From b63a75c40310afc82e4af5372f92bec2e0a4c67e Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Sat, 1 Jul 2000 00:51:58 +0000 Subject: [PATCH] pullup from 1.2-beta4 git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@12497 dc483132-0cff-0310-8789-dd5450dbe970 --- src/kadmin/cli/ChangeLog | 14 + src/kadmin/cli/kadmin.M | 33 +- src/kadmin/cli/kadmin.c | 8 +- src/kadmin/cli/strftime.c | 881 +++++++++++------------ src/kadmin/ktutil/ChangeLog | 5 + src/kadmin/ktutil/ktutil_funcs.c | 4 +- src/kadmin/passwd/ChangeLog | 4 + src/kadmin/passwd/xm_kpasswd.c | 10 +- src/kadmin/server/ChangeLog | 5 + src/kadmin/server/schpw.c | 2 +- src/kadmin/testing/proto/ChangeLog | 10 + src/kadmin/testing/proto/kdc.conf.proto | 5 +- src/kadmin/testing/proto/krb5.conf.proto | 1 + src/kadmin/testing/util/ChangeLog | 5 + src/kadmin/testing/util/tcl_kadm5.c | 3 +- src/kadmin/v4server/ChangeLog | 27 + src/kadmin/v4server/acl_files.c | 67 +- src/kadmin/v4server/admin_server.c | 4 + src/kadmin/v4server/kadm_err.et | 1 + src/kadmin/v4server/kadm_ser_wrap.c | 8 +- src/kadmin/v4server/kadm_server.c | 3 +- src/kadmin/v5passwdd/ChangeLog | 18 + src/kadmin/v5passwdd/kadm5_defs.h | 3 +- src/kadmin/v5passwdd/main.c | 5 +- src/kadmin/v5passwdd/proto_serv.c | 15 +- 25 files changed, 657 insertions(+), 484 deletions(-) diff --git a/src/kadmin/cli/ChangeLog b/src/kadmin/cli/ChangeLog index 322975d38..b8a023d90 100644 --- a/src/kadmin/cli/ChangeLog +++ b/src/kadmin/cli/ChangeLog @@ -1,3 +1,17 @@ +2000-06-09 Tom Yu + + * kadmin.M: Update to reflect new -e and -keepold flags. + +2000-06-06 Ken Raeburn + + * kadmin.c (kadmin_startup): Don't pass keytab_name to printf if + it's NULL. + +2000-05-31 Ken Raeburn + + * strftime.c: Replace with a copy of the one from libkrb5, which + isn't under GPL. + 2000-03-01 Tom Yu * kadmin.c (kadmin_cpw): Initialize ks_tuple to NULL. diff --git a/src/kadmin/cli/kadmin.M b/src/kadmin/cli/kadmin.M index a74874ff9..5acd48b9c 100644 --- a/src/kadmin/cli/kadmin.M +++ b/src/kadmin/cli/kadmin.M @@ -320,6 +320,12 @@ sets the key of the principal to a random value sets the key of the principal to the specified string and does not prompt for a password. Note: using this option in a shell script can be dangerous if unauthorized users gain read access to the script. +.TP +\fB\-e\fP \fI"enc:salt ..."\fP +uses the specified list of enctype\-salttype pairs for setting the key +of the principal. The quotes are necessary if there are multiple +enctype\-salttype pairs. This will not function against kadmin +daemons earlier than krb5\-1.2. .nf .TP EXAMPLE: @@ -372,8 +378,8 @@ KADM5_UNK_PRINC (principal does not exist) modifies the specified principal, changing the fields as specified. The options are as above for .BR add_principal , -except that password changing is forbidden by this command. In -addition, the option +except that password changing and flags related to password changing +are forbidden by this command. In addition, the option .B \-clearpolicy will clear the current policy of a principal. This command requires the .I modify @@ -447,6 +453,18 @@ sets the key of the principal to a random value .TP \fB\-pw\fP \fIpassword\fP set the password to the specified string. Not recommended. +.TP +\fB\-e\fP \fI"enc:salt ..."\fP +uses the specified list of enctype\-salttype pairs for setting the key +of the principal. The quotes are necessary if there are multiple +enctype\-salttype pairs. This will not function against kadmin +daemons earlier than krb5\-1.2. +.TP +\fB\-keepold \fP +Keeps the previous kvno's keys around. There is no +easy way to delete the old keys, and this flag is usually not +necessary except perhaps for TGS keys. Don't use this flag unless you +know what you're doing. .nf .TP EXAMPLE: @@ -664,7 +682,10 @@ kadmin: .RE .fi .TP -\fBktadd\fP [\fB\-k\fP \fIkeytab\fP] [\fB\-q\fP] [\fIprincipal\fP | \fB\-glob\fP \fIprinc-exp\fP] [\fI...\fP] +\fBktadd\fP [\fB\-k\fP \fIkeytab\fP] [\fB\-q\fP] [\fB\-e\fP \fIkeysaltlist\fP] +.br +[\fIprincipal\fP | \fB\-glob\fP \fIprinc-exp\fP] [\fI...\fP] +.br Adds a principal or all principals matching .I princ-exp to a keytab, randomizing each principal's key in the process. Requires the @@ -772,3 +793,9 @@ OpenVision Kerberos administration program. .SH BUGS .PP Command output needs to be cleaned up. + +There is no way to delete a key kept around from a "\-keepold" option +to a password-changing command, other than to do a password change +without the "\-keepold" option, which will of course cause problems if +the key is a TGS key. There will be more powerful key-manipulation +commands in the future. diff --git a/src/kadmin/cli/kadmin.c b/src/kadmin/cli/kadmin.c index 803853230..2b1d8ac93 100644 --- a/src/kadmin/cli/kadmin.c +++ b/src/kadmin/cli/kadmin.c @@ -392,8 +392,12 @@ char *kadmin_startup(argc, argv) KADM5_API_VERSION_2, &handle); } else if (use_keytab) { - printf("Authenticating as principal %s with keytab %s.\n", - princstr, keytab_name); + if (keytab_name) + printf("Authenticating as principal %s with keytab %s.\n", + princstr, keytab_name); + else + printf("Authenticating as principal %s with default keytab.