Removed all references to DECLARG and OLDDECLARG.
authorChris Provenzano <proven@mit.edu>
Fri, 13 Jan 1995 21:50:24 +0000 (21:50 +0000)
committerChris Provenzano <proven@mit.edu>
Fri, 13 Jan 1995 21:50:24 +0000 (21:50 +0000)
Added krb5_context to all krb5_*() routines.

Fixed krlogin to use htons(debug_port).

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@4814 dc483132-0cff-0310-8789-dd5450dbe970

src/appl/bsd/ChangeLog
src/appl/bsd/forward.c
src/appl/bsd/kcmd.c
src/appl/bsd/krcp.c
src/appl/bsd/krlogin.c
src/appl/bsd/krlogind.c
src/appl/bsd/krsh.c
src/appl/bsd/krshd.c

index 924f2e87ad29097f3d15b4077473bc6f4f8afd25..d758ed45e0d8c25a8f50a3b66600d2aaf31656a9 100644 (file)
@@ -1,3 +1,9 @@
+Fri Jan 13 15:23:47 1995  Chris Provenzano (proven@mit.edu)
+
+    * Added krb5_context to all krb5_routines
+
+       * krsh.c (main): Use htons(debug_port).
+
 Wed Jan 11 01:25:09 1995  Mark Eichin  <eichin@cygnus.com>
 
        * logutil.c (update_wtmp): declare missing variables if
index 7a0b96fd4adccf4f5fb7e88bde4f48177b0fad94..8e5b9da016cb5260c55f534d03b1f4f1a6a27b0f 100644 (file)
@@ -35,7 +35,8 @@
 
 /* Decode, decrypt and store the forwarded creds in the local ccache. */
 krb5_error_code
-rd_and_store_for_creds(inbuf, ticket, lusername)
+rd_and_store_for_creds(context, inbuf, ticket, lusername)
+     krb5_context context;
      krb5_data *inbuf;
      krb5_ticket *ticket;
      char *lusername;
@@ -64,16 +65,16 @@ rd_and_store_for_creds(inbuf, ticket, lusername)
     sprintf(ccname, "FILE:/tmp/krb5cc_p%d", getpid());
     setenv("KRB5CCNAME", ccname, 0);
   
-    if (retval = krb5_cc_resolve(ccname, &ccache)) {
+    if (retval = krb5_cc_resolve(context, ccname, &ccache)) {
        return(retval);
     }
 
-    if (retval = krb5_cc_initialize(ccache,
+    if (retval = krb5_cc_initialize(context, ccache,
                                    ticket->enc_part2->client)) {
        return(retval);
     }
 
-    if (retval = krb5_cc_store_cred(ccache, &creds)) {
+    if (retval = krb5_cc_store_cred(context, ccache, &creds)) {
        return(retval);
     }
 
index 31c448d45b953c39e8da504e9db5a3ccaaf98e90..999b0a969241a49dd382c6a072d4b36e0753c614 100644 (file)
@@ -66,6 +66,7 @@ extern        errno;
 char *default_service = "host";
 
 extern krb5_cksumtype krb5_kdc_req_sumtype;
+extern krb5_context bsd_context;
 
 kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
      cred, seqno, server_seqno, laddr, faddr, authopts)
@@ -139,8 +140,8 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
         fprintf(stderr,"kcmd: no memory\n");
         return(-1);
     }
-    status = krb5_sname_to_principal(host_save,service,KRB5_NT_SRV_HST,
-                                    &ret_cred->server);
+    status = krb5_sname_to_principal(bsd_context, host_save,service,
+                                    KRB5_NT_SRV_HST, &ret_cred->server);
     if (status) {
            fprintf(stderr, "kcmd: krb5_sname_to_principal failed: %s\n",
                    error_message(status));
@@ -156,7 +157,7 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
        strcpy(rdata.data, realm);
        
        /* XXX we should free the old realm first */
-       krb5_princ_set_realm(ret_cred->server, &rdata);
+       krb5_princ_set_realm(bsd_context, ret_cred->server, &rdata);
    }
 #ifdef POSIX_SIGNALS
     sigemptyset(&urgmask);
@@ -179,7 +180,7 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
            sigsetmask(oldmask);
 #endif /* POSIX_SIGNALS */
            if (tmpstr) krb5_xfree(tmpstr);
-           krb5_free_creds(ret_cred);
+           krb5_free_creds(bsd_context, ret_cred);
            return (-1);
        }
 #ifdef HAVE_SETOWN
@@ -226,7 +227,7 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
        sigsetmask(oldmask);
 #endif /* POSIX_SIGNALS */
        if (tmpstr) krb5_xfree(tmpstr);
-       krb5_free_creds(ret_cred);
+       krb5_free_creds(bsd_context, ret_cred);
        return (-1);
     }
     lport--;
@@ -282,13 +283,13 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
     
     /* compute checksum, using CRC-32 */
     if (!(send_cksum.contents = (krb5_octet *)
-          malloc(krb5_checksum_size(CKSUMTYPE_CRC32)))) {
+          malloc(krb5_checksum_size(bsd_context, CKSUMTYPE_CRC32)))) {
         status = -1;
         goto bad2;
     }
     /* choose some random stuff to compute checksum from */
     sprintf(tmpstr,"%x %x",pid,pid);
-    if (status = krb5_calculate_checksum(CKSUMTYPE_CRC32,
+    if (status = krb5_calculate_checksum(bsd_context, CKSUMTYPE_CRC32,
                                          tmpstr,
                                          strlen(tmpstr),
                                          0,
@@ -297,14 +298,14 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
                                          &send_cksum)) 
       goto bad3;
     
