_DES3_HMAC_SHA1, + ENCTYPE_DES3_CBC_SHA1, -1, kvno, &pkey) && krb5_dbe_find_enctype(kdc_context, &entries, ENCTYPE_DES_CBC_CRC, diff --git a/src/kdc/krb5kdc.M b/src/kdc/krb5kdc.M index 5402f5d29..700d6537a 100644 --- a/src/kdc/krb5kdc.M +++ b/src/kdc/krb5kdc.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/kdc/main.c b/src/kdc/main.c index 78b0a9949..66fb3c571 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/network.c b/src/kdc/network.c index edc172dff..3ff47e0f0 100644 --- a/src/kdc/network.c +++ b/src/kdc/network.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/policy.c b/src/kdc/policy.c index 236224ae0..60e7ffea5 100644 --- a/src/kdc/policy.c +++ b/src/kdc/policy.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/policy.h b/src/kdc/policy.h index dd359c96f..ce2c31c78 100644 --- a/src/kdc/policy.h +++ b/src/kdc/policy.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/replay.c b/src/kdc/replay.c index c3ff2a969..edc7ad68e 100644 --- a/src/kdc/replay.c +++ b/src/kdc/replay.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/rtest.c b/src/kdc/rtest.c index 6bb191a43..e5f1d896a 100644 --- a/src/kdc/rtest.c +++ b/src/kdc/rtest.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/rtscript b/src/kdc/rtscript index 3a98ea3ae..8803e3325 100644 --- a/src/kdc/rtscript +++ b/src/kdc/rtscript @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/krb524/ChangeLog b/src/krb524/ChangeLog index 878955552..a080b7831 100644 --- a/src/krb524/ChangeLog +++ b/src/krb524/ChangeLog @@ -1,3 +1,11 @@ +1999-08-18 Tom Yu + + * krb524d.c (do_connection): Convert to using new symbol for + DES3. + + * cnv_tkt_skey.c (krb524_convert_tkt_skey): Convert to using new + symbol for DES3. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/krb524/cnv_tkt_skey.c b/src/krb524/cnv_tkt_skey.c index 4c51b6777..fc25246cd 100644 --- a/src/krb524/cnv_tkt_skey.c +++ b/src/krb524/cnv_tkt_skey.c @@ -170,7 +170,7 @@ int krb524_convert_tkt_skey(context, v5tkt, v4tkt, v5_skey, v4_skey, v4_skey->contents); } else { /* Force enctype to be raw if using DES3. */ - if (v4_skey->enctype == ENCTYPE_DES3_HMAC_SHA1 || + if (v4_skey->enctype == ENCTYPE_DES3_CBC_SHA1 || v4_skey->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1) v4_skey->enctype = ENCTYPE_DES3_CBC_RAW; ret = krb_cr_tkt_krb5(v4tkt, diff --git a/src/krb524/krb524d.c b/src/krb524/krb524d.c index 1afeec2dc..cad0e3160 100644 --- a/src/krb524/krb524d.c +++ b/src/krb524/krb524d.c @@ -307,7 +307,7 @@ krb5_error_code do_connection(s, context) 0, &v4_service_key, &v4kvno)) && (ret = lookup_service_key(context, v5tkt->server, - ENCTYPE_DES3_HMAC_SHA1, + ENCTYPE_DES3_CBC_SHA1, 0, &v4_service_key, &v4kvno)) && (ret = lookup_service_key(context, v5tkt->server, diff --git a/src/krb524/sendmsg.c b/src/krb524/sendmsg.c index bd22c6635..77e8f3bf7 100644 --- a/src/krb524/sendmsg.c +++ b/src/krb524/sendmsg.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/ChangeLog b/src/lib/ChangeLog index b8498cad6..3ed493326 100644 --- a/src/lib/ChangeLog +++ b/src/lib/ChangeLog @@ -1,3 +1,18 @@ +1999-09-09 Danilo Almeida + + * winsock.def, comerr16.def, gssapi16.def, krb4_16.def, + krb5_16.def, sapgss16.def, sapkrb16.def, xpprof16.def: Remove + obsolete DEF files. + +1999-09-08 Danilo Almeida + + * Makefile.in: Remove dependence of mit directory for version + server support. Remove references to SAP. Remove DNS defines. + +1999-08-26 Danilo Almeida + + * krb5_32.def: Export krb5_kuserok. + 1999-07-22 Jeffrey Altman * krb5_32.def diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in index 8f053e4d1..bbef0473b 100644 --- a/src/lib/Makefile.in +++ b/src/lib/Makefile.in @@ -6,7 +6,6 @@ BUILDTOP=$(REL)$(U) CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = .. -##DOS##VERS_DIR = \vers MAC_SUBDIRS = crypto krb5 gssapi @@ -27,14 +26,16 @@ clean-windows:: # Windows stuff to make krb5 and gssapi DLLs. -##DOS##VERLIBS=$(BUILDTOP)\mit\windows\lib\$(CPU)\vsnt.lib -##DOS##!if defined(KRB5_USE_DNS) -##DOS##DNSLIBS= $(BUILDTOP)\mit\windows\lib\$(CPU)\wshelp32.lib -##DOS##!else -##DOS##DNSLIBS= -##DOS##!endif -##MIT##MITLIBS= $(VERLIBS) $(DNSLIBS) -##MIT##MITFLAGS=-I$(BUILDTOP)\mit\windows\include /DVERSERV=1 +##MIT##!if !defined(VS_INC) +##MIT##!message Must define VS_INC to point to version server include dir! +##MIT##!error +##MIT##!endif +##MIT##!if !defined(VS_LIB) +##MIT##!message Must define VS_LIB to point to version server library! +##MIT##!error +##MIT##!endif +##MIT##MITLIBS=$(VS_LIB) +##MIT##MITFLAGS=-I$(VS_INC) /DVERSERV=1 CLIBS = $(BUILDTOP)\util\et\$(OUTPRE)comerr.lib PLIBS = $(BUILDTOP)\util\profile\$(OUTPRE)profile.lib @@ -50,15 +51,6 @@ KDEF = krb5_32.def GDEF = gssapi32.def K4DEF = krb4_32.def -# -# The following kludge is for MIT's SAP/Version server hack -# - -SGDEF = gssapi32.def -SKDEF = krb5_32.def -SGLIB = $(OUTPRE)sapgss32.lib -SKLIB = $(OUTPRE)sapkrb32.lib - KRB5RC = krb5.rc VERSIONRC = $(BUILDTOP)\windows\version.rc @@ -70,14 +62,12 @@ NO_GLUE=$(OUTPRE)no_glue.obj K5_GLUE=$(OUTPRE)k5_glue.obj K4_GLUE=$(OUTPRE)k4_glue.obj GSS_GLUE=$(OUTPRE)gss_glue.obj -SAP_GLUE=$(OUTPRE)sap_glue.obj CGLUE=$(NO_GLUE) PGLUE=$(NO_GLUE) KGLUE=$(K5_GLUE) GGLUE=$(GSS_GLUE) K4GLUE=$(K4_GLUE) -SKGLUE=$(SAP_GLUE) RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY @@ -86,8 +76,6 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32##KRES=$(KLIB:.lib=.res) ##WIN32##GRES=$(GLIB:.lib=.res) ##WIN32##K4RES=$(K4LIB:.lib=.res) -##WIN32##SKRES=$(SKLIB:.lib=.res) -##WIN32##SGRES=$(SGLIB:.lib=.res) ##WIN32##$(CRES): $(VERSIONRC) ##WIN32## $(RC) $(RCFLAGS) -DCE_LIB -fo $@ -r $** @@ -99,10 +87,6 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32## $(RC) $(RCFLAGS) -DKRB4_LIB -fo $@ -r $** ##WIN32##$(GRES): $(VERSIONRC) ##WIN32## $(RC) $(RCFLAGS) -DGSSAPI_LIB -fo $@ -r $** -##WIN32##$(SKRES): $(KRB5RC) -##WIN32## $(RC) $(RCFLAGS) -DSAPKRB_LIB -fo $@ -r $** -##WIN32##$(SGRES): $(VERSIONRC) -##WIN32## $(RC) $(RCFLAGS) -DSAPGSS_LIB -fo $@ -r $** ##WIN32##$(KRB5RC): $(VERSIONRC) ##WIN32##$(CLIB): $(CDEF) $(CLIBS) $(CGLUE) $(CRES) @@ -113,9 +97,9 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32## link $(WINDLLFLAGS) -def:$(PDEF) -out:$*.dll \ ##WIN32## $(PLIBS) $(PGLUE) $(PRES) $(CLIB) $(WINLIBS) -##WIN32##$(KLIB): $(KDEF) $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) +##WIN32##$(KLIB): $(KDEF) $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) $(DNSLIBS) ##WIN32## link $(WINDLLFLAGS) -def:$(KDEF) -out:$*.dll \ -##WIN32## $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) $(WINLIBS) +##WIN32## $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) $(DNSLIBS) $(WINLIBS) ##WIN32##$(GLIB): $(GDEF) $(GLIBS) $(GGLUE) $(GRES) $(KLIB) $(CLIB) ##WIN32## link $(WINDLLFLAGS) -def:$(GDEF) -out:$*.dll \ @@ -125,20 +109,8 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32## link $(WINDLLFLAGS) -def:$(K4DEF) -out:$*.dll \ ##WIN32## $(K4LIBS) $(K4GLUE) $(K4RES) $(KLIB) $(CLIB) $(PLIB) $(WINLIBS) -##WIN32##$(SKLIB): $(KDEF) $(KLIBS) $(SKGLUE) $(SKRES) $(CLIB) $(MITLIBS) -##WIN32## link $(WINDLLFLAGS) -def:$(KDEF) -out:$*.dll \ -##WIN32## $(KLIBS) $(SKGLUE) $(SKRES) $(CLIB) $(MITLIBS) $(WINLIBS) - -##WIN32##$(SGLIB): $(GDEF) $(GLIBS) $(GGLUE) $(SGRES) $(SKLIB) $(CLIB) $(MITLIBS) -##WIN32## link $(WINDLLFLAGS) -def:$(GDEF) -out:$*.dll \ -##WIN32## $(GLIBS) $(GGLUE) $(SGRES) $(SKLIB) $(CLIB) $(MITLIBS) $(WINLIBS) - -##MIT##lib-windows:: $(SKLIB) $(SGLIB) - $(K5_GLUE): win_glue.c $(CC) $(CFLAGS) $(MITFLAGS) /c /DKRB5=1 /Fo$@ $** -$(SAP_GLUE): win_glue.c - $(CC) $(CFLAGS) $(MITFLAGS) /DSAP_VERSERV=1 /DKRB5=1 /c /Fo$@ $** $(K4_GLUE): win_glue.c $(CC) $(CFLAGS) /c /DKRB4=1 /Fo$@ $** $(GSS_GLUE): win_glue.c diff --git a/src/lib/comerr16.def b/src/lib/comerr16.def deleted file mode 100644 index c85c4bcc7..000000000 --- a/src/lib/comerr16.def +++ /dev/null @@ -1,16 +0,0 @@ -LIBRARY COMERR16 -DESCRIPTION 'DLL for ComErr' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - _com_err - com_err_va - error_message - add_error_table - remove_error_table diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index 7d4cf47d6..2959956e8 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,3 +1,18 @@ +1999-08-26 Tom Yu + + * etypes.c: Add aliases "des" for "des-cbc-md5", "des3-hmac-sha1" + and "des3-cbc-sha1-kd" for "des3-cbc-sha1". + + * cksumtypes.c: Add alias "hmac-sha1-des3-kd". + +1999-08-18 Tom Yu + + * etypes.c: Update des3-cbc-sha1 to alignt with new number + assignments. + + * cksumtypes.c: Update hmac-sha1-des3 to align with new number + assignments. + Tue May 18 19:52:56 1999 Danilo Almeida * Makefile.in: Remove - from recursive Win32 make invocation. diff --git a/src/lib/crypto/cksumtypes.c b/src/lib/crypto/cksumtypes.c index 8107d3b8f..8f3d21175 100644 --- a/src/lib/crypto/cksumtypes.c +++ b/src/lib/crypto/cksumtypes.c @@ -63,8 +63,12 @@ struct krb5_cksumtypes krb5_cksumtypes_list[] = { 0, NULL, &krb5_hash_sha1 }, - { CKSUMTYPE_HMAC_SHA1, KRB5_CKSUMFLAG_DERIVE, - "hmac-sha1", "HMAC-SHA1", + { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE, + "hmac-sha1-des3", "HMAC-SHA1 DES3 key", + 0, NULL, + &krb5_hash_sha1 }, + { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE, + "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key", /* alias */ 0, NULL, &krb5_hash_sha1 }, }; diff --git a/src/lib/crypto/crc32/crc-32.h b/src/lib/crypto/crc32/crc-32.h index 1b05b9ac6..e366d6970 100644 --- a/src/lib/crypto/crc32/crc-32.h +++ b/src/lib/crypto/crc32/crc-32.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/crc32/crc.c b/src/lib/crypto/crc32/crc.c index 60afb3f4a..313076f92 100644 --- a/src/lib/crypto/crc32/crc.c +++ b/src/lib/crypto/crc32/crc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/crc32/crc32.c b/src/lib/crypto/crc32/crc32.c index 654981fc9..9b2bc4f6a 100644 --- a/src/lib/crypto/crc32/crc32.c +++ b/src/lib/crypto/crc32/crc32.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/crc32/crctest.c b/src/lib/crypto/crc32/crctest.c index 5f4fbd8c0..2f9265a48 100644 --- a/src/lib/crypto/crc32/crctest.c +++ b/src/lib/crypto/crc32/crctest.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/des_int.h b/src/lib/crypto/des/des_int.h index 0f8190861..de8f2a480 100644 --- a/src/lib/crypto/des/des_int.h +++ b/src/lib/crypto/des/des_int.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/destest.c b/src/lib/crypto/des/destest.c index bf442e869..1decbe80a 100644 --- a/src/lib/crypto/des/destest.c +++ b/src/lib/crypto/des/destest.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/key_sched.c b/src/lib/crypto/des/key_sched.c index 651af88ef..c84451dbc 100644 --- a/src/lib/crypto/des/key_sched.c +++ b/src/lib/crypto/des/key_sched.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/string2key.c b/src/lib/crypto/des/string2key.c index 79b7c9cbd..5381fdbc9 100644 --- a/src/lib/crypto/des/string2key.c +++ b/src/lib/crypto/des/string2key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/crypto/des/t_verify.c b/src/lib/crypto/des/t_verify.c index e8a7dc0ee..01b9f7c40 100644 --- a/src/lib/crypto/des/t_verify.c +++ b/src/lib/crypto/des/t_verify.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/weak_key.c b/src/lib/crypto/des/weak_key.c index bc6b20264..a64b2f5ad 100644 --- a/src/lib/crypto/des/weak_key.c +++ b/src/lib/crypto/des/weak_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/etypes.c b/src/lib/crypto/etypes.c index 4d16aa96a..fe4b71033 100644 --- a/src/lib/crypto/etypes.c +++ b/src/lib/crypto/etypes.c @@ -54,6 +54,11 @@ struct krb5_keytypes krb5_enctypes_list[] = { &krb5_enc_des, &krb5_hash_md5, krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt, krb5_des_string_to_key }, + { ENCTYPE_DES_CBC_MD5, + "des", "DES cbc mode with RSA-MD5", /* alias */ + &krb5_enc_des, &krb5_hash_md5, + krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt, + krb5_des_string_to_key }, { ENCTYPE_DES_CBC_RAW, "des-cbc-raw", "DES cbc mode raw", @@ -66,17 +71,32 @@ struct krb5_keytypes krb5_enctypes_list[] = { krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt, krb5_dk_string_to_key }, - { ENCTYPE_DES3_HMAC_SHA1, - "des3-hmac-sha1", "Triple DES with HMAC/sha1", + { ENCTYPE_DES3_CBC_SHA1, + "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1", &krb5_enc_des3, &krb5_hash_sha1, krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, krb5_dk_string_to_key }, + { ENCTYPE_DES3_CBC_SHA1, /* alias */ + "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1", + &krb5_enc_des3, &krb5_hash_sha1, + krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, + krb5_dk_string_to_key }, + { ENCTYPE_DES3_CBC_SHA1, /* alias */ + "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1", + &krb5_enc_des3, &krb5_hash_sha1, + krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, + krb5_dk_string_to_key }, + { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1", "DES with HMAC/sha1", &krb5_enc_des, &krb5_hash_sha1, krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, krb5_dk_string_to_key }, #ifdef ATHENA_DES3_KLUDGE + /* + * If you are using this, you're almost certainly doing the + * Wrong Thing. + */ { ENCTYPE_LOCAL_DES3_HMAC_SHA1, "des3-marc-hmac-sha1", "Triple DES with HMAC/sha1 and 32-bit length code", diff --git a/src/lib/crypto/keyhash_provider/t_cksum.c b/src/lib/crypto/keyhash_provider/t_cksum.c index c9eecc7ca..b15310349 100644 --- a/src/lib/crypto/keyhash_provider/t_cksum.c +++ b/src/lib/crypto/keyhash_provider/t_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/md4/rsa-md4.h b/src/lib/crypto/md4/rsa-md4.h index 5ab4151c9..0970dcbae 100644 --- a/src/lib/crypto/md4/rsa-md4.h +++ b/src/lib/crypto/md4/rsa-md4.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/md5/t_cksum.c b/src/lib/crypto/md5/t_cksum.c index 5bc63709d..17ecd51d7 100644 --- a/src/lib/crypto/md5/t_cksum.c +++ b/src/lib/crypto/md5/t_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/old/ChangeLog b/src/lib/crypto/old/ChangeLog index c3368c68d..440f77ce2 100644 --- a/src/lib/crypto/old/ChangeLog +++ b/src/lib/crypto/old/ChangeLog @@ -1,3 +1,9 @@ +1999-08-25 Ken Raeburn + + * old_decrypt.c (memmove) [HAVE_BCOPY && !HAVE_MEMMOVE]: Define to + use bcopy. Should work unless any system has no memmove *and* + bcopy isn't safe with overlaps. + Mon May 10 15:20:32 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/old/old_decrypt.c b/src/lib/crypto/old/old_decrypt.c index 26019e164..2d22648e2 100644 --- a/src/lib/crypto/old/old_decrypt.c +++ b/src/lib/crypto/old/old_decrypt.c @@ -27,6 +27,12 @@ #include "k5-int.h" #include "old.h" +#ifndef HAVE_MEMMOVE +#ifdef HAVE_BCOPY +#define memmove(dst,src,size) bcopy(src,dst,size) +#endif +#endif + krb5_error_code krb5_old_decrypt(enc, hash, key, usage, ivec, input, arg_output) krb5_const struct krb5_enc_provider *enc; diff --git a/src/lib/crypto/t_nfold.c b/src/lib/crypto/t_nfold.c index 2693318e1..ec59b1a13 100644 --- a/src/lib/crypto/t_nfold.c +++ b/src/lib/crypto/t_nfold.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/cksum.c b/src/lib/des425/cksum.c index abd48c3a2..b53dbfcd5 100644 --- a/src/lib/des425/cksum.c +++ b/src/lib/des425/cksum.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/des.c b/src/lib/des425/des.c index b5db9dd6d..7a4520d6f 100644 --- a/src/lib/des425/des.c +++ b/src/lib/des425/des.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/des.h b/src/lib/des425/des.h index f9f651247..da91b996c 100644 --- a/src/lib/des425/des.h +++ b/src/lib/des425/des.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/enc_dec.c b/src/lib/des425/enc_dec.c index f0225cbf2..7a6be15b4 100644 --- a/src/lib/des425/enc_dec.c +++ b/src/lib/des425/enc_dec.c @@ -28,7 +28,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/k4_glue.c b/src/lib/des425/k4_glue.c index 0087306e1..cab18910b 100644 --- a/src/lib/des425/k4_glue.c +++ b/src/lib/des425/k4_glue.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/key_parity.c b/src/lib/des425/key_parity.c index 4bb593425..6a3cae8dc 100644 --- a/src/lib/des425/key_parity.c +++ b/src/lib/des425/key_parity.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/key_sched.c b/src/lib/des425/key_sched.c index cb4ecee96..6f9e24b10 100644 --- a/src/lib/des425/key_sched.c +++ b/src/lib/des425/key_sched.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/new_rnd_key.c b/src/lib/des425/new_rnd_key.c index 4dd2e4be7..2e42719b2 100644 --- a/src/lib/des425/new_rnd_key.c +++ b/src/lib/des425/new_rnd_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/quad_cksum.c b/src/lib/des425/quad_cksum.c index 73e2af2b7..4ae542ff5 100644 --- a/src/lib/des425/quad_cksum.c +++ b/src/lib/des425/quad_cksum.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/random_key.c b/src/lib/des425/random_key.c index fde324dec..5fb92b779 100644 --- a/src/lib/des425/random_key.c +++ b/src/lib/des425/random_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/read_passwd.c b/src/lib/des425/read_passwd.c index bb3c2465c..e9e58bcc9 100644 --- a/src/lib/des425/read_passwd.c +++ b/src/lib/des425/read_passwd.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/str_to_key.c b/src/lib/des425/str_to_key.c index 3a2dcdcb6..44fb143dc 100644 --- a/src/lib/des425/str_to_key.c +++ b/src/lib/des425/str_to_key.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/string2key.c b/src/lib/des425/string2key.c index 58ed9a3cd..c8efbce25 100644 --- a/src/lib/des425/string2key.c +++ b/src/lib/des425/string2key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/verify.c b/src/lib/des425/verify.c index 7be470d21..bff3c47da 100644 --- a/src/lib/des425/verify.c +++ b/src/lib/des425/verify.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/weak_key.c b/src/lib/des425/weak_key.c index 49f31bd14..948451db5 100644 --- a/src/lib/des425/weak_key.c +++ b/src/lib/des425/weak_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/generic/oid_ops.c b/src/lib/gssapi/generic/oid_ops.c index 0e8934393..477e07163 100644 --- a/src/lib/gssapi/generic/oid_ops.c +++ b/src/lib/gssapi/generic/oid_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/generic/utl_nohash_validate.c b/src/lib/gssapi/generic/utl_nohash_validate.c index ecd2c1354..1ed2008a5 100644 --- a/src/lib/gssapi/generic/utl_nohash_validate.c +++ b/src/lib/gssapi/generic/utl_nohash_validate.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index a6b5a11f1..23730e8c7 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,11 @@ +1999-08-27 Tom Yu + + * accept_sec_context.c (krb5_gss_accept_sec_context): Disable + krb5-mech2 stuff for now. + + * init_sec_context.c (make_ap_req_v2): Disable krb5-mech2 stuff + for now. + Wed May 19 13:21:55 1999 Danilo Almeida * Makefile.in: Improve rule to create gssapi include dir under diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 0ac945c45..4c037e490 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -49,6 +49,7 @@ #include "k5-int.h" #include "gssapiP_krb5.h" #include +#include /* * $Id$ @@ -769,101 +770,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle, ctx->established = 1; if (ctx->gsskrb5_version == 2000) { - krb5_ui_4 tok_flags; - - tok_flags = - (ctx->gss_flags & GSS_C_DELEG_FLAG)?KG2_RESP_FLAG_DELEG_OK:0; - - cksumdata.length = 8 + 4*ctx->nctypes + 4; - - if ((cksumdata.data = (char *) malloc(cksumdata.length)) == NULL) { - code = ENOMEM; - major_status = GSS_S_FAILURE; - goto fail; - } - - /* construct the token fields */ - - ptr = cksumdata.data; - - ptr[0] = (KG2_TOK_RESPONSE >> 8) & 0xff; - ptr[1] = KG2_TOK_RESPONSE & 0xff; - - ptr[2] = (tok_flags >> 24) & 0xff; - ptr[3] = (tok_flags >> 16) & 0xff; - ptr[4] = (tok_flags >> 8) & 0xff; - ptr[5] = tok_flags & 0xff; - - ptr[6] = (ctx->nctypes >> 8) & 0xff; - ptr[7] = ctx->nctypes & 0xff; - - ptr += 8; - - for (i=0; inctypes; i++) { - ptr[i] = (ctx->ctypes[i] >> 24) & 0xff; - ptr[i+1] = (ctx->ctypes[i] >> 16) & 0xff; - ptr[i+2] = (ctx->ctypes[i] >> 8) & 0xff; - ptr[i+3] = ctx->ctypes[i] & 0xff; - - ptr += 4; - } - - memset(ptr, 0, 4); - - /* make the MIC token */ - - { - gss_buffer_desc text, token; - - text.length = cksumdata.length; - text.value = cksumdata.data; - - /* ctx->seq_send must be set before this call */ - - if (GSS_ERROR(major_status = - krb5_gss_get_mic(&code, ctx, - GSS_C_QOP_DEFAULT, - &text, &token))) - goto fail; - - mic.length = token.length; - mic.data = token.value; - } - - token.length = g_token_size((gss_OID) mech_used, - (cksumdata.length-2)+4+ap_rep.length+ - mic.length); - - if ((token.value = (unsigned char *) xmalloc(token.length)) - == NULL) { - code = ENOMEM; - major_status = GSS_S_FAILURE; - goto fail; - } - ptr = token.value; - g_make_token_header((gss_OID) mech_used, - (cksumdata.length-2)+4+ap_rep.length+mic.length, - &ptr, KG2_TOK_RESPONSE); - - memcpy(ptr, cksumdata.data+2, cksumdata.length-2); - ptr += cksumdata.length-2; - - ptr[0] = (ap_rep.length >> 8) & 0xff; - ptr[1] = ap_rep.length & 0xff; - memcpy(ptr+2, ap_rep.data, ap_rep.length); - - ptr += (2+ap_rep.length); - - ptr[0] = (mic.length >> 8) & 0xff; - ptr[1] = mic.length & 0xff; - memcpy(ptr+2, mic.data, mic.length); - - ptr += (2+mic.length); - - free(cksumdata.data); - cksumdata.data = 0; - - /* gss krb5 v2 */ + int krb5_mech2_supported = 0; + assert(krb5_mech2_supported); } else { /* gss krb5 v1 */ diff --git a/src/lib/gssapi/krb5/canon_name.c b/src/lib/gssapi/krb5/canon_name.c index 688366e1f..169fe6b58 100644 --- a/src/lib/gssapi/krb5/canon_name.c +++ b/src/lib/gssapi/krb5/canon_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/duplicate_name.c b/src/lib/gssapi/krb5/duplicate_name.c index 93e950345..3b8506cb0 100644 --- a/src/lib/gssapi/krb5/duplicate_name.c +++ b/src/lib/gssapi/krb5/duplicate_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/export_name.c b/src/lib/gssapi/krb5/export_name.c index 23cb080e0..5671e5e9a 100644 --- a/src/lib/gssapi/krb5/export_name.c +++ b/src/lib/gssapi/krb5/export_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/export_sec_context.c b/src/lib/gssapi/krb5/export_sec_context.c index 07a7659ee..fc4b0ace2 100644 --- a/src/lib/gssapi/krb5/export_sec_context.c +++ b/src/lib/gssapi/krb5/export_sec_context.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/import_sec_context.c b/src/lib/gssapi/krb5/import_sec_context.c index 141736b9b..fd5415a56 100644 --- a/src/lib/gssapi/krb5/import_sec_context.c +++ b/src/lib/gssapi/krb5/import_sec_context.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index fb11cf5a2..878c8abd7 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -49,6 +49,7 @@ #include "gssapiP_krb5.h" #include #include +#include /* * $Id$ @@ -117,196 +118,8 @@ make_ap_req_v2(context, ctx, cred, k_cred, chan_bindings, mech_type, token) gss_OID mech_type; gss_buffer_t token; { - krb5_flags mk_req_flags = 0; - krb5_int32 con_flags; - krb5_error_code code; - krb5_data credmsg, cksumdata, ap_req; - int i, tlen, cblen, nctypes; - krb5_cksumtype *ctypes; - unsigned char *t, *ptr; - - credmsg.data = 0; - cksumdata.data = 0; - ap_req.data = 0; - ctypes = 0; - - /* create the option data if necessary */ - if (ctx->gss_flags & GSS_C_DELEG_FLAG) { - /* first get KRB_CRED message, so we know its length */ - - /* clear the time check flag that was set in krb5_auth_con_init() */ - krb5_auth_con_getflags(context, ctx->auth_context, &con_flags); - krb5_auth_con_setflags(context, ctx->auth_context, - con_flags & ~KRB5_AUTH_CONTEXT_DO_TIME); - - code = krb5_fwd_tgt_creds(context, ctx->auth_context, 0, - cred->princ, ctx->there, cred->ccache, 1, - &credmsg); - - /* turn KRB5_AUTH_CONTEXT_DO_TIME back on */ - krb5_auth_con_setflags(context, ctx->auth_context, con_flags); - - if (code) { - /* don't fail here; just don't accept/do the delegation - request */ - ctx->gss_flags &= ~GSS_C_DELEG_FLAG; - } else { - if (credmsg.length > KRB5_INT16_MAX) { - krb5_free_data_contents(context, &credmsg); - return(KRB5KRB_ERR_FIELD_TOOLONG); - } - } - } else { - credmsg.length = 0; - } - - /* construct the list of compatible cksum types */ - - if ((code = krb5_c_keyed_checksum_types(context, - k_cred->keyblock.enctype, - &nctypes, &ctypes))) - goto cleanup; - - if (nctypes == 0) { - code = KRB5_CRYPTO_INTERNAL; - goto cleanup; - } - - /* construct the checksum fields */ - - cblen = 4*5; - if (chan_bindings) - cblen += (chan_bindings->initiator_address.length+ - chan_bindings->acceptor_address.length+ - chan_bindings->application_data.length); - - cksumdata.length = cblen + 8 + 4*nctypes + 4; - if (credmsg.length) - cksumdata.length += 4 + credmsg.length; - - if ((cksumdata.data = (char *) malloc(cksumdata.length)) == NULL) - goto cleanup; - - /* helper macros. This code currently depends on a long being 32 - bits, and htonl dtrt. */ - - ptr = cksumdata.data; - - if (chan_bindings) { - TWRITE_INT(ptr, chan_bindings->initiator_addrtype, 1); - TWRITE_BUF(ptr, chan_bindings->initiator_address, 1); - TWRITE_INT(ptr, chan_bindings->acceptor_addrtype, 1); - TWRITE_BUF(ptr, chan_bindings->acceptor_address, 1); - TWRITE_BUF(ptr, chan_bindings->application_data, 1); - } else { - memset(ptr, 0, cblen); - ptr += cblen; - } - - /* construct the token fields */ - - ptr[0] = (KG2_TOK_INITIAL >> 8) & 0xff; - ptr[1] = KG2_TOK_INITIAL & 0xff; - - ptr[2] = (ctx->gss_flags >> 24) & 0xff; - ptr[3] = (ctx->gss_flags >> 16) & 0xff; - ptr[4] = (ctx->gss_flags >> 8) & 0xff; - ptr[5] = ctx->gss_flags & 0xff; - - ptr[6] = (nctypes >> 8) & 0xff; - ptr[7] = nctypes & 0xff; - - ptr += 8; - - for (i=0; i> 24) & 0xff; - ptr[1] = (ctypes[i] >> 16) & 0xff; - ptr[2] = (ctypes[i] >> 8) & 0xff; - ptr[3] = ctypes[i] & 0xff; - - ptr += 4; - } - - if (credmsg.length) { - ptr[0] = (KRB5_GSS_FOR_CREDS_OPTION >> 8) & 0xff; - ptr[1] = KRB5_GSS_FOR_CREDS_OPTION & 0xff; - - ptr[2] = (credmsg.length >> 8) & 0xff; - ptr[3] = credmsg.length & 0xff; - - ptr += 4; - - memcpy(ptr, credmsg.data, credmsg.length); - - ptr += credmsg.length; - } - - memset(ptr, 0, 4); - - /* call mk_req. subkey and ap_req need to be used or destroyed */ - - mk_req_flags = AP_OPTS_USE_SUBKEY; - - if (ctx->gss_flags & GSS_C_MUTUAL_FLAG) - mk_req_flags |= AP_OPTS_MUTUAL_REQUIRED; - - if ((code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags, - &cksumdata, k_cred, &ap_req))) - goto cleanup; - - /* store the interesting stuff from creds and authent */ - ctx->endtime = k_cred->times.endtime; - ctx->krb_flags = k_cred->ticket_flags; - - /* build up the token */ - - /* allocate space for the token */ - tlen = g_token_size((gss_OID) mech_type, - (cksumdata.length-(2+cblen))+2+ap_req.length); - - if ((t = (unsigned char *) xmalloc(tlen)) == NULL) { - code = ENOMEM; - goto cleanup; - } - - ptr = t; - - g_make_token_header((gss_OID) mech_type, - (cksumdata.length-(2+cblen))+2+ap_req.length, - &ptr, KG2_TOK_INITIAL); - - /* skip over the channel bindings and the token id */ - memcpy(ptr, cksumdata.data+cblen+2, cksumdata.length-(cblen+2)); - ptr += cksumdata.length-(cblen+2); - ptr[0] = (ap_req.length >> 8) & 0xff; - ptr[1] = ap_req.length & 0xff; - ptr += 2; - memcpy(ptr, ap_req.data, ap_req.length); - - /* pass allocated data back */ - - ctx->nctypes = nctypes; - ctx->ctypes = ctypes; - - token->length = tlen; - token->value = (void *) t; - - code = 0; - -cleanup: - if (code) { - if (ctypes) - krb5_free_cksumtypes(context, ctypes); - } - - if (credmsg.data) - free(credmsg.data); - if (ap_req.data) - free(ap_req.data); - if (cksumdata.data) - free(cksumdata.data); - - return(code); + int krb5_mech2_supported = 0; + assert(krb5_mech2_supported); } static krb5_error_code diff --git a/src/lib/gssapi/krb5/inq_names.c b/src/lib/gssapi/krb5/inq_names.c index 01a199430..ba95a3bc1 100644 --- a/src/lib/gssapi/krb5/inq_names.c +++ b/src/lib/gssapi/krb5/inq_names.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/rel_oid.c b/src/lib/gssapi/krb5/rel_oid.c index afb2171b8..066daf414 100644 --- a/src/lib/gssapi/krb5/rel_oid.c +++ b/src/lib/gssapi/krb5/rel_oid.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/ser_sctx.c b/src/lib/gssapi/krb5/ser_sctx.c index 36a16d426..2a6231ee7 100644 --- a/src/lib/gssapi/krb5/ser_sctx.c +++ b/src/lib/gssapi/krb5/ser_sctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/val_cred.c b/src/lib/gssapi/krb5/val_cred.c index 785fe90be..aea1765bc 100644 --- a/src/lib/gssapi/krb5/val_cred.c +++ b/src/lib/gssapi/krb5/val_cred.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/mechglue/g_oid_ops.c b/src/lib/gssapi/mechglue/g_oid_ops.c index a78639690..5bb117af1 100644 --- a/src/lib/gssapi/mechglue/g_oid_ops.c +++ b/src/lib/gssapi/mechglue/g_oid_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/mechglue/oid_ops.c b/src/lib/gssapi/mechglue/oid_ops.c index c173240b7..f45e467a4 100644 --- a/src/lib/gssapi/mechglue/oid_ops.c +++ b/src/lib/gssapi/mechglue/oid_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi16.def b/src/lib/gssapi16.def deleted file mode 100644 index cec29492e..000000000 --- a/src/lib/gssapi16.def +++ /dev/null @@ -1,78 +0,0 @@ -;---------------------------------------------------- -; GSSAPI.DEF - GSSAPI.DLL module definition file -;---------------------------------------------------- - -LIBRARY GSSAPI -DESCRIPTION 'Base Generic Security Service API' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - gss_acquire_cred - gss_release_cred - gss_init_sec_context - gss_accept_sec_context - gss_process_context_token - gss_delete_sec_context - gss_context_time - gss_sign - gss_verify - gss_seal - gss_unseal - gss_display_status - gss_indicate_mechs - gss_compare_name - gss_display_name - gss_import_name - gss_release_name - gss_release_buffer - gss_release_oid_set - gss_inquire_cred -; -; GSS-API v2 additional credential calls -; - gss_add_cred - gss_inquire_cred_by_mech -; -; GSS-API v2 additional context-level calls -; - gss_inquire_context - gss_wrap_size_limit - gss_export_sec_context - gss_import_sec_context -; -; GSS-API v2 additional calls for OID and OID_set operations -; - gss_release_oid - gss_create_empty_oid_set - gss_add_oid_set_member - gss_test_oid_set_member - gss_oid_to_str - gss_str_to_oid -; -; GSS-API v2 renamed message protection calls -; - gss_wrap - gss_unwrap - gss_get_mic - gss_verify_mic -; -; GSS-API v2 future extensions -; - gss_inquire_names_for_mech -; gss_inquire_mechs_for_name - gss_canonicalize_name - gss_export_name - gss_duplicate_name -; -; GSS-API variables -; - _gss_nt_user_name - _gss_nt_machine_uid_name - _gss_nt_string_uid_name - _gss_nt_service_name diff --git a/src/lib/kadm5/ChangeLog b/src/lib/kadm5/ChangeLog index 9c1aba73f..d7c4b36e9 100644 --- a/src/lib/kadm5/ChangeLog +++ b/src/lib/kadm5/ChangeLog @@ -1,3 +1,10 @@ +1999-09-23 Ken Raeburn + + * logger.c (DEVICE_PRINT, klog_com_err_proc, klog_vsyslog): Use + proper format strings to fprintf, instead of net-supplied data. + Fold in writes of following end-of-line sequences when + appropriate. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c index 934785322..0d67da313 100644 --- a/src/lib/kadm5/alt_prof.c +++ b/src/lib/kadm5/alt_prof.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kadm5/clnt/ChangeLog b/src/lib/kadm5/clnt/ChangeLog index 9bb42cb26..e05cb51fd 100644 --- a/src/lib/kadm5/clnt/ChangeLog +++ b/src/lib/kadm5/clnt/ChangeLog @@ -1,3 +1,8 @@ +1999-08-27 Tom Yu + + * client_init.c (_kadm5_init_any): Remove support for krb5-mech2 + for now. + Thu May 13 17:24:44 1999 Tom Yu * client_init.c (_kadm5_init_any): Use gss_krb5_ccache_name() to diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c index e86fbe877..65a313d8d 100644 --- a/src/lib/kadm5/clnt/client_init.c +++ b/src/lib/kadm5/clnt/client_init.c @@ -469,29 +469,17 @@ static kadm5_ret_t _kadm5_init_any(char *client_name, #ifndef INIT_TEST handle->clnt->cl_auth = auth_gssapi_create(handle->clnt, - &gssstat, - &minor_stat, - gss_client_creds, - gss_target, - gss_mech_krb5_v2, - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, - 0, - NULL, - NULL, - NULL); - - if (!handle->clnt->cl_auth) - handle->clnt->cl_auth = auth_gssapi_create(handle->clnt, - &gssstat, - &minor_stat, - gss_client_creds, - gss_target, - gss_mech_krb5, - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, - 0, - NULL, - NULL, - NULL); + &gssstat, + &minor_stat, + gss_client_creds, + gss_target, + gss_mech_krb5, + GSS_C_MUTUAL_FLAG + | GSS_C_REPLAY_FLAG, + 0, + NULL, + NULL, + NULL); (void) gss_release_name(&minor_stat, &gss_target); #endif /* ! INIT_TEST */ diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c index 2677e448d..36f16a156 100644 --- a/src/lib/kadm5/logger.c +++ b/src/lib/kadm5/logger.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -160,8 +163,8 @@ static struct log_entry def_log_entry; */ #define DEVICE_OPEN(d, m) fopen(d, m) #define CONSOLE_OPEN(m) fopen("/dev/console", m) -#define DEVICE_PRINT(f, m) ((fprintf(f, m) >= 0) ? \ - (fprintf(f, "\r\n"), fflush(f), 0) : \ +#define DEVICE_PRINT(f, m) ((fprintf(f, "%s\r\n", m) >= 0) ? \ + (fflush(f), 0) : \ -1) #define DEVICE_CLOSE(d) fclose(d) @@ -277,14 +280,13 @@ klog_com_err_proc(whoami, code, format, ap) /* * Files/standard error. */ - if (fprintf(log_control.log_entries[lindex].lfu_filep, + if (fprintf(log_control.log_entries[lindex].lfu_filep, "%s\n", outbuf) < 0) { /* Attempt to report error */ fprintf(stderr, log_file_err, whoami, log_control.log_entries[lindex].lfu_fname); } else { - fprintf(log_control.log_entries[lindex].lfu_filep, "\n"); fflush(log_control.log_entries[lindex].lfu_filep); } break; @@ -879,14 +881,13 @@ klog_vsyslog(priority, format, arglist) /* * Files/standard error. */ - if (fprintf(log_control.log_entries[lindex].lfu_filep, + if (fprintf(log_control.log_entries[lindex].lfu_filep, "%s\n", outbuf) < 0) { /* Attempt to report error */ - fprintf(stderr, log_file_err, + fprintf(stderr, log_file_err, log_control.log_whoami, log_control.log_entries[lindex].lfu_fname); } else { - fprintf(log_control.log_entries[lindex].lfu_filep, "\n"); fflush(log_control.log_entries[lindex].lfu_filep); } break; @@ -898,7 +899,7 @@ klog_vsyslog(priority, format, arglist) if (DEVICE_PRINT(log_control.log_entries[lindex].ldu_filep, outbuf) < 0) { /* Attempt to report error */ - fprintf(stderr, log_device_err, + fprintf(stderr, log_device_err, log_control.log_whoami, log_control.log_entries[lindex].ldu_devname); } break; diff --git a/src/lib/kadm5/srv/ChangeLog b/src/lib/kadm5/srv/ChangeLog index f96abed50..5bbc5dcbf 100644 --- a/src/lib/kadm5/srv/ChangeLog +++ b/src/lib/kadm5/srv/ChangeLog @@ -1,3 +1,8 @@ +1999-09-08 Ken Raeburn + + * adb_openclose.c (osa_adb_fini_db): Don't fclose the lock file if + the lock is permanent, because it's already been done. + Mon Dec 7 15:19:11 1998 Ezra Peisach * svr_principal.c (kadm5_randkey_principal_3): Fix typo in diff --git a/src/lib/kadm5/srv/adb_openclose.c b/src/lib/kadm5/srv/adb_openclose.c index 0f0bec7e5..e776192c2 100644 --- a/src/lib/kadm5/srv/adb_openclose.c +++ b/src/lib/kadm5/srv/adb_openclose.c @@ -232,7 +232,8 @@ osa_adb_ret_t osa_adb_fini_db(osa_adb_db_t db, int magic) * after trashing it. This has to be allowed, so don't * generate an error. */ - (void) fclose(db->lock->lockfile); + if (db->lock->lockmode != OSA_ADB_PERMANENT) + (void) fclose(db->lock->lockfile); db->lock->lockfile = NULL; krb5_free_context(db->lock->context); } diff --git a/src/lib/kadm5/srv/server_acl.c b/src/lib/kadm5/srv/server_acl.c index 36919c2b0..776b7e513 100644 --- a/src/lib/kadm5/srv/server_acl.c +++ b/src/lib/kadm5/srv/server_acl.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kadm5/srv/server_acl.h b/src/lib/kadm5/srv/server_acl.h index d7118fa7c..e2aa8bddc 100644 --- a/src/lib/kadm5/srv/server_acl.h +++ b/src/lib/kadm5/srv/server_acl.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c index 882892933..16ad5346c 100644 --- a/src/lib/kadm5/str_conv.c +++ b/src/lib/kadm5/str_conv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kadm5/unit-test/ChangeLog b/src/lib/kadm5/unit-test/ChangeLog index e4c000102..e044836fa 100644 --- a/src/lib/kadm5/unit-test/ChangeLog +++ b/src/lib/kadm5/unit-test/ChangeLog @@ -1,3 +1,21 @@ +1999-08-30 Ken Raeburn + + * api.2/init-v2.exp (RESOLVE): New variable. + (get_hostname): New proc, taken from tests/dejagnu. + (test101): Use get_hostname, set a variable in the target process + to hold the result, and use that variable in the other commands + passed. + + * Makefile.in (unit-test-client-body): Pass $(RUNTESTFLAGS) to + runtest, so the user can run subsets of the test suite. + (unit-test-server-body): Likewise. + +1999-08-26 Ken Raeburn + + * api.2/init-v2.exp (test101): Use local host name instead of + "localhost", since address 127.0.0.1 probably won't be listed in + credentials. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in index 89ba1efd0..048173d02 100644 --- a/src/lib/kadm5/unit-test/Makefile.in +++ b/src/lib/kadm5/unit-test/Makefile.in @@ -115,14 +115,14 @@ unit-test-client-body: site.exp test-noauth test-destroy test-handle-client $(ENV_SETUP) $(RUNTEST) --tool api RPC=1 API=$(CLNTTCL) \ KINIT=$(BUILDTOP)/clients/kinit/kinit \ KDESTROY=$(BUILDTOP)/clients/kdestroy/kdestroy \ - KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local + KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local $(RUNTESTFLAGS) -mv api.log capi.log -mv api.sum capi.sum unit-test-server-body: site.exp test-handle-server lock-test $(ENV_SETUP) $(RUNTEST) --tool api RPC=0 API=$(SRVTCL) \ LOCKTEST=./lock-test \ - KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local + KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local $(RUNTESTFLAGS) -mv api.log sapi.log -mv api.sum sapi.sum diff --git a/src/lib/kadm5/unit-test/api.2/init-v2.exp b/src/lib/kadm5/unit-test/api.2/init-v2.exp index bf1a7df49..fe0721494 100644 --- a/src/lib/kadm5/unit-test/api.2/init-v2.exp +++ b/src/lib/kadm5/unit-test/api.2/init-v2.exp @@ -19,21 +19,63 @@ proc test100 {} { } if {$RPC} test100 +if ![info exists RESOLVE] { + set RESOLVE [findfile $objdir/../../../tests/resolve/resolve] +} +proc get_hostname { } { + global RESOLVE + global hostname + global localhostname + global domain + + if {[info exists hostname] && [info exists localhostname]} { + return 1 + } + + catch "exec $RESOLVE -q >myname" exec_output + if ![string match "" $exec_output] { + send_log "$exec_output\n" + verbose $exec_output + send_error "ERROR: can't get hostname\n" + return 0 + } + set file [open myname r] + if { [ gets $file hostname ] == -1 } { + send_error "ERROR: no output from hostname\n" + return 0 + } + close $file + catch "exec rm -f myname" exec_output + regexp "^(\[^.