From 5153e685dd165b1630f82c7939ae67d11944bc61 Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Sun, 9 Jun 2002 11:06:04 +0000 Subject: [PATCH] Merge file and srvtab keytab implementations each into one file, and eliminate the subdirectories. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@14486 dc483132-0cff-0310-8789-dd5450dbe970 --- src/lib/krb5/ChangeLog | 7 + src/lib/krb5/Makefile.in | 2 +- src/lib/krb5/configure.in | 2 - src/lib/krb5/keytab/ChangeLog | 341 ++++- src/lib/krb5/keytab/Makefile.in | 68 +- src/lib/krb5/keytab/file/.Sanitize | 52 - src/lib/krb5/keytab/file/ChangeLog | 323 ----- src/lib/krb5/keytab/file/Makefile.in | 147 -- src/lib/krb5/keytab/file/ktf_add.c | 48 - src/lib/krb5/keytab/file/ktf_close.c | 51 - src/lib/krb5/keytab/file/ktf_defops.c | 47 - src/lib/krb5/keytab/file/ktf_endget.c | 41 - src/lib/krb5/keytab/file/ktf_g_ent.c | 170 --- src/lib/krb5/keytab/file/ktf_g_name.c | 62 - src/lib/krb5/keytab/file/ktf_next.c | 51 - src/lib/krb5/keytab/file/ktf_ops.c | 47 - src/lib/krb5/keytab/file/ktf_remove.c | 84 -- src/lib/krb5/keytab/file/ktf_resolv.c | 65 - src/lib/krb5/keytab/file/ktf_ssget.c | 53 - src/lib/krb5/keytab/file/ktf_util.c | 784 ---------- src/lib/krb5/keytab/file/ktf_wops.c | 47 - src/lib/krb5/keytab/file/ktf_wreslv.c | 65 - src/lib/krb5/keytab/file/ktfile.h | 168 --- src/lib/krb5/keytab/file/ser_ktf.c | 332 ----- src/lib/krb5/keytab/kt_file.c | 1726 +++++++++++++++++++++++ src/lib/krb5/keytab/kt_srvtab.c | 522 +++++++ src/lib/krb5/keytab/srvtab/.Sanitize | 46 - src/lib/krb5/keytab/srvtab/ChangeLog | 49 - src/lib/krb5/keytab/srvtab/Makefile.in | 100 -- src/lib/krb5/keytab/srvtab/kts_close.c | 51 - src/lib/krb5/keytab/srvtab/kts_endget.c | 41 - src/lib/krb5/keytab/srvtab/kts_g_ent.c | 106 -- src/lib/krb5/keytab/srvtab/kts_g_name.c | 61 - src/lib/krb5/keytab/srvtab/kts_next.c | 51 - src/lib/krb5/keytab/srvtab/kts_ops.c | 46 - src/lib/krb5/keytab/srvtab/kts_resolv.c | 72 - src/lib/krb5/keytab/srvtab/kts_ssget.c | 53 - src/lib/krb5/keytab/srvtab/kts_util.c | 152 -- src/lib/krb5/keytab/srvtab/ktsrvtab.h | 117 -- 39 files changed, 2601 insertions(+), 3649 deletions(-) delete mode 100644 src/lib/krb5/keytab/file/.Sanitize delete mode 100644 src/lib/krb5/keytab/file/ChangeLog delete mode 100644 src/lib/krb5/keytab/file/Makefile.in delete mode 100644 src/lib/krb5/keytab/file/ktf_add.c delete mode 100644 src/lib/krb5/keytab/file/ktf_close.c delete mode 100644 src/lib/krb5/keytab/file/ktf_defops.c delete mode 100644 src/lib/krb5/keytab/file/ktf_endget.c delete mode 100644 src/lib/krb5/keytab/file/ktf_g_ent.c delete mode 100644 src/lib/krb5/keytab/file/ktf_g_name.c delete mode 100644 src/lib/krb5/keytab/file/ktf_next.c delete mode 100644 src/lib/krb5/keytab/file/ktf_ops.c delete mode 100644 src/lib/krb5/keytab/file/ktf_remove.c delete mode 100644 src/lib/krb5/keytab/file/ktf_resolv.c delete mode 100644 src/lib/krb5/keytab/file/ktf_ssget.c delete mode 100644 src/lib/krb5/keytab/file/ktf_util.c delete mode 100644 src/lib/krb5/keytab/file/ktf_wops.c delete mode 100644 src/lib/krb5/keytab/file/ktf_wreslv.c delete mode 100644 src/lib/krb5/keytab/file/ktfile.h delete mode 100644 src/lib/krb5/keytab/file/ser_ktf.c create mode 100644 src/lib/krb5/keytab/kt_file.c create mode 100644 src/lib/krb5/keytab/kt_srvtab.c delete mode 100644 src/lib/krb5/keytab/srvtab/.Sanitize delete mode 100644 src/lib/krb5/keytab/srvtab/ChangeLog delete mode 100644 src/lib/krb5/keytab/srvtab/Makefile.in delete mode 100644 src/lib/krb5/keytab/srvtab/kts_close.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_endget.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_g_ent.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_g_name.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_next.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_ops.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_resolv.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_ssget.c delete mode 100644 src/lib/krb5/keytab/srvtab/kts_util.c delete mode 100644 src/lib/krb5/keytab/srvtab/ktsrvtab.h diff --git a/src/lib/krb5/ChangeLog b/src/lib/krb5/ChangeLog index 46ef29b01..e9526be93 100644 --- a/src/lib/krb5/ChangeLog +++ b/src/lib/krb5/ChangeLog @@ -1,3 +1,10 @@ +2002-06-09 Ken Raeburn + + * configure.in: Don't set up keytab/file or keytab/srvtab + subdirectories. + * Makefile.in (STOBJLISTS): Delete keytab/file/OBJS.ST and + keytab/srvtab/OBJS.ST. + 2002-03-06 Ken Raeburn * Makefile.in (LIBMINOR): Bump due to changes in error tables. diff --git a/src/lib/krb5/Makefile.in b/src/lib/krb5/Makefile.in index ad623498a..b9d504988 100644 --- a/src/lib/krb5/Makefile.in +++ b/src/lib/krb5/Makefile.in @@ -24,7 +24,7 @@ STOBJLISTS= \ error_tables/OBJS.ST \ asn.1/OBJS.ST \ ccache/OBJS.ST \ - keytab/OBJS.ST keytab/file/OBJS.ST keytab/srvtab/OBJS.ST \ + keytab/OBJS.ST \ krb/OBJS.ST \ rcache/OBJS.ST \ os/OBJS.ST \ diff --git a/src/lib/krb5/configure.in b/src/lib/krb5/configure.in index cdd25945e..7976da0b1 100644 --- a/src/lib/krb5/configure.in +++ b/src/lib/krb5/configure.in @@ -28,8 +28,6 @@ K5_GEN_MAKEFILE(error_tables, libobj) K5_GEN_MAKEFILE(asn.1, libobj) K5_GEN_MAKEFILE(ccache, libobj) K5_GEN_MAKEFILE(keytab, libobj) -K5_GEN_MAKEFILE(keytab/file, libobj) -K5_GEN_MAKEFILE(keytab/srvtab, libobj) K5_GEN_MAKEFILE(krb, libobj) K5_GEN_MAKEFILE(rcache, libobj) K5_GEN_MAKEFILE(os, libobj) diff --git a/src/lib/krb5/keytab/ChangeLog b/src/lib/krb5/keytab/ChangeLog index 92231b8d8..79b73becf 100644 --- a/src/lib/krb5/keytab/ChangeLog +++ b/src/lib/krb5/keytab/ChangeLog @@ -1,7 +1,40 @@ +2002-06-09 Ken Raeburn + + * kt_srvtab.c: New file, combines all srvtab functions. All + functions now static, only the ops table is exported. + * srvtab/*: All files deleted. + * kt_file.c: New file, combines all file/wrfile functions. + * file/*: All files deleted. + * Makefile.in (LOCAL_SUBDIRS, MAC_SUBDIRS): Deleted. + (STLIBOBJS, OBJS, SRCS): Added new files. + (all-windows): Skip subdirs target. + (subdirs, file\$(OUTPRE)file.lst, srvtab\$(OUTPRE)file.lst)[DOS]: + Deleted targets. + ($(OBJFILE))[DOS]: Skip subdir stuff. + (clean-windows): Don't go into subdirs. + +2002-03-06 Ken Raeburn + + * srvtab/kts_g_ent.c (krb5_ktsrvtab_get_entry): If a specific DES + enctype was requested, set the key's enctype to it, instead of + always returning des-cbc-crc. + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): For non-zero kvno, + match only low 8 bits. For zero kvno, if any kvno in the keytab + is over 240, assume we're dealing with numbers 128 + through (127+256) instead. This allows for wrapping at 256 while + retaining a small set of consecutively numbered prior keys in the + keytab. + 2002-02-22 Ken Raeburn * ktbase.c (krb5_kt_resolve): Use const instead of krb5_const. +2001-11-19 Tom Yu + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): Coerce enctype for now + to restore 1.0.x enctype similarity behavior. + 2001-10-15 Danilo Almeida * ktfns.c (krb5_kt_get_type): KRB5_CALLCONV. @@ -14,6 +47,12 @@ 2001-10-09 Ken Raeburn * ktbase.c: Make prototypes unconditional. + * srvtab/ktsrvtab.h: Make prototypes unconditional. + * file/ktfile.h, file/ser_ktf.c: Make prototypes unconditional. + +2001-10-05 Ken Raeburn + + * file/ser_ktf.c: Drop _MSDOS support. 2001-10-03 Ken Raeburn @@ -26,26 +65,66 @@ * ktbase.c (krb5_kt_resolve): Signed/unsigned int cleanups. Maintain const char * attribute of incomming name. + * srvtab/kts_g_name.c, srvtab/ktsrvtab.h (krb5_ktsrvtab_get_name): + Uses unsigned int length now. + + * file/ktf_util.c: Unsigned/signed int cleanups. + + * file/ktf_g_name.c, file/ktfile.h (krb5_ktfile_get_name): Length + field now unsigned int. + +2000-09-25 Ezra Peisach + + * file/ser_ktf.c (krb5_ktf_keytab_externalize): Do not violate + const char * declaration of ktfile_def_name. + + * file/ktf_util.c (xfwrite): Cast length field to fwrite/fread as + unsigned. + +2000-06-28 Ezra Peisach + + * srvtab/kts_util.c (read_field): Cleanup unused variable. + 2000-03-12 Ezra Peisach * ktbase.c (krb5_kt_resolve): Change prototype from const to krb5_const to match krb5.hin +Fri Jan 28 19:53:44 2000 Ezra Peisach + + * srvtab/kts_g_ent.c, srvtab/ktsrvtab.h (krb5_ktsrvtab_get_entry): + Change the third argument to krb5_const_principal (from + krb5_principal) to agree with krb5_kts_ops entries. + 1999-10-26 Wilfredo Sanchez - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. + * Makefile.in, file/Makefile.in, srvtab/Makefile.in: Clean up + usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, LOCAL_INCLUDES such that + one can override CFLAGS from the command line without losing CPP + search patchs and defines. Some associated Makefile cleanup. 1999-06-15 Danilo Almeida * Makefile.in: Fix windows build. + * srvtab/Makefile.in: Fix windows build. + + * srvtab/ktsrvtab.h, srvtab/kts_resolv.c (krb5_ktsrvtab_resolve), + srvtab/kts_g_name.c (krb5_ktsrvtab_get_name), + srvtab/kts_close.c (krb5_ktsrvtab_close), + srvtab/kts_g_ent.c (krb5_ktsrvtab_get_entry), + srvtab/kts_ssget.c (krb5_ktsrvtab_start_seq_get), + srvtab/kts_next.c (krb5_ktsrvtab_get_next), + srvtab/kts_endget.c (krb5_ktsrvtab_end_get): Fix calling + convention. + 1999-06-13 Geoffrey King * Makefile.in: Add new subdirectory srvtab. + * srvtab: Initial checkin of ghudson's code to implement the + SRVTAB keytab type, which can read a krb4 srvtab. + * ktbase.c: Support FILE and SRVTAB types by default. Use krb5_ktf_ops instead of krb5_dfl_ops. @@ -55,23 +134,29 @@ Tue May 18 19:52:56 1999 Danilo Almeida Mon May 10 15:25:32 1999 Danilo Almeida - * Makefile.in: Do win32 build in subdir. + * Makefile.in, file/Makefile.in: Do win32 build in subdir. 1998-11-13 Theodore Ts'o - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) + * Makefile.in, file/Makefile.in: Set the myfulldir and mydir + variables (which are relative to buildtop and thisconfigdir, + respectively.) + +1998-10-27 Marc Horowitz + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): restructure the code + to use the compare_enctypes function and not leak memory Fri Feb 27 18:03:33 1998 Theodore Ts'o - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved the configure.in tests in - this directory to the toplevel lib/krb5 configure.in + * Makefile.in, file/Makefile.in: Changed thisconfigdir to point at + the lib/krb5 directory, since we've moved the configure.in tests + in this directory to the toplevel lib/krb5 configure.in Wed Feb 18 16:22:33 1998 Tom Yu - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. + * Makefile.in, file/Makefile.in: Remove trailing slash from + thisconfigdir. Fix up BUILDTOP for new conventions. Thu Feb 12 16:18:05 1998 Tom Yu @@ -80,35 +165,99 @@ Thu Feb 12 16:18:05 1998 Tom Yu Mon Feb 2 16:47:05 1998 Theodore Ts'o - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile + * Makefile.in, file/Makefile.in: Define BUILDTOP and thisconfigdir + in the Makefile * configure.in: Create the makefiles for the file subdirectory and move all of the configure.in tests from in the subdirectory into this configure.in. +Tue Oct 28 10:53:10 1997 Ezra Peisach + + * ktf_wreslv.c, ktf_resolv.c:Initialize version element of + krb5_ktfile_data structure. + +Mon Sep 15 15:15:33 1997 Ezra Peisach + + * ktfile.h, ktf_g_ent.c (krb5_ktfile_get_entry): Incoming principal + is krb5_const_principal. + +Sat Feb 22 22:27:53 1997 Richard Basch + + * Makefile.in: Use some of the new library list build rules in + win-post.in + Thu Nov 21 11:55:16 EST 1996 Richard Basch - * Makefile.in: win32 build + * Makefile.in: win32 build * ktadd.c,ktbase.c,ktdefault.c,ktfr_entry.c,ktremove.c,read_servi.c: DLL export the keytab dispatch functions + * file/Makefile.in: win32 build + + * file/ktf_add.c, file/ktf_close.c, file/ktf_g_ent.c, + file/ktf_g_name.c, file/ktf_next.c, file/ktf_remove.c, + file/ktf_resolv.c, file/ktf_ssget.c, file/ktf_wreslv.c, + file/ktfile.h: Change the functions declarations to include FAR + pointers and KRB5_CALLCONV so that they can be utilized by a DLL. + Thu Jan 2 17:11:59 1997 Tom Yu - * Makefile.in: - * configure.in: Update to new library build procedure. + * Makefile.in, configure.in, file/Makefile.in, file/configure.in: + Update to new library build procedure. + +Tue Nov 19 17:06:59 1996 Barry Jaspan + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): return + KRB5_KT_KVNONOTFOUND when appropriate [krb5-libs/198] + +Wed Jul 24 17:10:11 1996 Theodore Y. Ts'o + + * file/ktf_g_name.c (krb5_ktfile_get_name): Use the error code + KRB5_KT_NAME_TOOLONG instead of ENAMETOOLONG, which isn't + portable. + +Fri Jul 12 21:16:50 1996 Marc Horowitz + + * file/ktf_g_name.c (krb5_ktfile_get_name): include the prefix in + the returned name. + +Wed Jun 12 01:09:01 1996 Theodore Ts'o + + * file/ser_ktf.c: Add #ifdef _WIN32 in places where we had #ifdef + _MSDOS Thu Jun 6 00:04:38 1996 Theodore Y. Ts'o * Makefile.in (all-windows): Don't pass $(LIBCMD) on the command line. It's set in the windows.in prologue for all Makefiles anyway. +Thu May 9 03:05:51 1996 Richard Basch + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): don't skip over keytab + entries with kvno=0. + +Tue Mar 19 22:28:43 1996 Richard Basch + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): all des enctypes are + equivalent + Wed Feb 7 00:23:18 1996 Theodore Y. Ts'o * Makefile.in: Folded in danw's changes to allow building Makefiles for the Macintosh. We now can build MPW makefiles which are interpreted by CodeWarrior. +Thu Jan 25 15:52:34 1996 Sam Hartman + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): Match against enctype. + +Fri Jan 5 04:50:41 1996 Ezra Peisach (epeisach@kangaroo.mit.edu) + + * file/ser_ktf.c (krb5_ktf_keytab_internalize): Take care of gcc + warning under OSF/1. + Wed Dec 13 07:09:30 1995 Chris Provenzano (proven@mit.edu) * configure.in : Remove subdirectory db. @@ -119,22 +268,54 @@ Tue Dec 12 01:26:30 1995 Chris Provenzano (proven@mit.edu) Fri Oct 6 22:04:28 1995 Theodore Y. Ts'o - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. + * Makefile.in, file/Makefile.in: Remove ##DOS!include of + config/windows.in. config/windows.in is now included by + wconfig. Mon Sep 25 16:57:28 1995 Theodore Y. Ts'o - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. + * Makefile.in, file/Makefile.in: Removed "foo:: foo-$(WHAT)" lines + from the Makefile. + +Wed Sep 13 10:57:08 1995 Keith Vetter (keithv@fusion.com) + + * file/ser_ktf.c: Added MSDOS to wherever MACINTOSH was used. + +Mon Sep 11 21:22:44 1995 Ezra Peisach + + * file/ser_ktf.c (krb5_ktf_keytab_externalize): On Macintosh, + keytab file is not left open Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) * read_servi.c : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g + * file/ktf_g_ent.c, file/ktf_remove.c, file/ktf_util.c, + file/ktfile.h : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g + +Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) + + * file/ktf_util.c : Remove krb5_enctype references, and replace with + krb5_keytype where appropriate + Tue Aug 29 13:37:56 EDT 1995 Paul Park (pjpark@mit.edu) + * ktbase.c - Add routines to deal with externalizing krb5_keytab. These search the registered keytab types for a match and dispatch via the serializer handle. + * file/Makefile.in, file/.Sanitize, file/ser_ktf.c - Add new module to support + serialization of [WR]FILE keytabs. + * file/ktf_{defops,ops,wops}.c - Add serializer entry. + * file/ktf_{resolv,wreslv}.c - Set magic number in successfully resolved + keytab. + +Wed Aug 16 02:45:19 1995 Chris Provenzano + + * file/ktf_util.c: Pass fds to krb5_lock_file() and krb5_unlock_file() + +Tue Aug 15 01:34:57 1995 Tom Yu + + * file/ktf_util.c: return KRB5_KEYTAB_BADVNO instead of -1 Fri Aug 4 21:48:41 1995 Tom Yu @@ -144,24 +325,47 @@ Fri Aug 4 21:48:41 1995 Tom Yu * ktdefault.c (krb5_kt_default): add more parens to shut up gcc -Wall + * file/ktf_util.c: shut up gcc -Wall + + * file/ktf_remove.c: more stuff to shut up gcc -Wall + + * file/ktf_next.c: Add more parens to shut up gcc -Wall + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): Add more parens to shut up + gcc -Wall + + * file/ktf_add.c (krb5_ktfile_add): Add parens to shut up gcc -Wall + +Wed Jun 28 12:05:34 1995 + + * file/ktf_g_ent.c (krb5_ktfile_get_entry): If the key version number + is specified, check to make sure that the entry has the + correct key version number. + Fri Jun 9 19:33:33 1995 * configure.in: Remove standardized set of autoconf macros, which are now handled by CONFIG_RULES. Use DO_SUBDIRS to recurse down subdirectories. + * file/configure.in: Remove standardized set of autoconf macros, + which are now handled by CONFIG_RULES. + Fri May 26 20:20:18 1995 Theodore Y. Ts'o (tytso@dcl) - * configure.in, Makefile.in: Add support for building shared libraries. + * configure.in, Makefile.in, file/configure.in, file/Makefile.in: + Add support for building shared libraries. Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - * *.c: removed unneeded INTERFACE from non-api functions. + * *.c, file/*.[ch]: removed unneeded INTERFACE from non-api + functions. Fri Mar 17 19:46:07 1995 John Gilmore (gnu at toad.com) * Makefile.in (LDFLAGS): Zap duplicate defn. (all-mac, clean-mac): Add. + * file/Makefile.in (LDFLAGS): Zap duplicate. Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) @@ -169,25 +373,56 @@ Wed Mar 15 20:23:17 1995 Keith Vetter (keithv@fusion.com) Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com) - * Makefile.in: changed library name for the PC. + * Makefile.in, file/Makefile.in: changed library name for the PC. Tue Mar 7 19:53:56 1995 Mark Eichin - * configure.in: take out ISODE_DEFS. + * configure.in, file/configure.in: take out ISODE_DEFS. Wed Mar 3 16:30:00 1995 Keith Vetter (keithv@fusion.com) * Makefile.in: changed LIB to LIBCMD for the PC +Thu Mar 2 11:50:00 1995 Keith Vetter (keithv@fusion.com) + + * file/ktf_util.c: Changed NEED_WINSOCK_H to NEED_SOCKETS + +Wed Mar 1 16:30:00 1995 Keith Vetter (keithv@fusion.com) + + * file/ktf_util.c: fixed up some 16 vs 32 bit conversions. + Tue Feb 28 00:59:22 1995 John Gilmore (gnu at toad.com) - * *.c: Avoid includes. + * *.c, file/*.c: Avoid includes. Wed Feb 22 01:38:54 1995 Keith Vetter (keithv@fusion.com) * Makefile.in: made to work on the PC * *.c: added windows INTERFACE keyword + * file/Makefile.in: made to work on the PC + * file/*.c, file/ktfile.h: added windows INTERFACE keyword + * file/ktf_util.c: removed include of + cast some 32bit ints to size_t ints + +Fri Feb 3 01:53:44 1995 John Gilmore + + Rename files for DOS 8.3 uniqueness: + * file/ktf_get_en.c => ktf_g_ent.c + * file/ktf_get_na.c => ktf_g_name.c + * file/Makefile.in: changed to match. + +Fri Jan 27 12:54:54 1995 Chris Provenzano (proven@mit.edu) + + * file/ktf_get_en.c, file/ktfile.h (krb5_ktfile_get_entry()) + Added krb5_keytype arg. + +Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu) + + * Removed all narrow types and references to wide.h and narrow.h + * file/ktf_util.c : Use a constant size for file data not subfield + size from krb5_keytab_entry + Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) * read_servi.c (krb5_kt_read_service_key) Add krb5_keytype arg. @@ -196,20 +431,76 @@ Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) * Added krb5_context to all krb5_routines +Fri Nov 18 15:34:35 1994 Theodore Y. Ts'o (tytso@dcl) + + * file/ktf_util.c (krb5_ktfileint_internal_read_entry): Add magic + numbers for keytab, principal, and keyblock. + +Wed Oct 26 14:41:31 1994 (tytso@rsx-11) + + * file/ktf_get_en.c (krb5_ktfile_get_entry): If the requested kvno + is IGNORE_KVNO, fix the error return so that 0 (no error) + is returned instead of KTF_NOT_FOUND. + Fri Oct 14 23:09:02 1994 Theodore Y. Ts'o (tytso@dcl) * configure.in: Add ISODE_DEFS rule. +Thu Oct 13 17:26:12 1994 Theodore Y. Ts'o (tytso@maytag) + + * file/configure.in: Add ISODE_DEFS + Tue Oct 4 22:06:15 1994 Theodore Y. Ts'o (tytso@dcl) * ktfr_entry.c (krb5_kt_free_entry): Only try to free entry->key.contents if it is non-NULL. If entry is NULL, return. + * file/ktf_get_en.c (krb5_ktfile_get_entry): Fix to compare using + new_entry instead of cur_entry. (Bug made in modification + on Sep 28th). Don't free cur_entry twice on errors. + + * file/ktfile.h + * file/ktf_wreslv.c (krb5_ktfile_wresolve): + * file/ktf_resolv.c (krb5_ktf_resolv): Resolv's first argument is now a + const char *. + +Fri Sep 30 21:56:02 1994 Theodore Y. Ts'o (tytso@dcl) + + * file/ktf_ops.c (krb5_ktf_ops): + file/ktf_wops.c (krb5_ktf_writable_ops): + file/ktf_defops.c (krb5_kt_dfl_ops): Add placeholder for magic number. + Thu Sep 29 23:19:06 1994 Theodore Y. Ts'o (tytso@dcl) * ktbase.c (krb5_kt_resolve_name): If the prefix "FILE:" is not given, assume the default operations list (whcih is krb5_kt_dfl_ops). +Wed Sep 28 21:14:49 1994 Theodore Y. Ts'o (tytso@dcl) + + * file/ktf_get_en.c (krb5_ktfile_get_entry): Modified to return the + most recent key (with the greatest kvno), instead of the + first. + +Thu Sep 22 21:51:53 1994 Theodore Y. Ts'o (tytso@dcl) + + * file/ktf_get_en.c (krb5_ktfile_get_entry): + * file/ktf_next.c (krb5_ktfile_get_next): + * file/ktf_remove.c (krb5_ktfile_remove): + * file/ktf_util.c (krb5_ktfileint_read_entry, + krb5_ktfileint_internal_read_entry): + * file/ktfile.h: Change the interface of krb5_ktfile_read_entry and + krb5_ktfile_internal_read_entry so that they don't + allocate memory for the top-level structure. All of their + callers didn't need it and were freeing it anyway. + + * file/ktf_remove.c (krb5_ktfile_remove): Fix memory leak caused by not + freeing the top-level structure. + +Wed Sep 14 21:56:15 1994 Theodore Y. Ts'o (tytso@dcl) + + * file/ktf_util.c (krb5_ktfileint_delete_entry): Fixed bug reported by + Bill Sommerfeld where a missing byte-swap on a + little-endian machine causes the delete operation fail. diff --git a/src/lib/krb5/keytab/Makefile.in b/src/lib/krb5/keytab/Makefile.in index fd761eb40..dd80582ca 100644 --- a/src/lib/krb5/keytab/Makefile.in +++ b/src/lib/krb5/keytab/Makefile.in @@ -2,15 +2,12 @@ thisconfigdir=./.. myfulldir=lib/krb5/keytab mydir=keytab BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U) -LOCAL_SUBDIRS = file srvtab ##DOS##BUILDTOP = ..