-    status = krb5_cc_default(&cc);
+    status = krb5_cc_default(bsd_context, &cc);
     if (status) goto bad3;
 
-    status = krb5_cc_get_principal(cc, &ret_cred->client);
+    status = krb5_cc_get_principal(bsd_context, cc, &ret_cred->client);
     if (status) goto bad3;
 
     /* Get ticket from credentials cache or kdc */
-    status = krb5_get_credentials(0, cc, ret_cred);
+    status = krb5_get_credentials(bsd_context, 0, cc, ret_cred);
     if (status) goto bad3;
 
     /* Reset internal flags; these should not be sent. */
@@ -314,7 +315,7 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
    /* call Kerberos library routine to obtain an authenticator,
        pass it over the socket to the server, and obtain mutual
        authentication. */
-    status = krb5_sendauth((krb5_pointer) &s,
+    status = krb5_sendauth(bsd_context, (krb5_pointer) &s,
                            "KCMDV0.1", ret_cred->client, ret_cred->server,
                           authopts,
                            &send_cksum,
@@ -333,14 +334,14 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
                fprintf(stderr, "Error text sent from server: %s\n",
                        error->text.data);
            }
-           krb5_free_error(error);
+           krb5_free_error(bsd_context, error);
            error = 0;
        }
     }  
     if (status) goto bad3;
     if (rep_ret && server_seqno) {
        *server_seqno = rep_ret->seq_number;
-       krb5_free_ap_rep_enc_part(rep_ret);
+       krb5_free_ap_rep_enc_part(bsd_context, rep_ret);
     }
     
     (void) write(s, remuser, strlen(remuser)+1);
@@ -348,7 +349,7 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
     (void) write(s, locuser, strlen(locuser)+1);
     
     if (options & OPTS_FORWARD_CREDS) {   /* Forward credentials */
-       if (status = krb5_get_for_creds(ETYPE_DES_CBC_CRC,
+       if (status = krb5_get_for_creds(bsd_context, ETYPE_DES_CBC_CRC,
                                        krb5_kdc_req_sumtype,
                                        hp->h_name,
                                        ret_cred->client,
@@ -361,12 +362,12 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
        }
        
        /* Send forwarded credentials */
-       if (status = krb5_write_message((krb5_pointer)&s, &outbuf))
+       if (status = krb5_write_message(bsd_context, (krb5_pointer)&s, &outbuf))
          goto bad3;
     }
     else { /* Dummy write to signal no forwarding */
        outbuf.length = 0;
-       if (status = krb5_write_message((krb5_pointer)&s, &outbuf))
+       if (status = krb5_write_message(bsd_context, (krb5_pointer)&s, &outbuf))
          goto bad3;
     }
 
@@ -397,8 +398,8 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
     if (tmpstr) krb5_xfree(tmpstr);
     
     /* pass back credentials if wanted */
-    if (cred) krb5_copy_creds(ret_cred,cred);
-    krb5_free_creds(ret_cred);
+    if (cred) krb5_copy_creds(bsd_context, ret_cred,cred);
+    krb5_free_creds(bsd_context, ret_cred);
     
     return (0);
   bad3:
@@ -415,7 +416,7 @@ kcmd(sock, ahost, rport, locuser, remuser, cmd, fd2p, service, realm,
 #endif /* POSIX_SIGNALS */
     if (tmpstr) krb5_xfree(tmpstr);
     if (ret_cred)
-      krb5_free_creds(ret_cred);
+      krb5_free_creds(bsd_context, ret_cred);
     return (status);
 }
 
index 5101d5f7266ffd120ab7b32a151ea4afb46b663d..d8bf15dcd15c79c81494eb91337f9ab9eee57d20 100644 (file)
@@ -85,6 +85,7 @@ char des_outbuf[2*BUFSIZ];         /* needs to be > largest write size */
 krb5_data desinbuf,desoutbuf;
 krb5_encrypt_block eblock;         /* eblock for encrypt/decrypt */
 krb5_keyblock *session_key;       /* static key for session */
+krb5_context bsd_context;
 
 void   try_normal();
 char   **save_argv();
@@ -149,7 +150,8 @@ main(argc, argv)
     char **orig_argv = save_argv(argc, argv);
     
     sp = getservbyname("kshell", "tcp");
-    krb5_init_ets();
+    krb5_init_context(&bsd_context);
+    krb5_init_ets(bsd_context);
     desinbuf.data = des_inbuf;
     desoutbuf.data = des_outbuf;    /* Set up des buffers */
 #else
@@ -556,7 +558,7 @@ susystem(s)
 #ifdef POSIX_SIGNALS
     struct sigaction sa, isa, qsa;
 #else
-    register krb5_sigtype (*istat)(), (*qstat)();
+    register krb5_sigtype (bsd_context, *istat)(), (*qstat)();
 #endif
     
     if ((pid = vfork()) == 0) {
@@ -1143,19 +1145,17 @@ char **save_argv(argc, argv)
 #endif
 
 #include <krb5/widen.h>    
-krb5_error_code tgt_keyproc(DECLARG(krb5_pointer, keyprocarg),
-                           DECLARG(krb5_principal, principal),
-                           DECLARG(krb5_kvno, vno),
-                           DECLARG(krb5_keyblock **, key))
-     OLDDECLARG(krb5_pointer, keyprocarg)
-     OLDDECLARG(krb5_principal, principal)
-     OLDDECLARG(krb5_kvno, vno)
-     OLDDECLARG(krb5_keyblock **, key)
+krb5_error_code tgt_keyproc(context, keyprocarg, principal, vno, key)
+     krb5_context context;
+     krb5_pointer keyprocarg;
+     krb5_principal principal;
+     krb5_kvno vno;
+     krb5_keyblock ** key;
 #include <krb5/narrow.h>
 {
     krb5_creds *creds = (krb5_creds *)keyprocarg;
     