\]*)\.(.*)$" $hostname foo localhostname domain + + set hostname [string tolower $hostname] + set localhostname [string tolower $localhostname] + set domain [string tolower $domain] + verbose "hostname: $hostname; localhostname: $localhostname; domain $domain" + + return 1 +} + + test "init 101" proc test101 {} { global test + global hostname + + get_hostname + tcl_cmd "set hostname $hostname" # XXX Fix to work with a remote TEST_SERVER. For now, make sure # it fails in that case. one_line_succeed_test { kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} {localhost 1751}] \ + [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 1751]] \ $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ server_handle } one_line_fail_test { kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} {localhost 1}] \ + [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 1]] \ $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ server_handle } "RPC_ERROR" diff --git a/src/lib/kdb/ChangeLog b/src/lib/kdb/ChangeLog index c655c178f..42d640c11 100644 --- a/src/lib/kdb/ChangeLog +++ b/src/lib/kdb/ChangeLog @@ -1,3 +1,14 @@ +1999-08-30 Ken Raeburn + + * t_kdb.c (add_principal): Free only contents of a generated key, + since the keyblock structure itself is on the stack. + +1999-08-17 Ken Raeburn + + * t_kdb.c (add_principal): Update for new calling sequence to + krb5_dbekd_encrypt_key_data. + (do_testing): Update calls. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/kdb/decrypt_key.c b/src/lib/kdb/decrypt_key.c index 0cfdbda8e..765e6f377 100644 --- a/src/lib/kdb/decrypt_key.c +++ b/src/lib/kdb/decrypt_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/encrypt_key.c b/src/lib/kdb/encrypt_key.c index 7bcfe11eb..1448ebd6d 100644 --- a/src/lib/kdb/encrypt_key.c +++ b/src/lib/kdb/encrypt_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/fetch_mkey.c b/src/lib/kdb/fetch_mkey.c index 829e0283c..d9a742ff2 100644 --- a/src/lib/kdb/fetch_mkey.c +++ b/src/lib/kdb/fetch_mkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_compat.h b/src/lib/kdb/kdb_compat.h index 2381d9554..540d4a249 100644 --- a/src/lib/kdb/kdb_compat.h +++ b/src/lib/kdb/kdb_compat.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_cpw.c b/src/lib/kdb/kdb_cpw.c index 507b76ad5..5f1bd15dc 100644 --- a/src/lib/kdb/kdb_cpw.c +++ b/src/lib/kdb/kdb_cpw.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_db2.c b/src/lib/kdb/kdb_db2.c index ab4d07e23..627aa75ab 100644 --- a/src/lib/kdb/kdb_db2.c +++ b/src/lib/kdb/kdb_db2.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_db2.h b/src/lib/kdb/kdb_db2.h index f2f01311e..fd35c8113 100644 --- a/src/lib/kdb/kdb_db2.h +++ b/src/lib/kdb/kdb_db2.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_dbm.c b/src/lib/kdb/kdb_dbm.c index 7af32d720..d8754f7db 100644 --- a/src/lib/kdb/kdb_dbm.c +++ b/src/lib/kdb/kdb_dbm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_xdr.c b/src/lib/kdb/kdb_xdr.c index a26b7f79d..d54f00608 100644 --- a/src/lib/kdb/kdb_xdr.c +++ b/src/lib/kdb/kdb_xdr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index 63a7bf7c8..1e5025c65 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/setup_mkey.c b/src/lib/kdb/setup_mkey.c index ba1760d5f..0898a6311 100644 --- a/src/lib/kdb/setup_mkey.c +++ b/src/lib/kdb/setup_mkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/store_mkey.c b/src/lib/kdb/store_mkey.c index e63c611a4..d18630ac0 100644 --- a/src/lib/kdb/store_mkey.c +++ b/src/lib/kdb/store_mkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/t_kdb.c b/src/lib/kdb/t_kdb.c index b14152602..8358088d2 100644 --- a/src/lib/kdb/t_kdb.c +++ b/src/lib/kdb/t_kdb.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -273,16 +276,16 @@ principal_found(nvalid, pname) * Add a principal to the database. */ static krb5_error_code -add_principal(kcontext, principal, eblock, key, rseed) +add_principal(kcontext, principal, mkey, key, rseed) krb5_context kcontext; krb5_principal principal; - krb5_encrypt_block * eblock; + krb5_keyblock * mkey; krb5_keyblock * key; krb5_pointer rseed; { krb5_error_code kret; krb5_db_entry dbent; - krb5_keyblock * rkey = NULL; + krb5_keyblock * rkey = NULL, lkey; krb5_timestamp timenow; int nentries = 1; @@ -304,19 +307,21 @@ add_principal(kcontext, principal, eblock, key, rseed) goto out; if (!key) { - if ((kret = krb5_random_key(kcontext, eblock, rseed, &rkey))) + kret = krb5_c_make_random_key (kcontext, mkey->enctype, &lkey); + if (kret) goto out; + rkey = &lkey; } else rkey = key; if ((kret = krb5_dbe_create_key_data(kcontext, &dbent))) goto out; - if ((kret = krb5_dbekd_encrypt_key_data(kcontext, eblock, rkey, NULL, 1, + if ((kret = krb5_dbekd_encrypt_key_data(kcontext, mkey, rkey, NULL, 1, &dbent.key_data[0]))) goto out; if (!key) - krb5_free_keyblock(kcontext, rkey); + krb5_free_keyblock_contents(kcontext, rkey); kret = krb5_db_put_principal(kcontext, &dbent, &nentries); if ((!kret) && (nentries != 1)) @@ -564,7 +569,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, op = "adding master principal"; if ((kret = add_principal(kcontext, master_princ, - &master_encblock, + &master_keyblock, &master_keyblock, rseed))) goto goodbye; @@ -628,7 +633,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, swatch_on(); } if ((kret = add_principal(kcontext, playback_principal(passno), - &master_encblock, kbp, rseed))) { + &master_keyblock, kbp, rseed))) { linkage = "initially "; oparg = playback_name(passno); goto cya; @@ -659,7 +664,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, } if ((kret = add_principal(kcontext, playback_principal(nvalid), - &master_encblock, + &master_keyblock, kbp, rseed))) { oparg = playback_name(nvalid); goto cya; @@ -789,7 +794,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, for (passno=0; passno 4) fprintf(stderr, "*A(%s)\n", playback_name(passno)); @@ -885,7 +890,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, for (j=0; j + + * memcache.c (change_cache): Use PostMessage instead of SendMessage + so we do not block. + +Fri Aug 13 23:23:00 1999 Brad Thompson + + * sendauth.c: Initialize __krb_sendauth_hidden_tkt_len so + it doesn't end up in the common block. + + * pkt_clen.c: Initialize swap_bytes so that it doesn't end + up in the common block. + Mon May 10 15:23:15 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb4/memcache.c b/src/lib/krb4/memcache.c index d2669df9b..a7eccc809 100644 --- a/src/lib/krb4/memcache.c +++ b/src/lib/krb4/memcache.c @@ -194,7 +194,7 @@ change_cache() locked = FALSE; } - SendMessage(HWND_BROADCAST, krb_get_notification_message(), 0, 0); + PostMessage(HWND_BROADCAST, krb_get_notification_message(), 0, 0); } diff --git a/src/lib/krb4/pkt_clen.c b/src/lib/krb4/pkt_clen.c index 352c91d4e..14e6962ab 100644 --- a/src/lib/krb4/pkt_clen.c +++ b/src/lib/krb4/pkt_clen.c @@ -14,7 +14,7 @@ #include "prot.h" extern int krb_debug; -int swap_bytes; +int swap_bytes=0; /* * Given a pointer to an AUTH_MSG_KDC_REPLY packet, return the length of diff --git a/src/lib/krb4/sendauth.c b/src/lib/krb4/sendauth.c index d11076fc3..9b8fb3904 100644 --- a/src/lib/krb4/sendauth.c +++ b/src/lib/krb4/sendauth.c @@ -107,7 +107,7 @@ * * See FIXME KLUDGE code in appl/bsd/kcmd.c. */ -KRB4_32 __krb_sendauth_hidden_tkt_len; +KRB4_32 __krb_sendauth_hidden_tkt_len=0; #define raw_tkt_len __krb_sendauth_hidden_tkt_len diff --git a/src/lib/krb4_16.def b/src/lib/krb4_16.def deleted file mode 100644 index c09930d0f..000000000 --- a/src/lib/krb4_16.def +++ /dev/null @@ -1,61 +0,0 @@ -;----------------------------- -; KERBEROS.DEF - module definition file -;----------------------------- - -LIBRARY KRB4_16 -DESCRIPTION 'DLL for Kerberos support' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - LibMain @1001 RESIDENTNAME - WEP @1002 -; - dest_tkt - get_service_key - in_tkt - kname_parse - krb_check_auth - krb_get_admhst - krb_get_cred - krb_get_default_user - krb_get_err_text - krb_get_krbhst - krb_get_lrealm - krb_get_phost - krb_get_pw_in_tkt - krb_get_pw_in_tkt_preauth - krb_get_svc_in_tkt - krb_get_tf_fullname - krb_get_tf_realm - krb_get_ticket_for_service - krb_mk_auth - krb_mk_err - krb_mk_priv - krb_mk_req - krb_mk_safe - krb_rd_err - krb_rd_priv - krb_rd_req - krb_rd_safe - krb_realmofhost - krb_recvauth - krb_save_credentials - krb_set_default_user -; kuserok - put_svc_key - read_service_key -; kadm_change_pw2 -; kadm_init_link -; kadm_get_err_text -; kadm_change_pw -; kstream_create_from_fd -; kstream_create_rlogin_from_fd -; kstream_create_rcp_from_fd -; kstream_write -; kstream_read -; kstream_flush -; kstream_destroy -; kstream_set_buffer_mode diff --git a/src/lib/krb5.rc b/src/lib/krb5.rc index 9fc24289b..f8e540024 100644 --- a/src/lib/krb5.rc +++ b/src/lib/krb5.rc @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/asn.1/KRB5-asn.py b/src/lib/krb5/asn.1/KRB5-asn.py index be37d7809..365debcf8 100644 --- a/src/lib/krb5/asn.1/KRB5-asn.py +++ b/src/lib/krb5/asn.1/KRB5-asn.py @@ -14,7 +14,10 @@ -- this permission notice appear in supporting documentation, and that -- the name of M.I.T. not be used in advertising or publicity pertaining -- to distribution of the software without specific, written prior --- permission. M.I.T. makes no representations about the suitability of +-- permission. Furthermore if you modify this software you must label +-- your software as modified software and not distribute it in such a +-- fashion that it might be confused with the original M.I.T. software. +-- M.I.T. makes no representations about the suitability of -- this software for any purpose. It is provided "as is" without express -- or implied warranty. -- diff --git a/src/lib/krb5/asn.1/asn1_decode.c b/src/lib/krb5/asn.1/asn1_decode.c index 189f7c082..8a911e55e 100644 --- a/src/lib/krb5/asn.1/asn1_decode.c +++ b/src/lib/krb5/asn.1/asn1_decode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_decode.h b/src/lib/krb5/asn.1/asn1_decode.h index 39bc6badb..31de79b68 100644 --- a/src/lib/krb5/asn.1/asn1_decode.h +++ b/src/lib/krb5/asn.1/asn1_decode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_encode.c b/src/lib/krb5/asn.1/asn1_encode.c index fe7a39797..7ef89c8c2 100644 --- a/src/lib/krb5/asn.1/asn1_encode.c +++ b/src/lib/krb5/asn.1/asn1_encode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_encode.h b/src/lib/krb5/asn.1/asn1_encode.h index baae56271..72686fba1 100644 --- a/src/lib/krb5/asn.1/asn1_encode.h +++ b/src/lib/krb5/asn.1/asn1_encode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_get.c b/src/lib/krb5/asn.1/asn1_get.c index 7d491a4cd..39750bc74 100644 --- a/src/lib/krb5/asn.1/asn1_get.c +++ b/src/lib/krb5/asn.1/asn1_get.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_get.h b/src/lib/krb5/asn.1/asn1_get.h index 67bc71952..f21c117db 100644 --- a/src/lib/krb5/asn.1/asn1_get.h +++ b/src/lib/krb5/asn.1/asn1_get.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_k_decode.c b/src/lib/krb5/asn.1/asn1_k_decode.c index 2ecb1c342..a92621a75 100644 --- a/src/lib/krb5/asn.1/asn1_k_decode.c +++ b/src/lib/krb5/asn.1/asn1_k_decode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_k_decode.h b/src/lib/krb5/asn.1/asn1_k_decode.h index 489123b6f..04861a412 100644 --- a/src/lib/krb5/asn.1/asn1_k_decode.h +++ b/src/lib/krb5/asn.1/asn1_k_decode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_k_encode.c b/src/lib/krb5/asn.1/asn1_k_encode.c index a3f375d1f..0bd3107a7 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.c +++ b/src/lib/krb5/asn.1/asn1_k_encode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_k_encode.h b/src/lib/krb5/asn.1/asn1_k_encode.h index 920d93ded..d1b804d3b 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.h +++ b/src/lib/krb5/asn.1/asn1_k_encode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_make.c b/src/lib/krb5/asn.1/asn1_make.c index ab147f85d..64e96f7b9 100644 --- a/src/lib/krb5/asn.1/asn1_make.c +++ b/src/lib/krb5/asn.1/asn1_make.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_make.h b/src/lib/krb5/asn.1/asn1_make.h index 89ece9bcf..d2d3367a8 100644 --- a/src/lib/krb5/asn.1/asn1_make.h +++ b/src/lib/krb5/asn.1/asn1_make.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_misc.c b/src/lib/krb5/asn.1/asn1_misc.c index a687d062a..a03f16c56 100644 --- a/src/lib/krb5/asn.1/asn1_misc.c +++ b/src/lib/krb5/asn.1/asn1_misc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_misc.h b/src/lib/krb5/asn.1/asn1_misc.h index 9378b330e..14a5b2a13 100644 --- a/src/lib/krb5/asn.1/asn1_misc.h +++ b/src/lib/krb5/asn.1/asn1_misc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1glue.h b/src/lib/krb5/asn.1/asn1glue.h index c9cceb528..fa3c95675 100644 --- a/src/lib/krb5/asn.1/asn1glue.h +++ b/src/lib/krb5/asn.1/asn1glue.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c index ee88b84cc..d66f697c7 100644 --- a/src/lib/krb5/asn.1/krb5_decode.c +++ b/src/lib/krb5/asn.1/krb5_decode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/krb5_encode.c b/src/lib/krb5/asn.1/krb5_encode.c index e421ebc10..60955b866 100644 --- a/src/lib/krb5/asn.1/krb5_encode.c +++ b/src/lib/krb5/asn.1/krb5_encode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog index 508078644..3ec681fd9 100644 --- a/src/lib/krb5/ccache/ChangeLog +++ b/src/lib/krb5/ccache/ChangeLog @@ -1,3 +1,15 @@ +1999-08-23 Ken Raeburn + + * cc_retr.c: New file. + (krb5_cc_retrieve_cred_seq): New function, derived from + fcc_retrieve but takes an optional list of enctypes to look for in + priority order. + (krb5_cc_retrieve_cred_default): New function. Same signature as + original fcc_retrieve but if new flag KRB5_TC_SUPPORTED_KTYPES is + set, calls krb5_get_tgs_ktypes to get a list of enctypes to look + for. + * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it. + Tue May 18 19:52:56 1999 Danilo Almeida * Makefile.in: Remove - from recursive Win32 make invocation. diff --git a/src/lib/krb5/ccache/Makefile.in b/src/lib/krb5/ccache/Makefile.in index eafa55773..a9d426595 100644 --- a/src/lib/krb5/ccache/Makefile.in +++ b/src/lib/krb5/ccache/Makefile.in @@ -21,18 +21,21 @@ STLIBOBJS= \ cccopy.o \ ccdefault.o \ ccdefops.o \ + cc_retr.o \ ser_cc.o OBJS= $(OUTPRE)ccbase.$(OBJEXT) \ $(OUTPRE)cccopy.$(OBJEXT) \ $(OUTPRE)ccdefault.$(OBJEXT) \ $(OUTPRE)ccdefops.$(OBJEXT) \ + $(OUTPRE)cc_retr.$(OBJEXT) \ $(OUTPRE)ser_cc.$(OBJEXT) SRCS= $(srcdir)/ccbase.c \ $(srcdir)/cccopy.c \ $(srcdir)/ccdefault.c \ $(srcdir)/ccdefops.c \ + $(srcdir)/cc_retr.c \ $(srcdir)/ser_cc.c all-unix:: all-libobjs diff --git a/src/lib/krb5/ccache/cc_retr.c b/src/lib/krb5/ccache/cc_retr.c new file mode 100644 index 000000000..8d439d329 --- /dev/null +++ b/src/lib/krb5/ccache/cc_retr.c @@ -0,0 +1,286 @@ +/* + * lib/krb5/ccache/cc_retr.c + * + * Copyright 1990,1991,1999 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + */ + +#include "k5-int.h" + +#define KRB5_OK 0 + +#define set(bits) (whichfields & bits) +#define flags_match(a,b) (((a) & (b)) == (a)) +#define times_match_exact(t1,t2) (memcmp((char *)(t1), (char *)(t2), sizeof(*(t1))) == 0) + +static krb5_boolean +times_match(t1, t2) + const krb5_ticket_times *t1; + const krb5_ticket_times *t2; +{ + if (t1->renew_till) { + if (t1->renew_till > t2->renew_till) + return FALSE; /* this one expires too late */ + } + if (t1->endtime) { + if (t1->endtime > t2->endtime) + return FALSE; /* this one expires too late */ + } + /* only care about expiration on a times_match */ + return TRUE; +} + +static krb5_boolean +standard_fields_match(context, mcreds, creds) +krb5_context context; +const krb5_creds *mcreds; +const krb5_creds *creds; +{ + return (krb5_principal_compare(context, mcreds->client,creds->client) + && krb5_principal_compare(context, mcreds->server,creds->server)); +} + +/* only match the server name portion, not the server realm portion */ + +static krb5_boolean +srvname_match(context, mcreds, creds) + krb5_context context; + const krb5_creds *mcreds, *creds; +{ + krb5_boolean retval; + krb5_principal_data p1, p2; + + retval = krb5_principal_compare(context, mcreds->client,creds->client); + if (retval != TRUE) + return retval; + /* + * Hack to ignore the server realm for the purposes of the compare. + */ + p1 = *mcreds->server; + p2 = *creds->server; + p1.realm = p2.realm; + return krb5_principal_compare(context, &p1, &p2); +} + +static krb5_boolean +authdata_match(mdata, data) + krb5_authdata * const *mdata, * const *data; +{ + const krb5_authdata *mdatap, *datap; + + if (mdata == data) + return TRUE; + + if (mdata == NULL) + return *data == NULL; + + if (data == NULL) + return *mdata == NULL; + + while ((mdatap = *mdata) && (datap = *data)) { + if ((mdatap->ad_type != datap->ad_type) || + (mdatap->length != datap->length) || + (memcmp ((char *)mdatap->contents, + (char *)datap->contents, mdatap->length) != 0)) + return FALSE; + mdata++; + data++; + } + return (*mdata == NULL) && (*data == NULL); +} + +static krb5_boolean +data_match(data1, data2) + const krb5_data *data1, *data2; +{ + if (!data1) { + if (!data2) + return TRUE; + else + return FALSE; + } + if (!data2) return FALSE; + + if (data1->length != data2->length) + return FALSE; + else + return memcmp(data1->data, data2->data, data1->length) ? FALSE : TRUE; +} + +static int +pref (krb5_enctype my_ktype, int nktypes, krb5_enctype *ktypes) +{ + int i; + for (i = 0; i < nktypes; i++) + if (my_ktype == ktypes[i]) + return i; + return -1; +} + +/* + * Effects: + * Searches the credentials cache for a credential matching mcreds, + * with the fields specified by whichfields. If one if found, it is + * returned in creds, which should be freed by the caller with + * krb5_free_credentials(). + * + * The fields are interpreted in the following way (all constants are + * preceded by KRB5_TC_). MATCH_IS_SKEY requires the is_skey field to + * match exactly. MATCH_TIMES requires the requested lifetime to be + * at least as great as that specified; MATCH_TIMES_EXACT requires the + * requested lifetime to be exactly that specified. MATCH_FLAGS + * requires only the set bits in mcreds be set in creds; + * MATCH_FLAGS_EXACT requires all bits to match. + * + * Flag SUPPORTED_KTYPES means check all matching entries that have + * any supported enctype (according to tgs_enctypes) and return the one + * with the enctype listed earliest. Return CC_NOT_KTYPE if a match + * is found *except* for having a supported enctype. + * + * Errors: + * system errors + * permission errors + * KRB5_CC_NOMEM + * KRB5_CC_NOT_KTYPE + */ + +static krb5_error_code +krb5_cc_retrieve_cred_seq (context, id, whichfields, + mcreds, creds, nktypes, ktypes) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; + int nktypes; + krb5_enctype *ktypes; +{ + /* This function could be considerably faster if it kept indexing */ + /* information.. sounds like a "next version" idea to me. :-) */ + + krb5_cc_cursor cursor; + krb5_error_code kret; + krb5_error_code nomatch_err = KRB5_CC_NOTFOUND; + struct { + krb5_creds creds; + int pref; + } fetched, best; + int have_creds = 0; +#define fetchcreds (fetched.creds) + + kret = krb5_cc_start_seq_get(context, id, &cursor); + if (kret != KRB5_OK) + return kret; + + while ((kret = krb5_cc_next_cred(context, id, &cursor, &fetchcreds)) == KRB5_OK) { + if (((set(KRB5_TC_MATCH_SRV_NAMEONLY) && + srvname_match(context, mcreds, &fetchcreds)) || + standard_fields_match(context, mcreds, &fetchcreds)) + && + (! set(KRB5_TC_MATCH_IS_SKEY) || + mcreds->is_skey == fetchcreds.is_skey) + && + (! set(KRB5_TC_MATCH_FLAGS_EXACT) || + mcreds->ticket_flags == fetchcreds.ticket_flags) + && + (! set(KRB5_TC_MATCH_FLAGS) || + flags_match(mcreds->ticket_flags, fetchcreds.ticket_flags)) + && + (! set(KRB5_TC_MATCH_TIMES_EXACT) || + times_match_exact(&mcreds->times, &fetchcreds.times)) + && + (! set(KRB5_TC_MATCH_TIMES) || + times_match(&mcreds->times, &fetchcreds.times)) + && + ( ! set(KRB5_TC_MATCH_AUTHDATA) || + authdata_match(mcreds->authdata, fetchcreds.authdata)) + && + (! set(KRB5_TC_MATCH_2ND_TKT) || + data_match (&mcreds->second_ticket, &fetchcreds.second_ticket)) + && + ((! set(KRB5_TC_MATCH_KTYPE))|| + (mcreds->keyblock.enctype == fetchcreds.keyblock.enctype))) + { + if (ktypes) { + fetched.pref = pref (fetchcreds.keyblock.enctype, + nktypes, ktypes); + if (fetched.pref < 0) + nomatch_err = KRB5_CC_NOT_KTYPE; + else if (!have_creds || fetched.pref < best.pref) { + if (have_creds) + krb5_free_cred_contents (context, &best.creds); + else + have_creds = 1; + best = fetched; + continue; + } + } else { + krb5_cc_end_seq_get(context, id, &cursor); + *creds = fetchcreds; + return KRB5_OK; + } + } + + /* This one doesn't match */ + krb5_free_cred_contents(context, &fetchcreds); + } + + /* If we get here, a match wasn't found */ + krb5_cc_end_seq_get(context, id, &cursor); + if (have_creds) { + *creds = best.creds; + return KRB5_OK; + } else + return nomatch_err; +} + +krb5_error_code KRB5_CALLCONV +krb5_cc_retrieve_cred_default (context, id, flags, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags flags; + krb5_creds *mcreds; + krb5_creds *creds; +{ + krb5_enctype *ktypes; + int nktypes; + krb5_error_code ret; + + if (flags & KRB5_TC_SUPPORTED_KTYPES) { + ret = krb5_get_tgs_ktypes (context, mcreds->server, &ktypes); + if (ret) + return ret; + nktypes = 0; + while (ktypes[nktypes]) + nktypes++; + + ret = krb5_cc_retrieve_cred_seq (context, id, flags, mcreds, creds, + nktypes, ktypes); + free (ktypes); + return ret; + } else { + return krb5_cc_retrieve_cred_seq (context, id, flags, mcreds, creds, + 0, 0); + } +} diff --git a/src/lib/krb5/ccache/ccapi/ChangeLog b/src/lib/krb5/ccache/ccapi/ChangeLog index dfe92f16f..c6ca9f7ea 100644 --- a/src/lib/krb5/ccache/ccapi/ChangeLog +++ b/src/lib/krb5/ccache/ccapi/ChangeLog @@ -1,3 +1,8 @@ +1999-08-23 Ken Raeburn + + * stdcc.c (krb5_stdcc_retrieve): Replace with a version that calls + krb5_cc_retrieve_cred_default. + 1999-08-05 Alexandra Ellwood * stdcc_util.c (deep_free_cc_v5_creds): diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c index db93102ca..36eed9d22 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc.c +++ b/src/lib/krb5/ccache/ccapi/stdcc.c @@ -19,7 +19,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -478,6 +481,7 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_next_cred * * - try to find a matching credential in the cache */ +#if 0 krb5_error_code KRB5_CALLCONV krb5_stdcc_retrieve (krb5_context context, krb5_ccache id, @@ -523,6 +527,22 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_retrieve return KRB5_CC_NOTFOUND; } +#else +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_stdcc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif /* * end seq diff --git a/src/lib/krb5/ccache/ccbase.c b/src/lib/krb5/ccache/ccbase.c index ae89334a0..912571f78 100644 --- a/src/lib/krb5/ccache/ccbase.c +++ b/src/lib/krb5/ccache/ccbase.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/ccdefault.c b/src/lib/krb5/ccache/ccdefault.c index 5e3cd53a9..3e2699c56 100644 --- a/src/lib/krb5/ccache/ccdefault.c +++ b/src/lib/krb5/ccache/ccdefault.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/ccdefops.c b/src/lib/krb5/ccache/ccdefops.c index 20081cc8e..2651273be 100644 --- a/src/lib/krb5/ccache/ccdefops.c +++ b/src/lib/krb5/ccache/ccdefops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/ChangeLog b/src/lib/krb5/ccache/file/ChangeLog index f99e78246..0da5c9701 100644 --- a/src/lib/krb5/ccache/file/ChangeLog +++ b/src/lib/krb5/ccache/file/ChangeLog @@ -1,3 +1,8 @@ +1999-08-23 Ken Raeburn + + * fcc_retrv.c (krb5_fcc_retrieve): Replace with a version that + calls krb5_cc_retrieve_cred_default. + 1999-06-10 Danilo Almeida * fcc_ops.c (krb5_cache_change): Use PostMessage instead of diff --git a/src/lib/krb5/ccache/file/fcc-proto.h b/src/lib/krb5/ccache/file/fcc-proto.h index d05eeb73c..837a9e32b 100644 --- a/src/lib/krb5/ccache/file/fcc-proto.h +++ b/src/lib/krb5/ccache/file/fcc-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc.h b/src/lib/krb5/ccache/file/fcc.h index e17d437ab..d1b3c332c 100644 --- a/src/lib/krb5/ccache/file/fcc.h +++ b/src/lib/krb5/ccache/file/fcc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_close.c b/src/lib/krb5/ccache/file/fcc_close.c index 6e7997afd..5d8d49891 100644 --- a/src/lib/krb5/ccache/file/fcc_close.c +++ b/src/lib/krb5/ccache/file/fcc_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_defops.c b/src/lib/krb5/ccache/file/fcc_defops.c index 18591ac7f..8f2f0f2f5 100644 --- a/src/lib/krb5/ccache/file/fcc_defops.c +++ b/src/lib/krb5/ccache/file/fcc_defops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_destry.c b/src/lib/krb5/ccache/file/fcc_destry.c index 37914e1f9..d0e6ff595 100644 --- a/src/lib/krb5/ccache/file/fcc_destry.c +++ b/src/lib/krb5/ccache/file/fcc_destry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_errs.c b/src/lib/krb5/ccache/file/fcc_errs.c index 0f21445ff..43d397462 100644 --- a/src/lib/krb5/ccache/file/fcc_errs.c +++ b/src/lib/krb5/ccache/file/fcc_errs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_eseq.c b/src/lib/krb5/ccache/file/fcc_eseq.c index d6ce34e2d..a57c9c111 100644 --- a/src/lib/krb5/ccache/file/fcc_eseq.c +++ b/src/lib/krb5/ccache/file/fcc_eseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_gennew.c b/src/lib/krb5/ccache/file/fcc_gennew.c index df98e0cd1..12b37b1c8 100644 --- a/src/lib/krb5/ccache/file/fcc_gennew.c +++ b/src/lib/krb5/ccache/file/fcc_gennew.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_getnam.c b/src/lib/krb5/ccache/file/fcc_getnam.c index 6a7b9557c..c5ca1d006 100644 --- a/src/lib/krb5/ccache/file/fcc_getnam.c +++ b/src/lib/krb5/ccache/file/fcc_getnam.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_gprin.c b/src/lib/krb5/ccache/file/fcc_gprin.c index 72d6c7780..b8a259576 100644 --- a/src/lib/krb5/ccache/file/fcc_gprin.c +++ b/src/lib/krb5/ccache/file/fcc_gprin.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_init.c b/src/lib/krb5/ccache/file/fcc_init.c index b3bf74de1..b3777ecd8 100644 --- a/src/lib/krb5/ccache/file/fcc_init.c +++ b/src/lib/krb5/ccache/file/fcc_init.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_maybe.c b/src/lib/krb5/ccache/file/fcc_maybe.c index e982f0f82..1602a20ec 100644 --- a/src/lib/krb5/ccache/file/fcc_maybe.c +++ b/src/lib/krb5/ccache/file/fcc_maybe.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_nseq.c b/src/lib/krb5/ccache/file/fcc_nseq.c index 92df32927..0c34a20bf 100644 --- a/src/lib/krb5/ccache/file/fcc_nseq.c +++ b/src/lib/krb5/ccache/file/fcc_nseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_ops.c b/src/lib/krb5/ccache/file/fcc_ops.c index 3260421ce..e96be06f3 100644 --- a/src/lib/krb5/ccache/file/fcc_ops.c +++ b/src/lib/krb5/ccache/file/fcc_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_read.c b/src/lib/krb5/ccache/file/fcc_read.c index 88cb21d09..e57c7aba3 100644 --- a/src/lib/krb5/ccache/file/fcc_read.c +++ b/src/lib/krb5/ccache/file/fcc_read.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_reslv.c b/src/lib/krb5/ccache/file/fcc_reslv.c index 5e3775ae4..a541a860f 100644 --- a/src/lib/krb5/ccache/file/fcc_reslv.c +++ b/src/lib/krb5/ccache/file/fcc_reslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_retrv.c b/src/lib/krb5/ccache/file/fcc_retrv.c index 5f4e71d7c..e7a4ff203 100644 --- a/src/lib/krb5/ccache/file/fcc_retrv.c +++ b/src/lib/krb5/ccache/file/fcc_retrv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -24,6 +27,8 @@ * This file contains the source code for krb5_fcc_retrieve. */ +#if 0 + #include "fcc.h" #ifdef macintosh @@ -230,3 +235,21 @@ authdata_match(mdata, data) } return (*mdata == NULL) && (*data == NULL); } + +#else + +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_fcc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif diff --git a/src/lib/krb5/ccache/file/fcc_sflags.c b/src/lib/krb5/ccache/file/fcc_sflags.c index 9f9b60140..be1007e6d 100644 --- a/src/lib/krb5/ccache/file/fcc_sflags.c +++ b/src/lib/krb5/ccache/file/fcc_sflags.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_skip.c b/src/lib/krb5/ccache/file/fcc_skip.c index 2f51aeee5..354d03a60 100644 --- a/src/lib/krb5/ccache/file/fcc_skip.c +++ b/src/lib/krb5/ccache/file/fcc_skip.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_sseq.c b/src/lib/krb5/ccache/file/fcc_sseq.c index 8e215becd..d22d41dfe 100644 --- a/src/lib/krb5/ccache/file/fcc_sseq.c +++ b/src/lib/krb5/ccache/file/fcc_sseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_store.c b/src/lib/krb5/ccache/file/fcc_store.c index 4915e4e39..264940af0 100644 --- a/src/lib/krb5/ccache/file/fcc_store.c +++ b/src/lib/krb5/ccache/file/fcc_store.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_test.c b/src/lib/krb5/ccache/file/fcc_test.c index 3e3b5c57c..a41df47ac 100644 --- a/src/lib/krb5/ccache/file/fcc_test.c +++ b/src/lib/krb5/ccache/file/fcc_test.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_write.c b/src/lib/krb5/ccache/file/fcc_write.c index 566789ef2..fe4c3b1c2 100644 --- a/src/lib/krb5/ccache/file/fcc_write.c +++ b/src/lib/krb5/ccache/file/fcc_write.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/ChangeLog b/src/lib/krb5/ccache/memory/ChangeLog index 4ff0ffafd..9a68c4118 100644 --- a/src/lib/krb5/ccache/memory/ChangeLog +++ b/src/lib/krb5/ccache/memory/ChangeLog @@ -1,3 +1,8 @@ +1999-08-23 Ken Raeburn + + * mcc_retrv.c (krb5_mcc_retrieve): Replace with a version that + calls krb5_cc_retrieve_cred_default. + Mon May 10 15:25:06 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb5/ccache/memory/mcc-proto.h b/src/lib/krb5/ccache/memory/mcc-proto.h index fe66c798f..dc065bad7 100644 --- a/src/lib/krb5/ccache/memory/mcc-proto.h +++ b/src/lib/krb5/ccache/memory/mcc-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc.h b/src/lib/krb5/ccache/memory/mcc.h index f7c6da57d..872fe0efd 100644 --- a/src/lib/krb5/ccache/memory/mcc.h +++ b/src/lib/krb5/ccache/memory/mcc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_close.c b/src/lib/krb5/ccache/memory/mcc_close.c index 514a4adfa..9125f1d1e 100644 --- a/src/lib/krb5/ccache/memory/mcc_close.c +++ b/src/lib/krb5/ccache/memory/mcc_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_destry.c b/src/lib/krb5/ccache/memory/mcc_destry.c index e6946789d..4d70038eb 100644 --- a/src/lib/krb5/ccache/memory/mcc_destry.c +++ b/src/lib/krb5/ccache/memory/mcc_destry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_eseq.c b/src/lib/krb5/ccache/memory/mcc_eseq.c index c3d264cdd..c567d21f6 100644 --- a/src/lib/krb5/ccache/memory/mcc_eseq.c +++ b/src/lib/krb5/ccache/memory/mcc_eseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_gennew.c b/src/lib/krb5/ccache/memory/mcc_gennew.c index 76249610a..8720a6168 100644 --- a/src/lib/krb5/ccache/memory/mcc_gennew.c +++ b/src/lib/krb5/ccache/memory/mcc_gennew.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_getnam.c b/src/lib/krb5/ccache/memory/mcc_getnam.c index e86b0836e..f4c611992 100644 --- a/src/lib/krb5/ccache/memory/mcc_getnam.c +++ b/src/lib/krb5/ccache/memory/mcc_getnam.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_gprin.c b/src/lib/krb5/ccache/memory/mcc_gprin.c index 81624d73a..90d02ca54 100644 --- a/src/lib/krb5/ccache/memory/mcc_gprin.c +++ b/src/lib/krb5/ccache/memory/mcc_gprin.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_init.c b/src/lib/krb5/ccache/memory/mcc_init.c index 5f4a40ae7..773e24197 100644 --- a/src/lib/krb5/ccache/memory/mcc_init.c +++ b/src/lib/krb5/ccache/memory/mcc_init.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_nseq.c b/src/lib/krb5/ccache/memory/mcc_nseq.c index a68b9f95a..3b533a291 100644 --- a/src/lib/krb5/ccache/memory/mcc_nseq.c +++ b/src/lib/krb5/ccache/memory/mcc_nseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_ops.c b/src/lib/krb5/ccache/memory/mcc_ops.c index d3f1cb5af..51f8c8808 100644 --- a/src/lib/krb5/ccache/memory/mcc_ops.c +++ b/src/lib/krb5/ccache/memory/mcc_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_reslv.c b/src/lib/krb5/ccache/memory/mcc_reslv.c index 9285198a1..2b256d6e4 100644 --- a/src/lib/krb5/ccache/memory/mcc_reslv.c +++ b/src/lib/krb5/ccache/memory/mcc_reslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_retrv.c b/src/lib/krb5/ccache/memory/mcc_retrv.c index ae3510129..cdb6ae3d1 100644 --- a/src/lib/krb5/ccache/memory/mcc_retrv.c +++ b/src/lib/krb5/ccache/memory/mcc_retrv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -24,6 +27,8 @@ * This file contains the source code for krb5_mcc_retrieve. */ +#if 0 + #include "mcc.h" #define set(bits) (whichfields & bits) @@ -223,3 +228,21 @@ authdata_match(mdata, data) } return (*mdata == NULL) && (*data == NULL); } + +#else + +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_mcc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif diff --git a/src/lib/krb5/ccache/memory/mcc_sflags.c b/src/lib/krb5/ccache/memory/mcc_sflags.c index a12c696f9..9747d7530 100644 --- a/src/lib/krb5/ccache/memory/mcc_sflags.c +++ b/src/lib/krb5/ccache/memory/mcc_sflags.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_sseq.c b/src/lib/krb5/ccache/memory/mcc_sseq.c index bb87e47df..90836df0d 100644 --- a/src/lib/krb5/ccache/memory/mcc_sseq.c +++ b/src/lib/krb5/ccache/memory/mcc_sseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_test.c b/src/lib/krb5/ccache/memory/mcc_test.c index 81ea2edb8..b117aed33 100644 --- a/src/lib/krb5/ccache/memory/mcc_test.c +++ b/src/lib/krb5/ccache/memory/mcc_test.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/ser_cc.c b/src/lib/krb5/ccache/ser_cc.c index c834769eb..8c1918a5a 100644 --- a/src/lib/krb5/ccache/ser_cc.c +++ b/src/lib/krb5/ccache/ser_cc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/ChangeLog b/src/lib/krb5/ccache/stdio/ChangeLog index 5b7e7ea1a..9a402a46c 100644 --- a/src/lib/krb5/ccache/stdio/ChangeLog +++ b/src/lib/krb5/ccache/stdio/ChangeLog @@ -1,3 +1,8 @@ +1999-08-23 Ken Raeburn + + * scc_retrv.c (krb5_scc_retrieve): Replace with a version that + calls krb5_cc_retrieve_cred_default. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/krb5/ccache/stdio/scc-proto.h b/src/lib/krb5/ccache/stdio/scc-proto.h index 20a0006f3..1fe4a88b9 100644 --- a/src/lib/krb5/ccache/stdio/scc-proto.h +++ b/src/lib/krb5/ccache/stdio/scc-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc.h b/src/lib/krb5/ccache/stdio/scc.h index 627eb3adf..fda85d47d 100644 --- a/src/lib/krb5/ccache/stdio/scc.h +++ b/src/lib/krb5/ccache/stdio/scc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_close.c b/src/lib/krb5/ccache/stdio/scc_close.c index 77f6d6b23..4f6e3e964 100644 --- a/src/lib/krb5/ccache/stdio/scc_close.c +++ b/src/lib/krb5/ccache/stdio/scc_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_defops.c b/src/lib/krb5/ccache/stdio/scc_defops.c index 8eb67a770..57e866a98 100644 --- a/src/lib/krb5/ccache/stdio/scc_defops.c +++ b/src/lib/krb5/ccache/stdio/scc_defops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_destry.c b/src/lib/krb5/ccache/stdio/scc_destry.c index 7b1db878d..b8e40ed64 100644 --- a/src/lib/krb5/ccache/stdio/scc_destry.c +++ b/src/lib/krb5/ccache/stdio/scc_destry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_errs.c b/src/lib/krb5/ccache/stdio/scc_errs.c index e1e1655ee..73d698a84 100644 --- a/src/lib/krb5/ccache/stdio/scc_errs.c +++ b/src/lib/krb5/ccache/stdio/scc_errs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_eseq.c b/src/lib/krb5/ccache/stdio/scc_eseq.c index 6d7595089..73672afcf 100644 --- a/src/lib/krb5/ccache/stdio/scc_eseq.c +++ b/src/lib/krb5/ccache/stdio/scc_eseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_gennew.c b/src/lib/krb5/ccache/stdio/scc_gennew.c index 5635428fa..ee0d8295c 100644 --- a/src/lib/krb5/ccache/stdio/scc_gennew.c +++ b/src/lib/krb5/ccache/stdio/scc_gennew.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_getnam.c b/src/lib/krb5/ccache/stdio/scc_getnam.c index 0303c1009..e37d6a3d4 100644 --- a/src/lib/krb5/ccache/stdio/scc_getnam.c +++ b/src/lib/krb5/ccache/stdio/scc_getnam.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_gprin.c b/src/lib/krb5/ccache/stdio/scc_gprin.c index 5fbc4822d..8de1bda6d 100644 --- a/src/lib/krb5/ccache/stdio/scc_gprin.c +++ b/src/lib/krb5/ccache/stdio/scc_gprin.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_init.c b/src/lib/krb5/ccache/stdio/scc_init.c index 826153584..91308ba97 100644 --- a/src/lib/krb5/ccache/stdio/scc_init.c +++ b/src/lib/krb5/ccache/stdio/scc_init.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_maybe.c b/src/lib/krb5/ccache/stdio/scc_maybe.c index 7d6df3206..858b49f37 100644 --- a/src/lib/krb5/ccache/stdio/scc_maybe.c +++ b/src/lib/krb5/ccache/stdio/scc_maybe.c @@ -18,7 +18,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_nseq.c b/src/lib/krb5/ccache/stdio/scc_nseq.c index 49f9e255d..09f8e7654 100644 --- a/src/lib/krb5/ccache/stdio/scc_nseq.c +++ b/src/lib/krb5/ccache/stdio/scc_nseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_ops.c b/src/lib/krb5/ccache/stdio/scc_ops.c index 4ec38e72c..9b5d361f9 100644 --- a/src/lib/krb5/ccache/stdio/scc_ops.c +++ b/src/lib/krb5/ccache/stdio/scc_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_read.c b/src/lib/krb5/ccache/stdio/scc_read.c index 88e9e5566..f36b38734 100644 --- a/src/lib/krb5/ccache/stdio/scc_read.c +++ b/src/lib/krb5/ccache/stdio/scc_read.