\..\.. ##DOS##PREFIXDIR=keytab ##DOS##OBJFILE=..\$(OUTPRE)$(PREFIXDIR).lst ##WIN16##LIBNAME=..\krb5.lib -MAC_SUBDIRS = file srvtab - STLIBOBJS= \ ktadd.o \ ktbase.o \ @@ -18,6 +15,8 @@ STLIBOBJS= \ ktfr_entry.o \ ktremove.o \ ktfns.o \ + kt_file.o \ + kt_srvtab.o \ read_servi.o OBJS= \ @@ -27,6 +26,8 @@ OBJS= \ $(OUTPRE)ktfr_entry.$(OBJEXT) \ $(OUTPRE)ktremove.$(OBJEXT) \ $(OUTPRE)ktfns.$(OBJEXT) \ + $(OUTPRE)kt_file.$(OBJEXT) \ + $(OUTPRE)kt_srvtab.$(OBJEXT) \ $(OUTPRE)read_servi.$(OBJEXT) SRCS= \ @@ -36,37 +37,20 @@ SRCS= \ $(srcdir)/ktfr_entry.c \ $(srcdir)/ktremove.c \ $(srcdir)/ktfns.c \ + $(srcdir)/kt_file.c \ + $(srcdir)/kt_srvtab.c \ $(srcdir)/read_servi.c -all-windows:: subdirs $(OBJFILE) - -##DOSsubdirs:: file\$(OUTPRE)file.lst srvtab\$(OUTPRE)srvtab.lst -##DOSfile\$(OUTPRE)file.lst:: -##DOS cd file -##DOS @echo Making in krb5\keytab\file -##DOS $(MAKE) -$(MFLAGS) -##DOS cd .. -##DOSsrvtab\$(OUTPRE)srvtab.lst:: -##DOS cd srvtab -##DOS @echo Making in krb5\keytab\srvtab -##DOS $(MAKE) -$(MFLAGS) -##DOS cd .. +all-windows:: $(OBJFILE) -##DOS$(OBJFILE): $(OBJS) file\$(OUTPRE)file.lst srvtab\$(OUTPRE)srvtab.lst +##DOS$(OBJFILE): $(OBJS) ##DOS $(RM) $(OBJFILE) -##WIN32## $(LIBECHO) -p $(PREFIXDIR)\ $(OUTPRE)*.obj file\$(OUTPRE)*.obj srvtab\$(OUTPRE)*.obj > $(OBJFILE) +##WIN32## $(LIBECHO) -p $(PREFIXDIR)\ $(OUTPRE)*.obj > $(OBJFILE) all-unix:: all-libobjs clean-unix:: clean-libobjs clean-windows:: - cd file - @echo Making clean in krb5\keytab\file - $(MAKE) -$(MFLAGS) clean - cd ..\srvtab - @echo Making clean in krb5\keytab\srvtab - $(MAKE) -$(MFLAGS) clean - cd .. @echo Making clean in krb5\keytab $(RM) $(OBJFILE) @@ -77,30 +61,36 @@ clean-windows:: # ktadd.so ktadd.po $(OUTPRE)ktadd.$(OBJEXT): ktadd.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h ktbase.so ktbase.po $(OUTPRE)ktbase.$(OBJEXT): ktbase.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h ktdefault.so ktdefault.po $(OUTPRE)ktdefault.$(OBJEXT): ktdefault.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h ktfr_entry.so ktfr_entry.po $(OUTPRE)ktfr_entry.$(OBJEXT): ktfr_entry.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h ktremove.so ktremove.po $(OUTPRE)ktremove.$(OBJEXT): ktremove.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h ktfns.so ktfns.po $(OUTPRE)ktfns.$(OBJEXT): ktfns.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h +kt_file.so kt_file.po $(OUTPRE)kt_file.$(OBJEXT): kt_file.c +kt_srvtab.so kt_srvtab.po $(OUTPRE)kt_srvtab.$(OBJEXT): kt_srvtab.c $(SRCTOP)/include/k5-int.h \ + $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h read_servi.so read_servi.po $(OUTPRE)read_servi.$(OBJEXT): read_servi.c $(SRCTOP)/include/k5-int.h \ $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h + $(BUILDTOP)/include/krb5.h $(SRCTOP)/include/krb5/kdb.h \ + $(BUILDTOP)/include/profile.h diff --git a/src/lib/krb5/keytab/file/.Sanitize b/src/lib/krb5/keytab/file/.Sanitize deleted file mode 100644 index 7cb34b349..000000000 --- a/src/lib/krb5/keytab/file/.Sanitize +++ /dev/null @@ -1,52 +0,0 @@ -# Sanitize.in for Kerberos V5 - -# Each directory to survive it's way into a release will need a file -# like this one called "./.Sanitize". All keyword lines must exist, -# and must exist in the order specified by this file. Each directory -# in the tree will be processed, top down, in the following order. - -# Hash started lines like this one are comments and will be deleted -# before anything else is done. Blank lines will also be squashed -# out. - -# The lines between the "Do-first:" line and the "Things-to-keep:" -# line are executed as a /bin/sh shell script before anything else is -# done in this - -Do-first: - -# All files listed between the "Things-to-keep:" line and the -# "Files-to-sed:" line will be kept. All other files will be removed. -# Directories listed in this section will have their own Sanitize -# called. Directories not listed will be removed in their entirety -# with rm -rf. - -Things-to-keep: - -.cvsignore -ChangeLog -Makefile.in -configure -configure.in -ktf_add.c -ktf_close.c -ktf_defops.c -ktf_endget.c -ktf_g_ent.c -ktf_g_name.c -ktf_next.c -ktf_ops.c -ktf_remove.c -ktf_resolv.c -ktf_ssget.c -ktf_util.c -ktf_wops.c -ktf_wreslv.c -ktfile.h -ser_ktf.c - -Things-to-lose: - -Do-last: - -# End of file. diff --git a/src/lib/krb5/keytab/file/ChangeLog b/src/lib/krb5/keytab/file/ChangeLog deleted file mode 100644 index 236903792..000000000 --- a/src/lib/krb5/keytab/file/ChangeLog +++ /dev/null @@ -1,323 +0,0 @@ -2002-03-06 Ken Raeburn - - * ktf_g_ent.c (krb5_ktfile_get_entry): For non-zero kvno, match - only low 8 bits. For zero kvno, if any kvno in the keytab is over - 240, assume we're dealing with numbers 128 through (127+256) - instead. This allows for wrapping at 256 while retaining a small - set of consecutively numbered prior keys in the keytab. - -2001-11-19 Tom Yu - - * ktf_g_ent.c (krb5_ktfile_get_entry): Coerce enctype for now to - restore 1.0.x enctype similarity behavior. - -2001-10-09 Ken Raeburn - - * ktfile.h, ser_ktf.c: Make prototypes unconditional. - -2001-10-05 Ken Raeburn - - * ser_ktf.c: Drop _MSDOS support. - -2000-10-17 Ezra Peisach - - * ktf_util.c: Unsigned/signed int cleanups. - - * ktf_g_name.c, ktfile.h (krb5_ktfile_get_name): Length field now - unsigned int. - -2000-09-25 Ezra Peisach - - * ser_ktf.c (krb5_ktf_keytab_externalize): Do not violate const char * - declaration of ktfile_def_name. - - * ktf_util.c (xfwrite): Cast length field to fwrite/fread as unsigned. - -1999-10-26 Wilfredo Sanchez - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -Mon May 10 15:25:45 1999 Danilo Almeida - - * Makefile.in: Do win32 build in subdir. - -1998-11-13 Theodore Ts'o - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - -1998-10-27 Marc Horowitz - - * ktf_g_ent.c (krb5_ktfile_get_entry): restructure the code to use - the compare_enctypes function and not leak memory - -Fri Feb 27 18:03:33 1998 Theodore Ts'o - - * Makefile.in: Changed thisconfigdir to point at the lib/krb5 - directory, since we've moved all of the configure.in - tests to the toplevel lib/krb5 configure.in - -Wed Feb 18 16:23:33 1998 Tom Yu - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:03:20 1998 Theodore Ts'o - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Tue Oct 28 10:53:10 1997 Ezra Peisach - - * ktf_wreslv.c, ktf_resolv.c:Initialize version element of - krb5_ktfile_data structure. - -Mon Sep 15 15:15:33 1997 Ezra Peisach - - * ktfile.h, ktf_g_ent.c (krb5_ktfile_get_entry): Incoming principal - is krb5_const_principal. - -Sat Feb 22 22:27:53 1997 Richard Basch - - * Makefile.in: Use some of the new library list build rules in - win-post.in - -Thu Nov 21 11:55:16 EST 1996 Richard Basch - - * Makefile.in: win32 build - - * ktf_add.c, ktf_close.c, ktf_g_ent.c, ktf_g_name.c, ktf_next.c, - ktf_remove.c, ktf_resolv.c, ktf_ssget.c, ktf_wreslv.c, ktfile.h - Change the functions declarations to include FAR pointers - and KRB5_CALLCONV so that they can be utilized by a DLL. - -Thu Jan 2 17:13:26 1997 Tom Yu - - * Makefile.in: - * configure.in: Update to new library build procedure. - -Tue Nov 19 17:06:59 1996 Barry Jaspan - - * ktf_g_ent.c (krb5_ktfile_get_entry): return KRB5_KT_KVNONOTFOUND - when appropriate [krb5-libs/198] - -Wed Jul 24 17:10:11 1996 Theodore Y. Ts'o - - * ktf_g_name.c (krb5_ktfile_get_name): Use the error code - KRB5_KT_NAME_TOOLONG instead of ENAMETOOLONG, which isn't - portable. - -Fri Jul 12 21:16:50 1996 Marc Horowitz - - * ktf_g_name.c (krb5_ktfile_get_name): include the prefix in the - returned name. - -Wed Jun 12 01:09:01 1996 Theodore Ts'o - - * ser_ktf.c: Add #ifdef _WIN32 in places where we had #ifdef _MSDOS - -Thu May 9 03:05:51 1996 Richard Basch - - * ktf_g_ent.c (krb5_ktfile_get_entry): don't skip over keytab - entries with kvno=0. - -Tue Mar 19 22:28:43 1996 Richard Basch - - * ktf_g_ent.c (krb5_ktfile_get_entry): all des enctypes are equivalent - -Thu Jan 25 15:52:34 1996 Sam Hartman - - * ktf_g_ent.c (krb5_ktfile_get_entry): Match against enctype. - -Fri Jan 5 04:50:41 1996 Ezra Peisach (epeisach@kangaroo.mit.edu) - - * ser_ktf.c (krb5_ktf_keytab_internalize): Take care of gcc - warning under OSF/1. - -Fri Oct 6 22:04:15 1995 Theodore Y. Ts'o - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Mon Sep 25 16:57:39 1995 Theodore Y. Ts'o - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Wed Sep 13 10:57:08 1995 Keith Vetter (keithv@fusion.com) - - * ser_ktf.c: Added MSDOS to wherever MACINTOSH was used. - -Mon Sep 11 21:22:44 1995 Ezra Peisach - - * ser_ktf.c (krb5_ktf_keytab_externalize): On Macintosh, keytab - file is not left open - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * ktf_g_ent.c, ktf_remove.c, ktf_util.c, ktfile.h : - s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * ktf_util.c : Remove krb5_enctype references, and replace with - krb5_keytype where appropriate - -Tue Aug 29 13:38:58 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in, .Sanitize, ser_ktf.c - Add new module to support - serialization of [WR]FILE keytabs. - * ktf_{defops,ops,wops}.c - Add serializer entry. - * ktf_{resolv,wreslv}.c - Set magic number in successfully resolved - keytab. - -Wed Aug 16 02:45:19 1995 Chris Provenzano - - * ktf_util.c: Pass fds to krb5_lock_file() and krb5_unlock_file() - -Tue Aug 15 01:34:57 1995 Tom Yu - - * ktf_util.c: return KRB5_KEYTAB_BADVNO instead of -1 - -Fri Aug 4 21:51:32 1995 Tom Yu - - * ktf_util.c: shut up gcc -Wall - - * ktf_remove.c: more stuff to shut up gcc -Wall - - * ktf_next.c: Add more parens to shut up gcc -Wall - - * ktf_g_ent.c (krb5_ktfile_get_entry): Add more parens to shut up - gcc -Wall - - * ktf_add.c (krb5_ktfile_add): Add parens to shut up gcc -Wall - -Wed Jun 28 12:05:34 1995 - - * ktf_g_ent.c (krb5_ktfile_get_entry): If the key version number - is specified, check to make sure that the entry has the - correct key version number. - -Fri Jun 9 19:34:23 1995 - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Fri May 26 20:20:29 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in, Makefile.in: Add support for building shared libraries. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * *.[ch]: removed unneeded INTERFACE from non-api functions. - -Fri Mar 17 19:46:49 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (LDFLAGS): Zap duplicate. - -Tue Mar 7 21:40:18 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed library name for the PC. - -Tue Mar 7 19:55:14 1995 Mark Eichin - - * configure.in: take out ISODE_DEFS. - -Thu Mar 2 11:50:00 1995 Keith Vetter (keithv@fusion.com) - - * ktf_util.c: Changed NEED_WINSOCK_H to NEED_SOCKETS - -Wed Mar 1 16:30:00 1995 Keith Vetter (keithv@fusion.com) - - * ktf_util.c: fixed up some 16 vs 32 bit conversions. - -Tue Feb 28 01:01:15 1995 John Gilmore (gnu at toad.com) - - * *.c: Avoid includes. - -Wed Feb 22 01:27:05 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: made to work on the PC - * *.c, ktfile.h: added windows INTERFACE keyword - * ktf_util.c: removed include of - cast some 32bit ints to size_t ints - -Fri Feb 3 01:53:44 1995 John Gilmore - - Rename files for DOS 8.3 uniqueness: - * ktf_get_en.c => ktf_g_ent.c - * ktf_get_na.c => ktf_g_name.c - * Makefile.in: changed to match. - -Fri Jan 27 12:54:54 1995 Chris Provenzano (proven@mit.edu) - - * ktf_get_en.c, ktfile.h (krb5_ktfile_get_entry()) Added - krb5_keytype arg. - -Wed Jan 25 16:54:40 1995 Chris Provenzano (proven@mit.edu) - - * Removed all narrow types and references to wide.h and narrow.h - * ktf_util.c : Use a constant size for file data not subfield - size from krb5_keytab_entry - -Fri Nov 18 15:34:35 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktf_util.c (krb5_ktfileint_internal_read_entry): Add magic - numbers for keytab, principal, and keyblock. - -Wed Oct 26 14:41:31 1994 (tytso@rsx-11) - - * ktf_get_en.c (krb5_ktfile_get_entry): If the requested kvno is - IGNORE_KVNO, fix the error return so that 0 (no error) is - returned instead of KTF_NOT_FOUND. - -Thu Oct 13 17:26:12 1994 Theodore Y. Ts'o (tytso@maytag) - - * configure.in: Add ISODE_DEFS - -Tue Oct 4 16:20:48 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktf_get_en.c (krb5_ktfile_get_entry): Fix to compare using - new_entry instead of cur_entry. (Bug made in modification - on Sep 28th). Don't free cur_entry twice on errors. - - * ktfile.h - * ktf_wreslv.c (krb5_ktfile_wresolve): - * ktf_resolv.c (krb5_ktf_resolv): Resolv's first argument is now a - const char *. - -Fri Sep 30 21:56:02 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktf_ops.c (krb5_ktf_ops): - ktf_wops.c (krb5_ktf_writable_ops): - ktf_defops.c (krb5_kt_dfl_ops): Add placeholder for magic number. - -Wed Sep 28 21:14:49 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktf_get_en.c (krb5_ktfile_get_entry): Modified to return the - most recent key (with the greatest kvno), instead of the - first. - -Thu Sep 22 21:51:53 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktf_get_en.c (krb5_ktfile_get_entry): - * ktf_next.c (krb5_ktfile_get_next): - * ktf_remove.c (krb5_ktfile_remove): - * ktf_util.c (krb5_ktfileint_read_entry, - krb5_ktfileint_internal_read_entry): - * ktfile.h: Change the interface of krb5_ktfile_read_entry and - krb5_ktfile_internal_read_entry so that they don't - allocate memory for the top-level structure. All of their - callers didn't need it and were freeing it anyway. - - - * ktf_remove.c (krb5_ktfile_remove): Fix memory leak caused by not - freeing the top-level structure. - -Wed Sep 14 21:56:15 1994 Theodore Y. Ts'o (tytso@dcl) - - * ktf_util.c (krb5_ktfileint_delete_entry): Fixed bug reported by - Bill Sommerfeld where a missing byte-swap on a - little-endian machine causes the delete operation fail. - diff --git a/src/lib/krb5/keytab/file/Makefile.in b/src/lib/krb5/keytab/file/Makefile.in deleted file mode 100644 index 42a570a8e..000000000 --- a/src/lib/krb5/keytab/file/Makefile.in +++ /dev/null @@ -1,147 +0,0 @@ -thisconfigdir=./../.. -myfulldir=lib/krb5/keytab/file -mydir=keytab/file -BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) - -##DOS##BUILDTOP = ..\..\..\.. -##DOS##PREFIXDIR=keytab\file -##DOS##OBJFILE=$(OUTPRE)file.lst -##WIN16##LIBNAME=..\..\krb5.lib - -STLIBOBJS = \ - ktf_add.o \ - ktf_close.o \ - ktf_endget.o \ - ktf_g_ent.o \ - ktf_g_name.o \ - ktf_next.o \ - ktf_resolv.o \ - ktf_remove.o \ - ktf_ssget.o \ - ktf_util.o \ - ktf_ops.o \ - ktf_wops.o \ - ktf_wreslv.o \ - ktf_defops.o \ - ser_ktf.o - -SRCS= \ - $(srcdir)/ktf_add.c \ - $(srcdir)/ktf_endget.c \ - $(srcdir)/ktf_next.c \ - $(srcdir)/ktf_resolv.c \ - $(srcdir)/ktf_wops.c \ - $(srcdir)/ktf_close.c \ - $(srcdir)/ktf_g_ent.c \ - $(srcdir)/ktf_ops.c \ - $(srcdir)/ktf_ssget.c \ - $(srcdir)/ktf_wreslv.c \ - $(srcdir)/ktf_defops.c \ - $(srcdir)/ktf_g_name.c \ - $(srcdir)/ktf_remove.c \ - $(srcdir)/ktf_util.c \ - $(srcdir)/ser_ktf.c - -OBJS = \ - $(OUTPRE)ktf_add.$(OBJEXT) \ - $(OUTPRE)ktf_close.$(OBJEXT) \ - $(OUTPRE)ktf_endget.$(OBJEXT) \ - $(OUTPRE)ktf_g_ent.$(OBJEXT) \ - $(OUTPRE)ktf_g_name.$(OBJEXT) \ - $(OUTPRE)ktf_next.$(OBJEXT) \ - $(OUTPRE)ktf_resolv.$(OBJEXT) \ - $(OUTPRE)ktf_remove.$(OBJEXT) \ - $(OUTPRE)ktf_ssget.$(OBJEXT) \ - $(OUTPRE)ktf_util.$(OBJEXT) \ - $(OUTPRE)ktf_ops.$(OBJEXT) \ - $(OUTPRE)ktf_wops.$(OBJEXT) \ - $(OUTPRE)ktf_wreslv.$(OBJEXT) \ - $(OUTPRE)ktf_defops.$(OBJEXT) \ - $(OUTPRE)ser_ktf.$(OBJEXT) - -##DOS##LIBOBJS = $(OBJS) - -all-unix:: all-libobjs -clean-unix:: clean-libobjs -# +++ Dependency line eater +++ -# -# Makefile dependencies follow. This must be the last section in -# the Makefile.in file -# -ktf_add.so ktf_add.po $(OUTPRE)ktf_add.$(OBJEXT): ktf_add.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_endget.so ktf_endget.po $(OUTPRE)ktf_endget.$(OBJEXT): ktf_endget.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_next.so ktf_next.po $(OUTPRE)ktf_next.$(OBJEXT): ktf_next.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_resolv.so ktf_resolv.po $(OUTPRE)ktf_resolv.$(OBJEXT): ktf_resolv.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_wops.so ktf_wops.po $(OUTPRE)ktf_wops.$(OBJEXT): ktf_wops.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_close.so ktf_close.po $(OUTPRE)ktf_close.$(OBJEXT): ktf_close.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_g_ent.so ktf_g_ent.po $(OUTPRE)ktf_g_ent.$(OBJEXT): ktf_g_ent.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_ops.so ktf_ops.po $(OUTPRE)ktf_ops.$(OBJEXT): ktf_ops.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_ssget.so ktf_ssget.po $(OUTPRE)ktf_ssget.$(OBJEXT): ktf_ssget.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_wreslv.so ktf_wreslv.po $(OUTPRE)ktf_wreslv.$(OBJEXT): ktf_wreslv.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_defops.so ktf_defops.po $(OUTPRE)ktf_defops.$(OBJEXT): ktf_defops.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_g_name.so ktf_g_name.po $(OUTPRE)ktf_g_name.$(OBJEXT): ktf_g_name.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_remove.so ktf_remove.po $(OUTPRE)ktf_remove.$(OBJEXT): ktf_remove.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ktf_util.so ktf_util.po $(OUTPRE)ktf_util.$(OBJEXT): ktf_util.c $(BUILDTOP)/include/krb5.h \ - $(BUILDTOP)/include/profile.h $(BUILDTOP)/include/com_err.h \ - $(SRCTOP)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h \ - $(BUILDTOP)/include/krb5/autoconf.