-    return krb5_copy_keyblock(&creds->keyblock, key);
+    return krb5_copy_keyblock(context, &creds->keyblock, key);
 }
 
 
@@ -1173,7 +1173,7 @@ void send_auth()
     
     
     
-    if (status = krb5_cc_default(&cc)){
+    if (status = krb5_cc_default(bsd_context, &cc)){
        fprintf(stderr,"rcp: send_auth failed krb5_cc_default : %s\n",
                error_message(status));
        exit(1);
@@ -1181,49 +1181,49 @@ void send_auth()
     
     memset ((char*)&creds, 0, sizeof(creds));
     
-    if (status = krb5_cc_get_principal(cc, &creds.client)){
+    if (status = krb5_cc_get_principal(bsd_context, cc, &creds.client)){
        fprintf(stderr,
                "rcp: send_auth failed krb5_cc_get_principal : %s\n",
                error_message(status));
-       krb5_cc_close(cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     
-    if (status = krb5_unparse_name(creds.client, &princ)){
+    if (status = krb5_unparse_name(bsd_context, creds.client, &princ)){
        fprintf(stderr,"rcp: send_auth failed krb5_parse_name : %s\n",
                error_message(status));
-       krb5_cc_close(cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
-    if (status = krb5_build_principal_ext(&creds.server,
-                                         krb5_princ_realm(creds.client)->length,
-                                         krb5_princ_realm(creds.client)->data,
+    if (status = krb5_build_principal_ext(bsd_context, &creds.server,
+                         krb5_princ_realm(bsd_context, creds.client)->length,
+                         krb5_princ_realm(bsd_context, creds.client)->data,
                                          6, "krbtgt",
-                                         krb5_princ_realm(creds.client)->length,
-                                         krb5_princ_realm(creds.client)->data,
+                         krb5_princ_realm(bsd_context, creds.client)->length,
+                         krb5_princ_realm(bsd_context, creds.client)->data,
                                          0)){
        fprintf(stderr,
                "rcp: send_auth failed krb5_build_principal_ext : %s\n",
                error_message(status));
-       krb5_cc_close(cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     
     /* Get TGT from credentials cache */
-    if (status = krb5_get_credentials(KRB5_GC_CACHED, cc, &creds)){
+    if (status = krb5_get_credentials(bsd_context, KRB5_GC_CACHED, cc, &creds)){
        fprintf(stderr,
                 "rcp: send_auth failed krb5_get_credentials: %s\n",
                error_message(status));
-       krb5_cc_close(cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
-    krb5_cc_close(cc);
+    krb5_cc_close(bsd_context, cc);
     
     princ_data.data = princ;
     princ_data.length = strlen(princ_data.data) + 1; /* include null 
                                                        terminator for
                                                        server's convenience */
-    status = krb5_write_message((krb5_pointer) &rem, &princ_data);
+    status = krb5_write_message(bsd_context, (krb5_pointer) &rem, &princ_data);
     if (status){
        fprintf(stderr,
                 "rcp: send_auth failed krb5_write_message: %s\n",
@@ -1231,7 +1231,7 @@ void send_auth()
        exit(1);
     }
     krb5_xfree(princ);
-    status = krb5_write_message((krb5_pointer) &rem, &creds.ticket);
+    status = krb5_write_message(bsd_context, (krb5_pointer)&rem, &creds.ticket);
     if (status){
        fprintf(stderr,
                 "rcp: send_auth failed krb5_write_message: %s\n",
@@ -1239,7 +1239,7 @@ void send_auth()
        exit(1);
     }
     
-    status = krb5_read_message((krb5_pointer) &rem, &reply);
+    status = krb5_read_message(bsd_context, (krb5_pointer) &rem, &reply);
     if (status){
        fprintf(stderr,
                 "rcp: send_auth failed krb5_read_message: %s\n",
@@ -1253,7 +1253,7 @@ void send_auth()
     faddr.contents = (krb5_octet *) &foreign.sin_addr;
     
     /* read the ap_req to get the session key */
-    status = krb5_rd_req(&reply,
+    status = krb5_rd_req(bsd_context, &reply,
                         0,               /* don't know server's name... */
                         &faddr,
                         0,               /* no fetchfrom */
@@ -1269,12 +1269,13 @@ void send_auth()
        exit(1);
     }
     
-    krb5_copy_keyblock(authdat->ticket->enc_part2->session,&session_key);
-    krb5_free_tkt_authent(authdat);
-    krb5_free_cred_contents(&creds);
+    krb5_copy_keyblock(bsd_context, authdat->ticket->enc_part2->session,
+                      &session_key);
+    krb5_free_tkt_authent(bsd_context, authdat);
+    krb5_free_cred_contents(bsd_context, &creds);
     
-    krb5_use_keytype(&eblock, session_key->keytype);
-    if ( status = krb5_process_key(&eblock, 
+    krb5_use_keytype(bsd_context, &eblock, session_key->keytype);
+    if ( status = krb5_process_key(bsd_context, &eblock, 
                                   session_key)){
        fprintf(stderr, "rcp: send_auth failed krb5_process_key: %s\n",
                error_message(status));
@@ -1297,39 +1298,40 @@ void
     
     memset ((char*)&creds, 0, sizeof(creds));
     
