From: no author Date: Wed, 14 Jun 2000 22:41:09 +0000 (+0000) Subject: This commit was manufactured by cvs2svn to create tag X-Git-Tag: krb5-1.1.2-beta2 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=9f167fa5f42d8e24f2f688c55ab4e9be18eedda5;p=krb5.git This commit was manufactured by cvs2svn to create tag 'krb5-1-1-2-beta2'. git-svn-id: svn://anonsvn.mit.edu/krb5/tags/krb5-1-1-2-beta2@12389 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/README b/README index 43e70c938..51c2c438e 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ - Kerberos Version 5, Release 1.0 + Kerberos Version 5, Release 1.1 Release Notes @@ -8,11 +8,11 @@ Unpacking the Source Distribution --------------------------------- The source distribution of Kerberos 5 comes in three gzipped tarfiles, -krb5-1.0.src.tar.gz, krb5-1.0.doc.tar.gz, and krb5-1.0.crypto.tar.gz. -The krb5-1.0.doc.tar.gz contains the doc/ directory and this README -file. The krb5-1.0.src.tar.gz contains the src/ directory and this +krb5-1.1.src.tar.gz, krb5-1.1.doc.tar.gz, and krb5-1.1.crypto.tar.gz. +The krb5-1.1.doc.tar.gz contains the doc/ directory and this README +file. The krb5-1.1.src.tar.gz contains the src/ directory and this README file, except for the crypto library sources, which are in -krb5-1.0.crypto.tar.gz. +krb5-1.1.crypto.tar.gz. Instruction on how to extract the entire distribution follow. These directions assume that you want to extract into a directory called @@ -22,56 +22,21 @@ If you have the GNU tar program and gzip installed, you can simply do: mkdir DIST cd DIST - gtar zxpf krb5-1.0.src.tar.gz - gtar zxpf krb5-1.0.crypto.tar.gz - gtar zxpf krb5-1.0.doc.tar.gz + gtar zxpf krb5-1.1.src.tar.gz + gtar zxpf krb5-1.1.crypto.tar.gz + gtar zxpf krb5-1.1.doc.tar.gz If you don't have GNU tar, you will need to get the FSF gzip distribution and use gzcat: mkdir DIST cd DIST - gzcat krb5-1.0.src.tar.gz | tar xpf - - gzcat krb5-1.0.crypto.tar.gz | tar xpf - - gzcat krb5-1.0.doc.tar.gz | tar xpf - - -Both of these methods will extract the sources into DIST/krb5-1.0/src -and the documentation into DIST/krb5-1.0/doc. - -Unpacking the Binary Distribution ---------------------------------- - -Binary distributions of Kerberos V5 are provided merely as convenience -to those people who wish to try out Kerberos V5 without needing to do -a full compile of Kerberos. - -MIT and the MIT Kerberos V5 development team make no guarantees that -we will continue to supply binary distributions for future releases of -Kerberos V5, or for any operating system/platform in particular. -These binary distributions have been prepared by members of the MIT -Kerberos V5 development team, or by volunteers who have graciously -agreed to test the pre-release snapshot. Each binary build is PGP -signed by the person who prepared the binary distribution for that -particular platform. - -While the binary distribution is *supposed* to correspond exactly to -the 1.0 Kerberos V5 source release, you have no way of knowing whether -the person who prepared the binary release might have inserted a -trojan horse, or a trapdoor. For all you know, the binary -distribution might be mailing all of your Kerberos keys to -kremvax!boris. (The same is true for the source distribution, but at -least you can audit the code yourself!) - -For this reason, if you are planning on using Kerberos V5 in -production, we strongly suggest that you obtain the source -distribution and compile it from source yourself. - -The binary distributions have been compiled so that they will install -in /usr/local. To install, su to root and and type the command: - - cd /usr/local - gunzip < /tmp/krb5-1.0..tar.gz | tar xvf - + gzcat krb5-1.1.src.tar.gz | tar xpf - + gzcat krb5-1.1.crypto.tar.gz | tar xpf - + gzcat krb5-1.1.doc.tar.gz | tar xpf - +Both of these methods will extract the sources into DIST/krb5-1.1/src +and the documentation into DIST/krb5-1.1/doc. Building and Installing Kerberos 5 ---------------------------------- @@ -80,12 +45,17 @@ The first file you should look at is doc/install.ps; it contains the notes for building and installing Kerberos 5. The info file krb5-install.info has the same information in info file format. You can view this using the GNU emacs info-mode, or by using the -standalone info file viewer from the Free Software Foundation. +standalone info file viewer from the Free Software Foundation. This +is also available as an HTML file, install.html. Other good files to look at are admin-guide.ps and user-guide.ps, which contain the system administrator's guide, and the user's guide, respectively. They are also available as info files -kerberos-admin.info and krb5-user.info, respectively. +kerberos-admin.info and krb5-user.info, respectively. These files are +also available as HTML files. + +If you are attempting to build under Windows, please see the +src/windows/README file. Reporting Bugs -------------- @@ -99,54 +69,53 @@ If you are not able to use krb5-send-pr because you haven't been able compile and install Kerberos V5 on any platform, you may send mail to krb5-bugs@mit.edu. -Notes and Major Changes ------------------------ - -* We are now using the GNATS system to track bug reports for Kerberos -V5. It is therefore helpful for people to use the krb5-send-pr -program when reporting bugs. The old interface of sending mail to -krb5-bugs@mit.edu will still work; however, bug reports sent in this -fashion may experience a delay in being processed. - -* The default keytab name has changed from /etc/v5srvtab to -/etc/krb5.keytab. - -* login.krb5 no longer defaults to getting krb4 tickets. - -* The Windows (win16) DLL, LIBKRB5.DLL, has been renamed to -KRB5_16.DLL. This change was necessary to distinguish it from the -win32 version, which will be named KRB5_32.DLL. Note that the -GSSAPI.DLL file has not been renamed, because this name was specified -in a draft standard for the Windows 16 GSSAPI bindings. (The 32-bit -version of the GSSAPI DLL will be named GSSAPI32.DLL.) - -* The directory structure used for installations has changed. In -particular, files previously located in $prefix/lib/krb5kdc are now -normally located in $sysconfdir/krb5kdc. With the normal configure -options, this means the KDC database goes in /usr/local/var/krb5kdc by -default. If you wish to have the old behavior, then you would use a -configure line like the following: - - configure --prefix=/usr/local --sysconfdir=/usr/local/lib - -* kshd has been modified to accept krb4 encrypted rcp connections; for -this to work, the v4rcp program must be in the bin directory. - -* The gssrpc library has symbol collisions with the rpc library in -some of the libcs in certain operating systems without shared -libraries, notably some ports of NetBSD and MkLinux. For those -platforms which have rpc in libc and also contain NIS in libc, -compiling with static libraries will not work because of this -conflict. NetBSD users can either upgrade to the current tree, which -includes shared libraries for more ports, choose not to build kadmind -or kadmin, or recompile NetBSD without NIS support. MkLinux users -must either recompile without NIS or not build the administration -system. +Notes, Major Changes, and Known Bugs +------------------------------------ + +* Triple DES support is included; however, it is only usable for + service keys at the moment, due to a large number of compatibility + issues. For example, the GSSAPI library has some (buggy) support + for a triple DES session key, but it is intentionally disabled. + ** Do not use triple-DES in your config files except as described in + ** the documentation. + +* The principal database now uses the btree backend of Berkeley DB. + This should result in improved KDC performance. + +* The lib/rpc tests do not appear to work under NetBSD-1.4, for + reasons that are not completely clear at the moment, but probably + have something to do with portmapper interfacing. This should not + affect other operations, such as kadmind operation. + +* Shared library builds are under a new framework; at this point only + Solaris (2.x), Irix (6.5), NetBSD (1.4 i386), and possibly Linux are + known to work. All other working shared library builds may be + figments of your imagination. + +* Many existing databases, especially those converted from krb4 + original databases, may contain expiration dates in 1999. You + should make sure to update these expiration dates, and also change + any config file entries that have two-digit years. + +* Hardware preauthentication is known to be broken; this will be fixed + in an upcoming release. + +* krb524d now defaults to forking into the background; use + "krb524d -nofork" to avoid forking. + +* Not all reported bugs have been fixed in this release, due to time + constraints. We are planning to make another release in the near + future with more complete triple DES support, and additional + bugfixes. Many of the bugs in our database are reported against + what is now quite old code, or require hardware that we do not have, + which make them difficult to reproduce and debug. We will work on + these older bugs and some externally submitted patches for the + following release. Copyright Notice and Legal Administrivia ---------------------------------------- -Copyright (C) 1996 by the Massachusetts Institute of Technology. +Copyright (C) 1985-1999 by the Massachusetts Institute of Technology. All rights reserved. @@ -162,16 +131,19 @@ notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. +permission. Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original MIT software. +M.I.T. makes no representations about the suitability of this software +for any purpose. It is provided "as is" without express or implied +warranty. THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. Individual source code files are copyright MIT, Cygnus Support, -OpenVision, Oracle, Sun Soft, and others. +OpenVision, Oracle, Sun Soft, FundsXpress, and others. Project Athena, Athena, Athena MUSE, Discuss, Hesiod, Kerberos, Moira, and Zephyr are trademarks of the Massachusetts Institute of Technology @@ -253,7 +225,9 @@ Thanks to Sean Mullan and Bill Sommerfeld from Hewlett Packard for their many suggestions and bug fixes. Thanks to the members of the Kerberos V5 development team at MIT, both -past and present: Jay Berkenbilt, Richard Basch, John Carr, Don -Davis, Nancy Gilman, Sam Hartman, Marc Horowitz, Barry Jaspan, John -Kohl, Cliff Neuman, Kevin Mitchell, Paul Park, Ezra Peisach, Chris -Provenzano, Jon Rochlis, Jeff Schiller, Harry Tsai, Ted Ts'o, Tom Yu. +past and present: Danillo Almeida, Jay Berkenbilt, Richard Basch, John +Carr, Don Davis, Alexandra Ellwood, Nancy Gilman, Matt Hancher, Sam +Hartman, Paul Hill, Marc Horowitz, Eva Jacobus, Barry Jaspan, Geoffrey +King, John Kohl, Scott McGuire, Kevin Mitchell, Cliff Neuman, Paul +Park, Ezra Peisach, Chris Provenzano, Ken Raeburn, Jon Rochlis, Jeff +Schiller, Brad Thompson, Harry Tsai, Ted Ts'o, Marshall Vale, Tom Yu. diff --git a/doc/ChangeLog b/doc/ChangeLog index 49002f24f..38af2b888 100644 --- a/doc/ChangeLog +++ b/doc/ChangeLog @@ -1,3 +1,45 @@ +1999-09-22 Tom Yu + + * copyright.texinfo: Update copyright again. + +1999-09-17 Tom Yu + + * copyright.texinfo: Update copyright notice somewhat. + + * install.texinfo: Update info on upgrading a KDC for 1.1. + +1999-09-08 Ken Raeburn + + * install.texinfo (Mac OS X Configuration): Revised text from + Alexis, with more explanations of what's going on. + +1999-09-07 Ken Raeburn + + * definitions.texinfo: Update for 1.1 release. + + * admin.texinfo (Adding or Modifying Principals): Mention des3 + enctype for host keys. + + * build.texinfo: Replace "krb5-1.0" with "krb5-@value{RELEASE}" + throughout. + (Shared Library Support): Cut supported-OS list down to Solaris + and Irix for now. + + * install.texinfo: Update EDITION to 1.1. + (MacOS X Configuration): New node, with info from Brad Thompson. + (Encryption Types and Salt Types): Mention des3. + +1999-08-31 Ken Raeburn + + * admin.texinfo (Kadmin Options): Describe -e option. + (The User/Kerberos Interaction): Renamed from User--Kerberos to + avoid an apparent makeinfo 1.68 bug. + (realms (kdc.conf)): Document kdc_supported_enctypes, and mention + how des3 can be used there. Add des-cbc-crc:v4 to both enctype + lists, in the descriptions and in the examples. Delete + encryption_type, which doesn't exist. + (Date Format): Avoid 2-digit years, and add a warning about them. + Fri Dec 13 15:10:44 1996 Tom Yu * admin.texinfo (The User--Kerberos Interaction): The environment diff --git a/doc/admin.texinfo b/doc/admin.texinfo index 7e70d28c7..2ea716b25 100644 --- a/doc/admin.texinfo +++ b/doc/admin.texinfo @@ -139,7 +139,7 @@ Service for Open Network Systems}, a paper presented at Winter USENIX * Kerberos Realms:: * The Ticket-Granting Ticket:: * Network Services and the Master Database:: -* The User--Kerberos Interaction:: +* The User/Kerberos Interaction:: * Definitions:: @end menu @@ -210,7 +210,7 @@ just a file in @code{/tmp}. The credentials cache is also called the @dfn{ticket file}, especially in Kerberos V4 documentation. Note, however, that a credentials cache does not have to be stored in a file. -@node Network Services and the Master Database, The User--Kerberos Interaction, The Ticket-Granting Ticket, How Kerberos Works +@node Network Services and the Master Database, The User/Kerberos Interaction, The Ticket-Granting Ticket, How Kerberos Works @section Network Services and the Master Database The master database also contains entries for all network services that @@ -258,8 +258,8 @@ services that run as root are usually stored in the keytab file of the service's password, and must be kept secure. Data which is meant to be read only by the service is encrypted using this key. -@node The User--Kerberos Interaction, Definitions, Network Services and the Master Database, How Kerberos Works -@section The User--Kerberos Interaction +@node The User/Kerberos Interaction, Definitions, Network Services and the Master Database, How Kerberos Works +@section The User/Kerberos Interaction Suppose that you walk up to a host intending to login to it, and then @samp{rlogin} to the machine @samp{laughter}. Here's what happens: @@ -324,7 +324,7 @@ login. @end enumerate @end enumerate -@node Definitions, , The User--Kerberos Interaction, How Kerberos Works +@node Definitions, , The User/Kerberos Interaction, How Kerberos Works @section Definitions Following are definitions of some of the Kerberos terminology. @@ -839,10 +839,6 @@ in this realm. not allowed as passwords. The default is @code{@value{ROOTDIR}/var/krb5kdc/kadm5.dict}. -@itemx encryption_type -(Encryption type string.) Specifies the encryption type used for this -realm. Only "des-cbc-crc" is supported at this time. - @itemx kadmind_port (Port number.) Specifies the port that the kadmind daemon is to listen for this realm. The assigned port for kadmind is 749. @@ -875,9 +871,25 @@ valid ticket may be renewed in this realm. @itemx supported_enctypes List of key:salt strings. Specifies the default key/salt combinations -of principals for this realm. Since only the encryption type -"des-cbc-crc" is supported, you should set this tag to -@samp{des-cbc-crc:normal}. +of principals for this realm. Any principals created through +@code{kadmin} will have keys of these types. Since only the encryption +type "des-cbc-crc" is supported, you should set this tag to +@samp{des-cbc-crc:normal des-cbc-crc:v4}. + +@itemx kdc_supported_enctypes +List of key:salt strings. Specifies the permitted key/salt combinations +of principals for this realm. You should set this tag to +@samp{des-cbc-crc:normal des-cbc-crc:v4}. + +@b{Note:} You may also use @samp{des3-cbc-sha1:normal} before +@samp{des-cbc-crc:normal} if you wish to support triple-DES service keys +in addition to DES service keys. In order to create such service keys, +you must use the @code{-e} option to @code{kadmin.local}, running on the +KDC system itself; the remote @code{kadmin} client does not allow this +option. We do not currently support the use of triple-DES keys anywhere +other than for service keys. + + @end table @node Sample kdc.conf File, , realms (kdc.conf), kdc.conf @@ -896,7 +908,8 @@ Here's an example of a @code{kdc.conf} file: max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s master_key_type = des-cbc-crc - supported_enctypes = des-cbc-crc:normal + supported_enctypes = des-cbc-crc:normal des-cbc-crc:v4 + kdc_supported_enctypes = des-cbc-crc:normal des-cbc-crc:v4 @} [logging] @@ -993,6 +1006,16 @@ unauthorized users gain read access to the script. @item @b{-q} @i{query} Pass @i{query} directly to @code{kadmin}. This is useful for writing scripts that pass specific queries to @code{kadmin}. + +@item @b{-e} @i{"enctypes ..."} +@b{(For @code{kadmin.local} only.)} +Sets the list of cryptosystem and salt types to be used for any new keys +created. Available types include @samp{des3-cbc-sha1:normal}, +@samp{des-cbc-crc:normal}, and @samp{des-cbc-crc:v4}. In this release, +the @samp{des3-cbc-sha1:normal} type should only be used when +registering service principals; for any services that may request +tickets themselves to initiate some action, it should be combined with +one or more of the other types. @end table @node Date Format, Principals, Kadmin Options, Administrating Kerberos Database Entries @@ -1016,12 +1039,15 @@ tomorrow now "second Monday" fortnight -"3/31/92 10:00:07 PST" -"January 23, 1987 10:05pm" +"3/31/1992 10:00:07 PST" +"January 23, 2007 10:05pm" "22:00 GMT" @end group @end smallexample +Two-digit years are allowed in places, but the use of this form is not +recommended. + Note that if the date specification contains spaces, you must enclose it in double quotes. Note also that you cannot use a number without a unit. (I.e., ``"60 seconds"'' is correct, but ``60'' is incorrect.) @@ -1382,7 +1408,11 @@ Removes the policy @i{policyname} from the principal @item -randkey Sets the key for the principal to a random value (@code{add_principal} -only). @value{COMPANY} recommends using this option for host keys. +only). @value{COMPANY} recommends using this option for host keys. You +may also wish to use the @b{kadmin.local} command-line options @b{-e +"des3-cbc-sha1:normal des-cbc-crc:normal"}@xref{Kadmin Options} on the +KDC machine itself for host keys and other service keys that are +security-critical. @item -pw @i{password} Sets the key of the principal to the specified string and does not diff --git a/doc/api/ChangeLog b/doc/api/ChangeLog index a26f66faa..b1145f18f 100644 --- a/doc/api/ChangeLog +++ b/doc/api/ChangeLog @@ -1,3 +1,8 @@ +1999-08-30 Ken Raeburn + + * libdes.tex: Don't use ncs style; it's availability is dependent + on the local TeX installation. + 1999-01-20 Theodore Ts'o * krb5.tex (krb5_mk_safe): Fix reference to a non-existent flag. diff --git a/doc/api/libdes.tex b/doc/api/libdes.tex index c53c81350..71e75c59b 100644 --- a/doc/api/libdes.tex +++ b/doc/api/libdes.tex @@ -1,4 +1,4 @@ -\documentstyle[ncs,fixunder,functions,twoside]{article} +\documentstyle[fixunder,functions,twoside]{article} \setlength{\oddsidemargin}{0.25in} \setlength{\evensidemargin}{-0.25in} \setlength{\topmargin}{-.5in} diff --git a/doc/build.texinfo b/doc/build.texinfo index bee77fe88..78aa8b450 100644 --- a/doc/build.texinfo +++ b/doc/build.texinfo @@ -38,17 +38,17 @@ link tree for your build tree. The first step in each of these build procedures is to unpack the source distribution. The Kerberos V5 distribution comes in two compressed tar files. The first file, which is generally named -@file{krb5-1.0.src.tar.gz}, contains the sources for all of Kerberos +@file{krb5-@value{RELEASE}.src.tar.gz}, contains the sources for all of Kerberos except for the crypto library, which is found in the file -@file{krb5-1.0.crypto.tar.gz}. +@file{krb5-@value{RELEASE}.crypto.tar.gz}. Both files should be unpacked in the same directory, such as -@file{/u1/krb5-1.0}. (In the rest of this document, we will assume that +@file{/u1/krb5-@value{RELEASE}}. (In the rest of this document, we will assume that you have chosen to unpack the Kerberos V5 source distribution in this directory. Note that the tarfiles will by default all unpack into the -@file{./krb5-1.0} directory, so that if your current directory is +@file{./krb5-@value{RELEASE}} directory, so that if your current directory is @file{/u1} when you unpack the tarfiles, you will get -@file{/u1/krb5-1.0/src}, etc.) +@file{/u1/krb5-@value{RELEASE}/src}, etc.) @node Doing the Build, Testing the Build, Unpacking the Sources, Building Kerberos V5 @@ -77,7 +77,7 @@ use the following abbreviated procedure. @enumerate @item - @code{cd /u1/krb5-1.0/src} + @code{cd /u1/krb5-@value{RELEASE}/src} @item @code{./configure} @item @@ -100,9 +100,9 @@ you might use the following procedure: @enumerate @item -@code{mkdir /u1/krb5-1.0/pmax} +@code{mkdir /u1/krb5-@value{RELEASE}/pmax} @item - @code{cd /u1/krb5-1.0/pmax} + @code{cd /u1/krb5-@value{RELEASE}/pmax} @item @code{../src/configure} @item @@ -122,11 +122,11 @@ you might use the following procedure: @enumerate @item - @code{mkdir /u1/krb5-1.0/solaris} + @code{mkdir /u1/krb5-@value{RELEASE}/solaris} @item - @code{cd /u1/krb5-1.0/solaris} + @code{cd /u1/krb5-@value{RELEASE}/solaris} @item - @code{/u1/krb5-1.0/src/util/lndir `pwd`/../src} + @code{/u1/krb5-@value{RELEASE}/src/util/lndir `pwd`/../src} @item @code{./configure} @item @@ -397,8 +397,10 @@ variables when using the programs. Except where noted, multiple versions of the libraries may be installed on the same system and continue to work. -Currently the supported platforms are: NetBSD 1.0A, AIX 3.2.5, AIX 4.1, -Solaris 2.4 (aka SunOS 5.4), Alpha OSF/1 >= 2.1, HP-UX >= 9.X. +Currently the supported platforms are +@comment NetBSD 1.0A, AIX 3.2.5, AIX 4.1, +Solaris 2.6 (aka SunOS 5.6) and Irix 6.5. +@comment Alpha OSF/1 >= 2.1, HP-UX >= 9.X. To enable shared libraries on the above platforms, run the configure script with the option @samp{--enable-shared}. @@ -475,11 +477,11 @@ NetBSD and FreeBSD.) @node HPUX, Solaris versions 2.0 through 2.3, BSDI, OS Incompatibilities @subsection HPUX -The native compiler for HPUX currently will not work, because it is not -a full ANSI C compiler. The optional compiler (c89) should work as long -as you give it the @samp{+Olibcalls -D_HPUX_SOURCE} (this has only been -tested for HPUX 9.0). At this point, using GCC is probably your best -bet. +The native (bundled) compiler for HPUX currently will not work, because +it is not a full ANSI C compiler. The optional compiler (c89) should +work as long as you give it the @samp{+Olibcalls -D_HPUX_SOURCE} (this +has only been tested for HPUX 9.0). At this point, using GCC is +probably your best bet. @node Solaris versions 2.0 through 2.3, Solaris 2.X, HPUX, OS Incompatibilities @subsection Solaris versions 2.0 through 2.3 @@ -496,7 +498,7 @@ Workarounds: @enumerate @item - Supply your own resolver library. (such as bind-4.9.3pl1 availavle + Supply your own resolver library. (such as bind-4.9.3pl1 available from ftp.vix.com) @item @@ -605,7 +607,7 @@ that you have made a change that will require that all the @code{--force} option: @example -% cd /u1/krb5-1.0/src +% cd /u1/krb5-@value{RELEASE}/src % ./util/reconf --force @end example @@ -625,7 +627,7 @@ Then follow the instructions for building packaged source trees (above). To install the binaries into a binary tree, do: @example -% cd /u1/krb5-1.0/src +% cd /u1/krb5-@value{RELEASE}/src % make all % make install DESTDIR=somewhere-else @end example diff --git a/doc/copyright.texinfo b/doc/copyright.texinfo index 04601e203..7ea4758e2 100644 --- a/doc/copyright.texinfo +++ b/doc/copyright.texinfo @@ -1,4 +1,4 @@ -Copyright @copyright{} 1990, 1991, 1992, 1993, 1994, 1995, 1996 by the Massachusetts Institute of Technology. +Copyright @copyright{} 1985-1999 by the Massachusetts Institute of Technology. @quotation Export of software employing encryption from the United States of @@ -13,9 +13,12 @@ hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the -software without specific, written prior permission. M.I.T. makes no -representations about the suitability of this software for any purpose. -It is provided ``as is'' without express or implied warranty. +software without specific, written prior permission. Furthermore if you +modify this software you must label your software as modified software +and not distribute it in such a fashion that it might be confused with +the original MIT software. M.I.T. makes no representations about the +suitability of this software for any purpose. It is provided ``as is'' +without express or implied warranty. @iftex @vskip 12pt diff --git a/doc/definitions.texinfo b/doc/definitions.texinfo index 19b2b0f55..079809d2c 100644 --- a/doc/definitions.texinfo +++ b/doc/definitions.texinfo @@ -19,8 +19,8 @@ @set RANDOMUSER johndoe @set RANDOMUSER1 jennifer @set RANDOMUSER2 david -@set RELEASE 1.0 -@set PREVRELEASE beta 7 +@set RELEASE 1.1 +@set PREVRELEASE 1.0 @set INSTALLDIR /usr/@value{LCPRODUCT} @set PREVINSTALLDIR @value{INSTALLDIR} @set ROOTDIR /usr/local diff --git a/doc/install.texinfo b/doc/install.texinfo index f5c4396a8..c780e70d7 100644 --- a/doc/install.texinfo +++ b/doc/install.texinfo @@ -16,7 +16,7 @@ @end iftex @include definitions.texinfo -@set EDITION 1.0 +@set EDITION 1.1 @finalout @c don't print black warning boxes @@ -1057,10 +1057,10 @@ Each machine running Kerberos must have a @code{/etc/krb5.conf} file. (@xref{krb5.conf}) @need 4000 -Also, you must add the appropriate Kerberos services to each client -machine's @code{/etc/services} file. If you are using the default -configuration for @value{PRODUCT}, you should be able to just insert the -following code: +Also, for most UNIX systems, you must add the appropriate Kerberos +services to each client machine's @code{/etc/services} file. If you are +using the default configuration for @value{PRODUCT}, you should be able +to just insert the following code: @smallexample @group @@ -1095,6 +1095,94 @@ to switch the port number for @code{kerberos} to 750 and create a @code{kerberos-sec} service (tcp and udp) on port 88, so the Kerberos V4 KDC(s) will continue to work properly. +@menu +* Mac OS X Configuration:: +@end menu + +@node Mac OS X Configuration, , Client Machine Configuration Files, Client Machine Configuration Files +@subsubsection Mac OS X Configuration + +To install Kerberos V5 on Mac OS X and Mac OS X Server, follow the +directions for generic Unix-based OS's, except for the +@code{/etc/services} updates described above. + +Mac OS X and Mac OS X Server use a database called NetInfo to store +the contents of files normally found in @code{/etc}. Instead of +modifying @code{/etc/services}, you should run the following commands +to add the Kerberos service entries to NetInfo: + +@smallexample +@group +$ niutil -create . /services/kerberos +$ niutil -createprop . /services/kerberos name kerberos kdc +$ niutil -createprop . /services/kerberos port 750 +$ niutil -createprop . /services/kerberos protocol tcp udp +$ niutil -create . /services/krbupdate +$ niutil -createprop . /services/krbupdate name krbupdate kreg +$ niutil -createprop . /services/krbupdate port 760 +$ niutil -createprop . /services/krbupdate protocol tcp +$ niutil -create . /services/kpasswd +$ niutil -createprop . /services/kpasswd name kpasswd kpwd +$ niutil -createprop . /services/kpasswd port 761 +$ niutil -createprop . /services/kpasswd protocol tcp +$ niutil -create . /services/klogin +$ niutil -createprop . /services/klogin port 543 +$ niutil -createprop . /services/klogin protocol tcp +$ niutil -create . /services/eklogin +$ niutil -createprop . /services/eklogin port 2105 +$ niutil -createprop . /services/eklogin protocol tcp +$ niutil -create . /services/kshell +$ niutil -createprop . /services/kshell name kshell krcmd +$ niutil -createprop . /services/kshell port 544 +$ niutil -createprop . /services/kshell protocol tcp +@end group +@end smallexample + +In addition to adding services to NetInfo, you must also modify the +resolver configuration in NetInfo so that the machine resolves its own +hostname as a FQDN (fully qualified domain name). By default, Mac OS X +and Mac OS X Server machines query NetInfo to resolve hostnames before +falling back to DNS. Because NetInfo has an unqualified name for all +the machines in the NetInfo database, the machine's own hostname will +resolve to an unqualified name. Kerberos needs a FQDN to look up keys +in the machine's keytab file. + +Fortunately, you can change the @code{lookupd} caching order to query +DNS first. Run the following NetInfo commands and reboot the machine: + +@smallexample +@group +$ niutil -create . /locations/lookupd/hosts +$ niutil -createprop . /locations/lookupd/hosts LookupOrder CacheAgent DNSAgent + NIAgent NILAgent +@end group +@end smallexample + +Once you have rebooted, you can verify that the resolver now behaves +correctly. Compile the Kerberos 5 distribution and run: + +@smallexample +@group +$ cd .../src/tests/resolve +$ ./resolve +@end group +@end smallexample + +This will tell you whether or not your machine returns FQDNs on name +lookups. If the test still fails, you can also try turning off DNS +caching. Run the following commands and reboot: + +@smallexample +@group +$ niutil -create . /locations/lookupd/hosts +$ niutil -createprop . /locations/lookupd/hosts LookupOrder DNSAgent + CacheAgent NIAgent NILAgent +@end group +@end smallexample + +The remainder of the setup of a Mac OS X client machine or application +server should be the same as for other UNIX-based systems. + @node UNIX Application Servers, , Installing and Configuring UNIX Client Machines, Installing Kerberos V5 @section UNIX Application Servers @@ -1186,15 +1274,15 @@ telnet stream tcp nowait root @value{ROOTDIR}/sbin/telnetd @subsection The Keytab File All Kerberos server machines need a @dfn{keytab} file, called -@code{/etc/krb5.keytab} (@xref{Upgrading the application servers}), to -authenticate to the KDC. The keytab file is an encrypted, local, -on-disk copy of the host's key. The keytab file, like the stash file -(@ref{Create the Database}) is a potential point-of-entry for a -break-in, and if compromised, would allow unrestricted access to its -host. The keytab file should be readable only by root, and should exist -only on the machine's local disk. The file should not be part of any -backup of the machine, unless access to the backup data is secured as -tightly as access to the machine's root password itself. +@code{/etc/krb5.keytab}, to authenticate to the KDC. The keytab file is +an encrypted, local, on-disk copy of the host's key. The keytab file, +like the stash file (@ref{Create the Database}) is a potential +point-of-entry for a break-in, and if compromised, would allow +unrestricted access to its host. The keytab file should be readable +only by root, and should exist only on the machine's local disk. The +file should not be part of any backup of the machine, unless access to +the backup data is secured as tightly as access to the machine's root +password itself. In order to generate a keytab for a host, the host must have a principal in the Kerberos database. The procedure for adding hosts to the @@ -1267,22 +1355,11 @@ should be readable only by root. @node Upgrading Existing Kerberos V5 Installations, Bug Reports for Kerberos V5, Installing Kerberos V5, Top @chapter Upgrading Existing @value{PRODUCT} Installations -@menu -* Upgrading existing Master and Slave KDCs to the current release:: -* Upgrading the application servers:: -@end menu - -@node Upgrading existing Master and Slave KDCs to the current release, Upgrading the application servers, Upgrading Existing Kerberos V5 Installations, Upgrading Existing Kerberos V5 Installations -@section Upgrading existing Master and Slave KDCs to the current release - If you already have an existing Kerberos database that you created with a prior release of Kerberos 5, you can upgrade it to work with the -current release with the @code{kdb5_util} command. As of Kerberos 5 -version 1.0, this upgrade process is only necessary if you are using a -Kerberos database created with Kerberos 5 beta 6 or earlier; newer -installations can continue to be used without modification. The process -for upgrading a Master KDC involves the following steps (the lines -beginning with => indicate a continuation of the previous line): +current release with the @code{kdb5_util} command. The process for +upgrading a Master KDC involves the following steps (the lines beginning +with => indicate a continuation of the previous line): @enumerate @@ -1290,28 +1367,16 @@ beginning with => indicate a continuation of the previous line): server processes, if any. @item Dumping your existing Kerberos database to an ASCII file with -@code{kdb5_edit}'s ``dump'' command: +@code{kdb5_util}'s ``dump'' command: @smallexample @group -@b{shell%} kdb5_edit -r @value{PRIMARYREALM} -R 'dump_db' > +@b{shell%} kdb5_util -r @value{PRIMARYREALM} dump @result{} @value{ROOTDIR}/var/krb5kdc/old-kdb-dump @b{shell%} @end group @end smallexample -@item If you were using OpenV*Secure or AXXiON*Authenticate, dumping your -policy database to an ASCII file with the @code{ovsec_adm_export} -command: - -@smallexample -@group -@b{shell%} ovsec_adm_export -r @value{PRIMARYREALM} > -@result{} @value{ROOTDIR}/var/krb5kdc/old-adb-dump -@b{shell%} -@end group -@end smallexample - @item Creating a new Master KDC installation (@xref{Install the Master KDC}). If you have a stash file for your current database, choose any new master password but then copy your existing stash file to the @@ -1328,50 +1393,11 @@ your current database, you must choose the same master password. @end group @end smallexample -@item If you were using OpenV*Secure or AXXiON*Authenticate, merging -your policy database with @code{kdb5_util}'s ``load'' command with the -``-update'' option: - -@smallexample -@group -@b{shell%} kdb5_util load -update @value{ROOTDIR}/var/krb5kdc/old-adb-dump -@b{shell%} -@end group -@end smallexample - @end enumerate -The process for upgrading a Slave KDC is simpler. All you have to do is -make sure that the stash file on the Slave KDC is correct, stop the old -server processes on the Slave KDC, install the new server binaries, and -re-start the server processes. The Slave KDC database will be upgraded -automatically when the next propagation is run. Note that if you -changed your master key when creating your new Master KDC database, you -will have to run a Slave KDC propagation before you can restart the -server processes on the Slave KDC itself; otherwise, the new stash file -that you create on the slave will not match the old database that exists -until the propagation occurs, and the server processes will not start. - -@node Upgrading the application servers, , Upgrading existing Master and Slave KDCs to the current release, Upgrading Existing Kerberos V5 Installations -@section Upgrading the application servers - -The default keytab name has changed from @code{/etc/v5srvtab} to -@code{/etc/krb5.keytab}. You should rename the old keytab files on all -of your application servers when you update their server binaries. -Alternatively, you may add a relation to the library configuration file -to override the new name, for example: - -@smallexample -@group -[libdefaults] - default_keytab_name = /etc/v5srvtab -@end group -@end smallexample - -The keytab name defaulted to /etc/v5srvtab in prior releases of Kerberos -V5. It was called a @dfn{srvtab} in Kerberos V4. The @code{v5srvtab} -file has been renamed to @code{krb5.keytab} to reflect the change in -terminology. +To update a Slave KDC, you must stop the old server processes on the +Slave KDC, install the new server binaries, reload the most recent slave +dump file, and re-start the server processes. @node Bug Reports for Kerberos V5, Files, Upgrading Existing Kerberos V5 Installations, Top @chapter Bug Reports for @value{PRODUCT} @@ -1471,10 +1497,12 @@ To add Kerberos V4 support, change the @code{supported_enctypes} line to: @node Encryption Types and Salt Types, , kdc.conf, kdc.conf @appendixsubsec Encryption Types and Salt Types -Currently, @value{PRODUCT} supports only DES encryption. The encoding -type is @code{des-cbc-crc}. The @dfn{salt} is additional information -encoded within the key that tells what kind of key it is. The only -salts that you will be likely to encounter are: +Currently, @value{PRODUCT} supports only DES and triple-DES encryption; +however, triple-DES is currently supported only for service keys, not +for user keys or session keys. The encoding types include +@code{des-cbc-crc} and @code{des3-cbc-sha1}. The @dfn{salt} is +additional information encoded within the key that tells what kind of +key it is. The only salts that you will be likely to encounter are: @itemize @bullet @item @dfn{normal}, which @value{COMPANY} recommends using for all of diff --git a/src/ChangeLog b/src/ChangeLog index 2eab397b1..f61adeb84 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,38 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-16 Ken Raeburn + + * aclocal.m4 (KRB5_LIB_PARAMS): For Rhapsody, add "-undefined + warning" when building shared libs, and remove "-static" from + CC_LINK_STATIC. + +1999-09-14 Ken Raeburn + + * aclocal.m4 (KRB5_LIB_PARAMS): Treat Rhapsody like Mac OS 10. + +1999-09-08 Danilo Almeida + + * Makefile.in: Add install target for windows. Remove references + to unused mit directory. + +1999-08-27 Danilo Almeida + + * Makefile.in: Add some missing dirs needed for generating a proper + kerbsrc.zip. Make krbsrc83.zip obsolete. + +1999-08-13 Brad Thompson + + * aclocal.m4: Added MacOS X shared library support. + +1999-08-09 Danilo Almeida + + * Makefile.in: Build kpasswd under windows. + 1999-07-22 Tom Yu * Makefile.in (install-mkdirs): Use mkinstalldirs rather than diff --git a/src/Makefile.in b/src/Makefile.in index d4aba1439..2b40a3155 100644 --- a/src/Makefile.in +++ b/src/Makefile.in @@ -4,7 +4,7 @@ mydir=. MY_SUBDIRS=util include lib @krb524@ kdc kadmin slave clients appl tests \ config-files gen-manpages BUILDTOP=$(REL)$(C) -CFLAGS = $(CCOPTS) $(DEFS) +LOCALINCLUDES = -I$(srcdir) ##DOS##BUILDTOP = . @@ -56,9 +56,6 @@ install-mkdirs: # install:: # $(MAKE) $(MFLAGS) install.man -.c.o: - $(CC) -c $(CPPFLAGS) $(DEFS) -I$(srcdir) $(CFLAGS) $< - TAGS: $(SRCS) etags $(SRCS) @@ -131,6 +128,7 @@ config-windows:: Makefile-windows WINMAKEFILES=Makefile \ clients\Makefile clients\kdestroy\Makefile \ clients\kinit\Makefile clients\klist\Makefile \ + clients\kpasswd\Makefile \ include\Makefile include\krb5\Makefile \ lib\Makefile lib\crypto\Makefile \ lib\crypto\crc32\Makefile lib\crypto\des\Makefile \ @@ -175,6 +173,8 @@ WINMAKEFILES=Makefile \ ##DOS## $(WCONFIG) config < $@.in > $@ ##DOS##clients\klist\Makefile: clients\klist\Makefile.in $(MKFDEP) ##DOS## $(WCONFIG) config < $@.in > $@ +##DOS##clients\kpasswd\Makefile: clients\kpasswd\Makefile.in $(MKFDEP) +##DOS## $(WCONFIG) config < $@.in > $@ ##DOS##include\Makefile: include\Makefile.in $(MKFDEP) ##DOS## $(WCONFIG) config < $@.in > $@ ##DOS##include\krb5\Makefile: include\krb5\Makefile.in $(MKFDEP) @@ -300,6 +300,7 @@ ren2long: ZIP=zip FILES= ./* \ clients/* clients/kdestroy/* clients/kinit/* clients/klist/* \ + clients/kpasswd/* \ config/* include/* include/kerberosIV/* \ include/krb5/* include/krb5/stock/* include/sys/* lib/* \ lib/crypto/* lib/crypto/crc32/* lib/crypto/des/* lib/crypto/dk/* \ @@ -312,9 +313,9 @@ FILES= ./* \ lib/krb5/ccache/* lib/krb5/ccache/file/* lib/krb5/ccache/memory/* \ lib/krb5/ccache/stdio/* lib/krb5/ccache/ccapi/* \ lib/krb5/error_tables/* \ - lib/krb5/keytab/* lib/krb5/keytab/file/* \ + lib/krb5/keytab/* lib/krb5/keytab/file/* lib/krb5/keytab/srvtab/* \ lib/krb5/os/* lib/krb5/posix/* lib/krb5/rcache/* \ - util/et/* util/profile/* + util/* util/et/* util/profile/* WINFILES= util/windows/* windows/* windows/lib/* windows/cns/* \ windows/wintel/* windows/gss/* windows/gina/* @@ -323,9 +324,6 @@ MACFILES= mac/* mac/libraries/* config/* include/* \ include/krb5/* include/krb5/stock/* include/sys/* \ ./patchlevel.h -MITWINFILES= mit/windows/include/* -MITWINBINARYFILES= mit/windows/lib/* - WINBINARYFILES= windows/*/*.ico windows/*/*.doc windows/*/*.hlp \ windows/*/*.hpj windows/lib/*.lib @@ -364,10 +362,6 @@ kerbsrc.win: kerbsrc.zip winfile.list: echo $(FILES) $(WINFILES) | tr ' ' \\012 | \ sed -f config/winexclude.sed > winfile.list - if test -d mit ; then \ - echo $(MITWINFILES) | tr ' ' \\012 | \ - sed -f config/winexclude.sed >> winfile.list ; \ - fi MAC_SUBDIRS = lib util macfile.list: @@ -381,29 +375,25 @@ dos-Makefile: prep-windows: dos-Makefile awk-windows-mac -# Not supported.... -krbsrc83.zip: dos-Makefile awk-windows-mac winfile.list - rm -f krbsrc83.zip - $(ZIP) -@Dlk krbsrc83.zip < winfile.list - $(ZIP) -Dk krbsrc83.zip $(WINBINARYFILES) - if test -d mit ; then \ - $(ZIP) -rDk krbsrc83.zip $(MITWINBINARYFILES) ; \ - fi - rm -f $(CLEANUP) +krbsrc83.zip: krbsrc83-is-obsolete + +krbsrc83-is-obsolete: + @echo "Win16 and krbsrc83.zip are no longer supported." + @echo "We don't support building under 8.3 restricted filesystems" + @echo "anymore. You can still build for Win32 on filesystems" + @echo "without 8.3 restrictions using kerbsrc.zip" + @echo " " kerbsrc.zip: dos-Makefile awk-windows-mac winfile.list rm -f kerbsrc.zip $(ZIP) -@Dl kerbsrc.zip < winfile.list $(ZIP) -D kerbsrc.zip $(WINBINARYFILES) - if test -d mit ; then \ - $(ZIP) -rD kerbsrc.zip $(MITWINBINARYFILES) ; \ - fi rm -f $(CLEANUP) kerbsrc-nt.zip: kerbsrc-nt-is-obsolete kerbsrc-nt-is-obsolete: - @echo "Kerbsrc-nt.zip is now obsolete. Just use and build kerbsrc.zip" + @echo "kerbsrc-nt.zip is now obsolete. Just use and build kerbsrc.zip" @echo "We don't support building under 8.3 restricted filesystems" @echo "anymore, so what was kerbsrc-nt.zip is now kerbsrc.zip." @echo " " @@ -503,20 +493,35 @@ awk-windows-mac: $(ETOUT) $(HOUT) clean-windows-mac: rm -f $(CLEANUP) -KBINDIR=kbin - distclean-windows: config\rm.bat $(CLEANUP:^/=^\) config\rm.bat $(WINMAKEFILES) config\rm.bat $(KBINDIR)\*.dll $(KBINDIR)\*.exe @if exist $(KBINDIR)\nul rmdir $(KBINDIR) -mkbin: - @if not exist $(KBINDIR)\nul mkdir $(KBINDIR) - $(CP) lib\$(OUTPRE)*.dll $(KBINDIR)\. - $(CP) windows\cns\$(OUTPRE)krb5.exe $(KBINDIR)\. - $(CP) windows\wintel\$(OUTPRE)telnet.exe $(KBINDIR)\. - $(CP) windows\gss\$(OUTPRE)gss.exe $(KBINDIR)\. - $(CP) clients\klist\$(OUTPRE)klist.exe $(KBINDIR)\. - $(CP) clients\kinit\$(OUTPRE)kinit.exe $(KBINDIR)\. - $(CP) clients\kdestroy\$(OUTPRE)kdestroy.exe $(KBINDIR)\. +install-windows:: + @if "$(KRB_INSTALL_DIR)"=="" @echo KRB_INSTALL_DIR is not defined! Please define it. + @if "$(KRB_INSTALL_DIR)"=="" @dir /b \nul\nul + @if not exist "$(KRB_INSTALL_DIR)\$(NULL)" @echo The directory $(KRB_INSTALL_DIR) does not exist. Please create it. + @if not exist "$(KRB_INSTALL_DIR)\$(NULL)" @dir /b $(KRB_INSTALL_DIR)\nul + @if not exist "$(KRB_INSTALL_DIR)\include\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\include" + @if not exist "$(KRB_INSTALL_DIR)\include\gssapi\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\include\gssapi" + @if not exist "$(KRB_INSTALL_DIR)\lib\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\lib" + @if not exist "$(KRB_INSTALL_DIR)\bin\$(NULL)" @mkdir "$(KRB_INSTALL_DIR)\bin" + $(CP) include\krb5.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\win-mac.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\profile.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\com_err.h "$(KRB_INSTALL_DIR)\include\." + $(CP) include\gssapi\gssapi.h "$(KRB_INSTALL_DIR)\include\gssapi\." + $(CP) include\gssapi\gssapi_krb5.h "$(KRB_INSTALL_DIR)\include\gssapi\." + $(CP) lib\$(OUTPRE)*.lib "$(KRB_INSTALL_DIR)\lib\." + $(CP) lib\$(OUTPRE)*.dll "$(KRB_INSTALL_DIR)\bin\." + $(CP) windows\cns\$(OUTPRE)krb5.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) windows\wintel\$(OUTPRE)telnet.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) windows\gss\$(OUTPRE)gss.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\klist\$(OUTPRE)klist.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\kinit\$(OUTPRE)kinit.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\kdestroy\$(OUTPRE)kdestroy.exe "$(KRB_INSTALL_DIR)\bin\." + $(CP) clients\kpasswd\$(OUTPRE)kpasswd.exe "$(KRB_INSTALL_DIR)\bin\." + @if exist "$(KRB_INSTALL_DIR)\bin\krb4_32.dll" del "$(KRB_INSTALL_DIR)\bin\krb4_32.dll" + @if exist "$(KRB_INSTALL_DIR)\lib\krb4_32.lib" del "$(KRB_INSTALL_DIR)\lib\krb4_32.lib" diff --git a/src/aclocal.m4 b/src/aclocal.m4 index aca3d0bc7..4544e45f1 100644 --- a/src/aclocal.m4 +++ b/src/aclocal.m4 @@ -1093,6 +1093,19 @@ mips-*-netbsd*) PROFFLAGS=-pg ;; +*-*-macos10* | *-*-rhapsody*) + PICFLAGS=-fno-common + SHLIBVEXT='.$(LIBMAJOR).$(LIBMINOR).dylib' + SHLIBSEXT='.$(LIBMAJOR).dylib' + SHLIB_EXPFLAGS='$(SHLIB_DIRS) $(SHLIB_EXPLIBS)' + SHLIBEXT=.dylib + SHOBJEXT=.so + LDCOMBINE='cc -undefined warning -dynamiclib -dylib_compatibility_version=$(LIBMAJOR).$(LIBMINOR) -dylib_current_version=$(LIBMAJOR).$(LIBMINOR)' + CC_LINK_SHARED='$(CC) $(PROG_LIBPATH) -dynamic' + CC_LINK_STATIC='$(CC) $(PROG_LIBPATH)' + RUN_ENV='DYLD_LIBRARY_PATH=`echo $(PROG_LIBPATH) | sed -e "s/-L//g" -e "s/ /:/g"`; export DYLD_LIBRARY_PATH;' + ;; + *-*-solaris*) if test "$krb5_cv_prog_gcc" = yes; then PICFLAGS=-fpic diff --git a/src/appl/ChangeLog b/src/appl/ChangeLog index 2e848a3b0..fee016989 100644 --- a/src/appl/ChangeLog +++ b/src/appl/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/appl/Makefile.in b/src/appl/Makefile.in index d29642a6e..217aee5b3 100644 --- a/src/appl/Makefile.in +++ b/src/appl/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=appl mydir=. BUILDTOP=$(REL)$(U) -CFLAGS = $(CCOPTS) MY_SUBDIRS= sample simple user_user bsd gss-sample gssftp telnet diff --git a/src/appl/bsd/ChangeLog b/src/appl/bsd/ChangeLog index 1a941cd53..e28a07337 100644 --- a/src/appl/bsd/ChangeLog +++ b/src/appl/bsd/ChangeLog @@ -1,3 +1,50 @@ +2000-04-27 Nalin Dahyabhai + + * krshd.c (doit): Don't overflow buffer "cmdbuf". + +2000-02-04 Tom Yu + + * login.c (main): Reorder some control flow to avoid security hole + if KRB4_GET_TICKETS is not defined. + +1999-12-02 Ken Raeburn + + * login.c (main, k_init): Call krb5_cc_set_default_name when + setting ccname env var. Thanks to Donn Cave and Leonard Peirce. + +1999-11-23 Ken Raeburn + + * login.c (k_init): Call krb5_init_secure_context instead of + krb5_init_context and krb5_secure_config_files. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-24 Tom Yu + + * Makefile.in (kshd): Remove $(LOGINLIBS) from kshd dependencies. + +1999-08-23 Ken Raeburn + + * krlogin.c (main): Error out if -D isn't followed by another + argument. Based on patch from Brad Thompson. + + * krshd.c (v4_kdata, v4_ticket): Don't define if KRB5_KRB4_COMPAT + is not defined. Patch from Brad Thompson. + + * kcmd.c (kcmd): If krb5_get_credentials returns a nonzero error + code, print an error message before returning. + +1999-08-17 Ken Raeburn + + * krlogin.c (main): If ospeed is outside of compiled-in table + index range but not high enough to be a baud rate, use the highest + rate in the table. + 1999-08-02 Ken Raeburn and Brad Thompson diff --git a/src/appl/bsd/Makefile.in b/src/appl/bsd/Makefile.in index 3eb020fb9..eee13ca90 100644 --- a/src/appl/bsd/Makefile.in +++ b/src/appl/bsd/Makefile.in @@ -2,8 +2,7 @@ thisconfigdir=. myfulldir=appl/bsd mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) $(DEFINES) -LOCALINCLUDE=@KRB4_INCLUDES@ +LOCALINCLUDES=@KRB4_INCLUDES@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -28,7 +27,7 @@ RSH= -DKRB5_PATH_RLOGIN=\"$(CLIENT_BINDIR)/rlogin\" BSD= -DUCB_RLOGIN=\"$(UCB_RLOGIN)\" \ -DUCB_RSH=\"$(UCB_RSH)\" -DUCB_RCP=\"$(UCB_RCP)\" -DEFINES= $(RSH) $(BSD) $(RPROGS) \ +DEFINES = $(RSH) $(BSD) $(RPROGS) \ -DLOGIN_PROGRAM=\"$(SERVER_BINDIR)/login.krb5\" -DKPROGDIR=\"$(CLIENT_BINDIR)\" all:: rsh rcp rlogin kshd klogind login.krb5 $(V4RCP) @@ -63,7 +62,7 @@ install:: ${DESTDIR}$(CLIENT_MANDIR)/`echo $$f|sed '$(transform)'`.1; \ fi -kshd: krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(LOGINLIBS) $(PTY_DEPLIB) $(UTIL_DEPLIB) $(KRB4COMPAT_DEPLIBS) +kshd: krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(UTIL_DEPLIB) $(KRB4COMPAT_DEPLIBS) $(CC_LINK) -o kshd krshd.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(LOGINLIBS) $(PTY_LIB) $(UTIL_LIB) $(KRB4COMPAT_LIBS) klogind: krlogind.o kcmd.o forward.o $(SETENVOBJ) $(LIBOBJS) $(PTY_DEPLIB) $(UTIL_DEPLIB) $(KRB4COMPAT_DEPLIBS) diff --git a/src/appl/bsd/fieldbits.h b/src/appl/bsd/fieldbits.h index 0c587abe6..a9d1f9c55 100644 --- a/src/appl/bsd/fieldbits.h +++ b/src/appl/bsd/fieldbits.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/bsd/kcmd.c b/src/appl/bsd/kcmd.c index 6b0eafcde..0e68f88e7 100644 --- a/src/appl/bsd/kcmd.c +++ b/src/appl/bsd/kcmd.c @@ -339,7 +339,11 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm, status = krb5_get_credentials(bsd_context, 0, cc, get_cred, &ret_cred); krb5_free_creds(bsd_context, get_cred); (void) krb5_cc_close(bsd_context, cc); - if (status) goto bad2; + if (status) { + fprintf (stderr, "error getting credentials: %s\n", + error_message (status)); + goto bad2; + } /* Reset internal flags; these should not be sent. */ authopts &= (~OPTS_FORWARD_CREDS); diff --git a/src/appl/bsd/krlogin.c b/src/appl/bsd/krlogin.c index 0bfb3ef57..0a8e7902e 100644 --- a/src/appl/bsd/krlogin.c +++ b/src/appl/bsd/krlogin.c @@ -383,6 +383,11 @@ main(argc, argv) if (argc > 0 && !strcmp(*argv, "-D")) { argv++; argc--; + if (*argv == NULL) { + fprintf (stderr, + "rlogin: -D flag must be followed by the debug port.\n"); + exit (1); + } debug_port = htons(atoi(*argv)); argv++; argc--; goto another; @@ -545,6 +550,10 @@ main(argc, argv) /* On some systems, ospeed is the baud rate itself, not a table index. */ sprintf (term + strlen (term), "%d", ospeed); + else if (ospeed >= sizeof(speeds)/sizeof(char*)) + /* Past end of table, but not high enough to + look like a real speed. */ + (void) strcat (term, speeds[sizeof(speeds)/sizeof(char*) - 1]); else { (void) strcat(term, speeds[ospeed]); } diff --git a/src/appl/bsd/krshd.c b/src/appl/bsd/krshd.c index 2a1391704..a9208d85c 100644 --- a/src/appl/bsd/krshd.c +++ b/src/appl/bsd/krshd.c @@ -529,8 +529,10 @@ char *kremuser; krb5_principal client; krb5_authenticator *kdata; +#ifdef KRB5_KRB4_COMPAT AUTH_DAT *v4_kdata; KTEXT v4_ticket; +#endif int auth_sys = 0; /* Which version of Kerberos used to authenticate */ @@ -1466,15 +1468,16 @@ if(port) strcpy((char *) cmdbuf + offst, kprogdir); cp = copy + 3 + offst; + cmdbuf[sizeof(cmdbuf) - 1] = '\0'; if (auth_sys == KRB5_RECVAUTH_V4) { - strcat(cmdbuf, "/v4rcp"); + strncat(cmdbuf, "/v4rcp", sizeof(cmdbuf) - 1 - strlen(cmdbuf)); } else { - strcat(cmdbuf, "/rcp"); + strncat(cmdbuf, "/rcp", sizeof(cmdbuf) - 1 - strlen(cmdbuf)); } if (stat((char *)cmdbuf + offst, &s) >= 0) - strcat(cmdbuf, cp); + strncat(cmdbuf, cp, sizeof(cmdbuf) - 1 - strlen(cmdbuf)); else - strcpy(cmdbuf, copy); + strncpy(cmdbuf, copy, sizeof(cmdbuf) - 1 - strlen(cmdbuf)); free(copy); } #endif diff --git a/src/appl/bsd/login.c b/src/appl/bsd/login.c index 2eaf822dc..20ace5769 100644 --- a/src/appl/bsd/login.c +++ b/src/appl/bsd/login.c @@ -505,19 +505,19 @@ void k_init (ttyn) #ifdef KRB5_GET_TICKETS krb5_error_code retval; - retval = krb5_init_context(&kcontext); + retval = krb5_init_secure_context(&kcontext); if (retval) { com_err("login", retval, "while initializing krb5"); exit(1); } - krb5_secure_config_files (kcontext); login_get_kconf(kcontext); /* Set up the credential cache environment variable */ if (!getenv(KRB5_ENV_CCNAME)) { sprintf(ccfile, "FILE:/tmp/krb5cc_p%d", getpid()); setenv(KRB5_ENV_CCNAME, ccfile, 1); + krb5_cc_set_default_name(kcontext, ccfile); unlink(ccfile+strlen("FILE:")); } else { /* note it correctly */ @@ -1456,11 +1456,10 @@ int main(argc, argv) #ifdef KRB5_GET_TICKETS if (login_krb5_get_tickets) dofork(); - else #endif #ifdef KRB4_GET_TICKETS - if (login_krb4_get_tickets) - dofork(); + else if (login_krb4_get_tickets) + dofork(); #endif /* If the user's shell does not do job control we should put it in a @@ -1588,11 +1587,10 @@ int main(argc, argv) #ifdef KRB5_GET_TICKETS if (forwarded_v5_tickets) destroy_tickets(); - else #endif #ifdef KRB4_GET_TICKETS - if (got_v4_tickets) - destroy_tickets(); + else if (got_v4_tickets) + destroy_tickets(); #endif #ifdef OQUOTA @@ -1748,8 +1746,10 @@ int main(argc, argv) #ifdef KRB5_GET_TICKETS /* ccfile[0] is only set if we got tickets above */ - if (login_krb5_get_tickets && ccfile[0]) + if (login_krb5_get_tickets && ccfile[0]) { (void) setenv(KRB5_ENV_CCNAME, ccfile, 1); + krb5_cc_set_default_name(kcontext, ccfile); + } #endif /* KRB5_GET_TICKETS */ if (tty[sizeof("tty")-1] == 'd') diff --git a/src/appl/gss-sample/ChangeLog b/src/appl/gss-sample/ChangeLog index d2e9cde14..eccd50be6 100644 --- a/src/appl/gss-sample/ChangeLog +++ b/src/appl/gss-sample/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon Dec 21 22:04:02 1998 Theodore Y. Ts'o * gss-server.c (test_import_export_context): Fix memory leak. diff --git a/src/appl/gss-sample/Makefile.in b/src/appl/gss-sample/Makefile.in index cb0139615..d564f7ed8 100644 --- a/src/appl/gss-sample/Makefile.in +++ b/src/appl/gss-sample/Makefile.in @@ -3,7 +3,7 @@ myfulldir=appl/gss-sample mydir=gss-sample MY_SUBDIRS=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) -DUSE_AUTOCONF_H -DGSSAPI_V2 +DEFINES = -DUSE_AUTOCONF_H -DGSSAPI_V2 PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/appl/gssftp/ChangeLog b/src/appl/gssftp/ChangeLog index 28394424f..691a2e9cf 100644 --- a/src/appl/gssftp/ChangeLog +++ b/src/appl/gssftp/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-04-13 * configure.in: Check to see if we need to pull in the util diff --git a/src/appl/gssftp/Makefile.in b/src/appl/gssftp/Makefile.in index e1f1ef915..b498b13d7 100644 --- a/src/appl/gssftp/Makefile.in +++ b/src/appl/gssftp/Makefile.in @@ -3,5 +3,4 @@ myfulldir=appl/gssftp mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) LOCAL_SUBDIRS=ftp ftpd -CFLAGS = $(CCOPTS) LDFLAGS = -g diff --git a/src/appl/gssftp/ftp/ChangeLog b/src/appl/gssftp/ftp/ChangeLog index 4c287d294..91a5e1512 100644 --- a/src/appl/gssftp/ftp/ChangeLog +++ b/src/appl/gssftp/ftp/ChangeLog @@ -1,3 +1,19 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-21 Ken Raeburn + + * ftp.c (getreply): Don't declare strpbrk or strstr functions if + they're defined as macros. + +1999-08-27 Tom Yu + + * ftp.c: Diable krb5-mech2 for now. + Tue May 11 11:58:00 1999 Ezra Peisach * ftp.c: Inclusion of gssapi_krb5.h requires gssapi_generic.h. diff --git a/src/appl/gssftp/ftp/Makefile.in b/src/appl/gssftp/ftp/Makefile.in index 73f7b3baa..d9d981863 100644 --- a/src/appl/gssftp/ftp/Makefile.in +++ b/src/appl/gssftp/ftp/Makefile.in @@ -5,7 +5,7 @@ BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) # # appl/gssftp/ftp/Makefile.in # -CFLAGS = -DGSSAPI -DFTP_BUFSIZ=10240 $(CCOPTS) $(DEFS) $(LOCALINCLUDE) +DEFINES = -DGSSAPI -DFTP_BUFSIZ=10240 PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -18,8 +18,7 @@ SRCS = $(srcdir)/cmds.c $(srcdir)/cmdtab.c $(srcdir)/domacro.c \ OBJS = cmds.o cmdtab.o domacro.o ftp.o getpass.o glob.o main.o pclose.o \ radix.o ruserpass.o secure.o -LOCALINCLUDE = -I$(srcdir)/.. -I$(srcdir) @KRB4_INCLUDES@ -DEFINES = -DGSSAPI -DNOCONFIDENTIAL +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir) @KRB4_INCLUDES@ all:: ftp diff --git a/src/appl/gssftp/ftp/ftp.c b/src/appl/gssftp/ftp/ftp.c index c6e47bdec..24049eabe 100644 --- a/src/appl/gssftp/ftp/ftp.c +++ b/src/appl/gssftp/ftp/ftp.c @@ -541,7 +541,12 @@ getreply(expecteof) sigtype cmdabort(); char ibuf[FTP_BUFSIZ], obuf[FTP_BUFSIZ]; int safe = 0; - extern char *strpbrk(), *strstr(); +#ifndef strpbrk + extern char *strpbrk(); +#endif +#ifndef strstr + extern char *strstr(); +#endif ibuf[0] = '\0'; if (reply_parse) reply_ptr = reply_buf; @@ -1877,9 +1882,7 @@ struct { const gss_OID_desc * const * mech_type; char *service_name; } gss_trials[] = { - { &gss_mech_krb5_v2, "ftp" }, { &gss_mech_krb5, "ftp" }, - { &gss_mech_krb5_v2, "host" }, { &gss_mech_krb5, "host" }, }; int n_gss_trials = sizeof(gss_trials)/sizeof(gss_trials[0]); diff --git a/src/appl/gssftp/ftpd/ChangeLog b/src/appl/gssftp/ftpd/ChangeLog index c84e77028..583e47723 100644 --- a/src/appl/gssftp/ftpd/ChangeLog +++ b/src/appl/gssftp/ftpd/ChangeLog @@ -1,3 +1,21 @@ +2000-06-14 Tom Yu + + * ftpcmd.y (nonguest): Return $1, not 1, if (!guest). + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-21 Ken Raeburn + + * ftpd.c (checkuser): Only call fclose on file handle if it's not + NULL. + (send_file_list): Don't declare strpbrk function if it's defined + as a macro. + Thu Mar 25 23:13:56 1999 Tom Yu * ftpd.c (login): Check that the luid is not the uid we want to diff --git a/src/appl/gssftp/ftpd/Makefile.in b/src/appl/gssftp/ftpd/Makefile.in index 98d11ec96..eb66bbb6c 100644 --- a/src/appl/gssftp/ftpd/Makefile.in +++ b/src/appl/gssftp/ftpd/Makefile.in @@ -5,7 +5,7 @@ BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) # # appl/gssftp/ftpd/Makefile.in # -CFLAGS = -DGSSAPI -DFTP_BUFSIZ=10240 $(CCOPTS) $(DEFS) $(LOCALINCLUDE) +DEFINES = -DGSSAPI -DFTP_BUFSIZ=10240 #-DNOCONFIDENTIAL PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -25,8 +25,7 @@ SRCS = $(srcdir)/ftpd.c ftpcmd.c $(srcdir)/popen.c \ OBJS = ftpd.o ftpcmd.o glob.o popen.o vers.o radix.o \ secure.o $(LIBOBJS) $(SETENVOBJ) -LOCALINCLUDE = -I$(srcdir)/.. -I$(srcdir) @KRB4_INCLUDES@ -DEFINES = -DGSSAPI -DNOCONFIDENTIAL +LOCALINCLUDES = -I$(srcdir)/.. -I$(srcdir) @KRB4_INCLUDES@ all:: ftpd @@ -53,17 +52,17 @@ ftpcmd.c: $(srcdir)/ftpcmd.y $(MV) y.tab.c ftpcmd.c glob.o: $(srcdir)/../ftp/glob.c - $(CC) -c $(CFLAGS) $(srcdir)/../ftp/glob.c + $(CC) -c $(ALL_CFLAGS) $(srcdir)/../ftp/glob.c radix.o: $(srcdir)/../ftp/radix.c - $(CC) -c $(CFLAGS) $(srcdir)/../ftp/radix.c + $(CC) -c $(ALL_CFLAGS) $(srcdir)/../ftp/radix.c secure.o: $(srcdir)/../ftp/secure.c - $(CC) -c $(CFLAGS) $(srcdir)/../ftp/secure.c + $(CC) -c $(ALL_CFLAGS) $(srcdir)/../ftp/secure.c getdtablesize.o: $(srcdir)/../../bsd/getdtablesize.c - $(CC) -c $(CFLAGS) $(srcdir)/../../bsd/getdtablesize.c + $(CC) -c $(ALL_CFLAGS) $(srcdir)/../../bsd/getdtablesize.c setenv.o: $(srcdir)/../../bsd/setenv.c - $(CC) -c $(CFLAGS) $(srcdir)/../../bsd/setenv.c + $(CC) -c $(ALL_CFLAGS) $(srcdir)/../../bsd/setenv.c ftpd.o: $(srcdir)/pathnames.h diff --git a/src/appl/gssftp/ftpd/ftpcmd.y b/src/appl/gssftp/ftpd/ftpcmd.y index acd187112..bc252190e 100644 --- a/src/appl/gssftp/ftpd/ftpcmd.y +++ b/src/appl/gssftp/ftpd/ftpcmd.y @@ -865,7 +865,7 @@ nonguest: check_login $$ = 0; } else - $$ = 1; + $$ = $1; } ; %% diff --git a/src/appl/gssftp/ftpd/ftpd.c b/src/appl/gssftp/ftpd/ftpd.c index d4987affc..52be05fb6 100644 --- a/src/appl/gssftp/ftpd/ftpd.c +++ b/src/appl/gssftp/ftpd/ftpd.c @@ -840,8 +840,8 @@ checkuser(name) } } } + (void) fclose(fd); } - (void) fclose(fd); return (0); } @@ -2018,7 +2018,9 @@ void myoob() { char *cp, *cs; +#ifndef strpbrk extern char *strpbrk(); +#endif /* only process if transfer occurring */ if (!transflag) @@ -2486,7 +2488,9 @@ send_file_list(whichfiles) FILE *dout = NULL; register char **dirlist, *dirname; int simple = 0; +#ifndef strpbrk char *strpbrk(); +#endif int ret = 0; if (strpbrk(whichfiles, "~{[*?") != NULL) { diff --git a/src/appl/sample/ChangeLog b/src/appl/sample/ChangeLog index 7a3bc3f40..0f678270a 100644 --- a/src/appl/sample/ChangeLog +++ b/src/appl/sample/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * configure.in: Removed and tests moved up to appl/configure.in diff --git a/src/appl/sample/Makefile.in b/src/appl/sample/Makefile.in index 1678cad19..e0c7ce53d 100644 --- a/src/appl/sample/Makefile.in +++ b/src/appl/sample/Makefile.in @@ -3,5 +3,3 @@ myfulldir=appl/sample mydir=sample MY_SUBDIRS = sclient sserver BUILDTOP=$(REL)$(U)$(S)$(U) - -CFLAGS = $(CCOPTS) diff --git a/src/appl/sample/sample.h b/src/appl/sample/sample.h index aac9ad13e..6c81d9351 100644 --- a/src/appl/sample/sample.h +++ b/src/appl/sample/sample.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/sample/sclient/ChangeLog b/src/appl/sample/sclient/ChangeLog index 39c66ced4..7b7b4774a 100644 --- a/src/appl/sample/sclient/ChangeLog +++ b/src/appl/sample/sclient/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/appl/sample/sclient/Makefile.in b/src/appl/sample/sclient/Makefile.in index 744a404c2..cf286a4ae 100644 --- a/src/appl/sample/sclient/Makefile.in +++ b/src/appl/sample/sclient/Makefile.in @@ -4,7 +4,6 @@ mydir=sample/sclient MY_SUBDIRS=. BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/appl/sample/sclient/sclient.M b/src/appl/sample/sclient/sclient.M index 4eb934a64..1b5a8d6b7 100644 --- a/src/appl/sample/sclient/sclient.M +++ b/src/appl/sample/sclient/sclient.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/appl/sample/sclient/sclient.c b/src/appl/sample/sclient/sclient.c index c5c79123f..3b8bb98c6 100644 --- a/src/appl/sample/sclient/sclient.c +++ b/src/appl/sample/sclient/sclient.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/sample/sserver/ChangeLog b/src/appl/sample/sserver/ChangeLog index 0eb7468da..04722ef44 100644 --- a/src/appl/sample/sserver/ChangeLog +++ b/src/appl/sample/sserver/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/appl/sample/sserver/Makefile.in b/src/appl/sample/sserver/Makefile.in index 5e0b93ab7..cf3a1517c 100644 --- a/src/appl/sample/sserver/Makefile.in +++ b/src/appl/sample/sserver/Makefile.in @@ -4,7 +4,6 @@ mydir=sample/sserver MY_SUBDIRS=. BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/appl/sample/sserver/sserver.M b/src/appl/sample/sserver/sserver.M index e879067e6..4323fd11b 100644 --- a/src/appl/sample/sserver/sserver.M +++ b/src/appl/sample/sserver/sserver.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/appl/sample/sserver/sserver.c b/src/appl/sample/sserver/sserver.c index e3b08962c..06579f4a6 100644 --- a/src/appl/sample/sserver/sserver.c +++ b/src/appl/sample/sserver/sserver.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/simple/ChangeLog b/src/appl/simple/ChangeLog index 7c6a2f244..b5d9f9423 100644 --- a/src/appl/simple/ChangeLog +++ b/src/appl/simple/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * configure.in: Removed and tests moved up to appl/configure.in diff --git a/src/appl/simple/Makefile.in b/src/appl/simple/Makefile.in index 0e46bef36..1331664b9 100644 --- a/src/appl/simple/Makefile.in +++ b/src/appl/simple/Makefile.in @@ -3,5 +3,3 @@ myfulldir=appl/simple mydir=simple MY_SUBDIRS = client server BUILDTOP=$(REL)$(U)$(S)$(U) - -CFLAGS = $(CCOPTS) diff --git a/src/appl/simple/client/ChangeLog b/src/appl/simple/client/ChangeLog index 8074ea955..702b24679 100644 --- a/src/appl/simple/client/ChangeLog +++ b/src/appl/simple/client/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/appl/simple/client/Makefile.in b/src/appl/simple/client/Makefile.in index 023180d5d..5ac73b964 100644 --- a/src/appl/simple/client/Makefile.in +++ b/src/appl/simple/client/Makefile.in @@ -3,13 +3,12 @@ myfulldir=appl/simple/client mydir=simple/client MY_SUBDIRS=. BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) all:: sim_client -LOCALINCLUDE= -I.. -I$(srcdir)/.. +LOCALINCLUDES= -I.. -I$(srcdir)/.. sim_client: sim_client.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o sim_client sim_client.o $(KRB5_BASE_LIBS) diff --git a/src/appl/simple/client/sim_client.c b/src/appl/simple/client/sim_client.c index 0838757c4..b010794ee 100644 --- a/src/appl/simple/client/sim_client.c +++ b/src/appl/simple/client/sim_client.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/simple/server/ChangeLog b/src/appl/simple/server/ChangeLog index 88defa589..a6e6a68f1 100644 --- a/src/appl/simple/server/ChangeLog +++ b/src/appl/simple/server/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/appl/simple/server/Makefile.in b/src/appl/simple/server/Makefile.in index f0fb9d62e..ade8d583b 100644 --- a/src/appl/simple/server/Makefile.in +++ b/src/appl/simple/server/Makefile.in @@ -3,9 +3,8 @@ myfulldir=appl/simple/server mydir=simple/server MY_SUBDIRS=. BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) -LOCALINCLUDE= -I.. -I$(srcdir)/.. +LOCALINCLUDES= -I.. -I$(srcdir)/.. PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/appl/simple/server/sim_server.c b/src/appl/simple/server/sim_server.c index 7f1a824e4..6e4f4e1cc 100644 --- a/src/appl/simple/server/sim_server.c +++ b/src/appl/simple/server/sim_server.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/simple/simple.h b/src/appl/simple/simple.h index f908e2ca1..f230592e6 100644 --- a/src/appl/simple/simple.h +++ b/src/appl/simple/simple.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/telnet/libtelnet/ChangeLog b/src/appl/telnet/libtelnet/ChangeLog index c3a779a42..28854b78a 100644 --- a/src/appl/telnet/libtelnet/ChangeLog +++ b/src/appl/telnet/libtelnet/ChangeLog @@ -1,3 +1,18 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-31 17:28 Jeffrey Altman + + * kerberos5.c: Corrections to yesterday's change. + +1999-08-30 16:55 Jeffrey Altman + + * kerberos5.c: Ensure that only "host" service tickets are accepted. + Wed Feb 3 22:59:27 1999 Theodore Y. Ts'o * kerberos5.c: Increase size of str_data so that we can accept diff --git a/src/appl/telnet/libtelnet/Makefile.in b/src/appl/telnet/libtelnet/Makefile.in index 31d98b36b..48bbe539a 100644 --- a/src/appl/telnet/libtelnet/Makefile.in +++ b/src/appl/telnet/libtelnet/Makefile.in @@ -26,7 +26,7 @@ BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DDES_ENCRYPTION -DKRB5 -DFORWARD \ -UNO_LOGIN_F -DLOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN LOCALINCLUDES=-I.. -I$(srcdir)/.. @KRB4_INCLUDES@ -CFLAGS = $(CCOPTS) $(AUTH_DEF) $(DEFS) $(LOCALINCLUDES) +DEFINES = $(AUTH_DEF) LIBOBJS=@LIBOBJS@ LIB= libtelnet.a diff --git a/src/appl/telnet/libtelnet/auth-proto.h b/src/appl/telnet/libtelnet/auth-proto.h index c14f6ed06..b1a0bb0b8 100644 --- a/src/appl/telnet/libtelnet/auth-proto.h +++ b/src/appl/telnet/libtelnet/auth-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/auth.c b/src/appl/telnet/libtelnet/auth.c index 428613566..f10ffb7aa 100644 --- a/src/appl/telnet/libtelnet/auth.c +++ b/src/appl/telnet/libtelnet/auth.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/auth.h b/src/appl/telnet/libtelnet/auth.h index b01a58dd5..0fe8bcf6f 100644 --- a/src/appl/telnet/libtelnet/auth.h +++ b/src/appl/telnet/libtelnet/auth.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/enc-proto.h b/src/appl/telnet/libtelnet/enc-proto.h index 48f91430f..2a17d44f4 100644 --- a/src/appl/telnet/libtelnet/enc-proto.h +++ b/src/appl/telnet/libtelnet/enc-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/encrypt.c b/src/appl/telnet/libtelnet/encrypt.c index 15f2a88b2..8833188bc 100644 --- a/src/appl/telnet/libtelnet/encrypt.c +++ b/src/appl/telnet/libtelnet/encrypt.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/encrypt.h b/src/appl/telnet/libtelnet/encrypt.h index d4274d8ca..00c72cd06 100644 --- a/src/appl/telnet/libtelnet/encrypt.h +++ b/src/appl/telnet/libtelnet/encrypt.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/kerberos.c b/src/appl/telnet/libtelnet/kerberos.c index ed32392c9..734466e86 100644 --- a/src/appl/telnet/libtelnet/kerberos.c +++ b/src/appl/telnet/libtelnet/kerberos.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/kerberos5.c b/src/appl/telnet/libtelnet/kerberos5.c index 73b2c8780..371329823 100644 --- a/src/appl/telnet/libtelnet/kerberos5.c +++ b/src/appl/telnet/libtelnet/kerberos5.c @@ -52,7 +52,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ @@ -377,7 +380,7 @@ kerberos5_is(ap, data, cnt) #ifdef ENCRYPTION Session_Key skey; #endif - char errbuf[128]; + char errbuf[320]; char *name; char *getenv(); krb5_data inbuf; @@ -423,6 +426,27 @@ kerberos5_is(ap, data, cnt) (void) strcat(errbuf, error_message(r)); goto errout; } + + /* 256 bytes should be much larger than any reasonable first component */ + /* of a service name especially since the default is of length 4. */ + if (krb5_princ_component(telnet_context,ticket->server,0)->length < 256) { + char princ[256]; + strncpy(princ, + krb5_princ_component(telnet_context, ticket->server,0)->data, + krb5_princ_component(telnet_context, ticket->server,0)->length); + princ[krb5_princ_component(telnet_context, + ticket->server,0)->length] = '\0'; + if ( strcmp("host", princ) ) + { + (void) sprintf(errbuf, "incorrect service name: \"%s\" != \"%s\"", + princ, "host"); + goto errout; + } + } else { + (void) strcpy(errbuf, "service name too long"); + goto errout; + } + r = krb5_auth_con_getauthenticator(telnet_context, auth_context, &authenticator); @@ -557,7 +581,7 @@ kerberos5_is(ap, data, cnt) errout: { - char eerrbuf[128+9]; + char eerrbuf[329]; strcpy(eerrbuf, "telnetd: "); strcat(eerrbuf, errbuf); diff --git a/src/appl/telnet/libtelnet/key-proto.h b/src/appl/telnet/libtelnet/key-proto.h index ffaeb86fa..a70aab9a5 100644 --- a/src/appl/telnet/libtelnet/key-proto.h +++ b/src/appl/telnet/libtelnet/key-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/libtelnet/misc-proto.h b/src/appl/telnet/libtelnet/misc-proto.h index ca9ae4b1b..3924a4651 100644 --- a/src/appl/telnet/libtelnet/misc-proto.h +++ b/src/appl/telnet/libtelnet/misc-proto.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/appl/telnet/telnet/ChangeLog b/src/appl/telnet/telnet/ChangeLog index e83327232..4338cc437 100644 --- a/src/appl/telnet/telnet/ChangeLog +++ b/src/appl/telnet/telnet/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-07-26 Tom Yu * telnet.c (telnet): Fix typo in error message, via diff --git a/src/appl/telnet/telnet/Makefile.in b/src/appl/telnet/telnet/Makefile.in index 3654e17f4..a1fd6f51a 100644 --- a/src/appl/telnet/telnet/Makefile.in +++ b/src/appl/telnet/telnet/Makefile.in @@ -27,7 +27,7 @@ BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -DLOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN OTHERDEFS=-DLINEMODE -DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON LOCALINCLUDES=-I.. -I$(srcdir)/.. -CFLAGS = $(CCOPTS) $(AUTH_DEF) $(OTHERDEFS) $(DEFS) $(LOCALINCLUDES) +DEFINES = $(AUTH_DEF) $(OTHERDEFS) ARPA_TELNET= $(srcdir)/../arpa/telnet.h PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/appl/telnet/telnetd/ChangeLog b/src/appl/telnet/telnetd/ChangeLog index afa44f2c7..41fbd39e2 100644 --- a/src/appl/telnet/telnetd/ChangeLog +++ b/src/appl/telnet/telnetd/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Thu Apr 15 17:02:49 1999 Theodore Y. Ts'o * configure.in: Fix typo in test below; fixed name of the autoconf diff --git a/src/appl/telnet/telnetd/Makefile.in b/src/appl/telnet/telnetd/Makefile.in index 2fbec0e56..01bd66afd 100644 --- a/src/appl/telnet/telnetd/Makefile.in +++ b/src/appl/telnet/telnetd/Makefile.in @@ -27,7 +27,7 @@ BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) AUTH_DEF=-DAUTHENTICATION -DENCRYPTION -DKRB5 -DFORWARD -UNO_LOGIN_F -ULOGIN_CAP_F -DLOGIN_PROGRAM=KRB5_PATH_LOGIN OTHERDEFS=-DKLUDGELINEMODE -DDIAGNOSTICS -DENV_HACK -DOLD_ENVIRON LOCALINCLUDES=-I.. -I$(srcdir)/.. -CFLAGS = $(CCOPTS) $(AUTH_DEF) $(OTHERDEFS) $(DEFS) $(LOCALINCLUDES) +DEFINES = $(AUTH_DEF) $(OTHERDEFS) ARPA_TELNET= $(srcdir)/../arpa/telnet.h PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) diff --git a/src/appl/user_user/ChangeLog b/src/appl/user_user/ChangeLog index c98c21b0f..c12b29d1c 100644 --- a/src/appl/user_user/ChangeLog +++ b/src/appl/user_user/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * configure.in: Removed and tests moved up to appl/configure.in diff --git a/src/appl/user_user/Makefile.in b/src/appl/user_user/Makefile.in index 7721c224d..5185da516 100644 --- a/src/appl/user_user/Makefile.in +++ b/src/appl/user_user/Makefile.in @@ -3,7 +3,7 @@ myfulldir=appl/user_user mydir=user_user MY_SUBDIRS=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -DDEBUG +DEFINES = -DDEBUG PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/appl/user_user/client.c b/src/appl/user_user/client.c index 9fb0c7ad0..b5dcd0de8 100644 --- a/src/appl/user_user/client.c +++ b/src/appl/user_user/client.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/appl/user_user/server.c b/src/appl/user_user/server.c index d6fb4fca9..d7cda69e8 100644 --- a/src/appl/user_user/server.c +++ b/src/appl/user_user/server.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/clients/ChangeLog b/src/clients/ChangeLog index 7aa79e60a..4c1c39c4f 100644 --- a/src/clients/ChangeLog +++ b/src/clients/ChangeLog @@ -1,3 +1,16 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Clean kpasswd in Windows build. + +1999-11-23 Ken Raeburn + + * configure.in: Check for setenv. Set SETENVOBJ to setenv.o if + it's not available, empty otherwise. + +1999-08-09 Danilo Almeida + + * Makefile.in: Build kpasswd under windows. + Tue May 18 19:52:56 1999 Danilo Almeida * Makefile.in: Remove - from recursive Win32 make invocation. diff --git a/src/clients/Makefile.in b/src/clients/Makefile.in index ada6fd0c1..0aebfb921 100644 --- a/src/clients/Makefile.in +++ b/src/clients/Makefile.in @@ -16,6 +16,9 @@ all-windows:: @echo Making all in clients\kinit cd ..\kinit $(MAKE) -$(MFLAGS) + @echo Making all in clients\kpasswd + cd ..\kpasswd + $(MAKE) -$(MFLAGS) cd .. clean-windows:: @@ -28,4 +31,7 @@ clean-windows:: @echo Making clean in clients\kinit cd ..\kinit $(MAKE) -$(MFLAGS) clean + @echo Making clean in clients\kpasswd + cd ..\kpasswd + $(MAKE) -$(MFLAGS) clean cd .. diff --git a/src/clients/configure.in b/src/clients/configure.in index d78039edf..29296565a 100644 --- a/src/clients/configure.in +++ b/src/clients/configure.in @@ -3,7 +3,13 @@ CONFIG_RULES AC_PROG_INSTALL KRB5_BUILD_PROGRAM AC_HEADER_STDARG -AC_CHECK_FUNCS(getusershell lstat ) +AC_CHECK_FUNCS(getusershell lstat setenv) +if test $ac_cv_func_setenv = no ; then + SETENVOBJ=setenv.o +else + SETENVOBJ= +fi +AC_SUBST(SETENVOBJ) AC_CHECK_HEADERS(unistd.h pwd.h) case $krb5_cv_host in alpha-dec-osf*) diff --git a/src/clients/kdestroy/ChangeLog b/src/clients/kdestroy/ChangeLog index f3d51232b..41d694f73 100644 --- a/src/clients/kdestroy/ChangeLog +++ b/src/clients/kdestroy/ChangeLog @@ -1,3 +1,18 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Windows fix for 10/26/99 cleanup. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-09 Danilo Almeida + + * Makefile.in: Use standard windows exe link flags. + Mon May 10 15:09:31 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/clients/kdestroy/Makefile.in b/src/clients/kdestroy/Makefile.in index 9489d2fa9..4e67ce3bd 100644 --- a/src/clients/kdestroy/Makefile.in +++ b/src/clients/kdestroy/Makefile.in @@ -2,28 +2,19 @@ thisconfigdir=./.. myfulldir=clients/kdestroy mydir=kdestroy BUILDTOP=$(REL)$(U)$(S)$(U) -##DOS##BUILDTOP=..\.. -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) all-unix:: kdestroy -all-windows:: +all-windows:: $(OUTPRE)kdestroy.exe all-mac:: kdestroy: kdestroy.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o $@ kdestroy.o $(KRB5_BASE_LIBS) - - -##WIN32##INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 -##WIN32##CFLAGS = $(CCOPTS2) $(INCLUDES) - -##WIN32##all-windows:: $(OUTPRE)kdestroy.exe -##WIN32##$(OUTPRE)kdestroy.exe: $(OUTPRE)kdestroy.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB) -##WIN32## link /nologo /out:$@ $** - +$(OUTPRE)kdestroy.exe: $(OUTPRE)kdestroy.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB) + link $(EXE_LINKOPTS) -out:$@ $** clean-unix:: $(RM) kdestroy.o kdestroy diff --git a/src/clients/kdestroy/kdestroy.M b/src/clients/kdestroy/kdestroy.M index 9886dad58..68ce7033e 100644 --- a/src/clients/kdestroy/kdestroy.M +++ b/src/clients/kdestroy/kdestroy.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/kdestroy/kdestroy.c b/src/clients/kdestroy/kdestroy.c index b52ccb246..6fdbc652a 100644 --- a/src/clients/kdestroy/kdestroy.c +++ b/src/clients/kdestroy/kdestroy.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/clients/kinit/ChangeLog b/src/clients/kinit/ChangeLog index fa18f1004..39d7ec895 100644 --- a/src/clients/kinit/ChangeLog +++ b/src/clients/kinit/ChangeLog @@ -1,3 +1,28 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Windows fix for 10/26/99 cleanup. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-25 Ken Raeburn + + * kinit.c (optind, optarg) [sun]: Declare on SunOS 4. Maybe + declare unconditionally, in the future. + +1999-08-12 Ken Raeburn + + * kinit.c (main): Initialize cache_name to null, in case it's not + set. + +1999-08-09 Danilo Almeida + + * Makefile.in: Use standard windows exe link flags. + Mon May 10 15:13:37 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/clients/kinit/Makefile.in b/src/clients/kinit/Makefile.in index 071d653f7..2308ca22d 100644 --- a/src/clients/kinit/Makefile.in +++ b/src/clients/kinit/Makefile.in @@ -2,27 +2,19 @@ thisconfigdir=./.. myfulldir=clients/kinit mydir=kinit BUILDTOP=$(REL)$(U)$(S)$(U) -##DOS##BUILDTOP=..\.. -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) all-unix:: kinit -all-windows:: +all-windows:: $(OUTPRE)kinit.exe all-mac:: kinit: kinit.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o $@ kinit.o $(KRB5_BASE_LIBS) - -##WIN32##INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 -##WIN32##CFLAGS = $(CCOPTS2) $(INCLUDES) - -##WIN32##all-windows:: $(OUTPRE)kinit.exe -##WIN32##$(OUTPRE)kinit.exe: $(OUTPRE)kinit.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB) -##WIN32## link /nologo /out:$@ $** - +$(OUTPRE)kinit.exe: $(OUTPRE)kinit.obj $(BUILDTOP)\util\windows\$(OUTPRE)getopt.obj $(KLIB) $(CLIB) + link $(EXE_LINKOPTS) -out:$@ $** clean-unix:: $(RM) kinit.o kinit diff --git a/src/clients/kinit/kinit.M b/src/clients/kinit/kinit.M index 6681967f4..e87536c91 100644 --- a/src/clients/kinit/kinit.M +++ b/src/clients/kinit/kinit.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/kinit/kinit.c b/src/clients/kinit/kinit.c index c29b26e6c..777b44e0d 100644 --- a/src/clients/kinit/kinit.c +++ b/src/clients/kinit/kinit.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -33,6 +36,11 @@ #else #ifdef HAVE_UNISTD_H #include +#ifdef sun +/* SunOS4 unistd didn't declare these; okay to make unconditional? */ +extern int optind; +extern char *optarg; +#endif /* sun */ #else extern int optind; extern char *optarg; @@ -101,7 +109,7 @@ main(argc, argv) krb5_get_init_creds_opt opts; char *service_name = NULL; krb5_keytab keytab = NULL; - char *cache_name; + char *cache_name = NULL; krb5_ccache ccache = NULL; enum { INIT_PW, INIT_KT, RENEW, VALIDATE} action; int errflg = 0, idx, i; diff --git a/src/clients/klist/ChangeLog b/src/clients/klist/ChangeLog index 3f1cc6930..0f1106519 100644 --- a/src/clients/klist/ChangeLog +++ b/src/clients/klist/ChangeLog @@ -1,3 +1,28 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Windows fix for 10/26/99 cleanup. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-01 Danilo Almeida + + * klist.c (do_ccache, show_credential): Use krb5_free_unparsed_name + instead of free. + +1999-08-26 Danilo Almeida + + * klist.c (show_credential): Index addresses array with i + in a loop instead of 1. (Thanks to jaltman@columbia.edu) + +1999-08-09 Danilo Almeida + + * Makefile.in: Use standard windows exe link flags. + Mon May 10 15:13:58 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/clients/klist/Makefile.in b/src/clients/klist/Makefile.in index b9be31653..b4beb7e62 100644 --- a/src/clients/klist/Makefile.in +++ b/src/clients/klist/Makefile.in @@ -3,26 +3,19 @@ myfulldir=clients/klist mydir=klist BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) all-unix:: klist -all-windows:: +all-windows:: $(OUTPRE)klist.exe all-mac:: klist: klist.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o $@ klist.o $(KRB5_BASE_LIBS) - -##WIN32##INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 -##WIN32##CFLAGS = $(CCOPTS2) $(INCLUDES) - -##WIN32##all-windows:: $(OUTPRE)klist.exe -##WIN32##$(OUTPRE)klist.exe: $(OUTPRE)klist.obj $(KLIB) $(CLIB) -##WIN32## link /nologo /out:$@ $** wsock32.lib - +$(OUTPRE)klist.exe: $(OUTPRE)klist.obj $(KLIB) $(CLIB) + link $(EXE_LINKOPTS) -out:$@ $** wsock32.lib clean-unix:: $(RM) klist.o klist diff --git a/src/clients/klist/klist.M b/src/clients/klist/klist.M index 99b42b985..3a352416c 100644 --- a/src/clients/klist/klist.M +++ b/src/clients/klist/klist.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/klist/klist.c b/src/clients/klist/klist.c index 5d79a52e4..333142c14 100644 --- a/src/clients/klist/klist.c +++ b/src/clients/klist/klist.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -248,7 +251,7 @@ void do_keytab(name) printf(")"); } printf("\n"); - free(pname); + krb5_free_unparsed_name(kcontext, pname); } if (code && code != KRB5_KT_END) { com_err(progname, code, "while scanning keytab"); @@ -447,7 +450,7 @@ show_credential(progname, kcontext, cred) retval = krb5_unparse_name(kcontext, cred->server, &sname); if (retval) { com_err(progname, retval, "while unparsing server name"); - free(name); + krb5_free_unparsed_name(kcontext, name); return; } if (!cred->times.starttime) @@ -527,15 +530,15 @@ show_credential(progname, kcontext, cred) for (i=1; cred->addresses[i]; i++) { printf(", "); - one_addr(cred->addresses[1]); + one_addr(cred->addresses[i]); } printf("\n"); } } - free(name); - free(sname); + krb5_free_unparsed_name(kcontext, name); + krb5_free_unparsed_name(kcontext, sname); } void one_addr(a) diff --git a/src/clients/kpasswd/ChangeLog b/src/clients/kpasswd/ChangeLog index 46f98c554..ba06e7008 100644 --- a/src/clients/kpasswd/ChangeLog +++ b/src/clients/kpasswd/ChangeLog @@ -1,3 +1,19 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Windows fix for 10/26/99 cleanup. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-09 Danilo Almeida + + * kpasswd.c: + * Makefile.in: Build kpasswd under windows. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/clients/kpasswd/Makefile.in b/src/clients/kpasswd/Makefile.in index 2b7490820..a9fed31e2 100644 --- a/src/clients/kpasswd/Makefile.in +++ b/src/clients/kpasswd/Makefile.in @@ -2,29 +2,24 @@ thisconfigdir=./.. myfulldir=clients/kpasswd mydir=kpasswd BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) -##DOSBUILDTOP=..