diff --git a/crypto/kerberosIV/COPYRIGHT b/crypto/kerberosIV/COPYRIGHT deleted file mode 100644 index 42224596aa7f..000000000000 --- a/crypto/kerberosIV/COPYRIGHT +++ /dev/null @@ -1,161 +0,0 @@ -Copyright (c) 1995-1999 Kungliga Tekniska Högskolan -(Royal Institute of Technology, Stockholm, Sweden). -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - - - -Copyright (C) 1995 Eric Young (eay@mincom.oz.au) -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by Eric Young (eay@mincom.oz.au) - -THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - - - -Copyright (c) 1983, 1990 The Regents of the University of California. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by the University of - California, Berkeley and its contributors. - -4. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - - - -Copyright (C) 1990 by the Massachusetts Institute of Technology - -Export of this software from the United States of America is assumed -to require a specific license from the United States Government. -It is the responsibility of any person or organization contemplating -export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - - -Copyright 1987, 1989 by the Student Information Processing Board - of the Massachusetts Institute of Technology - -Permission to use, copy, modify, and distribute this software -and its documentation for any purpose and without fee is -hereby granted, provided that the above copyright notice -appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, -and that the names of M.I.T. and the M.I.T. S.I.P.B. not be -used in advertising or publicity pertaining to distribution -of the software without specific, written prior permission. -M.I.T. and the M.I.T. S.I.P.B. make no representations about -the suitability of this software for any purpose. It is -provided "as is" without express or implied warranty. - - - -Copyright 1992 Simmule Turner and Rich Salz. All rights reserved. - -This software is not subject to any license of the American Telephone -and Telegraph Company or of the Regents of the University of California. - -Permission is granted to anyone to use this software for any purpose on -any computer system, and to alter it and redistribute it freely, subject -to the following restrictions: - -1. The authors are not responsible for the consequences of use of this - software, no matter how awful, even if they arise from flaws in it. - -2. The origin of this software must not be misrepresented, either by - explicit claim or by omission. Since few users ever read sources, - credits must appear in the documentation. - -3. Altered versions must be plainly marked as such, and must not be - misrepresented as being the original software. Since few users - ever read sources, credits must appear in the documentation. - -4. This notice may not be removed or altered. - diff --git a/crypto/kerberosIV/ChangeLog b/crypto/kerberosIV/ChangeLog deleted file mode 100644 index d0300be40481..000000000000 --- a/crypto/kerberosIV/ChangeLog +++ /dev/null @@ -1,5519 +0,0 @@ -2000-12-25 - - * configure.in (VERSION): bump to 1.0.5 - -2000-10-19 - - * include/Makefile.in (HEADERS): add md4.h, md5.h, sha.h and rc4.h - * appl/kip/common.c (WCOREDUMP): add fallback definition - -2000-10-18 - - * lib/krb/dest_tkt.c (dest_tkt): only return valid error codes - back - - * kadmin/admin_server.c: re-structure code to handle DoS attacks - better only allow a constant number of children (100 currently) - keep track of which children have gotten authentication - information and kill the non-authenticated children when there are - new connections - -2000-10-16 - - * server/kerberos.c: handle a fixed number (100) of TCP - connections and kill some randomly if all are busy to try to - mitigate the effects of DoS attacks - -2000-10-08 - - * lib/krb/send_to_kdc.c (send_recv): check that fds are not too - large to select on - * kadmin/admin_server.c (kadm_listen): check that fds are not too - large to select on - * appl/kip/common.c (*): check that fds are not too large to - select on - * appl/bsd/rshd.c (doit): check that fds are not too large to - select on - * appl/bsd/rsh.c (talk): check that fds are not too large to - select on - * appl/bsd/rlogin.c (reader): check that fds are not too large to - select on - * appl/bsd/kcmd.c (kcmd): check that fds are not too large to - select on - -2000-09-25 - - * config.guess: update to version 2000-09-05 (aka 1.156) from - subversions.gnu.org plus some minor tweaks - * config.sub: update to version 2000-09-11 (aka 1.181) from - subversions.gnu.org - -2000-09-09 - - * appl/kip/kipd.c: add back droped slash in kip-control - -2000-08-16 - - * configure.in (getmsg): re-do so it possibly works on redhat 7.0 - -2000-08-09 - - * kuser/klist.c (display_srvtab): do not call warn with a variable - as format string - - * appl/bsd/rshd.c (doit): do not call warnx with a variable as - format string - -2000-07-30 - - * doc/install.texi: say something about siacfg - -2000-06-28 - - * lib/krb/dest_tkt.c (dest_tkt): rewrite to lstat and compare - numbers - -2000-06-10 - - * appl/bsd: work-around setuid and capabilities bug fixed in Linux - 2.2.16 - -2000-06-08 - - * configure.in: do not use streams ptys on HP-UX 11 - -2000-05-15 - - * lib/krb/rw.c (krb_get_nir): add explicit lengths to the - parameters. before this the function `knew'. change callers. - -2000-05-14 - - * appl/afsutil/aklog.c: look not only in /usr/vice/etc but also in - /usr/arla/etc for configuration files - -2000-04-25 - - * lib/krb/tf_util.c (tf_create): just remove the over-writing of - the old ticket file. - -2000-04-09 - - * lib/krb/getaddrs.c (k_get_all_addrs): apperently solaris can - return EINVAL when the buffer is too small. cope. - * appl/bsd/rshd.c (doit): exec the correct shell - -2000-03-26 - - * config.guess, config.sub: update to current version from - :pserver:anoncvs@subversions.gnu.org:/home/cvs - - * appl/bsd/rlogind.c (rlogind_logout, logwtmp): make sure to - always call time and ctime with `time_t's. there were some types - (like in lastlog) that we believed to always be time_t. this has - proven wrong on Solaris 8 in 64-bit mode, where they are stored as - 32-bit quantities but time_t has gone up to 64 bits - * appl/bsd/login.c: dito - -2000-03-20 - - * configure.in: add solaris2.8 - -2000-03-15 - - * configure.in: on all versions of aix, add `-bnolibpath' to the - linker. otherwise ld will interpret -L as run-time path for where - to find shared libraries and looking in ../../foo is a bad idea. - bug report from Niklas Edmundsson - -2000-03-09 - - * Release 1.0.1 - -1999-11-29 - - * Release 1.0 - - * lib/krb/krb-protos.h (tf_get_cred_addr): add prototype - - * lib/krb/tf_util.c (tf_get_cred_addr): new function for fetching - the NAT addresses stored in the ticket file. From - - - * kuser/klist.c (display_tktfile): dump the IP address being used - when in NAT-mode. From - -1999-11-25 - - * appl/bsd/rlogind.c (main): getopt returns -1 and not EOF. From - - - * lib/krb/krb_ip_realm.c (krb_add_our_ip_for_realm): new function - for obtaining the IP address that the KDC sees us as coming from. - From - - * lib/krb/tf_util.c (tf_get_addr, tf_store_addr): new functions - for storing the NAT-ed address per realm - (tf_get_cred): make sure to ignore all magic credentials - - * lib/krb/get_in_tkt.c (krb_get_pw_in_tkt2): if using NAT, store - the address the the KDC saw. (krb_add_our_ip_for_realm) - - * lib/krb/send_to_kdc.c: rewrite some. Make sure that we do not - do any hostname lookups when using http through a proxy (the proxy - is supposed to do that in the `real' name-space). - -1999-11-19 - - * appl/bsd/rcmd_util.c (conv): add EXTA and EXTB - -Tue Nov 16 1999 - - * lib/krb/defaults.c (krb_get_default_keyfile): Get value of - KEYFILE from /etc/krb.extra. - -1999-11-13 - - * **/*.c (main): getopt returns -1 not EOF. From - - - * configure.in: check for fields in `struct tm' and variable - `timezone', used by strftime - * configure.in (AC_BROKEN): strptime is a new function in roken - opt*: more header files for the tests - -Tue Nov 2 1999 - - * lib/krb/krb.h (TKT_ROOT): Change the definition of TKT_ROOT to a - function call. The returned value is settable in /etc/krb.extra - with the construct krb_default_tkt_root = /tmp/tkt_. - -1999-10-06 - - * lib/krb/verify_user.c: remove ERICSSON_COMPAT, it's apparently - no longer needed - -Mon Oct 4 1999 - - * appl/bsd/klogin.c (multiple_get_tkt): Must use appropiate realm - name when calling krb_get_pw_in_tkt or else you will receive an - inter-realm TGT. - -1999-10-03 - - * doc/problems.texi: add blurb about irix abi:s - -1999-09-27 - - * lib/krb/tf_util.c (tf_init): cygwin work-around - -1999-09-16 - - * configure.in: test for strlcpy, strlcat - - * admin/kdb_util.c (main): support `-' as an alias for stdout. - originally from Fredrik Ljungberg - -1999-09-15 - - * include/Makefile.in: remove duplicate parse_time.h - - * kadmin/ksrvutil_get.c (get_srvtab_ent): better error messages - -1999-09-12 - - * configure.in: revert back awk test, now worked around in - roken.awk - -1999-09-06 - - * doc/problems.texi: document a really working fix for the xlc - -qnolm bug - -1999-09-04 - - * doc/problems.texi: comment about xlc -E brokenness - -1999-09-01 - - * lib/krb/get_krbrlm.c (krb_get_lrealm_f): treat n = 0 the same as - if it were 1 (this should make it backwards compatible with apps - that pass 0 for n) - -1999-08-25 - - * appl/bsd/login.c: surround SGI capability stuff with - `defined(HAVE_CAP_SET_PROC)' - -1999-08-24 - - * kadmin/kadmin.c (add_new_key): add missing space when printing - generated passwords. bug reported by Per Eriksson DMC - - - * lib/krb/verify_user.c (krb_verify_user_srvtab): return last - error instead of KFAILURE when everything fails. - - * appl/bsd/klogin.c (multiple_get_tkt): return last error instead - of KFAILURE when everything fails. - -1999-08-18 - - * doc/problems.texi: some y2k stuff - - * doc/kth-krb.texi: update copyright, and menu - - * doc/intro.texi: remove unix-system section, since it's - impossible to keep up to date - -1999-08-13 - - * configure.in: test for inet_pton include in all - utmp tests - -1999-07-27 - - * configure.in: test for struct sockaddr_storage and sa_family - brokenize inet_ntop - -1999-07-24 - - * kadmin/ksrvutil_get.c (get_srvtab_ent): try to print better - error messages - - * configure.in (AC_PROG_AWK): disable. mawk seems to mishandle \# - in lib/roken/roken.awk - -1999-07-22 - - * acconfig.h (SunOS): remove definition - - * configure.in: define SunOS to xy for SunOS x.y - -1999-07-19 - - * configure.in (AC_BROKEN): check for copyhostent, freehostent, - getipnodebyname, getipnodebyaddr - -1999-07-13 - - * configure.in: use AC_FUNC_GETLOGIN - -1999-07-07 - - * kadmin/admin_server.c (main): call krb_get_lrealm correctly - - * appl/bsd/rlogind.c (lowtmp): fill in ut_id - -1999-07-06 - - * include/bits.c: move around __attribute__ to make it work with - old gcc - - * appl/bsd/rcp.c (rsource): remove trailing slashes which - otherwise makes us fail - -1999-07-04 - - * appl/afsutil/aklog.c (epxand_cell_name): terminate on # - - * lib/kadm/kadm_cli_wrap.c (kadm_cli_send): free the right memory - (none) when kadm_cli_out fails. based on a patch by Buck Huppmann - - -1999-06-24 - - * configure.in: check for sgi capability stuff - - * appl/bsd/login.c: add some kind of sgi capability capability - -1999-06-23 - - * acconfig.h (HAVE_KRB_DISABLE_DEBUG): always define. this makes - the telnet code easier when building heimdal with an older krb4 - - * lib/krb/kuserok.c (krb_kuserok): add support for multiple local - realms and de-support entries without realm in ~/.klogin - -1999-06-19 - - * lib/krb/send_to_kdc.c: and a new variable `timeout' in krb.extra - instead of always having a timeout of four seconds. based on a - patch by Mattias Amnefelt - -1999-06-17 - - * appl/bsd/rshd.c: use DES_RW_MAXWRITE instead of BUFSIZ (for - consistency) - - * appl/bsd/rsh.c: use DES_RW_MAXWRITE instead of BUFSIZ. - Otherwise, des_enc_read might be buffering data to us and it can - get returned on a des_enc_read to another fd that the original one - :-( - - * appl/bsd/bsd_locl.h: DES_RW_{MAXWRITE,BSIZE} - - * appl/bsd/encrypt.c: move MAXWRITE and BSIZE to bsd_locl.h and - rename them to DES_RW_\1 - -1999-06-16 - - * kuser/kdestroy.c: make unlog and tickets function correctly - - * configure.in: correct variables used for socks includes and libs - - - * lib/krb/{debug_decl.c,krb-protos.h}: add krb_disable_debug - -1999-06-15 - - * kuser/klist.c (display_tokens): type correctness - - * lib/krb/send_to_kdc.c (url_parse): always return the port in - network byte order (and be more careful when parsing the port - number) - - * lib/krb/send_to_kdc.c (http_recv): handle both HTTP/1.0 and - HTTP/1.1 in reply - -1999-06-06 - - * configure.in: use KRB_CHECK_X - - * kuser/kdestroy.c: use print_version - -Wed Jun 2 1999 - - * kadmin/kadmin.c: use print_version; (mod_entry): add command - line options - -1999-05-21 - - * appl/bsd/login.c: limit more stuff for crays; fix call to - login_access - -1999-05-19 - - * man/Makefile.in (install, uninstall): handle relative paths (fix - editline) - -1999-05-18 - - * appl/bsd/bsd_locl.h: update prototype for login_access; declare - `struct aud_rec' to keep AIX xlc happy - -1999-05-14 - - * appl/bsd/login_access.c: merge in more recent code - - * configure.in (CHECK_NETINET_IP_AND_TCP): use - -1999-05-10 - - * lib/krb/get_host.c (parse_address): remove trailing slash - - * lib/krb/send_to_kdc.c (prog): nuke - (send_to_kdc): restructure. make sure we have used all of the - addresses from gethostbyname before calling send_recv - (send_recv): removed unused parameters - (url_parse): remove trailing slash - (http_recv): make sure the http transaction was succesful - -1999-05-08 - - * configure.in: use the correct include files for the utmp tests - - * appl/movemail/pop.c: rename getline -> pop_getline removed - duplicate prototypes - - * configure.in: db.h: test for - (getmsg): check for existence before checking if it works (otherwise - it fails with glibc2.1 that implements an always failing getmsg) - - * acconfig.h (_GNU_SOURCE): define this to enable (used) - extensions on glibc-based systems such as linux - - * configure.in: test for strndup - -1999-04-21 - - * configure.in: replace AC_TEST_PACKAGE with AC_TEST_PACKAGE_NEW - fix test for readline.h add test for four argument el_init - remember to link with $LIB_tgetent when trying linking with - readline - -1999-04-16 - - * configure.in: check for prototype of strsep - -Sat Apr 10 1999 - - * configure.in: fix readline logic - -Fri Apr 9 1999 - - * man/Makefile.in: add editline and push. make install rules - handle paths - -Wed Apr 7 1999 - - * appl/movemail/Makefile.in: fix names of hesiod variables - - * configure.in: fix readline flags - -Mon Mar 29 1999 - - * appl/bsd/utmpx_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - - * appl/bsd/utmp_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - - * appl/bsd/rlogind.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - - * configure.in: include in test for ut_*; use - AC_CHECK_XAU - - * configure.in: utmp{,x} -> struct utmp{,x} - -Sat Mar 27 1999 - - * configure.in: AC_CHECK_OSFC2 - -Fri Mar 19 1999 - - * configure.in: use AC_SHARED_LIBS - - * configure.in: remove AIX install hack (fixed in autoconf 2.13) - - - * server/kerberos.c: fix some printf format strings - -Wed Mar 17 1999 - - * lib/krb/krb.h (KRB_VERIFY_NOT_SECURE): add for completeness - - * lib/auth/sia/sia.c (common_auth): use KRB_VERIFY_SECURE instead - of 1 - - * lib/auth/pam/pam.c (doit): use KRB_VERIFY_SECURE instead of 1 - - * lib/auth/afskauthlib/verify.c (afs_verify): use - KRB_VERIFY_SECURE instead of 1 - -Tue Mar 16 1999 - - * lib/krb/verify_user.c (krb_verify_user): handle multiple local - realms - (krb_verify_user_multiple): remove - - * lib/krb/krb-protos.h (krb_verify_user_multiple): remove - - * lib/auth/pam/pam.c: krb_verify_user_multiple -> krb_verify_user - - * lib/auth/sia/sia.c: krb_verify_user_multiple -> krb_verify_user - - * lib/auth/afskauthlib/verify.c: krb_verify_user_multiple -> - krb_verify_user - - - * lib/krb/getaddrs.c: SOCKADDR_HAS_SA_LEN -> - HAVE_STRUCT_SOCKADDR_SA_LEN - -Sat Mar 13 1999 - - * lib/kadm/check_password.c (kadm_check_pw): cast when calling is* - to get rid of a warning - - * lib/acl/acl_files.c (nuke_whitespace): cast when calling is* to - get rid of a warning - - * kadmin/ksrvutil.c (usage): update. improve error messages - - * appl/bsd/sysv_default.c (trim): cast when calling is* to get rid - of a warning - - * appl/bsd/rshd.c (doit): more parenthesis to make gcc happy - - * appl/bsd/rsh.c: add `-p' - - * appl/bsd/rlogin.c (main): more paranoid parsing of `-p' - - * appl/bsd/rcp.c (sink): cast when calling is* to get rid of a - warning - - * appl/bsd/login_access.c (login_access): cast when calling - isspace to get rid of a warning - - * include/bits.c (my_strupr): rename to strupr and ifdef - (try_signed, try_unsigned): add __attribute__ junk to get rid of two - warnings - - * appl/bsd/Makefile.in (SOURCES): add osfc2.c - - * admin/kdb_util.c (update_ok_file): add fallback utimes (some - systems seem to fail updating the timestamp with open(), close()) - - * server/kerberos.c (main): more paranoid parsing of `-a' and `-p' - -Thu Mar 11 1999 - - * configure.in: AC_BROKEN innetgr - - * lib/krb/send_to_kdc.c: fix types in format string - - * lib/krb/get_host.c: add some if-braces to keep gcc happy - - * lib/kadm/kadm_supp.c: fix types in format string - - * lib/auth/sia/Makefile.in: WFLAGS - - * include/bits.c: fix types in format string - - * appl/bsd/su.c: add some if-braces to keep gcc happy - - * appl/bsd/rlogind.c: add some if-braces to keep gcc happy - - * appl/bsd/rlogin.c: add some if-braces to keep gcc happy - - * appl/bsd/login.c: add some if-braces to keep gcc happy - - * appl/afsutil/pagsh.c: fix types in format string - -Wed Mar 10 1999 - - * server/kerberos.c: remove unused k_instance - - * lib/krb/krb-protos.h (read_service_key): add some consts to - prototype - - * lib/krb/read_service_key.c (read_service_key): add some consts - to prototype - - * appl/sample/sample_server.c: openlog -> roken_openlog - - * appl/kip/kipd.c: openlog -> roken_openlog - - * configure.in: use AC_WFLAGS - -Mon Mar 1 1999 - - * acinclude.m4: add - - * configure.in: typo - - * Makefile.in: use aclocal - - * Makefile.export: use aclocal - - * configure.in: update to autoconf 2.13 - - * aclocal.m4.in: have-struct-field.m4, check-type-extra.m4 - - * acconfig.h: update to autoconf 2.13 - - * lib/auth/sia/sia.c: SIAENTITY_HAS_OUID -> HAVE_SIAENTITY_OUID - -Tue Feb 23 1999 - - * configure.in: don't include afsl.exp in libkafs.a if building - with dynamic afs support (breaks egcs 1.1.1) - - * configure.in: don't build rxkad if not building afs-support - -Mon Feb 22 1999 - - * include/Makefile.in: clean up handling of missing system headers - - * configure.in: clean up handling of missing system headers - - * aclocal.m4.in: broken-snprintf.m4 broken-glob.m4 - - * acconfig.h: NEED_{SNPRINTF,GLOB}_PROTO - -Mon Feb 15 1999 - - * configure.in (gethostname, mkstemp): test for prototype - - * configure.in: homogenize broken detection with heimdal - -Thu Feb 11 1999 - - * lib/krb/verify_user.c: If secure == KRB_VERIFY_SECURE_FAIL, - return ok if there isn't any service key (or if it can't be read). - - * lib/krb/krb.h: KRB_VERIFY_SECURE, KRB_VERIFY_SECURE_FAIL - -Wed Jan 13 1999 - - * kadmin/kadmin.c (add_new_key): enable the `-p password' option - and add the missing code. - - * appl/bsd/login_fbtab.c (login_protect): remove `/*' from string - before reading the directory. From "Brandon S. Allbery" - - -Fri Dec 18 1998 - - * man/kadmin.8 (-t): add a note about using `kinit -p' - -Mon Dec 14 1998 - - * lib/krb/name2name.c (krb_name_to_name): really verify we have an - alias before trying to use it as the primary name. - -Fri Nov 27 1998 - - * lib/krb/send_to_kdc.c (url_parse): use correct length when - copying the hostname - -Sun Nov 22 1998 - - * configure.in, acconfig.h: NEED_HSTRERROR_PROTO - - - * configure.in: use AC_KRB_STRUCT_SPWD - - * slave/Makefile.in (WFLAGS): set - - * server/Makefile.in (WFLAGS): set - - * lib/krb/send_to_kdc.c (send_recv): add `int' - - * lib/krb/decomp_ticket.c (decomp_ticket): if the realm is empty, - use the local realm. - - * lib/krb/Makefile.in (WFLAGS): set - - * lib/kdb/krb_lib.c (kerb_get_principal): correct test - (kerb_put_principal): remove unused variable - - * lib/kdb/Makefile.in (WFLAGS): set - - * lib/auth/pam/Makefile.in (WFLAGS): set - - * lib/auth/afskauthlib/Makefile.in (WFLAGS): set - - * lib/acl/Makefile.in (WFLAGS): set - - * kuser/Makefile.in (WFLAGS): set - - * kadmin/Makefile.in (WFLAGS): set - - * include/Makefile.in (WFLAGS): set - - * appl/sample/sample_client.c (main): remove unused variable - - * appl/sample/Makefile.in (WFLAGS): set - - * appl/movemail/Makefile.in (WFLAGS): set - - * appl/kip/Makefile.in (WFLAGS): set - - * appl/bsd/Makefile.in (WFLAGS): set - - * appl/afsutil/pagsh.c (main): fall back to running /bin/sh if - execvp fails. - - * appl/afsutil/Makefile.in (WFLAGS): set - - * admin/kdb_edit.c (change_principal): remove unused variable - - * admin/Makefile.in (WFLAGS): set - - * configure.in: check for crypt, environ and struct spwd - -Thu Nov 19 1998 - - * appl/movemail/Makefile.in: link and include hesiod - - * configure.in: test for hesiod - -Wed Nov 18 1998 - - * kadmin/kadm_locl.h: include - - * configure.in (freebsd3): seems to like symbolic links for the - shared libraries - -1998-11-07 - - * Makefile.export (ChangeLOG): handle emacs20-style changelog - entries - - * lib/kdb/krb_dbm.c (kerb_db_get_principal, kerb_db_iterate): - check return value from `dbm_open' - -Fri Oct 23 1998 - - * lib/kadm/kadm.h: enable new extended kadmin fields by default - -Thu Oct 22 1998 - - * lib/krb/get_host.c (read_file): add more kinds of whitespace - - * lib/krb/lsb_addr_comp.c: fix(?) calculations regrding - `firewall_address' - - * kadmin/kadmin.c: change timeout to 5 minutes, (sigarlm): only - print message if any tickets were actually destroyed, (main): less - noise, (add_new_key): some cleanup, (del_entry): allow more than - one principal on command line, (get_entry): set more flags - - * lib/kadm/kadm.h: add code to get modification date, modifier and - key version number - - * lib/kadm/kadm_supp.c: add code to get modification date, - modifier and key version number - - * lib/kadm/kadm_stream.c: add code to get modification date, - modifier and key version number - -Tue Oct 13 1998 - - * lib/kadm/Makefile.in: ROKEN_RENAME - - * lib/krb/roken_rename.h: add strnlen - - * lib/krb/Makefile.in: add strnlen - -Sat Oct 3 1998 - - * doc/install.texi: add comment about afskauthlib being in the - correct object format - -Thu Oct 1 1998 - - * kadmin/kadmin.c (change_admin_password): add `alarm(0)' to - prevent it from timing out - - - * lib/krb/time.c (krb_kdctimeofday): set `tv'. fix from Thomas - Nyström - -Mon Sep 28 1998 - - * appl/bsd/osfc2.c: lots of C2 magic - - * appl/bsd/{rshd,rcp_util,rcp}.c: do C2 stuff - - * appl/bsd/login.c: move C2 stuff to osfc2.c - - * appl/bsd/login.c: call `set_auth_parameters' if OSFC2 - -Sun Sep 27 1998 - - * appl/bsd/login.c: add some code to call setluid - -Sat Sep 26 1998 - - * appl/sample/sample_client.c (main): correct test - -Sat Sep 12 1998 - - * configure.in (XauReadAuth): reverse test and check for -lX11 - before -lXau, otherwise the test fails on Irix 6.5 - -Sun Sep 6 1998 - - * lib/krb/krb-protos.h: fix prototypes for krb_net_{read,write} - - * lib/krb/krb_net_{read,write}.c: new files - - * lib/krb/Makefile.in: add krb_net_{read,write} - -Fri Sep 4 1998 - - * lib/auth/sia/sia.c (siad_ses_launch, siad_ses_reauthent): use - krb_afslog_home - - * lib/auth/pam/pam.c (pam_sm_open_session): use krb_afslog_home - - * lib/auth/afskauthlib/verify.c (afs_verify): use - krb_afslog_uid_home - -Sun Aug 30 1998 - - * lib/krb/get_host.c: patch from Derrick J Brashear - for doing less DNS lookups - -Sun Aug 23 1998 - - * lib/krb/ticket_memory.c (tf_save_cred): use memcpy to copy the - session key. - -Tue Aug 18 1998 - - * kadmin/kadmin.c (change_password): add `--random'. From Love - Hörnquist-Åstrand - -Thu Aug 13 1998 - - * lib/kclient/KClient.c (KClientErrorText): copy the string. - Patch from Daniel Staaf - -Tue Jul 28 1998 - - * appl/bsd/rsh.c (main): make sure not to send `-K' before the - hostname when re-execing - - * appl/bsd/su.c: openlog LOG_AUTH - -Fri Jul 24 1998 - - * lib/krb/create_ciph.c: typo: s/tmp/rem/ - -Wed Jul 22 1998 - - * lib/krb/send_to_kdc.c (send_recv): return FALSE if recv failed - so that we try the next server - - * configure.in (*-*-sunos): no lib_deps - - * include/protos.H (utime): update prototype - -Thu Jul 16 1998 - - * acconfig.h (DBDIR, MATCH_SUBDOMAINS): added - - * configure.in (--enable-match-subdomains): added - (--with-db-dir): added - - * lib/krb/getrealm.c (file_find_realm): fix MATCH_SUBDOMAINS code. - Patch originally from R Lindsay Todd - - * lib/krb/dllmain.c: clean-up patch from - - * appl/krbmanager: patches from - -Mon Jul 13 1998 - - * appl/sample/sample_client.c (main): don't advance - hostent->h_addr_list, use a copy instead - - * appl/bsd/kcmd.c (kcmd): don't advance hostent->h_addr_list, use - a copy instead - -Fri Jul 10 1998 - - * lib/krb/net{read,write}.c: removed - - * lib/krb/Makefile.in: grab net_{read,write}.c from roken - - * lib/krb/roken_rename.h: add krb_net_{write,read} - - * lib/krb/create_ciph.c (create_ciph): return KFAILURE instead of - NULL - - * lib/kadm/kadm_cli_wrap.c (kadm_get): return KADM_NOMEM, not NULL - -Wed Jul 8 1998 - - * server/kerberos.c (make_sockets): strdup the port specification - before strtok_r:ing it - - * lib/krb/extra.c (define_variable): return 0 - - * kuser/klist.c (display_tktfile): only print time diff and - newline if using the longform - -Tue Jun 30 1998 - - * lib/krb/send_to_kdc.c (send_to_kdc): be careful in not advancing - the h_addr_list pointer in the hostent structure - - * lib/krb/time.c (krb_kdctimeofday): handle the case of `time_t' - and the type of `tv_sec' being different. patch originally from - - - * man/afslog.1: add refs to kafs and kauth - - * man/kauth.1: add refs to kafs - - * lib/krb/krb_get_in_tkt.c (krb_mk_as_req): remove old code laying - around. - - * lib/krb/Makefile.in: add strcat_truncate.c - - * lib/auth/sia/krb4+c2_matrix.conf: fix broken lines and typos - - * kuser/klist.c (display_tokens): print expired for expired tokens - -Sat Jun 13 1998 - - * kadmin/kadm_ser_wrap.c (kadm_ser_init): new argument `addr' - - * kadmin/admin_server.c: new argument `-i' for listening on a - single address - -Mon Jun 8 1998 - - * Release 0.9.9 - -Wed Jun 3 1998 - - * lib/krb/extra.c: implement read_extra_file() for Win32 - -Fri May 29 1998 - - * configure.in: removed duplicate crypt - - * lib/kdb/Makefile.in (roken_rename.h): remove dependency - - * lib/acl/Makefile.in (roken_rename.h): remove dependency - - * lib/krb/roken_rename.h: remove duplicate flock - - * appl/afsutil/aklog.c (createuser): fclose the file - -Wed May 27 1998 - - * lib/krb/Makefile.in (extra.c): add - - * slave/kpropd.c: k_flock -> flock - - * slave/kprop.c: k_flock -> flock - - * lib/krb/tf_util.c: k_flock -> flock - - * lib/krb/roken_rename.h: add base64* and flock - - * lib/krb/kntoln.c: k_flock -> flock - - * lib/kdb/krb_dbm.c: k_flock -> flock - - * lib/kdb/Makefile.in: use ROKEN_RENAME to get hold of renames - symbols - -Tue May 26 1998 - - * lib/krb/extra.c: add read flag, so we don't have to look for - non-existant files several times - - * lib/krb/send_to_kdc.c: use krb_get_config_string() - - * lib/krb/lsb_addr_comp.c: use krb_get_config_bool() - - * lib/krb/krb_get_in_tkt.c: use krb_get_config_bool() - - * lib/krb/extra.c: parse and use krb.extra file for special - configurations, to lessen the number of environment variables used - - * lib/krb/getfile.c: cleanup and add `krb_get_krbextra' - - * lib/krb/debug_decl.c: add krb_enable_debug - - * lib/krb/lsb_addr_comp.c (lsb_time): if KRB_REVERSE_DIRECTION is - set, negate time (fix for some firewalls) - -Mon May 25 1998 - - * lib/krb/Makefile.in (clean): try to remove shared library debris - (LIBDES and LIB_DEPS): try to figure out dependencies - - * lib/kdb/Makefile.in (clean): try to remove shared library debris - - * lib/kadm/Makefile.in (clean): try to remove shared library - debris - - * configure.in: make symlink magic work with libsl - -Mon May 18 1998 - - * appl/bsd/login.c: Hack for AIX 4.3. - -Thu May 14 1998 - - * configure.in: mips-api support. From Derrick J Brashear - - - * configure.in: --enable-legacy-kdestroy: added. From Derrick J - Brashear - - * kuser/kdestroy.c: LEGACY_KDESTROY: add - -Wed May 13 1998 - - * lib/krb/krb.h (const, signed): define when compiling with - non-ANSI comilers. From Derrick J Brashear - -Mon May 11 1998 - - * kadmin/admin_server.c: Fix reallocation bug. - -Fri May 1 1998 - - * configure.in: don't test for winsock.h - - * slave/kprop.c: unifdef -DHAVE_H_ERRNO - - * appl/sample/sample_client.c: unifdef -DHAVE_H_ERRNO - - * appl/movemail/pop.c: unifdef -DHAVE_H_ERRNO - - * appl/kip/kip.c: unifdef -DHAVE_H_ERRNO - -Mon Apr 27 1998 - - * appl/ftp/ftpd/krb4.c (krb4_adat): applied patch from Love - for checking address in krb_rd_req - -Sun Apr 26 1998 - - * appl/Makefile.in (SUBDIRS): add push - -Sun Apr 19 1998 - - * configure.in: fix for the symlink magic. From Gregory S. Stark - - - * doc/Makefile.in (install): ignore failures from install-info. - - * lib/krb/Makefile.in (install): don't install include files with - x bit - - * lib/kadm/Makefile.in (install): don't install include files with - x bit - - * man/Makefile.in: don't install getusershell - - * lib/krb/Makefile.in: add symlink magic for linux. - only link in com_err.o and error.o if building shared - - * lib/kdb/Makefile.in: add symlink magic for linux - - * lib/kadm/Makefile.in: add symlink magic for linux - - * configure.in: add symlink magic for Linux - - * appl/kx/common.c (connect_local_xsocket): update to try the list - of potential socket pathnames - -Tue Apr 7 1998 - - * lib/krb/getaddrs.c: Don't bail out if various ioctl's fail. - - - * doc/Makefile.in (kth-krb.info): use `--no-split' - -Mon Apr 6 1998 - - * configure.in: add --disable-cat-manpages - - * configure.in: call the shared libraries so.0.9.9 on linux - -Sat Apr 4 1998 - - * lib/Makefile.in (SUBDIRS): changed order so that editline is - built before sl - - * lib/*/Makefile.in: shared library dependency information - - * doc/Makefile.in (clean): remove *.info* - - * merge in win32 changes from and - - - * Makefile.export: aux -> cf - - * Makefile.in: aux -> cf - - * appl/voodoo/TelnetEngine.cpp (TelnetEngine::Connect): check the - return from `gethostbyname' - - * appl/bsd/bsd_locl.h: Check for and conditionalize - prepare_utmp. From - - * acconfig.h (__EMX__): define MAIL_USE_SYSTEM_LOCK. From - - - * include/bits.c: renamed `strupr' to `my_strupr' not to conflict - with any exiting strupr. - -Sat Mar 28 1998 - - * Makefile.in (install): use DESTDIR - - * include/Makefile.in (install): depend on all - - * man/Makefile.in (install, uninstall): use transform correctly - -Fri Mar 27 1998 - - * configure.in: don't look for dbopen. From Derrick J Brashear - - (termcap.h): check for - - * lib/krb/Makefile.in: fix for LD options on solaris. From - Derrick J Brashear - -Thu Mar 19 1998 - - * appl/kx/common.c: Trying binding sockets in the special - directories for some versions of Solaris and HP-UX - - - * lib/krb/kdc_reply.c: Check for error code of zero in error - packet from KDC. - -Wed Mar 18 1998 - - * appl/kx/common.c (get_xsockets): try getting sockets in lots of - places - - * appl/kauth/kauth.c: return error code from child (plus shell - magic) - - - * lib/krb/getrealm.c (krb_realmofhost), lib/krb/get_krbrlm.c - (krb_get_lrealm, krb_get_default_realm): When figuring out a - default local realm name avoid going into infinite loops. - -Sun Mar 15 1998 - - * configure.in: test for and search for `tgetent' in - ncurses. From Gregory S. Stark - - * **/Makefile.in: add DESTDIR support and .PHONY - -Sat Mar 7 1998 - - * kadmin/ksrvutil.c: Remove kvno zero restriction. - - * configure.in: Add option `--disable-dynamic-afs' do disable AIX - dynamic loading of afs syscall library. This should hopefully also - work with AIX 3. - - * kadmin/ksrvutil.c: Add `delete' function (from Chris Chiappa - ). - -Thu Feb 26 1998 - - * kadmin/kadmin.c (do_init): fix check of return value from - krb_get_default_principal - - * lib/kadm/kadm_stream.c (stv_string): use correct offset - -Sat Feb 21 1998 - - * include/Makefile.in: add parse_time.h - - * lib/krb/solaris_compat.c: new file with alternative entry points - compatible with solaris's libkrb. - -Thu Feb 19 1998 - - * lib/krb/time.c: Various time related functions. - -Tue Feb 17 1998 - - * lib/krb/send_to_kdc.c: Add some more connection debug traces. - -Sun Feb 15 1998 - - * lib/krb/get_host.c (init_hosts): call k_getportbyname with proto - == "udp" instead of NULL. NULL would be the right thing, but some - libraries are not happy with that. - - * appl/bsd/rcp.c: renamed `{local,foreign}' to \1_addr to avoid - conflicts with system header files on mklinux. - - - * lib/kadm/Makefile.in: Fix rules for kadm_err.[ch]. - - * lib/krb/krb_err.et: Fix for changes to compile_et. - - * lib/com_err/{error.c,com_err.h,com_right.h}: Rename error.h to - com_right.h. - - * lib/com_err/{compile_et.c,compile_et.h,lex.l,parse.y}: Switch - back to a yacc-based compile_et. - -Tue Feb 10 1998 - - * appl/kx/kxd.c (doit): fix stupid mistake when marshalling - - * lib/krb/Makefile.in: add strcpy_truncate - -Sun Feb 8 1998 - - * lib/krb/netwrite.c (krb_net_write): restart if errno == EINTR - - * lib/krb/netread.c (krb_net_read): restart if errno == EINTR - - * appl/kx/rxterm.in: redirect std{in,out,err} of xterm to make - sure rshd does not hang. - -Sat Feb 7 1998 - - * lib/acl/acl_files.c (acl_canonicalize_principal): use - krb_parse_name - - - * lib/krb/rw.c: add a parameter containting maximum size. Change - all callers. - - * lots-of-files: replace {REALM_SZ, *_SZ, MaxPathLen, - MaxHostNameLen} + 1 with \1 - - * appl/bsd/rlogind.c (cleanup): logout -> rlogind_logout - - * lib/acl/acl_files.c (acl_canonicalize_principal): use - strcpy_truncate - - * include/Makefile.in: fnmatch.h - - * appl/ftp/ftpd/ftpd.c: - - * lib/kadm/kadm_stream.c (stv_string): don't use strncpy - - * lib/auth/sia/sia.c (siad_ses_suauthent): do ugly magic to make - sure `entity->name' is long enough. - - * appl/ftp/ftpd/ftpcmd.y: HASSETPROCTITLE -> HAVE_SETPROCTITLE - - * appl/bsd/rlogind.c (logout): renamed to rlogind_logout to avoid - conflict with logout() in libutil. - (doit): use forkpty_truncate it there's one - - * appl/afsutil/kstring2key.c (krb5_string_to_key): don't use - strcat - - * configure.in: add lots of functions and headers that were used - in the code but not tested for. - - * lib/krb/send_to_kdc.c (url_parse): re-structured - - * kadmin/kadm_locl.h: add prototype for random_password and remove - __P - - * appl/bsd/forkpty.c (forkpty_truncate): new function. - use strcpy_truncate instead of strcpy - - * appl/bsd/bsd_locl.h: include . - prototype for forkpty_truncate() - - * configure.in: test for - -Fri Feb 6 1998 - - * kadmin/random_password.c: Random password generation. - - * kadmin/kadmin.c: Add some functionality to add_new_key, to make - it more useful with batch creation. - -Wed Feb 4 1998 - - * appl/bsd/login.c (find_in_etc_securetty): new function - (rootterm): call `find_in_etc_securetty' - - * appl/bsd/pathnames.h (_PATH_ETC_SECURETTY): add - -Tue Feb 3 1998 - - * kadmin/kadmin.c: Fix `-t' flag. Centralize the calling of - alarm() to a modified sl_loop(). - - * kadmin/kadmin.c: Add support for `batch' processing, taking a - command from the command line. Remove the automatic destruction of - tickets, instead add a timeout (initially set to 1 minute), after - which any tickets will be destroyed. Option `-m' now sets this - timeout to 0 (disabling timeout). Options `-p' takes a full - principal, and `-u' takes a `username' that is used as the name of - the admin principal to use. - -Sat Jan 31 1998 - - * lib/auth/sia/sia.c: Chown ticket file when doing reauth. - -Thu Jan 29 1998 - - * lib/auth/sia/sia.c: Add support for reauthentication. - -Mon Jan 26 1998 - - * appl/kauth/kauth.c (main): Add debug switch -d to kauth to aid - in finding miss-configurations. - -Mon Jan 19 1998 - - * lib/krb/name2name.c: If inet_addr thinks host's a valid - ip-address, assume it is, and don't call gethostbyname(). This - should fix things like `rsh 1.2.3.4'. - -Sat Jan 17 1998 - - * lib/krb/get_host.c: Check for http-srv records. - - * lib/krb/get_host.c: Don't use getprotobyname. Check for `http' - as well as `udp' and `tcp'. - - * lib/auth/sia/sia.c: Add password changing support. - - * kadmin/new_pwd.c: Use kadm_check_pw. - - * lib/kadm/check_password.c: Password quality check, moved from - kpasswd.c. - -Fri Jan 16 1998 - - * kadmin/ksrvutil_get.c: Add `-u' flag to put each key in a - separate file. - -Mon Jan 12 1998 - - * kadmin/admin_server.c: Fix broken realloc of pidarray. - -Fri Jan 9 1998 - - * rename logwtmp -> ftpd_logwtmp not to conflict with libc. - -Sun Dec 21 1997 - - * lib/krb/verify_user.c (krb_verify_user): new argument `srvtab'. - Changed all callers. - -Sat Dec 13 1997 - - * lib/kdb/krb_dbm.c: check return value from dbm_store - -Thu Dec 11 1997 - - * lib/krb/k_flock.c (k_flock): Re-included an implementaion of - k_flock. Changed all library and core application source to use - k_flock. - -Tue Dec 9 1997 - - * appl/kx/kxd.c,common.c: more error testing from Love - Hörnquist-Åstrand - Use the correct number of X for mkstemp. - - - * Release 0.9.8 - - * Add `--disable-mmap' configure option, do disable all use of - mmap. - - * Rename all k_afsklog to krb_afslog. - -Mon Dec 8 1997 - - * kuser/klist.c: Add a header for tokens. - -Fri Dec 5 1997 - - * lib/krb/krb.h: Moved prototypes to krb-protos.h, cruft to - krb-archaeology.h. - -Thu Dec 4 1997 - - * appl/kauth/kauth.c: Use krb_get_pw_in_tkt2. - - * lib/krb/get_in_tkt.c: krb_get_pw_in_tkt2 that returns key. - -Sun Nov 30 1997 - - * configure.in: check for tgetent in libcurses - -Mon Nov 24 1997 - - * appl/krbmanager: incorporate patches from - for making sure there's only one instance of krbmanager. - -Fri Nov 21 1997 - - * admin/ext_srvtab.c: use atexit() to stamp out secrets. - -Thu Nov 20 1997 - - * server/kerberos.c: Log funny HTTP requests. - - * server/kerberos.c: Add comma to list of port separators for - `-P'. - - - * appl/voodoo/TelnetEngine.cpp (TelnetEngine::Connect): better - error message (from ) - -Wed Nov 12 1997 - - * kuser/klist.c (display_tokens): patch from - -Sun Nov 9 1997 - - * Release 0.9.7 - - - * configure.in: test for ssize_t - - * appl/bsd/rlogind.c: Fill in ut_type, and ut_exit if they exist. - - * appl/kx/common.c (create_and_write_cookie): Create temp file - with mkstemp. - - - * appl/ftp/ftpd/ftpd.c: conditionalize otp - - * appl/bsd/login.c: conditionalize otp - - * configure.in: add --disable-otp. update Makefile.in's - - * configure.in: define CANONICAL_HOST - - * configure.in, aclocal.m4: remove . contains - bogus information on Crays. - - * include/bits.c: stolen from Heimdal - - * include/Makefile.in: replace ktypes.c with bits.c - - * lib/krb/getaddrs.c (k_get_all_addrs): cray fix - - * configure.in: updated header files - - - * slave/kpropd.c: Make sure it's the kprop service that tries to - send data. - -Fri Nov 7 1997 - - * configure.in: Added option --with-afsws=/usr/afsws. - - * lib/Makefile.in: Build lib/rxkad if we have include file rx/rx.h - -Thu Nov 6 1997 - - * appl/ftp/ftp/ftp.c (sendrequest, recvrequest): do correct tests - for `-' - - * appl/ftp/ftp/cmds.c (getit): removed stupid goto - - - * appl/kauth/kauth.c: Use krb_get_pw_in_tkt(), now that it is - fixed. - - * appl/ftp/ftp/cmds.c: Don't retrieve files that start with `..' - or `/' without asking. Reverse test in confirm() to check for `y' - rather than not `n'. Use mkstemp. - - * appl/ftp/ftp/ftp.c: Add extra parameter to recvrequest, - specifying if local filenames should be parsed as "-" and "|". - -Mon Nov 3 1997 - - * configure.in: updated broken list. add fclose for proto check. - - * kadmin/kadmin.c: updated functions to new style of sl - - * appl/bsd/rcp.c, rlogin.c, rsh.c: setuid before doing kerberos - authentication. if that fails, exec ourselves with -K - - * appl/bsd/pathnames.h: add _PATH_RCP - - * configure.in: test for readv, writev - -Fri Oct 24 1997 - - * lib/krb/tkt_string.c (krb_set_tkt_string): const-ized - - * appl/ftp/ftp{,d}: new commands: kdestroy, krbtkfile and afslog. - - * appl/afsutil/aklog.c (expand_cell_name): fix parsing of - CellServDB - -Sat Oct 11 1997 - - * appl/telnet/telnetd/sys_term.c (start_login): moved `user' so it - works even if !defined(HAVE_UTMPX_H) - -Fri Oct 10 1997 - - * lib/krb/send_to_kdc.c: Change send_recv* to use a lookup table - indexed by protocol. - - Implement http proxy use, enabled via `krb4_proxy' environment - variable. - -Thu Oct 9 1997 - - * lib/krb/getrealm.c: Don't lookup top-level domains. Try files - before doing DNS. - -Thu Oct 2 1997 - - * appl/krbmanager: Turned into a ticket management program. - - * lib/krb/{dllmain,ticket_memory}.c: Add some KrbManager - interaction. - -Sat Sep 27 1997 - - * appl/voodoo: Major fixes of terminal emulation, and other - things. - -Fri Sep 26 1997 - - * server/kerberos.c: Cleanup socket-opening code. Add HTTP - support. - - * lib/krb/send_to_kdc.c: Add Kerberos over HTTP. - - * lib/krb/get_host.c: Parse URL-style host-specifications. - - - * include/win32: add `version.h' and `ktypes.h' - - * lib/kclient/KClient.def: rename kclnt32 to make Eudora - happy. Add SendTicketForService - - * lib/kclient/KClient.c: implement SendTicketForService. Used by - Eudora. - - * appl/voodoo/voodoo.mak: kclient renamed as kclnt32 - -Thu Sep 25 1997 - - * Moved various base64 implementations to roken. - -Thu Sep 18 1997 - - * appl/telnet/telnetd/telnetd.c: Move the call to startslave() - into the telnet() loop. This way we'll maximise the chance that - the transmission is encrypted before starting login. This will - hopefully remove the irritating warning you would get with some - macintosh telnet clients. - -Wed Sep 17 1997 - - * appl/telnet/telnetd/sys_term.c: Fix for duplicate `-- user'. - -Tue Sep 9 1997 - - * server/kerberos.c: More detailed logging - -Fri Sep 5 1997 - - * lib/kafs/afssysdefs.h: HP-UX 10.20 seems to use 48 - -Thu Sep 4 1997 - - * lib/des/Makefile.in: quote the test for $(CC) correctly - -Wed Sep 3 1997 - - * include/ktypes.c: Move __BIT_TYPES_DEFINED__ to after including - other stuff. - - - * lib/rxkad/rxk_locl.c (rxkad_calc_header_iv): Simplify header IV - calculation. - - * lib/rxkad/osi_alloc.c (osi_Alloc): Memory allocation routines - for user space. There is no longer any need for conditional - compilation of user/kernel-space versions of librxkad.a. - - * lib/rxkad/rxk_clnt.c (rxkad_NewClientSecurityObject): Use - Transarc FC-crypto to generate random numbers. We no longer need - to link a DES library into the kernel. - -Tue Sep 2 1997 - - * appl/ftp/ftpd/ftpd.c (pass): chown the ticket file is logging in - with clear-text passwords and using kerberos - - * lib/krb/krb_log.h: new file - - * lib/krb/krb.h: moved all logging functions to krb_log.h. - Include krb_log.h in appropriate places. From - - -Mon Sep 1 1997 - - * appl/kx/kx.c: more intelligent check for passive mode new option - `-P' to force passive mode - -Sat Aug 23 1997 - - * lib/krb/krb_get_in_tkt.c: rename krb_as_req -> krb_mk_as_req - -Wed Aug 20 1997 - - * lib/rxkad/rxkad.h, rxk_serv.c (server_CheckResponse): Increase - limit of ticket lengths to 1024 at server end. - - * lib/rxkad/rxk_clnt.c (rxkad_NewClientSecurityObject): Support - for almost arbitrary ticket lengths. - -Tue Aug 19 1997 - - * kadmin/ksrvutil_get.c: Make sure we're talking to the admin - server when getting ticket. - - * lib/krb/send_to_kdc.c: Add flag to always use admin server. - -Sun Aug 17 1997 - - * appl/kx/rxtelnet.in: reverse the looking for xterm loops Use - `-n' and not `-name' to xterm - - * server/kerberos.c: implement `-i' for only listening on one - address - - * lib/kadm/kadm_cli_wrap.c: Implement kadm_change_pw2 to be - compatible with CNS. From - - * appl/ftp/ftpd/ftpd.c: removed bogus reset of `debug' - - * appl/ftp/ftpd/extern.h: define NBBY if needed - - * configure.in: os2 fixes: -Zcrtdll and check for chroot - -Wed Aug 13 1997 - - * lib/krb/get_in_tkt.c: Use new get_in_tkt functions, and - implement kerberos 5 salts. - - * lib/krb/krb_get_in_tkt.c: Split krb_get_in_tkt in two functions - so it's possible to try several key-procs with just one request to - the KDC. - -Wed Jul 23 1997 - - * lib/rxkad/rxk_serv.c (decode_krb4_ticket): New functions - decode_xxx_ticket so that it is possible to also decode kerberos - version 5 tickets. - -Sat Jul 19 1997 - - * doc/Makefile.in: `test -f' is more portable than `test -e' - -Tue Jul 15 1997 - - * lib/kafs/kafs.h, lib/krb/krb.h: swap order of and - . Another fix form - -Fri Jul 11 1997 - - * lib/krb/krb.h: non-ANSI fix from - -Fri Jun 27 1997 - - * man/otp.1: `-o' option - - * appl/otp/otp.c: List lock-time with `-l'. New option `-o' to - open an locked entry. - - * lib/otp/otp_db.c (otp_get_internal): Save lock_time in returned - struct. - - * lib/otp/otp.h: New field `lock_time' in OtpContext - -Thu Jun 26 1997 - - * man/otp.1, man/otpprint.1: Update changed default to `md5' - - * appl/bsd/rsh.c: Don't use a hard-coded constant in `select' - - * configure.in, include/ktypes.c: Handle the case of there being - an old version of our `sys/bitypes.h'. - -Sun Jun 22 1997 - - * lib/des: Merge in changes from libdes 4.01. The optimizations - written in assembler are not used since they in general wont't - work with shared libraries. - -Fri Jun 20 1997 - - * lib/krb/netread.c, netwrite.c: Handle windows discrimation of - sockets. - -Sun Jun 15 1997 - - * appl/kpopper/pop_init.c: Use `STDIN_FILENO' and `STDOUT_FILENO' - instead of `sp'. OSF's libc isn't quite prepared to have two - different FILEs refer to the same file descriptor. - -Thu Jun 12 1997 - - * doc/dir: Add dir template file. - - - * appl/kauth/kauth.c (main): AFS style positional argument for -n - option. - - * appl/xnlock/xnlock.c (verify): New resource destroyTickets and - corresponding option -nodestroytickets. First try local - authentication and if it fails try kerberos. - -Sun Jun 8 1997 - - * appl/ftp/ftpd/popen.c (ftpd_popen): Correct initialization of - `foo' before call to `strtok_r' - -Wed Jun 4 1997 - - * doc/*.texi: Use @url. - - * doc/setup.texi: Added @ifinfo around @dircategory - -Tue Jun 3 1997 - - * Release 0.9.6 - - * appl/kx/rxtelnet.in, appl/kx/rxterm.in: new argument '-w - term_emulator' for specifiying which terminal emulator to use. - Based on a patch from . - -Mon Jun 2 1997 - - * appl/xnlock/Makefile.in, appl/kx/Makefile.in, - lib/auth/Makefile.in: fix the Makefile to do the for loops the - automake way. - -Sun Jun 1 1997 - - * appl/xnlock/Makefile.in, appl/kx/Makefile.in: do install - correctly even if there are no programs to install - - * configure.in: Check for `h_nerr'. - - * lib/auth/pam/pam.c: Include to make it - compile on Solaris 2.6 - - lib/sl/sl.c, lib/krb/realm_parse.c, appl/ftp/ftpd/popen.c, - appl/ftp/ftpd/ftpd.c, appl/bsd/login_fbtab.c, - appl/bsd/login_access.c: Initialize the `lasts' to NULL before - calling strtok_r the first time. With our strtok_r it's not - necessary, but the man-page on SGIs says it should be done. - -Fri May 30 1997 - - * lib/krb/mk_req.c (krb_mk_req, get_ad_tkt): Support for - multi-realm ticket files by using the best matching TGT to define - the realm of the ticket holder. - - - * appl/bsd/utmpx_login.c (utmpx_update): Set `ut_id' if we're - using utmpx - - * appl/telnet/telnetd/sys_term.c (start_login): Set `ut_id' if - we're using utmpx - -Wed May 28 1997 - - * lib/roken/daemon.c: New file. - - * include/protos.H: needed on solaris 2.4 - -Mon May 26 1997 - - * appl/bsd/su.c (kerberos): If kerberos password is zero length - immediately try next scheme. - - - * lib/kafs/afskrb.c (k_afsklog_uid): Token lifetime should be even - if we don't know the proper ViceId. - - - * Release 0.9.5 - - * man/Makefile.in: Install preformatted manual pages with correct - suffix on *BSD. - -Sun May 25 1997 - - * appl/kpopper/popper.h: Remove XTND, and XTND XMIT. Rename XTND - XOVER to XOVER. - - - * appl/telnet/telnetd/sys_term.c: Only include and - once - - * fix-export: Also create cat manpages. - - * appl/ftp/ftpd/logwtmp.c: Check for `_PATH_WTMP' - - * appl/telnet/telnetd/sys_term.c: Ditto. - Remove stupid macros. - - * appl/ftp/ftp/cmds.c (setpeer): Check for `__unix'. This is - (apparently) a standard with many representations. - - * appl/ftp/ftpd/ftpcmd.y (SYST): Ditto. - - * appl/ftp/ftpd/ftpd.c (retrieve): file must exist to apply a - command to it. - - * appl/ftp/ftpd/ftpd.c (retrieve): Generalise list of commands and - basename argument. - - * appl/ftp/ftpd/popen.c (ftpd_popen): Try standard binary if the - one in ~ftp fails. - - * appl/telnet/telnetd/sys_term.c: Use `_getpty' if there's one - - * appl/bsd/forkpty.c: Use `_getpty' if there's one - - * configure.in: check for `_getpty' - - * acconfig.h: correct test for IRIX - - * lib/roken/snprintf.c: code for checking the correct functioning - of *nprintf is now #ifdef PARANOIA - - * appl/bsd/rlogind.c: fix logging in wtmp and parsing of winsize - - * appl/bsd/rlogin.c: New option `-p'. - - * lib/des/fcrypt.c: removed `inline' from `des_set_key' - -Thu May 22 1997 - - * lib/des/md5.c (MD5Final): Made signature compliant with FreeBSD. - - * lib/des/md5.h: Remove digest from MD5_CTX, it is now an argument - to MD5Final instead. - - * lib/des/fcrypt.c: Also support MD5 style crypt(2). - -Tue May 20 1997 - - * appl/telnet/telnetd/sys_term.c: utmp stuff now seems to be - compatible with login - - * appl/ftp/ftpd/logwtmp.c: Add support for logging to wtmpx - - - * (*/)*/Makefile.in:s (install): Avoid redundant multiple - recursion in install targets. - - * Made things compile with socks5-v1.0r1. - - - * appl/telnet/telnetd/sys_term.c: changed utmp-stuff not to use - ut_id at all - - * appl/bsd/utmpx_login.c: handle case where there's no wtmpx (such - as HP-UX 10) - - * appl/bsd/rlogind.c: Added support for utmpx - -Sun May 18 1997 - - * lib/roken: removed herror, strchr, and strrchr - - * lib/krb/dest_tkt.c(dest_tkt): Only use `lstat' iff HAVE_LSTAT - - * lib/krb: snprintf, strdup, strtok_r, and strcasecmp always live - in lib/roken and get linked here when needed. - - * lib/roken: removed strchr, strrchr. - - * appl/telnet/telnet/telnet.c: Always use our own `setupterm' for - compatibility reasons. - - * appl/telnet/telnetd/telnetd.c: Removed and . - They doesn't seem to be used and breaks on fujitsu. - - * appl/kx/kx.c: try to give a better error message (than a core - dump :-) when talking to an old kxd. - - * appl/kx/kxd.c, appl/kip/kipd.c, appl/kauth/kauthd.c: corrected - fencepost error with KRB_SENDAUTH_VLEN. - - * appl/ftp/common/buffer.c: new file. - - * configure.in: cray hides their bitypes in . - Also check for this file. - - * appl/telnet/telnet/telnet_locl.h: moved termios.h before - curses.h. This was needed to compile on cray, but will probably - break on some other host. - -Thu May 15 1997 - - * server/kerberos.c: Implement changes to the tcp protocol, while - being compatible with the old protocol. - - * lib/krb/send_to_kdc.c: The old method to signal end of - transmission by closing the sending side of the socket does not - work well through some firewalls. This is now changed so that the - client instead sends the length of the request as a four byte - integer (in network byte order) before sending the data. - -Wed May 14 1997 - - * appl/telnet/telnetd/sys_term.c: HAVE_UTMPX -> HAVE_UTMPX_H. Fix - for OSF1. - - * appl/bsd/utmp_login.c: UTMPX_DOES_UTMP_LOGGING -> HAVE_UTMPX_H - - * appl/bsd/sysv_environ.c: Use k_concat rather than snprintf. - -Tue May 13 1997 - - * kuser/klist.c: updated usage string - - * lib/otp/otp_print.c: make word table and reverse word table - constant - -Sun May 11 1997 - - * */*: Added some __attribute__ ((format (printf))) and fixes - where needed. - - * appl/ftp/common/sockbuf.c: start probing at 4Mb - - * appl/ftp/ftpd/ftpd.c: use MAP_FAILED - - * appl/ftp/ftp/ftp.c: Use MAP_FAILED. - (alloc_buffer): new function for allocating a buffer of size - max(BUFSIZ, st.st_blksize) (Based on a patch from - ) - - * appl/ftpd/ftpdcmd.y: hack for reget. - - * appl/kx/kxd.c: Give a error message to old-version kx. - - * replaced vsprintf with vsnprintf. - - * lib/roken/vsyslog.c: not used. removed. - - * Changed -> - - * include/Makefile.in: Added ktypes.h - - * include/sys/Makefile.in: removed bitypes.h - -Wed May 7 1997 - - * appl/ftp/ftp/ftp.c: Open files in binary mode. - - * appl/ftp/ftpd/ftpd.c (checkaccess): Changed to make absent file - mean `allow'. Added shell matching to names (if fnmatch is - available). - - - * appl/ftp/ftpd/kauth.c (kauth): Use `DEFAULT_TKT_LIFE' - - * appl/ftp/ftpd/ftpcmd.y, appl/ftp/ftpd/ftpd.c: always cast to - (long) before printing out an `off_t' - - * lib/kdb/print_princ.c (krb_print_principal), - lib/kdb/krb_lib.c (kerb_put_principal), - admin/kdb_edit.c (change_principal), - admin/kdb_util.c (print_time) : gmtime should never return - tm_year > 1900 - - * appl/ftp/ftpd/ftpcmd.y: Year 2000 fix - - * appl/telnet/telnetd/telnetd.c: removed code that used `getent' - - * lib/roken/getent.c: removed - -Mon May 5 1997 - - * appl/ftp/ftpd/ftpd.c: fix for mmap and restart_point - - * kadmin/ksrvutil_get.c (ksrvutil_get): get correct default realm - -Sun May 4 1997 - - * configure.in (REAL_PICFLAGS): Use `-fPIC' instead of `-fpic', - otherwise it's not possible to make libotp on hpux. - - * configure.in: try sending picflags even when linking a shared - library with $CC - - * lib/roken/getent.c: remove getstr - - * configure.in: removed unneeded REAL_-variables working shared - libraries on *bsd* - - * appl/kip/kip.h: Added - - * */Makefile.in: Use @LDSHARED@ - - * configure.in: Fix shared libraries on HP/UX. - check for curses.h - check for `getstr' and `cgetstr' in curses - - * appl/telnet/telnet: clean-up - - * lib/kafs/afssys.c: ifdef-out the code that is not used to avoid - referencing `syscall' on AIX. - - * lib/krb/et_list.c: s/WEAK_PRAGMA/PRAGMA_WEAK/ - - * aclocal.m4 (AC_HAVE_PRAGMA_WEAK): redirect output - - * lib/roken/snprintf.c: fix for the case of max_sz == 0 - - * doc/kth-krb.texi: Add @dircategory and @direntry to enable - `install-info' to install this entry in `dir'. - - * appl/telnet/telnetd/Makefile.in: Don't link with getstr - - - * lib/auth/sia/krb4_matrix.conf: Fix entries for ses_release and - chk_user. - -Sat May 3 1997 - - * lib/auth/sia/sia.c: Some cleanup. - -Fri May 2 1997 - - * configure.in: only link the programs that need it with the - db/dbm library - - - * lib/auth/sia/sia.c: Merge code for for normal and su - authentication. - - - * Replaced sprintf with snprintf and asprintf all over the place. - - * lib/roken/snprintf.c: Added asnprintf and vasnprintf - - * lib/roken/snprintf.c: implemented asprintf, vasprintf - - * lib/roken/snprintf.c: new file - -Thu May 1 1997 - - * lib/kafs/afskrb.c (k_afsklog_all_local_cells): Use `k_concat' - -Wed Apr 30 1997 - - * lib/krb/{get_host,get_krbrlm,getrealm,realm_parse}.c: Fix some - potential buffer overruns. - - * lib/krb/k_concat.c: Safely concatenate two strings. - -Sat Apr 26 1997 - - * appl/telnet/libtelnet/kerberos.c: removed stupid #if 0 - - * appl/bsd/rlogind.c (send_oob): different default for `last_oob' - to avoid losing first OOB packet - -Fri Apr 25 1997 - - * appl/voodoo/AuthOption.cpp: provoke the telnetd in turning on - encryption - -Wed Apr 23 1997 - - * lib/kafs/afskrb.c (realm_of_cell): don't overflow buffer with - result from `gethostbyaddr' - - * lib/krb/name2name.c (krb_name_to_name): new parameter - `phost_size' to disable buffer overflowing. Changed all callers. - - * lib/krb/k_getsockinst.c: New parameter `inst_size' to disable - buffer overflowing. Changed all callers. - - * appl/kpopper/Makefile.in: soriasis make stupidity - - * appl/kx/Makefile.in: don't include encdata.c in SOURCES_COMMON, - otherwise DEC make gets upset. - -Tue Apr 22 1997 - - * lib/krb/k_getsockinst.c: Use same name as in krb_get_phost. - - - * acconfig.h: hp-ux 10 also has `pututxline' that writes both to - utmp and utmpx. - -Sun Apr 20 1997 - - * include/win32/config.h: adapted to win95/NT - - * appl/voodoo: Merged in win32-telnet from - - * lib/krb/tkt_string.c: dummy `getuid' function. - - * lib/krb/ticket_memory.c (tf_setup): implement - - * lib/roken/roken.mak, roken.def: new files - - * lib/des/des.def: Removed des_random_{seed,key} - - * lib/krb/dllmain.c: Rewrote `msg'. - Better explanation when it fails to spawn `krbmanager'. - - * lib/krb/tf_util.c: backwards `in_tkt' added. - - * lib/krb/in_tkt.c: removed - - * lib/kclient/KClient: Reformatted and fixed. - -Sat Apr 19 1997 - - * appl/ftp/ftpd/ftpd.c: Incorporate /etc/ftpusers changes from - NetBSD. - - * appl/ftp/ftpd/ftpd.c: Handle oob-stuff better. - -Fri Apr 18 1997 - - * appl/kpopper/pop_{dropinfo,send,updt}.c: Fix 'From ' line - parsing bug. - - * appl/kpopper/pop_dropinfo.c: Add support for xover. - - * appl/kpopper/pop_xover.c: Add some kind of xover support. - - * appl/kpopper/pop_debug.c: New tiny popper debugging program. - -Tue Apr 15 1997 - - * lib/krb/kdc_reply.c (kdc_reply_cred): fix sanity checks. - - * appl/bsd/rshd.c: k_afsklog so that remote command gets a token. - fix usage string. - -Sat Apr 12 1997 - - * appl/bsd/rcp.c (main): Rcp implements encrypted file transfer - without using the kshell service. - - - * lib/krb/mk_safe.c: Emit new checksum. - - * lib/krb/rd_safe.c: New code to handle both new and old - checksums. - - * lib/des/qud_cksm.c: Fix compatibility with mit deslib. - -Fri Apr 11 1997 - - * lib/sl/sl.c (sl_match): initialize `partial_cmd' - -Sun Apr 6 1997 - - * lib/kafs/kafs.h: Ugly addition of `_P' - - * lib/kafs/afssys.c: contains the definition of - `_IOW' on cygwin32. - - * appl/telnet/telnet/utilities.c: needed by - cygwin32 - - * doc/Makefile.in: always run $(MAKEINFO). - - * lib/otp/otp_md.c (sha_finito_little_endian): byte-swap - correctly. - - * include/sys/bitypes.H: Added #ifndef for types - - * configure.in: test for types - - * aclocal.m4: Stolen AC_GROK_TYPES? from heimdal - - - * appl/ftp/ftp/ftp.c: Fix passive mode. - -Sat Apr 5 1997 - - * appl/kauth/ksrvtgt.in: New ksrvtgt script. - -Fri Apr 4 1997 - - * lib/krb/kdc_reply.c: Add some range checking. - - - * lib/otp/otptest.c: Updated tests from `draft-ietf-otp-01.txt'. - Passes verification examples from appendix C. - - * admin/kdb_util.c: All usage strings are now consistent (and even - with the code)! - -Thu Apr 3 1997 - - * lib/kafs/afssys.c (k_pioctl): Separate syscall functionality and - kerberos convenience routines into afssys.c and afskrb.c. This to - make it possible to use k_pioctl() without linking in all - libraries in the world. - -Tue Apr 1 1997 - - * appl/telnet/telnet/commands.c: Rename suspend to telnetsuspend, - since Unicos has one of its own. - -Sun Mar 30 1997 - - * appl/bsd/{rsh,rlogin}.c: Don't look at argv[0]. - - - * man/tenletxr.1: new file - - * appl/kx/rxtelnet.in, appl/kx/rxterm.in, appl/kx/tenletxr.in: - Support `-k' - - * appl/kx/tenletxr.in: new script for running kx in backwards - mode. - - * appl/kx: New version of protocol. - - * appl/kauth: Use err & c:o - - * appl/kauth/encdata.c (read_encrypted): Give better return code - for EOF - - - * appl/ftp/ftp/krb4.c: Use stdout rather than stderr. Add newlines - to many strings. - - * kuser/kdestroy.c: Use set_progname, make -q equal to -f, remove - bell. - - * lib/roken/warnerr.c: New function set_progname. - * aclocal.m4: Invert test of AC_NEED_DECLARATION and rename it to - AC_CHECK_DECLARATION. Add new function AC_CHECK_VAR, that looks - for a variable, including a declaration. - - * lib/roken/roken.h: Add optional declaration for __progname. - - * lib/roken/*{err,warn}.c: Restructure err and warn functions. - -Sat Mar 29 1997 - - * appl/telnet/telnet/sys_bsd.c: Maybe-fix for HP-UX 10: Ifdef - SO_OOBINLINE, don't even select for exceptional conditions. - - * lib/otp/otp_md.c: always downcase the seed. - byte-swap the SHA result. - -Thu Mar 27 1997 - - * appl/otp/otp.c: removed bad free of global data - -Sun Mar 23 1997 - - * configure.in: moved version.h and config.h to include - - - * acconfig.h: Fix utmp/utmpx stuff on OSF/1. - - - * appl/bsd/rlogind.c (control): Rewritten to handle the case of - there being no `ws_xpixel' and `ws_ypixel' - - * appl/bsd/rlogin.c (sendwindow): Rewritten to handle the case of - there being no `ws_xpixel' and `ws_ypixel' - - * aclocal.m4 (AC_KRB_STRUCT_WINSIZE): Also test for `ws_xpixel' - and `ws_ypixel' - - * lib/otp/otp.h: Change default global timeout - - * lib/krb/tf_util.c (tf_setup): Also take `pname' and `pinst' - - * appl/telnet/telnetd/sys_term.c, appl/bsd/utmpx_login.c: Do - gettimeofday and then copy the data for the sake of those systems - like SGI that can have different timevals in file and memory. - - * configure.in: Allow `--with-readline' - - * lib/editline/edit_compat.c (readline): strdup data before - returning it. - - - * appl/telnet/telnetd/state.c: Change size of subbuffer to 2k. - -Thu Mar 20 1997 - - * lib/krb/decomp_ticket.c: Add some range checking. - - * appl/ftp/ftpd/krb4.c: Check return value from krb_net_write. - - * appl/ftp/ftp/ftp.c: Fix hash mark printing. - -Wed Mar 19 1997 - - * appl/kauth/kauthd.c: more logging - - * man/kx.1, man/kxd.8: Updated. - - * appl/kx/kx.c, kxd.c: Hacked so that all TCP-connections are kx - -> kxd - - - * lib/editline/edit_compat.c: BSD libedit comatibility. - -Wed Mar 12 1997 - - * appl/ftp/ftpd/ftpd.c: Set `byte_count' even when using mmap. - Log foreign IP address together with hostname. - -Mon Mar 10 1997 - - * server/kerberos.c: Fix log file muddle. - -Sun Mar 9 1997 - - * appl/bsd/kcmd.c (kcmd): check malloc for failure. - -Tue Feb 25 1997 - - * man/ftpd.8: Documented the `-g' option. - - * appl/ftp/ftpd/ftpd.c: New option `-g umask' for specifying the - umask for anonymous users. - - * appl/ftp/ftpd/ftpd.c: conditionalize SIGURG - - * appl/otp/otp.c: More fixes from Fabien COELHO - . Check for current OTP before allowing the - update. - -Wed Feb 19 1997 - - * appl/otp/otp.c: updated help string - - * appl/bsd/Makefile.in: Fixed installation of suid programs. - - * appl/telnet/libtelnet/kerberos.c: fix some stuff to get - forwarding code to compile - - * lib/otp/otp_db.c: fix for signed char overflow. - - - * lib/krb/resolve.c: Patch from Jörgen Wahlsten - : Zero out resource record, and send - correct length to dn_expand. - -Mon Feb 17 1997 - - * lib/roken/roken.h: Check for `_setsid' - - * appl/ftp/ftp/ftp.c: s/__CYGWIN32__/HAVE_H_ERRNO/ - - * include/Makefile.in: Generete krb_err.h and kadm_err.h before - linking/copying them - - * aclocal.m4: AC_FIND_FUNC: Add the library at the beginning of - the list. - - * configure.in: Use AC_PROG_RANLIB - Always use EMXOMF under OS/2 - Check for sys/termio.h and _setsid - - - * configure.in: A preliminary fix for editline. - - * appl/telnet/libtelnet/kerberos.c: Include ticket forwarding - stuff. - - * lib/krb/krb_get_in_tkt.c: Use tf_setup. - - * lib/krb/krb_get_in_tkt.c: New function tf_setup. - -Sat Feb 15 1997 - - * man/otp.1: updated - - * appl/otp/otp.c: New options `-d' and `-r'. From Fabien COELHO - - - * lib/otp/otp.h: Changed default from md4 to md5 - * lib/otp/otp_db.c (otp_get, otp_simple_get): New functions. - -Thu Feb 13 1997 - - * appl/kx/rxtelnet.in: allow specification of port number - - * appl/otp/otp.c: Add `-u' option - -Sun Feb 9 1997 - - * appl/ftp/common/glob.c: Rename FOO -> CHAR_FOO to avoid - collision with symbol in sys/ioctl.h - -Fri Feb 7 1997 - - * man/kpropd.8: updated - - * appl/bsd/rcmd_util.c: warning needs to know what program is - used. - - * slave/kpropd.c: New explicit flag `-i' for interactive. Don't - use AI to figure out if we have been started by inetd or not. - -Thu Feb 6 1997 - - * appl/kx/rxtelnet.in, appl/kx/rxterm.in: Patch for sending -l to - kx. From - - * kuser/klist.c: corrected alignment of `expired' - - * appl/telnet/telnet/commands.c: replaced lots of \n by \r\n - -Mon Feb 3 1997 - - * configure.in (socket, gethostbyname, getsockopt, setsockopt): - Better tests. - (HAVE_H_ERRNO): New test - - * lib/roken/herror.c (herror): Check HAVE_H_ERRNO - lots of other files as well. - -Sat Feb 1 1997 - - * appl/bsd/rcp.c: Work around the non-working getpw* in cygwin32 - - * lib/krb/logging.c: Init function for `std_log´ - - * appl/telnet/telnet/utilities.c: Remove `upcase´ - Check HAVE_SETSOCKOPT - - * appl/telnet/telnet/telnet.c: Use `strupr´ instead of `upcase´ - - * appl/telnet/telnet/commands.c, appl/movemail/pop.c, - appl/kauth/rkinit.c, appl/ftp/ftp/ftp.c, - appl/sample/sample_client.c: Ifdef around for the non-existence of - `h_errno' in cygwin32. - - * lib/des/read_pwd.c: work-around for cygwin32 - - * appl/telnet/telnet/sys_bsd.c: work-around for cygwin32 - -Fri Jan 31 1997 - - * lib/krb/tf_util.c: gnu-win32 needs to open files with O_BINARY. - -Sun Jan 26 1997 - - * configure.in: removed duplicate of initgroups and lstat - Use AC_KRB_STRUCT_WINSIZE - - * aclocal.m4 (AC_KRB_STRUCT_WINSIZE): New test - - * lib/krb/getaddrs.c: Check for SIOCGIFFLAGS and SIOCGIFADDR - - * appl/bsd/rlogin.c: conditional on SIGWINCH - - * appl/bsd/rcmd_util.c et al: conditional getsockopt - - * configure.in (cygwin32): New target - (getsockopt, getsockopt): Test for - (herror, hstrerror): Better tests - - * aclocal.m4 (AC_FIND_IF_NOT_BROKEN): Pass arguments to - AC_FIND_FUNC - -Thu Jan 23 1997 - - * configure.in: Add EXECSUFFIX - - * appl/kx/rxterm.in: rsh -n - - * lib/krb/unparse_name.c (krb_unparse_name_long_r): new function - - - * lib/auth/sia/sia.c: Fix a bug with ticket filename. Add afs - support. - - * lib/krb/get_host.c: Use KRB_SERVICE. - -Wed Jan 22 1997 - - * lib/auth/sia/Makefile.in: Add linker magic fix for broken, - conflicting kerberos code in xdm. - -Tue Jan 21 1997 - - * appl/xnlock/xnlock.c (verify): Change the "LOGOUT" password to - be manageable as X-resource XNlock*logoutPasswd. The password is - stored in UNIX crypt format so that it can be stored in a global - resource file for sites that whish to keep it a secret. - - - * configure.in: Check for winsize in sys/ioctl.h also. - -Sat Jan 18 1997 - - * lib/krb/get_default_principal.c: Use principal from - KRB4PRINCIPAL before using uid. - -Wed Jan 15 1997 - - * appl/telnet/telnet/sys_bsd.c: Use `get_window_size' - - * lib/roken/get_window_size.c: New file - - * appl/bsd/rlogin.c: Use `get_window_size' - - * appl/bsd/forkpty.c, appl/bsd/rlogind.c: conditionalize on - TIOCSWINSZ - - * configure.in: Check for `_scrsize' and `struct winsize' - -Tue Jan 14 1997 - - * Makefile.in (install-strip, travelkit-strip): New targets. - -Thu Jan 9 1997 - - * */Makefile.in: Use @foo_prefix@ and @program_transform_name@ - Add code to uninstall target - -Thu Dec 19 1996 - - * configure.in: Set LIBPREFIX - - * config.sub: Add os2 as a system - - * config.guess: Try to recognize i386-pc-os2_emx - - * configure.in: case for *-*-os2_emx - NEED_PROTO for `strtok_r' - - * aclocal.m4: ranlib is apparently calld EMXOMF on OS/2 - (AC_KRB_PROG_LN_S): New test that uses cp if ln fails - -Wed Dec 18 1996 - - * appl/bsd/login.c (main): First try to verify password using - standard UNIX method and if it fails try kerberos authentication. - -Sat Dec 14 1996 - - * appl/bsd/rcp.c: consider case of no fchmod - - * appl/kpopper/pop_init.c: Use k_getsockinst. - - * lib/roken/{strupr,strlwr,strchr,strrchr,lstat,initgroups,chown, - fchown,rcmd}.c: new files - - * appl/kpopper/pop_lower.c: Removed. - - * Makefile.in (travelkit): New target. - -Tue Dec 10 1996 - - * lib/krb/parse_name.c (kname_parse): Only copy realm if it is - specified. - - * lib/krb/get_host.c (krb_get_host): Treat no realm as local - realm. - -Mon Dec 9 1996 - - * appl/ftp/ftpd/ftpd.c: Get afs-tokens when logging in with - password. - - - * slave/kprop.c: flock with K_LOCK_SH - -Wed Dec 4 1996 - - * appl/telnet/telnet/commands.c: Also export XAUTHORITY - -Sun Dec 1 1996 - - * kadmin/ksrvutil.c: If realm is not specified, use the local one. - -Sat Nov 30 1996 - - * appl/kauth/kauthd.c: Use KAUTH_VERSION. Try to give correct - error messages back to kauth. - - * config.sub, config.guess: Merged in changes from autoconf 2.12 - - * appl/bsd/rsh.c: quick hack to make `-n' to the right thing. - - * kadmin/kadm_locl.h: Add prototype for FascistCheck. - -Thu Nov 28 1996 - - * man/afslog.1: Documented `-createuser' - - * appl/afsutil/aklog.c: removed `cell_of_file' Added option - `-createuser' to run pts to create a foreign principal. - -Tue Nov 26 1996 - - * lib/otp/otp_challenge.c: Initialize error string and check for - NULL from strdup. - - * lib/roken/mini_inetd.c: Initialize `sin_family' - - * appl/kpopper/pop_init.c: Add `-p' option and make `-a' - auth-style - - * appl/bsd/rshd.c: Add `-p' option. - - * appl/bsd/rlogind.c: Handle `-p' correctly. - - * appl/bsd/login.c: Removed confusing initialization of - `login_timeout' - - * appl/kpopper/pop_dropinfo.c: Remove white-space at the beginning - of UIDL-string. - -Sun Nov 24 1996 - - * Release 0.9.3 - -Sat Nov 23 1996 - - * kadmin/ksrvutil_get.c: Use `krb_unparse_name_long' Better - defaults. - - * lib/krb/krb.h: Added *_to_key - - * lib/krb/get_svc_in_tkt.c (srvtab_to_key): Make public - - * kadmin/kadmin.c (do_init): `-p' is a synonym for `-u' - (do_init): more logical defaults - (help): removed old code - better error messages - - * lib/krb/get_in_tkt.c (passwd_to_key, passwd_to_afskey): Export - and remove functionality for reading passwords. - - * lib/sl/sl.c: Nicer help output. - - * lib/otp/otp_challenge.c: Initialize `challengep' - - * lib/krb/Makefile.in: Removed get_pw_tkt.c - -Fri Nov 22 1996 - - * lib/auth/sia/sia.c: Now compiles under Digital UNIX 4.0. - -Wed Nov 20 1996 - - * lib/auth/pam/pam.c: Chown ticketfile to correct GID. - -Tue Nov 19 1996 - - * appl/kx/rxtelnet.in: Try to set the screen number as well. - - * Be careful not to thrust `h_length' from gethostby{name,addr} - - * appl/bsd/rcmd_util.c (ip_options_and_die): New function. - - * configure.in: moved headers before functions. - call AC_PATH_XTRA_XTRA. - Add strchr, index, rindex, and strrchr to AC_CHECK_FUNCS. - remove strchr and strrchr, add strtok_r from/to AC_BROKEN. - - * aclocal.m4 (AC_PATH_XTRA_XTRA): New macro. - - * aclocal.m4 (AC_FIND_FUNC, AC_FIND_FUNC_NO_LIBS): Two new - arguments: includes and arguments) - - * configure.in: Need to supply arguments and includes to test for - `res_search' and `dn_expand' - - * lib/kafs/afssys.c (k_setpag): Handle AFS_SYSCALL3 - - * Use `k_getpw{nam,uid}' instead of getpw{nam,uid}. - - * Replace lots of `strtok' with `strtok_r'. - - * lib/sl/sl.c: Allow unlimited number of arguments. Use - `strtok_r' to divide up string into arguments. - - * lib/roken/roken.h: Added `strtok_r' - - * configure.in: Test for `strtok_r' - - * include/Makefile.in: Don't build in ss - - * Makefile.export: Fixed ChangeLog-generation - - * lib/sl/sl.c: Let `readline' to the \n-removal. Handle empty - lines. Don't store empty lines in the history. - -Mon Nov 18 1996 - - * lib/sl/sl.c: Use readline compatible i/o. - - - * lib/otp/otp_locl.h: Changed location of otp database to /etc - - * appl/otp/Makefile.in: Install otp setuid root. - - * util/Makefile.in: don't build SS - - * lib/sl: New directory. - - * kadmin/kadmin.c: Replaced SS by SL. - -Sun Nov 17 1996 - - * kadmin/kadm_funcs.c: Improved log messages. - - - * Use KRB_TICKET_GRANTING_TICKET. - - - * server/kerberos.c: Don't do any special logging when running as - slave. - - - * Lots of files: remove unnecessary `(void)' - - * Lots of files: remove unnecessary `register' declaration. - - - * lib/krb/get_host.c: Only keep list of hosts from requested - realm. - - - * man/otpprint.1, otp.1: New files. - - * appl/otp/otp.c: `-s' is now default. - - * appl/otp/otp.c: removed count - - * lib/des/destest.c: more general quad_cksum test. - - * lib/otp/otp_print.c (otp_print_stddict_extended, - otp_print_hex_extended): New functions. - - * lib/otp/otptest.c: New file. - - - * appl/ftp/ftpd/ftpd.c: Change default auth level to what was - formerly known as `user'. - - * appl/ftp/ftpd/ftpd.c: Orthogonalize arguments to -a - - - * appl/kip/kip.c: Try all addresses we get back from the name - server. - - * kadmin/kpasswd.c: updated to new functions. - - * lib/otp/otp_db.c (otp_db_open): Do a few retries. Unlock in - case this file cannot be opened. - - * doc/kth-krb.texi: New chapter about OTPs. - - * appl/otp/otpprint.c, appl/otp/otp.c: Use OTP_ALG_DEFAULT. - Consistent language Check return value from des_read_pw_string. - - * lib/otp/otp.h: Add OTP_ALG_DEFAULT - - - * lib/krb/parse_name.c: New function krb_parse_name - -Sat Nov 16 1996 - - * appl/bsd/login.c: removed S/Key. - Added OTP with option `-a otp' - Reorganized verification loop. - - * appl/bsd/Makefile.in (login): Remove skey and add OTP - - * configure.in: Test for `uid_t' and `off_t' - - * appl/telnet/telnetd/telnetd.c: Removed `-s' for securID and - added `-a otp' for OTP. - - * appl/kpopper: removed s/key and added OTP support. Updated - man-page. - - * lib/otp/otp.h: more fields in the struct and a new function. - - * appl/ftp/ftpd/ftpd.c: Full OTP support. - - * appl/kx/rxterm.in: Add options: -l username, -r args_to_rsh, and - -x args_to_xterm - - * appl/kx/rxtelnet.in: Add options: -l username, -t - args_to_telnet, and -x args_to_xterm - - * man/kx.cat1: regenerated - - * man/kx.1: Added `-l' option. - - * appl/kx/kxd.c: Accept username from `kx' - - * appl/kx/kx.c: Introduced option `-l user' to be able to login as - some other user. - -Fri Nov 15 1996 - - * appl/kx/kx.c: Print out display and not display_nr - - * lib/auth/Makefile.in: Fix the case with empty SUBDIRS. - - * */Makefile.in: Use $(LN_S) instead of ln -s - - * */Makefile.in: Add @SET_MAKE@ - - * doc/latin1.tex: New file. - - * doc/kth-krb.texi: Use latin1.tex to be able to use one letter - that some bear seem to think is important. - - * doc/kth-krb.texi: Added acknowledgements. - - * lib/auth/Makefile.in: Only build relevant subdirectories. - - * configure.in: Set @LIB_AUTH_SUBDIRS@ to the subdirectories of - lib/auth that should be built. - - - * lib/kafs/afssys.c: Only get tokens for each cell once. - -Thu Nov 14 1996 - - * man: Added man pages for movemail(1) and kerberos(8). - - - * kadmin/kadmin_cmds.ct: Add `add' for add_new_key and `passwd' - for change_password. - - - * lib/krb/logging.c: Now actually compiles! - - - * config.{guess,sub}: Merge changes from Autoconf - - - * lib/krb/{recv,send}auth.c: Don't return errno if there is a - system error. - -Wed Nov 13 1996 - - * util/ss/Makefile.in: Now even compiles with BSD make! - - * appl/kx: Now send the complete display from `kxd' to `kx'. This - should enable it to work better with Xlibraries that don't support - unix sockets. - - * kuser/klist.c: conditionally include and - before - - * lib/krb/resolve.h: Add fallback for `T_TXT'. - - * appl/otp/otp.c: removed print-functionality. - - * appl/otp/otpprint.c: New file. - - * appl/otp/Makefile.in: New program `otpprint' - - * lots of Makefile.in: Now should be possible to build with makes - that have broken VPATH-handling. - - * configure.in: Always replace REAL_SHARED & c:o so that some - libraries may be built as shared. - Removed unused AC_SUBST. - Only build afskauthlib on irix. - - * lib/auth/afskauthlib/Makefile.in, lib/auth/sia/Makefile.in, - lib/auth/pam/Makefile.in: Always build as a shared library. - - * appl/kx/rxtelnet.in, appl/kx/rxterm.in: export PATH (from - ). - - - * lib/krb/{pkt_cipher,fgetst}.c: Removed - - * lib/krb/name2name.c: Renamed k_name_to_name to krb_name_to_name - -Mon Nov 11 1996 - - * appl/telnet/telnetd/sys_term.c: Really remove bad stuff from - environment. - -Fri Nov 8 1996 - - * appl/bsd/rlogind.c (main): `portnum' should be int. - - * appl/bsd/sysv_environ.c: Use _PATH_ETC_ENVIRONMENT - - * appl/bsd/pathnames.h: _PATH_ETC_ENVIRONMENT: new - - * lib/krb/get_host.c (srv_find_realm): New parameter `service' - - - * lib/krb/unparse_name.c: New function. - -Tue Nov 5 1996 - - * lib/auth/pam/pam.c: Add PAM Kerberos module. - -Mon Nov 4 1996 - - * configure.in: configure in lib/auth/afskauthlib - - * lib/kafs/afssys.c: New function `k_afsklog_uid'. - - * lib/auth/afskauthlib: New library that works like - `afskauthlib.so' from Transarc. - - - *lib/krb/get_host.c, lib/krb/getrealm.c, lib/kafs/afssys.c: Use - dns_lookup(). - - * lib/krb/resolve.c (dns_lookup): Replaced several different - resolver functions with one more generalized. - -Sun Nov 3 1996 - - * Add check target in lib/krb. - - * appl/bsd/login.c (main): Sleep 10 seconds before bailing out so - that there is a chance of reading the error message. - - * appl/bsd/rsh.c (main): When invoked as rlogin equivalent change - to real uid before execing rlogin. - -Sat Nov 2 1996 - - * appl/bsd/utmp_login.c: Do the right thing on systems where - UTMPX_DOES_UTMP_LOGGING is defined. - - - * lib/krb/krb.h: names for `krb_kuserok' prototype - - * lib/krb/get_host.c: Add tcp/kerberos.REALM as well. - - * appl/bsd/su.c: Replace call to `kuserok' by `krb_kuserok'. - - * lib/otp/otp_parse.c: Add support for parsing extended responses - (draft-ietf-otp-ext-01). - - * lib/otp/otp.h: Define OTP_HEXPREFIX and OTP_WORDPREFIX. - - * appl/otp/otp.c: Add option `-e' for printing responses in - extended mode (according to draft-ietf-otp-ext-01.txt). - - - * lib/krb/kuserok.c: Function krb_kuserok now takes name, - instance, realm rather than an AUTH_DAT. - -Fri Nov 1 1996 - - * lib/auth/sia: Add SIA Kerberos module. - - - * lib/roken/roken.h: Need to include signal.h prior to defining - SIG_ERR. - - * appl/bsd/utmpx_login.c (utmpx_update): Minor restructuring for - simplified maintainability. - - * appl/bsd/utmp_login.c (utmp_login): Even when there are utmpx - files on this system we should also log to the utmp files. If - there are no utmp files we of course don't have to log to them. - - - * Makefile.export: now generate PROBLEMS and COPYRIGHT as well. - - * PROBLEMS, COPYRIGHT, doc/kth-krb.info: removed - - * doc/kth-krb.texi: Put copyrights in marketing order. - - * appl/kpopper/popper.h: client and ipaddr should be char [] so - that we can store the names there. - - * appl/kpopper/pop_init.c: save copies of addresses that otherwise - get overwritten. - -Mon Oct 28 1996 - - * lib/krb/send_to_kdc.c (send_recv_it): Use `recv' not `recvfrom' - to make winsock happy. Also don't care anymore about from which - address we got the answer since we do a `connect'. - - * admin/adm_locl.h, lib/kdb/kdb_locl.h, kadmin/kadm_locl.h, - lib/krb/krb_locl.h, lib/roken/strftime.c, server/kerberos.c: Do - not use #if, use #ifdef. - - * configure.in: Test for `rand' and `getuid' - - - * slave/kprop.c: Don't terminate on trivial errors in slaves-file. - -Sun Oct 27 1996 - - * doc/Makefile.in: Install from source directory if necessary. - - * lib/krb/kuserok.c: Do not use `k_getpwnam' in libkrb. - - * configure.in: You can't even use `unset', Ultrix sh does not - have it. - - - * several files: Check status from des_read_pw_string. - - - * server/kerberos.c: Make sure all data is recieved on a tcp - socket before trying to reply. - - - * lib/krb/krb.h: Add for `struct tm' - - * appl/kx/Makefile.in: Both kx and kxd requires @XauWriteAuth@ - - * configure.in: Fix test for `XauReadAuth' - -Fri Oct 25 1996 - - * lib/krb/get_host.c (init_hosts): Must ntohs(KRB_PORT) on - machines running backwards. - - * More consistent use of CRLF in telnet and telnetd. - - * Removed redundant -I$(srcsdir)/../../include from compiler args. - - - * appl/ftp/ftpd/ftpd.c: New option `-a otp' to allow OTPs but no - ordinary passwords in cleartext. - - * appl/ftp/ftpd/Makefile.in: Link `ftpd' with -lotp - - * lib/Makefile.in: Add otp - - * include/Makefile.in: Add otp.h - - * configure.in: Test for ndbm.h - Generate Makefiles in lib/otp and appl/otp - - * appl/otp: New program to set up and generate OTPs. - - * lib/otp: New library for one-time passwords (RFC1938). - - * lib/krb/get_host.c (srv_find_realm): Added parameter `proto' - - * lib/des/Makefile.in: Add md4 and sha. run `mdtest' from check. - - * lib/des/md4.h, lib/des/md4.c, lib/des/sha.c, lib/des/sha.h, - lib/des/mdtest.c: New files. - - * appl/kauth/Makefile.in: Make $(libexedir) as well. - -Thu Oct 24 1996 - - * appl/bsd/rlogind.c (setup_term): Actually set the speed of the - terminal. - - * appl/bsd/rlogin.c (main): Do a `speed_t2int' before putting the - speed in the TERM variable. - - * appl/bsd/rcmd_util.c: New functions: `speed_t2int' and - `int2speed_t'. - - * appl/bsd/bsd_locl.h: Added prototype of `speed_t2int' and - `int2speed_t'. - -Sun Oct 20 1996 - - * appl/bsd/login.c: Do `getspnam' before change the UID. Also call - `endspent' - - * appl/krbmanager: New program used on PCs by kclient. - - * lib/kclient: New library. - - * lib/des, lib/krb: Added some PC-specific files. - - * doc/kth-krb.info: Regenerated. - - * doc/Makefile.in (kth-krb.info): Some stupid makes don't - understand $< - (kth-krb.html): New rule. - - * doc/kth-krb.texi (Compiling from source): Added some references - about Socks. - -Sat Oct 19 1996 - - * doc/kth-krb.texi: Added text about ``--with-socks''. - - * configure.in: Use `AC_TEST_PACKAGE' for skey and socks. - - * aclocal.m4: Replaced `AC_TEST_SOCKS' and `AC_TEST_SKEY' with the - more general `AC_TEST_PACKAGE'. - -Fri Oct 18 1996 - - * configure.in: call AC_TEST_SOCKS - - * acconfig.h: SOCKS - - * aclocal.m4: Added AC_TEST_SOCKS - - * lib/krb/send_to_kdc.c (send_to_kdc): Removed unused `f' and - close. - -Thu Oct 17 1996 - - * man/popper.8: Option `-i' - - * appl/kpopper/pop_send.c: clean-up - - * appl/kpopper/popper.h: Removed old garbage and added SKEY. - - * appl/kpopper/pop_xmit.c: clean up - - * appl/kpopper/pop_user.c: SKEY-support - - * appl/kpopper/pop_pass.c: Added support for spaces in passwords - and S/Key. - - * appl/kpopper/pop_init.c: Moved some variables into struct pop - (main): Added support for `-i' - - * appl/kpopper/pop_get_command.c: New command "HELP". - - * appl/kpopper/Makefile.in: Add SKEY-stuff. - - * lib/krb/get_host.c: Use `k_getportbyname(KRB_SERVICE,...)' as a - default instead of KRB_PORT - - * lib/krb/getaddrs.c (k_get_all_addrs): Add - gethostbyname(k_gethostname()) as a fallback. - - * lib/krb/k_getport.c (k_getportbyname): proto can be NULL - - * lib/krb/krb.h: Only include if HAVE_SYS_TYPES_H - - * lib/krb/prot.h: KRB_SERVICE: Added - - - * server/kerberos.c: Replaced linked list with a vector. - -Wed Oct 16 1996 - - * server/kerberos.c: Add support for TCP connections. - - * lib/krb/send_to_kdc.c: On stream sockets, use krb_net_read - rather than recvfrom. - -Mon Oct 14 1996 - - * doc/kth-krb.texi: Only use `kdb_edit' to add the initial - `nisse.admin'. Add all other users with `kadmin'. - - * doc/kth-krb.info: new file. - - * doc/kth-krb.texi: Added some text about kx and ftp. - - * appl/ftp/ftpd/ftpcmd.y, - util/ss/ct.y, - util/et/error_table.y : - Added code for handling the case of using `bison' and having no - `alloca'. Alloca is usually never called anyway, so we just use - `malloc'. - - * appl/kx/kxd.c: All static variables are now global and in - common.c. - (doit_conn, doit): Turn on TCP_NODELAY. - (create_and_write_cookie, suspicious_address): Moved to common.c - - * appl/kx/kx.c (connect_host): Try all addresses of `host'. Turn - on TCP_NODELAY. - (doit): prepare for TCP-only hosts. - (usage,main): add `-t' - (main): Passive mode is possible again. - - * appl/kx/kx.h: More #ifdefs for include files. Declarations for - global variables. - - * appl/kx/common.c (get_xsockets): Try to chmod - dirname(`X_UNIX_PATH') - (get_xsockets): Turn on TCP_NODELAY on TCP connections. - - * doc/Makefile.in: New file - - * Makefile.in: Added `doc' to `SUBDIRS' - - * configure.in: Generate `doc/Makefile' - -Sun Oct 13 1996 - - * appl/bsd/rcp.c (main): Made rcp AFS aware. - - * lib/krb/kuserok.c (kuserok): Act as if luser@LOCALREALM is - always an entry of .klogin. - -Sat Oct 12 1996 - - * appl/kx/rxtelnet.in: Start the `xterm' process correctly. - - * lib/des/rnd_keys.c (sumFile): consider the case that `res' is - not longword-aligned. - - * lib/krb/get_host.c (parse_address): `getservbyname' should - really get proto = NULL - - * lib/krb/send_to_kdc.c (krb_udp_port): removed - (send_to_kdc): removed `addrlist' - - * lib/krb/send_to_kdc.c: Support not only UDP. - - * lib/krb/get_host.c (krb_get_admhst): Really ask for a admin host - if that's what we want. - -Thu Oct 10 1996 - - * lib/krb/get_host.c: Simplified some code. Added stub-support for - SRV-records. - -Wed Oct 9 1996 - - * appl/kx/rxtelnet.in, appl/kx/rxterm.in: PDC are unable to give - correct instructions to their users and therefore we have to add - strange directories to the PATH. - - * appl/kx/rxtelnet.in: Support sending arguments to telnet. - - * appl/kx/rxterm.in: rsh can reside in path or %bindir% support - extra arguments to xterm (from ). - - * appl/kx/rxtelnet.in: Try to find some kind of terminal emulator - for X. - - * appl/kx/rxterm.in, appl/kx/rxtelnet.in: Look for kx in $PATH and - %bindir%. - - * appl/kx/common.c (get_xsockets): `mkdir' the correct directory. - From - - - * lib/krb/send_to_kdc.c: Changes to allow other than udp port 750 - connections. - - * lib/krb/get_host.c: rewrite of krb_get_{adm,krb}hst. - -Sun Oct 6 1996 - - * appl/ftp/ftpd/ftpd.c (retrieve): Got rid of `sprintf'. - - * configure.in: Fix order for x libs. From . - Check for `fcntl', `alloca', `winsock.h', and `io.h'. - - * lib/krb/krb_locl.h: Check for and - - * lib/krb/krb.h: Check for winsock.h - - * lib/krb/k_flock.c: Better test for `fcntl' with locking. - - * lib/krb/et_list.c: Hopefully correct pragma this time. From - - -Thu Oct 3 1996 - - * lib/krb/klog.c (klog): Do not forget to print the text. - - * lib/krb/log.c (krb_log): Print space after time in log. - -Wed Oct 2 1996 - - * appl/kpopper/popper.h: Add field msg_id to hold Message-Id for - UIDL command. - - * appl/kpopper/pop_dropinfo.c (pop_dropinfo): Support for UIDL - command. Saves Message-Id to be used as unique id. Everything is - #ifdef:ed UIDL. - - * appl/kpopper/pop_get_command.c: Recognize UIDL command. - - * appl/kpopper/pop_uidl.c (pop_uidl): POP3 UIDL command - implementation. - - * appl/kpopper/Makefile.in: New file pop_uidl.c. - - - * configure.in: Made some of the tests into macros defined in - aclocal.m4 - - * appl/telnet/libtelnet/kerberos.c: Given better error message - when user is not authorized to login. - - * lib/roken/k_getpwuid.c, lib/roken/k_getpwnam.c: Call `endpwent'. - If we are using a BSD-kind of system we should not leave the - shadow password database open. - - * appl/xnlock/xnlock.c: Got rid of all `register' declarations. - - * appl/kx/rxterm.in, appl/kx/rxtelnet.in: Use `set --' - -Mon Sep 30 1996 - - * lib/roken/k_getpwnam.c, lib/roken_k_getpwuid.c: Call `endspent' - to try to close the shadow password file. - - * appl/ftp/ftpd/ftpd.c (retrieve): Cut the argument to the command - and the first character of the extension. - - * lib/krb/send_to_kdc.c: Sun doesn't have any strerror so we can't - use that here. We are only printing debug messages anyway, so - just print errno for now. - - * appl/kx/rxtelnet.in: Now using SIGUSR2. - - * appl/kx/kx.c: Now using SIGUSR1 to mean `exit when number of - children goes down to zero'. SIGUSR2 is `exit when number of - children is equal to zero'. - - * appl/xnlock/xnlock.c: More fixup of old code. - - * appl/ftp/ftpd/ftpd.c: Only call `filename_check' for guest - users. - - * configure.in: Added tests for more header files. Also added - more ifdefs when actually including those files. - - * appl/kx/Makefile.in: Do not build programs if we have no X11. - -Sun Sep 29 1996 - - * appl/xnlock/xnlock.c (main): Support for shadow passwords. - - * lib/roken/k_getpwuid.c: New file, better support for shadow - passwords. - - - * appl/telnet/Makefile.in: Use SET_MAKE - - - * appl/ftp/ftpd/ftpcmd.y: Remove access to several commands for - anonymous users. - - * lib/krb/get_krbhst.c: Look for kerberos-#.realm. - - * appl/ftp/ftpd/popen.c: Execute files from ~ftp if possible. - - * appl/ftp/ftpd/ftpd.c: Add find site command. - - * appl/ftp/ftpd/ftpd.c: Add special handling of nonexistant files - with extensions {,.tar}{,.gz,Z}. - -Sat Sep 28 1996 - - * configure.in: Check for sys/times.h, sys/param.h, and - sys/timeb.h - - * lib/des: autoconfed a little to make it compile. - - * lib/roken/roken.h: Add `max', `min', and definitions for broken - syslogs. - - * appl/bsd/bsd_locl.h: Removed SYSLOG-garbage and max. - - * appl/kx/kx.h: Remove prototype of childhandler. - - * appl/kx/common.c: Remove childhandler. Not common any more. - - * appl/kx/rxterm.in: Send SIGUSR1 to kx before starting xterm. - - * appl/kx/rxtelnet.in: Send USR1 to kx at appropriate moment. - - * appl/kx/kx.c: Die after receiving SIGUSR1 and when number of - children goes to zero. - - * lib/roken/roken.h: Add STDERR_FILENO - - * lib/roken/mini_inetd.c (mini_inetd): Also dup onto stderr. - - * lib/kafs/Makefile.in (afslib.so): Change argument so they work - with `ld' instead of `cc' - - * appl/kx/kxd.c: writeauth.c as separate file. - - * appl/kx/kx.c: `-d' option to disable forking. - - * appl/kx/Makefile.in: Compile and link writeauth.c if necessary. - For some stupid reason $< does not work correctly in BSD make. - Use $(srcdir) instead. - - * appl/ftp/ftp/ftp_locl.h: Only include once. - - * configure.in: Use strange X flags when looking for XauReadAuth. - Add XauWriteAuth if we need to include it. - -Fri Sep 27 1996 - - * appl/sample: Sample programs work again. - - - * appl/kx/kxd.c (main): use `mini_inetd' - - * appl/kx/kx.c: Use KX_PORT - - * appl/kx/kx.h: Remove SOMAXCONN and add KX_PORT - - * appl/kauth/kauthd.c (main): use `mini_inetd' - - * appl/ftp/ftpd/ftpd.c: Removed `conn_wait' and use `mini_inetd' - instead. - - * appl/bsd/bsd_locl.h: Prototypes for `get_shell_port' and - `get_login_port' - - * appl/bsd/rcmd_util.c: New file. - - * appl/bsd/Makefile.in: Added rcmd_util.c - - * appl/bsd/rcp.c: Moved `get_shell_port' to rcmd_util.c - - * appl/bsd/rsh.c: Moved `get_shell_port' to rcmd_util.c - - * appl/bsd/rlogind.c (main): Use `mini_inetd' - - * appl/bsd/rshd.c (main): Add support for interactive mode with - `-i'. - - * appl/telnet/telnetd/telnetd.c (main): use `mini_inetd' - - * lib/roken/roken.h: Added prototype for `mini_inetd', and - fallback definitions for SOMAXCONN, STDIN_FILENO, and - STDOUT_FILENO. - - * lib/roken/Makefile.in: Added mini_inetd.o - - * lib/roken/mini_inetd.c: New file. - -Thu Sep 26 1996 - - * appl/kx/kxd.c (doit): read port number in ascii. - - * appl/kx/kx.c (doit): write port number in ascii. - - * appl/kauth/rkinit.c (doit_host): Check return value from - `read_encrypted'. - - * appl/kauth/kauthd.c (doit): Removed unnecessary sprintf's before - syslog. - - * lib/krb/krb_get_in_tkt.c (krb_get_in_tkt): Return error code - from `tf_create' and not always INTK_ERR. - - * lib/krb/tf_util.c (tf_create): Correct check for return value - from `open'. - - * lib/des/rnd_keys.c (des_rand_data): Try /dev/urandom as well. - -Wed Sep 25 1996 - - * appl/afsutil/pagsh.c (main): One-of error hopefully fixed this - time. - - * configure.in: Add test for - - * kadmin/Makefile.in: Add back $(CRACKLIB) - -Mon Sep 16 1996 - - * appl/kx/Makefile.in: Create rxterm and rxtelnet at compile time. - - * kstring2key moved to appl/afsutil. - -Sun Sep 15 1996 - - * appl/kx/kx.c (main): For now always use passive mode. That's - the only thing that has been tested and not a lot of people are - going to use non-passive anyways. - - * appl/kx/kx.c (connect_host): write display_number in ascii. - - * appl/kx/kxd.c (doit): read display_number in ascii. - - * appl/kx/common.c (get_local_xsocket): Generate the - /tmp/.X11-unix directory with the sticky bit set. - - * configure.in: Generate appl/kx/rxterm and appl/kx/rxtelnet. - - * appl/kx/Makefile.in: Install rxterm and rxtelnet. - - * appl/kx/rxterm.in, appl/kx/rxtelnet.in: New files. - - * appl/kx/common.c (get_local_xsocket): try to bind the socket - instead of checking for existence with lstat. - - - * appl/kx/kxd.c: Detect remote termination and cleanup on exit. - -Sat Sep 14 1996 - - * lib/des/rnd_keys.c: Hack for systems that lack setitimer (like - crays). - - - * appl/kx/kxd.c (doit): Send over the display number and the - authority file actually used to kx. - - (create_and_write_cookie): New function to generate and write into a - file a local cookie used between this pseudo-server and the - clients on this host. - - (start_session): New function to check and remove the local cookie - before the data is sent over to `kx'. - - * appl/kx/kx.c (display_num, xauthfile): New variables. Now `kx' - prints out the values of those two variables and then goes to the - background to enable some script to set these on the other host. - - (start_session): New function that adds a local cookie before sending - the rest of the connection to the local X-server. - - (main): Also recognize "unix" as a local DISPLAY. - - * appl/kx/kx.h: used. - (get_local_xsocket): Changed parameter. - - * appl/kx/common.c (get_local_xsocket): Now try to allocate the - first free socket in /tmp/.X11-unix. Also `mkdir' this directory - first. Return the number of the display opened. - - * appl/kx/Makefile.in: Added X libraries. - - * lib/des/des.h: Added prototype for `des_rand_data'. - - * lib/des/rnd_keys.c: Made `des_rand_data' non-static. This - function is useful and now even used. - -Wed Sep 11 1996 - - * appl/bsd/login.c: Use k_afs_cell_of_file() to get tokens for the - cell of the home catalog rather than the local cell. - - * lib/kafs/afssys.c: Add k_afs_cell_of_file. - -Tue Sep 10 1996 - - * appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c: - Removed all convex code. - -Mon Sep 9 1996 - - * appl/telnet/telnetd/termstat.c: UNICOS5: removed - - * appl/telnet/telnetd/telnetd.c, appl/telnet/telnetd/sys_term.c: - NEWINIT, UNICOS7x, UNICOS5: removed - - STREAMSPTY: added variable `really_stream' Now able to handle the - case where the OS supports stream ptys but we run out of them and - start using ordinary BSD ones. - - * appl/telnet/telnetd/state.c: UNICOS5: removed - - * appl/telnet/telnetd/pathnames.h: BFTPPATH: removed - - * appl/telnet/telnetd/ext.h, appl/telnet/telnetd/global.c: - BFTPDAEMON: removed. - UNICOS5: removed. - - * appl/telnet/telnetd/ext.h: STREAMSPTY: added variable - `really_stream'. - - * lib/krb/stime.c (krb_stime): argument should be `time_t'. - lib/krb/krb_locl.h: changed prototype. - -Sun Sep 8 1996 - - * configure.in: Also generate `appl/sample/Makefile' - - * appl/Makefile.in: Use @SET_MAKE@. - Include sample - - * lib/krb/Makefile.in: Add krb_stime, krb_mk_auth, and - krb_check_auth. - - * util/et/compile_et.c (main): Include in foo.c - - * slave/kprop.c: exit with return code == 1 to indicate failure. - - * server/kerberos.c (usage): Fixed usage string. - - * lib/krb/tkt_string.c (tkt_string): Removed bogus extern - declaration of `getuid'. - - * lib/krb/tf_util.c (tf_save_cred): Removed bogus extern - declaration of `lseek'. - - * lib/krb/stime.c (stime): Renamed to `krb_stime' - - * lib/krb/sendauth.c (krb_sendauth): reimplemented using - `krb_mk_auth' and `krb_check_auth'. - - * lib/krb/send_to_kdc.c (send_recv): Removed stupid cast. - - * lib/krb/recvauth.c: Removed KRB_SENDAUTH_VERS - - * lib/krb/prot.h: create_auth_reply: correct prototype. - krb_create_death_packet: ditto. - KRB_SENDAUTH_VERS: moved here from sendauth.c and recvauth.c - - * lib/krb/month_sname.c: Made `month_sname' const. - - * lib/krb/mk_req.c: Remove stupid `register' - - * lib/krb/log.c (krb_log): Use `krb_stime' - - * lib/krb/kuserok.c (kuserok): Nightmare Filesystem might return - ESTALE. Treat it the same way as ENOENT. - - * lib/krb/krb_locl.h: Added prototype for `krb_stime' - - * lib/krb/krb_check_auth.c: New file with `krb_check_auth', - implemented for compatibility with CNS. - lib/krb/krb_mk_auth.c: Ditto. - - * lib/krb/krb.h: Removed duplicate declarations of `get_request' - and `krb_get_admhst'. - Added declarations for `krb_mk_auth' and `krb_check_auth'. - - * lib/krb/kparse.h: removed prototype for `strsave' - - * lib/krb/kparse.c (fGetParameterSet): Use `strdup' instead of - `strsave'. - (strsave): Removed. - - * lib/krb/kname_parse.c: Removed stupid `register' declarations. - - * lib/krb/klog.c (klog): Use `krb_stime' - - * lib/krb/get_phost.c: Handle the case where the name has no dots - in it by just returning it as-is. - - * lib/knet/Imakefile, lib/knet/getkdata.c, lib/knet/phost.c, - lib/knet/sendkdata.c: removed unused files. - - * lib/kadm/kadm_cli_wrap.c (kadm_init_link): use `k_getportbyname' - - * kadmin/ksrvutil_get.c (get_srvtab_ent): Erase the key if - something goes wrong. Include realm in the message when writing a - key. - (parseinput): New function that removes quotes and backslashes - from input. - (ksrvutil_get): Use `parseinput' to read input. - - * kadmin/ksrvutil.c (safe_read_stdin): Correct use of printf. - Removed bogus casts and fflush of stdin. - (main): Use `return' instead of `exit'. - - * kadmin/kpasswd.c (main): Use `return' instead of `exit'. - - * kadmin/admin_server.c: exit with return code == 1 to indicate - failure. - - * appl/sample/sample_server.c: Rewrote to use all new functions. - - * appl/sample/sample_client.c: Rewrote to use all new functions. - - * appl/sample/sample.h: new file. - - * appl/sample/Makefile.in: new file. - - * appl/movemail/pop.c (socket_connection): use `k_getportbyname' - - * appl/kpopper/pop_init.c: exit with return code == 1 to indicate - failure. - - * appl/kauth/kauth.c (doexec): new-style definition. ret should - be a `pid_t'. - (main): new-style definition. Use `prog' instead of `argv[0]' - - * appl/ftp/ftp/extern.h: Removed unused `abortsend' - - * appl/ftp/Makefile.in: Use @SET_MAKE@ - - * appl/bsd/rsh.c: get_shell_port: use `k_getportbyname' - - * appl/bsd/rlogin.c: get_login_port: use `k_getportbyname' - - * appl/bsd/kcmd.c: Removed bogus casts to `caddr_t' - - * admin/kstash.c: Removed bogus flushing of stderr. Replaced lots - of `exit(-1)' by `return 1' - - * admin/kdb_util.c: Removed unused variable `aprinc'. - Removed bogus flushing of stderr. - Replaced lots of `exit(-1)' by `return 1'. - - * admin/kdb_edit.c, admin/kdb_init.c: use `return' instead of - calling `exit' and use 1, not -1, for failure. - - * Makefile.in: Use @SET_MAKE@ - - * aclocal.m4: AC_NEED_PROTO: need macro to determine if we need to - define a prototype for a function. - - * configure.in: Reordered. Removed unused stuff. Start using - AC_NEED_PROTO. - - * config.guess: merged in FSF version from 960908. - -Tue Sep 3 1996 - - * include/protos.H: Added optarg, opterr, optind, optopt and - (fclose under Sunos 4). Removed these declarations from lots of - other files. - - * acconfig.h: Add undefs for h_errno, h_errlist, optarg, optind, - opterr, and optopt. - - * configure.in: Use `AC_NEED_DECLARATION' for h_errno, h_errlist, - optarg, optind, opterr, and optopt. - - * aclocal.m4: New macro `AC_NEED_DECLARATION' to figure out if we - need to have an external declaration of a variable. - -Mon Sep 2 1996 - - * lib/krb/krb.h: Removed unused `req_act_vno' and `k_log'. - Changed all callers. - - * lib/krb/krb.h: Removed definition of `MAX_HSTNM'. - - * lib/krb/send_to_kdc.c: Removed use of `MAX_HSTNM'. - - * appl/afsutil/pagsh.c: Some reformatting and fixed the off-by-one - args bug. - -Sat Aug 31 1996 - - * lib/krb/{send_to_kdc.c, getrealm.c}, appl/xnlock/xnlock.c, - appl/kauthkauth.c, appl/bsd/{rshd.c,rlogind.c}: Removed '#if 0'-ed - code. - - * lib/krb/get_in_tkt.c: Removed '#if 0'-ed code and now compiles - with NOENCRYPTION. - - * kadmin/ksrvutil.c: Now compiles with NOENCRYPTION. - - * appl/ftp/ftpd/ftpcmd.y: Throw away passwd after use. - - * appl/ftp/ftpd/ftpd.c: Fixed old comment. - - * slave/kpropd.c: s/sa_len/salen/ Irix has a #define for sa_len. - - * lib/kdb/krb_dbm.c: If key->dptr is not a `char *' we have to - cast it before adding to it. - - * configure.in: Old test for `sa_len' in `struct sockaddr' fails - on IRIX 6.2. Try to compile a program refering to that field - instead of grepping for it in . - - * appl/bsd/kcmd.c: Removed old and broken code. - - * configure.in: Check for `gethostname', `uname', and - - - * lib/krb/k_gethostname.c: Try to use `uname' if we have no - `gethostname'. - - * appl/ftp/ftpd/klogin.c: Incorrect use of `gethostname' replaced - by correct use of `k_gethostname'. - - - * lib/roken/verify.c: Change name verify_unix_user -> - unix_verify_user in analogy with krb_verify_user. - -Fri Aug 30 1996 - - * appl/xnlock/Makefile.in: Install man-page. - - * configure.in, */Makefile.in: Replace `-shared' with some other - option when not using gcc. - - * lib/kafs/afssys.c: Do not start by checking if we have AFS in - `k_afsklog'. - - * appl/bsd/rlogin.c: More kludges to make it work with rlogin on - linux: Do not select for an exceptional condition on `rem' after - having received EINVAL. - - Also rewrote ifndef NOENCRYPTION stuff. - - * appl/bsd/rlogind.c: More kludges to make it work with rlogin on - linux: Only send oob data just after having sent normal data to - make sure we never send two consecutive bytes of oob data. - - Also rewrote ifndef NOENCRYPTION stuff. - -Thu Aug 29 1996 - - * lib/kafs/Makefile.in: Use `ld' instead of `cc' for linking - afslib.so. Not everybody has cc. - -Wed Aug 28 1996 - - * Release 0.9.2a - -Mon Aug 26 1996 - - * appl/bsd/login.c: Clean-up. Made static a lot of functions and - variables. Rewrote some function definitions to ANSI-style. - - * appl/bsd/sysv_environ.c: KRB4_MAILDIR may and may not contain a - trailing slash. We need to be very careful to make sure the - contents of $MAIL does not contain two, because RMAIL in emacs - uses it and emacs is no friend with double slashing. - - - * lib/kafs/afssys.c (k_afsklog_all_local_cells): Now should return - correct value. - -Sun Aug 25 1996 - - * Release 0.9.2. - -Sat Aug 24 1996 - - * lib/roken/hstrerror.c: Check for h_errlist prototype. - -Thu Aug 22 1996 - - * lib/krb/send_to_kdc.c, etc/services.append, server/kerberos.c: - Changed `kerberos' to `kerberos-iv' now that it has been - registered with IANA. - - * man/rshd.8, man/rlogind.8: updated documentation of `-a' - - * lib/roken/roken.h: Added declaration of `h_errno' - - * kuser/Makefile.in: Link kdestroy with KRB_KAFS_LIB - - * appl/kauth/kauth.h: Stupid declarations for syslog. - - * appl/kauth/kauthd.c: syslog errors and success. - - * include/protos.H: Removed `h_errno', now in roken.h Declare - `getusershell' under solaris. - - * configure.in, acconfig.h: Figure out if we have to declare - `h_errno'. - - * appl/ftp/ftp/kauth.c: Added support for afs_string_to_key. - -Wed Aug 21 1996 - - * lib/kafs/afssys.c: Look for AFS database servers in dns also. - - * lib/kafs/afssys.c: Add support for a ~/.TheseCells-file. - -Sun Aug 18 1996 - - * appl/bsd/rlogind.c: Removed unused `check_all' variable. Use - `inaddr2str'. - - * appl/bsd/rshd.c: Use `inaddr2str'. - - * appl/bsd/iruserok.c: Removed potential buffer overrun after - `gethostbyaddr'. - - * lib/roken/inet_aton.c: Some const-ness. - - * lib/roken/Makefile.in: Add `inaddr2str.o'. - - * appl/ftp/ftpd/ftpd.c: Use `inaddr2str'. - - * lib/roken/inaddr2str.c, lib/roken/roken.h: New function - `inaddr2str' to convert an IP address into a verified hostname or - a string of the form x.y.z.a - - * lib/krb/{krb_locl.h, krb.h, k_name_to_name.c, k_getsockinst.c, - getrealm.c}: Some const-ness. - - * appl/bsd/bsd_locl.h: Removed another prototype for `crypt'. - - * appl/kpopper/popper.h: Some const-ness to get rid of a warning. - - * appl/bsd/rshd.c: Always check reverse mapping. Removed - `local_domain' and `top_domain'. Added some const-ness. - -Sat Aug 17 1996 - - * include/Makefile.in: Removed VPATH. With it this makefile does - not work correctly. - - * lib/krb/rw.c, lib/krb/krb_locl.h: Changed parameters to - `krb_{get,put}'-functions to void *. - - * include/protos.H: Add `getusershell' in solaris. - - * appl/kauth/kauthd.c, appl/bsd/{rlogin.c,rlogind.c}: Less - warnings because of arguments to `setsockopt'. - - * lib/roken/roken.h: Fixed prototype of `inet_aton' - -Wed Aug 14 1996 - - * lib/roken/verify.c: Use if there is one. - - * lib/kafs/Makefile.in: AFS_EXTRA_LIBS is always called - `afslib.so'. Otherwise some makes get upset when there is no such - library to be made. - - * appl/telnet/telnetd/telnetd.h: are needed to get - prototype for `ptsname'. - - * appl/bsd/rlogind.c, appl/kpopper/pop_dropinfo.c, - appl/telnet/libtelnet/{auth.h,enc_des.c,kerberos.c}, - appl/telnet/telnet/utilities.c, appl/telnet/telnetd/{sys_term.c, - telnetd.h, kadmin/admin_server.c, kuser/klist.c, - lib/kdb/{krb_cache.c, krb_dbm.c}, lib/krb/{fgetst.c, getst.c, - log.c, tf_util.c}: Include type `int' on all definitions and - remove unnecessary `register'. - - * appl/bsd/login_access.c: Fix parameter declaration to - `netgroup_match'. - - * appl/bsd/forkpty.c, include/protos.h: s/__sgi__/__sgi//g - - * admin/kdb_util.c: Use `errno' for error message instead of - uninitialized variable. - -Tue Aug 13 1996 - - * appl/kauth/rkinit.c: Default port should be the same in kauth - and kauthd. - -Sun Aug 11 1996 - - * configure.in: Added `AC_REVISION' - - * slave/kpropd.c: Cleaned up structure. Now returns useful value. - - * lib/roken/verify.c: Broken OSes need declartion of `crypt'. - - * lib/roken/roken.h: Added prototype for `verify_unix_user'. - - * lib/krb/lsb_addr_comp.h: Added prototype for `lsb_time'. - - * lib/krb/{get_admhst.c, get_default_principal.c, get_krbhst.c, - get_krbrlm.c, getrealm.c, realm_parse.c} : Check for buffer - overwrite correctly. - - * lib/krb/rw.c, lib/krb/krb_locl.h: Prepended `krb_' to `get_int', - `put_int', `get_address', `put_address', `put_string', - `get_string', `get_nir', and `put_nir'. Changed all callers. - - * lib/kdb/krb_db.h: Added prototype for `kerb_delete_principal' - and `kerb_db_delete_principal'. - - * lib/kadm/kadm_cli_wrap.c: Removed unused variable. - - * appl/telnet/telnetd/telnetd.c: Changed bogus `strncpy' to - `strcpy'. - - * appl/bsd/su.c: Fixed error messages from execv. - - * appl/bsd/rlogin.c: Fixed potential buffer overrun when reading - "TERM". - -Thu Aug 8 1996 - - * appl/telnet/telnet/commands.c, appl/kauth/rkinit.c: Replaced - `herror' by `hstrerror'. - - * appl/bsd/login.c: chmod the tty so that it is writable for group - tty. - - * configure.in: Use AC_FIND_IF_NOT_BROKEN for herror and - hstrerror. - - * aclocal.m4: New macro `AC_FIND_IF_NOT_BROKEN' - - * config.guess: Add 686 - -Tue Aug 6 1996 - - * lib/krb/getrealm.c: Fallback for `T_TXT' - - * configure.in: Look for `res_search' and `dn_expand' in - libresolv. - -Mon Aug 5 1996 - - * */Makefile.in: Add Id to those missing it. - - * configure.in: Small fix in comment. - - - * Release 0.9.1. - - - * appl/ftp/ftpd/ftpcmd.y: s/timeout/ftpd_timeout/ - - * appl/kstring2key/kstring2key.c: `usage' changed to void. - - * lib/krb/mk_req.c: `build_request' changed to void. - - * appl/ftp/ftp/ftp_locl.h: Changed order of includes. - - * appl/bsd/login.c, appl/ftp/ftpd/*: s/timeout/login_timeout/ - - * lib/kafs/afssysdefs.h: undef AFS_SYSCALL if we are defining it. - -Sun Aug 4 1996 - - * lib/kafs/afssys.c: AIX systems will now correctly (I hope) - detect whether AFS is loaded or not. This is currently a bit - kludgy, and involves loading an external shared library, - afslib.so, which can be put in athena/lib or pointed to with - environment variable AFSLIBPATH. This is only tested on AIX 4 - (due to lack of an AIX 3 system). - - - * lib/krb/getrealm.c: Range-check the result from the DNS. - - * lib/krb/get_krbrlm.c: Try to use the DNS to find out which realm - this host belongs to. - - * kadmin/ksrvutil_get.c: Fixed error message. - - - * lib/kafs/*: Fix aix/afs brokenness. - - * lib/kadm/kadm_stream.c (stv_string): Range check. - -Fri Jul 26 1996 - - * appl/ftp/common/{ftp,ruserpass}.c: Less bogus domain name - handling. - -Mon Jul 22 1996 - - * lib/krb/mk_req.c: Use encrypt_ktext() - - * configure.in, lib/kafs/afssys.c: Add option to exclude AFS - support (this is useful only on AIX systems that doesn't have - AFS). - - * configure.in: Removed configuration from subdirectories. - -Sat Jul 13 1996 - - * appl/ftp/ftp/extern.h, appl/ftp/ftp/ftp.c: Substitute `struct - fd_set' with `fd_set'. - -Mon Jul 8 1996 - - * Makefile.in: install should depend on all. - -Sun Jul 7 1996 - - * appl/bsd/su.c: Allow root to set the uid without entering a - password. - -Fri Jul 5 1996 - - * lib/krb/getrealm.c: Add automatic dns realm search. - -Thu Jul 4 1996 - - * lib/krb/log.c (krb_log): Renamed k_log(...) to krb_log(...) for - compatibility with CNS. There is still a #define k_log krb_log. - - * util/et/et_list.c: Hack to resolve _et_list in shared libraries. - -Fri Jun 28 1996 - - * appl/bsd/rlogin.c (reader): If after a select rlogin fails to - read expected OOB data try to read ordinary data before continuing. - - * appl/bsd/rlogin.c (oob_real): SunOS5 tty race kludge. - - * appl/bsd/rlogind.c: Cleanup oobdata stuff. - -Thu Jun 27 1996 - - * appl/bsd/login.c (main): Also check for complete tty name with - `rootterm'. - - * lib/krb/check_time.c: New function `krb_check_tm'. - - * lib/roken/tm2time.c: New function `tm2time', mktime generalized - to local timezone and UTC. - - * kadmin, admin: Use `tm2time' and `krb_check_time' instead of - `maketime'. - -Tue Jun 25 1996 - - * lib/krb/mk_priv.c (krb_mk_priv): Send correct address. - - * appl/kauth/kauthd.c: Set ticket file to some sane default, and - add -i debugging switch. - -Mon Jun 24 1996 - - * appl/xnlock, appl/kauth, appl/telnet/telnetd: Use BINDIR and not - `/usr/athena/bin'. - -Wed Jun 19 1996 - - * appl/bsd/rlogin.c: consistent usage of oob_real. - - * appl/bsd/rlogind.c: Do not send oob garbage when running - solaris? Seems that linux is unable to handle the duplicate - urgent data that is the result. - - * appl/bsd/rlogind.c: Fix usage. - - * appl/bsd/kcmd.c: Don't F_SETOWN. - -Mon Jun 17 1996 - - * lib/krb/rw.c: Add get_address() and put_address(). - - - * appl/telnet/telnetd/telnetd.c: updated usage - - * appl/bsd/su.c: Replaced getpass by des_read_pw_string - - * appl/bsd/forkpty.c (ptym_open): Removed unused `ptr2'. - - * appl/bsd/rlogind.c: Removed unused functions and made others - static. - -Sun Jun 16 1996 - - * Release 0.9. - - - * appl/ftp/ftpd/ftpd.c: Don't just send data in plain when doing - NLST. - - - * configure.in: test for setresgid. - - * kadmin/ksrvutil_get.c: Fixed byte manipulations of keys. - -Sat Jun 15 1996 - - * lib/des/rnd_keys.c (des_rand_data): At least `srandom'. - - * appl/ftp/ftp/cmds.c: Support longer passwords when retrying - login. - - * kadmin/admin_server.c, man/kadmind.8, kth-krb.texi: Reading key - file from file is now the default. Use `-m' to enter it manually. - `-n' is currently a no-op. - - * appl/ftp/ftpd/ftpd.c: Add S/Key support. - - * appl/ftp/ftpd/Makefile.in: Link with S/Key. - - * appl/ftp/configure.in: Test for S/key. - - * configure.in, aclocal.m4: Moved skey test - to aclocal.m4. - - * appl/bsd/login.c: Correct argument to `skeyaccess'. - -Fri Jun 14 1996 - - * lib/krb/verify_user.c: New parameter to specify service key - instance, NULL means "rcmd". - - * lots of files: All ticket filenames uses `TKT_ROOT'. - - * appl/bsd/rlogind.c: Check for uid == 0 and user != "root". - -Tue Jun 11 1996 - - * appl/kpopper/pop_init.c(pop_init): Got rid of some old ifdef'ed - code. - - * lib/kdb/krb_dbm.c: Add macro for `dbm_delete' for the people - that are ndbm challenged. - -Mon Jun 10 1996 - - * lib/krb/kname_parse.c: Got rid of duplicate defintions. - - * appl/ftp/ftp/ruserpass.c: Get hostname even if user has no - '.netrc' file. - - - * lib/kadm, lib/kdb, kadmin: Add database delete operation. - - * lib/krb/kname_parse.c: Allow dots in instances. - - - * appl/bsd/rlogind.c (logwtmp): Only define `logwtmp' if it does - not exist. Log more garbage. - -Sun Jun 9 1996 - - * appl/telnet/configure.in: Check for `logwtmp'. - - * appl/ftp/configure.in: Use `AC_FUNC_MMAP' - - - * appl/bsd/forkpty.c: Removed all ugly pty search stuff from - ptym_open(). - - * configure.in: Modified the creation of version.h, now actually - shows up with ident.It is now also slightly more keen on creating - a new version.h. - -Sat Jun 8 1996 - - * lib/roken/verify.c: for NULL. - - * appl/xnlock/xnlock.c (leave): Call XCloseDisplay, otherwise - screen saver changes are not updated before closing the X - connection. - - - * appl/bsd/utmp_login.c: Remove tty-prefix from ut_id; this field - is usually very short. - -Fri Jun 7 1996 - - * slave/kpropd.c: Add option -m to merge rather then load - database. - -Thu Jun 6 1996 - - * admin/kdb_util.c: Add a merge operation. (One day it might be - used to propagate only patches to the database) - -Wed Jun 5 1996 - - * appl/kpopper: Support both POP3 and KPOP3. - - * appl/xnlock/xnlock.c: Use `verify_unix_user' - - * lib/roken/verify.c: verify_unix_user: New function from xnlock - for checking passwd in `/etc/passwd'. - - * appl/telnet/telnetd/sys_term.c: gettimeofday buglet - - - * slave/kpropd.c: Rewrite of kpropd. - - * admin/kdb_util.c: Sanity check on input to load_db. - - * slave/kpropd.c: Use default value for fname. - - * slave/kprop.c: Use some sane default values for data_file and - slaves_file. - - * admin/kdb_util.c: If there isn't any database when loading, - create an empty one. - -Mon Jun 3 1996 - - * appl/telnet/telnetd/sys_term.c: Somewhat changed the way utmpx - entries are created. It should now work on both Solaris and IRIX, - without stale login information. - -Sat Jun 1 1996 - - * lib/krb/k_gethostname.c (k_gethostname): Fallback. - - * lib/krb/send_to_kdc.c (send_to_kdc), - kadmin/kadm_ser_wrap.c (kadm_ser_init), - slave/kprop.c (prop_to_slaves), - slave/kpropd.c (main): Use `k_getportbyname'. - -Fri May 31 1996 - - * Lots of files: more #includes ifdefad and cleaned up. - -Thu May 30 1996 - - * Lots of files: Replaced bcopy/bzero/bcmp with - memcpy/memset/memcmp. - - - * lib/krb/get_default_principal.c: Use getlogin() if it is the BSD - variant that actually gives some information. - - * lib/krb/create_ticket.c: Write correct address byteorder. - - * lib/kadm/kadm_stream.c,kadm_cli_wrap.c: Don't assume int32_t is - four bytes. - - * kadmin/kpasswd.c: Allow principal without -n. - - * kadmin/kadmin.c: Use krb_get_default_principal. - - * appl/ftp/ftpd/ftpd.c: Fix bare newline bug. - - * appl/bsd/rlogind.c: Add -i and -p options to start rlogind from - command line (for debugging). - - * INSTALL: Rewritten. - -Wed May 29 1996 - - * appl/ftp/ftp/krb4.c: Handle different sizes of returned - checksum. - - - * appl/bsd/Makefile.in: Don't install login setuid. - -Fri May 24 1996 - - * appl/bsd/rsh.c: Don't run away yelling if someone calls you - `remsh'. - -Sun May 19 1996 - - * lib/krb/kdc_reply.c: Remove unused function decrypt_tkt. Sanity - check on decrypted ticket. - -Wed May 15 1996 - - * server/kerberos.c: Should work with the new libkrb - - * appl/kip: Support more than one tunnel device. - - - * lib/krb/*.c: All functions that create or decode kerberos - packets have been rewritten. Hopefully, everything still - works. This is to eliminate problems with wierd systems, like - Crays, that doesn't have any two or four byte integers. Some of - these changes could be a lot more pretty, and *many* assumptions - that sizeof(int32) == 4 still exist in the rest of the code, - though. - - As a side effect, all packets sent are now in network byte order. - -Mon May 13 1996 - - * configure.in: Shared libraries for Irix - - - * Several fixes for UNICOS. - - * appl/ftp/ftp/krb4.c: Allow default data protection level through - a "prot level" in .netrc. This really should be done in a more - useful manner. - -Sun May 12 1996 - - * appl/xnlock/xnlock.c: Cleaned up user verification code. Now - uses new function krb_verify_user. Also fixed a few problems with - the password prompt box. - - * lib/krb/verify_user.c: New function krb_verify_user to verify a - user with kerberos. - - - * appl/kip: New program for forwarding IP packets over kerberised - connections using tunnel devices. - - * appl/kauth/kauth.c, kadmin/ksrvutil.c: Use - krb_get_default_principal - - * appl/bsd/rlogind.c: Do not change portnumber to host order if - using kerberos. This will cause the magic - `reverse-time-if-port-is-less-than' to fail. - - * lib/des/GNUmakefile: Removed file. This file causes problem - when building in the source directory and when using GNU make - which prefers this file to the generated Makefile. - - * appl/bsd/login.c: More careful when handling returned value from - `getspnam'. - -Sat May 11 1996 - - * lib/krb/realm_parse.c: New function to expand a non-complete - realm to its official name, e.g nada -> NADA.KTH.SE. - - * lib/krb/get_default_principal.c: New function to guess the - default principal to use. Looks at any existing ticket file first, - then at uid/logname etc. - - - * kadmin/kadmin.c: Use kname_parse and allow different instances - and realms. - - * lib/roken/k_getpwnam.c: New function k_getpwnam that should work - with and without shadow passwords. - - * Lots of files: s/getpwnam/k_&/g. - -Tue May 7 1996 - - * lib/des/des_locl.h: DES library updated to version 3.23, - des_locl.h now includes configure.h to get HAVE_TERMIOS etc. - - * lib/des/des.h: On the alpha define DES_LONG to unsigned int. - - - * kuser/kinit.c: Handle passwords longer than 16 characters. - - * appl/xnlock/xnlock.c (GetPasswd): Handle longer passwords than - 16 characters. - -Sun May 5 1996 - - * Release 0.8. - - - * appl/ftp/ftpd/kauth.c: Klist command. - - - * appl/ftp/ftpd: Removed `-g' from calls to ls. - - * appl/ftp/ftp/cmds.c (setpeer): Fix so that opening a second - connection to a specified port works. - - * appl/telnet/telnet: Default is binary. - - * appl: Now build under Ultrix. - - * appl/kx: Now even builds on AIX. - -Sat May 4 1996 - - * lib/des: Now merged in libdes 3.21 on main branch. - - - * appl/ftp/ftpd/logwtmp.c: Slightly different functionality. Works - on systems that has more fields in struct utmp such as OSF/1. - Still some questions about Solaris. - - * lib/krb/lsb_addr_comp.c: Now byteorder independent. - - - * appl/kx: Rewrote kx & kxd to share more code. They are also now - able to talk both ways. - - * lib/kdb/krb_dbm.c (kerb_db_rename): Now works properly when - using berkeley DB. - -Thu Apr 25 1996 - - * lib/krb/get_krbrlm.c (krb_get_default_realm): New function for - SunOS5 compat. - - * When building shared libraries link libkrb with libdes to be - compatible with SunOS5. - - * Move lib/krb/krb_err.et to lib/kadm since it is only used there, - no longer need to link libkrb against libcom_err. - -Wed Apr 24 1996 - - * lib/krb/lsb_addr_comp.h: Renamed ugly lsb_addr_comp. - - * Some porting to UNICOS. - -Tue Apr 23 1996 - - * Moved some junk from appl/bsd to libroken. - - * lib/roken/Makefile.in (LIBNAME): Added header file roken.h for - library libroken.a. - - - * Add kerberized ftp. - - * Add libroken. - -Mon Apr 22 1996 - - * appl/kauth/kauth.c: When commands are given to kauth, a new - ticket file is used. - -Sat Apr 20 1996 - - * appl/xnlock/xnlock.c: Fixed a potential overwrite bug. Also - works with more than one screen, only fancy stuff on screen 0, - though. - -Fri Apr 19 1996 - - * appl/bsd/login.c, su.c, rshd.c, rlogind.c: Syslog and abort when - getpwnam returns uid == 0 but user is not root. This is usually - the result of an attack on NIS (former YP). - -Wed Apr 17 1996 - - * kadmin/ksrvutil.c (get_key_from_password): Support for - generating AFS keys. From - -Sun Apr 14 1996 - - * appl/kx: New program for forwarding a X connection. - -Mon Apr 8 1996 - - * appl/bsd/rsh.c (get_shell_port): Default port number for ekshell - changed from 2106 to 545. - - * appl/bsd/login.c (doremotelogin): Remove terminal speed from the - value of $TERM in the case of an ancient rlogind being used. - -Thu Apr 4 1996 - - * lib/kafs/afssys.c (k_afsklog): Try to read from - /usr/vice/etc/TheseCells for list of cells we should try to obtain - tokens for. - - * appl/kauth/kauth.c (renew): Use cell even when renewing. - - * appl/kauth/kauth.c, appl/xnlock/xnlock.c: Always call k_afsklog - with realm == NULL. - - - * lib/kafs/afssys.c: More thorough guessing of what realm a cell - belongs to. - -Wed Apr 3 1996 - - * appl/bsd/login.c: If setuid() failes and not logging in as root, - exit. - -Tue Apr 2 1996 - - * server/kerberos.c: Set name, inst, and realm to NULL in - APPL_REQUEST, error replies tend to look a bit funny otherwise. - -Thu Mar 28 1996 - - * appl/bsd/iruserok.c (iruserok): Imported iruserok() FreeBSD. - -Tue Mar 26 1996 - - * lib/des/Makefile.in: Removed enc_read.c enc_writ.c. - - * appl/bsd/Makefile.in: New file with the old functions from - libdes. - - - * appl/bsd/utmp_login.c: Fixed (hopefully) double utmp-entries in - Solaris. Only put entries in one of utmp/utmpx, since they both - get updated by putut*ent() anyway. - -Mon Mar 25 1996 - - * kuser/klist.c (main): Use verbose option (-v) to list key - version numbers. - - - * Release 0.7. - -Sun Mar 24 1996 - - * appl/bsd/rlogin.c (doit): Moved signal junk (as far as possible) - to doit(). - - - * configure.in: Check for getmsg with AC_TRY_RUN instead. - Otherwise it fails under AIx 3.2. Now rlogind works on this - so-called OS. Also cache value of berkeley db check. - - - * lib/kdb/krb_kdb_utils.c: New experimental masterkey generation, - enabled with --enable-random-mkey. This makes kdb_init et al - generate random master keys, based on random input from the - user. This comes in a package with auto-kstash, and possibility to - enter lost master keys as base64. - - Moved default master key file from /.k to - /var/kerberos/master-key, override with --with-mkey=file. - - - * kadmin/kadmin.c (do_init): Handle the `-t' option to kadmin, - meaning do not get a new ticket file. (From CNS). - -Fri Mar 22 1996 - - * appl/xnlock/xnlock.c: Removed some dead code, and a few unused - header files. - - - * kadmin/pw_check.c (kadm_pw_check): If kadm_pw_check() - fails *pw_msg can't be 0! At the very least use the - empty string but a descriptive error-message is preferred. - - * libtelnet: add nonbroken signal() function. - -Wed Mar 20 1996 - - * appl/kpopper/pop_pass.c (pop_pass): Use kuserok to determine if - user is allowed to fetch mail. - - * appl/kpopper/*. Got rid of some ugly codes and some warnings. - - * appl/bsd/Makefile.in: signal.o was not included in OBJECTS, - which made strange makes not doing what they should. - - * configure.in, appl/kpopper/popper.h, appl/bsd/pathnames.h: Now - should work on systems that do not have mail spool files in - /var/spool/mail. Looks for MAILDIR or _PATH_MAILDIR, usually from - or . Defaults to /var/spool/mail. - -Mon Mar 18 1996 - - * appl/bsd/bsd_locl.h: TIOCPKT for those systems missing it. - -Fri Mar 15 1996 - - * lib/kafs/kafs.h: Use instead of - - * appl/bsd/rshd.c (doit): Don't set environ, send it as an - argument to execle instead. - - * lib/kafs/kafs.h: Find definition of _IOW. - - * configure.in: Check for random. - - * appl/bsd/bsd_locl.h: Including gives too many conflicts. - - * appl/afsutil/pagsh.c: Check for random. - -Thu Mar 14 1996 - - * appl/bsd/bsd_locl.h, appl/telnet/telnetd/defs.h: Default values - of `TIOCPKT_FLUSHWRITE' & c:o. - - * appl/telnet/telnet{,d}/Makefile.in (telnetd): Change order of - linking in libraries. - - * configure.in: Check for interesting functions in libsocket and - libnsl and not strange soriasis inventions. - -Wed Mar 13 1996 - - * appl/bsd/bsd_locl.h (fatal): Only use prototype or iruserok if - the function does not exist. - -Mon Mar 11 1996 - - * lib/krb/krb_err_txt.c (krb_get_err_text): Changed name of - krb_err_msg to krb_get_err_text(int) to be compatible with the CNS - distribution. This function is used for instance by CVS-1.7. - -Sun Mar 10 1996 - - * configure.in, appl/Makefile.in: removed rkinit - - * etc/inetd.conf.changes, etc/services.append: Added kauth. - - * appl/kauth: Integrated rkinit into kauth. - - * appl/kauth/kauth.c (main): Only look for principal name if no -p - has been given. - - * lots of files: prototypes and other small fixes. - - * appl/bsd/sysv_shadow.h: spwd multiple defined. - - * appl/bsd/bsd_locl.h: include - - * configure.in: Added afsutil and rkinit. - - * */Makefile.in: Do cd $$i && $(MAKE). Otherwise, if cd fails you - end up with an infinite recursion. - - * kuser/klist.c (display_tktfile): Another warning removed. - -Tue Mar 5 1996 - - * appl/bsd/forkpty.c (forkpty): Kludge for Ultrix, rlogind now - works properly also under this system. - - - * appl/afsutil: New aklog and pagsh - - - * lib/krb/krb_equiv.c (krb_equiv): Fix bugs with '\\'. - - * lib/des/rnd_keys.c: Include . - -Mon Mar 4 1996 - - * appl/kauth/kauth.c (main): Handle name when given after options. - -Sun Mar 3 1996 - - * appl/rkinit/rkinit.c (getalladdrs): Check for herror. Solaris - apparently does not have any. - (main): Use memset instead of bzero. - - * appl/rkinit/rkinitd.c (decrypt_remote_tkt): bcopy -> memcpy. - - * kuser/kinit.c (main): Corrected lifetime. - - * lib/krb/krb_equiv.c (krb_equiv): Now handles longer lines, - continuation lines and addresses of the form 193.10.156.0/24. - - - * kuser/Makefile.in (kdestroy): Link kdestroy with libkafs. - -Wed Feb 28 1996 - - * Replaced all occurencies of krb_err_txt[] with new function - krb_err_msg(), that does some sanity checks before indexing - krb_err_txt. - -Mon Feb 26 1996 - - * appl/telnet/telnetd: Added flags -z to have telnetd log - unauthenticated logins, such as when using an old telnet - client. Unfortunately in most of these cases, the user name is not - known. - - There should also be a way to tell the difference between bad - authentication (such as with expired tickets) and no attempt to - provide authentication (such as with an old client). - -Sun Feb 25 1996 - - * kuser/kdestroy.c: Remove afs-tokens as well as tickets, -t flags - added to prevent this. - -Thu Feb 22 1996 - - * appl/rkinit/rkinitd.c (doit): Use k_getsockinst to make it work - correctly for multi-homed hosts. - - * appl/rkinit: New program with rkinit functionality. - - * lib/krb/k_getport.c: Function for finding port in /etc/services - with fallback. - - * lib/krb/netread.c,netwrite.c (krb_net_{read,write}): Now correct - prototype with void * and size_t. - -Wed Feb 21 1996 - - * kadmin/new_pwd.c (get_pw_new_pwd): Moved get_pw_new_pwd to - seperate file. Now called both from kadmin and kpasswd. - - * kadmin/pw_check.c (kadm_pw_check): Handle the case of no - password provided. This is really a policy decision. The server - should be able to say `use a client that sends the password'. - - * appl/bsd/rlogind.c (local_domain): MAXHOSTNAMELEN -> MaxHostNameLen. - -Sun Feb 18 1996 - - * appl/bsd/rcp.c (answer_auth): Made rcp multihome aware. - - * appl/bsd/rlogind.c (do_krb_login): Made rlogind multihome aware. - - * appl/bsd/rshd.c (doit): Made rshd multihome aware. - - * lib/krb/k_getsockinst.c (k_getsockinst): New function to figure - out the instance name of interfaces on multihomed hosts. Use this - function when making daemons multihome aware. - - * appl/telnet/libtelnet/kerberos.c (kerberos4_is): Made telnetd - multihome aware. - -Mon Feb 12 1996 - - * Release 0.6. - -Sun Feb 11 1996 - - * lots of files: hacks to make it all compile. - - * configure.in, appl/telnet/configure.in: More broken AIX. - - - * appl/bsd/bsd_locl.h: Fix for old syslogs (as in Ultrix). - - - * appl/telnet/libtelnet/encrypt.c: encrypt_verbose by default. - - - * appl/telnet/libtelnet/kerberos.c: Show difference between - MUTUAL and ONE_WAY KERBEROS4. - - * appl/telnet/libtelnet/encrypt.c: - Print message about not encrypting when receiving WONT or DONT encrypt. - - - * configure.in: Automatic check for HAVE_NEW_DB. - - - * lib/krb/getaddrs.c (k_get_all_addrs): Fixed for systems with - SOCKADDR_HAS_SA_LEN, aka 4.4BSD-based. - - * appl/telnet/telnetd/global.c: Removed some multiple defined - variables. - - * appl/bsd/rlogind.c (cleanup): ifndef HAVE_VHANGUP. - - * appl/bsd/sysv_shadow.h: Add DAY and DAY_NOW ifndef. - - * configure.in: Check if `struct sockaddr' has `sa_len'. - -Sat Feb 10 1996 - - * appl/telnet/telnetd/telnetd.c (recv_ayt): pty -> ourpty. - - * appl/bsd/bsd_locl.h: More include-files: and - - * appl/kpopper/popper.c (catchSIGHUP): Got rid of some warnings. - - * lib/krb/log.c (new_log): Yet another year 2000. - - * appl/bsd/sysv_environ.c (read_etc_environment): Support setting - environment variables from /etc/environment. - - * appl/bsd/bsd_locl.h: - - * configure.in: check for setpcred, libs.a and . - - * appl/bsd/login.c (main): setpcred is used on AIX. - - * appl/bsd/rshd.c (doit): Added setpcred for AIX. - - * lib/krb/getaddrs.c: is sometimes needed. - - * admin/kdb_init.c (main): Now verifies master key. - - * lib/kdb/krb_kdb_utils.c (kdb_get_master_key): Added possibility - of asking for verfication. - - * appl/bsd/bsd_locl.h: Try to include - - * appl/telnet/telnetd/utility.c (printsub): Mismatch arguments. - - * lib/krb/send_to_kdc.c (send_to_kdc): Send to all A records and - accept an answer from anything we have sent to. - - * appl/kauth/kauth.c (renew): Use strange return types for strange - OSes. - (doexec): Remove tokens. - - * server/kerberos.c (main): Uses k_get_all_addrs and binds to each - of these addresses. - - * kadmin/ksrvutil_get.c (ksrvutil_get): Added support for - specifying key to create on command line to get. - -Wed Feb 7 1996 - - * lib/krb/log.c (k_log): Now using YYYY for years. - - * lib/krb/klog.c (klog): Preparing for the year 2000. - - * kuser/kinit.c (main): Added option -p to get changepw-tickets. - - * lib/krb/getaddrs.c: New file to get all the addresses of all the - interfaces on this machine. - -Tue Feb 6 1996 - - * configure.in: Support for S/Key in login.c. Use --with-skeylib - switch to configure. The code assumes that the skeylib.a comes - from logdaemon. - - * General support for shadow password files if there is an - shadow.h. - - * appl/bsd/su.c: Arrange so that it supports shadow passords. - -Sun Feb 4 1996 - - * appl/telnet/*: Hacks to make it work on strange OSes. - - * appl/bsd/bsd_locl.h: Check for sys/ptyvar.h - - * appl/telnet/configure.in (telnet_msg): sys/str_tty.h, sys/uio.h - - * configure.in: test for crypt.h and sys/ptyvar.h - - * appl/telnet/telnetd/*.c: pty -> ourpty. - - - * telnetd: Changes to make more systems work better, specifically - AIX 4. Hopefully this will work on both STREAM and BSD - systems. Not tested on some systems, like CRAY and Linux. - - - * util/ss/mk_cmds.c: Generating cleaner code. - - * lib/krb/krb_err_txt.c (krb_err_txt): Clarification. - - * kadmin/admin_server.c: Less varnings. - - * appl/xnlock/xnlock.c: Changed some types and added some casts. - - * appl/movemail/movemail.c: Not using syswait.h anymore. - - * appl/xnlock/xnlock.c: God rid of some warnings. - - * util/ss/*.[ch]: cleanup - - * util/et/*.[ch]: cleanup - - * appl/bsd/rcp.c: Less warnings. - - * kadmin/admin_server.c (kadm_listen): Get rid of another warning. - - * kadmin/pw_check.c (kadm_pw_check): Support for letting cracklib - check the quality of the password. - - * kadmin/pw_check.h (kadm_pw_check): New argument to - kadm_pw_check: list of useful strings to check for. - - * kadmin/kadm_server.c (kadm_ser_cpw): Send a few `useful' strings - to kadm_pw_check (name, instance, and realm). - - * kadmin/Makefile.in (kadmind): Linking with -lcrack. - - * configure.in: Support for --with-cracklib and --with-dictpath. - - * kadmin/ksrvutil_get.c: Now seems to be working. - - * kadmin/ksrvutil.h: Some new parameters. - - * kadmin/ksrvutil.c: Some reorganisation and uses a working - ksrvutil_get. - - * appl/movemail/movemail.c: Some more include-files. - - * appl/bsd/rlogind.c: Testing for the existence of vhangup. - -Wed Jan 31 1996 - - * configure.in: Massaged the configure files so that we can build - under NEXTSTEP 3.3. Some kludges to prevent cpp bugs and link - errors where also neccessary. - -Tue Jan 30 1996 - - * appl/xnlock/xnlock.c (main): Improved user feedback on password - input. - - * appl/xnlock/xnlock.c: Applied patch made by flag@it.kth.se that - enables C-u to erase the password field. - - * lib/krb/lifetime.c: configure now creates a version string which - is referenced here. Use what and grep version to figure out where, - when and by whom binaries where created. - - * appl/bsd/forkpty.c (ptys_open): Call revoke before pty slave is - opened. Add revoke using vhangup for those system lacking revoke. - Also call vhangup when rlogind exits. - -Mon Jan 29 1996 - - * lib/krb/send_to_kdc.c (send_to_kdc): Removed kludge for SunOS - 3.2 and Ultrix 2.2 that prevented multihomed kerberos servers to - operate correctly. - - * kadmin/kadmin.c (change_key): Add new subcommand change_key so - that it is possible to enter keys in the DB on binary form. Most - usefull for sites running AFS. - -Fri Jan 26 1996 - - * appl/bsd/su.c (koktologin): New option -i root-instance. If you - want a user.afs ticket in a root shell and user.afs is on root's - ACL then do a "su -i afs". - - * Makefile.in: Rearrange the order of object files to make shared - libraries slightly more efficient. - - * appl/kauth/kauth.c (main): Always up case realm. Better error - messages on failed exec. - -Mon Jan 22 1996 - - * appl/bsd/rshd.c (main): New option -P to prevent rshd from using - a new PAG. Expert use only! - - * appl/bsd/rlogind.c (doit): Avoid race when setting tty size. - - * appl/bsd/rlogin.c (reader): Use select rather than horrible - signal hacks to handle OOB data. - - * appl/bsd/login.c (main) sysv_environ.c (sysv_newenv): Login does - now honor the -p switch when invoked by root. This is used by - telnetd to export environment variables. - -Fri Jan 5 1996 - - * appl/bsd/signal.c (signal): New BSD compatible signal - function. Most r* applications assume reliable signals. - - - * appl/bsd/login.c (main): Check HAVE_ULIMIT. - - * appl/bsd/bsd_locl.h: Include sys/ioctl.h. - - * configure.in: Check for ulimit. - - * admin/kdb_edit.c: Flush stdout after printing prompts. - - * appl/kpopper/pop_xmit.c: Remember to include config.h. - -Tue Jan 2 1996 - - * appl/bsd/login.c (main): New function stty_default to setup - default tty settings. - -Fri Dec 29 1995 - - * appl/kstring2key/kstring2key.c (main): New program that converts - passwords to DES keys, either using des_string_to_key or - afs_string_to_key. - - * server/kerberos.c: Kerberos server now listen on 2 ports, - kerberos/udp and kerberos-sec/udp. - -Wed Dec 27 1995 - - * appl/bsd/rcp.c (main): Integrated -x option to rcp. This - required some real horrible hacks in lib/des/enc_{read,write}.c - - * acconfig.h: Enabled MULTIHOMED_KADMIN in acconfig.h. - - * Add RCSID stuff to telnet files. - -Fri Dec 22 1995 - - * appl/bsd/login.c (main): The login program does now by default - read /etc/default/login, even on non Psoriasis systems. Unifdef - SYSV4, this was essentially only for prompting. - -Mon Dec 18 1995 - - * appl/kpopper/popper.c (main): Integrate default timeout of 120 - seconds from Qualcomm popper. Timeout is also set able with -T - seconds. - - - * lib/kadm/kadm_cli_wrap.c (kadm_change_pw_plain): If there's no - password, don't even send the empty string. - -Thu Dec 7 1995 - - * lots of files: all debug messages now printed to stderr (from - ) - - * lib/krb/tf_util.c (tf_create): New method for creating a new - ticket file. Remove the old old and then open with O_CREAT and - O_EXCL. - - * server/kerberos.c, slave/kpropd.c: Some casts to get rid of warnings. - - * configure.in: Added checks for unistd.h, memmove and const. - - * appl/telnet/telnet/commands.c: Changed types of functions to - confirm with struct Command. - - * appl/telnet/configure.in: Check for setpgid. - - * appl/bsd/rlogin.c: Get rid of another warning. - - * appl/bsd/bsd_locl.h, appl/telnet/acconfig.h: New synonym for - solaris. - -Wed Dec 6 1995 - - * (movemail): Now from emacs-19.30. If you have a newish emacs - there is no reason to use this movemail. - - * (kadm): Added support for server side password checks. Hopefully - this is compatible with kerberos 4.10. Old kpasswd:s will give - funny error messages. For examples of checks, see - kadmin/pw_check.c. Since this is mostly political matters, - kadm_pw_check() should probably return KADM_SUCCESS by default. - -Mon Nov 27 1995 - - * appl/telnet/telnetd/telnetd.c (main): Kludge to fix encryption - problem with Mac NCSA telnet 2.6. - - - * lib/krb/stime.c: Now using YYYY for years. (2000 is soon here). - - * appl/bsd/rsh.c, rcp.c, rlogin.c: Fixed fallback for port number - (added missing ntohs). - -Sun Nov 12 1995 - - * (many files): More ANSI/ISO 9899-1990 to the people! - Now actually builds (not including util) with DEC "cc -std1" and - Sun "acc -Xc". There are still major prototype conflicts, but - there isn't much to do about this. - -Sat Oct 28 1995 - - * lib/kadm/kadm_cli_wrap.c: Fallback for kerberos and - kerberos_master services. - -Fri Oct 27 1995 - - * Released version 0.5 - - - * lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the - same code is used both for posix termios and others. - - * rsh, rlogin: Add environment variable RSTAR_NO_WARN which when - set to "yes" make warnings about "rlogin: warning, using standard - rlogin: remote host doesn't support Kerberos." go away. - -Tue Oct 24 1995 - - * admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update): - Optimized so that it can handle large databases, previously a - 10000 entry DB would take *many* minutes, this can now be done in - under a minute. - -Sat Oct 21 1995 - - * Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64 - bit machines. Source should now be free of 64 bit assumptions. - - * admin/copykey.c (copy_from_key): New functions for copying to - and from keys. Neccessary to solve som problems with longs on 64 - bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab. - - * lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems - with longs on 64 bit machines. - -Mon Oct 16 1995 - - * appl/bsd/login.c (main): Lots of stuff to support Psoriasis - login. Courtesy of gertz@lysator.liu.se. - - * configure.in, all Makefile.in's: Support for Linux shared - libraries. Courtesy of svedja@lysator.liu.se. - - * lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno - = KRB_PROT_VERSION; from server kode to libkrb where it really - belongs. - - * appl/bsd/forkpty.c (forkpty): New function that allocates master - and slave ptys in a portable way. Used by rlogind. - - * appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the - same utmpx slot got used by sevral sessions. Courtesy of - gertz@lysator.liu.se. - -Wed Oct 4 1995 - - * util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of - svedja@lysator.liu.se. - - * Fix the above Makefiles to work around bugs in Solaris and OSF/1 - make rules that was triggered by VPATH functionality in the yacc - and lex rules. - -Mon Oct 2 1995 - - * appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg): - Use stdarg instead of varargs. The code is still broken though, - you'll realize that on a machine with 64 bit pointers and 32 bit - int:s and no vsprintf, let's hope there will be no such beasts ;-). - - * appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems - have (or need) modules ttcompat and pckt so don't flag it as a - fatal error if they don't exist. - -Mon Sep 25 1995 - - * kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c - (kadm_listen): Add kludge for kadmind running on a multihomed - server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h - if you need this feature. - - * appl/Makefile.in (SUBDIRS): Add applications movemail kpopper - and xnlock. - -Wed Sep 20 1995 - - * appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not - implemented yet though. - -Wed Sep 13 1995 - - * appl/xnlock/Makefile.in: Some stubs for X11 programs in - configure.in as well as a kerberized version of xnlock. - - * appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback - port numbers if they can not be found using getservbyname. - -Tue Sep 12 1995 - - * appl/bsd/klogin.c (klogin): Use differnet ticket files for each - login so that a malicous user won't be able to destroy our tickets - with a failed login attempt. - - * lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if - there is no such thing try afs@CELL instead. There is now two - arguments to k_afslog(char *cell, char *realm). - -Mon Sep 11 1995 - - * kadmin/admin_server.c (kadm_listen): If we are multihomed we - need to figure out which local address that is used this time - since it is used in "direction" comparison. - -Wed Sep 6 1995 - - * kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default - port number. - - * lib/krb/send_to_kdc.c (send_to_kdc): Default port number - (KRB_PORT) was not in network byte order. - -Tue Sep 5 1995 - - * lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct - when selecting. - - -Mon Sep 4 1995 - - * appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c: - Now does fallback if there isn't any entries in /etc/services for - klogin/kshell. This also made the code a bit more pretty. - - - * appl/bsd/login.c: Added support for lots of more struct utmp fields. - If there is no ttyslot() use setutent and friends. - - * appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c: - Added extern iruserok(). - - * appl/bsd/iruserok.c: Initial revision - - * appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis. - - * appl/bsd/Makefile.in: New install - - * appl/bsd/pathnames.h: Fix default path, rsh and rlogin. - - * appl/bsd/rshd.c: Extend default PATH with bindir to find rcp. - - - * appl/bsd/login.c (login): If there is no ttyslot use setutent - and friends. Added support for lots of more struct utmp fields. - - * server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h: - Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros. - - * appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than - _PATH_DEF. - - * appl/bsd/login.c, su.c (main): Use fallback to bourne shell if - running as root. - - * appl/bsd/su.c (main): Update usage message to reflect that '-' - option must come after the ordinary options and before login-id. - -Sat Sep 2 1995 - - * appl/telnet/telnetd/telnetd.c (doit): If remote host name is to - long to fit into utmp try to remove domain part if it does match - our local domain. - - (main): Add new option -L /bin/login so that it is possible to - specify an alternate login program. - - * appl/telnet/telnet/commands.c (env_init): When exporting - variable DISPLAY and if hostname is not the full name, try to get - the full name from DNS. - - * appl/telnet/telnet/main.c (main): Option -k realm was broken due - to a bogous external declaration. - -Fri Sep 1 1995 - - * kadmin/kadmin.c (add_new_key): Kadmin now properly sets - lifetime, expiration date and attributes in add_new_key command. - -Wed Aug 30 1995 - - * appl/bsd/su.c (main): Don't handle '-' option with getopt. - - * appl/telnet/telnet/externs.h: Removed protection for multiple - inclusions of termio(s).h since it broke definition of termio - macro on POSIX systems. - -Tue Aug 29 1995 - - * lib/krb/lifetime.c (krb_life_to_time): If you want to disable - AFS compatible long lifetimes set krb_no_long_lifetimes = 1. - - Please note that the long lifetimes are 100% compatible up to - 10h so this should rarely be necessary. - - * lib/krb/krb_equiv.c (krb_equiv): If you don't want to use - ipaddress protection of tickets set krb_ignore_ip_address. This - makes it possible for an intruder to steal a ticket and then use - it from som other machine anywhere on the net. - -Mon Aug 28 1995 - - * kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one - local address. Accept request on all interfaces. - - * admin/kdb_edit.c (change_principal): Don't accept illegal - dates. Courtesy of gertz@lysator.liu.se. - -Sat Aug 26 1995 - - * configure.in: AIX specific libraries needed when using standard - libc routine getttyent, IBM should be ashamed! - - * lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t - problem. - - * Added strdup for su and rlogin. - - * Fix for old syslog macros in appl/bsd/bsd_locl. - -Fri Aug 25 1995 - - * lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New - ifdef HAVE_NEW_DB for new databases residing in one file only. - - * appl/bsd/rlogin.c (oob): Add workaround for Linux. - -Mon Aug 21 1995 - - * appl/bsd/getpass.c: New routine that reads up to 127 char - passwords. Used in su.c and login.c. - -Tue Aug 15 1995 - - * appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY - should not be used on HP-UX. - -Mon Aug 14 1995 - - * appl/bsd/rlogin.c (main): Added dummy rlogind that tells user to - rather use telnet. - -Thu Aug 10 1995 - - * lib/krb/ krb.h, decomp_ticket.c, getrealm.c, get_krbhst.c, - get_krbrlm.c, get_admhst.c: - - Use multiple configuration directories for krb.conf and - krb.realms, KRB_CONF and KRB_REALM_TRANS macros substituted with - KRB_CNF_FILES and KRB_RLM_FILES. Currently /etc and - /etc/kerberosIV are searched. Directory specified by envioronment - variable KRBCONFDIR is searched first if set. No hardcoded - realmname or kerberos server. Instead use domainname for deafult - realm and kerberos.domain as kerberos server if they are not - listed in krb.conf and/or krb.realms. In the normal case there - should be no need for configuration files if administrators add a - CNAME pointing to the kerberos server. - - * appl/bsd/Makefile.in and friends: GNU make should no longer be - neccessary unless building with VPATH. - -Wed Aug 9 1995 - - * appl/bsd/klogin.c (klogin): Old ticket file need to be removed - before we call krb_get_pw_in_tkt or we might get a Kerberos intkt - error because the wrong user owns the file. - -Tue Aug 8 1995 - - * configure.in : Telnet.beta2 is now official and has been moved - to appl/telnet. - - * appl/bsd/su.c (main): Reenable -K flag, won't work if not - PASSWD_FALLBACK is enabled. Cosmetics for Password prompt. - -Fri Aug 4 1995 - - * appl/bsd/su.c (kerberos): Don't allow su from possibly bogous - kerberos server. Controlled by #ifdef KLOGIN_PARANOID. - - * lib/kafs/afssys.c (SIGSYS_handler): Need to reinstall handler on - SYSV. - -Mon Jul 24 1995 - - * lib/kafs/afssys.c (k_afsklog): Use default realm on null argument. - - * appl/bsd/rlogin.c, login.c: New programs. - -Fri Jul 21 1995 - - * appl/bsd/kcmd.c rsh.c rlogin.c: Use POSIX signals. - - * appl/telnet.95.05.31.NE/telnetd/sys_term.c, telnetd.c: Port to - IRIX. - -Tue Jul 11 1995 - - * admin/kdb_init.c (main): Use new random generator. Dito in - admin/kdb_edit.c. Use master key to initialize random sequence. - -Mon Jul 10 1995 - - * kadmin/kadmin.c (get_password): Fix for random passwords. - Dito for admin/kdb_edit.c - - * appl/kauth/kauth.c (main): Updated for krb distribution, now - uses new library libkafs. - - * appl/telnet.beta/telnet/main.c (main): New telnet with - encryption hacks from ftp.funet.fi:/pub/unix/security/esrasrc-1.0. - Encryption does not currently work though. - -Tue Jun 20 1995 - - * New library to support AFS. Routines: - - int k_hasafs(void); - int k_afsklog(...); - int k_setpag(void); - int k_unlog(void); - int k_pioctl(char *, int, struct ViceIoctl *, int); - - Modified it to support more than one single entry point AFS - syscalls (needed by HPUX and OSF/1 when running DFS). Don't rely - on transarc headers or library code. - - This has not been tested and will most probably need some - serious violence to get working under AIX. (AIX has since been - fixed to. /bg) - -Fri Jun 16 1995 - - * lib/krb/krb_equiv.c (krb_equiv): Compare IP adresses using - krb_equiv() to allow for hosts with more than one address in files - rd_priv.c rd_req.c and rd_safe.c. - - * slave/kpropd.c (main): Fix uninitialized variables and rewind - file in kprop.c. - -Thu Jun 15 1995 - - * appl/bsd/rcp.c (allocbuf): Fix various bugs. - - * slave/kpropd.c (main): Responder uses - KPROP_SERVICE_NAME.`hostname' and requestor always uses - KPROP_SERVICE_NAME.KRB_MASTER, i.e rcmd.kerberos in kprop/kpropd - protocol. - -Wed Jun 14 1995 - - * appl/bsd/rshd.c (doit): Encryption should now work both ways. - -Tue Jun 13 1995 - - * appl/bsd/pathnames.h: Fixup paths. - - * server/Makefile.in and friends (install): Install daemons in in - libexec and administrator programs in sbin. - - - * Makefile.in: Joda (d91-jda) added install target - -Wed Jun 7 1995 - - * lib/krb/k_strerror.c: New function k_strerror() to use instead - of the non portable sys_errlist[]. diff --git a/crypto/kerberosIV/Makefile.in b/crypto/kerberosIV/Makefile.in deleted file mode 100644 index b2e986419554..000000000000 --- a/crypto/kerberosIV/Makefile.in +++ /dev/null @@ -1,73 +0,0 @@ -# $Id: Makefile.in,v 1.36 1999/03/01 13:04:23 joda Exp $ - -srcdir = @srcdir@ -prefix = @prefix@ -VPATH = @srcdir@ - -SHELL = /bin/sh -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs -TRAVELKIT = appl/kauth/kauth kuser/klist appl/telnet/telnet/telnet \ - appl/ftp/ftp/ftp appl/kx/kx appl/kx/rxtelnet - -@SET_MAKE@ - -SUBDIRS = include lib kuser server slave admin kadmin appl man doc - -all: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) all); done - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -check: - cd lib && $(MAKE) $(MFLAGS) check - -install: - $(MKINSTALLDIRS) $(DESTDIR)$(prefix) - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) install); done - -install-strip: - $(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' install - -uninstall: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done - -travelkit: all - $(MKINSTALLDIRS) tmp - for i in $(TRAVELKIT); \ - do $(INSTALL_PROGRAM) $$i tmp; done - (cd tmp; tar cf ../travelkit.tar `for i in $(TRAVELKIT); do basename $$i; done`) - rm -rf tmp - -travelkit-strip: - $(MAKE) INSTALL_PROGRAM='$(INSTALL_PROGRAM) -s' travelkit - -TAGS: - find . -name '*.