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h -ser_ktf.so ser_ktf.po $(OUTPRE)ser_ktf.$(OBJEXT): ser_ktf.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktfile.h - diff --git a/src/lib/krb5/keytab/file/ktf_add.c b/src/lib/krb5/keytab/file/ktf_add.c deleted file mode 100644 index 5ba5af79a..000000000 --- a/src/lib/krb5/keytab/file/ktf_add.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_add.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktfile_add() - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_add(context, id, entry) - krb5_context context; - krb5_keytab id; - krb5_keytab_entry *entry; -{ - krb5_error_code retval; - - if ((retval = krb5_ktfileint_openw(context, id))) - return retval; - if (fseek(KTFILEP(id), 0, 2) == -1) - return KRB5_KT_END; - retval = krb5_ktfileint_write_entry(context, id, entry); - krb5_ktfileint_close(context, id); - return retval; -} diff --git a/src/lib/krb5/keytab/file/ktf_close.c b/src/lib/krb5/keytab/file/ktf_close.c deleted file mode 100644 index d735120cc..000000000 --- a/src/lib/krb5/keytab/file/ktf_close.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_close.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * "Close" a file-based keytab and invalidate the id. This means - * free memory hidden in the structures. - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_close(context, id) - krb5_context context; - krb5_keytab id; - /* - * This routine is responsible for freeing all memory allocated - * for this keytab. There are no system resources that need - * to be freed nor are there any open files. - * - * This routine should undo anything done by krb5_ktfile_resolve(). - */ -{ - krb5_xfree(KTFILENAME(id)); - krb5_xfree(id->data); - id->ops = 0; - krb5_xfree(id); - return (0); -} diff --git a/src/lib/krb5/keytab/file/ktf_defops.c b/src/lib/krb5/keytab/file/ktf_defops.c deleted file mode 100644 index 6bba8a63f..000000000 --- a/src/lib/krb5/keytab/file/ktf_defops.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_defops.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_kt_dfl_ops - */ - -#include "k5-int.h" -#include "ktfile.h" - -extern krb5_ser_entry krb5_ktfile_ser_entry; -krb5_kt_ops krb5_kt_dfl_ops = { - 0, - "FILE", /* Prefix -- this string should not appear anywhere else! */ - krb5_ktfile_resolve, - krb5_ktfile_get_name, - krb5_ktfile_close, - krb5_ktfile_get_entry, - krb5_ktfile_start_seq_get, - krb5_ktfile_get_next, - krb5_ktfile_end_get, - 0, - 0, - (void *) &krb5_ktfile_ser_entry -}; diff --git a/src/lib/krb5/keytab/file/ktf_endget.c b/src/lib/krb5/keytab/file/ktf_endget.c deleted file mode 100644 index a007f077d..000000000 --- a/src/lib/krb5/keytab/file/ktf_endget.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_endget.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktfile_end_get() - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_end_get(context, id, cursor) - krb5_context context; -krb5_keytab id; -krb5_kt_cursor *cursor; -{ - krb5_xfree(*cursor); - return krb5_ktfileint_close(context, id); -} diff --git a/src/lib/krb5/keytab/file/ktf_g_ent.c b/src/lib/krb5/keytab/file/ktf_g_ent.c deleted file mode 100644 index 905ff6c05..000000000 --- a/src/lib/krb5/keytab/file/ktf_g_ent.c +++ /dev/null @@ -1,170 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_get_en.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This is the get_entry routine for the file based keytab implementation. - * It opens the keytab file, and either retrieves the entry or returns - * an error. - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_get_entry(context, id, principal, kvno, enctype, entry) - krb5_context context; - krb5_keytab id; - krb5_const_principal principal; - krb5_kvno kvno; - krb5_enctype enctype; - krb5_keytab_entry * entry; -{ - krb5_keytab_entry cur_entry, new_entry; - krb5_error_code kerror = 0; - int found_wrong_kvno = 0; - krb5_boolean similar; - int kvno_offset = 0; - - /* Open the keyfile for reading */ - if ((kerror = krb5_ktfileint_openr(context, id))) - return(kerror); - - /* - * For efficiency and simplicity, we'll use a while true that - * is exited with a break statement. - */ - cur_entry.principal = 0; - cur_entry.vno = 0; - cur_entry.key.contents = 0; - - while (TRUE) { - if ((kerror = krb5_ktfileint_read_entry(context, id, &new_entry))) - break; - - /* by the time this loop exits, it must either free cur_entry, - and copy new_entry there, or free new_entry. Otherwise, it - leaks. */ - - /* if the enctype is not ignored and doesn't match, free new_entry - and continue to the next */ - - if (enctype != IGNORE_ENCTYPE) { - if ((kerror = krb5_c_enctype_compare(context, enctype, - new_entry.key.enctype, - &similar))) { - krb5_kt_free_entry(context, &new_entry); - break; - } - - if (!similar) { - krb5_kt_free_entry(context, &new_entry); - continue; - } - /* - * Coerce the enctype of the output keyblock in case we - * got an inexact match on the enctype; this behavior will - * go away when the key storage architecture gets - * redesigned for 1.3. - */ - new_entry.key.enctype = enctype; - - } - - /* if the principal isn't the one requested, free new_entry - and continue to the next. */ - - if (!krb5_principal_compare(context, principal, new_entry.principal)) { - krb5_kt_free_entry(context, &new_entry); - continue; - } - - if (kvno == IGNORE_VNO) { - /* if this is the first match, or if the new vno is - bigger, free the current and keep the new. Otherwise, - free the new. */ - /* A 1.2.x keytab contains only the low 8 bits of the key - version number. Since it can be much bigger, and thus - the 8-bit value can wrap, we need some heuristics to - figure out the "highest" numbered key if some numbers - close to 255 and some near 0 are used. - - The heuristic here: - - If we have any keys with versions over 240, then assume - that all version numbers 0-127 refer to 256+N instead. - Not perfect, but maybe good enough? */ - -#define M(VNO) (((VNO) - kvno_offset + 256) % 256) - - if (new_entry.vno > 240) - kvno_offset = 128; - if (! cur_entry.principal || - M(new_entry.vno) > M(cur_entry.vno)) { - krb5_kt_free_entry(context, &cur_entry); - cur_entry = new_entry; - } else { - krb5_kt_free_entry(context, &new_entry); - } - } else { - /* if this kvno matches, free the current (will there ever - be one?), keep the new, and break out. Otherwise, remember - that we were here so we can return the right error, and - free the new */ - /* Yuck. The krb5-1.2.x keytab format only stores one byte - for the kvno, so we're toast if the kvno requested is - higher than that. Short-term workaround: only compare - the low 8 bits. */ - - if (new_entry.vno == (kvno & 0xff)) { - krb5_kt_free_entry(context, &cur_entry); - cur_entry = new_entry; - break; - } else { - found_wrong_kvno++; - krb5_kt_free_entry(context, &new_entry); - } - } - } - - if (kerror == KRB5_KT_END) { - if (cur_entry.principal) - kerror = 0; - else if (found_wrong_kvno) - kerror = KRB5_KT_KVNONOTFOUND; - else - kerror = KRB5_KT_NOTFOUND; - } - if (kerror) { - (void) krb5_ktfileint_close(context, id); - krb5_kt_free_entry(context, &cur_entry); - return kerror; - } - if ((kerror = krb5_ktfileint_close(context, id)) != 0) { - krb5_kt_free_entry(context, &cur_entry); - return kerror; - } - *entry = cur_entry; - return 0; -} diff --git a/src/lib/krb5/keytab/file/ktf_g_name.c b/src/lib/krb5/keytab/file/ktf_g_name.c deleted file mode 100644 index b3145e50c..000000000 --- a/src/lib/krb5/keytab/file/ktf_g_name.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_get_na.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Get the name of the file containing a file-based keytab. - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_get_name(context, id, name, len) - krb5_context context; - krb5_keytab id; - char *name; - unsigned int len; - /* - * This routine returns the name of the name of the file associated with - * this file-based keytab. name is zeroed and the filename is truncated - * to fit in name if necessary. The name is prefixed with PREFIX:, so that - * trt will happen if the name is passed back to resolve. - */ -{ - memset(name, 0, len); - - if (len < strlen(id->ops->prefix)+2) - return(KRB5_KT_NAME_TOOLONG); - strcpy(name, id->ops->prefix); - name += strlen(id->ops->prefix); - name[0] = ':'; - name++; - len -= strlen(id->ops->prefix)+1; - - if (len < strlen(KTFILENAME(id)+1)) - return(KRB5_KT_NAME_TOOLONG); - strcpy(name, KTFILENAME(id)); - /* strcpy will NUL-terminate the destination */ - - return(0); -} diff --git a/src/lib/krb5/keytab/file/ktf_next.c b/src/lib/krb5/keytab/file/ktf_next.c deleted file mode 100644 index 41e13d413..000000000 --- a/src/lib/krb5/keytab/file/ktf_next.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_next.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktfile_get_next() - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_get_next(context, id, entry, cursor) - krb5_context context; -krb5_keytab id; -krb5_keytab_entry *entry; -krb5_kt_cursor *cursor; -{ - long *fileoff = (long *)*cursor; - krb5_keytab_entry cur_entry; - krb5_error_code kerror; - - if (fseek(KTFILEP(id), *fileoff, 0) == -1) - return KRB5_KT_END; - if ((kerror = krb5_ktfileint_read_entry(context, id, &cur_entry))) - return kerror; - *fileoff = ftell(KTFILEP(id)); - *entry = cur_entry; - return 0; -} diff --git a/src/lib/krb5/keytab/file/ktf_ops.c b/src/lib/krb5/keytab/file/ktf_ops.c deleted file mode 100644 index 86f44a78c..000000000 --- a/src/lib/krb5/keytab/file/ktf_ops.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_ops.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktf_ops - */ - -#include "k5-int.h" -#include "ktfile.h" - -extern krb5_ser_entry krb5_ktfile_ser_entry; -struct _krb5_kt_ops krb5_ktf_ops = { - 0, - "FILE", /* Prefix -- this string should not appear anywhere else! */ - krb5_ktfile_resolve, - krb5_ktfile_get_name, - krb5_ktfile_close, - krb5_ktfile_get_entry, - krb5_ktfile_start_seq_get, - krb5_ktfile_get_next, - krb5_ktfile_end_get, - 0, - 0, - (void *) &krb5_ktfile_ser_entry -}; diff --git a/src/lib/krb5/keytab/file/ktf_remove.c b/src/lib/krb5/keytab/file/ktf_remove.c deleted file mode 100644 index 214fa6bfc..000000000 --- a/src/lib/krb5/keytab/file/ktf_remove.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_remove.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktfile_add() - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_remove(context, id, entry) - krb5_context context; -krb5_keytab id; -krb5_keytab_entry *entry; -{ - krb5_keytab_entry cur_entry; - krb5_error_code kerror; - krb5_int32 delete_point; - - if ((kerror = krb5_ktfileint_openw(context, id))) { - return kerror; - } - - /* - * For efficiency and simplicity, we'll use a while true that - * is exited with a break statement. - */ - while (TRUE) { - if ((kerror = krb5_ktfileint_internal_read_entry(context, id, - &cur_entry, - &delete_point))) - break; - - if ((entry->vno == cur_entry.vno) && - (entry->key.enctype == cur_entry.key.enctype) && - krb5_principal_compare(context, entry->principal, cur_entry.principal)) { - /* found a match */ - krb5_kt_free_entry(context, &cur_entry); - break; - } - krb5_kt_free_entry(context, &cur_entry); - } - - if (kerror == KRB5_KT_END) - kerror = KRB5_KT_NOTFOUND; - - if (kerror) { - (void) krb5_ktfileint_close(context, id); - return kerror; - } - - kerror = krb5_ktfileint_delete_entry(context, id, delete_point); - - if (kerror) { - (void) krb5_ktfileint_close(context, id); - } else { - kerror = krb5_ktfileint_close(context, id); - } - - return kerror; -} diff --git a/src/lib/krb5/keytab/file/ktf_resolv.c b/src/lib/krb5/keytab/file/ktf_resolv.c deleted file mode 100644 index 41a7a6ce4..000000000 --- a/src/lib/krb5/keytab/file/ktf_resolv.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_resolv.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This is an implementation specific resolver. It returns a keytab id - * initialized with file keytab routines. - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_resolve(context, name, id) - krb5_context context; - const char *name; - krb5_keytab *id; -{ - krb5_ktfile_data *data; - - if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL) - return(ENOMEM); - - (*id)->ops = &krb5_ktf_ops; - if ((data = (krb5_ktfile_data *)malloc(sizeof(krb5_ktfile_data))) == NULL) { - krb5_xfree(*id); - return(ENOMEM); - } - - if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) { - krb5_xfree(data); - krb5_xfree(*id); - return(ENOMEM); - } - - (void) strcpy(data->name, name); - data->openf = 0; - data->version = 0; - - (*id)->data = (krb5_pointer)data; - (*id)->magic = KV5M_KEYTAB; - return(0); -} - diff --git a/src/lib/krb5/keytab/file/ktf_ssget.c b/src/lib/krb5/keytab/file/ktf_ssget.c deleted file mode 100644 index 1676a4876..000000000 --- a/src/lib/krb5/keytab/file/ktf_ssget.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_ssget.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktfile_start_seq_get() - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_start_seq_get(context, id, cursorp) - krb5_context context; -krb5_keytab id; -krb5_kt_cursor *cursorp; -{ - krb5_error_code retval; - long *fileoff; - - if ((retval = krb5_ktfileint_openr(context, id))) - return retval; - - if (!(fileoff = (long *)malloc(sizeof(*fileoff)))) { - krb5_ktfileint_close(context, id); - return ENOMEM; - } - *fileoff = ftell(KTFILEP(id)); - *cursorp = (krb5_kt_cursor)fileoff; - - return 0; -} diff --git a/src/lib/krb5/keytab/file/ktf_util.c b/src/lib/krb5/keytab/file/ktf_util.c deleted file mode 100644 index 817374625..000000000 --- a/src/lib/krb5/keytab/file/ktf_util.c +++ /dev/null @@ -1,784 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_util.c - * - * Copyright (c) Hewlett-Packard Company 1991 - * Released to the Massachusetts Institute of Technology for inclusion - * in the Kerberos source code distribution. - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This function contains utilities for the file based implementation of - * the keytab. There are no public functions in this file. - * - * This file is the only one that has knowledge of the format of a - * keytab file. - * - * The format is as follows: - * - * - * - * principal timestamp vno key - * - * principal timestamp vno key - * .... - * - * A length field (sizeof(krb5_int32)) exists between entries. When this - * length is positive it indicates an active entry, when negative a hole. - * The length indicates the size of the block in the file (this may be - * larger than the size of the next record, since we are using a first - * fit algorithm for re-using holes and the first fit may be larger than - * the entry we are writing). Another (compatible) implementation could - * break up holes when allocating them to smaller entries to minimize - * wasted space. (Such an implementation should also coalesce adjacent - * holes to reduce fragmentation). This implementation does neither. - * - * There are no separators between fields of an entry. - * A principal is a length-encoded array of length-encoded strings. The - * length is a krb5_int16 in each case. The specific format, then, is - * multiple entries concatinated with no separators. An entry has this - * exact format: - * - * sizeof(krb5_int16) bytes for number of components in the principal; - * then, each component listed in ordser. - * For each component, sizeof(krb5_int16) bytes for the number of bytes - * in the component, followed by the component. - * sizeof(krb5_int32) for the principal type (for KEYTAB V2 and higher) - * sizeof(krb5_int32) bytes for the timestamp - * sizeof(krb5_octet) bytes for the key version number - * sizeof(krb5_int16) bytes for the enctype - * sizeof(krb5_int32) bytes for the key length, followed by the key - */ - -#define NEED_SOCKETS -#include "krb5.h" -#include "k5-int.h" -#include - -#include "ktfile.h" - -#ifndef SEEK_SET -#define SEEK_SET 0 -#define SEEK_CUR 1 -#endif - -typedef krb5_int16 krb5_kt_vno; - -krb5_kt_vno krb5_kt_default_vno = KRB5_KT_DEFAULT_VNO; - -#define xfwrite(a, b, c, d) fwrite((char *)a, b, (unsigned) c, d) -#define xfread(a, b, c, d) fread((char *)a, b, (unsigned) c, d) - -#ifdef ANSI_STDIO -static char *fopen_mode_rbplus= "rb+"; -static char *fopen_mode_rb = "rb"; -#else -static char *fopen_mode_rbplus= "r+"; -static char *fopen_mode_rb = "r"; -#endif - -#ifndef HAVE_ERRNO -extern int errno; -#endif - -static krb5_error_code -krb5_ktfileint_open(context, id, mode) - krb5_context context; -krb5_keytab id; -int mode; -{ - krb5_error_code kerror; - krb5_kt_vno kt_vno; - int writevno = 0; - - KTFILEP(id) = fopen(KTFILENAME(id), - (mode == KRB5_LOCKMODE_EXCLUSIVE) ? - fopen_mode_rbplus : fopen_mode_rb); - if (!KTFILEP(id)) { - if ((mode == KRB5_LOCKMODE_EXCLUSIVE) && (errno == ENOENT)) { - /* try making it first time around */ - krb5_create_secure_file(context, KTFILENAME(id)); - KTFILEP(id) = fopen(KTFILENAME(id), fopen_mode_rbplus); - if (!KTFILEP(id)) - return errno; - writevno = 1; - } else /* some other error */ - return errno; - } - if ((kerror = krb5_lock_file(context, fileno(KTFILEP(id)), mode))) { - (void) fclose(KTFILEP(id)); - KTFILEP(id) = 0; - return kerror; - } - /* assume ANSI or BSD-style stdio */ - setbuf(KTFILEP(id), NULL); - - /* get the vno and verify it */ - if (writevno) { - kt_vno = htons(krb5_kt_default_vno); - KTVERSION(id) = krb5_kt_default_vno; - if (!xfwrite(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) { - kerror = errno; - (void) krb5_unlock_file(context, fileno(KTFILEP(id))); - (void) fclose(KTFILEP(id)); - return kerror; - } - } else { - /* gotta verify it instead... */ - if (!xfread(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) { - kerror = errno; - (void) krb5_unlock_file(context, fileno(KTFILEP(id))); - (void) fclose(KTFILEP(id)); - return kerror; - } - kt_vno = KTVERSION(id) = ntohs(kt_vno); - if ((kt_vno != KRB5_KT_VNO) && - (kt_vno != KRB5_KT_VNO_1)) { - (void) krb5_unlock_file(context, fileno(KTFILEP(id))); - (void) fclose(KTFILEP(id)); - return KRB5_KEYTAB_BADVNO; - } - } - return 0; -} - -krb5_error_code -krb5_ktfileint_openr(context, id) - krb5_context context; -krb5_keytab id; -{ - return krb5_ktfileint_open(context, id, KRB5_LOCKMODE_SHARED); -} - -krb5_error_code -krb5_ktfileint_openw(context, id) - krb5_context context; -krb5_keytab id; -{ - return krb5_ktfileint_open(context, id, KRB5_LOCKMODE_EXCLUSIVE); -} - -krb5_error_code -krb5_ktfileint_close(context, id) - krb5_context context; -krb5_keytab id; -{ - krb5_error_code kerror; - - if (!KTFILEP(id)) - return 0; - kerror = krb5_unlock_file(context, fileno(KTFILEP(id))); - (void) fclose(KTFILEP(id)); - KTFILEP(id) = 0; - return kerror; -} - -krb5_error_code -krb5_ktfileint_delete_entry(context, id, delete_point) - krb5_context context; -krb5_keytab id; -krb5_int32 delete_point; -{ - krb5_int32 size; - krb5_int32 len; - char iobuf[BUFSIZ]; - - if (fseek(KTFILEP(id), delete_point, SEEK_SET)) { - return errno; - } - if (!xfread(&size, sizeof(size), 1, KTFILEP(id))) { - return KRB5_KT_END; - } - if (KTVERSION(id) != KRB5_KT_VNO_1) - size = ntohl(size); - - if (size > 0) { - krb5_int32 minus_size = -size; - if (KTVERSION(id) != KRB5_KT_VNO_1) - minus_size = htonl(minus_size); - - if (fseek(KTFILEP(id), delete_point, SEEK_SET)) { - return errno; - } - - if (!xfwrite(&minus_size, sizeof(minus_size), 1, KTFILEP(id))) { - return KRB5_KT_IOERR; - } - - if (size < BUFSIZ) { - len = size; - } else { - len = BUFSIZ; - } - - memset(iobuf, 0, (size_t) len); - while (size > 0) { - xfwrite(iobuf, 1, (size_t) len, KTFILEP(id)); - size -= len; - if (size < len) { - len = size; - } - } - - return krb5_sync_disk_file(context, KTFILEP(id)); - } - - return 0; -} - -krb5_error_code -krb5_ktfileint_internal_read_entry(context, id, ret_entry, delete_point) - krb5_context context; -krb5_keytab