\n", + princstr); retval = kadm5_init_with_skey(princstr, keytab_name, KADM5_ADMIN_SERVICE, ¶ms, diff --git a/src/kadmin/cli/strftime.c b/src/kadmin/cli/strftime.c index 484852a72..6fb621e41 100644 --- a/src/kadmin/cli/strftime.c +++ b/src/kadmin/cli/strftime.c @@ -1,469 +1,464 @@ -/* strftime - custom formatting of date and/or time - Copyright (C) 1989, 1991, 1992 Free Software Foundation, Inc. - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2, or (at your option) - any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ - -/* Note: this version of strftime lacks locale support, - but it is standalone. - - Performs `%' substitutions similar to those in printf. Except - where noted, substituted fields have a fixed size; numeric fields are - padded if necessary. Padding is with zeros by default; for fields - that display a single number, padding can be changed or inhibited by - following the `%' with one of the modifiers described below. Unknown - field specifiers are copied as normal characters. All other - characters are copied to the output without change. - - Supports a superset of the ANSI C field specifiers. - - Literal character fields: - % % - n newline - t tab - - Numeric modifiers (a nonstandard extension): - - do not pad the field - _ pad the field with spaces - - Time fields: - %H hour (00..23) - %I hour (01..12) - %k hour ( 0..23) - %l hour ( 1..12) - %M minute (00..59) - %p locale's AM or PM - %r time, 12-hour (hh:mm:ss [AP]M) - %R time, 24-hour (hh:mm) - %s time in seconds since 00:00:00, Jan 1, 1970 (a nonstandard extension) - %S second (00..61) - %T time, 24-hour (hh:mm:ss) - %X locale's time representation (%H:%M:%S) - %Z time zone (EDT), or nothing if no time zone is determinable - - Date fields: - %a locale's abbreviated weekday name (Sun..Sat) - %A locale's full weekday name, variable length (Sunday..Saturday) - %b locale's abbreviated month name (Jan..Dec) - %B locale's full month name, variable length (January..December) - %c locale's date and time (Sat Nov 04 12:02:33 EST 1989) - %C century (00..99) - %d day of month (01..31) - %e day of month ( 1..31) - %D date (mm/dd/yy) - %h same as %b - %j day of year (001..366) - %m month (01..12) - %U week number of year with Sunday as first day of week (00..53) - %w day of week (0..6) - %W week number of year with Monday as first day of week (00..53) - %x locale's date representation (mm/dd/yy) - %y last two digits of year (00..99) - %Y year (1970...) - - David MacKenzie */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#if defined(TM_IN_SYS_TIME) || (!defined(HAVE_TM_ZONE) && !defined(HAVE_TZNAME)) -#include +/* $NetBSD: strftime.c,v 1.8 1999/02/07 17:33:30 augustss Exp $ */ + +/* + * Copyright (c) 1989 The Regents of the University of California. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if defined(LIBC_SCCS) && !defined(lint) +#if 0 +static char *sccsid = "@(#)strftime.c 5.11 (Berkeley) 2/24/91"; #else -#include -#endif - -#ifndef STDC_HEADERS -time_t mktime (); +__RCSID("$NetBSD: strftime.c,v 1.8 1999/02/07 17:33:30 augustss Exp $"); #endif +#endif /* LIBC_SCCS and not lint */ -#if defined(HAVE_TZNAME) -extern char *tzname[2]; -#endif - -/* Types of padding for numbers in date and time. */ -enum padding -{ - none, blank, zero -}; +#include +#include -static char const* const days[] = -{ - "Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", "Saturday" +/* begin krb5 hack - replace stuff that would come from netbsd libc */ +#undef _CurrentTimeLocale +#define _CurrentTimeLocale (&dummy_locale_info) + +struct dummy_locale_info_t { + char d_t_fmt[15]; + char t_fmt_ampm[12]; + char t_fmt[9]; + char d_fmt[9]; + char day[7][10]; + char abday[7][4]; + char mon[12][10]; + char abmon[12][4]; + char am_pm[2][3]; }; - -static char const * const months[] = -{ - "January", "February", "March", "April", "May", "June", - "July", "August", "September", "October", "November", "December" +static const struct dummy_locale_info_t dummy_locale_info = { + "%a %b %d %X %Y", /* %c */ + "%I:%M:%S %p", /* %r */ + "%H:%M:%S", /* %X */ + "%m/%d/%y", /* %x */ + { "Sunday", "Monday", "Tuesday", "Wednesday", "Thursday", "Friday", + "Saturday" }, + { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" }, + { "January", "February", "March", "April", "May", "June", + "July", "August", "September", "October", "November", "December" }, + { "Jan", "Feb", "Mar", "Apr", "May", "Jun", + "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" }, + { "AM", "PM" }, }; +#undef TM_YEAR_BASE +#define TM_YEAR_BASE 1900 + +#undef DAYSPERLYEAR +#define DAYSPERLYEAR 366 +#undef DAYSPERNYEAR +#define DAYSPERNYEAR 365 +#undef DAYSPERWEEK +#define DAYSPERWEEK 7 +#undef isleap +#define isleap(N) ((N % 4) == 0 && (N % 100 != 0 || N % 400 == 0)) +#undef tzname +#define tzname my_tzname +static const char *const tzname[2] = { 0, 0 }; +#undef tzset +#define tzset() +#undef __P +#define __P(X) X /* we already require ansi c in this tree */ +/* end krb5 hack */ + +static int _add __P((const char *, char **, const char *)); +static int _conv __P((int, int, int, char **, const char *)); +static int _secs __P((const struct tm *, char **, const char *)); +static size_t _fmt __P((const char *, const struct tm *, char **, + const char *)); -/* Add character C to STRING and increment