[chyl]' -print | etags - - -clean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) clean); done - -mostlyclean: clean - -distclean: - $(MAKE) clean - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) distclean); done - rm -f Makefile config.status config.cache config.log version.h newversion.h.in version.h.in *~ - -realclean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) realclean); done - -$(srcdir)/aclocal.m4: - cd $(srcdir) && aclocal -I cf - -.PHONY: all Wall check install install-strip uninstall travelkit travelkit-strip clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/NEWS b/crypto/kerberosIV/NEWS deleted file mode 100644 index ac5107884973..000000000000 --- a/crypto/kerberosIV/NEWS +++ /dev/null @@ -1,755 +0,0 @@ -Changes in release 1.0.5: - -* Remember to update version string. - -* Build fixes - -* multiple local realm fix in krb_verify_user - -Changes in release 1.0.4: - -* Only allow a small list of environment variables in telnetd - -* Fix one buffer overflow in libkrb - -* Make su handle multiple local realms - -* Build pic-ed archives (to be used with the pam module) - -* do not handle environment variables, use krb.extra instead - -* Disable KRBCONFDIR environment variable for root - -* fix shared libraries building on solaris - -Changes in release 1.0.3: - -* Handle DoS attacks in the KDC and the admin server better. - -* updated config.guess and config.sub - -* better db/gdbm discovery - -* bug fixes - -Changes in release 1.0.2: - -* Fix syslog(LOG_FOO, bug) calls in kauthd, kipd - -* Fix bug with systems have a 64bit `time_t' - -* Port to Solaris 8 (aka SunOS 5.8), HP-UX 11 - -* Add AIX fix for shared libraries - -* Make afslog work with Arla - -* Be more paranoid about setuid for the sake of Linux 2.2.15 - -* Make rshd afslog to the cell of the home directory - -* Improved kip/kipd - -* syslog with correct level in popper - -* install libraries correctly in lib/sl - -* more paranoia when overwriting and removing ticket files - -Changes in release 1.0.1: - -* Fix bug in ftpd when accepting connections - -* Make `-d' in kauth not imply `-a' - -* Adapt sia to new TKT_ROOT - -* Define `sockaddr_storage' in a fashion that works on - alignment-restricted architectures - -* Rewrite PAM module to work better. - -* Make all files in libdes build with CFLAGS - -Changes in release 1.0: - -* A new configuration option `nat_in_use' in krb.extra to ease use - through Network Address Translators. - -* Support configuration value of KEYFILE and TKT_ROOT in krb.extra - -* Easier building on some platforms - -* built-in ls in ftpd. - -* Bug fixes. - -Changes in release 0.10: - -* Some support for Irix 6.5 capabilities - -* Improved kadmin interface; you can get more info via kadmin. - -* Some improved support for OSF C2. - -* General bug-fixes and improvements, including a large number of - potential buffer overrun fixes. A large number of portability - improvements. - -* Support for multiple local realms. - -* Support batch kadmin operation. - -* Heimdal support in push. - -* Removed `--with-shared' configure option (use `--enable-shared'.) - -* Now uses Autoconf 2.13. - -Changes in release 0.9.9: - -* New configuration file /etc/krb.extra - -* New program `push' for popping mail. - -* Add (still little tested) support for maildir spool files in popper. - -* Added `delete' to ksrvutil. - -* Support the strange X11 sockets used on HP-UX and some versions of - Solaris. - -* Arla compatibility in libkafs. - -* More compatibility with the Solaris version of libkrb. - -* New configure option `--with-mips-abi' - -* Support `/etc/securetty' in login. - -* Bug fixes and improvements to the Win32 telnet. - -* Add support for installing with DESTDIR - -* SIA module with added support for password changing, and - reauthentication. - -* Add better support for MIT `compile_et' and `mk_cmds', this should - make it easier to build things like `zephyr'. - -* Bug fixes: - - Krb: fixed dangling references to flock in libkrb - - FTP: fixed `logwtmp' name conflict - - Telnet: fix a few literal IP-number bugs - - Telnet: hopefully fixed stair-stepping bug - - Kafs: don't store expired tokens in the kernel - - Kafs: fix broken installation of afslib.so in AIX - -Changes in release 0.9.8: - -* several bug fixes; some which deserve mentioning: - - fix non-working `kauth -h' - - the sia-module should work again - - don't leave tickets in popper - -Changes in release 0.9.7: - -* new configure option --disable-otp - -* new configure option --with-afsws - -* includes rxkad implementation - -* ftp client is more careful with suspicious filenames (|, .., /) - -* fixed setuid-vulnerability of rcp, rlogin, and rsh. - -* removed use of tgetent from telnetd (thereby eliminating buffer-overflow) - -* new commands in ftp and ftpd: kdestroy, krbtkfile, and afslog. - -* implement HTTP transport in libkrb and KDC. - -* win32 terminal program much improved. also implemented ticket - management program. - -* introduce `-i' option to kerberos server for listening only on one - interface. - -* updated otp applications and man pages. - -* merged in libdes 4.01 - -* popper is more resilient to badly formatted mails. - -* minor fixes for Cray support. - -* fix popen bug i ftpd. - -* lots of bug fixes and portability fixes. - -* better compatibility with Heimdal. - -Minor changes in release 0.9.6: - -* utmp(x) works correctly on systems with utmpx. - -* A security-related bug in ftpd fixed. - -* Compiles on solaris 2.4, 2.6 and on WinNT/95 with cygwin32 beta18. - -* New option `-w' to rxtelnet, rxterm. - -Major changes in release 0.9.5: - -* We made some changes to be compatible with the other kerberised ftp - implementations and this means that an old kerberised ftp client will - not be able to talk to a new ftp server. So try to upgrade your ftp - clients and servers at the same time. The reason for this change is - described in more detail below. - -* The interpretation of /etc/ftpusers has changed slightly, see - ftpusers(5). These changes come from NetBSD. - -* The function `des_quad_cksum', which is used by `krb_rd_safe', and - `krb_mk_safe', has never been compatible with MIT's DES - library. This has now been fixed. - - This fix will however break some programs that used those functions, - for instance `ftp'. In this version `krb_rd_safe' is modified to - accept checksums of both the new and the old format; `krb_mk_safe' - will always emit checksums of the new type *unless* `krb_rd_safe' - has detected that the client is using the old checksum (this feature - may be removed in some future release). - - If you have programs that use `krb_mk_safe' and `krb_rd_safe' you - should upgrade all clients before upgrading your servers. Client is - here defined as the program that first calls `krb_rd_safe'. - - If you are using some protocol that talks to more than one client or - server in one session, the heuristics to detect which kind of - checksum to use might fail. - - The problem with `des_quad_cksum' was just a byte-order problem, so - there are no security problems with using the old versions. Thanks - to Derrick J Brashear for pointing in the - right general direction. - -* Rewrote kx to work always open TCP connections in the same - direction. This was needed to make it work through NATs and is - generally a cleaner way of doing it. Also added `tenletxr'. - Unfortunately the new protocol is not compatible with the old one. - The new kx and kxd programs try to figure out if they are talking to - old versions. - -* Quite a bit of new functionality in otp. Changed default hash - function to `md5'. Fixed implementation of SHA and added downcasing - of seed to conform with `draft-ietf-otp-01.txt'. All verification - examples in the draft now work. - -* Fixed buffer overflows. - -* Add history/line editing in kadmin and ftp. - -* utmp/utmpx and wtmp/wtmpx might work better on strange machines. - -* Bug fixes for `rsh -n' and `rcp -x'. - -* reget now works in ftp and ftpd. Passive mode works. Other minor - bug fixes as well. - -* New option `-g umask' to ftpd for specifying the umask for anonymous users. - -* Fix for `-l' option in rxtelnet and rxterm. - -* XOVER support in popper. - -* Better support for building shared libraries. - -* Better support for talking to the KDC over TCP. This could make it - easier to use brain-damaged firewalls. - -* Support FreeBSD-style MD5 /etc/passwd. - -* New option `-createuser' to afslog. - -* Upgraded to work with socks5-v1.0r1. - -* Almost compiles and works on OS/2 with EMX, and Win95/NT with gnu-win32. - -* Merged in win32-telnet, see README-WIN32 for more details. - -* Possibly fixed telnet bug on HP-UX 10. - -* Updated man-pages. - -* Support for NetBSD/OpenBSD manual page circus. - -* Bug fixes. - -Major changes in release 0.9.3: - -* kx has been rewritten and is now a lot easier to use. Two new - scripts: rxtelnet and rxterm. It also works on machines such as - Cray where the X-libraries cannot talk unix sockets. - -* experimental OTP (RFC1938). Included in login, ftpd, and popper. - -* authentication modules: PAM for linux, SIA for OSF/1, and - afskauthlib for Irix. - -* popper now has the UIDL command. - -* ftpd can now tar and compress files and directories on the fly, also - added a find site command. - -* updated documentation and man pages. - -* Change kuserok so that it acts as if luser@LOCALREALM is always an - entry of .klogin, even when it's not possible to verify that there - is no such file or the file is unreadable. - -* Support for SRV-records. - -* Socks v5 support. - -* rcp is AFS-aware. - -* allow for other transport mechanisms than udp (useful for firewall - tormented souls); as a side effect the format of krb.conf had to - become more flexible - -* sample programs included. - -* work arounds for Linux networking bugs in rlogind and rlogin. - -* more portable - -* quite a number of improvments/bugfixes - -* New platforms: HP-UX 10, Irix 6.2 - -Major changes in release 0.9.2a: - -* fix annoying bug with kauth (et al) returning incorrect error - -Major changes in release 0.9.2: - -* service `kerberos-iv' and port 750 has been registered with IANA. - -* Bugfixes. - - - Compiles with gcc on AIX. - - - Compiles with really old resolvers. - - - ftp works with afs string-to-key. - - - shared libraries should work on Linux/ELF. - - - some potential buffer overruns. - - - general code clean-up. - -* Better Cray/UNICOS support. - -* New platforms: AIX 4.2, IRIX 6.1, and Linux 2.0 - -Major changes in release 0.9.1: - -* Mostly bugfixes. - - - No hardcoded references to /usr/athena - - - Better Linux support with rlogin - - - Fix for broken handling of NULL password in kadmind (such as with - `ksrvutil change') - - - AFS-aware programs should work on AIX systems without AFS - -* New platforms: Digital UNIX 4.0 and Fujitsu UXP/V - -* New mechanism to determine realm from hostname based on DNS. To find - the realm of a.b.c.d it tries to find krb4-realm.a.b.c.d and then - krb4-realm.b.c.d and so on. The entry in DNS should be a TXT record - with the realm name. - - krb4-realm.pdc.kth.se. 7200 TXT "NADA.KTH.SE" - -Major changes in release 0.9: - -* Tested platforms: - -Dec Alpha OSF/1 3.2 with cc -std1 -HP 9000/735 HP/UX 9.05 with gcc -DEC Pmax Ultrix 4.4 with gcc (cc does not work) -IBM RS/6000 AIX 4.1 with xlc (gcc works, cc does not) -SGI IRIX 5.3 with cc -Sun SunOS 4.1.4 with gcc (cc is not ANSI and does not work) -Sun SunOS 5.5 with gcc -Intel i386 NetBSD 1.2 with gcc -Intel i386 Linux 1.3.95 with gcc -Cray J90 Unicos 9 with cc - -* Mostly ported to Crays running Unicos 9. - -* S/Key-support in ftpd. - -* Delete operation supported in kerberos database. - -* Cleaner and more portable code. - -* Even less bugs than before. - -* kpopper now supports the old pop3 protocol and has been renamed to popper. - -* rsh can be renamed remsh. - -* Experimental program for forwarding IP over a kerberos tunnel. - -* Updated to libdes 3.23. - -Major changes in release 0.8: - -* New programs: ftp & ftpd. - -* New programs: kx & kxd. These programs forward X connections over - kerberos-encrypted connections. - -* Incorporated version 3.21 of libdes. - -* login: No double utmp-entries on Solaris. - -* kafs - - * Better guessing of what realm a cell belongs to. - - * Support for authenticating to several cells. Reads - /usr/vice/etc/TheseCells, if present. - -* ksrvutil: Support for generating AFS keys. - -* login, su, rshd, rlogind: tries to counter possible NIS-attack. - -* xnlock: several bug fixes and support for more than one screen. - -* Default port number for ekshell changed from 2106 to 545. kauth - port changed from 4711 to 2120. - -* Rumored to work on Fujitsu UXP/V and Cray UNICOS. - -Major changes in release 0.7: - -* New experimental masterkey generation. Enable with - --enable-random-mkey. Also the default place for the master key has - moved from /.k to /var/kerberos/master-key. This is customizable - with --with-mkey=file. If you don't want you master key to be on the - same backup medium as your database, remember to use this flag. All - relevant programs still checks for /.k. - -* `-t' option to kadmin. - -* Kpopper uses kuserok to verify if user is allowed to pop mail. - -* Kpopper tries to locate the mail spool directory: /var/mail or - /var/spool/mail. - -* kauth has ability to get ticket on a remove host with the `-h' option. - -* afslog (aklog clone) and pagsh included. - -* New format for /etc/krb.equiv. - -* Better multi-homed hosts support in kauth, rcp, rlogin, rlogind, - rshd, telnet, telnetd. - -* rlogind works on ultrix and aix 3.2. - -* lots of bug fixes. - -Major changes in release 0.6: - -* Tested platforms: - -DEC/Alpha OSF3.2 -HP700 HPux 9.x -Dec/Pmax Ultrix 4.4 (rlogind not working) -IBM RS/6000 AIX 3.2 (rlogind not working) -IBM RS/6000 AIX 4.1 -SGI Irix 5.3 -Sun Sunos 4.1.x -Sun Sunos 5.4 -386 BSD/OS 2.0.1 -386 NetBSD 1.1 -386 Linux 1.2.13 - -It is rumored to work to some extent on NextStep 3.3. - -* ksrvutil get to create new keys and put them in the database at the -same time. - -* Support for S/Key in login. - -* kstring2key: new program to show string to key conversion. - -* Kerberos server should now listen on all available network -interfaces and on both port 88 and 750. - -* Timeout in kpopper. - -* Support password quality checks in kadmind. Use --with-crack-lib to -link kadmind with cracklib. The patches in cracklib.patch are needed. - -* Movemail from emacs 19.30. - -* Logging format uses four digits for years. - -* Fallback if port numbers are not listed in /etc/services. - - - * Relesed version 0.5 - - * lib/des/read_pwd.c: Redifine TIOCGETP and TIOCSETP so that the - same code is used both for posix termios and others. - - * rsh, rlogin: Add environment variable RSTAR_NO_WARN which when - set to "yes" make warnings about "rlogin: warning, using standard - rlogin: remote host doesn't support Kerberos." go away. - - * admin/kdb_util.c (load_db) lib/kdb/krb_dbm.c (kerb_db_update): - Optimized so that it can handle large databases, previously a - 10000 entry DB would take *many* minutes, this can now be done in - under a minute. - - * Changes in server/kerberos.c, kadmin/*.c slave/*.c to support 64 - bit machines. Source should now be free of 64 bit assumptions. - - * admin/copykey.c (copy_from_key): New functions for copying to - and from keys. Neccessary to solve som problems with longs on 64 - bit machines in kdb_init, kdb_edit, kdb_util and ext_srvtab. - - * lib/kdb/krb_kdb_utils.c (kdb_verify_master_key): More problems - with longs on 64 bit machines. - - * appl/bsd/login.c (main): Lots of stuff to support Psoriasis - login. Courtesy of gertz@lysator.liu.se. - - * configure.in, all Makefile.in's: Support for Linux shared - libraries. Courtesy of svedja@lysator.liu.se. - - * lib/krb/cr_err_reply.c server/kerberos.c: Moved int req_act_vno - = KRB_PROT_VERSION; from server kode to libkrb where it really - belongs. - - * appl/bsd/forkpty.c (forkpty): New function that allocates master - and slave ptys in a portable way. Used by rlogind. - - * appl/telnet/telnetd/sys_term.c (start_login): Under SunOS5 the - same utmpx slot got used by sevral sessions. Courtesy of - gertz@lysator.liu.se. - - * util/{ss, et}/Makefile.in (LEX): Use flex or lex. Courtesy of - svedja@lysator.liu.se. - - * Fix the above Makefiles to work around bugs in Solaris and OSF/1 - make rules that was triggered by VPATH functionality in the yacc - and lex rules. - - * appl/kpopper/pop_log.c (pop_log) appl/kpopper/pop_msg.c (pop_msg): - Use stdarg instead of varargs. The code is still broken though, - you'll realize that on a machine with 64 bit pointers and 32 bit - int:s and no vsprintf, let's hope there will be no such beasts ;-). - - * appl/telnet/telnetd/sys_term.c (getptyslave): Not all systems - have (or need) modules ttcompat and pckt so don't flag it as a - fatal error if they don't exist. - - * kadmin/admin_server.c (kadm_listen) kadmind/kadm_ser_wrap.c - (kadm_listen): Add kludge for kadmind running on a multihomed - server. #ifdef:ed under MULTIHOMED_KADMIN. Change in acconfig.h - if you need this feature. - - * appl/Makefile.in (SUBDIRS): Add applications movemail kpopper - and xnlock. - - * appl/bsd/rlogin.c (main): New rlogind.c, forkpty() is not - implemented yet though. - - * appl/xnlock/Makefile.in: Some stubs for X11 programs in - configure.in as well as a kerberized version of xnlock. - - * appl/bsd/{rlogin.c, rsh.c, rcp.c}: Add code to support fallback - port numbers if they can not be found using getservbyname. - - * appl/bsd/klogin.c (klogin): Use differnet ticket files for each - login so that a malicous user won't be able to destroy our tickets - with a failed login attempt. - - * lib/kafs/afssys.c (k_afsklog): First we try afs.cell@REALM, if - there is no such thing try afs@CELL instead. There is now two - arguments to k_afslog(char *cell, char *realm). - - * kadmin/admin_server.c (kadm_listen): If we are multihomed we - need to figure out which local address that is used this time - since it is used in "direction" comparison. - - * kadmin/kadm_ser_wrap.c (kadm_ser_init): Fallback to use default - port number. - - * lib/krb/send_to_kdc.c (send_to_kdc): Default port number - (KRB_PORT) was not in network byte order. - - * lib/krb/send_to_kdc.c (send_recv): Linux clears timeout struct - when selecting. - - * appl/bsd/rcp.c, appl/bsd/rlogin.c, appl/bsd/rsh.c: - Now does fallback if there isn't any entries in /etc/services for - klogin/kshell. This also made the code a bit more pretty. - - * appl/bsd/login.c: Added support for lots of more struct utmp fields. - If there is no ttyslot() use setutent and friends. - - * appl/bsd/Makefile.in, appl/bsd/rlogind.c, appl/bsd/rshd.c: - Added extern iruserok(). - - * appl/bsd/iruserok.c: Initial revision - - * appl/bsd/bsd_locl.h: Must include sys/filio.h on Psoriasis. - - * appl/bsd/Makefile.in: New install - - * appl/bsd/pathnames.h: Fix default path, rsh and rlogin. - - * appl/bsd/rshd.c: Extend default PATH with bindir to find rcp. - - * appl/bsd/login.c (login): If there is no ttyslot use setutent - and friends. Added support for lots of more struct utmp fields. - - * server/kerberos.c (main) lib/kafs/afssys.c appl/bsd/bsd_locl.h: - Must include sys/filio.h on Psoriasis to find _IOW and FIO* macros. - - * appl/bsd/rlogind.c (doit): Use _PATH_DEFPATH rather than - _PATH_DEF. - - * appl/bsd/login.c, su.c (main): Use fallback to bourne shell if - running as root. - - * appl/bsd/su.c (main): Update usage message to reflect that '-' - option must come after the ordinary options and before login-id. - - * appl/telnet/telnetd/telnetd.c (doit): If remote host name is to - long to fit into utmp try to remove domain part if it does match - our local domain. - - (main): Add new option -L /bin/login so that it is possible to - specify an alternate login program. - - * appl/telnet/telnet/commands.c (env_init): When exporting - variable DISPLAY and if hostname is not the full name, try to get - the full name from DNS. - - * appl/telnet/telnet/main.c (main): Option -k realm was broken due - to a bogous external declaration. - - * kadmin/kadmin.c (add_new_key): Kadmin now properly sets - lifetime, expiration date and attributes in add_new_key command. - - * appl/bsd/su.c (main): Don't handle '-' option with getopt. - - * appl/telnet/telnet/externs.h: Removed protection for multiple - inclusions of termio(s).h since it broke definition of termio - macro on POSIX systems. - - * lib/krb/lifetime.c (krb_life_to_time): If you want to disable - AFS compatible long lifetimes set krb_no_long_lifetimes = 1. - - Please note that the long lifetimes are 100% compatible up to - 10h so this should rarely be necessary. - - * lib/krb/krb_equiv.c (krb_equiv): If you don't want to use - ipaddress protection of tickets set krb_ignore_ip_address. This - makes it possible for an intruder to steal a ticket and then use - it from som other machine anywhere on the net. - - * kadmin/kadm_ser_wrap.c (kadm_ser_init): Don't bind to only one - local address. Accept request on all interfaces. - - * admin/kdb_edit.c (change_principal): Don't accept illegal - dates. Courtesy of gertz@lysator.liu.se. - - * configure.in: AIX specific libraries needed when using standard - libc routine getttyent, IBM should be ashamed! - - * lib/krb/recvauth.c (krb_recvauth): Long that should be int32_t - problem. - - * Added strdup for su and rlogin. - - * Fix for old syslog macros in appl/bsd/bsd_locl. - - * lib/kdb/krb_dbm.c (kerb_db_rename) admin/kdb_destroy.c: New - ifdef HAVE_NEW_DB for new databases residing in one file only. - - * appl/bsd/rlogin.c (oob): Add workaround for Linux. - - * appl/bsd/getpass.c: New routine that reads up to 127 char - passwords. Used in su.c and login.c. - - * appl/telnet/telnetd/sys_term.c (login_tty): Ioctl TIOCSCTTY - should not be used on HP-UX. - -==========================*** Released 0.2? ***============================= - -ksrvutil - If there is a dot in the about to be added principals name there is - no need to ask for instance name. - -kerberos & kadmind - Logfiles are created with small permissions (600). - -krb.conf and krb.realms - Use domain part as realm name if there is no match in krb.realms. - Use kerberos.REALMNAME if there is no match in krb.realms. - -rlogin - The rlogin client is supported both with and without encryption, - there is no rlogind yet though. - -login - There is login program that supports the -f option. Both kerberos - and /etc/passwd authentication is enabled. - - Vendors login programs typically have no -f option (needed by - telnetd) and also does not know how to verify passwords againts - kerberos. - -appl/bsd/* - Now uses POSIX signals. - -kdb_edit, kadmin - Generate random passwords if administrator enters empty password. - -lib/kafs - New library to support AFS. Routines: - int k_hasafs(void); - int k_afsklog(...); or some other name - int k_setpag(void); - int k_unlog(void); - int k_pioctl(char *, int, struct ViceIoctl *, int); - - Library supports more than one single entry point AFS syscalls - (needed be HP/UX and OSF/1 when running DFS). Doesn't rely on - transarc headers or library code. Same binaries can be used both on - machines running AFS and others. - - This library is used in telnetd, login and the r* programs. - -telnet & telnetd - Based on telnet.95.05.31.NE but with the encryption hacks from - ftp.funet.fi:/pub/unix/security/esrasrc-1.0 added. This encryption - stuff needed some more modifications (done by joda@nada.kth.se) - before it was usable. Telnet has also been modified to use GNU - autoconf. - -Numerous other changes that are long since forgotten. diff --git a/crypto/kerberosIV/PROBLEMS b/crypto/kerberosIV/PROBLEMS deleted file mode 100644 index b72c521fda98..000000000000 --- a/crypto/kerberosIV/PROBLEMS +++ /dev/null @@ -1,147 +0,0 @@ - -Problems compiling Kerberos -=========================== - -Many compilers require a switch to become ANSI compliant. Since krb4 is -written in ANSI C it is necessary to specify the name of the compiler -to be used and the required switch to make it ANSI compliant. This is -most easily done when running configure using the `env' command. For -instance to build under HP-UX using the native compiler do: - - datan$ env CC="cc -Ae" ./configure - -In general `gcc' works. The following combinations have also been -verified to successfully compile the distribution: - -`HP-UX' - `cc -Ae' - -`Digital UNIX' - `cc -std1' - -`AIX' - `xlc' - -`Solaris 2.x' - `cc' (unbundled one) - -`IRIX' - `cc' - -Linux problems --------------- - -The libc functions gethostby*() under RedHat4.2 can sometimes cause -core dumps. If you experience these problems make sure that the file -`/etc/nsswitch.conf' contains a hosts entry no more complex than the -line - -hosts: files dns - -Some systems have lost `/usr/include/ndbm.h' which is necessary to -build krb4 correctly. There is a `ndbm.h.Linux' right next to the -source distribution. - -There has been reports of non-working `libdb' on some Linux -distributions. If that happens, use the `--without-berkeley-db' when -configuring. - -SunOS 5 (aka Solaris 2) problems --------------------------------- - -When building shared libraries and using some combinations of GNU gcc/ld -you better set the environment variable RUN_PATH to /usr/athena/lib -(your target libdir). If you don't, then you will have to set -LD_LIBRARY_PATH during runtime and the PAM module will not work. - -HP-UX problems --------------- - -The shared library `/usr/lib/libndbm.sl' doesn't exist on all systems. -To make problems even worse, there is never an archive version for -static linking either. Therefore, when building "truly portable" -binaries first install GNU gdbm or Berkeley DB, and make sure that you -are linking against that library. - -Cray problems -------------- - -`rlogind' won't work on Crays until `forkpty()' has been ported, in the -mean time use `telnetd'. - -IRIX problems -------------- - -IRIX has three different ABI:s (Application Binary Interface), there's -an old 32 bit interface (known as O32, or just 32), a new 32 bit -interface (N32), and a 64 bit interface (64). O32 and N32 are both 32 -bits, but they have different calling conventions, and alignment -constraints, and similar. The N32 format is the default format from IRIX -6.4. - -You select ABI at compile time, and you can do this with the -`--with-mips-abi' configure option. The valid arguments are `o32', -`n32', and `64', N32 is the default. Libraries for the three different -ABI:s are normally installed installed in different directories (`lib', -`lib32', and `lib64'). If you want more than one set of libraries you -have to reconfigure and recompile for each ABI, but you should probably -install only N32 binaries. - -GCC had had some known problems with the different ABI:s. Old GCC could -only handle O32, newer GCC can handle N32, and 64, but not O32, but in -some versions of GCC the structure alignment was broken in N32. - -This confusion with different ABI:s can cause some trouble. For -instance, the `afskauthlib.so' library has to use the same ABI as -`xdm', and `login'. The easiest way to check what ABI to use is to run -`file' on `/usr/bin/X11/xdm'. - -Another problem that you might encounter if you run AFS is that Transarc -apparently doesn't support the 64-bit ABI, and because of this you can't -get tokens with a 64 bit application. If you really need to do this, -there is a kernel module that provides this functionality at -. - -AIX problems ------------- - -`gcc' version 2.7.2.* has a bug which makes it miscompile -`appl/telnet/telnetd/sys_term.c' (and possibily `appl/bsd/forkpty.c'), -if used with too much optimization. - -Some versions of the `xlc' preprocessor doesn't recognise the -(undocumented) `-qnolm' option. If this option is passed to the -preprocessor (like via the configuration file `/etc/ibmcxx.cfg', -configure will fail. - -The solution is to remove this option from the configuration file, -either globally, or for just the preprocessor: - - $ cp /etc/ibmcxx.cfg /tmp - $ed /tmp/ibmcxx.cfg - 8328 - /nolm - options = -D_AIX,-D_AIX32,-D_AIX41,-D_AIX43,-D_IBMR2,-D_POWER,-bpT:0x10000000,-bpD:0x20000000,-qnolm - s/,-qnolm//p - options = -D_AIX,-D_AIX32,-D_AIX41,-D_AIX43,-D_IBMR2,-D_POWER,-bpT:0x10000000,-bpD:0x20000000 - w - 8321 - q - $ env CC=xlc CPP="xlc -E -F/tmp/ibmcxx.cfg" configure - -There is a bug in AFS 3.4 version 5.38 for AIX 4.3 that causes the -kernel to panic in some cases. There is a hack for this in `login', but -other programs could be affected also. This seems to be fixed in -version 5.55. - -C2 problems ------------ - -The programs that checks passwords works with `passwd', OTP, and -Kerberos paswords. This is problem if you use C2 security (or use some -other password database), that normally keeps passwords in some obscure -place. If you want to use Kerberos with C2 security you will have to -think about what kind of changes are necessary. See also the discussion -about Digital's SIA and C2 security, see *Note Digital SIA::. - - diff --git a/crypto/kerberosIV/README b/crypto/kerberosIV/README deleted file mode 100644 index 9c2f4a106e64..000000000000 --- a/crypto/kerberosIV/README +++ /dev/null @@ -1,47 +0,0 @@ - -*** PLEASE REPORT BUGS AND PROBLEMS TO kth-krb-bugs@nada.kth.se *** - -This is a severly hacked up version of Eric Young's eBones-p9 kerberos -version. The DES library has been updated with his 3.23 version and -numerous patches collected over the years have been applied to both -the kerberos and DES sources, most notably the CMU patches for extended -lifetimes that AFS uses. There is also support for AFS built into most -programs. - -The source has been changed to use ANSI C and POSIX to the largest -possible extent. The code in util/et and appl/bsd have not been -updated in this way though (they really need it). - -Telnet and telnetd are based on the telnet.95.10.23.NE.tar.Z. Kerberos -authentication is the default and warnings are issued by telnetd if -the telnet client does not turn on encryption. - -The r* programs in appl/bsd have been updated with newer sources from -NetBSD and FreeBSD. NOTE: use of telnet is prefered to the use of -rlogin which is a temporary hack and not an Internet standard (and has -only been documented quite recently). Telnet uses kerberos -authentication to prevent the passing of cleartext passwords and is -thus superior to rlogin. - -The distribution has been configured to primarily use kerberos -authentication with a fallback to /etc/passwd passwords. This should -make it easy to do a slow migration to kerberos. OTP support is also -included in login, popper, and ftpd. - -All programs in this distribution follow these conventions: - -/usr/athena/bin: User programs -/usr/athena/sbin: Administrator programs -/usr/athena/libexec: Daemons -/etc: Configuration files -/var/log: Logfiles -/var/kerberos: Kerberos database and ACL files - -A W3-page is at http://www.pdc.kth.se/kth-krb/ - -You can get some documentation from ftp://ftp.pdc.kth.se/pub/krb/doc. - -Please report bugs and problems to kth-krb-bugs@nada.kth.se - -There is a mailing list discussing kerberos at krb4@sics.se, send a -message to majordomo@sics.se to subscribe. diff --git a/crypto/kerberosIV/TODO b/crypto/kerberosIV/TODO deleted file mode 100644 index 83c308e772a8..000000000000 --- a/crypto/kerberosIV/TODO +++ /dev/null @@ -1,42 +0,0 @@ --*- indented-text -*- -rlogind, rshd, popper, ftpd (telnetd uses nonce?) - Add a replay cache. - -rcp - figure out how it should really behave with -r - -telnet, rlogin, rsh, rcp - Some form of support for ticket forwarding, perhaps only for AFS tickets. - -telnet, telnetd - Add negotiation for keep-alives. - -rlogind - Fix utmp logging. - -documentation - Write more info on: - * how to use - -rshd - Read default environment from /etc/default/login and other files. - Encryption without secondary port is bugged, it currently does no - encryption. But, nobody uses it anyway. - -autoconf - -libraries - generate archive and shared libraries in some portable way. - -ftpd - -kx - Compress and recode X protocol? - -kip - Other kinds of encapsulations? - Tunnel device as loadable kernel module. - Speed? - -BUGS - Where? diff --git a/crypto/kerberosIV/acconfig.h b/crypto/kerberosIV/acconfig.h deleted file mode 100644 index 771207b02fc4..000000000000 --- a/crypto/kerberosIV/acconfig.h +++ /dev/null @@ -1,172 +0,0 @@ -/* $Id: acconfig.h,v 1.105 1999/12/02 13:09:41 joda Exp $ */ - -@BOTTOM@ - -#undef HAVE_INT8_T -#undef HAVE_INT16_T -#undef HAVE_INT32_T -#undef HAVE_INT64_T -#undef HAVE_U_INT8_T -#undef HAVE_U_INT16_T -#undef HAVE_U_INT32_T -#undef HAVE_U_INT64_T - -/* This for compat with heimdal (or something) */ -#define KRB_PUT_INT(f, t, l, s) krb_put_int((f), (t), (l), (s)) - -#define HAVE_KRB_ENABLE_DEBUG 1 - -#define HAVE_KRB_DISABLE_DEBUG 1 - -#define HAVE_KRB_GET_OUR_IP_FOR_REALM 1 - -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } - -/* - * Set ORGANIZATION to be the desired organization string printed - * by the 'kinit' program. It may have spaces. - */ -#define ORGANIZATION "eBones International" - -#if 0 -#undef BINDIR -#undef LIBDIR -#undef LIBEXECDIR -#undef SBINDIR -#endif - -#if 0 -#define KRB_CNF_FILES { "/etc/krb.conf", "/etc/kerberosIV/krb.conf", 0} -#define KRB_RLM_FILES { "/etc/krb.realms", "/etc/kerberosIV/krb.realms", 0} -#define KRB_EQUIV "/etc/krb.equiv" - -#define KEYFILE "/etc/srvtab" - -#define KRBDIR "/var/kerberos" -#define DBM_FILE KRBDIR "/principal" -#define DEFAULT_ACL_DIR KRBDIR - -#define KRBLOG "/var/log/kerberos.log" /* master server */ -#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* slave server */ -#define KADM_SYSLOG "/var/log/admin_server.syslog" -#define K_LOGFIL "/var/log/kpropd.log" -#endif - -/* Maximum values on all known systems */ -#define MaxHostNameLen (64+4) -#define MaxPathLen (1024+4) - -/* ftp stuff -------------------------------------------------- */ - -#define KERBEROS - -/* telnet stuff ----------------------------------------------- */ - -/* define this for OTP support */ -#undef OTP - -/* define this if you have kerberos 4 */ -#undef KRB4 - -/* define this if you want encryption */ -#undef ENCRYPTION - -/* define this if you want authentication */ -#undef AUTHENTICATION - -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif - -/* Set this if you want des encryption */ -#undef DES_ENCRYPTION - -/* Set this to the default system lead string for telnetd - * can contain %-escapes: %s=sysname, %m=machine, %r=os-release - * %v=os-version, %t=tty, %h=hostname, %d=date and time - */ -#undef USE_IM - -/* define this if you want diagnostics in telnetd */ -#undef DIAGNOSTICS - -/* define this if you want support for broken ENV_{VALUE,VAR} systems */ -#undef ENV_HACK - -/* */ -#undef OLD_ENVIRON - -/* Used with login -p */ -#undef LOGIN_ARGS - -/* set this to a sensible login */ -#ifndef LOGIN_PATH -#define LOGIN_PATH BINDIR "/login" -#endif - - -/* ------------------------------------------------------------ */ - -#ifdef BROKEN_REALLOC -#define realloc(X, Y) isoc_realloc((X), (Y)) -#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) -#endif - -#ifdef VOID_RETSIGTYPE -#define SIGRETURN(x) return -#else -#define SIGRETURN(x) return (RETSIGTYPE)(x) -#endif - -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -/* - * All these are system-specific defines that I would rather not have at all. - */ - -/* - * AIX braindamage! - */ -#if _AIX -#define _ALL_SOURCE -/* XXX this is gross, but kills about a gazillion warnings */ -struct ether_addr; -struct sockaddr; -struct sockaddr_dl; -struct sockaddr_in; -#endif - -#if defined(__sgi) || defined(sgi) -#if defined(__SYSTYPE_SVR4) || defined(_SYSTYPE_SVR4) -#define IRIX 5 -#else -#define IRIX 4 -#endif -#endif - -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif - -/* - * Defining this enables lots of useful (and used) extensions on - * glibc-based systems such as Linux - */ - -#define _GNU_SOURCE - -/* some strange OS/2 stuff. From */ - -#ifdef __EMX__ -#define _EMX_TCPIP -#define MAIL_USE_SYSTEM_LOCK -#endif - -#ifdef ROKEN_RENAME -#include "roken_rename.h" -#endif diff --git a/crypto/kerberosIV/acinclude.m4 b/crypto/kerberosIV/acinclude.m4 deleted file mode 100644 index 7e7de6fa2c1e..000000000000 --- a/crypto/kerberosIV/acinclude.m4 +++ /dev/null @@ -1,9 +0,0 @@ -dnl $Id: acinclude.m4,v 1.2 1999/03/01 13:06:21 joda Exp $ -dnl -dnl Only put things that for some reason can't live in the `cf' -dnl directory in this file. -dnl - -dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $ -dnl -define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl diff --git a/crypto/kerberosIV/aclocal.m4 b/crypto/kerberosIV/aclocal.m4 deleted file mode 100644 index 0819f16389df..000000000000 --- a/crypto/kerberosIV/aclocal.m4 +++ /dev/null @@ -1,1372 +0,0 @@ -dnl aclocal.m4 generated automatically by aclocal 1.4 - -dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. -dnl This file is free software; the Free Software Foundation -dnl gives unlimited permission to copy and/or distribute it, -dnl with or without modifications, as long as this notice is preserved. - -dnl This program is distributed in the hope that it will be useful, -dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without -dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A -dnl PARTICULAR PURPOSE. - -dnl $Id: acinclude.m4,v 1.2 1999/03/01 13:06:21 joda Exp $ -dnl -dnl Only put things that for some reason can't live in the `cf' -dnl directory in this file. -dnl - -dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $ -dnl -define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl - -dnl $Id: krb-prog-ln-s.m4,v 1.1 1997/12/14 15:59:01 joda Exp $ -dnl -dnl -dnl Better test for ln -s, ln or cp -dnl - -AC_DEFUN(AC_KRB_PROG_LN_S, -[AC_MSG_CHECKING(for ln -s or something else) -AC_CACHE_VAL(ac_cv_prog_LN_S, -[rm -f conftestdata -if ln -s X conftestdata 2>/dev/null -then - rm -f conftestdata - ac_cv_prog_LN_S="ln -s" -else - touch conftestdata1 - if ln conftestdata1 conftestdata2; then - rm -f conftestdata* - ac_cv_prog_LN_S=ln - else - ac_cv_prog_LN_S=cp - fi -fi])dnl -LN_S="$ac_cv_prog_LN_S" -AC_MSG_RESULT($ac_cv_prog_LN_S) -AC_SUBST(LN_S)dnl -]) - - -dnl $Id: krb-prog-yacc.m4,v 1.1 1997/12/14 15:59:02 joda Exp $ -dnl -dnl -dnl We prefer byacc or yacc because they do not use `alloca' -dnl - -AC_DEFUN(AC_KRB_PROG_YACC, -[AC_CHECK_PROGS(YACC, byacc yacc 'bison -y')]) - -dnl $Id: test-package.m4,v 1.7 1999/04/19 13:33:05 assar Exp $ -dnl -dnl AC_TEST_PACKAGE_NEW(package,headers,libraries,extra libs,default locations) - -AC_DEFUN(AC_TEST_PACKAGE,[AC_TEST_PACKAGE_NEW($1,[#include <$2>],$4,,$5)]) - -AC_DEFUN(AC_TEST_PACKAGE_NEW,[ -AC_ARG_WITH($1, -[ --with-$1=dir use $1 in dir]) -AC_ARG_WITH($1-lib, -[ --with-$1-lib=dir use $1 libraries in dir], -[if test "$withval" = "yes" -o "$withval" = "no"; then - AC_MSG_ERROR([No argument for --with-$1-lib]) -elif test "X$with_$1" = "X"; then - with_$1=yes -fi]) -AC_ARG_WITH($1-include, -[ --with-$1-include=dir use $1 headers in dir], -[if test "$withval" = "yes" -o "$withval" = "no"; then - AC_MSG_ERROR([No argument for --with-$1-include]) -elif test "X$with_$1" = "X"; then - with_$1=yes -fi]) - -AC_MSG_CHECKING(for $1) - -case "$with_$1" in -yes) ;; -no) ;; -"") ;; -*) if test "$with_$1_include" = ""; then - with_$1_include="$with_$1/include" - fi - if test "$with_$1_lib" = ""; then - with_$1_lib="$with_$1/lib$abilibdirext" - fi - ;; -esac -header_dirs= -lib_dirs= -d='$5' -for i in $d; do - header_dirs="$header_dirs $i/include" - lib_dirs="$lib_dirs $i/lib$abilibdirext" -done - -case "$with_$1_include" in -yes) ;; -no) ;; -*) header_dirs="$with_$1_include $header_dirs";; -esac -case "$with_$1_lib" in -yes) ;; -no) ;; -*) lib_dirs="$with_$1_lib $lib_dirs";; -esac - -save_CFLAGS="$CFLAGS" -save_LIBS="$LIBS" -ires= lres= -for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - AC_TRY_COMPILE([$2],,ires=$i;break) -done -for i in $lib_dirs; do - LIBS="-L$i $3 $4 $save_LIBS" - AC_TRY_LINK([$2],,lres=$i;break) -done -CFLAGS="$save_CFLAGS" -LIBS="$save_LIBS" - -if test "$ires" -a "$lres" -a "$with_$1" != "no"; then - $1_includedir="$ires" - $1_libdir="$lres" - INCLUDE_$1="-I$$1_includedir" - LIB_$1="-L$$1_libdir $3" - AC_DEFINE_UNQUOTED(upcase($1),1,[Define if you have the $1 package.]) - with_$1=yes - AC_MSG_RESULT([headers $ires, libraries $lres]) -else - INCLUDE_$1= - LIB_$1= - with_$1=no - AC_MSG_RESULT($with_$1) -fi -AC_SUBST(INCLUDE_$1) -AC_SUBST(LIB_$1) -]) - -dnl $Id: osfc2.m4,v 1.2 1999/03/27 17:28:16 joda Exp $ -dnl -dnl enable OSF C2 stuff - -AC_DEFUN(AC_CHECK_OSFC2,[ -AC_ARG_ENABLE(osfc2, -[ --enable-osfc2 enable some OSF C2 support]) -LIB_security= -if test "$enable_osfc2" = yes; then - AC_DEFINE(HAVE_OSFC2, 1, [Define to enable basic OSF C2 support.]) - LIB_security=-lsecurity -fi -AC_SUBST(LIB_security) -]) - -dnl $Id: mips-abi.m4,v 1.4 1998/05/16 20:44:15 joda Exp $ -dnl -dnl -dnl Check for MIPS/IRIX ABI flags. Sets $abi and $abilibdirext to some -dnl value. - -AC_DEFUN(AC_MIPS_ABI, [ -AC_ARG_WITH(mips_abi, -[ --with-mips-abi=abi ABI to use for IRIX (32, n32, or 64)]) - -case "$host_os" in -irix*) -with_mips_abi="${with_mips_abi:-yes}" -if test -n "$GCC"; then - -# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select -# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs. -# -# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old -# GCC and revert back to O32. The same goes if O32 is asked for - old -# GCCs doesn't like the -mabi option, and new GCCs can't output O32. -# -# Don't you just love *all* the different SGI ABIs? - -case "${with_mips_abi}" in - 32|o32) abi='-mabi=32'; abilibdirext='' ;; - n32|yes) abi='-mabi=n32'; abilibdirext='32' ;; - 64) abi='-mabi=64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) AC_ERROR("Invalid ABI specified") ;; -esac -if test -n "$abi" ; then -ac_foo=krb_cv_gcc_`echo $abi | tr =- __` -dnl -dnl can't use AC_CACHE_CHECK here, since it doesn't quote CACHE-ID to -dnl AC_MSG_RESULT -dnl -AC_MSG_CHECKING([if $CC supports the $abi option]) -AC_CACHE_VAL($ac_foo, [ -save_CFLAGS="$CFLAGS" -CFLAGS="$CFLAGS $abi" -AC_TRY_COMPILE(,int x;, eval $ac_foo=yes, eval $ac_foo=no) -CFLAGS="$save_CFLAGS" -]) -ac_res=`eval echo \\\$$ac_foo` -AC_MSG_RESULT($ac_res) -if test $ac_res = no; then -# Try to figure out why that failed... -case $abi in - -mabi=32) - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -mabi=n32" - AC_TRY_COMPILE(,int x;, ac_res=yes, ac_res=no) - CLAGS="$save_CFLAGS" - if test $ac_res = yes; then - # New GCC - AC_ERROR([$CC does not support the $with_mips_abi ABI]) - fi - # Old GCC - abi='' - abilibdirext='' - ;; - -mabi=n32|-mabi=64) - if test $with_mips_abi = yes; then - # Old GCC, default to O32 - abi='' - abilibdirext='' - else - # Some broken GCC - AC_ERROR([$CC does not support the $with_mips_abi ABI]) - fi - ;; -esac -fi #if test $ac_res = no; then -fi #if test -n "$abi" ; then -else -case "${with_mips_abi}" in - 32|o32) abi='-32'; abilibdirext='' ;; - n32|yes) abi='-n32'; abilibdirext='32' ;; - 64) abi='-64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) AC_ERROR("Invalid ABI specified") ;; -esac -fi #if test -n "$GCC"; then -;; -esac -]) - -dnl -dnl $Id: shared-libs.m4,v 1.4.14.3 2000/12/07 18:03:00 bg Exp $ -dnl -dnl Shared library stuff has to be different everywhere -dnl - -AC_DEFUN(AC_SHARED_LIBS, [ - -dnl Check if we want to use shared libraries -AC_ARG_ENABLE(shared, -[ --enable-shared create shared libraries for Kerberos]) - -AC_SUBST(CFLAGS)dnl -AC_SUBST(LDFLAGS)dnl - -case ${enable_shared} in - yes ) enable_shared=yes;; - no ) enable_shared=no;; - * ) enable_shared=no;; -esac - -# NOTE: Building shared libraries may not work if you do not use gcc! -# -# OS $SHLIBEXT -# HP-UX sl -# Linux so -# NetBSD so -# FreeBSD so -# OSF so -# SunOS5 so -# SunOS4 so.0.5 -# Irix so -# -# LIBEXT is the extension we should build (.a or $SHLIBEXT) -LINK='$(CC)' -AC_SUBST(LINK) -lib_deps=yes -REAL_PICFLAGS="-fpic" -LDSHARED='$(CC) $(PICFLAGS) -shared' -LIBPREFIX=lib -build_symlink_command=@true -install_symlink_command=@true -install_symlink_command2=@true -REAL_SHLIBEXT=so -changequote({,})dnl -SHLIB_VERSION=`echo $VERSION | sed 's/\([0-9.]*\).*/\1/'` -SHLIB_SONAME=`echo $VERSION | sed 's/\([0-9]*\).*/\1/'` -changequote([,])dnl -case "${host}" in -*-*-hpux*) - REAL_SHLIBEXT=sl - REAL_LD_FLAGS='-Wl,+b$(libdir)' - if test -z "$GCC"; then - LDSHARED="ld -b" - REAL_PICFLAGS="+z" - fi - lib_deps=no - ;; -*-*-linux*) - LDSHARED='$(CC) -shared -Wl,-soname,$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_LD_FLAGS='-Wl,-rpath,$(libdir)' - REAL_SHLIBEXT=so.$SHLIB_VERSION - build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so' - install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - ;; -changequote(,)dnl -*-*-freebsd[345]* | *-*-freebsdelf[345]*) -changequote([,])dnl - REAL_SHLIBEXT=so.$SHLIB_VERSION - REAL_LD_FLAGS='-Wl,-R$(libdir)' - build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so' - install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - ;; -*-*-*bsd*) - REAL_SHLIBEXT=so.$SHLIB_VERSION - LDSHARED='ld -Bshareable' - REAL_LD_FLAGS='-Wl,-R$(libdir)' - ;; -*-*-osf*) - REAL_LD_FLAGS='-Wl,-rpath,$(libdir)' - REAL_PICFLAGS= - LDSHARED='ld -shared -expect_unresolved \*' - ;; -*-*-solaris2*) - LDSHARED='$(CC) -shared -Wl,-h$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_SHLIBEXT=so.$SHLIB_VERSION - build_symlink_command='$(LN_S) [$][@] $(LIBNAME).so' - install_symlink_command='$(LN_S) $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - REAL_LD_FLAGS='-Wl,-R$(libdir)' - if test -z "$GCC"; then - LDSHARED='$(CC) -G -h$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_PICFLAGS="-Kpic" - fi - ;; -*-fujitsu-uxpv*) - REAL_LD_FLAGS='' # really: LD_RUN_PATH=$(libdir) cc -o ... - REAL_LINK='LD_RUN_PATH=$(libdir) $(CC)' - LDSHARED='$(CC) -G' - REAL_PICFLAGS="-Kpic" - lib_deps=no # fails in mysterious ways - ;; -*-*-sunos*) - REAL_SHLIBEXT=so.$SHLIB_VERSION - REAL_LD_FLAGS='-Wl,-L$(libdir)' - lib_deps=no - ;; -*-*-irix*) - libdir="${libdir}${abilibdirext}" - REAL_LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)" - LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)" - LDSHARED="\$(CC) -shared ${abi}" - REAL_PICFLAGS= - CFLAGS="${abi} ${CFLAGS}" - ;; -*-*-os2*) - LIBPREFIX= - EXECSUFFIX='.exe' - RANLIB=EMXOMF - LD_FLAGS=-Zcrtdll - REAL_SHLIBEXT=nobuild - ;; -*-*-cygwin32*) - EXECSUFFIX='.exe' - REAL_SHLIBEXT=nobuild - ;; -*) REAL_SHLIBEXT=nobuild - REAL_PICFLAGS= - ;; -esac - -if test "${enable_shared}" != "yes" ; then - PICFLAGS="" - SHLIBEXT="nobuild" - LIBEXT="a" - build_symlink_command=@true - install_symlink_command=@true - install_symlink_command2=@true -else - PICFLAGS="$REAL_PICFLAGS" - SHLIBEXT="$REAL_SHLIBEXT" - LIBEXT="$SHLIBEXT" - AC_MSG_CHECKING(whether to use -rpath) - case "$libdir" in - /lib | /usr/lib | /usr/local/lib) - AC_MSG_RESULT(no) - REAL_LD_FLAGS= - LD_FLAGS= - ;; - *) - LD_FLAGS="$REAL_LD_FLAGS" - test "$REAL_LINK" && LINK="$REAL_LINK" - AC_MSG_RESULT($LD_FLAGS) - ;; - esac -fi - -if test "$lib_deps" = yes; then - lib_deps_yes="" - lib_deps_no="# " -else - lib_deps_yes="# " - lib_deps_no="" -fi -AC_SUBST(lib_deps_yes) -AC_SUBST(lib_deps_no) - -# use supplied ld-flags, or none if `no' -if test "$with_ld_flags" = no; then - LD_FLAGS= -elif test -n "$with_ld_flags"; then - LD_FLAGS="$with_ld_flags" -fi - -AC_SUBST(REAL_PICFLAGS) dnl -AC_SUBST(REAL_SHLIBEXT) dnl -AC_SUBST(REAL_LD_FLAGS) dnl - -AC_SUBST(PICFLAGS) dnl -AC_SUBST(SHLIBEXT) dnl -AC_SUBST(LDSHARED) dnl -AC_SUBST(LD_FLAGS) dnl -AC_SUBST(LIBEXT) dnl -AC_SUBST(LIBPREFIX) dnl -AC_SUBST(EXECSUFFIX) dnl - -AC_SUBST(build_symlink_command)dnl -AC_SUBST(install_symlink_command)dnl -AC_SUBST(install_symlink_command2)dnl -]) - -dnl -dnl $Id: c-attribute.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl - -dnl -dnl Test for __attribute__ -dnl - -AC_DEFUN(AC_C___ATTRIBUTE__, [ -AC_MSG_CHECKING(for __attribute__) -AC_CACHE_VAL(ac_cv___attribute__, [ -AC_TRY_COMPILE([ -#include -], -[ -static void foo(void) __attribute__ ((noreturn)); - -static void -foo(void) -{ - exit(1); -} -], -ac_cv___attribute__=yes, -ac_cv___attribute__=no)]) -if test "$ac_cv___attribute__" = "yes"; then - AC_DEFINE(HAVE___ATTRIBUTE__, 1, [define if your compiler has __attribute__]) -fi -AC_MSG_RESULT($ac_cv___attribute__) -]) - - -dnl $Id: krb-sys-nextstep.m4,v 1.2 1998/06/03 23:48:40 joda Exp $ -dnl -dnl -dnl NEXTSTEP is not posix compliant by default, -dnl you need a switch -posix to the compiler -dnl - -AC_DEFUN(AC_KRB_SYS_NEXTSTEP, [ -AC_MSG_CHECKING(for NEXTSTEP) -AC_CACHE_VAL(krb_cv_sys_nextstep, -AC_EGREP_CPP(yes, -[#if defined(NeXT) && !defined(__APPLE__) - yes -#endif -], krb_cv_sys_nextstep=yes, krb_cv_sys_nextstep=no) ) -if test "$krb_cv_sys_nextstep" = "yes"; then - CFLAGS="$CFLAGS -posix" - LIBS="$LIBS -posix" -fi -AC_MSG_RESULT($krb_cv_sys_nextstep) -]) - -dnl $Id: krb-sys-aix.m4,v 1.1 1997/12/14 15:59:02 joda Exp $ -dnl -dnl -dnl AIX have a very different syscall convention -dnl -AC_DEFUN(AC_KRB_SYS_AIX, [ -AC_MSG_CHECKING(for AIX) -AC_CACHE_VAL(krb_cv_sys_aix, -AC_EGREP_CPP(yes, -[#ifdef _AIX - yes -#endif -], krb_cv_sys_aix=yes, krb_cv_sys_aix=no) ) -AC_MSG_RESULT($krb_cv_sys_aix) -]) - -dnl $Id: find-func-no-libs.m4,v 1.5 1999/10/30 21:08:18 assar Exp $ -dnl -dnl -dnl Look for function in any of the specified libraries -dnl - -dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments, extra libs, extra args) -AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [ -AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4], [$5], [$6])]) - -dnl $Id: find-func-no-libs2.m4,v 1.3 1999/10/30 21:09:53 assar Exp $ -dnl -dnl -dnl Look for function in any of the specified libraries -dnl - -dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments, extra libs, extra args) -AC_DEFUN(AC_FIND_FUNC_NO_LIBS2, [ - -AC_MSG_CHECKING([for $1]) -AC_CACHE_VAL(ac_cv_funclib_$1, -[ -if eval "test \"\$ac_cv_func_$1\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in $2; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS="$6 $ac_lib $5 $ac_save_LIBS" - AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break) - done - eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}" - LIBS="$ac_save_LIBS" -fi -]) - -eval "ac_res=\$ac_cv_funclib_$1" - -dnl autoheader tricks *sigh* -: << END -@@@funcs="$funcs $1"@@@ -@@@libs="$libs $2"@@@ -END - -# $1 -eval "ac_tr_func=HAVE_[]upcase($1)" -eval "ac_tr_lib=HAVE_LIB[]upcase($ac_res | sed -e 's/-l//')" -eval "LIB_$1=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_$1=yes" - eval "LIB_$1=" - AC_DEFINE_UNQUOTED($ac_tr_func) - AC_MSG_RESULT([yes]) - ;; - no) - eval "ac_cv_func_$1=no" - eval "LIB_$1=" - AC_MSG_RESULT([no]) - ;; - *) - eval "ac_cv_func_$1=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - AC_DEFINE_UNQUOTED($ac_tr_func) - AC_DEFINE_UNQUOTED($ac_tr_lib) - AC_MSG_RESULT([yes, in $ac_res]) - ;; -esac -AC_SUBST(LIB_$1) -]) - -dnl -dnl $Id: check-netinet-ip-and-tcp.m4,v 1.2 1999/05/14 13:15:40 assar Exp $ -dnl - -dnl extra magic check for netinet/{ip.h,tcp.h} because on irix 6.5.3 -dnl you have to include standards.h before including these files - -AC_DEFUN(CHECK_NETINET_IP_AND_TCP, -[ -AC_CHECK_HEADERS(standards.h) -for i in netinet/ip.h netinet/tcp.h; do - -cv=`echo "$i" | sed 'y%./+-%__p_%'` - -AC_MSG_CHECKING([for $i]) -AC_CACHE_VAL([ac_cv_header_$cv], -[AC_TRY_CPP([\ -#ifdef HAVE_STANDARDS_H -#include -#endif -#include <$i> -], -eval "ac_cv_header_$cv=yes", -eval "ac_cv_header_$cv=no")]) -AC_MSG_RESULT(`eval echo \\$ac_cv_header_$cv`) -changequote(, )dnl -if test `eval echo \\$ac_cv_header_$cv` = yes; then - ac_tr_hdr=HAVE_`echo $i | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` -changequote([, ])dnl - AC_DEFINE_UNQUOTED($ac_tr_hdr, 1) -fi -done -dnl autoheader tricks *sigh* -: << END -@@@headers="$headers netinet/ip.h netinet/tcp.h"@@@ -END - -]) - -dnl $Id: grok-type.m4,v 1.4 1999/11/29 11:16:48 joda Exp $ -dnl -AC_DEFUN(AC_GROK_TYPE, [ -AC_CACHE_VAL(ac_cv_type_$1, -AC_TRY_COMPILE([ -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif -], -$i x; -, -eval ac_cv_type_$1=yes, -eval ac_cv_type_$1=no))]) - -AC_DEFUN(AC_GROK_TYPES, [ -for i in $1; do - AC_MSG_CHECKING(for $i) - AC_GROK_TYPE($i) - eval ac_res=\$ac_cv_type_$i - if test "$ac_res" = yes; then - type=HAVE_[]upcase($i) - AC_DEFINE_UNQUOTED($type) - fi - AC_MSG_RESULT($ac_res) -done -]) - -dnl $Id: find-func.m4,v 1.1 1997/12/14 15:58:58 joda Exp $ -dnl -dnl AC_FIND_FUNC(func, libraries, includes, arguments) -AC_DEFUN(AC_FIND_FUNC, [ -AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4]) -if test -n "$LIB_$1"; then - LIBS="$LIB_$1 $LIBS" -fi -]) - -dnl -dnl See if there is any X11 present -dnl -dnl $Id: check-x.m4,v 1.2 1999/11/05 04:25:23 assar Exp $ - -AC_DEFUN(KRB_CHECK_X,[ -AC_PATH_XTRA - -# try to figure out if we need any additional ld flags, like -R -# and yes, the autoconf X test is utterly broken -if test "$no_x" != yes; then - AC_CACHE_CHECK(for special X linker flags,krb_cv_sys_x_libs_rpath,[ - ac_save_libs="$LIBS" - ac_save_cflags="$CFLAGS" - CFLAGS="$CFLAGS $X_CFLAGS" - krb_cv_sys_x_libs_rpath="" - krb_cv_sys_x_libs="" - for rflag in "" "-R" "-R " "-rpath "; do - if test "$rflag" = ""; then - foo="$X_LIBS" - else - foo="" - for flag in $X_LIBS; do - case $flag in - -L*) - foo="$foo $flag `echo $flag | sed \"s/-L/$rflag/\"`" - ;; - *) - foo="$foo $flag" - ;; - esac - done - fi - LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS" - AC_TRY_RUN([ - #include - foo() - { - XOpenDisplay(NULL); - } - main() - { - return 0; - } - ], krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break,:) - done - LIBS="$ac_save_libs" - CFLAGS="$ac_save_cflags" - ]) - X_LIBS="$krb_cv_sys_x_libs" -fi -]) - -dnl $Id: check-xau.m4,v 1.3 1999/05/14 01:17:06 assar Exp $ -dnl -dnl check for Xau{Read,Write}Auth and XauFileName -dnl -AC_DEFUN(AC_CHECK_XAU,[ -save_CFLAGS="$CFLAGS" -CFLAGS="$X_CFLAGS $CFLAGS" -save_LIBS="$LIBS" -dnl LIBS="$X_LIBS $X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -save_LDFLAGS="$LDFLAGS" -LDFLAGS="$LDFLAGS $X_LIBS" - - -AC_FIND_FUNC_NO_LIBS(XauWriteAuth, X11 Xau) -ac_xxx="$LIBS" -LIBS="$LIB_XauWriteAuth $LIBS" -AC_FIND_FUNC_NO_LIBS(XauReadAuth, X11 Xau) -LIBS="$LIB_XauReadAauth $LIBS" -AC_FIND_FUNC_NO_LIBS(XauFileName, X11 Xau) -LIBS="$ac_xxx" - -case "$ac_cv_funclib_XauWriteAuth" in -yes) ;; -no) ;; -*) if test "$ac_cv_funclib_XauReadAuth" = yes; then - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauWriteAuth $LIB_XauFileName" - fi - else - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth $LIB_XauFileName" - fi - fi - ;; -esac - -if test "$AUTOMAKE" != ""; then - AM_CONDITIONAL(NEED_WRITEAUTH, test "$ac_cv_func_XauWriteAuth" != "yes") -else - AC_SUBST(NEED_WRITEAUTH_TRUE) - AC_SUBST(NEED_WRITEAUTH_FALSE) - if test "$ac_cv_func_XauWriteAuth" != "yes"; then - NEED_WRITEAUTH_TRUE= - NEED_WRITEAUTH_FALSE='#' - else - NEED_WRITEAUTH_TRUE='#' - NEED_WRITEAUTH_FALSE= - fi -fi -CFLAGS=$save_CFLAGS -LIBS=$save_LIBS -LDFLAGS=$save_LDFLAGS -]) - -# Define a conditional. - -AC_DEFUN(AM_CONDITIONAL, -[AC_SUBST($1_TRUE) -AC_SUBST($1_FALSE) -if $2; then - $1_TRUE= - $1_FALSE='#' -else - $1_TRUE='#' - $1_FALSE= -fi]) - -dnl $Id: krb-find-db.m4,v 1.5.16.1 2000/08/16 04:11:57 assar Exp $ -dnl -dnl find a suitable database library -dnl -dnl AC_FIND_DB(libraries) -AC_DEFUN(KRB_FIND_DB, [ - -lib_dbm=no -lib_db=no - -for i in $1; do - - if test "$i"; then - m="lib$i" - l="-l$i" - else - m="libc" - l="" - fi - - AC_MSG_CHECKING(for dbm_open in $m) - AC_CACHE_VAL(ac_cv_krb_dbm_open_$m, [ - - save_LIBS="$LIBS" - LIBS="$l $LIBS" - AC_TRY_RUN([ -#include -#include -#if defined(HAVE_NDBM_H) -#include -#elif defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_DBM_H) -#include -#elif defined(HAVE_RPCSVC_DBM_H) -#include -#elif defined(HAVE_DB_H) -#define DB_DBM_HSEARCH 1 -#include -#endif -int main() -{ - DBM *d; - - d = dbm_open("conftest", O_RDWR | O_CREAT, 0666); - if(d == NULL) - return 1; - dbm_close(d); - return 0; -}], [ - if test -f conftest.db; then - ac_res=db - else - ac_res=dbm - fi], ac_res=no, ac_res=no) - - LIBS="$save_LIBS" - - eval ac_cv_krb_dbm_open_$m=$ac_res]) - eval ac_res=\$ac_cv_krb_dbm_open_$m - AC_MSG_RESULT($ac_res) - - if test "$lib_dbm" = no -a $ac_res = dbm; then - lib_dbm="$l" - elif test "$lib_db" = no -a $ac_res = db; then - lib_db="$l" - break - fi -done - -AC_MSG_CHECKING(for NDBM library) -ac_ndbm=no -if test "$lib_db" != no; then - LIB_DBM="$lib_db" - ac_ndbm=yes - AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files ending in .db).]) - if test "$LIB_DBM"; then - ac_res="yes, $LIB_DBM" - else - ac_res=yes - fi -elif test "$lib_dbm" != no; then - LIB_DBM="$lib_dbm" - ac_ndbm=yes - if test "$LIB_DBM"; then - ac_res="yes, $LIB_DBM" - else - ac_res=yes - fi -else - LIB_DBM="" - ac_res=no -fi -test "$ac_ndbm" = yes && AC_DEFINE(NDBM, 1, [Define if you have NDBM (and not DBM)])dnl -AC_SUBST(LIB_DBM) -DBLIB="$LIB_DBM" -AC_SUBST(DBLIB) -AC_MSG_RESULT($ac_res) - -]) - -dnl $Id: broken-snprintf.m4,v 1.3 1999/03/01 09:52:22 joda Exp $ -dnl -AC_DEFUN(AC_BROKEN_SNPRINTF, [ -AC_CACHE_CHECK(for working snprintf,ac_cv_func_snprintf_working, -ac_cv_func_snprintf_working=yes -AC_TRY_RUN([ -#include -#include -int main() -{ -changequote(`,')dnl - char foo[3]; -changequote([,])dnl - snprintf(foo, 2, "12"); - return strcmp(foo, "1"); -}],:,ac_cv_func_snprintf_working=no,:)) - -if test "$ac_cv_func_snprintf_working" = yes; then - AC_DEFINE_UNQUOTED(HAVE_SNPRINTF, 1, [define if you have a working snprintf]) -fi -if test "$ac_cv_func_snprintf_working" = yes; then -AC_NEED_PROTO([#include ],snprintf) -fi -]) - -AC_DEFUN(AC_BROKEN_VSNPRINTF,[ -AC_CACHE_CHECK(for working vsnprintf,ac_cv_func_vsnprintf_working, -ac_cv_func_vsnprintf_working=yes -AC_TRY_RUN([ -#include -#include -#include - -int foo(int num, ...) -{ -changequote(`,')dnl - char bar[3]; -changequote([,])dnl - va_list arg; - va_start(arg, num); - vsnprintf(bar, 2, "%s", arg); - va_end(arg); - return strcmp(bar, "1"); -} - - -int main() -{ - return foo(0, "12"); -}],:,ac_cv_func_vsnprintf_working=no,:)) - -if test "$ac_cv_func_vsnprintf_working" = yes; then - AC_DEFINE_UNQUOTED(HAVE_VSNPRINTF, 1, [define if you have a working vsnprintf]) -fi -if test "$ac_cv_func_vsnprintf_working" = yes; then -AC_NEED_PROTO([#include ],vsnprintf) -fi -]) - -dnl $Id: need-proto.m4,v 1.2 1999/03/01 09:52:24 joda Exp $ -dnl -dnl -dnl Check if we need the prototype for a function -dnl - -dnl AC_NEED_PROTO(includes, function) - -AC_DEFUN(AC_NEED_PROTO, [ -if test "$ac_cv_func_$2+set" != set -o "$ac_cv_func_$2" = yes; then -AC_CACHE_CHECK([if $2 needs a prototype], ac_cv_func_$2_noproto, -AC_TRY_COMPILE([$1], -[struct foo { int foo; } xx; -extern int $2 (struct foo*); -$2(&xx); -], -eval "ac_cv_func_$2_noproto=yes", -eval "ac_cv_func_$2_noproto=no")) -define([foo], [NEED_]translit($2, [a-z], [A-Z])[_PROTO]) -if test "$ac_cv_func_$2_noproto" = yes; then - AC_DEFINE(foo, 1, [define if the system is missing a prototype for $2()]) -fi -undefine([foo]) -fi -]) - -dnl $Id: broken-glob.m4,v 1.2 1999/03/01 09:52:15 joda Exp $ -dnl -dnl check for glob(3) -dnl -AC_DEFUN(AC_BROKEN_GLOB,[ -AC_CACHE_CHECK(for working glob, ac_cv_func_glob_working, -ac_cv_func_glob_working=yes -AC_TRY_LINK([ -#include -#include ],[ -glob(NULL, GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE, NULL, NULL); -],:,ac_cv_func_glob_working=no,:)) - -if test "$ac_cv_func_glob_working" = yes; then - AC_DEFINE(HAVE_GLOB, 1, [define if you have a glob() that groks - GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, and GLOB_TILDE]) -fi -if test "$ac_cv_func_glob_working" = yes; then -AC_NEED_PROTO([#include -#include ],glob) -fi -]) - -dnl -dnl $Id: capabilities.m4,v 1.2 1999/09/01 11:02:26 joda Exp $ -dnl - -dnl -dnl Test SGI capabilities -dnl - -AC_DEFUN(KRB_CAPABILITIES,[ - -AC_CHECK_HEADERS(capability.h sys/capability.h) - -AC_CHECK_FUNCS(sgi_getcapabilitybyname cap_set_proc) -]) - -dnl $Id: check-getpwnam_r-posix.m4,v 1.2 1999/03/23 16:47:31 joda Exp $ -dnl -dnl check for getpwnam_r, and if it's posix or not - -AC_DEFUN(AC_CHECK_GETPWNAM_R_POSIX,[ -AC_FIND_FUNC_NO_LIBS(getpwnam_r,c_r) -if test "$ac_cv_func_getpwnam_r" = yes; then - AC_CACHE_CHECK(if getpwnam_r is posix,ac_cv_func_getpwnam_r_posix, - ac_libs="$LIBS" - LIBS="$LIBS $LIB_getpwnam_r" - AC_TRY_RUN([ -#include -int main() -{ - struct passwd pw, *pwd; - return getpwnam_r("", &pw, NULL, 0, &pwd) < 0; -} -],ac_cv_func_getpwnam_r_posix=yes,ac_cv_func_getpwnam_r_posix=no,:) -LIBS="$ac_libs") -if test "$ac_cv_func_getpwnam_r_posix" = yes; then - AC_DEFINE(POSIX_GETPWNAM_R, 1, [Define if getpwnam_r has POSIX flavour.]) -fi -fi -]) -dnl -dnl $Id: krb-func-getlogin.m4,v 1.1 1999/07/13 17:45:30 assar Exp $ -dnl -dnl test for POSIX (broken) getlogin -dnl - - -AC_DEFUN(AC_FUNC_GETLOGIN, [ -AC_CHECK_FUNCS(getlogin setlogin) -if test "$ac_cv_func_getlogin" = yes; then -AC_CACHE_CHECK(if getlogin is posix, ac_cv_func_getlogin_posix, [ -if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then - ac_cv_func_getlogin_posix=no -else - ac_cv_func_getlogin_posix=yes -fi -]) -if test "$ac_cv_func_getlogin_posix" = yes; then - AC_DEFINE(POSIX_GETLOGIN, 1, [Define if getlogin has POSIX flavour (and not BSD).]) -fi -fi -]) - -dnl $Id: find-if-not-broken.m4,v 1.2 1998/03/16 22:16:27 joda Exp $ -dnl -dnl -dnl Mix between AC_FIND_FUNC and AC_BROKEN -dnl - -AC_DEFUN(AC_FIND_IF_NOT_BROKEN, -[AC_FIND_FUNC([$1], [$2], [$3], [$4]) -if eval "test \"$ac_cv_func_$1\" != yes"; then -LIBOBJS[]="$LIBOBJS $1.o" -fi -AC_SUBST(LIBOBJS)dnl -]) - -dnl $Id: broken.m4,v 1.3 1998/03/16 22:16:19 joda Exp $ -dnl -dnl -dnl Same as AC _REPLACE_FUNCS, just define HAVE_func if found in normal -dnl libraries - -AC_DEFUN(AC_BROKEN, -[for ac_func in $1 -do -AC_CHECK_FUNC($ac_func, [ -ac_tr_func=HAVE_[]upcase($ac_func) -AC_DEFINE_UNQUOTED($ac_tr_func)],[LIBOBJS[]="$LIBOBJS ${ac_func}.o"]) -dnl autoheader tricks *sigh* -: << END -@@@funcs="$funcs $1"@@@ -END -done -AC_SUBST(LIBOBJS)dnl -]) - -dnl $Id: krb-func-getcwd-broken.m4,v 1.2 1999/03/01 13:03:32 joda Exp $ -dnl -dnl -dnl test for broken getcwd in (SunOS braindamage) -dnl - -AC_DEFUN(AC_KRB_FUNC_GETCWD_BROKEN, [ -if test "$ac_cv_func_getcwd" = yes; then -AC_MSG_CHECKING(if getcwd is broken) -AC_CACHE_VAL(ac_cv_func_getcwd_broken, [ -ac_cv_func_getcwd_broken=no - -AC_TRY_RUN([ -#include -char *getcwd(char*, int); - -void *popen(char *cmd, char *mode) -{ - errno = ENOTTY; - return 0; -} - -int main() -{ - char *ret; - ret = getcwd(0, 1024); - if(ret == 0 && errno == ENOTTY) - return 0; - return 1; -} -], ac_cv_func_getcwd_broken=yes,:,:) -]) -if test "$ac_cv_func_getcwd_broken" = yes; then - AC_DEFINE(BROKEN_GETCWD, 1, [Define if getcwd is broken (like in SunOS 4).])dnl - LIBOBJS="$LIBOBJS getcwd.o" - AC_SUBST(LIBOBJS)dnl - AC_MSG_RESULT($ac_cv_func_getcwd_broken) -else - AC_MSG_RESULT([seems ok]) -fi -fi -]) - -dnl $Id: proto-compat.m4,v 1.3 1999/03/01 13:03:48 joda Exp $ -dnl -dnl -dnl Check if the prototype of a function is compatible with another one -dnl - -dnl AC_PROTO_COMPAT(includes, function, prototype) - -AC_DEFUN(AC_PROTO_COMPAT, [ -AC_CACHE_CHECK([if $2 is compatible with system prototype], -ac_cv_func_$2_proto_compat, -AC_TRY_COMPILE([$1], -[$3;], -eval "ac_cv_func_$2_proto_compat=yes", -eval "ac_cv_func_$2_proto_compat=no")) -define([foo], translit($2, [a-z], [A-Z])[_PROTO_COMPATIBLE]) -if test "$ac_cv_func_$2_proto_compat" = yes; then - AC_DEFINE(foo, 1, [define if prototype of $2 is compatible with - $3]) -fi -undefine([foo]) -]) -dnl $Id: check-var.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl -dnl AC_CHECK_VAR(includes, variable) -AC_DEFUN(AC_CHECK_VAR, [ -AC_MSG_CHECKING(for $2) -AC_CACHE_VAL(ac_cv_var_$2, [ -AC_TRY_LINK([extern int $2; -int foo() { return $2; }], - [foo()], - ac_cv_var_$2=yes, ac_cv_var_$2=no) -]) -define([foo], [HAVE_]translit($2, [a-z], [A-Z])) - -AC_MSG_RESULT(`eval echo \\$ac_cv_var_$2`) -if test `eval echo \\$ac_cv_var_$2` = yes; then - AC_DEFINE_UNQUOTED(foo, 1, [define if you have $2]) - AC_CHECK_DECLARATION([$1],[$2]) -fi -undefine([foo]) -]) - -dnl $Id: check-declaration.m4,v 1.3 1999/03/01 13:03:08 joda Exp $ -dnl -dnl -dnl Check if we need the declaration of a variable -dnl - -dnl AC_HAVE_DECLARATION(includes, variable) -AC_DEFUN(AC_CHECK_DECLARATION, [ -AC_MSG_CHECKING([if $2 is properly declared]) -AC_CACHE_VAL(ac_cv_var_$2_declaration, [ -AC_TRY_COMPILE([$1 -extern struct { int foo; } $2;], -[$2.foo = 1;], -eval "ac_cv_var_$2_declaration=no", -eval "ac_cv_var_$2_declaration=yes") -]) - -define(foo, [HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION]) - -AC_MSG_RESULT($ac_cv_var_$2_declaration) -if eval "test \"\$ac_cv_var_$2_declaration\" = yes"; then - AC_DEFINE(foo, 1, [define if your system declares $2]) -fi -undefine([foo]) -]) - -dnl $Id: have-struct-field.m4,v 1.6 1999/07/29 01:44:32 assar Exp $ -dnl -dnl check for fields in a structure -dnl -dnl AC_HAVE_STRUCT_FIELD(struct, field, headers) - -AC_DEFUN(AC_HAVE_STRUCT_FIELD, [ -define(cache_val, translit(ac_cv_type_$1_$2, [A-Z ], [a-z_])) -AC_CACHE_CHECK([for $2 in $1], cache_val,[ -AC_TRY_COMPILE([$3],[$1 x; x.$2;], -cache_val=yes, -cache_val=no)]) -if test "$cache_val" = yes; then - define(foo, translit(HAVE_$1_$2, [a-z ], [A-Z_])) - AC_DEFINE(foo, 1, [Define if $1 has field $2.]) - undefine([foo]) -fi -undefine([cache_val]) -]) - -dnl $Id: have-type.m4,v 1.4 1999/07/24 19:23:01 assar Exp $ -dnl -dnl check for existance of a type - -dnl AC_HAVE_TYPE(TYPE,INCLUDES) -AC_DEFUN(AC_HAVE_TYPE, [ -cv=`echo "$1" | sed 'y%./+- %__p__%'` -AC_MSG_CHECKING(for $1) -AC_CACHE_VAL([ac_cv_type_$cv], -AC_TRY_COMPILE( -[#include -#if STDC_HEADERS -#include -#include -#endif -$2], -[$1 foo;], -eval "ac_cv_type_$cv=yes", -eval "ac_cv_type_$cv=no"))dnl -AC_MSG_RESULT(`eval echo \\$ac_cv_type_$cv`) -if test `eval echo \\$ac_cv_type_$cv` = yes; then - ac_tr_hdr=HAVE_`echo $1 | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -dnl autoheader tricks *sigh* -define(foo,translit($1, [ ], [_])) -: << END -@@@funcs="$funcs foo"@@@ -END -undefine([foo]) - AC_DEFINE_UNQUOTED($ac_tr_hdr, 1) -fi -]) - -dnl $Id: krb-struct-spwd.m4,v 1.3 1999/07/13 21:04:11 assar Exp $ -dnl -dnl Test for `struct spwd' - -AC_DEFUN(AC_KRB_STRUCT_SPWD, [ -AC_MSG_CHECKING(for struct spwd) -AC_CACHE_VAL(ac_cv_struct_spwd, [ -AC_TRY_COMPILE( -[#include -#ifdef HAVE_SHADOW_H -#include -#endif], -[struct spwd foo;], -ac_cv_struct_spwd=yes, -ac_cv_struct_spwd=no) -]) -AC_MSG_RESULT($ac_cv_struct_spwd) - -if test "$ac_cv_struct_spwd" = "yes"; then - AC_DEFINE(HAVE_STRUCT_SPWD, 1, [define if you have struct spwd]) -fi -]) - -dnl $Id: krb-struct-winsize.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl -dnl -dnl Search for struct winsize -dnl - -AC_DEFUN(AC_KRB_STRUCT_WINSIZE, [ -AC_MSG_CHECKING(for struct winsize) -AC_CACHE_VAL(ac_cv_struct_winsize, [ -ac_cv_struct_winsize=no -for i in sys/termios.h sys/ioctl.h; do -AC_EGREP_HEADER( -changequote(, )dnl -struct[ ]*winsize,dnl -changequote([,])dnl -$i, ac_cv_struct_winsize=yes; break)dnl -done -]) -if test "$ac_cv_struct_winsize" = "yes"; then - AC_DEFINE(HAVE_STRUCT_WINSIZE, 1, [define if struct winsize is declared in sys/termios.h]) -fi -AC_MSG_RESULT($ac_cv_struct_winsize) -AC_EGREP_HEADER(ws_xpixel, termios.h, - AC_DEFINE(HAVE_WS_XPIXEL, 1, [define if struct winsize has ws_xpixel])) -AC_EGREP_HEADER(ws_ypixel, termios.h, - AC_DEFINE(HAVE_WS_YPIXEL, 1, [define if struct winsize has ws_ypixel])) -]) - -dnl $Id: check-type-extra.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl -dnl ac_check_type + extra headers - -dnl AC_CHECK_TYPE_EXTRA(TYPE, DEFAULT, HEADERS) -AC_DEFUN(AC_CHECK_TYPE_EXTRA, -[AC_REQUIRE([AC_HEADER_STDC])dnl -AC_MSG_CHECKING(for $1) -AC_CACHE_VAL(ac_cv_type_$1, -[AC_EGREP_CPP(dnl -changequote(<<,>>)dnl -<<$1[^a-zA-Z_0-9]>>dnl -changequote([,]), [#include -#if STDC_HEADERS -#include -#include -#endif -$3], ac_cv_type_$1=yes, ac_cv_type_$1=no)])dnl -AC_MSG_RESULT($ac_cv_type_$1) -if test $ac_cv_type_$1 = no; then - AC_DEFINE($1, $2, [Define this to what the type $1 should be.]) -fi -]) - -dnl $Id: krb-version.m4,v 1.1 1997/12/14 15:59:03 joda Exp $ -dnl -dnl -dnl output a C header-file with some version strings -dnl -AC_DEFUN(AC_KRB_VERSION,[ -dnl AC_OUTPUT_COMMANDS([ -cat > include/newversion.h.in </dev/null | sed 1q` - Date=`date` - mv -f include/newversion.h.in include/version.h.in - sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h -fi -dnl ],host=$host PACKAGE=$PACKAGE VERSION=$VERSION) -]) - diff --git a/crypto/kerberosIV/admin/Makefile.in b/crypto/kerberosIV/admin/Makefile.in deleted file mode 100644 index 31de19d6a914..000000000000 --- a/crypto/kerberosIV/admin/Makefile.in +++ /dev/null @@ -1,102 +0,0 @@ -# $Id: Makefile.in,v 1.32 1999/03/10 19:01:10 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -LIBS = @LIBS@ -LIB_DBM = @LIB_DBM@ - -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ - -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -sbindir = @sbindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROGS = ext_srvtab$(EXECSUFFIX) \ - kdb_destroy$(EXECSUFFIX) \ - kdb_edit$(EXECSUFFIX) \ - kdb_init$(EXECSUFFIX) \ - kdb_util$(EXECSUFFIX) \ - kstash$(EXECSUFFIX) - -SOURCES = ext_srvtab.c kdb_destroy.c kdb_edit.c \ - kdb_init.c kdb_util.c kstash.c - -OBJECTS = ext_srvtab.o kdb_destroy.o kdb_edit.o \ - kdb_init.o kdb_util.o kstash.o - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(sbindir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(sbindir)/`echo $$x|sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(sbindir)/`echo $$x|sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../lib/kdb -lkdb -L../lib/krb -lkrb -L../lib/des -ldes -LIBROKEN= -L../lib/roken -lroken - -ext_srvtab$(EXECSUFFIX): ext_srvtab.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ ext_srvtab.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) - -kdb_destroy$(EXECSUFFIX): kdb_destroy.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_destroy.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) - -kdb_edit$(EXECSUFFIX): kdb_edit.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_edit.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) - -kdb_init$(EXECSUFFIX): kdb_init.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_init.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) - -kdb_util$(EXECSUFFIX): kdb_util.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_util.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) - -kstash$(EXECSUFFIX): kstash.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kstash.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) - -$(OBJECTS): ../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/admin/adm_locl.h b/crypto/kerberosIV/admin/adm_locl.h deleted file mode 100644 index b427a2de2774..000000000000 --- a/crypto/kerberosIV/admin/adm_locl.h +++ /dev/null @@ -1,88 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: adm_locl.h,v 1.17 1999/12/02 16:58:27 joda Exp $ */ -/* $FreeBSD$ */ - -#ifndef __adm_locl_h -#define __adm_locl_h - -#include "config.h" -#include "protos.h" - -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif /* !TIME_WITH_SYS_TIME */ - -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#include -#include - -#ifdef HAVE_NETINET_IN_H -#include -#endif - -#include - -#include - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include -#include -#include -#include - -#endif /* __adm_locl_h */ diff --git a/crypto/kerberosIV/admin/ext_srvtab.c b/crypto/kerberosIV/admin/ext_srvtab.c deleted file mode 100644 index 5cab583131be..000000000000 --- a/crypto/kerberosIV/admin/ext_srvtab.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Description - */ - -#include "adm_locl.h" - -RCSID("$Id: ext_srvtab.c,v 1.18 1999/09/16 20:37:20 assar Exp $"); - -static des_cblock master_key; -static des_cblock session_key; -static des_key_schedule master_key_schedule; -static char realm[REALM_SZ]; - -static void -StampOutSecrets(void) -{ - memset(master_key, 0, sizeof master_key); - memset(session_key, 0, sizeof session_key); - memset(master_key_schedule, 0, sizeof master_key_schedule); -} - -static void -usage(void) -{ - fprintf(stderr, - "Usage: %s [-n] [-r realm] instance [instance ...]\n", - __progname); - StampOutSecrets(); - exit(1); -} - -static void -FWrite(void *p, int size, int n, FILE *f) -{ - if (fwrite(p, size, n, f) != n) { - StampOutSecrets(); - errx(1, "Error writing output file. Terminating.\n"); - } -} - -int -main(int argc, char **argv) -{ - FILE *fout; - char fname[1024]; - int fopen_errs = 0; - int arg; - Principal princs[40]; - int more; - int prompt = KDB_GET_PROMPT; - int n, i; - - set_progname (argv[0]); - memset(realm, 0, sizeof(realm)); - -#ifdef HAVE_ATEXIT - atexit(StampOutSecrets); -#endif - - /* Parse commandline arguments */ - if (argc < 2) - usage(); - else { - for (i = 1; i < argc; i++) { - if (strcmp(argv[i], "-n") == 0) - prompt = FALSE; - else if (strcmp(argv[i], "-r") == 0) { - if (++i >= argc) - usage(); - else { - strlcpy(realm, argv[i], REALM_SZ); - /* - * This is to humor the broken way commandline - * argument parsing is done. Later, this - * program ignores everything that starts with -. - */ - argv[i][0] = '-'; - } - } - else if (argv[i][0] == '-') - usage(); - else - if (!k_isinst(argv[i])) { - warnx("bad instance name: %s", argv[i]); - usage(); - } - } - } - - if (kdb_get_master_key (prompt, &master_key, master_key_schedule) != 0) - errx (1, "Couldn't read master key."); - - if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) { - exit(1); - } - - /* For each arg, search for instances of arg, and produce */ - /* srvtab file */ - if (!realm[0]) - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - StampOutSecrets(); - errx (1, "couldn't get local realm"); - } - umask(077); - - for (arg = 1; arg < argc; arg++) { - if (argv[arg][0] == '-') - continue; - snprintf(fname, sizeof(fname), "%s-new-srvtab", argv[arg]); - if ((fout = fopen(fname, "w")) == NULL) { - warn("Couldn't create file '%s'.", fname); - fopen_errs++; - continue; - } - printf("Generating '%s'....\n", fname); - n = kerb_get_principal("*", argv[arg], &princs[0], 40, &more); - if (more) - fprintf(stderr, "More than 40 found...\n"); - for (i = 0; i < n; i++) { - FWrite(princs[i].name, strlen(princs[i].name) + 1, 1, fout); - FWrite(princs[i].instance, strlen(princs[i].instance) + 1, - 1, fout); - FWrite(realm, strlen(realm) + 1, 1, fout); - FWrite(&princs[i].key_version, - sizeof(princs[i].key_version), 1, fout); - copy_to_key(&princs[i].key_low, &princs[i].key_high, session_key); - kdb_encrypt_key (&session_key, &session_key, - &master_key, master_key_schedule, DES_DECRYPT); - FWrite(session_key, sizeof session_key, 1, fout); - } - fclose(fout); - } - StampOutSecrets(); - return fopen_errs; /* 0 errors if successful */ -} diff --git a/crypto/kerberosIV/admin/kdb_destroy.c b/crypto/kerberosIV/admin/kdb_destroy.c deleted file mode 100644 index ec4a5d008776..000000000000 --- a/crypto/kerberosIV/admin/kdb_destroy.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Description. - */ - -#include "adm_locl.h" - -RCSID("$Id: kdb_destroy.c,v 1.9 1998/06/09 19:24:13 joda Exp $"); - -int -main(int argc, char **argv) -{ - char answer[10]; /* user input */ -#ifdef HAVE_NEW_DB - char *file; /* database file names */ -#else - char *file1, *file2; /* database file names */ -#endif - - set_progname (argv[0]); - -#ifdef HAVE_NEW_DB - asprintf(&file, "%s.db", DBM_FILE); - if (file == NULL) - err (1, "malloc"); -#else - asprintf(&file1, "%s.dir", DBM_FILE); - asprintf(&file2, "%s.pag", DBM_FILE); - if (file1 == NULL || file2 == NULL) - err (1, "malloc"); -#endif - - printf("You are about to destroy the Kerberos database "); - printf("on this machine.\n"); - printf("Are you sure you want to do this (y/n)? "); - if (fgets(answer, sizeof(answer), stdin) != NULL - && (answer[0] == 'y' || answer[0] == 'Y')) { -#ifdef HAVE_NEW_DB - if (unlink(file) == 0) -#else - if (unlink(file1) == 0 && unlink(file2) == 0) -#endif - { - warnx ("Database deleted at %s", DBM_FILE); - return 0; - } - else - warn ("Database cannot be deleted at %s", DBM_FILE); - } else - warnx ("Database not deleted at %s", DBM_FILE); - return 1; -} diff --git a/crypto/kerberosIV/admin/kdb_edit.c b/crypto/kerberosIV/admin/kdb_edit.c deleted file mode 100644 index 1c1f95c92e15..000000000000 --- a/crypto/kerberosIV/admin/kdb_edit.c +++ /dev/null @@ -1,401 +0,0 @@ -/* - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * . - * - * This routine changes the Kerberos encryption keys for principals, - * i.e., users or services. - */ -/* $FreeBSD$ */ - -/* - * exit returns 0 ==> success -1 ==> error - */ - -#include "adm_locl.h" - -RCSID("$Id: kdb_edit.c,v 1.28 1999/09/16 20:37:21 assar Exp $"); - -#ifdef DEBUG -extern kerb_debug; -#endif - -static int nflag = 0; -static int debug; - -static des_cblock new_key; - -static int i, j; -static int more; - -static char input_name[ANAME_SZ]; -static char input_instance[INST_SZ]; - -#define MAX_PRINCIPAL 10 -static Principal principal_data[MAX_PRINCIPAL]; - -static Principal old_principal; -static Principal default_princ; - -static des_cblock master_key; -static des_cblock session_key; -static des_key_schedule master_key_schedule; -static char pw_str[255]; -static long master_key_version; - -static void -Usage(void) -{ - fprintf(stderr, "Usage: %s [-n]\n", __progname); - exit(1); -} - -static char * -n_gets(char *buf, int size) -{ - char *p; - char *ret; - ret = fgets(buf, size, stdin); - - if (ret && (p = strchr(buf, '\n'))) - *p = 0; - return ret; -} - - -static int -change_principal(void) -{ - static char temp[255]; - int creating = 0; - int editpw = 0; - int changed = 0; - long temp_long; /* Don't change to int32_t, used by scanf */ - struct tm edate; - - fprintf(stdout, "\nPrincipal name: "); - fflush(stdout); - if (!n_gets(input_name, sizeof(input_name)) || *input_name == '\0') - return 0; - fprintf(stdout, "Instance: "); - fflush(stdout); - /* instance can be null */ - n_gets(input_instance, sizeof(input_instance)); - j = kerb_get_principal(input_name, input_instance, principal_data, - MAX_PRINCIPAL, &more); - if (!j) { - fprintf(stdout, "\n\07\07, Create [y] ? "); - fflush(stdout); - n_gets(temp, sizeof(temp)); /* Default case should work, it didn't */ - if (temp[0] != 'y' && temp[0] != 'Y' && temp[0] != '\0') - return -1; - /* make a new principal, fill in defaults */ - j = 1; - creating = 1; - strlcpy(principal_data[0].name, - input_name, - ANAME_SZ); - strlcpy(principal_data[0].instance, - input_instance, - INST_SZ); - principal_data[0].old = NULL; - principal_data[0].exp_date = default_princ.exp_date; - if (strcmp(input_instance, "admin") == 0) - principal_data[0].max_life = 1 + (CLOCK_SKEW/(5*60)); /*5+5 minutes*/ - else if (strcmp(input_instance, "root") == 0) - principal_data[0].max_life = 96; /* 8 hours */ - else - principal_data[0].max_life = default_princ.max_life; - principal_data[0].attributes = default_princ.attributes; - principal_data[0].kdc_key_ver = (unsigned char) master_key_version; - principal_data[0].key_version = 0; /* bumped up later */ - } - *principal_data[0].exp_date_txt = '\0'; - for (i = 0; i < j; i++) { - for (;;) { - fprintf(stdout, - "\nPrincipal: %s, Instance: %s, kdc_key_ver: %d", - principal_data[i].name, principal_data[i].instance, - principal_data[i].kdc_key_ver); - fflush(stdout); - editpw = 1; - changed = 0; - if (!creating) { - /* - * copy the existing data so we can use the old values - * for the qualifier clause of the replace - */ - principal_data[i].old = (char *) &old_principal; - memcpy(&old_principal, &principal_data[i], - sizeof(old_principal)); - printf("\nChange password [n] ? "); - n_gets(temp, sizeof(temp)); - if (strcmp("y", temp) && strcmp("Y", temp)) - editpw = 0; - } - /* password */ - if (editpw) { -#ifdef NOENCRYPTION - placebo_read_pw_string(pw_str, sizeof pw_str, - "\nNew Password: ", TRUE); -#else - if(des_read_pw_string(pw_str, sizeof pw_str, - "\nNew Password: ", TRUE)) - continue; -#endif - if ( strcmp(pw_str, "RANDOM") == 0 - || strcmp(pw_str, "") == 0) { - printf("\nRandom password [y] ? "); - n_gets(temp, sizeof(temp)); - if (!strcmp("n", temp) || !strcmp("N", temp)) { - /* no, use literal */ -#ifdef NOENCRYPTION - memset(new_key, 0, sizeof(des_cblock)); - new_key[0] = 127; -#else - des_string_to_key(pw_str, &new_key); -#endif - memset(pw_str, 0, sizeof pw_str); /* "RANDOM" */ - } else { -#ifdef NOENCRYPTION - memset(new_key, 0, sizeof(des_cblock)); - new_key[0] = 127; -#else - des_random_key(new_key); -#endif - memset(pw_str, 0, sizeof pw_str); - } - } else if (!strcmp(pw_str, "NULL")) { - printf("\nNull Key [y] ? "); - n_gets(temp, sizeof(temp)); - if (!strcmp("n", temp) || !strcmp("N", temp)) { - /* no, use literal */ -#ifdef NOENCRYPTION - memset(new_key, 0, sizeof(des_cblock)); - new_key[0] = 127; -#else - des_string_to_key(pw_str, &new_key); -#endif - memset(pw_str, 0, sizeof pw_str); /* "NULL" */ - } else { - - principal_data[i].key_low = 0; - principal_data[i].key_high = 0; - goto null_key; - } - } else { -#ifdef NOENCRYPTION - memset(new_key, 0, sizeof(des_cblock)); - new_key[0] = 127; -#else - des_string_to_key(pw_str, &new_key); -#endif - memset(pw_str, 0, sizeof pw_str); - } - - /* seal it under the kerberos master key */ - kdb_encrypt_key (&new_key, &new_key, - &master_key, master_key_schedule, - DES_ENCRYPT); - copy_from_key(new_key, - &principal_data[i].key_low, - &principal_data[i].key_high); - memset(new_key, 0, sizeof(new_key)); - null_key: - /* set master key version */ - principal_data[i].kdc_key_ver = - (unsigned char) master_key_version; - /* bump key version # */ - principal_data[i].key_version++; - fprintf(stdout, - "\nPrincipal's new key version = %d\n", - principal_data[i].key_version); - fflush(stdout); - changed = 1; - } - /* expiration date */ - { - char d[DATE_SZ]; - struct tm *tm; - tm = k_localtime(&principal_data[i].exp_date); - strftime(d, sizeof(d), "%Y-%m-%d", tm); - while(1) { - printf("Expiration date (yyyy-mm-dd) [ %s ] ? ", d); - fflush(stdout); - if(n_gets(temp, sizeof(temp)) == NULL) { - printf("Invalid date.\n"); - continue; - } - if (*temp) { - memset(&edate, 0, sizeof(edate)); - if (sscanf(temp, "%d-%d-%d", &edate.tm_year, - &edate.tm_mon, &edate.tm_mday) != 3) { - printf("Invalid date.\n"); - continue; - } - edate.tm_mon--; /* January is 0, not 1 */ - edate.tm_hour = 23; /* at the end of the */ - edate.tm_min = 59; /* specified day */ - if (krb_check_tm (edate)) { - printf("Invalid date.\n"); - continue; - } - edate.tm_year -= 1900; - principal_data[i].exp_date = tm2time (edate, 1); - changed = 1; - } - break; - } - } - - /* maximum lifetime */ - fprintf(stdout, "Max ticket lifetime (*5 minutes) [ %d ] ? ", - principal_data[i].max_life); - fflush(stdout); - while (n_gets(temp, sizeof(temp)) && *temp) { - if (sscanf(temp, "%ld", &temp_long) != 1) - goto bad_life; - if (temp_long > 255 || (temp_long < 0)) { - bad_life: - fprintf(stdout, "\07\07Invalid, choose 0-255\n"); - fprintf(stdout, - "Max ticket lifetime (*5 minutes) [ %d ] ? ", - principal_data[i].max_life); - fflush(stdout); - continue; - } - changed = 1; - /* dont clobber */ - principal_data[i].max_life = (unsigned short) temp_long; - break; - } - - /* attributes */ - fprintf(stdout, "Attributes [ %d ] ? ", - principal_data[i].attributes); - fflush(stdout); - while (n_gets(temp, sizeof(temp)) && *temp) { - if (sscanf(temp, "%ld", &temp_long) != 1) - goto bad_att; - if (temp_long > 65535 || (temp_long < 0)) { - bad_att: - fprintf(stdout, "Invalid, choose 0-65535\n"); - fprintf(stdout, "Attributes [ %d ] ? ", - principal_data[i].attributes); - fflush(stdout); - continue; - } - changed = 1; - /* dont clobber */ - principal_data[i].attributes = - (unsigned short) temp_long; - break; - } - - /* - * remaining fields -- key versions and mod info, should - * not be directly manipulated - */ - if (changed) { - if (kerb_put_principal(&principal_data[i], 1)) { - fprintf(stdout, - "\nError updating Kerberos database"); - } else { - fprintf(stdout, "Edit O.K."); - } - } else { - fprintf(stdout, "Unchanged"); - } - - - memset(&principal_data[i].key_low, 0, 4); - memset(&principal_data[i].key_high, 0, 4); - fflush(stdout); - break; - } - } - if (more) { - fprintf(stdout, "\nThere were more tuples found "); - fprintf(stdout, "than there were space for"); - } - return 1; -} - -static void -cleanup(void) -{ - - memset(master_key, 0, sizeof(master_key)); - memset(session_key, 0, sizeof(session_key)); - memset(master_key_schedule, 0, sizeof(master_key_schedule)); - memset(principal_data, 0, sizeof(principal_data)); - memset(new_key, 0, sizeof(new_key)); - memset(pw_str, 0, sizeof(pw_str)); -} - -int -main(int argc, char **argv) -{ - /* Local Declarations */ - - long n; - - set_progname (argv[0]); - - while (--argc > 0 && (*++argv)[0] == '-') - for (i = 1; argv[0][i] != '\0'; i++) { - switch (argv[0][i]) { - - /* debug flag */ - case 'd': - debug = 1; - continue; - - /* debug flag */ -#ifdef DEBUG - case 'l': - kerb_debug |= 1; - continue; -#endif - case 'n': /* read MKEYFILE for master key */ - nflag = 1; - continue; - - default: - warnx ("illegal flag \"%c\"", argv[0][i]); - Usage(); /* Give message and die */ - } - } - - fprintf(stdout, "Opening database...\n"); - fflush(stdout); - kerb_init(); - if (argc > 0) - if (kerb_db_set_name(*argv) != 0) - errx (1, "Could not open altername database name"); - - if (kdb_get_master_key ((nflag == 0) ? KDB_GET_PROMPT : 0, - &master_key, master_key_schedule) != 0) - errx (1, "Couldn't read master key."); - - if ((master_key_version = kdb_verify_master_key(&master_key, - master_key_schedule, - stdout)) < 0) - return 1; - - /* lookup the default values */ - n = kerb_get_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST, - &default_princ, 1, &more); - if (n != 1) - errx (1, "Kerberos error on default value lookup, %ld found.", n); - fprintf(stdout, "Previous or default values are in [brackets] ,\n"); - fprintf(stdout, "enter return to leave the same, or new value.\n"); - - while (change_principal()) { - } - - cleanup(); - return 0; -} diff --git a/crypto/kerberosIV/admin/kdb_init.c b/crypto/kerberosIV/admin/kdb_init.c deleted file mode 100644 index ccec1f7e6ecd..000000000000 --- a/crypto/kerberosIV/admin/kdb_init.c +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * program to initialize the database, reports error if database file - * already exists. - */ -/* $FreeBSD$ */ - -#include "adm_locl.h" - -RCSID("$Id: kdb_init.c,v 1.25 1999/09/16 20:37:21 assar Exp $"); - -enum ap_op { - NULL_KEY, /* setup null keys */ - MASTER_KEY, /* use master key as new key */ - RANDOM_KEY /* choose a random key */ -}; - -static des_cblock master_key; -static des_key_schedule master_key_schedule; - -/* use a return code to indicate success or failure. check the return */ -/* values of the routines called by this routine. */ - -static int -add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife) -{ - Principal principal; - des_cblock new_key; - - memset(&principal, 0, sizeof(principal)); - strlcpy(principal.name, name, ANAME_SZ); - strlcpy(principal.instance, instance, INST_SZ); - switch (aap_op) { - case NULL_KEY: - principal.key_low = 0; - principal.key_high = 0; - break; - case RANDOM_KEY: -#ifdef NOENCRYPTION - memset(new_key, 0, sizeof(des_cblock)); - new_key[0] = 127; -#else - des_random_key(new_key); -#endif - kdb_encrypt_key (&new_key, &new_key, &master_key, master_key_schedule, - DES_ENCRYPT); - copy_from_key(new_key, &principal.key_low, &principal.key_high); - memset(new_key, 0, sizeof(new_key)); - break; - case MASTER_KEY: - memcpy(new_key, master_key, sizeof (des_cblock)); - kdb_encrypt_key (&new_key, &new_key, &master_key, master_key_schedule, - DES_ENCRYPT); - copy_from_key(new_key, &principal.key_low, &principal.key_high); - break; - } - principal.mod_date = time(0); - *principal.mod_date_txt = '\0'; - principal.exp_date = principal.mod_date + 5 * 365 * 24 * 60 * 60; - *principal.exp_date_txt = '\0'; - - principal.attributes = 0; - principal.max_life = maxlife; - - principal.kdc_key_ver = 1; - principal.key_version = 1; - - strlcpy(principal.mod_name, "db_creation", ANAME_SZ); - strlcpy(principal.mod_instance, "", INST_SZ); - principal.old = 0; - - if (kerb_db_put_principal(&principal, 1) != 1) - return -1; /* FAIL */ - - /* let's play it safe */ - memset(new_key, 0, sizeof (des_cblock)); - memset(&principal.key_low, 0, 4); - memset(&principal.key_high, 0, 4); - return 0; -} - -int -main(int argc, char **argv) -{ - char realm[REALM_SZ]; - char *cp; - int code; - char *database; - - set_progname (argv[0]); - - if (argc > 3) { - fprintf(stderr, "Usage: %s [realm-name] [database-name]\n", argv[0]); - return 1; - } - if (argc == 3) { - database = argv[2]; - --argc; - } else - database = DBM_FILE; - - /* Do this first, it'll fail if the database exists */ - if ((code = kerb_db_create(database)) != 0) - err (1, "Couldn't create database %s", database); - kerb_db_set_name(database); - - if (argc == 2) - strlcpy(realm, argv[1], REALM_SZ); - else { - if (krb_get_lrealm(realm, 1) != KSUCCESS) - strlcpy(realm, KRB_REALM, REALM_SZ); - fprintf(stderr, "Realm name [default %s ]: ", realm); - if (fgets(realm, sizeof(realm), stdin) == NULL) - errx (1, "\nEOF reading realm"); - if ((cp = strchr(realm, '\n'))) - *cp = '\0'; - if (!*realm) /* no realm given */ - if (krb_get_lrealm(realm, 1) != KSUCCESS) - strlcpy(realm, KRB_REALM, REALM_SZ); - } - if (!k_isrealm(realm)) - errx (1, "Bad kerberos realm name \"%s\"", realm); -#ifndef RANDOM_MKEY - printf("You will be prompted for the database Master Password.\n"); - printf("It is important that you NOT FORGET this password.\n"); -#else - printf("To generate a master key, please enter some random data.\n"); - printf("You do not have to remember this.\n"); -#endif - fflush(stdout); - - if (kdb_get_master_key (KDB_GET_TWICE, &master_key, - master_key_schedule) != 0) - errx (1, "Couldn't read master key."); - -#ifdef RANDOM_MKEY - if(kdb_kstash(&master_key, MKEYFILE) < 0) - err (1, "Error writing master key"); - fprintf(stderr, "Wrote master key to %s\n", MKEYFILE); -#endif - - /* Maximum lifetime for changepw.kerberos (kadmin) tickets, 10 minutes */ -#define ADMLIFE (1 + (CLOCK_SKEW/(5*60))) - - /* Maximum lifetime for ticket granting tickets, 4 days or 21.25h */ -#define TGTLIFE ((krb_life_to_time(0, 162) >= 24*60*60) ? 161 : 255) - - /* This means that default lifetimes have not been initialized */ -#define DEFLIFE 255 - -#define NOLIFE 0 - - if ( - add_principal(KERB_M_NAME, KERB_M_INST, MASTER_KEY, NOLIFE) || - add_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST, NULL_KEY,DEFLIFE)|| - add_principal(KRB_TICKET_GRANTING_TICKET, realm, RANDOM_KEY, TGTLIFE)|| - add_principal(PWSERV_NAME, KRB_MASTER, RANDOM_KEY, ADMLIFE) - ) { - putc ('\n', stderr); - errx (1, "couldn't initialize database."); - } - - /* play it safe */ - memset(master_key, 0, sizeof (des_cblock)); - memset(master_key_schedule, 0, sizeof (des_key_schedule)); - return 0; -} diff --git a/crypto/kerberosIV/admin/kdb_util.c b/crypto/kerberosIV/admin/kdb_util.c deleted file mode 100644 index 1e3d1900f71a..000000000000 --- a/crypto/kerberosIV/admin/kdb_util.c +++ /dev/null @@ -1,522 +0,0 @@ -/* - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Kerberos database manipulation utility. This program allows you to - * dump a kerberos database to an ascii readable file and load this - * file into the database. Read locking of the database is done during a - * dump operation. NO LOCKING is done during a load operation. Loads - * should happen with other processes shutdown. - * - * Written July 9, 1987 by Jeffrey I. Schiller - */ - -#include "adm_locl.h" - -RCSID("$Id: kdb_util.c,v 1.42.2.1 2000/10/10 12:59:16 assar Exp $"); - -static des_cblock master_key, new_master_key; -static des_key_schedule master_key_schedule, new_master_key_schedule; - -/* cv_key is a procedure which takes a principle and changes its key, - either for a new method of encrypting the keys, or a new master key. - if cv_key is null no transformation of key is done (other than net byte - order). */ - -struct callback_args { - void (*cv_key)(Principal *); - FILE *output_file; -}; - -static void -print_time(FILE *file, time_t timeval) -{ - struct tm *tm; - tm = gmtime(&timeval); - fprintf(file, " %04d%02d%02d%02d%02d", - tm->tm_year + 1900, - tm->tm_mon + 1, - tm->tm_mday, - tm->tm_hour, - tm->tm_min); -} - -static long -time_explode(char *cp) -{ - char wbuf[5]; - struct tm tp; - int local; - - memset(&tp, 0, sizeof(tp)); /* clear out the struct */ - - if (strlen(cp) > 10) { /* new format */ - strlcpy(wbuf, cp, sizeof(wbuf)); - tp.tm_year = atoi(wbuf) - 1900; - cp += 4; /* step over the year */ - local = 0; /* GMT */ - } else { /* old format: local time, - year is 2 digits, assuming 19xx */ - wbuf[0] = *cp++; - wbuf[1] = *cp++; - wbuf[2] = 0; - tp.tm_year = atoi(wbuf); - local = 1; /* local */ - } - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - wbuf[2] = 0; - tp.tm_mon = atoi(wbuf)-1; - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_mday = atoi(wbuf); - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_hour = atoi(wbuf); - - wbuf[0] = *cp++; - wbuf[1] = *cp++; - tp.tm_min = atoi(wbuf); - - return(tm2time(tp, local)); -} - -static int -dump_db_1(void *arg, - Principal *principal) /* replace null strings with "*" */ -{ - struct callback_args *a = (struct callback_args *)arg; - - if (principal->instance[0] == '\0') { - principal->instance[0] = '*'; - principal->instance[1] = '\0'; - } - if (principal->mod_name[0] == '\0') { - principal->mod_name[0] = '*'; - principal->mod_name[1] = '\0'; - } - if (principal->mod_instance[0] == '\0') { - principal->mod_instance[0] = '*'; - principal->mod_instance[1] = '\0'; - } - if (a->cv_key != NULL) { - (*a->cv_key) (principal); - } - fprintf(a->output_file, "%s %s %d %d %d %d %x %x", - principal->name, - principal->instance, - principal->max_life, - principal->kdc_key_ver, - principal->key_version, - principal->attributes, - (int)htonl (principal->key_low), - (int)htonl (principal->key_high)); - print_time(a->output_file, principal->exp_date); - print_time(a->output_file, principal->mod_date); - fprintf(a->output_file, " %s %s\n", - principal->mod_name, - principal->mod_instance); - return 0; -} - -static int -dump_db (char *db_file, FILE *output_file, void (*cv_key) (Principal *)) -{ - struct callback_args a; - - a.cv_key = cv_key; - a.output_file = output_file; - - kerb_db_iterate (dump_db_1, &a); - return fflush(output_file); -} - -static int -add_file(void *db, FILE *file) -{ - int ret; - int lineno = 0; - char line[1024]; - unsigned long key[2]; /* yes, long */ - Principal pr; - - char exp_date[64], mod_date[64]; - - int life, kkvno, kvno; - - while(1){ - memset(&pr, 0, sizeof(pr)); - errno = 0; - if(fgets(line, sizeof(line), file) == NULL){ - if(errno != 0) - err (1, "fgets"); - break; - } - lineno++; - ret = sscanf(line, "%s %s %d %d %d %hd %lx %lx %s %s %s %s", - pr.name, pr.instance, - &life, &kkvno, &kvno, - &pr.attributes, - &key[0], &key[1], - exp_date, mod_date, - pr.mod_name, pr.mod_instance); - if(ret != 12){ - warnx("Line %d malformed (ignored)", lineno); - continue; - } - pr.key_low = ntohl (key[0]); - pr.key_high = ntohl (key[1]); - pr.max_life = life; - pr.kdc_key_ver = kkvno; - pr.key_version = kvno; - pr.exp_date = time_explode(exp_date); - pr.mod_date = time_explode(mod_date); - if (pr.instance[0] == '*') - pr.instance[0] = 0; - if (pr.mod_name[0] == '*') - pr.mod_name[0] = 0; - if (pr.mod_instance[0] == '*') - pr.mod_instance[0] = 0; - if (kerb_db_update(db, &pr, 1) != 1) { - warn ("store %s.%s aborted", - pr.name, pr.instance); - return 1; - } - } - return 0; -} - -static void -load_db (char *db_file, FILE *input_file) -{ - long *db; - int code; - char *temp_db_file; - - asprintf (&temp_db_file, "%s~", db_file); - if(temp_db_file == NULL) - errx (1, "out of memory"); - - /* Create the database */ - if ((code = kerb_db_create(temp_db_file)) != 0) - err (1, "creating temp database %s", temp_db_file); - kerb_db_set_name(temp_db_file); - db = kerb_db_begin_update(); - if (db == NULL) - err (1, "opening temp database %s", temp_db_file); - - if(add_file(db, input_file)) - errx (1, "Load aborted"); - - kerb_db_end_update(db); - if ((code = kerb_db_rename(temp_db_file, db_file)) != 0) - warn("database rename failed"); - fclose(input_file); - free(temp_db_file); -} - -static void -merge_db(char *db_file, FILE *input_file) -{ - void *db; - - db = kerb_db_begin_update(); - if(db == NULL) - err (1, "Couldn't open database"); - if(add_file(db, input_file)) - errx (1, "Merge aborted"); - kerb_db_end_update(db); -} - -static void -update_ok_file (char *file_name) -{ - /* handle slave locking/failure stuff */ - char *file_ok; - int fd; - - asprintf (&file_ok, "%s.dump_ok", file_name); - if (file_ok == NULL) - errx (1, "out of memory"); - if ((fd = open(file_ok, O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0) - err (1, "Error creating %s", file_ok); - free(file_ok); - close(fd); - /* - * Some versions of BSD don't update the mtime in the above open so - * we call utimes just in case. - */ - if (utime(file_name, NULL) < 0) - err (1, "utime %s", file_name); -} - -static void -convert_key_new_master (Principal *p) -{ - des_cblock key; - - /* leave null keys alone */ - if ((p->key_low == 0) && (p->key_high == 0)) return; - - /* move current key to des_cblock for encryption, special case master key - since that's changing */ - if ((strncmp (p->name, KERB_M_NAME, ANAME_SZ) == 0) && - (strncmp (p->instance, KERB_M_INST, INST_SZ) == 0)) { - memcpy (key, new_master_key, sizeof(des_cblock)); - (p->key_version)++; - } else { - copy_to_key(&p->key_low, &p->key_high, key); - kdb_encrypt_key (&key, &key, &master_key, - master_key_schedule, DES_DECRYPT); - } - - kdb_encrypt_key (&key, &key, &new_master_key, - new_master_key_schedule, DES_ENCRYPT); - - copy_from_key(key, &(p->key_low), &(p->key_high)); - memset(key, 0, sizeof (key)); /* a little paranoia ... */ - - (p->kdc_key_ver)++; -} - -static void -clear_secrets (void) -{ - memset(master_key, 0, sizeof (des_cblock)); - memset(master_key_schedule, 0, sizeof (des_key_schedule)); - memset(new_master_key, 0, sizeof (des_cblock)); - memset(new_master_key_schedule, 0, sizeof (des_key_schedule)); -} - -static void -convert_new_master_key (char *db_file, FILE *out) -{ -#ifdef RANDOM_MKEY - errx (1, "Sorry, this function is not available with " - "the new master key scheme."); -#else - printf ("\n\nEnter the CURRENT master key."); - if (kdb_get_master_key (KDB_GET_PROMPT, &master_key, - master_key_schedule) != 0) { - clear_secrets (); - errx (1, "Couldn't get master key."); - } - - if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) { - clear_secrets (); - exit (1); - } - - printf ("\n\nNow enter the NEW master key. Do not forget it!!"); - if (kdb_get_master_key (KDB_GET_TWICE, &new_master_key, - new_master_key_schedule) != 0) { - clear_secrets (); - errx (1, "Couldn't get new master key."); - } - - dump_db (db_file, out, convert_key_new_master); - { - char *fname; - - asprintf(&fname, "%s.new", MKEYFILE); - if(fname == NULL) { - clear_secrets(); - errx(1, "malloc: failed"); - } - kdb_kstash(&new_master_key, fname); - free(fname); - } -#endif /* RANDOM_MKEY */ -} - -static void -convert_key_old_db (Principal *p) -{ - des_cblock key; - - /* leave null keys alone */ - if ((p->key_low == 0) && (p->key_high == 0)) return; - - copy_to_key(&p->key_low, &p->key_high, key); - -#ifndef NOENCRYPTION - des_pcbc_encrypt((des_cblock *)key,(des_cblock *)key, - (long)sizeof(des_cblock),master_key_schedule, - (des_cblock *)master_key_schedule, DES_DECRYPT); -#endif - - /* make new key, new style */ - kdb_encrypt_key (&key, &key, &master_key, master_key_schedule, DES_ENCRYPT); - - copy_from_key(key, &(p->key_low), &(p->key_high)); - memset(key, 0, sizeof (key)); /* a little paranoia ... */ -} - -static void -convert_old_format_db (char *db_file, FILE *out) -{ - des_cblock key_from_db; - Principal principal_data[1]; - int n, more; - - if (kdb_get_master_key (KDB_GET_PROMPT, &master_key, - master_key_schedule) != 0L) { - clear_secrets(); - errx (1, "Couldn't get master key."); - } - - /* can't call kdb_verify_master_key because this is an old style db */ - /* lookup the master key version */ - n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data, - 1 /* only one please */, &more); - if ((n != 1) || more) - errx (1, "verify_master_key: Kerberos error on master key lookup, %d found.\n", n); - - /* set up the master key */ - fprintf(stderr, "Current Kerberos master key version is %d.\n", - principal_data[0].kdc_key_ver); - - /* - * now use the master key to decrypt (old style) the key in the db, had better - * be the same! - */ - copy_to_key(&principal_data[0].key_low, - &principal_data[0].key_high, - key_from_db); -#ifndef NOENCRYPTION - des_pcbc_encrypt(&key_from_db,&key_from_db,(long)sizeof(key_from_db), - master_key_schedule,(des_cblock *)master_key_schedule, DES_DECRYPT); -#endif - /* the decrypted database key had better equal the master key */ - - n = memcmp(master_key, key_from_db, sizeof(master_key)); - memset(key_from_db, 0, sizeof(key_from_db)); - - if (n) { - fprintf(stderr, "\n\07\07verify_master_key: Invalid master key, "); - fprintf(stderr, "does not match database.\n"); - exit (1); - } - - fprintf(stderr, "Master key verified.\n"); - - dump_db (db_file, out, convert_key_old_db); -} - -int -main(int argc, char **argv) -{ - int ret; - FILE *file; - enum { - OP_LOAD, - OP_MERGE, - OP_DUMP, - OP_SLAVE_DUMP, - OP_NEW_MASTER, - OP_CONVERT_OLD_DB - } op; - char *file_name; - char *db_name; - - set_progname (argv[0]); - - if (argc != 3 && argc != 4) { - fprintf(stderr, "Usage: %s operation file [database name].\n", - argv[0]); - fprintf(stderr, "Operation is one of: " - "load, merge, dump, slave_dump, new_master_key, " - "convert_old_db\n"); - fprintf(stderr, "use file `-' for stdout\n"); - exit(1); - } - if (argc == 3) - db_name = DBM_FILE; - else - db_name = argv[3]; - - ret = kerb_db_set_name (db_name); - - /* this makes starting slave servers ~14.3 times easier */ - if(ret && strcmp(argv[1], "load") == 0) - ret = kerb_db_create (db_name); - - if(ret) - err (1, "Can't open database"); - - if (!strcmp(argv[1], "load")) - op = OP_LOAD; - else if (!strcmp(argv[1], "merge")) - op = OP_MERGE; - else if (!strcmp(argv[1], "dump")) - op = OP_DUMP; - else if (!strcmp(argv[1], "slave_dump")) - op = OP_SLAVE_DUMP; - else if (!strcmp(argv[1], "new_master_key")) - op = OP_NEW_MASTER; - else if (!strcmp(argv[1], "convert_old_db")) - op = OP_CONVERT_OLD_DB; - else { - warnx ("%s is an invalid operation.", argv[1]); - warnx ("Valid operations are \"load\", \"merge\", " - "\"dump\", \"slave_dump\", \"new_master_key\", " - "and \"convert_old_db\""); - return 1; - } - - file_name = argv[2]; - if (strcmp (file_name, "-") == 0 - && op != OP_LOAD - && op != OP_MERGE) - file = stdout; - else { - char *mode; - - if (op == OP_LOAD || op == OP_MERGE) - mode = "r"; - else - mode = "w"; - - file = fopen (file_name, mode); - } - if (file == NULL) - err (1, "open %s", argv[2]); - - switch (op) { - case OP_DUMP: - if ((dump_db(db_name, file, (void (*)(Principal *)) 0) == EOF) - || (fflush(file) != 0) - || (fsync(fileno(file)) != 0) - || (fclose(file) == EOF)) - err(1, "%s", file_name); - break; - case OP_SLAVE_DUMP: - if ((dump_db(db_name, file, (void (*)(Principal *)) 0) == EOF) - || (fflush(file) != 0) - || (fsync(fileno(file)) != 0) - || (fclose(file) == EOF)) - err(1, "%s", file_name); - update_ok_file(file_name); - break; - case OP_LOAD: - load_db (db_name, file); - break; - case OP_MERGE: - merge_db (db_name, file); - break; - case OP_NEW_MASTER: - convert_new_master_key (db_name, file); - printf("Don't forget to do a `kdb_util load %s' to reload the database!\n", file_name); - break; - case OP_CONVERT_OLD_DB: - convert_old_format_db (db_name, file); - printf("Don't forget to do a `kdb_util load %s' to reload the database!\n", file_name); - break; - } - return 0; -} diff --git a/crypto/kerberosIV/admin/kstash.c b/crypto/kerberosIV/admin/kstash.c deleted file mode 100644 index 4595de58ef32..000000000000 --- a/crypto/kerberosIV/admin/kstash.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology - * - * For copying and distribution information, please see the file - * . - * - * Description. - */ - -#include "adm_locl.h" - -RCSID("$Id: kstash.c,v 1.10 1997/03/30 17:35:37 assar Exp $"); - -/* change this later, but krblib_dbm needs it for now */ - -static des_cblock master_key; -static des_key_schedule master_key_schedule; - -static void -clear_secrets(void) -{ - memset(master_key_schedule, 0, sizeof(master_key_schedule)); - memset(master_key, 0, sizeof(master_key)); -} - -int -main(int argc, char **argv) -{ - long n; - int ret = 0; - set_progname (argv[0]); - - if ((n = kerb_init())) - errx(1, "Kerberos db and cache init failed = %ld\n", n); - - if (kdb_get_master_key (KDB_GET_PROMPT, &master_key, - master_key_schedule) != 0) { - clear_secrets(); - errx(1, "Couldn't read master key."); - } - - if (kdb_verify_master_key (&master_key, master_key_schedule, stderr) < 0) { - clear_secrets(); - return 1; - } - - ret = kdb_kstash(&master_key, MKEYFILE); - if(ret < 0) - warn("writing master key"); - else - fprintf(stderr, "Wrote master key to %s\n", MKEYFILE); - - clear_secrets(); - return ret; -} diff --git a/crypto/kerberosIV/appl/Makefile.in b/crypto/kerberosIV/appl/Makefile.in deleted file mode 100644 index 74a3b9a0d0bd..000000000000 --- a/crypto/kerberosIV/appl/Makefile.in +++ /dev/null @@ -1,43 +0,0 @@ -# $Id: Makefile.in,v 1.31.6.1 2000/06/23 04:30:11 assar Exp $ - -srcdir = @srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -@SET_MAKE@ - -SUBDIRS = sample kauth bsd movemail push afsutil \ - popper xnlock kx kip @OTP_dir@ ftp telnet - -all: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) all); done - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -install: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) install); done - -uninstall: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done - -clean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) clean); done - -mostlyclean: clean - -distclean: - for i in $(SUBDIRS);\ - do (cd $$i && $(MAKE) $(MFLAGS) distclean); done - rm -f Makefile *~ - -realclean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) realclean); done - -.PHONY: all Wall install uninstall clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/appl/afsutil/Makefile.in b/crypto/kerberosIV/appl/afsutil/Makefile.in deleted file mode 100644 index 86adb88b5108..000000000000 --- a/crypto/kerberosIV/appl/afsutil/Makefile.in +++ /dev/null @@ -1,89 +0,0 @@ -# $Id: Makefile.in,v 1.27 1999/03/10 19:01:10 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -top_builddir = ../.. - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS= @LD_FLAGS@ -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -LIBROKEN = -L../../lib/roken -lroken -LIBS = @KRB_KAFS_LIB@ -L../../lib/krb -lkrb -L../../lib/des -ldes $(LIBROKEN) @LIBS@ $(LIBROKEN) -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -bindir = @bindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROG_BIN = pagsh$(EXECSUFFIX) \ - afslog$(EXECSUFFIX) \ - kstring2key$(EXECSUFFIX) -PROG_LIBEXEC = -PROGS = $(PROG_BIN) $(PROG_LIBEXEC) - -SOURCES = pagsh.c aklog.c kstring2key.c - -OBJECTS = pagsh.o aklog.o kstring2key.o - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - for x in $(PROG_BIN); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROG_BIN); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -pagsh$(EXECSUFFIX): pagsh.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ pagsh.o $(LIBS) - -afslog$(EXECSUFFIX): aklog.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ aklog.o $(LIBS) - -kstring2key$(EXECSUFFIX): kstring2key.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kstring2key.o $(LIBS) - - -$(OBJECTS): ../../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/appl/afsutil/aklog.c b/crypto/kerberosIV/appl/afsutil/aklog.c deleted file mode 100644 index b3370da48b85..000000000000 --- a/crypto/kerberosIV/appl/afsutil/aklog.c +++ /dev/null @@ -1,250 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_IOCCOM_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include - -#include - -RCSID("$Id: aklog.c,v 1.24.2.1 2000/06/23 02:31:15 assar Exp $"); - -static int debug = 0; - -static void -DEBUG(const char *, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; - -static void -DEBUG(const char *fmt, ...) -{ - va_list ap; - if (debug) { - va_start(ap, fmt); - vwarnx(fmt, ap); - va_end(ap); - } -} - -static char * -expand_1 (const char *cell, const char *filename) -{ - FILE *f; - static char buf[128]; - char *p; - - f = fopen(filename, "r"); - if(f == NULL) - return NULL; - while(fgets(buf, sizeof(buf), f) != NULL) { - if(buf[0] == '>') { - for(p=buf; *p && !isspace(*p) && *p != '#'; p++) - ; - *p = '\0'; - if(strstr(buf, cell)){ - fclose(f); - return buf + 1; - } - } - buf[0] = 0; - } - fclose(f); - return NULL; -} - -static const char * -expand_cell_name(const char *cell) -{ - char *ret; - - ret = expand_1(cell, _PATH_CELLSERVDB); - if (ret != NULL) - return ret; - ret = expand_1(cell, _PATH_ARLA_CELLSERVDB); - if (ret != NULL) - return ret; - return cell; -} - -static int -createuser (const char *cell) -{ - char cellbuf[64]; - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; - char cmd[1024]; - - if (cell == NULL) { - FILE *f; - int len; - - f = fopen (_PATH_THISCELL, "r"); - if (f == NULL) - f = fopen (_PATH_ARLA_THISCELL, "r"); - if (f == NULL) - err (1, "open(%s, %s)", _PATH_THISCELL, _PATH_ARLA_THISCELL); - if (fgets (cellbuf, sizeof(cellbuf), f) == NULL) - err (1, "read cellname from %s %s", _PATH_THISCELL, _PATH_ARLA_THISCELL); - fclose (f); - len = strlen(cellbuf); - if (cellbuf[len-1] == '\n') - cellbuf[len-1] = '\0'; - cell = cellbuf; - } - - if(krb_get_default_principal(name, instance, realm)) - errx (1, "Could not even figure out who you are"); - - snprintf (cmd, sizeof(cmd), - "pts createuser %s%s%s@%s -cell %s", - name, *instance ? "." : "", instance, strlwr(realm), - cell); - DEBUG("Executing %s", cmd); - return system(cmd); -} - -int -main(int argc, char **argv) -{ - int i; - int do_aklog = -1; - int do_createuser = -1; - const char *cell = NULL; - char *realm = NULL; - char cellbuf[64]; - - set_progname (argv[0]); - - if(!k_hasafs()) - exit(1); - - for(i = 1; i < argc; i++){ - if(!strncmp(argv[i], "-createuser", 11)){ - do_createuser = do_aklog = 1; - - }else if(!strncmp(argv[i], "-c", 2) && i + 1 < argc){ - cell = expand_cell_name(argv[++i]); - do_aklog = 1; - - }else if(!strncmp(argv[i], "-k", 2) && i + 1 < argc){ - realm = argv[++i]; - - }else if(!strncmp(argv[i], "-p", 2) && i + 1 < argc){ - if(k_afs_cell_of_file(argv[++i], cellbuf, sizeof(cellbuf))) - errx (1, "No cell found for file \"%s\".", argv[i]); - else - cell = cellbuf; - do_aklog = 1; - - }else if(!strncmp(argv[i], "-unlog", 6)){ - exit(k_unlog()); - - }else if(!strncmp(argv[i], "-hosts", 6)){ - warnx ("Argument -hosts is not implemented."); - - }else if(!strncmp(argv[i], "-zsubs", 6)){ - warnx("Argument -zsubs is not implemented."); - - }else if(!strncmp(argv[i], "-noprdb", 6)){ - warnx("Argument -noprdb is not implemented."); - - }else if(!strncmp(argv[i], "-d", 6)){ - debug = 1; - - }else{ - if(!strcmp(argv[i], ".") || - !strcmp(argv[i], "..") || - strchr(argv[i], '/')){ - DEBUG("I guess that \"%s\" is a filename.", argv[i]); - if(k_afs_cell_of_file(argv[i], cellbuf, sizeof(cellbuf))) - errx (1, "No cell found for file \"%s\".", argv[i]); - else { - cell = cellbuf; - DEBUG("The file \"%s\" lives in cell \"%s\".", argv[i], cell); - } - }else{ - cell = expand_cell_name(argv[i]); - DEBUG("I guess that %s is cell %s.", argv[i], cell); - } - do_aklog = 1; - } - if(do_aklog == 1){ - do_aklog = 0; - if(krb_afslog(cell, realm)) - errx (1, "Failed getting tokens for cell %s in realm %s.", - cell?cell:"(local cell)", realm?realm:"(local realm)"); - } - if(do_createuser == 1) { - do_createuser = 0; - if(createuser(cell)) - errx (1, "Failed creating user in cell %s", cell?cell:"(local cell)"); - } - } - if(do_aklog == -1 && do_createuser == -1 && krb_afslog(0, realm)) - errx (1, "Failed getting tokens for cell %s in realm %s.", - cell?cell:"(local cell)", realm?realm:"(local realm)"); - return 0; -} diff --git a/crypto/kerberosIV/appl/afsutil/kstring2key.c b/crypto/kerberosIV/appl/afsutil/kstring2key.c deleted file mode 100644 index bdcf67dc6e7f..000000000000 --- a/crypto/kerberosIV/appl/afsutil/kstring2key.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "config.h" - -RCSID("$Id: kstring2key.c,v 1.16 1999/12/02 16:58:28 joda Exp $"); - -#include -#include -#include -#include - -#include - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include - -#define VERIFY 0 - -static void -usage(void) -{ - fprintf(stderr, - "Usage: %s [-c AFS cellname] [ -5 krb5salt ] [ password ]\n", - __progname); - fprintf(stderr, - " krb5salt is realmname APPEND principal APPEND instance\n"); - exit(1); -} - -static -void -krb5_string_to_key(char *str, - char *salt, - des_cblock *key) -{ - char *foo; - - asprintf(&foo, "%s%s", str, salt); - if (foo == NULL) - errx (1, "malloc: out of memory"); - des_string_to_key(foo, key); - free (foo); -} - - -int -main(int argc, char **argv) -{ - des_cblock key; - char buf[1024]; - char *cellname = 0, *salt = 0; - - set_progname (argv[0]); - - if (argc >= 3 && argv[1][0] == '-' && argv[1][1] == 'c') - { - cellname = argv[2]; - argv += 2; - argc -= 2; - } - else if (argc >= 3 && argv[1][0] == '-' && argv[1][1] == '5') - { - salt = argv[2]; - argv += 2; - argc -= 2; - } - if (argc >= 2 && argv[1][0] == '-') - usage(); - - switch (argc) { - case 1: - if (des_read_pw_string(buf, sizeof(buf)-1, "password: ", VERIFY)) - errx (1, "Error reading password."); - break; - case 2: - strlcpy(buf, argv[1], sizeof(buf)); - break; - default: - usage(); - break; - } - - if (cellname != 0) - afs_string_to_key(buf, cellname, &key); - else if (salt != 0) - krb5_string_to_key(buf, salt, &key); - else - des_string_to_key(buf, &key); - - { - int j; - unsigned char *tkey = (unsigned char *) &key; - printf("ascii = "); - for(j = 0; j < 8; j++) - if(tkey[j] != '\\' && isalpha(tkey[j]) != 0) - printf("%c", tkey[j]); - else - printf("\\%03o",(unsigned char)tkey[j]); - printf("\n"); - printf("hex = "); - for(j = 0; j < 8; j++) - printf("%02x",(unsigned char)tkey[j]); - printf("\n"); - } - exit(0); -} diff --git a/crypto/kerberosIV/appl/afsutil/pagsh.c b/crypto/kerberosIV/appl/afsutil/pagsh.c deleted file mode 100644 index c6704bed451d..000000000000 --- a/crypto/kerberosIV/appl/afsutil/pagsh.c +++ /dev/null @@ -1,136 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: pagsh.c,v 1.22 1999/12/02 16:58:28 joda Exp $"); - -#include -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif - -#include -#include - -#include -#include - -int -main(int argc, char **argv) -{ - int f; - char tf[1024]; - char *p; - - char *path; - char **args; - int i; - - do { - snprintf(tf, sizeof(tf), "%s%u_%u", TKT_ROOT, (unsigned int)getuid(), - (unsigned int)(getpid()*time(0))); - f = open(tf, O_CREAT|O_EXCL|O_RDWR); - } while(f < 0); - close(f); - unlink(tf); - setenv("KRBTKFILE", tf, 1); - - i = 0; - - args = (char **) malloc((argc + 10)*sizeof(char *)); - if (args == NULL) - errx (1, "Out of memory allocating %lu bytes", - (unsigned long)((argc + 10)*sizeof(char *))); - - argv++; - - if(*argv == NULL) { - path = getenv("SHELL"); - if(path == NULL){ - struct passwd *pw = k_getpwuid(geteuid()); - path = strdup(pw->pw_shell); - } - } else { - if(strcmp(*argv, "-c") == 0) argv++; - path = strdup(*argv++); - } - if (path == NULL) - errx (1, "Out of memory copying path"); - - p=strrchr(path, '/'); - if(p) - args[i] = strdup(p+1); - else - args[i] = strdup(path); - - if (args[i++] == NULL) - errx (1, "Out of memory copying arguments"); - - while(*argv) - args[i++] = *argv++; - - args[i++] = NULL; - - if(k_hasafs()) - k_setpag(); - - execvp(path, args); - if (errno == ENOENT) { - char **sh_args = malloc ((i + 2) * sizeof(char *)); - int j; - - if (sh_args == NULL) - errx (1, "Out of memory copying sh arguments"); - for (j = 1; j < i; ++j) - sh_args[j + 2] = args[j]; - sh_args[0] = "sh"; - sh_args[1] = "-c"; - sh_args[2] = path; - execv ("/bin/sh", sh_args); - } - perror("execvp"); - exit(1); -} diff --git a/crypto/kerberosIV/appl/bsd/Makefile.in b/crypto/kerberosIV/appl/bsd/Makefile.in deleted file mode 100644 index fdda8c19e28a..000000000000 --- a/crypto/kerberosIV/appl/bsd/Makefile.in +++ /dev/null @@ -1,136 +0,0 @@ -# $Id: Makefile.in,v 1.68 1999/03/27 17:05:34 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -top_builddir = ../.. - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -DBINDIR='"$(bindir)"' -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -LIBS = @LIBS@ -LIB_DBM = @LIB_DBM@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -bindir = @bindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -# Beware, these are all setuid root programs -PROG_SUIDBIN = rsh$(EXECSUFFIX) \ - rcp$(EXECSUFFIX) \ - rlogin$(EXECSUFFIX) \ - su$(EXECSUFFIX) -PROG_BIN = login$(EXECSUFFIX) -PROG_LIBEXEC = rshd$(EXECSUFFIX) \ - rlogind$(EXECSUFFIX) -PROGS = $(PROG_SUIDBIN) $(PROG_BIN) $(PROG_LIBEXEC) - -SOURCES = rsh.c kcmd.c krcmd.c rlogin.c rcp.c rcp_util.c rshd.c \ - login.c klogin.c login_access.c su.c rlogind.c \ - login_fbtab.c forkpty.c sysv_default.c sysv_environ.c sysv_shadow.c \ - utmp_login.c utmpx_login.c stty_default.c encrypt.c rcmd_util.c tty.c \ - osfc2.c - -rsh_OBJS = rsh.o kcmd.o krcmd.o encrypt.o rcmd_util.o -rcp_OBJS = rcp.o rcp_util.o kcmd.o krcmd.o encrypt.o rcmd_util.o osfc2.o -rlogin_OBJS = rlogin.o kcmd.o krcmd.o encrypt.o rcmd_util.o -login_OBJS = login.o klogin.o login_fbtab.o login_access.o \ - sysv_default.o sysv_environ.o sysv_shadow.o \ - utmp_login.o utmpx_login.o stty_default.o tty.o osfc2.o -su_OBJS = su.o -rshd_OBJS = rshd.o encrypt.o rcmd_util.o osfc2.o -rlogind_OBJS = rlogind.o forkpty.o encrypt.o rcmd_util.o tty.o - - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) - for x in $(PROG_LIBEXEC); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x| sed '$(transform)'`; \ - done - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - for x in $(PROG_BIN); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \ - done - -for x in $(PROG_SUIDBIN); do \ - $(INSTALL_PROGRAM) -o root -m 04555 $$x $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROG_LIBEXEC); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x| sed '$(transform)'`; \ - done - for x in $(PROG_BIN); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \ - done - for x in $(PROG_SUIDBIN); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes -KLIB_AFS=@KRB_KAFS_LIB@ $(KLIB) -OTPLIB=@LIB_otp@ -LIBROKEN=-L../../lib/roken -lroken - -LIB_security=@LIB_security@ - -rcp$(EXECSUFFIX): $(rcp_OBJS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rcp_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN) $(LIB_security) - -rsh$(EXECSUFFIX): $(rsh_OBJS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rsh_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -rshd$(EXECSUFFIX): $(rshd_OBJS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rshd_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN) $(LIB_security) - -rlogin$(EXECSUFFIX): $(rlogin_OBJS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rlogin_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -rlogind$(EXECSUFFIX): $(rlogind_OBJS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rlogind_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -login$(EXECSUFFIX): $(login_OBJS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(login_OBJS) $(OTPLIB) $(KLIB_AFS) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) $(LIB_security) - -su$(EXECSUFFIX): $(su_OBJS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(su_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/appl/bsd/README.login b/crypto/kerberosIV/appl/bsd/README.login deleted file mode 100644 index c0729690a77f..000000000000 --- a/crypto/kerberosIV/appl/bsd/README.login +++ /dev/null @@ -1,20 +0,0 @@ -This login has additional functionalities. They are all based on (part of) -Wietse Venema's logdaemon package. - - -The following defines can be used: -1) LOGIN_ACCESS to allow access control on a per tty/user combination -2) LOGALL to log all logins - --Guido - -This login has some of Berkeley's paranoid/broken (depending on your point -of view) Kerberos code conditionalized out, so that by default it works like -klogin does at MIT-LCS. You can define KLOGIN_PARANOID to re-enable this code. -This define also controls whether a warning message is printed when logging -into a system with no krb.conf file, which usually means that Kerberos is -not configured. - --GAWollman - -(removed S/Key, /assar) diff --git a/crypto/kerberosIV/appl/bsd/bsd_locl.h b/crypto/kerberosIV/appl/bsd/bsd_locl.h deleted file mode 100644 index c5be006287fb..000000000000 --- a/crypto/kerberosIV/appl/bsd/bsd_locl.h +++ /dev/null @@ -1,401 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: bsd_locl.h,v 1.111 1999/12/02 16:58:28 joda Exp $ */ -/* $FreeBSD$ */ - -#define LOGALL -#ifndef KERBEROS -#define KERBEROS -#endif -#define KLOGIN_PARANOID -#define LOGIN_ACCESS -#define PASSWD_FALLBACK - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif - -/* Any better way to test NO_MOTD? */ -#if (SunOS >= 50) || defined(__hpux) -#define NO_MOTD -#endif - -#ifdef HAVE_SHADOW_H -#define SYSV_SHADOW -#endif - -#include -#include -#include -#include -#include -#include - -#include - -#include -#ifdef HAVE_IO_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_LIBUTIL_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif - -#ifndef S_ISTXT -#ifdef S_ISVTX -#define S_ISTXT S_ISVTX -#else -#define S_ISTXT 0 -#endif -#endif - -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_DIRENT_H -#include -#endif -#include -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif /* HAVE_SYS_RESOURCE_H */ -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#ifndef NCARGS -#define NCARGS 0x100000 /* (absolute) max # characters in exec arglist */ -#endif -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef HAVE_GRP_H -#include -#endif -#ifdef HAVE_UTIME_H -#include -#endif - -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif -#ifdef HAVE_NETINET_TCP_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_IOCCOM_H -#include -#endif - -#ifdef HAVE_SYS_SOCKIO_H -#include -#endif - -#ifdef HAVE_SYS_SELECT_H -#include -#endif - -#ifdef HAVE_SYS_FILIO_H -#include -#endif - -#ifdef HAVE_SYS_STREAM_H -#ifdef HAVE_SYS_UIO_H -#include -#endif /* HAVE_SYS_UIO_H */ -#include -#endif /* HAVE_SYS_STREAM_H */ - -#ifdef HAVE_SYS_PTYVAR_H -#ifdef HAVE_SYS_PROC_H -#include -#endif -#ifdef HAVE_SYS_TTY_H -#include -#endif -#ifdef HAVE_SYS_PTYIO_H -#include -#endif -#include -#endif /* HAVE_SYS_PTYVAR_H */ - -/* Cray stuff */ -#ifdef HAVE_UDB_H -#include -#endif -#ifdef HAVE_SYS_CATEGORY_H -#include -#endif - -/* Strange ioctls that are not always defined */ - -#ifndef TIOCPKT_FLUSHWRITE -#define TIOCPKT_FLUSHWRITE 0x02 -#endif - -#ifndef TIOCPKT_NOSTOP -#define TIOCPKT_NOSTOP 0x10 -#endif - -#ifndef TIOCPKT_DOSTOP -#define TIOCPKT_DOSTOP 0x20 -#endif - -#ifndef TIOCPKT -#define TIOCPKT _IOW('t', 112, int) /* pty: set/clear packet mode */ -#endif - -#ifdef HAVE_LASTLOG_H -#include -#endif - -#ifdef HAVE_LOGIN_H -#include -#endif - -#ifdef HAVE_TTYENT_H -#include -#endif - -#ifdef HAVE_STROPTS_H -#include -#endif - -#ifdef HAVE_UTMP_H -#include -#ifndef UT_NAMESIZE -#define UT_NAMESIZE sizeof(((struct utmp *)0)->ut_name) -#endif -#endif - -#ifdef HAVE_UTMPX_H -#include -#endif - -#ifdef HAVE_USERPW_H -#include -#endif /* HAVE_USERPW_H */ - -#ifdef HAVE_USERSEC_H -struct aud_rec; -#include -#endif /* HAVE_USERSEC_H */ - -#ifdef HAVE_OSFC2 -#include "/usr/include/prot.h" -#endif - -#ifndef PRIO_PROCESS -#define PRIO_PROCESS 0 -#endif - -#include - -#include - -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include -#include - -int kcmd(int *sock, char **ahost, u_int16_t rport, char *locuser, - char *remuser, char *cmd, int *fd2p, KTEXT ticket, - char *service, char *realm, CREDENTIALS *cred, - Key_schedule schedule, MSG_DAT *msg_data, - struct sockaddr_in *laddr, struct sockaddr_in *faddr, - int32_t authopts); - -int krcmd(char **ahost, u_int16_t rport, char *remuser, char *cmd, - int *fd2p, char *realm); - -int krcmd_mutual(char **ahost, u_int16_t rport, char *remuser, - char *cmd,int *fd2p, char *realm, - CREDENTIALS *cred, Key_schedule sched); - -int klogin(struct passwd *pw, char *instance, char *localhost, char *password); - -#if 0 -typedef struct { - int cnt; - char *buf; -} BUF; -#endif - -char *colon(char *cp); -int okname(char *cp0); -int susystem(char *s, int userid); - -int forkpty(int *amaster, char *name, - struct termios *termp, struct winsize *winp); - -int forkpty_truncate(int *amaster, char *name, size_t name_sz, - struct termios *termp, struct winsize *winp); - -#ifndef MODEMASK -#define MODEMASK (S_ISUID|S_ISGID|S_ISTXT|S_IRWXU|S_IRWXG|S_IRWXO) -#endif - -#ifdef HAVE_PATHS_H -#include -#endif -#ifdef HAVE_MAILLOCK_H -#include -#endif -#include "pathnames.h" - -void stty_default (void); - -int utmpx_login(char *line, char *user, char *host); - -extern char **environ; - -void sysv_newenv(int argc, char **argv, struct passwd *pwd, - char *term, int pflag); - -int login_access(struct passwd *user, char *from); -void fatal(int f, const char *msg, int syserr); - -extern int LEFT_JUSTIFIED; - -/* used in des_read and des_write */ -#define DES_RW_MAXWRITE (1024*16) -#define DES_RW_BSIZE (DES_RW_MAXWRITE+4) - -void sysv_defaults(void); -void utmp_login(char *tty, char *username, char *hostname); -void sleepexit (int); - -#ifndef HAVE_SETPRIORITY -#define setpriority(which, who, niceval) 0 -#endif - -#ifndef HAVE_GETPRIORITY -#define getpriority(which, who) 0 -#endif - -#ifdef HAVE_TERMIOS_H -#include -#endif - -#ifndef _POSIX_VDISABLE -#define _POSIX_VDISABLE 0 -#endif /* _POSIX_VDISABLE */ -#if SunOS == 40 -#include -#endif - -#if defined(HAVE_SYS_TERMIO_H) && !defined(HAVE_TERMIOS_H) -#include -#endif - -#ifndef CEOF -#define CEOF 04 -#endif - -/* concession to Sun */ -#ifndef SIGUSR1 -#define SIGUSR1 30 -#endif - -#ifndef TIOCPKT_WINDOW -#define TIOCPKT_WINDOW 0x80 -#endif - -int get_shell_port(int kerberos, int encryption); -int get_login_port(int kerberos, int encryption); -int speed_t2int (speed_t); -speed_t int2speed_t (int); -void ip_options_and_die (int sock, struct sockaddr_in *); -void warning(const char *fmt, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; - -char *clean_ttyname (char *tty); -char *make_id (char *tty); -#ifdef HAVE_UTMP_H -void prepare_utmp (struct utmp *utmp, char *tty, char *username, - char *hostname); -#endif - -int do_osfc2_magic(uid_t); - -void paranoid_setuid (uid_t uid); diff --git a/crypto/kerberosIV/appl/bsd/encrypt.c b/crypto/kerberosIV/appl/bsd/encrypt.c deleted file mode 100644 index 9f835c6a7cf0..000000000000 --- a/crypto/kerberosIV/appl/bsd/encrypt.c +++ /dev/null @@ -1,305 +0,0 @@ -/* Copyright (C) 1995 Eric Young (eay@mincom.oz.au) - * All rights reserved. - * - * This file is part of an SSL implementation written - * by Eric Young (eay@mincom.oz.au). - * The implementation was written so as to conform with Netscapes SSL - * specification. This library and applications are - * FREE FOR COMMERCIAL AND NON-COMMERCIAL USE - * as long as the following conditions are aheared to. - * - * Copyright remains Eric Young's, and as such any Copyright notices in - * the code are not to be removed. If this code is used in a product, - * Eric Young should be given attribution as the author of the parts used. - * This can be in the form of a textual message at program startup or - * in documentation (online or textual) provided with the package. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by Eric Young (eay@mincom.oz.au) - * - * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * The licence and distribution terms for any publically available version or - * derivative of this code cannot be changed. i.e. this code cannot simply be - * copied and put under another distribution licence - * [including the GNU Public Licence.] - */ - -#include "bsd_locl.h" - -RCSID("$Id: encrypt.c,v 1.4 1999/06/17 18:47:26 assar Exp $"); - -/* replacements for htonl and ntohl since I have no idea what to do - * when faced with machines with 8 byte longs. */ -#define HDRSIZE 4 - -#define n2l(c,l) (l =((u_int32_t)(*((c)++)))<<24, \ - l|=((u_int32_t)(*((c)++)))<<16, \ - l|=((u_int32_t)(*((c)++)))<< 8, \ - l|=((u_int32_t)(*((c)++)))) - -#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \ - *((c)++)=(unsigned char)(((l)>>16)&0xff), \ - *((c)++)=(unsigned char)(((l)>> 8)&0xff), \ - *((c)++)=(unsigned char)(((l) )&0xff)) - -/* This has some uglies in it but it works - even over sockets. */ -extern int errno; -int des_rw_mode=DES_PCBC_MODE; -int LEFT_JUSTIFIED = 0; - -int -des_enc_read(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock *iv) -{ - /* data to be unencrypted */ - int net_num=0; - unsigned char net[DES_RW_BSIZE]; - /* extra unencrypted data - * for when a block of 100 comes in but is des_read one byte at - * a time. */ - static char unnet[DES_RW_BSIZE]; - static int unnet_start=0; - static int unnet_left=0; - int i; - long num=0,rnum; - unsigned char *p; - - /* left over data from last decrypt */ - if (unnet_left != 0) - { - if (unnet_left < len) - { - /* we still still need more data but will return - * with the number of bytes we have - should always - * check the return value */ - memcpy(buf,&(unnet[unnet_start]),unnet_left); - /* eay 26/08/92 I had the next 2 lines - * reversed :-( */ - i=unnet_left; - unnet_start=unnet_left=0; - } - else - { - memcpy(buf,&(unnet[unnet_start]),len); - unnet_start+=len; - unnet_left-=len; - i=len; - } - return(i); - } - - /* We need to get more data. */ - if (len > DES_RW_MAXWRITE) len=DES_RW_MAXWRITE; - - /* first - get the length */ - net_num=0; - while (net_num < HDRSIZE) - { - i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num); - if ((i == -1) && (errno == EINTR)) continue; - if (i <= 0) return(0); - net_num+=i; - } - - /* we now have at net_num bytes in net */ - p=net; - num=0; - n2l(p,num); - /* num should be rounded up to the next group of eight - * we make sure that we have read a multiple of 8 bytes from the net. - */ - if ((num > DES_RW_MAXWRITE) || (num < 0)) /* error */ - return(-1); - rnum=(num < 8)?8:((num+7)/8*8); - - net_num=0; - while (net_num < rnum) - { - i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num); - if ((i == -1) && (errno == EINTR)) continue; - if (i <= 0) return(0); - net_num+=i; - } - - /* Check if there will be data left over. */ - if (len < num) - { - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet, - num,sched,iv,DES_DECRYPT); - else - des_cbc_encrypt((des_cblock *)net,(des_cblock *)unnet, - num,sched,iv,DES_DECRYPT); - memcpy(buf,unnet,len); - unnet_start=len; - unnet_left=num-len; - - /* The following line is done because we return num - * as the number of bytes read. */ - num=len; - } - else - { - /* >output is a multiple of 8 byes, if len < rnum - * >we must be careful. The user must be aware that this - * >routine will write more bytes than he asked for. - * >The length of the buffer must be correct. - * FIXED - Should be ok now 18-9-90 - eay */ - if (len < rnum) - { - char tmpbuf[DES_RW_BSIZE]; - - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt((des_cblock *)net, - (des_cblock *)tmpbuf, - num,sched,iv,DES_DECRYPT); - else - des_cbc_encrypt((des_cblock *)net, - (des_cblock *)tmpbuf, - num,sched,iv,DES_DECRYPT); - - /* eay 26/08/92 fix a bug that returned more - * bytes than you asked for (returned len bytes :-( */ - if (LEFT_JUSTIFIED || (len >= 8)) - memcpy(buf,tmpbuf,num); - else - memcpy(buf,tmpbuf+(8-num),num); /* Right justified */ - } - else if (num >= 8) - { - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt((des_cblock *)net, - (des_cblock *)buf,num,sched,iv, - DES_DECRYPT); - else - des_cbc_encrypt((des_cblock *)net, - (des_cblock *)buf,num,sched,iv, - DES_DECRYPT); - } - else - { - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt((des_cblock *)net, - (des_cblock *)buf,8,sched,iv, - DES_DECRYPT); - else - des_cbc_encrypt((des_cblock *)net, - (des_cblock *)buf,8,sched,iv, - DES_DECRYPT); - if (!LEFT_JUSTIFIED) - memcpy(buf, buf+(8-num), num); /* Right justified */ - } - } - return(num); -} - -int -des_enc_write(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock *iv) -{ - long rnum; - int i,j,k,outnum; - char outbuf[DES_RW_BSIZE+HDRSIZE]; - char shortbuf[8]; - char *p; - static int start=1; - - /* If we are sending less than 8 bytes, the same char will look - * the same if we don't pad it out with random bytes */ - if (start) - { - start=0; - srand(time(NULL)); - } - - /* lets recurse if we want to send the data in small chunks */ - if (len > DES_RW_MAXWRITE) - { - j=0; - for (i=0; i DES_RW_MAXWRITE)?DES_RW_MAXWRITE:(len-i),sched,iv); - if (k < 0) - return(k); - else - j+=k; - } - return(j); - } - - /* write length first */ - p=outbuf; - l2n(len,p); - - /* pad short strings */ - if (len < 8) - { - if (LEFT_JUSTIFIED) - { - p=shortbuf; - memcpy(shortbuf,buf,(unsigned int)len); - for (i=len; i<8; i++) - shortbuf[i]=rand(); - rnum=8; - } - else - { - p=shortbuf; - for (i=0; i<8-len; i++) - shortbuf[i]=rand(); - memcpy(shortbuf + 8 - len, buf, len); - rnum=8; - } - } - else - { - p=buf; - rnum=((len+7)/8*8); /* round up to nearest eight */ - } - - if (des_rw_mode & DES_PCBC_MODE) - des_pcbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]), - (long)((len<8)?8:len),sched,iv,DES_ENCRYPT); - else - des_cbc_encrypt((des_cblock *)p,(des_cblock *)&(outbuf[HDRSIZE]), - (long)((len<8)?8:len),sched,iv,DES_ENCRYPT); - - /* output */ - outnum=rnum+HDRSIZE; - - for (j=0; j= sysconf(_SC_CRAY_NPTY)) - return -1; - snprintf(buf, sz, "/dev/pty/%03d", pty_major); -#else - if(++pty_major == strlen(bsd_1)){ - pty_major = 0; - if(++pty_minor == strlen(bsd_2)) - return -1; - } -#ifdef __hpux - snprintf(buf, sz, "/dev/ptym/pty%c%c", bsd_2[pty_major], bsd_1[pty_minor]); -#else - snprintf(buf, sz, "/dev/pty%c%c", bsd_2[pty_major], bsd_1[pty_minor]); -#endif /* __hpux */ -#endif /* CRAY */ - return 0; -} - -static void -pty_scan_tty(char *buf, size_t sz) -{ -#ifdef CRAY - snprintf(buf, sz, "/dev/ttyp%03d", pty_major); -#elif defined(__hpux) - snprintf(buf, sz, "/dev/pty/tty%c%c", bsd_2[pty_major], bsd_1[pty_minor]); -#else - snprintf(buf, sz, "/dev/tty%c%c", bsd_2[pty_major], bsd_1[pty_minor]); -#endif -} - -static int -ptym_open_streams_flavor(char *pts_name, - size_t pts_name_sz, - int *streams_pty) -{ - /* Try clone device master ptys */ - const char *const clone[] = { "/dev/ptc", "/dev/ptmx", - "/dev/ptm", "/dev/ptym/clone", 0 }; - int fdm; - const char *const *q; - - for (q = clone; *q; q++) { - fdm = open(*q, O_RDWR); - if (fdm >= 0) - break; - } - if (fdm >= 0) { - char *ptr1; - if ((ptr1 = ptsname(fdm)) != NULL) /* Get slave's name */ - /* Return name of slave */ - strlcpy(pts_name, ptr1, pts_name_sz); - else { - close(fdm); - return(-4); - } - if (grantpt(fdm) < 0) { /* Grant access to slave */ - close(fdm); - return(-2); - } - if (unlockpt(fdm) < 0) { /* Clear slave's lock flag */ - close(fdm); - return(-3); - } - return(fdm); /* return fd of master */ - } - return -1; -} - -static int -ptym_open_bsd_flavor(char *pts_name, size_t pts_name_sz, int *streams_pty) -{ - int fdm; - char ptm[MaxPathLen]; - - pty_scan_start(); - - while (pty_scan_next(ptm, sizeof(ptm)) != -1) { - fdm = open(ptm, O_RDWR); - if (fdm < 0) - continue; -#if SunOS == 40 - /* Avoid a bug in SunOS4 ttydriver */ - if (fdm > 0) { - int pgrp; - if ((ioctl(fdm, TIOCGPGRP, &pgrp) == -1) - && (errno == EIO)) - /* All fine */; - else { - close(fdm); - continue; - } - } -#endif - pty_scan_tty(pts_name, sizeof(ptm)); -#if CRAY - /* this is some magic from the telnet code */ - { - struct stat sb; - if(stat(pts_name, &sb) < 0) { - close(fdm); - continue; - } - if(sb.st_uid || sb.st_gid || sb.st_mode != 0600) { - chown(pts_name, 0, 0); - chmod(pts_name, 0600); - close(fdm); - fdm = open(ptm, 2); - if (fdm < 0) - continue; - } - } - /* - * Now it should be safe...check for accessability. - */ - if (access(pts_name, 6) != 0){ - /* no tty side to pty so skip it */ - close(fdm); - continue; - } -#endif - return fdm; /* All done! */ - } - - /* We failed to find BSD style pty */ - errno = ENOENT; - return -1; -} - -/* - * - * Open a master pty either using the STREAM flavor or the BSD flavor. - * Depending on if there are any free ptys in the different classes we - * need to try both. Normally try STREAMS first and then BSD. - * - * Kludge alert: Under HP-UX 10 and perhaps other systems STREAM ptys - * doesn't get initialized properly so we try them in different order - * until the problem has been resolved. - * - */ -static int -ptym_open(char *pts_name, size_t pts_name_sz, int *streams_pty) -{ - int fdm; - -#ifdef HAVE__GETPTY - { - char *p = _getpty(&fdm, O_RDWR, 0600, 1); - if (p) { - *streams_pty = 1; - strlcpy (pts_name, p, pts_name_sz); - return fdm; - } - } -#endif - -#ifdef STREAMSPTY - fdm = ptym_open_streams_flavor(pts_name, pts_name_sz, streams_pty); - if (fdm >= 0) - { - *streams_pty = 1; - return fdm; - } -#endif - - fdm = ptym_open_bsd_flavor(pts_name, pts_name_sz, streams_pty); - if (fdm >= 0) - { - *streams_pty = 0; - return fdm; - } - -#ifndef STREAMSPTY - fdm = ptym_open_streams_flavor(pts_name, pts_name_sz, streams_pty); - if (fdm >= 0) - { - *streams_pty = 1; - return fdm; - } -#endif - - return -1; -} - -static int -maybe_push_modules(int fd, char **modules) -{ -#ifdef I_PUSH - char **p; - int err; - - for(p=modules; *p; p++){ - err=ioctl(fd, I_FIND, *p); - if(err == 1) - break; - if(err < 0 && errno != EINVAL) - return -17; - /* module not pushed or does not exist */ - } - /* p points to null or to an already pushed module, now push all - modules before this one */ - - for(p--; p >= modules; p--){ - err = ioctl(fd, I_PUSH, *p); - if(err < 0 && errno != EINVAL) - return -17; - } -#endif - return 0; -} - -static int -ptys_open(int fdm, char *pts_name, int streams_pty) -{ - int fds; - - if (streams_pty) { - /* Streams style slave ptys */ - if ( (fds = open(pts_name, O_RDWR)) < 0) { - close(fdm); - return(-5); - } - - { - char *ttymodules[] = { "ttcompat", "ldterm", "ptem", NULL }; - char *ptymodules[] = { "pckt", NULL }; - - if(maybe_push_modules(fds, ttymodules)<0){ - close(fdm); - close(fds); - return -6; - } - if(maybe_push_modules(fdm, ptymodules)<0){ - close(fdm); - close(fds); - return -7; - } - } - } else { - /* BSD style slave ptys */ - struct group *grptr; - int gid; - if ( (grptr = getgrnam("tty")) != NULL) - gid = grptr->gr_gid; - else - gid = -1; /* group tty is not in the group file */ - - /* Grant access to slave */ - if (chown(pts_name, getuid(), gid) < 0) - fatal(0, "chown slave tty failed", 1); - if (chmod(pts_name, S_IRUSR | S_IWUSR | S_IWGRP) < 0) - fatal(0, "chmod slave tty failed", 1); - - if ( (fds = open(pts_name, O_RDWR)) < 0) { - close(fdm); - return(-1); - } - } - return(fds); -} - -int -forkpty_truncate(int *ptrfdm, - char *slave_name, - size_t slave_name_sz, - struct termios *slave_termios, - struct winsize *slave_winsize) -{ - int fdm, fds, streams_pty; - pid_t pid; - char pts_name[20]; - - if (!forkpty_ok) - fatal(0, "Protocol not yet supported, use telnet", 0); - - if ( (fdm = ptym_open(pts_name, sizeof(pts_name), &streams_pty)) < 0) - return -1; - - if (slave_name != NULL) - /* Return name of slave */ - strlcpy(slave_name, pts_name, slave_name_sz); - - pid = fork(); - if (pid < 0) - return(-1); - else if (pid == 0) { /* Child */ - if (setsid() < 0) - fatal(0, "setsid() failure", errno); - - revoke(slave_name); - -#if defined(NeXT) || defined(ultrix) - /* The NeXT is severely broken, this makes things slightly - * better but we still doesn't get a working pty. If there - * where a TIOCSCTTY we could perhaps fix things but... The - * same problem also exists in xterm! */ - if (setpgrp(0, 0) < 0) - fatal(0, "NeXT kludge failed setpgrp", errno); -#endif - - /* SVR4 acquires controlling terminal on open() */ - if ( (fds = ptys_open(fdm, pts_name, streams_pty)) < 0) - return -1; - close(fdm); /* All done with master in child */ - -#if defined(TIOCSCTTY) && !defined(CIBAUD) && !defined(__hpux) - /* 44BSD way to acquire controlling terminal */ - /* !CIBAUD to avoid doing this under SunOS */ - if (ioctl(fds, TIOCSCTTY, (char *) 0) < 0) - return -1; -#endif -#if defined(NeXT) - { - int t = open("/dev/tty", O_RDWR); - if (t < 0) - fatal(0, "Failed to open /dev/tty", errno); - close(fds); - fds = t; - } -#endif - /* Set slave's termios and window size */ - if (slave_termios != NULL) { - if (tcsetattr(fds, TCSANOW, slave_termios) < 0) - return -1; - } -#ifdef TIOCSWINSZ - if (slave_winsize != NULL) { - if (ioctl(fds, TIOCSWINSZ, slave_winsize) < 0) - return -1; - } -#endif - /* slave becomes stdin/stdout/stderr of child */ - if (dup2(fds, STDIN_FILENO) != STDIN_FILENO) - return -1; - if (dup2(fds, STDOUT_FILENO) != STDOUT_FILENO) - return -1; - if (dup2(fds, STDERR_FILENO) != STDERR_FILENO) - return -1; - if (fds > STDERR_FILENO) - close(fds); - return(0); /* child returns 0 just like fork() */ - } - else { /* Parent */ - *ptrfdm = fdm; /* Return fd of master */ - return(pid); /* Parent returns pid of child */ - } -} - -int -forkpty(int *ptrfdm, - char *slave_name, - struct termios *slave_termios, - struct winsize *slave_winsize) -{ - return forkpty_truncate (ptrfdm, - slave_name, - MaxPathLen, - slave_termios, - slave_winsize); -} - -#endif /* HAVE_FORKPTY */ diff --git a/crypto/kerberosIV/appl/bsd/kcmd.c b/crypto/kerberosIV/appl/bsd/kcmd.c deleted file mode 100644 index 93b2b7004952..000000000000 --- a/crypto/kerberosIV/appl/bsd/kcmd.c +++ /dev/null @@ -1,280 +0,0 @@ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: kcmd.c,v 1.20.4.1 2000/10/10 12:55:55 assar Exp $"); - -#define START_PORT 5120 /* arbitrary */ - -static int -getport(int *alport) -{ - struct sockaddr_in sin; - int s; - - sin.sin_family = AF_INET; - sin.sin_addr.s_addr = INADDR_ANY; - s = socket(AF_INET, SOCK_STREAM, 0); - if (s < 0) - return (-1); - for (;;) { - sin.sin_port = htons((u_short)*alport); - if (bind(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0) - return (s); - if (errno != EADDRINUSE) { - close(s); - return (-1); - } - (*alport)--; -#ifdef ATHENA_COMPAT - if (*alport == IPPORT_RESERVED/2) { -#else - if (*alport == IPPORT_RESERVED) { -#endif - close(s); - errno = EAGAIN; /* close */ - return (-1); - } - } -} - -int -kcmd(int *sock, - char **ahost, - u_int16_t rport, - char *locuser, - char *remuser, - char *cmd, - int *fd2p, - KTEXT ticket, - char *service, - char *realm, - CREDENTIALS *cred, - Key_schedule schedule, - MSG_DAT *msg_data, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr, - int32_t authopts) -{ - int s, timo = 1; - pid_t pid; - struct sockaddr_in sin, from; - char c; -#ifdef ATHENA_COMPAT - int lport = IPPORT_RESERVED - 1; -#else - int lport = START_PORT; -#endif - struct hostent *hp; - int rc; - char *host_save; - int status; - char **h_addr_list; - - pid = getpid(); - hp = gethostbyname(*ahost); - if (hp == NULL) { - /* fprintf(stderr, "%s: unknown host\n", *ahost); */ - return (-1); - } - - host_save = strdup(hp->h_name); - if (host_save == NULL) - return -1; - *ahost = host_save; - h_addr_list = hp->h_addr_list; - - /* If realm is null, look up from table */ - if (realm == NULL || realm[0] == '\0') - realm = krb_realmofhost(host_save); - - for (;;) { - s = getport(&lport); - if (s < 0) { - if (errno == EAGAIN) - warnx("kcmd(socket): All ports in use\n"); - else - warn("kcmd: socket"); - return (-1); - } - sin.sin_family = hp->h_addrtype; - memcpy (&sin.sin_addr, h_addr_list[0], sizeof(sin.sin_addr)); - sin.sin_port = rport; - if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0) - break; - close(s); - if (errno == EADDRINUSE) { - lport--; - continue; - } - /* - * don't wait very long for Kerberos rcmd. - */ - if (errno == ECONNREFUSED && timo <= 4) { - /* sleep(timo); don't wait at all here */ - timo *= 2; - continue; - } - if (h_addr_list[1] != NULL) { - warn ("kcmd: connect (%s)", - inet_ntoa(sin.sin_addr)); - h_addr_list++; - memcpy(&sin.sin_addr, - *h_addr_list, - sizeof(sin.sin_addr)); - fprintf(stderr, "Trying %s...\n", - inet_ntoa(sin.sin_addr)); - continue; - } - if (errno != ECONNREFUSED) - warn ("connect(%s)", hp->h_name); - return (-1); - } - lport--; - if (fd2p == 0) { - write(s, "", 1); - lport = 0; - } else { - char num[8]; - int s2 = getport(&lport), s3; - int len = sizeof(from); - - if (s2 < 0) { - status = -1; - goto bad; - } - listen(s2, 1); - snprintf(num, sizeof(num), "%d", lport); - if (write(s, num, strlen(num) + 1) != strlen(num) + 1) { - warn("kcmd(write): setting up stderr"); - close(s2); - status = -1; - goto bad; - } - { - fd_set fds; - FD_ZERO(&fds); - if (s >= FD_SETSIZE || s2 >= FD_SETSIZE) { - warnx("file descriptor too large"); - close(s); - close(s2); - status = -1; - goto bad; - } - - FD_SET(s, &fds); - FD_SET(s2, &fds); - status = select(FD_SETSIZE, &fds, NULL, NULL, NULL); - if(FD_ISSET(s, &fds)){ - warnx("kcmd: connection unexpectedly closed."); - close(s2); - status = -1; - goto bad; - } - } - s3 = accept(s2, (struct sockaddr *)&from, &len); - close(s2); - if (s3 < 0) { - warn ("kcmd: accept"); - lport = 0; - status = -1; - goto bad; - } - - *fd2p = s3; - from.sin_port = ntohs((u_short)from.sin_port); - if (from.sin_family != AF_INET || - from.sin_port >= IPPORT_RESERVED) { - warnx("kcmd(socket): " - "protocol failure in circuit setup."); - status = -1; - goto bad2; - } - } - /* - * Kerberos-authenticated service. Don't have to send locuser, - * since its already in the ticket, and we'll extract it on - * the other side. - */ - /* write(s, locuser, strlen(locuser)+1); */ - - /* set up the needed stuff for mutual auth, but only if necessary */ - if (authopts & KOPT_DO_MUTUAL) { - int sin_len; - *faddr = sin; - - sin_len = sizeof(struct sockaddr_in); - if (getsockname(s, (struct sockaddr *)laddr, &sin_len) < 0) { - warn("kcmd(getsockname)"); - status = -1; - goto bad2; - } - } - if ((status = krb_sendauth(authopts, s, ticket, service, *ahost, - realm, (unsigned long) getpid(), msg_data, - cred, schedule, - laddr, - faddr, - "KCMDV0.1")) != KSUCCESS) - goto bad2; - - write(s, remuser, strlen(remuser)+1); - write(s, cmd, strlen(cmd)+1); - - if ((rc = read(s, &c, 1)) != 1) { - if (rc == -1) - warn("read(%s)", *ahost); - else - warnx("kcmd: bad connection with remote host"); - status = -1; - goto bad2; - } - if (c != '\0') { - while (read(s, &c, 1) == 1) { - write(2, &c, 1); - if (c == '\n') - break; - } - status = -1; - goto bad2; - } - *sock = s; - return (KSUCCESS); -bad2: - if (lport) - close(*fd2p); -bad: - close(s); - return (status); -} diff --git a/crypto/kerberosIV/appl/bsd/klogin.c b/crypto/kerberosIV/appl/bsd/klogin.c deleted file mode 100644 index df21dbff550f..000000000000 --- a/crypto/kerberosIV/appl/bsd/klogin.c +++ /dev/null @@ -1,229 +0,0 @@ -/*- - * Copyright (c) 1990, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: klogin.c,v 1.27 1999/10/04 16:11:48 bg Exp $"); - -#ifdef KERBEROS - -#define VERIFY_SERVICE "rcmd" - -extern int notickets; -extern char *krbtkfile_env; - -static char tkt_location[MaxPathLen]; - -static int -multiple_get_tkt(char *name, - char *instance, - char *realm, - char *service, - char *sinstance, - int life, - char *password) -{ - int ret; - int n; - char rlm[256]; - - /* First try to verify against the supplied realm. */ - ret = krb_get_pw_in_tkt(name, instance, realm, service, realm, life, - password); - if(ret == KSUCCESS) - return KSUCCESS; - - /* Verify all local realms, except the supplied realm. */ - for (n = 1; krb_get_lrealm(rlm, n) == KSUCCESS; n++) - if (strcmp(rlm, realm) != 0) { - ret = krb_get_pw_in_tkt(name, instance, rlm,service, rlm,life, password); - if (ret == KSUCCESS) - return KSUCCESS; - } - - return ret; -} - -/* - * Attempt to log the user in using Kerberos authentication - * - * return 0 on success (will be logged in) - * 1 if Kerberos failed (try local password in login) - */ -int -klogin(struct passwd *pw, char *instance, char *localhost, char *password) -{ - int kerror; - AUTH_DAT authdata; - KTEXT_ST ticket; - struct hostent *hp; - u_int32_t faddr; - char realm[REALM_SZ], savehost[MaxHostNameLen]; - extern int noticketsdontcomplain; - -#ifdef KLOGIN_PARANOID - noticketsdontcomplain = 0; /* enable warning message */ -#endif - /* - * Root logins don't use Kerberos. - * If we have a realm, try getting a ticket-granting ticket - * and using it to authenticate. Otherwise, return - * failure so that we can try the normal passwd file - * for a password. If that's ok, log the user in - * without issuing any tickets. - */ - if (strcmp(pw->pw_name, "root") == 0 || - krb_get_lrealm(realm, 1) != KSUCCESS) - return (1); - - noticketsdontcomplain = 0; /* enable warning message */ - - /* - * get TGT for local realm - * tickets are stored in a file named TKT_ROOT plus uid - * except for user.root tickets. - */ - - if (strcmp(instance, "root") != 0) - snprintf(tkt_location, sizeof(tkt_location), - "%s%u_%u", - TKT_ROOT, (unsigned)pw->pw_uid, (unsigned)getpid()); - else { - snprintf(tkt_location, sizeof(tkt_location), - "%s_root_%d", TKT_ROOT, - (unsigned)pw->pw_uid); - } - krbtkfile_env = tkt_location; - krb_set_tkt_string(tkt_location); - - /* - * Set real as well as effective ID to 0 for the moment, - * to make the kerberos library do the right thing. - */ - if (setuid(0) < 0) { - warnx("setuid"); - return (1); - } - - /* - * Get ticket - */ - kerror = multiple_get_tkt(pw->pw_name, - instance, - realm, - KRB_TICKET_GRANTING_TICKET, - realm, - DEFAULT_TKT_LIFE, - password); - - /* - * If we got a TGT, get a local "rcmd" ticket and check it so as to - * ensure that we are not talking to a bogus Kerberos server. - * - * There are 2 cases where we still allow a login: - * 1: the VERIFY_SERVICE doesn't exist in the KDC - * 2: local host has no srvtab, as (hopefully) indicated by a - * return value of RD_AP_UNDEC from krb_rd_req(). - */ - if (kerror != INTK_OK) { - if (kerror != INTK_BADPW && kerror != KDC_PR_UNKNOWN) { - syslog(LOG_ERR, "Kerberos intkt error: %s", - krb_get_err_text(kerror)); - dest_tkt(); - } - return (1); - } - - if (chown(TKT_FILE, pw->pw_uid, pw->pw_gid) < 0) - syslog(LOG_ERR, "chown tkfile (%s): %m", TKT_FILE); - - strlcpy(savehost, krb_get_phost(localhost), sizeof(savehost)); - -#ifdef KLOGIN_PARANOID - /* - * if the "VERIFY_SERVICE" doesn't exist in the KDC for this host, - * don't allow kerberos login, also log the error condition. - */ - - kerror = krb_mk_req(&ticket, VERIFY_SERVICE, savehost, realm, 33); - if (kerror == KDC_PR_UNKNOWN) { - syslog(LOG_NOTICE, - "warning: TGT not verified (%s); %s.%s not registered, or srvtab is wrong?", - krb_get_err_text(kerror), VERIFY_SERVICE, savehost); - notickets = 0; - return (1); - } - - if (kerror != KSUCCESS) { - warnx("unable to use TGT: (%s)", krb_get_err_text(kerror)); - syslog(LOG_NOTICE, "unable to use TGT: (%s)", - krb_get_err_text(kerror)); - dest_tkt(); - return (1); - } - - if (!(hp = gethostbyname(localhost))) { - syslog(LOG_ERR, "couldn't get local host address"); - dest_tkt(); - return (1); - } - - memcpy(&faddr, hp->h_addr, sizeof(faddr)); - - kerror = krb_rd_req(&ticket, VERIFY_SERVICE, savehost, faddr, - &authdata, ""); - - if (kerror == KSUCCESS) { - notickets = 0; - return (0); - } - - /* undecipherable: probably didn't have a srvtab on the local host */ - if (kerror == RD_AP_UNDEC) { - syslog(LOG_NOTICE, "krb_rd_req: (%s)\n", krb_get_err_text(kerror)); - dest_tkt(); - return (1); - } - /* failed for some other reason */ - warnx("unable to verify %s ticket: (%s)", VERIFY_SERVICE, - krb_get_err_text(kerror)); - syslog(LOG_NOTICE, "couldn't verify %s ticket: %s", VERIFY_SERVICE, - krb_get_err_text(kerror)); - dest_tkt(); - return (1); -#else - notickets = 0; - return (0); -#endif -} -#endif diff --git a/crypto/kerberosIV/appl/bsd/krcmd.c b/crypto/kerberosIV/appl/bsd/krcmd.c deleted file mode 100644 index 8c3c6f3c2172..000000000000 --- a/crypto/kerberosIV/appl/bsd/krcmd.c +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: krcmd.c,v 1.10 1997/03/30 18:20:18 joda Exp $"); - -#define SERVICE_NAME "rcmd" - -/* - * krcmd: simplified version of Athena's "kcmd" - * returns a socket attached to the destination, -1 or krb error on error - * if fd2p is non-NULL, another socket is filled in for it - */ - -int -krcmd(char **ahost, u_short rport, char *remuser, char *cmd, int *fd2p, char *realm) -{ - int sock = -1, err = 0; - KTEXT_ST ticket; - long authopts = 0L; - - err = kcmd( - &sock, - ahost, - rport, - NULL, /* locuser not used */ - remuser, - cmd, - fd2p, - &ticket, - SERVICE_NAME, - realm, - (CREDENTIALS *) NULL, /* credentials not used */ - 0, /* key schedule not used */ - (MSG_DAT *) NULL, /* MSG_DAT not used */ - (struct sockaddr_in *) NULL, /* local addr not used */ - (struct sockaddr_in *) NULL, /* foreign addr not used */ - authopts - ); - - if (err > KSUCCESS && err < MAX_KRB_ERRORS) { - warning("krcmd: %s", krb_get_err_text(err)); - return(-1); - } - if (err < 0) - return(-1); - return(sock); -} - -int -krcmd_mutual(char **ahost, u_short rport, char *remuser, char *cmd, int *fd2p, char *realm, CREDENTIALS *cred, Key_schedule sched) -{ - int sock, err; - KTEXT_ST ticket; - MSG_DAT msg_dat; - struct sockaddr_in laddr, faddr; - long authopts = KOPT_DO_MUTUAL; - - err = kcmd( - &sock, - ahost, - rport, - NULL, /* locuser not used */ - remuser, - cmd, - fd2p, - &ticket, - SERVICE_NAME, - realm, - cred, /* filled in */ - sched, /* filled in */ - &msg_dat, /* filled in */ - &laddr, /* filled in */ - &faddr, /* filled in */ - authopts - ); - - if (err > KSUCCESS && err < MAX_KRB_ERRORS) { - warnx("krcmd_mutual: %s", krb_get_err_text(err)); - return(-1); - } - - if (err < 0) - return (-1); - return(sock); -} diff --git a/crypto/kerberosIV/appl/bsd/login.c b/crypto/kerberosIV/appl/bsd/login.c deleted file mode 100644 index f2f08733df68..000000000000 --- a/crypto/kerberosIV/appl/bsd/login.c +++ /dev/null @@ -1,1118 +0,0 @@ -/*- - * Copyright (c) 1980, 1987, 1988, 1991, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * login [ name ] - * login -h hostname (for telnetd, etc.) - * login -f name (for pre-authenticated login: datakit, xterm, etc.) - */ - -#include "bsd_locl.h" -#ifdef HAVE_CAPABILITY_H -#include -#endif -#ifdef HAVE_SYS_CAPABILITY_H -#include -#endif - -RCSID("$Id: login.c,v 1.125.2.2 2000/06/23 02:33:07 assar Exp $"); - -#ifdef OTP -#include -#endif - -#include "sysv_default.h" -#ifdef SYSV_SHADOW -#include "sysv_shadow.h" -#endif - -static void badlogin (char *); -static void checknologin (void); -static void dolastlog (int); -static void getloginname (int); -static int rootterm (char *); -static char *stypeof (char *); -static RETSIGTYPE timedout (int); -static int doremotelogin (char *); -void login_fbtab (char *, uid_t, gid_t); -#ifdef KERBEROS -int klogin (struct passwd *, char *, char *, char *); -#endif - -#define TTYGRPNAME "tty" /* name of group to own ttys */ - -/* - * This bounds the time given to login. Change it in - * `/etc/default/login'. - */ - -static u_int login_timeout; - -#ifdef KERBEROS -int notickets = 1; -int noticketsdontcomplain = 1; -char *instance; -char *krbtkfile_env; -int authok; -#endif - -#ifdef HAVE_SHADOW_H -static struct spwd *spwd = NULL; -#endif - -static char *ttyprompt; - -static struct passwd *pwd; -static int failures; -static char term[64], *hostname, *username, *tty; - -static char rusername[100], lusername[100]; - -static int -change_passwd(struct passwd *who) -{ - int status; - pid_t pid; - - switch (pid = fork()) { - case -1: - warn("fork /bin/passwd"); - sleepexit(1); - case 0: - execlp("/bin/passwd", "passwd", who->pw_name, (char *) 0); - _exit(1); - default: - waitpid(pid, &status, 0); - return (status); - } -} - -#ifndef NO_MOTD /* message of the day stuff */ - -jmp_buf motdinterrupt; - -static RETSIGTYPE -sigint(int signo) -{ - longjmp(motdinterrupt, 1); -} - -static void -motd(void) -{ - int fd, nchars; - RETSIGTYPE (*oldint)(); - char tbuf[8192]; - - if ((fd = open(_PATH_MOTDFILE, O_RDONLY, 0)) < 0) - return; - oldint = signal(SIGINT, sigint); - if (setjmp(motdinterrupt) == 0) - while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) - write(fileno(stdout), tbuf, nchars); - signal(SIGINT, oldint); - close(fd); -} - -#endif /* !NO_MOTD */ - -#define AUTH_NONE 0 -#define AUTH_OTP 1 - -/* - * getpwnam and try to detect the worst form of NIS attack. - */ - -static struct passwd * -paranoid_getpwnam (char *user) -{ - struct passwd *p; - - p = k_getpwnam (user); - if (p == NULL) - return p; - if (p->pw_uid == 0 && strcmp (username, "root") != 0) { - syslog (LOG_ALERT, - "NIS attack, user %s has uid 0", username); - return NULL; - } - return p; -} - -int -main(int argc, char **argv) -{ - struct group *gr; - int ask, ch, cnt, fflag, hflag, pflag, quietlog, nomailcheck; - int rootlogin, rval; - int rflag; - int changepass = 0; - uid_t uid; - char *domain, *p, passwd[128], *ttyn; - char tbuf[MaxPathLen + 2], tname[sizeof(_PATH_TTY) + 10]; - char localhost[MaxHostNameLen]; - char full_hostname[MaxHostNameLen]; - int auth_level = AUTH_NONE; -#ifdef OTP - OtpContext otp_ctx; -#endif - int mask = 022; /* Default umask (set below) */ - int maxtrys = 5; /* Default number of allowed failed logins */ - - set_progname(argv[0]); - - openlog("login", LOG_ODELAY, LOG_AUTH); - - /* Read defaults file and set the login timeout period. */ - sysv_defaults(); - login_timeout = atoi(default_timeout); - maxtrys = atoi(default_maxtrys); - if (sscanf(default_umask, "%o", &mask) != 1 || (mask & ~0777)) - syslog(LOG_WARNING, "bad umask default: %s", default_umask); - else - umask(mask); - - signal(SIGALRM, timedout); - alarm(login_timeout); - signal(SIGQUIT, SIG_IGN); - signal(SIGINT, SIG_IGN); - setpriority(PRIO_PROCESS, 0, 0); - - /* - * -p is used by getty to tell login not to destroy the environment - * -f is used to skip a second login authentication - * -h is used by other servers to pass the name of the remote - * host to login so that it may be placed in utmp and wtmp - * -r is used by old-style rlogind to execute the autologin protocol - */ - - *full_hostname = '\0'; - domain = NULL; - if (gethostname(localhost, sizeof(localhost)) < 0) - syslog(LOG_ERR, "couldn't get local hostname: %m"); - else - domain = strchr(localhost, '.'); - - fflag = hflag = pflag = rflag = 0; - uid = getuid(); - while ((ch = getopt(argc, argv, "a:d:fh:pr:")) != -1) - switch (ch) { - case 'a': - if (strcmp (optarg, "none") == 0) - auth_level = AUTH_NONE; -#ifdef OTP - else if (strcmp (optarg, "otp") == 0) - auth_level = AUTH_OTP; -#endif - else - warnx ("bad value for -a: %s", optarg); - break; - case 'd': - break; - case 'f': - fflag = 1; - break; - case 'h': - if (rflag || hflag) { - printf("Only one of -r and -h allowed\n"); - exit(1); - } - if (uid) - errx(1, "-h option: %s", strerror(EPERM)); - hflag = 1; - strlcpy(full_hostname, - optarg, - sizeof(full_hostname)); - if (domain && (p = strchr(optarg, '.')) && - strcasecmp(p, domain) == 0) - *p = 0; - hostname = optarg; - break; - case 'p': - if (getuid()) { - warnx("-p for super-user only."); - exit(1); - } - pflag = 1; - break; - case 'r': - if (rflag || hflag) { - warnx("Only one of -r and -h allowed\n"); - exit(1); - } - if (getuid()) { - warnx("-r for super-user only."); - exit(1); - } - rflag = 1; - strlcpy(full_hostname, - optarg, - sizeof(full_hostname)); - if (domain && (p = strchr(optarg, '.')) && - strcasecmp(p, domain) == 0) - *p = 0; - hostname = optarg; - fflag = (doremotelogin(full_hostname) == 0); - break; - case '?': - default: - if (!uid) - syslog(LOG_ERR, "invalid flag %c", ch); - fprintf(stderr, - "usage: login [-fp]" -#ifdef OTP - " [-a otp]" -#endif - " [-h hostname | -r hostname] [username]\n"); - exit(1); - } - argc -= optind; - argv += optind; - - if (geteuid() != 0) { - warnx("only root may use login, use su"); - /* Or install login setuid root, which is not necessary */ - sleep(10); - exit(1); - } - /* - * Figure out if we should ask for the username or not. The name - * may be given on the command line or via the environment, and - * it may even be in the terminal input queue. - */ - if (rflag) { - username = lusername; - ask = 0; - } else - if (*argv && strchr(*argv, '=')) { - ask = 1; - } else - if (*argv && strcmp(*argv, "-") == 0) { - argc--; - argv++; - ask = 1; - } else - if (*argv) { - username = *argv; - ask = 0; - argc--; - argv++; - } else if ((ttyprompt = getenv("TTYPROMPT")) && *ttyprompt) { - getloginname(0); - ask = 0; - } else - ask = 1; - - /* Default tty settings. */ - stty_default(); - - for (cnt = getdtablesize(); cnt > 2; cnt--) - close(cnt); - - /* - * Determine the tty name. BSD takes the basename, SYSV4 takes - * whatever remains after stripping the "/dev/" prefix. The code - * below should produce sensible results in either environment. - */ - ttyn = ttyname(STDIN_FILENO); - if (ttyn == NULL || *ttyn == '\0') { - snprintf(tname, sizeof(tname), "%s??", _PATH_TTY); - ttyn = tname; - } - if ((tty = strchr(ttyn + 1, '/'))) - ++tty; - else - tty = ttyn; - - for (cnt = 0;; ask = 1) { - char prompt[128], ss[256]; - if (ask) { - fflag = 0; - getloginname(1); - } - rootlogin = 0; - rval = 1; -#ifdef KERBEROS - if ((instance = strchr(username, '.')) != NULL) { - if (strcmp(instance, ".root") == 0) - rootlogin = 1; - *instance++ = '\0'; - } else - instance = ""; -#endif - if (strlen(username) > UT_NAMESIZE) - username[UT_NAMESIZE] = '\0'; - - /* - * Note if trying multiple user names; log failures for - * previous user name, but don't bother logging one failure - * for nonexistent name (mistyped username). - */ - if (failures && strcmp(tbuf, username)) { - if (failures > (pwd ? 0 : 1)) - badlogin(tbuf); - failures = 0; - } - strlcpy(tbuf, username, sizeof(tbuf)); - - pwd = paranoid_getpwnam (username); - - /* - * if we have a valid account name, and it doesn't have a - * password, or the -f option was specified and the caller - * is root or the caller isn't changing their uid, don't - * authenticate. - */ - if (pwd) { - if (pwd->pw_uid == 0) - rootlogin = 1; - - if (fflag && (uid == 0 || uid == pwd->pw_uid)) { - /* already authenticated */ - break; - } else if (pwd->pw_passwd[0] == '\0') { - /* pretend password okay */ - rval = 0; - goto ttycheck; - } - } - - fflag = 0; - - setpriority(PRIO_PROCESS, 0, -4); - -#ifdef OTP - if (otp_challenge (&otp_ctx, username, - ss, sizeof(ss)) == 0) - snprintf (prompt, sizeof(prompt), "%s's %s Password: ", - username, ss); - else -#endif - { - if (auth_level == AUTH_NONE) - snprintf(prompt, sizeof(prompt), "%s's Password: ", - username); - else { - char *s; - - rval = 1; -#ifdef OTP - s = otp_error(&otp_ctx); - if(s) - printf ("OTP: %s\n", s); -#endif - continue; - } - } - - if (des_read_pw_string (passwd, sizeof(passwd) - 1, prompt, 0)) - continue; - passwd[sizeof(passwd) - 1] = '\0'; - - /* Verify it somehow */ - -#ifdef OTP - if (otp_verify_user (&otp_ctx, passwd) == 0) - rval = 0; - else -#endif - if (pwd == NULL) - ; - else if (auth_level == AUTH_NONE) { - uid_t pwd_uid = pwd->pw_uid; - - rval = unix_verify_user (username, passwd); - - if (rval == 0) - { - if (rootlogin && pwd_uid != 0) - rootlogin = 0; - } - else - { - rval = klogin(pwd, instance, localhost, passwd); - if (rval != 0 && rootlogin && pwd_uid != 0) - rootlogin = 0; - if (rval == 0) - authok = 1; - } - } else { - char *s; - - rval = 1; -#ifdef OTP - if ((s = otp_error(&otp_ctx))) - printf ("OTP: %s\n", s); -#endif - } - - memset (passwd, 0, sizeof(passwd)); - setpriority (PRIO_PROCESS, 0, 0); - - /* - * Santa Claus, give me a portable and reentrant getpwnam. - */ - pwd = paranoid_getpwnam (username); - - ttycheck: - /* - * If trying to log in as root without Kerberos, - * but with insecure terminal, refuse the login attempt. - */ -#ifdef KERBEROS - if (authok == 0) -#endif - if (pwd && !rval && rootlogin && !rootterm(tty) - && !rootterm(ttyn)) { - warnx("%s login refused on this terminal.", - pwd->pw_name); - if (hostname) - syslog(LOG_NOTICE, - "LOGIN %s REFUSED FROM %s ON TTY %s", - pwd->pw_name, hostname, tty); - else - syslog(LOG_NOTICE, - "LOGIN %s REFUSED ON TTY %s", - pwd->pw_name, tty); - continue; - } - - if (rval == 0) - break; - - printf("Login incorrect\n"); - failures++; - - /* max number of attemps and delays taken from defaults file */ - /* we allow maxtrys tries, but after 2 we start backing off */ - if (++cnt > 2) { - if (cnt >= maxtrys) { - badlogin(username); - sleepexit(1); - } - sleep((u_int)((cnt - 2) * atoi(default_sleep))); - } - } - - /* committed to login -- turn off timeout */ - alarm(0); - - endpwent(); - -#if defined(HAVE_GETUDBNAM) && defined(HAVE_SETLIM) - { - struct udb *udb; - long t; - const long maxcpu = 46116860184; /* some random constant */ - - if(setjob(pwd->pw_uid, 0) < 0) - warn("setjob"); - - udb = getudbnam(pwd->pw_name); - if(udb == UDB_NULL) - errx(1, "Failed to get UDB entry."); - - /* per process cpu limit */ - t = udb->ue_pcpulim[UDBRC_INTER]; - if(t == 0 || t > maxcpu) - t = CPUUNLIM; - else - t *= CLK_TCK; - - if(limit(C_PROC, 0, L_CPU, t) < 0) - warn("limit process cpu"); - - /* per process memory limit */ - if(limit(C_PROC, 0, L_MEM, udb->ue_pmemlim[UDBRC_INTER]) < 0) - warn("limit process memory"); - - /* per job cpu limit */ - t = udb->ue_jcpulim[UDBRC_INTER]; - if(t == 0 || t > maxcpu) - t = CPUUNLIM; - else - t *= CLK_TCK; - - if(limit(C_JOB, 0, L_CPU, t) < 0) - warn("limit job cpu"); - - /* per job processor limit */ - if(limit(C_JOB, 0, L_CPROC, udb->ue_jproclim[UDBRC_INTER]) < 0) - warn("limit job processors"); - - /* per job memory limit */ - if(limit(C_JOB, 0, L_MEM, udb->ue_jmemlim[UDBRC_INTER]) < 0) - warn("limit job memory"); - - nice(udb->ue_nice[UDBRC_INTER]); - } -#endif - /* if user not super-user, check for disabled logins */ - if (!rootlogin) - checknologin(); - - if (chdir(pwd->pw_dir) < 0) { - printf("No home directory %s!\n", pwd->pw_dir); - if (chdir("/")) - exit(0); - pwd->pw_dir = "/"; - printf("Logging in with home = \"/\".\n"); - } - - quietlog = access(_PATH_HUSHLOGIN, F_OK) == 0; - nomailcheck = access(_PATH_NOMAILCHECK, F_OK) == 0; - -#if defined(HAVE_PASSWD_CHANGE) && defined(HAVE_PASSWD_EXPIRE) - if (pwd->pw_change || pwd->pw_expire) - gettimeofday(&tp, (struct timezone *)NULL); - - if (pwd->pw_change) { - time_t t; - - if (tp.tv_sec >= pwd->pw_change) { - printf("Sorry -- your password has expired.\n"); - changepass=1; - } else if (pwd->pw_change - tp.tv_sec < - 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) { - t = pwd->pw_change; - printf("Warning: your password expires on %s", - ctime(&t)); - } - if (pwd->pw_expire) - if (tp.tv_sec >= pwd->pw_expire) { - printf("Sorry -- your account has expired.\n"); - sleepexit(1); - } else if (pwd->pw_expire - tp.tv_sec < - 2 * DAYSPERWEEK * SECSPERDAY && !quietlog) { - t = pwd->pw_expire; - printf("Warning: your account expires on %s", - ctime(&t)); - } -#endif /* defined(HAVE_PASSWD_CHANGE) && defined(HAVE_PASSWD_EXPIRE) */ - - /* Nothing else left to fail -- really log in. */ - - /* - * Update the utmp files, both BSD and SYSV style. - */ - if (utmpx_login(tty, username, hostname ? hostname : "") != 0 - && !fflag) { - printf("No utmpx entry. You must exec \"login\" from the lowest level \"sh\".\n"); - sleepexit(0); - } - utmp_login(ttyn, username, hostname ? hostname : ""); - dolastlog(quietlog); - - /* - * Set device protections, depending on what terminal the - * user is logged in. This feature is used on Suns to give - * console users better privacy. - */ - login_fbtab(tty, pwd->pw_uid, pwd->pw_gid); - - if (chown(ttyn, pwd->pw_uid, - (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid) < 0) - err(1, "chown tty failed"); - if (chmod(ttyn, S_IRUSR | S_IWUSR | S_IWGRP) < 0) - err(1, "chmod tty failed"); - setgid(pwd->pw_gid); - - initgroups(username, pwd->pw_gid); - - if (*pwd->pw_shell == '\0') - pwd->pw_shell = _PATH_BSHELL; - - /* - * Set up a new environment. With SYSV, some variables are always - * preserved; some varables are never preserved, and some variables - * are always clobbered. With BSD, nothing is always preserved, and - * some variables are always clobbered. We add code to make sure - * that LD_* and IFS are never preserved. - */ - if (term[0] == '\0') - strlcpy(term, stypeof(tty), sizeof(term)); - /* set up a somewhat censored environment. */ - sysv_newenv(argc, argv, pwd, term, pflag); -#ifdef KERBEROS - if (krbtkfile_env) - setenv("KRBTKFILE", krbtkfile_env, 1); -#endif - - if (tty[sizeof("tty")-1] == 'd') - syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name); - - /* If fflag is on, assume caller/authenticator has logged root login. */ - if (rootlogin && fflag == 0) { - if (hostname) - syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s", - username, tty, hostname); - else - syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty); - } - -#ifdef KERBEROS - if (!quietlog && notickets == 1 && !noticketsdontcomplain) - printf("Warning: no Kerberos tickets issued.\n"); -#endif - -#ifdef LOGALL - /* - * Syslog each successful login, so we don't have to watch hundreds - * of wtmp or lastlogin files. - */ - if (hostname) { - syslog(LOG_INFO, "login from %s as %s", hostname, pwd->pw_name); - } else { - syslog(LOG_INFO, "login on %s as %s", tty, pwd->pw_name); - } -#endif - -#ifndef NO_MOTD - /* - * Optionally show the message of the day. System V login leaves - * motd and mail stuff up to the shell startup file. - */ - if (!quietlog) { - struct stat st; -#if 0 - printf("%s\n\t%s %s\n\n", - "Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994", - "The Regents of the University of California. ", - "All rights reserved."); -#endif - motd(); - if(!nomailcheck){ - snprintf(tbuf, sizeof(tbuf), "%s/%s", _PATH_MAILDIR, pwd->pw_name); - if (stat(tbuf, &st) == 0 && st.st_size != 0) - printf("You have %smail.\n", - (st.st_mtime > st.st_atime) ? "new " : ""); - } - } -#endif /* NO_MOTD */ - -#ifdef LOGIN_ACCESS - if (login_access(pwd, hostname ? full_hostname : tty) == 0) { - printf("Permission denied\n"); - if (hostname) - syslog(LOG_NOTICE, "%s LOGIN REFUSED FROM %s", - pwd->pw_name, hostname); - else - syslog(LOG_NOTICE, "%s LOGIN REFUSED ON %s", - pwd->pw_name, tty); - sleepexit(1); - } -#endif - - signal(SIGALRM, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - signal(SIGINT, SIG_DFL); -#ifdef SIGTSTP - signal(SIGTSTP, SIG_IGN); -#endif - - p = strrchr(pwd->pw_shell, '/'); - snprintf (tbuf, sizeof(tbuf), "-%s", p ? p + 1 : pwd->pw_shell); - -#ifdef HAVE_SETLOGIN - if (setlogin(pwd->pw_name) < 0) - syslog(LOG_ERR, "setlogin() failure: %m"); -#endif - -#ifdef HAVE_SETPCRED - if (setpcred (pwd->pw_name, NULL) == -1) - syslog(LOG_ERR, "setpcred() failure: %m"); -#endif /* HAVE_SETPCRED */ - -#if defined(SYSV_SHADOW) && defined(HAVE_GETSPNAM) - spwd = getspnam (username); - endspent (); -#endif - /* perhaps work some magic */ - if(do_osfc2_magic(pwd->pw_uid)) - sleepexit(1); -#if defined(HAVE_SGI_GETCAPABILITYBYNAME) && defined(HAVE_CAP_SET_PROC) - /* XXX SGI capability hack IRIX 6.x (x >= 0?) has something - called capabilities, that allow you to give away - permissions (such as chown) to specific processes. From 6.5 - this is default on, and the default capability set seems to - not always be the empty set. The problem is that the - runtime linker refuses to do just about anything if the - process has *any* capabilities set, so we have to remove - them here (unless otherwise instructed by /etc/capability). - In IRIX < 6.5, these functions was called sgi_cap_setproc, - etc, but we ignore this fact (it works anyway). */ - { - struct user_cap *ucap = sgi_getcapabilitybyname(pwd->pw_name); - cap_t cap; - if(ucap == NULL) - cap = cap_from_text("all="); - else - cap = cap_from_text(ucap->ca_default); - if(cap == NULL) - err(1, "cap_from_text"); - if(cap_set_proc(cap) < 0) - err(1, "cap_set_proc"); - cap_free(cap); - free(ucap); - } -#endif - /* Discard permissions last so can't get killed and drop core. */ - { - int uid = rootlogin ? 