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_reslv.c b/src/lib/krb5/ccache/stdio/scc_reslv.c index a809a4744..bff8296e4 100644 --- a/src/lib/krb5/ccache/stdio/scc_reslv.c +++ b/src/lib/krb5/ccache/stdio/scc_reslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_retrv.c b/src/lib/krb5/ccache/stdio/scc_retrv.c index 7498d906e..f5b0da8ee 100644 --- a/src/lib/krb5/ccache/stdio/scc_retrv.c +++ b/src/lib/krb5/ccache/stdio/scc_retrv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -24,6 +27,8 @@ * This file contains the source code for krb5_scc_retrieve. */ +#if 0 + #include "scc.h" #define set(bits) (whichfields & bits) @@ -217,3 +222,21 @@ krb5_scc_retrieve(context, id, whichfields, mcreds, creds) krb5_scc_end_seq_get(context, id, &cursor); return KRB5_CC_NOTFOUND; } + +#else + +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_scc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif diff --git a/src/lib/krb5/ccache/stdio/scc_sflags.c b/src/lib/krb5/ccache/stdio/scc_sflags.c index 89ec826eb..47ac9809a 100644 --- a/src/lib/krb5/ccache/stdio/scc_sflags.c +++ b/src/lib/krb5/ccache/stdio/scc_sflags.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_skip.c b/src/lib/krb5/ccache/stdio/scc_skip.c index 6b072dc5e..c203c71bb 100644 --- a/src/lib/krb5/ccache/stdio/scc_skip.c +++ b/src/lib/krb5/ccache/stdio/scc_skip.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_sseq.c b/src/lib/krb5/ccache/stdio/scc_sseq.c index c5bac1967..df71aff17 100644 --- a/src/lib/krb5/ccache/stdio/scc_sseq.c +++ b/src/lib/krb5/ccache/stdio/scc_sseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_store.c b/src/lib/krb5/ccache/stdio/scc_store.c index 71b06210d..158e3f9ea 100644 --- a/src/lib/krb5/ccache/stdio/scc_store.c +++ b/src/lib/krb5/ccache/stdio/scc_store.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_test.c b/src/lib/krb5/ccache/stdio/scc_test.c index d94829249..a76d1fcd7 100644 --- a/src/lib/krb5/ccache/stdio/scc_test.c +++ b/src/lib/krb5/ccache/stdio/scc_test.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_write.c b/src/lib/krb5/ccache/stdio/scc_write.c index 3c552004a..cbfa4a449 100644 --- a/src/lib/krb5/ccache/stdio/scc_write.c +++ b/src/lib/krb5/ccache/stdio/scc_write.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/error_tables/ChangeLog b/src/lib/krb5/error_tables/ChangeLog index 4986a4ce8..9e2d01a5d 100644 --- a/src/lib/krb5/error_tables/ChangeLog +++ b/src/lib/krb5/error_tables/ChangeLog @@ -1,3 +1,7 @@ +1999-08-23 Ken Raeburn + + * krb5_err.et (KRB5_CC_NOT_KTYPE): New error code. + 1999-07-29 Ken Raeburn * Makefile.in: Delete dependency info for isode error table that diff --git a/src/lib/krb5/error_tables/init_ets.c b/src/lib/krb5/error_tables/init_ets.c index ac43fb7ed..a6e9c2d05 100644 --- a/src/lib/krb5/error_tables/init_ets.c +++ b/src/lib/krb5/error_tables/init_ets.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/error_tables/kdb5_err.et b/src/lib/krb5/error_tables/kdb5_err.et index 9840e5d6d..982a9c11a 100644 --- a/src/lib/krb5/error_tables/kdb5_err.et +++ b/src/lib/krb5/error_tables/kdb5_err.et @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/lib/krb5/error_tables/krb5_err.et b/src/lib/krb5/error_tables/krb5_err.et index b483116e1..2e316b841 100644 --- a/src/lib/krb5/error_tables/krb5_err.et +++ b/src/lib/krb5/error_tables/krb5_err.et @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # @@ -262,6 +265,7 @@ error_code KRB5_FCC_INTERNAL, "Internal file credentials cache error" error_code KRB5_CC_WRITE, "Error writing to credentials cache file" error_code KRB5_CC_NOMEM, "No more memory to allocate (in credentials cache code)" error_code KRB5_CC_FORMAT, "Bad format in credentials cache" +error_code KRB5_CC_NOT_KTYPE, "No credentials found with supported encryption types" # errors for dual tgt library calls error_code KRB5_INVALID_FLAGS, "Invalid KDC option combination (library internal error)" diff --git a/src/lib/krb5/error_tables/kv5m_err.et b/src/lib/krb5/error_tables/kv5m_err.et index aff1d3c62..eb6bdd870 100644 --- a/src/lib/krb5/error_tables/kv5m_err.et +++ b/src/lib/krb5/error_tables/kv5m_err.et @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/lib/krb5/keytab/db/dbkeytab.c b/src/lib/krb5/keytab/db/dbkeytab.c index 9789d30cc..e297add06 100644 --- a/src/lib/krb5/keytab/db/dbkeytab.c +++ b/src/lib/krb5/keytab/db/dbkeytab.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_add.c b/src/lib/krb5/keytab/file/ktf_add.c index 8979ad8c9..5ba5af79a 100644 --- a/src/lib/krb5/keytab/file/ktf_add.c +++ b/src/lib/krb5/keytab/file/ktf_add.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_close.c b/src/lib/krb5/keytab/file/ktf_close.c index a538aa719..d735120cc 100644 --- a/src/lib/krb5/keytab/file/ktf_close.c +++ b/src/lib/krb5/keytab/file/ktf_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_defops.c b/src/lib/krb5/keytab/file/ktf_defops.c index 7b905b97a..6bba8a63f 100644 --- a/src/lib/krb5/keytab/file/ktf_defops.c +++ b/src/lib/krb5/keytab/file/ktf_defops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_endget.c b/src/lib/krb5/keytab/file/ktf_endget.c index 66f862e18..a007f077d 100644 --- a/src/lib/krb5/keytab/file/ktf_endget.c +++ b/src/lib/krb5/keytab/file/ktf_endget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_g_ent.c b/src/lib/krb5/keytab/file/ktf_g_ent.c index 57d6edabd..b45ab6fd7 100644 --- a/src/lib/krb5/keytab/file/ktf_g_ent.c +++ b/src/lib/krb5/keytab/file/ktf_g_ent.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_g_name.c b/src/lib/krb5/keytab/file/ktf_g_name.c index b0cd4d8e6..083ca387e 100644 --- a/src/lib/krb5/keytab/file/ktf_g_name.c +++ b/src/lib/krb5/keytab/file/ktf_g_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_next.c b/src/lib/krb5/keytab/file/ktf_next.c index acabb7c35..41e13d413 100644 --- a/src/lib/krb5/keytab/file/ktf_next.c +++ b/src/lib/krb5/keytab/file/ktf_next.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_ops.c b/src/lib/krb5/keytab/file/ktf_ops.c index bc9d03882..86f44a78c 100644 --- a/src/lib/krb5/keytab/file/ktf_ops.c +++ b/src/lib/krb5/keytab/file/ktf_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_remove.c b/src/lib/krb5/keytab/file/ktf_remove.c index 3d9e627b5..214fa6bfc 100644 --- a/src/lib/krb5/keytab/file/ktf_remove.c +++ b/src/lib/krb5/keytab/file/ktf_remove.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_resolv.c b/src/lib/krb5/keytab/file/ktf_resolv.c index 1b0935063..41a7a6ce4 100644 --- a/src/lib/krb5/keytab/file/ktf_resolv.c +++ b/src/lib/krb5/keytab/file/ktf_resolv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_ssget.c b/src/lib/krb5/keytab/file/ktf_ssget.c index b66c4caba..1676a4876 100644 --- a/src/lib/krb5/keytab/file/ktf_ssget.c +++ b/src/lib/krb5/keytab/file/ktf_ssget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_util.c b/src/lib/krb5/keytab/file/ktf_util.c index 3713c62d6..4ae73fedb 100644 --- a/src/lib/krb5/keytab/file/ktf_util.c +++ b/src/lib/krb5/keytab/file/ktf_util.c @@ -20,7 +20,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_wops.c b/src/lib/krb5/keytab/file/ktf_wops.c index d55f9808c..833e4d66f 100644 --- a/src/lib/krb5/keytab/file/ktf_wops.c +++ b/src/lib/krb5/keytab/file/ktf_wops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_wreslv.c b/src/lib/krb5/keytab/file/ktf_wreslv.c index 2e7f99e08..523d98370 100644 --- a/src/lib/krb5/keytab/file/ktf_wreslv.c +++ b/src/lib/krb5/keytab/file/ktf_wreslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktfile.h b/src/lib/krb5/keytab/file/ktfile.h index 61a8acf3b..8ee5756f6 100644 --- a/src/lib/krb5/keytab/file/ktfile.h +++ b/src/lib/krb5/keytab/file/ktfile.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ser_ktf.c b/src/lib/krb5/keytab/file/ser_ktf.c index 61ad9176f..69f6d5d86 100644 --- a/src/lib/krb5/keytab/file/ser_ktf.c +++ b/src/lib/krb5/keytab/file/ser_ktf.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktadd.c b/src/lib/krb5/keytab/ktadd.c index ab805c94d..46f9cb4c1 100644 --- a/src/lib/krb5/keytab/ktadd.c +++ b/src/lib/krb5/keytab/ktadd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c index c65ee4483..32c84a47b 100644 --- a/src/lib/krb5/keytab/ktbase.c +++ b/src/lib/krb5/keytab/ktbase.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktdefault.c b/src/lib/krb5/keytab/ktdefault.c index 6178d43dd..7057bfc3d 100644 --- a/src/lib/krb5/keytab/ktdefault.c +++ b/src/lib/krb5/keytab/ktdefault.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktfr_entry.c b/src/lib/krb5/keytab/ktfr_entry.c index 92c3235e4..ddccb1703 100644 --- a/src/lib/krb5/keytab/ktfr_entry.c +++ b/src/lib/krb5/keytab/ktfr_entry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktremove.c b/src/lib/krb5/keytab/ktremove.c index 6fc9dd3cf..d14f298a4 100644 --- a/src/lib/krb5/keytab/ktremove.c +++ b/src/lib/krb5/keytab/ktremove.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/read_servi.c b/src/lib/krb5/keytab/read_servi.c index b6f058e49..345d36566 100644 --- a/src/lib/krb5/keytab/read_servi.c +++ b/src/lib/krb5/keytab/read_servi.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_close.c b/src/lib/krb5/keytab/srvtab/kts_close.c index 1d66d7ed5..6d465242f 100644 --- a/src/lib/krb5/keytab/srvtab/kts_close.c +++ b/src/lib/krb5/keytab/srvtab/kts_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_endget.c b/src/lib/krb5/keytab/srvtab/kts_endget.c index 035e9c51d..eda5d27ed 100644 --- a/src/lib/krb5/keytab/srvtab/kts_endget.c +++ b/src/lib/krb5/keytab/srvtab/kts_endget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_g_ent.c b/src/lib/krb5/keytab/srvtab/kts_g_ent.c index 01a0379ba..9d94fee3f 100644 --- a/src/lib/krb5/keytab/srvtab/kts_g_ent.c +++ b/src/lib/krb5/keytab/srvtab/kts_g_ent.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_g_name.c b/src/lib/krb5/keytab/srvtab/kts_g_name.c index 74555600c..bb72acfa4 100644 --- a/src/lib/krb5/keytab/srvtab/kts_g_name.c +++ b/src/lib/krb5/keytab/srvtab/kts_g_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_next.c b/src/lib/krb5/keytab/srvtab/kts_next.c index 275e738d8..15c46e7dd 100644 --- a/src/lib/krb5/keytab/srvtab/kts_next.c +++ b/src/lib/krb5/keytab/srvtab/kts_next.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_ops.c b/src/lib/krb5/keytab/srvtab/kts_ops.c index c63402102..d78dcbed1 100644 --- a/src/lib/krb5/keytab/srvtab/kts_ops.c +++ b/src/lib/krb5/keytab/srvtab/kts_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_resolv.c b/src/lib/krb5/keytab/srvtab/kts_resolv.c index 795a82887..2cec72e54 100644 --- a/src/lib/krb5/keytab/srvtab/kts_resolv.c +++ b/src/lib/krb5/keytab/srvtab/kts_resolv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_ssget.c b/src/lib/krb5/keytab/srvtab/kts_ssget.c index edb252264..8c3b812f5 100644 --- a/src/lib/krb5/keytab/srvtab/kts_ssget.c +++ b/src/lib/krb5/keytab/srvtab/kts_ssget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_util.c b/src/lib/krb5/keytab/srvtab/kts_util.c index 7e7a4d04c..d95aceb48 100644 --- a/src/lib/krb5/keytab/srvtab/kts_util.c +++ b/src/lib/krb5/keytab/srvtab/kts_util.c @@ -20,7 +20,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/ktsrvtab.h b/src/lib/krb5/keytab/srvtab/ktsrvtab.h index 071a27d10..822405703 100644 --- a/src/lib/krb5/keytab/srvtab/ktsrvtab.h +++ b/src/lib/krb5/keytab/srvtab/ktsrvtab.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 3377f5fe2..470174a04 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,37 @@ +1999-08-26 Ken Raeburn + + * init_ctx.c (get_profile_etype_list): Update name of the des3 + entry in the default etype list. + +1999-08-23 Ken Raeburn + + * init_ctx.c (get_profile_etype_list): New argument DESONLY; if + set, ignore any ktype values other than NULL, DES_CBC_CRC, and + DES_CBC_MD5. + (krb5_get_default_in_tkt_ktypes, krb5_get_tgs_ktypes): Set it. + (krb5_get_permitted_enctypes): Don't set it. + + * fwd_tgt.c (krb5_fwd_tgt_creds): Use KRB5_TC_SUPPORTED_KTYPES + when calling krb5_cc_retrieve_cred. + * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Ditto. + * get_creds.c (krb5_get_credentials_core): Set that flag. + (krb5_get_credentials): Check for KRB5_CC_NOT_KTYPE error return. + +1999-08-17 Ken Raeburn + + * t_ser.c (main): Disable eblock serialization test, since the + code it tests was disabled nearly a year ago. + + * str_conv.c (krb5_timestamp_to_sfstring): Don't pass extra + argument to sprintf. + +1999-08-10 Alexandra Ellwood + + * chpw.c (krb5_mk_chpw_req): + Added call to free cipherpw.data. cipherpw.data is allocated + by krb5_mk_priv and passed back. Since cipherpw is never + passed back, krb5_mk_chpw_req should free it. + 1999-08-05 Danilo Almeida * init_ctx.c (krb5_init_context): Document why krb5_win_ccdll_load diff --git a/src/lib/krb5/krb/addr_comp.c b/src/lib/krb5/krb/addr_comp.c index 661f6960e..359e570fd 100644 --- a/src/lib/krb5/krb/addr_comp.c +++ b/src/lib/krb5/krb/addr_comp.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/addr_order.c b/src/lib/krb5/krb/addr_order.c index 757f7bf52..f9a92b470 100644 --- a/src/lib/krb5/krb/addr_order.c +++ b/src/lib/krb5/krb/addr_order.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/addr_srch.c b/src/lib/krb5/krb/addr_srch.c index d30b68cd1..75da7d21d 100644 --- a/src/lib/krb5/krb/addr_srch.c +++ b/src/lib/krb5/krb/addr_srch.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/bld_pr_ext.c b/src/lib/krb5/krb/bld_pr_ext.c index 8b201759f..52f4ebb50 100644 --- a/src/lib/krb5/krb/bld_pr_ext.c +++ b/src/lib/krb5/krb/bld_pr_ext.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/bld_princ.c b/src/lib/krb5/krb/bld_princ.c index 364c234ca..417c980bf 100644 --- a/src/lib/krb5/krb/bld_princ.c +++ b/src/lib/krb5/krb/bld_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/chpw.c b/src/lib/krb5/krb/chpw.c index 70f1bd82a..f3c6eb6de 100644 --- a/src/lib/krb5/krb/chpw.c +++ b/src/lib/krb5/krb/chpw.c @@ -12,27 +12,32 @@ krb5_mk_chpw_req(context, auth_context, ap_req, passwd, packet) char *passwd; krb5_data *packet; { - krb5_error_code ret; + krb5_error_code ret = 0; krb5_data clearpw; krb5_data cipherpw; krb5_replay_data replay; char *ptr; + cipherpw.data = NULL; + if (ret = krb5_auth_con_setflags(context, auth_context, KRB5_AUTH_CONTEXT_DO_SEQUENCE)) - return(ret); + goto cleanup; clearpw.length = strlen(passwd); clearpw.data = passwd; if (ret = krb5_mk_priv(context, auth_context, &clearpw, &cipherpw, &replay)) - return(ret); + goto cleanup; packet->length = 6 + ap_req->length + cipherpw.length; packet->data = (char *) malloc(packet->length); if (packet->data == NULL) - return ENOMEM; + { + ret = ENOMEM; + goto cleanup; + } ptr = packet->data; /* length */ @@ -59,7 +64,11 @@ krb5_mk_chpw_req(context, auth_context, ap_req, passwd, packet) memcpy(ptr, cipherpw.data, cipherpw.length); - return(0); +cleanup: + if(cipherpw.data != NULL) /* allocated by krb5_mk_priv */ + free(cipherpw.data); + + return(ret); } KRB5_DLLIMP krb5_error_code KRB5_CALLCONV diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c index f89c3d490..1ce414143 100644 --- a/src/lib/krb5/krb/conv_princ.c +++ b/src/lib/krb5/krb/conv_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_addrs.c b/src/lib/krb5/krb/copy_addrs.c index fa2d36723..a99ae9af1 100644 --- a/src/lib/krb5/krb/copy_addrs.c +++ b/src/lib/krb5/krb/copy_addrs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_athctr.c b/src/lib/krb5/krb/copy_athctr.c index e2bec676c..fecb5775d 100644 --- a/src/lib/krb5/krb/copy_athctr.c +++ b/src/lib/krb5/krb/copy_athctr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_auth.c b/src/lib/krb5/krb/copy_auth.c index 7594b9136..331c350fe 100644 --- a/src/lib/krb5/krb/copy_auth.c +++ b/src/lib/krb5/krb/copy_auth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_cksum.c b/src/lib/krb5/krb/copy_cksum.c index 8adc82a90..0c4783d87 100644 --- a/src/lib/krb5/krb/copy_cksum.c +++ b/src/lib/krb5/krb/copy_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_creds.c b/src/lib/krb5/krb/copy_creds.c index a8fea1166..2abda3349 100644 --- a/src/lib/krb5/krb/copy_creds.c +++ b/src/lib/krb5/krb/copy_creds.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_data.c b/src/lib/krb5/krb/copy_data.c index df4f7831e..528d3278c 100644 --- a/src/lib/krb5/krb/copy_data.c +++ b/src/lib/krb5/krb/copy_data.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_key.c b/src/lib/krb5/krb/copy_key.c index 39fcb7df8..0b4f9f158 100644 --- a/src/lib/krb5/krb/copy_key.c +++ b/src/lib/krb5/krb/copy_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_princ.c b/src/lib/krb5/krb/copy_princ.c index 2a4025e8d..7e8ad6e09 100644 --- a/src/lib/krb5/krb/copy_princ.c +++ b/src/lib/krb5/krb/copy_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_tick.c b/src/lib/krb5/krb/copy_tick.c index 9235db111..eab9fb02f 100644 --- a/src/lib/krb5/krb/copy_tick.c +++ b/src/lib/krb5/krb/copy_tick.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/cp_key_cnt.c b/src/lib/krb5/krb/cp_key_cnt.c index 6cc6ef843..f125d814d 100644 --- a/src/lib/krb5/krb/cp_key_cnt.c +++ b/src/lib/krb5/krb/cp_key_cnt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/decode_kdc.c b/src/lib/krb5/krb/decode_kdc.c index 60c983878..38990aed7 100644 --- a/src/lib/krb5/krb/decode_kdc.c +++ b/src/lib/krb5/krb/decode_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/decrypt_tk.c b/src/lib/krb5/krb/decrypt_tk.c index 47f675591..e988c2d31 100644 --- a/src/lib/krb5/krb/decrypt_tk.c +++ b/src/lib/krb5/krb/decrypt_tk.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c index e20c1f536..3b0410dd3 100644 --- a/src/lib/krb5/krb/encode_kdc.c +++ b/src/lib/krb5/krb/encode_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/encrypt_tk.c b/src/lib/krb5/krb/encrypt_tk.c index e1a1b1850..07642f04e 100644 --- a/src/lib/krb5/krb/encrypt_tk.c +++ b/src/lib/krb5/krb/encrypt_tk.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/free_rtree.c b/src/lib/krb5/krb/free_rtree.c index 58492710e..3d9ea327a 100644 --- a/src/lib/krb5/krb/free_rtree.c +++ b/src/lib/krb5/krb/free_rtree.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c index 0a8ce2240..814195a79 100644 --- a/src/lib/krb5/krb/fwd_tgt.c +++ b/src/lib/krb5/krb/fwd_tgt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ @@ -93,7 +96,8 @@ krb5_fwd_tgt_creds(context, auth_context, rhost, client, server, cc, } /* fetch tgt directly from cache */ - retval = krb5_cc_retrieve_cred (context, cc, 0, &creds, &tgt); + retval = krb5_cc_retrieve_cred (context, cc, KRB5_TC_SUPPORTED_KTYPES, + &creds, &tgt); if (retval) goto errout; diff --git a/src/lib/krb5/krb/gc_frm_kdc.c b/src/lib/krb5/krb/gc_frm_kdc.c index ac31b466d..1e315febd 100644 --- a/src/lib/krb5/krb/gc_frm_kdc.c +++ b/src/lib/krb5/krb/gc_frm_kdc.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. Neither M.I.T., the Open Computing Security Group, nor + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * Neither M.I.T., the Open Computing Security Group, nor * CyberSAFE Corporation make any representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. @@ -118,10 +121,10 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) } if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { - if (retval != KRB5_CC_NOTFOUND) { + if (retval != KRB5_CC_NOTFOUND && retval != KRB5_CC_NOT_KTYPE) { goto cleanup; } @@ -154,7 +157,7 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) goto cleanup; if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { goto cleanup; } @@ -217,10 +220,10 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) goto cleanup; if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { - if (retval != KRB5_CC_NOTFOUND) { + if (retval != KRB5_CC_NOTFOUND && retval != KRB5_CC_NOT_KTYPE) { goto cleanup; } @@ -280,7 +283,7 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) goto cleanup; if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { if (retval != KRB5_CC_NOTFOUND) { goto cleanup; diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c index 2ea4fc815..20098781c 100644 --- a/src/lib/krb5/krb/gc_via_tkt.c +++ b/src/lib/krb5/krb/gc_via_tkt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/gen_seqnum.c b/src/lib/krb5/krb/gen_seqnum.c index 4b3cd6fe6..0089c5d2a 100644 --- a/src/lib/krb5/krb/gen_seqnum.c +++ b/src/lib/krb5/krb/gen_seqnum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/gen_subkey.c b/src/lib/krb5/krb/gen_subkey.c index 861d61e72..bf6eed938 100644 --- a/src/lib/krb5/krb/gen_subkey.c +++ b/src/lib/krb5/krb/gen_subkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c index 4fbf4cf33..3bcaa0be2 100644 --- a/src/lib/krb5/krb/get_creds.c +++ b/src/lib/krb5/krb/get_creds.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -69,7 +72,8 @@ krb5_get_credentials_core(context, options, ccache, in_creds, out_creds, mcreds->client = in_creds->client; *fields = KRB5_TC_MATCH_TIMES /*XXX |KRB5_TC_MATCH_SKEY_TYPE */ - | KRB5_TC_MATCH_AUTHDATA ; + | KRB5_TC_MATCH_AUTHDATA + | KRB5_TC_SUPPORTED_KTYPES; if (mcreds->keyblock.enctype) *fields |= KRB5_TC_MATCH_KTYPE; if (options & KRB5_GC_USER_USER) { @@ -120,7 +124,8 @@ krb5_get_credentials(context, options, ccache, in_creds, out_creds) *out_creds = ncreds; } - if (retval != KRB5_CC_NOTFOUND || options & KRB5_GC_CACHED) + if ((retval != KRB5_CC_NOTFOUND && retval != KRB5_CC_NOT_KTYPE) + || options & KRB5_GC_CACHED) return retval; retval = krb5_get_cred_from_kdc(context, ccache, ncreds, out_creds, &tgts); diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index ebf8e4477..86978f360 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/in_tkt_ktb.c b/src/lib/krb5/krb/in_tkt_ktb.c index 0c901c1b9..10b920cef 100644 --- a/src/lib/krb5/krb/in_tkt_ktb.c +++ b/src/lib/krb5/krb/in_tkt_ktb.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/in_tkt_pwd.c b/src/lib/krb5/krb/in_tkt_pwd.c index e03883e9d..00293564e 100644 --- a/src/lib/krb5/krb/in_tkt_pwd.c +++ b/src/lib/krb5/krb/in_tkt_pwd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/in_tkt_sky.c b/src/lib/krb5/krb/in_tkt_sky.c index 3c7a0cd32..7371f1e95 100644 --- a/src/lib/krb5/krb/in_tkt_sky.c +++ b/src/lib/krb5/krb/in_tkt_sky.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 2ddd2d0c5..862cede94 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -250,12 +253,13 @@ krb5_set_default_in_tkt_ktypes(context, ktypes) } static krb5_error_code -get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) +get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list, desonly) krb5_context context; krb5_enctype **ktypes; char *profstr; int ctx_count; krb5_enctype FAR *ctx_list; + int desonly; { krb5_enctype *old_ktypes; @@ -283,7 +287,7 @@ get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) code = profile_get_string(context->profile, "libdefaults", profstr, NULL, - "des3-hmac-sha1 des-cbc-md5 des-cbc-crc", + "des3-cbc-sha1 des-cbc-md5 des-cbc-crc", &retval); if (code) return code; @@ -313,8 +317,21 @@ get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) j = 0; i = 1; while (1) { - if (! krb5_string_to_enctype(sp, &old_ktypes[j])) + if (! krb5_string_to_enctype(sp, &old_ktypes[j])) { + switch (old_ktypes[j]) { + default: + if (desonly) + /* Other types not supported yet. */ + break; + /* else fall through */ + + case ENCTYPE_NULL: + case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES_CBC_MD5: j++; + break; + } + } if (i++ >= count) break; @@ -339,7 +356,7 @@ krb5_get_default_in_tkt_ktypes(context, ktypes) { return(get_profile_etype_list(context, ktypes, "default_tkt_enctypes", context->in_tkt_ktype_count, - context->in_tkt_ktypes)); + context->in_tkt_ktypes, 1)); } krb5_error_code @@ -382,7 +399,7 @@ krb5_get_tgs_ktypes(context, princ, ktypes) { return(get_profile_etype_list(context, ktypes, "default_tgs_enctypes", context->tgs_ktype_count, - context->tgs_ktypes)); + context->tgs_ktypes, 1)); } krb5_error_code @@ -392,7 +409,7 @@ krb5_get_permitted_enctypes(context, ktypes) { return(get_profile_etype_list(context, ktypes, "permitted_enctypes", context->tgs_ktype_count, - context->tgs_ktypes)); + context->tgs_ktypes, 0)); } krb5_boolean diff --git a/src/lib/krb5/krb/int-proto.h b/src/lib/krb5/krb/int-proto.h index 7ad90e0e8..53144b15d 100644 --- a/src/lib/krb5/krb/int-proto.h +++ b/src/lib/krb5/krb/int-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/kdc_rep_dc.c b/src/lib/krb5/krb/kdc_rep_dc.c index a9cbcf39b..764c0a5c2 100644 --- a/src/lib/krb5/krb/kdc_rep_dc.c +++ b/src/lib/krb5/krb/kdc_rep_dc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/kfree.c b/src/lib/krb5/krb/kfree.c index 945bf5950..f3745dca9 100644 --- a/src/lib/krb5/krb/kfree.c +++ b/src/lib/krb5/krb/kfree.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_error.c b/src/lib/krb5/krb/mk_error.c index 77e502fde..13bc15c34 100644 --- a/src/lib/krb5/krb/mk_error.c +++ b/src/lib/krb5/krb/mk_error.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_priv.c b/src/lib/krb5/krb/mk_priv.c index 2e7f2ce25..768581750 100644 --- a/src/lib/krb5/krb/mk_priv.c +++ b/src/lib/krb5/krb/mk_priv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_rep.c b/src/lib/krb5/krb/mk_rep.c index f0398475f..6a0ffb743 100644 --- a/src/lib/krb5/krb/mk_rep.c +++ b/src/lib/krb5/krb/mk_rep.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_req.c b/src/lib/krb5/krb/mk_req.c index a454a5759..24c072823 100644 --- a/src/lib/krb5/krb/mk_req.c +++ b/src/lib/krb5/krb/mk_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c index 1530f7961..a8b20ebcb 100644 --- a/src/lib/krb5/krb/mk_req_ext.c +++ b/src/lib/krb5/krb/mk_req_ext.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c index 0d5a49080..781e256c9 100644 --- a/src/lib/krb5/krb/mk_safe.c +++ b/src/lib/krb5/krb/mk_safe.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/parse.c b/src/lib/krb5/krb/parse.c index 2e6bc6bb0..b628a0d0e 100644 --- a/src/lib/krb5/krb/parse.c +++ b/src/lib/krb5/krb/parse.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/pr_to_salt.c b/src/lib/krb5/krb/pr_to_salt.c index b8e9a1b92..9ccc3b4ce 100644 --- a/src/lib/krb5/krb/pr_to_salt.c +++ b/src/lib/krb5/krb/pr_to_salt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c index ab1432fdb..74de4dc6d 100644 --- a/src/lib/krb5/krb/preauth.c +++ b/src/lib/krb5/krb/preauth.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index 9ede43128..e25485a54 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/princ_comp.c b/src/lib/krb5/krb/princ_comp.c index 635d22cc3..cba26a6ac 100644 --- a/src/lib/krb5/krb/princ_comp.c +++ b/src/lib/krb5/krb/princ_comp.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_error.c b/src/lib/krb5/krb/rd_error.c index 7f8e4226e..954f024c9 100644 --- a/src/lib/krb5/krb/rd_error.c +++ b/src/lib/krb5/krb/rd_error.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c index f08975f22..9629b0c19 100644 --- a/src/lib/krb5/krb/rd_priv.c +++ b/src/lib/krb5/krb/rd_priv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_rep.c b/src/lib/krb5/krb/rd_rep.c index 411a61ddb..3b6f7cb8d 100644 --- a/src/lib/krb5/krb/rd_rep.c +++ b/src/lib/krb5/krb/rd_rep.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_req.c b/src/lib/krb5/krb/rd_req.c index 7fbe1727c..b25f78dc4 100644 --- a/src/lib/krb5/krb/rd_req.c +++ b/src/lib/krb5/krb/rd_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c index cdbdc81df..442e78b2d 100644 --- a/src/lib/krb5/krb/rd_req_dec.c +++ b/src/lib/krb5/krb/rd_req_dec.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. Neither M.I.T., the Open Computing Security Group, nor + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * Neither M.I.T., the Open Computing Security Group, nor * CyberSAFE Corporation make any representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c index 1c5aca21c..19c541f0f 100644 --- a/src/lib/krb5/krb/rd_safe.c +++ b/src/lib/krb5/krb/rd_safe.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/recvauth.c b/src/lib/krb5/krb/recvauth.c index 8ee99fbb1..3d5bce491 100644 --- a/src/lib/krb5/krb/recvauth.c +++ b/src/lib/krb5/krb/recvauth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index 19de14e1a..520c0e211 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c index 343611830..4e7c3a7c6 100644 --- a/src/lib/krb5/krb/sendauth.c +++ b/src/lib/krb5/krb/sendauth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_actx.c b/src/lib/krb5/krb/ser_actx.c index 42b9bfeb6..bac90e3fe 100644 --- a/src/lib/krb5/krb/ser_actx.c +++ b/src/lib/krb5/krb/ser_actx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_adata.c b/src/lib/krb5/krb/ser_adata.c index cfcced42b..8fc04d0e5 100644 --- a/src/lib/krb5/krb/ser_adata.c +++ b/src/lib/krb5/krb/ser_adata.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_addr.c b/src/lib/krb5/krb/ser_addr.c index a6a387747..fd06b36ac 100644 --- a/src/lib/krb5/krb/ser_addr.c +++ b/src/lib/krb5/krb/ser_addr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_auth.c b/src/lib/krb5/krb/ser_auth.c index 791bbcf34..4c97eb0f3 100644 --- a/src/lib/krb5/krb/ser_auth.c +++ b/src/lib/krb5/krb/ser_auth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_cksum.c b/src/lib/krb5/krb/ser_cksum.c index 3fc9d5196..74657b1ca 100644 --- a/src/lib/krb5/krb/ser_cksum.c +++ b/src/lib/krb5/krb/ser_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_ctx.c b/src/lib/krb5/krb/ser_ctx.c index 13392a738..1b4720fe1 100644 --- a/src/lib/krb5/krb/ser_ctx.c +++ b/src/lib/krb5/krb/ser_ctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_eblk.c b/src/lib/krb5/krb/ser_eblk.c index 04e21faab..bd4b4c594 100644 --- a/src/lib/krb5/krb/ser_eblk.c +++ b/src/lib/krb5/krb/ser_eblk.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_key.c b/src/lib/krb5/krb/ser_key.c index d999647b5..3b457477d 100644 --- a/src/lib/krb5/krb/ser_key.c +++ b/src/lib/krb5/krb/ser_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_princ.c b/src/lib/krb5/krb/ser_princ.c index 582875401..956f508db 100644 --- a/src/lib/krb5/krb/ser_princ.c +++ b/src/lib/krb5/krb/ser_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/serialize.c b/src/lib/krb5/krb/serialize.c index 58a88e4ed..0afd502a1 100644 --- a/src/lib/krb5/krb/serialize.c +++ b/src/lib/krb5/krb/serialize.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/set_realm.c b/src/lib/krb5/krb/set_realm.c index a422c00cc..3f0df6f84 100644 --- a/src/lib/krb5/krb/set_realm.c +++ b/src/lib/krb5/krb/set_realm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/krb/srv_rcache.c b/src/lib/krb5/krb/srv_rcache.c index 8dce0bf16..c94201bad 100644 --- a/src/lib/krb5/krb/srv_rcache.c +++ b/src/lib/krb5/krb/srv_rcache.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/str_conv.c b/src/lib/krb5/krb/str_conv.c index 7041f618c..156bf22d3 100644 --- a/src/lib/krb5/krb/str_conv.c +++ b/src/lib/krb5/krb/str_conv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -500,7 +503,7 @@ krb5_timestamp_to_sfstring(timestamp, buffer, buflen, pad) if (buflen >= sftime_default_len) { sprintf(buffer, sftime_default_fmt, tmp->tm_mday, tmp->tm_mon+1, 1900+tmp->tm_year, - tmp->tm_hour, tmp->tm_min, tmp->tm_sec); + tmp->tm_hour, tmp->tm_min); ndone = strlen(buffer); } } diff --git a/src/lib/krb5/krb/t_ser.c b/src/lib/krb5/krb/t_ser.c index 4ca3b5399..19cff73c5 100644 --- a/src/lib/krb5/krb/t_ser.c +++ b/src/lib/krb5/krb/t_ser.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -167,8 +170,10 @@ ser_data(verbose, msg, ctx, dtype) krb5_encrypt_block *eblock; eblock = (krb5_encrypt_block *) nctx; +#if 0 if (eblock->priv && eblock->priv_size) krb5_xfree(eblock->priv); +#endif if (eblock->key) krb5_free_keyblock(ser_ctx, eblock->key); krb5_xfree(eblock); @@ -525,8 +530,10 @@ ser_eblock_test(kcontext, verbose) krb5_use_enctype(kcontext, &eblock, DEFAULT_KDC_ENCTYPE); if (!(kret = ser_data(verbose, "> NULL eblock", (krb5_pointer) &eblock, KV5M_ENCRYPT_BLOCK))) { +#if 0 eblock.priv = (krb5_pointer) stuff; eblock.priv_size = 8; +#endif if (!(kret = ser_data(verbose, "> eblock with private data", (krb5_pointer) &eblock, KV5M_ENCRYPT_BLOCK))) { @@ -676,9 +683,11 @@ main(argc, argv) case 'C': do_ctest = 1; break; +#if 0 case 'E': do_etest = 1; break; +#endif case 'K': do_ktest = 1; break; @@ -737,12 +746,14 @@ main(argc, argv) if (kret) goto fail; } +#if 0 /* code to be tested is currently disabled */ if (do_etest) { ch_err = 'e'; kret = ser_eblock_test(kcontext, verbose); if (kret) goto fail; } +#endif if (do_ptest) { ch_err = 'p'; kret = ser_princ_test(kcontext, verbose); diff --git a/src/lib/krb5/krb/tgtname.c b/src/lib/krb5/krb/tgtname.c index 5db4d986d..2f7168656 100644 --- a/src/lib/krb5/krb/tgtname.c +++ b/src/lib/krb5/krb/tgtname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/unparse.c b/src/lib/krb5/krb/unparse.c index 1f0c79110..f7df6ab7d 100644 --- a/src/lib/krb5/krb/unparse.c +++ b/src/lib/krb5/krb/unparse.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/valid_times.c b/src/lib/krb5/krb/valid_times.c index ed377d16b..f5d2def5e 100644 --- a/src/lib/krb5/krb/valid_times.c +++ b/src/lib/krb5/krb/valid_times.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c index f45dede3a..833ec6114 100644 --- a/src/lib/krb5/krb/walk_rtree.c +++ b/src/lib/krb5/krb/walk_rtree.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index 1cd8f2cbe..f994ccaf7 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,68 @@ +1999-09-21 Ken Raeburn + + * changepw.c: Changes from Jeffrey Altman to look up kpasswd + server using DNS. Placed entirely under #ifdef KRB5_DNS_LOOKUP so + currently-MIT-supported functionality (i.e., no DNS) can't be + impacted; without KRB5_DNS_LOOKUP defined, old code is used + unchanged. + (krb5_locate_kpasswd): New function, split out from + krb5_change_password. Calls krb5_locate_srv_dns if use of DNS is + desired, and krb5_locate_srv_conf to check config file. + (krb5_change_password): Call it to find the server. + * locate_kdc.c (krb5_locate_srv_conf): No longer static. Choose + default port numbers based on service name rather than a single + hard-coded value. + (krb5_locate_srv_dns): No longer static. + +1999-09-17 Tom Yu + + * def_realm.c: Patch from jaltman@columbia.edu to allow compiling + under non-Windows platforms with DNS lookup enabled. + +1999-08-26 Danilo Almeida + + * kuserok.c (krb5_kuserok): Fix improper negation in + non-Unix localname check. Also fix calling convention + before this function is exported by the Windows DLL. + + * localaddr.c (krb5_os_localaddr): Fix memset to clear + right address list. (Thanks to jaltman@columbia.edu). + +1999-08-21 Danilo Almeida + + * localaddr.c (krb5_os_localaddr): Use multiple addresses, if + present, on Mac and Windows. + +1999-08-17 Ken Raeburn + + * get_krbhst.c (krb5_get_krbhst): Fix double-indirection + confusion. Do actually copy string contents to newly allocated + storage. + +1999-08-10 Alexandra Ellwood + + * changepw.c (krb5_change_password): + Reorganized code so that krb5_change_password actually frees + everything it allocated on error. Also fixed some memory + leaks which happened even without an error occurring. + +1999-08-09 Danilo Almeida + + * prompter.c (krb5_prompter_posix): Provide Win32 implementation + so that kinit and such work under Win32. + +1999-08-06 Danilo Almeida + + * def_realm.c (krb5_get_default_realm): + * hst_realm.c (krb5_get_host_realm): Make sure we have FQDN + in the case where we use gethostname. + + * def_realm.c (krb5_get_default_realm): Check that we have + a realm before trying to copy it (since profile_get_string + may return no error but not get anything). + + * init_os_ctx.c (krb5_get_profile): Fix calling convention. + 1999-08-05 Danilo Almeida * t_std_conf.c (test_get_krbhst): Use krb5_free_krbhst to diff --git a/src/lib/krb5/os/an_to_ln.c b/src/lib/krb5/os/an_to_ln.c index 39528d272..1225c35af 100644 --- a/src/lib/krb5/os/an_to_ln.c +++ b/src/lib/krb5/os/an_to_ln.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/c_ustime.c b/src/lib/krb5/os/c_ustime.c index 0ba0a6b2f..5f735871a 100644 --- a/src/lib/krb5/os/c_ustime.c +++ b/src/lib/krb5/os/c_ustime.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/ccdefname.c b/src/lib/krb5/os/ccdefname.c index 11713e724..b6eb4aea0 100644 --- a/src/lib/krb5/os/ccdefname.c +++ b/src/lib/krb5/os/ccdefname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/changepw.c b/src/lib/krb5/os/changepw.c index 779fc89a8..26daedd9f 100644 --- a/src/lib/krb5/os/changepw.c +++ b/src/lib/krb5/os/changepw.c @@ -1,7 +1,7 @@ /* * lib/krb5/os/changepw.c * - * Copyright 1990 by the Massachusetts Institute of Technology. + * Copyright 1990,1999 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -42,6 +45,333 @@ #endif #endif /* _WIN32 && !