From 340fff61675667e913df3a8520b2232acc2d0ca8 Mon Sep 17 00:00:00 2001 From: Greg Hudson Date: Mon, 15 Dec 2008 20:37:39 +0000 Subject: [PATCH] Remove krb4 code in libkrb5 ticket: 6303 status: open git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@21452 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/k5-int.h | 14 -- src/lib/krb5/krb/Makefile.in | 13 -- src/lib/krb5/krb/conv_creds.c | 236 +--------------------------------- src/lib/krb5/krb/v4lifetime.c | 149 --------------------- src/lib/krb5/os/Makefile.in | 13 -- src/lib/krb5/os/accessor.c | 12 +- src/lib/krb5/os/send524.c | 107 --------------- 7 files changed, 4 insertions(+), 540 deletions(-) delete mode 100644 src/lib/krb5/krb/v4lifetime.c delete mode 100644 src/lib/krb5/os/send524.c diff --git a/src/include/k5-int.h b/src/include/k5-int.h index 1b4a60b49..883de3e18 100644 --- a/src/include/k5-int.h +++ b/src/include/k5-int.h @@ -2039,20 +2039,6 @@ krb5_error_code KRB5_CALLCONV krb5int_accessor #define KRB524_SERVICE "krb524" #define KRB524_PORT 4444 -/* v4lifetime.c */ -extern krb5_int32 krb5int_krb_life_to_time(krb5_int32, int); -extern int krb5int_krb_time_to_life(krb5_int32, krb5_int32); - -/* conv_creds.c */ -int krb5int_encode_v4tkt - (struct ktext *v4tkt, char *buf, unsigned int *encoded_len); - -/* send524.c */ -int krb5int_524_sendto_kdc - (krb5_context context, const krb5_data * message, - const krb5_data * realm, krb5_data * reply, - struct sockaddr *, socklen_t *); - /* temporary -- this should be under lib/krb5/ccache somewhere */ struct _krb5_ccache { diff --git a/src/lib/krb5/krb/Makefile.in b/src/lib/krb5/krb/Makefile.in index e4c7c62d1..ce161666b 100644 --- a/src/lib/krb5/krb/Makefile.in +++ b/src/lib/krb5/krb/Makefile.in @@ -94,7 +94,6 @@ STLIBOBJS= \ str_conv.o \ tgtname.o \ unparse.o \ - v4lifetime.o \ valid_times.o \ vfy_increds.o \ vic_opt.o \ @@ -181,7 +180,6 @@ OBJS= $(OUTPRE)addr_comp.$(OBJEXT) \ $(OUTPRE)str_conv.$(OBJEXT) \ $(OUTPRE)tgtname.$(OBJEXT) \ $(OUTPRE)unparse.$(OBJEXT) \ - $(OUTPRE)v4lifetime.$(OBJEXT) \ $(OUTPRE)valid_times.$(OBJEXT) \ $(OUTPRE)vfy_increds.$(OBJEXT) \ $(OUTPRE)vic_opt.$(OBJEXT) \ @@ -269,7 +267,6 @@ SRCS= $(srcdir)/addr_comp.c \ $(srcdir)/str_conv.c \ $(srcdir)/tgtname.c \ $(srcdir)/unparse.c \ - $(srcdir)/v4lifetime.c \ $(srcdir)/valid_times.c \ $(srcdir)/vfy_increds.c \ $(srcdir)/vic_opt.c \ @@ -1186,16 +1183,6 @@ unparse.so unparse.po $(OUTPRE)unparse.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ unparse.c -v4lifetime.so v4lifetime.po $(OUTPRE)v4lifetime.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h v4lifetime.c valid_times.so valid_times.po $(OUTPRE)valid_times.