0 : pwd->pw_uid; - if(setuid(uid) != 0){ - warn("setuid(%d)", uid); - if(!rootlogin) - exit(1); - } - if (uid != 0 && setuid(0) != -1) { - syslog(LOG_ALERT | LOG_AUTH, - "Failed to drop privileges for user %d", uid); - errx(1, "Sorry"); - } - } - - - /* - * After dropping privileges and after cleaning up the environment, - * optionally run, as the user, /bin/passwd. - */ - - if (pwd->pw_passwd[0] == 0 && - strcasecmp(default_passreq, "YES") == 0) { - printf("You don't have a password. Choose one.\n"); - if (change_passwd(pwd)) - sleepexit(0); - changepass = 0; - } - -#ifdef SYSV_SHADOW - if (spwd && sysv_expire(spwd)) { - if (change_passwd(pwd)) - sleepexit(0); - changepass = 0; - } -#endif /* SYSV_SHADOW */ - if (changepass) { - int res; - if ((res=system(_PATH_CHPASS))) - sleepexit(1); - } - - if (k_hasafs()) { - char cell[64]; -#ifdef _AIX - /* XXX this is a fix for a bug in AFS for AIX 4.3, w/o - this hack the kernel crashes on the following - pioctl... */ - char *pw_dir = strdup(pwd->pw_dir); -#else - char *pw_dir = pwd->pw_dir; -#endif - k_setpag(); - if(k_afs_cell_of_file(pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog(0, 0); - } - - execlp(pwd->pw_shell, tbuf, 0); - if (getuid() == 0) { - warnx("Can't exec %s, trying %s\n", - pwd->pw_shell, _PATH_BSHELL); - execlp(_PATH_BSHELL, tbuf, 0); - err(1, "%s", _PATH_BSHELL); - } - err(1, "%s", pwd->pw_shell); - return 1; -} - -#ifdef KERBEROS -#define NBUFSIZ (UT_NAMESIZE + 1 + 5) /* .root suffix */ -#else -#define NBUFSIZ (UT_NAMESIZE + 1) -#endif - -static void -getloginname(int prompt) -{ - int ch; - char *p; - static char nbuf[NBUFSIZ]; - - for (;;) { - if (prompt) { - if (ttyprompt && *ttyprompt) - printf("%s", ttyprompt); - else - printf("login: "); - } - prompt = 1; - for (p = nbuf; (ch = getchar()) != '\n'; ) { - if (ch == EOF) { - badlogin(username); - exit(0); - } - if (p < nbuf + (NBUFSIZ - 1)) - *p++ = ch; - } - if (p > nbuf) { - if (nbuf[0] == '-') - warnx("login names may not start with '-'."); - else { - *p = '\0'; - username = nbuf; - break; - } - } - } -} - -static int -find_in_etc_securetty (char *ttyn) -{ - FILE *f; - char buf[128]; - int ret = 0; - - f = fopen (_PATH_ETC_SECURETTY, "r"); - if (f == NULL) - return 0; - while (fgets(buf, sizeof(buf), f) != NULL) { - if(buf[strlen(buf) - 1] == '\n') - buf[strlen(buf) - 1] = '\0'; - if (strcmp (buf, ttyn) == 0) { - ret = 1; - break; - } - } - fclose(f); - return ret; -} - -static int -rootterm(char *ttyn) -{ -#ifdef HAVE_TTYENT_H - { - struct ttyent *t; - - t = getttynam (ttyn); - if (t && t->ty_status & TTY_SECURE) - return 1; - } -#endif - if (find_in_etc_securetty(ttyn)) - return 1; - if (default_console == 0 || strcmp(default_console, ttyn) == 0) - return 1; - return 0; -} - -static RETSIGTYPE -timedout(int signo) -{ - fprintf(stderr, "Login timed out after %d seconds\n", - login_timeout); - exit(0); -} - -static void -checknologin(void) -{ - int fd, nchars; - char tbuf[8192]; - - if ((fd = open(_PATH_NOLOGIN, O_RDONLY, 0)) >= 0) { - while ((nchars = read(fd, tbuf, sizeof(tbuf))) > 0) - write(fileno(stdout), tbuf, nchars); - sleepexit(0); - } -} - -static void -dolastlog(int quiet) -{ -#if defined(HAVE_LASTLOG_H) || defined(HAVE_LOGIN_H) - struct lastlog ll; - int fd; - time_t t; - - if ((fd = open(_PATH_LASTLOG, O_RDWR, 0)) >= 0) { - lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET); -#ifdef SYSV_SHADOW - if (read(fd, &ll, sizeof(ll)) == sizeof(ll) && - ll.ll_time != 0) { - if (pwd->pw_uid && spwd && spwd->sp_inact > 0 - && ll.ll_time / (24 * 60 * 60) - + spwd->sp_inact < time(0)) { - printf("Your account has been inactive too long.\n"); - sleepexit(1); - } - if (!quiet) { - t = ll.ll_time; - printf("Last login: %.*s ", 24-5, ctime(&t)); - if (*ll.ll_host != '\0') { - printf("from %.*s\n", - (int)sizeof(ll.ll_host), - ll.ll_host); - } else - printf("on %.*s\n", - (int)sizeof(ll.ll_line), - ll.ll_line); - } - } - lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET); -#else /* SYSV_SHADOW */ - if (!quiet) { - if (read(fd, &ll, sizeof(ll)) == sizeof(ll) && - ll.ll_time != 0) { - t = ll.ll_time; - printf("Last login: %.*s ", 24-5, ctime(&t)); - if (*ll.ll_host != '\0') - printf("from %.*s\n", - (int)sizeof(ll.ll_host), - ll.ll_host); - else - printf("on %.*s\n", - (int)sizeof(ll.ll_line), - ll.ll_line); - } - lseek(fd, (off_t)pwd->pw_uid * sizeof(ll), SEEK_SET); - } -#endif /* SYSV_SHADOW */ - memset(&ll, 0, sizeof(ll)); - ll.ll_time = time(NULL); - strncpy(ll.ll_line, tty, sizeof(ll.ll_line)); - if (hostname) - strncpy(ll.ll_host, hostname, sizeof(ll.ll_host)); - write(fd, &ll, sizeof(ll)); - close(fd); - } -#endif /* DOLASTLOG */ -} - -static void -badlogin(char *name) -{ - - if (failures == 0) - return; - if (hostname) { - syslog(LOG_NOTICE, "%d LOGIN FAILURE%s FROM %s", - failures, failures > 1 ? "S" : "", hostname); - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "%d LOGIN FAILURE%s FROM %s, %s", - failures, failures > 1 ? "S" : "", hostname, name); - } else { - syslog(LOG_NOTICE, "%d LOGIN FAILURE%s ON %s", - failures, failures > 1 ? "S" : "", tty); - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "%d LOGIN FAILURE%s ON %s, %s", - failures, failures > 1 ? "S" : "", tty, name); - } -} - -#undef UNKNOWN -#define UNKNOWN "su" - -static char * -stypeof(char *ttyid) -{ - /* TERM is probably a better guess than anything else. */ - char *term = getenv("TERM"); - - if (term != 0 && term[0] != 0) - return term; - - { -#ifndef HAVE_TTYENT_H - return UNKNOWN; -#else - struct ttyent *t; - return (ttyid && (t = getttynam(ttyid)) ? t->ty_type : UNKNOWN); -#endif - } -} - -static void -xgetstr(char *buf, int cnt, char *err) -{ - char ch; - - do { - if (read(0, &ch, sizeof(ch)) != sizeof(ch)) - exit(1); - if (--cnt < 0) { - fprintf(stderr, "%s too long\r\n", err); - sleepexit(1); - } - *buf++ = ch; - } while (ch); -} - -/* - * Some old rlogind's unknowingly pass remuser, locuser and - * terminal_type/speed so we need to take care of that part of the - * protocol here. Also, we can't make a getpeername(2) on the socket - * so we have to trust that rlogind resolved the name correctly. - */ - -static int -doremotelogin(char *host) -{ - int code; - char *cp; - - xgetstr(rusername, sizeof (rusername), "remuser"); - xgetstr(lusername, sizeof (lusername), "locuser"); - xgetstr(term, sizeof(term), "Terminal type"); - cp = strchr(term, '/'); - if (cp != 0) - *cp = 0; /* For now ignore speed/bg */ - pwd = k_getpwnam(lusername); - if (pwd == NULL) - return(-1); - code = ruserok(host, (pwd->pw_uid == 0), rusername, lusername); - if (code == 0) - syslog(LOG_NOTICE, - "Warning: An old rlogind accepted login probably from host %s", - host); - return(code); -} - -void -sleepexit(int eval) -{ - - sleep(5); - exit(eval); -} diff --git a/crypto/kerberosIV/appl/bsd/login_access.c b/crypto/kerberosIV/appl/bsd/login_access.c deleted file mode 100644 index 7b79dc8295fd..000000000000 --- a/crypto/kerberosIV/appl/bsd/login_access.c +++ /dev/null @@ -1,264 +0,0 @@ - /* - * This module implements a simple but effective form of login access - * control based on login names and on host (or domain) names, internet - * addresses (or network numbers), or on terminal line names in case of - * non-networked logins. Diagnostics are reported through syslog(3). - * - * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. - */ - -#include "bsd_locl.h" - -RCSID("$Id: login_access.c,v 1.19 1999/05/14 22:02:14 assar Exp $"); - -#ifdef LOGIN_ACCESS - - /* Delimiters for fields and for lists of users, ttys or hosts. */ - -static char fs[] = ":"; /* field separator */ -static char sep[] = ", \t"; /* list-element separator */ - - /* Constants to be used in assignments only, not in comparisons... */ - -#define YES 1 -#define NO 0 - - /* - * A structure to bundle up all login-related information to keep the - * functional interfaces as generic as possible. - */ -struct login_info { - struct passwd *user; - char *from; -}; - -static int list_match(char *list, struct login_info *item, - int (*match_fn)(char *, struct login_info *)); -static int user_match(char *tok, struct login_info *item); -static int from_match(char *tok, struct login_info *item); -static int string_match(char *tok, char *string); - -/* login_access - match username/group and host/tty with access control file */ - -int login_access(struct passwd *user, char *from) -{ - struct login_info item; - FILE *fp; - char line[BUFSIZ]; - char *perm; /* becomes permission field */ - char *users; /* becomes list of login names */ - char *froms; /* becomes list of terminals or hosts */ - int match = NO; - int end; - int lineno = 0; /* for diagnostics */ - char *foo; - - /* - * Bundle up the arguments to avoid unnecessary clumsiness lateron. - */ - item.user = user; - item.from = from; - - /* - * Process the table one line at a time and stop at the first match. - * Blank lines and lines that begin with a '#' character are ignored. - * Non-comment lines are broken at the ':' character. All fields are - * mandatory. The first field should be a "+" or "-" character. A - * non-existing table means no access control. - */ - - if ((fp = fopen(_PATH_LOGACCESS, "r")) != 0) { - while (!match && fgets(line, sizeof(line), fp)) { - lineno++; - if (line[end = strlen(line) - 1] != '\n') { - syslog(LOG_ERR, "%s: line %d: missing newline or line too long", - _PATH_LOGACCESS, lineno); - continue; - } - if (line[0] == '#') - continue; /* comment line */ - while (end > 0 && isspace((unsigned char)line[end - 1])) - end--; - line[end] = 0; /* strip trailing whitespace */ - if (line[0] == 0) /* skip blank lines */ - continue; - foo = NULL; - if (!(perm = strtok_r(line, fs, &foo)) - || !(users = strtok_r(NULL, fs, &foo)) - || !(froms = strtok_r(NULL, fs, &foo)) - || strtok_r(NULL, fs, &foo)) { - syslog(LOG_ERR, "%s: line %d: bad field count", - _PATH_LOGACCESS, - lineno); - continue; - } - if (perm[0] != '+' && perm[0] != '-') { - syslog(LOG_ERR, "%s: line %d: bad first field", - _PATH_LOGACCESS, - lineno); - continue; - } - match = (list_match(froms, &item, from_match) - && list_match(users, &item, user_match)); - } - fclose(fp); - } else if (errno != ENOENT) { - syslog(LOG_ERR, "cannot open %s: %m", _PATH_LOGACCESS); - } - return (match == 0 || (line[0] == '+')); -} - -/* list_match - match an item against a list of tokens with exceptions */ - -static int -list_match(char *list, - struct login_info *item, - int (*match_fn)(char *, struct login_info *)) -{ - char *tok; - int match = NO; - char *foo = NULL; - - /* - * Process tokens one at a time. We have exhausted all possible matches - * when we reach an "EXCEPT" token or the end of the list. If we do find - * a match, look for an "EXCEPT" list and recurse to determine whether - * the match is affected by any exceptions. - */ - - for (tok = strtok_r(list, sep, &foo); - tok != NULL; - tok = strtok_r(NULL, sep, &foo)) { - if (strcasecmp(tok, "EXCEPT") == 0) /* EXCEPT: give up */ - break; - if ((match = (*match_fn) (tok, item)) != 0) /* YES */ - break; - } - /* Process exceptions to matches. */ - - if (match != NO) { - while ((tok = strtok_r(NULL, sep, &foo)) && strcasecmp(tok, "EXCEPT")) - /* VOID */ ; - if (tok == 0 || list_match(NULL, item, match_fn) == NO) - return (match); - } - return (NO); -} - -/* myhostname - figure out local machine name */ - -static char *myhostname(void) -{ - static char name[MAXHOSTNAMELEN + 1] = ""; - - if (name[0] == 0) { - gethostname(name, sizeof(name)); - name[MAXHOSTNAMELEN] = 0; - } - return (name); -} - -/* netgroup_match - match group against machine or user */ - -static int netgroup_match(char *group, char *machine, char *user) -{ -#ifdef HAVE_YP_GET_DEFAULT_DOMAIN - static char *mydomain = 0; - - if (mydomain == 0) - yp_get_default_domain(&mydomain); - return (innetgr(group, machine, user, mydomain)); -#else - syslog(LOG_ERR, "NIS netgroup support not configured"); - return 0; -#endif -} - -/* user_match - match a username against one token */ - -static int user_match(char *tok, struct login_info *item) -{ - char *string = item->user->pw_name; - struct login_info fake_item; - struct group *group; - int i; - char *at; - - /* - * If a token has the magic value "ALL" the match always succeeds. - * Otherwise, return YES if the token fully matches the username, if the - * token is a group that contains the username, or if the token is the - * name of the user's primary group. - */ - - if ((at = strchr(tok + 1, '@')) != 0) { /* split user@host pattern */ - *at = 0; - fake_item.from = myhostname(); - return (user_match(tok, item) && from_match(at + 1, &fake_item)); - } else if (tok[0] == '@') { /* netgroup */ - return (netgroup_match(tok + 1, (char *) 0, string)); - } else if (string_match(tok, string)) { /* ALL or exact match */ - return (YES); - } else if ((group = getgrnam(tok)) != 0) { /* try group membership */ - if (item->user->pw_gid == group->gr_gid) - return (YES); - for (i = 0; group->gr_mem[i]; i++) - if (strcasecmp(string, group->gr_mem[i]) == 0) - return (YES); - } - return (NO); -} - -/* from_match - match a host or tty against a list of tokens */ - -static int from_match(char *tok, struct login_info *item) -{ - char *string = item->from; - int tok_len; - int str_len; - - /* - * If a token has the magic value "ALL" the match always succeeds. Return - * YES if the token fully matches the string. If the token is a domain - * name, return YES if it matches the last fields of the string. If the - * token has the magic value "LOCAL", return YES if the string does not - * contain a "." character. If the token is a network number, return YES - * if it matches the head of the string. - */ - - if (tok[0] == '@') { /* netgroup */ - return (netgroup_match(tok + 1, string, (char *) 0)); - } else if (string_match(tok, string)) { /* ALL or exact match */ - return (YES); - } else if (tok[0] == '.') { /* domain: match last fields */ - if ((str_len = strlen(string)) > (tok_len = strlen(tok)) - && strcasecmp(tok, string + str_len - tok_len) == 0) - return (YES); - } else if (strcasecmp(tok, "LOCAL") == 0) { /* local: no dots */ - if (strchr(string, '.') == 0) - return (YES); - } else if (tok[(tok_len = strlen(tok)) - 1] == '.' /* network */ - && strncmp(tok, string, tok_len) == 0) { - return (YES); - } - return (NO); -} - -/* string_match - match a string against one token */ - -static int string_match(char *tok, char *string) -{ - - /* - * If the token has the magic value "ALL" the match always succeeds. - * Otherwise, return YES if the token fully matches the string. - */ - - if (strcasecmp(tok, "ALL") == 0) { /* all: always matches */ - return (YES); - } else if (strcasecmp(tok, string) == 0) { /* try exact match */ - return (YES); - } - return (NO); -} -#endif /* LOGIN_ACCES */ diff --git a/crypto/kerberosIV/appl/bsd/login_fbtab.c b/crypto/kerberosIV/appl/bsd/login_fbtab.c deleted file mode 100644 index 3aa5e4cfd360..000000000000 --- a/crypto/kerberosIV/appl/bsd/login_fbtab.c +++ /dev/null @@ -1,154 +0,0 @@ -/************************************************************************ -* Copyright 1995 by Wietse Venema. All rights reserved. -* -* This material was originally written and compiled by Wietse Venema at -* Eindhoven University of Technology, The Netherlands, in 1990, 1991, -* 1992, 1993, 1994 and 1995. -* -* Redistribution and use in source and binary forms are permitted -* provided that this entire copyright notice is duplicated in all such -* copies. -* -* This software is provided "as is" and without any expressed or implied -* warranties, including, without limitation, the implied warranties of -* merchantibility and fitness for any particular purpose. -************************************************************************/ -/* - SYNOPSIS - void login_fbtab(tty, uid, gid) - char *tty; - uid_t uid; - gid_t gid; - - DESCRIPTION - This module implements device security as described in the - SunOS 4.1.x fbtab(5) and SunOS 5.x logindevperm(4) manual - pages. The program first looks for /etc/fbtab. If that file - cannot be opened it attempts to process /etc/logindevperm. - We expect entries with the folowing format: - - Comments start with a # and extend to the end of the line. - - Blank lines or lines with only a comment are ignored. - - All other lines consist of three fields delimited by - whitespace: a login device (/dev/console), an octal - permission number (0600), and a ":"-delimited list of - devices (/dev/kbd:/dev/mouse). All device names are - absolute paths. A path that ends in "/*" refers to all - directory entries except "." and "..". - - If the tty argument (relative path) matches a login device - name (absolute path), the permissions of the devices in the - ":"-delimited list are set as specified in the second - field, and their ownership is changed to that of the uid - and gid arguments. - - DIAGNOSTICS - Problems are reported via the syslog daemon with severity - LOG_ERR. - - BUGS - - AUTHOR - Wietse Venema (wietse@wzv.win.tue.nl) - Eindhoven University of Technology - The Netherlands - */ - -#include "bsd_locl.h" - -RCSID("$Id: login_fbtab.c,v 1.14 1999/09/16 20:37:24 assar Exp $"); - -void login_protect (char *, char *, int, uid_t, gid_t); -void login_fbtab (char *tty, uid_t uid, gid_t gid); - -#define WSPACE " \t\n" - -/* login_fbtab - apply protections specified in /etc/fbtab or logindevperm */ - -void -login_fbtab(char *tty, uid_t uid, gid_t gid) -{ - FILE *fp; - char buf[BUFSIZ]; - char *devname; - char *cp; - int prot; - char *table; - char *foo; - - if ((fp = fopen(table = _PATH_FBTAB, "r")) == 0 - && (fp = fopen(table = _PATH_LOGINDEVPERM, "r")) == 0) - return; - - while (fgets(buf, sizeof(buf), fp)) { - if ((cp = strchr(buf, '#')) != 0) - *cp = 0; /* strip comment */ - foo = NULL; - if ((cp = devname = strtok_r(buf, WSPACE, &foo)) == 0) - continue; /* empty or comment */ - if (strncmp(devname, "/dev/", 5) != 0 - || (cp = strtok_r(NULL, WSPACE, &foo)) == 0 - || *cp != '0' - || sscanf(cp, "%o", &prot) == 0 - || prot == 0 - || (prot & 0777) != prot - || (cp = strtok_r(NULL, WSPACE, &foo)) == 0) { - syslog(LOG_ERR, "%s: bad entry: %s", table, cp ? cp : "(null)"); - continue; - } - if (strcmp(devname + 5, tty) == 0) { - foo = NULL; - for (cp = strtok_r(cp, ":", &foo); - cp; - cp = strtok_r(NULL, ":", &foo)) { - login_protect(table, cp, prot, uid, gid); - } - } - } - fclose(fp); -} - -/* login_protect - protect one device entry */ - -void -login_protect(char *table, char *path, int mask, uid_t uid, gid_t gid) -{ - char buf[BUFSIZ]; - int pathlen = strlen(path); - struct dirent *ent; - DIR *dir; - - if (strcmp("/*", path + pathlen - 2) != 0) { - if (chmod(path, mask) && errno != ENOENT) - syslog(LOG_ERR, "%s: chmod(%s): %m", table, path); - if (chown(path, uid, gid) && errno != ENOENT) - syslog(LOG_ERR, "%s: chown(%s): %m", table, path); - } else { - strlcpy (buf, path, sizeof(buf)); - if (sizeof(buf) > pathlen) - buf[pathlen - 2] = '\0'; - /* Solaris evidently operates on the directory as well */ - login_protect(table, buf, mask | ((mask & 0444) >> 2), uid, gid); - if ((dir = opendir(buf)) == 0) { - syslog(LOG_ERR, "%s: opendir(%s): %m", table, path); - } else { - if (sizeof(buf) > pathlen) { - buf[pathlen - 2] = '/'; - buf[pathlen - 1] = '\0'; - } - - while ((ent = readdir(dir)) != 0) { - if (strcmp(ent->d_name, ".") != 0 - && strcmp(ent->d_name, "..") != 0) { - strlcpy (buf + pathlen - 1, - ent->d_name, - sizeof(buf) - (pathlen + 1)); - login_protect(table, buf, mask, uid, gid); - } - } - closedir(dir); - } - } -} diff --git a/crypto/kerberosIV/appl/bsd/osfc2.c b/crypto/kerberosIV/appl/bsd/osfc2.c deleted file mode 100644 index fbfd742e9224..000000000000 --- a/crypto/kerberosIV/appl/bsd/osfc2.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" -RCSID("$Id: osfc2.c,v 1.2 1999/12/02 16:58:28 joda Exp $"); - -int -do_osfc2_magic(uid_t uid) -{ -#ifdef HAVE_OSFC2 - struct es_passwd *epw; - char *argv[2]; - - /* fake */ - argv[0] = (char*)__progname; - argv[1] = NULL; - set_auth_parameters(1, argv); - - epw = getespwuid(uid); - if(epw == NULL) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "getespwuid failed for %d", uid); - printf("Sorry.\n"); - return 1; - } - /* We don't check for auto-retired, foo-retired, - bar-retired, or any other kind of retired accounts - here; neither do we check for time-locked accounts, or - any other kind of serious C2 mumbo-jumbo. We do, - however, call setluid, since failing to do so it not - very good (take my word for it). */ - - if(!epw->uflg->fg_uid) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "attempted login by %s (has no uid)", epw->ufld->fd_name); - printf("Sorry.\n"); - return 1; - } - setluid(epw->ufld->fd_uid); - if(getluid() != epw->ufld->fd_uid) { - syslog(LOG_AUTHPRIV|LOG_NOTICE, - "failed to set LUID for %s (%d)", - epw->ufld->fd_name, epw->ufld->fd_uid); - printf("Sorry.\n"); - return 1; - } -#endif /* HAVE_OSFC2 */ - return 0; -} diff --git a/crypto/kerberosIV/appl/bsd/pathnames.h b/crypto/kerberosIV/appl/bsd/pathnames.h deleted file mode 100644 index da23dbe43a4f..000000000000 --- a/crypto/kerberosIV/appl/bsd/pathnames.h +++ /dev/null @@ -1 +0,0 @@ -/* $FreeBSD$ */ diff --git a/crypto/kerberosIV/appl/bsd/pathnames.h_ b/crypto/kerberosIV/appl/bsd/pathnames.h_ deleted file mode 100644 index 6db8f682c9ee..000000000000 --- a/crypto/kerberosIV/appl/bsd/pathnames.h_ +++ /dev/null @@ -1,201 +0,0 @@ -/* - * Copyright (c) 1989 The Regents of the University of California. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * from: @(#)pathnames.h 5.2 (Berkeley) 4/9/90 - * $Id: pathnames.h,v 1.25 1998/02/03 23:29:30 assar Exp $ - * $FreeBSD$ - */ - -/******* First fix default path, we stick to _PATH_DEFPATH everywhere */ - -#if !defined(_PATH_DEFPATH) && defined(_PATH_USERPATH) -#define _PATH_DEFPATH _PATH_USERPATH -#endif - -#if defined(_PATH_DEFPATH) && !defined(_DEF_PATH) -#define _DEF_PATH _PATH_DEFPATH -#endif - -#if !defined(_PATH_DEFPATH) && defined(_DEF_PATH) -#define _PATH_DEFPATH _DEF_PATH -#endif - -#ifndef _PATH_DEFPATH -#define _PATH_DEFPATH "/usr/ucb:/usr/bin:/bin" -#define _DEF_PATH _PATH_DEFPATH -#endif /* !_PATH_DEFPATH */ - -#ifndef _PATH_DEFSUPATH -#define _PATH_DEFSUPATH "/usr/sbin:" _DEF_PATH -#endif /* _PATH_DEFSUPATH */ - -/******* Default PATH fixed! */ - -#undef _PATH_RLOGIN /* Redifine rlogin */ -#define _PATH_RLOGIN BINDIR "/rlogin" - -#undef _PATH_RSH /* Redifine rsh */ -#define _PATH_RSH BINDIR "/rsh" - -#undef _PATH_RCP /* Redifine rcp */ -#define _PATH_RCP BINDIR "/rcp" - -#undef _PATH_LOGIN -#define _PATH_LOGIN BINDIR "/login" - -/******* The rest is fallback defaults */ - -#ifndef _PATH_DEV -#define _PATH_DEV "/dev/" -#endif - -#ifndef _PATH_CP -#define _PATH_CP "/bin/cp" -#endif /* _PATH_CP */ - -#ifndef _PATH_SHELLS -#define _PATH_SHELLS "/etc/shells" -#endif /* _PATH_SHELLS */ - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif /* _PATH_BSHELL */ - -#ifndef _PATH_CSHELL -#define _PATH_CSHELL "/bin/csh" -#endif /* _PATH_CSHELL */ - -#ifndef _PATH_NOLOGIN -#define _PATH_NOLOGIN "/etc/nologin" -#endif /* _PATH_NOLOGIN */ - -#ifndef _PATH_TTY -#define _PATH_TTY "/dev/tty" -#endif /* _PATH_TTY */ - -#ifndef _PATH_HUSHLOGIN -#define _PATH_HUSHLOGIN ".hushlogin" -#endif /* _PATH_HUSHLOGIN */ - -#ifndef _PATH_NOMAILCHECK -#define _PATH_NOMAILCHECK ".nomailcheck" -#endif /* _PATH_NOMAILCHECK */ - -#ifndef _PATH_MOTDFILE -#define _PATH_MOTDFILE "/etc/motd" -#endif /* _PATH_MOTDFILE */ - -#ifndef _PATH_LOGACCESS -#define _PATH_LOGACCESS "/etc/login.access" -#endif /* _PATH_LOGACCESS */ - -#ifndef _PATH_HEQUIV -#define _PATH_HEQUIV "/etc/hosts.equiv" -#endif - -#ifndef _PATH_FBTAB -#define _PATH_FBTAB "/etc/fbtab" -#endif /* _PATH_FBTAB */ - -#ifndef _PATH_LOGINDEVPERM -#define _PATH_LOGINDEVPERM "/etc/logindevperm" -#endif /* _PATH_LOGINDEVPERM */ - -#ifndef _PATH_CHPASS -#define _PATH_CHPASS "/usr/bin/passwd" -#endif /* _PATH_CHPASS */ - -#if defined(__hpux) -#define __FALLBACK_MAILDIR__ "/usr/mail" -#else -#define __FALLBACK_MAILDIR__ "/usr/spool/mail" -#endif - -#ifndef KRB4_MAILDIR -#ifndef _PATH_MAILDIR -#ifdef MAILDIR -#define _PATH_MAILDIR MAILDIR -#else -#define _PATH_MAILDIR __FALLBACK_MAILDIR__ -#endif -#endif /* _PATH_MAILDIR */ -#define KRB4_MAILDIR _PATH_MAILDIR -#endif - -#ifndef _PATH_LASTLOG -#define _PATH_LASTLOG "/var/adm/lastlog" -#endif - -#if defined(UTMP_FILE) && !defined(_PATH_UTMP) -#define _PATH_UTMP UTMP_FILE -#endif - -#ifndef _PATH_UTMP -#define _PATH_UTMP "/etc/utmp" -#endif - -#if defined(WTMP_FILE) && !defined(_PATH_WTMP) -#define _PATH_WTMP WTMP_FILE -#endif - -#ifndef _PATH_WTMP -#define _PATH_WTMP "/usr/adm/wtmp" -#endif - -#ifndef _PATH_ETC_DEFAULT_LOGIN -#define _PATH_ETC_DEFAULT_LOGIN "/etc/default/login" -#endif - -#ifndef _PATH_ETC_ENVIRONMENT -#define _PATH_ETC_ENVIRONMENT "/etc/environment" -#endif - -#ifndef _PATH_ETC_SECURETTY -#define _PATH_ETC_SECURETTY "/etc/securetty" -#endif - -/* - * NeXT KLUDGE ALERT!!!!!!!!!!!!!!!!!! - * Some sort of bug in the NEXTSTEP cpp. - */ -#ifdef NeXT -#undef _PATH_DEFSUPATH -#define _PATH_DEFSUPATH "/usr/sbin:/usr/ucb:/usr/bin:/bin" -#undef _PATH_RLOGIN -#define _PATH_RLOGIN "/usr/athena/bin/rlogin" -#undef _PATH_RSH -#define _PATH_RSH "/usr/athena/bin/rsh" -#undef _PATH_RCP -#define _PATH_RCP "/usr/athena/bin/rcp" -#undef _PATH_LOGIN -#define _PATH_LOGIN "/usr/athena/bin/login" -#endif diff --git a/crypto/kerberosIV/appl/bsd/rcmd_util.c b/crypto/kerberosIV/appl/bsd/rcmd_util.c deleted file mode 100644 index cd431e3ebb48..000000000000 --- a/crypto/kerberosIV/appl/bsd/rcmd_util.c +++ /dev/null @@ -1,263 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: rcmd_util.c,v 1.19.2.1 2000/06/23 02:34:48 assar Exp $"); - -int -get_login_port(int kerberos, int encryption) -{ - char *service="login"; - int port=htons(513); - - if(kerberos && encryption){ - service="eklogin"; - port=htons(2105); - } - - if(kerberos && !encryption){ - service="klogin"; - port=htons(543); - } - return k_getportbyname (service, "tcp", port); -} - -int -get_shell_port(int kerberos, int encryption) -{ - char *service="shell"; - int port=htons(514); - - if(kerberos && encryption){ - service="ekshell"; - port=htons(545); - } - - if(kerberos && !encryption){ - service="kshell"; - port=htons(544); - } - - return k_getportbyname (service, "tcp", port); -} - -/* - * On reasonable systems, `cf[gs]et[io]speed' use values of bit/s - * directly, and the following functions are just identity functions. - * This is however a slower way of doing those - * should-be-but-are-not-always idenity functions. - */ - -static struct { int speed; int bps; } conv[] = { -#ifdef B0 - {B0, 0}, -#endif -#ifdef B50 - {B50, 50}, -#endif -#ifdef B75 - {B75, 75}, -#endif -#ifdef B110 - {B110, 110}, -#endif -#ifdef B134 - {B134, 134}, -#endif -#ifdef B150 - {B150, 150}, -#endif -#ifdef B200 - {B200, 200}, -#endif -#ifdef B300 - {B300, 300}, -#endif -#ifdef B600 - {B600, 600}, -#endif -#ifdef B1200 - {B1200, 1200}, -#endif -#ifdef B1800 - {B1800, 1800}, -#endif -#ifdef B2400 - {B2400, 2400}, -#endif -#ifdef B4800 - {B4800, 4800}, -#endif -#ifdef B9600 - {B9600, 9600}, -#endif -#ifdef B19200 - {B19200, 19200}, -#endif -#ifdef EXTA - {EXTA, 19200}, -#endif -#ifdef B38400 - {B38400, 38400}, -#endif -#ifdef EXTB - {EXTB, 38400}, -#endif -#ifdef B57600 - {B57600, 57600}, -#endif -#ifdef B115200 - {B115200, 115200}, -#endif -#ifdef B153600 - {B153600, 153600}, -#endif -#ifdef B230400 - {B230400, 230400}, -#endif -#ifdef B307200 - {B307200, 307200}, -#endif -#ifdef B460800 - {B460800, 460800}, -#endif -}; - -#define N (sizeof(conv)/sizeof(*conv)) - -int -speed_t2int (speed_t s) -{ - int l, r, m; - - l = 0; - r = N - 1; - while(l <= r) { - m = (l + r) / 2; - if (conv[m].speed == s) - return conv[m].bps; - else if(conv[m].speed < s) - l = m + 1; - else - r = m - 1; - } - return -1; -} - -/* - * - */ - -speed_t -int2speed_t (int i) -{ - int l, r, m; - - l = 0; - r = N - 1; - while(l <= r) { - m = (l + r) / 2; - if (conv[m].bps == i) - return conv[m].speed; - else if(conv[m].bps < i) - l = m + 1; - else - r = m - 1; - } - return -1; -} - -/* - * If there are any IP options on `sock', die. - */ - -void -ip_options_and_die (int sock, struct sockaddr_in *fromp) -{ -#if defined(IP_OPTIONS) && defined(HAVE_GETSOCKOPT) - u_char optbuf[BUFSIZ/3], *cp; - char lbuf[BUFSIZ], *lp; - int optsize = sizeof(optbuf), ipproto; - struct protoent *ip; - - if ((ip = getprotobyname("ip")) != NULL) - ipproto = ip->p_proto; - else - ipproto = IPPROTO_IP; - if (getsockopt(sock, ipproto, IP_OPTIONS, - (void *)optbuf, &optsize) == 0 && - optsize != 0) { - lp = lbuf; - for (cp = optbuf; optsize > 0; cp++, optsize--, lp += 3) - snprintf(lp, sizeof(lbuf) - (lp - lbuf), " %2.2x", *cp); - syslog(LOG_NOTICE, - "Connection received from %s using IP options (dead):%s", - inet_ntoa(fromp->sin_addr), lbuf); - exit(1); - } -#endif -} - -void -warning(const char *fmt, ...) -{ - char *rstar_no_warn = getenv("RSTAR_NO_WARN"); - va_list args; - - va_start(args, fmt); - if (rstar_no_warn == NULL) - rstar_no_warn = ""; - if (strncmp(rstar_no_warn, "yes", 3) != 0) { - /* XXX */ - fprintf(stderr, "%s: warning, using standard ", __progname); - vwarnx(fmt, args); - } - va_end(args); -} - -/* - * setuid but work-around Linux 2.2.15 bug with setuid and capabilities - */ - -void -paranoid_setuid (uid_t uid) -{ - if (setuid (uid) < 0) - err (1, "setuid"); - if (uid != 0 && setuid (0) == 0) { - syslog(LOG_ALERT | LOG_AUTH, - "Failed to drop privileges for uid %u", (unsigned)uid); - err (1, "setuid"); - } -} diff --git a/crypto/kerberosIV/appl/bsd/rcp.c b/crypto/kerberosIV/appl/bsd/rcp.c deleted file mode 100644 index 660be91933af..000000000000 --- a/crypto/kerberosIV/appl/bsd/rcp.c +++ /dev/null @@ -1,1047 +0,0 @@ -/* - * Copyright (c) 1983, 1990, 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: rcp.c,v 1.52.2.1 2000/06/23 02:35:16 assar Exp $"); - -/* Globals */ -static char dst_realm_buf[REALM_SZ]; -static char *dest_realm = NULL; -static int use_kerberos = 1; - -static int doencrypt = 0; -#define OPTIONS "dfKk:prtxl:" - -static char *user_name = NULL; /* Given as -l option. */ - -static int errs, rem; -static struct passwd *pwd; -static u_short port; -static uid_t userid; -static int pflag, iamremote, iamrecursive, targetshouldbedirectory; - -static int argc_copy; -static char **argv_copy; - -#define CMDNEEDS 64 -static char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */ - -void rsource(char *name, struct stat *statp); - -#define SERVICE_NAME "rcmd" - -CREDENTIALS cred; -MSG_DAT msg_data; -struct sockaddr_in foreign_addr, local_addr; -Key_schedule schedule; - -KTEXT_ST ticket; -AUTH_DAT kdata; - -static void -send_auth(char *h, char *r) -{ - int lslen, fslen, status; - long opts; - - lslen = sizeof(struct sockaddr_in); - if (getsockname(rem, (struct sockaddr *)&local_addr, &lslen) < 0) - err(1, "getsockname"); - fslen = sizeof(struct sockaddr_in); - if (getpeername(rem, (struct sockaddr *)&foreign_addr, &fslen) < 0) - err(1, "getpeername"); - if ((r == NULL) || (*r == '\0')) - r = krb_realmofhost(h); - opts = KOPT_DO_MUTUAL; - if ((status = krb_sendauth(opts, rem, &ticket, SERVICE_NAME, h, r, - (unsigned long)getpid(), &msg_data, &cred, - schedule, &local_addr, - &foreign_addr, "KCMDV0.1")) != KSUCCESS) - errx(1, "krb_sendauth failure: %s", krb_get_err_text(status)); -} - -static void -answer_auth(void) -{ - int lslen, fslen, status; - long opts; - char inst[INST_SZ], v[9]; - - lslen = sizeof(struct sockaddr_in); - if (getsockname(rem, (struct sockaddr *)&local_addr, &lslen) < 0) - err(1, "getsockname"); - fslen = sizeof(struct sockaddr_in); - if(getpeername(rem, (struct sockaddr *)&foreign_addr, &fslen) < 0) - err(1, "getperrname"); - k_getsockinst(rem, inst, sizeof(inst)); - opts = KOPT_DO_MUTUAL; - if ((status = krb_recvauth(opts, rem, &ticket, SERVICE_NAME, inst, - &foreign_addr, &local_addr, - &kdata, "", schedule, v)) != KSUCCESS) - errx(1, "krb_recvauth failure: %s", krb_get_err_text(status)); -} - -static int -des_read(int fd, char *buf, int len) -{ - if (doencrypt) - return(des_enc_read(fd, buf, len, schedule, - (iamremote? &kdata.session : &cred.session))); - else - return(read(fd, buf, len)); -} - -static int -des_write(int fd, char *buf, int len) -{ - if (doencrypt) - return(des_enc_write(fd, buf, len, schedule, - (iamremote? &kdata.session : &cred.session))); - else - return(write(fd, buf, len)); -} - -static void run_err(const char *fmt, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; - - -static void -run_err(const char *fmt, ...) -{ - char errbuf[1024]; - - va_list args; - va_start(args, fmt); - ++errs; -#define RCPERR "\001rcp: " - strlcpy (errbuf, RCPERR, sizeof(errbuf)); - vsnprintf (errbuf + strlen(errbuf), - sizeof(errbuf) - strlen(errbuf), - fmt, args); - strlcat (errbuf, "\n", sizeof(errbuf)); - des_write (rem, errbuf, strlen(errbuf)); - if (!iamremote) - vwarnx(fmt, args); - va_end(args); -} - -static void -verifydir(char *cp) -{ - struct stat stb; - - if (!stat(cp, &stb)) { - if (S_ISDIR(stb.st_mode)) - return; - errno = ENOTDIR; - } - run_err("%s: %s", cp, strerror(errno)); - exit(1); -} - -#define ROUNDUP(x, y) ((((x)+((y)-1))/(y))*(y)) - -static BUF * -allocbuf(BUF *bp, int fd, int blksize) -{ - struct stat stb; - size_t size; - - if (fstat(fd, &stb) < 0) { - run_err("fstat: %s", strerror(errno)); - return (0); - } -#ifdef HAVE_ST_BLKSIZE - size = ROUNDUP(stb.st_blksize, blksize); -#else - size = blksize; -#endif - if (size == 0) - size = blksize; - if (bp->cnt >= size) - return (bp); - if (bp->buf == NULL) - bp->buf = malloc(size); - else - bp->buf = realloc(bp->buf, size); - if (bp->buf == NULL) { - bp->cnt = 0; - run_err("%s", strerror(errno)); - return (0); - } - bp->cnt = size; - return (bp); -} - -static void -usage(void) -{ - fprintf(stderr, "%s\n\t%s\n", - "usage: rcp [-Kpx] [-k realm] f1 f2", - "or: rcp [-Kprx] [-k realm] f1 ... fn directory"); - exit(1); -} - -static void -oldw(const char *s) -{ - char *rstar_no_warn = getenv("RSTAR_NO_WARN"); - if (rstar_no_warn == 0) - rstar_no_warn = ""; - if (strncmp(rstar_no_warn, "yes", 3) != 0) - warnx("%s, using standard rcp", s); -} - -static RETSIGTYPE -lostconn(int signo) -{ - if (!iamremote) - warnx("lost connection"); - exit(1); -} - -static int -response(void) -{ - char ch, *cp, resp, rbuf[BUFSIZ]; - - if (des_read(rem, &resp, sizeof(resp)) != sizeof(resp)) - lostconn(0); - - cp = rbuf; - switch(resp) { - case 0: /* ok */ - return (0); - default: - *cp++ = resp; - /* FALLTHROUGH */ - case 1: /* error, followed by error msg */ - case 2: /* fatal error, "" */ - do { - if (des_read(rem, &ch, sizeof(ch)) != sizeof(ch)) - lostconn(0); - *cp++ = ch; - } while (cp < &rbuf[BUFSIZ] && ch != '\n'); - - if (!iamremote) - write(STDERR_FILENO, rbuf, cp - rbuf); - ++errs; - if (resp == 1) - return (-1); - exit(1); - } - /* NOTREACHED */ -} - -static void -source(int argc, char **argv) -{ - struct stat stb; - static BUF buffer; - BUF *bp; - off_t i; - int amt, fd, haderr, indx, result; - char *last, *name, buf[BUFSIZ]; - - for (indx = 0; indx < argc; ++indx) { - name = argv[indx]; - if ((fd = open(name, O_RDONLY, 0)) < 0) - goto syserr; - if (fstat(fd, &stb)) { -syserr: run_err("%s: %s", name, strerror(errno)); - goto next; - } - switch (stb.st_mode & S_IFMT) { - case S_IFREG: - break; - case S_IFDIR: - if (iamrecursive) { - rsource(name, &stb); - goto next; - } - /* FALLTHROUGH */ - default: - run_err("%s: not a regular file", name); - goto next; - } - if ((last = strrchr(name, '/')) == NULL) - last = name; - else - ++last; - if (pflag) { - /* - * Make it compatible with possible future - * versions expecting microseconds. - */ - snprintf(buf, sizeof(buf), "T%ld 0 %ld 0\n", - (long)stb.st_mtime, (long)stb.st_atime); - des_write(rem, buf, strlen(buf)); - if (response() < 0) - goto next; - } - snprintf(buf, sizeof(buf), "C%04o %ld %s\n", - (int)stb.st_mode & MODEMASK, (long) stb.st_size, last); - des_write(rem, buf, strlen(buf)); - if (response() < 0) - goto next; - if ((bp = allocbuf(&buffer, fd, BUFSIZ)) == NULL) { -next: close(fd); - continue; - } - - /* Keep writing after an error so that we stay sync'd up. */ - for (haderr = i = 0; i < stb.st_size; i += bp->cnt) { - amt = bp->cnt; - if (i + amt > stb.st_size) - amt = stb.st_size - i; - if (!haderr) { - result = read(fd, bp->buf, amt); - if (result != amt) - haderr = result >= 0 ? EIO : errno; - } - if (haderr) - des_write(rem, bp->buf, amt); - else { - result = des_write(rem, bp->buf, amt); - if (result != amt) - haderr = result >= 0 ? EIO : errno; - } - } - if (close(fd) && !haderr) - haderr = errno; - if (!haderr) - des_write(rem, "", 1); - else - run_err("%s: %s", name, strerror(haderr)); - response(); - } -} - -void -rsource(char *name, struct stat *statp) -{ - DIR *dirp; - struct dirent *dp; - char *last, *vect[1], path[MaxPathLen]; - char *p; - - if (!(dirp = opendir(name))) { - run_err("%s: %s", name, strerror(errno)); - return; - } - for (p = name + strlen(name) - 1; p >= name && *p == '/'; --p) - *p = '\0'; - - last = strrchr(name, '/'); - if (last == 0) - last = name; - else - last++; - if (pflag) { - snprintf(path, sizeof(path), "T%ld 0 %ld 0\n", - (long)statp->st_mtime, (long)statp->st_atime); - des_write(rem, path, strlen(path)); - if (response() < 0) { - closedir(dirp); - return; - } - } - snprintf(path, sizeof(path), - "D%04o %d %s\n", (int)statp->st_mode & MODEMASK, 0, last); - des_write(rem, path, strlen(path)); - if (response() < 0) { - closedir(dirp); - return; - } - while ((dp = readdir(dirp))) { - if (dp->d_ino == 0) - continue; - if (!strcmp(dp->d_name, ".") || !strcmp(dp->d_name, "..")) - continue; - if (strlen(name) + 1 + strlen(dp->d_name) >= MaxPathLen - 1) { - run_err("%s/%s: name too long", name, dp->d_name); - continue; - } - if (snprintf(path, sizeof(path), - "%s/%s", name, dp->d_name) >= sizeof(path)) { - run_err("%s/%s: name too long", name, dp->d_name); - continue; - } - vect[0] = path; - source(1, vect); - } - closedir(dirp); - des_write(rem, "E\n", 2); - response(); -} - -static int -kerberos(char **host, char *bp, char *locuser, char *user) -{ - int sock = -1, err; - - if (use_kerberos) { - paranoid_setuid(getuid()); - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(*host); - -#if 0 - rem = krcmd(host, port, user, bp, 0, dest_realm); -#else - err = kcmd( - &sock, - host, - port, - NULL, /* locuser not used */ - user, - bp, - 0, - &ticket, - SERVICE_NAME, - dest_realm, - (CREDENTIALS *) NULL, /* credentials not used */ - 0, /* key schedule not used */ - (MSG_DAT *) NULL, /* MSG_DAT not used */ - (struct sockaddr_in *) NULL, /* local addr not used */ - (struct sockaddr_in *) NULL, /* foreign addr not used */ - 0L); /* authopts */ - if (err > KSUCCESS && err < MAX_KRB_ERRORS) { - warnx("kcmd: %s", krb_get_err_text(err)); - rem = -1; - } else if (err < 0) - rem = -1; - else - rem = sock; -#endif - if (rem < 0) { - if (errno == ECONNREFUSED) - oldw("remote host doesn't support Kerberos"); - else if (errno == ENOENT) - oldw("can't provide Kerberos authentication data"); - execv(_PATH_RCP, argv_copy); - } - } else { - if (doencrypt) - errx(1, - "the -x option requires Kerberos authentication"); - if (geteuid() != 0) { - errx(1, "not installed setuid root, " - "only root may use non kerberized rcp"); - } - rem = rcmd(host, port, locuser, user, bp, 0); - } - return (rem); -} - -static void -toremote(char *targ, int argc, char **argv) -{ - int i, len; -#ifdef IP_TOS - int tos; -#endif - char *bp, *host, *src, *suser, *thost, *tuser; - - *targ++ = 0; - if (*targ == 0) - targ = "."; - - if ((thost = strchr(argv[argc - 1], '@'))) { - /* user@host */ - *thost++ = 0; - tuser = argv[argc - 1]; - if (*tuser == '\0') - tuser = NULL; - else if (!okname(tuser)) - exit(1); - } else { - thost = argv[argc - 1]; - tuser = user_name; - } - - for (i = 0; i < argc - 1; i++) { - src = colon(argv[i]); - if (src) { /* remote to remote */ - *src++ = 0; - if (*src == 0) - src = "."; - host = strchr(argv[i], '@'); - if (host) { - *host++ = 0; - suser = argv[i]; - if (*suser == '\0') - suser = pwd->pw_name; - else if (!okname(suser)) - continue; - asprintf(&bp, "%s %s -l %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, host, suser, cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); - } else - asprintf(&bp, "exec %s %s -n %s %s '%s%s%s:%s'", - _PATH_RSH, argv[i], cmd, src, - tuser ? tuser : "", tuser ? "@" : "", - thost, targ); - if(bp == NULL) - errx(1, "out of memory"); - susystem(bp, userid); - free(bp); - } else { /* local to remote */ - if (rem == -1) { - len = strlen(targ) + CMDNEEDS + 20; - if (!(bp = malloc(len))) - err(1, " "); - snprintf(bp, len, "%s -t %s", cmd, targ); - host = thost; - if (use_kerberos) - rem = kerberos(&host, bp, -#ifdef __CYGWIN32__ - tuser, -#else - pwd->pw_name, -#endif - tuser ? tuser : pwd->pw_name); - else - rem = rcmd(&host, port, -#ifdef __CYGWIN32__ - tuser, -#else - pwd->pw_name, -#endif - tuser ? tuser : pwd->pw_name, - bp, 0); - if (rem < 0) - exit(1); -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - tos = IPTOS_THROUGHPUT; - if (setsockopt(rem, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(int)) < 0) - warn("TOS (ignored)"); -#endif /* IP_TOS */ - if (doencrypt) - send_auth(host, dest_realm); - if (response() < 0) - exit(1); - free(bp); - paranoid_setuid(userid); - } - source(1, argv+i); - } - } -} - -static void -sink(int argc, char **argv) -{ - static BUF buffer; - struct stat stb; - struct timeval tv[2]; - enum { YES, NO, DISPLAYED } wrerr; - BUF *bp; - off_t i, j; - int amt, count, exists, first, mask, mode, ofd, omode; - int setimes, size, targisdir, wrerrno=0; - char ch, *cp, *np, *targ, *why, *vect[1], buf[BUFSIZ]; - -#define atime tv[0] -#define mtime tv[1] -#define SCREWUP(str) { why = str; goto screwup; } - - setimes = targisdir = 0; - mask = umask(0); - if (!pflag) - umask(mask); - if (argc != 1) { - run_err("ambiguous target"); - exit(1); - } - targ = *argv; - if (targetshouldbedirectory) - verifydir(targ); - des_write(rem, "", 1); - if (stat(targ, &stb) == 0 && S_ISDIR(stb.st_mode)) - targisdir = 1; - for (first = 1;; first = 0) { - cp = buf; - if (des_read(rem, cp, 1) <= 0) - return; - if (*cp++ == '\n') - SCREWUP("unexpected "); - do { - if (des_read(rem, &ch, sizeof(ch)) != sizeof(ch)) - SCREWUP("lost connection"); - *cp++ = ch; - } while (cp < &buf[BUFSIZ - 1] && ch != '\n'); - *cp = 0; - - if (buf[0] == '\01' || buf[0] == '\02') { - if (iamremote == 0) - write(STDERR_FILENO, - buf + 1, strlen(buf + 1)); - if (buf[0] == '\02') - exit(1); - ++errs; - continue; - } - if (buf[0] == 'E') { - des_write(rem, "", 1); - return; - } - - if (ch == '\n') - *--cp = 0; - -#define getnum(t) \ - do { \ - (t) = 0; \ - while (isdigit((unsigned char)*cp)) \ - (t) = (t) * 10 + (*cp++ - '0'); \ - } while(0) - - cp = buf; - if (*cp == 'T') { - setimes++; - cp++; - getnum(mtime.tv_sec); - if (*cp++ != ' ') - SCREWUP("mtime.sec not delimited"); - getnum(mtime.tv_usec); - if (*cp++ != ' ') - SCREWUP("mtime.usec not delimited"); - getnum(atime.tv_sec); - if (*cp++ != ' ') - SCREWUP("atime.sec not delimited"); - getnum(atime.tv_usec); - if (*cp++ != '\0') - SCREWUP("atime.usec not delimited"); - des_write(rem, "", 1); - continue; - } - if (*cp != 'C' && *cp != 'D') { - /* - * Check for the case "rcp remote:foo\* local:bar". - * In this case, the line "No match." can be returned - * by the shell before the rcp command on the remote is - * executed so the ^Aerror_message convention isn't - * followed. - */ - if (first) { - run_err("%s", cp); - exit(1); - } - SCREWUP("expected control record"); - } - mode = 0; - for (++cp; cp < buf + 5; cp++) { - if (*cp < '0' || *cp > '7') - SCREWUP("bad mode"); - mode = (mode << 3) | (*cp - '0'); - } - if (*cp++ != ' ') - SCREWUP("mode not delimited"); - - for (size = 0; isdigit((unsigned char)*cp);) - size = size * 10 + (*cp++ - '0'); - if (*cp++ != ' ') - SCREWUP("size not delimited"); - if (targisdir) { - static char *namebuf; - static int cursize; - size_t need; - - need = strlen(targ) + strlen(cp) + 250; - if (need > cursize) { - if (!(namebuf = malloc(need))) - run_err("%s", strerror(errno)); - } - snprintf(namebuf, need, "%s%s%s", targ, - *targ ? "/" : "", cp); - np = namebuf; - } else - np = targ; - exists = stat(np, &stb) == 0; - if (buf[0] == 'D') { - int mod_flag = pflag; - if (exists) { - if (!S_ISDIR(stb.st_mode)) { - errno = ENOTDIR; - goto bad; - } - if (pflag) - chmod(np, mode); - } else { - /* Handle copying from a read-only directory */ - mod_flag = 1; - if (mkdir(np, mode | S_IRWXU) < 0) - goto bad; - } - vect[0] = np; - sink(1, vect); - if (setimes) { - struct utimbuf times; - times.actime = atime.tv_sec; - times.modtime = mtime.tv_sec; - setimes = 0; - if (utime(np, ×) < 0) - run_err("%s: set times: %s", - np, strerror(errno)); - } - if (mod_flag) - chmod(np, mode); - continue; - } - omode = mode; - mode |= S_IWRITE; - if ((ofd = open(np, O_WRONLY|O_CREAT, mode)) < 0) { -bad: run_err("%s: %s", np, strerror(errno)); - continue; - } - des_write(rem, "", 1); - if ((bp = allocbuf(&buffer, ofd, BUFSIZ)) == NULL) { - close(ofd); - continue; - } - cp = bp->buf; - wrerr = NO; - for (count = i = 0; i < size; i += BUFSIZ) { - amt = BUFSIZ; - if (i + amt > size) - amt = size - i; - count += amt; - do { - j = des_read(rem, cp, amt); - if (j <= 0) { - run_err("%s", j ? strerror(errno) : - "dropped connection"); - exit(1); - } - amt -= j; - cp += j; - } while (amt > 0); - if (count == bp->cnt) { - /* Keep reading so we stay sync'd up. */ - if (wrerr == NO) { - j = write(ofd, bp->buf, count); - if (j != count) { - wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; - } - } - count = 0; - cp = bp->buf; - } - } - if (count != 0 && wrerr == NO && - (j = write(ofd, bp->buf, count)) != count) { - wrerr = YES; - wrerrno = j >= 0 ? EIO : errno; - } - if (ftruncate(ofd, size)) { - run_err("%s: truncate: %s", np, strerror(errno)); - wrerr = DISPLAYED; - } - if (pflag) { - if (exists || omode != mode) -#ifdef HAVE_FCHMOD - if (fchmod(ofd, omode)) -#else - if (chmod(np, omode)) -#endif - run_err("%s: set mode: %s", - np, strerror(errno)); - } else { - if (!exists && omode != mode) -#ifdef HAVE_FCHMOD - if (fchmod(ofd, omode & ~mask)) -#else - if (chmod(np, omode & ~mask)) -#endif - run_err("%s: set mode: %s", - np, strerror(errno)); - } - close(ofd); - response(); - if (setimes && wrerr == NO) { - struct utimbuf times; - times.actime = atime.tv_sec; - times.modtime = mtime.tv_sec; - setimes = 0; - if (utime(np, ×) < 0) { - run_err("%s: set times: %s", - np, strerror(errno)); - wrerr = DISPLAYED; - } - } - switch(wrerr) { - case YES: - run_err("%s: %s", np, strerror(wrerrno)); - break; - case NO: - des_write(rem, "", 1); - break; - case DISPLAYED: - break; - } - } -screwup: - run_err("protocol error: %s", why); - exit(1); -} - -static void -tolocal(int argc, char **argv) -{ - int i, len; -#ifdef IP_TOS - int tos; -#endif - char *bp, *host, *src, *suser; - - for (i = 0; i < argc - 1; i++) { - if (!(src = colon(argv[i]))) { /* Local to local. */ - len = strlen(_PATH_CP) + strlen(argv[i]) + - strlen(argv[argc - 1]) + 20; - if (!(bp = malloc(len))) - err(1, " "); - snprintf(bp, len, "exec %s%s%s %s %s", _PATH_CP, - iamrecursive ? " -r" : "", pflag ? " -p" : "", - argv[i], argv[argc - 1]); - if (susystem(bp, userid)) - ++errs; - free(bp); - continue; - } - *src++ = 0; - if (*src == 0) - src = "."; - if ((host = strchr(argv[i], '@')) == NULL) { -#ifdef __CYGWIN32__ - errx (1, "Sorry, you need to specify the username"); -#else - host = argv[i]; - suser = pwd->pw_name; - if (user_name) - suser = user_name; -#endif - } else { - *host++ = 0; - suser = argv[i]; - if (*suser == '\0') -#ifdef __CYGWIN32__ - errx (1, "Sorry, you need to specify the username"); -#else - suser = pwd->pw_name; -#endif - else if (!okname(suser)) - continue; - } - len = strlen(src) + CMDNEEDS + 20; - if ((bp = malloc(len)) == NULL) - err(1, " "); - snprintf(bp, len, "%s -f %s", cmd, src); - rem = - use_kerberos ? - kerberos(&host, bp, -#ifndef __CYGWIN32__ - pwd->pw_name, -#else - suser, -#endif - suser) : - rcmd(&host, port, -#ifndef __CYGWIN32__ - pwd->pw_name, -#else - suser, -#endif - suser, bp, 0); - free(bp); - if (rem < 0) { - ++errs; - continue; - } - seteuid(userid); -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - tos = IPTOS_THROUGHPUT; - if (setsockopt(rem, IPPROTO_IP, IP_TOS, (void *)&tos, - sizeof(int)) < 0) - warn("TOS (ignored)"); -#endif /* IP_TOS */ - if (doencrypt) - send_auth(host, dest_realm); - sink(1, argv + argc - 1); - seteuid(0); - close(rem); - rem = -1; - } -} - - -int -main(int argc, char **argv) -{ - int ch, fflag, tflag; - char *targ; - int i; - - set_progname(argv[0]); - - /* - * Prepare for execing ourselves. - */ - - argc_copy = argc + 1; - argv_copy = malloc((argc_copy + 1) * sizeof(*argv_copy)); - if (argv_copy == NULL) - err(1, "malloc"); - argv_copy[0] = argv[0]; - argv_copy[1] = "-K"; - for(i = 1; i < argc; ++i) { - argv_copy[i + 1] = strdup(argv[i]); - if (argv_copy[i + 1] == NULL) - errx(1, "strdup: out of memory"); - } - argv_copy[argc + 1] = NULL; - - - fflag = tflag = 0; - while ((ch = getopt(argc, argv, OPTIONS)) != -1) - switch(ch) { /* User-visible flags. */ - case 'K': - use_kerberos = 0; - break; - case 'k': - dest_realm = dst_realm_buf; - strlcpy(dst_realm_buf, optarg, REALM_SZ); - break; - case 'x': - doencrypt = 1; - LEFT_JUSTIFIED = 1; - break; - case 'p': - pflag = 1; - break; - case 'r': - iamrecursive = 1; - break; - /* Server options. */ - case 'd': - targetshouldbedirectory = 1; - break; - case 'f': /* "from" */ - iamremote = 1; - fflag = 1; - break; - case 't': /* "to" */ - iamremote = 1; - tflag = 1; - break; - case 'l': - user_name = optarg; - break; - case '?': - default: - usage(); - } - argc -= optind; - argv += optind; - - /* Rcp implements encrypted file transfer without using the - * kshell service, pass 0 for no encryption */ - port = get_shell_port(use_kerberos, 0); - - userid = getuid(); - -#ifndef __CYGWIN32__ - if ((pwd = k_getpwuid(userid)) == NULL) - errx(1, "unknown user %d", (int)userid); -#endif - - rem = STDIN_FILENO; /* XXX */ - - if (fflag || tflag) { - if (doencrypt) - answer_auth(); - if(fflag) - response(); - if(do_osfc2_magic(pwd->pw_uid)) - exit(1); - paranoid_setuid(userid); - if (k_hasafs()) { - /* Sometimes we will need cell specific tokens - * to be able to read and write files, thus, - * the token stuff done in rshd might not - * suffice. - */ - char cell[64]; - if (k_afs_cell_of_file(pwd->pw_dir, - cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog(0, 0); - } - if(fflag) - source(argc, argv); - else - sink(argc, argv); - exit(errs); - } - - if (argc < 2) - usage(); - if (argc > 2) - targetshouldbedirectory = 1; - - rem = -1; - /* Command to be executed on remote system using "rsh". */ - snprintf(cmd, sizeof(cmd), - "rcp%s%s%s%s", iamrecursive ? " -r" : "", - (doencrypt && use_kerberos ? " -x" : ""), - pflag ? " -p" : "", targetshouldbedirectory ? " -d" : ""); - - signal(SIGPIPE, lostconn); - - if ((targ = colon(argv[argc - 1]))) /* Dest is remote host. */ - toremote(targ, argc, argv); - else { - tolocal(argc, argv); /* Dest is local host. */ - if (targetshouldbedirectory) - verifydir(argv[argc - 1]); - } - exit(errs); -} diff --git a/crypto/kerberosIV/appl/bsd/rcp_util.c b/crypto/kerberosIV/appl/bsd/rcp_util.c deleted file mode 100644 index 54233af0db62..000000000000 --- a/crypto/kerberosIV/appl/bsd/rcp_util.c +++ /dev/null @@ -1,99 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: rcp_util.c,v 1.8 1998/09/28 11:45:21 joda Exp $"); - -char * -colon(char *cp) -{ - if (*cp == ':') /* Leading colon is part of file name. */ - return (0); - - for (; *cp; ++cp) { - if (*cp == ':') - return (cp); - if (*cp == '/') - return (0); - } - return (0); -} - -int -okname(char *cp0) -{ - int c; - char *cp; - - cp = cp0; - do { - c = *cp; - if (c & 0200) - goto bad; - if (!isalpha(c) && !isdigit(c) && c != '_' && c != '-') - goto bad; - } while (*++cp); - return (1); - -bad: warnx("%s: invalid user name", cp0); - return (0); -} - -int -susystem(char *s, int userid) -{ - RETSIGTYPE (*istat)(), (*qstat)(); - int status; - pid_t pid; - - pid = fork(); - switch (pid) { - case -1: - return (127); - - case 0: - if(do_osfc2_magic(userid)) - exit(1); - setuid(userid); - execl(_PATH_BSHELL, "sh", "-c", s, NULL); - _exit(127); - } - istat = signal(SIGINT, SIG_IGN); - qstat = signal(SIGQUIT, SIG_IGN); - if (waitpid(pid, &status, 0) < 0) - status = -1; - signal(SIGINT, istat); - signal(SIGQUIT, qstat); - return (status); -} diff --git a/crypto/kerberosIV/appl/bsd/rlogin.c b/crypto/kerberosIV/appl/bsd/rlogin.c deleted file mode 100644 index 60bed675051a..000000000000 --- a/crypto/kerberosIV/appl/bsd/rlogin.c +++ /dev/null @@ -1,711 +0,0 @@ -/* - * Copyright (c) 1983, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * rlogin - remote login - */ -#include "bsd_locl.h" - -RCSID("$Id: rlogin.c,v 1.67.2.2 2000/10/10 12:54:26 assar Exp $"); - -CREDENTIALS cred; -Key_schedule schedule; -int use_kerberos = 1, doencrypt; -char dst_realm_buf[REALM_SZ], *dest_realm = NULL; - -#ifndef CCEQ -#define c2uc(x) ((unsigned char) x) -#define CCEQ__(val, c) (c == val ? val != c2uc(_POSIX_VDISABLE) : 0) -#define CCEQ(val, c) CCEQ__(c2uc(val), c2uc(c)) -#endif - -int eight, rem; -struct termios deftty; - -int noescape; -char escapechar = '~'; - -struct winsize winsize; - -int parent, rcvcnt; -char rcvbuf[8 * 1024]; - -int child; - -static void -echo(char c) -{ - char *p; - char buf[8]; - - p = buf; - c &= 0177; - *p++ = escapechar; - if (c < ' ') { - *p++ = '^'; - *p++ = c + '@'; - } else if (c == 0177) { - *p++ = '^'; - *p++ = '?'; - } else - *p++ = c; - *p++ = '\r'; - *p++ = '\n'; - write(STDOUT_FILENO, buf, p - buf); -} - -static void -mode(int f) -{ - struct termios tty; - - switch (f) { - case 0: - tcsetattr(0, TCSANOW, &deftty); - break; - case 1: - tcgetattr(0, &deftty); - tty = deftty; - /* This is loosely derived from sys/compat/tty_compat.c. */ - tty.c_lflag &= ~(ECHO|ICANON|ISIG|IEXTEN); - tty.c_iflag &= ~ICRNL; - tty.c_oflag &= ~OPOST; - tty.c_cc[VMIN] = 1; - tty.c_cc[VTIME] = 0; - if (eight) { - tty.c_iflag &= IXOFF; - tty.c_cflag &= ~(CSIZE|PARENB); - tty.c_cflag |= CS8; - } - tcsetattr(0, TCSANOW, &tty); - break; - default: - return; - } -} - -static void -done(int status) -{ - int w, wstatus; - - mode(0); - if (child > 0) { - /* make sure catch_child does not snap it up */ - signal(SIGCHLD, SIG_DFL); - if (kill(child, SIGKILL) >= 0) - while ((w = wait(&wstatus)) > 0 && w != child); - } - exit(status); -} - -static -RETSIGTYPE -catch_child(int foo) -{ - int status; - int pid; - - for (;;) { - pid = waitpid(-1, &status, WNOHANG|WUNTRACED); - if (pid == 0) - return; - /* if the child (reader) dies, just quit */ - if (pid < 0 || (pid == child && !WIFSTOPPED(status))) - done(WTERMSIG(status) | WEXITSTATUS(status)); - } - /* NOTREACHED */ -} - -/* - * There is a race in the SunOS5 rlogind. If the slave end has not yet - * been opened by the child when setting tty size the size is reset to - * zero when the child opens it. Therefore we send the window update - * twice. - */ - -static int tty_kludge = 1; - -/* Return the number of OOB bytes processed. */ -static int -oob_real(void) -{ - struct termios tty; - int atmark, n, out, rcvd; - char waste[BUFSIZ], mark; - - out = O_RDWR; - rcvd = 0; - if (recv(rem, &mark, 1, MSG_OOB) < 0) { - return -1; - } - if (mark & TIOCPKT_WINDOW) { - /* Let server know about window size changes */ - kill(parent, SIGUSR1); - } else if (tty_kludge) { - /* Let server know about window size changes */ - kill(parent, SIGUSR1); - tty_kludge = 0; - } - if (!eight && (mark & TIOCPKT_NOSTOP)) { - tcgetattr(0, &tty); - tty.c_iflag &= ~IXON; - tcsetattr(0, TCSANOW, &tty); - } - if (!eight && (mark & TIOCPKT_DOSTOP)) { - tcgetattr(0, &tty); - tty.c_iflag |= (deftty.c_iflag & IXON); - tcsetattr(0, TCSANOW, &tty); - } - if (mark & TIOCPKT_FLUSHWRITE) { -#ifdef TCOFLUSH - tcflush(1, TCOFLUSH); -#else - ioctl(1, TIOCFLUSH, (char *)&out); -#endif - for (;;) { - if (ioctl(rem, SIOCATMARK, &atmark) < 0) { - warn("ioctl"); - break; - } - if (atmark) - break; - n = read(rem, waste, sizeof (waste)); - if (n <= 0) - break; - } - /* - * Don't want any pending data to be output, so clear the recv - * buffer. If we were hanging on a write when interrupted, - * don't want it to restart. If we were reading, restart - * anyway. - */ - rcvcnt = 0; - } - - /* oob does not do FLUSHREAD (alas!) */ - return 1; -} - -/* reader: read from remote: line -> 1 */ -static int -reader(void) -{ - int n, remaining; - char *bufp; - int kludgep = 1; - - bufp = rcvbuf; - for (;;) { - fd_set readfds, exceptfds; - while ((remaining = rcvcnt - (bufp - rcvbuf)) > 0) { - n = write(STDOUT_FILENO, bufp, remaining); - if (n < 0) { - if (errno != EINTR) - return (-1); - continue; - } - bufp += n; - } - bufp = rcvbuf; - rcvcnt = 0; - - FD_ZERO (&readfds); - if (rem >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET (rem, &readfds); - FD_ZERO (&exceptfds); - if (kludgep) - FD_SET (rem, &exceptfds); - if (select(rem+1, &readfds, 0, &exceptfds, 0) == -1) { - if (errno == EINTR) - continue; /* Got signal */ - else - errx(1, "select failed mysteriously"); - } - - if (!FD_ISSET(rem, &exceptfds) && !FD_ISSET(rem, &readfds)) { - warnx("select: nothing to read?"); - continue; - } - - if (FD_ISSET(rem, &exceptfds)) { - int foo = oob_real (); - if (foo >= 1) - continue; /* First check if there is more OOB data. */ - else if (foo < 0) - kludgep = 0; - } - - if (!FD_ISSET(rem, &readfds)) - continue; /* Nothing to read. */ - - kludgep = 1; -#ifndef NOENCRYPTION - if (doencrypt) - rcvcnt = des_enc_read(rem, rcvbuf, - sizeof(rcvbuf), - schedule, &cred.session); - else -#endif - rcvcnt = read(rem, rcvbuf, sizeof (rcvbuf)); - if (rcvcnt == 0) - return (0); - if (rcvcnt < 0) { - if (errno == EINTR) - continue; - warn("read"); - return (-1); - } - } -} - -/* - * Send the window size to the server via the magic escape - */ -static void -sendwindow(void) -{ - char obuf[4 + 4 * sizeof (u_int16_t)]; - unsigned short *p; - - p = (u_int16_t *)(obuf + 4); - obuf[0] = 0377; - obuf[1] = 0377; - obuf[2] = 's'; - obuf[3] = 's'; - *p++ = htons(winsize.ws_row); - *p++ = htons(winsize.ws_col); -#ifdef HAVE_WS_XPIXEL - *p++ = htons(winsize.ws_xpixel); -#else - *p++ = htons(0); -#endif -#ifdef HAVE_WS_YPIXEL - *p++ = htons(winsize.ws_ypixel); -#else - *p++ = htons(0); -#endif - -#ifndef NOENCRYPTION - if(doencrypt) - des_enc_write(rem, obuf, sizeof(obuf), schedule, - &cred.session); - else -#endif - write(rem, obuf, sizeof(obuf)); -} - -static -RETSIGTYPE -sigwinch(int foo) -{ - struct winsize ws; - - if (get_window_size(0, &ws) == 0 && - memcmp(&ws, &winsize, sizeof(ws))) { - winsize = ws; - sendwindow(); - } -} - -static void -stop(int all) -{ - mode(0); - signal(SIGCHLD, SIG_IGN); - kill(all ? 0 : getpid(), SIGTSTP); - signal(SIGCHLD, catch_child); - mode(1); -#ifdef SIGWINCH - kill(SIGWINCH, getpid()); /* check for size changes, if caught */ -#endif -} - -/* - * writer: write to remote: 0 -> line. - * ~. terminate - * ~^Z suspend rlogin process. - * ~ suspend rlogin process, but leave reader alone. - */ -static void -writer(void) -{ - int bol, local, n; - char c; - - bol = 1; /* beginning of line */ - local = 0; - for (;;) { - n = read(STDIN_FILENO, &c, 1); - if (n <= 0) { - if (n < 0 && errno == EINTR) - continue; - break; - } - /* - * If we're at the beginning of the line and recognize a - * command character, then we echo locally. Otherwise, - * characters are echo'd remotely. If the command character - * is doubled, this acts as a force and local echo is - * suppressed. - */ - if (bol) { - bol = 0; - if (!noescape && c == escapechar) { - local = 1; - continue; - } - } else if (local) { - local = 0; - if (c == '.' || CCEQ(deftty.c_cc[VEOF], c)) { - echo(c); - break; - } - if (CCEQ(deftty.c_cc[VSUSP], c)) { - bol = 1; - echo(c); - stop(1); - continue; - } -#ifdef VDSUSP - /* Is VDSUSP called something else on Linux? - * Perhaps VDELAY is a better thing? */ - if (CCEQ(deftty.c_cc[VDSUSP], c)) { - bol = 1; - echo(c); - stop(0); - continue; - } -#endif /* VDSUSP */ - if (c != escapechar) { -#ifndef NOENCRYPTION - if (doencrypt) - des_enc_write(rem, &escapechar,1, schedule, &cred.session); - else -#endif - write(rem, &escapechar, 1); - } - } - - if (doencrypt) { -#ifdef NOENCRYPTION - if (write(rem, &c, 1) == 0) { -#else - if (des_enc_write(rem, &c, 1, schedule, &cred.session) == 0) { -#endif - warnx("line gone"); - break; - } - } else - if (write(rem, &c, 1) == 0) { - warnx("line gone"); - break; - } - bol = CCEQ(deftty.c_cc[VKILL], c) || - CCEQ(deftty.c_cc[VEOF], c) || - CCEQ(deftty.c_cc[VINTR], c) || - CCEQ(deftty.c_cc[VSUSP], c) || - c == '\r' || c == '\n'; - } -} - -static -RETSIGTYPE -lostpeer(int foo) -{ - signal(SIGPIPE, SIG_IGN); - warnx("\aconnection closed.\r"); - done(1); -} - -/* - * This is called in the parent when the reader process gets the - * out-of-band (urgent) request to turn on the window-changing - * protocol. It is signalled from the child(reader). - */ -static -RETSIGTYPE -sigusr1(int foo) -{ - /* - * Now we now daemon supports winsize hack, - */ - sendwindow(); -#ifdef SIGWINCH - signal(SIGWINCH, sigwinch); /* so we start to support it */ -#endif - SIGRETURN(0); -} - -static void -doit(void) -{ - signal(SIGINT, SIG_IGN); - signal(SIGHUP, SIG_IGN); - signal(SIGQUIT, SIG_IGN); - - signal(SIGCHLD, catch_child); - - /* - * Child sends parent this signal for window size hack. - */ - signal(SIGUSR1, sigusr1); - - signal(SIGPIPE, lostpeer); - - mode(1); - parent = getpid(); - child = fork(); - if (child == -1) { - warn("fork"); - done(1); - } - if (child == 0) { - signal(SIGCHLD, SIG_IGN); - signal(SIGTTOU, SIG_IGN); - if (reader() == 0) - errx(1, "connection closed.\r"); - sleep(1); - errx(1, "\aconnection closed.\r"); - } - - writer(); - warnx("closed connection.\r"); - done(0); -} - -static void -usage(void) -{ - fprintf(stderr, - "usage: rlogin [ -%s]%s[-e char] [ -l username ] host\n", - "8DEKLdx", " [-k realm] "); - exit(1); -} - -static u_int -getescape(char *p) -{ - long val; - int len; - - if ((len = strlen(p)) == 1) /* use any single char, including '\' */ - return ((u_int)*p); - /* otherwise, \nnn */ - if (*p == '\\' && len >= 2 && len <= 4) { - val = strtol(++p, NULL, 8); - for (;;) { - if (!*++p) - return ((u_int)val); - if (*p < '0' || *p > '8') - break; - } - } - warnx("illegal option value -- e"); - usage(); - return 0; -} - -int -main(int argc, char **argv) -{ - struct passwd *pw; - int sv_port, user_port = 0; - int argoff, ch, dflag, Dflag, one, uid; - char *host, *user, term[1024]; - - argoff = dflag = Dflag = 0; - one = 1; - host = user = NULL; - - set_progname(argv[0]); - - /* handle "rlogin host flags" */ - if (argc > 2 && argv[1][0] != '-') { - host = argv[1]; - argoff = 1; - } - -#define OPTIONS "8DEKLde:k:l:xp:" - while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) - switch(ch) { - case '8': - eight = 1; - break; - case 'D': - Dflag = 1; - break; - case 'E': - noescape = 1; - break; - case 'K': - use_kerberos = 0; - break; - case 'd': - dflag = 1; - break; - case 'e': - noescape = 0; - escapechar = getescape(optarg); - break; - case 'k': - dest_realm = dst_realm_buf; - strlcpy(dest_realm, optarg, REALM_SZ); - break; - case 'l': - user = optarg; - break; - case 'x': - doencrypt = 1; - break; - case 'p': { - char *endptr; - - user_port = strtol (optarg, &endptr, 0); - if (user_port == 0 && optarg == endptr) - errx (1, "Bad port `%s'", optarg); - user_port = htons(user_port); - break; - } - case '?': - default: - usage(); - } - optind += argoff; - - /* if haven't gotten a host yet, do so */ - if (!host && !(host = argv[optind++])) - usage(); - - if (argv[optind]) - usage(); - - if (!(pw = k_getpwuid(uid = getuid()))) - errx(1, "unknown user id."); - if (!user) - user = pw->pw_name; - - if (user_port) - sv_port = user_port; - else - sv_port = get_login_port(use_kerberos, doencrypt); - - { - char *p = getenv("TERM"); - struct termios tty; - int i; - - if (p == NULL) - p = "network"; - - if (tcgetattr(0, &tty) == 0 - && (i = speed_t2int (cfgetospeed(&tty))) > 0) - snprintf (term, sizeof(term), - "%s/%d", - p, i); - else - snprintf (term, sizeof(term), - "%s", - p); - } - - get_window_size(0, &winsize); - - if (use_kerberos) { - paranoid_setuid(getuid()); - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(host); - - if (doencrypt) - rem = krcmd_mutual(&host, sv_port, user, term, 0, - dest_realm, &cred, schedule); - else - rem = krcmd(&host, sv_port, user, term, 0, - dest_realm); - if (rem < 0) { - int i; - char **newargv; - - if (errno == ECONNREFUSED) - warning("remote host doesn't support Kerberos"); - if (errno == ENOENT) - warning("can't provide Kerberos auth data"); - newargv = malloc((argc + 2) * sizeof(*newargv)); - if (newargv == NULL) - err(1, "malloc"); - newargv[0] = argv[0]; - newargv[1] = "-K"; - for(i = 1; i < argc; ++i) - newargv[i + 1] = argv[i]; - newargv[argc + 1] = NULL; - execv(_PATH_RLOGIN, newargv); - } - } else { - if (doencrypt) - errx(1, "the -x flag requires Kerberos authentication."); - if (geteuid() != 0) - errx(1, "not installed setuid root, " - "only root may use non kerberized rlogin"); - rem = rcmd(&host, sv_port, pw->pw_name, user, term, 0); - } - - if (rem < 0) - exit(1); - -#ifdef HAVE_SETSOCKOPT -#ifdef SO_DEBUG - if (dflag && - setsockopt(rem, SOL_SOCKET, SO_DEBUG, (void *)&one, - sizeof(one)) < 0) - warn("setsockopt"); -#endif -#ifdef TCP_NODELAY - if (Dflag && - setsockopt(rem, IPPROTO_TCP, TCP_NODELAY, (void *)&one, - sizeof(one)) < 0) - warn("setsockopt(TCP_NODELAY)"); -#endif -#ifdef IP_TOS - one = IPTOS_LOWDELAY; - if (setsockopt(rem, IPPROTO_IP, IP_TOS, (void *)&one, sizeof(int)) < 0) - warn("setsockopt(IP_TOS)"); -#endif /* IP_TOS */ -#endif /* HAVE_SETSOCKOPT */ - - paranoid_setuid(uid); - doit(); - return 0; -} diff --git a/crypto/kerberosIV/appl/bsd/rlogind.c b/crypto/kerberosIV/appl/bsd/rlogind.c deleted file mode 100644 index eae2dd6cdaf5..000000000000 --- a/crypto/kerberosIV/appl/bsd/rlogind.c +++ /dev/null @@ -1,970 +0,0 @@ -/*- - * Copyright (c) 1983, 1988, 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * remote login server: - * \0 - * remuser\0 - * locuser\0 - * terminal_type/speed\0 - * data - */ - -#include "bsd_locl.h" - -RCSID("$Id: rlogind.c,v 1.109.2.2 2000/06/23 02:37:06 assar Exp $"); - -extern int __check_rhosts_file; - -char *INSECURE_MESSAGE = -"\r\n*** Connection not encrypted! Communication may be eavesdropped. ***" -"\r\n*** Use telnet or rlogin -x instead! ***\r\n"; - -#ifndef NOENCRYPTION -char *SECURE_MESSAGE = -"This rlogin session is using DES encryption for all transmissions.\r\n"; -#else -#define SECURE_MESSAGE INSECURE_MESSAGE -#endif - -AUTH_DAT *kdata; -KTEXT ticket; -u_char auth_buf[sizeof(AUTH_DAT)]; -u_char tick_buf[sizeof(KTEXT_ST)]; -Key_schedule schedule; -int doencrypt, retval, use_kerberos, vacuous; - -#define ARGSTR "Daip:lnkvxL:" - -char *env[2]; -#define NMAX 30 -char lusername[NMAX+1], rusername[NMAX+1]; -static char term[64] = "TERM="; -#define ENVSIZE (sizeof("TERM=")-1) /* skip null for concatenation */ -int keepalive = 1; -int check_all = 0; -int no_delay = 0; - -struct passwd *pwd; - -static const char *new_login = _PATH_LOGIN; - -static void doit (int, struct sockaddr_in *); -static int control (int, char *, int); -static void protocol (int, int); -static RETSIGTYPE cleanup (int); -void fatal (int, const char *, int); -static int do_rlogin (struct sockaddr_in *); -static void setup_term (int); -static int do_krb_login (struct sockaddr_in *); -static void usage (void); - -static int -readstream(int p, char *ibuf, int bufsize) -{ -#ifndef HAVE_GETMSG - return read(p, ibuf, bufsize); -#else - static int flowison = -1; /* current state of flow: -1 is unknown */ - static struct strbuf strbufc, strbufd; - static unsigned char ctlbuf[BUFSIZ]; - static int use_read = 1; - - int flags = 0; - int ret; - struct termios tsp; - - struct iocblk ip; - char vstop, vstart; - int ixon; - int newflow; - - if (use_read) - { - ret = read(p, ibuf, bufsize); - if (ret < 0 && errno == EBADMSG) - use_read = 0; - else - return ret; - } - - strbufc.maxlen = BUFSIZ; - strbufc.buf = (char *)ctlbuf; - strbufd.maxlen = bufsize-1; - strbufd.len = 0; - strbufd.buf = ibuf+1; - ibuf[0] = 0; - - ret = getmsg(p, &strbufc, &strbufd, &flags); - if (ret < 0) /* error of some sort -- probably EAGAIN */ - return(-1); - - if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) { - /* data message */ - if (strbufd.len > 0) { /* real data */ - return(strbufd.len + 1); /* count header char */ - } else { - /* nothing there */ - errno = EAGAIN; - return(-1); - } - } - - /* - * It's a control message. Return 1, to look at the flag we set - */ - - switch (ctlbuf[0]) { - case M_FLUSH: - if (ibuf[1] & FLUSHW) - ibuf[0] = TIOCPKT_FLUSHWRITE; - return(1); - - case M_IOCTL: - memcpy(&ip, (ibuf+1), sizeof(ip)); - - switch (ip.ioc_cmd) { -#ifdef TCSETS - case TCSETS: - case TCSETSW: - case TCSETSF: - memcpy(&tsp, - (ibuf+1 + sizeof(struct iocblk)), - sizeof(tsp)); - vstop = tsp.c_cc[VSTOP]; - vstart = tsp.c_cc[VSTART]; - ixon = tsp.c_iflag & IXON; - break; -#endif - default: - errno = EAGAIN; - return(-1); - } - - newflow = (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0; - if (newflow != flowison) { /* it's a change */ - flowison = newflow; - ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP; - return(1); - } - } - - /* nothing worth doing anything about */ - errno = EAGAIN; - return(-1); -#endif -} - -#ifdef HAVE_UTMPX_H -static int -rlogind_logout(const char *line) -{ - struct utmpx utmpx, *utxp; - int ret = 1; - - setutxent (); - memset(&utmpx, 0, sizeof(utmpx)); - utmpx.ut_type = USER_PROCESS; - strncpy(utmpx.ut_line, line, sizeof(utmpx.ut_line)); - utxp = getutxline(&utmpx); - if (utxp) { - utxp->ut_user[0] = '\0'; - utxp->ut_type = DEAD_PROCESS; -#ifdef HAVE_STRUCT_UTMPX_UT_EXIT -#ifdef _STRUCT___EXIT_STATUS - utxp->ut_exit.__e_termination = 0; - utxp->ut_exit.__e_exit = 0; -#elif defined(__osf__) /* XXX */ - utxp->ut_exit.ut_termination = 0; - utxp->ut_exit.ut_exit = 0; -#else - utxp->ut_exit.e_termination = 0; - utxp->ut_exit.e_exit = 0; -#endif -#endif - gettimeofday(&utxp->ut_tv, NULL); - pututxline(utxp); -#ifdef WTMPX_FILE - updwtmpx(WTMPX_FILE, utxp); -#else - ret = 0; -#endif - } - endutxent(); - return ret; -} -#else -static int -rlogind_logout(const char *line) -{ - FILE *fp; - struct utmp ut; - int rval; - - if (!(fp = fopen(_PATH_UTMP, "r+"))) - return(0); - rval = 1; - while (fread(&ut, sizeof(struct utmp), 1, fp) == 1) { - if (!ut.ut_name[0] || - strncmp(ut.ut_line, line, sizeof(ut.ut_line))) - continue; - memset(ut.ut_name, 0, sizeof(ut.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - memset(ut.ut_host, 0, sizeof(ut.ut_host)); -#endif -#ifdef HAVE_STRUCT_UTMP_UT_TYPE - ut.ut_type = DEAD_PROCESS; -#endif -#ifdef HAVE_STRUCT_UTMP_UT_EXIT -#ifdef _STRUCT___EXIT_STATUS - ut.ut_exit.__e_termination = 0; - ut.ut_exit.__e_exit = 0; -#elif defined(__osf__) /* XXX */ - ut.ut_exit.ut_termination = 0; - ut.ut_exit.ut_exit = 0; -#else - ut.ut_exit.e_termination = 0; - ut.ut_exit.e_exit = 0; -#endif -#endif - ut.ut_time = time(NULL); - fseek(fp, (long)-sizeof(struct utmp), SEEK_CUR); - fwrite(&ut, sizeof(struct utmp), 1, fp); - fseek(fp, (long)0, SEEK_CUR); - rval = 0; - } - fclose(fp); - return(rval); -} -#endif - -#ifndef HAVE_LOGWTMP -static void -logwtmp(const char *line, const char *name, const char *host) -{ - struct utmp ut; - struct stat buf; - int fd; - - memset (&ut, 0, sizeof(ut)); - if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) < 0) - return; - if (!fstat(fd, &buf)) { - strncpy(ut.ut_line, line, sizeof(ut.ut_line)); - strncpy(ut.ut_name, name, sizeof(ut.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_ID - strncpy(ut.ut_id, make_id((char *)line), sizeof(ut.ut_id)); -#endif -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(ut.ut_host, host, sizeof(ut.ut_host)); -#endif -#ifdef HAVE_STRUCT_UTMP_UT_PID - ut.ut_pid = getpid(); -#endif -#ifdef HAVE_STRUCT_UTMP_UT_TYPE - if(name[0]) - ut.ut_type = USER_PROCESS; - else - ut.ut_type = DEAD_PROCESS; -#endif - ut.ut_time = time(NULL); - if (write(fd, &ut, sizeof(struct utmp)) != - sizeof(struct utmp)) - ftruncate(fd, buf.st_size); - } - close(fd); -} -#endif - -int -main(int argc, char **argv) -{ - struct sockaddr_in from; - int ch, fromlen, on; - int interactive = 0; - int portnum = 0; - - set_progname(argv[0]); - - openlog("rlogind", LOG_PID | LOG_CONS, LOG_AUTH); - - opterr = 0; - while ((ch = getopt(argc, argv, ARGSTR)) != -1) - switch (ch) { - case 'D': - no_delay = 1; - break; - case 'a': - break; - case 'i': - interactive = 1; - break; - case 'p': - portnum = htons(atoi(optarg)); - break; - case 'l': - __check_rhosts_file = 0; - break; - case 'n': - keepalive = 0; - break; - case 'k': - use_kerberos = 1; - break; - case 'v': - vacuous = 1; - break; - case 'x': - doencrypt = 1; - break; - case 'L': - new_login = optarg; - break; - case '?': - default: - usage(); - break; - } - argc -= optind; - argv += optind; - - if (use_kerberos && vacuous) { - usage(); - fatal(STDERR_FILENO, "only one of -k and -v allowed", 0); - } - if (interactive) { - if(portnum == 0) - portnum = get_login_port (use_kerberos, doencrypt); - mini_inetd (portnum); - } - - fromlen = sizeof (from); - if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { - syslog(LOG_ERR,"Can't get peer name of remote host: %m"); - fatal(STDERR_FILENO, "Can't get peer name of remote host", 1); - } - on = 1; -#ifdef HAVE_SETSOCKOPT -#ifdef SO_KEEPALIVE - if (keepalive && - setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, - sizeof (on)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); -#endif -#ifdef TCP_NODELAY - if (no_delay && - setsockopt(0, IPPROTO_TCP, TCP_NODELAY, (void *)&on, - sizeof(on)) < 0) - syslog(LOG_WARNING, "setsockopt (TCP_NODELAY): %m"); -#endif - -#ifdef IP_TOS - on = IPTOS_LOWDELAY; - if (setsockopt(0, IPPROTO_IP, IP_TOS, (void *)&on, sizeof(int)) < 0) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); -#endif -#endif /* HAVE_SETSOCKOPT */ - doit(0, &from); - return 0; -} - -int child; -int netf; -char line[MaxPathLen]; -int confirmed; - -struct winsize win = { 0, 0, 0, 0 }; - - -static void -doit(int f, struct sockaddr_in *fromp) -{ - int master, pid, on = 1; - int authenticated = 0; - char hostname[2 * MaxHostNameLen + 1]; - char c; - - alarm(60); - read(f, &c, 1); - - if (c != 0) - exit(1); - if (vacuous) - fatal(f, "Remote host requires Kerberos authentication", 0); - - alarm(0); - inaddr2str (fromp->sin_addr, hostname, sizeof(hostname)); - - if (use_kerberos) { - retval = do_krb_login(fromp); - if (retval == 0) - authenticated++; - else if (retval > 0) - fatal(f, krb_get_err_text(retval), 0); - write(f, &c, 1); - confirmed = 1; /* we sent the null! */ - } else { - fromp->sin_port = ntohs((u_short)fromp->sin_port); - if (fromp->sin_family != AF_INET || - fromp->sin_port >= IPPORT_RESERVED || - fromp->sin_port < IPPORT_RESERVED/2) { - syslog(LOG_NOTICE, "Connection from %s on illegal port", - inet_ntoa(fromp->sin_addr)); - fatal(f, "Permission denied", 0); - } - ip_options_and_die (0, fromp); - if (do_rlogin(fromp) == 0) - authenticated++; - } - if (confirmed == 0) { - write(f, "", 1); - confirmed = 1; /* we sent the null! */ - } -#ifndef NOENCRYPTION - if (doencrypt) - des_enc_write(f, SECURE_MESSAGE, - strlen(SECURE_MESSAGE), - schedule, &kdata->session); - else -#endif - write(f, INSECURE_MESSAGE, strlen(INSECURE_MESSAGE)); - netf = f; - -#ifdef HAVE_FORKPTY - pid = forkpty(&master, line, NULL, NULL); -#else - pid = forkpty_truncate(&master, line, sizeof(line), NULL, NULL); -#endif - if (pid < 0) { - if (errno == ENOENT) - fatal(f, "Out of ptys", 0); - else - fatal(f, "Forkpty", 1); - } - if (pid == 0) { - if (f > 2) /* f should always be 0, but... */ - close(f); - setup_term(0); - if (lusername[0] == '-'){ - syslog(LOG_ERR, "tried to pass user \"%s\" to login", - lusername); - fatal(STDERR_FILENO, "invalid user", 0); - } - if (authenticated) { - if (use_kerberos && (pwd->pw_uid == 0)) - syslog(LOG_INFO|LOG_AUTH, - "ROOT Kerberos login from %s on %s\n", - krb_unparse_name_long(kdata->pname, - kdata->pinst, - kdata->prealm), - hostname); - - execl(new_login, "login", "-p", - "-h", hostname, "-f", "--", lusername, 0); - } else if (use_kerberos) { - fprintf(stderr, "User `%s' is not authorized to login as `%s'!\n", - krb_unparse_name_long(kdata->pname, - kdata->pinst, - kdata->prealm), - lusername); - exit(1); - } else - execl(new_login, "login", "-p", - "-h", hostname, "--", lusername, 0); - fatal(STDERR_FILENO, new_login, 1); - /*NOTREACHED*/ - } - /* - * If encrypted, don't turn on NBIO or the des read/write - * routines will croak. - */ - - if (!doencrypt) - ioctl(f, FIONBIO, &on); - ioctl(master, FIONBIO, &on); - ioctl(master, TIOCPKT, &on); -#ifdef SIGTSTP - signal(SIGTSTP, SIG_IGN); -#endif - signal(SIGCHLD, cleanup); - setsid(); - protocol(f, master); - signal(SIGCHLD, SIG_IGN); - cleanup(0); -} - -const char magic[2] = { 0377, 0377 }; - -/* - * Handle a "control" request (signaled by magic being present) - * in the data stream. For now, we are only willing to handle - * window size changes. - */ -static int -control(int master, char *cp, int n) -{ - struct winsize w; - char *p; - u_int32_t tmp; - - if (n < 4 + 4 * sizeof (u_int16_t) || cp[2] != 's' || cp[3] != 's') - return (0); -#ifdef TIOCSWINSZ - p = cp + 4; - p += krb_get_int(p, &tmp, 2, 0); - w.ws_row = tmp; - p += krb_get_int(p, &tmp, 2, 0); - w.ws_col = tmp; - - p += krb_get_int(p, &tmp, 2, 0); -#ifdef HAVE_WS_XPIXEL - w.ws_xpixel = tmp; -#endif - p += krb_get_int(p, &tmp, 2, 0); -#ifdef HAVE_WS_YPIXEL - w.ws_ypixel = tmp; -#endif - ioctl(master, TIOCSWINSZ, &w); -#endif - return p - cp; -} - -static -void -send_oob(int fd, char c) -{ - static char last_oob = 0xFF; - -#if (SunOS >= 50) || defined(__hpux) - /* - * PSoriasis and HP-UX always send TIOCPKT_DOSTOP at startup so we - * can avoid sending OOB data and thus not break on Linux by merging - * TIOCPKT_DOSTOP into the first TIOCPKT_WINDOW. - */ - static int oob_kludge = 2; - if (oob_kludge == 2) - { - oob_kludge--; /* First time send nothing */ - return; - } - else if (oob_kludge == 1) - { - oob_kludge--; /* Second time merge TIOCPKT_WINDOW */ - c |= TIOCPKT_WINDOW; - } -#endif - -#define pkcontrol(c) ((c)&(TIOCPKT_FLUSHWRITE|TIOCPKT_NOSTOP|TIOCPKT_DOSTOP)) - c = pkcontrol(c); - /* Multiple OOB data breaks on Linux, avoid it when possible. */ - if (c != last_oob) - send(fd, &c, 1, MSG_OOB); - last_oob = c; -} - -/* - * rlogin "protocol" machine. - */ -static void -protocol(int f, int master) -{ - char pibuf[1024+1], fibuf[1024], *pbp, *fbp; - int pcc = 0, fcc = 0; - int cc, nfd, n; - char cntl; - unsigned char oob_queue = 0; - -#ifdef SIGTTOU - /* - * Must ignore SIGTTOU, otherwise we'll stop - * when we try and set slave pty's window shape - * (our controlling tty is the master pty). - */ - signal(SIGTTOU, SIG_IGN); -#endif - - send_oob(f, TIOCPKT_WINDOW); /* indicate new rlogin */ - - if (f > master) - nfd = f + 1; - else - nfd = master + 1; - if (nfd > FD_SETSIZE) { - syslog(LOG_ERR, "select mask too small, increase FD_SETSIZE"); - fatal(f, "internal error (select mask too small)", 0); - } - for (;;) { - fd_set ibits, obits, ebits, *omask; - - FD_ZERO(&ebits); - FD_ZERO(&ibits); - FD_ZERO(&obits); - omask = (fd_set *)NULL; - if (fcc) { - FD_SET(master, &obits); - omask = &obits; - } else - FD_SET(f, &ibits); - if (pcc >= 0) { - if (pcc) { - FD_SET(f, &obits); - omask = &obits; - } else - FD_SET(master, &ibits); - } - FD_SET(master, &ebits); - if ((n = select(nfd, &ibits, omask, &ebits, 0)) < 0) { - if (errno == EINTR) - continue; - fatal(f, "select", 1); - } - if (n == 0) { - /* shouldn't happen... */ - sleep(5); - continue; - } - if (FD_ISSET(master, &ebits)) { - cc = readstream(master, &cntl, 1); - if (cc == 1 && pkcontrol(cntl)) { -#if 0 /* Kludge around */ - send_oob(f, cntl); -#endif - oob_queue = cntl; - if (cntl & TIOCPKT_FLUSHWRITE) { - pcc = 0; - FD_CLR(master, &ibits); - } - } - } - if (FD_ISSET(f, &ibits)) { -#ifndef NOENCRYPTION - if (doencrypt) - fcc = des_enc_read(f, fibuf, - sizeof(fibuf), - schedule, &kdata->session); - else -#endif - fcc = read(f, fibuf, sizeof(fibuf)); - if (fcc < 0 && errno == EWOULDBLOCK) - fcc = 0; - else { - char *cp; - int left, n; - - if (fcc <= 0) - break; - fbp = fibuf; - - top: - for (cp = fibuf; cp < fibuf+fcc-1; cp++) - if (cp[0] == magic[0] && - cp[1] == magic[1]) { - left = fcc - (cp-fibuf); - n = control(master, cp, left); - if (n) { - left -= n; - if (left > 0) - memmove(cp, cp+n, left); - fcc -= n; - goto top; /* n^2 */ - } - } - FD_SET(master, &obits); /* try write */ - } - } - - if (FD_ISSET(master, &obits) && fcc > 0) { - cc = write(master, fbp, fcc); - if (cc > 0) { - fcc -= cc; - fbp += cc; - } - } - - if (FD_ISSET(master, &ibits)) { - pcc = readstream(master, pibuf, sizeof (pibuf)); - pbp = pibuf; - if (pcc < 0 && errno == EWOULDBLOCK) - pcc = 0; - else if (pcc <= 0) - break; - else if (pibuf[0] == 0) { - pbp++, pcc--; - if (!doencrypt) - FD_SET(f, &obits); /* try write */ - } else { - if (pkcontrol(pibuf[0])) { - oob_queue = pibuf[0]; -#if 0 /* Kludge around */ - send_oob(f, pibuf[0]); -#endif - } - pcc = 0; - } - } - if ((FD_ISSET(f, &obits)) && pcc > 0) { -#ifndef NOENCRYPTION - if (doencrypt) - cc = des_enc_write(f, pbp, pcc, schedule, &kdata->session); - else -#endif - cc = write(f, pbp, pcc); - if (cc < 0 && errno == EWOULDBLOCK) { - /* - * This happens when we try write after read - * from p, but some old kernels balk at large - * writes even when select returns true. - */ - if (!FD_ISSET(master, &ibits)) - sleep(5); - continue; - } - if (cc > 0) { - pcc -= cc; - pbp += cc; - /* Only send urg data when normal data - * has just been sent. - * Linux has deep problems with more - * than one byte of OOB data. - */ - if (oob_queue) { - send_oob (f, oob_queue); - oob_queue = 0; - } - } - } - } -} - -static RETSIGTYPE -cleanup(int signo) -{ - char *p = clean_ttyname (line); - - if (rlogind_logout(p) == 0) - logwtmp(p, "", ""); - chmod(line, 0666); - chown(line, 0, 0); - *p = 'p'; - chmod(line, 0666); - chown(line, 0, 0); - shutdown(netf, 2); - signal(SIGHUP, SIG_IGN); -#ifdef HAVE_VHANGUP - vhangup(); -#endif /* HAVE_VHANGUP */ - exit(1); -} - -void -fatal(int f, const char *msg, int syserr) -{ - int len; - char buf[BUFSIZ], *bp = buf; - - /* - * Prepend binary one to message if we haven't sent - * the magic null as confirmation. - */ - if (!confirmed) - *bp++ = '\01'; /* error indicator */ - if (syserr) - snprintf(bp, sizeof(buf) - (bp - buf), - "rlogind: %s: %s.\r\n", - msg, strerror(errno)); - else - snprintf(bp, sizeof(buf) - (bp - buf), - "rlogind: %s.\r\n", msg); - len = strlen(bp); -#ifndef NOENCRYPTION - if (doencrypt) - des_enc_write(f, buf, bp + len - buf, schedule, &kdata->session); - else -#endif - write(f, buf, bp + len - buf); - exit(1); -} - -static void -xgetstr(char *buf, int cnt, char *errmsg) -{ - char c; - - do { - if (read(0, &c, 1) != 1) - exit(1); - if (--cnt < 0) - fatal(STDOUT_FILENO, errmsg, 0); - *buf++ = c; - } while (c != 0); -} - -static int -do_rlogin(struct sockaddr_in *dest) -{ - xgetstr(rusername, sizeof(rusername), "remuser too long"); - xgetstr(lusername, sizeof(lusername), "locuser too long"); - xgetstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type too long"); - - pwd = k_getpwnam(lusername); - if (pwd == NULL) - return (-1); - if (pwd->pw_uid == 0 && strcmp("root", lusername) != 0) - { - syslog(LOG_ALERT, "NIS attack, user %s has uid 0", lusername); - return (-1); - } - return (iruserok(dest->sin_addr.s_addr, - (pwd->pw_uid == 0), - rusername, - lusername)); -} - -static void -setup_term(int fd) -{ - char *cp = strchr(term+ENVSIZE, '/'); - char *speed; - struct termios tt; - - tcgetattr(fd, &tt); - if (cp) { - int s; - - *cp++ = '\0'; - speed = cp; - cp = strchr(speed, '/'); - if (cp) - *cp++ = '\0'; - s = int2speed_t (atoi (speed)); - if (s > 0) { - cfsetospeed (&tt, s); - cfsetispeed (&tt, s); - } - } - - tt.c_iflag &= ~INPCK; - tt.c_iflag |= ICRNL|IXON; - tt.c_oflag |= OPOST|ONLCR; -#ifdef TAB3 - tt.c_oflag |= TAB3; -#endif /* TAB3 */ -#ifdef ONLRET - tt.c_oflag &= ~ONLRET; -#endif /* ONLRET */ - tt.c_lflag |= (ECHO|ECHOE|ECHOK|ISIG|ICANON); - tt.c_cflag &= ~PARENB; - tt.c_cflag |= CS8; - tt.c_cc[VMIN] = 1; - tt.c_cc[VTIME] = 0; - tt.c_cc[VEOF] = CEOF; - tcsetattr(fd, TCSAFLUSH, &tt); - - env[0] = term; - env[1] = 0; - environ = env; -} - -#define VERSION_SIZE 9 - -/* - * Do the remote kerberos login to the named host with the - * given inet address - * - * Return 0 on valid authorization - * Return -1 on valid authentication, no authorization - * Return >0 for error conditions - */ -static int -do_krb_login(struct sockaddr_in *dest) -{ - int rc; - char instance[INST_SZ], version[VERSION_SIZE]; - long authopts = 0L; /* !mutual */ - struct sockaddr_in faddr; - - kdata = (AUTH_DAT *) auth_buf; - ticket = (KTEXT) tick_buf; - - k_getsockinst(0, instance, sizeof(instance)); - - if (doencrypt) { - rc = sizeof(faddr); - if (getsockname(0, (struct sockaddr *)&faddr, &rc)) - return (-1); - authopts = KOPT_DO_MUTUAL; - rc = krb_recvauth( - authopts, 0, - ticket, "rcmd", - instance, dest, &faddr, - kdata, "", schedule, version); - des_set_key(&kdata->session, schedule); - - } else - rc = krb_recvauth( - authopts, 0, - ticket, "rcmd", - instance, dest, (struct sockaddr_in *) 0, - kdata, "", 0, version); - - if (rc != KSUCCESS) - return (rc); - - xgetstr(lusername, sizeof(lusername), "locuser"); - /* get the "cmd" in the rcmd protocol */ - xgetstr(term+ENVSIZE, sizeof(term)-ENVSIZE, "Terminal type"); - - pwd = k_getpwnam(lusername); - if (pwd == NULL) - return (-1); - if (pwd->pw_uid == 0 && strcmp("root", lusername) != 0) - { - syslog(LOG_ALERT, "NIS attack, user %s has uid 0", lusername); - return (-1); - } - - /* returns nonzero for no access */ - if (kuserok(kdata, lusername) != 0) - return (-1); - - return (0); - -} - -static void -usage(void) -{ - syslog(LOG_ERR, - "usage: rlogind [-Dailn] [-p port] [-x] [-L login] [-k | -v]"); - exit(1); -} diff --git a/crypto/kerberosIV/appl/bsd/rsh.c b/crypto/kerberosIV/appl/bsd/rsh.c deleted file mode 100644 index a18f77550f9a..000000000000 --- a/crypto/kerberosIV/appl/bsd/rsh.c +++ /dev/null @@ -1,384 +0,0 @@ -/*- - * Copyright (c) 1983, 1990 The Regents of the University of California. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: rsh.c,v 1.43.2.2 2000/10/10 12:53:50 assar Exp $"); - -CREDENTIALS cred; -Key_schedule schedule; -int use_kerberos = 1, doencrypt; -char dst_realm_buf[REALM_SZ], *dest_realm; - -/* - * rsh - remote shell - */ -int rfd2; - -static void -usage(void) -{ - fprintf(stderr, - "usage: rsh [-ndKx] [-k realm] [-p port] [-l login] host [command]\n"); - exit(1); -} - -static char * -copyargs(char **argv) -{ - int cc; - char **ap, *p; - char *args; - - cc = 0; - for (ap = argv; *ap; ++ap) - cc += strlen(*ap) + 1; - args = malloc(cc); - if (args == NULL) - errx(1, "Out of memory."); - for (p = args, ap = argv; *ap; ++ap) { - strcpy(p, *ap); - while(*p) - ++p; - if (ap[1]) - *p++ = ' '; - } - return(args); -} - -static RETSIGTYPE -sendsig(int signo_) -{ - char signo = signo_; -#ifndef NOENCRYPTION - if (doencrypt) - des_enc_write(rfd2, &signo, 1, schedule, &cred.session); - else -#endif - write(rfd2, &signo, 1); -} - -static void -talk(int nflag, sigset_t omask, int pid, int rem) -{ - int cc, wc; - char *bp; - fd_set readfrom, ready, rembits; - char buf[DES_RW_MAXWRITE]; - - if (pid == 0) { - if (nflag) - goto done; - - close(rfd2); - - reread: errno = 0; - if ((cc = read(0, buf, sizeof buf)) <= 0) - goto done; - bp = buf; - - rewrite: - FD_ZERO(&rembits); - if (rem >= FD_SETSIZE) - errx(1, "fd too large"); - FD_SET(rem, &rembits); - if (select(rem + 1, 0, &rembits, 0, 0) < 0) { - if (errno != EINTR) - err(1, "select"); - goto rewrite; - } - if (!FD_ISSET(rem, &rembits)) - goto rewrite; -#ifndef NOENCRYPTION - if (doencrypt) - wc = des_enc_write(rem, bp, cc, schedule, &cred.session); - else -#endif - wc = write(rem, bp, cc); - if (wc < 0) { - if (errno == EWOULDBLOCK) - goto rewrite; - goto done; - } - bp += wc; - cc -= wc; - if (cc == 0) - goto reread; - goto rewrite; - done: - shutdown(rem, 1); - exit(0); - } - - if (sigprocmask(SIG_SETMASK, &omask, 0) != 0) - warn("sigprocmask"); - FD_ZERO(&readfrom); - if (rem >= FD_SETSIZE || rfd2 >= FD_SETSIZE) - errx(1, "fd too large"); - FD_SET(rem, &readfrom); - FD_SET(rfd2, &readfrom); - do { - ready = readfrom; - if (select(max(rem,rfd2)+1, &ready, 0, 0, 0) < 0) { - if (errno != EINTR) - err(1, "select"); - continue; - } - if (FD_ISSET(rfd2, &ready)) { - errno = 0; -#ifndef NOENCRYPTION - if (doencrypt) - cc = des_enc_read(rfd2, buf, sizeof buf, - schedule, &cred.session); - else -#endif - cc = read(rfd2, buf, sizeof buf); - if (cc <= 0) { - if (errno != EWOULDBLOCK) - FD_CLR(rfd2, &readfrom); - } else - write(2, buf, cc); - } - if (FD_ISSET(rem, &ready)) { - errno = 0; -#ifndef NOENCRYPTION - if (doencrypt) - cc = des_enc_read(rem, buf, sizeof buf, - schedule, &cred.session); - else -#endif - cc = read(rem, buf, sizeof buf); - if (cc <= 0) { - if (errno != EWOULDBLOCK) - FD_CLR(rem, &readfrom); - } else - write(1, buf, cc); - } - } while (FD_ISSET(rfd2, &readfrom) || FD_ISSET(rem, &readfrom)); -} - -int -main(int argc, char **argv) -{ - struct passwd *pw; - int sv_port, user_port = 0; - sigset_t omask; - int argoff, ch, dflag, nflag, nfork, one, pid, rem, uid; - char *args, *host, *user, *local_user; - - argoff = dflag = nflag = nfork = 0; - one = 1; - host = user = NULL; - pid = 1; - - set_progname(argv[0]); - - /* handle "rsh host flags" */ - if (argc > 2 && argv[1][0] != '-') { - host = argv[1]; - argoff = 1; - } - -#define OPTIONS "+8KLde:k:l:np:wx" - while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != -1) - switch(ch) { - case 'K': - use_kerberos = 0; - break; - case 'L': /* -8Lew are ignored to allow rlogin aliases */ - case 'e': - case 'w': - case '8': - break; - case 'd': - dflag = 1; - break; - case 'l': - user = optarg; - break; - case 'k': - dest_realm = dst_realm_buf; - strlcpy(dest_realm, optarg, REALM_SZ); - break; - case 'n': - nflag = nfork = 1; - break; - case 'x': - doencrypt = 1; - break; - case 'p': { - char *endptr; - - user_port = strtol (optarg, &endptr, 0); - if (user_port == 0 && optarg == endptr) - errx (1, "Bad port `%s'", optarg); - user_port = htons(user_port); - break; - } - case '?': - default: - usage(); - } - optind += argoff; - - /* if haven't gotten a host yet, do so */ - if (!host && !(host = argv[optind++])) - usage(); - - /* if no further arguments, must have been called as rlogin. */ - if (!argv[optind]) { - *argv = "rlogin"; - paranoid_setuid (getuid ()); - execv(_PATH_RLOGIN, argv); - err(1, "can't exec %s", _PATH_RLOGIN); - } - -#ifndef __CYGWIN32__ - if (!(pw = k_getpwuid(uid = getuid()))) - errx(1, "unknown user id."); - local_user = pw->pw_name; - if (!user) - user = local_user; -#else - if (!user) - errx(1, "Sorry, you need to specify the username (with -l)"); - local_user = user; -#endif - - /* -n must still fork but does not turn of the -n functionality */ - if (doencrypt) - nfork = 0; - - args = copyargs(argv+optind); - - if (user_port) - sv_port = user_port; - else - sv_port = get_shell_port(use_kerberos, doencrypt); - - if (use_kerberos) { - paranoid_setuid(getuid()); - rem = KSUCCESS; - errno = 0; - if (dest_realm == NULL) - dest_realm = krb_realmofhost(host); - - if (doencrypt) - rem = krcmd_mutual(&host, sv_port, user, args, - &rfd2, dest_realm, &cred, schedule); - else - rem = krcmd(&host, sv_port, user, args, &rfd2, - dest_realm); - if (rem < 0) { - int i = 0; - char **newargv; - - if (errno == ECONNREFUSED) - warning("remote host doesn't support Kerberos"); - if (errno == ENOENT) - warning("can't provide Kerberos auth data"); - newargv = malloc((argc + 2) * sizeof(*newargv)); - if (newargv == NULL) - err(1, "malloc"); - newargv[i] = argv[i]; - ++i; - if (argv[i][0] != '-') { - newargv[i] = argv[i]; - ++i; - } - newargv[i++] = "-K"; - for(; i <= argc; ++i) - newargv[i] = argv[i - 1]; - newargv[argc + 1] = NULL; - execv(_PATH_RSH, newargv); - } - } else { - if (doencrypt) - errx(1, "the -x flag requires Kerberos authentication."); - if (geteuid() != 0) - errx(1, "not installed setuid root, " - "only root may use non kerberized rsh"); - rem = rcmd(&host, sv_port, local_user, user, args, &rfd2); - } - - if (rem < 0) - exit(1); - - if (rfd2 < 0) - errx(1, "can't establish stderr."); -#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT) - if (dflag) { - if (setsockopt(rem, SOL_SOCKET, SO_DEBUG, (void *)&one, - sizeof(one)) < 0) - warn("setsockopt"); - if (setsockopt(rfd2, SOL_SOCKET, SO_DEBUG, (void *)&one, - sizeof(one)) < 0) - warn("setsockopt"); - } -#endif - - paranoid_setuid(uid); - { - sigset_t sigmsk; - sigemptyset(&sigmsk); - sigaddset(&sigmsk, SIGINT); - sigaddset(&sigmsk, SIGQUIT); - sigaddset(&sigmsk, SIGTERM); - if (sigprocmask(SIG_BLOCK, &sigmsk, &omask) != 0) - warn("sigprocmask"); - } - if (signal(SIGINT, SIG_IGN) != SIG_IGN) - signal(SIGINT, sendsig); - if (signal(SIGQUIT, SIG_IGN) != SIG_IGN) - signal(SIGQUIT, sendsig); - if (signal(SIGTERM, SIG_IGN) != SIG_IGN) - signal(SIGTERM, sendsig); - signal(SIGPIPE, SIG_IGN); - - if (!nfork) { - pid = fork(); - if (pid < 0) - err(1, "fork"); - } - - if (!doencrypt) { - ioctl(rfd2, FIONBIO, &one); - ioctl(rem, FIONBIO, &one); - } - - talk(nflag, omask, pid, rem); - - if (!nflag) - kill(pid, SIGKILL); - exit(0); -} diff --git a/crypto/kerberosIV/appl/bsd/rshd.c b/crypto/kerberosIV/appl/bsd/rshd.c deleted file mode 100644 index 496fa881a7de..000000000000 --- a/crypto/kerberosIV/appl/bsd/rshd.c +++ /dev/null @@ -1,652 +0,0 @@ -/*- - * Copyright (c) 1988, 1989, 1992, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * remote shell server: - * [port]\0 - * remuser\0 - * locuser\0 - * command\0 - * data - */ - -#include "bsd_locl.h" - -RCSID("$Id: rshd.c,v 1.60.2.3 2000/10/18 20:39:12 assar Exp $"); - -extern char *__rcmd_errstr; /* syslog hook from libc/net/rcmd.c. */ -extern int __check_rhosts_file; - -static int keepalive = 1; -static int log_success; /* If TRUE, log all successful accesses */ -static int new_pag = 1; /* Put process in new PAG by default */ -static int no_inetd = 0; -static int sent_null; - -static void doit (struct sockaddr_in *); -static void error (const char *, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; -static void usage (void); - -#define VERSION_SIZE 9 -#define SECURE_MESSAGE "This rsh session is using DES encryption for all transmissions.\r\n" -#define OPTIONS "alnkvxLp:Pi" -AUTH_DAT authbuf; -KTEXT_ST tickbuf; -int doencrypt, use_kerberos, vacuous; -Key_schedule schedule; - -int -main(int argc, char *argv[]) -{ - struct linger linger; - int ch, on = 1, fromlen; - struct sockaddr_in from; - int portnum = 0; - - set_progname(argv[0]); - - openlog("rshd", LOG_PID | LOG_ODELAY, LOG_DAEMON); - - opterr = 0; - while ((ch = getopt(argc, argv, OPTIONS)) != -1) - switch (ch) { - case 'a': - break; - case 'l': - __check_rhosts_file = 0; - break; - case 'n': - keepalive = 0; - break; - case 'k': - use_kerberos = 1; - break; - - case 'v': - vacuous = 1; - break; - - case 'x': - doencrypt = 1; - break; - case 'L': - log_success = 1; - break; - case 'p': - portnum = htons(atoi(optarg)); - break; - case 'P': - new_pag = 0; - break; - case 'i': - no_inetd = 1; - break; - case '?': - default: - usage(); - break; - } - - argc -= optind; - argv += optind; - - if (use_kerberos && vacuous) { - syslog(LOG_ERR, "only one of -k and -v allowed"); - exit(2); - } - if (doencrypt && !use_kerberos) { - syslog(LOG_ERR, "-k is required for -x"); - exit(2); - } - - if (no_inetd) { - if(portnum == 0) - portnum = get_shell_port (use_kerberos, doencrypt); - mini_inetd (portnum); - } - - fromlen = sizeof (from); - if (getpeername(0, (struct sockaddr *)&from, &fromlen) < 0) { - syslog(LOG_ERR, "getpeername: %m"); - _exit(1); - } -#ifdef HAVE_SETSOCKOPT -#ifdef SO_KEEPALIVE - if (keepalive && - setsockopt(0, SOL_SOCKET, SO_KEEPALIVE, (void *)&on, - sizeof(on)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); -#endif -#ifdef SO_LINGER - linger.l_onoff = 1; - linger.l_linger = 60; /* XXX */ - if (setsockopt(0, SOL_SOCKET, SO_LINGER, (void *)&linger, - sizeof (linger)) < 0) - syslog(LOG_WARNING, "setsockopt (SO_LINGER): %m"); -#endif -#endif /* HAVE_SETSOCKOPT */ - doit(&from); - /* NOTREACHED */ - return 0; -} - -char username[20] = "USER="; -char homedir[64] = "HOME="; -char shell[64] = "SHELL="; -char path[100] = "PATH="; -char *envinit[] = -{homedir, shell, path, username, 0}; - -static void -xgetstr(char *buf, int cnt, char *err) -{ - char c; - - do { - if (read(STDIN_FILENO, &c, 1) != 1) - exit(1); - *buf++ = c; - if (--cnt == 0) { - error("%s too long\n", err); - exit(1); - } - } while (c != 0); -} - -static void -doit(struct sockaddr_in *fromp) -{ - struct passwd *pwd; - u_short port; - fd_set ready, readfrom; - int cc, nfd, pv[2], pid, s; - int one = 1; - const char *errorhost = ""; - char *errorstr; - char *cp, sig, buf[DES_RW_MAXWRITE]; - char cmdbuf[NCARGS+1], locuser[16], remuser[16]; - char remotehost[2 * MaxHostNameLen + 1]; - uid_t uid; - char shell_path[MAXPATHLEN]; - - AUTH_DAT *kdata; - KTEXT ticket; - char instance[INST_SZ], version[VERSION_SIZE]; - struct sockaddr_in fromaddr; - int rc; - long authopts; - int pv1[2], pv2[2]; - fd_set wready, writeto; - - fromaddr = *fromp; - - signal(SIGINT, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - signal(SIGTERM, SIG_DFL); -#ifdef DEBUG - { int t = open(_PATH_TTY, 2); - if (t >= 0) { - ioctl(t, TIOCNOTTY, (char *)0); - close(t); - } - } -#endif - fromp->sin_port = ntohs((u_short)fromp->sin_port); - if (fromp->sin_family != AF_INET) { - syslog(LOG_ERR, "malformed \"from\" address (af %d)\n", - fromp->sin_family); - exit(1); - } - - - if (!use_kerberos) { - ip_options_and_die (0, fromp); - if (fromp->sin_port >= IPPORT_RESERVED || - fromp->sin_port < IPPORT_RESERVED/2) { - syslog(LOG_NOTICE|LOG_AUTH, - "Connection from %s on illegal port %u", - inet_ntoa(fromp->sin_addr), - fromp->sin_port); - exit(1); - } - } - - alarm(60); - port = 0; - for (;;) { - char c; - if ((cc = read(STDIN_FILENO, &c, 1)) != 1) { - if (cc < 0) - syslog(LOG_NOTICE, "read: %m"); - shutdown(0, 1+1); - exit(1); - } - if (c== 0) - break; - port = port * 10 + c - '0'; - } - - alarm(0); - if (port != 0) { - int lport = IPPORT_RESERVED - 1; - s = rresvport(&lport); - if (s < 0) { - syslog(LOG_ERR, "can't get stderr port: %m"); - exit(1); - } - if (!use_kerberos) - if (port >= IPPORT_RESERVED) { - syslog(LOG_ERR, "2nd port not reserved\n"); - exit(1); - } - fromp->sin_port = htons(port); - if (connect(s, (struct sockaddr *)fromp, sizeof (*fromp)) < 0) { - syslog(LOG_INFO, "connect second port %d: %m", port); - exit(1); - } - } - - if (vacuous) { - error("rshd: Remote host requires Kerberos authentication.\n"); - exit(1); - } - - errorstr = NULL; - inaddr2str (fromp->sin_addr, remotehost, sizeof(remotehost)); - - if (use_kerberos) { - kdata = &authbuf; - ticket = &tickbuf; - authopts = 0L; - k_getsockinst(0, instance, sizeof(instance)); - version[VERSION_SIZE - 1] = '\0'; - if (doencrypt) { - struct sockaddr_in local_addr; - rc = sizeof(local_addr); - if (getsockname(0, (struct sockaddr *)&local_addr, - &rc) < 0) { - syslog(LOG_ERR, "getsockname: %m"); - error("rshd: getsockname: %m"); - exit(1); - } - authopts = KOPT_DO_MUTUAL; - rc = krb_recvauth(authopts, 0, ticket, - "rcmd", instance, &fromaddr, - &local_addr, kdata, "", schedule, - version); -#ifndef NOENCRYPTION - des_set_key(&kdata->session, schedule); -#else - memset(schedule, 0, sizeof(schedule)); -#endif - } else - rc = krb_recvauth(authopts, 0, ticket, "rcmd", - instance, &fromaddr, - (struct sockaddr_in *) 0, - kdata, "", 0, version); - if (rc != KSUCCESS) { - error("Kerberos authentication failure: %s\n", - krb_get_err_text(rc)); - exit(1); - } - } else - xgetstr(remuser, sizeof(remuser), "remuser"); - - xgetstr(locuser, sizeof(locuser), "locuser"); - xgetstr(cmdbuf, sizeof(cmdbuf), "command"); - setpwent(); - pwd = k_getpwnam(locuser); - if (pwd == NULL) { - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: unknown login. cmd='%.80s'", - remuser, remotehost, locuser, cmdbuf); - if (errorstr == NULL) - errorstr = "Login incorrect.\n"; - goto fail; - } - if (pwd->pw_uid == 0 && strcmp("root", locuser) != 0) - { - syslog(LOG_ALERT, "NIS attack, user %s has uid 0", locuser); - if (errorstr == NULL) - errorstr = "Login incorrect.\n"; - goto fail; - } - if (chdir(pwd->pw_dir) < 0) { - chdir("/"); -#ifdef notdef - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: no home directory. cmd='%.80s'", - remuser, remotehost, locuser, cmdbuf); - error("No remote directory.\n"); - exit(1); -#endif - } - - if (use_kerberos) { - if (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0') { - if (kuserok(kdata, locuser) != 0) { - syslog(LOG_INFO|LOG_AUTH, - "Kerberos rsh denied to %s", - krb_unparse_name_long(kdata->pname, - kdata->pinst, - kdata->prealm)); - error("Permission denied.\n"); - exit(1); - } - } - } else - - if (errorstr || - (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' && - iruserok(fromp->sin_addr.s_addr, pwd->pw_uid == 0, - remuser, locuser) < 0)) { - if (__rcmd_errstr) - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: permission denied (%s). cmd='%.80s'", - remuser, remotehost, locuser, - __rcmd_errstr, cmdbuf); - else - syslog(LOG_INFO|LOG_AUTH, - "%s@%s as %s: permission denied. cmd='%.80s'", - remuser, remotehost, locuser, cmdbuf); - fail: - if (errorstr == NULL) - errorstr = "Permission denied.\n"; - error(errorstr, errorhost); - exit(1); - } - - if (pwd->pw_uid && !access(_PATH_NOLOGIN, F_OK)) { - error("Logins currently disabled.\n"); - exit(1); - } - - write(STDERR_FILENO, "\0", 1); - sent_null = 1; - - if (port) { - if (pipe(pv) < 0) { - error("Can't make pipe.\n"); - exit(1); - } - if (doencrypt) { - if (pipe(pv1) < 0) { - error("Can't make 2nd pipe.\n"); - exit(1); - } - if (pipe(pv2) < 0) { - error("Can't make 3rd pipe.\n"); - exit(1); - } - } - pid = fork(); - if (pid == -1) { - error("Can't fork; try again.\n"); - exit(1); - } - if (pid) { - if (doencrypt) { - static char msg[] = SECURE_MESSAGE; - close(pv1[1]); - close(pv2[0]); -#ifndef NOENCRYPTION - des_enc_write(s, msg, sizeof(msg) - 1, schedule, &kdata->session); -#else - write(s, msg, sizeof(msg) - 1); -#endif - } else { - close(0); - close(1); - } - close(2); - close(pv[1]); - - if (s >= FD_SETSIZE || pv[0] >= FD_SETSIZE) { - error ("fd too large\n"); - exit (1); - } - - FD_ZERO(&readfrom); - FD_SET(s, &readfrom); - FD_SET(pv[0], &readfrom); - if (pv[0] > s) - nfd = pv[0]; - else - nfd = s; - if (doencrypt) { - if (pv2[1] >= FD_SETSIZE || pv1[0] >= FD_SETSIZE) { - error ("fd too large\n"); - exit (1); - } - - FD_ZERO(&writeto); - FD_SET(pv2[1], &writeto); - FD_SET(pv1[0], &readfrom); - FD_SET(STDIN_FILENO, &readfrom); - - nfd = max(nfd, pv2[1]); - nfd = max(nfd, pv1[0]); - } else - ioctl(pv[0], FIONBIO, (char *)&one); - - /* should set s nbio! */ - nfd++; - do { - ready = readfrom; - if (doencrypt) { - wready = writeto; - if (select(nfd, &ready, - &wready, 0, - (struct timeval *) 0) < 0) - break; - } else - if (select(nfd, &ready, 0, - 0, (struct timeval *)0) < 0) - break; - if (FD_ISSET(s, &ready)) { - int ret; - if (doencrypt) -#ifndef NOENCRYPTION - ret = des_enc_read(s, &sig, 1, schedule, &kdata->session); -#else - ret = read(s, &sig, 1); -#endif - else - ret = read(s, &sig, 1); - if (ret <= 0) - FD_CLR(s, &readfrom); - else - kill(-pid, sig); - } - if (FD_ISSET(pv[0], &ready)) { - errno = 0; - cc = read(pv[0], buf, sizeof(buf)); - if (cc <= 0) { - shutdown(s, 1+1); - FD_CLR(pv[0], &readfrom); - } else { - if (doencrypt) -#ifndef NOENCRYPTION - des_enc_write(s, buf, cc, schedule, &kdata->session); -#else - write(s, buf, cc); -#endif - else - (void) - write(s, buf, cc); - } - } - if (doencrypt && FD_ISSET(pv1[0], &ready)) { - errno = 0; - cc = read(pv1[0], buf, sizeof(buf)); - if (cc <= 0) { - shutdown(pv1[0], 1+1); - FD_CLR(pv1[0], &readfrom); - } else -#ifndef NOENCRYPTION - des_enc_write(STDOUT_FILENO, buf, cc, schedule, &kdata->session); -#else - write(STDOUT_FILENO, buf, cc); -#endif - } - - if (doencrypt - && FD_ISSET(STDIN_FILENO, &ready) - && FD_ISSET(pv2[1], &wready)) { - errno = 0; -#ifndef NOENCRYPTION - cc = des_enc_read(STDIN_FILENO, buf, sizeof(buf), schedule, &kdata->session); -#else - cc = read(STDIN_FILENO, buf, sizeof(buf)); -#endif - if (cc <= 0) { - shutdown(STDIN_FILENO, 0); - FD_CLR(STDIN_FILENO, &readfrom); - close(pv2[1]); - FD_CLR(pv2[1], &writeto); - } else - write(pv2[1], buf, cc); - } - - } while (FD_ISSET(s, &readfrom) || - (doencrypt && FD_ISSET(pv1[0], &readfrom)) || - FD_ISSET(pv[0], &readfrom)); - exit(0); - } - setsid(); - close(s); - close(pv[0]); - if (doencrypt) { - close(pv1[0]); - close(pv2[1]); - dup2(pv1[1], 1); - dup2(pv2[0], 0); - close(pv1[1]); - close(pv2[0]); - } - dup2(pv[1], 2); - close(pv[1]); - } - if (*pwd->pw_shell == '\0') - pwd->pw_shell = _PATH_BSHELL; -#ifdef HAVE_SETLOGIN - if (setlogin(pwd->pw_name) < 0) - syslog(LOG_ERR, "setlogin() failed: %m"); -#endif - -#ifdef HAVE_SETPCRED - if (setpcred (pwd->pw_name, NULL) == -1) - syslog(LOG_ERR, "setpcred() failure: %m"); -#endif /* HAVE_SETPCRED */ - if(do_osfc2_magic(pwd->pw_uid)) - exit(1); - setgid((gid_t)pwd->pw_gid); - initgroups(pwd->pw_name, pwd->pw_gid); - setuid((uid_t)pwd->pw_uid); - strlcat(homedir, pwd->pw_dir, sizeof(homedir)); - - /* Need to prepend path with BINDIR (/usr/athena/bin) to find rcp */ - snprintf(path, sizeof(path), "PATH=%s:%s", BINDIR, _PATH_DEFPATH); - - strlcat(shell, pwd->pw_shell, sizeof(shell)); - strlcpy(shell_path, pwd->pw_shell, sizeof(shell_path)); - strlcat(username, pwd->pw_name, sizeof(username)); - uid = pwd->pw_uid; - cp = strrchr(pwd->pw_shell, '/'); - if (cp) - cp++; - else - cp = pwd->pw_shell; - endpwent(); - if (log_success || uid == 0) { - if (use_kerberos) - syslog(LOG_INFO|LOG_AUTH, - "Kerberos shell from %s on %s as %s, cmd='%.80s'", - krb_unparse_name_long(kdata->pname, - kdata->pinst, - kdata->prealm), - remotehost, locuser, cmdbuf); - else - syslog(LOG_INFO|LOG_AUTH, "%s@%s as %s: cmd='%.80s'", - remuser, remotehost, locuser, cmdbuf); - } - if (k_hasafs()) { - char cell[64]; - - if (new_pag) - k_setpag(); /* Put users process in an new pag */ - if (k_afs_cell_of_file (homedir, cell, sizeof(cell)) == 0) - krb_afslog_uid_home (cell, NULL, uid, homedir); - krb_afslog_uid_home(NULL, NULL, uid, homedir); - } - execle(shell_path, cp, "-c", cmdbuf, 0, envinit); - err(1, "%s", shell_path); -} - -/* - * Report error to client. Note: can't be used until second socket has - * connected to client, or older clients will hang waiting for that - * connection first. - */ - -static void -error(const char *fmt, ...) -{ - va_list ap; - int len; - char *bp, buf[BUFSIZ]; - - va_start(ap, fmt); - bp = buf; - if (sent_null == 0) { - *bp++ = 1; - len = 1; - } else - len = 0; - len += vsnprintf(bp, sizeof(buf) - len, fmt, ap); - write(STDERR_FILENO, buf, len); - va_end(ap); -} - -static void -usage() -{ - - syslog(LOG_ERR, - "usage: rshd [-alnkvxLPi] [-p port]"); - exit(2); -} diff --git a/crypto/kerberosIV/appl/bsd/stty_default.c b/crypto/kerberosIV/appl/bsd/stty_default.c deleted file mode 100644 index 013582345222..000000000000 --- a/crypto/kerberosIV/appl/bsd/stty_default.c +++ /dev/null @@ -1,100 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: stty_default.c,v 1.7 1999/12/02 16:58:28 joda Exp $"); - -#include - -/* HP-UX 9.0 termios doesn't define these */ -#ifndef FLUSHO -#define FLUSHO 0 -#endif - -#ifndef XTABS -#define XTABS 0 -#endif - -#ifndef OXTABS -#define OXTABS XTABS -#endif - -/* Ultrix... */ -#ifndef ECHOPRT -#define ECHOPRT 0 -#endif - -#ifndef ECHOCTL -#define ECHOCTL 0 -#endif - -#ifndef ECHOKE -#define ECHOKE 0 -#endif - -#ifndef IMAXBEL -#define IMAXBEL 0 -#endif - -#define Ctl(x) ((x) ^ 0100) - -void -stty_default(void) -{ - struct termios termios; - - /* - * Finalize the terminal settings. Some systems default to 8 bits, - * others to 7, so we should leave that alone. - */ - tcgetattr(0, &termios); - - termios.c_iflag |= (BRKINT|IGNPAR|ICRNL|IXON|IMAXBEL); - termios.c_iflag &= ~IXANY; - - termios.c_lflag |= (ISIG|IEXTEN|ICANON|ECHO|ECHOE|ECHOK|ECHOCTL|ECHOKE); - termios.c_lflag &= ~(ECHOPRT|TOSTOP|FLUSHO); - - termios.c_oflag |= (OPOST|ONLCR); - termios.c_oflag &= ~OXTABS; - - termios.c_cc[VINTR] = Ctl('C'); - termios.c_cc[VERASE] = Ctl('H'); - termios.c_cc[VKILL] = Ctl('U'); - termios.c_cc[VEOF] = Ctl('D'); - - termios.c_cc[VSUSP] = Ctl('Z'); - - tcsetattr(0, TCSANOW, &termios); -} diff --git a/crypto/kerberosIV/appl/bsd/su.c b/crypto/kerberosIV/appl/bsd/su.c deleted file mode 100644 index 7fc63ee91552..000000000000 --- a/crypto/kerberosIV/appl/bsd/su.c +++ /dev/null @@ -1,504 +0,0 @@ -/* - * Copyright (c) 1988 The Regents of the University of California. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID ("$Id: su.c,v 1.70.2.2 2000/12/07 14:04:19 assar Exp $"); - -#ifdef SYSV_SHADOW -#include "sysv_shadow.h" -#endif - -static int kerberos (char *username, char *user, char *realm, int uid); -static int chshell (char *sh); -static char *ontty (void); -static int koktologin (char *name, char *realm, char *toname); -static int chshell (char *sh); - -/* Handle '-' option after all the getopt options */ -#define ARGSTR "Kkflmti:r:" - -int destroy_tickets = 0; -static int use_kerberos = 1; -static char *root_inst = "root"; - -int -main (int argc, char **argv) -{ - struct passwd *pwd; - char *p, **g; - struct group *gr; - uid_t ruid; - int asme, ch, asthem, fastlogin, prio; - enum { UNSET, YES, NO } iscsh = UNSET; - char *user, *shell, *avshell, *username, **np; - char shellbuf[MaxPathLen], avshellbuf[MaxPathLen]; - char *realm = NULL; - - set_progname (argv[0]); - - if (getuid() == 0) - use_kerberos = 0; - - asme = asthem = fastlogin = 0; - while ((ch = getopt (argc, argv, ARGSTR)) != -1) - switch ((char) ch) { - case 'K': - use_kerberos = 0; - break; - case 'k': - use_kerberos = 1; - break; - case 'f': - fastlogin = 1; - break; - case 'l': - asme = 0; - asthem = 1; - break; - case 'm': - asme = 1; - asthem = 0; - break; - case 't': - destroy_tickets = 1; - break; - case 'i': - root_inst = optarg; - break; - case 'r': - realm = optarg; - break; - case '?': - default: - fprintf (stderr, - "usage: su [-Kkflmt] [-i root-instance] [-r realm] [-] [login]\n"); - exit (1); - } - /* Don't handle '-' option with getopt */ - if (optind < argc && strcmp (argv[optind], "-") == 0) { - asme = 0; - asthem = 1; - optind++; - } - argv += optind; - - if (use_kerberos) { - int fd = open (KEYFILE, O_RDONLY); - - if (fd >= 0) - close (fd); - else - use_kerberos = 0; - } - errno = 0; - prio = getpriority (PRIO_PROCESS, 0); - if (errno) - prio = 0; - setpriority (PRIO_PROCESS, 0, -2); - openlog ("su", LOG_CONS, LOG_AUTH); - - /* get current login name and shell */ - ruid = getuid (); - username = getlogin (); - if (username == NULL || (pwd = k_getpwnam (username)) == NULL || - pwd->pw_uid != ruid) - pwd = k_getpwuid (ruid); - if (pwd == NULL) - errx (1, "who are you?"); - username = strdup (pwd->pw_name); - if (username == NULL) - errx (1, "strdup: out of memory"); - if (asme) { - if (pwd->pw_shell && *pwd->pw_shell) { - strlcpy (shellbuf, pwd->pw_shell, sizeof(shellbuf)); - shell = shellbuf; - } else { - shell = _PATH_BSHELL; - iscsh = NO; - } - } - - /* get target login information, default to root */ - user = *argv ? *argv : "root"; - np = *argv ? argv : argv - 1; - - pwd = k_getpwnam (user); - if (pwd == NULL) - errx (1, "unknown login %s", user); - if (pwd->pw_uid == 0 && strcmp ("root", user) != 0) { - syslog (LOG_ALERT, "NIS attack, user %s has uid 0", user); - errx (1, "unknown login %s", user); - } - if (!use_kerberos || kerberos (username, user, realm, pwd->pw_uid)) { -#ifndef PASSWD_FALLBACK - errx (1, "won't use /etc/passwd authentication"); -#endif - /* getpwnam() is not reentrant and kerberos might use it! */ - pwd = k_getpwnam (user); - if (pwd == NULL) - errx (1, "unknown login %s", user); - /* only allow those in group zero to su to root. */ - if (pwd->pw_uid == 0 && (gr = getgrgid ((gid_t) 0))) - for (g = gr->gr_mem;; ++g) { - if (!*g) { -#if 1 - /* if group 0 is empty or only - contains root su is still ok. */ - if (gr->gr_mem[0] == 0) - break; /* group 0 is empty */ - if (gr->gr_mem[1] == 0 && - strcmp (gr->gr_mem[0], "root") == 0) - break; /* only root in group 0 */ -#endif - errx (1, "you are not in the correct group to su %s.", - user); - } - if (!strcmp (username, *g)) - break; - } - /* if target requires a password, verify it */ - if (ruid && *pwd->pw_passwd) { - char prompt[128]; - char passwd[256]; - - snprintf (prompt, sizeof(prompt), "%s's Password: ", pwd->pw_name); - if (des_read_pw_string (passwd, sizeof (passwd), - prompt, 0)) { - memset (passwd, 0, sizeof (passwd)); - exit (1); - } - if (strcmp (pwd->pw_passwd, - crypt (passwd, pwd->pw_passwd))) { - memset (passwd, 0, sizeof (passwd)); - syslog (LOG_AUTH | LOG_WARNING, - "BAD SU %s to %s%s", username, - user, ontty ()); - errx (1, "Sorry"); - } - memset (passwd, 0, sizeof (passwd)); - } - } - if (asme) { - /* if asme and non-standard target shell, must be root */ - if (!chshell (pwd->pw_shell) && ruid) - errx (1, "permission denied (shell '%s' not in /etc/shells).", - pwd->pw_shell); - } else if (pwd->pw_shell && *pwd->pw_shell) { - shell = pwd->pw_shell; - iscsh = UNSET; - } else { - shell = _PATH_BSHELL; - iscsh = NO; - } - - if ((p = strrchr (shell, '/')) != 0) - avshell = p + 1; - else - avshell = shell; - - /* if we're forking a csh, we want to slightly muck the args */ - if (iscsh == UNSET) - iscsh = strcmp (avshell, "csh") ? NO : YES; - - /* set permissions */ - - if (setgid (pwd->pw_gid) < 0) - err (1, "setgid"); - if (initgroups (user, pwd->pw_gid)) { - if (errno == E2BIG) /* Member of too many groups! */ - warn("initgroups failed."); - else - errx(1, "initgroups failed."); - } - - if (setuid (pwd->pw_uid) < 0) - err (1, "setuid"); - - if (pwd->pw_uid != 0 && setuid(0) != -1) { - syslog(LOG_ALERT | LOG_AUTH, - "Failed to drop privileges for user %s", pwd->pw_name); - errx(1, "Sorry"); - } - - if (!asme) { - if (asthem) { - char *k = getenv ("KRBTKFILE"); - char *t = getenv ("TERM"); - - environ = malloc (10 * sizeof (char *)); - if (environ == NULL) - err (1, "malloc"); - environ[0] = NULL; - setenv ("PATH", _PATH_DEFPATH, 1); - if (t) - setenv ("TERM", t, 1); - if (k) - setenv ("KRBTKFILE", k, 1); - if (chdir (pwd->pw_dir) < 0) - errx (1, "no directory"); - } - if (asthem || pwd->pw_uid) - setenv ("USER", pwd->pw_name, 1); - setenv ("HOME", pwd->pw_dir, 1); - setenv ("SHELL", shell, 1); - } - if (iscsh == YES) { - if (fastlogin) - *np-- = "-f"; - if (asme) - *np-- = "-m"; - } - if (asthem) { - snprintf (avshellbuf, sizeof(avshellbuf), - "-%s", avshell); - avshell = avshellbuf; - } else if (iscsh == YES) { - /* csh strips the first character... */ - snprintf (avshellbuf, sizeof(avshellbuf), - "_%s", avshell); - avshell = avshellbuf; - } - *np = avshell; - - if (ruid != 0) - syslog (LOG_NOTICE | LOG_AUTH, "%s to %s%s", - username, user, ontty ()); - - setpriority (PRIO_PROCESS, 0, prio); - - if (k_hasafs ()) { - int code; - - if (k_setpag () != 0) - warn ("setpag"); - code = krb_afslog (0, 0); - if (code != KSUCCESS && code != KDC_PR_UNKNOWN) - warnx ("afsklog: %s", krb_get_err_text (code)); - } - if (destroy_tickets) - dest_tkt (); - execv (shell, np); - warn ("execv(%s)", shell); - if (getuid () == 0) { - execv (_PATH_BSHELL, np); - warn ("execv(%s)", _PATH_BSHELL); - } - exit (1); -} - -static int -chshell (char *sh) -{ - char *cp; - - while ((cp = getusershell ()) != NULL) - if (!strcmp (cp, sh)) - return (1); - return (0); -} - -static char * -ontty (void) -{ - char *p; - static char buf[MaxPathLen + 4]; - - buf[0] = 0; - if ((p = ttyname (STDERR_FILENO)) != 0) - snprintf (buf, sizeof(buf), " on %s", p); - return (buf); -} - -static int -kerberos (char *username, char *user, char *lrealm, int uid) -{ - KTEXT_ST ticket; - AUTH_DAT authdata; - struct hostent *hp; - int kerno; - u_long faddr; - char tmp_realm[REALM_SZ], krbtkfile[MaxPathLen]; - char hostname[MaxHostNameLen], savehost[MaxHostNameLen]; - int n; - int allowed = 0; - - if (lrealm != NULL) { - allowed = koktologin (username, lrealm, user) == 0; - } else { - for (n = 1; !allowed && krb_get_lrealm (tmp_realm, n) == KSUCCESS; ++n) - allowed = koktologin (username, tmp_realm, user) == 0; - lrealm = tmp_realm; - } - if (!allowed && !uid) { -#ifndef PASSWD_FALLBACK - warnx ("not in %s's ACL.", user); -#endif - return (1); - } - snprintf (krbtkfile, sizeof(krbtkfile), - "%s_%s_to_%s_%u", TKT_ROOT, username, user, - (unsigned) getpid ()); - - setenv ("KRBTKFILE", krbtkfile, 1); - krb_set_tkt_string (krbtkfile); - /* - * Set real as well as effective ID to 0 for the moment, - * to make the kerberos library do the right thing. - */ - if (setuid(0) < 0) { - warn("setuid"); - return (1); - } - - /* - * Little trick here -- if we are su'ing to root, we need to get a ticket - * for "xxx.root", where xxx represents the name of the person su'ing. - * Otherwise (non-root case), we need to get a ticket for "yyy.", where - * yyy represents the name of the person being su'd to, and the instance - * is null - * - * We should have a way to set the ticket lifetime, with a system default - * for root. - */ - { - char prompt[128]; - char passw[256]; - - snprintf (prompt, sizeof(prompt), - "%s's Password: ", - krb_unparse_name_long ((uid == 0 ? username : user), - (uid == 0 ? root_inst : ""), - lrealm)); - if (des_read_pw_string (passw, sizeof (passw), prompt, 0)) { - memset (passw, 0, sizeof (passw)); - return (1); - } - if (strlen(passw) == 0) - return (1); /* Empty passwords is not allowed */ - kerno = krb_get_pw_in_tkt ((uid == 0 ? username : user), - (uid == 0 ? root_inst : ""), lrealm, - KRB_TICKET_GRANTING_TICKET, - lrealm, - DEFAULT_TKT_LIFE, - passw); - memset (passw, 0, strlen (passw)); - } - - if (kerno != KSUCCESS) { - if (kerno == KDC_PR_UNKNOWN) { - warnx ("principal unknown: %s", - krb_unparse_name_long ((uid == 0 ? username : user), - (uid == 0 ? root_inst : ""), - lrealm)); - return (1); - } - warnx ("unable to su: %s", krb_get_err_text (kerno)); - syslog (LOG_NOTICE | LOG_AUTH, - "BAD SU: %s to %s%s: %s", - username, user, ontty (), krb_get_err_text (kerno)); - return (1); - } - if (chown (krbtkfile, uid, -1) < 0) { - warn ("chown"); - unlink (krbtkfile); - return (1); - } - setpriority (PRIO_PROCESS, 0, -2); - - if (gethostname (hostname, sizeof (hostname)) == -1) { - warn ("gethostname"); - dest_tkt (); - return (1); - } - strlcpy (savehost, krb_get_phost (hostname), sizeof (savehost)); - - for (n = 1; krb_get_lrealm (tmp_realm, n) == KSUCCESS; ++n) { - kerno = krb_mk_req (&ticket, "rcmd", savehost, tmp_realm, 33); - if (kerno == 0) - break; - } - - if (kerno == KDC_PR_UNKNOWN) { - warnx ("Warning: TGT not verified."); - syslog (LOG_NOTICE | LOG_AUTH, - "%s to %s%s, TGT not verified (%s); " - "%s.%s not registered?", - username, user, ontty (), krb_get_err_text (kerno), - "rcmd", savehost); -#ifdef KLOGIN_PARANOID - /* - * if the "VERIFY_SERVICE" doesn't exist in the KDC for this host, * - * don't allow kerberos login, also log the error condition. - */ - warnx ("Trying local password!"); - return (1); -#endif - } else if (kerno != KSUCCESS) { - warnx ("Unable to use TGT: %s", krb_get_err_text (kerno)); - syslog (LOG_NOTICE | LOG_AUTH, "failed su: %s to %s%s: %s", - username, user, ontty (), krb_get_err_text (kerno)); - dest_tkt (); - return (1); - } else { - if (!(hp = gethostbyname (hostname))) { - warnx ("can't get addr of %s", hostname); - dest_tkt (); - return (1); - } - memcpy (&faddr, hp->h_addr, sizeof (faddr)); - - if ((kerno = krb_rd_req (&ticket, "rcmd", savehost, faddr, - &authdata, "")) != KSUCCESS) { - warnx ("unable to verify rcmd ticket: %s", - krb_get_err_text (kerno)); - syslog (LOG_NOTICE | LOG_AUTH, - "failed su: %s to %s%s: %s", username, - user, ontty (), krb_get_err_text (kerno)); - dest_tkt (); - return (1); - } - } - if (!destroy_tickets) - fprintf (stderr, "Don't forget to kdestroy before exiting the shell.\n"); - return (0); -} - -static int -koktologin (char *name, char *realm, char *toname) -{ - return krb_kuserok (name, - strcmp (toname, "root") == 0 ? root_inst : "", - realm, - toname); -} diff --git a/crypto/kerberosIV/appl/bsd/sysv_default.c b/crypto/kerberosIV/appl/bsd/sysv_default.c deleted file mode 100644 index e6b28a7280c7..000000000000 --- a/crypto/kerberosIV/appl/bsd/sysv_default.c +++ /dev/null @@ -1,95 +0,0 @@ -/* Author: Wietse Venema */ - -#include "bsd_locl.h" - -RCSID("$Id: sysv_default.c,v 1.11 1999/03/13 21:15:24 assar Exp $"); - -#include "sysv_default.h" - - /* - * Default values for stuff that can be read from the defaults file. The - * SunOS 5.1 documentation is incomplete and often disagrees with reality. - */ - -static char default_umask_value[] = "022"; - -char *default_console = 0; -char *default_altsh = "YES"; -char *default_passreq = "NO"; -char *default_timezone= 0; -char *default_hz = 0; -char *default_path = _PATH_DEFPATH; -char *default_supath = _PATH_DEFSUPATH; -char *default_ulimit = 0; -char *default_timeout = "180"; -char *default_umask = default_umask_value; -char *default_sleep = "4"; -char *default_maxtrys = "5"; - -static struct sysv_default { - char **valptr; - char *prefix; - int prefix_len; -} defaults[] = { - {&default_console, "CONSOLE=", sizeof("CONSOLE=") -1}, - {&default_altsh, "ALTSHELL=", sizeof("ALTSHELL=") -1}, - {&default_passreq, "PASSREQ=", sizeof("PASSREQ=") -1}, - {&default_timezone, "TIMEZONE=", sizeof("TIMEZONE=") -1}, - {&default_hz, "HZ=", sizeof("HZ=") -1}, - {&default_path, "PATH=", sizeof("PATH=") -1}, - {&default_supath, "SUPATH=", sizeof("SUPATH=") -1}, - {&default_ulimit, "ULIMIT=", sizeof("ULIMIT=") -1}, - {&default_timeout, "TIMEOUT=", sizeof("TIMEOUT=") -1}, - {&default_umask, "UMASK=", sizeof("UMASK=") -1}, - {&default_sleep, "SLEEPTIME=", sizeof("SLEEPTIME=") -1}, - {&default_maxtrys, "MAXTRYS=", sizeof("MAXTRYS=") -1}, - {0}, -}; - -#define trim(s) { \ - char *cp = s + strlen(s); \ - while (cp > s && isspace((unsigned char)cp[-1])) \ - cp--; \ - *cp = 0; \ -} - -/* sysv_defaults - read login defaults file */ - -void -sysv_defaults() -{ - struct sysv_default *dp; - FILE *fp; - char buf[BUFSIZ]; - - if ((fp = fopen(_PATH_ETC_DEFAULT_LOGIN, "r"))) { - - /* Stupid quadratic algorithm. */ - - while (fgets(buf, sizeof(buf), fp)) { - - /* Skip comments and blank lines. */ - - if (buf[0] == '#') - continue; - trim(buf); - if (buf[0] == 0) - continue; - - /* Assign defaults from file. */ - -#define STREQN(x,y,l) (x[0] == y[0] && strncmp(x,y,l) == 0) - - for (dp = defaults; dp->valptr; dp++) { - if (STREQN(buf, dp->prefix, dp->prefix_len)) { - if ((*(dp->valptr) = strdup(buf + dp->prefix_len)) == 0) { - warnx("Insufficient memory resources - try later."); - sleepexit(1); - } - break; - } - } - } - fclose(fp); - } -} diff --git a/crypto/kerberosIV/appl/bsd/sysv_default.h b/crypto/kerberosIV/appl/bsd/sysv_default.h deleted file mode 100644 index 00560594d3c9..000000000000 --- a/crypto/kerberosIV/appl/bsd/sysv_default.h +++ /dev/null @@ -1,18 +0,0 @@ -/* Author: Wietse Venema */ - -/* $Id: sysv_default.h,v 1.5 1996/10/27 23:51:14 assar Exp $ */ - -extern char *default_console; -extern char *default_altsh; -extern char *default_passreq; -extern char *default_timezone; -extern char *default_hz; -extern char *default_path; -extern char *default_supath; -extern char *default_ulimit; -extern char *default_timeout; -extern char *default_umask; -extern char *default_sleep; -extern char *default_maxtrys; - -void sysv_defaults(void); diff --git a/crypto/kerberosIV/appl/bsd/sysv_environ.c b/crypto/kerberosIV/appl/bsd/sysv_environ.c deleted file mode 100644 index 3df800eb1333..000000000000 --- a/crypto/kerberosIV/appl/bsd/sysv_environ.c +++ /dev/null @@ -1,193 +0,0 @@ -/* Author: Wietse Venema */ - -#include "bsd_locl.h" - -RCSID("$Id: sysv_environ.c,v 1.23 1997/12/14 23:50:44 assar Exp $"); - -#ifdef HAVE_ULIMIT_H -#include -#endif - -#ifndef UL_SETFSIZE -#define UL_SETFSIZE 2 -#endif - -#include "sysv_default.h" - -/* - * Set - */ - -static void -read_etc_environment (void) -{ - FILE *f; - char buf[BUFSIZ]; - - f = fopen(_PATH_ETC_ENVIRONMENT, "r"); - if (f) { - char *val; - - while (fgets (buf, sizeof(buf), f) != NULL) { - if (buf[0] == '\n' || buf[0] == '#') - continue; - buf[strlen(buf) - 1] = '\0'; - val = strchr (buf, '='); - if (val == NULL) - continue; - *val = '\0'; - setenv(buf, val + 1, 1); - } - fclose (f); - } -} - - /* - * Environment variables that are preserved (but may still be overruled by - * other means). Only TERM and TZ appear to survive (SunOS 5.1). These are - * typically inherited from the ttymon process. - */ - -static struct preserved { - char *name; - char *value; -} preserved[] = { - {"TZ", 0}, - {"TERM", 0}, - {0}, -}; - - /* - * Environment variables that are not preserved and that cannot be specified - * via commandline or stdin. Except for the LD_xxx (runtime linker) stuff, - * the list applies to most SYSV systems. The manpage mentions only that - * SHELL and PATH are censored. HOME, LOGNAME and MAIL are always - * overwritten; they are in the list to make the censoring explicit. - */ - -static struct censored { - char *prefix; - int length; -} censored[] = { - {"SHELL=", sizeof("SHELL=") - 1}, - {"HOME=", sizeof("HOME=") - 1}, - {"LOGNAME=", sizeof("LOGNAME=") - 1}, - {"MAIL=", sizeof("MAIL=") - 1}, - {"CDPATH=", sizeof("CDPATH=") - 1}, - {"IFS=", sizeof("IFS=") - 1}, - {"PATH=", sizeof("PATH=") - 1}, - {"LD_", sizeof("LD_") - 1}, - {0}, -}; - -/* sysv_newenv - set up final environment after logging in */ - -void sysv_newenv(int argc, char **argv, struct passwd *pwd, - char *term, int pflag) -{ - unsigned umask_val; - char buf[BUFSIZ]; - int count = 0; - struct censored *cp; - struct preserved *pp; - - /* Preserve a selection of the environment. */ - - for (pp = preserved; pp->name; pp++) - pp->value = getenv(pp->name); - - /* - * Note: it is a bad idea to assign a static array to the global environ - * variable. Reason is that putenv() can run into problems when it tries - * to realloc() the environment table. Instead, we just clear environ[0] - * and let putenv() work things out. - */ - - if (!pflag && environ) - environ[0] = 0; - - /* Restore preserved environment variables. */ - - for (pp = preserved; pp->name; pp++) - if (pp->value) - setenv(pp->name, pp->value, 1); - - /* The TERM definition from e.g. rlogind can override an existing one. */ - - if (term[0]) - setenv("TERM", term, 1); - - /* - * Environment definitions from the command line overrule existing ones, - * but can be overruled by definitions from stdin. Some variables are - * censored. - * - * Omission: we do not support environment definitions from stdin. - */ - -#define STREQN(x,y,l) (x[0] == y[0] && strncmp(x,y,l) == 0) - - while (argc && *argv) { - if (strchr(*argv, '=') == 0) { - snprintf(buf, sizeof(buf), "L%d", count++); - setenv(buf, *argv, 1); - } else { - for (cp = censored; cp->prefix; cp++) - if (STREQN(*argv, cp->prefix, cp->length)) - break; - if (cp->prefix == 0) - putenv(*argv); - } - argc--, argv++; - } - - /* PATH is always reset. */ - - setenv("PATH", pwd->pw_uid ? default_path : default_supath, 1); - - /* Undocumented: HOME, MAIL and LOGNAME are always reset (SunOS 5.1). */ - - setenv("HOME", pwd->pw_dir, 1); - { - char *sep = "/"; - if(KRB4_MAILDIR[strlen(KRB4_MAILDIR) - 1] == '/') - sep = ""; - roken_concat(buf, sizeof(buf), KRB4_MAILDIR, sep, pwd->pw_name, NULL); - } - setenv("MAIL", buf, 1); - setenv("LOGNAME", pwd->pw_name, 1); - setenv("USER", pwd->pw_name, 1); - - /* - * Variables that may be set according to specifications in the defaults - * file. HZ and TZ are set only if they are still uninitialized. - * - * Extension: when ALTSHELL=YES, we set the SHELL variable even if it is - * /bin/sh. - */ - - if (strcasecmp(default_altsh, "YES") == 0) - setenv("SHELL", pwd->pw_shell, 1); - if (default_hz) - setenv("HZ", default_hz, 0); - if (default_timezone) - setenv("TZ", default_timezone, 0); - - /* Non-environment stuff. */ - - if (default_umask) { - if (sscanf(default_umask, "%o", &umask_val) == 1 && umask_val) - umask(umask_val); - } -#ifdef HAVE_ULIMIT - if (default_ulimit) { - long limit_val; - - if (sscanf(default_ulimit, "%ld", &limit_val) == 1 && limit_val) - if (ulimit(UL_SETFSIZE, limit_val) < 0) - warn ("ulimit(UL_SETFSIZE, %ld)", limit_val); - } -#endif - read_etc_environment(); -} - diff --git a/crypto/kerberosIV/appl/bsd/sysv_shadow.c b/crypto/kerberosIV/appl/bsd/sysv_shadow.c deleted file mode 100644 index 99794bd774e6..000000000000 --- a/crypto/kerberosIV/appl/bsd/sysv_shadow.c +++ /dev/null @@ -1,45 +0,0 @@ -/* Author: Wietse Venema */ - -#include "bsd_locl.h" - -RCSID("$Id: sysv_shadow.c,v 1.8 1997/12/29 19:56:07 bg Exp $"); - -#ifdef SYSV_SHADOW - -#include - -/* sysv_expire - check account and password expiration times */ - -int -sysv_expire(struct spwd *spwd) -{ - long today; - - tzset(); - today = time(0)/(60*60*24); /* In days since Jan. 1, 1970 */ - - if (spwd->sp_expire > 0) { - if (today > spwd->sp_expire) { - printf("Your account has expired.\n"); - sleepexit(1); - } else if (spwd->sp_expire - today < 14) { - printf("Your account will expire in %d days.\n", - (int)(spwd->sp_expire - today)); - return (0); - } - } - if (spwd->sp_max > 0) { - if (today > (spwd->sp_lstchg + spwd->sp_max)) { - printf("Your password has expired. Choose a new one.\n"); - return (1); - } else if (spwd->sp_warn > 0 - && (today > (spwd->sp_lstchg + spwd->sp_max - spwd->sp_warn))) { - printf("Your password will expire in %d days.\n", - (int)(spwd->sp_lstchg + spwd->sp_max - today)); - return (0); - } - } - return (0); -} - -#endif /* SYSV_SHADOW */ diff --git a/crypto/kerberosIV/appl/bsd/sysv_shadow.h b/crypto/kerberosIV/appl/bsd/sysv_shadow.h deleted file mode 100644 index 339035b68229..000000000000 --- a/crypto/kerberosIV/appl/bsd/sysv_shadow.h +++ /dev/null @@ -1,5 +0,0 @@ -/* $Id: sysv_shadow.h,v 1.7 1999/03/13 21:15:43 assar Exp $ */ - -#include - -int sysv_expire(struct spwd *); diff --git a/crypto/kerberosIV/appl/bsd/tty.c b/crypto/kerberosIV/appl/bsd/tty.c deleted file mode 100644 index 2a903db37050..000000000000 --- a/crypto/kerberosIV/appl/bsd/tty.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: tty.c,v 1.3 1999/12/02 16:58:28 joda Exp $"); - -/* - * Clean the tty name. Return a pointer to the cleaned version. - */ - -char * -clean_ttyname (char *tty) -{ - char *res = tty; - - if (strncmp (res, _PATH_DEV, strlen(_PATH_DEV)) == 0) - res += strlen(_PATH_DEV); - if (strncmp (res, "pty/", 4) == 0) - res += 4; - if (strncmp (res, "ptym/", 5) == 0) - res += 5; - return res; -} - -/* - * Generate a name usable as an `ut_id', typically without `tty'. - */ - -char * -make_id (char *tty) -{ - char *res = tty; - - if (strncmp (res, "pts/", 4) == 0) - res += 4; - if (strncmp (res, "tty", 3) == 0) - res += 3; - return res; -} diff --git a/crypto/kerberosIV/appl/bsd/utmp_login.c b/crypto/kerberosIV/appl/bsd/utmp_login.c deleted file mode 100644 index d2879fe3ec16..000000000000 --- a/crypto/kerberosIV/appl/bsd/utmp_login.c +++ /dev/null @@ -1,118 +0,0 @@ -/* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "bsd_locl.h" - -RCSID("$Id: utmp_login.c,v 1.16 1999/12/02 16:58:29 joda Exp $"); - -#ifdef HAVE_UTMP_H -void -prepare_utmp (struct utmp *utmp, char *tty, char *username, char *hostname) -{ - char *ttyx = clean_ttyname (tty); - - memset(utmp, 0, sizeof(*utmp)); - utmp->ut_time = time(NULL); - strncpy(utmp->ut_line, ttyx, sizeof(utmp->ut_line)); - strncpy(utmp->ut_name, username, sizeof(utmp->ut_name)); - -# ifdef HAVE_STRUCT_UTMP_UT_USER - strncpy(utmp->ut_user, username, sizeof(utmp->ut_user)); -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_ADDR - if (hostname[0]) { - struct hostent *he; - if ((he = gethostbyname(hostname))) - memcpy(&utmp->ut_addr, he->h_addr_list[0], - sizeof(utmp->ut_addr)); - } -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(utmp->ut_host, hostname, sizeof(utmp->ut_host)); -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_TYPE - utmp->ut_type = USER_PROCESS; -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_PID - utmp->ut_pid = getpid(); -# endif - -# ifdef HAVE_STRUCT_UTMP_UT_ID - strncpy(utmp->ut_id, make_id(ttyx), sizeof(utmp->ut_id)); -# endif -} -#endif - -#ifdef HAVE_UTMPX_H -void utmp_login(char *tty, char *username, char *hostname) { return; } -#else - -/* update utmp and wtmp - the BSD way */ - -void utmp_login(char *tty, char *username, char *hostname) -{ - struct utmp utmp; - int fd; - - prepare_utmp (&utmp, tty, username, hostname); - -#ifdef HAVE_SETUTENT - utmpname(_PATH_UTMP); - setutent(); - pututline(&utmp); - endutent(); -#else - -#ifdef HAVE_TTYSLOT - { - int ttyno; - ttyno = ttyslot(); - if (ttyno > 0 && (fd = open(_PATH_UTMP, O_WRONLY, 0)) >= 0) { - lseek(fd, (long)(ttyno * sizeof(struct utmp)), SEEK_SET); - write(fd, &utmp, sizeof(struct utmp)); - close(fd); - } - } -#endif /* HAVE_TTYSLOT */ -#endif /* HAVE_SETUTENT */ - - if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) { - write(fd, &utmp, sizeof(struct utmp)); - close(fd); - } -} -#endif /* !HAVE_UTMPX_H */ diff --git a/crypto/kerberosIV/appl/bsd/utmpx_login.c b/crypto/kerberosIV/appl/bsd/utmpx_login.c deleted file mode 100644 index acc6a15400ca..000000000000 --- a/crypto/kerberosIV/appl/bsd/utmpx_login.c +++ /dev/null @@ -1,88 +0,0 @@ -/* Author: Wietse Venema */ - -#include "bsd_locl.h" - -RCSID("$Id: utmpx_login.c,v 1.21 1999/03/29 17:57:31 joda Exp $"); - -/* utmpx_login - update utmp and wtmp after login */ - -#ifndef HAVE_UTMPX_H -int utmpx_login(char *line, char *user, char *host) { return 0; } -#else - -static void -utmpx_update(struct utmpx *ut, char *line, char *user, char *host) -{ - struct timeval tmp; - char *clean_tty = clean_ttyname(line); - - strncpy(ut->ut_line, clean_tty, sizeof(ut->ut_line)); -#ifdef HAVE_STRUCT_UTMPX_UT_ID - strncpy(ut->ut_id, make_id(clean_tty), sizeof(ut->ut_id)); -#endif - strncpy(ut->ut_user, user, sizeof(ut->ut_user)); - strncpy(ut->ut_host, host, sizeof(ut->ut_host)); -#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN - ut->ut_syslen = strlen(host) + 1; - if (ut->ut_syslen > sizeof(ut->ut_host)) - ut->ut_syslen = sizeof(ut->ut_host); -#endif - ut->ut_type = USER_PROCESS; - gettimeofday (&tmp, 0); - ut->ut_tv.tv_sec = tmp.tv_sec; - ut->ut_tv.tv_usec = tmp.tv_usec; - pututxline(ut); -#ifdef WTMPX_FILE - updwtmpx(WTMPX_FILE, ut); -#elif defined(WTMP_FILE) - { - struct utmp utmp; - int fd; - - prepare_utmp (&utmp, line, user, host); - if ((fd = open(_PATH_WTMP, O_WRONLY|O_APPEND, 0)) >= 0) { - write(fd, &utmp, sizeof(struct utmp)); - close(fd); - } - } -#endif -} - -int -utmpx_login(char *line, char *user, char *host) -{ - struct utmpx *ut; - pid_t mypid = getpid(); - int ret = (-1); - - /* - * SYSV4 ttymon and login use tty port names with the "/dev/" prefix - * stripped off. Rlogind and telnetd, on the other hand, make utmpx - * entries with device names like /dev/pts/nnn. We therefore cannot use - * getutxline(). Return nonzero if no utmp entry was found with our own - * process ID for a login or user process. - */ - - while ((ut = getutxent())) { - /* Try to find a reusable entry */ - if (ut->ut_pid == mypid - && ( ut->ut_type == INIT_PROCESS - || ut->ut_type == LOGIN_PROCESS - || ut->ut_type == USER_PROCESS)) { - utmpx_update(ut, line, user, host); - ret = 0; - break; - } - } - if (ret == -1) { - /* Grow utmpx file by one record. */ - struct utmpx newut; - memset(&newut, 0, sizeof(newut)); - newut.ut_pid = mypid; - utmpx_update(&newut, line, user, host); - ret = 0; - } - endutxent(); - return (ret); -} -#endif /* HAVE_UTMPX_H */ diff --git a/crypto/kerberosIV/appl/ftp/ChangeLog b/crypto/kerberosIV/appl/ftp/ChangeLog deleted file mode 100644 index 0136a4bace0e..000000000000 --- a/crypto/kerberosIV/appl/ftp/ChangeLog +++ /dev/null @@ -1,384 +0,0 @@ -2000-03-26 Assar Westerlund - - * ftpd/ls.c, ftpd/ftpcmd.y, ftp/cmds.c: make sure to always call - time, ctime, and gmtime with `time_t's. there were some types - (like in lastlog) that we believed to always be time_t. this has - proven wrong on Solaris 8 in 64-bit mode, where they are stored as - 32-bit quantities but time_t has gone up to 64 bits - -1999-11-30 Assar Westerlund - - * ftpd/ftpd.c (getdatasock): make sure to keep the port-number of - the outgoing connections. It has to be `ftp-data' or some people - might get upset. - - * ftpd/ftpd.c (args): set correct variable when `-l' so that - logging actually works - -1999-11-29 Assar Westerlund - - * ftp/security.c (sec_login): check return value from realloc - (sec_end): set app_data to NULL - -1999-11-25 Assar Westerlund - - * ftp/krb4.c (krb4_auth): obtain the `local' address when doing - NAT. also turn on passive mode. From - -1999-11-20 Assar Westerlund - - * ftpd/ls.c (make_fileinfo): cast to allow for non-const - prototypes of readlink - -1999-11-12 Assar Westerlund - - * ftpd/ftpd.c (args): use arg_counter for `l' - -1999-11-04 Assar Westerlund - - * ftpd/ls.c (S_ISSOCK, S_ISLNK): fallback definitions for systems - that don't have them (such as ultrix) - -1999-10-29 Assar Westerlund - - * ftpd/ls.c (make_fileinfo): cast uid's and gid's to unsigned in - printf, we don't know what types they might be. - (lstat_file): conditionalize the kafs part on KRB4 - - * ftpd/ftpd_locl.h: is needed for kafs.h - -1999-10-28 Assar Westerlund - - * ftpd/ls.c (lstat_file): don't set st_mode, it should already be - correct - - * ftpd/ls.c: don't use warnx to print errors - - * ftpd/ls.c (builtin_ls): fix typo, 'd' shouldn't imply 'f' - - * ftpd/ls.c (lstat_file): new function for avoiding stating AFS - mount points. From Love - (list_files): use `lstat_file' - - * ftpd/ftpd.c: some const-poisoning - - * ftpd/ftpd.c (args): add `-B' as an alias for `--builtin-ls' to - allow for stupid inetds that only support two arguments. From - Love - -1999-10-26 Assar Westerlund - - * ftpd/ftpcmd.y (help): it's unnecessary to interpret help strings - as printf commands - - * ftpd/ftpd.c (show_issue): don't interpret contents of - /etc/issue* as printf commands. From Brian A May - - -1999-10-21 Johan Danielsson - - * ftpd/kauth.c (kauth): complain if protection level isn't - `private' - - * ftp/krb4.c (krb4_decode): syslog failure reason - - * ftp/kauth.c (kauth): set private level earlier - - * ftp/security.c: get_command_prot; (sec_prot): partially match - `command' and `data' - -1999-10-18 Johan Danielsson - - * ftpd/ftpd.c: change `-l' flag to use arg_collect (this makes - `-ll' work again) - - * ftpd/ftpd.c (list_file): pass filename to ls - -1999-10-04 Johan Danielsson - - * ftpd/ftpcmd.y: FEAT - -1999-10-03 Assar Westerlund - - * ftpd/ls.c: fall-back definitions for constans and casts for - printfs - -1999-10-03 Johan Danielsson - - * ftpd/ftpd.c (main): make this use getarg; add `list_file' - - * ftpd/ftpcmd.y (LIST): call list_file - - * ftpd/ls.c: add simple built-in ls - - * ftp/security.c: add `sec_vfprintf2' and `sec_fprintf2' that - prints to the data stream - - * ftp/kauth.c (kauth): make sure we're using private protection - level - - * ftp/security.c (set_command_prot): set command protection level - - * ftp/security.c: make it possible to set the command protection - level with `prot' - -1999-09-30 Assar Westerlund - - * ftpd/ftpd_locl.h: add prototype for fclose to make sunos happy - -1999-08-19 Johan Danielsson - - * ftpd/ftpd.c (do_login): show issue-file - (send_data): change handling of zero-byte files - -1999-08-18 Assar Westerlund - - * ftp/cmds.c (getit): be more suspicious when parsing the result - of MDTM. Do the comparison of timestamps correctly. - -1999-08-13 Assar Westerlund - - * ftpd/ftpd.c (send_data): avoid calling mmap with `len == 0'. - Some mmap:s rather dislike that (Solaris) and some munmap (Linux) - get grumpy later. - - * ftp/ftp.c (copy_stream): avoid calling mmap with `len == 0'. - Some mmap:s rather dislike that (Solaris) and some munmap (Linux) - get grumpy later. - -1999-08-03 Assar Westerlund - - * ftp/ftp.c (active_mode): hide failure of EPRT by setting verbose - - * ftp/gssapi.c (gss_auth): initialize application_data in bindings - -1999-08-02 Assar Westerlund - - * ftpd/ftpcmd.y: save file names when doing commands that might - get aborted (and longjmp:ed out of) to avoid overwriting them also - remove extra closing brace - -1999-08-01 Johan Danielsson - - * ftpd/ftpcmd.y: change `site find' to `site locate' (to match - what it does, and other implementations) keep find as an alias - -1999-07-28 Assar Westerlund - - * common/socket.c: moved to roken - - * common/socket.c: new file with generic socket functions - - * ftpd/ftpd.c: make it more AF-neutral and v6-capable - - * ftpd/ftpcmd.y: add EPRT and EPSV - - * ftpd/extern.h: update prototypes and variables - - * ftp/krb4.c: update to new types of addresses - - * ftp/gssapi.c: add support for both AF_INET and AF_INET6 - addresses - - * ftp/ftp.c: make it more AF-neutral and v6-capable - - * ftp/extern.h (hookup): change prototype - - * common/common.h: add prototypes for functions in socket.c - - * common/Makefile.am (libcommon_a_SOURCES): add socket.c - - * ftp/gssapi.c (gss_auth): check return value from - `gss_import_name' and print error messages if it fails - -1999-06-15 Assar Westerlund - - * ftp/krb4.c (krb4_auth): type correctness - -1999-06-02 Johan Danielsson - - * ftp/ftp.c (sendrequest): lmode != rmode - -1999-05-21 Assar Westerlund - - * ftp/extern.h (sendrequest): update prototype - - * ftp/cmds.c: update calls to sendrequest and recvrequest to send - "b" when appropriate - - * ftp/ftp.c (sendrequest): add argument for mode to open file in. - -1999-05-08 Assar Westerlund - - * ftpd/ftpcmd.y: rename getline -> ftpd_getline - - * ftp/main.c (makeargv): fill in unused slots with NULL - -Thu Apr 8 15:06:40 1999 Johan Danielsson - - * ftpd/ftpd.c: remove definition of KRB_VERIFY_USER (moved to - config.h) - -Wed Apr 7 16:15:21 1999 Johan Danielsson - - * ftp/gssapi.c (gss_auth): call gss_display_status to get a sane - error message; return AUTH_{CONTINUE,ERROR}, where appropriate - - * ftp/krb4.c: return AUTH_{CONTINUE,ERROR}, where appropriate - - * ftp/security.c (sec_login): if mechanism returns AUTH_CONTINUE, - just continue with the next mechanism, this fixes the case of - having GSSAPI fail because of non-existant of expired tickets - - * ftp/security.h: add AUTH_{OK,CONTINUE,ERROR} - -Thu Apr 1 16:59:04 1999 Johan Danielsson - - * ftpd/Makefile.am: don't run check-local - - * ftp/Makefile.am: don't run check-local - -Mon Mar 22 22:15:18 1999 Assar Westerlund - - * ftpd/ftpd.c (pass): fall-back for KRB_VERIFY_SECURE - - * ftpd/ftpd.c (pass): 1 -> KRB_VERIFY_SECURE - -Thu Mar 18 12:07:09 1999 Johan Danielsson - - * ftpd/Makefile.am: clean ftpcmd.c - - * ftpd/ftpd_locl.h: remove krb5.h (breaks in ftpcmd.y) - - * ftpd/ftpd.c: move include of krb5.h here - - * ftpd/Makefile.am: include Makefile.am.common - - * Makefile.am: include Makefile.am.common - - * ftp/Makefile.am: include Makefile.am.common - - * common/Makefile.am: include Makefile.am.common - -Tue Mar 16 22:28:37 1999 Assar Westerlund - - * ftpd/ftpd_locl.h: add krb5.h to get heimdal_version - - * ftpd/ftpd.c: krb_verify_user_multiple -> krb_verify_user - -Thu Mar 11 14:54:59 1999 Johan Danielsson - - * ftp/Makefile.in: WFLAGS - - * ftp/ruserpass.c: add some if-braces - -Wed Mar 10 20:02:55 1999 Johan Danielsson - - * ftpd/ftpd_locl.h: remove ifdef HAVE_FNMATCH - -Mon Mar 8 21:29:24 1999 Johan Danielsson - - * ftpd/ftpd.c: re-add version in greeting message - -Mon Mar 1 10:49:38 1999 Johan Danielsson - - * ftpd/logwtmp.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - -Mon Feb 22 19:20:51 1999 Johan Danielsson - - * common/Makefile.in: remove glob - -Sat Feb 13 17:19:35 1999 Assar Westerlund - - * ftpd/ftpd.c (match): remove #ifdef HAVE_FNMATCH. We have a - fnmatch implementation in roken and therefore always have it. - - * ftp/ftp.c (copy_stream): initialize `werr' - -Wed Jan 13 23:52:57 1999 Assar Westerlund - - * ftpd/ftpcmd.y: moved all check_login and check_login_no_guest to - the end of the rules to ensure we don't generate several - (independent) error messages. once again, having a yacc-grammar - for FTP with embedded actions doesn't strike me as the most - optimal way of doing it. - -Tue Dec 1 14:44:29 1998 Johan Danielsson - - * ftpd/Makefile.am: link with extra libs for aix - -Sun Nov 22 10:28:20 1998 Assar Westerlund - - * ftpd/ftpd.c (retrying): support on-the-fly decompression - - * ftpd/Makefile.in (WFLAGS): set - - * ftp/ruserpass.c (guess_domain): new function - (ruserpass): use it - - * common/Makefile.in (WFLAGS): set - - * Makefile.in (WFLAGS): set - -Sat Nov 21 23:13:03 1998 Assar Westerlund - - * ftp/security.c: some more type correctness. - - * ftp/gssapi.c (gss_adat): more braces to shut up warnings - -Wed Nov 18 21:47:55 1998 Assar Westerlund - - * ftp/main.c (main): new option `-p' for enable passive mode. - -Mon Nov 2 01:57:49 1998 Assar Westerlund - - * ftp/ftp.c (getreply): remove extra `break' - - * ftp/gssapi.c (gss_auth): fixo typo(copyo?) - - * ftp/security.c (sec_login): fix loop and return value - -Tue Sep 1 16:56:42 1998 Johan Danielsson - - * ftp/cmds.c (quote1): fix % quoting bug - -Fri Aug 14 17:10:06 1998 Johan Danielsson - - * ftp/krb4.c: krb_put_int -> KRB_PUT_INT - -Tue Jun 30 18:07:15 1998 Assar Westerlund - - * ftp/security.c (auth): free `app_data' - (sec_end): only destroy if it was initialized - -Tue Jun 9 21:01:59 1998 Johan Danielsson - - * ftp/krb4.c: pass client address to krb_rd_req - -Sat May 16 00:02:07 1998 Assar Westerlund - - * ftpd/Makefile.am: link with DBLIB - -Tue May 12 14:15:32 1998 Johan Danielsson - - * ftp/gssapi.c: Save client name for userok(). - - * ftpd/gss_userok.c: Userok for gssapi. - -Fri May 1 07:15:01 1998 Assar Westerlund - - * ftp/ftp.c: unifdef -DHAVE_H_ERRNO - -Fri Mar 27 00:46:07 1998 Johan Danielsson - - * Make compile w/o krb4. - -Thu Mar 26 03:49:12 1998 Johan Danielsson - - * ftp/*, ftpd/*: Changes for new framework. - - * ftp/gssapi.c: GSS-API backend for the new security framework. - - * ftp/krb4.c: Updated for new framework. - - * ftp/security.{c,h}: New unified security framework. diff --git a/crypto/kerberosIV/appl/ftp/Makefile.am b/crypto/kerberosIV/appl/ftp/Makefile.am deleted file mode 100644 index f8831a308d03..000000000000 --- a/crypto/kerberosIV/appl/ftp/Makefile.am +++ /dev/null @@ -1,5 +0,0 @@ -# $Id: Makefile.am,v 1.5 1999/03/20 13:58:14 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = common ftp ftpd diff --git a/crypto/kerberosIV/appl/ftp/Makefile.in b/crypto/kerberosIV/appl/ftp/Makefile.in deleted file mode 100644 index 68546abfc3b0..000000000000 --- a/crypto/kerberosIV/appl/ftp/Makefile.in +++ /dev/null @@ -1,44 +0,0 @@ -# $Id: Makefile.in,v 1.12 1999/03/10 19:01:11 joda Exp $ - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -@SET_MAKE@ - -CC = @CC@ -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ - -prefix = @prefix@ - -SUBDIRS=common ftp ftpd - -all: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) all); done - -install: all - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) install); done - -uninstall: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done - -clean cleandir: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) clean); done - -distclean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) distclean); done - rm -f Makefile *~ - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/ftp/common/Makefile.am b/crypto/kerberosIV/appl/ftp/common/Makefile.am deleted file mode 100644 index 4fab07b9a1ae..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/Makefile.am +++ /dev/null @@ -1,12 +0,0 @@ -# $Id: Makefile.am,v 1.9 1999/07/28 21:15:06 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += $(INCLUDE_krb4) - -noinst_LIBRARIES = libcommon.a - -libcommon_a_SOURCES = \ - sockbuf.c \ - buffer.c \ - common.h diff --git a/crypto/kerberosIV/appl/ftp/common/Makefile.in b/crypto/kerberosIV/appl/ftp/common/Makefile.in deleted file mode 100644 index b00bd0a4de13..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/Makefile.in +++ /dev/null @@ -1,55 +0,0 @@ -# $Id: Makefile.in,v 1.23 1999/03/10 19:01:11 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ - -prefix = @prefix@ - -SOURCES = sockbuf.c buffer.c -OBJECTS = $(libcommon_OBJS) - -libcommon_OBJS = sockbuf.o buffer.o - -LIBNAME = $(LIBPREFIX)common -LIBEXT = a -LIBPREFIX = @LIBPREFIX@ -LIB = $(LIBNAME).$(LIBEXT) - -all: $(LIB) - -.c.o: - $(CC) -c -I$(srcdir) -I../../../include $(DEFS) $(CFLAGS) $(CPPFLAGS) $< - -$(LIB): $(libcommon_OBJS) - rm -f $@ - ar cr $@ $(libcommon_OBJS) - -$(RANLIB) $@ - -install: - -uninstall: - -TAGS: $(SOURCES) - etags $(SOURCES) - -clean cleandir: - rm -f *~ *.o libcommon.a core \#* - -distclean: - rm -f Makefile - -$(OBJECTS): ../../../include/config.h - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/ftp/common/base64.c b/crypto/kerberosIV/appl/ftp/common/base64.c deleted file mode 100644 index 648f32dfd4a5..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/base64.c +++ /dev/null @@ -1,149 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: base64.c,v 1.6 1997/05/30 17:24:06 assar Exp $"); -#endif -#include -#include -#include "base64.h" - -static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static int pos(char c) -{ - char *p; - for(p = base64; *p; p++) - if(*p == c) - return p - base64; - return -1; -} - -int base64_encode(const void *data, int size, char **str) -{ - char *s, *p; - int i; - int c; - unsigned char *q; - - p = s = (char*)malloc(size*4/3+4); - q = (unsigned char*)data; - i=0; - for(i = 0; i < size;){ - c=q[i++]; - c*=256; - if(i < size) - c+=q[i]; - i++; - c*=256; - if(i < size) - c+=q[i]; - i++; - p[0]=base64[(c&0x00fc0000) >> 18]; - p[1]=base64[(c&0x0003f000) >> 12]; - p[2]=base64[(c&0x00000fc0) >> 6]; - p[3]=base64[(c&0x0000003f) >> 0]; - if(i > size) - p[3]='='; - if(i > size+1) - p[2]='='; - p+=4; - } - *p=0; - *str = s; - return strlen(s); -} - -int base64_decode(const char *str, void *data) -{ - const char *p; - unsigned char *q; - int c; - int x; - int done = 0; - q=(unsigned char*)data; - for(p=str; *p && !done; p+=4){ - x = pos(p[0]); - if(x >= 0) - c = x; - else{ - done = 3; - break; - } - c*=64; - - x = pos(p[1]); - if(x >= 0) - c += x; - else - return -1; - c*=64; - - if(p[2] == '=') - done++; - else{ - x = pos(p[2]); - if(x >= 0) - c += x; - else - return -1; - } - c*=64; - - if(p[3] == '=') - done++; - else{ - if(done) - return -1; - x = pos(p[3]); - if(x >= 0) - c += x; - else - return -1; - } - if(done < 3) - *q++=(c&0x00ff0000)>>16; - - if(done < 2) - *q++=(c&0x0000ff00)>>8; - if(done < 1) - *q++=(c&0x000000ff)>>0; - } - return q - (unsigned char*)data; -} diff --git a/crypto/kerberosIV/appl/ftp/common/base64.h b/crypto/kerberosIV/appl/ftp/common/base64.h deleted file mode 100644 index fe799a2dccf0..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/base64.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: base64.h,v 1.5 1997/04/01 08:17:19 joda Exp $ */ - -#ifndef _BASE64_H_ -#define _BASE64_H_ - -int base64_encode(const void *data, int size, char **str); -int base64_decode(const char *str, void *data); - -#endif diff --git a/crypto/kerberosIV/appl/ftp/common/buffer.c b/crypto/kerberosIV/appl/ftp/common/buffer.c deleted file mode 100644 index 0385d494a120..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/buffer.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "common.h" -#include -#include -#include "roken.h" - -RCSID("$Id: buffer.c,v 1.3 1999/12/02 16:58:29 joda Exp $"); - -/* - * Allocate a buffer enough to handle st->st_blksize, if - * there is such a field, otherwise BUFSIZ. - */ - -void * -alloc_buffer (void *oldbuf, size_t *sz, struct stat *st) -{ - size_t new_sz; - - new_sz = BUFSIZ; -#ifdef HAVE_ST_BLKSIZE - if (st) - new_sz = max(BUFSIZ, st->st_blksize); -#endif - if(new_sz > *sz) { - if (oldbuf) - free (oldbuf); - oldbuf = malloc (new_sz); - if (oldbuf == NULL) { - warn ("malloc"); - *sz = 0; - return NULL; - } - *sz = new_sz; - } - return oldbuf; -} - diff --git a/crypto/kerberosIV/appl/ftp/common/common.h b/crypto/kerberosIV/appl/ftp/common/common.h deleted file mode 100644 index 5949b25d7bf9..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/common.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: common.h,v 1.12 1999/12/02 16:58:29 joda Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifndef __COMMON_H__ -#define __COMMON_H__ - -#include "base64.h" - -void set_buffer_size(int, int); - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif - -void *alloc_buffer (void *oldbuf, size_t *sz, struct stat *st); - -#endif /* __COMMON_H__ */ diff --git a/crypto/kerberosIV/appl/ftp/common/glob.c b/crypto/kerberosIV/appl/ftp/common/glob.c deleted file mode 100644 index 8f19d7ca4dab..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/glob.c +++ /dev/null @@ -1,835 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * glob(3) -- a superset of the one defined in POSIX 1003.2. - * - * The [!...] convention to negate a range is supported (SysV, Posix, ksh). - * - * Optional extra services, controlled by flags not defined by POSIX: - * - * GLOB_QUOTE: - * Escaping convention: \ inhibits any special meaning the following - * character might have (except \ at end of string is retained). - * GLOB_MAGCHAR: - * Set in gl_flags if pattern contained a globbing character. - * GLOB_NOMAGIC: - * Same as GLOB_NOCHECK, but it will only append pattern if it did - * not contain any magic characters. [Used in csh style globbing] - * GLOB_ALTDIRFUNC: - * Use alternately specified directory access functions. - * GLOB_TILDE: - * expand ~user/foo to the /home/dir/of/user/foo - * GLOB_BRACE: - * expand {1,2}{a,b} to 1a 1b 2a 2b - * gl_matchc: - * Number of matches in the current invocation of glob. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif - -#include -#ifdef HAVE_DIRENT_H -#include -#endif -#include -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "glob.h" -#include "roken.h" - -#define CHAR_DOLLAR '$' -#define CHAR_DOT '.' -#define CHAR_EOS '\0' -#define CHAR_LBRACKET '[' -#define CHAR_NOT '!' -#define CHAR_QUESTION '?' -#define CHAR_QUOTE '\\' -#define CHAR_RANGE '-' -#define CHAR_RBRACKET ']' -#define CHAR_SEP '/' -#define CHAR_STAR '*' -#define CHAR_TILDE '~' -#define CHAR_UNDERSCORE '_' -#define CHAR_LBRACE '{' -#define CHAR_RBRACE '}' -#define CHAR_SLASH '/' -#define CHAR_COMMA ',' - -#ifndef DEBUG - -#define M_QUOTE 0x8000 -#define M_PROTECT 0x4000 -#define M_MASK 0xffff -#define M_ASCII 0x00ff - -typedef u_short Char; - -#else - -#define M_QUOTE 0x80 -#define M_PROTECT 0x40 -#define M_MASK 0xff -#define M_ASCII 0x7f - -typedef char Char; - -#endif - - -#define CHAR(c) ((Char)((c)&M_ASCII)) -#define META(c) ((Char)((c)|M_QUOTE)) -#define M_ALL META('*') -#define M_END META(']') -#define M_NOT META('!') -#define M_ONE META('?') -#define M_RNG META('-') -#define M_SET META('[') -#define ismeta(c) (((c)&M_QUOTE) != 0) - - -static int compare (const void *, const void *); -static void g_Ctoc (const Char *, char *); -static int g_lstat (Char *, struct stat *, glob_t *); -static DIR *g_opendir (Char *, glob_t *); -static Char *g_strchr (Char *, int); -#ifdef notdef -static Char *g_strcat (Char *, const Char *); -#endif -static int g_stat (Char *, struct stat *, glob_t *); -static int glob0 (const Char *, glob_t *); -static int glob1 (Char *, glob_t *); -static int glob2 (Char *, Char *, Char *, glob_t *); -static int glob3 (Char *, Char *, Char *, Char *, glob_t *); -static int globextend (const Char *, glob_t *); -static const Char * globtilde (const Char *, Char *, glob_t *); -static int globexp1 (const Char *, glob_t *); -static int globexp2 (const Char *, const Char *, glob_t *, int *); -static int match (Char *, Char *, Char *); -#ifdef DEBUG -static void qprintf (const char *, Char *); -#endif - -int -glob(const char *pattern, - int flags, - int (*errfunc)(const char *, int), - glob_t *pglob) -{ - const u_char *patnext; - int c; - Char *bufnext, *bufend, patbuf[MaxPathLen+1]; - - patnext = (u_char *) pattern; - if (!(flags & GLOB_APPEND)) { - pglob->gl_pathc = 0; - pglob->gl_pathv = NULL; - if (!(flags & GLOB_DOOFFS)) - pglob->gl_offs = 0; - } - pglob->gl_flags = flags & ~GLOB_MAGCHAR; - pglob->gl_errfunc = errfunc; - pglob->gl_matchc = 0; - - bufnext = patbuf; - bufend = bufnext + MaxPathLen; - if (flags & GLOB_QUOTE) { - /* Protect the quoted characters. */ - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) - if (c == CHAR_QUOTE) { - if ((c = *patnext++) == CHAR_EOS) { - c = CHAR_QUOTE; - --patnext; - } - *bufnext++ = c | M_PROTECT; - } - else - *bufnext++ = c; - } - else - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) - *bufnext++ = c; - *bufnext = CHAR_EOS; - - if (flags & GLOB_BRACE) - return globexp1(patbuf, pglob); - else - return glob0(patbuf, pglob); -} - -/* - * Expand recursively a glob {} pattern. When there is no more expansion - * invoke the standard globbing routine to glob the rest of the magic - * characters - */ -static int globexp1(const Char *pattern, glob_t *pglob) -{ - const Char* ptr = pattern; - int rv; - - /* Protect a single {}, for find(1), like csh */ - if (pattern[0] == CHAR_LBRACE && pattern[1] == CHAR_RBRACE && pattern[2] == CHAR_EOS) - return glob0(pattern, pglob); - - while ((ptr = (const Char *) g_strchr((Char *) ptr, CHAR_LBRACE)) != NULL) - if (!globexp2(ptr, pattern, pglob, &rv)) - return rv; - - return glob0(pattern, pglob); -} - - -/* - * Recursive brace globbing helper. Tries to expand a single brace. - * If it succeeds then it invokes globexp1 with the new pattern. - * If it fails then it tries to glob the rest of the pattern and returns. - */ -static int globexp2(const Char *ptr, const Char *pattern, - glob_t *pglob, int *rv) -{ - int i; - Char *lm, *ls; - const Char *pe, *pm, *pl; - Char patbuf[MaxPathLen + 1]; - - /* copy part up to the brace */ - for (lm = patbuf, pm = pattern; pm != ptr; *lm++ = *pm++) - continue; - ls = lm; - - /* Find the balanced brace */ - for (i = 0, pe = ++ptr; *pe; pe++) - if (*pe == CHAR_LBRACKET) { - /* Ignore everything between [] */ - for (pm = pe++; *pe != CHAR_RBRACKET && *pe != CHAR_EOS; pe++) - continue; - if (*pe == CHAR_EOS) { - /* - * We could not find a matching CHAR_RBRACKET. - * Ignore and just look for CHAR_RBRACE - */ - pe = pm; - } - } - else if (*pe == CHAR_LBRACE) - i++; - else if (*pe == CHAR_RBRACE) { - if (i == 0) - break; - i--; - } - - /* Non matching braces; just glob the pattern */ - if (i != 0 || *pe == CHAR_EOS) { - *rv = glob0(patbuf, pglob); - return 0; - } - - for (i = 0, pl = pm = ptr; pm <= pe; pm++) - switch (*pm) { - case CHAR_LBRACKET: - /* Ignore everything between [] */ - for (pl = pm++; *pm != CHAR_RBRACKET && *pm != CHAR_EOS; pm++) - continue; - if (*pm == CHAR_EOS) { - /* - * We could not find a matching CHAR_RBRACKET. - * Ignore and just look for CHAR_RBRACE - */ - pm = pl; - } - break; - - case CHAR_LBRACE: - i++; - break; - - case CHAR_RBRACE: - if (i) { - i--; - break; - } - /* FALLTHROUGH */ - case CHAR_COMMA: - if (i && *pm == CHAR_COMMA) - break; - else { - /* Append the current string */ - for (lm = ls; (pl < pm); *lm++ = *pl++) - continue; - /* - * Append the rest of the pattern after the - * closing brace - */ - for (pl = pe + 1; (*lm++ = *pl++) != CHAR_EOS;) - continue; - - /* Expand the current pattern */ -#ifdef DEBUG - qprintf("globexp2:", patbuf); -#endif - *rv = globexp1(patbuf, pglob); - - /* move after the comma, to the next string */ - pl = pm + 1; - } - break; - - default: - break; - } - *rv = 0; - return 0; -} - - - -/* - * expand tilde from the passwd file. - */ -static const Char * -globtilde(const Char *pattern, Char *patbuf, glob_t *pglob) -{ - struct passwd *pwd; - char *h; - const Char *p; - Char *b; - - if (*pattern != CHAR_TILDE || !(pglob->gl_flags & GLOB_TILDE)) - return pattern; - - /* Copy up to the end of the string or / */ - for (p = pattern + 1, h = (char *) patbuf; *p && *p != CHAR_SLASH; - *h++ = *p++) - continue; - - *h = CHAR_EOS; - - if (((char *) patbuf)[0] == CHAR_EOS) { - /* - * handle a plain ~ or ~/ by expanding $HOME - * first and then trying the password file - */ - if ((h = getenv("HOME")) == NULL) { - if ((pwd = k_getpwuid(getuid())) == NULL) - return pattern; - else - h = pwd->pw_dir; - } - } - else { - /* - * Expand a ~user - */ - if ((pwd = k_getpwnam((char*) patbuf)) == NULL) - return pattern; - else - h = pwd->pw_dir; - } - - /* Copy the home directory */ - for (b = patbuf; *h; *b++ = *h++) - continue; - - /* Append the rest of the pattern */ - while ((*b++ = *p++) != CHAR_EOS) - continue; - - return patbuf; -} - - -/* - * The main glob() routine: compiles the pattern (optionally processing - * quotes), calls glob1() to do the real pattern matching, and finally - * sorts the list (unless unsorted operation is requested). Returns 0 - * if things went well, nonzero if errors occurred. It is not an error - * to find no matches. - */ -static int -glob0(const Char *pattern, glob_t *pglob) -{ - const Char *qpatnext; - int c, err, oldpathc; - Char *bufnext, patbuf[MaxPathLen+1]; - - qpatnext = globtilde(pattern, patbuf, pglob); - oldpathc = pglob->gl_pathc; - bufnext = patbuf; - - /* We don't need to check for buffer overflow any more. */ - while ((c = *qpatnext++) != CHAR_EOS) { - switch (c) { - case CHAR_LBRACKET: - c = *qpatnext; - if (c == CHAR_NOT) - ++qpatnext; - if (*qpatnext == CHAR_EOS || - g_strchr((Char *) qpatnext+1, CHAR_RBRACKET) == NULL) { - *bufnext++ = CHAR_LBRACKET; - if (c == CHAR_NOT) - --qpatnext; - break; - } - *bufnext++ = M_SET; - if (c == CHAR_NOT) - *bufnext++ = M_NOT; - c = *qpatnext++; - do { - *bufnext++ = CHAR(c); - if (*qpatnext == CHAR_RANGE && - (c = qpatnext[1]) != CHAR_RBRACKET) { - *bufnext++ = M_RNG; - *bufnext++ = CHAR(c); - qpatnext += 2; - } - } while ((c = *qpatnext++) != CHAR_RBRACKET); - pglob->gl_flags |= GLOB_MAGCHAR; - *bufnext++ = M_END; - break; - case CHAR_QUESTION: - pglob->gl_flags |= GLOB_MAGCHAR; - *bufnext++ = M_ONE; - break; - case CHAR_STAR: - pglob->gl_flags |= GLOB_MAGCHAR; - /* collapse adjacent stars to one, - * to avoid exponential behavior - */ - if (bufnext == patbuf || bufnext[-1] != M_ALL) - *bufnext++ = M_ALL; - break; - default: - *bufnext++ = CHAR(c); - break; - } - } - *bufnext = CHAR_EOS; -#ifdef DEBUG - qprintf("glob0:", patbuf); -#endif - - if ((err = glob1(patbuf, pglob)) != 0) - return(err); - - /* - * If there was no match we are going to append the pattern - * if GLOB_NOCHECK was specified or if GLOB_NOMAGIC was specified - * and the pattern did not contain any magic characters - * GLOB_NOMAGIC is there just for compatibility with csh. - */ - if (pglob->gl_pathc == oldpathc && - ((pglob->gl_flags & GLOB_NOCHECK) || - ((pglob->gl_flags & GLOB_NOMAGIC) && - !