__CYGWIN32__ */ +#ifdef KRB5_DNS_LOOKUP /* pbh says we can wrap this last-minute + addition and ignore testing it since it's + not part of what mit officially supports in + this release */ + +/* + * Wrapper function for the two backends + */ + +krb5_error_code +krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmasters); +#ifdef KRB5_DNS_LOOKUP +krb5_error_code krb5_locate_srv_dns(realm, service, protocol, addr_pp, naddrs); +#endif + +static krb5_error_code +krb5_locate_kpasswd(context, realm, addr_pp, naddrs, master_index, nmasters) + krb5_context context; + const krb5_data *realm; + struct sockaddr **addr_pp; + int *naddrs; + int *master_index; + int *nmasters; +{ + krb5_error_code code; +#ifdef KRB5_DNS_LOOKUP + struct sockaddr *admin_addr_p, *kdc_addr_p; + int nadmin_addrs, nkdc_addrs; + int i,j; +#endif /* KRB5_DNS_LOOKUP */ + + /* + * We always try the local file first + */ + + code = krb5_locate_srv_conf(context, realm, "kpasswd_server", addr_pp, naddrs, + master_index, nmasters); + if (code) { + code = krb5_locate_srv_conf(context, realm, "admin_server", addr_pp, naddrs, + master_index, nmasters); + if ( !code ) { + /* success with admin_server but now we need to change the port */ + /* number to use DEFAULT_KPASSWD_PORT. */ + for ( i=0;i<*naddrs;i++ ) { + struct sockaddr_in *sin = (struct sockaddr_in *) &addr_pp[i]; + sin->sin_port = htons(DEFAULT_KPASSWD_PORT); + } + } + } + +#ifdef KRB5_DNS_LOOKUP + if (code) { + int use_dns = _krb5_use_dns(context); + if ( use_dns ) { + code = krb5_locate_srv_dns(realm, "_kpasswd", "_udp", + addr_pp, naddrs); + if ( code ) { + code = krb5_locate_srv_dns(realm, + "_kerberos-adm", + "_tcp", + addr_pp, naddrs); + if ( !code ) { + /* success with admin_server but now we need to change the port */ + /* number to use DEFAULT_KPASSWD_PORT. */ + for ( i=0;i<*naddrs;i++ ) { + struct sockaddr_in *sin = (struct sockaddr_in *) &(*addr_pp)[i]; + sin->sin_port = htons(DEFAULT_KPASSWD_PORT); + } + } + } + if ( !code && master_index && nmasters ) { + *master_index = 1; + *nmasters = *naddrs; + } + } + } +#endif /* KRB5_DNS_LOOKUP */ + return (code); +} + + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_change_password(context, creds, newpw, result_code, + result_code_string, result_string) + krb5_context context; + krb5_creds *creds; + char *newpw; + int *result_code; + krb5_data *result_code_string; + krb5_data *result_string; +{ + krb5_auth_context auth_context; + krb5_data ap_req, chpw_req, chpw_rep; + krb5_address local_kaddr, remote_kaddr; + char *code_string; + krb5_error_code code = 0; + int i, addrlen; + struct sockaddr *addr_p, local_addr, remote_addr, tmp_addr; + int naddr_p; + int cc, local_result_code, tmp_len; + SOCKET s1 = INVALID_SOCKET, s2 = INVALID_SOCKET; + + + /* Initialize values so that cleanup call can safely check for NULL */ + auth_context = NULL; + addr_p = NULL; + memset(&chpw_req, 0, sizeof(krb5_data)); + memset(&chpw_rep, 0, sizeof(krb5_data)); + memset(&ap_req, 0, sizeof(krb5_data)); + + /* initialize auth_context so that we know we have to free it */ + if ((code = krb5_auth_con_init(context, &auth_context))) + goto cleanup; + + if (code = krb5_mk_req_extended(context, &auth_context, AP_OPTS_USE_SUBKEY, + NULL, creds, &ap_req)) + goto cleanup; + + if (code = krb5_locate_kpasswd(context, + krb5_princ_realm(context, creds->client), + &addr_p, &naddr_p,NULL,NULL)) + goto cleanup; + + /* this is really obscure. s1 is used for all communications. it + is left unconnected in case the server is multihomed and routes + are asymmetric. s2 is connected to resolve routes and get + addresses. this is the *only* way to get proper addresses for + multihomed hosts if routing is asymmetric. + + A related problem in the server, but not the client, is that + many os's have no way to disconnect a connected udp socket, so + the s2 socket needs to be closed and recreated for each + request. The s1 socket must not be closed, or else queued + requests will be lost. + + A "naive" client implementation (one socket, no connect, + hostname resolution to get the local ip addr) will work and + interoperate if the client is single-homed. */ + + if ((s1 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((s2 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + for (i=0; isin_addr.s_addr != 0) + { + local_kaddr.addrtype = ADDRTYPE_INET; + local_kaddr.length = sizeof(((struct sockaddr_in *) &local_addr)->sin_addr); + local_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &local_addr)->sin_addr); + } + else + { + krb5_address **addrs; + + krb5_os_localaddr(context, &addrs); + + local_kaddr.magic = addrs[0]->magic; + local_kaddr.addrtype = addrs[0]->addrtype; + local_kaddr.length = addrs[0]->length; + local_kaddr.contents = malloc(addrs[0]->length); + memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); + + krb5_free_addresses(context, addrs); + } + + addrlen = sizeof(remote_addr); + if (getpeername(s2, &remote_addr, &addrlen) < 0) + { + if ((SOCKET_ERRNO == ECONNREFUSED) || (SOCKET_ERRNO == EHOSTUNREACH)) + continue; /* try the next addr */ + + code = SOCKET_ERRNO; + goto cleanup; + } + + remote_kaddr.addrtype = ADDRTYPE_INET; + remote_kaddr.length = sizeof(((struct sockaddr_in *) &remote_addr)->sin_addr); + remote_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &remote_addr)->sin_addr); + + /* mk_priv requires that the local address be set. + getsockname is used for this. rd_priv requires that the + remote address be set. recvfrom is used for this. If + rd_priv is given a local address, and the message has the + recipient addr in it, this will be checked. However, there + is simply no way to know ahead of time what address the + message will be delivered *to*. Therefore, it is important + that either no recipient address is in the messages when + mk_priv is called, or that no local address is passed to + rd_priv. Both is a better idea, and I have done that. In + summary, when mk_priv is called, *only* a local address is + specified. when rd_priv is called, *only* a remote address + is specified. Are we having fun yet? */ + + if (code = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr, NULL)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if (code = krb5_mk_chpw_req(context, auth_context, &ap_req, newpw, &chpw_req)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((cc = sendto(s1, chpw_req.data, chpw_req.length, 0, + (struct sockaddr *) &addr_p[i], + sizeof(addr_p[i]))) != chpw_req.length) + { + if ((cc < 0) && ((SOCKET_ERRNO == ECONNREFUSED) || + (SOCKET_ERRNO == EHOSTUNREACH))) + continue; /* try the next addr */ + + code = (cc < 0) ? SOCKET_ERRNO : ECONNABORTED; + goto cleanup; + } + + chpw_rep.length = 1500; + chpw_rep.data = (char *) malloc(chpw_rep.length); + + /* XXX need a timeout/retry loop here */ + + /* "recv" would be good enough here... except that Windows/NT + commits the atrocity of returning -1 to indicate failure, + but leaving errno set to 0. + + "recvfrom(...,NULL,NULL)" would seem to be a good enough + alternative, and it works on NT, but it doesn't work on + SunOS 4.1.4 or Irix 5.3. Thus we must actually accept the + value and discard it. */ + tmp_len = sizeof(tmp_addr); + if ((cc = recvfrom(s1, chpw_rep.data, chpw_rep.length, 0, &tmp_addr, &tmp_len)) < 0) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + closesocket(s1); + s1 = INVALID_SOCKET; + closesocket(s2); + s2 = INVALID_SOCKET; + + chpw_rep.length = cc; + + if (code = krb5_auth_con_setaddrs(context, auth_context, NULL, &remote_kaddr)) + goto cleanup; + + if(code = krb5_rd_chpw_rep(context, auth_context, &chpw_rep, + &local_result_code, result_string)) + goto cleanup; + + if (result_code) + *result_code = local_result_code; + + if (result_code_string) + { + if (code = krb5_chpw_result_code_string(context, local_result_code, + &code_string)) + goto cleanup; + + result_code_string->length = strlen(code_string); + if ((result_code_string->data = + (char *) malloc(result_code_string->length)) == NULL) + return(ENOMEM); + strncpy(result_code_string->data, code_string, result_code_string->length); + } + + code = 0; + goto cleanup; + } + + code = SOCKET_ERRNO; + +cleanup: + if(auth_context != NULL) + krb5_auth_con_free(context, auth_context); + + if(addr_p != NULL) + krb5_xfree(addr_p); + + if(s1 != INVALID_SOCKET) + closesocket(s1); + + if(s2 != INVALID_SOCKET) + closesocket(s2); + + krb5_free_data_contents(context, &chpw_req); + krb5_free_data_contents(context, &chpw_rep); + krb5_free_data_contents(context, &ap_req); + + return(code); +} + +#else /* big KRB5_DNS_LOOKUP wrapper */ + KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_change_password(context, creds, newpw, result_code, result_code_string, result_string) @@ -57,8 +387,8 @@ krb5_change_password(context, creds, newpw, result_code, krb5_address local_kaddr, remote_kaddr; const char *realm_kdc_names[4]; int default_port; - char **hostlist, *host, *port, *cp, *code_string; - krb5_error_code code; + char **hostlist, *host, *tmphost, *port, *cp, *code_string; + krb5_error_code code = 0; int i, j, out, count, addrlen; struct sockaddr *addr_p, local_addr, remote_addr, tmp_addr; struct sockaddr_in *sin_p; @@ -68,17 +398,30 @@ krb5_change_password(context, creds, newpw, result_code, u_short udpport = htons(KRB5_DEFAULT_PORT); #endif int cc, local_result_code, tmp_len; - SOCKET s1, s2; + SOCKET s1 = INVALID_SOCKET, s2 = INVALID_SOCKET; + /* Initialize values so that cleanup call can safely check for NULL */ auth_context = NULL; - + addr_p = NULL; + host = NULL; + hostlist = NULL; + memset(&chpw_req, 0, sizeof(krb5_data)); + memset(&chpw_rep, 0, sizeof(krb5_data)); + memset(&ap_req, 0, sizeof(krb5_data)); + + /* initialize auth_context so that we know we have to free it */ + if ((code = krb5_auth_con_init(context, &auth_context))) + goto cleanup; + if (code = krb5_mk_req_extended(context, &auth_context, AP_OPTS_USE_SUBKEY, NULL, creds, &ap_req)) - return(code); + goto cleanup; - if ((host = malloc(krb5_princ_realm(context, creds->client)->length + 1)) - == NULL) - return ENOMEM; + if ((host = malloc(krb5_princ_realm(context, creds->client)->length + 1)) == NULL) + { + code = ENOMEM; + goto cleanup; + } strncpy(host, krb5_princ_realm(context, creds->client)->data, krb5_princ_realm(context, creds->client)->length); @@ -94,23 +437,27 @@ krb5_change_password(context, creds, newpw, result_code, code = profile_get_values(context->profile, realm_kdc_names, &hostlist); - if (code == PROF_NO_RELATION) { - realm_kdc_names[2] = "admin_server"; - - default_port = 1; - - code = profile_get_values(context->profile, realm_kdc_names, - &hostlist); - } - - krb5_xfree(host); + if (code == PROF_NO_RELATION) + { + realm_kdc_names[2] = "admin_server"; + default_port = 1; + code = profile_get_values(context->profile, realm_kdc_names, &hostlist); + } if (code == PROF_NO_SECTION) - return KRB5_REALM_UNKNOWN; - else if (code == PROF_NO_RELATION) - return KRB5_CONFIG_BADFORMAT; - else if (code) - return code; + { + code = KRB5_REALM_UNKNOWN; + goto cleanup; + } + else + if (code == PROF_NO_RELATION) + { + code = KRB5_CONFIG_BADFORMAT; + goto cleanup; + } + else + if (code) + goto cleanup; #ifdef HAVE_NETINET_IN_H /* XXX should look for "kpasswd" in /etc/services */ @@ -122,28 +469,34 @@ krb5_change_password(context, creds, newpw, result_code, count++; if (count == 0) - /* XXX */ - return(KADM_NO_HOST); + { + /* XXX */ + code = KADM_NO_HOST; + goto cleanup; + } addr_p = (struct sockaddr *) malloc(sizeof(struct sockaddr) * count); if (addr_p == NULL) - return ENOMEM; + { + code = ENOMEM; + goto cleanup; + } - host = hostlist[0]; + tmphost = hostlist[0]; out = 0; /* * Strip off excess whitespace */ - cp = strchr(host, ' '); + cp = strchr(tmphost, ' '); if (cp) - *cp = 0; - cp = strchr(host, '\t'); + *cp = 0; + cp = strchr(tmphost, '\t'); if (cp) - *cp = 0; - port = strchr(host, ':'); + *cp = 0; + port = strchr(tmphost, ':'); if (port) { - *port = 0; + *port = 0; port++; /* if the admin_server line was used, ignore the specified port */ @@ -152,40 +505,46 @@ krb5_change_password(context, creds, newpw, result_code, } hp = gethostbyname(hostlist[0]); - if (hp != 0) { - switch (hp->h_addrtype) { + if (hp != 0) + { + switch (hp->h_addrtype) + { #ifdef HAVE_NETINET_IN_H - case AF_INET: - for (j=0; hp->h_addr_list[j]; j++) { - sin_p = (struct sockaddr_in *) &addr_p[out++]; - memset ((char *)sin_p, 0, sizeof(struct sockaddr)); - sin_p->sin_family = hp->h_addrtype; - sin_p->sin_port = port ? htons(atoi(port)) : udpport; - memcpy((char *)&sin_p->sin_addr, - (char *)hp->h_addr_list[j], - sizeof(struct in_addr)); - if (out+1 >= count) { - count += 5; - addr_p = (struct sockaddr *) - realloc ((char *)addr_p, - sizeof(struct sockaddr) * count); - if (addr_p == NULL) - return ENOMEM; - } - } - break; + case AF_INET: + for (j=0; hp->h_addr_list[j]; j++) + { + sin_p = (struct sockaddr_in *) &addr_p[out++]; + memset ((char *)sin_p, 0, sizeof(struct sockaddr)); + sin_p->sin_family = hp->h_addrtype; + sin_p->sin_port = port ? htons(atoi(port)) : udpport; + memcpy((char *)&sin_p->sin_addr, + (char *)hp->h_addr_list[j], + sizeof(struct in_addr)); + if (out+1 >= count) + { + count += 5; + addr_p = (struct sockaddr *) + realloc ((char *)addr_p, sizeof(struct sockaddr) * count); + if (addr_p == NULL) + { + code = ENOMEM; + goto cleanup; + } + } + } + break; #endif - default: - break; - } - } - - profile_free_list(hostlist); - - if (out == 0) { /* Couldn't resolve any KDC names */ - free (addr_p); - return(KADM_NO_HOST); - } + default: + break; + } + } + + if (out == 0) + { + /* Couldn't resolve any KDC names */ + code = KADM_NO_HOST; + goto cleanup; + } /* this is really obscure. s1 is used for all communications. it is left unconnected in case the server is multihomed and routes @@ -203,187 +562,196 @@ krb5_change_password(context, creds, newpw, result_code, hostname resolution to get the local ip addr) will work and interoperate if the client is single-homed. */ - if ((s1 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) { - free(addr_p); - return(SOCKET_ERRNO); - } - - if ((s2 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) { - free(addr_p); - return(SOCKET_ERRNO); - } - - for (i=0; isin_addr.s_addr != 0) { - local_kaddr.addrtype = ADDRTYPE_INET; - local_kaddr.length = - sizeof(((struct sockaddr_in *) &local_addr)->sin_addr); - local_kaddr.contents = - (krb5_octet *) &(((struct sockaddr_in *) &local_addr)->sin_addr); - } else { - krb5_address **addrs; - - krb5_os_localaddr(context, &addrs); - local_kaddr.magic = addrs[0]->magic; - local_kaddr.addrtype = addrs[0]->addrtype; - local_kaddr.length = addrs[0]->length; - local_kaddr.contents = malloc(addrs[0]->length); - memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); - - krb5_free_addresses(context, addrs); - } - - addrlen = sizeof(remote_addr); - if (getpeername(s2, &remote_addr, &addrlen) < 0) { - if ((SOCKET_ERRNO == ECONNREFUSED) || - (SOCKET_ERRNO == EHOSTUNREACH)) - continue; /* try the next addr */ - free(addr_p); - closesocket(s1); - closesocket(s2); - return(SOCKET_ERRNO); - } - - remote_kaddr.addrtype = ADDRTYPE_INET; - remote_kaddr.length = - sizeof(((struct sockaddr_in *) &remote_addr)->sin_addr); - remote_kaddr.contents = - (krb5_octet *) &(((struct sockaddr_in *) &remote_addr)->sin_addr); - - /* mk_priv requires that the local address be set. - getsockname is used for this. rd_priv requires that the - remote address be set. recvfrom is used for this. If - rd_priv is given a local address, and the message has the - recipient addr in it, this will be checked. However, there - is simply no way to know ahead of time what address the - message will be delivered *to*. Therefore, it is important - that either no recipient address is in the messages when - mk_priv is called, or that no local address is passed to - rd_priv. Both is a better idea, and I have done that. In - summary, when mk_priv is called, *only* a local address is - specified. when rd_priv is called, *only* a remote address - is specified. Are we having fun yet? */ - - if (code = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr, - NULL)) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(code); - } - - if (code = krb5_mk_chpw_req(context, auth_context, &ap_req, - newpw, &chpw_req)) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(code); - } - - if ((cc = sendto(s1, chpw_req.data, chpw_req.length, 0, - (struct sockaddr *) &addr_p[i], - sizeof(addr_p[i]))) != - chpw_req.length) { - if ((cc < 0) && ((SOCKET_ERRNO == ECONNREFUSED) || - (SOCKET_ERRNO == EHOSTUNREACH))) - continue; /* try the next addr */ - free(addr_p); - closesocket(s1); - closesocket(s2); - return((cc < 0)?SOCKET_ERRNO:ECONNABORTED); - } - - krb5_xfree(chpw_req.data); - - chpw_rep.length = 1500; - chpw_rep.data = (char *) malloc(chpw_rep.length); - - /* XXX need a timeout/retry loop here */ - - /* "recv" would be good enough here... except that Windows/NT - commits the atrocity of returning -1 to indicate failure, - but leaving errno set to 0. - - "recvfrom(...,NULL,NULL)" would seem to be a good enough - alternative, and it works on NT, but it doesn't work on - SunOS 4.1.4 or Irix 5.3. Thus we must actually accept the - value and discard it. */ - tmp_len = sizeof(tmp_addr); - if ((cc = recvfrom(s1, chpw_rep.data, chpw_rep.length, 0, &tmp_addr, &tmp_len)) < 0) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(SOCKET_ERRNO); - } - - closesocket(s1); - closesocket(s2); - - chpw_rep.length = cc; - - if (code = krb5_auth_con_setaddrs(context, auth_context, NULL, - &remote_kaddr)) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(code); - } - - code = krb5_rd_chpw_rep(context, auth_context, &chpw_rep, - &local_result_code, result_string); - - free(chpw_rep.data); - free(addr_p); - - if (code) - return(code); - - if (result_code) - *result_code = local_result_code; - - if (result_code_string) { - if (code = krb5_chpw_result_code_string(context, local_result_code, - &code_string)) - return(code); - - result_code_string->length = strlen(code_string); - if ((result_code_string->data = - (char *) malloc(result_code_string->length)) == NULL) - return(ENOMEM); - strncpy(result_code_string->data, code_string, - result_code_string->length); - } - - return(0); - } - - free(addr_p); - closesocket(s1); - closesocket(s2); - return(SOCKET_ERRNO); + if ((s1 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((s2 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + for (i=0; isin_addr.s_addr != 0) + { + local_kaddr.addrtype = ADDRTYPE_INET; + local_kaddr.length = sizeof(((struct sockaddr_in *) &local_addr)->sin_addr); + local_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &local_addr)->sin_addr); + } + else + { + krb5_address **addrs; + + krb5_os_localaddr(context, &addrs); + + local_kaddr.magic = addrs[0]->magic; + local_kaddr.addrtype = addrs[0]->addrtype; + local_kaddr.length = addrs[0]->length; + local_kaddr.contents = malloc(addrs[0]->length); + memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); + + krb5_free_addresses(context, addrs); + } + + addrlen = sizeof(remote_addr); + if (getpeername(s2, &remote_addr, &addrlen) < 0) + { + if ((SOCKET_ERRNO == ECONNREFUSED) || (SOCKET_ERRNO == EHOSTUNREACH)) + continue; /* try the next addr */ + + code = SOCKET_ERRNO; + goto cleanup; + } + + remote_kaddr.addrtype = ADDRTYPE_INET; + remote_kaddr.length = sizeof(((struct sockaddr_in *) &remote_addr)->sin_addr); + remote_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &remote_addr)->sin_addr); + + /* mk_priv requires that the local address be set. + getsockname is used for this. rd_priv requires that the + remote address be set. recvfrom is used for this. If + rd_priv is given a local address, and the message has the + recipient addr in it, this will be checked. However, there + is simply no way to know ahead of time what address the + message will be delivered *to*. Therefore, it is important + that either no recipient address is in the messages when + mk_priv is called, or that no local address is passed to + rd_priv. Both is a better idea, and I have done that. In + summary, when mk_priv is called, *only* a local address is + specified. when rd_priv is called, *only* a remote address + is specified. Are we having fun yet? */ + + if (code = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr, NULL)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if (code = krb5_mk_chpw_req(context, auth_context, &ap_req, newpw, &chpw_req)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((cc = sendto(s1, chpw_req.data, chpw_req.length, 0, + (struct sockaddr *) &addr_p[i], + sizeof(addr_p[i]))) != chpw_req.length) + { + if ((cc < 0) && ((SOCKET_ERRNO == ECONNREFUSED) || + (SOCKET_ERRNO == EHOSTUNREACH))) + continue; /* try the next addr */ + + code = (cc < 0) ? SOCKET_ERRNO : ECONNABORTED; + goto cleanup; + } + + chpw_rep.length = 1500; + chpw_rep.data = (char *) malloc(chpw_rep.length); + + /* XXX need a timeout/retry loop here */ + + /* "recv" would be good enough here... except that Windows/NT + commits the atrocity of returning -1 to indicate failure, + but leaving errno set to 0. + + "recvfrom(...,NULL,NULL)" would seem to be a good enough + alternative, and it works on NT, but it doesn't work on + SunOS 4.1.4 or Irix 5.3. Thus we must actually accept the + value and discard it. */ + tmp_len = sizeof(tmp_addr); + if ((cc = recvfrom(s1, chpw_rep.data, chpw_rep.length, 0, &tmp_addr, &tmp_len)) < 0) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + closesocket(s1); + s1 = INVALID_SOCKET; + closesocket(s2); + s2 = INVALID_SOCKET; + + chpw_rep.length = cc; + + if (code = krb5_auth_con_setaddrs(context, auth_context, NULL, &remote_kaddr)) + goto cleanup; + + if(code = krb5_rd_chpw_rep(context, auth_context, &chpw_rep, + &local_result_code, result_string)) + goto cleanup; + + if (result_code) + *result_code = local_result_code; + + if (result_code_string) + { + if (code = krb5_chpw_result_code_string(context, local_result_code, + &code_string)) + goto cleanup; + + result_code_string->length = strlen(code_string); + if ((result_code_string->data = + (char *) malloc(result_code_string->length)) == NULL) + return(ENOMEM); + strncpy(result_code_string->data, code_string, result_code_string->length); + } + + code = 0; + goto cleanup; + } + + code = SOCKET_ERRNO; + +cleanup: + if(auth_context != NULL) + krb5_auth_con_free(context, auth_context); + + if(host != NULL) + krb5_xfree(host); + + if(addr_p != NULL) + krb5_xfree(addr_p); + + if(hostlist != NULL) + profile_free_list(hostlist); + + if(s1 != INVALID_SOCKET) + closesocket(s1); + + if(s2 != INVALID_SOCKET) + closesocket(s2); + + krb5_free_data_contents(context, &chpw_req); + krb5_free_data_contents(context, &chpw_rep); + krb5_free_data_contents(context, &ap_req); + + return(code); } + +#endif /* big KRB5_DNS_LOOKUP wrapper */ diff --git a/src/lib/krb5/os/def_realm.c b/src/lib/krb5/os/def_realm.c index 44a4e9381..09a513e97 100644 --- a/src/lib/krb5/os/def_realm.c +++ b/src/lib/krb5/os/def_realm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -28,6 +31,15 @@ #include #ifdef KRB5_DNS_LOOKUP +#ifdef WSHELPER +#include +#else /* WSHELPER */ +#include +#include +#include +#include +#endif /* WSHELPER */ + /* for old Unixes and friends ... */ #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 64 @@ -76,7 +88,7 @@ krb5_get_default_realm(context, lrealm) "default_realm", 0, 0, &realm); - if (!retval) { + if (!retval && realm) { context->default_realm = malloc(strlen(realm) + 1); if (!context->default_realm) { profile_release_string(realm); @@ -101,10 +113,26 @@ krb5_get_default_realm(context, lrealm) */ char localhost[MAX_DNS_NAMELEN+1]; char * p; - localhost[0] = localhost[sizeof(localhost)-1] = 0; - gethostname(localhost,MAX_DNS_NAMELEN); - + struct hostent * h; + + localhost[0] = 0; + gethostname(localhost, sizeof(localhost)); + localhost[sizeof(localhost) - 1] = 0; + if ( localhost[0] ) { + /* + * Try to make sure that we have a fully qualified + * name if possible. We want to be able to handle + * the case where gethostname returns a partial + * name (i.e., it has a dot, but it is not a + * FQDN). + */ + h = gethostbyname(localhost); + if (h) { + strncpy(localhost, h->h_name, sizeof(localhost)); + localhost[sizeof(localhost) - 1] = '\0'; + } + p = localhost; do { retval = krb5_try_realm_txt_rr("_kerberos", p, diff --git a/src/lib/krb5/os/free_hstrl.c b/src/lib/krb5/os/free_hstrl.c index 63bd3b338..afc427af2 100644 --- a/src/lib/krb5/os/free_hstrl.c +++ b/src/lib/krb5/os/free_hstrl.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/free_krbhs.c b/src/lib/krb5/os/free_krbhs.c index 066acfcbf..ceb37650d 100644 --- a/src/lib/krb5/os/free_krbhs.c +++ b/src/lib/krb5/os/free_krbhs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/full_ipadr.c b/src/lib/krb5/os/full_ipadr.c index 0a4e401c5..c22ac1bd6 100644 --- a/src/lib/krb5/os/full_ipadr.c +++ b/src/lib/krb5/os/full_ipadr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/gen_port.c b/src/lib/krb5/os/gen_port.c index 1d84a0898..5da5e4a11 100644 --- a/src/lib/krb5/os/gen_port.c +++ b/src/lib/krb5/os/gen_port.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/gen_rname.c b/src/lib/krb5/os/gen_rname.c index 8605d1728..84b35503f 100644 --- a/src/lib/krb5/os/gen_rname.c +++ b/src/lib/krb5/os/gen_rname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/genaddrs.c b/src/lib/krb5/os/genaddrs.c index 5a9849066..1ff6ec01b 100644 --- a/src/lib/krb5/os/genaddrs.c +++ b/src/lib/krb5/os/genaddrs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/get_krbhst.c b/src/lib/krb5/os/get_krbhst.c index c929bbaba..1b42943a3 100644 --- a/src/lib/krb5/os/get_krbhst.c +++ b/src/lib/krb5/os/get_krbhst.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -64,8 +67,9 @@ krb5_get_krbhst(context, realm, hostlist) const char *realm_kdc_names[4]; krb5_error_code retval; int i, count; + char **rethosts; - *hostlist = 0; + rethosts = 0; realm_kdc_names[0] = "realms"; realm_kdc_names[1] = realm->data; @@ -99,25 +103,29 @@ krb5_get_krbhst(context, realm, hostlist) *cp = 0; } count = cpp - values; - *hostlist = malloc(sizeof(char *) * (count + 1)); - if (!*hostlist) { + rethosts = malloc(sizeof(char *) * (count + 1)); + if (!rethosts) { retval = ENOMEM; goto cleanup; } for (i = 0; i < count; i++) { - *hostlist[i] = malloc(strlen(values[i]) + 1); - if (!*hostlist[i]) { + int len = strlen (values[i]) + 1; + rethosts[i] = malloc(len); + if (!rethosts[i]) { retval = ENOMEM; goto cleanup; } + memcpy (rethosts[i], values[i], len); } - *hostlist[count] = 0; + rethosts[count] = 0; cleanup: - if (retval && *hostlist) { - for (cpp = *hostlist; *cpp; cpp++) + if (retval && rethosts) { + for (cpp = rethosts; *cpp; cpp++) free(*cpp); - free(*hostlist); + free(rethosts); + rethosts = 0; } profile_free_list(values); + *hostlist = rethosts; return retval; } diff --git a/src/lib/krb5/os/hostaddr.c b/src/lib/krb5/os/hostaddr.c index 27aed5fa1..5380caf16 100644 --- a/src/lib/krb5/os/hostaddr.c +++ b/src/lib/krb5/os/hostaddr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c index bda5e3706..3c0005caf 100644 --- a/src/lib/krb5/os/hst_realm.c +++ b/src/lib/krb5/os/hst_realm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -234,14 +237,26 @@ krb5_get_host_realm(context, host, realmsp) krb5_error_code retval; int l; char local_host[MAX_DNS_NAMELEN+1]; + struct hostent *h; + if (host) - strncpy(local_host, host, MAX_DNS_NAMELEN); + strncpy(local_host, host, sizeof(local_host)); else { - if (gethostname(local_host, sizeof(local_host)-1) == -1) + if (gethostname(local_host, sizeof(local_host)) == -1) return SOCKET_ERRNO; + /* + * Try to make sure that we have a fully qualified name if + * possible. We need to handle the case where the host has a + * dot but is not FQDN, so we call gethostbyname. + */ + h = gethostbyname(local_host); + if (h) { + strncpy(local_host, h->h_name, sizeof(local_host)); + } } - local_host[MAX_DNS_NAMELEN] = '\0'; + local_host[sizeof(local_host) - 1] = '\0'; + for (cp = local_host; *cp; cp++) { if (isupper(*cp)) *cp = tolower(*cp); diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c index a9c69b30b..486ece893 100644 --- a/src/lib/krb5/os/init_os_ctx.c +++ b/src/lib/krb5/os/init_os_ctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -393,7 +396,7 @@ krb5_os_init_context(ctx) return retval; } -krb5_error_code +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_get_profile (ctx, profile) krb5_context ctx; profile_t* profile; diff --git a/src/lib/krb5/os/krbfileio.c b/src/lib/krb5/os/krbfileio.c index 3875b8b19..14e086d20 100644 --- a/src/lib/krb5/os/krbfileio.c +++ b/src/lib/krb5/os/krbfileio.c @@ -20,7 +20,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/ktdefname.c b/src/lib/krb5/os/ktdefname.c index d8f394697..8c073fab0 100644 --- a/src/lib/krb5/os/ktdefname.c +++ b/src/lib/krb5/os/ktdefname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/kuserok.c b/src/lib/krb5/os/kuserok.c index 6d3032e8e..ef0803744 100644 --- a/src/lib/krb5/os/kuserok.c +++ b/src/lib/krb5/os/kuserok.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -56,7 +59,7 @@ * */ -krb5_boolean +krb5_boolean KRB5_CALLCONV krb5_kuserok(context, principal, luser) krb5_context context; krb5_principal principal; @@ -143,7 +146,7 @@ krb5_kuserok(context, principal, luser) * If the given Kerberos name "server" translates to the same name as "luser" * (using * krb5_aname_to_lname()), returns TRUE. */ -krb5_boolean +krb5_boolean KRB5_CALLCONV krb5_kuserok(context, principal, luser) krb5_context context; krb5_principal principal; @@ -151,7 +154,7 @@ krb5_kuserok(context, principal, luser) { char kuser[50]; - if (! krb5_aname_to_localname(context, principal, sizeof(kuser), kuser)) + if (krb5_aname_to_localname(context, principal, sizeof(kuser), kuser)) return FALSE; if (strcmp(kuser, luser) == 0) diff --git a/src/lib/krb5/os/localaddr.c b/src/lib/krb5/os/localaddr.c index f55c35c78..5c5a27334 100644 --- a/src/lib/krb5/os/localaddr.c +++ b/src/lib/krb5/os/localaddr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -294,12 +297,11 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_os_localaddr (krb5_context context, krb5_address ***addr) { char host[64]; /* Name of local machine */ struct hostent *hostrec; - int err; - - *addr = calloc (2, sizeof (krb5_address *)); - if (*addr == NULL) - return ENOMEM; + int err, count, i; + krb5_address ** paddr; + *addr = 0; + paddr = 0; err = 0; if (gethostname (host, sizeof(host))) { @@ -319,27 +321,55 @@ krb5_os_localaddr (krb5_context context, krb5_address ***addr) { return err; } - (*addr)[0] = calloc (1, sizeof(krb5_address)); - if ((*addr)[0] == NULL) { - free (*addr); - return ENOMEM; + for (count = 0; hostrec->h_addr_list[count]; count++); + + + paddr = (krb5_address **)malloc(sizeof(krb5_address *) * (count+1)); + if (!paddr) { + err = ENOMEM; + goto cleanup; + } + + memset(paddr, 0, sizeof(krb5_address *) * (count+1)); + + for (i = 0; i < count; i++) + { + paddr[i] = (krb5_address *)malloc(sizeof(krb5_address)); + if (paddr[i] == NULL) { + err = ENOMEM; + goto cleanup; + } + + paddr[i]->magic = KV5M_ADDRESS; + paddr[i]->addrtype = hostrec->h_addrtype; + paddr[i]->length = hostrec->h_length; + paddr[i]->contents = (unsigned char *)malloc(paddr[i]->length); + if (!paddr[i]->contents) { + err = ENOMEM; + goto cleanup; + } + memcpy(paddr[i]->contents, + hostrec->h_addr_list[i], + paddr[i]->length); } - (*addr)[0]->magic = KV5M_ADDRESS; - (*addr)[0]->addrtype = hostrec->h_addrtype; - (*addr)[0]->length = hostrec->h_length; - (*addr)[0]->contents = (unsigned char *)malloc((*addr)[0]->length); - if (!(*addr)[0]->contents) { - free((*addr)[0]); - free(*addr); - return ENOMEM; - } else { - memcpy ((*addr)[0]->contents, - hostrec->h_addr, - (*addr)[0]->length); + + cleanup: + if (err) { + if (paddr) { + for (i = 0; i < count; i++) + { + if (paddr[i]) { + if (paddr[i]->contents) + free(paddr[i]->contents); + free(paddr[i]); + } + } + free(paddr); + } } - /* FIXME, deal with the case where gethostent returns multiple addrs */ + else + *addr = paddr; - return(0); + return(err); } #endif - diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c index 2c99a2c6f..c5d68a5e0 100644 --- a/src/lib/krb5/os/locate_kdc.c +++ b/src/lib/krb5/os/locate_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -78,7 +81,7 @@ _krb5_use_dns(context) * the master kdc */ -static krb5_error_code +krb5_error_code krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmasters) krb5_context context; const krb5_data *realm; @@ -97,8 +100,8 @@ krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmaste struct hostent *hp; struct servent *sp; #ifdef HAVE_NETINET_IN_H - u_short udpport = htons(KRB5_DEFAULT_PORT); - u_short sec_udpport = htons(KRB5_DEFAULT_SEC_PORT); + u_short udpport; + u_short sec_udpport; #endif if ((host = malloc(realm->length + 1)) == NULL) @@ -125,10 +128,22 @@ krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmaste } #ifdef HAVE_NETINET_IN_H + if ( !strcmp(name,"kpasswd_server") ) { + if ((sp = getservbyname(KPASSWD_PORTNAME, "udp"))) + udpport = sp->s_port; + else + udpport = htons(DEFAULT_KPASSWD_PORT); + sec_udpport = 0; + } else { if ((sp = getservbyname(KDC_PORTNAME, "udp"))) udpport = sp->s_port; + else + udpport = htons(KRB5_DEFAULT_PORT); if ((sp = getservbyname(KDC_SECONDARY_PORTNAME, "udp"))) sec_udpport = sp->s_port; + else + sec_udpport = htons(KRB5_DEFAULT_SEC_PORT); + } #endif if (sec_udpport == udpport) sec_udpport = 0; @@ -284,7 +299,7 @@ krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmaste * Lookup a KDC via DNS SRV records */ -static krb5_error_code +krb5_error_code krb5_locate_srv_dns(realm, service, protocol, addr_pp, naddrs) const krb5_data *realm; const char *service; diff --git a/src/lib/krb5/os/lock_file.c b/src/lib/krb5/os/lock_file.c index 79c1f97f1..55f86343a 100644 --- a/src/lib/krb5/os/lock_file.c +++ b/src/lib/krb5/os/lock_file.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/mk_faddr.c b/src/lib/krb5/os/mk_faddr.c index de22a9e28..66167cd96 100644 --- a/src/lib/krb5/os/mk_faddr.c +++ b/src/lib/krb5/os/mk_faddr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/net_read.c b/src/lib/krb5/os/net_read.c index 2b8a69241..bea2b7bba 100644 --- a/src/lib/krb5/os/net_read.c +++ b/src/lib/krb5/os/net_read.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/net_write.c b/src/lib/krb5/os/net_write.c index 1da730e1e..e3c2eeceb 100644 --- a/src/lib/krb5/os/net_write.c +++ b/src/lib/krb5/os/net_write.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/os-proto.h b/src/lib/krb5/os/os-proto.h index 02c186f88..fed7a81db 100644 --- a/src/lib/krb5/os/os-proto.h +++ b/src/lib/krb5/os/os-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/osconfig.c b/src/lib/krb5/os/osconfig.c index 228695ab7..2ae48009c 100644 --- a/src/lib/krb5/os/osconfig.c +++ b/src/lib/krb5/os/osconfig.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/port2ip.c b/src/lib/krb5/os/port2ip.c index 55249bd84..ba3fb9bd0 100644 --- a/src/lib/krb5/os/port2ip.c +++ b/src/lib/krb5/os/port2ip.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/prompter.c b/src/lib/krb5/os/prompter.c index 684c5b509..b43e0ae0e 100644 --- a/src/lib/krb5/os/prompter.c +++ b/src/lib/krb5/os/prompter.c @@ -121,6 +121,102 @@ cleanup: } #else /* MSDOS */ +#if defined(_WIN32) + +#include + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_prompter_posix(krb5_context context, + void *data, + const char *name, + const char *banner, + int num_prompts, + krb5_prompt prompts[]) +{ + HANDLE handle; + DWORD old_mode, new_mode; + char *ptr; + int scratchchar; + krb5_error_code errcode = 0; + int i; + + handle = GetStdHandle(STD_INPUT_HANDLE); + if (handle == INVALID_HANDLE_VALUE) + return ENOTTY; + if (!GetConsoleMode(handle, &old_mode)) + return ENOTTY; + + new_mode = old_mode; + new_mode |= ( ENABLE_LINE_INPUT | ENABLE_PROCESSED_INPUT ); + new_mode &= ~( ENABLE_ECHO_INPUT ); + + if (!SetConsoleMode(handle, new_mode)) + return ENOTTY; + + if (!SetConsoleMode(handle, old_mode)) + return ENOTTY; + + if (name) { + fputs(name, stdout); + fputs("\n", stdout); + } + + if (banner) { + fputs(banner, stdout); + fputs("\n", stdout); + } + + for (i = 0; i < num_prompts; i++) { + if (prompts[i].hidden) { + if (!SetConsoleMode(handle, new_mode)) { + errcode = ENOTTY; + goto cleanup; + } + } + + fputs(prompts[i].prompt,stdout); + fputs(": ", stdout); + fflush(stdout); + memset(prompts[i].reply->data, 0, prompts[i].reply->length); + + if (fgets(prompts[i].reply->data, prompts[i].reply->length, stdin) + == NULL) { + if (prompts[i].hidden) + putchar('\n'); + errcode = KRB5_LIBOS_CANTREADPWD; + goto cleanup; + } + if (prompts[i].hidden) + putchar('\n'); + /* fgets always null-terminates the returned string */ + + /* replace newline with null */ + if ((ptr = strchr(prompts[i].reply->data, '\n'))) + *ptr = '\0'; + else /* flush rest of input line */ + do { + scratchchar = getchar(); + } while (scratchchar != EOF && scratchchar != '\n'); + + prompts[i].reply->length = strlen(prompts[i].reply->data); + + if (!SetConsoleMode(handle, old_mode)) { + errcode = ENOTTY; + goto cleanup; + } + } + + cleanup: + if (errcode) { + for (i = 0; i < num_prompts; i++) { + memset(prompts[i].reply->data, 0, prompts[i].reply->length); + } + } + return errcode; +} + +#else /* !_WIN32 */ + KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_prompter_posix(krb5_context context, void *data, @@ -129,7 +225,7 @@ krb5_prompter_posix(krb5_context context, int num_prompts, krb5_prompt prompts[]) { - return(EINVAL); + return(EINVAL); } -#endif /* !MSDOS */ - +#endif /* !_WIN32 */ +#endif /* !MSDOS */ diff --git a/src/lib/krb5/os/read_msg.c b/src/lib/krb5/os/read_msg.c index 8ece718cc..c138ffb03 100644 --- a/src/lib/krb5/os/read_msg.c +++ b/src/lib/krb5/os/read_msg.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/read_pwd.c b/src/lib/krb5/os/read_pwd.c index 7d68948af..4deabe2fd 100644 --- a/src/lib/krb5/os/read_pwd.c +++ b/src/lib/krb5/os/read_pwd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/realm_dom.c b/src/lib/krb5/os/realm_dom.c index 3d0b64ebd..6afad2dbe 100644 --- a/src/lib/krb5/os/realm_dom.c +++ b/src/lib/krb5/os/realm_dom.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/realm_iter.c b/src/lib/krb5/os/realm_iter.c index 0c3d12773..2e3276081 100644 --- a/src/lib/krb5/os/realm_iter.c +++ b/src/lib/krb5/os/realm_iter.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c index ff14863b4..01b797e70 100644 --- a/src/lib/krb5/os/sendto_kdc.c +++ b/src/lib/krb5/os/sendto_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c index 766aa658e..896567953 100644 --- a/src/lib/krb5/os/sn2princ.c +++ b/src/lib/krb5/os/sn2princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/timeofday.c b/src/lib/krb5/os/timeofday.c index 047eed82b..11dffd732 100644 --- a/src/lib/krb5/os/timeofday.c +++ b/src/lib/krb5/os/timeofday.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/toffset.c b/src/lib/krb5/os/toffset.c index 2debd9f98..72d301df9 100644 --- a/src/lib/krb5/os/toffset.c +++ b/src/lib/krb5/os/toffset.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/unlck_file.c b/src/lib/krb5/os/unlck_file.c index bea19c123..886196d3e 100644 --- a/src/lib/krb5/os/unlck_file.c +++ b/src/lib/krb5/os/unlck_file.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/ustime.c b/src/lib/krb5/os/ustime.c index 2c8b7d4ab..ed60714e1 100644 --- a/src/lib/krb5/os/ustime.c +++ b/src/lib/krb5/os/ustime.