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ diff --git a/src/lib/krb5/krb/conv_creds.c b/src/lib/krb5/krb/conv_creds.c index 68af73301..b6c610842 100644 --- a/src/lib/krb5/krb/conv_creds.c +++ b/src/lib/krb5/krb/conv_creds.c @@ -27,238 +27,6 @@ #include "port-sockets.h" #include "socket-utils.h" -#if defined(KRB5_KRB4_COMPAT) || defined(_WIN32) /* yuck */ -#include "kerberosIV/krb.h" - -#ifdef USE_CCAPI -#include -#endif - -#define krb524_debug krb5int_krb524_debug -int krb524_debug = 0; - -static krb5_error_code krb524_convert_creds_plain -(krb5_context context, krb5_creds *v5creds, - CREDENTIALS *v4creds); - -static int decode_v4tkt - (struct ktext *v4tkt, char *buf, unsigned int *encoded_len); - -krb5_error_code KRB5_CALLCONV -krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds, - CREDENTIALS *v4creds) -{ - krb5_error_code ret; - krb5_data reply; - char *p; - struct sockaddr_storage ss; - socklen_t slen = sizeof(ss); - - ret = krb524_convert_creds_plain(context, v5creds, v4creds); - if (ret) - return ret; - - reply.data = NULL; - ret = krb5int_524_sendto_kdc(context, &v5creds->ticket, - &v5creds->server->realm, &reply, - ss2sa(&ss), &slen); - if (ret) - return ret; - -#if TARGET_OS_MAC -#ifdef USE_CCAPI - v4creds->stk_type = cc_v4_stk_des; -#endif - if (slen == sizeof(struct sockaddr_in) - && ss2sa(&ss)->sa_family == AF_INET) { - v4creds->address = ss2sin(&ss)->sin_addr.s_addr; - } - /* Otherwise, leave it set to all-zero. */ -#endif - - p = reply.data; - ret = ntohl(*((krb5_error_code *) p)); - p += sizeof(krb5_int32); - reply.length -= sizeof(krb5_int32); - if (ret) - goto fail; - - v4creds->kvno = ntohl(*((krb5_error_code *) p)); - p += sizeof(krb5_int32); - reply.length -= sizeof(krb5_int32); - ret = decode_v4tkt(&v4creds->ticket_st, p, &reply.length); - -fail: - if (reply.data) - free(reply.data); - reply.data = NULL; - return ret; -} - -static krb5_error_code -krb524_convert_creds_plain(context, v5creds, v4creds) - krb5_context context; - krb5_creds *v5creds; - CREDENTIALS *v4creds; -{ - int ret; - krb5_timestamp endtime; - char dummy[REALM_SZ]; - memset((char *) v4creds, 0, sizeof(CREDENTIALS)); - - if ((ret = krb5_524_conv_principal(context, v5creds->client, - v4creds->pname, v4creds->pinst, - dummy))) - return ret; - if ((ret = krb5_524_conv_principal(context, v5creds->server, - v4creds->service, v4creds->instance, - v4creds->realm))) - return ret; - - /* Check enctype too */ - if (v5creds->keyblock.length != sizeof(C_Block)) { - if (krb524_debug) - fprintf(stderr, "v5 session keyblock length %d != C_Block size %d\n", - v5creds->keyblock.length, - (int) sizeof(C_Block)); - return KRB524_BADKEY; - } else - memcpy(v4creds->session, (char *) v5creds->keyblock.contents, - sizeof(C_Block)); - - /* V4 has no concept of authtime or renew_till, so ignore them */ - v4creds->issue_date = v5creds->times.starttime; - v4creds->lifetime = krb5int_krb_time_to_life(v5creds->times.starttime, - v5creds->times.endtime); - endtime = krb5int_krb_life_to_time(v4creds->issue_date, - v4creds->lifetime); - /* - * Adjust start time backwards to deal with rounding up in - * krb_time_to_life(), to match code on server side. - */ - if (endtime > v5creds->times.endtime) - v4creds->issue_date -= endtime - v5creds->times.endtime; - - return 0; -} - -/* this used to be krb524/encode.c, under same copyright as above */ -/* - * I'm sure that this is reinventing the wheel, but I don't know where - * the wheel is hidden. - */ - -int encode_v4tkt (KTEXT_ST *, char *, unsigned int *); -static int encode_bytes (char **, int *, char *, unsigned int), - encode_int32 (char **, int *, krb5_int32 *); - -static int decode_bytes (char **, int *, char *, unsigned int), - decode_int32 (char **, int *, krb5_int32 *); - -static int encode_bytes(out, outlen, in, len) - char **out; - int *outlen; - char *in; - unsigned int len; -{ - if (len > *outlen) - return KRB524_ENCFULL; - memcpy(*out, in, len); - *out += len; - *outlen -= len; - return 0; -} - -static int encode_int32(out, outlen, v) - char **out; - int *outlen; - krb5_int32 *v; -{ - krb5_int32 nv; /* Must be 4 bytes */ - - nv = htonl(*v); - return encode_bytes(out, outlen, (char *) &nv, sizeof(nv)); -} - -int krb5int_encode_v4tkt(v4tkt, buf, encoded_len) - KTEXT_ST *v4tkt; - char *buf; - unsigned int *encoded_len; -{ - int buflen, ret; - krb5_int32 temp; - - buflen = *encoded_len; - - if (v4tkt->length < MAX_KTXT_LEN) - memset(v4tkt->dat + v4tkt->length, 0, - (unsigned int) (MAX_KTXT_LEN - v4tkt->length)); - temp = v4tkt->length; - if ((ret = encode_int32(&buf, &buflen, &temp))) - return ret; - if ((ret = encode_bytes(&buf, &buflen, (char *)v4tkt->dat, MAX_KTXT_LEN))) - return ret; - temp = v4tkt->mbz; - if ((ret = encode_int32(&buf, &buflen, &temp))) - return ret; - - *encoded_len -= buflen; - return 0; -} - -/* decode functions */ - -static int decode_bytes(out, outlen, in, len) - char **out; - int *outlen; - char *in; - unsigned int len; -{ - if (len > *outlen) - return KRB524_DECEMPTY; - memcpy(in, *out, len); - *out += len; - *outlen -= len; - return 0; -} - -static int decode_int32(out, outlen, v) - char **out; - int *outlen; - krb5_int32 *v; -{ - int ret; - krb5_int32 nv; /* Must be four bytes */ - - if ((ret = decode_bytes(out, outlen, (char *) &nv, sizeof(nv)))) - return ret; - *v = ntohl(nv); - return 0; -} - -static int decode_v4tkt(v4tkt, buf, encoded_len) - KTEXT_ST *v4tkt; - char *buf; - unsigned int *encoded_len; -{ - int buflen, ret; - krb5_int32 temp; - - buflen = *encoded_len; - if ((ret = decode_int32(&buf, &buflen, &temp))) - return ret; - v4tkt->length = temp; - if ((ret = decode_bytes(&buf, &buflen, (char *)v4tkt->dat, MAX_KTXT_LEN))) - return ret; - if ((ret = decode_int32(&buf, &buflen, &temp))) - return ret; - v4tkt->mbz = temp; - *encoded_len -= buflen; - return 0; -} - -#else /* no krb4 compat */ - krb5_error_code KRB5_CALLCONV krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds, struct credentials *v4creds) @@ -266,8 +34,6 @@ krb5_524_convert_creds(krb5_context context, krb5_creds *v5creds, return KRB524_KRB4_DISABLED; } -#endif - /* These may be needed for object-level backwards compatibility on Mac OS and UNIX, but Windows should be okay. */ #ifndef _WIN32 @@ -285,7 +51,7 @@ krb5_error_code KRB5_CALLCONV krb524_convert_creds_kdc(krb5_context context, krb5_creds *v5creds, struct credentials *v4creds) { - return krb5_524_convert_creds(context, v5creds, v4creds); + return KRB524_KRB4_DISABLED; } void KRB5_CALLCONV krb524_init_ets () diff --git a/src/lib/krb5/krb/v4lifetime.c b/src/lib/krb5/krb/v4lifetime.c deleted file mode 100644 index 94bf5f6ab..000000000 --- a/src/lib/krb5/krb/v4lifetime.c +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright 2000, 2001, 2003 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -#include "k5-int.h" - -/* - * Only lifetime bytes values less than 128 are on a linear scale. - * The following table contains an exponential scale that covers the - * lifetime values 128 to 191 inclusive (a total of 64 values). - * Values greater than 191 get interpreted the same as 191, but they - * will never be generated by the functions in this file. - * - * The ratio is approximately 1.069144898 (actually exactly - * exp(log(67.5)/63), where 67.5 = 2592000/38400, and 259200 = 30 - * days, and 38400 = 128*5 minutes. This allows a lifetime byte of - * 191 to correspond to a ticket life of exactly 30 days and a - * lifetime byte of 128 to correspond to exactly 128*5 minutes, with - * the other values spread on an exponential curve fit in between - * them. This table should correspond exactly to the set of extended - * ticket lifetime values used by AFS and CMU. - * - * The following awk script is sufficient to reproduce the table: - * BEGIN { - * r = exp(log(2592000/38400)/63); - * x = 38400; - * for (i=0;i<64;i++) { - * printf("%d\n",x+0.5); - * x *= r; - * } - * } - */ -#ifndef SHORT_LIFETIME -#define NLIFETIMES 64 -static const krb5_int32 lifetimes[NLIFETIMES] = { - 38400, 41055, /* 00:10:40:00, 00:11:24:15 */ - 43894, 46929, /* 00:12:11:34, 00:13:02:09 */ - 50174, 53643, /* 00:13:56:14, 00:14:54:03 */ - 57352, 61318, /* 00:15:55:52, 00:17:01:58 */ - 65558, 70091, /* 00:18:12:38, 00:19:28:11 */ - 74937, 80119, /* 00:20:48:57, 00:22:15:19 */ - 85658, 91581, /* 00:23:47:38, 01:01:26:21 */ - 97914, 104684, /* 01:03:11:54, 01:05:04:44 */ - 111922, 119661, /* 01:07:05:22, 01:09:14:21 */ - 127935, 136781, /* 01:11:32:15, 01:13:59:41 */ - 146239, 156350, /* 01:16:37:19, 01:19:25:50 */ - 167161, 178720, /* 01:22:26:01, 02:01:38:40 */ - 191077, 204289, /* 02:05:04:37, 02:08:44:49 */ - 218415, 233517, /* 02:12:40:15, 02:16:51:57 */ - 249664, 266926, /* 02:21:21:04, 03:02:08:46 */ - 285383, 305116, /* 03:07:16:23, 03:12:45:16 */ - 326213, 348769, /* 03:18:36:53, 04:00:52:49 */ - 372885, 398668, /* 04:07:34:45, 04:14:44:28 */ - 426234, 455705, /* 04:22:23:54, 05:06:35:05 */ - 487215, 520904, /* 05:15:20:15, 06:00:41:44 */ - 556921, 595430, /* 06:10:42:01, 06:21:23:50 */ - 636601, 680618, /* 07:08:50:01, 07:21:03:38 */ - 727680, 777995, /* 08:10:08:00, 09:00:06:35 */ - 831789, 889303, /* 09:15:03:09, 10:07:01:43 */ - 950794, 1016537, /* 11:00:06:34, 11:18:22:17 */ - 1086825, 1161973, /* 12:13:53:45, 13:10:46:13 */ - 1242318, 1328218, /* 14:09:05:18, 15:08:56:58 */ - 1420057, 1518247, /* 16:10:27:37, 17:13:44:07 */ - 1623226, 1735464, /* 18:18:53:46, 20:02:04:24 */ - 1855462, 1983758, /* 21:11:24:22, 22:23:02:38 */ - 2120925, 2267576, /* 24:13:08:45, 26:05:52:56 */ - 2424367, 2592000 /* 28:01:26:07, 30:00:00:00 */ -}; -#define MINFIXED 0x80 -#define MAXFIXED (MINFIXED + NLIFETIMES - 1) -#endif /* !SHORT_LIFETIME */ - -/* - * krb_life_to_time - * - * Given a start date and a lifetime byte, compute the expiration - * date. - */ -krb5_int32 -krb5int_krb_life_to_time(krb5_int32 start, int life) -{ - if (life < 0 || life > 255) /* possibly sign botch in caller */ - return start; -#ifndef SHORT_LIFETIME - if (life < MINFIXED) - return start + life * 5 * 60; - if (life > MAXFIXED) - return start + lifetimes[NLIFETIMES - 1]; - return start + lifetimes[life - MINFIXED]; -#else /* SHORT_LIFETIME */ - return start + life * 5 * 60; -#endif /* SHORT_LIFETIME */ -} - -/* - * krb_time_to_life - * - * Given the start date and the end date, compute the lifetime byte. - * Round up, since we can adjust the start date backwards if we are - * issuing the ticket to cause it to expire at the correct time. - */ -int -krb5int_krb_time_to_life(krb5_int32 start, krb5_int32 end) -{ - krb5_int32 dt; -#ifndef SHORT_LIFETIME - int i; -#endif - - dt = end - start; - if (dt <= 0) - return 0; -#ifndef SHORT_LIFETIME - if (dt < lifetimes[0]) - return (dt + 5 * 60 - 1) / (5 * 60); - /* This depends on the array being ordered. */ - for (i = 0; i < NLIFETIMES; i++) { - if (lifetimes[i] >= dt) - return i + MINFIXED; - } - return MAXFIXED; -#else /* SHORT_LIFETIME */ - if (dt > 5 * 60 * 255) - return 255; - else - return (dt + 5 * 60 - 1) / (5 * 60); -#endif /* SHORT_LIFETIME */ -} diff --git a/src/lib/krb5/os/Makefile.in b/src/lib/krb5/os/Makefile.in index dc7aeaead..b03fcf4f5 100644 --- a/src/lib/krb5/os/Makefile.in +++ b/src/lib/krb5/os/Makefile.in @@ -48,7 +48,6 @@ STLIBOBJS= \ read_pwd.o \ realm_dom.o \ realm_iter.o \ - send524.o \ sendto_kdc.o \ sn2princ.o \ thread_safe.o \ @@ -93,7 +92,6 @@ OBJS= \ $(OUTPRE)read_pwd.$(OBJEXT) \ $(OUTPRE)realm_dom.$(OBJEXT) \ $(OUTPRE)realm_iter.$(OBJEXT) \ - $(OUTPRE)send524.$(OBJEXT) \ $(OUTPRE)sendto_kdc.$(OBJEXT) \ $(OUTPRE)sn2princ.$(OBJEXT) \ $(OUTPRE)thread_safe.$(OBJEXT) \ @@ -138,7 +136,6 @@ SRCS= \ $(srcdir)/realm_dom.c \ $(srcdir)/realm_iter.c \ $(srcdir)/port2ip.c \ - $(srcdir)/send524.c \ $(srcdir)/sendto_kdc.c \ $(srcdir)/sn2princ.c \ $(srcdir)/thread_safe.c \ @@ -593,16 +590,6 @@ port2ip.so port2ip.po $(OUTPRE)port2ip.$(OBJEXT): $(BUILDTOP)/include/autoconf.h $(SRCTOP)/include/krb5/locate_plugin.h $(SRCTOP)/include/krb5/preauth_plugin.h \ $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ os-proto.h port2ip.c -send524.so send524.po $(OUTPRE)send524.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ - $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ - $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/fake-addrinfo.h \ - $(SRCTOP)/include/k5-buf.h $(SRCTOP)/include/k5-err.h \ - $(SRCTOP)/include/k5-gmt_mktime.h $(SRCTOP)/include/k5-int-pkinit.h \ - $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ - $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h os-proto.h send524.c sendto_kdc.so sendto_kdc.po $(OUTPRE)sendto_kdc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ diff --git a/src/lib/krb5/os/accessor.c b/src/lib/krb5/os/accessor.c index 9eb81af76..9e6376f25 100644 --- a/src/lib/krb5/os/accessor.c +++ b/src/lib/krb5/os/accessor.c @@ -69,15 +69,9 @@ krb5int_accessor(krb5int_access *internals, krb5_int32 version) SC (use_dns_kdc, _krb5_use_dns_kdc), #undef SC -#ifdef KRB5_KRB4_COMPAT -#define SC(FIELD, VAL) S(FIELD, VAL) -#else /* disable */ -#define SC(FIELD, VAL) S(FIELD, 0) -#endif - SC (krb_life_to_time, krb5int_krb_life_to_time), - SC (krb_time_to_life, krb5int_krb_time_to_life), - SC (krb524_encode_v4tkt, krb5int_encode_v4tkt), -#undef SC + S (krb_life_to_time, 0), + S (krb_time_to_life, 0), + S (krb524_encode_v4tkt, 0), S (krb5int_c_mandatory_cksumtype, krb5int_c_mandatory_cksumtype), #ifndef LEAN_CLIENT diff --git a/src/lib/krb5/os/send524.c b/src/lib/krb5/os/send524.c deleted file mode 100644 index 1792b4930..000000000 --- a/src/lib/krb5/os/send524.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright 1990,1991,1997 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * Send a packet to a service and await a reply, using an exponential - * backoff retry algorithm. This is based on krb5_sendto_kdc. - */ - -/* Grab socket stuff. This might want to go away later. */ -#include "fake-addrinfo.h" /* for custom addrinfo if needed */ -#include "k5-int.h" - -#ifndef _WIN32 -#include -#include -#endif - -#include -#include - -#include "os-proto.h" - -/* - * krb524_sendto_kdc: - * - * A slightly modified version of krb5_sendto_kdc. - * - * send the formatted request 'message' to a KDC for realm 'realm' and - * return the response (if any) in 'reply'. - * - * If the message is sent and a response is received, 0 is returned, - * otherwise an error code is returned. - * - * The storage for 'reply' is allocated and should be freed by the caller - * when finished. - */ - -krb5_error_code -krb5int_524_sendto_kdc (context, message, realm, reply, addr, addrlen) - krb5_context context; - const krb5_data * message; - const krb5_data * realm; - krb5_data * reply; - struct sockaddr *addr; - socklen_t *addrlen; -{ -#if defined(KRB5_KRB4_COMPAT) || defined(_WIN32) /* yuck! */ - int i; - struct addrlist al = ADDRLIST_INIT; - struct servent *serv; - krb5_error_code retval; - int port; - - /* - * find KDC location(s) for realm - */ - - serv = getservbyname(KRB524_SERVICE, "udp"); - port = serv ? serv->s_port : htons (KRB524_PORT); - - retval = krb5int_locate_server(context, realm, &al, locate_service_krb524, - SOCK_DGRAM, PF_INET); - if (retval == KRB5_REALM_CANT_RESOLVE || retval == KRB5_REALM_UNKNOWN) { - /* Fallback heuristic: Assume krb524 port on every KDC might - work. */ - retval = krb5_locate_kdc(context, realm, &al, 0, SOCK_DGRAM, PF_INET); - /* - * Bash the ports numbers. - */ - if (retval == 0) - for (i = 0; i < al.naddrs; i++) { - al.addrs[i].ai->ai_socktype = SOCK_DGRAM; - if (al.addrs[i].ai->ai_family == AF_INET) - sa2sin (al.addrs[i].ai->ai_addr)->sin_port = port; - } - } - if (retval) - return retval; - if (al.naddrs == 0) - return KRB5_REALM_UNKNOWN; - - retval = krb5int_sendto (context, message, &al, NULL, reply, addr, addrlen, NULL, 0, NULL, NULL, NULL); - krb5int_free_addrlist (&al); - return retval; -#else - return KRB524_KRB4_DISABLED; -#endif -} -- 2.26.2