id; -krb5_keytab_entry *ret_entry; -krb5_int32 *delete_point; -{ - krb5_octet vno; - krb5_int16 count; - unsigned int u_count, u_princ_size; - krb5_int16 enctype; - krb5_int16 princ_size; - register int i; - krb5_int32 size; - krb5_int32 start_pos; - krb5_error_code error; - char *tmpdata; - krb5_data *princ; - - memset(ret_entry, 0, sizeof(krb5_keytab_entry)); - ret_entry->magic = KV5M_KEYTAB_ENTRY; - - /* fseek to synchronise buffered I/O on the key table. */ - - if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) - { - return errno; - } - - do { - *delete_point = ftell(KTFILEP(id)); - if (!xfread(&size, sizeof(size), 1, KTFILEP(id))) { - return KRB5_KT_END; - } - if (KTVERSION(id) != KRB5_KT_VNO_1) - size = ntohl(size); - - if (size < 0) { - if (fseek(KTFILEP(id), -size, SEEK_CUR)) { - return errno; - } - } - } while (size < 0); - - if (size == 0) { - return KRB5_KT_END; - } - - start_pos = ftell(KTFILEP(id)); - - /* deal with guts of parsing... */ - - /* first, int16 with #princ components */ - if (!xfread(&count, sizeof(count), 1, KTFILEP(id))) - return KRB5_KT_END; - if (KTVERSION(id) == KRB5_KT_VNO_1) { - count -= 1; /* V1 includes the realm in the count */ - } else { - count = ntohs(count); - } - if (!count || (count < 0)) - return KRB5_KT_END; - ret_entry->principal = (krb5_principal)malloc(sizeof(krb5_principal_data)); - if (!ret_entry->principal) - return ENOMEM; - - u_count = count; - ret_entry->principal->magic = KV5M_PRINCIPAL; - ret_entry->principal->length = u_count; - ret_entry->principal->data = (krb5_data *) - calloc(u_count, sizeof(krb5_data)); - if (!ret_entry->principal->data) { - free(ret_entry->principal); - ret_entry->principal = 0; - return ENOMEM; - } - - /* Now, get the realm data */ - if (!xfread(&princ_size, sizeof(princ_size), 1, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - if (KTVERSION(id) != KRB5_KT_VNO_1) - princ_size = ntohs(princ_size); - if (!princ_size || (princ_size < 0)) { - error = KRB5_KT_END; - goto fail; - } - u_princ_size = princ_size; - - krb5_princ_set_realm_length(context, ret_entry->principal, u_princ_size); - tmpdata = malloc(u_princ_size+1); - if (!tmpdata) { - error = ENOMEM; - goto fail; - } - if (fread(tmpdata, 1, u_princ_size, KTFILEP(id)) != (size_t) princ_size) { - free(tmpdata); - error = KRB5_KT_END; - goto fail; - } - tmpdata[princ_size] = 0; /* Some things might be expecting null */ - /* termination... ``Be conservative in */ - /* what you send out'' */ - krb5_princ_set_realm_data(context, ret_entry->principal, tmpdata); - - for (i = 0; i < count; i++) { - princ = krb5_princ_component(context, ret_entry->principal, i); - if (!xfread(&princ_size, sizeof(princ_size), 1, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - if (KTVERSION(id) != KRB5_KT_VNO_1) - princ_size = ntohs(princ_size); - if (!princ_size || (princ_size < 0)) { - error = KRB5_KT_END; - goto fail; - } - - u_princ_size = princ_size; - princ->length = u_princ_size; - princ->data = malloc(u_princ_size+1); - if (!princ->data) { - error = ENOMEM; - goto fail; - } - if (!xfread(princ->data, sizeof(char), u_princ_size, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - princ->data[princ_size] = 0; /* Null terminate */ - } - - /* read in the principal type, if we can get it */ - if (KTVERSION(id) != KRB5_KT_VNO_1) { - if (!xfread(&ret_entry->principal->type, - sizeof(ret_entry->principal->type), 1, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - ret_entry->principal->type = ntohl(ret_entry->principal->type); - } - - /* read in the timestamp */ - if (!xfread(&ret_entry->timestamp, sizeof(ret_entry->timestamp), 1, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - if (KTVERSION(id) != KRB5_KT_VNO_1) - ret_entry->timestamp = ntohl(ret_entry->timestamp); - - /* read in the version number */ - if (!xfread(&vno, sizeof(vno), 1, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - ret_entry->vno = (krb5_kvno)vno; - - /* key type */ - if (!xfread(&enctype, sizeof(enctype), 1, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - ret_entry->key.enctype = (krb5_enctype)enctype; - - if (KTVERSION(id) != KRB5_KT_VNO_1) - ret_entry->key.enctype = ntohs(ret_entry->key.enctype); - - /* key contents */ - ret_entry->key.magic = KV5M_KEYBLOCK; - - if (!xfread(&count, sizeof(count), 1, KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - if (KTVERSION(id) != KRB5_KT_VNO_1) - count = ntohs(count); - if (!count || (count < 0)) { - error = KRB5_KT_END; - goto fail; - } - - u_count = count; - ret_entry->key.length = u_count; - - ret_entry->key.contents = (krb5_octet *)malloc(u_count); - if (!ret_entry->key.contents) { - error = ENOMEM; - goto fail; - } - if (!xfread(ret_entry->key.contents, sizeof(krb5_octet), count, - KTFILEP(id))) { - error = KRB5_KT_END; - goto fail; - } - - /* - * Reposition file pointer to the next inter-record length field. - */ - fseek(KTFILEP(id), start_pos + size, SEEK_SET); - return 0; -fail: - - for (i = 0; i < ret_entry->principal->length; i++) { - princ = krb5_princ_component(context, ret_entry->principal, i); - if (princ->data) - free(princ->data); - } - free(ret_entry->principal->data); - ret_entry->principal->data = 0; - free(ret_entry->principal); - ret_entry->principal = 0; - return error; -} - -krb5_error_code -krb5_ktfileint_read_entry(context, id, entryp) - krb5_context context; -krb5_keytab id; -krb5_keytab_entry *entryp; -{ - krb5_int32 delete_point; - - return krb5_ktfileint_internal_read_entry(context, id, entryp, &delete_point); -} - -krb5_error_code -krb5_ktfileint_write_entry(context, id, entry) - krb5_context context; -krb5_keytab id; -krb5_keytab_entry *entry; -{ - krb5_octet vno; - krb5_data *princ; - krb5_int16 count, size, enctype; - krb5_error_code retval = 0; - krb5_timestamp timestamp; - krb5_int32 princ_type; - krb5_int32 size_needed; - krb5_int32 commit_point; - int i; - char iobuf[BUFSIZ]; - - retval = krb5_ktfileint_size_entry(context, entry, &size_needed); - if (retval) - return retval; - retval = krb5_ktfileint_find_slot(context, id, &size_needed, &commit_point); - if (retval) - return retval; - - setbuf(KTFILEP(id), iobuf); - - /* fseek to synchronise buffered I/O on the key table. */ - - if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) - { - return errno; - } - - if (KTVERSION(id) == KRB5_KT_VNO_1) { - count = (krb5_int16) entry->principal->length + 1; - } else { - count = htons((u_short) entry->principal->length); - } - - if (!xfwrite(&count, sizeof(count), 1, KTFILEP(id))) { - abend: - setbuf(KTFILEP(id), 0); - return KRB5_KT_IOERR; - } - size = krb5_princ_realm(context, entry->principal)->length; - if (KTVERSION(id) != KRB5_KT_VNO_1) - size = htons(size); - if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { - goto abend; - } - if (!xfwrite(krb5_princ_realm(context, entry->principal)->data, sizeof(char), - krb5_princ_realm(context, entry->principal)->length, KTFILEP(id))) { - goto abend; - } - - count = (krb5_int16) entry->principal->length; - for (i = 0; i < count; i++) { - princ = krb5_princ_component(context, entry->principal, i); - size = princ->length; - if (KTVERSION(id) != KRB5_KT_VNO_1) - size = htons(size); - if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { - goto abend; - } - if (!xfwrite(princ->data, sizeof(char), princ->length, KTFILEP(id))) { - goto abend; - } - } - - /* - * Write out the principal type - */ - if (KTVERSION(id) != KRB5_KT_VNO_1) { - princ_type = htonl(krb5_princ_type(context, entry->principal)); - if (!xfwrite(&princ_type, sizeof(princ_type), 1, KTFILEP(id))) { - goto abend; - } - } - - /* - * Fill in the time of day the entry was written to the keytab. - */ - if (krb5_timeofday(context, &entry->timestamp)) { - entry->timestamp = 0; - } - if (KTVERSION(id) == KRB5_KT_VNO_1) - timestamp = entry->timestamp; - else - timestamp = htonl(entry->timestamp); - if (!xfwrite(×tamp, sizeof(timestamp), 1, KTFILEP(id))) { - goto abend; - } - - /* key version number */ - vno = (krb5_octet)entry->vno; - if (!xfwrite(&vno, sizeof(vno), 1, KTFILEP(id))) { - goto abend; - } - /* key type */ - if (KTVERSION(id) == KRB5_KT_VNO_1) - enctype = entry->key.enctype; - else - enctype = htons(entry->key.enctype); - if (!xfwrite(&enctype, sizeof(enctype), 1, KTFILEP(id))) { - goto abend; - } - /* key length */ - if (KTVERSION(id) == KRB5_KT_VNO_1) - size = entry->key.length; - else - size = htons(entry->key.length); - if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { - goto abend; - } - if (!xfwrite(entry->key.contents, sizeof(krb5_octet), - entry->key.length, KTFILEP(id))) { - memset(iobuf, 0, sizeof(iobuf)); - setbuf(KTFILEP(id), 0); - return KRB5_KT_IOERR; - } - - retval = krb5_sync_disk_file(context, KTFILEP(id)); - (void) memset(iobuf, 0, sizeof(iobuf)); - setbuf(KTFILEP(id), 0); - - if (retval) { - return retval; - } - - if (fseek(KTFILEP(id), commit_point, SEEK_SET)) { - return errno; - } - if (KTVERSION(id) != KRB5_KT_VNO_1) - size_needed = htonl(size_needed); - if (!xfwrite(&size_needed, sizeof(size_needed), 1, KTFILEP(id))) { - goto abend; - } - retval = krb5_sync_disk_file(context, KTFILEP(id)); - - return retval; -} - -/* - * Determine the size needed for a file entry for the given - * keytab entry. - */ -krb5_error_code -krb5_ktfileint_size_entry(context, entry, size_needed) - krb5_context context; -krb5_keytab_entry *entry; -krb5_int32 *size_needed; -{ - krb5_int16 count; - krb5_int32 total_size, i; - krb5_error_code retval = 0; - - count = (krb5_int16) entry->principal->length; - - total_size = sizeof(count); - total_size += krb5_princ_realm(context, entry->principal)->length + (sizeof(krb5_int16)); - - for (i = 0; i < count; i++) { - total_size += krb5_princ_component(context, entry->principal,i)->length - + (sizeof(krb5_int16)); - } - - total_size += sizeof(entry->principal->type); - total_size += sizeof(entry->timestamp); - total_size += sizeof(krb5_octet); - total_size += sizeof(krb5_int16); - total_size += sizeof(krb5_int16) + entry->key.length; - - *size_needed = total_size; - return retval; -} - -/* - * Find and reserve a slot in the file for an entry of the needed size. - * The commit point will be set to the position in the file where the - * the length (sizeof(krb5_int32) bytes) of this node should be written - * when commiting the write. The file position left as a result of this - * call is the position where the actual data should be written. - * - * The size_needed argument may be adjusted if we find a hole that is - * larger than the size needed. (Recall that size_needed will be used - * to commit the write, but that this field must indicate the size of the - * block in the file rather than the size of the actual entry) - */ -krb5_error_code -krb5_ktfileint_find_slot(context, id, size_needed, commit_point) - krb5_context context; -krb5_keytab id; -krb5_int32 *size_needed; -krb5_int32 *commit_point; -{ - krb5_int32 size; - krb5_int32 remainder; - krb5_int32 zero_point; - krb5_kt_vno kt_vno; - krb5_boolean found = FALSE; - char iobuf[BUFSIZ]; - - /* - * Skip over file version number - */ - if (fseek(KTFILEP(id), 0, SEEK_SET)) { - return errno; - } - if (!xfread(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) { - return KRB5_KT_IOERR; - } - - while (!found) { - *commit_point = ftell(KTFILEP(id)); - if (!xfread(&size, sizeof(size), 1, KTFILEP(id))) { - /* - * Hit the end of file, reserve this slot. - */ - setbuf(KTFILEP(id), 0); - size = 0; - - /* fseek to synchronise buffered I/O on the key table. */ - - if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) - { - return errno; - } - -#ifdef notdef - /* We don't have to do this because htonl(0) == 0 */ - if (KTVERSION(id) != KRB5_KT_VNO_1) - size = htonl(size); -#endif - - if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { - return KRB5_KT_IOERR; - } - found = TRUE; - } - - if (KTVERSION(id) != KRB5_KT_VNO_1) - size = ntohl(size); - - if (size > 0) { - if (fseek(KTFILEP(id), size, SEEK_CUR)) { - return errno; - } - } else if (!found) { - size = -size; - if (size >= *size_needed) { - *size_needed = size; - found = TRUE; - } else if (size > 0) { - /* - * The current hole is not large enough, so skip it - */ - if (fseek(KTFILEP(id), size, SEEK_CUR)) { - return errno; - } - } else { - - /* fseek to synchronise buffered I/O on the key table. */ - - if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) - { - return errno; - } - - /* - * Found the end of the file (marked by a 0 length buffer) - * Make sure we zero any trailing data. - */ - zero_point = ftell(KTFILEP(id)); - setbuf(KTFILEP(id), iobuf); - while ((size = xfread(iobuf, 1, sizeof(iobuf), KTFILEP(id)))) { - if (size != sizeof(iobuf)) { - remainder = size % sizeof(krb5_int32); - if (remainder) { - size += sizeof(krb5_int32) - remainder; - } - } - - if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) - { - return errno; - } - - memset(iobuf, 0, (size_t) size); - xfwrite(iobuf, 1, (size_t) size, KTFILEP(id)); - if (feof(KTFILEP(id))) { - break; - } - - if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) - { - return errno; - } - - } - setbuf(KTFILEP(id), 0); - if (fseek(KTFILEP(id), zero_point, SEEK_SET)) { - return errno; - } - } - } - } - - return 0; -} - diff --git a/src/lib/krb5/keytab/file/ktf_wops.c b/src/lib/krb5/keytab/file/ktf_wops.c deleted file mode 100644 index 833e4d66f..000000000 --- a/src/lib/krb5/keytab/file/ktf_wops.c +++ /dev/null @@ -1,47 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_wops.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktf_writable_ops - */ - -#include "k5-int.h" -#include "ktfile.h" - -extern krb5_ser_entry krb5_ktfile_ser_entry; -struct _krb5_kt_ops krb5_ktf_writable_ops = { - 0, - "WRFILE", /* Prefix -- this string should not appear anywhere else! */ - krb5_ktfile_wresolve, - krb5_ktfile_get_name, - krb5_ktfile_close, - krb5_ktfile_get_entry, - krb5_ktfile_start_seq_get, - krb5_ktfile_get_next, - krb5_ktfile_end_get, - krb5_ktfile_add, - krb5_ktfile_remove, - (void *) &krb5_ktfile_ser_entry -}; diff --git a/src/lib/krb5/keytab/file/ktf_wreslv.c b/src/lib/krb5/keytab/file/ktf_wreslv.c deleted file mode 100644 index 523d98370..000000000 --- a/src/lib/krb5/keytab/file/ktf_wreslv.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * lib/krb5/keytab/file/ktf_wreslv.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This is an implementation specific resolver. It returns a keytab id - * initialized with file keytab routines. - */ - -#include "k5-int.h" -#include "ktfile.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktfile_wresolve(context, name, id) - krb5_context context; - const char *name; - krb5_keytab *id; -{ - krb5_ktfile_data *data; - - if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL) - return(ENOMEM); - - (*id)->ops = &krb5_ktf_writable_ops; - if ((data = (krb5_ktfile_data *)malloc(sizeof(krb5_ktfile_data))) == NULL) { - krb5_xfree(*id); - return(ENOMEM); - } - - if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) { - krb5_xfree(data); - krb5_xfree(*id); - return(ENOMEM); - } - - (void) strcpy(data->name, name); - data->openf = 0; - data->version = 0; - - (*id)->data = (krb5_pointer)data; - (*id)->magic = KV5M_KEYTAB; - return(0); -} - diff --git a/src/lib/krb5/keytab/file/ktfile.h b/src/lib/krb5/keytab/file/ktfile.h deleted file mode 100644 index 2f17b9fdf..000000000 --- a/src/lib/krb5/keytab/file/ktfile.h +++ /dev/null @@ -1,168 +0,0 @@ -/* - * lib/krb5/keytab/file/ktfile.h - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This header file contains information needed by internal routines - * of the file-based ticket cache implementation. - */ - - -#ifndef KRB5_KTFILE__ -#define KRB5_KTFILE__ - -#include - -/* - * Constants - */ -#define IGNORE_VNO 0 -#define IGNORE_ENCTYPE 0 - -#define KRB5_KT_VNO_1 0x0501 /* krb v5, keytab version 1 (DCE compat) */ -#define KRB5_KT_VNO 0x0502 /* krb v5, keytab version 2 (standard) */ - -#define KRB5_KT_DEFAULT_VNO KRB5_KT_VNO - -/* - * Types - */ -typedef struct _krb5_ktfile_data { - char *name; /* Name of the file */ - FILE *openf; /* open file, if any. */ - int version; /* Version number of keytab */ -} krb5_ktfile_data; - -/* - * Macros - */ -#define KTPRIVATE(id) ((krb5_ktfile_data *)(id)->data) -#define KTFILENAME(id) (((krb5_ktfile_data *)(id)->data)->name) -#define KTFILEP(id) (((krb5_ktfile_data *)(id)->data)->openf) -#define KTVERSION(id) (((krb5_ktfile_data *)(id)->data)->version) - -extern struct _krb5_kt_ops krb5_ktf_ops; -extern struct _krb5_kt_ops krb5_ktf_writable_ops; - -krb5_error_code KRB5_CALLCONV krb5_ktfile_resolve - (krb5_context, - const char *, - krb5_keytab *); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_wresolve - (krb5_context, - const char *, - krb5_keytab *); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_get_name - (krb5_context, - krb5_keytab, - char *, - unsigned int); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_close - (krb5_context, - krb5_keytab); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_get_entry - (krb5_context, - krb5_keytab, - krb5_const_principal, - krb5_kvno, - krb5_enctype, - krb5_keytab_entry *); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_start_seq_get - (krb5_context, - krb5_keytab, - krb5_kt_cursor *); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_get_next - (krb5_context, - krb5_keytab, - krb5_keytab_entry *, - krb5_kt_cursor *); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_end_get - (krb5_context, - krb5_keytab, - krb5_kt_cursor *); - -/* routines to be included on extended version (write routines) */ -krb5_error_code KRB5_CALLCONV krb5_ktfile_add - (krb5_context, - krb5_keytab, - krb5_keytab_entry *); - -krb5_error_code KRB5_CALLCONV krb5_ktfile_remove - (krb5_context, - krb5_keytab, - krb5_keytab_entry *); - -krb5_error_code krb5_ktfileint_openr - (krb5_context, - krb5_keytab); - -krb5_error_code krb5_ktfileint_openw - (krb5_context, - krb5_keytab); - -krb5_error_code krb5_ktfileint_close - (krb5_context, - krb5_keytab); - -krb5_error_code krb5_ktfileint_read_entry - (krb5_context, - krb5_keytab, - krb5_keytab_entry *); - -krb5_error_code krb5_ktfileint_write_entry - (krb5_context, - krb5_keytab, - krb5_keytab_entry *); - -krb5_error_code krb5_ktfileint_delete_entry - (krb5_context, - krb5_keytab, - krb5_int32); - -krb5_error_code krb5_ktfileint_internal_read_entry - (krb5_context, - krb5_keytab, - krb5_keytab_entry *, - krb5_int32 *); - -krb5_error_code krb5_ktfileint_size_entry - (krb5_context, - krb5_keytab_entry *, - krb5_int32 *); - -krb5_error_code krb5_ktfileint_find_slot - (krb5_context, - krb5_keytab, - krb5_int32 *, - krb5_int32 *); - - -#endif /* KRB5_KTFILE__ */ diff --git a/src/lib/krb5/keytab/file/ser_ktf.c b/src/lib/krb5/keytab/file/ser_ktf.c deleted file mode 100644 index 4655e8c8a..000000000 --- a/src/lib/krb5/keytab/file/ser_ktf.c +++ /dev/null @@ -1,332 +0,0 @@ -/* - * lib/krb5/keytab/file/ser_ktf.c - * - * Copyright 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ - -/* - * ser_ktf.c - Serialize keytab file context for subsequent reopen. - */ -#include "k5-int.h" -#include "ktfile.h" - -static const char ktfile_def_name[] = "."; - -/* - * Routines to deal with externalizing krb5_keytab for [WR]FILE: variants. - * krb5_ktf_keytab_size(); - * krb5_ktf_keytab_externalize(); - * krb5_ktf_keytab_internalize(); - */ -static krb5_error_code krb5_ktf_keytab_size - (krb5_context, krb5_pointer, size_t *); -static krb5_error_code krb5_ktf_keytab_externalize - (krb5_context, krb5_pointer, krb5_octet **, size_t *); -static krb5_error_code krb5_ktf_keytab_internalize - (krb5_context,krb5_pointer *, krb5_octet **, size_t *); - -/* - * Serialization entry for this type. - */ -const krb5_ser_entry krb5_ktfile_ser_entry = { - KV5M_KEYTAB, /* Type */ - krb5_ktf_keytab_size, /* Sizer routine */ - krb5_ktf_keytab_externalize, /* Externalize routine */ - krb5_ktf_keytab_internalize /* Internalize routine */ -}; - -/* - * krb5_ktf_keytab_size() - Determine the size required to externalize - * this krb5_keytab variant. - */ -static krb5_error_code -krb5_ktf_keytab_size(kcontext, arg, sizep) - krb5_context kcontext; - krb5_pointer arg; - size_t *sizep; -{ - krb5_error_code kret; - krb5_keytab keytab; - size_t required; - krb5_ktfile_data *ktdata; - - kret = EINVAL; - if ((keytab = (krb5_keytab) arg)) { - /* - * Saving FILE: variants of krb5_keytab requires at minimum: - * krb5_int32 for KV5M_KEYTAB - * krb5_int32 for length of keytab name. - * krb5_int32 for file status. - * krb5_int32 for file position. - * krb5_int32 for file position. - * krb5_int32 for version. - * krb5_int32 for KV5M_KEYTAB - */ - required = sizeof(krb5_int32) * 7; - if (keytab->ops && keytab->ops->prefix) - required += (strlen(keytab->ops->prefix)+1); - - /* - * The keytab name is formed as follows: - * : - * If there's no name, we use a default name so that we have something - * to call krb5_keytab_resolve with. - */ - ktdata = (krb5_ktfile_data *) keytab->data; - required += strlen((ktdata && ktdata->name) ? - ktdata->name : ktfile_def_name); - kret = 0; - - if (!kret) - *sizep += required; - } - return(kret); -} - -/* - * krb5_ktf_keytab_externalize() - Externalize the krb5_keytab. - */ -static krb5_error_code -krb5_ktf_keytab_externalize(kcontext, arg, buffer, lenremain) - krb5_context kcontext; - krb5_pointer arg; - krb5_octet **buffer; - size_t *lenremain; -{ - krb5_error_code kret; - krb5_keytab keytab; - size_t required; - krb5_octet *bp; - size_t remain; - krb5_ktfile_data *ktdata; - krb5_int32 file_is_open; - krb5_int32 file_pos[2]; - char *ktname; - size_t namelen; - const char *fnamep; - - required = 0; - bp = *buffer; - remain = *lenremain; - kret = EINVAL; - if ((keytab = (krb5_keytab) arg)) { - kret = ENOMEM; - if (!krb5_ktf_keytab_size(kcontext, arg, &required) && - (required <= remain)) { - /* Our identifier */ - (void) krb5_ser_pack_int32(KV5M_KEYTAB, &bp, &remain); - - ktdata = (krb5_ktfile_data *) keytab->data; - file_is_open = 0; - file_pos[0] = 0; - file_pos[1] = 0; - - /* Calculate the length of the name */ - namelen = (keytab->ops && keytab->ops->prefix) ? - strlen(keytab->ops->prefix)+1 : 0; - if (ktdata && ktdata->name) - fnamep = ktdata->name; - else - fnamep = ktfile_def_name; - namelen += (strlen(fnamep)+1); - - if ((ktname = (char *) malloc(namelen))) { - /* Format the keytab name. */ - if (keytab->ops && keytab->ops->prefix) - sprintf(ktname, "%s:%s", keytab->ops->prefix, fnamep); - - else - strcpy(ktname, fnamep); - - /* Fill in the file-specific keytab information. */ - if (ktdata) { - if (ktdata->openf) { - long fpos; - int fflags = 0; - - file_is_open = 1; -#if !defined( macintosh) && !defined(_WIN32) - fflags = fcntl(fileno(ktdata->openf), F_GETFL, 0); - if (fflags > 0) - file_is_open |= ((fflags & O_ACCMODE) << 1); -#else - file_is_open = 0; -#endif - fpos = ftell(ktdata->openf); -#if SIZEOF_LONG == 4 - file_pos[0] = fpos; -#else /* SIZEOF_LONG == 4 */ - file_pos[0] = fpos & 0xffffffff; - file_pos[1] = (fpos >> 32) & 0xffffffff; -#endif /* SIZEOF_LONG == 4 */ - } - } - - /* Put the length of the file name */ - (void) krb5_ser_pack_int32((krb5_int32) strlen(ktname), - &bp, &remain); - - /* Put the name */ - (void) krb5_ser_pack_bytes((krb5_octet *) ktname, - strlen(ktname), - &bp, &remain); - - /* Put the file open flag */ - (void) krb5_ser_pack_int32(file_is_open, &bp, &remain); - - /* Put the file position */ - (void) krb5_ser_pack_int32(file_pos[0], &bp, &remain); - (void) krb5_ser_pack_int32(file_pos[1], &bp, &remain); - - /* Put the version */ - (void) krb5_ser_pack_int32((krb5_int32) ((ktdata) ? - ktdata->version : 0), - &bp, &remain); - - /* Put the trailer */ - (void) krb5_ser_pack_int32(KV5M_KEYTAB, &bp, &remain); - kret = 0; - *buffer = bp; - *lenremain = remain; - free(ktname); - } - } - } - return(kret); -} - -/* - * krb5_ktf_keytab_internalize() - Internalize the krb5_ktf_keytab. - */ -static krb5_error_code -krb5_ktf_keytab_internalize(kcontext, argp, buffer, lenremain) - krb5_context kcontext; - krb5_pointer *argp; - krb5_octet **buffer; - size_t *lenremain; -{ - krb5_error_code kret; - krb5_keytab keytab; - krb5_int32 ibuf; - krb5_octet *bp; - size_t remain; - char *ktname; - krb5_ktfile_data *ktdata; - krb5_int32 file_is_open; - krb5_int32 foffbuf[2]; - - bp = *buffer; - remain = *lenremain; - kret = EINVAL; - /* Read our magic number */ - if (krb5_ser_unpack_int32(&ibuf, &bp, &remain)) - ibuf = 0; - if (ibuf == KV5M_KEYTAB) { - kret = ENOMEM; - - /* Get the length of the keytab name */ - kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); - - if (!kret && - (ktname = (char *) malloc((size_t) (ibuf+1))) && - !(kret = krb5_ser_unpack_bytes((krb5_octet *) ktname, - (size_t) ibuf, - &bp, &remain))) { - ktname[ibuf] = '\0'; - kret = krb5_kt_resolve(kcontext, ktname, &keytab); - if (!kret) { - kret = ENOMEM; - ktdata = (krb5_ktfile_data *) keytab->data; - if (!ktdata) { - /* XXX */ - keytab->data = (void *) malloc(sizeof(krb5_ktfile_data)); - ktdata = (krb5_ktfile_data *) keytab->data; - memset(ktdata, 0, sizeof(krb5_ktfile_data)); - if (strchr(ktname, (int) ':')) - ktdata->name = strdup(strchr(ktname, (int) ':')+1); - else - ktdata->name = strdup(ktname); - } - if (ktdata) { - if (remain >= (sizeof(krb5_int32)*5)) { - (void) krb5_ser_unpack_int32(&file_is_open, - &bp, &remain); - (void) krb5_ser_unpack_int32(&foffbuf[0], - &bp, &remain); - (void) krb5_ser_unpack_int32(&foffbuf[1], - &bp, &remain); - (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); - ktdata->version = (int) ibuf; - - (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); - if (ibuf == KV5M_KEYTAB) { - if (file_is_open) { - int fmode; - long fpos; - -#if !defined( macintosh) && !defined(_WIN32) - fmode = (file_is_open >> 1) & O_ACCMODE; -#else - fmode = 0; -#endif - if (fmode) - kret = krb5_ktfileint_openw(kcontext, - keytab); - else - kret = krb5_ktfileint_openr(kcontext, - keytab); - if (!kret) { -#if SIZEOF_LONG == 4 - fpos = foffbuf[0]; -#else /* SIZEOF_LONG == 4 */ - fpos = foffbuf[0] | ((long) foffbuf[1] << 32); -#endif /* SIZEOF_LONG == 4 */ - fseek(KTFILEP(keytab), fpos, SEEK_SET); - } - } - kret = 0; - } - else - kret = EINVAL; - } - } - if (kret) { - if (keytab->data) { - if (KTFILENAME(keytab)) - krb5_xfree(KTFILENAME(keytab)); - krb5_xfree(keytab->data); - } - krb5_xfree(keytab); - } - else { - *buffer = bp; - *lenremain = remain; - *argp = (krb5_pointer) keytab; - } - } - free(ktname); - } - } - return(kret); -} diff --git a/src/lib/krb5/keytab/kt_file.c b/src/lib/krb5/keytab/kt_file.c new file mode 100644 index 000000000..ab5405e1d --- /dev/null +++ b/src/lib/krb5/keytab/kt_file.c @@ -0,0 +1,1726 @@ +#include /* for htons etc */ +/* + * lib/krb5/keytab/kt_file.c + * + * Copyright 1990,1991,1995 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + */ + +#define NEED_SOCKETS +#include "k5-int.h" +#include + +/* + * Information needed by internal routines of the file-based ticket + * cache implementation. + */ + + +/* + * Constants + */ +#define IGNORE_VNO 0 +#define IGNORE_ENCTYPE 0 + +#define KRB5_KT_VNO_1 0x0501 /* krb v5, keytab version 1 (DCE compat) */ +#define KRB5_KT_VNO 0x0502 /* krb v5, keytab version 2 (standard) */ + +#define KRB5_KT_DEFAULT_VNO KRB5_KT_VNO + +/* + * Types + */ +typedef struct _krb5_ktfile_data { + char *name; /* Name of the file */ + FILE *openf; /* open file, if any. */ + int version; /* Version number of keytab */ +} krb5_ktfile_data; + +/* + * Macros + */ +#define KTPRIVATE(id) ((krb5_ktfile_data *)(id)->data) +#define KTFILENAME(id) (((krb5_ktfile_data *)(id)->data)->name) +#define KTFILEP(id) (((krb5_ktfile_data *)(id)->data)->openf) +#define KTVERSION(id) (((krb5_ktfile_data *)(id)->data)->version) + +extern struct _krb5_kt_ops krb5_ktf_ops; +extern struct _krb5_kt_ops krb5_ktf_writable_ops; + +krb5_error_code KRB5_CALLCONV krb5_ktfile_resolve + (krb5_context, + const char *, + krb5_keytab *); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_wresolve + (krb5_context, + const char *, + krb5_keytab *); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_get_name + (krb5_context, + krb5_keytab, + char *, + unsigned int); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_close + (krb5_context, + krb5_keytab); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_get_entry + (krb5_context, + krb5_keytab, + krb5_const_principal, + krb5_kvno, + krb5_enctype, + krb5_keytab_entry *); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_start_seq_get + (krb5_context, + krb5_keytab, + krb5_kt_cursor *); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_get_next + (krb5_context, + krb5_keytab, + krb5_keytab_entry *, + krb5_kt_cursor *); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_end_get + (krb5_context, + krb5_keytab, + krb5_kt_cursor *); + +/* routines to be included on extended version (write routines) */ +krb5_error_code KRB5_CALLCONV krb5_ktfile_add + (krb5_context, + krb5_keytab, + krb5_keytab_entry *); + +krb5_error_code KRB5_CALLCONV krb5_ktfile_remove + (krb5_context, + krb5_keytab, + krb5_keytab_entry *); + +krb5_error_code krb5_ktfileint_openr + (krb5_context, + krb5_keytab); + +krb5_error_code krb5_ktfileint_openw + (krb5_context, + krb5_keytab); + +krb5_error_code krb5_ktfileint_close + (krb5_context, + krb5_keytab); + +krb5_error_code krb5_ktfileint_read_entry + (krb5_context, + krb5_keytab, + krb5_keytab_entry *); + +krb5_error_code krb5_ktfileint_write_entry + (krb5_context, + krb5_keytab, + krb5_keytab_entry *); + +krb5_error_code krb5_ktfileint_delete_entry + (krb5_context, + krb5_keytab, + krb5_int32); + +krb5_error_code krb5_ktfileint_internal_read_entry + (krb5_context, + krb5_keytab, + krb5_keytab_entry *, + krb5_int32 *); + +krb5_error_code krb5_ktfileint_size_entry + (krb5_context, + krb5_keytab_entry *, + krb5_int32 *); + +krb5_error_code krb5_ktfileint_find_slot + (krb5_context, + krb5_keytab, + krb5_int32 *, + krb5_int32 *); + + +/* + * This is an implementation specific resolver. It returns a keytab id + * initialized with file keytab routines. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_resolve(context, name, id) + krb5_context context; + const char *name; + krb5_keytab *id; +{ + krb5_ktfile_data *data; + + if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL) + return(ENOMEM); + + (*id)->ops = &krb5_ktf_ops; + if ((data = (krb5_ktfile_data *)malloc(sizeof(krb5_ktfile_data))) == NULL) { + krb5_xfree(*id); + return(ENOMEM); + } + + if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) { + krb5_xfree(data); + krb5_xfree(*id); + return(ENOMEM); + } + + (void) strcpy(data->name, name); + data->openf = 0; + data->version = 0; + + (*id)->data = (krb5_pointer)data; + (*id)->magic = KV5M_KEYTAB; + return(0); +} + + +/* + * "Close" a file-based keytab and invalidate the id. This means + * free memory hidden in the structures. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_close(context, id) + krb5_context context; + krb5_keytab id; + /* + * This routine is responsible for freeing all memory allocated + * for this keytab. There are no system resources that need + * to be freed nor are there any open files. + * + * This routine should undo anything done by krb5_ktfile_resolve(). + */ +{ + krb5_xfree(KTFILENAME(id)); + krb5_xfree(id->data); + id->ops = 0; + krb5_xfree(id); + return (0); +} + +/* + * This is the get_entry routine for the file based keytab implementation. + * It opens the keytab file, and either retrieves the entry or returns + * an error. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_get_entry(context, id, principal, kvno, enctype, entry) + krb5_context context; + krb5_keytab id; + krb5_const_principal principal; + krb5_kvno kvno; + krb5_enctype enctype; + krb5_keytab_entry * entry; +{ + krb5_keytab_entry cur_entry, new_entry; + krb5_error_code kerror = 0; + int found_wrong_kvno = 0; + krb5_boolean similar; + int kvno_offset = 0; + + /* Open the keyfile for reading */ + if ((kerror = krb5_ktfileint_openr(context, id))) + return(kerror); + + /* + * For efficiency and simplicity, we'll use a while true that + * is exited with a break statement. + */ + cur_entry.principal = 0; + cur_entry.vno = 0; + cur_entry.key.contents = 0; + + while (TRUE) { + if ((kerror = krb5_ktfileint_read_entry(context, id, &new_entry))) + break; + + /* by the time this loop exits, it must either free cur_entry, + and copy new_entry there, or free new_entry. Otherwise, it + leaks. */ + + /* if the enctype is not ignored and doesn't match, free new_entry + and continue to the next */ + + if (enctype != IGNORE_ENCTYPE) { + if ((kerror = krb5_c_enctype_compare(context, enctype, + new_entry.key.enctype, + &similar))) { + krb5_kt_free_entry(context, &new_entry); + break; + } + + if (!similar) { + krb5_kt_free_entry(context, &new_entry); + continue; + } + /* + * Coerce the enctype of the output keyblock in case we + * got an inexact match on the enctype; this behavior will + * go away when the key storage architecture gets + * redesigned for 1.3. + */ + new_entry.key.enctype = enctype; + + } + + /* if the principal isn't the one requested, free new_entry + and continue to the next. */ + + if (!krb5_principal_compare(context, principal, new_entry.principal)) { + krb5_kt_free_entry(context, &new_entry); + continue; + } + + if (kvno == IGNORE_VNO) { + /* if this is the first match, or if the new vno is + bigger, free the current and keep the new. Otherwise, + free the new. */ + /* A 1.2.x keytab contains only the low 8 bits of the key + version number. Since it can be much bigger, and thus + the 8-bit value can wrap, we need some heuristics to + figure out the "highest" numbered key if some numbers + close to 255 and some near 0 are used. + + The heuristic here: + + If we have any keys with versions over 240, then assume + that all version numbers 0-127 refer to 256+N instead. + Not perfect, but maybe good enough? */ + +#define M(VNO) (((VNO) - kvno_offset + 256) % 256) + + if (new_entry.vno > 240) + kvno_offset = 128; + if (! cur_entry.principal || + M(new_entry.vno) > M(cur_entry.vno)) { + krb5_kt_free_entry(context, &cur_entry); + cur_entry = new_entry; + } else { + krb5_kt_free_entry(context, &new_entry); + } + } else { + /* if this kvno matches, free the current (will there ever + be one?), keep the new, and break out. Otherwise, remember + that we were here so we can return the right error, and + free the new */ + /* Yuck. The krb5-1.2.x keytab format only stores one byte + for the kvno, so we're toast if the kvno requested is + higher than that. Short-term workaround: only compare + the low 8 bits. */ + + if (new_entry.vno == (kvno & 0xff)) { + krb5_kt_free_entry(context, &cur_entry); + cur_entry = new_entry; + break; + } else { + found_wrong_kvno++; + krb5_kt_free_entry(context, &new_entry); + } + } + } + + if (kerror == KRB5_KT_END) { + if (cur_entry.principal) + kerror = 0; + else if (found_wrong_kvno) + kerror = KRB5_KT_KVNONOTFOUND; + else + kerror = KRB5_KT_NOTFOUND; + } + if (kerror) { + (void) krb5_ktfileint_close(context, id); + krb5_kt_free_entry(context, &cur_entry); + return kerror; + } + if ((kerror = krb5_ktfileint_close(context, id)) != 0) { + krb5_kt_free_entry(context, &cur_entry); + return kerror; + } + *entry = cur_entry; + return 0; +} + +/* + * Get the name of the file containing a file-based keytab. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_get_name(context, id, name, len) + krb5_context context; + krb5_keytab id; + char *name; + unsigned int len; + /* + * This routine returns the name of the name of the file associated with + * this file-based keytab. name is zeroed and the filename is truncated + * to fit in name if necessary. The name is prefixed with PREFIX:, so that + * trt will happen if the name is passed back to resolve. + */ +{ + memset(name, 0, len); + + if (len < strlen(id->ops->prefix)+2) + return(KRB5_KT_NAME_TOOLONG); + strcpy(name, id->ops->prefix); + name += strlen(id->ops->prefix); + name[0] = ':'; + name++; + len -= strlen(id->ops->prefix)+1; + + if (len < strlen(KTFILENAME(id)+1)) + return(KRB5_KT_NAME_TOOLONG); + strcpy(name, KTFILENAME(id)); + /* strcpy will NUL-terminate the destination */ + + return(0); +} + +/* + * krb5_ktfile_start_seq_get() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_start_seq_get(context, id, cursorp) + krb5_context context; +krb5_keytab id; +krb5_kt_cursor *cursorp; +{ + krb5_error_code retval; + long *fileoff; + + if ((retval = krb5_ktfileint_openr(context, id))) + return retval; + + if (!(fileoff = (long *)malloc(sizeof(*fileoff)))) { + krb5_ktfileint_close(context, id); + return ENOMEM; + } + *fileoff = ftell(KTFILEP(id)); + *cursorp = (krb5_kt_cursor)fileoff; + + return 0; +} + +/* + * krb5_ktfile_get_next() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_get_next(context, id, entry, cursor) + krb5_context context; +krb5_keytab id; +krb5_keytab_entry *entry; +krb5_kt_cursor *cursor; +{ + long *fileoff = (long *)*cursor; + krb5_keytab_entry cur_entry; + krb5_error_code kerror; + + if (fseek(KTFILEP(id), *fileoff, 0) == -1) + return KRB5_KT_END; + if ((kerror = krb5_ktfileint_read_entry(context, id, &cur_entry))) + return kerror; + *fileoff = ftell(KTFILEP(id)); + *entry = cur_entry; + return 0; +} + +/* + * krb5_ktfile_end_get() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_end_get(context, id, cursor) + krb5_context context; +krb5_keytab id; +krb5_kt_cursor *cursor; +{ + krb5_xfree(*cursor); + return krb5_ktfileint_close(context, id); +} + +/* + * ser_ktf.c - Serialize keytab file context for subsequent reopen. + */ + +static const char ktfile_def_name[] = "."; + +/* + * Routines to deal with externalizing krb5_keytab for [WR]FILE: variants. + * krb5_ktf_keytab_size(); + * krb5_ktf_keytab_externalize(); + * krb5_ktf_keytab_internalize(); + */ +static krb5_error_code krb5_ktf_keytab_size + (krb5_context, krb5_pointer, size_t *); +static krb5_error_code krb5_ktf_keytab_externalize + (krb5_context, krb5_pointer, krb5_octet **, size_t *); +static krb5_error_code krb5_ktf_keytab_internalize + (krb5_context,krb5_pointer *, krb5_octet **, size_t *); + +/* + * Serialization entry for this type. + */ +const krb5_ser_entry krb5_ktfile_ser_entry = { + KV5M_KEYTAB, /* Type */ + krb5_ktf_keytab_size, /* Sizer routine */ + krb5_ktf_keytab_externalize, /* Externalize routine */ + krb5_ktf_keytab_internalize /* Internalize routine */ +}; + +/* + * krb5_ktf_keytab_size() - Determine the size required to externalize + * this krb5_keytab variant. + */ +static krb5_error_code +krb5_ktf_keytab_size(kcontext, arg, sizep) + krb5_context kcontext; + krb5_pointer arg; + size_t *sizep; +{ + krb5_error_code kret; + krb5_keytab keytab; + size_t required; + krb5_ktfile_data *ktdata; + + kret = EINVAL; + if ((keytab = (krb5_keytab) arg)) { + /* + * Saving FILE: variants of krb5_keytab requires at minimum: + * krb5_int32 for KV5M_KEYTAB + * krb5_int32 for length of keytab name. + * krb5_int32 for file status. + * krb5_int32 for file position. + * krb5_int32 for file position. + * krb5_int32 for version. + * krb5_int32 for KV5M_KEYTAB + */ + required = sizeof(krb5_int32) * 7; + if (keytab->ops && keytab->ops->prefix) + required += (strlen(keytab->ops->prefix)+1); + + /* + * The keytab name is formed as follows: + * : + * If there's no name, we use a default name so that we have something + * to call krb5_keytab_resolve with. + */ + ktdata = (krb5_ktfile_data *) keytab->data; + required += strlen((ktdata && ktdata->name) ? + ktdata->name : ktfile_def_name); + kret = 0; + + if (!kret) + *sizep += required; + } + return(kret); +} + +/* + * krb5_ktf_keytab_externalize() - Externalize