(pglob->gl_flags & GLOB_MAGCHAR)))) - return(globextend(pattern, pglob)); - else if (!(pglob->gl_flags & GLOB_NOSORT)) - qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc, - pglob->gl_pathc - oldpathc, sizeof(char *), compare); - return(0); -} - -static int -compare(const void *p, const void *q) -{ - return(strcmp(*(char **)p, *(char **)q)); -} - -static int -glob1(Char *pattern, glob_t *pglob) -{ - Char pathbuf[MaxPathLen+1]; - - /* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */ - if (*pattern == CHAR_EOS) - return(0); - return(glob2(pathbuf, pathbuf, pattern, pglob)); -} - -/* - * The functions glob2 and glob3 are mutually recursive; there is one level - * of recursion for each segment in the pattern that contains one or more - * meta characters. - */ - -#ifndef S_ISLNK -#if defined(S_IFLNK) && defined(S_IFMT) -#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK) -#else -#define S_ISLNK(mode) 0 -#endif -#endif - -static int -glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob) -{ - struct stat sb; - Char *p, *q; - int anymeta; - - /* - * Loop over pattern segments until end of pattern or until - * segment with meta character found. - */ - for (anymeta = 0;;) { - if (*pattern == CHAR_EOS) { /* End of pattern? */ - *pathend = CHAR_EOS; - if (g_lstat(pathbuf, &sb, pglob)) - return(0); - - if (((pglob->gl_flags & GLOB_MARK) && - pathend[-1] != CHAR_SEP) && (S_ISDIR(sb.st_mode) - || (S_ISLNK(sb.st_mode) && - (g_stat(pathbuf, &sb, pglob) == 0) && - S_ISDIR(sb.st_mode)))) { - *pathend++ = CHAR_SEP; - *pathend = CHAR_EOS; - } - ++pglob->gl_matchc; - return(globextend(pathbuf, pglob)); - } - - /* Find end of next segment, copy tentatively to pathend. */ - q = pathend; - p = pattern; - while (*p != CHAR_EOS && *p != CHAR_SEP) { - if (ismeta(*p)) - anymeta = 1; - *q++ = *p++; - } - - if (!anymeta) { /* No expansion, do next segment. */ - pathend = q; - pattern = p; - while (*pattern == CHAR_SEP) - *pathend++ = *pattern++; - } else /* Need expansion, recurse. */ - return(glob3(pathbuf, pathend, pattern, p, pglob)); - } - /* CHAR_NOTREACHED */ -} - -static int -glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, - glob_t *pglob) -{ - struct dirent *dp; - DIR *dirp; - int err; - char buf[MaxPathLen]; - - /* - * The readdirfunc declaration can't be prototyped, because it is - * assigned, below, to two functions which are prototyped in glob.h - * and dirent.h as taking pointers to differently typed opaque - * structures. - */ - struct dirent *(*readdirfunc)(void *); - - *pathend = CHAR_EOS; - errno = 0; - - if ((dirp = g_opendir(pathbuf, pglob)) == NULL) { - /* TODO: don't call for ENOENT or ENOTDIR? */ - if (pglob->gl_errfunc) { - g_Ctoc(pathbuf, buf); - if (pglob->gl_errfunc(buf, errno) || - pglob->gl_flags & GLOB_ERR) - return (GLOB_ABEND); - } - return(0); - } - - err = 0; - - /* Search directory for matching names. */ - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - readdirfunc = pglob->gl_readdir; - else - readdirfunc = (struct dirent *(*)(void *))readdir; - while ((dp = (*readdirfunc)(dirp))) { - u_char *sc; - Char *dc; - - /* Initial CHAR_DOT must be matched literally. */ - if (dp->d_name[0] == CHAR_DOT && *pattern != CHAR_DOT) - continue; - for (sc = (u_char *) dp->d_name, dc = pathend; - (*dc++ = *sc++) != CHAR_EOS;) - continue; - if (!match(pathend, pattern, restpattern)) { - *pathend = CHAR_EOS; - continue; - } - err = glob2(pathbuf, --dc, restpattern, pglob); - if (err) - break; - } - - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - (*pglob->gl_closedir)(dirp); - else - closedir(dirp); - return(err); -} - - -/* - * Extend the gl_pathv member of a glob_t structure to accomodate a new item, - * add the new item, and update gl_pathc. - * - * This assumes the BSD realloc, which only copies the block when its size - * crosses a power-of-two boundary; for v7 realloc, this would cause quadratic - * behavior. - * - * Return 0 if new item added, error code if memory couldn't be allocated. - * - * Invariant of the glob_t structure: - * Either gl_pathc is zero and gl_pathv is NULL; or gl_pathc > 0 and - * gl_pathv points to (gl_offs + gl_pathc + 1) items. - */ -static int -globextend(const Char *path, glob_t *pglob) -{ - char **pathv; - int i; - u_int newsize; - char *copy; - const Char *p; - - newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs); - pathv = pglob->gl_pathv ? - realloc(pglob->gl_pathv, newsize) : - malloc(newsize); - if (pathv == NULL) - return(GLOB_NOSPACE); - - if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) { - /* first time around -- clear initial gl_offs items */ - pathv += pglob->gl_offs; - for (i = pglob->gl_offs; --i >= 0; ) - *--pathv = NULL; - } - pglob->gl_pathv = pathv; - - for (p = path; *p++;) - continue; - if ((copy = malloc(p - path)) != NULL) { - g_Ctoc(path, copy); - pathv[pglob->gl_offs + pglob->gl_pathc++] = copy; - } - pathv[pglob->gl_offs + pglob->gl_pathc] = NULL; - return(copy == NULL ? GLOB_NOSPACE : 0); -} - - -/* - * pattern matching function for filenames. Each occurrence of the * - * pattern causes a recursion level. - */ -static int -match(Char *name, Char *pat, Char *patend) -{ - int ok, negate_range; - Char c, k; - - while (pat < patend) { - c = *pat++; - switch (c & M_MASK) { - case M_ALL: - if (pat == patend) - return(1); - do - if (match(name, pat, patend)) - return(1); - while (*name++ != CHAR_EOS); - return(0); - case M_ONE: - if (*name++ == CHAR_EOS) - return(0); - break; - case M_SET: - ok = 0; - if ((k = *name++) == CHAR_EOS) - return(0); - if ((negate_range = ((*pat & M_MASK) == M_NOT)) != CHAR_EOS) - ++pat; - while (((c = *pat++) & M_MASK) != M_END) - if ((*pat & M_MASK) == M_RNG) { - if (c <= k && k <= pat[1]) - ok = 1; - pat += 2; - } else if (c == k) - ok = 1; - if (ok == negate_range) - return(0); - break; - default: - if (*name++ != c) - return(0); - break; - } - } - return(*name == CHAR_EOS); -} - -/* Free allocated data belonging to a glob_t structure. */ -void -globfree(glob_t *pglob) -{ - int i; - char **pp; - - if (pglob->gl_pathv != NULL) { - pp = pglob->gl_pathv + pglob->gl_offs; - for (i = pglob->gl_pathc; i--; ++pp) - if (*pp) - free(*pp); - free(pglob->gl_pathv); - } -} - -static DIR * -g_opendir(Char *str, glob_t *pglob) -{ - char buf[MaxPathLen]; - - if (!*str) - strcpy(buf, "."); - else - g_Ctoc(str, buf); - - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_opendir)(buf)); - - return(opendir(buf)); -} - -static int -g_lstat(Char *fn, struct stat *sb, glob_t *pglob) -{ - char buf[MaxPathLen]; - - g_Ctoc(fn, buf); - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_lstat)(buf, sb)); - return(lstat(buf, sb)); -} - -static int -g_stat(Char *fn, struct stat *sb, glob_t *pglob) -{ - char buf[MaxPathLen]; - - g_Ctoc(fn, buf); - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_stat)(buf, sb)); - return(stat(buf, sb)); -} - -static Char * -g_strchr(Char *str, int ch) -{ - do { - if (*str == ch) - return (str); - } while (*str++); - return (NULL); -} - -#ifdef notdef -static Char * -g_strcat(Char *dst, const Char *src) -{ - Char *sdst = dst; - - while (*dst++) - continue; - --dst; - while((*dst++ = *src++) != CHAR_EOS) - continue; - - return (sdst); -} -#endif - -static void -g_Ctoc(const Char *str, char *buf) -{ - char *dc; - - for (dc = buf; (*dc++ = *str++) != CHAR_EOS;) - continue; -} - -#ifdef DEBUG -static void -qprintf(const Char *str, Char *s) -{ - Char *p; - - printf("%s:\n", str); - for (p = s; *p; p++) - printf("%c", CHAR(*p)); - printf("\n"); - for (p = s; *p; p++) - printf("%c", *p & M_PROTECT ? '"' : ' '); - printf("\n"); - for (p = s; *p; p++) - printf("%c", ismeta(*p) ? '_' : ' '); - printf("\n"); -} -#endif diff --git a/crypto/kerberosIV/appl/ftp/common/glob.h b/crypto/kerberosIV/appl/ftp/common/glob.h deleted file mode 100644 index bece48a89cd7..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/glob.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)glob.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _GLOB_H_ -#define _GLOB_H_ - -struct stat; -typedef struct { - int gl_pathc; /* Count of total paths so far. */ - int gl_matchc; /* Count of paths matching pattern. */ - int gl_offs; /* Reserved at beginning of gl_pathv. */ - int gl_flags; /* Copy of flags parameter to glob. */ - char **gl_pathv; /* List of paths matching pattern. */ - /* Copy of errfunc parameter to glob. */ - int (*gl_errfunc) (const char *, int); - - /* - * Alternate filesystem access methods for glob; replacement - * versions of closedir(3), readdir(3), opendir(3), stat(2) - * and lstat(2). - */ - void (*gl_closedir) (void *); - struct dirent *(*gl_readdir) (void *); - void *(*gl_opendir) (const char *); - int (*gl_lstat) (const char *, struct stat *); - int (*gl_stat) (const char *, struct stat *); -} glob_t; - -#define GLOB_APPEND 0x0001 /* Append to output from previous call. */ -#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */ -#define GLOB_ERR 0x0004 /* Return on error. */ -#define GLOB_MARK 0x0008 /* Append / to matching directories. */ -#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */ -#define GLOB_NOSORT 0x0020 /* Don't sort. */ - -#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */ -#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */ -#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */ -#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */ -#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */ -#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */ - -#define GLOB_NOSPACE (-1) /* Malloc call failed. */ -#define GLOB_ABEND (-2) /* Unignored error. */ - -int glob (const char *, int, int (*)(const char *, int), glob_t *); -void globfree (glob_t *); - -#endif /* !_GLOB_H_ */ diff --git a/crypto/kerberosIV/appl/ftp/common/sockbuf.c b/crypto/kerberosIV/appl/ftp/common/sockbuf.c deleted file mode 100644 index 460cc6fbf554..000000000000 --- a/crypto/kerberosIV/appl/ftp/common/sockbuf.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "common.h" -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif - -RCSID("$Id: sockbuf.c,v 1.3 1999/12/02 16:58:29 joda Exp $"); - -void -set_buffer_size(int fd, int read) -{ -#if defined(SO_RCVBUF) && defined(SO_SNDBUF) && defined(HAVE_SETSOCKOPT) - size_t size = 4194304; - while(size >= 131072 && - setsockopt(fd, SOL_SOCKET, read ? SO_RCVBUF : SO_SNDBUF, - (void *)&size, sizeof(size)) < 0) - size /= 2; -#endif -} - - diff --git a/crypto/kerberosIV/appl/ftp/ftp/Makefile.am b/crypto/kerberosIV/appl/ftp/ftp/Makefile.am deleted file mode 100644 index 081465a50416..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/Makefile.am +++ /dev/null @@ -1,44 +0,0 @@ -# $Id: Makefile.am,v 1.12 1999/04/09 18:22:08 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_krb4) - -bin_PROGRAMS = ftp - -CHECK_LOCAL = - -if KRB4 -krb4_sources = krb4.c kauth.c -endif -if KRB5 -krb5_sources = gssapi.c -endif - -ftp_SOURCES = \ - cmds.c \ - cmdtab.c \ - extern.h \ - ftp.c \ - ftp_locl.h \ - ftp_var.h \ - main.c \ - pathnames.h \ - ruserpass.c \ - domacro.c \ - globals.c \ - security.c \ - security.h \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftp_SOURCES = krb4.c kauth.c gssapi.c - -LDADD = \ - ../common/libcommon.a \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_roken) \ - $(LIB_readline) diff --git a/crypto/kerberosIV/appl/ftp/ftp/Makefile.in b/crypto/kerberosIV/appl/ftp/ftp/Makefile.in deleted file mode 100644 index 637d5539f3d4..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/Makefile.in +++ /dev/null @@ -1,102 +0,0 @@ -# -# $Id: Makefile.in,v 1.32 1999/03/11 13:58:09 joda Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -top_builddir = ../../.. - -CC = @CC@ -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -CPPFLAGS= @CPPFLAGS@ -I. -I$(srcdir) -I$(top_builddir) -I$(top_srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include -I$(srcdir)/../common @INCLUDE_readline@ -LD_FLAGS = @LD_FLAGS@ -LIB_tgetent = @LIB_tgetent@ -LIBS = @LIBS@ @LIB_readline@ -MKINSTALLDIRS = $(top_srcdir)/mkinstalldirs - -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -bindir = @bindir@ -libdir = @libdir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -INCTOP = $(top_builddir)/include - -LIBTOP = $(top_builddir)/lib - -PROGS = ftp$(EXECSUFFIX) - -ftp_SOURCES = \ - cmds.c \ - cmdtab.c \ - domacro.c \ - ftp.c \ - globals.c \ - kauth.c \ - krb4.c \ - main.c \ - ruserpass.c \ - security.c - -ftp_OBJS = \ - cmds.o \ - cmdtab.o \ - domacro.o \ - ftp.o \ - globals.o \ - kauth.o \ - krb4.o \ - main.o \ - ruserpass.o \ - security.o - -OBJECTS = $(ftp_OBJS) -SOURCES = $(ftp_SOURCES) - -all: $(PROGS) - -.c.o: - $(CC) -c -I$(srcdir) -I../../../include $(DEFS) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -ftp$(EXECSUFFIX): $(ftp_OBJS) - $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(ftp_OBJS) -L../common -lcommon -L$(LIBTOP)/krb -lkrb -L$(LIBTOP)/des -ldes -L$(LIBTOP)/roken -lroken $(LIBS) -L$(LIBTOP)/roken -lroken - -TAGS: $(SOURCES) - etags $(SOURCES) - -clean: - rm -f *~ *.o core ftp$(EXECSUFFIX) \#* - -mostlyclean: clean - -distclean: clean - rm -f Makefile - -realclean: distclean - rm -f TAGS - -$(OBJECTS): ../../../include/config.h - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmds.c b/crypto/kerberosIV/appl/ftp/ftp/cmds.c deleted file mode 100644 index 1b989320d544..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/cmds.c +++ /dev/null @@ -1,2117 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * FTP User Program -- Command Routines. - */ - -#include "ftp_locl.h" -RCSID("$Id: cmds.c,v 1.36.2.2 2000/06/23 02:43:49 assar Exp $"); - -typedef void (*sighand)(int); - -jmp_buf jabort; -char *mname; -char *home = "/"; - -/* - * `Another' gets another argument, and stores the new argc and argv. - * It reverts to the top level (via main.c's intr()) on EOF/error. - * - * Returns false if no new arguments have been added. - */ -int -another(int *pargc, char ***pargv, char *prompt) -{ - int len = strlen(line), ret; - - if (len >= sizeof(line) - 3) { - printf("sorry, arguments too long\n"); - intr(0); - } - printf("(%s) ", prompt); - line[len++] = ' '; - if (fgets(&line[len], sizeof(line) - len, stdin) == NULL) - intr(0); - len += strlen(&line[len]); - if (len > 0 && line[len - 1] == '\n') - line[len - 1] = '\0'; - makeargv(); - ret = margc > *pargc; - *pargc = margc; - *pargv = margv; - return (ret); -} - -/* - * Connect to peer server and - * auto-login, if possible. - */ -void -setpeer(int argc, char **argv) -{ - char *host; - short port; - struct servent *sp; - - if (connected) { - printf("Already connected to %s, use close first.\n", - hostname); - code = -1; - return; - } - if (argc < 2) - another(&argc, &argv, "to"); - if (argc < 2 || argc > 3) { - printf("usage: %s host-name [port]\n", argv[0]); - code = -1; - return; - } - sp = getservbyname("ftp", "tcp"); - if (sp == NULL) - errx(1, "You bastard. You removed ftp/tcp from services"); - port = sp->s_port; - if (argc > 2) { - port = atoi(argv[2]); - if (port <= 0) { - printf("%s: bad port number-- %s\n", argv[1], argv[2]); - printf ("usage: %s host-name [port]\n", argv[0]); - code = -1; - return; - } - port = htons(port); - } - host = hookup(argv[1], port); - if (host) { - int overbose; - - connected = 1; - /* - * Set up defaults for FTP. - */ - strlcpy(typename, "ascii", sizeof(typename)); - type = TYPE_A; - curtype = TYPE_A; - strlcpy(formname, "non-print", sizeof(formname)); - form = FORM_N; - strlcpy(modename, "stream", sizeof(modename)); - mode = MODE_S; - strlcpy(structname, "file", sizeof(structname)); - stru = STRU_F; - strlcpy(bytename, "8", sizeof(bytename)); - bytesize = 8; - if (autologin) - login(argv[1]); - -#if (defined(unix) || defined(__unix__) || defined(__unix) || defined(_AIX) || defined(_CRAY)) && NBBY == 8 -/* - * this ifdef is to keep someone form "porting" this to an incompatible - * system and not checking this out. This way they have to think about it. - */ - overbose = verbose; - if (debug == 0) - verbose = -1; - if (command("SYST") == COMPLETE && overbose) { - char *cp, c; - cp = strchr(reply_string+4, ' '); - if (cp == NULL) - cp = strchr(reply_string+4, '\r'); - if (cp) { - if (cp[-1] == '.') - cp--; - c = *cp; - *cp = '\0'; - } - - printf("Remote system type is %s.\n", - reply_string+4); - if (cp) - *cp = c; - } - if (!strncmp(reply_string, "215 UNIX Type: L8", 17)) { - if (proxy) - unix_proxy = 1; - else - unix_server = 1; - /* - * Set type to 0 (not specified by user), - * meaning binary by default, but don't bother - * telling server. We can use binary - * for text files unless changed by the user. - */ - type = 0; - strlcpy(typename, "binary", sizeof(typename)); - if (overbose) - printf("Using %s mode to transfer files.\n", - typename); - } else { - if (proxy) - unix_proxy = 0; - else - unix_server = 0; - if (overbose && - !strncmp(reply_string, "215 TOPS20", 10)) - printf( -"Remember to set tenex mode when transfering binary files from this machine.\n"); - } - verbose = overbose; -#endif /* unix */ - } -} - -struct types { - char *t_name; - char *t_mode; - int t_type; - char *t_arg; -} types[] = { - { "ascii", "A", TYPE_A, 0 }, - { "binary", "I", TYPE_I, 0 }, - { "image", "I", TYPE_I, 0 }, - { "ebcdic", "E", TYPE_E, 0 }, - { "tenex", "L", TYPE_L, bytename }, - { NULL } -}; - -/* - * Set transfer type. - */ -void -settype(int argc, char **argv) -{ - struct types *p; - int comret; - - if (argc > 2) { - char *sep; - - printf("usage: %s [", argv[0]); - sep = " "; - for (p = types; p->t_name; p++) { - printf("%s%s", sep, p->t_name); - sep = " | "; - } - printf(" ]\n"); - code = -1; - return; - } - if (argc < 2) { - printf("Using %s mode to transfer files.\n", typename); - code = 0; - return; - } - for (p = types; p->t_name; p++) - if (strcmp(argv[1], p->t_name) == 0) - break; - if (p->t_name == 0) { - printf("%s: unknown mode\n", argv[1]); - code = -1; - return; - } - if ((p->t_arg != NULL) && (*(p->t_arg) != '\0')) - comret = command ("TYPE %s %s", p->t_mode, p->t_arg); - else - comret = command("TYPE %s", p->t_mode); - if (comret == COMPLETE) { - strlcpy(typename, p->t_name, sizeof(typename)); - curtype = type = p->t_type; - } -} - -/* - * Internal form of settype; changes current type in use with server - * without changing our notion of the type for data transfers. - * Used to change to and from ascii for listings. - */ -void -changetype(int newtype, int show) -{ - struct types *p; - int comret, oldverbose = verbose; - - if (newtype == 0) - newtype = TYPE_I; - if (newtype == curtype) - return; - if (debug == 0 && show == 0) - verbose = 0; - for (p = types; p->t_name; p++) - if (newtype == p->t_type) - break; - if (p->t_name == 0) { - printf("ftp: internal error: unknown type %d\n", newtype); - return; - } - if (newtype == TYPE_L && bytename[0] != '\0') - comret = command("TYPE %s %s", p->t_mode, bytename); - else - comret = command("TYPE %s", p->t_mode); - if (comret == COMPLETE) - curtype = newtype; - verbose = oldverbose; -} - -char *stype[] = { - "type", - "", - 0 -}; - -/* - * Set binary transfer type. - */ -/*VARARGS*/ -void -setbinary(int argc, char **argv) -{ - - stype[1] = "binary"; - settype(2, stype); -} - -/* - * Set ascii transfer type. - */ -/*VARARGS*/ -void -setascii(int argc, char **argv) -{ - - stype[1] = "ascii"; - settype(2, stype); -} - -/* - * Set tenex transfer type. - */ -/*VARARGS*/ -void -settenex(int argc, char **argv) -{ - - stype[1] = "tenex"; - settype(2, stype); -} - -/* - * Set file transfer mode. - */ -/*ARGSUSED*/ -void -setftmode(int argc, char **argv) -{ - - printf("We only support %s mode, sorry.\n", modename); - code = -1; -} - -/* - * Set file transfer format. - */ -/*ARGSUSED*/ -void -setform(int argc, char **argv) -{ - - printf("We only support %s format, sorry.\n", formname); - code = -1; -} - -/* - * Set file transfer structure. - */ -/*ARGSUSED*/ -void -setstruct(int argc, char **argv) -{ - - printf("We only support %s structure, sorry.\n", structname); - code = -1; -} - -/* - * Send a single file. - */ -void -put(int argc, char **argv) -{ - char *cmd; - int loc = 0; - char *oldargv1, *oldargv2; - - if (argc == 2) { - argc++; - argv[2] = argv[1]; - loc++; - } - if (argc < 2 && !another(&argc, &argv, "local-file")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "remote-file")) { -usage: - printf("usage: %s local-file remote-file\n", argv[0]); - code = -1; - return; - } - oldargv1 = argv[1]; - oldargv2 = argv[2]; - if (!globulize(&argv[1])) { - code = -1; - return; - } - /* - * If "globulize" modifies argv[1], and argv[2] is a copy of - * the old argv[1], make it a copy of the new argv[1]. - */ - if (argv[1] != oldargv1 && argv[2] == oldargv1) { - argv[2] = argv[1]; - } - cmd = (argv[0][0] == 'a') ? "APPE" : ((sunique) ? "STOU" : "STOR"); - if (loc && ntflag) { - argv[2] = dotrans(argv[2]); - } - if (loc && mapflag) { - argv[2] = domap(argv[2]); - } - sendrequest(cmd, argv[1], argv[2], - curtype == TYPE_I ? "rb" : "r", - argv[1] != oldargv1 || argv[2] != oldargv2); -} - -/* ARGSUSED */ -static RETSIGTYPE -mabort(int signo) -{ - int ointer; - - printf("\n"); - fflush(stdout); - if (mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with", mname)) { - interactive = ointer; - longjmp(jabort,0); - } - interactive = ointer; - } - mflag = 0; - longjmp(jabort,0); -} - -/* - * Send multiple files. - */ -void -mput(int argc, char **argv) -{ - int i; - RETSIGTYPE (*oldintr)(); - int ointer; - char *tp; - - if (argc < 2 && !another(&argc, &argv, "local-files")) { - printf("usage: %s local-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - if (proxy) { - char *cp, *tp2, tmpbuf[MaxPathLen]; - - while ((cp = remglob(argv,0)) != NULL) { - if (*cp == 0) { - mflag = 0; - continue; - } - if (mflag && confirm(argv[0], cp)) { - tp = cp; - if (mcase) { - while (*tp && !islower(*tp)) { - tp++; - } - if (!*tp) { - tp = cp; - tp2 = tmpbuf; - while ((*tp2 = *tp) != '\0') { - if (isupper(*tp2)) { - *tp2 = 'a' + *tp2 - 'A'; - } - tp++; - tp2++; - } - } - tp = tmpbuf; - } - if (ntflag) { - tp = dotrans(tp); - } - if (mapflag) { - tp = domap(tp); - } - sendrequest((sunique) ? "STOU" : "STOR", - cp, tp, - curtype == TYPE_I ? "rb" : "r", - cp != tp || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } - } - signal(SIGINT, oldintr); - mflag = 0; - return; - } - for (i = 1; i < argc; i++) { - char **cpp; - glob_t gl; - int flags; - - if (!doglob) { - if (mflag && confirm(argv[0], argv[i])) { - tp = (ntflag) ? dotrans(argv[i]) : argv[i]; - tp = (mapflag) ? domap(tp) : tp; - sendrequest((sunique) ? "STOU" : "STOR", - argv[i], - curtype == TYPE_I ? "rb" : "r", - tp, tp != argv[i] || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } - continue; - } - - memset(&gl, 0, sizeof(gl)); - flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) { - warnx("%s: not found", argv[i]); - globfree(&gl); - continue; - } - for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) { - if (mflag && confirm(argv[0], *cpp)) { - tp = (ntflag) ? dotrans(*cpp) : *cpp; - tp = (mapflag) ? domap(tp) : tp; - sendrequest((sunique) ? "STOU" : "STOR", - *cpp, tp, - curtype == TYPE_I ? "rb" : "r", - *cpp != tp || !interactive); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mput")) { - mflag++; - } - interactive = ointer; - } - } - } - globfree(&gl); - } - signal(SIGINT, oldintr); - mflag = 0; -} - -void -reget(int argc, char **argv) -{ - getit(argc, argv, 1, curtype == TYPE_I ? "r+wb" : "r+w"); -} - -void -get(int argc, char **argv) -{ - char *mode; - - if (restart_point) - if (curtype == TYPE_I) - mode = "r+wb"; - else - mode = "r+w"; - else - if (curtype == TYPE_I) - mode = "wb"; - else - mode = "w"; - - getit(argc, argv, 0, mode); -} - -/* - * Receive one file. - */ -int -getit(int argc, char **argv, int restartit, char *mode) -{ - int loc = 0; - int local_given = 1; - char *oldargv1, *oldargv2; - - if (argc == 2) { - argc++; - local_given = 0; - argv[2] = argv[1]; - loc++; - } - if ((argc < 2 && !another(&argc, &argv, "remote-file")) || - (argc < 3 && !another(&argc, &argv, "local-file"))) { - printf("usage: %s remote-file [ local-file ]\n", argv[0]); - code = -1; - return (0); - } - oldargv1 = argv[1]; - oldargv2 = argv[2]; - if (!globulize(&argv[2])) { - code = -1; - return (0); - } - if (loc && mcase) { - char *tp = argv[1], *tp2, tmpbuf[MaxPathLen]; - - while (*tp && !islower(*tp)) { - tp++; - } - if (!*tp) { - tp = argv[2]; - tp2 = tmpbuf; - while ((*tp2 = *tp) != '\0') { - if (isupper(*tp2)) { - *tp2 = 'a' + *tp2 - 'A'; - } - tp++; - tp2++; - } - argv[2] = tmpbuf; - } - } - if (loc && ntflag) - argv[2] = dotrans(argv[2]); - if (loc && mapflag) - argv[2] = domap(argv[2]); - if (restartit) { - struct stat stbuf; - int ret; - - ret = stat(argv[2], &stbuf); - if (restartit == 1) { - if (ret < 0) { - warn("local: %s", argv[2]); - return (0); - } - restart_point = stbuf.st_size; - } else if (ret == 0) { - int overbose; - int cmdret; - int yy, mo, day, hour, min, sec; - struct tm *tm; - time_t mtime = stbuf.st_mtime; - - overbose = verbose; - if (debug == 0) - verbose = -1; - cmdret = command("MDTM %s", argv[1]); - verbose = overbose; - if (cmdret != COMPLETE) { - printf("%s\n", reply_string); - return (0); - } - if (sscanf(reply_string, - "%*s %04d%02d%02d%02d%02d%02d", - &yy, &mo, &day, &hour, &min, &sec) - != 6) { - printf ("bad MDTM result\n"); - return (0); - } - - tm = gmtime(&mtime); - tm->tm_mon++; - tm->tm_year += 1900; - - if ((tm->tm_year > yy) || - (tm->tm_year == yy && - tm->tm_mon > mo) || - (tm->tm_mon == mo && - tm->tm_mday > day) || - (tm->tm_mday == day && - tm->tm_hour > hour) || - (tm->tm_hour == hour && - tm->tm_min > min) || - (tm->tm_min == min && - tm->tm_sec > sec)) - return (1); - } - } - - recvrequest("RETR", argv[2], argv[1], mode, - argv[1] != oldargv1 || argv[2] != oldargv2, local_given); - restart_point = 0; - return (0); -} - -static int -suspicious_filename(const char *fn) -{ - return strstr(fn, "../") != NULL || *fn == '/'; -} - -/* - * Get multiple files. - */ -void -mget(int argc, char **argv) -{ - sighand oldintr; - int ch, ointer; - char *cp, *tp, *tp2, tmpbuf[MaxPathLen]; - - if (argc < 2 && !another(&argc, &argv, "remote-files")) { - printf("usage: %s remote-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - while ((cp = remglob(argv,proxy)) != NULL) { - if (*cp == '\0') { - mflag = 0; - continue; - } - if (mflag && suspicious_filename(cp)) - printf("*** Suspicious filename: %s\n", cp); - if (mflag && confirm(argv[0], cp)) { - tp = cp; - if (mcase) { - for (tp2 = tmpbuf; (ch = *tp++);) - *tp2++ = isupper(ch) ? tolower(ch) : ch; - *tp2 = '\0'; - tp = tmpbuf; - } - if (ntflag) { - tp = dotrans(tp); - } - if (mapflag) { - tp = domap(tp); - } - recvrequest("RETR", tp, cp, - curtype == TYPE_I ? "wb" : "w", - tp != cp || !interactive, 0); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with","mget")) { - mflag++; - } - interactive = ointer; - } - } - } - signal(SIGINT,oldintr); - mflag = 0; -} - -char * -remglob(char **argv, int doswitch) -{ - char temp[16]; - static char buf[MaxPathLen]; - static FILE *ftemp = NULL; - static char **args; - int oldverbose, oldhash; - char *cp, *mode; - - if (!mflag) { - if (!doglob) { - args = NULL; - } - else { - if (ftemp) { - fclose(ftemp); - ftemp = NULL; - } - } - return (NULL); - } - if (!doglob) { - if (args == NULL) - args = argv; - if ((cp = *++args) == NULL) - args = NULL; - return (cp); - } - if (ftemp == NULL) { - int fd; - strlcpy(temp, _PATH_TMP_XXX, sizeof(temp)); - fd = mkstemp(temp); - if(fd < 0){ - warn("unable to create temporary file %s", temp); - return NULL; - } - close(fd); - oldverbose = verbose, verbose = 0; - oldhash = hash, hash = 0; - if (doswitch) { - pswitch(!proxy); - } - for (mode = "w"; *++argv != NULL; mode = "a") - recvrequest ("NLST", temp, *argv, mode, 0, 0); - if (doswitch) { - pswitch(!proxy); - } - verbose = oldverbose; hash = oldhash; - ftemp = fopen(temp, "r"); - unlink(temp); - if (ftemp == NULL) { - printf("can't find list of remote files, oops\n"); - return (NULL); - } - } - while(fgets(buf, sizeof (buf), ftemp)) { - if ((cp = strchr(buf, '\n')) != NULL) - *cp = '\0'; - if(!interactive && suspicious_filename(buf)){ - printf("Ignoring remote globbed file `%s'\n", buf); - continue; - } - return buf; - } - fclose(ftemp); - ftemp = NULL; - return (NULL); -} - -char * -onoff(int bool) -{ - - return (bool ? "on" : "off"); -} - -/* - * Show status. - */ -/*ARGSUSED*/ -void -status(int argc, char **argv) -{ - int i; - - if (connected) - printf("Connected to %s.\n", hostname); - else - printf("Not connected.\n"); - if (!proxy) { - pswitch(1); - if (connected) { - printf("Connected for proxy commands to %s.\n", hostname); - } - else { - printf("No proxy connection.\n"); - } - pswitch(0); - } - sec_status(); - printf("Mode: %s; Type: %s; Form: %s; Structure: %s\n", - modename, typename, formname, structname); - printf("Verbose: %s; Bell: %s; Prompting: %s; Globbing: %s\n", - onoff(verbose), onoff(bell), onoff(interactive), - onoff(doglob)); - printf("Store unique: %s; Receive unique: %s\n", onoff(sunique), - onoff(runique)); - printf("Case: %s; CR stripping: %s\n",onoff(mcase),onoff(crflag)); - if (ntflag) { - printf("Ntrans: (in) %s (out) %s\n", ntin,ntout); - } - else { - printf("Ntrans: off\n"); - } - if (mapflag) { - printf("Nmap: (in) %s (out) %s\n", mapin, mapout); - } - else { - printf("Nmap: off\n"); - } - printf("Hash mark printing: %s; Use of PORT cmds: %s\n", - onoff(hash), onoff(sendport)); - if (macnum > 0) { - printf("Macros:\n"); - for (i=0; i 1) { - val = atoi(argv[1]); - if (val < 0) { - printf("%s: bad debugging value.\n", argv[1]); - code = -1; - return; - } - } else - val = !debug; - debug = val; - if (debug) - options |= SO_DEBUG; - else - options &= ~SO_DEBUG; - printf("Debugging %s (debug=%d).\n", onoff(debug), debug); - code = debug > 0; -} - -/* - * Set current working directory - * on remote machine. - */ -void -cd(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "remote-directory")) { - printf("usage: %s remote-directory\n", argv[0]); - code = -1; - return; - } - if (command("CWD %s", argv[1]) == ERROR && code == 500) { - if (verbose) - printf("CWD command not recognized, trying XCWD\n"); - command("XCWD %s", argv[1]); - } -} - -/* - * Set current working directory - * on local machine. - */ -void -lcd(int argc, char **argv) -{ - char buf[MaxPathLen]; - - if (argc < 2) - argc++, argv[1] = home; - if (argc != 2) { - printf("usage: %s local-directory\n", argv[0]); - code = -1; - return; - } - if (!globulize(&argv[1])) { - code = -1; - return; - } - if (chdir(argv[1]) < 0) { - warn("local: %s", argv[1]); - code = -1; - return; - } - if (getcwd(buf, sizeof(buf)) != NULL) - printf("Local directory now %s\n", buf); - else - warnx("getwd: %s", buf); - code = 0; -} - -/* - * Delete a single file. - */ -void -delete(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "remote-file")) { - printf("usage: %s remote-file\n", argv[0]); - code = -1; - return; - } - command("DELE %s", argv[1]); -} - -/* - * Delete multiple files. - */ -void -mdelete(int argc, char **argv) -{ - sighand oldintr; - int ointer; - char *cp; - - if (argc < 2 && !another(&argc, &argv, "remote-files")) { - printf("usage: %s remote-files\n", argv[0]); - code = -1; - return; - } - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - while ((cp = remglob(argv,0)) != NULL) { - if (*cp == '\0') { - mflag = 0; - continue; - } - if (mflag && confirm(argv[0], cp)) { - command("DELE %s", cp); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with", "mdelete")) { - mflag++; - } - interactive = ointer; - } - } - } - signal(SIGINT, oldintr); - mflag = 0; -} - -/* - * Rename a remote file. - */ -void -renamefile(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "from-name")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "to-name")) { -usage: - printf("%s from-name to-name\n", argv[0]); - code = -1; - return; - } - if (command("RNFR %s", argv[1]) == CONTINUE) - command("RNTO %s", argv[2]); -} - -/* - * Get a directory listing - * of remote files. - */ -void -ls(int argc, char **argv) -{ - char *cmd; - - if (argc < 2) - argc++, argv[1] = NULL; - if (argc < 3) - argc++, argv[2] = "-"; - if (argc > 3) { - printf("usage: %s remote-directory local-file\n", argv[0]); - code = -1; - return; - } - cmd = argv[0][0] == 'n' ? "NLST" : "LIST"; - if (strcmp(argv[2], "-") && !globulize(&argv[2])) { - code = -1; - return; - } - if (strcmp(argv[2], "-") && *argv[2] != '|') - if (!globulize(&argv[2]) || !confirm("output to local-file:", - argv[2])) { - code = -1; - return; - } - recvrequest(cmd, argv[2], argv[1], "w", 0, 1); -} - -/* - * Get a directory listing - * of multiple remote files. - */ -void -mls(int argc, char **argv) -{ - sighand oldintr; - int ointer, i; - char *cmd, mode[1], *dest; - - if (argc < 2 && !another(&argc, &argv, "remote-files")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "local-file")) { -usage: - printf("usage: %s remote-files local-file\n", argv[0]); - code = -1; - return; - } - dest = argv[argc - 1]; - argv[argc - 1] = NULL; - if (strcmp(dest, "-") && *dest != '|') - if (!globulize(&dest) || - !confirm("output to local-file:", dest)) { - code = -1; - return; - } - cmd = argv[0][1] == 'l' ? "NLST" : "LIST"; - mname = argv[0]; - mflag = 1; - oldintr = signal(SIGINT, mabort); - setjmp(jabort); - for (i = 1; mflag && i < argc-1; ++i) { - *mode = (i == 1) ? 'w' : 'a'; - recvrequest(cmd, dest, argv[i], mode, 0, 1); - if (!mflag && fromatty) { - ointer = interactive; - interactive = 1; - if (confirm("Continue with", argv[0])) { - mflag ++; - } - interactive = ointer; - } - } - signal(SIGINT, oldintr); - mflag = 0; -} - -/* - * Do a shell escape - */ -/*ARGSUSED*/ -void -shell(int argc, char **argv) -{ - pid_t pid; - RETSIGTYPE (*old1)(), (*old2)(); - char shellnam[40], *shell, *namep; - int status; - - old1 = signal (SIGINT, SIG_IGN); - old2 = signal (SIGQUIT, SIG_IGN); - if ((pid = fork()) == 0) { - for (pid = 3; pid < 20; pid++) - close(pid); - signal(SIGINT, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - shell = getenv("SHELL"); - if (shell == NULL) - shell = _PATH_BSHELL; - namep = strrchr(shell,'/'); - if (namep == NULL) - namep = shell; - snprintf (shellnam, sizeof(shellnam), - "-%s", ++namep); - if (strcmp(namep, "sh") != 0) - shellnam[0] = '+'; - if (debug) { - printf ("%s\n", shell); - fflush (stdout); - } - if (argc > 1) { - execl(shell,shellnam,"-c",altarg,(char *)0); - } - else { - execl(shell,shellnam,(char *)0); - } - warn("%s", shell); - code = -1; - exit(1); - } - if (pid > 0) - while (waitpid(-1, &status, 0) != pid) - ; - signal(SIGINT, old1); - signal(SIGQUIT, old2); - if (pid == -1) { - warn("%s", "Try again later"); - code = -1; - } - else { - code = 0; - } -} - -/* - * Send new user information (re-login) - */ -void -user(int argc, char **argv) -{ - char acct[80]; - int n, aflag = 0; - char tmp[256]; - - if (argc < 2) - another(&argc, &argv, "username"); - if (argc < 2 || argc > 4) { - printf("usage: %s username [password] [account]\n", argv[0]); - code = -1; - return; - } - n = command("USER %s", argv[1]); - if (n == CONTINUE) { - if (argc < 3 ) { - des_read_pw_string (tmp, - sizeof(tmp), - "Password: ", 0); - argv[2] = tmp; - argc++; - } - n = command("PASS %s", argv[2]); - } - if (n == CONTINUE) { - if (argc < 4) { - printf("Account: "); fflush(stdout); - fgets(acct, sizeof(acct) - 1, stdin); - acct[strlen(acct) - 1] = '\0'; - argv[3] = acct; argc++; - } - n = command("ACCT %s", argv[3]); - aflag++; - } - if (n != COMPLETE) { - fprintf(stdout, "Login failed.\n"); - return; - } - if (!aflag && argc == 4) { - command("ACCT %s", argv[3]); - } -} - -/* - * Print working directory. - */ -/*VARARGS*/ -void -pwd(int argc, char **argv) -{ - int oldverbose = verbose; - - /* - * If we aren't verbose, this doesn't do anything! - */ - verbose = 1; - if (command("PWD") == ERROR && code == 500) { - printf("PWD command not recognized, trying XPWD\n"); - command("XPWD"); - } - verbose = oldverbose; -} - -/* - * Make a directory. - */ -void -makedir(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "directory-name")) { - printf("usage: %s directory-name\n", argv[0]); - code = -1; - return; - } - if (command("MKD %s", argv[1]) == ERROR && code == 500) { - if (verbose) - printf("MKD command not recognized, trying XMKD\n"); - command("XMKD %s", argv[1]); - } -} - -/* - * Remove a directory. - */ -void -removedir(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "directory-name")) { - printf("usage: %s directory-name\n", argv[0]); - code = -1; - return; - } - if (command("RMD %s", argv[1]) == ERROR && code == 500) { - if (verbose) - printf("RMD command not recognized, trying XRMD\n"); - command("XRMD %s", argv[1]); - } -} - -/* - * Send a line, verbatim, to the remote machine. - */ -void -quote(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "command line to send")) { - printf("usage: %s line-to-send\n", argv[0]); - code = -1; - return; - } - quote1("", argc, argv); -} - -/* - * Send a SITE command to the remote machine. The line - * is sent verbatim to the remote machine, except that the - * word "SITE" is added at the front. - */ -void -site(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "arguments to SITE command")) { - printf("usage: %s line-to-send\n", argv[0]); - code = -1; - return; - } - quote1("SITE ", argc, argv); -} - -/* - * Turn argv[1..argc) into a space-separated string, then prepend initial text. - * Send the result as a one-line command and get response. - */ -void -quote1(char *initial, int argc, char **argv) -{ - int i; - char buf[BUFSIZ]; /* must be >= sizeof(line) */ - - strlcpy(buf, initial, sizeof(buf)); - for(i = 1; i < argc; i++) { - if(i > 1) - strlcat(buf, " ", sizeof(buf)); - strlcat(buf, argv[i], sizeof(buf)); - } - if (command("%s", buf) == PRELIM) { - while (getreply(0) == PRELIM) - continue; - } -} - -void -do_chmod(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "mode")) - goto usage; - if (argc < 3 && !another(&argc, &argv, "file-name")) { -usage: - printf("usage: %s mode file-name\n", argv[0]); - code = -1; - return; - } - command("SITE CHMOD %s %s", argv[1], argv[2]); -} - -void -do_umask(int argc, char **argv) -{ - int oldverbose = verbose; - - verbose = 1; - command(argc == 1 ? "SITE UMASK" : "SITE UMASK %s", argv[1]); - verbose = oldverbose; -} - -void -ftp_idle(int argc, char **argv) -{ - int oldverbose = verbose; - - verbose = 1; - command(argc == 1 ? "SITE IDLE" : "SITE IDLE %s", argv[1]); - verbose = oldverbose; -} - -/* - * Ask the other side for help. - */ -void -rmthelp(int argc, char **argv) -{ - int oldverbose = verbose; - - verbose = 1; - command(argc == 1 ? "HELP" : "HELP %s", argv[1]); - verbose = oldverbose; -} - -/* - * Terminate session and exit. - */ -/*VARARGS*/ -void -quit(int argc, char **argv) -{ - - if (connected) - disconnect(0, 0); - pswitch(1); - if (connected) { - disconnect(0, 0); - } - exit(0); -} - -/* - * Terminate session, but don't exit. - */ -void -disconnect(int argc, char **argv) -{ - - if (!connected) - return; - command("QUIT"); - if (cout) { - fclose(cout); - } - cout = NULL; - connected = 0; - sec_end(); - data = -1; - if (!proxy) { - macnum = 0; - } -} - -int -confirm(char *cmd, char *file) -{ - char line[BUFSIZ]; - - if (!interactive) - return (1); - printf("%s %s? ", cmd, file); - fflush(stdout); - if (fgets(line, sizeof line, stdin) == NULL) - return (0); - return (*line == 'y' || *line == 'Y'); -} - -void -fatal(char *msg) -{ - - errx(1, "%s", msg); -} - -/* - * Glob a local file name specification with - * the expectation of a single return value. - * Can't control multiple values being expanded - * from the expression, we return only the first. - */ -int -globulize(char **cpp) -{ - glob_t gl; - int flags; - - if (!doglob) - return (1); - - flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - memset(&gl, 0, sizeof(gl)); - if (glob(*cpp, flags, NULL, &gl) || - gl.gl_pathc == 0) { - warnx("%s: not found", *cpp); - globfree(&gl); - return (0); - } - *cpp = strdup(gl.gl_pathv[0]); /* XXX - wasted memory */ - globfree(&gl); - return (1); -} - -void -account(int argc, char **argv) -{ - char acct[50]; - - if (argc > 1) { - ++argv; - --argc; - strlcpy (acct, *argv, sizeof(acct)); - while (argc > 1) { - --argc; - ++argv; - strlcat(acct, *argv, sizeof(acct)); - } - } - else { - des_read_pw_string(acct, sizeof(acct), "Account:", 0); - } - command("ACCT %s", acct); -} - -jmp_buf abortprox; - -static RETSIGTYPE -proxabort(int sig) -{ - - if (!proxy) { - pswitch(1); - } - if (connected) { - proxflag = 1; - } - else { - proxflag = 0; - } - pswitch(0); - longjmp(abortprox,1); -} - -void -doproxy(int argc, char **argv) -{ - struct cmd *c; - RETSIGTYPE (*oldintr)(); - - if (argc < 2 && !another(&argc, &argv, "command")) { - printf("usage: %s command\n", argv[0]); - code = -1; - return; - } - c = getcmd(argv[1]); - if (c == (struct cmd *) -1) { - printf("?Ambiguous command\n"); - fflush(stdout); - code = -1; - return; - } - if (c == 0) { - printf("?Invalid command\n"); - fflush(stdout); - code = -1; - return; - } - if (!c->c_proxy) { - printf("?Invalid proxy command\n"); - fflush(stdout); - code = -1; - return; - } - if (setjmp(abortprox)) { - code = -1; - return; - } - oldintr = signal(SIGINT, proxabort); - pswitch(1); - if (c->c_conn && !connected) { - printf("Not connected\n"); - fflush(stdout); - pswitch(0); - signal(SIGINT, oldintr); - code = -1; - return; - } - (*c->c_handler)(argc-1, argv+1); - if (connected) { - proxflag = 1; - } - else { - proxflag = 0; - } - pswitch(0); - signal(SIGINT, oldintr); -} - -void -setcase(int argc, char **argv) -{ - - mcase = !mcase; - printf("Case mapping %s.\n", onoff(mcase)); - code = mcase; -} - -void -setcr(int argc, char **argv) -{ - - crflag = !crflag; - printf("Carriage Return stripping %s.\n", onoff(crflag)); - code = crflag; -} - -void -setntrans(int argc, char **argv) -{ - if (argc == 1) { - ntflag = 0; - printf("Ntrans off.\n"); - code = ntflag; - return; - } - ntflag++; - code = ntflag; - strlcpy (ntin, argv[1], 17); - if (argc == 2) { - ntout[0] = '\0'; - return; - } - strlcpy (ntout, argv[2], 17); -} - -char * -dotrans(char *name) -{ - static char new[MaxPathLen]; - char *cp1, *cp2 = new; - int i, ostop, found; - - for (ostop = 0; *(ntout + ostop) && ostop < 16; ostop++) - continue; - for (cp1 = name; *cp1; cp1++) { - found = 0; - for (i = 0; *(ntin + i) && i < 16; i++) { - if (*cp1 == *(ntin + i)) { - found++; - if (i < ostop) { - *cp2++ = *(ntout + i); - } - break; - } - } - if (!found) { - *cp2++ = *cp1; - } - } - *cp2 = '\0'; - return (new); -} - -void -setnmap(int argc, char **argv) -{ - char *cp; - - if (argc == 1) { - mapflag = 0; - printf("Nmap off.\n"); - code = mapflag; - return; - } - if (argc < 3 && !another(&argc, &argv, "mapout")) { - printf("Usage: %s [mapin mapout]\n",argv[0]); - code = -1; - return; - } - mapflag = 1; - code = 1; - cp = strchr(altarg, ' '); - if (proxy) { - while(*++cp == ' ') - continue; - altarg = cp; - cp = strchr(altarg, ' '); - } - *cp = '\0'; - strlcpy(mapin, altarg, MaxPathLen); - while (*++cp == ' ') - continue; - strlcpy(mapout, cp, MaxPathLen); -} - -char * -domap(char *name) -{ - static char new[MaxPathLen]; - char *cp1 = name, *cp2 = mapin; - char *tp[9], *te[9]; - int i, toks[9], toknum = 0, match = 1; - - for (i=0; i < 9; ++i) { - toks[i] = 0; - } - while (match && *cp1 && *cp2) { - switch (*cp2) { - case '\\': - if (*++cp2 != *cp1) { - match = 0; - } - break; - case '$': - if (*(cp2+1) >= '1' && (*cp2+1) <= '9') { - if (*cp1 != *(++cp2+1)) { - toks[toknum = *cp2 - '1']++; - tp[toknum] = cp1; - while (*++cp1 && *(cp2+1) - != *cp1); - te[toknum] = cp1; - } - cp2++; - break; - } - /* FALLTHROUGH */ - default: - if (*cp2 != *cp1) { - match = 0; - } - break; - } - if (match && *cp1) { - cp1++; - } - if (match && *cp2) { - cp2++; - } - } - if (!match && *cp1) /* last token mismatch */ - { - toks[toknum] = 0; - } - cp1 = new; - *cp1 = '\0'; - cp2 = mapout; - while (*cp2) { - match = 0; - switch (*cp2) { - case '\\': - if (*(cp2 + 1)) { - *cp1++ = *++cp2; - } - break; - case '[': -LOOP: - if (*++cp2 == '$' && isdigit(*(cp2+1))) { - if (*++cp2 == '0') { - char *cp3 = name; - - while (*cp3) { - *cp1++ = *cp3++; - } - match = 1; - } - else if (toks[toknum = *cp2 - '1']) { - char *cp3 = tp[toknum]; - - while (cp3 != te[toknum]) { - *cp1++ = *cp3++; - } - match = 1; - } - } - else { - while (*cp2 && *cp2 != ',' && - *cp2 != ']') { - if (*cp2 == '\\') { - cp2++; - } - else if (*cp2 == '$' && - isdigit(*(cp2+1))) { - if (*++cp2 == '0') { - char *cp3 = name; - - while (*cp3) { - *cp1++ = *cp3++; - } - } - else if (toks[toknum = - *cp2 - '1']) { - char *cp3=tp[toknum]; - - while (cp3 != - te[toknum]) { - *cp1++ = *cp3++; - } - } - } - else if (*cp2) { - *cp1++ = *cp2++; - } - } - if (!*cp2) { - printf("nmap: unbalanced brackets\n"); - return (name); - } - match = 1; - cp2--; - } - if (match) { - while (*++cp2 && *cp2 != ']') { - if (*cp2 == '\\' && *(cp2 + 1)) { - cp2++; - } - } - if (!*cp2) { - printf("nmap: unbalanced brackets\n"); - return (name); - } - break; - } - switch (*++cp2) { - case ',': - goto LOOP; - case ']': - break; - default: - cp2--; - goto LOOP; - } - break; - case '$': - if (isdigit(*(cp2 + 1))) { - if (*++cp2 == '0') { - char *cp3 = name; - - while (*cp3) { - *cp1++ = *cp3++; - } - } - else if (toks[toknum = *cp2 - '1']) { - char *cp3 = tp[toknum]; - - while (cp3 != te[toknum]) { - *cp1++ = *cp3++; - } - } - break; - } - /* intentional drop through */ - default: - *cp1++ = *cp2; - break; - } - cp2++; - } - *cp1 = '\0'; - if (!*new) { - return (name); - } - return (new); -} - -void -setpassive(int argc, char **argv) -{ - - passivemode = !passivemode; - printf("Passive mode %s.\n", onoff(passivemode)); - code = passivemode; -} - -void -setsunique(int argc, char **argv) -{ - - sunique = !sunique; - printf("Store unique %s.\n", onoff(sunique)); - code = sunique; -} - -void -setrunique(int argc, char **argv) -{ - - runique = !runique; - printf("Receive unique %s.\n", onoff(runique)); - code = runique; -} - -/* change directory to perent directory */ -void -cdup(int argc, char **argv) -{ - - if (command("CDUP") == ERROR && code == 500) { - if (verbose) - printf("CDUP command not recognized, trying XCUP\n"); - command("XCUP"); - } -} - -/* restart transfer at specific point */ -void -restart(int argc, char **argv) -{ - - if (argc != 2) - printf("restart: offset not specified\n"); - else { - restart_point = atol(argv[1]); - printf("restarting at %ld. %s\n", (long)restart_point, - "execute get, put or append to initiate transfer"); - } -} - -/* show remote system type */ -void -syst(int argc, char **argv) -{ - - command("SYST"); -} - -void -macdef(int argc, char **argv) -{ - char *tmp; - int c; - - if (macnum == 16) { - printf("Limit of 16 macros have already been defined\n"); - code = -1; - return; - } - if (argc < 2 && !another(&argc, &argv, "macro name")) { - printf("Usage: %s macro_name\n",argv[0]); - code = -1; - return; - } - if (interactive) { - printf("Enter macro line by line, terminating it with a null line\n"); - } - strlcpy(macros[macnum].mac_name, - argv[1], - sizeof(macros[macnum].mac_name)); - if (macnum == 0) { - macros[macnum].mac_start = macbuf; - } - else { - macros[macnum].mac_start = macros[macnum - 1].mac_end + 1; - } - tmp = macros[macnum].mac_start; - while (tmp != macbuf+4096) { - if ((c = getchar()) == EOF) { - printf("macdef:end of file encountered\n"); - code = -1; - return; - } - if ((*tmp = c) == '\n') { - if (tmp == macros[macnum].mac_start) { - macros[macnum++].mac_end = tmp; - code = 0; - return; - } - if (*(tmp-1) == '\0') { - macros[macnum++].mac_end = tmp - 1; - code = 0; - return; - } - *tmp = '\0'; - } - tmp++; - } - while (1) { - while ((c = getchar()) != '\n' && c != EOF) - /* LOOP */; - if (c == EOF || getchar() == '\n') { - printf("Macro not defined - 4k buffer exceeded\n"); - code = -1; - return; - } - } -} - -/* - * get size of file on remote machine - */ -void -sizecmd(int argc, char **argv) -{ - - if (argc < 2 && !another(&argc, &argv, "filename")) { - printf("usage: %s filename\n", argv[0]); - code = -1; - return; - } - command("SIZE %s", argv[1]); -} - -/* - * get last modification time of file on remote machine - */ -void -modtime(int argc, char **argv) -{ - int overbose; - - if (argc < 2 && !another(&argc, &argv, "filename")) { - printf("usage: %s filename\n", argv[0]); - code = -1; - return; - } - overbose = verbose; - if (debug == 0) - verbose = -1; - if (command("MDTM %s", argv[1]) == COMPLETE) { - int yy, mo, day, hour, min, sec; - sscanf(reply_string, "%*s %04d%02d%02d%02d%02d%02d", &yy, &mo, - &day, &hour, &min, &sec); - /* might want to print this in local time */ - printf("%s\t%02d/%02d/%04d %02d:%02d:%02d GMT\n", argv[1], - mo, day, yy, hour, min, sec); - } else - printf("%s\n", reply_string); - verbose = overbose; -} - -/* - * show status on reomte machine - */ -void -rmtstatus(int argc, char **argv) -{ - - command(argc > 1 ? "STAT %s" : "STAT" , argv[1]); -} - -/* - * get file if modtime is more recent than current file - */ -void -newer(int argc, char **argv) -{ - - if (getit(argc, argv, -1, curtype == TYPE_I ? "wb" : "w")) - printf("Local file \"%s\" is newer than remote file \"%s\"\n", - argv[2], argv[1]); -} diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c b/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c deleted file mode 100644 index 5dc96efa3672..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" - -/* - * User FTP -- Command Tables. - */ - -char accounthelp[] = "send account command to remote server"; -char appendhelp[] = "append to a file"; -char asciihelp[] = "set ascii transfer type"; -char beephelp[] = "beep when command completed"; -char binaryhelp[] = "set binary transfer type"; -char casehelp[] = "toggle mget upper/lower case id mapping"; -char cdhelp[] = "change remote working directory"; -char cduphelp[] = "change remote working directory to parent directory"; -char chmodhelp[] = "change file permissions of remote file"; -char connecthelp[] = "connect to remote tftp"; -char crhelp[] = "toggle carriage return stripping on ascii gets"; -char deletehelp[] = "delete remote file"; -char debughelp[] = "toggle/set debugging mode"; -char dirhelp[] = "list contents of remote directory"; -char disconhelp[] = "terminate ftp session"; -char domachelp[] = "execute macro"; -char formhelp[] = "set file transfer format"; -char globhelp[] = "toggle metacharacter expansion of local file names"; -char hashhelp[] = "toggle printing `#' for each buffer transferred"; -char helphelp[] = "print local help information"; -char idlehelp[] = "get (set) idle timer on remote side"; -char lcdhelp[] = "change local working directory"; -char lshelp[] = "list contents of remote directory"; -char macdefhelp[] = "define a macro"; -char mdeletehelp[] = "delete multiple files"; -char mdirhelp[] = "list contents of multiple remote directories"; -char mgethelp[] = "get multiple files"; -char mkdirhelp[] = "make directory on the remote machine"; -char mlshelp[] = "list contents of multiple remote directories"; -char modtimehelp[] = "show last modification time of remote file"; -char modehelp[] = "set file transfer mode"; -char mputhelp[] = "send multiple files"; -char newerhelp[] = "get file if remote file is newer than local file "; -char nlisthelp[] = "nlist contents of remote directory"; -char nmaphelp[] = "set templates for default file name mapping"; -char ntranshelp[] = "set translation table for default file name mapping"; -char porthelp[] = "toggle use of PORT cmd for each data connection"; -char prompthelp[] = "force interactive prompting on multiple commands"; -char proxyhelp[] = "issue command on alternate connection"; -char pwdhelp[] = "print working directory on remote machine"; -char quithelp[] = "terminate ftp session and exit"; -char quotehelp[] = "send arbitrary ftp command"; -char receivehelp[] = "receive file"; -char regethelp[] = "get file restarting at end of local file"; -char remotehelp[] = "get help from remote server"; -char renamehelp[] = "rename file"; -char restarthelp[]= "restart file transfer at bytecount"; -char rmdirhelp[] = "remove directory on the remote machine"; -char rmtstatushelp[]="show status of remote machine"; -char runiquehelp[] = "toggle store unique for local files"; -char resethelp[] = "clear queued command replies"; -char sendhelp[] = "send one file"; -char passivehelp[] = "enter passive transfer mode"; -char sitehelp[] = "send site specific command to remote server\n\t\tTry \"rhelp site\" or \"site help\" for more information"; -char shellhelp[] = "escape to the shell"; -char sizecmdhelp[] = "show size of remote file"; -char statushelp[] = "show current status"; -char structhelp[] = "set file transfer structure"; -char suniquehelp[] = "toggle store unique on remote machine"; -char systemhelp[] = "show remote system type"; -char tenexhelp[] = "set tenex file transfer type"; -char tracehelp[] = "toggle packet tracing"; -char typehelp[] = "set file transfer type"; -char umaskhelp[] = "get (set) umask on remote side"; -char userhelp[] = "send new user information"; -char verbosehelp[] = "toggle verbose mode"; - -char prothelp[] = "set protection level"; -#ifdef KRB4 -char kauthhelp[] = "get remote tokens"; -char klisthelp[] = "show remote tickets"; -char kdestroyhelp[] = "destroy remote tickets"; -char krbtkfilehelp[] = "set filename of remote tickets"; -char afsloghelp[] = "obtain remote AFS tokens"; -#endif - -struct cmd cmdtab[] = { - { "!", shellhelp, 0, 0, 0, shell }, - { "$", domachelp, 1, 0, 0, domacro }, - { "account", accounthelp, 0, 1, 1, account}, - { "append", appendhelp, 1, 1, 1, put }, - { "ascii", asciihelp, 0, 1, 1, setascii }, - { "bell", beephelp, 0, 0, 0, setbell }, - { "binary", binaryhelp, 0, 1, 1, setbinary }, - { "bye", quithelp, 0, 0, 0, quit }, - { "case", casehelp, 0, 0, 1, setcase }, - { "cd", cdhelp, 0, 1, 1, cd }, - { "cdup", cduphelp, 0, 1, 1, cdup }, - { "chmod", chmodhelp, 0, 1, 1, do_chmod }, - { "close", disconhelp, 0, 1, 1, disconnect }, - { "cr", crhelp, 0, 0, 0, setcr }, - { "delete", deletehelp, 0, 1, 1, delete }, - { "debug", debughelp, 0, 0, 0, setdebug }, - { "dir", dirhelp, 1, 1, 1, ls }, - { "disconnect", disconhelp, 0, 1, 1, disconnect }, - { "form", formhelp, 0, 1, 1, setform }, - { "get", receivehelp, 1, 1, 1, get }, - { "glob", globhelp, 0, 0, 0, setglob }, - { "hash", hashhelp, 0, 0, 0, sethash }, - { "help", helphelp, 0, 0, 1, help }, - { "idle", idlehelp, 0, 1, 1, ftp_idle }, - { "image", binaryhelp, 0, 1, 1, setbinary }, - { "lcd", lcdhelp, 0, 0, 0, lcd }, - { "ls", lshelp, 1, 1, 1, ls }, - { "macdef", macdefhelp, 0, 0, 0, macdef }, - { "mdelete", mdeletehelp, 1, 1, 1, mdelete }, - { "mdir", mdirhelp, 1, 1, 1, mls }, - { "mget", mgethelp, 1, 1, 1, mget }, - { "mkdir", mkdirhelp, 0, 1, 1, makedir }, - { "mls", mlshelp, 1, 1, 1, mls }, - { "mode", modehelp, 0, 1, 1, setftmode }, - { "modtime", modtimehelp, 0, 1, 1, modtime }, - { "mput", mputhelp, 1, 1, 1, mput }, - { "newer", newerhelp, 1, 1, 1, newer }, - { "nmap", nmaphelp, 0, 0, 1, setnmap }, - { "nlist", nlisthelp, 1, 1, 1, ls }, - { "ntrans", ntranshelp, 0, 0, 1, setntrans }, - { "open", connecthelp, 0, 0, 1, setpeer }, - { "passive", passivehelp, 0, 0, 0, setpassive }, - { "prompt", prompthelp, 0, 0, 0, setprompt }, - { "proxy", proxyhelp, 0, 0, 1, doproxy }, - { "sendport", porthelp, 0, 0, 0, setport }, - { "put", sendhelp, 1, 1, 1, put }, - { "pwd", pwdhelp, 0, 1, 1, pwd }, - { "quit", quithelp, 0, 0, 0, quit }, - { "quote", quotehelp, 1, 1, 1, quote }, - { "recv", receivehelp, 1, 1, 1, get }, - { "reget", regethelp, 1, 1, 1, reget }, - { "rstatus", rmtstatushelp, 0, 1, 1, rmtstatus }, - { "rhelp", remotehelp, 0, 1, 1, rmthelp }, - { "rename", renamehelp, 0, 1, 1, renamefile }, - { "reset", resethelp, 0, 1, 1, reset }, - { "restart", restarthelp, 1, 1, 1, restart }, - { "rmdir", rmdirhelp, 0, 1, 1, removedir }, - { "runique", runiquehelp, 0, 0, 1, setrunique }, - { "send", sendhelp, 1, 1, 1, put }, - { "site", sitehelp, 0, 1, 1, site }, - { "size", sizecmdhelp, 1, 1, 1, sizecmd }, - { "status", statushelp, 0, 0, 1, status }, - { "struct", structhelp, 0, 1, 1, setstruct }, - { "system", systemhelp, 0, 1, 1, syst }, - { "sunique", suniquehelp, 0, 0, 1, setsunique }, - { "tenex", tenexhelp, 0, 1, 1, settenex }, - { "trace", tracehelp, 0, 0, 0, settrace }, - { "type", typehelp, 0, 1, 1, settype }, - { "user", userhelp, 0, 1, 1, user }, - { "umask", umaskhelp, 0, 1, 1, do_umask }, - { "verbose", verbosehelp, 0, 0, 0, setverbose }, - { "?", helphelp, 0, 0, 1, help }, - - { "prot", prothelp, 0, 1, 0, sec_prot }, -#ifdef KRB4 - { "kauth", kauthhelp, 0, 1, 0, kauth }, - { "klist", klisthelp, 0, 1, 0, klist }, - { "kdestroy", kdestroyhelp, 0, 1, 0, kdestroy }, - { "krbtkfile", krbtkfilehelp, 0, 1, 0, krbtkfile }, - { "afslog", afsloghelp, 0, 1, 0, afslog }, -#endif - - { 0 }, -}; - -int NCMDS = (sizeof (cmdtab) / sizeof (cmdtab[0])) - 1; diff --git a/crypto/kerberosIV/appl/ftp/ftp/domacro.c b/crypto/kerberosIV/appl/ftp/ftp/domacro.c deleted file mode 100644 index d91660d0144d..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/domacro.c +++ /dev/null @@ -1,138 +0,0 @@ -/* - * Copyright (c) 1985, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -RCSID("$Id: domacro.c,v 1.7 1999/09/16 20:37:29 assar Exp $"); - -void -domacro(int argc, char **argv) -{ - int i, j, count = 2, loopflg = 0; - char *cp1, *cp2, line2[200]; - struct cmd *c; - - if (argc < 2 && !another(&argc, &argv, "macro name")) { - printf("Usage: %s macro_name.\n", argv[0]); - code = -1; - return; - } - for (i = 0; i < macnum; ++i) { - if (!strncmp(argv[1], macros[i].mac_name, 9)) { - break; - } - } - if (i == macnum) { - printf("'%s' macro not found.\n", argv[1]); - code = -1; - return; - } - strlcpy(line2, line, sizeof(line2)); -TOP: - cp1 = macros[i].mac_start; - while (cp1 != macros[i].mac_end) { - while (isspace(*cp1)) { - cp1++; - } - cp2 = line; - while (*cp1 != '\0') { - switch(*cp1) { - case '\\': - *cp2++ = *++cp1; - break; - case '$': - if (isdigit(*(cp1+1))) { - j = 0; - while (isdigit(*++cp1)) { - j = 10*j + *cp1 - '0'; - } - cp1--; - if (argc - 2 >= j) { - strcpy(cp2, argv[j+1]); - cp2 += strlen(argv[j+1]); - } - break; - } - if (*(cp1+1) == 'i') { - loopflg = 1; - cp1++; - if (count < argc) { - strcpy(cp2, argv[count]); - cp2 += strlen(argv[count]); - } - break; - } - /* intentional drop through */ - default: - *cp2++ = *cp1; - break; - } - if (*cp1 != '\0') { - cp1++; - } - } - *cp2 = '\0'; - makeargv(); - c = getcmd(margv[0]); - if (c == (struct cmd *)-1) { - printf("?Ambiguous command\n"); - code = -1; - } - else if (c == 0) { - printf("?Invalid command\n"); - code = -1; - } - else if (c->c_conn && !connected) { - printf("Not connected.\n"); - code = -1; - } - else { - if (verbose) { - printf("%s\n",line); - } - (*c->c_handler)(margc, margv); - if (bell && c->c_bell) { - putchar('\007'); - } - strcpy(line, line2); - makeargv(); - argc = margc; - argv = margv; - } - if (cp1 != macros[i].mac_end) { - cp1++; - } - } - if (loopflg && ++count < argc) { - goto TOP; - } -} diff --git a/crypto/kerberosIV/appl/ftp/ftp/extern.h b/crypto/kerberosIV/appl/ftp/ftp/extern.h deleted file mode 100644 index d488ecd96f98..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/extern.h +++ /dev/null @@ -1,173 +0,0 @@ -/*- - * Copyright (c) 1994 The Regents of the University of California. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.3 (Berkeley) 10/9/94 - */ - -/* $Id: extern.h,v 1.18 1999/10/28 20:49:10 assar Exp $ */ - -#include -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif - -void abort_remote (FILE *); -void abortpt (int); -void abortrecv (int); -void account (int, char **); -int another (int *, char ***, char *); -void blkfree (char **); -void cd (int, char **); -void cdup (int, char **); -void changetype (int, int); -void cmdabort (int); -void cmdscanner (int); -int command (char *fmt, ...); -int confirm (char *, char *); -FILE *dataconn (const char *); -void delete (int, char **); -void disconnect (int, char **); -void do_chmod (int, char **); -void do_umask (int, char **); -void domacro (int, char **); -char *domap (char *); -void doproxy (int, char **); -char *dotrans (char *); -int empty (fd_set *, int); -void fatal (char *); -void get (int, char **); -struct cmd *getcmd (char *); -int getit (int, char **, int, char *); -int getreply (int); -int globulize (char **); -char *gunique (char *); -void help (int, char **); -char *hookup (const char *, int); -void ftp_idle (int, char **); -int initconn (void); -void intr (int); -void lcd (int, char **); -int login (char *); -RETSIGTYPE lostpeer (int); -void ls (int, char **); -void macdef (int, char **); -void makeargv (void); -void makedir (int, char **); -void mdelete (int, char **); -void mget (int, char **); -void mls (int, char **); -void modtime (int, char **); -void mput (int, char **); -char *onoff (int); -void newer (int, char **); -void proxtrans (char *, char *, char *); -void psabort (int); -void pswitch (int); -void ptransfer (char *, long, struct timeval *, struct timeval *); -void put (int, char **); -void pwd (int, char **); -void quit (int, char **); -void quote (int, char **); -void quote1 (char *, int, char **); -void recvrequest (char *, char *, char *, char *, int, int); -void reget (int, char **); -char *remglob (char **, int); -void removedir (int, char **); -void renamefile (int, char **); -void reset (int, char **); -void restart (int, char **); -void rmthelp (int, char **); -void rmtstatus (int, char **); -int ruserpass (char *, char **, char **, char **); -void sendrequest (char *, char *, char *, char *, int); -void setascii (int, char **); -void setbell (int, char **); -void setbinary (int, char **); -void setcase (int, char **); -void setcr (int, char **); -void setdebug (int, char **); -void setform (int, char **); -void setftmode (int, char **); -void setglob (int, char **); -void sethash (int, char **); -void setnmap (int, char **); -void setntrans (int, char **); -void setpassive (int, char **); -void setpeer (int, char **); -void setport (int, char **); -void setprompt (int, char **); -void setrunique (int, char **); -void setstruct (int, char **); -void setsunique (int, char **); -void settenex (int, char **); -void settrace (int, char **); -void settype (int, char **); -void setverbose (int, char **); -void shell (int, char **); -void site (int, char **); -void sizecmd (int, char **); -char *slurpstring (void); -void status (int, char **); -void syst (int, char **); -void tvsub (struct timeval *, struct timeval *, struct timeval *); -void user (int, char **); - -extern jmp_buf abortprox; -extern int abrtflag; -extern struct cmd cmdtab[]; -extern FILE *cout; -extern int data; -extern char *home; -extern jmp_buf jabort; -extern int proxy; -extern char reply_string[]; -extern off_t restart_point; -extern int NCMDS; - -extern char username[32]; -extern char myhostname[]; -extern char *mydomain; - -void afslog (int, char **); -void kauth (int, char **); -void kdestroy (int, char **); -void klist (int, char **); -void krbtkfile (int, char **); diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp.c b/crypto/kerberosIV/appl/ftp/ftp/ftp.c deleted file mode 100644 index 848debd778e1..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/ftp.c +++ /dev/null @@ -1,1752 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -RCSID ("$Id: ftp.c,v 1.60.2.1 2000/06/23 02:45:40 assar Exp $"); - -struct sockaddr_storage hisctladdr_ss; -struct sockaddr *hisctladdr = (struct sockaddr *)&hisctladdr_ss; -struct sockaddr_storage data_addr_ss; -struct sockaddr *data_addr = (struct sockaddr *)&data_addr_ss; -struct sockaddr_storage myctladdr_ss; -struct sockaddr *myctladdr = (struct sockaddr *)&myctladdr_ss; -int data = -1; -int abrtflag = 0; -jmp_buf ptabort; -int ptabflg; -int ptflag = 0; -off_t restart_point = 0; - - -FILE *cin, *cout; - -typedef void (*sighand) (int); - -char * -hookup (const char *host, int port) -{ - struct hostent *hp = NULL; - int s, len; - static char hostnamebuf[MaxHostNameLen]; - int error; - int af; - char **h; - int ret; - -#ifdef HAVE_IPV6 - if (hp == NULL) - hp = getipnodebyname (host, AF_INET6, 0, &error); -#endif - if (hp == NULL) - hp = getipnodebyname (host, AF_INET, 0, &error); - - if (hp == NULL) { - warnx ("%s: %s", host, hstrerror(error)); - code = -1; - return NULL; - } - strlcpy (hostnamebuf, hp->h_name, sizeof(hostnamebuf)); - hostname = hostnamebuf; - af = hisctladdr->sa_family = hp->h_addrtype; - - for (h = hp->h_addr_list; - *h != NULL; - ++h) { - - s = socket (af, SOCK_STREAM, 0); - if (s < 0) { - warn ("socket"); - code = -1; - freehostent (hp); - return (0); - } - - socket_set_address_and_port (hisctladdr, *h, port); - - ret = connect (s, hisctladdr, socket_sockaddr_size(hisctladdr)); - if (ret < 0) { - char addr[256]; - - if (inet_ntop (af, socket_get_address(hisctladdr), - addr, sizeof(addr)) == NULL) - strlcpy (addr, "unknown address", - sizeof(addr)); - warn ("connect %s", addr); - close (s); - continue; - } - break; - } - freehostent (hp); - if (ret < 0) { - code = -1; - close (s); - return NULL; - } - - len = sizeof(myctladdr_ss); - if (getsockname (s, myctladdr, &len) < 0) { - warn ("getsockname"); - code = -1; - close (s); - return NULL; - } -#ifdef IPTOS_LOWDELAY - socket_set_tos (s, IPTOS_LOWDELAY); -#endif - cin = fdopen (s, "r"); - cout = fdopen (s, "w"); - if (cin == NULL || cout == NULL) { - warnx ("fdopen failed."); - if (cin) - fclose (cin); - if (cout) - fclose (cout); - code = -1; - goto bad; - } - if (verbose) - printf ("Connected to %s.\n", hostname); - if (getreply (0) > 2) { /* read startup message from server */ - if (cin) - fclose (cin); - if (cout) - fclose (cout); - code = -1; - goto bad; - } -#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT) - { - int on = 1; - - if (setsockopt (s, SOL_SOCKET, SO_OOBINLINE, (char *) &on, sizeof (on)) - < 0 && debug) { - warn ("setsockopt"); - } - } -#endif /* SO_OOBINLINE */ - - return (hostname); -bad: - close (s); - return NULL; -} - -int -login (char *host) -{ - char tmp[80]; - char defaultpass[128]; - char *user, *pass, *acct; - int n, aflag = 0; - - char *myname = NULL; - struct passwd *pw = k_getpwuid(getuid()); - - if (pw != NULL) - myname = pw->pw_name; - - user = pass = acct = 0; - - if(sec_login(host)) - printf("\n*** Using plaintext user and password ***\n\n"); - else{ - printf("Authentication successful.\n\n"); - } - - if (ruserpass (host, &user, &pass, &acct) < 0) { - code = -1; - return (0); - } - while (user == NULL) { - if (myname) - printf ("Name (%s:%s): ", host, myname); - else - printf ("Name (%s): ", host); - *tmp = '\0'; - if (fgets (tmp, sizeof (tmp) - 1, stdin) != NULL) - tmp[strlen (tmp) - 1] = '\0'; - if (*tmp == '\0') - user = myname; - else - user = tmp; - } - strlcpy(username, user, sizeof(username)); - n = command("USER %s", user); - if (n == CONTINUE) { - if (pass == NULL) { - char prompt[128]; - if(myname && - (!strcmp(user, "ftp") || !strcmp(user, "anonymous"))) { - snprintf(defaultpass, sizeof(defaultpass), - "%s@%s", myname, mydomain); - snprintf(prompt, sizeof(prompt), - "Password (%s): ", defaultpass); - } else if (sec_complete) { - pass = myname; - } else { - *defaultpass = '\0'; - snprintf(prompt, sizeof(prompt), "Password: "); - } - if (pass == NULL) { - pass = defaultpass; - des_read_pw_string (tmp, sizeof (tmp), prompt, 0); - if (tmp[0]) - pass = tmp; - } - } - n = command ("PASS %s", pass); - } - if (n == CONTINUE) { - aflag++; - acct = tmp; - des_read_pw_string (acct, 128, "Account:", 0); - n = command ("ACCT %s", acct); - } - if (n != COMPLETE) { - warnx ("Login failed."); - return (0); - } - if (!aflag && acct != NULL) - command ("ACCT %s", acct); - if (proxy) - return (1); - for (n = 0; n < macnum; ++n) { - if (!strcmp("init", macros[n].mac_name)) { - strlcpy (line, "$init", sizeof (line)); - makeargv(); - domacro(margc, margv); - break; - } - } - sec_set_protection_level (); - return (1); -} - -void -cmdabort (int sig) -{ - - printf ("\n"); - fflush (stdout); - abrtflag++; - if (ptflag) - longjmp (ptabort, 1); -} - -int -command (char *fmt,...) -{ - va_list ap; - int r; - sighand oldintr; - - abrtflag = 0; - if (cout == NULL) { - warn ("No control connection for command"); - code = -1; - return (0); - } - oldintr = signal(SIGINT, cmdabort); - va_start(ap, fmt); - if(debug){ - printf("---> "); - if (strncmp("PASS ", fmt, 5) == 0) - printf("PASS XXXX"); - else - vfprintf(stdout, fmt, ap); - va_start(ap, fmt); - } - sec_vfprintf(cout, fmt, ap); - va_end(ap); - if(debug){ - printf("\n"); - fflush(stdout); - } - fprintf (cout, "\r\n"); - fflush (cout); - cpend = 1; - r = getreply (!strcmp (fmt, "QUIT")); - if (abrtflag && oldintr != SIG_IGN) - (*oldintr) (SIGINT); - signal (SIGINT, oldintr); - return (r); -} - -char reply_string[BUFSIZ]; /* last line of previous reply */ - -int -getreply (int expecteof) -{ - char *p; - char *lead_string; - int c; - struct sigaction sa, osa; - char buf[1024]; - - sigemptyset (&sa.sa_mask); - sa.sa_flags = 0; - sa.sa_handler = cmdabort; - sigaction (SIGINT, &sa, &osa); - - p = buf; - - while (1) { - c = getc (cin); - switch (c) { - case EOF: - if (expecteof) { - sigaction (SIGINT, &osa, NULL); - code = 221; - return 0; - } - lostpeer (0); - if (verbose) { - printf ("421 Service not available, " - "remote server has closed connection\n"); - fflush (stdout); - } - code = 421; - return (4); - case IAC: - c = getc (cin); - if (c == WILL || c == WONT) - fprintf (cout, "%c%c%c", IAC, DONT, getc (cin)); - if (c == DO || c == DONT) - fprintf (cout, "%c%c%c", IAC, WONT, getc (cin)); - continue; - case '\n': - *p++ = '\0'; - if(isdigit(buf[0])){ - sscanf(buf, "%d", &code); - if(code == 631){ - sec_read_msg(buf, prot_safe); - sscanf(buf, "%d", &code); - lead_string = "S:"; - } else if(code == 632){ - sec_read_msg(buf, prot_private); - sscanf(buf, "%d", &code); - lead_string = "P:"; - }else if(code == 633){ - sec_read_msg(buf, prot_confidential); - sscanf(buf, "%d", &code); - lead_string = "C:"; - }else if(sec_complete) - lead_string = "!!"; - else - lead_string = ""; - if (verbose > 0 || (verbose > -1 && code > 499)) - fprintf (stdout, "%s%s\n", lead_string, buf); - if (buf[3] == ' ') { - strcpy (reply_string, buf); - if (code >= 200) - cpend = 0; - sigaction (SIGINT, &osa, NULL); - if (code == 421) - lostpeer (0); -#if 1 - if (abrtflag && - osa.sa_handler != cmdabort && - osa.sa_handler != SIG_IGN) - osa.sa_handler (SIGINT); -#endif - if (code == 227 || code == 229) { - char *p, *q; - - pasv[0] = 0; - p = strchr (reply_string, '('); - if (p) { - p++; - q = strchr(p, ')'); - if(q){ - memcpy (pasv, p, q - p); - pasv[q - p] = 0; - } - } - } - return code / 100; - } - }else{ - if(verbose > 0 || (verbose > -1 && code > 499)){ - if(sec_complete) - fprintf(stdout, "!!"); - fprintf(stdout, "%s\n", buf); - } - } - p = buf; - continue; - default: - *p++ = c; - } - } - -} - - -#if 0 -int -getreply (int expecteof) -{ - int c, n; - int dig; - int originalcode = 0, continuation = 0; - sighand oldintr; - int pflag = 0; - char *cp, *pt = pasv; - - oldintr = signal (SIGINT, cmdabort); - for (;;) { - dig = n = code = 0; - cp = reply_string; - while ((c = getc (cin)) != '\n') { - if (c == IAC) { /* handle telnet commands */ - switch (c = getc (cin)) { - case WILL: - case WONT: - c = getc (cin); - fprintf (cout, "%c%c%c", IAC, DONT, c); - fflush (cout); - break; - case DO: - case DONT: - c = getc (cin); - fprintf (cout, "%c%c%c", IAC, WONT, c); - fflush (cout); - break; - default: - break; - } - continue; - } - dig++; - if (c == EOF) { - if (expecteof) { - signal (SIGINT, oldintr); - code = 221; - return (0); - } - lostpeer (0); - if (verbose) { - printf ("421 Service not available, remote server has closed connection\n"); - fflush (stdout); - } - code = 421; - return (4); - } - if (c != '\r' && (verbose > 0 || - (verbose > -1 && n == '5' && dig > 4))) { - if (proxflag && - (dig == 1 || dig == 5 && verbose == 0)) - printf ("%s:", hostname); - putchar (c); - } - if (dig < 4 && isdigit (c)) - code = code * 10 + (c - '0'); - if (!pflag && code == 227) - pflag = 1; - if (dig > 4 && pflag == 1 && isdigit (c)) - pflag = 2; - if (pflag == 2) { - if (c != '\r' && c != ')') - *pt++ = c; - else { - *pt = '\0'; - pflag = 3; - } - } - if (dig == 4 && c == '-') { - if (continuation) - code = 0; - continuation++; - } - if (n == 0) - n = c; - if (cp < &reply_string[sizeof (reply_string) - 1]) - *cp++ = c; - } - if (verbose > 0 || verbose > -1 && n == '5') { - putchar (c); - fflush (stdout); - } - if (continuation && code != originalcode) { - if (originalcode == 0) - originalcode = code; - continue; - } - *cp = '\0'; - if(sec_complete){ - if(code == 631) - sec_read_msg(reply_string, prot_safe); - else if(code == 632) - sec_read_msg(reply_string, prot_private); - else if(code == 633) - sec_read_msg(reply_string, prot_confidential); - n = code / 100 + '0'; - } - if (n != '1') - cpend = 0; - signal (SIGINT, oldintr); - if (code == 421 || originalcode == 421) - lostpeer (0); - if (abrtflag && oldintr != cmdabort && oldintr != SIG_IGN) - (*oldintr) (SIGINT); - return (n - '0'); - } -} - -#endif - -int -empty (fd_set * mask, int sec) -{ - struct timeval t; - - t.tv_sec = (long) sec; - t.tv_usec = 0; - return (select (32, mask, NULL, NULL, &t)); -} - -jmp_buf sendabort; - -static RETSIGTYPE -abortsend (int sig) -{ - - mflag = 0; - abrtflag = 0; - printf ("\nsend aborted\nwaiting for remote to finish abort\n"); - fflush (stdout); - longjmp (sendabort, 1); -} - -#define HASHBYTES 1024 - -static int -copy_stream (FILE * from, FILE * to) -{ - static size_t bufsize; - static char *buf; - int n; - int bytes = 0; - int werr = 0; - int hashbytes = HASHBYTES; - struct stat st; - -#if defined(HAVE_MMAP) && !defined(NO_MMAP) - void *chunk; - -#ifndef MAP_FAILED -#define MAP_FAILED (-1) -#endif - - if (fstat (fileno (from), &st) == 0 && S_ISREG (st.st_mode)) { - /* - * mmap zero bytes has potential of loosing, don't do it. - */ - if (st.st_size == 0) - return 0; - chunk = mmap (0, st.st_size, PROT_READ, MAP_SHARED, fileno (from), 0); - if (chunk != (void *) MAP_FAILED) { - int res; - - res = sec_write (fileno (to), chunk, st.st_size); - if (munmap (chunk, st.st_size) < 0) - warn ("munmap"); - sec_fflush (to); - return res; - } - } -#endif - - buf = alloc_buffer (buf, &bufsize, - fstat (fileno (from), &st) >= 0 ? &st : NULL); - if (buf == NULL) - return -1; - - while ((n = read (fileno (from), buf, bufsize)) > 0) { - werr = sec_write (fileno (to), buf, n); - if (werr < 0) - break; - bytes += werr; - while (hash && bytes > hashbytes) { - putchar ('#'); - hashbytes += HASHBYTES; - } - } - sec_fflush (to); - if (n < 0) - warn ("local"); - - if (werr < 0) { - if (errno != EPIPE) - warn ("netout"); - bytes = -1; - } - return bytes; -} - -void -sendrequest (char *cmd, char *local, char *remote, char *lmode, int printnames) -{ - struct stat st; - struct timeval start, stop; - int c, d; - FILE *fin, *dout = 0; - int (*closefunc) (FILE *); - RETSIGTYPE (*oldintr)(), (*oldintp)(); - long bytes = 0, hashbytes = HASHBYTES; - char *rmode = "w"; - - if (verbose && printnames) { - if (local && strcmp (local, "-") != 0) - printf ("local: %s ", local); - if (remote) - printf ("remote: %s\n", remote); - } - if (proxy) { - proxtrans (cmd, local, remote); - return; - } - if (curtype != type) - changetype (type, 0); - closefunc = NULL; - oldintr = NULL; - oldintp = NULL; - - if (setjmp (sendabort)) { - while (cpend) { - getreply (0); - } - if (data >= 0) { - close (data); - data = -1; - } - if (oldintr) - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - code = -1; - return; - } - oldintr = signal (SIGINT, abortsend); - if (strcmp (local, "-") == 0) - fin = stdin; - else if (*local == '|') { - oldintp = signal (SIGPIPE, SIG_IGN); - fin = popen (local + 1, lmode); - if (fin == NULL) { - warn ("%s", local + 1); - signal (SIGINT, oldintr); - signal (SIGPIPE, oldintp); - code = -1; - return; - } - closefunc = pclose; - } else { - fin = fopen (local, lmode); - if (fin == NULL) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - code = -1; - return; - } - closefunc = fclose; - if (fstat (fileno (fin), &st) < 0 || - (st.st_mode & S_IFMT) != S_IFREG) { - fprintf (stdout, "%s: not a plain file.\n", local); - signal (SIGINT, oldintr); - fclose (fin); - code = -1; - return; - } - } - if (initconn ()) { - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - code = -1; - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - if (setjmp (sendabort)) - goto abort; - - if (restart_point && - (strcmp (cmd, "STOR") == 0 || strcmp (cmd, "APPE") == 0)) { - int rc; - - switch (curtype) { - case TYPE_A: - rc = fseek (fin, (long) restart_point, SEEK_SET); - break; - case TYPE_I: - case TYPE_L: - rc = lseek (fileno (fin), restart_point, SEEK_SET); - break; - } - if (rc < 0) { - warn ("local: %s", local); - restart_point = 0; - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - if (command ("REST %ld", (long) restart_point) - != CONTINUE) { - restart_point = 0; - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - restart_point = 0; - rmode = "r+w"; - } - if (remote) { - if (command ("%s %s", cmd, remote) != PRELIM) { - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - if (closefunc != NULL) - (*closefunc) (fin); - return; - } - } else if (command ("%s", cmd) != PRELIM) { - signal(SIGINT, oldintr); - if (oldintp) - signal(SIGPIPE, oldintp); - if (closefunc != NULL) - (*closefunc)(fin); - return; - } - dout = dataconn(rmode); - if (dout == NULL) - goto abort; - set_buffer_size (fileno (dout), 0); - gettimeofday (&start, (struct timezone *) 0); - oldintp = signal (SIGPIPE, SIG_IGN); - switch (curtype) { - - case TYPE_I: - case TYPE_L: - errno = d = c = 0; - bytes = copy_stream (fin, dout); - break; - - case TYPE_A: - while ((c = getc (fin)) != EOF) { - if (c == '\n') { - while (hash && (bytes >= hashbytes)) { - putchar ('#'); - fflush (stdout); - hashbytes += HASHBYTES; - } - if (ferror (dout)) - break; - sec_putc ('\r', dout); - bytes++; - } - sec_putc (c, dout); - bytes++; - } - sec_fflush (dout); - if (hash) { - if (bytes < hashbytes) - putchar ('#'); - putchar ('\n'); - fflush (stdout); - } - if (ferror (fin)) - warn ("local: %s", local); - if (ferror (dout)) { - if (errno != EPIPE) - warn ("netout"); - bytes = -1; - } - break; - } - if (closefunc != NULL) - (*closefunc) (fin); - fclose (dout); - gettimeofday (&stop, (struct timezone *) 0); - getreply (0); - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - if (bytes > 0) - ptransfer ("sent", bytes, &start, &stop); - return; -abort: - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - if (!cpend) { - code = -1; - return; - } - if (data >= 0) { - close (data); - data = -1; - } - if (dout) - fclose (dout); - getreply (0); - code = -1; - if (closefunc != NULL && fin != NULL) - (*closefunc) (fin); - gettimeofday (&stop, (struct timezone *) 0); - if (bytes > 0) - ptransfer ("sent", bytes, &start, &stop); -} - -jmp_buf recvabort; - -void -abortrecv (int sig) -{ - - mflag = 0; - abrtflag = 0; - printf ("\nreceive aborted\nwaiting for remote to finish abort\n"); - fflush (stdout); - longjmp (recvabort, 1); -} - -void -recvrequest (char *cmd, char *local, char *remote, - char *lmode, int printnames, int local_given) -{ - FILE *fout, *din = 0; - int (*closefunc) (FILE *); - sighand oldintr, oldintp; - int c, d, is_retr, tcrflag, bare_lfs = 0; - static size_t bufsize; - static char *buf; - long bytes = 0, hashbytes = HASHBYTES; - struct timeval start, stop; - struct stat st; - - is_retr = strcmp (cmd, "RETR") == 0; - if (is_retr && verbose && printnames) { - if (local && strcmp (local, "-") != 0) - printf ("local: %s ", local); - if (remote) - printf ("remote: %s\n", remote); - } - if (proxy && is_retr) { - proxtrans (cmd, local, remote); - return; - } - closefunc = NULL; - oldintr = NULL; - oldintp = NULL; - tcrflag = !crflag && is_retr; - if (setjmp (recvabort)) { - while (cpend) { - getreply (0); - } - if (data >= 0) { - close (data); - data = -1; - } - if (oldintr) - signal (SIGINT, oldintr); - code = -1; - return; - } - oldintr = signal (SIGINT, abortrecv); - if (!local_given || (strcmp (local, "-") && *local != '|')) { - if (access (local, 2) < 0) { - char *dir = strrchr (local, '/'); - - if (errno != ENOENT && errno != EACCES) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - code = -1; - return; - } - if (dir != NULL) - *dir = 0; - d = access (dir ? local : ".", 2); - if (dir != NULL) - *dir = '/'; - if (d < 0) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - code = -1; - return; - } - if (!runique && errno == EACCES && - chmod (local, 0600) < 0) { - warn ("local: %s", local); - signal (SIGINT, oldintr); - signal (SIGINT, oldintr); - code = -1; - return; - } - if (runique && errno == EACCES && - (local = gunique (local)) == NULL) { - signal (SIGINT, oldintr); - code = -1; - return; - } - } else if (runique && (local = gunique (local)) == NULL) { - signal(SIGINT, oldintr); - code = -1; - return; - } - } - if (!is_retr) { - if (curtype != TYPE_A) - changetype (TYPE_A, 0); - } else if (curtype != type) - changetype (type, 0); - if (initconn ()) { - signal (SIGINT, oldintr); - code = -1; - return; - } - if (setjmp (recvabort)) - goto abort; - if (is_retr && restart_point && - command ("REST %ld", (long) restart_point) != CONTINUE) - return; - if (remote) { - if (command ("%s %s", cmd, remote) != PRELIM) { - signal (SIGINT, oldintr); - return; - } - } else { - if (command ("%s", cmd) != PRELIM) { - signal (SIGINT, oldintr); - return; - } - } - din = dataconn ("r"); - if (din == NULL) - goto abort; - set_buffer_size (fileno (din), 1); - if (local_given && strcmp (local, "-") == 0) - fout = stdout; - else if (local_given && *local == '|') { - oldintp = signal (SIGPIPE, SIG_IGN); - fout = popen (local + 1, "w"); - if (fout == NULL) { - warn ("%s", local + 1); - goto abort; - } - closefunc = pclose; - } else { - fout = fopen (local, lmode); - if (fout == NULL) { - warn ("local: %s", local); - goto abort; - } - closefunc = fclose; - } - buf = alloc_buffer (buf, &bufsize, - fstat (fileno (fout), &st) >= 0 ? &st : NULL); - if (buf == NULL) - goto abort; - - gettimeofday (&start, (struct timezone *) 0); - switch (curtype) { - - case TYPE_I: - case TYPE_L: - if (restart_point && - lseek (fileno (fout), restart_point, SEEK_SET) < 0) { - warn ("local: %s", local); - if (closefunc != NULL) - (*closefunc) (fout); - return; - } - errno = d = 0; - while ((c = sec_read (fileno (din), buf, bufsize)) > 0) { - if ((d = write (fileno (fout), buf, c)) != c) - break; - bytes += c; - if (hash) { - while (bytes >= hashbytes) { - putchar ('#'); - hashbytes += HASHBYTES; - } - fflush (stdout); - } - } - if (hash && bytes > 0) { - if (bytes < HASHBYTES) - putchar ('#'); - putchar ('\n'); - fflush (stdout); - } - if (c < 0) { - if (errno != EPIPE) - warn ("netin"); - bytes = -1; - } - if (d < c) { - if (d < 0) - warn ("local: %s", local); - else - warnx ("%s: short write", local); - } - break; - - case TYPE_A: - if (restart_point) { - int i, n, ch; - - if (fseek (fout, 0L, SEEK_SET) < 0) - goto done; - n = restart_point; - for (i = 0; i++ < n;) { - if ((ch = sec_getc (fout)) == EOF) - goto done; - if (ch == '\n') - i++; - } - if (fseek (fout, 0L, SEEK_CUR) < 0) { - done: - warn ("local: %s", local); - if (closefunc != NULL) - (*closefunc) (fout); - return; - } - } - while ((c = sec_getc(din)) != EOF) { - if (c == '\n') - bare_lfs++; - while (c == '\r') { - while (hash && (bytes >= hashbytes)) { - putchar ('#'); - fflush (stdout); - hashbytes += HASHBYTES; - } - bytes++; - if ((c = sec_getc (din)) != '\n' || tcrflag) { - if (ferror (fout)) - goto break2; - putc ('\r', fout); - if (c == '\0') { - bytes++; - goto contin2; - } - if (c == EOF) - goto contin2; - } - } - putc (c, fout); - bytes++; - contin2:; - } -break2: - if (bare_lfs) { - printf ("WARNING! %d bare linefeeds received in ASCII mode\n", - bare_lfs); - printf ("File may not have transferred correctly.\n"); - } - if (hash) { - if (bytes < hashbytes) - putchar ('#'); - putchar ('\n'); - fflush (stdout); - } - if (ferror (din)) { - if (errno != EPIPE) - warn ("netin"); - bytes = -1; - } - if (ferror (fout)) - warn ("local: %s", local); - break; - } - if (closefunc != NULL) - (*closefunc) (fout); - signal (SIGINT, oldintr); - if (oldintp) - signal (SIGPIPE, oldintp); - fclose (din); - gettimeofday (&stop, (struct timezone *) 0); - getreply (0); - if (bytes > 0 && is_retr) - ptransfer ("received", bytes, &start, &stop); - return; -abort: - - /* abort using RFC959 recommended IP,SYNC sequence */ - - if (oldintp) - signal (SIGPIPE, oldintr); - signal (SIGINT, SIG_IGN); - if (!cpend) { - code = -1; - signal (SIGINT, oldintr); - return; - } - abort_remote(din); - code = -1; - if (data >= 0) { - close (data); - data = -1; - } - if (closefunc != NULL && fout != NULL) - (*closefunc) (fout); - if (din) - fclose (din); - gettimeofday (&stop, (struct timezone *) 0); - if (bytes > 0) - ptransfer ("received", bytes, &start, &stop); - signal (SIGINT, oldintr); -} - -static int -parse_epsv (const char *str) -{ - char sep; - char *end; - int port; - - if (*str == '\0') - return -1; - sep = *str++; - if (sep != *str++) - return -1; - if (sep != *str++) - return -1; - port = strtol (str, &end, 0); - if (str == end) - return -1; - if (end[0] != sep || end[1] != '\0') - return -1; - return htons(port); -} - -static int -parse_pasv (struct sockaddr_in *sin, const char *str) -{ - int a0, a1, a2, a3, p0, p1; - - /* - * What we've got at this point is a string of comma separated - * one-byte unsigned integer values. The first four are the an IP - * address. The fifth is the MSB of the port number, the sixth is the - * LSB. From that we'll prepare a sockaddr_in. - */ - - if (sscanf (str, "%d,%d,%d,%d,%d,%d", - &a0, &a1, &a2, &a3, &p0, &p1) != 6) { - printf ("Passive mode address scan failure. " - "Shouldn't happen!\n"); - return -1; - } - if (a0 < 0 || a0 > 255 || - a1 < 0 || a1 > 255 || - a2 < 0 || a2 > 255 || - a3 < 0 || a3 > 255 || - p0 < 0 || p0 > 255 || - p1 < 0 || p1 > 255) { - printf ("Can't parse passive mode string.\n"); - return -1; - } - memset (sin, 0, sizeof(*sin)); - sin->sin_family = AF_INET; - sin->sin_addr.s_addr = htonl ((a0 << 24) | (a1 << 16) | - (a2 << 8) | a3); - sin->sin_port = htons ((p0 << 8) | p1); - return 0; -} - -static int -passive_mode (void) -{ - int port; - - data = socket (myctladdr->sa_family, SOCK_STREAM, 0); - if (data < 0) { - warn ("socket"); - return (1); - } - if (options & SO_DEBUG) - socket_set_debug (data); - if (command ("EPSV") != COMPLETE) { - if (command ("PASV") != COMPLETE) { - printf ("Passive mode refused.\n"); - goto bad; - } - } - - /* - * Parse the reply to EPSV or PASV - */ - - port = parse_epsv (pasv); - if (port > 0) { - data_addr->sa_family = myctladdr->sa_family; - socket_set_address_and_port (data_addr, - socket_get_address (hisctladdr), - port); - } else { - if (parse_pasv ((struct sockaddr_in *)data_addr, pasv) < 0) - goto bad; - } - - if (connect (data, data_addr, socket_sockaddr_size (data_addr)) < 0) { - warn ("connect"); - goto bad; - } -#ifdef IPTOS_THROUGHPUT - socket_set_tos (data, IPTOS_THROUGHPUT); -#endif - return (0); -bad: - close (data); - data = -1; - sendport = 1; - return (1); -} - - -static int -active_mode (void) -{ - int tmpno = 0; - int len; - int result; - -noport: - data_addr->sa_family = myctladdr->sa_family; - socket_set_address_and_port (data_addr, socket_get_address (myctladdr), - sendport ? 0 : socket_get_port (myctladdr)); - - if (data != -1) - close (data); - data = socket (data_addr->sa_family, SOCK_STREAM, 0); - if (data < 0) { - warn ("socket"); - if (tmpno) - sendport = 1; - return (1); - } - if (!sendport) - socket_set_reuseaddr (data, 1); - if (bind (data, data_addr, socket_sockaddr_size (data_addr)) < 0) { - warn ("bind"); - goto bad; - } - if (options & SO_DEBUG) - socket_set_debug (data); - len = sizeof (data_addr_ss); - if (getsockname (data, data_addr, &len) < 0) { - warn ("getsockname"); - goto bad; - } - if (listen (data, 1) < 0) - warn ("listen"); - if (sendport) { - char *cmd; - char addr_str[256]; - int inet_af; - int overbose; - - if (inet_ntop (data_addr->sa_family, socket_get_address (data_addr), - addr_str, sizeof(addr_str)) == NULL) - errx (1, "inet_ntop failed"); - switch (data_addr->sa_family) { - case AF_INET : - inet_af = 1; - break; -#ifdef HAVE_IPV6 - case AF_INET6 : - inet_af = 2; - break; -#endif - default : - errx (1, "bad address family %d", data_addr->sa_family); - } - - asprintf (&cmd, "EPRT |%d|%s|%d|", - inet_af, addr_str, ntohs(socket_get_port (data_addr))); - - overbose = verbose; - if (debug == 0) - verbose = -1; - - result = command (cmd); - - verbose = overbose; - - if (result == ERROR) { - struct sockaddr_in *sin = (struct sockaddr_in *)data_addr; - - unsigned int a = ntohl(sin->sin_addr.s_addr); - unsigned int p = ntohs(sin->sin_port); - - if (data_addr->sa_family != AF_INET) { - warnx ("remote server doesn't support EPRT"); - goto bad; - } - - result = command("PORT %d,%d,%d,%d,%d,%d", - (a >> 24) & 0xff, - (a >> 16) & 0xff, - (a >> 8) & 0xff, - a & 0xff, - (p >> 8) & 0xff, - p & 0xff); - if (result == ERROR && sendport == -1) { - sendport = 0; - tmpno = 1; - goto noport; - } - return (result != COMPLETE); - } - return result != COMPLETE; - } - if (tmpno) - sendport = 1; - - -#ifdef IPTOS_THROUGHPUT - socket_set_tos (data, IPTOS_THROUGHPUT); -#endif - return (0); -bad: - close (data); - data = -1; - if (tmpno) - sendport = 1; - return (1); -} - -/* - * Need to start a listen on the data channel before we send the command, - * otherwise the server's connect may fail. - */ -int -initconn (void) -{ - if (passivemode) - return passive_mode (); - else - return active_mode (); -} - -FILE * -dataconn (const char *lmode) -{ - struct sockaddr_storage from_ss; - struct sockaddr *from = (struct sockaddr *)&from_ss; - int s, fromlen = sizeof (from_ss); - - if (passivemode) - return (fdopen (data, lmode)); - - s = accept (data, from, &fromlen); - if (s < 0) { - warn ("accept"); - close (data), data = -1; - return (NULL); - } - close (data); - data = s; -#ifdef IPTOS_THROUGHPUT - socket_set_tos (s, IPTOS_THROUGHPUT); -#endif - return (fdopen (data, lmode)); -} - -void -ptransfer (char *direction, long int bytes, - struct timeval * t0, struct timeval * t1) -{ - struct timeval td; - float s; - float bs; - int prec; - char *unit; - - if (verbose) { - td.tv_sec = t1->tv_sec - t0->tv_sec; - td.tv_usec = t1->tv_usec - t0->tv_usec; - if (td.tv_usec < 0) { - td.tv_sec--; - td.tv_usec += 1000000; - } - s = td.tv_sec + (td.tv_usec / 1000000.); - bs = bytes / (s ? s : 1); - if (bs >= 1048576) { - bs /= 1048576; - unit = "M"; - prec = 2; - } else if (bs >= 1024) { - bs /= 1024; - unit = "k"; - prec = 1; - } else { - unit = ""; - prec = 0; - } - - printf ("%ld bytes %s in %.3g seconds (%.*f %sbyte/s)\n", - bytes, direction, s, prec, bs, unit); - } -} - -void -psabort (int sig) -{ - - abrtflag++; -} - -void -pswitch (int flag) -{ - sighand oldintr; - static struct comvars { - int connect; - char name[MaxHostNameLen]; - struct sockaddr_storage mctl; - struct sockaddr_storage hctl; - FILE *in; - FILE *out; - int tpe; - int curtpe; - int cpnd; - int sunqe; - int runqe; - int mcse; - int ntflg; - char nti[17]; - char nto[17]; - int mapflg; - char mi[MaxPathLen]; - char mo[MaxPathLen]; - } proxstruct, tmpstruct; - struct comvars *ip, *op; - - abrtflag = 0; - oldintr = signal (SIGINT, psabort); - if (flag) { - if (proxy) - return; - ip = &tmpstruct; - op = &proxstruct; - proxy++; - } else { - if (!proxy) - return; - ip = &proxstruct; - op = &tmpstruct; - proxy = 0; - } - ip->connect = connected; - connected = op->connect; - if (hostname) { - strlcpy (ip->name, hostname, sizeof (ip->name)); - } else - ip->name[0] = 0; - hostname = op->name; - ip->hctl = hisctladdr_ss; - hisctladdr_ss = op->hctl; - ip->mctl = myctladdr_ss; - myctladdr_ss = op->mctl; - ip->in = cin; - cin = op->in; - ip->out = cout; - cout = op->out; - ip->tpe = type; - type = op->tpe; - ip->curtpe = curtype; - curtype = op->curtpe; - ip->cpnd = cpend; - cpend = op->cpnd; - ip->sunqe = sunique; - sunique = op->sunqe; - ip->runqe = runique; - runique = op->runqe; - ip->mcse = mcase; - mcase = op->mcse; - ip->ntflg = ntflag; - ntflag = op->ntflg; - strlcpy (ip->nti, ntin, sizeof (ip->nti)); - strlcpy (ntin, op->nti, 17); - strlcpy (ip->nto, ntout, sizeof (ip->nto)); - strlcpy (ntout, op->nto, 17); - ip->mapflg = mapflag; - mapflag = op->mapflg; - strlcpy (ip->mi, mapin, MaxPathLen); - strlcpy (mapin, op->mi, MaxPathLen); - strlcpy (ip->mo, mapout, MaxPathLen); - strlcpy (mapout, op->mo, MaxPathLen); - signal(SIGINT, oldintr); - if (abrtflag) { - abrtflag = 0; - (*oldintr) (SIGINT); - } -} - -void -abortpt (int sig) -{ - - printf ("\n"); - fflush (stdout); - ptabflg++; - mflag = 0; - abrtflag = 0; - longjmp (ptabort, 1); -} - -void -proxtrans (char *cmd, char *local, char *remote) -{ - sighand oldintr; - int secndflag = 0, prox_type, nfnd; - char *cmd2; - fd_set mask; - - if (strcmp (cmd, "RETR")) - cmd2 = "RETR"; - else - cmd2 = runique ? "STOU" : "STOR"; - if ((prox_type = type) == 0) { - if (unix_server && unix_proxy) - prox_type = TYPE_I; - else - prox_type = TYPE_A; - } - if (curtype != prox_type) - changetype (prox_type, 1); - if (command ("PASV") != COMPLETE) { - printf ("proxy server does not support third party transfers.\n"); - return; - } - pswitch (0); - if (!connected) { - printf ("No primary connection\n"); - pswitch (1); - code = -1; - return; - } - if (curtype != prox_type) - changetype (prox_type, 1); - if (command ("PORT %s", pasv) != COMPLETE) { - pswitch (1); - return; - } - if (setjmp (ptabort)) - goto abort; - oldintr = signal (SIGINT, abortpt); - if (command ("%s %s", cmd, remote) != PRELIM) { - signal (SIGINT, oldintr); - pswitch (1); - return; - } - sleep (2); - pswitch (1); - secndflag++; - if (command ("%s %s", cmd2, local) != PRELIM) - goto abort; - ptflag++; - getreply (0); - pswitch (0); - getreply (0); - signal (SIGINT, oldintr); - pswitch (1); - ptflag = 0; - printf ("local: %s remote: %s\n", local, remote); - return; -abort: - signal (SIGINT, SIG_IGN); - ptflag = 0; - if (strcmp (cmd, "RETR") && !proxy) - pswitch (1); - else if (!strcmp (cmd, "RETR") && proxy) - pswitch (0); - if (!cpend && !secndflag) { /* only here if cmd = "STOR" (proxy=1) */ - if (command ("%s %s", cmd2, local) != PRELIM) { - pswitch (0); - if (cpend) - abort_remote ((FILE *) NULL); - } - pswitch (1); - if (ptabflg) - code = -1; - signal (SIGINT, oldintr); - return; - } - if (cpend) - abort_remote ((FILE *) NULL); - pswitch (!proxy); - if (!cpend && !secndflag) { /* only if cmd = "RETR" (proxy=1) */ - if (command ("%s %s", cmd2, local) != PRELIM) { - pswitch (0); - if (cpend) - abort_remote ((FILE *) NULL); - pswitch (1); - if (ptabflg) - code = -1; - signal (SIGINT, oldintr); - return; - } - } - if (cpend) - abort_remote ((FILE *) NULL); - pswitch (!proxy); - if (cpend) { - FD_ZERO (&mask); - FD_SET (fileno (cin), &mask); - if ((nfnd = empty (&mask, 10)) <= 0) { - if (nfnd < 0) { - warn ("abort"); - } - if (ptabflg) - code = -1; - lostpeer (0); - } - getreply (0); - getreply (0); - } - if (proxy) - pswitch (0); - pswitch (1); - if (ptabflg) - code = -1; - signal (SIGINT, oldintr); -} - -void -reset (int argc, char **argv) -{ - fd_set mask; - int nfnd = 1; - - FD_ZERO (&mask); - while (nfnd > 0) { - FD_SET (fileno (cin), &mask); - if ((nfnd = empty (&mask, 0)) < 0) { - warn ("reset"); - code = -1; - lostpeer(0); - } else if (nfnd) { - getreply(0); - } - } -} - -char * -gunique (char *local) -{ - static char new[MaxPathLen]; - char *cp = strrchr (local, '/'); - int d, count = 0; - char ext = '1'; - - if (cp) - *cp = '\0'; - d = access (cp ? local : ".", 2); - if (cp) - *cp = '/'; - if (d < 0) { - warn ("local: %s", local); - return NULL; - } - strlcpy (new, local, sizeof(new)); - cp = new + strlen(new); - *cp++ = '.'; - while (!d) { - if (++count == 100) { - printf ("runique: can't find unique file name.\n"); - return NULL; - } - *cp++ = ext; - *cp = '\0'; - if (ext == '9') - ext = '0'; - else - ext++; - if ((d = access (new, 0)) < 0) - break; - if (ext != '0') - cp--; - else if (*(cp - 2) == '.') - *(cp - 1) = '1'; - else { - *(cp - 2) = *(cp - 2) + 1; - cp--; - } - } - return (new); -} - -void -abort_remote (FILE * din) -{ - char buf[BUFSIZ]; - int nfnd; - fd_set mask; - - /* - * send IAC in urgent mode instead of DM because 4.3BSD places oob mark - * after urgent byte rather than before as is protocol now - */ - snprintf (buf, sizeof (buf), "%c%c%c", IAC, IP, IAC); - if (send (fileno (cout), buf, 3, MSG_OOB) != 3) - warn ("abort"); - fprintf (cout, "%cABOR\r\n", DM); - fflush (cout); - FD_ZERO (&mask); - FD_SET (fileno (cin), &mask); - if (din) { - FD_SET (fileno (din), &mask); - } - if ((nfnd = empty (&mask, 10)) <= 0) { - if (nfnd < 0) { - warn ("abort"); - } - if (ptabflg) - code = -1; - lostpeer (0); - } - if (din && FD_ISSET (fileno (din), &mask)) { - while (read (fileno (din), buf, BUFSIZ) > 0) - /* LOOP */ ; - } - if (getreply (0) == ERROR && code == 552) { - /* 552 needed for nic style abort */ - getreply (0); - } - getreply (0); -} diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h b/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h deleted file mode 100644 index 9bafdf638fc7..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h +++ /dev/null @@ -1,141 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ftp_locl.h,v 1.34 1999/12/02 16:58:29 joda Exp $ */ -/* $FreeBSD$ */ - -#ifndef __FTP_LOCL_H__ -#define __FTP_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include -#include -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif - -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif - -#ifdef HAVE_ARPA_FTP_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#include -#include -#include -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef HAVE_SYS_MMAN_H -#include -#endif - -#include - -#ifdef SOCKS -#include -extern int LIBPREFIX(fclose) (FILE *); - -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); - -#endif - -#include "ftp_var.h" -#include "extern.h" -#include "common.h" -#include "pathnames.h" - -#include "roken.h" -#include "security.h" -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include /* for des_read_pw_string */ - -#if defined(__sun__) && !defined(__svr4) -int fclose(FILE*); -int pclose(FILE*); -#endif - -#endif /* __FTP_LOCL_H__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp_var.h b/crypto/kerberosIV/appl/ftp/ftp/ftp_var.h deleted file mode 100644 index ffac59a50fa9..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/ftp_var.h +++ /dev/null @@ -1,127 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ftp_var.h 8.4 (Berkeley) 10/9/94 - */ - -/* - * FTP global variables. - */ - -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#include - -/* - * Options and other state info. - */ -extern int trace; /* trace packets exchanged */ -extern int hash; /* print # for each buffer transferred */ -extern int sendport; /* use PORT cmd for each data connection */ -extern int verbose; /* print messages coming back from server */ -extern int connected; /* connected to server */ -extern int fromatty; /* input is from a terminal */ -extern int interactive; /* interactively prompt on m* cmds */ -extern int debug; /* debugging level */ -extern int bell; /* ring bell on cmd completion */ -extern int doglob; /* glob local file names */ -extern int autologin; /* establish user account on connection */ -extern int proxy; /* proxy server connection active */ -extern int proxflag; /* proxy connection exists */ -extern int sunique; /* store files on server with unique name */ -extern int runique; /* store local files with unique name */ -extern int mcase; /* map upper to lower case for mget names */ -extern int ntflag; /* use ntin ntout tables for name translation */ -extern int mapflag; /* use mapin mapout templates on file names */ -extern int code; /* return/reply code for ftp command */ -extern int crflag; /* if 1, strip car. rets. on ascii gets */ -extern char pasv[64]; /* passive port for proxy data connection */ -extern int passivemode; /* passive mode enabled */ -extern char *altarg; /* argv[1] with no shell-like preprocessing */ -extern char ntin[17]; /* input translation table */ -extern char ntout[17]; /* output translation table */ -extern char mapin[MaxPathLen]; /* input map template */ -extern char mapout[MaxPathLen]; /* output map template */ -extern char typename[32]; /* name of file transfer type */ -extern int type; /* requested file transfer type */ -extern int curtype; /* current file transfer type */ -extern char structname[32]; /* name of file transfer structure */ -extern int stru; /* file transfer structure */ -extern char formname[32]; /* name of file transfer format */ -extern int form; /* file transfer format */ -extern char modename[32]; /* name of file transfer mode */ -extern int mode; /* file transfer mode */ -extern char bytename[32]; /* local byte size in ascii */ -extern int bytesize; /* local byte size in binary */ - -extern char *hostname; /* name of host connected to */ -extern int unix_server; /* server is unix, can use binary for ascii */ -extern int unix_proxy; /* proxy is unix, can use binary for ascii */ - -extern jmp_buf toplevel; /* non-local goto stuff for cmd scanner */ - -extern char line[200]; /* input line buffer */ -extern char *stringbase; /* current scan point in line buffer */ -extern char argbuf[200]; /* argument storage buffer */ -extern char *argbase; /* current storage point in arg buffer */ -extern int margc; /* count of arguments on input line */ -extern char **margv; /* args parsed from input line */ -extern int margvlen; /* how large margv is currently */ -extern int cpend; /* flag: if != 0, then pending server reply */ -extern int mflag; /* flag: if != 0, then active multi command */ - -extern int options; /* used during socket creation */ - -/* - * Format of command table. - */ -struct cmd { - char *c_name; /* name of command */ - char *c_help; /* help string */ - char c_bell; /* give bell when command completes */ - char c_conn; /* must be connected to use command */ - char c_proxy; /* proxy server may execute */ - void (*c_handler) (int, char **); /* function to call */ -}; - -struct macel { - char mac_name[9]; /* macro name */ - char *mac_start; /* start of macro in macbuf */ - char *mac_end; /* end of macro in macbuf */ -}; - -extern int macnum; /* number of defined macros */ -extern struct macel macros[16]; -extern char macbuf[4096]; - - diff --git a/crypto/kerberosIV/appl/ftp/ftp/globals.c b/crypto/kerberosIV/appl/ftp/ftp/globals.c deleted file mode 100644 index 7199e65c8c35..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/globals.c +++ /dev/null @@ -1,76 +0,0 @@ -#include "ftp_locl.h" -RCSID("$Id: globals.c,v 1.6 1996/08/26 22:46:26 assar Exp $"); - -/* - * Options and other state info. - */ -int trace; /* trace packets exchanged */ -int hash; /* print # for each buffer transferred */ -int sendport; /* use PORT cmd for each data connection */ -int verbose; /* print messages coming back from server */ -int connected; /* connected to server */ -int fromatty; /* input is from a terminal */ -int interactive; /* interactively prompt on m* cmds */ -int debug; /* debugging level */ -int bell; /* ring bell on cmd completion */ -int doglob; /* glob local file names */ -int autologin; /* establish user account on connection */ -int proxy; /* proxy server connection active */ -int proxflag; /* proxy connection exists */ -int sunique; /* store files on server with unique name */ -int runique; /* store local files with unique name */ -int mcase; /* map upper to lower case for mget names */ -int ntflag; /* use ntin ntout tables for name translation */ -int mapflag; /* use mapin mapout templates on file names */ -int code; /* return/reply code for ftp command */ -int crflag; /* if 1, strip car. rets. on ascii gets */ -char pasv[64]; /* passive port for proxy data connection */ -int passivemode; /* passive mode enabled */ -char *altarg; /* argv[1] with no shell-like preprocessing */ -char ntin[17]; /* input translation table */ -char ntout[17]; /* output translation table */ -char mapin[MaxPathLen]; /* input map template */ -char mapout[MaxPathLen]; /* output map template */ -char typename[32]; /* name of file transfer type */ -int type; /* requested file transfer type */ -int curtype; /* current file transfer type */ -char structname[32]; /* name of file transfer structure */ -int stru; /* file transfer structure */ -char formname[32]; /* name of file transfer format */ -int form; /* file transfer format */ -char modename[32]; /* name of file transfer mode */ -int mode; /* file transfer mode */ -char bytename[32]; /* local byte size in ascii */ -int bytesize; /* local byte size in binary */ - -char *hostname; /* name of host connected to */ -int unix_server; /* server is unix, can use binary for ascii */ -int unix_proxy; /* proxy is unix, can use binary for ascii */ - -jmp_buf toplevel; /* non-local goto stuff for cmd scanner */ - -char line[200]; /* input line buffer */ -char *stringbase; /* current scan point in line buffer */ -char argbuf[200]; /* argument storage buffer */ -char *argbase; /* current storage point in arg buffer */ -int margc; /* count of arguments on input line */ -char **margv; /* args parsed from input line */ -int margvlen; /* how large margv is currently */ -int cpend; /* flag: if != 0, then pending server reply */ -int mflag; /* flag: if != 0, then active multi command */ - -int options; /* used during socket creation */ - -/* - * Format of command table. - */ - -int macnum; /* number of defined macros */ -struct macel macros[16]; -char macbuf[4096]; - -char username[32]; - -/* these are set in ruserpass */ -char myhostname[MaxHostNameLen]; -char *mydomain; diff --git a/crypto/kerberosIV/appl/ftp/ftp/gssapi.c b/crypto/kerberosIV/appl/ftp/ftp/gssapi.c deleted file mode 100644 index d06b5d62d29d..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/gssapi.c +++ /dev/null @@ -1,379 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include - -RCSID("$Id: gssapi.c,v 1.13 1999/12/02 16:58:29 joda Exp $"); - -struct gss_data { - gss_ctx_id_t context_hdl; - char *client_name; -}; - -static int -gss_init(void *app_data) -{ - struct gss_data *d = app_data; - d->context_hdl = GSS_C_NO_CONTEXT; - return 0; -} - -static int -gss_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -gss_decode(void *app_data, void *buf, int len, int level) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - gss_qop_t qop_state; - int conf_state; - struct gss_data *d = app_data; - - input.length = len; - input.value = buf; - maj_stat = gss_unwrap (&min_stat, - d->context_hdl, - &input, - &output, - &conf_state, - &qop_state); - if(GSS_ERROR(maj_stat)) - return -1; - memmove(buf, output.value, output.length); - return output.length; -} - -static int -gss_overhead(void *app_data, int level, int len) -{ - return 100; /* dunno? */ -} - - -static int -gss_encode(void *app_data, void *from, int length, int level, void **to) -{ - OM_uint32 maj_stat, min_stat; - gss_buffer_desc input, output; - int conf_state; - struct gss_data *d = app_data; - - input.length = length; - input.value = from; - maj_stat = gss_wrap (&min_stat, - d->context_hdl, - level == prot_private, - GSS_C_QOP_DEFAULT, - &input, - &conf_state, - &output); - *to = output.value; - return output.length; -} - -static void -sockaddr_to_gss_address (const struct sockaddr *sa, - OM_uint32 *addr_type, - gss_buffer_desc *gss_addr) -{ - switch (sa->sa_family) { -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - gss_addr->length = 16; - gss_addr->value = &sin6->sin6_addr; - *addr_type = GSS_C_AF_INET6; - break; - } -#endif - case AF_INET : { - struct sockaddr_in *sin = (struct sockaddr_in *)sa; - - gss_addr->length = 4; - gss_addr->value = &sin->sin_addr; - *addr_type = GSS_C_AF_INET; - break; - } - default : - errx (1, "unknown address family %d", sa->sa_family); - - } -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -static int -gss_adat(void *app_data, void *buf, size_t len) -{ - char *p = NULL; - gss_buffer_desc input_token, output_token; - OM_uint32 maj_stat, min_stat; - gss_name_t client_name; - struct gss_data *d = app_data; - - gss_channel_bindings_t bindings = malloc(sizeof(*bindings)); - sockaddr_to_gss_address (his_addr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (ctrl_addr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - - input_token.value = buf; - input_token.length = len; - - maj_stat = gss_accept_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_CREDENTIAL, - &input_token, - bindings, - &client_name, - NULL, - &output_token, - NULL, - NULL, - NULL); - - if(output_token.length) { - if(base64_encode(output_token.value, output_token.length, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - } - if(maj_stat == GSS_S_COMPLETE){ - char *name; - gss_buffer_desc export_name; - maj_stat = gss_export_name(&min_stat, client_name, &export_name); - if(maj_stat != 0) { - reply(500, "Error exporting name"); - goto out; - } - name = realloc(export_name.value, export_name.length + 1); - if(name == NULL) { - reply(500, "Out of memory"); - free(export_name.value); - goto out; - } - name[export_name.length] = '\0'; - d->client_name = name; - if(p) - reply(235, "ADAT=%s", p); - else - reply(235, "ADAT Complete"); - sec_complete = 1; - - } else if(maj_stat == GSS_S_CONTINUE_NEEDED) { - if(p) - reply(335, "ADAT=%s", p); - else - reply(335, "OK, need more data"); - } else - reply(535, "foo?"); -out: - free(p); - return 0; -} - -int gss_userok(void*, char*); - -struct sec_server_mech gss_server_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, /* init */ - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, - /* */ - NULL, - gss_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - gss_userok -}; - -#else /* FTP_SERVER */ - -extern struct sockaddr *hisctladdr, *myctladdr; - -static int -gss_auth(void *app_data, char *host) -{ - - OM_uint32 maj_stat, min_stat; - gss_buffer_desc name; - gss_name_t target_name; - gss_buffer_desc input, output_token; - int context_established = 0; - char *p; - int n; - gss_channel_bindings_t bindings; - struct gss_data *d = app_data; - - name.length = asprintf((char**)&name.value, "ftp@%s", host); - maj_stat = gss_import_name(&min_stat, - &name, - GSS_C_NT_HOSTBASED_SERVICE, - &target_name); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error importing name %s: %s\n", - (char *)name.value, - (char *)status_string.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_ERROR; - } - free(name.value); - - - input.length = 0; - input.value = NULL; - - bindings = malloc(sizeof(*bindings)); - - sockaddr_to_gss_address (myctladdr, - &bindings->initiator_addrtype, - &bindings->initiator_address); - sockaddr_to_gss_address (hisctladdr, - &bindings->acceptor_addrtype, - &bindings->acceptor_address); - - bindings->application_data.length = 0; - bindings->application_data.value = NULL; - - while(!context_established) { - maj_stat = gss_init_sec_context(&min_stat, - GSS_C_NO_CREDENTIAL, - &d->context_hdl, - target_name, - GSS_C_NO_OID, - GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG, - 0, - bindings, - &input, - NULL, - &output_token, - NULL, - NULL); - if (GSS_ERROR(maj_stat)) { - OM_uint32 new_stat; - OM_uint32 msg_ctx = 0; - gss_buffer_desc status_string; - - gss_display_status(&new_stat, - min_stat, - GSS_C_MECH_CODE, - GSS_C_NO_OID, - &msg_ctx, - &status_string); - printf("Error initializing security context: %s\n", - (char*)status_string.value); - gss_release_buffer(&new_stat, &status_string); - return AUTH_CONTINUE; - } - - gss_release_buffer(&min_stat, &input); - if (output_token.length != 0) { - base64_encode(output_token.value, output_token.length, &p); - gss_release_buffer(&min_stat, &output_token); - n = command("ADAT %s", p); - free(p); - } - if (GSS_ERROR(maj_stat)) { - if (d->context_hdl != GSS_C_NO_CONTEXT) - gss_delete_sec_context (&min_stat, - &d->context_hdl, - GSS_C_NO_BUFFER); - break; - } - if (maj_stat & GSS_S_CONTINUE_NEEDED) { - p = strstr(reply_string, "ADAT="); - if(p == NULL){ - printf("Error: expected ADAT in reply.\n"); - return AUTH_ERROR; - } else { - p+=5; - input.value = malloc(strlen(p)); - input.length = base64_decode(p, input.value); - } - } else { - if(code != 235) { - printf("Unrecognized response code: %d\n", code); - return AUTH_ERROR; - } - context_established = 1; - } - } - return AUTH_OK; -} - -struct sec_client_mech gss_client_mech = { - "GSSAPI", - sizeof(struct gss_data), - gss_init, - gss_auth, - NULL, /* end */ - gss_check_prot, - gss_overhead, - gss_encode, - gss_decode, -}; - -#endif /* FTP_SERVER */ diff --git a/crypto/kerberosIV/appl/ftp/ftp/kauth.c b/crypto/kerberosIV/appl/ftp/ftp/kauth.c deleted file mode 100644 index 613593a71290..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/kauth.c +++ /dev/null @@ -1,198 +0,0 @@ -/* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -#include -RCSID("$Id: kauth.c,v 1.20 1999/12/02 16:58:29 joda Exp $"); - -void -kauth(int argc, char **argv) -{ - int ret; - char buf[1024]; - des_cblock key; - des_key_schedule schedule; - KTEXT_ST tkt, tktcopy; - char *name; - char *p; - int overbose; - char passwd[100]; - int tmp; - - int save; - - if(argc > 2){ - printf("usage: %s [principal]\n", argv[0]); - code = -1; - return; - } - if(argc == 2) - name = argv[1]; - else - name = username; - - overbose = verbose; - verbose = 0; - - save = set_command_prot(prot_private); - ret = command("SITE KAUTH %s", name); - if(ret != CONTINUE){ - verbose = overbose; - set_command_prot(save); - code = -1; - return; - } - verbose = overbose; - p = strstr(reply_string, "T="); - if(!p){ - printf("Bad reply from server.\n"); - set_command_prot(save); - code = -1; - return; - } - p += 2; - tmp = base64_decode(p, &tkt.dat); - if(tmp < 0){ - printf("Failed to decode base64 in reply.\n"); - set_command_prot(save); - code = -1; - return; - } - tkt.length = tmp; - tktcopy.length = tkt.length; - - p = strstr(reply_string, "P="); - if(!p){ - printf("Bad reply from server.\n"); - verbose = overbose; - set_command_prot(save); - code = -1; - return; - } - name = p + 2; - for(; *p && *p != ' ' && *p != '\r' && *p != '\n'; p++); - *p = 0; - - snprintf(buf, sizeof(buf), "Password for %s:", name); - if (des_read_pw_string (passwd, sizeof(passwd)-1, buf, 0)) - *passwd = '\0'; - des_string_to_key (passwd, &key); - - des_key_sched(&key, schedule); - - des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, - tkt.length, - schedule, &key, DES_DECRYPT); - if (strcmp ((char*)tktcopy.dat + 8, - KRB_TICKET_GRANTING_TICKET) != 0) { - afs_string_to_key (passwd, krb_realmofhost(hostname), &key); - des_key_sched (&key, schedule); - des_pcbc_encrypt((des_cblock*)tkt.dat, (des_cblock*)tktcopy.dat, - tkt.length, - schedule, &key, DES_DECRYPT); - } - memset(key, 0, sizeof(key)); - memset(schedule, 0, sizeof(schedule)); - memset(passwd, 0, sizeof(passwd)); - if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - set_command_prot(save); - code = -1; - return; - } - memset (tktcopy.dat, 0, tktcopy.length); - ret = command("SITE KAUTH %s %s", name, p); - free(p); - set_command_prot(save); - if(ret != COMPLETE){ - code = -1; - return; - } - code = 0; -} - -void -klist(int argc, char **argv) -{ - int ret; - if(argc != 1){ - printf("usage: %s\n", argv[0]); - code = -1; - return; - } - - ret = command("SITE KLIST"); - code = (ret == COMPLETE); -} - -void -kdestroy(int argc, char **argv) -{ - int ret; - if (argc != 1) { - printf("usage: %s\n", argv[0]); - code = -1; - return; - } - ret = command("SITE KDESTROY"); - code = (ret == COMPLETE); -} - -void -krbtkfile(int argc, char **argv) -{ - int ret; - if(argc != 2) { - printf("usage: %s tktfile\n", argv[0]); - code = -1; - return; - } - ret = command("SITE KRBTKFILE %s", argv[1]); - code = (ret == COMPLETE); -} - -void -afslog(int argc, char **argv) -{ - int ret; - if(argc > 2) { - printf("usage: %s [cell]\n", argv[0]); - code = -1; - return; - } - if(argc == 2) - ret = command("SITE AFSLOG %s", argv[1]); - else - ret = command("SITE AFSLOG"); - code = (ret == COMPLETE); -} diff --git a/crypto/kerberosIV/appl/ftp/ftp/krb4.c b/crypto/kerberosIV/appl/ftp/ftp/krb4.c deleted file mode 100644 index aa30c1bc3888..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/krb4.c +++ /dev/null @@ -1,334 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif -#include - -RCSID("$Id: krb4.c,v 1.36.2.1 1999/12/06 17:29:45 assar Exp $"); - -#ifdef FTP_SERVER -#define LOCAL_ADDR ctrl_addr -#define REMOTE_ADDR his_addr -#else -#define LOCAL_ADDR myctladdr -#define REMOTE_ADDR hisctladdr -#endif - -extern struct sockaddr *LOCAL_ADDR, *REMOTE_ADDR; - -struct krb4_data { - des_cblock key; - des_key_schedule schedule; - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; -}; - -static int -krb4_check_prot(void *app_data, int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -static int -krb4_decode(void *app_data, void *buf, int len, int level) -{ - MSG_DAT m; - int e; - struct krb4_data *d = app_data; - - if(level == prot_safe) - e = krb_rd_safe(buf, len, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - else - e = krb_rd_priv(buf, len, d->schedule, &d->key, - (struct sockaddr_in *)REMOTE_ADDR, - (struct sockaddr_in *)LOCAL_ADDR, &m); - if(e){ - syslog(LOG_ERR, "krb4_decode: %s", krb_get_err_text(e)); - return -1; - } - memmove(buf, m.app_data, m.app_length); - return m.app_length; -} - -static int -krb4_overhead(void *app_data, int level, int len) -{ - return 31; -} - -static int -krb4_encode(void *app_data, void *from, int length, int level, void **to) -{ - struct krb4_data *d = app_data; - *to = malloc(length + 31); - if(level == prot_safe) - return krb_mk_safe(from, *to, length, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else if(level == prot_private) - return krb_mk_priv(from, *to, length, d->schedule, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - else - return -1; -} - -#ifdef FTP_SERVER - -static int -krb4_adat(void *app_data, void *buf, size_t len) -{ - KTEXT_ST tkt; - AUTH_DAT auth_dat; - char *p; - int kerror; - u_int32_t cs; - char msg[35]; /* size of encrypted block */ - int tmp_len; - struct krb4_data *d = app_data; - char inst[INST_SZ]; - struct sockaddr_in *his_addr_sin = (struct sockaddr_in *)his_addr; - - memcpy(tkt.dat, buf, len); - tkt.length = len; - - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "ftp", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - if(kerror == RD_AP_UNDEC){ - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "rcmd", inst, - his_addr_sin->sin_addr.s_addr, &auth_dat, ""); - } - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - return -1; - } - - memcpy(d->key, auth_dat.session, sizeof(d->key)); - des_set_key(&d->key, d->schedule); - - strlcpy(d->name, auth_dat.pname, sizeof(d->name)); - strlcpy(d->instance, auth_dat.pinst, sizeof(d->instance)); - strlcpy(d->realm, auth_dat.prealm, sizeof(d->instance)); - - cs = auth_dat.checksum + 1; - { - unsigned char tmp[4]; - KRB_PUT_INT(cs, tmp, 4, sizeof(tmp)); - tmp_len = krb_mk_safe(tmp, msg, 4, &d->key, - (struct sockaddr_in *)LOCAL_ADDR, - (struct sockaddr_in *)REMOTE_ADDR); - } - if(tmp_len < 0){ - reply(535, "Error creating reply: %s.", strerror(errno)); - return -1; - } - len = tmp_len; - if(base64_encode(msg, len, &p) < 0) { - reply(535, "Out of memory base64-encoding."); - return -1; - } - reply(235, "ADAT=%s", p); - sec_complete = 1; - free(p); - return 0; -} - -static int -krb4_userok(void *app_data, char *user) -{ - struct krb4_data *d = app_data; - return krb_kuserok(d->name, d->instance, d->realm, user); -} - -struct sec_server_mech krb4_server_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - NULL, /* init */ - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode, - /* */ - NULL, - krb4_adat, - NULL, /* pbsz */ - NULL, /* ccc */ - krb4_userok -}; - -#else /* FTP_SERVER */ - -static int -mk_auth(struct krb4_data *d, KTEXT adat, - char *service, char *host, int checksum) -{ - int ret; - CREDENTIALS cred; - char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_mk_req(adat, sname, inst, realm, checksum); - if(ret) - return ret; - strlcpy(sname, service, sizeof(sname)); - strlcpy(inst, krb_get_phost(host), sizeof(inst)); - strlcpy(realm, krb_realmofhost(host), sizeof(realm)); - ret = krb_get_cred(sname, inst, realm, &cred); - memmove(&d->key, &cred.session, sizeof(des_cblock)); - des_key_sched(&d->key, d->schedule); - memset(&cred, 0, sizeof(cred)); - return ret; -} - -static int -krb4_auth(void *app_data, char *host) -{ - int ret; - char *p; - int len; - KTEXT_ST adat; - MSG_DAT msg_data; - int checksum; - u_int32_t cs; - struct krb4_data *d = app_data; - struct sockaddr_in *localaddr = (struct sockaddr_in *)LOCAL_ADDR; - struct sockaddr_in *remoteaddr = (struct sockaddr_in *)REMOTE_ADDR; - - checksum = getpid(); - ret = mk_auth(d, &adat, "ftp", host, checksum); - if(ret == KDC_PR_UNKNOWN) - ret = mk_auth(d, &adat, "rcmd", host, checksum); - if(ret){ - printf("%s\n", krb_get_err_text(ret)); - return AUTH_CONTINUE; - } - -#ifdef HAVE_KRB_GET_OUR_IP_FOR_REALM - if (krb_get_config_bool("nat_in_use")) { - struct in_addr natAddr; - - if (krb_get_our_ip_for_realm(krb_realmofhost(host), - &natAddr) != KSUCCESS - && krb_get_our_ip_for_realm(NULL, &natAddr) != KSUCCESS) - printf("Can't get address for realm %s\n", - krb_realmofhost(host)); - else { - if (natAddr.s_addr != localaddr->sin_addr.s_addr) { - printf("Using NAT IP address (%s) for kerberos 4\n", - inet_ntoa(natAddr)); - localaddr->sin_addr = natAddr; - - /* - * This not the best place to do this, but it - * is here we know that (probably) NAT is in - * use! - */ - - passivemode = 1; - printf("Setting: Passive mode on.\n"); - } - } - } -#endif - - printf("Local address is %s\n", inet_ntoa(localaddr->sin_addr)); - printf("Remote address is %s\n", inet_ntoa(remoteaddr->sin_addr)); - - if(base64_encode(adat.dat, adat.length, &p) < 0) { - printf("Out of memory base64-encoding.\n"); - return AUTH_CONTINUE; - } - ret = command("ADAT %s", p); - free(p); - - if(ret != COMPLETE){ - printf("Server didn't accept auth data.\n"); - return AUTH_ERROR; - } - - p = strstr(reply_string, "ADAT="); - if(!p){ - printf("Remote host didn't send adat reply.\n"); - return AUTH_ERROR; - } - p += 5; - len = base64_decode(p, adat.dat); - if(len < 0){ - printf("Failed to decode base64 from server.\n"); - return AUTH_ERROR; - } - adat.length = len; - ret = krb_rd_safe(adat.dat, adat.length, &d->key, - (struct sockaddr_in *)hisctladdr, - (struct sockaddr_in *)myctladdr, &msg_data); - if(ret){ - printf("Error reading reply from server: %s.\n", - krb_get_err_text(ret)); - return AUTH_ERROR; - } - krb_get_int(msg_data.app_data, &cs, 4, 0); - if(cs - checksum != 1){ - printf("Bad checksum returned from server.\n"); - return AUTH_ERROR; - } - return AUTH_OK; -} - -struct sec_client_mech krb4_client_mech = { - "KERBEROS_V4", - sizeof(struct krb4_data), - NULL, /* init */ - krb4_auth, - NULL, /* end */ - krb4_check_prot, - krb4_overhead, - krb4_encode, - krb4_decode -}; - -#endif /* FTP_SERVER */ diff --git a/crypto/kerberosIV/appl/ftp/ftp/krb4.h b/crypto/kerberosIV/appl/ftp/ftp/krb4.h deleted file mode 100644 index 7cf8cece104d..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/krb4.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb4.h,v 1.10 1997/04/01 08:17:22 joda Exp $ */ - -#ifndef __KRB4_H__ -#define __KRB4_H__ - -#include -#include - -extern int auth_complete; - -void sec_status(void); - -enum { prot_clear, prot_safe, prot_confidential, prot_private }; - -void sec_prot(int, char**); - -int sec_getc(FILE *F); -int sec_putc(int c, FILE *F); -int sec_fflush(FILE *F); -int sec_read(int fd, void *data, int length); -int sec_write(int fd, char *data, int length); - -int krb4_getc(FILE *F); -int krb4_read(int fd, char *data, int length); - - - -void sec_set_protection_level(void); -int sec_request_prot(char *level); - -void kauth(int, char **); -void klist(int, char **); - -void krb4_quit(void); - -int krb4_write_enc(FILE *F, char *fmt, va_list ap); -int krb4_read_msg(char *s, int priv); -int krb4_read_mic(char *s); -int krb4_read_enc(char *s); - -int do_klogin(char *host); - -#endif /* __KRB4_H__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftp/main.c b/crypto/kerberosIV/appl/ftp/ftp/main.c deleted file mode 100644 index 929acac1da0b..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/main.c +++ /dev/null @@ -1,551 +0,0 @@ -/* - * Copyright (c) 1985, 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * FTP User Program -- Command Interface. - */ - -#include "ftp_locl.h" -RCSID("$Id: main.c,v 1.27.2.1 2000/10/10 13:01:50 assar Exp $"); - -int -main(int argc, char **argv) -{ - int ch, top; - struct passwd *pw = NULL; - char homedir[MaxPathLen]; - struct servent *sp; - - set_progname(argv[0]); - - sp = getservbyname("ftp", "tcp"); - if (sp == 0) - errx(1, "ftp/tcp: unknown service"); - doglob = 1; - interactive = 1; - autologin = 1; - passivemode = 0; /* passive mode not active */ - - while ((ch = getopt(argc, argv, "dginptv")) != -1) { - switch (ch) { - case 'd': - options |= SO_DEBUG; - debug++; - break; - - case 'g': - doglob = 0; - break; - - case 'i': - interactive = 0; - break; - - case 'n': - autologin = 0; - break; - - case 'p': - passivemode = 1; - break; - case 't': - trace++; - break; - - case 'v': - verbose++; - break; - - default: - fprintf(stderr, - "usage: ftp [-dginptv] [host [port]]\n"); - exit(1); - } - } - argc -= optind; - argv += optind; - - fromatty = isatty(fileno(stdin)); - if (fromatty) - verbose++; - cpend = 0; /* no pending replies */ - proxy = 0; /* proxy not active */ - crflag = 1; /* strip c.r. on ascii gets */ - sendport = -1; /* not using ports */ - /* - * Set up the home directory in case we're globbing. - */ - pw = k_getpwuid(getuid()); - if (pw != NULL) { - strlcpy(homedir, pw->pw_dir, sizeof(homedir)); - home = homedir; - } - if (argc > 0) { - char *xargv[5]; - - if (setjmp(toplevel)) - exit(0); - signal(SIGINT, intr); - signal(SIGPIPE, lostpeer); - xargv[0] = (char*)__progname; - xargv[1] = argv[0]; - xargv[2] = argv[1]; - xargv[3] = argv[2]; - xargv[4] = NULL; - setpeer(argc+1, xargv); - } - if(setjmp(toplevel) == 0) - top = 1; - else - top = 0; - if (top) { - signal(SIGINT, intr); - signal(SIGPIPE, lostpeer); - } - for (;;) { - cmdscanner(top); - top = 1; - } -} - -void -intr(int sig) -{ - - longjmp(toplevel, 1); -} - -#ifndef SHUT_RDWR -#define SHUT_RDWR 2 -#endif - -RETSIGTYPE -lostpeer(int sig) -{ - - if (connected) { - if (cout != NULL) { - shutdown(fileno(cout), SHUT_RDWR); - fclose(cout); - cout = NULL; - } - if (data >= 0) { - shutdown(data, SHUT_RDWR); - close(data); - data = -1; - } - connected = 0; - } - pswitch(1); - if (connected) { - if (cout != NULL) { - shutdown(fileno(cout), SHUT_RDWR); - fclose(cout); - cout = NULL; - } - connected = 0; - } - proxflag = 0; - pswitch(0); - sec_end(); - SIGRETURN(0); -} - -/* -char * -tail(filename) - char *filename; -{ - char *s; - - while (*filename) { - s = strrchr(filename, '/'); - if (s == NULL) - break; - if (s[1]) - return (s + 1); - *s = '\0'; - } - return (filename); -} -*/ - -#ifndef HAVE_READLINE - -static char * -readline(char *prompt) -{ - char buf[BUFSIZ]; - printf ("%s", prompt); - fflush (stdout); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return NULL; - if (buf[strlen(buf) - 1] == '\n') - buf[strlen(buf) - 1] = '\0'; - return strdup(buf); -} - -static void -add_history(char *p) -{ -} - -#else - -/* These should not really be here */ - -char *readline(char *); -void add_history(char *); - -#endif - -/* - * Command parser. - */ -void -cmdscanner(int top) -{ - struct cmd *c; - int l; - - if (!top) - putchar('\n'); - for (;;) { - if (fromatty) { - char *p; - p = readline("ftp> "); - if(p == NULL) { - printf("\n"); - quit(0, 0); - } - strlcpy(line, p, sizeof(line)); - add_history(p); - free(p); - } else{ - if (fgets(line, sizeof line, stdin) == NULL) - quit(0, 0); - } - /* XXX will break on long lines */ - l = strlen(line); - if (l == 0) - break; - if (line[--l] == '\n') { - if (l == 0) - break; - line[l] = '\0'; - } else if (l == sizeof(line) - 2) { - printf("sorry, input line too long\n"); - while ((l = getchar()) != '\n' && l != EOF) - /* void */; - break; - } /* else it was a line without a newline */ - makeargv(); - if (margc == 0) { - continue; - } - c = getcmd(margv[0]); - if (c == (struct cmd *)-1) { - printf("?Ambiguous command\n"); - continue; - } - if (c == 0) { - printf("?Invalid command\n"); - continue; - } - if (c->c_conn && !connected) { - printf("Not connected.\n"); - continue; - } - (*c->c_handler)(margc, margv); - if (bell && c->c_bell) - putchar('\007'); - if (c->c_handler != help) - break; - } - signal(SIGINT, intr); - signal(SIGPIPE, lostpeer); -} - -struct cmd * -getcmd(char *name) -{ - char *p, *q; - struct cmd *c, *found; - int nmatches, longest; - - longest = 0; - nmatches = 0; - found = 0; - for (c = cmdtab; (p = c->c_name); c++) { - for (q = name; *q == *p++; q++) - if (*q == 0) /* exact match? */ - return (c); - if (!*q) { /* the name was a prefix */ - if (q - name > longest) { - longest = q - name; - nmatches = 1; - found = c; - } else if (q - name == longest) - nmatches++; - } - } - if (nmatches > 1) - return ((struct cmd *)-1); - return (found); -} - -/* - * Slice a string up into argc/argv. - */ - -int slrflag; - -void -makeargv(void) -{ - char **argp; - - argp = margv; - stringbase = line; /* scan from first of buffer */ - argbase = argbuf; /* store from first of buffer */ - slrflag = 0; - for (margc = 0; ; margc++) { - /* Expand array if necessary */ - if (margc == margvlen) { - int i; - - margv = (margvlen == 0) - ? (char **)malloc(20 * sizeof(char *)) - : (char **)realloc(margv, - (margvlen + 20)*sizeof(char *)); - if (margv == NULL) - errx(1, "cannot realloc argv array"); - for(i = margvlen; i < margvlen + 20; ++i) - margv[i] = NULL; - margvlen += 20; - argp = margv + margc; - } - - if ((*argp++ = slurpstring()) == NULL) - break; - } - -} - -/* - * Parse string into argbuf; - * implemented with FSM to - * handle quoting and strings - */ -char * -slurpstring(void) -{ - int got_one = 0; - char *sb = stringbase; - char *ap = argbase; - char *tmp = argbase; /* will return this if token found */ - - if (*sb == '!' || *sb == '$') { /* recognize ! as a token for shell */ - switch (slrflag) { /* and $ as token for macro invoke */ - case 0: - slrflag++; - stringbase++; - return ((*sb == '!') ? "!" : "$"); - /* NOTREACHED */ - case 1: - slrflag++; - altarg = stringbase; - break; - default: - break; - } - } - -S0: - switch (*sb) { - - case '\0': - goto OUT; - - case ' ': - case '\t': - sb++; goto S0; - - default: - switch (slrflag) { - case 0: - slrflag++; - break; - case 1: - slrflag++; - altarg = sb; - break; - default: - break; - } - goto S1; - } - -S1: - switch (*sb) { - - case ' ': - case '\t': - case '\0': - goto OUT; /* end of token */ - - case '\\': - sb++; goto S2; /* slurp next character */ - - case '"': - sb++; goto S3; /* slurp quoted string */ - - default: - *ap++ = *sb++; /* add character to token */ - got_one = 1; - goto S1; - } - -S2: - switch (*sb) { - - case '\0': - goto OUT; - - default: - *ap++ = *sb++; - got_one = 1; - goto S1; - } - -S3: - switch (*sb) { - - case '\0': - goto OUT; - - case '"': - sb++; goto S1; - - default: - *ap++ = *sb++; - got_one = 1; - goto S3; - } - -OUT: - if (got_one) - *ap++ = '\0'; - argbase = ap; /* update storage pointer */ - stringbase = sb; /* update scan pointer */ - if (got_one) { - return (tmp); - } - switch (slrflag) { - case 0: - slrflag++; - break; - case 1: - slrflag++; - altarg = (char *) 0; - break; - default: - break; - } - return NULL; -} - -#define HELPINDENT ((int) sizeof ("directory")) - -/* - * Help command. - * Call each command handler with argc == 0 and argv[0] == name. - */ -void -help(int argc, char **argv) -{ - struct cmd *c; - - if (argc == 1) { - int i, j, w, k; - int columns, width = 0, lines; - - printf("Commands may be abbreviated. Commands are:\n\n"); - for (c = cmdtab; c < &cmdtab[NCMDS]; c++) { - int len = strlen(c->c_name); - - if (len > width) - width = len; - } - width = (width + 8) &~ 7; - columns = 80 / width; - if (columns == 0) - columns = 1; - lines = (NCMDS + columns - 1) / columns; - for (i = 0; i < lines; i++) { - for (j = 0; j < columns; j++) { - c = cmdtab + j * lines + i; - if (c->c_name && (!proxy || c->c_proxy)) { - printf("%s", c->c_name); - } - else if (c->c_name) { - for (k=0; k < strlen(c->c_name); k++) { - putchar(' '); - } - } - if (c + lines >= &cmdtab[NCMDS]) { - printf("\n"); - break; - } - w = strlen(c->c_name); - while (w < width) { - w = (w + 8) &~ 7; - putchar('\t'); - } - } - } - return; - } - while (--argc > 0) { - char *arg; - arg = *++argv; - c = getcmd(arg); - if (c == (struct cmd *)-1) - printf("?Ambiguous help command %s\n", arg); - else if (c == (struct cmd *)0) - printf("?Invalid help command %s\n", arg); - else - printf("%-*s\t%s\n", HELPINDENT, - c->c_name, c->c_help); - } -} diff --git a/crypto/kerberosIV/appl/ftp/ftp/pathnames.h b/crypto/kerberosIV/appl/ftp/ftp/pathnames.h deleted file mode 100644 index f7c1fb391d69..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/pathnames.h +++ /dev/null @@ -1,44 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/6/93 - */ - -#ifdef HAVE_PATHS_H -#include -#endif - -#define _PATH_TMP_XXX "/tmp/ftpXXXXXX" - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif diff --git a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c b/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c deleted file mode 100644 index c687a5991858..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c +++ /dev/null @@ -1,312 +0,0 @@ -/* - * Copyright (c) 1985, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftp_locl.h" -RCSID("$Id: ruserpass.c,v 1.16 1999/09/16 20:37:31 assar Exp $"); - -static int token (void); -static FILE *cfile; - -#define DEFAULT 1 -#define LOGIN 2 -#define PASSWD 3 -#define ACCOUNT 4 -#define MACDEF 5 -#define PROT 6 -#define ID 10 -#define MACH 11 - -static char tokval[100]; - -static struct toktab { - char *tokstr; - int tval; -} toktab[]= { - { "default", DEFAULT }, - { "login", LOGIN }, - { "password", PASSWD }, - { "passwd", PASSWD }, - { "account", ACCOUNT }, - { "machine", MACH }, - { "macdef", MACDEF }, - { "prot", PROT }, - { NULL, 0 } -}; - -/* - * Write a copy of the hostname into `hostname, sz' and return a guess - * as to the `domain' of that hostname. - */ - -static char * -guess_domain (char *hostname, size_t sz) -{ - struct hostent *he; - char *dot; - char *a; - char **aliases; - - if (gethostname (hostname, sz) < 0) { - strlcpy (hostname, "", sz); - return ""; - } - dot = strchr (hostname, '.'); - if (dot != NULL) - return dot + 1; - - he = gethostbyname (hostname); - if (he == NULL) - return hostname; - - dot = strchr (he->h_name, '.'); - if (dot != NULL) { - strlcpy (hostname, he->h_name, sz); - return dot + 1; - } - for (aliases = he->h_aliases; (a = *aliases) != NULL; ++aliases) { - dot = strchr (a, '.'); - if (dot != NULL) { - strlcpy (hostname, a, sz); - return dot + 1; - } - } - return hostname; -} - -int -ruserpass(char *host, char **aname, char **apass, char **aacct) -{ - char *hdir, buf[BUFSIZ], *tmp; - int t, i, c, usedefault = 0; - struct stat stb; - - mydomain = guess_domain (myhostname, MaxHostNameLen); - - hdir = getenv("HOME"); - if (hdir == NULL) - hdir = "."; - snprintf(buf, sizeof(buf), "%s/.netrc", hdir); - cfile = fopen(buf, "r"); - if (cfile == NULL) { - if (errno != ENOENT) - warn("%s", buf); - return (0); - } - -next: - while ((t = token())) switch(t) { - - case DEFAULT: - usedefault = 1; - /* FALL THROUGH */ - - case MACH: - if (!usedefault) { - if (token() != ID) - continue; - /* - * Allow match either for user's input host name - * or official hostname. Also allow match of - * incompletely-specified host in local domain. - */ - if (strcasecmp(host, tokval) == 0) - goto match; - if (strcasecmp(hostname, tokval) == 0) - goto match; - if ((tmp = strchr(hostname, '.')) != NULL && - tmp++ && - strcasecmp(tmp, mydomain) == 0 && - strncasecmp(hostname, tokval, tmp-hostname) == 0 && - tokval[tmp - hostname] == '\0') - goto match; - if ((tmp = strchr(host, '.')) != NULL && - tmp++ && - strcasecmp(tmp, mydomain) == 0 && - strncasecmp(host, tokval, tmp - host) == 0 && - tokval[tmp - host] == '\0') - goto match; - continue; - } - match: - while ((t = token()) && t != MACH && t != DEFAULT) switch(t) { - - case LOGIN: - if (token()) { - if (*aname == 0) { - *aname = strdup(tokval); - } else { - if (strcmp(*aname, tokval)) - goto next; - } - } - break; - case PASSWD: - if ((*aname == NULL || strcmp(*aname, "anonymous")) && - fstat(fileno(cfile), &stb) >= 0 && - (stb.st_mode & 077) != 0) { - warnx("Error: .netrc file is readable by others."); - warnx("Remove password or make file unreadable by others."); - goto bad; - } - if (token() && *apass == 0) { - *apass = strdup(tokval); - } - break; - case ACCOUNT: - if (fstat(fileno(cfile), &stb) >= 0 - && (stb.st_mode & 077) != 0) { - warnx("Error: .netrc file is readable by others."); - warnx("Remove account or make file unreadable by others."); - goto bad; - } - if (token() && *aacct == 0) { - *aacct = strdup(tokval); - } - break; - case MACDEF: - if (proxy) { - fclose(cfile); - return (0); - } - while ((c=getc(cfile)) != EOF && - (c == ' ' || c == '\t')); - if (c == EOF || c == '\n') { - printf("Missing macdef name argument.\n"); - goto bad; - } - if (macnum == 16) { - printf("Limit of 16 macros have already been defined\n"); - goto bad; - } - tmp = macros[macnum].mac_name; - *tmp++ = c; - for (i=0; i < 8 && (c=getc(cfile)) != EOF && - !isspace(c); ++i) { - *tmp++ = c; - } - if (c == EOF) { - printf("Macro definition missing null line terminator.\n"); - goto bad; - } - *tmp = '\0'; - if (c != '\n') { - while ((c=getc(cfile)) != EOF && c != '\n'); - } - if (c == EOF) { - printf("Macro definition missing null line terminator.\n"); - goto bad; - } - if (macnum == 0) { - macros[macnum].mac_start = macbuf; - } - else { - macros[macnum].mac_start = macros[macnum-1].mac_end + 1; - } - tmp = macros[macnum].mac_start; - while (tmp != macbuf + 4096) { - if ((c=getc(cfile)) == EOF) { - printf("Macro definition missing null line terminator.\n"); - goto bad; - } - *tmp = c; - if (*tmp == '\n') { - if (*(tmp-1) == '\0') { - macros[macnum++].mac_end = tmp - 1; - break; - } - *tmp = '\0'; - } - tmp++; - } - if (tmp == macbuf + 4096) { - printf("4K macro buffer exceeded\n"); - goto bad; - } - break; - case PROT: - token(); - if(sec_request_prot(tokval) < 0) - warnx("Unknown protection level \"%s\"", tokval); - break; - default: - warnx("Unknown .netrc keyword %s", tokval); - break; - } - goto done; - } -done: - fclose(cfile); - return (0); -bad: - fclose(cfile); - return (-1); -} - -static int -token(void) -{ - char *cp; - int c; - struct toktab *t; - - if (feof(cfile) || ferror(cfile)) - return (0); - while ((c = getc(cfile)) != EOF && - (c == '\n' || c == '\t' || c == ' ' || c == ',')) - continue; - if (c == EOF) - return (0); - cp = tokval; - if (c == '"') { - while ((c = getc(cfile)) != EOF && c != '"') { - if (c == '\\') - c = getc(cfile); - *cp++ = c; - } - } else { - *cp++ = c; - while ((c = getc(cfile)) != EOF - && c != '\n' && c != '\t' && c != ' ' && c != ',') { - if (c == '\\') - c = getc(cfile); - *cp++ = c; - } - } - *cp = 0; - if (tokval[0] == 0) - return (0); - for (t = toktab; t->tokstr; t++) - if (!strcmp(t->tokstr, tokval)) - return (t->tval); - return (ID); -} diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.c b/crypto/kerberosIV/appl/ftp/ftp/security.c deleted file mode 100644 index ca7eb0036a53..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/security.c +++ /dev/null @@ -1,785 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef FTP_SERVER -#include "ftpd_locl.h" -#else -#include "ftp_locl.h" -#endif - -RCSID("$Id: security.c,v 1.15 1999/12/02 16:58:30 joda Exp $"); - -static enum protection_level command_prot; -static enum protection_level data_prot; -static size_t buffer_size; - -struct buffer { - void *data; - size_t size; - size_t index; - int eof_flag; -}; - -static struct buffer in_buffer, out_buffer; -int sec_complete; - -static struct { - enum protection_level level; - const char *name; -} level_names[] = { - { prot_clear, "clear" }, - { prot_safe, "safe" }, - { prot_confidential, "confidential" }, - { prot_private, "private" } -}; - -static const char * -level_to_name(enum protection_level level) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(level_names[i].level == level) - return level_names[i].name; - return "unknown"; -} - -#ifndef FTP_SERVER /* not used in server */ -static enum protection_level -name_to_level(const char *name) -{ - int i; - for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++) - if(!strncasecmp(level_names[i].name, name, strlen(name))) - return level_names[i].level; - return (enum protection_level)-1; -} -#endif - -#ifdef FTP_SERVER - -static struct sec_server_mech *mechs[] = { -#ifdef KRB5 - &gss_server_mech, -#endif -#ifdef KRB4 - &krb4_server_mech, -#endif - NULL -}; - -static struct sec_server_mech *mech; - -#else - -static struct sec_client_mech *mechs[] = { -#ifdef KRB5 - &gss_client_mech, -#endif -#ifdef KRB4 - &krb4_client_mech, -#endif - NULL -}; - -static struct sec_client_mech *mech; - -#endif - -static void *app_data; - -int -sec_getc(FILE *F) -{ - if(sec_complete && data_prot) { - char c; - if(sec_read(fileno(F), &c, 1) <= 0) - return EOF; - return c; - } else - return getc(F); -} - -static int -block_read(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = read(fd, p, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -block_write(int fd, void *buf, size_t len) -{ - unsigned char *p = buf; - int b; - while(len) { - b = write(fd, p, len); - if(b < 0) - return -1; - len -= b; - p += b; - } - return p - (unsigned char*)buf; -} - -static int -sec_get_data(int fd, struct buffer *buf, int level) -{ - int len; - int b; - - b = block_read(fd, &len, sizeof(len)); - if (b == 0) - return 0; - else if (b < 0) - return -1; - len = ntohl(len); - buf->data = realloc(buf->data, len); - b = block_read(fd, buf->data, len); - if (b == 0) - return 0; - else if (b < 0) - return -1; - buf->size = (*mech->decode)(app_data, buf->data, len, data_prot); - buf->index = 0; - return 0; -} - -static size_t -buffer_read(struct buffer *buf, void *data, size_t len) -{ - len = min(len, buf->size - buf->index); - memcpy(data, (char*)buf->data + buf->index, len); - buf->index += len; - return len; -} - -static size_t -buffer_write(struct buffer *buf, void *data, size_t len) -{ - if(buf->index + len > buf->size) { - void *tmp; - if(buf->data == NULL) - tmp = malloc(1024); - else - tmp = realloc(buf->data, buf->index + len); - if(tmp == NULL) - return -1; - buf->data = tmp; - buf->size = buf->index + len; - } - memcpy((char*)buf->data + buf->index, data, len); - buf->index += len; - return len; -} - -int -sec_read(int fd, void *data, int length) -{ - size_t len; - int rx = 0; - - if(sec_complete == 0 || data_prot == 0) - return read(fd, data, length); - - if(in_buffer.eof_flag){ - in_buffer.eof_flag = 0; - return 0; - } - - len = buffer_read(&in_buffer, data, length); - length -= len; - rx += len; - data = (char*)data + len; - - while(length){ - if(sec_get_data(fd, &in_buffer, data_prot) < 0) - return -1; - if(in_buffer.size == 0) { - if(rx) - in_buffer.eof_flag = 1; - return rx; - } - len = buffer_read(&in_buffer, data, length); - length -= len; - rx += len; - data = (char*)data + len; - } - return rx; -} - -static int -sec_send(int fd, char *from, int length) -{ - int bytes; - void *buf; - bytes = (*mech->encode)(app_data, from, length, data_prot, &buf); - bytes = htonl(bytes); - block_write(fd, &bytes, sizeof(bytes)); - block_write(fd, buf, ntohl(bytes)); - free(buf); - return length; -} - -int -sec_fflush(FILE *F) -{ - if(data_prot != prot_clear) { - if(out_buffer.index > 0){ - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - sec_send(fileno(F), NULL, 0); - } - fflush(F); - return 0; -} - -int -sec_write(int fd, char *data, int length) -{ - int len = buffer_size; - int tx = 0; - - if(data_prot == prot_clear) - return write(fd, data, length); - - len -= (*mech->overhead)(app_data, data_prot, len); - while(length){ - if(length < len) - len = length; - sec_send(fd, data, len); - length -= len; - data += len; - tx += len; - } - return tx; -} - -int -sec_vfprintf2(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - int ret; - if(data_prot == prot_clear) - return vfprintf(f, fmt, ap); - else { - vasprintf(&buf, fmt, ap); - ret = buffer_write(&out_buffer, buf, strlen(buf)); - free(buf); - return ret; - } -} - -int -sec_fprintf2(FILE *f, const char *fmt, ...) -{ - int ret; - va_list ap; - va_start(ap, fmt); - ret = sec_vfprintf2(f, fmt, ap); - va_end(ap); - return ret; -} - -int -sec_putc(int c, FILE *F) -{ - char ch = c; - if(data_prot == prot_clear) - return putc(c, F); - - buffer_write(&out_buffer, &ch, 1); - if(c == '\n' || out_buffer.index >= 1024 /* XXX */) { - sec_write(fileno(F), out_buffer.data, out_buffer.index); - out_buffer.index = 0; - } - return c; -} - -int -sec_read_msg(char *s, int level) -{ - int len; - char *buf; - int code; - - buf = malloc(strlen(s)); - len = base64_decode(s + 4, buf); /* XXX */ - - len = (*mech->decode)(app_data, buf, len, level); - if(len < 0) - return -1; - - buf[len] = '\0'; - - if(buf[3] == '-') - code = 0; - else - sscanf(buf, "%d", &code); - if(buf[len-1] == '\n') - buf[len-1] = '\0'; - strcpy(s, buf); - free(buf); - return code; -} - -int -sec_vfprintf(FILE *f, const char *fmt, va_list ap) -{ - char *buf; - void *enc; - int len; - if(!sec_complete) - return vfprintf(f, fmt, ap); - - vasprintf(&buf, fmt, ap); - len = (*mech->encode)(app_data, buf, strlen(buf), command_prot, &enc); - free(buf); - if(len < 0) { - printf("Failed to encode command.\n"); - return -1; - } - if(base64_encode(enc, len, &buf) < 0){ - printf("Out of memory base64-encoding.\n"); - return -1; - } -#ifdef FTP_SERVER - if(command_prot == prot_safe) - fprintf(f, "631 %s\r\n", buf); - else if(command_prot == prot_private) - fprintf(f, "632 %s\r\n", buf); - else if(command_prot == prot_confidential) - fprintf(f, "633 %s\r\n", buf); -#else - if(command_prot == prot_safe) - fprintf(f, "MIC %s", buf); - else if(command_prot == prot_private) - fprintf(f, "ENC %s", buf); - else if(command_prot == prot_confidential) - fprintf(f, "CONF %s", buf); -#endif - free(buf); - return 0; -} - -int -sec_fprintf(FILE *f, const char *fmt, ...) -{ - va_list ap; - int ret; - va_start(ap, fmt); - ret = sec_vfprintf(f, fmt, ap); - va_end(ap); - return ret; -} - -/* end common stuff */ - -#ifdef FTP_SERVER - -void -auth(char *auth_name) -{ - int i; - for(i = 0; (mech = mechs[i]) != NULL; i++){ - if(!strcasecmp(auth_name, mech->name)){ - app_data = realloc(app_data, mech->size); - if(mech->init && (*mech->init)(app_data) != 0) { - reply(431, "Unable to accept %s at this time", mech->name); - return; - } - if(mech->auth) { - (*mech->auth)(app_data); - return; - } - if(mech->adat) - reply(334, "Send authorization data."); - else - reply(234, "Authorization complete."); - return; - } - } - free (app_data); - reply(504, "%s is unknown to me", auth_name); -} - -void -adat(char *auth_data) -{ - if(mech && !sec_complete) { - void *buf = malloc(strlen(auth_data)); - size_t len; - len = base64_decode(auth_data, buf); - (*mech->adat)(app_data, buf, len); - free(buf); - } else - reply(503, "You must %sissue an AUTH first.", mech ? "re-" : ""); -} - -void pbsz(int size) -{ - size_t new = size; - if(!sec_complete) - reply(503, "Incomplete security data exchange."); - if(mech->pbsz) - new = (*mech->pbsz)(app_data, size); - if(buffer_size != new){ - buffer_size = size; - } - if(new != size) - reply(200, "PBSZ=%lu", (unsigned long)new); - else - reply(200, "OK"); -} - -void -prot(char *pl) -{ - int p = -1; - - if(buffer_size == 0){ - reply(503, "No protection buffer size negotiated."); - return; - } - - if(!strcasecmp(pl, "C")) - p = prot_clear; - else if(!strcasecmp(pl, "S")) - p = prot_safe; - else if(!strcasecmp(pl, "E")) - p = prot_confidential; - else if(!strcasecmp(pl, "P")) - p = prot_private; - else { - reply(504, "Unrecognized protection level."); - return; - } - - if(sec_complete){ - if((*mech->check_prot)(app_data, p)){ - reply(536, "%s does not support %s protection.", - mech->name, level_to_name(p)); - }else{ - data_prot = (enum protection_level)p; - reply(200, "Data protection is %s.", level_to_name(p)); - } - }else{ - reply(503, "Incomplete security data exchange."); - } -} - -void ccc(void) -{ - if(sec_complete){ - if(mech->ccc && (*mech->ccc)(app_data) == 0) - command_prot = data_prot = prot_clear; - else - reply(534, "You must be joking."); - }else - reply(503, "Incomplete security data exchange."); -} - -void mec(char *msg, enum protection_level level) -{ - void *buf; - size_t len; - if(!sec_complete) { - reply(503, "Incomplete security data exchange."); - return; - } - buf = malloc(strlen(msg) + 2); /* XXX go figure out where that 2 - comes from :-) */ - len = base64_decode(msg, buf); - command_prot = level; - if(len == (size_t)-1) { - reply(501, "Failed to base64-decode command"); - return; - } - len = (*mech->decode)(app_data, buf, len, level); - if(len == (size_t)-1) { - reply(535, "Failed to decode command"); - return; - } - ((char*)buf)[len] = '\0'; - if(strstr((char*)buf, "\r\n") == NULL) - strcat((char*)buf, "\r\n"); - new_ftp_command(buf); -} - -/* ------------------------------------------------------------ */ - -int -sec_userok(char *user) -{ - if(sec_complete) - return (*mech->userok)(app_data, user); - return 0; -} - -char *ftp_command; - -void -new_ftp_command(char *command) -{ - ftp_command = command; -} - -void -delete_ftp_command(void) -{ - free(ftp_command); - ftp_command = NULL; -} - -int -secure_command(void) -{ - return ftp_command != NULL; -} - -enum protection_level -get_command_prot(void) -{ - return command_prot; -} - -#else /* FTP_SERVER */ - -void -sec_status(void) -{ - if(sec_complete){ - printf("Using %s for authentication.\n", mech->name); - printf("Using %s command channel.\n", level_to_name(command_prot)); - printf("Using %s data channel.\n", level_to_name(data_prot)); - if(buffer_size > 0) - printf("Protection buffer size: %lu.\n", - (unsigned long)buffer_size); - }else{ - printf("Not using any security mechanism.\n"); - } -} - -static int -sec_prot_internal(int level) -{ - int ret; - char *p; - unsigned int s = 1048576; - - int old_verbose = verbose; - verbose = 0; - - if(!sec_complete){ - printf("No security data exchange has taken place.\n"); - return -1; - } - - if(level){ - ret = command("PBSZ %u", s); - if(ret != COMPLETE){ - printf("Failed to set protection buffer size.\n"); - return -1; - } - buffer_size = s; - p = strstr(reply_string, "PBSZ="); - if(p) - sscanf(p, "PBSZ=%u", &s); - if(s < buffer_size) - buffer_size = s; - } - verbose = old_verbose; - ret = command("PROT %c", level["CSEP"]); /* XXX :-) */ - if(ret != COMPLETE){ - printf("Failed to set protection level.\n"); - return -1; - } - - data_prot = (enum protection_level)level; - return 0; -} - -enum protection_level -set_command_prot(enum protection_level level) -{ - enum protection_level old = command_prot; - command_prot = level; - return old; -} - -void -sec_prot(int argc, char **argv) -{ - int level = -1; - - if(argc < 2 || argc > 3) - goto usage; - if(!sec_complete) { - printf("No security data exchange has taken place.\n"); - code = -1; - return; - } - level = name_to_level(argv[argc - 1]); - - if(level == -1) - goto usage; - - if((*mech->check_prot)(app_data, level)) { - printf("%s does not implement %s protection.\n", - mech->name, level_to_name(level)); - code = -1; - return; - } - - if(argc == 2 || strncasecmp(argv[1], "data", strlen(argv[1])) == 0) { - if(sec_prot_internal(level) < 0){ - code = -1; - return; - } - } else if(strncasecmp(argv[1], "command", strlen(argv[1])) == 0) - set_command_prot(level); - else - goto usage; - code = 0; - return; - usage: - printf("usage: %s [command|data] [clear|safe|confidential|private]\n", - argv[0]); - code = -1; -} - -static enum protection_level request_data_prot; - -void -sec_set_protection_level(void) -{ - if(sec_complete && data_prot != request_data_prot) - sec_prot_internal(request_data_prot); -} - - -int -sec_request_prot(char *level) -{ - int l = name_to_level(level); - if(l == -1) - return -1; - request_data_prot = (enum protection_level)l; - return 0; -} - -int -sec_login(char *host) -{ - int ret; - struct sec_client_mech **m; - int old_verbose = verbose; - - verbose = -1; /* shut up all messages this will produce (they - are usually not very user friendly) */ - - for(m = mechs; *m && (*m)->name; m++) { - void *tmp; - - tmp = realloc(app_data, (*m)->size); - if (tmp == NULL) { - warnx ("realloc %u failed", (*m)->size); - return -1; - } - app_data = tmp; - - if((*m)->init && (*(*m)->init)(app_data) != 0) { - printf("Skipping %s...\n", (*m)->name); - continue; - } - printf("Trying %s...\n", (*m)->name); - ret = command("AUTH %s", (*m)->name); - if(ret != CONTINUE){ - if(code == 504){ - printf("%s is not supported by the server.\n", (*m)->name); - }else if(code == 534){ - printf("%s rejected as security mechanism.\n", (*m)->name); - }else if(ret == ERROR) { - printf("The server doesn't support the FTP " - "security extensions.\n"); - verbose = old_verbose; - return -1; - } - continue; - } - - ret = (*(*m)->auth)(app_data, host); - - if(ret == AUTH_CONTINUE) - continue; - else if(ret != AUTH_OK){ - /* mechanism is supposed to output error string */ - verbose = old_verbose; - return -1; - } - mech = *m; - sec_complete = 1; - command_prot = prot_safe; - break; - } - - verbose = old_verbose; - return *m == NULL; -} - -void -sec_end(void) -{ - if (mech != NULL) { - if(mech->end) - (*mech->end)(app_data); - memset(app_data, 0, mech->size); - free(app_data); - app_data = NULL; - } - sec_complete = 0; - data_prot = (enum protection_level)0; -} - -#endif /* FTP_SERVER */ - diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.h b/crypto/kerberosIV/appl/ftp/ftp/security.h deleted file mode 100644 index 6fe06946c570..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftp/security.h +++ /dev/null @@ -1,131 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: security.h,v 1.7 1999/12/02 16:58:30 joda Exp $ */ - -#ifndef __security_h__ -#define __security_h__ - -enum protection_level { - prot_clear, - prot_safe, - prot_confidential, - prot_private -}; - -struct sec_client_mech { - char *name; - size_t size; - int (*init)(void *); - int (*auth)(void *, char*); - void (*end)(void *); - int (*check_prot)(void *, int); - int (*overhead)(void *, int, int); - int (*encode)(void *, void*, int, int, void**); - int (*decode)(void *, void*, int, int); -}; - -struct sec_server_mech { - char *name; - size_t size; - int (*init)(void *); - void (*end)(void *); - int (*check_prot)(void *, int); - int (*overhead)(void *, int, int); - int (*encode)(void *, void*, int, int, void**); - int (*decode)(void *, void*, int, int); - - int (*auth)(void *); - int (*adat)(void *, void*, size_t); - size_t (*pbsz)(void *, size_t); - int (*ccc)(void*); - int (*userok)(void*, char*); -}; - -#define AUTH_OK 0 -#define AUTH_CONTINUE 1 -#define AUTH_ERROR 2 - -#ifdef FTP_SERVER -extern struct sec_server_mech krb4_server_mech, gss_server_mech; -#else -extern struct sec_client_mech krb4_client_mech, gss_client_mech; -#endif - -extern int sec_complete; - -#ifdef FTP_SERVER -extern char *ftp_command; -void new_ftp_command(char*); -void delete_ftp_command(void); -#endif - -/* ---- */ - - -int sec_fflush (FILE *); -int sec_fprintf (FILE *, const char *, ...); -int sec_getc (FILE *); -int sec_putc (int, FILE *); -int sec_read (int, void *, int); -int sec_read_msg (char *, int); -int sec_vfprintf (FILE *, const char *, va_list); -int sec_fprintf2(FILE *f, const char *fmt, ...); -int sec_vfprintf2(FILE *, const char *, va_list); -int sec_write (int, char *, int); - -#ifdef FTP_SERVER -void adat (char *); -void auth (char *); -void ccc (void); -void mec (char *, enum protection_level); -void pbsz (int); -void prot (char *); -void delete_ftp_command (void); -void new_ftp_command (char *); -int sec_userok (char *); -int secure_command (void); -enum protection_level get_command_prot(void); -#else -void sec_end (void); -int sec_login (char *); -void sec_prot (int, char **); -int sec_request_prot (char *); -void sec_set_protection_level (void); -void sec_status (void); - -enum protection_level set_command_prot(enum protection_level); - -#endif - -#endif /* __security_h__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am deleted file mode 100644 index 282cb3a43c42..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am +++ /dev/null @@ -1,54 +0,0 @@ -# $Id: Makefile.am,v 1.20 1999/10/03 16:38:53 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += -I$(srcdir)/../common $(INCLUDE_krb4) -DFTP_SERVER - -libexec_PROGRAMS = ftpd - -CHECK_LOCAL = - -if KRB4 -krb4_sources = krb4.c kauth.c -endif -if KRB5 -krb5_sources = gssapi.c gss_userok.c -endif - -ftpd_SOURCES = \ - extern.h \ - ftpcmd.y \ - ftpd.c \ - ftpd_locl.h \ - logwtmp.c \ - ls.c \ - pathnames.h \ - popen.c \ - security.c \ - $(krb4_sources) \ - $(krb5_sources) - -EXTRA_ftpd_SOURCES = krb4.c kauth.c gssapi.c gss_userok.c - -$(ftpd_OBJECTS): security.h - -security.c: - @test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c . -security.h: - @test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h . -krb4.c: - @test -f krb4.c || $(LN_S) $(srcdir)/../ftp/krb4.c . -gssapi.c: - @test -f gssapi.c || $(LN_S) $(srcdir)/../ftp/gssapi.c . - -CLEANFILES = security.c security.h krb4.c gssapi.c ftpcmd.c - -LDADD = ../common/libcommon.a \ - $(LIB_kafs) \ - $(LIB_gssapi) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(LIB_otp) \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_roken) \ - $(DBLIB) diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in deleted file mode 100644 index bc5c12e366b6..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in +++ /dev/null @@ -1,102 +0,0 @@ -# -# $Id: Makefile.in,v 1.41 1999/10/03 16:39:27 joda Exp $ -# - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -top_builddir = ../../.. - -SHELL = /bin/sh - -CC = @CC@ -YACC = @YACC@ -RANLIB = @RANLIB@ -DEFS = @DEFS@ -WFLAGS = @WFLAGS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -LD_FLAGS = @LD_FLAGS@ -LIBS = @LIBS@ -LIB_DBM = @LIB_DBM@ -MKINSTALLDIRS = $(top_srcdir)/mkinstalldirs - -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ - -LN_S = @LN_S@ - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -ATHENA = ../../.. - -INCTOP = $(ATHENA)/include - -LIBTOP = $(ATHENA)/lib - -LIBKAFS = @KRB_KAFS_LIB@ -LIBKRB = -L$(LIBTOP)/krb -lkrb -LIBDES = -L$(LIBTOP)/des -ldes -LIBOTP = @LIB_otp@ -LIBROKEN= -L$(LIBTOP)/roken -lroken - -PROGS = ftpd$(EXECSUFFIX) - -ftpd_SOURCES = ftpd.c ftpcmd.c logwtmp.c ls.c popen.c security.c krb4.c kauth.c -ftpd_OBJS = ftpd.o ftpcmd.o logwtmp.o ls.o popen.o security.o krb4.o kauth.o - -SOURCES = $(ftpd_SOURCES) -OBJECTS = $(ftpd_OBJS) - -all: $(PROGS) - -$(ftpd_OBJS): security.h - -security.c: - $(LN_S) $(srcdir)/../ftp/security.c . -security.h: - $(LN_S) $(srcdir)/../ftp/security.h . -krb4.c: - $(LN_S) $(srcdir)/../ftp/krb4.c . -gssapi.c: - $(LN_S) $(srcdir)/../ftp/gssapi.c . - -.c.o: - $(CC) -c -DFTP_SERVER -I. -I$(srcdir) -I$(srcdir)/../common -I$(INCTOP) $(DEFS) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -ftpd$(EXECSUFFIX): $(ftpd_OBJS) - $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(ftpd_OBJS) -L../common -lcommon $(LIBKAFS) $(LIBKRB) $(LIBOTP) $(LIBDES) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) - -ftpcmd.c: ftpcmd.y - $(YACC) $(YFLAGS) $< - chmod a-w y.tab.c - mv -f y.tab.c ftpcmd.c - -TAGS: $(SOURCES) - etags $(SOURCES) - -CLEANFILES = ftpd$(EXECSUFFIX) ftpcmd.c security.c security.h krb4.c gssapi.c - -clean cleandir: - rm -f *~ *.o core \#* $(CLEANFILES) - -distclean: - rm -f Makefile - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/ftp/ftpd/auth.c b/crypto/kerberosIV/appl/ftp/ftpd/auth.c deleted file mode 100644 index 862eb6dcc639..