From 40a0b6bb03903af917fac21cdd8f05c59902990e Mon Sep 17 00:00:00 2001 From: Paul Park Date: Wed, 12 Jul 1995 18:55:39 +0000 Subject: [PATCH] Add ability to get rid of -lkdb4 references git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6285 dc483132-0cff-0310-8789-dd5450dbe970 --- src/admin/convert/ChangeLog | 10 +++++++ src/admin/convert/configure.in | 16 +++++++++-- src/admin/convert/kdb5_convert.c | 49 +++++++++++++++++++++++++++----- src/admin/edit/ChangeLog | 10 +++++++ src/admin/edit/configure.in | 16 +++++++++-- src/admin/edit/dumpv4.c | 24 ++++++++++++++++ 6 files changed, 112 insertions(+), 13 deletions(-) diff --git a/src/admin/convert/ChangeLog b/src/admin/convert/ChangeLog index 711fb80a7..2a95d0689 100644 --- a/src/admin/convert/ChangeLog +++ b/src/admin/convert/ChangeLog @@ -1,4 +1,14 @@ +Wed Jul 12 11:55:44 EDT 1995 Paul Park (pjpark@mit.edu) + * configure.in - Temporarily add --with-kdb4 option. Default is without + kdb4. Without kdb4 enables a define. With kdb4 uses -lkdb4 and + -l[n]dbm libraries. + * kdb5_convert.c - Conditionalize references to kdb4 routines with + KDB4_DISABLE. Replace two required routines: + kdb_encrypt_key -> pcbc_encrypt + kdb_get_master_key -> des_read_password/printf/key_sched + + Fri Jul 7 15:35:07 EDT 1995 Paul Park (pjpark@mit.edu) * Makefile.in - Remove all explicit library handling and LDFLAGS. * configure.in - Add appropriate USE_ and KRB5_LIBRARIES. diff --git a/src/admin/convert/configure.in b/src/admin/convert/configure.in index 72f2ed5df..e44ba56df 100644 --- a/src/admin/convert/configure.in +++ b/src/admin/convert/configure.in @@ -1,10 +1,20 @@ AC_INIT(kdb5_convert.c) CONFIG_RULES AC_PROG_INSTALL -AC_CHECK_LIB(ndbm,main) -AC_CHECK_LIB(dbm,main) +AC_ARG_WITH([kdb4], +[ --with-kdb4 use Kerberos version 4 database library. + --without-kdb4 Avoid using Kerberos version 4 database library.], +, +withval=no)dnl +if test "$withval" = yes; then + AC_MSG_RESULT(Using Kerberos version 4 database library) + USE_KDB4_LIBRARY + AC_CHECK_LIB(ndbm,main) + AC_CHECK_LIB(dbm,main) +else + AC_DEFINE(KDB4_DISABLE) +fi USE_KDB5_LIBRARY -USE_KDB4_LIBRARY USE_KRB4_LIBRARY KRB5_LIBRARIES V5_USE_SHARED_LIB diff --git a/src/admin/convert/kdb5_convert.c b/src/admin/convert/kdb5_convert.c index 862b1ccd9..b1a47cb6e 100644 --- a/src/admin/convert/kdb5_convert.c +++ b/src/admin/convert/kdb5_convert.c @@ -84,7 +84,11 @@ krb5_error_code fixup_database PROTOTYPE((krb5_context, char *)); int create_local_tgt = 0; -#ifdef ODBM +/* + * I can't say for sure what ODBM is for, but when KDB4_DISABLE is defined, + * we are to avoid compiling any references to KDB4 functions. + */ +#if defined(ODBM) || defined(KDB4_DISABLE) static void usage(who, status) char *who; @@ -93,7 +97,7 @@ int status; fprintf(stderr, "usage: %s [-d v5dbpathname] [-t] [-n] [-r realmname] [-K] [-k keytype]\n\ \t[-e etype] [-M mkeyname] -f inputfile\n", who); - fprintf(stderr, "\t(You must supply a v4 database dump file for this version of %s\n",who); + fprintf(stderr, "\t(You must supply a v4 database dump file for this version of %s)\n",who); exit(status); } #else @@ -186,7 +190,7 @@ char *argv[]; tempdb = 1; break; case 'D': /* set db name */ -#ifdef ODBM +#if defined(ODBM) || defined(KDB4_DISABLE) usage(PROGNAME, 1); #else if (v4dumpfile) @@ -228,7 +232,7 @@ char *argv[]; } } -#ifdef ODBM +#if defined(ODBM) || defined(KDB4_DISABLE) if (!v4dumpfile) { usage(PROGNAME, 1); } @@ -382,10 +386,14 @@ master key name '%s'\n", exit(1); } +#ifndef KDB4_DISABLE if (v4dumpfile) retval = process_v4_dump(context, v4dumpfile, realm); else retval = kerb_db_iterate(enter_in_v5_db, realm); +#else /* KDB4_DISABLE */ + retval = process_v4_dump(context, v4dumpfile, realm); +#endif /* KDB4_DISABLE */ putchar('\n'); if (retval) com_err(PROGNAME, retval, "while translating entries to the database"); @@ -415,7 +423,7 @@ master key name '%s'\n", void v4fini() { -#ifndef ODBM +#if !defined(ODBM) && !defined(KDB4_DISABLE) kerb_fini(); #endif } @@ -426,9 +434,10 @@ char *pname, *name; int manual; char *dumpfile; { -#ifndef ODBM +#if !defined(ODBM) && !defined(KDB4_DISABLE) kerb_init(); #endif +#if !defined(KDB4_DISABLE) if (name) { if (kerb_db_set_name(name) != 0) { com_err(pname, 0, @@ -441,7 +450,15 @@ char *dumpfile; com_err(pname, 0, "Couldn't read v4 master key."); return 1; } -#ifndef ODBM +#else /* KDB4_DISABLE */ + /* + * Always reads from terminal. + */ + des_read_password(master_key, "Kerberos master key: ", 1); + printf("\n"); + key_sched(master_key, master_key_schedule); +#endif /* !KDB4_DISABLE */ +#if !defined(ODBM) && !defined(KDB4_DISABLE) if (!dumpfile) { if ((master_key_version = kdb_verify_master_key(master_key, master_key_schedule, @@ -489,8 +506,17 @@ Principal *princ; */ memcpy(key_from_db, (char *)&princ->key_low, 4); memcpy(((long *) key_from_db) + 1, (char *)&princ->key_high, 4); +#ifndef KDB4_DISABLE kdb_encrypt_key (key_from_db, key_from_db, master_key, master_key_schedule, DECRYPT); +#else /* KDB4_DISABLE */ + pcbc_encrypt((C_Block *) key_from_db, + (C_Block *) key_from_db, + (long) sizeof(C_Block), + master_key_schedule, + (C_Block *) master_key, + DECRYPT); +#endif /* KDB4_DISABLE */ val = memcmp((char *) master_key, (char *) key_from_db, sizeof(master_key)); memset((char *)key_from_db, 0, sizeof(key_from_db)); @@ -532,7 +558,16 @@ Principal *princ; memcpy((char *)v4key, (char *)&(princ->key_low), 4); memcpy((char *) (((long *) v4key) + 1), (char *)&(princ->key_high), 4); +#ifndef KDB4_DISABLE kdb_encrypt_key (v4key, v4key, master_key, master_key_schedule, DECRYPT); +#else /* KDB4_DISABLE */ + pcbc_encrypt((C_Block *) v4key, + (C_Block *) v4key, + (long) sizeof(C_Block), + master_key_schedule, + (C_Block *) master_key, + DECRYPT); +#endif /* KDB4_DISABLE */ v4v5key.magic = KV5M_KEYBLOCK; v4v5key.etype = master_keyblock.etype; diff --git a/src/admin/edit/ChangeLog b/src/admin/edit/ChangeLog index d0259cb48..4cfb5dd3b 100644 --- a/src/admin/edit/ChangeLog +++ b/src/admin/edit/ChangeLog @@ -1,4 +1,14 @@ +Wed Jul 12 12:01:04 EDT 1995 Paul Park (pjpark@mit.edu) + * configure.in - Temporarily add --with-kdb4 option. Default is without + kdb4. Without kdb4 enables a define. With kdb4 uses -lkdb4 and + -l[n]dbm libraries. + * dumpv4.c - Conditionalize references to kdb4 routines with + KDB4_DISABLE. Replace two required routines: + kdb_encrypt_key -> pcbc_encrypt + kdb_get_master_key -> des_read_password/printf/key_sched + + Fri Jul 7 15:38:00 EDT 1995 Paul Park (pjpark@mit.edu) * Makefile.in - Remove all explicit library handling and LDFLAGS. * configure.in - Add USE_ and KRB5_LIBRARIES. diff --git a/src/admin/edit/configure.in b/src/admin/edit/configure.in index 91581d0ba..10896bdf5 100644 --- a/src/admin/edit/configure.in +++ b/src/admin/edit/configure.in @@ -6,12 +6,22 @@ AC_HAVE_HEADERS(unistd.h sys/timeb.h alloca.h) AC_HAVE_FUNCS(ftime timezone) AC_CONST AC_HEADER_STDC -AC_CHECK_LIB(ndbm,main) -AC_CHECK_LIB(dbm,main) AC_HAVE_FUNCS(getcwd) SS_RULES +AC_ARG_WITH([kdb4], +[ --with-kdb4 use Kerberos version 4 database library. + --without-kdb4 Avoid using Kerberos version 4 database library.], +, +withval=no)dnl +if test "$withval" = yes; then + AC_MSG_RESULT(Using Kerberos version 4 database library) + USE_KDB4_LIBRARY + AC_CHECK_LIB(ndbm,main) + AC_CHECK_LIB(dbm,main) +else + AC_DEFINE(KDB4_DISABLE) +fi USE_KDB5_LIBRARY -USE_KDB4_LIBRARY USE_KRB4_LIBRARY USE_SS_LIBRARY KRB5_LIBRARIES diff --git a/src/admin/edit/dumpv4.c b/src/admin/edit/dumpv4.c index 6a8d12f27..70a6ebc7a 100644 --- a/src/admin/edit/dumpv4.c +++ b/src/admin/edit/dumpv4.c @@ -266,9 +266,18 @@ void dump_v4db(argc, argv) fprintf(f,"K M 255 1 1 0 "); +#ifndef KDB4_DISABLE kdb_encrypt_key (arg.v4_master_key, v4key, arg.v4_master_key, arg.v4_master_key_schedule, ENCRYPT); +#else /* KDB4_DISABLE */ + pcbc_encrypt((C_Block *) arg.v4_master_key, + (C_Block *) v4key, + (long) sizeof(C_Block), + arg.v4_master_key_schedule, + (C_Block *) arg.v4_master_key, + ENCRYPT); +#endif /* KDB4_DISABLE */ for (i=0; i<8; i++) { fprintf(f, "%02x", ((unsigned char*)v4key)[i]); @@ -324,12 +333,18 @@ int handle_keys(arg) } arg->v5master = &master_encblock; +#ifndef KDB4_DISABLE /* now master_encblock is set up for the database, we need the v4 key */ if (kdb_get_master_key (0, arg->v4_master_key, arg->v4_master_key_schedule) != 0) { com_err(arg->comerr_name, 0, "Couldn't read v4 master key."); exit(1); } +#else /* KDB4_DISABLE */ + des_read_password(arg->v4_master_key, "Kerberos master key: ", 1); + printf("\n"); + key_sched(arg->v4_master_key, arg->v4_master_key_schedule); +#endif /* KDB4_DISABLE */ return 0; } @@ -355,9 +370,18 @@ handle_one_key(arg, v5master, v5key, v4key) /* v4v5key.length = sizeof(v4key); */ memcpy(v4key, v5plainkey.contents, sizeof(des_cblock)); +#ifndef KDB4_DISABLE kdb_encrypt_key (v4key, v4key, arg->v4_master_key, arg->v4_master_key_schedule, ENCRYPT); +#else /* KDB4_DISABLE */ + pcbc_encrypt((C_Block *) v4key, + (C_Block *) v4key, + (long) sizeof(C_Block), + arg->v4_master_key_schedule, + (C_Block *) arg->v4_master_key, + ENCRYPT); +#endif /* KDB4_DISABLE */ return 0; } -- 2.26.2