-    if (status = krb5_read_message((krb5_pointer) &rem, &pname_data)) {
+    if (status = krb5_read_message(bsd_context, (krb5_pointer)&rem, 
+                                  &pname_data)) {
        exit(1);
     }
     
-    if (status = krb5_read_message((krb5_pointer) &rem,
+    if (status = krb5_read_message(bsd_context, (krb5_pointer) &rem,
                                   &creds.second_ticket)) {
        exit(1);
     }
     
-    if (status = krb5_cc_default(&cc)){
+    if (status = krb5_cc_default(bsd_context, &cc)){
        exit(1);
     }
     
-    if (status = krb5_cc_get_principal(cc, &creds.client)){
-       krb5_cc_destroy(cc);
-       krb5_cc_close(cc);
+    if (status = krb5_cc_get_principal(bsd_context, cc, &creds.client)){
+       krb5_cc_destroy(bsd_context, cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     
-    if (status = krb5_parse_name(pname_data.data, &creds.server)){
-       krb5_cc_destroy(cc);
-       krb5_cc_close(cc);
+    if (status = krb5_parse_name(bsd_context, pname_data.data, &creds.server)){
+       krb5_cc_destroy(bsd_context, cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     krb5_xfree(pname_data.data);
     
-    if (status = krb5_get_credentials(KRB5_GC_USER_USER, cc, &creds)){
-       krb5_cc_destroy(cc);
-       krb5_cc_close(cc);
+    if (status = krb5_get_credentials(bsd_context, KRB5_GC_USER_USER, cc, &creds)){
+       krb5_cc_destroy(bsd_context, cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
     
-    if (status = krb5_mk_req_extended(AP_OPTS_USE_SESSION_KEY,
+    if (status = krb5_mk_req_extended(bsd_context, AP_OPTS_USE_SESSION_KEY,
                                      0,       /* no application checksum here */
                                      krb5_kdc_default_options,
                                      0,
@@ -1338,27 +1340,27 @@ void
                                      &creds,
                                      0,       /* don't need authenticator copy */
                                      &msg)) {
-       krb5_cc_destroy(cc);
-       krb5_cc_close(cc);
+       krb5_cc_destroy(bsd_context, cc);
+       krb5_cc_close(bsd_context, cc);
        exit(1);
     }
-    krb5_cc_destroy(cc);
-    krb5_cc_close(cc);
-    status = krb5_write_message((krb5_pointer) &rem, &msg);
+    krb5_cc_destroy(bsd_context, cc);
+    krb5_cc_close(bsd_context, cc);
+    status = krb5_write_message(bsd_context, (krb5_pointer) &rem, &msg);
     krb5_xfree(msg.data);
     if (status){
        exit(1);
     }
     
     /* setup eblock for des_read and write */
-    krb5_copy_keyblock(&creds.keyblock,&session_key);
+    krb5_copy_keyblock(bsd_context, &creds.keyblock,&session_key);
     
     /* cleanup */
-    krb5_free_cred_contents(&creds);
+    krb5_free_cred_contents(bsd_context, &creds);
     
     /* OK process key */
-    krb5_use_keytype(&eblock, session_key->keytype);
-    if ( status = krb5_process_key(&eblock,session_key)) {
+    krb5_use_keytype(bsd_context, &eblock, session_key->keytype);
+    if ( status = krb5_process_key(bsd_context, &eblock,session_key)) {
        exit(1);
     }
     
@@ -1398,7 +1400,7 @@ int des_read(fd, buf, len)
        nstored = 0;
     }
     
-    if ((cc = krb5_net_read(fd, (char *)&len_buf, 4)) != 4) {
+    if ((cc = krb5_net_read(bsd_context, fd, (char *)&len_buf, 4)) != 4) {
        /* XXX can't read enough, pipe must have closed */
        return(0);
     }
@@ -1413,14 +1415,14 @@ int des_read(fd, buf, len)
        errno = E2BIG;
        return(-1);
     }
-    if ((cc = krb5_net_read(fd, desinbuf.data, net_len)) != net_len) {
+    if ((cc = krb5_net_read(bsd_context, fd, desinbuf.data, net_len)) != net_len) {
        /* pipe must have closed, return 0 */
        error( "rcp: Des_read error: length received %d != expected %d.\n",
              cc,net_len);
        return(0);
     }
     /* decrypt info */
-    if ((status = krb5_decrypt(desinbuf.data,
+    if ((status = krb5_decrypt(bsd_context, desinbuf.data,
                               (krb5_pointer) storage,
                               net_len,
                               &eblock, 0))) {
@@ -1460,7 +1462,7 @@ int des_write(fd, buf, len)
     if (desoutbuf.length > sizeof(des_outbuf)){
        return(-1);
     }
-    if (( krb5_encrypt((krb5_pointer)buf,
+    if (( krb5_encrypt(bsd_context, (krb5_pointer)buf,
                       desoutbuf.data,
                       len,
                       &eblock,
index b601b5f4fc5d23f3a8beb10f87a3a957172f12d2..90f5b9ec317ff7a7e0d73b47897ec70ae3342b40 100644 (file)
@@ -149,6 +149,7 @@ int encrypt_flag = 0;
 int fflag = 0, Fflag = 0;
 krb5_creds *cred;
 struct sockaddr_in local, foreign;
+krb5_context bsd_context;
 