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/auth.c +++ /dev/null @@ -1,249 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: auth.c,v 1.11 1997/05/04 23:09:00 assar Exp $"); -#endif - -#include -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4 -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "extern.h" -#include "krb4.h" -#include "auth.h" - -static struct at auth_types [] = { - { "KERBEROS_V4", krb4_auth, krb4_adat, krb4_pbsz, krb4_prot, krb4_ccc, - krb4_mic, krb4_conf, krb4_enc, krb4_read, krb4_write, krb4_userok, - krb4_vprintf }, - { 0, 0, 0, 0, 0, 0, 0, 0, 0 } -}; - -struct at *ct; - -int data_protection; -int buffer_size; -unsigned char *data_buffer; -int auth_complete; - - -char *protection_names[] = { - "clear", "safe", - "confidential", "private" -}; - - -void auth_init(void) -{ -} - -char *ftp_command; -int prot_level; - -void new_ftp_command(char *command) -{ - ftp_command = command; -} - -void delete_ftp_command(void) -{ - if(ftp_command){ - free(ftp_command); - ftp_command = NULL; - } -} - -int auth_ok(void) -{ - return ct && auth_complete; -} - -void auth(char *auth) -{ - for(ct=auth_types; ct->name; ct++){ - if(!strcasecmp(auth, ct->name)){ - ct->auth(auth); - return; - } - } - reply(504, "%s is not a known security mechanism", auth); -} - -void adat(char *auth) -{ - if(ct && !auth_complete) - ct->adat(auth); - else - reply(503, "You must (re)issue an AUTH first."); -} - -void pbsz(int size) -{ - int old = buffer_size; - if(auth_ok()) - ct->pbsz(size); - else - reply(503, "Incomplete security data exchange."); - if(buffer_size != old){ - if(data_buffer) - free(data_buffer); - data_buffer = malloc(buffer_size + 4); - } -} - -void prot(char *pl) -{ - int p = -1; - - if(buffer_size == 0){ - reply(503, "No protection buffer size negotiated."); - return; - } - - if(!strcasecmp(pl, "C")) - p = prot_clear; - - if(!strcasecmp(pl, "S")) - p = prot_safe; - - if(!strcasecmp(pl, "E")) - p = prot_confidential; - - if(!strcasecmp(pl, "P")) - p = prot_private; - - if(p == -1){ - reply(504, "Unrecognized protection level."); - return; - } - - if(auth_ok()){ - if(ct->prot(p)){ - reply(536, "%s does not support %s protection.", - ct->name, protection_names[p]); - }else{ - data_protection = p; - reply(200, "Data protection is %s.", - protection_names[data_protection]); - } - }else{ - reply(503, "Incomplete security data exchange."); - } -} - -void ccc(void) -{ - if(auth_ok()){ - if(!ct->ccc()) - prot_level = prot_clear; - }else - reply(503, "Incomplete security data exchange."); -} - -void mic(char *msg) -{ - if(auth_ok()){ - if(!ct->mic(msg)) - prot_level = prot_safe; - }else - reply(503, "Incomplete security data exchange."); -} - -void conf(char *msg) -{ - if(auth_ok()){ - if(!ct->conf(msg)) - prot_level = prot_confidential; - }else - reply(503, "Incomplete security data exchange."); -} - -void enc(char *msg) -{ - if(auth_ok()){ - if(!ct->enc(msg)) - prot_level = prot_private; - }else - reply(503, "Incomplete security data exchange."); -} - -int auth_read(int fd, void *data, int length) -{ - if(auth_ok() && data_protection) - return ct->read(fd, data, length); - else - return read(fd, data, length); -} - -int auth_write(int fd, void *data, int length) -{ - if(auth_ok() && data_protection) - return ct->write(fd, data, length); - else - return write(fd, data, length); -} - -void auth_vprintf(const char *fmt, va_list ap) -{ - if(auth_ok() && prot_level){ - ct->vprintf(fmt, ap); - }else - vprintf(fmt, ap); -} - -void auth_printf(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - auth_vprintf(fmt, ap); - va_end(ap); -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/auth.h b/crypto/kerberosIV/appl/ftp/ftpd/auth.h deleted file mode 100644 index 17d9a133f719..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/auth.h +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: auth.h,v 1.9 1997/05/11 11:04:28 assar Exp $ */ - -#ifndef __AUTH_H__ -#define __AUTH_H__ - -#include - -struct at { - char *name; - int (*auth)(char*); - int (*adat)(char*); - int (*pbsz)(int); - int (*prot)(int); - int (*ccc)(void); - int (*mic)(char*); - int (*conf)(char*); - int (*enc)(char*); - int (*read)(int, void*, int); - int (*write)(int, void*, int); - int (*userok)(char*); - int (*vprintf)(const char*, va_list); -}; - -extern struct at *ct; - -enum protection_levels { - prot_clear, prot_safe, prot_confidential, prot_private -}; - -extern char *protection_names[]; - -extern char *ftp_command; -extern int prot_level; - -void delete_ftp_command(void); - -extern int data_protection; -extern int buffer_size; -extern unsigned char *data_buffer; -extern int auth_complete; - -void auth_init(void); - -int auth_ok(void); - -void auth(char*); -void adat(char*); -void pbsz(int); -void prot(char*); -void ccc(void); -void mic(char*); -void conf(char*); -void enc(char*); - -int auth_read(int, void*, int); -int auth_write(int, void*, int); - -void auth_vprintf(const char *fmt, va_list ap) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 0))) -#endif -; -void auth_printf(const char *fmt, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; - -void new_ftp_command(char *command); - -#endif /* __AUTH_H__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/extern.h b/crypto/kerberosIV/appl/ftp/ftpd/extern.h deleted file mode 100644 index 2e1e0d08c432..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/extern.h +++ /dev/null @@ -1,160 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)extern.h 8.2 (Berkeley) 4/4/94 - */ - -#ifndef _EXTERN_H_ -#define _EXTERN_H_ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -#include -#include -#include -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef HAVE_LIMITS_H -#include -#endif - -#ifndef NBBY -#define NBBY CHAR_BIT -#endif - -void abor(void); -void blkfree(char **); -char **copyblk(char **); -void cwd(char *); -void do_delete(char *); -void dologout(int); -void eprt(char *); -void epsv(char *); -void fatal(char *); -int filename_check(char *); -int ftpd_pclose(FILE *); -FILE *ftpd_popen(char *, char *, int, int); -char *ftpd_getline(char *, int); -void ftpd_logwtmp(char *, char *, char *); -void lreply(int, const char *, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 2, 3))) -#endif -; -void makedir(char *); -void nack(char *); -void nreply(const char *, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; -void pass(char *); -void pasv(void); -void perror_reply(int, const char *); -void pwd(void); -void removedir(char *); -void renamecmd(char *, char *); -char *renamefrom(char *); -void reply(int, const char *, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 2, 3))) -#endif -; -void retrieve(const char *, char *); -void send_file_list(char *); -void setproctitle(const char *, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; -void statcmd(void); -void statfilecmd(char *); -void do_store(char *, char *, int); -void upper(char *); -void user(char *); -void yyerror(char *); - -void list_file(char*); - -void kauth(char *, char*); -void klist(void); -void cond_kdestroy(void); -void kdestroy(void); -void krbtkfile(const char *tkfile); -void afslog(const char *cell); -void afsunlog(void); - -int find(char *); - -void builtin_ls(FILE*, const char*); - -int do_login(int code, char *passwd); -int klogin(char *name, char *password); - -const char *ftp_rooted(const char *path); - -extern struct sockaddr *ctrl_addr, *his_addr; -extern char hostname[]; - -extern struct sockaddr *data_dest; -extern int logged_in; -extern struct passwd *pw; -extern int guest; -extern int logging; -extern int type; -extern int oobflag; -extern off_t file_size; -extern off_t byte_count; -extern jmp_buf urgcatch; - -extern int form; -extern int debug; -extern int ftpd_timeout; -extern int maxtimeout; -extern int pdata; -extern char hostname[], remotehost[]; -extern char proctitle[]; -extern int usedefault; -extern int transflag; -extern char tmpline[]; - -#endif /* _EXTERN_H_ */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y b/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y deleted file mode 100644 index c48202967926..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y +++ /dev/null @@ -1,1457 +0,0 @@ -/* $NetBSD: ftpcmd.y,v 1.6 1995/06/03 22:46:45 mycroft Exp $ */ - -/* - * Copyright (c) 1985, 1988, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ftpcmd.y 8.3 (Berkeley) 4/6/94 - */ - -/* - * Grammar for FTP commands. - * See RFC 959. - */ - -%{ - -#include "ftpd_locl.h" -RCSID("$Id: ftpcmd.y,v 1.56.2.2 2000/06/23 02:48:19 assar Exp $"); - -off_t restart_point; - -static int cmd_type; -static int cmd_form; -static int cmd_bytesz; -char cbuf[2048]; -char *fromname; - -struct tab { - char *name; - short token; - short state; - short implemented; /* 1 if command is implemented */ - char *help; -}; - -extern struct tab cmdtab[]; -extern struct tab sitetab[]; - -static char *copy (char *); -static void help (struct tab *, char *); -static struct tab * - lookup (struct tab *, char *); -static void sizecmd (char *); -static RETSIGTYPE toolong (int); -static int yylex (void); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - -%} - -%union { - int i; - char *s; -} - -%token - A B C E F I - L N P R S T - - SP CRLF COMMA - - USER PASS ACCT REIN QUIT PORT - PASV TYPE STRU MODE RETR STOR - APPE MLFL MAIL MSND MSOM MSAM - MRSQ MRCP ALLO REST RNFR RNTO - ABOR DELE CWD LIST NLST SITE - sTAT HELP NOOP MKD RMD PWD - CDUP STOU SMNT SYST SIZE MDTM - EPRT EPSV - - UMASK IDLE CHMOD - - AUTH ADAT PROT PBSZ CCC MIC - CONF ENC - - KAUTH KLIST KDESTROY KRBTKFILE AFSLOG - LOCATE URL - - FEAT OPTS - - LEXERR - -%token STRING -%token NUMBER - -%type check_login check_login_no_guest check_secure octal_number byte_size -%type struct_code mode_code type_code form_code -%type pathstring pathname password username - -%start cmd_list - -%% - -cmd_list - : /* empty */ - | cmd_list cmd - { - fromname = (char *) 0; - restart_point = (off_t) 0; - } - | cmd_list rcmd - ; - -cmd - : USER SP username CRLF - { - user($3); - free($3); - } - | PASS SP password CRLF - { - pass($3); - memset ($3, 0, strlen($3)); - free($3); - } - | PORT SP host_port CRLF - { - usedefault = 0; - if (pdata >= 0) { - close(pdata); - pdata = -1; - } - reply(200, "PORT command successful."); - } - | EPRT SP STRING CRLF - { - eprt ($3); - free ($3); - } - | PASV CRLF - { - pasv (); - } - | EPSV CRLF - { - epsv (NULL); - } - | EPSV SP STRING CRLF - { - epsv ($3); - free ($3); - } - | TYPE SP type_code CRLF - { - switch (cmd_type) { - - case TYPE_A: - if (cmd_form == FORM_N) { - reply(200, "Type set to A."); - type = cmd_type; - form = cmd_form; - } else - reply(504, "Form must be N."); - break; - - case TYPE_E: - reply(504, "Type E not implemented."); - break; - - case TYPE_I: - reply(200, "Type set to I."); - type = cmd_type; - break; - - case TYPE_L: -#if NBBY == 8 - if (cmd_bytesz == 8) { - reply(200, - "Type set to L (byte size 8)."); - type = cmd_type; - } else - reply(504, "Byte size must be 8."); -#else /* NBBY == 8 */ - UNIMPLEMENTED for NBBY != 8 -#endif /* NBBY == 8 */ - } - } - | STRU SP struct_code CRLF - { - switch ($3) { - - case STRU_F: - reply(200, "STRU F ok."); - break; - - default: - reply(504, "Unimplemented STRU type."); - } - } - | MODE SP mode_code CRLF - { - switch ($3) { - - case MODE_S: - reply(200, "MODE S ok."); - break; - - default: - reply(502, "Unimplemented MODE type."); - } - } - | ALLO SP NUMBER CRLF - { - reply(202, "ALLO command ignored."); - } - | ALLO SP NUMBER SP R SP NUMBER CRLF - { - reply(202, "ALLO command ignored."); - } - | RETR SP pathname CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - retrieve(0, name); - if (name != NULL) - free(name); - } - | STOR SP pathname CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - do_store(name, "w", 0); - if (name != NULL) - free(name); - } - | APPE SP pathname CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - do_store(name, "a", 0); - if (name != NULL) - free(name); - } - | NLST CRLF check_login - { - if ($3) - send_file_list("."); - } - | NLST SP STRING CRLF check_login - { - char *name = $3; - - if ($5 && name != NULL) - send_file_list(name); - if (name != NULL) - free(name); - } - | LIST CRLF check_login - { - if($3) - list_file("."); - } - | LIST SP pathname CRLF check_login - { - if($5) - list_file($3); - free($3); - } - | sTAT SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - statfilecmd($3); - if ($3 != NULL) - free($3); - } - | sTAT CRLF - { - if(oobflag){ - if (file_size != (off_t) -1) - reply(213, "Status: %lu of %lu bytes transferred", - (unsigned long)byte_count, - (unsigned long)file_size); - else - reply(213, "Status: %lu bytes transferred", - (unsigned long)byte_count); - }else - statcmd(); - } - | DELE SP pathname CRLF check_login_no_guest - { - if ($5 && $3 != NULL) - do_delete($3); - if ($3 != NULL) - free($3); - } - | RNTO SP pathname CRLF check_login_no_guest - { - if($5){ - if (fromname) { - renamecmd(fromname, $3); - free(fromname); - fromname = (char *) 0; - } else { - reply(503, "Bad sequence of commands."); - } - } - if ($3 != NULL) - free($3); - } - | ABOR CRLF - { - if(oobflag){ - reply(426, "Transfer aborted. Data connection closed."); - reply(226, "Abort successful"); - oobflag = 0; - longjmp(urgcatch, 1); - }else - reply(225, "ABOR command successful."); - } - | CWD CRLF check_login - { - if ($3) - cwd(pw->pw_dir); - } - | CWD SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - cwd($3); - if ($3 != NULL) - free($3); - } - | HELP CRLF - { - help(cmdtab, (char *) 0); - } - | HELP SP STRING CRLF - { - char *cp = $3; - - if (strncasecmp(cp, "SITE", 4) == 0) { - cp = $3 + 4; - if (*cp == ' ') - cp++; - if (*cp) - help(sitetab, cp); - else - help(sitetab, (char *) 0); - } else - help(cmdtab, $3); - } - | NOOP CRLF - { - reply(200, "NOOP command successful."); - } - | MKD SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - makedir($3); - if ($3 != NULL) - free($3); - } - | RMD SP pathname CRLF check_login_no_guest - { - if ($5 && $3 != NULL) - removedir($3); - if ($3 != NULL) - free($3); - } - | PWD CRLF check_login - { - if ($3) - pwd(); - } - | CDUP CRLF check_login - { - if ($3) - cwd(".."); - } - | FEAT CRLF - { - lreply(211, "Supported features:"); - lreply(0, " MDTM"); - lreply(0, " REST STREAM"); - lreply(0, " SIZE"); - reply(211, "End"); - } - | OPTS SP STRING CRLF - { - free ($3); - reply(501, "Bad options"); - } - - | SITE SP HELP CRLF - { - help(sitetab, (char *) 0); - } - | SITE SP HELP SP STRING CRLF - { - help(sitetab, $5); - } - | SITE SP UMASK CRLF check_login - { - if ($5) { - int oldmask = umask(0); - umask(oldmask); - reply(200, "Current UMASK is %03o", oldmask); - } - } - | SITE SP UMASK SP octal_number CRLF check_login_no_guest - { - if ($7) { - if (($5 == -1) || ($5 > 0777)) { - reply(501, "Bad UMASK value"); - } else { - int oldmask = umask($5); - reply(200, - "UMASK set to %03o (was %03o)", - $5, oldmask); - } - } - } - | SITE SP CHMOD SP octal_number SP pathname CRLF check_login_no_guest - { - if ($9 && $7 != NULL) { - if ($5 > 0777) - reply(501, - "CHMOD: Mode value must be between 0 and 0777"); - else if (chmod($7, $5) < 0) - perror_reply(550, $7); - else - reply(200, "CHMOD command successful."); - } - if ($7 != NULL) - free($7); - } - | SITE SP IDLE CRLF - { - reply(200, - "Current IDLE time limit is %d seconds; max %d", - ftpd_timeout, maxtimeout); - } - | SITE SP IDLE SP NUMBER CRLF - { - if ($5 < 30 || $5 > maxtimeout) { - reply(501, - "Maximum IDLE time must be between 30 and %d seconds", - maxtimeout); - } else { - ftpd_timeout = $5; - alarm((unsigned) ftpd_timeout); - reply(200, - "Maximum IDLE time set to %d seconds", - ftpd_timeout); - } - } - - | SITE SP KAUTH SP STRING CRLF check_login - { -#ifdef KRB4 - char *p; - - if(guest) - reply(500, "Can't be done as guest."); - else{ - if($7 && $5 != NULL){ - p = strpbrk($5, " \t"); - if(p){ - *p++ = 0; - kauth($5, p + strspn(p, " \t")); - }else - kauth($5, NULL); - } - } - if($5 != NULL) - free($5); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP KLIST CRLF check_login - { -#ifdef KRB4 - if($5) - klist(); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP KDESTROY CRLF check_login - { -#ifdef KRB4 - if($5) - kdestroy(); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP KRBTKFILE SP STRING CRLF check_login - { -#ifdef KRB4 - if(guest) - reply(500, "Can't be done as guest."); - else if($7 && $5) - krbtkfile($5); - if($5) - free($5); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP AFSLOG CRLF check_login - { -#ifdef KRB4 - if(guest) - reply(500, "Can't be done as guest."); - else if($5) - afslog(NULL); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP AFSLOG SP STRING CRLF check_login - { -#ifdef KRB4 - if(guest) - reply(500, "Can't be done as guest."); - else if($7) - afslog($5); - if($5) - free($5); -#else - reply(500, "Command not implemented."); -#endif - } - | SITE SP LOCATE SP STRING CRLF check_login - { - if($7 && $5 != NULL) - find($5); - if($5 != NULL) - free($5); - } - | SITE SP URL CRLF - { - reply(200, "http://www.pdc.kth.se/kth-krb/"); - } - | STOU SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - do_store($3, "w", 1); - if ($3 != NULL) - free($3); - } - | SYST CRLF - { -#if !defined(WIN32) && !defined(__EMX__) && !defined(__OS2__) && !defined(__CYGWIN32__) - reply(215, "UNIX Type: L%d", NBBY); -#else - reply(215, "UNKNOWN Type: L%d", NBBY); -#endif - } - - /* - * SIZE is not in RFC959, but Postel has blessed it and - * it will be in the updated RFC. - * - * Return size of file in a format suitable for - * using with RESTART (we just count bytes). - */ - | SIZE SP pathname CRLF check_login - { - if ($5 && $3 != NULL) - sizecmd($3); - if ($3 != NULL) - free($3); - } - - /* - * MDTM is not in RFC959, but Postel has blessed it and - * it will be in the updated RFC. - * - * Return modification time of file as an ISO 3307 - * style time. E.g. YYYYMMDDHHMMSS or YYYYMMDDHHMMSS.xxx - * where xxx is the fractional second (of any precision, - * not necessarily 3 digits) - */ - | MDTM SP pathname CRLF check_login - { - if ($5 && $3 != NULL) { - struct stat stbuf; - if (stat($3, &stbuf) < 0) - reply(550, "%s: %s", - $3, strerror(errno)); - else if (!S_ISREG(stbuf.st_mode)) { - reply(550, - "%s: not a plain file.", $3); - } else { - struct tm *t; - time_t mtime = stbuf.st_mtime; - - t = gmtime(&mtime); - reply(213, - "%04d%02d%02d%02d%02d%02d", - t->tm_year + 1900, - t->tm_mon + 1, - t->tm_mday, - t->tm_hour, - t->tm_min, - t->tm_sec); - } - } - if ($3 != NULL) - free($3); - } - | QUIT CRLF - { - reply(221, "Goodbye."); - dologout(0); - } - | error CRLF - { - yyerrok; - } - ; -rcmd - : RNFR SP pathname CRLF check_login_no_guest - { - restart_point = (off_t) 0; - if ($5 && $3) { - fromname = renamefrom($3); - if (fromname == (char *) 0 && $3) { - free($3); - } - } - } - | REST SP byte_size CRLF - { - fromname = (char *) 0; - restart_point = $3; /* XXX $3 is only "int" */ - reply(350, "Restarting at %ld. %s", - (long)restart_point, - "Send STORE or RETRIEVE to initiate transfer."); - } - | AUTH SP STRING CRLF - { - auth($3); - free($3); - } - | ADAT SP STRING CRLF - { - adat($3); - free($3); - } - | PBSZ SP NUMBER CRLF - { - pbsz($3); - } - | PROT SP STRING CRLF - { - prot($3); - } - | CCC CRLF - { - ccc(); - } - | MIC SP STRING CRLF - { - mec($3, prot_safe); - free($3); - } - | CONF SP STRING CRLF - { - mec($3, prot_confidential); - free($3); - } - | ENC SP STRING CRLF - { - mec($3, prot_private); - free($3); - } - ; - -username - : STRING - ; - -password - : /* empty */ - { - $$ = (char *)calloc(1, sizeof(char)); - } - | STRING - ; - -byte_size - : NUMBER - ; - -host_port - : NUMBER COMMA NUMBER COMMA NUMBER COMMA NUMBER COMMA - NUMBER COMMA NUMBER - { - struct sockaddr_in *sin = (struct sockaddr_in *)data_dest; - - sin->sin_family = AF_INET; - sin->sin_port = htons($9 * 256 + $11); - sin->sin_addr.s_addr = - htonl(($1 << 24) | ($3 << 16) | ($5 << 8) | $7); - } - ; - -form_code - : N - { - $$ = FORM_N; - } - | T - { - $$ = FORM_T; - } - | C - { - $$ = FORM_C; - } - ; - -type_code - : A - { - cmd_type = TYPE_A; - cmd_form = FORM_N; - } - | A SP form_code - { - cmd_type = TYPE_A; - cmd_form = $3; - } - | E - { - cmd_type = TYPE_E; - cmd_form = FORM_N; - } - | E SP form_code - { - cmd_type = TYPE_E; - cmd_form = $3; - } - | I - { - cmd_type = TYPE_I; - } - | L - { - cmd_type = TYPE_L; - cmd_bytesz = NBBY; - } - | L SP byte_size - { - cmd_type = TYPE_L; - cmd_bytesz = $3; - } - /* this is for a bug in the BBN ftp */ - | L byte_size - { - cmd_type = TYPE_L; - cmd_bytesz = $2; - } - ; - -struct_code - : F - { - $$ = STRU_F; - } - | R - { - $$ = STRU_R; - } - | P - { - $$ = STRU_P; - } - ; - -mode_code - : S - { - $$ = MODE_S; - } - | B - { - $$ = MODE_B; - } - | C - { - $$ = MODE_C; - } - ; - -pathname - : pathstring - { - /* - * Problem: this production is used for all pathname - * processing, but only gives a 550 error reply. - * This is a valid reply in some cases but not in others. - */ - if (logged_in && $1 && *$1 == '~') { - glob_t gl; - int flags = - GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - - memset(&gl, 0, sizeof(gl)); - if (glob($1, flags, NULL, &gl) || - gl.gl_pathc == 0) { - reply(550, "not found"); - $$ = NULL; - } else { - $$ = strdup(gl.gl_pathv[0]); - } - globfree(&gl); - free($1); - } else - $$ = $1; - } - ; - -pathstring - : STRING - ; - -octal_number - : NUMBER - { - int ret, dec, multby, digit; - - /* - * Convert a number that was read as decimal number - * to what it would be if it had been read as octal. - */ - dec = $1; - multby = 1; - ret = 0; - while (dec) { - digit = dec%10; - if (digit > 7) { - ret = -1; - break; - } - ret += digit * multby; - multby *= 8; - dec /= 10; - } - $$ = ret; - } - ; - - -check_login_no_guest : check_login - { - $$ = $1 && !guest; - if($1 && !$$) - reply(550, "Permission denied"); - } - ; - -check_login : check_secure - { - if($1) { - if(($$ = logged_in) == 0) - reply(530, "Please login with USER and PASS."); - } else - $$ = 0; - } - ; - -check_secure : /* empty */ - { - $$ = 1; - if(sec_complete && !secure_command()) { - $$ = 0; - reply(533, "Command protection level denied " - "for paranoid reasons."); - } - } - ; - -%% - -extern jmp_buf errcatch; - -#define CMD 0 /* beginning of command */ -#define ARGS 1 /* expect miscellaneous arguments */ -#define STR1 2 /* expect SP followed by STRING */ -#define STR2 3 /* expect STRING */ -#define OSTR 4 /* optional SP then STRING */ -#define ZSTR1 5 /* SP then optional STRING */ -#define ZSTR2 6 /* optional STRING after SP */ -#define SITECMD 7 /* SITE command */ -#define NSTR 8 /* Number followed by a string */ - -struct tab cmdtab[] = { /* In order defined in RFC 765 */ - { "USER", USER, STR1, 1, " username" }, - { "PASS", PASS, ZSTR1, 1, " password" }, - { "ACCT", ACCT, STR1, 0, "(specify account)" }, - { "SMNT", SMNT, ARGS, 0, "(structure mount)" }, - { "REIN", REIN, ARGS, 0, "(reinitialize server state)" }, - { "QUIT", QUIT, ARGS, 1, "(terminate service)", }, - { "PORT", PORT, ARGS, 1, " b0, b1, b2, b3, b4" }, - { "EPRT", EPRT, STR1, 1, " string" }, - { "PASV", PASV, ARGS, 1, "(set server in passive mode)" }, - { "EPSV", EPSV, OSTR, 1, "[ foo]" }, - { "TYPE", TYPE, ARGS, 1, " [ A | E | I | L ]" }, - { "STRU", STRU, ARGS, 1, "(specify file structure)" }, - { "MODE", MODE, ARGS, 1, "(specify transfer mode)" }, - { "RETR", RETR, STR1, 1, " file-name" }, - { "STOR", STOR, STR1, 1, " file-name" }, - { "APPE", APPE, STR1, 1, " file-name" }, - { "MLFL", MLFL, OSTR, 0, "(mail file)" }, - { "MAIL", MAIL, OSTR, 0, "(mail to user)" }, - { "MSND", MSND, OSTR, 0, "(mail send to terminal)" }, - { "MSOM", MSOM, OSTR, 0, "(mail send to terminal or mailbox)" }, - { "MSAM", MSAM, OSTR, 0, "(mail send to terminal and mailbox)" }, - { "MRSQ", MRSQ, OSTR, 0, "(mail recipient scheme question)" }, - { "MRCP", MRCP, STR1, 0, "(mail recipient)" }, - { "ALLO", ALLO, ARGS, 1, "allocate storage (vacuously)" }, - { "REST", REST, ARGS, 1, " offset (restart command)" }, - { "RNFR", RNFR, STR1, 1, " file-name" }, - { "RNTO", RNTO, STR1, 1, " file-name" }, - { "ABOR", ABOR, ARGS, 1, "(abort operation)" }, - { "DELE", DELE, STR1, 1, " file-name" }, - { "CWD", CWD, OSTR, 1, "[ directory-name ]" }, - { "XCWD", CWD, OSTR, 1, "[ directory-name ]" }, - { "LIST", LIST, OSTR, 1, "[ path-name ]" }, - { "NLST", NLST, OSTR, 1, "[ path-name ]" }, - { "SITE", SITE, SITECMD, 1, "site-cmd [ arguments ]" }, - { "SYST", SYST, ARGS, 1, "(get type of operating system)" }, - { "STAT", sTAT, OSTR, 1, "[ path-name ]" }, - { "HELP", HELP, OSTR, 1, "[ ]" }, - { "NOOP", NOOP, ARGS, 1, "" }, - { "MKD", MKD, STR1, 1, " path-name" }, - { "XMKD", MKD, STR1, 1, " path-name" }, - { "RMD", RMD, STR1, 1, " path-name" }, - { "XRMD", RMD, STR1, 1, " path-name" }, - { "PWD", PWD, ARGS, 1, "(return current directory)" }, - { "XPWD", PWD, ARGS, 1, "(return current directory)" }, - { "CDUP", CDUP, ARGS, 1, "(change to parent directory)" }, - { "XCUP", CDUP, ARGS, 1, "(change to parent directory)" }, - { "STOU", STOU, STR1, 1, " file-name" }, - { "SIZE", SIZE, OSTR, 1, " path-name" }, - { "MDTM", MDTM, OSTR, 1, " path-name" }, - - /* extensions from RFC2228 */ - { "AUTH", AUTH, STR1, 1, " auth-type" }, - { "ADAT", ADAT, STR1, 1, " auth-data" }, - { "PBSZ", PBSZ, ARGS, 1, " buffer-size" }, - { "PROT", PROT, STR1, 1, " prot-level" }, - { "CCC", CCC, ARGS, 1, "" }, - { "MIC", MIC, STR1, 1, " integrity command" }, - { "CONF", CONF, STR1, 1, " confidentiality command" }, - { "ENC", ENC, STR1, 1, " privacy command" }, - - /* RFC2389 */ - { "FEAT", FEAT, ARGS, 1, "" }, - { "OPTS", OPTS, ARGS, 1, " command [ options]" }, - - { NULL, 0, 0, 0, 0 } -}; - -struct tab sitetab[] = { - { "UMASK", UMASK, ARGS, 1, "[ umask ]" }, - { "IDLE", IDLE, ARGS, 1, "[ maximum-idle-time ]" }, - { "CHMOD", CHMOD, NSTR, 1, " mode file-name" }, - { "HELP", HELP, OSTR, 1, "[ ]" }, - - { "KAUTH", KAUTH, STR1, 1, " principal [ ticket ]" }, - { "KLIST", KLIST, ARGS, 1, "(show ticket file)" }, - { "KDESTROY", KDESTROY, ARGS, 1, "(destroy tickets)" }, - { "KRBTKFILE", KRBTKFILE, STR1, 1, " ticket-file" }, - { "AFSLOG", AFSLOG, OSTR, 1, "[ cell]" }, - - { "LOCATE", LOCATE, STR1, 1, " globexpr" }, - { "FIND", LOCATE, STR1, 1, " globexpr" }, - - { "URL", URL, ARGS, 1, "?" }, - - { NULL, 0, 0, 0, 0 } -}; - -static struct tab * -lookup(struct tab *p, char *cmd) -{ - - for (; p->name != NULL; p++) - if (strcmp(cmd, p->name) == 0) - return (p); - return (0); -} - -/* - * ftpd_getline - a hacked up version of fgets to ignore TELNET escape codes. - */ -char * -ftpd_getline(char *s, int n) -{ - int c; - char *cs; - - cs = s; -/* tmpline may contain saved command from urgent mode interruption */ - if(ftp_command){ - strlcpy(s, ftp_command, n); - if (debug) - syslog(LOG_DEBUG, "command: %s", s); -#ifdef XXX - fprintf(stderr, "%s\n", s); -#endif - return s; - } - while ((c = getc(stdin)) != EOF) { - c &= 0377; - if (c == IAC) { - if ((c = getc(stdin)) != EOF) { - c &= 0377; - switch (c) { - case WILL: - case WONT: - c = getc(stdin); - printf("%c%c%c", IAC, DONT, 0377&c); - fflush(stdout); - continue; - case DO: - case DONT: - c = getc(stdin); - printf("%c%c%c", IAC, WONT, 0377&c); - fflush(stdout); - continue; - case IAC: - break; - default: - continue; /* ignore command */ - } - } - } - *cs++ = c; - if (--n <= 0 || c == '\n') - break; - } - if (c == EOF && cs == s) - return (NULL); - *cs++ = '\0'; - if (debug) { - if (!guest && strncasecmp("pass ", s, 5) == 0) { - /* Don't syslog passwords */ - syslog(LOG_DEBUG, "command: %.5s ???", s); - } else { - char *cp; - int len; - - /* Don't syslog trailing CR-LF */ - len = strlen(s); - cp = s + len - 1; - while (cp >= s && (*cp == '\n' || *cp == '\r')) { - --cp; - --len; - } - syslog(LOG_DEBUG, "command: %.*s", len, s); - } - } -#ifdef XXX - fprintf(stderr, "%s\n", s); -#endif - return (s); -} - -static RETSIGTYPE -toolong(int signo) -{ - - reply(421, - "Timeout (%d seconds): closing control connection.", - ftpd_timeout); - if (logging) - syslog(LOG_INFO, "User %s timed out after %d seconds", - (pw ? pw -> pw_name : "unknown"), ftpd_timeout); - dologout(1); - SIGRETURN(0); -} - -static int -yylex(void) -{ - static int cpos, state; - char *cp, *cp2; - struct tab *p; - int n; - char c; - - for (;;) { - switch (state) { - - case CMD: - signal(SIGALRM, toolong); - alarm((unsigned) ftpd_timeout); - if (ftpd_getline(cbuf, sizeof(cbuf)-1) == NULL) { - reply(221, "You could at least say goodbye."); - dologout(0); - } - alarm(0); -#ifdef HAVE_SETPROCTITLE - if (strncasecmp(cbuf, "PASS", 4) != NULL) - setproctitle("%s: %s", proctitle, cbuf); -#endif /* HAVE_SETPROCTITLE */ - if ((cp = strchr(cbuf, '\r'))) { - *cp++ = '\n'; - *cp = '\0'; - } - if ((cp = strpbrk(cbuf, " \n"))) - cpos = cp - cbuf; - if (cpos == 0) - cpos = 4; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - strupr(cbuf); - p = lookup(cmdtab, cbuf); - cbuf[cpos] = c; - if (p != 0) { - if (p->implemented == 0) { - nack(p->name); - longjmp(errcatch,0); - /* NOTREACHED */ - } - state = p->state; - yylval.s = p->name; - return (p->token); - } - break; - - case SITECMD: - if (cbuf[cpos] == ' ') { - cpos++; - return (SP); - } - cp = &cbuf[cpos]; - if ((cp2 = strpbrk(cp, " \n"))) - cpos = cp2 - cbuf; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - strupr(cp); - p = lookup(sitetab, cp); - cbuf[cpos] = c; - if (p != 0) { - if (p->implemented == 0) { - state = CMD; - nack(p->name); - longjmp(errcatch,0); - /* NOTREACHED */ - } - state = p->state; - yylval.s = p->name; - return (p->token); - } - state = CMD; - break; - - case OSTR: - if (cbuf[cpos] == '\n') { - state = CMD; - return (CRLF); - } - /* FALLTHROUGH */ - - case STR1: - case ZSTR1: - dostr1: - if (cbuf[cpos] == ' ') { - cpos++; - if(state == OSTR) - state = STR2; - else - state++; - return (SP); - } - break; - - case ZSTR2: - if (cbuf[cpos] == '\n') { - state = CMD; - return (CRLF); - } - /* FALLTHROUGH */ - - case STR2: - cp = &cbuf[cpos]; - n = strlen(cp); - cpos += n - 1; - /* - * Make sure the string is nonempty and \n terminated. - */ - if (n > 1 && cbuf[cpos] == '\n') { - cbuf[cpos] = '\0'; - yylval.s = copy(cp); - cbuf[cpos] = '\n'; - state = ARGS; - return (STRING); - } - break; - - case NSTR: - if (cbuf[cpos] == ' ') { - cpos++; - return (SP); - } - if (isdigit(cbuf[cpos])) { - cp = &cbuf[cpos]; - while (isdigit(cbuf[++cpos])) - ; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - yylval.i = atoi(cp); - cbuf[cpos] = c; - state = STR1; - return (NUMBER); - } - state = STR1; - goto dostr1; - - case ARGS: - if (isdigit(cbuf[cpos])) { - cp = &cbuf[cpos]; - while (isdigit(cbuf[++cpos])) - ; - c = cbuf[cpos]; - cbuf[cpos] = '\0'; - yylval.i = atoi(cp); - cbuf[cpos] = c; - return (NUMBER); - } - switch (cbuf[cpos++]) { - - case '\n': - state = CMD; - return (CRLF); - - case ' ': - return (SP); - - case ',': - return (COMMA); - - case 'A': - case 'a': - return (A); - - case 'B': - case 'b': - return (B); - - case 'C': - case 'c': - return (C); - - case 'E': - case 'e': - return (E); - - case 'F': - case 'f': - return (F); - - case 'I': - case 'i': - return (I); - - case 'L': - case 'l': - return (L); - - case 'N': - case 'n': - return (N); - - case 'P': - case 'p': - return (P); - - case 'R': - case 'r': - return (R); - - case 'S': - case 's': - return (S); - - case 'T': - case 't': - return (T); - - } - break; - - default: - fatal("Unknown state in scanner."); - } - yyerror((char *) 0); - state = CMD; - longjmp(errcatch,0); - } -} - -static char * -copy(char *s) -{ - char *p; - - p = strdup(s); - if (p == NULL) - fatal("Ran out of memory."); - return p; -} - -static void -help(struct tab *ctab, char *s) -{ - struct tab *c; - int width, NCMDS; - char *type; - char buf[1024]; - - if (ctab == sitetab) - type = "SITE "; - else - type = ""; - width = 0, NCMDS = 0; - for (c = ctab; c->name != NULL; c++) { - int len = strlen(c->name); - - if (len > width) - width = len; - NCMDS++; - } - width = (width + 8) &~ 7; - if (s == 0) { - int i, j, w; - int columns, lines; - - lreply(214, "The following %scommands are recognized %s.", - type, "(* =>'s unimplemented)"); - columns = 76 / width; - if (columns == 0) - columns = 1; - lines = (NCMDS + columns - 1) / columns; - for (i = 0; i < lines; i++) { - strlcpy (buf, " ", sizeof(buf)); - for (j = 0; j < columns; j++) { - c = ctab + j * lines + i; - snprintf (buf + strlen(buf), - sizeof(buf) - strlen(buf), - "%s%c", - c->name, - c->implemented ? ' ' : '*'); - if (c + lines >= &ctab[NCMDS]) - break; - w = strlen(c->name) + 1; - while (w < width) { - strlcat (buf, - " ", - sizeof(buf)); - w++; - } - } - lreply(214, "%s", buf); - } - reply(214, "Direct comments to kth-krb-bugs@pdc.kth.se"); - return; - } - strupr(s); - c = lookup(ctab, s); - if (c == (struct tab *)0) { - reply(502, "Unknown command %s.", s); - return; - } - if (c->implemented) - reply(214, "Syntax: %s%s %s", type, c->name, c->help); - else - reply(214, "%s%-*s\t%s; unimplemented.", type, width, - c->name, c->help); -} - -static void -sizecmd(char *filename) -{ - switch (type) { - case TYPE_L: - case TYPE_I: { - struct stat stbuf; - if (stat(filename, &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) - reply(550, "%s: not a plain file.", filename); - else - reply(213, "%lu", (unsigned long)stbuf.st_size); - break; - } - case TYPE_A: { - FILE *fin; - int c; - size_t count; - struct stat stbuf; - fin = fopen(filename, "r"); - if (fin == NULL) { - perror_reply(550, filename); - return; - } - if (fstat(fileno(fin), &stbuf) < 0 || !S_ISREG(stbuf.st_mode)) { - reply(550, "%s: not a plain file.", filename); - fclose(fin); - return; - } - - count = 0; - while((c=getc(fin)) != EOF) { - if (c == '\n') /* will get expanded to \r\n */ - count++; - count++; - } - fclose(fin); - - reply(213, "%lu", (unsigned long)count); - break; - } - default: - reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]); - } -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c deleted file mode 100644 index 6d8a392ab7f6..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c +++ /dev/null @@ -1,2250 +0,0 @@ -/* - * Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#define FTP_NAMES -#include "ftpd_locl.h" -#ifdef KRB5 -#include -#endif -#include "getarg.h" - -RCSID("$Id: ftpd.c,v 1.131.2.4 2000/09/26 09:30:26 assar Exp $"); - -static char version[] = "Version 6.00"; - -extern off_t restart_point; -extern char cbuf[]; - -struct sockaddr_storage ctrl_addr_ss; -struct sockaddr *ctrl_addr = (struct sockaddr *)&ctrl_addr_ss; - -struct sockaddr_storage data_source_ss; -struct sockaddr *data_source = (struct sockaddr *)&data_source_ss; - -struct sockaddr_storage data_dest_ss; -struct sockaddr *data_dest = (struct sockaddr *)&data_dest_ss; - -struct sockaddr_storage his_addr_ss; -struct sockaddr *his_addr = (struct sockaddr *)&his_addr_ss; - -struct sockaddr_storage pasv_addr_ss; -struct sockaddr *pasv_addr = (struct sockaddr *)&pasv_addr_ss; - -int data; -jmp_buf errcatch, urgcatch; -int oobflag; -int logged_in; -struct passwd *pw; -int debug = 0; -int ftpd_timeout = 900; /* timeout after 15 minutes of inactivity */ -int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */ -int logging; -int guest; -int dochroot; -int type; -int form; -int stru; /* avoid C keyword */ -int mode; -int usedefault = 1; /* for data transfers */ -int pdata = -1; /* for passive mode */ -int transflag; -off_t file_size; -off_t byte_count; -#if !defined(CMASK) || CMASK == 0 -#undef CMASK -#define CMASK 027 -#endif -int defumask = CMASK; /* default umask value */ -int guest_umask = 0777; /* Paranoia for anonymous users */ -char tmpline[10240]; -char hostname[MaxHostNameLen]; -char remotehost[MaxHostNameLen]; -static char ttyline[20]; - -#define AUTH_PLAIN (1 << 0) /* allow sending passwords */ -#define AUTH_OTP (1 << 1) /* passwords are one-time */ -#define AUTH_FTP (1 << 2) /* allow anonymous login */ - -static int auth_level = 0; /* Only allow kerberos login by default */ - -/* - * Timeout intervals for retrying connections - * to hosts that don't accept PORT cmds. This - * is a kludge, but given the problems with TCP... - */ -#define SWAITMAX 90 /* wait at most 90 seconds */ -#define SWAITINT 5 /* interval between retries */ - -int swaitmax = SWAITMAX; -int swaitint = SWAITINT; - -#ifdef HAVE_SETPROCTITLE -char proctitle[BUFSIZ]; /* initial part of title */ -#endif /* HAVE_SETPROCTITLE */ - -#define LOGCMD(cmd, file) \ - if (logging > 1) \ - syslog(LOG_INFO,"%s %s%s", cmd, \ - *(file) == '/' ? "" : curdir(), file); -#define LOGCMD2(cmd, file1, file2) \ - if (logging > 1) \ - syslog(LOG_INFO,"%s %s%s %s%s", cmd, \ - *(file1) == '/' ? "" : curdir(), file1, \ - *(file2) == '/' ? "" : curdir(), file2); -#define LOGBYTES(cmd, file, cnt) \ - if (logging > 1) { \ - if (cnt == (off_t)-1) \ - syslog(LOG_INFO,"%s %s%s", cmd, \ - *(file) == '/' ? "" : curdir(), file); \ - else \ - syslog(LOG_INFO, "%s %s%s = %ld bytes", \ - cmd, (*(file) == '/') ? "" : curdir(), file, (long)cnt); \ - } - -static void ack (char *); -static void myoob (int); -static int checkuser (char *, char *); -static int checkaccess (char *); -static FILE *dataconn (const char *, off_t, const char *); -static void dolog (struct sockaddr *); -static void end_login (void); -static FILE *getdatasock (const char *); -static char *gunique (char *); -static RETSIGTYPE lostconn (int); -static int receive_data (FILE *, FILE *); -static void send_data (FILE *, FILE *); -static struct passwd * sgetpwnam (char *); - -static char * -curdir(void) -{ - static char path[MaxPathLen+1]; /* path + '/' + '\0' */ - - if (getcwd(path, sizeof(path)-1) == NULL) - return (""); - if (path[1] != '\0') /* special case for root dir. */ - strlcat(path, "/", sizeof(path)); - /* For guest account, skip / since it's chrooted */ - return (guest ? path+1 : path); -} - -#ifndef LINE_MAX -#define LINE_MAX 1024 -#endif - -static int -parse_auth_level(char *str) -{ - char *p; - int ret = 0; - char *foo = NULL; - - for(p = strtok_r(str, ",", &foo); - p; - p = strtok_r(NULL, ",", &foo)) { - if(strcmp(p, "user") == 0) - ; -#ifdef OTP - else if(strcmp(p, "otp") == 0) - ret |= AUTH_PLAIN|AUTH_OTP; -#endif - else if(strcmp(p, "ftp") == 0 || - strcmp(p, "safe") == 0) - ret |= AUTH_FTP; - else if(strcmp(p, "plain") == 0) - ret |= AUTH_PLAIN; - else if(strcmp(p, "none") == 0) - ret |= AUTH_PLAIN|AUTH_FTP; - else - warnx("bad value for -a: `%s'", p); - } - return ret; -} - -/* - * Print usage and die. - */ - -static int interactive_flag; -static char *guest_umask_string; -static char *port_string; -static char *umask_string; -static char *auth_string; - -int use_builtin_ls = -1; - -static int help_flag; -static int version_flag; - -struct getargs args[] = { - { NULL, 'a', arg_string, &auth_string, "required authentication" }, - { NULL, 'i', arg_flag, &interactive_flag, "don't assume stdin is a socket" }, - { NULL, 'p', arg_string, &port_string, "what port to listen to" }, - { NULL, 'g', arg_string, &guest_umask_string, "umask for guest logins" }, - { NULL, 'l', arg_counter, &logging, "log more stuff", "" }, - { NULL, 't', arg_integer, &ftpd_timeout, "initial timeout" }, - { NULL, 'T', arg_integer, &maxtimeout, "max timeout" }, - { NULL, 'u', arg_string, &umask_string, "umask for user logins" }, - { NULL, 'd', arg_flag, &debug, "enable debugging" }, - { NULL, 'v', arg_flag, &debug, "enable debugging" }, - { "builtin-ls", 'B', arg_flag, &use_builtin_ls, "use built-in ls to list files" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage (int code) -{ - arg_printusage(args, num_args, NULL, ""); - exit (code); -} - -/* output contents of a file */ -static int -show_file(const char *file, int code) -{ - FILE *f; - char buf[128]; - - f = fopen(file, "r"); - if(f == NULL) - return -1; - while(fgets(buf, sizeof(buf), f)){ - buf[strcspn(buf, "\r\n")] = '\0'; - lreply(code, "%s", buf); - } - fclose(f); - return 0; -} - -int -main(int argc, char **argv) -{ - int addrlen, on = 1, tos; - char *cp, line[LINE_MAX]; - FILE *fd; - int port; - struct servent *sp; - - int optind = 0; - -#ifdef KRB4 - /* detach from any tickets and tokens */ - { - char tkfile[1024]; - snprintf(tkfile, sizeof(tkfile), - "/tmp/ftp_%u", (unsigned)getpid()); - krb_set_tkt_string(tkfile); - if(k_hasafs()) - k_setpag(); - } -#endif - if(getarg(args, num_args, argc, argv, &optind)) - usage(1); - - if(help_flag) - usage(0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(auth_string) - auth_level = parse_auth_level(auth_string); - { - char *p; - long val = 0; - - if(guest_umask_string) { - val = strtol(guest_umask_string, &p, 8); - if (*p != '\0' || val < 0) - warnx("bad value for -g"); - else - guest_umask = val; - } - if(umask_string) { - val = strtol(umask_string, &p, 8); - if (*p != '\0' || val < 0) - warnx("bad value for -u"); - else - defumask = val; - } - } - if(port_string) { - sp = getservbyname(port_string, "tcp"); - if(sp) - port = sp->s_port; - else - if(isdigit(port_string[0])) - port = htons(atoi(port_string)); - else - warnx("bad value for -p"); - } else { - sp = getservbyname("ftp", "tcp"); - if(sp) - port = sp->s_port; - else - port = htons(21); - } - - if (maxtimeout < ftpd_timeout) - maxtimeout = ftpd_timeout; - -#if 0 - if (ftpd_timeout > maxtimeout) - ftpd_timeout = maxtimeout; -#endif - - - if(interactive_flag) - mini_inetd (port); - - /* - * LOG_NDELAY sets up the logging connection immediately, - * necessary for anonymous ftp's that chroot and can't do it later. - */ - openlog("ftpd", LOG_PID | LOG_NDELAY, LOG_FTP); - addrlen = sizeof(his_addr_ss); - if (getpeername(STDIN_FILENO, his_addr, &addrlen) < 0) { - syslog(LOG_ERR, "getpeername (%s): %m",argv[0]); - exit(1); - } - addrlen = sizeof(ctrl_addr_ss); - if (getsockname(STDIN_FILENO, ctrl_addr, &addrlen) < 0) { - syslog(LOG_ERR, "getsockname (%s): %m",argv[0]); - exit(1); - } -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - tos = IPTOS_LOWDELAY; - if (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(int)) < 0) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); -#endif - data_source->sa_family = ctrl_addr->sa_family; - socket_set_port (data_source, - htons(ntohs(socket_get_port(ctrl_addr)) - 1)); - - /* set this here so it can be put in wtmp */ - snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid()); - - - /* freopen(_PATH_DEVNULL, "w", stderr); */ - signal(SIGPIPE, lostconn); - signal(SIGCHLD, SIG_IGN); -#ifdef SIGURG - if (signal(SIGURG, myoob) == SIG_ERR) - syslog(LOG_ERR, "signal: %m"); -#endif - - /* Try to handle urgent data inline */ -#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT) - if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on, - sizeof(on)) < 0) - syslog(LOG_ERR, "setsockopt: %m"); -#endif - -#ifdef F_SETOWN - if (fcntl(fileno(stdin), F_SETOWN, getpid()) == -1) - syslog(LOG_ERR, "fcntl F_SETOWN: %m"); -#endif - dolog(his_addr); - /* - * Set up default state - */ - data = -1; - type = TYPE_A; - form = FORM_N; - stru = STRU_F; - mode = MODE_S; - tmpline[0] = '\0'; - - /* If logins are disabled, print out the message. */ - if(show_file(_PATH_NOLOGIN, 530) == 0) { - reply(530, "System not available."); - exit(0); - } - show_file(_PATH_FTPWELCOME, 220); - /* reply(220,) must follow */ - gethostname(hostname, sizeof(hostname)); - - reply(220, "%s FTP server (%s" -#ifdef KRB5 - "+%s" -#endif -#ifdef KRB4 - "+%s" -#endif - ") ready.", hostname, version -#ifdef KRB5 - ,heimdal_version -#endif -#ifdef KRB4 - ,krb4_version -#endif - ); - - setjmp(errcatch); - for (;;) - yyparse(); - /* NOTREACHED */ -} - -static RETSIGTYPE -lostconn(int signo) -{ - - if (debug) - syslog(LOG_DEBUG, "lost connection"); - dologout(-1); -} - -/* - * Helper function for sgetpwnam(). - */ -static char * -sgetsave(char *s) -{ - char *new = strdup(s); - - if (new == NULL) { - perror_reply(421, "Local resource failure: malloc"); - dologout(1); - /* NOTREACHED */ - } - return new; -} - -/* - * Save the result of a getpwnam. Used for USER command, since - * the data returned must not be clobbered by any other command - * (e.g., globbing). - */ -static struct passwd * -sgetpwnam(char *name) -{ - static struct passwd save; - struct passwd *p; - - if ((p = k_getpwnam(name)) == NULL) - return (p); - if (save.pw_name) { - free(save.pw_name); - free(save.pw_passwd); - free(save.pw_gecos); - free(save.pw_dir); - free(save.pw_shell); - } - save = *p; - save.pw_name = sgetsave(p->pw_name); - save.pw_passwd = sgetsave(p->pw_passwd); - save.pw_gecos = sgetsave(p->pw_gecos); - save.pw_dir = sgetsave(p->pw_dir); - save.pw_shell = sgetsave(p->pw_shell); - return (&save); -} - -static int login_attempts; /* number of failed login attempts */ -static int askpasswd; /* had user command, ask for passwd */ -static char curname[10]; /* current USER name */ -#ifdef OTP -OtpContext otp_ctx; -#endif - -/* - * USER command. - * Sets global passwd pointer pw if named account exists and is acceptable; - * sets askpasswd if a PASS command is expected. If logged in previously, - * need to reset state. If name is "ftp" or "anonymous", the name is not in - * _PATH_FTPUSERS, and ftp account exists, set guest and pw, then just return. - * If account doesn't exist, ask for passwd anyway. Otherwise, check user - * requesting login privileges. Disallow anyone who does not have a standard - * shell as returned by getusershell(). Disallow anyone mentioned in the file - * _PATH_FTPUSERS to allow people such as root and uucp to be avoided. - */ -void -user(char *name) -{ - char *cp, *shell; - - if(auth_level == 0 && !sec_complete){ - reply(530, "No login allowed without authorization."); - return; - } - - if (logged_in) { - if (guest) { - reply(530, "Can't change user from guest login."); - return; - } else if (dochroot) { - reply(530, "Can't change user from chroot user."); - return; - } - end_login(); - } - - guest = 0; - if (strcmp(name, "ftp") == 0 || strcmp(name, "anonymous") == 0) { - if ((auth_level & AUTH_FTP) == 0 || - checkaccess("ftp") || - checkaccess("anonymous")) - reply(530, "User %s access denied.", name); - else if ((pw = sgetpwnam("ftp")) != NULL) { - guest = 1; - defumask = guest_umask; /* paranoia for incoming */ - askpasswd = 1; - reply(331, "Guest login ok, type your name as password."); - } else - reply(530, "User %s unknown.", name); - if (!askpasswd && logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - syslog(LOG_NOTICE, - "ANONYMOUS FTP LOGIN REFUSED FROM %s(%s)", - remotehost, data_addr); - } - return; - } - if((auth_level & AUTH_PLAIN) == 0 && !sec_complete){ - reply(530, "Only authorized and anonymous login allowed."); - return; - } - if ((pw = sgetpwnam(name))) { - if ((shell = pw->pw_shell) == NULL || *shell == 0) - shell = _PATH_BSHELL; - while ((cp = getusershell()) != NULL) - if (strcmp(cp, shell) == 0) - break; - endusershell(); - - if (cp == NULL || checkaccess(name)) { - reply(530, "User %s access denied.", name); - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, - sizeof(data_addr)) == NULL) - strlcpy (data_addr, - "unknown address", - sizeof(data_addr)); - - syslog(LOG_NOTICE, - "FTP LOGIN REFUSED FROM %s(%s), %s", - remotehost, - data_addr, - name); - } - pw = (struct passwd *) NULL; - return; - } - } - if (logging) - strlcpy(curname, name, sizeof(curname)); - if(sec_complete) { - if(sec_userok(name) == 0) - do_login(232, name); - else - reply(530, "User %s access denied.", name); - } else { - char ss[256]; - -#ifdef OTP - if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) { - reply(331, "Password %s for %s required.", - ss, name); - askpasswd = 1; - } else -#endif - if ((auth_level & AUTH_OTP) == 0) { - reply(331, "Password required for %s.", name); - askpasswd = 1; - } else { - char *s; - -#ifdef OTP - if ((s = otp_error (&otp_ctx)) != NULL) - lreply(530, "OTP: %s", s); -#endif - reply(530, - "Only authorized, anonymous" -#ifdef OTP - " and OTP " -#endif - "login allowed."); - } - - } - /* - * Delay before reading passwd after first failed - * attempt to slow down passwd-guessing programs. - */ - if (login_attempts) - sleep(login_attempts); -} - -/* - * Check if a user is in the file "fname" - */ -static int -checkuser(char *fname, char *name) -{ - FILE *fd; - int found = 0; - char *p, line[BUFSIZ]; - - if ((fd = fopen(fname, "r")) != NULL) { - while (fgets(line, sizeof(line), fd) != NULL) - if ((p = strchr(line, '\n')) != NULL) { - *p = '\0'; - if (line[0] == '#') - continue; - if (strcmp(line, name) == 0) { - found = 1; - break; - } - } - fclose(fd); - } - return (found); -} - - -/* - * Determine whether a user has access, based on information in - * _PATH_FTPUSERS. The users are listed one per line, with `allow' - * or `deny' after the username. If anything other than `allow', or - * just nothing, is given after the username, `deny' is assumed. - * - * If the user is not found in the file, but the pseudo-user `*' is, - * the permission is taken from that line. - * - * This preserves the old semantics where if a user was listed in the - * file he was denied, otherwise he was allowed. - * - * Return 1 if the user is denied, or 0 if he is allowed. */ - -static int -match(const char *pattern, const char *string) -{ - return fnmatch(pattern, string, FNM_NOESCAPE); -} - -static int -checkaccess(char *name) -{ -#define ALLOWED 0 -#define NOT_ALLOWED 1 - FILE *fd; - int allowed = ALLOWED; - char *user, *perm, line[BUFSIZ]; - char *foo; - - fd = fopen(_PATH_FTPUSERS, "r"); - - if(fd == NULL) - return allowed; - - while (fgets(line, sizeof(line), fd) != NULL) { - foo = NULL; - user = strtok_r(line, " \t\n", &foo); - if (user == NULL || user[0] == '#') - continue; - perm = strtok_r(NULL, " \t\n", &foo); - if (match(user, name) == 0){ - if(perm && strcmp(perm, "allow") == 0) - allowed = ALLOWED; - else - allowed = NOT_ALLOWED; - break; - } - } - fclose(fd); - return allowed; -} -#undef ALLOWED -#undef NOT_ALLOWED - - -int do_login(int code, char *passwd) -{ - FILE *fd; - login_attempts = 0; /* this time successful */ - if (setegid((gid_t)pw->pw_gid) < 0) { - reply(550, "Can't set gid."); - return -1; - } - initgroups(pw->pw_name, pw->pw_gid); - - /* open wtmp before chroot */ - ftpd_logwtmp(ttyline, pw->pw_name, remotehost); - logged_in = 1; - - dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name); - if (guest) { - /* - * We MUST do a chdir() after the chroot. Otherwise - * the old current directory will be accessible as "." - * outside the new root! - */ - if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) { - reply(550, "Can't set guest privileges."); - return -1; - } - } else if (dochroot) { - if (chroot(pw->pw_dir) < 0 || chdir("/") < 0) { - reply(550, "Can't change root."); - return -1; - } - } else if (chdir(pw->pw_dir) < 0) { - if (chdir("/") < 0) { - reply(530, "User %s: can't change directory to %s.", - pw->pw_name, pw->pw_dir); - return -1; - } else - lreply(code, "No directory! Logging in with home=/"); - } - if (seteuid((uid_t)pw->pw_uid) < 0) { - reply(550, "Can't set uid."); - return -1; - } - - if(use_builtin_ls == -1) { - struct stat st; - /* if /bin/ls exist and is a regular file, use it, otherwise - use built-in ls */ - if(stat("/bin/ls", &st) == 0 && - S_ISREG(st.st_mode)) - use_builtin_ls = 0; - else - use_builtin_ls = 1; - } - - /* - * Display a login message, if it exists. - * N.B. reply(code,) must follow the message. - */ - show_file(_PATH_FTPLOGINMESG, code); - if(show_file(_PATH_ISSUE_NET, code) != 0) - show_file(_PATH_ISSUE, code); - if (guest) { - reply(code, "Guest login ok, access restrictions apply."); -#ifdef HAVE_SETPROCTITLE - snprintf (proctitle, sizeof(proctitle), - "%s: anonymous/%s", - remotehost, - passwd); - setproctitle("%s", proctitle); -#endif /* HAVE_SETPROCTITLE */ - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - syslog(LOG_INFO, "ANONYMOUS FTP LOGIN FROM %s(%s), %s", - remotehost, - data_addr, - passwd); - } - } else { - reply(code, "User %s logged in.", pw->pw_name); -#ifdef HAVE_SETPROCTITLE - snprintf(proctitle, sizeof(proctitle), "%s: %s", remotehost, pw->pw_name); - setproctitle("%s", proctitle); -#endif /* HAVE_SETPROCTITLE */ - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - syslog(LOG_INFO, "FTP LOGIN FROM %s(%s) as %s", - remotehost, - data_addr, - pw->pw_name); - } - } - umask(defumask); - return 0; -} - -/* - * Terminate login as previous user, if any, resetting state; - * used when USER command is given or login fails. - */ -static void -end_login(void) -{ - - seteuid((uid_t)0); - if (logged_in) - ftpd_logwtmp(ttyline, "", ""); - pw = NULL; - logged_in = 0; - guest = 0; - dochroot = 0; -} - -void -pass(char *passwd) -{ - int rval; - - /* some clients insists on sending a password */ - if (logged_in && askpasswd == 0){ - reply(230, "Dumpucko!"); - return; - } - - if (logged_in || askpasswd == 0) { - reply(503, "Login with USER first."); - return; - } - askpasswd = 0; - rval = 1; - if (!guest) { /* "ftp" is only account allowed no password */ - if (pw == NULL) - rval = 1; /* failure below */ -#ifdef OTP - else if (otp_verify_user (&otp_ctx, passwd) == 0) { - rval = 0; - } -#endif - else if((auth_level & AUTH_OTP) == 0) { -#ifdef KRB4 - char realm[REALM_SZ]; - if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS) - rval = krb_verify_user(pw->pw_name, - "", realm, - passwd, - KRB_VERIFY_SECURE, NULL); - if (rval == KSUCCESS ) { - chown (tkt_string(), pw->pw_uid, pw->pw_gid); - if(k_hasafs()) - krb_afslog(0, 0); - } else -#endif - rval = unix_verify_user(pw->pw_name, passwd); - } else { - char *s; - -#ifdef OTP - if ((s = otp_error(&otp_ctx)) != NULL) - lreply(530, "OTP: %s", s); -#endif - } - memset (passwd, 0, strlen(passwd)); - - /* - * If rval == 1, the user failed the authentication - * check above. If rval == 0, either Kerberos or - * local authentication succeeded. - */ - if (rval) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - reply(530, "Login incorrect."); - if (logging) - syslog(LOG_NOTICE, - "FTP LOGIN FAILED FROM %s(%s), %s", - remotehost, - data_addr, - curname); - pw = NULL; - if (login_attempts++ >= 5) { - syslog(LOG_NOTICE, - "repeated login failures from %s(%s)", - remotehost, - data_addr); - exit(0); - } - return; - } - } - if(!do_login(230, passwd)) - return; - - /* Forget all about it... */ - end_login(); -} - -void -retrieve(const char *cmd, char *name) -{ - FILE *fin = NULL, *dout; - struct stat st; - int (*closefunc) (FILE *); - char line[BUFSIZ]; - - - if (cmd == 0) { - fin = fopen(name, "r"); - closefunc = fclose; - st.st_size = 0; - if(fin == NULL){ - int save_errno = errno; - struct cmds { - const char *ext; - const char *cmd; - const char *rev_cmd; - } cmds[] = { - {".tar", "/bin/gtar cPf - %s", NULL}, - {".tar.gz", "/bin/gtar zcPf - %s", NULL}, - {".tar.Z", "/bin/gtar ZcPf - %s", NULL}, - {".gz", "/bin/gzip -c -- %s", "/bin/gzip -c -d -- %s"}, - {".Z", "/bin/compress -c -- %s", "/bin/uncompress -c -- %s"}, - {NULL, NULL} - }; - struct cmds *p; - for(p = cmds; p->ext; p++){ - char *tail = name + strlen(name) - strlen(p->ext); - char c = *tail; - - if(strcmp(tail, p->ext) == 0 && - (*tail = 0) == 0 && - access(name, R_OK) == 0){ - snprintf (line, sizeof(line), p->cmd, name); - *tail = c; - break; - } - *tail = c; - if (p->rev_cmd != NULL) { - char *ext; - - asprintf(&ext, "%s%s", name, p->ext); - if (ext != NULL) { - if (access(ext, R_OK) == 0) { - snprintf (line, sizeof(line), - p->rev_cmd, ext); - free(ext); - break; - } - free(ext); - } - } - - } - if(p->ext){ - fin = ftpd_popen(line, "r", 0, 0); - closefunc = ftpd_pclose; - st.st_size = -1; - cmd = line; - } else - errno = save_errno; - } - } else { - snprintf(line, sizeof(line), cmd, name); - name = line; - fin = ftpd_popen(line, "r", 1, 0); - closefunc = ftpd_pclose; - st.st_size = -1; - } - if (fin == NULL) { - if (errno != 0) { - perror_reply(550, name); - if (cmd == 0) { - LOGCMD("get", name); - } - } - return; - } - byte_count = -1; - if (cmd == 0){ - if(fstat(fileno(fin), &st) < 0 || !S_ISREG(st.st_mode)) { - reply(550, "%s: not a plain file.", name); - goto done; - } - } - if (restart_point) { - if (type == TYPE_A) { - off_t i, n; - int c; - - n = restart_point; - i = 0; - while (i++ < n) { - if ((c=getc(fin)) == EOF) { - perror_reply(550, name); - goto done; - } - if (c == '\n') - i++; - } - } else if (lseek(fileno(fin), restart_point, SEEK_SET) < 0) { - perror_reply(550, name); - goto done; - } - } - dout = dataconn(name, st.st_size, "w"); - if (dout == NULL) - goto done; - set_buffer_size(fileno(dout), 0); - send_data(fin, dout); - fclose(dout); - data = -1; - pdata = -1; -done: - if (cmd == 0) - LOGBYTES("get", name, byte_count); - (*closefunc)(fin); -} - -/* filename sanity check */ - -int -filename_check(char *filename) -{ - static const char good_chars[] = "+-=_,."; - char *p; - - p = strrchr(filename, '/'); - if(p) - filename = p + 1; - - p = filename; - - if(isalnum(*p)){ - p++; - while(*p && (isalnum(*p) || strchr(good_chars, *p))) - p++; - if(*p == '\0') - return 0; - } - lreply(553, "\"%s\" is an illegal filename.", filename); - lreply(553, "The filename must start with an alphanumeric " - "character and must only"); - reply(553, "consist of alphanumeric characters or any of the following: %s", - good_chars); - return 1; -} - -void -do_store(char *name, char *mode, int unique) -{ - FILE *fout, *din; - struct stat st; - int (*closefunc) (FILE *); - - if(guest && filename_check(name)) - return; - if (unique && stat(name, &st) == 0 && - (name = gunique(name)) == NULL) { - LOGCMD(*mode == 'w' ? "put" : "append", name); - return; - } - - if (restart_point) - mode = "r+"; - fout = fopen(name, mode); - closefunc = fclose; - if (fout == NULL) { - perror_reply(553, name); - LOGCMD(*mode == 'w' ? "put" : "append", name); - return; - } - byte_count = -1; - if (restart_point) { - if (type == TYPE_A) { - off_t i, n; - int c; - - n = restart_point; - i = 0; - while (i++ < n) { - if ((c=getc(fout)) == EOF) { - perror_reply(550, name); - goto done; - } - if (c == '\n') - i++; - } - /* - * We must do this seek to "current" position - * because we are changing from reading to - * writing. - */ - if (fseek(fout, 0L, SEEK_CUR) < 0) { - perror_reply(550, name); - goto done; - } - } else if (lseek(fileno(fout), restart_point, SEEK_SET) < 0) { - perror_reply(550, name); - goto done; - } - } - din = dataconn(name, (off_t)-1, "r"); - if (din == NULL) - goto done; - set_buffer_size(fileno(din), 1); - if (receive_data(din, fout) == 0) { - if (unique) - reply(226, "Transfer complete (unique file name:%s).", - name); - else - reply(226, "Transfer complete."); - } - fclose(din); - data = -1; - pdata = -1; -done: - LOGBYTES(*mode == 'w' ? "put" : "append", name, byte_count); - (*closefunc)(fout); -} - -static FILE * -getdatasock(const char *mode) -{ - int s, t, tries; - - if (data >= 0) - return (fdopen(data, mode)); - seteuid(0); - s = socket(ctrl_addr->sa_family, SOCK_STREAM, 0); - if (s < 0) - goto bad; - socket_set_reuseaddr (s, 1); - /* anchor socket to avoid multi-homing problems */ - socket_set_address_and_port (data_source, - socket_get_address (ctrl_addr), - socket_get_port (data_source)); - - for (tries = 1; ; tries++) { - if (bind(s, data_source, - socket_sockaddr_size (data_source)) >= 0) - break; - if (errno != EADDRINUSE || tries > 10) - goto bad; - sleep(tries); - } - seteuid(pw->pw_uid); -#ifdef IPTOS_THROUGHPUT - socket_set_tos (s, IPTOS_THROUGHPUT); -#endif - return (fdopen(s, mode)); -bad: - /* Return the real value of errno (close may change it) */ - t = errno; - seteuid((uid_t)pw->pw_uid); - close(s); - errno = t; - return (NULL); -} - -static FILE * -dataconn(const char *name, off_t size, const char *mode) -{ - char sizebuf[32]; - FILE *file; - int retry = 0; - - file_size = size; - byte_count = 0; - if (size >= 0) - snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size); - else - *sizebuf = '\0'; - if (pdata >= 0) { - struct sockaddr_storage from_ss; - struct sockaddr *from = (struct sockaddr *)&from_ss; - int s; - int fromlen = sizeof(from_ss); - - s = accept(pdata, from, &fromlen); - if (s < 0) { - reply(425, "Can't open data connection."); - close(pdata); - pdata = -1; - return (NULL); - } - close(pdata); - pdata = s; -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - { - int tos = IPTOS_THROUGHPUT; - - setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos, - sizeof(tos)); - } -#endif - reply(150, "Opening %s mode data connection for '%s'%s.", - type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf); - return (fdopen(pdata, mode)); - } - if (data >= 0) { - reply(125, "Using existing data connection for '%s'%s.", - name, sizebuf); - usedefault = 1; - return (fdopen(data, mode)); - } - if (usedefault) - data_dest = his_addr; - usedefault = 1; - file = getdatasock(mode); - if (file == NULL) { - char data_addr[256]; - - if (inet_ntop (data_source->sa_family, - socket_get_address(data_source), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - reply(425, "Can't create data socket (%s,%d): %s.", - data_addr, - socket_get_port (data_source), - strerror(errno)); - return (NULL); - } - data = fileno(file); - while (connect(data, data_dest, - socket_sockaddr_size(data_dest)) < 0) { - if (errno == EADDRINUSE && retry < swaitmax) { - sleep(swaitint); - retry += swaitint; - continue; - } - perror_reply(425, "Can't build data connection"); - fclose(file); - data = -1; - return (NULL); - } - reply(150, "Opening %s mode data connection for '%s'%s.", - type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf); - return (file); -} - -/* - * Tranfer the contents of "instr" to "outstr" peer using the appropriate - * encapsulation of the data subject * to Mode, Structure, and Type. - * - * NB: Form isn't handled. - */ -static void -send_data(FILE *instr, FILE *outstr) -{ - int c, cnt, filefd, netfd; - static char *buf; - static size_t bufsize; - - transflag++; - if (setjmp(urgcatch)) { - transflag = 0; - return; - } - switch (type) { - - case TYPE_A: - while ((c = getc(instr)) != EOF) { - byte_count++; - if(c == '\n') - sec_putc('\r', outstr); - sec_putc(c, outstr); - } - sec_fflush(outstr); - transflag = 0; - if (ferror(instr)) - goto file_err; - if (ferror(outstr)) - goto data_err; - reply(226, "Transfer complete."); - return; - - case TYPE_I: - case TYPE_L: -#if defined(HAVE_MMAP) && !defined(NO_MMAP) -#ifndef MAP_FAILED -#define MAP_FAILED (-1) -#endif - { - struct stat st; - char *chunk; - int in = fileno(instr); - if(fstat(in, &st) == 0 && S_ISREG(st.st_mode) - && st.st_size > 0) { - /* - * mmap zero bytes has potential of loosing, don't do it. - */ - chunk = mmap(0, st.st_size, PROT_READ, - MAP_SHARED, in, 0); - if((void *)chunk != (void *)MAP_FAILED) { - cnt = st.st_size - restart_point; - sec_write(fileno(outstr), chunk + restart_point, cnt); - if (munmap(chunk, st.st_size) < 0) - warn ("munmap"); - sec_fflush(outstr); - byte_count = cnt; - transflag = 0; - } - } - } -#endif - if(transflag) { - struct stat st; - - netfd = fileno(outstr); - filefd = fileno(instr); - buf = alloc_buffer (buf, &bufsize, - fstat(filefd, &st) >= 0 ? &st : NULL); - if (buf == NULL) { - transflag = 0; - perror_reply(451, "Local resource failure: malloc"); - return; - } - while ((cnt = read(filefd, buf, bufsize)) > 0 && - sec_write(netfd, buf, cnt) == cnt) - byte_count += cnt; - sec_fflush(outstr); /* to end an encrypted stream */ - transflag = 0; - if (cnt != 0) { - if (cnt < 0) - goto file_err; - goto data_err; - } - } - reply(226, "Transfer complete."); - return; - default: - transflag = 0; - reply(550, "Unimplemented TYPE %d in send_data", type); - return; - } - -data_err: - transflag = 0; - perror_reply(426, "Data connection"); - return; - -file_err: - transflag = 0; - perror_reply(551, "Error on input file"); -} - -/* - * Transfer data from peer to "outstr" using the appropriate encapulation of - * the data subject to Mode, Structure, and Type. - * - * N.B.: Form isn't handled. - */ -static int -receive_data(FILE *instr, FILE *outstr) -{ - int cnt, bare_lfs = 0; - static char *buf; - static size_t bufsize; - struct stat st; - - transflag++; - if (setjmp(urgcatch)) { - transflag = 0; - return (-1); - } - - buf = alloc_buffer (buf, &bufsize, - fstat(fileno(outstr), &st) >= 0 ? &st : NULL); - if (buf == NULL) { - transflag = 0; - perror_reply(451, "Local resource failure: malloc"); - return -1; - } - - switch (type) { - - case TYPE_I: - case TYPE_L: - while ((cnt = sec_read(fileno(instr), buf, bufsize)) > 0) { - if (write(fileno(outstr), buf, cnt) != cnt) - goto file_err; - byte_count += cnt; - } - if (cnt < 0) - goto data_err; - transflag = 0; - return (0); - - case TYPE_E: - reply(553, "TYPE E not implemented."); - transflag = 0; - return (-1); - - case TYPE_A: - { - char *p, *q; - int cr_flag = 0; - while ((cnt = sec_read(fileno(instr), - buf + cr_flag, - bufsize - cr_flag)) > 0){ - byte_count += cnt; - cnt += cr_flag; - cr_flag = 0; - for(p = buf, q = buf; p < buf + cnt;) { - if(*p == '\n') - bare_lfs++; - if(*p == '\r') { - if(p == buf + cnt - 1){ - cr_flag = 1; - p++; - continue; - }else if(p[1] == '\n'){ - *q++ = '\n'; - p += 2; - continue; - } - } - *q++ = *p++; - } - fwrite(buf, q - buf, 1, outstr); - if(cr_flag) - buf[0] = '\r'; - } - if(cr_flag) - putc('\r', outstr); - fflush(outstr); - if (ferror(instr)) - goto data_err; - if (ferror(outstr)) - goto file_err; - transflag = 0; - if (bare_lfs) { - lreply(226, "WARNING! %d bare linefeeds received in ASCII mode\r\n" - " File may not have transferred correctly.\r\n", - bare_lfs); - } - return (0); - } - default: - reply(550, "Unimplemented TYPE %d in receive_data", type); - transflag = 0; - return (-1); - } - -data_err: - transflag = 0; - perror_reply(426, "Data Connection"); - return (-1); - -file_err: - transflag = 0; - perror_reply(452, "Error writing file"); - return (-1); -} - -void -statfilecmd(char *filename) -{ - FILE *fin; - int c; - char line[LINE_MAX]; - - snprintf(line, sizeof(line), "/bin/ls -la -- %s", filename); - fin = ftpd_popen(line, "r", 1, 0); - lreply(211, "status of %s:", filename); - while ((c = getc(fin)) != EOF) { - if (c == '\n') { - if (ferror(stdout)){ - perror_reply(421, "control connection"); - ftpd_pclose(fin); - dologout(1); - /* NOTREACHED */ - } - if (ferror(fin)) { - perror_reply(551, filename); - ftpd_pclose(fin); - return; - } - putc('\r', stdout); - } - putc(c, stdout); - } - ftpd_pclose(fin); - reply(211, "End of Status"); -} - -void -statcmd(void) -{ -#if 0 - struct sockaddr_in *sin; - u_char *a, *p; - - lreply(211, "%s FTP server (%s) status:", hostname, version); - printf(" %s\r\n", version); - printf(" Connected to %s", remotehost); - if (!isdigit(remotehost[0])) - printf(" (%s)", inet_ntoa(his_addr.sin_addr)); - printf("\r\n"); - if (logged_in) { - if (guest) - printf(" Logged in anonymously\r\n"); - else - printf(" Logged in as %s\r\n", pw->pw_name); - } else if (askpasswd) - printf(" Waiting for password\r\n"); - else - printf(" Waiting for user name\r\n"); - printf(" TYPE: %s", typenames[type]); - if (type == TYPE_A || type == TYPE_E) - printf(", FORM: %s", formnames[form]); - if (type == TYPE_L) -#if NBBY == 8 - printf(" %d", NBBY); -#else - printf(" %d", bytesize); /* need definition! */ -#endif - printf("; STRUcture: %s; transfer MODE: %s\r\n", - strunames[stru], modenames[mode]); - if (data != -1) - printf(" Data connection open\r\n"); - else if (pdata != -1) { - printf(" in Passive mode"); - sin = &pasv_addr; - goto printaddr; - } else if (usedefault == 0) { - printf(" PORT"); - sin = &data_dest; -printaddr: - a = (u_char *) &sin->sin_addr; - p = (u_char *) &sin->sin_port; -#define UC(b) (((int) b) & 0xff) - printf(" (%d,%d,%d,%d,%d,%d)\r\n", UC(a[0]), - UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1])); -#undef UC - } else - printf(" No data connection\r\n"); -#endif - reply(211, "End of status"); -} - -void -fatal(char *s) -{ - - reply(451, "Error in server: %s\n", s); - reply(221, "Closing connection due to server error."); - dologout(0); - /* NOTREACHED */ -} - -static void -int_reply(int, char *, const char *, va_list) -#ifdef __GNUC__ -__attribute__ ((format (printf, 3, 0))) -#endif -; - -static void -int_reply(int n, char *c, const char *fmt, va_list ap) -{ - char buf[10240]; - char *p; - p=buf; - if(n){ - snprintf(p, sizeof(buf), "%d%s", n, c); - p+=strlen(p); - } - vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap); - p+=strlen(p); - snprintf(p, sizeof(buf) - strlen(p), "\r\n"); - p+=strlen(p); - sec_fprintf(stdout, "%s", buf); - fflush(stdout); - if (debug) - syslog(LOG_DEBUG, "<--- %s- ", buf); -} - -void -reply(int n, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - int_reply(n, " ", fmt, ap); - delete_ftp_command(); - va_end(ap); -} - -void -lreply(int n, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - int_reply(n, "-", fmt, ap); - va_end(ap); -} - -void -nreply(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - int_reply(0, NULL, fmt, ap); - va_end(ap); -} - -static void -ack(char *s) -{ - - reply(250, "%s command successful.", s); -} - -void -nack(char *s) -{ - - reply(502, "%s command not implemented.", s); -} - -/* ARGSUSED */ -void -yyerror(char *s) -{ - char *cp; - - if ((cp = strchr(cbuf,'\n'))) - *cp = '\0'; - reply(500, "'%s': command not understood.", cbuf); -} - -void -do_delete(char *name) -{ - struct stat st; - - LOGCMD("delete", name); - if (stat(name, &st) < 0) { - perror_reply(550, name); - return; - } - if ((st.st_mode&S_IFMT) == S_IFDIR) { - if (rmdir(name) < 0) { - perror_reply(550, name); - return; - } - goto done; - } - if (unlink(name) < 0) { - perror_reply(550, name); - return; - } -done: - ack("DELE"); -} - -void -cwd(char *path) -{ - - if (chdir(path) < 0) - perror_reply(550, path); - else - ack("CWD"); -} - -void -makedir(char *name) -{ - - LOGCMD("mkdir", name); - if(guest && filename_check(name)) - return; - if (mkdir(name, 0777) < 0) - perror_reply(550, name); - else{ - if(guest) - chmod(name, 0700); /* guest has umask 777 */ - reply(257, "MKD command successful."); - } -} - -void -removedir(char *name) -{ - - LOGCMD("rmdir", name); - if (rmdir(name) < 0) - perror_reply(550, name); - else - ack("RMD"); -} - -void -pwd(void) -{ - char path[MaxPathLen]; - char *ret; - - /* SunOS has a broken getcwd that does popen(pwd) (!!!), this - * failes miserably when running chroot - */ - ret = getcwd(path, sizeof(path)); - if (ret == NULL) - reply(550, "%s.", strerror(errno)); - else - reply(257, "\"%s\" is current directory.", path); -} - -char * -renamefrom(char *name) -{ - struct stat st; - - if (stat(name, &st) < 0) { - perror_reply(550, name); - return NULL; - } - reply(350, "File exists, ready for destination name"); - return (name); -} - -void -renamecmd(char *from, char *to) -{ - - LOGCMD2("rename", from, to); - if(guest && filename_check(to)) - return; - if (rename(from, to) < 0) - perror_reply(550, "rename"); - else - ack("RNTO"); -} - -static void -dolog(struct sockaddr *sa) -{ - struct sockaddr_in *sin = (struct sockaddr_in *)sa; - - inaddr2str (sin->sin_addr, remotehost, sizeof(remotehost)); -#ifdef HAVE_SETPROCTITLE - snprintf(proctitle, sizeof(proctitle), "%s: connected", remotehost); - setproctitle("%s", proctitle); -#endif /* HAVE_SETPROCTITLE */ - - if (logging) { - char data_addr[256]; - - if (inet_ntop (his_addr->sa_family, - socket_get_address(his_addr), - data_addr, sizeof(data_addr)) == NULL) - strlcpy (data_addr, "unknown address", - sizeof(data_addr)); - - - syslog(LOG_INFO, "connection from %s(%s)", - remotehost, - data_addr); - } -} - -/* - * Record logout in wtmp file - * and exit with supplied status. - */ -void -dologout(int status) -{ - transflag = 0; - if (logged_in) { - seteuid((uid_t)0); - ftpd_logwtmp(ttyline, "", ""); -#ifdef KRB4 - cond_kdestroy(); -#endif - } - /* beware of flushing buffers after a SIGPIPE */ -#ifdef XXX - exit(status); -#else - _exit(status); -#endif -} - -void abor(void) -{ -} - -static void -myoob(int signo) -{ -#if 0 - char *cp; -#endif - - /* only process if transfer occurring */ - if (!transflag) - return; - - /* This is all XXX */ - oobflag = 1; - /* if the command resulted in a new command, - parse that as well */ - do{ - yyparse(); - } while(ftp_command); - oobflag = 0; - -#if 0 - cp = tmpline; - if (ftpd_getline(cp, 7) == NULL) { - reply(221, "You could at least say goodbye."); - dologout(0); - } - upper(cp); - if (strcmp(cp, "ABOR\r\n") == 0) { - tmpline[0] = '\0'; - reply(426, "Transfer aborted. Data connection closed."); - reply(226, "Abort successful"); - longjmp(urgcatch, 1); - } - if (strcmp(cp, "STAT\r\n") == 0) { - if (file_size != (off_t) -1) - reply(213, "Status: %ld of %ld bytes transferred", - (long)byte_count, - (long)file_size); - else - reply(213, "Status: %ld bytes transferred" - (long)byte_count); - } -#endif -} - -/* - * Note: a response of 425 is not mentioned as a possible response to - * the PASV command in RFC959. However, it has been blessed as - * a legitimate response by Jon Postel in a telephone conversation - * with Rick Adams on 25 Jan 89. - */ -void -pasv(void) -{ - int len; - char *p, *a; - struct sockaddr_in *sin; - - if (ctrl_addr->sa_family != AF_INET) { - reply(425, - "You cannot do PASV with something that's not IPv4"); - return; - } - - pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0); - if (pdata < 0) { - perror_reply(425, "Can't open passive connection"); - return; - } - pasv_addr->sa_family = ctrl_addr->sa_family; - socket_set_address_and_port (pasv_addr, - socket_get_address (ctrl_addr), - 0); - seteuid(0); - if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { - seteuid(pw->pw_uid); - goto pasv_error; - } - seteuid(pw->pw_uid); - len = sizeof(pasv_addr_ss); - if (getsockname(pdata, pasv_addr, &len) < 0) - goto pasv_error; - if (listen(pdata, 1) < 0) - goto pasv_error; - sin = (struct sockaddr_in *)pasv_addr; - a = (char *) &sin->sin_addr; - p = (char *) &sin->sin_port; - -#define UC(b) (((int) b) & 0xff) - - reply(227, "Entering Passive Mode (%d,%d,%d,%d,%d,%d)", UC(a[0]), - UC(a[1]), UC(a[2]), UC(a[3]), UC(p[0]), UC(p[1])); - return; - -pasv_error: - close(pdata); - pdata = -1; - perror_reply(425, "Can't open passive connection"); - return; -} - -void -epsv(char *proto) -{ - int len; - - pdata = socket(ctrl_addr->sa_family, SOCK_STREAM, 0); - if (pdata < 0) { - perror_reply(425, "Can't open passive connection"); - return; - } - pasv_addr->sa_family = ctrl_addr->sa_family; - socket_set_address_and_port (pasv_addr, - socket_get_address (ctrl_addr), - 0); - seteuid(0); - if (bind(pdata, pasv_addr, socket_sockaddr_size (pasv_addr)) < 0) { - seteuid(pw->pw_uid); - goto pasv_error; - } - seteuid(pw->pw_uid); - len = sizeof(pasv_addr_ss); - if (getsockname(pdata, pasv_addr, &len) < 0) - goto pasv_error; - if (listen(pdata, 1) < 0) - goto pasv_error; - - reply(229, "Entering Extended Passive Mode (|||%d|)", - ntohs(socket_get_port (pasv_addr))); - return; - -pasv_error: - close(pdata); - pdata = -1; - perror_reply(425, "Can't open passive connection"); - return; -} - -void -eprt(char *str) -{ - char *end; - char sep; - int af; - int ret; - int port; - - usedefault = 0; - if (pdata >= 0) { - close(pdata); - pdata = -1; - } - - sep = *str++; - if (sep == '\0') { - reply(500, "Bad syntax in EPRT"); - return; - } - af = strtol (str, &end, 0); - if (af == 0 || *end != sep) { - reply(500, "Bad syntax in EPRT"); - return; - } - str = end + 1; - switch (af) { -#ifdef HAVE_IPV6 - case 2 : - data_dest->sa_family = AF_INET6; - break; -#endif - case 1 : - data_dest->sa_family = AF_INET; - break; - default : - reply(522, "Network protocol %d not supported, use (1" -#ifdef HAVE_IPV6 - ",2" -#endif - ")", af); - return; - } - end = strchr (str, sep); - if (end == NULL) { - reply(500, "Bad syntax in EPRT"); - return; - } - *end = '\0'; - ret = inet_pton (data_dest->sa_family, str, - socket_get_address (data_dest)); - - if (ret != 1) { - reply(500, "Bad address syntax in EPRT"); - return; - } - str = end + 1; - port = strtol (str, &end, 0); - if (port == 0 || *end != sep) { - reply(500, "Bad port syntax in EPRT"); - return; - } - socket_set_port (data_dest, htons(port)); - reply(200, "EPRT command successful."); -} - -/* - * Generate unique name for file with basename "local". - * The file named "local" is already known to exist. - * Generates failure reply on error. - */ -static char * -gunique(char *local) -{ - static char new[MaxPathLen]; - struct stat st; - int count; - char *cp; - - cp = strrchr(local, '/'); - if (cp) - *cp = '\0'; - if (stat(cp ? local : ".", &st) < 0) { - perror_reply(553, cp ? local : "."); - return NULL; - } - if (cp) - *cp = '/'; - for (count = 1; count < 100; count++) { - snprintf (new, sizeof(new), "%s.%d", local, count); - if (stat(new, &st) < 0) - return (new); - } - reply(452, "Unique file name cannot be created."); - return (NULL); -} - -/* - * Format and send reply containing system error number. - */ -void -perror_reply(int code, const char *string) -{ - reply(code, "%s: %s.", string, strerror(errno)); -} - -static char *onefile[] = { - "", - 0 -}; - -void -list_file(char *file) -{ - if(use_builtin_ls) { - FILE *dout; - dout = dataconn(file, -1, "w"); - if (dout == NULL) - return; - set_buffer_size(fileno(dout), 0); - builtin_ls(dout, file); - reply(226, "Transfer complete."); - fclose(dout); - data = -1; - pdata = -1; - } else { -#ifdef HAVE_LS_A - const char *cmd = "/bin/ls -lA -- %s"; -#else - const char *cmd = "/bin/ls -la -- %s"; -#endif - retrieve(cmd, file); - } -} - -void -send_file_list(char *whichf) -{ - struct stat st; - DIR *dirp = NULL; - struct dirent *dir; - FILE *dout = NULL; - char **dirlist, *dirname; - int simple = 0; - int freeglob = 0; - glob_t gl; - char buf[MaxPathLen]; - - if (strpbrk(whichf, "~{[*?") != NULL) { - int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - - memset(&gl, 0, sizeof(gl)); - freeglob = 1; - if (glob(whichf, flags, 0, &gl)) { - reply(550, "not found"); - goto out; - } else if (gl.gl_pathc == 0) { - errno = ENOENT; - perror_reply(550, whichf); - goto out; - } - dirlist = gl.gl_pathv; - } else { - onefile[0] = whichf; - dirlist = onefile; - simple = 1; - } - - if (setjmp(urgcatch)) { - transflag = 0; - goto out; - } - while ((dirname = *dirlist++)) { - if (stat(dirname, &st) < 0) { - /* - * If user typed "ls -l", etc, and the client - * used NLST, do what the user meant. - */ - if (dirname[0] == '-' && *dirlist == NULL && - transflag == 0) { - list_file(dirname); - goto out; - } - perror_reply(550, whichf); - if (dout != NULL) { - fclose(dout); - transflag = 0; - data = -1; - pdata = -1; - } - goto out; - } - - if (S_ISREG(st.st_mode)) { - if (dout == NULL) { - dout = dataconn("file list", (off_t)-1, "w"); - if (dout == NULL) - goto out; - transflag++; - } - snprintf(buf, sizeof(buf), "%s%s\n", dirname, - type == TYPE_A ? "\r" : ""); - sec_write(fileno(dout), buf, strlen(buf)); - byte_count += strlen(dirname) + 1; - continue; - } else if (!S_ISDIR(st.st_mode)) - continue; - - if ((dirp = opendir(dirname)) == NULL) - continue; - - while ((dir = readdir(dirp)) != NULL) { - char nbuf[MaxPathLen]; - - if (!strcmp(dir->d_name, ".")) - continue; - if (!strcmp(dir->d_name, "..")) - continue; - - snprintf(nbuf, sizeof(nbuf), "%s/%s", dirname, dir->d_name); - - /* - * We have to do a stat to insure it's - * not a directory or special file. - */ - if (simple || (stat(nbuf, &st) == 0 && - S_ISREG(st.st_mode))) { - if (dout == NULL) { - dout = dataconn("file list", (off_t)-1, "w"); - if (dout == NULL) - goto out; - transflag++; - } - if(strncmp(nbuf, "./", 2) == 0) - snprintf(buf, sizeof(buf), "%s%s\n", nbuf +2, - type == TYPE_A ? "\r" : ""); - else - snprintf(buf, sizeof(buf), "%s%s\n", nbuf, - type == TYPE_A ? "\r" : ""); - sec_write(fileno(dout), buf, strlen(buf)); - byte_count += strlen(nbuf) + 1; - } - } - closedir(dirp); - } - if (dout == NULL) - reply(550, "No files found."); - else if (ferror(dout) != 0) - perror_reply(550, "Data connection"); - else - reply(226, "Transfer complete."); - - transflag = 0; - if (dout != NULL){ - sec_write(fileno(dout), buf, 0); /* XXX flush */ - - fclose(dout); - } - data = -1; - pdata = -1; -out: - if (freeglob) { - freeglob = 0; - globfree(&gl); - } -} - - -int -find(char *pattern) -{ - char line[1024]; - FILE *f; - - snprintf(line, sizeof(line), - "/bin/locate -d %s -- %s", - ftp_rooted("/etc/locatedb"), - pattern); - f = ftpd_popen(line, "r", 1, 1); - if(f == NULL){ - perror_reply(550, "/bin/locate"); - return 1; - } - lreply(200, "Output from find."); - while(fgets(line, sizeof(line), f)){ - if(line[strlen(line)-1] == '\n') - line[strlen(line)-1] = 0; - nreply("%s", line); - } - reply(200, "Done"); - ftpd_pclose(f); - return 0; -} - diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h b/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h deleted file mode 100644 index 5cb49046b52a..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h +++ /dev/null @@ -1,170 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: ftpd_locl.h,v 1.9 1999/12/02 16:58:30 joda Exp $ */ - -#ifndef __ftpd_locl_h__ -#define __ftpd_locl_h__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -/* - * FTP server. - */ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_IOCCOM_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif - -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif - -#ifdef HAVE_SYS_MMAN_H -#include -#endif - -#include -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#include -#ifdef HAVE_DIRENT_H -#include -#endif -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#include -#include -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYSLOG_H -#include -#endif -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_GRP_H -#include -#endif -#include - -#ifdef HAVE_BSD_BSD_H -#include -#endif - -#include - -#include "pathnames.h" -#include "extern.h" -#include "common.h" - -#include "security.h" - -#include "roken.h" - -#ifdef KRB4 -#include -#include -#endif - -#ifdef OTP -#include -#endif - -#ifdef SOCKS -#include -extern int LIBPREFIX(fclose) (FILE *); -#endif - -/* SunOS doesn't have any declaration of fclose */ - -int fclose(FILE *stream); - -int yyparse(); - -#ifndef LOG_FTP -#define LOG_FTP LOG_DAEMON -#endif - -#endif /* __ftpd_locl_h__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c b/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c deleted file mode 100644 index 28e35960cc9d..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftpd_locl.h" -#include -#include - -RCSID("$Id: gss_userok.c,v 1.2 1999/12/02 16:58:31 joda Exp $"); - -/* XXX a bit too much of krb5 dependency here... - What is the correct way to do this? - */ - -extern krb5_context gssapi_krb5_context; - -/* XXX sync with gssapi.c */ -struct gss_data { - gss_ctx_id_t context_hdl; - char *client_name; -}; - -int gss_userok(void*, char*); /* to keep gcc happy */ - -int -gss_userok(void *app_data, char *username) -{ - struct gss_data *data = app_data; - if(gssapi_krb5_context) { - krb5_principal client; - krb5_error_code ret; - ret = krb5_parse_name(gssapi_krb5_context, data->client_name, &client); - if(ret) - return 1; - ret = krb5_kuserok(gssapi_krb5_context, client, username); - krb5_free_principal(gssapi_krb5_context, client); - return !ret; - } - return 1; -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c b/crypto/kerberosIV/appl/ftp/ftpd/kauth.c deleted file mode 100644 index dad4de540152..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c +++ /dev/null @@ -1,365 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "ftpd_locl.h" - -RCSID("$Id: kauth.c,v 1.25 1999/12/02 16:58:31 joda Exp $"); - -static KTEXT_ST cip; -static unsigned int lifetime; -static time_t local_time; - -static krb_principal pr; - -static int do_destroy_tickets = 1; - -static int -save_tkt(const char *user, - const char *instance, - const char *realm, - const void *arg, - key_proc_t key_proc, - KTEXT *cipp) -{ - local_time = time(0); - memmove(&cip, *cipp, sizeof(cip)); - return -1; -} - -static int -store_ticket(KTEXT cip) -{ - char *ptr; - des_cblock session; - krb_principal sp; - unsigned char kvno; - KTEXT_ST tkt; - int left = cip->length; - int len; - int kerror; - - ptr = (char *) cip->dat; - - /* extract session key */ - memmove(session, ptr, 8); - ptr += 8; - left -= 8; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's name */ - strlcpy(sp.name, ptr, sizeof(sp.name)); - ptr += len + 1; - left -= len + 1; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's instance */ - strlcpy(sp.instance, ptr, sizeof(sp.instance)); - ptr += len + 1; - left -= len + 1; - - len = strnlen(ptr, left); - if (len == left) - return(INTK_BADPW); - - /* extract server's realm */ - strlcpy(sp.realm, ptr, sizeof(sp.realm)); - ptr += len + 1; - left -= len + 1; - - if(left < 3) - return INTK_BADPW; - /* extract ticket lifetime, server key version, ticket length */ - /* be sure to avoid sign extension on lifetime! */ - lifetime = (unsigned char) ptr[0]; - kvno = (unsigned char) ptr[1]; - tkt.length = (unsigned char) ptr[2]; - ptr += 3; - left -= 3; - - if (tkt.length > left) - return(INTK_BADPW); - - /* extract ticket itself */ - memmove(tkt.dat, ptr, tkt.length); - ptr += tkt.length; - left -= tkt.length; - - /* Here is where the time should be verified against the KDC. - * Unfortunately everything is sent in host byte order (receiver - * makes wrong) , and at this stage there is no way for us to know - * which byteorder the KDC has. So we simply ignore the time, - * there are no security risks with this, the only thing that can - * happen is that we might receive a replayed ticket, which could - * at most be useless. - */ - -#if 0 - /* check KDC time stamp */ - { - time_t kdc_time; - - memmove(&kdc_time, ptr, sizeof(kdc_time)); - if (swap_bytes) swap_u_long(kdc_time); - - ptr += 4; - - if (abs((int)(local_time - kdc_time)) > CLOCK_SKEW) { - return(RD_AP_TIME); /* XXX should probably be better - code */ - } - } -#endif - - /* initialize ticket cache */ - - if (tf_create(TKT_FILE) != KSUCCESS) - return(INTK_ERR); - - if (tf_put_pname(pr.name) != KSUCCESS || - tf_put_pinst(pr.instance) != KSUCCESS) { - tf_close(); - return(INTK_ERR); - } - - - kerror = tf_save_cred(sp.name, sp.instance, sp.realm, session, - lifetime, kvno, &tkt, local_time); - tf_close(); - - return(kerror); -} - -void -kauth(char *principal, char *ticket) -{ - char *p; - int ret; - - if(get_command_prot() != prot_private) { - reply(500, "Request denied (bad protection level)"); - return; - } - ret = krb_parse_name(principal, &pr); - if(ret){ - reply(500, "Bad principal: %s.", krb_get_err_text(ret)); - return; - } - if(pr.realm[0] == 0) - krb_get_lrealm(pr.realm, 1); - - if(ticket){ - cip.length = base64_decode(ticket, &cip.dat); - if(cip.length == -1){ - reply(500, "Failed to decode data."); - return; - } - ret = store_ticket(&cip); - if(ret){ - reply(500, "Kerberos error: %s.", krb_get_err_text(ret)); - memset(&cip, 0, sizeof(cip)); - return; - } - do_destroy_tickets = 1; - - if(k_hasafs()) - krb_afslog(0, 0); - reply(200, "Tickets will be destroyed on exit."); - return; - } - - ret = krb_get_in_tkt (pr.name, - pr.instance, - pr.realm, - KRB_TICKET_GRANTING_TICKET, - pr.realm, - DEFAULT_TKT_LIFE, - NULL, save_tkt, NULL); - if(ret != INTK_BADPW){ - reply(500, "Kerberos error: %s.", krb_get_err_text(ret)); - return; - } - if(base64_encode(cip.dat, cip.length, &p) < 0) { - reply(500, "Out of memory while base64-encoding."); - return; - } - reply(300, "P=%s T=%s", krb_unparse_name(&pr), p); - free(p); - memset(&cip, 0, sizeof(cip)); -} - - -static char * -short_date(int32_t dp) -{ - char *cp; - time_t t = (time_t)dp; - - if (t == (time_t)(-1L)) return "*** Never *** "; - cp = ctime(&t) + 4; - cp[15] = '\0'; - return (cp); -} - -void -klist(void) -{ - int err; - - char *file = tkt_string(); - - krb_principal pr; - - char buf1[128], buf2[128]; - int header = 1; - CREDENTIALS c; - - - - err = tf_init(file, R_TKT_FIL); - if(err != KSUCCESS){ - reply(500, "%s", krb_get_err_text(err)); - return; - } - tf_close(); - - /* - * We must find the realm of the ticket file here before calling - * tf_init because since the realm of the ticket file is not - * really stored in the principal section of the file, the - * routine we use must itself call tf_init and tf_close. - */ - err = krb_get_tf_realm(file, pr.realm); - if(err != KSUCCESS){ - reply(500, "%s", krb_get_err_text(err)); - return; - } - - err = tf_init(file, R_TKT_FIL); - if(err != KSUCCESS){ - reply(500, "%s", krb_get_err_text(err)); - return; - } - - err = tf_get_pname(pr.name); - if(err != KSUCCESS){ - reply(500, "%s", krb_get_err_text(err)); - return; - } - err = tf_get_pinst(pr.instance); - if(err != KSUCCESS){ - reply(500, "%s", krb_get_err_text(err)); - return; - } - - /* - * You may think that this is the obvious place to get the - * realm of the ticket file, but it can't be done here as the - * routine to do this must open the ticket file. This is why - * it was done before tf_init. - */ - - lreply(200, "Ticket file: %s", tkt_string()); - - lreply(200, "Principal: %s", krb_unparse_name(&pr)); - while ((err = tf_get_cred(&c)) == KSUCCESS) { - if (header) { - lreply(200, "%-15s %-15s %s", - " Issued", " Expires", " Principal (kvno)"); - header = 0; - } - strlcpy(buf1, short_date(c.issue_date), sizeof(buf1)); - c.issue_date = krb_life_to_time(c.issue_date, c.lifetime); - if (time(0) < (unsigned long) c.issue_date) - strlcpy(buf2, short_date(c.issue_date), sizeof(buf2)); - else - strlcpy(buf2, ">>> Expired <<< ", sizeof(buf2)); - lreply(200, "%s %s %s (%d)", buf1, buf2, - krb_unparse_name_long(c.service, c.instance, c.realm), c.kvno); - } - if (header && err == EOF) { - lreply(200, "No tickets in file."); - } - reply(200, " "); -} - -/* - * Only destroy if we created the tickets - */ - -void -cond_kdestroy(void) -{ - if (do_destroy_tickets) - dest_tkt(); - afsunlog(); -} - -void -kdestroy(void) -{ - dest_tkt(); - afsunlog(); - reply(200, "Tickets destroyed"); -} - -void -krbtkfile(const char *tkfile) -{ - do_destroy_tickets = 0; - krb_set_tkt_string(tkfile); - reply(200, "Using ticket file %s", tkfile); -} - -void -afslog(const char *cell) -{ - if(k_hasafs()) { - krb_afslog(cell, 0); - reply(200, "afslog done"); - } else { - reply(200, "no AFS present"); - } -} - -void -afsunlog(void) -{ - if(k_hasafs()) - k_unlog(); -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/krb4.c b/crypto/kerberosIV/appl/ftp/ftpd/krb4.c deleted file mode 100644 index 2457c61cc1fe..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/krb4.c +++ /dev/null @@ -1,372 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: krb4.c,v 1.19 1997/05/11 09:00:07 assar Exp $"); -#endif - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_NETINET_IN_h -#include -#endif - -#include -#include -#include -#include -#include - -#include "base64.h" -#include "extern.h" -#include "auth.h" -#include "krb4.h" - -#include - -static AUTH_DAT auth_dat; -static des_key_schedule schedule; - -int krb4_auth(char *auth) -{ - auth_complete = 0; - reply(334, "Using authentication type %s; ADAT must follow", auth); - return 0; -} - -int krb4_adat(char *auth) -{ - KTEXT_ST tkt; - char *p; - int kerror; - u_int32_t cs; - char msg[35]; /* size of encrypted block */ - int len; - - char inst[INST_SZ]; - - memset(&tkt, 0, sizeof(tkt)); - len = base64_decode(auth, tkt.dat); - - if(len < 0){ - reply(501, "Failed to decode base64 data."); - return -1; - } - tkt.length = len; - - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "ftp", inst, 0, &auth_dat, ""); - if(kerror == RD_AP_UNDEC){ - k_getsockinst(0, inst, sizeof(inst)); - kerror = krb_rd_req(&tkt, "rcmd", inst, 0, &auth_dat, ""); - } - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - return -1; - } - - des_set_key(&auth_dat.session, schedule); - - cs = auth_dat.checksum + 1; - { - unsigned char tmp[4]; - tmp[0] = (cs >> 24) & 0xff; - tmp[1] = (cs >> 16) & 0xff; - tmp[2] = (cs >> 8) & 0xff; - tmp[3] = cs & 0xff; - len = krb_mk_safe(tmp, msg, 4, &auth_dat.session, - &ctrl_addr, &his_addr); - } - if(len < 0){ - reply(535, "Error creating reply: %s.", strerror(errno)); - return -1; - } - base64_encode(msg, len, &p); - reply(235, "ADAT=%s", p); - auth_complete = 1; - free(p); - return 0; -} - -int krb4_pbsz(int size) -{ - if(size > 1048576) /* XXX arbitrary number */ - size = 1048576; - buffer_size = size; - reply(200, "OK PBSZ=%d", buffer_size); - return 0; -} - -int krb4_prot(int level) -{ - if(level == prot_confidential) - return -1; - return 0; -} - -int krb4_ccc(void) -{ - reply(534, "Don't event think about it."); - return -1; -} - -int krb4_mic(char *msg) -{ - int len; - int kerror; - MSG_DAT m_data; - char *tmp, *cmd; - - cmd = strdup(msg); - - len = base64_decode(msg, cmd); - if(len < 0){ - reply(501, "Failed to decode base 64 data."); - free(cmd); - return -1; - } - kerror = krb_rd_safe(cmd, len, &auth_dat.session, - &his_addr, &ctrl_addr, &m_data); - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - free(cmd); - return -1; - } - - tmp = malloc(strlen(msg) + 1); - snprintf(tmp, strlen(msg) + 1, "%.*s", (int)m_data.app_length, m_data.app_data); - if(!strstr(tmp, "\r\n")) - strcat(tmp, "\r\n"); - new_ftp_command(tmp); - free(cmd); - return 0; -} - -int krb4_conf(char *msg) -{ - prot_level = prot_safe; - - reply(537, "Protection level not supported."); - return -1; -} - -int krb4_enc(char *msg) -{ - int len; - int kerror; - MSG_DAT m_data; - char *tmp, *cmd; - - cmd = strdup(msg); - - len = base64_decode(msg, cmd); - if(len < 0){ - reply(501, "Failed to decode base 64 data."); - free(cmd); - return -1; - } - kerror = krb_rd_priv(cmd, len, schedule, &auth_dat.session, - &his_addr, &ctrl_addr, &m_data); - - if(kerror){ - reply(535, "Error reading request: %s.", krb_get_err_text(kerror)); - free(cmd); - return -1; - } - - tmp = strdup(msg); - snprintf(tmp, strlen(msg) + 1, "%.*s", (int)m_data.app_length, m_data.app_data); - if(!strstr(tmp, "\r\n")) - strcat(tmp, "\r\n"); - new_ftp_command(tmp); - free(cmd); - return 0; -} - -int krb4_read(int fd, void *data, int length) -{ - static int left; - static char *extra; - static int eof; - int len, bytes, tx = 0; - - MSG_DAT m_data; - int kerror; - - if(eof){ /* if we haven't reported an end-of-file, do so */ - eof = 0; - return 0; - } - - if(left){ - if(length > left) - bytes = left; - else - bytes = length; - memmove(data, extra, bytes); - left -= bytes; - if(left) - memmove(extra, extra + bytes, left); - else - free(extra); - length -= bytes; - tx += bytes; - } - - while(length){ - unsigned char tmp[4]; - if(krb_net_read(fd, tmp, 4) < 4){ - reply(400, "Unexpected end of file.\n"); - return -1; - } - len = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3]; - krb_net_read(fd, data_buffer, len); - if(data_protection == prot_safe) - kerror = krb_rd_safe(data_buffer, len, &auth_dat.session, - &his_addr, &ctrl_addr, &m_data); - else - kerror = krb_rd_priv(data_buffer, len, schedule, &auth_dat.session, - &his_addr, &ctrl_addr, &m_data); - - if(kerror){ - reply(400, "Failed to read data: %s.", krb_get_err_text(kerror)); - return -1; - } - - bytes = m_data.app_length; - if(bytes == 0){ - if(tx) eof = 1; - return tx; - } - if(bytes > length){ - left = bytes - length; - bytes = length; - extra = malloc(left); - memmove(extra, m_data.app_data + bytes, left); - } - memmove((unsigned char*)data + tx, m_data.app_data, bytes); - tx += bytes; - length -= bytes; - } - return tx; -} - -int krb4_write(int fd, void *data, int length) -{ - int len, bytes, tx = 0; - - len = buffer_size; - if(data_protection == prot_safe) - len -= 31; /* always 31 bytes overhead */ - else - len -= 26; /* at most 26 bytes */ - - do{ - if(length < len) - len = length; - if(data_protection == prot_safe) - bytes = krb_mk_safe(data, data_buffer+4, len, &auth_dat.session, - &ctrl_addr, &his_addr); - else - bytes = krb_mk_priv(data, data_buffer+4, len, schedule, - &auth_dat.session, - &ctrl_addr, &his_addr); - if(bytes == -1){ - reply(535, "Failed to make packet: %s.", strerror(errno)); - return -1; - } - data_buffer[0] = (bytes >> 24) & 0xff; - data_buffer[1] = (bytes >> 16) & 0xff; - data_buffer[2] = (bytes >> 8) & 0xff; - data_buffer[3] = bytes & 0xff; - if(krb_net_write(fd, data_buffer, bytes+4) < 0) - return -1; - length -= len; - data = (unsigned char*)data + len; - tx += len; - }while(length); - return tx; -} - -int krb4_userok(char *name) -{ - if(!kuserok(&auth_dat, name)){ - do_login(232, name); - }else{ - reply(530, "User %s access denied.", name); - } - return 0; -} - - -int -krb4_vprintf(const char *fmt, va_list ap) -{ - char buf[10240]; - char *p; - char *enc; - int code; - int len; - - vsnprintf (buf, sizeof(buf), fmt, ap); - enc = malloc(strlen(buf) + 31); - if(prot_level == prot_safe){ - len = krb_mk_safe((u_char*)buf, (u_char*)enc, strlen(buf), &auth_dat.session, - &ctrl_addr, &his_addr); - code = 631; - }else if(prot_level == prot_private){ - len = krb_mk_priv((u_char*)buf, (u_char*)enc, strlen(buf), schedule, - &auth_dat.session, &ctrl_addr, &his_addr); - code = 632; - }else{ - len = 0; /* XXX */ - code = 631; - } - base64_encode(enc, len, &p); - fprintf(stdout, "%d %s\r\n", code, p); - free(enc); - free(p); - return 0; -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/krb4.h b/crypto/kerberosIV/appl/ftp/ftpd/krb4.h deleted file mode 100644 index f777dbd5c2a9..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/krb4.h +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb4.h,v 1.6 1997/04/01 08:17:29 joda Exp $ */ - -#ifndef __KRB4_H__ -#define __KRB4_H__ - -#include - -int krb4_auth(char *auth); -int krb4_adat(char *auth); -int krb4_pbsz(int size); -int krb4_prot(int level); -int krb4_ccc(void); -int krb4_mic(char *msg); -int krb4_conf(char *msg); -int krb4_enc(char *msg); - -int krb4_read(int fd, void *data, int length); -int krb4_write(int fd, void *data, int length); - -int krb4_userok(char *name); -int krb4_vprintf(const char *fmt, va_list ap); - -#endif /* __KRB4_H__ */ diff --git a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c b/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c deleted file mode 100644 index 019cc2d17e02..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: logwtmp.c,v 1.14 1999/12/02 16:58:31 joda Exp $"); -#endif - -#include -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_UTMP_H -#include -#endif -#ifdef HAVE_UTMPX_H -#include -#endif -#include "extern.h" - -#ifndef WTMP_FILE -#ifdef _PATH_WTMP -#define WTMP_FILE _PATH_WTMP -#else -#define WTMP_FILE "/var/adm/wtmp" -#endif -#endif - -void -ftpd_logwtmp(char *line, char *name, char *host) -{ - static int init = 0; - static int fd; -#ifdef WTMPX_FILE - static int fdx; -#endif - struct utmp ut; -#ifdef WTMPX_FILE - struct utmpx utx; -#endif - - memset(&ut, 0, sizeof(struct utmp)); -#ifdef HAVE_STRUCT_UTMP_UT_TYPE - if(name[0]) - ut.ut_type = USER_PROCESS; - else - ut.ut_type = DEAD_PROCESS; -#endif - strncpy(ut.ut_line, line, sizeof(ut.ut_line)); - strncpy(ut.ut_name, name, sizeof(ut.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_PID - ut.ut_pid = getpid(); -#endif -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(ut.ut_host, host, sizeof(ut.ut_host)); -#endif - ut.ut_time = time(NULL); - -#ifdef WTMPX_FILE - strncpy(utx.ut_line, line, sizeof(utx.ut_line)); - strncpy(utx.ut_user, name, sizeof(utx.ut_user)); - strncpy(utx.ut_host, host, sizeof(utx.ut_host)); -#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN - utx.ut_syslen = strlen(host) + 1; - if (utx.ut_syslen > sizeof(utx.ut_host)) - utx.ut_syslen = sizeof(utx.ut_host); -#endif - { - struct timeval tv; - - gettimeofday (&tv, 0); - utx.ut_tv.tv_sec = tv.tv_sec; - utx.ut_tv.tv_usec = tv.tv_usec; - } - - if(name[0]) - utx.ut_type = USER_PROCESS; - else - utx.ut_type = DEAD_PROCESS; -#endif - - if(!init){ - fd = open(WTMP_FILE, O_WRONLY|O_APPEND, 0); -#ifdef WTMPX_FILE - fdx = open(WTMPX_FILE, O_WRONLY|O_APPEND, 0); -#endif - init = 1; - } - if(fd >= 0) { - write(fd, &ut, sizeof(struct utmp)); /* XXX */ -#ifdef WTMPX_FILE - write(fdx, &utx, sizeof(struct utmpx)); -#endif - } -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ls.c b/crypto/kerberosIV/appl/ftp/ftpd/ls.c deleted file mode 100644 index 6e2c9a188cae..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/ls.c +++ /dev/null @@ -1,573 +0,0 @@ -/* - * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "ftpd_locl.h" - -RCSID("$Id: ls.c,v 1.13.2.2 2000/06/23 02:51:09 assar Exp $"); - -struct fileinfo { - struct stat st; - int inode; - int bsize; - char mode[11]; - int n_link; - char *user; - char *group; - char *size; - char *major; - char *minor; - char *date; - char *filename; - char *link; -}; - -#define LS_DIRS 1 -#define LS_IGNORE_DOT 2 -#define LS_SORT_MODE 12 -#define SORT_MODE(f) ((f) & LS_SORT_MODE) -#define LS_SORT_NAME 4 -#define LS_SORT_MTIME 8 -#define LS_SORT_SIZE 12 -#define LS_SORT_REVERSE 16 - -#define LS_SIZE 32 -#define LS_INODE 64 - -#ifndef S_ISTXT -#define S_ISTXT S_ISVTX -#endif - -#ifndef S_ISSOCK -#define S_ISSOCK(mode) (((mode) & _S_IFMT) == S_IFSOCK) -#endif - -#ifndef S_ISLNK -#define S_ISLNK(mode) (((mode) & _S_IFMT) == S_IFLNK) -#endif - -static void -make_fileinfo(const char *filename, struct fileinfo *file, int flags) -{ - char buf[128]; - struct stat *st = &file->st; - - file->inode = st->st_ino; -#ifdef S_BLKSIZE - file->bsize = st->st_blocks * S_BLKSIZE / 1024; -#else - file->bsize = st->st_blocks * 512 / 1024; -#endif - - if(S_ISDIR(st->st_mode)) - file->mode[0] = 'd'; - else if(S_ISCHR(st->st_mode)) - file->mode[0] = 'c'; - else if(S_ISBLK(st->st_mode)) - file->mode[0] = 'b'; - else if(S_ISREG(st->st_mode)) - file->mode[0] = '-'; - else if(S_ISFIFO(st->st_mode)) - file->mode[0] = 'p'; - else if(S_ISLNK(st->st_mode)) - file->mode[0] = 'l'; - else if(S_ISSOCK(st->st_mode)) - file->mode[0] = 's'; -#ifdef S_ISWHT - else if(S_ISWHT(st->st_mode)) - file->mode[0] = 'w'; -#endif - else - file->mode[0] = '?'; - { - char *x[] = { "---", "--x", "-w-", "-wx", - "r--", "r-x", "rw-", "rwx" }; - strcpy(file->mode + 1, x[(st->st_mode & S_IRWXU) >> 6]); - strcpy(file->mode + 4, x[(st->st_mode & S_IRWXG) >> 3]); - strcpy(file->mode + 7, x[(st->st_mode & S_IRWXO) >> 0]); - if((st->st_mode & S_ISUID)) { - if((st->st_mode & S_IXUSR)) - file->mode[3] = 's'; - else - file->mode[3] = 'S'; - } - if((st->st_mode & S_ISGID)) { - if((st->st_mode & S_IXGRP)) - file->mode[6] = 's'; - else - file->mode[6] = 'S'; - } - if((st->st_mode & S_ISTXT)) { - if((st->st_mode & S_IXOTH)) - file->mode[9] = 't'; - else - file->mode[9] = 'T'; - } - } - file->n_link = st->st_nlink; - { - struct passwd *pwd; - pwd = getpwuid(st->st_uid); - if(pwd == NULL) - asprintf(&file->user, "%u", (unsigned)st->st_uid); - else - file->user = strdup(pwd->pw_name); - } - { - struct group *grp; - grp = getgrgid(st->st_gid); - if(grp == NULL) - asprintf(&file->group, "%u", (unsigned)st->st_gid); - else - file->group = strdup(grp->gr_name); - } - - if(S_ISCHR(st->st_mode) || S_ISBLK(st->st_mode)) { -#if defined(major) && defined(minor) - asprintf(&file->major, "%u", (unsigned)major(st->st_rdev)); - asprintf(&file->minor, "%u", (unsigned)minor(st->st_rdev)); -#else - /* Don't want to use the DDI/DKI crap. */ - asprintf(&file->major, "%u", (unsigned)st->st_rdev); - asprintf(&file->minor, "%u", 0); -#endif - } else - asprintf(&file->size, "%lu", (unsigned long)st->st_size); - - { - time_t t = time(NULL); - time_t mtime = st->st_mtime; - struct tm *tm = localtime(&mtime); - if((t - mtime > 6*30*24*60*60) || - (mtime - t > 6*30*24*60*60)) - strftime(buf, sizeof(buf), "%b %e %Y", tm); - else - strftime(buf, sizeof(buf), "%b %e %H:%M", tm); - file->date = strdup(buf); - } - { - const char *p = strrchr(filename, '/'); - if(p) - p++; - else - p = filename; - file->filename = strdup(p); - } - if(S_ISLNK(st->st_mode)) { - int n; - n = readlink((char *)filename, buf, sizeof(buf)); - if(n >= 0) { - buf[n] = '\0'; - file->link = strdup(buf); - } else - warn("%s: readlink", filename); - } -} - -static void -print_file(FILE *out, - int flags, - struct fileinfo *f, - int max_inode, - int max_bsize, - int max_n_link, - int max_user, - int max_group, - int max_size, - int max_major, - int max_minor, - int max_date) -{ - if(f->filename == NULL) - return; - - if(flags & LS_INODE) { - sec_fprintf2(out, "%*d", max_inode, f->inode); - sec_fprintf2(out, " "); - } - if(flags & LS_SIZE) { - sec_fprintf2(out, "%*d", max_bsize, f->bsize); - sec_fprintf2(out, " "); - } - sec_fprintf2(out, "%s", f->mode); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%*d", max_n_link, f->n_link); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%-*s", max_user, f->user); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%-*s", max_group, f->group); - sec_fprintf2(out, " "); - if(f->major != NULL && f->minor != NULL) - sec_fprintf2(out, "%*s, %*s", max_major, f->major, max_minor, f->minor); - else - sec_fprintf2(out, "%*s", max_size, f->size); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%*s", max_date, f->date); - sec_fprintf2(out, " "); - sec_fprintf2(out, "%s", f->filename); - if(f->link) - sec_fprintf2(out, " -> %s", f->link); - sec_fprintf2(out, "\r\n"); -} - -static int -compare_filename(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return strcmp(a->filename, b->filename); -} - -static int -compare_mtime(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return a->st.st_mtime - b->st.st_mtime; -} - -static int -compare_size(struct fileinfo *a, struct fileinfo *b) -{ - if(a->filename == NULL) - return 1; - if(b->filename == NULL) - return -1; - return a->st.st_size - b->st.st_size; -} - -static void -list_dir(FILE *out, const char *directory, int flags); - -static int -log10(int num) -{ - int i = 1; - while(num > 10) { - i++; - num /= 10; - } - return i; -} - -/* - * Operate as lstat but fake up entries for AFS mount points so we don't - * have to fetch them. - */ - -static int -lstat_file (const char *file, struct stat *sb) -{ -#ifdef KRB4 - if (k_hasafs() - && strcmp(file, ".") - && strcmp(file, "..")) - { - struct ViceIoctl a_params; - char *last; - char *path_bkp; - static ino_t ino_counter = 0, ino_last = 0; - int ret; - const int maxsize = 2048; - - path_bkp = strdup (file); - if (path_bkp == NULL) - return -1; - - a_params.out = malloc (maxsize); - if (a_params.out == NULL) { - free (path_bkp); - return -1; - } - - /* If path contains more than the filename alone - split it */ - - last = strrchr (path_bkp, '/'); - if (last != NULL) { - *last = '\0'; - a_params.in = last + 1; - } else - a_params.in = (char *)file; - - a_params.in_size = strlen (a_params.in) + 1; - a_params.out_size = maxsize; - - ret = k_pioctl (last ? path_bkp : "." , - VIOC_AFS_STAT_MT_PT, &a_params, 0); - free (a_params.out); - if (ret < 0) { - free (path_bkp); - - if (errno != EINVAL) - return ret; - else - /* if we get EINVAL this is probably not a mountpoint */ - return lstat (file, sb); - } - - /* - * wow this was a mountpoint, lets cook the struct stat - * use . as a prototype - */ - - ret = lstat (path_bkp, sb); - free (path_bkp); - if (ret < 0) - return ret; - - if (ino_last == sb->st_ino) - ino_counter++; - else { - ino_last = sb->st_ino; - ino_counter = 0; - } - sb->st_ino += ino_counter; - sb->st_nlink = 3; - - return 0; - } -#endif /* KRB4 */ - return lstat (file, sb); -} - -static void -list_files(FILE *out, char **files, int n_files, int flags) -{ - struct fileinfo *fi; - int i; - - fi = calloc(n_files, sizeof(*fi)); - if (fi == NULL) { - sec_fprintf2(out, "ouf of memory\r\n"); - return; - } - for(i = 0; i < n_files; i++) { - if(lstat_file(files[i], &fi[i].st) < 0) { - sec_fprintf2(out, "%s: %s\r\n", files[i], strerror(errno)); - fi[i].filename = NULL; - } else { - if((flags & LS_DIRS) == 0 && S_ISDIR(fi[i].st.st_mode)) { - if(n_files > 1) - sec_fprintf2(out, "%s:\r\n", files[i]); - list_dir(out, files[i], flags); - } else { - make_fileinfo(files[i], &fi[i], flags); - } - } - } - switch(SORT_MODE(flags)) { - case LS_SORT_NAME: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_filename); - break; - case LS_SORT_MTIME: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_mtime); - break; - case LS_SORT_SIZE: - qsort(fi, n_files, sizeof(*fi), - (int (*)(const void*, const void*))compare_size); - break; - } - { - int max_inode = 0; - int max_bsize = 0; - int max_n_link = 0; - int max_user = 0; - int max_group = 0; - int max_size = 0; - int max_major = 0; - int max_minor = 0; - int max_date = 0; - for(i = 0; i < n_files; i++) { - if(fi[i].filename == NULL) - continue; - if(fi[i].inode > max_inode) - max_inode = fi[i].inode; - if(fi[i].bsize > max_bsize) - max_bsize = fi[i].bsize; - if(fi[i].n_link > max_n_link) - max_n_link = fi[i].n_link; - if(strlen(fi[i].user) > max_user) - max_user = strlen(fi[i].user); - if(strlen(fi[i].group) > max_group) - max_group = strlen(fi[i].group); - if(fi[i].major != NULL && strlen(fi[i].major) > max_major) - max_major = strlen(fi[i].major); - if(fi[i].minor != NULL && strlen(fi[i].minor) > max_minor) - max_minor = strlen(fi[i].minor); - if(fi[i].size != NULL && strlen(fi[i].size) > max_size) - max_size = strlen(fi[i].size); - if(strlen(fi[i].date) > max_date) - max_date = strlen(fi[i].date); - } - if(max_size < max_major + max_minor + 2) - max_size = max_major + max_minor + 2; - else if(max_size - max_minor - 2 > max_major) - max_major = max_size - max_minor - 2; - max_inode = log10(max_inode); - max_bsize = log10(max_bsize); - max_n_link = log10(max_n_link); - - if(flags & LS_SORT_REVERSE) - for(i = n_files - 1; i >= 0; i--) - print_file(out, - flags, - &fi[i], - max_inode, - max_bsize, - max_n_link, - max_user, - max_group, - max_size, - max_major, - max_minor, - max_date); - else - for(i = 0; i < n_files; i++) - print_file(out, - flags, - &fi[i], - max_inode, - max_bsize, - max_n_link, - max_user, - max_group, - max_size, - max_major, - max_minor, - max_date); - } -} - -static void -free_files (char **files, int n) -{ - int i; - - for (i = 0; i < n; ++i) - free (files[i]); - free (files); -} - -static void -list_dir(FILE *out, const char *directory, int flags) -{ - DIR *d = opendir(directory); - struct dirent *ent; - char **files = NULL; - int n_files = 0; - - if(d == NULL) { - sec_fprintf2(out, "%s: %s\r\n", directory, strerror(errno)); - return; - } - while((ent = readdir(d)) != NULL) { - void *tmp; - - if(ent->d_name[0] == '.') { - if (flags & LS_IGNORE_DOT) - continue; - if (ent->d_name[1] == 0) /* Ignore . */ - continue; - if (ent->d_name[1] == '.' && ent->d_name[2] == 0) /* Ignore .. */ - continue; - } - tmp = realloc(files, (n_files + 1) * sizeof(*files)); - if (tmp == NULL) { - sec_fprintf2(out, "%s: out of memory\r\n", directory); - free_files (files, n_files); - closedir (d); - return; - } - files = tmp; - asprintf(&files[n_files], "%s/%s", directory, ent->d_name); - if (files[n_files] == NULL) { - sec_fprintf2(out, "%s: out of memory\r\n", directory); - free_files (files, n_files); - closedir (d); - return; - } - ++n_files; - } - closedir(d); - list_files(out, files, n_files, flags | LS_DIRS); -} - -void -builtin_ls(FILE *out, const char *file) -{ - int flags = LS_SORT_NAME; - - if(*file == '-') { - const char *p; - for(p = file + 1; *p; p++) { - switch(*p) { - case 'a': - case 'A': - flags &= ~LS_IGNORE_DOT; - break; - case 'C': - break; - case 'd': - flags |= LS_DIRS; - break; - case 'f': - flags = (flags & ~LS_SORT_MODE); - break; - case 'i': - flags |= flags | LS_INODE; - break; - case 'l': - break; - case 't': - flags = (flags & ~LS_SORT_MODE) | LS_SORT_MTIME; - break; - case 's': - flags |= LS_SIZE; - break; - case 'S': - flags = (flags & ~LS_SORT_MODE) | LS_SORT_SIZE; - break; - case 'r': - flags |= LS_SORT_REVERSE; - break; - } - } - file = "."; - } - list_files(out, &file, 1, flags); - sec_fflush(out); -} diff --git a/crypto/kerberosIV/appl/ftp/ftpd/pathnames.h b/crypto/kerberosIV/appl/ftp/ftpd/pathnames.h deleted file mode 100644 index ff2041bb6c79..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/pathnames.h +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/4/93 - */ - -#ifdef HAVE_PATHS_H -#include -#endif - -#ifndef _PATH_DEVNULL -#define _PATH_DEVNULL "/dev/null" -#endif - -#ifndef _PATH_NOLOGIN -#define _PATH_NOLOGIN "/etc/nologin" -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -#define _PATH_FTPUSERS "/etc/ftpusers" -#define _PATH_FTPCHROOT "/etc/ftpchroot" -#define _PATH_FTPWELCOME "/etc/ftpwelcome" -#define _PATH_FTPLOGINMESG "/etc/motd" - -#define _PATH_ISSUE "/etc/issue" -#define _PATH_ISSUE_NET "/etc/issue.net" diff --git a/crypto/kerberosIV/appl/ftp/ftpd/popen.c b/crypto/kerberosIV/appl/ftp/ftpd/popen.c deleted file mode 100644 index 5f36813a195b..000000000000 --- a/crypto/kerberosIV/appl/ftp/ftpd/popen.c +++ /dev/null @@ -1,224 +0,0 @@ -/* - * Copyright (c) 1988, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software written by Ken Arnold and - * published in UNIX Review, Vol. 6, No. 8. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: popen.c,v 1.19 1999/09/16 20:38:45 assar Exp $"); -#endif - -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#include - -#include -#include -#include -#include -#include -#include -#include - -#include "extern.h" - -#include - -/* - * Special version of popen which avoids call to shell. This ensures - * no one may create a pipe to a hidden program as a side effect of a - * list or dir command. - */ -static int *pids; -static int fds; - -extern int dochroot; - -/* return path prepended with ~ftp if that file exists, otherwise - * return path unchanged - */ - -const char * -ftp_rooted(const char *path) -{ - static char home[MaxPathLen] = ""; - static char newpath[MaxPathLen]; - struct passwd *pwd; - - if(!home[0]) - if((pwd = k_getpwnam("ftp"))) - strlcpy(home, pwd->pw_dir, sizeof(home)); - snprintf(newpath, sizeof(newpath), "%s/%s", home, path); - if(access(newpath, X_OK)) - strlcpy(newpath, path, sizeof(newpath)); - return newpath; -} - - -FILE * -ftpd_popen(char *program, char *type, int do_stderr, int no_glob) -{ - char *cp; - FILE *iop; - int argc, gargc, pdes[2], pid; - char **pop, *argv[100], *gargv[1000]; - char *foo; - - if (strcmp(type, "r") && strcmp(type, "w")) - return (NULL); - - if (!pids) { - - /* This function is ugly and should be rewritten, in - * modern unices there is no such thing as a maximum - * filedescriptor. - */ - - fds = getdtablesize(); - pids = (int*)calloc(fds, sizeof(int)); - if(!pids) - return NULL; - } - if (pipe(pdes) < 0) - return (NULL); - - /* break up string into pieces */ - foo = NULL; - for (argc = 0, cp = program;; cp = NULL) { - if (!(argv[argc++] = strtok_r(cp, " \t\n", &foo))) - break; - } - - gargv[0] = (char*)ftp_rooted(argv[0]); - /* glob each piece */ - for (gargc = argc = 1; argv[argc]; argc++) { - glob_t gl; - int flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE; - - memset(&gl, 0, sizeof(gl)); - if (no_glob || glob(argv[argc], flags, NULL, &gl)) - gargv[gargc++] = strdup(argv[argc]); - else - for (pop = gl.gl_pathv; *pop; pop++) - gargv[gargc++] = strdup(*pop); - globfree(&gl); - } - gargv[gargc] = NULL; - - iop = NULL; - switch(pid = fork()) { - case -1: /* error */ - close(pdes[0]); - close(pdes[1]); - goto pfree; - /* NOTREACHED */ - case 0: /* child */ - if (*type == 'r') { - if (pdes[1] != STDOUT_FILENO) { - dup2(pdes[1], STDOUT_FILENO); - close(pdes[1]); - } - if(do_stderr) - dup2(STDOUT_FILENO, STDERR_FILENO); - close(pdes[0]); - } else { - if (pdes[0] != STDIN_FILENO) { - dup2(pdes[0], STDIN_FILENO); - close(pdes[0]); - } - close(pdes[1]); - } - execv(gargv[0], gargv); - gargv[0] = argv[0]; - execv(gargv[0], gargv); - _exit(1); - } - /* parent; assume fdopen can't fail... */ - if (*type == 'r') { - iop = fdopen(pdes[0], type); - close(pdes[1]); - } else { - iop = fdopen(pdes[1], type); - close(pdes[0]); - } - pids[fileno(iop)] = pid; - -pfree: - for (argc = 1; gargv[argc] != NULL; argc++) - free(gargv[argc]); - - - return (iop); -} - -int -ftpd_pclose(FILE *iop) -{ - int fdes, status; - pid_t pid; - sigset_t sigset, osigset; - - /* - * pclose returns -1 if stream is not associated with a - * `popened' command, or, if already `pclosed'. - */ - if (pids == 0 || pids[fdes = fileno(iop)] == 0) - return (-1); - fclose(iop); - sigemptyset(&sigset); - sigaddset(&sigset, SIGINT); - sigaddset(&sigset, SIGQUIT); - sigaddset(&sigset, SIGHUP); - sigprocmask(SIG_BLOCK, &sigset, &osigset); - while ((pid = waitpid(pids[fdes], &status, 0)) < 0 && errno == EINTR) - continue; - sigprocmask(SIG_SETMASK, &osigset, NULL); - pids[fdes] = 0; - if (pid < 0) - return (pid); - if (WIFEXITED(status)) - return (WEXITSTATUS(status)); - return (1); -} diff --git a/crypto/kerberosIV/appl/kauth/ChangeLog b/crypto/kerberosIV/appl/kauth/ChangeLog deleted file mode 100644 index 7ce281cd53cc..000000000000 --- a/crypto/kerberosIV/appl/kauth/ChangeLog +++ /dev/null @@ -1,41 +0,0 @@ -2000-02-28 Assar Westerlund - - * kauth.c (main): don't enable aflag with `-d'. this breaks with - kaservers that don't let you get a ticket for a user and besides, - adding debugging should not change the functionality - -1999-12-06 Assar Westerlund - - * rkinit.c (doit_host): NAT work-around - * kauthd.c (doit): type correctness - -1999-08-31 Johan Danielsson - - * kauth.c: cleanup usage string; handle `kauth -h' gracefully - (print usage); add `-a' flag to get the ticket address (useful for - firewall configurations) - -Thu Apr 15 15:05:33 1999 Johan Danielsson - - * kauth.c: add `-v' - -Thu Mar 18 11:17:14 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Sun Nov 22 10:30:47 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - -Tue May 26 17:41:47 1998 Johan Danielsson - - * kauth.c: use krb_enable_debug - -Fri May 1 07:15:18 1998 Assar Westerlund - - * rkinit.c: unifdef -DHAVE_H_ERRNO - -Thu Mar 19 16:07:18 1998 Johan Danielsson - - * kauth.c: Check for negative return value from krb_afslog(). - diff --git a/crypto/kerberosIV/appl/kauth/Makefile.am b/crypto/kerberosIV/appl/kauth/Makefile.am deleted file mode 100644 index a5bf0fdacac6..000000000000 --- a/crypto/kerberosIV/appl/kauth/Makefile.am +++ /dev/null @@ -1,42 +0,0 @@ -# $Id: Makefile.am,v 1.7 1999/04/09 18:22:45 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += $(INCLUDE_krb4) - -bin_PROGRAMS = kauth -bin_SCRIPTS = ksrvtgt -libexec_PROGRAMS = kauthd - -EXTRA_DIST = zrefresh ksrvtgt.in - -kauth_SOURCES = \ - kauth.c \ - kauth.h \ - rkinit.c \ - marshall.c \ - encdata.c - -kauthd_SOURCES = \ - kauthd.c \ - kauth.h \ - marshall.c \ - encdata.c - -ksrvtgt: ksrvtgt.in - sed -e "s!%bindir%!$(bindir)!" $(srcdir)/ksrvtgt.in > $@ - chmod +x $@ - -install-exec-local: - if test -f $(bindir)/zrefresh -o -r $(bindir)/zrefresh; then \ - true; \ - else \ - $(INSTALL_PROGRAM) $(srcdir)/zrefresh $(bindir)/`echo zrefresh | sed '$(transform)'`; \ - fi - -LDADD = \ - $(LIB_kafs) \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_roken) diff --git a/crypto/kerberosIV/appl/kauth/Makefile.in b/crypto/kerberosIV/appl/kauth/Makefile.in deleted file mode 100644 index 1e8a4c1ebc84..000000000000 --- a/crypto/kerberosIV/appl/kauth/Makefile.in +++ /dev/null @@ -1,115 +0,0 @@ -# $Id: Makefile.in,v 1.40.16.1 2000/06/23 02:52:31 assar Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -top_builddir = ../.. - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -DBINDIR='"$(bindir)"' -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -LIBS = @LIBS@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -bindir = @bindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROG_BIN = kauth$(EXECSUFFIX) -SCRIPT_BIN = ksrvtgt -PROG_LIBEXEC = kauthd$(EXECSUFFIX) -PROGS = $(PROG_BIN) $(SCRIPT_BIN) $(PROG_LIBEXEC) - -SOURCES_KAUTH = kauth.c rkinit.c -SOURCES_KAUTHD = kauthd.c -SOURCES_COMMON = encdata.c marshall.c - -OBJECTS_KAUTH = kauth.o rkinit.o -OBJECTS_KAUTHD = kauthd.o -OBJECTS_COMMON = marshall.o encdata.o - -OBJECTS = $(OBJECTS_KAUTH) $(OBJECTS_KAUTHD) -SOURCES = $(SOURCES_KAUTH) $(SOURCES_KAUTHD) $(SOURCES_COMMON) - -KRB_KAFS_LIB = @KRB_KAFS_LIB@ - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) $(DESTDIR)$(libexecdir) - for x in $(PROG_BIN); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \ - done - for x in $(SCRIPT_BIN); do \ - $(INSTALL_SCRIPT) $$x $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \ - done - if test -f $(DESTDIR)$(bindir)/zrefresh -o -r $(DESTDIR)$(bindir)/zrefresh; then \ - true; \ - else \ - $(INSTALL_PROGRAM) $(srcdir)/zrefresh $(DESTDIR)$(bindir)/`echo zrefresh | sed '$(transform)'`; \ - fi - for x in $(PROG_LIBEXEC); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x| sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROG_BIN) $(SCRIPT_BIN); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \ - done - for x in $(PROG_LIBEXEC); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x| sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes -LIBROKEN=-L../../lib/roken -lroken - -kauth$(EXECSUFFIX): $(OBJECTS_KAUTH) $(OBJECTS_COMMON) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KAUTH) $(OBJECTS_COMMON) $(KRB_KAFS_LIB) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -kauthd$(EXECSUFFIX): $(OBJECTS_KAUTHD) $(OBJECTS_COMMON) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KAUTHD) $(OBJECTS_COMMON) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -ksrvtgt: ksrvtgt.in - sed -e "s!%bindir%!$(bindir)!" $(srcdir)/ksrvtgt.in > $@ - chmod +x $@ - - -$(OBJECTS): ../../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/appl/kauth/encdata.c b/crypto/kerberosIV/appl/kauth/encdata.c deleted file mode 100644 index 886f5490bad8..000000000000 --- a/crypto/kerberosIV/appl/kauth/encdata.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kauth.h" - -RCSID("$Id: encdata.c,v 1.10 1999/12/02 16:58:31 joda Exp $"); - -int -write_encrypted (int fd, void *buf, size_t len, des_key_schedule schedule, - des_cblock *session, struct sockaddr_in *me, - struct sockaddr_in *him) -{ - void *outbuf; - int32_t outlen, l; - int i; - unsigned char tmp[4]; - - outbuf = malloc(len + 30); - if (outbuf == NULL) - return -1; - outlen = krb_mk_priv (buf, outbuf, len, schedule, session, me, him); - if (outlen < 0) { - free(outbuf); - return -1; - } - l = outlen; - for(i = 3; i >= 0; i--, l = l >> 8) - tmp[i] = l & 0xff; - if (krb_net_write (fd, tmp, 4) != 4 || - krb_net_write (fd, outbuf, outlen) != outlen) { - free(outbuf); - return -1; - } - - free(outbuf); - return 0; -} - - -int -read_encrypted (int fd, void *buf, size_t len, void **ret, - des_key_schedule schedule, des_cblock *session, - struct sockaddr_in *him, struct sockaddr_in *me) -{ - int status; - int32_t l; - MSG_DAT msg; - unsigned char tmp[4]; - - l = krb_net_read (fd, tmp, 4); - if (l != 4) - return l; - l = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3]; - if (l > len) - return -1; - if (krb_net_read (fd, buf, l) != l) - return -1; - status = krb_rd_priv (buf, l, schedule, session, him, me, &msg); - if (status != RD_AP_OK) { - fprintf (stderr, "read_encrypted: %s\n", - krb_get_err_text(status)); - return -1; - } - *ret = msg.app_data; - return msg.app_length; -} diff --git a/crypto/kerberosIV/appl/kauth/kauth.c b/crypto/kerberosIV/appl/kauth/kauth.c deleted file mode 100644 index 3f6f0bcd6abe..000000000000 --- a/crypto/kerberosIV/appl/kauth/kauth.c +++ /dev/null @@ -1,384 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Little program that reads an srvtab or password and - * creates a suitable ticketfile and associated AFS tokens. - * - * If an optional command is given the command is executed in a - * new PAG and when the command exits the tickets are destroyed. - */ - -#include "kauth.h" - -RCSID("$Id: kauth.c,v 1.97.2.1 2000/02/28 03:42:51 assar Exp $"); - -krb_principal princ; -static char srvtab[MaxPathLen]; -static int lifetime = DEFAULT_TKT_LIFE; -static char remote_tktfile[MaxPathLen]; -static char remoteuser[100]; -static char *cell = 0; - -static void -usage(void) -{ - fprintf(stderr, - "Usage:\n" - " %s [name]\n" - "or\n" - " %s [-ad] [-n name] [-r remoteuser] [-t remote ticketfile]\n" - " [-l lifetime (in minutes) ] [-f srvtab ] [-c AFS cell name ]\n" - " [-h hosts... [--]] [command ... ]\n\n", - __progname, __progname); - fprintf(stderr, - "A fully qualified name can be given: user[.instance][@realm]\n" - "Realm is converted to uppercase!\n"); - exit(1); -} - -#define EX_NOEXEC 126 -#define EX_NOTFOUND 127 - -static int -doexec(int argc, char **argv) -{ - int ret = simple_execvp(argv[0], argv); - if(ret == -2) - warn ("fork"); - if(ret == -3) - warn("waitpid"); - if(ret < 0) - return EX_NOEXEC; - if(ret == EX_NOEXEC || ret == EX_NOTFOUND) - warnx("Can't exec program ``%s''", argv[0]); - - return ret; -} - -static RETSIGTYPE -renew(int sig) -{ - int code; - - signal(SIGALRM, renew); - - code = krb_get_svc_in_tkt(princ.name, princ.instance, princ.realm, - KRB_TICKET_GRANTING_TICKET, - princ.realm, lifetime, srvtab); - if (code) - warnx ("%s", krb_get_err_text(code)); - else if (k_hasafs()) - { - if ((code = krb_afslog(cell, NULL)) != 0 && code != KDC_PR_UNKNOWN) { - warnx ("%s", krb_get_err_text(code)); - } - } - - alarm(krb_life_to_time(0, lifetime)/2 - 60); - SIGRETURN(0); -} - -static int -zrefresh(void) -{ - switch (fork()) { - case -1: - err (1, "Warning: Failed to fork zrefresh"); - return -1; - case 0: - /* Child */ - execlp("zrefresh", "zrefresh", 0); - execl(BINDIR "/zrefresh", "zrefresh", 0); - exit(1); - default: - /* Parent */ - break; - } - return 0; -} - -static int -key_to_key(const char *user, - char *instance, - const char *realm, - const void *arg, - des_cblock *key) -{ - memcpy(key, arg, sizeof(des_cblock)); - return 0; -} - -static int -get_ticket_address(krb_principal *princ, des_cblock *key) -{ - int code; - unsigned char flags; - krb_principal service; - u_int32_t addr; - struct in_addr addr2; - des_cblock session; - int life; - u_int32_t time_sec; - des_key_schedule schedule; - CREDENTIALS c; - - code = get_ad_tkt(princ->name, princ->instance, princ->realm, 0); - if(code) { - warnx("get_ad_tkt: %s\n", krb_get_err_text(code)); - return code; - } - code = krb_get_cred(princ->name, princ->instance, princ->realm, &c); - if(code) { - warnx("krb_get_cred: %s\n", krb_get_err_text(code)); - return code; - } - - des_set_key(key, schedule); - code = decomp_ticket(&c.ticket_st, - &flags, - princ->name, - princ->instance, - princ->realm, - &addr, - session, - &life, - &time_sec, - service.name, - service.instance, - key, - schedule); - if(code) { - warnx("decomp_ticket: %s\n", krb_get_err_text(code)); - return code; - } - memset(&session, 0, sizeof(session)); - memset(schedule, 0, sizeof(schedule)); - addr2.s_addr = addr; - fprintf(stdout, "ticket address = %s\n", inet_ntoa(addr2)); -} - - -int -main(int argc, char **argv) -{ - int code, more_args; - int ret; - int c; - char *file; - int pflag = 0; - int aflag = 0; - int version_flag = 0; - char passwd[100]; - des_cblock key; - char **host; - int nhost; - char tf[MaxPathLen]; - - set_progname (argv[0]); - - if ((file = getenv("KRBTKFILE")) == 0) - file = TKT_FILE; - - memset(&princ, 0, sizeof(princ)); - memset(srvtab, 0, sizeof(srvtab)); - *remoteuser = '\0'; - nhost = 0; - host = NULL; - - /* Look for kerberos name */ - if (argc > 1 && - argv[1][0] != '-' && - krb_parse_name(argv[1], &princ) == 0) - { - argc--; argv++; - strupr(princ.realm); - } - - while ((c = getopt(argc, argv, "ar:t:f:hdl:n:c:v")) != -1) - switch (c) { - case 'a': - aflag++; - break; - case 'd': - krb_enable_debug(); - _kafs_debug = 1; - break; - case 'f': - strlcpy(srvtab, optarg, sizeof(srvtab)); - break; - case 't': - strlcpy(remote_tktfile, optarg, sizeof(remote_tktfile)); - break; - case 'r': - strlcpy(remoteuser, optarg, sizeof(remoteuser)); - break; - case 'l': - lifetime = atoi(optarg); - if (lifetime == -1) - lifetime = 255; - else if (lifetime < 5) - lifetime = 1; - else - lifetime = krb_time_to_life(0, lifetime*60); - if (lifetime > 255) - lifetime = 255; - break; - case 'n': - if ((code = krb_parse_name(optarg, &princ)) != 0) { - warnx ("%s", krb_get_err_text(code)); - usage(); - } - strupr(princ.realm); - pflag = 1; - break; - case 'c': - cell = optarg; - break; - case 'h': - host = argv + optind; - for(nhost = 0; optind < argc && *argv[optind] != '-'; ++optind) - ++nhost; - if(nhost == 0) - usage(); - break; - case 'v': - version_flag++; - print_version(NULL); - break; - case '?': - default: - usage(); - break; - } - - if(version_flag) { - print_version(NULL); - exit(0); - } - if (princ.name[0] == '\0' && krb_get_default_principal (princ.name, - princ.instance, - princ.realm) < 0) - errx (1, "Could not get default principal"); - - /* With root tickets assume remote user is root */ - if (*remoteuser == '\0') { - if (strcmp(princ.instance, "root") == 0) - strlcpy(remoteuser, princ.instance, sizeof(remoteuser)); - else - strlcpy(remoteuser, princ.name, sizeof(remoteuser)); - } - - more_args = argc - optind; - - if (princ.realm[0] == '\0') - if (krb_get_lrealm(princ.realm, 1) != KSUCCESS) - strlcpy(princ.realm, KRB_REALM, REALM_SZ); - - if (more_args) { - int f; - - do{ - snprintf(tf, sizeof(tf), "%s%u_%u", TKT_ROOT, (unsigned)getuid(), - (unsigned)(getpid()*time(0))); - f = open(tf, O_CREAT|O_EXCL|O_RDWR); - }while(f < 0); - close(f); - unlink(tf); - setenv("KRBTKFILE", tf, 1); - krb_set_tkt_string (tf); - } - - if (srvtab[0]) - { - signal(SIGALRM, renew); - - code = read_service_key (princ.name, princ.instance, princ.realm, 0, - srvtab, (char *)&key); - if (code == KSUCCESS) - code = krb_get_in_tkt(princ.name, princ.instance, princ.realm, - KRB_TICKET_GRANTING_TICKET, - princ.realm, lifetime, - key_to_key, NULL, key); - alarm(krb_life_to_time(0, lifetime)/2 - 60); - } - else { - char prompt[128]; - - snprintf(prompt, sizeof(prompt), "%s's Password: ", krb_unparse_name(&princ)); - if (des_read_pw_string(passwd, sizeof(passwd)-1, prompt, 0)){ - memset(passwd, 0, sizeof(passwd)); - exit(1); - } - code = krb_get_pw_in_tkt2(princ.name, princ.instance, princ.realm, - KRB_TICKET_GRANTING_TICKET, princ.realm, - lifetime, passwd, &key); - - memset(passwd, 0, sizeof(passwd)); - } - if (code) { - memset (key, 0, sizeof(key)); - errx (1, "%s", krb_get_err_text(code)); - } - - if(aflag) - get_ticket_address(&princ, &key); - - if (k_hasafs()) { - if (more_args) - k_setpag(); - if ((code = krb_afslog(cell, NULL)) != 0 && code != KDC_PR_UNKNOWN) { - if(code > 0) - warnx ("%s", krb_get_err_text(code)); - else - warnx ("failed to store AFS token"); - } - } - - for(ret = 0; nhost-- > 0; host++) - ret += rkinit(&princ, lifetime, remoteuser, remote_tktfile, &key, *host); - - if (ret) - return ret; - - if (more_args) { - ret = doexec(more_args, &argv[optind]); - dest_tkt(); - if (k_hasafs()) - k_unlog(); - } - else - zrefresh(); - - return ret; -} diff --git a/crypto/kerberosIV/appl/kauth/kauth.h b/crypto/kerberosIV/appl/kauth/kauth.h deleted file mode 100644 index 32243c7d4333..000000000000 --- a/crypto/kerberosIV/appl/kauth/kauth.h +++ /dev/null @@ -1,116 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kauth.h,v 1.21 1999/12/02 16:58:31 joda Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif /* HAVE_CONFIG_H */ - -#include -#include -#include -#include -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_GRP_H -#include -#endif - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif /* HAVE_SYS_RESOURCE_H */ -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#include - -#include -#include - -#include - -#define KAUTH_PORT 2120 - -#define KAUTH_VERSION "RKINIT.0" - -int rkinit (krb_principal*, int, char*, char*, des_cblock*, char*); - -int write_encrypted (int, void*, size_t, des_key_schedule, - des_cblock*, struct sockaddr_in*, struct sockaddr_in*); - -int read_encrypted (int, void*, size_t, void **, des_key_schedule, - des_cblock*, struct sockaddr_in*, struct sockaddr_in*); - -int pack_args (char *, size_t, krb_principal*, int, const char*, const char*); - -int unpack_args (const char*, krb_principal*, int*, char*, char*); diff --git a/crypto/kerberosIV/appl/kauth/kauthd.c b/crypto/kerberosIV/appl/kauth/kauthd.c deleted file mode 100644 index d0b61ec8137c..000000000000 --- a/crypto/kerberosIV/appl/kauth/kauthd.c +++ /dev/null @@ -1,202 +0,0 @@ -/* $FreeBSD$ */ - -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kauth.h" - -RCSID("$Id: kauthd.c,v 1.25.2.1 2000/06/28 19:07:58 assar Exp $"); - -krb_principal princ; -static char locuser[SNAME_SZ]; -static int lifetime; -static char tktfile[MaxPathLen]; - -struct remote_args { - int sock; - des_key_schedule *schedule; - des_cblock *session; - struct sockaddr_in *me, *her; -}; - -static int -decrypt_remote_tkt (const char *user, - const char *inst, - const char *realm, - const void *varg, - key_proc_t key_proc, - KTEXT *cipp) -{ - char buf[BUFSIZ]; - void *ptr; - int len; - KTEXT cip = *cipp; - struct remote_args *args = (struct remote_args *)varg; - - write_encrypted (args->sock, cip->dat, cip->length, - *args->schedule, args->session, args->me, - args->her); - len = read_encrypted (args->sock, buf, sizeof(buf), &ptr, *args->schedule, - args->session, args->her, args->me); - memcpy(cip->dat, ptr, cip->length); - - return 0; -} - -static int -doit(int sock) -{ - int status; - KTEXT_ST ticket; - AUTH_DAT auth; - char instance[INST_SZ]; - des_key_schedule schedule; - struct sockaddr_in thisaddr, thataddr; - int addrlen; - int len; - char buf[BUFSIZ]; - void *data; - struct passwd *passwd; - char version[KRB_SENDAUTH_VLEN + 1]; - char remotehost[MaxHostNameLen]; - - addrlen = sizeof(thisaddr); - if (getsockname (sock, (struct sockaddr *)&thisaddr, &addrlen) < 0 || - addrlen != sizeof(thisaddr)) { - return 1; - } - addrlen = sizeof(thataddr); - if (getpeername (sock, (struct sockaddr *)&thataddr, &addrlen) < 0 || - addrlen != sizeof(thataddr)) { - return 1; - } - - inaddr2str (thataddr.sin_addr, remotehost, sizeof(remotehost)); - - k_getsockinst (sock, instance, sizeof(instance)); - status = krb_recvauth (KOPT_DO_MUTUAL, sock, &ticket, "rcmd", instance, - &thataddr, &thisaddr, &auth, "", schedule, - version); - if (status != KSUCCESS || - strncmp(version, KAUTH_VERSION, KRB_SENDAUTH_VLEN) != 0) { - return 1; - } - len = read_encrypted (sock, buf, sizeof(buf), &data, schedule, - &auth.session, &thataddr, &thisaddr); - if (len < 0) { - write_encrypted (sock, "read_enc failed", - sizeof("read_enc failed") - 1, schedule, - &auth.session, &thisaddr, &thataddr); - return 1; - } - if (unpack_args(data, &princ, &lifetime, locuser, - tktfile)) { - write_encrypted (sock, "unpack_args failed", - sizeof("unpack_args failed") - 1, schedule, - &auth.session, &thisaddr, &thataddr); - return 1; - } - - if( kuserok(&auth, locuser) != 0) { - snprintf(buf, sizeof(buf), "%s cannot get tickets for %s", - locuser, krb_unparse_name(&princ)); - syslog (LOG_ERR, "%s", buf); - write_encrypted (sock, buf, strlen(buf), schedule, - &auth.session, &thisaddr, &thataddr); - return 1; - } - passwd = k_getpwnam (locuser); - if (passwd == NULL) { - snprintf (buf, sizeof(buf), "No user '%s'", locuser); - syslog (LOG_ERR, "%s", buf); - write_encrypted (sock, buf, strlen(buf), schedule, - &auth.session, &thisaddr, &thataddr); - return 1; - } - if (setgid (passwd->pw_gid) || - initgroups(passwd->pw_name, passwd->pw_gid) || - setuid(passwd->pw_uid)) { - snprintf (buf, sizeof(buf), "Could not change user"); - syslog (LOG_ERR, "%s", buf); - write_encrypted (sock, buf, strlen(buf), schedule, - &auth.session, &thisaddr, &thataddr); - return 1; - } - write_encrypted (sock, "ok", sizeof("ok") - 1, schedule, - &auth.session, &thisaddr, &thataddr); - - if (*tktfile == 0) - snprintf(tktfile, sizeof(tktfile), "%s%u", TKT_ROOT, (unsigned)getuid()); - krb_set_tkt_string (tktfile); - - { - struct remote_args arg; - - arg.sock = sock; - arg.schedule = &schedule; - arg.session = &auth.session; - arg.me = &thisaddr; - arg.her = &thataddr; - - status = krb_get_in_tkt (princ.name, princ.instance, princ.realm, - KRB_TICKET_GRANTING_TICKET, - princ.realm, - lifetime, NULL, decrypt_remote_tkt, &arg); - } - if (status == KSUCCESS) { - syslog (LOG_INFO, "from %s(%s): %s -> %s", - remotehost, - inet_ntoa(thataddr.sin_addr), - locuser, - krb_unparse_name (&princ)); - write_encrypted (sock, "ok", sizeof("ok") - 1, schedule, - &auth.session, &thisaddr, &thataddr); - return 0; - } else { - snprintf (buf, sizeof(buf), "TGT failed: %s", krb_get_err_text(status)); - syslog (LOG_NOTICE, "%s", buf); - write_encrypted (sock, buf, strlen(buf), schedule, - &auth.session, &thisaddr, &thataddr); - return 1; - } -} - -int -main (int argc, char **argv) -{ - openlog ("kauthd", LOG_ODELAY, LOG_AUTH); - - if(argc > 1 && strcmp(argv[1], "-i") == 0) - mini_inetd (k_getportbyname("kauth", "tcp", htons(KAUTH_PORT))); - return doit(STDIN_FILENO); -} diff --git a/crypto/kerberosIV/appl/kauth/ksrvtgt.in b/crypto/kerberosIV/appl/kauth/ksrvtgt.in deleted file mode 100644 index 7a520fd4f645..000000000000 --- a/crypto/kerberosIV/appl/kauth/ksrvtgt.in +++ /dev/null @@ -1,15 +0,0 @@ -#! /bin/sh -# $Id: ksrvtgt.in,v 1.3 1997/09/13 03:39:03 joda Exp $ -# $FreeBSD$ - -usage="Usage: `basename $0` name instance [[realm] srvtab]" - -if [ $# -lt 2 -o $# -gt 4 ]; then - echo "$usage" - exit 1 -fi - -srvtab="${4-${3-/etc/kerberosIV/srvtab}}" -realm="${4+@$3}" - -%bindir%/kauth -n "$1.$2$realm" -l 5 -f "$srvtab" diff --git a/crypto/kerberosIV/appl/kauth/marshall.c b/crypto/kerberosIV/appl/kauth/marshall.c deleted file mode 100644 index e37b8c969c81..000000000000 --- a/crypto/kerberosIV/appl/kauth/marshall.c +++ /dev/null @@ -1,126 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kauth.h" - -RCSID("$Id: marshall.c,v 1.10 1999/12/02 16:58:31 joda Exp $"); - -int -pack_args (char *buf, - size_t sz, - krb_principal *pr, - int lifetime, - const char *locuser, - const char *tktfile) -{ - char *p = buf; - int len; - - p = buf; - - len = strlen(pr->name); - if (len >= sz) - return -1; - memcpy (p, pr->name, len + 1); - p += len + 1; - sz -= len + 1; - - len = strlen(pr->instance); - if (len >= sz) - return -1; - memcpy (p, pr->instance, len + 1); - p += len + 1; - sz -= len + 1; - - len = strlen(pr->realm); - if (len >= sz) - return -1; - memcpy(p, pr->realm, len + 1); - p += len + 1; - sz -= len + 1; - - if (sz < 1) - return -1; - *p++ = (unsigned char)lifetime; - - len = strlen(locuser); - if (len >= sz) - return -1; - memcpy (p, locuser, len + 1); - p += len + 1; - sz -= len + 1; - - len = strlen(tktfile); - if (len >= sz) - return -1; - memcpy (p, tktfile, len + 1); - p += len + 1; - sz -= len + 1; - - return p - buf; -} - -int -unpack_args (const char *buf, krb_principal *pr, int *lifetime, - char *locuser, char *tktfile) -{ - int len; - - len = strlen(buf); - if (len >= SNAME_SZ) - return -1; - strlcpy (pr->name, buf, ANAME_SZ); - buf += len + 1; - len = strlen (buf); - if (len >= INST_SZ) - return -1; - strlcpy (pr->instance, buf, INST_SZ); - buf += len + 1; - len = strlen (buf); - if (len >= REALM_SZ) - return -1; - strlcpy (pr->realm, buf, REALM_SZ); - buf += len + 1; - *lifetime = (unsigned char)*buf++; - len = strlen(buf); - if (len >= SNAME_SZ) - return -1; - strlcpy (locuser, buf, SNAME_SZ); - buf += len + 1; - len = strlen(buf); - if (len >= MaxPathLen) - return -1; - strlcpy (tktfile, buf, MaxPathLen); - buf += len + 1; - return 0; -} diff --git a/crypto/kerberosIV/appl/kauth/rkinit.c b/crypto/kerberosIV/appl/kauth/rkinit.c deleted file mode 100644 index cac62c93444a..000000000000 --- a/crypto/kerberosIV/appl/kauth/rkinit.c +++ /dev/null @@ -1,226 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kauth.h" - -RCSID("$Id: rkinit.c,v 1.22.2.1 1999/12/06 17:27:56 assar Exp $"); - -static struct in_addr * -getalladdrs (char *hostname, unsigned *count) -{ - struct hostent *hostent; - struct in_addr **h; - struct in_addr *addr; - unsigned naddr; - unsigned maxaddr; - - hostent = gethostbyname (hostname); - if (hostent == NULL) { - warnx ("gethostbyname '%s' failed: %s\n", - hostname, - hstrerror(h_errno)); - return NULL; - } - maxaddr = 1; - naddr = 0; - addr = malloc(sizeof(*addr) * maxaddr); - if (addr == NULL) { - warnx ("out of memory"); - return NULL; - } - for (h = (struct in_addr **)(hostent->h_addr_list); - *h != NULL; - h++) { - if (naddr >= maxaddr) { - maxaddr *= 2; - addr = realloc (addr, sizeof(*addr) * maxaddr); - if (addr == NULL) { - warnx ("out of memory"); - return NULL; - } - } - addr[naddr++] = **h; - } - addr = realloc (addr, sizeof(*addr) * naddr); - if (addr == NULL) { - warnx ("out of memory"); - return NULL; - } - *count = naddr; - return addr; -} - -static int -doit_host (krb_principal *princ, int lifetime, char *locuser, - char *tktfile, des_cblock *key, int s, char *hostname) -{ - char buf[BUFSIZ]; - int inlen; - KTEXT_ST text; - CREDENTIALS cred; - MSG_DAT msg; - int status; - des_key_schedule schedule; - struct sockaddr_in thisaddr, thataddr; - int addrlen; - void *ret; - - addrlen = sizeof(thisaddr); - if (getsockname (s, (struct sockaddr *)&thisaddr, &addrlen) < 0 || - addrlen != sizeof(thisaddr)) { - warn ("getsockname(%s)", hostname); - return 1; - } - addrlen = sizeof(thataddr); - if (getpeername (s, (struct sockaddr *)&thataddr, &addrlen) < 0 || - addrlen != sizeof(thataddr)) { - warn ("getpeername(%s)", hostname); - return 1; - } - - if (krb_get_config_bool("nat_in_use")) { - struct in_addr natAddr; - - if (krb_get_our_ip_for_realm(krb_realmofhost(hostname), - &natAddr) == KSUCCESS - || krb_get_our_ip_for_realm (NULL, &natAddr) == KSUCCESS) - thisaddr.sin_addr = natAddr; - } - - status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd", - hostname, krb_realmofhost (hostname), - getpid(), &msg, &cred, schedule, - &thisaddr, &thataddr, KAUTH_VERSION); - if (status != KSUCCESS) { - warnx ("%s: %s\n", hostname, krb_get_err_text(status)); - return 1; - } - inlen = pack_args (buf, sizeof(buf), - princ, lifetime, locuser, tktfile); - if (inlen < 0) { - warn ("cannot marshall arguments to %s", hostname); - return 1; - } - - if (write_encrypted(s, buf, inlen, schedule, &cred.session, - &thisaddr, &thataddr) < 0) { - warn ("write to %s", hostname); - return 1; - } - - inlen = read_encrypted (s, buf, sizeof(buf), &ret, schedule, - &cred.session, &thataddr, &thisaddr); - if (inlen < 0) { - warn ("read from %s failed", hostname); - return 1; - } - - if (strncmp(ret, "ok", inlen) != 0) { - warnx ("error from %s: %.*s\n", - hostname, inlen, (char *)ret); - return 1; - } - - inlen = read_encrypted (s, buf, sizeof(buf), &ret, schedule, - &cred.session, &thataddr, &thisaddr); - if (inlen < 0) { - warn ("read from %s", hostname); - return 1; - } - - { - des_key_schedule key_s; - - des_key_sched(key, key_s); - des_pcbc_encrypt(ret, ret, inlen, key_s, key, DES_DECRYPT); - memset(key_s, 0, sizeof(key_s)); - } - write_encrypted (s, ret, inlen, schedule, &cred.session, - &thisaddr, &thataddr); - - inlen = read_encrypted (s, buf, sizeof(buf), &ret, schedule, - &cred.session, &thataddr, &thisaddr); - if (inlen < 0) { - warn ("read from %s", hostname); - return 1; - } - - if (strncmp(ret, "ok", inlen) != 0) { - warnx ("error from %s: %.*s\n", - hostname, inlen, (char *)ret); - return 1; - } - return 0; -} - -int -rkinit (krb_principal *princ, int lifetime, char *locuser, - char *tktfile, des_cblock *key, char *hostname) -{ - struct in_addr *addr; - unsigned naddr; - unsigned i; - int port; - int success; - - addr = getalladdrs (hostname, &naddr); - if (addr == NULL) - return 1; - port = k_getportbyname ("kauth", "tcp", htons(KAUTH_PORT)); - success = 0; - for (i = 0; !success && i < naddr; ++i) { - struct sockaddr_in a; - int s; - - memset(&a, 0, sizeof(a)); - a.sin_family = AF_INET; - a.sin_port = port; - a.sin_addr = addr[i]; - - s = socket (AF_INET, SOCK_STREAM, 0); - if (s < 0) { - warn("socket"); - return 1; - } - if (connect(s, (struct sockaddr *)&a, sizeof(a)) < 0) { - warn("connect(%s)", hostname); - continue; - } - - success = success || !doit_host (princ, lifetime, - locuser, tktfile, key, - s, hostname); - close (s); - } - return !success; -} diff --git a/crypto/kerberosIV/appl/kauth/zrefresh b/crypto/kerberosIV/appl/kauth/zrefresh deleted file mode 100644 index 8347a1b33c0c..000000000000 --- a/crypto/kerberosIV/appl/kauth/zrefresh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh -# -# @(#) $Id: zrefresh,v 1.3 1996/06/09 19:21:59 joda Exp $ -# -# Substitute this script with a real zrefresh if running Zephyr. For -# instance: -# -# if [ -f "$WGFILE" ] ; then -# zctl load -# fi - -exit 0 diff --git a/crypto/kerberosIV/appl/kip/Makefile.in b/crypto/kerberosIV/appl/kip/Makefile.in deleted file mode 100644 index 16ed049d2508..000000000000 --- a/crypto/kerberosIV/appl/kip/Makefile.in +++ /dev/null @@ -1,110 +0,0 @@ -# $Id: Makefile.in,v 1.18.4.1 2000/06/23 02:54:59 assar Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -DEFS = @DEFS@ -DLIBEXECDIR="\"$(libexecdir)\"" -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -INSTALL_SCRIPT = @INSTALL_SCRIPT@ -LIBS = @LIBS@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libexecdir = @libexecdir@ -libdir = @libdir@ -bindir = @bindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROG_BIN = kip$(EXECSUFFIX) -PROG_LIBEXEC = kipd$(EXECSUFFIX) -SCRIPT_LIBEXEC = kip-join-network kipd-control -PROGS = $(PROG_BIN) $(PROG_LIBEXEC) $(SCRIPT_LIBEXEC) - -SOURCES_KIP = kip.c -SOURCES_KIPD = kipd.c -SOURCES_COMMON = common.c - -OBJECTS_KIP = kip.o common.o -OBJECTS_KIPD = kipd.o common.o - -OBJECTS = $(OBJECTS_KIP) $(OBJECTS_KIPD) -SOURCES = $(SOURCES_KIP) $(SOURCES_KIPD) $(SOURCES_COMMON) - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) $(DESTDIR)$(libexecdir) - for x in $(PROG_BIN); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - for x in $(PROG_LIBEXEC); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - for x in $(SCRIPT_LIBEXEC); do \ - $(INSTALL_SCRIPT) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROG_BIN); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - for x in $(PROG_LIBEXEC); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - for x in $(SCRIPT_LIBEXEC); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes -LIBROKEN=-L../../lib/roken -lroken - -kip$(EXECSUFFIX): $(OBJECTS_KIP) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KIP) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -kipd$(EXECSUFFIX): $(OBJECTS_KIPD) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS_KIPD) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -$(OBJECTS): ../../include/config.h - -kip-join-network: kip-join-network.in - sed -e "s!%bindir%!$(bindir)!" $(srcdir)/kip-join-network.in > $@ - chmod +x $@ - -kipd-control: kipd-control.in - sed -e "s!%bindir%!$(bindir)!" $(srcdir)/kipd-control.in > $@ - chmod +x $@ - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/appl/kip/common.c b/crypto/kerberosIV/appl/kip/common.c deleted file mode 100644 index 4feb9c8eea46..000000000000 --- a/crypto/kerberosIV/appl/kip/common.c +++ /dev/null @@ -1,302 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kip.h" - -RCSID("$Id: common.c,v 1.13.2.4 2000/10/18 23:31:51 assar Exp $"); - -sig_atomic_t disconnect = 0; -int isserver = 0; - -/* - * Copy packets from `tundev' to `netdev' or vice versa. - * Mode is used when reading from `tundev' - */ - -int -copy_packets (int tundev, int netdev, int mtu, des_cblock *iv, - des_key_schedule schedule) -{ - des_cblock iv1, iv2; - int num1 = 0, num2 = 0; - u_char *buf; - - buf = malloc (mtu + 2); - if (buf == NULL) { - warnx("malloc(%d) failed", mtu); - return 1; - } - - memcpy (&iv1, iv, sizeof(iv1)); - memcpy (&iv2, iv, sizeof(iv2)); - while(!disconnect) { - fd_set fdset; - int ret, len; - - if (tundev >= FD_SETSIZE || netdev >= FD_SETSIZE) { - warnx ("fd too large"); - return 1; - } - - FD_ZERO(&fdset); - FD_SET(tundev, &fdset); - FD_SET(netdev, &fdset); - - ret = select (max(tundev, netdev)+1, &fdset, NULL, NULL, NULL); - if (ret < 0) { - if (errno == EINTR) - continue; - warn ("select"); - return 1; - } - if (FD_ISSET(tundev, &fdset)) { - ret = read (tundev, buf + 2, mtu); - if (ret == 0) - return 0; - if (ret < 0) { - if (errno == EINTR) - continue; - else { - warn("read"); - return ret; - } - } - buf[0] = ret >> 8; - buf[1] = ret & 0xFF; - ret += 2; - des_cfb64_encrypt (buf, buf, ret, schedule, - &iv1, &num1, DES_ENCRYPT); - ret = krb_net_write (netdev, buf, ret); - if (ret < 0) { - warn("write"); - return ret; - } - } - if (FD_ISSET(netdev, &fdset)) { - ret = read (netdev, buf, 2); - if (ret == 0) - return 0; - if (ret < 0) { - if (errno == EINTR) - continue; - else { - warn("read"); - return ret; - } - } - des_cfb64_encrypt (buf, buf, 2, schedule, - &iv2, &num2, DES_DECRYPT); - len = (buf[0] << 8 ) | buf[1]; - if (len > mtu) { - fatal (-1, "buffer too large", schedule, &iv2); - return -1; - } - - if (len == 0) { - len = read (netdev, buf, mtu); - if (len < 1) - len = 1; - buf[len-1] = '\0'; - - fatal (-1, buf, schedule, &iv2); - return -1; - } - - ret = krb_net_read (netdev, buf + 2, len); - if (ret == 0) - return 0; - if (ret < 0) { - if (errno == EINTR) - continue; - else { - warn("read"); - return ret; - } - } - des_cfb64_encrypt (buf + 2, buf + 2, len, schedule, - &iv2, &num2, DES_DECRYPT); - ret = krb_net_write (tundev, buf + 2, len); - if (ret < 0) { - warn("write"); - return ret; - } - } - } - return 0; -} - -/* - * Signal handler that justs waits for the children when they die. - */ - -RETSIGTYPE -childhandler (int sig) -{ - pid_t pid; - int status; - - do { - pid = waitpid (-1, &status, WNOHANG|WUNTRACED); - } while(pid > 0); - signal (SIGCHLD, childhandler); - SIGRETURN(0); -} - -/* - * Find a free tunnel device and open it. - * Return the interface name in `name, len'. - */ - -int -tunnel_open (char *name, size_t len) -{ - int fd; - int i; - char devname[256]; - - for (i = 0; i < 256; ++i) { - snprintf (devname, len, "%s%s%d", _PATH_DEV, TUNDEV, i); - fd = open (devname, O_RDWR, 0); - if (fd >= 0) - break; - if (errno == ENOENT || errno == ENODEV) { - warn("open %s", name); - return fd; - } - } - if (fd < 0) - warn("open %s" ,name); - else - snprintf (name, len, "%s%d", TUNDEV, i); - return fd; -} - -/* - * run the command `cmd' with (...). return 0 if succesful or error - * otherwise (and copy an error messages into `msg, len') - */ - -int -kip_exec (const char *cmd, char *msg, size_t len, ...) -{ - pid_t pid; - char **argv; - va_list ap; - - va_start(ap, len); - argv = vstrcollect(&ap); - va_end(ap); - - pid = fork(); - switch (pid) { - case -1: - snprintf (msg, len, "fork: %s", strerror(errno)); - return errno; - case 0: { - int fd = open (_PATH_DEVNULL, O_RDWR, 0600); - if (fd < 0) { - snprintf (msg, len, "open " _PATH_DEVNULL ": %s", strerror(errno)); - return errno; - } - - close (STDIN_FILENO); - close (STDOUT_FILENO); - close (STDERR_FILENO); - - dup2 (fd, STDIN_FILENO); - dup2 (fd, STDOUT_FILENO); - dup2 (fd, STDERR_FILENO); - - execvp (cmd, argv); - snprintf (msg, len, "execvp %s: %s", cmd, strerror(errno)); - return errno; - } - default: { - int status; - - while (waitpid(pid, &status, 0) < 0) - if (errno != EINTR) { - snprintf (msg, len, "waitpid: %s", strerror(errno)); - return errno; - } - - if (WIFEXITED(status)) { - if (WEXITSTATUS(status) == 0) { - return 0; - } else { - snprintf (msg, len, "child returned with %d", - WEXITSTATUS(status)); - return 1; - } - } else if (WIFSIGNALED(status)) { -#ifndef WCOREDUMP -#define WCOREDUMP(X) 0 -#endif - snprintf (msg, len, "terminated by signal num %d %s", - WTERMSIG(status), - WCOREDUMP(status) ? " coredumped" : ""); - return 1; - } else if (WIFSTOPPED(status)) { - snprintf (msg, len, "process stoped by signal %d", - WSTOPSIG(status)); - return 1; - } else { - snprintf (msg, len, "child died in mysterious circumstances"); - return 1; - } - } - } -} - -/* - * fatal error `s' occured. - */ - -void -fatal (int fd, const char *s, des_key_schedule schedule, des_cblock *iv) -{ - int16_t err = 0; - int num = 0; - - if (fd != -1) { - des_cfb64_encrypt ((unsigned char*) &err, (unsigned char*) &err, - sizeof(err), schedule, iv, &num, DES_ENCRYPT); - - write (fd, &err, sizeof(err)); - write (fd, s, strlen(s)+1); - } - if (isserver) - syslog(LOG_ERR, "%s", s); - else - warnx ("fatal error: %s", s); -} diff --git a/crypto/kerberosIV/appl/kip/kip-join-network.in b/crypto/kerberosIV/appl/kip/kip-join-network.in deleted file mode 100644 index c105fe6ba62a..000000000000 --- a/crypto/kerberosIV/appl/kip/kip-join-network.in +++ /dev/null @@ -1,53 +0,0 @@ -#!/bin/sh -# $Id$ -# -# Join a network, see kipd-control from more comments. -# - -PATH=/usr/sbin:/sbin:/usr/bin:/bin:%bindir% - -endpointhost=130.237.43.201 -thispointhost=130.237.43.17 -fakepoint=10.0.0.1 -dev=tun0 - -case $# in - 0) - modprobe tun - def=$(route -n | awk '$1 ~ /0.0.0.0/ && $3 ~ /0.0.0.0/ { print $2 }') - - if test "X$def" = "X" ; then - echo "missing default route" - exit 1 - fi - - exec kip -c $0 -a $def $endpointhost - ;; - *) - state=$1 - dev=$2 - host=$3 - arg=$4 - case $state in - up) - ifconfig $dev $thispointhost pointopoint $fakepoint - route delete default - - route add -host $endpointhost gw $arg - route add default gw $fakepoint - ;; - down) - - echo $dev $arg > /tmp/kip-down - - ifconfig $dev down - - route delete default - route delete $endpointhost - route add default gw $arg - ;; - *) - exit 17 - ;; - esac -esac diff --git a/crypto/kerberosIV/appl/kip/kip.c b/crypto/kerberosIV/appl/kip/kip.c deleted file mode 100644 index 55b6032031b7..000000000000 --- a/crypto/kerberosIV/appl/kip/kip.c +++ /dev/null @@ -1,261 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kip.h" - -RCSID("$Id: kip.c,v 1.18.2.1 2000/06/23 02:55:01 assar Exp $"); - -static char *cmd_str = NULL; -static char *arg_str = NULL; -static char *port_str = NULL; -static int version_flag = 0; -static int help_flag = 0; - -struct getargs args[] = { - { "port", 'p', arg_string, &port_str, "Use this port", - "port" }, - { "cmd", 'c', arg_string, &cmd_str, - "command to run when starting", "cmd"}, - { "arg", 'a', arg_string, &arg_str, - "argument to above command", "arg"}, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - - -static RETSIGTYPE -disconnecthandler (int sig) -{ - disconnect = 1; - SIGRETURN(0); -} - -/* - * Establish authenticated connection - */ - -static int -connect_host (char *host, int port, - des_cblock *key, des_key_schedule schedule) -{ - CREDENTIALS cred; - KTEXT_ST text; - MSG_DAT msg; - int status; - struct sockaddr_in thisaddr, thataddr; - int addrlen; - struct hostent *hostent; - int s; - u_char b; - char **p; - - hostent = gethostbyname (host); - if (hostent == NULL) { - warnx ("gethostbyname '%s': %s", host, - hstrerror(h_errno)); - return -1; - } - - memset (&thataddr, 0, sizeof(thataddr)); - thataddr.sin_family = AF_INET; - thataddr.sin_port = port; - - for(p = hostent->h_addr_list; *p; ++p) { - memcpy (&thataddr.sin_addr, *p, sizeof(thataddr.sin_addr)); - - s = socket (AF_INET, SOCK_STREAM, 0); - if (s < 0) { - warn ("socket"); - return -1; - } - -#if defined(TCP_NODELAY) && defined(HAVE_SETSOCKOPT) - { - int one = 1; - - setsockopt (s, IPPROTO_TCP, TCP_NODELAY, - (void *)&one, sizeof(one)); - } -#endif - - if (connect (s, (struct sockaddr *)&thataddr, sizeof(thataddr)) < 0) { - warn ("connect(%s)", host); - close (s); - continue; - } else { - break; - } - } - if (*p == NULL) - return -1; - - addrlen = sizeof(thisaddr); - if (getsockname (s, (struct sockaddr *)&thisaddr, &addrlen) < 0 || - addrlen != sizeof(thisaddr)) { - warn ("getsockname(%s)", host); - return -1; - } - status = krb_sendauth (KOPT_DO_MUTUAL, s, &text, "rcmd", - host, krb_realmofhost (host), - getpid(), &msg, &cred, schedule, - &thisaddr, &thataddr, KIP_VERSION); - if (status != KSUCCESS) { - warnx("%s: %s", host, - krb_get_err_text(status)); - return -1; - } - if (read (s, &b, sizeof(b)) != sizeof(b)) { - warn ("read"); - return -1; - } - if (b) { - char buf[BUFSIZ]; - - read (s, buf, sizeof(buf)); - buf[BUFSIZ - 1] = '\0'; - - warnx ("%s: %s", host, buf); - return -1; - } - - memcpy(key, &cred.session, sizeof(des_cblock)); - return s; -} - -/* - * Connect to the given host. - */ - -static int -doit (char *host, int port) -{ - char tun_if_name[64]; - des_key_schedule schedule; - des_cblock iv; - int other, this, ret; - - other = connect_host (host, port, &iv, schedule); - if (other < 0) - return 1; - this = tunnel_open (tun_if_name, sizeof(tun_if_name)); - if (this < 0) - return 1; - - if (cmd_str) { - char buf[1024]; - ret = kip_exec (cmd_str, buf, sizeof(buf), - "kip-control", "up", tun_if_name, host, arg_str, - NULL); - if (ret) - errx (1, "%s (up) failed: %s", cmd_str, buf); - } - - ret = copy_packets (this, other, TUNMTU, &iv, schedule); - - if (cmd_str) { - char buf[1024]; - ret = kip_exec (cmd_str, buf, sizeof(buf), - "kip-control", "down", tun_if_name, host, arg_str, - NULL); - if (ret) - errx (1, "%s (down) failed: %s", cmd_str, buf); - } - return 0; -} - -static void -usage(int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - "hostname"); - exit (ret); -} - -/* - * kip - forward IP packets over a kerberos-encrypted channel. - * - */ - -int -main(int argc, char **argv) -{ - int port; - int optind = 0; - char *hostname; - - set_progname (argv[0]); - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optind)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version (NULL); - return 0; - } - - argv += optind; - argc -= optind; - - if (argc != 1) - usage (1); - - hostname = argv[0]; - - if(port_str) { - struct servent *s = roken_getservbyname (port_str, "tcp"); - - if (s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "bad port `%s'", port_str); - port = htons(port); - } - } else { - port = k_getportbyname ("kip", "tcp", htons(KIPPORT)); - } - - signal (SIGCHLD, childhandler); - signal (SIGHUP, disconnecthandler); - signal (SIGTERM, disconnecthandler); - - return doit (hostname, port); -} diff --git a/crypto/kerberosIV/appl/kip/kip.h b/crypto/kerberosIV/appl/kip/kip.h deleted file mode 100644 index 7bfc5f15ab2f..000000000000 --- a/crypto/kerberosIV/appl/kip/kip.h +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kip.h,v 1.18.2.1 2000/06/23 02:55:01 assar Exp $ */ - -#ifdef HAVE_CONFIG_H -#include "config.h" -#endif /* HAVE_CONFIG_H */ - -#include -#include -#include -#include -#include -#include -#include -#include -#ifdef HAVE_SYSLOG_H -#include -#endif -#include -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#include -#include -#include -#include -#ifdef HAVE_NETINET_TCP_H -#include -#endif -#include -#ifdef HAVE_SYS_SOCKIO_H -#include -#endif -#include -#ifdef HAVE_NET_IF_VAR_H -#include -#endif -#ifdef HAVE_NET_IF_TUN_H -#include -#endif -#include - -#include - -#ifdef SOCKS -#include -#endif - -#include - -#include - -#define TUNDEV "tun" - -#ifndef TUNMTU -#define TUNMTU 1500 /* everything is ethernet :) */ -#endif - -#define KIPPORT 2112 - -#define KIP_VERSION "KIPSRV.0" - -int -copy_packets (int tundev, int netdev, int mtu, des_cblock *iv, - des_key_schedule schedule); - -RETSIGTYPE childhandler (int); - -extern sig_atomic_t disconnect; -extern int isserver; - -int -tunnel_open (char *, size_t); - -void -fatal (int fd, const char *s, des_key_schedule schedule, des_cblock *iv); - -int -kip_exec (const char *cmd, char *msg, size_t len, ...); diff --git a/crypto/kerberosIV/appl/kip/kipd-control.in b/crypto/kerberosIV/appl/kip/kipd-control.in deleted file mode 100644 index 8fb0e9bb0b83..000000000000 --- a/crypto/kerberosIV/appl/kip/kipd-control.in +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/sh -# -# $Id$ -# -# Simple example how you can missuse kip to provide "mobile-ip". -# This is since there is no way to tunnel ip over udp or any other -# protocol. There is also problems to get thru firewalls and NATs -# with mobile-ip since (today) they usully doesn't support IPIP or -# GRE. -# -# All commands are for linux (redhat6.1) but it should be quite -# simple to fix it to support other OS. -# - -PATH=/sbin:/usr/sbin:/usr/bin:/bin - -# arguments are: [up|down] dev remote-peer-addr user - -state=$1 -dev=$2 -remote=$3 -user=$4 - -outdevice=eth0 - -case "$state" in - up) - case "$user" in - lha.root@E.KTH.SE) - ifconfig $dev 10.0.0.1 pointopoint 130.237.43.17 - route add -host 130.237.43.17 gw 10.0.0.1 - arp -H ether -i $outdevice \ - -s 130.237.43.17 00:80:c8:82:83:61 pub - ;; - esac - ;; - down) - case "$user" in - lha.root@E.KTH.SE) - ifconfig $dev 0.0.0.0 - ifconfig $dev down - arp -i $outdevice -d 130.237.43.17 - arp -d 130.237.43.17 - true - ;; - *) - ifconfig $dev down - ;; - esac - ;; - *) - exit 17 - ;; -esac diff --git a/crypto/kerberosIV/appl/kip/kipd.c b/crypto/kerberosIV/appl/kip/kipd.c deleted file mode 100644 index 0bbf06b4849b..000000000000 --- a/crypto/kerberosIV/appl/kip/kipd.c +++ /dev/null @@ -1,204 +0,0 @@ -/* $FreeBSD$ */ - -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kip.h" - -RCSID("$Id: kipd.c,v 1.16.2.3 2000/10/18 20:46:45 assar Exp $"); - -static int -recv_conn (int sock, des_cblock *key, des_key_schedule schedule, - struct sockaddr_in *retaddr, char *user, size_t len) -{ - int status; - KTEXT_ST ticket; - AUTH_DAT auth; - char instance[INST_SZ]; - struct sockaddr_in thisaddr, thataddr; - int addrlen; - char version[KRB_SENDAUTH_VLEN + 1]; - u_char ok = 0; - struct passwd *passwd; - - addrlen = sizeof(thisaddr); - if (getsockname (sock, (struct sockaddr *)&thisaddr, &addrlen) < 0 || - addrlen != sizeof(thisaddr)) { - return 1; - } - addrlen = sizeof(thataddr); - if (getpeername (sock, (struct sockaddr *)&thataddr, &addrlen) < 0 || - addrlen != sizeof(thataddr)) { - return 1; - } - - k_getsockinst (sock, instance, sizeof(instance)); - status = krb_recvauth (KOPT_DO_MUTUAL, sock, &ticket, "rcmd", instance, - &thataddr, &thisaddr, &auth, "", schedule, - version); - if (status != KSUCCESS || - strncmp(version, KIP_VERSION, KRB_SENDAUTH_VLEN) != 0) { - return 1; - } - passwd = k_getpwnam ("root"); - if (passwd == NULL) { - fatal (sock, "Cannot find root", schedule, &auth.session); - return 1; - } - if (kuserok(&auth, "root") != 0) { - fatal (sock, "Permission denied", schedule, &auth.session); - return 1; - } - if (write (sock, &ok, sizeof(ok)) != sizeof(ok)) - return 1; - - snprintf (user, len, "%s%s%s@%s", auth.pname, - auth.pinst[0] != '\0' ? "." : "", - auth.pinst, auth.prealm); - - memcpy(key, &auth.session, sizeof(des_cblock)); - *retaddr = thataddr; - return 0; -} - -static int -doit(int sock) -{ - char msg[1024]; - char cmd[MAXPATHLEN]; - char tun_if_name[64]; - char user[MAX_K_NAME_SZ]; - struct sockaddr_in thataddr; - des_key_schedule schedule; - des_cblock key; - int this, ret, ret2; - - isserver = 1; - - if (recv_conn (sock, &key, schedule, &thataddr, user, sizeof(user))) - return 1; - this = tunnel_open (tun_if_name, sizeof(tun_if_name)); - if (this < 0) - fatal (sock, "Cannot open " _PATH_DEV TUNDEV, schedule, &key); - - strlcpy(cmd, LIBEXECDIR "/kipd-control", sizeof(cmd)); - - ret = kip_exec (cmd, msg, sizeof(msg), "kipd-control", - "up", tun_if_name, inet_ntoa(thataddr.sin_addr), user, - NULL); - if (ret) { - fatal (sock, msg, schedule, &key); - return -1; - } - - ret = copy_packets (this, sock, TUNMTU, &key, schedule); - - ret2 = kip_exec (cmd, msg, sizeof(msg), "kipd-control", - "down", tun_if_name, user, NULL); - if (ret2) - syslog(LOG_ERR, "%s", msg); - return ret; -} - -static char *port_str = NULL; -static int inetd_flag = 1; -static int version_flag = 0; -static int help_flag = 0; - -struct getargs args[] = { - { "inetd", 'i', arg_negative_flag, &inetd_flag, - "Not started from inetd" }, - { "port", 'p', arg_string, &port_str, "Use this port", - "port" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; - -static void -usage(int ret) -{ - arg_printusage (args, - sizeof(args) / sizeof(args[0]), - NULL, - ""); - exit (ret); -} - -/* - * kipd - receive forwarded IP - */ - -int -main (int argc, char **argv) -{ - int port; - int optind = 0; - - set_progname (argv[0]); - roken_openlog(__progname, LOG_PID|LOG_CONS, LOG_DAEMON); - - if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, - &optind)) - usage (1); - - if (help_flag) - usage (0); - - if (version_flag) { - print_version (NULL); - return 0; - } - - if(port_str) { - struct servent *s = roken_getservbyname (port_str, "tcp"); - - if (s) - port = s->s_port; - else { - char *ptr; - - port = strtol (port_str, &ptr, 10); - if (port == 0 && ptr == port_str) - errx (1, "bad port `%s'", port_str); - port = htons(port); - } - } else { - port = k_getportbyname ("kip", "tcp", htons(KIPPORT)); - } - - if (!inetd_flag) - mini_inetd (port); - - signal (SIGCHLD, childhandler); - return doit(STDIN_FILENO); -} diff --git a/crypto/kerberosIV/appl/sample/Makefile.in b/crypto/kerberosIV/appl/sample/Makefile.in deleted file mode 100644 index d88023a2d287..000000000000 --- a/crypto/kerberosIV/appl/sample/Makefile.in +++ /dev/null @@ -1,83 +0,0 @@ -# $Id: Makefile.in,v 1.18 1999/03/10 19:01:13 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -top_builddir = ../.. - -CC = @CC@ -LINK = @LINK@ -AR = ar -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -INSTALL = @INSTALL@ -LIBS = @LIBS@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -bindir = @bindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROG_BIN = sample_client$(EXECSUFFIX) \ - simple_client$(EXECSUFFIX) -PROG_LIBEXEC = sample_server$(EXECSUFFIX) \ - simple_server$(EXECSUFFIX) -PROGS = $(PROG_BIN) $(PROG_LIBEXEC) - -OBJECTS = sample_client.o sample_server.o simple_client.o simple_server.o -SOURCES = sample_client.c sample_server.c simple_client.c simple_server.c - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - -uninstall: - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes -LIBROKEN=-L../../lib/roken -lroken - -sample_client$(EXECSUFFIX): sample_client.