the krb5_keytab. + */ +static krb5_error_code +krb5_ktf_keytab_externalize(kcontext, arg, buffer, lenremain) + krb5_context kcontext; + krb5_pointer arg; + krb5_octet **buffer; + size_t *lenremain; +{ + krb5_error_code kret; + krb5_keytab keytab; + size_t required; + krb5_octet *bp; + size_t remain; + krb5_ktfile_data *ktdata; + krb5_int32 file_is_open; + krb5_int32 file_pos[2]; + char *ktname; + size_t namelen; + const char *fnamep; + + required = 0; + bp = *buffer; + remain = *lenremain; + kret = EINVAL; + if ((keytab = (krb5_keytab) arg)) { + kret = ENOMEM; + if (!krb5_ktf_keytab_size(kcontext, arg, &required) && + (required <= remain)) { + /* Our identifier */ + (void) krb5_ser_pack_int32(KV5M_KEYTAB, &bp, &remain); + + ktdata = (krb5_ktfile_data *) keytab->data; + file_is_open = 0; + file_pos[0] = 0; + file_pos[1] = 0; + + /* Calculate the length of the name */ + namelen = (keytab->ops && keytab->ops->prefix) ? + strlen(keytab->ops->prefix)+1 : 0; + if (ktdata && ktdata->name) + fnamep = ktdata->name; + else + fnamep = ktfile_def_name; + namelen += (strlen(fnamep)+1); + + if ((ktname = (char *) malloc(namelen))) { + /* Format the keytab name. */ + if (keytab->ops && keytab->ops->prefix) + sprintf(ktname, "%s:%s", keytab->ops->prefix, fnamep); + + else + strcpy(ktname, fnamep); + + /* Fill in the file-specific keytab information. */ + if (ktdata) { + if (ktdata->openf) { + long fpos; + int fflags = 0; + + file_is_open = 1; +#if !defined( macintosh) && !defined(_WIN32) + fflags = fcntl(fileno(ktdata->openf), F_GETFL, 0); + if (fflags > 0) + file_is_open |= ((fflags & O_ACCMODE) << 1); +#else + file_is_open = 0; +#endif + fpos = ftell(ktdata->openf); +#if SIZEOF_LONG == 4 + file_pos[0] = fpos; +#else /* SIZEOF_LONG == 4 */ + file_pos[0] = fpos & 0xffffffff; + file_pos[1] = (fpos >> 32) & 0xffffffff; +#endif /* SIZEOF_LONG == 4 */ + } + } + + /* Put the length of the file name */ + (void) krb5_ser_pack_int32((krb5_int32) strlen(ktname), + &bp, &remain); + + /* Put the name */ + (void) krb5_ser_pack_bytes((krb5_octet *) ktname, + strlen(ktname), + &bp, &remain); + + /* Put the file open flag */ + (void) krb5_ser_pack_int32(file_is_open, &bp, &remain); + + /* Put the file position */ + (void) krb5_ser_pack_int32(file_pos[0], &bp, &remain); + (void) krb5_ser_pack_int32(file_pos[1], &bp, &remain); + + /* Put the version */ + (void) krb5_ser_pack_int32((krb5_int32) ((ktdata) ? + ktdata->version : 0), + &bp, &remain); + + /* Put the trailer */ + (void) krb5_ser_pack_int32(KV5M_KEYTAB, &bp, &remain); + kret = 0; + *buffer = bp; + *lenremain = remain; + free(ktname); + } + } + } + return(kret); +} + +/* + * krb5_ktf_keytab_internalize() - Internalize the krb5_ktf_keytab. + */ +static krb5_error_code +krb5_ktf_keytab_internalize(kcontext, argp, buffer, lenremain) + krb5_context kcontext; + krb5_pointer *argp; + krb5_octet **buffer; + size_t *lenremain; +{ + krb5_error_code kret; + krb5_keytab keytab; + krb5_int32 ibuf; + krb5_octet *bp; + size_t remain; + char *ktname; + krb5_ktfile_data *ktdata; + krb5_int32 file_is_open; + krb5_int32 foffbuf[2]; + + bp = *buffer; + remain = *lenremain; + kret = EINVAL; + /* Read our magic number */ + if (krb5_ser_unpack_int32(&ibuf, &bp, &remain)) + ibuf = 0; + if (ibuf == KV5M_KEYTAB) { + kret = ENOMEM; + + /* Get the length of the keytab name */ + kret = krb5_ser_unpack_int32(&ibuf, &bp, &remain); + + if (!kret && + (ktname = (char *) malloc((size_t) (ibuf+1))) && + !(kret = krb5_ser_unpack_bytes((krb5_octet *) ktname, + (size_t) ibuf, + &bp, &remain))) { + ktname[ibuf] = '\0'; + kret = krb5_kt_resolve(kcontext, ktname, &keytab); + if (!kret) { + kret = ENOMEM; + ktdata = (krb5_ktfile_data *) keytab->data; + if (!ktdata) { + /* XXX */ + keytab->data = (void *) malloc(sizeof(krb5_ktfile_data)); + ktdata = (krb5_ktfile_data *) keytab->data; + memset(ktdata, 0, sizeof(krb5_ktfile_data)); + if (strchr(ktname, (int) ':')) + ktdata->name = strdup(strchr(ktname, (int) ':')+1); + else + ktdata->name = strdup(ktname); + } + if (ktdata) { + if (remain >= (sizeof(krb5_int32)*5)) { + (void) krb5_ser_unpack_int32(&file_is_open, + &bp, &remain); + (void) krb5_ser_unpack_int32(&foffbuf[0], + &bp, &remain); + (void) krb5_ser_unpack_int32(&foffbuf[1], + &bp, &remain); + (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); + ktdata->version = (int) ibuf; + + (void) krb5_ser_unpack_int32(&ibuf, &bp, &remain); + if (ibuf == KV5M_KEYTAB) { + if (file_is_open) { + int fmode; + long fpos; + +#if !defined( macintosh) && !defined(_WIN32) + fmode = (file_is_open >> 1) & O_ACCMODE; +#else + fmode = 0; +#endif + if (fmode) + kret = krb5_ktfileint_openw(kcontext, + keytab); + else + kret = krb5_ktfileint_openr(kcontext, + keytab); + if (!kret) { +#if SIZEOF_LONG == 4 + fpos = foffbuf[0]; +#else /* SIZEOF_LONG == 4 */ + fpos = foffbuf[0] | ((long) foffbuf[1] << 32); +#endif /* SIZEOF_LONG == 4 */ + fseek(KTFILEP(keytab), fpos, SEEK_SET); + } + } + kret = 0; + } + else + kret = EINVAL; + } + } + if (kret) { + if (keytab->data) { + if (KTFILENAME(keytab)) + krb5_xfree(KTFILENAME(keytab)); + krb5_xfree(keytab->data); + } + krb5_xfree(keytab); + } + else { + *buffer = bp; + *lenremain = remain; + *argp = (krb5_pointer) keytab; + } + } + free(ktname); + } + } + return(kret); +} + +/* + * This is an implementation specific resolver. It returns a keytab id + * initialized with file keytab routines. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_wresolve(context, name, id) + krb5_context context; + const char *name; + krb5_keytab *id; +{ + krb5_ktfile_data *data; + + if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL) + return(ENOMEM); + + (*id)->ops = &krb5_ktf_writable_ops; + if ((data = (krb5_ktfile_data *)malloc(sizeof(krb5_ktfile_data))) == NULL) { + krb5_xfree(*id); + return(ENOMEM); + } + + if ((data->name = (char *)calloc(strlen(name) + 1, sizeof(char))) == NULL) { + krb5_xfree(data); + krb5_xfree(*id); + return(ENOMEM); + } + + (void) strcpy(data->name, name); + data->openf = 0; + data->version = 0; + + (*id)->data = (krb5_pointer)data; + (*id)->magic = KV5M_KEYTAB; + return(0); +} + + +/* + * krb5_ktfile_add() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_add(context, id, entry) + krb5_context context; + krb5_keytab id; + krb5_keytab_entry *entry; +{ + krb5_error_code retval; + + if ((retval = krb5_ktfileint_openw(context, id))) + return retval; + if (fseek(KTFILEP(id), 0, 2) == -1) + return KRB5_KT_END; + retval = krb5_ktfileint_write_entry(context, id, entry); + krb5_ktfileint_close(context, id); + return retval; +} + +/* + * krb5_ktfile_remove() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktfile_remove(context, id, entry) + krb5_context context; +krb5_keytab id; +krb5_keytab_entry *entry; +{ + krb5_keytab_entry cur_entry; + krb5_error_code kerror; + krb5_int32 delete_point; + + if ((kerror = krb5_ktfileint_openw(context, id))) { + return kerror; + } + + /* + * For efficiency and simplicity, we'll use a while true that + * is exited with a break statement. + */ + while (TRUE) { + if ((kerror = krb5_ktfileint_internal_read_entry(context, id, + &cur_entry, + &delete_point))) + break; + + if ((entry->vno == cur_entry.vno) && + (entry->key.enctype == cur_entry.key.enctype) && + krb5_principal_compare(context, entry->principal, cur_entry.principal)) { + /* found a match */ + krb5_kt_free_entry(context, &cur_entry); + break; + } + krb5_kt_free_entry(context, &cur_entry); + } + + if (kerror == KRB5_KT_END) + kerror = KRB5_KT_NOTFOUND; + + if (kerror) { + (void) krb5_ktfileint_close(context, id); + return kerror; + } + + kerror = krb5_ktfileint_delete_entry(context, id, delete_point); + + if (kerror) { + (void) krb5_ktfileint_close(context, id); + } else { + kerror = krb5_ktfileint_close(context, id); + } + + return kerror; +} + +/* + * krb5_ktf_ops + */ + +struct _krb5_kt_ops krb5_ktf_ops = { + 0, + "FILE", /* Prefix -- this string should not appear anywhere else! */ + krb5_ktfile_resolve, + krb5_ktfile_get_name, + krb5_ktfile_close, + krb5_ktfile_get_entry, + krb5_ktfile_start_seq_get, + krb5_ktfile_get_next, + krb5_ktfile_end_get, + 0, + 0, + (void *) &krb5_ktfile_ser_entry +}; + +/* + * krb5_ktf_writable_ops + */ + +struct _krb5_kt_ops krb5_ktf_writable_ops = { + 0, + "WRFILE", /* Prefix -- this string should not appear anywhere else! */ + krb5_ktfile_wresolve, + krb5_ktfile_get_name, + krb5_ktfile_close, + krb5_ktfile_get_entry, + krb5_ktfile_start_seq_get, + krb5_ktfile_get_next, + krb5_ktfile_end_get, + krb5_ktfile_add, + krb5_ktfile_remove, + (void *) &krb5_ktfile_ser_entry +}; + +/* + * krb5_kt_dfl_ops + */ + +krb5_kt_ops krb5_kt_dfl_ops = { + 0, + "FILE", /* Prefix -- this string should not appear anywhere else! */ + krb5_ktfile_resolve, + krb5_ktfile_get_name, + krb5_ktfile_close, + krb5_ktfile_get_entry, + krb5_ktfile_start_seq_get, + krb5_ktfile_get_next, + krb5_ktfile_end_get, + 0, + 0, + (void *) &krb5_ktfile_ser_entry +}; + +/* + * lib/krb5/keytab/file/ktf_util.c + * + * Copyright (c) Hewlett-Packard Company 1991 + * Released to the Massachusetts Institute of Technology for inclusion + * in the Kerberos source code distribution. + * + * Copyright 1990,1991 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * This function contains utilities for the file based implementation of + * the keytab. There are no public functions in this file. + * + * This file is the only one that has knowledge of the format of a + * keytab file. + * + * The format is as follows: + * + * + * + * principal timestamp vno key + * + * principal timestamp vno key + * .... + * + * A length field (sizeof(krb5_int32)) exists between entries. When this + * length is positive it indicates an active entry, when negative a hole. + * The length indicates the size of the block in the file (this may be + * larger than the size of the next record, since we are using a first + * fit algorithm for re-using holes and the first fit may be larger than + * the entry we are writing). Another (compatible) implementation could + * break up holes when allocating them to smaller entries to minimize + * wasted space. (Such an implementation should also coalesce adjacent + * holes to reduce fragmentation). This implementation does neither. + * + * There are no separators between fields of an entry. + * A principal is a length-encoded array of length-encoded strings. The + * length is a krb5_int16 in each case. The specific format, then, is + * multiple entries concatinated with no separators. An entry has this + * exact format: + * + * sizeof(krb5_int16) bytes for number of components in the principal; + * then, each component listed in ordser. + * For each component, sizeof(krb5_int16) bytes for the number of bytes + * in the component, followed by the component. + * sizeof(krb5_int32) for the principal type (for KEYTAB V2 and higher) + * sizeof(krb5_int32) bytes for the timestamp + * sizeof(krb5_octet) bytes for the key version number + * sizeof(krb5_int16) bytes for the enctype + * sizeof(krb5_int32) bytes for the key length, followed by the key + */ + +#ifndef SEEK_SET +#define SEEK_SET 0 +#define SEEK_CUR 1 +#endif + +typedef krb5_int16 krb5_kt_vno; + +krb5_kt_vno krb5_kt_default_vno = KRB5_KT_DEFAULT_VNO; + +#define xfwrite(a, b, c, d) fwrite((char *)a, b, (unsigned) c, d) +#define xfread(a, b, c, d) fread((char *)a, b, (unsigned) c, d) + +#ifdef ANSI_STDIO +static char *fopen_mode_rbplus= "rb+"; +static char *fopen_mode_rb = "rb"; +#else +static char *fopen_mode_rbplus= "r+"; +static char *fopen_mode_rb = "r"; +#endif + +#ifndef HAVE_ERRNO +extern int errno; +#endif + +static krb5_error_code +krb5_ktfileint_open(context, id, mode) + krb5_context context; +krb5_keytab id; +int mode; +{ + krb5_error_code kerror; + krb5_kt_vno kt_vno; + int writevno = 0; + + KTFILEP(id) = fopen(KTFILENAME(id), + (mode == KRB5_LOCKMODE_EXCLUSIVE) ? + fopen_mode_rbplus : fopen_mode_rb); + if (!KTFILEP(id)) { + if ((mode == KRB5_LOCKMODE_EXCLUSIVE) && (errno == ENOENT)) { + /* try making it first time around */ + krb5_create_secure_file(context, KTFILENAME(id)); + KTFILEP(id) = fopen(KTFILENAME(id), fopen_mode_rbplus); + if (!KTFILEP(id)) + return errno; + writevno = 1; + } else /* some other error */ + return errno; + } + if ((kerror = krb5_lock_file(context, fileno(KTFILEP(id)), mode))) { + (void) fclose(KTFILEP(id)); + KTFILEP(id) = 0; + return kerror; + } + /* assume ANSI or BSD-style stdio */ + setbuf(KTFILEP(id), NULL); + + /* get the vno and verify it */ + if (writevno) { + kt_vno = htons(krb5_kt_default_vno); + KTVERSION(id) = krb5_kt_default_vno; + if (!xfwrite(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) { + kerror = errno; + (void) krb5_unlock_file(context, fileno(KTFILEP(id))); + (void) fclose(KTFILEP(id)); + return kerror; + } + } else { + /* gotta verify it instead... */ + if (!xfread(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) { + kerror = errno; + (void) krb5_unlock_file(context, fileno(KTFILEP(id))); + (void) fclose(KTFILEP(id)); + return kerror; + } + kt_vno = KTVERSION(id) = ntohs(kt_vno); + if ((kt_vno != KRB5_KT_VNO) && + (kt_vno != KRB5_KT_VNO_1)) { + (void) krb5_unlock_file(context, fileno(KTFILEP(id))); + (void) fclose(KTFILEP(id)); + return KRB5_KEYTAB_BADVNO; + } + } + return 0; +} + +krb5_error_code +krb5_ktfileint_openr(context, id) + krb5_context context; +krb5_keytab id; +{ + return krb5_ktfileint_open(context, id, KRB5_LOCKMODE_SHARED); +} + +krb5_error_code +krb5_ktfileint_openw(context, id) + krb5_context context; +krb5_keytab id; +{ + return krb5_ktfileint_open(context, id, KRB5_LOCKMODE_EXCLUSIVE); +} + +krb5_error_code +krb5_ktfileint_close(context, id) + krb5_context context; +krb5_keytab id; +{ + krb5_error_code kerror; + + if (!KTFILEP(id)) + return 0; + kerror = krb5_unlock_file(context, fileno(KTFILEP(id))); + (void) fclose(KTFILEP(id)); + KTFILEP(id) = 0; + return kerror; +} + +krb5_error_code +krb5_ktfileint_delete_entry(context, id, delete_point) + krb5_context context; +krb5_keytab id; +krb5_int32 delete_point; +{ + krb5_int32 size; + krb5_int32 len; + char iobuf[BUFSIZ]; + + if (fseek(KTFILEP(id), delete_point, SEEK_SET)) { + return errno; + } + if (!xfread(&size, sizeof(size), 1, KTFILEP(id))) { + return KRB5_KT_END; + } + if (KTVERSION(id) != KRB5_KT_VNO_1) + size = ntohl(size); + + if (size > 0) { + krb5_int32 minus_size = -size; + if (KTVERSION(id) != KRB5_KT_VNO_1) + minus_size = htonl(minus_size); + + if (fseek(KTFILEP(id), delete_point, SEEK_SET)) { + return errno; + } + + if (!xfwrite(&minus_size, sizeof(minus_size), 1, KTFILEP(id))) { + return KRB5_KT_IOERR; + } + + if (size < BUFSIZ) { + len = size; + } else { + len = BUFSIZ; + } + + memset(iobuf, 0, (size_t) len); + while (size > 0) { + xfwrite(iobuf, 1, (size_t) len, KTFILEP(id)); + size -= len; + if (size < len) { + len = size; + } + } + + return krb5_sync_disk_file(context, KTFILEP(id)); + } + + return 0; +} + +krb5_error_code +krb5_ktfileint_internal_read_entry(context, id, ret_entry, delete_point) + krb5_context context; +krb5_keytab id; +krb5_keytab_entry *ret_entry; +krb5_int32 *delete_point; +{ + krb5_octet vno; + krb5_int16 count; + unsigned int u_count, u_princ_size; + krb5_int16 enctype; + krb5_int16 princ_size; + register int i; + krb5_int32 size; + krb5_int32 start_pos; + krb5_error_code error; + char *tmpdata; + krb5_data *princ; + + memset(ret_entry, 0, sizeof(krb5_keytab_entry)); + ret_entry->magic = KV5M_KEYTAB_ENTRY; + + /* fseek to synchronise buffered I/O on the key table. */ + + if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) + { + return errno; + } + + do { + *delete_point = ftell(KTFILEP(id)); + if (!xfread(&size, sizeof(size), 1, KTFILEP(id))) { + return KRB5_KT_END; + } + if (KTVERSION(id) != KRB5_KT_VNO_1) + size = ntohl(size); + + if (size < 0) { + if (fseek(KTFILEP(id), -size, SEEK_CUR)) { + return errno; + } + } + } while (size < 0); + + if (size == 0) { + return KRB5_KT_END; + } + + start_pos = ftell(KTFILEP(id)); + + /* deal with guts of parsing... */ + + /* first, int16 with #princ components */ + if (!xfread(&count, sizeof(count), 1, KTFILEP(id))) + return KRB5_KT_END; + if (KTVERSION(id) == KRB5_KT_VNO_1) { + count -= 1; /* V1 includes the realm in the count */ + } else { + count = ntohs(count); + } + if (!count || (count < 0)) + return KRB5_KT_END; + ret_entry->principal = (krb5_principal)malloc(sizeof(krb5_principal_data)); + if (!ret_entry->principal) + return ENOMEM; + + u_count = count; + ret_entry->principal->magic = KV5M_PRINCIPAL; + ret_entry->principal->length = u_count; + ret_entry->principal->data = (krb5_data *) + calloc(u_count, sizeof(krb5_data)); + if (!ret_entry->principal->data) { + free(ret_entry->principal); + ret_entry->principal = 0; + return ENOMEM; + } + + /* Now, get the realm data */ + if (!xfread(&princ_size, sizeof(princ_size), 1, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + if (KTVERSION(id) != KRB5_KT_VNO_1) + princ_size = ntohs(princ_size); + if (!princ_size || (princ_size < 0)) { + error = KRB5_KT_END; + goto fail; + } + u_princ_size = princ_size; + + krb5_princ_set_realm_length(context, ret_entry->principal, u_princ_size); + tmpdata = malloc(u_princ_size+1); + if (!tmpdata) { + error = ENOMEM; + goto fail; + } + if (fread(tmpdata, 1, u_princ_size, KTFILEP(id)) != (size_t) princ_size) { + free(tmpdata); + error = KRB5_KT_END; + goto fail; + } + tmpdata[princ_size] = 0; /* Some things might be expecting null */ + /* termination... ``Be conservative in */ + /* what you send out'' */ + krb5_princ_set_realm_data(context, ret_entry->principal, tmpdata); + + for (i = 0; i < count; i++) { + princ = krb5_princ_component(context, ret_entry->principal, i); + if (!xfread(&princ_size, sizeof(princ_size), 1, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + if (KTVERSION(id) != KRB5_KT_VNO_1) + princ_size = ntohs(princ_size); + if (!princ_size || (princ_size < 0)) { + error = KRB5_KT_END; + goto fail; + } + + u_princ_size = princ_size; + princ->length = u_princ_size; + princ->data = malloc(u_princ_size+1); + if (!princ->data) { + error = ENOMEM; + goto fail; + } + if (!xfread(princ->data, sizeof(char), u_princ_size, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + princ->data[princ_size] = 0; /* Null terminate */ + } + + /* read in the principal type, if we can get it */ + if (KTVERSION(id) != KRB5_KT_VNO_1) { + if (!xfread(&ret_entry->principal->type, + sizeof(ret_entry->principal->type), 1, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + ret_entry->principal->type = ntohl(ret_entry->principal->type); + } + + /* read in the timestamp */ + if (!xfread(&ret_entry->timestamp, sizeof(ret_entry->timestamp), 1, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + if (KTVERSION(id) != KRB5_KT_VNO_1) + ret_entry->timestamp = ntohl(ret_entry->timestamp); + + /* read in the version number */ + if (!xfread(&vno, sizeof(vno), 1, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + ret_entry->vno = (krb5_kvno)vno; + + /* key type */ + if (!xfread(&enctype, sizeof(enctype), 1, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + ret_entry->key.enctype = (krb5_enctype)enctype; + + if (KTVERSION(id) != KRB5_KT_VNO_1) + ret_entry->key.enctype = ntohs(ret_entry->key.enctype); + + /* key contents */ + ret_entry->key.magic = KV5M_KEYBLOCK; + + if (!xfread(&count, sizeof(count), 1, KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + if (KTVERSION(id) != KRB5_KT_VNO_1) + count = ntohs(count); + if (!count || (count < 0)) { + error = KRB5_KT_END; + goto fail; + } + + u_count = count; + ret_entry->key.length = u_count; + + ret_entry->key.contents = (krb5_octet *)malloc(u_count); + if (!ret_entry->key.contents) { + error = ENOMEM; + goto fail; + } + if (!xfread(ret_entry->key.contents, sizeof(krb5_octet), count, + KTFILEP(id))) { + error = KRB5_KT_END; + goto