 #ifndef UCB_RLOGIN
 #define UCB_RLOGIN      "/usr/ucb/rlogin"
@@ -455,7 +456,8 @@ main(argc, argv)
        exit(1);
     }
 #ifdef KERBEROS
-    krb5_init_ets();
+    krb5_init_context(&bsd_context);
+    krb5_init_ets(bsd_context);
     desinbuf.data = des_inbuf;
     desoutbuf.data = des_outbuf;       /* Set up des buffers */
     /*
@@ -578,8 +580,8 @@ main(argc, argv)
     rem = sock;
     
     /* setup eblock for des_read and write */
-    krb5_use_keytype(&eblock,cred->keyblock.keytype);
-    if ( status = krb5_process_key(&eblock,&cred->keyblock)) {
+    krb5_use_keytype(bsd_context, &eblock,cred->keyblock.keytype);
+    if ( status = krb5_process_key(bsd_context, &eblock,&cred->keyblock)) {
        fprintf(stderr,
                "%s: Cannot process session key : %s.\n",
                orig_argv[0], error_message(status));
@@ -1681,7 +1683,7 @@ int des_read(fd, buf, len)
        nstored = 0;
     }
     
-    if ((cc = krb5_net_read(fd, (char *)&len_buf, 4)) != 4) {
+    if ((cc = krb5_net_read(bsd_context, fd, (char *)&len_buf, 4)) != 4) {
        /* XXX can't read enough, pipe must have closed */
        return(0);
     }
@@ -1694,7 +1696,7 @@ int des_read(fd, buf, len)
        fprintf(stderr,"Read size problem.\n");
        return(0);
     }
-    if ((cc = krb5_net_read(fd, desinbuf.data, net_len)) != net_len) {
+    if ((cc = krb5_net_read(bsd_context, fd, desinbuf.data, net_len)) != net_len) {
        /* pipe must have closed, return 0 */
        fprintf(stderr,
                "Read error: length received %d != expected %d.\n",
@@ -1702,7 +1704,7 @@ int des_read(fd, buf, len)
        return(0);
     }
     /* decrypt info */
-    if ((krb5_decrypt(desinbuf.data,
+    if ((krb5_decrypt(bsd_context, desinbuf.data,
                      (krb5_pointer) storage,
                      net_len,
                      &eblock, 0))) {
@@ -1742,7 +1744,7 @@ int des_write(fd, buf, len)
        fprintf(stderr,"Write size problem.\n");
        return(-1);
     }
-    if (( krb5_encrypt((krb5_pointer)buf,
+    if (( krb5_encrypt(bsd_context, (krb5_pointer)buf,
                       desoutbuf.data,
                       len,
                       &eblock,
@@ -1799,7 +1801,7 @@ int des_read(fd, buf, len)
        len -= nstored;
        nstored = 0;
     }
-    if ((cc = krb5_net_read(fd, len_buf, 4)) != 4) {
+    if ((cc = krb5_net_read(bsd_context, fd, len_buf, 4)) != 4) {
        /* XXX can't read enough, pipe must have closed */
        return(0);
     }
@@ -1817,7 +1819,7 @@ int des_read(fd, buf, len)
 #else
     rd_len = roundup(net_len, 8);
 #endif
-    if ((cc = krb5_net_read(fd, des_inbuf, rd_len)) != rd_len) {
+    if ((cc = krb5_net_read(bsd_context, fd, des_inbuf, rd_len)) != rd_len) {
        /* pipe must have closed, return 0 */
        return(0);
     }
@@ -1866,7 +1868,7 @@ int des_write(fd, buf, len)
 #define min(a,b) ((a < b) ? a : b)
     
     if (len < 8) {
-       krb5_random_confounder(8 - len, &garbage_buf);
+       krb5_random_confounder(bsd_context, 8 - len, &garbage_buf);
        /* this "right-justifies" the data in the buffer */
        (void) memcpy(garbage_buf + 8 - len, buf, len);
     }
index 493d8381aaf10c522ac18556004c147359164b11..88bbc8cc6baaab614df1790c390a9ad8bafae0fd 100644 (file)
@@ -244,6 +244,7 @@ krb5_encrypt_block eblock;        /* eblock for encrypt/decrypt */
 
 krb5_authenticator      *kdata;
 krb5_ticket     *ticket = 0;
+krb5_context bsd_context;
 
 #define ARGSTR "rRkKeExXpPD:?"
 #else /* !KERBEROS */
@@ -518,7 +519,8 @@ void doit(f, fromp)
 #ifdef KERBEROS
     if (must_pass_k5 || must_pass_one) {
        /* Init error messages and setup des buffers */
-       krb5_init_ets();
+       krb5_init_context(&bsd_context);
+       krb5_init_ets(bsd_context);
        desinbuf.data = des_inbuf;
        desoutbuf.data = des_outbuf;    /* Set up des buffers */
     }
@@ -1110,7 +1112,7 @@ do_krb_login(host)
     /* Kerberos V4, or host-based. */
     if (status = recvauth()) {
        if (ticket)
-         krb5_free_ticket(ticket);
+         krb5_free_ticket(bsd_context, ticket);
        if (status != 255)
          syslog(LOG_ERR,
                 "Authentication failed from %s: %s\n",
@@ -1131,7 +1133,7 @@ do_krb_login(host)
     if (must_pass_k5 || must_pass_one) {
 #if (defined(ALWAYS_V5_KUSEROK) || !defined(KRB5_KRB4_COMPAT))
        /* krb5_kuserok returns 1 if OK */
-       if (client && krb5_kuserok(client, lusername))
+       if (client && krb5_kuserok(bsd_context, client, lusername))
            passed_krb++;
 #else
        if (auth_sys == KRB5_RECVAUTH_V4) {
@@ -1140,7 +1142,7 @@ do_krb_login(host)
                passed_krb++;
        } else {
            /* krb5_kuserok returns 1 if OK */
-           if (client && krb5_kuserok(client, lusername))
+           if (client && krb5_kuserok(bsd_context, client, lusername))
                passed_krb++;
        }
 #endif
@@ -1167,7 +1169,7 @@ do_krb_login(host)
            return;
     
     if (ticket)
-       krb5_free_ticket(ticket);
+       krb5_free_ticket(bsd_context, ticket);
 
     msg_fail =  (char *) malloc( strlen(krusername) + strlen(lusername) + 80 );
     if (!msg_fail)
@@ -1234,7 +1236,7 @@ v5_des_read(fd, buf, len)
        nstored = 0;
     }
     