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ sample_client.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -simple_client$(EXECSUFFIX): simple_client.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ simple_client.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -sample_server$(EXECSUFFIX): sample_server.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ sample_server.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -simple_server$(EXECSUFFIX): simple_server.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ simple_server.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -$(OBJECTS): ../../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/appl/sample/sample.h b/crypto/kerberosIV/appl/sample/sample.h deleted file mode 100644 index d79d57441a7c..000000000000 --- a/crypto/kerberosIV/appl/sample/sample.h +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: sample.h,v 1.11 1999/12/02 16:58:33 joda Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif /* HAVE_CONFIG_H */ - -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#include -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#include -#include - -#include - -#define SAMPLE_PORT 6354 - -#define SAMPLE_SERVICE "sample" -#define SAMPLE_VERSION "VERSION9" diff --git a/crypto/kerberosIV/appl/sample/sample_client.c b/crypto/kerberosIV/appl/sample/sample_client.c deleted file mode 100644 index d0ec1c566749..000000000000 --- a/crypto/kerberosIV/appl/sample/sample_client.c +++ /dev/null @@ -1,168 +0,0 @@ -/* - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, - * please see the file . - * - * sample_client: - * A sample Kerberos client, which connects to a server on a remote host, - * at port "sample" (be sure to define it in /etc/services) - * and authenticates itself to the server. The server then writes back - * (in ASCII) the authenticated name. - * - * Usage: - * sample_client - * - * is the name of the foreign host to contact. - * - * is an integer checksum to be used for the call to krb_mk_req() - * and mutual authentication - * - */ - -#include "sample.h" - -RCSID("$Id: sample_client.c,v 1.21 1999/11/13 06:27:01 assar Exp $"); - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-s service] [-p port] hostname checksum\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - struct hostent *hp; - struct sockaddr_in sin, lsin; - char *remote_host; - int status; - int namelen; - int sock = -1; - KTEXT_ST ticket; - char buf[512]; - long authopts; - MSG_DAT msg_data; - CREDENTIALS cred; - des_key_schedule sched; - u_int32_t cksum; - int c; - char service[SNAME_SZ]; - u_int16_t port; - struct servent *serv; - char **h_addr_list; - - set_progname (argv[0]); - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - port = 0; - - while ((c = getopt(argc, argv, "s:p:")) != -1) - switch(c) { - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 'p' : - serv = getservbyname (optarg, "tcp"); - if (serv) - port = serv->s_port; - else - port = htons(atoi(optarg)); - break; - case '?' : - default : - usage(); - } - - argc -= optind; - argv += optind; - - if (argc != 2) - usage (); - - /* convert cksum to internal rep */ - cksum = atoi(argv[1]); - - printf("Setting checksum to %ld\n", (long)cksum); - - /* clear out the structure first */ - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - if (port) - sin.sin_port = port; - else - sin.sin_port = k_getportbyname (service, "tcp", htons(SAMPLE_PORT)); - - /* look up the server host */ - hp = gethostbyname(argv[0]); - if (hp == NULL) - errx (1, "gethostbyname(%s): %s", argv[0], - hstrerror(h_errno)); - - /* copy the hostname into non-volatile storage */ - remote_host = strdup(hp->h_name); - if (remote_host == NULL) - errx (1, "strdup: out of memory"); - - /* set up the address of the foreign socket for connect() */ - sin.sin_family = hp->h_addrtype; - - for (h_addr_list = hp->h_addr_list; - *h_addr_list; - ++h_addr_list) { - memcpy(&sin.sin_addr, *h_addr_list, sizeof(sin.sin_addr)); - fprintf (stderr, "Trying %s...\n", inet_ntoa(sin.sin_addr)); - - /* open a TCP socket */ - sock = socket(PF_INET, SOCK_STREAM, 0); - if (sock < 0) - err (1, "socket"); - - /* connect to the server */ - if (connect(sock, (struct sockaddr *)&sin, sizeof(sin)) >= 0) - break; - close (sock); - } - - if (*h_addr_list == NULL) - err (1, "connect"); - - /* find out who I am, now that we are connected and therefore bound */ - namelen = sizeof(lsin); - if (getsockname(sock, (struct sockaddr *) &lsin, &namelen) < 0) { - close (sock); - err (1, "getsockname"); - } - - /* call Kerberos library routine to obtain an authenticator, - pass it over the socket to the server, and obtain mutual - authentication. */ - - authopts = KOPT_DO_MUTUAL; - status = krb_sendauth(authopts, sock, &ticket, - service, remote_host, - NULL, cksum, &msg_data, &cred, - sched, &lsin, &sin, SAMPLE_VERSION); - if (status != KSUCCESS) - errx (1, "cannot authenticate to server: %s", - krb_get_err_text(status)); - - /* After we send the authenticator to the server, it will write - back the name we authenticated to. Read what it has to say. */ - status = read(sock, buf, sizeof(buf)); - if (status < 0) - errx(1, "read"); - - /* make sure it's null terminated before printing */ - if (status < sizeof(buf)) - buf[status] = '\0'; - else - buf[sizeof(buf) - 1] = '\0'; - - printf("The server says:\n%s\n", buf); - - close(sock); - return 0; -} diff --git a/crypto/kerberosIV/appl/sample/sample_server.c b/crypto/kerberosIV/appl/sample/sample_server.c deleted file mode 100644 index 65b61ae0485e..000000000000 --- a/crypto/kerberosIV/appl/sample/sample_server.c +++ /dev/null @@ -1,155 +0,0 @@ -/* $FreeBSD$ */ - -/* - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, - * please see the file . - * - * sample_server: - * A sample Kerberos server, which reads a ticket from a TCP socket, - * decodes it, and writes back the results (in ASCII) to the client. - * - * Usage: - * sample_server - * - * file descriptor 0 (zero) should be a socket connected to the requesting - * client (this will be correct if this server is started by inetd). - */ - -#include "sample.h" - -RCSID("$Id: sample_server.c,v 1.14.2.1 2000/06/28 19:08:00 assar Exp $"); - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-i] [-s service] [-t srvtab]\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - struct sockaddr_in peername, myname; - int namelen = sizeof(peername); - int status, count, len; - long authopts; - AUTH_DAT auth_data; - KTEXT_ST clt_ticket; - des_key_schedule sched; - char instance[INST_SZ]; - char service[ANAME_SZ]; - char version[KRB_SENDAUTH_VLEN+1]; - char retbuf[512]; - char lname[ANAME_SZ]; - char srvtab[MaxPathLen]; - int c; - int no_inetd = 0; - - /* open a log connection */ - - set_progname (argv[0]); - - roken_openlog(__progname, LOG_ODELAY, LOG_DAEMON); - - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - *srvtab = '\0'; - - while ((c = getopt (argc, argv, "s:t:i")) != -1) - switch (c) { - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 't' : - strlcpy (srvtab, optarg, sizeof(srvtab)); - break; - case 'i': - no_inetd = 1; - break; - case '?' : - default : - usage (); - } - - if (no_inetd) - mini_inetd (htons(SAMPLE_PORT)); - - /* - * To verify authenticity, we need to know the address of the - * client. - */ - if (getpeername(STDIN_FILENO, - (struct sockaddr *)&peername, - &namelen) < 0) { - syslog(LOG_ERR, "getpeername: %m"); - return 1; - } - - /* for mutual authentication, we need to know our address */ - namelen = sizeof(myname); - if (getsockname(STDIN_FILENO, (struct sockaddr *)&myname, &namelen) < 0) { - syslog(LOG_ERR, "getsocknamename: %m"); - return 1; - } - - /* read the authenticator and decode it. Using `k_getsockinst' we - * always get the right instance on a multi-homed host. - */ - k_getsockinst (STDIN_FILENO, instance, sizeof(instance)); - - /* we want mutual authentication */ - authopts = KOPT_DO_MUTUAL; - status = krb_recvauth(authopts, STDIN_FILENO, &clt_ticket, - service, instance, &peername, &myname, - &auth_data, srvtab, - sched, version); - if (status != KSUCCESS) { - snprintf(retbuf, sizeof(retbuf), - "Kerberos error: %s\n", - krb_get_err_text(status)); - syslog(LOG_ERR, "%s", retbuf); - } else { - /* Check the version string (KRB_SENDAUTH_VLEN chars) */ - if (strncmp(version, SAMPLE_VERSION, KRB_SENDAUTH_VLEN)) { - /* didn't match the expected version */ - /* could do something different, but we just log an error - and continue */ - version[8] = '\0'; /* make sure null term */ - syslog(LOG_ERR, "Version mismatch: '%s' isn't '%s'", - version, SAMPLE_VERSION); - } - /* now that we have decoded the authenticator, translate - the kerberos principal.instance@realm into a local name */ - if (krb_kntoln(&auth_data, lname) != KSUCCESS) - strlcpy(lname, - "*No local name returned by krb_kntoln*", - sizeof(lname)); - /* compose the reply */ - snprintf(retbuf, sizeof(retbuf), - "You are %s.%s@%s (local name %s),\n at address %s, version %s, cksum %ld\n", - auth_data.pname, - auth_data.pinst, - auth_data.prealm, - lname, - inet_ntoa(peername.sin_addr), - version, - (long)auth_data.checksum); - } - - /* write back the response */ - if ((count = write(0, retbuf, (len = strlen(retbuf) + 1))) < 0) { - syslog(LOG_ERR,"write: %m"); - return 1; - } else if (count != len) { - syslog(LOG_ERR, "write count incorrect: %d != %d\n", - count, len); - return 1; - } - - /* close up and exit */ - close(0); - return 0; -} diff --git a/crypto/kerberosIV/appl/sample/simple.h b/crypto/kerberosIV/appl/sample/simple.h deleted file mode 100644 index 17315b33475c..000000000000 --- a/crypto/kerberosIV/appl/sample/simple.h +++ /dev/null @@ -1,14 +0,0 @@ -/* - * $Id: simple.h,v 1.3 1996/09/27 15:54:23 assar Exp $ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Common definitions for the simple UDP-based Kerberos-mediated - * server & client applications. - */ - -#define SERVICE "sample" -#define HOST "bach" diff --git a/crypto/kerberosIV/appl/sample/simple_client.c b/crypto/kerberosIV/appl/sample/simple_client.c deleted file mode 100644 index 434150d2189b..000000000000 --- a/crypto/kerberosIV/appl/sample/simple_client.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * - * Copyright 1989 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Simple UDP-based sample client program. For demonstration. - * This program performs no useful function. - */ - -#include "sample.h" -RCSID("$Id: simple_client.c,v 1.15 1999/11/13 06:29:01 assar Exp $"); - -#define MSG "hi, Jennifer!" /* message text */ - -static int -talkto(char *hostname, char *service, int port) -{ - int flags = 0; /* flags for sendto() */ - long len; - u_long cksum = 0L; /* cksum not used */ - char c_realm[REALM_SZ]; /* local Kerberos realm */ - char *s_realm; /* server's Kerberos realm */ - - KTEXT_ST k; /* Kerberos data */ - KTEXT ktxt = &k; - - int sock, i; - struct hostent *host; - struct sockaddr_in s_sock; /* server address */ - char myhostname[MaxHostNameLen]; /* local hostname */ - - /* for krb_mk_safe/priv */ - struct sockaddr_in c_sock; /* client address */ - CREDENTIALS c; /* ticket & session key */ - CREDENTIALS *cred = &c; - - /* for krb_mk_priv */ - des_key_schedule sched; /* session key schedule */ - - /* Look up server host */ - if ((host = gethostbyname(hostname)) == NULL) { - fprintf(stderr, "%s: unknown host \n", hostname); - return 1; - } - - /* Set server's address */ - memset(&s_sock, 0, sizeof(s_sock)); - memcpy(&s_sock.sin_addr, host->h_addr, sizeof(s_sock.sin_addr)); - s_sock.sin_family = AF_INET; - if (port) - s_sock.sin_port = port; - else - s_sock.sin_port = k_getportbyname (service, "tcp", htons(SAMPLE_PORT)); - - if (gethostname(myhostname, sizeof(myhostname)) < 0) { - warn("gethostname"); - return 1; - } - - if ((host = gethostbyname(myhostname)) == NULL) { - fprintf(stderr, "%s: unknown host\n", myhostname); - return 1; - } - - /* Open a socket */ - if ((sock = socket(AF_INET, SOCK_DGRAM, 0)) < 0) { - warn("socket SOCK_DGRAM"); - return 1; - } - - memset(&c_sock, 0, sizeof(c_sock)); - memcpy(&c_sock.sin_addr, host->h_addr, sizeof(c_sock.sin_addr)); - c_sock.sin_family = AF_INET; - - /* Bind it to set the address; kernel will fill in port # */ - if (bind(sock, (struct sockaddr *)&c_sock, sizeof(c_sock)) < 0) { - warn("bind"); - return 1; - } - - /* Get local realm, not needed, just an example */ - if ((i = krb_get_lrealm(c_realm, 1)) != KSUCCESS) { - fprintf(stderr, "can't find local Kerberos realm\n"); - return 1; - } - printf("Local Kerberos realm is %s\n", c_realm); - - /* Get Kerberos realm of host */ - s_realm = krb_realmofhost(hostname); - - /* PREPARE KRB_MK_REQ MESSAGE */ - - /* Get credentials for server, create krb_mk_req message */ - if ((i = krb_mk_req(ktxt, service, hostname, s_realm, cksum)) - != KSUCCESS) { - fprintf(stderr, "%s\n", krb_get_err_text(i)); - return 1; - } - printf("Got credentials for %s.\n", service); - - /* Send authentication info to server */ - i = sendto(sock, (char *)ktxt->dat, ktxt->length, flags, - (struct sockaddr *)&s_sock, sizeof(s_sock)); - if (i < 0) - warn("sending datagram message"); - printf("Sent authentication data: %d bytes\n", i); - - /* PREPARE KRB_MK_SAFE MESSAGE */ - - /* Get my address */ - memset(&c_sock, 0, sizeof(c_sock)); - i = sizeof(c_sock); - if (getsockname(sock, (struct sockaddr *)&c_sock, &i) < 0) { - warn("getsockname"); - return 1; - } - - /* Get session key */ - i = krb_get_cred(service, hostname, s_realm, cred); - if (i != KSUCCESS) - return 1; - - /* Make the safe message */ - len = krb_mk_safe(MSG, ktxt->dat, strlen(MSG)+1, - &cred->session, &c_sock, &s_sock); - - /* Send it */ - i = sendto(sock, (char *)ktxt->dat, (int) len, flags, - (struct sockaddr *)&s_sock, sizeof(s_sock)); - if (i < 0) - warn("sending safe message"); - printf("Sent checksummed message: %d bytes\n", i); - - /* PREPARE KRB_MK_PRIV MESSAGE */ - -#ifdef NOENCRYPTION - memset(sched, 0, sizeof(sched)); -#else - /* Get key schedule for session key */ - des_key_sched(&cred->session, sched); -#endif - - /* Make the encrypted message */ - len = krb_mk_priv(MSG, ktxt->dat, strlen(MSG)+1, - sched, &cred->session, &c_sock, &s_sock); - - /* Send it */ - i = sendto(sock, (char *)ktxt->dat, (int) len, flags, - (struct sockaddr *)&s_sock, sizeof(s_sock)); - if (i < 0) - warn("sending encrypted message"); - printf("Sent encrypted message: %d bytes\n", i); - return 0; -} - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-s service] [-p port] hostname\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - int ret = 0; - int port = 0; - char service[SNAME_SZ]; - struct servent *serv; - int c; - - set_progname (argv[0]); - - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - - while ((c = getopt(argc, argv, "s:p:")) != -1) - switch(c) { - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 'p' : - serv = getservbyname (optarg, "tcp"); - if (serv) - port = serv->s_port; - else - port = htons(atoi(optarg)); - break; - case '?' : - default : - usage(); - } - - argc -= optind; - argv += optind; - - while (argc-- > 0) - ret &= talkto (*argv++, service, port); - return ret; -} diff --git a/crypto/kerberosIV/appl/sample/simple_server.c b/crypto/kerberosIV/appl/sample/simple_server.c deleted file mode 100644 index 05baa4ee1c4a..000000000000 --- a/crypto/kerberosIV/appl/sample/simple_server.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * - * Copyright 1989 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Simple UDP-based server application. For demonstration. - * This program performs no useful function. - */ - -#include "sample.h" - -RCSID("$Id: simple_server.c,v 1.11 1999/11/13 06:29:24 assar Exp $"); - -static void -usage (void) -{ - fprintf (stderr, "Usage: %s [-p port] [-s service] [-t srvtab]\n", - __progname); - exit (1); -} - -int -main(int argc, char **argv) -{ - char service[SNAME_SZ]; - char instance[INST_SZ]; - int port; - char srvtab[MaxPathLen]; - struct sockaddr_in addr, otheraddr; - int c; - int sock; - int i; - int len; - KTEXT_ST k; - KTEXT ktxt = &k; - AUTH_DAT ad; - MSG_DAT msg_data; - des_key_schedule sched; - - set_progname (argv[0]); - strlcpy (service, SAMPLE_SERVICE, sizeof(service)); - strlcpy (instance, "*", sizeof(instance)); - *srvtab = '\0'; - port = 0; - - while ((c = getopt (argc, argv, "p:s:t:")) != -1) - switch (c) { - case 'p' : { - struct servent *sp; - - sp = getservbyname (optarg, "udp"); - if (sp) - port = sp->s_port; - else - port = htons(atoi(optarg)); - break; - } - case 's' : - strlcpy (service, optarg, sizeof(service)); - break; - case 't' : - strlcpy (srvtab, optarg, sizeof(srvtab)); - break; - case '?' : - default : - usage (); - } - - if(port == 0) - port = k_getportbyname (SAMPLE_SERVICE, "udp", htons(SAMPLE_PORT)); - - memset (&addr, 0, sizeof(addr)); - addr.sin_family = AF_INET; - addr.sin_port = port; - - sock = socket (AF_INET, SOCK_DGRAM, 0); - if (sock < 0) - err (1, "socket"); - - if (bind (sock, (struct sockaddr *)&addr, sizeof(addr)) < 0) - err (1, "bind"); - - /* GET KRB_MK_REQ MESSAGE */ - - i = read(sock, ktxt->dat, MAX_KTXT_LEN); - if (i < 0) - err (1, "read"); - - printf("Received %d bytes\n", i); - ktxt->length = i; - - /* Check authentication info */ - i = krb_rd_req(ktxt, service, instance, 0, &ad, ""); - if (i != KSUCCESS) - errx (1, "krb_rd_req: %s", krb_get_err_text(i)); - printf("Got authentication info from %s%s%s@%s\n", ad.pname, - *ad.pinst ? "." : "", ad.pinst, ad.prealm); - - /* GET KRB_MK_SAFE MESSAGE */ - - /* use "recvfrom" so we know client's address */ - len = sizeof(otheraddr); - i = recvfrom(sock, ktxt->dat, MAX_KTXT_LEN, 0, - (struct sockaddr *)&otheraddr, &len); - if (i < 0) - err (1, "recvfrom"); - printf("Received %d bytes\n", i); - - /* Verify the checksummed message */ - i = krb_rd_safe(ktxt->dat, i, &ad.session, &otheraddr, - &addr, &msg_data); - if (i != KSUCCESS) - errx (1, "krb_rd_safe: %s", krb_get_err_text(i)); - printf("Safe message is: %s\n", msg_data.app_data); - - /* NOW GET ENCRYPTED MESSAGE */ - -#ifdef NOENCRYPTION - memset(sched, 0, sizeof(sched)); -#else - /* need key schedule for session key */ - des_key_sched(&ad.session, sched); -#endif - - /* use "recvfrom" so we know client's address */ - len = sizeof(otheraddr); - i = recvfrom(sock, ktxt->dat, MAX_KTXT_LEN, 0, - (struct sockaddr *)&otheraddr, &len); - if (i < 0) - err (1, "recvfrom"); - printf("Received %d bytes\n", i); - i = krb_rd_priv(ktxt->dat, i, sched, &ad.session, &otheraddr, - &addr, &msg_data); - if (i != KSUCCESS) - errx (1, "krb_rd_priv: %s", krb_get_err_text(i)); - printf("Decrypted message is: %s\n", msg_data.app_data); - return(0); -} diff --git a/crypto/kerberosIV/appl/telnet/ChangeLog b/crypto/kerberosIV/appl/telnet/ChangeLog deleted file mode 100644 index b2c27bc113a6..000000000000 --- a/crypto/kerberosIV/appl/telnet/ChangeLog +++ /dev/null @@ -1,286 +0,0 @@ -2000-03-26 Assar Westerlund - - * telnetd/sys_term.c (*): make sure to always call time, ctime, - and gmtime with `time_t's. there were some types (like in - lastlog) that we believed to always be time_t. this has proven - wrong on Solaris 8 in 64-bit mode, where they are stored as 32-bit - quantities but time_t has gone up to 64 bits - -1999-09-16 Assar Westerlund - - * telnet/commands.c: revert 1.54, get_default_username should DTRT - now - -1999-09-05 Assar Westerlund - - * telnetd/utility.c (ttloop): make it return 1 if interrupted by a - signal, which must have been what was meant from the beginning - - * telnetd/ext.h (ttloop): update prototype - - * telnetd/authenc.c (telnet_spin): actually return the value from - ttloop (otherwise it's kind of bogus) - -1999-08-05 Assar Westerlund - - * telnetd/sys_term.c (rmut): free utxp - -1999-08-04 Assar Westerlund - - * telnet/main.c: add -G and config file support. From Miroslav - Ruda - - * telnetd/sys_term.c (rmut): work around utmpx strangness. From - Miroslav Ruda - -1999-08-02 Assar Westerlund - - * telnetd/telnetd.c (doit): only free hp if != NULL. From: Jonas - Oberg - -1999-07-29 Assar Westerlund - - * telnetd/telnetd.c (doit): remove unused variable mapped_sin - -1999-07-26 Assar Westerlund - - * telnetd/ext.h: update prototypes - - * telnetd/telnetd.c: make it handle v4 and v6 sockets. (it - doesn't handle being given a v6 socket that's really talking to an - v4 adress (mapped) because the rest of the code in telnetd is not - able to handle it anyway). please run two telnetd from your - inetd, one for v4 and one for v6. - -1999-07-07 Assar Westerlund - - * telnet/commands.c (tn): extra bogus const-cast - -1999-07-06 Assar Westerlund - - * telnetd/sys_term.c (start_login): print a different warning with - `-a otp' - -1999-06-24 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_send): set the addresses in the - auth_context - -1999-06-23 Assar Westerlund - - * telnet/Makefile.am (INCLUDES): add $(INCLUDE_krb4) - - * telnet/commands.c (togkrbdebug): conditionalize on - krb_disable_debug - -1999-06-16 Johan Danielsson - - * telnet/commands.c: add kerberos debugging option - -1999-06-15 Assar Westerlund - - * telnet/commands.c (tn): use get_default_username - -1999-05-14 Assar Westerlund - - * telnetd/state.c (telrcv): magic patch to make it work against - DOS Clarkson Telnet. From Miroslav Ruda - -1999-04-25 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_send): use - `krb5_auth_setkeytype' instead of `krb5_auth_setenctype' to make - sure we get a DES session key. - -Thu Apr 1 16:59:27 1999 Johan Danielsson - - * telnetd/Makefile.am: don't run check-local - - * telnet/Makefile.am: don't run check-local - -Mon Mar 29 16:11:33 1999 Johan Danielsson - - * telnetd/sys_term.c: _CRAY -> HAVE_STRUCT_UTMP_UT_ID - -Sat Mar 20 00:12:54 1999 Assar Westerlund - - * telnet/authenc.c (telnet_gets): remove old extern declarations - -Thu Mar 18 11:20:16 1999 Johan Danielsson - - * telnetd/Makefile.am: include Makefile.am.common - - * telnet/Makefile.am: include Makefile.am.common - - * libtelnet/Makefile.am: include Makefile.am.common - - * Makefile.am: include Makefile.am.common - -Mon Mar 15 17:40:53 1999 Johan Danielsson - - * telnetd/telnetd.c: replace perror/exit with fatalperror - -Sat Mar 13 22:18:57 1999 Assar Westerlund - - * telnetd/telnetd.c (main): 0 -> STDIN_FILENO. remove abs - - * libtelnet/kerberos.c (kerberos4_is): syslog root logins - -Thu Mar 11 14:48:54 1999 Johan Danielsson - - * telnetd/Makefile.in: add WFLAGS - - * telnet/Makefile.in: add WFLAGS - - * libtelnet/Makefile.in: add WFLAGS - - * telnetd/sys_term.c: remove unused variables - - * telnet/telnet.c: fix some warnings - - * telnet/main.c: fix some warnings - - * telnet/commands.c: fix types in format string - - * libtelnet/auth.c: fix types in format string - -Mon Mar 1 10:50:30 1999 Johan Danielsson - - * telnetd/sys_term.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_* - -Mon Feb 1 04:08:36 1999 Assar Westerlund - - * telnet/commands.c (tn): only call gethostbyname2 with AF_INET6 - if we actually have IPv6. From "Brandon S. Allbery KF8NH" - - -Sat Nov 21 16:51:00 1998 Johan Danielsson - - * telnetd/sys_term.c (cleanup): don't call vhangup() on sgi:s - -Fri Aug 14 16:29:18 1998 Johan Danielsson - - * libtelnet/kerberos.c: krb_put_int -> KRB_PUT_INT - -Thu Jul 23 20:29:05 1998 Johan Danielsson - - * libtelnet/kerberos5.c: use krb5_verify_authenticator_checksum - -Mon Jul 13 22:00:09 1998 Assar Westerlund - - * telnet/commands.c (tn): don't advance hostent->h_addr_list, use - a copy instead - -Wed May 27 04:19:17 1998 Assar Westerlund - - * telnet/sys_bsd.c (process_rings): correct call to `stilloob' - -Fri May 15 19:38:19 1998 Johan Danielsson - - * libtelnet/kerberos5.c: Always print errors from mk_req. - -Fri May 1 07:16:59 1998 Assar Westerlund - - * telnet/commands.c: unifdef -DHAVE_H_ERRNO - -Sat Apr 4 15:00:29 1998 Assar Westerlund - - * telnet/commands.c (tn): moved the printing of `trying...' to the - loop - -Thu Mar 12 02:33:48 1998 Assar Westerlund - - * telnet/telnet_locl.h: include . From Gregory S. Stark - - -Sat Feb 21 15:12:38 1998 Assar Westerlund - - * telnetd/ext.h: add prototype for login_tty - - * telnet/utilities.c (printsub): `direction' is now an int. - - * libtelnet/misc-proto.h: add prototype for `printsub' - -Tue Feb 17 02:45:01 1998 Assar Westerlund - - * libtelnet/kerberos.c (kerberos4_is): cred.pname should be - cred.pinst. From - -Sun Feb 15 02:46:39 1998 Assar Westerlund - - * telnet/*/*.c: renamed `telnet' to `my_telnet' to avoid - conflicts with system header files on mklinux. - -Tue Feb 10 02:09:03 1998 Assar Westerlund - - * telnetd/telnetd.c: new signature for `getterminaltype' and - `auth_wait' - - * libtelnet: changed the signature of the authentication method - `status' - -Sat Feb 7 07:21:29 1998 Assar Westerlund - - * */*.c: replace HAS_GETTOS by HAVE_PARSETOS and HAVE_GETTOSBYNAME - -Fri Dec 26 16:17:10 1997 Assar Westerlund - - * telnet/commands.c (tn): repair support for numeric addresses - -Sun Dec 21 09:40:31 1997 Assar Westerlund - - * libtelnet/kerberos.c: fix up lots of stuff related to the - forwarding of v4 tickets. - - * libtelnet/kerberos5.c (kerberos5_forward): zero out `creds'. - -Mon Dec 15 20:53:13 1997 Johan Danielsson - - * telnet/sys_bsd.c: Don't turn off OPOST in 8bit-mode. - -Tue Dec 9 19:26:50 1997 Assar Westerlund - - * telnet/main.c (main): add 'b' to getopt - -Sat Nov 29 03:28:54 1997 Johan Danielsson - - * telnet/telnet.c: Change binary mode to do just that, and add a - eight-bit mode for just passing all characters. - -Sun Nov 16 04:37:02 1997 Assar Westerlund - - * libtelnet/kerberos5.c (kerberos5_send): always ask for a session - key of type DES - - * libtelnet/kerberos5.c: remove old garbage and fix call to - krb5_auth_con_setaddrs_from_fd - -Fri Nov 14 20:35:18 1997 Johan Danielsson - - * telnetd/telnetd.c: Output contents of /etc/issue. - -Mon Nov 3 07:09:16 1997 Assar Westerlund - - * telnet/telnet_locl.h: only include iff - !defined(HAVE_TERMIOS_H) - - * libtelnet/kerberos.c (kerberos4_is): send the peer address to - krb_rd_req - - * telnetd/telnetd.c (terminaltypeok): always return OK. It used - to call `tgetent' to figure if it was a defined terminal type. - It's possible to overflow tgetent so that's a bad idea. The worst - that could happen by saying yes to all terminals is that the user - ends up with a terminal that has no definition on the local - system. And besides, most telnet client has no support for - falling back to a different terminal type. - -Mon Oct 20 05:47:19 1997 Assar Westerlund - - * libtelnet/kerberos5.c: remove lots of old junk. clean-up. - better error checking and reporting. tell the user permission - denied much earlier. - - * libtelnet/kerberos.c (kerberos4_is): only print - UserNameRequested if != NULL - diff --git a/crypto/kerberosIV/appl/telnet/Makefile.am b/crypto/kerberosIV/appl/telnet/Makefile.am deleted file mode 100644 index eec013bae96f..000000000000 --- a/crypto/kerberosIV/appl/telnet/Makefile.am +++ /dev/null @@ -1,11 +0,0 @@ -# $Id: Makefile.am,v 1.6 1999/03/20 13:58:15 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = libtelnet telnet telnetd - -dist-hook: - $(mkinstalldirs) $(distdir)/arpa - $(INSTALL_DATA) $(srcdir)/arpa/telnet.h $(distdir)/arpa - -EXTRA_DIST = README.ORIG telnet.state diff --git a/crypto/kerberosIV/appl/telnet/Makefile.in b/crypto/kerberosIV/appl/telnet/Makefile.in deleted file mode 100644 index 840e7575f3f9..000000000000 --- a/crypto/kerberosIV/appl/telnet/Makefile.in +++ /dev/null @@ -1,42 +0,0 @@ -# $Id: Makefile.in,v 1.20 1998/05/31 18:04:50 joda Exp $ - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -@SET_MAKE@ - -CC = @CC@ -LINK = @LINK@ -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ - -INSTALL = @INSTALL@ - -SUBDIRS=libtelnet telnet telnetd - -all: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) all); done - -install: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) install); done - -uninstall: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done - -clean cleandir: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) clean); done - -distclean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) distclean); done - rm -f Makefile *~ - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/telnet/README.ORIG b/crypto/kerberosIV/appl/telnet/README.ORIG deleted file mode 100644 index 37b588fafd6f..000000000000 --- a/crypto/kerberosIV/appl/telnet/README.ORIG +++ /dev/null @@ -1,743 +0,0 @@ - -This is a distribution of both client and server telnet. These programs -have been compiled on: - telnet telnetd - 4.4 BSD-Lite x x - 4.3 BSD Reno X X - UNICOS 9.1 X X - UNICOS 9.0 X X - UNICOS 8.0 X X - BSDI 2.0 X X - Solaris 2.4 x x (no linemode in server) - SunOs 4.1.4 X X (no linemode in server) - Ultrix 4.3 X X (no linemode in server) - Ultrix 4.1 X X (no linemode in server) - -In addition, previous versions have been compiled on the following -machines, but were not available for testing this version. - telnet telnetd - Next1.0 X X - UNICOS 8.3 X X - UNICOS 7.C X X - UNICOS 7.0 X X - SunOs 4.0.3c X X (no linemode in server) - 4.3 BSD X X (no linemode in server) - DYNIX V3.0.12 X X (no linemode in server) - Ultrix 3.1 X X (no linemode in server) - Ultrix 4.0 X X (no linemode in server) - SunOs 3.5 X X (no linemode in server) - SunOs 4.1.3 X X (no linemode in server) - Solaris 2.2 x x (no linemode in server) - Solaris 2.3 x x (no linemode in server) - BSDI 1.0 X X - BSDI 1.1 X X - DYNIX V3.0.17.9 X X (no linemode in server) - HP-UX 8.0 x x (no linemode in server) - -This code should work, but there are no guarantees. - -May 30, 1995 - -This release represents what is on the 4.4BSD-Lite2 release, which -should be the final BSD release. I will continue to support of -telnet, The code (without encryption) is available via anonymous ftp -from ftp.cray.com, in src/telnet/telnet.YY.MM.DD.NE.tar.Z, where -YY.MM.DD is replaced with the year, month and day of the release. -If you can't find it at one of these places, at some point in the -near future information about the latest releases should be available -from ftp.borman.com. - -In addition, the version with the encryption code is available via -ftp from net-dist.mit.edu, in the directory /pub/telnet. There -is a README file there that gives further information on how -to get the distribution. - -Questions, comments, bug reports and bug fixes can be sent to -one of these addresses: - dab@borman.com - dab@cray.com - dab@bsdi.com - -This release is mainly bug fixes and code cleanup. - - Replace all calls to bcopy()/bzero() with calls to - memmove()/memset() and all calls to index()/rindex() - with calls to strchr()/strrchr(). - - Add some missing diagnostics for option tracing - to telnetd. - - Add support for BSDI 2.0 and Solaris 2.4. - - Add support for UNICOS 8.0 - - Get rid of expanded tabs and trailing white spaces. - - From Paul Vixie: - Fix for telnet going into an endless spin - when the session dies abnormally. - - From Jef Poskanzer: - Changes to allow telnet to compile - under SunOS 3.5. - - From Philip Guenther: - makeutx() doesn't expand utmpx, - use pututxline() instead. - - From Chris Torek: - Add a sleep(1) before execing login - to avoid race condition that can eat - up the login prompt. - Use terminal speed directly if it is - not an encoded value. - - From Steve Parker: - Fix to realloc() call. Fix for execing - login on solaris with no user name. - -January 19, 1994 - -This is a list of some of the changes since the last tar release -of telnet/telnetd. There are probably other changes that aren't -listed here, but this should hit a lot of the main ones. - - General: - Changed #define for AUTHENTICATE to AUTHENTICATION - Changed #define for ENCRYPT to ENCRYPTION - Changed #define for DES_ENCRYPT to DES_ENCRYPTION - - Added support for SPX authentication: -DSPX - - Added support for Kerberos Version 5 authentication: -DKRB5 - - Added support for ANSI C function prototypes - - Added support for the NEW-ENVIRON option (RFC-1572) - including support for USERVAR. - - Made support for the old Environment Option (RFC-1408) - conditional on -DOLD_ENVIRON - - Added #define ENV_HACK - support for RFC 1571 - - The encryption code is removed from the public distributions. - Domestic 4.4 BSD distributions contain the encryption code. - - ENV_HACK: Code to deal with systems that only implement - the old ENVIRON option, and have reversed definitions - of ENV_VAR and ENV_VAL. Also fixes ENV processing in - client to handle things besides just the default set... - - NO_BSD_SETJMP: UNICOS configuration for - UNICOS 6.1/6.0/5.1/5.0 systems. - - STREAMSPTY: Use /dev/ptmx to get a clean pty. This - is for SVr4 derivatives (Like Solaris) - - UTMPX: For systems that have /etc/utmpx. This is for - SVr4 derivatives (Like Solaris) - - Definitions for BSDI 1.0 - - Definitions for 4.3 Reno and 4.4 BSD. - - Definitions for UNICOS 8.0 and UNICOS 7.C - - Definitions for Solaris 2.0 - - Definitions for HP-UX 8.0 - - Latest Copyright notices from Berkeley. - - FLOW-CONTROL: support for RFC-XXXx - - - Client Specific: - - Fix the "send" command to not send garbage... - - Fix status message for "skiprc" - - Make sure to send NAWS after telnet has been suspended - or an external command has been run, if the window size - has changed. - - sysV88 support. - - Server Specific: - - Support flowcontrol option in non-linemode servers. - - -k Server supports Kludge Linemode, but will default to - either single character mode or real Linemode support. - The user will have to explicitly ask to switch into - kludge linemode. ("stty extproc", or escape back to - to telnet and say "mode line".) - - -u Specify the length of the hostname field in the utmp - file. Hostname longer than this length will be put - into the utmp file in dotted decimal notation, rather - than putting in a truncated hostname. - - -U Registered hosts only. If a reverse hostname lookup - fails, the connection will be refused. - - -f/-F - Allows forwarding of credentials for KRB5. - -Februrary 22, 1991: - - Features: - - This version of telnet/telnetd has support for both - the AUTHENTICATION and ENCRYPTION options. The - AUTHENTICATION option is fairly well defined, and - an option number has been assigned to it. The - ENCRYPTION option is still in a state of flux; an - option number has been assigned to, but it is still - subject to change. The code is provided in this release - for experimental and testing purposes. - - The telnet "send" command can now be used to send - do/dont/will/wont commands, with any telnet option - name. The rules for when do/dont/will/wont are sent - are still followed, so just because the user requests - that one of these be sent doesn't mean that it will - be sent... - - The telnet "getstatus" command no longer requires - that option printing be enabled to see the response - to the "DO STATUS" command. - - A -n flag has been added to telnetd to disable - keepalives. - - A new telnet command, "auth" has been added (if - AUTHENTICATE is defined). It has four sub-commands, - "status", "disable", "enable" and "help". - - A new telnet command, "encrypt" has been added (if - ENCRYPT is defined). It has many sub-commands: - "enable", "type", "start", "stop", "input", - "-input", "output", "-output", "status", and "help". - - The LOGOUT option is now supported by both telnet - and telnetd, a new command, "logout", was added - to support this. - - Several new toggle options were added: - "autoencrypt", "autodecrypt", "autologin", "authdebug", - "encdebug", "skiprc", "verbose_encrypt" - - An "rlogin" interface has been added. If the program - is named "rlogin", or the "-r" flag is given, then - an rlogin type of interface will be used. - ~. Terminates the session - ~ Suspend the session - ~^] Escape to telnet command mode - ~~ Pass through the ~. - BUG: If you type the rlogin escape character - in the middle of a line while in rlogin - mode, you cannot erase it or any characters - before it. Hopefully this can be fixed - in a future release... - - General changes: - - A "libtelnet.a" has now been created. This libraray - contains code that is common to both telnet and - telnetd. This is also where library routines that - are needed, but are not in the standard C library, - are placed. - - The makefiles have been re-done. All of the site - specific configuration information has now been put - into a single "Config.generic" file, in the top level - directory. Changing this one file will take care of - all three subdirectories. Also, to add a new/local - definition, a "Config.local" file may be created - at the top level; if that file exists, the subdirectories - will use that file instead of "Config.generic". - - Many 1-2 line functions in commands.c have been - removed, and just inserted in-line, or replaced - with a macro. - - Bug Fixes: - - The non-termio code in both telnet and telnetd was - setting/clearing CTLECH in the sg_flags word. This - was incorrect, and has been changed to set/clear the - LCTLECH bit in the local mode word. - - The SRCRT #define has been removed. If IP_OPTIONS - and IPPROTO_IP are defined on the system, then the - source route code is automatically enabled. - - The NO_GETTYTAB #define has been removed; there - is a compatability routine that can be built into - libtelnet to achive the same results. - - The server, telnetd, has been switched to use getopt() - for parsing the argument list. - - The code for getting the input/output speeds via - cfgetispeed()/cfgetospeed() was still not quite - right in telnet. Posix says if the ispeed is 0, - then it is really equal to the ospeed. - - The suboption processing code in telnet now has - explicit checks to make sure that we received - the entire suboption (telnetd was already doing this). - - The telnet code for processing the terminal type - could cause a core dump if an existing connection - was closed, and a new connection opened without - exiting telnet. - - Telnetd was doing a TCSADRAIN when setting the new - terminal settings; This is not good, because it means - that the tcsetattr() will hang waiting for output to - drain, and telnetd is the only one that will drain - the output... The fix is to use TCSANOW which does - not wait. - - Telnetd was improperly setting/clearing the ISTRIP - flag in the c_lflag field, it should be using the - c_iflag field. - - When the child process of telnetd was opening the - slave side of the pty, it was re-setting the EXTPROC - bit too early, and some of the other initialization - code was wiping it out. This would cause telnetd - to go out of linemode and into single character mode. - - One instance of leaving linemode in telnetd forgot - to send a WILL ECHO to the client, the net result - would be that the user would see double character - echo. - - If the MODE was being changed several times very - quickly, telnetd could get out of sync with the - state changes and the returning acks; and wind up - being left in the wrong state. - -September 14, 1990: - - Switch the client to use getopt() for parsing the - argument list. The 4.3Reno getopt.c is included for - systems that don't have getopt(). - - Use the posix _POSIX_VDISABLE value for what value - to use when disabling special characters. If this - is undefined, it defaults to 0x3ff. - - For non-termio systems, TIOCSETP was being used to - change the state of the terminal. This causes the - input queue to be flushed, which we don't want. This - is now changed to TIOCSETN. - - Take out the "#ifdef notdef" around the code in the - server that generates a "sync" when the pty oputput - is flushed. The potential problem is that some older - telnet clients may go into an infinate loop when they - receive a "sync", if so, the server can be compiled - with "NO_URGENT" defined. - - Fix the client where it was setting/clearing the OPOST - bit in the c_lflag field, not the c_oflag field. - - Fix the client where it was setting/clearing the ISTRIP - bit in the c_lflag field, not the c_iflag field. (On - 4.3Reno, this is the ECHOPRT bit in the c_lflag field.) - The client also had its interpretation of WILL BINARY - and DO BINARY reversed. - - Fix a bug in client that would cause a core dump when - attempting to remove the last environment variable. - - In the client, there were a few places were switch() - was being passed a character, and if it was a negative - value, it could get sign extended, and not match - the 8 bit case statements. The fix is to and the - switch value with 0xff. - - Add a couple more printoption() calls in the client, I - don't think there are any more places were a telnet - command can be received and not printed out when - "options" is on. - - A new flag has been added to the client, "-a". Currently, - this just causes the USER name to be sent across, in - the future this may be used to signify that automatic - authentication is requested. - - The USER variable is now only sent by the client if - the "-a" or "-l user" options are explicity used, or - if the user explicitly asks for the "USER" environment - variable to be exported. In the server, if it receives - the "USER" environment variable, it won't print out the - banner message, so that only "Password:" will be printed. - This makes the symantics more like rlogin, and should be - more familiar to the user. (People are not used to - getting a banner message, and then getting just a - "Password:" prompt.) - - Re-vamp the code for starting up the child login - process. The code was getting ugly, and it was - hard to tell what was really going on. What we - do now is after the fork(), in the child: - 1) make sure we have no controlling tty - 2) open and initialize the tty - 3) do a setsid()/setpgrp() - 4) makes the tty our controlling tty. - On some systems, #2 makes the tty our controlling - tty, and #4 is a no-op. The parent process does - a gets rid of any controlling tty after the child - is fork()ed. - - Use the strdup() library routine in telnet, instead - of the local savestr() routine. If you don't have - strdup(), you need to define NO_STRDUP. - - Add support for ^T (SIGINFO/VSTATUS), found in the - 4.3Reno distribution. This maps to the AYT character. - You need a 4-line bugfix in the kernel to get this - to work properly: - - > *** tty_pty.c.ORG Tue Sep 11 09:41:53 1990 - > --- tty_pty.c Tue Sep 11 17:48:03 1990 - > *************** - > *** 609,613 **** - > if ((tp->t_lflag&NOFLSH) == 0) - > ttyflush(tp, FREAD|FWRITE); - > ! pgsignal(tp->t_pgrp, *(unsigned int *)data); - > return(0); - > } - > --- 609,616 ---- - > if ((tp->t_lflag&NOFLSH) == 0) - > ttyflush(tp, FREAD|FWRITE); - > ! pgsignal(tp->t_pgrp, *(unsigned int *)data, 1); - > ! if ((*(unsigned int *)data == SIGINFO) && - > ! ((tp->t_lflag&NOKERNINFO) == 0)) - > ! ttyinfo(tp); - > return(0); - > } - - The client is now smarter when setting the telnet escape - character; it only sets it to one of VEOL and VEOL2 if - one of them is undefined, and the other one is not already - defined to the telnet escape character. - - Handle TERMIOS systems that have seperate input and output - line speed settings imbedded in the flags. - - Many other minor bug fixes. - -June 20, 1990: - Re-organize makefiles and source tree. The telnet/Source - directory is now gone, and all the source that was in - telnet/Source is now just in the telnet directory. - - Seperate makefile for each system are now gone. There - are two makefiles, Makefile and Makefile.generic. - The "Makefile" has the definitions for the various - system, and "Makefile.generic" does all the work. - There is a variable called "WHAT" that is used to - specify what to make. For example, in the telnet - directory, you might say: - make 4.4bsd WHAT=clean - to clean out the directory. - - Add support for the ENVIRON and XDISPLOC options. - In order for the server to work, login has to have - the "-p" option to preserve environment variables. - - Add the SOFT_TAB and LIT_ECHO modes in the LINEMODE support. - - Add the "-l user" option to command line and open command - (This is passed through the ENVIRON option). - - Add the "-e" command line option, for setting the escape - character. - - Add the "-D", diagnostic, option to the server. This allows - the server to print out debug information, which is very - useful when trying to debug a telnet that doesn't have any - debugging ability. - - Turn off the literal next character when not in LINEMODE. - - Don't recognize ^Y locally, just pass it through. - - Make minor modifications for Sun4.0 and Sun4.1 - - Add support for both FORW1 and FORW2 characters. The - telnet escpape character is set to whichever of the - two is not being used. If both are in use, the escape - character is not set, so when in linemode the user will - have to follow the escape character with a or - -libtelnet/Makefile.4.4: -telnet/Makefile.4.4: -telnetd/Makefile.4.4: - These are the makefiles that can be used on a 4.3Reno - system when this software is installed in /usr/src/lib/libtelnet, - /usr/src/libexec/telnetd, and /usr/src/usr.bin/telnet. - - -The following TELNET options are supported: - - LINEMODE: - The LINEMODE option is supported as per RFC1116. The - FORWARDMASK option is not currently supported. - - BINARY: The client has the ability to turn on/off the BINARY - option in each direction. Turning on BINARY from - server to client causes the LITOUT bit to get set in - the terminal driver on both ends, turning on BINARY - from the client to the server causes the PASS8 bit - to get set in the terminal driver on both ends. - - TERMINAL-TYPE: - This is supported as per RFC1091. On the server side, - when a terminal type is received, termcap/terminfo - is consulted to determine if it is a known terminal - type. It keeps requesting terminal types until it - gets one that it recongnizes, or hits the end of the - list. The server side looks up the entry in the - termcap/terminfo data base, and generates a list of - names which it then passes one at a time to each - request for a terminal type, duplicating the last - entry in the list before cycling back to the beginning. - - NAWS: The Negotiate about Window Size, as per RFC 1073. - - TERMINAL-SPEED: - Implemented as per RFC 1079 - - TOGGLE-FLOW-CONTROL: - Implemented as per RFC 1080 - - TIMING-MARK: - As per RFC 860 - - SGA: As per RFC 858 - - ECHO: As per RFC 857 - - LOGOUT: As per RFC 727 - - STATUS: - The server will send its current status upon - request. It does not ask for the clients status. - The client will request the servers current status - from the "send getstatus" command. - - ENVIRON: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued, but should be in the near future... - - X-DISPLAY-LOCATION: - This functionality can be done through the ENVIRON - option, it is added here for completeness. - - AUTHENTICATION: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued. The basic framework is pretty much decided, - but the definitions for the specific authentication - schemes is still in a state of flux. - - ENCRYPTION: - This option is currently being defined by the IETF - Telnet Working Group, and an RFC has not yet been - issued. The draft RFC is still in a state of flux, - so this code may change in the future. diff --git a/crypto/kerberosIV/appl/telnet/arpa/telnet.h b/crypto/kerberosIV/appl/telnet/arpa/telnet.h deleted file mode 100644 index 5d9ef6001621..000000000000 --- a/crypto/kerberosIV/appl/telnet/arpa/telnet.h +++ /dev/null @@ -1,323 +0,0 @@ -/* - * Copyright (c) 1983, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)telnet.h 8.2 (Berkeley) 12/15/93 - */ - -#ifndef _TELNET_H_ -#define _TELNET_H_ - -/* - * Definitions for the TELNET protocol. - */ -#define IAC 255 /* interpret as command: */ -#define DONT 254 /* you are not to use option */ -#define DO 253 /* please, you use option */ -#define WONT 252 /* I won't use option */ -#define WILL 251 /* I will use option */ -#define SB 250 /* interpret as subnegotiation */ -#define GA 249 /* you may reverse the line */ -#define EL 248 /* erase the current line */ -#define EC 247 /* erase the current character */ -#define AYT 246 /* are you there */ -#define AO 245 /* abort output--but let prog finish */ -#define IP 244 /* interrupt process--permanently */ -#define BREAK 243 /* break */ -#define DM 242 /* data mark--for connect. cleaning */ -#define NOP 241 /* nop */ -#define SE 240 /* end sub negotiation */ -#define EOR 239 /* end of record (transparent mode) */ -#define ABORT 238 /* Abort process */ -#define SUSP 237 /* Suspend process */ -#define xEOF 236 /* End of file: EOF is already used... */ - -#define SYNCH 242 /* for telfunc calls */ - -#ifdef TELCMDS -char *telcmds[] = { - "EOF", "SUSP", "ABORT", "EOR", - "SE", "NOP", "DMARK", "BRK", "IP", "AO", "AYT", "EC", - "EL", "GA", "SB", "WILL", "WONT", "DO", "DONT", "IAC", 0, -}; -#else -extern char *telcmds[]; -#endif - -#define TELCMD_FIRST xEOF -#define TELCMD_LAST IAC -#define TELCMD_OK(x) ((unsigned int)(x) <= TELCMD_LAST && \ - (unsigned int)(x) >= TELCMD_FIRST) -#define TELCMD(x) telcmds[(x)-TELCMD_FIRST] - -/* telnet options */ -#define TELOPT_BINARY 0 /* 8-bit data path */ -#define TELOPT_ECHO 1 /* echo */ -#define TELOPT_RCP 2 /* prepare to reconnect */ -#define TELOPT_SGA 3 /* suppress go ahead */ -#define TELOPT_NAMS 4 /* approximate message size */ -#define TELOPT_STATUS 5 /* give status */ -#define TELOPT_TM 6 /* timing mark */ -#define TELOPT_RCTE 7 /* remote controlled transmission and echo */ -#define TELOPT_NAOL 8 /* negotiate about output line width */ -#define TELOPT_NAOP 9 /* negotiate about output page size */ -#define TELOPT_NAOCRD 10 /* negotiate about CR disposition */ -#define TELOPT_NAOHTS 11 /* negotiate about horizontal tabstops */ -#define TELOPT_NAOHTD 12 /* negotiate about horizontal tab disposition */ -#define TELOPT_NAOFFD 13 /* negotiate about formfeed disposition */ -#define TELOPT_NAOVTS 14 /* negotiate about vertical tab stops */ -#define TELOPT_NAOVTD 15 /* negotiate about vertical tab disposition */ -#define TELOPT_NAOLFD 16 /* negotiate about output LF disposition */ -#define TELOPT_XASCII 17 /* extended ascic character set */ -#define TELOPT_LOGOUT 18 /* force logout */ -#define TELOPT_BM 19 /* byte macro */ -#define TELOPT_DET 20 /* data entry terminal */ -#define TELOPT_SUPDUP 21 /* supdup protocol */ -#define TELOPT_SUPDUPOUTPUT 22 /* supdup output */ -#define TELOPT_SNDLOC 23 /* send location */ -#define TELOPT_TTYPE 24 /* terminal type */ -#define TELOPT_EOR 25 /* end or record */ -#define TELOPT_TUID 26 /* TACACS user identification */ -#define TELOPT_OUTMRK 27 /* output marking */ -#define TELOPT_TTYLOC 28 /* terminal location number */ -#define TELOPT_3270REGIME 29 /* 3270 regime */ -#define TELOPT_X3PAD 30 /* X.3 PAD */ -#define TELOPT_NAWS 31 /* window size */ -#define TELOPT_TSPEED 32 /* terminal speed */ -#define TELOPT_LFLOW 33 /* remote flow control */ -#define TELOPT_LINEMODE 34 /* Linemode option */ -#define TELOPT_XDISPLOC 35 /* X Display Location */ -#define TELOPT_OLD_ENVIRON 36 /* Old - Environment variables */ -#define TELOPT_AUTHENTICATION 37/* Authenticate */ -#define TELOPT_ENCRYPT 38 /* Encryption option */ -#define TELOPT_NEW_ENVIRON 39 /* New - Environment variables */ -#define TELOPT_EXOPL 255 /* extended-options-list */ - - -#define NTELOPTS (1+TELOPT_NEW_ENVIRON) -#ifdef TELOPTS -char *telopts[NTELOPTS+1] = { - "BINARY", "ECHO", "RCP", "SUPPRESS GO AHEAD", "NAME", - "STATUS", "TIMING MARK", "RCTE", "NAOL", "NAOP", - "NAOCRD", "NAOHTS", "NAOHTD", "NAOFFD", "NAOVTS", - "NAOVTD", "NAOLFD", "EXTEND ASCII", "LOGOUT", "BYTE MACRO", - "DATA ENTRY TERMINAL", "SUPDUP", "SUPDUP OUTPUT", - "SEND LOCATION", "TERMINAL TYPE", "END OF RECORD", - "TACACS UID", "OUTPUT MARKING", "TTYLOC", - "3270 REGIME", "X.3 PAD", "NAWS", "TSPEED", "LFLOW", - "LINEMODE", "XDISPLOC", "OLD-ENVIRON", "AUTHENTICATION", - "ENCRYPT", "NEW-ENVIRON", - 0, -}; -#define TELOPT_FIRST TELOPT_BINARY -#define TELOPT_LAST TELOPT_NEW_ENVIRON -#define TELOPT_OK(x) ((unsigned int)(x) <= TELOPT_LAST) -#define TELOPT(x) telopts[(x)-TELOPT_FIRST] -#endif - -/* sub-option qualifiers */ -#define TELQUAL_IS 0 /* option is... */ -#define TELQUAL_SEND 1 /* send option */ -#define TELQUAL_INFO 2 /* ENVIRON: informational version of IS */ -#define TELQUAL_REPLY 2 /* AUTHENTICATION: client version of IS */ -#define TELQUAL_NAME 3 /* AUTHENTICATION: client version of IS */ - -#define LFLOW_OFF 0 /* Disable remote flow control */ -#define LFLOW_ON 1 /* Enable remote flow control */ -#define LFLOW_RESTART_ANY 2 /* Restart output on any char */ -#define LFLOW_RESTART_XON 3 /* Restart output only on XON */ - -/* - * LINEMODE suboptions - */ - -#define LM_MODE 1 -#define LM_FORWARDMASK 2 -#define LM_SLC 3 - -#define MODE_EDIT 0x01 -#define MODE_TRAPSIG 0x02 -#define MODE_ACK 0x04 -#define MODE_SOFT_TAB 0x08 -#define MODE_LIT_ECHO 0x10 - -#define MODE_MASK 0x1f - -/* Not part of protocol, but needed to simplify things... */ -#define MODE_FLOW 0x0100 -#define MODE_ECHO 0x0200 -#define MODE_INBIN 0x0400 -#define MODE_OUTBIN 0x0800 -#define MODE_FORCE 0x1000 - -#define SLC_SYNCH 1 -#define SLC_BRK 2 -#define SLC_IP 3 -#define SLC_AO 4 -#define SLC_AYT 5 -#define SLC_EOR 6 -#define SLC_ABORT 7 -#define SLC_EOF 8 -#define SLC_SUSP 9 -#define SLC_EC 10 -#define SLC_EL 11 -#define SLC_EW 12 -#define SLC_RP 13 -#define SLC_LNEXT 14 -#define SLC_XON 15 -#define SLC_XOFF 16 -#define SLC_FORW1 17 -#define SLC_FORW2 18 - -#define NSLC 18 - -/* - * For backwards compatability, we define SLC_NAMES to be the - * list of names if SLC_NAMES is not defined. - */ -#define SLC_NAMELIST "0", "SYNCH", "BRK", "IP", "AO", "AYT", "EOR", \ - "ABORT", "EOF", "SUSP", "EC", "EL", "EW", "RP", \ - "LNEXT", "XON", "XOFF", "FORW1", "FORW2", 0, -#ifdef SLC_NAMES -char *slc_names[] = { - SLC_NAMELIST -}; -#else -extern char *slc_names[]; -#define SLC_NAMES SLC_NAMELIST -#endif - -#define SLC_NAME_OK(x) ((unsigned int)(x) <= NSLC) -#define SLC_NAME(x) slc_names[x] - -#define SLC_NOSUPPORT 0 -#define SLC_CANTCHANGE 1 -#define SLC_VARIABLE 2 -#define SLC_DEFAULT 3 -#define SLC_LEVELBITS 0x03 - -#define SLC_FUNC 0 -#define SLC_FLAGS 1 -#define SLC_VALUE 2 - -#define SLC_ACK 0x80 -#define SLC_FLUSHIN 0x40 -#define SLC_FLUSHOUT 0x20 - -#define OLD_ENV_VAR 1 -#define OLD_ENV_VALUE 0 -#define NEW_ENV_VAR 0 -#define NEW_ENV_VALUE 1 -#define ENV_ESC 2 -#define ENV_USERVAR 3 - -/* - * AUTHENTICATION suboptions - */ - -/* - * Who is authenticating who ... - */ -#define AUTH_WHO_CLIENT 0 /* Client authenticating server */ -#define AUTH_WHO_SERVER 1 /* Server authenticating client */ -#define AUTH_WHO_MASK 1 - -/* - * amount of authentication done - */ -#define AUTH_HOW_ONE_WAY 0 -#define AUTH_HOW_MUTUAL 2 -#define AUTH_HOW_MASK 2 - -#define AUTHTYPE_NULL 0 -#define AUTHTYPE_KERBEROS_V4 1 -#define AUTHTYPE_KERBEROS_V5 2 -#define AUTHTYPE_SPX 3 -#define AUTHTYPE_MINK 4 -#define AUTHTYPE_SRA 5 -#define AUTHTYPE_CNT 6 -/* #define AUTHTYPE_UNSECURE 6 */ - -#define AUTHTYPE_TEST 99 - -#ifdef AUTH_NAMES -char *authtype_names[] = { - "NULL", "KERBEROS_V4", "KERBEROS_V5", "SPX", "MINK", - "SRA", 0, -}; -#else -extern char *authtype_names[]; -#endif - -#define AUTHTYPE_NAME_OK(x) ((unsigned int)(x) < AUTHTYPE_CNT) -#define AUTHTYPE_NAME(x) authtype_names[x] - -/* - * ENCRYPTion suboptions - */ -#define ENCRYPT_IS 0 /* I pick encryption type ... */ -#define ENCRYPT_SUPPORT 1 /* I support encryption types ... */ -#define ENCRYPT_REPLY 2 /* Initial setup response */ -#define ENCRYPT_START 3 /* Am starting to send encrypted */ -#define ENCRYPT_END 4 /* Am ending encrypted */ -#define ENCRYPT_REQSTART 5 /* Request you start encrypting */ -#define ENCRYPT_REQEND 6 /* Request you send encrypting */ -#define ENCRYPT_ENC_KEYID 7 -#define ENCRYPT_DEC_KEYID 8 -#define ENCRYPT_CNT 9 - -#define ENCTYPE_ANY 0 -#define ENCTYPE_DES_CFB64 1 -#define ENCTYPE_DES_OFB64 2 -#define ENCTYPE_CNT 3 - -#ifdef ENCRYPT_NAMES -char *encrypt_names[] = { - "IS", "SUPPORT", "REPLY", "START", "END", - "REQUEST-START", "REQUEST-END", "ENC-KEYID", "DEC-KEYID", - 0, -}; -char *enctype_names[] = { - "ANY", "DES_CFB64", "DES_OFB64", 0, -}; -#else -extern char *encrypt_names[]; -extern char *enctype_names[]; -#endif - - -#define ENCRYPT_NAME_OK(x) ((unsigned int)(x) < ENCRYPT_CNT) -#define ENCRYPT_NAME(x) encrypt_names[x] - -#define ENCTYPE_NAME_OK(x) ((unsigned int)(x) < ENCTYPE_CNT) -#define ENCTYPE_NAME(x) enctype_names[x] - -#endif /* !_TELNET_H_ */ diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/Makefile.am b/crypto/kerberosIV/appl/telnet/libtelnet/Makefile.am deleted file mode 100644 index 8806f88fab00..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/Makefile.am +++ /dev/null @@ -1,24 +0,0 @@ -# $Id: Makefile.am,v 1.8 1999/03/20 13:58:15 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += -I$(srcdir)/.. $(INCLUDE_krb4) - -noinst_LIBRARIES = libtelnet.a - -libtelnet_a_SOURCES = \ - auth-proto.h \ - auth.c \ - auth.h \ - enc-proto.h \ - enc_des.c \ - encrypt.c \ - encrypt.h \ - genget.c \ - kerberos.c \ - kerberos5.c \ - misc-proto.h \ - misc.c \ - misc.h - -EXTRA_DIST = krb4encpwd.c rsaencpwd.c spx.c diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/Makefile.in b/crypto/kerberosIV/appl/telnet/libtelnet/Makefile.in deleted file mode 100644 index b8ca629d48fd..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/Makefile.in +++ /dev/null @@ -1,54 +0,0 @@ -# $Id: Makefile.in,v 1.28 1999/03/11 13:50:00 joda Exp $ - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LIBNAME = $(LIBPREFIX)telnet -LIBEXT = a -LIBPREFIX = @LIBPREFIX@ -LIB = $(LIBNAME).$(LIBEXT) - -prefix = @prefix@ - -SOURCES=auth.c encrypt.c genget.c enc_des.c misc.c kerberos.c kerberos5.c - -OBJECTS=auth.o encrypt.o genget.o enc_des.o misc.o kerberos.o kerberos5.o - -all: $(LIB) - -libtop = @libtop@ - -.c.o: - $(CC) -c $(DEFS) -I../../../include -I$(srcdir)/.. $(CFLAGS) $(CPPFLAGS) $< - -$(LIB): $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -install: - @true - -uninstall: - @true - -TAGS: $(SOURCES) - etags $(SOURCES) - -clean cleandir: - rm -f *.o *.a \#* *~ core - -distclean: clean - rm -f Makefile *~ - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/auth-proto.h b/crypto/kerberosIV/appl/telnet/libtelnet/auth-proto.h deleted file mode 100644 index bcc4c648a710..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/auth-proto.h +++ /dev/null @@ -1,122 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)auth-proto.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: auth-proto.h,v 1.9 1998/06/09 19:24:40 joda Exp $ */ - -#ifdef AUTHENTICATION -Authenticator *findauthenticator (int, int); - -int auth_wait (char *, size_t); -void auth_disable_name (char *); -void auth_finished (Authenticator *, int); -void auth_gen_printsub (unsigned char *, int, unsigned char *, int); -void auth_init (char *, int); -void auth_is (unsigned char *, int); -void auth_name(unsigned char*, int); -void auth_reply (unsigned char *, int); -void auth_request (void); -void auth_send (unsigned char *, int); -void auth_send_retry (void); -void auth_printsub(unsigned char*, int, unsigned char*, int); -int getauthmask(char *type, int *maskp); -int auth_enable(char *type); -int auth_disable(char *type); -int auth_onoff(char *type, int on); -int auth_togdebug(int on); -int auth_status(void); -int auth_sendname(unsigned char *cp, int len); -void auth_debug(int mode); -void auth_gen_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen); - -#ifdef UNSAFE -int unsafe_init (Authenticator *, int); -int unsafe_send (Authenticator *); -void unsafe_is (Authenticator *, unsigned char *, int); -void unsafe_reply (Authenticator *, unsigned char *, int); -int unsafe_status (Authenticator *, char *, int); -void unsafe_printsub (unsigned char *, int, unsigned char *, int); -#endif - -#ifdef SRA -int sra_init (Authenticator *, int); -int sra_send (Authenticator *); -void sra_is (Authenticator *, unsigned char *, int); -void sra_reply (Authenticator *, unsigned char *, int); -int sra_status (Authenticator *, char *, int); -void sra_printsub (unsigned char *, int, unsigned char *, int); -#endif - -#ifdef KRB4 -int kerberos4_init (Authenticator *, int); -int kerberos4_send_mutual (Authenticator *); -int kerberos4_send_oneway (Authenticator *); -void kerberos4_is (Authenticator *, unsigned char *, int); -void kerberos4_reply (Authenticator *, unsigned char *, int); -int kerberos4_status (Authenticator *, char *, size_t, int); -void kerberos4_printsub (unsigned char *, int, unsigned char *, int); -int kerberos4_forward(Authenticator *ap, void *); -#endif - -#ifdef KRB5 -int kerberos5_init (Authenticator *, int); -int kerberos5_send_mutual (Authenticator *); -int kerberos5_send_oneway (Authenticator *); -void kerberos5_is (Authenticator *, unsigned char *, int); -void kerberos5_reply (Authenticator *, unsigned char *, int); -int kerberos5_status (Authenticator *, char *, size_t, int); -void kerberos5_printsub (unsigned char *, int, unsigned char *, int); -#endif -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/auth.c b/crypto/kerberosIV/appl/telnet/libtelnet/auth.c deleted file mode 100644 index 31d3ede87144..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/auth.c +++ /dev/null @@ -1,657 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include - -RCSID("$Id: auth.c,v 1.22 1999/03/11 13:48:52 joda Exp $"); - -#if defined(AUTHENTICATION) -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#include -#define AUTH_NAMES -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include - -#include - -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc-proto.h" -#include "auth-proto.h" - -#define typemask(x) (1<<((x)-1)) - -#ifdef KRB4_ENCPWD -extern krb4encpwd_init(); -extern krb4encpwd_send(); -extern krb4encpwd_is(); -extern krb4encpwd_reply(); -extern krb4encpwd_status(); -extern krb4encpwd_printsub(); -#endif - -#ifdef RSA_ENCPWD -extern rsaencpwd_init(); -extern rsaencpwd_send(); -extern rsaencpwd_is(); -extern rsaencpwd_reply(); -extern rsaencpwd_status(); -extern rsaencpwd_printsub(); -#endif - -int auth_debug_mode = 0; -static char *Name = "Noname"; -static int Server = 0; -static Authenticator *authenticated = 0; -static int authenticating = 0; -static int validuser = 0; -static unsigned char _auth_send_data[256]; -static unsigned char *auth_send_data; -static int auth_send_cnt = 0; - -/* - * Authentication types supported. Plese note that these are stored - * in priority order, i.e. try the first one first. - */ -Authenticator authenticators[] = { -#ifdef UNSAFE - { AUTHTYPE_UNSAFE, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - unsafe_init, - unsafe_send, - unsafe_is, - unsafe_reply, - unsafe_status, - unsafe_printsub }, -#endif -#ifdef SRA - { AUTHTYPE_SRA, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - sra_init, - sra_send, - sra_is, - sra_reply, - sra_status, - sra_printsub }, -#endif -#ifdef SPX - { AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - spx_init, - spx_send, - spx_is, - spx_reply, - spx_status, - spx_printsub }, - { AUTHTYPE_SPX, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - spx_init, - spx_send, - spx_is, - spx_reply, - spx_status, - spx_printsub }, -#endif -#ifdef KRB5 - { AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - kerberos5_init, - kerberos5_send_mutual, - kerberos5_is, - kerberos5_reply, - kerberos5_status, - kerberos5_printsub }, - { AUTHTYPE_KERBEROS_V5, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - kerberos5_init, - kerberos5_send_oneway, - kerberos5_is, - kerberos5_reply, - kerberos5_status, - kerberos5_printsub }, -#endif -#ifdef KRB4 - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - kerberos4_init, - kerberos4_send_mutual, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, - { AUTHTYPE_KERBEROS_V4, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - kerberos4_init, - kerberos4_send_oneway, - kerberos4_is, - kerberos4_reply, - kerberos4_status, - kerberos4_printsub }, -#endif -#ifdef KRB4_ENCPWD - { AUTHTYPE_KRB4_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_MUTUAL, - krb4encpwd_init, - krb4encpwd_send, - krb4encpwd_is, - krb4encpwd_reply, - krb4encpwd_status, - krb4encpwd_printsub }, -#endif -#ifdef RSA_ENCPWD - { AUTHTYPE_RSA_ENCPWD, AUTH_WHO_CLIENT|AUTH_HOW_ONE_WAY, - rsaencpwd_init, - rsaencpwd_send, - rsaencpwd_is, - rsaencpwd_reply, - rsaencpwd_status, - rsaencpwd_printsub }, -#endif - { 0, }, -}; - -static Authenticator NoAuth = { 0 }; - -static int i_support = 0; -static int i_wont_support = 0; - -Authenticator * -findauthenticator(int type, int way) -{ - Authenticator *ap = authenticators; - - while (ap->type && (ap->type != type || ap->way != way)) - ++ap; - return(ap->type ? ap : 0); -} - -void -auth_init(char *name, int server) -{ - Authenticator *ap = authenticators; - - Server = server; - Name = name; - - i_support = 0; - authenticated = 0; - authenticating = 0; - while (ap->type) { - if (!ap->init || (*ap->init)(ap, server)) { - i_support |= typemask(ap->type); - if (auth_debug_mode) - printf(">>>%s: I support auth type %d %d\r\n", - Name, - ap->type, ap->way); - } - else if (auth_debug_mode) - printf(">>>%s: Init failed: auth type %d %d\r\n", - Name, ap->type, ap->way); - ++ap; - } -} - -void -auth_disable_name(char *name) -{ - int x; - for (x = 0; x < AUTHTYPE_CNT; ++x) { - if (!strcasecmp(name, AUTHTYPE_NAME(x))) { - i_wont_support |= typemask(x); - break; - } - } -} - -int -getauthmask(char *type, int *maskp) -{ - int x; - - if (!strcasecmp(type, AUTHTYPE_NAME(0))) { - *maskp = -1; - return(1); - } - - for (x = 1; x < AUTHTYPE_CNT; ++x) { - if (!strcasecmp(type, AUTHTYPE_NAME(x))) { - *maskp = typemask(x); - return(1); - } - } - return(0); -} - -int -auth_enable(char *type) -{ - return(auth_onoff(type, 1)); -} - -int -auth_disable(char *type) -{ - return(auth_onoff(type, 0)); -} - -int -auth_onoff(char *type, int on) -{ - int i, mask = -1; - Authenticator *ap; - - if (!strcasecmp(type, "?") || !strcasecmp(type, "help")) { - printf("auth %s 'type'\n", on ? "enable" : "disable"); - printf("Where 'type' is one of:\n"); - printf("\t%s\n", AUTHTYPE_NAME(0)); - mask = 0; - for (ap = authenticators; ap->type; ap++) { - if ((mask & (i = typemask(ap->type))) != 0) - continue; - mask |= i; - printf("\t%s\n", AUTHTYPE_NAME(ap->type)); - } - return(0); - } - - if (!getauthmask(type, &mask)) { - printf("%s: invalid authentication type\n", type); - return(0); - } - if (on) - i_wont_support &= ~mask; - else - i_wont_support |= mask; - return(1); -} - -int -auth_togdebug(int on) -{ - if (on < 0) - auth_debug_mode ^= 1; - else - auth_debug_mode = on; - printf("auth debugging %s\n", auth_debug_mode ? "enabled" : "disabled"); - return(1); -} - -int -auth_status(void) -{ - Authenticator *ap; - int i, mask; - - if (i_wont_support == -1) - printf("Authentication disabled\n"); - else - printf("Authentication enabled\n"); - - mask = 0; - for (ap = authenticators; ap->type; ap++) { - if ((mask & (i = typemask(ap->type))) != 0) - continue; - mask |= i; - printf("%s: %s\n", AUTHTYPE_NAME(ap->type), - (i_wont_support & typemask(ap->type)) ? - "disabled" : "enabled"); - } - return(1); -} - -/* - * This routine is called by the server to start authentication - * negotiation. - */ -void -auth_request(void) -{ - static unsigned char str_request[64] = { IAC, SB, - TELOPT_AUTHENTICATION, - TELQUAL_SEND, }; - Authenticator *ap = authenticators; - unsigned char *e = str_request + 4; - - if (!authenticating) { - authenticating = 1; - while (ap->type) { - if (i_support & ~i_wont_support & typemask(ap->type)) { - if (auth_debug_mode) { - printf(">>>%s: Sending type %d %d\r\n", - Name, ap->type, ap->way); - } - *e++ = ap->type; - *e++ = ap->way; - } - ++ap; - } - *e++ = IAC; - *e++ = SE; - telnet_net_write(str_request, e - str_request); - printsub('>', &str_request[2], e - str_request - 2); - } -} - -/* - * This is called when an AUTH SEND is received. - * It should never arrive on the server side (as only the server can - * send an AUTH SEND). - * You should probably respond to it if you can... - * - * If you want to respond to the types out of order (i.e. even - * if he sends LOGIN KERBEROS and you support both, you respond - * with KERBEROS instead of LOGIN (which is against what the - * protocol says)) you will have to hack this code... - */ -void -auth_send(unsigned char *data, int cnt) -{ - Authenticator *ap; - static unsigned char str_none[] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_IS, AUTHTYPE_NULL, 0, - IAC, SE }; - if (Server) { - if (auth_debug_mode) { - printf(">>>%s: auth_send called!\r\n", Name); - } - return; - } - - if (auth_debug_mode) { - printf(">>>%s: auth_send got:", Name); - printd(data, cnt); printf("\r\n"); - } - - /* - * Save the data, if it is new, so that we can continue looking - * at it if the authorization we try doesn't work - */ - if (data < _auth_send_data || - data > _auth_send_data + sizeof(_auth_send_data)) { - auth_send_cnt = cnt > sizeof(_auth_send_data) - ? sizeof(_auth_send_data) - : cnt; - memmove(_auth_send_data, data, auth_send_cnt); - auth_send_data = _auth_send_data; - } else { - /* - * This is probably a no-op, but we just make sure - */ - auth_send_data = data; - auth_send_cnt = cnt; - } - while ((auth_send_cnt -= 2) >= 0) { - if (auth_debug_mode) - printf(">>>%s: He supports %d\r\n", - Name, *auth_send_data); - if ((i_support & ~i_wont_support) & typemask(*auth_send_data)) { - ap = findauthenticator(auth_send_data[0], - auth_send_data[1]); - if (ap && ap->send) { - if (auth_debug_mode) - printf(">>>%s: Trying %d %d\r\n", - Name, auth_send_data[0], - auth_send_data[1]); - if ((*ap->send)(ap)) { - /* - * Okay, we found one we like - * and did it. - * we can go home now. - */ - if (auth_debug_mode) - printf(">>>%s: Using type %d\r\n", - Name, *auth_send_data); - auth_send_data += 2; - return; - } - } - /* else - * just continue on and look for the - * next one if we didn't do anything. - */ - } - auth_send_data += 2; - } - telnet_net_write(str_none, sizeof(str_none)); - printsub('>', &str_none[2], sizeof(str_none) - 2); - if (auth_debug_mode) - printf(">>>%s: Sent failure message\r\n", Name); - auth_finished(0, AUTH_REJECT); -#ifdef KANNAN - /* - * We requested strong authentication, however no mechanisms worked. - * Therefore, exit on client end. - */ - printf("Unable to securely authenticate user ... exit\n"); - exit(0); -#endif /* KANNAN */ -} - -void -auth_send_retry(void) -{ - /* - * if auth_send_cnt <= 0 then auth_send will end up rejecting - * the authentication and informing the other side of this. - */ - auth_send(auth_send_data, auth_send_cnt); -} - -void -auth_is(unsigned char *data, int cnt) -{ - Authenticator *ap; - - if (cnt < 2) - return; - - if (data[0] == AUTHTYPE_NULL) { - auth_finished(0, AUTH_REJECT); - return; - } - - if ((ap = findauthenticator(data[0], data[1]))) { - if (ap->is) - (*ap->is)(ap, data+2, cnt-2); - } else if (auth_debug_mode) - printf(">>>%s: Invalid authentication in IS: %d\r\n", - Name, *data); -} - -void -auth_reply(unsigned char *data, int cnt) -{ - Authenticator *ap; - - if (cnt < 2) - return; - - if ((ap = findauthenticator(data[0], data[1]))) { - if (ap->reply) - (*ap->reply)(ap, data+2, cnt-2); - } else if (auth_debug_mode) - printf(">>>%s: Invalid authentication in SEND: %d\r\n", - Name, *data); -} - -void -auth_name(unsigned char *data, int cnt) -{ - char savename[256]; - - if (cnt < 1) { - if (auth_debug_mode) - printf(">>>%s: Empty name in NAME\r\n", Name); - return; - } - if (cnt > sizeof(savename) - 1) { - if (auth_debug_mode) - printf(">>>%s: Name in NAME (%d) exceeds %lu length\r\n", - Name, cnt, (unsigned long)(sizeof(savename)-1)); - return; - } - memmove(savename, data, cnt); - savename[cnt] = '\0'; /* Null terminate */ - if (auth_debug_mode) - printf(">>>%s: Got NAME [%s]\r\n", Name, savename); - auth_encrypt_user(savename); -} - -int -auth_sendname(unsigned char *cp, int len) -{ - static unsigned char str_request[256+6] - = { IAC, SB, TELOPT_AUTHENTICATION, TELQUAL_NAME, }; - unsigned char *e = str_request + 4; - unsigned char *ee = &str_request[sizeof(str_request)-2]; - - while (--len >= 0) { - if ((*e++ = *cp++) == IAC) - *e++ = IAC; - if (e >= ee) - return(0); - } - *e++ = IAC; - *e++ = SE; - telnet_net_write(str_request, e - str_request); - printsub('>', &str_request[2], e - &str_request[2]); - return(1); -} - -void -auth_finished(Authenticator *ap, int result) -{ - if (!(authenticated = ap)) - authenticated = &NoAuth; - validuser = result; -} - -/* ARGSUSED */ -static void -auth_intr(int sig) -{ - auth_finished(0, AUTH_REJECT); -} - -int -auth_wait(char *name, size_t name_sz) -{ - if (auth_debug_mode) - printf(">>>%s: in auth_wait.\r\n", Name); - - if (Server && !authenticating) - return(0); - - signal(SIGALRM, auth_intr); - alarm(30); - while (!authenticated) - if (telnet_spin()) - break; - alarm(0); - signal(SIGALRM, SIG_DFL); - - /* - * Now check to see if the user is valid or not - */ - if (!authenticated || authenticated == &NoAuth) - return(AUTH_REJECT); - - if (validuser == AUTH_VALID) - validuser = AUTH_USER; - - if (authenticated->status) - validuser = (*authenticated->status)(authenticated, - name, name_sz, - validuser); - return(validuser); -} - -void -auth_debug(int mode) -{ - auth_debug_mode = mode; -} - -void -auth_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - Authenticator *ap; - - if ((ap = findauthenticator(data[1], data[2])) && ap->printsub) - (*ap->printsub)(data, cnt, buf, buflen); - else - auth_gen_printsub(data, cnt, buf, buflen); -} - -void -auth_gen_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - unsigned char *cp; - unsigned char tbuf[16]; - - cnt -= 3; - data += 3; - buf[buflen-1] = '\0'; - buf[buflen-2] = '*'; - buflen -= 2; - for (; cnt > 0; cnt--, data++) { - snprintf(tbuf, sizeof(tbuf), " %d", *data); - for (cp = tbuf; *cp && buflen > 0; --buflen) - *buf++ = *cp++; - if (buflen <= 0) - return; - } - *buf = '\0'; -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/auth.h b/crypto/kerberosIV/appl/telnet/libtelnet/auth.h deleted file mode 100644 index 83dd701c0a6f..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/auth.h +++ /dev/null @@ -1,81 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)auth.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: auth.h,v 1.4 1998/06/09 19:24:41 joda Exp $ */ - -#ifndef __AUTH__ -#define __AUTH__ - -#define AUTH_REJECT 0 /* Rejected */ -#define AUTH_UNKNOWN 1 /* We don't know who he is, but he's okay */ -#define AUTH_OTHER 2 /* We know him, but not his name */ -#define AUTH_USER 3 /* We know he name */ -#define AUTH_VALID 4 /* We know him, and he needs no password */ - -typedef struct XauthP { - int type; - int way; - int (*init) (struct XauthP *, int); - int (*send) (struct XauthP *); - void (*is) (struct XauthP *, unsigned char *, int); - void (*reply) (struct XauthP *, unsigned char *, int); - int (*status) (struct XauthP *, char *, size_t, int); - void (*printsub) (unsigned char *, int, unsigned char *, int); -} Authenticator; - -#include "auth-proto.h" - -extern int auth_debug_mode; -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/enc-proto.h b/crypto/kerberosIV/appl/telnet/libtelnet/enc-proto.h deleted file mode 100644 index cb0077d1b083..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/enc-proto.h +++ /dev/null @@ -1,132 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)enc-proto.h 8.1 (Berkeley) 6/4/93 - * - * @(#)enc-proto.h 5.2 (Berkeley) 3/22/91 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: enc-proto.h,v 1.9 1998/07/09 23:16:22 assar Exp $ */ - -#if defined(ENCRYPTION) -Encryptions *findencryption (int); -Encryptions *finddecryption(int); -int EncryptAutoDec(int); -int EncryptAutoEnc(int); -int EncryptDebug(int); -int EncryptDisable(char*, char*); -int EncryptEnable(char*, char*); -int EncryptStart(char*); -int EncryptStartInput(void); -int EncryptStartOutput(void); -int EncryptStatus(void); -int EncryptStop(char*); -int EncryptStopInput(void); -int EncryptStopOutput(void); -int EncryptType(char*, char*); -int EncryptVerbose(int); -void decrypt_auto(int); -void encrypt_auto(int); -void encrypt_debug(int); -void encrypt_dec_keyid(unsigned char*, int); -void encrypt_display(void); -void encrypt_enc_keyid(unsigned char*, int); -void encrypt_end(void); -void encrypt_gen_printsub(unsigned char*, int, unsigned char*, int); -void encrypt_init(char*, int); -void encrypt_is(unsigned char*, int); -void encrypt_list_types(void); -void encrypt_not(void); -void encrypt_printsub(unsigned char*, int, unsigned char*, int); -void encrypt_reply(unsigned char*, int); -void encrypt_request_end(void); -void encrypt_request_start(unsigned char*, int); -void encrypt_send_end(void); -void encrypt_send_keyid(int, unsigned char*, int, int); -void encrypt_send_request_end(void); -void encrypt_send_request_start(void); -void encrypt_send_support(void); -void encrypt_session_key(Session_Key*, int); -void encrypt_start(unsigned char*, int); -void encrypt_start_output(int); -void encrypt_support(unsigned char*, int); -void encrypt_verbose_quiet(int); -void encrypt_wait(void); -int encrypt_delay(void); - -#ifdef TELENTD -void encrypt_wait (void); -#else -void encrypt_display (void); -#endif - -void cfb64_encrypt (unsigned char *, int); -int cfb64_decrypt (int); -void cfb64_init (int); -int cfb64_start (int, int); -int cfb64_is (unsigned char *, int); -int cfb64_reply (unsigned char *, int); -void cfb64_session (Session_Key *, int); -int cfb64_keyid (int, unsigned char *, int *); -void cfb64_printsub (unsigned char *, int, unsigned char *, int); - -void ofb64_encrypt (unsigned char *, int); -int ofb64_decrypt (int); -void ofb64_init (int); -int ofb64_start (int, int); -int ofb64_is (unsigned char *, int); -int ofb64_reply (unsigned char *, int); -void ofb64_session (Session_Key *, int); -int ofb64_keyid (int, unsigned char *, int *); -void ofb64_printsub (unsigned char *, int, unsigned char *, int); - -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/enc_des.c b/crypto/kerberosIV/appl/telnet/libtelnet/enc_des.c deleted file mode 100644 index 7bda5af9f867..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/enc_des.c +++ /dev/null @@ -1,673 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include - -RCSID("$Id: enc_des.c,v 1.16 1998/07/09 23:16:23 assar Exp $"); - -#if defined(AUTHENTICATION) && defined(ENCRYPTION) && defined(DES_ENCRYPTION) -#include -#include -#ifdef __STDC__ -#include -#include -#endif -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "misc-proto.h" - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include - -extern int encrypt_debug_mode; - -#define CFB 0 -#define OFB 1 - -#define NO_SEND_IV 1 -#define NO_RECV_IV 2 -#define NO_KEYID 4 -#define IN_PROGRESS (NO_SEND_IV|NO_RECV_IV|NO_KEYID) -#define SUCCESS 0 -#define FAILED -1 - - -struct stinfo { - des_cblock str_output; - des_cblock str_feed; - des_cblock str_iv; - des_cblock str_ikey; - des_key_schedule str_sched; - int str_index; - int str_flagshift; -}; - -struct fb { - des_cblock krbdes_key; - des_key_schedule krbdes_sched; - des_cblock temp_feed; - unsigned char fb_feed[64]; - int need_start; - int state[2]; - int keyid[2]; - int once; - struct stinfo streams[2]; -}; - -static struct fb fb[2]; - -struct keyidlist { - char *keyid; - int keyidlen; - char *key; - int keylen; - int flags; -} keyidlist [] = { - { "\0", 1, 0, 0, 0 }, /* default key of zero */ - { 0, 0, 0, 0, 0 } -}; - -#define KEYFLAG_MASK 03 - -#define KEYFLAG_NOINIT 00 -#define KEYFLAG_INIT 01 -#define KEYFLAG_OK 02 -#define KEYFLAG_BAD 03 - -#define KEYFLAG_SHIFT 2 - -#define SHIFT_VAL(a,b) (KEYFLAG_SHIFT*((a)+((b)*2))) - -#define FB64_IV 1 -#define FB64_IV_OK 2 -#define FB64_IV_BAD 3 - - -void fb64_stream_iv (des_cblock, struct stinfo *); -void fb64_init (struct fb *); -static int fb64_start (struct fb *, int, int); -int fb64_is (unsigned char *, int, struct fb *); -int fb64_reply (unsigned char *, int, struct fb *); -static void fb64_session (Session_Key *, int, struct fb *); -void fb64_stream_key (des_cblock, struct stinfo *); -int fb64_keyid (int, unsigned char *, int *, struct fb *); - -void cfb64_init(int server) -{ - fb64_init(&fb[CFB]); - fb[CFB].fb_feed[4] = ENCTYPE_DES_CFB64; - fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, CFB); - fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, CFB); -} - - -void ofb64_init(int server) -{ - fb64_init(&fb[OFB]); - fb[OFB].fb_feed[4] = ENCTYPE_DES_OFB64; - fb[CFB].streams[0].str_flagshift = SHIFT_VAL(0, OFB); - fb[CFB].streams[1].str_flagshift = SHIFT_VAL(1, OFB); -} - -void fb64_init(struct fb *fbp) -{ - memset(fbp,0, sizeof(*fbp)); - fbp->state[0] = fbp->state[1] = FAILED; - fbp->fb_feed[0] = IAC; - fbp->fb_feed[1] = SB; - fbp->fb_feed[2] = TELOPT_ENCRYPT; - fbp->fb_feed[3] = ENCRYPT_IS; -} - -/* - * Returns: - * -1: some error. Negotiation is done, encryption not ready. - * 0: Successful, initial negotiation all done. - * 1: successful, negotiation not done yet. - * 2: Not yet. Other things (like getting the key from - * Kerberos) have to happen before we can continue. - */ -int cfb64_start(int dir, int server) -{ - return(fb64_start(&fb[CFB], dir, server)); -} - -int ofb64_start(int dir, int server) -{ - return(fb64_start(&fb[OFB], dir, server)); -} - -static int fb64_start(struct fb *fbp, int dir, int server) -{ - int x; - unsigned char *p; - int state; - - switch (dir) { - case DIR_DECRYPT: - /* - * This is simply a request to have the other side - * start output (our input). He will negotiate an - * IV so we need not look for it. - */ - state = fbp->state[dir-1]; - if (state == FAILED) - state = IN_PROGRESS; - break; - - case DIR_ENCRYPT: - state = fbp->state[dir-1]; - if (state == FAILED) - state = IN_PROGRESS; - else if ((state & NO_SEND_IV) == 0) { - break; - } - - if (!VALIDKEY(fbp->krbdes_key)) { - fbp->need_start = 1; - break; - } - - state &= ~NO_SEND_IV; - state |= NO_RECV_IV; - if (encrypt_debug_mode) - printf("Creating new feed\r\n"); - /* - * Create a random feed and send it over. - */ -#ifndef OLD_DES_RANDOM_KEY - des_new_random_key(&fbp->temp_feed); -#else - /* - * From des_cryp.man "If the des_check_key flag is non-zero, - * des_set_key will check that the key passed is - * of odd parity and is not a week or semi-weak key." - */ - do { - des_random_key(fbp->temp_feed); - des_set_odd_parity(fbp->temp_feed); - } while (des_is_weak_key(fbp->temp_feed)); -#endif - des_ecb_encrypt(&fbp->temp_feed, - &fbp->temp_feed, - fbp->krbdes_sched, 1); - p = fbp->fb_feed + 3; - *p++ = ENCRYPT_IS; - p++; - *p++ = FB64_IV; - for (x = 0; x < sizeof(des_cblock); ++x) { - if ((*p++ = fbp->temp_feed[x]) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); - break; - default: - return(FAILED); - } - return(fbp->state[dir-1] = state); -} - -/* - * Returns: - * -1: some error. Negotiation is done, encryption not ready. - * 0: Successful, initial negotiation all done. - * 1: successful, negotiation not done yet. - */ - -int cfb64_is(unsigned char *data, int cnt) -{ - return(fb64_is(data, cnt, &fb[CFB])); -} - -int ofb64_is(unsigned char *data, int cnt) -{ - return(fb64_is(data, cnt, &fb[OFB])); -} - - -int fb64_is(unsigned char *data, int cnt, struct fb *fbp) -{ - unsigned char *p; - int state = fbp->state[DIR_DECRYPT-1]; - - if (cnt-- < 1) - goto failure; - - switch (*data++) { - case FB64_IV: - if (cnt != sizeof(des_cblock)) { - if (encrypt_debug_mode) - printf("CFB64: initial vector failed on size\r\n"); - state = FAILED; - goto failure; - } - - if (encrypt_debug_mode) - printf("CFB64: initial vector received\r\n"); - - if (encrypt_debug_mode) - printf("Initializing Decrypt stream\r\n"); - - fb64_stream_iv(data, &fbp->streams[DIR_DECRYPT-1]); - - p = fbp->fb_feed + 3; - *p++ = ENCRYPT_REPLY; - p++; - *p++ = FB64_IV_OK; - *p++ = IAC; - *p++ = SE; - printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); - - state = fbp->state[DIR_DECRYPT-1] = IN_PROGRESS; - break; - - default: - if (encrypt_debug_mode) { - printf("Unknown option type: %d\r\n", *(data-1)); - printd(data, cnt); - printf("\r\n"); - } - /* FALL THROUGH */ - failure: - /* - * We failed. Send an FB64_IV_BAD option - * to the other side so it will know that - * things failed. - */ - p = fbp->fb_feed + 3; - *p++ = ENCRYPT_REPLY; - p++; - *p++ = FB64_IV_BAD; - *p++ = IAC; - *p++ = SE; - printsub('>', &fbp->fb_feed[2], p - &fbp->fb_feed[2]); - telnet_net_write(fbp->fb_feed, p - fbp->fb_feed); - - break; - } - return(fbp->state[DIR_DECRYPT-1] = state); -} - -/* - * Returns: - * -1: some error. Negotiation is done, encryption not ready. - * 0: Successful, initial negotiation all done. - * 1: successful, negotiation not done yet. - */ - -int cfb64_reply(unsigned char *data, int cnt) -{ - return(fb64_reply(data, cnt, &fb[CFB])); -} - -int ofb64_reply(unsigned char *data, int cnt) -{ - return(fb64_reply(data, cnt, &fb[OFB])); -} - - -int fb64_reply(unsigned char *data, int cnt, struct fb *fbp) -{ - int state = fbp->state[DIR_ENCRYPT-1]; - - if (cnt-- < 1) - goto failure; - - switch (*data++) { - case FB64_IV_OK: - fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]); - if (state == FAILED) - state = IN_PROGRESS; - state &= ~NO_RECV_IV; - encrypt_send_keyid(DIR_ENCRYPT, (unsigned char *)"\0", 1, 1); - break; - - case FB64_IV_BAD: - memset(fbp->temp_feed, 0, sizeof(des_cblock)); - fb64_stream_iv(fbp->temp_feed, &fbp->streams[DIR_ENCRYPT-1]); - state = FAILED; - break; - - default: - if (encrypt_debug_mode) { - printf("Unknown option type: %d\r\n", data[-1]); - printd(data, cnt); - printf("\r\n"); - } - /* FALL THROUGH */ - failure: - state = FAILED; - break; - } - return(fbp->state[DIR_ENCRYPT-1] = state); -} - -void cfb64_session(Session_Key *key, int server) -{ - fb64_session(key, server, &fb[CFB]); -} - -void ofb64_session(Session_Key *key, int server) -{ - fb64_session(key, server, &fb[OFB]); -} - -static void fb64_session(Session_Key *key, int server, struct fb *fbp) -{ - - if (!key || key->type != SK_DES) { - if (encrypt_debug_mode) - printf("Can't set krbdes's session key (%d != %d)\r\n", - key ? key->type : -1, SK_DES); - return; - } - memcpy(fbp->krbdes_key, key->data, sizeof(des_cblock)); - - fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_ENCRYPT-1]); - fb64_stream_key(fbp->krbdes_key, &fbp->streams[DIR_DECRYPT-1]); - - if (fbp->once == 0) { -#ifndef OLD_DES_RANDOM_KEY - des_init_random_number_generator(&fbp->krbdes_key); -#endif - fbp->once = 1; - } - des_key_sched(&fbp->krbdes_key, fbp->krbdes_sched); - /* - * Now look to see if krbdes_start() was was waiting for - * the key to show up. If so, go ahead an call it now - * that we have the key. - */ - if (fbp->need_start) { - fbp->need_start = 0; - fb64_start(fbp, DIR_ENCRYPT, server); - } -} - -/* - * We only accept a keyid of 0. If we get a keyid of - * 0, then mark the state as SUCCESS. - */ - -int cfb64_keyid(int dir, unsigned char *kp, int *lenp) -{ - return(fb64_keyid(dir, kp, lenp, &fb[CFB])); -} - -int ofb64_keyid(int dir, unsigned char *kp, int *lenp) -{ - return(fb64_keyid(dir, kp, lenp, &fb[OFB])); -} - -int fb64_keyid(int dir, unsigned char *kp, int *lenp, struct fb *fbp) -{ - int state = fbp->state[dir-1]; - - if (*lenp != 1 || (*kp != '\0')) { - *lenp = 0; - return(state); - } - - if (state == FAILED) - state = IN_PROGRESS; - - state &= ~NO_KEYID; - - return(fbp->state[dir-1] = state); -} - -void fb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen, char *type) -{ - char lbuf[32]; - int i; - char *cp; - - buf[buflen-1] = '\0'; /* make sure it's NULL terminated */ - buflen -= 1; - - switch(data[2]) { - case FB64_IV: - snprintf(lbuf, sizeof(lbuf), "%s_IV", type); - cp = lbuf; - goto common; - - case FB64_IV_OK: - snprintf(lbuf, sizeof(lbuf), "%s_IV_OK", type); - cp = lbuf; - goto common; - - case FB64_IV_BAD: - snprintf(lbuf, sizeof(lbuf), "%s_IV_BAD", type); - cp = lbuf; - goto common; - - default: - snprintf(lbuf, sizeof(lbuf), " %d (unknown)", data[2]); - cp = lbuf; - common: - for (; (buflen > 0) && (*buf = *cp++); buf++) - buflen--; - for (i = 3; i < cnt; i++) { - snprintf(lbuf, sizeof(lbuf), " %d", data[i]); - for (cp = lbuf; (buflen > 0) && (*buf = *cp++); buf++) - buflen--; - } - break; - } -} - -void cfb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) -{ - fb64_printsub(data, cnt, buf, buflen, "CFB64"); -} - -void ofb64_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) -{ - fb64_printsub(data, cnt, buf, buflen, "OFB64"); -} - -void fb64_stream_iv(des_cblock seed, struct stinfo *stp) -{ - - memcpy(stp->str_iv, seed,sizeof(des_cblock)); - memcpy(stp->str_output, seed, sizeof(des_cblock)); - - des_key_sched(&stp->str_ikey, stp->str_sched); - - stp->str_index = sizeof(des_cblock); -} - -void fb64_stream_key(des_cblock key, struct stinfo *stp) -{ - memcpy(stp->str_ikey, key, sizeof(des_cblock)); - des_key_sched((des_cblock*)key, stp->str_sched); - - memcpy(stp->str_output, stp->str_iv, sizeof(des_cblock)); - - stp->str_index = sizeof(des_cblock); -} - -/* - * DES 64 bit Cipher Feedback - * - * key --->+-----+ - * +->| DES |--+ - * | +-----+ | - * | v - * INPUT --(--------->(+)+---> DATA - * | | - * +-------------+ - * - * - * Given: - * iV: Initial vector, 64 bits (8 bytes) long. - * Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt). - * On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output. - * - * V0 = DES(iV, key) - * On = Dn ^ Vn - * V(n+1) = DES(On, key) - */ - -void cfb64_encrypt(unsigned char *s, int c) -{ - struct stinfo *stp = &fb[CFB].streams[DIR_ENCRYPT-1]; - int index; - - index = stp->str_index; - while (c-- > 0) { - if (index == sizeof(des_cblock)) { - des_cblock b; - des_ecb_encrypt(&stp->str_output, &b,stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(des_cblock)); - index = 0; - } - - /* On encryption, we store (feed ^ data) which is cypher */ - *s = stp->str_output[index] = (stp->str_feed[index] ^ *s); - s++; - index++; - } - stp->str_index = index; -} - -int cfb64_decrypt(int data) -{ - struct stinfo *stp = &fb[CFB].streams[DIR_DECRYPT-1]; - int index; - - if (data == -1) { - /* - * Back up one byte. It is assumed that we will - * never back up more than one byte. If we do, this - * may or may not work. - */ - if (stp->str_index) - --stp->str_index; - return(0); - } - - index = stp->str_index++; - if (index == sizeof(des_cblock)) { - des_cblock b; - des_ecb_encrypt(&stp->str_output,&b, stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(des_cblock)); - stp->str_index = 1; /* Next time will be 1 */ - index = 0; /* But now use 0 */ - } - - /* On decryption we store (data) which is cypher. */ - stp->str_output[index] = data; - return(data ^ stp->str_feed[index]); -} - -/* - * DES 64 bit Output Feedback - * - * key --->+-----+ - * +->| DES |--+ - * | +-----+ | - * +-----------+ - * v - * INPUT -------->(+) ----> DATA - * - * Given: - * iV: Initial vector, 64 bits (8 bytes) long. - * Dn: the nth chunk of 64 bits (8 bytes) of data to encrypt (decrypt). - * On: the nth chunk of 64 bits (8 bytes) of encrypted (decrypted) output. - * - * V0 = DES(iV, key) - * V(n+1) = DES(Vn, key) - * On = Dn ^ Vn - */ - -void ofb64_encrypt(unsigned char *s, int c) -{ - struct stinfo *stp = &fb[OFB].streams[DIR_ENCRYPT-1]; - int index; - - index = stp->str_index; - while (c-- > 0) { - if (index == sizeof(des_cblock)) { - des_cblock b; - des_ecb_encrypt(&stp->str_feed,&b, stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(des_cblock)); - index = 0; - } - *s++ ^= stp->str_feed[index]; - index++; - } - stp->str_index = index; -} - -int ofb64_decrypt(int data) -{ - struct stinfo *stp = &fb[OFB].streams[DIR_DECRYPT-1]; - int index; - - if (data == -1) { - /* - * Back up one byte. It is assumed that we will - * never back up more than one byte. If we do, this - * may or may not work. - */ - if (stp->str_index) - --stp->str_index; - return(0); - } - - index = stp->str_index++; - if (index == sizeof(des_cblock)) { - des_cblock b; - des_ecb_encrypt(&stp->str_feed,&b,stp->str_sched, 1); - memcpy(stp->str_feed, b, sizeof(des_cblock)); - stp->str_index = 1; /* Next time will be 1 */ - index = 0; /* But now use 0 */ - } - - return(data ^ stp->str_feed[index]); -} -#endif - diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/encrypt.c b/crypto/kerberosIV/appl/telnet/libtelnet/encrypt.c deleted file mode 100644 index 21f7a85132e5..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/encrypt.c +++ /dev/null @@ -1,995 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - - -#include - -RCSID("$Id: encrypt.c,v 1.21 1998/07/09 23:16:25 assar Exp $"); - -#if defined(ENCRYPTION) - -#define ENCRYPT_NAMES -#include - -#include "encrypt.h" -#include "misc.h" - -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif - - -/* - * These functions pointers point to the current routines - * for encrypting and decrypting data. - */ -void (*encrypt_output) (unsigned char *, int); -int (*decrypt_input) (int); -char *nclearto; - -int encrypt_debug_mode = 0; -static int decrypt_mode = 0; -static int encrypt_mode = 0; -static int encrypt_verbose = 0; -static int autoencrypt = 0; -static int autodecrypt = 0; -static int havesessionkey = 0; -static int Server = 0; -static char *Name = "Noname"; - -#define typemask(x) ((x) > 0 ? 1 << ((x)-1) : 0) - -static long i_support_encrypt = typemask(ENCTYPE_DES_CFB64) - | typemask(ENCTYPE_DES_OFB64); - static long i_support_decrypt = typemask(ENCTYPE_DES_CFB64) - | typemask(ENCTYPE_DES_OFB64); - static long i_wont_support_encrypt = 0; - static long i_wont_support_decrypt = 0; -#define I_SUPPORT_ENCRYPT (i_support_encrypt & ~i_wont_support_encrypt) -#define I_SUPPORT_DECRYPT (i_support_decrypt & ~i_wont_support_decrypt) - - static long remote_supports_encrypt = 0; - static long remote_supports_decrypt = 0; - - static Encryptions encryptions[] = { -#if defined(DES_ENCRYPTION) - { "DES_CFB64", ENCTYPE_DES_CFB64, - cfb64_encrypt, - cfb64_decrypt, - cfb64_init, - cfb64_start, - cfb64_is, - cfb64_reply, - cfb64_session, - cfb64_keyid, - cfb64_printsub }, - { "DES_OFB64", ENCTYPE_DES_OFB64, - ofb64_encrypt, - ofb64_decrypt, - ofb64_init, - ofb64_start, - ofb64_is, - ofb64_reply, - ofb64_session, - ofb64_keyid, - ofb64_printsub }, -#endif - { 0, }, - }; - -static unsigned char str_send[64] = { IAC, SB, TELOPT_ENCRYPT, - ENCRYPT_SUPPORT }; -static unsigned char str_suplen = 0; -static unsigned char str_start[72] = { IAC, SB, TELOPT_ENCRYPT }; -static unsigned char str_end[] = { IAC, SB, TELOPT_ENCRYPT, 0, IAC, SE }; - -Encryptions * -findencryption(int type) -{ - Encryptions *ep = encryptions; - - if (!(I_SUPPORT_ENCRYPT & remote_supports_decrypt & typemask(type))) - return(0); - while (ep->type && ep->type != type) - ++ep; - return(ep->type ? ep : 0); -} - -Encryptions * -finddecryption(int type) -{ - Encryptions *ep = encryptions; - - if (!(I_SUPPORT_DECRYPT & remote_supports_encrypt & typemask(type))) - return(0); - while (ep->type && ep->type != type) - ++ep; - return(ep->type ? ep : 0); -} - -#define MAXKEYLEN 64 - -static struct key_info { - unsigned char keyid[MAXKEYLEN]; - int keylen; - int dir; - int *modep; - Encryptions *(*getcrypt)(); -} ki[2] = { - { { 0 }, 0, DIR_ENCRYPT, &encrypt_mode, findencryption }, - { { 0 }, 0, DIR_DECRYPT, &decrypt_mode, finddecryption }, -}; - -void -encrypt_init(char *name, int server) -{ - Encryptions *ep = encryptions; - - Name = name; - Server = server; - i_support_encrypt = i_support_decrypt = 0; - remote_supports_encrypt = remote_supports_decrypt = 0; - encrypt_mode = 0; - decrypt_mode = 0; - encrypt_output = 0; - decrypt_input = 0; -#ifdef notdef - encrypt_verbose = !server; -#endif - - str_suplen = 4; - - while (ep->type) { - if (encrypt_debug_mode) - printf(">>>%s: I will support %s\r\n", - Name, ENCTYPE_NAME(ep->type)); - i_support_encrypt |= typemask(ep->type); - i_support_decrypt |= typemask(ep->type); - if ((i_wont_support_decrypt & typemask(ep->type)) == 0) - if ((str_send[str_suplen++] = ep->type) == IAC) - str_send[str_suplen++] = IAC; - if (ep->init) - (*ep->init)(Server); - ++ep; - } - str_send[str_suplen++] = IAC; - str_send[str_suplen++] = SE; -} - -void -encrypt_list_types(void) -{ - Encryptions *ep = encryptions; - - printf("Valid encryption types:\n"); - while (ep->type) { - printf("\t%s (%d)\r\n", ENCTYPE_NAME(ep->type), ep->type); - ++ep; - } -} - -int -EncryptEnable(char *type, char *mode) -{ - if (isprefix(type, "help") || isprefix(type, "?")) { - printf("Usage: encrypt enable [input|output]\n"); - encrypt_list_types(); - return(0); - } - if (EncryptType(type, mode)) - return(EncryptStart(mode)); - return(0); -} - -int -EncryptDisable(char *type, char *mode) -{ - Encryptions *ep; - int ret = 0; - - if (isprefix(type, "help") || isprefix(type, "?")) { - printf("Usage: encrypt disable [input|output]\n"); - encrypt_list_types(); - } else if ((ep = (Encryptions *)genget(type, (char**)encryptions, - sizeof(Encryptions))) == 0) { - printf("%s: invalid encryption type\n", type); - } else if (Ambiguous(ep)) { - printf("Ambiguous type '%s'\n", type); - } else { - if ((mode == 0) || (isprefix(mode, "input") ? 1 : 0)) { - if (decrypt_mode == ep->type) - EncryptStopInput(); - i_wont_support_decrypt |= typemask(ep->type); - ret = 1; - } - if ((mode == 0) || (isprefix(mode, "output"))) { - if (encrypt_mode == ep->type) - EncryptStopOutput(); - i_wont_support_encrypt |= typemask(ep->type); - ret = 1; - } - if (ret == 0) - printf("%s: invalid encryption mode\n", mode); - } - return(ret); -} - -int -EncryptType(char *type, char *mode) -{ - Encryptions *ep; - int ret = 0; - - if (isprefix(type, "help") || isprefix(type, "?")) { - printf("Usage: encrypt type [input|output]\n"); - encrypt_list_types(); - } else if ((ep = (Encryptions *)genget(type, (char**)encryptions, - sizeof(Encryptions))) == 0) { - printf("%s: invalid encryption type\n", type); - } else if (Ambiguous(ep)) { - printf("Ambiguous type '%s'\n", type); - } else { - if ((mode == 0) || isprefix(mode, "input")) { - decrypt_mode = ep->type; - i_wont_support_decrypt &= ~typemask(ep->type); - ret = 1; - } - if ((mode == 0) || isprefix(mode, "output")) { - encrypt_mode = ep->type; - i_wont_support_encrypt &= ~typemask(ep->type); - ret = 1; - } - if (ret == 0) - printf("%s: invalid encryption mode\n", mode); - } - return(ret); -} - -int -EncryptStart(char *mode) -{ - int ret = 0; - if (mode) { - if (isprefix(mode, "input")) - return(EncryptStartInput()); - if (isprefix(mode, "output")) - return(EncryptStartOutput()); - if (isprefix(mode, "help") || isprefix(mode, "?")) { - printf("Usage: encrypt start [input|output]\n"); - return(0); - } - printf("%s: invalid encryption mode 'encrypt start ?' for help\n", mode); - return(0); - } - ret += EncryptStartInput(); - ret += EncryptStartOutput(); - return(ret); -} - -int -EncryptStartInput(void) -{ - if (decrypt_mode) { - encrypt_send_request_start(); - return(1); - } - printf("No previous decryption mode, decryption not enabled\r\n"); - return(0); -} - -int -EncryptStartOutput(void) -{ - if (encrypt_mode) { - encrypt_start_output(encrypt_mode); - return(1); - } - printf("No previous encryption mode, encryption not enabled\r\n"); - return(0); -} - -int -EncryptStop(char *mode) -{ - int ret = 0; - if (mode) { - if (isprefix(mode, "input")) - return(EncryptStopInput()); - if (isprefix(mode, "output")) - return(EncryptStopOutput()); - if (isprefix(mode, "help") || isprefix(mode, "?")) { - printf("Usage: encrypt stop [input|output]\n"); - return(0); - } - printf("%s: invalid encryption mode 'encrypt stop ?' for help\n", mode); - return(0); - } - ret += EncryptStopInput(); - ret += EncryptStopOutput(); - return(ret); -} - -int -EncryptStopInput(void) -{ - encrypt_send_request_end(); - return(1); -} - -int -EncryptStopOutput(void) -{ - encrypt_send_end(); - return(1); -} - -void -encrypt_display(void) -{ - printf("Autoencrypt for output is %s. Autodecrypt for input is %s.\r\n", - autoencrypt?"on":"off", autodecrypt?"on":"off"); - - if (encrypt_output) - printf("Currently encrypting output with %s\r\n", - ENCTYPE_NAME(encrypt_mode)); - else - printf("Currently not encrypting output\r\n"); - - if (decrypt_input) - printf("Currently decrypting input with %s\r\n", - ENCTYPE_NAME(decrypt_mode)); - else - printf("Currently not decrypting input\r\n"); -} - -int -EncryptStatus(void) -{ - printf("Autoencrypt for output is %s. Autodecrypt for input is %s.\r\n", - autoencrypt?"on":"off", autodecrypt?"on":"off"); - - if (encrypt_output) - printf("Currently encrypting output with %s\r\n", - ENCTYPE_NAME(encrypt_mode)); - else if (encrypt_mode) { - printf("Currently output is clear text.\r\n"); - printf("Last encryption mode was %s\r\n", - ENCTYPE_NAME(encrypt_mode)); - } else - printf("Currently not encrypting output\r\n"); - - if (decrypt_input) { - printf("Currently decrypting input with %s\r\n", - ENCTYPE_NAME(decrypt_mode)); - } else if (decrypt_mode) { - printf("Currently input is clear text.\r\n"); - printf("Last decryption mode was %s\r\n", - ENCTYPE_NAME(decrypt_mode)); - } else - printf("Currently not decrypting input\r\n"); - - return 1; -} - -void -encrypt_send_support(void) -{ - if (str_suplen) { - /* - * If the user has requested that decryption start - * immediatly, then send a "REQUEST START" before - * we negotiate the type. - */ - if (!Server && autodecrypt) - encrypt_send_request_start(); - telnet_net_write(str_send, str_suplen); - printsub('>', &str_send[2], str_suplen - 2); - str_suplen = 0; - } -} - -int -EncryptDebug(int on) -{ - if (on < 0) - encrypt_debug_mode ^= 1; - else - encrypt_debug_mode = on; - printf("Encryption debugging %s\r\n", - encrypt_debug_mode ? "enabled" : "disabled"); - return(1); -} - -/* turn on verbose encryption, but dont keep telling the whole world - */ -void encrypt_verbose_quiet(int on) -{ - if(on < 0) - encrypt_verbose ^= 1; - else - encrypt_verbose = on ? 1 : 0; -} - -int -EncryptVerbose(int on) -{ - encrypt_verbose_quiet(on); - printf("Encryption %s verbose\r\n", - encrypt_verbose ? "is" : "is not"); - return(1); -} - -int -EncryptAutoEnc(int on) -{ - encrypt_auto(on); - printf("Automatic encryption of output is %s\r\n", - autoencrypt ? "enabled" : "disabled"); - return(1); -} - -int -EncryptAutoDec(int on) -{ - decrypt_auto(on); - printf("Automatic decryption of input is %s\r\n", - autodecrypt ? "enabled" : "disabled"); - return(1); -} - -/* Called when we receive a WONT or a DONT ENCRYPT after we sent a DO - encrypt */ -void -encrypt_not(void) -{ - if (encrypt_verbose) - printf("[ Connection is NOT encrypted ]\r\n"); - else - printf("\r\n*** Connection not encrypted! " - "Communication may be eavesdropped. ***\r\n"); -} - -/* - * Called when ENCRYPT SUPPORT is received. - */ -void -encrypt_support(unsigned char *typelist, int cnt) -{ - int type, use_type = 0; - Encryptions *ep; - - /* - * Forget anything the other side has previously told us. - */ - remote_supports_decrypt = 0; - - while (cnt-- > 0) { - type = *typelist++; - if (encrypt_debug_mode) - printf(">>>%s: He is supporting %s (%d)\r\n", - Name, - ENCTYPE_NAME(type), type); - if ((type < ENCTYPE_CNT) && - (I_SUPPORT_ENCRYPT & typemask(type))) { - remote_supports_decrypt |= typemask(type); - if (use_type == 0) - use_type = type; - } - } - if (use_type) { - ep = findencryption(use_type); - if (!ep) - return; - type = ep->start ? (*ep->start)(DIR_ENCRYPT, Server) : 0; - if (encrypt_debug_mode) - printf(">>>%s: (*ep->start)() returned %d\r\n", - Name, type); - if (type < 0) - return; - encrypt_mode = use_type; - if (type == 0) - encrypt_start_output(use_type); - } -} - -void -encrypt_is(unsigned char *data, int cnt) -{ - Encryptions *ep; - int type, ret; - - if (--cnt < 0) - return; - type = *data++; - if (type < ENCTYPE_CNT) - remote_supports_encrypt |= typemask(type); - if (!(ep = finddecryption(type))) { - if (encrypt_debug_mode) - printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - return; - } - if (!ep->is) { - if (encrypt_debug_mode) - printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - ret = 0; - } else { - ret = (*ep->is)(data, cnt); - if (encrypt_debug_mode) - printf("(*ep->is)(%p, %d) returned %s(%d)\n", data, cnt, - (ret < 0) ? "FAIL " : - (ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret); - } - if (ret < 0) { - autodecrypt = 0; - } else { - decrypt_mode = type; - if (ret == 0 && autodecrypt) - encrypt_send_request_start(); - } -} - -void -encrypt_reply(unsigned char *data, int cnt) -{ - Encryptions *ep; - int ret, type; - - if (--cnt < 0) - return; - type = *data++; - if (!(ep = findencryption(type))) { - if (encrypt_debug_mode) - printf(">>>%s: Can't find type %s (%d) for initial negotiation\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - return; - } - if (!ep->reply) { - if (encrypt_debug_mode) - printf(">>>%s: No initial negotiation needed for type %s (%d)\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - ret = 0; - } else { - ret = (*ep->reply)(data, cnt); - if (encrypt_debug_mode) - printf("(*ep->reply)(%p, %d) returned %s(%d)\n", - data, cnt, - (ret < 0) ? "FAIL " : - (ret == 0) ? "SUCCESS " : "MORE_TO_DO ", ret); - } - if (encrypt_debug_mode) - printf(">>>%s: encrypt_reply returned %d\n", Name, ret); - if (ret < 0) { - autoencrypt = 0; - } else { - encrypt_mode = type; - if (ret == 0 && autoencrypt) - encrypt_start_output(type); - } -} - -/* - * Called when a ENCRYPT START command is received. - */ -void -encrypt_start(unsigned char *data, int cnt) -{ - Encryptions *ep; - - if (!decrypt_mode) { - /* - * Something is wrong. We should not get a START - * command without having already picked our - * decryption scheme. Send a REQUEST-END to - * attempt to clear the channel... - */ - printf("%s: Warning, Cannot decrypt input stream!!!\r\n", Name); - encrypt_send_request_end(); - return; - } - - if ((ep = finddecryption(decrypt_mode))) { - decrypt_input = ep->input; - if (encrypt_verbose) - printf("[ Input is now decrypted with type %s ]\r\n", - ENCTYPE_NAME(decrypt_mode)); - if (encrypt_debug_mode) - printf(">>>%s: Start to decrypt input with type %s\r\n", - Name, ENCTYPE_NAME(decrypt_mode)); - } else { - printf("%s: Warning, Cannot decrypt type %s (%d)!!!\r\n", - Name, - ENCTYPE_NAME_OK(decrypt_mode) - ? ENCTYPE_NAME(decrypt_mode) - : "(unknown)", - decrypt_mode); - encrypt_send_request_end(); - } -} - -void -encrypt_session_key(Session_Key *key, int server) -{ - Encryptions *ep = encryptions; - - havesessionkey = 1; - - while (ep->type) { - if (ep->session) - (*ep->session)(key, server); - ++ep; - } -} - -/* - * Called when ENCRYPT END is received. - */ -void -encrypt_end(void) -{ - decrypt_input = 0; - if (encrypt_debug_mode) - printf(">>>%s: Input is back to clear text\r\n", Name); - if (encrypt_verbose) - printf("[ Input is now clear text ]\r\n"); -} - -/* - * Called when ENCRYPT REQUEST-END is received. - */ -void -encrypt_request_end(void) -{ - encrypt_send_end(); -} - -/* - * Called when ENCRYPT REQUEST-START is received. If we receive - * this before a type is picked, then that indicates that the - * other side wants us to start encrypting data as soon as we - * can. - */ -void -encrypt_request_start(unsigned char *data, int cnt) -{ - if (encrypt_mode == 0) { - if (Server) - autoencrypt = 1; - return; - } - encrypt_start_output(encrypt_mode); -} - -static unsigned char str_keyid[(MAXKEYLEN*2)+5] = { IAC, SB, TELOPT_ENCRYPT }; - -static void -encrypt_keyid(struct key_info *kp, unsigned char *keyid, int len) -{ - Encryptions *ep; - int dir = kp->dir; - int ret = 0; - - if (!(ep = (*kp->getcrypt)(*kp->modep))) { - if (len == 0) - return; - kp->keylen = 0; - } else if (len == 0) { - /* - * Empty option, indicates a failure. - */ - if (kp->keylen == 0) - return; - kp->keylen = 0; - if (ep->keyid) - (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); - - } else if ((len != kp->keylen) || (memcmp(keyid,kp->keyid,len) != 0)) { - /* - * Length or contents are different - */ - kp->keylen = len; - memcpy(kp->keyid,keyid, len); - if (ep->keyid) - (void)(*ep->keyid)(dir, kp->keyid, &kp->keylen); - } else { - if (ep->keyid) - ret = (*ep->keyid)(dir, kp->keyid, &kp->keylen); - if ((ret == 0) && (dir == DIR_ENCRYPT) && autoencrypt) - encrypt_start_output(*kp->modep); - return; - } - - encrypt_send_keyid(dir, kp->keyid, kp->keylen, 0); -} - -void encrypt_enc_keyid(unsigned char *keyid, int len) -{ - encrypt_keyid(&ki[1], keyid, len); -} - -void encrypt_dec_keyid(unsigned char *keyid, int len) -{ - encrypt_keyid(&ki[0], keyid, len); -} - - -void encrypt_send_keyid(int dir, unsigned char *keyid, int keylen, int saveit) -{ - unsigned char *strp; - - str_keyid[3] = (dir == DIR_ENCRYPT) - ? ENCRYPT_ENC_KEYID : ENCRYPT_DEC_KEYID; - if (saveit) { - struct key_info *kp = &ki[(dir == DIR_ENCRYPT) ? 0 : 1]; - memcpy(kp->keyid,keyid, keylen); - kp->keylen = keylen; - } - - for (strp = &str_keyid[4]; keylen > 0; --keylen) { - if ((*strp++ = *keyid++) == IAC) - *strp++ = IAC; - } - *strp++ = IAC; - *strp++ = SE; - telnet_net_write(str_keyid, strp - str_keyid); - printsub('>', &str_keyid[2], strp - str_keyid - 2); -} - -void -encrypt_auto(int on) -{ - if (on < 0) - autoencrypt ^= 1; - else - autoencrypt = on ? 1 : 0; -} - -void -decrypt_auto(int on) -{ - if (on < 0) - autodecrypt ^= 1; - else - autodecrypt = on ? 1 : 0; -} - -void -encrypt_start_output(int type) -{ - Encryptions *ep; - unsigned char *p; - int i; - - if (!(ep = findencryption(type))) { - if (encrypt_debug_mode) { - printf(">>>%s: Can't encrypt with type %s (%d)\r\n", - Name, - ENCTYPE_NAME_OK(type) - ? ENCTYPE_NAME(type) : "(unknown)", - type); - } - return; - } - if (ep->start) { - i = (*ep->start)(DIR_ENCRYPT, Server); - if (encrypt_debug_mode) { - printf(">>>%s: Encrypt start: %s (%d) %s\r\n", - Name, - (i < 0) ? "failed" : - "initial negotiation in progress", - i, ENCTYPE_NAME(type)); - } - if (i) - return; - } - p = str_start + 3; - *p++ = ENCRYPT_START; - for (i = 0; i < ki[0].keylen; ++i) { - if ((*p++ = ki[0].keyid[i]) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - telnet_net_write(str_start, p - str_start); - net_encrypt(); - printsub('>', &str_start[2], p - &str_start[2]); - /* - * If we are already encrypting in some mode, then - * encrypt the ring (which includes our request) in - * the old mode, mark it all as "clear text" and then - * switch to the new mode. - */ - encrypt_output = ep->output; - encrypt_mode = type; - if (encrypt_debug_mode) - printf(">>>%s: Started to encrypt output with type %s\r\n", - Name, ENCTYPE_NAME(type)); - if (encrypt_verbose) - printf("[ Output is now encrypted with type %s ]\r\n", - ENCTYPE_NAME(type)); -} - -void -encrypt_send_end(void) -{ - if (!encrypt_output) - return; - - str_end[3] = ENCRYPT_END; - telnet_net_write(str_end, sizeof(str_end)); - net_encrypt(); - printsub('>', &str_end[2], sizeof(str_end) - 2); - /* - * Encrypt the output buffer now because it will not be done by - * netflush... - */ - encrypt_output = 0; - if (encrypt_debug_mode) - printf(">>>%s: Output is back to clear text\r\n", Name); - if (encrypt_verbose) - printf("[ Output is now clear text ]\r\n"); -} - -void -encrypt_send_request_start(void) -{ - unsigned char *p; - int i; - - p = &str_start[3]; - *p++ = ENCRYPT_REQSTART; - for (i = 0; i < ki[1].keylen; ++i) { - if ((*p++ = ki[1].keyid[i]) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - telnet_net_write(str_start, p - str_start); - printsub('>', &str_start[2], p - &str_start[2]); - if (encrypt_debug_mode) - printf(">>>%s: Request input to be encrypted\r\n", Name); -} - -void -encrypt_send_request_end(void) -{ - str_end[3] = ENCRYPT_REQEND; - telnet_net_write(str_end, sizeof(str_end)); - printsub('>', &str_end[2], sizeof(str_end) - 2); - - if (encrypt_debug_mode) - printf(">>>%s: Request input to be clear text\r\n", Name); -} - - -void encrypt_wait(void) -{ - if (encrypt_debug_mode) - printf(">>>%s: in encrypt_wait\r\n", Name); - if (!havesessionkey || !(I_SUPPORT_ENCRYPT & remote_supports_decrypt)) - return; - while (autoencrypt && !encrypt_output) - if (telnet_spin()) - return; -} - -int -encrypt_delay(void) -{ - if(!havesessionkey || - (I_SUPPORT_ENCRYPT & remote_supports_decrypt) == 0 || - (I_SUPPORT_DECRYPT & remote_supports_encrypt) == 0) - return 0; - if(!(encrypt_output && decrypt_input)) - return 1; - return 0; -} - -void -encrypt_debug(int mode) -{ - encrypt_debug_mode = mode; -} - -void encrypt_gen_printsub(unsigned char *data, int cnt, - unsigned char *buf, int buflen) -{ - char tbuf[16], *cp; - - cnt -= 2; - data += 2; - buf[buflen-1] = '\0'; - buf[buflen-2] = '*'; - buflen -= 2;; - for (; cnt > 0; cnt--, data++) { - snprintf(tbuf, sizeof(tbuf), " %d", *data); - for (cp = tbuf; *cp && buflen > 0; --buflen) - *buf++ = *cp++; - if (buflen <= 0) - return; - } - *buf = '\0'; -} - -void -encrypt_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - Encryptions *ep; - int type = data[1]; - - for (ep = encryptions; ep->type && ep->type != type; ep++) - ; - - if (ep->printsub) - (*ep->printsub)(data, cnt, buf, buflen); - else - encrypt_gen_printsub(data, cnt, buf, buflen); -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/encrypt.h b/crypto/kerberosIV/appl/telnet/libtelnet/encrypt.h deleted file mode 100644 index 5919db52826e..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/encrypt.h +++ /dev/null @@ -1,98 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)encrypt.h 8.1 (Berkeley) 6/4/93 - * - * @(#)encrypt.h 5.2 (Berkeley) 3/22/91 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: encrypt.h,v 1.4 1997/01/24 23:10:56 assar Exp $ */ - -#ifndef __ENCRYPT__ -#define __ENCRYPT__ - -#define DIR_DECRYPT 1 -#define DIR_ENCRYPT 2 - -#define VALIDKEY(key) ( key[0] | key[1] | key[2] | key[3] | \ - key[4] | key[5] | key[6] | key[7]) - -#define SAMEKEY(k1, k2) (!memcmp(k1, k2, sizeof(des_cblock))) - -typedef struct { - short type; - int length; - unsigned char *data; -} Session_Key; - -typedef struct { - char *name; - int type; - void (*output) (unsigned char *, int); - int (*input) (int); - void (*init) (int); - int (*start) (int, int); - int (*is) (unsigned char *, int); - int (*reply) (unsigned char *, int); - void (*session) (Session_Key *, int); - int (*keyid) (int, unsigned char *, int *); - void (*printsub) (unsigned char *, int, unsigned char *, int); -} Encryptions; - -#define SK_DES 1 /* Matched Kerberos v5 KEYTYPE_DES */ - -#include "enc-proto.h" - -extern int encrypt_debug_mode; -extern int (*decrypt_input) (int); -extern void (*encrypt_output) (unsigned char *, int); -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/genget.c b/crypto/kerberosIV/appl/telnet/libtelnet/genget.c deleted file mode 100644 index c17a7bd0c041..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/genget.c +++ /dev/null @@ -1,103 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include "misc-proto.h" - -RCSID("$Id: genget.c,v 1.6 1997/05/04 09:01:34 assar Exp $"); - -#include - -#define LOWER(x) (isupper(x) ? tolower(x) : (x)) -/* - * The prefix function returns 0 if *s1 is not a prefix - * of *s2. If *s1 exactly matches *s2, the negative of - * the length is returned. If *s1 is a prefix of *s2, - * the length of *s1 is returned. - */ - -int -isprefix(char *s1, char *s2) -{ - char *os1; - char c1, c2; - - if (*s1 == '\0') - return(-1); - os1 = s1; - c1 = *s1; - c2 = *s2; - while (LOWER(c1) == LOWER(c2)) { - if (c1 == '\0') - break; - c1 = *++s1; - c2 = *++s2; - } - return(*s1 ? 0 : (*s2 ? (s1 - os1) : (os1 - s1))); -} - -static char *ambiguous; /* special return value for command routines */ - -char ** -genget(char *name, char **table, int stlen) - /* name to match */ - /* name entry in table */ - -{ - char **c, **found; - int n; - - if (name == 0) - return 0; - - found = 0; - for (c = table; *c != 0; c = (char **)((char *)c + stlen)) { - if ((n = isprefix(name, *c)) == 0) - continue; - if (n < 0) /* exact match */ - return(c); - if (found) - return(&ambiguous); - found = c; - } - return(found); -} - -/* - * Function call version of Ambiguous() - */ -int -Ambiguous(void *s) -{ - return((char **)s == &ambiguous); -} diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/kerberos.c b/crypto/kerberosIV/appl/telnet/libtelnet/kerberos.c deleted file mode 100644 index 45e729347e4f..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/kerberos.c +++ /dev/null @@ -1,719 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: kerberos.c,v 1.46 1999/09/16 20:41:33 assar Exp $"); - -#ifdef KRB4 -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include /* BSD wont include this in krb.h, so we do it here */ -#include -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif - - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -int kerberos4_cksum (unsigned char *, int); -extern int auth_debug_mode; - -static unsigned char str_data[2048] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KERBEROS_V4, }; - -#define KRB_AUTH 0 /* Authentication data follows */ -#define KRB_REJECT 1 /* Rejected (reason might follow) */ -#define KRB_ACCEPT 2 /* Accepted */ -#define KRB_CHALLENGE 3 /* Challenge for mutual auth. */ -#define KRB_RESPONSE 4 /* Response for mutual auth. */ - -#define KRB_FORWARD 5 /* */ -#define KRB_FORWARD_ACCEPT 6 /* */ -#define KRB_FORWARD_REJECT 7 /* */ - -#define KRB_SERVICE_NAME "rcmd" - -static KTEXT_ST auth; -static char name[ANAME_SZ]; -static AUTH_DAT adat; -static des_cblock session_key; -static des_cblock cred_session; -static des_key_schedule sched; -static des_cblock challenge; -static int auth_done; /* XXX */ - -static int pack_cred(CREDENTIALS *cred, unsigned char *buf); -static int unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred); - - -static int -Data(Authenticator *ap, int type, const void *d, int c) -{ - unsigned char *p = str_data + 4; - const unsigned char *cd = (const unsigned char *)d; - - if (c == -1) - c = strlen((const char *)cd); - - if (auth_debug_mode) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - -int -kerberos4_init(Authenticator *ap, int server) -{ - FILE *fp; - - if (server) { - str_data[3] = TELQUAL_REPLY; - if ((fp = fopen(KEYFILE, "r")) == NULL) - return(0); - fclose(fp); - } else { - str_data[3] = TELQUAL_IS; - } - return(1); -} - -char dst_realm_buf[REALM_SZ], *dest_realm = NULL; -int dst_realm_sz = REALM_SZ; - -static int -kerberos4_send(char *name, Authenticator *ap) -{ - KTEXT_ST auth; - char instance[INST_SZ]; - char *realm; - CREDENTIALS cred; - int r; - - printf("[ Trying %s ... ]\r\n", name); - if (!UserNameRequested) { - if (auth_debug_mode) { - printf("Kerberos V4: no user name supplied\r\n"); - } - return(0); - } - - memset(instance, 0, sizeof(instance)); - - strlcpy (instance, - krb_get_phost(RemoteHostName), - INST_SZ); - - realm = dest_realm ? dest_realm : krb_realmofhost(RemoteHostName); - - if (!realm) { - printf("Kerberos V4: no realm for %s\r\n", RemoteHostName); - return(0); - } - r = krb_mk_req(&auth, KRB_SERVICE_NAME, instance, realm, 0L); - if (r) { - printf("mk_req failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - r = krb_get_cred(KRB_SERVICE_NAME, instance, realm, &cred); - if (r) { - printf("get_cred failed: %s\r\n", krb_get_err_text(r)); - return(0); - } - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - if (auth_debug_mode) - printf("Not enough room for user name\r\n"); - return(0); - } - if (auth_debug_mode) - printf("Sent %d bytes of authentication data\r\n", auth.length); - if (!Data(ap, KRB_AUTH, (void *)auth.dat, auth.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - return(0); - } -#ifdef ENCRYPTION - /* create challenge */ - if ((ap->way & AUTH_HOW_MASK)==AUTH_HOW_MUTUAL) { - int i; - - des_key_sched(&cred.session, sched); - memcpy (&cred_session, &cred.session, sizeof(cred_session)); - des_init_random_number_generator(&cred.session); - des_new_random_key(&session_key); - des_ecb_encrypt(&session_key, &session_key, sched, 0); - des_ecb_encrypt(&session_key, &challenge, sched, 0); - - /* - old code - Some CERT Advisory thinks this is a bad thing... - - des_init_random_number_generator(&cred.session); - des_new_random_key(&challenge); - des_ecb_encrypt(&challenge, &session_key, sched, 1); - */ - - /* - * Increment the challenge by 1, and encrypt it for - * later comparison. - */ - for (i = 7; i >= 0; --i) - if(++challenge[i] != 0) /* No carry! */ - break; - des_ecb_encrypt(&challenge, &challenge, sched, 1); - } - -#endif - - if (auth_debug_mode) { - printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); - printd(auth.dat, auth.length); - printf("\r\n"); - printf("Sent Kerberos V4 credentials to server\r\n"); - } - return(1); -} -int -kerberos4_send_mutual(Authenticator *ap) -{ - return kerberos4_send("mutual KERBEROS4", ap); -} - -int -kerberos4_send_oneway(Authenticator *ap) -{ - return kerberos4_send("KERBEROS4", ap); -} - -void -kerberos4_is(Authenticator *ap, unsigned char *data, int cnt) -{ - struct sockaddr_in addr; - char realm[REALM_SZ]; - char instance[INST_SZ]; - int r; - int addr_len; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_AUTH: - if (krb_get_lrealm(realm, 1) != KSUCCESS) { - Data(ap, KRB_REJECT, (void *)"No local V4 Realm.", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("No local realm\r\n"); - return; - } - memmove(auth.dat, data, auth.length = cnt); - if (auth_debug_mode) { - printf("Got %d bytes of authentication data\r\n", cnt); - printf("CK: %d:", kerberos4_cksum(auth.dat, auth.length)); - printd(auth.dat, auth.length); - printf("\r\n"); - } - k_getsockinst(0, instance, sizeof(instance)); - addr_len = sizeof(addr); - if(getpeername(0, (struct sockaddr *)&addr, &addr_len) < 0) { - if(auth_debug_mode) - printf("getpeername failed\r\n"); - Data(ap, KRB_REJECT, "getpeername failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - if (addr.sin_family != AF_INET) { - if (auth_debug_mode) - printf("unknown address family: %d\r\n", addr.sin_family); - Data(ap, KRB_REJECT, "bad address family", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - r = krb_rd_req(&auth, KRB_SERVICE_NAME, - instance, addr.sin_addr.s_addr, &adat, ""); - if (r) { - if (auth_debug_mode) - printf("Kerberos failed him as %s\r\n", name); - Data(ap, KRB_REJECT, (void *)krb_get_err_text(r), -1); - auth_finished(ap, AUTH_REJECT); - return; - } - /* save the session key */ - memmove(session_key, adat.session, sizeof(adat.session)); - krb_kntoln(&adat, name); - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)){ - char ts[MaxPathLen]; - struct passwd *pw = getpwnam(UserNameRequested); - - if(pw){ - snprintf(ts, sizeof(ts), - "%s%u", - TKT_ROOT, - (unsigned)pw->pw_uid); - setenv("KRBTKFILE", ts, 1); - - if (pw->pw_uid == 0) - syslog(LOG_INFO|LOG_AUTH, - "ROOT Kerberos login from %s on %s\n", - krb_unparse_name_long(adat.pname, - adat.pinst, - adat.prealm), - RemoteHostName); - } - Data(ap, KRB_ACCEPT, NULL, 0); - } else { - char *msg; - - asprintf (&msg, "user `%s' is not authorized to " - "login as `%s'", - krb_unparse_name_long(adat.pname, - adat.pinst, - adat.prealm), - UserNameRequested ? UserNameRequested : ""); - if (msg == NULL) - Data(ap, KRB_REJECT, NULL, 0); - else { - Data(ap, KRB_REJECT, (void *)msg, -1); - free(msg); - } - } - auth_finished(ap, AUTH_USER); - break; - - case KRB_CHALLENGE: -#ifndef ENCRYPTION - Data(ap, KRB_RESPONSE, NULL, 0); -#else - if(!VALIDKEY(session_key)){ - Data(ap, KRB_RESPONSE, NULL, 0); - break; - } - des_key_sched(&session_key, sched); - { - des_cblock d_block; - int i; - Session_Key skey; - - memmove(d_block, data, sizeof(d_block)); - - /* make a session key for encryption */ - des_ecb_encrypt(&d_block, &session_key, sched, 1); - skey.type=SK_DES; - skey.length=8; - skey.data=session_key; - encrypt_session_key(&skey, 1); - - /* decrypt challenge, add one and encrypt it */ - des_ecb_encrypt(&d_block, &challenge, sched, 0); - for (i = 7; i >= 0; i--) - if(++challenge[i] != 0) - break; - des_ecb_encrypt(&challenge, &challenge, sched, 1); - Data(ap, KRB_RESPONSE, (void *)challenge, sizeof(challenge)); - } -#endif - break; - - case KRB_FORWARD: - { - des_key_schedule ks; - unsigned char netcred[sizeof(CREDENTIALS)]; - CREDENTIALS cred; - int ret; - if(cnt > sizeof(cred)) - abort(); - - memcpy (session_key, adat.session, sizeof(session_key)); - des_set_key(&session_key, ks); - des_pcbc_encrypt((void*)data, (void*)netcred, cnt, - ks, &session_key, DES_DECRYPT); - unpack_cred(netcred, cnt, &cred); - { - if(strcmp(cred.service, KRB_TICKET_GRANTING_TICKET) || - strncmp(cred.instance, cred.realm, sizeof(cred.instance)) || - cred.lifetime < 0 || cred.lifetime > 255 || - cred.kvno < 0 || cred.kvno > 255 || - cred.issue_date < 0 || - cred.issue_date > time(0) + CLOCK_SKEW || - strncmp(cred.pname, adat.pname, sizeof(cred.pname)) || - strncmp(cred.pinst, adat.pinst, sizeof(cred.pinst))){ - Data(ap, KRB_FORWARD_REJECT, "Bad credentials", -1); - }else{ - if((ret = tf_setup(&cred, - cred.pname, - cred.pinst)) == KSUCCESS){ - struct passwd *pw = getpwnam(UserNameRequested); - - if (pw) - chown(tkt_string(), pw->pw_uid, pw->pw_gid); - Data(ap, KRB_FORWARD_ACCEPT, 0, 0); - } else{ - Data(ap, KRB_FORWARD_REJECT, - krb_get_err_text(ret), -1); - } - } - } - memset(data, 0, cnt); - memset(ks, 0, sizeof(ks)); - memset(&cred, 0, sizeof(cred)); - } - - break; - - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - Data(ap, KRB_REJECT, 0, 0); - break; - } -} - -void -kerberos4_reply(Authenticator *ap, unsigned char *data, int cnt) -{ - Session_Key skey; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_REJECT: - if(auth_done){ /* XXX Ick! */ - printf("[ Kerberos V4 received unknown opcode ]\r\n"); - }else{ - printf("[ Kerberos V4 refuses authentication "); - if (cnt > 0) - printf("because %.*s ", cnt, data); - printf("]\r\n"); - auth_send_retry(); - } - return; - case KRB_ACCEPT: - printf("[ Kerberos V4 accepts you ]\r\n"); - auth_done = 1; - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* - * Send over the encrypted challenge. - */ - Data(ap, KRB_CHALLENGE, session_key, - sizeof(session_key)); - des_ecb_encrypt(&session_key, &session_key, sched, 1); - skey.type = SK_DES; - skey.length = 8; - skey.data = session_key; - encrypt_session_key(&skey, 0); -#if 0 - kerberos4_forward(ap, &cred_session); -#endif - return; - } - auth_finished(ap, AUTH_USER); - return; - case KRB_RESPONSE: - /* make sure the response is correct */ - if ((cnt != sizeof(des_cblock)) || - (memcmp(data, challenge, sizeof(challenge)))){ - printf("[ Kerberos V4 challenge failed!!! ]\r\n"); - auth_send_retry(); - return; - } - printf("[ Kerberos V4 challenge successful ]\r\n"); - auth_finished(ap, AUTH_USER); - break; - case KRB_FORWARD_ACCEPT: - printf("[ Kerberos V4 accepted forwarded credentials ]\r\n"); - break; - case KRB_FORWARD_REJECT: - printf("[ Kerberos V4 rejected forwarded credentials: `%.*s']\r\n", - cnt, data); - break; - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - return; - } -} - -int -kerberos4_status(Authenticator *ap, char *name, size_t name_sz, int level) -{ - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && !kuserok(&adat, UserNameRequested)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else - return(AUTH_USER); -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - -void -kerberos4_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - int i; - - buf[buflen-1] = '\0'; /* make sure its NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case KRB_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB_CHALLENGE: - strlcpy((char *)buf, " CHALLENGE", buflen); - goto common2; - - case KRB_RESPONSE: - strlcpy((char *)buf, " RESPONSE", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int -kerberos4_cksum(unsigned char *d, int n) -{ - int ck = 0; - - /* - * A comment is probably needed here for those not - * well versed in the "C" language. Yes, this is - * supposed to be a "switch" with the body of the - * "switch" being a "while" statement. The whole - * purpose of the switch is to allow us to jump into - * the middle of the while() loop, and then not have - * to do any more switch()s. - * - * Some compilers will spit out a warning message - * about the loop not being entered at the top. - */ - switch (n&03) - while (n > 0) { - case 0: - ck ^= (int)*d++ << 24; - --n; - case 3: - ck ^= (int)*d++ << 16; - --n; - case 2: - ck ^= (int)*d++ << 8; - --n; - case 1: - ck ^= (int)*d++; - --n; - } - return(ck); -} - -static int -pack_cred(CREDENTIALS *cred, unsigned char *buf) -{ - unsigned char *p = buf; - - memcpy (p, cred->service, ANAME_SZ); - p += ANAME_SZ; - memcpy (p, cred->instance, INST_SZ); - p += INST_SZ; - memcpy (p, cred->realm, REALM_SZ); - p += REALM_SZ; - memcpy(p, cred->session, 8); - p += 8; - p += KRB_PUT_INT(cred->lifetime, p, 4, 4); - p += KRB_PUT_INT(cred->kvno, p, 4, 4); - p += KRB_PUT_INT(cred->ticket_st.length, p, 4, 4); - memcpy(p, cred->ticket_st.dat, cred->ticket_st.length); - p += cred->ticket_st.length; - p += KRB_PUT_INT(0, p, 4, 4); - p += KRB_PUT_INT(cred->issue_date, p, 4, 4); - memcpy (p, cred->pname, ANAME_SZ); - p += ANAME_SZ; - memcpy (p, cred->pinst, INST_SZ); - p += INST_SZ; - return p - buf; -} - -static int -unpack_cred(unsigned char *buf, int len, CREDENTIALS *cred) -{ - unsigned char *p = buf; - u_int32_t tmp; - - strncpy (cred->service, p, ANAME_SZ); - cred->service[ANAME_SZ - 1] = '\0'; - p += ANAME_SZ; - strncpy (cred->instance, p, INST_SZ); - cred->instance[INST_SZ - 1] = '\0'; - p += INST_SZ; - strncpy (cred->realm, p, REALM_SZ); - cred->realm[REALM_SZ - 1] = '\0'; - p += REALM_SZ; - - memcpy(cred->session, p, 8); - p += 8; - p += krb_get_int(p, &tmp, 4, 0); - cred->lifetime = tmp; - p += krb_get_int(p, &tmp, 4, 0); - cred->kvno = tmp; - - p += krb_get_int(p, &cred->ticket_st.length, 4, 0); - memcpy(cred->ticket_st.dat, p, cred->ticket_st.length); - p += cred->ticket_st.length; - p += krb_get_int(p, &tmp, 4, 0); - cred->ticket_st.mbz = 0; - p += krb_get_int(p, (u_int32_t *)&cred->issue_date, 4, 0); - - strncpy (cred->pname, p, ANAME_SZ); - cred->pname[ANAME_SZ - 1] = '\0'; - p += ANAME_SZ; - strncpy (cred->pinst, p, INST_SZ); - cred->pinst[INST_SZ - 1] = '\0'; - p += INST_SZ; - return 0; -} - - -int -kerberos4_forward(Authenticator *ap, void *v) -{ - des_cblock *key = (des_cblock *)v; - CREDENTIALS cred; - char *realm; - des_key_schedule ks; - int len; - unsigned char netcred[sizeof(CREDENTIALS)]; - int ret; - - realm = krb_realmofhost(RemoteHostName); - if(realm == NULL) - return -1; - memset(&cred, 0, sizeof(cred)); - ret = krb_get_cred(KRB_TICKET_GRANTING_TICKET, - realm, - realm, - &cred); - if(ret) - return ret; - des_set_key(key, ks); - len = pack_cred(&cred, netcred); - des_pcbc_encrypt((void*)netcred, (void*)netcred, len, - ks, key, DES_ENCRYPT); - memset(ks, 0, sizeof(ks)); - Data(ap, KRB_FORWARD, netcred, len); - memset(netcred, 0, sizeof(netcred)); - return 0; -} - -#endif /* KRB4 */ - diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/kerberos5.c b/crypto/kerberosIV/appl/telnet/libtelnet/kerberos5.c deleted file mode 100644 index 3e6abbb4a8be..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/kerberos5.c +++ /dev/null @@ -1,734 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -#include - -RCSID("$Id: kerberos5.c,v 1.38 1999/09/16 20:41:33 assar Exp $"); - -#ifdef KRB5 - -#include -#include -#include -#include -#include -#include -#include -#include -#define Authenticator k5_Authenticator -#include -#undef Authenticator -#include -#ifdef SOCKS -#include -#endif - - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -int forward_flags = 0; /* Flags get set in telnet/main.c on -f and -F */ - -/* These values need to be the same as those defined in telnet/main.c. */ -/* Either define them in both places, or put in some common header file. */ -#define OPTS_FORWARD_CREDS 0x00000002 -#define OPTS_FORWARDABLE_CREDS 0x00000001 - -void kerberos5_forward (Authenticator *); - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KERBEROS_V5, }; - -#define KRB_AUTH 0 /* Authentication data follows */ -#define KRB_REJECT 1 /* Rejected (reason might follow) */ -#define KRB_ACCEPT 2 /* Accepted */ -#define KRB_RESPONSE 3 /* Response for mutual auth. */ - -#define KRB_FORWARD 4 /* Forwarded credentials follow */ -#define KRB_FORWARD_ACCEPT 5 /* Forwarded credentials accepted */ -#define KRB_FORWARD_REJECT 6 /* Forwarded credentials rejected */ - -static krb5_data auth; -static krb5_ticket *ticket; - -static krb5_context context; -static krb5_auth_context auth_context; - -static int -Data(Authenticator *ap, int type, void *d, int c) -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen(cd); - - if (auth_debug_mode) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - &str_data[2]); - return(telnet_net_write(str_data, p - str_data)); -} - -int -kerberos5_init(Authenticator *ap, int server) -{ - if (server) - str_data[3] = TELQUAL_REPLY; - else - str_data[3] = TELQUAL_IS; - krb5_init_context(&context); - return(1); -} - -static int -kerberos5_send(char *name, Authenticator *ap) -{ - krb5_error_code ret; - krb5_ccache ccache; - int ap_opts; - krb5_data cksum_data; - char foo[2]; - extern int net; - - printf("[ Trying %s ... ]\r\n", name); - if (!UserNameRequested) { - if (auth_debug_mode) { - printf("Kerberos V5: no user name supplied\r\n"); - } - return(0); - } - - ret = krb5_cc_default(context, &ccache); - if (ret) { - if (auth_debug_mode) { - printf("Kerberos V5: could not get default ccache: %s\r\n", - krb5_get_err_text (context, ret)); - } - return 0; - } - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) - ap_opts = AP_OPTS_MUTUAL_REQUIRED; - else - ap_opts = 0; - - ret = krb5_auth_con_init (context, &auth_context); - if (ret) { - if (auth_debug_mode) { - printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n", - krb5_get_err_text(context, ret)); - } - return(0); - } - - ret = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &net); - if (ret) { - if (auth_debug_mode) { - printf ("Kerberos V5:" - " krb5_auth_con_setaddrs_from_fd failed (%s)\r\n", - krb5_get_err_text(context, ret)); - } - return(0); - } - - krb5_auth_setkeytype (context, auth_context, KEYTYPE_DES); - - foo[0] = ap->type; - foo[1] = ap->way; - - cksum_data.length = sizeof(foo); - cksum_data.data = foo; - ret = krb5_mk_req(context, &auth_context, ap_opts, - "host", RemoteHostName, - &cksum_data, ccache, &auth); - - if (ret) { - if (1 || auth_debug_mode) { - printf("Kerberos V5: mk_req failed (%s)\r\n", - krb5_get_err_text(context, ret)); - } - return(0); - } - - if (!auth_sendname((unsigned char *)UserNameRequested, - strlen(UserNameRequested))) { - if (auth_debug_mode) - printf("Not enough room for user name\r\n"); - return(0); - } - if (!Data(ap, KRB_AUTH, auth.data, auth.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - return(0); - } - if (auth_debug_mode) { - printf("Sent Kerberos V5 credentials to server\r\n"); - } - return(1); -} - -int -kerberos5_send_mutual(Authenticator *ap) -{ - return kerberos5_send("mutual KERBEROS5", ap); -} - -int -kerberos5_send_oneway(Authenticator *ap) -{ - return kerberos5_send("KERBEROS5", ap); -} - -void -kerberos5_is(Authenticator *ap, unsigned char *data, int cnt) -{ - krb5_error_code ret; - krb5_data outbuf; - krb5_keyblock *key_block; - char *name; - krb5_principal server; - int zero = 0; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_AUTH: - auth.data = (char *)data; - auth.length = cnt; - - auth_context = NULL; - - ret = krb5_auth_con_init (context, &auth_context); - if (ret) { - Data(ap, KRB_REJECT, "krb5_auth_con_init failed", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("Kerberos V5: krb5_auth_con_init failed (%s)\r\n", - krb5_get_err_text(context, ret)); - return; - } - - ret = krb5_auth_con_setaddrs_from_fd (context, - auth_context, - &zero); - if (ret) { - Data(ap, KRB_REJECT, "krb5_auth_con_setaddrs_from_fd failed", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("Kerberos V5: " - "krb5_auth_con_setaddrs_from_fd failed (%s)\r\n", - krb5_get_err_text(context, ret)); - return; - } - - ret = krb5_sock_to_principal (context, - 0, - "host", - KRB5_NT_SRV_HST, - &server); - if (ret) { - Data(ap, KRB_REJECT, "krb5_sock_to_principal failed", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("Kerberos V5: " - "krb5_sock_to_principal failed (%s)\r\n", - krb5_get_err_text(context, ret)); - return; - } - - ret = krb5_rd_req(context, - &auth_context, - &auth, - server, - NULL, - NULL, - &ticket); - krb5_free_principal (context, server); - - if (ret) { - char *errbuf; - - asprintf(&errbuf, - "Read req failed: %s", - krb5_get_err_text(context, ret)); - Data(ap, KRB_REJECT, errbuf, -1); - if (auth_debug_mode) - printf("%s\r\n", errbuf); - free (errbuf); - return; - } - - { - char foo[2]; - - foo[0] = ap->type; - foo[1] = ap->way; - - ret = krb5_verify_authenticator_checksum(context, - auth_context, - foo, - sizeof(foo)); - - if (ret) { - char *errbuf; - asprintf(&errbuf, "Bad checksum: %s", - krb5_get_err_text(context, ret)); - Data(ap, KRB_REJECT, errbuf, -1); - if (auth_debug_mode) - printf ("%s\r\n", errbuf); - free(errbuf); - return; - } - } - ret = krb5_auth_con_getremotesubkey (context, - auth_context, - &key_block); - - if (ret) { - Data(ap, KRB_REJECT, "krb5_auth_con_getremotesubkey failed", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("Kerberos V5: " - "krb5_auth_con_getremotesubkey failed (%s)\r\n", - krb5_get_err_text(context, ret)); - return; - } - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - ret = krb5_mk_rep(context, &auth_context, &outbuf); - if (ret) { - Data(ap, KRB_REJECT, - "krb5_mk_rep failed", -1); - auth_finished(ap, AUTH_REJECT); - if (auth_debug_mode) - printf("Kerberos V5: " - "krb5_mk_rep failed (%s)\r\n", - krb5_get_err_text(context, ret)); - return; - } - Data(ap, KRB_RESPONSE, outbuf.data, outbuf.length); - } - if (krb5_unparse_name(context, ticket->client, &name)) - name = 0; - - if(UserNameRequested && krb5_kuserok(context, - ticket->client, - UserNameRequested)) { - Data(ap, KRB_ACCEPT, name, name ? -1 : 0); - if (auth_debug_mode) { - printf("Kerberos5 identifies him as ``%s''\r\n", - name ? name : ""); - } - - if(key_block->keytype == ETYPE_DES_CBC_MD5 || - key_block->keytype == ETYPE_DES_CBC_MD4 || - key_block->keytype == ETYPE_DES_CBC_CRC) { - Session_Key skey; - - skey.type = SK_DES; - skey.length = 8; - skey.data = key_block->keyvalue.data; - encrypt_session_key(&skey, 0); - } - - } else { - char *msg; - - asprintf (&msg, "user `%s' is not authorized to " - "login as `%s'", - name ? name : "", - UserNameRequested ? UserNameRequested : ""); - if (msg == NULL) - Data(ap, KRB_REJECT, NULL, 0); - else { - Data(ap, KRB_REJECT, (void *)msg, -1); - free(msg); - } - } - auth_finished(ap, AUTH_USER); - - krb5_free_keyblock_contents(context, key_block); - - break; - case KRB_FORWARD: { - struct passwd *pwd; - char ccname[1024]; /* XXX */ - krb5_data inbuf; - krb5_ccache ccache; - inbuf.data = (char *)data; - inbuf.length = cnt; - - pwd = getpwnam (UserNameRequested); - if (pwd == NULL) - break; - - snprintf (ccname, sizeof(ccname), - "FILE:/tmp/krb5cc_%u", pwd->pw_uid); - - ret = krb5_cc_resolve (context, ccname, &ccache); - if (ret) { - if (auth_debug_mode) - printf ("Kerberos V5: could not get ccache: %s\r\n", - krb5_get_err_text(context, ret)); - break; - } - - ret = krb5_cc_initialize (context, - ccache, - ticket->client); - if (ret) { - if (auth_debug_mode) - printf ("Kerberos V5: could not init ccache: %s\r\n", - krb5_get_err_text(context, ret)); - break; - } - - ret = krb5_rd_cred (context, - auth_context, - ccache, - &inbuf); - if(ret) { - char *errbuf; - - asprintf (&errbuf, - "Read forwarded creds failed: %s", - krb5_get_err_text (context, ret)); - if(errbuf == NULL) - Data(ap, KRB_FORWARD_REJECT, NULL, 0); - else - Data(ap, KRB_FORWARD_REJECT, errbuf, -1); - if (auth_debug_mode) - printf("Could not read forwarded credentials: %s\r\n", - errbuf); - free (errbuf); - } else - Data(ap, KRB_FORWARD_ACCEPT, 0, 0); - chown (ccname + 5, pwd->pw_uid, -1); - if (auth_debug_mode) - printf("Forwarded credentials obtained\r\n"); - break; - } - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - Data(ap, KRB_REJECT, 0, 0); - break; - } -} - -void -kerberos5_reply(Authenticator *ap, unsigned char *data, int cnt) -{ - static int mutual_complete = 0; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB_REJECT: - if (cnt > 0) { - printf("[ Kerberos V5 refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ Kerberos V5 refuses authentication ]\r\n"); - auth_send_retry(); - return; - case KRB_ACCEPT: { - krb5_error_code ret; - Session_Key skey; - krb5_keyblock *keyblock; - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL && - !mutual_complete) { - printf("[ Kerberos V5 accepted you, but didn't provide mutual authentication! ]\r\n"); - auth_send_retry(); - return; - } - if (cnt) - printf("[ Kerberos V5 accepts you as ``%.*s'' ]\r\n", cnt, data); - else - printf("[ Kerberos V5 accepts you ]\r\n"); - - ret = krb5_auth_con_getlocalsubkey (context, - auth_context, - &keyblock); - if (ret) - ret = krb5_auth_con_getkey (context, - auth_context, - &keyblock); - if(ret) { - printf("[ krb5_auth_con_getkey: %s ]\r\n", - krb5_get_err_text(context, ret)); - auth_send_retry(); - return; - } - - skey.type = SK_DES; - skey.length = 8; - skey.data = keyblock->keyvalue.data; - encrypt_session_key(&skey, 0); - krb5_free_keyblock_contents (context, keyblock); - auth_finished(ap, AUTH_USER); - if (forward_flags & OPTS_FORWARD_CREDS) - kerberos5_forward(ap); - break; - } - case KRB_RESPONSE: - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* the rest of the reply should contain a krb_ap_rep */ - krb5_ap_rep_enc_part *reply; - krb5_data inbuf; - krb5_error_code ret; - - inbuf.length = cnt; - inbuf.data = (char *)data; - - ret = krb5_rd_rep(context, auth_context, &inbuf, &reply); - if (ret) { - printf("[ Mutual authentication failed: %s ]\r\n", - krb5_get_err_text (context, ret)); - auth_send_retry(); - return; - } - krb5_free_ap_rep_enc_part(context, reply); - mutual_complete = 1; - } - return; - case KRB_FORWARD_ACCEPT: - printf("[ Kerberos V5 accepted forwarded credentials ]\r\n"); - return; - case KRB_FORWARD_REJECT: - printf("[ Kerberos V5 refuses forwarded credentials because %.*s ]\r\n", - cnt, data); - return; - default: - if (auth_debug_mode) - printf("Unknown Kerberos option %d\r\n", data[-1]); - return; - } -} - -int -kerberos5_status(Authenticator *ap, char *name, size_t name_sz, int level) -{ - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && - krb5_kuserok(context, - ticket->client, - UserNameRequested)) - { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else - return(AUTH_USER); -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - -void -kerberos5_printsub(unsigned char *data, int cnt, unsigned char *buf, int buflen) -{ - int i; - - buf[buflen-1] = '\0'; /* make sure its NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - - case KRB_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB_RESPONSE: - strlcpy((char *)buf, " RESPONSE", buflen); - goto common2; - - case KRB_FORWARD: /* Forwarded credentials follow */ - strlcpy((char *)buf, " FORWARD", buflen); - goto common2; - - case KRB_FORWARD_ACCEPT: /* Forwarded credentials accepted */ - strlcpy((char *)buf, " FORWARD_ACCEPT", buflen); - goto common2; - - case KRB_FORWARD_REJECT: /* Forwarded credentials rejected */ - /* (reason might follow) */ - strlcpy((char *)buf, " FORWARD_REJECT", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -void -kerberos5_forward(Authenticator *ap) -{ - krb5_error_code ret; - krb5_ccache ccache; - krb5_creds creds; - krb5_kdc_flags flags; - krb5_data out_data; - krb5_principal principal; - - ret = krb5_cc_default (context, &ccache); - if (ret) { - if (auth_debug_mode) - printf ("KerberosV5: could not get default ccache: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - ret = krb5_cc_get_principal (context, ccache, &principal); - if (ret) { - if (auth_debug_mode) - printf ("KerberosV5: could not get principal: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - memset (&creds, 0, sizeof(creds)); - - creds.client = principal; - - ret = krb5_build_principal (context, - &creds.server, - strlen(principal->realm), - principal->realm, - "krbtgt", - principal->realm, - NULL); - - if (ret) { - if (auth_debug_mode) - printf ("KerberosV5: could not get principal: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - creds.times.endtime = 0; - - flags.i = 0; - flags.b.forwarded = 1; - if (forward_flags & OPTS_FORWARDABLE_CREDS) - flags.b.forwardable = 1; - - ret = krb5_get_forwarded_creds (context, - auth_context, - ccache, - flags.i, - RemoteHostName, - &creds, - &out_data); - if (ret) { - if (auth_debug_mode) - printf ("Kerberos V5: error gettting forwarded creds: %s\r\n", - krb5_get_err_text (context, ret)); - return; - } - - if(!Data(ap, KRB_FORWARD, out_data.data, out_data.length)) { - if (auth_debug_mode) - printf("Not enough room for authentication data\r\n"); - } else { - if (auth_debug_mode) - printf("Forwarded local Kerberos V5 credentials to server\r\n"); - } -} - -#endif /* KRB5 */ diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/krb4encpwd.c b/crypto/kerberosIV/appl/telnet/libtelnet/krb4encpwd.c deleted file mode 100644 index 82f31e7e3c95..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/krb4encpwd.c +++ /dev/null @@ -1,439 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include - -RCSID("$Id: krb4encpwd.c,v 1.18 1999/09/16 20:41:34 assar Exp $"); - -#ifdef KRB4_ENCPWD -/* - * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION - * ALL RIGHTS RESERVED - * - * "Digital Equipment Corporation authorizes the reproduction, - * distribution and modification of this software subject to the following - * restrictions: - * - * 1. Any partial or whole copy of this software, or any modification - * thereof, must include this copyright notice in its entirety. - * - * 2. This software is supplied "as is" with no warranty of any kind, - * expressed or implied, for any purpose, including any warranty of fitness - * or merchantibility. DIGITAL assumes no responsibility for the use or - * reliability of this software, nor promises to provide any form of - * support for it on any basis. - * - * 3. Distribution of this software is authorized only if no profit or - * remuneration of any kind is received in exchange for such distribution. - * - * 4. This software produces public key authentication certificates - * bearing an expiration date established by DIGITAL and RSA Data - * Security, Inc. It may cease to generate certificates after the expiration - * date. Any modification of this software that changes or defeats - * the expiration date or its effect is unauthorized. - * - * 5. Software that will renew or extend the expiration date of - * authentication certificates produced by this software may be obtained - * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA - * 94065, (415)595-8782, or from DIGITAL" - * - */ - -#include -#include -#include -#include - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -int krb_mk_encpwd_req (KTEXT, char *, char *, char *, char *, char *, char *); -int krb_rd_encpwd_req (KTEXT, char *, char *, u_long, AUTH_DAT *, char *, char *, char *, char *); - -extern auth_debug_mode; - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_KRB4_ENCPWD, }; -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; - -#define KRB4_ENCPWD_AUTH 0 /* Authentication data follows */ -#define KRB4_ENCPWD_REJECT 1 /* Rejected (reason might follow) */ -#define KRB4_ENCPWD_ACCEPT 2 /* Accepted */ -#define KRB4_ENCPWD_CHALLENGE 3 /* Challenge for mutual auth. */ -#define KRB4_ENCPWD_ACK 4 /* Acknowledge */ - -#define KRB_SERVICE_NAME "rcmd" - -static KTEXT_ST auth; -static char name[ANAME_SZ]; -static char user_passwd[ANAME_SZ]; -static AUTH_DAT adat = { 0 }; -static des_key_schedule sched; -static char challenge[REALM_SZ]; - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - void *d; - int c; -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen(cd); - - if (0) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - - int -krb4encpwd_init(ap, server) - Authenticator *ap; - int server; -{ - char hostname[80], *cp, *realm; - des_clock skey; - - if (server) { - str_data[3] = TELQUAL_REPLY; - } else { - str_data[3] = TELQUAL_IS; - gethostname(hostname, sizeof(hostname)); - realm = krb_realmofhost(hostname); - cp = strchr(hostname, '.'); - if (*cp != NULL) *cp = NULL; - if (read_service_key(KRB_SERVICE_NAME, hostname, realm, 0, - KEYFILE, (char *)skey)) { - return(0); - } - } - return(1); -} - - int -krb4encpwd_send(ap) - Authenticator *ap; -{ - - printf("[ Trying KRB4ENCPWD ... ]\r\n"); - if (!UserNameRequested) { - return(0); - } - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - return(0); - } - - if (!Data(ap, KRB4_ENCPWD_ACK, NULL, 0)) { - return(0); - } - - return(1); -} - - void -krb4encpwd_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - des_cblock datablock; - char r_passwd[ANAME_SZ], r_user[ANAME_SZ]; - char lhostname[ANAME_SZ], *cp; - int r; - time_t now; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB4_ENCPWD_AUTH: - memmove(auth.dat, data, auth.length = cnt); - - gethostname(lhostname, sizeof(lhostname)); - if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0'; - - if (r = krb_rd_encpwd_req(&auth, KRB_SERVICE_NAME, lhostname, 0, &adat, NULL, challenge, r_user, r_passwd)) { - Data(ap, KRB4_ENCPWD_REJECT, "Auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - auth_encrypt_userpwd(r_passwd); - if (passwdok(UserNameRequested, UserPassword) == 0) { - /* - * illegal username and password - */ - Data(ap, KRB4_ENCPWD_REJECT, "Illegal password", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - memmove(session_key, adat.session, sizeof(des_cblock)); - Data(ap, KRB4_ENCPWD_ACCEPT, 0, 0); - auth_finished(ap, AUTH_USER); - break; - - case KRB4_ENCPWD_CHALLENGE: - /* - * Take the received random challenge text and save - * for future authentication. - */ - memmove(challenge, data, sizeof(des_cblock)); - break; - - - case KRB4_ENCPWD_ACK: - /* - * Receive ack, if mutual then send random challenge - */ - - /* - * If we are doing mutual authentication, get set up to send - * the challenge, and verify it when the response comes back. - */ - - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - int i; - - time(&now); - snprintf(challenge, sizeof(challenge), "%x", now); - Data(ap, KRB4_ENCPWD_CHALLENGE, challenge, strlen(challenge)); - } - break; - - default: - Data(ap, KRB4_ENCPWD_REJECT, 0, 0); - break; - } -} - - - void -krb4encpwd_reply(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - KTEXT_ST krb_token; - des_cblock enckey; - CREDENTIALS cred; - int r; - char randchal[REALM_SZ], instance[ANAME_SZ], *cp; - char hostname[80], *realm; - - if (cnt-- < 1) - return; - switch (*data++) { - case KRB4_ENCPWD_REJECT: - if (cnt > 0) { - printf("[ KRB4_ENCPWD refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ KRB4_ENCPWD refuses authentication ]\r\n"); - auth_send_retry(); - return; - case KRB4_ENCPWD_ACCEPT: - printf("[ KRB4_ENCPWD accepts you ]\r\n"); - auth_finished(ap, AUTH_USER); - return; - case KRB4_ENCPWD_CHALLENGE: - /* - * Verify that the response to the challenge is correct. - */ - - gethostname(hostname, sizeof(hostname)); - realm = krb_realmofhost(hostname); - memmove(challenge, data, cnt); - memset(user_passwd, 0, sizeof(user_passwd)); - des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0); - UserPassword = user_passwd; - Challenge = challenge; - strlcpy(instance, RemoteHostName, sizeof(instance)); - if ((cp = strchr(instance, '.')) != 0) *cp = '\0'; - - if (r = krb_mk_encpwd_req(&krb_token, KRB_SERVICE_NAME, instance, realm, Challenge, UserNameRequested, user_passwd)) { - krb_token.length = 0; - } - - if (!Data(ap, KRB4_ENCPWD_AUTH, krb_token.dat, krb_token.length)) { - return; - } - - break; - - default: - return; - } -} - - int -krb4encpwd_status(ap, name, name_sz, level) - Authenticator *ap; - char *name; - size_t name_sz; - int level; -{ - - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && passwdok(UserNameRequested, UserPassword)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else { - return(AUTH_USER); - } -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -krb4encpwd_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; -{ - int i; - - buf[buflen-1] = '\0'; /* make sure its NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case KRB4_ENCPWD_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case KRB4_ENCPWD_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case KRB4_ENCPWD_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case KRB4_ENCPWD_CHALLENGE: - strlcpy((char *)buf, " CHALLENGE", buflen); - goto common2; - - case KRB4_ENCPWD_ACK: - strlcpy((char *)buf, " ACK", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int passwdok(name, passwd) -char *name, *passwd; -{ - char *crypt(); - char *salt, *p; - struct passwd *pwd; - int passwdok_status = 0; - - if (pwd = k_getpwnam(name)) - salt = pwd->pw_passwd; - else salt = "xx"; - - p = crypt(passwd, salt); - - if (pwd && !strcmp(p, pwd->pw_passwd)) { - passwdok_status = 1; - } else passwdok_status = 0; - return(passwdok_status); -} - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/misc-proto.h b/crypto/kerberosIV/appl/telnet/libtelnet/misc-proto.h deleted file mode 100644 index a31d9245eb80..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/misc-proto.h +++ /dev/null @@ -1,79 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)misc-proto.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Copyright (C) 1990 by the Massachusetts Institute of Technology - * - * Export of this software from the United States of America is assumed - * to require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - */ - -/* $Id: misc-proto.h,v 1.7 1998/07/09 23:16:30 assar Exp $ */ - -#ifndef __MISC_PROTO__ -#define __MISC_PROTO__ - -void auth_encrypt_init (char *, char *, char *, int); -void auth_encrypt_user(char *name); -void auth_encrypt_connect (int); -void printd (const unsigned char *, int); - -char** genget (char *name, char **table, int stlen); -int isprefix(char *s1, char *s2); -int Ambiguous(void *s); - -/* - * These functions are imported from the application - */ -int telnet_net_write (unsigned char *, int); -void net_encrypt (void); -int telnet_spin (void); -char *telnet_getenv (char *); -char *telnet_gets (char *, char *, int, int); -void printsub(int direction, unsigned char *pointer, int length); -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/misc.c b/crypto/kerberosIV/appl/telnet/libtelnet/misc.c deleted file mode 100644 index 2d9199f03eed..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/misc.c +++ /dev/null @@ -1,94 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: misc.c,v 1.13 1998/06/13 00:06:54 assar Exp $"); - -#include -#include -#include -#include -#ifdef SOCKS -#include -#endif -#include "misc.h" -#include "auth.h" -#include "encrypt.h" - - -char *RemoteHostName; -char *LocalHostName; -char *UserNameRequested = 0; -int ConnectedCount = 0; - -void -auth_encrypt_init(char *local, char *remote, char *name, int server) -{ - RemoteHostName = remote; - LocalHostName = local; -#ifdef AUTHENTICATION - auth_init(name, server); -#endif -#ifdef ENCRYPTION - encrypt_init(name, server); -#endif - if (UserNameRequested) { - free(UserNameRequested); - UserNameRequested = 0; - } -} - -void -auth_encrypt_user(char *name) -{ - if (UserNameRequested) - free(UserNameRequested); - UserNameRequested = name ? strdup(name) : 0; -} - -void -auth_encrypt_connect(int cnt) -{ -} - -void -printd(const unsigned char *data, int cnt) -{ - if (cnt > 16) - cnt = 16; - while (cnt-- > 0) { - printf(" %02x", *data); - ++data; - } -} diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/misc.h b/crypto/kerberosIV/appl/telnet/libtelnet/misc.h deleted file mode 100644 index 41ffa7f67aa7..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/misc.h +++ /dev/null @@ -1,42 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)misc.h 8.1 (Berkeley) 6/4/93 - */ - -extern char *UserNameRequested; -extern char *LocalHostName; -extern char *RemoteHostName; -extern int ConnectedCount; -extern int ReservedPort; - -#include "misc-proto.h" diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/rsaencpwd.c b/crypto/kerberosIV/appl/telnet/libtelnet/rsaencpwd.c deleted file mode 100644 index dafb4486b6fa..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/rsaencpwd.c +++ /dev/null @@ -1,487 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: rsaencpwd.c,v 1.18 1999/09/16 20:41:34 assar Exp $"); - -#ifdef RSA_ENCPWD -/* - * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION - * ALL RIGHTS RESERVED - * - * "Digital Equipment Corporation authorizes the reproduction, - * distribution and modification of this software subject to the following - * restrictions: - * - * 1. Any partial or whole copy of this software, or any modification - * thereof, must include this copyright notice in its entirety. - * - * 2. This software is supplied "as is" with no warranty of any kind, - * expressed or implied, for any purpose, including any warranty of fitness - * or merchantibility. DIGITAL assumes no responsibility for the use or - * reliability of this software, nor promises to provide any form of - * support for it on any basis. - * - * 3. Distribution of this software is authorized only if no profit or - * remuneration of any kind is received in exchange for such distribution. - * - * 4. This software produces public key authentication certificates - * bearing an expiration date established by DIGITAL and RSA Data - * Security, Inc. It may cease to generate certificates after the expiration - * date. Any modification of this software that changes or defeats - * the expiration date or its effect is unauthorized. - * - * 5. Software that will renew or extend the expiration date of - * authentication certificates produced by this software may be obtained - * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA - * 94065, (415)595-8782, or from DIGITAL" - * - */ - -#include -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include - -#include -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" -#include "cdc.h" - -extern auth_debug_mode; - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_RSA_ENCPWD, }; -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; - -#define RSA_ENCPWD_AUTH 0 /* Authentication data follows */ -#define RSA_ENCPWD_REJECT 1 /* Rejected (reason might follow) */ -#define RSA_ENCPWD_ACCEPT 2 /* Accepted */ -#define RSA_ENCPWD_CHALLENGEKEY 3 /* Challenge and public key */ - -#define NAME_SZ 40 -#define CHAL_SZ 20 -#define PWD_SZ 40 - -static KTEXT_ST auth; -static char name[NAME_SZ]; -static char user_passwd[PWD_SZ]; -static char key_file[2*NAME_SZ]; -static char lhostname[NAME_SZ]; -static char challenge[CHAL_SZ]; -static int challenge_len; - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - void *d; - int c; -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen((char *)cd); - - if (0) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - if (type != NULL) *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - - int -rsaencpwd_init(ap, server) - Authenticator *ap; - int server; -{ - char *cp; - FILE *fp; - - if (server) { - str_data[3] = TELQUAL_REPLY; - memset(key_file, 0, sizeof(key_file)); - gethostname(lhostname, sizeof(lhostname)); - if ((cp = strchr(lhostname, '.')) != 0) *cp = '\0'; - snprintf(key_file, sizeof(key_file), - "/etc/.