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/write_msg.c b/src/lib/krb5/os/write_msg.c index 368ca6086..7f1bc242a 100644 --- a/src/lib/krb5/os/write_msg.c +++ b/src/lib/krb5/os/write_msg.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/rcache/ChangeLog b/src/lib/krb5/rcache/ChangeLog index 3917175a4..f1ded6710 100644 --- a/src/lib/krb5/rcache/ChangeLog +++ b/src/lib/krb5/rcache/ChangeLog @@ -1,3 +1,8 @@ +1999-09-21 Ken Raeburn + + * rc_dfl.c (krb5_rc_io_fetch): Set client and server fields to + NULL after freeing them in the error case. + Mon May 10 15:26:53 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb5/rcache/rc_dfl.c b/src/lib/krb5/rcache/rc_dfl.c index 57679f369..a86f42e71 100644 --- a/src/lib/krb5/rcache/rc_dfl.c +++ b/src/lib/krb5/rcache/rc_dfl.c @@ -386,6 +386,7 @@ errout: krb5_xfree(rep->client); if (rep->server) krb5_xfree(rep->server); + rep->client = rep->server = 0; return retval; } diff --git a/src/lib/krb5/rcache/rcdef.c b/src/lib/krb5/rcache/rcdef.c index 70b1fc696..338408fe0 100644 --- a/src/lib/krb5/rcache/rcdef.c +++ b/src/lib/krb5/rcache/rcdef.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/rcache/ser_rc.c b/src/lib/krb5/rcache/ser_rc.c index f70dfbfe3..c6ea29cb4 100644 --- a/src/lib/krb5/rcache/ser_rc.c +++ b/src/lib/krb5/rcache/ser_rc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5_16.def b/src/lib/krb5_16.def deleted file mode 100644 index 70bc3442b..000000000 --- a/src/lib/krb5_16.def +++ /dev/null @@ -1,207 +0,0 @@ -;---------------------------------------------------- -; KRB5.DEF - KRB5.DLL module definition file -;---------------------------------------------------- - -LIBRARY KRB5_16 -DESCRIPTION 'DLL for Kerberos 5' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; Kerberos 5 - _krb5_build_principal - _krb5_build_principal_ext - krb5_copy_addr - krb5_copy_addresses - krb5_copy_authdata - krb5_copy_authenticator - krb5_copy_checksum - krb5_copy_creds - krb5_copy_data - krb5_copy_keyblock - krb5_copy_keyblock_contents - krb5_copy_principal - krb5_copy_ticket - krb5_decrypt_tkt_part - krb5_free_address - krb5_free_addresses - krb5_free_ap_rep - krb5_free_ap_rep_enc_part - krb5_free_ap_req - krb5_free_authdata - krb5_free_authenticator - krb5_free_authenticator_contents - krb5_free_checksum - krb5_free_context - krb5_free_cred - krb5_free_cred_contents - krb5_free_cred_enc_part - krb5_free_creds - krb5_free_data - krb5_free_data_contents - krb5_free_enc_kdc_rep_part - krb5_free_enc_tkt_part - krb5_free_error - krb5_free_host_realm - krb5_free_kdc_rep - krb5_free_kdc_req - krb5_free_keyblock - krb5_free_keyblock_contents - krb5_free_last_req - krb5_free_pa_data - krb5_free_principal - krb5_free_priv - krb5_free_priv_enc_part - krb5_free_pwd_data - krb5_free_pwd_sequences - krb5_free_safe - krb5_free_tgt_creds - krb5_free_ticket - krb5_free_tickets - krb5_free_tkt_authent - krb5_fwd_tgt_creds - krb5_get_credentials - krb5_get_credentials_renew - krb5_get_credentials_validate - krb5_get_default_realm - krb5_get_host_realm - krb5_get_realm_domain - krb5_get_in_tkt - krb5_get_in_tkt_with_keytab - krb5_get_in_tkt_with_password - krb5_get_in_tkt_with_skey - krb5_get_init_creds_opt_init - krb5_get_init_creds_opt_set_tkt_life - krb5_get_init_creds_opt_set_renew_life - krb5_get_init_creds_opt_set_forwardable - krb5_get_init_creds_opt_set_proxiable - krb5_get_init_creds_opt_set_etype_list - krb5_get_init_creds_opt_set_address_list - krb5_get_init_creds_opt_set_preauth_list - krb5_get_init_creds_opt_set_salt - krb5_get_init_creds_password - krb5_get_init_creds_keytab - krb5_get_init_creds_opt_init - krb5_get_validated_creds - krb5_get_renewed_creds - krb5_get_notification_message - krb5_init_context - krb5_mk_error - krb5_mk_priv - krb5_mk_rep - krb5_mk_req - krb5_mk_req_extended - krb5_mk_safe - krb5_os_localaddr - krb5_parse_name - krb5_principal_compare - krb5_prompter_posix - krb5_rd_cred - krb5_rd_error - krb5_rd_priv - krb5_rd_rep - krb5_rd_req - krb5_rd_safe - krb5_read_password - krb5_recvauth - krb5_sendauth - krb5_sname_to_principal - krb5_timeofday - krb5_unparse_name - krb5_unparse_name_ext - krb5_free_unparsed_name - krb5_us_timeofday -; - krb5_use_enctype - krb5_checksum_size - krb5_encrypt_size - krb5_calculate_checksum - krb5_verify_checksum - krb5_eblock_enctype -; - krb5_decrypt - krb5_encrypt - krb5_string_to_key - krb5_process_key - krb5_finish_key - krb5_init_random_key - krb5_finish_random_key - krb5_random_key -; - krb5_425_conv_principal - krb5_524_conv_principal -; - krb5_cksumtype_to_string - krb5_deltat_to_string - krb5_enctype_to_string - krb5_salttype_to_string - krb5_string_to_cksumtype - krb5_string_to_deltat - krb5_string_to_enctype - krb5_string_to_salttype - krb5_string_to_timestamp - krb5_timestamp_to_sfstring - krb5_timestamp_to_string -; - krb5_auth_con_free - krb5_auth_con_genaddrs - krb5_auth_con_getflags - krb5_auth_con_getkey - krb5_auth_con_getlocalsubkey - krb5_auth_con_getremotesubkey - krb5_auth_con_init - krb5_auth_con_setflags - krb5_auth_con_getlocalseqnumber - krb5_auth_con_getremoteseqnumber - krb5_auth_con_setuseruserkey - krb5_auth_con_getauthenticator - krb5_auth_con_set_req_cksumtype -; - krb5_cc_default - krb5_cc_register - krb5_cc_resolve -; - krb5_kt_default - krb5_kt_register - krb5_kt_resolve - krb5_kt_add_entry - krb5_kt_free_entry - krb5_kt_read_service_key - krb5_kt_remove_entry -;Kadm routines - krb5_adm_connect - krb5_adm_disconnect - krb5_free_adm_data - krb5_read_adm_reply - krb5_send_adm_cmd -; -;Temporary exports (DO NOT USE) - _sscanf - _decode_krb5_ticket - des_ecb_encrypt - des_new_random_key - des_key_sched - des_pcbc_encrypt - des_quad_cksum - des_string_to_key -; des_set_random_generator_seed - des_init_random_number_generator - profile_get_values - krb5_random_confounder - krb5_size_opaque - krb5_internalize_opaque - krb5_externalize_opaque - krb5_ser_pack_int32 - krb5_ser_unpack_int32 - krb5_ser_pack_bytes - krb5_ser_unpack_bytes - krb5_ser_auth_context_init - krb5_ser_context_init - krb5_ser_ccache_init - krb5_ser_keytab_init - krb5_ser_rcache_init - _decode_krb5_ap_req diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def index e4ef6c96c..948c4fefb 100644 --- a/src/lib/krb5_32.def +++ b/src/lib/krb5_32.def @@ -229,10 +229,10 @@ EXPORTS krb5_ser_rcache_init decode_krb5_ap_req krb5_mcc_ops - ; ;Added for Kermit 95 krb5_address_search krb5_auth_con_getrcache krb5_c_enctype_compare + krb5_kuserok diff --git a/src/lib/krb5util/compat_recv.c b/src/lib/krb5util/compat_recv.c index 72d82aa77..ec6b15114 100644 --- a/src/lib/krb5util/compat_recv.c +++ b/src/lib/krb5util/compat_recv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5util/seteuid.c b/src/lib/krb5util/seteuid.c index a8fcd4b20..2b4f596c0 100644 --- a/src/lib/krb5util/seteuid.c +++ b/src/lib/krb5util/seteuid.c @@ -12,7 +12,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/lib/sapgss16.def b/src/lib/sapgss16.def deleted file mode 100644 index ac6b7c94f..000000000 --- a/src/lib/sapgss16.def +++ /dev/null @@ -1,78 +0,0 @@ -;---------------------------------------------------- -; SAPGSS16.DEF - GSSAPI.DLL module definition file -;---------------------------------------------------- - -LIBRARY SAPGSS16 -DESCRIPTION 'Base Generic Security Service API' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - gss_acquire_cred - gss_release_cred - gss_init_sec_context - gss_accept_sec_context - gss_process_context_token - gss_delete_sec_context - gss_context_time - gss_sign - gss_verify - gss_seal - gss_unseal - gss_display_status - gss_indicate_mechs - gss_compare_name - gss_display_name - gss_import_name - gss_release_name - gss_release_buffer - gss_release_oid_set - gss_inquire_cred -; -; GSS-API v2 additional credential calls -; - gss_add_cred - gss_inquire_cred_by_mech -; -; GSS-API v2 additional context-level calls -; - gss_inquire_context - gss_wrap_size_limit - gss_export_sec_context - gss_import_sec_context -; -; GSS-API v2 additional calls for OID and OID_set operations -; - gss_release_oid - gss_create_empty_oid_set - gss_add_oid_set_member - gss_test_oid_set_member - gss_oid_to_str - gss_str_to_oid -; -; GSS-API v2 renamed message protection calls -; - gss_wrap - gss_unwrap - gss_get_mic - gss_verify_mic -; -; GSS-API v2 future extensions -; - gss_inquire_names_for_mech -; gss_inquire_mechs_for_name - gss_canonicalize_name - gss_export_name - gss_duplicate_name -; -; GSS-API variables -; - _gss_nt_user_name - _gss_nt_machine_uid_name - _gss_nt_string_uid_name - _gss_nt_service_name diff --git a/src/lib/sapkrb16.def b/src/lib/sapkrb16.def deleted file mode 100644 index 3095b2068..000000000 --- a/src/lib/sapkrb16.def +++ /dev/null @@ -1,189 +0,0 @@ -;---------------------------------------------------- -; SAPKRB16.DEF - KRB5.DLL module definition file -;---------------------------------------------------- - -LIBRARY SAPKRB16 -DESCRIPTION 'DLL for Kerberos 5' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; Kerberos 5 - _krb5_build_principal - _krb5_build_principal_ext - krb5_copy_addr - krb5_copy_addresses - krb5_copy_authdata - krb5_copy_authenticator - krb5_copy_checksum - krb5_copy_creds - krb5_copy_data - krb5_copy_keyblock - krb5_copy_keyblock_contents - krb5_copy_principal - krb5_copy_ticket - krb5_decrypt_tkt_part - krb5_free_address - krb5_free_addresses - krb5_free_ap_rep - krb5_free_ap_rep_enc_part - krb5_free_ap_req - krb5_free_authdata - krb5_free_authenticator - krb5_free_authenticator_contents - krb5_free_checksum - krb5_free_context - krb5_free_cred - krb5_free_cred_contents - krb5_free_cred_enc_part - krb5_free_creds - krb5_free_data - krb5_free_data_contents - krb5_free_enc_kdc_rep_part - krb5_free_enc_tkt_part - krb5_free_error - krb5_free_host_realm - krb5_free_kdc_rep - krb5_free_kdc_req - krb5_free_keyblock - krb5_free_keyblock_contents - krb5_free_last_req - krb5_free_pa_data - krb5_free_principal - krb5_free_priv - krb5_free_priv_enc_part - krb5_free_pwd_data - krb5_free_pwd_sequences - krb5_free_safe - krb5_free_tgt_creds - krb5_free_ticket - krb5_free_tickets - krb5_free_tkt_authent - krb5_fwd_tgt_creds - krb5_get_credentials - krb5_get_credentials_renew - krb5_get_credentials_validate - krb5_get_default_realm - krb5_get_host_realm - krb5_get_in_tkt - krb5_get_in_tkt_with_keytab - krb5_get_in_tkt_with_password - krb5_get_in_tkt_with_skey - krb5_get_notification_message - krb5_init_context - krb5_mk_error - krb5_mk_priv - krb5_mk_rep - krb5_mk_req - krb5_mk_req_extended - krb5_mk_safe - krb5_os_localaddr - krb5_parse_name - krb5_principal_compare - krb5_rd_cred - krb5_rd_error - krb5_rd_priv - krb5_rd_rep - krb5_rd_req - krb5_rd_safe - krb5_read_password - krb5_recvauth - krb5_sendauth - krb5_sname_to_principal - krb5_timeofday - krb5_unparse_name - krb5_unparse_name_ext - krb5_us_timeofday -; - krb5_use_enctype - krb5_checksum_size - krb5_encrypt_size - krb5_calculate_checksum - krb5_verify_checksum - krb5_eblock_enctype -; - krb5_decrypt - krb5_encrypt - krb5_string_to_key - krb5_process_key - krb5_finish_key - krb5_init_random_key - krb5_finish_random_key - krb5_random_key -; - krb5_425_conv_principal - krb5_524_conv_principal -; - krb5_cksumtype_to_string - krb5_deltat_to_string - krb5_enctype_to_string - krb5_salttype_to_string - krb5_string_to_cksumtype - krb5_string_to_deltat - krb5_string_to_enctype - krb5_string_to_salttype - krb5_string_to_timestamp - krb5_timestamp_to_sfstring - krb5_timestamp_to_string -; - krb5_auth_con_free - krb5_auth_con_genaddrs - krb5_auth_con_getflags - krb5_auth_con_getkey - krb5_auth_con_getlocalsubkey - krb5_auth_con_getremotesubkey - krb5_auth_con_init - krb5_auth_con_setflags - krb5_auth_con_getlocalseqnumber - krb5_auth_con_getremoteseqnumber - krb5_auth_con_setuseruserkey - krb5_auth_con_getauthenticator - krb5_auth_con_set_req_cksumtype -; - krb5_cc_default - krb5_cc_register - krb5_cc_resolve -; - krb5_kt_default - krb5_kt_register - krb5_kt_resolve - krb5_kt_add_entry - krb5_kt_free_entry - krb5_kt_read_service_key - krb5_kt_remove_entry -;Kadm routines - krb5_adm_connect - krb5_adm_disconnect - krb5_free_adm_data - krb5_read_adm_reply - krb5_send_adm_cmd -; -;Temporary exports (DO NOT USE) - _sscanf - _decode_krb5_ticket - des_ecb_encrypt - des_new_random_key - des_key_sched - des_pcbc_encrypt - des_quad_cksum - des_string_to_key - des_set_random_generator_seed - profile_get_values - krb5_random_confounder - krb5_size_opaque - krb5_internalize_opaque - krb5_externalize_opaque - krb5_ser_pack_int32 - krb5_ser_unpack_int32 - krb5_ser_pack_bytes - krb5_ser_unpack_bytes - krb5_ser_auth_context_init - krb5_ser_context_init - krb5_ser_ccache_init - krb5_ser_keytab_init - krb5_ser_rcache_init - _decode_krb5_ap_req diff --git a/src/lib/winsock.def b/src/lib/winsock.def deleted file mode 100644 index cada77985..000000000 --- a/src/lib/winsock.def +++ /dev/null @@ -1,90 +0,0 @@ -; -; File: winsock.def -; System: MS-Windows 3.x -; Summary: Module definition file for Windows Sockets DLL. -; -; This file is from -; ftp://sunsite.unc.edu/pub/micro/pc-stuff/ms-windows/winsock/winsock-1.1 -; except that we made all the routine names uppercase, to match what -; MicroSoft C does when you declare an interface routine PASCAL -; (the way all these routines are declared in .../include/winsock.h). -; - -LIBRARY WINSOCK ; Application's module name - -DESCRIPTION 'BSD Socket API for Windows' - -EXETYPE WINDOWS ; required for all windows applications - -STUB 'WINSTUB.EXE' ; generates error message if application - ; is run without Windows - -;CODE can be FIXED in memory because of potential upcalls -CODE PRELOAD FIXED - -;DATA must be SINGLE and at a FIXED location since this is a DLL -DATA PRELOAD FIXED SINGLE - -HEAPSIZE 1024 -STACKSIZE 16384 - -; All functions that will be called by any Windows routine -; must be exported. Any additional exports beyond those defined -; here must have ordinal numbers 1000 or above. - -EXPORTS - ACCEPT @1 - BIND @2 - CLOSESOCKET @3 - CONNECT @4 - GETPEERNAME @5 - GETSOCKNAME @6 - GETSOCKOPT @7 - HTONL @8 - HTONS @9 - INET_ADDR @10 - INET_NTOA @11 - IOCTLSOCKET @12 - LISTEN @13 - NTOHL @14 - NTOHS @15 - RECV @16 - RECVFROM @17 - SELECT @18 - SEND @19 - SENDTO @20 - SETSOCKOPT @21 - SHUTDOWN @22 - SOCKET @23 - - GETHOSTBYADDR @51 - GETHOSTBYNAME @52 - GETPROTOBYNAME @53 - GETPROTOBYNUMBER @54 - GETSERVBYNAME @55 - GETSERVBYPORT @56 - GETHOSTNAME @57 - - WSAASYNCSELECT @101 - WSAASYNCGETHOSTBYADDR @102 - WSAASYNCGETHOSTBYNAME @103 - WSAASYNCGETPROTOBYNUMBER @104 - WSAASYNCGETPROTOBYNAME @105 - WSAASYNCGETSERVBYPORT @106 - WSAASYNCGETSERVBYNAME @107 - WSACANCELASYNCREQUEST @108 - WSASETBLOCKINGHOOK @109 - WSAUNHOOKBLOCKINGHOOK @110 - WSAGETLASTERROR @111 - WSASETLASTERROR @112 - WSACANCELBLOCKINGCALL @113 - WSAISBLOCKING @114 - WSASTARTUP @115 - WSACLEANUP @116 - - __WSAFDISSET @151 - - WEP @500 RESIDENTNAME - -;eof - diff --git a/src/lib/xpprof16.def b/src/lib/xpprof16.def deleted file mode 100644 index e356718e9..000000000 --- a/src/lib/xpprof16.def +++ /dev/null @@ -1,33 +0,0 @@ -;---------------------------------------------------- -; XPPROF16.DEF - XPPROF16.DLL -;---------------------------------------------------- - -LIBRARY XPPROF16.DLL -DESCRIPTION 'Cross Platform Profile DLL' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - profile_init - profile_init_path - profile_flush - profile_release - profile_get_values - profile_free_list - profile_get_string - profile_get_integer - profile_get_relation_names - profile_get_subsection_names - profile_iterator_create - profile_iterator_free - profile_iterator - profile_release_string - profile_update_relation - profile_clear_relation - profile_rename_section - profile_add_relation diff --git a/src/mac/CFMGlue.pl b/src/mac/CFMGlue.pl index f74a3662d..f6386bb80 100644 --- a/src/mac/CFMGlue.pl +++ b/src/mac/CFMGlue.pl @@ -1,158 +1,298 @@ -#!/usr/athena/bin/perl -w +#!/usr/local/bin/perl -w +use strict; # Turn on careful syntax checking +use 5.002; # Require Perl 5.002 or later + +# Pre-declare globals, as required by "use strict" +use vars qw(%RESERVEDWORDS $file $prototype); + +# C words which aren't a type or a parameter name +# [digit] is special cased later on... %RESERVEDWORDS = ( - const => "const", - "*" => "*", - "[]" => "[]", - struct => "struct", - enum => "enum", - union => "union" + const => "const", + "*" => "*", + "[]" => "[]", + struct => "struct", + enum => "enum", + union => "union", + unsigned => "unsigned", + register => "register" ); -while() +# Read the entire file into $file +{ + local $/; + undef $/; # Ignore end-of-line delimiters in the file + $file .= ; +} + +# Remove the C and C++ comments from the file. +# If this regexp scares you, don't worry, it scares us too. +$file =~ s@/ # Both kinds of comment begin with a / + # First, process /* ... */ + ((\*[^*]*\*+ # 1: Identify /**, /***, /* foo *, etc. + ([^/*][^*]*\*+)* # 2: Match nothing, x*, x/*, x/y*, x*y* etc. + /) # 3: Look for the trailing /. If not present, back up + # through the matches from step 2 (x*y* becomes x*) + #### if we get here, we have /* ... */ + | # Or, it's // and we just need to match to the end of the line + (/.*?\n)) # 4. Slash, shortest possible run of characters ending in newline (\n) + @\n@xg; # => Replace match with a newline. + ### "x" modifier allows whitespace and comments in patterns + ### "g" modifier means "do this globally" + +$file =~ tr! \t\n! !s; # Convert newlines, tabs, and runs of spaces into single spaces + +foreach $prototype (split /;/, $file) # Break string apart at semicolons, pass each piece to our Convert routine { - chop($_); - $prototype = $_; - @splitup = split(/\s*\(\s*/, $prototype); - - # the return value type and the function name: - $temp = $splitup[0]; - $temp =~ s/\s*\*\s*/ \* /g; # add spaces around * - @funcAndArgs = split(/\s+/, $temp); - $functionName = $funcAndArgs[$#funcAndArgs]; - - # Is this function already in the Hash Table? - if(!exists($FUNCTIONS{$functionName})) - { - $FUNCTIONS{$functionName}{prototypeText} = $prototype; - pop @{funcAndArgs}; - $FUNCTIONS{$functionName}{returnType} = join(' ', @funcAndArgs); + Convert($prototype); +} + +exit (0); + +# ======================================== +# Subroutines follow +# ======================================== + +sub Convert() +{ + # Take our special C-style function prototypes and print out the + # appropriate glue code. + + my $prototype = shift; + my ($returnType, $functionName, $paramString); + my (@parameters, @types); + + return if ($prototype =~ /^\s*$/); # Ignore blank lines + # Use custom function to remove leading & trailing spaces & + # collapse runs of spaces. + $prototype = StripSpaces($prototype); + + # ==================== + # STAGE 1.1: Get the function name and return type. + # Do general syntax checking. + # ==================== + + # See if we have a legal prototype and begin parsing. A legal prototype has + # a return type (optional), function name, and parameter list. + unless ($prototype =~ /((\w+\*? )*(\w+\*?)) (\w+)\s*\((.*)\)$/) + { + die "Prototype \"$prototype;\" does not appear to be a legal prototype.\n"; + } + + # That unless had a nice side effect -- the parentheses in the regular expression + # stuffed the matching parts of the expression into variables $1, $2, and $3. + + ($returnType, $functionName) = ($1, $4); + # Kill 2 birds at a time -- get rid of leading & trailing spaces *and* get an + # empty string back if there are no parameters + $paramString = StripSpaces($5); + + # Insist on having an argument list in the prototype + unless ($paramString) + { + die("Prototype: \"$prototype;\" has no arguments.\n" . + "This is ambiguous between C and C++ (please specify " . + "either (int) or (void)).\n"); + } + + # Check for variable arguments by looking for + # "va_list " or "..." + if(($paramString =~ /va_list\s+\S+/) or # va_list + spaces + not-a-spaces + ($paramString =~ /\Q.../)) # \Q = "quote metacharacters" => \.\.\. + { + die("Prototype: \"$prototype;\" takes a variable " . + "number of arguments. Variable arguments are not " . + "supported by CFM Glue.\n"); + } + + # ==================== + # STAGE 1.2: Digest the parameter list. + # ==================== + + if ($paramString eq "void") + { + $parameters[0] = "void"; + $types[0] = "void"; + } + else + { + # The function has nonvoid arguments - # the arguments: - @splitup2 = split(/\s*\)\s*/, $splitup[1]); - @argsAndParams = split(/\s*,\s*/, $splitup2[0]); + # Add spaces around * and turn [#] into [#] with spaces around it + # for ease of parsing + $paramString =~ s/\s*\*\s*/ \* /g; + $paramString =~ s/\s*\[(\d*)\]\s*/ [$1] /g; + + # Extract the list elements + my @arguments = split /,\s*/, $paramString; - for($i = 0, $j = 1; $i <= $#argsAndParams; $i++, $j++) - { - $temp = $argsAndParams[$i]; - $temp =~ s/\s*\*\s*/ \* /g; # add spaces around * - $temp =~ s/\s*\[\]\s*/ \[\] /g; # add spaces around [] - - @elements = split(/\s+/, $temp); - - # Is there a parameter name in this argument? - $identifierCount = 0; - foreach $element (@elements) - { - if(!exists($RESERVEDWORDS{$element})) { - $identifierCount++; + # Make sure we don't have more than 13 arguments + if ($#arguments >= 13) + { + die "Prototype \"$prototype;\" has more than 13 arguments,\n". + "which the CFM68K glue will not support."; } - } - - if(($identifierCount > 2) or ($identifierCount < 1)) { - print("************** $argsAndParams ****************"); - die; - } - - if($identifierCount >= 2) { - $param = $elements[$#elements]; - pop(@elements); - if($param eq "[]") { - $param = $elements[$#elements]; - pop(@elements); - push(@elements, '*'); + + # We need to look at each argument and come out with two lists: a list + # of parameter names and a corresponding list of parameter types. For example: + # ( const int x, short y[], int ) + # needs to become two lists: + # @parameters = ("x", "y", "__param0") + # @elements = ("const int", "short *", int) + my $i = 0; # parameter counter + foreach my $argument (@arguments) + { + my @elements = split(' ', $argument); + + # A legal argument will have a name and/or a parameter type. + # It might _also_ have some C keywords + # We'll syntax check the argument by counting the number of things + # which are names and/or variable types + my $identifierCount = grep { !$RESERVEDWORDS{$_} && !/\[\d*\]/ } @elements; + + if ($identifierCount == 1) { + # We have a type without a name, so generate an arbitrary unique name + push @parameters, "__param" . $i; + } + elsif ($identifierCount == 2) { + # We have a type and a name. We'll assume the name is the last thing seen, + my $paramName = pop @elements; + # ...but have to make certain it's not a qualified array reference + if ($paramName =~ /\[\d*\]/) + { + # Whoops...the argument ended in a [], so extract the name and put back + # the array notation + my $temp = $paramName; + $paramName = pop @elements; + push @elements, $temp; + } + push @parameters, $paramName; + } + else # $identifierCount == 0 or $identifierCount > 2 + { + die("Prototype: \"$prototype;\" has an " . + "invalid number ($identifierCount)" . + " of non-reserved words in argument '$argument'.\n"); + } + + # Replace all "[]" with "*" to turn array references into pointers. + # "map" sets $_ to each array element in turn; modifying $_ modifies + # the corresponding value in the array. (s -- substutition -- works + # on $_ by default.) + map { s/\[\d*\]/*/ } @elements; + + push @types, join(' ', @elements); # Construct a type definition + + # Increment the argument counter: + $i++; } - $type = join(' ', @elements); - } else { - $type = $argsAndParams[$i]; - $param = "param" . $j; - } - $FUNCTIONS{$functionName}{typeList}[$i] = $type; - $FUNCTIONS{$functionName}{paramList}[$i] = $param; } - } -} -foreach $function (keys(%FUNCTIONS)) -{ - # the variables we will be playing with: - $name = $function; - $retType = $FUNCTIONS{$function}{returnType}; - $prototype = $FUNCTIONS{$function}{prototypeText}; - @args = @{ $FUNCTIONS{$function}{typeList} }; - @params = @{ $FUNCTIONS{$function}{paramList} }; - - - # Now Generate the ProcInfo Macro: - # -------------------------------- - print("/**** $name ****/\n"); - print("/* $prototype */\n\n"); - - print("enum {\n"); - print(" $name" . "_ProcInfo = kThinkCStackBased\n"); - if($retType ne "void") { - print(" | RESULT_SIZE(SIZE_CODE(sizeof($retType)))\n"); - } - for($i = 0, $j = 1; $i <= $#args; $i++, $j++) - { - $arg = $args[$i]; - print(" | STACK_ROUTINE_PARAMETER($j, SIZE_CODE(sizeof($arg)))\n"); - } - print("};\n\n"); - - # Now Generate the ProcPtr Typedef - # -------------------------------- - print("typedef "); - print("$retType "); - print("(*$name" . "_ProcPtrType)("); - - for($i = 0; $i<=$#args; $i++) { - $arg = $args[$i]; - print("$arg"); - if ($i ne $#args) { - print (", "); - } - } - print(");\n"); - - - # Now Generate the Static 68K Function Declaration: - # ------------------------------------------------- - print("$retType $name (\n"); - for($i = 0; $i <= $#args; $i++) - { - for($j = 0; $j <= length($retType); $j++) { - print(" "); + # ==================== + # STAGE 2: Print out the glue. + # ==================== + + # Generate the ProcInfo Macro: + # ---------------------------- + my $result = ""; # Will be inserted into the final macro + if ($returnType ne "void") { + $result = "\n | RESULT_SIZE(SIZE_CODE(sizeof($returnType)))"; } - print($args[$i] . ' ' . $params[$i]); - if($i >= $#args) { - print(")\n"); - } else { - print(",\n"); + + # Convert a list of parameter types into entries for the macro. + # All non-void parameters need to have a line in the final macro. + my @parameterMacros; + my $paramCount = -1; + @parameterMacros = map { $paramCount++; $_ eq "void" ? "" : + " | STACK_ROUTINE_PARAMETER(" . ($paramCount + 1) . ", SIZE_CODE(sizeof($_)))" } @types; + my $macroString = join "\n", @parameterMacros; + + print <= $#args) { - print(");\n"); - } else { - print(", "); + else + { + my @joinedList; + # Merge the parameter and type lists together + foreach my $i (0..$#types) + { + push @joinedList, ($types[$i] . ' ' . $parameters[$i]); + } + + # Build a list of parameters where each parameter is aligned vertically + # beneath the one above. + # "' ' x 5" is a Perl technique to get a string of 5 spaces + $fnArguments = join (",\n".(' ' x length($functionDec)), @joinedList); + } + + # Create a list of parameters to pass to the 68K function + my $fnParams = ""; + if($types[0] ne "void") { + $fnParams = join ", ", @parameters; } - } - - print("}\n\n\n"); + + # Do we have an explicit return statement? This depends on the return type + my $returnAction = " "; + $returnAction = "return " if ($returnType ne "void"); + + # The following code introduces a new Perl trick -- ${a} is the same as $a in a string + # (interpolate the value of variable $a); the brackets are used to seperate the variable + # name from the text immediately following the variable name so the Perl interpreter + # doesn't go looking for the wrong variable. + print < + +Boolean ComErrLibraryIsPresent () +{ + Ptr symAddr; + return (Find_Symbol (&symAddr, "\perror_message", error_message_ProcInfo)) == noErr; +} \ No newline at end of file diff --git a/src/mac/ComErrLib.glue.pre.cin b/src/mac/ComErrLib.glue.pre.cin new file mode 100644 index 000000000..e46153300 --- /dev/null +++ b/src/mac/ComErrLib.glue.pre.cin @@ -0,0 +1,5 @@ +/* Include prototypes for glue functions */ +#include + +/* Hardcode library fragment name here */ +#define kLibraryName "\pMIT Kerberos¥ComErrLib" diff --git a/src/mac/ComErrLib.glue.proto.h b/src/mac/ComErrLib.glue.proto.h new file mode 100644 index 000000000..a07998465 --- /dev/null +++ b/src/mac/ComErrLib.glue.proto.h @@ -0,0 +1,3 @@ +const char* error_message(errcode_t); +errcode_t add_error_table (const struct error_table *); +errcode_t remove_error_table(const struct error_table *); diff --git a/src/mac/GSS.CFM.c b/src/mac/GSS.CFM.c index 686ee20bf..a7c7c64ec 100644 --- a/src/mac/GSS.CFM.c +++ b/src/mac/GSS.CFM.c @@ -1,9 +1,19 @@ -/* - * Copyright (C) 1997 by the Massachusetts Institute of Technology - * All rights reserved. +/* Copyright 1998 by the Massachusetts Institute of Technology. * - * For copying and distribution information, please see the file - * COPYRIGHT. + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. */ @@ -12,6 +22,7 @@ #include "gssapi_err_generic.h" #include "gssapi_err_krb5.h" +#include "gssapi.h" OSErr __initializeGSS(CFragInitBlockPtr ibp); void __terminateGSS(void); @@ -34,6 +45,10 @@ OSErr __initializeGSS(CFragInitBlockPtr ibp) void __terminateGSS(void) { + + OM_uint32 maj_stat, min_stat; + + maj_stat = kg_release_defcred (&min_stat); remove_error_table(&et_k5g_error_table); remove_error_table(&et_ggss_error_table); diff --git a/src/mac/GSS.CFMglue.proto.h b/src/mac/GSS.CFMglue.proto.h index 232b79c41..5940797c1 100644 --- a/src/mac/GSS.CFMglue.proto.h +++ b/src/mac/GSS.CFMglue.proto.h @@ -1,10 +1,43 @@ -OM_uint32 gss_wrap(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, gss_buffer_t, int *, gss_buffer_t); -OM_uint32 gss_release_buffer(OM_uint32 *, gss_buffer_t); -OM_uint32 gss_unwrap(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int *, gss_qop_t *); -OM_uint32 gss_delete_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_buffer_t); -OM_uint32 gss_display_status(OM_uint32 *, OM_uint32, int, gss_OID, OM_uint32 *, gss_buffer_t); -OM_uint32 gss_init_sec_context(OM_uint32 *, gss_cred_id_t, gss_ctx_id_t *, gss_name_t, gss_OID, OM_uint32, OM_uint32, gss_channel_bindings_t, gss_buffer_t, gss_OID *, gss_buffer_t, OM_uint32 *, OM_uint32 *); -OM_uint32 gss_import_name(OM_uint32 *, gss_buffer_t, gss_OID, gss_name_t *); -OM_uint32 gss_release_name(OM_uint32 *, gss_name_t *); -OM_uint32 gss_wrap_size_limit(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, OM_uint32, OM_uint32 *); +OM_uint32 gss_acquire_cred(OM_uint32 *, gss_name_t, OM_uint32, gss_OID_set, gss_cred_usage_t, gss_cred_id_t *, gss_OID_set *, OM_uint32 * ); +OM_uint32 gss_release_cred(OM_uint32 *, gss_cred_id_t * ); +OM_uint32 gss_init_sec_context(OM_uint32 *, gss_cred_id_t, gss_ctx_id_t *, gss_name_t, gss_OID, OM_uint32, OM_uint32, gss_channel_bindings_t, gss_buffer_t, gss_OID *, gss_buffer_t, OM_uint32 *, OM_uint32 * ); +OM_uint32 gss_accept_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_cred_id_t, gss_buffer_t, gss_channel_bindings_t, gss_name_t *, gss_OID *, gss_buffer_t, OM_uint32 *, OM_uint32 *, gss_cred_id_t * ); +OM_uint32 gss_process_context_token(OM_uint32 *, gss_ctx_id_t, gss_buffer_t ); +OM_uint32 gss_delete_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_buffer_t ); +OM_uint32 gss_context_time(OM_uint32 *, gss_ctx_id_t, OM_uint32 * ); +OM_uint32 gss_get_mic(OM_uint32 *, gss_ctx_id_t, gss_qop_t, gss_buffer_t, gss_buffer_t ); +OM_uint32 gss_verify_mic(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, gss_qop_t * ); +OM_uint32 gss_wrap(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, gss_buffer_t, int *, gss_buffer_t ); +OM_uint32 gss_unwrap(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int *, gss_qop_t * ); +OM_uint32 gss_display_status(OM_uint32 *, OM_uint32, int, gss_OID, OM_uint32 *, gss_buffer_t ); +OM_uint32 gss_indicate_mechs(OM_uint32 *, gss_OID_set * ); +OM_uint32 gss_compare_name(OM_uint32 *, gss_name_t, gss_name_t, int * ); +OM_uint32 gss_display_name(OM_uint32 *, gss_name_t, gss_buffer_t, gss_OID * ); +OM_uint32 gss_import_name(OM_uint32 *, gss_buffer_t, gss_OID, gss_name_t * ); +OM_uint32 gss_release_name(OM_uint32 *, gss_name_t * ); +OM_uint32 gss_release_buffer(OM_uint32 *, gss_buffer_t ); +OM_uint32 gss_release_oid_set(OM_uint32 *, gss_OID_set * ); +OM_uint32 gss_inquire_cred(OM_uint32 *, gss_cred_id_t, gss_name_t *, OM_uint32 *, gss_cred_usage_t *, gss_OID_set * ); +OM_uint32 gss_inquire_context(OM_uint32 *, gss_ctx_id_t, gss_name_t *, gss_name_t *, OM_uint32 *, gss_OID *, OM_uint32 *, int *, int * ); +OM_uint32 gss_wrap_size_limit(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, OM_uint32, OM_uint32 * ); +OM_uint32 gss_import_name_object(OM_uint32 *, void *, gss_OID, gss_name_t * ); +OM_uint32 gss_export_name_object(OM_uint32 *, gss_name_t, gss_OID, void * * ); +OM_uint32 gss_add_cred(OM_uint32 *, gss_cred_id_t, gss_name_t, gss_OID, gss_cred_usage_t, OM_uint32, OM_uint32, gss_cred_id_t *, gss_OID_set *, OM_uint32 *, OM_uint32 * ); +OM_uint32 gss_inquire_cred_by_mech(OM_uint32 *, gss_cred_id_t, gss_OID, gss_name_t *, OM_uint32 *, OM_uint32 *, gss_cred_usage_t * ); +OM_uint32 gss_export_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_buffer_t ); +OM_uint32 gss_import_sec_context(OM_uint32 *, gss_buffer_t, gss_ctx_id_t * ); +OM_uint32 gss_release_oid(OM_uint32 *, gss_OID * ); +OM_uint32 gss_create_empty_oid_set(OM_uint32 *, gss_OID_set * ); +OM_uint32 gss_add_oid_set_member(OM_uint32 *, gss_OID, gss_OID_set * ); +OM_uint32 gss_test_oid_set_member(OM_uint32 *, gss_OID, gss_OID_set, int * ); +OM_uint32 gss_str_to_oid(OM_uint32 *, gss_buffer_t, gss_OID * ); +OM_uint32 gss_oid_to_str(OM_uint32 *, gss_OID, gss_buffer_t ); +OM_uint32 gss_inquire_names_for_mech(OM_uint32 *, gss_OID, gss_OID_set * ); +OM_uint32 gss_sign(OM_uint32 *, gss_ctx_id_t, int, gss_buffer_t, gss_buffer_t ); +OM_uint32 gss_verify(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int * ); +OM_uint32 gss_seal(OM_uint32 *, gss_ctx_id_t, int, int, gss_buffer_t, int *, gss_buffer_t ); +OM_uint32 gss_unseal(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int *, int * ); +OM_uint32 gss_export_name(OM_uint32 *, const gss_name_t, gss_buffer_t ); +OM_uint32 gss_duplicate_name(OM_uint32 *, const gss_name_t, gss_name_t * ); +OM_uint32 gss_canonicalize_name(OM_uint32 *, const gss_name_t, const gss_OID, gss_name_t * ); OM_uint32 gss_krb5_ccache_name(OM_uint32 *minor_status, const char *name, const char **out_name); diff --git a/src/mac/GSSLib ReadMe b/src/mac/GSSLib ReadMe new file mode 100644 index 000000000..1f92f5529 --- /dev/null +++ b/src/mac/GSSLib ReadMe @@ -0,0 +1,4 @@ +GSSLib implements the Generic Security Services API. The APi is documented in +RFC 2078, which you can find at . + +The mechanism used by this implementation is Kerberos v5. diff --git a/src/mac/GSSLibrary.exp b/src/mac/GSSLibrary.exp index feeec20f7..8adbf9f88 100644 --- a/src/mac/GSSLibrary.exp +++ b/src/mac/GSSLibrary.exp @@ -59,13 +59,6 @@ gss_export_name gss_duplicate_name # -# GSS-API variables -# - gss_nt_user_name - gss_nt_machine_uid_name - gss_nt_string_uid_name - gss_nt_service_name -# # krb5-specific CCache name stuff # gss_krb5_ccache_name diff --git a/src/mac/K5.CFM.c b/src/mac/K5.CFM.c index e838e4c0f..57d1fbb26 100644 --- a/src/mac/K5.CFM.c +++ b/src/mac/K5.CFM.c @@ -1,9 +1,19 @@ -/* - * Copyright (C) 1997 by the Massachusetts Institute of Technology - * All rights reserved. +/* Copyright 1998 by the Massachusetts Institute of Technology. * - * For copying and distribution information, please see the file - * COPYRIGHT. + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. */ @@ -42,6 +52,8 @@ OSErr __initializeK5(CFragInitBlockPtr ibp) void __terminateK5(void) { + + krb5_stdcc_shutdown(); remove_error_table(&et_krb5_error_table); remove_error_table(&et_kv5m_error_table); diff --git a/src/mac/K5.CFMglue.cin b/src/mac/K5.CFMglue.cin index 633eeb341..f0fe80e4c 100644 --- a/src/mac/K5.CFMglue.cin +++ b/src/mac/K5.CFMglue.cin @@ -1,6 +1,5 @@ /* Include prototypes for glue functions */ #include -#include /* Hardcode library fragment name here */ -#define kLibraryName "\pK5Library" +#define kLibraryName "\pMIT Kerberos¥Kerberos5Lib" diff --git a/src/mac/K5.CFMglue.proto.h b/src/mac/K5.CFMglue.proto.h index 65a04414d..ddf86adf5 100644 --- a/src/mac/K5.CFMglue.proto.h +++ b/src/mac/K5.CFMglue.proto.h @@ -1,27 +1,249 @@ -krb5_error_code krb5_init_context(krb5_context *); -void krb5_free_context(krb5_context); -krb5_error_code krb5_get_credentials(krb5_context, const krb5_flags, krb5_ccache, krb5_creds *, krb5_creds **); -krb5_error_code krb5_mk_req_extended(krb5_context, krb5_auth_context *, const krb5_flags, krb5_data *, krb5_creds *, krb5_data * ); -krb5_error_code krb5_rd_rep(krb5_context, krb5_auth_context, const krb5_data *, krb5_ap_rep_enc_part **); -krb5_error_code krb5_copy_keyblock(krb5_context, const krb5_keyblock *, krb5_keyblock **); -void krb5_init_ets(krb5_context); -krb5_error_code krb5_cc_default(krb5_context, krb5_ccache *); -void krb5_free_principal(krb5_context, krb5_principal ); -void krb5_free_creds(krb5_context, krb5_creds *); -void krb5_free_cred_contents(krb5_context, krb5_creds *); -void krb5_free_keyblock(krb5_context, krb5_keyblock *); -void krb5_free_ap_rep_enc_part(krb5_context, krb5_ap_rep_enc_part *); -krb5_error_code krb5_sname_to_principal(krb5_context, const char *, const char *, krb5_int32, krb5_principal *); -krb5_error_code krb5_fwd_tgt_creds(krb5_context, krb5_auth_context, char *, krb5_principal, krb5_principal, krb5_ccache, int forwardable, krb5_data *); -krb5_error_code krb5_auth_con_init(krb5_context, krb5_auth_context *); -krb5_error_code krb5_auth_con_free(krb5_context, krb5_auth_context); -krb5_error_code krb5_auth_con_setflags(krb5_context, krb5_auth_context, krb5_int32); -krb5_error_code krb5_auth_con_setaddrs(krb5_context, krb5_auth_context, krb5_address *, krb5_address *); -krb5_error_code krb5_auth_con_setports(krb5_context, krb5_auth_context, krb5_address *, krb5_address *); -krb5_error_code krb5_auth_con_getlocalsubkey(krb5_context, krb5_auth_context, krb5_keyblock **); -krb5_error_code krb5_auth_con_genaddrs(krb5_context, krb5_auth_context, int, int); -int mit_des_ecb_encrypt(const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int ); -krb5_error_code mit_des_init_random_key( const krb5_encrypt_block *, const krb5_keyblock *, krb5_pointer *); -int