LENGTH, - unless LENGTH would exceed MAX. */ - -#define add_char(c) \ - do \ - { \ - if (length + 1 <= max) \ - string[length++] = (c); \ - } \ - while (0) - -/* Add a 2 digit number to STRING, padding if specified. - Return the number of characters added, up to MAX. */ - -static int -add_num2 (string, num, max, pad) - char *string; - int num; - int max; - enum padding pad; -{ - int top = num / 10; - int length = 0; - - if (top == 0 && pad == blank) - add_char (' '); - else if (top != 0 || pad == zero) - add_char (top + '0'); - add_char (num % 10 + '0'); - return length; -} - -/* Add a 3 digit number to STRING, padding if specified. - Return the number of characters added, up to MAX. */ - -static int -add_num3 (string, num, max, pad) - char *string; - int num; - int max; - enum padding pad; +size_t +strftime(s, maxsize, format, t) + char *s; + size_t maxsize; + const char *format; + const struct tm *t; { - int top = num / 100; - int mid = (num - top * 100) / 10; - int length = 0; - - if (top == 0 && pad == blank) - add_char (' '); - else if (top != 0 || pad == zero) - add_char (top + '0'); - if (mid == 0 && top == 0 && pad == blank) - add_char (' '); - else if (mid != 0 || top != 0 || pad == zero) - add_char (mid + '0'); - add_char (num % 10 + '0'); - return length; + char *pt; + + tzset(); + if (maxsize < 1) + return (0); + + pt = s; + if (_fmt(format, t, &pt, s + maxsize)) { + *pt = '\0'; + return (pt - s); + } else + return (0); } -/* Like strncpy except return the number of characters copied. */ - -static int -add_str (to, from, max) - char *to; - const char *from; - int max; +#define SUN_WEEK(t) (((t)->tm_yday + 7 - \ + ((t)->tm_wday)) / 7) +#define MON_WEEK(t) (((t)->tm_yday + 7 - \ + ((t)->tm_wday ? (t)->tm_wday - 1 : 6)) / 7) + +static size_t +_fmt(format, t, pt, ptlim) + const char *format; + const struct tm *t; + char **pt; + const char * const ptlim; { - int i; - - for (i = 0; from[i] && i <= max; ++i) - to[i] = from[i]; - return i; + for (; *format; ++format) { + if (*format == '%') { + ++format; + if (*format == 'E') { + /* Alternate Era */ + ++format; + } else if (*format == 'O') { + /* Alternate numeric symbols */ + ++format; + } + switch (*format) { + case '\0': + --format; + break; + case 'A': + if (t->tm_wday < 0 || t->tm_wday > 6) + return (0); + if (!_add(_CurrentTimeLocale->day[t->tm_wday], + pt, ptlim)) + return (0); + continue; + + case 'a': + if (t->tm_wday < 0 || t->tm_wday > 6) + return (0); + if (!_add(_CurrentTimeLocale->abday[t->tm_wday], + pt, ptlim)) + return (0); + continue; + case 'B': + if (t->tm_mon < 0 || t->tm_mon > 11) + return (0); + if (!_add(_CurrentTimeLocale->mon[t->tm_mon], + pt, ptlim)) + return (0); + continue; + case 'b': + case 'h': + if (t->tm_mon < 0 || t->tm_mon > 11) + return (0); + if (!_add(_CurrentTimeLocale->abmon[t->tm_mon], + pt, ptlim)) + return (0); + continue; + case 'C': + if (!_conv((t->tm_year + TM_YEAR_BASE) / 100, + 2, '0', pt, ptlim)) + return (0); + continue; + case 'c': + if (!_fmt(_CurrentTimeLocale->d_t_fmt, t, pt, + ptlim)) + return (0); + continue; + case 'D': + if (!_fmt("%m/%d/%y", t, pt, ptlim)) + return (0); + continue; + case 'd': + if (!_conv(t->tm_mday, 2, '0', pt, ptlim)) + return (0); + continue; + case 'e': + if (!_conv(t->tm_mday, 2, ' ', pt, ptlim)) + return (0); + continue; + case 'H': + if (!_conv(t->tm_hour, 2, '0', pt, ptlim)) + return (0); + continue; + case 'I': + if (!_conv(t->tm_hour % 12 ? + t->tm_hour % 12 : 12, 2, '0', pt, ptlim)) + return (0); + continue; + case 'j': + if (!_conv(t->tm_yday + 1, 3, '0', pt, ptlim)) + return (0); + continue; + case 'k': + if (!_conv(t->tm_hour, 2, ' ', pt, ptlim)) + return (0); + continue; + case 'l': + if (!_conv(t->tm_hour % 12 ? + t->tm_hour % 12: 12, 2, ' ', pt, ptlim)) + return (0); + continue; + case 'M': + if (!_conv(t->tm_min, 2, '0', pt, ptlim)) + return (0); + continue; + case 'm': + if (!_conv(t->tm_mon + 1, 2, '0', pt, ptlim)) + return (0); + continue; + case 'n': + if (!_add("\n", pt, ptlim)) + return (0); + continue; + case 'p': + if (!_add(_CurrentTimeLocale->am_pm[t->tm_hour + >= 12], pt, ptlim)) + return (0); + continue; + case 'R': + if (!_fmt("%H:%M", t, pt, ptlim)) + return (0); + continue; + case 'r': + if (!_fmt(_CurrentTimeLocale->t_fmt_ampm, t, pt, + ptlim)) + return (0); + continue; + case 'S': + if (!_conv(t->tm_sec, 2, '0', pt, ptlim)) + return (0); + continue; + case 's': + if (!_secs(t, pt, ptlim)) + return (0); + continue; + case 'T': + if (!_fmt("%H:%M:%S", t, pt, ptlim)) + return (0); + continue; + case 't': + if (!_add("\t", pt, ptlim)) + return (0); + continue; + case 'U': + if (!_conv(SUN_WEEK(t), 2, '0', pt, ptlim)) + return (0); + continue; + case 'u': + if (!