-    if ((cc = krb5_net_read(fd, (char *)len_buf, 4)) != 4) {
+    if ((cc = krb5_net_read(bsd_context, fd, (char *)len_buf, 4)) != 4) {
        if ((cc < 0)  && ((errno == EWOULDBLOCK) || (errno == EAGAIN)))
            return(cc);
        /* XXX can't read enough, pipe must have closed */
@@ -1254,7 +1256,7 @@ v5_des_read(fd, buf, len)
     }
     retry = 0;
   datard:
-    if ((cc = krb5_net_read(fd, desinbuf.data, net_len)) != net_len) {
+    if ((cc = krb5_net_read(bsd_context,fd,desinbuf.data,net_len)) != net_len) {
        /* XXX can't read enough, pipe must have closed */
        if ((cc < 0)  && ((errno == EWOULDBLOCK) || (errno == EAGAIN))) {
            retry++;
@@ -1273,7 +1275,7 @@ v5_des_read(fd, buf, len)
        return(0);
     }
     /* decrypt info */
-    if ((krb5_decrypt(desinbuf.data,
+    if ((krb5_decrypt(bsd_context, desinbuf.data,
                      (krb5_pointer) storage,
                      net_len,
                      &eblock, 0))) {
@@ -1313,7 +1315,7 @@ v5_des_write(fd, buf, len)
        syslog(LOG_ERR,"Write size problem.");
        return(-1);
     }
-    if ((krb5_encrypt((krb5_pointer)buf,
+    if ((krb5_encrypt(bsd_context, (krb5_pointer)buf,
                      desoutbuf.data,
                      len,
                      &eblock,
@@ -1417,7 +1419,7 @@ int princ_maps_to_lname(principal, luser)
      char *luser;
 {
     char kuser[10];
-    if (!(krb5_aname_to_localname(principal,
+    if (!(krb5_aname_to_localname(bsd_context, principal,
                                  sizeof(kuser), kuser))
        && (strcmp(kuser, luser) == 0)) {
        return 1;
@@ -1432,14 +1434,14 @@ int default_realm(principal)
     int realm_length;
     int retval;
     
-    realm_length = krb5_princ_realm(principal)->length;
+    realm_length = krb5_princ_realm(bsd_context, principal)->length;
     
-    if (retval = krb5_get_default_realm(&def_realm)) {
+    if (retval = krb5_get_default_realm(bsd_context, &def_realm)) {
        return 0;
     }
     
     if ((realm_length != strlen(def_realm)) ||
-       (memcmp(def_realm, krb5_princ_realm(principal)->data, realm_length))) {
+       (memcmp(def_realm, krb5_princ_realm(bsd_context, principal)->data, realm_length))) {
        free(def_realm);
        return 0;
     }  
@@ -1489,8 +1491,8 @@ recvauth()
     peeraddr.length = SIZEOF_INADDR;
     peeraddr.contents = (krb5_octet *)&peersin.sin_addr;
        
-    if (status = krb5_sname_to_principal(NULL, "host", KRB5_NT_SRV_HST,
-                                        &server)) {
+    if (status = krb5_sname_to_principal(bsd_context, NULL, "host", 
+                                        KRB5_NT_SRV_HST, &server)) {
            syslog(LOG_ERR, "parse server name %s: %s", "host",
                   error_message(status));
            exit(1);
@@ -1498,7 +1500,7 @@ recvauth()
 
     strcpy(v4_instance, "*");
 
-    status = krb5_compat_recvauth(&netf,
+    status = krb5_compat_recvauth(bsd_context, &netf,
                                  "KCMDV0.1",
                                  server, /* Specify daemon principal */
                                  &peeraddr, /* We do want to match */
@@ -1570,24 +1572,25 @@ recvauth()
 
     getstr(netf, rusername, sizeof(rusername), "remuser");
 
-    if (status = krb5_unparse_name(client, &krusername))
+    if (status = krb5_unparse_name(bsd_context, client, &krusername))
        return status;
     
     /* Setup up eblock if encrypted login session */
     /* otherwise zero out session key */
     if (do_encrypt) {
-       krb5_use_keytype(&eblock,
+       krb5_use_keytype(bsd_context, &eblock,
                         ticket->enc_part2->session->keytype);
-       if (status = krb5_process_key(&eblock,
+       if (status = krb5_process_key(bsd_context, &eblock,
                                      ticket->enc_part2->session))
            fatal(netf, "Permission denied");
     }      
 