mit_des_key_sched(mit_des_cblock , mit_des_key_schedule ); -krb5_error_code mit_des_random_key( const krb5_encrypt_block *, krb5_pointer , krb5_keyblock * *); -void com_err_va(const char *whoami, errcode_t code, const char *fmt, va_list ap)); +krb5_error_code krb5_c_encrypt (krb5_context context, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*ivec, const krb5_data*input, krb5_enc_data*output); +krb5_error_code krb5_c_decrypt (krb5_context context, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*ivec, const krb5_enc_data*input, krb5_data*output); +krb5_error_code krb5_c_encrypt_length (krb5_context context, krb5_enctype enctype, size_t inputlen, size_t*length); +krb5_error_code krb5_c_block_size (krb5_context context, krb5_enctype enctype, size_t*blocksize); +krb5_error_code krb5_c_make_random_key (krb5_context context, krb5_enctype enctype, krb5_keyblock*random_key); +krb5_error_code krb5_c_random_make_octets (krb5_context context, krb5_data*data); +krb5_error_code krb5_c_random_seed (krb5_context context, krb5_data*data); +krb5_error_code krb5_c_string_to_key (krb5_context context, krb5_enctype enctype, const krb5_data*string, const krb5_data*salt, krb5_keyblock*key); +krb5_error_code krb5_c_enctype_compare (krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean*similar); +krb5_error_code krb5_c_make_checksum (krb5_context context, krb5_cksumtype cksumtype, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*input, krb5_checksum*cksum); +krb5_error_code krb5_c_verify_checksum (krb5_context context, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*data, const krb5_checksum*cksum, krb5_boolean*valid); +krb5_error_code krb5_c_checksum_length (krb5_context context, krb5_cksumtype cksumtype, size_t*length); +krb5_error_code krb5_c_keyed_checksum_types (krb5_context context, krb5_enctype enctype, unsigned int*count, krb5_cksumtype**cksumtypes); +krb5_boolean valid_enctype (const krb5_enctype ktype); +krb5_boolean valid_cksumtype (const krb5_cksumtype ctype); +krb5_boolean is_coll_proof_cksum (const krb5_cksumtype ctype); +krb5_boolean is_keyed_cksum (const krb5_cksumtype ctype); +krb5_error_code krb5_encrypt (krb5_context context, const krb5_pointer inptr, krb5_pointer outptr, const size_t size, krb5_encrypt_block* eblock, krb5_pointer ivec); +krb5_error_code krb5_decrypt (krb5_context context, const krb5_pointer inptr, krb5_pointer outptr, const size_t size, krb5_encrypt_block* eblock, krb5_pointer ivec); +krb5_error_code krb5_process_key (krb5_context context, krb5_encrypt_block* eblock, const krb5_keyblock* key); +krb5_error_code krb5_finish_key (krb5_context context, krb5_encrypt_block* eblock); +krb5_error_code krb5_string_to_key (krb5_context context, const krb5_encrypt_block* eblock, krb5_keyblock* keyblock, const krb5_data* data, const krb5_data* salt); +krb5_error_code krb5_init_random_key (krb5_context context, const krb5_encrypt_block* eblock, const krb5_keyblock* keyblock, krb5_pointer* ptr); +krb5_error_code krb5_finish_random_key (krb5_context context, const krb5_encrypt_block* eblock, krb5_pointer* ptr); +krb5_error_code krb5_random_key (krb5_context context, const krb5_encrypt_block* eblock, krb5_pointer ptr, krb5_keyblock** keyblock); +krb5_enctype krb5_eblock_enctype (krb5_context context, const krb5_encrypt_block* eblock); +krb5_error_code krb5_use_enctype (krb5_context context, krb5_encrypt_block* eblock, const krb5_enctype enctype); +size_t krb5_encrypt_size (const size_t length, krb5_enctype crypto); +size_t krb5_checksum_size (krb5_context context, const krb5_cksumtype ctype); +krb5_error_code krb5_calculate_checksum (krb5_context context, const krb5_cksumtype ctype, const krb5_pointer in, const size_t in_length, const krb5_pointer seed, const size_t seed_length, krb5_checksum* outcksum); +krb5_error_code krb5_verify_checksum (krb5_context context, const krb5_cksumtype ctype, const krb5_checksum* cksum, const krb5_pointer in, const size_t in_length, const krb5_pointer seed, const size_t seed_length); +krb5_error_code krb5_random_confounder (size_t, krb5_pointer); +krb5_error_code krb5_encrypt_data (krb5_context context, krb5_keyblock*key, krb5_pointer ivec, krb5_data*data, krb5_enc_data*enc_data); +krb5_error_code krb5_decrypt_data (krb5_context context, krb5_keyblock*key, krb5_pointer ivec, krb5_enc_data*data, krb5_data*enc_data); +krb5_error_code krb5_rc_default (krb5_context, krb5_rcache*); +krb5_error_code krb5_rc_register_type (krb5_context, krb5_rc_ops*); +krb5_error_code krb5_rc_resolve_type (krb5_context, krb5_rcache*,char*); +krb5_error_code krb5_rc_resolve_full (krb5_context, krb5_rcache*,char*); +char* krb5_rc_get_type (krb5_context, krb5_rcache); +char* krb5_rc_default_type (krb5_context); +char* krb5_rc_default_name (krb5_context); +krb5_error_code krb5_auth_to_rep (krb5_context, krb5_tkt_authent*, krb5_donot_replay*); +krb5_error_code krb5_init_context (krb5_context*); +void krb5_free_context (krb5_context); +krb5_error_code krb5_set_default_in_tkt_ktypes (krb5_context, const krb5_enctype*); +krb5_error_code krb5_get_default_in_tkt_ktypes (krb5_context, krb5_enctype**); +krb5_error_code krb5_set_default_tgs_ktypes (krb5_context, const krb5_enctype*); +krb5_error_code krb5_get_tgs_ktypes (krb5_context, krb5_const_principal, krb5_enctype**); +krb5_error_code krb5_get_permitted_enctypes (krb5_context, krb5_enctype**); +krb5_boolean krb5_is_permitted_enctype (krb5_context, krb5_enctype); +krb5_error_code krb5_kdc_rep_decrypt_proc (krb5_context, const krb5_keyblock*, krb5_const_pointer, krb5_kdc_rep* ); +krb5_error_code krb5_decrypt_tkt_part (krb5_context, const krb5_keyblock*, krb5_ticket* ); +krb5_error_code krb5_get_cred_from_kdc (krb5_context, krb5_ccache, krb5_creds*, krb5_creds**, krb5_creds*** ); +krb5_error_code krb5_get_cred_from_kdc_validate (krb5_context, krb5_ccache, krb5_creds*, krb5_creds**, krb5_creds***); +krb5_error_code krb5_get_cred_from_kdc_renew (krb5_context, krb5_ccache, krb5_creds*, krb5_creds**, krb5_creds***); +void krb5_free_tgt_creds (krb5_context, krb5_creds**); +krb5_error_code krb5_get_credentials (krb5_context, const krb5_flags, krb5_ccache, krb5_creds*, krb5_creds**); +krb5_error_code krb5_get_credentials_validate (krb5_context, const krb5_flags, krb5_ccache, krb5_creds*, krb5_creds**); +krb5_error_code krb5_get_credentials_renew (krb5_context, const krb5_flags, krb5_ccache, krb5_creds*, krb5_creds**); +krb5_error_code krb5_get_cred_via_tkt (krb5_context, krb5_creds*, const krb5_flags, krb5_address* const*, krb5_creds*, krb5_creds**); +krb5_error_code krb5_mk_req (krb5_context, krb5_auth_context*, const krb5_flags, char*, char*, krb5_data*, krb5_ccache, krb5_data*); +krb5_error_code krb5_mk_req_extended (krb5_context, krb5_auth_context*, const krb5_flags, krb5_data*, krb5_creds*, krb5_data*); +krb5_error_code krb5_mk_rep (krb5_context, krb5_auth_context, krb5_data*); +krb5_error_code krb5_rd_rep (krb5_context, krb5_auth_context, const krb5_data*, krb5_ap_rep_enc_part**); +krb5_error_code krb5_mk_error (krb5_context, const krb5_error*, krb5_data*); +krb5_error_code krb5_rd_error (krb5_context, const krb5_data*, krb5_error**); +krb5_error_code krb5_rd_safe (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_rd_priv (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_parse_name (krb5_context, const char*, krb5_principal*); +krb5_error_code krb5_unparse_name (krb5_context, krb5_const_principal, char**); +krb5_error_code krb5_unparse_name_ext (krb5_context, krb5_const_principal, char**, int*); +krb5_error_code krb5_set_principal_realm (krb5_context, krb5_principal, const char*); +krb5_boolean krb5_address_search (krb5_context, const krb5_address*, krb5_address* const*); +krb5_boolean krb5_address_compare (krb5_context, const krb5_address*, const krb5_address*); +int krb5_address_order (krb5_context, const krb5_address*, const krb5_address*); +krb5_boolean krb5_realm_compare (krb5_context, krb5_const_principal, krb5_const_principal); +krb5_boolean krb5_principal_compare (krb5_context, krb5_const_principal, krb5_const_principal); +krb5_error_code krb5_copy_keyblock (krb5_context, const krb5_keyblock*, krb5_keyblock**); +krb5_error_code krb5_copy_keyblock_contents (krb5_context, const krb5_keyblock*, krb5_keyblock*); +krb5_error_code krb5_copy_creds (krb5_context, const krb5_creds*, krb5_creds**); +krb5_error_code krb5_copy_data (krb5_context, const krb5_data*, krb5_data**); +krb5_error_code krb5_copy_principal (krb5_context, krb5_const_principal, krb5_principal*); +krb5_error_code krb5_copy_addr (krb5_context, const krb5_address*, krb5_address**); +krb5_error_code krb5_copy_addresses (krb5_context, krb5_address* const*, krb5_address***); +krb5_error_code krb5_copy_ticket (krb5_context, const krb5_ticket*, krb5_ticket**); +krb5_error_code krb5_copy_authdata (krb5_context, krb5_authdata* const*, krb5_authdata***); +krb5_error_code krb5_copy_authenticator (krb5_context, const krb5_authenticator*, krb5_authenticator**); +krb5_error_code krb5_copy_checksum (krb5_context, const krb5_checksum*, krb5_checksum**); +void krb5_init_ets (krb5_context); +void krb5_free_ets (krb5_context); +krb5_error_code krb5_generate_subkey (krb5_context, const krb5_keyblock*, krb5_keyblock**); +krb5_error_code krb5_generate_seq_number (krb5_context, const krb5_keyblock*, krb5_int32*); +krb5_error_code krb5_get_server_rcache (krb5_context, const krb5_data*, krb5_rcache*); +krb5_error_code krb5_build_principal_va (krb5_context, krb5_principal, int, const char*, va_list); +krb5_error_code krb5_425_conv_principal (krb5_context, const char*name, const char*instance, const char*realm, krb5_principal*princ); +krb5_error_code krb5_524_conv_principal (krb5_context context, const krb5_principal princ, char*name, char*inst, char*realm); +krb5_error_code krb5_mk_chpw_req (krb5_context context, krb5_auth_context auth_context, krb5_data*ap_req, char*passwd, krb5_data*packet); +krb5_error_code krb5_rd_chpw_rep (krb5_context context, krb5_auth_context auth_context, krb5_data*packet, int*result_code, krb5_data*result_data); +krb5_error_code krb5_chpw_result_code_string (krb5_context context, int result_code, char**result_codestr); +krb5_error_code krb5_kt_register (krb5_context, krb5_kt_ops*); +krb5_error_code krb5_kt_resolve (krb5_context, const char*, krb5_keytab*); +krb5_error_code krb5_kt_default_name (krb5_context, char*, int); +krb5_error_code krb5_kt_default (krb5_context, krb5_keytab*); +krb5_error_code krb5_kt_free_entry (krb5_context, krb5_keytab_entry*); +krb5_error_code krb5_kt_remove_entry (krb5_context, krb5_keytab, krb5_keytab_entry*); +krb5_error_code krb5_kt_add_entry (krb5_context, krb5_keytab, krb5_keytab_entry*); +krb5_error_code krb5_principal2salt (krb5_context, krb5_const_principal, krb5_data*); +krb5_error_code krb5_principal2salt_norealm (krb5_context, krb5_const_principal, krb5_data*); +krb5_error_code krb5_cc_resolve (krb5_context, const char*, krb5_ccache*); +const char* krb5_cc_default_name (krb5_context); +krb5_error_code krb5_cc_set_default_name (krb5_context, const char*); +krb5_error_code krb5_cc_default (krb5_context, krb5_ccache*); +unsigned int krb5_get_notification_message (void); +krb5_error_code krb5_cc_copy_creds (krb5_context context, krb5_ccache incc, krb5_ccache outcc); +krb5_error_code krb5_check_transited_list (krb5_context, krb5_data*trans, krb5_data*realm1, krb5_data*realm2); +void krb5_free_realm_tree (krb5_context, krb5_principal*); +void krb5_free_principal (krb5_context, krb5_principal); +void krb5_free_authenticator (krb5_context, krb5_authenticator*); +void krb5_free_authenticator_contents (krb5_context, krb5_authenticator*); +void krb5_free_addresses (krb5_context, krb5_address**); +void krb5_free_address (krb5_context, krb5_address*); +void krb5_free_authdata (krb5_context, krb5_authdata**); +void krb5_free_enc_tkt_part (krb5_context, krb5_enc_tkt_part*); +void krb5_free_ticket (krb5_context, krb5_ticket*); +void krb5_free_tickets (krb5_context, krb5_ticket**); +void krb5_free_kdc_req (krb5_context, krb5_kdc_req*); +void krb5_free_kdc_rep (krb5_context, krb5_kdc_rep*); +void krb5_free_last_req (krb5_context, krb5_last_req_entry**); +void krb5_free_enc_kdc_rep_part (krb5_context, krb5_enc_kdc_rep_part*); +void krb5_free_error (krb5_context, krb5_error*); +void krb5_free_ap_req (krb5_context, krb5_ap_req*); +void krb5_free_ap_rep (krb5_context, krb5_ap_rep*); +void krb5_free_safe (krb5_context, krb5_safe*); +void krb5_free_priv (krb5_context, krb5_priv*); +void krb5_free_priv_enc_part (krb5_context, krb5_priv_enc_part*); +void krb5_free_cred (krb5_context, krb5_cred*); +void krb5_free_creds (krb5_context, krb5_creds*); +void krb5_free_cred_contents (krb5_context, krb5_creds*); +void krb5_free_cred_enc_part (krb5_context, krb5_cred_enc_part*); +void krb5_free_checksum (krb5_context, krb5_checksum*); +void krb5_free_checksum_contents (krb5_context, krb5_checksum*); +void krb5_free_keyblock (krb5_context, krb5_keyblock*); +void krb5_free_keyblock_contents (krb5_context, krb5_keyblock*); +void krb5_free_pa_data (krb5_context, krb5_pa_data**); +void krb5_free_ap_rep_enc_part (krb5_context, krb5_ap_rep_enc_part*); +void krb5_free_tkt_authent (krb5_context, krb5_tkt_authent*); +void krb5_free_pwd_data (krb5_context, krb5_pwd_data*); +void krb5_free_pwd_sequences (krb5_context, passwd_phrase_element**); +void krb5_free_data (krb5_context, krb5_data*); +void krb5_free_data_contents (krb5_context, krb5_data*); +void krb5_free_unparsed_name (krb5_context, char*); +void krb5_free_cksumtypes (krb5_context, krb5_cksumtype*); +krb5_error_code krb5_us_timeofday (krb5_context, krb5_int32*, krb5_int32*); +krb5_error_code krb5_timeofday (krb5_context, krb5_int32*); +krb5_error_code krb5_os_localaddr (krb5_context, krb5_address***); +krb5_error_code krb5_get_default_realm (krb5_context, char**); +krb5_error_code krb5_set_default_realm (krb5_context, const char*); +krb5_error_code krb5_sname_to_principal (krb5_context, const char*, const char*, krb5_int32, krb5_principal*); +krb5_error_code krb5_change_password (krb5_context context, krb5_creds*creds, char*newpw, int*result_code, krb5_data*result_code_string, krb5_data*result_string); +krb5_error_code krb5_get_profile (krb5_context, profile_t*); +krb5_error_code krb5_secure_config_files (krb5_context); +krb5_error_code krb5_send_tgs (krb5_context, const krb5_flags, const krb5_ticket_times*, const krb5_enctype*, krb5_const_principal, krb5_address* const*, krb5_authdata* const*, krb5_pa_data* const*, const krb5_data*, krb5_creds*, krb5_response*); +krb5_error_code krb5_get_in_tkt_with_password (krb5_context, const krb5_flags, krb5_address* const*, krb5_enctype*, krb5_preauthtype*, const char*, krb5_ccache, krb5_creds*, krb5_kdc_rep**); +krb5_error_code krb5_get_in_tkt_with_skey (krb5_context, const krb5_flags, krb5_address* const*, krb5_enctype*, krb5_preauthtype*, const krb5_keyblock*, krb5_ccache, krb5_creds*, krb5_kdc_rep**); +krb5_error_code krb5_get_in_tkt_with_keytab (krb5_context, const krb5_flags, krb5_address* const*, krb5_enctype*, krb5_preauthtype*, const krb5_keytab, krb5_ccache, krb5_creds*, krb5_kdc_rep**); +krb5_error_code krb5_decode_kdc_rep (krb5_context, krb5_data*, const krb5_keyblock*, krb5_kdc_rep**); +krb5_error_code krb5_rd_req (krb5_context, krb5_auth_context*, const krb5_data*, krb5_const_principal, krb5_keytab, krb5_flags*, krb5_ticket**); +krb5_error_code krb5_rd_req_decoded (krb5_context, krb5_auth_context*, const krb5_ap_req*, krb5_const_principal, krb5_keytab, krb5_flags*, krb5_ticket**); +krb5_error_code krb5_rd_req_decoded_anyflag (krb5_context, krb5_auth_context*, const krb5_ap_req*, krb5_const_principal, krb5_keytab, krb5_flags*, krb5_ticket**); +krb5_error_code krb5_kt_read_service_key (krb5_context, krb5_pointer, krb5_principal, krb5_kvno, krb5_enctype, krb5_keyblock**); +krb5_error_code krb5_mk_safe (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_mk_priv (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_cc_register (krb5_context, krb5_cc_ops*, krb5_boolean); +krb5_error_code krb5_sendauth (krb5_context, krb5_auth_context*, krb5_pointer, char*, krb5_principal, krb5_principal, krb5_flags, krb5_data*, krb5_creds*, krb5_ccache, krb5_error**, krb5_ap_rep_enc_part**, krb5_creds**); +krb5_error_code krb5_recvauth (krb5_context, krb5_auth_context*, krb5_pointer, char*, krb5_principal, krb5_int32, krb5_keytab, krb5_ticket**); +krb5_error_code krb5_walk_realm_tree (krb5_context, const krb5_data*, const krb5_data*, krb5_principal**, int); +krb5_error_code krb5_mk_ncred (krb5_context, krb5_auth_context, krb5_creds**, krb5_data**, krb5_replay_data*); +krb5_error_code krb5_mk_1cred (krb5_context, krb5_auth_context, krb5_creds*, krb5_data**, krb5_replay_data*); +krb5_error_code krb5_rd_cred (krb5_context, krb5_auth_context, krb5_data*, krb5_creds***, krb5_replay_data*); +krb5_error_code krb5_fwd_tgt_creds (krb5_context, krb5_auth_context, char*, krb5_principal, krb5_principal, krb5_ccache, int forwardable, krb5_data*); +krb5_error_code krb5_auth_con_init (krb5_context, krb5_auth_context*); +krb5_error_code krb5_auth_con_free (krb5_context, krb5_auth_context); +krb5_error_code krb5_auth_con_setflags (krb5_context, krb5_auth_context, krb5_int32); +krb5_error_code krb5_auth_con_getflags (krb5_context, krb5_auth_context, krb5_int32*); +krb5_error_code krb5_auth_con_setaddrs (krb5_context, krb5_auth_context, krb5_address*, krb5_address*); +krb5_error_code krb5_auth_con_getaddrs (krb5_context, krb5_auth_context, krb5_address**, krb5_address**); +krb5_error_code krb5_auth_con_setports (krb5_context, krb5_auth_context, krb5_address*, krb5_address*); +krb5_error_code krb5_auth_con_setuseruserkey (krb5_context, krb5_auth_context, krb5_keyblock*); +krb5_error_code krb5_auth_con_getkey (krb5_context, krb5_auth_context, krb5_keyblock**); +krb5_error_code krb5_auth_con_getlocalsubkey (krb5_context, krb5_auth_context, krb5_keyblock**); +krb5_error_code krb5_auth_con_set_req_cksumtype (krb5_context, krb5_auth_context, krb5_cksumtype); +krb5_error_code krb5_auth_con_set_safe_cksumtype (krb5_context, krb5_auth_context, krb5_cksumtype); +krb5_error_code krb5_auth_con_getcksumtype (krb5_context, krb5_auth_context, krb5_cksumtype*); +krb5_error_code krb5_auth_con_getlocalseqnumber (krb5_context, krb5_auth_context, krb5_int32*); +krb5_error_code krb5_auth_con_getremoteseqnumber (krb5_context, krb5_auth_context, krb5_int32*); +krb5_error_code krb5_auth_con_initivector (krb5_context, krb5_auth_context); +krb5_error_code krb5_auth_con_setivector (krb5_context, krb5_auth_context, krb5_pointer); +krb5_error_code krb5_auth_con_getivector (krb5_context, krb5_auth_context, krb5_pointer*); +krb5_error_code krb5_auth_con_setrcache (krb5_context, krb5_auth_context, krb5_rcache); +krb5_error_code krb5_auth_con_getrcache (krb5_context, krb5_auth_context, krb5_rcache*); +krb5_error_code krb5_auth_con_getauthenticator (krb5_context, krb5_auth_context, krb5_authenticator**); +krb5_error_code krb5_auth_con_getremotesubkey (krb5_context, krb5_auth_context, krb5_keyblock**); +krb5_error_code krb5_read_password (krb5_context, const char*, const char*, char*, int*); +krb5_error_code krb5_aname_to_localname (krb5_context, krb5_const_principal, const int, char*); +krb5_error_code krb5_get_host_realm (krb5_context, const char*, char***); +krb5_error_code krb5_free_host_realm (krb5_context, char* const*); +krb5_error_code krb5_get_realm_domain (krb5_context, const char*, char**); +krb5_boolean krb5_kuserok (krb5_context, krb5_principal, const char*); +krb5_error_code krb5_auth_con_genaddrs (krb5_context, krb5_auth_context, int, int); +krb5_error_code krb5_gen_portaddr (krb5_context, const krb5_address*, krb5_const_pointer, krb5_address**); +krb5_error_code krb5_make_fulladdr (krb5_context, krb5_address*, krb5_address*, krb5_address*); +krb5_error_code krb5_os_hostaddr (krb5_context, const char*, krb5_address***); +krb5_error_code krb5_set_real_time (krb5_context, krb5_int32, krb5_int32); +krb5_error_code krb5_set_debugging_time (krb5_context, krb5_int32, krb5_int32); +krb5_error_code krb5_use_natural_time (krb5_context); +krb5_error_code krb5_get_time_offsets (krb5_context, krb5_int32*, krb5_int32*); +krb5_error_code krb5_set_time_offsets (krb5_context, krb5_int32, krb5_int32); +krb5_error_code krb5_string_to_enctype (char*, krb5_enctype*); +krb5_error_code krb5_string_to_salttype (char*, krb5_int32*); +krb5_error_code krb5_string_to_cksumtype (char*, krb5_cksumtype*); +krb5_error_code krb5_string_to_timestamp (char*, krb5_timestamp*); +krb5_error_code krb5_string_to_deltat (char*, krb5_deltat*); +krb5_error_code krb5_enctype_to_string (krb5_enctype, char*, size_t); +krb5_error_code krb5_salttype_to_string (krb5_int32, char*, size_t); +krb5_error_code krb5_cksumtype_to_string (krb5_cksumtype, char*, size_t); +krb5_error_code krb5_timestamp_to_string (krb5_timestamp, char*, size_t); +krb5_error_code krb5_timestamp_to_sfstring (krb5_timestamp, char*, size_t, char*); +krb5_error_code krb5_deltat_to_string (krb5_deltat, char*, size_t); +krb5_error_code krb5_prompter_posix (krb5_context context, void*data, const char*name, const char*banner, int num_prompts, krb5_prompt prompts[]); +void krb5_get_init_creds_opt_init (krb5_get_init_creds_opt*opt); +void krb5_get_init_creds_opt_set_tkt_life (krb5_get_init_creds_opt*opt, krb5_deltat tkt_life); +void krb5_get_init_creds_opt_set_renew_life (krb5_get_init_creds_opt*opt, krb5_deltat renew_life); +void krb5_get_init_creds_opt_set_forwardable (krb5_get_init_creds_opt*opt, int forwardable); +void krb5_get_init_creds_opt_set_proxiable (krb5_get_init_creds_opt*opt, int proxiable); +void krb5_get_init_creds_opt_set_etype_list (krb5_get_init_creds_opt*opt, krb5_enctype*etype_list, int etype_list_length); +void krb5_get_init_creds_opt_set_address_list (krb5_get_init_creds_opt*opt, krb5_address**addresses); +void krb5_get_init_creds_opt_set_preauth_list (krb5_get_init_creds_opt*opt, krb5_preauthtype*preauth_list, int preauth_list_length); +void krb5_get_init_creds_opt_set_salt (krb5_get_init_creds_opt*opt, krb5_data*salt); +krb5_error_code krb5_get_init_creds_password (krb5_context context, krb5_creds*creds, krb5_principal client, char*password, krb5_prompter_fct prompter, void*data, krb5_deltat start_time, char*in_tkt_service, krb5_get_init_creds_opt*options); +krb5_error_code krb5_get_init_creds_keytab (krb5_context context, krb5_creds*creds, krb5_principal client, krb5_keytab arg_keytab, krb5_deltat start_time, char*in_tkt_service, krb5_get_init_creds_opt*options); +void krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt*options); +void krb5_verify_init_creds_opt_set_ap_req_nofail (krb5_verify_init_creds_opt*options, int ap_req_nofail); +krb5_error_code krb5_verify_init_creds (krb5_context context, krb5_creds*creds, krb5_principal ap_req_server, krb5_keytab ap_req_keytab, krb5_ccache*ccache, krb5_verify_init_creds_opt*options); +krb5_error_code krb5_get_validated_creds (krb5_context context, krb5_creds*creds, krb5_principal client, krb5_ccache ccache, char*in_tkt_service); +krb5_error_code krb5_get_renewed_creds (krb5_context context, krb5_creds*creds, krb5_principal client, krb5_ccache ccache, char*in_tkt_service); +krb5_error_code krb5_realm_iterator_create (krb5_context context, void**iter_p); +krb5_error_code krb5_realm_iterator (krb5_context context, void**iter_p, char**ret_realm); +void krb5_realm_iterator_free (krb5_context context, void**iter_p); +void krb5_free_realm_string (krb5_context context, char*str); diff --git a/src/mac/K5Library.exp b/src/mac/K5Library.exp index f81e27c39..9d7ace976 100644 --- a/src/mac/K5Library.exp +++ b/src/mac/K5Library.exp @@ -206,7 +206,6 @@ #Temporary exports (DO NOT USE) decode_krb5_ticket -# profile_get_values krb5_random_confounder krb5_size_opaque krb5_internalize_opaque @@ -222,9 +221,3 @@ krb5_ser_rcache_init decode_krb5_ap_req krb5_mcc_ops - -#com_err -- we should really have this in a separate lib! -# add_error_table -# remove_error_table - error_message - \ No newline at end of file diff --git a/src/mac/KerberosProfileLib ReadMe b/src/mac/KerberosProfileLib ReadMe new file mode 100644 index 000000000..96fea1158 --- /dev/null +++ b/src/mac/KerberosProfileLib ReadMe @@ -0,0 +1,11 @@ +KerberosProfileLib implements the Kerberos 5 profile API, used for reading and writing +Kerberos configuration files. See profile.h for API documentation. + +Note that you should rarely, if ever, use profile_init or profile_init_path. You +probably mean to use krb5_get_profile, to avoid making your code depend on the +location of a specific Kerberos 5 preferences file. This is especially important +as the name and possibly the location of Kerberos configuration file is going to +change in the future. + +Also note that you need both Kerberos5Lib:Headers: and KerberosProfileLib:Headers: +in your include path to use profile.h \ No newline at end of file diff --git a/src/mac/KrbProfileLib.glue.h b/src/mac/KrbProfileLib.glue.h new file mode 100644 index 000000000..05748eea5 --- /dev/null +++ b/src/mac/KrbProfileLib.glue.h @@ -0,0 +1,6 @@ +#ifndef _KERBEROSPROFILE_CFMGLUE_H_ +#define _KERBEROSPROFILE_CFMGLUE_H_ + +Boolean KerberosProfileLibraryIsPresent (); + +#endif /* _KERBEROSPROFILE_CFMGLUE_H_ */ \ No newline at end of file diff --git a/src/mac/KrbProfileLib.glue.post.cin b/src/mac/KrbProfileLib.glue.post.cin new file mode 100644 index 000000000..bc3bf9af4 --- /dev/null +++ b/src/mac/KrbProfileLib.glue.post.cin @@ -0,0 +1,7 @@ +#include + +Boolean KerberosProfileLibraryIsPresent () +{ + Ptr symAddr; + return (Find_Symbol (&symAddr, "\pprofile_init", profile_init_ProcInfo)) == noErr; +} \ No newline at end of file diff --git a/src/mac/KrbProfileLib.glue.pre.cin b/src/mac/KrbProfileLib.glue.pre.cin new file mode 100644 index 000000000..37b20e8de --- /dev/null +++ b/src/mac/KrbProfileLib.glue.pre.cin @@ -0,0 +1,5 @@ +/* Include prototypes for glue functions */ +#include + +/* Hardcode library fragment name here */ +#define kLibraryName "\pMIT Kerberos¥KerberosProfileLib" diff --git a/src/mac/KrbProfileLib.glue.proto.h b/src/mac/KrbProfileLib.glue.proto.h new file mode 100644 index 000000000..80e33370d --- /dev/null +++ b/src/mac/KrbProfileLib.glue.proto.h @@ -0,0 +1,18 @@ +long profile_init (profile_filespec_t *files, profile_t *ret_profile); +long profile_init_path (profile_filespec_list_t filelist, profile_t *ret_profile); +long profile_flush (profile_t profile); +void profile_abandon (profile_t profile); +void profile_release (profile_t profile); +long profile_get_values (profile_t profile, const char **names, char ***ret_values); +void profile_free_list (char **list); +long profile_get_string (profile_t profile, const char *name, const char *subname, const char *subsubname, const char *def_val, char **ret_string); long profile_get_integer (profile_t profile, const char *name, const char *subname, const char *subsubname, int def_val, int *ret_default); +long profile_get_relation_names (profile_t profile, const char **names, char ***ret_names); +long profile_get_subsection_names (profile_t profile, const char **names, char ***ret_names); +long profile_iterator_create (profile_t profile, const char **names, int flags, void **ret_iter); +void profile_iterator_free (void **iter_p); +long profile_iterator (void **iter_p, char **ret_name, char **ret_value); +void profile_release_string (char *str); +long profile_update_relation (profile_t profile, const char **names, const char *old_value, const char *new_value); +long profile_clear_relation (profile_t profile, const char **names); +long profile_rename_section (profile_t profile, const char **names, const char *new_name); +long profile_add_relation (profile_t profile, const char **names, const char *new_value); diff --git a/src/mac/Makefile b/src/mac/Makefile index 9797fe5ad..fe5e9fcff 100644 --- a/src/mac/Makefile +++ b/src/mac/Makefile @@ -20,16 +20,23 @@ library-kind-final = ############################################################################################################## # Everything -all Ä glue all-debug all-final +all Ä unset-echo all-debug all-final # Debugging versions -all-debug Ä ppc-debug 68k-debug headers +all-debug Ä unset-echo ppc-debug 68k-debug # Final versions -all-final Ä ppc-final 68k-final headers +all-final Ä unset-echo ppc-final 68k-final # Clasic 68K glue -glue Ä glue-gss glue-krb5 +glue Ä unset-echo glue-gss glue-krb5 + +unset-echo Ä + If ({MacdevScriptDebug}) + Set Echo 1 + Else + Unset Echo + End ############################################################################################################## ### More global constants @@ -42,42 +49,49 @@ krb5-library-output-folder = {root-folder}:Kerberos5Lib:Binaries: krb5-globals-library-output-folder = {root-folder}:Kerberos5GlobalsLib:Binaries: krb5-globals-data-library-output-folder = {krb5-globals-library-output-folder} profile-library-output-folder = {root-folder}:KerberosProfileLib:Binaries: +comerr-library-output-folder = {root-folder}:ComErrLib:Binaries: gss-library-name = GSSLib krb5-library-name = Kerberos5Lib krb5-globals-library-name = Krb5GlobalsLib krb5-globals-data-library-name = Krb5GlobalsDataLib profile-library-name = KrbProfileLib +comerr-library-name = ComErrLib gss-library-export = {root-folder}mac:GSSLibrary.exp krb5-library-export = {root-folder}mac:K5Library.exp krb5-globals-library-export = {krb5-globals-root-folder}Krb5Globals.exp krb5-globals-data-library-export = {krb5-globals-root-folder}Krb5GlobalsData.exp profile-library-export = {root-folder}util:profile:profile.exp +comerr-library-export = {root-folder}util:et:et.exp gss-library-fragment-name = "GSSLibrary" krb5-library-fragment-name = "MIT Kerberos¥Kerberos5Lib" krb5-globals-library-fragment-name = "MIT Kerberos¥Kerberos5GlobalsLib" krb5-globals-data-library-fragment-name = "MIT Kerberos¥Kerberos5GlobalsDataLib" profile-library-fragment-name = "MIT Kerberos¥KerberosProfileLib" +comerr-library-fragment-name = "MIT Kerberos¥ComErrLib" gss-library-main = ¶"¶" krb5-library-main = ¶"¶" krb5-globals-library-main = ¶"¶" krb5-globals-data-library-main = ¶"¶" profile-library-main = ¶"¶" +comerr-library-main = ¶"¶" gss-library-init = __initializeGSS krb5-library-init = __initializeK5 krb5-globals-library-init = __initialize_Kerberos5GlobalsLib krb5-globals-data-library-init = __initialize profile-library-init = InitializeProfileLib +comerr-library-init = __initialize gss-library-term = __terminateGSS krb5-library-term = __terminateK5 krb5-globals-library-term = __terminate_Kerberos5GlobalsLib krb5-globals-data-library-term = __terminate profile-library-term = TerminateProfileLib +comerr-library-term = __terminate gss-library-current-version = 1 gss-library-definition-version = 0 @@ -99,14 +113,18 @@ profile-library-current-version = 0 profile-library-definition-version = 0 profile-library-implementation-version = 0 +comerr-library-current-version = 0 +comerr-library-definition-version = 0 +comerr-library-implementation-version = 0 + ############################################################################################################## ### Generation of file lists ############################################################################################################## +list-generation-script-working-folder = "{root-folder}mac:" list-generation-script-folder = "{root-folder}mac:" list-generation-script = "{list-generation-script-folder}macfile_gen.pl" list-generation-script-root = ".." -list-generation-script-prefix = "{root-folder}" all-files-list = {root-folder}"All files.list" all-sources-list = {root-folder}"All sources.list" @@ -132,6 +150,11 @@ profile-objects-68k-debug-list = {root-folder}"Profile objects 68K debug.lis profile-objects-ppc-final-list = {root-folder}"Profile objects PPC final.list" profile-objects-68k-final-list = {root-folder}"Profile objects 68K final.list" +comerr-objects-ppc-debug-list = {root-folder}"ComErr objects PPC debug.list" +comerr-objects-68k-debug-list = {root-folder}"ComErr objects 68K debug.list" +comerr-objects-ppc-final-list = {root-folder}"ComErr objects PPC final.list" +comerr-objects-68k-final-list = {root-folder}"ComErr objects 68K final.list" + all-lists = ¶ {all-files-list} ¶ {all-sources-list} ¶ @@ -150,7 +173,11 @@ all-lists = {profile-objects-ppc-debug-list} ¶ {profile-objects-68k-debug-list} ¶ {profile-objects-ppc-final-list} ¶ - {profile-objects-68k-final-list} + {profile-objects-68k-final-list} ¶ + {comerr-objects-ppc-debug-list} ¶ + {comerr-objects-68k-debug-list} ¶ + {comerr-objects-ppc-final-list} ¶ + {comerr-objects-68k-final-list} file-lists Ä {all-lists} @@ -159,75 +186,91 @@ file-lists # path to root Makefile.in. This is why we run it with -x to specify the root. {all-files-list} Ä {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} all-files {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} all-files {list-generation-script-root} ¶ > {Targ} {all-sources-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} all-sources {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} all-sources {list-generation-script-root} ¶ < {all-files-list} > {Targ} {all-folders-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} all-folders {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} all-folders {list-generation-script-root} ¶ < {all-files-list} > {Targ} {include-folders-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} include-folders {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} include-folders {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-sources-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-sources {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-sources {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-sources-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-sources {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-sources {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-ppc-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-ppc-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-68k-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-68k-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-ppc-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-ppc-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-68k-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-68k-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-ppc-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-ppc-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-68k-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-68k-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-ppc-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-ppc-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-68k-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-68k-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-ppc-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-ppc-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-68k-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-68k-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-ppc-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-ppc-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-68k-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-68k-final {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-ppc-debug {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-68k-debug {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-ppc-final {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-68k-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} ############################################################################################################## @@ -324,19 +367,19 @@ autogenerated-files = Catenate {root-folder}util:profile:profile.hin {root-folder}util:profile:prof_err.h > {root-folder}util:profile:profile.h {root-folder}include:profile.h Ä {root-folder}util:profile:profile.h - Duplicate -y {root-folder}util:profile:profile.h {root-folder}include:profile.h + Catenate {root-folder}util:profile:profile.h > {root-folder}include:profile.h SetFile -a l "{Targ}" {root-folder}include:krb5:osconf.h Ä {root-folder}include:krb5:stock:osconf.h - Duplicate -y {root-folder}include:krb5:stock:osconf.h {root-folder}include:krb5:osconf.h + Catenate {root-folder}include:krb5:stock:osconf.h > {root-folder}include:krb5:osconf.h SetFile -a l "{Targ}" {root-folder}lib:gssapi:generic:gssapi.h Ä {root-folder}lib:gssapi:generic:gssapi.hin - Duplicate -y {root-folder}lib:gssapi:generic:gssapi.hin {root-folder}lib:gssapi:generic:gssapi.h + Catenate {root-folder}lib:gssapi:generic:gssapi.hin > {root-folder}lib:gssapi:generic:gssapi.h SetFile -a l "{Targ}" {root-folder}include:autoconf.h Ä {root-folder}mac:libraries:autoconf.h - Duplicate -y {root-folder}mac:libraries:autoconf.h {root-folder}include:autoconf.h + Catenate {root-folder}mac:libraries:autoconf.h > {root-folder}include:autoconf.h SetFile -a l "{Targ}" ############################################################################################################## @@ -377,16 +420,27 @@ autogenerated-files = ### krb5-globals-library-term -- name of Krb5 globals library termination routine ### krb5-globals-library-linker-options -- all other Krb5 globals library linker options ### For profile library -### profile-library-output-folder -- destination of Krb5 globals library output -### profile-library-name -- name of the Krb5 globals library -### profile-library-export -- name of gss Krb5 globals library export file -### profile-library-libraries -- list of libraries Krb5 globals library links against -### profile-library-objects -- list of object files Krb5 globals library links -### profile-library-fragment-name -- name of Krb5 globals library fragment -### profile-library-main -- name of Krb5 globals library main entry point -### profile-library-init -- name of Krb5 globals