_conv(t->tm_wday ? t->tm_wday : 7, 1, '0', + pt, ptlim)) + return (0); + continue; + case 'V': /* ISO 8601 week number */ + case 'G': /* ISO 8601 year (four digits) */ + case 'g': /* ISO 8601 year (two digits) */ +/* +** From Arnold Robbins' strftime version 3.0: "the week number of the +** year (the first Monday as the first day of week 1) as a decimal number +** (01-53)." +** (ado, 1993-05-24) +** +** From "http://www.ft.uni-erlangen.de/~mskuhn/iso-time.html" by Markus Kuhn: +** "Week 01 of a year is per definition the first week which has the +** Thursday in this year, which is equivalent to the week which contains +** the fourth day of January. In other words, the first week of a new year +** is the week which has the majority of its days in the new year. Week 01 +** might also contain days from the previous year and the week before week +** 01 of a year is the last week (52 or 53) of the previous year even if +** it contains days from the new year. A week starts with Monday (day 1) +** and ends with Sunday (day 7). For example, the first week of the year +** 1997 lasts from 1996-12-30 to 1997-01-05..." +** (ado, 1996-01-02) +*/ + { + int year; + int yday; + int wday; + int w; + + year = t->tm_year + TM_YEAR_BASE; + yday = t->tm_yday; + wday = t->tm_wday; + for ( ; ; ) { + int len; + int bot; + int top; + + len = isleap(year) ? + DAYSPERLYEAR : + DAYSPERNYEAR; + /* + ** What yday (-3 ... 3) does + ** the ISO year begin on? + */ + bot = ((yday + 11 - wday) % + DAYSPERWEEK) - 3; + /* + ** What yday does the NEXT + ** ISO year begin on? + */ + top = bot - + (len % DAYSPERWEEK); + if (top < -3) + top += DAYSPERWEEK; + top += len; + if (yday >= top) { + ++year; + w = 1; + break; + } + if (yday >= bot) { + w = 1 + ((yday - bot) / + DAYSPERWEEK); + break; + } + --year; + yday += isleap(year) ? + DAYSPERLYEAR : + DAYSPERNYEAR; + } +#ifdef XPG4_1994_04_09 + if ((w == 52 + && t->tm_mon == TM_JANUARY) + || (w == 1 + && t->tm_mon == TM_DECEMBER)) + w = 53; +#endif /* defined XPG4_1994_04_09 */ + if (*format == 'V') { + if (!_conv(w, 2, '0', + pt, ptlim)) + return (0); + } else if (*format == 'g') { + if (!_conv(year % 100, 2, '0', + pt, ptlim)) + return (0); + } else if (!_conv(year, 4, '0', + pt, ptlim)) + return (0); + } + continue; + case 'W': + if (!_conv(MON_WEEK(t), 2, '0', pt, ptlim)) + return (0); + continue; + case 'w': + if (!_conv(t->tm_wday, 1, '0', pt, ptlim)) + return (0); + continue; + case 'x': + if (!_fmt(_CurrentTimeLocale->d_fmt, t, pt, + ptlim)) + return (0); + continue; + case 'X': + if (!_fmt(_CurrentTimeLocale->t_fmt, t, pt, + ptlim)) + return (0); + continue; + case 'y': + if (!_conv((t->tm_year + TM_YEAR_BASE) % 100, + 2, '0', pt, ptlim)) + return (0); + continue; + case 'Y': + if (!_conv((t->tm_year + TM_YEAR_BASE), 4, '0', + pt, ptlim)) + return (0); + continue; + case 'Z': + if (tzname[t->tm_isdst ? 1 : 0] && + !_add(tzname[t->tm_isdst ? 1 : 0], pt, + ptlim)) + return (0); + continue; + case '%': + /* + * X311J/88-090 (4.12.3.5): if conversion char is + * undefined, behavior is undefined. Print out the + * character itself as printf(3) does. + */ + default: + break; + } + } + if (*pt == ptlim) + return (0); + *(*pt)++ = *format; + } + return (ptlim - *pt); } static int -add_num_time_t (string, max, num) - char *string; - int max; - time_t num; +_secs(t, pt, ptlim) + const struct tm *t; + char **pt; + const char * const ptlim; { - /* This buffer is large enough to hold the character representation - (including the trailing NUL) of any unsigned decimal quantity - whose binary representation fits in 128 bits. */ - char buf[40]; - int length; - - if (sizeof (num) > 16) - abort (); - sprintf (buf, "%lu", (unsigned long) num); - length = add_str (string, buf, max); - return length; + char buf[15]; + time_t s; + char *p; + struct tm tmp; + + buf[sizeof (buf) - 1] = '\0'; + /* Make a copy, mktime(3) modifies the tm struct. */ + tmp = *t; + s = mktime(&tmp); + for (p = buf + sizeof(buf) - 2; s > 0 && p > buf; s /= 10) + *p-- = (char)(s % 10 + '0'); + return (_add(++p, pt, ptlim)); } -/* Return the week in the year of the time in TM, with the weeks - starting on Sundays. */ - static int -sun_week (tm) - struct tm *tm; +_conv(n, digits, pad, pt, ptlim) + int n, digits; + int pad; + char **pt; + const char * const ptlim; { - int dl; - - /* Set `dl' to the day in the year of the last day of the week previous - to the one containing the day specified in TM. If the day specified - in TM is in the first week of the year, `dl' will be negative or 0. - Otherwise, calculate the number of complete weeks before our week - (dl / 7) and add any partial week at the start of the year (dl % 7). */ - dl = tm->tm_yday - tm->tm_wday; - return dl <= 0 ? 0 : dl / 7 + (dl % 7 != 0); + char buf[10]; + char *p; + + buf[sizeof (buf) - 1] = '\0'; + for (p = buf + sizeof(buf) - 2; n > 0 && p > buf; n /= 10, --digits) + *p-- = n % 10 + '0'; + while (p > buf && digits-- > 0) + *p-- = pad; + return (_add(++p, pt, ptlim)); } -/* Return the week in the year of the time in TM, with the weeks - starting on Mondays. */ - static int -mon_week (tm) - struct tm *tm; -{ - int dl, wday; - - if (tm->tm_wday == 0) - wday = 6; - else - wday = tm->tm_wday - 1; - dl = tm->tm_yday - wday; - return dl <= 0 ? 