-    if (status = krb5_read_message((krb5_pointer)&netf, &inbuf))
+    if (status = krb5_read_message(bsd_context, (krb5_pointer)&netf, &inbuf))
        fatal(netf, "Error reading message");
 
     if (inbuf.length) { /* Forwarding being done, read creds */
-       if (status = rd_and_store_for_creds(&inbuf, ticket, lusername))
+       if (status = rd_and_store_for_creds(bsd_context, &inbuf, ticket, 
+                                           lusername))
            fatal(netf, "Can't get forwarded credentials");
     }
     return 0;
index fc3b037a89a2b2d463ae5e92303fe6c8c8f0be3a..f23ff4ac71fba3394dd387c30739b7d4899bbc04 100644 (file)
@@ -89,6 +89,7 @@ char des_inbuf[2*BUFSIZ];       /* needs to be > largest read size */
 char des_outbuf[2*BUFSIZ];      /* needs to be > largest write size */
 krb5_data desinbuf,desoutbuf;
 krb5_encrypt_block eblock;      /* eblock for encrypt/decrypt */
+krb5_context bsd_context;
 krb5_creds *cred;
 
 int    encrypt_flag = 0;
@@ -318,10 +319,11 @@ main(argc, argv0)
     }
 
     if (debug_port)
-      sp->s_port = debug_port;
+      sp->s_port = htons(debug_port);
     
 #ifdef KERBEROS
-    krb5_init_ets();
+    krb5_init_context(&bsd_context);
+    krb5_init_ets(bsd_context);
     authopts = AP_OPTS_MUTUAL_REQUIRED;
 
     /* Piggy-back forwarding flags on top of authopts; */
@@ -352,8 +354,8 @@ main(argc, argv0)
     /* Setup for des_read and write */
     desinbuf.data = des_inbuf;
     desoutbuf.data = des_outbuf;
-    krb5_use_keytype(&eblock,cred->keyblock.keytype);
-    if (status = krb5_process_key(&eblock,&cred->keyblock)) {
+    krb5_use_keytype(bsd_context, &eblock,cred->keyblock.keytype);
+    if (status = krb5_process_key(bsd_context, &eblock,&cred->keyblock)) {
         fprintf(stderr, "%s: Cannot process session key : %s.\n",
                 argv0, error_message(status));
         exit(1);
@@ -581,7 +583,7 @@ int des_read(fd, buf, len)
        nstored = 0;
     }
     
-    if ((cc = krb5_net_read(fd, len_buf, 4)) != 4) {
+    if ((cc = krb5_net_read(bsd_context, fd, len_buf, 4)) != 4) {
        /* XXX can't read enough, pipe must have closed */
        return(0);
     }
@@ -594,14 +596,14 @@ int des_read(fd, buf, len)
        fprintf(stderr,"Read size problem.\n");
        return(0);
     }
-    if ((cc = krb5_net_read(fd, desinbuf.data, net_len)) != net_len) {
+    if ((cc = krb5_net_read(bsd_context, fd, desinbuf.data, net_len)) != net_len) {
        /* pipe must have closed, return 0 */
        fprintf(stderr, "Read error: length received %d != expected %d.\n",
                cc, net_len);
        return(0);
     }
     /* decrypt info */
-    if (cc = krb5_decrypt(desinbuf.data, (krb5_pointer) storage,
+    if (cc = krb5_decrypt(bsd_context, desinbuf.data, (krb5_pointer) storage,
                          net_len, &eblock, 0)) {
        fprintf(stderr,"Cannot decrypt data from network\n");
        return(0);
@@ -634,12 +636,12 @@ int des_write(fd, buf, len)
     if (!encrypt_flag)
       return(write(fd, buf, len));
     
-    desoutbuf.length = krb5_encrypt_size(len,eblock.crypto_entry);
+    desoutbuf.length = krb5_encrypt_size(len, eblock.crypto_entry);
     if (desoutbuf.length > sizeof(des_outbuf)){
        fprintf(stderr,"Write size problem.\n");
        return(-1);
     }
-    if (( krb5_encrypt((krb5_pointer)buf,
+    if (( krb5_encrypt(bsd_context, (krb5_pointer)buf,
                       desoutbuf.data,
                       len,
                       &eblock,
index 5cad08f8a722017a75f0f974f929d89f7916b609..144be00ae88ff3301582345af02ad6f8237d0cc3 100644 (file)
@@ -178,6 +178,7 @@ char des_inbuf[2*BUFSIZ];         /* needs to be > largest read size */
 krb5_encrypt_block eblock;        /* eblock for encrypt/decrypt */
 char des_outbuf[2*BUFSIZ];        /* needs to be > largest write size */
 krb5_data desinbuf,desoutbuf;
+krb5_context bsd_context;
 
 void fatal();
 int v5_des_read();
@@ -552,7 +553,8 @@ doit(f, fromp)
        exit(1);
     }
 #ifdef KERBEROS
-    krb5_init_ets();
+    krb5_init_context(&bsd_context);
+    krb5_init_ets(bsd_context);
     netf = f;
     desinbuf.data = des_inbuf;
     desoutbuf.data = des_outbuf;
@@ -957,7 +959,7 @@ doit(f, fromp)
 #endif
        {
            /* krb5_kuserok returns 1 if OK */
-           if (!krb5_kuserok(client, locuser)){
+           if (!krb5_kuserok(bsd_context, client, locuser)){
                syslog(LOG_ERR ,
                       "Principal %s (%s@%s) for local user %s failed krb5_kuserok.\n",
                       kremuser, remuser, hostname, locuser);
@@ -1469,7 +1471,7 @@ int princ_maps_to_lname(principal, luser)
      char *luser;
 {
     char kuser[10];
-    if (!(krb5_aname_to_localname(principal,
+    if (!(krb5_aname_to_localname(bsd_context, principal,
                                  sizeof(kuser), kuser))
        && (strcmp(kuser, luser) == 0)) {
        return 1;
@@ -1485,14 +1487,15 @@ int default_realm(principal)
     int realm_length;
     int retval;
     