%s_privkey", lhostname); - if ((fp=fopen(key_file, "r"))==NULL) return(0); - fclose(fp); - } else { - str_data[3] = TELQUAL_IS; - } - return(1); -} - - int -rsaencpwd_send(ap) - Authenticator *ap; -{ - - printf("[ Trying RSAENCPWD ... ]\r\n"); - if (!UserNameRequested) { - return(0); - } - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - return(0); - } - if (!Data(ap, NULL, NULL, 0)) { - return(0); - } - - - return(1); -} - - void -rsaencpwd_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - des_cblock datablock; - char r_passwd[PWD_SZ], r_user[NAME_SZ]; - char *cp, key[160]; - char chalkey[160], *ptr; - FILE *fp; - int r, i, j, chalkey_len, len; - time_t now; - - cnt--; - switch (*data++) { - case RSA_ENCPWD_AUTH: - memmove(auth.dat, data, auth.length = cnt); - - if ((fp=fopen(key_file, "r"))==NULL) { - Data(ap, RSA_ENCPWD_REJECT, "Auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - /* - * get privkey - */ - fscanf(fp, "%x;", &len); - for (i=0;iway & AUTH_HOW_MASK) == AUTH_HOW_ONE_WAY) { - int i; - - - time(&now); - if ((now % 2) == 0) { - snprintf(challenge, sizeof(challenge), "%x", now); - challenge_len = strlen(challenge); - } else { - strlcpy(challenge, "randchal", sizeof(challenge)); - challenge_len = 8; - } - - if ((fp=fopen(key_file, "r"))==NULL) { - Data(ap, RSA_ENCPWD_REJECT, "Auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - /* - * skip privkey - */ - fscanf(fp, "%x;", &len); - for (i=0;i 0) { - printf("[ RSA_ENCPWD refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ RSA_ENCPWD refuses authentication ]\r\n"); - auth_send_retry(); - return; - case RSA_ENCPWD_ACCEPT: - printf("[ RSA_ENCPWD accepts you ]\r\n"); - auth_finished(ap, AUTH_USER); - return; - case RSA_ENCPWD_CHALLENGEKEY: - /* - * Verify that the response to the challenge is correct. - */ - - memmove(chalkey, data, cnt); - ptr = (char *) &chalkey[0]; - ptr += DecodeHeaderLength(chalkey); - if (*ptr != 0x04) { - return; - } - *ptr++; - challenge_len = DecodeValueLength(ptr); - ptr += NumEncodeLengthOctets(challenge_len); - memmove(challenge, ptr, challenge_len); - ptr += challenge_len; - if (*ptr != 0x04) { - return; - } - *ptr++; - pubkey_len = DecodeValueLength(ptr); - ptr += NumEncodeLengthOctets(pubkey_len); - memmove(pubkey, ptr, pubkey_len); - memset(user_passwd, 0, sizeof(user_passwd)); - des_read_pw_string(user_passwd, sizeof(user_passwd)-1, "Password: ", 0); - UserPassword = user_passwd; - Challenge = challenge; - r = init_rsa_encpwd(&token, user_passwd, challenge, challenge_len, pubkey); - if (r < 0) { - token.length = 1; - } - - if (!Data(ap, RSA_ENCPWD_AUTH, token.dat, token.length)) { - return; - } - - break; - - default: - return; - } -} - - int -rsaencpwd_status(ap, name, name_sz, level) - Authenticator *ap; - char *name; - size_t name_sz; - int level; -{ - - if (level < AUTH_USER) - return(level); - - if (UserNameRequested && rsaencpwd_passwdok(UserNameRequested, UserPassword)) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else { - return(AUTH_USER); - } -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -rsaencpwd_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; -{ - int i; - - buf[buflen-1] = '\0'; /* make sure its NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case RSA_ENCPWD_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case RSA_ENCPWD_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case RSA_ENCPWD_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - case RSA_ENCPWD_CHALLENGEKEY: - strlcpy((char *)buf, " CHALLENGEKEY", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -int rsaencpwd_passwdok(name, passwd) -char *name, *passwd; -{ - char *crypt(); - char *salt, *p; - struct passwd *pwd; - int passwdok_status = 0; - - if (pwd = k_getpwnam(name)) - salt = pwd->pw_passwd; - else salt = "xx"; - - p = crypt(passwd, salt); - - if (pwd && !strcmp(p, pwd->pw_passwd)) { - passwdok_status = 1; - } else passwdok_status = 0; - return(passwdok_status); -} - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/libtelnet/spx.c b/crypto/kerberosIV/appl/telnet/libtelnet/spx.c deleted file mode 100644 index 9155ef2f3df8..000000000000 --- a/crypto/kerberosIV/appl/telnet/libtelnet/spx.c +++ /dev/null @@ -1,586 +0,0 @@ -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include - -RCSID("$Id: spx.c,v 1.17 1999/09/16 20:41:34 assar Exp $"); - -#ifdef SPX -/* - * COPYRIGHT (C) 1990 DIGITAL EQUIPMENT CORPORATION - * ALL RIGHTS RESERVED - * - * "Digital Equipment Corporation authorizes the reproduction, - * distribution and modification of this software subject to the following - * restrictions: - * - * 1. Any partial or whole copy of this software, or any modification - * thereof, must include this copyright notice in its entirety. - * - * 2. This software is supplied "as is" with no warranty of any kind, - * expressed or implied, for any purpose, including any warranty of fitness - * or merchantibility. DIGITAL assumes no responsibility for the use or - * reliability of this software, nor promises to provide any form of - * support for it on any basis. - * - * 3. Distribution of this software is authorized only if no profit or - * remuneration of any kind is received in exchange for such distribution. - * - * 4. This software produces public key authentication certificates - * bearing an expiration date established by DIGITAL and RSA Data - * Security, Inc. It may cease to generate certificates after the expiration - * date. Any modification of this software that changes or defeats - * the expiration date or its effect is unauthorized. - * - * 5. Software that will renew or extend the expiration date of - * authentication certificates produced by this software may be obtained - * from RSA Data Security, Inc., 10 Twin Dolphin Drive, Redwood City, CA - * 94065, (415)595-8782, or from DIGITAL" - * - */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_ARPA_TELNET_H -#include -#endif -#include -#include "gssapi_defs.h" -#include -#include - -#include -#ifdef SOCKS -#include -#endif - -#include "encrypt.h" -#include "auth.h" -#include "misc.h" - -extern auth_debug_mode; - -static unsigned char str_data[1024] = { IAC, SB, TELOPT_AUTHENTICATION, 0, - AUTHTYPE_SPX, }; -static unsigned char str_name[1024] = { IAC, SB, TELOPT_AUTHENTICATION, - TELQUAL_NAME, }; - -#define SPX_AUTH 0 /* Authentication data follows */ -#define SPX_REJECT 1 /* Rejected (reason might follow) */ -#define SPX_ACCEPT 2 /* Accepted */ - -static des_key_schedule sched; -static des_cblock challenge = { 0 }; - - -/*******************************************************************/ - -gss_OID_set actual_mechs; -gss_OID actual_mech_type, output_name_type; -int major_status, status, msg_ctx = 0, new_status; -int req_flags = 0, ret_flags, lifetime_rec; -gss_cred_id_t gss_cred_handle; -gss_ctx_id_t actual_ctxhandle, context_handle; -gss_buffer_desc output_token, input_token, input_name_buffer; -gss_buffer_desc status_string; -gss_name_t desired_targname, src_name; -gss_channel_bindings input_chan_bindings; -char lhostname[GSS_C_MAX_PRINTABLE_NAME]; -char targ_printable[GSS_C_MAX_PRINTABLE_NAME]; -int to_addr=0, from_addr=0; -char *address; -gss_buffer_desc fullname_buffer; -gss_OID fullname_type; -gss_cred_id_t gss_delegated_cred_handle; - -/*******************************************************************/ - - - - static int -Data(ap, type, d, c) - Authenticator *ap; - int type; - void *d; - int c; -{ - unsigned char *p = str_data + 4; - unsigned char *cd = (unsigned char *)d; - - if (c == -1) - c = strlen((char *)cd); - - if (0) { - printf("%s:%d: [%d] (%d)", - str_data[3] == TELQUAL_IS ? ">>>IS" : ">>>REPLY", - str_data[3], - type, c); - printd(d, c); - printf("\r\n"); - } - *p++ = ap->type; - *p++ = ap->way; - *p++ = type; - while (c-- > 0) { - if ((*p++ = *cd++) == IAC) - *p++ = IAC; - } - *p++ = IAC; - *p++ = SE; - if (str_data[3] == TELQUAL_IS) - printsub('>', &str_data[2], p - (&str_data[2])); - return(telnet_net_write(str_data, p - str_data)); -} - - int -spx_init(ap, server) - Authenticator *ap; - int server; -{ - gss_cred_id_t tmp_cred_handle; - - if (server) { - str_data[3] = TELQUAL_REPLY; - gethostname(lhostname, sizeof(lhostname)); - snprintf (targ_printable, sizeof(targ_printable), - "SERVICE:rcmd@%s", lhostname); - input_name_buffer.length = strlen(targ_printable); - input_name_buffer.value = targ_printable; - major_status = gss_import_name(&status, - &input_name_buffer, - GSS_C_NULL_OID, - &desired_targname); - major_status = gss_acquire_cred(&status, - desired_targname, - 0, - GSS_C_NULL_OID_SET, - GSS_C_ACCEPT, - &tmp_cred_handle, - &actual_mechs, - &lifetime_rec); - if (major_status != GSS_S_COMPLETE) return(0); - } else { - str_data[3] = TELQUAL_IS; - } - return(1); -} - - int -spx_send(ap) - Authenticator *ap; -{ - des_cblock enckey; - int r; - - gss_OID actual_mech_type, output_name_type; - int msg_ctx = 0, new_status, status; - int req_flags = 0, ret_flags, lifetime_rec, major_status; - gss_buffer_desc output_token, input_token, input_name_buffer; - gss_buffer_desc output_name_buffer, status_string; - gss_name_t desired_targname; - gss_channel_bindings input_chan_bindings; - char targ_printable[GSS_C_MAX_PRINTABLE_NAME]; - int from_addr=0, to_addr=0, myhostlen, j; - int deleg_flag=1, mutual_flag=0, replay_flag=0, seq_flag=0; - char *address; - - printf("[ Trying SPX ... ]\r\n"); - snprintf (targ_printable, sizeof(targ_printable), - "SERVICE:rcmd@%s", RemoteHostName); - - input_name_buffer.length = strlen(targ_printable); - input_name_buffer.value = targ_printable; - - if (!UserNameRequested) { - return(0); - } - - major_status = gss_import_name(&status, - &input_name_buffer, - GSS_C_NULL_OID, - &desired_targname); - - - major_status = gss_display_name(&status, - desired_targname, - &output_name_buffer, - &output_name_type); - - printf("target is '%s'\n", output_name_buffer.value); fflush(stdout); - - major_status = gss_release_buffer(&status, &output_name_buffer); - - input_chan_bindings = (gss_channel_bindings) - malloc(sizeof(gss_channel_bindings_desc)); - - input_chan_bindings->initiator_addrtype = GSS_C_AF_INET; - input_chan_bindings->initiator_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->initiator_address.value = (char *) address; - address[0] = ((from_addr & 0xff000000) >> 24); - address[1] = ((from_addr & 0xff0000) >> 16); - address[2] = ((from_addr & 0xff00) >> 8); - address[3] = (from_addr & 0xff); - input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET; - input_chan_bindings->acceptor_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->acceptor_address.value = (char *) address; - address[0] = ((to_addr & 0xff000000) >> 24); - address[1] = ((to_addr & 0xff0000) >> 16); - address[2] = ((to_addr & 0xff00) >> 8); - address[3] = (to_addr & 0xff); - input_chan_bindings->application_data.length = 0; - - req_flags = 0; - if (deleg_flag) req_flags = req_flags | 1; - if (mutual_flag) req_flags = req_flags | 2; - if (replay_flag) req_flags = req_flags | 4; - if (seq_flag) req_flags = req_flags | 8; - - major_status = gss_init_sec_context(&status, /* minor status */ - GSS_C_NO_CREDENTIAL, /* cred handle */ - &actual_ctxhandle, /* ctx handle */ - desired_targname, /* target name */ - GSS_C_NULL_OID, /* mech type */ - req_flags, /* req flags */ - 0, /* time req */ - input_chan_bindings, /* chan binding */ - GSS_C_NO_BUFFER, /* input token */ - &actual_mech_type, /* actual mech */ - &output_token, /* output token */ - &ret_flags, /* ret flags */ - &lifetime_rec); /* time rec */ - - if ((major_status != GSS_S_COMPLETE) && - (major_status != GSS_S_CONTINUE_NEEDED)) { - gss_display_status(&new_status, - status, - GSS_C_MECH_CODE, - GSS_C_NULL_OID, - &msg_ctx, - &status_string); - printf("%s\n", status_string.value); - return(0); - } - - if (!auth_sendname(UserNameRequested, strlen(UserNameRequested))) { - return(0); - } - - if (!Data(ap, SPX_AUTH, output_token.value, output_token.length)) { - return(0); - } - - return(1); -} - - void -spx_is(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - des_cblock datablock; - int r; - - if (cnt-- < 1) - return; - switch (*data++) { - case SPX_AUTH: - input_token.length = cnt; - input_token.value = (char *) data; - - gethostname(lhostname, sizeof(lhostname)); - - snprintf(targ_printable, sizeof(targ_printable), - "SERVICE:rcmd@%s", lhostname); - - input_name_buffer.length = strlen(targ_printable); - input_name_buffer.value = targ_printable; - - major_status = gss_import_name(&status, - &input_name_buffer, - GSS_C_NULL_OID, - &desired_targname); - - major_status = gss_acquire_cred(&status, - desired_targname, - 0, - GSS_C_NULL_OID_SET, - GSS_C_ACCEPT, - &gss_cred_handle, - &actual_mechs, - &lifetime_rec); - - major_status = gss_release_name(&status, desired_targname); - - input_chan_bindings = (gss_channel_bindings) - malloc(sizeof(gss_channel_bindings_desc)); - - input_chan_bindings->initiator_addrtype = GSS_C_AF_INET; - input_chan_bindings->initiator_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->initiator_address.value = (char *) address; - address[0] = ((from_addr & 0xff000000) >> 24); - address[1] = ((from_addr & 0xff0000) >> 16); - address[2] = ((from_addr & 0xff00) >> 8); - address[3] = (from_addr & 0xff); - input_chan_bindings->acceptor_addrtype = GSS_C_AF_INET; - input_chan_bindings->acceptor_address.length = 4; - address = (char *) malloc(4); - input_chan_bindings->acceptor_address.value = (char *) address; - address[0] = ((to_addr & 0xff000000) >> 24); - address[1] = ((to_addr & 0xff0000) >> 16); - address[2] = ((to_addr & 0xff00) >> 8); - address[3] = (to_addr & 0xff); - input_chan_bindings->application_data.length = 0; - - major_status = gss_accept_sec_context(&status, - &context_handle, - gss_cred_handle, - &input_token, - input_chan_bindings, - &src_name, - &actual_mech_type, - &output_token, - &ret_flags, - &lifetime_rec, - &gss_delegated_cred_handle); - - - if (major_status != GSS_S_COMPLETE) { - - major_status = gss_display_name(&status, - src_name, - &fullname_buffer, - &fullname_type); - Data(ap, SPX_REJECT, "auth failed", -1); - auth_finished(ap, AUTH_REJECT); - return; - } - - major_status = gss_display_name(&status, - src_name, - &fullname_buffer, - &fullname_type); - - - Data(ap, SPX_ACCEPT, output_token.value, output_token.length); - auth_finished(ap, AUTH_USER); - break; - - default: - Data(ap, SPX_REJECT, 0, 0); - break; - } -} - - - void -spx_reply(ap, data, cnt) - Authenticator *ap; - unsigned char *data; - int cnt; -{ - Session_Key skey; - - if (cnt-- < 1) - return; - switch (*data++) { - case SPX_REJECT: - if (cnt > 0) { - printf("[ SPX refuses authentication because %.*s ]\r\n", - cnt, data); - } else - printf("[ SPX refuses authentication ]\r\n"); - auth_send_retry(); - return; - case SPX_ACCEPT: - printf("[ SPX accepts you ]\r\n"); - if ((ap->way & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) { - /* - * Send over the encrypted challenge. - */ - input_token.value = (char *) data; - input_token.length = cnt; - - major_status = gss_init_sec_context(&status, /* minor stat */ - GSS_C_NO_CREDENTIAL, /* cred handle */ - &actual_ctxhandle, /* ctx handle */ - desired_targname, /* target name */ - GSS_C_NULL_OID, /* mech type */ - req_flags, /* req flags */ - 0, /* time req */ - input_chan_bindings, /* chan binding */ - &input_token, /* input token */ - &actual_mech_type, /* actual mech */ - &output_token, /* output token */ - &ret_flags, /* ret flags */ - &lifetime_rec); /* time rec */ - - if (major_status != GSS_S_COMPLETE) { - gss_display_status(&new_status, - status, - GSS_C_MECH_CODE, - GSS_C_NULL_OID, - &msg_ctx, - &status_string); - printf("[ SPX mutual response fails ... '%s' ]\r\n", - status_string.value); - auth_send_retry(); - return; - } - } - auth_finished(ap, AUTH_USER); - return; - - default: - return; - } -} - - int -spx_status(ap, name, name_sz, level) - Authenticator *ap; - char *name; - size_t name_sz; - int level; -{ - - gss_buffer_desc fullname_buffer, acl_file_buffer; - gss_OID fullname_type; - char acl_file[160], fullname[160]; - int major_status, status = 0; - struct passwd *pwd; - - /* - * hard code fullname to - * "SPX:/C=US/O=Digital/OU=LKG/OU=Sphinx/OU=Users/CN=Kannan Alagappan" - * and acl_file to "~kannan/.sphinx" - */ - - pwd = k_getpwnam(UserNameRequested); - if (pwd == NULL) { - return(AUTH_USER); /* not authenticated */ - } - - snprintf (acl_file, sizeof(acl_file), - "%s/.sphinx", pwd->pw_dir); - - acl_file_buffer.value = acl_file; - acl_file_buffer.length = strlen(acl_file); - - major_status = gss_display_name(&status, - src_name, - &fullname_buffer, - &fullname_type); - - if (level < AUTH_USER) - return(level); - - major_status = gss__check_acl(&status, &fullname_buffer, - &acl_file_buffer); - - if (major_status == GSS_S_COMPLETE) { - strlcpy(name, UserNameRequested, name_sz); - return(AUTH_VALID); - } else { - return(AUTH_USER); - } - -} - -#define BUMP(buf, len) while (*(buf)) {++(buf), --(len);} -#define ADDC(buf, len, c) if ((len) > 0) {*(buf)++ = (c); --(len);} - - void -spx_printsub(data, cnt, buf, buflen) - unsigned char *data, *buf; - int cnt, buflen; -{ - int i; - - buf[buflen-1] = '\0'; /* make sure its NULL terminated */ - buflen -= 1; - - switch(data[3]) { - case SPX_REJECT: /* Rejected (reason might follow) */ - strlcpy((char *)buf, " REJECT ", buflen); - goto common; - - case SPX_ACCEPT: /* Accepted (name might follow) */ - strlcpy((char *)buf, " ACCEPT ", buflen); - common: - BUMP(buf, buflen); - if (cnt <= 4) - break; - ADDC(buf, buflen, '"'); - for (i = 4; i < cnt; i++) - ADDC(buf, buflen, data[i]); - ADDC(buf, buflen, '"'); - ADDC(buf, buflen, '\0'); - break; - - case SPX_AUTH: /* Authentication data follows */ - strlcpy((char *)buf, " AUTH", buflen); - goto common2; - - default: - snprintf(buf, buflen, " %d (unknown)", data[3]); - common2: - BUMP(buf, buflen); - for (i = 4; i < cnt; i++) { - snprintf(buf, buflen, " %d", data[i]); - BUMP(buf, buflen); - } - break; - } -} - -#endif - -#ifdef notdef - -prkey(msg, key) - char *msg; - unsigned char *key; -{ - int i; - printf("%s:", msg); - for (i = 0; i < 8; i++) - printf(" %3d", key[i]); - printf("\r\n"); -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/telnet.state b/crypto/kerberosIV/appl/telnet/telnet.state deleted file mode 100644 index 1927a2b4bb5b..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet.state +++ /dev/null @@ -1,80 +0,0 @@ - - Three pieces of state need to be kept for each side of each option. - (You need the localside, sending WILL/WONT & receiving DO/DONT, and - the remoteside, sending DO/DONT and receiving WILL/WONT) - - MY_STATE: What state am I in? - WANT_STATE: What state do I want? - WANT_RESP: How many requests have I initiated? - - Default values: - MY_STATE = WANT_STATE = DONT - WANT_RESP = 0 - - The local setup will change based on the state of the Telnet - variables. When we are the originator, we can either make the - local setup changes at option request time (in which case if - the option is denied we need to change things back) or when - the option is acknowledged. - - To initiate a switch to NEW_STATE: - - if ((WANT_RESP == 0 && NEW_STATE == MY_STATE) || - WANT_STATE == NEW_STATE) { - do nothing; - } else { - /* - * This is where the logic goes to change the local setup - * if we are doing so at request initiation - */ - WANT_STATE = NEW_STATE; - send NEW_STATE; - WANT_RESP += 1; - } - - When receiving NEW_STATE: - - if (WANT_RESP) { - --WANT_RESP; - if (WANT_RESP && (NEW_STATE == MY_STATE)) - --WANT_RESP; - } - if (WANT_RESP == 0) { - if (NEW_STATE != WANT_STATE) { - /* - * This is where the logic goes to decide if it is ok - * to switch to NEW_STATE, and if so, do any necessary - * local setup changes. - */ - if (ok_to_switch_to NEW_STATE) - WANT_STATE = NEW_STATE; - else - WANT_RESP++; -* if (MY_STATE != WANT_STATE) - reply with WANT_STATE; - } else { - /* - * This is where the logic goes to change the local setup - * if we are doing so at request acknowledgment - */ - } - } - MY_STATE = NEW_STATE; - -* This if() line is not needed, it should be ok to always do the - "reply with WANT_STATE". With the if() line, asking to turn on - an option that the other side doesn't understand is: - Send DO option - Recv WONT option - Without the if() line, it is: - Send DO option - Recv WONT option - Send DONT option - If the other side does not expect to receive the latter case, - but generates the latter case, then there is a potential for - option negotiation loops. An implementation that does not expect - to get the second case should not generate it, an implementation - that does expect to get it may or may not generate it, and things - will still work. Being conservative in what we send, we have the - if() statement in, but we expect the other side to generate the - last response. diff --git a/crypto/kerberosIV/appl/telnet/telnet/Makefile.am b/crypto/kerberosIV/appl/telnet/telnet/Makefile.am deleted file mode 100644 index 882aa243d9a5..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/Makefile.am +++ /dev/null @@ -1,20 +0,0 @@ -# $Id: Makefile.am,v 1.12 1999/06/23 12:37:58 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += -I$(srcdir)/.. $(INCLUDE_krb4) - -bin_PROGRAMS = telnet - -CHECK_LOCAL = - -telnet_SOURCES = authenc.c commands.c main.c network.c ring.c \ - sys_bsd.c telnet.c terminal.c \ - utilities.c defines.h externs.h ring.h telnet_locl.h types.h - -LDADD = ../libtelnet/libtelnet.a \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_tgetent) \ - $(LIB_roken) diff --git a/crypto/kerberosIV/appl/telnet/telnet/Makefile.in b/crypto/kerberosIV/appl/telnet/telnet/Makefile.in deleted file mode 100644 index 4da3e0548e48..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/Makefile.in +++ /dev/null @@ -1,75 +0,0 @@ -# $Id: Makefile.in,v 1.34 1999/03/11 13:50:09 joda Exp $ - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -LIBS = @LIBS@ -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -PROGS = telnet$(EXECSUFFIX) - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -bindir = @bindir@ -libdir = @libdir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -SOURCES=authenc.c commands.c main.c network.c ring.c \ - sys_bsd.c telnet.c terminal.c \ - utilities.c - -OBJECTS=authenc.o commands.o main.o network.o ring.o sys_bsd.o \ - telnet.o terminal.o utilities.o - -libtop=@libtop@ - -LIBKRB = -L../../../lib/krb -lkrb -LIBDES = -L../../../lib/des -ldes -LIBROKEN = -L../../../lib/roken -lroken - -KLIB=$(LIBKRB) $(LIBDES) - - -all: $(PROGS) - -.c.o: - $(CC) -c $(DEFS) -I../../../include -I.. -I$(srcdir)/.. $(CFLAGS) $(CPPFLAGS) $< - -telnet$(EXECSUFFIX): $(OBJECTS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS) -L../libtelnet -ltelnet $(KLIB) $(LIBROKEN) $(LIBS) @LIB_tgetent@ $(LIBROKEN) - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -clean cleandir: - rm -f *.o *.a telnet$(EXECSUFFIX) \#* *~ core - -distclean: clean - rm -f Makefile *~ - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/telnet/telnet/authenc.c b/crypto/kerberosIV/appl/telnet/telnet/authenc.c deleted file mode 100644 index 6150fc7e21ca..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/authenc.c +++ /dev/null @@ -1,91 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: authenc.c,v 1.10 1999/09/16 20:41:35 assar Exp $"); - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) -int -telnet_net_write(unsigned char *str, int len) -{ - if (NETROOM() > len) { - ring_supply_data(&netoring, str, len); - if (str[0] == IAC && str[1] == SE) - printsub('>', &str[2], len-2); - return(len); - } - return(0); -} - -void -net_encrypt(void) -{ -#if defined(ENCRYPTION) - if (encrypt_output) - ring_encrypt(&netoring, encrypt_output); - else - ring_clearto(&netoring); -#endif -} - -int -telnet_spin(void) -{ - return(-1); -} - -char * -telnet_getenv(char *val) -{ - return((char *)env_getvalue((unsigned char *)val)); -} - -char * -telnet_gets(char *prompt, char *result, int length, int echo) -{ - int om = globalmode; - char *res; - - TerminalNewMode(-1); - if (echo) { - printf("%s", prompt); - res = fgets(result, length, stdin); - } else if ((res = getpass(prompt))) { - strlcpy(result, res, length); - res = result; - } - TerminalNewMode(om); - return(res); -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/telnet/commands.c b/crypto/kerberosIV/appl/telnet/telnet/commands.c deleted file mode 100644 index fe77b56d6fa7..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/commands.c +++ /dev/null @@ -1,2693 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: commands.c,v 1.56 1999/09/16 20:41:35 assar Exp $"); - -#if defined(IPPROTO_IP) && defined(IP_TOS) -int tos = -1; -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - -char *hostname; -static char _hostname[MaxHostNameLen]; - -typedef int (*intrtn_t)(int, char**); -static int call(intrtn_t, ...); - -typedef struct { - char *name; /* command name */ - char *help; /* help string (NULL for no help) */ - int (*handler)(); /* routine which executes command */ - int needconnect; /* Do we need to be connected to execute? */ -} Command; - -static char line[256]; -static char saveline[256]; -static int margc; -static char *margv[20]; - -static void -makeargv() -{ - char *cp, *cp2, c; - char **argp = margv; - - margc = 0; - cp = line; - if (*cp == '!') { /* Special case shell escape */ - /* save for shell command */ - strlcpy(saveline, line, sizeof(saveline)); - *argp++ = "!"; /* No room in string to get this */ - margc++; - cp++; - } - while ((c = *cp)) { - int inquote = 0; - while (isspace(c)) - c = *++cp; - if (c == '\0') - break; - *argp++ = cp; - margc += 1; - for (cp2 = cp; c != '\0'; c = *++cp) { - if (inquote) { - if (c == inquote) { - inquote = 0; - continue; - } - } else { - if (c == '\\') { - if ((c = *++cp) == '\0') - break; - } else if (c == '"') { - inquote = '"'; - continue; - } else if (c == '\'') { - inquote = '\''; - continue; - } else if (isspace(c)) - break; - } - *cp2++ = c; - } - *cp2 = '\0'; - if (c == '\0') - break; - cp++; - } - *argp++ = 0; -} - -/* - * Make a character string into a number. - * - * Todo: 1. Could take random integers (12, 0x12, 012, 0b1). - */ - -static char -special(char *s) -{ - char c; - char b; - - switch (*s) { - case '^': - b = *++s; - if (b == '?') { - c = b | 0x40; /* DEL */ - } else { - c = b & 0x1f; - } - break; - default: - c = *s; - break; - } - return c; -} - -/* - * Construct a control character sequence - * for a special character. - */ -static char * -control(cc_t c) -{ - static char buf[5]; - /* - * The only way I could get the Sun 3.5 compiler - * to shut up about - * if ((unsigned int)c >= 0x80) - * was to assign "c" to an unsigned int variable... - * Arggg.... - */ - unsigned int uic = (unsigned int)c; - - if (uic == 0x7f) - return ("^?"); - if (c == (cc_t)_POSIX_VDISABLE) { - return "off"; - } - if (uic >= 0x80) { - buf[0] = '\\'; - buf[1] = ((c>>6)&07) + '0'; - buf[2] = ((c>>3)&07) + '0'; - buf[3] = (c&07) + '0'; - buf[4] = 0; - } else if (uic >= 0x20) { - buf[0] = c; - buf[1] = 0; - } else { - buf[0] = '^'; - buf[1] = '@'+c; - buf[2] = 0; - } - return (buf); -} - - - -/* - * The following are data structures and routines for - * the "send" command. - * - */ - -struct sendlist { - char *name; /* How user refers to it (case independent) */ - char *help; /* Help information (0 ==> no help) */ - int needconnect; /* Need to be connected */ - int narg; /* Number of arguments */ - int (*handler)(); /* Routine to perform (for special ops) */ - int nbyte; /* Number of bytes to send this command */ - int what; /* Character to be sent (<0 ==> special) */ -}; - - -static int - send_esc (void), - send_help (void), - send_docmd (char *), - send_dontcmd (char *), - send_willcmd (char *), - send_wontcmd (char *); - -static struct sendlist Sendlist[] = { - { "ao", "Send Telnet Abort output", 1, 0, 0, 2, AO }, - { "ayt", "Send Telnet 'Are You There'", 1, 0, 0, 2, AYT }, - { "brk", "Send Telnet Break", 1, 0, 0, 2, BREAK }, - { "break", 0, 1, 0, 0, 2, BREAK }, - { "ec", "Send Telnet Erase Character", 1, 0, 0, 2, EC }, - { "el", "Send Telnet Erase Line", 1, 0, 0, 2, EL }, - { "escape", "Send current escape character", 1, 0, send_esc, 1, 0 }, - { "ga", "Send Telnet 'Go Ahead' sequence", 1, 0, 0, 2, GA }, - { "ip", "Send Telnet Interrupt Process", 1, 0, 0, 2, IP }, - { "intp", 0, 1, 0, 0, 2, IP }, - { "interrupt", 0, 1, 0, 0, 2, IP }, - { "intr", 0, 1, 0, 0, 2, IP }, - { "nop", "Send Telnet 'No operation'", 1, 0, 0, 2, NOP }, - { "eor", "Send Telnet 'End of Record'", 1, 0, 0, 2, EOR }, - { "abort", "Send Telnet 'Abort Process'", 1, 0, 0, 2, ABORT }, - { "susp", "Send Telnet 'Suspend Process'", 1, 0, 0, 2, SUSP }, - { "eof", "Send Telnet End of File Character", 1, 0, 0, 2, xEOF }, - { "synch", "Perform Telnet 'Synch operation'", 1, 0, dosynch, 2, 0 }, - { "getstatus", "Send request for STATUS", 1, 0, get_status, 6, 0 }, - { "?", "Display send options", 0, 0, send_help, 0, 0 }, - { "help", 0, 0, 0, send_help, 0, 0 }, - { "do", 0, 0, 1, send_docmd, 3, 0 }, - { "dont", 0, 0, 1, send_dontcmd, 3, 0 }, - { "will", 0, 0, 1, send_willcmd, 3, 0 }, - { "wont", 0, 0, 1, send_wontcmd, 3, 0 }, - { 0 } -}; - -#define GETSEND(name) ((struct sendlist *) genget(name, (char **) Sendlist, \ - sizeof(struct sendlist))) - -static int -sendcmd(int argc, char **argv) -{ - int count; /* how many bytes we are going to need to send */ - int i; - struct sendlist *s; /* pointer to current command */ - int success = 0; - int needconnect = 0; - - if (argc < 2) { - printf("need at least one argument for 'send' command\r\n"); - printf("'send ?' for help\r\n"); - return 0; - } - /* - * First, validate all the send arguments. - * In addition, we see how much space we are going to need, and - * whether or not we will be doing a "SYNCH" operation (which - * flushes the network queue). - */ - count = 0; - for (i = 1; i < argc; i++) { - s = GETSEND(argv[i]); - if (s == 0) { - printf("Unknown send argument '%s'\r\n'send ?' for help.\r\n", - argv[i]); - return 0; - } else if (Ambiguous(s)) { - printf("Ambiguous send argument '%s'\r\n'send ?' for help.\r\n", - argv[i]); - return 0; - } - if (i + s->narg >= argc) { - fprintf(stderr, - "Need %d argument%s to 'send %s' command. 'send %s ?' for help.\r\n", - s->narg, s->narg == 1 ? "" : "s", s->name, s->name); - return 0; - } - count += s->nbyte; - if (s->handler == send_help) { - send_help(); - return 0; - } - - i += s->narg; - needconnect += s->needconnect; - } - if (!connected && needconnect) { - printf("?Need to be connected first.\r\n"); - printf("'send ?' for help\r\n"); - return 0; - } - /* Now, do we have enough room? */ - if (NETROOM() < count) { - printf("There is not enough room in the buffer TO the network\r\n"); - printf("to process your request. Nothing will be done.\r\n"); - printf("('send synch' will throw away most data in the network\r\n"); - printf("buffer, if this might help.)\r\n"); - return 0; - } - /* OK, they are all OK, now go through again and actually send */ - count = 0; - for (i = 1; i < argc; i++) { - if ((s = GETSEND(argv[i])) == 0) { - fprintf(stderr, "Telnet 'send' error - argument disappeared!\r\n"); - quit(); - /*NOTREACHED*/ - } - if (s->handler) { - count++; - success += (*s->handler)((s->narg > 0) ? argv[i+1] : 0, - (s->narg > 1) ? argv[i+2] : 0); - i += s->narg; - } else { - NET2ADD(IAC, s->what); - printoption("SENT", IAC, s->what); - } - } - return (count == success); -} - -static int -send_tncmd(void (*func)(), char *cmd, char *name); - -static int -send_esc() -{ - NETADD(escape); - return 1; -} - -static int -send_docmd(char *name) -{ - return(send_tncmd(send_do, "do", name)); -} - -static int -send_dontcmd(char *name) -{ - return(send_tncmd(send_dont, "dont", name)); -} - -static int -send_willcmd(char *name) -{ - return(send_tncmd(send_will, "will", name)); -} - -static int -send_wontcmd(char *name) -{ - return(send_tncmd(send_wont, "wont", name)); -} - -static int -send_tncmd(void (*func)(), char *cmd, char *name) -{ - char **cpp; - extern char *telopts[]; - int val = 0; - - if (isprefix(name, "help") || isprefix(name, "?")) { - int col, len; - - printf("Usage: send %s \r\n", cmd); - printf("\"value\" must be from 0 to 255\r\n"); - printf("Valid options are:\r\n\t"); - - col = 8; - for (cpp = telopts; *cpp; cpp++) { - len = strlen(*cpp) + 3; - if (col + len > 65) { - printf("\r\n\t"); - col = 8; - } - printf(" \"%s\"", *cpp); - col += len; - } - printf("\r\n"); - return 0; - } - cpp = genget(name, telopts, sizeof(char *)); - if (Ambiguous(cpp)) { - fprintf(stderr,"'%s': ambiguous argument ('send %s ?' for help).\r\n", - name, cmd); - return 0; - } - if (cpp) { - val = cpp - telopts; - } else { - char *cp = name; - - while (*cp >= '0' && *cp <= '9') { - val *= 10; - val += *cp - '0'; - cp++; - } - if (*cp != 0) { - fprintf(stderr, "'%s': unknown argument ('send %s ?' for help).\r\n", - name, cmd); - return 0; - } else if (val < 0 || val > 255) { - fprintf(stderr, "'%s': bad value ('send %s ?' for help).\r\n", - name, cmd); - return 0; - } - } - if (!connected) { - printf("?Need to be connected first.\r\n"); - return 0; - } - (*func)(val, 1); - return 1; -} - -static int -send_help() -{ - struct sendlist *s; /* pointer to current command */ - for (s = Sendlist; s->name; s++) { - if (s->help) - printf("%-15s %s\r\n", s->name, s->help); - } - return(0); -} - -/* - * The following are the routines and data structures referred - * to by the arguments to the "toggle" command. - */ - -static int -lclchars() -{ - donelclchars = 1; - return 1; -} - -static int -togdebug() -{ -#ifndef NOT43 - if (net > 0 && - (SetSockOpt(net, SOL_SOCKET, SO_DEBUG, debug)) < 0) { - perror("setsockopt (SO_DEBUG)"); - } -#else /* NOT43 */ - if (debug) { - if (net > 0 && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 0, 0) < 0) - perror("setsockopt (SO_DEBUG)"); - } else - printf("Cannot turn off socket debugging\r\n"); -#endif /* NOT43 */ - return 1; -} - -#if defined(KRB4) && defined(HAVE_KRB_DISABLE_DEBUG) -#include - -static int -togkrbdebug(void) -{ - if(krb_debug) - krb_enable_debug(); - else - krb_disable_debug(); - return 1; -} -#endif - -static int -togcrlf() -{ - if (crlf) { - printf("Will send carriage returns as telnet .\r\n"); - } else { - printf("Will send carriage returns as telnet .\r\n"); - } - return 1; -} - -int binmode; - -static int -togbinary(int val) -{ - donebinarytoggle = 1; - - if (val >= 0) { - binmode = val; - } else { - if (my_want_state_is_will(TELOPT_BINARY) && - my_want_state_is_do(TELOPT_BINARY)) { - binmode = 1; - } else if (my_want_state_is_wont(TELOPT_BINARY) && - my_want_state_is_dont(TELOPT_BINARY)) { - binmode = 0; - } - val = binmode ? 0 : 1; - } - - if (val == 1) { - if (my_want_state_is_will(TELOPT_BINARY) && - my_want_state_is_do(TELOPT_BINARY)) { - printf("Already operating in binary mode with remote host.\r\n"); - } else { - printf("Negotiating binary mode with remote host.\r\n"); - tel_enter_binary(3); - } - } else { - if (my_want_state_is_wont(TELOPT_BINARY) && - my_want_state_is_dont(TELOPT_BINARY)) { - printf("Already in network ascii mode with remote host.\r\n"); - } else { - printf("Negotiating network ascii mode with remote host.\r\n"); - tel_leave_binary(3); - } - } - return 1; -} - -static int -togrbinary(int val) -{ - donebinarytoggle = 1; - - if (val == -1) - val = my_want_state_is_do(TELOPT_BINARY) ? 0 : 1; - - if (val == 1) { - if (my_want_state_is_do(TELOPT_BINARY)) { - printf("Already receiving in binary mode.\r\n"); - } else { - printf("Negotiating binary mode on input.\r\n"); - tel_enter_binary(1); - } - } else { - if (my_want_state_is_dont(TELOPT_BINARY)) { - printf("Already receiving in network ascii mode.\r\n"); - } else { - printf("Negotiating network ascii mode on input.\r\n"); - tel_leave_binary(1); - } - } - return 1; -} - -static int -togxbinary(int val) -{ - donebinarytoggle = 1; - - if (val == -1) - val = my_want_state_is_will(TELOPT_BINARY) ? 0 : 1; - - if (val == 1) { - if (my_want_state_is_will(TELOPT_BINARY)) { - printf("Already transmitting in binary mode.\r\n"); - } else { - printf("Negotiating binary mode on output.\r\n"); - tel_enter_binary(2); - } - } else { - if (my_want_state_is_wont(TELOPT_BINARY)) { - printf("Already transmitting in network ascii mode.\r\n"); - } else { - printf("Negotiating network ascii mode on output.\r\n"); - tel_leave_binary(2); - } - } - return 1; -} - - -static int togglehelp (void); -#if defined(AUTHENTICATION) -extern int auth_togdebug (int); -#endif -#if defined(ENCRYPTION) -extern int EncryptAutoEnc (int); -extern int EncryptAutoDec (int); -extern int EncryptDebug (int); -extern int EncryptVerbose (int); -#endif - -struct togglelist { - char *name; /* name of toggle */ - char *help; /* help message */ - int (*handler)(); /* routine to do actual setting */ - int *variable; - char *actionexplanation; -}; - -static struct togglelist Togglelist[] = { - { "autoflush", - "flushing of output when sending interrupt characters", - 0, - &autoflush, - "flush output when sending interrupt characters" }, - { "autosynch", - "automatic sending of interrupt characters in urgent mode", - 0, - &autosynch, - "send interrupt characters in urgent mode" }, -#if defined(AUTHENTICATION) - { "autologin", - "automatic sending of login and/or authentication info", - 0, - &autologin, - "send login name and/or authentication information" }, - { "authdebug", - "Toggle authentication debugging", - auth_togdebug, - 0, - "print authentication debugging information" }, -#endif -#if defined(ENCRYPTION) - { "autoencrypt", - "automatic encryption of data stream", - EncryptAutoEnc, - 0, - "automatically encrypt output" }, - { "autodecrypt", - "automatic decryption of data stream", - EncryptAutoDec, - 0, - "automatically decrypt input" }, - { "verbose_encrypt", - "Toggle verbose encryption output", - EncryptVerbose, - 0, - "print verbose encryption output" }, - { "encdebug", - "Toggle encryption debugging", - EncryptDebug, - 0, - "print encryption debugging information" }, -#endif - { "skiprc", - "don't read ~/.telnetrc file", - 0, - &skiprc, - "skip reading of ~/.telnetrc file" }, - { "binary", - "sending and receiving of binary data", - togbinary, - 0, - 0 }, - { "inbinary", - "receiving of binary data", - togrbinary, - 0, - 0 }, - { "outbinary", - "sending of binary data", - togxbinary, - 0, - 0 }, - { "crlf", - "sending carriage returns as telnet ", - togcrlf, - &crlf, - 0 }, - { "crmod", - "mapping of received carriage returns", - 0, - &crmod, - "map carriage return on output" }, - { "localchars", - "local recognition of certain control characters", - lclchars, - &localchars, - "recognize certain control characters" }, - { " ", "", 0 }, /* empty line */ - { "debug", - "debugging", - togdebug, - &debug, - "turn on socket level debugging" }, -#if defined(KRB4) && defined(HAVE_KRB_DISABLE_DEBUG) - { "krb_debug", - "kerberos 4 debugging", - togkrbdebug, - &krb_debug, - "turn on kerberos 4 debugging" }, -#endif - { "netdata", - "printing of hexadecimal network data (debugging)", - 0, - &netdata, - "print hexadecimal representation of network traffic" }, - { "prettydump", - "output of \"netdata\" to user readable format (debugging)", - 0, - &prettydump, - "print user readable output for \"netdata\"" }, - { "options", - "viewing of options processing (debugging)", - 0, - &showoptions, - "show option processing" }, - { "termdata", - "(debugging) toggle printing of hexadecimal terminal data", - 0, - &termdata, - "print hexadecimal representation of terminal traffic" }, - { "?", - 0, - togglehelp }, - { "help", - 0, - togglehelp }, - { 0 } -}; - -static int -togglehelp() -{ - struct togglelist *c; - - for (c = Togglelist; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s toggle %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } - printf("\r\n"); - printf("%-15s %s\r\n", "?", "display help information"); - return 0; -} - -static void -settogglehelp(int set) -{ - struct togglelist *c; - - for (c = Togglelist; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s %s\r\n", c->name, set ? "enable" : "disable", - c->help); - else - printf("\r\n"); - } - } -} - -#define GETTOGGLE(name) (struct togglelist *) \ - genget(name, (char **) Togglelist, sizeof(struct togglelist)) - -static int -toggle(int argc, char *argv[]) -{ - int retval = 1; - char *name; - struct togglelist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'toggle' command. 'toggle ?' for help.\r\n"); - return 0; - } - argc--; - argv++; - while (argc--) { - name = *argv++; - c = GETTOGGLE(name); - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('toggle ?' for help).\r\n", - name); - return 0; - } else if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('toggle ?' for help).\r\n", - name); - return 0; - } else { - if (c->variable) { - *c->variable = !*c->variable; /* invert it */ - if (c->actionexplanation) { - printf("%s %s.\r\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) { - retval &= (*c->handler)(-1); - } - } - } - return retval; -} - -/* - * The following perform the "set" command. - */ - -struct termios new_tc = { 0 }; - -struct setlist { - char *name; /* name */ - char *help; /* help information */ - void (*handler)(); - cc_t *charp; /* where it is located at */ -}; - -static struct setlist Setlist[] = { -#ifdef KLUDGELINEMODE - { "echo", "character to toggle local echoing on/off", 0, &echoc }, -#endif - { "escape", "character to escape back to telnet command mode", 0, &escape }, - { "rlogin", "rlogin escape character", 0, &rlogin }, - { "tracefile", "file to write trace information to", SetNetTrace, (cc_t *)NetTraceFile}, - { " ", "" }, - { " ", "The following need 'localchars' to be toggled true", 0, 0 }, - { "flushoutput", "character to cause an Abort Output", 0, &termFlushChar }, - { "interrupt", "character to cause an Interrupt Process", 0, &termIntChar }, - { "quit", "character to cause an Abort process", 0, &termQuitChar }, - { "eof", "character to cause an EOF ", 0, &termEofChar }, - { " ", "" }, - { " ", "The following are for local editing in linemode", 0, 0 }, - { "erase", "character to use to erase a character", 0, &termEraseChar }, - { "kill", "character to use to erase a line", 0, &termKillChar }, - { "lnext", "character to use for literal next", 0, &termLiteralNextChar }, - { "susp", "character to cause a Suspend Process", 0, &termSuspChar }, - { "reprint", "character to use for line reprint", 0, &termRprntChar }, - { "worderase", "character to use to erase a word", 0, &termWerasChar }, - { "start", "character to use for XON", 0, &termStartChar }, - { "stop", "character to use for XOFF", 0, &termStopChar }, - { "forw1", "alternate end of line character", 0, &termForw1Char }, - { "forw2", "alternate end of line character", 0, &termForw2Char }, - { "ayt", "alternate AYT character", 0, &termAytChar }, - { 0 } -}; - -static struct setlist * -getset(char *name) -{ - return (struct setlist *) - genget(name, (char **) Setlist, sizeof(struct setlist)); -} - -void -set_escape_char(char *s) -{ - if (rlogin != _POSIX_VDISABLE) { - rlogin = (s && *s) ? special(s) : _POSIX_VDISABLE; - printf("Telnet rlogin escape character is '%s'.\r\n", - control(rlogin)); - } else { - escape = (s && *s) ? special(s) : _POSIX_VDISABLE; - printf("Telnet escape character is '%s'.\r\n", control(escape)); - } -} - -static int -setcmd(int argc, char *argv[]) -{ - int value; - struct setlist *ct; - struct togglelist *c; - - if (argc < 2 || argc > 3) { - printf("Format is 'set Name Value'\r\n'set ?' for help.\r\n"); - return 0; - } - if ((argc == 2) && (isprefix(argv[1], "?") || isprefix(argv[1], "help"))) { - for (ct = Setlist; ct->name; ct++) - printf("%-15s %s\r\n", ct->name, ct->help); - printf("\r\n"); - settogglehelp(1); - printf("%-15s %s\r\n", "?", "display help information"); - return 0; - } - - ct = getset(argv[1]); - if (ct == 0) { - c = GETTOGGLE(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('set ?' for help).\r\n", - argv[1]); - return 0; - } else if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\r\n", - argv[1]); - return 0; - } - if (c->variable) { - if ((argc == 2) || (strcmp("on", argv[2]) == 0)) - *c->variable = 1; - else if (strcmp("off", argv[2]) == 0) - *c->variable = 0; - else { - printf("Format is 'set togglename [on|off]'\r\n'set ?' for help.\r\n"); - return 0; - } - if (c->actionexplanation) { - printf("%s %s.\r\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) - (*c->handler)(1); - } else if (argc != 3) { - printf("Format is 'set Name Value'\r\n'set ?' for help.\r\n"); - return 0; - } else if (Ambiguous(ct)) { - fprintf(stderr, "'%s': ambiguous argument ('set ?' for help).\r\n", - argv[1]); - return 0; - } else if (ct->handler) { - (*ct->handler)(argv[2]); - printf("%s set to \"%s\".\r\n", ct->name, (char *)ct->charp); - } else { - if (strcmp("off", argv[2])) { - value = special(argv[2]); - } else { - value = _POSIX_VDISABLE; - } - *(ct->charp) = (cc_t)value; - printf("%s character is '%s'.\r\n", ct->name, control(*(ct->charp))); - } - slc_check(); - return 1; -} - -static int -unsetcmd(int argc, char *argv[]) -{ - struct setlist *ct; - struct togglelist *c; - char *name; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'unset' command. 'unset ?' for help.\r\n"); - return 0; - } - if (isprefix(argv[1], "?") || isprefix(argv[1], "help")) { - for (ct = Setlist; ct->name; ct++) - printf("%-15s %s\r\n", ct->name, ct->help); - printf("\r\n"); - settogglehelp(0); - printf("%-15s %s\r\n", "?", "display help information"); - return 0; - } - - argc--; - argv++; - while (argc--) { - name = *argv++; - ct = getset(name); - if (ct == 0) { - c = GETTOGGLE(name); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('unset ?' for help).\r\n", - name); - return 0; - } else if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\r\n", - name); - return 0; - } - if (c->variable) { - *c->variable = 0; - if (c->actionexplanation) { - printf("%s %s.\r\n", *c->variable? "Will" : "Won't", - c->actionexplanation); - } - } - if (c->handler) - (*c->handler)(0); - } else if (Ambiguous(ct)) { - fprintf(stderr, "'%s': ambiguous argument ('unset ?' for help).\r\n", - name); - return 0; - } else if (ct->handler) { - (*ct->handler)(0); - printf("%s reset to \"%s\".\r\n", ct->name, (char *)ct->charp); - } else { - *(ct->charp) = _POSIX_VDISABLE; - printf("%s character is '%s'.\r\n", ct->name, control(*(ct->charp))); - } - } - return 1; -} - -/* - * The following are the data structures and routines for the - * 'mode' command. - */ -#ifdef KLUDGELINEMODE -extern int kludgelinemode; - -static int -dokludgemode(void) -{ - kludgelinemode = 1; - send_wont(TELOPT_LINEMODE, 1); - send_dont(TELOPT_SGA, 1); - send_dont(TELOPT_ECHO, 1); - return 1; -} -#endif - -static int -dolinemode() -{ -#ifdef KLUDGELINEMODE - if (kludgelinemode) - send_dont(TELOPT_SGA, 1); -#endif - send_will(TELOPT_LINEMODE, 1); - send_dont(TELOPT_ECHO, 1); - return 1; -} - -static int -docharmode() -{ -#ifdef KLUDGELINEMODE - if (kludgelinemode) - send_do(TELOPT_SGA, 1); - else -#endif - send_wont(TELOPT_LINEMODE, 1); - send_do(TELOPT_ECHO, 1); - return 1; -} - -static int -dolmmode(int bit, int on) -{ - unsigned char c; - extern int linemode; - - if (my_want_state_is_wont(TELOPT_LINEMODE)) { - printf("?Need to have LINEMODE option enabled first.\r\n"); - printf("'mode ?' for help.\r\n"); - return 0; - } - - if (on) - c = (linemode | bit); - else - c = (linemode & ~bit); - lm_mode(&c, 1, 1); - return 1; -} - -static int -tn_setmode(int bit) -{ - return dolmmode(bit, 1); -} - -static int -tn_clearmode(int bit) -{ - return dolmmode(bit, 0); -} - -struct modelist { - char *name; /* command name */ - char *help; /* help string */ - int (*handler)(); /* routine which executes command */ - int needconnect; /* Do we need to be connected to execute? */ - int arg1; -}; - -static int modehelp(void); - -static struct modelist ModeList[] = { - { "character", "Disable LINEMODE option", docharmode, 1 }, -#ifdef KLUDGELINEMODE - { "", "(or disable obsolete line-by-line mode)", 0 }, -#endif - { "line", "Enable LINEMODE option", dolinemode, 1 }, -#ifdef KLUDGELINEMODE - { "", "(or enable obsolete line-by-line mode)", 0 }, -#endif - { "", "", 0 }, - { "", "These require the LINEMODE option to be enabled", 0 }, - { "isig", "Enable signal trapping", tn_setmode, 1, MODE_TRAPSIG }, - { "+isig", 0, tn_setmode, 1, MODE_TRAPSIG }, - { "-isig", "Disable signal trapping", tn_clearmode, 1, MODE_TRAPSIG }, - { "edit", "Enable character editing", tn_setmode, 1, MODE_EDIT }, - { "+edit", 0, tn_setmode, 1, MODE_EDIT }, - { "-edit", "Disable character editing", tn_clearmode, 1, MODE_EDIT }, - { "softtabs", "Enable tab expansion", tn_setmode, 1, MODE_SOFT_TAB }, - { "+softtabs", 0, tn_setmode, 1, MODE_SOFT_TAB }, - { "-softtabs", "Disable character editing", tn_clearmode, 1, MODE_SOFT_TAB }, - { "litecho", "Enable literal character echo", tn_setmode, 1, MODE_LIT_ECHO }, - { "+litecho", 0, tn_setmode, 1, MODE_LIT_ECHO }, - { "-litecho", "Disable literal character echo", tn_clearmode, 1, MODE_LIT_ECHO }, - { "help", 0, modehelp, 0 }, -#ifdef KLUDGELINEMODE - { "kludgeline", 0, dokludgemode, 1 }, -#endif - { "", "", 0 }, - { "?", "Print help information", modehelp, 0 }, - { 0 }, -}; - - -static int -modehelp(void) -{ - struct modelist *mt; - - printf("format is: 'mode Mode', where 'Mode' is one of:\r\n\r\n"); - for (mt = ModeList; mt->name; mt++) { - if (mt->help) { - if (*mt->help) - printf("%-15s %s\r\n", mt->name, mt->help); - else - printf("\r\n"); - } - } - return 0; -} - -#define GETMODECMD(name) (struct modelist *) \ - genget(name, (char **) ModeList, sizeof(struct modelist)) - -static int -modecmd(int argc, char **argv) -{ - struct modelist *mt; - - if (argc != 2) { - printf("'mode' command requires an argument\r\n"); - printf("'mode ?' for help.\r\n"); - } else if ((mt = GETMODECMD(argv[1])) == 0) { - fprintf(stderr, "Unknown mode '%s' ('mode ?' for help).\r\n", argv[1]); - } else if (Ambiguous(mt)) { - fprintf(stderr, "Ambiguous mode '%s' ('mode ?' for help).\r\n", argv[1]); - } else if (mt->needconnect && !connected) { - printf("?Need to be connected first.\r\n"); - printf("'mode ?' for help.\r\n"); - } else if (mt->handler) { - return (*mt->handler)(mt->arg1); - } - return 0; -} - -/* - * The following data structures and routines implement the - * "display" command. - */ - -static int -display(int argc, char *argv[]) -{ - struct togglelist *tl; - struct setlist *sl; - -#define dotog(tl) if (tl->variable && tl->actionexplanation) { \ - if (*tl->variable) { \ - printf("will"); \ - } else { \ - printf("won't"); \ - } \ - printf(" %s.\r\n", tl->actionexplanation); \ - } - -#define doset(sl) if (sl->name && *sl->name != ' ') { \ - if (sl->handler == 0) \ - printf("%-15s [%s]\r\n", sl->name, control(*sl->charp)); \ - else \ - printf("%-15s \"%s\"\r\n", sl->name, (char *)sl->charp); \ - } - - if (argc == 1) { - for (tl = Togglelist; tl->name; tl++) { - dotog(tl); - } - printf("\r\n"); - for (sl = Setlist; sl->name; sl++) { - doset(sl); - } - } else { - int i; - - for (i = 1; i < argc; i++) { - sl = getset(argv[i]); - tl = GETTOGGLE(argv[i]); - if (Ambiguous(sl) || Ambiguous(tl)) { - printf("?Ambiguous argument '%s'.\r\n", argv[i]); - return 0; - } else if (!sl && !tl) { - printf("?Unknown argument '%s'.\r\n", argv[i]); - return 0; - } else { - if (tl) { - dotog(tl); - } - if (sl) { - doset(sl); - } - } - } - } -/*@*/optionstatus(); -#if defined(ENCRYPTION) - EncryptStatus(); -#endif - return 1; -#undef doset -#undef dotog -} - -/* - * The following are the data structures, and many of the routines, - * relating to command processing. - */ - -/* - * Set the escape character. - */ -static int -setescape(int argc, char *argv[]) -{ - char *arg; - char buf[50]; - - printf( - "Deprecated usage - please use 'set escape%s%s' in the future.\r\n", - (argc > 2)? " ":"", (argc > 2)? argv[1]: ""); - if (argc > 2) - arg = argv[1]; - else { - printf("new escape character: "); - fgets(buf, sizeof(buf), stdin); - arg = buf; - } - if (arg[0] != '\0') - escape = arg[0]; - printf("Escape character is '%s'.\r\n", control(escape)); - - fflush(stdout); - return 1; -} - -static int -togcrmod() -{ - crmod = !crmod; - printf("Deprecated usage - please use 'toggle crmod' in the future.\r\n"); - printf("%s map carriage return on output.\r\n", crmod ? "Will" : "Won't"); - fflush(stdout); - return 1; -} - -static int -telnetsuspend() -{ -#ifdef SIGTSTP - setcommandmode(); - { - long oldrows, oldcols, newrows, newcols, err; - - err = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0; - kill(0, SIGTSTP); - /* - * If we didn't get the window size before the SUSPEND, but we - * can get them now (?), then send the NAWS to make sure that - * we are set up for the right window size. - */ - if (TerminalWindowSize(&newrows, &newcols) && connected && - (err || ((oldrows != newrows) || (oldcols != newcols)))) { - sendnaws(); - } - } - /* reget parameters in case they were changed */ - TerminalSaveState(); - setconnmode(0); -#else - printf("Suspend is not supported. Try the '!' command instead\r\n"); -#endif - return 1; -} - -static int -shell(int argc, char **argv) -{ - long oldrows, oldcols, newrows, newcols, err; - - setcommandmode(); - - err = (TerminalWindowSize(&oldrows, &oldcols) == 0) ? 1 : 0; - switch(fork()) { - case -1: - perror("Fork failed\r\n"); - break; - - case 0: - { - /* - * Fire up the shell in the child. - */ - char *shellp, *shellname; - - shellp = getenv("SHELL"); - if (shellp == NULL) - shellp = "/bin/sh"; - if ((shellname = strrchr(shellp, '/')) == 0) - shellname = shellp; - else - shellname++; - if (argc > 1) - execl(shellp, shellname, "-c", &saveline[1], 0); - else - execl(shellp, shellname, 0); - perror("Execl"); - _exit(1); - } - default: - wait((int *)0); /* Wait for the shell to complete */ - - if (TerminalWindowSize(&newrows, &newcols) && connected && - (err || ((oldrows != newrows) || (oldcols != newcols)))) { - sendnaws(); - } - break; - } - return 1; -} - -static int -bye(int argc, char **argv) -{ - extern int resettermname; - - if (connected) { - shutdown(net, 2); - printf("Connection closed.\r\n"); - NetClose(net); - connected = 0; - resettermname = 1; -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - auth_encrypt_connect(connected); -#endif - /* reset options */ - tninit(); - } - if ((argc != 2) || (strcmp(argv[1], "fromquit") != 0)) - longjmp(toplevel, 1); - return 0; /* NOTREACHED */ -} - -int -quit(void) -{ - call(bye, "bye", "fromquit", 0); - Exit(0); - return 0; /*NOTREACHED*/ -} - -static int -logout() -{ - send_do(TELOPT_LOGOUT, 1); - netflush(); - return 1; -} - - -/* - * The SLC command. - */ - -struct slclist { - char *name; - char *help; - void (*handler)(); - int arg; -}; - -static void slc_help(void); - -struct slclist SlcList[] = { - { "export", "Use local special character definitions", - slc_mode_export, 0 }, - { "import", "Use remote special character definitions", - slc_mode_import, 1 }, - { "check", "Verify remote special character definitions", - slc_mode_import, 0 }, - { "help", 0, slc_help, 0 }, - { "?", "Print help information", slc_help, 0 }, - { 0 }, -}; - -static void -slc_help(void) -{ - struct slclist *c; - - for (c = SlcList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } -} - -static struct slclist * -getslc(char *name) -{ - return (struct slclist *) - genget(name, (char **) SlcList, sizeof(struct slclist)); -} - -static int -slccmd(int argc, char **argv) -{ - struct slclist *c; - - if (argc != 2) { - fprintf(stderr, - "Need an argument to 'slc' command. 'slc ?' for help.\r\n"); - return 0; - } - c = getslc(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('slc ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('slc ?' for help).\r\n", - argv[1]); - return 0; - } - (*c->handler)(c->arg); - slcstate(); - return 1; -} - -/* - * The ENVIRON command. - */ - -struct envlist { - char *name; - char *help; - void (*handler)(); - int narg; -}; - -static void env_help (void); - -struct envlist EnvList[] = { - { "define", "Define an environment variable", - (void (*)())env_define, 2 }, - { "undefine", "Undefine an environment variable", - env_undefine, 1 }, - { "export", "Mark an environment variable for automatic export", - env_export, 1 }, - { "unexport", "Don't mark an environment variable for automatic export", - env_unexport, 1 }, - { "send", "Send an environment variable", env_send, 1 }, - { "list", "List the current environment variables", - env_list, 0 }, - { "help", 0, env_help, 0 }, - { "?", "Print help information", env_help, 0 }, - { 0 }, -}; - -static void -env_help() -{ - struct envlist *c; - - for (c = EnvList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } -} - -static struct envlist * -getenvcmd(char *name) -{ - return (struct envlist *) - genget(name, (char **) EnvList, sizeof(struct envlist)); -} - -static int -env_cmd(int argc, char **argv) -{ - struct envlist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'environ' command. 'environ ?' for help.\r\n"); - return 0; - } - c = getenvcmd(argv[1]); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('environ ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('environ ?' for help).\r\n", - argv[1]); - return 0; - } - if (c->narg + 2 != argc) { - fprintf(stderr, - "Need %s%d argument%s to 'environ %s' command. 'environ ?' for help.\r\n", - c->narg < argc + 2 ? "only " : "", - c->narg, c->narg == 1 ? "" : "s", c->name); - return 0; - } - (*c->handler)(argv[2], argv[3]); - return 1; -} - -struct env_lst { - struct env_lst *next; /* pointer to next structure */ - struct env_lst *prev; /* pointer to previous structure */ - unsigned char *var; /* pointer to variable name */ - unsigned char *value; /* pointer to variable value */ - int export; /* 1 -> export with default list of variables */ - int welldefined; /* A well defined variable */ -}; - -struct env_lst envlisthead; - -struct env_lst * -env_find(unsigned char *var) -{ - struct env_lst *ep; - - for (ep = envlisthead.next; ep; ep = ep->next) { - if (strcmp((char *)ep->var, (char *)var) == 0) - return(ep); - } - return(NULL); -} - -#if IRIX == 4 -#define environ _environ -#endif - -void -env_init(void) -{ - extern char **environ; - char **epp, *cp; - struct env_lst *ep; - - for (epp = environ; *epp; epp++) { - if ((cp = strchr(*epp, '='))) { - *cp = '\0'; - ep = env_define((unsigned char *)*epp, - (unsigned char *)cp+1); - ep->export = 0; - *cp = '='; - } - } - /* - * Special case for DISPLAY variable. If it is ":0.0" or - * "unix:0.0", we have to get rid of "unix" and insert our - * hostname. - */ - if ((ep = env_find("DISPLAY")) - && (*ep->value == ':' - || strncmp((char *)ep->value, "unix:", 5) == 0)) { - char hbuf[256+1]; - char *cp2 = strchr((char *)ep->value, ':'); - - /* XXX - should be k_gethostname? */ - gethostname(hbuf, 256); - hbuf[256] = '\0'; - - /* If this is not the full name, try to get it via DNS */ - if (strchr(hbuf, '.') == 0) { - struct hostent *he = roken_gethostbyname(hbuf); - if (he != NULL) - strlcpy(hbuf, he->h_name, 256); - } - - asprintf (&cp, "%s%s", hbuf, cp2); - free (ep->value); - ep->value = (unsigned char *)cp; - } - /* - * If USER is not defined, but LOGNAME is, then add - * USER with the value from LOGNAME. By default, we - * don't export the USER variable. - */ - if ((env_find("USER") == NULL) && (ep = env_find("LOGNAME"))) { - env_define((unsigned char *)"USER", ep->value); - env_unexport((unsigned char *)"USER"); - } - env_export((unsigned char *)"DISPLAY"); - env_export((unsigned char *)"PRINTER"); - env_export((unsigned char *)"XAUTHORITY"); -} - -struct env_lst * -env_define(unsigned char *var, unsigned char *value) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) { - if (ep->var) - free(ep->var); - if (ep->value) - free(ep->value); - } else { - ep = (struct env_lst *)malloc(sizeof(struct env_lst)); - ep->next = envlisthead.next; - envlisthead.next = ep; - ep->prev = &envlisthead; - if (ep->next) - ep->next->prev = ep; - } - ep->welldefined = opt_welldefined((char *)var); - ep->export = 1; - ep->var = (unsigned char *)strdup((char *)var); - ep->value = (unsigned char *)strdup((char *)value); - return(ep); -} - -void -env_undefine(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) { - ep->prev->next = ep->next; - if (ep->next) - ep->next->prev = ep->prev; - if (ep->var) - free(ep->var); - if (ep->value) - free(ep->value); - free(ep); - } -} - -void -env_export(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - ep->export = 1; -} - -void -env_unexport(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - ep->export = 0; -} - -void -env_send(unsigned char *var) -{ - struct env_lst *ep; - - if (my_state_is_wont(TELOPT_NEW_ENVIRON) -#ifdef OLD_ENVIRON - && my_state_is_wont(TELOPT_OLD_ENVIRON) -#endif - ) { - fprintf(stderr, - "Cannot send '%s': Telnet ENVIRON option not enabled\r\n", - var); - return; - } - ep = env_find(var); - if (ep == 0) { - fprintf(stderr, "Cannot send '%s': variable not defined\r\n", - var); - return; - } - env_opt_start_info(); - env_opt_add(ep->var); - env_opt_end(0); -} - -void -env_list(void) -{ - struct env_lst *ep; - - for (ep = envlisthead.next; ep; ep = ep->next) { - printf("%c %-20s %s\r\n", ep->export ? '*' : ' ', - ep->var, ep->value); - } -} - -unsigned char * -env_default(int init, int welldefined) -{ - static struct env_lst *nep = NULL; - - if (init) { - nep = &envlisthead; - return NULL; - } - if (nep) { - while ((nep = nep->next)) { - if (nep->export && (nep->welldefined == welldefined)) - return(nep->var); - } - } - return(NULL); -} - -unsigned char * -env_getvalue(unsigned char *var) -{ - struct env_lst *ep; - - if ((ep = env_find(var))) - return(ep->value); - return(NULL); -} - - -#if defined(AUTHENTICATION) -/* - * The AUTHENTICATE command. - */ - -struct authlist { - char *name; - char *help; - int (*handler)(); - int narg; -}; - -static int - auth_help (void); - -struct authlist AuthList[] = { - { "status", "Display current status of authentication information", - auth_status, 0 }, - { "disable", "Disable an authentication type ('auth disable ?' for more)", - auth_disable, 1 }, - { "enable", "Enable an authentication type ('auth enable ?' for more)", - auth_enable, 1 }, - { "help", 0, auth_help, 0 }, - { "?", "Print help information", auth_help, 0 }, - { 0 }, -}; - -static int -auth_help() -{ - struct authlist *c; - - for (c = AuthList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } - return 0; -} - -static int -auth_cmd(int argc, char **argv) -{ - struct authlist *c; - - if (argc < 2) { - fprintf(stderr, - "Need an argument to 'auth' command. 'auth ?' for help.\r\n"); - return 0; - } - - c = (struct authlist *) - genget(argv[1], (char **) AuthList, sizeof(struct authlist)); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('auth ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('auth ?' for help).\r\n", - argv[1]); - return 0; - } - if (c->narg + 2 != argc) { - fprintf(stderr, - "Need %s%d argument%s to 'auth %s' command. 'auth ?' for help.\r\n", - c->narg < argc + 2 ? "only " : "", - c->narg, c->narg == 1 ? "" : "s", c->name); - return 0; - } - return((*c->handler)(argv[2], argv[3])); -} -#endif - - -#if defined(ENCRYPTION) -/* - * The ENCRYPT command. - */ - -struct encryptlist { - char *name; - char *help; - int (*handler)(); - int needconnect; - int minarg; - int maxarg; -}; - -static int - EncryptHelp (void); - -struct encryptlist EncryptList[] = { - { "enable", "Enable encryption. ('encrypt enable ?' for more)", - EncryptEnable, 1, 1, 2 }, - { "disable", "Disable encryption. ('encrypt enable ?' for more)", - EncryptDisable, 0, 1, 2 }, - { "type", "Set encryptiong type. ('encrypt type ?' for more)", - EncryptType, 0, 1, 1 }, - { "start", "Start encryption. ('encrypt start ?' for more)", - EncryptStart, 1, 0, 1 }, - { "stop", "Stop encryption. ('encrypt stop ?' for more)", - EncryptStop, 1, 0, 1 }, - { "input", "Start encrypting the input stream", - EncryptStartInput, 1, 0, 0 }, - { "-input", "Stop encrypting the input stream", - EncryptStopInput, 1, 0, 0 }, - { "output", "Start encrypting the output stream", - EncryptStartOutput, 1, 0, 0 }, - { "-output", "Stop encrypting the output stream", - EncryptStopOutput, 1, 0, 0 }, - - { "status", "Display current status of authentication information", - EncryptStatus, 0, 0, 0 }, - { "help", 0, EncryptHelp, 0, 0, 0 }, - { "?", "Print help information", EncryptHelp, 0, 0, 0 }, - { 0 }, -}; - -static int -EncryptHelp() -{ - struct encryptlist *c; - - for (c = EncryptList; c->name; c++) { - if (c->help) { - if (*c->help) - printf("%-15s %s\r\n", c->name, c->help); - else - printf("\r\n"); - } - } - return 0; -} - -static int -encrypt_cmd(int argc, char **argv) -{ - struct encryptlist *c; - - c = (struct encryptlist *) - genget(argv[1], (char **) EncryptList, sizeof(struct encryptlist)); - if (c == 0) { - fprintf(stderr, "'%s': unknown argument ('encrypt ?' for help).\r\n", - argv[1]); - return 0; - } - if (Ambiguous(c)) { - fprintf(stderr, "'%s': ambiguous argument ('encrypt ?' for help).\r\n", - argv[1]); - return 0; - } - argc -= 2; - if (argc < c->minarg || argc > c->maxarg) { - if (c->minarg == c->maxarg) { - fprintf(stderr, "Need %s%d argument%s ", - c->minarg < argc ? "only " : "", c->minarg, - c->minarg == 1 ? "" : "s"); - } else { - fprintf(stderr, "Need %s%d-%d arguments ", - c->maxarg < argc ? "only " : "", c->minarg, c->maxarg); - } - fprintf(stderr, "to 'encrypt %s' command. 'encrypt ?' for help.\r\n", - c->name); - return 0; - } - if (c->needconnect && !connected) { - if (!(argc && (isprefix(argv[2], "help") || isprefix(argv[2], "?")))) { - printf("?Need to be connected first.\r\n"); - return 0; - } - } - return ((*c->handler)(argc > 0 ? argv[2] : 0, - argc > 1 ? argv[3] : 0, - argc > 2 ? argv[4] : 0)); -} -#endif - - -/* - * Print status about the connection. - */ - -static int -status(int argc, char **argv) -{ - if (connected) { - printf("Connected to %s.\r\n", hostname); - if ((argc < 2) || strcmp(argv[1], "notmuch")) { - int mode = getconnmode(); - - if (my_want_state_is_will(TELOPT_LINEMODE)) { - printf("Operating with LINEMODE option\r\n"); - printf("%s line editing\r\n", (mode&MODE_EDIT) ? "Local" : "No"); - printf("%s catching of signals\r\n", - (mode&MODE_TRAPSIG) ? "Local" : "No"); - slcstate(); -#ifdef KLUDGELINEMODE - } else if (kludgelinemode && my_want_state_is_dont(TELOPT_SGA)) { - printf("Operating in obsolete linemode\r\n"); -#endif - } else { - printf("Operating in single character mode\r\n"); - if (localchars) - printf("Catching signals locally\r\n"); - } - printf("%s character echo\r\n", (mode&MODE_ECHO) ? "Local" : "Remote"); - if (my_want_state_is_will(TELOPT_LFLOW)) - printf("%s flow control\r\n", (mode&MODE_FLOW) ? "Local" : "No"); -#if defined(ENCRYPTION) - encrypt_display(); -#endif - } - } else { - printf("No connection.\r\n"); - } - printf("Escape character is '%s'.\r\n", control(escape)); - fflush(stdout); - return 1; -} - -#ifdef SIGINFO -/* - * Function that gets called when SIGINFO is received. - */ -void -ayt_status(int ignore) -{ - call(status, "status", "notmuch", 0); -} -#endif - -static Command *getcmd(char *name); - -static void -cmdrc(char *m1, char *m2) -{ - static char rcname[128]; - Command *c; - FILE *rcfile; - int gotmachine = 0; - int l1 = strlen(m1); - int l2 = strlen(m2); - char m1save[64]; - - if (skiprc) - return; - - strlcpy(m1save, m1, sizeof(m1save)); - m1 = m1save; - - if (rcname[0] == 0) { - char *home = getenv("HOME"); - - snprintf (rcname, sizeof(rcname), "%s/.telnetrc", - home ? home : ""); - } - - if ((rcfile = fopen(rcname, "r")) == 0) { - return; - } - - for (;;) { - if (fgets(line, sizeof(line), rcfile) == NULL) - break; - if (line[0] == 0) - break; - if (line[0] == '#') - continue; - if (gotmachine) { - if (!isspace(line[0])) - gotmachine = 0; - } - if (gotmachine == 0) { - if (isspace(line[0])) - continue; - if (strncasecmp(line, m1, l1) == 0) - strncpy(line, &line[l1], sizeof(line) - l1); - else if (strncasecmp(line, m2, l2) == 0) - strncpy(line, &line[l2], sizeof(line) - l2); - else if (strncasecmp(line, "DEFAULT", 7) == 0) - strncpy(line, &line[7], sizeof(line) - 7); - else - continue; - if (line[0] != ' ' && line[0] != '\t' && line[0] != '\n') - continue; - gotmachine = 1; - } - makeargv(); - if (margv[0] == 0) - continue; - c = getcmd(margv[0]); - if (Ambiguous(c)) { - printf("?Ambiguous command: %s\r\n", margv[0]); - continue; - } - if (c == 0) { - printf("?Invalid command: %s\r\n", margv[0]); - continue; - } - /* - * This should never happen... - */ - if (c->needconnect && !connected) { - printf("?Need to be connected first for %s.\r\n", margv[0]); - continue; - } - (*c->handler)(margc, margv); - } - fclose(rcfile); -} - -int -tn(int argc, char **argv) -{ - struct hostent *host = 0; -#ifdef HAVE_IPV6 - struct sockaddr_in6 sin6; -#endif - struct sockaddr_in sin; - struct sockaddr *sa = NULL; - int sa_size = 0; - struct servent *sp = 0; - unsigned long temp; - extern char *inet_ntoa(); -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) - char *srp = 0; - int srlen; -#endif - char *cmd, *hostp = 0, *portp = 0; - char *user = 0; - int family, port = 0; - char **addr_list; - - /* clear the socket address prior to use */ - - if (connected) { - printf("?Already connected to %s\r\n", hostname); - setuid(getuid()); - return 0; - } - if (argc < 2) { - strlcpy(line, "open ", sizeof(line)); - printf("(to) "); - fgets(&line[strlen(line)], sizeof(line) - strlen(line), stdin); - makeargv(); - argc = margc; - argv = margv; - } - cmd = *argv; - --argc; ++argv; - while (argc) { - if (strcmp(*argv, "help") == 0 || isprefix(*argv, "?")) - goto usage; - if (strcmp(*argv, "-l") == 0) { - --argc; ++argv; - if (argc == 0) - goto usage; - user = strdup(*argv++); - --argc; - continue; - } - if (strcmp(*argv, "-a") == 0) { - --argc; ++argv; - autologin = 1; - continue; - } - if (hostp == 0) { - hostp = *argv++; - --argc; - continue; - } - if (portp == 0) { - portp = *argv++; - --argc; - continue; - } - usage: - printf("usage: %s [-l user] [-a] host-name [port]\r\n", cmd); - setuid(getuid()); - return 0; - } - if (hostp == 0) - goto usage; - -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) - if (hostp[0] == '@' || hostp[0] == '!') { - if ((hostname = strrchr(hostp, ':')) == NULL) - hostname = strrchr(hostp, '@'); - hostname++; - srp = 0; - temp = sourceroute(hostp, &srp, &srlen); - if (temp == 0) { - fprintf (stderr, "%s: %s\r\n", srp ? srp : "", hstrerror(h_errno)); - setuid(getuid()); - return 0; - } else if (temp == -1) { - printf("Bad source route option: %s\r\n", hostp); - setuid(getuid()); - return 0; - } else { - abort(); - } - } else { -#endif - memset (&sin, 0, sizeof(sin)); -#ifdef HAVE_IPV6 - memset (&sin6, 0, sizeof(sin6)); - - if(inet_pton(AF_INET6, hostp, &sin6.sin6_addr)) { - sin6.sin6_family = family = AF_INET6; - sa = (struct sockaddr *)&sin6; - sa_size = sizeof(sin6); - strlcpy(_hostname, hostp, sizeof(_hostname)); - hostname =_hostname; - } else -#endif - if(inet_aton(hostp, &sin.sin_addr)){ - sin.sin_family = family = AF_INET; - sa = (struct sockaddr *)&sin; - sa_size = sizeof(sin); - strlcpy(_hostname, hostp, sizeof(_hostname)); - hostname = _hostname; - } else { -#ifdef HAVE_GETHOSTBYNAME2 -#ifdef HAVE_IPV6 - host = gethostbyname2(hostp, AF_INET6); - if(host == NULL) -#endif - host = gethostbyname2(hostp, AF_INET); -#else - host = roken_gethostbyname(hostp); -#endif - if (host) { - strlcpy(_hostname, host->h_name, sizeof(_hostname)); - family = host->h_addrtype; - addr_list = host->h_addr_list; - - switch(family) { - case AF_INET: - memset(&sin, 0, sizeof(sin)); - sa_size = sizeof(sin); - sa = (struct sockaddr *)&sin; - sin.sin_family = family; - sin.sin_addr = *((struct in_addr *)(*addr_list)); - break; -#ifdef HAVE_IPV6 - case AF_INET6: - memset(&sin6, 0, sizeof(sin6)); - sa_size = sizeof(sin6); - sa = (struct sockaddr *)&sin6; - sin6.sin6_family = family; - sin6.sin6_addr = *((struct in6_addr *)(*addr_list)); - break; -#endif - default: - fprintf(stderr, "Bad address family: %d\n", family); - return 0; - } - - _hostname[sizeof(_hostname)-1] = '\0'; - hostname = _hostname; - } else { - fprintf (stderr, "%s: %s\r\n", hostp ? hostp : "", - hstrerror(h_errno)); - setuid(getuid()); - return 0; - } - } -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) - } -#endif - if (portp) { - if (*portp == '-') { - portp++; - telnetport = 1; - } else - telnetport = 0; - port = atoi(portp); - if (port == 0) { - sp = roken_getservbyname(portp, "tcp"); - if (sp) - port = sp->s_port; - else { - printf("%s: bad port number\r\n", portp); - setuid(getuid()); - return 0; - } - } else { - port = htons(port); - } - } else { - if (sp == 0) { - sp = roken_getservbyname("telnet", "tcp"); - if (sp == 0) { - fprintf(stderr, "telnet: tcp/telnet: unknown service\r\n"); - setuid(getuid()); - return 0; - } - port = sp->s_port; - } - telnetport = 1; - } - do { - switch(family) { - case AF_INET: - sin.sin_port = port; - printf("Trying %s...\r\n", inet_ntoa(sin.sin_addr)); - break; -#ifdef HAVE_IPV6 - case AF_INET6: { -#ifndef INET6_ADDRSTRLEN -#define INET6_ADDRSTRLEN 46 -#endif - - char buf[INET6_ADDRSTRLEN]; - - sin6.sin6_port = port; -#ifdef HAVE_INET_NTOP - printf("Trying %s...\r\n", inet_ntop(AF_INET6, - &sin6.sin6_addr, - buf, - sizeof(buf))); -#endif - break; - } -#endif - default: - abort(); - } - - - net = socket(family, SOCK_STREAM, 0); - setuid(getuid()); - if (net < 0) { - perror("telnet: socket"); - return 0; - } -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) && defined(HAVE_SETSOCKOPT) - if (srp && setsockopt(net, IPPROTO_IP, IP_OPTIONS, (void *)srp, - srlen) < 0) - perror("setsockopt (IP_OPTIONS)"); -#endif -#if defined(IPPROTO_IP) && defined(IP_TOS) - { -# if defined(HAVE_GETTOSBYNAME) - struct tosent *tp; - if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) - tos = tp->t_tos; -# endif - if (tos < 0) - tos = 020; /* Low Delay bit */ - if (tos - && (setsockopt(net, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(int)) < 0) - && (errno != ENOPROTOOPT)) - perror("telnet: setsockopt (IP_TOS) (ignored)"); - } -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - - if (debug && SetSockOpt(net, SOL_SOCKET, SO_DEBUG, 1) < 0) { - perror("setsockopt (SO_DEBUG)"); - } - - if (connect(net, sa, sa_size) < 0) { - if (host && addr_list[1]) { - int oerrno = errno; - - switch(family) { - case AF_INET : - fprintf(stderr, "telnet: connect to address %s: ", - inet_ntoa(sin.sin_addr)); - sin.sin_addr = *((struct in_addr *)(*++addr_list)); - break; -#ifdef HAVE_IPV6 - case AF_INET6: { - char buf[INET6_ADDRSTRLEN]; - - fprintf(stderr, "telnet: connect to address %s: ", - inet_ntop(AF_INET6, &sin6.sin6_addr, buf, - sizeof(buf))); - sin6.sin6_addr = *((struct in6_addr *)(*++addr_list)); - break; - } -#endif - default: - abort(); - } - - errno = oerrno; - perror(NULL); - NetClose(net); - continue; - } - perror("telnet: Unable to connect to remote host"); - return 0; - } - connected++; -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - auth_encrypt_connect(connected); -#endif - } while (connected == 0); - cmdrc(hostp, hostname); - if (autologin && user == NULL) - user = (char *)get_default_username (); - if (user) { - env_define((unsigned char *)"USER", (unsigned char *)user); - env_export((unsigned char *)"USER"); - } - call(status, "status", "notmuch", 0); - if (setjmp(peerdied) == 0) - my_telnet((char *)user); - NetClose(net); - ExitString("Connection closed by foreign host.\r\n",1); - /*NOTREACHED*/ - return 0; -} - -#define HELPINDENT ((int)sizeof ("connect")) - -static char - openhelp[] = "connect to a site", - closehelp[] = "close current connection", - logouthelp[] = "forcibly logout remote user and close the connection", - quithelp[] = "exit telnet", - statushelp[] = "print status information", - helphelp[] = "print help information", - sendhelp[] = "transmit special characters ('send ?' for more)", - sethelp[] = "set operating parameters ('set ?' for more)", - unsethelp[] = "unset operating parameters ('unset ?' for more)", - togglestring[] ="toggle operating parameters ('toggle ?' for more)", - slchelp[] = "change state of special charaters ('slc ?' for more)", - displayhelp[] = "display operating parameters", -#if defined(AUTHENTICATION) - authhelp[] = "turn on (off) authentication ('auth ?' for more)", -#endif -#if defined(ENCRYPTION) - encrypthelp[] = "turn on (off) encryption ('encrypt ?' for more)", -#endif - zhelp[] = "suspend telnet", - shellhelp[] = "invoke a subshell", - envhelp[] = "change environment variables ('environ ?' for more)", - modestring[] = "try to enter line or character mode ('mode ?' for more)"; - -static int help(int argc, char **argv); - -static Command cmdtab[] = { - { "close", closehelp, bye, 1 }, - { "logout", logouthelp, logout, 1 }, - { "display", displayhelp, display, 0 }, - { "mode", modestring, modecmd, 0 }, - { "open", openhelp, tn, 0 }, - { "quit", quithelp, quit, 0 }, - { "send", sendhelp, sendcmd, 0 }, - { "set", sethelp, setcmd, 0 }, - { "unset", unsethelp, unsetcmd, 0 }, - { "status", statushelp, status, 0 }, - { "toggle", togglestring, toggle, 0 }, - { "slc", slchelp, slccmd, 0 }, -#if defined(AUTHENTICATION) - { "auth", authhelp, auth_cmd, 0 }, -#endif -#if defined(ENCRYPTION) - { "encrypt", encrypthelp, encrypt_cmd, 0 }, -#endif - { "z", zhelp, telnetsuspend, 0 }, - { "!", shellhelp, shell, 0 }, - { "environ", envhelp, env_cmd, 0 }, - { "?", helphelp, help, 0 }, - { 0, 0, 0, 0 } -}; - -static char crmodhelp[] = "deprecated command -- use 'toggle crmod' instead"; -static char escapehelp[] = "deprecated command -- use 'set escape' instead"; - -static Command cmdtab2[] = { - { "help", 0, help, 0 }, - { "escape", escapehelp, setescape, 0 }, - { "crmod", crmodhelp, togcrmod, 0 }, - { 0, 0, 0, 0 } -}; - - -/* - * Call routine with argc, argv set from args (terminated by 0). - */ - -static int -call(intrtn_t routine, ...) -{ - va_list ap; - char *args[100]; - int argno = 0; - - va_start(ap, routine); - while ((args[argno++] = va_arg(ap, char *)) != 0); - va_end(ap); - return (*routine)(argno-1, args); -} - - -static Command -*getcmd(char *name) -{ - Command *cm; - - if ((cm = (Command *) genget(name, (char **) cmdtab, sizeof(Command)))) - return cm; - return (Command *) genget(name, (char **) cmdtab2, sizeof(Command)); -} - -void -command(int top, char *tbuf, int cnt) -{ - Command *c; - - setcommandmode(); - if (!top) { - putchar('\n'); - } else { - signal(SIGINT, SIG_DFL); - signal(SIGQUIT, SIG_DFL); - } - for (;;) { - if (rlogin == _POSIX_VDISABLE) - printf("%s> ", prompt); - if (tbuf) { - char *cp; - cp = line; - while (cnt > 0 && (*cp++ = *tbuf++) != '\n') - cnt--; - tbuf = 0; - if (cp == line || *--cp != '\n' || cp == line) - goto getline; - *cp = '\0'; - if (rlogin == _POSIX_VDISABLE) - printf("%s\r\n", line); - } else { - getline: - if (rlogin != _POSIX_VDISABLE) - printf("%s> ", prompt); - if (fgets(line, sizeof(line), stdin) == NULL) { - if (feof(stdin) || ferror(stdin)) { - quit(); - /*NOTREACHED*/ - } - break; - } - } - if (line[0] == 0) - break; - makeargv(); - if (margv[0] == 0) { - break; - } - c = getcmd(margv[0]); - if (Ambiguous(c)) { - printf("?Ambiguous command\r\n"); - continue; - } - if (c == 0) { - printf("?Invalid command\r\n"); - continue; - } - if (c->needconnect && !connected) { - printf("?Need to be connected first.\r\n"); - continue; - } - if ((*c->handler)(margc, margv)) { - break; - } - } - if (!top) { - if (!connected) { - longjmp(toplevel, 1); - /*NOTREACHED*/ - } - setconnmode(0); - } -} - -/* - * Help command. - */ -static int -help(int argc, char **argv) -{ - Command *c; - - if (argc == 1) { - printf("Commands may be abbreviated. Commands are:\r\n\r\n"); - for (c = cmdtab; c->name; c++) - if (c->help) { - printf("%-*s\t%s\r\n", HELPINDENT, c->name, - c->help); - } - return 0; - } - while (--argc > 0) { - char *arg; - arg = *++argv; - c = getcmd(arg); - if (Ambiguous(c)) - printf("?Ambiguous help command %s\r\n", arg); - else if (c == (Command *)0) - printf("?Invalid help command %s\r\n", arg); - else - printf("%s\r\n", c->help); - } - return 0; -} - - -#if defined(IP_OPTIONS) && defined(IPPROTO_IP) - -/* - * Source route is handed in as - * [!]@hop1@hop2...[@|:]dst - * If the leading ! is present, it is a - * strict source route, otherwise it is - * assmed to be a loose source route. - * - * We fill in the source route option as - * hop1,hop2,hop3...dest - * and return a pointer to hop1, which will - * be the address to connect() to. - * - * Arguments: - * arg: pointer to route list to decipher - * - * cpp: If *cpp is not equal to NULL, this is a - * pointer to a pointer to a character array - * that should be filled in with the option. - * - * lenp: pointer to an integer that contains the - * length of *cpp if *cpp != NULL. - * - * Return values: - * - * Returns the address of the host to connect to. If the - * return value is -1, there was a syntax error in the - * option, either unknown characters, or too many hosts. - * If the return value is 0, one of the hostnames in the - * path is unknown, and *cpp is set to point to the bad - * hostname. - * - * *cpp: If *cpp was equal to NULL, it will be filled - * in with a pointer to our static area that has - * the option filled in. This will be 32bit aligned. - * - * *lenp: This will be filled in with how long the option - * pointed to by *cpp is. - * - */ -unsigned long -sourceroute(char *arg, char **cpp, int *lenp) -{ - static char lsr[44]; - char *cp, *cp2, *lsrp, *lsrep; - int tmp; - struct in_addr sin_addr; - struct hostent *host = 0; - char c; - - /* - * Verify the arguments, and make sure we have - * at least 7 bytes for the option. - */ - if (cpp == NULL || lenp == NULL) - return((unsigned long)-1); - if (*cpp != NULL && *lenp < 7) - return((unsigned long)-1); - /* - * Decide whether we have a buffer passed to us, - * or if we need to use our own static buffer. - */ - if (*cpp) { - lsrp = *cpp; - lsrep = lsrp + *lenp; - } else { - *cpp = lsrp = lsr; - lsrep = lsrp + 44; - } - - cp = arg; - - /* - * Next, decide whether we have a loose source - * route or a strict source route, and fill in - * the begining of the option. - */ - if (*cp == '!') { - cp++; - *lsrp++ = IPOPT_SSRR; - } else - *lsrp++ = IPOPT_LSRR; - - if (*cp != '@') - return((unsigned long)-1); - - lsrp++; /* skip over length, we'll fill it in later */ - *lsrp++ = 4; - - cp++; - - sin_addr.s_addr = 0; - - for (c = 0;;) { - if (c == ':') - cp2 = 0; - else for (cp2 = cp; (c = *cp2); cp2++) { - if (c == ',') { - *cp2++ = '\0'; - if (*cp2 == '@') - cp2++; - } else if (c == '@') { - *cp2++ = '\0'; - } else if (c == ':') { - *cp2++ = '\0'; - } else - continue; - break; - } - if (!c) - cp2 = 0; - - if ((tmp = inet_addr(cp)) != -1) { - sin_addr.s_addr = tmp; - } else if ((host = roken_gethostbyname(cp))) { - memmove(&sin_addr, - host->h_addr_list[0], - sizeof(sin_addr)); - } else { - *cpp = cp; - return(0); - } - memmove(lsrp, &sin_addr, 4); - lsrp += 4; - if (cp2) - cp = cp2; - else - break; - /* - * Check to make sure there is space for next address - */ - if (lsrp + 4 > lsrep) - return((unsigned long)-1); - } - if ((*(*cpp+IPOPT_OLEN) = lsrp - *cpp) <= 7) { - *cpp = 0; - *lenp = 0; - return((unsigned long)-1); - } - *lsrp++ = IPOPT_NOP; /* 32 bit word align it */ - *lenp = lsrp - *cpp; - return(sin_addr.s_addr); -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/telnet/defines.h b/crypto/kerberosIV/appl/telnet/telnet/defines.h deleted file mode 100644 index 5c1ac2bcc658..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/defines.h +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)defines.h 8.1 (Berkeley) 6/6/93 - */ - -#define settimer(x) clocks.x = clocks.system++ - -#define NETADD(c) { *netoring.supply = c; ring_supplied(&netoring, 1); } -#define NET2ADD(c1,c2) { NETADD(c1); NETADD(c2); } -#define NETBYTES() (ring_full_count(&netoring)) -#define NETROOM() (ring_empty_count(&netoring)) - -#define TTYADD(c) if (!(SYNCHing||flushout)) { \ - *ttyoring.supply = c; \ - ring_supplied(&ttyoring, 1); \ - } -#define TTYBYTES() (ring_full_count(&ttyoring)) -#define TTYROOM() (ring_empty_count(&ttyoring)) - -/* Various modes */ -#define MODE_LOCAL_CHARS(m) ((m)&(MODE_EDIT|MODE_TRAPSIG)) -#define MODE_LOCAL_ECHO(m) ((m)&MODE_ECHO) -#define MODE_COMMAND_LINE(m) ((m)==-1) - -#define CONTROL(x) ((x)&0x1f) /* CTRL(x) is not portable */ - - -/* XXX extra mode bits, these should be synced with */ - -#define MODE_OUT8 0x8000 /* binary mode sans -opost */ diff --git a/crypto/kerberosIV/appl/telnet/telnet/externs.h b/crypto/kerberosIV/appl/telnet/telnet/externs.h deleted file mode 100644 index f8b16683d1ca..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/externs.h +++ /dev/null @@ -1,429 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)externs.h 8.3 (Berkeley) 5/30/95 - */ - -/* $Id: externs.h,v 1.18 1998/07/09 23:16:36 assar Exp $ */ - -#ifndef BSD -# define BSD 43 -#endif - -#ifndef _POSIX_VDISABLE -# ifdef sun -# include /* pick up VDISABLE definition, mayby */ -# endif -# ifdef VDISABLE -# define _POSIX_VDISABLE VDISABLE -# else -# define _POSIX_VDISABLE ((cc_t)'\377') -# endif -#endif - -#define SUBBUFSIZE 256 - -extern int - autologin, /* Autologin enabled */ - skiprc, /* Don't process the ~/.telnetrc file */ - eight, /* use eight bit mode (binary in and/or out */ - binary, - flushout, /* flush output */ - connected, /* Are we connected to the other side? */ - globalmode, /* Mode tty should be in */ - telnetport, /* Are we connected to the telnet port? */ - localflow, /* Flow control handled locally */ - restartany, /* If flow control, restart output on any character */ - localchars, /* we recognize interrupt/quit */ - donelclchars, /* the user has set "localchars" */ - showoptions, - net, /* Network file descriptor */ - tin, /* Terminal input file descriptor */ - tout, /* Terminal output file descriptor */ - crlf, /* Should '\r' be mapped to (or )? */ - autoflush, /* flush output when interrupting? */ - autosynch, /* send interrupt characters with SYNCH? */ - SYNCHing, /* Is the stream in telnet SYNCH mode? */ - donebinarytoggle, /* the user has put us in binary */ - dontlecho, /* do we suppress local echoing right now? */ - crmod, - netdata, /* Print out network data flow */ - prettydump, /* Print "netdata" output in user readable format */ - termdata, /* Print out terminal data flow */ - debug; /* Debug level */ - -extern cc_t escape; /* Escape to command mode */ -extern cc_t rlogin; /* Rlogin mode escape character */ -#ifdef KLUDGELINEMODE -extern cc_t echoc; /* Toggle local echoing */ -#endif - -extern char - *prompt; /* Prompt for command. */ - -extern char - doopt[], - dont[], - will[], - wont[], - options[], /* All the little options */ - *hostname; /* Who are we connected to? */ -#if defined(ENCRYPTION) -extern void (*encrypt_output) (unsigned char *, int); -extern int (*decrypt_input) (int); -#endif - -/* - * We keep track of each side of the option negotiation. - */ - -#define MY_STATE_WILL 0x01 -#define MY_WANT_STATE_WILL 0x02 -#define MY_STATE_DO 0x04 -#define MY_WANT_STATE_DO 0x08 - -/* - * Macros to check the current state of things - */ - -#define my_state_is_do(opt) (options[opt]&MY_STATE_DO) -#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL) -#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO) -#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL) - -#define my_state_is_dont(opt) (!my_state_is_do(opt)) -#define my_state_is_wont(opt) (!my_state_is_will(opt)) -#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt)) -#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt)) - -#define set_my_state_do(opt) {options[opt] |= MY_STATE_DO;} -#define set_my_state_will(opt) {options[opt] |= MY_STATE_WILL;} -#define set_my_want_state_do(opt) {options[opt] |= MY_WANT_STATE_DO;} -#define set_my_want_state_will(opt) {options[opt] |= MY_WANT_STATE_WILL;} - -#define set_my_state_dont(opt) {options[opt] &= ~MY_STATE_DO;} -#define set_my_state_wont(opt) {options[opt] &= ~MY_STATE_WILL;} -#define set_my_want_state_dont(opt) {options[opt] &= ~MY_WANT_STATE_DO;} -#define set_my_want_state_wont(opt) {options[opt] &= ~MY_WANT_STATE_WILL;} - -/* - * Make everything symetrical - */ - -#define HIS_STATE_WILL MY_STATE_DO -#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO -#define HIS_STATE_DO MY_STATE_WILL -#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL - -#define his_state_is_do my_state_is_will -#define his_state_is_will my_state_is_do -#define his_want_state_is_do my_want_state_is_will -#define his_want_state_is_will my_want_state_is_do - -#define his_state_is_dont my_state_is_wont -#define his_state_is_wont my_state_is_dont -#define his_want_state_is_dont my_want_state_is_wont -#define his_want_state_is_wont my_want_state_is_dont - -#define set_his_state_do set_my_state_will -#define set_his_state_will set_my_state_do -#define set_his_want_state_do set_my_want_state_will -#define set_his_want_state_will set_my_want_state_do - -#define set_his_state_dont set_my_state_wont -#define set_his_state_wont set_my_state_dont -#define set_his_want_state_dont set_my_want_state_wont -#define set_his_want_state_wont set_my_want_state_dont - - -extern FILE - *NetTrace; /* Where debugging output goes */ -extern char - NetTraceFile[]; /* Name of file where debugging output goes */ -extern void - SetNetTrace (char *); /* Function to change where debugging goes */ - -extern jmp_buf - peerdied, - toplevel; /* For error conditions. */ - -/* authenc.c */ - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) -int telnet_net_write(unsigned char *str, int len); -void net_encrypt(void); -int telnet_spin(void); -char *telnet_getenv(char *val); -char *telnet_gets(char *prompt, char *result, int length, int echo); -#endif - -/* commands.c */ - -struct env_lst *env_define (unsigned char *, unsigned char *); -struct env_lst *env_find(unsigned char *var); -void env_init (void); -void env_undefine (unsigned char *); -void env_export (unsigned char *); -void env_unexport (unsigned char *); -void env_send (unsigned char *); -void env_list (void); -unsigned char * env_default(int init, int welldefined); -unsigned char * env_getvalue(unsigned char *var); - -void set_escape_char(char *s); -unsigned long sourceroute(char *arg, char **cpp, int *lenp); - -#if defined(AUTHENTICATION) -int auth_enable (char *); -int auth_disable (char *); -int auth_status (void); -#endif - -#if defined(ENCRYPTION) -int EncryptEnable (char *, char *); -int EncryptDisable (char *, char *); -int EncryptType (char *, char *); -int EncryptStart (char *); -int EncryptStartInput (void); -int EncryptStartOutput (void); -int EncryptStop (char *); -int EncryptStopInput (void); -int EncryptStopOutput (void); -int EncryptStatus (void); -#endif - -#ifdef SIGINFO -void ayt_status(int); -#endif -int tn(int argc, char **argv); -void command(int top, char *tbuf, int cnt); - -/* main.c */ - -void tninit(void); -void usage(void); - -/* network.c */ - -void init_network(void); -int stilloob(void); -void setneturg(void); -int netflush(void); - -/* sys_bsd.c */ - -void init_sys(void); -int TerminalWrite(char *buf, int n); -int TerminalRead(unsigned char *buf, int n); -int TerminalAutoFlush(void); -int TerminalSpecialChars(int c); -void TerminalFlushOutput(void); -void TerminalSaveState(void); -void TerminalDefaultChars(void); -void TerminalNewMode(int f); -cc_t *tcval(int func); -void TerminalSpeeds(long *input_speed, long *output_speed); -int TerminalWindowSize(long *rows, long *cols); -int NetClose(int fd); -void NetNonblockingIO(int fd, int onoff); -int process_rings(int netin, int netout, int netex, int ttyin, int ttyout, - int poll); - -/* telnet.c */ - -void init_telnet(void); - -void tel_leave_binary(int rw); -void tel_enter_binary(int rw); -int opt_welldefined(char *ep); -int telrcv(void); -int rlogin_susp(void); -void intp(void); -void sendbrk(void); -void sendabort(void); -void sendsusp(void); -void sendeof(void); -void sendayt(void); - -void xmitAO(void); -void xmitEL(void); -void xmitEC(void); - - -void Dump (char, unsigned char *, int); -void printoption (char *, int, int); -void printsub (int, unsigned char *, int); -void sendnaws (void); -void setconnmode (int); -void setcommandmode (void); -void setneturg (void); -void sys_telnet_init (void); -void my_telnet (char *); -void tel_enter_binary (int); -void TerminalFlushOutput (void); -void TerminalNewMode (int); -void TerminalRestoreState (void); -void TerminalSaveState (void); -void tninit (void); -void willoption (int); -void wontoption (int); - - -void send_do (int, int); -void send_dont (int, int); -void send_will (int, int); -void send_wont (int, int); - -void lm_will (unsigned char *, int); -void lm_wont (unsigned char *, int); -void lm_do (unsigned char *, int); -void lm_dont (unsigned char *, int); -void lm_mode (unsigned char *, int, int); - -void slc_init (void); -void slcstate (void); -void slc_mode_export (void); -void slc_mode_import (int); -void slc_import (int); -void slc_export (void); -void slc (unsigned char *, int); -void slc_check (void); -void slc_start_reply (void); -void slc_add_reply (unsigned char, unsigned char, cc_t); -void slc_end_reply (void); -int slc_update (void); - -void env_opt (unsigned char *, int); -void env_opt_start (void); -void env_opt_start_info (void); -void env_opt_add (unsigned char *); -void env_opt_end (int); - -unsigned char *env_default (int, int); -unsigned char *env_getvalue (unsigned char *); - -int get_status (void); -int dosynch (void); - -cc_t *tcval (int); - -int quit (void); - -/* terminal.c */ - -void init_terminal(void); -int ttyflush(int drop); -int getconnmode(void); - -/* utilities.c */ - -int SetSockOpt(int fd, int level, int option, int yesno); -void SetNetTrace(char *file); -void Dump(char direction, unsigned char *buffer, int length); -void printoption(char *direction, int cmd, int option); -void optionstatus(void); -void printsub(int direction, unsigned char *pointer, int length); -void EmptyTerminal(void); -void SetForExit(void); -void Exit(int returnCode); -void ExitString(char *string, int returnCode); - -extern struct termios new_tc; - -# define termEofChar new_tc.c_cc[VEOF] -# define termEraseChar new_tc.c_cc[VERASE] -# define termIntChar new_tc.c_cc[VINTR] -# define termKillChar new_tc.c_cc[VKILL] -# define termQuitChar new_tc.c_cc[VQUIT] - -# ifndef VSUSP -extern cc_t termSuspChar; -# else -# define termSuspChar new_tc.c_cc[VSUSP] -# endif -# if defined(VFLUSHO) && !defined(VDISCARD) -# define VDISCARD VFLUSHO -# endif -# ifndef VDISCARD -extern cc_t termFlushChar; -# else -# define termFlushChar new_tc.c_cc[VDISCARD] -# endif -# ifndef VWERASE -extern cc_t termWerasChar; -# else -# define termWerasChar new_tc.c_cc[VWERASE] -# endif -# ifndef VREPRINT -extern cc_t termRprntChar; -# else -# define termRprntChar new_tc.c_cc[VREPRINT] -# endif -# ifndef VLNEXT -extern cc_t termLiteralNextChar; -# else -# define termLiteralNextChar new_tc.c_cc[VLNEXT] -# endif -# ifndef VSTART -extern cc_t termStartChar; -# else -# define termStartChar new_tc.c_cc[VSTART] -# endif -# ifndef VSTOP -extern cc_t termStopChar; -# else -# define termStopChar new_tc.c_cc[VSTOP] -# endif -# ifndef VEOL -extern cc_t termForw1Char; -# else -# define termForw1Char new_tc.c_cc[VEOL] -# endif -# ifndef VEOL2 -extern cc_t termForw2Char; -# else -# define termForw2Char new_tc.c_cc[VEOL] -# endif -# ifndef VSTATUS -extern cc_t termAytChar; -#else -# define termAytChar new_tc.c_cc[VSTATUS] -#endif - -/* Ring buffer structures which are shared */ - -extern Ring - netoring, - netiring, - ttyoring, - ttyiring; - diff --git a/crypto/kerberosIV/appl/telnet/telnet/main.c b/crypto/kerberosIV/appl/telnet/telnet/main.c deleted file mode 100644 index ea60ae9a0d67..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/main.c +++ /dev/null @@ -1,358 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -static char *copyright[] = { - "@(#) Copyright (c) 1988, 1990, 1993\n" - "\tThe Regents of the University of California. All rights reserved.\n", - (char*)copyright -}; - -#include "telnet_locl.h" -RCSID("$Id: main.c,v 1.30 1999/11/13 06:30:11 assar Exp $"); - -/* These values need to be the same as defined in libtelnet/kerberos5.c */ -/* Either define them in both places, or put in some common header file. */ -#define OPTS_FORWARD_CREDS 0x00000002 -#define OPTS_FORWARDABLE_CREDS 0x00000001 - -#if KRB5 -#define FORWARD -#endif - -/* - * Initialize variables. - */ -void -tninit(void) -{ - init_terminal(); - - init_network(); - - init_telnet(); - - init_sys(); -} - -void -usage(void) -{ - fprintf(stderr, "Usage: %s %s%s%s%s\n", prompt, -#ifdef AUTHENTICATION - "[-8] [-E] [-K] [-L] [-G] [-S tos] [-X atype] [-a] [-c] [-d] [-e char]", - "\n\t[-k realm] [-l user] [-f/-F] [-n tracefile] ", -#else - "[-8] [-E] [-L] [-S tos] [-a] [-c] [-d] [-e char] [-l user]", - "\n\t[-n tracefile]", -#endif - "[-r] ", -#ifdef ENCRYPTION - "[-x] [host-name [port]]" -#else - "[host-name [port]]" -#endif - ); - exit(1); -} - -/* - * main. Parse arguments, invoke the protocol or command parser. - */ - - -#ifdef FORWARD -extern int forward_flags; -static int default_forward=0; -#endif /* FORWARD */ - -#ifdef KRB5 -/* XXX ugly hack to setup dns-proxy stuff */ -#define Authenticator asn1_Authenticator -#include -static void -krb5_init(void) -{ - krb5_context context; - krb5_init_context(&context); - -#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) - if (krb5_config_get_bool (context, NULL, - "libdefaults", "forward", NULL)) { - forward_flags |= OPTS_FORWARD_CREDS; - default_forward=1; - } - if (krb5_config_get_bool (context, NULL, - "libdefaults", "forwardable", NULL)) { - forward_flags |= OPTS_FORWARDABLE_CREDS; - default_forward=1; - } -#endif -#ifdef ENCRYPTION - if (krb5_config_get_bool (context, NULL, - "libdefaults", "encrypt", NULL)) { - encrypt_auto(1); - decrypt_auto(1); - EncryptVerbose(1); - } -#endif - - krb5_free_context(context); -} -#endif - -int -main(int argc, char **argv) -{ - int ch; - char *user; - -#ifdef KRB5 - krb5_init(); -#endif - - tninit(); /* Clear out things */ - - TerminalSaveState(); - - if ((prompt = strrchr(argv[0], '/'))) - ++prompt; - else - prompt = argv[0]; - - user = NULL; - - rlogin = (strncmp(prompt, "rlog", 4) == 0) ? '~' : _POSIX_VDISABLE; - - /* - * if AUTHENTICATION and ENCRYPTION is set autologin will be - * se to true after the getopt switch; unless the -K option is - * passed - */ - autologin = -1; - - while((ch = getopt(argc, argv, - "78DEKLS:X:abcde:fFk:l:n:rxG")) != -1) { - switch(ch) { - case '8': - eight = 3; /* binary output and input */ - break; - case '7': - eight = 0; - break; - case 'b': - binary = 3; - break; - case 'D': { - /* sometimes we don't want a mangled display */ - char *p; - if((p = getenv("DISPLAY"))) - env_define("DISPLAY", (unsigned char*)p); - break; - } - case 'E': - rlogin = escape = _POSIX_VDISABLE; - break; - case 'K': -#ifdef AUTHENTICATION - autologin = 0; -#endif - break; - case 'L': - eight |= 2; /* binary output only */ - break; - case 'S': - { -#ifdef HAVE_PARSETOS - extern int tos; - - if ((tos = parsetos(optarg, "tcp")) < 0) - fprintf(stderr, "%s%s%s%s\n", - prompt, ": Bad TOS argument '", - optarg, - "; will try to use default TOS"); -#else - fprintf(stderr, - "%s: Warning: -S ignored, no parsetos() support.\n", - prompt); -#endif - } - break; - case 'X': -#ifdef AUTHENTICATION - auth_disable_name(optarg); -#endif - break; - case 'a': - autologin = 1; - break; - case 'c': - skiprc = 1; - break; - case 'd': - debug = 1; - break; - case 'e': - set_escape_char(optarg); - break; - case 'f': -#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) - if ((forward_flags & OPTS_FORWARD_CREDS) && - !default_forward) { - fprintf(stderr, - "%s: Only one of -f and -F allowed.\n", - prompt); - usage(); - } - forward_flags |= OPTS_FORWARD_CREDS; -#else - fprintf(stderr, - "%s: Warning: -f ignored, no Kerberos V5 support.\n", - prompt); -#endif - break; - case 'F': -#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) - if ((forward_flags & OPTS_FORWARD_CREDS) && - !default_forward) { - fprintf(stderr, - "%s: Only one of -f and -F allowed.\n", - prompt); - usage(); - } - forward_flags |= OPTS_FORWARD_CREDS; - forward_flags |= OPTS_FORWARDABLE_CREDS; -#else - fprintf(stderr, - "%s: Warning: -F ignored, no Kerberos V5 support.\n", - prompt); -#endif - break; - case 'k': -#if defined(AUTHENTICATION) && defined(KRB4) - { - extern char *dest_realm, dst_realm_buf[]; - extern int dst_realm_sz; - dest_realm = dst_realm_buf; - strlcpy(dest_realm, optarg, dst_realm_sz); - } -#else - fprintf(stderr, - "%s: Warning: -k ignored, no Kerberos V4 support.\n", - prompt); -#endif - break; - case 'l': - if(autologin == 0){ - fprintf(stderr, "%s: Warning: -K ignored\n", prompt); - autologin = -1; - } - user = optarg; - break; - case 'n': - SetNetTrace(optarg); - break; - case 'r': - rlogin = '~'; - break; - case 'x': -#ifdef ENCRYPTION - encrypt_auto(1); - decrypt_auto(1); - EncryptVerbose(1); -#else - fprintf(stderr, - "%s: Warning: -x ignored, no ENCRYPT support.\n", - prompt); -#endif - break; - case 'G': -#if defined(AUTHENTICATION) && defined(KRB5) && defined(FORWARD) - forward_flags ^= OPTS_FORWARD_CREDS; - forward_flags ^= OPTS_FORWARDABLE_CREDS; -#else - fprintf(stderr, - "%s: Warning: -G ignored, no Kerberos V5 support.\n", - prompt); -#endif - break; - - case '?': - default: - usage(); - /* NOTREACHED */ - } - } - - if (autologin == -1) { /* esc@magic.fi; force */ -#if defined(AUTHENTICATION) - autologin = 1; -#endif -#if defined(ENCRYPTION) - encrypt_auto(1); - decrypt_auto(1); -#endif - } - - if (autologin == -1) - autologin = (rlogin == _POSIX_VDISABLE) ? 0 : 1; - - argc -= optind; - argv += optind; - - if (argc) { - char *args[7], **argp = args; - - if (argc > 2) - usage(); - *argp++ = prompt; - if (user) { - *argp++ = "-l"; - *argp++ = user; - } - *argp++ = argv[0]; /* host */ - if (argc > 1) - *argp++ = argv[1]; /* port */ - *argp = 0; - - if (setjmp(toplevel) != 0) - Exit(0); - if (tn(argp - args, args) == 1) - return (0); - else - return (1); - } - setjmp(toplevel); - for (;;) { - command(1, 0, 0); - } -} diff --git a/crypto/kerberosIV/appl/telnet/telnet/network.c b/crypto/kerberosIV/appl/telnet/telnet/network.c deleted file mode 100644 index 42ca388b1777..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/network.c +++ /dev/null @@ -1,165 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: network.c,v 1.10.28.1 2000/10/10 13:08:27 assar Exp $"); - -Ring netoring, netiring; -unsigned char netobuf[2*BUFSIZ], netibuf[BUFSIZ]; - -/* - * Initialize internal network data structures. - */ - -void -init_network(void) -{ - if (ring_init(&netoring, netobuf, sizeof netobuf) != 1) { - exit(1); - } - if (ring_init(&netiring, netibuf, sizeof netibuf) != 1) { - exit(1); - } - NetTrace = stdout; -} - - -/* - * Check to see if any out-of-band data exists on a socket (for - * Telnet "synch" processing). - */ - -int -stilloob(void) -{ - static struct timeval timeout = { 0 }; - fd_set excepts; - int value; - - do { - FD_ZERO(&excepts); - if (net >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(net, &excepts); - value = select(net+1, 0, 0, &excepts, &timeout); - } while ((value == -1) && (errno == EINTR)); - - if (value < 0) { - perror("select"); - quit(); - /* NOTREACHED */ - } - if (FD_ISSET(net, &excepts)) { - return 1; - } else { - return 0; - } -} - - -/* - * setneturg() - * - * Sets "neturg" to the current location. - */ - -void -setneturg(void) -{ - ring_mark(&netoring); -} - - -/* - * netflush - * Send as much data as possible to the network, - * handling requests for urgent data. - * - * The return value indicates whether we did any - * useful work. - */ - - -int -netflush(void) -{ - int n, n1; - -#if defined(ENCRYPTION) - if (encrypt_output) - ring_encrypt(&netoring, encrypt_output); -#endif - if ((n1 = n = ring_full_consecutive(&netoring)) > 0) { - if (!ring_at_mark(&netoring)) { - n = send(net, (char *)netoring.consume, n, 0); /* normal write */ - } else { - /* - * In 4.2 (and 4.3) systems, there is some question about - * what byte in a sendOOB operation is the "OOB" data. - * To make ourselves compatible, we only send ONE byte - * out of band, the one WE THINK should be OOB (though - * we really have more the TCP philosophy of urgent data - * rather than the Unix philosophy of OOB data). - */ - n = send(net, (char *)netoring.consume, 1, MSG_OOB);/* URGENT data */ - } - } - if (n < 0) { - if (errno != ENOBUFS && errno != EWOULDBLOCK) { - setcommandmode(); - perror(hostname); - NetClose(net); - ring_clear_mark(&netoring); - longjmp(peerdied, -1); - /*NOTREACHED*/ - } - n = 0; - } - if (netdata && n) { - Dump('>', netoring.consume, n); - } - if (n) { - ring_consumed(&netoring, n); - /* - * If we sent all, and more to send, then recurse to pick - * up the other half. - */ - if ((n1 == n) && ring_full_consecutive(&netoring)) { - netflush(); - } - return 1; - } else { - return 0; - } -} diff --git a/crypto/kerberosIV/appl/telnet/telnet/ring.c b/crypto/kerberosIV/appl/telnet/telnet/ring.c deleted file mode 100644 index d791476b281b..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/ring.c +++ /dev/null @@ -1,321 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: ring.c,v 1.10 1997/05/04 04:01:08 assar Exp $"); - -/* - * This defines a structure for a ring buffer. - * - * The circular buffer has two parts: - *((( - * full: [consume, supply) - * empty: [supply, consume) - *]]] - * - */ - -/* Internal macros */ - -#define ring_subtract(d,a,b) (((a)-(b) >= 0)? \ - (a)-(b): (((a)-(b))+(d)->size)) - -#define ring_increment(d,a,c) (((a)+(c) < (d)->top)? \ - (a)+(c) : (((a)+(c))-(d)->size)) - -#define ring_decrement(d,a,c) (((a)-(c) >= (d)->bottom)? \ - (a)-(c) : (((a)-(c))-(d)->size)) - - -/* - * The following is a clock, used to determine full, empty, etc. - * - * There is some trickiness here. Since the ring buffers are initialized - * to ZERO on allocation, we need to make sure, when interpreting the - * clock, that when the times are EQUAL, then the buffer is FULL. - */ -static u_long ring_clock = 0; - - -#define ring_empty(d) (((d)->consume == (d)->supply) && \ - ((d)->consumetime >= (d)->supplytime)) -#define ring_full(d) (((d)->supply == (d)->consume) && \ - ((d)->supplytime > (d)->consumetime)) - - - - - -/* Buffer state transition routines */ - -int -ring_init(Ring *ring, unsigned char *buffer, int count) -{ - memset(ring, 0, sizeof *ring); - - ring->size = count; - - ring->supply = ring->consume = ring->bottom = buffer; - - ring->top = ring->bottom+ring->size; - -#if defined(ENCRYPTION) - ring->clearto = 0; -#endif - - return 1; -} - -/* Mark routines */ - -/* - * Mark the most recently supplied byte. - */ - -void -ring_mark(Ring *ring) -{ - ring->mark = ring_decrement(ring, ring->supply, 1); -} - -/* - * Is the ring pointing to the mark? - */ - -int -ring_at_mark(Ring *ring) -{ - if (ring->mark == ring->consume) { - return 1; - } else { - return 0; - } -} - -/* - * Clear any mark set on the ring. - */ - -void -ring_clear_mark(Ring *ring) -{ - ring->mark = 0; -} - -/* - * Add characters from current segment to ring buffer. - */ -void -ring_supplied(Ring *ring, int count) -{ - ring->supply = ring_increment(ring, ring->supply, count); - ring->supplytime = ++ring_clock; -} - -/* - * We have just consumed "c" bytes. - */ -void -ring_consumed(Ring *ring, int count) -{ - if (count == 0) /* don't update anything */ - return; - - if (ring->mark && - (ring_subtract(ring, ring->mark, ring->consume) < count)) { - ring->mark = 0; - } -#if defined(ENCRYPTION) - if (ring->consume < ring->clearto && - ring->clearto <= ring->consume + count) - ring->clearto = 0; - else if (ring->consume + count > ring->top && - ring->bottom <= ring->clearto && - ring->bottom + ((ring->consume + count) - ring->top)) - ring->clearto = 0; -#endif - ring->consume = ring_increment(ring, ring->consume, count); - ring->consumetime = ++ring_clock; - /* - * Try to encourage "ring_empty_consecutive()" to be large. - */ - if (ring_empty(ring)) { - ring->consume = ring->supply = ring->bottom; - } -} - - - -/* Buffer state query routines */ - - -/* Number of bytes that may be supplied */ -int -ring_empty_count(Ring *ring) -{ - if (ring_empty(ring)) { /* if empty */ - return ring->size; - } else { - return ring_subtract(ring, ring->consume, ring->supply); - } -} - -/* number of CONSECUTIVE bytes that may be supplied */ -int -ring_empty_consecutive(Ring *ring) -{ - if ((ring->consume < ring->supply) || ring_empty(ring)) { - /* - * if consume is "below" supply, or empty, then - * return distance to the top - */ - return ring_subtract(ring, ring->top, ring->supply); - } else { - /* - * else, return what we may. - */ - return ring_subtract(ring, ring->consume, ring->supply); - } -} - -/* Return the number of bytes that are available for consuming - * (but don't give more than enough to get to cross over set mark) - */ - -int -ring_full_count(Ring *ring) -{ - if ((ring->mark == 0) || (ring->mark == ring->consume)) { - if (ring_full(ring)) { - return ring->size; /* nothing consumed, but full */ - } else { - return ring_subtract(ring, ring->supply, ring->consume); - } - } else { - return ring_subtract(ring, ring->mark, ring->consume); - } -} - -/* - * Return the number of CONSECUTIVE bytes available for consuming. - * However, don't return more than enough to cross over set mark. - */ -int -ring_full_consecutive(Ring *ring) -{ - if ((ring->mark == 0) || (ring->mark == ring->consume)) { - if ((ring->supply < ring->consume) || ring_full(ring)) { - return ring_subtract(ring, ring->top, ring->consume); - } else { - return ring_subtract(ring, ring->supply, ring->consume); - } - } else { - if (ring->mark < ring->consume) { - return ring_subtract(ring, ring->top, ring->consume); - } else { /* Else, distance to mark */ - return ring_subtract(ring, ring->mark, ring->consume); - } - } -} - -/* - * Move data into the "supply" portion of of the ring buffer. - */ -void -ring_supply_data(Ring *ring, unsigned char *buffer, int count) -{ - int i; - - while (count) { - i = min(count, ring_empty_consecutive(ring)); - memmove(ring->supply, buffer, i); - ring_supplied(ring, i); - count -= i; - buffer += i; - } -} - -#ifdef notdef - -/* - * Move data from the "consume" portion of the ring buffer - */ -void -ring_consume_data(Ring *ring, unsigned char *buffer, int count) -{ - int i; - - while (count) { - i = min(count, ring_full_consecutive(ring)); - memmove(buffer, ring->consume, i); - ring_consumed(ring, i); - count -= i; - buffer += i; - } -} -#endif - -#if defined(ENCRYPTION) -void -ring_encrypt(Ring *ring, void (*encryptor)()) -{ - unsigned char *s, *c; - - if (ring_empty(ring) || ring->clearto == ring->supply) - return; - - if (!(c = ring->clearto)) - c = ring->consume; - - s = ring->supply; - - if (s <= c) { - (*encryptor)(c, ring->top - c); - (*encryptor)(ring->bottom, s - ring->bottom); - } else - (*encryptor)(c, s - c); - - ring->clearto = ring->supply; -} - -void -ring_clearto(Ring *ring) -{ - if (!ring_empty(ring)) - ring->clearto = ring->supply; - else - ring->clearto = 0; -} -#endif - diff --git a/crypto/kerberosIV/appl/telnet/telnet/ring.h b/crypto/kerberosIV/appl/telnet/telnet/ring.h deleted file mode 100644 index fa7ad188c7fd..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/ring.h +++ /dev/null @@ -1,99 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ring.h 8.1 (Berkeley) 6/6/93 - */ - -/* $Id: ring.h,v 1.3 1997/05/04 04:01:09 assar Exp $ */ - -/* - * This defines a structure for a ring buffer. - * - * The circular buffer has two parts: - *((( - * full: [consume, supply) - * empty: [supply, consume) - *]]] - * - */ -typedef struct { - unsigned char *consume, /* where data comes out of */ - *supply, /* where data comes in to */ - *bottom, /* lowest address in buffer */ - *top, /* highest address+1 in buffer */ - *mark; /* marker (user defined) */ -#if defined(ENCRYPTION) - unsigned char *clearto; /* Data to this point is clear text */ - unsigned char *encryyptedto; /* Data is encrypted to here */ -#endif - int size; /* size in bytes of buffer */ - u_long consumetime, /* help us keep straight full, empty, etc. */ - supplytime; -} Ring; - -/* Here are some functions and macros to deal with the ring buffer */ - -/* Initialization routine */ -extern int - ring_init (Ring *ring, unsigned char *buffer, int count); - -/* Data movement routines */ -extern void - ring_supply_data (Ring *ring, unsigned char *buffer, int count); -#ifdef notdef -extern void - ring_consume_data (Ring *ring, unsigned char *buffer, int count); -#endif - -/* Buffer state transition routines */ -extern void - ring_supplied (Ring *ring, int count), - ring_consumed (Ring *ring, int count); - -/* Buffer state query routines */ -extern int - ring_empty_count (Ring *ring), - ring_empty_consecutive (Ring *ring), - ring_full_count (Ring *ring), - ring_full_consecutive (Ring *ring); - -#if defined(ENCRYPTION) -extern void - ring_encrypt (Ring *ring, void (*func)()), - ring_clearto (Ring *ring); -#endif - -extern int ring_at_mark(Ring *ring); - -extern void - ring_clear_mark(Ring *ring), - ring_mark(Ring *ring); diff --git a/crypto/kerberosIV/appl/telnet/telnet/sys_bsd.c b/crypto/kerberosIV/appl/telnet/telnet/sys_bsd.c deleted file mode 100644 index 6bff63800261..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/sys_bsd.c +++ /dev/null @@ -1,977 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: sys_bsd.c,v 1.23.18.2 2000/10/19 21:21:21 assar Exp $"); - -/* - * The following routines try to encapsulate what is system dependent - * (at least between 4.x and dos) which is used in telnet.c. - */ - -int - tout, /* Output file descriptor */ - tin, /* Input file descriptor */ - net; - -struct termios old_tc = { 0 }; -extern struct termios new_tc; - -# ifndef TCSANOW -# ifdef TCSETS -# define TCSANOW TCSETS -# define TCSADRAIN TCSETSW -# define tcgetattr(f, t) ioctl(f, TCGETS, (char *)t) -# else -# ifdef TCSETA -# define TCSANOW TCSETA -# define TCSADRAIN TCSETAW -# define tcgetattr(f, t) ioctl(f, TCGETA, (char *)t) -# else -# define TCSANOW TIOCSETA -# define TCSADRAIN TIOCSETAW -# define tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t) -# endif -# endif -# define tcsetattr(f, a, t) ioctl(f, a, (char *)t) -# define cfgetospeed(ptr) ((ptr)->c_cflag&CBAUD) -# ifdef CIBAUD -# define cfgetispeed(ptr) (((ptr)->c_cflag&CIBAUD) >> IBSHIFT) -# else -# define cfgetispeed(ptr) cfgetospeed(ptr) -# endif -# endif /* TCSANOW */ - -static fd_set ibits, obits, xbits; - - -void -init_sys(void) -{ - tout = fileno(stdout); - tin = fileno(stdin); - FD_ZERO(&ibits); - FD_ZERO(&obits); - FD_ZERO(&xbits); - - errno = 0; -} - - -int -TerminalWrite(char *buf, int n) -{ - return write(tout, buf, n); -} - -int -TerminalRead(unsigned char *buf, int n) -{ - return read(tin, buf, n); -} - -/* - * - */ - -int -TerminalAutoFlush(void) -{ -#if defined(LNOFLSH) - int flush; - - ioctl(0, TIOCLGET, (char *)&flush); - return !(flush&LNOFLSH); /* if LNOFLSH, no autoflush */ -#else /* LNOFLSH */ - return 1; -#endif /* LNOFLSH */ -} - -#ifdef KLUDGELINEMODE -extern int kludgelinemode; -#endif -/* - * TerminalSpecialChars() - * - * Look at an input character to see if it is a special character - * and decide what to do. - * - * Output: - * - * 0 Don't add this character. - * 1 Do add this character - */ - -int -TerminalSpecialChars(int c) -{ - if (c == termIntChar) { - intp(); - return 0; - } else if (c == termQuitChar) { -#ifdef KLUDGELINEMODE - if (kludgelinemode) - sendbrk(); - else -#endif - sendabort(); - return 0; - } else if (c == termEofChar) { - if (my_want_state_is_will(TELOPT_LINEMODE)) { - sendeof(); - return 0; - } - return 1; - } else if (c == termSuspChar) { - sendsusp(); - return(0); - } else if (c == termFlushChar) { - xmitAO(); /* Transmit Abort Output */ - return 0; - } else if (!MODE_LOCAL_CHARS(globalmode)) { - if (c == termKillChar) { - xmitEL(); - return 0; - } else if (c == termEraseChar) { - xmitEC(); /* Transmit Erase Character */ - return 0; - } - } - return 1; -} - - -/* - * Flush output to the terminal - */ - -void -TerminalFlushOutput(void) -{ -#ifdef TIOCFLUSH - ioctl(fileno(stdout), TIOCFLUSH, (char *) 0); -#else - ioctl(fileno(stdout), TCFLSH, (char *) 0); -#endif -} - -void -TerminalSaveState(void) -{ - tcgetattr(0, &old_tc); - - new_tc = old_tc; - -#ifndef VDISCARD - termFlushChar = CONTROL('O'); -#endif -#ifndef VWERASE - termWerasChar = CONTROL('W'); -#endif -#ifndef VREPRINT - termRprntChar = CONTROL('R'); -#endif -#ifndef VLNEXT - termLiteralNextChar = CONTROL('V'); -#endif -#ifndef VSTART - termStartChar = CONTROL('Q'); -#endif -#ifndef VSTOP - termStopChar = CONTROL('S'); -#endif -#ifndef VSTATUS - termAytChar = CONTROL('T'); -#endif -} - -cc_t* -tcval(int func) -{ - switch(func) { - case SLC_IP: return(&termIntChar); - case SLC_ABORT: return(&termQuitChar); - case SLC_EOF: return(&termEofChar); - case SLC_EC: return(&termEraseChar); - case SLC_EL: return(&termKillChar); - case SLC_XON: return(&termStartChar); - case SLC_XOFF: return(&termStopChar); - case SLC_FORW1: return(&termForw1Char); - case SLC_FORW2: return(&termForw2Char); -# ifdef VDISCARD - case SLC_AO: return(&termFlushChar); -# endif -# ifdef VSUSP - case SLC_SUSP: return(&termSuspChar); -# endif -# ifdef VWERASE - case SLC_EW: return(&termWerasChar); -# endif -# ifdef VREPRINT - case SLC_RP: return(&termRprntChar); -# endif -# ifdef VLNEXT - case SLC_LNEXT: return(&termLiteralNextChar); -# endif -# ifdef VSTATUS - case SLC_AYT: return(&termAytChar); -# endif - - case SLC_SYNCH: - case SLC_BRK: - case SLC_EOR: - default: - return((cc_t *)0); - } -} - -void -TerminalDefaultChars(void) -{ - memmove(new_tc.c_cc, old_tc.c_cc, sizeof(old_tc.c_cc)); -# ifndef VDISCARD - termFlushChar = CONTROL('O'); -# endif -# ifndef VWERASE - termWerasChar = CONTROL('W'); -# endif -# ifndef VREPRINT - termRprntChar = CONTROL('R'); -# endif -# ifndef VLNEXT - termLiteralNextChar = CONTROL('V'); -# endif -# ifndef VSTART - termStartChar = CONTROL('Q'); -# endif -# ifndef VSTOP - termStopChar = CONTROL('S'); -# endif -# ifndef VSTATUS - termAytChar = CONTROL('T'); -# endif -} - -#ifdef notdef -void -TerminalRestoreState() -{ -} -#endif - -/* - * TerminalNewMode - set up terminal to a specific mode. - * MODE_ECHO: do local terminal echo - * MODE_FLOW: do local flow control - * MODE_TRAPSIG: do local mapping to TELNET IAC sequences - * MODE_EDIT: do local line editing - * - * Command mode: - * MODE_ECHO|MODE_EDIT|MODE_FLOW|MODE_TRAPSIG - * local echo - * local editing - * local xon/xoff - * local signal mapping - * - * Linemode: - * local/no editing - * Both Linemode and Single Character mode: - * local/remote echo - * local/no xon/xoff - * local/no signal mapping - */ - - -#ifdef SIGTSTP -static RETSIGTYPE susp(); -#endif /* SIGTSTP */ -#ifdef SIGINFO -static RETSIGTYPE ayt(); -#endif - -void -TerminalNewMode(int f) -{ - static int prevmode = 0; - struct termios tmp_tc; - int onoff; - int old; - cc_t esc; - - globalmode = f&~MODE_FORCE; - if (prevmode == f) - return; - - /* - * Write any outstanding data before switching modes - * ttyflush() returns 0 only when there is no more data - * left to write out, it returns -1 if it couldn't do - * anything at all, otherwise it returns 1 + the number - * of characters left to write. - */ - old = ttyflush(SYNCHing|flushout); - if (old < 0 || old > 1) { - tcgetattr(tin, &tmp_tc); - do { - /* - * Wait for data to drain, then flush again. - */ - tcsetattr(tin, TCSADRAIN, &tmp_tc); - old = ttyflush(SYNCHing|flushout); - } while (old < 0 || old > 1); - } - - old = prevmode; - prevmode = f&~MODE_FORCE; - tmp_tc = new_tc; - - if (f&MODE_ECHO) { - tmp_tc.c_lflag |= ECHO; - tmp_tc.c_oflag |= ONLCR; - if (crlf) - tmp_tc.c_iflag |= ICRNL; - } else { - tmp_tc.c_lflag &= ~ECHO; - tmp_tc.c_oflag &= ~ONLCR; -# ifdef notdef - if (crlf) - tmp_tc.c_iflag &= ~ICRNL; -# endif - } - - if ((f&MODE_FLOW) == 0) { - tmp_tc.c_iflag &= ~(IXOFF|IXON); /* Leave the IXANY bit alone */ - } else { - if (restartany < 0) { - tmp_tc.c_iflag |= IXOFF|IXON; /* Leave the IXANY bit alone */ - } else if (restartany > 0) { - tmp_tc.c_iflag |= IXOFF|IXON|IXANY; - } else { - tmp_tc.c_iflag |= IXOFF|IXON; - tmp_tc.c_iflag &= ~IXANY; - } - } - - if ((f&MODE_TRAPSIG) == 0) { - tmp_tc.c_lflag &= ~ISIG; - localchars = 0; - } else { - tmp_tc.c_lflag |= ISIG; - localchars = 1; - } - - if (f&MODE_EDIT) { - tmp_tc.c_lflag |= ICANON; - } else { - tmp_tc.c_lflag &= ~ICANON; - tmp_tc.c_iflag &= ~ICRNL; - tmp_tc.c_cc[VMIN] = 1; - tmp_tc.c_cc[VTIME] = 0; - } - - if ((f&(MODE_EDIT|MODE_TRAPSIG)) == 0) { -# ifdef VLNEXT - tmp_tc.c_cc[VLNEXT] = (cc_t)(_POSIX_VDISABLE); -# endif - } - - if (f&MODE_SOFT_TAB) { -# ifdef OXTABS - tmp_tc.c_oflag |= OXTABS; -# endif -# ifdef TABDLY - tmp_tc.c_oflag &= ~TABDLY; - tmp_tc.c_oflag |= TAB3; -# endif - } else { -# ifdef OXTABS - tmp_tc.c_oflag &= ~OXTABS; -# endif -# ifdef TABDLY - tmp_tc.c_oflag &= ~TABDLY; -# endif - } - - if (f&MODE_LIT_ECHO) { -# ifdef ECHOCTL - tmp_tc.c_lflag &= ~ECHOCTL; -# endif - } else { -# ifdef ECHOCTL - tmp_tc.c_lflag |= ECHOCTL; -# endif - } - - if (f == -1) { - onoff = 0; - } else { - if (f & MODE_INBIN) - tmp_tc.c_iflag &= ~ISTRIP; - else - tmp_tc.c_iflag |= ISTRIP; - if ((f & MODE_OUTBIN) || (f & MODE_OUT8)) { - tmp_tc.c_cflag &= ~(CSIZE|PARENB); - tmp_tc.c_cflag |= CS8; - if(f & MODE_OUTBIN) - tmp_tc.c_oflag &= ~OPOST; - else - tmp_tc.c_oflag |= OPOST; - } else { - tmp_tc.c_cflag &= ~(CSIZE|PARENB); - tmp_tc.c_cflag |= old_tc.c_cflag & (CSIZE|PARENB); - tmp_tc.c_oflag |= OPOST; - } - onoff = 1; - } - - if (f != -1) { - -#ifdef SIGTSTP - signal(SIGTSTP, susp); -#endif /* SIGTSTP */ -#ifdef SIGINFO - signal(SIGINFO, ayt); -#endif -#ifdef NOKERNINFO - tmp_tc.c_lflag |= NOKERNINFO; -#endif - /* - * We don't want to process ^Y here. It's just another - * character that we'll pass on to the back end. It has - * to process it because it will be processed when the - * user attempts to read it, not when we send it. - */ -# ifdef VDSUSP - tmp_tc.c_cc[VDSUSP] = (cc_t)(_POSIX_VDISABLE); -# endif - /* - * If the VEOL character is already set, then use VEOL2, - * otherwise use VEOL. - */ - esc = (rlogin != _POSIX_VDISABLE) ? rlogin : escape; - if ((tmp_tc.c_cc[VEOL] != esc) -# ifdef VEOL2 - && (tmp_tc.c_cc[VEOL2] != esc) -# endif - ) { - if (tmp_tc.c_cc[VEOL] == (cc_t)(_POSIX_VDISABLE)) - tmp_tc.c_cc[VEOL] = esc; -# ifdef VEOL2 - else if (tmp_tc.c_cc[VEOL2] == (cc_t)(_POSIX_VDISABLE)) - tmp_tc.c_cc[VEOL2] = esc; -# endif - } - } else { - sigset_t sm; -#ifdef SIGINFO - RETSIGTYPE ayt_status(); - - signal(SIGINFO, ayt_status); -#endif -#ifdef SIGTSTP - signal(SIGTSTP, SIG_DFL); - sigemptyset(&sm); - sigaddset(&sm, SIGTSTP); - sigprocmask(SIG_UNBLOCK, &sm, NULL); -#endif /* SIGTSTP */ - tmp_tc = old_tc; - } - if (tcsetattr(tin, TCSADRAIN, &tmp_tc) < 0) - tcsetattr(tin, TCSANOW, &tmp_tc); - - ioctl(tin, FIONBIO, (char *)&onoff); - ioctl(tout, FIONBIO, (char *)&onoff); - -} - -/* - * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD). - */ -#if B4800 != 4800 -#define DECODE_BAUD -#endif - -#ifdef DECODE_BAUD -#ifndef B7200 -#define B7200 B4800 -#endif - -#ifndef B14400 -#define B14400 B9600 -#endif - -#ifndef B19200 -# define B19200 B14400 -#endif - -#ifndef B28800 -#define B28800 B19200 -#endif - -#ifndef B38400 -# define B38400 B28800 -#endif - -#ifndef B57600 -#define B57600 B38400 -#endif - -#ifndef B76800 -#define B76800 B57600 -#endif - -#ifndef B115200 -#define B115200 B76800 -#endif - -#ifndef B230400 -#define B230400 B115200 -#endif - - -/* - * This code assumes that the values B0, B50, B75... - * are in ascending order. They do not have to be - * contiguous. - */ -struct termspeeds { - long speed; - long value; -} termspeeds[] = { - { 0, B0 }, { 50, B50 }, { 75, B75 }, - { 110, B110 }, { 134, B134 }, { 150, B150 }, - { 200, B200 }, { 300, B300 }, { 600, B600 }, - { 1200, B1200 }, { 1800, B1800 }, { 2400, B2400 }, - { 4800, B4800 }, { 7200, B7200 }, { 9600, B9600 }, - { 14400, B14400 }, { 19200, B19200 }, { 28800, B28800 }, - { 38400, B38400 }, { 57600, B57600 }, { 115200, B115200 }, - { 230400, B230400 }, { -1, B230400 } -}; -#endif /* DECODE_BAUD */ - -void -TerminalSpeeds(long *input_speed, long *output_speed) -{ -#ifdef DECODE_BAUD - struct termspeeds *tp; -#endif /* DECODE_BAUD */ - long in, out; - - out = cfgetospeed(&old_tc); - in = cfgetispeed(&old_tc); - if (in == 0) - in = out; - -#ifdef DECODE_BAUD - tp = termspeeds; - while ((tp->speed != -1) && (tp->value < in)) - tp++; - *input_speed = tp->speed; - - tp = termspeeds; - while ((tp->speed != -1) && (tp->value < out)) - tp++; - *output_speed = tp->speed; -#else /* DECODE_BAUD */ - *input_speed = in; - *output_speed = out; -#endif /* DECODE_BAUD */ -} - -int -TerminalWindowSize(long *rows, long *cols) -{ - struct winsize ws; - - if (get_window_size (STDIN_FILENO, &ws) == 0) { - *rows = ws.ws_row; - *cols = ws.ws_col; - return 1; - } else - return 0; -} - -int -NetClose(int fd) -{ - return close(fd); -} - - -void -NetNonblockingIO(int fd, int onoff) -{ - ioctl(fd, FIONBIO, (char *)&onoff); -} - - -/* - * Various signal handling routines. - */ - -static RETSIGTYPE deadpeer(int), - intr(int), intr2(int), susp(int), sendwin(int); -#ifdef SIGINFO -static RETSIGTYPE ayt(int); -#endif - - - /* ARGSUSED */ -static RETSIGTYPE -deadpeer(int sig) -{ - setcommandmode(); - longjmp(peerdied, -1); -} - - /* ARGSUSED */ -static RETSIGTYPE -intr(int sig) -{ - if (localchars) { - intp(); - return; - } - setcommandmode(); - longjmp(toplevel, -1); -} - - /* ARGSUSED */ -static RETSIGTYPE -intr2(int sig) -{ - if (localchars) { -#ifdef KLUDGELINEMODE - if (kludgelinemode) - sendbrk(); - else -#endif - sendabort(); - return; - } -} - -#ifdef SIGTSTP - /* ARGSUSED */ -static RETSIGTYPE -susp(int sig) -{ - if ((rlogin != _POSIX_VDISABLE) && rlogin_susp()) - return; - if (localchars) - sendsusp(); -} -#endif - -#ifdef SIGWINCH - /* ARGSUSED */ -static RETSIGTYPE -sendwin(int sig) -{ - if (connected) { - sendnaws(); - } -} -#endif - -#ifdef SIGINFO - /* ARGSUSED */ -static RETSIGTYPE -ayt(int sig) -{ - if (connected) - sendayt(); - else - ayt_status(sig); -} -#endif - - -void -sys_telnet_init(void) -{ - signal(SIGINT, intr); - signal(SIGQUIT, intr2); - signal(SIGPIPE, deadpeer); -#ifdef SIGWINCH - signal(SIGWINCH, sendwin); -#endif -#ifdef SIGTSTP - signal(SIGTSTP, susp); -#endif -#ifdef SIGINFO - signal(SIGINFO, ayt); -#endif - - setconnmode(0); - - NetNonblockingIO(net, 1); - - -#if defined(SO_OOBINLINE) - if (SetSockOpt(net, SOL_SOCKET, SO_OOBINLINE, 1) == -1) { - perror("SetSockOpt"); - } -#endif /* defined(SO_OOBINLINE) */ -} - -/* - * Process rings - - * - * This routine tries to fill up/empty our various rings. - * - * The parameter specifies whether this is a poll operation, - * or a block-until-something-happens operation. - * - * The return value is 1 if something happened, 0 if not. - */ - -int -process_rings(int netin, - int netout, - int netex, - int ttyin, - int ttyout, - int poll) /* If 0, then block until something to do */ -{ - int c; - /* One wants to be a bit careful about setting returnValue - * to one, since a one implies we did some useful work, - * and therefore probably won't be called to block next - * time (TN3270 mode only). - */ - int returnValue = 0; - static struct timeval TimeValue = { 0 }; - - if (net >= FD_SETSIZE - || tout >= FD_SETSIZE - || tin >= FD_SETSIZE) - errx (1, "fd too large"); - - if (netout) { - FD_SET(net, &obits); - } - if (ttyout) { - FD_SET(tout, &obits); - } - if (ttyin) { - FD_SET(tin, &ibits); - } - if (netin) { - FD_SET(net, &ibits); - } -#if !defined(SO_OOBINLINE) - if (netex) { - FD_SET(net, &xbits); - } -#endif - if ((c = select(FD_SETSIZE, &ibits, &obits, &xbits, - (poll == 0)? (struct timeval *)0 : &TimeValue)) < 0) { - if (c == -1) { - /* - * we can get EINTR if we are in line mode, - * and the user does an escape (TSTP), or - * some other signal generator. - */ - if (errno == EINTR) { - return 0; - } - /* I don't like this, does it ever happen? */ - printf("sleep(5) from telnet, after select\r\n"); - sleep(5); - } - return 0; - } - - /* - * Any urgent data? - */ - if (FD_ISSET(net, &xbits)) { - FD_CLR(net, &xbits); - SYNCHing = 1; - ttyflush(1); /* flush already enqueued data */ - } - - /* - * Something to read from the network... - */ - if (FD_ISSET(net, &ibits)) { - int canread; - - FD_CLR(net, &ibits); - canread = ring_empty_consecutive(&netiring); -#if !defined(SO_OOBINLINE) - /* - * In 4.2 (and some early 4.3) systems, the - * OOB indication and data handling in the kernel - * is such that if two separate TCP Urgent requests - * come in, one byte of TCP data will be overlaid. - * This is fatal for Telnet, but we try to live - * with it. - * - * In addition, in 4.2 (and...), a special protocol - * is needed to pick up the TCP Urgent data in - * the correct sequence. - * - * What we do is: if we think we are in urgent - * mode, we look to see if we are "at the mark". - * If we are, we do an OOB receive. If we run - * this twice, we will do the OOB receive twice, - * but the second will fail, since the second - * time we were "at the mark", but there wasn't - * any data there (the kernel doesn't reset - * "at the mark" until we do a normal read). - * Once we've read the OOB data, we go ahead - * and do normal reads. - * - * There is also another problem, which is that - * since the OOB byte we read doesn't put us - * out of OOB state, and since that byte is most - * likely the TELNET DM (data mark), we would - * stay in the TELNET SYNCH (SYNCHing) state. - * So, clocks to the rescue. If we've "just" - * received a DM, then we test for the - * presence of OOB data when the receive OOB - * fails (and AFTER we did the normal mode read - * to clear "at the mark"). - */ - if (SYNCHing) { - int atmark; - static int bogus_oob = 0, first = 1; - - ioctl(net, SIOCATMARK, (char *)&atmark); - if (atmark) { - c = recv(net, netiring.supply, canread, MSG_OOB); - if ((c == -1) && (errno == EINVAL)) { - c = recv(net, netiring.supply, canread, 0); - if (clocks.didnetreceive < clocks.gotDM) { - SYNCHing = stilloob(); - } - } else if (first && c > 0) { - /* - * Bogosity check. Systems based on 4.2BSD - * do not return an error if you do a second - * recv(MSG_OOB). So, we do one. If it - * succeeds and returns exactly the same - * data, then assume that we are running - * on a broken system and set the bogus_oob - * flag. (If the data was different, then - * we probably got some valid new data, so - * increment the count...) - */ - int i; - i = recv(net, netiring.supply + c, canread - c, MSG_OOB); - if (i == c && - memcmp(netiring.supply, netiring.supply + c, i) == 0) { - bogus_oob = 1; - first = 0; - } else if (i < 0) { - bogus_oob = 0; - first = 0; - } else - c += i; - } - if (bogus_oob && c > 0) { - int i; - /* - * Bogosity. We have to do the read - * to clear the atmark to get out of - * an infinate loop. - */ - i = read(net, netiring.supply + c, canread - c); - if (i > 0) - c += i; - } - } else { - c = recv(net, netiring.supply, canread, 0); - } - } else { - c = recv(net, netiring.supply, canread, 0); - } - settimer(didnetreceive); -#else /* !defined(SO_OOBINLINE) */ - c = recv(net, (char *)netiring.supply, canread, 0); -#endif /* !defined(SO_OOBINLINE) */ - if (c < 0 && errno == EWOULDBLOCK) { - c = 0; - } else if (c <= 0) { - return -1; - } - if (netdata) { - Dump('<', netiring.supply, c); - } - if (c) - ring_supplied(&netiring, c); - returnValue = 1; - } - - /* - * Something to read from the tty... - */ - if (FD_ISSET(tin, &ibits)) { - FD_CLR(tin, &ibits); - c = TerminalRead(ttyiring.supply, ring_empty_consecutive(&ttyiring)); - if (c < 0 && errno == EIO) - c = 0; - if (c < 0 && errno == EWOULDBLOCK) { - c = 0; - } else { - /* EOF detection for line mode!!!! */ - if ((c == 0) && MODE_LOCAL_CHARS(globalmode) && isatty(tin)) { - /* must be an EOF... */ - *ttyiring.supply = termEofChar; - c = 1; - } - if (c <= 0) { - return -1; - } - if (termdata) { - Dump('<', ttyiring.supply, c); - } - ring_supplied(&ttyiring, c); - } - returnValue = 1; /* did something useful */ - } - - if (FD_ISSET(net, &obits)) { - FD_CLR(net, &obits); - returnValue |= netflush(); - } - if (FD_ISSET(tout, &obits)) { - FD_CLR(tout, &obits); - returnValue |= (ttyflush(SYNCHing|flushout) > 0); - } - - return returnValue; -} diff --git a/crypto/kerberosIV/appl/telnet/telnet/telnet.c b/crypto/kerberosIV/appl/telnet/telnet/telnet.c deleted file mode 100644 index 1df4d6ea35b2..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/telnet.c +++ /dev/null @@ -1,2313 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" -#ifdef HAVE_TERMCAP_H -#include -#endif - -RCSID("$Id: telnet.c,v 1.25 1999/03/11 13:49:34 joda Exp $"); - -#define strip(x) (eight ? (x) : ((x) & 0x7f)) - -static unsigned char subbuffer[SUBBUFSIZE], - *subpointer, *subend; /* buffer for sub-options */ -#define SB_CLEAR() subpointer = subbuffer; -#define SB_TERM() { subend = subpointer; SB_CLEAR(); } -#define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \ - *subpointer++ = (c); \ - } - -#define SB_GET() ((*subpointer++)&0xff) -#define SB_PEEK() ((*subpointer)&0xff) -#define SB_EOF() (subpointer >= subend) -#define SB_LEN() (subend - subpointer) - -char options[256]; /* The combined options */ -char do_dont_resp[256]; -char will_wont_resp[256]; - -int - eight = 3, - binary = 0, - autologin = 0, /* Autologin anyone? */ - skiprc = 0, - connected, - showoptions, - ISend, /* trying to send network data in */ - debug = 0, - crmod, - netdata, /* Print out network data flow */ - crlf, /* Should '\r' be mapped to (or )? */ - telnetport, - SYNCHing, /* we are in TELNET SYNCH mode */ - flushout, /* flush output */ - autoflush = 0, /* flush output when interrupting? */ - autosynch, /* send interrupt characters with SYNCH? */ - localflow, /* we handle flow control locally */ - restartany, /* if flow control enabled, restart on any character */ - localchars, /* we recognize interrupt/quit */ - donelclchars, /* the user has set "localchars" */ - donebinarytoggle, /* the user has put us in binary */ - dontlecho, /* do we suppress local echoing right now? */ - globalmode; - -char *prompt = 0; - -cc_t escape; -cc_t rlogin; -#ifdef KLUDGELINEMODE -cc_t echoc; -#endif - -/* - * Telnet receiver states for fsm - */ -#define TS_DATA 0 -#define TS_IAC 1 -#define TS_WILL 2 -#define TS_WONT 3 -#define TS_DO 4 -#define TS_DONT 5 -#define TS_CR 6 -#define TS_SB 7 /* sub-option collection */ -#define TS_SE 8 /* looking for sub-option end */ - -static int telrcv_state; -#ifdef OLD_ENVIRON -unsigned char telopt_environ = TELOPT_NEW_ENVIRON; -#else -# define telopt_environ TELOPT_NEW_ENVIRON -#endif - -jmp_buf toplevel; -jmp_buf peerdied; - -int flushline; -int linemode; - -#ifdef KLUDGELINEMODE -int kludgelinemode = 1; -#endif - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -Clocks clocks; - -static int is_unique(char *name, char **as, char **ae); - - -/* - * Initialize telnet environment. - */ - -void -init_telnet(void) -{ - env_init(); - - SB_CLEAR(); - memset(options, 0, sizeof options); - - connected = ISend = localflow = donebinarytoggle = 0; -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - auth_encrypt_connect(connected); -#endif /* defined(AUTHENTICATION) || defined(ENCRYPTION) */ - restartany = -1; - - SYNCHing = 0; - - /* Don't change NetTrace */ - - escape = CONTROL(']'); - rlogin = _POSIX_VDISABLE; -#ifdef KLUDGELINEMODE - echoc = CONTROL('E'); -#endif - - flushline = 1; - telrcv_state = TS_DATA; -} - - -/* - * These routines are in charge of sending option negotiations - * to the other side. - * - * The basic idea is that we send the negotiation if either side - * is in disagreement as to what the current state should be. - */ - -void -send_do(int c, int init) -{ - if (init) { - if (((do_dont_resp[c] == 0) && my_state_is_do(c)) || - my_want_state_is_do(c)) - return; - set_my_want_state_do(c); - do_dont_resp[c]++; - } - NET2ADD(IAC, DO); - NETADD(c); - printoption("SENT", DO, c); -} - -void -send_dont(int c, int init) -{ - if (init) { - if (((do_dont_resp[c] == 0) && my_state_is_dont(c)) || - my_want_state_is_dont(c)) - return; - set_my_want_state_dont(c); - do_dont_resp[c]++; - } - NET2ADD(IAC, DONT); - NETADD(c); - printoption("SENT", DONT, c); -} - -void -send_will(int c, int init) -{ - if (init) { - if (((will_wont_resp[c] == 0) && my_state_is_will(c)) || - my_want_state_is_will(c)) - return; - set_my_want_state_will(c); - will_wont_resp[c]++; - } - NET2ADD(IAC, WILL); - NETADD(c); - printoption("SENT", WILL, c); -} - -void -send_wont(int c, int init) -{ - if (init) { - if (((will_wont_resp[c] == 0) && my_state_is_wont(c)) || - my_want_state_is_wont(c)) - return; - set_my_want_state_wont(c); - will_wont_resp[c]++; - } - NET2ADD(IAC, WONT); - NETADD(c); - printoption("SENT", WONT, c); -} - - -void -willoption(int option) -{ - int new_state_ok = 0; - - if (do_dont_resp[option]) { - --do_dont_resp[option]; - if (do_dont_resp[option] && my_state_is_do(option)) - --do_dont_resp[option]; - } - - if ((do_dont_resp[option] == 0) && my_want_state_is_dont(option)) { - - switch (option) { - - case TELOPT_ECHO: - case TELOPT_BINARY: - case TELOPT_SGA: - settimer(modenegotiated); - /* FALL THROUGH */ - case TELOPT_STATUS: -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: -#endif -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: -#endif - new_state_ok = 1; - break; - - case TELOPT_TM: - if (flushout) - flushout = 0; - /* - * Special case for TM. If we get back a WILL, - * pretend we got back a WONT. - */ - set_my_want_state_dont(option); - set_my_state_dont(option); - return; /* Never reply to TM will's/wont's */ - - case TELOPT_LINEMODE: - default: - break; - } - - if (new_state_ok) { - set_my_want_state_do(option); - send_do(option, 0); - setconnmode(0); /* possibly set new tty mode */ - } else { - do_dont_resp[option]++; - send_dont(option, 0); - } - } - set_my_state_do(option); -#if defined(ENCRYPTION) - if (option == TELOPT_ENCRYPT) - encrypt_send_support(); -#endif -} - -void -wontoption(int option) -{ - if (do_dont_resp[option]) { - --do_dont_resp[option]; - if (do_dont_resp[option] && my_state_is_dont(option)) - --do_dont_resp[option]; - } - - if ((do_dont_resp[option] == 0) && my_want_state_is_do(option)) { - - switch (option) { - -#ifdef KLUDGELINEMODE - case TELOPT_SGA: - if (!kludgelinemode) - break; - /* FALL THROUGH */ -#endif - case TELOPT_ECHO: - settimer(modenegotiated); - break; - - case TELOPT_TM: - if (flushout) - flushout = 0; - set_my_want_state_dont(option); - set_my_state_dont(option); - return; /* Never reply to TM will's/wont's */ - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - encrypt_not(); - break; -#endif - default: - break; - } - set_my_want_state_dont(option); - if (my_state_is_do(option)) - send_dont(option, 0); - setconnmode(0); /* Set new tty mode */ - } else if (option == TELOPT_TM) { - /* - * Special case for TM. - */ - if (flushout) - flushout = 0; - set_my_want_state_dont(option); - } - set_my_state_dont(option); -} - -static void -dooption(int option) -{ - int new_state_ok = 0; - - if (will_wont_resp[option]) { - --will_wont_resp[option]; - if (will_wont_resp[option] && my_state_is_will(option)) - --will_wont_resp[option]; - } - - if (will_wont_resp[option] == 0) { - if (my_want_state_is_wont(option)) { - - switch (option) { - - case TELOPT_TM: - /* - * Special case for TM. We send a WILL, but pretend - * we sent WONT. - */ - send_will(option, 0); - set_my_want_state_wont(TELOPT_TM); - set_my_state_wont(TELOPT_TM); - return; - - case TELOPT_BINARY: /* binary mode */ - case TELOPT_NAWS: /* window size */ - case TELOPT_TSPEED: /* terminal speed */ - case TELOPT_LFLOW: /* local flow control */ - case TELOPT_TTYPE: /* terminal type option */ - case TELOPT_SGA: /* no big deal */ -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: /* encryption variable option */ -#endif - new_state_ok = 1; - break; - - case TELOPT_NEW_ENVIRON: /* New environment variable option */ -#ifdef OLD_ENVIRON - if (my_state_is_will(TELOPT_OLD_ENVIRON)) - send_wont(TELOPT_OLD_ENVIRON, 1); /* turn off the old */ - goto env_common; - case TELOPT_OLD_ENVIRON: /* Old environment variable option */ - if (my_state_is_will(TELOPT_NEW_ENVIRON)) - break; /* Don't enable if new one is in use! */ - env_common: - telopt_environ = option; -#endif - new_state_ok = 1; - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - if (autologin) - new_state_ok = 1; - break; -#endif - - case TELOPT_XDISPLOC: /* X Display location */ - if (env_getvalue((unsigned char *)"DISPLAY")) - new_state_ok = 1; - break; - - case TELOPT_LINEMODE: -#ifdef KLUDGELINEMODE - kludgelinemode = 0; - send_do(TELOPT_SGA, 1); -#endif - set_my_want_state_will(TELOPT_LINEMODE); - send_will(option, 0); - set_my_state_will(TELOPT_LINEMODE); - slc_init(); - return; - - case TELOPT_ECHO: /* We're never going to echo... */ - default: - break; - } - - if (new_state_ok) { - set_my_want_state_will(option); - send_will(option, 0); - setconnmode(0); /* Set new tty mode */ - } else { - will_wont_resp[option]++; - send_wont(option, 0); - } - } else { - /* - * Handle options that need more things done after the - * other side has acknowledged the option. - */ - switch (option) { - case TELOPT_LINEMODE: -#ifdef KLUDGELINEMODE - kludgelinemode = 0; - send_do(TELOPT_SGA, 1); -#endif - set_my_state_will(option); - slc_init(); - send_do(TELOPT_SGA, 0); - return; - } - } - } - set_my_state_will(option); -} - -static void -dontoption(int option) -{ - - if (will_wont_resp[option]) { - --will_wont_resp[option]; - if (will_wont_resp[option] && my_state_is_wont(option)) - --will_wont_resp[option]; - } - - if ((will_wont_resp[option] == 0) && my_want_state_is_will(option)) { - switch (option) { - case TELOPT_LINEMODE: - linemode = 0; /* put us back to the default state */ - break; -#ifdef OLD_ENVIRON - case TELOPT_NEW_ENVIRON: - /* - * The new environ option wasn't recognized, try - * the old one. - */ - send_will(TELOPT_OLD_ENVIRON, 1); - telopt_environ = TELOPT_OLD_ENVIRON; - break; -#endif -#if 0 -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - encrypt_not(); - break; -#endif -#endif - } - /* we always accept a DONT */ - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - setconnmode(0); /* Set new tty mode */ - } - set_my_state_wont(option); -} - -/* - * Given a buffer returned by tgetent(), this routine will turn - * the pipe seperated list of names in the buffer into an array - * of pointers to null terminated names. We toss out any bad, - * duplicate, or verbose names (names with spaces). - */ - -static char *name_unknown = "UNKNOWN"; -static char *unknown[] = { 0, 0 }; - -static char ** -mklist(char *buf, char *name) -{ - int n; - char c, *cp, **argvp, *cp2, **argv, **avt; - - if (name) { - if ((int)strlen(name) > 40) { - name = 0; - unknown[0] = name_unknown; - } else { - unknown[0] = name; - strupr(name); - } - } else - unknown[0] = name_unknown; - /* - * Count up the number of names. - */ - for (n = 1, cp = buf; *cp && *cp != ':'; cp++) { - if (*cp == '|') - n++; - } - /* - * Allocate an array to put the name pointers into - */ - argv = (char **)malloc((n+3)*sizeof(char *)); - if (argv == 0) - return(unknown); - - /* - * Fill up the array of pointers to names. - */ - *argv = 0; - argvp = argv+1; - n = 0; - for (cp = cp2 = buf; (c = *cp); cp++) { - if (c == '|' || c == ':') { - *cp++ = '\0'; - /* - * Skip entries that have spaces or are over 40 - * characters long. If this is our environment - * name, then put it up front. Otherwise, as - * long as this is not a duplicate name (case - * insensitive) add it to the list. - */ - if (n || (cp - cp2 > 41)) - ; - else if (name && (strncasecmp(name, cp2, cp-cp2) == 0)) - *argv = cp2; - else if (is_unique(cp2, argv+1, argvp)) - *argvp++ = cp2; - if (c == ':') - break; - /* - * Skip multiple delimiters. Reset cp2 to - * the beginning of the next name. Reset n, - * the flag for names with spaces. - */ - while ((c = *cp) == '|') - cp++; - cp2 = cp; - n = 0; - } - /* - * Skip entries with spaces or non-ascii values. - * Convert lower case letters to upper case. - */ -#define ISASCII(c) (!((c)&0x80)) - if ((c == ' ') || !ISASCII(c)) - n = 1; - else if (islower(c)) - *cp = toupper(c); - } - - /* - * Check for an old V6 2 character name. If the second - * name points to the beginning of the buffer, and is - * only 2 characters long, move it to the end of the array. - */ - if ((argv[1] == buf) && (strlen(argv[1]) == 2)) { - --argvp; - for (avt = &argv[1]; avt < argvp; avt++) - *avt = *(avt+1); - *argvp++ = buf; - } - - /* - * Duplicate last name, for TTYPE option, and null - * terminate the array. If we didn't find a match on - * our terminal name, put that name at the beginning. - */ - cp = *(argvp-1); - *argvp++ = cp; - *argvp = 0; - - if (*argv == 0) { - if (name) - *argv = name; - else { - --argvp; - for (avt = argv; avt < argvp; avt++) - *avt = *(avt+1); - } - } - if (*argv) - return(argv); - else - return(unknown); -} - -static int -is_unique(char *name, char **as, char **ae) -{ - char **ap; - int n; - - n = strlen(name) + 1; - for (ap = as; ap < ae; ap++) - if (strncasecmp(*ap, name, n) == 0) - return(0); - return (1); -} - -static char termbuf[1024]; - -static int -telnet_setupterm(const char *tname, int fd, int *errp) -{ - if (tgetent(termbuf, tname) == 1) { - termbuf[1023] = '\0'; - if (errp) - *errp = 1; - return(0); - } - if (errp) - *errp = 0; - return(-1); -} - -int resettermname = 1; - -static char * -gettermname() -{ - char *tname; - static char **tnamep = 0; - static char **next; - int err; - - if (resettermname) { - resettermname = 0; - if (tnamep && tnamep != unknown) - free(tnamep); - if ((tname = (char *)env_getvalue((unsigned char *)"TERM")) && - telnet_setupterm(tname, 1, &err) == 0) { - tnamep = mklist(termbuf, tname); - } else { - if (tname && ((int)strlen(tname) <= 40)) { - unknown[0] = tname; - strupr(tname); - } else - unknown[0] = name_unknown; - tnamep = unknown; - } - next = tnamep; - } - if (*next == 0) - next = tnamep; - return(*next++); -} -/* - * suboption() - * - * Look at the sub-option buffer, and try to be helpful to the other - * side. - * - * Currently we recognize: - * - * Terminal type, send request. - * Terminal speed (send request). - * Local flow control (is request). - * Linemode - */ - -static void -suboption() -{ - unsigned char subchar; - - printsub('<', subbuffer, SB_LEN()+2); - switch (subchar = SB_GET()) { - case TELOPT_TTYPE: - if (my_want_state_is_wont(TELOPT_TTYPE)) - return; - if (SB_EOF() || SB_GET() != TELQUAL_SEND) { - return; - } else { - char *name; - unsigned char temp[50]; - int len; - - name = gettermname(); - len = strlen(name) + 4 + 2; - if (len < NETROOM()) { - snprintf((char *)temp, sizeof(temp), - "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE, - TELQUAL_IS, name, IAC, SE); - ring_supply_data(&netoring, temp, len); - printsub('>', &temp[2], len-2); - } else { - ExitString("No room in buffer for terminal type.\n", 1); - /*NOTREACHED*/ - } - } - break; - case TELOPT_TSPEED: - if (my_want_state_is_wont(TELOPT_TSPEED)) - return; - if (SB_EOF()) - return; - if (SB_GET() == TELQUAL_SEND) { - long output_speed, input_speed; - unsigned char temp[50]; - int len; - - TerminalSpeeds(&input_speed, &output_speed); - - snprintf((char *)temp, sizeof(temp), - "%c%c%c%c%u,%u%c%c", IAC, SB, TELOPT_TSPEED, - TELQUAL_IS, - (unsigned)output_speed, - (unsigned)input_speed, IAC, SE); - len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ - - if (len < NETROOM()) { - ring_supply_data(&netoring, temp, len); - printsub('>', temp+2, len - 2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - } - break; - case TELOPT_LFLOW: - if (my_want_state_is_wont(TELOPT_LFLOW)) - return; - if (SB_EOF()) - return; - switch(SB_GET()) { - case LFLOW_RESTART_ANY: - restartany = 1; - break; - case LFLOW_RESTART_XON: - restartany = 0; - break; - case LFLOW_ON: - localflow = 1; - break; - case LFLOW_OFF: - localflow = 0; - break; - default: - return; - } - setcommandmode(); - setconnmode(0); - break; - - case TELOPT_LINEMODE: - if (my_want_state_is_wont(TELOPT_LINEMODE)) - return; - if (SB_EOF()) - return; - switch (SB_GET()) { - case WILL: - lm_will(subpointer, SB_LEN()); - break; - case WONT: - lm_wont(subpointer, SB_LEN()); - break; - case DO: - lm_do(subpointer, SB_LEN()); - break; - case DONT: - lm_dont(subpointer, SB_LEN()); - break; - case LM_SLC: - slc(subpointer, SB_LEN()); - break; - case LM_MODE: - lm_mode(subpointer, SB_LEN(), 0); - break; - default: - break; - } - break; - -#ifdef OLD_ENVIRON - case TELOPT_OLD_ENVIRON: -#endif - case TELOPT_NEW_ENVIRON: - if (SB_EOF()) - return; - switch(SB_PEEK()) { - case TELQUAL_IS: - case TELQUAL_INFO: - if (my_want_state_is_dont(subchar)) - return; - break; - case TELQUAL_SEND: - if (my_want_state_is_wont(subchar)) { - return; - } - break; - default: - return; - } - env_opt(subpointer, SB_LEN()); - break; - - case TELOPT_XDISPLOC: - if (my_want_state_is_wont(TELOPT_XDISPLOC)) - return; - if (SB_EOF()) - return; - if (SB_GET() == TELQUAL_SEND) { - unsigned char temp[50], *dp; - int len; - - if ((dp = env_getvalue((unsigned char *)"DISPLAY")) == NULL) { - /* - * Something happened, we no longer have a DISPLAY - * variable. So, turn off the option. - */ - send_wont(TELOPT_XDISPLOC, 1); - break; - } - snprintf((char *)temp, sizeof(temp), - "%c%c%c%c%s%c%c", IAC, SB, TELOPT_XDISPLOC, - TELQUAL_IS, dp, IAC, SE); - len = strlen((char *)temp+4) + 4; /* temp[3] is 0 ... */ - - if (len < NETROOM()) { - ring_supply_data(&netoring, temp, len); - printsub('>', temp+2, len - 2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - } - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: { - if (!autologin) - break; - if (SB_EOF()) - return; - switch(SB_GET()) { - case TELQUAL_IS: - if (my_want_state_is_dont(TELOPT_AUTHENTICATION)) - return; - auth_is(subpointer, SB_LEN()); - break; - case TELQUAL_SEND: - if (my_want_state_is_wont(TELOPT_AUTHENTICATION)) - return; - auth_send(subpointer, SB_LEN()); - break; - case TELQUAL_REPLY: - if (my_want_state_is_wont(TELOPT_AUTHENTICATION)) - return; - auth_reply(subpointer, SB_LEN()); - break; - case TELQUAL_NAME: - if (my_want_state_is_dont(TELOPT_AUTHENTICATION)) - return; - auth_name(subpointer, SB_LEN()); - break; - } - } - break; -#endif -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: - if (SB_EOF()) - return; - switch(SB_GET()) { - case ENCRYPT_START: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_start(subpointer, SB_LEN()); - break; - case ENCRYPT_END: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_end(); - break; - case ENCRYPT_SUPPORT: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_support(subpointer, SB_LEN()); - break; - case ENCRYPT_REQSTART: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_request_start(subpointer, SB_LEN()); - break; - case ENCRYPT_REQEND: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - /* - * We can always send an REQEND so that we cannot - * get stuck encrypting. We should only get this - * if we have been able to get in the correct mode - * anyhow. - */ - encrypt_request_end(); - break; - case ENCRYPT_IS: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_is(subpointer, SB_LEN()); - break; - case ENCRYPT_REPLY: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_reply(subpointer, SB_LEN()); - break; - case ENCRYPT_ENC_KEYID: - if (my_want_state_is_dont(TELOPT_ENCRYPT)) - return; - encrypt_enc_keyid(subpointer, SB_LEN()); - break; - case ENCRYPT_DEC_KEYID: - if (my_want_state_is_wont(TELOPT_ENCRYPT)) - return; - encrypt_dec_keyid(subpointer, SB_LEN()); - break; - default: - break; - } - break; -#endif - default: - break; - } -} - -static unsigned char str_lm[] = { IAC, SB, TELOPT_LINEMODE, 0, 0, IAC, SE }; - -void -lm_will(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_will: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: /* We shouldn't ever get this... */ - default: - str_lm[3] = DONT; - str_lm[4] = cmd[0]; - if (NETROOM() > sizeof(str_lm)) { - ring_supply_data(&netoring, str_lm, sizeof(str_lm)); - printsub('>', &str_lm[2], sizeof(str_lm)-2); - } -/*@*/ else printf("lm_will: not enough room in buffer\n"); - break; - } -} - -void -lm_wont(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_wont: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: /* We shouldn't ever get this... */ - default: - /* We are always DONT, so don't respond */ - return; - } -} - -void -lm_do(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_do: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: - default: - str_lm[3] = WONT; - str_lm[4] = cmd[0]; - if (NETROOM() > sizeof(str_lm)) { - ring_supply_data(&netoring, str_lm, sizeof(str_lm)); - printsub('>', &str_lm[2], sizeof(str_lm)-2); - } -/*@*/ else printf("lm_do: not enough room in buffer\n"); - break; - } -} - -void -lm_dont(unsigned char *cmd, int len) -{ - if (len < 1) { -/*@*/ printf("lm_dont: no command!!!\n"); /* Should not happen... */ - return; - } - switch(cmd[0]) { - case LM_FORWARDMASK: - default: - /* we are always WONT, so don't respond */ - break; - } -} - -static unsigned char str_lm_mode[] = { - IAC, SB, TELOPT_LINEMODE, LM_MODE, 0, IAC, SE -}; - -void -lm_mode(unsigned char *cmd, int len, int init) -{ - if (len != 1) - return; - if ((linemode&MODE_MASK&~MODE_ACK) == *cmd) - return; - if (*cmd&MODE_ACK) - return; - linemode = *cmd&(MODE_MASK&~MODE_ACK); - str_lm_mode[4] = linemode; - if (!init) - str_lm_mode[4] |= MODE_ACK; - if (NETROOM() > sizeof(str_lm_mode)) { - ring_supply_data(&netoring, str_lm_mode, sizeof(str_lm_mode)); - printsub('>', &str_lm_mode[2], sizeof(str_lm_mode)-2); - } -/*@*/ else printf("lm_mode: not enough room in buffer\n"); - setconnmode(0); /* set changed mode */ -} - - - -/* - * slc() - * Handle special character suboption of LINEMODE. - */ - -struct spc { - cc_t val; - cc_t *valp; - char flags; /* Current flags & level */ - char mylevel; /* Maximum level & flags */ -} spc_data[NSLC+1]; - -#define SLC_IMPORT 0 -#define SLC_EXPORT 1 -#define SLC_RVALUE 2 -static int slc_mode = SLC_EXPORT; - -void -slc_init() -{ - struct spc *spcp; - - localchars = 1; - for (spcp = spc_data; spcp < &spc_data[NSLC+1]; spcp++) { - spcp->val = 0; - spcp->valp = 0; - spcp->flags = spcp->mylevel = SLC_NOSUPPORT; - } - -#define initfunc(func, flags) { \ - spcp = &spc_data[func]; \ - if ((spcp->valp = tcval(func))) { \ - spcp->val = *spcp->valp; \ - spcp->mylevel = SLC_VARIABLE|flags; \ - } else { \ - spcp->val = 0; \ - spcp->mylevel = SLC_DEFAULT; \ - } \ - } - - initfunc(SLC_SYNCH, 0); - /* No BRK */ - initfunc(SLC_AO, 0); - initfunc(SLC_AYT, 0); - /* No EOR */ - initfunc(SLC_ABORT, SLC_FLUSHIN|SLC_FLUSHOUT); - initfunc(SLC_EOF, 0); - initfunc(SLC_SUSP, SLC_FLUSHIN); - initfunc(SLC_EC, 0); - initfunc(SLC_EL, 0); - initfunc(SLC_EW, 0); - initfunc(SLC_RP, 0); - initfunc(SLC_LNEXT, 0); - initfunc(SLC_XON, 0); - initfunc(SLC_XOFF, 0); - initfunc(SLC_FORW1, 0); - initfunc(SLC_FORW2, 0); - /* No FORW2 */ - - initfunc(SLC_IP, SLC_FLUSHIN|SLC_FLUSHOUT); -#undef initfunc - - if (slc_mode == SLC_EXPORT) - slc_export(); - else - slc_import(1); - -} - -void -slcstate() -{ - printf("Special characters are %s values\n", - slc_mode == SLC_IMPORT ? "remote default" : - slc_mode == SLC_EXPORT ? "local" : - "remote"); -} - -void -slc_mode_export() -{ - slc_mode = SLC_EXPORT; - if (my_state_is_will(TELOPT_LINEMODE)) - slc_export(); -} - -void -slc_mode_import(int def) -{ - slc_mode = def ? SLC_IMPORT : SLC_RVALUE; - if (my_state_is_will(TELOPT_LINEMODE)) - slc_import(def); -} - -unsigned char slc_import_val[] = { - IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_VARIABLE, 0, IAC, SE -}; -unsigned char slc_import_def[] = { - IAC, SB, TELOPT_LINEMODE, LM_SLC, 0, SLC_DEFAULT, 0, IAC, SE -}; - -void -slc_import(int def) -{ - if (NETROOM() > sizeof(slc_import_val)) { - if (def) { - ring_supply_data(&netoring, slc_import_def, sizeof(slc_import_def)); - printsub('>', &slc_import_def[2], sizeof(slc_import_def)-2); - } else { - ring_supply_data(&netoring, slc_import_val, sizeof(slc_import_val)); - printsub('>', &slc_import_val[2], sizeof(slc_import_val)-2); - } - } -/*@*/ else printf("slc_import: not enough room\n"); -} - -void -slc_export() -{ - struct spc *spcp; - - TerminalDefaultChars(); - - slc_start_reply(); - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (spcp->mylevel != SLC_NOSUPPORT) { - if (spcp->val == (cc_t)(_POSIX_VDISABLE)) - spcp->flags = SLC_NOSUPPORT; - else - spcp->flags = spcp->mylevel; - if (spcp->valp) - spcp->val = *spcp->valp; - slc_add_reply(spcp - spc_data, spcp->flags, spcp->val); - } - } - slc_end_reply(); - slc_update(); - setconnmode(1); /* Make sure the character values are set */ -} - -void -slc(unsigned char *cp, int len) -{ - struct spc *spcp; - int func,level; - - slc_start_reply(); - - for (; len >= 3; len -=3, cp +=3) { - - func = cp[SLC_FUNC]; - - if (func == 0) { - /* - * Client side: always ignore 0 function. - */ - continue; - } - if (func > NSLC) { - if ((cp[SLC_FLAGS] & SLC_LEVELBITS) != SLC_NOSUPPORT) - slc_add_reply(func, SLC_NOSUPPORT, 0); - continue; - } - - spcp = &spc_data[func]; - - level = cp[SLC_FLAGS]&(SLC_LEVELBITS|SLC_ACK); - - if ((cp[SLC_VALUE] == (unsigned char)spcp->val) && - ((level&SLC_LEVELBITS) == (spcp->flags&SLC_LEVELBITS))) { - continue; - } - - if (level == (SLC_DEFAULT|SLC_ACK)) { - /* - * This is an error condition, the SLC_ACK - * bit should never be set for the SLC_DEFAULT - * level. Our best guess to recover is to - * ignore the SLC_ACK bit. - */ - cp[SLC_FLAGS] &= ~SLC_ACK; - } - - if (level == ((spcp->flags&SLC_LEVELBITS)|SLC_ACK)) { - spcp->val = (cc_t)cp[SLC_VALUE]; - spcp->flags = cp[SLC_FLAGS]; /* include SLC_ACK */ - continue; - } - - level &= ~SLC_ACK; - - if (level <= (spcp->mylevel&SLC_LEVELBITS)) { - spcp->flags = cp[SLC_FLAGS]|SLC_ACK; - spcp->val = (cc_t)cp[SLC_VALUE]; - } - if (level == SLC_DEFAULT) { - if ((spcp->mylevel&SLC_LEVELBITS) != SLC_DEFAULT) - spcp->flags = spcp->mylevel; - else - spcp->flags = SLC_NOSUPPORT; - } - slc_add_reply(func, spcp->flags, spcp->val); - } - slc_end_reply(); - if (slc_update()) - setconnmode(1); /* set the new character values */ -} - -void -slc_check() -{ - struct spc *spcp; - - slc_start_reply(); - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (spcp->valp && spcp->val != *spcp->valp) { - spcp->val = *spcp->valp; - if (spcp->val == (cc_t)(_POSIX_VDISABLE)) - spcp->flags = SLC_NOSUPPORT; - else - spcp->flags = spcp->mylevel; - slc_add_reply(spcp - spc_data, spcp->flags, spcp->val); - } - } - slc_end_reply(); - setconnmode(1); -} - - -unsigned char slc_reply[128]; -unsigned char *slc_replyp; - -void -slc_start_reply() -{ - slc_replyp = slc_reply; - *slc_replyp++ = IAC; - *slc_replyp++ = SB; - *slc_replyp++ = TELOPT_LINEMODE; - *slc_replyp++ = LM_SLC; -} - -void -slc_add_reply(unsigned char func, unsigned char flags, cc_t value) -{ - if ((*slc_replyp++ = func) == IAC) - *slc_replyp++ = IAC; - if ((*slc_replyp++ = flags) == IAC) - *slc_replyp++ = IAC; - if ((*slc_replyp++ = (unsigned char)value) == IAC) - *slc_replyp++ = IAC; -} - -void -slc_end_reply() -{ - int len; - - *slc_replyp++ = IAC; - *slc_replyp++ = SE; - len = slc_replyp - slc_reply; - if (len <= 6) - return; - if (NETROOM() > len) { - ring_supply_data(&netoring, slc_reply, slc_replyp - slc_reply); - printsub('>', &slc_reply[2], slc_replyp - slc_reply - 2); - } -/*@*/else printf("slc_end_reply: not enough room\n"); -} - -int -slc_update() -{ - struct spc *spcp; - int need_update = 0; - - for (spcp = &spc_data[1]; spcp < &spc_data[NSLC+1]; spcp++) { - if (!(spcp->flags&SLC_ACK)) - continue; - spcp->flags &= ~SLC_ACK; - if (spcp->valp && (*spcp->valp != spcp->val)) { - *spcp->valp = spcp->val; - need_update = 1; - } - } - return(need_update); -} - -#ifdef OLD_ENVIRON -# define old_env_var OLD_ENV_VAR -# define old_env_value OLD_ENV_VALUE -#endif - -void -env_opt(unsigned char *buf, int len) -{ - unsigned char *ep = 0, *epc = 0; - int i; - - switch(buf[0]&0xff) { - case TELQUAL_SEND: - env_opt_start(); - if (len == 1) { - env_opt_add(NULL); - } else for (i = 1; i < len; i++) { - switch (buf[i]&0xff) { -#ifdef OLD_ENVIRON - case OLD_ENV_VAR: - case OLD_ENV_VALUE: - /* - * Although OLD_ENV_VALUE is not legal, we will - * still recognize it, just in case it is an - * old server that has VAR & VALUE mixed up... - */ - /* FALL THROUGH */ -#else - case NEW_ENV_VAR: -#endif - case ENV_USERVAR: - if (ep) { - *epc = 0; - env_opt_add(ep); - } - ep = epc = &buf[i+1]; - break; - case ENV_ESC: - i++; - /*FALL THROUGH*/ - default: - if (epc) - *epc++ = buf[i]; - break; - } - } - if (ep) { - *epc = 0; - env_opt_add(ep); - } - env_opt_end(1); - break; - - case TELQUAL_IS: - case TELQUAL_INFO: - /* Ignore for now. We shouldn't get it anyway. */ - break; - - default: - break; - } -} - -#define OPT_REPLY_SIZE 256 -unsigned char *opt_reply; -unsigned char *opt_replyp; -unsigned char *opt_replyend; - -void -env_opt_start() -{ - if (opt_reply) - opt_reply = (unsigned char *)realloc(opt_reply, OPT_REPLY_SIZE); - else - opt_reply = (unsigned char *)malloc(OPT_REPLY_SIZE); - if (opt_reply == NULL) { -/*@*/ printf("env_opt_start: malloc()/realloc() failed!!!