0 : dl / 7 + (dl % 7 != 0); -} - -#if !defined(HAVE_TM_ZONE) && !defined(HAVE_TZNAME) -char * -zone_name (tp) - struct tm *tp; +_add(str, pt, ptlim) + const char *str; + char **pt; + const char * const ptlim; { - char *timezone (); - struct timeval tv; - struct timezone tz; - - gettimeofday (&tv, &tz); - return timezone (tz.tz_minuteswest, tp->tm_isdst); -} -#endif - -/* Format the time given in TM according to FORMAT, and put the - results in STRING. - Return the number of characters (not including terminating null) - that were put into STRING, or 0 if the length would have - exceeded MAX. */ - -size_t -strftime (string, max, format, tm) - char *string; - size_t max; - const char *format; - const struct tm *tm; -{ - enum padding pad; /* Type of padding to apply. */ - size_t length = 0; /* Characters put in STRING so far. */ - - for (; *format && length < max; ++format) - { - if (*format != '%') - add_char (*format); - else - { - ++format; - /* Modifiers: */ - if (*format == '-') - { - pad = none; - ++format; - } - else if (*format == '_') - { - pad = blank; - ++format; - } - else - pad = zero; - - switch (*format) - { - /* Literal character fields: */ - case 0: - case '%': - add_char ('%'); - break; - case 'n': - add_char ('\n'); - break; - case 't': - add_char ('\t'); - break; - default: - add_char (*format); - break; - - /* Time fields: */ - case 'H': - case 'k': - length += - add_num2 (&string[length], tm->tm_hour, max - length, - *format == 'H' ? pad : blank); - break; - case 'I': - case 'l': - { - int hour12; - - if (tm->tm_hour == 0) - hour12 = 12; - else if (tm->tm_hour > 12) - hour12 = tm->tm_hour - 12; - else - hour12 = tm->tm_hour; - length += - add_num2 (&string[length], hour12, max - length, - *format == 'I' ? pad : blank); - } - break; - case 'M': - length += - add_num2 (&string[length], tm->tm_min, max - length, pad); - break; - case 'p': - if (tm->tm_hour < 12) - add_char ('A'); - else - add_char ('P'); - add_char ('M'); - break; - case 'r': - length += - strftime (&string[length], max - length, "%I:%M:%S %p", tm); - break; - case 'R': - length += - strftime (&string[length], max - length, "%H:%M", tm); - break; - - case 's': - { - struct tm writable_tm; - writable_tm = *tm; - length += add_num_time_t (&string[length], max - length, - mktime (&writable_tm)); - } - break; - - case 'S': - length += - add_num2 (&string[length], tm->tm_sec, max - length, pad); - break; - case 'T': - length += - strftime (&string[length], max - length, "%H:%M:%S", tm); - break; - case 'X': - length += - strftime (&string[length], max - length, "%H:%M:%S", tm); - break; - case 'Z': -#ifdef HAVE_TM_ZONE - length += add_str (&string[length], tm->tm_zone, max - length); -#else -#ifdef HAVE_TZNAME - if (tm->tm_isdst && tzname[1] && *tzname[1]) - length += add_str (&string[length], tzname[1], max - length); - else - length += add_str (&string[length], tzname[0], max - length); -#else - length += add_str (&string[length], zone_name (tm), max - length); -#endif -#endif - break; - /* Date fields: */ - case 'a': - add_char (days[tm->tm_wday][0]); - add_char (days[tm->tm_wday][1]); - add_char (days[tm->tm_wday][2]); - break; - case 'A': - length += - add_str (&string[length], days[tm->tm_wday], max - length); - break; - case 'b': - case 'h': - add_char (months[tm->tm_mon][0]); - add_char (months[tm->tm_mon][1]); - add_char (months[tm->tm_mon][2]); - break; - case 'B': - length += - add_str (&string[length], months[tm->tm_mon], max - length); - break; - case 'c': - length += - strftime (&string[length], max - length, - "%a %b %d %H:%M:%S %Z %Y", tm); - break; - case 'C': - length += - add_num2 (&string[length], (tm->tm_year + 1900) / 100, - max - length, pad); - break; - case 'd': - length += - add_num2 (&string[length], tm->tm_mday, max - length, pad); - break; - case 'e': - length += - add_num2 (&string[length], tm->tm_mday, max - length, blank); - break; - case 'D': - length += - strftime (&string[length], max - length, "%m/%d/%y", tm); - break; - case 'j': - length += - add_num3 (&string[length], tm->tm_yday + 1, max - length, pad); - break; - case 'm': - length += - add_num2 (&string[length], tm->tm_mon + 1, max - length, pad); - break; - case 'U': - length += - add_num2 (&string[length], sun_week (tm), max - length, pad); - break; - case 'w': - add_char (tm->tm_wday + '0'); - break; - case 'W': - length += - add_num2 (&string[length], mon_week (tm), max - length, pad); - break; - case 'x': - length += - strftime (&string[length], max - length, "%m/%d/%y", tm); - break; - case 'y': - length += - add_num2 (&string[length], tm->tm_year % 100, - max - length, pad); - break; - case 'Y': - add_char ((tm->tm_year + 1900) / 1000 + '0'); - length += - add_num3 (&string[length], - (1900 + tm->tm_year) % 1000, max - length, zero); - break; - } + for (;; ++(*pt)) { + if (*pt == ptlim) + return (0); + if ((**pt = *str++) == '\0') + return (1); } - } - add_char (0); - return length - 1; } diff --git a/src/kadmin/ktutil/ChangeLog b/src/kadmin/ktutil/ChangeLog index 28441814c..3fa16b2bf 100644 --- a/src/kadmin/ktutil/ChangeLog +++ b/src/kadmin/ktutil/ChangeLog @@ -1,3 +1,8 @@ +2000-05-19 Ken Raeburn + + * ktutil_funcs.c (ktutil_write_keytab): Reject a filename that's + too long. + 1999-10-26 Wilfredo Sanchez * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, diff --git a/src/kadmin/ktutil/ktutil_funcs.c b/src/kadmin/ktutil/ktutil_funcs.c index d4c0ce95b..c39173fe7 100644 --- a/src/kadmin/ktutil/ktutil_funcs.c +++ b/src/kadmin/ktutil/ktutil_funcs.c @@ -317,7 +317,9 @@ krb5_error_code ktutil_write_keytab(context, list, name) krb5_error_code retval = 0; strcpy(ktname, "WRFILE:"); - strncat(ktname, name, MAXPATHLEN); + if (strlen (name) >= MAXPATHLEN) + return ENAMETOOLONG; + strncat (ktname, name, MAXPATHLEN); retval = krb5_kt_resolve(context, ktname, &kt); if (retval) return retval; diff --git a/src/kadmin/passwd/ChangeLog b/src/kadmin/passwd/ChangeLog index 1334d2378..cb9d7382f 100644 --- a/src/kadmin/passwd/ChangeLog +++ b/src/kadmin/passwd/ChangeLog @@ -1,3 +1,7 @@ +2000-05-08 Nalin Dahyabhai + + * xm_kpasswd.c (motif_com_err): Don't overflow buffer "buf". + 1999-10-26 Wilfredo Sanchez * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, diff --git a/src/kadmin/passwd/xm_kpasswd.c b/src/kadmin/passwd/xm_kpasswd.c index 0db1111c6..4232e3baf 100644 --- a/src/kadmin/passwd/xm_kpasswd.c +++ b/src/kadmin/passwd/xm_kpasswd.c @@ -111,13 +111,15 @@ motif_com_err (whoami, code, fmt, args) if (whoami) { - strcpy(buf, whoami); - strcat(buf, ": "); + strncpy(buf, whoami, sizeof(buf) - 1); + buf[sizeof(buf) - 1] = '\0'; + strncat(buf, ": ", sizeof(buf) - 1 - strlen(buf)); } if (code) { - strcat(buf, error_message(code)); - strcat(buf, " "); + buf[sizeof(buf) - 1] = '\0'; + strncat(buf, error_message(code), sizeof(buf) - 1 - strlen(buf)); + strncat(buf, " ", sizeof(buf) - 1 - strlen(buf)); } if (fmt) { diff --git a/src/kadmin/server/ChangeLog b/src/kadmin/server/ChangeLog index cbf49a162..d1548c87f 100644 --- a/src/kadmin/server/ChangeLog +++ b/src/kadmin/server/ChangeLog @@ -1,3 +1,8 @@ +2000-06-29 Tom Yu + + * schpw.c (process_chpw_request): Add new argument to call to + chpass_principal_util() + 2000-05-31 Wilfredo Sanchez * kadm_rpc_svc.c: Check for existance of . diff --git a/src/kadmin/server/schpw.c b/src/kadmin/server/schpw.c index f246571f8..9de81160b 100644 --- a/src/kadmin/server/schpw.c +++ b/src/kadmin/server/schpw.c @@ -229,7 +229,7 @@ process_chpw_request(context, server_handle, realm, s, keytab, sin, req, rep) ptr[clear.length] = '\0'; ret = kadm5_chpass_principal_util(server_handle, ticket->enc_part2->client, - ptr, NULL, strresult); + ptr, NULL, strresult, sizeof(strresult)); /* zap the password */ memset(clear.data, 0, clear.length); diff --git a/src/kadmin/testing/proto/ChangeLog b/src/kadmin/testing/proto/ChangeLog index e1fedafaa..a69cf3003 100644 --- a/src/kadmin/testing/proto/ChangeLog +++ b/src/kadmin/testing/proto/ChangeLog @@ -1,3 +1,13 @@ +2000-05-31 Ken Raeburn + + * kdc.conf.proto: Use des3 master key. + +2000-05-09 Ken Raeburn + + * krb5.conf.proto: Set dns_fallback=no. + + * kdc.conf.proto: Add des3 to supported_enctypes. + Wed Jan 21 12:44:25 1998 Ezra Peisach * kdc.conf.proto: Add kpasswd_port line so kadmind can start as diff --git a/src/kadmin/testing/proto/kdc.conf.proto b/src/kadmin/testing/proto/kdc.conf.proto index 69d604106..6f9edeb5b 100644 --- a/src/kadmin/testing/proto/kdc.conf.proto +++ b/src/kadmin/testing/proto/kdc.conf.proto @@ -11,7 +11,6 @@ dict_file = __K5ROOT__/ovsec_adm.dict kadmind_port = 1751 kpasswd_port = 1752 - master_key_type = des-cbc-crc - supported_enctypes = des-cbc-crc:normal des-cbc-crc:v4 des-cbc-md5:normal des-cbc-raw:normal + master_key_type = des3-hmac-sha1 + supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-md5:normal des-cbc-raw:normal } - diff --git a/src/kadmin/testing/proto/krb5.conf.proto b/src/kadmin/testing/proto/krb5.conf.proto index a06381570..5521267c7 100644 --- a/src/kadmin/testing/proto/krb5.conf.proto +++ b/src/kadmin/testing/proto/krb5.conf.proto @@ -1,6 +1,7 @@ [libdefaults] default_realm = __REALM__ default_keytab_name = FILE:__K5ROOT__/v5srvtab + dns_fallback = no [realms] __REALM__ = { diff --git a/src/kadmin/testing/util/ChangeLog b/src/kadmin/testing/util/ChangeLog index bf09ba92a..6b0e5db12 100644 --- a/src/kadmin/testing/util/ChangeLog +++ b/src/kadmin/testing/util/ChangeLog @@ -1,3 +1,8 @@ +2000-05-23 Tom Yu + + * tcl_kadm5.c (tcl_kadm5_chpass_principal_util): Add new argument + to call to chpass_principal_util(). + 1999-10-26 Wilfredo Sanchez * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, diff --git a/src/kadmin/testing/util/tcl_kadm5.c b/src/kadmin/testing/util/tcl_kadm5.c index c334850f2..5d0a62bc2 100644 --- a/src/kadmin/testing/util/tcl_kadm5.c +++ b/src/kadmin/testing/util/tcl_kadm5.c @@ -1965,7 +1965,8 @@ int tcl_kadm5_chpass_principal_util(ClientData clientData, override_qual, #endif pw_ret_var ? &pw_ret : 0, - msg_ret_var ? msg_ret : 0); + msg_ret_var ? msg_ret : 0, + msg_ret_var ? sizeof(msg_ret) : 0); if (ret == KADM5_OK) { if (pw_ret_var && diff --git a/src/kadmin/v4server/ChangeLog b/src/kadmin/v4server/ChangeLog index 936fcca9a..76b2bd49e 100644 --- a/src/kadmin/v4server/ChangeLog +++ b/src/kadmin/v4server/ChangeLog @@ -1,3 +1,30 @@ +2000-05-23 Ken Raeburn + + * admin_server.c (main, case 'r'): Reject realm name that's too + long. + + * acl_files.c (acl_load): Return error if name too long. + + * kadm_err.et (KADM_REALM_TOO_LONG): New error code. + * kadm_ser_wrap.c (kadm_ser_init): Return it instead of truncating + a too-long realm name. + +2000-05-23 Nalin Dahyabhai + + * acl_files.c (acl_canonicalize_principal): If the principal name + would be too long, return a zero-length string to mark it as invalid. + (acl_load): Don't add the principal to the hash if it's invalid. + (acl_add): Don't check the principal if it's