library initialization routine -### profile-library-term -- name of Krb5 globals library termination routine -### profile-library-linker-options -- all other Krb5 globals library linker options +### profile-library-output-folder -- destination of profile library output +### profile-library-name -- name of the profile library +### profile-library-export -- name of gss profile library export file +### profile-library-libraries -- list of libraries profile library links against +### profile-library-objects -- list of object files profile library links +### profile-library-fragment-name -- name of profile library fragment +### profile-library-main -- name of profile library main entry point +### profile-library-init -- name of profile library initialization routine +### profile-library-term -- name of profile library termination routine +### profile-library-linker-options -- all other profile library linker options +### For comerr library +### comerr-library-output-folder -- destination of comerr library output +### comerr-library-name -- name of the comerr library +### comerr-library-export -- name of gss comerr library export file +### comerr-library-libraries -- list of libraries comerr library links against +### comerr-library-objects -- list of object files comerr library links +### comerr-library-fragment-name -- name of comerr library fragment +### comerr-library-main -- name of comerr library main entry point +### comerr-library-init -- name of comerr library initialization routine +### comerr-library-term -- name of comerr library termination routine +### comerr-library-linker-options -- all other comerr library linker options ### General ### library-linker -- linker to use ### autogenerated-files -- list of autogenerated files @@ -458,19 +512,23 @@ object-suffix-68k-data = .68k.o gss-library-libraries-ppc-debug = ¶ {standard-libraries-ppc-debug} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-ppc}{library-kind-debug} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-debug} + {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-debug} gss-library-libraries-68k-debug = ¶ {standard-libraries-68k-debug} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-68k}{library-kind-debug} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-debug} gss-library-libraries-ppc-final = ¶ {standard-libraries-ppc-final} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-ppc}{library-kind-final} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-final} + {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-final} gss-library-libraries-68k-final = ¶ {standard-libraries-68k-final} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-68k}{library-kind-final} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-final} krb5-library-libraries-ppc-debug = ¶ {standard-libraries-ppc-debug} ¶ @@ -479,6 +537,7 @@ krb5-library-libraries-ppc-debug = {errorlib-ppc-debug} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-ppc}{library-kind-debug} ¶ {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-debug} ¶ ¶"{PPCLibraries}PPCMath64Lib.o¶" ¶ ¶"{SharedLibraries}DriverServicesLib¶" krb5-library-libraries-68k-debug = ¶ @@ -487,7 +546,8 @@ krb5-library-libraries-68k-debug = {socketslib-68k-debug} ¶ {errorlib-68k-debug} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-68k}{library-kind-debug} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-debug} krb5-library-libraries-ppc-final = ¶ {standard-libraries-ppc-final} ¶ {ccachelib-ppc-final} ¶ @@ -495,6 +555,7 @@ krb5-library-libraries-ppc-final = {errorlib-ppc-final} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-ppc}{library-kind-final} ¶ {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-final} ¶ ¶"{PPCLibraries}PPCMath64Lib.o¶" ¶ ¶"{SharedLibraries}DriverServicesLib¶" krb5-library-libraries-68k-final = ¶ @@ -503,7 +564,8 @@ krb5-library-libraries-68k-final = {socketslib-68k-final} ¶ {errorlib-68k-final} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-68k}{library-kind-final} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-final} krb5-globals-library-libraries-ppc-debug = ¶ {standard-libraries-ppc-debug} ¶ @@ -526,12 +588,25 @@ krb5-globals-data-library-libraries-ppc = krb5-globals-data-library-libraries-68k = ¶"{MW68KLibraries}MSL MWCFM68KRuntime.Lib¶" profile-library-libraries-ppc-debug = ¶ - {standard-libraries-ppc-debug} + {standard-libraries-ppc-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-debug} profile-library-libraries-68k-debug = ¶ - {standard-libraries-68k-debug} + {standard-libraries-68k-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-debug} profile-library-libraries-ppc-final = ¶ - {standard-libraries-ppc-final} + {standard-libraries-ppc-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-final} profile-library-libraries-68k-final = ¶ + {standard-libraries-68k-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-final} + +comerr-library-libraries-ppc-debug = ¶ + {standard-libraries-ppc-debug} +comerr-library-libraries-68k-debug = ¶ + {standard-libraries-68k-debug} +comerr-library-libraries-ppc-final = ¶ + {standard-libraries-ppc-final} +comerr-library-libraries-68k-final = ¶ {standard-libraries-68k-final} ### Construct linker options. @@ -589,15 +664,33 @@ profile-library-linker-options-68k-debug = {common-linker-options-debug} {profil profile-library-linker-options-ppc-final = {common-linker-options-final} {profile-library-common-linker-options} profile-library-linker-options-68k-final = {common-linker-options-final} {profile-library-common-linker-options} -gss-library-objects-ppc-debug = `catenate {gss-objects-ppc-debug-list}` {root-folder}mac:GSS.CFM{object-suffix-ppc-debug} -gss-library-objects-68k-debug = `catenate {gss-objects-68k-debug-list}` {root-folder}mac:GSS.CFM{object-suffix-68k-debug} -gss-library-objects-ppc-final = `catenate {gss-objects-ppc-final-list}` {root-folder}mac:GSS.CFM{object-suffix-ppc-final} -gss-library-objects-68k-final = `catenate {gss-objects-68k-final-list}` {root-folder}mac:GSS.CFM{object-suffix-68k-final} - -krb5-library-objects-ppc-debug = `catenate {krb5-objects-ppc-debug-list}` {root-folder}mac:K5.CFM{object-suffix-ppc-debug} -krb5-library-objects-68k-debug = `catenate {krb5-objects-68k-debug-list}` {root-folder}mac:K5.CFM{object-suffix-68k-debug} -krb5-library-objects-ppc-final = `catenate {krb5-objects-ppc-final-list}` {root-folder}mac:K5.CFM{object-suffix-ppc-final} -krb5-library-objects-68k-final = `catenate {krb5-objects-68k-final-list}` {root-folder}mac:K5.CFM{object-suffix-68k-final} +comerr-library-common-linker-options = ¶ + -cv {comerr-library-current-version} ¶ + -dv {comerr-library-definition-version} ¶ + -uv {comerr-library-implementation-version} + +comerr-library-linker-options-ppc-debug = {common-linker-options-debug} {comerr-library-common-linker-options} +comerr-library-linker-options-68k-debug = {common-linker-options-debug} {comerr-library-common-linker-options} +comerr-library-linker-options-ppc-final = {common-linker-options-final} {comerr-library-common-linker-options} +comerr-library-linker-options-68k-final = {common-linker-options-final} {comerr-library-common-linker-options} + +gss-library-objects-ppc-debug = `catenate {gss-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-ppc-debug} +gss-library-objects-68k-debug = `catenate {gss-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-68k-debug} +gss-library-objects-ppc-final = `catenate {gss-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-ppc-final} +gss-library-objects-68k-final = `catenate {gss-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-68k-final} + +krb5-library-objects-ppc-debug = `catenate {krb5-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-ppc-debug} +krb5-library-objects-68k-debug = `catenate {krb5-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-68k-debug} +krb5-library-objects-ppc-final = `catenate {krb5-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-ppc-final} +krb5-library-objects-68k-final = `catenate {krb5-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-68k-final} krb5-globals-library-objects-ppc-debug = ¶ {krb5-globals-root-folder}Krb5Globals{object-suffix-ppc-debug} ¶ @@ -615,10 +708,19 @@ krb5-globals-library-objects-68k-final = krb5-globals-data-library-objects-ppc = {krb5-globals-root-folder}Krb5GlobalsData{object-suffix-ppc-data} krb5-globals-data-library-objects-68k = {krb5-globals-root-folder}Krb5GlobalsData{object-suffix-68k-data} -profile-library-objects-ppc-debug = `catenate {profile-objects-ppc-debug-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-debug} -profile-library-objects-68k-debug = `catenate {profile-objects-68k-debug-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-68k-debug} -profile-library-objects-ppc-final = `catenate {profile-objects-ppc-final-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-final} -profile-library-objects-68k-final = `catenate {profile-objects-68k-final-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-68k-final} +profile-library-objects-ppc-debug = `catenate {profile-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-debug} +profile-library-objects-68k-debug = `catenate {profile-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-68k-debug} +profile-library-objects-ppc-final = `catenate {profile-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-final} +profile-library-objects-68k-final = `catenate {profile-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-68k-final} + +comerr-library-objects-ppc-debug = `catenate {comerr-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` +comerr-library-objects-68k-debug = `catenate {comerr-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` +comerr-library-objects-ppc-final = `catenate {comerr-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` +comerr-library-objects-68k-final = `catenate {comerr-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/¥:(Å)¨2/ Print prefix¨2"` library-linker-ppc = MWLinkPPC library-linker-68K = MWLink68K @@ -632,7 +734,7 @@ common-compiler-options = -model farData # Don't put the prefix file in these options because they are used to precompile the prefix file -ppc-compiler-options = +ppc-compiler-options = -tb on 68k-compiler-options = -model cfmflat debug-compiler-options = -sym on final-compiler-options = -sym off @@ -642,7 +744,7 @@ mitsupportlib-include-paths = -i {mitsupportlib-root-folder}ErrorLib:Headers: ¶ -i {mitsupportlib-root-folder}UtilitiesLib:Headers: -include-paths = `catenate {include-folders-list}` ¶ +include-paths = `catenate {include-folders-list} | StreamEdit -d -set prefix="{root-folder}mac:" -e "/-i (Å)¨1/ Print '-i 'prefix¨1"` ¶ -i {mitkerberoslib-root-folder}CCacheLib:Headers: ¶ -i {krb5-globals-root-folder} ¶ {mitsupportlib-include-paths} @@ -714,7 +816,14 @@ make-options-common = -d profile-library-fragment-name={profile-library-fragment-name} ¶ -d profile-library-main="{profile-library-main}" ¶ -d profile-library-init="{profile-library-init}" ¶ - -d profile-library-term="{profile-library-term}" + -d profile-library-term="{profile-library-term}" ¶ + -d comerr-library-output-folder="{comerr-library-output-folder}" ¶ + -d comerr-library-name="{comerr-library-name}" ¶ + -d comerr-library-export="{comerr-library-export}" ¶ + -d comerr-library-fragment-name={comerr-library-fragment-name} ¶ + -d comerr-library-main="{comerr-library-main}" ¶ + -d comerr-library-init="{comerr-library-init}" ¶ + -d comerr-library-term="{comerr-library-term}" make-options-ppc-debug = ¶ -d library-linker="{library-linker-ppc}" ¶ @@ -735,6 +844,9 @@ make-options-ppc-debug = -d profile-library-libraries="{profile-library-libraries-ppc-debug}" ¶ -d profile-library-objects="{profile-library-objects-ppc-debug}" ¶ -d profile-library-linker-options="{profile-library-linker-options-ppc-debug}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-ppc-debug}" ¶ + -d comerr-library-objects="{comerr-library-objects-ppc-debug}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-ppc-debug}" ¶ -d object-suffix="{object-suffix-ppc-debug}" ¶ -d object-suffix-data="{object-suffix-ppc-data}" ¶ -d compiler-options="{compiler-options-ppc-debug}" ¶ @@ -760,6 +872,9 @@ make-options-68k-debug = -d profile-library-libraries="{profile-library-libraries-68k-debug}" ¶ -d profile-library-objects="{profile-library-objects-68k-debug}" ¶ -d profile-library-linker-options="{profile-library-linker-options-68k-debug}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-68k-debug}" ¶ + -d comerr-library-objects="{comerr-library-objects-68k-debug}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-68k-debug}" ¶ -d object-suffix="{object-suffix-68k-debug}" ¶ -d object-suffix-data="{object-suffix-68k-data}" ¶ -d compiler-options="{compiler-options-68k-debug}" ¶ @@ -786,6 +901,9 @@ make-options-ppc-final = -d profile-library-libraries="{profile-library-libraries-ppc-final}" ¶ -d profile-library-objects="{profile-library-objects-ppc-final}" ¶ -d profile-library-linker-options="{profile-library-linker-options-ppc-final}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-ppc-final}" ¶ + -d comerr-library-objects="{comerr-library-objects-ppc-final}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-ppc-final}" ¶ -d object-suffix="{object-suffix-ppc-final}" ¶ -d object-suffix-data="{object-suffix-ppc-data}" ¶ -d compiler-options="{compiler-options-ppc-final}" ¶ @@ -811,6 +929,9 @@ make-options-68k-final = -d profile-library-libraries="{profile-library-libraries-68k-final}" ¶ -d profile-library-objects="{profile-library-objects-68k-final}" ¶ -d profile-library-linker-options="{profile-library-linker-options-68k-final}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-68k-final}" ¶ + -d comerr-library-objects="{comerr-library-objects-68k-final}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-68k-final}" ¶ -d object-suffix="{object-suffix-68k-final}" ¶ -d object-suffix-data="{object-suffix-68k-data}" ¶ -d compiler-options="{compiler-options-68k-final}" ¶ @@ -820,23 +941,23 @@ make-options-68k-final = make-output = "{TempFolder}GSS/Kerberos Makefile script" submakefile-target = gss-library -ppc-debug Ä {makefile-name} {gss-objects-ppc-debug-list} {krb5-objects-ppc-debug-list} ¶ - {profile-objects-ppc-debug-list} {include-folders-list} +ppc-debug Ä glue headers documentation {makefile-name} {gss-objects-ppc-debug-list} {krb5-objects-ppc-debug-list} ¶ + {profile-objects-ppc-debug-list} {comerr-objects-ppc-debug-list} {include-folders-list} Make {make-options-common} {make-options-ppc-debug} {submakefile-target} > {make-output} {make-output} -68k-debug Ä {makefile-name} {gss-objects-68k-debug-list} {krb5-objects-68k-debug-list} ¶ - {profile-objects-68k-debug-list} {include-folders-list} +68k-debug Ä glue headers documentation {makefile-name} {gss-objects-68k-debug-list} {krb5-objects-68k-debug-list} ¶ + {profile-objects-68k-debug-list} {comerr-objects-68k-debug-list} {include-folders-list} Make {make-options-common} {make-options-68k-debug} {submakefile-target} > {make-output} {make-output} -ppc-final Ä {makefile-name} {gss-objects-ppc-final-list} {krb5-objects-ppc-final-list} ¶ - {profile-objects-ppc-final-list} {include-folders-list} +ppc-final Ä glue headers documentation {makefile-name} {gss-objects-ppc-final-list} {krb5-objects-ppc-final-list} ¶ + {profile-objects-ppc-final-list} {comerr-objects-ppc-final-list} {include-folders-list} Make {make-options-common} {make-options-ppc-final} {submakefile-target} > {make-output} {make-output} -68k-final Ä {makefile-name} {gss-objects-68k-final-list} {krb5-objects-68k-final-list} ¶ - {profile-objects-68k-final-list} {include-folders-list} +68k-final Ä glue headers documentation {makefile-name} {gss-objects-68k-final-list} {krb5-objects-68k-final-list} ¶ + {profile-objects-68k-final-list} {comerr-objects-68k-final-list} {include-folders-list} Make {make-options-common} {make-options-68k-final} {submakefile-target} > {make-output} {make-output} @@ -900,6 +1021,17 @@ ppc-final ### profile-library-init -- name of profile library initialization routine ### profile-library-term -- name of profile library termination routine ### profile-library-linker-options -- all other profile library linker options +### For comerr library +### comerr-library-output-folder -- destination of comerr library output +### comerr-library-name -- name of the comerr library +### comerr-library-export -- name of comerr library export file +### comerr-library-libraries -- list of libraries comerr library links against +### comerr-library-objects -- list of object files comerr library links +### comerr-library-fragment-name -- name of comerr library fragment +### comerr-library-main -- name of comerr library main entry point +### comerr-library-init -- name of comerr library initialization routine +### comerr-library-term -- name of comerr library termination routine +### comerr-library-linker-options -- all other comerr library linker options ### General ### library-linker -- linker to use ### autogenerated-files -- list of autogenerated files @@ -933,6 +1065,9 @@ object-suffix-data = .ignore.me.too profile-library-libraries = profile-library-objects = profile-library-linker-options = +comerr-library-libraries = +comerr-library-objects = +comerr-library-linker-options = ### Generate various major components of build commands from the above variables gss-library-output-files = ¶ @@ -1015,6 +1150,22 @@ profile-library-build-command = {profile-library-linker-options} ¶ {profile-library-objects} {profile-library-libraries} +comerr-library-output-files = ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform}{library-kind} +comerr-library-dependencies = ¶ + {autogenerated-files} {comerr-library-export} {comerr-library-libraries} {comerr-library-objects} +comerr-library-build-command = ¶ + {library-linker} ¶ + -name "{comerr-library-fragment-name}{library-kind}" ¶ + -main {comerr-library-main} ¶ + -init {comerr-library-init} ¶ + -term {comerr-library-term} ¶ + -@export {comerr-library-export} ¶ + -map {comerr-library-output-folder}{comerr-library-name}{library-platform}{library-kind}.MAP ¶ + -o {comerr-library-output-folder}{comerr-library-name}{library-platform}{library-kind} ¶ + {comerr-library-linker-options} ¶ + {comerr-library-objects} {comerr-library-libraries} + ### Build commands gss-library Ä {gss-library-output-files} @@ -1022,6 +1173,7 @@ krb5-library krb5-globals-library Ä {krb5-globals-library-output-files} krb5-globals-data-library Ä {krb5-globals-data-library-output-files} profile-library Ä {profile-library-output-files} +comerr-library Ä {comerr-library-output-files} {gss-library-output-files} ÄÄ {gss-library-dependencies} {makefile-name} {create-folder} {gss-library-output-folder} @@ -1043,14 +1195,20 @@ profile-library {create-folder} {profile-library-output-folder} {profile-library-build-command} +{comerr-library-output-files} ÄÄ {comerr-library-dependencies} {makefile-name} + {create-folder} {comerr-library-output-folder} + {comerr-library-build-command} + ############################################################################################################## ### Default compilation rules ############################################################################################################## {object-suffix} Ä .c {autogenerated-files} {makefile-name} {precompiled-headers} + echo {DepDir}{Default}{object-suffix} {compiler} {DepDir}{Default}.c -o {DepDir}{Default}{object-suffix} {compiler-options} {object-suffix-data} Ä .c {autogenerated-files} {makefile-name} {precompiled-headers} + echo {DepDir}{Default}{object-suffix-data} {compiler} {DepDir}{Default}.c -o {DepDir}{Default}{object-suffix-data} {compiler-options} ############################################################################################################## @@ -1060,18 +1218,26 @@ profile-library classic-glue-generation-script = {root-folder}mac:CFMGlue.pl gss-library-glue-output-folder = {root-folder}:GSSLib:ClassicGlue: krb5-library-glue-output-folder = {root-folder}:Kerberos5Lib:ClassicGlue: +profile-library-glue-output-folder = {root-folder}:KerberosProfileLib:ClassicGlue: +comerr-library-glue-output-folder = {root-folder}:ComErrLib:ClassicGlue: gss-library-glue-output = {gss-library-glue-output-folder}GSSLib.glue.c krb5-library-glue-output = {krb5-library-glue-output-folder}Kerberos5Lib.glue.c +profile-library-glue-output = {profile-library-glue-output-folder}KrbProfileLib.glue.c +comerr-library-glue-output = {comerr-library-glue-output-folder}ComErrLib.glue.c classic-glue-output = ¶ {gss-library-glue-output} ¶ - {krb5-library-glue-output} + {krb5-library-glue-output} ¶ + {profile-library-glue-output} ¶ + {comerr-library-glue-output} glue Ä {classic-glue-output} glue-gss Ä {gss-library-glue-output} glue-krb5 Ä {krb5-library-glue-output} +glue-profile Ä {profile-library-glue-output} +glue-comerr Ä {comerr-library-glue-output} {krb5-library-glue-output} Ä {root-folder}mac:K5.CFMglue.cin {root-folder}mac:K5.CFMglue.proto.h ¶ {root-folder}mac:CFMglue.c {root-folder}mac:K5.moreCFMglue.cin {classic-glue-generation-script} @@ -1087,6 +1253,20 @@ glue-krb5 Catenate {root-folder}mac:GSS.CFMglue.cin {root-folder}mac:CFMglue.c {root-folder}mac:GSS.CFMglue.c ¶ {root-folder}mac:GSS.moreCFMglue.cin | Catenate > {gss-library-glue-output} +{profile-library-glue-output} Ä {root-folder}mac:KrbProfileLib.glue.pre.cin {root-folder}mac:KrbProfileLib.glue.proto.h ¶ + {root-folder}mac:CFMglue.c {root-folder}mac:KrbProfileLib.glue.post.cin {classic-glue-generation-script} + {create-folder} {profile-library-glue-output-folder} + perl {classic-glue-generation-script} < {root-folder}mac:KrbProfileLib.glue.proto.h > {root-folder}mac:KrbProfileLib.CFMglue.c + Catenate {root-folder}mac:KrbProfileLib.glue.pre.cin {root-folder}mac:CFMglue.c {root-folder}mac:KrbProfileLib.CFMglue.c ¶ + {root-folder}mac:KrbProfileLib.glue.post.cin | Catenate > {profile-library-glue-output} + +{comerr-library-glue-output} Ä {root-folder}mac:ComErrLib.glue.pre.cin {root-folder}mac:ComErrLib.glue.proto.h ¶ + {root-folder}mac:CFMglue.c {root-folder}mac:ComErrLib.glue.post.cin {classic-glue-generation-script} + {create-folder} {comerr-library-glue-output-folder} + perl {classic-glue-generation-script} < {root-folder}mac:ComErrLib.glue.proto.h > {root-folder}mac:ComErrLib.CFMglue.c + Catenate {root-folder}mac:ComErrLib.glue.pre.cin {root-folder}mac:CFMglue.c {root-folder}mac:ComErrLib.CFMglue.c ¶ + {root-folder}mac:ComErrLib.glue.post.cin | Catenate > {comerr-library-glue-output} + ############################################################################################################## ### Clean target deletes all generated files ############################################################################################################## @@ -1108,6 +1288,7 @@ clean gss-headers-output-folder = {root-folder}:GSSLib:Headers: krb5-headers-output-folder = {root-folder}:Kerberos5Lib:Headers: krb5-globals-headers-output-folder = {root-folder}:Kerberos5GlobalsLib:Headers: +comerr-headers-output-folder = {root-folder}:ComErrLib:Headers: profile-headers-output-folder = {root-folder}:KerberosProfileLib:Headers: gss-headers-output = ¶ @@ -1116,26 +1297,28 @@ gss-headers-output = krb5-headers-output = ¶ "{krb5-headers-output-folder}krb5.h" ¶ - "{krb5-headers-output-folder}com_err.h" ¶ - "{krb5-headers-output-folder}profile.h" ¶ "{krb5-headers-output-folder}win-mac.h" krb5-globals-headers-output = ¶ "{krb5-globals-headers-output-folder}Kerberos5Globals.h" +comerr-headers-output = ¶ + "{comerr-headers-output-folder}com_err.h" + profile-headers-output = ¶ "{profile-headers-output-folder}profile.h" -headers-output = {gss-headers-output} {krb5-headers-output} {krb5-globals-headers-output} {profile-headers-output} +headers-output = {gss-headers-output} {krb5-headers-output} {krb5-globals-headers-output} ¶ + {comerr-headers-output} {profile-headers-output} -headers Ä {headers-output} +headers Ä unset-echo {headers-output} "{gss-headers-output-folder}gssapi.h" Ä "{root-folder}lib:gssapi:generic:gssapi.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}lib:gssapi:generic:gssapi.h" "{Targ}" + Catenate "{root-folder}lib:gssapi:generic:gssapi.h" > "{Targ}" SetFile -a l "{Targ}" "{gss-headers-output-folder}gssapi_krb5.h" Ä "{root-folder}lib:gssapi:krb5:gssapi_krb5.h" {makefile-name} @@ -1143,7 +1326,7 @@ headers If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}lib:gssapi:krb5:gssapi_krb5.h" "{Targ}" + Catenate "{root-folder}lib:gssapi:krb5:gssapi_krb5.h" > "{Targ}" SetFile -a l "{Targ}" "{krb5-headers-output-folder}krb5.h" Ä "{root-folder}include:krb5.h" {makefile-name} @@ -1151,45 +1334,110 @@ headers If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}include:krb5.h" "{Targ}" + Catenate "{root-folder}include:krb5.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-headers-output-folder}com_err.h" Ä "{root-folder}util:et:com_err.h" {makefile-name} +"{krb5-headers-output-folder}win-mac.h" Ä "{root-folder}include:win-mac.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}util:et:com_err.h" "{Targ}" + Catenate "{root-folder}include:win-mac.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-headers-output-folder}profile.h" Ä "{root-folder}util:profile:profile.h" {makefile-name} +"{krb5-globals-headers-output-folder}Kerberos5Globals.h" Ä "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}util:profile:profile.h" "{Targ}" + Catenate "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-headers-output-folder}win-mac.h" Ä "{root-folder}include:win-mac.h" {makefile-name} +"{comerr-headers-output-folder}com_err.h" Ä "{root-folder}util:et:com_err.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}include:win-mac.h" "{Targ}" + Catenate "{root-folder}util:et:com_err.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-globals-headers-output-folder}Kerberos5Globals.h" Ä "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" {makefile-name} +"{profile-headers-output-folder}profile.h" Ä "{root-folder}util:profile:profile.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" "{Targ}" + Catenate "{root-folder}util:profile:profile.h" > "{Targ}" SetFile -a l "{Targ}" -"{profile-headers-output-folder}profile.h" Ä "{root-folder}util:profile:profile.h" {makefile-name} +############################################################################################################## +### Copying documentation around +############################################################################################################## + +gss-documentation-output-folder = {root-folder}:GSSLib:Documentation: +krb5-documentation-output-folder = {root-folder}:Kerberos5Lib:Documentation: +krb5-globals-documentation-output-folder = {root-folder}:Kerberos5GlobalsLib:Documentation: +comerr-documentation-output-folder = {root-folder}:ComErrLib:Documentation: +profile-documentation-output-folder = {root-folder}:KerberosProfileLib:Documentation: + +gss-documentation-output = ¶ + {gss-documentation-output-folder}"GSSLib ReadMe" + +krb5-documentation-output = ¶ + {krb5-documentation-output-folder}"krb5api.pdf" + +krb5-globals-documentation-output = ¶ + {krb5-globals-documentation-output-folder}"Kerberos5Globals.html" + +comerr-documentation-output = ¶ + {comerr-documentation-output-folder}"ComErrLib ReadMe" + +profile-documentation-output = ¶ + {profile-documentation-output-folder}"KerberosProfileLib ReadMe" + +documentation-output = {gss-documentation-output} {krb5-documentation-output} ¶ + {krb5-globals-documentation-output} {profile-documentation-output} ¶ + {comerr-documentation-output} + +documentation Ä unset-echo {documentation-output} + +{gss-documentation-output-folder}"GSSLib ReadMe" Ä {root-folder}"mac:GSSLib ReadMe" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) - SetFile -a l "{Targ}" + SetFile -a l {Targ} End - Duplicate -y "{root-folder}util:profile:profile.h" "{Targ}" - SetFile -a l "{Targ}" + Catenate {root-folder}"mac:GSSLib ReadMe" > {Targ} + SetFile -a l {Targ} + +{krb5-documentation-output-folder}"krb5api.pdf" Ä {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + If (`Exists {root-folder}":::Documentation:pdf:krb5api.pdf"`) + Catenate {root-folder}":::Documentation:pdf:krb5api.pdf" > {Targ} + End + SetFile -a l -t 'PDF ' -c 'CARO' {Targ} + +{krb5-globals-documentation-output-folder}"Kerberos5Globals.html" Ä {root-folder}"mac:libraries:Kerberos v5 Globals:Krb5Globals.html" {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + Catenate {root-folder}"mac:libraries:Kerberos v5 Globals:Krb5Globals.html" > {Targ} + SetFile -a l -c 'MOSS' {Targ} + +{comerr-documentation-output-folder}"ComErrLib ReadMe" Ä {root-folder}"mac:ComErrLib ReadMe" {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + Catenate {root-folder}"mac:ComErrLib ReadMe" > {Targ} + SetFile -a l {Targ} + +{profile-documentation-output-folder}"KerberosProfileLib ReadMe" Ä {root-folder}"mac:KerberosProfileLib ReadMe" {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + Catenate {root-folder}"mac:KerberosProfileLib ReadMe" > {Targ} + SetFile -a l {Targ} diff --git a/src/mac/ProfileLib.CFM.c b/src/mac/ProfileLib.CFM.c index 3ef8ef60d..9b5ea87cf 100644 --- a/src/mac/ProfileLib.CFM.c +++ b/src/mac/ProfileLib.CFM.c @@ -1,9 +1,19 @@ -/* - * Copyright (C) 1997 by the Massachusetts Institute of Technology - * All rights reserved. +/* Copyright 1998 by the Massachusetts Institute of Technology. * - * For copying and distribution information, please see the file - * COPYRIGHT. + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. */ diff --git a/src/mac/ReadMe b/src/mac/ReadMe index 9e5226b69..da851c48b 100644 --- a/src/mac/ReadMe +++ b/src/mac/ReadMe @@ -6,134 +6,8 @@ Building the Macintosh version of Kerberos 5 and GSS If you have questions or comments about the Macintosh build process, send e-mail to . +You should not be building Macintosh Kerberos v5 and GSS libraries +from the standard Kerberos v5 distribution. Instead, you should look +for MIT Kerberos Library sources from + -To build the Macintosh version of Kerberos 5 and GSS: - ---- Installing tools --- - - 1) Install CodeWarrior Pro 4, including MPW. - This build of Kerberos v5 and GSS requires CodeWarrior Pro4 MPW tools. - Don't forget to run one of 4 Metrowerks MPW scripts, as described at the - bottom of MPW worksheet the first time you launch it. - - 2) Download MacPerl and MacPerl MPW tool from - - - - The MacPerl directory contains several versions of the app and the MPW - tool. The *_appl and *_tool versions work properly with our scripts, e.g., - you should download "Mac_Perl_520r4_appl.bin" and "Mac_Perl_520r4_tool.bin". - - 3) Install MacPerl and MacPerl MPW tool by following the installation - instructions provided with them: - - install MacPerl application before installing MacPerl tool - - after installing MacPerl tool, run its MPW configuration script - and follow the instructions - ---- Preparing Kerberos v5 build tree --- - - 4) Launch MPW. - - 5) Set directory in MPW to the top level of Kerberos 5 distribution - (e.g. "GSS-Kerberos5"). - - 6) Build target "prebuild" in MPW. - This will create a new Makefile, so you may be asked whether you - want to save changes to the Makefile if you opened it before step - 6. Save the changes. - ---- Building libraries --- - - 7) Build target "all" in MPW. Wait. - - Example build times: 30-40 minutes on a G3 machine, 80 minutes - on a PowerMac 9600/233. - - You may receive some compile warnings about an ignored pragma, warnings - about illegal implicit const pointer conversions, and some link warnings. - These are normal and can be ignored. - - We used to see MPW crash during the link stage of the build. We think this - has been fixed. If this happens to you, you should restart MPW and start - the build again, and report the problem to macdev@mit.edu. - ---- Binaries --- - - The following assumes that you have followed the steps above to build - the GSS & Kerberos 5 libraries. What you now have supports both the - Kerberos 5 and GSS APIs. Each is supported as both CFM shared libraries - and CodeWarrior static link libraries for both 68k & PowerPC Macs. - We strongly recommend you use the CFM shared libraries. - - The following binary components are provided/built in this release: - - ":MIT Kerberos Library" - * Fat CFM Shared Library including GSS, and Kerberos v5, CCache, and DES - libraries. - * Not for linking against in your projects; include in distributions to - be placed in System Folder:Extensions. - - :GSSLib.68K - * CFM Shared Library including GSS for 68k Macs. - - :GSSLib.PPC - * CFM Shared Library including GSS for PowerPC Macs. - - :Kerberos5Lib.68K - * CFM Shared Library including Kerberos 5 for 68k Macs. - - :Kerberos5Lib.68K - * CFM Shared Library including Kerberos 5 for PowerPC Macs. - - :mac:krb5.ini - * Sample krb5.ini file using CYGNUS.COM as the default realm - - :include - * An include directory containing the files necessary for development - ---- Installation --- - - To install the Kerberos 5 system on your Mac: - - 1) Copy the :mac:krb5.ini file (configured for your site) into - the "Preferences" folder in the "System Folder". - - 2) Install the shared libraries by copying the "MIT Kerberos Library" file - to the "Extensions" folder in the "System Folder". - - 3) If you are using System 7.6 or earlier on a 68K Mac, install - the CFM-68K Runtime Enabler 4.0, available from Apple at: - - - ---- Getting Started Programming --- - - You can program using either the Kerberos 5 or GSS APIs. - - To add Kerberos functionality to a Code Warrior based application: - - 1) PPC application: use shared libraries: - For GSSAPI, add GSSLibraryPPC to your project - For Kerberos v5 API, add K5LibraryPPC to your project - Set the project options to 4 byte integers and enums treated as ints. - - 2) CFM-68K application: use shared libraries - For GSSAPI, add GSSLibrary68K to your project - For Kerberos v5 API, add K5Library68K to your project - Set the project options to 4 byte integers and enums treated as ints. - - 3) Classic 68K application: use glue for shared libraries - For GSSAPI, add GSSLib.glue.c to your project - For Kerberos v5 API, add Kerberos5.glue.c to your project - Set the project options to 4 byte integers and enums treated as ints. - - A PDF document describing the Kerberos 5 API is located at: - - - - (That document was created from tex files in the main Kerberos 5 source tree.) - - The GSSAPI is described in Internet RFC's 1508 and 1509: - - - diff --git a/src/mac/Release notes b/src/mac/Release notes index 3aeaf2bb8..c7789159a 100644 --- a/src/mac/Release notes +++ b/src/mac/Release notes @@ -110,6 +110,8 @@ Changes in 1.1a3: separated profile lib fixed krb5 library CFM version numbers fixed makefile and perl scripts to build form arbitrary root + +--- version upped to 2.5a1 --- 2.5a1 - Monday, July 26, 1999 1:00:00 PM changed profile lib to use FSSpecs @@ -118,4 +120,24 @@ Changes in 1.1a3: removed "MIT Kerberos¥GSSLib" alias removed "K5Library alias" removed com_err exports from krb5 lib - fixed win-mac.h redefinition of size_t \ No newline at end of file + fixed win-mac.h redefinition of size_t + +2.5a2 - Friday, August 6, 1999 1:40:00 PM + fixed huge profile memory leak + fixed memory leak in krb5_stdcc_destroy + added traceback tables to PPC versions + +2.5b1 + from tag Mac_GSSKerberos5_2_5b1 + separated com_err lib + now tracking krb5-1-1 branch + added CCache cleanup to CFM termination procs + +2.5b2 + from tag Mac_GSSKerberos5_2_5b2 + cleaned up glue for all libraries + +2.5 + from tag Mac_GSSKerberos5_2_5 + added documentation and fixed makefile so that documentation, + headers, and cfrm glue are always built correctly diff --git a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c index 923863d15..0c6294135 100644 --- a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c +++ b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c @@ -8,6 +8,9 @@ * documentation, and that the name of M.I.T. not be used in * advertising or publicity pertaining to distribution of the * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" * without express or implied warranty. diff --git a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c index 45116c15f..cecd3173d 100644 --- a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c +++ b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c @@ -8,6 +8,9 @@ * documentation, and that the name of M.I.T. not be used in * advertising or publicity pertaining to distribution of the * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" * without express or implied warranty. diff --git a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.html b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.html new file mode 100644 index 000000000..7ed835336 --- /dev/null +++ b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.html @@ -0,0 +1,81 @@ + + + + + Kerberos v5 Globals Library API Functions + + +
+ + + + + +
MIT Information Systems

Macintosh Development


+ [Home] + [About Us] + [People] + [Applications] + [MIT Support Library]
+ [MIT Kerberos] + [Mac OS X] + [Developer Documentation] + [Information Systems] +


+ + + + + + +
Kerberos v5 Globals Library API Functions
+
+ OSStatus Krb5GlobalsSetDefaultCacheName + (char* inName);
+
+ Krb5GlobalsSetDefaultCacheName sets the systemwide default cache for the Kerberos 5 + library to inName. +

+ If successful, the function returns noErr. If it fails to allocate + memory for the cache name, it returns memFullErr. +

+ UInt32 Krb5GlobalsGetDefaultCacheName + (char* inName, UInt32 inLength); + +
+ Krb5GlobalsGetDefaultCacheName returns the name of the current systemwide default + credentials cache for the Kerberos v5 library. inName should point + to at least inLength bytes of memory. Actual length of the cache + name is returned.