\.. - kpasswd: kpasswd.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o kpasswd kpasswd.o $(KRB5_BASE_LIBS) kpasswd.o: $(srcdir)/kpasswd.c all-unix:: kpasswd -all-windows:: kpasswd.exe clean-unix:: $(RM) kpasswd.o kpasswd -clean-windows:: - $(RM) kpasswd.obj kpasswd.exe - install-all install-kdc install-server install-client install-unix:: $(INSTALL_PROGRAM) kpasswd $(DESTDIR)$(CLIENT_BINDIR)/`echo kpasswd|sed '$(transform)'` $(INSTALL_DATA) $(srcdir)/kpasswd.M $(DESTDIR)$(CLIENT_MANDIR)/`echo kpasswd|sed '$(transform)'`.1; -kpasswd.exe: kpasswd.obj - link /out:kpasswd.exe kpasswd.obj $(BUILDTOP)\lib\libkrb5.lib +all-windows:: $(OUTPRE)kpasswd.exe + +$(OUTPRE)kpasswd.exe: $(OUTPRE)kpasswd.obj $(KLIB) $(CLIB) + link $(EXE_LINKOPTS) -out:$@ $** diff --git a/src/clients/kpasswd/kpasswd.M b/src/clients/kpasswd/kpasswd.M index 5428898ef..f88a13451 100644 --- a/src/clients/kpasswd/kpasswd.M +++ b/src/clients/kpasswd/kpasswd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/clients/kpasswd/kpasswd.c b/src/clients/kpasswd/kpasswd.c index 711c4ecd6..2e719d6de 100644 --- a/src/clients/kpasswd/kpasswd.c +++ b/src/clients/kpasswd/kpasswd.c @@ -1,20 +1,51 @@ #include #include -#include + +#ifndef _WIN32 #include +#endif #include #define P1 "Enter new password: " #define P2 "Enter it again: " +#ifdef HAVE_PWD_H +#include + +void get_name_from_passwd_file(program_name, kcontext, me) + char * program_name; + krb5_context kcontext; + krb5_principal * me; +{ + struct passwd *pw; + krb5_error_code code; + if (pw = getpwuid((int) getuid())) { + if ((code = krb5_parse_name(kcontext, pw->pw_name, me))) { + com_err (program_name, code, "when parsing name %s", pw->pw_name); + exit(1); + } + } else { + fprintf(stderr, "Unable to identify user from password file\n"); + exit(1); + } +} +#else /* HAVE_PWD_H */ +void get_name_from_passwd_file(kcontext, me) + krb5_context kcontext; + krb5_principal * me; +{ + fprintf(stderr, "Unable to identify user\n"); + exit(1); +} +#endif /* HAVE_PWD_H */ + int main(int argc, char *argv[]) { krb5_error_code ret; krb5_context context; krb5_principal princ; char *pname; - struct passwd *pwd; krb5_ccache ccache; krb5_get_init_creds_opt opts; krb5_creds creds; @@ -40,7 +71,9 @@ int main(int argc, char *argv[]) exit(1); } +#if 0 krb5_init_ets(context); +#endif /* in order, use the first of: - a name specified on the command line @@ -70,15 +103,8 @@ int main(int argc, char *argv[]) com_err(argv[0], ret, "closing ccache"); exit(1); } - } else if (pwd = getpwuid(getuid())) { - if (ret = krb5_parse_name(context, pwd->pw_name, &princ)) { - com_err(argv[0], ret, "parsing client name"); - exit(1); - } } else { - com_err(argv[0], 0, - "no matching password entry while looking for username"); - exit(1); + get_name_from_passwd_file(argv[0], context, &princ); } krb5_get_init_creds_opt_init(&opts); diff --git a/src/clients/ksu/ChangeLog b/src/clients/ksu/ChangeLog index 44dc8989d..d61703e41 100644 --- a/src/clients/ksu/ChangeLog +++ b/src/clients/ksu/ChangeLog @@ -1,3 +1,65 @@ +1999-12-02 Ken Raeburn + + * krb_auth_su.c (krb5_get_tkt_via_passwd): Move check of + principal name length up *before* it gets copied. + +1999-11-23 Ken Raeburn + + * krb_auth_su.c (krb5_get_tkt_via_passwd): Check length of + principal name before copying to fixed-size buffer. + + * ccache.c (krb5_ccache_filter): Fix speling error. + (krb5_get_login_princ): Check length of home directory pathname. + + * setenv.c: New file, copied from appl/bsd. + * Makefile.in (OBJS): Add @SETENVOBJ@. + (SRCS): Add setenv.c. + + * xmalloc.c: New file, providing versions of malloc, calloc, + realloc, and strdup that print messages and exit if memory + allocation fails. + * ksu.h (xmalloc, xrealloc, xcalloc, xstrdup): Declare. + * Makefile.in (SRCS, OBJS): Use it. + * authorization.c, ccache.c, heuristic.c, main.c: Change all calls + to malloc, calloc, realloc, and strdup to call x* versions if the + return value is not checked before use. + + * authorization.c (auth_cleanup): Ditch int arguments, check for + null pointers instead. + (krb5_authorization): Update calls. Initialize file pointers to + null. + (init_auth_names): Check for buffer overflow. + (fcmd_resolve): Ensure enough buffer space is allocated. + (find_first_cmd_that_exists): Likewise. Use strcat instead of + sprintf'ing a buffer into itself. + + * krb_auth_su.c (dump_principal, plain_dump_principal): Reformat + slightly. + + * main.c (cc_source_tag, cc_source_tag_tmp): Now point to const. + (main): Unset environment variable KRB5_CONFIG. Delete -C + option. Force an error if lifetime strings are over 14 + characters. Fix error message string if setluid fails. Cast pid + to long for printing. Call krb5_init_secure_context instead of + krb5_init_context and krb5_secure_config_files. + (main): Fix speling error. + (ontty): Check string size. + (get_dir_of_file): Argument now points to const. + * ksu.h (get_dir_of_file): Update declaration. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-23 Ken Raeburn + + * heuristic.c (find_ticket): Use flag KRB5_TC_SUPPORTED_KTYPES + when calling krb5_cc_retrieve_cred. + * krb_auth_su.c (krb5_auth_check, krb5_fast_auth): Ditto. + Fri Mar 12 18:52:18 1999 Tom Yu * main.c (main): Fix cleanup code for setluid() failure. diff --git a/src/clients/ksu/Makefile.in b/src/clients/ksu/Makefile.in index b31a3f641..c96de375e 100644 --- a/src/clients/ksu/Makefile.in +++ b/src/clients/ksu/Makefile.in @@ -3,7 +3,6 @@ myfulldir=clients/ksu mydir=ksu BUILDTOP=$(REL)$(U)$(S)$(U) DEFINES = -DGET_TGT_VIA_PASSWD -DPRINC_LOOK_AHEAD -DCMD_PATH='"/bin /local/bin"' -CFLAGS = $(CCOPTS) $(DEFINES) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -15,13 +14,17 @@ SRCS = \ $(srcdir)/ccache.c \ $(srcdir)/authorization.c \ $(srcdir)/main.c \ - $(srcdir)/heuristic.c + $(srcdir)/heuristic.c \ + $(srcdir)/xmalloc.c \ + $(srcdir)/setenv.c OBJS = \ krb_auth_su.o \ ccache.o \ authorization.o \ main.o \ - heuristic.o + heuristic.o \ + xmalloc.o \ + @SETENVOBJ@ all:: ksu diff --git a/src/clients/ksu/authorization.c b/src/clients/ksu/authorization.c index 39e745995..a2e540936 100644 --- a/src/clients/ksu/authorization.c +++ b/src/clients/ksu/authorization.c @@ -27,7 +27,7 @@ #include "ksu.h" -static void auth_cleanup PROTOTYPE((int, FILE *, int, FILE *, char *)); +static void auth_cleanup PROTOTYPE((FILE *, FILE *, char *)); krb5_boolean fowner(fp, uid) FILE *fp; @@ -76,9 +76,8 @@ krb5_error_code krb5_authorization(context, principal, luser, int k5login_flag =0; int k5users_flag =0; krb5_boolean retbool =FALSE; - FILE * login_fp, * users_fp; + FILE * login_fp = 0, * users_fp = 0; krb5_error_code retval = 0; - struct stat statbuf; struct stat st_temp; *ok =FALSE; @@ -128,8 +127,7 @@ krb5_error_code krb5_authorization(context, principal, luser, }else{ if(retval = k5users_lookup(users_fp,princname, cmd,&retbool,out_fcmd)){ - auth_cleanup(k5users_flag,users_fp, - k5login_flag,login_fp, princname); + auth_cleanup(users_fp, login_fp, princname); return retval; }else{ *ok =retbool; @@ -149,28 +147,26 @@ krb5_error_code krb5_authorization(context, principal, luser, "In krb5_authorization: principal to be authorized %s\n", princname); if (retval = k5login_lookup( login_fp, princname, &retbool)){ - auth_cleanup(k5users_flag,users_fp, - k5login_flag,login_fp, princname); + auth_cleanup(users_fp, login_fp, princname); return retval; } if (retbool) { if (cmd) - *out_fcmd = strdup(cmd); + *out_fcmd = xstrdup(cmd); } } if ((!k5users_flag) && (retbool == FALSE) ){ if(retval = k5users_lookup (users_fp, princname, cmd, &retbool, out_fcmd)){ - auth_cleanup(k5users_flag,users_fp, - k5login_flag,login_fp, princname); + auth_cleanup(users_fp, login_fp, princname); return retval; } } if (k5login_flag && k5users_flag){ - char * kuser = (char *) calloc (strlen(princname), sizeof(char)); + char * kuser = (char *) xcalloc (strlen(princname), sizeof(char)); if (!(krb5_aname_to_localname(context, principal, strlen(princname), kuser)) && (strcmp(kuser, luser) == 0)) { @@ -181,7 +177,7 @@ krb5_error_code krb5_authorization(context, principal, luser, } *ok =retbool; - auth_cleanup(k5users_flag,users_fp, k5login_flag,login_fp, princname); + auth_cleanup(users_fp, login_fp, princname); return 0; } @@ -278,7 +274,7 @@ krb5_error_code k5users_lookup (fp, princname, cmd, found, out_fcmd) if ((fcmd) && (!strcmp(fcmd, PERMIT_ALL_COMMANDS))){ if (get_next_token(&lp) == NULL){ - loc_fcmd =cmd ? strdup(cmd): NULL; + loc_fcmd =cmd ? xstrdup(cmd): NULL; loc_found = TRUE; } free (line); @@ -348,30 +344,30 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err) char * lp, * tc; int i=0; - tmp_fcmd = (char **) calloc (MAX_CMD, sizeof(char *)); + tmp_fcmd = (char **) xcalloc (MAX_CMD, sizeof(char *)); if (*fcmd == '/'){ /* must be full path */ - tmp_fcmd[0] = strdup(fcmd); + tmp_fcmd[0] = xstrdup(fcmd); tmp_fcmd[1] = NULL; *out_fcmd = tmp_fcmd; return TRUE; }else{ /* must be either full path or just the cmd name */ if (strchr(fcmd, '/')){ - err = (char *) calloc((strlen(fcmd) +200) ,sizeof(char)); + err = (char *) xcalloc((strlen(fcmd) +200) ,sizeof(char)); sprintf(err,"Error: bad entry - %s in %s file, must be either full path or just the cmd name\n", fcmd, KRB5_USERS_NAME); *out_err = err; return FALSE; } #ifndef CMD_PATH - err = (char *) calloc(2*(strlen(fcmd) +200) ,sizeof(char)); + err = (char *) xcalloc(2*(strlen(fcmd) +200) ,sizeof(char)); sprintf(err,"Error: bad entry - %s in %s file, since %s is just the cmd name, CMD_PATH must be defined \n", fcmd, KRB5_USERS_NAME, fcmd); *out_err = err; return FALSE; #else - path = strdup (CMD_PATH); + path = xstrdup (CMD_PATH); path_ptr = path; while ((*path_ptr == ' ') || (*path_ptr == '\t')) path_ptr ++; @@ -379,7 +375,7 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err) tc = get_first_token (path_ptr, &lp); if (! tc){ - err = (char *) calloc((strlen(fcmd) +200) ,sizeof(char)); + err = (char *) xcalloc((strlen(fcmd) +200) ,sizeof(char)); sprintf(err,"Error: bad entry - %s in %s file, CMD_PATH contains no paths \n", fcmd, KRB5_USERS_NAME); *out_err = err; return FALSE; @@ -388,13 +384,13 @@ krb5_boolean fcmd_resolve(fcmd, out_fcmd, out_err) i=0; do{ if (*tc != '/'){ /* must be full path */ - err = (char *) calloc((strlen(tc) +200) ,sizeof(char)); + err = (char *) xcalloc((strlen(tc) +200) ,sizeof(char)); sprintf(err,"Error: bad path %s in CMD_PATH for %s must start with '/' \n",tc, KRB5_USERS_NAME ); *out_err = err; return FALSE; } - out_path = (char *) calloc( MAXPATHLEN, sizeof (char)); + out_path = (char *) xmalloc(strlen(tc) + strlen(fcmd) + 2); sprintf(out_path,"%s/%s",tc, fcmd ); tmp_fcmd[i] = out_path; @@ -502,7 +498,7 @@ krb5_boolean find_first_cmd_that_exists(fcmd_arr, cmd_out, err_out) tln = strlen(fcmd_arr[i]); if ( tln > max_ln) max_ln = tln; if (!stat (fcmd_arr[i], &st_temp )){ - *cmd_out = strdup(fcmd_arr[i]); + *cmd_out = xstrdup(fcmd_arr[i]); retbool = TRUE; break; } @@ -510,12 +506,14 @@ krb5_boolean find_first_cmd_that_exists(fcmd_arr, cmd_out, err_out) } if (retbool == FALSE ){ - err = (char *) calloc((80 +max_ln*i) ,sizeof(char)); - sprintf(err,"Error: not found -> "); + err = (char *) xmalloc((80 + (max_ln+2)*i) ,sizeof(char)); + strcpy(err,"Error: not found -> "); for(j= 0; j < i; j ++){ - sprintf(err,"%s %s ", err, fcmd_arr[j]); + strcat(err, " "); + strcat(err, fcmd_arr[j]); + strcat(err, " "); } - sprintf(err,"%s\n", err); + strcat(err, "\n"); *err_out = err; } @@ -562,7 +560,7 @@ int match_commands (fcmd, cmd, match, cmd_out, err_out) }else{ if (!cmd_arr_cmp(fcmd_arr, cmd)){ /* found */ *match = TRUE; - *cmd_out = strdup(cmd); + *cmd_out = xstrdup(cmd); return 0; } else{ *match = FALSE; @@ -586,7 +584,7 @@ krb5_error_code get_line (fp, out_line) char * line, *r, *newline , *line_ptr; int chunk_count = 1; - line = (char *) calloc (BUFSIZ, sizeof (char )); + line = (char *) xcalloc (BUFSIZ, sizeof (char )); line_ptr = line; line[0] = '\0'; @@ -687,27 +685,32 @@ char * get_next_token (lnext) return out_ptr; } -static void auth_cleanup(k5users_flag, users_fp, k5login_flag, - login_fp, princname) - int k5users_flag; +static void auth_cleanup(users_fp, login_fp, princname) FILE *users_fp; - int k5login_flag; FILE *login_fp; char *princname; { free (princname); - if (!k5users_flag) fclose(users_fp); - if (!k5login_flag) fclose(login_fp); + if (users_fp) + fclose(users_fp); + if (login_fp) + fclose(login_fp); } void init_auth_names(pw_dir) char *pw_dir; { + if (strlen (k5login_path) + 2 + strlen (KRB5_LOGIN_NAME) >= MAXPATHLEN) { + fprintf (stderr, + "home directory name `%s' too long, can't search for .k5login\n", + pw_dir); + exit (1); + } if ((strlen(pw_dir) == 1) && (*pw_dir == '/')){ sprintf(k5login_path,"%s%s", pw_dir, KRB5_LOGIN_NAME); sprintf(k5users_path,"%s%s", pw_dir, KRB5_USERS_NAME); - }else{ + } else { sprintf(k5login_path,"%s/%s", pw_dir, KRB5_LOGIN_NAME); sprintf(k5users_path,"%s/%s", pw_dir, KRB5_USERS_NAME); } diff --git a/src/clients/ksu/ccache.c b/src/clients/ksu/ccache.c index 69975204e..be77456f5 100644 --- a/src/clients/ksu/ccache.c +++ b/src/clients/ksu/ccache.c @@ -64,7 +64,7 @@ krb5_creds ** cc_def_creds_arr = NULL; krb5_creds ** cc_other_creds_arr = NULL; struct stat st_temp; - cc_other = (krb5_ccache *) calloc(1, sizeof (krb5_ccache)); + cc_other = (krb5_ccache *) xcalloc(1, sizeof (krb5_ccache)); if ((retval = krb5_cc_resolve(context, cc_other_tag, cc_other))){ com_err (prog_name, retval, "resolving ccache %s", @@ -381,6 +381,10 @@ krb5_get_login_princ(luser, princ_list) if ((pwd = getpwnam(luser)) == NULL) { return 0; } + if (strlen(pwd->pw_dir) + sizeof("/.k5login") > MAXPATHLEN) { + fprintf (stderr, "home directory path for %s too long\n", luser); + exit (1); + } (void) strcpy(pbuf, pwd->pw_dir); (void) strcat(pbuf, "/.k5login"); @@ -655,7 +659,7 @@ krb5_creds ** cc_def_creds_arr = NULL; krb5_creds ** cc_other_creds_arr = NULL; struct stat st_temp; - cc_other = (krb5_ccache *) calloc(1, sizeof (krb5_ccache)); + cc_other = (krb5_ccache *) xcalloc(1, sizeof (krb5_ccache)); if ((retval = krb5_cc_resolve(context, cc_other_tag, cc_other))){ com_err (prog_name, retval, "resolving ccache %s", @@ -734,7 +738,7 @@ struct stat st_temp; if ( ! stat(cc_name, &st_temp)){ if (auth_debug) { - fprintf(stderr,"puting cache %s through a filter for -z option\n", cc_name); + fprintf(stderr,"putting cache %s through a filter for -z option\n", cc_name); } if ((retval = krb5_get_nonexp_tkts(context, cc, &cc_creds_arr))){ diff --git a/src/clients/ksu/heuristic.c b/src/clients/ksu/heuristic.c index 40858fb3a..269c059f6 100644 --- a/src/clients/ksu/heuristic.c +++ b/src/clients/ksu/heuristic.c @@ -59,7 +59,7 @@ krb5_error_code get_all_princ_from_file (fp, plist) fprinc = get_first_token (line, &lp); if (fprinc ){ - temp_list[count] = strdup(fprinc); + temp_list[count] = xstrdup(fprinc); count ++; } @@ -451,7 +451,7 @@ krb5_error_code find_ticket (context, cc, client, server, found) if (retval= krb5_copy_principal(context, server, &tgtq.server)) return retval ; - retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY, + retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt); if (! retval) retval = krb5_check_exp(context, tgt.times); diff --git a/src/clients/ksu/krb_auth_su.c b/src/clients/ksu/krb_auth_su.c index e5a489f91..abc158c4b 100644 --- a/src/clients/ksu/krb_auth_su.c +++ b/src/clients/ksu/krb_auth_su.c @@ -125,8 +125,9 @@ krb5_boolean zero_password; } if (auth_debug){ dump_principal(context, "local tgt principal name", tgtq.server ); } - retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, &tgt); + retval = krb5_cc_retrieve_cred(context, cc, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, + &tgtq, &tgt); if (! retval) retval = krb5_check_exp(context, tgt.times); @@ -260,8 +261,9 @@ krb5_error_code retval; return (FALSE) ; } - if ((retval = krb5_cc_retrieve_cred(context, cc, KRB5_TC_MATCH_SRV_NAMEONLY, - &tgtq, &tgt))){ + if ((retval = krb5_cc_retrieve_cred(context, cc, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, + &tgtq, &tgt))){ if (auth_debug) com_err(prog_name, retval,"While Retrieving credentials"); return (FALSE) ; @@ -442,8 +444,13 @@ krb5_boolean krb5_get_tkt_via_passwd (context, ccache, client, server, } else my_creds.times.renew_till = 0; - - (void) sprintf(prompt,"Kerberos password for %s: ", (char *) client_name); + if (strlen (client_name) + 80 > sizeof (prompt)) { + fprintf (stderr, + "principal name %s too long for internal buffer space\n", + client_name); + return FALSE; + } + (void) sprintf(prompt,"Kerberos password for %s: ", client_name); pwsize = sizeof(password); @@ -483,29 +490,26 @@ void dump_principal (context, str, p) krb5_context context; char *str; krb5_principal p; -{ -char * stname; -krb5_error_code retval; +{ + char * stname; + krb5_error_code retval; - if ((retval = krb5_unparse_name(context, p, &stname))){ - fprintf(stderr," %s while unparsing name \n", - error_message(retval)); - } - fprintf(stderr, " %s: %s\n", str, stname ); + if ((retval = krb5_unparse_name(context, p, &stname))) { + fprintf(stderr, " %s while unparsing name\n", error_message(retval)); + } + fprintf(stderr, " %s: %s\n", str, stname); } void plain_dump_principal (context, p) krb5_context context; krb5_principal p; { -char * stname; -krb5_error_code retval; + char * stname; + krb5_error_code retval; - if ((retval = krb5_unparse_name(context, p, &stname))){ - fprintf(stderr," %s while unparsing name \n", - error_message(retval)); - } - fprintf(stderr, "%s ", stname ); + if ((retval = krb5_unparse_name(context, p, &stname))) + fprintf(stderr, " %s while unparsing name\n", error_message(retval)); + fprintf(stderr, "%s ", stname); } #if 0 diff --git a/src/clients/ksu/ksu.h b/src/clients/ksu/ksu.h index 2f6f9686d..230c59651 100644 --- a/src/clients/ksu/ksu.h +++ b/src/clients/ksu/ksu.h @@ -202,7 +202,7 @@ extern int standard_shell PROTOTYPE((char *)); extern krb5_error_code get_params PROTOTYPE((int *, int, char **, char ***)); -extern char *get_dir_of_file PROTOTYPE((char *)); +extern char *get_dir_of_file PROTOTYPE((const char *)); /* heuristic.c */ extern krb5_error_code get_all_princ_from_file PROTOTYPE((FILE *, char ***)); @@ -241,4 +241,5 @@ extern krb5_error_code get_best_princ_for_target extern char *krb5_lname_file; /* Note: print this out just be sure that it gets set */ - +extern void *xmalloc (), *xrealloc (), *xcalloc(); +extern char *xstrdup (); diff --git a/src/clients/ksu/main.c b/src/clients/ksu/main.c index de7cef67d..bd7bbb854 100644 --- a/src/clients/ksu/main.c +++ b/src/clients/ksu/main.c @@ -92,9 +92,9 @@ char * target_user = NULL; char * source_user; krb5_ccache cc_source = NULL; -char * cc_source_tag = NULL; +const char * cc_source_tag = NULL; uid_t source_gid, target_gid; -char * cc_source_tag_tmp = NULL; +const char * cc_source_tag_tmp = NULL; char * cc_target_tag_tmp=NULL; char * cmd = NULL, * exec_cmd = NULL; int errflg = 0; @@ -123,16 +123,17 @@ char * dir_of_cc_source; options.rlife =0; options.princ =0; - params = (char **) calloc (2, sizeof (char *)); + params = (char **) xcalloc (2, sizeof (char *)); params[1] = NULL; - retval = krb5_init_context(&ksu_context); + unsetenv ("KRB5_CONFIG"); + + retval = krb5_init_secure_context(&ksu_context); if (retval) { com_err(argv[0], retval, "while initializing krb5"); exit(1); } - krb5_secure_config_files(ksu_context); if (strrchr(argv[0], '/')) argv[0] = strrchr(argv[0], '/')+1; @@ -151,11 +152,11 @@ char * dir_of_cc_source; if (( argc == 1) || (argv[1][0] == '-')){ - target_user = strdup("root"); + target_user = xstrdup("root"); pargc = argc; pargv = argv; } else { - target_user = strdup(argv[1]); + target_user = xstrdup(argv[1]); pargc = argc -1; if ((pargv =(char **) calloc(pargc +1,sizeof(char *)))==NULL){ @@ -172,10 +173,12 @@ char * dir_of_cc_source; } - while(!done && ((option = getopt(pargc, pargv,"n:c:C:r:a:zZDfpkql:e:")) != -1)){ + while(!done && ((option = getopt(pargc, pargv,"n:c:r:a:zZDfpkql:e:")) != -1)){ switch (option) { case 'r': options.opt |= KDC_OPT_RENEWABLE; + if (strlen (optarg) >= 14) + optarg = "bad-time"; retval = krb5_string_to_deltat(optarg, &options.rlife); if (retval != 0 || options.rlife == 0) { fprintf(stderr, "Bad lifetime value (%s hours?)\n", optarg); @@ -208,6 +211,8 @@ char * dir_of_cc_source; quiet =1; break; case 'l': + if (strlen (optarg) >= 14) + optarg = "bad-time"; retval = krb5_string_to_deltat(optarg, &options.lifetime); if (retval != 0 || options.lifetime == 0) { fprintf(stderr, "Bad lifetime value (%s hours?)\n", optarg); @@ -242,43 +247,9 @@ char * dir_of_cc_source; errflg++; } break; - case 'C': - if (cc_target_tag == NULL) { - cc_target_tag = strdup(optarg); - - if ((strlen(cc_target_tag) == 1) && - (*cc_target_tag == NO_TARGET_FILE)){ - use_source_cache = 1; - if(some_rest_copy || all_rest_copy){ - fprintf(stderr, - "-C . option is mutually exclusive with -z and -Z\n"); - errflg++; - } - } - else { - if ( strchr(cc_target_tag, ':')){ - cc_target_tag_tmp=strchr(cc_target_tag,':') + 1; - if(!stat(cc_target_tag_tmp, &st_temp )){ - fprintf(stderr,"File %s exists\n", - cc_target_tag_tmp); - errflg++; - } - } - else { - fprintf(stderr, - "malformed credential cache name %s\n", - cc_target_tag); - errflg++; - } - } - } else { - fprintf(stderr, "Only one -C option allowed\n"); - errflg++; - } - break; case 'c': if (cc_source_tag == NULL) { - cc_source_tag = strdup(optarg); + cc_source_tag = xstrdup(optarg); if ( strchr(cc_source_tag, ':')){ cc_source_tag_tmp = strchr(cc_source_tag, ':') + 1; @@ -301,7 +272,7 @@ char * dir_of_cc_source; } break; case 'e': - cmd = strdup(optarg); + cmd = xstrdup(optarg); if(auth_debug){printf("Before get_params optind=%d\n", optind);} if ((retval = get_params( & optind, pargc, pargv, ¶ms))){ com_err(prog_name, retval, "when gathering parameters"); @@ -354,13 +325,13 @@ char * dir_of_cc_source; } /* allocate space and copy the usernamane there */ - source_user = strdup(pwd->pw_name); + source_user = xstrdup(pwd->pw_name); source_uid = pwd->pw_uid; source_gid = pwd->pw_gid; if (!strcmp(SOURCE_USER_LOGIN, target_user)){ - target_user = strdup (source_user); + target_user = xstrdup (source_user); } if ((target_pwd = getpwnam(target_user)) == NULL){ @@ -376,9 +347,11 @@ char * dir_of_cc_source; if (cc_source_tag == NULL){ cc_source_tag = krb5_cc_default_name(ksu_context); - cc_source_tag_tmp = strchr(cc_source_tag, ':') + 1; - if (cc_source_tag_tmp == (char *) 1) + cc_source_tag_tmp = strchr(cc_source_tag, ':'); + if (cc_source_tag_tmp == 0) cc_source_tag_tmp = cc_source_tag; + else + cc_source_tag_tmp++; } if (krb5_seteuid(source_uid)) { com_err ( prog_name, errno, "while setting euid to source user"); @@ -457,15 +430,16 @@ char * dir_of_cc_source; if (cc_target_tag == NULL) { - cc_target_tag = (char *)calloc(KRB5_SEC_BUFFSIZE ,sizeof(char)); + cc_target_tag = (char *)xcalloc(KRB5_SEC_BUFFSIZE ,sizeof(char)); /* make sure that the new ticket file does not already exist This is run as source_uid because it is reasonable to require the source user to have write to where the target cache will be created.*/ do { - sprintf(cc_target_tag, "%s%d.%d", KRB5_SECONDARY_CACHE, - target_uid, gen_sym()); + sprintf(cc_target_tag, "%s%ld.%d", + KRB5_SECONDARY_CACHE, + (long) target_uid, gen_sym()); cc_target_tag_tmp = strchr(cc_target_tag, ':') + 1; }while ( !stat ( cc_target_tag_tmp, &st_temp)); @@ -528,8 +502,8 @@ char * dir_of_cc_source; } else{ cc_target = cc_source; - cc_target_tag = cc_source_tag; - cc_target_tag_tmp = cc_source_tag_tmp; + cc_target_tag = (char *) cc_source_tag; + cc_target_tag_tmp = (char *) cc_source_tag_tmp; if ((retval=krb5_find_princ_in_cache(ksu_context, cc_target,client, &stored))){ com_err (prog_name, retval, @@ -640,7 +614,7 @@ char * dir_of_cc_source; /* Run authorization as target.*/ if (krb5_seteuid(target_uid)) { - com_err(prog_name, errno, "whiel switching to target for authorization check"); + com_err(prog_name, errno, "while switching to target for authorization check"); sweep_up(ksu_context, use_source_cache, cc_target); exit(1); } @@ -726,7 +700,7 @@ krb5_seteuid(0); /*So we have some chance of sweeping up*/ target_pwd = getpwnam(target_user); if (target_pwd->pw_shell) - shell = strdup(target_pwd->pw_shell); + shell = xstrdup(target_pwd->pw_shell); else { shell = _DEF_CSH; /* default is cshell */ } @@ -806,7 +780,7 @@ krb5_seteuid(0); /*So we have some chance of sweeping up*/ * with C2 enabled. */ if (setluid((uid_t) pwd->pw_uid) < 0) { - perror("setuid"); + perror("setluid"); sweep_up(ksu_context, use_source_cache, cc_target); exit(1); } @@ -860,7 +834,7 @@ krb5_seteuid(0); /*So we have some chance of sweeping up*/ switch ((child_pid = fork())) { default: if (auth_debug){ - printf(" The child pid is %d\n", child_pid); + printf(" The child pid is %ld\n", (long) child_pid); printf(" The parent pid is %d\n", getpid()); } while ((ret_pid = waitpid(child_pid, &statusp, WUNTRACED)) != -1) { @@ -916,8 +890,13 @@ char *p, *ttyname(); static char buf[MAXPATHLEN + 4]; buf[0] = 0; - if ((p = ttyname(STDERR_FILENO))) + if ((p = ttyname(STDERR_FILENO))) { + if (strlen (p) > MAXPATHLEN) { + fprintf (stderr, "terminal name %s too long\n", p); + exit (1); + } sprintf(buf, " on %s", p); + } return (buf); } @@ -929,7 +908,7 @@ static int set_env_var(name, value) char * env_var_buf; /* allocate extra two spaces, one for the = and one for the \0 */ - env_var_buf = (char *) calloc(2 + strlen(name) + strlen(value), + env_var_buf = (char *) xcalloc(2 + strlen(name) + strlen(value), sizeof(char)); sprintf(env_var_buf,"%s=%s",name, value); @@ -1021,18 +1000,18 @@ void print_status (va_alist) char *get_dir_of_file(path) - char *path; + const char *path; { char * temp_path; char * ptr; - temp_path = strdup(path); + temp_path = xstrdup(path); if ((ptr = strrchr( temp_path, '/'))) { *ptr = '\0'; } else { free (temp_path); - temp_path = malloc(MAXPATHLEN); + temp_path = xmalloc(MAXPATHLEN); if (temp_path) getcwd(temp_path, MAXPATHLEN); } diff --git a/src/clients/ksu/setenv.c b/src/clients/ksu/setenv.c new file mode 100644 index 000000000..96d4a1e9e --- /dev/null +++ b/src/clients/ksu/setenv.c @@ -0,0 +1,158 @@ +/* + * Copyright (c) 1987 Regents of the University of California. + * All rights reserved. + * + * Redistribution and use in source and binary forms are permitted + * provided that the above copyright notice and this paragraph are + * duplicated in all such forms and that any documentation, + * advertising materials, and other materials related to such + * distribution and use acknowledge that the software was developed + * by the University of California, Berkeley. The name of the + * University may not be used to endorse or promote products derived + * from this software without specific prior written permission. + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +/* based on @(#)setenv.c 5.2 (Berkeley) 6/27/88 */ + +#include +#include + +/* + * setenv -- + * Set the value of the environmental variable "name" to be + * "value". If rewrite is set, replace any current value. + */ +setenv(name, value, rewrite) + register char *name, *value; + int rewrite; +{ + extern char **environ; + static int alloced; /* if allocated space before */ + register char *C; + int l_value, offset; + char *malloc(), *realloc(), *_findenv(); + + if (*value == '=') /* no `=' in value */ + ++value; + l_value = strlen(value); + if ((C = _findenv(name, &offset))) { /* find if already exists */ + if (!rewrite) + return(0); + if (strlen(C) >= l_value) { /* old larger; copy over */ + while (*C++ = *value++); + return(0); + } + } + else { /* create new slot */ + register int cnt; + register char **P; + + for (P = environ, cnt = 0; *P; ++P, ++cnt); + if (alloced) { /* just increase size */ + environ = (char **)realloc((char *)environ, + (u_int)(sizeof(char *) * (cnt + 2))); + if (!environ) + return(-1); + } + else { /* get new space */ + alloced = 1; /* copy old entries into it */ + P = (char **)malloc((u_int)(sizeof(char *) * + (cnt + 2))); + if (!P) + return(-1); + memcpy(P, environ, cnt * sizeof(char *)); + environ = P; + } + environ[cnt + 1] = NULL; + offset = cnt; + } + for (C = name; *C && *C != '='; ++C); /* no `=' in name */ + if (!(environ[offset] = /* name + `=' + value */ + malloc((u_int)((int)(C - name) + l_value + 2)))) + return(-1); + for (C = environ[offset]; (*C = *name++) &&( *C != '='); ++C); + for (*C++ = '='; *C++ = *value++;); + return(0); +} + +/* + * unsetenv(name) -- + * Delete environmental variable "name". + */ +void +unsetenv(name) + char *name; +{ + extern char **environ; + register char **P; + int offset; + char *_findenv(); + + while (_findenv(name, &offset)) /* if set multiple times */ + for (P = &environ[offset];; ++P) + if (!(*P = *(P + 1))) + break; +} +/* + * Copyright (c) 1987 Regents of the University of California. + * All rights reserved. + * + * Redistribution and use in source and binary forms are permitted + * provided that the above copyright notice and this paragraph are + * duplicated in all such forms and that any documentation, + * advertising materials, and other materials related to such + * distribution and use acknowledge that the software was developed + * by the University of California, Berkeley. The name of the + * University may not be used to endorse or promote products derived + * from this software without specific prior written permission. + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +/* based on @(#)getenv.c 5.5 (Berkeley) 6/27/88 */ + +/* + * getenv -- + * Returns ptr to value associated with name, if any, else NULL. + */ +char * +getenv(name) + char *name; +{ + int offset; + char *_findenv(); + + return(_findenv(name, &offset)); +} + +/* + * _findenv -- + * Returns pointer to value associated with name, if any, else NULL. + * Sets offset to be the offset of the name/value combination in the + * environmental array, for use by setenv(3) and unsetenv(3). + * Explicitly removes '=' in argument name. + * + * This routine *should* be a static; don't use it. + */ +char * +_findenv(name, offset) + register char *name; + int *offset; +{ + extern char **environ; + register int len; + register char **P, *C; + + for (C = name, len = 0; *C && *C != '='; ++C, ++len); + for (P = environ; *P; ++P) + if (!strncmp(*P, name, len)) + if (*(C = *P + len) == '=') { + *offset = P - environ; + return(++C); + } + return(NULL); +} diff --git a/src/clients/ksu/xmalloc.c b/src/clients/ksu/xmalloc.c new file mode 100644 index 000000000..425b44f0e --- /dev/null +++ b/src/clients/ksu/xmalloc.c @@ -0,0 +1,68 @@ +/* + * clients/ksu/xmalloc.c + * + * Copyright 1999 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Perform simple allocation/copy operations, exiting on failure. + */ + +#include "ksu.h" + +void *xmalloc (size_t sz) +{ + void *ret = malloc (sz); + if (ret == 0 && sz != 0) { + perror (prog_name); + exit (1); + } + return ret; +} + +void *xrealloc (void *old, size_t newsz) +{ + void *ret = realloc (old, newsz); + if (ret == 0 && newsz != 0) { + perror (prog_name); + exit (1); + } + return ret; +} + +void *xcalloc (size_t nelts, size_t eltsz) +{ + void *ret = calloc (nelts, eltsz); + if (ret == 0 && nelts != 0 && eltsz != 0) { + perror (prog_name); + exit (1); + } + return ret; +} + +char *xstrdup (const char *src) +{ + size_t len = strlen (src) + 1; + char *dst = xmalloc (len); + memcpy (dst, src, len); + return dst; +} diff --git a/src/clients/kvno/ChangeLog b/src/clients/kvno/ChangeLog index 2bd51c0d0..c4aed766a 100644 --- a/src/clients/kvno/ChangeLog +++ b/src/clients/kvno/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/clients/kvno/Makefile.in b/src/clients/kvno/Makefile.in index 080e75af9..fdd4716b5 100644 --- a/src/clients/kvno/Makefile.in +++ b/src/clients/kvno/Makefile.in @@ -4,7 +4,6 @@ mydir=kvno BUILDTOP=$(REL)$(U)$(S)$(U) ##DOS##BUILDTOP=..\.. -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -17,7 +16,8 @@ kvno: kvno.o $(KRB5_BASE_DEPLIBS) ##WIN32##INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 -##WIN32##CFLAGS = $(CCOPTS2) $(INCLUDES) +##WIN32##CFLAGS = $(CCOPTS2) +##WIN32##CPPFLAGS = $(INCLUDES) ##WIN32##all-windows:: kvno.exe ##WIN32##kvno.exe: kvno.obj $(BUILDTOP)\util\windows\getopt.obj $(KLIB) $(CLIB) diff --git a/src/config-files/kdc.conf.M b/src/config-files/kdc.conf.M index 318e5cea7..81ce6047a 100644 --- a/src/config-files/kdc.conf.M +++ b/src/config-files/kdc.conf.M @@ -12,7 +12,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/config-files/krb5.conf.M b/src/config-files/krb5.conf.M index f9f3f3d91..143601e7a 100644 --- a/src/config-files/krb5.conf.M +++ b/src/config-files/krb5.conf.M @@ -12,7 +12,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/config/ChangeLog b/src/config/ChangeLog index 22bc43380..d061870e0 100644 --- a/src/config/ChangeLog +++ b/src/config/ChangeLog @@ -1,3 +1,42 @@ +1999-12-03 Danilo Almeida + + * win-pre.in: Update Windows build to work with 10/26/99 change. + The only difference between EXE and DLL builds are the + DLL_LINKOPTS and EXE_LINKOPTS linker options. All C flags are the + same. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-14 Danilo Almeida + + * win-pre.in: Fix DNS error messages to wshelper instead of + version server. + +1999-09-08 Danilo Almeida + + * win-pre.in: Fix DNS flags it does not try to depend on mit dir. + Define NULL so we can do directory existence checks via the shell + under both NT and 9x. + +1999-08-23 Ken Raeburn + + * config.guess: Recognize Rhapsody OS. + * config.sub: Recognize OS name "rhapsody*". + +1999-08-17 Ken Raeburn + + * post.in (*-recurse): If an error occurs when using -k, report an + error after finishing all the subdirectories. + +1999-08-13 Brad Thompson + + * config.sub: Now recognizes MacOS 10 as a valid OS. + 1999-07-30 Ken Raeburn * config.guess: Add MacOS 10 support. (Submitted to autoconf diff --git a/src/config/config.guess b/src/config/config.guess index c4cdae72f..98fea7b84 100644 --- a/src/config/config.guess +++ b/src/config/config.guess @@ -810,6 +810,19 @@ EOF BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit 0 ;; +# MIT addition + Power\ Macintosh:Rhapsody:*:*) + echo powerpc-apple-rhapsody${UNAME_RELEASE} + exit 0 ;; +# MIT addition + powerpc:Rhapsody:*:*) + echo powerpc-unknown-rhapsody${UNAME_RELEASE} + exit 0 ;; +# MIT addition + i?86:Rhapsody:*:*) + echo i386-unknown-rhapsody${UNAME_RELEASE} + exit 0 ;; +# MIT addition Power\ Macintosh:Mac\ OS:*:*) echo powerpc-apple-macos${UNAME_RELEASE} exit 0 ;; diff --git a/src/config/config.sub b/src/config/config.sub index 00bea6e6a..995263424 100644 --- a/src/config/config.sub +++ b/src/config/config.sub @@ -714,7 +714,7 @@ case $os in | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -uxpv* | -beos*) + | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -macos* | -rhapsody*) # Remember, each alternative MUST END IN *, to match a version number. ;; -linux*) diff --git a/src/config/libobj.in b/src/config/libobj.in index e2cf59572..f8af821c0 100644 --- a/src/config/libobj.in +++ b/src/config/libobj.in @@ -27,14 +27,12 @@ SONAME=@SONAME@ # PICFLAGS=@PICFLAGS@ PROFFLAGS=@PROFFLAGS@ -.SUFFIXES: .c .o .so .po -.c.o: - $(CC) $(CFLAGS) -c $< +.SUFFIXES: .c .so .po .c.so: - $(CC) $(PICFLAGS) $(CFLAGS) -c $< -o $*.so.o && \ + $(CC) $(DEFS) $(DEFINES) $(LOCALINCLUDES) $(PICFLAGS) $(CPPFLAGS) -c $< -o $*.so.o && \ $(MV) $*.so.o $*.so .c.po: - $(CC) $(PROFFLAGS) $(CFLAGS) -c $< -o $*.po.o && \ + $(CC) $(DEFS) $(DEFINES) $(LOCALINCLUDES) $(PROFFLAGS) $(CPPFLAGS) -c $< -o $*.po.o && \ $(MV) $*.po.o $*.po # rules to generate object file lists diff --git a/src/config/post.in b/src/config/post.in index 82bf72882..79b734bae 100644 --- a/src/config/post.in +++ b/src/config/post.in @@ -4,7 +4,7 @@ check-windows:: .depend: $(SRCS) $(SRCTOP)/util/depfix.sed if test -n "$(SRCS)" ; then \ - $(CC) -M $(CFLAGS) $(SRCS) | \ + $(CC) -M $(ALL_CFLAGS) $(SRCS) | \ sed -f $(SRCTOP)/util/depfix.sed | \ sed -e 's; $(SRCTOP)/; $$(SRCTOP)/;g' | \ sed -e 's; $(srcdir)/; $$(srcdir)/;g' | \ @@ -54,12 +54,13 @@ $(srcdir)/$(thisconfigdir)/configure: $(srcdir)/$(thisconfigdir)/configure.in \ all-recurse clean-recurse distclean-recurse install-recurse check-recurse Makefiles-recurse: @case "`echo 'x$(MFLAGS)'|sed -e 's/^x//' -e 's/ --.*$$//'`" \ - in *[ik]*) e=:;; *) e="exit 1";; esac; \ + in *[ik]*) e="status=1" ;; *) e="exit 1";; esac; \ if test -z "$(MY_SUBDIRS)" ; then \ do_subdirs="$(SUBDIRS)" ; \ else \ do_subdirs="$(MY_SUBDIRS)" ; \ fi; \ + status=0; \ if test -n "$$do_subdirs" && test -z "$(NORECURSE)"; then \ for i in $$do_subdirs ; do \ if test -d $$i ; then \ @@ -68,7 +69,7 @@ all-recurse clean-recurse distclean-recurse install-recurse check-recurse Makefi echo "making $$target in $(CURRENT_DIR)$$i..."; \ if (cd $$i ; $(MAKE) CC="$(CC)" CCOPTS="$(CCOPTS)" \ CURRENT_DIR=$(CURRENT_DIR)$$i/ $$target) then :; \ - else $$e; fi; \ + else eval $$e; fi; \ ;; \ esac; \ else \ @@ -76,4 +77,5 @@ all-recurse clean-recurse distclean-recurse install-recurse check-recurse Makefi fi; \ done; \ else :; \ - fi + fi;\ + exit $$status diff --git a/src/config/pre.in b/src/config/pre.in index b8d565ffd..45fb6d9ad 100644 --- a/src/config/pre.in +++ b/src/config/pre.in @@ -70,11 +70,12 @@ SRCTOP = @srcdir@/$(BUILDTOP) VPATH = @srcdir@ CONFIG_RELTOPDIR = @CONFIG_RELTOPDIR@ +ALL_CFLAGS = $(DEFS) $(DEFINES) $(LOCALINCLUDES) $(CPPFLAGS) $(CFLAGS) +CFLAGS = @CCOPTS@ CPPFLAGS = @CPPFLAGS@ -DEFS = @DEFS@ $(CPPFLAGS) +DEFS = @DEFS@ CC = @CC@ LD = $(PURE) @LD@ -CCOPTS = @CCOPTS@ DEPLIBS = @DEPLIBS@ LDFLAGS = @LDFLAGS@ LD_UNRESOLVED_PREFIX = @LD_UNRESOLVED_PREFIX@ @@ -284,6 +285,12 @@ COMPILE_ET_C= $(AWK) -f $(SRCTOP)/util/et/et_c.awk outfile=$@ .et.c: $(AWK) -f $(SRCTOP)/util/et/et_c.awk outfile=$*.c $< +# rule to make object files +# +.SUFFIXES: .c .o +.c.o: + $(CC) $(ALL_CFLAGS) -c $< + # ss command table rules # MAKE_COMMANDS= $(BUILDTOP)/util/ss/mk_cmds diff --git a/src/config/win-pre.in b/src/config/win-pre.in index 8ed8a5175..73fdb2efa 100644 --- a/src/config/win-pre.in +++ b/src/config/win-pre.in @@ -38,6 +38,11 @@ CPU=i386 # End of figuring out CPU # +!if "$(OS)" == "Windows_NT" +NULL= +!else +NULL=nul +!endif # NOTE: ^ is an escape char for NMAKE. !ifdef NODEBUG @@ -78,13 +83,31 @@ C=.^\ srcdir = . SRCTOP = $(srcdir)\$(BUILDTOP) +!if defined(KRB5_USE_DNS) +!if !defined(DNS_INC) +!message Must define DNS_INC to point to wshelper includes dir! +!error +!endif +!if !defined(DNS_LIB) +!message Must define DNS_LIB to point to wshelper library! +!error +!endif +DNSLIBS=$(DNS_LIB) +DNSFLAGS=-I$(DNS_INC) -DKRB5_DNS_LOOKUP -DWSHELPER +!else +DNSLIBS= +DNSFLAGS= +!endif + # # The name of the C compiler for the target # -CC=cl /nologo -CL= +CC=cl PDB_OPTS=-Fd$(OUTPRE)\ -FD +CPPFLAGS=-I$(SRCTOP)\include -I$(SRCTOP)\include\krb5 $(DNSFLAGS) +CCOPTS=-nologo /W3 $(PDB_OPTS) $(DLL_FILE_DEF) +LOPTS=-nologo -incremental:no # /ZI gives better debug info in each object file (MSVC 6.0 or higher). # /Zi gives debug info in each object file. @@ -94,32 +117,20 @@ PDB_OPTS=-Fd$(OUTPRE)\ -FD # /MD (Win32) thread safe, ML would be single threaded, don't build with ML # -# CCOPTS is for DLL compiles -# CCOPTS2 is for non-DLL compiles (EXEs, for example) +# CCOPTS was for DLL compiles +# CCOPTS2 was for non-DLL compiles (EXEs, for example) # !ifdef NODEBUG -CCOPTS =/Os /W3 /MD $(PDB_OPTS) $(XTRA) $(DLL_FILE_DEF) -CCOPTS2=/Os /W3 $(PDB_OPTS) $(XTRA) -LOPTS= +CCOPTS=/Os /MD $(CCOPTS) +LOPTS=$(LOPTS) !else -CCOPTS =/Od /ZI /W3 /MD $(PDB_OPTS) $(XTRA) $(DLL_FILE_DEF) -CCOPTS2=/Od /ZI /W3 $(PDB_OPTS) $(XTRA) -LOPTS=-debug +CCOPTS=/Od /ZI /MDd $(CCOPTS) +LOPTS=$(LOPTS) -debug !endif # XXX - NOTE: We should probably use DllMainCRTStartup -LINKOPTS=-incremental:no $(LOPTS) -nologo -dll -entry:DllMain -LINKOPTS2=-incremental:no $(LOPTS) -nologo - -!if defined(KRB5_USE_DNS) -DNSFLAGS= -DKRB5_DNS_LOOKUP -DWSHELPER -!else -DNSFLAGS= -!endif - -CPPFLAGS = -I$(SRCTOP)\include -I$(SRCTOP)\include\krb5 -I$(SRCTOP)\mit\windows\include $(DNSFLAGS) -DEFS = $(CPPFLAGS) -CFLAGS2 = $(CCOPTS2) $(DEFS) +DLL_LINKOPTS=$(LOPTS) -dll -entry:DllMain +EXE_LINKOPTS=$(LOPTS) RM=$(BUILDTOP)\config\rm.bat LIBECHO=$(BUILDTOP)\util\windows\$(OUTPRE)libecho @@ -155,17 +166,20 @@ MFLAGS=$(MAKEFLAGS) MAKE=-$(MAKE) !endif +CFLAGS = $(CCOPTS) +ALL_CFLAGS = $(DEFS) $(DEFINES) $(LOCALINCLUDES) $(CPPFLAGS) $(CFLAGS) + {}.rc{$(OUTPRE)}.res: $(RC) $(RCFLAGS) -fo $@ -r $< {}.c{$(OUTPRE)}.obj: - $(CC) $(CFLAGS) -Fo$(OUTPRE)\ -c $< + $(CC) $(ALL_CFLAGS) -Fo$(OUTPRE)\ -c $< {}.cxx{$(OUTPRE)}.obj: - $(CC) $(CFLAGS) -Fo$(OUTPRE)\ -c $< + $(CC) $(ALL_CFLAGS) -Fo$(OUTPRE)\ -c $< {}.cpp{$(OUTPRE)}.obj: - $(CC) $(CFLAGS) -Fo$(OUTPRE)\ -c $< + $(CC) $(ALL_CFLAGS) -Fo$(OUTPRE)\ -c $< # # End of Win32 pre-config lines (config/win-pre.in) diff --git a/src/include/ChangeLog b/src/include/ChangeLog index 2eabec100..d6c621dc7 100644 --- a/src/include/ChangeLog +++ b/src/include/ChangeLog @@ -1,3 +1,56 @@ +1999-11-23 Ken Raeburn + + * krb5.hin (krb5_init_secure_context): Declare. + +1999-09-08 Tom Yu + + * Makefile.in (install): Install port-sockets.h, needed by + kerberosIV/krb.h. + +1999-08-31 Jeffrey Altman + + * k5-int.h: Add #define ANSI_STDIO for Windows builds so that + stdio opens files in binary mode instead of text + mode. This is necessary for Ctrl-Z transparency. + +1999-08-30 Ken Raeburn + + * configure.in: Check for memmove and bcopy. + + * Makefile.in (install): Install profile.h since krb5.h will use + it. + +1999-08-26 Danilo Almeida + + * krb5.hin (krb5_kuserok): Fix calling convention to make it + consistent with rest of krb5 exports before we start exporting + this from the Windows DLL. + +1999-08-25 Danilo Almeida + + * k5-int.h (krb5_cc_retrieve_cred_default): Fix calling convention + to make it consistent with actual calling convention. + +1999-08-23 Ken Raeburn + + * krb5.hin (KRB5_TC_SUPPORTED_KTYPES): New flag. + * k5-int.h (krb5_cc_retrieve_cred_default): Declare. + +1999-08-18 Tom Yu + + * krb5.hin: Re-align des3-cbc-sha1 and hmac-sha1-des3 to agree + with new number assignments; also rename symbols a little bit. + +1999-08-09 Danilo Almeida + + * win-mac.h: Define MAXPATHLEN only if not already defined. This + avoids warnings under Windows. + +1999-08-04 Danilo Almeida + + * k5-int.h: Keep invariant that profile_in_memory member of context + is only sensible if KRB5_DNS_LOOKUP is defined. + 1999-08-03 Ken Raeburn * krb5.hin: Wrap all declarations in `extern "C"' for C++, not diff --git a/src/include/Makefile.in b/src/include/Makefile.in index db023fc69..e77a99168 100644 --- a/src/include/Makefile.in +++ b/src/include/Makefile.in @@ -69,5 +69,8 @@ clean-windows:: cd .. @echo Making clean in include -install:: krb5.h +install:: krb5.h profile.h $(INSTALL_DATA) krb5.h $(DESTDIR)$(KRB5_INCDIR)$(S)krb5.h + $(INSTALL_DATA) profile.h $(DESTDIR)$(KRB5_INCDIR)$(S)profile.h + $(INSTALL_DATA) $(srcdir)/port-sockets.h \ + $(DESTDIR)$(KRB5_INCDIR)$(S)port-sockets.h diff --git a/src/include/configure.in b/src/include/configure.in index 8a4c03d15..c99448ecf 100644 --- a/src/include/configure.in +++ b/src/include/configure.in @@ -5,7 +5,7 @@ AC_PROG_INSTALL AC_PROG_AWK AC_PROG_LEX AC_CONST -AC_CHECK_FUNCS(strdup labs setvbuf) +AC_CHECK_FUNCS(strdup labs setvbuf memmove bcopy) HAVE_YYLINENO CHECK_DIRENT AC_TYPE_UID_T diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 2f7fb7f4f..303a5b544 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -32,7 +32,11 @@ * be used in advertising or publicity pertaining to distribution of the * software. Title to copyright in this software and any associated * documentation shall at all times remain with M.I.T., and USER agrees to - * preserve same. + * preserve same. + * + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. */ /* @@ -102,6 +106,7 @@ #define INI_KRB_CCACHE "krb5cc" /* Location of the ccache */ #define INI_KRB5_CONF "krb5.ini" /* Location of krb5.conf file */ #define HAVE_LABS +#define ANSI_STDIO #endif @@ -990,7 +995,9 @@ struct _krb5_context { krb5_boolean profile_secure; int fcc_default_format; int scc_default_format; +#ifdef KRB5_DNS_LOOKUP krb5_boolean profile_in_memory; +#endif /* KRB5_DNS_LOOKUP */ }; /* could be used in a table to find an etype and initialize a block */ @@ -1472,6 +1479,11 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_ser_unpack_bytes krb5_octet FAR * FAR *, size_t FAR *)); + +krb5_error_code KRB5_CALLCONV krb5_cc_retrieve_cred_default + KRB5_PROTOTYPE((krb5_context, krb5_ccache, krb5_flags, + krb5_creds *, krb5_creds *)); + #if defined(macintosh) && defined(__CFM68K__) && !defined(__USING_STATIC_LIBS__) #pragma import reset #endif diff --git a/src/include/k5-util.h b/src/include/k5-util.h index 643b936d2..f245dcb6e 100644 --- a/src/include/k5-util.h +++ b/src/include/k5-util.h @@ -32,7 +32,11 @@ * be used in advertising or publicity pertaining to distribution of the * software. Title to copyright in this software and any associated * documentation shall at all times remain with M.I.T., and USER agrees to - * preserve same. + * preserve same. + * + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. */ /* diff --git a/src/include/kerberosIV/addr_comp.h b/src/include/kerberosIV/addr_comp.h index b4ebcd33e..ccf3a8d05 100644 --- a/src/include/kerberosIV/addr_comp.h +++ b/src/include/kerberosIV/addr_comp.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/admin_server.h b/src/include/kerberosIV/admin_server.h index a50c1b918..3da415518 100644 --- a/src/include/kerberosIV/admin_server.h +++ b/src/include/kerberosIV/admin_server.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/des.h b/src/include/kerberosIV/des.h index b9a69d5d8..86556083c 100644 --- a/src/include/kerberosIV/des.h +++ b/src/include/kerberosIV/des.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/highc.h b/src/include/kerberosIV/highc.h index a7ee8820a..c45a85502 100644 --- a/src/include/kerberosIV/highc.h +++ b/src/include/kerberosIV/highc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/kadm.h b/src/include/kerberosIV/kadm.h index 35c29d1b8..e3f47c059 100644 --- a/src/include/kerberosIV/kadm.h +++ b/src/include/kerberosIV/kadm.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/kdc.h b/src/include/kerberosIV/kdc.h index 6a9804eaf..095420c28 100644 --- a/src/include/kerberosIV/kdc.h +++ b/src/include/kerberosIV/kdc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/klog.h b/src/include/kerberosIV/klog.h index 0d9f0ce07..a7e1afb0b 100644 --- a/src/include/kerberosIV/klog.h +++ b/src/include/kerberosIV/klog.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/kparse.h b/src/include/kerberosIV/kparse.h index 839f4b90a..3562565be 100644 --- a/src/include/kerberosIV/kparse.h +++ b/src/include/kerberosIV/kparse.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/krb.h b/src/include/kerberosIV/krb.h index f18f42a04..fe8830be4 100644 --- a/src/include/kerberosIV/krb.h +++ b/src/include/kerberosIV/krb.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/krb_conf.h b/src/include/kerberosIV/krb_conf.h index d57bcb4b4..3edeaf941 100644 --- a/src/include/kerberosIV/krb_conf.h +++ b/src/include/kerberosIV/krb_conf.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/krb_db.h b/src/include/kerberosIV/krb_db.h index dc2265d96..3e3b1dda6 100644 --- a/src/include/kerberosIV/krb_db.h +++ b/src/include/kerberosIV/krb_db.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/mit-copyright.h b/src/include/kerberosIV/mit-copyright.h index 380d7bc75..e00865769 100644 --- a/src/include/kerberosIV/mit-copyright.h +++ b/src/include/kerberosIV/mit-copyright.h @@ -6,14 +6,17 @@ It is the responsibility of any person or organization contemplating export to obtain such a license before exporting. -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +WITHIN THAT CONSTRAINT, Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of M.I.T. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of +permission. Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. +M.I.T. makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/include/kerberosIV/passwd_server.h b/src/include/kerberosIV/passwd_server.h index fb2ac3e9f..e0a32c54c 100644 --- a/src/include/kerberosIV/passwd_server.h +++ b/src/include/kerberosIV/passwd_server.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/principal.h b/src/include/kerberosIV/principal.h index d220130cf..2960870be 100644 --- a/src/include/kerberosIV/principal.h +++ b/src/include/kerberosIV/principal.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/kerberosIV/prot.h b/src/include/kerberosIV/prot.h index d051be3fb..4e365b4b2 100644 --- a/src/include/kerberosIV/prot.h +++ b/src/include/kerberosIV/prot.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5.hin b/src/include/krb5.hin index 0f4836a0b..4fa3bd84b 100644 --- a/src/include/krb5.hin +++ b/src/include/krb5.hin @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -363,8 +366,8 @@ typedef struct _krb5_enc_data { /* XXX deprecated? */ #define ENCTYPE_DES3_CBC_SHA 0x0005 /* DES-3 cbc mode with NIST-SHA */ #define ENCTYPE_DES3_CBC_RAW 0x0006 /* DES-3 cbc mode raw */ -#define ENCTYPE_DES3_HMAC_SHA1 0x0007 #define ENCTYPE_DES_HMAC_SHA1 0x0008 +#define ENCTYPE_DES3_CBC_SHA1 0x0010 #define ENCTYPE_UNKNOWN 0x01ff /* local crud */ /* marc's DES-3 with 32-bit length */ @@ -379,7 +382,7 @@ typedef struct _krb5_enc_data { #define CKSUMTYPE_RSA_MD5 0x0007 #define CKSUMTYPE_RSA_MD5_DES 0x0008 #define CKSUMTYPE_NIST_SHA 0x0009 -#define CKSUMTYPE_HMAC_SHA1 0x000a +#define CKSUMTYPE_HMAC_SHA1_DES3 0x000c #ifndef krb5_roundup /* round x up to nearest multiple of y */ @@ -1168,24 +1171,25 @@ typedef struct _krb5_cc_ops { #define KRB5_TC_MATCH_SRV_NAMEONLY 0x00000040 #define KRB5_TC_MATCH_2ND_TKT 0x00000080 #define KRB5_TC_MATCH_KTYPE 0x00000100 +#define KRB5_TC_SUPPORTED_KTYPES 0x00000200 /* for set_flags and other functions */ #define KRB5_TC_OPENCLOSE 0x00000001 -#define krb5_cc_initialize(context, cache, principal) krb5_x((cache)->ops->init,(context, cache, principal)) -#define krb5_cc_gen_new(context, cache) krb5_x((*cache)->ops->gen_new,(context, cache)) -#define krb5_cc_destroy(context, cache) krb5_x((cache)->ops->destroy,(context, cache)) -#define krb5_cc_close(context, cache) krb5_x((cache)->ops->close,(context, cache)) -#define krb5_cc_store_cred(context, cache, creds) krb5_x((cache)->ops->store,(context, cache, creds)) -#define krb5_cc_retrieve_cred(context, cache, flags, mcreds, creds) krb5_x((cache)->ops->retrieve,(context, cache, flags, mcreds, creds)) -#define krb5_cc_get_principal(context, cache, principal) krb5_x((cache)->ops->get_princ,(context, cache, principal)) -#define krb5_cc_start_seq_get(context, cache, cursor) krb5_x((cache)->ops->get_first,(context, cache, cursor)) -#define krb5_cc_next_cred(context, cache, cursor, creds) krb5_x((cache)->ops->get_next,(context, cache, cursor, creds)) -#define krb5_cc_end_seq_get(context, cache, cursor) krb5_x((cache)->ops->end_get,(context, cache, cursor)) -#define krb5_cc_remove_cred(context, cache, flags, creds) krb5_x((cache)->ops->remove_cred,(context, cache,flags, creds)) -#define krb5_cc_set_flags(context, cache, flags) krb5_x((cache)->ops->set_flags,(context, cache, flags)) -#define krb5_cc_get_name(context, cache) krb5_xc((cache)->ops->get_name,(context, cache)) -#define krb5_cc_get_type(context, cache) ((cache)->ops->prefix) +#define krb5_cc_initialize(context, cache, principal) krb5_x ((cache)->ops->init,(context, cache, principal)) +#define krb5_cc_gen_new(context, cache) krb5_x ((*cache)->ops->gen_new,(context, cache)) +#define krb5_cc_destroy(context, cache) krb5_x ((cache)->ops->destroy,(context, cache)) +#define krb5_cc_close(context, cache) krb5_x ((cache)->ops->close,(context, cache)) +#define krb5_cc_store_cred(context, cache, creds) krb5_x ((cache)->ops->store,(context, cache, creds)) +#define krb5_cc_retrieve_cred(context, cache, flags, mcreds, creds) krb5_x ((cache)->ops->retrieve,(context, cache, flags, mcreds, creds)) +#define krb5_cc_get_principal(context, cache, principal) krb5_x ((cache)->ops->get_princ,(context, cache, principal)) +#define krb5_cc_start_seq_get(context, cache, cursor) krb5_x ((cache)->ops->get_first,(context, cache, cursor)) +#define krb5_cc_next_cred(context, cache, cursor, creds) krb5_x ((cache)->ops->get_next,(context, cache, cursor, creds)) +#define krb5_cc_end_seq_get(context, cache, cursor) krb5_x ((cache)->ops->end_get,(context, cache, cursor)) +#define krb5_cc_remove_cred(context, cache, flags, creds) krb5_x ((cache)->ops->remove_cred,(context, cache,flags, creds)) +#define krb5_cc_set_flags(context, cache, flags) krb5_x ((cache)->ops->set_flags,(context, cache, flags)) +#define krb5_cc_get_name(context, cache) krb5_xc((cache)->ops->get_name,(context, cache)) +#define krb5_cc_get_type(context, cache) ((cache)->ops->prefix) extern krb5_cc_ops *krb5_cc_dfl_ops; @@ -1374,6 +1378,8 @@ extern krb5_kt_ops krb5_kt_dfl_ops; KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_init_context KRB5_PROTOTYPE((krb5_context FAR *)); +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_init_secure_context + KRB5_PROTOTYPE((krb5_context FAR *)); KRB5_DLLIMP void KRB5_CALLCONV krb5_free_context KRB5_PROTOTYPE((krb5_context)); @@ -1820,6 +1826,7 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_get_profile KRB5_PROTOTYPE((krb5_context, profile_t *)); +/* DO NOT USE THIS ROUTINE! */ krb5_error_code krb5_secure_config_files KRB5_PROTOTYPE ((krb5_context)); @@ -2153,7 +2160,7 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_get_realm_domain KRB5_PROTOTYPE((krb5_context, const char *, char ** )); -krb5_boolean krb5_kuserok +KRB5_DLLIMP krb5_boolean KRB5_CALLCONV krb5_kuserok KRB5_PROTOTYPE((krb5_context, krb5_principal, const char *)); KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_auth_con_genaddrs diff --git a/src/include/krb5/adm.h b/src/include/krb5/adm.h index b4ec50852..b3a2b6af3 100644 --- a/src/include/krb5/adm.h +++ b/src/include/krb5/adm.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/adm_defs.h b/src/include/krb5/adm_defs.h index 0c4ed05c3..4ac70031a 100644 --- a/src/include/krb5/adm_defs.h +++ b/src/include/krb5/adm_defs.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/adm_proto.h b/src/include/krb5/adm_proto.h index 5e9b984bc..bcfe0aee9 100644 --- a/src/include/krb5/adm_proto.h +++ b/src/include/krb5/adm_proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/copyright.h b/src/include/krb5/copyright.h index c0785988a..b1740ce3c 100644 --- a/src/include/krb5/copyright.h +++ b/src/include/krb5/copyright.h @@ -32,5 +32,9 @@ * be used in advertising or publicity pertaining to distribution of the * software. Title to copyright in this software and any associated * documentation shall at all times remain with M.I.T., and USER agrees to - * preserve same. + * preserve same. + * + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. */ diff --git a/src/include/krb5/k5-config.h b/src/include/krb5/k5-config.h deleted file mode 100644 index 9d2ec6c18..000000000 --- a/src/include/krb5/k5-config.h +++ /dev/null @@ -1,311 +0,0 @@ -/* - * Copyright 1990,1991,1994,1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * Configuration definition file. - */ - - -#ifndef KRB5_CONFIG__ -#define KRB5_CONFIG__ - -#ifdef _MSDOS -/* - * Machine-type definitions: PC Clone 386 running Microloss Windows - */ - -/* Kerberos Windows initialization file */ -#define KERBEROS_INI "kerberos.ini" -#define INI_FILES "Files" -#define INI_KRB_CCACHE "krb5cc" /* Location of the ccache */ -#define INI_KRB5_CONF "krb5.ini" /* Location of krb5.conf file */ - -#define KRB5_DBM_COMPAT__ /* Don't load dbm.h */ -#define KRB5_KDB5__ /* Don't load kdb.h */ -#define KRB5_KDB5_DBM__ /* Don't load kdb_dbm.h */ - -#define BITS16 -#define SIZEOF_INT 2 -#define SIZEOF_SHORT 2 -#define SIZEOF_LONG 4 -#define MAXHOSTNAMELEN 512 -#define MAXPATHLEN 256 /* Also for Windows temp files */ - -#define KRB5_USE_INET -#define MSDOS_FILESYSTEM -#define USE_STRING_H -#define HAVE_SRAND -#define HAVE_ERRNO -#define HAS_STRDUP -#define NO_USERID -#define NOFCHMOD -#define NOCHMOD -#define NO_PASSWORD -#define WM_KERBEROS5_CHANGED "Kerberos5 Changed" - -#define HAS_ANSI_VOLATILE -#define HAS_VOID_TYPE -#define KRB5_PROVIDE_PROTOTYPES -#define HAVE_STDARG_H -#define HAVE_SYS_TYPES_H - -#ifndef _SIZE_T_DEFINED -typedef unsigned int size_t; -#define _SIZE_T_DEFINED -#endif - -#ifndef KRB5_SYSTYPES__ -#define KRB5_SYSTYPES__ -#include -typedef unsigned long u_long; /* Not part of sys/types.h on the pc */ -typedef unsigned int u_int; -typedef unsigned short u_short; -typedef unsigned char u_char; -#endif /* KRB5_SYSTYPES__ */ - -#ifndef INTERFACE -#define INTERFACE __far __export __pascal -#define INTERFACE_C __far __export __cdecl -#endif - -/* - * The following defines are needed to make work - * in stdc mode (/Za flag). Winsock.h needs . - */ -#define FAR _far -#define NEAR _near -#define _far __far -#define _near __near -#define _pascal __pascal -#define _cdecl __cdecl -#define _huge __huge - -#ifdef NEED_WINDOWS -#include -#endif - -#ifdef NEED_LOWLEVEL_IO -/* Ugly. Microsoft, in stdc mode, doesn't support the low-level i/o - * routines directly. Rather, they only export the _ version. - * The following defines works around this problem. - */ -#include -#include -#include -#include -#include -#define O_RDONLY _O_RDONLY -#define O_WRONLY _O_WRONLY -#define O_RDWR _O_RDWR -#define O_APPEND _O_APPEND -#define O_CREAT _O_CREAT -#define O_TRUNC _O_TRUNC -#define O_EXCL _O_EXCL -#define O_TEXT _O_TEXT -#define O_BINARY _O_BINARY -#define O_NOINHERIT _O_NOINHERIT -#define stat _stat -#define unlink _unlink -#define lseek _lseek -#define write _write -#define open _open -#define close _close -#define read _read -#define fstat _fstat -#define mktemp _mktemp -#define dup _dup - -#define getpid _getpid -#endif - -#ifdef NEED_SYSERROR -/* Only needed by util/et/error_message.c but let's keep the source clean */ -#define sys_nerr _sys_nerr -#define sys_errlist _sys_errlist -#endif - -/* XXX these should be parameterized soon... */ -#define PROVIDE_DES_CBC_MD5 -#define PROVIDE_DES_CBC_CRC -#define PROVIDE_RAW_DES_CBC -#define PROVIDE_CRC32 -#define PROVIDE_DES_CBC_CKSUM -#define PROVIDE_RSA_MD4 -#define PROVIDE_RSA_MD5 -#define DEFAULT_PWD_STRING1 "Enter password:" -#define DEFAULT_PWD_STRING2 "Re-enter password for verification:" - -/* Functions with slightly different names on the PC -*/ -#define strcasecmp _stricmp -#define strdup _strdup -#define off_t _off_t - -#else /* Rest of include file is for non-Microloss-Windows */ - -#if defined(_MACINTOSH) -#include - -typedef struct { - int dummy; -} datum; - -#include - -#ifdef NEED_LOWLEVEL_IO -#include -#endif - -#ifndef _MWERKS -/* there is no for mpw */ -typedef unsigned long mode_t; -typedef unsigned long ino_t; -typedef unsigned long dev_t; -typedef short nlink_t; -typedef unsigned long uid_t; -typedef unsigned long gid_t; -typedef long off_t; -struct stat -{ - mode_t st_mode; /* File mode; see #define's below */ - ino_t st_ino; /* File serial number */ - dev_t st_dev; /* ID of device containing this file */ - nlink_t st_nlink; /* Number of links */ - uid_t st_uid; /* User ID of the file's owner */ - gid_t st_gid; /* Group ID of the file's group */ - dev_t st_rdev; /* Device type */ - off_t st_size; /* File size in bytes */ - unsigned long st_atime; /* Time of last access */ - unsigned long st_mtime; /* Time of last data modification */ - unsigned long st_ctime; /* Time of last file status change */ - long st_blksize; /* Optimal blocksize */ - long st_blocks; /* blocks allocated for file */ -}; - -int stat(const char *path, struct stat *buf); -int fstat(int fildes, struct stat *buf); - -#endif /* _MWERKS */ - -#define EFBIG 1000 - -#define NOFCHMOD 1 -#define NOCHMOD 1 -#define _MACSOCKAPI_ - -#define THREEPARAMOPEN(x,y,z) open(x,y) -#define MAXPATHLEN 255 - -/* protocol families same as address families */ -#define PF_INET AF_INET - -/* XXX these should be parameterized soon... */ -#define PROVIDE_DES_CBC_MD5 -#define PROVIDE_DES_CBC_CRC -#define PROVIDE_RAW_DES_CBC -#define PROVIDE_CRC32 -#define PROVIDE_DES_CBC_CKSUM -#define PROVIDE_RSA_MD4 -#define PROVIDE_RSA_MD5 - -#else /* _MACINTOSH */ -#define THREEPARAMOPEN(x,y,z) open(x,y,z) -#endif /* _MACINTOSH */ - -#ifndef KRB5_AUTOCONF__ -#define KRB5_AUTOCONF__ -#include "autoconf.h" -#endif - -#ifndef KRB5_SYSTYPES__ -#define KRB5_SYSTYPES__ - -#ifdef HAVE_SYS_TYPES_H /* From autoconf.h */ -#include -#else /* HAVE_SYS_TYPES_H */ -typedef unsigned long u_long; -typedef unsigned int u_int; -typedef unsigned short u_short; -typedef unsigned char u_char; -#endif /* HAVE_SYS_TYPES_H */ -#endif /* KRB5_SYSTYPES__ */ - -#ifdef SYSV -/* Change srandom and random to use rand and srand */ -/* Taken from the Sandia changes. XXX We should really just include */ -/* srandom and random into Kerberos release, since rand() is a really */ -/* bad random number generator.... [tytso:19920616.2231EDT] */ -#define random() rand() -#define srandom(a) srand(a) -#ifndef unicos61 -#define utimes(a,b) utime(a,b) -#endif /* unicos61 */ -#endif /* SYSV */ - -/* XXX these should be parameterized soon... */ -#define PROVIDE_DES_CBC_MD5 -#define PROVIDE_DES_CBC_CRC -#define PROVIDE_RAW_DES_CBC -#define PROVIDE_CRC32 -#define PROVIDE_DES_CBC_CKSUM -#define PROVIDE_RSA_MD4 -#define PROVIDE_RSA_MD5 - -#define DEFAULT_PWD_STRING1 "Enter password:" -#define DEFAULT_PWD_STRING2 "Re-enter password for verification:" - -#define KRB5_KDB_MAX_LIFE (60*60*24) /* one day */ -#define KRB5_KDB_MAX_RLIFE (60*60*24*7) /* one week */ -#define KRB5_KDB_EXPIRATION 2145830400 /* Thu Jan 1 00:00:00 2038 UTC */ - -/* - * For paranoid DOE types that don't want to give helpful error - * messages to the client....er, attacker - */ -#undef KRBCONF_VAGUE_ERRORS - -/* - * Define this if you want the KDC to modify the Kerberos database; - * this allows the last request information to be updated, as well as - * the failure count information. - * - * Note that this doesn't work if you're using slave servers!!! It - * also causes the database to be modified (and thus need to be - * locked) frequently. - */ -#undef KRBCONF_KDC_MODIFIES_KDB - -/* - * Windows requires a different api interface to each function. Here - * just define it as NULL. - */ -#define INTERFACE -#define INTERFACE_C -#define FAR -#define NEAR -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -#ifndef HAS_LABS -#define labs(x) abs(x) -#endif - -#endif /* _MSDOS */ -#endif /* KRB5_CONFIG__ */ diff --git a/src/include/krb5/kdb.h b/src/include/krb5/kdb.h index 5471da6e1..8316efefc 100644 --- a/src/include/krb5/kdb.h +++ b/src/include/krb5/kdb.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/kdb_dbc.h b/src/include/krb5/kdb_dbc.h index e0bbd1b47..4165ca2a7 100644 --- a/src/include/krb5/kdb_dbc.h +++ b/src/include/krb5/kdb_dbc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/kdb_dbm.h b/src/include/krb5/kdb_dbm.h index cb652aadf..57eb53623 100644 --- a/src/include/krb5/kdb_dbm.h +++ b/src/include/krb5/kdb_dbm.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/kdb_kt.h b/src/include/krb5/kdb_kt.h index cdbda714f..3b795e482 100644 --- a/src/include/krb5/kdb_kt.h +++ b/src/include/krb5/kdb_kt.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/include/krb5/stock/ChangeLog b/src/include/krb5/stock/ChangeLog index bd5356337..60e3d30b7 100644 --- a/src/include/krb5/stock/ChangeLog +++ b/src/include/krb5/stock/ChangeLog @@ -1,3 +1,7 @@ +1999-09-20 Ken Raeburn + + * osconf.h (KPASSWD_PORTNAME): Define. + Tue Jan 20 23:19:53 1998 Tom Yu * osconf.h: Add DEFAULT_KPASSWD_PORT to support Cygnus chpw. diff --git a/src/include/krb5/stock/osconf.h b/src/include/krb5/stock/osconf.h index b234d995a..452d9c696 100644 --- a/src/include/krb5/stock/osconf.h +++ b/src/include/krb5/stock/osconf.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -67,6 +70,7 @@ #define KRB5_DEFAULT_SEC_PORT 750 #define DEFAULT_KPASSWD_PORT 464 +#define KPASSWD_PORTNAME "kpasswd" #define DEFAULT_KDC_PORTLIST "88,750" diff --git a/src/include/win-mac.h b/src/include/win-mac.h index d39e08b25..e2d37e00f 100644 --- a/src/include/win-mac.h +++ b/src/include/win-mac.h @@ -100,7 +100,9 @@ typedef unsigned char u_char; #endif /* KRB5_SYSTYPES__ */ #define MAXHOSTNAMELEN 512 +#ifndef MAXPATHLEN #define MAXPATHLEN 256 /* Also for Windows temp files */ +#endif #define HAVE_NETINET_IN_H #define MSDOS_FILESYSTEM diff --git a/src/kadmin/ChangeLog b/src/kadmin/ChangeLog index cea548bc2..088a7a23d 100644 --- a/src/kadmin/ChangeLog +++ b/src/kadmin/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Tue Jan 12 18:26:04 1999 Tom Yu * configure.in: Define NDBM_PW_CHECK if enable_athena is set to diff --git a/src/kadmin/Makefile.in b/src/kadmin/Makefile.in index 23f81b716..749b6c14c 100644 --- a/src/kadmin/Makefile.in +++ b/src/kadmin/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=kadmin mydir=. BUILDTOP=$(REL)$(U) -CFLAGS = $(CCOPTS) LOCAL_SUBDIRS = cli dbutil passwd ktutil server @V4SERVER@ v5passwdd testing all:: diff --git a/src/kadmin/cli/ChangeLog b/src/kadmin/cli/ChangeLog index a43021458..9b3c2010e 100644 --- a/src/kadmin/cli/ChangeLog +++ b/src/kadmin/cli/ChangeLog @@ -1,3 +1,16 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-18 Ken Raeburn + + * getdate.y (Convert): Check for year past 2038. + (RelativeMonth): Check for error return from Convert. + (get_date): Check for error return from RelativeMonth. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/cli/Makefile.in b/src/kadmin/cli/Makefile.in index 3654c78a6..5d8bbc531 100644 --- a/src/kadmin/cli/Makefile.in +++ b/src/kadmin/cli/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=kadmin/cli mydir=cli BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -32,4 +31,4 @@ clean-unix:: # for testing getdate.y datetest: getdate.c - $(CC) -o datetest $(CFLAGS) $(LDFLAGS) $(LDARGS) -DTEST getdate.c + $(CC) -o datetest $(ALL_CFLAGS) $(LDFLAGS) $(LDARGS) -DTEST getdate.c diff --git a/src/kadmin/cli/dump.c b/src/kadmin/cli/dump.c index 9a85a2e99..162e35d9c 100644 --- a/src/kadmin/cli/dump.c +++ b/src/kadmin/cli/dump.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/cli/getdate.y b/src/kadmin/cli/getdate.y index c10c6a046..321603f9f 100644 --- a/src/kadmin/cli/getdate.y +++ b/src/kadmin/cli/getdate.y @@ -125,6 +125,7 @@ static char RCS[] = #define EPOCH 1970 +#define EPOCH_END 2038 /* assumes 32 bits */ #define HOUR(x) ((time_t)(x) * 60) #define SECSPERDAY (24L * 60L * 60L) @@ -595,11 +596,12 @@ Convert(Month, Day, Year, Hours, Minutes, Seconds, Meridian, DSTmode) if (Year < 0) Year = -Year; - if (Year < 100) + if (Year < 1900) Year += 1900; DaysInMonth[1] = Year % 4 == 0 && (Year % 100 != 0 || Year % 400 == 0) ? 29 : 28; if (Year < EPOCH + || Year > EPOCH_END || Month < 1 || Month > 12 /* Lint fluff: "conversion from long may lose accuracy" */ || Day < 1 || Day > DaysInMonth[(int)--Month]) @@ -661,6 +663,7 @@ RelativeMonth(Start, RelMonth) struct tm *tm; time_t Month; time_t Year; + time_t ret; if (RelMonth == 0) return 0; @@ -668,10 +671,12 @@ RelativeMonth(Start, RelMonth) Month = 12 * tm->tm_year + tm->tm_mon + RelMonth; Year = Month / 12; Month = Month % 12 + 1; - return DSTcorrect(Start, - Convert(Month, (time_t)tm->tm_mday, Year, - (time_t)tm->tm_hour, (time_t)tm->tm_min, (time_t)tm->tm_sec, - MER24, DSTmaybe)); + ret = Convert(Month, (time_t)tm->tm_mday, Year, + (time_t)tm->tm_hour, (time_t)tm->tm_min, (time_t)tm->tm_sec, + MER24, DSTmaybe); + if (ret == -1) + return ret; + return DSTcorrect(Start, ret); } @@ -861,6 +866,7 @@ get_date(p, now) struct my_timeb ftz; time_t Start; time_t tod; + time_t delta; yyInput = p; if (now == NULL) { @@ -972,7 +978,10 @@ get_date(p, now) * thoroughness? */ Start += yyRelSeconds; - Start += RelativeMonth(Start, yyRelMonth); + delta = RelativeMonth(Start, yyRelMonth); + if (delta == (time_t) -1) + return -1; + Start += delta; /* * Now, if you specified a day of week and counter, add it in. By diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c index d8419de09..591cda469 100644 --- a/src/kadmin/cli/kadmin.c +++ b/src/kadmin/cli/kadmin.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/cli/kadmin_ct.ct b/src/kadmin/cli/kadmin_ct.ct index c1e966f78..9ecef0da7 100644 --- a/src/kadmin/cli/kadmin_ct.ct +++ b/src/kadmin/cli/kadmin_ct.ct @@ -13,7 +13,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/kadmin/cli/ss_wrapper.c b/src/kadmin/cli/ss_wrapper.c index 89e94b36b..d20737ae5 100644 --- a/src/kadmin/cli/ss_wrapper.c +++ b/src/kadmin/cli/ss_wrapper.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/ChangeLog b/src/kadmin/dbutil/ChangeLog index 44ac4d427..9a309bd82 100644 --- a/src/kadmin/dbutil/ChangeLog +++ b/src/kadmin/dbutil/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-07-06 Ken Raeburn * kdb5_util.c (main): Do try using com_err in the case that diff --git a/src/kadmin/dbutil/Makefile.in b/src/kadmin/dbutil/Makefile.in index 7567d76cd..8f6e20d29 100644 --- a/src/kadmin/dbutil/Makefile.in +++ b/src/kadmin/dbutil/Makefile.in @@ -2,7 +2,8 @@ thisconfigdir=./.. myfulldir=kadmin/dbutil mydir=dbutil BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -DKDB4_DISABLE -I. $(LOCALINCLUDE) @KRB4_INCLUDES@ +DEFINES = -DKDB4_DISABLE +LOCALINCLUDES = -I. @KRB4_INCLUDES@ PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/kadmin/dbutil/dump.c b/src/kadmin/dbutil/dump.c index e0db37bb2..4378e310c 100644 --- a/src/kadmin/dbutil/dump.c +++ b/src/kadmin/dbutil/dump.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/dumpv4.c b/src/kadmin/dbutil/dumpv4.c index 9eb203c3a..84a505dc9 100644 --- a/src/kadmin/dbutil/dumpv4.c +++ b/src/kadmin/dbutil/dumpv4.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_create.c b/src/kadmin/dbutil/kdb5_create.c index 5aa7ae11e..8cfa6e7a0 100644 --- a/src/kadmin/dbutil/kdb5_create.c +++ b/src/kadmin/dbutil/kdb5_create.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_destroy.c b/src/kadmin/dbutil/kdb5_destroy.c index c5f47ca2f..51fe7ac01 100644 --- a/src/kadmin/dbutil/kdb5_destroy.c +++ b/src/kadmin/dbutil/kdb5_destroy.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_edit.M b/src/kadmin/dbutil/kdb5_edit.M index 4281ac947..217c266b1 100644 --- a/src/kadmin/dbutil/kdb5_edit.M +++ b/src/kadmin/dbutil/kdb5_edit.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/kadmin/dbutil/kdb5_stash.c b/src/kadmin/dbutil/kdb5_stash.c index c682f3a56..419d14f66 100644 --- a/src/kadmin/dbutil/kdb5_stash.c +++ b/src/kadmin/dbutil/kdb5_stash.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_util.c b/src/kadmin/dbutil/kdb5_util.c index e421f15ec..92b1c2139 100644 --- a/src/kadmin/dbutil/kdb5_util.c +++ b/src/kadmin/dbutil/kdb5_util.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/kdb5_util.h b/src/kadmin/dbutil/kdb5_util.h index b580e2f6a..843b7dd99 100644 --- a/src/kadmin/dbutil/kdb5_util.h +++ b/src/kadmin/dbutil/kdb5_util.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/loadv4.c b/src/kadmin/dbutil/loadv4.c index b7df142bd..fb9c2e186 100644 --- a/src/kadmin/dbutil/loadv4.c +++ b/src/kadmin/dbutil/loadv4.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/tcl_wrapper.c b/src/kadmin/dbutil/tcl_wrapper.c index 10b860c9f..ab4f25b19 100644 --- a/src/kadmin/dbutil/tcl_wrapper.c +++ b/src/kadmin/dbutil/tcl_wrapper.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/dbutil/util.c b/src/kadmin/dbutil/util.c index 5fdb7aad2..246a6cb74 100644 --- a/src/kadmin/dbutil/util.c +++ b/src/kadmin/dbutil/util.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/kdbkeys/ChangeLog b/src/kadmin/kdbkeys/ChangeLog index 366acc8c7..75ff5d1d3 100644 --- a/src/kadmin/kdbkeys/ChangeLog +++ b/src/kadmin/kdbkeys/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/kdbkeys/Makefile.in b/src/kadmin/kdbkeys/Makefile.in index aeda38f05..139d4d234 100644 --- a/src/kadmin/kdbkeys/Makefile.in +++ b/src/kadmin/kdbkeys/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=kadmin/kdbkeys mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG = kdbkeys OBJS = kdbkeys.o diff --git a/src/kadmin/ktutil/ChangeLog b/src/kadmin/ktutil/ChangeLog index 87f8244b3..f03ed07ba 100644 --- a/src/kadmin/ktutil/ChangeLog +++ b/src/kadmin/ktutil/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/ktutil/Makefile.in b/src/kadmin/ktutil/Makefile.in index b04307864..e0436182a 100644 --- a/src/kadmin/ktutil/Makefile.in +++ b/src/kadmin/ktutil/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=kadmin/ktutil mydir=ktutil BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(KRB4_INCLUDES) +LOCALINCLUDES = $(KRB4_INCLUDES) PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/kadmin/ktutil/ktutil.c b/src/kadmin/ktutil/ktutil.c index 0106ed758..105df1ecc 100644 --- a/src/kadmin/ktutil/ktutil.c +++ b/src/kadmin/ktutil/ktutil.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/ktutil/ktutil.h b/src/kadmin/ktutil/ktutil.h index 0f14defb7..be097226b 100644 --- a/src/kadmin/ktutil/ktutil.h +++ b/src/kadmin/ktutil/ktutil.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/ktutil/ktutil_ct.ct b/src/kadmin/ktutil/ktutil_ct.ct index 1f0269f6d..0ddb9f30d 100644 --- a/src/kadmin/ktutil/ktutil_ct.ct +++ b/src/kadmin/ktutil/ktutil_ct.ct @@ -13,7 +13,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c index 8429169f3..d1401614a 100644 --- a/src/kadmin/ktutil/ktutil_funcs.c +++ b/src/kadmin/ktutil/ktutil_funcs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/passwd/ChangeLog b/src/kadmin/passwd/ChangeLog index 945b32165..3833b63d6 100644 --- a/src/kadmin/passwd/ChangeLog +++ b/src/kadmin/passwd/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/passwd/Makefile.in b/src/kadmin/passwd/Makefile.in index 98cf83b3c..39d0830ce 100644 --- a/src/kadmin/passwd/Makefile.in +++ b/src/kadmin/passwd/Makefile.in @@ -2,7 +2,8 @@ thisconfigdir=./.. myfulldir=kadmin/passwd mydir=passwd BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) -I. -DUSE_KADM5_API_VERSION=1 +LOCALINCLUDES = -I. +DEFINES = -DUSE_KADM5_API_VERSION=1 PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) LOCAL_SUBDIRS = unit-test diff --git a/src/kadmin/passwd/kpasswd.M b/src/kadmin/passwd/kpasswd.M index c3da8ae31..185c1f595 100644 --- a/src/kadmin/passwd/kpasswd.M +++ b/src/kadmin/passwd/kpasswd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog index 4d0db1218..711f7ef3d 100644 --- a/src/kadmin/server/ChangeLog +++ b/src/kadmin/server/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Tue May 11 23:59:55 1999 Theodore Y. Ts'o * ovsec_kadmd.c (main): Fix how we specify the OID. diff --git a/src/kadmin/server/Makefile.in b/src/kadmin/server/Makefile.in index 73029d4b3..8728a1f9a 100644 --- a/src/kadmin/server/Makefile.in +++ b/src/kadmin/server/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=kadmin/server mydir=server BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/kadmin/testing/ChangeLog b/src/kadmin/testing/ChangeLog index 065383b17..d97c7dd77 100644 --- a/src/kadmin/testing/ChangeLog +++ b/src/kadmin/testing/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/testing/Makefile.in b/src/kadmin/testing/Makefile.in index c189bf887..be5b5a8d2 100644 --- a/src/kadmin/testing/Makefile.in +++ b/src/kadmin/testing/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=kadmin/testing mydir=testing BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) LOCAL_SUBDIRS = scripts util all:: diff --git a/src/kadmin/testing/util/ChangeLog b/src/kadmin/testing/util/ChangeLog index 1cfaf88da..e3d88d1d2 100644 --- a/src/kadmin/testing/util/ChangeLog +++ b/src/kadmin/testing/util/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/testing/util/Makefile.in b/src/kadmin/testing/util/Makefile.in index 43d933435..237254347 100644 --- a/src/kadmin/testing/util/Makefile.in +++ b/src/kadmin/testing/util/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./../.. myfulldir=kadmin/testing/util mydir=testing/util BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) $(TCL_INCLUDES) +LOCALINCLUDES = $(TCL_INCLUDES) PROG_LIBPATH=-L$(TOPLIBD) $(TCL_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR)$(TCL_RPATH) diff --git a/src/kadmin/v4server/ChangeLog b/src/kadmin/v4server/ChangeLog index 852f32b32..c036eb83e 100644 --- a/src/kadmin/v4server/ChangeLog +++ b/src/kadmin/v4server/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Tue Jan 12 18:26:48 1999 Tom Yu * Makefile.in (CFLAGS): PW_CHECK functionality now in DEFS. diff --git a/src/kadmin/v4server/Makefile.in b/src/kadmin/v4server/Makefile.in index f7ff7affd..43b19e137 100644 --- a/src/kadmin/v4server/Makefile.in +++ b/src/kadmin/v4server/Makefile.in @@ -2,15 +2,14 @@ thisconfigdir=./.. myfulldir=kadmin/v4server mydir=v4server BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) \ - -DKADM5 -DNEED_SOCKETS @HESIOD_DEFS@ +DEFINES = -DKADM5 -DNEED_SOCKETS @HESIOD_DEFS@ PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR) LOCAL_SUBDIRS = unit-test HESIOD_LIBS=@HESIOD_LIBS@ -LOCALINCLUDE = $(KRB4_INCLUDES) -I. -I$(srcdir) +LOCALINCLUDES = $(KRB4_INCLUDES) -I. -I$(srcdir) PROG = kadmind4 OBJS = kadm_server.o admin_server.o kadm_ser_wrap.o \ diff --git a/src/kadmin/v4server/unit-test/ChangeLog b/src/kadmin/v4server/unit-test/ChangeLog index 5de301820..ebc0d2e42 100644 --- a/src/kadmin/v4server/unit-test/ChangeLog +++ b/src/kadmin/v4server/unit-test/ChangeLog @@ -1,3 +1,11 @@ +1999-08-31 Ken Raeburn + + * lib/helpers.exp (unexpire): Move expiration date ahead a few + decades. + + * Makefile.in (check- check-ok): Disable tests until the tests get + updated for non-OVSEC mode, etc. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/kadmin/v4server/unit-test/Makefile.in b/src/kadmin/v4server/unit-test/Makefile.in index 783c26ddf..b1f9c6346 100644 --- a/src/kadmin/v4server/unit-test/Makefile.in +++ b/src/kadmin/v4server/unit-test/Makefile.in @@ -8,13 +8,19 @@ BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) check:: check-@DO_V4_TEST@ -check-:: +# When the tests get updated, nuke this and delete "-not" from the next two. +check- check-ok:: + @echo "+++" + @echo "+++ WARNING: kadmin/v4server unit tests out of date; not run." + @echo "+++" + +check--not:: @echo "+++" @echo "+++ WARNING: kadmin/v4server unit tests not run." @echo "+++ Either Athena compatibility, tcl, runtest, or Perl is unavailable." @echo "+++" -check-ok unit-test:: unit-test-setup unit-test-body unit-test-cleanup +check-ok-not unit-test:: unit-test-setup unit-test-body unit-test-cleanup unit-test-setup:: $(ENV_SETUP) $(START_SERVERS_LOCAL) -v4files -kdcport 750 -keysalt des-cbc-crc:v4 diff --git a/src/kadmin/v4server/unit-test/lib/helpers.exp b/src/kadmin/v4server/unit-test/lib/helpers.exp index 8338d3703..a3087dc14 100644 --- a/src/kadmin/v4server/unit-test/lib/helpers.exp +++ b/src/kadmin/v4server/unit-test/lib/helpers.exp @@ -215,7 +215,7 @@ proc unexpire { name fullname } { # While we're at it, make sure they aren't expired. exp_prog "$name: kadmin.local" $kadmin_local "" 0 { "kadmin.local:" { - send "modprinc -expire \"May 6, 1999\" $fullname\n" + send "modprinc -expire \"May 6, 2029\" $fullname\n" } } { -re "Principal .* modified." { send "quit\n" } diff --git a/src/kadmin/v5passwdd/ChangeLog b/src/kadmin/v5passwdd/ChangeLog index fee9216bc..f94ed38bf 100644 --- a/src/kadmin/v5passwdd/ChangeLog +++ b/src/kadmin/v5passwdd/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Tue May 11 11:39:36 1999 Ezra Peisach * main.c: Remove include of gssapi_krb5.h - no longer needed. diff --git a/src/kadmin/v5passwdd/Makefile.in b/src/kadmin/v5passwdd/Makefile.in index 9b189d41b..853237030 100644 --- a/src/kadmin/v5passwdd/Makefile.in +++ b/src/kadmin/v5passwdd/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=kadmin/v5passwdd mydir=v5passwdd BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/kadmin/v5passwdd/adm_conn.c b/src/kadmin/v5passwdd/adm_conn.c index 4d888782a..2a3ea585e 100644 --- a/src/kadmin/v5passwdd/adm_conn.c +++ b/src/kadmin/v5passwdd/adm_conn.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/adm_rw.c b/src/kadmin/v5passwdd/adm_rw.c index 334ad9d13..2a5e48e23 100644 --- a/src/kadmin/v5passwdd/adm_rw.c +++ b/src/kadmin/v5passwdd/adm_rw.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/kadm5_defs.h b/src/kadmin/v5passwdd/kadm5_defs.h index 67339bc15..08650bd83 100644 --- a/src/kadmin/v5passwdd/kadm5_defs.h +++ b/src/kadmin/v5passwdd/kadm5_defs.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/kpasswd.c b/src/kadmin/v5passwdd/kpasswd.c index e9785858b..f8a04ae8b 100644 --- a/src/kadmin/v5passwdd/kpasswd.c +++ b/src/kadmin/v5passwdd/kpasswd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/proto_serv.c b/src/kadmin/v5passwdd/proto_serv.c index 5978786a2..6c7e22772 100644 --- a/src/kadmin/v5passwdd/proto_serv.c +++ b/src/kadmin/v5passwdd/proto_serv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/srv_net.c b/src/kadmin/v5passwdd/srv_net.c index a16a0bffd..94a93128e 100644 --- a/src/kadmin/v5passwdd/srv_net.c +++ b/src/kadmin/v5passwdd/srv_net.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kadmin/v5passwdd/v5passwd.M b/src/kadmin/v5passwdd/v5passwd.M index 90688a8db..bdea7784f 100644 --- a/src/kadmin/v5passwdd/v5passwd.M +++ b/src/kadmin/v5passwdd/v5passwd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/kdc/ChangeLog b/src/kdc/ChangeLog index 40d581f31..287db8a5b 100644 --- a/src/kdc/ChangeLog +++ b/src/kdc/ChangeLog @@ -1,3 +1,46 @@ +2000-05-17 Tom Yu + + * kerberos_v4.c (process_v4): Zero out v4_pkt.mbz. + (kerberos_v4): Fix handling of APPL_REQUEST messages to deal with + ridiculously long realms, etc. Fix up some calls to + kerb_err_reply() to be more useful. Set req_*_ptr before any + possible calls to kerb_err_reply(). + +2000-05-11 Nalin Dahyabhai + + * kerberos_v4.c (process_v4): Don't assume that the realm is null- + terminated. + (set_tgtkey): Truncate realm name if it's too long. + +2000-04-28 Ken Raeburn + Nalin Dahyabhai + + * kerberos_v4.c (kerb_err_reply): Use strncat so as not to overrun + error buffer. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-13 Tom Yu + + * do_tgs_req.c (process_tgs_req): Don't try to take the 2nd + component of a principal that doesn't have 2 components. + +1999-08-18 Tom Yu + + * kerberos_v4.c (compat_decrypt_key): Align DES3 enctypes with + current names. + (kerb_get_principal): Align DES3 enctypes with current names. + +1999-08-17 Ken Raeburn + + * kdc_util.c (select_session_keytype): If none of the requested + ktypes are NULL or single-DES, force des-cbc-crc. + 1999-06-30 Ken Raeburn * Makefile.in (CFLAGS): Define NOCACHE. diff --git a/src/kdc/Makefile.in b/src/kdc/Makefile.in index b23d8ab0b..58b0e4f08 100644 --- a/src/kdc/Makefile.in +++ b/src/kdc/Makefile.in @@ -6,7 +6,7 @@ BUILDTOP=$(REL)$(U) # -DNOCACHE - disable lookaside cache, which is used to resend previous # response to replay (i.e., *don't* define this if you # define USE_RCACHE) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) -DNOCACHE +DEFINES = -DNOCACHE RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR) @@ -15,7 +15,7 @@ all:: krb5kdc rtest # DEFINES = -DBACKWARD_COMPAT $(KRB4DEF) -LOCALINCLUDE = @KRB4_INCLUDES@ -I. +LOCALINCLUDES = @KRB4_INCLUDES@ -I. SRCS= \ kdc5_err.c \ $(srcdir)/dispatch.c \ diff --git a/src/kdc/dispatch.c b/src/kdc/dispatch.c index 824a3af0d..43b612ad5 100644 --- a/src/kdc/dispatch.c +++ b/src/kdc/dispatch.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/do_as_req.c b/src/kdc/do_as_req.c index 34eeb66c1..158747ee5 100644 --- a/src/kdc/do_as_req.c +++ b/src/kdc/do_as_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/do_tgs_req.c b/src/kdc/do_tgs_req.c index 7faf748da..e5c6d1ac7 100644 --- a/src/kdc/do_tgs_req.c +++ b/src/kdc/do_tgs_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -167,15 +170,19 @@ tgt_again: * should do our best to find such a TGS in this db */ if (firstpass && krb5_is_tgs_principal(request->server) == TRUE) { - krb5_data *server_1 = krb5_princ_component(kdc_context, request->server, 1); - krb5_data *tgs_1 = krb5_princ_component(kdc_context, tgs_server, 1); - - if (server_1->length != tgs_1->length || - memcmp(server_1->data, tgs_1->data, tgs_1->length)) { - krb5_db_free_principal(kdc_context, &server, nprincs); - find_alternate_tgs(request, &server, &more, &nprincs); - firstpass = 0; - goto tgt_again; + if (krb5_princ_size(kdc_context, request->server) == 2) { + krb5_data *server_1 = + krb5_princ_component(kdc_context, request->server, 1); + krb5_data *tgs_1 = + krb5_princ_component(kdc_context, tgs_server, 1); + + if (server_1->length != tgs_1->length || + memcmp(server_1->data, tgs_1->data, tgs_1->length)) { + krb5_db_free_principal(kdc_context, &server, nprincs); + find_alternate_tgs(request, &server, &more, &nprincs); + firstpass = 0; + goto tgt_again; + } } } krb5_db_free_principal(kdc_context, &server, nprincs); @@ -707,6 +714,12 @@ int *nprincs; *nprincs = 0; *more = FALSE; + /* + * Call to krb5_princ_component is normally not safe but is so + * here only because find_alternate_tgs() is only called from + * somewhere that has already checked the number of components in + * the principal. + */ if ((retval = krb5_walk_realm_tree(kdc_context, krb5_princ_realm(kdc_context, request->server), krb5_princ_component(kdc_context, request->server, 1), diff --git a/src/kdc/extern.c b/src/kdc/extern.c index c3f92ac07..1c636e03e 100644 --- a/src/kdc/extern.c +++ b/src/kdc/extern.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/extern.h b/src/kdc/extern.h index c31e5c70e..3757672c0 100644 --- a/src/kdc/extern.h +++ b/src/kdc/extern.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/kdc5_err.et b/src/kdc/kdc5_err.et index ab3feb10c..9d0ce877c 100644 --- a/src/kdc/kdc5_err.et +++ b/src/kdc/kdc5_err.et @@ -15,7 +15,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/kdc/kdc_preauth.c b/src/kdc/kdc_preauth.c index d1b1b3637..b1d56144e 100644 --- a/src/kdc/kdc_preauth.c +++ b/src/kdc/kdc_preauth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/kdc_util.c b/src/kdc/kdc_util.c index 51d4d7807..30f7338c3 100644 --- a/src/kdc/kdc_util.c +++ b/src/kdc/kdc_util.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -1389,15 +1392,39 @@ select_session_keytype(context, server, nktypes, ktype) krb5_enctype *ktype; { int i; + krb5_enctype dfl = 0; for (i = 0; i < nktypes; i++) { if (!valid_enctype(ktype[i])) continue; - if (dbentry_supports_enctype(context, server, ktype[i])) - return (ktype[i]); + if (dbentry_supports_enctype(context, server, ktype[i])) { + switch (ktype[i]) { + case ENCTYPE_NULL: + case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES_CBC_MD4: + case ENCTYPE_DES_CBC_MD5: + case ENCTYPE_DES_CBC_RAW: + case ENCTYPE_DES_HMAC_SHA1: + return ktype[i]; + + default: + /* For now, too much of our code supports only + single-DES. For example, the GSSAPI Kerberos + mechanism needs to be modified. If someone tries + using other key types, force single-DES for the + session key. + + This weird way of setting it here is so that a + requested single-DES enctype listed after DES3 can + be used, and this fallback enctype will be used + only if *no* single-DES enctypes were requested. */ + dfl = ENCTYPE_DES_CBC_CRC; + break; + } + } } - return 0; + return dfl; } /* diff --git a/src/kdc/kdc_util.h b/src/kdc/kdc_util.h index 6e8789239..d985708cf 100644 --- a/src/kdc/kdc_util.h +++ b/src/kdc/kdc_util.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/kerberos_v4.c b/src/kdc/kerberos_v4.c index 4dbd4252c..6629c3e35 100644 --- a/src/kdc/kerberos_v4.c +++ b/src/kdc/kerberos_v4.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -230,11 +233,11 @@ krb5_data **resp; return(retval); if (!*local_realm) { /* local-realm name already set up */ - /* XXX assumes realm is null-terminated! */ lrealm = master_princ->realm.data; - if (strlen(lrealm) < sizeof(local_realm)) - strcpy(local_realm, lrealm); - else + if (master_princ->realm.length < sizeof(local_realm)) { + memcpy(local_realm, lrealm, master_princ->realm.length); + local_realm[master_princ->realm.length] = '\0'; + } else retval = KRB5_CONFIG_NOTENUFSPACE; } /* convert client_fulladdr to client_sockaddr: @@ -253,6 +256,7 @@ krb5_data **resp; return KRB5KRB_ERR_FIELD_TOOLONG; } v4_pkt.length = pkt->length; + v4_pkt.mbz = 0; memcpy( v4_pkt.dat, pkt->data, pkt->length); kerberos_v4( &client_sockaddr, &v4_pkt); @@ -290,7 +294,7 @@ char * v4_klog( type, format, va_alist) case L_APPL_REQ: strcpy(log_text, "PROCESS_V4:"); vsprintf(log_text+strlen(log_text), format, pvar); - krb5_klog_syslog(logpri, log_text); + krb5_klog_syslog(logpri, "%s", log_text); /* ignore the other types... */ } va_end(pvar); @@ -384,7 +388,7 @@ compat_decrypt_key (in5, out4, out5, issrv) retval = -1; } else { /* KLUDGE! If it's a non-raw des3 key, bash its enctype */ - if (out5->enctype == ENCTYPE_DES3_HMAC_SHA1 || + if (out5->enctype == ENCTYPE_DES3_CBC_SHA1 || out5->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1) out5->enctype = ENCTYPE_DES3_CBC_RAW; } @@ -486,7 +490,7 @@ kerb_get_principal(name, inst, principal, maxn, more, k5key, kvno, issrv) ENCTYPE_LOCAL_DES3_HMAC_SHA1, -1, kvno, &pkey) && krb5_dbe_find_enctype(kdc_context, &entries, - ENCTYPE_DES3_HMAC_SHA1, + ENCTYPE_DES3_CBC_SHA1, -1, kvno, &pkey) && krb5_dbe_find_enctype(kdc_context, &entries, ENCTYPE_DES_CBC_CRC, @@ -619,6 +623,9 @@ kerberos_v4(client, pkt) req_act_vno = req_version; + /* set these to point to something safe */ + req_name_ptr = req_inst_ptr = req_realm_ptr = ""; + /* check if disabled, but we tell client */ if (kdc_v4 == KDC_V4_DISABLE) { lt = klog(L_KRB_PERR, @@ -697,7 +704,7 @@ kerberos_v4(client, pkt) if ((i = check_princ(req_name_ptr, req_inst_ptr, 0, &a_name_data, &k5key, 0))) { - kerb_err_reply(client, pkt, i, lt); + kerb_err_reply(client, pkt, i, "check_princ failed"); a_name_data.key_low = a_name_data.key_high = 0; krb5_free_keyblock_contents(kdc_context, &k5key); return; @@ -712,7 +719,7 @@ kerberos_v4(client, pkt) /* this does all the checking */ if ((i = check_princ(service, instance, lifetime, &s_name_data, &k5key, 1))) { - kerb_err_reply(client, pkt, i, lt); + kerb_err_reply(client, pkt, i, "check_princ failed"); a_name_data.key_high = a_name_data.key_low = 0; s_name_data.key_high = s_name_data.key_low = 0; krb5_free_keyblock_contents(kdc_context, &k5key); @@ -803,19 +810,40 @@ kerberos_v4(client, pkt) tk->length = 0; k_flags = 0; /* various kerberos flags */ + auth->mbz = 0; /* pkt->mbz already zeroed */ auth->length = 4 + strlen((char *)pkt->dat + 3); + if (auth->length + 1 > MAX_KTXT_LEN) { + lt = klog(L_KRB_PERR, + "APPL request with realm length too long from %s", + inet_ntoa(client_host)); + kerb_err_reply(client, pkt, RD_AP_INCON, + "realm length too long"); + return; + } + auth->length += (int) *(pkt->dat + auth->length) + (int) *(pkt->dat + auth->length + 1) + 2; + if (auth->length > MAX_KTXT_LEN) { + lt = klog(L_KRB_PERR, + "APPL request with funky tkt or req_id length from %s", + inet_ntoa(client_host)); + kerb_err_reply(client, pkt, RD_AP_INCON, + "funky tkt or req_id length"); + return; + } memcpy(auth->dat, pkt->dat, auth->length); strncpy(tktrlm, (char *)auth->dat + 3, REALM_SZ); + tktrlm[REALM_SZ-1] = '\0'; kvno = (krb5_kvno)auth->dat[2]; if (set_tgtkey(tktrlm, kvno)) { lt = klog(L_ERR_UNK, "FAILED set_tgtkey realm %s, kvno %d. Host: %s ", tktrlm, kvno, inet_ntoa(client_host)); - kerb_err_reply(client, pkt, kerno, lt); + /* no better error code */ + kerb_err_reply(client, pkt, + KERB_ERR_PRINCIPAL_UNKNOWN, lt); return; } kerno = krb_rd_req(auth, "krbtgt", tktrlm, client_host.s_addr, @@ -860,7 +888,7 @@ kerberos_v4(client, pkt) kerno = check_princ(service, instance, req_life, &s_name_data, &k5key, 1); if (kerno) { - kerb_err_reply(client, pkt, kerno, lt); + kerb_err_reply(client, pkt, kerno, "check_princ failed"); s_name_data.key_high = s_name_data.key_low = 0; krb5_free_keyblock_contents(kdc_context, &k5key); return; @@ -965,7 +993,7 @@ kerb_err_reply(client, pkt, err, string) static char e_msg[128]; strcpy(e_msg, "\nKerberos error -- "); - strcat(e_msg, string); + strncat(e_msg, string, sizeof(e_msg) - 1 - 19); cr_err_reply(e_pkt, req_name_ptr, req_inst_ptr, req_realm_ptr, req_time_ws, err, e_msg); krb4_sendto(f, (char *) e_pkt->dat, e_pkt->length, 0, @@ -1124,7 +1152,8 @@ set_tgtkey(r, kvno) if (!K4KDC_ENCTYPE_OK(k5key.enctype)) { krb_set_key_krb5(kdc_context, &k5key); - strcpy(lastrealm, r); + strncpy(lastrealm, r, sizeof(lastrealm) - 1); + lastrealm[sizeof(lastrealm) - 1] = '\0'; last_kvno = kvno; } else { /* unseal tgt key from master key */ @@ -1133,7 +1162,8 @@ set_tgtkey(r, kvno) kdb_encrypt_key(key, key, master_key, master_key_schedule, DECRYPT); krb_set_key((char *) key, 0); - strcpy(lastrealm, r); + strncpy(lastrealm, r, sizeof(lastrealm) - 1); + lastrealm[sizeof(lastrealm) - 1] = '\0'; last_kvno = kvno; } krb5_free_keyblock_contents(kdc_context, &k5key); diff --git a/src/kdc/krb5kdc.M b/src/kdc/krb5kdc.M index 5402f5d29..700d6537a 100644 --- a/src/kdc/krb5kdc.M +++ b/src/kdc/krb5kdc.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" " diff --git a/src/kdc/main.c b/src/kdc/main.c index 78b0a9949..66fb3c571 100644 --- a/src/kdc/main.c +++ b/src/kdc/main.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/network.c b/src/kdc/network.c index edc172dff..3ff47e0f0 100644 --- a/src/kdc/network.c +++ b/src/kdc/network.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/policy.c b/src/kdc/policy.c index 236224ae0..60e7ffea5 100644 --- a/src/kdc/policy.c +++ b/src/kdc/policy.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/policy.h b/src/kdc/policy.h index dd359c96f..ce2c31c78 100644 --- a/src/kdc/policy.h +++ b/src/kdc/policy.h @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/replay.c b/src/kdc/replay.c index c3ff2a969..edc7ad68e 100644 --- a/src/kdc/replay.c +++ b/src/kdc/replay.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/rtest.c b/src/kdc/rtest.c index 6bb191a43..e5f1d896a 100644 --- a/src/kdc/rtest.c +++ b/src/kdc/rtest.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/kdc/rtscript b/src/kdc/rtscript index 3a98ea3ae..8803e3325 100644 --- a/src/kdc/rtscript +++ b/src/kdc/rtscript @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/krb524/ChangeLog b/src/krb524/ChangeLog index 878955552..e3c656b57 100644 --- a/src/krb524/ChangeLog +++ b/src/krb524/ChangeLog @@ -1,3 +1,18 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-18 Tom Yu + + * krb524d.c (do_connection): Convert to using new symbol for + DES3. + + * cnv_tkt_skey.c (krb524_convert_tkt_skey): Convert to using new + symbol for DES3. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/krb524/Makefile.in b/src/krb524/Makefile.in index 190a1a623..d64c3eb38 100644 --- a/src/krb524/Makefile.in +++ b/src/krb524/Makefile.in @@ -29,13 +29,13 @@ LIBMINOR=0 RELDIR=../krb524 STOBJLISTS=OBJS.ST -CFLAGS = $(CCOPTS) -DUSE_MASTER $(DEFS) $(LOCALINCLUDE) +DEFINES = -DUSE_MASTER PROG_LIBPATH=-L$(TOPLIBD) $(KRB4_LIBPATH) PROG_RPATH=$(KRB5_LIBDIR) KRB524_DEPLIB = libkrb524.a KRB524_LIB = libkrb524.a -LOCALINCLUDE= $(KRB4_INCLUDES) -I. -I$(srcdir) +LOCALINCLUDES= $(KRB4_INCLUDES) -I. -I$(srcdir) # Library sources SRCS = conv_creds.c conv_princ.c cnv_tkt_skey.c \ diff --git a/src/krb524/cnv_tkt_skey.c b/src/krb524/cnv_tkt_skey.c index 4c51b6777..fc25246cd 100644 --- a/src/krb524/cnv_tkt_skey.c +++ b/src/krb524/cnv_tkt_skey.c @@ -170,7 +170,7 @@ int krb524_convert_tkt_skey(context, v5tkt, v4tkt, v5_skey, v4_skey, v4_skey->contents); } else { /* Force enctype to be raw if using DES3. */ - if (v4_skey->enctype == ENCTYPE_DES3_HMAC_SHA1 || + if (v4_skey->enctype == ENCTYPE_DES3_CBC_SHA1 || v4_skey->enctype == ENCTYPE_LOCAL_DES3_HMAC_SHA1) v4_skey->enctype = ENCTYPE_DES3_CBC_RAW; ret = krb_cr_tkt_krb5(v4tkt, diff --git a/src/krb524/krb524d.c b/src/krb524/krb524d.c index 1afeec2dc..cad0e3160 100644 --- a/src/krb524/krb524d.c +++ b/src/krb524/krb524d.c @@ -307,7 +307,7 @@ krb5_error_code do_connection(s, context) 0, &v4_service_key, &v4kvno)) && (ret = lookup_service_key(context, v5tkt->server, - ENCTYPE_DES3_HMAC_SHA1, + ENCTYPE_DES3_CBC_SHA1, 0, &v4_service_key, &v4kvno)) && (ret = lookup_service_key(context, v5tkt->server, diff --git a/src/krb524/sendmsg.c b/src/krb524/sendmsg.c index bd22c6635..77e8f3bf7 100644 --- a/src/krb524/sendmsg.c +++ b/src/krb524/sendmsg.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/ChangeLog b/src/lib/ChangeLog index b8498cad6..6edfd02e1 100644 --- a/src/lib/ChangeLog +++ b/src/lib/ChangeLog @@ -1,3 +1,29 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Use DLL_LINKOPTS to link DLL. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-09 Danilo Almeida + + * winsock.def, comerr16.def, gssapi16.def, krb4_16.def, + krb5_16.def, sapgss16.def, sapkrb16.def, xpprof16.def: Remove + obsolete DEF files. + +1999-09-08 Danilo Almeida + + * Makefile.in: Remove dependence of mit directory for version + server support. Remove references to SAP. Remove DNS defines. + +1999-08-26 Danilo Almeida + + * krb5_32.def: Export krb5_kuserok. + 1999-07-22 Jeffrey Altman * krb5_32.def diff --git a/src/lib/Makefile.in b/src/lib/Makefile.in index 8f053e4d1..7c145c6db 100644 --- a/src/lib/Makefile.in +++ b/src/lib/Makefile.in @@ -3,10 +3,6 @@ myfulldir=lib mydir=lib MY_SUBDIRS=crypto krb5 des425 @KRB4@ krb5util kdb gssapi rpc kadm5 BUILDTOP=$(REL)$(U) -CFLAGS = $(CCOPTS) $(DEFS) - -##DOS##BUILDTOP = .. -##DOS##VERS_DIR = \vers MAC_SUBDIRS = crypto krb5 gssapi @@ -27,14 +23,16 @@ clean-windows:: # Windows stuff to make krb5 and gssapi DLLs. -##DOS##VERLIBS=$(BUILDTOP)\mit\windows\lib\$(CPU)\vsnt.lib -##DOS##!if defined(KRB5_USE_DNS) -##DOS##DNSLIBS= $(BUILDTOP)\mit\windows\lib\$(CPU)\wshelp32.lib -##DOS##!else -##DOS##DNSLIBS= -##DOS##!endif -##MIT##MITLIBS= $(VERLIBS) $(DNSLIBS) -##MIT##MITFLAGS=-I$(BUILDTOP)\mit\windows\include /DVERSERV=1 +##MIT##!if !defined(VS_INC) +##MIT##!message Must define VS_INC to point to version server include dir! +##MIT##!error +##MIT##!endif +##MIT##!if !defined(VS_LIB) +##MIT##!message Must define VS_LIB to point to version server library! +##MIT##!error +##MIT##!endif +##MIT##MITLIBS=$(VS_LIB) +##MIT##MITFLAGS=-I$(VS_INC) /DVERSERV=1 CLIBS = $(BUILDTOP)\util\et\$(OUTPRE)comerr.lib PLIBS = $(BUILDTOP)\util\profile\$(OUTPRE)profile.lib @@ -50,34 +48,23 @@ KDEF = krb5_32.def GDEF = gssapi32.def K4DEF = krb4_32.def -# -# The following kludge is for MIT's SAP/Version server hack -# - -SGDEF = gssapi32.def -SKDEF = krb5_32.def -SGLIB = $(OUTPRE)sapgss32.lib -SKLIB = $(OUTPRE)sapkrb32.lib - KRB5RC = krb5.rc VERSIONRC = $(BUILDTOP)\windows\version.rc WINLIBS = kernel32.lib wsock32.lib user32.lib shell32.lib oldnames.lib \ version.lib advapi32.lib gdi32.lib -WINDLLFLAGS = $(LINKOPTS) -base:0x1c000000 +WINDLLFLAGS = $(DLL_LINKOPTS) -base:0x1c000000 NO_GLUE=$(OUTPRE)no_glue.obj K5_GLUE=$(OUTPRE)k5_glue.obj K4_GLUE=$(OUTPRE)k4_glue.obj GSS_GLUE=$(OUTPRE)gss_glue.obj -SAP_GLUE=$(OUTPRE)sap_glue.obj CGLUE=$(NO_GLUE) PGLUE=$(NO_GLUE) KGLUE=$(K5_GLUE) GGLUE=$(GSS_GLUE) K4GLUE=$(K4_GLUE) -SKGLUE=$(SAP_GLUE) RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY @@ -86,8 +73,6 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32##KRES=$(KLIB:.lib=.res) ##WIN32##GRES=$(GLIB:.lib=.res) ##WIN32##K4RES=$(K4LIB:.lib=.res) -##WIN32##SKRES=$(SKLIB:.lib=.res) -##WIN32##SGRES=$(SGLIB:.lib=.res) ##WIN32##$(CRES): $(VERSIONRC) ##WIN32## $(RC) $(RCFLAGS) -DCE_LIB -fo $@ -r $** @@ -99,10 +84,6 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32## $(RC) $(RCFLAGS) -DKRB4_LIB -fo $@ -r $** ##WIN32##$(GRES): $(VERSIONRC) ##WIN32## $(RC) $(RCFLAGS) -DGSSAPI_LIB -fo $@ -r $** -##WIN32##$(SKRES): $(KRB5RC) -##WIN32## $(RC) $(RCFLAGS) -DSAPKRB_LIB -fo $@ -r $** -##WIN32##$(SGRES): $(VERSIONRC) -##WIN32## $(RC) $(RCFLAGS) -DSAPGSS_LIB -fo $@ -r $** ##WIN32##$(KRB5RC): $(VERSIONRC) ##WIN32##$(CLIB): $(CDEF) $(CLIBS) $(CGLUE) $(CRES) @@ -113,9 +94,9 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32## link $(WINDLLFLAGS) -def:$(PDEF) -out:$*.dll \ ##WIN32## $(PLIBS) $(PGLUE) $(PRES) $(CLIB) $(WINLIBS) -##WIN32##$(KLIB): $(KDEF) $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) +##WIN32##$(KLIB): $(KDEF) $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) $(DNSLIBS) ##WIN32## link $(WINDLLFLAGS) -def:$(KDEF) -out:$*.dll \ -##WIN32## $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) $(WINLIBS) +##WIN32## $(KLIBS) $(KGLUE) $(KRES) $(CLIB) $(MITLIBS) $(DNSLIBS) $(WINLIBS) ##WIN32##$(GLIB): $(GDEF) $(GLIBS) $(GGLUE) $(GRES) $(KLIB) $(CLIB) ##WIN32## link $(WINDLLFLAGS) -def:$(GDEF) -out:$*.dll \ @@ -125,26 +106,14 @@ RCFLAGS=$(CPPFLAGS) -D_WIN32 -D_MSDOS_ -DRES_ONLY ##WIN32## link $(WINDLLFLAGS) -def:$(K4DEF) -out:$*.dll \ ##WIN32## $(K4LIBS) $(K4GLUE) $(K4RES) $(KLIB) $(CLIB) $(PLIB) $(WINLIBS) -##WIN32##$(SKLIB): $(KDEF) $(KLIBS) $(SKGLUE) $(SKRES) $(CLIB) $(MITLIBS) -##WIN32## link $(WINDLLFLAGS) -def:$(KDEF) -out:$*.dll \ -##WIN32## $(KLIBS) $(SKGLUE) $(SKRES) $(CLIB) $(MITLIBS) $(WINLIBS) - -##WIN32##$(SGLIB): $(GDEF) $(GLIBS) $(GGLUE) $(SGRES) $(SKLIB) $(CLIB) $(MITLIBS) -##WIN32## link $(WINDLLFLAGS) -def:$(GDEF) -out:$*.dll \ -##WIN32## $(GLIBS) $(GGLUE) $(SGRES) $(SKLIB) $(CLIB) $(MITLIBS) $(WINLIBS) - -##MIT##lib-windows:: $(SKLIB) $(SGLIB) - $(K5_GLUE): win_glue.c - $(CC) $(CFLAGS) $(MITFLAGS) /c /DKRB5=1 /Fo$@ $** -$(SAP_GLUE): win_glue.c - $(CC) $(CFLAGS) $(MITFLAGS) /DSAP_VERSERV=1 /DKRB5=1 /c /Fo$@ $** + $(CC) $(ALL_CFLAGS) $(MITFLAGS) /c /DKRB5=1 /Fo$@ $** $(K4_GLUE): win_glue.c - $(CC) $(CFLAGS) /c /DKRB4=1 /Fo$@ $** + $(CC) $(ALL_CFLAGS) /c /DKRB4=1 /Fo$@ $** $(GSS_GLUE): win_glue.c - $(CC) $(CFLAGS) /c /DGSSAPI=1 /Fo$@ $** + $(CC) $(ALL_CFLAGS) /c /DGSSAPI=1 /Fo$@ $** $(NO_GLUE): win_glue.c - $(CC) $(CFLAGS) /c /Fo$@ $** + $(CC) $(ALL_CFLAGS) /c /Fo$@ $** # Build Convenience comerr.lib: $(CLIB) diff --git a/src/lib/comerr16.def b/src/lib/comerr16.def deleted file mode 100644 index c85c4bcc7..000000000 --- a/src/lib/comerr16.def +++ /dev/null @@ -1,16 +0,0 @@ -LIBRARY COMERR16 -DESCRIPTION 'DLL for ComErr' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - _com_err - com_err_va - error_message - add_error_table - remove_error_table diff --git a/src/lib/crypto/ChangeLog b/src/lib/crypto/ChangeLog index 7d4cf47d6..1f7ccce17 100644 --- a/src/lib/crypto/ChangeLog +++ b/src/lib/crypto/ChangeLog @@ -1,3 +1,25 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-26 Tom Yu + + * etypes.c: Add aliases "des" for "des-cbc-md5", "des3-hmac-sha1" + and "des3-cbc-sha1-kd" for "des3-cbc-sha1". + + * cksumtypes.c: Add alias "hmac-sha1-des3-kd". + +1999-08-18 Tom Yu + + * etypes.c: Update des3-cbc-sha1 to alignt with new number + assignments. + + * cksumtypes.c: Update hmac-sha1-des3 to align with new number + assignments. + Tue May 18 19:52:56 1999 Danilo Almeida * Makefile.in: Remove - from recursive Win32 make invocation. diff --git a/src/lib/crypto/Makefile.in b/src/lib/crypto/Makefile.in index 27956feea..d86325bf8 100644 --- a/src/lib/crypto/Makefile.in +++ b/src/lib/crypto/Makefile.in @@ -4,7 +4,7 @@ mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) LOCAL_SUBDIRS=crc32 des dk enc_provider hash_provider keyhash_provider \ md4 md5 old raw sha1 -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/enc_provider \ +LOCALINCLUDES = -I$(srcdir)/enc_provider \ -I$(srcdir)/hash_provider -I$(srcdir)/keyhash_provider \ -I$(srcdir)/old -I$(srcdir)/raw -I$(srcdir)/dk diff --git a/src/lib/crypto/cksumtypes.c b/src/lib/crypto/cksumtypes.c index 8107d3b8f..8f3d21175 100644 --- a/src/lib/crypto/cksumtypes.c +++ b/src/lib/crypto/cksumtypes.c @@ -63,8 +63,12 @@ struct krb5_cksumtypes krb5_cksumtypes_list[] = { 0, NULL, &krb5_hash_sha1 }, - { CKSUMTYPE_HMAC_SHA1, KRB5_CKSUMFLAG_DERIVE, - "hmac-sha1", "HMAC-SHA1", + { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE, + "hmac-sha1-des3", "HMAC-SHA1 DES3 key", + 0, NULL, + &krb5_hash_sha1 }, + { CKSUMTYPE_HMAC_SHA1_DES3, KRB5_CKSUMFLAG_DERIVE, + "hmac-sha1-des3-kd", "HMAC-SHA1 DES3 key", /* alias */ 0, NULL, &krb5_hash_sha1 }, }; diff --git a/src/lib/crypto/crc32/ChangeLog b/src/lib/crypto/crc32/ChangeLog index 850d845f3..761f19ee7 100644 --- a/src/lib/crypto/crc32/ChangeLog +++ b/src/lib/crypto/crc32/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:15:59 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/crc32/Makefile.in b/src/lib/crypto/crc32/Makefile.in index 03dbc1519..7136a386a 100644 --- a/src/lib/crypto/crc32/Makefile.in +++ b/src/lib/crypto/crc32/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/crypto/crc32 mydir=crc32 BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=crc32 diff --git a/src/lib/crypto/crc32/crc-32.h b/src/lib/crypto/crc32/crc-32.h index 1b05b9ac6..e366d6970 100644 --- a/src/lib/crypto/crc32/crc-32.h +++ b/src/lib/crypto/crc32/crc-32.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/crc32/crc.c b/src/lib/crypto/crc32/crc.c index 60afb3f4a..313076f92 100644 --- a/src/lib/crypto/crc32/crc.c +++ b/src/lib/crypto/crc32/crc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/crc32/crc32.c b/src/lib/crypto/crc32/crc32.c index 654981fc9..9b2bc4f6a 100644 --- a/src/lib/crypto/crc32/crc32.c +++ b/src/lib/crypto/crc32/crc32.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/crc32/crctest.c b/src/lib/crypto/crc32/crctest.c index 5f4fbd8c0..2f9265a48 100644 --- a/src/lib/crypto/crc32/crctest.c +++ b/src/lib/crypto/crc32/crctest.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/ChangeLog b/src/lib/crypto/des/ChangeLog index 34ac883cc..f5b88409e 100644 --- a/src/lib/crypto/des/ChangeLog +++ b/src/lib/crypto/des/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:16:18 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/des/Makefile.in b/src/lib/crypto/des/Makefile.in index 3e25c4723..2634584f7 100644 --- a/src/lib/crypto/des/Makefile.in +++ b/src/lib/crypto/des/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/crypto/des mydir=des BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=des diff --git a/src/lib/crypto/des/des_int.h b/src/lib/crypto/des/des_int.h index 0f8190861..de8f2a480 100644 --- a/src/lib/crypto/des/des_int.h +++ b/src/lib/crypto/des/des_int.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/destest.c b/src/lib/crypto/des/destest.c index bf442e869..1decbe80a 100644 --- a/src/lib/crypto/des/destest.c +++ b/src/lib/crypto/des/destest.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/key_sched.c b/src/lib/crypto/des/key_sched.c index 651af88ef..c84451dbc 100644 --- a/src/lib/crypto/des/key_sched.c +++ b/src/lib/crypto/des/key_sched.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/string2key.c b/src/lib/crypto/des/string2key.c index 79b7c9cbd..5381fdbc9 100644 --- a/src/lib/crypto/des/string2key.c +++ b/src/lib/crypto/des/string2key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/crypto/des/t_verify.c b/src/lib/crypto/des/t_verify.c index e8a7dc0ee..01b9f7c40 100644 --- a/src/lib/crypto/des/t_verify.c +++ b/src/lib/crypto/des/t_verify.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/des/weak_key.c b/src/lib/crypto/des/weak_key.c index bc6b20264..a64b2f5ad 100644 --- a/src/lib/crypto/des/weak_key.c +++ b/src/lib/crypto/des/weak_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/dk/ChangeLog b/src/lib/crypto/dk/ChangeLog index 1edb32e38..d57857e82 100644 --- a/src/lib/crypto/dk/ChangeLog +++ b/src/lib/crypto/dk/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-06-28 Tom Yu * dk_encrypt.c (krb5_marc_dk_encrypt): Call diff --git a/src/lib/crypto/dk/Makefile.in b/src/lib/crypto/dk/Makefile.in index 88c3ad31c..2b4b14afc 100644 --- a/src/lib/crypto/dk/Makefile.in +++ b/src/lib/crypto/dk/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/crypto/dk mydir=dk BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/.. +LOCALINCLUDES = -I$(srcdir)/.. ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=dk diff --git a/src/lib/crypto/enc_provider/ChangeLog b/src/lib/crypto/enc_provider/ChangeLog index 0a6e666da..9154340ae 100644 --- a/src/lib/crypto/enc_provider/ChangeLog +++ b/src/lib/crypto/enc_provider/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:16:54 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/enc_provider/Makefile.in b/src/lib/crypto/enc_provider/Makefile.in index f757bf66a..e0672a219 100644 --- a/src/lib/crypto/enc_provider/Makefile.in +++ b/src/lib/crypto/enc_provider/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/crypto/enc_provider mydir=enc_provider BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/../des +LOCALINCLUDES = -I$(srcdir)/../des ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=enc_provider diff --git a/src/lib/crypto/etypes.c b/src/lib/crypto/etypes.c index 4d16aa96a..fe4b71033 100644 --- a/src/lib/crypto/etypes.c +++ b/src/lib/crypto/etypes.c @@ -54,6 +54,11 @@ struct krb5_keytypes krb5_enctypes_list[] = { &krb5_enc_des, &krb5_hash_md5, krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt, krb5_des_string_to_key }, + { ENCTYPE_DES_CBC_MD5, + "des", "DES cbc mode with RSA-MD5", /* alias */ + &krb5_enc_des, &krb5_hash_md5, + krb5_old_encrypt_length, krb5_old_encrypt, krb5_old_decrypt, + krb5_des_string_to_key }, { ENCTYPE_DES_CBC_RAW, "des-cbc-raw", "DES cbc mode raw", @@ -66,17 +71,32 @@ struct krb5_keytypes krb5_enctypes_list[] = { krb5_raw_encrypt_length, krb5_raw_encrypt, krb5_raw_decrypt, krb5_dk_string_to_key }, - { ENCTYPE_DES3_HMAC_SHA1, - "des3-hmac-sha1", "Triple DES with HMAC/sha1", + { ENCTYPE_DES3_CBC_SHA1, + "des3-cbc-sha1", "Triple DES cbc mode with HMAC/sha1", &krb5_enc_des3, &krb5_hash_sha1, krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, krb5_dk_string_to_key }, + { ENCTYPE_DES3_CBC_SHA1, /* alias */ + "des3-hmac-sha1", "Triple DES cbc mode with HMAC/sha1", + &krb5_enc_des3, &krb5_hash_sha1, + krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, + krb5_dk_string_to_key }, + { ENCTYPE_DES3_CBC_SHA1, /* alias */ + "des3-cbc-sha1-kd", "Triple DES cbc mode with HMAC/sha1", + &krb5_enc_des3, &krb5_hash_sha1, + krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, + krb5_dk_string_to_key }, + { ENCTYPE_DES_HMAC_SHA1, "des-hmac-sha1", "DES with HMAC/sha1", &krb5_enc_des, &krb5_hash_sha1, krb5_dk_encrypt_length, krb5_dk_encrypt, krb5_dk_decrypt, krb5_dk_string_to_key }, #ifdef ATHENA_DES3_KLUDGE + /* + * If you are using this, you're almost certainly doing the + * Wrong Thing. + */ { ENCTYPE_LOCAL_DES3_HMAC_SHA1, "des3-marc-hmac-sha1", "Triple DES with HMAC/sha1 and 32-bit length code", diff --git a/src/lib/crypto/hash_provider/ChangeLog b/src/lib/crypto/hash_provider/ChangeLog index acdc4b0e7..195d1ea66 100644 --- a/src/lib/crypto/hash_provider/ChangeLog +++ b/src/lib/crypto/hash_provider/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:19:03 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/hash_provider/Makefile.in b/src/lib/crypto/hash_provider/Makefile.in index 1b2c988c5..e5ba5cce7 100644 --- a/src/lib/crypto/hash_provider/Makefile.in +++ b/src/lib/crypto/hash_provider/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/crypto/hash_provider mydir=hash_provider BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/../crc32 -I$(srcdir)/../md4 \ +LOCALINCLUDES = -I$(srcdir)/../crc32 -I$(srcdir)/../md4 \ -I$(srcdir)/../md5 -I$(srcdir)/../sha1 ##DOS##BUILDTOP = ..\..\.. diff --git a/src/lib/crypto/keyhash_provider/ChangeLog b/src/lib/crypto/keyhash_provider/ChangeLog index f1d25b37f..9fcdcada3 100644 --- a/src/lib/crypto/keyhash_provider/ChangeLog +++ b/src/lib/crypto/keyhash_provider/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:19:24 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/keyhash_provider/Makefile.in b/src/lib/crypto/keyhash_provider/Makefile.in index a9317a9b5..50c9d352f 100644 --- a/src/lib/crypto/keyhash_provider/Makefile.in +++ b/src/lib/crypto/keyhash_provider/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/crypto/keyhash_provider mydir=keyhash_provider BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/../des -I$(srcdir)/../md4 \ +LOCALINCLUDES = -I$(srcdir)/../des -I$(srcdir)/../md4 \ -I$(srcdir)/../md5 ##DOS##BUILDTOP = ..\..\.. @@ -30,10 +30,10 @@ includes:: depend depend:: $(SRCS) t_cksum4.o: $(srcdir)/t_cksum.c - $(CC) -DMD=4 $(CFLAGS) -o t_cksum4.o -c $(srcdir)/t_cksum.c + $(CC) -DMD=4 $(ALL_CFLAGS) -o t_cksum4.o -c $(srcdir)/t_cksum.c t_cksum5.o: $(srcdir)/t_cksum.c - $(CC) -DMD=5 $(CFLAGS) -o t_cksum5.o -c $(srcdir)/t_cksum.c + $(CC) -DMD=5 $(ALL_CFLAGS) -o t_cksum5.o -c $(srcdir)/t_cksum.c t_cksum4: t_cksum4.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o t_cksum4 t_cksum4.o $(KRB5_BASE_LIBS) diff --git a/src/lib/crypto/keyhash_provider/t_cksum.c b/src/lib/crypto/keyhash_provider/t_cksum.c index c9eecc7ca..b15310349 100644 --- a/src/lib/crypto/keyhash_provider/t_cksum.c +++ b/src/lib/crypto/keyhash_provider/t_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/md4/ChangeLog b/src/lib/crypto/md4/ChangeLog index 254ecd6a5..2b40477f2 100644 --- a/src/lib/crypto/md4/ChangeLog +++ b/src/lib/crypto/md4/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:19:48 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/md4/Makefile.in b/src/lib/crypto/md4/Makefile.in index ba212a73a..f5c7d261f 100644 --- a/src/lib/crypto/md4/Makefile.in +++ b/src/lib/crypto/md4/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/crypto/md4 mydir=md4 BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir) +LOCALINCLUDES = -I$(srcdir) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=md4 @@ -32,13 +32,13 @@ t_mddriver.c: $(srcdir)/../md5/t_mddriver.c $(CP) $(srcdir)/../md5/t_mddriver.c t_mddriver.c t_mddriver.o: t_mddriver.c - $(CC) -DMD=4 $(CFLAGS) -c t_mddriver.c + $(CC) -DMD=4 $(ALL_CFLAGS) -c t_mddriver.c t_mddriver: t_mddriver.o md4.o - $(CC) $(CFLAGS) -o t_mddriver t_mddriver.o md4.o + $(CC) $(ALL_CFLAGS) -o t_mddriver t_mddriver.o md4.o $(OUTPRE)t_mddriver.obj: t_mddriver.c - $(CC) -DMD=4 $(CFLAGS) -Fo$@ -c $** + $(CC) -DMD=4 $(ALL_CFLAGS) -Fo$@ -c $** $(OUTPRE)t_mddriver.exe: $(OUTPRE)t_mddriver.obj $(OUTPRE)md4.obj link -out:$@ $** diff --git a/src/lib/crypto/md4/rsa-md4.h b/src/lib/crypto/md4/rsa-md4.h index 5ab4151c9..0970dcbae 100644 --- a/src/lib/crypto/md4/rsa-md4.h +++ b/src/lib/crypto/md4/rsa-md4.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/md5/ChangeLog b/src/lib/crypto/md5/ChangeLog index 06698f7c5..6d421ac83 100644 --- a/src/lib/crypto/md5/ChangeLog +++ b/src/lib/crypto/md5/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:20:16 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/md5/Makefile.in b/src/lib/crypto/md5/Makefile.in index 896de961e..98d0b3105 100644 --- a/src/lib/crypto/md5/Makefile.in +++ b/src/lib/crypto/md5/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/crypto/md5 mydir=md5 BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=md5 @@ -29,7 +28,7 @@ includes:: depend depend:: $(SRCS) t_mddriver: t_mddriver.o md5.o - $(CC) $(CFLAGS) $(LDFLAGS) -o t_mddriver t_mddriver.o md5.o + $(CC) $(ALL_CFLAGS) $(LDFLAGS) -o t_mddriver t_mddriver.o md5.o $(OUTPRE)t_mddriver.exe: $(OUTPRE)t_mddriver.obj $(OUTPRE)md5.obj link -out:$@ $** diff --git a/src/lib/crypto/md5/t_cksum.c b/src/lib/crypto/md5/t_cksum.c index 5bc63709d..17ecd51d7 100644 --- a/src/lib/crypto/md5/t_cksum.c +++ b/src/lib/crypto/md5/t_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/crypto/old/ChangeLog b/src/lib/crypto/old/ChangeLog index c3368c68d..ba4eadfd6 100644 --- a/src/lib/crypto/old/ChangeLog +++ b/src/lib/crypto/old/ChangeLog @@ -1,3 +1,16 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-25 Ken Raeburn + + * old_decrypt.c (memmove) [HAVE_BCOPY && !HAVE_MEMMOVE]: Define to + use bcopy. Should work unless any system has no memmove *and* + bcopy isn't safe with overlaps. + Mon May 10 15:20:32 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/old/Makefile.in b/src/lib/crypto/old/Makefile.in index f808ed66b..cab1b3511 100644 --- a/src/lib/crypto/old/Makefile.in +++ b/src/lib/crypto/old/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/crypto/old mydir=old BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/../des +LOCALINCLUDES = -I$(srcdir)/../des ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=old diff --git a/src/lib/crypto/old/old_decrypt.c b/src/lib/crypto/old/old_decrypt.c index 26019e164..2d22648e2 100644 --- a/src/lib/crypto/old/old_decrypt.c +++ b/src/lib/crypto/old/old_decrypt.c @@ -27,6 +27,12 @@ #include "k5-int.h" #include "old.h" +#ifndef HAVE_MEMMOVE +#ifdef HAVE_BCOPY +#define memmove(dst,src,size) bcopy(src,dst,size) +#endif +#endif + krb5_error_code krb5_old_decrypt(enc, hash, key, usage, ivec, input, arg_output) krb5_const struct krb5_enc_provider *enc; diff --git a/src/lib/crypto/raw/ChangeLog b/src/lib/crypto/raw/ChangeLog index f8f2244e9..25f1d1d83 100644 --- a/src/lib/crypto/raw/ChangeLog +++ b/src/lib/crypto/raw/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:20:51 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/raw/Makefile.in b/src/lib/crypto/raw/Makefile.in index 427bb6b4e..e3ca3c673 100644 --- a/src/lib/crypto/raw/Makefile.in +++ b/src/lib/crypto/raw/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/crypto/raw mydir=raw BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=raw diff --git a/src/lib/crypto/sha1/ChangeLog b/src/lib/crypto/sha1/ChangeLog index 426acc040..938307da1 100644 --- a/src/lib/crypto/sha1/ChangeLog +++ b/src/lib/crypto/sha1/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:21:10 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/crypto/sha1/Makefile.in b/src/lib/crypto/sha1/Makefile.in index 2f8cea108..5d1b69c4f 100644 --- a/src/lib/crypto/sha1/Makefile.in +++ b/src/lib/crypto/sha1/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/crypto/sha1 mydir=sha1 BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=sha1 @@ -29,7 +28,7 @@ includes:: depend depend:: $(SRCS) t_shs: t_shs.o shs.o - $(CC) $(CFLAGS) $(LDFLAGS) -o t_shs t_shs.o shs.o + $(CC) $(ALL_CFLAGS) $(LDFLAGS) -o t_shs t_shs.o shs.o $(OUTPRE)t_shs.exe: $(OUTPRE)t_shs.obj $(OUTPRE)shs.obj link -out:$@ $** diff --git a/src/lib/crypto/t_nfold.c b/src/lib/crypto/t_nfold.c index 2693318e1..ec59b1a13 100644 --- a/src/lib/crypto/t_nfold.c +++ b/src/lib/crypto/t_nfold.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/ChangeLog b/src/lib/des425/ChangeLog index 3fd4f3315..dacafc3db 100644 --- a/src/lib/des425/ChangeLog +++ b/src/lib/des425/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:21:30 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/des425/Makefile.in b/src/lib/des425/Makefile.in index 57e6a0466..863a34d23 100644 --- a/src/lib/des425/Makefile.in +++ b/src/lib/des425/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=. myfulldir=lib/des425 mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)/../crypto/des -I$(srcdir)/../../include/kerberosIV +LOCALINCLUDES = -I$(srcdir)/../crypto/des -I$(srcdir)/../../include/kerberosIV ##DOS##BUILDTOP = ..\.. ##DOS##LIBNAME=$(OUTPRE)des425.lib diff --git a/src/lib/des425/cksum.c b/src/lib/des425/cksum.c index abd48c3a2..b53dbfcd5 100644 --- a/src/lib/des425/cksum.c +++ b/src/lib/des425/cksum.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/des.c b/src/lib/des425/des.c index b5db9dd6d..7a4520d6f 100644 --- a/src/lib/des425/des.c +++ b/src/lib/des425/des.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/des.h b/src/lib/des425/des.h index f9f651247..da91b996c 100644 --- a/src/lib/des425/des.h +++ b/src/lib/des425/des.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/enc_dec.c b/src/lib/des425/enc_dec.c index f0225cbf2..7a6be15b4 100644 --- a/src/lib/des425/enc_dec.c +++ b/src/lib/des425/enc_dec.c @@ -28,7 +28,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/k4_glue.c b/src/lib/des425/k4_glue.c index 0087306e1..cab18910b 100644 --- a/src/lib/des425/k4_glue.c +++ b/src/lib/des425/k4_glue.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/key_parity.c b/src/lib/des425/key_parity.c index 4bb593425..6a3cae8dc 100644 --- a/src/lib/des425/key_parity.c +++ b/src/lib/des425/key_parity.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/key_sched.c b/src/lib/des425/key_sched.c index cb4ecee96..6f9e24b10 100644 --- a/src/lib/des425/key_sched.c +++ b/src/lib/des425/key_sched.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/new_rnd_key.c b/src/lib/des425/new_rnd_key.c index 4dd2e4be7..2e42719b2 100644 --- a/src/lib/des425/new_rnd_key.c +++ b/src/lib/des425/new_rnd_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/quad_cksum.c b/src/lib/des425/quad_cksum.c index 73e2af2b7..4ae542ff5 100644 --- a/src/lib/des425/quad_cksum.c +++ b/src/lib/des425/quad_cksum.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/random_key.c b/src/lib/des425/random_key.c index fde324dec..5fb92b779 100644 --- a/src/lib/des425/random_key.c +++ b/src/lib/des425/random_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/read_passwd.c b/src/lib/des425/read_passwd.c index bb3c2465c..e9e58bcc9 100644 --- a/src/lib/des425/read_passwd.c +++ b/src/lib/des425/read_passwd.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/str_to_key.c b/src/lib/des425/str_to_key.c index 3a2dcdcb6..44fb143dc 100644 --- a/src/lib/des425/str_to_key.c +++ b/src/lib/des425/str_to_key.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/string2key.c b/src/lib/des425/string2key.c index 58ed9a3cd..c8efbce25 100644 --- a/src/lib/des425/string2key.c +++ b/src/lib/des425/string2key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/verify.c b/src/lib/des425/verify.c index 7be470d21..bff3c47da 100644 --- a/src/lib/des425/verify.c +++ b/src/lib/des425/verify.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/des425/weak_key.c b/src/lib/des425/weak_key.c index 49f31bd14..948451db5 100644 --- a/src/lib/des425/weak_key.c +++ b/src/lib/des425/weak_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/generic/ChangeLog b/src/lib/gssapi/generic/ChangeLog index 5a3ccbe87..234c95348 100644 --- a/src/lib/gssapi/generic/ChangeLog +++ b/src/lib/gssapi/generic/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Wed May 19 13:23:16 1999 Danilo Almeida * Makefile.in: Improve rule to create gssapi include dir under diff --git a/src/lib/gssapi/generic/Makefile.in b/src/lib/gssapi/generic/Makefile.in index 811fb2c2d..5952a28b0 100644 --- a/src/lib/gssapi/generic/Makefile.in +++ b/src/lib/gssapi/generic/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/gssapi/generic mydir=generic BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I. -I$(srcdir) +LOCALINCLUDES = -I. -I$(srcdir) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=generic diff --git a/src/lib/gssapi/generic/oid_ops.c b/src/lib/gssapi/generic/oid_ops.c index 0e8934393..477e07163 100644 --- a/src/lib/gssapi/generic/oid_ops.c +++ b/src/lib/gssapi/generic/oid_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/generic/utl_nohash_validate.c b/src/lib/gssapi/generic/utl_nohash_validate.c index ecd2c1354..1ed2008a5 100644 --- a/src/lib/gssapi/generic/utl_nohash_validate.c +++ b/src/lib/gssapi/generic/utl_nohash_validate.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/ChangeLog b/src/lib/gssapi/krb5/ChangeLog index a6b5a11f1..0af19dc9b 100644 --- a/src/lib/gssapi/krb5/ChangeLog +++ b/src/lib/gssapi/krb5/ChangeLog @@ -1,3 +1,18 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-27 Tom Yu + + * accept_sec_context.c (krb5_gss_accept_sec_context): Disable + krb5-mech2 stuff for now. + + * init_sec_context.c (make_ap_req_v2): Disable krb5-mech2 stuff + for now. + Wed May 19 13:21:55 1999 Danilo Almeida * Makefile.in: Improve rule to create gssapi include dir under diff --git a/src/lib/gssapi/krb5/Makefile.in b/src/lib/gssapi/krb5/Makefile.in index 6eb2a17dc..a8f5f8ff7 100644 --- a/src/lib/gssapi/krb5/Makefile.in +++ b/src/lib/gssapi/krb5/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/gssapi/krb5 mydir=krb5 BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I. -I$(srcdir) -I../generic -I$(srcdir)/../generic +LOCALINCLUDES = -I. -I$(srcdir) -I../generic -I$(srcdir)/../generic ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=krb5 diff --git a/src/lib/gssapi/krb5/accept_sec_context.c b/src/lib/gssapi/krb5/accept_sec_context.c index 0ac945c45..4c037e490 100644 --- a/src/lib/gssapi/krb5/accept_sec_context.c +++ b/src/lib/gssapi/krb5/accept_sec_context.c @@ -49,6 +49,7 @@ #include "k5-int.h" #include "gssapiP_krb5.h" #include +#include /* * $Id$ @@ -769,101 +770,8 @@ krb5_gss_accept_sec_context(minor_status, context_handle, ctx->established = 1; if (ctx->gsskrb5_version == 2000) { - krb5_ui_4 tok_flags; - - tok_flags = - (ctx->gss_flags & GSS_C_DELEG_FLAG)?KG2_RESP_FLAG_DELEG_OK:0; - - cksumdata.length = 8 + 4*ctx->nctypes + 4; - - if ((cksumdata.data = (char *) malloc(cksumdata.length)) == NULL) { - code = ENOMEM; - major_status = GSS_S_FAILURE; - goto fail; - } - - /* construct the token fields */ - - ptr = cksumdata.data; - - ptr[0] = (KG2_TOK_RESPONSE >> 8) & 0xff; - ptr[1] = KG2_TOK_RESPONSE & 0xff; - - ptr[2] = (tok_flags >> 24) & 0xff; - ptr[3] = (tok_flags >> 16) & 0xff; - ptr[4] = (tok_flags >> 8) & 0xff; - ptr[5] = tok_flags & 0xff; - - ptr[6] = (ctx->nctypes >> 8) & 0xff; - ptr[7] = ctx->nctypes & 0xff; - - ptr += 8; - - for (i=0; inctypes; i++) { - ptr[i] = (ctx->ctypes[i] >> 24) & 0xff; - ptr[i+1] = (ctx->ctypes[i] >> 16) & 0xff; - ptr[i+2] = (ctx->ctypes[i] >> 8) & 0xff; - ptr[i+3] = ctx->ctypes[i] & 0xff; - - ptr += 4; - } - - memset(ptr, 0, 4); - - /* make the MIC token */ - - { - gss_buffer_desc text, token; - - text.length = cksumdata.length; - text.value = cksumdata.data; - - /* ctx->seq_send must be set before this call */ - - if (GSS_ERROR(major_status = - krb5_gss_get_mic(&code, ctx, - GSS_C_QOP_DEFAULT, - &text, &token))) - goto fail; - - mic.length = token.length; - mic.data = token.value; - } - - token.length = g_token_size((gss_OID) mech_used, - (cksumdata.length-2)+4+ap_rep.length+ - mic.length); - - if ((token.value = (unsigned char *) xmalloc(token.length)) - == NULL) { - code = ENOMEM; - major_status = GSS_S_FAILURE; - goto fail; - } - ptr = token.value; - g_make_token_header((gss_OID) mech_used, - (cksumdata.length-2)+4+ap_rep.length+mic.length, - &ptr, KG2_TOK_RESPONSE); - - memcpy(ptr, cksumdata.data+2, cksumdata.length-2); - ptr += cksumdata.length-2; - - ptr[0] = (ap_rep.length >> 8) & 0xff; - ptr[1] = ap_rep.length & 0xff; - memcpy(ptr+2, ap_rep.data, ap_rep.length); - - ptr += (2+ap_rep.length); - - ptr[0] = (mic.length >> 8) & 0xff; - ptr[1] = mic.length & 0xff; - memcpy(ptr+2, mic.data, mic.length); - - ptr += (2+mic.length); - - free(cksumdata.data); - cksumdata.data = 0; - - /* gss krb5 v2 */ + int krb5_mech2_supported = 0; + assert(krb5_mech2_supported); } else { /* gss krb5 v1 */ diff --git a/src/lib/gssapi/krb5/canon_name.c b/src/lib/gssapi/krb5/canon_name.c index 688366e1f..169fe6b58 100644 --- a/src/lib/gssapi/krb5/canon_name.c +++ b/src/lib/gssapi/krb5/canon_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/duplicate_name.c b/src/lib/gssapi/krb5/duplicate_name.c index 93e950345..3b8506cb0 100644 --- a/src/lib/gssapi/krb5/duplicate_name.c +++ b/src/lib/gssapi/krb5/duplicate_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/export_name.c b/src/lib/gssapi/krb5/export_name.c index 23cb080e0..5671e5e9a 100644 --- a/src/lib/gssapi/krb5/export_name.c +++ b/src/lib/gssapi/krb5/export_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/export_sec_context.c b/src/lib/gssapi/krb5/export_sec_context.c index 07a7659ee..fc4b0ace2 100644 --- a/src/lib/gssapi/krb5/export_sec_context.c +++ b/src/lib/gssapi/krb5/export_sec_context.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/import_sec_context.c b/src/lib/gssapi/krb5/import_sec_context.c index 141736b9b..fd5415a56 100644 --- a/src/lib/gssapi/krb5/import_sec_context.c +++ b/src/lib/gssapi/krb5/import_sec_context.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/init_sec_context.c b/src/lib/gssapi/krb5/init_sec_context.c index fb11cf5a2..878c8abd7 100644 --- a/src/lib/gssapi/krb5/init_sec_context.c +++ b/src/lib/gssapi/krb5/init_sec_context.c @@ -49,6 +49,7 @@ #include "gssapiP_krb5.h" #include #include +#include /* * $Id$ @@ -117,196 +118,8 @@ make_ap_req_v2(context, ctx, cred, k_cred, chan_bindings, mech_type, token) gss_OID mech_type; gss_buffer_t token; { - krb5_flags mk_req_flags = 0; - krb5_int32 con_flags; - krb5_error_code code; - krb5_data credmsg, cksumdata, ap_req; - int i, tlen, cblen, nctypes; - krb5_cksumtype *ctypes; - unsigned char *t, *ptr; - - credmsg.data = 0; - cksumdata.data = 0; - ap_req.data = 0; - ctypes = 0; - - /* create the option data if necessary */ - if (ctx->gss_flags & GSS_C_DELEG_FLAG) { - /* first get KRB_CRED message, so we know its length */ - - /* clear the time check flag that was set in krb5_auth_con_init() */ - krb5_auth_con_getflags(context, ctx->auth_context, &con_flags); - krb5_auth_con_setflags(context, ctx->auth_context, - con_flags & ~KRB5_AUTH_CONTEXT_DO_TIME); - - code = krb5_fwd_tgt_creds(context, ctx->auth_context, 0, - cred->princ, ctx->there, cred->ccache, 1, - &credmsg); - - /* turn KRB5_AUTH_CONTEXT_DO_TIME back on */ - krb5_auth_con_setflags(context, ctx->auth_context, con_flags); - - if (code) { - /* don't fail here; just don't accept/do the delegation - request */ - ctx->gss_flags &= ~GSS_C_DELEG_FLAG; - } else { - if (credmsg.length > KRB5_INT16_MAX) { - krb5_free_data_contents(context, &credmsg); - return(KRB5KRB_ERR_FIELD_TOOLONG); - } - } - } else { - credmsg.length = 0; - } - - /* construct the list of compatible cksum types */ - - if ((code = krb5_c_keyed_checksum_types(context, - k_cred->keyblock.enctype, - &nctypes, &ctypes))) - goto cleanup; - - if (nctypes == 0) { - code = KRB5_CRYPTO_INTERNAL; - goto cleanup; - } - - /* construct the checksum fields */ - - cblen = 4*5; - if (chan_bindings) - cblen += (chan_bindings->initiator_address.length+ - chan_bindings->acceptor_address.length+ - chan_bindings->application_data.length); - - cksumdata.length = cblen + 8 + 4*nctypes + 4; - if (credmsg.length) - cksumdata.length += 4 + credmsg.length; - - if ((cksumdata.data = (char *) malloc(cksumdata.length)) == NULL) - goto cleanup; - - /* helper macros. This code currently depends on a long being 32 - bits, and htonl dtrt. */ - - ptr = cksumdata.data; - - if (chan_bindings) { - TWRITE_INT(ptr, chan_bindings->initiator_addrtype, 1); - TWRITE_BUF(ptr, chan_bindings->initiator_address, 1); - TWRITE_INT(ptr, chan_bindings->acceptor_addrtype, 1); - TWRITE_BUF(ptr, chan_bindings->acceptor_address, 1); - TWRITE_BUF(ptr, chan_bindings->application_data, 1); - } else { - memset(ptr, 0, cblen); - ptr += cblen; - } - - /* construct the token fields */ - - ptr[0] = (KG2_TOK_INITIAL >> 8) & 0xff; - ptr[1] = KG2_TOK_INITIAL & 0xff; - - ptr[2] = (ctx->gss_flags >> 24) & 0xff; - ptr[3] = (ctx->gss_flags >> 16) & 0xff; - ptr[4] = (ctx->gss_flags >> 8) & 0xff; - ptr[5] = ctx->gss_flags & 0xff; - - ptr[6] = (nctypes >> 8) & 0xff; - ptr[7] = nctypes & 0xff; - - ptr += 8; - - for (i=0; i> 24) & 0xff; - ptr[1] = (ctypes[i] >> 16) & 0xff; - ptr[2] = (ctypes[i] >> 8) & 0xff; - ptr[3] = ctypes[i] & 0xff; - - ptr += 4; - } - - if (credmsg.length) { - ptr[0] = (KRB5_GSS_FOR_CREDS_OPTION >> 8) & 0xff; - ptr[1] = KRB5_GSS_FOR_CREDS_OPTION & 0xff; - - ptr[2] = (credmsg.length >> 8) & 0xff; - ptr[3] = credmsg.length & 0xff; - - ptr += 4; - - memcpy(ptr, credmsg.data, credmsg.length); - - ptr += credmsg.length; - } - - memset(ptr, 0, 4); - - /* call mk_req. subkey and ap_req need to be used or destroyed */ - - mk_req_flags = AP_OPTS_USE_SUBKEY; - - if (ctx->gss_flags & GSS_C_MUTUAL_FLAG) - mk_req_flags |= AP_OPTS_MUTUAL_REQUIRED; - - if ((code = krb5_mk_req_extended(context, &ctx->auth_context, mk_req_flags, - &cksumdata, k_cred, &ap_req))) - goto cleanup; - - /* store the interesting stuff from creds and authent */ - ctx->endtime = k_cred->times.endtime; - ctx->krb_flags = k_cred->ticket_flags; - - /* build up the token */ - - /* allocate space for the token */ - tlen = g_token_size((gss_OID) mech_type, - (cksumdata.length-(2+cblen))+2+ap_req.length); - - if ((t = (unsigned char *) xmalloc(tlen)) == NULL) { - code = ENOMEM; - goto cleanup; - } - - ptr = t; - - g_make_token_header((gss_OID) mech_type, - (cksumdata.length-(2+cblen))+2+ap_req.length, - &ptr, KG2_TOK_INITIAL); - - /* skip over the channel bindings and the token id */ - memcpy(ptr, cksumdata.data+cblen+2, cksumdata.length-(cblen+2)); - ptr += cksumdata.length-(cblen+2); - ptr[0] = (ap_req.length >> 8) & 0xff; - ptr[1] = ap_req.length & 0xff; - ptr += 2; - memcpy(ptr, ap_req.data, ap_req.length); - - /* pass allocated data back */ - - ctx->nctypes = nctypes; - ctx->ctypes = ctypes; - - token->length = tlen; - token->value = (void *) t; - - code = 0; - -cleanup: - if (code) { - if (ctypes) - krb5_free_cksumtypes(context, ctypes); - } - - if (credmsg.data) - free(credmsg.data); - if (ap_req.data) - free(ap_req.data); - if (cksumdata.data) - free(cksumdata.data); - - return(code); + int krb5_mech2_supported = 0; + assert(krb5_mech2_supported); } static krb5_error_code diff --git a/src/lib/gssapi/krb5/inq_names.c b/src/lib/gssapi/krb5/inq_names.c index 01a199430..ba95a3bc1 100644 --- a/src/lib/gssapi/krb5/inq_names.c +++ b/src/lib/gssapi/krb5/inq_names.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/rel_oid.c b/src/lib/gssapi/krb5/rel_oid.c index afb2171b8..066daf414 100644 --- a/src/lib/gssapi/krb5/rel_oid.c +++ b/src/lib/gssapi/krb5/rel_oid.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/ser_sctx.c b/src/lib/gssapi/krb5/ser_sctx.c index 36a16d426..2a6231ee7 100644 --- a/src/lib/gssapi/krb5/ser_sctx.c +++ b/src/lib/gssapi/krb5/ser_sctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/krb5/val_cred.c b/src/lib/gssapi/krb5/val_cred.c index 785fe90be..aea1765bc 100644 --- a/src/lib/gssapi/krb5/val_cred.c +++ b/src/lib/gssapi/krb5/val_cred.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/mechglue/ChangeLog b/src/lib/gssapi/mechglue/ChangeLog index da48eb036..16d91fd43 100644 --- a/src/lib/gssapi/mechglue/ChangeLog +++ b/src/lib/gssapi/mechglue/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:22:42 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/gssapi/mechglue/Makefile.in b/src/lib/gssapi/mechglue/Makefile.in index 3b7c17d77..0c4ddfee7 100644 --- a/src/lib/gssapi/mechglue/Makefile.in +++ b/src/lib/gssapi/mechglue/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=. myfulldir=lib/gssapi/mechglue mydir=. BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I. -I$(srcdir) +LOCALINCLUDES = -I. -I$(srcdir) ##DOSBUILDTOP = ..\..\.. ##DOSLIBNAME=..\$(OUTPRE)gssapi.$(LIBEXT) @@ -85,8 +85,6 @@ OBJS = $(OUTPRE)g_acquire_cred.$(OBJEXT) \ EHDRDIR= $(BUILDTOP)$(S)include$(S)gssapi EXPORTED_HEADERS = mechglue.h -.c.o: - $(CC) $(CFLAGS) -c $(srcdir)/$*.c @SHARED_RULE@ all:: all-$(WHAT) diff --git a/src/lib/gssapi/mechglue/g_oid_ops.c b/src/lib/gssapi/mechglue/g_oid_ops.c index a78639690..5bb117af1 100644 --- a/src/lib/gssapi/mechglue/g_oid_ops.c +++ b/src/lib/gssapi/mechglue/g_oid_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi/mechglue/oid_ops.c b/src/lib/gssapi/mechglue/oid_ops.c index c173240b7..f45e467a4 100644 --- a/src/lib/gssapi/mechglue/oid_ops.c +++ b/src/lib/gssapi/mechglue/oid_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/gssapi16.def b/src/lib/gssapi16.def deleted file mode 100644 index cec29492e..000000000 --- a/src/lib/gssapi16.def +++ /dev/null @@ -1,78 +0,0 @@ -;---------------------------------------------------- -; GSSAPI.DEF - GSSAPI.DLL module definition file -;---------------------------------------------------- - -LIBRARY GSSAPI -DESCRIPTION 'Base Generic Security Service API' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - gss_acquire_cred - gss_release_cred - gss_init_sec_context - gss_accept_sec_context - gss_process_context_token - gss_delete_sec_context - gss_context_time - gss_sign - gss_verify - gss_seal - gss_unseal - gss_display_status - gss_indicate_mechs - gss_compare_name - gss_display_name - gss_import_name - gss_release_name - gss_release_buffer - gss_release_oid_set - gss_inquire_cred -; -; GSS-API v2 additional credential calls -; - gss_add_cred - gss_inquire_cred_by_mech -; -; GSS-API v2 additional context-level calls -; - gss_inquire_context - gss_wrap_size_limit - gss_export_sec_context - gss_import_sec_context -; -; GSS-API v2 additional calls for OID and OID_set operations -; - gss_release_oid - gss_create_empty_oid_set - gss_add_oid_set_member - gss_test_oid_set_member - gss_oid_to_str - gss_str_to_oid -; -; GSS-API v2 renamed message protection calls -; - gss_wrap - gss_unwrap - gss_get_mic - gss_verify_mic -; -; GSS-API v2 future extensions -; - gss_inquire_names_for_mech -; gss_inquire_mechs_for_name - gss_canonicalize_name - gss_export_name - gss_duplicate_name -; -; GSS-API variables -; - _gss_nt_user_name - _gss_nt_machine_uid_name - _gss_nt_string_uid_name - _gss_nt_service_name diff --git a/src/lib/kadm5/ChangeLog b/src/lib/kadm5/ChangeLog index 9c1aba73f..15948cae1 100644 --- a/src/lib/kadm5/ChangeLog +++ b/src/lib/kadm5/ChangeLog @@ -1,3 +1,33 @@ +1999-11-30 Ken Raeburn + + * alt_prof.c (kadm5_get_config_params): Fix bug in direction of + test while walking through whitespace. Thanks to Matt Crawford. + +1999-10-29 Ken Raeburn + + * logger.c (klog_com_err_proc, klog_vsyslog): Use proper format + strings in syslog() calls too. + (lspec_parse_err_1, lspec_parse_err_2, log_file_err, + log_device_err, log_ufo_string, log_emerg_string, + log_alert_string, log_crit_string, log_err_string, + log_warning_string, log_notice_string, log_info_string, + log_debug_string): Replace char arrays with macros. + (klog_vsyslog): Convert pid_t to long for printing. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-23 Ken Raeburn + + * logger.c (DEVICE_PRINT, klog_com_err_proc, klog_vsyslog): Use + proper format strings to fprintf, instead of net-supplied data. + Fold in writes of following end-of-line sequences when + appropriate. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/kadm5/Makefile.in b/src/lib/kadm5/Makefile.in index f07583d1d..6f5efaae3 100644 --- a/src/lib/kadm5/Makefile.in +++ b/src/lib/kadm5/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=lib/kadm5 mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) LOCAL_SUBDIRS = clnt srv unit-test ##DOSBUILDTOP = ..\.. diff --git a/src/lib/kadm5/alt_prof.c b/src/lib/kadm5/alt_prof.c index 934785322..c4490de79 100644 --- a/src/lib/kadm5/alt_prof.c +++ b/src/lib/kadm5/alt_prof.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -595,7 +598,7 @@ krb5_error_code kadm5_get_config_params(context, kdcprofile, kdcenv, (ep = strchr(sp, (int) '\t'))) { /* Fill in trailing whitespace of sp */ tp = ep - 1; - while (isspace(*tp) && (tp < sp)) { + while (isspace(*tp) && (tp > sp)) { *tp = '\0'; tp--; } diff --git a/src/lib/kadm5/clnt/ChangeLog b/src/lib/kadm5/clnt/ChangeLog index 9bb42cb26..396d4d3a1 100644 --- a/src/lib/kadm5/clnt/ChangeLog +++ b/src/lib/kadm5/clnt/ChangeLog @@ -1,3 +1,15 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-27 Tom Yu + + * client_init.c (_kadm5_init_any): Remove support for krb5-mech2 + for now. + Thu May 13 17:24:44 1999 Tom Yu * client_init.c (_kadm5_init_any): Use gss_krb5_ccache_name() to diff --git a/src/lib/kadm5/clnt/Makefile.in b/src/lib/kadm5/clnt/Makefile.in index 925c8b868..0fc00ffe8 100644 --- a/src/lib/kadm5/clnt/Makefile.in +++ b/src/lib/kadm5/clnt/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/kadm5/clnt mydir=clnt BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(BUILDTOP)/include/kadm5 +LOCALINCLUDES = -I$(BUILDTOP)/include/kadm5 LIB=kadm5clnt LIBMAJOR=3 diff --git a/src/lib/kadm5/clnt/client_init.c b/src/lib/kadm5/clnt/client_init.c index e86fbe877..65a313d8d 100644 --- a/src/lib/kadm5/clnt/client_init.c +++ b/src/lib/kadm5/clnt/client_init.c @@ -469,29 +469,17 @@ static kadm5_ret_t _kadm5_init_any(char *client_name, #ifndef INIT_TEST handle->clnt->cl_auth = auth_gssapi_create(handle->clnt, - &gssstat, - &minor_stat, - gss_client_creds, - gss_target, - gss_mech_krb5_v2, - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, - 0, - NULL, - NULL, - NULL); - - if (!handle->clnt->cl_auth) - handle->clnt->cl_auth = auth_gssapi_create(handle->clnt, - &gssstat, - &minor_stat, - gss_client_creds, - gss_target, - gss_mech_krb5, - GSS_C_MUTUAL_FLAG | GSS_C_REPLAY_FLAG, - 0, - NULL, - NULL, - NULL); + &gssstat, + &minor_stat, + gss_client_creds, + gss_target, + gss_mech_krb5, + GSS_C_MUTUAL_FLAG + | GSS_C_REPLAY_FLAG, + 0, + NULL, + NULL, + NULL); (void) gss_release_name(&minor_stat, &gss_target); #endif /* ! INIT_TEST */ diff --git a/src/lib/kadm5/logger.c b/src/lib/kadm5/logger.c index 2677e448d..317aa35a1 100644 --- a/src/lib/kadm5/logger.c +++ b/src/lib/kadm5/logger.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -57,19 +60,19 @@ #define LOG_ERR 0 #endif /* LOG_ERR */ -static const char lspec_parse_err_1[] = "%s: cannot parse <%s>\n"; -static const char lspec_parse_err_2[] = "%s: warning - logging entry syntax error\n"; -static const char log_file_err[] = "%s: error writing to %s\n"; -static const char log_device_err[] = "%s: error writing to %s device\n"; -static const char log_ufo_string[] = "???"; -static const char log_emerg_string[] = "EMERGENCY"; -static const char log_alert_string[] = "ALERT"; -static const char log_crit_string[] = "CRITICAL"; -static const char log_err_string[] = "Error"; -static const char log_warning_string[] = "Warning"; -static const char log_notice_string[] = "Notice"; -static const char log_info_string[] = "info"; -static const char log_debug_string[] = "debug"; +#define lspec_parse_err_1 "%s: cannot parse <%s>\n" +#define lspec_parse_err_2 "%s: warning - logging entry syntax error\n" +#define log_file_err "%s: error writing to %s\n" +#define log_device_err "%s: error writing to %s device\n" +#define log_ufo_string "???" +#define log_emerg_string "EMERGENCY" +#define log_alert_string "ALERT" +#define log_crit_string "CRITICAL" +#define log_err_string "Error" +#define log_warning_string "Warning" +#define log_notice_string "Notice" +#define log_info_string "info" +#define log_debug_string "debug" /* * Output logging. @@ -160,8 +163,8 @@ static struct log_entry def_log_entry; */ #define DEVICE_OPEN(d, m) fopen(d, m) #define CONSOLE_OPEN(m) fopen("/dev/console", m) -#define DEVICE_PRINT(f, m) ((fprintf(f, m) >= 0) ? \ - (fprintf(f, "\r\n"), fflush(f), 0) : \ +#define DEVICE_PRINT(f, m) ((fprintf(f, "%s\r\n", m) >= 0) ? \ + (fflush(f), 0) : \ -1) #define DEVICE_CLOSE(d) fclose(d) @@ -277,14 +280,13 @@ klog_com_err_proc(whoami, code, format, ap) /* * Files/standard error. */ - if (fprintf(log_control.log_entries[lindex].lfu_filep, + if (fprintf(log_control.log_entries[lindex].lfu_filep, "%s\n", outbuf) < 0) { /* Attempt to report error */ fprintf(stderr, log_file_err, whoami, log_control.log_entries[lindex].lfu_fname); } else { - fprintf(log_control.log_entries[lindex].lfu_filep, "\n"); fflush(log_control.log_entries[lindex].lfu_filep); } break; @@ -316,7 +318,7 @@ klog_com_err_proc(whoami, code, format, ap) log_control.log_entries[lindex].lsu_severity; /* Log the message with our header trimmed off */ - syslog(log_pri, syslogp); + syslog(log_pri, "%s", syslogp); break; #endif /* HAVE_SYSLOG */ default: @@ -851,8 +853,8 @@ klog_vsyslog(priority, format, arglist) cp += 15; #endif /* HAVE_STRFTIME */ #ifdef VERBOSE_LOGS - sprintf(cp, " %s %s[%d](%s): ", - log_control.log_hostname, log_control.log_whoami, getpid(), + sprintf(cp, " %s %s[%ld](%s): ", + log_control.log_hostname, log_control.log_whoami, (long) getpid(), severity2string(priority)); #else sprintf(cp, " "); @@ -879,14 +881,13 @@ klog_vsyslog(priority, format, arglist) /* * Files/standard error. */ - if (fprintf(log_control.log_entries[lindex].lfu_filep, + if (fprintf(log_control.log_entries[lindex].lfu_filep, "%s\n", outbuf) < 0) { /* Attempt to report error */ - fprintf(stderr, log_file_err, + fprintf(stderr, log_file_err, log_control.log_whoami, log_control.log_entries[lindex].lfu_fname); } else { - fprintf(log_control.log_entries[lindex].lfu_filep, "\n"); fflush(log_control.log_entries[lindex].lfu_filep); } break; @@ -898,7 +899,7 @@ klog_vsyslog(priority, format, arglist) if (DEVICE_PRINT(log_control.log_entries[lindex].ldu_filep, outbuf) < 0) { /* Attempt to report error */ - fprintf(stderr, log_device_err, + fprintf(stderr, log_device_err, log_control.log_whoami, log_control.log_entries[lindex].ldu_devname); } break; @@ -909,7 +910,7 @@ klog_vsyslog(priority, format, arglist) */ /* Log the message with our header trimmed off */ - syslog(priority, syslogp); + syslog(priority, "%s", syslogp); break; #endif /* HAVE_SYSLOG */ default: diff --git a/src/lib/kadm5/srv/ChangeLog b/src/lib/kadm5/srv/ChangeLog index f96abed50..22e0cf1ec 100644 --- a/src/lib/kadm5/srv/ChangeLog +++ b/src/lib/kadm5/srv/ChangeLog @@ -1,3 +1,15 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-08 Ken Raeburn + + * adb_openclose.c (osa_adb_fini_db): Don't fclose the lock file if + the lock is permanent, because it's already been done. + Mon Dec 7 15:19:11 1998 Ezra Peisach * svr_principal.c (kadm5_randkey_principal_3): Fix typo in diff --git a/src/lib/kadm5/srv/Makefile.in b/src/lib/kadm5/srv/Makefile.in index 82130c219..ed9018f04 100644 --- a/src/lib/kadm5/srv/Makefile.in +++ b/src/lib/kadm5/srv/Makefile.in @@ -2,7 +2,8 @@ thisconfigdir=./.. myfulldir=lib/kadm5/srv mydir=srv BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -I$(BUILDTOP)/include/kadm5 @HESIOD_DEFS@ +LOCALINCLUDES = -I$(BUILDTOP)/include/kadm5 +DEFINES = @HESIOD_DEFS@ ##DOSBUILDTOP = ..\..\.. ##DOSLIBNAME = libkadm5srv.lib diff --git a/src/lib/kadm5/srv/adb_openclose.c b/src/lib/kadm5/srv/adb_openclose.c index 0f0bec7e5..e776192c2 100644 --- a/src/lib/kadm5/srv/adb_openclose.c +++ b/src/lib/kadm5/srv/adb_openclose.c @@ -232,7 +232,8 @@ osa_adb_ret_t osa_adb_fini_db(osa_adb_db_t db, int magic) * after trashing it. This has to be allowed, so don't * generate an error. */ - (void) fclose(db->lock->lockfile); + if (db->lock->lockmode != OSA_ADB_PERMANENT) + (void) fclose(db->lock->lockfile); db->lock->lockfile = NULL; krb5_free_context(db->lock->context); } diff --git a/src/lib/kadm5/srv/server_acl.c b/src/lib/kadm5/srv/server_acl.c index 36919c2b0..776b7e513 100644 --- a/src/lib/kadm5/srv/server_acl.c +++ b/src/lib/kadm5/srv/server_acl.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kadm5/srv/server_acl.h b/src/lib/kadm5/srv/server_acl.h index d7118fa7c..e2aa8bddc 100644 --- a/src/lib/kadm5/srv/server_acl.h +++ b/src/lib/kadm5/srv/server_acl.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kadm5/str_conv.c b/src/lib/kadm5/str_conv.c index 882892933..16ad5346c 100644 --- a/src/lib/kadm5/str_conv.c +++ b/src/lib/kadm5/str_conv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kadm5/unit-test/ChangeLog b/src/lib/kadm5/unit-test/ChangeLog index e4c000102..19b32ffab 100644 --- a/src/lib/kadm5/unit-test/ChangeLog +++ b/src/lib/kadm5/unit-test/ChangeLog @@ -1,3 +1,28 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-30 Ken Raeburn + + * api.2/init-v2.exp (RESOLVE): New variable. + (get_hostname): New proc, taken from tests/dejagnu. + (test101): Use get_hostname, set a variable in the target process + to hold the result, and use that variable in the other commands + passed. + + * Makefile.in (unit-test-client-body): Pass $(RUNTESTFLAGS) to + runtest, so the user can run subsets of the test suite. + (unit-test-server-body): Likewise. + +1999-08-26 Ken Raeburn + + * api.2/init-v2.exp (test101): Use local host name instead of + "localhost", since address 127.0.0.1 probably won't be listed in + credentials. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/kadm5/unit-test/Makefile.in b/src/lib/kadm5/unit-test/Makefile.in index 89ba1efd0..d75ba8f98 100644 --- a/src/lib/kadm5/unit-test/Makefile.in +++ b/src/lib/kadm5/unit-test/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=lib/kadm5/unit-test mydir=unit-test BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) -DUSE_KADM5_API_VERSION=1 +DEFINES = -DUSE_KADM5_API_VERSION=1 PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -19,7 +19,7 @@ init-test: init-test.o client_init.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(KADMCLNT_LIBS) $(KRB5_BASE_LIBS) client_init.o: $(SRCTOP)/lib/kadm5/clnt/client_init.c - $(CC) $(CFLAGS) -UUSE_KADM5_API_VERSION -DUSE_KADM5_API_VERSION=2 -DINIT_TEST -c -I$(SRCTOP)/lib/kadm5 $(SRCTOP)/lib/kadm5/clnt/client_init.c + $(CC) $(ALL_CFLAGS) -UUSE_KADM5_API_VERSION -DUSE_KADM5_API_VERSION=2 -DINIT_TEST -c -I$(SRCTOP)/lib/kadm5 $(SRCTOP)/lib/kadm5/clnt/client_init.c destroy-test: destroy-test.o $(KADMCLNT_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o destroy-test destroy-test.o \ @@ -58,7 +58,7 @@ server-iter-test: iter-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(KADMSRV_LIBS) $(KRB5_BASE_LIBS) setkey-test.o: $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c - $(CC) $(CFLAGS) -UUSE_KADM5_API_VERSION -DUSE_KADM5_API_VERSION=2 -c $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c + $(CC) $(ALL_CFLAGS) -UUSE_KADM5_API_VERSION -DUSE_KADM5_API_VERSION=2 -c $(SRCTOP)/lib/kadm5/unit-test/setkey-test.c server-setkey-test: setkey-test.o $(KADMSRV_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o server-setkey-test setkey-test.o \ @@ -115,14 +115,14 @@ unit-test-client-body: site.exp test-noauth test-destroy test-handle-client $(ENV_SETUP) $(RUNTEST) --tool api RPC=1 API=$(CLNTTCL) \ KINIT=$(BUILDTOP)/clients/kinit/kinit \ KDESTROY=$(BUILDTOP)/clients/kdestroy/kdestroy \ - KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local + KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local $(RUNTESTFLAGS) -mv api.log capi.log -mv api.sum capi.sum unit-test-server-body: site.exp test-handle-server lock-test $(ENV_SETUP) $(RUNTEST) --tool api RPC=0 API=$(SRVTCL) \ LOCKTEST=./lock-test \ - KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local + KADMIN_LOCAL=$(BUILDTOP)/kadmin/cli/kadmin.local $(RUNTESTFLAGS) -mv api.log sapi.log -mv api.sum sapi.sum diff --git a/src/lib/kadm5/unit-test/api.2/init-v2.exp b/src/lib/kadm5/unit-test/api.2/init-v2.exp index bf1a7df49..fe0721494 100644 --- a/src/lib/kadm5/unit-test/api.2/init-v2.exp +++ b/src/lib/kadm5/unit-test/api.2/init-v2.exp @@ -19,21 +19,63 @@ proc test100 {} { } if {$RPC} test100 +if ![info exists RESOLVE] { + set RESOLVE [findfile $objdir/../../../tests/resolve/resolve] +} +proc get_hostname { } { + global RESOLVE + global hostname + global localhostname + global domain + + if {[info exists hostname] && [info exists localhostname]} { + return 1 + } + + catch "exec $RESOLVE -q >myname" exec_output + if ![string match "" $exec_output] { + send_log "$exec_output\n" + verbose $exec_output + send_error "ERROR: can't get hostname\n" + return 0 + } + set file [open myname r] + if { [ gets $file hostname ] == -1 } { + send_error "ERROR: no output from hostname\n" + return 0 + } + close $file + catch "exec rm -f myname" exec_output + regexp "^(\[^.\]*)\.(.*)$" $hostname foo localhostname domain + + set hostname [string tolower $hostname] + set localhostname [string tolower $localhostname] + set domain [string tolower $domain] + verbose "hostname: $hostname; localhostname: $localhostname; domain $domain" + + return 1 +} + + test "init 101" proc test101 {} { global test + global hostname + + get_hostname + tcl_cmd "set hostname $hostname" # XXX Fix to work with a remote TEST_SERVER. For now, make sure # it fails in that case. one_line_succeed_test { kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} {localhost 1751}] \ + [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 1751]] \ $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ server_handle } one_line_fail_test { kadm5_init admin admin $KADM5_ADMIN_SERVICE \ - [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} {localhost 1}] \ + [config_params {KADM5_CONFIG_ADMIN_SERVER KADM5_CONFIG_KADMIND_PORT} [list $hostname 1]] \ $KADM5_STRUCT_VERSION $KADM5_API_VERSION_2 \ server_handle } "RPC_ERROR" diff --git a/src/lib/kdb/ChangeLog b/src/lib/kdb/ChangeLog index c655c178f..b3328a0d8 100644 --- a/src/lib/kdb/ChangeLog +++ b/src/lib/kdb/ChangeLog @@ -1,3 +1,21 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-30 Ken Raeburn + + * t_kdb.c (add_principal): Free only contents of a generated key, + since the keyblock structure itself is on the stack. + +1999-08-17 Ken Raeburn + + * t_kdb.c (add_principal): Update for new calling sequence to + krb5_dbekd_encrypt_key_data. + (do_testing): Update calls. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/kdb/Makefile.in b/src/lib/kdb/Makefile.in index 76b4e2fb6..68c636152 100644 --- a/src/lib/kdb/Makefile.in +++ b/src/lib/kdb/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=lib/kdb mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) KRB5_RUN_ENV = @KRB5_RUN_ENV@ KRB5_CONFIG_SETUP = KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf ; export KRB5_CONFIG ; PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/lib/kdb/decrypt_key.c b/src/lib/kdb/decrypt_key.c index 0cfdbda8e..765e6f377 100644 --- a/src/lib/kdb/decrypt_key.c +++ b/src/lib/kdb/decrypt_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/encrypt_key.c b/src/lib/kdb/encrypt_key.c index 7bcfe11eb..1448ebd6d 100644 --- a/src/lib/kdb/encrypt_key.c +++ b/src/lib/kdb/encrypt_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/fetch_mkey.c b/src/lib/kdb/fetch_mkey.c index 829e0283c..d9a742ff2 100644 --- a/src/lib/kdb/fetch_mkey.c +++ b/src/lib/kdb/fetch_mkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_compat.h b/src/lib/kdb/kdb_compat.h index 2381d9554..540d4a249 100644 --- a/src/lib/kdb/kdb_compat.h +++ b/src/lib/kdb/kdb_compat.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_cpw.c b/src/lib/kdb/kdb_cpw.c index 507b76ad5..5f1bd15dc 100644 --- a/src/lib/kdb/kdb_cpw.c +++ b/src/lib/kdb/kdb_cpw.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_db2.c b/src/lib/kdb/kdb_db2.c index ab4d07e23..627aa75ab 100644 --- a/src/lib/kdb/kdb_db2.c +++ b/src/lib/kdb/kdb_db2.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_db2.h b/src/lib/kdb/kdb_db2.h index f2f01311e..fd35c8113 100644 --- a/src/lib/kdb/kdb_db2.h +++ b/src/lib/kdb/kdb_db2.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_dbm.c b/src/lib/kdb/kdb_dbm.c index 7af32d720..d8754f7db 100644 --- a/src/lib/kdb/kdb_dbm.c +++ b/src/lib/kdb/kdb_dbm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/kdb_xdr.c b/src/lib/kdb/kdb_xdr.c index a26b7f79d..d54f00608 100644 --- a/src/lib/kdb/kdb_xdr.c +++ b/src/lib/kdb/kdb_xdr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/keytab.c b/src/lib/kdb/keytab.c index 63a7bf7c8..1e5025c65 100644 --- a/src/lib/kdb/keytab.c +++ b/src/lib/kdb/keytab.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/setup_mkey.c b/src/lib/kdb/setup_mkey.c index ba1760d5f..0898a6311 100644 --- a/src/lib/kdb/setup_mkey.c +++ b/src/lib/kdb/setup_mkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/store_mkey.c b/src/lib/kdb/store_mkey.c index e63c611a4..d18630ac0 100644 --- a/src/lib/kdb/store_mkey.c +++ b/src/lib/kdb/store_mkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/kdb/t_kdb.c b/src/lib/kdb/t_kdb.c index b14152602..8358088d2 100644 --- a/src/lib/kdb/t_kdb.c +++ b/src/lib/kdb/t_kdb.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -273,16 +276,16 @@ principal_found(nvalid, pname) * Add a principal to the database. */ static krb5_error_code -add_principal(kcontext, principal, eblock, key, rseed) +add_principal(kcontext, principal, mkey, key, rseed) krb5_context kcontext; krb5_principal principal; - krb5_encrypt_block * eblock; + krb5_keyblock * mkey; krb5_keyblock * key; krb5_pointer rseed; { krb5_error_code kret; krb5_db_entry dbent; - krb5_keyblock * rkey = NULL; + krb5_keyblock * rkey = NULL, lkey; krb5_timestamp timenow; int nentries = 1; @@ -304,19 +307,21 @@ add_principal(kcontext, principal, eblock, key, rseed) goto out; if (!key) { - if ((kret = krb5_random_key(kcontext, eblock, rseed, &rkey))) + kret = krb5_c_make_random_key (kcontext, mkey->enctype, &lkey); + if (kret) goto out; + rkey = &lkey; } else rkey = key; if ((kret = krb5_dbe_create_key_data(kcontext, &dbent))) goto out; - if ((kret = krb5_dbekd_encrypt_key_data(kcontext, eblock, rkey, NULL, 1, + if ((kret = krb5_dbekd_encrypt_key_data(kcontext, mkey, rkey, NULL, 1, &dbent.key_data[0]))) goto out; if (!key) - krb5_free_keyblock(kcontext, rkey); + krb5_free_keyblock_contents(kcontext, rkey); kret = krb5_db_put_principal(kcontext, &dbent, &nentries); if ((!kret) && (nentries != 1)) @@ -564,7 +569,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, op = "adding master principal"; if ((kret = add_principal(kcontext, master_princ, - &master_encblock, + &master_keyblock, &master_keyblock, rseed))) goto goodbye; @@ -628,7 +633,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, swatch_on(); } if ((kret = add_principal(kcontext, playback_principal(passno), - &master_encblock, kbp, rseed))) { + &master_keyblock, kbp, rseed))) { linkage = "initially "; oparg = playback_name(passno); goto cya; @@ -659,7 +664,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, } if ((kret = add_principal(kcontext, playback_principal(nvalid), - &master_encblock, + &master_keyblock, kbp, rseed))) { oparg = playback_name(nvalid); goto cya; @@ -789,7 +794,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, for (passno=0; passno 4) fprintf(stderr, "*A(%s)\n", playback_name(passno)); @@ -885,7 +890,7 @@ do_testing(db, passes, verbose, timing, rcases, check, save_db, dontclean, for (j=0; j + Nalin Dahyabhai + + * kuserok.c (kuserok): Don't overflow buffer "pbuf". + +2000-04-28 Tom Yu + + * rd_req.c (krb_rd_req): Fix some uses of strcpy(). + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-10-07 Ken Raeburn + + * rd_svc_key.c (krb54_get_service_keyblock): Close keytab before + returning in success case. Patch from Greg Hudson + . + +1999-08-26 Danilo Almeida + + * memcache.c (change_cache): Use PostMessage instead of SendMessage + so we do not block. + +Fri Aug 13 23:23:00 1999 Brad Thompson + + * sendauth.c: Initialize __krb_sendauth_hidden_tkt_len so + it doesn't end up in the common block. + + * pkt_clen.c: Initialize swap_bytes so that it doesn't end + up in the common block. + Mon May 10 15:23:15 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb4/Makefile.in b/src/lib/krb4/Makefile.in index ca9fb8dc7..67dfa6062 100644 --- a/src/lib/krb4/Makefile.in +++ b/src/lib/krb4/Makefile.in @@ -2,8 +2,7 @@ thisconfigdir=. myfulldir=lib/krb4 mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(DEFINES) -DEFINES=-I$(srcdir)/../../include/kerberosIV +DEFINES = -I$(srcdir)/../../include/kerberosIV ##DOS##BUILDTOP = ..\.. ##DOS##LIBNAME=$(OUTPRE)krb4.lib @@ -209,7 +208,7 @@ clean-unix:: # $(INSTALL_DATA) krb_err.h $(DESTDIR)$(KRB5_INCDIR)/kerberosIV/krb_err.h -DEFINES=$(FALLBACK) $(OLD_SRVTAB) $(OLD_KLOGIN) -I$(srcdir)/../../include/kerberosIV +DEFINES = $(FALLBACK) $(OLD_SRVTAB) $(OLD_KLOGIN) -I$(srcdir)/../../include/kerberosIV clean:: -$(RM) $(OBJS) diff --git a/src/lib/krb4/kuserok.c b/src/lib/krb4/kuserok.c index 0aee8934a..20587cb5b 100644 --- a/src/lib/krb4/kuserok.c +++ b/src/lib/krb4/kuserok.c @@ -118,8 +118,11 @@ kuserok(kdata, luser) if ((pwd = getpwnam(luser)) == NULL) { return(NOTOK); } - (void) strcpy(pbuf, pwd->pw_dir); - (void) strcat(pbuf, "/.klogin"); + if (strlen (pwd->pw_dir) + sizeof ("/.klogin") >= sizeof (pbuf)) + return NOTOK; + (void) strncpy(pbuf, pwd->pw_dir, sizeof(pbuf) - 1); + pbuf[sizeof(pbuf) - 1] = '\0'; + (void) strncat(pbuf, "/.klogin", sizeof(pbuf) - 1 - strlen(pbuf)); if (access(pbuf, F_OK)) { /* not accessible */ /* diff --git a/src/lib/krb4/memcache.c b/src/lib/krb4/memcache.c index d2669df9b..a7eccc809 100644 --- a/src/lib/krb4/memcache.c +++ b/src/lib/krb4/memcache.c @@ -194,7 +194,7 @@ change_cache() locked = FALSE; } - SendMessage(HWND_BROADCAST, krb_get_notification_message(), 0, 0); + PostMessage(HWND_BROADCAST, krb_get_notification_message(), 0, 0); } diff --git a/src/lib/krb4/pkt_clen.c b/src/lib/krb4/pkt_clen.c index 352c91d4e..14e6962ab 100644 --- a/src/lib/krb4/pkt_clen.c +++ b/src/lib/krb4/pkt_clen.c @@ -14,7 +14,7 @@ #include "prot.h" extern int krb_debug; -int swap_bytes; +int swap_bytes=0; /* * Given a pointer to an AUTH_MSG_KDC_REPLY packet, return the length of diff --git a/src/lib/krb4/rd_req.c b/src/lib/krb4/rd_req.c index c9b6ac734..db05c5bb3 100644 --- a/src/lib/krb4/rd_req.c +++ b/src/lib/krb4/rd_req.c @@ -184,6 +184,8 @@ krb_rd_req(authent,service,instance,from_addr,ad,fn) krb5_keyblock keyblock; int status; + tkt->mbz = req_id->mbz = 0; + if (authent->length <= 0) return(RD_AP_MODIFIED); @@ -219,8 +221,9 @@ krb_rd_req(authent,service,instance,from_addr,ad,fn) mutual = 0; #endif /* lint */ s_kvno = *ptr++; /* get server key version */ - (void) strcpy(realm,ptr); /* And the realm of the issuing KDC */ - ptr += strlen(ptr) + 1; /* skip the realm "hint" */ + (void) strncpy(realm,ptr,REALM_SZ); /* And the realm of the issuing KDC */ + realm[REALM_SZ-1] = '\0'; + ptr += strlen(realm) + 1; /* skip the realm "hint" */ /* * If "fn" is NULL, key info should already be set; don't @@ -324,13 +327,16 @@ krb_rd_req(authent,service,instance,from_addr,ad,fn) #define check_ptr() if ((ptr - (char *) req_id->dat) > req_id->length) return(RD_AP_MODIFIED); ptr = (char *) req_id->dat; - (void) strcpy(r_aname,ptr); /* Authentication name */ + (void) strncpy(r_aname,ptr,ANAME_SZ); /* Authentication name */ + r_aname[ANAME_SZ-1] = '\0'; ptr += strlen(r_aname)+1; check_ptr(); - (void) strcpy(r_inst,ptr); /* Authentication instance */ + (void) strncpy(r_inst,ptr,INST_SZ); /* Authentication instance */ + r_inst[INST_SZ-1] = '\0'; ptr += strlen(r_inst)+1; check_ptr(); - (void) strcpy(r_realm,ptr); /* Authentication name */ + (void) strncpy(r_realm,ptr,REALM_SZ); /* Authentication name */ + r_realm[REALM_SZ-1] = '\0'; ptr += strlen(r_realm)+1; check_ptr(); memcpy((char *)&ad->checksum, ptr, 4); /* Checksum */ diff --git a/src/lib/krb4/rd_svc_key.c b/src/lib/krb4/rd_svc_key.c index 9bcda29ea..831becdf0 100644 --- a/src/lib/krb4/rd_svc_key.c +++ b/src/lib/krb4/rd_svc_key.c @@ -194,6 +194,7 @@ krb54_get_service_keyblock(service,instance,realm,kvno,file,keyblock) &kt_entry.key, keyblock); krb5_kt_free_entry(krb5__krb4_context, &kt_entry); + krb5_kt_close (krb5__krb4_context, kt_id); errout: if (princ) diff --git a/src/lib/krb4/sendauth.c b/src/lib/krb4/sendauth.c index d11076fc3..9b8fb3904 100644 --- a/src/lib/krb4/sendauth.c +++ b/src/lib/krb4/sendauth.c @@ -107,7 +107,7 @@ * * See FIXME KLUDGE code in appl/bsd/kcmd.c. */ -KRB4_32 __krb_sendauth_hidden_tkt_len; +KRB4_32 __krb_sendauth_hidden_tkt_len=0; #define raw_tkt_len __krb_sendauth_hidden_tkt_len diff --git a/src/lib/krb4_16.def b/src/lib/krb4_16.def deleted file mode 100644 index c09930d0f..000000000 --- a/src/lib/krb4_16.def +++ /dev/null @@ -1,61 +0,0 @@ -;----------------------------- -; KERBEROS.DEF - module definition file -;----------------------------- - -LIBRARY KRB4_16 -DESCRIPTION 'DLL for Kerberos support' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - LibMain @1001 RESIDENTNAME - WEP @1002 -; - dest_tkt - get_service_key - in_tkt - kname_parse - krb_check_auth - krb_get_admhst - krb_get_cred - krb_get_default_user - krb_get_err_text - krb_get_krbhst - krb_get_lrealm - krb_get_phost - krb_get_pw_in_tkt - krb_get_pw_in_tkt_preauth - krb_get_svc_in_tkt - krb_get_tf_fullname - krb_get_tf_realm - krb_get_ticket_for_service - krb_mk_auth - krb_mk_err - krb_mk_priv - krb_mk_req - krb_mk_safe - krb_rd_err - krb_rd_priv - krb_rd_req - krb_rd_safe - krb_realmofhost - krb_recvauth - krb_save_credentials - krb_set_default_user -; kuserok - put_svc_key - read_service_key -; kadm_change_pw2 -; kadm_init_link -; kadm_get_err_text -; kadm_change_pw -; kstream_create_from_fd -; kstream_create_rlogin_from_fd -; kstream_create_rcp_from_fd -; kstream_write -; kstream_read -; kstream_flush -; kstream_destroy -; kstream_set_buffer_mode diff --git a/src/lib/krb5.rc b/src/lib/krb5.rc index 9fc24289b..f8e540024 100644 --- a/src/lib/krb5.rc +++ b/src/lib/krb5.rc @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ChangeLog b/src/lib/krb5/ChangeLog index 5f181680f..b11d3091e 100644 --- a/src/lib/krb5/ChangeLog +++ b/src/lib/krb5/ChangeLog @@ -1,3 +1,7 @@ +1999-12-01 Ken Raeburn + + * Makefile.in (LIBMINOR): Update to 2. + 1999-06-13 Geoffrey King * Makefile.in: diff --git a/src/lib/krb5/Makefile.in b/src/lib/krb5/Makefile.in index 2d9535035..4235d7272 100644 --- a/src/lib/krb5/Makefile.in +++ b/src/lib/krb5/Makefile.in @@ -31,7 +31,7 @@ LIBDONE= error_tables/DONE asn.1/DONE ccache/DONE ccache/stdio/DONE \ LIB=krb5 LIBMAJOR=2 -LIBMINOR=1 +LIBMINOR=2 STOBJLISTS= \ error_tables/OBJS.ST \ diff --git a/src/lib/krb5/asn.1/ChangeLog b/src/lib/krb5/asn.1/ChangeLog index 50c7808aa..1b115d414 100644 --- a/src/lib/krb5/asn.1/ChangeLog +++ b/src/lib/krb5/asn.1/ChangeLog @@ -1,3 +1,37 @@ +1999-11-01 Tom Yu + + * krb5_decode.c (begin_structure): Update to deal with indefinite + encodings better; also call asn1_get_sequence(). + + * asn1_k_decode.c (sequence_of): Update to deal with indefinite + encodings better. + (begin_structure): Update to deal with indefinite encodings + better; also call asn1_get_sequence(). + + * asn1_get.h: Update prototypes for asn1_get_tag_indef(), + asn1_get_tag(), asn1_get_sequence(), asn1_get_length(). + + * asn1_get.c (asn1_get_tag_indef): New function; get tag info, + lengths, etc. as well as flag indicating whether the length is + indefinite. + (asn1_get_tag): Modify to just call asn1_get_tag_indef(). + (asn1_get_sequence): Call asn1_get_tag_indef() in order to + determine whether encoding is indefinite length. + (asn1_get_length): Add "indef" arg to indicate whether an encoding + has an indefinite length. + + * asn1buf.h: Update asn1buf_imbed() prototype. + + * asn1buf.c (asn1buf_imbed): Add "indef" arg so that we don't + treat a definite zero-length encoding as an indefinite encoding. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Sat Jul 10 10:21:40 1999 Tom Yu * asn1_decode.c (asn1_decode_integer): Fix to deal with overflows diff --git a/src/lib/krb5/asn.1/KRB5-asn.py b/src/lib/krb5/asn.1/KRB5-asn.py index be37d7809..365debcf8 100644 --- a/src/lib/krb5/asn.1/KRB5-asn.py +++ b/src/lib/krb5/asn.1/KRB5-asn.py @@ -14,7 +14,10 @@ -- this permission notice appear in supporting documentation, and that -- the name of M.I.T. not be used in advertising or publicity pertaining -- to distribution of the software without specific, written prior --- permission. M.I.T. makes no representations about the suitability of +-- permission. Furthermore if you modify this software you must label +-- your software as modified software and not distribute it in such a +-- fashion that it might be confused with the original M.I.T. software. +-- M.I.T. makes no representations about the suitability of -- this software for any purpose. It is provided "as is" without express -- or implied warranty. -- diff --git a/src/lib/krb5/asn.1/Makefile.in b/src/lib/krb5/asn.1/Makefile.in index 4cd003e2d..6a42d634e 100644 --- a/src/lib/krb5/asn.1/Makefile.in +++ b/src/lib/krb5/asn.1/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/krb5/asn.1 mydir=asn.1 BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS=$(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=asn.1 diff --git a/src/lib/krb5/asn.1/asn1_decode.c b/src/lib/krb5/asn.1/asn1_decode.c index 189f7c082..8a911e55e 100644 --- a/src/lib/krb5/asn.1/asn1_decode.c +++ b/src/lib/krb5/asn.1/asn1_decode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_decode.h b/src/lib/krb5/asn.1/asn1_decode.h index 39bc6badb..31de79b68 100644 --- a/src/lib/krb5/asn.1/asn1_decode.h +++ b/src/lib/krb5/asn.1/asn1_decode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_encode.c b/src/lib/krb5/asn.1/asn1_encode.c index fe7a39797..7ef89c8c2 100644 --- a/src/lib/krb5/asn.1/asn1_encode.c +++ b/src/lib/krb5/asn.1/asn1_encode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_encode.h b/src/lib/krb5/asn.1/asn1_encode.h index baae56271..72686fba1 100644 --- a/src/lib/krb5/asn.1/asn1_encode.h +++ b/src/lib/krb5/asn.1/asn1_encode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_get.c b/src/lib/krb5/asn.1/asn1_get.c index 7d491a4cd..20334a2fc 100644 --- a/src/lib/krb5/asn.1/asn1_get.c +++ b/src/lib/krb5/asn.1/asn1_get.c @@ -16,19 +16,24 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ #include "asn1_get.h" -asn1_error_code asn1_get_tag(buf, class, construction, tagnum, retlen) +asn1_error_code +asn1_get_tag_indef(buf, class, construction, tagnum, retlen, indef) asn1buf * buf; asn1_class * class; asn1_construction * construction; asn1_tagnum * tagnum; int * retlen; + int * indef; { asn1_error_code retval; @@ -45,21 +50,36 @@ asn1_error_code asn1_get_tag(buf, class, construction, tagnum, retlen) } retval = asn1_get_id(buf,class,construction,tagnum); if(retval) return retval; - retval = asn1_get_length(buf,retlen); + retval = asn1_get_length(buf,retlen,indef); if(retval) return retval; return 0; } -asn1_error_code asn1_get_sequence(buf, retlen) +asn1_error_code +asn1_get_tag(buf, class, construction, tagnum, retlen) + asn1buf *buf; + asn1_class *class; + asn1_construction *construction; + asn1_tagnum *tagnum; + int *retlen; +{ + asn1_error_code retval; + int indef; + + return asn1_get_tag_indef(buf, class, construction, tagnum, retlen, &indef); +} + +asn1_error_code asn1_get_sequence(buf, retlen, indef) asn1buf * buf; int * retlen; + int * indef; { asn1_error_code retval; asn1_class class; asn1_construction construction; asn1_tagnum tagnum; - retval = asn1_get_tag(buf,&class,&construction,&tagnum,retlen); + retval = asn1_get_tag_indef(buf,&class,&construction,&tagnum,retlen,indef); if(retval) return retval; if(retval) return (krb5_error_code)retval; if(class != UNIVERSAL || construction != CONSTRUCTED || @@ -106,13 +126,16 @@ asn1_error_code asn1_get_id(buf, class, construction, tagnum) return 0; } -asn1_error_code asn1_get_length(buf, retlen) +asn1_error_code asn1_get_length(buf, retlen, indef) asn1buf * buf; int * retlen; + int * indef; { asn1_error_code retval; asn1_octet o; + if (indef != NULL) + *indef = 0; retval = asn1buf_remove_octet(buf,&o); if(retval) return retval; if((o&0x80) == 0){ @@ -126,6 +149,8 @@ asn1_error_code asn1_get_length(buf, retlen) if(retval) return retval; len = (len<<8) + (int)o; } + if (indef != NULL && !len) + *indef = 1; if(retlen != NULL) *retlen = len; } return 0; diff --git a/src/lib/krb5/asn.1/asn1_get.h b/src/lib/krb5/asn.1/asn1_get.h index 67bc71952..2f5edf112 100644 --- a/src/lib/krb5/asn.1/asn1_get.h +++ b/src/lib/krb5/asn.1/asn1_get.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ @@ -30,6 +33,12 @@ #include "krbasn1.h" #include "asn1buf.h" +asn1_error_code asn1_get_tag_indef + PROTOTYPE((asn1buf *buf, + asn1_class *class, + asn1_construction *construction, + asn1_tagnum *tagnum, + int *retlen, int *indef)); asn1_error_code asn1_get_tag PROTOTYPE((asn1buf *buf, asn1_class *class, @@ -46,7 +55,7 @@ asn1_error_code asn1_get_tag Returns ASN1_OVERRUN if *buf is exhausted during the parse. */ asn1_error_code asn1_get_sequence - PROTOTYPE((asn1buf *buf, int *retlen)); + PROTOTYPE((asn1buf *buf, int *retlen, int *indef)); /* requires *buf is allocated effects Decodes a tag from *buf and returns ASN1_BAD_ID if it doesn't have a sequence ID. If retlen != NULL, the @@ -68,7 +77,7 @@ asn1_error_code asn1_get_id Returns ASN1_OVERRUN if *buf is exhausted. */ asn1_error_code asn1_get_length - PROTOTYPE((asn1buf *buf, int *retlen)); + PROTOTYPE((asn1buf *buf, int *retlen, int *indef)); /* requires *buf is allocated effects Decodes the group of length octets at *buf's current position. If retlen != NULL, the diff --git a/src/lib/krb5/asn.1/asn1_k_decode.c b/src/lib/krb5/asn.1/asn1_k_decode.c index 2ecb1c342..0c14e94f0 100644 --- a/src/lib/krb5/asn.1/asn1_k_decode.c +++ b/src/lib/krb5/asn.1/asn1_k_decode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ @@ -89,11 +92,10 @@ else { len = 0; var = 0; } #define begin_structure()\ asn1buf subbuf;\ -retval = asn1_get_tag(buf,&class,&construction,&tagnum,&length);\ +int indef;\ +retval = asn1_get_sequence(buf,&length,&indef);\ if(retval) return retval;\ -if(class != UNIVERSAL || construction != CONSTRUCTED ||\ - tagnum != ASN1_SEQUENCE) return ASN1_BAD_ID;\ -retval = asn1buf_imbed(&subbuf,buf,length);\ +retval = asn1buf_imbed(&subbuf,buf,length,indef);\ if(retval) return retval;\ next_tag() @@ -105,9 +107,10 @@ if(retval) return retval int size=0;\ asn1buf seqbuf;\ int length;\ -retval = asn1_get_sequence(buf,&length);\ +int indef;\ +retval = asn1_get_sequence(buf,&length,&indef);\ if(retval) return retval;\ -retval = asn1buf_imbed(&seqbuf,buf,length);\ +retval = asn1buf_imbed(&seqbuf,buf,length,indef);\ if(retval) return retval #define end_sequence_of(buf)\ diff --git a/src/lib/krb5/asn.1/asn1_k_decode.h b/src/lib/krb5/asn.1/asn1_k_decode.h index 489123b6f..04861a412 100644 --- a/src/lib/krb5/asn.1/asn1_k_decode.h +++ b/src/lib/krb5/asn.1/asn1_k_decode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_k_encode.c b/src/lib/krb5/asn.1/asn1_k_encode.c index a3f375d1f..0bd3107a7 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.c +++ b/src/lib/krb5/asn.1/asn1_k_encode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_k_encode.h b/src/lib/krb5/asn.1/asn1_k_encode.h index 920d93ded..d1b804d3b 100644 --- a/src/lib/krb5/asn.1/asn1_k_encode.h +++ b/src/lib/krb5/asn.1/asn1_k_encode.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_make.c b/src/lib/krb5/asn.1/asn1_make.c index ab147f85d..64e96f7b9 100644 --- a/src/lib/krb5/asn.1/asn1_make.c +++ b/src/lib/krb5/asn.1/asn1_make.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_make.h b/src/lib/krb5/asn.1/asn1_make.h index 89ece9bcf..d2d3367a8 100644 --- a/src/lib/krb5/asn.1/asn1_make.h +++ b/src/lib/krb5/asn.1/asn1_make.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_misc.c b/src/lib/krb5/asn.1/asn1_misc.c index a687d062a..a03f16c56 100644 --- a/src/lib/krb5/asn.1/asn1_misc.c +++ b/src/lib/krb5/asn.1/asn1_misc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1_misc.h b/src/lib/krb5/asn.1/asn1_misc.h index 9378b330e..14a5b2a13 100644 --- a/src/lib/krb5/asn.1/asn1_misc.h +++ b/src/lib/krb5/asn.1/asn1_misc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/asn.1/asn1buf.c b/src/lib/krb5/asn.1/asn1buf.c index 6d7a950b9..9c639279a 100644 --- a/src/lib/krb5/asn.1/asn1buf.c +++ b/src/lib/krb5/asn.1/asn1buf.c @@ -75,13 +75,14 @@ asn1_error_code asn1buf_wrap_data(buf, code) return 0; } -asn1_error_code asn1buf_imbed(subbuf, buf, length) +asn1_error_code asn1buf_imbed(subbuf, buf, length, indef) asn1buf * subbuf; const asn1buf * buf; const int length; + const int indef; { subbuf->base = subbuf->next = buf->next; - if (length > 0 ) { + if (!indef) { subbuf->bound = subbuf->base + length - 1; if (subbuf->bound > buf->bound) return ASN1_OVERRUN; diff --git a/src/lib/krb5/asn.1/asn1buf.h b/src/lib/krb5/asn.1/asn1buf.h index bf2f252a3..6c2c663fc 100644 --- a/src/lib/krb5/asn.1/asn1buf.h +++ b/src/lib/krb5/asn.1/asn1buf.h @@ -111,7 +111,8 @@ asn1_error_code asn1buf_wrap_data Returns ASN1_MISSING_FIELD if code is empty. */ asn1_error_code asn1buf_imbed - PROTOTYPE((asn1buf *subbuf, const asn1buf *buf, const int length)); + PROTOTYPE((asn1buf *subbuf, const asn1buf *buf, const int length, + const int indef)); /* requires *subbuf and *buf are allocated effects *subbuf becomes a sub-buffer of *buf. *subbuf begins at *buf's current position and is length octets long. diff --git a/src/lib/krb5/asn.1/asn1glue.h b/src/lib/krb5/asn.1/asn1glue.h index c9cceb528..fa3c95675 100644 --- a/src/lib/krb5/asn.1/asn1glue.h +++ b/src/lib/krb5/asn.1/asn1glue.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/asn.1/krb5_decode.c b/src/lib/krb5/asn.1/krb5_decode.c index ee88b84cc..a56a1f451 100644 --- a/src/lib/krb5/asn.1/krb5_decode.c +++ b/src/lib/krb5/asn.1/krb5_decode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ @@ -82,11 +85,10 @@ if(class != CONTEXT_SPECIFIC || construction != CONSTRUCTED)\ /* decode sequence header and initialize tagnum with the first field */ #define begin_structure()\ asn1buf subbuf;\ -retval = asn1_get_tag(&buf,&class,&construction,&tagnum,&length);\ +int indef;\ +retval = asn1_get_sequence(&buf,&length,&indef);\ if(retval) clean_return(retval);\ -if(class != UNIVERSAL || construction != CONSTRUCTED ||\ - tagnum != ASN1_SEQUENCE) clean_return(ASN1_BAD_ID);\ -retval = asn1buf_imbed(&subbuf,&buf,length);\ +retval = asn1buf_imbed(&subbuf,&buf,length,indef);\ if(retval) clean_return(retval);\ next_tag() diff --git a/src/lib/krb5/asn.1/krb5_encode.c b/src/lib/krb5/asn.1/krb5_encode.c index e421ebc10..60955b866 100644 --- a/src/lib/krb5/asn.1/krb5_encode.c +++ b/src/lib/krb5/asn.1/krb5_encode.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/ccache/ChangeLog b/src/lib/krb5/ccache/ChangeLog index 508078644..2f74235fb 100644 --- a/src/lib/krb5/ccache/ChangeLog +++ b/src/lib/krb5/ccache/ChangeLog @@ -1,3 +1,22 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-23 Ken Raeburn + + * cc_retr.c: New file. + (krb5_cc_retrieve_cred_seq): New function, derived from + fcc_retrieve but takes an optional list of enctypes to look for in + priority order. + (krb5_cc_retrieve_cred_default): New function. Same signature as + original fcc_retrieve but if new flag KRB5_TC_SUPPORTED_KTYPES is + set, calls krb5_get_tgs_ktypes to get a list of enctypes to look + for. + * Makefile.in (STLIBOBJS, OBJS, SRCS): Add it. + Tue May 18 19:52:56 1999 Danilo Almeida * Makefile.in: Remove - from recursive Win32 make invocation. diff --git a/src/lib/krb5/ccache/Makefile.in b/src/lib/krb5/ccache/Makefile.in index eafa55773..37abee405 100644 --- a/src/lib/krb5/ccache/Makefile.in +++ b/src/lib/krb5/ccache/Makefile.in @@ -4,7 +4,7 @@ mydir=ccache BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) LOCAL_SUBDIRS = stdio file memory -CFLAGS = $(CCOPTS) $(DEFS) -I$(srcdir)$(S)file -I$(srcdir)$(S)stdio \ +LOCALINCLUDES = -I$(srcdir)$(S)file -I$(srcdir)$(S)stdio \ -I$(srcdir)$(S)ccapi $(WIN_INCLUDES) ##DOS##WIN_INCLUDES = -I$(SRCTOP)\windows\lib @@ -21,18 +21,21 @@ STLIBOBJS= \ cccopy.o \ ccdefault.o \ ccdefops.o \ + cc_retr.o \ ser_cc.o OBJS= $(OUTPRE)ccbase.$(OBJEXT) \ $(OUTPRE)cccopy.$(OBJEXT) \ $(OUTPRE)ccdefault.$(OBJEXT) \ $(OUTPRE)ccdefops.$(OBJEXT) \ + $(OUTPRE)cc_retr.$(OBJEXT) \ $(OUTPRE)ser_cc.$(OBJEXT) SRCS= $(srcdir)/ccbase.c \ $(srcdir)/cccopy.c \ $(srcdir)/ccdefault.c \ $(srcdir)/ccdefops.c \ + $(srcdir)/cc_retr.c \ $(srcdir)/ser_cc.c all-unix:: all-libobjs diff --git a/src/lib/krb5/ccache/cc_retr.c b/src/lib/krb5/ccache/cc_retr.c new file mode 100644 index 000000000..8d439d329 --- /dev/null +++ b/src/lib/krb5/ccache/cc_retr.c @@ -0,0 +1,286 @@ +/* + * lib/krb5/ccache/cc_retr.c + * + * Copyright 1990,1991,1999 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + */ + +#include "k5-int.h" + +#define KRB5_OK 0 + +#define set(bits) (whichfields & bits) +#define flags_match(a,b) (((a) & (b)) == (a)) +#define times_match_exact(t1,t2) (memcmp((char *)(t1), (char *)(t2), sizeof(*(t1))) == 0) + +static krb5_boolean +times_match(t1, t2) + const krb5_ticket_times *t1; + const krb5_ticket_times *t2; +{ + if (t1->renew_till) { + if (t1->renew_till > t2->renew_till) + return FALSE; /* this one expires too late */ + } + if (t1->endtime) { + if (t1->endtime > t2->endtime) + return FALSE; /* this one expires too late */ + } + /* only care about expiration on a times_match */ + return TRUE; +} + +static krb5_boolean +standard_fields_match(context, mcreds, creds) +krb5_context context; +const krb5_creds *mcreds; +const krb5_creds *creds; +{ + return (krb5_principal_compare(context, mcreds->client,creds->client) + && krb5_principal_compare(context, mcreds->server,creds->server)); +} + +/* only match the server name portion, not the server realm portion */ + +static krb5_boolean +srvname_match(context, mcreds, creds) + krb5_context context; + const krb5_creds *mcreds, *creds; +{ + krb5_boolean retval; + krb5_principal_data p1, p2; + + retval = krb5_principal_compare(context, mcreds->client,creds->client); + if (retval != TRUE) + return retval; + /* + * Hack to ignore the server realm for the purposes of the compare. + */ + p1 = *mcreds->server; + p2 = *creds->server; + p1.realm = p2.realm; + return krb5_principal_compare(context, &p1, &p2); +} + +static krb5_boolean +authdata_match(mdata, data) + krb5_authdata * const *mdata, * const *data; +{ + const krb5_authdata *mdatap, *datap; + + if (mdata == data) + return TRUE; + + if (mdata == NULL) + return *data == NULL; + + if (data == NULL) + return *mdata == NULL; + + while ((mdatap = *mdata) && (datap = *data)) { + if ((mdatap->ad_type != datap->ad_type) || + (mdatap->length != datap->length) || + (memcmp ((char *)mdatap->contents, + (char *)datap->contents, mdatap->length) != 0)) + return FALSE; + mdata++; + data++; + } + return (*mdata == NULL) && (*data == NULL); +} + +static krb5_boolean +data_match(data1, data2) + const krb5_data *data1, *data2; +{ + if (!data1) { + if (!data2) + return TRUE; + else + return FALSE; + } + if (!data2) return FALSE; + + if (data1->length != data2->length) + return FALSE; + else + return memcmp(data1->data, data2->data, data1->length) ? FALSE : TRUE; +} + +static int +pref (krb5_enctype my_ktype, int nktypes, krb5_enctype *ktypes) +{ + int i; + for (i = 0; i < nktypes; i++) + if (my_ktype == ktypes[i]) + return i; + return -1; +} + +/* + * Effects: + * Searches the credentials cache for a credential matching mcreds, + * with the fields specified by whichfields. If one if found, it is + * returned in creds, which should be freed by the caller with + * krb5_free_credentials(). + * + * The fields are interpreted in the following way (all constants are + * preceded by KRB5_TC_). MATCH_IS_SKEY requires the is_skey field to + * match exactly. MATCH_TIMES requires the requested lifetime to be + * at least as great as that specified; MATCH_TIMES_EXACT requires the + * requested lifetime to be exactly that specified. MATCH_FLAGS + * requires only the set bits in mcreds be set in creds; + * MATCH_FLAGS_EXACT requires all bits to match. + * + * Flag SUPPORTED_KTYPES means check all matching entries that have + * any supported enctype (according to tgs_enctypes) and return the one + * with the enctype listed earliest. Return CC_NOT_KTYPE if a match + * is found *except* for having a supported enctype. + * + * Errors: + * system errors + * permission errors + * KRB5_CC_NOMEM + * KRB5_CC_NOT_KTYPE + */ + +static krb5_error_code +krb5_cc_retrieve_cred_seq (context, id, whichfields, + mcreds, creds, nktypes, ktypes) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; + int nktypes; + krb5_enctype *ktypes; +{ + /* This function could be considerably faster if it kept indexing */ + /* information.. sounds like a "next version" idea to me. :-) */ + + krb5_cc_cursor cursor; + krb5_error_code kret; + krb5_error_code nomatch_err = KRB5_CC_NOTFOUND; + struct { + krb5_creds creds; + int pref; + } fetched, best; + int have_creds = 0; +#define fetchcreds (fetched.creds) + + kret = krb5_cc_start_seq_get(context, id, &cursor); + if (kret != KRB5_OK) + return kret; + + while ((kret = krb5_cc_next_cred(context, id, &cursor, &fetchcreds)) == KRB5_OK) { + if (((set(KRB5_TC_MATCH_SRV_NAMEONLY) && + srvname_match(context, mcreds, &fetchcreds)) || + standard_fields_match(context, mcreds, &fetchcreds)) + && + (! set(KRB5_TC_MATCH_IS_SKEY) || + mcreds->is_skey == fetchcreds.is_skey) + && + (! set(KRB5_TC_MATCH_FLAGS_EXACT) || + mcreds->ticket_flags == fetchcreds.ticket_flags) + && + (! set(KRB5_TC_MATCH_FLAGS) || + flags_match(mcreds->ticket_flags, fetchcreds.ticket_flags)) + && + (! set(KRB5_TC_MATCH_TIMES_EXACT) || + times_match_exact(&mcreds->times, &fetchcreds.times)) + && + (! set(KRB5_TC_MATCH_TIMES) || + times_match(&mcreds->times, &fetchcreds.times)) + && + ( ! set(KRB5_TC_MATCH_AUTHDATA) || + authdata_match(mcreds->authdata, fetchcreds.authdata)) + && + (! set(KRB5_TC_MATCH_2ND_TKT) || + data_match (&mcreds->second_ticket, &fetchcreds.second_ticket)) + && + ((! set(KRB5_TC_MATCH_KTYPE))|| + (mcreds->keyblock.enctype == fetchcreds.keyblock.enctype))) + { + if (ktypes) { + fetched.pref = pref (fetchcreds.keyblock.enctype, + nktypes, ktypes); + if (fetched.pref < 0) + nomatch_err = KRB5_CC_NOT_KTYPE; + else if (!have_creds || fetched.pref < best.pref) { + if (have_creds) + krb5_free_cred_contents (context, &best.creds); + else + have_creds = 1; + best = fetched; + continue; + } + } else { + krb5_cc_end_seq_get(context, id, &cursor); + *creds = fetchcreds; + return KRB5_OK; + } + } + + /* This one doesn't match */ + krb5_free_cred_contents(context, &fetchcreds); + } + + /* If we get here, a match wasn't found */ + krb5_cc_end_seq_get(context, id, &cursor); + if (have_creds) { + *creds = best.creds; + return KRB5_OK; + } else + return nomatch_err; +} + +krb5_error_code KRB5_CALLCONV +krb5_cc_retrieve_cred_default (context, id, flags, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags flags; + krb5_creds *mcreds; + krb5_creds *creds; +{ + krb5_enctype *ktypes; + int nktypes; + krb5_error_code ret; + + if (flags & KRB5_TC_SUPPORTED_KTYPES) { + ret = krb5_get_tgs_ktypes (context, mcreds->server, &ktypes); + if (ret) + return ret; + nktypes = 0; + while (ktypes[nktypes]) + nktypes++; + + ret = krb5_cc_retrieve_cred_seq (context, id, flags, mcreds, creds, + nktypes, ktypes); + free (ktypes); + return ret; + } else { + return krb5_cc_retrieve_cred_seq (context, id, flags, mcreds, creds, + 0, 0); + } +} diff --git a/src/lib/krb5/ccache/ccapi/ChangeLog b/src/lib/krb5/ccache/ccapi/ChangeLog index dfe92f16f..a80578054 100644 --- a/src/lib/krb5/ccache/ccapi/ChangeLog +++ b/src/lib/krb5/ccache/ccapi/ChangeLog @@ -1,3 +1,15 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-23 Ken Raeburn + + * stdcc.c (krb5_stdcc_retrieve): Replace with a version that calls + krb5_cc_retrieve_cred_default. + 1999-08-05 Alexandra Ellwood * stdcc_util.c (deep_free_cc_v5_creds): diff --git a/src/lib/krb5/ccache/ccapi/Makefile.in b/src/lib/krb5/ccache/ccapi/Makefile.in index 7229f798e..9f8d1c5f4 100644 --- a/src/lib/krb5/ccache/ccapi/Makefile.in +++ b/src/lib/krb5/ccache/ccapi/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./../.. myfulldir=lib/krb5/ccache/ccapi mydir=ccache/ccapi BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(WIN_INCLUDES) +LOCALINCLUDES = $(WIN_INCLUDES) ##DOS##WIN_INCLUDES = -I$(SRCTOP)\windows\lib diff --git a/src/lib/krb5/ccache/ccapi/stdcc.c b/src/lib/krb5/ccache/ccapi/stdcc.c index db93102ca..36eed9d22 100644 --- a/src/lib/krb5/ccache/ccapi/stdcc.c +++ b/src/lib/krb5/ccache/ccapi/stdcc.c @@ -19,7 +19,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -478,6 +481,7 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_next_cred * * - try to find a matching credential in the cache */ +#if 0 krb5_error_code KRB5_CALLCONV krb5_stdcc_retrieve (krb5_context context, krb5_ccache id, @@ -523,6 +527,22 @@ krb5_error_code KRB5_CALLCONV krb5_stdcc_retrieve return KRB5_CC_NOTFOUND; } +#else +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_stdcc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif /* * end seq diff --git a/src/lib/krb5/ccache/ccbase.c b/src/lib/krb5/ccache/ccbase.c index ae89334a0..912571f78 100644 --- a/src/lib/krb5/ccache/ccbase.c +++ b/src/lib/krb5/ccache/ccbase.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/ccdefault.c b/src/lib/krb5/ccache/ccdefault.c index 5e3cd53a9..3e2699c56 100644 --- a/src/lib/krb5/ccache/ccdefault.c +++ b/src/lib/krb5/ccache/ccdefault.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/ccdefops.c b/src/lib/krb5/ccache/ccdefops.c index 20081cc8e..2651273be 100644 --- a/src/lib/krb5/ccache/ccdefops.c +++ b/src/lib/krb5/ccache/ccdefops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/ChangeLog b/src/lib/krb5/ccache/file/ChangeLog index f99e78246..298360b79 100644 --- a/src/lib/krb5/ccache/file/ChangeLog +++ b/src/lib/krb5/ccache/file/ChangeLog @@ -1,3 +1,15 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-23 Ken Raeburn + + * fcc_retrv.c (krb5_fcc_retrieve): Replace with a version that + calls krb5_cc_retrieve_cred_default. + 1999-06-10 Danilo Almeida * fcc_ops.c (krb5_cache_change): Use PostMessage instead of diff --git a/src/lib/krb5/ccache/file/Makefile.in b/src/lib/krb5/ccache/file/Makefile.in index 77cf38eed..c1a2ace4d 100644 --- a/src/lib/krb5/ccache/file/Makefile.in +++ b/src/lib/krb5/ccache/file/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./../.. myfulldir=lib/krb5/ccache/file mydir=ccache/file BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR = ccache\file diff --git a/src/lib/krb5/ccache/file/fcc-proto.h b/src/lib/krb5/ccache/file/fcc-proto.h index d05eeb73c..837a9e32b 100644 --- a/src/lib/krb5/ccache/file/fcc-proto.h +++ b/src/lib/krb5/ccache/file/fcc-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc.h b/src/lib/krb5/ccache/file/fcc.h index e17d437ab..d1b3c332c 100644 --- a/src/lib/krb5/ccache/file/fcc.h +++ b/src/lib/krb5/ccache/file/fcc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_close.c b/src/lib/krb5/ccache/file/fcc_close.c index 6e7997afd..5d8d49891 100644 --- a/src/lib/krb5/ccache/file/fcc_close.c +++ b/src/lib/krb5/ccache/file/fcc_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_defops.c b/src/lib/krb5/ccache/file/fcc_defops.c index 18591ac7f..8f2f0f2f5 100644 --- a/src/lib/krb5/ccache/file/fcc_defops.c +++ b/src/lib/krb5/ccache/file/fcc_defops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_destry.c b/src/lib/krb5/ccache/file/fcc_destry.c index 37914e1f9..d0e6ff595 100644 --- a/src/lib/krb5/ccache/file/fcc_destry.c +++ b/src/lib/krb5/ccache/file/fcc_destry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_errs.c b/src/lib/krb5/ccache/file/fcc_errs.c index 0f21445ff..43d397462 100644 --- a/src/lib/krb5/ccache/file/fcc_errs.c +++ b/src/lib/krb5/ccache/file/fcc_errs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_eseq.c b/src/lib/krb5/ccache/file/fcc_eseq.c index d6ce34e2d..a57c9c111 100644 --- a/src/lib/krb5/ccache/file/fcc_eseq.c +++ b/src/lib/krb5/ccache/file/fcc_eseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_gennew.c b/src/lib/krb5/ccache/file/fcc_gennew.c index df98e0cd1..12b37b1c8 100644 --- a/src/lib/krb5/ccache/file/fcc_gennew.c +++ b/src/lib/krb5/ccache/file/fcc_gennew.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_getnam.c b/src/lib/krb5/ccache/file/fcc_getnam.c index 6a7b9557c..c5ca1d006 100644 --- a/src/lib/krb5/ccache/file/fcc_getnam.c +++ b/src/lib/krb5/ccache/file/fcc_getnam.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_gprin.c b/src/lib/krb5/ccache/file/fcc_gprin.c index 72d6c7780..b8a259576 100644 --- a/src/lib/krb5/ccache/file/fcc_gprin.c +++ b/src/lib/krb5/ccache/file/fcc_gprin.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_init.c b/src/lib/krb5/ccache/file/fcc_init.c index b3bf74de1..b3777ecd8 100644 --- a/src/lib/krb5/ccache/file/fcc_init.c +++ b/src/lib/krb5/ccache/file/fcc_init.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_maybe.c b/src/lib/krb5/ccache/file/fcc_maybe.c index e982f0f82..1602a20ec 100644 --- a/src/lib/krb5/ccache/file/fcc_maybe.c +++ b/src/lib/krb5/ccache/file/fcc_maybe.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_nseq.c b/src/lib/krb5/ccache/file/fcc_nseq.c index 92df32927..0c34a20bf 100644 --- a/src/lib/krb5/ccache/file/fcc_nseq.c +++ b/src/lib/krb5/ccache/file/fcc_nseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_ops.c b/src/lib/krb5/ccache/file/fcc_ops.c index 3260421ce..e96be06f3 100644 --- a/src/lib/krb5/ccache/file/fcc_ops.c +++ b/src/lib/krb5/ccache/file/fcc_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_read.c b/src/lib/krb5/ccache/file/fcc_read.c index 88cb21d09..e57c7aba3 100644 --- a/src/lib/krb5/ccache/file/fcc_read.c +++ b/src/lib/krb5/ccache/file/fcc_read.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_reslv.c b/src/lib/krb5/ccache/file/fcc_reslv.c index 5e3775ae4..a541a860f 100644 --- a/src/lib/krb5/ccache/file/fcc_reslv.c +++ b/src/lib/krb5/ccache/file/fcc_reslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_retrv.c b/src/lib/krb5/ccache/file/fcc_retrv.c index 5f4e71d7c..e7a4ff203 100644 --- a/src/lib/krb5/ccache/file/fcc_retrv.c +++ b/src/lib/krb5/ccache/file/fcc_retrv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -24,6 +27,8 @@ * This file contains the source code for krb5_fcc_retrieve. */ +#if 0 + #include "fcc.h" #ifdef macintosh @@ -230,3 +235,21 @@ authdata_match(mdata, data) } return (*mdata == NULL) && (*data == NULL); } + +#else + +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_fcc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif diff --git a/src/lib/krb5/ccache/file/fcc_sflags.c b/src/lib/krb5/ccache/file/fcc_sflags.c index 9f9b60140..be1007e6d 100644 --- a/src/lib/krb5/ccache/file/fcc_sflags.c +++ b/src/lib/krb5/ccache/file/fcc_sflags.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_skip.c b/src/lib/krb5/ccache/file/fcc_skip.c index 2f51aeee5..354d03a60 100644 --- a/src/lib/krb5/ccache/file/fcc_skip.c +++ b/src/lib/krb5/ccache/file/fcc_skip.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_sseq.c b/src/lib/krb5/ccache/file/fcc_sseq.c index 8e215becd..d22d41dfe 100644 --- a/src/lib/krb5/ccache/file/fcc_sseq.c +++ b/src/lib/krb5/ccache/file/fcc_sseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_store.c b/src/lib/krb5/ccache/file/fcc_store.c index 4915e4e39..264940af0 100644 --- a/src/lib/krb5/ccache/file/fcc_store.c +++ b/src/lib/krb5/ccache/file/fcc_store.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_test.c b/src/lib/krb5/ccache/file/fcc_test.c index 3e3b5c57c..a41df47ac 100644 --- a/src/lib/krb5/ccache/file/fcc_test.c +++ b/src/lib/krb5/ccache/file/fcc_test.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/file/fcc_write.c b/src/lib/krb5/ccache/file/fcc_write.c index 566789ef2..fe4c3b1c2 100644 --- a/src/lib/krb5/ccache/file/fcc_write.c +++ b/src/lib/krb5/ccache/file/fcc_write.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/ChangeLog b/src/lib/krb5/ccache/memory/ChangeLog index 4ff0ffafd..9b9e142a6 100644 --- a/src/lib/krb5/ccache/memory/ChangeLog +++ b/src/lib/krb5/ccache/memory/ChangeLog @@ -1,3 +1,15 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-23 Ken Raeburn + + * mcc_retrv.c (krb5_mcc_retrieve): Replace with a version that + calls krb5_cc_retrieve_cred_default. + Mon May 10 15:25:06 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb5/ccache/memory/Makefile.in b/src/lib/krb5/ccache/memory/Makefile.in index 121ec9dc0..fbe248fb8 100644 --- a/src/lib/krb5/ccache/memory/Makefile.in +++ b/src/lib/krb5/ccache/memory/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./../.. myfulldir=lib/krb5/ccache/memory mydir=ccache/memory BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR = ccache\memory diff --git a/src/lib/krb5/ccache/memory/mcc-proto.h b/src/lib/krb5/ccache/memory/mcc-proto.h index fe66c798f..dc065bad7 100644 --- a/src/lib/krb5/ccache/memory/mcc-proto.h +++ b/src/lib/krb5/ccache/memory/mcc-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc.h b/src/lib/krb5/ccache/memory/mcc.h index f7c6da57d..872fe0efd 100644 --- a/src/lib/krb5/ccache/memory/mcc.h +++ b/src/lib/krb5/ccache/memory/mcc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_close.c b/src/lib/krb5/ccache/memory/mcc_close.c index 514a4adfa..9125f1d1e 100644 --- a/src/lib/krb5/ccache/memory/mcc_close.c +++ b/src/lib/krb5/ccache/memory/mcc_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_destry.c b/src/lib/krb5/ccache/memory/mcc_destry.c index e6946789d..4d70038eb 100644 --- a/src/lib/krb5/ccache/memory/mcc_destry.c +++ b/src/lib/krb5/ccache/memory/mcc_destry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_eseq.c b/src/lib/krb5/ccache/memory/mcc_eseq.c index c3d264cdd..c567d21f6 100644 --- a/src/lib/krb5/ccache/memory/mcc_eseq.c +++ b/src/lib/krb5/ccache/memory/mcc_eseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_gennew.c b/src/lib/krb5/ccache/memory/mcc_gennew.c index 76249610a..8720a6168 100644 --- a/src/lib/krb5/ccache/memory/mcc_gennew.c +++ b/src/lib/krb5/ccache/memory/mcc_gennew.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_getnam.c b/src/lib/krb5/ccache/memory/mcc_getnam.c index e86b0836e..f4c611992 100644 --- a/src/lib/krb5/ccache/memory/mcc_getnam.c +++ b/src/lib/krb5/ccache/memory/mcc_getnam.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_gprin.c b/src/lib/krb5/ccache/memory/mcc_gprin.c index 81624d73a..90d02ca54 100644 --- a/src/lib/krb5/ccache/memory/mcc_gprin.c +++ b/src/lib/krb5/ccache/memory/mcc_gprin.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_init.c b/src/lib/krb5/ccache/memory/mcc_init.c index 5f4a40ae7..773e24197 100644 --- a/src/lib/krb5/ccache/memory/mcc_init.c +++ b/src/lib/krb5/ccache/memory/mcc_init.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_nseq.c b/src/lib/krb5/ccache/memory/mcc_nseq.c index a68b9f95a..3b533a291 100644 --- a/src/lib/krb5/ccache/memory/mcc_nseq.c +++ b/src/lib/krb5/ccache/memory/mcc_nseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_ops.c b/src/lib/krb5/ccache/memory/mcc_ops.c index d3f1cb5af..51f8c8808 100644 --- a/src/lib/krb5/ccache/memory/mcc_ops.c +++ b/src/lib/krb5/ccache/memory/mcc_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_reslv.c b/src/lib/krb5/ccache/memory/mcc_reslv.c index 9285198a1..2b256d6e4 100644 --- a/src/lib/krb5/ccache/memory/mcc_reslv.c +++ b/src/lib/krb5/ccache/memory/mcc_reslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_retrv.c b/src/lib/krb5/ccache/memory/mcc_retrv.c index ae3510129..cdb6ae3d1 100644 --- a/src/lib/krb5/ccache/memory/mcc_retrv.c +++ b/src/lib/krb5/ccache/memory/mcc_retrv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -24,6 +27,8 @@ * This file contains the source code for krb5_mcc_retrieve. */ +#if 0 + #include "mcc.h" #define set(bits) (whichfields & bits) @@ -223,3 +228,21 @@ authdata_match(mdata, data) } return (*mdata == NULL) && (*data == NULL); } + +#else + +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_mcc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif diff --git a/src/lib/krb5/ccache/memory/mcc_sflags.c b/src/lib/krb5/ccache/memory/mcc_sflags.c index a12c696f9..9747d7530 100644 --- a/src/lib/krb5/ccache/memory/mcc_sflags.c +++ b/src/lib/krb5/ccache/memory/mcc_sflags.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_sseq.c b/src/lib/krb5/ccache/memory/mcc_sseq.c index bb87e47df..90836df0d 100644 --- a/src/lib/krb5/ccache/memory/mcc_sseq.c +++ b/src/lib/krb5/ccache/memory/mcc_sseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/memory/mcc_test.c b/src/lib/krb5/ccache/memory/mcc_test.c index 81ea2edb8..b117aed33 100644 --- a/src/lib/krb5/ccache/memory/mcc_test.c +++ b/src/lib/krb5/ccache/memory/mcc_test.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/ser_cc.c b/src/lib/krb5/ccache/ser_cc.c index c834769eb..8c1918a5a 100644 --- a/src/lib/krb5/ccache/ser_cc.c +++ b/src/lib/krb5/ccache/ser_cc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/ChangeLog b/src/lib/krb5/ccache/stdio/ChangeLog index 5b7e7ea1a..c520ca35e 100644 --- a/src/lib/krb5/ccache/stdio/ChangeLog +++ b/src/lib/krb5/ccache/stdio/ChangeLog @@ -1,3 +1,15 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-23 Ken Raeburn + + * scc_retrv.c (krb5_scc_retrieve): Replace with a version that + calls krb5_cc_retrieve_cred_default. + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/krb5/ccache/stdio/Makefile.in b/src/lib/krb5/ccache/stdio/Makefile.in index 210ae8c66..3b06bc678 100644 --- a/src/lib/krb5/ccache/stdio/Makefile.in +++ b/src/lib/krb5/ccache/stdio/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./../.. myfulldir=lib/krb5/ccache/stdio mydir=ccache/stdio BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) STLIBOBJS = \ scc_close.o scc_destry.o scc_eseq.o \ diff --git a/src/lib/krb5/ccache/stdio/scc-proto.h b/src/lib/krb5/ccache/stdio/scc-proto.h index 20a0006f3..1fe4a88b9 100644 --- a/src/lib/krb5/ccache/stdio/scc-proto.h +++ b/src/lib/krb5/ccache/stdio/scc-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc.h b/src/lib/krb5/ccache/stdio/scc.h index 627eb3adf..fda85d47d 100644 --- a/src/lib/krb5/ccache/stdio/scc.h +++ b/src/lib/krb5/ccache/stdio/scc.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_close.c b/src/lib/krb5/ccache/stdio/scc_close.c index 77f6d6b23..4f6e3e964 100644 --- a/src/lib/krb5/ccache/stdio/scc_close.c +++ b/src/lib/krb5/ccache/stdio/scc_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_defops.c b/src/lib/krb5/ccache/stdio/scc_defops.c index 8eb67a770..57e866a98 100644 --- a/src/lib/krb5/ccache/stdio/scc_defops.c +++ b/src/lib/krb5/ccache/stdio/scc_defops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_destry.c b/src/lib/krb5/ccache/stdio/scc_destry.c index 7b1db878d..b8e40ed64 100644 --- a/src/lib/krb5/ccache/stdio/scc_destry.c +++ b/src/lib/krb5/ccache/stdio/scc_destry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_errs.c b/src/lib/krb5/ccache/stdio/scc_errs.c index e1e1655ee..73d698a84 100644 --- a/src/lib/krb5/ccache/stdio/scc_errs.c +++ b/src/lib/krb5/ccache/stdio/scc_errs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_eseq.c b/src/lib/krb5/ccache/stdio/scc_eseq.c index 6d7595089..73672afcf 100644 --- a/src/lib/krb5/ccache/stdio/scc_eseq.c +++ b/src/lib/krb5/ccache/stdio/scc_eseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_gennew.c b/src/lib/krb5/ccache/stdio/scc_gennew.c index 5635428fa..ee0d8295c 100644 --- a/src/lib/krb5/ccache/stdio/scc_gennew.c +++ b/src/lib/krb5/ccache/stdio/scc_gennew.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_getnam.c b/src/lib/krb5/ccache/stdio/scc_getnam.c index 0303c1009..e37d6a3d4 100644 --- a/src/lib/krb5/ccache/stdio/scc_getnam.c +++ b/src/lib/krb5/ccache/stdio/scc_getnam.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_gprin.c b/src/lib/krb5/ccache/stdio/scc_gprin.c index 5fbc4822d..8de1bda6d 100644 --- a/src/lib/krb5/ccache/stdio/scc_gprin.c +++ b/src/lib/krb5/ccache/stdio/scc_gprin.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_init.c b/src/lib/krb5/ccache/stdio/scc_init.c index 826153584..91308ba97 100644 --- a/src/lib/krb5/ccache/stdio/scc_init.c +++ b/src/lib/krb5/ccache/stdio/scc_init.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_maybe.c b/src/lib/krb5/ccache/stdio/scc_maybe.c index 7d6df3206..858b49f37 100644 --- a/src/lib/krb5/ccache/stdio/scc_maybe.c +++ b/src/lib/krb5/ccache/stdio/scc_maybe.c @@ -18,7 +18,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_nseq.c b/src/lib/krb5/ccache/stdio/scc_nseq.c index 49f9e255d..09f8e7654 100644 --- a/src/lib/krb5/ccache/stdio/scc_nseq.c +++ b/src/lib/krb5/ccache/stdio/scc_nseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_ops.c b/src/lib/krb5/ccache/stdio/scc_ops.c index 4ec38e72c..9b5d361f9 100644 --- a/src/lib/krb5/ccache/stdio/scc_ops.c +++ b/src/lib/krb5/ccache/stdio/scc_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_read.c b/src/lib/krb5/ccache/stdio/scc_read.c index 88e9e5566..f36b38734 100644 --- a/src/lib/krb5/ccache/stdio/scc_read.c +++ b/src/lib/krb5/ccache/stdio/scc_read.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_reslv.c b/src/lib/krb5/ccache/stdio/scc_reslv.c index a809a4744..bff8296e4 100644 --- a/src/lib/krb5/ccache/stdio/scc_reslv.c +++ b/src/lib/krb5/ccache/stdio/scc_reslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_retrv.c b/src/lib/krb5/ccache/stdio/scc_retrv.c index 7498d906e..f5b0da8ee 100644 --- a/src/lib/krb5/ccache/stdio/scc_retrv.c +++ b/src/lib/krb5/ccache/stdio/scc_retrv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -24,6 +27,8 @@ * This file contains the source code for krb5_scc_retrieve. */ +#if 0 + #include "scc.h" #define set(bits) (whichfields & bits) @@ -217,3 +222,21 @@ krb5_scc_retrieve(context, id, whichfields, mcreds, creds) krb5_scc_end_seq_get(context, id, &cursor); return KRB5_CC_NOTFOUND; } + +#else + +#include "k5-int.h" + +krb5_error_code KRB5_CALLCONV +krb5_scc_retrieve(context, id, whichfields, mcreds, creds) + krb5_context context; + krb5_ccache id; + krb5_flags whichfields; + krb5_creds *mcreds; + krb5_creds *creds; +{ + return krb5_cc_retrieve_cred_default (context, id, whichfields, + mcreds, creds); +} + +#endif diff --git a/src/lib/krb5/ccache/stdio/scc_sflags.c b/src/lib/krb5/ccache/stdio/scc_sflags.c index 89ec826eb..47ac9809a 100644 --- a/src/lib/krb5/ccache/stdio/scc_sflags.c +++ b/src/lib/krb5/ccache/stdio/scc_sflags.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_skip.c b/src/lib/krb5/ccache/stdio/scc_skip.c index 6b072dc5e..c203c71bb 100644 --- a/src/lib/krb5/ccache/stdio/scc_skip.c +++ b/src/lib/krb5/ccache/stdio/scc_skip.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_sseq.c b/src/lib/krb5/ccache/stdio/scc_sseq.c index c5bac1967..df71aff17 100644 --- a/src/lib/krb5/ccache/stdio/scc_sseq.c +++ b/src/lib/krb5/ccache/stdio/scc_sseq.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_store.c b/src/lib/krb5/ccache/stdio/scc_store.c index 71b06210d..158e3f9ea 100644 --- a/src/lib/krb5/ccache/stdio/scc_store.c +++ b/src/lib/krb5/ccache/stdio/scc_store.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_test.c b/src/lib/krb5/ccache/stdio/scc_test.c index d94829249..a76d1fcd7 100644 --- a/src/lib/krb5/ccache/stdio/scc_test.c +++ b/src/lib/krb5/ccache/stdio/scc_test.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/ccache/stdio/scc_write.c b/src/lib/krb5/ccache/stdio/scc_write.c index 3c552004a..cbfa4a449 100644 --- a/src/lib/krb5/ccache/stdio/scc_write.c +++ b/src/lib/krb5/ccache/stdio/scc_write.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/error_tables/ChangeLog b/src/lib/krb5/error_tables/ChangeLog index 4986a4ce8..d93bf5edf 100644 --- a/src/lib/krb5/error_tables/ChangeLog +++ b/src/lib/krb5/error_tables/ChangeLog @@ -1,3 +1,22 @@ +1999-12-01 Ken Raeburn + + * krb5_err.et (KRB5_OBSOLETE_FN): New error code. + +1999-11-02 Ken Raeburn + + * krb5_err.et (KRB5_CONFIG_ETYPE_NOSUPP): New error code. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-23 Ken Raeburn + + * krb5_err.et (KRB5_CC_NOT_KTYPE): New error code. + 1999-07-29 Ken Raeburn * Makefile.in: Delete dependency info for isode error table that diff --git a/src/lib/krb5/error_tables/Makefile.in b/src/lib/krb5/error_tables/Makefile.in index a827fa235..d2a52ebe5 100644 --- a/src/lib/krb5/error_tables/Makefile.in +++ b/src/lib/krb5/error_tables/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/krb5/error_tables mydir=error_tables BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=error_tables diff --git a/src/lib/krb5/error_tables/init_ets.c b/src/lib/krb5/error_tables/init_ets.c index ac43fb7ed..a6e9c2d05 100644 --- a/src/lib/krb5/error_tables/init_ets.c +++ b/src/lib/krb5/error_tables/init_ets.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/error_tables/kdb5_err.et b/src/lib/krb5/error_tables/kdb5_err.et index 9840e5d6d..982a9c11a 100644 --- a/src/lib/krb5/error_tables/kdb5_err.et +++ b/src/lib/krb5/error_tables/kdb5_err.et @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/lib/krb5/error_tables/krb5_err.et b/src/lib/krb5/error_tables/krb5_err.et index b483116e1..6135a9dfa 100644 --- a/src/lib/krb5/error_tables/krb5_err.et +++ b/src/lib/krb5/error_tables/krb5_err.et @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # @@ -262,6 +265,7 @@ error_code KRB5_FCC_INTERNAL, "Internal file credentials cache error" error_code KRB5_CC_WRITE, "Error writing to credentials cache file" error_code KRB5_CC_NOMEM, "No more memory to allocate (in credentials cache code)" error_code KRB5_CC_FORMAT, "Bad format in credentials cache" +error_code KRB5_CC_NOT_KTYPE, "No credentials found with supported encryption types" # errors for dual tgt library calls error_code KRB5_INVALID_FLAGS, "Invalid KDC option combination (library internal error)" @@ -316,5 +320,7 @@ error_code KRB5_CHPW_FAIL, "Password change failed" error_code KRB5_KT_FORMAT, "Bad format in keytab" error_code KRB5_NOPERM_ETYPE, "Encryption type not permitted" +error_code KRB5_CONFIG_ETYPE_NOSUPP, "No supported encryption types (config file error?)" +error_code KRB5_OBSOLETE_FN, "Program called an obsolete, deleted function" end diff --git a/src/lib/krb5/error_tables/kv5m_err.et b/src/lib/krb5/error_tables/kv5m_err.et index aff1d3c62..eb6bdd870 100644 --- a/src/lib/krb5/error_tables/kv5m_err.et +++ b/src/lib/krb5/error_tables/kv5m_err.et @@ -16,7 +16,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/lib/krb5/keytab/ChangeLog b/src/lib/krb5/keytab/ChangeLog index b467b2b63..71c5a4208 100644 --- a/src/lib/krb5/keytab/ChangeLog +++ b/src/lib/krb5/keytab/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-06-15 Danilo Almeida * Makefile.in: Fix windows build. diff --git a/src/lib/krb5/keytab/Makefile.in b/src/lib/krb5/keytab/Makefile.in index cdbe0b2e4..66677a159 100644 --- a/src/lib/krb5/keytab/Makefile.in +++ b/src/lib/krb5/keytab/Makefile.in @@ -4,8 +4,6 @@ mydir=keytab BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) LOCAL_SUBDIRS = file srvtab -CFLAGS = $(CCOPTS) $(DEFS) - ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=keytab ##DOS##OBJFILE=..\$(OUTPRE)$(PREFIXDIR).lst diff --git a/src/lib/krb5/keytab/db/ChangeLog b/src/lib/krb5/keytab/db/ChangeLog index 55c0550f2..76c04e54d 100644 --- a/src/lib/krb5/keytab/db/ChangeLog +++ b/src/lib/krb5/keytab/db/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/krb5/keytab/db/Makefile.in b/src/lib/krb5/keytab/db/Makefile.in index 678bf2f88..9d31de16f 100644 --- a/src/lib/krb5/keytab/db/Makefile.in +++ b/src/lib/krb5/keytab/db/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./../.. myfulldir=lib/krb5/keytab/db mydir=keytab/db BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOSBUILDTOP = ..\..\..\.. ##DOSLIBNAME=..\..\krb5.lib diff --git a/src/lib/krb5/keytab/db/dbkeytab.c b/src/lib/krb5/keytab/db/dbkeytab.c index 9789d30cc..e297add06 100644 --- a/src/lib/krb5/keytab/db/dbkeytab.c +++ b/src/lib/krb5/keytab/db/dbkeytab.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ChangeLog b/src/lib/krb5/keytab/file/ChangeLog index 7ca80a640..4be401b72 100644 --- a/src/lib/krb5/keytab/file/ChangeLog +++ b/src/lib/krb5/keytab/file/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:25:45 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb5/keytab/file/Makefile.in b/src/lib/krb5/keytab/file/Makefile.in index 1c0fa64dd..d0706621a 100644 --- a/src/lib/krb5/keytab/file/Makefile.in +++ b/src/lib/krb5/keytab/file/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./../.. myfulldir=lib/krb5/keytab/file mydir=keytab/file BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR=keytab\file diff --git a/src/lib/krb5/keytab/file/ktf_add.c b/src/lib/krb5/keytab/file/ktf_add.c index 8979ad8c9..5ba5af79a 100644 --- a/src/lib/krb5/keytab/file/ktf_add.c +++ b/src/lib/krb5/keytab/file/ktf_add.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_close.c b/src/lib/krb5/keytab/file/ktf_close.c index a538aa719..d735120cc 100644 --- a/src/lib/krb5/keytab/file/ktf_close.c +++ b/src/lib/krb5/keytab/file/ktf_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_defops.c b/src/lib/krb5/keytab/file/ktf_defops.c index 7b905b97a..6bba8a63f 100644 --- a/src/lib/krb5/keytab/file/ktf_defops.c +++ b/src/lib/krb5/keytab/file/ktf_defops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_endget.c b/src/lib/krb5/keytab/file/ktf_endget.c index 66f862e18..a007f077d 100644 --- a/src/lib/krb5/keytab/file/ktf_endget.c +++ b/src/lib/krb5/keytab/file/ktf_endget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_g_ent.c b/src/lib/krb5/keytab/file/ktf_g_ent.c index 57d6edabd..b45ab6fd7 100644 --- a/src/lib/krb5/keytab/file/ktf_g_ent.c +++ b/src/lib/krb5/keytab/file/ktf_g_ent.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_g_name.c b/src/lib/krb5/keytab/file/ktf_g_name.c index b0cd4d8e6..083ca387e 100644 --- a/src/lib/krb5/keytab/file/ktf_g_name.c +++ b/src/lib/krb5/keytab/file/ktf_g_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_next.c b/src/lib/krb5/keytab/file/ktf_next.c index acabb7c35..41e13d413 100644 --- a/src/lib/krb5/keytab/file/ktf_next.c +++ b/src/lib/krb5/keytab/file/ktf_next.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_ops.c b/src/lib/krb5/keytab/file/ktf_ops.c index bc9d03882..86f44a78c 100644 --- a/src/lib/krb5/keytab/file/ktf_ops.c +++ b/src/lib/krb5/keytab/file/ktf_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_remove.c b/src/lib/krb5/keytab/file/ktf_remove.c index 3d9e627b5..214fa6bfc 100644 --- a/src/lib/krb5/keytab/file/ktf_remove.c +++ b/src/lib/krb5/keytab/file/ktf_remove.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_resolv.c b/src/lib/krb5/keytab/file/ktf_resolv.c index 1b0935063..41a7a6ce4 100644 --- a/src/lib/krb5/keytab/file/ktf_resolv.c +++ b/src/lib/krb5/keytab/file/ktf_resolv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_ssget.c b/src/lib/krb5/keytab/file/ktf_ssget.c index b66c4caba..1676a4876 100644 --- a/src/lib/krb5/keytab/file/ktf_ssget.c +++ b/src/lib/krb5/keytab/file/ktf_ssget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_util.c b/src/lib/krb5/keytab/file/ktf_util.c index 3713c62d6..4ae73fedb 100644 --- a/src/lib/krb5/keytab/file/ktf_util.c +++ b/src/lib/krb5/keytab/file/ktf_util.c @@ -20,7 +20,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_wops.c b/src/lib/krb5/keytab/file/ktf_wops.c index d55f9808c..833e4d66f 100644 --- a/src/lib/krb5/keytab/file/ktf_wops.c +++ b/src/lib/krb5/keytab/file/ktf_wops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktf_wreslv.c b/src/lib/krb5/keytab/file/ktf_wreslv.c index 2e7f99e08..523d98370 100644 --- a/src/lib/krb5/keytab/file/ktf_wreslv.c +++ b/src/lib/krb5/keytab/file/ktf_wreslv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ktfile.h b/src/lib/krb5/keytab/file/ktfile.h index 61a8acf3b..8ee5756f6 100644 --- a/src/lib/krb5/keytab/file/ktfile.h +++ b/src/lib/krb5/keytab/file/ktfile.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/file/ser_ktf.c b/src/lib/krb5/keytab/file/ser_ktf.c index 61ad9176f..69f6d5d86 100644 --- a/src/lib/krb5/keytab/file/ser_ktf.c +++ b/src/lib/krb5/keytab/file/ser_ktf.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktadd.c b/src/lib/krb5/keytab/ktadd.c index ab805c94d..46f9cb4c1 100644 --- a/src/lib/krb5/keytab/ktadd.c +++ b/src/lib/krb5/keytab/ktadd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktbase.c b/src/lib/krb5/keytab/ktbase.c index c65ee4483..32c84a47b 100644 --- a/src/lib/krb5/keytab/ktbase.c +++ b/src/lib/krb5/keytab/ktbase.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktdefault.c b/src/lib/krb5/keytab/ktdefault.c index 6178d43dd..7057bfc3d 100644 --- a/src/lib/krb5/keytab/ktdefault.c +++ b/src/lib/krb5/keytab/ktdefault.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktfr_entry.c b/src/lib/krb5/keytab/ktfr_entry.c index 92c3235e4..ddccb1703 100644 --- a/src/lib/krb5/keytab/ktfr_entry.c +++ b/src/lib/krb5/keytab/ktfr_entry.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/ktremove.c b/src/lib/krb5/keytab/ktremove.c index 6fc9dd3cf..d14f298a4 100644 --- a/src/lib/krb5/keytab/ktremove.c +++ b/src/lib/krb5/keytab/ktremove.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/read_servi.c b/src/lib/krb5/keytab/read_servi.c index b6f058e49..345d36566 100644 --- a/src/lib/krb5/keytab/read_servi.c +++ b/src/lib/krb5/keytab/read_servi.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/ChangeLog b/src/lib/krb5/keytab/srvtab/ChangeLog index 5c55de820..9d2468752 100644 --- a/src/lib/krb5/keytab/srvtab/ChangeLog +++ b/src/lib/krb5/keytab/srvtab/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-06-15 Danilo Almeida * Makefile.in: Fix windows build. diff --git a/src/lib/krb5/keytab/srvtab/Makefile.in b/src/lib/krb5/keytab/srvtab/Makefile.in index 001050cd1..cffe1c632 100644 --- a/src/lib/krb5/keytab/srvtab/Makefile.in +++ b/src/lib/krb5/keytab/srvtab/Makefile.in @@ -3,8 +3,6 @@ myfulldir=lib/krb5/keytab/srvtab mydir=keytab/srvtab BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) - ##DOS##BUILDTOP = ..\..\..\.. ##DOS##PREFIXDIR=keytab\srvtab ##DOS##OBJFILE=$(OUTPRE)srvtab.lst diff --git a/src/lib/krb5/keytab/srvtab/kts_close.c b/src/lib/krb5/keytab/srvtab/kts_close.c index 1d66d7ed5..6d465242f 100644 --- a/src/lib/krb5/keytab/srvtab/kts_close.c +++ b/src/lib/krb5/keytab/srvtab/kts_close.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_endget.c b/src/lib/krb5/keytab/srvtab/kts_endget.c index 035e9c51d..eda5d27ed 100644 --- a/src/lib/krb5/keytab/srvtab/kts_endget.c +++ b/src/lib/krb5/keytab/srvtab/kts_endget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_g_ent.c b/src/lib/krb5/keytab/srvtab/kts_g_ent.c index 01a0379ba..9d94fee3f 100644 --- a/src/lib/krb5/keytab/srvtab/kts_g_ent.c +++ b/src/lib/krb5/keytab/srvtab/kts_g_ent.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_g_name.c b/src/lib/krb5/keytab/srvtab/kts_g_name.c index 74555600c..bb72acfa4 100644 --- a/src/lib/krb5/keytab/srvtab/kts_g_name.c +++ b/src/lib/krb5/keytab/srvtab/kts_g_name.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_next.c b/src/lib/krb5/keytab/srvtab/kts_next.c index 275e738d8..15c46e7dd 100644 --- a/src/lib/krb5/keytab/srvtab/kts_next.c +++ b/src/lib/krb5/keytab/srvtab/kts_next.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_ops.c b/src/lib/krb5/keytab/srvtab/kts_ops.c index c63402102..d78dcbed1 100644 --- a/src/lib/krb5/keytab/srvtab/kts_ops.c +++ b/src/lib/krb5/keytab/srvtab/kts_ops.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_resolv.c b/src/lib/krb5/keytab/srvtab/kts_resolv.c index 795a82887..2cec72e54 100644 --- a/src/lib/krb5/keytab/srvtab/kts_resolv.c +++ b/src/lib/krb5/keytab/srvtab/kts_resolv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_ssget.c b/src/lib/krb5/keytab/srvtab/kts_ssget.c index edb252264..8c3b812f5 100644 --- a/src/lib/krb5/keytab/srvtab/kts_ssget.c +++ b/src/lib/krb5/keytab/srvtab/kts_ssget.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/kts_util.c b/src/lib/krb5/keytab/srvtab/kts_util.c index 7e7a4d04c..d95aceb48 100644 --- a/src/lib/krb5/keytab/srvtab/kts_util.c +++ b/src/lib/krb5/keytab/srvtab/kts_util.c @@ -20,7 +20,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/keytab/srvtab/ktsrvtab.h b/src/lib/krb5/keytab/srvtab/ktsrvtab.h index 071a27d10..822405703 100644 --- a/src/lib/krb5/keytab/srvtab/ktsrvtab.h +++ b/src/lib/krb5/keytab/srvtab/ktsrvtab.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ChangeLog b/src/lib/krb5/krb/ChangeLog index 3377f5fe2..c738705d7 100644 --- a/src/lib/krb5/krb/ChangeLog +++ b/src/lib/krb5/krb/ChangeLog @@ -1,3 +1,129 @@ +2000-05-16 Ken Raeburn + + * kfree.c: Remove unneeded "return" statements at the end of many + functions. + (krb5_free_*_content, krb5_free_*_contents, + krb5_free_cred_enc_part, krb5_free_pwd_sequences): Set freed + pointer members to null when containing structure isn't being + freed. + +2000-05-16 Nalin Dahyabhai + + * kfree.c (krb5_free_keyblock_contents): Set contents pointer to + null after freeing. + +2000-04-28 Nalin Dahyabhai + + * conv_princ.c (krb5_425_conv_principal): Don't overflow buffer + "buf". + +1999-12-02 Ken Raeburn + + * init_ctx.c (get_profile_etype_list): Report an error if no + recognized enctypes are found in the config file. + +1999-11-23 Ken Raeburn + + * init_ctx.c (init_common): Renamed from krb5_init_context, now + static. New argument SECURE provides initialization of + profile_secure field. + (krb5_init_context): Call it. + (krb5_init_secure_context): New function. + + * preauth2.c (krb5_do_preauth): Fix syntax in switch statement. + + * str_conv.c (krb5_deltat_to_string): Always write to a local + temporary buffer that's guaranteed to be large enough, then see if + the supplied output buffer is big enough. + (krb5_string_to_deltat): Deleted. + * x-deltat.y, deltat.c: New files. + * Makefile.in (deltat.c): Add rule for building from x-deltat.y, + but comment out dependencies for easier maintenance. + (BISON, BISONFLAGS): New variables. + + * str_conv.c: Removed most static char arrays, substituting the + values in place. + (krb5_string_to_timestamp): Move atime_format_table inside here. + (krb5_timestamp_to_sfstring): Move sftime_format_table inside + here. + + * str_conv.c: If strftime or strptime are not available, include + the renamed NetBSD versions, and define the function names as + macros to map them to the replacement names. + (__P, _CurrentTimeLocale, dummy_locale_info, TM_YEAR_BASE, + DAYSPERLYEAR, DAYSPERNYEAR, DAYSPERWEEK, isleap, tzname, tzset): + Define some dummies for strftime/strptime to use. + (strptime): Deleted old stub version. + (krb5_timestamp_to_string, krb5_timestamp_to_sfstring): Always + assume strftime is available. + (krb5_string_to_timestamp): Assume strptime is always available. + * strftime.c, strptime.c: New files, based on NetBSD versions. + Modified to rename the functions and not export any symbols. + + * Makefile.in (T_DELTAT_OBJS): New variable. + (TEST_PROGS): Add t_deltat. + (t_deltat): Add rule. + (clean): Added t_deltat stuff. Run rm only once. + * t_deltat.c: New file. + +1999-11-02 Ken Raeburn + + * t_ref_kerb.out: Fix expected zephyr/zephyr output. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-10-14 Tom Yu + + * preauth2.c (krb5_do_preauth): Add gross workaround for 1.0.x KDC + returning a bogus PA-PW-SALT in a KRB-ERROR message when a + principal requires preauth: ignore salt hints if an etype_info is + present. + +1999-10-12 Ken Raeburn + + * conv_princ.c (sconv_list): Don't do conversion for "zephyr" + principal. (Noticed by Derrick Brashear.) Delete about a dozen + duplicate entries. + +1999-08-26 Ken Raeburn + + * init_ctx.c (get_profile_etype_list): Update name of the des3 + entry in the default etype list. + +1999-08-23 Ken Raeburn + + * init_ctx.c (get_profile_etype_list): New argument DESONLY; if + set, ignore any ktype values other than NULL, DES_CBC_CRC, and + DES_CBC_MD5. + (krb5_get_default_in_tkt_ktypes, krb5_get_tgs_ktypes): Set it. + (krb5_get_permitted_enctypes): Don't set it. + + * fwd_tgt.c (krb5_fwd_tgt_creds): Use KRB5_TC_SUPPORTED_KTYPES + when calling krb5_cc_retrieve_cred. + * gc_frm_kdc.c (krb5_get_cred_from_kdc_opt): Ditto. + * get_creds.c (krb5_get_credentials_core): Set that flag. + (krb5_get_credentials): Check for KRB5_CC_NOT_KTYPE error return. + +1999-08-17 Ken Raeburn + + * t_ser.c (main): Disable eblock serialization test, since the + code it tests was disabled nearly a year ago. + + * str_conv.c (krb5_timestamp_to_sfstring): Don't pass extra + argument to sprintf. + +1999-08-10 Alexandra Ellwood + + * chpw.c (krb5_mk_chpw_req): + Added call to free cipherpw.data. cipherpw.data is allocated + by krb5_mk_priv and passed back. Since cipherpw is never + passed back, krb5_mk_chpw_req should free it. + 1999-08-05 Danilo Almeida * init_ctx.c (krb5_init_context): Document why krb5_win_ccdll_load diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in index 4c6851490..ba7666247 100644 --- a/src/lib/krb5/krb/Makefile.in +++ b/src/lib/krb5/krb/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/krb5/krb mydir=krb BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -34,6 +33,7 @@ STLIBOBJS= \ cp_key_cnt.o \ decode_kdc.o \ decrypt_tk.o \ + deltat.o \ enc_helper.o \ encode_kdc.o \ encrypt_tk.o \ @@ -117,6 +117,7 @@ OBJS= $(OUTPRE)addr_comp.$(OBJEXT) \ $(OUTPRE)cp_key_cnt.$(OBJEXT) \ $(OUTPRE)decode_kdc.$(OBJEXT) \ $(OUTPRE)decrypt_tk.$(OBJEXT) \ + $(OUTPRE)deltat.$(OBJEXT) \ $(OUTPRE)enc_helper.$(OBJEXT) \ $(OUTPRE)encode_kdc.$(OBJEXT) \ $(OUTPRE)encrypt_tk.$(OBJEXT) \ @@ -201,6 +202,7 @@ SRCS= $(srcdir)/addr_comp.c \ $(srcdir)/cp_key_cnt.c \ $(srcdir)/decode_kdc.c \ $(srcdir)/decrypt_tk.c \ + $(srcdir)/deltat.c \ $(srcdir)/enc_helper.c \ $(srcdir)/encode_kdc.c \ $(srcdir)/encrypt_tk.c \ @@ -263,6 +265,12 @@ SRCS= $(srcdir)/addr_comp.c \ $(srcdir)/vic_opt.c \ $(srcdir)/walk_rtree.c +# Someday, when we have a "maintainer mode", do this right: +BISON=bison +BISONFLAGS=-v # -v -> .output; -d -> .h +$(srcdir)/deltat.c : # x-deltat.y + $(BISON) $(BISONFLAGS) -o $(srcdir)/deltat.c $(srcdir)/x-deltat.y + ##DOS##LIBOBJS = $(OBJS) all-unix:: all-libobjs @@ -278,6 +286,8 @@ T_KERB_OBJS= t_kerb.o conv_princ.o unparse.o set_realm.o str_conv.o T_SER_OBJS= t_ser.o ser_actx.o ser_adata.o ser_addr.o ser_auth.o ser_cksum.o \ ser_ctx.o ser_eblk.o ser_key.o ser_princ.o serialize.o +T_DELTAT_OBJS= t_deltat.o deltat.o + t_walk_rtree: $(T_WALK_RTREE_OBJS) $(KDB5_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o t_walk_rtree $(T_WALK_RTREE_OBJS) \ $(KDB5_LIBS) $(KRB5_BASE_LIBS) @@ -290,7 +300,10 @@ t_ser: $(T_SER_OBJS) $(KDB5_DEPLIBS) $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o t_ser $(T_SER_OBJS) \ $(KDB5_LIBS) $(KRB5_BASE_LIBS) -TEST_PROGS= t_walk_rtree t_kerb t_ser +t_deltat : $(T_DELTAT_OBJS) + $(CC_LINK) -o t_deltat $(T_DELTAT_OBJS) + +TEST_PROGS= t_walk_rtree t_kerb t_ser t_deltat check-unix:: $(TEST_PROGS) KRB5_CONFIG=$(srcdir)/t_krb5.conf ; export KRB5_CONFIG ;\ @@ -317,8 +330,10 @@ check-unix:: $(TEST_PROGS) $(RM) test.out KRB5_CONFIG=$(srcdir)/t_krb5.conf ; export KRB5_CONFIG ;\ $(RUN_SETUP) ./t_ser + ./t_deltat clean:: - $(RM) $(OUTPRE)t_walk_rtree$(EXEEXT) $(OUTPRE)t_walk_rtree.$(OBJEXT) - $(RM) $(OUTPRE)t_kerb$(EXEEXT) $(OUTPRE)t_kerb.$(OBJEXT) - $(RM) $(OUTPRE)t_ser$(EXEEXT) $(OUTPRE)t_ser.$(OBJEXT) + $(RM) $(OUTPRE)t_walk_rtree$(EXEEXT) $(OUTPRE)t_walk_rtree.$(OBJEXT) \ + $(OUTPRE)t_kerb$(EXEEXT) $(OUTPRE)t_kerb.$(OBJEXT) \ + $(OUTPRE)t_ser$(EXEEXT) $(OUTPRE)t_ser.$(OBJEXT) \ + $(OUTPRE)t_deltat$(EXEEXT) $(OUTPRE)t_deltat.$(OBJEXT) diff --git a/src/lib/krb5/krb/addr_comp.c b/src/lib/krb5/krb/addr_comp.c index 661f6960e..359e570fd 100644 --- a/src/lib/krb5/krb/addr_comp.c +++ b/src/lib/krb5/krb/addr_comp.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/addr_order.c b/src/lib/krb5/krb/addr_order.c index 757f7bf52..f9a92b470 100644 --- a/src/lib/krb5/krb/addr_order.c +++ b/src/lib/krb5/krb/addr_order.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/addr_srch.c b/src/lib/krb5/krb/addr_srch.c index d30b68cd1..75da7d21d 100644 --- a/src/lib/krb5/krb/addr_srch.c +++ b/src/lib/krb5/krb/addr_srch.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/bld_pr_ext.c b/src/lib/krb5/krb/bld_pr_ext.c index 8b201759f..52f4ebb50 100644 --- a/src/lib/krb5/krb/bld_pr_ext.c +++ b/src/lib/krb5/krb/bld_pr_ext.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/bld_princ.c b/src/lib/krb5/krb/bld_princ.c index 364c234ca..417c980bf 100644 --- a/src/lib/krb5/krb/bld_princ.c +++ b/src/lib/krb5/krb/bld_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/chpw.c b/src/lib/krb5/krb/chpw.c index 70f1bd82a..f3c6eb6de 100644 --- a/src/lib/krb5/krb/chpw.c +++ b/src/lib/krb5/krb/chpw.c @@ -12,27 +12,32 @@ krb5_mk_chpw_req(context, auth_context, ap_req, passwd, packet) char *passwd; krb5_data *packet; { - krb5_error_code ret; + krb5_error_code ret = 0; krb5_data clearpw; krb5_data cipherpw; krb5_replay_data replay; char *ptr; + cipherpw.data = NULL; + if (ret = krb5_auth_con_setflags(context, auth_context, KRB5_AUTH_CONTEXT_DO_SEQUENCE)) - return(ret); + goto cleanup; clearpw.length = strlen(passwd); clearpw.data = passwd; if (ret = krb5_mk_priv(context, auth_context, &clearpw, &cipherpw, &replay)) - return(ret); + goto cleanup; packet->length = 6 + ap_req->length + cipherpw.length; packet->data = (char *) malloc(packet->length); if (packet->data == NULL) - return ENOMEM; + { + ret = ENOMEM; + goto cleanup; + } ptr = packet->data; /* length */ @@ -59,7 +64,11 @@ krb5_mk_chpw_req(context, auth_context, ap_req, passwd, packet) memcpy(ptr, cipherpw.data, cipherpw.length); - return(0); +cleanup: + if(cipherpw.data != NULL) /* allocated by krb5_mk_priv */ + free(cipherpw.data); + + return(ret); } KRB5_DLLIMP krb5_error_code KRB5_CALLCONV diff --git a/src/lib/krb5/krb/conv_princ.c b/src/lib/krb5/krb/conv_princ.c index f89c3d490..46b30da57 100644 --- a/src/lib/krb5/krb/conv_princ.c +++ b/src/lib/krb5/krb/conv_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -81,7 +84,7 @@ static const struct krb_convert sconv_list[] = { {"abs", "abs", DO_REALM_CONVERSION}, {"nfs", "nfs", DO_REALM_CONVERSION}, {"tftp", "tftp", DO_REALM_CONVERSION}, - {"zephyr", "zephyr", DO_REALM_CONVERSION}, + {"zephyr", "zephyr", 0}, {"http", "http", DO_REALM_CONVERSION}, {"khttp", "khttp", DO_REALM_CONVERSION}, {"pgpsigner", "pgpsigner", DO_REALM_CONVERSION}, @@ -89,18 +92,6 @@ static const struct krb_convert sconv_list[] = { {"mandarin-agent", "mandarin-agent", DO_REALM_CONVERSION}, {"write", "write", DO_REALM_CONVERSION}, {"palladium", "palladium", DO_REALM_CONVERSION}, - {"news", "news", DO_REALM_CONVERSION}, - {"abs", "abs", DO_REALM_CONVERSION}, - {"nfs", "nfs", DO_REALM_CONVERSION}, - {"tftp", "tftp", DO_REALM_CONVERSION}, - {"zephyr", "zephyr", DO_REALM_CONVERSION}, - {"http", "http", DO_REALM_CONVERSION}, - {"khttp", "khttp", DO_REALM_CONVERSION}, - {"pgpsigner", "pgpsigner", DO_REALM_CONVERSION}, - {"irc", "irc", DO_REALM_CONVERSION}, - {"mandarin-agent", "mandarin-agent", DO_REALM_CONVERSION}, - {"write", "write", DO_REALM_CONVERSION}, - {"palladium", "palladium", DO_REALM_CONVERSION}, {0, 0, 0}, }; @@ -243,7 +234,8 @@ krb5_425_conv_principal(context, name, instance, realm, princ) if (retval == 0 && full_name && full_name[0]) { instance = full_name[0]; } else { - strcpy(buf, instance); + strncpy(buf, instance, sizeof(buf)); + buf[sizeof(buf) - 1] = '\0'; retval = krb5_get_realm_domain(context, realm, &domain); if (retval) return retval; @@ -251,8 +243,8 @@ krb5_425_conv_principal(context, name, instance, realm, princ) for (cp = domain; *cp; cp++) if (isupper(*cp)) *cp = tolower(*cp); - strcat(buf, "."); - strcat(buf, domain); + strncat(buf, ".", sizeof(buf) - 1 - strlen(buf)); + strncat(buf, domain, sizeof(buf) - 1 - strlen(buf)); krb5_xfree(domain); } instance = buf; diff --git a/src/lib/krb5/krb/copy_addrs.c b/src/lib/krb5/krb/copy_addrs.c index fa2d36723..a99ae9af1 100644 --- a/src/lib/krb5/krb/copy_addrs.c +++ b/src/lib/krb5/krb/copy_addrs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_athctr.c b/src/lib/krb5/krb/copy_athctr.c index e2bec676c..fecb5775d 100644 --- a/src/lib/krb5/krb/copy_athctr.c +++ b/src/lib/krb5/krb/copy_athctr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_auth.c b/src/lib/krb5/krb/copy_auth.c index 7594b9136..331c350fe 100644 --- a/src/lib/krb5/krb/copy_auth.c +++ b/src/lib/krb5/krb/copy_auth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_cksum.c b/src/lib/krb5/krb/copy_cksum.c index 8adc82a90..0c4783d87 100644 --- a/src/lib/krb5/krb/copy_cksum.c +++ b/src/lib/krb5/krb/copy_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_creds.c b/src/lib/krb5/krb/copy_creds.c index a8fea1166..2abda3349 100644 --- a/src/lib/krb5/krb/copy_creds.c +++ b/src/lib/krb5/krb/copy_creds.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_data.c b/src/lib/krb5/krb/copy_data.c index df4f7831e..528d3278c 100644 --- a/src/lib/krb5/krb/copy_data.c +++ b/src/lib/krb5/krb/copy_data.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_key.c b/src/lib/krb5/krb/copy_key.c index 39fcb7df8..0b4f9f158 100644 --- a/src/lib/krb5/krb/copy_key.c +++ b/src/lib/krb5/krb/copy_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_princ.c b/src/lib/krb5/krb/copy_princ.c index 2a4025e8d..7e8ad6e09 100644 --- a/src/lib/krb5/krb/copy_princ.c +++ b/src/lib/krb5/krb/copy_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/copy_tick.c b/src/lib/krb5/krb/copy_tick.c index 9235db111..eab9fb02f 100644 --- a/src/lib/krb5/krb/copy_tick.c +++ b/src/lib/krb5/krb/copy_tick.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/cp_key_cnt.c b/src/lib/krb5/krb/cp_key_cnt.c index 6cc6ef843..f125d814d 100644 --- a/src/lib/krb5/krb/cp_key_cnt.c +++ b/src/lib/krb5/krb/cp_key_cnt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/decode_kdc.c b/src/lib/krb5/krb/decode_kdc.c index 60c983878..38990aed7 100644 --- a/src/lib/krb5/krb/decode_kdc.c +++ b/src/lib/krb5/krb/decode_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/decrypt_tk.c b/src/lib/krb5/krb/decrypt_tk.c index 47f675591..e988c2d31 100644 --- a/src/lib/krb5/krb/decrypt_tk.c +++ b/src/lib/krb5/krb/decrypt_tk.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/deltat.c b/src/lib/krb5/krb/deltat.c new file mode 100644 index 000000000..dbf990092 --- /dev/null +++ b/src/lib/krb5/krb/deltat.c @@ -0,0 +1,1063 @@ + +/* A Bison parser, made from ../../../../asrc/lib/krb5/krb/x-deltat.y + by GNU Bison version 1.27 + */ + +#define YYBISON 1 /* Identify Bison output. */ + +#define NUM 257 +#define LONGNUM 258 +#define WS 259 + +#line 38 "../../../../asrc/lib/krb5/krb/x-deltat.y" + + +#include +#include +#include "k5-int.h" + +#if 0 +#define NBITS(TYPE) (8*sizeof(TYPE)) +#define LOG10_2 0.30103 +#define LOG10_MAX(TYPE) (LOG10_2 * NBITS(TYPE)) +#define BUFFERSIZE(TYPE) (1 /* \0 */ + (int) (1 + LOG10_MAX(TYPE))) +#endif + +struct param { + krb5_deltat delta; + char *p; +}; + +#define YYPARSE_PARAM tmv + +#define DO(D,H,M,S) \ + { \ + ((struct param *)tmv)->delta = (((D * 24) + H) * 60 + M) * 60 + S; \ + } + +static int mylex (int *, char **); +#define YYLEX_PARAM (&((struct param *)tmv)->p) +#undef yylex +#define yylex(U, P) mylex (&(U)->val, (P)) + +#undef yyerror +#define yyerror(MSG) + +static int yyparse (void *); + + +#line 77 "../../../../asrc/lib/krb5/krb/x-deltat.y" +typedef union { int val; } YYSTYPE; +#include + +#ifndef __cplusplus +#ifndef __STDC__ +#define const +#endif +#endif + + + +#define YYFINAL 41 +#define YYFLAG -32768 +#define YYNTBASE 12 + +#define YYTRANSLATE(x) ((unsigned)(x) <= 259 ? yytranslate[x] : 21) + +static const char yytranslate[] = { 0, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 5, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 6, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 7, + 2, 2, 2, 8, 2, 2, 2, 2, 9, 2, + 2, 2, 2, 2, 10, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, + 2, 2, 2, 2, 2, 1, 3, 4, 11 +}; + +#if YYDEBUG != 0 +static const short yyprhs[] = { 0, + 0, 2, 4, 6, 8, 11, 12, 14, 17, 21, + 25, 29, 32, 40, 46, 50, 52, 56, 58, 62, + 64 +}; + +static const short yyrhs[] = { 17, + 0, 3, 0, 4, 0, 13, 0, 5, 13, 0, + 0, 11, 0, 15, 14, 0, 16, 7, 18, 0, + 16, 8, 19, 0, 16, 9, 20, 0, 16, 10, + 0, 16, 5, 3, 6, 3, 6, 3, 0, 16, + 6, 3, 6, 3, 0, 16, 6, 3, 0, 19, + 0, 16, 8, 19, 0, 20, 0, 16, 9, 20, + 0, 15, 0, 16, 10, 0 +}; + +#endif + +#if YYDEBUG != 0 +static const short yyrline[] = { 0, + 88, 89, 89, 90, 90, 91, 91, 92, 93, 95, + 96, 97, 98, 99, 100, 103, 105, 106, 108, 109, + 111 +}; +#endif + + +#if YYDEBUG != 0 || defined (YYERROR_VERBOSE) + +static const char * const yytname[] = { "$","error","$undefined.","NUM","LONGNUM", +"'-'","':'","'d'","'h'","'m'","'s'","WS","start","posnum","num","ws","wsnum", +"deltat","opt_hms","opt_ms","opt_s", NULL +}; +#endif + +static const short yyr1[] = { 0, + 12, 13, 13, 14, 14, 15, 15, 16, 17, 17, + 17, 17, 17, 17, 17, 18, 18, 19, 19, 20, + 20 +}; + +static const short yyr2[] = { 0, + 1, 1, 1, 1, 2, 0, 1, 2, 3, 3, + 3, 2, 7, 5, 3, 1, 3, 1, 3, 1, + 2 +}; + +static const short yydefact[] = { 6, + 7, 0, 0, 1, 2, 3, 0, 4, 8, 0, + 0, 6, 6, 6, 12, 5, 0, 15, 20, 0, + 9, 16, 18, 0, 10, 0, 11, 0, 0, 6, + 6, 21, 0, 14, 17, 19, 0, 13, 0, 0, + 0 +}; + +static const short yydefgoto[] = { 39, + 8, 9, 19, 24, 4, 21, 22, 23 +}; + +static const short yypact[] = { -9, +-32768, 12, -1,-32768,-32768,-32768, 7,-32768,-32768, 10, + 16, -9, -9, -9,-32768,-32768, 20, 21, 12, 13, +-32768,-32768,-32768, 15,-32768, 18,-32768, 26, 27, -9, + -9,-32768, 28,-32768,-32768,-32768, 29,-32768, 33, 35, +-32768 +}; + +static const short yypgoto[] = {-32768, + 30,-32768, 36, 0,-32768,-32768, -12, -11 +}; + + +#define YYLAST 37 + + +static const short yytable[] = { 3, + 25, 1, 27, 10, 11, 12, 13, 14, 15, 5, + 6, 20, 17, 26, 5, 6, 7, 35, 18, 36, + 30, 31, 32, 31, 32, 28, 29, 32, 33, 34, + 26, 38, 40, 37, 41, 2, 16 +}; + +static const short yycheck[] = { 0, + 13, 11, 14, 5, 6, 7, 8, 9, 10, 3, + 4, 12, 3, 14, 3, 4, 5, 30, 3, 31, + 8, 9, 10, 9, 10, 6, 6, 10, 3, 3, + 31, 3, 0, 6, 0, 0, 7 +}; +#define YYPURE 1 + +/* -*-C-*- Note some compilers choke on comments on `#line' lines. */ +#line 3 "/mit/gnu/share/bison.simple" +/* This file comes from bison-1.27. */ + +/* Skeleton output parser for bison, + Copyright (C) 1984, 1989, 1990 Free Software Foundation, Inc. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2, or (at your option) + any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 59 Temple Place - Suite 330, + Boston, MA 02111-1307, USA. */ + +/* As a special exception, when this file is copied by Bison into a + Bison output file, you may use that output file without restriction. + This special exception was added by the Free Software Foundation + in version 1.24 of Bison. */ + +/* This is the parser code that is written into each bison parser + when the %semantic_parser declaration is not specified in the grammar. + It was written by Richard Stallman by simplifying the hairy parser + used when %semantic_parser is specified. */ + +#ifndef YYSTACK_USE_ALLOCA +#ifdef alloca +#define YYSTACK_USE_ALLOCA +#else /* alloca not defined */ +#ifdef __GNUC__ +#define YYSTACK_USE_ALLOCA +#define alloca __builtin_alloca +#else /* not GNU C. */ +#if (!defined (__STDC__) && defined (sparc)) || defined (__sparc__) || defined (__sparc) || defined (__sgi) || (defined (__sun) && defined (__i386)) +#define YYSTACK_USE_ALLOCA +#include +#else /* not sparc */ +/* We think this test detects Watcom and Microsoft C. */ +/* This used to test MSDOS, but that is a bad idea + since that symbol is in the user namespace. */ +#if (defined (_MSDOS) || defined (_MSDOS_)) && !defined (__TURBOC__) +#if 0 /* No need for malloc.h, which pollutes the namespace; + instead, just don't use alloca. */ +#include +#endif +#else /* not MSDOS, or __TURBOC__ */ +#if defined(_AIX) +/* I don't know what this was needed for, but it pollutes the namespace. + So I turned it off. rms, 2 May 1997. */ +/* #include */ + #pragma alloca +#define YYSTACK_USE_ALLOCA +#else /* not MSDOS, or __TURBOC__, or _AIX */ +#if 0 +#ifdef __hpux /* haible@ilog.fr says this works for HPUX 9.05 and up, + and on HPUX 10. Eventually we can turn this on. */ +#define YYSTACK_USE_ALLOCA +#define alloca __builtin_alloca +#endif /* __hpux */ +#endif +#endif /* not _AIX */ +#endif /* not MSDOS, or __TURBOC__ */ +#endif /* not sparc */ +#endif /* not GNU C */ +#endif /* alloca not defined */ +#endif /* YYSTACK_USE_ALLOCA not defined */ + +#ifdef YYSTACK_USE_ALLOCA +#define YYSTACK_ALLOC alloca +#else +#define YYSTACK_ALLOC malloc +#endif + +/* Note: there must be only one dollar sign in this file. + It is replaced by the list of actions, each action + as one case of the switch. */ + +#define yyerrok (yyerrstatus = 0) +#define yyclearin (yychar = YYEMPTY) +#define YYEMPTY -2 +#define YYEOF 0 +#define YYACCEPT goto yyacceptlab +#define YYABORT goto yyabortlab +#define YYERROR goto yyerrlab1 +/* Like YYERROR except do call yyerror. + This remains here temporarily to ease the + transition to the new meaning of YYERROR, for GCC. + Once GCC version 2 has supplanted version 1, this can go. */ +#define YYFAIL goto yyerrlab +#define YYRECOVERING() (!!yyerrstatus) +#define YYBACKUP(token, value) \ +do \ + if (yychar == YYEMPTY && yylen == 1) \ + { yychar = (token), yylval = (value); \ + yychar1 = YYTRANSLATE (yychar); \ + YYPOPSTACK; \ + goto yybackup; \ + } \ + else \ + { yyerror ("syntax error: cannot back up"); YYERROR; } \ +while (0) + +#define YYTERROR 1 +#define YYERRCODE 256 + +#ifndef YYPURE +#define YYLEX yylex() +#endif + +#ifdef YYPURE +#ifdef YYLSP_NEEDED +#ifdef YYLEX_PARAM +#define YYLEX yylex(&yylval, &yylloc, YYLEX_PARAM) +#else +#define YYLEX yylex(&yylval, &yylloc) +#endif +#else /* not YYLSP_NEEDED */ +#ifdef YYLEX_PARAM +#define YYLEX yylex(&yylval, YYLEX_PARAM) +#else +#define YYLEX yylex(&yylval) +#endif +#endif /* not YYLSP_NEEDED */ +#endif + +/* If nonreentrant, generate the variables here */ + +#ifndef YYPURE + +int yychar; /* the lookahead symbol */ +YYSTYPE yylval; /* the semantic value of the */ + /* lookahead symbol */ + +#ifdef YYLSP_NEEDED +YYLTYPE yylloc; /* location data for the lookahead */ + /* symbol */ +#endif + +int yynerrs; /* number of parse errors so far */ +#endif /* not YYPURE */ + +#if YYDEBUG != 0 +int yydebug; /* nonzero means print parse trace */ +/* Since this is uninitialized, it does not stop multiple parsers + from coexisting. */ +#endif + +/* YYINITDEPTH indicates the initial size of the parser's stacks */ + +#ifndef YYINITDEPTH +#define YYINITDEPTH 200 +#endif + +/* YYMAXDEPTH is the maximum size the stacks can grow to + (effective only if the built-in stack extension method is used). */ + +#if YYMAXDEPTH == 0 +#undef YYMAXDEPTH +#endif + +#ifndef YYMAXDEPTH +#define YYMAXDEPTH 10000 +#endif + +/* Define __yy_memcpy. Note that the size argument + should be passed with type unsigned int, because that is what the non-GCC + definitions require. With GCC, __builtin_memcpy takes an arg + of type size_t, but it can handle unsigned int. */ + +#if __GNUC__ > 1 /* GNU C and GNU C++ define this. */ +#define __yy_memcpy(TO,FROM,COUNT) __builtin_memcpy(TO,FROM,COUNT) +#else /* not GNU C or C++ */ +#ifndef __cplusplus + +/* This is the most reliable way to avoid incompatibilities + in available built-in functions on various systems. */ +static void +__yy_memcpy (to, from, count) + char *to; + char *from; + unsigned int count; +{ + register char *f = from; + register char *t = to; + register int i = count; + + while (i-- > 0) + *t++ = *f++; +} + +#else /* __cplusplus */ + +/* This is the most reliable way to avoid incompatibilities + in available built-in functions on various systems. */ +static void +__yy_memcpy (char *to, char *from, unsigned int count) +{ + register char *t = to; + register char *f = from; + register int i = count; + + while (i-- > 0) + *t++ = *f++; +} + +#endif +#endif + +#line 216 "/mit/gnu/share/bison.simple" + +/* The user can define YYPARSE_PARAM as the name of an argument to be passed + into yyparse. The argument should have type void *. + It should actually point to an object. + Grammar actions can access the variable by casting it + to the proper pointer type. */ + +#ifdef YYPARSE_PARAM +#ifdef __cplusplus +#define YYPARSE_PARAM_ARG void *YYPARSE_PARAM +#define YYPARSE_PARAM_DECL +#else /* not __cplusplus */ +#define YYPARSE_PARAM_ARG YYPARSE_PARAM +#define YYPARSE_PARAM_DECL void *YYPARSE_PARAM; +#endif /* not __cplusplus */ +#else /* not YYPARSE_PARAM */ +#define YYPARSE_PARAM_ARG +#define YYPARSE_PARAM_DECL +#endif /* not YYPARSE_PARAM */ + +/* Prevent warning if -Wstrict-prototypes. */ +#ifdef __GNUC__ +#ifdef YYPARSE_PARAM +int yyparse (void *); +#else +int yyparse (void); +#endif +#endif + +int +yyparse(YYPARSE_PARAM_ARG) + YYPARSE_PARAM_DECL +{ + register int yystate; + register int yyn; + register short *yyssp; + register YYSTYPE *yyvsp; + int yyerrstatus; /* number of tokens to shift before error messages enabled */ + int yychar1 = 0; /* lookahead token as an internal (translated) token number */ + + short yyssa[YYINITDEPTH]; /* the state stack */ + YYSTYPE yyvsa[YYINITDEPTH]; /* the semantic value stack */ + + short *yyss = yyssa; /* refer to the stacks thru separate pointers */ + YYSTYPE *yyvs = yyvsa; /* to allow yyoverflow to reallocate them elsewhere */ + +#ifdef YYLSP_NEEDED + YYLTYPE yylsa[YYINITDEPTH]; /* the location stack */ + YYLTYPE *yyls = yylsa; + YYLTYPE *yylsp; + +#define YYPOPSTACK (yyvsp--, yyssp--, yylsp--) +#else +#define YYPOPSTACK (yyvsp--, yyssp--) +#endif + + int yystacksize = YYINITDEPTH; + int yyfree_stacks = 0; + +#ifdef YYPURE + int yychar; + YYSTYPE yylval; + int yynerrs; +#ifdef YYLSP_NEEDED + YYLTYPE yylloc; +#endif +#endif + + YYSTYPE yyval; /* the variable used to return */ + /* semantic values from the action */ + /* routines */ + + int yylen; + +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Starting parse\n"); +#endif + + yystate = 0; + yyerrstatus = 0; + yynerrs = 0; + yychar = YYEMPTY; /* Cause a token to be read. */ + + /* Initialize stack pointers. + Waste one element of value and location stack + so that they stay on the same level as the state stack. + The wasted elements are never initialized. */ + + yyssp = yyss - 1; + yyvsp = yyvs; +#ifdef YYLSP_NEEDED + yylsp = yyls; +#endif + +/* Push a new state, which is found in yystate . */ +/* In all cases, when you get here, the value and location stacks + have just been pushed. so pushing a state here evens the stacks. */ +yynewstate: + + *++yyssp = yystate; + + if (yyssp >= yyss + yystacksize - 1) + { + /* Give user a chance to reallocate the stack */ + /* Use copies of these so that the &'s don't force the real ones into memory. */ + YYSTYPE *yyvs1 = yyvs; + short *yyss1 = yyss; +#ifdef YYLSP_NEEDED + YYLTYPE *yyls1 = yyls; +#endif + + /* Get the current used size of the three stacks, in elements. */ + int size = yyssp - yyss + 1; + +#ifdef yyoverflow + /* Each stack pointer address is followed by the size of + the data in use in that stack, in bytes. */ +#ifdef YYLSP_NEEDED + /* This used to be a conditional around just the two extra args, + but that might be undefined if yyoverflow is a macro. */ + yyoverflow("parser stack overflow", + &yyss1, size * sizeof (*yyssp), + &yyvs1, size * sizeof (*yyvsp), + &yyls1, size * sizeof (*yylsp), + &yystacksize); +#else + yyoverflow("parser stack overflow", + &yyss1, size * sizeof (*yyssp), + &yyvs1, size * sizeof (*yyvsp), + &yystacksize); +#endif + + yyss = yyss1; yyvs = yyvs1; +#ifdef YYLSP_NEEDED + yyls = yyls1; +#endif +#else /* no yyoverflow */ + /* Extend the stack our own way. */ + if (yystacksize >= YYMAXDEPTH) + { + yyerror("parser stack overflow"); + if (yyfree_stacks) + { + free (yyss); + free (yyvs); +#ifdef YYLSP_NEEDED + free (yyls); +#endif + } + return 2; + } + yystacksize *= 2; + if (yystacksize > YYMAXDEPTH) + yystacksize = YYMAXDEPTH; +#ifndef YYSTACK_USE_ALLOCA + yyfree_stacks = 1; +#endif + yyss = (short *) YYSTACK_ALLOC (yystacksize * sizeof (*yyssp)); + __yy_memcpy ((char *)yyss, (char *)yyss1, + size * (unsigned int) sizeof (*yyssp)); + yyvs = (YYSTYPE *) YYSTACK_ALLOC (yystacksize * sizeof (*yyvsp)); + __yy_memcpy ((char *)yyvs, (char *)yyvs1, + size * (unsigned int) sizeof (*yyvsp)); +#ifdef YYLSP_NEEDED + yyls = (YYLTYPE *) YYSTACK_ALLOC (yystacksize * sizeof (*yylsp)); + __yy_memcpy ((char *)yyls, (char *)yyls1, + size * (unsigned int) sizeof (*yylsp)); +#endif +#endif /* no yyoverflow */ + + yyssp = yyss + size - 1; + yyvsp = yyvs + size - 1; +#ifdef YYLSP_NEEDED + yylsp = yyls + size - 1; +#endif + +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Stack size increased to %d\n", yystacksize); +#endif + + if (yyssp >= yyss + yystacksize - 1) + YYABORT; + } + +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Entering state %d\n", yystate); +#endif + + goto yybackup; + yybackup: + +/* Do appropriate processing given the current state. */ +/* Read a lookahead token if we need one and don't already have one. */ +/* yyresume: */ + + /* First try to decide what to do without reference to lookahead token. */ + + yyn = yypact[yystate]; + if (yyn == YYFLAG) + goto yydefault; + + /* Not known => get a lookahead token if don't already have one. */ + + /* yychar is either YYEMPTY or YYEOF + or a valid token in external form. */ + + if (yychar == YYEMPTY) + { +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Reading a token: "); +#endif + yychar = YYLEX; + } + + /* Convert token to internal form (in yychar1) for indexing tables with */ + + if (yychar <= 0) /* This means end of input. */ + { + yychar1 = 0; + yychar = YYEOF; /* Don't call YYLEX any more */ + +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Now at end of input.\n"); +#endif + } + else + { + yychar1 = YYTRANSLATE(yychar); + +#if YYDEBUG != 0 + if (yydebug) + { + fprintf (stderr, "Next token is %d (%s", yychar, yytname[yychar1]); + /* Give the individual parser a way to print the precise meaning + of a token, for further debugging info. */ +#ifdef YYPRINT + YYPRINT (stderr, yychar, yylval); +#endif + fprintf (stderr, ")\n"); + } +#endif + } + + yyn += yychar1; + if (yyn < 0 || yyn > YYLAST || yycheck[yyn] != yychar1) + goto yydefault; + + yyn = yytable[yyn]; + + /* yyn is what to do for this token type in this state. + Negative => reduce, -yyn is rule number. + Positive => shift, yyn is new state. + New state is final state => don't bother to shift, + just return success. + 0, or most negative number => error. */ + + if (yyn < 0) + { + if (yyn == YYFLAG) + goto yyerrlab; + yyn = -yyn; + goto yyreduce; + } + else if (yyn == 0) + goto yyerrlab; + + if (yyn == YYFINAL) + YYACCEPT; + + /* Shift the lookahead token. */ + +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Shifting token %d (%s), ", yychar, yytname[yychar1]); +#endif + + /* Discard the token being shifted unless it is eof. */ + if (yychar != YYEOF) + yychar = YYEMPTY; + + *++yyvsp = yylval; +#ifdef YYLSP_NEEDED + *++yylsp = yylloc; +#endif + + /* count tokens shifted since error; after three, turn off error status. */ + if (yyerrstatus) yyerrstatus--; + + yystate = yyn; + goto yynewstate; + +/* Do the default action for the current state. */ +yydefault: + + yyn = yydefact[yystate]; + if (yyn == 0) + goto yyerrlab; + +/* Do a reduction. yyn is the number of a rule to reduce with. */ +yyreduce: + yylen = yyr2[yyn]; + if (yylen > 0) + yyval = yyvsp[1-yylen]; /* implement default value of the action */ + +#if YYDEBUG != 0 + if (yydebug) + { + int i; + + fprintf (stderr, "Reducing via rule %d (line %d), ", + yyn, yyrline[yyn]); + + /* Print the symbols being reduced, and their result. */ + for (i = yyprhs[yyn]; yyrhs[i] > 0; i++) + fprintf (stderr, "%s ", yytname[yyrhs[i]]); + fprintf (stderr, " -> %s\n", yytname[yyr1[yyn]]); + } +#endif + + + switch (yyn) { + +case 5: +#line 90 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ yyval.val = - yyvsp[0].val; ; + break;} +case 8: +#line 92 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ yyval.val = yyvsp[0].val; ; + break;} +case 9: +#line 94 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ DO (yyvsp[-2].val, 0, 0, yyvsp[0].val); ; + break;} +case 10: +#line 95 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ DO ( 0, yyvsp[-2].val, 0, yyvsp[0].val); ; + break;} +case 11: +#line 96 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ DO ( 0, 0, yyvsp[-2].val, yyvsp[0].val); ; + break;} +case 12: +#line 97 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ DO ( 0, 0, 0, yyvsp[-1].val); ; + break;} +case 13: +#line 98 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ DO (yyvsp[-6].val, yyvsp[-4].val, yyvsp[-2].val, yyvsp[0].val); ; + break;} +case 14: +#line 99 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ DO ( 0, yyvsp[-4].val, yyvsp[-2].val, yyvsp[0].val); ; + break;} +case 15: +#line 100 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ DO ( 0, yyvsp[-2].val, yyvsp[0].val, 0); ; + break;} +case 17: +#line 105 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ yyval.val = yyvsp[-2].val * 3600 + yyvsp[0].val; ; + break;} +case 19: +#line 108 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ yyval.val = yyvsp[-2].val * 60 + yyvsp[0].val; ; + break;} +case 20: +#line 110 "../../../../asrc/lib/krb5/krb/x-deltat.y" +{ yyval.val = 0; ; + break;} +} + /* the action file gets copied in in place of this dollarsign */ +#line 542 "/mit/gnu/share/bison.simple" + + yyvsp -= yylen; + yyssp -= yylen; +#ifdef YYLSP_NEEDED + yylsp -= yylen; +#endif + +#if YYDEBUG != 0 + if (yydebug) + { + short *ssp1 = yyss - 1; + fprintf (stderr, "state stack now"); + while (ssp1 != yyssp) + fprintf (stderr, " %d", *++ssp1); + fprintf (stderr, "\n"); + } +#endif + + *++yyvsp = yyval; + +#ifdef YYLSP_NEEDED + yylsp++; + if (yylen == 0) + { + yylsp->first_line = yylloc.first_line; + yylsp->first_column = yylloc.first_column; + yylsp->last_line = (yylsp-1)->last_line; + yylsp->last_column = (yylsp-1)->last_column; + yylsp->text = 0; + } + else + { + yylsp->last_line = (yylsp+yylen-1)->last_line; + yylsp->last_column = (yylsp+yylen-1)->last_column; + } +#endif + + /* Now "shift" the result of the reduction. + Determine what state that goes to, + based on the state we popped back to + and the rule number reduced by. */ + + yyn = yyr1[yyn]; + + yystate = yypgoto[yyn - YYNTBASE] + *yyssp; + if (yystate >= 0 && yystate <= YYLAST && yycheck[yystate] == *yyssp) + yystate = yytable[yystate]; + else + yystate = yydefgoto[yyn - YYNTBASE]; + + goto yynewstate; + +yyerrlab: /* here on detecting error */ + + if (! yyerrstatus) + /* If not already recovering from an error, report this error. */ + { + ++yynerrs; + +#ifdef YYERROR_VERBOSE + yyn = yypact[yystate]; + + if (yyn > YYFLAG && yyn < YYLAST) + { + int size = 0; + char *msg; + int x, count; + + count = 0; + /* Start X at -yyn if nec to avoid negative indexes in yycheck. */ + for (x = (yyn < 0 ? -yyn : 0); + x < (sizeof(yytname) / sizeof(char *)); x++) + if (yycheck[x + yyn] == x) + size += strlen(yytname[x]) + 15, count++; + msg = (char *) malloc(size + 15); + if (msg != 0) + { + strcpy(msg, "parse error"); + + if (count < 5) + { + count = 0; + for (x = (yyn < 0 ? -yyn : 0); + x < (sizeof(yytname) / sizeof(char *)); x++) + if (yycheck[x + yyn] == x) + { + strcat(msg, count == 0 ? ", expecting `" : " or `"); + strcat(msg, yytname[x]); + strcat(msg, "'"); + count++; + } + } + yyerror(msg); + free(msg); + } + else + yyerror ("parse error; also virtual memory exceeded"); + } + else +#endif /* YYERROR_VERBOSE */ + yyerror("parse error"); + } + + goto yyerrlab1; +yyerrlab1: /* here on error raised explicitly by an action */ + + if (yyerrstatus == 3) + { + /* if just tried and failed to reuse lookahead token after an error, discard it. */ + + /* return failure if at end of input */ + if (yychar == YYEOF) + YYABORT; + +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Discarding token %d (%s).\n", yychar, yytname[yychar1]); +#endif + + yychar = YYEMPTY; + } + + /* Else will try to reuse lookahead token + after shifting the error token. */ + + yyerrstatus = 3; /* Each real token shifted decrements this */ + + goto yyerrhandle; + +yyerrdefault: /* current state does not do anything special for the error token. */ + +#if 0 + /* This is wrong; only states that explicitly want error tokens + should shift them. */ + yyn = yydefact[yystate]; /* If its default is to accept any token, ok. Otherwise pop it.*/ + if (yyn) goto yydefault; +#endif + +yyerrpop: /* pop the current state because it cannot handle the error token */ + + if (yyssp == yyss) YYABORT; + yyvsp--; + yystate = *--yyssp; +#ifdef YYLSP_NEEDED + yylsp--; +#endif + +#if YYDEBUG != 0 + if (yydebug) + { + short *ssp1 = yyss - 1; + fprintf (stderr, "Error: state stack now"); + while (ssp1 != yyssp) + fprintf (stderr, " %d", *++ssp1); + fprintf (stderr, "\n"); + } +#endif + +yyerrhandle: + + yyn = yypact[yystate]; + if (yyn == YYFLAG) + goto yyerrdefault; + + yyn += YYTERROR; + if (yyn < 0 || yyn > YYLAST || yycheck[yyn] != YYTERROR) + goto yyerrdefault; + + yyn = yytable[yyn]; + if (yyn < 0) + { + if (yyn == YYFLAG) + goto yyerrpop; + yyn = -yyn; + goto yyreduce; + } + else if (yyn == 0) + goto yyerrpop; + + if (yyn == YYFINAL) + YYACCEPT; + +#if YYDEBUG != 0 + if (yydebug) + fprintf(stderr, "Shifting error token, "); +#endif + + *++yyvsp = yylval; +#ifdef YYLSP_NEEDED + *++yylsp = yylloc; +#endif + + yystate = yyn; + goto yynewstate; + + yyacceptlab: + /* YYACCEPT comes here. */ + if (yyfree_stacks) + { + free (yyss); + free (yyvs); +#ifdef YYLSP_NEEDED + free (yyls); +#endif + } + return 0; + + yyabortlab: + /* YYABORT comes here. */ + if (yyfree_stacks) + { + free (yyss); + free (yyvs); +#ifdef YYLSP_NEEDED + free (yyls); +#endif + } + return 1; +} +#line 113 "../../../../asrc/lib/krb5/krb/x-deltat.y" + + +static int +mylex (int *intp, char **pp) +{ + int num, c; +#define P (*pp) + char *orig_p = P; + +#ifdef isascii + if (!isascii (*P)) + return 0; +#endif + switch (c = *P++) { + case '-': + case ':': + case 'd': + case 'h': + case 'm': + case 's': + return c; + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + case '8': + case '9': + /* XXX assumes ASCII */ + num = c - '0'; + while (isdigit (*P)) { + num *= 10; + num += *P++ - '0'; + } + *intp = num; + return (P - orig_p > 2) ? LONGNUM : NUM; + case ' ': + case '\t': + case '\n': + while (isspace (*P)) + P++; + return WS; + default: + return YYEOF; + } +} + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_string_to_deltat(string, deltatp) + char FAR * string; + krb5_deltat FAR * deltatp; +{ + struct param p; + p.delta = 0; + p.p = string; + if (yyparse (&p)) + return EINVAL; + *deltatp = p.delta; + return 0; +} diff --git a/src/lib/krb5/krb/encode_kdc.c b/src/lib/krb5/krb/encode_kdc.c index e20c1f536..3b0410dd3 100644 --- a/src/lib/krb5/krb/encode_kdc.c +++ b/src/lib/krb5/krb/encode_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/encrypt_tk.c b/src/lib/krb5/krb/encrypt_tk.c index e1a1b1850..07642f04e 100644 --- a/src/lib/krb5/krb/encrypt_tk.c +++ b/src/lib/krb5/krb/encrypt_tk.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/free_rtree.c b/src/lib/krb5/krb/free_rtree.c index 58492710e..3d9ea327a 100644 --- a/src/lib/krb5/krb/free_rtree.c +++ b/src/lib/krb5/krb/free_rtree.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/fwd_tgt.c b/src/lib/krb5/krb/fwd_tgt.c index 0a8ce2240..814195a79 100644 --- a/src/lib/krb5/krb/fwd_tgt.c +++ b/src/lib/krb5/krb/fwd_tgt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ @@ -93,7 +96,8 @@ krb5_fwd_tgt_creds(context, auth_context, rhost, client, server, cc, } /* fetch tgt directly from cache */ - retval = krb5_cc_retrieve_cred (context, cc, 0, &creds, &tgt); + retval = krb5_cc_retrieve_cred (context, cc, KRB5_TC_SUPPORTED_KTYPES, + &creds, &tgt); if (retval) goto errout; diff --git a/src/lib/krb5/krb/gc_frm_kdc.c b/src/lib/krb5/krb/gc_frm_kdc.c index ac31b466d..1e315febd 100644 --- a/src/lib/krb5/krb/gc_frm_kdc.c +++ b/src/lib/krb5/krb/gc_frm_kdc.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. Neither M.I.T., the Open Computing Security Group, nor + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * Neither M.I.T., the Open Computing Security Group, nor * CyberSAFE Corporation make any representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. @@ -118,10 +121,10 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) } if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { - if (retval != KRB5_CC_NOTFOUND) { + if (retval != KRB5_CC_NOTFOUND && retval != KRB5_CC_NOT_KTYPE) { goto cleanup; } @@ -154,7 +157,7 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) goto cleanup; if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { goto cleanup; } @@ -217,10 +220,10 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) goto cleanup; if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { - if (retval != KRB5_CC_NOTFOUND) { + if (retval != KRB5_CC_NOTFOUND && retval != KRB5_CC_NOT_KTYPE) { goto cleanup; } @@ -280,7 +283,7 @@ krb5_get_cred_from_kdc_opt(context, ccache, in_cred, out_cred, tgts, kdcopt) goto cleanup; if ((retval = krb5_cc_retrieve_cred(context, ccache, - KRB5_TC_MATCH_SRV_NAMEONLY, + KRB5_TC_MATCH_SRV_NAMEONLY | KRB5_TC_SUPPORTED_KTYPES, &tgtq, &tgt))) { if (retval != KRB5_CC_NOTFOUND) { goto cleanup; diff --git a/src/lib/krb5/krb/gc_via_tkt.c b/src/lib/krb5/krb/gc_via_tkt.c index 2ea4fc815..20098781c 100644 --- a/src/lib/krb5/krb/gc_via_tkt.c +++ b/src/lib/krb5/krb/gc_via_tkt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/gen_seqnum.c b/src/lib/krb5/krb/gen_seqnum.c index 4b3cd6fe6..0089c5d2a 100644 --- a/src/lib/krb5/krb/gen_seqnum.c +++ b/src/lib/krb5/krb/gen_seqnum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/gen_subkey.c b/src/lib/krb5/krb/gen_subkey.c index 861d61e72..bf6eed938 100644 --- a/src/lib/krb5/krb/gen_subkey.c +++ b/src/lib/krb5/krb/gen_subkey.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/get_creds.c b/src/lib/krb5/krb/get_creds.c index 4fbf4cf33..3bcaa0be2 100644 --- a/src/lib/krb5/krb/get_creds.c +++ b/src/lib/krb5/krb/get_creds.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -69,7 +72,8 @@ krb5_get_credentials_core(context, options, ccache, in_creds, out_creds, mcreds->client = in_creds->client; *fields = KRB5_TC_MATCH_TIMES /*XXX |KRB5_TC_MATCH_SKEY_TYPE */ - | KRB5_TC_MATCH_AUTHDATA ; + | KRB5_TC_MATCH_AUTHDATA + | KRB5_TC_SUPPORTED_KTYPES; if (mcreds->keyblock.enctype) *fields |= KRB5_TC_MATCH_KTYPE; if (options & KRB5_GC_USER_USER) { @@ -120,7 +124,8 @@ krb5_get_credentials(context, options, ccache, in_creds, out_creds) *out_creds = ncreds; } - if (retval != KRB5_CC_NOTFOUND || options & KRB5_GC_CACHED) + if ((retval != KRB5_CC_NOTFOUND && retval != KRB5_CC_NOT_KTYPE) + || options & KRB5_GC_CACHED) return retval; retval = krb5_get_cred_from_kdc(context, ccache, ncreds, out_creds, &tgts); diff --git a/src/lib/krb5/krb/get_in_tkt.c b/src/lib/krb5/krb/get_in_tkt.c index ebf8e4477..86978f360 100644 --- a/src/lib/krb5/krb/get_in_tkt.c +++ b/src/lib/krb5/krb/get_in_tkt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/in_tkt_ktb.c b/src/lib/krb5/krb/in_tkt_ktb.c index 0c901c1b9..10b920cef 100644 --- a/src/lib/krb5/krb/in_tkt_ktb.c +++ b/src/lib/krb5/krb/in_tkt_ktb.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/in_tkt_pwd.c b/src/lib/krb5/krb/in_tkt_pwd.c index e03883e9d..00293564e 100644 --- a/src/lib/krb5/krb/in_tkt_pwd.c +++ b/src/lib/krb5/krb/in_tkt_pwd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/in_tkt_sky.c b/src/lib/krb5/krb/in_tkt_sky.c index 3c7a0cd32..7371f1e95 100644 --- a/src/lib/krb5/krb/in_tkt_sky.c +++ b/src/lib/krb5/krb/in_tkt_sky.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/init_ctx.c b/src/lib/krb5/krb/init_ctx.c index 2ddd2d0c5..6fa773f73 100644 --- a/src/lib/krb5/krb/init_ctx.c +++ b/src/lib/krb5/krb/init_ctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -58,9 +61,26 @@ extern krb5_error_code krb5_vercheck(); extern void krb5_win_ccdll_load(krb5_context context); #endif +static krb5_error_code init_common (); + KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_init_context(context) krb5_context *context; +{ + return init_common (context, FALSE); +} + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_init_secure_context(context) + krb5_context *context; +{ + return init_common (context, TRUE); +} + +static krb5_error_code +init_common (context, secure) + krb5_context *context; + krb5_boolean secure; { krb5_context ctx = 0; krb5_error_code retval; @@ -96,6 +116,8 @@ krb5_init_context(context) memset(ctx, 0, sizeof(struct _krb5_context)); ctx->magic = KV5M_CONTEXT; + ctx->profile_secure = secure; + /* Set the default encryption types, possible defined in krb5/conf */ if ((retval = krb5_set_default_in_tkt_ktypes(ctx, NULL))) goto cleanup; @@ -250,12 +272,13 @@ krb5_set_default_in_tkt_ktypes(context, ktypes) } static krb5_error_code -get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) +get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list, desonly) krb5_context context; krb5_enctype **ktypes; char *profstr; int ctx_count; krb5_enctype FAR *ctx_list; + int desonly; { krb5_enctype *old_ktypes; @@ -283,7 +306,7 @@ get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) code = profile_get_string(context->profile, "libdefaults", profstr, NULL, - "des3-hmac-sha1 des-cbc-md5 des-cbc-crc", + "des3-cbc-sha1 des-cbc-md5 des-cbc-crc", &retval); if (code) return code; @@ -313,8 +336,21 @@ get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) j = 0; i = 1; while (1) { - if (! krb5_string_to_enctype(sp, &old_ktypes[j])) + if (! krb5_string_to_enctype(sp, &old_ktypes[j])) { + switch (old_ktypes[j]) { + default: + if (desonly) + /* Other types not supported yet. */ + break; + /* else fall through */ + + case ENCTYPE_NULL: + case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES_CBC_MD5: j++; + break; + } + } if (i++ >= count) break; @@ -328,6 +364,12 @@ get_profile_etype_list(context, ktypes, profstr, ctx_count, ctx_list) profile_release_string(retval); } + if (old_ktypes[0] == 0) { + free (old_ktypes); + *ktypes = 0; + return KRB5_CONFIG_ETYPE_NOSUPP; + } + *ktypes = old_ktypes; return 0; } @@ -339,7 +381,7 @@ krb5_get_default_in_tkt_ktypes(context, ktypes) { return(get_profile_etype_list(context, ktypes, "default_tkt_enctypes", context->in_tkt_ktype_count, - context->in_tkt_ktypes)); + context->in_tkt_ktypes, 1)); } krb5_error_code @@ -382,7 +424,7 @@ krb5_get_tgs_ktypes(context, princ, ktypes) { return(get_profile_etype_list(context, ktypes, "default_tgs_enctypes", context->tgs_ktype_count, - context->tgs_ktypes)); + context->tgs_ktypes, 1)); } krb5_error_code @@ -392,7 +434,7 @@ krb5_get_permitted_enctypes(context, ktypes) { return(get_profile_etype_list(context, ktypes, "permitted_enctypes", context->tgs_ktype_count, - context->tgs_ktypes)); + context->tgs_ktypes, 0)); } krb5_boolean diff --git a/src/lib/krb5/krb/int-proto.h b/src/lib/krb5/krb/int-proto.h index 7ad90e0e8..53144b15d 100644 --- a/src/lib/krb5/krb/int-proto.h +++ b/src/lib/krb5/krb/int-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/kdc_rep_dc.c b/src/lib/krb5/krb/kdc_rep_dc.c index a9cbcf39b..764c0a5c2 100644 --- a/src/lib/krb5/krb/kdc_rep_dc.c +++ b/src/lib/krb5/krb/kdc_rep_dc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/kfree.c b/src/lib/krb5/krb/kfree.c index 945bf5950..9e6cd8cae 100644 --- a/src/lib/krb5/krb/kfree.c +++ b/src/lib/krb5/krb/kfree.c @@ -15,7 +15,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -33,7 +36,6 @@ krb5_free_address(context, val) if (val->contents) krb5_xfree(val->contents); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -49,7 +51,6 @@ krb5_free_addresses(context, val) krb5_xfree(*temp); } krb5_xfree(val); - return; } @@ -61,7 +62,6 @@ krb5_free_ap_rep(context, val) if (val->enc_part.ciphertext.data) krb5_xfree(val->enc_part.ciphertext.data); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -74,7 +74,6 @@ krb5_free_ap_req(context, val) if (val->authenticator.ciphertext.data) krb5_xfree(val->authenticator.ciphertext.data); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -85,7 +84,6 @@ krb5_free_ap_rep_enc_part(context, val) if (val->subkey) krb5_free_keyblock(context, val->subkey); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -93,15 +91,22 @@ krb5_free_authenticator_contents(context, val) krb5_context context; krb5_authenticator FAR *val; { - if (val->checksum) + if (val->checksum) { krb5_free_checksum(context, val->checksum); - if (val->client) + val->checksum = 0; + } + if (val->client) { krb5_free_principal(context, val->client); - if (val->subkey) + val->client = 0; + } + if (val->subkey) { krb5_free_keyblock(context, val->subkey); - if (val->authorization_data) - krb5_free_authdata(context, val->authorization_data); - return; + val->subkey = 0; + } + if (val->authorization_data) { + krb5_free_authdata(context, val->authorization_data); + val->authorization_data = 0; + } } KRB5_DLLIMP void KRB5_CALLCONV @@ -117,7 +122,6 @@ krb5_free_authdata(context, val) krb5_xfree(*temp); } krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -125,16 +129,8 @@ krb5_free_authenticator(context, val) krb5_context context; krb5_authenticator FAR *val; { - if (val->checksum) - krb5_free_checksum(context, val->checksum); - if (val->client) - krb5_free_principal(context, val->client); - if (val->subkey) - krb5_free_keyblock(context, val->subkey); - if (val->authorization_data) - krb5_free_authdata(context, val->authorization_data); + krb5_free_authenticator_contents(context, val); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -142,10 +138,8 @@ krb5_free_checksum(context, val) krb5_context context; register krb5_checksum *val; { - if (val->contents) - krb5_xfree(val->contents); + krb5_free_checksum_contents(context, val); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -153,9 +147,10 @@ krb5_free_checksum_contents(context, val) krb5_context context; register krb5_checksum *val; { - if (val->contents) + if (val->contents) { krb5_xfree(val->contents); - return; + val->contents = 0; + } } KRB5_DLLIMP void KRB5_CALLCONV @@ -168,7 +163,6 @@ krb5_free_cred(context, val) if (val->enc_part.ciphertext.data) krb5_xfree(val->enc_part.ciphertext.data); krb5_xfree(val); - return; } /* @@ -181,23 +175,35 @@ krb5_free_cred_contents(context, val) krb5_context context; krb5_creds FAR *val; { - if (val->client) + if (val->client) { krb5_free_principal(context, val->client); - if (val->server) + val->client = 0; + } + if (val->server) { krb5_free_principal(context, val->server); + val->server = 0; + } if (val->keyblock.contents) { memset((char *)val->keyblock.contents, 0, val->keyblock.length); krb5_xfree(val->keyblock.contents); + val->keyblock.contents = 0; } - if (val->ticket.data) + if (val->ticket.data) { krb5_xfree(val->ticket.data); - if (val->second_ticket.data) + val->ticket.data = 0; + } + if (val->second_ticket.data) { krb5_xfree(val->second_ticket.data); - if (val->addresses) + val->second_ticket.data = 0; + } + if (val->addresses) { krb5_free_addresses(context, val->addresses); - if (val->authdata) + val->addresses = 0; + } + if (val->authdata) { krb5_free_authdata(context, val->authdata); - return; + val->authdata = 0; + } } KRB5_DLLIMP void KRB5_CALLCONV @@ -207,10 +213,14 @@ krb5_free_cred_enc_part(context, val) { register krb5_cred_info **temp; - if (val->r_address) - krb5_free_address(context, val->r_address); - if (val->s_address) - krb5_free_address(context, val->s_address); + if (val->r_address) { + krb5_free_address(context, val->r_address); + val->r_address = 0; + } + if (val->s_address) { + krb5_free_address(context, val->s_address); + val->s_address = 0; + } if (val->ticket_info) { for (temp = val->ticket_info; *temp; temp++) { @@ -225,8 +235,8 @@ krb5_free_cred_enc_part(context, val) krb5_xfree((*temp)); } krb5_xfree(val->ticket_info); + val->ticket_info = 0; } - return; } @@ -237,7 +247,6 @@ krb5_free_creds(context, val) { krb5_free_cred_contents(context, val); krb5_xfree(val); - return; } @@ -249,7 +258,6 @@ krb5_free_data(context, val) if (val->data) krb5_xfree(val->data); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -257,9 +265,10 @@ krb5_free_data_contents(context, val) krb5_context context; krb5_data FAR * val; { - if (val->data) + if (val->data) { krb5_xfree(val->data); - return; + val->data = 0; + } } void krb5_free_etype_info(context, info) @@ -291,7 +300,6 @@ krb5_free_enc_kdc_rep_part(context, val) if (val->caddrs) krb5_free_addresses(context, val->caddrs); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -310,7 +318,6 @@ krb5_free_enc_tkt_part(context, val) if (val->authorization_data) krb5_free_authdata(context, val->authorization_data); krb5_xfree(val); - return; } @@ -328,7 +335,6 @@ krb5_free_error(context, val) if (val->e_data.data) krb5_xfree(val->e_data.data); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -347,7 +353,6 @@ krb5_free_kdc_rep(context, val) if (val->enc_part2) krb5_free_enc_kdc_rep_part(context, val->enc_part2); krb5_xfree(val); - return; } @@ -373,7 +378,6 @@ krb5_free_kdc_req(context, val) if (val->second_ticket) krb5_free_tickets(context, val->second_ticket); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -384,8 +388,8 @@ krb5_free_keyblock_contents(context, key) if (key->contents) { memset(key->contents, 0, key->length); krb5_xfree(key->contents); + key->contents = 0; } - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -395,7 +399,6 @@ krb5_free_keyblock(context, val) { krb5_free_keyblock_contents(context, val); krb5_xfree(val); - return; } @@ -410,7 +413,6 @@ krb5_free_last_req(context, val) for (temp = val; *temp; temp++) krb5_xfree(*temp); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -426,7 +428,6 @@ krb5_free_pa_data(context, val) krb5_xfree(*temp); } krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -448,7 +449,6 @@ krb5_free_principal(context, val) if (val->realm.data) krb5_xfree(val->realm.data); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -459,7 +459,6 @@ krb5_free_priv(context, val) if (val->enc_part.ciphertext.data) krb5_xfree(val->enc_part.ciphertext.data); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -474,7 +473,6 @@ krb5_free_priv_enc_part(context, val) if (val->s_address) krb5_free_address(context, val->s_address); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -485,7 +483,6 @@ krb5_free_pwd_data(context, val) if (val->element) krb5_free_pwd_sequences(context, val->element); krb5_xfree(val); - return; } @@ -494,11 +491,14 @@ krb5_free_pwd_sequences(context, val) krb5_context context; passwd_phrase_element FAR * FAR *val; { - if ((*val)->passwd) + if ((*val)->passwd) { krb5_xfree((*val)->passwd); - if ((*val)->phrase) + (*val)->passwd = 0; + } + if ((*val)->phrase) { krb5_xfree((*val)->phrase); - return; + (*val)->phrase = 0; + } } @@ -516,7 +516,6 @@ krb5_free_safe(context, val) if (val->checksum) krb5_free_checksum(context, val->checksum); krb5_xfree(val); - return; } @@ -532,7 +531,6 @@ krb5_free_ticket(context, val) if (val->enc_part2) krb5_free_enc_tkt_part(context, val->enc_part2); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -545,7 +543,6 @@ krb5_free_tickets(context, val) for (temp = val; *temp; temp++) krb5_free_ticket(context, *temp); krb5_xfree(val); - return; } @@ -570,7 +567,6 @@ krb5_free_tkt_authent(context, val) if (val->authenticator) krb5_free_authenticator(context, val->authenticator); krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -580,7 +576,6 @@ krb5_free_unparsed_name(context, val) { if (val) krb5_xfree(val); - return; } KRB5_DLLIMP void KRB5_CALLCONV @@ -609,8 +604,10 @@ krb5_free_sam_challenge_contents(krb5_context ctx, krb5_sam_challenge FAR *sc) krb5_free_data_contents(ctx, &sc->sam_response_prompt); if (sc->sam_pk_for_sad.data) krb5_free_data_contents(ctx, &sc->sam_pk_for_sad); - if (sc->sam_cksum.contents) + if (sc->sam_cksum.contents) { krb5_xfree(sc->sam_cksum.contents); + sc->sam_cksum.contents = 0; + } } KRB5_DLLIMP void KRB5_CALLCONV @@ -682,4 +679,3 @@ krb5_free_pa_enc_ts(krb5_context ctx, krb5_pa_enc_ts FAR *pa_enc_ts) return; krb5_xfree(pa_enc_ts); } - diff --git a/src/lib/krb5/krb/mk_error.c b/src/lib/krb5/krb/mk_error.c index 77e502fde..13bc15c34 100644 --- a/src/lib/krb5/krb/mk_error.c +++ b/src/lib/krb5/krb/mk_error.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_priv.c b/src/lib/krb5/krb/mk_priv.c index 2e7f2ce25..768581750 100644 --- a/src/lib/krb5/krb/mk_priv.c +++ b/src/lib/krb5/krb/mk_priv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_rep.c b/src/lib/krb5/krb/mk_rep.c index f0398475f..6a0ffb743 100644 --- a/src/lib/krb5/krb/mk_rep.c +++ b/src/lib/krb5/krb/mk_rep.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_req.c b/src/lib/krb5/krb/mk_req.c index a454a5759..24c072823 100644 --- a/src/lib/krb5/krb/mk_req.c +++ b/src/lib/krb5/krb/mk_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_req_ext.c b/src/lib/krb5/krb/mk_req_ext.c index 1530f7961..a8b20ebcb 100644 --- a/src/lib/krb5/krb/mk_req_ext.c +++ b/src/lib/krb5/krb/mk_req_ext.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/mk_safe.c b/src/lib/krb5/krb/mk_safe.c index 0d5a49080..781e256c9 100644 --- a/src/lib/krb5/krb/mk_safe.c +++ b/src/lib/krb5/krb/mk_safe.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/parse.c b/src/lib/krb5/krb/parse.c index 2e6bc6bb0..b628a0d0e 100644 --- a/src/lib/krb5/krb/parse.c +++ b/src/lib/krb5/krb/parse.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/pr_to_salt.c b/src/lib/krb5/krb/pr_to_salt.c index b8e9a1b92..9ccc3b4ce 100644 --- a/src/lib/krb5/krb/pr_to_salt.c +++ b/src/lib/krb5/krb/pr_to_salt.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/preauth.c b/src/lib/krb5/krb/preauth.c index ab1432fdb..74de4dc6d 100644 --- a/src/lib/krb5/krb/preauth.c +++ b/src/lib/krb5/krb/preauth.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c index 9ede43128..f4629756e 100644 --- a/src/lib/krb5/krb/preauth2.c +++ b/src/lib/krb5/krb/preauth2.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -411,6 +414,8 @@ krb5_do_preauth(krb5_context context, { int h, i, j, out_pa_list_size; krb5_pa_data *out_pa, **out_pa_list; + krb5_data scratch; + krb5_etype_info etype_info = NULL; krb5_error_code ret; static int paorder[] = { PA_INFO, PA_REAL }; int realdone; @@ -428,6 +433,37 @@ krb5_do_preauth(krb5_context context, for (h=0; h<(sizeof(paorder)/sizeof(paorder[0])); h++) { realdone = 0; for (i=0; in_padata[i] && !realdone; i++) { + /* + * This is really gross, but is necessary to prevent + * lossge when talking to a 1.0.x KDC, which returns an + * erroneous PA-PW-SALT when it returns a KRB-ERROR + * requiring additional preauth. + */ + switch (in_padata[i]->pa_type) { + case KRB5_PADATA_ETYPE_INFO: + if (etype_info) + continue; + scratch.length = in_padata[i]->length; + scratch.data = in_padata[i]->contents; + ret = decode_krb5_etype_info(&scratch, &etype_info); + if (ret) { + if (out_pa_list) { + out_pa_list[out_pa_list_size++] = NULL; + krb5_free_pa_data(context, out_pa_list); + } + return ret; + } + salt->data = (char *) etype_info[0]->salt; + salt->length = etype_info[0]->length; + break; + case KRB5_PADATA_PW_SALT: + case KRB5_PADATA_AFS3_SALT: + if (etype_info) + continue; + break; + default: + ; + } for (j=0; pa_types[j].type >= 0; j++) { if ((in_padata[i]->pa_type == pa_types[j].type) && (pa_types[j].flags & paorder[h])) { @@ -442,6 +478,8 @@ krb5_do_preauth(krb5_context context, out_pa_list[out_pa_list_size++] = NULL; krb5_free_pa_data(context, out_pa_list); } + if (etype_info) + krb5_free_etype_info(context, etype_info); return(ret); } diff --git a/src/lib/krb5/krb/princ_comp.c b/src/lib/krb5/krb/princ_comp.c index 635d22cc3..cba26a6ac 100644 --- a/src/lib/krb5/krb/princ_comp.c +++ b/src/lib/krb5/krb/princ_comp.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_error.c b/src/lib/krb5/krb/rd_error.c index 7f8e4226e..954f024c9 100644 --- a/src/lib/krb5/krb/rd_error.c +++ b/src/lib/krb5/krb/rd_error.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_priv.c b/src/lib/krb5/krb/rd_priv.c index f08975f22..9629b0c19 100644 --- a/src/lib/krb5/krb/rd_priv.c +++ b/src/lib/krb5/krb/rd_priv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_rep.c b/src/lib/krb5/krb/rd_rep.c index 411a61ddb..3b6f7cb8d 100644 --- a/src/lib/krb5/krb/rd_rep.c +++ b/src/lib/krb5/krb/rd_rep.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_req.c b/src/lib/krb5/krb/rd_req.c index 7fbe1727c..b25f78dc4 100644 --- a/src/lib/krb5/krb/rd_req.c +++ b/src/lib/krb5/krb/rd_req.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/rd_req_dec.c b/src/lib/krb5/krb/rd_req_dec.c index cdbdc81df..442e78b2d 100644 --- a/src/lib/krb5/krb/rd_req_dec.c +++ b/src/lib/krb5/krb/rd_req_dec.c @@ -17,7 +17,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. Neither M.I.T., the Open Computing Security Group, nor + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * Neither M.I.T., the Open Computing Security Group, nor * CyberSAFE Corporation make any representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. diff --git a/src/lib/krb5/krb/rd_safe.c b/src/lib/krb5/krb/rd_safe.c index 1c5aca21c..19c541f0f 100644 --- a/src/lib/krb5/krb/rd_safe.c +++ b/src/lib/krb5/krb/rd_safe.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/recvauth.c b/src/lib/krb5/krb/recvauth.c index 8ee99fbb1..3d5bce491 100644 --- a/src/lib/krb5/krb/recvauth.c +++ b/src/lib/krb5/krb/recvauth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/send_tgs.c b/src/lib/krb5/krb/send_tgs.c index 19de14e1a..520c0e211 100644 --- a/src/lib/krb5/krb/send_tgs.c +++ b/src/lib/krb5/krb/send_tgs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/sendauth.c b/src/lib/krb5/krb/sendauth.c index 343611830..4e7c3a7c6 100644 --- a/src/lib/krb5/krb/sendauth.c +++ b/src/lib/krb5/krb/sendauth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_actx.c b/src/lib/krb5/krb/ser_actx.c index 42b9bfeb6..bac90e3fe 100644 --- a/src/lib/krb5/krb/ser_actx.c +++ b/src/lib/krb5/krb/ser_actx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_adata.c b/src/lib/krb5/krb/ser_adata.c index cfcced42b..8fc04d0e5 100644 --- a/src/lib/krb5/krb/ser_adata.c +++ b/src/lib/krb5/krb/ser_adata.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_addr.c b/src/lib/krb5/krb/ser_addr.c index a6a387747..fd06b36ac 100644 --- a/src/lib/krb5/krb/ser_addr.c +++ b/src/lib/krb5/krb/ser_addr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_auth.c b/src/lib/krb5/krb/ser_auth.c index 791bbcf34..4c97eb0f3 100644 --- a/src/lib/krb5/krb/ser_auth.c +++ b/src/lib/krb5/krb/ser_auth.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_cksum.c b/src/lib/krb5/krb/ser_cksum.c index 3fc9d5196..74657b1ca 100644 --- a/src/lib/krb5/krb/ser_cksum.c +++ b/src/lib/krb5/krb/ser_cksum.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_ctx.c b/src/lib/krb5/krb/ser_ctx.c index 13392a738..1b4720fe1 100644 --- a/src/lib/krb5/krb/ser_ctx.c +++ b/src/lib/krb5/krb/ser_ctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_eblk.c b/src/lib/krb5/krb/ser_eblk.c index 04e21faab..bd4b4c594 100644 --- a/src/lib/krb5/krb/ser_eblk.c +++ b/src/lib/krb5/krb/ser_eblk.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_key.c b/src/lib/krb5/krb/ser_key.c index d999647b5..3b457477d 100644 --- a/src/lib/krb5/krb/ser_key.c +++ b/src/lib/krb5/krb/ser_key.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/ser_princ.c b/src/lib/krb5/krb/ser_princ.c index 582875401..956f508db 100644 --- a/src/lib/krb5/krb/ser_princ.c +++ b/src/lib/krb5/krb/ser_princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/serialize.c b/src/lib/krb5/krb/serialize.c index 58a88e4ed..0afd502a1 100644 --- a/src/lib/krb5/krb/serialize.c +++ b/src/lib/krb5/krb/serialize.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/set_realm.c b/src/lib/krb5/krb/set_realm.c index a422c00cc..3f0df6f84 100644 --- a/src/lib/krb5/krb/set_realm.c +++ b/src/lib/krb5/krb/set_realm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/lib/krb5/krb/srv_rcache.c b/src/lib/krb5/krb/srv_rcache.c index 8dce0bf16..c94201bad 100644 --- a/src/lib/krb5/krb/srv_rcache.c +++ b/src/lib/krb5/krb/srv_rcache.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/str_conv.c b/src/lib/krb5/krb/str_conv.c index 7041f618c..61113db33 100644 --- a/src/lib/krb5/krb/str_conv.c +++ b/src/lib/krb5/krb/str_conv.c @@ -1,7 +1,7 @@ /* * lib/kadm/str_conv.c * - * Copyright 1995 by the Massachusetts Institute of Technology. + * Copyright 1995, 1999 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -45,6 +48,8 @@ #include "k5-int.h" +/* Salt type conversions */ + /* * Local data structures. */ @@ -54,277 +59,23 @@ struct salttype_lookup_entry { const char * stt_output; /* How to spit it out */ }; -struct deltat_match_entry { - const char * dt_scan_format; /* sscanf format */ - int dt_nmatch; /* Number to match */ - int dt_dindex; /* Day index */ - int dt_hindex; /* Hour index */ - int dt_mindex; /* Minute index */ - int dt_sindex; /* Second index */ -}; - -/* - * Local strings - */ - -/* Salttype strings */ -static const char stype_v5_in[] = "normal"; -static const char stype_v4_in[] = "v4"; -static const char stype_norealm_in[] = "norealm"; -static const char stype_olrealm_in[] = "onlyrealm"; -static const char stype_special_in[] = "special"; -static const char stype_afs3_in[] = "afs3"; -static const char stype_v5_out[] = "Version 5"; -static const char stype_v4_out[] = "Version 4"; -static const char stype_norealm_out[] = "Version 5 - No Realm"; -static const char stype_olrealm_out[] = "Version 5 - Realm Only"; -static const char stype_special_out[] = "Special"; -static const char stype_afs3_out[] = "AFS version 3"; - -/* Absolute time strings */ -static const char atime_full_digits[] = "%y%m%d%H%M%S"; -static const char atime_full_digits_d[] = "%y.%m.%d.%H.%M.%S"; -static const char atime_full_digits_Y[] = "%Y%m%d%H%M%S"; -static const char atime_full_digits_Yd[]= "%Y.%m.%d.%H.%M.%S"; -static const char atime_nsec_digits[] = "%y%m%d%H%M"; -static const char atime_rel_hms[] = "%H%M%S"; -static const char atime_rel_hm[] = "%H%M"; -static const char atime_rel_col_hms[] = "%T"; -static const char atime_rel_col_hm[] = "%R"; -static const char atime_ldep_sfmt[] = "%x:%X"; -static const char atime_full_text[] = "%d-%b-%Y:%T"; -static const char atime_full_text_nos[] = "%d-%b-%Y:%R"; -#if !HAVE_STRPTIME -static const char ascan_full_digits[] = "%02d%02d%02d%02d%02d%02d"; -static const char ascan_full_digits_d[] = "%02d.%02d.%02d.%02d.%02d.%02d"; -static const char ascan_full_digits_Y[] = "%4d%02d%02d%02d%02d%02d"; -static const char ascan_full_digits_Yd[]= "%4d.%02d.%02d.%02d.%02d.%02d"; -static const char ascan_nsec_digits[] = "%02d%02d%02d%02d%02d"; -static const char ascan_rel_hms[] = "%02d%02d%02d"; -static const char ascan_rel_hm[] = "%02d%02d"; -static const char ascan_rel_col_hms[] = "%02d:%02d:%02d"; -static const char ascan_rel_col_hm[] = "%02d:%02d"; -#endif /* !HAVE_STRPTIME */ -#ifdef HAVE_STRFTIME -static const char sftime_ldep_time[] = "%c"; -static const char sftime_med_fmt[] = "%d %b %Y %T"; -static const char sftime_short_fmt[] = "%x %X"; -static const char sftime_last_fmt[] = "%d/%m/%Y %R"; -#endif /* HAVE_STRFTIME */ -static const char sftime_default_fmt[] = "%02d/%02d/%4d %02d:%02d"; -static const size_t sftime_default_len = 2+1+2+1+4+1+2+1+2+1; - -/* Delta time strings */ -static const char dtscan_dhms_notext[] = "%d-%02d:%02d:%02d"; -static const char dtscan_dhms_stext[] = "%dd%dh%dm%ds"; -static const char dtscan_hms_notext[] = "%d:%02d:%02d"; -static const char dtscan_hms_stext[] = "%dh%dm%ds"; -static const char dtscan_hm_notext[] = "%d:%02d"; -static const char dtscan_hm_stext[] = "%dh%dm"; -static const char dtscan_days[] = "%d%[d]"; -static const char dtscan_hours[] = "%d%[h]"; -static const char dtscan_minutes[] = "%d%[m]"; -static const char dtscan_seconds[] = "%d%[s]"; -static const char dt_day_singular[] = "day"; -static const char dt_day_plural[] = "days"; -static const char dt_output_donly[] = "%d %s"; -static const char dt_output_dhms[] = "%d %s %02d:%02d:%02d"; -static const char dt_output_hms[] = "%d:%02d:%02d"; - /* * Lookup tables. */ static const struct salttype_lookup_entry salttype_table[] = { -/* salt type input specifier output string */ -/*----------------------------- ----------------------- ------------------*/ -{ KRB5_KDB_SALTTYPE_NORMAL, stype_v5_in, stype_v5_out }, -{ KRB5_KDB_SALTTYPE_V4, stype_v4_in, stype_v4_out }, -{ KRB5_KDB_SALTTYPE_NOREALM, stype_norealm_in, stype_norealm_out }, -{ KRB5_KDB_SALTTYPE_ONLYREALM, stype_olrealm_in, stype_olrealm_out }, -{ KRB5_KDB_SALTTYPE_SPECIAL, stype_special_in, stype_special_out }, -{ KRB5_KDB_SALTTYPE_AFS3, stype_afs3_in, stype_afs3_out } +/* salt type input specifier output string */ +/*----------------------------- --------------- ---------------*/ +{ KRB5_KDB_SALTTYPE_NORMAL, "normal", "Version 5" }, +{ KRB5_KDB_SALTTYPE_V4, "v4", "Version 4" }, +{ KRB5_KDB_SALTTYPE_NOREALM, "norealm", "Version 5 - No Realm" }, +{ KRB5_KDB_SALTTYPE_ONLYREALM, "onlyrealm", "Version 5 - Realm Only" }, +{ KRB5_KDB_SALTTYPE_SPECIAL, "special", "Special" }, +{ KRB5_KDB_SALTTYPE_AFS3, "afs3", "AFS version 3" } }; static const int salttype_table_nents = sizeof(salttype_table)/ sizeof(salttype_table[0]); -static const char * const atime_format_table[] = { -atime_full_digits_Y, /* yyyymmddhhmmss */ -atime_full_digits_Yd, /* yyyy.mm.dd.hh.mm.ss */ -atime_full_digits, /* yymmddhhmmss */ -atime_full_digits_d, /* yy.mm.dd.hh.mm.ss */ -atime_nsec_digits, /* yymmddhhmm */ -atime_rel_hms, /* hhmmss */ -atime_rel_hm, /* hhmm */ -atime_rel_col_hms, /* hh:mm:ss */ -atime_rel_col_hm, /* hh:mm */ -/* The following not really supported unless native strptime present */ -atime_ldep_sfmt, /*locale-dependent short format */ -atime_full_text, /* dd-month-yyyy:hh:mm:ss */ -atime_full_text_nos /* dd-month-yyyy:hh:mm */ -}; -static const int atime_format_table_nents = sizeof(atime_format_table)/ - sizeof(atime_format_table[0]); - -#ifdef HAVE_STRFTIME -static const char * const sftime_format_table[] = { -sftime_ldep_time, /* Default locale-dependent date and time */ -sftime_med_fmt, /* dd mon yy hh:mm:ss */ -sftime_short_fmt, /* locale-dependent short format */ -sftime_last_fmt /* dd/mm/yy hh:mm */ -}; -static const int sftime_format_table_nents = sizeof(sftime_format_table)/ - sizeof(sftime_format_table[0]); -#endif /* HAVE_STRFTIME */ - -static const struct deltat_match_entry deltat_table[] = { -/* scan format nmatch daypos hourpos minpos secpos */ -/*--------------------- ------- ------- ------- ------- --------*/ -{ dtscan_dhms_notext, 4, 0, 1, 2, 3 }, -{ dtscan_dhms_stext, 4, 0, 1, 2, 3 }, -{ dtscan_hms_notext, 3, -1, 0, 1, 2 }, -{ dtscan_hms_stext, 3, -1, 0, 1, 2 }, -{ dtscan_hm_notext, 2, -1, -1, 0, 1 }, -{ dtscan_hm_stext, 2, -1, -1, 0, 1 }, -{ dtscan_days, 2, 0, -1, -1, -1 }, -{ dtscan_hours, 2, -1, 0, -1, -1 }, -{ dtscan_minutes, 2, -1, -1, 0, -1 }, -{ dtscan_seconds, 2, -1, -1, -1, 0 } -}; -static const int deltat_table_nents = sizeof(deltat_table)/ - sizeof(deltat_table[0]); - -#if !HAVE_STRPTIME -/* - * Rudimentary version of strptime for systems which don't have it. - */ -static char * -strptime(buf, format, tm) - char *buf; - const char *format; - struct tm *tm; -{ - int year, month, day, hour, minute, second; - char *bp; - time_t now; - - /* - * We only understand the following fixed formats: - * %Y%m%d%H%M%S - * %Y.%m.%d.%H.%M.%S - * %y%m%d%H%M%S - * %y.%m.%d.%H.%M.%S - * %y%m%d%H%M - * %H%M%S - * %H%M - * %T - * %R - */ - bp = (char *) NULL; - if (!strcmp(format, atime_full_digits_Y) && - (sscanf(buf, ascan_full_digits_Y, - &year, &month, &day, &hour, &minute, &second) == 6)) { - if (year < 1900) - return NULL; - tm->tm_year = year-1900; - tm->tm_mon = month - 1; - tm->tm_mday = day; - tm->tm_hour = hour; - tm->tm_min = minute; - tm->tm_sec = second; - bp = &buf[strlen(atime_full_digits)]; - } - else if (!strcmp(format,atime_full_digits_Yd) && - (sscanf(buf, ascan_full_digits_Yd, - &year, &month, &day, &hour, &minute, &second) == 6)) { - if (year < 1900) - return NULL; - tm->tm_year = year-1900; - tm->tm_mon = month - 1; - tm->tm_mday = day; - tm->tm_hour = hour; - tm->tm_min = minute; - tm->tm_sec = second; - bp = &buf[strlen(atime_full_digits_d)]; - } - else if (!strcmp(format, atime_full_digits) && - (sscanf(buf, ascan_full_digits, - &year, &month, &day, &hour, &minute, &second) == 6)) { - if (year <= 68) - year += 100; - tm->tm_year = year; - tm->tm_mon = month - 1; - tm->tm_mday = day; - tm->tm_hour = hour; - tm->tm_min = minute; - tm->tm_sec = second; - bp = &buf[strlen(atime_full_digits)]; - } - else if (!strcmp(format,atime_full_digits_d) && - (sscanf(buf, ascan_full_digits_d, - &year, &month, &day, &hour, &minute, &second) == 6)) { - if (year <= 68) - year += 100; - tm->tm_year = year; - tm->tm_mon = month - 1; - tm->tm_mday = day; - tm->tm_hour = hour; - tm->tm_min = minute; - tm->tm_sec = second; - bp = &buf[strlen(atime_full_digits_d)]; - } - else if (!strcmp(format, atime_nsec_digits) && - (sscanf(buf, ascan_nsec_digits, - &year, &month, &day, &hour, &minute) == 5)) { - if (year <= 68) - year += 100; - tm->tm_year = year; - tm->tm_mon = month - 1; - tm->tm_mday = day; - tm->tm_hour = hour; - tm->tm_min = minute; - tm->tm_sec = 0; - bp = &buf[strlen(atime_nsec_digits)]; - } - else if (!strcmp(format, atime_rel_hms) && - (sscanf(buf, ascan_rel_hms, &hour, &minute, &second) == 3)) { - now = time((time_t *) NULL); - memcpy(tm, localtime(&now), sizeof(struct tm)); - tm->tm_hour = hour; - tm->tm_min = minute; - tm->tm_sec = second; - bp = &buf[strlen(atime_rel_hms)]; - } - else if (!strcmp(format, atime_rel_hm) && - (sscanf(buf, ascan_rel_hm, &hour, &minute) == 2)) { - now = time((time_t *) NULL); - memcpy(tm, localtime(&now), sizeof(struct tm)); - tm->tm_hour = hour; - tm->tm_min = minute; - bp = &buf[strlen(atime_rel_hm)]; - } - else if (!strcmp(format, atime_rel_col_hms) && - (sscanf(buf, ascan_rel_col_hms, &hour, &minute, &second) == 3)) { - now = time((time_t *) NULL); - memcpy(tm, localtime(&now), sizeof(struct tm)); - tm->tm_hour = hour; - tm->tm_min = minute; - tm->tm_sec = second; - bp = &buf[strlen(atime_rel_col_hms)]; - } - else if (!strcmp(format, atime_rel_col_hm) && - (sscanf(buf, ascan_rel_col_hm, &hour, &minute) == 2)) { - now = time((time_t *) NULL); - memcpy(tm, localtime(&now), sizeof(struct tm)); - tm->tm_hour = hour; - tm->tm_min = minute; - bp = &buf[strlen(atime_rel_col_hm)]; - } else - return NULL; - return bp; -} -#endif /* HAVE_STRPTIME */ - KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_string_to_salttype(string, salttypep) char FAR * string; @@ -344,79 +95,6 @@ krb5_string_to_salttype(string, salttypep) return((found) ? 0 : EINVAL); } -KRB5_DLLIMP krb5_error_code KRB5_CALLCONV -krb5_string_to_timestamp(string, timestampp) - char FAR * string; - krb5_timestamp FAR * timestampp; -{ - int i; - struct tm timebuf; - time_t now, ret_time; - char *s; - - now = time((time_t *) NULL); - for (i=0; i= 0) - days = svalues[deltat_table[i].dt_dindex]; - if (deltat_table[i].dt_hindex >= 0) - hours = svalues[deltat_table[i].dt_hindex]; - if (deltat_table[i].dt_mindex >= 0) - minutes = svalues[deltat_table[i].dt_mindex]; - if (deltat_table[i].dt_sindex >= 0) - seconds = svalues[deltat_table[i].dt_sindex]; - found = 1; - break; - } - } - if (found) { - dt = days; - dt *= 24; - dt += hours; - dt *= 60; - dt += minutes; - dt *= 60; - dt += seconds; - *deltatp = dt; - } - return((found) ? 0 : EINVAL); -} - /* * Internal datatype to string routines. * @@ -449,6 +127,69 @@ krb5_salttype_to_string(salttype, buffer, buflen) else return(EINVAL); } + +/* (absolute) time conversions */ + +#ifndef HAVE_STRFTIME +#undef strftime +#define strftime my_strftime +static size_t strftime (char *, size_t, const char *, const struct tm *); +#endif + +#ifndef HAVE_STRPTIME +#undef strptime +#define strptime my_strptime +static char *strptime (const char *, const char *, struct tm *); +#endif + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_string_to_timestamp(string, timestampp) + char FAR * string; + krb5_timestamp FAR * timestampp; +{ + int i; + struct tm timebuf; + time_t now, ret_time; + char *s; + static const char * const atime_format_table[] = { + "%Y%m%d%H%M%S", /* yyyymmddhhmmss */ + "%Y.%m.%d.%H.%M.%S", /* yyyy.mm.dd.hh.mm.ss */ + "%y%m%d%H%M%S", /* yymmddhhmmss */ + "%y.%m.%d.%H.%M.%S", /* yy.mm.dd.hh.mm.ss */ + "%y%m%d%H%M", /* yymmddhhmm */ + "%H%M%S", /* hhmmss */ + "%H%M", /* hhmm */ + "%T", /* hh:mm:ss */ + "%R", /* hh:mm */ + /* The following not really supported unless native strptime present */ + "%x:%X", /* locale-dependent short format */ + "%d-%b-%Y:%T", /* dd-month-yyyy:hh:mm:ss */ + "%d-%b-%Y:%R" /* dd-month-yyyy:hh:mm */ + }; + static const int atime_format_table_nents = + sizeof(atime_format_table)/sizeof(atime_format_table[0]); + + + now = time((time_t *) NULL); + for (i=0; i= buflen) - return ENOMEM; - strcpy(buffer, cp); - /* ctime returns \n\0 */ - buffer[strlen(buffer)-1] = '\0'; - return(0); -#endif /* HAVE_STRFTIME */ } KRB5_DLLIMP krb5_error_code KRB5_CALLCONV @@ -487,20 +216,29 @@ krb5_timestamp_to_sfstring(timestamp, buffer, buflen, pad) struct tm *tmp; size_t i; size_t ndone; + time_t timestamp2 = timestamp; - tmp = localtime((time_t *) ×tamp); + static const char * const sftime_format_table[] = { + "%c", /* Default locale-dependent date and time */ + "%d %b %Y %T", /* dd mon yyyy hh:mm:ss */ + "%x %X", /* locale-dependent short format */ + "%d/%m/%Y %R" /* dd/mm/yyyy hh:mm */ + }; + static const int sftime_format_table_nents = + sizeof(sftime_format_table)/sizeof(sftime_format_table[0]); + + tmp = localtime(×tamp2); ndone = 0; -#if HAVE_STRFTIME for (i=0; i= sftime_default_len) { - sprintf(buffer, sftime_default_fmt, + sprintf(buffer, "%02d/%02d/%4d %02d:%02d", tmp->tm_mday, tmp->tm_mon+1, 1900+tmp->tm_year, - tmp->tm_hour, tmp->tm_min, tmp->tm_sec); + tmp->tm_hour, tmp->tm_min); ndone = strlen(buffer); } } @@ -511,6 +249,10 @@ krb5_timestamp_to_sfstring(timestamp, buffer, buflen, pad) } return((ndone) ? 0 : ENOMEM); } + +/* relative time (delta-t) conversions */ + +/* string->deltat is in deltat.y */ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_deltat_to_string(deltat, buffer, buflen) @@ -520,38 +262,101 @@ krb5_deltat_to_string(deltat, buffer, buflen) { int days, hours, minutes, seconds; krb5_deltat dt; - krb5_error_code retval; - days = (int) (deltat / (24*3600l)); - dt = deltat % (24*3600l); + /* + * We want something like ceil(log10(2**(nbits-1))) + 1. That log + * value is log10(2)*(nbits-1) or log10(2**8)*(nbits-1)/8. So, + * 2.4... is log10(256), rounded up. Add one to handle leading + * minus, and one more to force int cast to round the value up. + * This doesn't include room for a trailing nul. + * + * This will break if bytes are more than 8 bits. + */ +#define MAX_CHARS_FOR_INT_TYPE(TYPE) ((int) (2 + 2.408241 * sizeof (TYPE))) + char tmpbuf[MAX_CHARS_FOR_INT_TYPE(int) * 4 + 8]; + + days = (int) (deltat / (24*3600L)); + dt = deltat % (24*3600L); hours = (int) (dt / 3600); dt %= 3600; minutes = (int) (dt / 60); seconds = (int) (dt % 60); - retval = 0; - if (days) { - if (hours || minutes || seconds) { - if (buflen < (strlen(dt_output_dhms)+strlen(dt_day_plural))) - retval = ENOMEM; - else - sprintf(buffer, dt_output_dhms, days, - (days > 1) ? dt_day_plural : dt_day_singular, - hours, minutes, seconds); - } - else { - if (buflen < (strlen(dt_output_donly)+strlen(dt_day_plural))) - retval = ENOMEM; - else - sprintf(buffer, dt_output_donly, days, - (days > 1) ? dt_day_plural : dt_day_singular); - } - } - else { - if (buflen < strlen(dt_output_hms)) - retval = ENOMEM; - else - sprintf(buffer, dt_output_hms, hours, minutes, seconds); - } - return(retval); + memset (tmpbuf, 0, sizeof (tmpbuf)); + if (days == 0) + sprintf(buffer, "%d:%02d:%02d", hours, minutes, seconds); + else if (hours || minutes || seconds) + sprintf(buffer, "%d %s %02d:%02d:%02d", days, + (days > 1) ? "days" : "day", + hours, minutes, seconds); + else + sprintf(buffer, "%d %s", days, + (days > 1) ? "days" : "day"); + if (tmpbuf[sizeof(tmpbuf)-1] != 0) + /* Something must be very wrong with my math above, or the + assumptions going into it... */ + abort (); + if (strlen (tmpbuf) > buflen) + return ENOMEM; + else + strncpy (buffer, tmpbuf, buflen); + return 0; } + +#undef __P +#define __P(X) X + +#if !defined (HAVE_STRFTIME) || !defined (HAVE_STRPTIME) +#undef _CurrentTimeLocale +#define _CurrentTimeLocale (&dummy_locale_info) + +struct dummy_locale_info_t { + char d_t_fmt[15]; + char t_fmt_ampm[12]; + char t_fmt[9]; + char d_fmt[9]; + char day[7][10]; + char abday[7][4]; + char mon[12][10]; + char abmon[12][4]; + char am_pm[2][3]; +}; +static const struct dummy_locale_info_t dummy_locale_info = { + "%a %b %d %X %Y", /* %c */ + "%I:%M:%S %p", /* %r */ + "%H:%M:%S", /* %X */ + "%m/%d/%y", /* %x */ + { "Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", + "Saturday" }, + { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" }, + { "January", "February", "March", "April", "May", "June", + "July", "August", "September", "October", "November", "December" }, + { "Jan", "Feb", "Mar", "Apr", "May", "Jun", + "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" }, + { "AM", "PM" }, +}; +#undef TM_YEAR_BASE +#define TM_YEAR_BASE 1900 +#endif + +#ifndef HAVE_STRFTIME +#undef DAYSPERLYEAR +#define DAYSPERLYEAR 366 +#undef DAYSPERNYEAR +#define DAYSPERNYEAR 365 +#undef DAYSPERWEEK +#define DAYSPERWEEK 7 +#undef isleap +#define isleap(N) ((N % 4) == 0 && (N % 100 != 0 || N % 400 == 0)) +#undef tzname +#define tzname my_tzname +static const char *const tzname[2] = { 0, 0 }; +#undef tzset +#define tzset() + +#include "strftime.c" +#endif + +#ifndef HAVE_STRPTIME +#include "strptime.c" +#endif diff --git a/src/lib/krb5/krb/strftime.c b/src/lib/krb5/krb/strftime.c new file mode 100644 index 000000000..f2a5cb719 --- /dev/null +++ b/src/lib/krb5/krb/strftime.c @@ -0,0 +1,415 @@ +/* $NetBSD: strftime.c,v 1.8 1999/02/07 17:33:30 augustss Exp $ */ + +/* + * Copyright (c) 1989 The Regents of the University of California. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +#if 0 +static char *sccsid = "@(#)strftime.c 5.11 (Berkeley) 2/24/91"; +#else +__RCSID("$NetBSD: strftime.c,v 1.8 1999/02/07 17:33:30 augustss Exp $"); +#endif +#endif /* LIBC_SCCS and not lint */ + +#include +#include + +static int _add __P((const char *, char **, const char *)); +static int _conv __P((int, int, int, char **, const char *)); +static int _secs __P((const struct tm *, char **, const char *)); +static size_t _fmt __P((const char *, const struct tm *, char **, + const char *)); + +static size_t +strftime(s, maxsize, format, t) + char *s; + size_t maxsize; + const char *format; + const struct tm *t; +{ + char *pt; + + tzset(); + if (maxsize < 1) + return (0); + + pt = s; + if (_fmt(format, t, &pt, s + maxsize)) { + *pt = '\0'; + return (pt - s); + } else + return (0); +} + +#define SUN_WEEK(t) (((t)->tm_yday + 7 - \ + ((t)->tm_wday)) / 7) +#define MON_WEEK(t) (((t)->tm_yday + 7 - \ + ((t)->tm_wday ? (t)->tm_wday - 1 : 6)) / 7) + +static size_t +_fmt(format, t, pt, ptlim) + const char *format; + const struct tm *t; + char **pt; + const char * const ptlim; +{ + for (; *format; ++format) { + if (*format == '%') { + ++format; + if (*format == 'E') { + /* Alternate Era */ + ++format; + } else if (*format == 'O') { + /* Alternate numeric symbols */ + ++format; + } + switch (*format) { + case '\0': + --format; + break; + case 'A': + if (t->tm_wday < 0 || t->tm_wday > 6) + return (0); + if (!_add(_CurrentTimeLocale->day[t->tm_wday], + pt, ptlim)) + return (0); + continue; + + case 'a': + if (t->tm_wday < 0 || t->tm_wday > 6) + return (0); + if (!_add(_CurrentTimeLocale->abday[t->tm_wday], + pt, ptlim)) + return (0); + continue; + case 'B': + if (t->tm_mon < 0 || t->tm_mon > 11) + return (0); + if (!_add(_CurrentTimeLocale->mon[t->tm_mon], + pt, ptlim)) + return (0); + continue; + case 'b': + case 'h': + if (t->tm_mon < 0 || t->tm_mon > 11) + return (0); + if (!_add(_CurrentTimeLocale->abmon[t->tm_mon], + pt, ptlim)) + return (0); + continue; + case 'C': + if (!_conv((t->tm_year + TM_YEAR_BASE) / 100, + 2, '0', pt, ptlim)) + return (0); + continue; + case 'c': + if (!_fmt(_CurrentTimeLocale->d_t_fmt, t, pt, + ptlim)) + return (0); + continue; + case 'D': + if (!_fmt("%m/%d/%y", t, pt, ptlim)) + return (0); + continue; + case 'd': + if (!_conv(t->tm_mday, 2, '0', pt, ptlim)) + return (0); + continue; + case 'e': + if (!_conv(t->tm_mday, 2, ' ', pt, ptlim)) + return (0); + continue; + case 'H': + if (!_conv(t->tm_hour, 2, '0', pt, ptlim)) + return (0); + continue; + case 'I': + if (!_conv(t->tm_hour % 12 ? + t->tm_hour % 12 : 12, 2, '0', pt, ptlim)) + return (0); + continue; + case 'j': + if (!_conv(t->tm_yday + 1, 3, '0', pt, ptlim)) + return (0); + continue; + case 'k': + if (!_conv(t->tm_hour, 2, ' ', pt, ptlim)) + return (0); + continue; + case 'l': + if (!_conv(t->tm_hour % 12 ? + t->tm_hour % 12: 12, 2, ' ', pt, ptlim)) + return (0); + continue; + case 'M': + if (!_conv(t->tm_min, 2, '0', pt, ptlim)) + return (0); + continue; + case 'm': + if (!_conv(t->tm_mon + 1, 2, '0', pt, ptlim)) + return (0); + continue; + case 'n': + if (!_add("\n", pt, ptlim)) + return (0); + continue; + case 'p': + if (!_add(_CurrentTimeLocale->am_pm[t->tm_hour + >= 12], pt, ptlim)) + return (0); + continue; + case 'R': + if (!_fmt("%H:%M", t, pt, ptlim)) + return (0); + continue; + case 'r': + if (!_fmt(_CurrentTimeLocale->t_fmt_ampm, t, pt, + ptlim)) + return (0); + continue; + case 'S': + if (!_conv(t->tm_sec, 2, '0', pt, ptlim)) + return (0); + continue; + case 's': + if (!_secs(t, pt, ptlim)) + return (0); + continue; + case 'T': + if (!_fmt("%H:%M:%S", t, pt, ptlim)) + return (0); + continue; + case 't': + if (!_add("\t", pt, ptlim)) + return (0); + continue; + case 'U': + if (!_conv(SUN_WEEK(t), 2, '0', pt, ptlim)) + return (0); + continue; + case 'u': + if (!_conv(t->tm_wday ? t->tm_wday : 7, 1, '0', + pt, ptlim)) + return (0); + continue; + case 'V': /* ISO 8601 week number */ + case 'G': /* ISO 8601 year (four digits) */ + case 'g': /* ISO 8601 year (two digits) */ +/* +** From Arnold Robbins' strftime version 3.0: "the week number of the +** year (the first Monday as the first day of week 1) as a decimal number +** (01-53)." +** (ado, 1993-05-24) +** +** From "http://www.ft.uni-erlangen.de/~mskuhn/iso-time.html" by Markus Kuhn: +** "Week 01 of a year is per definition the first week which has the +** Thursday in this year, which is equivalent to the week which contains +** the fourth day of January. In other words, the first week of a new year +** is the week which has the majority of its days in the new year. Week 01 +** might also contain days from the previous year and the week before week +** 01 of a year is the last week (52 or 53) of the previous year even if +** it contains days from the new year. A week starts with Monday (day 1) +** and ends with Sunday (day 7). For example, the first week of the year +** 1997 lasts from 1996-12-30 to 1997-01-05..." +** (ado, 1996-01-02) +*/ + { + int year; + int yday; + int wday; + int w; + + year = t->tm_year + TM_YEAR_BASE; + yday = t->tm_yday; + wday = t->tm_wday; + for ( ; ; ) { + int len; + int bot; + int top; + + len = isleap(year) ? + DAYSPERLYEAR : + DAYSPERNYEAR; + /* + ** What yday (-3 ... 3) does + ** the ISO year begin on? + */ + bot = ((yday + 11 - wday) % + DAYSPERWEEK) - 3; + /* + ** What yday does the NEXT + ** ISO year begin on? + */ + top = bot - + (len % DAYSPERWEEK); + if (top < -3) + top += DAYSPERWEEK; + top += len; + if (yday >= top) { + ++year; + w = 1; + break; + } + if (yday >= bot) { + w = 1 + ((yday - bot) / + DAYSPERWEEK); + break; + } + --year; + yday += isleap(year) ? + DAYSPERLYEAR : + DAYSPERNYEAR; + } +#ifdef XPG4_1994_04_09 + if ((w == 52 + && t->tm_mon == TM_JANUARY) + || (w == 1 + && t->tm_mon == TM_DECEMBER)) + w = 53; +#endif /* defined XPG4_1994_04_09 */ + if (*format == 'V') { + if (!_conv(w, 2, '0', + pt, ptlim)) + return (0); + } else if (*format == 'g') { + if (!_conv(year % 100, 2, '0', + pt, ptlim)) + return (0); + } else if (!_conv(year, 4, '0', + pt, ptlim)) + return (0); + } + continue; + case 'W': + if (!_conv(MON_WEEK(t), 2, '0', pt, ptlim)) + return (0); + continue; + case 'w': + if (!_conv(t->tm_wday, 1, '0', pt, ptlim)) + return (0); + continue; + case 'x': + if (!_fmt(_CurrentTimeLocale->d_fmt, t, pt, + ptlim)) + return (0); + continue; + case 'X': + if (!_fmt(_CurrentTimeLocale->t_fmt, t, pt, + ptlim)) + return (0); + continue; + case 'y': + if (!_conv((t->tm_year + TM_YEAR_BASE) % 100, + 2, '0', pt, ptlim)) + return (0); + continue; + case 'Y': + if (!_conv((t->tm_year + TM_YEAR_BASE), 4, '0', + pt, ptlim)) + return (0); + continue; + case 'Z': + if (tzname[t->tm_isdst ? 1 : 0] && + !_add(tzname[t->tm_isdst ? 1 : 0], pt, + ptlim)) + return (0); + continue; + case '%': + /* + * X311J/88-090 (4.12.3.5): if conversion char is + * undefined, behavior is undefined. Print out the + * character itself as printf(3) does. + */ + default: + break; + } + } + if (*pt == ptlim) + return (0); + *(*pt)++ = *format; + } + return (ptlim - *pt); +} + +static int +_secs(t, pt, ptlim) + const struct tm *t; + char **pt; + const char * const ptlim; +{ + char buf[15]; + time_t s; + char *p; + struct tm tmp; + + buf[sizeof (buf) - 1] = '\0'; + /* Make a copy, mktime(3) modifies the tm struct. */ + tmp = *t; + s = mktime(&tmp); + for (p = buf + sizeof(buf) - 2; s > 0 && p > buf; s /= 10) + *p-- = (char)(s % 10 + '0'); + return (_add(++p, pt, ptlim)); +} + +static int +_conv(n, digits, pad, pt, ptlim) + int n, digits; + int pad; + char **pt; + const char * const ptlim; +{ + char buf[10]; + char *p; + + buf[sizeof (buf) - 1] = '\0'; + for (p = buf + sizeof(buf) - 2; n > 0 && p > buf; n /= 10, --digits) + *p-- = n % 10 + '0'; + while (p > buf && digits-- > 0) + *p-- = pad; + return (_add(++p, pt, ptlim)); +} + +static int +_add(str, pt, ptlim) + const char *str; + char **pt; + const char * const ptlim; +{ + + for (;; ++(*pt)) { + if (*pt == ptlim) + return (0); + if ((**pt = *str++) == '\0') + return (1); + } +} diff --git a/src/lib/krb5/krb/strptime.c b/src/lib/krb5/krb/strptime.c new file mode 100644 index 000000000..ac52d5c22 --- /dev/null +++ b/src/lib/krb5/krb/strptime.c @@ -0,0 +1,386 @@ +/* $NetBSD: strptime.c,v 1.18 1999/04/29 02:58:30 tv Exp $ */ + +/*- + * Copyright (c) 1997, 1998 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code was contributed to The NetBSD Foundation by Klaus Klein. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the NetBSD + * Foundation, Inc. and its contributors. + * 4. Neither the name of The NetBSD Foundation nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +__RCSID("$NetBSD: strptime.c,v 1.18 1999/04/29 02:58:30 tv Exp $"); +#endif + +#include +#include +#include + +#undef _ctloc +#define _ctloc(x) _CurrentTimeLocale->x + +/* + * We do not implement alternate representations. However, we always + * check whether a given modifier is allowed for a certain conversion. + */ +#define ALT_E 0x01 +#define ALT_O 0x02 +#define LEGAL_ALT(x) { if (alt_format & ~(x)) return (0); } + + +static int conv_num __P((const char **, int *, int, int)); + + +static char * +strptime(buf, fmt, tm) + const char *buf, *fmt; + struct tm *tm; +{ + char c; + const char *bp; + size_t len = 0; + int alt_format, i, split_year = 0; + + bp = buf; + + while ((c = *fmt) != '\0') { + /* Clear `alternate' modifier prior to new conversion. */ + alt_format = 0; + + /* Eat up white-space. */ + if (isspace(c)) { + while (isspace(*bp)) + bp++; + + fmt++; + continue; + } + + if ((c = *fmt++) != '%') + goto literal; + + +again: switch (c = *fmt++) { + case '%': /* "%%" is converted to "%". */ +literal: + if (c != *bp++) + return (0); + break; + + /* + * "Alternative" modifiers. Just set the appropriate flag + * and start over again. + */ + case 'E': /* "%E?" alternative conversion modifier. */ + LEGAL_ALT(0); + alt_format |= ALT_E; + goto again; + + case 'O': /* "%O?" alternative conversion modifier. */ + LEGAL_ALT(0); + alt_format |= ALT_O; + goto again; + + /* + * "Complex" conversion rules, implemented through recursion. + */ + case 'c': /* Date and time, using the locale's format. */ + LEGAL_ALT(ALT_E); + if (!(bp = strptime(bp, _ctloc(d_t_fmt), tm))) + return (0); + break; + + case 'D': /* The date as "%m/%d/%y". */ + LEGAL_ALT(0); + if (!(bp = strptime(bp, "%m/%d/%y", tm))) + return (0); + break; + + case 'R': /* The time as "%H:%M". */ + LEGAL_ALT(0); + if (!(bp = strptime(bp, "%H:%M", tm))) + return (0); + break; + + case 'r': /* The time in 12-hour clock representation. */ + LEGAL_ALT(0); + if (!(bp = strptime(bp, _ctloc(t_fmt_ampm), tm))) + return (0); + break; + + case 'T': /* The time as "%H:%M:%S". */ + LEGAL_ALT(0); + if (!(bp = strptime(bp, "%H:%M:%S", tm))) + return (0); + break; + + case 'X': /* The time, using the locale's format. */ + LEGAL_ALT(ALT_E); + if (!(bp = strptime(bp, _ctloc(t_fmt), tm))) + return (0); + break; + + case 'x': /* The date, using the locale's format. */ + LEGAL_ALT(ALT_E); + if (!(bp = strptime(bp, _ctloc(d_fmt), tm))) + return (0); + break; + + /* + * "Elementary" conversion rules. + */ + case 'A': /* The day of week, using the locale's form. */ + case 'a': + LEGAL_ALT(0); + for (i = 0; i < 7; i++) { + /* Full name. */ + len = strlen(_ctloc(day[i])); + if (strncasecmp(_ctloc(day[i]), bp, len) == 0) + break; + + /* Abbreviated name. */ + len = strlen(_ctloc(abday[i])); + if (strncasecmp(_ctloc(abday[i]), bp, len) == 0) + break; + } + + /* Nothing matched. */ + if (i == 7) + return (0); + + tm->tm_wday = i; + bp += len; + break; + + case 'B': /* The month, using the locale's form. */ + case 'b': + case 'h': + LEGAL_ALT(0); + for (i = 0; i < 12; i++) { + /* Full name. */ + len = strlen(_ctloc(mon[i])); + if (strncasecmp(_ctloc(mon[i]), bp, len) == 0) + break; + + /* Abbreviated name. */ + len = strlen(_ctloc(abmon[i])); + if (strncasecmp(_ctloc(abmon[i]), bp, len) == 0) + break; + } + + /* Nothing matched. */ + if (i == 12) + return (0); + + tm->tm_mon = i; + bp += len; + break; + + case 'C': /* The century number. */ + LEGAL_ALT(ALT_E); + if (!(conv_num(&bp, &i, 0, 99))) + return (0); + + if (split_year) { + tm->tm_year = (tm->tm_year % 100) + (i * 100); + } else { + tm->tm_year = i * 100; + split_year = 1; + } + break; + + case 'd': /* The day of month. */ + case 'e': + LEGAL_ALT(ALT_O); + if (!(conv_num(&bp, &tm->tm_mday, 1, 31))) + return (0); + break; + + case 'k': /* The hour (24-hour clock representation). */ + LEGAL_ALT(0); + /* FALLTHROUGH */ + case 'H': + LEGAL_ALT(ALT_O); + if (!(conv_num(&bp, &tm->tm_hour, 0, 23))) + return (0); + break; + + case 'l': /* The hour (12-hour clock representation). */ + LEGAL_ALT(0); + /* FALLTHROUGH */ + case 'I': + LEGAL_ALT(ALT_O); + if (!(conv_num(&bp, &tm->tm_hour, 1, 12))) + return (0); + if (tm->tm_hour == 12) + tm->tm_hour = 0; + break; + + case 'j': /* The day of year. */ + LEGAL_ALT(0); + if (!(conv_num(&bp, &i, 1, 366))) + return (0); + tm->tm_yday = i - 1; + break; + + case 'M': /* The minute. */ + LEGAL_ALT(ALT_O); + if (!(conv_num(&bp, &tm->tm_min, 0, 59))) + return (0); + break; + + case 'm': /* The month. */ + LEGAL_ALT(ALT_O); + if (!(conv_num(&bp, &i, 1, 12))) + return (0); + tm->tm_mon = i - 1; + break; + + case 'p': /* The locale's equivalent of AM/PM. */ + LEGAL_ALT(0); + /* AM? */ + if (strcasecmp(_ctloc(am_pm[0]), bp) == 0) { + if (tm->tm_hour > 11) + return (0); + + bp += strlen(_ctloc(am_pm[0])); + break; + } + /* PM? */ + else if (strcasecmp(_ctloc(am_pm[1]), bp) == 0) { + if (tm->tm_hour > 11) + return (0); + + tm->tm_hour += 12; + bp += strlen(_ctloc(am_pm[1])); + break; + } + + /* Nothing matched. */ + return (0); + + case 'S': /* The seconds. */ + LEGAL_ALT(ALT_O); + if (!(conv_num(&bp, &tm->tm_sec, 0, 61))) + return (0); + break; + + case 'U': /* The week of year, beginning on sunday. */ + case 'W': /* The week of year, beginning on monday. */ + LEGAL_ALT(ALT_O); + /* + * XXX This is bogus, as we can not assume any valid + * information present in the tm structure at this + * point to calculate a real value, so just check the + * range for now. + */ + if (!(conv_num(&bp, &i, 0, 53))) + return (0); + break; + + case 'w': /* The day of week, beginning on sunday. */ + LEGAL_ALT(ALT_O); + if (!(conv_num(&bp, &tm->tm_wday, 0, 6))) + return (0); + break; + + case 'Y': /* The year. */ + LEGAL_ALT(ALT_E); + if (!(conv_num(&bp, &i, 0, 9999))) + return (0); + + tm->tm_year = i - TM_YEAR_BASE; + break; + + case 'y': /* The year within 100 years of the epoch. */ + LEGAL_ALT(ALT_E | ALT_O); + if (!(conv_num(&bp, &i, 0, 99))) + return (0); + + if (split_year) { + tm->tm_year = ((tm->tm_year / 100) * 100) + i; + break; + } + split_year = 1; + if (i <= 68) + tm->tm_year = i + 2000 - TM_YEAR_BASE; + else + tm->tm_year = i + 1900 - TM_YEAR_BASE; + break; + + /* + * Miscellaneous conversions. + */ + case 'n': /* Any kind of white-space. */ + case 't': + LEGAL_ALT(0); + while (isspace(*bp)) + bp++; + break; + + + default: /* Unknown/unsupported conversion. */ + return (0); + } + + + } + + /* LINTED functional specification */ + return ((char *)bp); +} + + +static int +conv_num(buf, dest, llim, ulim) + const char **buf; + int *dest; + int llim, ulim; +{ + int result = 0; + + /* The limit also determines the number of valid digits. */ + int rulim = ulim; + + if (**buf < '0' || **buf > '9') + return (0); + + do { + result *= 10; + result += *(*buf)++ - '0'; + rulim /= 10; + } while ((result * 10 <= ulim) && rulim && **buf >= '0' && **buf <= '9'); + + if (result < llim || result > ulim) + return (0); + + *dest = result; + return (1); +} diff --git a/src/lib/krb5/krb/t_deltat.c b/src/lib/krb5/krb/t_deltat.c new file mode 100644 index 000000000..fc09c570b --- /dev/null +++ b/src/lib/krb5/krb/t_deltat.c @@ -0,0 +1,102 @@ +/* + * lib/krb5/krb/t_deltat.c + * + * Copyright 1999 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + */ + +#include "k5-int.h" + +int +main () +{ + struct { + char *string; + krb5_deltat expected; + int is_error; +#define GOOD(STR,VAL) { STR, VAL, 0 } +#define BAD(STR) { STR, 0, 1 } +#define DAY (24 * 3600) +#define HOUR 3600 +#define MIN 60 + } values[] = { + /* d-h-m-s patterns */ + GOOD ("3d", 3*DAY), + GOOD ("3h", 3*HOUR), + GOOD ("3m", 3*MIN), + GOOD ("3s", 3), + BAD ("3dd"), + GOOD ("3d4m 42s", 3 * DAY + 4 * MIN + 42), + GOOD ("3d-1h", 3 * DAY - 1 * HOUR), + GOOD ("3d -1h", 3 * DAY - HOUR), + GOOD ("3d4h5m6s", 3 * DAY + 4 * HOUR + 5 * MIN + 6), + BAD ("3d4m5h"), + GOOD ("12345s", 12345), + GOOD ("1m 12345s", MIN + 12345), + GOOD ("1m12345s", MIN + 12345), + GOOD ("3d 0m", 3 * DAY), + GOOD ("3d 0m ", 3 * DAY), + GOOD ("3d \n\t 0m ", 3 * DAY), + /* colon patterns */ + GOOD ("42-13:42:47", 42 * DAY + 13 * HOUR + 42 * MIN + 47), + BAD ("3: 4"), + BAD ("13:0003"), + GOOD ("12:34", 12 * HOUR + 34 * MIN), + GOOD ("1:02:03", 1 * HOUR + 2 * MIN + 3), + BAD ("3:-4"), + /* XX We might want to require exactly two digits after a colon? */ + GOOD ("3:4", 3 * HOUR + 4 * MIN), + /* misc */ + BAD ("42"), + BAD ("1-2"), + }; + int fail = 0; + int i; + + for (i = 0; i < sizeof(values)/sizeof(values[0]); i++) { + krb5_deltat result; + krb5_error_code code; + + code = krb5_string_to_deltat (values[i].string, &result); + if (code && !values[i].is_error) { + fprintf (stderr, "unexpected error for `%s'\n", values[i].string); + fail++; + } else if (!code && values[i].is_error) { + fprintf (stderr, "expected but didn't get error for `%s'\n", + values[i].string); + fail++; + } else if (code && values[i].is_error) { + /* do nothing */ + } else if (result != values[i].expected) { + fprintf (stderr, "got %ld instead of expected %ld for `%s'\n", + (long) result, (long) values[i].expected, + values[i].string); + fail++; + } + } + if (fail == 0) + printf ("Passed all %d tests.\n", i); + else + printf ("Failed %d of %d tests.\n", fail, i); + return fail; +} diff --git a/src/lib/krb5/krb/t_ref_kerb.out b/src/lib/krb5/krb/t_ref_kerb.out index 576a0e0e6..942394453 100644 --- a/src/lib/krb5/krb/t_ref_kerb.out +++ b/src/lib/krb5/krb/t_ref_kerb.out @@ -12,6 +12,6 @@ parsed (and unparsed) principal(\/slash/\@atsign/octa\/thorpe@\/slash\@at\/sign) 425_converted principal(rcmd, lithium, ATHENA.MIT.EDU): 'host/lithium.lcs.mit.edu@ATHENA.MIT.EDU' 425_converted principal(rcmd, tweedledumb, CYGNUS.COM): 'host/tweedledumb.cygnus.com@CYGNUS.COM' 425_converted principal(rcmd, uunet, UU.NET): 'host/uunet.uu.net@UU.NET' -425_converted principal(zephyr, zephyr, ATHENA.MIT.EDU): 'zephyr/zephyr.mit.edu@ATHENA.MIT.EDU' +425_converted principal(zephyr, zephyr, ATHENA.MIT.EDU): 'zephyr/zephyr@ATHENA.MIT.EDU' 425_converted principal(kadmin, ATHENA.MIT.EDU, ATHENA.MIT.EDU): 'kadmin/ATHENA.MIT.EDU@ATHENA.MIT.EDU' old principal: marc@MIT.EDU, modified principal: marc@CYGNUS.COM diff --git a/src/lib/krb5/krb/t_ser.c b/src/lib/krb5/krb/t_ser.c index 4ca3b5399..19cff73c5 100644 --- a/src/lib/krb5/krb/t_ser.c +++ b/src/lib/krb5/krb/t_ser.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -167,8 +170,10 @@ ser_data(verbose, msg, ctx, dtype) krb5_encrypt_block *eblock; eblock = (krb5_encrypt_block *) nctx; +#if 0 if (eblock->priv && eblock->priv_size) krb5_xfree(eblock->priv); +#endif if (eblock->key) krb5_free_keyblock(ser_ctx, eblock->key); krb5_xfree(eblock); @@ -525,8 +530,10 @@ ser_eblock_test(kcontext, verbose) krb5_use_enctype(kcontext, &eblock, DEFAULT_KDC_ENCTYPE); if (!(kret = ser_data(verbose, "> NULL eblock", (krb5_pointer) &eblock, KV5M_ENCRYPT_BLOCK))) { +#if 0 eblock.priv = (krb5_pointer) stuff; eblock.priv_size = 8; +#endif if (!(kret = ser_data(verbose, "> eblock with private data", (krb5_pointer) &eblock, KV5M_ENCRYPT_BLOCK))) { @@ -676,9 +683,11 @@ main(argc, argv) case 'C': do_ctest = 1; break; +#if 0 case 'E': do_etest = 1; break; +#endif case 'K': do_ktest = 1; break; @@ -737,12 +746,14 @@ main(argc, argv) if (kret) goto fail; } +#if 0 /* code to be tested is currently disabled */ if (do_etest) { ch_err = 'e'; kret = ser_eblock_test(kcontext, verbose); if (kret) goto fail; } +#endif if (do_ptest) { ch_err = 'p'; kret = ser_princ_test(kcontext, verbose); diff --git a/src/lib/krb5/krb/tgtname.c b/src/lib/krb5/krb/tgtname.c index 5db4d986d..2f7168656 100644 --- a/src/lib/krb5/krb/tgtname.c +++ b/src/lib/krb5/krb/tgtname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/unparse.c b/src/lib/krb5/krb/unparse.c index 1f0c79110..f7df6ab7d 100644 --- a/src/lib/krb5/krb/unparse.c +++ b/src/lib/krb5/krb/unparse.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/valid_times.c b/src/lib/krb5/krb/valid_times.c index ed377d16b..f5d2def5e 100644 --- a/src/lib/krb5/krb/valid_times.c +++ b/src/lib/krb5/krb/valid_times.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/walk_rtree.c b/src/lib/krb5/krb/walk_rtree.c index f45dede3a..833ec6114 100644 --- a/src/lib/krb5/krb/walk_rtree.c +++ b/src/lib/krb5/krb/walk_rtree.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/krb/x-deltat.y b/src/lib/krb5/krb/x-deltat.y new file mode 100644 index 000000000..be53ce3c6 --- /dev/null +++ b/src/lib/krb5/krb/x-deltat.y @@ -0,0 +1,168 @@ +/* + * lib/krb5/krb/deltat.y + * + * Copyright 1999 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * krb5_string_to_deltat() + */ + +/* For a clean, thread-safe interface, we must use the "pure parser" + facility of GNU Bison. Unfortunately, standard YACC has no such + option. */ + +/* N.B.: For simplicity in dealing with the distribution, the + Makefile.in listing for deltat.c does *not* normally list this + file. If you change this file, tweak the Makefile so it'll rebuild + deltat.c, or do it manually. */ +%{ + +#include +#include +#include "k5-int.h" + +struct param { + krb5_deltat delta; + char *p; +}; + +#define YYPARSE_PARAM tmv + +#define DO(D,H,M,S) \ + { \ + ((struct param *)tmv)->delta = (((D * 24) + H) * 60 + M) * 60 + S; \ + } + +static int mylex (int *, char **); +#define YYLEX_PARAM (&((struct param *)tmv)->p) +#undef yylex +#define yylex(U, P) mylex (&(U)->val, (P)) + +#undef yyerror +#define yyerror(MSG) + +static int yyparse (void *); + +%} + +%pure_parser + +%union { int val; } + +%token NUM LONGNUM +%token '-' ':' 'd' 'h' 'm' 's' WS + +%type num opt_hms opt_ms opt_s wsnum posnum + +%start start + +%% + +start: deltat ; +posnum: NUM | LONGNUM ; +num: posnum | '-' posnum { $$ = - $2; } ; +ws: /* nothing */ | WS ; +wsnum: ws num { $$ = $2; }; +deltat: + wsnum 'd' opt_hms { DO ($1, 0, 0, $3); } + | wsnum 'h' opt_ms { DO ( 0, $1, 0, $3); } + | wsnum 'm' opt_s { DO ( 0, 0, $1, $3); } + | wsnum 's' { DO ( 0, 0, 0, $1); } + | wsnum '-' NUM ':' NUM ':' NUM { DO ($1, $3, $5, $7); } + | wsnum ':' NUM ':' NUM { DO ( 0, $1, $3, $5); } + | wsnum ':' NUM { DO ( 0, $1, $3, 0); } + ; + +opt_hms: + opt_ms + | wsnum 'h' opt_ms { $$ = $1 * 3600 + $3; }; +opt_ms: + opt_s + | wsnum 'm' opt_s { $$ = $1 * 60 + $3; }; +opt_s: + ws { $$ = 0; } + | wsnum 's' ; + +%% + +static int +mylex (int *intp, char **pp) +{ + int num, c; +#define P (*pp) + char *orig_p = P; + +#ifdef isascii + if (!isascii (*P)) + return 0; +#endif + switch (c = *P++) { + case '-': + case ':': + case 'd': + case 'h': + case 'm': + case 's': + return c; + case '0': + case '1': + case '2': + case '3': + case '4': + case '5': + case '6': + case '7': + case '8': + case '9': + /* XXX assumes ASCII */ + num = c - '0'; + while (isdigit (*P)) { + num *= 10; + num += *P++ - '0'; + } + *intp = num; + return (P - orig_p > 2) ? LONGNUM : NUM; + case ' ': + case '\t': + case '\n': + while (isspace (*P)) + P++; + return WS; + default: + return YYEOF; + } +} + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_string_to_deltat(string, deltatp) + char FAR * string; + krb5_deltat FAR * deltatp; +{ + struct param p; + p.delta = 0; + p.p = string; + if (yyparse (&p)) + return EINVAL; + *deltatp = p.delta; + return 0; +} diff --git a/src/lib/krb5/os/ChangeLog b/src/lib/krb5/os/ChangeLog index 1cd8f2cbe..957aadb77 100644 --- a/src/lib/krb5/os/ChangeLog +++ b/src/lib/krb5/os/ChangeLog @@ -1,3 +1,108 @@ +2000-04-28 Nalin Dahyabhai + + * kuserok.c (krb5_kuserok): Don't overflow buffer "pbuf". + +1999-12-03 Danilo Almeida + + * changepw.c: Define ETIMEDOUT for Windows. + +1999-12-01 Ken Raeburn + + * init_os_ctx.c (krb5_secure_config_files): Do define; always + return an error, but perform old functionality in case the error + is ignored. Delete when we can make a major version number + change. + +1999-11-23 Ken Raeburn + + * an_to_ln.c (default_an_to_ln): Avoid stomping byte after + supplied buffer. Thanks to Matt Crawford. + + * init_os_ctx.c (os_init_paths): Delete SECURE argument; read the + value from the profile structure instead. + (krb5_os_init_context, krb5_get_profile): Don't pass SECURE + argument. + (os_init_paths, krb5_get_profile): Cast first arg to + profile_init. + (krb5_secure_config_files): Don't define. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-10-22 Ken Raeburn + + * changepw.c (krb5_change_password): Wait only two minutes, not + indefinitely, for a response from the kpasswd server. + +1999-09-21 Ken Raeburn + + * changepw.c: Changes from Jeffrey Altman to look up kpasswd + server using DNS. Placed entirely under #ifdef KRB5_DNS_LOOKUP so + currently-MIT-supported functionality (i.e., no DNS) can't be + impacted; without KRB5_DNS_LOOKUP defined, old code is used + unchanged. + (krb5_locate_kpasswd): New function, split out from + krb5_change_password. Calls krb5_locate_srv_dns if use of DNS is + desired, and krb5_locate_srv_conf to check config file. + (krb5_change_password): Call it to find the server. + * locate_kdc.c (krb5_locate_srv_conf): No longer static. Choose + default port numbers based on service name rather than a single + hard-coded value. + (krb5_locate_srv_dns): No longer static. + +1999-09-17 Tom Yu + + * def_realm.c: Patch from jaltman@columbia.edu to allow compiling + under non-Windows platforms with DNS lookup enabled. + +1999-08-26 Danilo Almeida + + * kuserok.c (krb5_kuserok): Fix improper negation in + non-Unix localname check. Also fix calling convention + before this function is exported by the Windows DLL. + + * localaddr.c (krb5_os_localaddr): Fix memset to clear + right address list. (Thanks to jaltman@columbia.edu). + +1999-08-21 Danilo Almeida + + * localaddr.c (krb5_os_localaddr): Use multiple addresses, if + present, on Mac and Windows. + +1999-08-17 Ken Raeburn + + * get_krbhst.c (krb5_get_krbhst): Fix double-indirection + confusion. Do actually copy string contents to newly allocated + storage. + +1999-08-10 Alexandra Ellwood + + * changepw.c (krb5_change_password): + Reorganized code so that krb5_change_password actually frees + everything it allocated on error. Also fixed some memory + leaks which happened even without an error occurring. + +1999-08-09 Danilo Almeida + + * prompter.c (krb5_prompter_posix): Provide Win32 implementation + so that kinit and such work under Win32. + +1999-08-06 Danilo Almeida + + * def_realm.c (krb5_get_default_realm): + * hst_realm.c (krb5_get_host_realm): Make sure we have FQDN + in the case where we use gethostname. + + * def_realm.c (krb5_get_default_realm): Check that we have + a realm before trying to copy it (since profile_get_string + may return no error but not get anything). + + * init_os_ctx.c (krb5_get_profile): Fix calling convention. + 1999-08-05 Danilo Almeida * t_std_conf.c (test_get_krbhst): Use krb5_free_krbhst to diff --git a/src/lib/krb5/os/Makefile.in b/src/lib/krb5/os/Makefile.in index 21758dc28..09df5a13d 100644 --- a/src/lib/krb5/os/Makefile.in +++ b/src/lib/krb5/os/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/krb5/os mydir=os BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) KRB5_RUN_ENV = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/krb5/os/an_to_ln.c b/src/lib/krb5/os/an_to_ln.c index 39528d272..3c721fb87 100644 --- a/src/lib/krb5/os/an_to_ln.c +++ b/src/lib/krb5/os/an_to_ln.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -627,7 +630,7 @@ default_an_to_ln(context, aname, lnsize, lname) free(def_realm); strncpy(lname, krb5_princ_component(context, aname,0)->data, min(krb5_princ_component(context, aname,0)->length,lnsize)); - if (lnsize < krb5_princ_component(context, aname,0)->length ) { + if (lnsize <= krb5_princ_component(context, aname,0)->length ) { retval = KRB5_CONFIG_NOTENUFSPACE; } else { lname[krb5_princ_component(context, aname,0)->length] = '\0'; diff --git a/src/lib/krb5/os/c_ustime.c b/src/lib/krb5/os/c_ustime.c index 0ba0a6b2f..5f735871a 100644 --- a/src/lib/krb5/os/c_ustime.c +++ b/src/lib/krb5/os/c_ustime.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/ccdefname.c b/src/lib/krb5/os/ccdefname.c index 11713e724..b6eb4aea0 100644 --- a/src/lib/krb5/os/ccdefname.c +++ b/src/lib/krb5/os/ccdefname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/changepw.c b/src/lib/krb5/os/changepw.c index 779fc89a8..2e3f44601 100644 --- a/src/lib/krb5/os/changepw.c +++ b/src/lib/krb5/os/changepw.c @@ -1,7 +1,7 @@ /* * lib/krb5/os/changepw.c * - * Copyright 1990 by the Massachusetts Institute of Technology. + * Copyright 1990,1999 by the Massachusetts Institute of Technology. * All Rights Reserved. * * Export of this software from the United States of America may @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -40,8 +43,356 @@ #ifndef EHOSTUNREACH #define EHOSTUNREACH WSAEHOSTUNREACH #endif +#ifndef ETIMEDOUT +#define ETIMEDOUT WSAETIMEDOUT +#endif #endif /* _WIN32 && !__CYGWIN32__ */ +#ifdef KRB5_DNS_LOOKUP /* pbh says we can wrap this last-minute + addition and ignore testing it since it's + not part of what mit officially supports in + this release */ + +/* + * Wrapper function for the two backends + */ + +krb5_error_code +krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmasters); +#ifdef KRB5_DNS_LOOKUP +krb5_error_code krb5_locate_srv_dns(realm, service, protocol, addr_pp, naddrs); +#endif + +static krb5_error_code +krb5_locate_kpasswd(context, realm, addr_pp, naddrs, master_index, nmasters) + krb5_context context; + const krb5_data *realm; + struct sockaddr **addr_pp; + int *naddrs; + int *master_index; + int *nmasters; +{ + krb5_error_code code; +#ifdef KRB5_DNS_LOOKUP + struct sockaddr *admin_addr_p, *kdc_addr_p; + int nadmin_addrs, nkdc_addrs; + int i,j; +#endif /* KRB5_DNS_LOOKUP */ + + /* + * We always try the local file first + */ + + code = krb5_locate_srv_conf(context, realm, "kpasswd_server", addr_pp, naddrs, + master_index, nmasters); + if (code) { + code = krb5_locate_srv_conf(context, realm, "admin_server", addr_pp, naddrs, + master_index, nmasters); + if ( !code ) { + /* success with admin_server but now we need to change the port */ + /* number to use DEFAULT_KPASSWD_PORT. */ + for ( i=0;i<*naddrs;i++ ) { + struct sockaddr_in *sin = (struct sockaddr_in *) &addr_pp[i]; + sin->sin_port = htons(DEFAULT_KPASSWD_PORT); + } + } + } + +#ifdef KRB5_DNS_LOOKUP + if (code) { + int use_dns = _krb5_use_dns(context); + if ( use_dns ) { + code = krb5_locate_srv_dns(realm, "_kpasswd", "_udp", + addr_pp, naddrs); + if ( code ) { + code = krb5_locate_srv_dns(realm, + "_kerberos-adm", + "_tcp", + addr_pp, naddrs); + if ( !code ) { + /* success with admin_server but now we need to change the port */ + /* number to use DEFAULT_KPASSWD_PORT. */ + for ( i=0;i<*naddrs;i++ ) { + struct sockaddr_in *sin = (struct sockaddr_in *) &(*addr_pp)[i]; + sin->sin_port = htons(DEFAULT_KPASSWD_PORT); + } + } + } + if ( !code && master_index && nmasters ) { + *master_index = 1; + *nmasters = *naddrs; + } + } + } +#endif /* KRB5_DNS_LOOKUP */ + return (code); +} + + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_change_password(context, creds, newpw, result_code, + result_code_string, result_string) + krb5_context context; + krb5_creds *creds; + char *newpw; + int *result_code; + krb5_data *result_code_string; + krb5_data *result_string; +{ + krb5_auth_context auth_context; + krb5_data ap_req, chpw_req, chpw_rep; + krb5_address local_kaddr, remote_kaddr; + char *code_string; + krb5_error_code code = 0; + int i, addrlen; + struct sockaddr *addr_p, local_addr, remote_addr, tmp_addr; + int naddr_p; + int cc, local_result_code, tmp_len; + SOCKET s1 = INVALID_SOCKET, s2 = INVALID_SOCKET; + + + /* Initialize values so that cleanup call can safely check for NULL */ + auth_context = NULL; + addr_p = NULL; + memset(&chpw_req, 0, sizeof(krb5_data)); + memset(&chpw_rep, 0, sizeof(krb5_data)); + memset(&ap_req, 0, sizeof(krb5_data)); + + /* initialize auth_context so that we know we have to free it */ + if ((code = krb5_auth_con_init(context, &auth_context))) + goto cleanup; + + if (code = krb5_mk_req_extended(context, &auth_context, AP_OPTS_USE_SUBKEY, + NULL, creds, &ap_req)) + goto cleanup; + + if (code = krb5_locate_kpasswd(context, + krb5_princ_realm(context, creds->client), + &addr_p, &naddr_p,NULL,NULL)) + goto cleanup; + + /* this is really obscure. s1 is used for all communications. it + is left unconnected in case the server is multihomed and routes + are asymmetric. s2 is connected to resolve routes and get + addresses. this is the *only* way to get proper addresses for + multihomed hosts if routing is asymmetric. + + A related problem in the server, but not the client, is that + many os's have no way to disconnect a connected udp socket, so + the s2 socket needs to be closed and recreated for each + request. The s1 socket must not be closed, or else queued + requests will be lost. + + A "naive" client implementation (one socket, no connect, + hostname resolution to get the local ip addr) will work and + interoperate if the client is single-homed. */ + + if ((s1 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((s2 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + for (i=0; isin_addr.s_addr != 0) + { + local_kaddr.addrtype = ADDRTYPE_INET; + local_kaddr.length = sizeof(((struct sockaddr_in *) &local_addr)->sin_addr); + local_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &local_addr)->sin_addr); + } + else + { + krb5_address **addrs; + + krb5_os_localaddr(context, &addrs); + + local_kaddr.magic = addrs[0]->magic; + local_kaddr.addrtype = addrs[0]->addrtype; + local_kaddr.length = addrs[0]->length; + local_kaddr.contents = malloc(addrs[0]->length); + memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); + + krb5_free_addresses(context, addrs); + } + + addrlen = sizeof(remote_addr); + if (getpeername(s2, &remote_addr, &addrlen) < 0) + { + if ((SOCKET_ERRNO == ECONNREFUSED) || (SOCKET_ERRNO == EHOSTUNREACH)) + continue; /* try the next addr */ + + code = SOCKET_ERRNO; + goto cleanup; + } + + remote_kaddr.addrtype = ADDRTYPE_INET; + remote_kaddr.length = sizeof(((struct sockaddr_in *) &remote_addr)->sin_addr); + remote_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &remote_addr)->sin_addr); + + /* mk_priv requires that the local address be set. + getsockname is used for this. rd_priv requires that the + remote address be set. recvfrom is used for this. If + rd_priv is given a local address, and the message has the + recipient addr in it, this will be checked. However, there + is simply no way to know ahead of time what address the + message will be delivered *to*. Therefore, it is important + that either no recipient address is in the messages when + mk_priv is called, or that no local address is passed to + rd_priv. Both is a better idea, and I have done that. In + summary, when mk_priv is called, *only* a local address is + specified. when rd_priv is called, *only* a remote address + is specified. Are we having fun yet? */ + + if (code = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr, NULL)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if (code = krb5_mk_chpw_req(context, auth_context, &ap_req, newpw, &chpw_req)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((cc = sendto(s1, chpw_req.data, chpw_req.length, 0, + (struct sockaddr *) &addr_p[i], + sizeof(addr_p[i]))) != chpw_req.length) + { + if ((cc < 0) && ((SOCKET_ERRNO == ECONNREFUSED) || + (SOCKET_ERRNO == EHOSTUNREACH))) + continue; /* try the next addr */ + + code = (cc < 0) ? SOCKET_ERRNO : ECONNABORTED; + goto cleanup; + } + + chpw_rep.length = 1500; + chpw_rep.data = (char *) malloc(chpw_rep.length); + + /* XXX need a timeout/retry loop here */ + FD_ZERO (&fdset); + FD_SET (s1, &fdset); + timeout.tv_sec = 120; + timeout.tv_usec = 0; + switch (select (s1 + 1, &fdset, 0, 0, &timeout)) { + case -1: + code = SOCKET_ERRNO; + goto cleanup; + case 0: + code = ETIMEDOUT; + goto cleanup; + default: + /* fall through */ + ; + } + + /* "recv" would be good enough here... except that Windows/NT + commits the atrocity of returning -1 to indicate failure, + but leaving errno set to 0. + + "recvfrom(...,NULL,NULL)" would seem to be a good enough + alternative, and it works on NT, but it doesn't work on + SunOS 4.1.4 or Irix 5.3. Thus we must actually accept the + value and discard it. */ + tmp_len = sizeof(tmp_addr); + if ((cc = recvfrom(s1, chpw_rep.data, chpw_rep.length, 0, &tmp_addr, &tmp_len)) < 0) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + closesocket(s1); + s1 = INVALID_SOCKET; + closesocket(s2); + s2 = INVALID_SOCKET; + + chpw_rep.length = cc; + + if (code = krb5_auth_con_setaddrs(context, auth_context, NULL, &remote_kaddr)) + goto cleanup; + + if(code = krb5_rd_chpw_rep(context, auth_context, &chpw_rep, + &local_result_code, result_string)) + goto cleanup; + + if (result_code) + *result_code = local_result_code; + + if (result_code_string) + { + if (code = krb5_chpw_result_code_string(context, local_result_code, + &code_string)) + goto cleanup; + + result_code_string->length = strlen(code_string); + if ((result_code_string->data = + (char *) malloc(result_code_string->length)) == NULL) + return(ENOMEM); + strncpy(result_code_string->data, code_string, result_code_string->length); + } + + code = 0; + goto cleanup; + } + + code = SOCKET_ERRNO; + +cleanup: + if(auth_context != NULL) + krb5_auth_con_free(context, auth_context); + + if(addr_p != NULL) + krb5_xfree(addr_p); + + if(s1 != INVALID_SOCKET) + closesocket(s1); + + if(s2 != INVALID_SOCKET) + closesocket(s2); + + krb5_free_data_contents(context, &chpw_req); + krb5_free_data_contents(context, &chpw_rep); + krb5_free_data_contents(context, &ap_req); + + return(code); +} + +#else /* big KRB5_DNS_LOOKUP wrapper */ + KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_change_password(context, creds, newpw, result_code, result_code_string, result_string) @@ -57,8 +408,8 @@ krb5_change_password(context, creds, newpw, result_code, krb5_address local_kaddr, remote_kaddr; const char *realm_kdc_names[4]; int default_port; - char **hostlist, *host, *port, *cp, *code_string; - krb5_error_code code; + char **hostlist, *host, *tmphost, *port, *cp, *code_string; + krb5_error_code code = 0; int i, j, out, count, addrlen; struct sockaddr *addr_p, local_addr, remote_addr, tmp_addr; struct sockaddr_in *sin_p; @@ -68,17 +419,30 @@ krb5_change_password(context, creds, newpw, result_code, u_short udpport = htons(KRB5_DEFAULT_PORT); #endif int cc, local_result_code, tmp_len; - SOCKET s1, s2; + SOCKET s1 = INVALID_SOCKET, s2 = INVALID_SOCKET; + /* Initialize values so that cleanup call can safely check for NULL */ auth_context = NULL; - + addr_p = NULL; + host = NULL; + hostlist = NULL; + memset(&chpw_req, 0, sizeof(krb5_data)); + memset(&chpw_rep, 0, sizeof(krb5_data)); + memset(&ap_req, 0, sizeof(krb5_data)); + + /* initialize auth_context so that we know we have to free it */ + if ((code = krb5_auth_con_init(context, &auth_context))) + goto cleanup; + if (code = krb5_mk_req_extended(context, &auth_context, AP_OPTS_USE_SUBKEY, NULL, creds, &ap_req)) - return(code); + goto cleanup; - if ((host = malloc(krb5_princ_realm(context, creds->client)->length + 1)) - == NULL) - return ENOMEM; + if ((host = malloc(krb5_princ_realm(context, creds->client)->length + 1)) == NULL) + { + code = ENOMEM; + goto cleanup; + } strncpy(host, krb5_princ_realm(context, creds->client)->data, krb5_princ_realm(context, creds->client)->length); @@ -94,23 +458,27 @@ krb5_change_password(context, creds, newpw, result_code, code = profile_get_values(context->profile, realm_kdc_names, &hostlist); - if (code == PROF_NO_RELATION) { - realm_kdc_names[2] = "admin_server"; - - default_port = 1; - - code = profile_get_values(context->profile, realm_kdc_names, - &hostlist); - } - - krb5_xfree(host); + if (code == PROF_NO_RELATION) + { + realm_kdc_names[2] = "admin_server"; + default_port = 1; + code = profile_get_values(context->profile, realm_kdc_names, &hostlist); + } if (code == PROF_NO_SECTION) - return KRB5_REALM_UNKNOWN; - else if (code == PROF_NO_RELATION) - return KRB5_CONFIG_BADFORMAT; - else if (code) - return code; + { + code = KRB5_REALM_UNKNOWN; + goto cleanup; + } + else + if (code == PROF_NO_RELATION) + { + code = KRB5_CONFIG_BADFORMAT; + goto cleanup; + } + else + if (code) + goto cleanup; #ifdef HAVE_NETINET_IN_H /* XXX should look for "kpasswd" in /etc/services */ @@ -122,28 +490,34 @@ krb5_change_password(context, creds, newpw, result_code, count++; if (count == 0) - /* XXX */ - return(KADM_NO_HOST); + { + /* XXX */ + code = KADM_NO_HOST; + goto cleanup; + } addr_p = (struct sockaddr *) malloc(sizeof(struct sockaddr) * count); if (addr_p == NULL) - return ENOMEM; + { + code = ENOMEM; + goto cleanup; + } - host = hostlist[0]; + tmphost = hostlist[0]; out = 0; /* * Strip off excess whitespace */ - cp = strchr(host, ' '); + cp = strchr(tmphost, ' '); if (cp) - *cp = 0; - cp = strchr(host, '\t'); + *cp = 0; + cp = strchr(tmphost, '\t'); if (cp) - *cp = 0; - port = strchr(host, ':'); + *cp = 0; + port = strchr(tmphost, ':'); if (port) { - *port = 0; + *port = 0; port++; /* if the admin_server line was used, ignore the specified port */ @@ -152,40 +526,46 @@ krb5_change_password(context, creds, newpw, result_code, } hp = gethostbyname(hostlist[0]); - if (hp != 0) { - switch (hp->h_addrtype) { + if (hp != 0) + { + switch (hp->h_addrtype) + { #ifdef HAVE_NETINET_IN_H - case AF_INET: - for (j=0; hp->h_addr_list[j]; j++) { - sin_p = (struct sockaddr_in *) &addr_p[out++]; - memset ((char *)sin_p, 0, sizeof(struct sockaddr)); - sin_p->sin_family = hp->h_addrtype; - sin_p->sin_port = port ? htons(atoi(port)) : udpport; - memcpy((char *)&sin_p->sin_addr, - (char *)hp->h_addr_list[j], - sizeof(struct in_addr)); - if (out+1 >= count) { - count += 5; - addr_p = (struct sockaddr *) - realloc ((char *)addr_p, - sizeof(struct sockaddr) * count); - if (addr_p == NULL) - return ENOMEM; - } - } - break; + case AF_INET: + for (j=0; hp->h_addr_list[j]; j++) + { + sin_p = (struct sockaddr_in *) &addr_p[out++]; + memset ((char *)sin_p, 0, sizeof(struct sockaddr)); + sin_p->sin_family = hp->h_addrtype; + sin_p->sin_port = port ? htons(atoi(port)) : udpport; + memcpy((char *)&sin_p->sin_addr, + (char *)hp->h_addr_list[j], + sizeof(struct in_addr)); + if (out+1 >= count) + { + count += 5; + addr_p = (struct sockaddr *) + realloc ((char *)addr_p, sizeof(struct sockaddr) * count); + if (addr_p == NULL) + { + code = ENOMEM; + goto cleanup; + } + } + } + break; #endif - default: - break; - } - } - - profile_free_list(hostlist); - - if (out == 0) { /* Couldn't resolve any KDC names */ - free (addr_p); - return(KADM_NO_HOST); - } + default: + break; + } + } + + if (out == 0) + { + /* Couldn't resolve any KDC names */ + code = KADM_NO_HOST; + goto cleanup; + } /* this is really obscure. s1 is used for all communications. it is left unconnected in case the server is multihomed and routes @@ -203,187 +583,215 @@ krb5_change_password(context, creds, newpw, result_code, hostname resolution to get the local ip addr) will work and interoperate if the client is single-homed. */ - if ((s1 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) { - free(addr_p); - return(SOCKET_ERRNO); - } - - if ((s2 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) { - free(addr_p); - return(SOCKET_ERRNO); - } - - for (i=0; isin_addr.s_addr != 0) { - local_kaddr.addrtype = ADDRTYPE_INET; - local_kaddr.length = - sizeof(((struct sockaddr_in *) &local_addr)->sin_addr); - local_kaddr.contents = - (krb5_octet *) &(((struct sockaddr_in *) &local_addr)->sin_addr); - } else { - krb5_address **addrs; - - krb5_os_localaddr(context, &addrs); - local_kaddr.magic = addrs[0]->magic; - local_kaddr.addrtype = addrs[0]->addrtype; - local_kaddr.length = addrs[0]->length; - local_kaddr.contents = malloc(addrs[0]->length); - memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); - - krb5_free_addresses(context, addrs); - } - - addrlen = sizeof(remote_addr); - if (getpeername(s2, &remote_addr, &addrlen) < 0) { - if ((SOCKET_ERRNO == ECONNREFUSED) || - (SOCKET_ERRNO == EHOSTUNREACH)) - continue; /* try the next addr */ - free(addr_p); - closesocket(s1); - closesocket(s2); - return(SOCKET_ERRNO); - } - - remote_kaddr.addrtype = ADDRTYPE_INET; - remote_kaddr.length = - sizeof(((struct sockaddr_in *) &remote_addr)->sin_addr); - remote_kaddr.contents = - (krb5_octet *) &(((struct sockaddr_in *) &remote_addr)->sin_addr); - - /* mk_priv requires that the local address be set. - getsockname is used for this. rd_priv requires that the - remote address be set. recvfrom is used for this. If - rd_priv is given a local address, and the message has the - recipient addr in it, this will be checked. However, there - is simply no way to know ahead of time what address the - message will be delivered *to*. Therefore, it is important - that either no recipient address is in the messages when - mk_priv is called, or that no local address is passed to - rd_priv. Both is a better idea, and I have done that. In - summary, when mk_priv is called, *only* a local address is - specified. when rd_priv is called, *only* a remote address - is specified. Are we having fun yet? */ - - if (code = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr, - NULL)) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(code); - } - - if (code = krb5_mk_chpw_req(context, auth_context, &ap_req, - newpw, &chpw_req)) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(code); - } - - if ((cc = sendto(s1, chpw_req.data, chpw_req.length, 0, - (struct sockaddr *) &addr_p[i], - sizeof(addr_p[i]))) != - chpw_req.length) { - if ((cc < 0) && ((SOCKET_ERRNO == ECONNREFUSED) || - (SOCKET_ERRNO == EHOSTUNREACH))) - continue; /* try the next addr */ - free(addr_p); - closesocket(s1); - closesocket(s2); - return((cc < 0)?SOCKET_ERRNO:ECONNABORTED); - } - - krb5_xfree(chpw_req.data); - - chpw_rep.length = 1500; - chpw_rep.data = (char *) malloc(chpw_rep.length); - - /* XXX need a timeout/retry loop here */ - - /* "recv" would be good enough here... except that Windows/NT - commits the atrocity of returning -1 to indicate failure, - but leaving errno set to 0. - - "recvfrom(...,NULL,NULL)" would seem to be a good enough - alternative, and it works on NT, but it doesn't work on - SunOS 4.1.4 or Irix 5.3. Thus we must actually accept the - value and discard it. */ - tmp_len = sizeof(tmp_addr); - if ((cc = recvfrom(s1, chpw_rep.data, chpw_rep.length, 0, &tmp_addr, &tmp_len)) < 0) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(SOCKET_ERRNO); - } - - closesocket(s1); - closesocket(s2); - - chpw_rep.length = cc; - - if (code = krb5_auth_con_setaddrs(context, auth_context, NULL, - &remote_kaddr)) { - free(addr_p); - closesocket(s1); - closesocket(s2); - return(code); - } - - code = krb5_rd_chpw_rep(context, auth_context, &chpw_rep, - &local_result_code, result_string); - - free(chpw_rep.data); - free(addr_p); - - if (code) - return(code); - - if (result_code) - *result_code = local_result_code; - - if (result_code_string) { - if (code = krb5_chpw_result_code_string(context, local_result_code, - &code_string)) - return(code); - - result_code_string->length = strlen(code_string); - if ((result_code_string->data = - (char *) malloc(result_code_string->length)) == NULL) - return(ENOMEM); - strncpy(result_code_string->data, code_string, - result_code_string->length); - } - - return(0); - } + if ((s1 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((s2 = socket(AF_INET, SOCK_DGRAM, 0)) == INVALID_SOCKET) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + for (i=0; isin_addr.s_addr != 0) + { + local_kaddr.addrtype = ADDRTYPE_INET; + local_kaddr.length = sizeof(((struct sockaddr_in *) &local_addr)->sin_addr); + local_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &local_addr)->sin_addr); + } + else + { + krb5_address **addrs; + + krb5_os_localaddr(context, &addrs); + + local_kaddr.magic = addrs[0]->magic; + local_kaddr.addrtype = addrs[0]->addrtype; + local_kaddr.length = addrs[0]->length; + local_kaddr.contents = malloc(addrs[0]->length); + memcpy(local_kaddr.contents, addrs[0]->contents, addrs[0]->length); + + krb5_free_addresses(context, addrs); + } + + addrlen = sizeof(remote_addr); + if (getpeername(s2, &remote_addr, &addrlen) < 0) + { + if ((SOCKET_ERRNO == ECONNREFUSED) || (SOCKET_ERRNO == EHOSTUNREACH)) + continue; /* try the next addr */ + + code = SOCKET_ERRNO; + goto cleanup; + } + + remote_kaddr.addrtype = ADDRTYPE_INET; + remote_kaddr.length = sizeof(((struct sockaddr_in *) &remote_addr)->sin_addr); + remote_kaddr.contents = (krb5_octet *) &(((struct sockaddr_in *) &remote_addr)->sin_addr); + + /* mk_priv requires that the local address be set. + getsockname is used for this. rd_priv requires that the + remote address be set. recvfrom is used for this. If + rd_priv is given a local address, and the message has the + recipient addr in it, this will be checked. However, there + is simply no way to know ahead of time what address the + message will be delivered *to*. Therefore, it is important + that either no recipient address is in the messages when + mk_priv is called, or that no local address is passed to + rd_priv. Both is a better idea, and I have done that. In + summary, when mk_priv is called, *only* a local address is + specified. when rd_priv is called, *only* a remote address + is specified. Are we having fun yet? */ + + if (code = krb5_auth_con_setaddrs(context, auth_context, &local_kaddr, NULL)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if (code = krb5_mk_chpw_req(context, auth_context, &ap_req, newpw, &chpw_req)) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + if ((cc = sendto(s1, chpw_req.data, chpw_req.length, 0, + (struct sockaddr *) &addr_p[i], + sizeof(addr_p[i]))) != chpw_req.length) + { + if ((cc < 0) && ((SOCKET_ERRNO == ECONNREFUSED) || + (SOCKET_ERRNO == EHOSTUNREACH))) + continue; /* try the next addr */ + + code = (cc < 0) ? SOCKET_ERRNO : ECONNABORTED; + goto cleanup; + } + + chpw_rep.length = 1500; + chpw_rep.data = (char *) malloc(chpw_rep.length); + + /* XXX need a timeout/retry loop here */ + + FD_ZERO (&fdset); + FD_SET (s1, &fdset); + timeout.tv_sec = 120; + timeout.tv_usec = 0; + switch (select (s1 + 1, &fdset, 0, 0, &timeout)) { + case -1: + code = SOCKET_ERRNO; + goto cleanup; + case 0: + code = ETIMEDOUT; + goto cleanup; + default: + /* fall through */ + ; + } - free(addr_p); - closesocket(s1); - closesocket(s2); - return(SOCKET_ERRNO); + /* "recv" would be good enough here... except that Windows/NT + commits the atrocity of returning -1 to indicate failure, + but leaving errno set to 0. + + "recvfrom(...,NULL,NULL)" would seem to be a good enough + alternative, and it works on NT, but it doesn't work on + SunOS 4.1.4 or Irix 5.3. Thus we must actually accept the + value and discard it. */ + tmp_len = sizeof(tmp_addr); + if ((cc = recvfrom(s1, chpw_rep.data, chpw_rep.length, 0, &tmp_addr, &tmp_len)) < 0) + { + code = SOCKET_ERRNO; + goto cleanup; + } + + closesocket(s1); + s1 = INVALID_SOCKET; + closesocket(s2); + s2 = INVALID_SOCKET; + + chpw_rep.length = cc; + + if (code = krb5_auth_con_setaddrs(context, auth_context, NULL, &remote_kaddr)) + goto cleanup; + + if(code = krb5_rd_chpw_rep(context, auth_context, &chpw_rep, + &local_result_code, result_string)) + goto cleanup; + + if (result_code) + *result_code = local_result_code; + + if (result_code_string) + { + if (code = krb5_chpw_result_code_string(context, local_result_code, + &code_string)) + goto cleanup; + + result_code_string->length = strlen(code_string); + if ((result_code_string->data = + (char *) malloc(result_code_string->length)) == NULL) + return(ENOMEM); + strncpy(result_code_string->data, code_string, result_code_string->length); + } + + code = 0; + goto cleanup; + } + + code = SOCKET_ERRNO; + +cleanup: + if(auth_context != NULL) + krb5_auth_con_free(context, auth_context); + + if(host != NULL) + krb5_xfree(host); + + if(addr_p != NULL) + krb5_xfree(addr_p); + + if(hostlist != NULL) + profile_free_list(hostlist); + + if(s1 != INVALID_SOCKET) + closesocket(s1); + + if(s2 != INVALID_SOCKET) + closesocket(s2); + + krb5_free_data_contents(context, &chpw_req); + krb5_free_data_contents(context, &chpw_rep); + krb5_free_data_contents(context, &ap_req); + + return(code); } + +#endif /* big KRB5_DNS_LOOKUP wrapper */ diff --git a/src/lib/krb5/os/def_realm.c b/src/lib/krb5/os/def_realm.c index 44a4e9381..09a513e97 100644 --- a/src/lib/krb5/os/def_realm.c +++ b/src/lib/krb5/os/def_realm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -28,6 +31,15 @@ #include #ifdef KRB5_DNS_LOOKUP +#ifdef WSHELPER +#include +#else /* WSHELPER */ +#include +#include +#include +#include +#endif /* WSHELPER */ + /* for old Unixes and friends ... */ #ifndef MAXHOSTNAMELEN #define MAXHOSTNAMELEN 64 @@ -76,7 +88,7 @@ krb5_get_default_realm(context, lrealm) "default_realm", 0, 0, &realm); - if (!retval) { + if (!retval && realm) { context->default_realm = malloc(strlen(realm) + 1); if (!context->default_realm) { profile_release_string(realm); @@ -101,10 +113,26 @@ krb5_get_default_realm(context, lrealm) */ char localhost[MAX_DNS_NAMELEN+1]; char * p; - localhost[0] = localhost[sizeof(localhost)-1] = 0; - gethostname(localhost,MAX_DNS_NAMELEN); - + struct hostent * h; + + localhost[0] = 0; + gethostname(localhost, sizeof(localhost)); + localhost[sizeof(localhost) - 1] = 0; + if ( localhost[0] ) { + /* + * Try to make sure that we have a fully qualified + * name if possible. We want to be able to handle + * the case where gethostname returns a partial + * name (i.e., it has a dot, but it is not a + * FQDN). + */ + h = gethostbyname(localhost); + if (h) { + strncpy(localhost, h->h_name, sizeof(localhost)); + localhost[sizeof(localhost) - 1] = '\0'; + } + p = localhost; do { retval = krb5_try_realm_txt_rr("_kerberos", p, diff --git a/src/lib/krb5/os/free_hstrl.c b/src/lib/krb5/os/free_hstrl.c index 63bd3b338..afc427af2 100644 --- a/src/lib/krb5/os/free_hstrl.c +++ b/src/lib/krb5/os/free_hstrl.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/free_krbhs.c b/src/lib/krb5/os/free_krbhs.c index 066acfcbf..ceb37650d 100644 --- a/src/lib/krb5/os/free_krbhs.c +++ b/src/lib/krb5/os/free_krbhs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/full_ipadr.c b/src/lib/krb5/os/full_ipadr.c index 0a4e401c5..c22ac1bd6 100644 --- a/src/lib/krb5/os/full_ipadr.c +++ b/src/lib/krb5/os/full_ipadr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/gen_port.c b/src/lib/krb5/os/gen_port.c index 1d84a0898..5da5e4a11 100644 --- a/src/lib/krb5/os/gen_port.c +++ b/src/lib/krb5/os/gen_port.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/gen_rname.c b/src/lib/krb5/os/gen_rname.c index 8605d1728..84b35503f 100644 --- a/src/lib/krb5/os/gen_rname.c +++ b/src/lib/krb5/os/gen_rname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/genaddrs.c b/src/lib/krb5/os/genaddrs.c index 5a9849066..1ff6ec01b 100644 --- a/src/lib/krb5/os/genaddrs.c +++ b/src/lib/krb5/os/genaddrs.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/get_krbhst.c b/src/lib/krb5/os/get_krbhst.c index c929bbaba..1b42943a3 100644 --- a/src/lib/krb5/os/get_krbhst.c +++ b/src/lib/krb5/os/get_krbhst.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -64,8 +67,9 @@ krb5_get_krbhst(context, realm, hostlist) const char *realm_kdc_names[4]; krb5_error_code retval; int i, count; + char **rethosts; - *hostlist = 0; + rethosts = 0; realm_kdc_names[0] = "realms"; realm_kdc_names[1] = realm->data; @@ -99,25 +103,29 @@ krb5_get_krbhst(context, realm, hostlist) *cp = 0; } count = cpp - values; - *hostlist = malloc(sizeof(char *) * (count + 1)); - if (!*hostlist) { + rethosts = malloc(sizeof(char *) * (count + 1)); + if (!rethosts) { retval = ENOMEM; goto cleanup; } for (i = 0; i < count; i++) { - *hostlist[i] = malloc(strlen(values[i]) + 1); - if (!*hostlist[i]) { + int len = strlen (values[i]) + 1; + rethosts[i] = malloc(len); + if (!rethosts[i]) { retval = ENOMEM; goto cleanup; } + memcpy (rethosts[i], values[i], len); } - *hostlist[count] = 0; + rethosts[count] = 0; cleanup: - if (retval && *hostlist) { - for (cpp = *hostlist; *cpp; cpp++) + if (retval && rethosts) { + for (cpp = rethosts; *cpp; cpp++) free(*cpp); - free(*hostlist); + free(rethosts); + rethosts = 0; } profile_free_list(values); + *hostlist = rethosts; return retval; } diff --git a/src/lib/krb5/os/hostaddr.c b/src/lib/krb5/os/hostaddr.c index 27aed5fa1..5380caf16 100644 --- a/src/lib/krb5/os/hostaddr.c +++ b/src/lib/krb5/os/hostaddr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/hst_realm.c b/src/lib/krb5/os/hst_realm.c index bda5e3706..3c0005caf 100644 --- a/src/lib/krb5/os/hst_realm.c +++ b/src/lib/krb5/os/hst_realm.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -234,14 +237,26 @@ krb5_get_host_realm(context, host, realmsp) krb5_error_code retval; int l; char local_host[MAX_DNS_NAMELEN+1]; + struct hostent *h; + if (host) - strncpy(local_host, host, MAX_DNS_NAMELEN); + strncpy(local_host, host, sizeof(local_host)); else { - if (gethostname(local_host, sizeof(local_host)-1) == -1) + if (gethostname(local_host, sizeof(local_host)) == -1) return SOCKET_ERRNO; + /* + * Try to make sure that we have a fully qualified name if + * possible. We need to handle the case where the host has a + * dot but is not FQDN, so we call gethostbyname. + */ + h = gethostbyname(local_host); + if (h) { + strncpy(local_host, h->h_name, sizeof(local_host)); + } } - local_host[MAX_DNS_NAMELEN] = '\0'; + local_host[sizeof(local_host) - 1] = '\0'; + for (cp = local_host; *cp; cp++) { if (isupper(*cp)) *cp = tolower(*cp); diff --git a/src/lib/krb5/os/init_os_ctx.c b/src/lib/krb5/os/init_os_ctx.c index a9c69b30b..0afef471d 100644 --- a/src/lib/krb5/os/init_os_ctx.c +++ b/src/lib/krb5/os/init_os_ctx.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -313,14 +316,13 @@ os_get_default_config_files(pfiles, secure) do not include user paths (from environment variables, etc.) */ static krb5_error_code -os_init_paths(ctx, secure) +os_init_paths(ctx) krb5_context ctx; - krb5_boolean secure; { krb5_error_code retval = 0; profile_filespec_t *files = 0; + krb5_boolean secure = ctx->profile_secure; - ctx->profile_secure = secure; #ifdef KRB5_DNS_LOOKUP ctx->profile_in_memory = 0; #endif /* KRB5_DNS_LOOKUP */ @@ -328,7 +330,8 @@ os_init_paths(ctx, secure) retval = os_get_default_config_files(&files, secure); if (!retval) { - retval = profile_init(files, &ctx->profile); + retval = profile_init((const_profile_filespec_t *) files, + &ctx->profile); #ifdef KRB5_DNS_LOOKUP /* if none of the filenames can be opened use an empty profile */ if (retval == ENOENT) { @@ -383,7 +386,7 @@ krb5_os_init_context(ctx) krb5_cc_set_default_name(ctx, NULL); - retval = os_init_paths(ctx, FALSE); + retval = os_init_paths(ctx); /* * If there's an error in the profile, return an error. Just @@ -393,7 +396,7 @@ krb5_os_init_context(ctx) return retval; } -krb5_error_code +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_get_profile (ctx, profile) krb5_context ctx; profile_t* profile; @@ -404,7 +407,7 @@ krb5_get_profile (ctx, profile) retval = os_get_default_config_files(&files, ctx->profile_secure); if (!retval) - retval = profile_init(files, profile); + retval = profile_init((const_profile_filespec_t *) files, profile); if (files) free_filespecs(files); @@ -465,6 +468,10 @@ krb5_error_code krb5_secure_config_files(ctx) krb5_context ctx; { + /* Obsolete interface; always return an error. + + This function should be removed next time a major version + number change happens. */ krb5_error_code retval; if (ctx->profile) { @@ -472,9 +479,12 @@ krb5_secure_config_files(ctx) ctx->profile = 0; } - retval = os_init_paths(ctx, TRUE); + ctx->profile_secure = TRUE; + retval = os_init_paths(ctx); + if (retval) + return retval; - return retval; + return KRB5_OBSOLETE_FN; } void diff --git a/src/lib/krb5/os/krbfileio.c b/src/lib/krb5/os/krbfileio.c index 3875b8b19..14e086d20 100644 --- a/src/lib/krb5/os/krbfileio.c +++ b/src/lib/krb5/os/krbfileio.c @@ -20,7 +20,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/ktdefname.c b/src/lib/krb5/os/ktdefname.c index d8f394697..8c073fab0 100644 --- a/src/lib/krb5/os/ktdefname.c +++ b/src/lib/krb5/os/ktdefname.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/kuserok.c b/src/lib/krb5/os/kuserok.c index 6d3032e8e..6d2adb126 100644 --- a/src/lib/krb5/os/kuserok.c +++ b/src/lib/krb5/os/kuserok.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -56,7 +59,7 @@ * */ -krb5_boolean +krb5_boolean KRB5_CALLCONV krb5_kuserok(context, principal, luser) krb5_context context; krb5_principal principal; @@ -77,8 +80,9 @@ krb5_kuserok(context, principal, luser) if ((pwd = getpwnam(luser)) == NULL) { return(FALSE); } - (void) strcpy(pbuf, pwd->pw_dir); - (void) strcat(pbuf, "/.k5login"); + (void) strncpy(pbuf, pwd->pw_dir, sizeof(pbuf) - 1); + pbuf[sizeof(pbuf) - 1] = '\0'; + (void) strncat(pbuf, "/.k5login", sizeof(pbuf) - 1 - strlen(pbuf)); if (access(pbuf, F_OK)) { /* not accessible */ /* @@ -143,7 +147,7 @@ krb5_kuserok(context, principal, luser) * If the given Kerberos name "server" translates to the same name as "luser" * (using * krb5_aname_to_lname()), returns TRUE. */ -krb5_boolean +krb5_boolean KRB5_CALLCONV krb5_kuserok(context, principal, luser) krb5_context context; krb5_principal principal; @@ -151,7 +155,7 @@ krb5_kuserok(context, principal, luser) { char kuser[50]; - if (! krb5_aname_to_localname(context, principal, sizeof(kuser), kuser)) + if (krb5_aname_to_localname(context, principal, sizeof(kuser), kuser)) return FALSE; if (strcmp(kuser, luser) == 0) diff --git a/src/lib/krb5/os/localaddr.c b/src/lib/krb5/os/localaddr.c index f55c35c78..5c5a27334 100644 --- a/src/lib/krb5/os/localaddr.c +++ b/src/lib/krb5/os/localaddr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -294,12 +297,11 @@ KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_os_localaddr (krb5_context context, krb5_address ***addr) { char host[64]; /* Name of local machine */ struct hostent *hostrec; - int err; - - *addr = calloc (2, sizeof (krb5_address *)); - if (*addr == NULL) - return ENOMEM; + int err, count, i; + krb5_address ** paddr; + *addr = 0; + paddr = 0; err = 0; if (gethostname (host, sizeof(host))) { @@ -319,27 +321,55 @@ krb5_os_localaddr (krb5_context context, krb5_address ***addr) { return err; } - (*addr)[0] = calloc (1, sizeof(krb5_address)); - if ((*addr)[0] == NULL) { - free (*addr); - return ENOMEM; + for (count = 0; hostrec->h_addr_list[count]; count++); + + + paddr = (krb5_address **)malloc(sizeof(krb5_address *) * (count+1)); + if (!paddr) { + err = ENOMEM; + goto cleanup; + } + + memset(paddr, 0, sizeof(krb5_address *) * (count+1)); + + for (i = 0; i < count; i++) + { + paddr[i] = (krb5_address *)malloc(sizeof(krb5_address)); + if (paddr[i] == NULL) { + err = ENOMEM; + goto cleanup; + } + + paddr[i]->magic = KV5M_ADDRESS; + paddr[i]->addrtype = hostrec->h_addrtype; + paddr[i]->length = hostrec->h_length; + paddr[i]->contents = (unsigned char *)malloc(paddr[i]->length); + if (!paddr[i]->contents) { + err = ENOMEM; + goto cleanup; + } + memcpy(paddr[i]->contents, + hostrec->h_addr_list[i], + paddr[i]->length); } - (*addr)[0]->magic = KV5M_ADDRESS; - (*addr)[0]->addrtype = hostrec->h_addrtype; - (*addr)[0]->length = hostrec->h_length; - (*addr)[0]->contents = (unsigned char *)malloc((*addr)[0]->length); - if (!(*addr)[0]->contents) { - free((*addr)[0]); - free(*addr); - return ENOMEM; - } else { - memcpy ((*addr)[0]->contents, - hostrec->h_addr, - (*addr)[0]->length); + + cleanup: + if (err) { + if (paddr) { + for (i = 0; i < count; i++) + { + if (paddr[i]) { + if (paddr[i]->contents) + free(paddr[i]->contents); + free(paddr[i]); + } + } + free(paddr); + } } - /* FIXME, deal with the case where gethostent returns multiple addrs */ + else + *addr = paddr; - return(0); + return(err); } #endif - diff --git a/src/lib/krb5/os/locate_kdc.c b/src/lib/krb5/os/locate_kdc.c index 2c99a2c6f..c5d68a5e0 100644 --- a/src/lib/krb5/os/locate_kdc.c +++ b/src/lib/krb5/os/locate_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * @@ -78,7 +81,7 @@ _krb5_use_dns(context) * the master kdc */ -static krb5_error_code +krb5_error_code krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmasters) krb5_context context; const krb5_data *realm; @@ -97,8 +100,8 @@ krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmaste struct hostent *hp; struct servent *sp; #ifdef HAVE_NETINET_IN_H - u_short udpport = htons(KRB5_DEFAULT_PORT); - u_short sec_udpport = htons(KRB5_DEFAULT_SEC_PORT); + u_short udpport; + u_short sec_udpport; #endif if ((host = malloc(realm->length + 1)) == NULL) @@ -125,10 +128,22 @@ krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmaste } #ifdef HAVE_NETINET_IN_H + if ( !strcmp(name,"kpasswd_server") ) { + if ((sp = getservbyname(KPASSWD_PORTNAME, "udp"))) + udpport = sp->s_port; + else + udpport = htons(DEFAULT_KPASSWD_PORT); + sec_udpport = 0; + } else { if ((sp = getservbyname(KDC_PORTNAME, "udp"))) udpport = sp->s_port; + else + udpport = htons(KRB5_DEFAULT_PORT); if ((sp = getservbyname(KDC_SECONDARY_PORTNAME, "udp"))) sec_udpport = sp->s_port; + else + sec_udpport = htons(KRB5_DEFAULT_SEC_PORT); + } #endif if (sec_udpport == udpport) sec_udpport = 0; @@ -284,7 +299,7 @@ krb5_locate_srv_conf(context, realm, name, addr_pp, naddrs, master_index, nmaste * Lookup a KDC via DNS SRV records */ -static krb5_error_code +krb5_error_code krb5_locate_srv_dns(realm, service, protocol, addr_pp, naddrs) const krb5_data *realm; const char *service; diff --git a/src/lib/krb5/os/lock_file.c b/src/lib/krb5/os/lock_file.c index 79c1f97f1..55f86343a 100644 --- a/src/lib/krb5/os/lock_file.c +++ b/src/lib/krb5/os/lock_file.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/mk_faddr.c b/src/lib/krb5/os/mk_faddr.c index de22a9e28..66167cd96 100644 --- a/src/lib/krb5/os/mk_faddr.c +++ b/src/lib/krb5/os/mk_faddr.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/net_read.c b/src/lib/krb5/os/net_read.c index 2b8a69241..bea2b7bba 100644 --- a/src/lib/krb5/os/net_read.c +++ b/src/lib/krb5/os/net_read.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/net_write.c b/src/lib/krb5/os/net_write.c index 1da730e1e..e3c2eeceb 100644 --- a/src/lib/krb5/os/net_write.c +++ b/src/lib/krb5/os/net_write.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/os-proto.h b/src/lib/krb5/os/os-proto.h index 02c186f88..fed7a81db 100644 --- a/src/lib/krb5/os/os-proto.h +++ b/src/lib/krb5/os/os-proto.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/osconfig.c b/src/lib/krb5/os/osconfig.c index 228695ab7..2ae48009c 100644 --- a/src/lib/krb5/os/osconfig.c +++ b/src/lib/krb5/os/osconfig.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/port2ip.c b/src/lib/krb5/os/port2ip.c index 55249bd84..ba3fb9bd0 100644 --- a/src/lib/krb5/os/port2ip.c +++ b/src/lib/krb5/os/port2ip.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/prompter.c b/src/lib/krb5/os/prompter.c index 684c5b509..b43e0ae0e 100644 --- a/src/lib/krb5/os/prompter.c +++ b/src/lib/krb5/os/prompter.c @@ -121,6 +121,102 @@ cleanup: } #else /* MSDOS */ +#if defined(_WIN32) + +#include + +KRB5_DLLIMP krb5_error_code KRB5_CALLCONV +krb5_prompter_posix(krb5_context context, + void *data, + const char *name, + const char *banner, + int num_prompts, + krb5_prompt prompts[]) +{ + HANDLE handle; + DWORD old_mode, new_mode; + char *ptr; + int scratchchar; + krb5_error_code errcode = 0; + int i; + + handle = GetStdHandle(STD_INPUT_HANDLE); + if (handle == INVALID_HANDLE_VALUE) + return ENOTTY; + if (!GetConsoleMode(handle, &old_mode)) + return ENOTTY; + + new_mode = old_mode; + new_mode |= ( ENABLE_LINE_INPUT | ENABLE_PROCESSED_INPUT ); + new_mode &= ~( ENABLE_ECHO_INPUT ); + + if (!SetConsoleMode(handle, new_mode)) + return ENOTTY; + + if (!SetConsoleMode(handle, old_mode)) + return ENOTTY; + + if (name) { + fputs(name, stdout); + fputs("\n", stdout); + } + + if (banner) { + fputs(banner, stdout); + fputs("\n", stdout); + } + + for (i = 0; i < num_prompts; i++) { + if (prompts[i].hidden) { + if (!SetConsoleMode(handle, new_mode)) { + errcode = ENOTTY; + goto cleanup; + } + } + + fputs(prompts[i].prompt,stdout); + fputs(": ", stdout); + fflush(stdout); + memset(prompts[i].reply->data, 0, prompts[i].reply->length); + + if (fgets(prompts[i].reply->data, prompts[i].reply->length, stdin) + == NULL) { + if (prompts[i].hidden) + putchar('\n'); + errcode = KRB5_LIBOS_CANTREADPWD; + goto cleanup; + } + if (prompts[i].hidden) + putchar('\n'); + /* fgets always null-terminates the returned string */ + + /* replace newline with null */ + if ((ptr = strchr(prompts[i].reply->data, '\n'))) + *ptr = '\0'; + else /* flush rest of input line */ + do { + scratchchar = getchar(); + } while (scratchchar != EOF && scratchchar != '\n'); + + prompts[i].reply->length = strlen(prompts[i].reply->data); + + if (!SetConsoleMode(handle, old_mode)) { + errcode = ENOTTY; + goto cleanup; + } + } + + cleanup: + if (errcode) { + for (i = 0; i < num_prompts; i++) { + memset(prompts[i].reply->data, 0, prompts[i].reply->length); + } + } + return errcode; +} + +#else /* !_WIN32 */ + KRB5_DLLIMP krb5_error_code KRB5_CALLCONV krb5_prompter_posix(krb5_context context, void *data, @@ -129,7 +225,7 @@ krb5_prompter_posix(krb5_context context, int num_prompts, krb5_prompt prompts[]) { - return(EINVAL); + return(EINVAL); } -#endif /* !MSDOS */ - +#endif /* !_WIN32 */ +#endif /* !MSDOS */ diff --git a/src/lib/krb5/os/read_msg.c b/src/lib/krb5/os/read_msg.c index 8ece718cc..c138ffb03 100644 --- a/src/lib/krb5/os/read_msg.c +++ b/src/lib/krb5/os/read_msg.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/read_pwd.c b/src/lib/krb5/os/read_pwd.c index 7d68948af..4deabe2fd 100644 --- a/src/lib/krb5/os/read_pwd.c +++ b/src/lib/krb5/os/read_pwd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/realm_dom.c b/src/lib/krb5/os/realm_dom.c index 3d0b64ebd..6afad2dbe 100644 --- a/src/lib/krb5/os/realm_dom.c +++ b/src/lib/krb5/os/realm_dom.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/realm_iter.c b/src/lib/krb5/os/realm_iter.c index 0c3d12773..2e3276081 100644 --- a/src/lib/krb5/os/realm_iter.c +++ b/src/lib/krb5/os/realm_iter.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/sendto_kdc.c b/src/lib/krb5/os/sendto_kdc.c index ff14863b4..01b797e70 100644 --- a/src/lib/krb5/os/sendto_kdc.c +++ b/src/lib/krb5/os/sendto_kdc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/sn2princ.c b/src/lib/krb5/os/sn2princ.c index 766aa658e..896567953 100644 --- a/src/lib/krb5/os/sn2princ.c +++ b/src/lib/krb5/os/sn2princ.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/timeofday.c b/src/lib/krb5/os/timeofday.c index 047eed82b..11dffd732 100644 --- a/src/lib/krb5/os/timeofday.c +++ b/src/lib/krb5/os/timeofday.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/toffset.c b/src/lib/krb5/os/toffset.c index 2debd9f98..72d301df9 100644 --- a/src/lib/krb5/os/toffset.c +++ b/src/lib/krb5/os/toffset.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/unlck_file.c b/src/lib/krb5/os/unlck_file.c index bea19c123..886196d3e 100644 --- a/src/lib/krb5/os/unlck_file.c +++ b/src/lib/krb5/os/unlck_file.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/ustime.c b/src/lib/krb5/os/ustime.c index 2c8b7d4ab..ed60714e1 100644 --- a/src/lib/krb5/os/ustime.c +++ b/src/lib/krb5/os/ustime.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/os/write_msg.c b/src/lib/krb5/os/write_msg.c index 368ca6086..7f1bc242a 100644 --- a/src/lib/krb5/os/write_msg.c +++ b/src/lib/krb5/os/write_msg.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/posix/ChangeLog b/src/lib/krb5/posix/ChangeLog index 803dbc308..6f9a5ef7a 100644 --- a/src/lib/krb5/posix/ChangeLog +++ b/src/lib/krb5/posix/ChangeLog @@ -1,3 +1,17 @@ +2000-04-28 Ken Raeburn + Nalin Dahyabhai + + * syslog.c (vsyslog): Use strncpy and strncat instead of strcpy + and strcat when adding to buffer "tbuf". If calling vsprintf, + abort if it appears to have overrun the buffer. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon May 10 15:26:38 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb5/posix/Makefile.in b/src/lib/krb5/posix/Makefile.in index e608d3bd8..8f33a9213 100644 --- a/src/lib/krb5/posix/Makefile.in +++ b/src/lib/krb5/posix/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/krb5/posix mydir=posix BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=posix diff --git a/src/lib/krb5/posix/syslog.c b/src/lib/krb5/posix/syslog.c index 31e787493..f7ddbff16 100644 --- a/src/lib/krb5/posix/syslog.c +++ b/src/lib/krb5/posix/syslog.c @@ -115,7 +115,7 @@ vsyslog(pri, fmt, ap) (void)sprintf(tbuf, "<%d>%.15s ", pri, ctime(&now) + 4); for (p = tbuf; *p; ++p); if (LogTag) { - (void)strcpy(p, LogTag); + (void)strncpy(p, LogTag, sizeof(tbuf) - 1 - (p - tbuf)); for (; *p; ++p); } if (LogStat & LOG_PID) { @@ -146,6 +146,11 @@ vsyslog(pri, fmt, ap) } (void)vsprintf(p, fmt_cpy, ap); + /* Bounds checking?? If a system doesn't have syslog, we + probably can't rely on it having vsnprintf either. Try not + to let a buffer overrun be exploited. */ + if (strlen (tbuf) >= sizeof (tbuf)) + abort (); /* output the message to the local logger */ if (send(LogFile, tbuf, cnt = strlen(tbuf), 0) >= 0 || @@ -169,7 +174,8 @@ vsyslog(pri, fmt, ap) if ((fd = open(CONSOLE, O_WRONLY, 0)) < 0) return; (void)alarm((u_int)0); - (void)strcat(tbuf, "\r"); + tbuf[sizeof(tbuf) - 1] = '\0'; + (void)strncat(tbuf, "\r", sizeof(tbuf) - 1 - strlen(tbuf)); p = strchr(tbuf, '>') + 1; (void)write(fd, p, cnt + 1 - (p - tbuf)); (void)close(fd); diff --git a/src/lib/krb5/rcache/ChangeLog b/src/lib/krb5/rcache/ChangeLog index 3917175a4..a3b8b4fb9 100644 --- a/src/lib/krb5/rcache/ChangeLog +++ b/src/lib/krb5/rcache/ChangeLog @@ -1,3 +1,15 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-21 Ken Raeburn + + * rc_dfl.c (krb5_rc_io_fetch): Set client and server fields to + NULL after freeing them in the error case. + Mon May 10 15:26:53 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/lib/krb5/rcache/Makefile.in b/src/lib/krb5/rcache/Makefile.in index 248d7760b..9bb3d0f61 100644 --- a/src/lib/krb5/rcache/Makefile.in +++ b/src/lib/krb5/rcache/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=lib/krb5/rcache mydir=rcache BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=rcache diff --git a/src/lib/krb5/rcache/rc_dfl.c b/src/lib/krb5/rcache/rc_dfl.c index 57679f369..a86f42e71 100644 --- a/src/lib/krb5/rcache/rc_dfl.c +++ b/src/lib/krb5/rcache/rc_dfl.c @@ -386,6 +386,7 @@ errout: krb5_xfree(rep->client); if (rep->server) krb5_xfree(rep->server); + rep->client = rep->server = 0; return retval; } diff --git a/src/lib/krb5/rcache/rcdef.c b/src/lib/krb5/rcache/rcdef.c index 70b1fc696..338408fe0 100644 --- a/src/lib/krb5/rcache/rcdef.c +++ b/src/lib/krb5/rcache/rcdef.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5/rcache/ser_rc.c b/src/lib/krb5/rcache/ser_rc.c index f70dfbfe3..c6ea29cb4 100644 --- a/src/lib/krb5/rcache/ser_rc.c +++ b/src/lib/krb5/rcache/ser_rc.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5_16.def b/src/lib/krb5_16.def deleted file mode 100644 index 70bc3442b..000000000 --- a/src/lib/krb5_16.def +++ /dev/null @@ -1,207 +0,0 @@ -;---------------------------------------------------- -; KRB5.DEF - KRB5.DLL module definition file -;---------------------------------------------------- - -LIBRARY KRB5_16 -DESCRIPTION 'DLL for Kerberos 5' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; Kerberos 5 - _krb5_build_principal - _krb5_build_principal_ext - krb5_copy_addr - krb5_copy_addresses - krb5_copy_authdata - krb5_copy_authenticator - krb5_copy_checksum - krb5_copy_creds - krb5_copy_data - krb5_copy_keyblock - krb5_copy_keyblock_contents - krb5_copy_principal - krb5_copy_ticket - krb5_decrypt_tkt_part - krb5_free_address - krb5_free_addresses - krb5_free_ap_rep - krb5_free_ap_rep_enc_part - krb5_free_ap_req - krb5_free_authdata - krb5_free_authenticator - krb5_free_authenticator_contents - krb5_free_checksum - krb5_free_context - krb5_free_cred - krb5_free_cred_contents - krb5_free_cred_enc_part - krb5_free_creds - krb5_free_data - krb5_free_data_contents - krb5_free_enc_kdc_rep_part - krb5_free_enc_tkt_part - krb5_free_error - krb5_free_host_realm - krb5_free_kdc_rep - krb5_free_kdc_req - krb5_free_keyblock - krb5_free_keyblock_contents - krb5_free_last_req - krb5_free_pa_data - krb5_free_principal - krb5_free_priv - krb5_free_priv_enc_part - krb5_free_pwd_data - krb5_free_pwd_sequences - krb5_free_safe - krb5_free_tgt_creds - krb5_free_ticket - krb5_free_tickets - krb5_free_tkt_authent - krb5_fwd_tgt_creds - krb5_get_credentials - krb5_get_credentials_renew - krb5_get_credentials_validate - krb5_get_default_realm - krb5_get_host_realm - krb5_get_realm_domain - krb5_get_in_tkt - krb5_get_in_tkt_with_keytab - krb5_get_in_tkt_with_password - krb5_get_in_tkt_with_skey - krb5_get_init_creds_opt_init - krb5_get_init_creds_opt_set_tkt_life - krb5_get_init_creds_opt_set_renew_life - krb5_get_init_creds_opt_set_forwardable - krb5_get_init_creds_opt_set_proxiable - krb5_get_init_creds_opt_set_etype_list - krb5_get_init_creds_opt_set_address_list - krb5_get_init_creds_opt_set_preauth_list - krb5_get_init_creds_opt_set_salt - krb5_get_init_creds_password - krb5_get_init_creds_keytab - krb5_get_init_creds_opt_init - krb5_get_validated_creds - krb5_get_renewed_creds - krb5_get_notification_message - krb5_init_context - krb5_mk_error - krb5_mk_priv - krb5_mk_rep - krb5_mk_req - krb5_mk_req_extended - krb5_mk_safe - krb5_os_localaddr - krb5_parse_name - krb5_principal_compare - krb5_prompter_posix - krb5_rd_cred - krb5_rd_error - krb5_rd_priv - krb5_rd_rep - krb5_rd_req - krb5_rd_safe - krb5_read_password - krb5_recvauth - krb5_sendauth - krb5_sname_to_principal - krb5_timeofday - krb5_unparse_name - krb5_unparse_name_ext - krb5_free_unparsed_name - krb5_us_timeofday -; - krb5_use_enctype - krb5_checksum_size - krb5_encrypt_size - krb5_calculate_checksum - krb5_verify_checksum - krb5_eblock_enctype -; - krb5_decrypt - krb5_encrypt - krb5_string_to_key - krb5_process_key - krb5_finish_key - krb5_init_random_key - krb5_finish_random_key - krb5_random_key -; - krb5_425_conv_principal - krb5_524_conv_principal -; - krb5_cksumtype_to_string - krb5_deltat_to_string - krb5_enctype_to_string - krb5_salttype_to_string - krb5_string_to_cksumtype - krb5_string_to_deltat - krb5_string_to_enctype - krb5_string_to_salttype - krb5_string_to_timestamp - krb5_timestamp_to_sfstring - krb5_timestamp_to_string -; - krb5_auth_con_free - krb5_auth_con_genaddrs - krb5_auth_con_getflags - krb5_auth_con_getkey - krb5_auth_con_getlocalsubkey - krb5_auth_con_getremotesubkey - krb5_auth_con_init - krb5_auth_con_setflags - krb5_auth_con_getlocalseqnumber - krb5_auth_con_getremoteseqnumber - krb5_auth_con_setuseruserkey - krb5_auth_con_getauthenticator - krb5_auth_con_set_req_cksumtype -; - krb5_cc_default - krb5_cc_register - krb5_cc_resolve -; - krb5_kt_default - krb5_kt_register - krb5_kt_resolve - krb5_kt_add_entry - krb5_kt_free_entry - krb5_kt_read_service_key - krb5_kt_remove_entry -;Kadm routines - krb5_adm_connect - krb5_adm_disconnect - krb5_free_adm_data - krb5_read_adm_reply - krb5_send_adm_cmd -; -;Temporary exports (DO NOT USE) - _sscanf - _decode_krb5_ticket - des_ecb_encrypt - des_new_random_key - des_key_sched - des_pcbc_encrypt - des_quad_cksum - des_string_to_key -; des_set_random_generator_seed - des_init_random_number_generator - profile_get_values - krb5_random_confounder - krb5_size_opaque - krb5_internalize_opaque - krb5_externalize_opaque - krb5_ser_pack_int32 - krb5_ser_unpack_int32 - krb5_ser_pack_bytes - krb5_ser_unpack_bytes - krb5_ser_auth_context_init - krb5_ser_context_init - krb5_ser_ccache_init - krb5_ser_keytab_init - krb5_ser_rcache_init - _decode_krb5_ap_req diff --git a/src/lib/krb5_32.def b/src/lib/krb5_32.def index e4ef6c96c..948c4fefb 100644 --- a/src/lib/krb5_32.def +++ b/src/lib/krb5_32.def @@ -229,10 +229,10 @@ EXPORTS krb5_ser_rcache_init decode_krb5_ap_req krb5_mcc_ops - ; ;Added for Kermit 95 krb5_address_search krb5_auth_con_getrcache krb5_c_enctype_compare + krb5_kuserok diff --git a/src/lib/krb5util/ChangeLog b/src/lib/krb5util/ChangeLog index 9b2809f98..ec629cb91 100644 --- a/src/lib/krb5util/ChangeLog +++ b/src/lib/krb5util/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/krb5util/Makefile.in b/src/lib/krb5util/Makefile.in index a254b42b7..9e541a517 100644 --- a/src/lib/krb5util/Makefile.in +++ b/src/lib/krb5util/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=lib/krb5util mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) ##DOSBUILDTOP = ..\.. ##DOSLIBNAME=krb5util.lib diff --git a/src/lib/krb5util/compat_recv.c b/src/lib/krb5util/compat_recv.c index 72d82aa77..ec6b15114 100644 --- a/src/lib/krb5util/compat_recv.c +++ b/src/lib/krb5util/compat_recv.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/lib/krb5util/seteuid.c b/src/lib/krb5util/seteuid.c index a8fcd4b20..2b4f596c0 100644 --- a/src/lib/krb5util/seteuid.c +++ b/src/lib/krb5util/seteuid.c @@ -12,7 +12,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/lib/rpc/ChangeLog b/src/lib/rpc/ChangeLog index 593599ef8..1d8174d62 100644 --- a/src/lib/rpc/ChangeLog +++ b/src/lib/rpc/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Fri Apr 23 20:05:38 1999 Tom Yu * svc.c: Fix to reference the correct xprt because we're no longer diff --git a/src/lib/rpc/Makefile.in b/src/lib/rpc/Makefile.in index de2ab2c26..487a1e4fd 100644 --- a/src/lib/rpc/Makefile.in +++ b/src/lib/rpc/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=. myfulldir=lib/rpc mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) -DGSSAPI_KRB5 -DDEBUG_GSSAPI=0 +DEFINES = -DGSSAPI_KRB5 -DDEBUG_GSSAPI=0 ##DOSBUILDTOP = ..\.. ##DOSLIBNAME=libgssrpc.lib diff --git a/src/lib/rpc/unit-test/ChangeLog b/src/lib/rpc/unit-test/ChangeLog index d3c846a1c..9ea49bcee 100644 --- a/src/lib/rpc/unit-test/ChangeLog +++ b/src/lib/rpc/unit-test/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/lib/rpc/unit-test/Makefile.in b/src/lib/rpc/unit-test/Makefile.in index 948b40334..ef2d93a95 100644 --- a/src/lib/rpc/unit-test/Makefile.in +++ b/src/lib/rpc/unit-test/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=. myfulldir=lib/rpc/unit-test mydir=. BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) -I. +LOCALINCLUDES = -I. PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/lib/sapgss16.def b/src/lib/sapgss16.def deleted file mode 100644 index ac6b7c94f..000000000 --- a/src/lib/sapgss16.def +++ /dev/null @@ -1,78 +0,0 @@ -;---------------------------------------------------- -; SAPGSS16.DEF - GSSAPI.DLL module definition file -;---------------------------------------------------- - -LIBRARY SAPGSS16 -DESCRIPTION 'Base Generic Security Service API' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - gss_acquire_cred - gss_release_cred - gss_init_sec_context - gss_accept_sec_context - gss_process_context_token - gss_delete_sec_context - gss_context_time - gss_sign - gss_verify - gss_seal - gss_unseal - gss_display_status - gss_indicate_mechs - gss_compare_name - gss_display_name - gss_import_name - gss_release_name - gss_release_buffer - gss_release_oid_set - gss_inquire_cred -; -; GSS-API v2 additional credential calls -; - gss_add_cred - gss_inquire_cred_by_mech -; -; GSS-API v2 additional context-level calls -; - gss_inquire_context - gss_wrap_size_limit - gss_export_sec_context - gss_import_sec_context -; -; GSS-API v2 additional calls for OID and OID_set operations -; - gss_release_oid - gss_create_empty_oid_set - gss_add_oid_set_member - gss_test_oid_set_member - gss_oid_to_str - gss_str_to_oid -; -; GSS-API v2 renamed message protection calls -; - gss_wrap - gss_unwrap - gss_get_mic - gss_verify_mic -; -; GSS-API v2 future extensions -; - gss_inquire_names_for_mech -; gss_inquire_mechs_for_name - gss_canonicalize_name - gss_export_name - gss_duplicate_name -; -; GSS-API variables -; - _gss_nt_user_name - _gss_nt_machine_uid_name - _gss_nt_string_uid_name - _gss_nt_service_name diff --git a/src/lib/sapkrb16.def b/src/lib/sapkrb16.def deleted file mode 100644 index 3095b2068..000000000 --- a/src/lib/sapkrb16.def +++ /dev/null @@ -1,189 +0,0 @@ -;---------------------------------------------------- -; SAPKRB16.DEF - KRB5.DLL module definition file -;---------------------------------------------------- - -LIBRARY SAPKRB16 -DESCRIPTION 'DLL for Kerberos 5' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; Kerberos 5 - _krb5_build_principal - _krb5_build_principal_ext - krb5_copy_addr - krb5_copy_addresses - krb5_copy_authdata - krb5_copy_authenticator - krb5_copy_checksum - krb5_copy_creds - krb5_copy_data - krb5_copy_keyblock - krb5_copy_keyblock_contents - krb5_copy_principal - krb5_copy_ticket - krb5_decrypt_tkt_part - krb5_free_address - krb5_free_addresses - krb5_free_ap_rep - krb5_free_ap_rep_enc_part - krb5_free_ap_req - krb5_free_authdata - krb5_free_authenticator - krb5_free_authenticator_contents - krb5_free_checksum - krb5_free_context - krb5_free_cred - krb5_free_cred_contents - krb5_free_cred_enc_part - krb5_free_creds - krb5_free_data - krb5_free_data_contents - krb5_free_enc_kdc_rep_part - krb5_free_enc_tkt_part - krb5_free_error - krb5_free_host_realm - krb5_free_kdc_rep - krb5_free_kdc_req - krb5_free_keyblock - krb5_free_keyblock_contents - krb5_free_last_req - krb5_free_pa_data - krb5_free_principal - krb5_free_priv - krb5_free_priv_enc_part - krb5_free_pwd_data - krb5_free_pwd_sequences - krb5_free_safe - krb5_free_tgt_creds - krb5_free_ticket - krb5_free_tickets - krb5_free_tkt_authent - krb5_fwd_tgt_creds - krb5_get_credentials - krb5_get_credentials_renew - krb5_get_credentials_validate - krb5_get_default_realm - krb5_get_host_realm - krb5_get_in_tkt - krb5_get_in_tkt_with_keytab - krb5_get_in_tkt_with_password - krb5_get_in_tkt_with_skey - krb5_get_notification_message - krb5_init_context - krb5_mk_error - krb5_mk_priv - krb5_mk_rep - krb5_mk_req - krb5_mk_req_extended - krb5_mk_safe - krb5_os_localaddr - krb5_parse_name - krb5_principal_compare - krb5_rd_cred - krb5_rd_error - krb5_rd_priv - krb5_rd_rep - krb5_rd_req - krb5_rd_safe - krb5_read_password - krb5_recvauth - krb5_sendauth - krb5_sname_to_principal - krb5_timeofday - krb5_unparse_name - krb5_unparse_name_ext - krb5_us_timeofday -; - krb5_use_enctype - krb5_checksum_size - krb5_encrypt_size - krb5_calculate_checksum - krb5_verify_checksum - krb5_eblock_enctype -; - krb5_decrypt - krb5_encrypt - krb5_string_to_key - krb5_process_key - krb5_finish_key - krb5_init_random_key - krb5_finish_random_key - krb5_random_key -; - krb5_425_conv_principal - krb5_524_conv_principal -; - krb5_cksumtype_to_string - krb5_deltat_to_string - krb5_enctype_to_string - krb5_salttype_to_string - krb5_string_to_cksumtype - krb5_string_to_deltat - krb5_string_to_enctype - krb5_string_to_salttype - krb5_string_to_timestamp - krb5_timestamp_to_sfstring - krb5_timestamp_to_string -; - krb5_auth_con_free - krb5_auth_con_genaddrs - krb5_auth_con_getflags - krb5_auth_con_getkey - krb5_auth_con_getlocalsubkey - krb5_auth_con_getremotesubkey - krb5_auth_con_init - krb5_auth_con_setflags - krb5_auth_con_getlocalseqnumber - krb5_auth_con_getremoteseqnumber - krb5_auth_con_setuseruserkey - krb5_auth_con_getauthenticator - krb5_auth_con_set_req_cksumtype -; - krb5_cc_default - krb5_cc_register - krb5_cc_resolve -; - krb5_kt_default - krb5_kt_register - krb5_kt_resolve - krb5_kt_add_entry - krb5_kt_free_entry - krb5_kt_read_service_key - krb5_kt_remove_entry -;Kadm routines - krb5_adm_connect - krb5_adm_disconnect - krb5_free_adm_data - krb5_read_adm_reply - krb5_send_adm_cmd -; -;Temporary exports (DO NOT USE) - _sscanf - _decode_krb5_ticket - des_ecb_encrypt - des_new_random_key - des_key_sched - des_pcbc_encrypt - des_quad_cksum - des_string_to_key - des_set_random_generator_seed - profile_get_values - krb5_random_confounder - krb5_size_opaque - krb5_internalize_opaque - krb5_externalize_opaque - krb5_ser_pack_int32 - krb5_ser_unpack_int32 - krb5_ser_pack_bytes - krb5_ser_unpack_bytes - krb5_ser_auth_context_init - krb5_ser_context_init - krb5_ser_ccache_init - krb5_ser_keytab_init - krb5_ser_rcache_init - _decode_krb5_ap_req diff --git a/src/lib/winsock.def b/src/lib/winsock.def deleted file mode 100644 index cada77985..000000000 --- a/src/lib/winsock.def +++ /dev/null @@ -1,90 +0,0 @@ -; -; File: winsock.def -; System: MS-Windows 3.x -; Summary: Module definition file for Windows Sockets DLL. -; -; This file is from -; ftp://sunsite.unc.edu/pub/micro/pc-stuff/ms-windows/winsock/winsock-1.1 -; except that we made all the routine names uppercase, to match what -; MicroSoft C does when you declare an interface routine PASCAL -; (the way all these routines are declared in .../include/winsock.h). -; - -LIBRARY WINSOCK ; Application's module name - -DESCRIPTION 'BSD Socket API for Windows' - -EXETYPE WINDOWS ; required for all windows applications - -STUB 'WINSTUB.EXE' ; generates error message if application - ; is run without Windows - -;CODE can be FIXED in memory because of potential upcalls -CODE PRELOAD FIXED - -;DATA must be SINGLE and at a FIXED location since this is a DLL -DATA PRELOAD FIXED SINGLE - -HEAPSIZE 1024 -STACKSIZE 16384 - -; All functions that will be called by any Windows routine -; must be exported. Any additional exports beyond those defined -; here must have ordinal numbers 1000 or above. - -EXPORTS - ACCEPT @1 - BIND @2 - CLOSESOCKET @3 - CONNECT @4 - GETPEERNAME @5 - GETSOCKNAME @6 - GETSOCKOPT @7 - HTONL @8 - HTONS @9 - INET_ADDR @10 - INET_NTOA @11 - IOCTLSOCKET @12 - LISTEN @13 - NTOHL @14 - NTOHS @15 - RECV @16 - RECVFROM @17 - SELECT @18 - SEND @19 - SENDTO @20 - SETSOCKOPT @21 - SHUTDOWN @22 - SOCKET @23 - - GETHOSTBYADDR @51 - GETHOSTBYNAME @52 - GETPROTOBYNAME @53 - GETPROTOBYNUMBER @54 - GETSERVBYNAME @55 - GETSERVBYPORT @56 - GETHOSTNAME @57 - - WSAASYNCSELECT @101 - WSAASYNCGETHOSTBYADDR @102 - WSAASYNCGETHOSTBYNAME @103 - WSAASYNCGETPROTOBYNUMBER @104 - WSAASYNCGETPROTOBYNAME @105 - WSAASYNCGETSERVBYPORT @106 - WSAASYNCGETSERVBYNAME @107 - WSACANCELASYNCREQUEST @108 - WSASETBLOCKINGHOOK @109 - WSAUNHOOKBLOCKINGHOOK @110 - WSAGETLASTERROR @111 - WSASETLASTERROR @112 - WSACANCELBLOCKINGCALL @113 - WSAISBLOCKING @114 - WSASTARTUP @115 - WSACLEANUP @116 - - __WSAFDISSET @151 - - WEP @500 RESIDENTNAME - -;eof - diff --git a/src/lib/xpprof16.def b/src/lib/xpprof16.def deleted file mode 100644 index e356718e9..000000000 --- a/src/lib/xpprof16.def +++ /dev/null @@ -1,33 +0,0 @@ -;---------------------------------------------------- -; XPPROF16.DEF - XPPROF16.DLL -;---------------------------------------------------- - -LIBRARY XPPROF16.DLL -DESCRIPTION 'Cross Platform Profile DLL' -EXETYPE WINDOWS -CODE PRELOAD MOVEABLE DISCARDABLE -DATA PRELOAD MOVEABLE SINGLE -HEAPSIZE 8192 - -EXPORTS - WEP @1001 RESIDENTNAME - LibMain @1002 -; - profile_init - profile_init_path - profile_flush - profile_release - profile_get_values - profile_free_list - profile_get_string - profile_get_integer - profile_get_relation_names - profile_get_subsection_names - profile_iterator_create - profile_iterator_free - profile_iterator - profile_release_string - profile_update_relation - profile_clear_relation - profile_rename_section - profile_add_relation diff --git a/src/mac/CFMGlue.pl b/src/mac/CFMGlue.pl index f74a3662d..f6386bb80 100644 --- a/src/mac/CFMGlue.pl +++ b/src/mac/CFMGlue.pl @@ -1,158 +1,298 @@ -#!/usr/athena/bin/perl -w +#!/usr/local/bin/perl -w +use strict; # Turn on careful syntax checking +use 5.002; # Require Perl 5.002 or later + +# Pre-declare globals, as required by "use strict" +use vars qw(%RESERVEDWORDS $file $prototype); + +# C words which aren't a type or a parameter name +# [digit] is special cased later on... %RESERVEDWORDS = ( - const => "const", - "*" => "*", - "[]" => "[]", - struct => "struct", - enum => "enum", - union => "union" + const => "const", + "*" => "*", + "[]" => "[]", + struct => "struct", + enum => "enum", + union => "union", + unsigned => "unsigned", + register => "register" ); -while() +# Read the entire file into $file +{ + local $/; + undef $/; # Ignore end-of-line delimiters in the file + $file .= ; +} + +# Remove the C and C++ comments from the file. +# If this regexp scares you, don't worry, it scares us too. +$file =~ s@/ # Both kinds of comment begin with a / + # First, process /* ... */ + ((\*[^*]*\*+ # 1: Identify /**, /***, /* foo *, etc. + ([^/*][^*]*\*+)* # 2: Match nothing, x*, x/*, x/y*, x*y* etc. + /) # 3: Look for the trailing /. If not present, back up + # through the matches from step 2 (x*y* becomes x*) + #### if we get here, we have /* ... */ + | # Or, it's // and we just need to match to the end of the line + (/.*?\n)) # 4. Slash, shortest possible run of characters ending in newline (\n) + @\n@xg; # => Replace match with a newline. + ### "x" modifier allows whitespace and comments in patterns + ### "g" modifier means "do this globally" + +$file =~ tr! \t\n! !s; # Convert newlines, tabs, and runs of spaces into single spaces + +foreach $prototype (split /;/, $file) # Break string apart at semicolons, pass each piece to our Convert routine { - chop($_); - $prototype = $_; - @splitup = split(/\s*\(\s*/, $prototype); - - # the return value type and the function name: - $temp = $splitup[0]; - $temp =~ s/\s*\*\s*/ \* /g; # add spaces around * - @funcAndArgs = split(/\s+/, $temp); - $functionName = $funcAndArgs[$#funcAndArgs]; - - # Is this function already in the Hash Table? - if(!exists($FUNCTIONS{$functionName})) - { - $FUNCTIONS{$functionName}{prototypeText} = $prototype; - pop @{funcAndArgs}; - $FUNCTIONS{$functionName}{returnType} = join(' ', @funcAndArgs); + Convert($prototype); +} + +exit (0); + +# ======================================== +# Subroutines follow +# ======================================== + +sub Convert() +{ + # Take our special C-style function prototypes and print out the + # appropriate glue code. + + my $prototype = shift; + my ($returnType, $functionName, $paramString); + my (@parameters, @types); + + return if ($prototype =~ /^\s*$/); # Ignore blank lines + # Use custom function to remove leading & trailing spaces & + # collapse runs of spaces. + $prototype = StripSpaces($prototype); + + # ==================== + # STAGE 1.1: Get the function name and return type. + # Do general syntax checking. + # ==================== + + # See if we have a legal prototype and begin parsing. A legal prototype has + # a return type (optional), function name, and parameter list. + unless ($prototype =~ /((\w+\*? )*(\w+\*?)) (\w+)\s*\((.*)\)$/) + { + die "Prototype \"$prototype;\" does not appear to be a legal prototype.\n"; + } + + # That unless had a nice side effect -- the parentheses in the regular expression + # stuffed the matching parts of the expression into variables $1, $2, and $3. + + ($returnType, $functionName) = ($1, $4); + # Kill 2 birds at a time -- get rid of leading & trailing spaces *and* get an + # empty string back if there are no parameters + $paramString = StripSpaces($5); + + # Insist on having an argument list in the prototype + unless ($paramString) + { + die("Prototype: \"$prototype;\" has no arguments.\n" . + "This is ambiguous between C and C++ (please specify " . + "either (int) or (void)).\n"); + } + + # Check for variable arguments by looking for + # "va_list " or "..." + if(($paramString =~ /va_list\s+\S+/) or # va_list + spaces + not-a-spaces + ($paramString =~ /\Q.../)) # \Q = "quote metacharacters" => \.\.\. + { + die("Prototype: \"$prototype;\" takes a variable " . + "number of arguments. Variable arguments are not " . + "supported by CFM Glue.\n"); + } + + # ==================== + # STAGE 1.2: Digest the parameter list. + # ==================== + + if ($paramString eq "void") + { + $parameters[0] = "void"; + $types[0] = "void"; + } + else + { + # The function has nonvoid arguments - # the arguments: - @splitup2 = split(/\s*\)\s*/, $splitup[1]); - @argsAndParams = split(/\s*,\s*/, $splitup2[0]); + # Add spaces around * and turn [#] into [#] with spaces around it + # for ease of parsing + $paramString =~ s/\s*\*\s*/ \* /g; + $paramString =~ s/\s*\[(\d*)\]\s*/ [$1] /g; + + # Extract the list elements + my @arguments = split /,\s*/, $paramString; - for($i = 0, $j = 1; $i <= $#argsAndParams; $i++, $j++) - { - $temp = $argsAndParams[$i]; - $temp =~ s/\s*\*\s*/ \* /g; # add spaces around * - $temp =~ s/\s*\[\]\s*/ \[\] /g; # add spaces around [] - - @elements = split(/\s+/, $temp); - - # Is there a parameter name in this argument? - $identifierCount = 0; - foreach $element (@elements) - { - if(!exists($RESERVEDWORDS{$element})) { - $identifierCount++; + # Make sure we don't have more than 13 arguments + if ($#arguments >= 13) + { + die "Prototype \"$prototype;\" has more than 13 arguments,\n". + "which the CFM68K glue will not support."; } - } - - if(($identifierCount > 2) or ($identifierCount < 1)) { - print("************** $argsAndParams ****************"); - die; - } - - if($identifierCount >= 2) { - $param = $elements[$#elements]; - pop(@elements); - if($param eq "[]") { - $param = $elements[$#elements]; - pop(@elements); - push(@elements, '*'); + + # We need to look at each argument and come out with two lists: a list + # of parameter names and a corresponding list of parameter types. For example: + # ( const int x, short y[], int ) + # needs to become two lists: + # @parameters = ("x", "y", "__param0") + # @elements = ("const int", "short *", int) + my $i = 0; # parameter counter + foreach my $argument (@arguments) + { + my @elements = split(' ', $argument); + + # A legal argument will have a name and/or a parameter type. + # It might _also_ have some C keywords + # We'll syntax check the argument by counting the number of things + # which are names and/or variable types + my $identifierCount = grep { !$RESERVEDWORDS{$_} && !/\[\d*\]/ } @elements; + + if ($identifierCount == 1) { + # We have a type without a name, so generate an arbitrary unique name + push @parameters, "__param" . $i; + } + elsif ($identifierCount == 2) { + # We have a type and a name. We'll assume the name is the last thing seen, + my $paramName = pop @elements; + # ...but have to make certain it's not a qualified array reference + if ($paramName =~ /\[\d*\]/) + { + # Whoops...the argument ended in a [], so extract the name and put back + # the array notation + my $temp = $paramName; + $paramName = pop @elements; + push @elements, $temp; + } + push @parameters, $paramName; + } + else # $identifierCount == 0 or $identifierCount > 2 + { + die("Prototype: \"$prototype;\" has an " . + "invalid number ($identifierCount)" . + " of non-reserved words in argument '$argument'.\n"); + } + + # Replace all "[]" with "*" to turn array references into pointers. + # "map" sets $_ to each array element in turn; modifying $_ modifies + # the corresponding value in the array. (s -- substutition -- works + # on $_ by default.) + map { s/\[\d*\]/*/ } @elements; + + push @types, join(' ', @elements); # Construct a type definition + + # Increment the argument counter: + $i++; } - $type = join(' ', @elements); - } else { - $type = $argsAndParams[$i]; - $param = "param" . $j; - } - $FUNCTIONS{$functionName}{typeList}[$i] = $type; - $FUNCTIONS{$functionName}{paramList}[$i] = $param; } - } -} -foreach $function (keys(%FUNCTIONS)) -{ - # the variables we will be playing with: - $name = $function; - $retType = $FUNCTIONS{$function}{returnType}; - $prototype = $FUNCTIONS{$function}{prototypeText}; - @args = @{ $FUNCTIONS{$function}{typeList} }; - @params = @{ $FUNCTIONS{$function}{paramList} }; - - - # Now Generate the ProcInfo Macro: - # -------------------------------- - print("/**** $name ****/\n"); - print("/* $prototype */\n\n"); - - print("enum {\n"); - print(" $name" . "_ProcInfo = kThinkCStackBased\n"); - if($retType ne "void") { - print(" | RESULT_SIZE(SIZE_CODE(sizeof($retType)))\n"); - } - for($i = 0, $j = 1; $i <= $#args; $i++, $j++) - { - $arg = $args[$i]; - print(" | STACK_ROUTINE_PARAMETER($j, SIZE_CODE(sizeof($arg)))\n"); - } - print("};\n\n"); - - # Now Generate the ProcPtr Typedef - # -------------------------------- - print("typedef "); - print("$retType "); - print("(*$name" . "_ProcPtrType)("); - - for($i = 0; $i<=$#args; $i++) { - $arg = $args[$i]; - print("$arg"); - if ($i ne $#args) { - print (", "); - } - } - print(");\n"); - - - # Now Generate the Static 68K Function Declaration: - # ------------------------------------------------- - print("$retType $name (\n"); - for($i = 0; $i <= $#args; $i++) - { - for($j = 0; $j <= length($retType); $j++) { - print(" "); + # ==================== + # STAGE 2: Print out the glue. + # ==================== + + # Generate the ProcInfo Macro: + # ---------------------------- + my $result = ""; # Will be inserted into the final macro + if ($returnType ne "void") { + $result = "\n | RESULT_SIZE(SIZE_CODE(sizeof($returnType)))"; } - print($args[$i] . ' ' . $params[$i]); - if($i >= $#args) { - print(")\n"); - } else { - print(",\n"); + + # Convert a list of parameter types into entries for the macro. + # All non-void parameters need to have a line in the final macro. + my @parameterMacros; + my $paramCount = -1; + @parameterMacros = map { $paramCount++; $_ eq "void" ? "" : + " | STACK_ROUTINE_PARAMETER(" . ($paramCount + 1) . ", SIZE_CODE(sizeof($_)))" } @types; + my $macroString = join "\n", @parameterMacros; + + print <= $#args) { - print(");\n"); - } else { - print(", "); + else + { + my @joinedList; + # Merge the parameter and type lists together + foreach my $i (0..$#types) + { + push @joinedList, ($types[$i] . ' ' . $parameters[$i]); + } + + # Build a list of parameters where each parameter is aligned vertically + # beneath the one above. + # "' ' x 5" is a Perl technique to get a string of 5 spaces + $fnArguments = join (",\n".(' ' x length($functionDec)), @joinedList); + } + + # Create a list of parameters to pass to the 68K function + my $fnParams = ""; + if($types[0] ne "void") { + $fnParams = join ", ", @parameters; } - } - - print("}\n\n\n"); + + # Do we have an explicit return statement? This depends on the return type + my $returnAction = " "; + $returnAction = "return " if ($returnType ne "void"); + + # The following code introduces a new Perl trick -- ${a} is the same as $a in a string + # (interpolate the value of variable $a); the brackets are used to seperate the variable + # name from the text immediately following the variable name so the Perl interpreter + # doesn't go looking for the wrong variable. + print < + +Boolean ComErrLibraryIsPresent () +{ + Ptr symAddr; + return (Find_Symbol (&symAddr, "\perror_message", error_message_ProcInfo)) == noErr; +} \ No newline at end of file diff --git a/src/mac/ComErrLib.glue.pre.cin b/src/mac/ComErrLib.glue.pre.cin new file mode 100644 index 000000000..e46153300 --- /dev/null +++ b/src/mac/ComErrLib.glue.pre.cin @@ -0,0 +1,5 @@ +/* Include prototypes for glue functions */ +#include + +/* Hardcode library fragment name here */ +#define kLibraryName "\pMIT KerberosÂ¥ComErrLib" diff --git a/src/mac/ComErrLib.glue.proto.h b/src/mac/ComErrLib.glue.proto.h new file mode 100644 index 000000000..a07998465 --- /dev/null +++ b/src/mac/ComErrLib.glue.proto.h @@ -0,0 +1,3 @@ +const char* error_message(errcode_t); +errcode_t add_error_table (const struct error_table *); +errcode_t remove_error_table(const struct error_table *); diff --git a/src/mac/GSS.CFM.c b/src/mac/GSS.CFM.c index 686ee20bf..a7c7c64ec 100644 --- a/src/mac/GSS.CFM.c +++ b/src/mac/GSS.CFM.c @@ -1,9 +1,19 @@ -/* - * Copyright (C) 1997 by the Massachusetts Institute of Technology - * All rights reserved. +/* Copyright 1998 by the Massachusetts Institute of Technology. * - * For copying and distribution information, please see the file - * COPYRIGHT. + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. */ @@ -12,6 +22,7 @@ #include "gssapi_err_generic.h" #include "gssapi_err_krb5.h" +#include "gssapi.h" OSErr __initializeGSS(CFragInitBlockPtr ibp); void __terminateGSS(void); @@ -34,6 +45,10 @@ OSErr __initializeGSS(CFragInitBlockPtr ibp) void __terminateGSS(void) { + + OM_uint32 maj_stat, min_stat; + + maj_stat = kg_release_defcred (&min_stat); remove_error_table(&et_k5g_error_table); remove_error_table(&et_ggss_error_table); diff --git a/src/mac/GSS.CFMglue.proto.h b/src/mac/GSS.CFMglue.proto.h index 232b79c41..5940797c1 100644 --- a/src/mac/GSS.CFMglue.proto.h +++ b/src/mac/GSS.CFMglue.proto.h @@ -1,10 +1,43 @@ -OM_uint32 gss_wrap(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, gss_buffer_t, int *, gss_buffer_t); -OM_uint32 gss_release_buffer(OM_uint32 *, gss_buffer_t); -OM_uint32 gss_unwrap(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int *, gss_qop_t *); -OM_uint32 gss_delete_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_buffer_t); -OM_uint32 gss_display_status(OM_uint32 *, OM_uint32, int, gss_OID, OM_uint32 *, gss_buffer_t); -OM_uint32 gss_init_sec_context(OM_uint32 *, gss_cred_id_t, gss_ctx_id_t *, gss_name_t, gss_OID, OM_uint32, OM_uint32, gss_channel_bindings_t, gss_buffer_t, gss_OID *, gss_buffer_t, OM_uint32 *, OM_uint32 *); -OM_uint32 gss_import_name(OM_uint32 *, gss_buffer_t, gss_OID, gss_name_t *); -OM_uint32 gss_release_name(OM_uint32 *, gss_name_t *); -OM_uint32 gss_wrap_size_limit(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, OM_uint32, OM_uint32 *); +OM_uint32 gss_acquire_cred(OM_uint32 *, gss_name_t, OM_uint32, gss_OID_set, gss_cred_usage_t, gss_cred_id_t *, gss_OID_set *, OM_uint32 * ); +OM_uint32 gss_release_cred(OM_uint32 *, gss_cred_id_t * ); +OM_uint32 gss_init_sec_context(OM_uint32 *, gss_cred_id_t, gss_ctx_id_t *, gss_name_t, gss_OID, OM_uint32, OM_uint32, gss_channel_bindings_t, gss_buffer_t, gss_OID *, gss_buffer_t, OM_uint32 *, OM_uint32 * ); +OM_uint32 gss_accept_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_cred_id_t, gss_buffer_t, gss_channel_bindings_t, gss_name_t *, gss_OID *, gss_buffer_t, OM_uint32 *, OM_uint32 *, gss_cred_id_t * ); +OM_uint32 gss_process_context_token(OM_uint32 *, gss_ctx_id_t, gss_buffer_t ); +OM_uint32 gss_delete_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_buffer_t ); +OM_uint32 gss_context_time(OM_uint32 *, gss_ctx_id_t, OM_uint32 * ); +OM_uint32 gss_get_mic(OM_uint32 *, gss_ctx_id_t, gss_qop_t, gss_buffer_t, gss_buffer_t ); +OM_uint32 gss_verify_mic(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, gss_qop_t * ); +OM_uint32 gss_wrap(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, gss_buffer_t, int *, gss_buffer_t ); +OM_uint32 gss_unwrap(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int *, gss_qop_t * ); +OM_uint32 gss_display_status(OM_uint32 *, OM_uint32, int, gss_OID, OM_uint32 *, gss_buffer_t ); +OM_uint32 gss_indicate_mechs(OM_uint32 *, gss_OID_set * ); +OM_uint32 gss_compare_name(OM_uint32 *, gss_name_t, gss_name_t, int * ); +OM_uint32 gss_display_name(OM_uint32 *, gss_name_t, gss_buffer_t, gss_OID * ); +OM_uint32 gss_import_name(OM_uint32 *, gss_buffer_t, gss_OID, gss_name_t * ); +OM_uint32 gss_release_name(OM_uint32 *, gss_name_t * ); +OM_uint32 gss_release_buffer(OM_uint32 *, gss_buffer_t ); +OM_uint32 gss_release_oid_set(OM_uint32 *, gss_OID_set * ); +OM_uint32 gss_inquire_cred(OM_uint32 *, gss_cred_id_t, gss_name_t *, OM_uint32 *, gss_cred_usage_t *, gss_OID_set * ); +OM_uint32 gss_inquire_context(OM_uint32 *, gss_ctx_id_t, gss_name_t *, gss_name_t *, OM_uint32 *, gss_OID *, OM_uint32 *, int *, int * ); +OM_uint32 gss_wrap_size_limit(OM_uint32 *, gss_ctx_id_t, int, gss_qop_t, OM_uint32, OM_uint32 * ); +OM_uint32 gss_import_name_object(OM_uint32 *, void *, gss_OID, gss_name_t * ); +OM_uint32 gss_export_name_object(OM_uint32 *, gss_name_t, gss_OID, void * * ); +OM_uint32 gss_add_cred(OM_uint32 *, gss_cred_id_t, gss_name_t, gss_OID, gss_cred_usage_t, OM_uint32, OM_uint32, gss_cred_id_t *, gss_OID_set *, OM_uint32 *, OM_uint32 * ); +OM_uint32 gss_inquire_cred_by_mech(OM_uint32 *, gss_cred_id_t, gss_OID, gss_name_t *, OM_uint32 *, OM_uint32 *, gss_cred_usage_t * ); +OM_uint32 gss_export_sec_context(OM_uint32 *, gss_ctx_id_t *, gss_buffer_t ); +OM_uint32 gss_import_sec_context(OM_uint32 *, gss_buffer_t, gss_ctx_id_t * ); +OM_uint32 gss_release_oid(OM_uint32 *, gss_OID * ); +OM_uint32 gss_create_empty_oid_set(OM_uint32 *, gss_OID_set * ); +OM_uint32 gss_add_oid_set_member(OM_uint32 *, gss_OID, gss_OID_set * ); +OM_uint32 gss_test_oid_set_member(OM_uint32 *, gss_OID, gss_OID_set, int * ); +OM_uint32 gss_str_to_oid(OM_uint32 *, gss_buffer_t, gss_OID * ); +OM_uint32 gss_oid_to_str(OM_uint32 *, gss_OID, gss_buffer_t ); +OM_uint32 gss_inquire_names_for_mech(OM_uint32 *, gss_OID, gss_OID_set * ); +OM_uint32 gss_sign(OM_uint32 *, gss_ctx_id_t, int, gss_buffer_t, gss_buffer_t ); +OM_uint32 gss_verify(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int * ); +OM_uint32 gss_seal(OM_uint32 *, gss_ctx_id_t, int, int, gss_buffer_t, int *, gss_buffer_t ); +OM_uint32 gss_unseal(OM_uint32 *, gss_ctx_id_t, gss_buffer_t, gss_buffer_t, int *, int * ); +OM_uint32 gss_export_name(OM_uint32 *, const gss_name_t, gss_buffer_t ); +OM_uint32 gss_duplicate_name(OM_uint32 *, const gss_name_t, gss_name_t * ); +OM_uint32 gss_canonicalize_name(OM_uint32 *, const gss_name_t, const gss_OID, gss_name_t * ); OM_uint32 gss_krb5_ccache_name(OM_uint32 *minor_status, const char *name, const char **out_name); diff --git a/src/mac/GSSLib ReadMe b/src/mac/GSSLib ReadMe new file mode 100644 index 000000000..1f92f5529 --- /dev/null +++ b/src/mac/GSSLib ReadMe @@ -0,0 +1,4 @@ +GSSLib implements the Generic Security Services API. The APi is documented in +RFC 2078, which you can find at . + +The mechanism used by this implementation is Kerberos v5. diff --git a/src/mac/GSSLibrary.exp b/src/mac/GSSLibrary.exp index feeec20f7..8adbf9f88 100644 --- a/src/mac/GSSLibrary.exp +++ b/src/mac/GSSLibrary.exp @@ -59,13 +59,6 @@ gss_export_name gss_duplicate_name # -# GSS-API variables -# - gss_nt_user_name - gss_nt_machine_uid_name - gss_nt_string_uid_name - gss_nt_service_name -# # krb5-specific CCache name stuff # gss_krb5_ccache_name diff --git a/src/mac/K5.CFM.c b/src/mac/K5.CFM.c index e838e4c0f..57d1fbb26 100644 --- a/src/mac/K5.CFM.c +++ b/src/mac/K5.CFM.c @@ -1,9 +1,19 @@ -/* - * Copyright (C) 1997 by the Massachusetts Institute of Technology - * All rights reserved. +/* Copyright 1998 by the Massachusetts Institute of Technology. * - * For copying and distribution information, please see the file - * COPYRIGHT. + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. */ @@ -42,6 +52,8 @@ OSErr __initializeK5(CFragInitBlockPtr ibp) void __terminateK5(void) { + + krb5_stdcc_shutdown(); remove_error_table(&et_krb5_error_table); remove_error_table(&et_kv5m_error_table); diff --git a/src/mac/K5.CFMglue.cin b/src/mac/K5.CFMglue.cin index 633eeb341..f0fe80e4c 100644 --- a/src/mac/K5.CFMglue.cin +++ b/src/mac/K5.CFMglue.cin @@ -1,6 +1,5 @@ /* Include prototypes for glue functions */ #include -#include /* Hardcode library fragment name here */ -#define kLibraryName "\pK5Library" +#define kLibraryName "\pMIT KerberosÂ¥Kerberos5Lib" diff --git a/src/mac/K5.CFMglue.proto.h b/src/mac/K5.CFMglue.proto.h index 65a04414d..ddf86adf5 100644 --- a/src/mac/K5.CFMglue.proto.h +++ b/src/mac/K5.CFMglue.proto.h @@ -1,27 +1,249 @@ -krb5_error_code krb5_init_context(krb5_context *); -void krb5_free_context(krb5_context); -krb5_error_code krb5_get_credentials(krb5_context, const krb5_flags, krb5_ccache, krb5_creds *, krb5_creds **); -krb5_error_code krb5_mk_req_extended(krb5_context, krb5_auth_context *, const krb5_flags, krb5_data *, krb5_creds *, krb5_data * ); -krb5_error_code krb5_rd_rep(krb5_context, krb5_auth_context, const krb5_data *, krb5_ap_rep_enc_part **); -krb5_error_code krb5_copy_keyblock(krb5_context, const krb5_keyblock *, krb5_keyblock **); -void krb5_init_ets(krb5_context); -krb5_error_code krb5_cc_default(krb5_context, krb5_ccache *); -void krb5_free_principal(krb5_context, krb5_principal ); -void krb5_free_creds(krb5_context, krb5_creds *); -void krb5_free_cred_contents(krb5_context, krb5_creds *); -void krb5_free_keyblock(krb5_context, krb5_keyblock *); -void krb5_free_ap_rep_enc_part(krb5_context, krb5_ap_rep_enc_part *); -krb5_error_code krb5_sname_to_principal(krb5_context, const char *, const char *, krb5_int32, krb5_principal *); -krb5_error_code krb5_fwd_tgt_creds(krb5_context, krb5_auth_context, char *, krb5_principal, krb5_principal, krb5_ccache, int forwardable, krb5_data *); -krb5_error_code krb5_auth_con_init(krb5_context, krb5_auth_context *); -krb5_error_code krb5_auth_con_free(krb5_context, krb5_auth_context); -krb5_error_code krb5_auth_con_setflags(krb5_context, krb5_auth_context, krb5_int32); -krb5_error_code krb5_auth_con_setaddrs(krb5_context, krb5_auth_context, krb5_address *, krb5_address *); -krb5_error_code krb5_auth_con_setports(krb5_context, krb5_auth_context, krb5_address *, krb5_address *); -krb5_error_code krb5_auth_con_getlocalsubkey(krb5_context, krb5_auth_context, krb5_keyblock **); -krb5_error_code krb5_auth_con_genaddrs(krb5_context, krb5_auth_context, int, int); -int mit_des_ecb_encrypt(const mit_des_cblock *, mit_des_cblock *, mit_des_key_schedule , int ); -krb5_error_code mit_des_init_random_key( const krb5_encrypt_block *, const krb5_keyblock *, krb5_pointer *); -int mit_des_key_sched(mit_des_cblock , mit_des_key_schedule ); -krb5_error_code mit_des_random_key( const krb5_encrypt_block *, krb5_pointer , krb5_keyblock * *); -void com_err_va(const char *whoami, errcode_t code, const char *fmt, va_list ap)); +krb5_error_code krb5_c_encrypt (krb5_context context, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*ivec, const krb5_data*input, krb5_enc_data*output); +krb5_error_code krb5_c_decrypt (krb5_context context, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*ivec, const krb5_enc_data*input, krb5_data*output); +krb5_error_code krb5_c_encrypt_length (krb5_context context, krb5_enctype enctype, size_t inputlen, size_t*length); +krb5_error_code krb5_c_block_size (krb5_context context, krb5_enctype enctype, size_t*blocksize); +krb5_error_code krb5_c_make_random_key (krb5_context context, krb5_enctype enctype, krb5_keyblock*random_key); +krb5_error_code krb5_c_random_make_octets (krb5_context context, krb5_data*data); +krb5_error_code krb5_c_random_seed (krb5_context context, krb5_data*data); +krb5_error_code krb5_c_string_to_key (krb5_context context, krb5_enctype enctype, const krb5_data*string, const krb5_data*salt, krb5_keyblock*key); +krb5_error_code krb5_c_enctype_compare (krb5_context context, krb5_enctype e1, krb5_enctype e2, krb5_boolean*similar); +krb5_error_code krb5_c_make_checksum (krb5_context context, krb5_cksumtype cksumtype, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*input, krb5_checksum*cksum); +krb5_error_code krb5_c_verify_checksum (krb5_context context, const krb5_keyblock*key, krb5_keyusage usage, const krb5_data*data, const krb5_checksum*cksum, krb5_boolean*valid); +krb5_error_code krb5_c_checksum_length (krb5_context context, krb5_cksumtype cksumtype, size_t*length); +krb5_error_code krb5_c_keyed_checksum_types (krb5_context context, krb5_enctype enctype, unsigned int*count, krb5_cksumtype**cksumtypes); +krb5_boolean valid_enctype (const krb5_enctype ktype); +krb5_boolean valid_cksumtype (const krb5_cksumtype ctype); +krb5_boolean is_coll_proof_cksum (const krb5_cksumtype ctype); +krb5_boolean is_keyed_cksum (const krb5_cksumtype ctype); +krb5_error_code krb5_encrypt (krb5_context context, const krb5_pointer inptr, krb5_pointer outptr, const size_t size, krb5_encrypt_block* eblock, krb5_pointer ivec); +krb5_error_code krb5_decrypt (krb5_context context, const krb5_pointer inptr, krb5_pointer outptr, const size_t size, krb5_encrypt_block* eblock, krb5_pointer ivec); +krb5_error_code krb5_process_key (krb5_context context, krb5_encrypt_block* eblock, const krb5_keyblock* key); +krb5_error_code krb5_finish_key (krb5_context context, krb5_encrypt_block* eblock); +krb5_error_code krb5_string_to_key (krb5_context context, const krb5_encrypt_block* eblock, krb5_keyblock* keyblock, const krb5_data* data, const krb5_data* salt); +krb5_error_code krb5_init_random_key (krb5_context context, const krb5_encrypt_block* eblock, const krb5_keyblock* keyblock, krb5_pointer* ptr); +krb5_error_code krb5_finish_random_key (krb5_context context, const krb5_encrypt_block* eblock, krb5_pointer* ptr); +krb5_error_code krb5_random_key (krb5_context context, const krb5_encrypt_block* eblock, krb5_pointer ptr, krb5_keyblock** keyblock); +krb5_enctype krb5_eblock_enctype (krb5_context context, const krb5_encrypt_block* eblock); +krb5_error_code krb5_use_enctype (krb5_context context, krb5_encrypt_block* eblock, const krb5_enctype enctype); +size_t krb5_encrypt_size (const size_t length, krb5_enctype crypto); +size_t krb5_checksum_size (krb5_context context, const krb5_cksumtype ctype); +krb5_error_code krb5_calculate_checksum (krb5_context context, const krb5_cksumtype ctype, const krb5_pointer in, const size_t in_length, const krb5_pointer seed, const size_t seed_length, krb5_checksum* outcksum); +krb5_error_code krb5_verify_checksum (krb5_context context, const krb5_cksumtype ctype, const krb5_checksum* cksum, const krb5_pointer in, const size_t in_length, const krb5_pointer seed, const size_t seed_length); +krb5_error_code krb5_random_confounder (size_t, krb5_pointer); +krb5_error_code krb5_encrypt_data (krb5_context context, krb5_keyblock*key, krb5_pointer ivec, krb5_data*data, krb5_enc_data*enc_data); +krb5_error_code krb5_decrypt_data (krb5_context context, krb5_keyblock*key, krb5_pointer ivec, krb5_enc_data*data, krb5_data*enc_data); +krb5_error_code krb5_rc_default (krb5_context, krb5_rcache*); +krb5_error_code krb5_rc_register_type (krb5_context, krb5_rc_ops*); +krb5_error_code krb5_rc_resolve_type (krb5_context, krb5_rcache*,char*); +krb5_error_code krb5_rc_resolve_full (krb5_context, krb5_rcache*,char*); +char* krb5_rc_get_type (krb5_context, krb5_rcache); +char* krb5_rc_default_type (krb5_context); +char* krb5_rc_default_name (krb5_context); +krb5_error_code krb5_auth_to_rep (krb5_context, krb5_tkt_authent*, krb5_donot_replay*); +krb5_error_code krb5_init_context (krb5_context*); +void krb5_free_context (krb5_context); +krb5_error_code krb5_set_default_in_tkt_ktypes (krb5_context, const krb5_enctype*); +krb5_error_code krb5_get_default_in_tkt_ktypes (krb5_context, krb5_enctype**); +krb5_error_code krb5_set_default_tgs_ktypes (krb5_context, const krb5_enctype*); +krb5_error_code krb5_get_tgs_ktypes (krb5_context, krb5_const_principal, krb5_enctype**); +krb5_error_code krb5_get_permitted_enctypes (krb5_context, krb5_enctype**); +krb5_boolean krb5_is_permitted_enctype (krb5_context, krb5_enctype); +krb5_error_code krb5_kdc_rep_decrypt_proc (krb5_context, const krb5_keyblock*, krb5_const_pointer, krb5_kdc_rep* ); +krb5_error_code krb5_decrypt_tkt_part (krb5_context, const krb5_keyblock*, krb5_ticket* ); +krb5_error_code krb5_get_cred_from_kdc (krb5_context, krb5_ccache, krb5_creds*, krb5_creds**, krb5_creds*** ); +krb5_error_code krb5_get_cred_from_kdc_validate (krb5_context, krb5_ccache, krb5_creds*, krb5_creds**, krb5_creds***); +krb5_error_code krb5_get_cred_from_kdc_renew (krb5_context, krb5_ccache, krb5_creds*, krb5_creds**, krb5_creds***); +void krb5_free_tgt_creds (krb5_context, krb5_creds**); +krb5_error_code krb5_get_credentials (krb5_context, const krb5_flags, krb5_ccache, krb5_creds*, krb5_creds**); +krb5_error_code krb5_get_credentials_validate (krb5_context, const krb5_flags, krb5_ccache, krb5_creds*, krb5_creds**); +krb5_error_code krb5_get_credentials_renew (krb5_context, const krb5_flags, krb5_ccache, krb5_creds*, krb5_creds**); +krb5_error_code krb5_get_cred_via_tkt (krb5_context, krb5_creds*, const krb5_flags, krb5_address* const*, krb5_creds*, krb5_creds**); +krb5_error_code krb5_mk_req (krb5_context, krb5_auth_context*, const krb5_flags, char*, char*, krb5_data*, krb5_ccache, krb5_data*); +krb5_error_code krb5_mk_req_extended (krb5_context, krb5_auth_context*, const krb5_flags, krb5_data*, krb5_creds*, krb5_data*); +krb5_error_code krb5_mk_rep (krb5_context, krb5_auth_context, krb5_data*); +krb5_error_code krb5_rd_rep (krb5_context, krb5_auth_context, const krb5_data*, krb5_ap_rep_enc_part**); +krb5_error_code krb5_mk_error (krb5_context, const krb5_error*, krb5_data*); +krb5_error_code krb5_rd_error (krb5_context, const krb5_data*, krb5_error**); +krb5_error_code krb5_rd_safe (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_rd_priv (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_parse_name (krb5_context, const char*, krb5_principal*); +krb5_error_code krb5_unparse_name (krb5_context, krb5_const_principal, char**); +krb5_error_code krb5_unparse_name_ext (krb5_context, krb5_const_principal, char**, int*); +krb5_error_code krb5_set_principal_realm (krb5_context, krb5_principal, const char*); +krb5_boolean krb5_address_search (krb5_context, const krb5_address*, krb5_address* const*); +krb5_boolean krb5_address_compare (krb5_context, const krb5_address*, const krb5_address*); +int krb5_address_order (krb5_context, const krb5_address*, const krb5_address*); +krb5_boolean krb5_realm_compare (krb5_context, krb5_const_principal, krb5_const_principal); +krb5_boolean krb5_principal_compare (krb5_context, krb5_const_principal, krb5_const_principal); +krb5_error_code krb5_copy_keyblock (krb5_context, const krb5_keyblock*, krb5_keyblock**); +krb5_error_code krb5_copy_keyblock_contents (krb5_context, const krb5_keyblock*, krb5_keyblock*); +krb5_error_code krb5_copy_creds (krb5_context, const krb5_creds*, krb5_creds**); +krb5_error_code krb5_copy_data (krb5_context, const krb5_data*, krb5_data**); +krb5_error_code krb5_copy_principal (krb5_context, krb5_const_principal, krb5_principal*); +krb5_error_code krb5_copy_addr (krb5_context, const krb5_address*, krb5_address**); +krb5_error_code krb5_copy_addresses (krb5_context, krb5_address* const*, krb5_address***); +krb5_error_code krb5_copy_ticket (krb5_context, const krb5_ticket*, krb5_ticket**); +krb5_error_code krb5_copy_authdata (krb5_context, krb5_authdata* const*, krb5_authdata***); +krb5_error_code krb5_copy_authenticator (krb5_context, const krb5_authenticator*, krb5_authenticator**); +krb5_error_code krb5_copy_checksum (krb5_context, const krb5_checksum*, krb5_checksum**); +void krb5_init_ets (krb5_context); +void krb5_free_ets (krb5_context); +krb5_error_code krb5_generate_subkey (krb5_context, const krb5_keyblock*, krb5_keyblock**); +krb5_error_code krb5_generate_seq_number (krb5_context, const krb5_keyblock*, krb5_int32*); +krb5_error_code krb5_get_server_rcache (krb5_context, const krb5_data*, krb5_rcache*); +krb5_error_code krb5_build_principal_va (krb5_context, krb5_principal, int, const char*, va_list); +krb5_error_code krb5_425_conv_principal (krb5_context, const char*name, const char*instance, const char*realm, krb5_principal*princ); +krb5_error_code krb5_524_conv_principal (krb5_context context, const krb5_principal princ, char*name, char*inst, char*realm); +krb5_error_code krb5_mk_chpw_req (krb5_context context, krb5_auth_context auth_context, krb5_data*ap_req, char*passwd, krb5_data*packet); +krb5_error_code krb5_rd_chpw_rep (krb5_context context, krb5_auth_context auth_context, krb5_data*packet, int*result_code, krb5_data*result_data); +krb5_error_code krb5_chpw_result_code_string (krb5_context context, int result_code, char**result_codestr); +krb5_error_code krb5_kt_register (krb5_context, krb5_kt_ops*); +krb5_error_code krb5_kt_resolve (krb5_context, const char*, krb5_keytab*); +krb5_error_code krb5_kt_default_name (krb5_context, char*, int); +krb5_error_code krb5_kt_default (krb5_context, krb5_keytab*); +krb5_error_code krb5_kt_free_entry (krb5_context, krb5_keytab_entry*); +krb5_error_code krb5_kt_remove_entry (krb5_context, krb5_keytab, krb5_keytab_entry*); +krb5_error_code krb5_kt_add_entry (krb5_context, krb5_keytab, krb5_keytab_entry*); +krb5_error_code krb5_principal2salt (krb5_context, krb5_const_principal, krb5_data*); +krb5_error_code krb5_principal2salt_norealm (krb5_context, krb5_const_principal, krb5_data*); +krb5_error_code krb5_cc_resolve (krb5_context, const char*, krb5_ccache*); +const char* krb5_cc_default_name (krb5_context); +krb5_error_code krb5_cc_set_default_name (krb5_context, const char*); +krb5_error_code krb5_cc_default (krb5_context, krb5_ccache*); +unsigned int krb5_get_notification_message (void); +krb5_error_code krb5_cc_copy_creds (krb5_context context, krb5_ccache incc, krb5_ccache outcc); +krb5_error_code krb5_check_transited_list (krb5_context, krb5_data*trans, krb5_data*realm1, krb5_data*realm2); +void krb5_free_realm_tree (krb5_context, krb5_principal*); +void krb5_free_principal (krb5_context, krb5_principal); +void krb5_free_authenticator (krb5_context, krb5_authenticator*); +void krb5_free_authenticator_contents (krb5_context, krb5_authenticator*); +void krb5_free_addresses (krb5_context, krb5_address**); +void krb5_free_address (krb5_context, krb5_address*); +void krb5_free_authdata (krb5_context, krb5_authdata**); +void krb5_free_enc_tkt_part (krb5_context, krb5_enc_tkt_part*); +void krb5_free_ticket (krb5_context, krb5_ticket*); +void krb5_free_tickets (krb5_context, krb5_ticket**); +void krb5_free_kdc_req (krb5_context, krb5_kdc_req*); +void krb5_free_kdc_rep (krb5_context, krb5_kdc_rep*); +void krb5_free_last_req (krb5_context, krb5_last_req_entry**); +void krb5_free_enc_kdc_rep_part (krb5_context, krb5_enc_kdc_rep_part*); +void krb5_free_error (krb5_context, krb5_error*); +void krb5_free_ap_req (krb5_context, krb5_ap_req*); +void krb5_free_ap_rep (krb5_context, krb5_ap_rep*); +void krb5_free_safe (krb5_context, krb5_safe*); +void krb5_free_priv (krb5_context, krb5_priv*); +void krb5_free_priv_enc_part (krb5_context, krb5_priv_enc_part*); +void krb5_free_cred (krb5_context, krb5_cred*); +void krb5_free_creds (krb5_context, krb5_creds*); +void krb5_free_cred_contents (krb5_context, krb5_creds*); +void krb5_free_cred_enc_part (krb5_context, krb5_cred_enc_part*); +void krb5_free_checksum (krb5_context, krb5_checksum*); +void krb5_free_checksum_contents (krb5_context, krb5_checksum*); +void krb5_free_keyblock (krb5_context, krb5_keyblock*); +void krb5_free_keyblock_contents (krb5_context, krb5_keyblock*); +void krb5_free_pa_data (krb5_context, krb5_pa_data**); +void krb5_free_ap_rep_enc_part (krb5_context, krb5_ap_rep_enc_part*); +void krb5_free_tkt_authent (krb5_context, krb5_tkt_authent*); +void krb5_free_pwd_data (krb5_context, krb5_pwd_data*); +void krb5_free_pwd_sequences (krb5_context, passwd_phrase_element**); +void krb5_free_data (krb5_context, krb5_data*); +void krb5_free_data_contents (krb5_context, krb5_data*); +void krb5_free_unparsed_name (krb5_context, char*); +void krb5_free_cksumtypes (krb5_context, krb5_cksumtype*); +krb5_error_code krb5_us_timeofday (krb5_context, krb5_int32*, krb5_int32*); +krb5_error_code krb5_timeofday (krb5_context, krb5_int32*); +krb5_error_code krb5_os_localaddr (krb5_context, krb5_address***); +krb5_error_code krb5_get_default_realm (krb5_context, char**); +krb5_error_code krb5_set_default_realm (krb5_context, const char*); +krb5_error_code krb5_sname_to_principal (krb5_context, const char*, const char*, krb5_int32, krb5_principal*); +krb5_error_code krb5_change_password (krb5_context context, krb5_creds*creds, char*newpw, int*result_code, krb5_data*result_code_string, krb5_data*result_string); +krb5_error_code krb5_get_profile (krb5_context, profile_t*); +krb5_error_code krb5_secure_config_files (krb5_context); +krb5_error_code krb5_send_tgs (krb5_context, const krb5_flags, const krb5_ticket_times*, const krb5_enctype*, krb5_const_principal, krb5_address* const*, krb5_authdata* const*, krb5_pa_data* const*, const krb5_data*, krb5_creds*, krb5_response*); +krb5_error_code krb5_get_in_tkt_with_password (krb5_context, const krb5_flags, krb5_address* const*, krb5_enctype*, krb5_preauthtype*, const char*, krb5_ccache, krb5_creds*, krb5_kdc_rep**); +krb5_error_code krb5_get_in_tkt_with_skey (krb5_context, const krb5_flags, krb5_address* const*, krb5_enctype*, krb5_preauthtype*, const krb5_keyblock*, krb5_ccache, krb5_creds*, krb5_kdc_rep**); +krb5_error_code krb5_get_in_tkt_with_keytab (krb5_context, const krb5_flags, krb5_address* const*, krb5_enctype*, krb5_preauthtype*, const krb5_keytab, krb5_ccache, krb5_creds*, krb5_kdc_rep**); +krb5_error_code krb5_decode_kdc_rep (krb5_context, krb5_data*, const krb5_keyblock*, krb5_kdc_rep**); +krb5_error_code krb5_rd_req (krb5_context, krb5_auth_context*, const krb5_data*, krb5_const_principal, krb5_keytab, krb5_flags*, krb5_ticket**); +krb5_error_code krb5_rd_req_decoded (krb5_context, krb5_auth_context*, const krb5_ap_req*, krb5_const_principal, krb5_keytab, krb5_flags*, krb5_ticket**); +krb5_error_code krb5_rd_req_decoded_anyflag (krb5_context, krb5_auth_context*, const krb5_ap_req*, krb5_const_principal, krb5_keytab, krb5_flags*, krb5_ticket**); +krb5_error_code krb5_kt_read_service_key (krb5_context, krb5_pointer, krb5_principal, krb5_kvno, krb5_enctype, krb5_keyblock**); +krb5_error_code krb5_mk_safe (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_mk_priv (krb5_context, krb5_auth_context, const krb5_data*, krb5_data*, krb5_replay_data*); +krb5_error_code krb5_cc_register (krb5_context, krb5_cc_ops*, krb5_boolean); +krb5_error_code krb5_sendauth (krb5_context, krb5_auth_context*, krb5_pointer, char*, krb5_principal, krb5_principal, krb5_flags, krb5_data*, krb5_creds*, krb5_ccache, krb5_error**, krb5_ap_rep_enc_part**, krb5_creds**); +krb5_error_code krb5_recvauth (krb5_context, krb5_auth_context*, krb5_pointer, char*, krb5_principal, krb5_int32, krb5_keytab, krb5_ticket**); +krb5_error_code krb5_walk_realm_tree (krb5_context, const krb5_data*, const krb5_data*, krb5_principal**, int); +krb5_error_code krb5_mk_ncred (krb5_context, krb5_auth_context, krb5_creds**, krb5_data**, krb5_replay_data*); +krb5_error_code krb5_mk_1cred (krb5_context, krb5_auth_context, krb5_creds*, krb5_data**, krb5_replay_data*); +krb5_error_code krb5_rd_cred (krb5_context, krb5_auth_context, krb5_data*, krb5_creds***, krb5_replay_data*); +krb5_error_code krb5_fwd_tgt_creds (krb5_context, krb5_auth_context, char*, krb5_principal, krb5_principal, krb5_ccache, int forwardable, krb5_data*); +krb5_error_code krb5_auth_con_init (krb5_context, krb5_auth_context*); +krb5_error_code krb5_auth_con_free (krb5_context, krb5_auth_context); +krb5_error_code krb5_auth_con_setflags (krb5_context, krb5_auth_context, krb5_int32); +krb5_error_code krb5_auth_con_getflags (krb5_context, krb5_auth_context, krb5_int32*); +krb5_error_code krb5_auth_con_setaddrs (krb5_context, krb5_auth_context, krb5_address*, krb5_address*); +krb5_error_code krb5_auth_con_getaddrs (krb5_context, krb5_auth_context, krb5_address**, krb5_address**); +krb5_error_code krb5_auth_con_setports (krb5_context, krb5_auth_context, krb5_address*, krb5_address*); +krb5_error_code krb5_auth_con_setuseruserkey (krb5_context, krb5_auth_context, krb5_keyblock*); +krb5_error_code krb5_auth_con_getkey (krb5_context, krb5_auth_context, krb5_keyblock**); +krb5_error_code krb5_auth_con_getlocalsubkey (krb5_context, krb5_auth_context, krb5_keyblock**); +krb5_error_code krb5_auth_con_set_req_cksumtype (krb5_context, krb5_auth_context, krb5_cksumtype); +krb5_error_code krb5_auth_con_set_safe_cksumtype (krb5_context, krb5_auth_context, krb5_cksumtype); +krb5_error_code krb5_auth_con_getcksumtype (krb5_context, krb5_auth_context, krb5_cksumtype*); +krb5_error_code krb5_auth_con_getlocalseqnumber (krb5_context, krb5_auth_context, krb5_int32*); +krb5_error_code krb5_auth_con_getremoteseqnumber (krb5_context, krb5_auth_context, krb5_int32*); +krb5_error_code krb5_auth_con_initivector (krb5_context, krb5_auth_context); +krb5_error_code krb5_auth_con_setivector (krb5_context, krb5_auth_context, krb5_pointer); +krb5_error_code krb5_auth_con_getivector (krb5_context, krb5_auth_context, krb5_pointer*); +krb5_error_code krb5_auth_con_setrcache (krb5_context, krb5_auth_context, krb5_rcache); +krb5_error_code krb5_auth_con_getrcache (krb5_context, krb5_auth_context, krb5_rcache*); +krb5_error_code krb5_auth_con_getauthenticator (krb5_context, krb5_auth_context, krb5_authenticator**); +krb5_error_code krb5_auth_con_getremotesubkey (krb5_context, krb5_auth_context, krb5_keyblock**); +krb5_error_code krb5_read_password (krb5_context, const char*, const char*, char*, int*); +krb5_error_code krb5_aname_to_localname (krb5_context, krb5_const_principal, const int, char*); +krb5_error_code krb5_get_host_realm (krb5_context, const char*, char***); +krb5_error_code krb5_free_host_realm (krb5_context, char* const*); +krb5_error_code krb5_get_realm_domain (krb5_context, const char*, char**); +krb5_boolean krb5_kuserok (krb5_context, krb5_principal, const char*); +krb5_error_code krb5_auth_con_genaddrs (krb5_context, krb5_auth_context, int, int); +krb5_error_code krb5_gen_portaddr (krb5_context, const krb5_address*, krb5_const_pointer, krb5_address**); +krb5_error_code krb5_make_fulladdr (krb5_context, krb5_address*, krb5_address*, krb5_address*); +krb5_error_code krb5_os_hostaddr (krb5_context, const char*, krb5_address***); +krb5_error_code krb5_set_real_time (krb5_context, krb5_int32, krb5_int32); +krb5_error_code krb5_set_debugging_time (krb5_context, krb5_int32, krb5_int32); +krb5_error_code krb5_use_natural_time (krb5_context); +krb5_error_code krb5_get_time_offsets (krb5_context, krb5_int32*, krb5_int32*); +krb5_error_code krb5_set_time_offsets (krb5_context, krb5_int32, krb5_int32); +krb5_error_code krb5_string_to_enctype (char*, krb5_enctype*); +krb5_error_code krb5_string_to_salttype (char*, krb5_int32*); +krb5_error_code krb5_string_to_cksumtype (char*, krb5_cksumtype*); +krb5_error_code krb5_string_to_timestamp (char*, krb5_timestamp*); +krb5_error_code krb5_string_to_deltat (char*, krb5_deltat*); +krb5_error_code krb5_enctype_to_string (krb5_enctype, char*, size_t); +krb5_error_code krb5_salttype_to_string (krb5_int32, char*, size_t); +krb5_error_code krb5_cksumtype_to_string (krb5_cksumtype, char*, size_t); +krb5_error_code krb5_timestamp_to_string (krb5_timestamp, char*, size_t); +krb5_error_code krb5_timestamp_to_sfstring (krb5_timestamp, char*, size_t, char*); +krb5_error_code krb5_deltat_to_string (krb5_deltat, char*, size_t); +krb5_error_code krb5_prompter_posix (krb5_context context, void*data, const char*name, const char*banner, int num_prompts, krb5_prompt prompts[]); +void krb5_get_init_creds_opt_init (krb5_get_init_creds_opt*opt); +void krb5_get_init_creds_opt_set_tkt_life (krb5_get_init_creds_opt*opt, krb5_deltat tkt_life); +void krb5_get_init_creds_opt_set_renew_life (krb5_get_init_creds_opt*opt, krb5_deltat renew_life); +void krb5_get_init_creds_opt_set_forwardable (krb5_get_init_creds_opt*opt, int forwardable); +void krb5_get_init_creds_opt_set_proxiable (krb5_get_init_creds_opt*opt, int proxiable); +void krb5_get_init_creds_opt_set_etype_list (krb5_get_init_creds_opt*opt, krb5_enctype*etype_list, int etype_list_length); +void krb5_get_init_creds_opt_set_address_list (krb5_get_init_creds_opt*opt, krb5_address**addresses); +void krb5_get_init_creds_opt_set_preauth_list (krb5_get_init_creds_opt*opt, krb5_preauthtype*preauth_list, int preauth_list_length); +void krb5_get_init_creds_opt_set_salt (krb5_get_init_creds_opt*opt, krb5_data*salt); +krb5_error_code krb5_get_init_creds_password (krb5_context context, krb5_creds*creds, krb5_principal client, char*password, krb5_prompter_fct prompter, void*data, krb5_deltat start_time, char*in_tkt_service, krb5_get_init_creds_opt*options); +krb5_error_code krb5_get_init_creds_keytab (krb5_context context, krb5_creds*creds, krb5_principal client, krb5_keytab arg_keytab, krb5_deltat start_time, char*in_tkt_service, krb5_get_init_creds_opt*options); +void krb5_verify_init_creds_opt_init (krb5_verify_init_creds_opt*options); +void krb5_verify_init_creds_opt_set_ap_req_nofail (krb5_verify_init_creds_opt*options, int ap_req_nofail); +krb5_error_code krb5_verify_init_creds (krb5_context context, krb5_creds*creds, krb5_principal ap_req_server, krb5_keytab ap_req_keytab, krb5_ccache*ccache, krb5_verify_init_creds_opt*options); +krb5_error_code krb5_get_validated_creds (krb5_context context, krb5_creds*creds, krb5_principal client, krb5_ccache ccache, char*in_tkt_service); +krb5_error_code krb5_get_renewed_creds (krb5_context context, krb5_creds*creds, krb5_principal client, krb5_ccache ccache, char*in_tkt_service); +krb5_error_code krb5_realm_iterator_create (krb5_context context, void**iter_p); +krb5_error_code krb5_realm_iterator (krb5_context context, void**iter_p, char**ret_realm); +void krb5_realm_iterator_free (krb5_context context, void**iter_p); +void krb5_free_realm_string (krb5_context context, char*str); diff --git a/src/mac/K5Library.exp b/src/mac/K5Library.exp index f81e27c39..9d7ace976 100644 --- a/src/mac/K5Library.exp +++ b/src/mac/K5Library.exp @@ -206,7 +206,6 @@ #Temporary exports (DO NOT USE) decode_krb5_ticket -# profile_get_values krb5_random_confounder krb5_size_opaque krb5_internalize_opaque @@ -222,9 +221,3 @@ krb5_ser_rcache_init decode_krb5_ap_req krb5_mcc_ops - -#com_err -- we should really have this in a separate lib! -# add_error_table -# remove_error_table - error_message - \ No newline at end of file diff --git a/src/mac/KerberosProfileLib ReadMe b/src/mac/KerberosProfileLib ReadMe new file mode 100644 index 000000000..96fea1158 --- /dev/null +++ b/src/mac/KerberosProfileLib ReadMe @@ -0,0 +1,11 @@ +KerberosProfileLib implements the Kerberos 5 profile API, used for reading and writing +Kerberos configuration files. See profile.h for API documentation. + +Note that you should rarely, if ever, use profile_init or profile_init_path. You +probably mean to use krb5_get_profile, to avoid making your code depend on the +location of a specific Kerberos 5 preferences file. This is especially important +as the name and possibly the location of Kerberos configuration file is going to +change in the future. + +Also note that you need both Kerberos5Lib:Headers: and KerberosProfileLib:Headers: +in your include path to use profile.h \ No newline at end of file diff --git a/src/mac/KrbProfileLib.glue.h b/src/mac/KrbProfileLib.glue.h new file mode 100644 index 000000000..05748eea5 --- /dev/null +++ b/src/mac/KrbProfileLib.glue.h @@ -0,0 +1,6 @@ +#ifndef _KERBEROSPROFILE_CFMGLUE_H_ +#define _KERBEROSPROFILE_CFMGLUE_H_ + +Boolean KerberosProfileLibraryIsPresent (); + +#endif /* _KERBEROSPROFILE_CFMGLUE_H_ */ \ No newline at end of file diff --git a/src/mac/KrbProfileLib.glue.post.cin b/src/mac/KrbProfileLib.glue.post.cin new file mode 100644 index 000000000..bc3bf9af4 --- /dev/null +++ b/src/mac/KrbProfileLib.glue.post.cin @@ -0,0 +1,7 @@ +#include + +Boolean KerberosProfileLibraryIsPresent () +{ + Ptr symAddr; + return (Find_Symbol (&symAddr, "\pprofile_init", profile_init_ProcInfo)) == noErr; +} \ No newline at end of file diff --git a/src/mac/KrbProfileLib.glue.pre.cin b/src/mac/KrbProfileLib.glue.pre.cin new file mode 100644 index 000000000..37b20e8de --- /dev/null +++ b/src/mac/KrbProfileLib.glue.pre.cin @@ -0,0 +1,5 @@ +/* Include prototypes for glue functions */ +#include + +/* Hardcode library fragment name here */ +#define kLibraryName "\pMIT KerberosÂ¥KerberosProfileLib" diff --git a/src/mac/KrbProfileLib.glue.proto.h b/src/mac/KrbProfileLib.glue.proto.h new file mode 100644 index 000000000..80e33370d --- /dev/null +++ b/src/mac/KrbProfileLib.glue.proto.h @@ -0,0 +1,18 @@ +long profile_init (profile_filespec_t *files, profile_t *ret_profile); +long profile_init_path (profile_filespec_list_t filelist, profile_t *ret_profile); +long profile_flush (profile_t profile); +void profile_abandon (profile_t profile); +void profile_release (profile_t profile); +long profile_get_values (profile_t profile, const char **names, char ***ret_values); +void profile_free_list (char **list); +long profile_get_string (profile_t profile, const char *name, const char *subname, const char *subsubname, const char *def_val, char **ret_string); long profile_get_integer (profile_t profile, const char *name, const char *subname, const char *subsubname, int def_val, int *ret_default); +long profile_get_relation_names (profile_t profile, const char **names, char ***ret_names); +long profile_get_subsection_names (profile_t profile, const char **names, char ***ret_names); +long profile_iterator_create (profile_t profile, const char **names, int flags, void **ret_iter); +void profile_iterator_free (void **iter_p); +long profile_iterator (void **iter_p, char **ret_name, char **ret_value); +void profile_release_string (char *str); +long profile_update_relation (profile_t profile, const char **names, const char *old_value, const char *new_value); +long profile_clear_relation (profile_t profile, const char **names); +long profile_rename_section (profile_t profile, const char **names, const char *new_name); +long profile_add_relation (profile_t profile, const char **names, const char *new_value); diff --git a/src/mac/Makefile b/src/mac/Makefile index 9797fe5ad..dad6c6f8e 100644 --- a/src/mac/Makefile +++ b/src/mac/Makefile @@ -20,16 +20,23 @@ library-kind-final = ############################################################################################################## # Everything -all Ä glue all-debug all-final +all Ä unset-echo all-debug all-final # Debugging versions -all-debug Ä ppc-debug 68k-debug headers +all-debug Ä unset-echo ppc-debug 68k-debug # Final versions -all-final Ä ppc-final 68k-final headers +all-final Ä unset-echo ppc-final 68k-final # Clasic 68K glue -glue Ä glue-gss glue-krb5 +glue Ä unset-echo glue-gss glue-krb5 + +unset-echo Ä + If ({MacdevScriptDebug}) + Set Echo 1 + Else + Unset Echo + End ############################################################################################################## ### More global constants @@ -42,42 +49,49 @@ krb5-library-output-folder = {root-folder}:Kerberos5Lib:Binaries: krb5-globals-library-output-folder = {root-folder}:Kerberos5GlobalsLib:Binaries: krb5-globals-data-library-output-folder = {krb5-globals-library-output-folder} profile-library-output-folder = {root-folder}:KerberosProfileLib:Binaries: +comerr-library-output-folder = {root-folder}:ComErrLib:Binaries: gss-library-name = GSSLib krb5-library-name = Kerberos5Lib krb5-globals-library-name = Krb5GlobalsLib krb5-globals-data-library-name = Krb5GlobalsDataLib profile-library-name = KrbProfileLib +comerr-library-name = ComErrLib gss-library-export = {root-folder}mac:GSSLibrary.exp krb5-library-export = {root-folder}mac:K5Library.exp krb5-globals-library-export = {krb5-globals-root-folder}Krb5Globals.exp krb5-globals-data-library-export = {krb5-globals-root-folder}Krb5GlobalsData.exp profile-library-export = {root-folder}util:profile:profile.exp +comerr-library-export = {root-folder}util:et:et.exp gss-library-fragment-name = "GSSLibrary" krb5-library-fragment-name = "MIT KerberosÂ¥Kerberos5Lib" krb5-globals-library-fragment-name = "MIT KerberosÂ¥Kerberos5GlobalsLib" krb5-globals-data-library-fragment-name = "MIT KerberosÂ¥Kerberos5GlobalsDataLib" profile-library-fragment-name = "MIT KerberosÂ¥KerberosProfileLib" +comerr-library-fragment-name = "MIT KerberosÂ¥ComErrLib" gss-library-main = ¶"¶" krb5-library-main = ¶"¶" krb5-globals-library-main = ¶"¶" krb5-globals-data-library-main = ¶"¶" profile-library-main = ¶"¶" +comerr-library-main = ¶"¶" gss-library-init = __initializeGSS krb5-library-init = __initializeK5 krb5-globals-library-init = __initialize_Kerberos5GlobalsLib krb5-globals-data-library-init = __initialize profile-library-init = InitializeProfileLib +comerr-library-init = __initialize gss-library-term = __terminateGSS krb5-library-term = __terminateK5 krb5-globals-library-term = __terminate_Kerberos5GlobalsLib krb5-globals-data-library-term = __terminate profile-library-term = TerminateProfileLib +comerr-library-term = __terminate gss-library-current-version = 1 gss-library-definition-version = 0 @@ -99,14 +113,18 @@ profile-library-current-version = 0 profile-library-definition-version = 0 profile-library-implementation-version = 0 +comerr-library-current-version = 0 +comerr-library-definition-version = 0 +comerr-library-implementation-version = 0 + ############################################################################################################## ### Generation of file lists ############################################################################################################## +list-generation-script-working-folder = "{root-folder}mac:" list-generation-script-folder = "{root-folder}mac:" list-generation-script = "{list-generation-script-folder}macfile_gen.pl" list-generation-script-root = ".." -list-generation-script-prefix = "{root-folder}" all-files-list = {root-folder}"All files.list" all-sources-list = {root-folder}"All sources.list" @@ -132,6 +150,11 @@ profile-objects-68k-debug-list = {root-folder}"Profile objects 68K debug.lis profile-objects-ppc-final-list = {root-folder}"Profile objects PPC final.list" profile-objects-68k-final-list = {root-folder}"Profile objects 68K final.list" +comerr-objects-ppc-debug-list = {root-folder}"ComErr objects PPC debug.list" +comerr-objects-68k-debug-list = {root-folder}"ComErr objects 68K debug.list" +comerr-objects-ppc-final-list = {root-folder}"ComErr objects PPC final.list" +comerr-objects-68k-final-list = {root-folder}"ComErr objects 68K final.list" + all-lists = ¶ {all-files-list} ¶ {all-sources-list} ¶ @@ -150,7 +173,11 @@ all-lists = {profile-objects-ppc-debug-list} ¶ {profile-objects-68k-debug-list} ¶ {profile-objects-ppc-final-list} ¶ - {profile-objects-68k-final-list} + {profile-objects-68k-final-list} ¶ + {comerr-objects-ppc-debug-list} ¶ + {comerr-objects-68k-debug-list} ¶ + {comerr-objects-ppc-final-list} ¶ + {comerr-objects-68k-final-list} file-lists Ä {all-lists} @@ -159,75 +186,91 @@ file-lists # path to root Makefile.in. This is why we run it with -x to specify the root. {all-files-list} Ä {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} all-files {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} all-files {list-generation-script-root} ¶ > {Targ} {all-sources-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} all-sources {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} all-sources {list-generation-script-root} ¶ < {all-files-list} > {Targ} {all-folders-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} all-folders {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} all-folders {list-generation-script-root} ¶ < {all-files-list} > {Targ} {include-folders-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} include-folders {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} include-folders {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-sources-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-sources {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-sources {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-sources-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-sources {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-sources {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-ppc-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-ppc-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-68k-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-68k-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-ppc-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-ppc-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {gss-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} gss-objects-68k-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} gss-objects-68k-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-ppc-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-ppc-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-68k-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-68k-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-ppc-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-ppc-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {krb5-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} krb5-objects-68k-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} krb5-objects-68k-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-ppc-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-ppc-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-68k-debug {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-68k-debug {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-ppc-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-ppc-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} {profile-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} - perl -x"{list-generation-script-folder}" {list-generation-script} profile-objects-68k-final {list-generation-script-root} {list-generation-script-prefix} ¶ + perl -x"{list-generation-script-working-folder}" {list-generation-script} profile-objects-68k-final {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-ppc-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-ppc-debug {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-68k-debug-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-68k-debug {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-ppc-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-ppc-final {list-generation-script-root} ¶ + < {all-files-list} > {Targ} + +{comerr-objects-68k-final-list} Ä {all-files-list} {list-generation-script} {makefile-name} + perl -x"{list-generation-script-working-folder}" {list-generation-script} comerr-objects-68k-final {list-generation-script-root} ¶ < {all-files-list} > {Targ} ############################################################################################################## @@ -324,19 +367,19 @@ autogenerated-files = Catenate {root-folder}util:profile:profile.hin {root-folder}util:profile:prof_err.h > {root-folder}util:profile:profile.h {root-folder}include:profile.h Ä {root-folder}util:profile:profile.h - Duplicate -y {root-folder}util:profile:profile.h {root-folder}include:profile.h + Catenate {root-folder}util:profile:profile.h > {root-folder}include:profile.h SetFile -a l "{Targ}" {root-folder}include:krb5:osconf.h Ä {root-folder}include:krb5:stock:osconf.h - Duplicate -y {root-folder}include:krb5:stock:osconf.h {root-folder}include:krb5:osconf.h + Catenate {root-folder}include:krb5:stock:osconf.h > {root-folder}include:krb5:osconf.h SetFile -a l "{Targ}" {root-folder}lib:gssapi:generic:gssapi.h Ä {root-folder}lib:gssapi:generic:gssapi.hin - Duplicate -y {root-folder}lib:gssapi:generic:gssapi.hin {root-folder}lib:gssapi:generic:gssapi.h + Catenate {root-folder}lib:gssapi:generic:gssapi.hin > {root-folder}lib:gssapi:generic:gssapi.h SetFile -a l "{Targ}" {root-folder}include:autoconf.h Ä {root-folder}mac:libraries:autoconf.h - Duplicate -y {root-folder}mac:libraries:autoconf.h {root-folder}include:autoconf.h + Catenate {root-folder}mac:libraries:autoconf.h > {root-folder}include:autoconf.h SetFile -a l "{Targ}" ############################################################################################################## @@ -377,16 +420,27 @@ autogenerated-files = ### krb5-globals-library-term -- name of Krb5 globals library termination routine ### krb5-globals-library-linker-options -- all other Krb5 globals library linker options ### For profile library -### profile-library-output-folder -- destination of Krb5 globals library output -### profile-library-name -- name of the Krb5 globals library -### profile-library-export -- name of gss Krb5 globals library export file -### profile-library-libraries -- list of libraries Krb5 globals library links against -### profile-library-objects -- list of object files Krb5 globals library links -### profile-library-fragment-name -- name of Krb5 globals library fragment -### profile-library-main -- name of Krb5 globals library main entry point -### profile-library-init -- name of Krb5 globals library initialization routine -### profile-library-term -- name of Krb5 globals library termination routine -### profile-library-linker-options -- all other Krb5 globals library linker options +### profile-library-output-folder -- destination of profile library output +### profile-library-name -- name of the profile library +### profile-library-export -- name of gss profile library export file +### profile-library-libraries -- list of libraries profile library links against +### profile-library-objects -- list of object files profile library links +### profile-library-fragment-name -- name of profile library fragment +### profile-library-main -- name of profile library main entry point +### profile-library-init -- name of profile library initialization routine +### profile-library-term -- name of profile library termination routine +### profile-library-linker-options -- all other profile library linker options +### For comerr library +### comerr-library-output-folder -- destination of comerr library output +### comerr-library-name -- name of the comerr library +### comerr-library-export -- name of gss comerr library export file +### comerr-library-libraries -- list of libraries comerr library links against +### comerr-library-objects -- list of object files comerr library links +### comerr-library-fragment-name -- name of comerr library fragment +### comerr-library-main -- name of comerr library main entry point +### comerr-library-init -- name of comerr library initialization routine +### comerr-library-term -- name of comerr library termination routine +### comerr-library-linker-options -- all other comerr library linker options ### General ### library-linker -- linker to use ### autogenerated-files -- list of autogenerated files @@ -458,19 +512,23 @@ object-suffix-68k-data = .68k.o gss-library-libraries-ppc-debug = ¶ {standard-libraries-ppc-debug} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-ppc}{library-kind-debug} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-debug} + {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-debug} gss-library-libraries-68k-debug = ¶ {standard-libraries-68k-debug} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-68k}{library-kind-debug} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-debug} gss-library-libraries-ppc-final = ¶ {standard-libraries-ppc-final} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-ppc}{library-kind-final} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-final} + {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-final} gss-library-libraries-68k-final = ¶ {standard-libraries-68k-final} ¶ {krb5-library-output-folder}{krb5-library-name}{library-platform-68k}{library-kind-final} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-final} krb5-library-libraries-ppc-debug = ¶ {standard-libraries-ppc-debug} ¶ @@ -479,6 +537,7 @@ krb5-library-libraries-ppc-debug = {errorlib-ppc-debug} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-ppc}{library-kind-debug} ¶ {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-debug} ¶ ¶"{PPCLibraries}PPCMath64Lib.o¶" ¶ ¶"{SharedLibraries}DriverServicesLib¶" krb5-library-libraries-68k-debug = ¶ @@ -487,7 +546,8 @@ krb5-library-libraries-68k-debug = {socketslib-68k-debug} ¶ {errorlib-68k-debug} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-68k}{library-kind-debug} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-debug} krb5-library-libraries-ppc-final = ¶ {standard-libraries-ppc-final} ¶ {ccachelib-ppc-final} ¶ @@ -495,6 +555,7 @@ krb5-library-libraries-ppc-final = {errorlib-ppc-final} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-ppc}{library-kind-final} ¶ {profile-library-output-folder}{profile-library-name}{library-platform-ppc}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-final} ¶ ¶"{PPCLibraries}PPCMath64Lib.o¶" ¶ ¶"{SharedLibraries}DriverServicesLib¶" krb5-library-libraries-68k-final = ¶ @@ -503,7 +564,8 @@ krb5-library-libraries-68k-final = {socketslib-68k-final} ¶ {errorlib-68k-final} ¶ {krb5-globals-library-output-folder}{krb5-globals-library-name}{library-platform-68k}{library-kind-final} ¶ - {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} + {profile-library-output-folder}{profile-library-name}{library-platform-68k}{library-kind-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-final} krb5-globals-library-libraries-ppc-debug = ¶ {standard-libraries-ppc-debug} ¶ @@ -526,12 +588,25 @@ krb5-globals-data-library-libraries-ppc = krb5-globals-data-library-libraries-68k = ¶"{MW68KLibraries}MSL MWCFM68KRuntime.Lib¶" profile-library-libraries-ppc-debug = ¶ - {standard-libraries-ppc-debug} + {standard-libraries-ppc-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-debug} profile-library-libraries-68k-debug = ¶ - {standard-libraries-68k-debug} + {standard-libraries-68k-debug} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-debug} profile-library-libraries-ppc-final = ¶ - {standard-libraries-ppc-final} + {standard-libraries-ppc-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-ppc}{library-kind-final} profile-library-libraries-68k-final = ¶ + {standard-libraries-68k-final} ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform-68k}{library-kind-final} + +comerr-library-libraries-ppc-debug = ¶ + {standard-libraries-ppc-debug} +comerr-library-libraries-68k-debug = ¶ + {standard-libraries-68k-debug} +comerr-library-libraries-ppc-final = ¶ + {standard-libraries-ppc-final} +comerr-library-libraries-68k-final = ¶ {standard-libraries-68k-final} ### Construct linker options. @@ -555,9 +630,9 @@ krb5-library-common-linker-options = -dv {krb5-library-definition-version} ¶ -uv {krb5-library-implementation-version} -krb5-library-linker-options-ppc-debug = {common-linker-options-debug} {krb5-library-common-linker-options} +krb5-library-linker-options-ppc-debug = {common-linker-options-debug} {krb5-library-common-linker-options} -weaklib "DriverServicesLib" krb5-library-linker-options-68k-debug = {common-linker-options-debug} {krb5-library-common-linker-options} -krb5-library-linker-options-ppc-final = {common-linker-options-final} {krb5-library-common-linker-options} +krb5-library-linker-options-ppc-final = {common-linker-options-final} {krb5-library-common-linker-options} -weaklib "DriverServicesLib" krb5-library-linker-options-68k-final = {common-linker-options-final} {krb5-library-common-linker-options} krb5-globals-library-common-linker-options = ¶ @@ -589,15 +664,33 @@ profile-library-linker-options-68k-debug = {common-linker-options-debug} {profil profile-library-linker-options-ppc-final = {common-linker-options-final} {profile-library-common-linker-options} profile-library-linker-options-68k-final = {common-linker-options-final} {profile-library-common-linker-options} -gss-library-objects-ppc-debug = `catenate {gss-objects-ppc-debug-list}` {root-folder}mac:GSS.CFM{object-suffix-ppc-debug} -gss-library-objects-68k-debug = `catenate {gss-objects-68k-debug-list}` {root-folder}mac:GSS.CFM{object-suffix-68k-debug} -gss-library-objects-ppc-final = `catenate {gss-objects-ppc-final-list}` {root-folder}mac:GSS.CFM{object-suffix-ppc-final} -gss-library-objects-68k-final = `catenate {gss-objects-68k-final-list}` {root-folder}mac:GSS.CFM{object-suffix-68k-final} - -krb5-library-objects-ppc-debug = `catenate {krb5-objects-ppc-debug-list}` {root-folder}mac:K5.CFM{object-suffix-ppc-debug} -krb5-library-objects-68k-debug = `catenate {krb5-objects-68k-debug-list}` {root-folder}mac:K5.CFM{object-suffix-68k-debug} -krb5-library-objects-ppc-final = `catenate {krb5-objects-ppc-final-list}` {root-folder}mac:K5.CFM{object-suffix-ppc-final} -krb5-library-objects-68k-final = `catenate {krb5-objects-68k-final-list}` {root-folder}mac:K5.CFM{object-suffix-68k-final} +comerr-library-common-linker-options = ¶ + -cv {comerr-library-current-version} ¶ + -dv {comerr-library-definition-version} ¶ + -uv {comerr-library-implementation-version} + +comerr-library-linker-options-ppc-debug = {common-linker-options-debug} {comerr-library-common-linker-options} +comerr-library-linker-options-68k-debug = {common-linker-options-debug} {comerr-library-common-linker-options} +comerr-library-linker-options-ppc-final = {common-linker-options-final} {comerr-library-common-linker-options} +comerr-library-linker-options-68k-final = {common-linker-options-final} {comerr-library-common-linker-options} + +gss-library-objects-ppc-debug = `catenate {gss-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-ppc-debug} +gss-library-objects-68k-debug = `catenate {gss-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-68k-debug} +gss-library-objects-ppc-final = `catenate {gss-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-ppc-final} +gss-library-objects-68k-final = `catenate {gss-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:GSS.CFM{object-suffix-68k-final} + +krb5-library-objects-ppc-debug = `catenate {krb5-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-ppc-debug} +krb5-library-objects-68k-debug = `catenate {krb5-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-68k-debug} +krb5-library-objects-ppc-final = `catenate {krb5-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-ppc-final} +krb5-library-objects-68k-final = `catenate {krb5-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:K5.CFM{object-suffix-68k-final} krb5-globals-library-objects-ppc-debug = ¶ {krb5-globals-root-folder}Krb5Globals{object-suffix-ppc-debug} ¶ @@ -615,10 +708,19 @@ krb5-globals-library-objects-68k-final = krb5-globals-data-library-objects-ppc = {krb5-globals-root-folder}Krb5GlobalsData{object-suffix-ppc-data} krb5-globals-data-library-objects-68k = {krb5-globals-root-folder}Krb5GlobalsData{object-suffix-68k-data} -profile-library-objects-ppc-debug = `catenate {profile-objects-ppc-debug-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-debug} -profile-library-objects-68k-debug = `catenate {profile-objects-68k-debug-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-68k-debug} -profile-library-objects-ppc-final = `catenate {profile-objects-ppc-final-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-final} -profile-library-objects-68k-final = `catenate {profile-objects-68k-final-list}` {root-folder}mac:ProfileLib.CFM{object-suffix-68k-final} +profile-library-objects-ppc-debug = `catenate {profile-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-debug} +profile-library-objects-68k-debug = `catenate {profile-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-68k-debug} +profile-library-objects-ppc-final = `catenate {profile-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-ppc-final} +profile-library-objects-68k-final = `catenate {profile-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` ¶ + {root-folder}mac:ProfileLib.CFM{object-suffix-68k-final} + +comerr-library-objects-ppc-debug = `catenate {comerr-objects-ppc-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` +comerr-library-objects-68k-debug = `catenate {comerr-objects-68k-debug-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` +comerr-library-objects-ppc-final = `catenate {comerr-objects-ppc-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` +comerr-library-objects-68k-final = `catenate {comerr-objects-68k-final-list} | StreamEdit -d -set prefix="{root-folder}" -e "/Â¥:(Ã…)¨2/ Print prefix¨2"` library-linker-ppc = MWLinkPPC library-linker-68K = MWLink68K @@ -632,7 +734,7 @@ common-compiler-options = -model farData # Don't put the prefix file in these options because they are used to precompile the prefix file -ppc-compiler-options = +ppc-compiler-options = -tb on 68k-compiler-options = -model cfmflat debug-compiler-options = -sym on final-compiler-options = -sym off @@ -642,7 +744,7 @@ mitsupportlib-include-paths = -i {mitsupportlib-root-folder}ErrorLib:Headers: ¶ -i {mitsupportlib-root-folder}UtilitiesLib:Headers: -include-paths = `catenate {include-folders-list}` ¶ +include-paths = `catenate {include-folders-list} | StreamEdit -d -set prefix="{root-folder}mac:" -e "/-i (Ã…)¨1/ Print '-i 'prefix¨1"` ¶ -i {mitkerberoslib-root-folder}CCacheLib:Headers: ¶ -i {krb5-globals-root-folder} ¶ {mitsupportlib-include-paths} @@ -714,7 +816,14 @@ make-options-common = -d profile-library-fragment-name={profile-library-fragment-name} ¶ -d profile-library-main="{profile-library-main}" ¶ -d profile-library-init="{profile-library-init}" ¶ - -d profile-library-term="{profile-library-term}" + -d profile-library-term="{profile-library-term}" ¶ + -d comerr-library-output-folder="{comerr-library-output-folder}" ¶ + -d comerr-library-name="{comerr-library-name}" ¶ + -d comerr-library-export="{comerr-library-export}" ¶ + -d comerr-library-fragment-name={comerr-library-fragment-name} ¶ + -d comerr-library-main="{comerr-library-main}" ¶ + -d comerr-library-init="{comerr-library-init}" ¶ + -d comerr-library-term="{comerr-library-term}" make-options-ppc-debug = ¶ -d library-linker="{library-linker-ppc}" ¶ @@ -735,6 +844,9 @@ make-options-ppc-debug = -d profile-library-libraries="{profile-library-libraries-ppc-debug}" ¶ -d profile-library-objects="{profile-library-objects-ppc-debug}" ¶ -d profile-library-linker-options="{profile-library-linker-options-ppc-debug}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-ppc-debug}" ¶ + -d comerr-library-objects="{comerr-library-objects-ppc-debug}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-ppc-debug}" ¶ -d object-suffix="{object-suffix-ppc-debug}" ¶ -d object-suffix-data="{object-suffix-ppc-data}" ¶ -d compiler-options="{compiler-options-ppc-debug}" ¶ @@ -760,6 +872,9 @@ make-options-68k-debug = -d profile-library-libraries="{profile-library-libraries-68k-debug}" ¶ -d profile-library-objects="{profile-library-objects-68k-debug}" ¶ -d profile-library-linker-options="{profile-library-linker-options-68k-debug}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-68k-debug}" ¶ + -d comerr-library-objects="{comerr-library-objects-68k-debug}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-68k-debug}" ¶ -d object-suffix="{object-suffix-68k-debug}" ¶ -d object-suffix-data="{object-suffix-68k-data}" ¶ -d compiler-options="{compiler-options-68k-debug}" ¶ @@ -786,6 +901,9 @@ make-options-ppc-final = -d profile-library-libraries="{profile-library-libraries-ppc-final}" ¶ -d profile-library-objects="{profile-library-objects-ppc-final}" ¶ -d profile-library-linker-options="{profile-library-linker-options-ppc-final}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-ppc-final}" ¶ + -d comerr-library-objects="{comerr-library-objects-ppc-final}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-ppc-final}" ¶ -d object-suffix="{object-suffix-ppc-final}" ¶ -d object-suffix-data="{object-suffix-ppc-data}" ¶ -d compiler-options="{compiler-options-ppc-final}" ¶ @@ -811,6 +929,9 @@ make-options-68k-final = -d profile-library-libraries="{profile-library-libraries-68k-final}" ¶ -d profile-library-objects="{profile-library-objects-68k-final}" ¶ -d profile-library-linker-options="{profile-library-linker-options-68k-final}" ¶ + -d comerr-library-libraries="{comerr-library-libraries-68k-final}" ¶ + -d comerr-library-objects="{comerr-library-objects-68k-final}" ¶ + -d comerr-library-linker-options="{comerr-library-linker-options-68k-final}" ¶ -d object-suffix="{object-suffix-68k-final}" ¶ -d object-suffix-data="{object-suffix-68k-data}" ¶ -d compiler-options="{compiler-options-68k-final}" ¶ @@ -820,23 +941,23 @@ make-options-68k-final = make-output = "{TempFolder}GSS/Kerberos Makefile script" submakefile-target = gss-library -ppc-debug Ä {makefile-name} {gss-objects-ppc-debug-list} {krb5-objects-ppc-debug-list} ¶ - {profile-objects-ppc-debug-list} {include-folders-list} +ppc-debug Ä glue headers documentation {makefile-name} {gss-objects-ppc-debug-list} {krb5-objects-ppc-debug-list} ¶ + {profile-objects-ppc-debug-list} {comerr-objects-ppc-debug-list} {include-folders-list} Make {make-options-common} {make-options-ppc-debug} {submakefile-target} > {make-output} {make-output} -68k-debug Ä {makefile-name} {gss-objects-68k-debug-list} {krb5-objects-68k-debug-list} ¶ - {profile-objects-68k-debug-list} {include-folders-list} +68k-debug Ä glue headers documentation {makefile-name} {gss-objects-68k-debug-list} {krb5-objects-68k-debug-list} ¶ + {profile-objects-68k-debug-list} {comerr-objects-68k-debug-list} {include-folders-list} Make {make-options-common} {make-options-68k-debug} {submakefile-target} > {make-output} {make-output} -ppc-final Ä {makefile-name} {gss-objects-ppc-final-list} {krb5-objects-ppc-final-list} ¶ - {profile-objects-ppc-final-list} {include-folders-list} +ppc-final Ä glue headers documentation {makefile-name} {gss-objects-ppc-final-list} {krb5-objects-ppc-final-list} ¶ + {profile-objects-ppc-final-list} {comerr-objects-ppc-final-list} {include-folders-list} Make {make-options-common} {make-options-ppc-final} {submakefile-target} > {make-output} {make-output} -68k-final Ä {makefile-name} {gss-objects-68k-final-list} {krb5-objects-68k-final-list} ¶ - {profile-objects-68k-final-list} {include-folders-list} +68k-final Ä glue headers documentation {makefile-name} {gss-objects-68k-final-list} {krb5-objects-68k-final-list} ¶ + {profile-objects-68k-final-list} {comerr-objects-68k-final-list} {include-folders-list} Make {make-options-common} {make-options-68k-final} {submakefile-target} > {make-output} {make-output} @@ -900,6 +1021,17 @@ ppc-final ### profile-library-init -- name of profile library initialization routine ### profile-library-term -- name of profile library termination routine ### profile-library-linker-options -- all other profile library linker options +### For comerr library +### comerr-library-output-folder -- destination of comerr library output +### comerr-library-name -- name of the comerr library +### comerr-library-export -- name of comerr library export file +### comerr-library-libraries -- list of libraries comerr library links against +### comerr-library-objects -- list of object files comerr library links +### comerr-library-fragment-name -- name of comerr library fragment +### comerr-library-main -- name of comerr library main entry point +### comerr-library-init -- name of comerr library initialization routine +### comerr-library-term -- name of comerr library termination routine +### comerr-library-linker-options -- all other comerr library linker options ### General ### library-linker -- linker to use ### autogenerated-files -- list of autogenerated files @@ -933,6 +1065,9 @@ object-suffix-data = .ignore.me.too profile-library-libraries = profile-library-objects = profile-library-linker-options = +comerr-library-libraries = +comerr-library-objects = +comerr-library-linker-options = ### Generate various major components of build commands from the above variables gss-library-output-files = ¶ @@ -1015,6 +1150,22 @@ profile-library-build-command = {profile-library-linker-options} ¶ {profile-library-objects} {profile-library-libraries} +comerr-library-output-files = ¶ + {comerr-library-output-folder}{comerr-library-name}{library-platform}{library-kind} +comerr-library-dependencies = ¶ + {autogenerated-files} {comerr-library-export} {comerr-library-libraries} {comerr-library-objects} +comerr-library-build-command = ¶ + {library-linker} ¶ + -name "{comerr-library-fragment-name}{library-kind}" ¶ + -main {comerr-library-main} ¶ + -init {comerr-library-init} ¶ + -term {comerr-library-term} ¶ + -@export {comerr-library-export} ¶ + -map {comerr-library-output-folder}{comerr-library-name}{library-platform}{library-kind}.MAP ¶ + -o {comerr-library-output-folder}{comerr-library-name}{library-platform}{library-kind} ¶ + {comerr-library-linker-options} ¶ + {comerr-library-objects} {comerr-library-libraries} + ### Build commands gss-library Ä {gss-library-output-files} @@ -1022,6 +1173,7 @@ krb5-library krb5-globals-library Ä {krb5-globals-library-output-files} krb5-globals-data-library Ä {krb5-globals-data-library-output-files} profile-library Ä {profile-library-output-files} +comerr-library Ä {comerr-library-output-files} {gss-library-output-files} ÄÄ {gss-library-dependencies} {makefile-name} {create-folder} {gss-library-output-folder} @@ -1043,14 +1195,20 @@ profile-library {create-folder} {profile-library-output-folder} {profile-library-build-command} +{comerr-library-output-files} ÄÄ {comerr-library-dependencies} {makefile-name} + {create-folder} {comerr-library-output-folder} + {comerr-library-build-command} + ############################################################################################################## ### Default compilation rules ############################################################################################################## {object-suffix} Ä .c {autogenerated-files} {makefile-name} {precompiled-headers} + echo {DepDir}{Default}{object-suffix} {compiler} {DepDir}{Default}.c -o {DepDir}{Default}{object-suffix} {compiler-options} {object-suffix-data} Ä .c {autogenerated-files} {makefile-name} {precompiled-headers} + echo {DepDir}{Default}{object-suffix-data} {compiler} {DepDir}{Default}.c -o {DepDir}{Default}{object-suffix-data} {compiler-options} ############################################################################################################## @@ -1060,18 +1218,26 @@ profile-library classic-glue-generation-script = {root-folder}mac:CFMGlue.pl gss-library-glue-output-folder = {root-folder}:GSSLib:ClassicGlue: krb5-library-glue-output-folder = {root-folder}:Kerberos5Lib:ClassicGlue: +profile-library-glue-output-folder = {root-folder}:KerberosProfileLib:ClassicGlue: +comerr-library-glue-output-folder = {root-folder}:ComErrLib:ClassicGlue: gss-library-glue-output = {gss-library-glue-output-folder}GSSLib.glue.c krb5-library-glue-output = {krb5-library-glue-output-folder}Kerberos5Lib.glue.c +profile-library-glue-output = {profile-library-glue-output-folder}KrbProfileLib.glue.c +comerr-library-glue-output = {comerr-library-glue-output-folder}ComErrLib.glue.c classic-glue-output = ¶ {gss-library-glue-output} ¶ - {krb5-library-glue-output} + {krb5-library-glue-output} ¶ + {profile-library-glue-output} ¶ + {comerr-library-glue-output} glue Ä {classic-glue-output} glue-gss Ä {gss-library-glue-output} glue-krb5 Ä {krb5-library-glue-output} +glue-profile Ä {profile-library-glue-output} +glue-comerr Ä {comerr-library-glue-output} {krb5-library-glue-output} Ä {root-folder}mac:K5.CFMglue.cin {root-folder}mac:K5.CFMglue.proto.h ¶ {root-folder}mac:CFMglue.c {root-folder}mac:K5.moreCFMglue.cin {classic-glue-generation-script} @@ -1087,6 +1253,20 @@ glue-krb5 Catenate {root-folder}mac:GSS.CFMglue.cin {root-folder}mac:CFMglue.c {root-folder}mac:GSS.CFMglue.c ¶ {root-folder}mac:GSS.moreCFMglue.cin | Catenate > {gss-library-glue-output} +{profile-library-glue-output} Ä {root-folder}mac:KrbProfileLib.glue.pre.cin {root-folder}mac:KrbProfileLib.glue.proto.h ¶ + {root-folder}mac:CFMglue.c {root-folder}mac:KrbProfileLib.glue.post.cin {classic-glue-generation-script} + {create-folder} {profile-library-glue-output-folder} + perl {classic-glue-generation-script} < {root-folder}mac:KrbProfileLib.glue.proto.h > {root-folder}mac:KrbProfileLib.CFMglue.c + Catenate {root-folder}mac:KrbProfileLib.glue.pre.cin {root-folder}mac:CFMglue.c {root-folder}mac:KrbProfileLib.CFMglue.c ¶ + {root-folder}mac:KrbProfileLib.glue.post.cin | Catenate > {profile-library-glue-output} + +{comerr-library-glue-output} Ä {root-folder}mac:ComErrLib.glue.pre.cin {root-folder}mac:ComErrLib.glue.proto.h ¶ + {root-folder}mac:CFMglue.c {root-folder}mac:ComErrLib.glue.post.cin {classic-glue-generation-script} + {create-folder} {comerr-library-glue-output-folder} + perl {classic-glue-generation-script} < {root-folder}mac:ComErrLib.glue.proto.h > {root-folder}mac:ComErrLib.CFMglue.c + Catenate {root-folder}mac:ComErrLib.glue.pre.cin {root-folder}mac:CFMglue.c {root-folder}mac:ComErrLib.CFMglue.c ¶ + {root-folder}mac:ComErrLib.glue.post.cin | Catenate > {comerr-library-glue-output} + ############################################################################################################## ### Clean target deletes all generated files ############################################################################################################## @@ -1108,6 +1288,7 @@ clean gss-headers-output-folder = {root-folder}:GSSLib:Headers: krb5-headers-output-folder = {root-folder}:Kerberos5Lib:Headers: krb5-globals-headers-output-folder = {root-folder}:Kerberos5GlobalsLib:Headers: +comerr-headers-output-folder = {root-folder}:ComErrLib:Headers: profile-headers-output-folder = {root-folder}:KerberosProfileLib:Headers: gss-headers-output = ¶ @@ -1116,26 +1297,28 @@ gss-headers-output = krb5-headers-output = ¶ "{krb5-headers-output-folder}krb5.h" ¶ - "{krb5-headers-output-folder}com_err.h" ¶ - "{krb5-headers-output-folder}profile.h" ¶ "{krb5-headers-output-folder}win-mac.h" krb5-globals-headers-output = ¶ "{krb5-globals-headers-output-folder}Kerberos5Globals.h" +comerr-headers-output = ¶ + "{comerr-headers-output-folder}com_err.h" + profile-headers-output = ¶ "{profile-headers-output-folder}profile.h" -headers-output = {gss-headers-output} {krb5-headers-output} {krb5-globals-headers-output} {profile-headers-output} +headers-output = {gss-headers-output} {krb5-headers-output} {krb5-globals-headers-output} ¶ + {comerr-headers-output} {profile-headers-output} -headers Ä {headers-output} +headers Ä unset-echo {headers-output} "{gss-headers-output-folder}gssapi.h" Ä "{root-folder}lib:gssapi:generic:gssapi.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}lib:gssapi:generic:gssapi.h" "{Targ}" + Catenate "{root-folder}lib:gssapi:generic:gssapi.h" > "{Targ}" SetFile -a l "{Targ}" "{gss-headers-output-folder}gssapi_krb5.h" Ä "{root-folder}lib:gssapi:krb5:gssapi_krb5.h" {makefile-name} @@ -1143,7 +1326,7 @@ headers If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}lib:gssapi:krb5:gssapi_krb5.h" "{Targ}" + Catenate "{root-folder}lib:gssapi:krb5:gssapi_krb5.h" > "{Targ}" SetFile -a l "{Targ}" "{krb5-headers-output-folder}krb5.h" Ä "{root-folder}include:krb5.h" {makefile-name} @@ -1151,45 +1334,110 @@ headers If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}include:krb5.h" "{Targ}" + Catenate "{root-folder}include:krb5.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-headers-output-folder}com_err.h" Ä "{root-folder}util:et:com_err.h" {makefile-name} +"{krb5-headers-output-folder}win-mac.h" Ä "{root-folder}include:win-mac.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}util:et:com_err.h" "{Targ}" + Catenate "{root-folder}include:win-mac.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-headers-output-folder}profile.h" Ä "{root-folder}util:profile:profile.h" {makefile-name} +"{krb5-globals-headers-output-folder}Kerberos5Globals.h" Ä "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}util:profile:profile.h" "{Targ}" + Catenate "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-headers-output-folder}win-mac.h" Ä "{root-folder}include:win-mac.h" {makefile-name} +"{comerr-headers-output-folder}com_err.h" Ä "{root-folder}util:et:com_err.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}include:win-mac.h" "{Targ}" + Catenate "{root-folder}util:et:com_err.h" > "{Targ}" SetFile -a l "{Targ}" -"{krb5-globals-headers-output-folder}Kerberos5Globals.h" Ä "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" {makefile-name} +"{profile-headers-output-folder}profile.h" Ä "{root-folder}util:profile:profile.h" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) SetFile -a l "{Targ}" End - Duplicate -y "{root-folder}mac:libraries:Kerberos v5 Globals:Krb5Globals.h" "{Targ}" + Catenate "{root-folder}util:profile:profile.h" > "{Targ}" SetFile -a l "{Targ}" -"{profile-headers-output-folder}profile.h" Ä "{root-folder}util:profile:profile.h" {makefile-name} +############################################################################################################## +### Copying documentation around +############################################################################################################## + +gss-documentation-output-folder = {root-folder}:GSSLib:Documentation: +krb5-documentation-output-folder = {root-folder}:Kerberos5Lib:Documentation: +krb5-globals-documentation-output-folder = {root-folder}:Kerberos5GlobalsLib:Documentation: +comerr-documentation-output-folder = {root-folder}:ComErrLib:Documentation: +profile-documentation-output-folder = {root-folder}:KerberosProfileLib:Documentation: + +gss-documentation-output = ¶ + {gss-documentation-output-folder}"GSSLib ReadMe" + +krb5-documentation-output = ¶ + {krb5-documentation-output-folder}"krb5api.pdf" + +krb5-globals-documentation-output = ¶ + {krb5-globals-documentation-output-folder}"Kerberos5Globals.html" + +comerr-documentation-output = ¶ + {comerr-documentation-output-folder}"ComErrLib ReadMe" + +profile-documentation-output = ¶ + {profile-documentation-output-folder}"KerberosProfileLib ReadMe" + +documentation-output = {gss-documentation-output} {krb5-documentation-output} ¶ + {krb5-globals-documentation-output} {profile-documentation-output} ¶ + {comerr-documentation-output} + +documentation Ä unset-echo {documentation-output} + +{gss-documentation-output-folder}"GSSLib ReadMe" Ä {root-folder}"mac:GSSLib ReadMe" {makefile-name} "{create-folder}" "{TargDir}" If (`Exists "{Targ}" | Count -l`) - SetFile -a l "{Targ}" + SetFile -a l {Targ} End - Duplicate -y "{root-folder}util:profile:profile.h" "{Targ}" - SetFile -a l "{Targ}" + Catenate {root-folder}"mac:GSSLib ReadMe" > {Targ} + SetFile -a l {Targ} + +{krb5-documentation-output-folder}"krb5api.pdf" Ä {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + If (`Exists {root-folder}":::Documentation:pdf:krb5api.pdf"`) + Catenate {root-folder}":::Documentation:pdf:krb5api.pdf" > {Targ} + SetFile -a l -t 'PDF ' -c 'CARO' {Targ} + End + +{krb5-globals-documentation-output-folder}"Kerberos5Globals.html" Ä {root-folder}"mac:libraries:Kerberos v5 Globals:Krb5Globals.html" {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + Catenate {root-folder}"mac:libraries:Kerberos v5 Globals:Krb5Globals.html" > {Targ} + SetFile -a l -c 'MOSS' {Targ} + +{comerr-documentation-output-folder}"ComErrLib ReadMe" Ä {root-folder}"mac:ComErrLib ReadMe" {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + Catenate {root-folder}"mac:ComErrLib ReadMe" > {Targ} + SetFile -a l {Targ} + +{profile-documentation-output-folder}"KerberosProfileLib ReadMe" Ä {root-folder}"mac:KerberosProfileLib ReadMe" {makefile-name} + "{create-folder}" "{TargDir}" + If (`Exists "{Targ}" | Count -l`) + SetFile -a l {Targ} + End + Catenate {root-folder}"mac:KerberosProfileLib ReadMe" > {Targ} + SetFile -a l {Targ} diff --git a/src/mac/ProfileLib.CFM.c b/src/mac/ProfileLib.CFM.c index 3ef8ef60d..9b5ea87cf 100644 --- a/src/mac/ProfileLib.CFM.c +++ b/src/mac/ProfileLib.CFM.c @@ -1,9 +1,19 @@ -/* - * Copyright (C) 1997 by the Massachusetts Institute of Technology - * All rights reserved. +/* Copyright 1998 by the Massachusetts Institute of Technology. * - * For copying and distribution information, please see the file - * COPYRIGHT. + * Permission to use, copy, modify, and distribute this + * software and its documentation for any purpose and without + * fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright + * notice and this permission notice appear in supporting + * documentation, and that the name of M.I.T. not be used in + * advertising or publicity pertaining to distribution of the + * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" + * without express or implied warranty. */ diff --git a/src/mac/ReadMe b/src/mac/ReadMe index 9e5226b69..da851c48b 100644 --- a/src/mac/ReadMe +++ b/src/mac/ReadMe @@ -6,134 +6,8 @@ Building the Macintosh version of Kerberos 5 and GSS If you have questions or comments about the Macintosh build process, send e-mail to . +You should not be building Macintosh Kerberos v5 and GSS libraries +from the standard Kerberos v5 distribution. Instead, you should look +for MIT Kerberos Library sources from + -To build the Macintosh version of Kerberos 5 and GSS: - ---- Installing tools --- - - 1) Install CodeWarrior Pro 4, including MPW. - This build of Kerberos v5 and GSS requires CodeWarrior Pro4 MPW tools. - Don't forget to run one of 4 Metrowerks MPW scripts, as described at the - bottom of MPW worksheet the first time you launch it. - - 2) Download MacPerl and MacPerl MPW tool from - - - - The MacPerl directory contains several versions of the app and the MPW - tool. The *_appl and *_tool versions work properly with our scripts, e.g., - you should download "Mac_Perl_520r4_appl.bin" and "Mac_Perl_520r4_tool.bin". - - 3) Install MacPerl and MacPerl MPW tool by following the installation - instructions provided with them: - - install MacPerl application before installing MacPerl tool - - after installing MacPerl tool, run its MPW configuration script - and follow the instructions - ---- Preparing Kerberos v5 build tree --- - - 4) Launch MPW. - - 5) Set directory in MPW to the top level of Kerberos 5 distribution - (e.g. "GSS-Kerberos5"). - - 6) Build target "prebuild" in MPW. - This will create a new Makefile, so you may be asked whether you - want to save changes to the Makefile if you opened it before step - 6. Save the changes. - ---- Building libraries --- - - 7) Build target "all" in MPW. Wait. - - Example build times: 30-40 minutes on a G3 machine, 80 minutes - on a PowerMac 9600/233. - - You may receive some compile warnings about an ignored pragma, warnings - about illegal implicit const pointer conversions, and some link warnings. - These are normal and can be ignored. - - We used to see MPW crash during the link stage of the build. We think this - has been fixed. If this happens to you, you should restart MPW and start - the build again, and report the problem to macdev@mit.edu. - ---- Binaries --- - - The following assumes that you have followed the steps above to build - the GSS & Kerberos 5 libraries. What you now have supports both the - Kerberos 5 and GSS APIs. Each is supported as both CFM shared libraries - and CodeWarrior static link libraries for both 68k & PowerPC Macs. - We strongly recommend you use the CFM shared libraries. - - The following binary components are provided/built in this release: - - ":MIT Kerberos Library" - * Fat CFM Shared Library including GSS, and Kerberos v5, CCache, and DES - libraries. - * Not for linking against in your projects; include in distributions to - be placed in System Folder:Extensions. - - :GSSLib.68K - * CFM Shared Library including GSS for 68k Macs. - - :GSSLib.PPC - * CFM Shared Library including GSS for PowerPC Macs. - - :Kerberos5Lib.68K - * CFM Shared Library including Kerberos 5 for 68k Macs. - - :Kerberos5Lib.68K - * CFM Shared Library including Kerberos 5 for PowerPC Macs. - - :mac:krb5.ini - * Sample krb5.ini file using CYGNUS.COM as the default realm - - :include - * An include directory containing the files necessary for development - ---- Installation --- - - To install the Kerberos 5 system on your Mac: - - 1) Copy the :mac:krb5.ini file (configured for your site) into - the "Preferences" folder in the "System Folder". - - 2) Install the shared libraries by copying the "MIT Kerberos Library" file - to the "Extensions" folder in the "System Folder". - - 3) If you are using System 7.6 or earlier on a 68K Mac, install - the CFM-68K Runtime Enabler 4.0, available from Apple at: - - - ---- Getting Started Programming --- - - You can program using either the Kerberos 5 or GSS APIs. - - To add Kerberos functionality to a Code Warrior based application: - - 1) PPC application: use shared libraries: - For GSSAPI, add GSSLibraryPPC to your project - For Kerberos v5 API, add K5LibraryPPC to your project - Set the project options to 4 byte integers and enums treated as ints. - - 2) CFM-68K application: use shared libraries - For GSSAPI, add GSSLibrary68K to your project - For Kerberos v5 API, add K5Library68K to your project - Set the project options to 4 byte integers and enums treated as ints. - - 3) Classic 68K application: use glue for shared libraries - For GSSAPI, add GSSLib.glue.c to your project - For Kerberos v5 API, add Kerberos5.glue.c to your project - Set the project options to 4 byte integers and enums treated as ints. - - A PDF document describing the Kerberos 5 API is located at: - - - - (That document was created from tex files in the main Kerberos 5 source tree.) - - The GSSAPI is described in Internet RFC's 1508 and 1509: - - - diff --git a/src/mac/Release notes b/src/mac/Release notes index 3aeaf2bb8..c4a0336fe 100644 --- a/src/mac/Release notes +++ b/src/mac/Release notes @@ -110,6 +110,8 @@ Changes in 1.1a3: separated profile lib fixed krb5 library CFM version numbers fixed makefile and perl scripts to build form arbitrary root + +--- version upped to 2.5a1 --- 2.5a1 - Monday, July 26, 1999 1:00:00 PM changed profile lib to use FSSpecs @@ -118,4 +120,29 @@ Changes in 1.1a3: removed "MIT KerberosÂ¥GSSLib" alias removed "K5Library alias" removed com_err exports from krb5 lib - fixed win-mac.h redefinition of size_t \ No newline at end of file + fixed win-mac.h redefinition of size_t + +2.5a2 - Friday, August 6, 1999 1:40:00 PM + fixed huge profile memory leak + fixed memory leak in krb5_stdcc_destroy + added traceback tables to PPC versions + +2.5b1 + from tag Mac_GSSKerberos5_2_5b1 + separated com_err lib + now tracking krb5-1-1 branch + added CCache cleanup to CFM termination procs + +2.5b2 + from tag Mac_GSSKerberos5_2_5b2 + cleaned up glue for all libraries + +2.5 + from tag Mac_GSSKerberos5_2_5 + added documentation and fixed makefile so that documentation, + headers, and cfrm glue are always built correctly + +2.5.1 + from tag Mac_GSSKerberos5_2_5_1 + fixed pre-PCI strong-link against DriverServicesLib + added krb5_change_password 2 minute timeout (changepw.c) \ No newline at end of file diff --git a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c index 923863d15..0c6294135 100644 --- a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c +++ b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.CFM.c @@ -8,6 +8,9 @@ * documentation, and that the name of M.I.T. not be used in * advertising or publicity pertaining to distribution of the * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" * without express or implied warranty. diff --git a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c index 45116c15f..cecd3173d 100644 --- a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c +++ b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.c @@ -8,6 +8,9 @@ * documentation, and that the name of M.I.T. not be used in * advertising or publicity pertaining to distribution of the * software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" * without express or implied warranty. diff --git a/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.html b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.html new file mode 100644 index 000000000..7ed835336 --- /dev/null +++ b/src/mac/libraries/Kerberos v5 Globals/Krb5Globals.html @@ -0,0 +1,81 @@ + + + + + Kerberos v5 Globals Library API Functions + + +
+ + + + + +
MIT Information Systems

Macintosh Development


+ [Home] + [About Us] + [People] + [Applications] + [MIT Support Library]
+ [MIT Kerberos] + [Mac OS X] + [Developer Documentation] + [Information Systems] +


+ + + + + + +
Kerberos v5 Globals Library API Functions
+
+ OSStatus Krb5GlobalsSetDefaultCacheName + (char* inName);
+
+ Krb5GlobalsSetDefaultCacheName sets the systemwide default cache for the Kerberos 5 + library to inName. +

+ If successful, the function returns noErr. If it fails to allocate + memory for the cache name, it returns memFullErr. +

+ UInt32 Krb5GlobalsGetDefaultCacheName + (char* inName, UInt32 inLength); + +
+ Krb5GlobalsGetDefaultCacheName returns the name of the current systemwide default + credentials cache for the Kerberos v5 library. inName should point + to at least inLength bytes of memory. Actual length of the cache + name is returned.

+ If inName is nil, the length of the cache name is + returned. +

+ OSStatus Krb5GlobalsSetUniqueDefaultCacheName + ();
+
+ Krb5GlobalsSetUniqueDefaultCacheName sets the systemwide default credentials cache + name for Kerberos v5 library to a unique string (i.e., one that is not the name + of any of the existing credentials caches). +

+ If successful, the function returns noErr. If it fails to allocate + memory for the cache name, it returns memFullErr. +

+ UInt32 Krb5GlobalsGetDefaultCacheNameModification + ();
+
+ Krb5GlobalsGetDefaultCacheNameModification returns modification counter for the + systemwide default credentials cache name for the Kerberos v5 library. If result + of two calls to Krb5GlobalsGetDefaultCacheNameModification is different, the + default cache name has changed between them. +
+
+ +


Questions or comments? Send mail to +macdev@mit.edu
+Last updated on $Date$
+Last modified by $Author$ + + diff --git a/src/mac/macfile_gen.pl b/src/mac/macfile_gen.pl index 6bddb2387..00d53657a 100644 --- a/src/mac/macfile_gen.pl +++ b/src/mac/macfile_gen.pl @@ -8,6 +8,7 @@ # gss-sources -- complete list of mac GSS sources, relative to root # krb5-sources -- complete list of mac Krb5 sources, relative to root # profile-sources -- complete list of mac profile sources, relative to root +# comerr-sources -- complete list of mac com_err sources, relative to root # gss-objects-ppc-debug -- complete list of mac GSS PPC debug objects, relative to root # gss-objects-68k-debug -- complete list of mac GSS 68K debug objects, relative to root # gss-objects-ppc-final -- complete list of mac GSS PPC final objects, relative to root @@ -20,13 +21,17 @@ # profile-objects-68k-debug -- complete list of mac profile v5 68K debug objects, relative to root # profile-objects-ppc-final -- complete list of mac profile v5 PPC final objects, relative to root # profile-objects-68k-final -- complete list of mac profile v5 68K final objects, relative to root +# comerr-objects-ppc-debug -- complete list of mac com_err PPC debug objects, relative to root +# comerr-objects-68k-debug -- complete list of mac com_err v5 68K debug objects, relative to root +# comerr-objects-ppc-final -- complete list of mac com_err v5 PPC final objects, relative to root +# comerr-objects-68k-final -- complete list of mac com_err v5 68K final objects, relative to root # include-folders -- complete list of include paths, relative to root # # input on stdin # output on stdout # Check number of arguments -if (scalar @ARGV != 3) { +if (scalar @ARGV != 2) { print (STDERR "Got " . scalar @ARGV . " arguments, expected 2"); &usage; exit; @@ -35,7 +40,7 @@ if (scalar @ARGV != 3) { # Parse arguments $action = $ARGV [0]; $ROOT = $ARGV [1]; -$prefix = $ARGV [2]; +#$prefix = $ARGV [2]; # Read source list if ($action ne "all-files") { @@ -46,9 +51,9 @@ if ($action ne "all-files") { } else { @sourceList = &make_macfile_maclist (&make_macfile_list ()); - foreach (@sourceList) { - $_ =~ s/^:/$prefix/; - } +# foreach (@sourceList) { +# $_ =~ s/^:/$prefix/; +# } # @sourceList = map { $prefix . $_;} @sourceList; } @@ -92,6 +97,12 @@ if ($action eq "all-folders") { @outputList = grep (/:profile:/, @sourceList); print (STDERR "Done. \n"); +} elsif ($action eq "comerr-sources") { + + print (STDERR "# Building profile source listÉ "); + @outputList = grep (/:et:/, @sourceList); + print (STDERR "Done. \n"); + } elsif ($action eq "gss-objects-ppc-debug") { print (STDERR "# Building GSS PPC debug object listÉ "); @@ -152,28 +163,56 @@ if ($action eq "all-folders") { print (STDERR "# Building profile PPC debug object listÉ "); @outputList = grep (s/\.c$/\.ppcd.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "profile-objects-68k-debug") { print (STDERR "# Building profile 68K debug object listÉ "); @outputList = grep (s/\.c$/\.68kd.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "profile-objects-ppc-final") { print (STDERR "# Building profile PPC final object listÉ "); @outputList = grep (s/\.c$/\.ppcf.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "profile-objects-68k-final") { print (STDERR "# Building profile 68K final object listÉ "); @outputList = grep (s/\.c$/\.68kf.o/, @sourceList); - @outputList = grep (/:profile:|:et:/, @outputList); + @outputList = grep (/:profile:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-ppc-debug") { + + print (STDERR "# Building com_err PPC debug object listÉ "); + @outputList = grep (s/\.c$/\.ppcd.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-68k-debug") { + + print (STDERR "# Building com_err 68K debug object listÉ "); + @outputList = grep (s/\.c$/\.68kd.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-ppc-final") { + + print (STDERR "# Building com_err PPC final object listÉ "); + @outputList = grep (s/\.c$/\.ppcf.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); + print (STDERR "Done. \n"); + +} elsif ($action eq "comerr-objects-68k-final") { + + print (STDERR "# Building com_err 68K final object listÉ "); + @outputList = grep (s/\.c$/\.68kf.o/, @sourceList); + @outputList = grep (/:et:/, @outputList); print (STDERR "Done. \n"); } elsif ($action eq "include-folders") { diff --git a/src/mit/windows/include/v.h b/src/mit/windows/include/v.h deleted file mode 100644 index 79bb2ad69..000000000 --- a/src/mit/windows/include/v.h +++ /dev/null @@ -1,101 +0,0 @@ -/* v.h -- header for vlib.c */ - -#ifndef _VERSION_INC -#define _VERSION_INC - -/* - * values for op_code field - */ - -enum v_op_code - { - V_CHECK, /* op codes from server to client */ - V_CHECK_AND_LOG, - V_LOG, - V_LOG_PANIC, - V_OK, /* op codes from client to server */ - V_ERROR, - V_BAD_OP_CODE /* make sure this one is last */ - }; - -/* - * Values for status field - */ - - -#define V_REQUIRED 'R' /* new verison is absolutely required!! */ -#define V_RECOMMENDED 'r' /* new version is recommended. */ -#define V_OPTIONAL 'o' /* new version is optional */ -#define V_UP_TO_DATE 'u' -#define V_NEW_DOCUMENTATION 'd' -#define V_MESSAGE 'm' /* arbitrary message */ -#define V_BAD_STATUS '?' /* make sure this one is last */ - -static struct - { - char status; - char *status_name; - } version_status[] = - { - V_REQUIRED, "required", - V_RECOMMENDED, "recommended", - V_OPTIONAL, "optional", - V_UP_TO_DATE, "up_to_date", - V_NEW_DOCUMENTATION, "new_documentation", - V_MESSAGE, "message", - V_BAD_STATUS, "bad_status" - }; - -#define V_MAXDATA 700 - - -/* - * The general strategy here is we have two formats, a parsed format and a network format... - * "v_info" is parsed, and "v_pkt" is for the network. Note that the total size of all the - * strings in "v_info" had better fit into V_MAXDATA or we'll have some trouble assembling - * the packet. In a future protocol version, perhaps we'll actually USE the packet sequencing - * fields we've already declared, and send things in multiple packets.... - */ - -struct v_info - { - char *appl_name; /* Typically, these are pointers into */ - char *appl_vers; /* a struct v_pkt's */ - char *platform; /* data field (and are null-terminated strings) */ - char *status; /* status of this version */ - /* this string should be length 1, eg, V_OPTIONAL */ - char *message; - }; - -struct v_pkt - { - unsigned short protocol_version; - unsigned short packet_number; - unsigned short number_of_packets; - unsigned short op_code; - unsigned long seq; - char data[V_MAXDATA]; /* buffer of null delimited strings */ - }; - -#ifdef TEST -# define VERSION_FILE "/afs/net/project/net_dev/versions/test-version.txt" -# define VERSION_DB_FILE "/afs/net/project/net_dev/versions/test-db" -#else -# define VERSION_FILE "/afs/net/project/net_dev/version_db/version.txt" -# define VERSION_DB_FILE "/afs/net/project/net_dev/version_db/db" -#endif - -#define VERSION_LOG_DIR "/site/versions/" -#define VERSION_ERROR_LOG "bad-requests" -#define VERSION_SERVER_HOST "versions.mit.edu" -#define VERSION_SERVER_PORT 8500 -#define VERSION_CLIENT_PORT (VERSION_SERVER_PORT+1) -#define VERSION_PROTOCOL_VERSION 1 -#define V_BASE_SIZE (sizeof(struct v_pkt)-V_MAXDATA) -#define DLM ':' -#define KEY_SIZE 100 -#define LOG_CLASS LOG_LOCAL4 - -#define V_MACOS "MacOS" -#endif /* _VERSION_INC */ -/* end of file */ diff --git a/src/mit/windows/include/vs.h b/src/mit/windows/include/vs.h deleted file mode 100644 index 2f228656c..000000000 --- a/src/mit/windows/include/vs.h +++ /dev/null @@ -1,182 +0,0 @@ -/* - *---------------------------------------------------------------- - * - * $Source$ - * $Revision$ - * $Date$ - * $State$ - * $Author$ Jason Sachs (nosaj) - * $Locker$ - * - * $Log$ - * Revision 1.2 1997/04/29 10:45:02 tytso - * Remove #include of "mitcpyrt.h" (since it's of dubious legal value, and - * the file doesn't exist.) - * - * Revision 1.1 1997/04/17 15:25:52 tytso - * Add MIT's version server include files and libraries. - * - * Revision 1.3 92/08/27 10:44:51 pbh - * alpha 0.2a check in - * rebuilt manually - * - * Revision 0.1 92/08/25 10:00:20 pbh - * alpha 0.1a - */ - - - -/* vs.h -- defines for the Version Server checking routines. */ - -/* jms 6/3/92 */ - -#ifndef VS_HEADER_STUFF -#define VS_HEADER_STUFF - -#include "v.h" -#include - -typedef unsigned char VS_Status; -typedef unsigned long VS_Request; /* For compatibility reasons */ - -#if defined(WINDOWS) || defined(MEWEL) - #ifdef VS_INCWINDOWS - #include - #endif /* should we include windows.h here? */ -#else - #ifndef FAR /* il 7/25/95 */ - #define FAR - /* no need for that here */ - #endif - - #ifndef BOOL /* il 7/25/95 */ - #define BOOL int - #endif - - #ifndef NULL - #define NULL 0 - #endif /* Null */ - -#endif - -/* patch for nt. il 7/24/95 -- adding nt */ -#include "vs_nt.h" - -typedef struct v_req_info VS_ReqInfo, *VS_ReqInfoPtr; -#define VS_NAT_ReqInfoPtr VS_ReqInfo * - -#if defined(MEWEL) || defined(WINDOWS) - #if defined(WIN32) /* il 7/27/95 -- added nt */ - #define RequestAlloc (VS_Request) LocalAlloc - #define RequestLock(request) (VS_ReqInfoPtr) LocalLock((LOCALHANDLE)(request)) - #define RequestFree(request) LocalFree((LOCALHANDLE)(request)) - #define RequestUnlock(request) LocalUnlock((LOCALHANDLE)(request)) - #else - #define RequestAlloc (VS_Request) LocalAlloc - #define RequestLock(request) (VS_ReqInfoPtr) LocalLock((LOCALHANDLE)(LOWORD(request))) - #define RequestFree(request) LocalFree((LOCALHANDLE)(LOWORD(request))) - #define RequestUnlock(request) LocalUnlock((LOCALHANDLE)(LOWORD(request))) - #endif -#else - #define RequestAlloc(flags,size) (VS_Request) malloc(size) - #define RequestLock (char *) - #define RequestFree(request) free((char *) request) - #define RequestUnlock(request) /* nothin' */ -#endif /* jms 08/13/93 */ - -/* status codes */ - -#define V_E_SELECT 255 -#define V_E_TIMEOUT 254 -#define V_E_SELECT_STRANGEFD 253 -#define V_E_RECVFROM 252 -#define V_E_UNKNOWN 251 -#define V_E_BAD_OP_CODE 250 -#define V_E_HOSTNOTFOUND 249 -#define V_E_SOCKET 248 -#define V_E_BIND 247 -#define V_E_SENDTO 246 -#define V_E_DLLNOTFOUND 245 -#define V_E_NOMEMORY 244 -#define V_E_CANCEL 243 - -#define VSR_OK 0 - -/* classifications of errors */ - -#define V_C_NOERROR 0 -#define V_C_TRY_AGAIN 1 -#define V_C_DEFINITE 2 -#define V_C_FAIL 3 - -extern VS_Status _far _cdecl err_classify(VS_Status error); -#if defined(MEWEL) || defined(WINDOWS) -/* jms 2/16/93 */ -extern BOOL _far _cdecl v_complain(VS_Status error, LPSTR inifilename); -#endif - -#define V_TRY_AGAIN(status) (err_classify(status)==V_C_TRY_AGAIN) -#define V_FAIL(status) (err_classify(status)==V_C_FAIL) -#define V_DEFINITE(status) (err_classify(status)==V_C_DEFINITE) - -#define V_STATUS(vinfo) ((VS_Status)*((vinfo).status)) - /* grumble... this abstraction should be in v.h... */ - -/* the main routines */ - -#if defined(MEWEL) || defined(WINDOWS) -#ifndef NOCODECOVER -extern VS_Request _far _cdecl VSFormRequest(char FAR *name, char FAR *version, - char FAR *ininame, char FAR *codecover, HWND hWnd, - int HowToCheck); -#else -extern VS_Request _far _cdecl VSFormRequest(char FAR *name, char FAR *version, - char FAR *ininame, HWND hWnd, - int HowToCheck); -#endif - -#else -extern VS_Request _far _cdecl VSFormRequest(char *name, char *version, int HowToCheck); -#endif - -extern VS_Status _far _cdecl VSProcessRequest(VS_Request request); -#if defined(WINDOWS) || defined(MEWEL) -extern void _far _cdecl WinVSReportRequest(VS_Request request, HWND hWnd, char FAR *title); -extern void _far _cdecl TTChangeRegistration(char FAR *ininame, HWND hWnd, LPSTR DlgBoxName); -extern BOOL _far _cdecl v_complain(VS_Status error, LPSTR inifilename); -#else -extern void _far _cdecl TTYVSReportRequest(VS_Request request); -#endif -extern void _far _cdecl VSDestroyRequest(VS_Request request); -extern void _far _cdecl PickVersionServer(char FAR *name); -#define HNAMESIZE 40 /* max. chars in the VS server name. */ -#define HSPSIZE 2 /* no. chars in send packets option */ - -#ifndef VS_INTERNAL -extern VS_Request _far _cdecl MakeRequest( VS_Status status ); -extern VS_Status _far _cdecl ReqStatus ( VS_Request hrequest ); -#endif - -#endif /* VS_HEADER_STUFF */ - -/* - * The application should call the first two routines, and optionally - * the third, in order. It should only quit if CheckVS returns V_REQUIRED. - * If this is a Windows/Mewel program, a call to PostQuitMessage(0) is the - * best way to do things, unless some cleanup needs to be done... but the - * Version Server checking should be done as early as possible so this - * shouldn't be a problem. - */ - -#if 0 -/* here's an example: */ - VS_Request request; - VS_Status status; - - request = VSFormRequest(APPLICATION_NAME, APP_VER, "1st alpha"); - status = VSProcessRequest(request); - WinVSReportRequest(request, hMainWin, "Version Server Status Report"); - if (status == V_REQUIRED) - PostQuitMessage(0); /* This is an outdated version of TechInfo! */ - VSDestroyRequest(request); -#endif diff --git a/src/mit/windows/include/vs_nt.h b/src/mit/windows/include/vs_nt.h deleted file mode 100644 index 18ec61578..000000000 --- a/src/mit/windows/include/vs_nt.h +++ /dev/null @@ -1,40 +0,0 @@ -/* il 7/24/95 -- adding nt */ - -#ifndef _vs_nt_h_ -#define _ve_nt_h_ - -#ifdef _WIN32 - - - -/* the #undef instructions are not needed, but left to avoid possible - * conflicts with windows.h's similar definitions */ - -#undef FAR -#undef far -#undef _far -#undef __far - -#define FAR -#define far -#define _far -#define __far - -#undef _osmajor -#undef _osmanor -#define _osmajor _winmajor -#define _osminor _winminor - -#undef _fstrlen -#undef _fstrcat -#define _fstrlen strlen -#define _fstrcat strcat - -#include - - -#undef WINDOWS -#define WINDOWS - -#endif -#endif diff --git a/src/mit/windows/lib/ChangeLog b/src/mit/windows/lib/ChangeLog deleted file mode 100644 index 1e755bb29..000000000 --- a/src/mit/windows/lib/ChangeLog +++ /dev/null @@ -1,6 +0,0 @@ -Mon May 17 18:47:15 1999 Danilo Almeida - - * vs.dll, vswin.lib: Remove as we no longer support win16. - * vs32.dll, vsnt.lib: Move to i386 subdirectory. - * i386: Add directory for i386-specific win32 libraries. - diff --git a/src/mit/windows/lib/i386/ChangeLog b/src/mit/windows/lib/i386/ChangeLog deleted file mode 100644 index 42e1c14fa..000000000 --- a/src/mit/windows/lib/i386/ChangeLog +++ /dev/null @@ -1,8 +0,0 @@ -Mon May 17 18:54:35 1999 Danilo Almeida - - * vs32.dll, vsnt.lib: Set -kb sticky bits. - -Mon May 17 18:47:15 1999 Danilo Almeida - - * vs32.dll, vsnt.lib: Move from .. into this subdirectory. - diff --git a/src/mit/windows/lib/i386/vs32.dll b/src/mit/windows/lib/i386/vs32.dll deleted file mode 100644 index 4cacfdbd0..000000000 Binary files a/src/mit/windows/lib/i386/vs32.dll and /dev/null differ diff --git a/src/mit/windows/lib/i386/vsnt.lib b/src/mit/windows/lib/i386/vsnt.lib deleted file mode 100644 index efeedab77..000000000 Binary files a/src/mit/windows/lib/i386/vsnt.lib and /dev/null differ diff --git a/src/prototype/prototype.c b/src/prototype/prototype.c index 3d96b20c6..0723899fc 100644 --- a/src/prototype/prototype.c +++ b/src/prototype/prototype.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/prototype/prototype.h b/src/prototype/prototype.h index 3ca641199..ca554a7e0 100644 --- a/src/prototype/prototype.h +++ b/src/prototype/prototype.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/slave/ChangeLog b/src/slave/ChangeLog index ca86faf88..e80bb3892 100644 --- a/src/slave/ChangeLog +++ b/src/slave/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/slave/Makefile.in b/src/slave/Makefile.in index 927fb1e91..3caec4a48 100644 --- a/src/slave/Makefile.in +++ b/src/slave/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=slave mydir=. BUILDTOP=$(REL)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/slave/kprop.M b/src/slave/kprop.M index a0b5ac840..0a442a21e 100644 --- a/src/slave/kprop.M +++ b/src/slave/kprop.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/slave/kprop.c b/src/slave/kprop.c index 94b0b7a96..5b6b5969b 100644 --- a/src/slave/kprop.c +++ b/src/slave/kprop.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/slave/kprop.h b/src/slave/kprop.h index e5481f3af..50210132e 100644 --- a/src/slave/kprop.h +++ b/src/slave/kprop.h @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/slave/kpropd.M b/src/slave/kpropd.M index e037a1121..6c7d6a159 100644 --- a/src/slave/kpropd.M +++ b/src/slave/kpropd.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/slave/kpropd.c b/src/slave/kpropd.c index c2556b6e9..23a75e047 100644 --- a/src/slave/kpropd.c +++ b/src/slave/kpropd.c @@ -42,7 +42,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/ChangeLog b/src/tests/ChangeLog index df541eb4b..04f650974 100644 --- a/src/tests/ChangeLog +++ b/src/tests/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Wed Feb 18 16:27:44 1998 Tom Yu * Makefile.in (thisconfigdir): Remove trailing slash. diff --git a/src/tests/Makefile.in b/src/tests/Makefile.in index 02c94d240..4c7eed06a 100644 --- a/src/tests/Makefile.in +++ b/src/tests/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. BUILDTOP=$(REL)$(U) LOCAL_SUBDIRS = resolve asn.1 create hammer verify gssapi dejagnu -CFLAGS = $(CCOPTS) RUN_SETUP = @KRB5_RUN_ENV@ KRB5_KDC_PROFILE=kdc.conf KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf KRB5_RUN_ENV= @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) diff --git a/src/tests/asn.1/ChangeLog b/src/tests/asn.1/ChangeLog index ae8f98bf1..f6ce26221 100644 --- a/src/tests/asn.1/ChangeLog +++ b/src/tests/asn.1/ChangeLog @@ -1,3 +1,15 @@ +1999-11-01 Tom Yu + + * krb5_decode_test.c (main): Add test case for zero-length + SequenceOfType. + +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Sat Jul 10 10:32:31 1999 Tom Yu * krb5_decode_test.c (main): Add additional test cases in diff --git a/src/tests/asn.1/Makefile.in b/src/tests/asn.1/Makefile.in index 54ee75e2a..19b774963 100644 --- a/src/tests/asn.1/Makefile.in +++ b/src/tests/asn.1/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=tests/asn.1 mydir=asn.1 BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDES) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) @@ -27,7 +26,7 @@ krb5_decode_test: $(DECOBJS) $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o krb5_decode_test $(DECOBJS) $(KRB5_BASE_LIBS) trval: $(srcdir)/trval.c - $(CC) -o trval $(CFLAGS) -DSTANDALONE $(srcdir)/trval.c + $(CC) -o trval $(ALL_CFLAGS) -DSTANDALONE $(srcdir)/trval.c check:: krb5_decode_test krb5_encode_test KRB5_CONFIG=$(SRCTOP)/config-files/krb5.conf ; \ diff --git a/src/tests/asn.1/krb5_decode_test.c b/src/tests/asn.1/krb5_decode_test.c index f1f3b702f..8ec075b93 100644 --- a/src/tests/asn.1/krb5_decode_test.c +++ b/src/tests/asn.1/krb5_decode_test.c @@ -274,6 +274,10 @@ int main(argc, argv) #endif ref.kdc_options &= ~KDC_OPT_ENC_TKT_IN_SKEY; decode_run("kdc_req_body","(optionals NULL except server)","30 59 A0 07 03 05 00 FE DC BA 90 A2 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A3 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A5 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A7 03 02 01 2A A8 08 30 06 02 01 00 02 01 01",decode_krb5_kdc_req_body,ktest_equal_kdc_req_body); + ref.nktypes = 0; + free(ref.ktype); + ref.ktype = NULL; + decode_run("kdc_req_body","(optionals NULL except server; zero-length etypes)","30 53 A0 07 03 05 00 FE DC BA 90 A2 10 1B 0E 41 54 48 45 4E 41 2E 4D 49 54 2E 45 44 55 A3 1A 30 18 A0 03 02 01 01 A1 11 30 0F 1B 06 68 66 74 73 61 69 1B 05 65 78 74 72 61 A5 11 18 0F 31 39 39 34 30 36 31 30 30 36 30 33 31 37 5A A7 03 02 01 2A A8 02 30 00",decode_krb5_kdc_req_body,ktest_equal_kdc_req_body); } /****************************************************************/ diff --git a/src/tests/asn.1/trval.c b/src/tests/asn.1/trval.c index bfe0abda4..7a1ddc368 100644 --- a/src/tests/asn.1/trval.c +++ b/src/tests/asn.1/trval.c @@ -22,7 +22,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/create/ChangeLog b/src/tests/create/ChangeLog index 5cf06cc9a..55733523c 100644 --- a/src/tests/create/ChangeLog +++ b/src/tests/create/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/tests/create/Makefile.in b/src/tests/create/Makefile.in index 6ba741b21..15ebb9a18 100644 --- a/src/tests/create/Makefile.in +++ b/src/tests/create/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=tests/create mydir=create BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) SRCS=$(srcdir)/kdb5_mkdums.c diff --git a/src/tests/create/kdb5_mkdums.M b/src/tests/create/kdb5_mkdums.M index be8b5a3fd..23e258532 100644 --- a/src/tests/create/kdb5_mkdums.M +++ b/src/tests/create/kdb5_mkdums.M @@ -14,7 +14,10 @@ .\" this permission notice appear in supporting documentation, and that .\" the name of M.I.T. not be used in advertising or publicity pertaining .\" to distribution of the software without specific, written prior -.\" permission. M.I.T. makes no representations about the suitability of +.\" permission. Furthermore if you modify this software you must label +.\" your software as modified software and not distribute it in such a +.\" fashion that it might be confused with the original M.I.T. software. +.\" M.I.T. makes no representations about the suitability of .\" this software for any purpose. It is provided "as is" without express .\" or implied warranty. .\" diff --git a/src/tests/create/kdb5_mkdums.c b/src/tests/create/kdb5_mkdums.c index 4f9376670..3cacc19df 100644 --- a/src/tests/create/kdb5_mkdums.c +++ b/src/tests/create/kdb5_mkdums.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/dejagnu/ChangeLog b/src/tests/dejagnu/ChangeLog index 5029e6d8c..ee65f85fd 100644 --- a/src/tests/dejagnu/ChangeLog +++ b/src/tests/dejagnu/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/tests/dejagnu/Makefile.in b/src/tests/dejagnu/Makefile.in index 60de335be..a93bae008 100644 --- a/src/tests/dejagnu/Makefile.in +++ b/src/tests/dejagnu/Makefile.in @@ -23,8 +23,6 @@ check-:: check-runtest:: t_inetd site.exp $(HAVE_RUNTEST) --tool krb --srcdir $(srcdir) $(RUNTESTFLAGS) -CFLAGS = $(CCOPTS) $(DEFS) - t_inetd:: t_inetd.o $(KRB5_BASE_DEPLIBS) $(CC_LINK) -o t_inetd t_inetd.o $(KRB5_BASE_LIBS) diff --git a/src/tests/dejagnu/config/ChangeLog b/src/tests/dejagnu/config/ChangeLog index f464d3ee2..4cecec791 100644 --- a/src/tests/dejagnu/config/ChangeLog +++ b/src/tests/dejagnu/config/ChangeLog @@ -1,3 +1,28 @@ +1999-08-31 Ken Raeburn + + * default.exp (setup_kerberos_files): Set kdc_supported_enctypes + in kdc.conf, and include des3-cbc-sha1:normal. + (setup_kerberos_db): If setting up krbtgt to use des3, now use + only des3, not des3 and des-crc both. + +1999-08-30 Ken Raeburn + + * default.exp (des3_krbtgt): New variable. + (setup_kerberos_files): Remove des3 from supported_enctypes in + kdc.conf. + (setup_kerberos_db): If des3_krbtgt is set, change krbtgt key, and + get a des3 key in addition to des. + +1999-08-27 Ken Raeburn + + * default.exp: Set default principal expiration a bit further into + the future. + +1999-08-26 Tom Yu + + * default.exp (setup_kerberos_files): Tweak enctypes entered into + config files to exercise 3DES a little. + Fri Jan 30 23:48:57 1998 Tom Yu * default.exp: Add kpasswd_server to krb5.conf. diff --git a/src/tests/dejagnu/config/default.exp b/src/tests/dejagnu/config/default.exp index c5b626192..6b53e3522 100644 --- a/src/tests/dejagnu/config/default.exp +++ b/src/tests/dejagnu/config/default.exp @@ -15,6 +15,8 @@ set timeout 100 set stty_init {erase \^h kill \^u} set env(TERM) dumb +set des3_krbtgt 1 + # We do everything in a temporary directory. if ![file isdirectory tmpdir] {catch "exec mkdir tmpdir" status} @@ -309,7 +311,7 @@ proc setup_kerberos_files { } { set conffile [open tmpdir/krb5.conf w] puts $conffile "\[libdefaults\]" puts $conffile " default_realm = $REALMNAME" - puts $conffile "default_tgs_enctypes = des3-cbc-md5 des-cbc-md5 des-cbc-crc" + puts $conffile "default_tgs_enctypes = des-cbc-md5 des-cbc-crc" puts $conffile "" puts $conffile "\[realms\]" puts $conffile " $REALMNAME = \{" @@ -350,9 +352,11 @@ proc setup_kerberos_files { } { puts $conffile " max_renewable_life = 3:00:00" puts $conffile " master_key_type = des-cbc-md5" puts $conffile " master_key_name = master/key" - puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" +# des3-cbc-sha1:normal + puts $conffile " supported_enctypes = des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" + puts $conffile " kdc_supported_enctypes = des3-cbc-sha1:normal des-cbc-crc:normal des-cbc-md5:normal des-cbc-crc:v4 des-cbc-md5:norealm" puts $conffile " kdc_ports = 3088" - puts $conffile " default_principal_expiration = 99.12.31.23.59.59" + puts $conffile " default_principal_expiration = 2037.12.31.23.59.59" puts $conffile " default_principal_flags = -postdateable forwardable" puts $conffile " \}" puts $conffile "" @@ -579,6 +583,7 @@ proc setup_kerberos_db { standalone } { global KEY global tmppwd global spawn_id + global des3_krbtgt if {!$standalone && [file exists tmpdir/db.ok]} { return 1 @@ -730,6 +735,46 @@ proc setup_kerberos_db { standalone } { return 0 } + if $des3_krbtgt { + # Set the TGT key to DES3. + spawn $KADMIN_LOCAL -r $REALMNAME -e des3-cbc-sha1:normal + expect_after { + timeout { + catch "expect_after" + fail "kadmin.local (timeout)" + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + eof { + catch "expect_after" + fail "kadmin.local (eof)" + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + } + expect "kadmin.local: " + send "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" + # It echos... + expect "cpw -randkey krbtgt/$REALMNAME@$REALMNAME\r" + expect { + "Key for \"krbtgt/$REALMNAME@$REALMNAME\" randomized." { } + } + expect "kadmin.local: " + send "quit\r" + expect "\r" + expect_after + if ![check_exit_status kadmin_local] { + if {!$standalone} { + catch "exec rm -f tmpdir/db.ok tmpdir/adb.db" + } + return 0 + } + } + if ![setup_kadmind_srvtab] { return 0 } diff --git a/src/tests/dejagnu/t_inetd.c b/src/tests/dejagnu/t_inetd.c index 0fe4db834..fba21da5e 100644 --- a/src/tests/dejagnu/t_inetd.c +++ b/src/tests/dejagnu/t_inetd.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/dump.c b/src/tests/dump.c index 4cef05f53..1e40ffeda 100644 --- a/src/tests/dump.c +++ b/src/tests/dump.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/gssapi/ChangeLog b/src/tests/gssapi/ChangeLog index f546808d2..cec37c282 100644 --- a/src/tests/gssapi/ChangeLog +++ b/src/tests/gssapi/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-04-14 * t_imp_name.c: Initialize display_file variable in main(), diff --git a/src/tests/gssapi/Makefile.in b/src/tests/gssapi/Makefile.in index 4854683f5..df8db19d5 100644 --- a/src/tests/gssapi/Makefile.in +++ b/src/tests/gssapi/Makefile.in @@ -2,7 +2,7 @@ thisconfigdir=./.. myfulldir=tests/gssapi mydir=gssapi BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) -DUSE_AUTOCONF_H +DEFINES = -DUSE_AUTOCONF_H PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/tests/gssapi/t_imp_name.c b/src/tests/gssapi/t_imp_name.c index 182c37361..04a6cc7f9 100644 --- a/src/tests/gssapi/t_imp_name.c +++ b/src/tests/gssapi/t_imp_name.c @@ -14,7 +14,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/hammer/ChangeLog b/src/tests/hammer/ChangeLog index 10d59e11a..1504de434 100644 --- a/src/tests/hammer/ChangeLog +++ b/src/tests/hammer/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/tests/hammer/Makefile.in b/src/tests/hammer/Makefile.in index e4d14aa23..367ba8890 100644 --- a/src/tests/hammer/Makefile.in +++ b/src/tests/hammer/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=tests/hammer mydir=hammer BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/tests/hammer/kdc5_hammer.c b/src/tests/hammer/kdc5_hammer.c index 54d567c43..780f92d83 100644 --- a/src/tests/hammer/kdc5_hammer.c +++ b/src/tests/hammer/kdc5_hammer.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/resolve/ChangeLog b/src/tests/resolve/ChangeLog index 679cce168..0e5b12a2a 100644 --- a/src/tests/resolve/ChangeLog +++ b/src/tests/resolve/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/tests/resolve/Makefile.in b/src/tests/resolve/Makefile.in index 5e14eb028..f528d4889 100644 --- a/src/tests/resolve/Makefile.in +++ b/src/tests/resolve/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=tests/resolve mydir=resolve BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDES) RUN_SETUP = @KRB5_RUN_ENV@ PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/tests/resolve/resolve.c b/src/tests/resolve/resolve.c index 39020e54b..023c378f4 100644 --- a/src/tests/resolve/resolve.c +++ b/src/tests/resolve/resolve.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/test1.c b/src/tests/test1.c index 9e5890e50..bb142ead4 100644 --- a/src/tests/test1.c +++ b/src/tests/test1.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/tests/verify/ChangeLog b/src/tests/verify/ChangeLog index 1f466c7b6..7d0a88f2e 100644 --- a/src/tests/verify/ChangeLog +++ b/src/tests/verify/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1998-11-13 Theodore Ts'o * Makefile.in: Set the myfulldir and mydir variables (which are diff --git a/src/tests/verify/Makefile.in b/src/tests/verify/Makefile.in index 137ef379c..cb4d4bdbb 100644 --- a/src/tests/verify/Makefile.in +++ b/src/tests/verify/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=./.. myfulldir=tests/verify mydir=verify BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) PROG_LIBPATH=-L$(TOPLIBD) PROG_RPATH=$(KRB5_LIBDIR) diff --git a/src/tests/verify/kdb5_verify.c b/src/tests/verify/kdb5_verify.c index 558ef2533..bfb066136 100644 --- a/src/tests/verify/kdb5_verify.c +++ b/src/tests/verify/kdb5_verify.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/util/ChangeLog b/src/util/ChangeLog index c72703068..3862b2530 100644 --- a/src/util/ChangeLog +++ b/src/util/ChangeLog @@ -1,3 +1,14 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-16 Tom Yu + + * mkrel (reldate): Fix to deal with release branch snapshots. + Wed May 19 11:43:36 1999 Danilo Almeida * Makefile.in: Add all and cleanup rules for windows for windows, diff --git a/src/util/Makefile.in b/src/util/Makefile.in index b374d7cd4..3b4fd5d9b 100644 --- a/src/util/Makefile.in +++ b/src/util/Makefile.in @@ -3,7 +3,6 @@ myfulldir=util mydir=util MY_SUBDIRS=et ss profile pty dyn db2 send-pr BUILDTOP=$(REL)$(U) -CFLAGS = $(CCOPTS) MAC_SUBDIRS = profile et diff --git a/src/util/db2/ChangeLog b/src/util/db2/ChangeLog index f7617d5f6..7972728d6 100644 --- a/src/util/db2/ChangeLog +++ b/src/util/db2/ChangeLog @@ -1,3 +1,13 @@ +1999-08-15 Tom Yu + + * README.NOT.SLEEPYCAT.DB: New file; pointer to README to + hopefully unconfuse people. + + * README: Add notice to the effect that this is not Berkeley or + Sleepycat DB. + + * README.db2: Renamed from README. + Fri Feb 13 14:37:47 1998 Tom Yu * recno/extern.h: Additional renaming. diff --git a/src/util/db2/README b/src/util/db2/README index 5700b7393..70118bef5 100644 --- a/src/util/db2/README +++ b/src/util/db2/README @@ -1,41 +1,17 @@ -# @(#)README 8.28 (Berkeley) 11/2/95 - -This is version 2.0-ALPHA of the Berkeley DB code. -THIS IS A PRELIMINARY RELEASE. - -For information on compiling and installing this software, see the file -PORT/README. - -Newer versions of this software will periodically be made available by -anonymous ftp from ftp.cs.berkeley.edu:ucb/4bsd/db.tar.{Z,gz} and from -ftp.harvard.edu:margo/db.tar.{Z,gz}. If you want to receive announcements -of future releases of this software, send email to the contact address -below. - -Email questions may be addressed to dbinfo@eecs.harvard.edu. - -============================================ -Distribution contents: - -README This file. -CHANGELOG List of changes, per version. -btree B+tree access method. -db The db_open interface routine. -docs Various USENIX papers, and the formatted manual pages. -hash Extended linear hashing access method. -lock Lock manager. -log Log manager. -man The unformatted manual pages. -mpool The buffer manager support. -mutex Mutex support. -recno The fixed/variable length record access method. -test Test package. -txn Transaction support. - -============================================ -Debugging: - -If you're running a memory checker (e.g. Purify) on DB, make sure that -you recompile it with "-DPURIFY" in the CFLAGS, first. By default, -allocated pages are not initialized by the DB code, and they will show -up as reads of uninitialized memory in the buffer write routines. + IMPORTANT NOTICE: + +This directory contains code of somewhat unknown origin that is +INCOMPATIBLE with both Berkeley DB 1.85 and Sleepycat DB 2.x. Do NOT +contact Sleepycat regarding bugs in code found here; they do not +appreciate it. All bug reports about this code should go to the MIT +Kerberos team via krb5-send-pr or email to krb5-bugs@mit.edu, as +usual. + +It is believed that this "db" code originated from Berkeley DB 1.85 +and was further modified by Cygnus and the MIT Kerberos team. Some +significant changes to the hash code occured at some point. + +The file README.db2 contains the README file provided with the +2.0-alpha release of Berkeley/Sleepycat DB, which may contain +marginally useful information. It is not known at this time how well +this code matches that of the 2.0-alpha release. diff --git a/src/util/db2/README.NOT.SLEEPYCAT.DB b/src/util/db2/README.NOT.SLEEPYCAT.DB new file mode 100644 index 000000000..112454e94 --- /dev/null +++ b/src/util/db2/README.NOT.SLEEPYCAT.DB @@ -0,0 +1,2 @@ +THIS IS NOT THE SLEEPYCAT DB. +Please see the README file for more information. diff --git a/src/util/db2/README.db2 b/src/util/db2/README.db2 new file mode 100644 index 000000000..5700b7393 --- /dev/null +++ b/src/util/db2/README.db2 @@ -0,0 +1,41 @@ +# @(#)README 8.28 (Berkeley) 11/2/95 + +This is version 2.0-ALPHA of the Berkeley DB code. +THIS IS A PRELIMINARY RELEASE. + +For information on compiling and installing this software, see the file +PORT/README. + +Newer versions of this software will periodically be made available by +anonymous ftp from ftp.cs.berkeley.edu:ucb/4bsd/db.tar.{Z,gz} and from +ftp.harvard.edu:margo/db.tar.{Z,gz}. If you want to receive announcements +of future releases of this software, send email to the contact address +below. + +Email questions may be addressed to dbinfo@eecs.harvard.edu. + +============================================ +Distribution contents: + +README This file. +CHANGELOG List of changes, per version. +btree B+tree access method. +db The db_open interface routine. +docs Various USENIX papers, and the formatted manual pages. +hash Extended linear hashing access method. +lock Lock manager. +log Log manager. +man The unformatted manual pages. +mpool The buffer manager support. +mutex Mutex support. +recno The fixed/variable length record access method. +test Test package. +txn Transaction support. + +============================================ +Debugging: + +If you're running a memory checker (e.g. Purify) on DB, make sure that +you recompile it with "-DPURIFY" in the CFLAGS, first. By default, +allocated pages are not initialized by the DB code, and they will show +up as reads of uninitialized memory in the buffer write routines. diff --git a/src/util/db2/obj/ChangeLog b/src/util/db2/obj/ChangeLog index 6f09fcd60..a85532034 100644 --- a/src/util/db2/obj/ChangeLog +++ b/src/util/db2/obj/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + Mon Nov 25 16:20:35 1996 Sam Hartman * Makefile.in (check): Remove install rule to fix pmake problem. [236] diff --git a/src/util/db2/obj/Makefile.in b/src/util/db2/obj/Makefile.in index b81a78efb..6c6f840f7 100644 --- a/src/util/db2/obj/Makefile.in +++ b/src/util/db2/obj/Makefile.in @@ -36,9 +36,10 @@ libdir = @libdir@ CDEBUGFLAGS = @CFLAGS@ -CFLAGS = $(CDEBUGFLAGS) @CPPFLAGS@ @DEFS@ \ - -I. -I$(top_srcdir)/include -I$(top_srcdir)/mpool -I$(top_srcdir)/db \ +CFLAGS = $(CDEBUGFLAGS) +LOCALINCLUDES = -I. -I$(top_srcdir)/include -I$(top_srcdir)/mpool -I$(top_srcdir)/db \ -I$(top_srcdir)/hash -I$(top_srcdir)/btree -I$(top_srcdir)/recno +ALL_CFLAGS = $(DEFS) $(LOCALINCLUDES) $(CPPFLAGS) $(CFLAGS) all:: $(LIBDB) db.h @@ -71,83 +72,83 @@ clean:: ## but it doesn't, so I do this instead: db.o: $(top_srcdir)/db/db.c - $(CC) $(CFLAGS) -c -o db.o $(top_srcdir)/db/db.c + $(CC) $(ALL_CFLAGS) -c -o db.o $(top_srcdir)/db/db.c mpool.o: $(top_srcdir)/mpool/mpool.c - $(CC) $(CFLAGS) -c -o mpool.o $(top_srcdir)/mpool/mpool.c + $(CC) $(ALL_CFLAGS) -c -o mpool.o $(top_srcdir)/mpool/mpool.c hash.o: $(top_srcdir)/hash/hash.c - $(CC) $(CFLAGS) -c -o hash.o $(top_srcdir)/hash/hash.c + $(CC) $(ALL_CFLAGS) -c -o hash.o $(top_srcdir)/hash/hash.c hash_bigkey.o: $(top_srcdir)/hash/hash_bigkey.c - $(CC) $(CFLAGS) -c -o hash_bigkey.o $(top_srcdir)/hash/hash_bigkey.c + $(CC) $(ALL_CFLAGS) -c -o hash_bigkey.o $(top_srcdir)/hash/hash_bigkey.c hash_debug.o: $(top_srcdir)/hash/hash_debug.c - $(CC) $(CFLAGS) -c -o hash_debug.o $(top_srcdir)/hash/hash_debug.c + $(CC) $(ALL_CFLAGS) -c -o hash_debug.o $(top_srcdir)/hash/hash_debug.c hash_func.o: $(top_srcdir)/hash/hash_func.c - $(CC) $(CFLAGS) -c -o hash_func.o $(top_srcdir)/hash/hash_func.c + $(CC) $(ALL_CFLAGS) -c -o hash_func.o $(top_srcdir)/hash/hash_func.c hash_log2.o: $(top_srcdir)/hash/hash_log2.c - $(CC) $(CFLAGS) -c -o hash_log2.o $(top_srcdir)/hash/hash_log2.c + $(CC) $(ALL_CFLAGS) -c -o hash_log2.o $(top_srcdir)/hash/hash_log2.c hash_page.o: $(top_srcdir)/hash/hash_page.c - $(CC) $(CFLAGS) -c -o hash_page.o $(top_srcdir)/hash/hash_page.c + $(CC) $(ALL_CFLAGS) -c -o hash_page.o $(top_srcdir)/hash/hash_page.c hsearch.o: $(top_srcdir)/hash/hsearch.c - $(CC) $(CFLAGS) -c -o hsearch.o $(top_srcdir)/hash/hsearch.c + $(CC) $(ALL_CFLAGS) -c -o hsearch.o $(top_srcdir)/hash/hsearch.c dbm.o: $(top_srcdir)/hash/dbm.c - $(CC) $(CFLAGS) -c -o dbm.o $(top_srcdir)/hash/dbm.c + $(CC) $(ALL_CFLAGS) -c -o dbm.o $(top_srcdir)/hash/dbm.c bt_close.o: $(top_srcdir)/btree/bt_close.c - $(CC) $(CFLAGS) -c -o bt_close.o $(top_srcdir)/btree/bt_close.c + $(CC) $(ALL_CFLAGS) -c -o bt_close.o $(top_srcdir)/btree/bt_close.c bt_conv.o: $(top_srcdir)/btree/bt_conv.c - $(CC) $(CFLAGS) -c -o bt_conv.o $(top_srcdir)/btree/bt_conv.c + $(CC) $(ALL_CFLAGS) -c -o bt_conv.o $(top_srcdir)/btree/bt_conv.c bt_debug.o: $(top_srcdir)/btree/bt_debug.c - $(CC) $(CFLAGS) -c -o bt_debug.o $(top_srcdir)/btree/bt_debug.c + $(CC) $(ALL_CFLAGS) -c -o bt_debug.o $(top_srcdir)/btree/bt_debug.c bt_delete.o: $(top_srcdir)/btree/bt_delete.c - $(CC) $(CFLAGS) -c -o bt_delete.o $(top_srcdir)/btree/bt_delete.c + $(CC) $(ALL_CFLAGS) -c -o bt_delete.o $(top_srcdir)/btree/bt_delete.c bt_get.o: $(top_srcdir)/btree/bt_get.c - $(CC) $(CFLAGS) -c -o bt_get.o $(top_srcdir)/btree/bt_get.c + $(CC) $(ALL_CFLAGS) -c -o bt_get.o $(top_srcdir)/btree/bt_get.c bt_open.o: $(top_srcdir)/btree/bt_open.c - $(CC) $(CFLAGS) -c -o bt_open.o $(top_srcdir)/btree/bt_open.c + $(CC) $(ALL_CFLAGS) -c -o bt_open.o $(top_srcdir)/btree/bt_open.c bt_overflow.o: $(top_srcdir)/btree/bt_overflow.c - $(CC) $(CFLAGS) -c -o bt_overflow.o $(top_srcdir)/btree/bt_overflow.c + $(CC) $(ALL_CFLAGS) -c -o bt_overflow.o $(top_srcdir)/btree/bt_overflow.c bt_page.o: $(top_srcdir)/btree/bt_page.c - $(CC) $(CFLAGS) -c -o bt_page.o $(top_srcdir)/btree/bt_page.c + $(CC) $(ALL_CFLAGS) -c -o bt_page.o $(top_srcdir)/btree/bt_page.c bt_put.o: $(top_srcdir)/btree/bt_put.c - $(CC) $(CFLAGS) -c -o bt_put.o $(top_srcdir)/btree/bt_put.c + $(CC) $(ALL_CFLAGS) -c -o bt_put.o $(top_srcdir)/btree/bt_put.c bt_search.o: $(top_srcdir)/btree/bt_search.c - $(CC) $(CFLAGS) -c -o bt_search.o $(top_srcdir)/btree/bt_search.c + $(CC) $(ALL_CFLAGS) -c -o bt_search.o $(top_srcdir)/btree/bt_search.c bt_seq.o: $(top_srcdir)/btree/bt_seq.c - $(CC) $(CFLAGS) -c -o bt_seq.o $(top_srcdir)/btree/bt_seq.c + $(CC) $(ALL_CFLAGS) -c -o bt_seq.o $(top_srcdir)/btree/bt_seq.c bt_split.o: $(top_srcdir)/btree/bt_split.c - $(CC) $(CFLAGS) -c -o bt_split.o $(top_srcdir)/btree/bt_split.c + $(CC) $(ALL_CFLAGS) -c -o bt_split.o $(top_srcdir)/btree/bt_split.c bt_stack.o: $(top_srcdir)/btree/bt_stack.c - $(CC) $(CFLAGS) -c -o bt_stack.o $(top_srcdir)/btree/bt_stack.c + $(CC) $(ALL_CFLAGS) -c -o bt_stack.o $(top_srcdir)/btree/bt_stack.c bt_utils.o: $(top_srcdir)/btree/bt_utils.c - $(CC) $(CFLAGS) -c -o bt_utils.o $(top_srcdir)/btree/bt_utils.c + $(CC) $(ALL_CFLAGS) -c -o bt_utils.o $(top_srcdir)/btree/bt_utils.c rec_close.o: $(top_srcdir)/recno/rec_close.c - $(CC) $(CFLAGS) -c -o rec_close.o $(top_srcdir)/recno/rec_close.c + $(CC) $(ALL_CFLAGS) -c -o rec_close.o $(top_srcdir)/recno/rec_close.c rec_delete.o: $(top_srcdir)/recno/rec_delete.c - $(CC) $(CFLAGS) -c -o rec_delete.o $(top_srcdir)/recno/rec_delete.c + $(CC) $(ALL_CFLAGS) -c -o rec_delete.o $(top_srcdir)/recno/rec_delete.c rec_get.o: $(top_srcdir)/recno/rec_get.c - $(CC) $(CFLAGS) -c -o rec_get.o $(top_srcdir)/recno/rec_get.c + $(CC) $(ALL_CFLAGS) -c -o rec_get.o $(top_srcdir)/recno/rec_get.c rec_open.o: $(top_srcdir)/recno/rec_open.c - $(CC) $(CFLAGS) -c -o rec_open.o $(top_srcdir)/recno/rec_open.c + $(CC) $(ALL_CFLAGS) -c -o rec_open.o $(top_srcdir)/recno/rec_open.c rec_put.o: $(top_srcdir)/recno/rec_put.c - $(CC) $(CFLAGS) -c -o rec_put.o $(top_srcdir)/recno/rec_put.c + $(CC) $(ALL_CFLAGS) -c -o rec_put.o $(top_srcdir)/recno/rec_put.c rec_search.o: $(top_srcdir)/recno/rec_search.c - $(CC) $(CFLAGS) -c -o rec_search.o $(top_srcdir)/recno/rec_search.c + $(CC) $(ALL_CFLAGS) -c -o rec_search.o $(top_srcdir)/recno/rec_search.c rec_seq.o: $(top_srcdir)/recno/rec_seq.c - $(CC) $(CFLAGS) -c -o rec_seq.o $(top_srcdir)/recno/rec_seq.c + $(CC) $(ALL_CFLAGS) -c -o rec_seq.o $(top_srcdir)/recno/rec_seq.c rec_utils.o: $(top_srcdir)/recno/rec_utils.c - $(CC) $(CFLAGS) -c -o rec_utils.o $(top_srcdir)/recno/rec_utils.c + $(CC) $(ALL_CFLAGS) -c -o rec_utils.o $(top_srcdir)/recno/rec_utils.c dbtest.o: $(top_srcdir)/test/dbtest.c - $(CC) $(CFLAGS) -c -o dbtest.o $(top_srcdir)/test/dbtest.c + $(CC) $(ALL_CFLAGS) -c -o dbtest.o $(top_srcdir)/test/dbtest.c memmove.o: $(top_srcdir)/clib/memmove.c - $(CC) $(CFLAGS) -Dmemmove=my_memmove -DMEMMOVE -c -o memmove.o $(top_srcdir)/clib/memmove.c + $(CC) $(ALL_CFLAGS) -Dmemmove=my_memmove -DMEMMOVE -c -o memmove.o $(top_srcdir)/clib/memmove.c mkstemp.o: $(top_srcdir)/clib/mkstemp.c - $(CC) $(CFLAGS) -Dmkstemp=my_mkstemp -c -o mkstemp.o $(top_srcdir)/clib/mkstemp.c + $(CC) $(ALL_CFLAGS) -Dmkstemp=my_mkstemp -c -o mkstemp.o $(top_srcdir)/clib/mkstemp.c strerror.o: $(top_srcdir)/clib/strerror.c - $(CC) $(CFLAGS) -Dstrerror=my_strerror -c -o strerror.o $(top_srcdir)/clib/strerror.c + $(CC) $(ALL_CFLAGS) -Dstrerror=my_strerror -c -o strerror.o $(top_srcdir)/clib/strerror.c distclean:: clean rm -f Makefile diff --git a/src/util/dyn/ChangeLog b/src/util/dyn/ChangeLog index d5102d5a5..cf8845d8f 100644 --- a/src/util/dyn/ChangeLog +++ b/src/util/dyn/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-01-27 Theodore Ts'o * Makefile.in, configure.in: Move the responsibility for diff --git a/src/util/dyn/Makefile.in b/src/util/dyn/Makefile.in index 00315e371..1215998cb 100644 --- a/src/util/dyn/Makefile.in +++ b/src/util/dyn/Makefile.in @@ -4,7 +4,6 @@ mydir=util/dyn MY_SUBDIRS=. BUILDTOP=$(REL)$(U)$(S)$(U) RELDIR=../util/dyn -CFLAGS = $(CCOPTS) $(DEFS) ##DOSBUILDTOP = ..\.. ##DOSLIBNAME=libdyn.lib diff --git a/src/util/et/ChangeLog b/src/util/et/ChangeLog index f5707d3e9..0f832913e 100644 --- a/src/util/et/ChangeLog +++ b/src/util/et/ChangeLog @@ -1,3 +1,14 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-08-18 Miro Jurisic + + * et.exp: Added et.exp, MacOS export file for com_err library + 1999-06-15 Danilo Almeida * texinfo.tex: Get rid of control characters in text file. diff --git a/src/util/et/Makefile.in b/src/util/et/Makefile.in index 7385943df..aa512ea1e 100644 --- a/src/util/et/Makefile.in +++ b/src/util/et/Makefile.in @@ -3,7 +3,6 @@ myfulldir=util/et mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) RELDIR=../util/et -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) SED = sed ##DOS##BUILDTOP = ..\.. @@ -28,7 +27,7 @@ LIBOBJS=$(OUTPRE)com_err.$(OBJEXT) \ $(OUTPRE)et_name.$(OBJEXT) \ $(OUTPRE)init_et.$(OBJEXT) # for et_lex.lex.c include in error_table.y -LOCALINCLUDE=-I. -I$(srcdir) +LOCALINCLUDES=-I. -I$(srcdir) FILES= Makefile et_name.c error_message.c compile_et.c \ et_lex.lex.l error_table.y init_et.c \ @@ -72,7 +71,7 @@ error_table.c: et_lex.lex.c error_table.c: $(srcdir)/error_table.y error_table.o: error_table.c et_lex.lex.c - $(CC) $(CFLAGS) -c error_table.c + $(CC) $(ALL_CFLAGS) -c error_table.c et_lex.lex.o: et_lex.lex.c test1.o: test1.c diff --git a/src/util/et/com_err.c b/src/util/et/com_err.c index 091968923..31da130db 100644 --- a/src/util/et/com_err.c +++ b/src/util/et/com_err.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/com_err.texinfo b/src/util/et/com_err.texinfo index 8b6399930..918f15276 100644 --- a/src/util/et/com_err.texinfo +++ b/src/util/et/com_err.texinfo @@ -41,7 +41,10 @@ that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software -without specific, written prior permission. M.I.T. and the M.I.T. S.I.P.B. +without specific, written prior permission. Furthermore if you modify this +software you must label your software as modified software and not +distribute it in such a fashion that it might be confused with the +original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/util/et/error_message.c b/src/util/et/error_message.c index 95223d7c3..7d03d34e0 100644 --- a/src/util/et/error_message.c +++ b/src/util/et/error_message.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/et.exp b/src/util/et/et.exp new file mode 100644 index 000000000..00e15a2df --- /dev/null +++ b/src/util/et/et.exp @@ -0,0 +1,8 @@ +# +# comerr library Macintosh export file +# +# $Header$ + +error_message +add_error_table +remove_error_table diff --git a/src/util/et/et_name.c b/src/util/et/et_name.c index 34edbca15..267f20b28 100644 --- a/src/util/et/et_name.c +++ b/src/util/et/et_name.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/init_et.c b/src/util/et/init_et.c index d40ed6248..c3d039811 100644 --- a/src/util/et/init_et.c +++ b/src/util/et/init_et.c @@ -11,6 +11,9 @@ * and that the names of M.I.T. and the M.I.T. S.I.P.B. not be * used in advertising or publicity pertaining to distribution * of the software without specific, written prior permission. + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. * M.I.T. and the M.I.T. S.I.P.B. make no representations about * the suitability of this software for any purpose. It is * provided "as is" without express or implied warranty. diff --git a/src/util/et/mit-sipb-copyright.h b/src/util/et/mit-sipb-copyright.h index 2f7eb2950..d7c4ee096 100644 --- a/src/util/et/mit-sipb-copyright.h +++ b/src/util/et/mit-sipb-copyright.h @@ -11,6 +11,9 @@ this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/util/mkrel b/src/util/mkrel index ae7a1ed37..e534a478f 100644 --- a/src/util/mkrel +++ b/src/util/mkrel @@ -54,6 +54,19 @@ krb5-*.*.*) relminor=`echo $release|awk -F. '{print $2}'` relpatch=`echo $release|awk -F. '{print $3}'` ;; +krb5-*.*-current) + release=`echo $reldir|sed -e 's/krb5-//'` + relhead=`echo $release|sed -e 's/-.*//'` + relmajor=`echo $relhead|awk -F. '{print $1}'` + relminor=`echo $relhead|awk -F. '{print $2}'` + release=${relhead}-$reldate + ;; +krb5-*.*-*) + release=`echo $reldir|sed -e 's/krb5-//'` + relhead=`echo $release|sed -e 's/-.*//'` + relmajor=`echo $relhead|awk -F. '{print $1}'` + relminor=`echo $relhead|awk -F. '{print $2}'` + ;; krb5-*.*) release=`echo $reldir|sed -e 's/krb5-//'` relmajor=`echo $release|awk -F. '{print $1}'` @@ -62,9 +75,18 @@ krb5-*.*) krb5-current) release=current-$reldate ;; -*);; +*) + release="$reldir" + ;; esac +echo "release=$release" +echo "major=$relmajor minor=$relminor patch=$relpatch" + +# $release is used for send-pr +# $reltag, $release, $reldate are used for brand.c currently +# $relmajor, $relminor, $relpatch are used for patchlevel.h currently + if test $checkout = t; then echo "Checking out krb5 with tag $reltag into directory $reldir..." cvs -q -d $repository export -r$reltag -d $reldir krb5 diff --git a/src/util/profile/ChangeLog b/src/util/profile/ChangeLog index 6bf48732b..172d7acd3 100644 --- a/src/util/profile/ChangeLog +++ b/src/util/profile/ChangeLog @@ -1,3 +1,30 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + +1999-09-01 Danilo Almeida + + * profile.hin (profile_init, profile_init_path): Define and use + const_profile_filespec_t. + + * prof_init.c (profile_init, profile_init_path): + * prof_file.c (profile_open_file): + * prof_int.h (profile_open_file): Use const_profile_filespec_t. + + * prof_int.h (PROFILE_LAST_FILESPEC): Compare a char against a char, + not a void*. + + * Makefile.in: Remove DOSDEFS to avoid warnings. The thing it + defined is already set in win-mac.h. + +1999-08-18 Miro Jurisic + + * profile.exp: removed com_err functions (they are in a library + of their own now) from MacOS export file + 1999-08-05 Danilo Almeida * prof_get.c (profile_free_string): diff --git a/src/util/profile/Makefile.in b/src/util/profile/Makefile.in index 4d15050a3..3955ca8cf 100644 --- a/src/util/profile/Makefile.in +++ b/src/util/profile/Makefile.in @@ -7,11 +7,8 @@ PROG_RPATH=$(KRB5_LIBDIR) ##DOS##BUILDTOP = ..\.. ##DOS##OBJFILE=$(OUTPRE)profile.lst ##DOS##LIBNAME=$(OUTPRE)profile.lib -##DOS##DOSDEFS=-DHAVE_STDLIB_H -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) $(DOSDEFS) - -LOCALINCLUDE=-I. -I$(srcdir)/../et +LOCALINCLUDES=-I. -I$(srcdir)/../et STLIBOBJS = \ prof_tree.o \ diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c index 53f4ab706..77c4f551e 100644 --- a/src/util/profile/prof_file.c +++ b/src/util/profile/prof_file.c @@ -67,7 +67,7 @@ static int rw_access(filespec) } errcode_t profile_open_file(filespec, ret_prof) - profile_filespec_t filespec; + const_profile_filespec_t filespec; prf_file_t *ret_prof; { prf_file_t prf; diff --git a/src/util/profile/prof_init.c b/src/util/profile/prof_init.c index 5668d98f3..7f35e4421 100644 --- a/src/util/profile/prof_init.c +++ b/src/util/profile/prof_init.c @@ -25,16 +25,16 @@ error(do not have a 4-byte integer type) KRB5_DLLIMP errcode_t KRB5_CALLCONV profile_init(files, ret_profile) - profile_filespec_t *files; + const_profile_filespec_t *files; profile_t *ret_profile; { - profile_filespec_t *fs; + const_profile_filespec_t *fs; profile_t profile; prf_file_t new_file, last = 0; errcode_t retval = 0; initialize_prof_error_table(); - + profile = malloc(sizeof(struct _profile_t)); if (!profile) return ENOMEM; @@ -79,7 +79,7 @@ profile_init(files, ret_profile) */ KRB5_DLLIMP errcode_t KRB5_CALLCONV profile_init_path(filepath, ret_profile) - profile_filespec_list_t filepath; + const_profile_filespec_list_t filepath; profile_t *ret_profile; { int n_entries, i; diff --git a/src/util/profile/prof_int.h b/src/util/profile/prof_int.h index 970b42e01..76cebf136 100644 --- a/src/util/profile/prof_int.h +++ b/src/util/profile/prof_int.h @@ -80,7 +80,7 @@ struct _profile_t { */ #ifdef PROFILE_USES_PATHS -#define PROFILE_LAST_FILESPEC(x) (((x) == NULL) || ((x)[0] == NULL)) +#define PROFILE_LAST_FILESPEC(x) (((x) == NULL) || ((x)[0] == '\0')) #else #define PROFILE_LAST_FILESPEC(x) (((x).vRefNum == 0) && ((x).parID == 0) && ((x).name[0] == '\0')) #endif @@ -173,7 +173,7 @@ errcode_t profile_rename_node /* prof_file.c */ errcode_t profile_open_file - PROTOTYPE ((profile_filespec_t file, prf_file_t *ret_prof)); + PROTOTYPE ((const_profile_filespec_t file, prf_file_t *ret_prof)); errcode_t profile_update_file PROTOTYPE ((prf_file_t profile)); diff --git a/src/util/profile/profile.exp b/src/util/profile/profile.exp index 23629094b..3eaeb1dfd 100644 --- a/src/util/profile/profile.exp +++ b/src/util/profile/profile.exp @@ -25,9 +25,6 @@ profile_add_relation ### Temporary -- DO NOT USE -error_message -add_error_table -remove_error_table profile_ser_internalize profile_ser_externalize profile_ser_size diff --git a/src/util/profile/profile.hin b/src/util/profile/profile.hin index 420b955d4..f681f36f4 100644 --- a/src/util/profile/profile.hin +++ b/src/util/profile/profile.hin @@ -51,21 +51,25 @@ extern "C" { #endif #ifdef PROFILE_USES_PATHS -typedef char* profile_filespec_t; /* path as C string */ +typedef char* profile_filespec_t; /* path as C string */ typedef char* profile_filespec_list_t; /* list of : separated paths, C string */ +typedef const char* const_profile_filespec_t; /* path as C string */ +typedef const char* const_profile_filespec_list_t; /* list of : separated paths, C string */ #else /* On MacOS, we use native file specifiers as unique file identifiers */ #include typedef FSSpec profile_filespec_t; -typedef FSSpec* profile_filespec_list_t; - /* array should be terminated with {0, 0, ""} */ +typedef FSSpec* profile_filespec_list_t; +/* array should be terminated with {0, 0, ""} */ +typedef FSSpec const_profile_filespec_t; +typedef FSSpec* const_profile_filespec_list_t; #endif KRB5_DLLIMP long KRB5_CALLCONV profile_init - PROTOTYPE ((profile_filespec_t *files, profile_t *ret_profile)); + PROTOTYPE ((const_profile_filespec_t *files, profile_t *ret_profile)); KRB5_DLLIMP long KRB5_CALLCONV profile_init_path - PROTOTYPE ((profile_filespec_list_t filelist, profile_t *ret_profile)); + PROTOTYPE ((const_profile_filespec_list_t filelist, profile_t *ret_profile)); KRB5_DLLIMP long KRB5_CALLCONV profile_flush PROTOTYPE ((profile_t profile)); diff --git a/src/util/pty/ChangeLog b/src/util/pty/ChangeLog index 859b4a7cd..ff815b74c 100644 --- a/src/util/pty/ChangeLog +++ b/src/util/pty/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-08-03 Ken Raeburn * update_utmp.c (pty_update_utmp): Use "co" instead of "cons" for diff --git a/src/util/pty/Makefile.in b/src/util/pty/Makefile.in index 8f573d84e..83d61dc63 100644 --- a/src/util/pty/Makefile.in +++ b/src/util/pty/Makefile.in @@ -3,7 +3,6 @@ myfulldir=util/pty mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) RELDIR=../util/pty -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) SED = sed @@ -20,7 +19,7 @@ STOBJLISTS=OBJS.ST INSTALLFILE = cp # for pty-int.h -LOCALINCLUDE=-I. -I$(srcdir) +LOCALINCLUDES=-I. -I$(srcdir) FILES= Makefile cleanup.c getpty.c init_slave.c open_ctty.c open_slave.c update_utmp.c update_wtmp.c vhangup.c void_assoc.c pty_err.h pty_err.c\ logwtmp.c init.c diff --git a/src/util/pty/cleanup.c b/src/util/pty/cleanup.c index 0e9104ef9..cf0b451f7 100644 --- a/src/util/pty/cleanup.c +++ b/src/util/pty/cleanup.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/getpty.c b/src/util/pty/getpty.c index 9b18aff57..3683ba641 100644 --- a/src/util/pty/getpty.c +++ b/src/util/pty/getpty.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/init.c b/src/util/pty/init.c index c2375aa40..df3b2f876 100644 --- a/src/util/pty/init.c +++ b/src/util/pty/init.c @@ -13,7 +13,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/init_slave.c b/src/util/pty/init_slave.c index 74564763b..edfad5a48 100644 --- a/src/util/pty/init_slave.c +++ b/src/util/pty/init_slave.c @@ -10,7 +10,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/libpty.h b/src/util/pty/libpty.h index 552a3ef86..82d2d81cc 100644 --- a/src/util/pty/libpty.h +++ b/src/util/pty/libpty.h @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/logwtmp.c b/src/util/pty/logwtmp.c index 4fbac3427..e3611f6a9 100644 --- a/src/util/pty/logwtmp.c +++ b/src/util/pty/logwtmp.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/open_ctty.c b/src/util/pty/open_ctty.c index 00a7eac80..d02a8c135 100644 --- a/src/util/pty/open_ctty.c +++ b/src/util/pty/open_ctty.c @@ -10,7 +10,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/open_slave.c b/src/util/pty/open_slave.c index 7d28ea264..aea04de1f 100644 --- a/src/util/pty/open_slave.c +++ b/src/util/pty/open_slave.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/pty_err.et b/src/util/pty/pty_err.et index 08c126d62..bad54d9c3 100644 --- a/src/util/pty/pty_err.et +++ b/src/util/pty/pty_err.et @@ -12,7 +12,10 @@ # this permission notice appear in supporting documentation, and that # the name of M.I.T. not be used in advertising or publicity pertaining # to distribution of the software without specific, written prior -# permission. M.I.T. makes no representations about the suitability of +# permission. Furthermore if you modify this software you must label +# your software as modified software and not distribute it in such a +# fashion that it might be confused with the original M.I.T. software. +# M.I.T. makes no representations about the suitability of # this software for any purpose. It is provided "as is" without express # or implied warranty. # diff --git a/src/util/pty/sane_hostname.c b/src/util/pty/sane_hostname.c index 3f9ed6b64..43814df53 100644 --- a/src/util/pty/sane_hostname.c +++ b/src/util/pty/sane_hostname.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/update_utmp.c b/src/util/pty/update_utmp.c index ce8b546f2..0c089d6d4 100644 --- a/src/util/pty/update_utmp.c +++ b/src/util/pty/update_utmp.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/update_wtmp.c b/src/util/pty/update_wtmp.c index 9d3af2128..7e8d57303 100644 --- a/src/util/pty/update_wtmp.c +++ b/src/util/pty/update_wtmp.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/vhangup.c b/src/util/pty/vhangup.c index 09d83c7be..fd6e04523 100644 --- a/src/util/pty/vhangup.c +++ b/src/util/pty/vhangup.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/pty/void_assoc.c b/src/util/pty/void_assoc.c index 9e7c64368..a6ec33d75 100644 --- a/src/util/pty/void_assoc.c +++ b/src/util/pty/void_assoc.c @@ -11,7 +11,10 @@ * notice appear in supporting documentation, and that the name of * M.I.T. not be used in advertising or publicity pertaining to * distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability * of this software for any purpose. It is provided "as is" without * express or implied warranty. * diff --git a/src/util/send-pr/ChangeLog b/src/util/send-pr/ChangeLog index 066fea240..1475690b6 100644 --- a/src/util/send-pr/ChangeLog +++ b/src/util/send-pr/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-01-27 Theodore Ts'o * Makefile.in, configure.in: Move the responsibility for diff --git a/src/util/send-pr/Makefile.in b/src/util/send-pr/Makefile.in index bafa04504..4168db767 100644 --- a/src/util/send-pr/Makefile.in +++ b/src/util/send-pr/Makefile.in @@ -13,7 +13,8 @@ EMACS=emacs infodir = $(prefix)/info lispdir = $(prefix)/lib/emacs/site-lisp -man1dir = $(KRB5MANROOT)/man1 +mandir = $(KRB5MANROOT) +man1dir = $(mandir)/man1 datadir = @datadir@ all:: send-pr install-sid diff --git a/src/util/ss/ChangeLog b/src/util/ss/ChangeLog index 102ec3d31..aeddbb25d 100644 --- a/src/util/ss/ChangeLog +++ b/src/util/ss/ChangeLog @@ -1,3 +1,10 @@ +1999-10-26 Tom Yu + + * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, + LOCAL_INCLUDES such that one can override CFLAGS from the command + line without losing CPP search patchs and defines. Some associated + Makefile cleanup. [from wsanchez@apple.com] + 1999-01-20 Theodore Ts'o * listen.c (print_prompt): Replace BSD-style ioctl with termios diff --git a/src/util/ss/Makefile.in b/src/util/ss/Makefile.in index 87f7e8e5b..ce16e48d4 100644 --- a/src/util/ss/Makefile.in +++ b/src/util/ss/Makefile.in @@ -2,7 +2,6 @@ thisconfigdir=. myfulldir=util/ss mydir=. BUILDTOP=$(REL)$(U)$(S)$(U) -CFLAGS = $(CCOPTS) $(DEFS) $(LOCALINCLUDE) SED = sed INSTALLLIB=cp @@ -26,8 +25,9 @@ install-unix:: install-libs # hard coded .. is so that ss/ss_err.h works # hard coded ../et is so com_err.h works -# CFLAGS= -I${INCDIR} -I. -I.. -I../et -g -LOCALINCLUDE= -I. -I$(srcdir)/ -I$(srcdir)/.. -I$(srcdir)/../et -I.. +# CFLAGS= -g +# CPPFLAGS= -I${INCDIR} -I. -I.. -I../et +LOCALINCLUDES= -I. -I$(srcdir)/ -I$(srcdir)/.. -I$(srcdir)/../et -I.. # with ss_err.o first, ss_err.h should get rebuilt first too. should not # be relying on this, though. @@ -137,7 +137,7 @@ ct.tab.c ct.tab.h: ct.y # install_library_target(ss,$(OBJS),$(SRCS),) #mk_cmds: $(MKCMDSOBJS) -# $(CC) $(CFLAGS) -o $@ $(MKCMDSOBJS) $(LEXLIB) $(BSDLIB) +# $(CC) $(ALL_CFLAGS) -o $@ $(MKCMDSOBJS) $(LEXLIB) $(BSDLIB) # #mk_cmds.o: ss_err.h # diff --git a/src/util/ss/copyright.h b/src/util/ss/copyright.h index e0d157224..d118f10bf 100644 --- a/src/util/ss/copyright.h +++ b/src/util/ss/copyright.h @@ -11,6 +11,9 @@ this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/util/ss/mit-sipb-copyright.h b/src/util/ss/mit-sipb-copyright.h index ffcfc380c..d6d5f1edc 100644 --- a/src/util/ss/mit-sipb-copyright.h +++ b/src/util/ss/mit-sipb-copyright.h @@ -11,6 +11,9 @@ this permission notice appear in supporting documentation, and that the names of M.I.T. and the M.I.T. S.I.P.B. not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +Furthermore if you modify this software you must label +your software as modified software and not distribute it in such a +fashion that it might be confused with the original M.I.T. software. M.I.T. and the M.I.T. S.I.P.B. make no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. diff --git a/src/util/windows/ChangeLog b/src/util/windows/ChangeLog index 0b1a112df..afc7b565d 100644 --- a/src/util/windows/ChangeLog +++ b/src/util/windows/ChangeLog @@ -1,3 +1,8 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Fix build flags with respect to win-pre.in build + changes. + Mon May 10 15:27:34 1999 Danilo Almeida * Makefile.in: Do win32 build in subdir. diff --git a/src/util/windows/Makefile.in b/src/util/windows/Makefile.in index a260600d4..61c96ab14 100644 --- a/src/util/windows/Makefile.in +++ b/src/util/windows/Makefile.in @@ -1,14 +1,9 @@ BUILDTOP = ..\.. -CFLAGS = $(COPTS) $(INCLUDES) - -##WIN16##LFLAGS = /nologo /nod /nopackcode -##WIN32##LFLAGS = /nologo /nod - -##WIN32##all-windows:: $(OUTPRE)libecho.exe $(OUTPRE)getopt.obj +all-windows:: $(OUTPRE)libecho.exe $(OUTPRE)getopt.obj $(OUTPRE)libecho.exe: $(OUTPRE)libecho.obj - link -out:$@ $** + link -nologo -out:$@ $** install-windows:: diff --git a/src/wconfig.c b/src/wconfig.c index acf888a27..0671a1ed6 100644 --- a/src/wconfig.c +++ b/src/wconfig.c @@ -16,7 +16,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. * diff --git a/src/windows/ChangeLog b/src/windows/ChangeLog index 8e874b79c..e4051e389 100644 --- a/src/windows/ChangeLog +++ b/src/windows/ChangeLog @@ -1,3 +1,28 @@ +1999-12-03 Danilo Almeida + + * version.rc: Bump version up to 1.1.1. + +1999-09-15 Danilo Almeida + + * README: Add documentation about configuration under windows and + krbcc32.dll. + +1999-09-09 Danilo Almeida + + * README: Explicitly say that we support only Win32 and not Win16. + +1999-09-08 Danilo Almeida + + * README: Update with install target information and more. + * mkbin.bat: Remove mkbin.bat as it is no longer used. + +1999-09-01 Danilo Almeida + + * readme, README: readme renamed to README. + + * version.rc: Boost version to 1.1. Include 1998 & 1999 in copyright + years. + 1999-06-21 Danilo Almeida * version.rc: Boost version to 1.0.8. diff --git a/src/windows/README b/src/windows/README new file mode 100644 index 000000000..c4c2f7578 --- /dev/null +++ b/src/windows/README @@ -0,0 +1,132 @@ + Building & Running Kerberos 5 on Windows + ---------------------------------------- + +Kerberos 5 Windows support now only includes Win32 and no longer +includes Win16. + +We build Kerberos 5 on Windows just with MSVC++ 6.0. You should +not need anything else. We do not know whether it currently +builds with other compilers or make utilities. + +These build instructions assume that you got a standalong source +distribution of Kerberos 5 rather than the MIT Kerberos for Win32 +distribution (which includes a working Kerberos 4). + +There are two methods for building a Windows version of Kerberos 5. +The traditional method involves starting on a Unix machine and +creating a distribution that can be built on Windows. The second +method works from the sources that come from the Unix distribution if +you have certain Unix-type utilities. + + +Traditional Build Method: +------------------------ + +On the Unix side +1) cd xxx/src # Go to where the source lives +2) make -f Makefile.in kerbsrc.zip # Do some Unix-side configuring + # ...and create kerbsrc.zip +3) + + +On the PC side +1) md \krb5 # Create where we'll put the tree +2) cd \krb5 +3) unzip kerbsrc.zip + - or - + pkunzip -d kerbsrc.zip +4) nmake -nologo # Build the sources +5) nmake install # Copy headers, libs, executables + + +All-Windows Build Method: +------------------------ + +First, make sure you have sed, gawk, cat, and cp. + +1) cd xxx/src # Go to where the source lives +2) nmake -f Makefile.in prep-windows # Create Makefile for Windows +3) nmake -nologo # Build the sources +4) nmake install # Copy headers, libs, executables + + +Notes on the install Target: +--------------------------- + +For the install target, you will need to define KRB_INSTALL_DIR to +point to the directory where the header, library, and executable files +will be installed. You can either define this in the environment or +at the nmake command-line. For example: + +nmake install KRB_INSTALL_DIR=c:\sdk\krb5 + +Make sure you create the directory first. Otherwise, nmake will +complain. The files will get installed into include, lib, and bin +subdirectories. You can then copy the binaries to where ever you want +have them (probably somewhere in your path). + + +Running Kerberos 5 Apps: +----------------------- + +Make sure you have a valid krb5.ini file. That will look just like a +Unix krb5.conf file. You can place this file in the same directory as +your krb5_32.dll or in your Windows directory. You should then be +able to run the applications that are built. Note that Kerberos 5 +will not look for the krb5.ini file in your path. + + +Krb5.ini File: +------------- + +WARNING: Despite its name, this is not a Windows .ini file. +Therefore, do not try to use any .ini tools, including the Windows API +or any installer tools to manipulate this file. Its format is subtly +different from Windows .ini files! + + +Controlling the Kerberos 5 Run-Time Environment: +----------------------------------------------- + +The Kerberos 5 configuration file and credentials cache can be +controlled with environment variables and registry settings. The +environment variable for a particular setting always takes precedence. +Next in precedence comes the setting in the registry under +HKEY_CURRENT_USER\Software\MIT\Kerberos5. Then comes the registry +setting under HKEY_LOCAL_MACHINE\Software\MIT\Kerberos5. If none of +those are found, a default value is used. + +Configuration File: +- Environment: KRB5_CONFIG +- Registry Value: config +- Default: looks in krb5_32.dll's dir and Windows directory + +Default Credentials Cache: +- Environment: KRB5CCNAME +- Registry Value: ccname +- Default: API:krb5cc or FILE:%TEMP%\krb5cc or FILE:\krb5cc + + +Credentials Cache: +----------------- + +In addition to standard FILE: (disk file) and MEMORY: (in-process +non-shared memory) Windows supports the API: cache type, which is a +shared memory cache. This is implemented by krbcc32.dll, which is not +included the the krb5-only distribution. Rather, it is part of MIT's +Kerberos for Win32 suite. + + +Othes Issues: +------------ + +The krb4_32.dll that is built (but not installed) is not supported. +If you need Kerberos 4, you can use the krbv4w32.dll that MIT +distributes as part of the MIT Kerberos for Win32 distribution. + + +More Information: +---------------- + +For more information, please read the Kerberos 5 documentation in +the doc directory of the distribution. diff --git a/src/windows/cns/ChangeLog b/src/windows/cns/ChangeLog index 3d42fe7b7..f99c56a53 100644 --- a/src/windows/cns/ChangeLog +++ b/src/windows/cns/ChangeLog @@ -1,3 +1,12 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Windows fix for updated win-pre.in. + +1999-08-26 Danilo Almeida + + * cns_reg.c (cns_load_registry, cns_save_registry): Honor setting + in cns_res.cc_override. + Mon May 17 19:55:08 1999 Danilo Almeida * Makefile.in: Add included version resouce script to diff --git a/src/windows/cns/Makefile.in b/src/windows/cns/Makefile.in index b584973c2..095b46cba 100644 --- a/src/windows/cns/Makefile.in +++ b/src/windows/cns/Makefile.in @@ -15,30 +15,30 @@ KRB = KRB$(KVERSION) BUILDTOP = .. LIBDIR = $(BUILDTOP)\lib\krb KLIB = $(LIBDIR)\kerberos.lib -INCLUDES = /I$(BUILDTOP)\include RESFILE = $(OUTPRE)cnsres4.res XOBJS = $(RESFILE) +LOCALINCLUDES = /I$(BUILDTOP)\include !endif !if $(KVERSION) == 5 BUILDTOP =..\.. LIBDIR = $(BUILDTOP)\lib -INCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 RESFILE = $(OUTPRE)cnsres5.res XOBJS = $(RESFILE) $(OUTPRE)kpasswd.obj $(OUTPRE)cns_reg.obj +LOCALINCLUDES = /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 !endif ##### C Compiler #CC = cl !ifdef NODEBUG -CFLAGS = $(CCOPTS2) $(INCLUDES) /D$(KRB)=1 +DEFINES = /D$(KRB)=1 !else -CFLAGS = $(CCOPTS2) $(INCLUDES) /D$(KRB)=1 /DDEBUG +DEFINES = /D$(KRB)=1 /DDEBUG !endif ##### RC Compiler #RC = rc -RFLAGS = /D$(KRB)=1 $(INCLUDES) +RFLAGS = /D$(KRB)=1 $(LOCALINCLUDES) RCFLAGS = $(RFLAGS) -DKRB5_APP ##### CVSRES -- .res -> .obj converter diff --git a/src/windows/cns/cns_reg.c b/src/windows/cns/cns_reg.c index 95a5a5f87..400d72d23 100644 --- a/src/windows/cns/cns_reg.c +++ b/src/windows/cns/cns_reg.c @@ -135,7 +135,7 @@ cns_load_registry(void) } else strcpy(cns_res.confname, cns_res.def_confname); - if (registry_string_get(key, "ccname", &ts) == 0) { + if (cns_res.cc_override && (registry_string_get(key, "ccname", &ts) == 0)) { strcpy(cns_res.ccname, ts); free(ts); } else @@ -197,15 +197,20 @@ cns_save_registry(void) registry_string_set(key, "realm", cns_res.realm); if (cns_res.conf_override) - if (strcmp(cns_res.confname, cns_res.def_confname)) - registry_string_set(key, "confname", cns_res.confname); - else - registry_value_delete(key, "confname"); + { + if (strcmp(cns_res.confname, cns_res.def_confname)) + registry_string_set(key, "confname", cns_res.confname); + else + registry_value_delete(key, "confname"); + } - if (strcmp(cns_res.ccname, cns_res.def_ccname)) + if (cns_res.cc_override) + { + if (strcmp(cns_res.ccname, cns_res.def_ccname)) registry_string_set(key, "ccname", cns_res.ccname); - else + else registry_value_delete(key, "ccname"); + } for (i = 0 ; i < FILE_MENU_MAX_LOGINS ; i++) if (cns_res.logins[i][0] != '\0') { diff --git a/src/windows/gina/ChangeLog b/src/windows/gina/ChangeLog index 7ddbd838e..d2e378bbf 100644 --- a/src/windows/gina/ChangeLog +++ b/src/windows/gina/ChangeLog @@ -1,3 +1,7 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Windows fix for updated win-pre.in. + Mon May 17 14:24:25 1999 Danilo Almeida * Makefile.in: Reflect that we only build this under win32. diff --git a/src/windows/gina/Makefile.in b/src/windows/gina/Makefile.in index 5cd317376..6cdda3d8a 100644 --- a/src/windows/gina/Makefile.in +++ b/src/windows/gina/Makefile.in @@ -4,7 +4,7 @@ OBJS= $(OUTPRE)ginastub.$(OBJEXT) # Set NODEBUG if building release instead of debug -INCLUDES = -I$(BUILDTOP)\include +LOCALINCLUDES = -I$(BUILDTOP)\include WINLIBS = advapi32.lib comctl32.lib \ libc.lib kernel32.lib wsock32.lib user32.lib shell32.lib oldnames.lib @@ -12,10 +12,11 @@ WINLIBS = advapi32.lib comctl32.lib \ WINDLLFLAGS = /nodefaultlib /incremental:no /release \ /nologo /base:0x1c000000 /dll $(LOPTS) +DEFINES = -DUNICODE -D_UNICODE !ifdef NODEBUG -CFLAGS = $(CCOPTS2) $(INCLUDES) -DUNICODE -D_UNICODE +DEFINES = $(DEFINES) !else -CFLAGS = $(CCOPTS2) $(INCLUDES) -DUNICODE -D_UNICODE -DDBG +DEFINES = $(DEFINES) -DDBG !endif all-windows:: diff --git a/src/windows/gss/ChangeLog b/src/windows/gss/ChangeLog index 7ce6319a3..e192111b0 100644 --- a/src/windows/gss/ChangeLog +++ b/src/windows/gss/ChangeLog @@ -1,3 +1,7 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: * Makefile.in: Windows fix for updated win-pre.in. + Mon May 17 19:53:58 1999 Danilo Almeida * Makefile.in: Add included version resouce script to diff --git a/src/windows/gss/Makefile.in b/src/windows/gss/Makefile.in index fcfee6cc7..306f7c79a 100644 --- a/src/windows/gss/Makefile.in +++ b/src/windows/gss/Makefile.in @@ -8,13 +8,10 @@ XOBJS = $(RESFILE) ##### Options # Set NODEBUG if building release instead of debug BUILDTOP=..\.. -INCLUDES= /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 - -##### C Compiler -CFLAGS = $(CCOPTS2) $(INCLUDES) +LOCALINCLUDES= /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 ##### RC Compiler -RFLAGS = $(INCLUDES) +RFLAGS = $(LOCALINCLUDES) RCFLAGS = $(RFLAGS) -D_WIN32 -DGSS_APP ##### Linker diff --git a/src/windows/lib/ChangeLog b/src/windows/lib/ChangeLog index d6e2395e6..25f20f41d 100644 --- a/src/windows/lib/ChangeLog +++ b/src/windows/lib/ChangeLog @@ -1,3 +1,7 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Fix of build flags with updated win-pre.in. + Mon May 17 14:26:27 1999 Danilo Almeida * Makefile.in: Uncomment BUILDTOP since we always want it. diff --git a/src/windows/lib/Makefile.in b/src/windows/lib/Makefile.in index ba95a9dcd..c911de701 100644 --- a/src/windows/lib/Makefile.in +++ b/src/windows/lib/Makefile.in @@ -1,5 +1,3 @@ -CFLAGS = $(CCOPTS2) $(DEFS) - BUILDTOP = ..\.. lib-windows: $(OUTPRE)libwin.lib diff --git a/src/windows/mkbin.bat b/src/windows/mkbin.bat deleted file mode 100644 index 889debdd7..000000000 --- a/src/windows/mkbin.bat +++ /dev/null @@ -1,8 +0,0 @@ -mkdir kbin -copy lib\*.dll kbin -copy windows\cns\krb5.exe kbin -copy windows\wintel\telnet.exe kbin -copy windows\gss\gss.exe kbin -copy clients\klist\klist.exe kbin -copy clients\kinit\kinit.exe kbin -copy clients\kdestroy\kdestroy.exe kbin diff --git a/src/windows/readme b/src/windows/readme deleted file mode 100644 index 0bcedafe3..000000000 --- a/src/windows/readme +++ /dev/null @@ -1,45 +0,0 @@ -Building Windows Kerberos 5 - -We build Kerberos 5 on Windows just with MSVC++ 6.0. You should -not need anything else. We do not know whether it currently -builds with other compilers or make utilities. - -There are two basic methods for making the Windows version of Kerberos -5. The traditional method involves starting on a Unix machine and -creating a distribution that can be built on Windows. The second -method works from the sources that come from the CVS tree if you have -certain Unix-type utilities. - -Traditional Method: ------------------- - -On the Unix side -1) cd xxx/src # Go to where the source lives -2) make -f Makefile.in kerbsrc.zip # Do some Unix-side configuring - # ...and create kerbsrc.zip -3) - - -On the PC side -1) md \k5 # Create where we'll put the tree -2) cd \k5 -3) unzip kerbsrc.zip - - or - - pkunzip -d kerbsrc.zip -4) nmake -nologo # Build the sources -5) nmake mkbin # Place binaries generated by the - # ...build in the kbin directory -6) - - -All-Windows Method: ------------------- - -First, make sure you have sed, gawk, cat, and cp. - -1) cd xxx/src # Go to where the source lives -2) nmake -f Makefile.in prep-windows # Create Makefile for Windows -3) nmake -nologo # Build the sources -4) nmake mkbin # Place binaries generated by the - # ...build in the kbin directory diff --git a/src/windows/version.rc b/src/windows/version.rc index 6a6896f1f..67660fc42 100644 --- a/src/windows/version.rc +++ b/src/windows/version.rc @@ -13,10 +13,10 @@ /* we're going to stamp all the DLLs with the same version number */ -#define K5_PRODUCT_VERSION_STRING "1.0.8\0" -#define K5_PRODUCT_VERSION 1, 0, 8, 0 +#define K5_PRODUCT_VERSION_STRING "1.1.1\0" +#define K5_PRODUCT_VERSION 1, 1, 1, 0 -#define K5_COPYRIGHT "Copyright (C) 1997 by the Massachusetts Institute of Technology\0" +#define K5_COPYRIGHT "Copyright (C) 1997-1999 by the Massachusetts Institute of Technology\0" #define K5_COMPANY_NAME "Massachusetts Institute of Technology.\0" /* diff --git a/src/windows/wintel/ChangeLog b/src/windows/wintel/ChangeLog index 1bb010591..a9d690090 100644 --- a/src/windows/wintel/ChangeLog +++ b/src/windows/wintel/ChangeLog @@ -1,3 +1,7 @@ +1999-12-03 Danilo Almeida + + * Makefile.in: Windows fix for updated win-pre.in. + Mon May 17 19:54:51 1999 Danilo Almeida * Makefile.in: Add included version resouce script to diff --git a/src/windows/wintel/Makefile.in b/src/windows/wintel/Makefile.in index 6abad615c..56cddb188 100644 --- a/src/windows/wintel/Makefile.in +++ b/src/windows/wintel/Makefile.in @@ -15,13 +15,13 @@ KVERSION= 5 KRB = KRB$(KVERSION) BUILDTOP=..\.. -INCLUDES= /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 \ +LOCALINCLUDES= /I$(BUILDTOP)\include /I$(BUILDTOP)\include\krb5 \ /I$(BUILDTOP)\lib\crypto\des RESFILE = $(OUTPRE)telnet.res XOBJS = $(RESFILE) $(OUTPRE)k5stream.obj $(OUTPRE)enc_des.obj -CFLAGS = $(CCOPTS2) $(INCLUDES) /D$(KRB)=1 $(KRBOPT) -RFLAGS = $(INCLUDES) +DEFINES = /D$(KRB)=1 $(KRBOPT) +RFLAGS = $(LOCALINCLUDES) RCFLAGS = $(RFLAGS) -D_WIN32 -DTELNET_APP ##### Linker diff --git a/src/windows/wintel/enc_des.h b/src/windows/wintel/enc_des.h index 996a4f5d0..dbfb99e4a 100644 --- a/src/windows/wintel/enc_des.h +++ b/src/windows/wintel/enc_des.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/windows/wintel/encrypt.c b/src/windows/wintel/encrypt.c index 17216dec3..f1a1301fb 100644 --- a/src/windows/wintel/encrypt.c +++ b/src/windows/wintel/encrypt.c @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */ diff --git a/src/windows/wintel/encrypt.h b/src/windows/wintel/encrypt.h index 605c0de32..d00aa6517 100644 --- a/src/windows/wintel/encrypt.h +++ b/src/windows/wintel/encrypt.h @@ -48,7 +48,10 @@ * this permission notice appear in supporting documentation, and that * the name of M.I.T. not be used in advertising or publicity pertaining * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of * this software for any purpose. It is provided "as is" without express * or implied warranty. */