fail; + } + + /* + * Reposition file pointer to the next inter-record length field. + */ + fseek(KTFILEP(id), start_pos + size, SEEK_SET); + return 0; +fail: + + for (i = 0; i < ret_entry->principal->length; i++) { + princ = krb5_princ_component(context, ret_entry->principal, i); + if (princ->data) + free(princ->data); + } + free(ret_entry->principal->data); + ret_entry->principal->data = 0; + free(ret_entry->principal); + ret_entry->principal = 0; + return error; +} + +krb5_error_code +krb5_ktfileint_read_entry(context, id, entryp) + krb5_context context; +krb5_keytab id; +krb5_keytab_entry *entryp; +{ + krb5_int32 delete_point; + + return krb5_ktfileint_internal_read_entry(context, id, entryp, &delete_point); +} + +krb5_error_code +krb5_ktfileint_write_entry(context, id, entry) + krb5_context context; +krb5_keytab id; +krb5_keytab_entry *entry; +{ + krb5_octet vno; + krb5_data *princ; + krb5_int16 count, size, enctype; + krb5_error_code retval = 0; + krb5_timestamp timestamp; + krb5_int32 princ_type; + krb5_int32 size_needed; + krb5_int32 commit_point; + int i; + char iobuf[BUFSIZ]; + + retval = krb5_ktfileint_size_entry(context, entry, &size_needed); + if (retval) + return retval; + retval = krb5_ktfileint_find_slot(context, id, &size_needed, &commit_point); + if (retval) + return retval; + + setbuf(KTFILEP(id), iobuf); + + /* fseek to synchronise buffered I/O on the key table. */ + + if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) + { + return errno; + } + + if (KTVERSION(id) == KRB5_KT_VNO_1) { + count = (krb5_int16) entry->principal->length + 1; + } else { + count = htons((u_short) entry->principal->length); + } + + if (!xfwrite(&count, sizeof(count), 1, KTFILEP(id))) { + abend: + setbuf(KTFILEP(id), 0); + return KRB5_KT_IOERR; + } + size = krb5_princ_realm(context, entry->principal)->length; + if (KTVERSION(id) != KRB5_KT_VNO_1) + size = htons(size); + if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { + goto abend; + } + if (!xfwrite(krb5_princ_realm(context, entry->principal)->data, sizeof(char), + krb5_princ_realm(context, entry->principal)->length, KTFILEP(id))) { + goto abend; + } + + count = (krb5_int16) entry->principal->length; + for (i = 0; i < count; i++) { + princ = krb5_princ_component(context, entry->principal, i); + size = princ->length; + if (KTVERSION(id) != KRB5_KT_VNO_1) + size = htons(size); + if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { + goto abend; + } + if (!xfwrite(princ->data, sizeof(char), princ->length, KTFILEP(id))) { + goto abend; + } + } + + /* + * Write out the principal type + */ + if (KTVERSION(id) != KRB5_KT_VNO_1) { + princ_type = htonl(krb5_princ_type(context, entry->principal)); + if (!xfwrite(&princ_type, sizeof(princ_type), 1, KTFILEP(id))) { + goto abend; + } + } + + /* + * Fill in the time of day the entry was written to the keytab. + */ + if (krb5_timeofday(context, &entry->timestamp)) { + entry->timestamp = 0; + } + if (KTVERSION(id) == KRB5_KT_VNO_1) + timestamp = entry->timestamp; + else + timestamp = htonl(entry->timestamp); + if (!xfwrite(×tamp, sizeof(timestamp), 1, KTFILEP(id))) { + goto abend; + } + + /* key version number */ + vno = (krb5_octet)entry->vno; + if (!xfwrite(&vno, sizeof(vno), 1, KTFILEP(id))) { + goto abend; + } + /* key type */ + if (KTVERSION(id) == KRB5_KT_VNO_1) + enctype = entry->key.enctype; + else + enctype = htons(entry->key.enctype); + if (!xfwrite(&enctype, sizeof(enctype), 1, KTFILEP(id))) { + goto abend; + } + /* key length */ + if (KTVERSION(id) == KRB5_KT_VNO_1) + size = entry->key.length; + else + size = htons(entry->key.length); + if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { + goto abend; + } + if (!xfwrite(entry->key.contents, sizeof(krb5_octet), + entry->key.length, KTFILEP(id))) { + memset(iobuf, 0, sizeof(iobuf)); + setbuf(KTFILEP(id), 0); + return KRB5_KT_IOERR; + } + + retval = krb5_sync_disk_file(context, KTFILEP(id)); + (void) memset(iobuf, 0, sizeof(iobuf)); + setbuf(KTFILEP(id), 0); + + if (retval) { + return retval; + } + + if (fseek(KTFILEP(id), commit_point, SEEK_SET)) { + return errno; + } + if (KTVERSION(id) != KRB5_KT_VNO_1) + size_needed = htonl(size_needed); + if (!xfwrite(&size_needed, sizeof(size_needed), 1, KTFILEP(id))) { + goto abend; + } + retval = krb5_sync_disk_file(context, KTFILEP(id)); + + return retval; +} + +/* + * Determine the size needed for a file entry for the given + * keytab entry. + */ +krb5_error_code +krb5_ktfileint_size_entry(context, entry, size_needed) + krb5_context context; +krb5_keytab_entry *entry; +krb5_int32 *size_needed; +{ + krb5_int16 count; + krb5_int32 total_size, i; + krb5_error_code retval = 0; + + count = (krb5_int16) entry->principal->length; + + total_size = sizeof(count); + total_size += krb5_princ_realm(context, entry->principal)->length + (sizeof(krb5_int16)); + + for (i = 0; i < count; i++) { + total_size += krb5_princ_component(context, entry->principal,i)->length + + (sizeof(krb5_int16)); + } + + total_size += sizeof(entry->principal->type); + total_size += sizeof(entry->timestamp); + total_size += sizeof(krb5_octet); + total_size += sizeof(krb5_int16); + total_size += sizeof(krb5_int16) + entry->key.length; + + *size_needed = total_size; + return retval; +} + +/* + * Find and reserve a slot in the file for an entry of the needed size. + * The commit point will be set to the position in the file where the + * the length (sizeof(krb5_int32) bytes) of this node should be written + * when commiting the write. The file position left as a result of this + * call is the position where the actual data should be written. + * + * The size_needed argument may be adjusted if we find a hole that is + * larger than the size needed. (Recall that size_needed will be used + * to commit the write, but that this field must indicate the size of the + * block in the file rather than the size of the actual entry) + */ +krb5_error_code +krb5_ktfileint_find_slot(context, id, size_needed, commit_point) + krb5_context context; +krb5_keytab id; +krb5_int32 *size_needed; +krb5_int32 *commit_point; +{ + krb5_int32 size; + krb5_int32 remainder; + krb5_int32 zero_point; + krb5_kt_vno kt_vno; + krb5_boolean found = FALSE; + char iobuf[BUFSIZ]; + + /* + * Skip over file version number + */ + if (fseek(KTFILEP(id), 0, SEEK_SET)) { + return errno; + } + if (!xfread(&kt_vno, sizeof(kt_vno), 1, KTFILEP(id))) { + return KRB5_KT_IOERR; + } + + while (!found) { + *commit_point = ftell(KTFILEP(id)); + if (!xfread(&size, sizeof(size), 1, KTFILEP(id))) { + /* + * Hit the end of file, reserve this slot. + */ + setbuf(KTFILEP(id), 0); + size = 0; + + /* fseek to synchronise buffered I/O on the key table. */ + + if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) + { + return errno; + } + +#ifdef notdef + /* We don't have to do this because htonl(0) == 0 */ + if (KTVERSION(id) != KRB5_KT_VNO_1) + size = htonl(size); +#endif + + if (!xfwrite(&size, sizeof(size), 1, KTFILEP(id))) { + return KRB5_KT_IOERR; + } + found = TRUE; + } + + if (KTVERSION(id) != KRB5_KT_VNO_1) + size = ntohl(size); + + if (size > 0) { + if (fseek(KTFILEP(id), size, SEEK_CUR)) { + return errno; + } + } else if (!found) { + size = -size; + if (size >= *size_needed) { + *size_needed = size; + found = TRUE; + } else if (size > 0) { + /* + * The current hole is not large enough, so skip it + */ + if (fseek(KTFILEP(id), size, SEEK_CUR)) { + return errno; + } + } else { + + /* fseek to synchronise buffered I/O on the key table. */ + + if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) + { + return errno; + } + + /* + * Found the end of the file (marked by a 0 length buffer) + * Make sure we zero any trailing data. + */ + zero_point = ftell(KTFILEP(id)); + setbuf(KTFILEP(id), iobuf); + while ((size = xfread(iobuf, 1, sizeof(iobuf), KTFILEP(id)))) { + if (size != sizeof(iobuf)) { + remainder = size % sizeof(krb5_int32); + if (remainder) { + size += sizeof(krb5_int32) - remainder; + } + } + + if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) + { + return errno; + } + + memset(iobuf, 0, (size_t) size); + xfwrite(iobuf, 1, (size_t) size, KTFILEP(id)); + if (feof(KTFILEP(id))) { + break; + } + + if (fseek(KTFILEP(id), 0L, SEEK_CUR) < 0) + { + return errno; + } + + } + setbuf(KTFILEP(id), 0); + if (fseek(KTFILEP(id), zero_point, SEEK_SET)) { + return errno; + } + } + } + } + + return 0; +} diff --git a/src/lib/krb5/keytab/kt_srvtab.c b/src/lib/krb5/keytab/kt_srvtab.c new file mode 100644 index 000000000..663ceced0 --- /dev/null +++ b/src/lib/krb5/keytab/kt_srvtab.c @@ -0,0 +1,522 @@ +/* + * lib/krb5/keytab/srvtab/kts_resolv.c + * + * Copyright 1990,1991,2002 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + */ + +#define NEED_SOCKETS +#include "k5-int.h" +#include + +/* + * Constants + */ +#define IGNORE_VNO 0 +#define IGNORE_ENCTYPE 0 + +#define KRB5_KT_VNO_1 0x0501 /* krb v5, keytab version 1 (DCE compat) */ +#define KRB5_KT_VNO 0x0502 /* krb v5, keytab version 2 (standard) */ + +#define KRB5_KT_DEFAULT_VNO KRB5_KT_VNO + +/* + * Types + */ +typedef struct _krb5_ktsrvtab_data { + char *name; /* Name of the file */ + FILE *openf; /* open file, if any. */ +} krb5_ktsrvtab_data; + +/* + * Macros + */ +#define KTPRIVATE(id) ((krb5_ktsrvtab_data *)(id)->data) +#define KTFILENAME(id) (((krb5_ktsrvtab_data *)(id)->data)->name) +#define KTFILEP(id) (((krb5_ktsrvtab_data *)(id)->data)->openf) + +extern struct _krb5_kt_ops krb5_kts_ops; + +static krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_resolve + (krb5_context, + const char *, + krb5_keytab *); + +static krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_get_name + (krb5_context, + krb5_keytab, + char *, + unsigned int); + +static krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_close + (krb5_context, + krb5_keytab); + +static krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_get_entry + (krb5_context, + krb5_keytab, + krb5_const_principal, + krb5_kvno, + krb5_enctype, + krb5_keytab_entry *); + +static krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_start_seq_get + (krb5_context, + krb5_keytab, + krb5_kt_cursor *); + +static krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_get_next + (krb5_context, + krb5_keytab, + krb5_keytab_entry *, + krb5_kt_cursor *); + +static krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_end_get + (krb5_context, + krb5_keytab, + krb5_kt_cursor *); + +static krb5_error_code krb5_ktsrvint_open + (krb5_context, + krb5_keytab); + +static krb5_error_code krb5_ktsrvint_close + (krb5_context, + krb5_keytab); + +static krb5_error_code krb5_ktsrvint_read_entry + (krb5_context, + krb5_keytab, + krb5_keytab_entry *); + +/* + * This is an implementation specific resolver. It returns a keytab id + * initialized with srvtab keytab routines. + */ + +static krb5_error_code KRB5_CALLCONV +krb5_ktsrvtab_resolve(context, name, id) + krb5_context context; + const char *name; + krb5_keytab *id; +{ + krb5_ktsrvtab_data *data; + FILE *fp; + + /* Make sure we can open the srvtab file for reading. */ + fp = fopen(name, "r"); + if (!fp) + return(errno); + fclose(fp); + + if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL) + return(ENOMEM); + + (*id)->ops = &krb5_kts_ops; + data = (krb5_ktsrvtab_data *)malloc(sizeof(krb5_ktsrvtab_data)); + if (data == NULL) { + krb5_xfree(*id); + return(ENOMEM); + } + + data->name = (char *)malloc(strlen(name) + 1); + if (data->name == NULL) { + krb5_xfree(data); + krb5_xfree(*id); + return(ENOMEM); + } + + (void) strcpy(data->name, name); + data->openf = 0; + + (*id)->data = (krb5_pointer)data; + (*id)->magic = KV5M_KEYTAB; + return(0); +} + +/* + * "Close" a file-based keytab and invalidate the id. This means + * free memory hidden in the structures. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktsrvtab_close(context, id) + krb5_context context; + krb5_keytab id; + /* + * This routine is responsible for freeing all memory allocated + * for this keytab. There are no system resources that need + * to be freed nor are there any open files. + * + * This routine should undo anything done by krb5_ktsrvtab_resolve(). + */ +{ + krb5_xfree(KTFILENAME(id)); + krb5_xfree(id->data); + id->ops = 0; + krb5_xfree(id); + return (0); +} + +/* + * This is the get_entry routine for the file based keytab implementation. + * It opens the keytab file, and either retrieves the entry or returns + * an error. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktsrvtab_get_entry(context, id, principal, kvno, enctype, entry) + krb5_context context; + krb5_keytab id; + krb5_const_principal principal; + krb5_kvno kvno; + krb5_enctype enctype; + krb5_keytab_entry * entry; +{ + krb5_keytab_entry best_entry, ent; + krb5_error_code kerror = 0; + int found_wrong_kvno = 0; + + /* Open the srvtab. */ + if ((kerror = krb5_ktsrvint_open(context, id))) + return(kerror); + + /* srvtab files only have DES_CBC_CRC keys. */ + switch (enctype) { + case ENCTYPE_DES_CBC_CRC: + case ENCTYPE_DES_CBC_MD5: + case ENCTYPE_DES_CBC_MD4: + case ENCTYPE_DES_CBC_RAW: + case IGNORE_ENCTYPE: + break; + default: + return KRB5_KT_NOTFOUND; + } + + best_entry.principal = 0; + best_entry.vno = 0; + best_entry.key.contents = 0; + while ((kerror = krb5_ktsrvint_read_entry(context, id, &ent)) == 0) { + ent.key.enctype = enctype; + if (krb5_principal_compare(context, principal, ent.principal)) { + if (kvno == IGNORE_VNO) { + if (!best_entry.principal || (best_entry.vno < ent.vno)) { + krb5_kt_free_entry(context, &best_entry); + best_entry = ent; + } + } else { + if (ent.vno == kvno) { + best_entry = ent; + break; + } else { + found_wrong_kvno = 1; + } + } + } else { + krb5_kt_free_entry(context, &ent); + } + } + if (kerror == KRB5_KT_END) { + if (best_entry.principal) + kerror = 0; + else if (found_wrong_kvno) + kerror = KRB5_KT_KVNONOTFOUND; + else + kerror = KRB5_KT_NOTFOUND; + } + if (kerror) { + (void) krb5_ktsrvint_close(context, id); + krb5_kt_free_entry(context, &best_entry); + return kerror; + } + if ((kerror = krb5_ktsrvint_close(context, id)) != 0) { + krb5_kt_free_entry(context, &best_entry); + return kerror; + } + *entry = best_entry; + return 0; +} + +/* + * Get the name of the file containing a srvtab-based keytab. + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktsrvtab_get_name(context, id, name, len) + krb5_context context; + krb5_keytab id; + char *name; + unsigned int len; + /* + * This routine returns the name of the name of the file associated with + * this srvtab-based keytab. The name is prefixed with PREFIX:, so that + * trt will happen if the name is passed back to resolve. + */ +{ + memset(name, 0, len); + + if (len < strlen(id->ops->prefix)+2) + return(KRB5_KT_NAME_TOOLONG); + strcpy(name, id->ops->prefix); + name += strlen(id->ops->prefix); + name[0] = ':'; + name++; + len -= strlen(id->ops->prefix)+1; + + if (len < strlen(KTFILENAME(id)+1)) + return(KRB5_KT_NAME_TOOLONG); + strcpy(name, KTFILENAME(id)); + /* strcpy will NUL-terminate the destination */ + + return(0); +} + +/* + * krb5_ktsrvtab_start_seq_get() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktsrvtab_start_seq_get(context, id, cursorp) + krb5_context context; + krb5_keytab id; + krb5_kt_cursor *cursorp; +{ + krb5_error_code retval; + long *fileoff; + + if ((retval = krb5_ktsrvint_open(context, id))) + return retval; + + if (!(fileoff = (long *)malloc(sizeof(*fileoff)))) { + krb5_ktsrvint_close(context, id); + return ENOMEM; + } + *fileoff = ftell(KTFILEP(id)); + *cursorp = (krb5_kt_cursor)fileoff; + + return 0; +} + +/* + * krb5_ktsrvtab_get_next() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktsrvtab_get_next(context, id, entry, cursor) + krb5_context context; + krb5_keytab id; + krb5_keytab_entry *entry; + krb5_kt_cursor *cursor; +{ + long *fileoff = (long *)*cursor; + krb5_keytab_entry cur_entry; + krb5_error_code kerror; + + if (fseek(KTFILEP(id), *fileoff, 0) == -1) + return KRB5_KT_END; + if ((kerror = krb5_ktsrvint_read_entry(context, id, &cur_entry))) + return kerror; + *fileoff = ftell(KTFILEP(id)); + *entry = cur_entry; + return 0; +} + +/* + * krb5_ktsrvtab_end_get() + */ + +krb5_error_code KRB5_CALLCONV +krb5_ktsrvtab_end_get(context, id, cursor) + krb5_context context; + krb5_keytab id; + krb5_kt_cursor *cursor; +{ + krb5_xfree(*cursor); + return krb5_ktsrvint_close(context, id); +} + +/* + * krb5_kts_ops + */ + +struct _krb5_kt_ops krb5_kts_ops = { + 0, + "SRVTAB", /* Prefix -- this string should not appear anywhere else! */ + krb5_ktsrvtab_resolve, + krb5_ktsrvtab_get_name, + krb5_ktsrvtab_close, + krb5_ktsrvtab_get_entry, + krb5_ktsrvtab_start_seq_get, + krb5_ktsrvtab_get_next, + krb5_ktsrvtab_end_get, + 0, + 0, + 0 +}; + +/* + * formerly: lib/krb5/keytab/srvtab/kts_util.c + * + * Copyright (c) Hewlett-Packard Company 1991 + * Released to the Massachusetts Institute of Technology for inclusion + * in the Kerberos source code distribution. + * + * Copyright 1990,1991 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * This function contains utilities for the srvtab based implementation + * of the keytab. There are no public functions in this file. + */ + +#include + +#ifdef ANSI_STDIO +#define READ_MODE "rb" +#else +#define READ_MODE "r" +#endif + +/* The maximum sizes for V4 aname, realm, sname, and instance +1 */ +/* Taken from krb.h */ +#define ANAME_SZ 40 +#define REALM_SZ 40 +#define SNAME_SZ 40 +#define INST_SZ 40 + +#ifndef HAVE_ERRNO +extern int errno; +#endif + +static krb5_error_code +read_field(fp, s, len) + FILE *fp; + char *s; + int len; +{ + int c; + + while ((c = getc(fp)) != 0) { + if (c == EOF || len <= 1) + return KRB5_KT_END; + *s = c; + s++; + len--; + } + *s = 0; + return 0; +} + +krb5_error_code +krb5_ktsrvint_open(context, id) + krb5_context context; + krb5_keytab id; +{ + KTFILEP(id) = fopen(KTFILENAME(id), READ_MODE); + if (!KTFILEP(id)) + return errno; + return 0; +} + +krb5_error_code +krb5_ktsrvint_close(context, id) + krb5_context context; + krb5_keytab id; +{ + if (!KTFILEP(id)) + return 0; + (void) fclose(KTFILEP(id)); + KTFILEP(id) = 0; + return 0; +} + +krb5_error_code +krb5_ktsrvint_read_entry(context, id, ret_entry) + krb5_context context; + krb5_keytab id; + krb5_keytab_entry *ret_entry; +{ + FILE *fp; + char name[SNAME_SZ], instance[INST_SZ], realm[REALM_SZ]; + unsigned char key[8]; + int vno; + krb5_error_code kerror; + + /* Read in an entry from the srvtab file. */ + fp = KTFILEP(id); + kerror = read_field(fp, name, sizeof(name)); + if (kerror != 0) + return kerror; + kerror = read_field(fp, instance, sizeof(instance)); + if (kerror != 0) + return kerror; + kerror = read_field(fp, realm, sizeof(realm)); + if (kerror != 0) + return kerror; + vno = getc(fp); + if (vno == EOF) + return KRB5_KT_END; + if (fread(key, 1, sizeof(key), fp) != sizeof(key)) + return KRB5_KT_END; + + /* Fill in ret_entry with the data we read. Everything maps well + * except for the timestamp, which we don't have a value for. For + * now we just set it to 0. */ + memset(ret_entry, 0, sizeof(*ret_entry)); + ret_entry->magic = KV5M_KEYTAB_ENTRY; + kerror = krb5_425_conv_principal(context, name, instance, realm, + &ret_entry->principal); + if (kerror != 0) + return kerror; + ret_entry->vno = vno; + ret_entry->timestamp = 0; + ret_entry->key.enctype = ENCTYPE_DES_CBC_CRC; + ret_entry->key.magic = KV5M_KEYBLOCK; + ret_entry->key.length = sizeof(key); + ret_entry->key.contents = malloc(sizeof(key)); + if (!ret_entry->key.contents) { + krb5_free_principal(context, ret_entry->principal); + return ENOMEM; + } + memcpy(ret_entry->key.contents, key, sizeof(key)); + + return 0; +} diff --git a/src/lib/krb5/keytab/srvtab/.Sanitize b/src/lib/krb5/keytab/srvtab/.Sanitize deleted file mode 100644 index afa237aa3..000000000 --- a/src/lib/krb5/keytab/srvtab/.Sanitize +++ /dev/null @@ -1,46 +0,0 @@ -# Sanitize.in for Kerberos V5 - -# Each directory to survive it's way into a release will need a file -# like this one called "./.Sanitize". All keyword lines must exist, -# and must exist in the order specified by this file. Each directory -# in the tree will be processed, top down, in the following order. - -# Hash started lines like this one are comments and will be deleted -# before anything else is done. Blank lines will also be squashed -# out. - -# The lines between the "Do-first:" line and the "Things-to-keep:" -# line are executed as a /bin/sh shell script before anything else is -# done in this - -Do-first: - -# All files listed between the "Things-to-keep:" line and the -# "Files-to-sed:" line will be kept. All other files will be removed. -# Directories listed in this section will have their own Sanitize -# called. Directories not listed will be removed in their entirety -# with rm -rf. - -Things-to-keep: - -.cvsignore -ChangeLog -Makefile.in -configure -configure.in -kts_close.c -kts_endget.c -kts_g_ent.c -kts_g_name.c -kts_next.c -kts_ops.c -kts_resolv.c -kts_ssget.c -kts_util.c -ktsrvtab.h - -Things-to-lose: - -Do-last: - -# End of file. diff --git a/src/lib/krb5/keytab/srvtab/ChangeLog b/src/lib/krb5/keytab/srvtab/ChangeLog deleted file mode 100644 index e16dda264..000000000 --- a/src/lib/krb5/keytab/srvtab/ChangeLog +++ /dev/null @@ -1,49 +0,0 @@ -2002-03-06 Ken Raeburn - - * kts_g_ent.c (krb5_ktsrvtab_get_entry): If a specific DES enctype - was requested, set the key's enctype to it, instead of always - returning des-cbc-crc. - -2001-10-09 Ken Raeburn - - * ktsrvtab.h: Make prototypes unconditional. - -2000-10-17 Ezra Peisach - - * kts_g_name.c, ktsrvtab.h (krb5_ktsrvtab_get_name): Uses unsigned - int length now. - -2000-06-28 Ezra Peisach - - * kts_util.c (read_field): Cleanup unused variable. - -Fri Jan 28 19:53:44 2000 Ezra Peisach - - * kts_g_ent.c, ktsrvtab.h (krb5_ktsrvtab_get_entry): Change the - third argument to krb5_const_principal (from krb5_principal) to - agree with krb5_kts_ops entries. - -1999-10-26 Wilfredo Sanchez - - * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, - LOCAL_INCLUDES such that one can override CFLAGS from the command - line without losing CPP search patchs and defines. Some associated - Makefile cleanup. - -1999-06-15 Danilo Almeida - - * Makefile.in: Fix windows build. - - * ktsrvtab.h, kts_resolv.c (krb5_ktsrvtab_resolve), - kts_g_name.c (krb5_ktsrvtab_get_name), - kts_close.c (krb5_ktsrvtab_close), - kts_g_ent.c (krb5_ktsrvtab_get_entry), - kts_ssget.c (krb5_ktsrvtab_start_seq_get), - kts_next.c (krb5_ktsrvtab_get_next), - kts_endget.c (krb5_ktsrvtab_end_get): Fix calling convention. - - -1999-06-13 Geoffrey King - - * Initial checkin of ghudson's code to implement the SRVTAB keytab - type, which can read a krb4 srvtab. diff --git a/src/lib/krb5/keytab/srvtab/Makefile.in b/src/lib/krb5/keytab/srvtab/Makefile.in deleted file mode 100644 index b4d62eb9d..000000000 --- a/src/lib/krb5/keytab/srvtab/Makefile.in +++ /dev/null @@ -1,100 +0,0 @@ -thisconfigdir=./../.. -myfulldir=lib/krb5/keytab/srvtab -mydir=keytab/srvtab -BUILDTOP=$(REL)$(U)$(S)$(U)$(S)$(U)$(S)$(U) - -##DOS##BUILDTOP = ..\..\..\.. -##DOS##PREFIXDIR=keytab\srvtab -##DOS##OBJFILE=$(OUTPRE)srvtab.lst -##WIN16##LIBNAME=..\..\krb5.lib - -STLIBOBJS= \ - kts_close.o \ - kts_endget.o \ - kts_g_ent.o \ - kts_g_name.o \ - kts_next.o \ - kts_ops.o \ - kts_resolv.o \ - kts_ssget.o \ - kts_util.o - -OBJS= \ - $(OUTPRE)kts_close.$(OBJEXT) \ - $(OUTPRE)kts_endget.$(OBJEXT) \ - $(OUTPRE)kts_g_ent.$(OBJEXT) \ - $(OUTPRE)kts_g_name.$(OBJEXT) \ - $(OUTPRE)kts_next.$(OBJEXT) \ - $(OUTPRE)kts_ops.$(OBJEXT) \ - $(OUTPRE)kts_resolv.$(OBJEXT) \ - $(OUTPRE)kts_ssget.$(OBJEXT) \ - $(OUTPRE)kts_util.$(OBJEXT) - - -SRCS= \ - $(srcdir)/kts_close.c \ - $(srcdir)/kts_endget.c \ - $(srcdir)/kts_g_ent.c \ - $(srcdir)/kts_g_name.c \ - $(srcdir)/kts_next.c \ - $(srcdir)/kts_ops.c \ - $(srcdir)/kts_resolv.c \ - $(srcdir)/kts_ssget.c \ - $(srcdir)/kts_util.c - -##DOS##LIBOBJS = $(OBJS) - -all-unix:: all-libobjs -clean-unix:: clean-libobjs -# +++ Dependency line eater +++ -# -# Makefile dependencies follow. This must be the last section in -# the Makefile.in file -# -kts_close.so kts_close.po $(OUTPRE)kts_close.$(OBJEXT): kts_close.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_endget.so kts_endget.po $(OUTPRE)kts_endget.$(OBJEXT): kts_endget.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_g_ent.so kts_g_ent.po $(OUTPRE)kts_g_ent.$(OBJEXT): kts_g_ent.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_g_name.so kts_g_name.po $(OUTPRE)kts_g_name.$(OBJEXT): kts_g_name.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_next.so kts_next.po $(OUTPRE)kts_next.$(OBJEXT): kts_next.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_ops.so kts_ops.po $(OUTPRE)kts_ops.$(OBJEXT): kts_ops.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_resolv.so kts_resolv.po $(OUTPRE)kts_resolv.$(OBJEXT): kts_resolv.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_ssget.so kts_ssget.po $(OUTPRE)kts_ssget.$(OBJEXT): kts_ssget.c $(SRCTOP)/include/k5-int.h \ - $(BUILDTOP)/include/krb5/osconf.h $(BUILDTOP)/include/krb5/autoconf.h \ - $(BUILDTOP)/include/krb5.h $(BUILDTOP)/include/profile.h \ - $(BUILDTOP)/include/com_err.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h -kts_util.so kts_util.po $(OUTPRE)kts_util.$(OBJEXT): kts_util.c $(BUILDTOP)/include/krb5.h \ - $(BUILDTOP)/include/profile.h $(BUILDTOP)/include/com_err.h \ - $(SRCTOP)/include/k5-int.h $(BUILDTOP)/include/krb5/osconf.h \ - $(BUILDTOP)/include/krb5/autoconf.h $(SRCTOP)/include/port-sockets.h \ - $(SRCTOP)/include/socket-utils.h $(SRCTOP)/include/krb5/kdb.h \ - ktsrvtab.h - diff --git a/src/lib/krb5/keytab/srvtab/kts_close.c b/src/lib/krb5/keytab/srvtab/kts_close.c deleted file mode 100644 index 6d465242f..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_close.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_close.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * "Close" a file-based keytab and invalidate the id. This means - * free memory hidden in the structures. - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktsrvtab_close(context, id) - krb5_context context; - krb5_keytab id; - /* - * This routine is responsible for freeing all memory allocated - * for this keytab. There are no system resources that need - * to be freed nor are there any open files. - * - * This routine should undo anything done by krb5_ktsrvtab_resolve(). - */ -{ - krb5_xfree(KTFILENAME(id)); - krb5_xfree(id->data); - id->ops = 0; - krb5_xfree(id); - return (0); -} diff --git a/src/lib/krb5/keytab/srvtab/kts_endget.c b/src/lib/krb5/keytab/srvtab/kts_endget.c deleted file mode 100644 index eda5d27ed..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_endget.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_endget.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktsrvtab_end_get() - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktsrvtab_end_get(context, id, cursor) - krb5_context context; - krb5_keytab id; - krb5_kt_cursor *cursor; -{ - krb5_xfree(*cursor); - return krb5_ktsrvint_close(context, id); -} diff --git a/src/lib/krb5/keytab/srvtab/kts_g_ent.c b/src/lib/krb5/keytab/srvtab/kts_g_ent.c deleted file mode 100644 index 023724124..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_g_ent.c +++ /dev/null @@ -1,106 +0,0 @@ -/* - * lib/krb5/keytab/file/kts_g_ent.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This is the get_entry routine for the file based keytab implementation. - * It opens the keytab file, and either retrieves the entry or returns - * an error. - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktsrvtab_get_entry(context, id, principal, kvno, enctype, entry) - krb5_context context; - krb5_keytab id; - krb5_const_principal principal; - krb5_kvno kvno; - krb5_enctype enctype; - krb5_keytab_entry * entry; -{ - krb5_keytab_entry best_entry, ent; - krb5_error_code kerror = 0; - int found_wrong_kvno = 0; - - /* Open the srvtab. */ - if ((kerror = krb5_ktsrvint_open(context, id))) - return(kerror); - - /* srvtab files only have DES_CBC_CRC keys. */ - switch (enctype) { - case ENCTYPE_DES_CBC_CRC: - case ENCTYPE_DES_CBC_MD5: - case ENCTYPE_DES_CBC_MD4: - case ENCTYPE_DES_CBC_RAW: - case IGNORE_ENCTYPE: - break; - default: - return KRB5_KT_NOTFOUND; - } - - best_entry.principal = 0; - best_entry.vno = 0; - best_entry.key.contents = 0; - while ((kerror = krb5_ktsrvint_read_entry(context, id, &ent)) == 0) { - ent.key.enctype = enctype; - if (krb5_principal_compare(context, principal, ent.principal)) { - if (kvno == IGNORE_VNO) { - if (!best_entry.principal || (best_entry.vno < ent.vno)) { - krb5_kt_free_entry(context, &best_entry); - best_entry = ent; - } - } else { - if (ent.vno == kvno) { - best_entry = ent; - break; - } else { - found_wrong_kvno = 1; - } - } - } else { - krb5_kt_free_entry(context, &ent); - } - } - if (kerror == KRB5_KT_END) { - if (best_entry.principal) - kerror = 0; - else if (found_wrong_kvno) - kerror = KRB5_KT_KVNONOTFOUND; - else - kerror = KRB5_KT_NOTFOUND; - } - if (kerror) { - (void) krb5_ktsrvint_close(context, id); - krb5_kt_free_entry(context, &best_entry); - return kerror; - } - if ((kerror = krb5_ktsrvint_close(context, id)) != 0) { - krb5_kt_free_entry(context, &best_entry); - return kerror; - } - *entry = best_entry; - return 0; -} diff --git a/src/lib/krb5/keytab/srvtab/kts_g_name.c b/src/lib/krb5/keytab/srvtab/kts_g_name.c deleted file mode 100644 index 31fc5aa18..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_g_name.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_g_name.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Get the name of the file containing a srvtab-based keytab. - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktsrvtab_get_name(context, id, name, len) - krb5_context context; - krb5_keytab id; - char *name; - unsigned int len; - /* - * This routine returns the name of the name of the file associated with - * this srvtab-based keytab. The name is prefixed with PREFIX:, so that - * trt will happen if the name is passed back to resolve. - */ -{ - memset(name, 0, len); - - if (len < strlen(id->ops->prefix)+2) - return(KRB5_KT_NAME_TOOLONG); - strcpy(name, id->ops->prefix); - name += strlen(id->ops->prefix); - name[0] = ':'; - name++; - len -= strlen(id->ops->prefix)+1; - - if (len < strlen(KTFILENAME(id)+1)) - return(KRB5_KT_NAME_TOOLONG); - strcpy(name, KTFILENAME(id)); - /* strcpy will NUL-terminate the destination */ - - return(0); -} diff --git a/src/lib/krb5/keytab/srvtab/kts_next.c b/src/lib/krb5/keytab/srvtab/kts_next.c deleted file mode 100644 index 15c46e7dd..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_next.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_next.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktsrvtab_get_next() - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktsrvtab_get_next(context, id, entry, cursor) - krb5_context context; - krb5_keytab id; - krb5_keytab_entry *entry; - krb5_kt_cursor *cursor; -{ - long *fileoff = (long *)*cursor; - krb5_keytab_entry cur_entry; - krb5_error_code kerror; - - if (fseek(KTFILEP(id), *fileoff, 0) == -1) - return KRB5_KT_END; - if ((kerror = krb5_ktsrvint_read_entry(context, id, &cur_entry))) - return kerror; - *fileoff = ftell(KTFILEP(id)); - *entry = cur_entry; - return 0; -} diff --git a/src/lib/krb5/keytab/srvtab/kts_ops.c b/src/lib/krb5/keytab/srvtab/kts_ops.c deleted file mode 100644 index d78dcbed1..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_ops.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_ops.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_kts_ops - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -struct _krb5_kt_ops krb5_kts_ops = { - 0, - "SRVTAB", /* Prefix -- this string should not appear anywhere else! */ - krb5_ktsrvtab_resolve, - krb5_ktsrvtab_get_name, - krb5_ktsrvtab_close, - krb5_ktsrvtab_get_entry, - krb5_ktsrvtab_start_seq_get, - krb5_ktsrvtab_get_next, - krb5_ktsrvtab_end_get, - 0, - 0, - 0 -}; diff --git a/src/lib/krb5/keytab/srvtab/kts_resolv.c b/src/lib/krb5/keytab/srvtab/kts_resolv.c deleted file mode 100644 index 2cec72e54..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_resolv.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_resolv.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This is an implementation specific resolver. It returns a keytab id - * initialized with srvtab keytab routines. - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktsrvtab_resolve(context, name, id) - krb5_context context; - const char *name; - krb5_keytab *id; -{ - krb5_ktsrvtab_data *data; - FILE *fp; - - /* Make sure we can open the srvtab file for reading. */ - fp = fopen(name, "r"); - if (!fp) - return(errno); - fclose(fp); - - if ((*id = (krb5_keytab) malloc(sizeof(**id))) == NULL) - return(ENOMEM); - - (*id)->ops = &krb5_kts_ops; - data = (krb5_ktsrvtab_data *)malloc(sizeof(krb5_ktsrvtab_data)); - if (data == NULL) { - krb5_xfree(*id); - return(ENOMEM); - } - - data->name = (char *)malloc(strlen(name) + 1); - if (data->name == NULL) { - krb5_xfree(data); - krb5_xfree(*id); - return(ENOMEM); - } - - (void) strcpy(data->name, name); - data->openf = 0; - - (*id)->data = (krb5_pointer)data; - (*id)->magic = KV5M_KEYTAB; - return(0); -} diff --git a/src/lib/krb5/keytab/srvtab/kts_ssget.c b/src/lib/krb5/keytab/srvtab/kts_ssget.c deleted file mode 100644 index 8c3b812f5..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_ssget.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_ssget.c - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * krb5_ktsrvtab_start_seq_get() - */ - -#include "k5-int.h" -#include "ktsrvtab.h" - -krb5_error_code KRB5_CALLCONV -krb5_ktsrvtab_start_seq_get(context, id, cursorp) - krb5_context context; - krb5_keytab id; - krb5_kt_cursor *cursorp; -{ - krb5_error_code retval; - long *fileoff; - - if ((retval = krb5_ktsrvint_open(context, id))) - return retval; - - if (!(fileoff = (long *)malloc(sizeof(*fileoff)))) { - krb5_ktsrvint_close(context, id); - return ENOMEM; - } - *fileoff = ftell(KTFILEP(id)); - *cursorp = (krb5_kt_cursor)fileoff; - - return 0; -} diff --git a/src/lib/krb5/keytab/srvtab/kts_util.c b/src/lib/krb5/keytab/srvtab/kts_util.c deleted file mode 100644 index fb5fc09e3..000000000 --- a/src/lib/krb5/keytab/srvtab/kts_util.c +++ /dev/null @@ -1,152 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/kts_util.c - * - * Copyright (c) Hewlett-Packard Company 1991 - * Released to the Massachusetts Institute of Technology for inclusion - * in the Kerberos source code distribution. - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This function contains utilities for the srvtab based implementation - * of the keytab. There are no public functions in this file. - */ - -#define NEED_SOCKETS -#include "krb5.h" -#include "k5-int.h" -#include - -#include "ktsrvtab.h" - -#ifdef ANSI_STDIO -#define READ_MODE "rb" -#else -#define READ_MODE "r" -#endif - -/* The maximum sizes for V4 aname, realm, sname, and instance +1 */ -/* Taken from krb.h */ -#define ANAME_SZ 40 -#define REALM_SZ 40 -#define SNAME_SZ 40 -#define INST_SZ 40 - -#ifndef HAVE_ERRNO -extern int errno; -#endif - -static krb5_error_code -read_field(fp, s, len) - FILE *fp; - char *s; - int len; -{ - int c; - - while ((c = getc(fp)) != 0) { - if (c == EOF || len <= 1) - return KRB5_KT_END; - *s = c; - s++; - len--; - } - *s = 0; - return 0; -} - -krb5_error_code -krb5_ktsrvint_open(context, id) - krb5_context context; - krb5_keytab id; -{ - KTFILEP(id) = fopen(KTFILENAME(id), READ_MODE); - if (!KTFILEP(id)) - return errno; - return 0; -} - -krb5_error_code -krb5_ktsrvint_close(context, id) - krb5_context context; - krb5_keytab id; -{ - if (!KTFILEP(id)) - return 0; - (void) fclose(KTFILEP(id)); - KTFILEP(id) = 0; - return 0; -} - -krb5_error_code -krb5_ktsrvint_read_entry(context, id, ret_entry) - krb5_context context; - krb5_keytab id; - krb5_keytab_entry *ret_entry; -{ - FILE *fp; - char name[SNAME_SZ], instance[INST_SZ], realm[REALM_SZ]; - unsigned char key[8]; - int vno; - krb5_error_code kerror; - - /* Read in an entry from the srvtab file. */ - fp = KTFILEP(id); - kerror = read_field(fp, name, sizeof(name)); - if (kerror != 0) - return kerror; - kerror = read_field(fp, instance, sizeof(instance)); - if (kerror != 0) - return kerror; - kerror = read_field(fp, realm, sizeof(realm)); - if (kerror != 0) - return kerror; - vno = getc(fp); - if (vno == EOF) - return KRB5_KT_END; - if (fread(key, 1, sizeof(key), fp) != sizeof(key)) - return KRB5_KT_END; - - /* Fill in ret_entry with the data we read. Everything maps well - * except for the timestamp, which we don't have a value for. For - * now we just set it to 0. */ - memset(ret_entry, 0, sizeof(*ret_entry)); - ret_entry->magic = KV5M_KEYTAB_ENTRY; - kerror = krb5_425_conv_principal(context, name, instance, realm, - &ret_entry->principal); - if (kerror != 0) - return kerror; - ret_entry->vno = vno; - ret_entry->timestamp = 0; - ret_entry->key.enctype = ENCTYPE_DES_CBC_CRC; - ret_entry->key.magic = KV5M_KEYBLOCK; - ret_entry->key.length = sizeof(key); - ret_entry->key.contents = malloc(sizeof(key)); - if (!ret_entry->key.contents) { - krb5_free_principal(context, ret_entry->principal); - return ENOMEM; - } - memcpy(ret_entry->key.contents, key, sizeof(key)); - - return 0; -} diff --git a/src/lib/krb5/keytab/srvtab/ktsrvtab.h b/src/lib/krb5/keytab/srvtab/ktsrvtab.h deleted file mode 100644 index 9f6764d06..000000000 --- a/src/lib/krb5/keytab/srvtab/ktsrvtab.h +++ /dev/null @@ -1,117 +0,0 @@ -/* - * lib/krb5/keytab/srvtab/ktsrvtab.h - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * This header file contains information needed by internal routines - * of the file-based ticket cache implementation. - */ - - -#ifndef KRB5_KTSRVTAB__ -#define KRB5_KTSRVTAB__ - -#include - -/* - * Constants - */ -#define IGNORE_VNO 0 -#define IGNORE_ENCTYPE 0 - -#define KRB5_KT_VNO_1 0x0501 /* krb v5, keytab version 1 (DCE compat) */ -#define KRB5_KT_VNO 0x0502 /* krb v5, keytab version 2 (standard) */ - -#define KRB5_KT_DEFAULT_VNO KRB5_KT_VNO - -/* - * Types - */ -typedef struct _krb5_ktsrvtab_data { - char *name; /* Name of the file */ - FILE *openf; /* open file, if any. */ -} krb5_ktsrvtab_data; - -/* - * Macros - */ -#define KTPRIVATE(id) ((krb5_ktsrvtab_data *)(id)->data) -#define KTFILENAME(id) (((krb5_ktsrvtab_data *)(id)->data)->name) -#define KTFILEP(id) (((krb5_ktsrvtab_data *)(id)->data)->openf) - -extern struct _krb5_kt_ops krb5_kts_ops; - -krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_resolve - (krb5_context, - const char *, - krb5_keytab *); - -krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_get_name - (krb5_context, - krb5_keytab, - char *, - unsigned int); - -krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_close - (krb5_context, - krb5_keytab); - -krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_get_entry - (krb5_context, - krb5_keytab, - krb5_const_principal, - krb5_kvno, - krb5_enctype, - krb5_keytab_entry *); - -krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_start_seq_get - (krb5_context, - krb5_keytab, - krb5_kt_cursor *); - -krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_get_next - (krb5_context, - krb5_keytab, - krb5_keytab_entry *, - krb5_kt_cursor *); - -krb5_error_code KRB5_CALLCONV krb5_ktsrvtab_end_get - (krb5_context, - krb5_keytab, - krb5_kt_cursor *); - -krb5_error_code krb5_ktsrvint_open - (krb5_context, - krb5_keytab); - -krb5_error_code krb5_ktsrvint_close - (krb5_context, - krb5_keytab); - -krb5_error_code krb5_ktsrvint_read_entry - (krb5_context, - krb5_keytab, - krb5_keytab_entry *); - -#endif /* KRB5_KTSRVTAB__ */ -- 2.26.2