+ If inName is nil, the length of the cache name is + returned. +

+ OSStatus Krb5GlobalsSetUniqueDefaultCacheName + ();
+
+ Krb5GlobalsSetUniqueDefaultCacheName sets the systemwide default credentials cache + name for Kerberos v5 library to a unique string (i.e., one that is not the name + of any of the existing credentials caches). +

+ If successful, the function returns noErr. If it fails to allocate + memory for the cache name, it returns memFullErr. +

+ UInt32 Krb5GlobalsGetDefaultCacheNameModification + ();
+
+ Krb5GlobalsGetDefaultCacheNameModification returns modification counter for the + systemwide default credentials cache name for the Kerberos v5 library. If result + of two calls to Krb5GlobalsGetDefaultCacheNameModification is different, the + default cache name has changed between them. +
+
+ +


Questions or comments? Send mail to +macdev@mit.edu
+Last updated on $Date$
+Last modified by $Author$ + + diff --git a/src/mac/macfile_gen.pl b/src/mac/macfile_gen.pl index 6bddb2387..00d53657a 100644 --- a/src/mac/macfile_gen.pl +++ b/src/mac/macfile_gen.pl @@ -8,6 +8,7 @@ # gss-sources -- complete list of mac GSS sources, relative to root # krb5-sources -- complete list of mac Krb5 sources, relative to root # profile-sources -- complete list of mac profile sources, relative to root +# comerr-sources -- complete list of mac com_err sources, relative to root # gss-objects-ppc-debug -- complete list of mac GSS PPC debug objects, relative to root # gss-objects-68k-debug -- complete list of mac GSS 68K debug objects, relative to root # gss-objects-ppc-final -- complete list of mac GSS PPC final objects, relative to root @@ -20,13 +21,17 @@ # profile-objects-68k-debug -- complete list of mac profile v5 68K debug objects, relative to root # profile-objects-ppc-final -- complete list of mac profile v5 PPC final objects, relative to root # profile-objects-68k-final -- complete list of mac profile v5 68K final objects, relative to root +# comerr-objects-ppc-debug -- complete list of mac com_err PPC debug objects, relative to root +# comerr-objects-68k-debug -- complete list of mac com_err v5 68K debug objects, relative to root +# comerr-objects-ppc-final -- complete list of mac com_err v5 PPC final objects, relative to root +# comerr-objects-68k-final -- complete list of mac com_err v5 68K final objects, relative to root # include-folders -- complete list of include paths, relative to root # # input on stdin # output on stdout # Check number of arguments -if (scalar @ARGV != 3) { +if (scalar @ARGV != 2) { print (STDERR "Got " . scalar @ARGV . " arguments, expected 2"); &usage; exit; @@ -35,7 +40,7 @@ if (scalar @ARGV != 3) { # Parse arguments $action = $ARGV [0]; $ROOT = $ARGV [1]; -$prefix = $ARGV [2]; +#$prefix = $ARGV [2]; # Read source list if ($action ne "all-files") { @@ -46,9 +51,9 @@ if ($action ne "all-files") { } else { @sourceList = &make_macfile_maclist (&make_macfile_list ()); - foreach (@sourceList) { - $_ =~ s/^:/$prefix/; - } +# foreach (@sourceList) { +# $_ =~ s/^:/$prefix/; +# } # @sourceList = map { $prefix . $_;} @sourceList; } @@ -92,6 +97,12 @@ if ($action eq "all-folders") { @outputList = grep (/:profile:/, @sourceList); print (STDERR "Done. \n"); +} elsif ($action eq "comerr-sources") { + + print (STDERR "# Building profile source listÉ "); + @outputList = grep (/:et:/, @sourceList); + print (STDERR "Done. \n"); + } elsif ($action eq "gss-objects-ppc-debug") { print (STDERR "# Building GSS PPC debug object listÉ "); @@ -152,28 +163,56 @@ if ($action eq "all-folders") { print (STDERR "# Building profile PPC debug object listÉ "); @outputList = grep (s/\.c$/\.ppcd.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "profile-objects-68k-debug") { print (STDERR "# Building profile 68K debug object listÉ "); @outputList = grep (s/\.c$/\.68kd.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "profile-objects-ppc-final") { print (STDERR "# Building profile PPC final object listÉ "); @outputList = grep (s/\.c$/\.ppcf.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "profile-objects-68k-final") { print (STDERR "# Building profile 68K final object listÉ "); @outputList = grep (s/\.c$/\.68kf.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-ppc-debug") { + + print (STDERR "# Building com_err PPC debug object listÉ "); + @outputList = grep (s/\.c$/\.ppcd.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-68k-debug") { + + print (STDERR "# Building com_err 68K debug object listÉ "); + @outputList = grep (s/\.c$/\.68kd.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-ppc-final") { + + print (STDERR "# Building com_err PPC final object listÉ "); + @outputList = grep (s/\.c$/\.ppcf.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-68k-final") { + + print (STDERR "# Building com_err 68K final object listÉ "); + @outputList = grep (s/\.c$/\.68kf.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "include-folders") { diff --git a/src/mit/windows/include/v.h b/src/mit/windows/include/v.h deleted file mode 100644 index 79bb2ad69..000000000 --- a/src/mit/windows/include/v.h +++ /dev/null @@ -1,101 +0,0 @@ -/* v.h -- header for vlib.c */ - -#ifndef _VERSION_INC -#define _VERSION_INC - -/* - * values for op_code field - */ - -enum v_op_code - { - V_CHECK, /* op codes from server to client */ - V_CHECK_AND_LOG, - V_LOG, - V_LOG_PANIC, - V_OK, /* op codes from client to server */ - V_ERROR, - V_BAD_OP_CODE /* make sure this one is last */ - }; - -/* - * Values for status field - */ - - -#define V_REQUIRED 'R' /* new verison is absolutely required!! */ -#define V_RECOMMENDED 'r' /* new version is recommended. */ -#define V_OPTIONAL 'o' /* new version is optional */ -#define V_UP_TO_DATE 'u' -#define V_NEW_DOCUMENTATION 'd' -#define V_MESSAGE 'm' /* arbitrary message */ -#define V_BAD_STATUS '?' /* make sure this one is last */ - -static struct - { - char status; - char *status_name; - } version_status[] = - { - V_REQUIRED, "required", - V_RECOMMENDED, "recommended", - V_OPTIONAL, "optional", - V_UP_TO_DATE, "up_to_date", - V_NEW_DOCUMENTATION, "new_documentation", - V_MESSAGE, "message", - V_BAD_STATUS, "bad_status" - }; - -#define V_MAXDATA 700 - - -/* - * The general strategy here is we have two formats, a parsed format and a network format... - * "v_info" is parsed, and "v_pkt" is for the network. Note that the total size of all the - * strings in "v_info" had better fit into V_MAXDATA or we'll have some trouble assembling - * the packet. In a future protocol version, perhaps we'll actually USE the packet sequencing - * fields we've already declared, and send things in multiple packets.... - */ - -struct v_info - { - char *appl_name; /* Typically, these are pointers into */ - char *appl_vers; /* a struct v_pkt's */ - char *platform; /* data field (and are null-terminated strings) */ - char *status; /* status of this version */ - /* this string should be length 1, eg, V_OPTIONAL */ - char *message; - }; - -struct v_pkt - { - unsigned short protocol_version; - unsigned short packet_number; - unsigned short number_of_packets; - unsigned short op_code; - unsigned long seq; - char data[V_MAXDATA]; /* buffer of null delimited strings */ - }; - -#ifdef TEST -# define VERSION_FILE "/afs/net/project/net_dev/versions/test-version.txt" -# define VERSION_DB_FILE "/afs/net/project/net_dev/versions/test-db" -#else -# define VERSION_FILE "/afs/net/project/net_dev/version_db/version.txt" -# define VERSION_DB_FILE "/afs/net/project/net_dev/version_db/db" -#endif - -#define VERSION_LOG_DIR "/site/versions/" -#define VERSION_ERROR_LOG "bad-requests" -#define VERSION_SERVER_HOST "versions.mit.edu" -#define VERSION_SERVER_PORT 8500 -#define VERSION_CLIENT_PORT (VERSION_SERVER_PORT+1) -#define VERSION_PROTOCOL_VERSION 1 -#define V_BASE_SIZE (sizeof(struct v_pkt)-V_MAXDATA) -#define DLM ':' -#define KEY_SIZE 100 -#define LOG_CLASS LOG_LOCAL4 - -#define V_MACOS "MacOS" -#endif /* _VERSION_INC */ -/* end of file */ diff --git a/src/mit/windows/include/vs.h b/src/mit/windows/include/vs.h deleted file mode 100644 index 2f228656c..000000000 --- a/src/mit/windows/include/vs.h +++ /dev/null @@ -1,182 +0,0 @@ -/* - *---------------------------------------------------------------- - * - * $Source$ - * $Revision$ - * $Date$ - * $State$ - * $Author$ Jason Sachs (nosaj) - * $Locker$ - * - * $Log$ - * Revision 1.2 1997/04/29 10:45:02 tytso - * Remove #include of "mitcpyrt.h" (since it's of dubious legal value, and - * the file doesn't exist.) - * - * Revision 1.1 1997/04/17 15:25:52 tytso - * Add MIT's version server include files and libraries. - * - * Revision 1.3 92/08/27 10:44:51 pbh - * alpha 0.2a check in - * rebuilt manually - * - * Revision 0.1 92/08/25 10:00:20 pbh - * alpha 0.1a - */ - - - -/* vs.h -- defines for the Version Server checking routines. */ - -/* jms 6/3/92 */ - -#ifndef VS_HEADER_STUFF -#define VS_HEADER_STUFF - -#include "v.h" -#include - -typedef unsigned char VS_Status; -typedef unsigned long VS_Request; /* For compatibility reasons */ - -#if defined(WINDOWS) || defined(MEWEL) - #ifdef VS_INCWINDOWS - #include - #endif /* should we include windows.h here? */ -#else - #ifndef FAR /* il 7/25/95 */ - #define FAR - /* no need for that here */ - #endif - - #ifndef BOOL /* il 7/25/95 */ - #define BOOL int - #endif - - #ifndef NULL - #define NULL 0 - #endif /* Null */ - -#endif - -/* patch for nt. il 7/24/95 -- adding nt */ -#include "vs_nt.h" - -typedef struct v_req_info VS_ReqInfo, *VS_ReqInfoPtr; -#define VS_NAT_ReqInfoPtr VS_ReqInfo * - -#if defined(MEWEL) || defined(WINDOWS) - #if defined(WIN32) /* il 7/27/95 -- added nt */ - #define RequestAlloc (VS_Request) LocalAlloc - #define RequestLock(request) (VS_ReqInfoPtr) LocalLock((LOCALHANDLE)(request)) - #define RequestFree(request) LocalFree((LOCALHANDLE)(request)) - #define RequestUnlock(request) LocalUnlock((LOCALHANDLE)(request)) - #else - #define RequestAlloc (VS_Request) LocalAlloc - #define RequestLock(request) (VS_ReqInfoPtr) LocalLock((LOCALHANDLE)(LOWORD(request))) - #define RequestFree(request) LocalFree((LOCALHANDLE)(LOWORD(request))) - #define RequestUnlock(request) LocalUnlock((LOCALHANDLE)(LOWORD(request))) - #endif -#else - #define RequestAlloc(flags,size) (VS_Request) malloc(size) - #define RequestLock (char *) - #define RequestFree(request) free((char *) request) - #define RequestUnlock(request) /* nothin' */ -#endif /* jms 08/13/93 */ - -/* status codes */ - -#define V_E_SELECT 255 -#define V_E_TIMEOUT 254 -#define V_E_SELECT_STRANGEFD 253 -#define V_E_RECVFROM 252 -#define V_E_UNKNOWN 251 -#define V_E_BAD_OP_CODE 250 -#define V_E_HOSTNOTFOUND 249 -#define V_E_SOCKET 248 -#define V_E_BIND 247 -#define V_E_SENDTO 246 -#define V_E_DLLNOTFOUND 245 -#define V_E_NOMEMORY 244 -#define V_E_CANCEL 243 - -#define VSR_OK 0 - -/* classifications of errors */ - -#define V_C_NOERROR 0 -#define V_C_TRY_AGAIN 1 -#define V_C_DEFINITE 2 -#define V_C_FAIL 3 - -extern VS_Status _far _cdecl err_classify(VS_Status error); -#if defined(MEWEL) || defined(WINDOWS) -/* jms 2/16/93 */ -extern BOOL _far _cdecl v_complain(VS_Status error, LPSTR inifilename); -#endif - -#define V_TRY_AGAIN(status) (err_classify(status)==V_C_TRY_AGAIN) -#define V_FAIL(status) (err_classify(status)==V_C_FAIL) -#define V_DEFINITE(status) (err_classify(status)==V_C_DEFINITE) - -#define V_STATUS(vinfo) ((VS_Status)*((vinfo).status)) - /* grumble... this abstraction should be in v.h... */ - -/* the main routines */ - -#if defined(MEWEL) || defined(WINDOWS) -#ifndef NOCODECOVER -extern VS_Request _far _cdecl VSFormRequest(char FAR *name, char FAR *version, - char FAR *ininame, char FAR *codecover, HWND hWnd, - int HowToCheck); -#else -extern VS_Request _far _cdecl VSFormRequest(char FAR *name, char FAR *version, - char FAR *ininame, HWND hWnd, - int HowToCheck); -#endif - -#else -extern VS_Request _far _cdecl VSFormRequest(char *name, char *version, int HowToCheck); -#endif - -extern VS_Status _far _cdecl VSProcessRequest(VS_Request request); -#if defined(WINDOWS) || defined(MEWEL) -extern void _far _cdecl WinVSReportRequest(VS_Request request, HWND hWnd, char FAR *title); -extern void _far _cdecl TTChangeRegistration(char FAR *ininame, HWND hWnd, LPSTR DlgBoxName); -extern BOOL _far _cdecl v_complain(VS_Status error, LPSTR inifilename); -#else -extern void _far _cdecl TTYVSReportRequest(VS_Request request); -#endif -extern void _far _cdecl VSDestroyRequest(VS_Request request); -extern void _far _cdecl PickVersionServer(char FAR *name); -#define HNAMESIZE 40 /* max. chars in the VS server name. */ -#define HSPSIZE 2 /* no. chars in send packets option */ - -#ifndef VS_INTERNAL -extern VS_Request _far _cdecl MakeRequest( VS_Status status ); -extern VS_Status _far _cdecl ReqStatus ( VS_Request hrequest ); -#endif - -#endif /* VS_HEADER_STUFF */ - -/* - * The application should call the first two routines, and optionally - * the third, in order. It should only quit if CheckVS returns V_REQUIRED. - * If this is a Windows/Mewel program, a call to PostQuitMessage(0) is the - * best way to do things, unless some cleanup needs to be done... but the - * Version Server checking should be done as early as possible so this - * shouldn't be a problem. - */ - -#if 0 -/* here's an example: */ - VS_Request request; - VS_Status status; - - request = VSFormRequest(APPLICATION_NAME, APP_VER, "1st alpha"); - status = VSProcessRequest(request); - WinVSReportRequest(request, hMainWin, "Version Server Status Report"); - if (status == V_REQUIRED) - PostQuitMessage(0); /* This is an outdated version of TechInfo! */ - VSDestroyRequest(request); -#endif diff --git a/src/mit/windows/include/vs_nt.h b/src/mit/windows/include/vs_nt.h deleted file mode 100644 index 18ec61578..000000000 --- a/src/mit/windows/include/vs_nt.h +++ /dev/null @@ -1,40 +0,0 @@ -/* il 7/24/95 -- adding nt */ - -#ifndef _vs_nt_h_ -#define _ve_nt_h_ - -#ifdef _WIN32 - - - -/* the #undef instructions are not needed, but left to avoid possible - * conflicts with windows.h's similar definitions */ - -#undef FAR -#undef far -#undef _far -#undef __far - -#define FAR -#define far -#define _far -#define __far - -#undef _osmajor -#undef _osmanor -#define _osmajor _winmajor -#define _osminor _winminor - -#undef _fstrlen -#undef _fstrcat -#define _fstrlen strlen -#define _fstrcat strcat - -#include - - -#undef WINDOWS -#define WINDOWS - -#endif -#endif diff --git a/src/mit/windows/lib/ChangeLog b/src/mit/windows/lib/ChangeLog deleted file mode 100644 index 1e755bb29..000000000 --- a/src/mit/windows/lib/ChangeLog +++ /dev/null @@ -1,6 +0,0 @@ -Mon May 17 18:47:15 1999 Danilo Almeida - - * vs.dll, vswin.lib: Remove as we no longer support win16. - * vs32.dll, vsnt.lib: Move to i386 subdirectory. - * i386: Add directory for i386-specific win32 libraries. - diff --git a/src/mit/windows/lib/i386/ChangeLog b/src/mit/windows/lib/i386/ChangeLog deleted file mode 100644 index 42e1c14fa..000000000 --- a/src/mit/windows/lib/i386/ChangeLog +++ /dev/null @@ -1,8 +0,0 @@ -Mon May 17 18:54:35 1999 Danilo Almeida - - * vs32.dll, vsnt.lib: Set -kb sticky bits. - -Mon May 17 18:47:15 1999 Danilo Almeida - - * vs32.dll, vsnt.lib: Move from .. into this subdirectory. - diff --git a/src/mit/windows/lib/i386/vs32.dll b/src/mit/windows/lib/i386/vs32.dll deleted file mode 100644 index 4cacfdbd0..000000000 Binary files a/src/mit/windows/lib/i386/vs32.dll and /dev/null differ diff --git a/src/mit/windows/lib/i386/vsnt.lib b/src/mit/windows/lib/i386/vsnt.lib deleted file mode 100644 index efeedab77..000000000 Binary files a/src/mit/windows/lib/i386/vsnt.lib and /dev/null differ diff --git a/src/prototype/prototype.c b/src/prototype/prototype.c index 3d96b20c6..0723899fc 100644 --- a/src/prototype/prototype.c +++ b/src/prototype/prototype.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/prototype/prototype.h b/src/prototype/prototype.h index 3ca641199..ca554a7e0 100644 --- a/src/prototype/prototype.h +++ b/src/prototype/prototype.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/slave/kprop.M b/src/slave/kprop.M index a0b5ac840..0a442a21e 100644 --- a/src/slave/kprop.M +++ b/src/slave/kprop.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/slave/kprop.c b/src/slave/kprop.c index 94b0b7a96..5b6b5969b 100644 --- a/src/slave/kprop.c +++ b/src/slave/kprop.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/slave/kprop.h b/src/slave/kprop.h index e5481f3af..50210132e 100644 --- a/src/slave/kprop.h +++ b/src/slave/kprop.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/slave/kpropd.M b/src/slave/kpropd.M index e037a1121..6c7d6a159 100644 --- a/src/slave/kpropd.M +++ b/src/slave/kpropd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/slave/kpropd.c b/src/slave/kpropd.c index c2556b6e9..23a75e047 100644 --- a/src/slave/kpropd.c +++ b/src/slave/kpropd.c @@ -42,7 +42,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/asn.1/trval.c b/src/tests/asn.1/trval.c index bfe0abda4..7a1ddc368 100644 --- a/src/tests/asn.1/trval.c +++ b/src/tests/asn.1/trval.c @@ -22,7 +22,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/create/kdb5_mkdums.M b/src/tests/create/kdb5_mkdums.M index be8b5a3fd..23e258532 100644 --- a/src/tests/create/kdb5_mkdums.M +++ b/src/tests/create/kdb5_mkdums.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/tests/create/kdb5_mkdums.c b/src/tests/create/kdb5_mkdums.c index 4f9376670..3cacc19df 100644 --- a/src/tests/create/kdb5_mkdums.c +++ b/src/tests/create/kdb5_mkdums.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/dejagnu/config/ChangeLog b/src/tests/dejagnu/config/ChangeLog index f464d3ee2..4cecec791 100644 --- a/src/tests/dejagnu/config/ChangeLog +++ b/src/tests/dejagnu/config/ChangeLog @@ -1,3 +1,28 @@ +1999-08-31 Ken Raeburn + + * default.exp (setup_kerberos_files): Set kdc_supported_enctypes + in kdc.conf, and include des3-cbc-sha1:normal. + (setup_kerberos_db): If setting up krbtgt to use des3, now use + only des3, not des3 and des-crc both. + +1999-08-30 Ken Raeburn + + * default.exp (des3_krbtgt): New variable. + (setup_kerberos_files): Remove des3 from supported_enctypes in + kdc.conf. + (setup_kerberos_db): If des3_krbtgt is set, change krbtgt key, and + get a des3 key in addition to des. + +1999-08-27 Ken Raeburn + + * default.exp: Set default principal expiration a bit further into + the future. + +1999-08-26 Tom Yu + + * default.exp (setup_kerberos_files): Tweak enctypes entered into + config files to exercise 3DES a little. + Fri Jan 30 23:48:57 1998 Tom Yu * default.exp: Add kpasswd_server to krb5.conf. diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp index c5b626192..6b53e3522 100644 --- a/src/tests/dejagnu/config/default.exp +++ b/src/tests/dejagnu/config/default.exp @@ -15,6 +15,8 @@ set timeout 100 set stty_init {erase \^h kill \^u} set env(TERM) dumb +set des3_krbtgt 1 + # We do everything in a temporary directory. if ![file isdirectory tmpdir] {catch "exec mkdir tmpdir" status} @@ -309,7 +311,7 @@ proc setup_kerberos_files { } { set conffile [open tmpdir/krb5.conf w] puts $conffile "\[libdefaults\]" puts $conffile " default_realm = $REALMNAME" - puts $conffile "default_tgs_enctypes = des3-cbc-md5 des-cbc-md5 des-cbc-crc" + puts $conffile "default_tgs_enctypes = des-cbc-md5 des-cbc-crc" puts $conffile "" puts $conffile "\[realms\]" puts $conffile " $REALMNAME = \{" @@ -350,9 +352,11 @@ proc setup_kerberos_files { } { puts $conffile " max_renewable_life = 3:00:00" puts $conffile " master_key_type = des-cbc-md5" puts $conffile " master_key_name = master/key" - puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" +# des3-cbc-sha1:normal + puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" + puts $conffile " kdc_supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" puts $conffile " kdc_ports = 3088" - puts $conffile " default_principal_expiration = 99.12.31.23.59.59" + puts $conffile " default_principal_expiration = 2037.12.31.23.59.59" puts $conffile " default_principal_flags = -postdateable forwardable" puts $conffile " \}" puts $conffile "" @@ -579,6 +583,7 @@ proc setup_kerberos_db { standalone } { global KEY global tmppwd global spawn_id + global des3_krbtgt if {!$standalone && [file exists tmpdir/db.ok]} { return 1 @@ -730,6 +735,46 @@ proc setup_kerberos_db { standalone } { return 0 } + if $des3_krbtgt { + # Set the TGT key to DES3. + spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal + expect_after { + timeout { + catch "expect_after" + fail "kadmin.local (timeout)" + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + eof { + catch "expect_after" + fail "kadmin.local (eof)" + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + } + expect "kadmin.local: " + send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" + # It echos... + expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" + expect { + "Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { } + } + expect "kadmin.local: " + send "quit\r" + expect "\r" + expect_after + if ![check_exit_status kadmin_local] { + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + } + if ![setup_kadmind_srvtab] { return 0 } diff --git a/src/tests/dejagnu/t_inetd.c b/src/tests/dejagnu/t_inetd.c index 0fe4db834..fba21da5e 100644 --- a/src/tests/dejagnu/t_inetd.c +++ b/src/tests/dejagnu/t_inetd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/dump.c b/src/tests/dump.c index 4cef05f53..1e40ffeda 100644 --- a/src/tests/dump.c +++ b/src/tests/dump.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/gssapi/t_imp_name.c b/src/tests/gssapi/t_imp_name.c index 182c37361..04a6cc7f9 100644 --- a/src/tests/gssapi/t_imp_name.c +++ b/src/tests/gssapi/t_imp_name.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/hammer/kdc5_hammer.c b/src/tests/hammer/kdc5_hammer.c index 54d567c43..780f92d83 100644 --- a/src/tests/hammer/kdc5_hammer.c +++ b/src/tests/hammer/kdc5_hammer.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/resolve/resolve.c b/src/tests/resolve/resolve.c index 39020e54b..023c378f4 100644 --- a/src/tests/resolve/resolve.c +++ b/src/tests/resolve/resolve.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/test1.c b/src/tests/test1.c index 9e5890e50..bb142ead4 100644 --- a/src/tests/test1.c +++ b/src/tests/test1.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/verify/kdb5_verify.c b/src/tests/verify/kdb5_verify.c index 558ef2533..bfb066136 100644 --- a/src/tests/verify/kdb5_verify.c +++ b/src/tests/verify/kdb5_verify.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/util/ChangeLog b/src/util/ChangeLog index c72703068..2682795da 100644 --- a/src/util/ChangeLog +++ b/src/util/ChangeLog @@ -1,3 +1,7 @@ +1999-08-16 Tom Yu + + * mkrel (reldate): Fix to deal with release branch snapshots. + Wed May 19 11:43:36 1999 Danilo Almeida * Makefile.in: Add all and cleanup rules for windows for windows, diff --git a/src/util/db2/ChangeLog b/src/util/db2/ChangeLog index f7617d5f6..7972728d6 100644 --- a/src/util/db2/ChangeLog +++ b/src/util/db2/ChangeLog @@ -1,3 +1,13 @@ +1999-08-15 Tom Yu + + * README.NOT.SLEEPYCAT.DB: New file; pointer to README to + hopefully unconfuse people. + + * README: Add notice to the effect that this is not Berkeley or + Sleepycat DB. + + * README.db2: Renamed from README. + Fri Feb 13 14:37:47 1998 Tom Yu * recno/extern.h: Additional renaming. diff --git a/src/util/db2/README b/src/util/db2/README index 5700b7393..70118bef5 100644 --- a/src/util/db2/README +++ b/src/util/db2/README @@ -1,41 +1,17 @@ -# @(#)README 8.28 (Berkeley) 11/2/95 - -This is version 2.0-ALPHA of the Berkeley DB code. -THIS IS A PRELIMINARY RELEASE. - -For information on compiling and installing this software, see the file -PORT/README. - -Newer versions of this software will periodically be made available by -anonymous ftp from ftp.cs.berkeley.edu:ucb/4bsd/db.tar.{Z,gz} and from -ftp.harvard.edu:margo/db.tar.{Z,gz}. If you want to receive announcements -of future releases of this software, send email to the contact address -below. - -Email questions may be addressed to dbinfo@eecs.harvard.edu. - -============================================ -Distribution contents: - -README This file. -CHANGELOG List of changes, per version. -btree B+tree access method. -db The db_open interface routine. -docs Various USENIX papers, and the formatted manual pages. -hash Extended linear hashing access method. -lock Lock manager. -log Log manager. -man The unformatted manual pages. -mpool The buffer manager support. -mutex Mutex support. -recno The fixed/variable length record access method. -test Test package. -txn Transaction support. - -============================================ -Debugging: - -If you're running a memory checker (e.g. Purify) on DB, make sure that -you recompile it with "-DPURIFY" in the CFLAGS, first. By default, -allocated pages are not initialized by the DB code, and they will show -up as reads of uninitialized memory in the buffer write routines. + IMPORTANT NOTICE: + +This directory contains code of somewhat unknown origin that is +INCOMPATIBLE with both Berkeley DB 1.85 and Sleepycat DB 2.x. Do NOT +contact Sleepycat regarding bugs in code found here; they do not +appreciate it. All bug reports about this code should go to the MIT +Kerberos team via krb5-send-pr or email to krb5-bugs@mit.edu, as +usual. + +It is believed that this "db" code originated from Berkeley DB 1.85 +and was further modified by Cygnus and the MIT Kerberos team. Some +significant changes to the hash code occured at some point. + +The file README.db2 contains the README file provided with the +2.0-alpha release of Berkeley/Sleepycat DB, which may contain +marginally useful information. It is not known at this time how well +this code matches that of the 2.0-alpha release. diff --git a/src/util/db2/README.NOT.SLEEPYCAT.DB b/src/util/db2/README.NOT.SLEEPYCAT.DB new file mode 100644 index 000000000..112454e94 --- /dev/null +++ b/src/util/db2/README.NOT.SLEEPYCAT.DB @@ -0,0 +1,2 @@ +THIS IS NOT THE SLEEPYCAT DB. +Please see the README file for more information. diff --git a/src/util/db2/README.db2 b/src/util/db2/README.db2 new file mode 100644 index 000000000..5700b7393 --- /dev/null +++ b/src/util/db2/README.db2 @@ -0,0 +1,41 @@ +# @(#)README 8.28 (Berkeley) 11/2/95 + +This is version 2.0-ALPHA of the Berkeley DB code. +THIS IS A PRELIMINARY RELEASE. + +For information on compiling and installing this software, see the file +PORT/README. + +Newer versions of this software will periodically be made available by +anonymous ftp from ftp.cs.berkeley.edu:ucb/4bsd/db.tar.{Z,gz} and from +ftp.harvard.edu:margo/db.tar.{Z,gz}. If you want to receive announcements +of future releases of this software, send email to the contact address +below. + +Email questions may be addressed to dbinfo@eecs.harvard.edu. + +============================================ +Distribution contents: + +README This file. +CHANGELOG List of changes, per version. +btree B+tree access method. +db The db_open interface routine. +docs Various USENIX papers, and the formatted manual pages. +hash Extended linear hashing access method. +lock Lock manager. +log Log manager. +man The unformatted manual pages. +mpool The buffer manager support. +mutex Mutex support. +recno The fixed/variable length record access method. +test Test package. +txn Transaction support. + +============================================ +Debugging: + +If you're running a memory checker (e.g. Purify) on DB, make sure that +you recompile it with "-DPURIFY" in the CFLAGS, first. By default, +allocated pages are not initialized by the DB code, and they will show +up as reads of uninitialized memory in the buffer write routines. diff --git a/src/util/et/ChangeLog b/src/util/et/ChangeLog index f5707d3e9..9d99e8abf 100644 --- a/src/util/et/ChangeLog +++ b/src/util/et/ChangeLog @@ -1,3 +1,7 @@ +1999-08-18 Miro Jurisic + + * et.exp: Added et.exp, MacOS export file for com_err library + 1999-06-15 Danilo Almeida * texinfo.tex: Get rid of control characters in text file. diff --git a/src/util/et/com_err.c b/src/util/et/com_err.c index 091968923..31da130db 100644 --- a/src/util/et/com_err.c +++ b/src/util/et/com_err.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/com_err.texinfo b/src/util/et/com_err.texinfo index 8b6399930..918f15276 100644 --- a/src/util/et/com_err.texinfo +++ b/src/util/et/com_err.texinfo @@ -41,7 +41,10 @@ that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software -without specific, written prior permission. M.I.T. and the M.I.T. S.I.P.B. +without specific, written prior permission. Furthermore if you modify this +software you must label your software as modified software and not +distribute it in such a fashion that it might be confused with the +original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/util/et/error_message.c b/src/util/et/error_message.c index 95223d7c3..7d03d34e0 100644 --- a/src/util/et/error_message.c +++ b/src/util/et/error_message.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/et.exp b/src/util/et/et.exp new file mode 100644 index 000000000..00e15a2df --- /dev/null +++ b/src/util/et/et.exp @@ -0,0 +1,8 @@ +# +# comerr library Macintosh export file +# +# $Header$ + +error_message +add_error_table +remove_error_table diff --git a/src/util/et/et_name.c b/src/util/et/et_name.c index 34edbca15..267f20b28 100644 --- a/src/util/et/et_name.c +++ b/src/util/et/et_name.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/init_et.c b/src/util/et/init_et.c index d40ed6248..c3d039811 100644 --- a/src/util/et/init_et.c +++ b/src/util/et/init_et.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/mit-sipb-copyright.h b/src/util/et/mit-sipb-copyright.h index 2f7eb2950..d7c4ee096 100644 --- a/src/util/et/mit-sipb-copyright.h +++ b/src/util/et/mit-sipb-copyright.h @@ -11,6 +11,9 @@ this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/util/mkrel b/src/util/mkrel index ae7a1ed37..e534a478f 100644 --- a/src/util/mkrel +++ b/src/util/mkrel @@ -54,6 +54,19 @@ krb5-*.*.*) relminor=`echo $release|awk -F. '{print $2}'` relpatch=`echo $release|awk -F. '{print $3}'` ;; +krb5-*.*-current) + release=`echo $reldir|sed -e 's/krb5-//'` + relhead=`echo $release|sed -e 's/-.*//'` + relmajor=`echo $relhead|awk -F. '{print $1}'` + relminor=`echo $relhead|awk -F. '{print $2}'` + release=${relhead}-$reldate + ;; +krb5-*.*-*) + release=`echo $reldir|sed -e 's/krb5-//'` + relhead=`echo $release|sed -e 's/-.*//'` + relmajor=`echo $relhead|awk -F. '{print $1}'` + relminor=`echo $relhead|awk -F. '{print $2}'` + ;; krb5-*.*) release=`echo $reldir|sed -e 's/krb5-//'` relmajor=`echo $release|awk -F. '{print $1}'` @@ -62,9 +75,18 @@ krb5-*.*) krb5-current) release=current-$reldate ;; -*);; +*) + release="$reldir" + ;; esac +echo "release=$release" +echo "major=$relmajor minor=$relminor patch=$relpatch" + +# $release is used for send-pr +# $reltag, $release, $reldate are used for brand.c currently +# $relmajor, $relminor, $relpatch are used for patchlevel.h currently + if test $checkout = t; then echo "Checking out krb5 with tag $reltag into directory $reldir..." cvs -q -d $repository export -r$reltag -d $reldir krb5 diff --git a/src/util/profile/ChangeLog b/src/util/profile/ChangeLog index 6bf48732b..bf16b30fb 100644 --- a/src/util/profile/ChangeLog +++ b/src/util/profile/ChangeLog @@ -1,3 +1,23 @@ +1999-09-01 Danilo Almeida + + * profile.hin (profile_init, profile_init_path): Define and use + const_profile_filespec_t. + + * prof_init.c (profile_init, profile_init_path): + * prof_file.c (profile_open_file): + * prof_int.h (profile_open_file): Use const_profile_filespec_t. + + * prof_int.h (PROFILE_LAST_FILESPEC): Compare a char against a char, + not a void*. + + * Makefile.in: Remove DOSDEFS to avoid warnings. The thing it + defined is already set in win-mac.h. + +1999-08-18 Miro Jurisic + + * profile.exp: removed com_err functions (they are in a library + of their own now) from MacOS export file + 1999-08-05 Danilo Almeida * prof_get.c (profile_free_string): diff --git a/src/util/profile/Makefile.in b/src/util/profile/Makefile.in index 4d15050a3..526684ccc 100644 --- a/src/util/profile/Makefile.in +++ b/src/util/profile/Makefile.in @@ -7,9 +7,8 @@ PROG_RPATH=$(KRB5_LIBDIR) ##DOS##BUILDTOP = ..\.. ##DOS##OBJFILE=$(OUTPRE)profile.lst ##DOS##LIBNAME=$(OUTPRE)profile.lib -##DOS##DOSDEFS=-DHAVE_STDLIB_H -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) $(DOSDEFS) +CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) LOCALINCLUDE=-I. -I$(srcdir)/../et diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c index 53f4ab706..77c4f551e 100644 --- a/src/util/profile/prof_file.c +++ b/src/util/profile/prof_file.c @@ -67,7 +67,7 @@ static int rw_access(filespec) } errcode_t profile_open_file(filespec, ret_prof) - profile_filespec_t filespec; + const_profile_filespec_t filespec; prf_file_t *ret_prof; { prf_file_t prf; diff --git a/src/util/profile/prof_init.c b/src/util/profile/prof_init.c index 5668d98f3..7f35e4421 100644 --- a/src/util/profile/prof_init.c +++ b/src/util/profile/prof_init.c @@ -25,16 +25,16 @@ error(do not have a 4-byte integer type) KRB5_DLLIMP errcode_t KRB5_CALLCONV profile_init(files, ret_profile) - profile_filespec_t *files; + const_profile_filespec_t *files; profile_t *ret_profile; { - profile_filespec_t *fs; + const_profile_filespec_t *fs; profile_t profile; prf_file_t new_file, last = 0; errcode_t retval = 0; initialize_prof_error_table(); - + profile = malloc(sizeof(struct _profile_t)); if (!profile) return ENOMEM; @@ -79,7 +79,7 @@ profile_init(files, ret_profile) */ KRB5_DLLIMP errcode_t KRB5_CALLCONV profile_init_path(filepath, ret_profile) - profile_filespec_list_t filepath; + const_profile_filespec_list_t filepath; profile_t *ret_profile; { int n_entries, i; diff --git a/src/util/profile/prof_int.h b/src/util/profile/prof_int.h index 970b42e01..76cebf136 100644 --- a/src/util/profile/prof_int.h +++ b/src/util/profile/prof_int.h @@ -80,7 +80,7 @@ struct _profile_t { */ #ifdef PROFILE_USES_PATHS -#define PROFILE_LAST_FILESPEC(x) (((x) == NULL) || ((x)[0] == NULL)) +#define PROFILE_LAST_FILESPEC(x) (((x) == NULL) || ((x)[0] == '\0')) #else #define PROFILE_LAST_FILESPEC(x) (((x).vRefNum == 0) && ((x).parID == 0) && ((x).name[0] == '\0')) #endif @@ -173,7 +173,7 @@ errcode_t profile_rename_node /* prof_file.c */ errcode_t profile_open_file - PROTOTYPE ((profile_filespec_t file, prf_file_t *ret_prof)); + PROTOTYPE ((const_profile_filespec_t file, prf_file_t *ret_prof)); errcode_t profile_update_file PROTOTYPE ((prf_file_t profile)); diff --git a/src/util/profile/profile.exp b/src/util/profile/profile.exp index 23629094b..3eaeb1dfd 100644 --- a/src/util/profile/profile.exp +++ b/src/util/profile/profile.exp @@ -25,9 +25,6 @@ profile_add_relation ### Temporary -- DO NOT USE -error_message -add_error_table -remove_error_table profile_ser_internalize profile_ser_externalize profile_ser_size diff --git a/src/util/profile/profile.hin b/src/util/profile/profile.hin index 420b955d4..f681f36f4 100644 --- a/src/util/profile/profile.hin +++ b/src/util/profile/profile.hin @@ -51,21 +51,25 @@ extern "C" { #endif #ifdef PROFILE_USES_PATHS -typedef char* profile_filespec_t; /* path as C string */ +typedef char* profile_filespec_t; /* path as C string */ typedef char* profile_filespec_list_t; /* list of : separated paths, C string */ +typedef const char* const_profile_filespec_t; /* path as C string */ +typedef const char* const_profile_filespec_list_t; /* list of : separated paths, C string */ #else /* On MacOS, we use native file specifiers as unique file identifiers */ #include typedef FSSpec profile_filespec_t; -typedef FSSpec* profile_filespec_list_t; - /* array should be terminated with {0, 0, ""} */ +typedef FSSpec* profile_filespec_list_t; +/* array should be terminated with {0, 0, ""} */ +typedef FSSpec const_profile_filespec_t; +typedef FSSpec* const_profile_filespec_list_t; #endif KRB5_DLLIMP long KRB5_CALLCONV profile_init - PROTOTYPE ((profile_filespec_t *files, profile_t *ret_profile)); + PROTOTYPE ((const_profile_filespec_t *files, profile_t *ret_profile)); KRB5_DLLIMP long KRB5_CALLCONV profile_init_path - PROTOTYPE ((profile_filespec_list_t filelist, profile_t *ret_profile)); + PROTOTYPE ((const_profile_filespec_list_t filelist, profile_t *ret_profile)); KRB5_DLLIMP long KRB5_CALLCONV profile_flush PROTOTYPE ((profile_t profile)); diff --git a/src/util/pty/cleanup.c b/src/util/pty/cleanup.c index 0e9104ef9..cf0b451f7 100644 --- a/src/util/pty/cleanup.c +++ b/src/util/pty/cleanup.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/getpty.c b/src/util/pty/getpty.c index 9b18aff57..3683ba641 100644 --- a/src/util/pty/getpty.c +++ b/src/util/pty/getpty.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/init.c b/src/util/pty/init.c index c2375aa40..df3b2f876 100644 --- a/src/util/pty/init.c +++ b/src/util/pty/init.c @@ -13,7 +13,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/init_slave.c b/src/util/pty/init_slave.c index 74564763b..edfad5a48 100644 --- a/src/util/pty/init_slave.c +++ b/src/util/pty/init_slave.c @@ -10,7 +10,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/libpty.h b/src/util/pty/libpty.h index 552a3ef86..82d2d81cc 100644 --- a/src/util/pty/libpty.h +++ b/src/util/pty/libpty.h @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/logwtmp.c b/src/util/pty/logwtmp.c index 4fbac3427..e3611f6a9 100644 --- a/src/util/pty/logwtmp.c +++ b/src/util/pty/logwtmp.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/open_ctty.c b/src/util/pty/open_ctty.c index 00a7eac80..d02a8c135 100644 --- a/src/util/pty/open_ctty.c +++ b/src/util/pty/open_ctty.c @@ -10,7 +10,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/open_slave.c b/src/util/pty/open_slave.c index 7d28ea264..aea04de1f 100644 --- a/src/util/pty/open_slave.c +++ b/src/util/pty/open_slave.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/pty_err.et b/src/util/pty/pty_err.et index 08c126d62..bad54d9c3 100644 --- a/src/util/pty/pty_err.et +++ b/src/util/pty/pty_err.et @@ -12,7 +12,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/util/pty/sane_hostname.c b/src/util/pty/sane_hostname.c index 3f9ed6b64..43814df53 100644 --- a/src/util/pty/sane_hostname.c +++ b/src/util/pty/sane_hostname.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/update_utmp.c b/src/util/pty/update_utmp.c index ce8b546f2..0c089d6d4 100644 --- a/src/util/pty/update_utmp.c +++ b/src/util/pty/update_utmp.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/update_wtmp.c b/src/util/pty/update_wtmp.c index 9d3af2128..7e8d57303 100644 --- a/src/util/pty/update_wtmp.c +++ b/src/util/pty/update_wtmp.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/vhangup.c b/src/util/pty/vhangup.c index 09d83c7be..fd6e04523 100644 --- a/src/util/pty/vhangup.c +++ b/src/util/pty/vhangup.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/void_assoc.c b/src/util/pty/void_assoc.c index 9e7c64368..a6ec33d75 100644 --- a/src/util/pty/void_assoc.c +++ b/src/util/pty/void_assoc.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/ss/copyright.h b/src/util/ss/copyright.h index e0d157224..d118f10bf 100644 --- a/src/util/ss/copyright.h +++ b/src/util/ss/copyright.h @@ -11,6 +11,9 @@ this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/util/ss/mit-sipb-copyright.h b/src/util/ss/mit-sipb-copyright.h index ffcfc380c..d6d5f1edc 100644 --- a/src/util/ss/mit-sipb-copyright.h +++ b/src/util/ss/mit-sipb-copyright.h @@ -11,6 +11,9 @@ this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/wconfig.c b/src/wconfig.c index acf888a27..0671a1ed6 100644 --- a/src/wconfig.c +++ b/src/wconfig.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/windows/ChangeLog b/src/windows/ChangeLog index 8e874b79c..7b9003ede 100644 --- a/src/windows/ChangeLog +++ b/src/windows/ChangeLog @@ -1,3 +1,24 @@ +1999-09-15 Danilo Almeida + + * README: Add documentation about configuration under windows and + krbcc32.dll. + +1999-09-09 Danilo Almeida + + * README: Explicitly say that we support only Win32 and not Win16. + +1999-09-08 Danilo Almeida + + * README: Update with install target information and more. + * mkbin.bat: Remove mkbin.bat as it is no longer used. + +1999-09-01 Danilo Almeida + + * readme, README: readme renamed to README. + + * version.rc: Boost version to 1.1. Include 1998 & 1999 in copyright + years. + 1999-06-21 Danilo Almeida * version.rc: Boost version to 1.0.8. diff --git a/src/windows/README b/src/windows/README new file mode 100644 index 000000000..c4c2f7578 --- /dev/null +++ b/src/windows/README @@ -0,0 +1,132 @@ + Building & Running Kerberos 5 on Windows + ---------------------------------------- + +Kerberos 5 Windows support now only includes Win32 and no longer +includes Win16. + +We build Kerberos 5 on Windows just with MSVC++ 6.0. You should +not need anything else. We do not know whether it currently +builds with other compilers or make utilities. + +These build instructions assume that you got a standalong source +distribution of Kerberos 5 rather than the MIT Kerberos for Win32 +distribution (which includes a working Kerberos 4). + +There are two methods for building a Windows version of Kerberos 5. +The traditional method involves starting on a Unix machine and +creating a distribution that can be built on Windows. The second +method works from the sources that come from the Unix distribution if +you have certain Unix-type utilities. + + +Traditional Build Method: +------------------------ + +On the Unix side +1) cd xxx/src # Go to where the source lives +2) make -f Makefile.in kerbsrc.zip # Do some Unix-side configuring + # ...and create kerbsrc.zip +3) + + +On the PC side +1) md \krb5 # Create where we'll put the tree +2) cd \krb5 +3) unzip kerbsrc.zip + - or - + pkunzip -d kerbsrc.zip +4) nmake -nologo # Build the sources +5) nmake install # Copy headers, libs, executables + + +All-Windows Build Method: +------------------------ + +First, make sure you have sed, gawk, cat, and cp. + +1) cd xxx/src # Go to where the source lives +2) nmake -f Makefile.in prep-windows # Create Makefile for Windows +3) nmake -nologo # Build the sources +4) nmake install # Copy headers, libs, executables + + +Notes on the install Target: +--------------------------- + +For the install target, you will need to define KRB_INSTALL_DIR to +point to the directory where the header, library, and executable files +will be installed. You can either define this in the environment or +at the nmake command-line. For example: + +nmake install KRB_INSTALL_DIR=c:\sdk\krb5 + +Make sure you create the directory first. Otherwise, nmake will +complain. The files will get installed into include, lib, and bin +subdirectories. You can then copy the binaries to where ever you want +have them (probably somewhere in your path). + + +Running Kerberos 5 Apps: +----------------------- + +Make sure you have a valid krb5.ini file. That will look just like a +Unix krb5.conf file. You can place this file in the same directory as +your krb5_32.dll or in your Windows directory. You should then be +able to run the applications that are built. Note that Kerberos 5 +will not look for the krb5.ini file in your path. + + +Krb5.ini File: +------------- + +WARNING: Despite its name, this is not a Windows .ini file. +Therefore, do not try to use any .ini tools, including the Windows API +or any installer tools to manipulate this file. Its format is subtly +different from Windows .ini files! + + +Controlling the Kerberos 5 Run-Time Environment: +----------------------------------------------- + +The Kerberos 5 configuration file and credentials cache can be +controlled with environment variables and registry settings. The +environment variable for a particular setting always takes precedence. +Next in precedence comes the setting in the registry under +HKEY_CURRENT_USER\Software\MIT\Kerberos5. Then comes the registry +setting under HKEY_LOCAL_MACHINE\Software\MIT\Kerberos5. If none of +those are found, a default value is used. + +Configuration File: +- Environment: KRB5_CONFIG +- Registry Value: config +- Default: looks in krb5_32.dll's dir and Windows directory + +Default Credentials Cache: +- Environment: KRB5CCNAME +- Registry Value: ccname +- Default: API:krb5cc or FILE:%TEMP%\krb5cc or FILE:\krb5cc + + +Credentials Cache: +----------------- + +In addition to standard FILE: (disk file) and MEMORY: (in-process +non-shared memory) Windows supports the API: cache type, which is a +shared memory cache. This is implemented by krbcc32.dll, which is not +included the the krb5-only distribution. Rather, it is part of MIT's +Kerberos for Win32 suite. + + +Othes Issues: +------------ + +The krb4_32.dll that is built (but not installed) is not supported. +If you need Kerberos 4, you can use the krbv4w32.dll that MIT +distributes as part of the MIT Kerberos for Win32 distribution. + + +More Information: +---------------- + +For more information, please read the Kerberos 5 documentation in +the doc directory of the distribution. diff --git a/src/windows/cns/ChangeLog b/src/windows/cns/ChangeLog index 3d42fe7b7..47b829b3a 100644 --- a/src/windows/cns/ChangeLog +++ b/src/windows/cns/ChangeLog @@ -1,3 +1,8 @@ +1999-08-26 Danilo Almeida + + * cns_reg.c (cns_load_registry, cns_save_registry): Honor setting + in cns_res.cc_override. + Mon May 17 19:55:08 1999 Danilo Almeida * Makefile.in: Add included version resouce script to diff --git a/src/windows/cns/cns_reg.c b/src/windows/cns/cns_reg.c index 95a5a5f87..400d72d23 100644 --- a/src/windows/cns/cns_reg.c +++ b/src/windows/cns/cns_reg.c @@ -135,7 +135,7 @@ cns_load_registry(void) } else strcpy(cns_res.confname, cns_res.def_confname); - if (registry_string_get(key, "ccname", &ts) == 0) { + if (cns_res.cc_override && (registry_string_get(key, "ccname", &ts) == 0)) { strcpy(cns_res.ccname, ts); free(ts); } else @@ -197,15 +197,20 @@ cns_save_registry(void) registry_string_set(key, "realm", cns_res.realm); if (cns_res.conf_override) - if (strcmp(cns_res.confname, cns_res.def_confname)) - registry_string_set(key, "confname", cns_res.confname); - else - registry_value_delete(key, "confname"); + { + if (strcmp(cns_res.confname, cns_res.def_confname)) + registry_string_set(key, "confname", cns_res.confname); + else + registry_value_delete(key, "confname"); + } - if (strcmp(cns_res.ccname, cns_res.def_ccname)) + if (cns_res.cc_override) + { + if (strcmp(cns_res.ccname, cns_res.def_ccname)) registry_string_set(key, "ccname", cns_res.ccname); - else + else registry_value_delete(key, "ccname"); + } for (i = 0 ; i < FILE_MENU_MAX_LOGINS ; i++) if (cns_res.logins[i][0] != '\0') { diff --git a/src/windows/mkbin.bat b/src/windows/mkbin.bat deleted file mode 100644 index 889debdd7..000000000 --- a/src/windows/mkbin.bat +++ /dev/null @@ -1,8 +0,0 @@ -mkdir kbin -copy lib\*.dll kbin -copy windows\cns\krb5.exe kbin -copy windows\wintel\telnet.exe kbin -copy windows\gss\gss.exe kbin -copy clients\klist\klist.exe kbin -copy clients\kinit\kinit.exe kbin -copy clients\kdestroy\kdestroy.exe kbin diff --git a/src/windows/readme b/src/windows/readme deleted file mode 100644 index 0bcedafe3..000000000 --- a/src/windows/readme +++ /dev/null @@ -1,45 +0,0 @@ -Building Windows Kerberos 5 - -We build Kerberos 5 on Windows just with MSVC++ 6.0. You should -not need anything else. We do not know whether it currently -builds with other compilers or make utilities. - -There are two basic methods for making the Windows version of Kerberos -5. The traditional method involves starting on a Unix machine and -creating a distribution that can be built on Windows. The second -method works from the sources that come from the CVS tree if you have -certain Unix-type utilities. - -Traditional Method: ------------------- - -On the Unix side -1) cd xxx/src # Go to where the source lives -2) make -f Makefile.in kerbsrc.zip # Do some Unix-side configuring - # ...and create kerbsrc.zip -3) - - -On the PC side -1) md \k5 # Create where we'll put the tree -2) cd \k5 -3) unzip kerbsrc.zip - - or - - pkunzip -d kerbsrc.zip -4) nmake -nologo # Build the sources -5) nmake mkbin # Place binaries generated by the - # ...build in the kbin directory -6) - - -All-Windows Method: ------------------- - -First, make sure you have sed, gawk, cat, and cp. - -1) cd xxx/src # Go to where the source lives -2) nmake -f Makefile.in prep-windows # Create Makefile for Windows -3) nmake -nologo # Build the sources -4) nmake mkbin # Place binaries generated by the - # ...build in the kbin directory diff --git a/src/windows/version.rc b/src/windows/version.rc index 6a6896f1f..346c69b30 100644 --- a/src/windows/version.rc +++ b/src/windows/version.rc @@ -13,10 +13,10 @@ /* we're going to stamp all the DLLs with the same version number */ -#define K5_PRODUCT_VERSION_STRING "1.0.8\0" -#define K5_PRODUCT_VERSION 1, 0, 8, 0 +#define K5_PRODUCT_VERSION_STRING "1.1\0" +#define K5_PRODUCT_VERSION 1, 1, 0, 0 -#define K5_COPYRIGHT "Copyright (C) 1997 by the Massachusetts Institute of Technology\0" +#define K5_COPYRIGHT "Copyright (C) 1997-1999 by the Massachusetts Institute of Technology\0" #define K5_COMPANY_NAME "Massachusetts Institute of Technology.\0" /* diff --git a/src/windows/wintel/enc_des.h b/src/windows/wintel/enc_des.h index 996a4f5d0..dbfb99e4a 100644 --- a/src/windows/wintel/enc_des.h +++ b/src/windows/wintel/enc_des.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/windows/wintel/encrypt.c b/src/windows/wintel/encrypt.c index 17216dec3..f1a1301fb 100644 --- a/src/windows/wintel/encrypt.c +++ b/src/windows/wintel/encrypt.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/windows/wintel/encrypt.h b/src/windows/wintel/encrypt.h index 605c0de32..d00aa6517 100644 --- a/src/windows/wintel/encrypt.h +++ b/src/windows/wintel/encrypt.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */