From 208e27d7e52cdaa9ed75bcfbd22b0527f5a2c4df Mon Sep 17 00:00:00 2001 From: Tom Yu Date: Tue, 11 Feb 2003 01:35:32 +0000 Subject: [PATCH] Fix lots of things to compile on Unix. Fix some typos By means of carrying through local addresses in many places, eliminate or reduce sections of code depending on TARGET_OS_MAC conditionals. Conditionalize some prototypes in krb.h with KRB_PRIVATE, to avoid leakage on Mac. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15173 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/kerberosIV/ChangeLog | 7 ++++ src/include/kerberosIV/krb.h | 40 +++++++++++++++++--- src/lib/des425/ChangeLog | 5 +++ src/lib/des425/str_to_key.c | 2 +- src/lib/krb4/CCache-glue.c | 18 ++++++++- src/lib/krb4/ChangeLog | 36 ++++++++++++++++++ src/lib/krb4/Makefile.in | 2 + src/lib/krb4/g_ad_tkt.c | 13 +++++-- src/lib/krb4/g_in_tkt.c | 63 +++++++++++++------------------- src/lib/krb4/krb4int.h | 11 +++++- src/lib/krb4/password_to_key.c | 6 +-- src/lib/krb4/save_creds.c | 48 ++++++++++++++++++++---- src/lib/krb4/tkt_string.c | 2 +- 13 files changed, 192 insertions(+), 61 deletions(-) diff --git a/src/include/kerberosIV/ChangeLog b/src/include/kerberosIV/ChangeLog index 6c13b9770..6664127be 100644 --- a/src/include/kerberosIV/ChangeLog +++ b/src/include/kerberosIV/ChangeLog @@ -1,3 +1,10 @@ +2003-02-10 Tom Yu + + * krb.h: Add KRB_PRIVATE conditionals around lots of stuff that + doesn't belong in krb.h, and historically hasn't been in krb.h on + KfM. For now, everything except MacOS will define KRB_PRIVATE to + 1. + 2003-02-07 Tom Yu * krb.h: Declare krb_err_txt differently on Mac. diff --git a/src/include/kerberosIV/krb.h b/src/include/kerberosIV/krb.h index 684f50968..38b35e57b 100644 --- a/src/include/kerberosIV/krb.h +++ b/src/include/kerberosIV/krb.h @@ -37,6 +37,20 @@ # endif #endif +/* + * For MacOS, don't expose prototypes of various private functions. + * Unfortuantely, they've leaked out everywhere else. + */ +#if defined(macintosh) || (defined(__MACH__) && defined(__APPLE__)) +# ifndef KRB_PRIVATE +# define KRB_PRIVATE 0 +# endif +#else +# ifndef KRB_PRIVATE +# define KRB_PRIVATE 1 +# endif +#endif + /* Define u_char, u_short, u_int, and u_long. */ /* XXX these typdef names are not standardized! */ #include @@ -446,12 +460,14 @@ int KRB5_CALLCONV krb_get_in_tkt (char *k_user, char *instance, char *realm, char *service, char *sinst, int life, key_proc_type, decrypt_tkt_type, char *arg); +#if KRB_PRIVATE /* Previously not KRB5_CALLCONV */ int KRB5_CALLCONV krb_get_in_tkt_preauth (char *k_user, char *instance, char *realm, char *service, char *sinst, int life, key_proc_type, decrypt_tkt_type, char *arg, char *preauth_p, int preauth_len); +#endif /* From KfM */ int KRB5_CALLCONV krb_get_in_tkt_creds(char *, char *, char *, char *, char *, int, key_proc_type, decrypt_tkt_type, char *, CREDENTIALS *); @@ -473,10 +489,12 @@ int KRB5_CALLCONV krb_get_pw_in_tkt (char *k_user, char *instance, char *realm, char *service, char *sinstance, int life, char *password); +#if KRB_PRIVATE int KRB5_CALLCONV krb_get_pw_in_tkt_preauth (char *k_user, char *instance, char *realm, char *service, char *sinstance, int life, char *password); +#endif int KRB5_CALLCONV krb_get_pw_in_tkt_creds(char *, char *, char *, char *, char *, int, char *, CREDENTIALS *); @@ -499,11 +517,14 @@ int KRB5_CALLCONV krb_get_ticket_for_service char *buf, unsigned KRB4_32 *buflen, int checksum, des_cblock, Key_schedule, char *version, int includeVersion); +#if KRB_PRIVATE /* in_tkt.c */ int KRB5_CALLCONV in_tkt (char *name, char *inst); int KRB5_CALLCONV krb_in_tkt (char *pname, char *pinst, char *realm); +#endif + /* kname_parse.c */ int KRB5_CALLCONV kname_parse (char *name, char *inst, char *realm, @@ -543,6 +564,7 @@ int KRB5_CALLCONV krb_mk_auth /* mk_err.c */ long KRB5_CALLCONV krb_mk_err (u_char *out, KRB4_32 k4_code, char *text); +#if KRB_PRIVATE /* mk_preauth.c */ int krb_mk_preauth (char **preauth_p, int *preauth_len, key_proc_type, @@ -550,6 +572,7 @@ int krb_mk_preauth C_Block); void krb_free_preauth (char * preauth_p, int len); +#endif /* mk_priv.c */ long KRB5_CALLCONV krb_mk_priv (u_char *in, u_char *out, @@ -574,18 +597,18 @@ long KRB5_CALLCONV krb_mk_safe C_Block *, struct sockaddr_in *sender, struct sockaddr_in *receiver); +#if KRB_PRIVATE /* netread.c */ -/* XXX private */ int krb_net_read (int fd, char *buf, int len); /* netwrite.c */ -/* XXX private */ int krb_net_write (int fd, char *buf, int len); /* pkt_clen.c */ -/* XXX private */ int pkt_clen (KTEXT); +#endif + /* put_svc_key.c */ int KRB5_CALLCONV put_svc_key (char *sfile, @@ -647,6 +670,7 @@ int KRB5_CALLCONV krb_sendauth struct sockaddr_in *laddr, struct sockaddr_in *faddr, char *version); +#if KRB_PRIVATE /* save_creds.c */ int KRB5_CALLCONV krb_save_credentials (char *service, char *instance, char *realm, @@ -656,15 +680,17 @@ int KRB5_CALLCONV krb_save_credentials /* XXX PRIVATE? KfM doesn't export. */ int send_to_kdc (KTEXT pkt, KTEXT rpkt, char *realm); +#endif /* tkt_string.c */ /* Used to return pointer to non-const char */ const char * KRB5_CALLCONV tkt_string (void); -/* Previously not KRB5_CALLCONV */ +/* Previously not KRB5_CALLCONV, and previously took pointer to non-const. */ void KRB5_CALLCONV krb_set_tkt_string - (char *); + (const char *); +#if KRB_PRIVATE /* tf_util.c */ int KRB5_CALLCONV tf_init (const char *tf_name, int rw); @@ -675,7 +701,9 @@ int KRB5_CALLCONV tf_get_pinst (char *p); int KRB5_CALLCONV tf_get_cred (CREDENTIALS *c); void KRB5_CALLCONV tf_close (void); +#endif +#if KRB_PRIVATE /* unix_time.c */ unsigned KRB4_32 KRB5_CALLCONV unix_time_gmt_unixsec (unsigned KRB4_32 *); @@ -724,6 +752,8 @@ extern int krb_set_key_krb5(krb5_context ctx, krb5_keyblock *key); #endif +#endif /* KRB_PRIVATE */ + /* FSp-glue.c */ #if TARGET_OS_MAC && defined(__FILES__) int KRB5_CALLCONV FSp_krb_get_svc_in_tkt(char *, char *, char *, char *, diff --git a/src/lib/des425/ChangeLog b/src/lib/des425/ChangeLog index 91bc5f7d3..cb2881b5e 100644 --- a/src/lib/des425/ChangeLog +++ b/src/lib/des425/ChangeLog @@ -1,3 +1,8 @@ +2003-02-10 Tom Yu + + * str_to_key.c (afs_string_to_key): Move out from under + TARGET_OS_MAC conditional. + 2003-01-10 Ken Raeburn * configure.in: Don't explicitly invoke AC_PROG_INSTALL, or check diff --git a/src/lib/des425/str_to_key.c b/src/lib/des425/str_to_key.c index ccbf80621..ce95a531f 100644 --- a/src/lib/des425/str_to_key.c +++ b/src/lib/des425/str_to_key.c @@ -150,7 +150,6 @@ des_string_to_key(str,key) /* can do dumb things sometimes */ } -#if TARGET_OS_MAC char *mit_afs_crypt (const char *, const char *, const char *); void afs_string_to_key(char *str, char *cell, des_cblock key) @@ -170,6 +169,7 @@ void afs_string_to_key(char *str, char *cell, des_cblock key) mit_afs_string_to_key(&keyblock, &str_data, &cell_data); } +#if TARGET_OS_MAC char *des_crypt(const char *str, const char *salt) { char afs_buf[16]; diff --git a/src/lib/krb4/CCache-glue.c b/src/lib/krb4/CCache-glue.c index 27204c438..1a9d7ed09 100644 --- a/src/lib/krb4/CCache-glue.c +++ b/src/lib/krb4/CCache-glue.c @@ -106,12 +106,28 @@ in_tkt ( return KSUCCESS; } +int KRB5_CALLCONV +krb_save_credentials( + char *service, + char *instance, + char *realm, + C_Block session, + int lifetime, + int kvno, + KTEXT ticket, + long issue_date) +{ + return krb4int_save_credentials_addr(service, instance, realm, + session, lifetime, kvno, + ticket, issue_date, 0); +} + /* * Store a ticket into the default credentials cache * cache must exist (if it didn't exist, it would have been created by in_tkt) */ int -krb_save_credentials ( +krb4int_save_credentials_addr( char* service, char* instance, char* realm, diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog index b798a560f..fbef40e26 100644 --- a/src/lib/krb4/ChangeLog +++ b/src/lib/krb4/ChangeLog @@ -1,3 +1,39 @@ +2003-02-10 Tom Yu + + * CCache-glue.c (krb4int_save_credentials_addr): Renamed from + krb_save_credentials(). + (krb_save_credentials): Implement in terms of + krb4int_save_credentials_addr(). + + * Makefile.in (SRCS, OBJS): Add password_to_key. + + * g_ad_tkt.c (get_ad_tkt): Call krb4int_send_to_kdc_addr() instead + of send_to_kdc(). Call krb4int_save_credentials_addr() instead of + krb_save_credentials(). These changes deal with Mac-specific + storage of the local address without introducing more + conditionally compiled code. + + * g_in_tkt.c: Fix to minimize Mac-specific code. Basically, pass + around local address in lots of places. There is still a + Mac-specific difference involving krb_get_in_tkt_creds(). + + * krb4int.h: Include port-sockets.h to get some socket stuff for + some prototypes. Update prototype for + krb_get_in_tkt_preauth_creds(). Add prototypes for + krb4int_save_credentials_addr() and krb4int_send_to_kdc_addr(). + + * password_to_key.c (krb_get_keyprocs): Fix typo. + (mit_passwd_to_key, krb5_passwd_to_key): mit_string_to_key -> + des_string_to_key. + + * save_creds.c (krb_save_credentials): Re-implement in terms of + krb4itn_save_credentials_addr(), which is what library internals + will call. + (krb4int_save_credentials_addr): Renamed from + krb_save_credentials. + + * tkt_string.c (krb_set_tkt_string): Fix to take const char *. + 2003-02-10 Alexandra Ellwood Note: these checkins are partial progress for Tom Yu. They probably don't build; Tom is expecting that. diff --git a/src/lib/krb4/Makefile.in b/src/lib/krb4/Makefile.in index c9b9ff889..c54cd02c6 100644 --- a/src/lib/krb4/Makefile.in +++ b/src/lib/krb4/Makefile.in @@ -56,6 +56,7 @@ OBJS = \ $(OUTPRE)mk_req.$(OBJEXT) \ $(OUTPRE)mk_safe.$(OBJEXT) \ $(OUTPRE)month_sname.$(OBJEXT) \ + $(OUTPRE)password_to_key.$(OBJEXT) \ $(OUTPRE)prot_client.$(OBJEXT) \ $(OUTPRE)prot_common.$(OBJEXT) \ $(OUTPRE)prot_kdc.$(OBJEXT) \ @@ -99,6 +100,7 @@ SRCS = \ mk_req.c \ mk_safe.c \ month_sname.c \ + password_to_key.c \ pkt_cipher.c \ pkt_clen.c \ prot_client.c \ diff --git a/src/lib/krb4/g_ad_tkt.c b/src/lib/krb4/g_ad_tkt.c index 1558b65a1..daae7515f 100644 --- a/src/lib/krb4/g_ad_tkt.c +++ b/src/lib/krb4/g_ad_tkt.c @@ -26,6 +26,7 @@ #include "krb.h" #include "des.h" +#include "krb4int.h" #include "prot.h" #include @@ -249,6 +250,8 @@ get_ad_tkt(service, sinstance, realm, lifetime) char rlm[REALM_SZ]; unsigned char *ptr; KRB4_32 t_local; + struct sockaddr_in laddr; + socklen_t addrlen; unsigned KRB4_32 kdc_time; /* KDC time */ size_t snamelen, sinstlen; @@ -331,7 +334,9 @@ get_ad_tkt(service, sinstance, realm, lifetime) /* Send the request to the local ticket-granting server */ rpkt->length = 0; - kerror = send_to_kdc(pkt, rpkt, realm); + addrlen = sizeof(laddr); + kerror = krb4int_send_to_kdc_addr(pkt, rpkt, realm, + (struct sockaddr *)&laddr, &addrlen); if (!kerror) { /* No error; parse return packet from KDC. */ @@ -355,8 +360,10 @@ get_ad_tkt(service, sinstance, realm, lifetime) return kerror; } - kerror = krb_save_credentials(s_name, s_instance, rlm, - ses, lifetime, kvno, tkt, t_local); + kerror = krb4int_save_credentials_addr(s_name, s_instance, rlm, + ses, lifetime, kvno, tkt, + t_local, + laddr.sin_addr.s_addr); /* * Unconditionally stomp on ses because we don't need it anymore. */ diff --git a/src/lib/krb4/g_in_tkt.c b/src/lib/krb4/g_in_tkt.c index bebdd009c..debfee4f4 100644 --- a/src/lib/krb4/g_in_tkt.c +++ b/src/lib/krb4/g_in_tkt.c @@ -159,9 +159,7 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life, int msg_byte_order; int kerror; -#if TARGET_OS_MAC socklen_t addrlen; -#endif #if 0 unsigned long exp_date; #endif @@ -218,13 +216,10 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life, /* SEND THE REQUEST AND RECEIVE THE RETURN PACKET */ rpkt->length = 0; -#if TARGET_OS_MAC - addrlen = sizeof(struct sockaddr_in) + addrlen = sizeof(struct sockaddr_in); kerror = krb4int_send_to_kdc_addr(pkt, rpkt, realm, - local_addr, &addrlen); -#else - kerror = send_to_kdc(pkt, rpkt, realm); -#endif + (struct sockaddr *)local_addr, + &addrlen); if (kerror) return kerror; @@ -397,7 +392,7 @@ krb_parse_in_tkt_creds(user, instance, realm, service, sinstance, life, cip, int krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life, key_proc, decrypt_proc, - arg, preauth_p, preauth_len, creds) + arg, preauth_p, preauth_len, creds, laddrp) char *user; char *instance; char *realm; @@ -410,6 +405,7 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life, char *preauth_p; int preauth_len; CREDENTIALS *creds; + KRB_UINT32 *laddrp; { KTEXT_ST cip_st; KTEXT cip = &cip_st; /* Returned Ciphertext */ @@ -417,21 +413,12 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life, int byteorder; key_proc_type *keyprocs = krb_get_keyprocs (key_proc); int i = 0; -#if TARGET_OS_MAC struct sockaddr_in local_addr; -#endif -#if TARGET_OS_MAC kerror = krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life, preauth_p, preauth_len, cip, &byteorder, &local_addr); -#else - kerror = krb_mk_in_tkt_preauth(user, instance, realm, - service, sinstance, - life, preauth_p, preauth_len, - cip, &byteorder, NULL); -#endif if (kerror) return kerror; @@ -445,12 +432,11 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life, } kerror = krb_parse_in_tkt_creds(user, instance, realm, service, sinstance, life, cip, byteorder, creds); - } while ((keyprocs [++i] != NULL) && (kerror == INTK_BADPW)) - -#if TARGET_OS_MAC - /* Do this here to avoid OS dependency in parse_in_tkt prototype. */ - creds->address = local_addr->sin_addr.s_addr; -#endif + } while ((keyprocs [++i] != NULL) && (kerror == INTK_BADPW)); + + if (laddrp != NULL) + *laddrp = local_addr.sin_addr.s_addr; + /* stomp stomp stomp */ memset(cip->dat, 0, (size_t)cip->length); return kerror; @@ -470,10 +456,17 @@ krb_get_in_tkt_creds(user, instance, realm, service, sinstance, life, char *arg; CREDENTIALS *creds; { +#if TARGET_OS_MAC /* XXX */ return krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life, key_proc, decrypt_proc, arg, - NULL, 0, creds); + NULL, 0, creds, &creds.address); +#else + return krb_get_in_tkt_preauth_creds(user, instance, realm, + service, sinstance, life, + key_proc, decrypt_proc, arg, + NULL, 0, creds, NULL); +#endif } int KRB5_CALLCONV @@ -493,6 +486,7 @@ krb_get_in_tkt_preauth(user, instance, realm, service, sinstance, life, int preauth_len; { int retval; + KRB_UINT32 laddr; CREDENTIALS creds; do { @@ -500,24 +494,17 @@ krb_get_in_tkt_preauth(user, instance, realm, service, sinstance, life, service, sinstance, life, key_proc, decrypt_proc, arg, preauth_p, preauth_len, - &creds); + &creds, &laddr); if (retval != KSUCCESS) break; if (in_tkt(user, instance) != KSUCCESS) { retval = INTK_ERR; break; } -#if TARGET_OS_MAC /* XXX */ - retval = krb_save_credentials_addr(creds.service, creds.instance, - creds.realm, creds.session, - creds.lifetime, creds.kvno, - &creds.ticket_st, creds.issue_date, - creds.address); -#else - retval = krb_save_credentials(creds.service, creds.instance, - creds.realm, creds.session, - creds.lifetime, creds.kvno, - &creds.ticket_st, creds.issue_date); -#endif + retval = krb4int_save_credentials_addr(creds.service, creds.instance, + creds.realm, creds.session, + creds.lifetime, creds.kvno, + &creds.ticket_st, + creds.issue_date, laddr); if (retval != KSUCCESS) break; } while (0); memset(&creds, 0, sizeof(creds)); diff --git a/src/lib/krb4/krb4int.h b/src/lib/krb4/krb4int.h index 0b0c19b99..0a09378cf 100644 --- a/src/lib/krb4/krb4int.h +++ b/src/lib/krb4/krb4int.h @@ -27,6 +27,8 @@ * be available for self consistancy in the library. */ +#include "port-sockets.h" + /* ad_print.c */ void ad_print(AUTH_DAT *x); @@ -54,7 +56,8 @@ int k_gethostname(char *, int); int krb_get_in_tkt_preauth_creds(char *, char *, char *, char *, char *, int, key_proc_type, decrypt_tkt_type, - char *, char *, int, CREDENTIALS *); + char *, char *, int, CREDENTIALS *, + KRB_UINT32 *); /* klog.c */ void kset_logfile(char *); @@ -109,3 +112,9 @@ int krb_get_stk(KRB_UINT32 *type, char *realm); /* err_txt.c */ void krb4int_et_init(void); void krb4int_et_fini(void); + +int krb4int_save_credentials_addr( + char *, char *, char *, C_Block, int, int, KTEXT, long, KRB_UINT32); + +int krb4int_send_to_kdc_addr(KTEXT, KTEXT, char *, + struct sockaddr *, socklen_t *); diff --git a/src/lib/krb4/password_to_key.c b/src/lib/krb4/password_to_key.c index b4b4d00b3..ee040fc51 100644 --- a/src/lib/krb4/password_to_key.c +++ b/src/lib/krb4/password_to_key.c @@ -64,7 +64,7 @@ key_proc_type *krb_get_keyprocs (key_proc_type keyproc) static key_proc_type user_keyprocs[2] = { NULL, NULL }; /* generate the list of key procs */ - if (key_proc == NULL) { + if (keyproc == NULL) { return default_keyprocs; /* use the default */ } else { user_keyprocs[0] = keyproc; @@ -80,7 +80,7 @@ int mit_passwd_to_key(char *user, char *instance, char *realm, #pragma unused(realm) if (passwd) { - mit_string_to_key(passwd, key); + des_string_to_key(passwd, key); } else { #if !(defined(_WIN32) || defined(USE_LOGIN_LIBRARY)) des_read_password((des_cblock *)key, "Password: ", 0); @@ -101,7 +101,7 @@ int krb5_passwd_to_key(char *user, char *instance, char *realm, if (p != NULL) { snprintf (p, len, "%s%s%s%s", passwd, realm, user, instance); p[len - 1] = '\0'; - mit_string_to_key (p, key); + des_string_to_key (p, key); free (p); return 0; } diff --git a/src/lib/krb4/save_creds.c b/src/lib/krb4/save_creds.c index 67ec402f1..62961c1b5 100644 --- a/src/lib/krb4/save_creds.c +++ b/src/lib/krb4/save_creds.c @@ -1,14 +1,29 @@ /* * save_creds.c * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. + * Copyright 1985, 1986, 1987, 1988, 2002 by the Massachusetts + * Institute of Technology. All Rights Reserved. * - * For copying and distribution information, please see the file - * . + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. */ -#include "mit-copyright.h" #include #include "krb.h" #include "krb4int.h" @@ -29,9 +44,9 @@ * to avoid namespace pollution. */ -int KRB5_CALLCONV -krb_save_credentials(service, instance, realm, session, lifetime, kvno, - ticket, issue_date) +int +krb4int_save_credentials_addr(service, instance, realm, session, lifetime, kvno, + ticket, issue_date, local_addr) char *service; /* Service name */ char *instance; /* Instance */ char *realm; /* Auth domain */ @@ -40,6 +55,7 @@ krb_save_credentials(service, instance, realm, session, lifetime, kvno, int kvno; /* Key version number */ KTEXT ticket; /* The ticket itself */ long issue_date; /* The issue time */ + KRB_UINT32 local_addr; { int tf_status; /* return values of the tf_util calls */ @@ -53,3 +69,19 @@ krb_save_credentials(service, instance, realm, session, lifetime, kvno, (void) tf_close(); return (tf_status); } + +int KRB5_CALLCONV +krb_save_credentials( + char *service, + char *instance, + char *realm, + C_Block session, + int lifetime, + int kvno, + KTEXT ticket, + long issue_date) +{ + return krb4int_save_credentials_addr(service, instance, realm, + session, lifetime, kvno, + ticket, issue_date, 0); +} diff --git a/src/lib/krb4/tkt_string.c b/src/lib/krb4/tkt_string.c index b434845eb..70eb60e86 100644 --- a/src/lib/krb4/tkt_string.c +++ b/src/lib/krb4/tkt_string.c @@ -92,7 +92,7 @@ const char *tkt_string() void KRB5_CALLCONV krb_set_tkt_string(val) -char *val; + const char *val; { (void) strncpy(krb_ticket_string, val, sizeof(krb_ticket_string)-1); krb_ticket_string[sizeof(krb_ticket_string)-1] = '\0'; -- 2.26.2