-    realm_length = krb5_princ_realm(principal)->length;
+    realm_length = krb5_princ_realm(bsd_context, principal)->length;
     
-    if (retval = krb5_get_default_realm(&def_realm)) {
+    if (retval = krb5_get_default_realm(bsd_context, &def_realm)) {
        return 0;
     }
     
     if ((realm_length != strlen(def_realm)) ||
-       (memcmp(def_realm, krb5_princ_realm(principal)->data, realm_length))) {
+       (memcmp(def_realm, krb5_princ_realm(bsd_context, principal)->data, 
+               realm_length))) {
        free(def_realm);
        return 0;
     }  
@@ -1536,8 +1539,8 @@ recvauth(netf, peersin, peeraddr)
 #define SIZEOF_INADDR sizeof(struct in_addr)
 #endif
 
-    if (status = krb5_sname_to_principal(NULL, "host", KRB5_NT_SRV_HST,
-                                        &server)) {
+    if (status = krb5_sname_to_principal(bsd_context, NULL, "host", 
+                                        KRB5_NT_SRV_HST, &server)) {
            syslog(LOG_ERR, "parse server name %s: %s", "host",
                   error_message(status));
            exit(1);
@@ -1545,7 +1548,7 @@ recvauth(netf, peersin, peeraddr)
 
     strcpy(v4_instance, "*");
 
-    status = krb5_compat_recvauth(&netf,
+    status = krb5_compat_recvauth(bsd_context, &netf,
                                  "KCMDV0.1",
                                  server, /* Specify daemon principal */
                                  &peeraddr, /* We do want to match */
@@ -1599,7 +1602,7 @@ recvauth(netf, peersin, peeraddr)
        sprintf(kremuser, "%s/%s@%s", v4_kdata->pname,
                v4_kdata->pinst, v4_kdata->prealm);
        
-       if (status = krb5_parse_name(kremuser, &client))
+       if (status = krb5_parse_name(bsd_context, kremuser, &client))
          return(status);
        return 0;
     }
@@ -1608,31 +1611,31 @@ recvauth(netf, peersin, peeraddr)
        
     getstr(netf, remuser, sizeof(locuser), "remuser");
 
-    if (status = krb5_unparse_name(client, &kremuser))
+    if (status = krb5_unparse_name(bsd_context, client, &kremuser))
        return status;
     
     /* Setup eblock for encrypted sessions. */
-    krb5_use_keytype(&eblock, ticket->enc_part2->session->keytype);
-    if (status = krb5_process_key(&eblock, ticket->enc_part2->session))
+    krb5_use_keytype(bsd_context, &eblock, ticket->enc_part2->session->keytype);
+    if (status = krb5_process_key(bsd_context, &eblock, ticket->enc_part2->session))
        fatal(netf, "Permission denied");
 
     /* Null out the "session" because eblock.key references the session
      * key here, and we do not want krb5_free_ticket() to destroy it. */
     ticket->enc_part2->session = 0;
 
-    if (status = krb5_read_message((krb5_pointer)&netf, &inbuf)) {
+    if (status = krb5_read_message(bsd_context, (krb5_pointer)&netf, &inbuf)) {
        error("Error reading message: %s\n", error_message(status));
        exit(1);
     }
 
     if (inbuf.length) { /* Forwarding being done, read creds */
-       if (status = rd_and_store_for_creds(&inbuf, ticket, locuser)) {
+       if (status = rd_and_store_for_creds(bsd_context, &inbuf, ticket, locuser)) {
            error("Can't get forwarded credentials: %s\n",
                  error_message(status));
            exit(1);
        }
     }
-    krb5_free_ticket(ticket);
+    krb5_free_ticket(bsd_context, ticket);
     return 0;
 }
 
@@ -1668,7 +1671,7 @@ v5_des_read(fd, buf, len)
        nstored = 0;
     }
     
-    if ((cc = krb5_net_read(fd, (char *)len_buf, 4)) != 4) {
+    if ((cc = krb5_net_read(bsd_context, fd, (char *)len_buf, 4)) != 4) {
        if ((cc < 0)  && ((errno == EWOULDBLOCK) || (errno == EAGAIN)))
            return(cc);
        /* XXX can't read enough, pipe must have closed */
@@ -1689,7 +1692,7 @@ v5_des_read(fd, buf, len)
     }
     retry = 0;
   datard:
-    if ((cc = krb5_net_read(fd, desinbuf.data, net_len)) != net_len) {
+    if ((cc = krb5_net_read(bsd_context, fd, desinbuf.data, net_len)) != net_len) {
        /* XXX can't read enough, pipe must have closed */
        if ((cc < 0)  && ((errno == EWOULDBLOCK) || (errno == EAGAIN))) {
            retry++;
@@ -1707,7 +1710,7 @@ v5_des_read(fd, buf, len)
     }
 
     /* decrypt info */
-    if (krb5_decrypt(desinbuf.data, (krb5_pointer) storage, net_len,
+    if (krb5_decrypt(bsd_context, desinbuf.data, (krb5_pointer) storage, net_len,
                     &eblock, 0)) {
        syslog(LOG_ERR,"Read decrypt problem.");
        return(0);
@@ -1747,7 +1750,7 @@ v5_des_write(fd, buf, len)
        return(-1);
     }
 
-    if (krb5_encrypt((krb5_pointer)buf, desoutbuf.data, len, &eblock, 0)) {
+    if (krb5_encrypt(bsd_context, (krb5_pointer)buf, desoutbuf.data, len, &eblock, 0)) {
        syslog(LOG_ERR,"Write encrypt problem.");
        return(-1);
     }