invalid. + (acl_delete): Don't try to delete the principal if it's invalid. + + * kadm_ser_wrap.c (kadm_ser_init): Truncate "server_parm.krbrlm" + if "realm" is too long. + +2000-05-23 Tom Yu + + * kadm_server.c (kadm_ser_cpw): Add new arg to call to + chpass_principal_util(). + 1999-10-26 Wilfredo Sanchez * Makefile.in: Clean up usage of CFLAGS, CPPFLAGS, DEFS, DEFINES, diff --git a/src/kadmin/v4server/acl_files.c b/src/kadmin/v4server/acl_files.c index 22a0007de..3e3bbe6d9 100644 --- a/src/kadmin/v4server/acl_files.c +++ b/src/kadmin/v4server/acl_files.c @@ -69,7 +69,8 @@ void acl_canonicalize_principal(principal, canon) char *principal; char *canon; { - char *dot, *atsign, *end; + char *dot, *atsign, *end, *canon_save = canon; + char realm[REALM_SZ]; int len; dot = strchr(principal, INST_SEP); @@ -94,18 +95,33 @@ char *canon; /* Get the principal name */ len = MIN(ANAME_SZ, COR(dot, COR(atsign, end)) - principal); - strncpy(canon, principal, len); - canon += len; + if(canon + len < canon_save + MAX_PRINCIPAL_SIZE) { + strncpy(canon, principal, len); + canon += len; + } else { + strcpy(canon, ""); + return; + } /* Add INST_SEP */ - *canon++ = INST_SEP; + if(canon + 1 < canon_save + MAX_PRINCIPAL_SIZE) { + *canon++ = INST_SEP; + } else { + strcpy(canon, ""); + return; + } /* Get the instance, if it exists */ if(dot != NULL) { ++dot; len = MIN(INST_SZ, COR(atsign, end) - dot); - strncpy(canon, dot, len); - canon += len; + if(canon + len < canon_save + MAX_PRINCIPAL_SIZE) { + strncpy(canon, dot, len); + canon += len; + } else { + strcpy(canon, ""); + return; + } } /* Add REALM_SEP */ @@ -116,11 +132,21 @@ char *canon; if(atsign != NULL) { ++atsign; len = MIN(REALM_SZ, end - atsign); - strncpy(canon, atsign, len); - canon += len; - *canon++ = '\0'; - } else if(krb_get_lrealm(canon, 1) != KSUCCESS) { - strcpy(canon, KRB_REALM); + if(canon + len + 1 < canon_save + MAX_PRINCIPAL_SIZE) { + strncpy(canon, atsign, len); + canon += len; + *canon++ = '\0'; + } else { + strcpy(canon, ""); + return; + } + } else if(krb_get_lrealm(realm, 1) != KSUCCESS) { + if(canon + strlen(realm) < canon_save + MAX_PRINCIPAL_SIZE) { + strcpy(canon, KRB_REALM); + } else { + strcpy(canon, ""); + return; + } } } @@ -399,7 +425,11 @@ char *name; } /* Set up the acl */ - strcpy(acl_cache[i].filename, name); + if (strlen (name) >= sizeof (acl_cache[i].filename) - 1) { + return -1; + } + strncpy(acl_cache[i].filename, name, sizeof(acl_cache[i].filename) - 1); + acl_cache[i].filename[sizeof(acl_cache[i].filename) - 1] = '\0'; if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); /* Force reload */ acl_cache[i].acl = (struct hashtbl *) 0; @@ -426,7 +456,9 @@ char *name; while(fgets(buf, sizeof(buf), f) != NULL) { nuke_whitespace(buf); acl_canonicalize_principal(buf, canon); - add_hash(acl_cache[i].acl, canon); + if(strlen(canon) > 0) { + add_hash(acl_cache[i].acl, canon); + } } fclose(f); acl_cache[i].status = s; @@ -459,6 +491,9 @@ char *principal; acl_canonicalize_principal(principal, canon); + /* Is it an invalid principal name? */ + if(strlen(canon) == 0) return(0); + /* Is it there? */ if(acl_exact_match(acl, canon)) return(1); @@ -489,6 +524,9 @@ char *principal; acl_canonicalize_principal(principal, canon); + /* Is it an invalid principal name? */ + if(strlen(canon) == 0) return(-1); + if((new = acl_lock_file(acl)) == NULL) return(-1); if((acl_exact_match(acl, canon)) || (idx = acl_load(acl)) < 0) { @@ -523,6 +561,9 @@ char *principal; acl_canonicalize_principal(principal, canon); + /* Is it an invalid principal name? */ + if(strlen(canon) == 0) return(-1); + if((new = acl_lock_file(acl)) == NULL) return(-1); if((!acl_exact_match(acl, canon)) || (idx = acl_load(acl)) < 0) { diff --git a/src/kadmin/v4server/admin_server.c b/src/kadmin/v4server/admin_server.c index 90bf087c9..cd8742dea 100644 --- a/src/kadmin/v4server/admin_server.c +++ b/src/kadmin/v4server/admin_server.c @@ -149,6 +149,10 @@ char *argv[]; fascist_cpw = 0; break; case 'r': + if (strlen (optarg) + 1 > REALM_SZ) { + com_err(argv[0], 0, "realm name `%s' too long", optarg); + exit(1); + } (void) strncpy(krbrlm, optarg, sizeof(krbrlm) - 1); break; case 'k': diff --git a/src/kadmin/v4server/kadm_err.et b/src/kadmin/v4server/kadm_err.et index a19273083..07ab9da4b 100644 --- a/src/kadmin/v4server/kadm_err.et +++ b/src/kadmin/v4server/kadm_err.et @@ -54,4 +54,5 @@ ec KADM_INSECURE_PW, "Insecure password rejected" ec KADM_PW_MISMATCH, "Cleartext password and DES key did not match" ec KADM_NOT_SERV_PRINC, "Invalid principal for change srvtab request" +ec KADM_REALM_TOO_LONG, "Realm name too long" end diff --git a/src/kadmin/v4server/kadm_ser_wrap.c b/src/kadmin/v4server/kadm_ser_wrap.c index bca814d07..42d27aa46 100644 --- a/src/kadmin/v4server/kadm_ser_wrap.c +++ b/src/kadmin/v4server/kadm_ser_wrap.c @@ -47,7 +47,7 @@ kadm_ser_init(inter, realm, params) kadm_ser_init(inter, realm) int inter; /* interactive or from file */ char realm[]; -#endif +#endif { struct servent *sep; struct hostent *hp; @@ -64,7 +64,11 @@ kadm_ser_init(inter, realm) (void) strcpy(server_parm.sname, PWSERV_NAME); (void) strcpy(server_parm.sinst, KRB_MASTER); - (void) strcpy(server_parm.krbrlm, realm); + if (strlen (realm) > REALM_SZ) + return KADM_REALM_TOO_LONG; + (void) strncpy(server_parm.krbrlm, realm, sizeof(server_parm.krbrlm)-1); + server_parm.krbrlm[sizeof(server_parm.krbrlm) - 1] = '\0'; + if (krb5_425_conv_principal(kadm_context, server_parm.sname, server_parm.sinst, server_parm.krbrlm, &server_parm.sprinc)) diff --git a/src/kadmin/v4server/kadm_server.c b/src/kadmin/v4server/kadm_server.c index 687259bf5..886620f31 100644 --- a/src/kadmin/v4server/kadm_server.c +++ b/src/kadmin/v4server/kadm_server.c @@ -309,7 +309,8 @@ int *outlen; *msg_ret = '\0'; } else { retval = kadm5_chpass_principal_util(kadm5_handle, user_princ, - pword, NULL, msg_ret); + pword, NULL, msg_ret, + sizeof(msg_ret)); msg_ptr = msg_ret; } (void) krb5_free_principal(kadm_context, user_princ); diff --git a/src/kadmin/v5passwdd/ChangeLog b/src/kadmin/v5passwdd/ChangeLog index 74cdfe288..b3bf6d713 100644 --- a/src/kadmin/v5passwdd/ChangeLog +++ b/src/kadmin/v5passwdd/ChangeLog @@ -1,3 +1,21 @@ +2000-05-24 Ken Raeburn + Ezra Peisach + + * proto_serv.c (proto_serv): Don't overflow err_str. Pass data + pointer and not a krb5_data to sprintf. Remove unused variable + adm_errmsg. Remove unused label done. Declare variable + mime_setting only if MIME_SUPPORTED is defined. Make variables + db_opened and kret volatile. + (proto_fmt_reply_msg): Unused variable deleted. + +2000-05-23 Tom Yu + + * kadm5_defs.h: Add argument for length of error string. + + * main.c (pwd_change): Add argument for length of error string. + + * proto_serv.c (proto_serv): Fix up call to pwd_change(). + 2000-02-28 Ezra Peisach * proto_serv.c (proto_serv): For error return,strdup the returned diff --git a/src/kadmin/v5passwdd/kadm5_defs.h b/src/kadmin/v5passwdd/kadm5_defs.h index 08650bd83..17ec2e595 100644 --- a/src/kadmin/v5passwdd/kadm5_defs.h +++ b/src/kadmin/v5passwdd/kadm5_defs.h @@ -259,7 +259,8 @@ krb5_int32 pwd_change krb5_ticket *, krb5_data *, krb5_data *, - char [])); + char [], + int)); #if 0 diff --git a/src/kadmin/v5passwdd/main.c b/src/kadmin/v5passwdd/main.c index a9b381ed0..cec5bf821 100644 --- a/src/kadmin/v5passwdd/main.c +++ b/src/kadmin/v5passwdd/main.c @@ -230,7 +230,7 @@ krb5_error_code key_close_db(krb5_context context) krb5_int32 pwd_change(kcontext, debug_level, auth_context, ticket, - olddata, newdata, err_str) + olddata, newdata, err_str, err_str_len) krb5_context kcontext; int debug_level; krb5_auth_context auth_context; @@ -238,6 +238,7 @@ pwd_change(kcontext, debug_level, auth_context, ticket, krb5_data *olddata; krb5_data *newdata; char err_str[]; + int err_str_len; { kadm5_ret_t ret; krb5_int32 now; @@ -301,7 +302,7 @@ pwd_change(kcontext, debug_level, auth_context, ticket, principal, newdata->data, NULL, - err_str)) + err_str, err_str_len)) return(KRB5_ADM_PW_UNACCEPT); return(KRB5_ADM_SUCCESS); diff --git a/src/kadmin/v5passwdd/proto_serv.c b/src/kadmin/v5passwdd/proto_serv.c index 413c5efe8..419f8611d 100644 --- a/src/kadmin/v5passwdd/proto_serv.c +++ b/src/kadmin/v5passwdd/proto_serv.c @@ -52,7 +52,6 @@ static const char *proto_rd_cmd_msg = "\004%d: cannot read administrative protoc static const char *proto_db_open_msg = "\004%d: cannot open database"; static const char *proto_db_close_msg = "\004%d: cannot close database"; static const char *proto_wr_reply_msg = "\004%d: cannot write administrative protocol reply"; -static const char *proto_fmt_reply_msg = "\004%d: cannot format administrative protocol reply"; extern char *programname; static int proto_proto_timeout = -1; @@ -109,7 +108,7 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p) void *sv_p; void *cl_p; { - krb5_error_code kret; + volatile krb5_error_code kret; struct sockaddr_in *cl_addr; struct sockaddr_in *sv_addr; @@ -127,12 +126,14 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p) #endif /* POSIX_SIGNALS */ char *curr_lang = (char *) NULL; +#ifdef MIME_SUPPORTED krb5_boolean mime_setting = 0; +#endif krb5_int32 num_args; krb5_data *arglist; - krb5_boolean db_opened; + volatile krb5_boolean db_opened; cl_addr = (struct sockaddr_in *) cl_p; sv_addr = (struct sockaddr_in *) sv_p; @@ -286,6 +287,7 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p) */ while (1) { krb5_int32 cmd_error; + /* If this size changed, change the sprintf below */ char err_str[1024]; krb5_int32 cmd_repl_ncomps; krb5_data *cmd_repl_complist; @@ -412,7 +414,8 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p) ticket, &arglist[1], &arglist[2], - &err_str); + err_str, + sizeof(err_str)); } else { DPRINT(DEBUG_REQUESTS, proto_debug_level, @@ -732,7 +735,7 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p) ("> %d:UNKNOWN command %s\n", my_id, arglist[0].data)); cmd_error = KRB5_ADM_CMD_UNKNOWN; - sprintf(err_str, "Command %s not supported.", arglist[0]); + sprintf(err_str, "Command %-.900s not supported", arglist[0].data); /* XXX Knows size of err_str. */ } } else { @@ -770,7 +773,6 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p) } } else { - char *adm_errmsg; krb5_data reply_comps; reply_comps.data = err_str; @@ -858,7 +860,6 @@ proto_serv(kcontext, my_id, cl_sock, sv_p, cl_p) key_close_db(kcontext); close(cl_sock); - done: DPRINT(DEBUG_CALLS, proto_debug_level, ("X proto_serv() = %d\n", kret)); return(kret); } -- 2.26.2