\n"); - opt_reply = opt_replyp = opt_replyend = NULL; - return; - } - opt_replyp = opt_reply; - opt_replyend = opt_reply + OPT_REPLY_SIZE; - *opt_replyp++ = IAC; - *opt_replyp++ = SB; - *opt_replyp++ = telopt_environ; - *opt_replyp++ = TELQUAL_IS; -} - -void -env_opt_start_info() -{ - env_opt_start(); - if (opt_replyp) - opt_replyp[-1] = TELQUAL_INFO; -} - -void -env_opt_add(unsigned char *ep) -{ - unsigned char *vp, c; - - if (opt_reply == NULL) /*XXX*/ - return; /*XXX*/ - - if (ep == NULL || *ep == '\0') { - /* Send user defined variables first. */ - env_default(1, 0); - while ((ep = env_default(0, 0))) - env_opt_add(ep); - - /* Now add the list of well know variables. */ - env_default(1, 1); - while ((ep = env_default(0, 1))) - env_opt_add(ep); - return; - } - vp = env_getvalue(ep); - if (opt_replyp + (vp ? strlen((char *)vp) : 0) + - strlen((char *)ep) + 6 > opt_replyend) - { - int len; - opt_replyend += OPT_REPLY_SIZE; - len = opt_replyend - opt_reply; - opt_reply = (unsigned char *)realloc(opt_reply, len); - if (opt_reply == NULL) { -/*@*/ printf("env_opt_add: realloc() failed!!!\n"); - opt_reply = opt_replyp = opt_replyend = NULL; - return; - } - opt_replyp = opt_reply + len - (opt_replyend - opt_replyp); - opt_replyend = opt_reply + len; - } - if (opt_welldefined((char *)ep)) { -#ifdef OLD_ENVIRON - if (telopt_environ == TELOPT_OLD_ENVIRON) - *opt_replyp++ = old_env_var; - else -#endif - *opt_replyp++ = NEW_ENV_VAR; - } else - *opt_replyp++ = ENV_USERVAR; - for (;;) { - while ((c = *ep++)) { - switch(c&0xff) { - case IAC: - *opt_replyp++ = IAC; - break; - case NEW_ENV_VAR: - case NEW_ENV_VALUE: - case ENV_ESC: - case ENV_USERVAR: - *opt_replyp++ = ENV_ESC; - break; - } - *opt_replyp++ = c; - } - if ((ep = vp)) { -#ifdef OLD_ENVIRON - if (telopt_environ == TELOPT_OLD_ENVIRON) - *opt_replyp++ = old_env_value; - else -#endif - *opt_replyp++ = NEW_ENV_VALUE; - vp = NULL; - } else - break; - } -} - -int -opt_welldefined(char *ep) -{ - if ((strcmp(ep, "USER") == 0) || - (strcmp(ep, "DISPLAY") == 0) || - (strcmp(ep, "PRINTER") == 0) || - (strcmp(ep, "SYSTEMTYPE") == 0) || - (strcmp(ep, "JOB") == 0) || - (strcmp(ep, "ACCT") == 0)) - return(1); - return(0); -} - -void -env_opt_end(int emptyok) -{ - int len; - - len = opt_replyp - opt_reply + 2; - if (emptyok || len > 6) { - *opt_replyp++ = IAC; - *opt_replyp++ = SE; - if (NETROOM() > len) { - ring_supply_data(&netoring, opt_reply, len); - printsub('>', &opt_reply[2], len - 2); - } -/*@*/ else printf("slc_end_reply: not enough room\n"); - } - if (opt_reply) { - free(opt_reply); - opt_reply = opt_replyp = opt_replyend = NULL; - } -} - - - -int -telrcv(void) -{ - int c; - int scc; - unsigned char *sbp = NULL; - int count; - int returnValue = 0; - - scc = 0; - count = 0; - while (TTYROOM() > 2) { - if (scc == 0) { - if (count) { - ring_consumed(&netiring, count); - returnValue = 1; - count = 0; - } - sbp = netiring.consume; - scc = ring_full_consecutive(&netiring); - if (scc == 0) { - /* No more data coming in */ - break; - } - } - - c = *sbp++ & 0xff, scc--; count++; -#if defined(ENCRYPTION) - if (decrypt_input) - c = (*decrypt_input)(c); -#endif - - switch (telrcv_state) { - - case TS_CR: - telrcv_state = TS_DATA; - if (c == '\0') { - break; /* Ignore \0 after CR */ - } - else if ((c == '\n') && my_want_state_is_dont(TELOPT_ECHO) && !crmod) { - TTYADD(c); - break; - } - /* Else, fall through */ - - case TS_DATA: - if (c == IAC) { - telrcv_state = TS_IAC; - break; - } - /* - * The 'crmod' hack (see following) is needed - * since we can't set CRMOD on output only. - * Machines like MULTICS like to send \r without - * \n; since we must turn off CRMOD to get proper - * input, the mapping is done here (sigh). - */ - if ((c == '\r') && my_want_state_is_dont(TELOPT_BINARY)) { - if (scc > 0) { - c = *sbp&0xff; -#if defined(ENCRYPTION) - if (decrypt_input) - c = (*decrypt_input)(c); -#endif - if (c == 0) { - sbp++, scc--; count++; - /* a "true" CR */ - TTYADD('\r'); - } else if (my_want_state_is_dont(TELOPT_ECHO) && - (c == '\n')) { - sbp++, scc--; count++; - TTYADD('\n'); - } else { -#if defined(ENCRYPTION) - if (decrypt_input) - (*decrypt_input)(-1); -#endif - - TTYADD('\r'); - if (crmod) { - TTYADD('\n'); - } - } - } else { - telrcv_state = TS_CR; - TTYADD('\r'); - if (crmod) { - TTYADD('\n'); - } - } - } else { - TTYADD(c); - } - continue; - - case TS_IAC: -process_iac: - switch (c) { - - case WILL: - telrcv_state = TS_WILL; - continue; - - case WONT: - telrcv_state = TS_WONT; - continue; - - case DO: - telrcv_state = TS_DO; - continue; - - case DONT: - telrcv_state = TS_DONT; - continue; - - case DM: - /* - * We may have missed an urgent notification, - * so make sure we flush whatever is in the - * buffer currently. - */ - printoption("RCVD", IAC, DM); - SYNCHing = 1; - ttyflush(1); - SYNCHing = stilloob(); - settimer(gotDM); - break; - - case SB: - SB_CLEAR(); - telrcv_state = TS_SB; - continue; - - - case IAC: - TTYADD(IAC); - break; - - case NOP: - case GA: - default: - printoption("RCVD", IAC, c); - break; - } - telrcv_state = TS_DATA; - continue; - - case TS_WILL: - printoption("RCVD", WILL, c); - willoption(c); - telrcv_state = TS_DATA; - continue; - - case TS_WONT: - printoption("RCVD", WONT, c); - wontoption(c); - telrcv_state = TS_DATA; - continue; - - case TS_DO: - printoption("RCVD", DO, c); - dooption(c); - if (c == TELOPT_NAWS) { - sendnaws(); - } else if (c == TELOPT_LFLOW) { - localflow = 1; - setcommandmode(); - setconnmode(0); - } - telrcv_state = TS_DATA; - continue; - - case TS_DONT: - printoption("RCVD", DONT, c); - dontoption(c); - flushline = 1; - setconnmode(0); /* set new tty mode (maybe) */ - telrcv_state = TS_DATA; - continue; - - case TS_SB: - if (c == IAC) { - telrcv_state = TS_SE; - } else { - SB_ACCUM(c); - } - continue; - - case TS_SE: - if (c != SE) { - if (c != IAC) { - /* - * This is an error. We only expect to get - * "IAC IAC" or "IAC SE". Several things may - * have happend. An IAC was not doubled, the - * IAC SE was left off, or another option got - * inserted into the suboption are all possibilities. - * If we assume that the IAC was not doubled, - * and really the IAC SE was left off, we could - * get into an infinate loop here. So, instead, - * we terminate the suboption, and process the - * partial suboption if we can. - */ - SB_ACCUM(IAC); - SB_ACCUM(c); - subpointer -= 2; - SB_TERM(); - - printoption("In SUBOPTION processing, RCVD", IAC, c); - suboption(); /* handle sub-option */ - telrcv_state = TS_IAC; - goto process_iac; - } - SB_ACCUM(c); - telrcv_state = TS_SB; - } else { - SB_ACCUM(IAC); - SB_ACCUM(SE); - subpointer -= 2; - SB_TERM(); - suboption(); /* handle sub-option */ - telrcv_state = TS_DATA; - } - } - } - if (count) - ring_consumed(&netiring, count); - return returnValue||count; -} - -static int bol = 1, local = 0; - -int -rlogin_susp(void) -{ - if (local) { - local = 0; - bol = 1; - command(0, "z\n", 2); - return(1); - } - return(0); -} - -static int -telsnd() -{ - int tcc; - int count; - int returnValue = 0; - unsigned char *tbp = NULL; - - tcc = 0; - count = 0; - while (NETROOM() > 2) { - int sc; - int c; - - if (tcc == 0) { - if (count) { - ring_consumed(&ttyiring, count); - returnValue = 1; - count = 0; - } - tbp = ttyiring.consume; - tcc = ring_full_consecutive(&ttyiring); - if (tcc == 0) { - break; - } - } - c = *tbp++ & 0xff, sc = strip(c), tcc--; count++; - if (rlogin != _POSIX_VDISABLE) { - if (bol) { - bol = 0; - if (sc == rlogin) { - local = 1; - continue; - } - } else if (local) { - local = 0; - if (sc == '.' || c == termEofChar) { - bol = 1; - command(0, "close\n", 6); - continue; - } - if (sc == termSuspChar) { - bol = 1; - command(0, "z\n", 2); - continue; - } - if (sc == escape) { - command(0, (char *)tbp, tcc); - bol = 1; - count += tcc; - tcc = 0; - flushline = 1; - break; - } - if (sc != rlogin) { - ++tcc; - --tbp; - --count; - c = sc = rlogin; - } - } - if ((sc == '\n') || (sc == '\r')) - bol = 1; - } else if (sc == escape) { - /* - * Double escape is a pass through of a single escape character. - */ - if (tcc && strip(*tbp) == escape) { - tbp++; - tcc--; - count++; - bol = 0; - } else { - command(0, (char *)tbp, tcc); - bol = 1; - count += tcc; - tcc = 0; - flushline = 1; - break; - } - } else - bol = 0; -#ifdef KLUDGELINEMODE - if (kludgelinemode && (globalmode&MODE_EDIT) && (sc == echoc)) { - if (tcc > 0 && strip(*tbp) == echoc) { - tcc--; tbp++; count++; - } else { - dontlecho = !dontlecho; - settimer(echotoggle); - setconnmode(0); - flushline = 1; - break; - } - } -#endif - if (MODE_LOCAL_CHARS(globalmode)) { - if (TerminalSpecialChars(sc) == 0) { - bol = 1; - break; - } - } - if (my_want_state_is_wont(TELOPT_BINARY)) { - switch (c) { - case '\n': - /* - * If we are in CRMOD mode (\r ==> \n) - * on our local machine, then probably - * a newline (unix) is CRLF (TELNET). - */ - if (MODE_LOCAL_CHARS(globalmode)) { - NETADD('\r'); - } - NETADD('\n'); - bol = flushline = 1; - break; - case '\r': - if (!crlf) { - NET2ADD('\r', '\0'); - } else { - NET2ADD('\r', '\n'); - } - bol = flushline = 1; - break; - case IAC: - NET2ADD(IAC, IAC); - break; - default: - NETADD(c); - break; - } - } else if (c == IAC) { - NET2ADD(IAC, IAC); - } else { - NETADD(c); - } - } - if (count) - ring_consumed(&ttyiring, count); - return returnValue||count; /* Non-zero if we did anything */ -} - -/* - * Scheduler() - * - * Try to do something. - * - * If we do something useful, return 1; else return 0. - * - */ - - -static int -Scheduler(int block) /* should we block in the select ? */ -{ - /* One wants to be a bit careful about setting returnValue - * to one, since a one implies we did some useful work, - * and therefore probably won't be called to block next - * time (TN3270 mode only). - */ - int returnValue; - int netin, netout, netex, ttyin, ttyout; - - /* Decide which rings should be processed */ - - netout = ring_full_count(&netoring) && - (flushline || - (my_want_state_is_wont(TELOPT_LINEMODE) -#ifdef KLUDGELINEMODE - && (!kludgelinemode || my_want_state_is_do(TELOPT_SGA)) -#endif - ) || - my_want_state_is_will(TELOPT_BINARY)); - ttyout = ring_full_count(&ttyoring); - - ttyin = ring_empty_count(&ttyiring); - - netin = !ISend && ring_empty_count(&netiring); - - netex = !SYNCHing; - - /* If we have seen a signal recently, reset things */ - - /* Call to system code to process rings */ - - returnValue = process_rings(netin, netout, netex, ttyin, ttyout, !block); - - /* Now, look at the input rings, looking for work to do. */ - - if (ring_full_count(&ttyiring)) { - returnValue |= telsnd(); - } - - if (ring_full_count(&netiring)) { - returnValue |= telrcv(); - } - return returnValue; -} - -/* - * Select from tty and network... - */ -void -my_telnet(char *user) -{ - sys_telnet_init(); - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) - { - static char local_host[256] = { 0 }; - - if (!local_host[0]) { - /* XXX - should be k_gethostname? */ - gethostname(local_host, sizeof(local_host)); - local_host[sizeof(local_host)-1] = 0; - } - auth_encrypt_init(local_host, hostname, "TELNET", 0); - auth_encrypt_user(user); - } -#endif - if (telnetport) { -#if defined(AUTHENTICATION) - if (autologin) - send_will(TELOPT_AUTHENTICATION, 1); -#endif -#if defined(ENCRYPTION) - send_do(TELOPT_ENCRYPT, 1); - send_will(TELOPT_ENCRYPT, 1); -#endif - send_do(TELOPT_SGA, 1); - send_will(TELOPT_TTYPE, 1); - send_will(TELOPT_NAWS, 1); - send_will(TELOPT_TSPEED, 1); - send_will(TELOPT_LFLOW, 1); - send_will(TELOPT_LINEMODE, 1); - send_will(TELOPT_NEW_ENVIRON, 1); - send_do(TELOPT_STATUS, 1); - if (env_getvalue((unsigned char *)"DISPLAY")) - send_will(TELOPT_XDISPLOC, 1); - if (binary) - tel_enter_binary(binary); - } - - for (;;) { - int schedValue; - - while ((schedValue = Scheduler(0)) != 0) { - if (schedValue == -1) { - setcommandmode(); - return; - } - } - - if (Scheduler(1) == -1) { - setcommandmode(); - return; - } - } -} - -/* - * netclear() - * - * We are about to do a TELNET SYNCH operation. Clear - * the path to the network. - * - * Things are a bit tricky since we may have sent the first - * byte or so of a previous TELNET command into the network. - * So, we have to scan the network buffer from the beginning - * until we are up to where we want to be. - * - * A side effect of what we do, just to keep things - * simple, is to clear the urgent data pointer. The principal - * caller should be setting the urgent data pointer AFTER calling - * us in any case. - */ - -static void -netclear() -{ -#if 0 /* XXX */ - char *thisitem, *next; - char *good; -#define wewant(p) ((nfrontp > p) && ((*p&0xff) == IAC) && \ - ((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL)) - - thisitem = netobuf; - - while ((next = nextitem(thisitem)) <= netobuf.send) { - thisitem = next; - } - - /* Now, thisitem is first before/at boundary. */ - - good = netobuf; /* where the good bytes go */ - - while (netoring.add > thisitem) { - if (wewant(thisitem)) { - int length; - - next = thisitem; - do { - next = nextitem(next); - } while (wewant(next) && (nfrontp > next)); - length = next-thisitem; - memmove(good, thisitem, length); - good += length; - thisitem = next; - } else { - thisitem = nextitem(thisitem); - } - } - -#endif /* 0 */ -} - -/* - * These routines add various telnet commands to the data stream. - */ - -static void -doflush() -{ - NET2ADD(IAC, DO); - NETADD(TELOPT_TM); - flushline = 1; - flushout = 1; - ttyflush(1); /* Flush/drop output */ - /* do printoption AFTER flush, otherwise the output gets tossed... */ - printoption("SENT", DO, TELOPT_TM); -} - -void -xmitAO(void) -{ - NET2ADD(IAC, AO); - printoption("SENT", IAC, AO); - if (autoflush) { - doflush(); - } -} - - -void -xmitEL(void) -{ - NET2ADD(IAC, EL); - printoption("SENT", IAC, EL); -} - -void -xmitEC(void) -{ - NET2ADD(IAC, EC); - printoption("SENT", IAC, EC); -} - - -int -dosynch() -{ - netclear(); /* clear the path to the network */ - NETADD(IAC); - setneturg(); - NETADD(DM); - printoption("SENT", IAC, DM); - return 1; -} - -int want_status_response = 0; - -int -get_status() -{ - unsigned char tmp[16]; - unsigned char *cp; - - if (my_want_state_is_dont(TELOPT_STATUS)) { - printf("Remote side does not support STATUS option\n"); - return 0; - } - cp = tmp; - - *cp++ = IAC; - *cp++ = SB; - *cp++ = TELOPT_STATUS; - *cp++ = TELQUAL_SEND; - *cp++ = IAC; - *cp++ = SE; - if (NETROOM() >= cp - tmp) { - ring_supply_data(&netoring, tmp, cp-tmp); - printsub('>', tmp+2, cp - tmp - 2); - } - ++want_status_response; - return 1; -} - -void -intp(void) -{ - NET2ADD(IAC, IP); - printoption("SENT", IAC, IP); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendbrk(void) -{ - NET2ADD(IAC, BREAK); - printoption("SENT", IAC, BREAK); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendabort(void) -{ - NET2ADD(IAC, ABORT); - printoption("SENT", IAC, ABORT); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendsusp(void) -{ - NET2ADD(IAC, SUSP); - printoption("SENT", IAC, SUSP); - flushline = 1; - if (autoflush) { - doflush(); - } - if (autosynch) { - dosynch(); - } -} - -void -sendeof(void) -{ - NET2ADD(IAC, xEOF); - printoption("SENT", IAC, xEOF); -} - -void -sendayt(void) -{ - NET2ADD(IAC, AYT); - printoption("SENT", IAC, AYT); -} - -/* - * Send a window size update to the remote system. - */ - -void -sendnaws() -{ - long rows, cols; - unsigned char tmp[16]; - unsigned char *cp; - - if (my_state_is_wont(TELOPT_NAWS)) - return; - -#define PUTSHORT(cp, x) { if ((*cp++ = ((x)>>8)&0xff) == IAC) *cp++ = IAC; \ - if ((*cp++ = ((x))&0xff) == IAC) *cp++ = IAC; } - - if (TerminalWindowSize(&rows, &cols) == 0) { /* Failed */ - return; - } - - cp = tmp; - - *cp++ = IAC; - *cp++ = SB; - *cp++ = TELOPT_NAWS; - PUTSHORT(cp, cols); - PUTSHORT(cp, rows); - *cp++ = IAC; - *cp++ = SE; - if (NETROOM() >= cp - tmp) { - ring_supply_data(&netoring, tmp, cp-tmp); - printsub('>', tmp+2, cp - tmp - 2); - } -} - -void -tel_enter_binary(int rw) -{ - if (rw&1) - send_do(TELOPT_BINARY, 1); - if (rw&2) - send_will(TELOPT_BINARY, 1); -} - -void -tel_leave_binary(int rw) -{ - if (rw&1) - send_dont(TELOPT_BINARY, 1); - if (rw&2) - send_wont(TELOPT_BINARY, 1); -} diff --git a/crypto/kerberosIV/appl/telnet/telnet/telnet_locl.h b/crypto/kerberosIV/appl/telnet/telnet/telnet_locl.h deleted file mode 100644 index 0c883d611bed..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/telnet_locl.h +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: telnet_locl.h,v 1.18 1999/12/02 16:58:34 joda Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#ifdef HAVE_SIGNAL_H -#include -#endif -#include -#include -#ifdef HAVE_BSDSETJMP_H -#include -#endif - -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif - -/* termios.h *must* be included before curses.h */ -#ifdef HAVE_TERMIOS_H -#include -#endif - -#if defined(SOCKS) && defined(HAVE_CURSES_H) -#include -#endif - -#if defined(HAVE_SYS_TERMIO_H) && !defined(HAVE_TERMIOS_H) -#include -#endif - -#if defined(HAVE_TERMCAP_H) -#include -#endif - -#ifdef HAVE_FCNTL_H -#include -#endif - -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -/* not with SunOS 4 */ -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif /* HAVE_SYS_RESOURCE_H */ -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#ifdef SOCKS -#include -#endif - -#include -/* krb.h? */ - -#if defined(AUTHENTICATION) || defined(ENCRYPTION) -#include -#include -#endif -#include -#include - -#define LINEMODE -#define KLUDGELINEMODE - -#include "ring.h" -#include "externs.h" -#include "defines.h" -#include "types.h" - -/* prototypes */ - diff --git a/crypto/kerberosIV/appl/telnet/telnet/terminal.c b/crypto/kerberosIV/appl/telnet/telnet/terminal.c deleted file mode 100644 index 44043849db22..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/terminal.c +++ /dev/null @@ -1,225 +0,0 @@ -/* - * Copyright (c) 1988, 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnet_locl.h" - -RCSID("$Id: terminal.c,v 1.10 1997/12/15 19:53:06 joda Exp $"); - -Ring ttyoring, ttyiring; -unsigned char ttyobuf[2*BUFSIZ], ttyibuf[BUFSIZ]; - -int termdata; /* Debugging flag */ - -# ifndef VDISCARD -cc_t termFlushChar; -# endif -# ifndef VLNEXT -cc_t termLiteralNextChar; -# endif -# ifndef VSUSP -cc_t termSuspChar; -# endif -# ifndef VWERASE -cc_t termWerasChar; -# endif -# ifndef VREPRINT -cc_t termRprntChar; -# endif -# ifndef VSTART -cc_t termStartChar; -# endif -# ifndef VSTOP -cc_t termStopChar; -# endif -# ifndef VEOL -cc_t termForw1Char; -# endif -# ifndef VEOL2 -cc_t termForw2Char; -# endif -# ifndef VSTATUS -cc_t termAytChar; -# endif - -/* - * initialize the terminal data structures. - */ - -void -init_terminal(void) -{ - if (ring_init(&ttyoring, ttyobuf, sizeof ttyobuf) != 1) { - exit(1); - } - if (ring_init(&ttyiring, ttyibuf, sizeof ttyibuf) != 1) { - exit(1); - } - autoflush = TerminalAutoFlush(); -} - - -/* - * Send as much data as possible to the terminal. - * - * Return value: - * -1: No useful work done, data waiting to go out. - * 0: No data was waiting, so nothing was done. - * 1: All waiting data was written out. - * n: All data - n was written out. - */ - - -int -ttyflush(int drop) -{ - int n, n0, n1; - - n0 = ring_full_count(&ttyoring); - if ((n1 = n = ring_full_consecutive(&ttyoring)) > 0) { - if (drop) { - TerminalFlushOutput(); - /* we leave 'n' alone! */ - } else { - n = TerminalWrite((char *)ttyoring.consume, n); - } - } - if (n > 0) { - if (termdata && n) { - Dump('>', ttyoring.consume, n); - } - /* - * If we wrote everything, and the full count is - * larger than what we wrote, then write the - * rest of the buffer. - */ - if (n1 == n && n0 > n) { - n1 = n0 - n; - if (!drop) - n1 = TerminalWrite((char *)ttyoring.bottom, n1); - if (n1 > 0) - n += n1; - } - ring_consumed(&ttyoring, n); - } - if (n < 0) - return -1; - if (n == n0) { - if (n0) - return -1; - return 0; - } - return n0 - n + 1; -} - - -/* - * These routines decides on what the mode should be (based on the values - * of various global variables). - */ - - -int -getconnmode(void) -{ - extern int linemode; - int mode = 0; -#ifdef KLUDGELINEMODE - extern int kludgelinemode; -#endif - - if (my_want_state_is_dont(TELOPT_ECHO)) - mode |= MODE_ECHO; - - if (localflow) - mode |= MODE_FLOW; - - if ((eight & 1) || my_want_state_is_will(TELOPT_BINARY)) - mode |= MODE_INBIN; - - if (eight & 2) - mode |= MODE_OUT8; - if (his_want_state_is_will(TELOPT_BINARY)) - mode |= MODE_OUTBIN; - -#ifdef KLUDGELINEMODE - if (kludgelinemode) { - if (my_want_state_is_dont(TELOPT_SGA)) { - mode |= (MODE_TRAPSIG|MODE_EDIT); - if (dontlecho && (clocks.echotoggle > clocks.modenegotiated)) { - mode &= ~MODE_ECHO; - } - } - return(mode); - } -#endif - if (my_want_state_is_will(TELOPT_LINEMODE)) - mode |= linemode; - return(mode); -} - - void -setconnmode(force) - int force; -{ -#ifdef ENCRYPTION - static int enc_passwd = 0; -#endif - int newmode; - - newmode = getconnmode()|(force?MODE_FORCE:0); - - TerminalNewMode(newmode); - -#ifdef ENCRYPTION - if ((newmode & (MODE_ECHO|MODE_EDIT)) == MODE_EDIT) { - if (my_want_state_is_will(TELOPT_ENCRYPT) - && (enc_passwd == 0) && !encrypt_output) { - encrypt_request_start(0, 0); - enc_passwd = 1; - } - } else { - if (enc_passwd) { - encrypt_request_end(); - enc_passwd = 0; - } - } -#endif - -} - - - void -setcommandmode() -{ - TerminalNewMode(-1); -} diff --git a/crypto/kerberosIV/appl/telnet/telnet/types.h b/crypto/kerberosIV/appl/telnet/telnet/types.h deleted file mode 100644 index 191d311fd154..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/types.h +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)types.h 8.1 (Berkeley) 6/6/93 - */ - -typedef struct { - char *modedescriptions; - char modetype; -} Modelist; - -extern Modelist modelist[]; - -typedef struct { - int - system, /* what the current time is */ - echotoggle, /* last time user entered echo character */ - modenegotiated, /* last time operating mode negotiated */ - didnetreceive, /* last time we read data from network */ - gotDM; /* when did we last see a data mark */ -} Clocks; - -extern Clocks clocks; diff --git a/crypto/kerberosIV/appl/telnet/telnet/utilities.c b/crypto/kerberosIV/appl/telnet/telnet/utilities.c deleted file mode 100644 index ab281a5bf64e..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnet/utilities.c +++ /dev/null @@ -1,866 +0,0 @@ -/* - * Copyright (c) 1988, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define TELOPTS -#define TELCMDS -#define SLC_NAMES - -#include "telnet_locl.h" - -RCSID("$Id: utilities.c,v 1.22.2.1 2000/10/10 13:10:27 assar Exp $"); - -FILE *NetTrace = 0; /* Not in bss, since needs to stay */ -int prettydump; - -/* - * SetSockOpt() - * - * Compensate for differences in 4.2 and 4.3 systems. - */ - -int -SetSockOpt(int fd, int level, int option, int yesno) -{ -#ifdef HAVE_SETSOCKOPT -#ifndef NOT43 - return setsockopt(fd, level, option, - (void *)&yesno, sizeof yesno); -#else /* NOT43 */ - if (yesno == 0) { /* Can't do that in 4.2! */ - fprintf(stderr, "Error: attempt to turn off an option 0x%x.\n", - option); - return -1; - } - return setsockopt(fd, level, option, 0, 0); -#endif /* NOT43 */ -#else - return -1; -#endif -} - -/* - * The following are routines used to print out debugging information. - */ - -char NetTraceFile[256] = "(standard output)"; - -void -SetNetTrace(char *file) -{ - if (NetTrace && NetTrace != stdout) - fclose(NetTrace); - if (file && (strcmp(file, "-") != 0)) { - NetTrace = fopen(file, "w"); - if (NetTrace) { - strlcpy(NetTraceFile, file, sizeof(NetTraceFile)); - return; - } - fprintf(stderr, "Cannot open %s.\n", file); - } - NetTrace = stdout; - strlcpy(NetTraceFile, "(standard output)", sizeof(NetTraceFile)); -} - -void -Dump(char direction, unsigned char *buffer, int length) -{ -# define BYTES_PER_LINE 32 - unsigned char *pThis; - int offset; - - offset = 0; - - while (length) { - /* print one line */ - fprintf(NetTrace, "%c 0x%x\t", direction, offset); - pThis = buffer; - if (prettydump) { - buffer = buffer + min(length, BYTES_PER_LINE/2); - while (pThis < buffer) { - fprintf(NetTrace, "%c%.2x", - (((*pThis)&0xff) == 0xff) ? '*' : ' ', - (*pThis)&0xff); - pThis++; - } - length -= BYTES_PER_LINE/2; - offset += BYTES_PER_LINE/2; - } else { - buffer = buffer + min(length, BYTES_PER_LINE); - while (pThis < buffer) { - fprintf(NetTrace, "%.2x", (*pThis)&0xff); - pThis++; - } - length -= BYTES_PER_LINE; - offset += BYTES_PER_LINE; - } - if (NetTrace == stdout) { - fprintf(NetTrace, "\r\n"); - } else { - fprintf(NetTrace, "\n"); - } - if (length < 0) { - fflush(NetTrace); - return; - } - /* find next unique line */ - } - fflush(NetTrace); -} - - -void -printoption(char *direction, int cmd, int option) -{ - if (!showoptions) - return; - if (cmd == IAC) { - if (TELCMD_OK(option)) - fprintf(NetTrace, "%s IAC %s", direction, TELCMD(option)); - else - fprintf(NetTrace, "%s IAC %d", direction, option); - } else { - char *fmt; - fmt = (cmd == WILL) ? "WILL" : (cmd == WONT) ? "WONT" : - (cmd == DO) ? "DO" : (cmd == DONT) ? "DONT" : 0; - if (fmt) { - fprintf(NetTrace, "%s %s ", direction, fmt); - if (TELOPT_OK(option)) - fprintf(NetTrace, "%s", TELOPT(option)); - else if (option == TELOPT_EXOPL) - fprintf(NetTrace, "EXOPL"); - else - fprintf(NetTrace, "%d", option); - } else - fprintf(NetTrace, "%s %d %d", direction, cmd, option); - } - if (NetTrace == stdout) { - fprintf(NetTrace, "\r\n"); - fflush(NetTrace); - } else { - fprintf(NetTrace, "\n"); - } - return; -} - -void -optionstatus(void) -{ - int i; - extern char will_wont_resp[], do_dont_resp[]; - - for (i = 0; i < 256; i++) { - if (do_dont_resp[i]) { - if (TELOPT_OK(i)) - printf("resp DO_DONT %s: %d\n", TELOPT(i), do_dont_resp[i]); - else if (TELCMD_OK(i)) - printf("resp DO_DONT %s: %d\n", TELCMD(i), do_dont_resp[i]); - else - printf("resp DO_DONT %d: %d\n", i, - do_dont_resp[i]); - if (my_want_state_is_do(i)) { - if (TELOPT_OK(i)) - printf("want DO %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want DO %s\n", TELCMD(i)); - else - printf("want DO %d\n", i); - } else { - if (TELOPT_OK(i)) - printf("want DONT %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want DONT %s\n", TELCMD(i)); - else - printf("want DONT %d\n", i); - } - } else { - if (my_state_is_do(i)) { - if (TELOPT_OK(i)) - printf(" DO %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf(" DO %s\n", TELCMD(i)); - else - printf(" DO %d\n", i); - } - } - if (will_wont_resp[i]) { - if (TELOPT_OK(i)) - printf("resp WILL_WONT %s: %d\n", TELOPT(i), will_wont_resp[i]); - else if (TELCMD_OK(i)) - printf("resp WILL_WONT %s: %d\n", TELCMD(i), will_wont_resp[i]); - else - printf("resp WILL_WONT %d: %d\n", - i, will_wont_resp[i]); - if (my_want_state_is_will(i)) { - if (TELOPT_OK(i)) - printf("want WILL %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want WILL %s\n", TELCMD(i)); - else - printf("want WILL %d\n", i); - } else { - if (TELOPT_OK(i)) - printf("want WONT %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf("want WONT %s\n", TELCMD(i)); - else - printf("want WONT %d\n", i); - } - } else { - if (my_state_is_will(i)) { - if (TELOPT_OK(i)) - printf(" WILL %s\n", TELOPT(i)); - else if (TELCMD_OK(i)) - printf(" WILL %s\n", TELCMD(i)); - else - printf(" WILL %d\n", i); - } - } - } - -} - -void -printsub(int direction, unsigned char *pointer, int length) -{ - int i; - unsigned char buf[512]; - extern int want_status_response; - - if (showoptions || direction == 0 || - (want_status_response && (pointer[0] == TELOPT_STATUS))) { - if (direction) { - fprintf(NetTrace, "%s IAC SB ", - (direction == '<')? "RCVD":"SENT"); - if (length >= 3) { - int j; - - i = pointer[length-2]; - j = pointer[length-1]; - - if (i != IAC || j != SE) { - fprintf(NetTrace, "(terminated by "); - if (TELOPT_OK(i)) - fprintf(NetTrace, "%s ", TELOPT(i)); - else if (TELCMD_OK(i)) - fprintf(NetTrace, "%s ", TELCMD(i)); - else - fprintf(NetTrace, "%d ", i); - if (TELOPT_OK(j)) - fprintf(NetTrace, "%s", TELOPT(j)); - else if (TELCMD_OK(j)) - fprintf(NetTrace, "%s", TELCMD(j)); - else - fprintf(NetTrace, "%d", j); - fprintf(NetTrace, ", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { - fprintf(NetTrace, "(Empty suboption??\?)"); - if (NetTrace == stdout) - fflush(NetTrace); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: - fprintf(NetTrace, "TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND"); - break; - default: - fprintf(NetTrace, - "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - case TELOPT_TSPEED: - fprintf(NetTrace, "TERMINAL-SPEED"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, " IS "); - fprintf(NetTrace, "%.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) - fprintf(NetTrace, " SEND"); - else - fprintf(NetTrace, " %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - } - break; - - case TELOPT_LFLOW: - fprintf(NetTrace, "TOGGLE-FLOW-CONTROL"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: - fprintf(NetTrace, " OFF"); break; - case LFLOW_ON: - fprintf(NetTrace, " ON"); break; - case LFLOW_RESTART_ANY: - fprintf(NetTrace, " RESTART-ANY"); break; - case LFLOW_RESTART_XON: - fprintf(NetTrace, " RESTART-XON"); break; - default: - fprintf(NetTrace, " %d (unknown)", pointer[1]); - } - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - - case TELOPT_NAWS: - fprintf(NetTrace, "NAWS"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - if (length == 2) { - fprintf(NetTrace, " ?%d?", pointer[1]); - break; - } - fprintf(NetTrace, " %d %d (%d)", - pointer[1], pointer[2], - (int)((((unsigned int)pointer[1])<<8)|((unsigned int)pointer[2]))); - if (length == 4) { - fprintf(NetTrace, " ?%d?", pointer[3]); - break; - } - fprintf(NetTrace, " %d %d (%d)", - pointer[3], pointer[4], - (int)((((unsigned int)pointer[3])<<8)|((unsigned int)pointer[4]))); - for (i = 5; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - -#if defined(AUTHENTICATION) - case TELOPT_AUTHENTICATION: - fprintf(NetTrace, "AUTHENTICATION"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: - fprintf(NetTrace, " %s ", (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); - if (AUTHTYPE_NAME_OK(pointer[2])) - fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[2])); - else - fprintf(NetTrace, "%d ", pointer[2]); - if (length < 3) { - fprintf(NetTrace, "(partial suboption??\?)"); - break; - } - fprintf(NetTrace, "%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - fprintf(NetTrace, "%s", buf); - break; - - case TELQUAL_SEND: - i = 2; - fprintf(NetTrace, " SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) - fprintf(NetTrace, "%s ", AUTHTYPE_NAME(pointer[i])); - else - fprintf(NetTrace, "%d ", pointer[i]); - if (++i >= length) { - fprintf(NetTrace, "(partial suboption??\?)"); - break; - } - fprintf(NetTrace, "%s|%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - ++i; - } - break; - - case TELQUAL_NAME: - i = 2; - fprintf(NetTrace, " NAME \""); - while (i < length) - putc(pointer[i++], NetTrace); - putc('"', NetTrace); - break; - - default: - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - } - break; -#endif - -#if defined(ENCRYPTION) - case TELOPT_ENCRYPT: - fprintf(NetTrace, "ENCRYPT"); - if (length < 2) { - fprintf(NetTrace, " (empty suboption?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: - fprintf(NetTrace, " START"); - break; - - case ENCRYPT_END: - fprintf(NetTrace, " END"); - break; - - case ENCRYPT_REQSTART: - fprintf(NetTrace, " REQUEST-START"); - break; - - case ENCRYPT_REQEND: - fprintf(NetTrace, " REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: - fprintf(NetTrace, " %s ", (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); - if (length < 3) { - fprintf(NetTrace, " (partial suboption?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) - fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[2])); - else - fprintf(NetTrace, " %d (unknown)", pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - fprintf(NetTrace, "%s", buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; - fprintf(NetTrace, " SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) - fprintf(NetTrace, "%s ", ENCTYPE_NAME(pointer[i])); - else - fprintf(NetTrace, "%d ", pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: - fprintf(NetTrace, " ENC_KEYID "); - goto encommon; - - case ENCRYPT_DEC_KEYID: - fprintf(NetTrace, " DEC_KEYID "); - goto encommon; - - default: - fprintf(NetTrace, " %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - break; -#endif - - case TELOPT_LINEMODE: - fprintf(NetTrace, "LINEMODE "); - if (length < 2) { - fprintf(NetTrace, " (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: - fprintf(NetTrace, "WILL "); - goto common; - case WONT: - fprintf(NetTrace, "WONT "); - goto common; - case DO: - fprintf(NetTrace, "DO "); - goto common; - case DONT: - fprintf(NetTrace, "DONT "); - common: - if (length < 3) { - fprintf(NetTrace, "(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: - fprintf(NetTrace, "Forward Mask"); - for (i = 3; i < length; i++) - fprintf(NetTrace, " %x", pointer[i]); - break; - default: - fprintf(NetTrace, "%d (unknown)", pointer[2]); - for (i = 3; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - break; - - case LM_SLC: - fprintf(NetTrace, "SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) - fprintf(NetTrace, " %s", SLC_NAME(pointer[i+SLC_FUNC])); - else - fprintf(NetTrace, " %d", pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: - fprintf(NetTrace, " NOSUPPORT"); break; - case SLC_CANTCHANGE: - fprintf(NetTrace, " CANTCHANGE"); break; - case SLC_VARIABLE: - fprintf(NetTrace, " VARIABLE"); break; - case SLC_DEFAULT: - fprintf(NetTrace, " DEFAULT"); break; - } - fprintf(NetTrace, "%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) - fprintf(NetTrace, "(0x%x)", pointer[i+SLC_FLAGS]); - fprintf(NetTrace, " %d;", pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - - case LM_MODE: - fprintf(NetTrace, "MODE "); - if (length < 3) { - fprintf(NetTrace, "(no mode??\?)"); - break; - } - { - char tbuf[64]; - snprintf(tbuf, sizeof(tbuf), - "%s%s%s%s%s", - pointer[2]&MODE_EDIT ? "|EDIT" : "", - pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "", - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); - fprintf(NetTrace, "%s", tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_MASK)) - fprintf(NetTrace, " (0x%x)", pointer[2]); - for (i = 3; i < length; i++) - fprintf(NetTrace, " ?0x%x?", pointer[i]); - break; - default: - fprintf(NetTrace, "%d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - } - break; - - case TELOPT_STATUS: { - char *cp; - int j, k; - - fprintf(NetTrace, "STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) - fprintf(NetTrace, " SEND"); - else - fprintf(NetTrace, " %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) - fprintf(NetTrace, " ?%d?", pointer[i]); - break; - case TELQUAL_IS: - if (--want_status_response < 0) - want_status_response = 0; - if (NetTrace == stdout) - fprintf(NetTrace, " IS\r\n"); - else - fprintf(NetTrace, " IS\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { - case DO: cp = "DO"; goto common2; - case DONT: cp = "DONT"; goto common2; - case WILL: cp = "WILL"; goto common2; - case WONT: cp = "WONT"; goto common2; - common2: - i++; - if (TELOPT_OK((int)pointer[i])) - fprintf(NetTrace, " %s %s", cp, TELOPT(pointer[i])); - else - fprintf(NetTrace, " %s %d", cp, pointer[i]); - - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - break; - - case SB: - fprintf(NetTrace, " SB "); - i++; - j = k = i; - while (j < length) { - if (pointer[j] == SE) { - if (j+1 == length) - break; - if (pointer[j+1] == SE) - j++; - else - break; - } - pointer[k++] = pointer[j++]; - } - printsub(0, &pointer[i], k - i); - if (i < length) { - fprintf(NetTrace, " SE"); - i = j; - } else - i = j - 1; - - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - - break; - - default: - fprintf(NetTrace, " %d", pointer[i]); - break; - } - } - break; - } - break; - } - - case TELOPT_XDISPLOC: - fprintf(NetTrace, "X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS \"%.*s\"", length-2, (char *)pointer+2); - break; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND"); - break; - default: - fprintf(NetTrace, "- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - - case TELOPT_NEW_ENVIRON: - fprintf(NetTrace, "NEW-ENVIRON "); -#ifdef OLD_ENVIRON - goto env_common1; - case TELOPT_OLD_ENVIRON: - fprintf(NetTrace, "OLD-ENVIRON"); - env_common1: -#endif - switch (pointer[1]) { - case TELQUAL_IS: - fprintf(NetTrace, "IS "); - goto env_common; - case TELQUAL_SEND: - fprintf(NetTrace, "SEND "); - goto env_common; - case TELQUAL_INFO: - fprintf(NetTrace, "INFO "); - env_common: - { - int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VALUE: -#ifdef OLD_ENVIRON - /* case NEW_ENV_OVAR: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { - fprintf(NetTrace, "\" VAR " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VALUE " + noquote); - noquote = 2; - break; - - case NEW_ENV_VAR: -#ifdef OLD_ENVIRON - /* case OLD_ENV_VALUE: */ - if (pointer[0] == TELOPT_OLD_ENVIRON) { - fprintf(NetTrace, "\" VALUE " + noquote); - } else -#endif /* OLD_ENVIRON */ - fprintf(NetTrace, "\" VAR " + noquote); - noquote = 2; - break; - - case ENV_ESC: - fprintf(NetTrace, "\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: - fprintf(NetTrace, "\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { - putc('"', NetTrace); - noquote = 0; - } - putc(pointer[i], NetTrace); - } else { - fprintf(NetTrace, "\" %03o " + noquote, - pointer[i]); - noquote = 2; - } - break; - } - } - if (!noquote) - putc('"', NetTrace); - break; - } - } - break; - - default: - if (TELOPT_OK(pointer[0])) - fprintf(NetTrace, "%s (unknown)", TELOPT(pointer[0])); - else - fprintf(NetTrace, "%d (unknown)", pointer[0]); - for (i = 1; i < length; i++) - fprintf(NetTrace, " %d", pointer[i]); - break; - } - if (direction) { - if (NetTrace == stdout) - fprintf(NetTrace, "\r\n"); - else - fprintf(NetTrace, "\n"); - } - if (NetTrace == stdout) - fflush(NetTrace); - } -} - -/* EmptyTerminal - called to make sure that the terminal buffer is empty. - * Note that we consider the buffer to run all the - * way to the kernel (thus the select). - */ - -void -EmptyTerminal(void) -{ - fd_set outs; - - FD_ZERO(&outs); - - if (tout >= FD_SETSIZE) - ExitString("fd too large", 1); - - if (TTYBYTES() == 0) { - FD_SET(tout, &outs); - select(tout+1, 0, &outs, 0, - (struct timeval *) 0); /* wait for TTLOWAT */ - } else { - while (TTYBYTES()) { - ttyflush(0); - FD_SET(tout, &outs); - select(tout+1, 0, &outs, 0, - (struct timeval *) 0); /* wait for TTLOWAT */ - } - } -} - -void -SetForExit(void) -{ - setconnmode(0); - do { - telrcv(); /* Process any incoming data */ - EmptyTerminal(); - } while (ring_full_count(&netiring)); /* While there is any */ - setcommandmode(); - fflush(stdout); - fflush(stderr); - setconnmode(0); - EmptyTerminal(); /* Flush the path to the tty */ - setcommandmode(); -} - -void -Exit(int returnCode) -{ - SetForExit(); - exit(returnCode); -} - -void -ExitString(char *string, int returnCode) -{ - SetForExit(); - fwrite(string, 1, strlen(string), stderr); - exit(returnCode); -} diff --git a/crypto/kerberosIV/appl/telnet/telnetd/Makefile.am b/crypto/kerberosIV/appl/telnet/telnetd/Makefile.am deleted file mode 100644 index c2285180dac5..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/Makefile.am +++ /dev/null @@ -1,21 +0,0 @@ -# $Id: Makefile.am,v 1.12 1999/04/09 18:24:38 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += -I$(srcdir)/.. $(INCLUDE_krb4) - -libexec_PROGRAMS = telnetd - -CHECK_LOCAL = - -telnetd_SOURCES = telnetd.c state.c termstat.c slc.c sys_term.c \ - utility.c global.c authenc.c defs.h ext.h telnetd.h - -LDADD = \ - ../libtelnet/libtelnet.a \ - $(LIB_krb5) \ - $(LIB_krb4) \ - $(top_builddir)/lib/des/libdes.la \ - $(LIB_tgetent) \ - $(LIB_logwtmp) \ - $(LIB_roken) diff --git a/crypto/kerberosIV/appl/telnet/telnetd/Makefile.in b/crypto/kerberosIV/appl/telnet/telnetd/Makefile.in deleted file mode 100644 index ed42d1df1652..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/Makefile.in +++ /dev/null @@ -1,79 +0,0 @@ -# $Id: Makefile.in,v 1.38 1999/03/11 13:50:16 joda Exp $ - -srcdir = @srcdir@ -top_srcdir = @top_srcdir@ -VPATH = @srcdir@ - -top_builddir = ../../.. - -SHELL = /bin/sh - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -DBINDIR='"$(bindir)"' -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -LIBS = @LIBS@ -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -bindir = @bindir@ -libdir = @libdir@ -libexecdir = @libexecdir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROGS = telnetd$(EXECSUFFIX) - -SOURCES=telnetd.c state.c termstat.c slc.c sys_term.c \ - utility.c global.c authenc.c - -OBJECTS=telnetd.o state.o termstat.o slc.o sys_term.o \ - utility.o global.o authenc.o - -libtop = @libtop@ - -LIBKRB = -L../../../lib/krb -lkrb -LIBDES = -L../../../lib/des -ldes -LIBKAFS = @KRB_KAFS_LIB@ -LIBROKEN = -L../../../lib/roken -lroken - -KLIB=$(LIBKAFS) $(LIBKRB) $(LIBDES) - - -all: $(PROGS) - -.c.o: - $(CC) -c $(DEFS) -I../../../include -I.. -I$(srcdir)/.. -I. -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -telnetd$(EXECSUFFIX): $(OBJECTS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(OBJECTS) -L../libtelnet -ltelnet $(KLIB) $(LIBROKEN) $(LIBS) @LIB_tgetent@ $(LIBROKEN) - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -clean cleandir: - rm -f *.o *.a telnetd$(EXECSUFFIX) \#* *~ core - -distclean: clean - rm -f Makefile *~ - - -.PHONY: all install uninstall clean cleandir distclean diff --git a/crypto/kerberosIV/appl/telnet/telnetd/authenc.c b/crypto/kerberosIV/appl/telnet/telnetd/authenc.c deleted file mode 100644 index ec5f2dcc1de5..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/authenc.c +++ /dev/null @@ -1,81 +0,0 @@ -/*- - * Copyright (c) 1991, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: authenc.c,v 1.9 1999/09/05 19:14:50 assar Exp $"); - -#ifdef AUTHENTICATION - -int -telnet_net_write(unsigned char *str, int len) -{ - if (nfrontp + len < netobuf + BUFSIZ) { - memmove(nfrontp, str, len); - nfrontp += len; - return(len); - } - return(0); -} - -void -net_encrypt(void) -{ -#ifdef ENCRYPTION - char *s = (nclearto > nbackp) ? nclearto : nbackp; - if (s < nfrontp && encrypt_output) { - (*encrypt_output)((unsigned char *)s, nfrontp - s); - } - nclearto = nfrontp; -#endif -} - -int -telnet_spin(void) -{ - return ttloop(); -} - -char * -telnet_getenv(char *val) -{ - extern char *getenv(const char *); - return(getenv(val)); -} - -char * -telnet_gets(char *prompt, char *result, int length, int echo) -{ - return NULL; -} -#endif diff --git a/crypto/kerberosIV/appl/telnet/telnetd/defs.h b/crypto/kerberosIV/appl/telnet/telnetd/defs.h deleted file mode 100644 index dc3f842523be..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/defs.h +++ /dev/null @@ -1,190 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)defs.h 8.1 (Berkeley) 6/4/93 - */ - -/* - * Telnet server defines - */ - -#ifndef __DEFS_H__ -#define __DEFS_H__ - -#ifndef BSD -# define BSD 43 -#endif - -#if defined(PRINTOPTIONS) && defined(DIAGNOSTICS) -#define TELOPTS -#define TELCMDS -#define SLC_NAMES -#endif - -#if !defined(TIOCSCTTY) && defined(TCSETCTTY) -# define TIOCSCTTY TCSETCTTY -#endif - -#ifndef TIOCPKT_FLUSHWRITE -#define TIOCPKT_FLUSHWRITE 0x02 -#endif - -#ifndef TIOCPKT_NOSTOP -#define TIOCPKT_NOSTOP 0x10 -#endif - -#ifndef TIOCPKT_DOSTOP -#define TIOCPKT_DOSTOP 0x20 -#endif - -/* - * I/O data buffers defines - */ -#define NETSLOP 64 -#ifdef _CRAY -#undef BUFSIZ -#define BUFSIZ 2048 -#endif - -#define NIACCUM(c) { *netip++ = c; \ - ncc++; \ - } - -/* clock manipulations */ -#define settimer(x) (clocks.x = ++clocks.system) -#define sequenceIs(x,y) (clocks.x < clocks.y) - -/* - * Structures of information for each special character function. - */ -typedef struct { - unsigned char flag; /* the flags for this function */ - cc_t val; /* the value of the special character */ -} slcent, *Slcent; - -typedef struct { - slcent defset; /* the default settings */ - slcent current; /* the current settings */ - cc_t *sptr; /* a pointer to the char in */ - /* system data structures */ -} slcfun, *Slcfun; - -#ifdef DIAGNOSTICS -/* - * Diagnostics capabilities - */ -#define TD_REPORT 0x01 /* Report operations to client */ -#define TD_EXERCISE 0x02 /* Exercise client's implementation */ -#define TD_NETDATA 0x04 /* Display received data stream */ -#define TD_PTYDATA 0x08 /* Display data passed to pty */ -#define TD_OPTIONS 0x10 /* Report just telnet options */ -#endif /* DIAGNOSTICS */ - -/* - * We keep track of each side of the option negotiation. - */ - -#define MY_STATE_WILL 0x01 -#define MY_WANT_STATE_WILL 0x02 -#define MY_STATE_DO 0x04 -#define MY_WANT_STATE_DO 0x08 - -/* - * Macros to check the current state of things - */ - -#define my_state_is_do(opt) (options[opt]&MY_STATE_DO) -#define my_state_is_will(opt) (options[opt]&MY_STATE_WILL) -#define my_want_state_is_do(opt) (options[opt]&MY_WANT_STATE_DO) -#define my_want_state_is_will(opt) (options[opt]&MY_WANT_STATE_WILL) - -#define my_state_is_dont(opt) (!my_state_is_do(opt)) -#define my_state_is_wont(opt) (!my_state_is_will(opt)) -#define my_want_state_is_dont(opt) (!my_want_state_is_do(opt)) -#define my_want_state_is_wont(opt) (!my_want_state_is_will(opt)) - -#define set_my_state_do(opt) (options[opt] |= MY_STATE_DO) -#define set_my_state_will(opt) (options[opt] |= MY_STATE_WILL) -#define set_my_want_state_do(opt) (options[opt] |= MY_WANT_STATE_DO) -#define set_my_want_state_will(opt) (options[opt] |= MY_WANT_STATE_WILL) - -#define set_my_state_dont(opt) (options[opt] &= ~MY_STATE_DO) -#define set_my_state_wont(opt) (options[opt] &= ~MY_STATE_WILL) -#define set_my_want_state_dont(opt) (options[opt] &= ~MY_WANT_STATE_DO) -#define set_my_want_state_wont(opt) (options[opt] &= ~MY_WANT_STATE_WILL) - -/* - * Tricky code here. What we want to know is if the MY_STATE_WILL - * and MY_WANT_STATE_WILL bits have the same value. Since the two - * bits are adjacent, a little arithmatic will show that by adding - * in the lower bit, the upper bit will be set if the two bits were - * different, and clear if they were the same. - */ -#define my_will_wont_is_changing(opt) \ - ((options[opt]+MY_STATE_WILL) & MY_WANT_STATE_WILL) - -#define my_do_dont_is_changing(opt) \ - ((options[opt]+MY_STATE_DO) & MY_WANT_STATE_DO) - -/* - * Make everything symetrical - */ - -#define HIS_STATE_WILL MY_STATE_DO -#define HIS_WANT_STATE_WILL MY_WANT_STATE_DO -#define HIS_STATE_DO MY_STATE_WILL -#define HIS_WANT_STATE_DO MY_WANT_STATE_WILL - -#define his_state_is_do my_state_is_will -#define his_state_is_will my_state_is_do -#define his_want_state_is_do my_want_state_is_will -#define his_want_state_is_will my_want_state_is_do - -#define his_state_is_dont my_state_is_wont -#define his_state_is_wont my_state_is_dont -#define his_want_state_is_dont my_want_state_is_wont -#define his_want_state_is_wont my_want_state_is_dont - -#define set_his_state_do set_my_state_will -#define set_his_state_will set_my_state_do -#define set_his_want_state_do set_my_want_state_will -#define set_his_want_state_will set_my_want_state_do - -#define set_his_state_dont set_my_state_wont -#define set_his_state_wont set_my_state_dont -#define set_his_want_state_dont set_my_want_state_wont -#define set_his_want_state_wont set_my_want_state_dont - -#define his_will_wont_is_changing my_do_dont_is_changing -#define his_do_dont_is_changing my_will_wont_is_changing - -#endif /* __DEFS_H__ */ diff --git a/crypto/kerberosIV/appl/telnet/telnetd/ext.h b/crypto/kerberosIV/appl/telnet/telnetd/ext.h deleted file mode 100644 index 8f5edf17929b..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/ext.h +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)ext.h 8.2 (Berkeley) 12/15/93 - */ - -/* $Id: ext.h,v 1.19 1999/09/05 19:15:21 assar Exp $ */ - -#ifndef __EXT_H__ -#define __EXT_H__ - -/* - * Telnet server variable declarations - */ -extern char options[256]; -extern char do_dont_resp[256]; -extern char will_wont_resp[256]; -extern int flowmode; /* current flow control state */ -extern int restartany; /* restart output on any character state */ -#ifdef DIAGNOSTICS -extern int diagnostic; /* telnet diagnostic capabilities */ -#endif /* DIAGNOSTICS */ -extern int require_otp; -#ifdef AUTHENTICATION -extern int auth_level; -#endif -extern const char *new_login; - -extern slcfun slctab[NSLC + 1]; /* slc mapping table */ - -extern char *terminaltype; - -/* - * I/O data buffers, pointers, and counters. - */ -extern char ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp; - -extern char netibuf[BUFSIZ], *netip; - -extern char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; -extern char *neturg; /* one past last bye of urgent data */ - -extern int pcc, ncc; - -extern int ourpty, net; -extern char *line; -extern int SYNCHing; /* we are in TELNET SYNCH mode */ - -int telnet_net_write (unsigned char *str, int len); -void net_encrypt (void); -int telnet_spin (void); -char *telnet_getenv (char *val); -char *telnet_gets (char *prompt, char *result, int length, int echo); -void get_slc_defaults (void); -void telrcv (void); -void send_do (int option, int init); -void willoption (int option); -void send_dont (int option, int init); -void wontoption (int option); -void send_will (int option, int init); -void dooption (int option); -void send_wont (int option, int init); -void dontoption (int option); -void suboption (void); -void doclientstat (void); -void send_status (void); -void init_termbuf (void); -void set_termbuf (void); -int spcset (int func, cc_t *valp, cc_t **valpp); -void set_utid (void); -int getpty (int *ptynum); -int tty_isecho (void); -int tty_flowmode (void); -int tty_restartany (void); -void tty_setecho (int on); -int tty_israw (void); -void tty_binaryin (int on); -void tty_binaryout (int on); -int tty_isbinaryin (void); -int tty_isbinaryout (void); -int tty_issofttab (void); -void tty_setsofttab (int on); -int tty_islitecho (void); -void tty_setlitecho (int on); -int tty_iscrnl (void); -void tty_tspeed (int val); -void tty_rspeed (int val); -void getptyslave (void); -int cleanopen (char *line); -void startslave (char *host, int autologin, char *autoname); -void init_env (void); -void start_login (char *host, int autologin, char *name); -void cleanup (int sig); -int main (int argc, char **argv); -int getterminaltype (char *name, size_t); -void _gettermname (void); -int terminaltypeok (char *s); -void my_telnet (int f, int p, char*, int, char*); -void interrupt (void); -void sendbrk (void); -void sendsusp (void); -void recv_ayt (void); -void doeof (void); -void flowstat (void); -void clientstat (int code, int parm1, int parm2); -int ttloop (void); -int stilloob (int s); -void ptyflush (void); -char *nextitem (char *current); -void netclear (void); -void netflush (void); -void writenet (unsigned char *ptr, int len); -void fatal (int f, char *msg); -void fatalperror (int f, const char *msg); -void edithost (char *pat, char *host); -void putstr (char *s); -void putchr (int cc); -void putf (char *cp, char *where); -void printoption (char *fmt, int option); -void printsub (int direction, unsigned char *pointer, int length); -void printdata (char *tag, char *ptr, int cnt); -int login_tty(int t); - -#ifdef ENCRYPTION -extern void (*encrypt_output) (unsigned char *, int); -extern int (*decrypt_input) (int); -extern char *nclearto; -#endif - - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -struct clocks_t{ - int - system, /* what the current time is */ - echotoggle, /* last time user entered echo character */ - modenegotiated, /* last time operating mode negotiated */ - didnetreceive, /* last time we read data from network */ - ttypesubopt, /* ttype subopt is received */ - tspeedsubopt, /* tspeed subopt is received */ - environsubopt, /* environ subopt is received */ - oenvironsubopt, /* old environ subopt is received */ - xdisplocsubopt, /* xdisploc subopt is received */ - baseline, /* time started to do timed action */ - gotDM; /* when did we last see a data mark */ -}; -extern struct clocks_t clocks; - -extern int log_unauth; -extern int no_warn; - -#ifdef STREAMSPTY -extern int really_stream; -#endif - -#ifndef USE_IM -# ifdef CRAY -# define USE_IM "Cray UNICOS (%h) (%t)" -# endif -# ifdef _AIX -# define USE_IM "%s %v.%r (%h) (%t)" -# endif -# ifndef USE_IM -# define USE_IM "%s %r (%h) (%t)" -# endif -#endif - -#define DEFAULT_IM "\r\n\r\n" USE_IM "\r\n\r\n\r\n" - -#endif /* __EXT_H__ */ diff --git a/crypto/kerberosIV/appl/telnet/telnetd/global.c b/crypto/kerberosIV/appl/telnet/telnetd/global.c deleted file mode 100644 index 275cb45f16bf..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/global.c +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* a *lot* of ugly global definitions that really should be removed... - */ - -#include "telnetd.h" - -RCSID("$Id: global.c,v 1.12 1997/05/11 06:29:59 assar Exp $"); - -/* - * Telnet server variable declarations - */ -char options[256]; -char do_dont_resp[256]; -char will_wont_resp[256]; -int linemode; /* linemode on/off */ -int flowmode; /* current flow control state */ -int restartany; /* restart output on any character state */ -#ifdef DIAGNOSTICS -int diagnostic; /* telnet diagnostic capabilities */ -#endif /* DIAGNOSTICS */ -int require_otp; - -slcfun slctab[NSLC + 1]; /* slc mapping table */ - -char *terminaltype; - -/* - * I/O data buffers, pointers, and counters. - */ -char ptyobuf[BUFSIZ+NETSLOP], *pfrontp, *pbackp; - -char netibuf[BUFSIZ], *netip; - -char netobuf[BUFSIZ+NETSLOP], *nfrontp, *nbackp; -char *neturg; /* one past last bye of urgent data */ - -int pcc, ncc; - -int ourpty, net; -int SYNCHing; /* we are in TELNET SYNCH mode */ - -/* - * The following are some clocks used to decide how to interpret - * the relationship between various variables. - */ - -struct clocks_t clocks; - - -/* whether to log unauthenticated login attempts */ -int log_unauth; - -/* do not print warning if connection is not encrypted */ -int no_warn; - -/* - * This function appends data to nfrontp and advances nfrontp. - */ - -int -output_data (const char *format, ...) -{ - va_list args; - size_t remaining, ret; - - va_start(args, format); - remaining = BUFSIZ - (nfrontp - netobuf); - ret = vsnprintf (nfrontp, - remaining, - format, - args); - nfrontp += ret; - va_end(args); - return ret; -} diff --git a/crypto/kerberosIV/appl/telnet/telnetd/slc.c b/crypto/kerberosIV/appl/telnet/telnetd/slc.c deleted file mode 100644 index 799d2d807c20..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/slc.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: slc.c,v 1.10 1997/05/11 06:30:00 assar Exp $"); - -/* - * get_slc_defaults - * - * Initialize the slc mapping table. - */ -void -get_slc_defaults(void) -{ - int i; - - init_termbuf(); - - for (i = 1; i <= NSLC; i++) { - slctab[i].defset.flag = - spcset(i, &slctab[i].defset.val, &slctab[i].sptr); - slctab[i].current.flag = SLC_NOSUPPORT; - slctab[i].current.val = 0; - } - -} diff --git a/crypto/kerberosIV/appl/telnet/telnetd/state.c b/crypto/kerberosIV/appl/telnet/telnetd/state.c deleted file mode 100644 index 80b90ea2d309..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/state.c +++ /dev/null @@ -1,1356 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: state.c,v 1.13 1999/05/13 23:12:50 assar Exp $"); - -unsigned char doopt[] = { IAC, DO, '%', 'c', 0 }; -unsigned char dont[] = { IAC, DONT, '%', 'c', 0 }; -unsigned char will[] = { IAC, WILL, '%', 'c', 0 }; -unsigned char wont[] = { IAC, WONT, '%', 'c', 0 }; -int not42 = 1; - -/* - * Buffer for sub-options, and macros - * for suboptions buffer manipulations - */ -unsigned char subbuffer[2048], *subpointer= subbuffer, *subend= subbuffer; - -#define SB_CLEAR() subpointer = subbuffer -#define SB_TERM() { subend = subpointer; SB_CLEAR(); } -#define SB_ACCUM(c) if (subpointer < (subbuffer+sizeof subbuffer)) { \ - *subpointer++ = (c); \ - } -#define SB_GET() ((*subpointer++)&0xff) -#define SB_EOF() (subpointer >= subend) -#define SB_LEN() (subend - subpointer) - -#ifdef ENV_HACK -unsigned char *subsave; -#define SB_SAVE() subsave = subpointer; -#define SB_RESTORE() subpointer = subsave; -#endif - - -/* - * State for recv fsm - */ -#define TS_DATA 0 /* base state */ -#define TS_IAC 1 /* look for double IAC's */ -#define TS_CR 2 /* CR-LF ->'s CR */ -#define TS_SB 3 /* throw away begin's... */ -#define TS_SE 4 /* ...end's (suboption negotiation) */ -#define TS_WILL 5 /* will option negotiation */ -#define TS_WONT 6 /* wont -''- */ -#define TS_DO 7 /* do -''- */ -#define TS_DONT 8 /* dont -''- */ - -void -telrcv(void) -{ - int c; - static int state = TS_DATA; - - while (ncc > 0) { - if ((&ptyobuf[BUFSIZ] - pfrontp) < 2) - break; - c = *netip++ & 0377, ncc--; -#ifdef ENCRYPTION - if (decrypt_input) - c = (*decrypt_input)(c); -#endif - switch (state) { - - case TS_CR: - state = TS_DATA; - /* Strip off \n or \0 after a \r */ - if ((c == 0) || (c == '\n')) { - break; - } - /* FALL THROUGH */ - - case TS_DATA: - if (c == IAC) { - state = TS_IAC; - break; - } - /* - * We now map \r\n ==> \r for pragmatic reasons. - * Many client implementations send \r\n when - * the user hits the CarriageReturn key. - * - * We USED to map \r\n ==> \n, since \r\n says - * that we want to be in column 1 of the next - * printable line, and \n is the standard - * unix way of saying that (\r is only good - * if CRMOD is set, which it normally is). - */ - if ((c == '\r') && his_state_is_wont(TELOPT_BINARY)) { - int nc = *netip; -#ifdef ENCRYPTION - if (decrypt_input) - nc = (*decrypt_input)(nc & 0xff); -#endif - { -#ifdef ENCRYPTION - if (decrypt_input) - (void)(*decrypt_input)(-1); -#endif - state = TS_CR; - } - } - *pfrontp++ = c; - break; - - case TS_IAC: - gotiac: switch (c) { - - /* - * Send the process on the pty side an - * interrupt. Do this with a NULL or - * interrupt char; depending on the tty mode. - */ - case IP: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - interrupt(); - break; - - case BREAK: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - sendbrk(); - break; - - /* - * Are You There? - */ - case AYT: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - recv_ayt(); - break; - - /* - * Abort Output - */ - case AO: - { - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - ptyflush(); /* half-hearted */ - init_termbuf(); - - if (slctab[SLC_AO].sptr && - *slctab[SLC_AO].sptr != (cc_t)(_POSIX_VDISABLE)) { - *pfrontp++ = - (unsigned char)*slctab[SLC_AO].sptr; - } - - netclear(); /* clear buffer back */ - output_data ("%c%c", IAC, DM); - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); - break; - } - - /* - * Erase Character and - * Erase Line - */ - case EC: - case EL: - { - cc_t ch; - - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - ptyflush(); /* half-hearted */ - init_termbuf(); - if (c == EC) - ch = *slctab[SLC_EC].sptr; - else - ch = *slctab[SLC_EL].sptr; - if (ch != (cc_t)(_POSIX_VDISABLE)) - *pfrontp++ = (unsigned char)ch; - break; - } - - /* - * Check for urgent data... - */ - case DM: - DIAG(TD_OPTIONS, - printoption("td: recv IAC", c)); - SYNCHing = stilloob(net); - settimer(gotDM); - break; - - - /* - * Begin option subnegotiation... - */ - case SB: - state = TS_SB; - SB_CLEAR(); - continue; - - case WILL: - state = TS_WILL; - continue; - - case WONT: - state = TS_WONT; - continue; - - case DO: - state = TS_DO; - continue; - - case DONT: - state = TS_DONT; - continue; - case EOR: - if (his_state_is_will(TELOPT_EOR)) - doeof(); - break; - - /* - * Handle RFC 10xx Telnet linemode option additions - * to command stream (EOF, SUSP, ABORT). - */ - case xEOF: - doeof(); - break; - - case SUSP: - sendsusp(); - break; - - case ABORT: - sendbrk(); - break; - - case IAC: - *pfrontp++ = c; - break; - } - state = TS_DATA; - break; - - case TS_SB: - if (c == IAC) { - state = TS_SE; - } else { - SB_ACCUM(c); - } - break; - - case TS_SE: - if (c != SE) { - if (c != IAC) { - /* - * bad form of suboption negotiation. - * handle it in such a way as to avoid - * damage to local state. Parse - * suboption buffer found so far, - * then treat remaining stream as - * another command sequence. - */ - - /* for DIAGNOSTICS */ - SB_ACCUM(IAC); - SB_ACCUM(c); - subpointer -= 2; - - SB_TERM(); - suboption(); - state = TS_IAC; - goto gotiac; - } - SB_ACCUM(c); - state = TS_SB; - } else { - /* for DIAGNOSTICS */ - SB_ACCUM(IAC); - SB_ACCUM(SE); - subpointer -= 2; - - SB_TERM(); - suboption(); /* handle sub-option */ - state = TS_DATA; - } - break; - - case TS_WILL: - willoption(c); - state = TS_DATA; - continue; - - case TS_WONT: - wontoption(c); - if (c==TELOPT_ENCRYPT && his_do_dont_is_changing(TELOPT_ENCRYPT) ) - dontoption(c); - state = TS_DATA; - continue; - - case TS_DO: - dooption(c); - state = TS_DATA; - continue; - - case TS_DONT: - dontoption(c); - state = TS_DATA; - continue; - - default: - syslog(LOG_ERR, "telnetd: panic state=%d\n", state); - printf("telnetd: panic state=%d\n", state); - exit(1); - } - } -} /* end of telrcv */ - -/* - * The will/wont/do/dont state machines are based on Dave Borman's - * Telnet option processing state machine. - * - * These correspond to the following states: - * my_state = the last negotiated state - * want_state = what I want the state to go to - * want_resp = how many requests I have sent - * All state defaults are negative, and resp defaults to 0. - * - * When initiating a request to change state to new_state: - * - * if ((want_resp == 0 && new_state == my_state) || want_state == new_state) { - * do nothing; - * } else { - * want_state = new_state; - * send new_state; - * want_resp++; - * } - * - * When receiving new_state: - * - * if (want_resp) { - * want_resp--; - * if (want_resp && (new_state == my_state)) - * want_resp--; - * } - * if ((want_resp == 0) && (new_state != want_state)) { - * if (ok_to_switch_to new_state) - * want_state = new_state; - * else - * want_resp++; - * send want_state; - * } - * my_state = new_state; - * - * Note that new_state is implied in these functions by the function itself. - * will and do imply positive new_state, wont and dont imply negative. - * - * Finally, there is one catch. If we send a negative response to a - * positive request, my_state will be the positive while want_state will - * remain negative. my_state will revert to negative when the negative - * acknowlegment arrives from the peer. Thus, my_state generally tells - * us not only the last negotiated state, but also tells us what the peer - * wants to be doing as well. It is important to understand this difference - * as we may wish to be processing data streams based on our desired state - * (want_state) or based on what the peer thinks the state is (my_state). - * - * This all works fine because if the peer sends a positive request, the data - * that we receive prior to negative acknowlegment will probably be affected - * by the positive state, and we can process it as such (if we can; if we - * can't then it really doesn't matter). If it is that important, then the - * peer probably should be buffering until this option state negotiation - * is complete. - * - */ -void -send_do(int option, int init) -{ - if (init) { - if ((do_dont_resp[option] == 0 && his_state_is_will(option)) || - his_want_state_is_will(option)) - return; - /* - * Special case for TELOPT_TM: We send a DO, but pretend - * that we sent a DONT, so that we can send more DOs if - * we want to. - */ - if (option == TELOPT_TM) - set_his_want_state_wont(option); - else - set_his_want_state_will(option); - do_dont_resp[option]++; - } - output_data((const char *)doopt, option); - - DIAG(TD_OPTIONS, printoption("td: send do", option)); -} - -#ifdef AUTHENTICATION -extern void auth_request(void); -#endif -#ifdef ENCRYPTION -extern void encrypt_send_support(); -#endif - -void -willoption(int option) -{ - int changeok = 0; - void (*func)() = 0; - - /* - * process input from peer. - */ - - DIAG(TD_OPTIONS, printoption("td: recv will", option)); - - if (do_dont_resp[option]) { - do_dont_resp[option]--; - if (do_dont_resp[option] && his_state_is_will(option)) - do_dont_resp[option]--; - } - if (do_dont_resp[option] == 0) { - if (his_want_state_is_wont(option)) { - switch (option) { - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryin(1); - set_termbuf(); - changeok++; - break; - - case TELOPT_ECHO: - /* - * See comments below for more info. - */ - not42 = 0; /* looks like a 4.2 system */ - break; - - case TELOPT_TM: - /* - * We never respond to a WILL TM, and - * we leave the state WONT. - */ - return; - - case TELOPT_LFLOW: - /* - * If we are going to support flow control - * option, then don't worry peer that we can't - * change the flow control characters. - */ - slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XON].defset.flag |= SLC_DEFAULT; - slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XOFF].defset.flag |= SLC_DEFAULT; - case TELOPT_TTYPE: - case TELOPT_SGA: - case TELOPT_NAWS: - case TELOPT_TSPEED: - case TELOPT_XDISPLOC: - case TELOPT_NEW_ENVIRON: - case TELOPT_OLD_ENVIRON: - changeok++; - break; - - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - func = auth_request; - changeok++; - break; -#endif - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - func = encrypt_send_support; - changeok++; - break; -#endif - - default: - break; - } - if (changeok) { - set_his_want_state_will(option); - send_do(option, 0); - } else { - do_dont_resp[option]++; - send_dont(option, 0); - } - } else { - /* - * Option processing that should happen when - * we receive conformation of a change in - * state that we had requested. - */ - switch (option) { - case TELOPT_ECHO: - not42 = 0; /* looks like a 4.2 system */ - /* - * Egads, he responded "WILL ECHO". Turn - * it off right now! - */ - send_dont(option, 1); - /* - * "WILL ECHO". Kludge upon kludge! - * A 4.2 client is now echoing user input at - * the tty. This is probably undesireable and - * it should be stopped. The client will - * respond WONT TM to the DO TM that we send to - * check for kludge linemode. When the WONT TM - * arrives, linemode will be turned off and a - * change propogated to the pty. This change - * will cause us to process the new pty state - * in localstat(), which will notice that - * linemode is off and send a WILL ECHO - * so that we are properly in character mode and - * all is well. - */ - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - func = auth_request; - break; -#endif - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - func = encrypt_send_support; - break; -#endif - - case TELOPT_LFLOW: - func = flowstat; - break; - } - } - } - set_his_state_will(option); - if (func) - (*func)(); -} /* end of willoption */ - -void -send_dont(int option, int init) -{ - if (init) { - if ((do_dont_resp[option] == 0 && his_state_is_wont(option)) || - his_want_state_is_wont(option)) - return; - set_his_want_state_wont(option); - do_dont_resp[option]++; - } - output_data((const char *)dont, option); - - DIAG(TD_OPTIONS, printoption("td: send dont", option)); -} - -void -wontoption(int option) -{ - /* - * Process client input. - */ - - DIAG(TD_OPTIONS, printoption("td: recv wont", option)); - - if (do_dont_resp[option]) { - do_dont_resp[option]--; - if (do_dont_resp[option] && his_state_is_wont(option)) - do_dont_resp[option]--; - } - if (do_dont_resp[option] == 0) { - if (his_want_state_is_will(option)) { - /* it is always ok to change to negative state */ - switch (option) { - case TELOPT_ECHO: - not42 = 1; /* doesn't seem to be a 4.2 system */ - break; - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryin(0); - set_termbuf(); - break; - - case TELOPT_TM: - /* - * If we get a WONT TM, and had sent a DO TM, - * don't respond with a DONT TM, just leave it - * as is. Short circut the state machine to - * achive this. - */ - set_his_want_state_wont(TELOPT_TM); - return; - - case TELOPT_LFLOW: - /* - * If we are not going to support flow control - * option, then let peer know that we can't - * change the flow control characters. - */ - slctab[SLC_XON].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XON].defset.flag |= SLC_CANTCHANGE; - slctab[SLC_XOFF].defset.flag &= ~SLC_LEVELBITS; - slctab[SLC_XOFF].defset.flag |= SLC_CANTCHANGE; - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); - break; -#endif - - /* - * For options that we might spin waiting for - * sub-negotiation, if the client turns off the - * option rather than responding to the request, - * we have to treat it here as if we got a response - * to the sub-negotiation, (by updating the timers) - * so that we'll break out of the loop. - */ - case TELOPT_TTYPE: - settimer(ttypesubopt); - break; - - case TELOPT_TSPEED: - settimer(tspeedsubopt); - break; - - case TELOPT_XDISPLOC: - settimer(xdisplocsubopt); - break; - - case TELOPT_OLD_ENVIRON: - settimer(oenvironsubopt); - break; - - case TELOPT_NEW_ENVIRON: - settimer(environsubopt); - break; - - default: - break; - } - set_his_want_state_wont(option); - if (his_state_is_will(option)) - send_dont(option, 0); - } else { - switch (option) { - case TELOPT_TM: - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - auth_finished(0, AUTH_REJECT); - break; -#endif - default: - break; - } - } - } - set_his_state_wont(option); - -} /* end of wontoption */ - -void -send_will(int option, int init) -{ - if (init) { - if ((will_wont_resp[option] == 0 && my_state_is_will(option))|| - my_want_state_is_will(option)) - return; - set_my_want_state_will(option); - will_wont_resp[option]++; - } - output_data ((const char *)will, option); - - DIAG(TD_OPTIONS, printoption("td: send will", option)); -} - -/* - * When we get a DONT SGA, we will try once to turn it - * back on. If the other side responds DONT SGA, we - * leave it at that. This is so that when we talk to - * clients that understand KLUDGELINEMODE but not LINEMODE, - * we'll keep them in char-at-a-time mode. - */ -int turn_on_sga = 0; - -void -dooption(int option) -{ - int changeok = 0; - - /* - * Process client input. - */ - - DIAG(TD_OPTIONS, printoption("td: recv do", option)); - - if (will_wont_resp[option]) { - will_wont_resp[option]--; - if (will_wont_resp[option] && my_state_is_will(option)) - will_wont_resp[option]--; - } - if ((will_wont_resp[option] == 0) && (my_want_state_is_wont(option))) { - switch (option) { - case TELOPT_ECHO: - { - init_termbuf(); - tty_setecho(1); - set_termbuf(); - } - changeok++; - break; - - case TELOPT_BINARY: - init_termbuf(); - tty_binaryout(1); - set_termbuf(); - changeok++; - break; - - case TELOPT_SGA: - turn_on_sga = 0; - changeok++; - break; - - case TELOPT_STATUS: - changeok++; - break; - - case TELOPT_TM: - /* - * Special case for TM. We send a WILL, but - * pretend we sent a WONT. - */ - send_will(option, 0); - set_my_want_state_wont(option); - set_my_state_wont(option); - return; - - case TELOPT_LOGOUT: - /* - * When we get a LOGOUT option, respond - * with a WILL LOGOUT, make sure that - * it gets written out to the network, - * and then just go away... - */ - set_my_want_state_will(TELOPT_LOGOUT); - send_will(TELOPT_LOGOUT, 0); - set_my_state_will(TELOPT_LOGOUT); - netflush(); - cleanup(0); - /* NOT REACHED */ - break; - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - changeok++; - break; -#endif - case TELOPT_LINEMODE: - case TELOPT_TTYPE: - case TELOPT_NAWS: - case TELOPT_TSPEED: - case TELOPT_LFLOW: - case TELOPT_XDISPLOC: -#ifdef TELOPT_ENVIRON - case TELOPT_NEW_ENVIRON: -#endif - case TELOPT_OLD_ENVIRON: - default: - break; - } - if (changeok) { - set_my_want_state_will(option); - send_will(option, 0); - } else { - will_wont_resp[option]++; - send_wont(option, 0); - } - } - set_my_state_will(option); - -} /* end of dooption */ - -void -send_wont(int option, int init) -{ - if (init) { - if ((will_wont_resp[option] == 0 && my_state_is_wont(option)) || - my_want_state_is_wont(option)) - return; - set_my_want_state_wont(option); - will_wont_resp[option]++; - } - output_data ((const char *)wont, option); - - DIAG(TD_OPTIONS, printoption("td: send wont", option)); -} - -void -dontoption(int option) -{ - /* - * Process client input. - */ - - - DIAG(TD_OPTIONS, printoption("td: recv dont", option)); - - if (will_wont_resp[option]) { - will_wont_resp[option]--; - if (will_wont_resp[option] && my_state_is_wont(option)) - will_wont_resp[option]--; - } - if ((will_wont_resp[option] == 0) && (my_want_state_is_will(option))) { - switch (option) { - case TELOPT_BINARY: - init_termbuf(); - tty_binaryout(0); - set_termbuf(); - break; - - case TELOPT_ECHO: /* we should stop echoing */ - { - init_termbuf(); - tty_setecho(0); - set_termbuf(); - } - break; - - case TELOPT_SGA: - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - set_my_state_wont(option); - if (turn_on_sga ^= 1) - send_will(option, 1); - return; - - default: - break; - } - - set_my_want_state_wont(option); - if (my_state_is_will(option)) - send_wont(option, 0); - } - set_my_state_wont(option); - -} /* end of dontoption */ - -#ifdef ENV_HACK -int env_ovar = -1; -int env_ovalue = -1; -#else /* ENV_HACK */ -# define env_ovar OLD_ENV_VAR -# define env_ovalue OLD_ENV_VALUE -#endif /* ENV_HACK */ - -/* - * suboption() - * - * Look at the sub-option buffer, and try to be helpful to the other - * side. - * - * Currently we recognize: - * - * Terminal type is - * Linemode - * Window size - * Terminal speed - */ -void -suboption(void) -{ - int subchar; - - DIAG(TD_OPTIONS, {netflush(); printsub('<', subpointer, SB_LEN()+2);}); - - subchar = SB_GET(); - switch (subchar) { - case TELOPT_TSPEED: { - int xspeed, rspeed; - - if (his_state_is_wont(TELOPT_TSPEED)) /* Ignore if option disabled */ - break; - - settimer(tspeedsubopt); - - if (SB_EOF() || SB_GET() != TELQUAL_IS) - return; - - xspeed = atoi((char *)subpointer); - - while (SB_GET() != ',' && !SB_EOF()); - if (SB_EOF()) - return; - - rspeed = atoi((char *)subpointer); - clientstat(TELOPT_TSPEED, xspeed, rspeed); - - break; - - } /* end of case TELOPT_TSPEED */ - - case TELOPT_TTYPE: { /* Yaaaay! */ - static char terminalname[41]; - - if (his_state_is_wont(TELOPT_TTYPE)) /* Ignore if option disabled */ - break; - settimer(ttypesubopt); - - if (SB_EOF() || SB_GET() != TELQUAL_IS) { - return; /* ??? XXX but, this is the most robust */ - } - - terminaltype = terminalname; - - while ((terminaltype < (terminalname + sizeof terminalname-1)) && - !SB_EOF()) { - int c; - - c = SB_GET(); - if (isupper(c)) { - c = tolower(c); - } - *terminaltype++ = c; /* accumulate name */ - } - *terminaltype = 0; - terminaltype = terminalname; - break; - } /* end of case TELOPT_TTYPE */ - - case TELOPT_NAWS: { - int xwinsize, ywinsize; - - if (his_state_is_wont(TELOPT_NAWS)) /* Ignore if option disabled */ - break; - - if (SB_EOF()) - return; - xwinsize = SB_GET() << 8; - if (SB_EOF()) - return; - xwinsize |= SB_GET(); - if (SB_EOF()) - return; - ywinsize = SB_GET() << 8; - if (SB_EOF()) - return; - ywinsize |= SB_GET(); - clientstat(TELOPT_NAWS, xwinsize, ywinsize); - - break; - - } /* end of case TELOPT_NAWS */ - - case TELOPT_STATUS: { - int mode; - - if (SB_EOF()) - break; - mode = SB_GET(); - switch (mode) { - case TELQUAL_SEND: - if (my_state_is_will(TELOPT_STATUS)) - send_status(); - break; - - case TELQUAL_IS: - break; - - default: - break; - } - break; - } /* end of case TELOPT_STATUS */ - - case TELOPT_XDISPLOC: { - if (SB_EOF() || SB_GET() != TELQUAL_IS) - return; - settimer(xdisplocsubopt); - subpointer[SB_LEN()] = '\0'; - setenv("DISPLAY", (char *)subpointer, 1); - break; - } /* end of case TELOPT_XDISPLOC */ - -#ifdef TELOPT_NEW_ENVIRON - case TELOPT_NEW_ENVIRON: -#endif - case TELOPT_OLD_ENVIRON: { - int c; - char *cp, *varp, *valp; - - if (SB_EOF()) - return; - c = SB_GET(); - if (c == TELQUAL_IS) { - if (subchar == TELOPT_OLD_ENVIRON) - settimer(oenvironsubopt); - else - settimer(environsubopt); - } else if (c != TELQUAL_INFO) { - return; - } - -#ifdef TELOPT_NEW_ENVIRON - if (subchar == TELOPT_NEW_ENVIRON) { - while (!SB_EOF()) { - c = SB_GET(); - if ((c == NEW_ENV_VAR) || (c == ENV_USERVAR)) - break; - } - } else -#endif - { -#ifdef ENV_HACK - /* - * We only want to do this if we haven't already decided - * whether or not the other side has its VALUE and VAR - * reversed. - */ - if (env_ovar < 0) { - int last = -1; /* invalid value */ - int empty = 0; - int got_var = 0, got_value = 0, got_uservar = 0; - - /* - * The other side might have its VALUE and VAR values - * reversed. To be interoperable, we need to determine - * which way it is. If the first recognized character - * is a VAR or VALUE, then that will tell us what - * type of client it is. If the fist recognized - * character is a USERVAR, then we continue scanning - * the suboption looking for two consecutive - * VAR or VALUE fields. We should not get two - * consecutive VALUE fields, so finding two - * consecutive VALUE or VAR fields will tell us - * what the client is. - */ - SB_SAVE(); - while (!SB_EOF()) { - c = SB_GET(); - switch(c) { - case OLD_ENV_VAR: - if (last < 0 || last == OLD_ENV_VAR - || (empty && (last == OLD_ENV_VALUE))) - goto env_ovar_ok; - got_var++; - last = OLD_ENV_VAR; - break; - case OLD_ENV_VALUE: - if (last < 0 || last == OLD_ENV_VALUE - || (empty && (last == OLD_ENV_VAR))) - goto env_ovar_wrong; - got_value++; - last = OLD_ENV_VALUE; - break; - case ENV_USERVAR: - /* count strings of USERVAR as one */ - if (last != ENV_USERVAR) - got_uservar++; - if (empty) { - if (last == OLD_ENV_VALUE) - goto env_ovar_ok; - if (last == OLD_ENV_VAR) - goto env_ovar_wrong; - } - last = ENV_USERVAR; - break; - case ENV_ESC: - if (!SB_EOF()) - c = SB_GET(); - /* FALL THROUGH */ - default: - empty = 0; - continue; - } - empty = 1; - } - if (empty) { - if (last == OLD_ENV_VALUE) - goto env_ovar_ok; - if (last == OLD_ENV_VAR) - goto env_ovar_wrong; - } - /* - * Ok, the first thing was a USERVAR, and there - * are not two consecutive VAR or VALUE commands, - * and none of the VAR or VALUE commands are empty. - * If the client has sent us a well-formed option, - * then the number of VALUEs received should always - * be less than or equal to the number of VARs and - * USERVARs received. - * - * If we got exactly as many VALUEs as VARs and - * USERVARs, the client has the same definitions. - * - * If we got exactly as many VARs as VALUEs and - * USERVARS, the client has reversed definitions. - */ - if (got_uservar + got_var == got_value) { - env_ovar_ok: - env_ovar = OLD_ENV_VAR; - env_ovalue = OLD_ENV_VALUE; - } else if (got_uservar + got_value == got_var) { - env_ovar_wrong: - env_ovar = OLD_ENV_VALUE; - env_ovalue = OLD_ENV_VAR; - DIAG(TD_OPTIONS, { - output_data("ENVIRON VALUE and VAR are reversed!\r\n"); - }); - - } - } - SB_RESTORE(); -#endif - - while (!SB_EOF()) { - c = SB_GET(); - if ((c == env_ovar) || (c == ENV_USERVAR)) - break; - } - } - - if (SB_EOF()) - return; - - cp = varp = (char *)subpointer; - valp = 0; - - while (!SB_EOF()) { - c = SB_GET(); - if (subchar == TELOPT_OLD_ENVIRON) { - if (c == env_ovar) - c = NEW_ENV_VAR; - else if (c == env_ovalue) - c = NEW_ENV_VALUE; - } - switch (c) { - - case NEW_ENV_VALUE: - *cp = '\0'; - cp = valp = (char *)subpointer; - break; - - case NEW_ENV_VAR: - case ENV_USERVAR: - *cp = '\0'; - if (valp) - setenv(varp, valp, 1); - else - unsetenv(varp); - cp = varp = (char *)subpointer; - valp = 0; - break; - - case ENV_ESC: - if (SB_EOF()) - break; - c = SB_GET(); - /* FALL THROUGH */ - default: - *cp++ = c; - break; - } - } - *cp = '\0'; - if (valp) - setenv(varp, valp, 1); - else - unsetenv(varp); - break; - } /* end of case TELOPT_NEW_ENVIRON */ -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - if (SB_EOF()) - break; - switch(SB_GET()) { - case TELQUAL_SEND: - case TELQUAL_REPLY: - /* - * These are sent by us and cannot be sent by - * the client. - */ - break; - case TELQUAL_IS: - auth_is(subpointer, SB_LEN()); - break; - case TELQUAL_NAME: - auth_name(subpointer, SB_LEN()); - break; - } - break; -#endif -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - if (SB_EOF()) - break; - switch(SB_GET()) { - case ENCRYPT_SUPPORT: - encrypt_support(subpointer, SB_LEN()); - break; - case ENCRYPT_IS: - encrypt_is(subpointer, SB_LEN()); - break; - case ENCRYPT_REPLY: - encrypt_reply(subpointer, SB_LEN()); - break; - case ENCRYPT_START: - encrypt_start(subpointer, SB_LEN()); - break; - case ENCRYPT_END: - encrypt_end(); - break; - case ENCRYPT_REQSTART: - encrypt_request_start(subpointer, SB_LEN()); - break; - case ENCRYPT_REQEND: - /* - * We can always send an REQEND so that we cannot - * get stuck encrypting. We should only get this - * if we have been able to get in the correct mode - * anyhow. - */ - encrypt_request_end(); - break; - case ENCRYPT_ENC_KEYID: - encrypt_enc_keyid(subpointer, SB_LEN()); - break; - case ENCRYPT_DEC_KEYID: - encrypt_dec_keyid(subpointer, SB_LEN()); - break; - default: - break; - } - break; -#endif - - default: - break; - } /* end of switch */ - -} /* end of suboption */ - -void -doclientstat(void) -{ - clientstat(TELOPT_LINEMODE, WILL, 0); -} - -#define ADD(c) *ncp++ = c -#define ADD_DATA(c) { *ncp++ = c; if (c == SE || c == IAC) *ncp++ = c; } - -void -send_status(void) -{ - unsigned char statusbuf[256]; - unsigned char *ncp; - unsigned char i; - - ncp = statusbuf; - - netflush(); /* get rid of anything waiting to go out */ - - ADD(IAC); - ADD(SB); - ADD(TELOPT_STATUS); - ADD(TELQUAL_IS); - - /* - * We check the want_state rather than the current state, - * because if we received a DO/WILL for an option that we - * don't support, and the other side didn't send a DONT/WONT - * in response to our WONT/DONT, then the "state" will be - * WILL/DO, and the "want_state" will be WONT/DONT. We - * need to go by the latter. - */ - for (i = 0; i < (unsigned char)NTELOPTS; i++) { - if (my_want_state_is_will(i)) { - ADD(WILL); - ADD_DATA(i); - } - if (his_want_state_is_will(i)) { - ADD(DO); - ADD_DATA(i); - } - } - - if (his_want_state_is_will(TELOPT_LFLOW)) { - ADD(SB); - ADD(TELOPT_LFLOW); - if (flowmode) { - ADD(LFLOW_ON); - } else { - ADD(LFLOW_OFF); - } - ADD(SE); - - if (restartany >= 0) { - ADD(SB); - ADD(TELOPT_LFLOW); - if (restartany) { - ADD(LFLOW_RESTART_ANY); - } else { - ADD(LFLOW_RESTART_XON); - } - ADD(SE); - } - } - - - ADD(IAC); - ADD(SE); - - writenet(statusbuf, ncp - statusbuf); - netflush(); /* Send it on its way */ - - DIAG(TD_OPTIONS, - {printsub('>', statusbuf, ncp - statusbuf); netflush();}); -} diff --git a/crypto/kerberosIV/appl/telnet/telnetd/sys_term.c b/crypto/kerberosIV/appl/telnet/telnetd/sys_term.c deleted file mode 100644 index 2477c42fd1d8..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/sys_term.c +++ /dev/null @@ -1,1893 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: sys_term.c,v 1.89.2.6 2000/12/08 23:34:05 assar Exp $"); - -#if defined(_CRAY) || (defined(__hpux) && !defined(HAVE_UTMPX_H)) -# define PARENT_DOES_UTMP -#endif - -#ifdef HAVE_UTMP_H -#include -#endif - -#ifdef HAVE_UTMPX_H -#include -#endif - -#ifdef HAVE_UTMPX_H -struct utmpx wtmp; -#elif defined(HAVE_UTMP_H) -struct utmp wtmp; -#endif /* HAVE_UTMPX_H */ - -#ifdef HAVE_STRUCT_UTMP_UT_HOST -int utmp_len = sizeof(wtmp.ut_host); -#else -int utmp_len = MaxHostNameLen; -#endif - -#ifndef UTMP_FILE -#ifdef _PATH_UTMP -#define UTMP_FILE _PATH_UTMP -#else -#define UTMP_FILE "/etc/utmp" -#endif -#endif - -#if !defined(WTMP_FILE) && defined(_PATH_WTMP) -#define WTMP_FILE _PATH_WTMP -#endif - -#ifndef PARENT_DOES_UTMP -#ifdef WTMP_FILE -char wtmpf[] = WTMP_FILE; -#else -char wtmpf[] = "/usr/adm/wtmp"; -#endif -char utmpf[] = UTMP_FILE; -#else /* PARENT_DOES_UTMP */ -#ifdef WTMP_FILE -char wtmpf[] = WTMP_FILE; -#else -char wtmpf[] = "/etc/wtmp"; -#endif -#endif /* PARENT_DOES_UTMP */ - -#ifdef HAVE_TMPDIR_H -#include -#endif /* CRAY */ - -#ifdef STREAMSPTY - -#ifdef HAVE_SAC_H -#include -#endif - -#ifdef HAVE_SYS_STROPTS_H -#include -#endif - -#endif /* STREAMSPTY */ - -#ifdef HAVE_SYS_STREAM_H -#ifdef HAVE_SYS_UIO_H -#include -#endif -#ifdef __hpux -#undef SE -#endif -#include -#endif -#if !(defined(__sgi) || defined(__linux) || defined(_AIX)) && defined(HAVE_SYS_TTY) -#include -#endif -#ifdef t_erase -#undef t_erase -#undef t_kill -#undef t_intrc -#undef t_quitc -#undef t_startc -#undef t_stopc -#undef t_eofc -#undef t_brkc -#undef t_suspc -#undef t_dsuspc -#undef t_rprntc -#undef t_flushc -#undef t_werasc -#undef t_lnextc -#endif - -#ifdef HAVE_TERMIOS_H -#include -#else -#ifdef HAVE_TERMIO_H -#include -#endif -#endif - -#ifdef HAVE_UTIL_H -#include -#endif - -# ifndef TCSANOW -# ifdef TCSETS -# define TCSANOW TCSETS -# define TCSADRAIN TCSETSW -# define tcgetattr(f, t) ioctl(f, TCGETS, (char *)t) -# else -# ifdef TCSETA -# define TCSANOW TCSETA -# define TCSADRAIN TCSETAW -# define tcgetattr(f, t) ioctl(f, TCGETA, (char *)t) -# else -# define TCSANOW TIOCSETA -# define TCSADRAIN TIOCSETAW -# define tcgetattr(f, t) ioctl(f, TIOCGETA, (char *)t) -# endif -# endif -# define tcsetattr(f, a, t) ioctl(f, a, t) -# define cfsetospeed(tp, val) (tp)->c_cflag &= ~CBAUD; \ -(tp)->c_cflag |= (val) -# define cfgetospeed(tp) ((tp)->c_cflag & CBAUD) -# ifdef CIBAUD -# define cfsetispeed(tp, val) (tp)->c_cflag &= ~CIBAUD; \ - (tp)->c_cflag |= ((val)<c_cflag & CIBAUD)>>IBSHIFT) -# else -# define cfsetispeed(tp, val) (tp)->c_cflag &= ~CBAUD; \ - (tp)->c_cflag |= (val) -# define cfgetispeed(tp) ((tp)->c_cflag & CBAUD) -# endif -# endif /* TCSANOW */ - struct termios termbuf, termbuf2; /* pty control structure */ -# ifdef STREAMSPTY - static int ttyfd = -1; - int really_stream = 0; -# endif - - const char *new_login = _PATH_LOGIN; - -/* - * init_termbuf() - * copy_termbuf(cp) - * set_termbuf() - * - * These three routines are used to get and set the "termbuf" structure - * to and from the kernel. init_termbuf() gets the current settings. - * copy_termbuf() hands in a new "termbuf" to write to the kernel, and - * set_termbuf() writes the structure into the kernel. - */ - - void - init_termbuf(void) -{ -# ifdef STREAMSPTY - if (really_stream) - tcgetattr(ttyfd, &termbuf); - else -# endif - tcgetattr(ourpty, &termbuf); - termbuf2 = termbuf; -} - -void -set_termbuf(void) -{ - /* - * Only make the necessary changes. - */ - if (memcmp(&termbuf, &termbuf2, sizeof(termbuf))) -# ifdef STREAMSPTY - if (really_stream) - tcsetattr(ttyfd, TCSANOW, &termbuf); - else -# endif - tcsetattr(ourpty, TCSANOW, &termbuf); -} - - -/* - * spcset(func, valp, valpp) - * - * This function takes various special characters (func), and - * sets *valp to the current value of that character, and - * *valpp to point to where in the "termbuf" structure that - * value is kept. - * - * It returns the SLC_ level of support for this function. - */ - - -int -spcset(int func, cc_t *valp, cc_t **valpp) -{ - -#define setval(a, b) *valp = termbuf.c_cc[a]; \ - *valpp = &termbuf.c_cc[a]; \ - return(b); -#define defval(a) *valp = ((cc_t)a); *valpp = (cc_t *)0; return(SLC_DEFAULT); - - switch(func) { - case SLC_EOF: - setval(VEOF, SLC_VARIABLE); - case SLC_EC: - setval(VERASE, SLC_VARIABLE); - case SLC_EL: - setval(VKILL, SLC_VARIABLE); - case SLC_IP: - setval(VINTR, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_ABORT: - setval(VQUIT, SLC_VARIABLE|SLC_FLUSHIN|SLC_FLUSHOUT); - case SLC_XON: -#ifdef VSTART - setval(VSTART, SLC_VARIABLE); -#else - defval(0x13); -#endif - case SLC_XOFF: -#ifdef VSTOP - setval(VSTOP, SLC_VARIABLE); -#else - defval(0x11); -#endif - case SLC_EW: -#ifdef VWERASE - setval(VWERASE, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_RP: -#ifdef VREPRINT - setval(VREPRINT, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_LNEXT: -#ifdef VLNEXT - setval(VLNEXT, SLC_VARIABLE); -#else - defval(0); -#endif - case SLC_AO: -#if !defined(VDISCARD) && defined(VFLUSHO) -# define VDISCARD VFLUSHO -#endif -#ifdef VDISCARD - setval(VDISCARD, SLC_VARIABLE|SLC_FLUSHOUT); -#else - defval(0); -#endif - case SLC_SUSP: -#ifdef VSUSP - setval(VSUSP, SLC_VARIABLE|SLC_FLUSHIN); -#else - defval(0); -#endif -#ifdef VEOL - case SLC_FORW1: - setval(VEOL, SLC_VARIABLE); -#endif -#ifdef VEOL2 - case SLC_FORW2: - setval(VEOL2, SLC_VARIABLE); -#endif - case SLC_AYT: -#ifdef VSTATUS - setval(VSTATUS, SLC_VARIABLE); -#else - defval(0); -#endif - - case SLC_BRK: - case SLC_SYNCH: - case SLC_EOR: - defval(0); - - default: - *valp = 0; - *valpp = 0; - return(SLC_NOSUPPORT); - } -} - -#ifdef _CRAY -/* - * getnpty() - * - * Return the number of pty's configured into the system. - */ -int -getnpty() -{ -#ifdef _SC_CRAY_NPTY - int numptys; - - if ((numptys = sysconf(_SC_CRAY_NPTY)) != -1) - return numptys; - else -#endif /* _SC_CRAY_NPTY */ - return 128; -} -#endif /* CRAY */ - -/* - * getpty() - * - * Allocate a pty. As a side effect, the external character - * array "line" contains the name of the slave side. - * - * Returns the file descriptor of the opened pty. - */ - -static char Xline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; -char *line = Xline; - -#ifdef _CRAY -char myline[] = "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"; -#endif /* CRAY */ - -#if !defined(HAVE_PTSNAME) && defined(STREAMSPTY) -static char *ptsname(int fd) -{ -#ifdef HAVE_TTYNAME - return ttyname(fd); -#else - return NULL; -#endif -} -#endif - -int getpty(int *ptynum) -{ -#ifdef __osf__ /* XXX */ - int master; - int slave; - if(openpty(&master, &slave, line, 0, 0) == 0){ - close(slave); - return master; - } - return -1; -#else -#ifdef HAVE__GETPTY - int master, slave; - char *p; - p = _getpty(&master, O_RDWR, 0600, 1); - if(p == NULL) - return -1; - strlcpy(line, p, sizeof(Xline)); - return master; -#else - - int p; - char *cp, *p1, *p2; - int i; -#if SunOS == 40 - int dummy; -#endif -#if 0 /* && defined(HAVE_OPENPTY) */ - int master; - int slave; - if(openpty(&master, &slave, line, 0, 0) == 0){ - close(slave); - return master; - } -#else -#ifdef STREAMSPTY - char *clone[] = { "/dev/ptc", "/dev/ptmx", "/dev/ptm", - "/dev/ptym/clone", 0 }; - - char **q; - for(q=clone; *q; q++){ - p=open(*q, O_RDWR); - if(p >= 0){ -#ifdef HAVE_GRANTPT - grantpt(p); -#endif -#ifdef HAVE_UNLOCKPT - unlockpt(p); -#endif - strlcpy(line, ptsname(p), sizeof(Xline)); - really_stream = 1; - return p; - } - } -#endif /* STREAMSPTY */ -#ifndef _CRAY - -#ifndef __hpux - snprintf(line, sizeof(Xline), "/dev/ptyXX"); - p1 = &line[8]; - p2 = &line[9]; -#else - snprintf(line, sizeof(Xline), "/dev/ptym/ptyXX"); - p1 = &line[13]; - p2 = &line[14]; -#endif - - - for (cp = "pqrstuvwxyzPQRST"; *cp; cp++) { - struct stat stb; - - *p1 = *cp; - *p2 = '0'; - /* - * This stat() check is just to keep us from - * looping through all 256 combinations if there - * aren't that many ptys available. - */ - if (stat(line, &stb) < 0) - break; - for (i = 0; i < 16; i++) { - *p2 = "0123456789abcdef"[i]; - p = open(line, O_RDWR); - if (p > 0) { -#ifndef __hpux - line[5] = 't'; -#else - for (p1 = &line[8]; *p1; p1++) - *p1 = *(p1+1); - line[9] = 't'; -#endif - chown(line, 0, 0); - chmod(line, 0600); -#if SunOS == 40 - if (ioctl(p, TIOCGPGRP, &dummy) == 0 - || errno != EIO) { - chmod(line, 0666); - close(p); - line[5] = 'p'; - } else -#endif /* SunOS == 40 */ - return(p); - } - } - } -#else /* CRAY */ - extern lowpty, highpty; - struct stat sb; - - for (*ptynum = lowpty; *ptynum <= highpty; (*ptynum)++) { - snprintf(myline, sizeof(myline), "/dev/pty/%03d", *ptynum); - p = open(myline, 2); - if (p < 0) - continue; - snprintf(line, sizeof(Xline), "/dev/ttyp%03d", *ptynum); - /* - * Here are some shenanigans to make sure that there - * are no listeners lurking on the line. - */ - if(stat(line, &sb) < 0) { - close(p); - continue; - } - if(sb.st_uid || sb.st_gid || sb.st_mode != 0600) { - chown(line, 0, 0); - chmod(line, 0600); - close(p); - p = open(myline, 2); - if (p < 0) - continue; - } - /* - * Now it should be safe...check for accessability. - */ - if (access(line, 6) == 0) - return(p); - else { - /* no tty side to pty so skip it */ - close(p); - } - } -#endif /* CRAY */ -#endif /* STREAMSPTY */ -#endif /* OPENPTY */ - return(-1); -#endif -} - - -int -tty_isecho(void) -{ - return (termbuf.c_lflag & ECHO); -} - -int -tty_flowmode(void) -{ - return((termbuf.c_iflag & IXON) ? 1 : 0); -} - -int -tty_restartany(void) -{ - return((termbuf.c_iflag & IXANY) ? 1 : 0); -} - -void -tty_setecho(int on) -{ - if (on) - termbuf.c_lflag |= ECHO; - else - termbuf.c_lflag &= ~ECHO; -} - -int -tty_israw(void) -{ - return(!(termbuf.c_lflag & ICANON)); -} - -void -tty_binaryin(int on) -{ - if (on) { - termbuf.c_iflag &= ~ISTRIP; - } else { - termbuf.c_iflag |= ISTRIP; - } -} - -void -tty_binaryout(int on) -{ - if (on) { - termbuf.c_cflag &= ~(CSIZE|PARENB); - termbuf.c_cflag |= CS8; - termbuf.c_oflag &= ~OPOST; - } else { - termbuf.c_cflag &= ~CSIZE; - termbuf.c_cflag |= CS7|PARENB; - termbuf.c_oflag |= OPOST; - } -} - -int -tty_isbinaryin(void) -{ - return(!(termbuf.c_iflag & ISTRIP)); -} - -int -tty_isbinaryout(void) -{ - return(!(termbuf.c_oflag&OPOST)); -} - - -int -tty_issofttab(void) -{ -# ifdef OXTABS - return (termbuf.c_oflag & OXTABS); -# endif -# ifdef TABDLY - return ((termbuf.c_oflag & TABDLY) == TAB3); -# endif -} - -void -tty_setsofttab(int on) -{ - if (on) { -# ifdef OXTABS - termbuf.c_oflag |= OXTABS; -# endif -# ifdef TABDLY - termbuf.c_oflag &= ~TABDLY; - termbuf.c_oflag |= TAB3; -# endif - } else { -# ifdef OXTABS - termbuf.c_oflag &= ~OXTABS; -# endif -# ifdef TABDLY - termbuf.c_oflag &= ~TABDLY; - termbuf.c_oflag |= TAB0; -# endif - } -} - -int -tty_islitecho(void) -{ -# ifdef ECHOCTL - return (!(termbuf.c_lflag & ECHOCTL)); -# endif -# ifdef TCTLECH - return (!(termbuf.c_lflag & TCTLECH)); -# endif -# if !defined(ECHOCTL) && !defined(TCTLECH) - return (0); /* assumes ctl chars are echoed '^x' */ -# endif -} - -void -tty_setlitecho(int on) -{ -# ifdef ECHOCTL - if (on) - termbuf.c_lflag &= ~ECHOCTL; - else - termbuf.c_lflag |= ECHOCTL; -# endif -# ifdef TCTLECH - if (on) - termbuf.c_lflag &= ~TCTLECH; - else - termbuf.c_lflag |= TCTLECH; -# endif -} - -int -tty_iscrnl(void) -{ - return (termbuf.c_iflag & ICRNL); -} - -/* - * Try to guess whether speeds are "encoded" (4.2BSD) or just numeric (4.4BSD). - */ -#if B4800 != 4800 -#define DECODE_BAUD -#endif - -#ifdef DECODE_BAUD - -/* - * A table of available terminal speeds - */ -struct termspeeds { - int speed; - int value; -} termspeeds[] = { - { 0, B0 }, { 50, B50 }, { 75, B75 }, - { 110, B110 }, { 134, B134 }, { 150, B150 }, - { 200, B200 }, { 300, B300 }, { 600, B600 }, - { 1200, B1200 }, { 1800, B1800 }, { 2400, B2400 }, - { 4800, B4800 }, -#ifdef B7200 - { 7200, B7200 }, -#endif - { 9600, B9600 }, -#ifdef B14400 - { 14400, B14400 }, -#endif -#ifdef B19200 - { 19200, B19200 }, -#endif -#ifdef B28800 - { 28800, B28800 }, -#endif -#ifdef B38400 - { 38400, B38400 }, -#endif -#ifdef B57600 - { 57600, B57600 }, -#endif -#ifdef B115200 - { 115200, B115200 }, -#endif -#ifdef B230400 - { 230400, B230400 }, -#endif - { -1, 0 } -}; -#endif /* DECODE_BUAD */ - -void -tty_tspeed(int val) -{ -#ifdef DECODE_BAUD - struct termspeeds *tp; - - for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++) - ; - if (tp->speed == -1) /* back up to last valid value */ - --tp; - cfsetospeed(&termbuf, tp->value); -#else /* DECODE_BUAD */ - cfsetospeed(&termbuf, val); -#endif /* DECODE_BUAD */ -} - -void -tty_rspeed(int val) -{ -#ifdef DECODE_BAUD - struct termspeeds *tp; - - for (tp = termspeeds; (tp->speed != -1) && (val > tp->speed); tp++) - ; - if (tp->speed == -1) /* back up to last valid value */ - --tp; - cfsetispeed(&termbuf, tp->value); -#else /* DECODE_BAUD */ - cfsetispeed(&termbuf, val); -#endif /* DECODE_BAUD */ -} - -#ifdef PARENT_DOES_UTMP -extern struct utmp wtmp; -extern char wtmpf[]; - -extern void utmp_sig_init (void); -extern void utmp_sig_reset (void); -extern void utmp_sig_wait (void); -extern void utmp_sig_notify (int); -# endif /* PARENT_DOES_UTMP */ - -#ifdef STREAMSPTY - -/* I_FIND seems to live a life of its own */ -static int my_find(int fd, char *module) -{ -#if defined(I_FIND) && defined(I_LIST) - static int flag; - static struct str_list sl; - int n; - int i; - - if(!flag){ - n = ioctl(fd, I_LIST, 0); - if(n < 0){ - perror("ioctl(fd, I_LIST, 0)"); - return -1; - } - sl.sl_modlist=(struct str_mlist*)malloc(n * sizeof(struct str_mlist)); - sl.sl_nmods = n; - n = ioctl(fd, I_LIST, &sl); - if(n < 0){ - perror("ioctl(fd, I_LIST, n)"); - return -1; - } - flag = 1; - } - - for(i=0; i= modules; p--){ - err = ioctl(fd, I_PUSH, *p); - if(err < 0 && errno != EINVAL) - fatalperror(net, "I_PUSH"); - } -} -#endif - -/* - * getptyslave() - * - * Open the slave side of the pty, and do any initialization - * that is necessary. The return value is a file descriptor - * for the slave side. - */ -void getptyslave(void) -{ - int t = -1; - - struct winsize ws; - extern int def_row, def_col; - extern int def_tspeed, def_rspeed; - /* - * Opening the slave side may cause initilization of the - * kernel tty structure. We need remember the state of - * if linemode was turned on - * terminal window size - * terminal speed - * so that we can re-set them if we need to. - */ - - - /* - * Make sure that we don't have a controlling tty, and - * that we are the session (process group) leader. - */ - -#ifdef HAVE_SETSID - if(setsid()<0) - fatalperror(net, "setsid()"); -#else -# ifdef TIOCNOTTY - t = open(_PATH_TTY, O_RDWR); - if (t >= 0) { - ioctl(t, TIOCNOTTY, (char *)0); - close(t); - } -# endif -#endif - -# ifdef PARENT_DOES_UTMP - /* - * Wait for our parent to get the utmp stuff to get done. - */ - utmp_sig_wait(); -# endif - - t = cleanopen(line); - if (t < 0) - fatalperror(net, line); - -#ifdef STREAMSPTY - ttyfd = t; - - - /* - * Not all systems have (or need) modules ttcompat and pckt so - * don't flag it as a fatal error if they don't exist. - */ - - if (really_stream) - { - /* these are the streams modules that we want pushed. note - that they are in reverse order, ptem will be pushed - first. maybe_push_modules() will try to push all modules - before the first one that isn't already pushed. i.e if - ldterm is pushed, only ttcompat will be attempted. - - all this is because we don't know which modules are - available, and we don't know which modules are already - pushed (via autopush, for instance). - - */ - - char *ttymodules[] = { "ttcompat", "ldterm", "ptem", NULL }; - char *ptymodules[] = { "pckt", NULL }; - - maybe_push_modules(t, ttymodules); - maybe_push_modules(ourpty, ptymodules); - } -#endif - /* - * set up the tty modes as we like them to be. - */ - init_termbuf(); -# ifdef TIOCSWINSZ - if (def_row || def_col) { - memset(&ws, 0, sizeof(ws)); - ws.ws_col = def_col; - ws.ws_row = def_row; - ioctl(t, TIOCSWINSZ, (char *)&ws); - } -# endif - - /* - * Settings for sgtty based systems - */ - - /* - * Settings for UNICOS (and HPUX) - */ -# if defined(_CRAY) || defined(__hpux) - termbuf.c_oflag = OPOST|ONLCR|TAB3; - termbuf.c_iflag = IGNPAR|ISTRIP|ICRNL|IXON; - termbuf.c_lflag = ISIG|ICANON|ECHO|ECHOE|ECHOK; - termbuf.c_cflag = EXTB|HUPCL|CS8; -# endif - - /* - * Settings for all other termios/termio based - * systems, other than 4.4BSD. In 4.4BSD the - * kernel does the initial terminal setup. - */ -# if !(defined(_CRAY) || defined(__hpux)) && (BSD <= 43) -# ifndef OXTABS -# define OXTABS 0 -# endif - termbuf.c_lflag |= ECHO; - termbuf.c_oflag |= ONLCR|OXTABS; - termbuf.c_iflag |= ICRNL; - termbuf.c_iflag &= ~IXOFF; -# endif - tty_rspeed((def_rspeed > 0) ? def_rspeed : 9600); - tty_tspeed((def_tspeed > 0) ? def_tspeed : 9600); - - /* - * Set the tty modes, and make this our controlling tty. - */ - set_termbuf(); - if (login_tty(t) == -1) - fatalperror(net, "login_tty"); - if (net > 2) - close(net); - if (ourpty > 2) { - close(ourpty); - ourpty = -1; - } -} - -#ifndef O_NOCTTY -#define O_NOCTTY 0 -#endif -/* - * Open the specified slave side of the pty, - * making sure that we have a clean tty. - */ - -int cleanopen(char *line) -{ - int t; - -#ifdef STREAMSPTY - if (!really_stream) -#endif - { - /* - * Make sure that other people can't open the - * slave side of the connection. - */ - chown(line, 0, 0); - chmod(line, 0600); - } - -#ifdef HAVE_REVOKE - revoke(line); -#endif - - t = open(line, O_RDWR|O_NOCTTY); - - if (t < 0) - return(-1); - - /* - * Hangup anybody else using this ttyp, then reopen it for - * ourselves. - */ -# if !(defined(_CRAY) || defined(__hpux)) && (BSD <= 43) && !defined(STREAMSPTY) - signal(SIGHUP, SIG_IGN); -#ifdef HAVE_VHANGUP - vhangup(); -#else -#endif - signal(SIGHUP, SIG_DFL); - t = open(line, O_RDWR|O_NOCTTY); - if (t < 0) - return(-1); -# endif -# if defined(_CRAY) && defined(TCVHUP) - { - int i; - signal(SIGHUP, SIG_IGN); - ioctl(t, TCVHUP, (char *)0); - signal(SIGHUP, SIG_DFL); - - i = open(line, O_RDWR); - - if (i < 0) - return(-1); - close(t); - t = i; - } -# endif /* defined(CRAY) && defined(TCVHUP) */ - return(t); -} - -#if !defined(BSD4_4) - -int login_tty(int t) -{ -# if defined(TIOCSCTTY) && !defined(__hpux) - if (ioctl(t, TIOCSCTTY, (char *)0) < 0) - fatalperror(net, "ioctl(sctty)"); -# ifdef _CRAY - /* - * Close the hard fd to /dev/ttypXXX, and re-open through - * the indirect /dev/tty interface. - */ - close(t); - if ((t = open("/dev/tty", O_RDWR)) < 0) - fatalperror(net, "open(/dev/tty)"); -# endif -# else - /* - * We get our controlling tty assigned as a side-effect - * of opening up a tty device. But on BSD based systems, - * this only happens if our process group is zero. The - * setsid() call above may have set our pgrp, so clear - * it out before opening the tty... - */ -#ifdef HAVE_SETPGID - setpgid(0, 0); -#else - setpgrp(0, 0); /* if setpgid isn't available, setpgrp - probably takes arguments */ -#endif - close(open(line, O_RDWR)); -# endif - if (t != 0) - dup2(t, 0); - if (t != 1) - dup2(t, 1); - if (t != 2) - dup2(t, 2); - if (t > 2) - close(t); - return(0); -} -#endif /* BSD <= 43 */ - -/* - * This comes from ../../bsd/tty.c and should not really be here. - */ - -/* - * Clean the tty name. Return a pointer to the cleaned version. - */ - -static char * -clean_ttyname (char *tty) -{ - char *res = tty; - - if (strncmp (res, _PATH_DEV, strlen(_PATH_DEV)) == 0) - res += strlen(_PATH_DEV); - if (strncmp (res, "pty/", 4) == 0) - res += 4; - if (strncmp (res, "ptym/", 5) == 0) - res += 5; - return res; -} - -/* - * Generate a name usable as an `ut_id', typically without `tty'. - */ - -#ifdef HAVE_STRUCT_UTMP_UT_ID -static char * -make_id (char *tty) -{ - char *res = tty; - - if (strncmp (res, "pts/", 4) == 0) - res += 4; - if (strncmp (res, "tty", 3) == 0) - res += 3; - return res; -} -#endif - -/* - * startslave(host) - * - * Given a hostname, do whatever - * is necessary to startup the login process on the slave side of the pty. - */ - -/* ARGSUSED */ -void -startslave(char *host, int autologin, char *autoname) -{ - int i; - -#ifdef AUTHENTICATION - if (!autoname || !autoname[0]) - autologin = 0; - - if (autologin < auth_level) { - fatal(net, "Authorization failed"); - exit(1); - } -#endif - - { - char *tbuf = - "\r\n*** Connection not encrypted! " - "Communication may be eavesdropped. ***\r\n"; -#ifdef ENCRYPTION - if (!no_warn && (encrypt_output == 0 || decrypt_input == 0)) -#endif - writenet((unsigned char*)tbuf, strlen(tbuf)); - } -# ifdef PARENT_DOES_UTMP - utmp_sig_init(); -# endif /* PARENT_DOES_UTMP */ - - if ((i = fork()) < 0) - fatalperror(net, "fork"); - if (i) { -# ifdef PARENT_DOES_UTMP - /* - * Cray parent will create utmp entry for child and send - * signal to child to tell when done. Child waits for signal - * before doing anything important. - */ - int pid = i; - void sigjob (int); - - setpgrp(); - utmp_sig_reset(); /* reset handler to default */ - /* - * Create utmp entry for child - */ - wtmp.ut_time = time(NULL); - wtmp.ut_type = LOGIN_PROCESS; - wtmp.ut_pid = pid; - strncpy(wtmp.ut_user, "LOGIN", sizeof(wtmp.ut_user)); - strncpy(wtmp.ut_host, host, sizeof(wtmp.ut_host)); - strncpy(wtmp.ut_line, clean_ttyname(line), sizeof(wtmp.ut_line)); -#ifdef HAVE_STRUCT_UTMP_UT_ID - strncpy(wtmp.ut_id, wtmp.ut_line + 3, sizeof(wtmp.ut_id)); -#endif - - pututline(&wtmp); - endutent(); - if ((i = open(wtmpf, O_WRONLY|O_APPEND)) >= 0) { - write(i, &wtmp, sizeof(struct utmp)); - close(i); - } -#ifdef _CRAY - signal(WJSIGNAL, sigjob); -#endif - utmp_sig_notify(pid); -# endif /* PARENT_DOES_UTMP */ - } else { - getptyslave(); - start_login(host, autologin, autoname); - /*NOTREACHED*/ - } -} - -char *envinit[3]; -extern char **environ; - -void -init_env(void) -{ - extern char *getenv(const char *); - char **envp; - - envp = envinit; - if ((*envp = getenv("TZ"))) - *envp++ -= 3; -#if defined(_CRAY) || defined(__hpux) - else - *envp++ = "TZ=GMT0"; -#endif - *envp = 0; - environ = envinit; -} - -/* - * scrub_env() - * - * We only accept the environment variables listed below. - */ - -static void -scrub_env(void) -{ - static const char *reject[] = { - "TERMCAP=/", - NULL - }; - - static const char *accept[] = { - "XAUTH=", "XAUTHORITY=", "DISPLAY=", - "TERM=", - "EDITOR=", - "PAGER=", - "PRINTER=", - "LOGNAME=", - "POSIXLY_CORRECT=", - "TERMCAP=", - NULL - }; - - char **cpp, **cpp2; - const char **p; - - for (cpp2 = cpp = environ; *cpp; cpp++) { - int reject_it = 0; - - for(p = reject; *p; p++) - if(strncmp(*cpp, *p, strlen(*p)) == 0) { - reject_it = 1; - break; - } - if (reject_it) - continue; - - for(p = accept; *p; p++) - if(strncmp(*cpp, *p, strlen(*p)) == 0) - break; - if(*p != NULL) - *cpp2++ = *cpp; - } - *cpp2 = NULL; -} - - -struct arg_val { - int size; - int argc; - char **argv; -}; - -static int addarg(struct arg_val*, char*); - -/* - * start_login(host) - * - * Assuming that we are now running as a child processes, this - * function will turn us into the login process. - */ - -void -start_login(char *host, int autologin, char *name) -{ - struct arg_val argv; - char *user; - -#ifdef HAVE_UTMPX_H - int pid = getpid(); - struct utmpx utmpx; - char *clean_tty; - - /* - * Create utmp entry for child - */ - - clean_tty = clean_ttyname(line); - memset(&utmpx, 0, sizeof(utmpx)); - strncpy(utmpx.ut_user, ".telnet", sizeof(utmpx.ut_user)); - strncpy(utmpx.ut_line, clean_tty, sizeof(utmpx.ut_line)); -#ifdef HAVE_STRUCT_UTMP_UT_ID - strncpy(utmpx.ut_id, make_id(clean_tty), sizeof(utmpx.ut_id)); -#endif - utmpx.ut_pid = pid; - - utmpx.ut_type = LOGIN_PROCESS; - - gettimeofday (&utmpx.ut_tv, NULL); - if (pututxline(&utmpx) == NULL) - fatal(net, "pututxline failed"); -#endif - - scrub_env(); - - /* - * -h : pass on name of host. - * WARNING: -h is accepted by login if and only if - * getuid() == 0. - * -p : don't clobber the environment (so terminal type stays set). - * - * -f : force this login, he has already been authenticated - */ - - /* init argv structure */ - argv.size=0; - argv.argc=0; - argv.argv=(char**)malloc(0); /*so we can call realloc later */ - addarg(&argv, "login"); - addarg(&argv, "-h"); - addarg(&argv, host); - addarg(&argv, "-p"); - if(name[0]) - user = name; - else - user = getenv("USER"); -#ifdef AUTHENTICATION - if (auth_level < 0 || autologin != AUTH_VALID) { - if(!no_warn) { - printf("User not authenticated. "); - if (require_otp) - printf("Using one-time password\r\n"); - else - printf("Using plaintext username and password\r\n"); - } - if (require_otp) { - addarg(&argv, "-a"); - addarg(&argv, "otp"); - } - if(log_unauth) - syslog(LOG_INFO, "unauthenticated access from %s (%s)", - host, user ? user : "unknown user"); - } - if (auth_level >= 0 && autologin == AUTH_VALID) - addarg(&argv, "-f"); -#endif - if(user){ - addarg(&argv, "--"); - addarg(&argv, strdup(user)); - } - if (getenv("USER")) { - /* - * Assume that login will set the USER variable - * correctly. For SysV systems, this means that - * USER will no longer be set, just LOGNAME by - * login. (The problem is that if the auto-login - * fails, and the user then specifies a different - * account name, he can get logged in with both - * LOGNAME and USER in his environment, but the - * USER value will be wrong. - */ - unsetenv("USER"); - } - closelog(); - /* - * This sleep(1) is in here so that telnetd can - * finish up with the tty. There's a race condition - * the login banner message gets lost... - */ - sleep(1); - - execv(new_login, argv.argv); - - syslog(LOG_ERR, "%s: %m\n", new_login); - fatalperror(net, new_login); - /*NOTREACHED*/ -} - - - -static int addarg(struct arg_val *argv, char *val) -{ - if(argv->size <= argv->argc+1){ - argv->argv = (char**)realloc(argv->argv, sizeof(char*) * (argv->size + 10)); - if(argv->argv == NULL) - return 1; /* this should probably be handled better */ - argv->size+=10; - } - argv->argv[argv->argc++]=val; - argv->argv[argv->argc]=NULL; - return 0; -} - - -/* - * rmut() - * - * This is the function called by cleanup() to - * remove the utmp entry for this person. - */ - -#ifdef HAVE_UTMPX_H -static void -rmut(void) -{ - struct utmpx utmpx, *non_save_utxp; - char *clean_tty = clean_ttyname(line); - - /* - * This updates the utmpx and utmp entries and make a wtmp/x entry - */ - - setutxent(); - memset(&utmpx, 0, sizeof(utmpx)); - strncpy(utmpx.ut_line, clean_tty, sizeof(utmpx.ut_line)); - utmpx.ut_type = LOGIN_PROCESS; - non_save_utxp = getutxline(&utmpx); - if (non_save_utxp) { - struct utmpx *utxp; - char user0; - - utxp = malloc(sizeof(struct utmpx)); - *utxp = *non_save_utxp; - user0 = utxp->ut_user[0]; - utxp->ut_user[0] = '\0'; - utxp->ut_type = DEAD_PROCESS; -#ifdef HAVE_STRUCT_UTMPX_UT_EXIT -#ifdef _STRUCT___EXIT_STATUS - utxp->ut_exit.__e_termination = 0; - utxp->ut_exit.__e_exit = 0; -#elif defined(__osf__) /* XXX */ - utxp->ut_exit.ut_termination = 0; - utxp->ut_exit.ut_exit = 0; -#else - utxp->ut_exit.e_termination = 0; - utxp->ut_exit.e_exit = 0; -#endif -#endif - gettimeofday(&utxp->ut_tv, NULL); - pututxline(utxp); -#ifdef WTMPX_FILE - utxp->ut_user[0] = user0; - updwtmpx(WTMPX_FILE, utxp); -#elif defined(WTMP_FILE) - /* This is a strange system with a utmpx and a wtmp! */ - { - int f = open(wtmpf, O_WRONLY|O_APPEND); - struct utmp wtmp; - if (f >= 0) { - strncpy(wtmp.ut_line, clean_tty, sizeof(wtmp.ut_line)); - strncpy(wtmp.ut_name, "", sizeof(wtmp.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(wtmp.ut_host, "", sizeof(wtmp.ut_host)); -#endif - wtmp.ut_time = time(NULL); - write(f, &wtmp, sizeof(wtmp)); - close(f); - } - } -#endif - free (utxp); - } - endutxent(); -} /* end of rmut */ -#endif - -#if !defined(HAVE_UTMPX_H) && !(defined(_CRAY) || defined(__hpux)) && BSD <= 43 -static void -rmut(void) -{ - int f; - int found = 0; - struct utmp *u, *utmp; - int nutmp; - struct stat statbf; - char *clean_tty = clean_ttyname(line); - - f = open(utmpf, O_RDWR); - if (f >= 0) { - fstat(f, &statbf); - utmp = (struct utmp *)malloc((unsigned)statbf.st_size); - if (!utmp) - syslog(LOG_ERR, "utmp malloc failed"); - if (statbf.st_size && utmp) { - nutmp = read(f, utmp, (int)statbf.st_size); - nutmp /= sizeof(struct utmp); - - for (u = utmp ; u < &utmp[nutmp] ; u++) { - if (strncmp(u->ut_line, - clean_tty, - sizeof(u->ut_line)) || - u->ut_name[0]==0) - continue; - lseek(f, ((long)u)-((long)utmp), L_SET); - strncpy(u->ut_name, "", sizeof(u->ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(u->ut_host, "", sizeof(u->ut_host)); -#endif - u->ut_time = time(NULL); - write(f, u, sizeof(wtmp)); - found++; - } - } - close(f); - } - if (found) { - f = open(wtmpf, O_WRONLY|O_APPEND); - if (f >= 0) { - strncpy(wtmp.ut_line, clean_tty, sizeof(wtmp.ut_line)); - strncpy(wtmp.ut_name, "", sizeof(wtmp.ut_name)); -#ifdef HAVE_STRUCT_UTMP_UT_HOST - strncpy(wtmp.ut_host, "", sizeof(wtmp.ut_host)); -#endif - wtmp.ut_time = time(NULL); - write(f, &wtmp, sizeof(wtmp)); - close(f); - } - } - chmod(line, 0666); - chown(line, 0, 0); - line[strlen("/dev/")] = 'p'; - chmod(line, 0666); - chown(line, 0, 0); -} /* end of rmut */ -#endif /* CRAY */ - -#if defined(__hpux) && !defined(HAVE_UTMPX_H) -static void -rmut (char *line) -{ - struct utmp utmp; - struct utmp *utptr; - int fd; /* for /etc/wtmp */ - - utmp.ut_type = USER_PROCESS; - strncpy(utmp.ut_line, clean_ttyname(line), sizeof(utmp.ut_line)); - setutent(); - utptr = getutline(&utmp); - /* write it out only if it exists */ - if (utptr) { - utptr->ut_type = DEAD_PROCESS; - utptr->ut_time = time(NULL); - pututline(utptr); - /* set wtmp entry if wtmp file exists */ - if ((fd = open(wtmpf, O_WRONLY | O_APPEND)) >= 0) { - write(fd, utptr, sizeof(utmp)); - close(fd); - } - } - endutent(); - - chmod(line, 0666); - chown(line, 0, 0); - line[14] = line[13]; - line[13] = line[12]; - line[8] = 'm'; - line[9] = '/'; - line[10] = 'p'; - line[11] = 't'; - line[12] = 'y'; - chmod(line, 0666); - chown(line, 0, 0); -} -#endif - -/* - * cleanup() - * - * This is the routine to call when we are all through, to - * clean up anything that needs to be cleaned up. - */ - -#ifdef PARENT_DOES_UTMP - -void -cleanup(int sig) -{ -#ifdef _CRAY - static int incleanup = 0; - int t; - int child_status; /* status of child process as returned by waitpid */ - int flags = WNOHANG|WUNTRACED; - - /* - * 1: Pick up the zombie, if we are being called - * as the signal handler. - * 2: If we are a nested cleanup(), return. - * 3: Try to clean up TMPDIR. - * 4: Fill in utmp with shutdown of process. - * 5: Close down the network and pty connections. - * 6: Finish up the TMPDIR cleanup, if needed. - */ - if (sig == SIGCHLD) { - while (waitpid(-1, &child_status, flags) > 0) - ; /* VOID */ - /* Check if the child process was stopped - * rather than exited. We want cleanup only if - * the child has died. - */ - if (WIFSTOPPED(child_status)) { - return; - } - } - t = sigblock(sigmask(SIGCHLD)); - if (incleanup) { - sigsetmask(t); - return; - } - incleanup = 1; - sigsetmask(t); - - t = cleantmp(&wtmp); - setutent(); /* just to make sure */ -#endif /* CRAY */ - rmut(line); - close(ourpty); - shutdown(net, 2); -#ifdef _CRAY - if (t == 0) - cleantmp(&wtmp); -#endif /* CRAY */ - exit(1); -} - -#else /* PARENT_DOES_UTMP */ - -void -cleanup(int sig) -{ -#if defined(HAVE_UTMPX_H) || !defined(HAVE_LOGWTMP) - rmut(); -#ifdef HAVE_VHANGUP -#ifndef __sgi - vhangup(); /* XXX */ -#endif -#endif -#else - char *p; - - p = line + sizeof("/dev/") - 1; - if (logout(p)) - logwtmp(p, "", ""); - chmod(line, 0666); - chown(line, 0, 0); - *p = 'p'; - chmod(line, 0666); - chown(line, 0, 0); -#endif - shutdown(net, 2); - exit(1); -} - -#endif /* PARENT_DOES_UTMP */ - -#ifdef PARENT_DOES_UTMP -/* - * _utmp_sig_rcv - * utmp_sig_init - * utmp_sig_wait - * These three functions are used to coordinate the handling of - * the utmp file between the server and the soon-to-be-login shell. - * The server actually creates the utmp structure, the child calls - * utmp_sig_wait(), until the server calls utmp_sig_notify() and - * signals the future-login shell to proceed. - */ -static int caught=0; /* NZ when signal intercepted */ -static void (*func)(); /* address of previous handler */ - -void -_utmp_sig_rcv(sig) - int sig; -{ - caught = 1; - signal(SIGUSR1, func); -} - -void -utmp_sig_init() -{ - /* - * register signal handler for UTMP creation - */ - if ((int)(func = signal(SIGUSR1, _utmp_sig_rcv)) == -1) - fatalperror(net, "telnetd/signal"); -} - -void -utmp_sig_reset() -{ - signal(SIGUSR1, func); /* reset handler to default */ -} - -# ifdef __hpux -# define sigoff() /* do nothing */ -# define sigon() /* do nothing */ -# endif - -void -utmp_sig_wait() -{ - /* - * Wait for parent to write our utmp entry. - */ - sigoff(); - while (caught == 0) { - pause(); /* wait until we get a signal (sigon) */ - sigoff(); /* turn off signals while we check caught */ - } - sigon(); /* turn on signals again */ -} - -void -utmp_sig_notify(pid) -{ - kill(pid, SIGUSR1); -} - -#ifdef _CRAY -static int gotsigjob = 0; - - /*ARGSUSED*/ -void -sigjob(sig) - int sig; -{ - int jid; - struct jobtemp *jp; - - while ((jid = waitjob(NULL)) != -1) { - if (jid == 0) { - return; - } - gotsigjob++; - jobend(jid, NULL, NULL); - } -} - -/* - * jid_getutid: - * called by jobend() before calling cleantmp() - * to find the correct $TMPDIR to cleanup. - */ - -struct utmp * -jid_getutid(jid) - int jid; -{ - struct utmp *cur = NULL; - - setutent(); /* just to make sure */ - while (cur = getutent()) { - if ( (cur->ut_type != NULL) && (jid == cur->ut_jid) ) { - return(cur); - } - } - - return(0); -} - -/* - * Clean up the TMPDIR that login created. - * The first time this is called we pick up the info - * from the utmp. If the job has already gone away, - * then we'll clean up and be done. If not, then - * when this is called the second time it will wait - * for the signal that the job is done. - */ -int -cleantmp(wtp) - struct utmp *wtp; -{ - struct utmp *utp; - static int first = 1; - int mask, omask, ret; - extern struct utmp *getutid (const struct utmp *_Id); - - - mask = sigmask(WJSIGNAL); - - if (first == 0) { - omask = sigblock(mask); - while (gotsigjob == 0) - sigpause(omask); - return(1); - } - first = 0; - setutent(); /* just to make sure */ - - utp = getutid(wtp); - if (utp == 0) { - syslog(LOG_ERR, "Can't get /etc/utmp entry to clean TMPDIR"); - return(-1); - } - /* - * Nothing to clean up if the user shell was never started. - */ - if (utp->ut_type != USER_PROCESS || utp->ut_jid == 0) - return(1); - - /* - * Block the WJSIGNAL while we are in jobend(). - */ - omask = sigblock(mask); - ret = jobend(utp->ut_jid, utp->ut_tpath, utp->ut_user); - sigsetmask(omask); - return(ret); -} - -int -jobend(jid, path, user) - int jid; - char *path; - char *user; -{ - static int saved_jid = 0; - static int pty_saved_jid = 0; - static char saved_path[sizeof(wtmp.ut_tpath)+1]; - static char saved_user[sizeof(wtmp.ut_user)+1]; - - /* - * this little piece of code comes into play - * only when ptyreconnect is used to reconnect - * to an previous session. - * - * this is the only time when the - * "saved_jid != jid" code is executed. - */ - - if ( saved_jid && saved_jid != jid ) { - if (!path) { /* called from signal handler */ - pty_saved_jid = jid; - } else { - pty_saved_jid = saved_jid; - } - } - - if (path) { - strncpy(saved_path, path, sizeof(wtmp.ut_tpath)); - strncpy(saved_user, user, sizeof(wtmp.ut_user)); - saved_path[sizeof(saved_path)] = '\0'; - saved_user[sizeof(saved_user)] = '\0'; - } - if (saved_jid == 0) { - saved_jid = jid; - return(0); - } - - /* if the jid has changed, get the correct entry from the utmp file */ - - if ( saved_jid != jid ) { - struct utmp *utp = NULL; - struct utmp *jid_getutid(); - - utp = jid_getutid(pty_saved_jid); - - if (utp == 0) { - syslog(LOG_ERR, "Can't get /etc/utmp entry to clean TMPDIR"); - return(-1); - } - - cleantmpdir(jid, utp->ut_tpath, utp->ut_user); - return(1); - } - - cleantmpdir(jid, saved_path, saved_user); - return(1); -} - -/* - * Fork a child process to clean up the TMPDIR - */ -cleantmpdir(jid, tpath, user) - int jid; - char *tpath; - char *user; -{ - switch(fork()) { - case -1: - syslog(LOG_ERR, "TMPDIR cleanup(%s): fork() failed: %m\n", - tpath); - break; - case 0: - execl(CLEANTMPCMD, CLEANTMPCMD, user, tpath, 0); - syslog(LOG_ERR, "TMPDIR cleanup(%s): execl(%s) failed: %m\n", - tpath, CLEANTMPCMD); - exit(1); - default: - /* - * Forget about child. We will exit, and - * /etc/init will pick it up. - */ - break; - } -} -#endif /* CRAY */ -#endif /* defined(PARENT_DOES_UTMP) */ diff --git a/crypto/kerberosIV/appl/telnet/telnetd/telnetd.c b/crypto/kerberosIV/appl/telnet/telnetd/telnetd.c deleted file mode 100644 index 0c2750e11fb3..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/telnetd.c +++ /dev/null @@ -1,1399 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: telnetd.c,v 1.58.2.1 2000/10/10 13:12:08 assar Exp $"); - -#ifdef _SC_CRAY_SECURE_SYS -#include -#include -#include -#include -int secflag; -char tty_dev[16]; -struct secdev dv; -struct sysv sysv; -struct socksec ss; -#endif /* _SC_CRAY_SECURE_SYS */ - -#ifdef AUTHENTICATION -int auth_level = 0; -#endif - -extern int utmp_len; -int registerd_host_only = 0; - -#ifdef STREAMSPTY -# include -# include -#ifdef HAVE_SYS_UIO_H -#include -#endif /* HAVE_SYS_UIO_H */ -#ifdef HAVE_SYS_STREAM_H -#include -#endif -#ifdef _AIX -#include -#endif -# ifdef HAVE_SYS_STRTTY_H -# include -# endif -# ifdef HAVE_SYS_STR_TTY_H -# include -# endif -/* make sure we don't get the bsd version */ -/* what is this here for? solaris? /joda */ -# ifdef HAVE_SYS_TTY_H -# include "/usr/include/sys/tty.h" -# endif -# ifdef HAVE_SYS_PTYVAR_H -# include -# endif - -/* - * Because of the way ptyibuf is used with streams messages, we need - * ptyibuf+1 to be on a full-word boundary. The following wierdness - * is simply to make that happen. - */ -long ptyibufbuf[BUFSIZ/sizeof(long)+1]; -char *ptyibuf = ((char *)&ptyibufbuf[1])-1; -char *ptyip = ((char *)&ptyibufbuf[1])-1; -char ptyibuf2[BUFSIZ]; -unsigned char ctlbuf[BUFSIZ]; -struct strbuf strbufc, strbufd; - -int readstream(int, char*, int); - -#else /* ! STREAMPTY */ - -/* - * I/O data buffers, - * pointers, and counters. - */ -char ptyibuf[BUFSIZ], *ptyip = ptyibuf; -char ptyibuf2[BUFSIZ]; - -#endif /* ! STREAMPTY */ - -int hostinfo = 1; /* do we print login banner? */ - -#ifdef _CRAY -extern int newmap; /* nonzero if \n maps to ^M^J */ -int lowpty = 0, highpty; /* low, high pty numbers */ -#endif /* CRAY */ - -int debug = 0; -int keepalive = 1; -char *progname; - -static void usage (void); - -/* - * The string to pass to getopt(). We do it this way so - * that only the actual options that we support will be - * passed off to getopt(). - */ -char valid_opts[] = "Bd:hklnS:u:UL:y" -#ifdef AUTHENTICATION - "a:X:z" -#endif -#ifdef DIAGNOSTICS - "D:" -#endif -#ifdef _CRAY - "r:" -#endif - ; - -static void doit(struct sockaddr*, int); - -int -main(int argc, char **argv) -{ - struct sockaddr_storage __ss; - struct sockaddr *sa = (struct sockaddr *)&__ss; - int on = 1, sa_size; - int ch; -#if defined(IPPROTO_IP) && defined(IP_TOS) - int tos = -1; -#endif -#ifdef ENCRYPTION - extern int des_check_key; - des_check_key = 1; /* Kludge for Mac NCSA telnet 2.6 /bg */ -#endif - pfrontp = pbackp = ptyobuf; - netip = netibuf; - nfrontp = nbackp = netobuf; - - progname = *argv; -#ifdef ENCRYPTION - nclearto = 0; -#endif - -#ifdef _CRAY - /* - * Get number of pty's before trying to process options, - * which may include changing pty range. - */ - highpty = getnpty(); -#endif /* CRAY */ - - while ((ch = getopt(argc, argv, valid_opts)) != -1) { - switch(ch) { - -#ifdef AUTHENTICATION - case 'a': - /* - * Check for required authentication level - */ - if (strcmp(optarg, "debug") == 0) { - auth_debug_mode = 1; - } else if (strcasecmp(optarg, "none") == 0) { - auth_level = 0; - } else if (strcasecmp(optarg, "otp") == 0) { - auth_level = 0; - require_otp = 1; - } else if (strcasecmp(optarg, "other") == 0) { - auth_level = AUTH_OTHER; - } else if (strcasecmp(optarg, "user") == 0) { - auth_level = AUTH_USER; - } else if (strcasecmp(optarg, "valid") == 0) { - auth_level = AUTH_VALID; - } else if (strcasecmp(optarg, "off") == 0) { - /* - * This hack turns off authentication - */ - auth_level = -1; - } else { - fprintf(stderr, - "telnetd: unknown authorization level for -a\n"); - } - break; -#endif /* AUTHENTICATION */ - - case 'B': /* BFTP mode is not supported any more */ - break; - case 'd': - if (strcmp(optarg, "ebug") == 0) { - debug++; - break; - } - usage(); - /* NOTREACHED */ - break; - -#ifdef DIAGNOSTICS - case 'D': - /* - * Check for desired diagnostics capabilities. - */ - if (!strcmp(optarg, "report")) { - diagnostic |= TD_REPORT|TD_OPTIONS; - } else if (!strcmp(optarg, "exercise")) { - diagnostic |= TD_EXERCISE; - } else if (!strcmp(optarg, "netdata")) { - diagnostic |= TD_NETDATA; - } else if (!strcmp(optarg, "ptydata")) { - diagnostic |= TD_PTYDATA; - } else if (!strcmp(optarg, "options")) { - diagnostic |= TD_OPTIONS; - } else { - usage(); - /* NOT REACHED */ - } - break; -#endif /* DIAGNOSTICS */ - - - case 'h': - hostinfo = 0; - break; - - case 'k': /* Linemode is not supported any more */ - case 'l': - break; - - case 'n': - keepalive = 0; - break; - -#ifdef _CRAY - case 'r': - { - char *strchr(); - char *c; - - /* - * Allow the specification of alterations - * to the pty search range. It is legal to - * specify only one, and not change the - * other from its default. - */ - c = strchr(optarg, '-'); - if (c) { - *c++ = '\0'; - highpty = atoi(c); - } - if (*optarg != '\0') - lowpty = atoi(optarg); - if ((lowpty > highpty) || (lowpty < 0) || - (highpty > 32767)) { - usage(); - /* NOT REACHED */ - } - break; - } -#endif /* CRAY */ - - case 'S': -#ifdef HAVE_PARSETOS - if ((tos = parsetos(optarg, "tcp")) < 0) - fprintf(stderr, "%s%s%s\n", - "telnetd: Bad TOS argument '", optarg, - "'; will try to use default TOS"); -#else - fprintf(stderr, "%s%s\n", "TOS option unavailable; ", - "-S flag not supported\n"); -#endif - break; - - case 'u': - utmp_len = atoi(optarg); - break; - - case 'U': - registerd_host_only = 1; - break; - -#ifdef AUTHENTICATION - case 'X': - /* - * Check for invalid authentication types - */ - auth_disable_name(optarg); - break; -#endif - case 'y': - no_warn = 1; - break; -#ifdef AUTHENTICATION - case 'z': - log_unauth = 1; - break; - -#endif /* AUTHENTICATION */ - - case 'L': - new_login = optarg; - break; - - default: - fprintf(stderr, "telnetd: %c: unknown option\n", ch); - /* FALLTHROUGH */ - case '?': - usage(); - /* NOTREACHED */ - } - } - - argc -= optind; - argv += optind; - - if (debug) { - int port = 0; - struct servent *sp; - - if (argc > 1) { - usage (); - } else if (argc == 1) { - sp = roken_getservbyname (*argv, "tcp"); - if (sp) - port = sp->s_port; - else - port = htons(atoi(*argv)); - } else { -#ifdef KRB5 - port = krb5_getportbyname (NULL, "telnet", "tcp", 23); -#else - port = k_getportbyname("telnet", "tcp", htons(23)); -#endif - } - mini_inetd (port); - } else if (argc > 0) { - usage(); - /* NOT REACHED */ - } - -#ifdef _SC_CRAY_SECURE_SYS - secflag = sysconf(_SC_CRAY_SECURE_SYS); - - /* - * Get socket's security label - */ - if (secflag) { - int szss = sizeof(ss); - int sock_multi; - int szi = sizeof(int); - - memset(&dv, 0, sizeof(dv)); - - if (getsysv(&sysv, sizeof(struct sysv)) != 0) - fatalperror(net, "getsysv"); - - /* - * Get socket security label and set device values - * {security label to be set on ttyp device} - */ -#ifdef SO_SEC_MULTI /* 8.0 code */ - if ((getsockopt(0, SOL_SOCKET, SO_SECURITY, - (void *)&ss, &szss) < 0) || - (getsockopt(0, SOL_SOCKET, SO_SEC_MULTI, - (void *)&sock_multi, &szi) < 0)) - fatalperror(net, "getsockopt"); - else { - dv.dv_actlvl = ss.ss_actlabel.lt_level; - dv.dv_actcmp = ss.ss_actlabel.lt_compart; - if (!sock_multi) { - dv.dv_minlvl = dv.dv_maxlvl = dv.dv_actlvl; - dv.dv_valcmp = dv.dv_actcmp; - } else { - dv.dv_minlvl = ss.ss_minlabel.lt_level; - dv.dv_maxlvl = ss.ss_maxlabel.lt_level; - dv.dv_valcmp = ss.ss_maxlabel.lt_compart; - } - dv.dv_devflg = 0; - } -#else /* SO_SEC_MULTI */ /* 7.0 code */ - if (getsockopt(0, SOL_SOCKET, SO_SECURITY, - (void *)&ss, &szss) >= 0) { - dv.dv_actlvl = ss.ss_slevel; - dv.dv_actcmp = ss.ss_compart; - dv.dv_minlvl = ss.ss_minlvl; - dv.dv_maxlvl = ss.ss_maxlvl; - dv.dv_valcmp = ss.ss_maxcmp; - } -#endif /* SO_SEC_MULTI */ - } -#endif /* _SC_CRAY_SECURE_SYS */ - - roken_openlog("telnetd", LOG_PID | LOG_ODELAY, LOG_DAEMON); - sa_size = sizeof (__ss); - if (getpeername(STDIN_FILENO, sa, &sa_size) < 0) { - fprintf(stderr, "%s: ", progname); - perror("getpeername"); - _exit(1); - } - if (keepalive && - setsockopt(STDIN_FILENO, SOL_SOCKET, SO_KEEPALIVE, - (void *)&on, sizeof (on)) < 0) { - syslog(LOG_WARNING, "setsockopt (SO_KEEPALIVE): %m"); - } - -#if defined(IPPROTO_IP) && defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - { -# ifdef HAVE_GETTOSBYNAME - struct tosent *tp; - if (tos < 0 && (tp = gettosbyname("telnet", "tcp"))) - tos = tp->t_tos; -# endif - if (tos < 0) - tos = 020; /* Low Delay bit */ - if (tos - && sa->sa_family == AF_INET - && (setsockopt(STDIN_FILENO, IPPROTO_IP, IP_TOS, - (void *)&tos, sizeof(tos)) < 0) - && (errno != ENOPROTOOPT) ) - syslog(LOG_WARNING, "setsockopt (IP_TOS): %m"); - } -#endif /* defined(IPPROTO_IP) && defined(IP_TOS) */ - net = STDIN_FILENO; - doit(sa, sa_size); - /* NOTREACHED */ - return 0; -} /* end of main */ - -static void -usage(void) -{ - fprintf(stderr, "Usage: telnetd"); -#ifdef AUTHENTICATION - fprintf(stderr, " [-a (debug|other|otp|user|valid|off|none)]\n\t"); -#endif - fprintf(stderr, " [-debug]"); -#ifdef DIAGNOSTICS - fprintf(stderr, " [-D (options|report|exercise|netdata|ptydata)]\n\t"); -#endif -#ifdef AUTHENTICATION - fprintf(stderr, " [-edebug]"); -#endif - fprintf(stderr, " [-h]"); - fprintf(stderr, " [-L login]"); - fprintf(stderr, " [-n]"); -#ifdef _CRAY - fprintf(stderr, " [-r[lowpty]-[highpty]]"); -#endif - fprintf(stderr, "\n\t"); -#ifdef HAVE_GETTOSBYNAME - fprintf(stderr, " [-S tos]"); -#endif -#ifdef AUTHENTICATION - fprintf(stderr, " [-X auth-type] [-y] [-z]"); -#endif - fprintf(stderr, " [-u utmp_hostname_length] [-U]"); - fprintf(stderr, " [port]\n"); - exit(1); -} - -/* - * getterminaltype - * - * Ask the other end to send along its terminal type and speed. - * Output is the variable terminaltype filled in. - */ -static unsigned char ttytype_sbbuf[] = { - IAC, SB, TELOPT_TTYPE, TELQUAL_SEND, IAC, SE -}; - -int -getterminaltype(char *name, size_t name_sz) -{ - int retval = -1; - void _gettermname(); - - settimer(baseline); -#ifdef AUTHENTICATION - /* - * Handle the Authentication option before we do anything else. - */ - send_do(TELOPT_AUTHENTICATION, 1); - while (his_will_wont_is_changing(TELOPT_AUTHENTICATION)) - ttloop(); - if (his_state_is_will(TELOPT_AUTHENTICATION)) { - retval = auth_wait(name, name_sz); - } -#endif - -#ifdef ENCRYPTION - send_will(TELOPT_ENCRYPT, 1); - send_do(TELOPT_ENCRYPT, 1); /* esc@magic.fi */ -#endif - send_do(TELOPT_TTYPE, 1); - send_do(TELOPT_TSPEED, 1); - send_do(TELOPT_XDISPLOC, 1); - send_do(TELOPT_NEW_ENVIRON, 1); - send_do(TELOPT_OLD_ENVIRON, 1); - while ( -#ifdef ENCRYPTION - his_do_dont_is_changing(TELOPT_ENCRYPT) || -#endif - his_will_wont_is_changing(TELOPT_TTYPE) || - his_will_wont_is_changing(TELOPT_TSPEED) || - his_will_wont_is_changing(TELOPT_XDISPLOC) || - his_will_wont_is_changing(TELOPT_NEW_ENVIRON) || - his_will_wont_is_changing(TELOPT_OLD_ENVIRON)) { - ttloop(); - } -#ifdef ENCRYPTION - /* - * Wait for the negotiation of what type of encryption we can - * send with. If autoencrypt is not set, this will just return. - */ - if (his_state_is_will(TELOPT_ENCRYPT)) { - encrypt_wait(); - } -#endif - if (his_state_is_will(TELOPT_TSPEED)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_TSPEED, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - if (his_state_is_will(TELOPT_XDISPLOC)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_XDISPLOC, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_NEW_ENVIRON, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - else if (his_state_is_will(TELOPT_OLD_ENVIRON)) { - static unsigned char sb[] = - { IAC, SB, TELOPT_OLD_ENVIRON, TELQUAL_SEND, IAC, SE }; - - telnet_net_write (sb, sizeof sb); - DIAG(TD_OPTIONS, printsub('>', sb + 2, sizeof sb - 2);); - } - if (his_state_is_will(TELOPT_TTYPE)) { - - telnet_net_write (ttytype_sbbuf, sizeof ttytype_sbbuf); - DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2, - sizeof ttytype_sbbuf - 2);); - } - if (his_state_is_will(TELOPT_TSPEED)) { - while (sequenceIs(tspeedsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_XDISPLOC)) { - while (sequenceIs(xdisplocsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_NEW_ENVIRON)) { - while (sequenceIs(environsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_OLD_ENVIRON)) { - while (sequenceIs(oenvironsubopt, baseline)) - ttloop(); - } - if (his_state_is_will(TELOPT_TTYPE)) { - char first[256], last[256]; - - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); - - /* - * If the other side has already disabled the option, then - * we have to just go with what we (might) have already gotten. - */ - if (his_state_is_will(TELOPT_TTYPE) && !terminaltypeok(terminaltype)) { - strlcpy(first, terminaltype, sizeof(first)); - for(;;) { - /* - * Save the unknown name, and request the next name. - */ - strlcpy(last, terminaltype, sizeof(last)); - _gettermname(); - if (terminaltypeok(terminaltype)) - break; - if ((strncmp(last, terminaltype, sizeof(last)) == 0) || - his_state_is_wont(TELOPT_TTYPE)) { - /* - * We've hit the end. If this is the same as - * the first name, just go with it. - */ - if (strncmp(first, terminaltype, sizeof(first)) == 0) - break; - /* - * Get the terminal name one more time, so that - * RFC1091 compliant telnets will cycle back to - * the start of the list. - */ - _gettermname(); - if (strncmp(first, terminaltype, sizeof(first)) != 0) - strcpy(terminaltype, first); - break; - } - } - } - } - return(retval); -} /* end of getterminaltype */ - -void -_gettermname() -{ - /* - * If the client turned off the option, - * we can't send another request, so we - * just return. - */ - if (his_state_is_wont(TELOPT_TTYPE)) - return; - settimer(baseline); - telnet_net_write (ttytype_sbbuf, sizeof ttytype_sbbuf); - DIAG(TD_OPTIONS, printsub('>', ttytype_sbbuf + 2, - sizeof ttytype_sbbuf - 2);); - while (sequenceIs(ttypesubopt, baseline)) - ttloop(); -} - -int -terminaltypeok(char *s) -{ - return 1; -} - - -char *hostname; -char host_name[MaxHostNameLen]; -char remote_host_name[MaxHostNameLen]; - -/* - * Get a pty, scan input lines. - */ -static void -doit(struct sockaddr *who, int who_len) -{ - char *host = NULL; - struct hostent *hp = NULL; - int level; - int ptynum; - char user_name[256]; - int error; - char host_addr[256]; - void *addr; - int addr_sz; - const char *tmp; - int af; - - /* - * Find an available pty to use. - */ - ourpty = getpty(&ptynum); - if (ourpty < 0) - fatal(net, "All network ports in use"); - -#ifdef _SC_CRAY_SECURE_SYS - /* - * set ttyp line security label - */ - if (secflag) { - char slave_dev[16]; - - snprintf(tty_dev, sizeof(tty_dev), "/dev/pty/%03d", ptynum); - if (setdevs(tty_dev, &dv) < 0) - fatal(net, "cannot set pty security"); - snprintf(slave_dev, sizeof(slave_dev), "/dev/ttyp%03d", ptynum); - if (setdevs(slave_dev, &dv) < 0) - fatal(net, "cannot set tty security"); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - af = who->sa_family; - switch (af) { - case AF_INET : { - struct sockaddr_in *sin = (struct sockaddr_in *)who; - - addr = &sin->sin_addr; - addr_sz = sizeof(sin->sin_addr); - break; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)who; - - addr = &sin6->sin6_addr; - addr_sz = sizeof(sin6->sin6_addr); - break; - } -#endif - default : - fatal (net, "Unknown address family\r\n"); - break; - } - - hp = getipnodebyaddr (addr, addr_sz, af, &error); - - if (hp == NULL && registerd_host_only) { - fatal(net, "Couldn't resolve your address into a host name.\r\n\ -Please contact your net administrator"); - } else if (hp != NULL) { - host = hp->h_name; - } - - tmp = inet_ntop(af, addr, host_addr, sizeof(host_addr)); - if (tmp == NULL) - strlcpy (host_addr, "unknown address", sizeof(host_addr)); - - if (host == NULL) - host = host_addr; - - /* - * We must make a copy because Kerberos is probably going - * to also do a gethost* and overwrite the static data... - */ - strlcpy(remote_host_name, host, sizeof(remote_host_name)); - if (hp != NULL) - freehostent (hp); - host = remote_host_name; - - /* XXX - should be k_gethostname? */ - gethostname(host_name, sizeof (host_name)); - hostname = host_name; - - /* Only trim if too long (and possible) */ - if (strlen(remote_host_name) > abs(utmp_len)) { - char *domain = strchr(host_name, '.'); - char *p = strchr(remote_host_name, '.'); - if (domain && p && (strcmp(p, domain) == 0)) - *p = 0; /* remove domain part */ - } - - - /* - * If hostname still doesn't fit utmp, use ipaddr. - */ - if (strlen(remote_host_name) > abs(utmp_len)) - strlcpy(remote_host_name, - host_addr, - sizeof(remote_host_name)); - -#ifdef AUTHENTICATION - auth_encrypt_init(hostname, host, "TELNETD", 1); -#endif - - init_env(); - /* - * get terminal type. - */ - *user_name = 0; - level = getterminaltype(user_name, sizeof(user_name)); - setenv("TERM", terminaltype ? terminaltype : "network", 1); - -#ifdef _SC_CRAY_SECURE_SYS - if (secflag) { - if (setulvl(dv.dv_actlvl) < 0) - fatal(net,"cannot setulvl()"); - if (setucmp(dv.dv_actcmp) < 0) - fatal(net, "cannot setucmp()"); - } -#endif /* _SC_CRAY_SECURE_SYS */ - - /* begin server processing */ - my_telnet(net, ourpty, host, level, user_name); - /*NOTREACHED*/ -} /* end of doit */ - -/* output contents of /etc/issue.net, or /etc/issue */ -static void -show_issue(void) -{ - FILE *f; - char buf[128]; - f = fopen("/etc/issue.net", "r"); - if(f == NULL) - f = fopen("/etc/issue", "r"); - if(f){ - while(fgets(buf, sizeof(buf)-2, f)){ - strcpy(buf + strcspn(buf, "\r\n"), "\r\n"); - writenet((unsigned char*)buf, strlen(buf)); - } - fclose(f); - } -} - -/* - * Main loop. Select from pty and network, and - * hand data to telnet receiver finite state machine. - */ -void -my_telnet(int f, int p, char *host, int level, char *autoname) -{ - int on = 1; - char *he; - char *IM; - int nfd; - int startslave_called = 0; - time_t timeout; - - /* - * Initialize the slc mapping table. - */ - get_slc_defaults(); - - /* - * Do some tests where it is desireable to wait for a response. - * Rather than doing them slowly, one at a time, do them all - * at once. - */ - if (my_state_is_wont(TELOPT_SGA)) - send_will(TELOPT_SGA, 1); - /* - * Is the client side a 4.2 (NOT 4.3) system? We need to know this - * because 4.2 clients are unable to deal with TCP urgent data. - * - * To find out, we send out a "DO ECHO". If the remote system - * answers "WILL ECHO" it is probably a 4.2 client, and we note - * that fact ("WILL ECHO" ==> that the client will echo what - * WE, the server, sends it; it does NOT mean that the client will - * echo the terminal input). - */ - send_do(TELOPT_ECHO, 1); - - /* - * Send along a couple of other options that we wish to negotiate. - */ - send_do(TELOPT_NAWS, 1); - send_will(TELOPT_STATUS, 1); - flowmode = 1; /* default flow control state */ - restartany = -1; /* uninitialized... */ - send_do(TELOPT_LFLOW, 1); - - /* - * Spin, waiting for a response from the DO ECHO. However, - * some REALLY DUMB telnets out there might not respond - * to the DO ECHO. So, we spin looking for NAWS, (most dumb - * telnets so far seem to respond with WONT for a DO that - * they don't understand...) because by the time we get the - * response, it will already have processed the DO ECHO. - * Kludge upon kludge. - */ - while (his_will_wont_is_changing(TELOPT_NAWS)) - ttloop(); - - /* - * But... - * The client might have sent a WILL NAWS as part of its - * startup code; if so, we'll be here before we get the - * response to the DO ECHO. We'll make the assumption - * that any implementation that understands about NAWS - * is a modern enough implementation that it will respond - * to our DO ECHO request; hence we'll do another spin - * waiting for the ECHO option to settle down, which is - * what we wanted to do in the first place... - */ - if (his_want_state_is_will(TELOPT_ECHO) && - his_state_is_will(TELOPT_NAWS)) { - while (his_will_wont_is_changing(TELOPT_ECHO)) - ttloop(); - } - /* - * On the off chance that the telnet client is broken and does not - * respond to the DO ECHO we sent, (after all, we did send the - * DO NAWS negotiation after the DO ECHO, and we won't get here - * until a response to the DO NAWS comes back) simulate the - * receipt of a will echo. This will also send a WONT ECHO - * to the client, since we assume that the client failed to - * respond because it believes that it is already in DO ECHO - * mode, which we do not want. - */ - if (his_want_state_is_will(TELOPT_ECHO)) { - DIAG(TD_OPTIONS, - {output_data("td: simulating recv\r\n"); - }); - willoption(TELOPT_ECHO); - } - - /* - * Finally, to clean things up, we turn on our echo. This - * will break stupid 4.2 telnets out of local terminal echo. - */ - - if (my_state_is_wont(TELOPT_ECHO)) - send_will(TELOPT_ECHO, 1); - -#ifdef TIOCPKT -#ifdef STREAMSPTY - if (!really_stream) -#endif - /* - * Turn on packet mode - */ - ioctl(p, TIOCPKT, (char *)&on); -#endif - - - /* - * Call telrcv() once to pick up anything received during - * terminal type negotiation, 4.2/4.3 determination, and - * linemode negotiation. - */ - telrcv(); - - ioctl(f, FIONBIO, (char *)&on); - ioctl(p, FIONBIO, (char *)&on); - -#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT) - setsockopt(net, SOL_SOCKET, SO_OOBINLINE, - (void *)&on, sizeof on); -#endif /* defined(SO_OOBINLINE) */ - -#ifdef SIGTSTP - signal(SIGTSTP, SIG_IGN); -#endif -#ifdef SIGTTOU - /* - * Ignoring SIGTTOU keeps the kernel from blocking us - * in ttioct() in /sys/tty.c. - */ - signal(SIGTTOU, SIG_IGN); -#endif - - signal(SIGCHLD, cleanup); - -#ifdef TIOCNOTTY - { - int t; - t = open(_PATH_TTY, O_RDWR); - if (t >= 0) { - ioctl(t, TIOCNOTTY, (char *)0); - close(t); - } - } -#endif - - show_issue(); - /* - * Show banner that getty never gave. - * - * We put the banner in the pty input buffer. This way, it - * gets carriage return null processing, etc., just like all - * other pty --> client data. - */ - - if (getenv("USER")) - hostinfo = 0; - - IM = DEFAULT_IM; - he = 0; - edithost(he, host_name); - if (hostinfo && *IM) - putf(IM, ptyibuf2); - - if (pcc) - strncat(ptyibuf2, ptyip, pcc+1); - ptyip = ptyibuf2; - pcc = strlen(ptyip); - - DIAG(TD_REPORT, { - output_data("td: Entering processing loop\r\n"); - }); - - - nfd = ((f > p) ? f : p) + 1; - timeout = time(NULL) + 5; - for (;;) { - fd_set ibits, obits, xbits; - int c; - - /* wait for encryption to be turned on, but don't wait - indefinitely */ - if(!startslave_called && (!encrypt_delay() || timeout > time(NULL))){ - startslave_called = 1; - startslave(host, level, autoname); - } - - if (ncc < 0 && pcc < 0) - break; - - FD_ZERO(&ibits); - FD_ZERO(&obits); - FD_ZERO(&xbits); - - if (f >= FD_SETSIZE - || p >= FD_SETSIZE) - fatal(net, "fd too large"); - - /* - * Never look for input if there's still - * stuff in the corresponding output buffer - */ - if (nfrontp - nbackp || pcc > 0) { - FD_SET(f, &obits); - } else { - FD_SET(p, &ibits); - } - if (pfrontp - pbackp || ncc > 0) { - FD_SET(p, &obits); - } else { - FD_SET(f, &ibits); - } - if (!SYNCHing) { - FD_SET(f, &xbits); - } - if ((c = select(nfd, &ibits, &obits, &xbits, - (struct timeval *)0)) < 1) { - if (c == -1) { - if (errno == EINTR) { - continue; - } - } - sleep(5); - continue; - } - - /* - * Any urgent data? - */ - if (FD_ISSET(net, &xbits)) { - SYNCHing = 1; - } - - /* - * Something to read from the network... - */ - if (FD_ISSET(net, &ibits)) { -#ifndef SO_OOBINLINE - /* - * In 4.2 (and 4.3 beta) systems, the - * OOB indication and data handling in the kernel - * is such that if two separate TCP Urgent requests - * come in, one byte of TCP data will be overlaid. - * This is fatal for Telnet, but we try to live - * with it. - * - * In addition, in 4.2 (and...), a special protocol - * is needed to pick up the TCP Urgent data in - * the correct sequence. - * - * What we do is: if we think we are in urgent - * mode, we look to see if we are "at the mark". - * If we are, we do an OOB receive. If we run - * this twice, we will do the OOB receive twice, - * but the second will fail, since the second - * time we were "at the mark", but there wasn't - * any data there (the kernel doesn't reset - * "at the mark" until we do a normal read). - * Once we've read the OOB data, we go ahead - * and do normal reads. - * - * There is also another problem, which is that - * since the OOB byte we read doesn't put us - * out of OOB state, and since that byte is most - * likely the TELNET DM (data mark), we would - * stay in the TELNET SYNCH (SYNCHing) state. - * So, clocks to the rescue. If we've "just" - * received a DM, then we test for the - * presence of OOB data when the receive OOB - * fails (and AFTER we did the normal mode read - * to clear "at the mark"). - */ - if (SYNCHing) { - int atmark; - - ioctl(net, SIOCATMARK, (char *)&atmark); - if (atmark) { - ncc = recv(net, netibuf, sizeof (netibuf), MSG_OOB); - if ((ncc == -1) && (errno == EINVAL)) { - ncc = read(net, netibuf, sizeof (netibuf)); - if (sequenceIs(didnetreceive, gotDM)) { - SYNCHing = stilloob(net); - } - } - } else { - ncc = read(net, netibuf, sizeof (netibuf)); - } - } else { - ncc = read(net, netibuf, sizeof (netibuf)); - } - settimer(didnetreceive); -#else /* !defined(SO_OOBINLINE)) */ - ncc = read(net, netibuf, sizeof (netibuf)); -#endif /* !defined(SO_OOBINLINE)) */ - if (ncc < 0 && errno == EWOULDBLOCK) - ncc = 0; - else { - if (ncc <= 0) { - break; - } - netip = netibuf; - } - DIAG((TD_REPORT | TD_NETDATA), { - output_data("td: netread %d chars\r\n", ncc); - }); - DIAG(TD_NETDATA, printdata("nd", netip, ncc)); - } - - /* - * Something to read from the pty... - */ - if (FD_ISSET(p, &ibits)) { -#ifdef STREAMSPTY - if (really_stream) - pcc = readstream(p, ptyibuf, BUFSIZ); - else -#endif - pcc = read(p, ptyibuf, BUFSIZ); - - /* - * On some systems, if we try to read something - * off the master side before the slave side is - * opened, we get EIO. - */ - if (pcc < 0 && (errno == EWOULDBLOCK || -#ifdef EAGAIN - errno == EAGAIN || -#endif - errno == EIO)) { - pcc = 0; - } else { - if (pcc <= 0) - break; - if (ptyibuf[0] & TIOCPKT_FLUSHWRITE) { - netclear(); /* clear buffer back */ -#ifndef NO_URGENT - /* - * There are client telnets on some - * operating systems get screwed up - * royally if we send them urgent - * mode data. - */ - output_data ("%c%c", IAC, DM); - - neturg = nfrontp-1; /* off by one XXX */ - DIAG(TD_OPTIONS, - printoption("td: send IAC", DM)); - -#endif - } - if (his_state_is_will(TELOPT_LFLOW) && - (ptyibuf[0] & - (TIOCPKT_NOSTOP|TIOCPKT_DOSTOP))) { - int newflow = - ptyibuf[0] & TIOCPKT_DOSTOP ? 1 : 0; - if (newflow != flowmode) { - flowmode = newflow; - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON - : LFLOW_OFF, - IAC, SE); - DIAG(TD_OPTIONS, printsub('>', - (unsigned char *)nfrontp-4, - 4);); - } - } - pcc--; - ptyip = ptyibuf+1; - } - } - - while (pcc > 0) { - if ((&netobuf[BUFSIZ] - nfrontp) < 3) - break; - c = *ptyip++ & 0377, pcc--; - if (c == IAC) - *nfrontp++ = c; - *nfrontp++ = c; - if ((c == '\r') && (my_state_is_wont(TELOPT_BINARY))) { - if (pcc > 0 && ((*ptyip & 0377) == '\n')) { - *nfrontp++ = *ptyip++ & 0377; - pcc--; - } else - *nfrontp++ = '\0'; - } - } - - if (FD_ISSET(f, &obits) && (nfrontp - nbackp) > 0) - netflush(); - if (ncc > 0) - telrcv(); - if (FD_ISSET(p, &obits) && (pfrontp - pbackp) > 0) - ptyflush(); - } - cleanup(0); -} - -#ifndef TCSIG -# ifdef TIOCSIG -# define TCSIG TIOCSIG -# endif -#endif - -#ifdef STREAMSPTY - - int flowison = -1; /* current state of flow: -1 is unknown */ - -int -readstream(int p, char *ibuf, int bufsize) -{ - int flags = 0; - int ret = 0; - struct termios *tsp; -#if 0 - struct termio *tp; -#endif - struct iocblk *ip; - char vstop, vstart; - int ixon; - int newflow; - - strbufc.maxlen = BUFSIZ; - strbufc.buf = (char *)ctlbuf; - strbufd.maxlen = bufsize-1; - strbufd.len = 0; - strbufd.buf = ibuf+1; - ibuf[0] = 0; - - ret = getmsg(p, &strbufc, &strbufd, &flags); - if (ret < 0) /* error of some sort -- probably EAGAIN */ - return(-1); - - if (strbufc.len <= 0 || ctlbuf[0] == M_DATA) { - /* data message */ - if (strbufd.len > 0) { /* real data */ - return(strbufd.len + 1); /* count header char */ - } else { - /* nothing there */ - errno = EAGAIN; - return(-1); - } - } - - /* - * It's a control message. Return 1, to look at the flag we set - */ - - switch (ctlbuf[0]) { - case M_FLUSH: - if (ibuf[1] & FLUSHW) - ibuf[0] = TIOCPKT_FLUSHWRITE; - return(1); - - case M_IOCTL: - ip = (struct iocblk *) (ibuf+1); - - switch (ip->ioc_cmd) { -#ifdef TCSETS - case TCSETS: - case TCSETSW: - case TCSETSF: - tsp = (struct termios *) - (ibuf+1 + sizeof(struct iocblk)); - vstop = tsp->c_cc[VSTOP]; - vstart = tsp->c_cc[VSTART]; - ixon = tsp->c_iflag & IXON; - break; -#endif -#if 0 - case TCSETA: - case TCSETAW: - case TCSETAF: - tp = (struct termio *) (ibuf+1 + sizeof(struct iocblk)); - vstop = tp->c_cc[VSTOP]; - vstart = tp->c_cc[VSTART]; - ixon = tp->c_iflag & IXON; - break; -#endif - default: - errno = EAGAIN; - return(-1); - } - - newflow = (ixon && (vstart == 021) && (vstop == 023)) ? 1 : 0; - if (newflow != flowison) { /* it's a change */ - flowison = newflow; - ibuf[0] = newflow ? TIOCPKT_DOSTOP : TIOCPKT_NOSTOP; - return(1); - } - } - - /* nothing worth doing anything about */ - errno = EAGAIN; - return(-1); -} -#endif /* STREAMSPTY */ - -/* - * Send interrupt to process on other side of pty. - * If it is in raw mode, just write NULL; - * otherwise, write intr char. - */ -void -interrupt() -{ - ptyflush(); /* half-hearted */ - -#if defined(STREAMSPTY) && defined(TIOCSIGNAL) - /* Streams PTY style ioctl to post a signal */ - if (really_stream) - { - int sig = SIGINT; - ioctl(ourpty, TIOCSIGNAL, &sig); - ioctl(ourpty, I_FLUSH, FLUSHR); - } -#else -#ifdef TCSIG - ioctl(ourpty, TCSIG, (char *)SIGINT); -#else /* TCSIG */ - init_termbuf(); - *pfrontp++ = slctab[SLC_IP].sptr ? - (unsigned char)*slctab[SLC_IP].sptr : '\177'; -#endif /* TCSIG */ -#endif -} - -/* - * Send quit to process on other side of pty. - * If it is in raw mode, just write NULL; - * otherwise, write quit char. - */ -void -sendbrk() -{ - ptyflush(); /* half-hearted */ -#ifdef TCSIG - ioctl(ourpty, TCSIG, (char *)SIGQUIT); -#else /* TCSIG */ - init_termbuf(); - *pfrontp++ = slctab[SLC_ABORT].sptr ? - (unsigned char)*slctab[SLC_ABORT].sptr : '\034'; -#endif /* TCSIG */ -} - -void -sendsusp() -{ -#ifdef SIGTSTP - ptyflush(); /* half-hearted */ -# ifdef TCSIG - ioctl(ourpty, TCSIG, (char *)SIGTSTP); -# else /* TCSIG */ - *pfrontp++ = slctab[SLC_SUSP].sptr ? - (unsigned char)*slctab[SLC_SUSP].sptr : '\032'; -# endif /* TCSIG */ -#endif /* SIGTSTP */ -} - -/* - * When we get an AYT, if ^T is enabled, use that. Otherwise, - * just send back "[Yes]". - */ -void -recv_ayt() -{ -#if defined(SIGINFO) && defined(TCSIG) - if (slctab[SLC_AYT].sptr && *slctab[SLC_AYT].sptr != _POSIX_VDISABLE) { - ioctl(ourpty, TCSIG, (char *)SIGINFO); - return; - } -#endif - output_data("\r\n[Yes]\r\n"); -} - -void -doeof() -{ - init_termbuf(); - - *pfrontp++ = slctab[SLC_EOF].sptr ? - (unsigned char)*slctab[SLC_EOF].sptr : '\004'; -} diff --git a/crypto/kerberosIV/appl/telnet/telnetd/telnetd.h b/crypto/kerberosIV/appl/telnet/telnetd/telnetd.h deleted file mode 100644 index 955ca1a1453b..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/telnetd.h +++ /dev/null @@ -1,226 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)telnetd.h 8.1 (Berkeley) 6/4/93 - */ -/* $FreeBSD$ */ - - -#include - -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif - -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif /* HAVE_SYS_RESOURCE_H */ - -#ifdef HAVE_SYS_WAIT_H -#include -#endif - -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif - -/* including both and in SunOS 4 generates a - lot of warnings */ - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif - -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#include -#include -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_SYSLOG_H -#include -#endif -#include - -#ifdef HAVE_UNISTD_H -#include -#endif - -#include - -#ifdef HAVE_PTY_H -#include -#endif - -#include "defs.h" - -#ifndef _POSIX_VDISABLE -# ifdef VDISABLE -# define _POSIX_VDISABLE VDISABLE -# else -# define _POSIX_VDISABLE ((unsigned char)'\377') -# endif -#endif - - -#ifdef HAVE_SYS_PTY_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif - -#ifdef HAVE_SYS_PTYIO_H -#include -#endif - -#ifdef HAVE_SYS_UTSNAME_H -#include -#endif - -#ifdef HAVE_PATHS_H -#include -#endif - -#ifdef HAVE_ARPA_TELNET_H -#include -#endif - -#include "ext.h" - -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#ifdef KRB4 -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include -#endif - -#ifdef AUTHENTICATION -#include -#include -#ifdef ENCRYPTION -#include -#endif -#endif - -#ifdef HAVE_LIBUTIL_H -#include -#endif - -#include - -/* Don't use the system login, use our version instead */ - -/* BINDIR should be defined somewhere else... */ - -#ifndef BINDIR -#define BINDIR "/usr/athena/bin" -#endif - -#undef _PATH_LOGIN -#define _PATH_LOGIN BINDIR "/login" - -/* fallbacks */ - -#ifndef _PATH_DEV -#define _PATH_DEV "/dev/" -#endif - -#ifndef _PATH_TTY -#define _PATH_TTY "/dev/tty" -#endif /* _PATH_TTY */ - -#ifdef DIAGNOSTICS -#define DIAG(a,b) if (diagnostic & (a)) b -#else -#define DIAG(a,b) -#endif - -/* other external variables */ -extern char **environ; - -/* prototypes */ - -/* appends data to nfrontp and advances */ -int output_data (const char *format, ...) -#ifdef __GNUC__ -__attribute__ ((format (printf, 1, 2))) -#endif -; diff --git a/crypto/kerberosIV/appl/telnet/telnetd/termstat.c b/crypto/kerberosIV/appl/telnet/telnetd/termstat.c deleted file mode 100644 index 80ee145e7018..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/termstat.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "telnetd.h" - -RCSID("$Id: termstat.c,v 1.11 1997/05/11 06:30:04 assar Exp $"); - -/* - * local variables - */ -int def_tspeed = -1, def_rspeed = -1; -#ifdef TIOCSWINSZ -int def_row = 0, def_col = 0; -#endif - -/* - * flowstat - * - * Check for changes to flow control - */ -void -flowstat() -{ - if (his_state_is_will(TELOPT_LFLOW)) { - if (tty_flowmode() != flowmode) { - flowmode = tty_flowmode(); - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - flowmode ? LFLOW_ON : LFLOW_OFF, - IAC, SE); - } - if (tty_restartany() != restartany) { - restartany = tty_restartany(); - output_data("%c%c%c%c%c%c", - IAC, SB, TELOPT_LFLOW, - restartany ? LFLOW_RESTART_ANY - : LFLOW_RESTART_XON, - IAC, SE); - } - } -} - -/* - * clientstat - * - * Process linemode related requests from the client. - * Client can request a change to only one of linemode, editmode or slc's - * at a time, and if using kludge linemode, then only linemode may be - * affected. - */ -void -clientstat(int code, int parm1, int parm2) -{ - void netflush(); - - /* - * Get a copy of terminal characteristics. - */ - init_termbuf(); - - /* - * Process request from client. code tells what it is. - */ - switch (code) { - case TELOPT_NAWS: -#ifdef TIOCSWINSZ - { - struct winsize ws; - - def_col = parm1; - def_row = parm2; - - /* - * Change window size as requested by client. - */ - - ws.ws_col = parm1; - ws.ws_row = parm2; - ioctl(ourpty, TIOCSWINSZ, (char *)&ws); - } -#endif /* TIOCSWINSZ */ - - break; - - case TELOPT_TSPEED: - { - def_tspeed = parm1; - def_rspeed = parm2; - /* - * Change terminal speed as requested by client. - * We set the receive speed first, so that if we can't - * store seperate receive and transmit speeds, the transmit - * speed will take precedence. - */ - tty_rspeed(parm2); - tty_tspeed(parm1); - set_termbuf(); - - break; - - } /* end of case TELOPT_TSPEED */ - - default: - /* What? */ - break; - } /* end of switch */ - - netflush(); - -} diff --git a/crypto/kerberosIV/appl/telnet/telnetd/utility.c b/crypto/kerberosIV/appl/telnet/telnetd/utility.c deleted file mode 100644 index ff5192e06d4e..000000000000 --- a/crypto/kerberosIV/appl/telnet/telnetd/utility.c +++ /dev/null @@ -1,1165 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#define PRINTOPTIONS -#include "telnetd.h" - -RCSID("$Id: utility.c,v 1.22.2.1 2000/10/10 13:12:34 assar Exp $"); - -/* - * utility functions performing io related tasks - */ - -/* - * ttloop - * - * A small subroutine to flush the network output buffer, get some - * data from the network, and pass it through the telnet state - * machine. We also flush the pty input buffer (by dropping its data) - * if it becomes too full. - * - * return 0 if OK or 1 if interrupted by a signal. - */ - -int -ttloop(void) -{ - void netflush(void); - - DIAG(TD_REPORT, { - output_data("td: ttloop\r\n"); - }); - if (nfrontp-nbackp) - netflush(); - ncc = read(net, netibuf, sizeof netibuf); - if (ncc < 0) { - if (errno == EINTR) - return 1; - syslog(LOG_INFO, "ttloop: read: %m\n"); - exit(1); - } else if (ncc == 0) { - syslog(LOG_INFO, "ttloop: peer died\n"); - exit(1); - } - DIAG(TD_REPORT, { - output_data("td: ttloop read %d chars\r\n", ncc); - }); - netip = netibuf; - telrcv(); /* state machine */ - if (ncc > 0) { - pfrontp = pbackp = ptyobuf; - telrcv(); - } - return 0; -} /* end of ttloop */ - -/* - * Check a descriptor to see if out of band data exists on it. - */ -int -stilloob(int s) -{ - static struct timeval timeout = { 0 }; - fd_set excepts; - int value; - - if (s >= FD_SETSIZE) - fatal(ourpty, "fd too large"); - - do { - FD_ZERO(&excepts); - FD_SET(s, &excepts); - value = select(s+1, 0, 0, &excepts, &timeout); - } while ((value == -1) && (errno == EINTR)); - - if (value < 0) { - fatalperror(ourpty, "select"); - } - if (FD_ISSET(s, &excepts)) { - return 1; - } else { - return 0; - } -} - -void -ptyflush(void) -{ - int n; - - if ((n = pfrontp - pbackp) > 0) { - DIAG((TD_REPORT | TD_PTYDATA), { - output_data("td: ptyflush %d chars\r\n", n); - }); - DIAG(TD_PTYDATA, printdata("pd", pbackp, n)); - n = write(ourpty, pbackp, n); - } - if (n < 0) { - if (errno == EWOULDBLOCK || errno == EINTR) - return; - cleanup(0); - } - pbackp += n; - if (pbackp == pfrontp) - pbackp = pfrontp = ptyobuf; -} - -/* - * nextitem() - * - * Return the address of the next "item" in the TELNET data - * stream. This will be the address of the next character if - * the current address is a user data character, or it will - * be the address of the character following the TELNET command - * if the current address is a TELNET IAC ("I Am a Command") - * character. - */ -char * -nextitem(char *current) -{ - if ((*current&0xff) != IAC) { - return current+1; - } - switch (*(current+1)&0xff) { - case DO: - case DONT: - case WILL: - case WONT: - return current+3; - case SB:{ - /* loop forever looking for the SE */ - char *look = current+2; - - for (;;) { - if ((*look++&0xff) == IAC) { - if ((*look++&0xff) == SE) { - return look; - } - } - } - } - default: - return current+2; - } -} - - -/* - * netclear() - * - * We are about to do a TELNET SYNCH operation. Clear - * the path to the network. - * - * Things are a bit tricky since we may have sent the first - * byte or so of a previous TELNET command into the network. - * So, we have to scan the network buffer from the beginning - * until we are up to where we want to be. - * - * A side effect of what we do, just to keep things - * simple, is to clear the urgent data pointer. The principal - * caller should be setting the urgent data pointer AFTER calling - * us in any case. - */ -void -netclear(void) -{ - char *thisitem, *next; - char *good; -#define wewant(p) ((nfrontp > p) && ((*p&0xff) == IAC) && \ - ((*(p+1)&0xff) != EC) && ((*(p+1)&0xff) != EL)) - -#ifdef ENCRYPTION - thisitem = nclearto > netobuf ? nclearto : netobuf; -#else - thisitem = netobuf; -#endif - - while ((next = nextitem(thisitem)) <= nbackp) { - thisitem = next; - } - - /* Now, thisitem is first before/at boundary. */ - -#ifdef ENCRYPTION - good = nclearto > netobuf ? nclearto : netobuf; -#else - good = netobuf; /* where the good bytes go */ -#endif - - while (nfrontp > thisitem) { - if (wewant(thisitem)) { - int length; - - next = thisitem; - do { - next = nextitem(next); - } while (wewant(next) && (nfrontp > next)); - length = next-thisitem; - memmove(good, thisitem, length); - good += length; - thisitem = next; - } else { - thisitem = nextitem(thisitem); - } - } - - nbackp = netobuf; - nfrontp = good; /* next byte to be sent */ - neturg = 0; -} /* end of netclear */ - -/* - * netflush - * Send as much data as possible to the network, - * handling requests for urgent data. - */ -void -netflush(void) -{ - int n; - extern int not42; - - if ((n = nfrontp - nbackp) > 0) { - DIAG(TD_REPORT, - { n += output_data("td: netflush %d chars\r\n", n); - }); -#ifdef ENCRYPTION - if (encrypt_output) { - char *s = nclearto ? nclearto : nbackp; - if (nfrontp - s > 0) { - (*encrypt_output)((unsigned char *)s, nfrontp-s); - nclearto = nfrontp; - } - } -#endif - /* - * if no urgent data, or if the other side appears to be an - * old 4.2 client (and thus unable to survive TCP urgent data), - * write the entire buffer in non-OOB mode. - */ -#if 1 /* remove this to make it work between solaris 2.6 and linux */ - if ((neturg == 0) || (not42 == 0)) { -#endif - n = write(net, nbackp, n); /* normal write */ -#if 1 /* remove this to make it work between solaris 2.6 and linux */ - } else { - n = neturg - nbackp; - /* - * In 4.2 (and 4.3) systems, there is some question about - * what byte in a sendOOB operation is the "OOB" data. - * To make ourselves compatible, we only send ONE byte - * out of band, the one WE THINK should be OOB (though - * we really have more the TCP philosophy of urgent data - * rather than the Unix philosophy of OOB data). - */ - if (n > 1) { - n = send(net, nbackp, n-1, 0); /* send URGENT all by itself */ - } else { - n = send(net, nbackp, n, MSG_OOB); /* URGENT data */ - } - } -#endif - } - if (n < 0) { - if (errno == EWOULDBLOCK || errno == EINTR) - return; - cleanup(0); - } - nbackp += n; -#ifdef ENCRYPTION - if (nbackp > nclearto) - nclearto = 0; -#endif - if (nbackp >= neturg) { - neturg = 0; - } - if (nbackp == nfrontp) { - nbackp = nfrontp = netobuf; -#ifdef ENCRYPTION - nclearto = 0; -#endif - } - return; -} - - -/* - * writenet - * - * Just a handy little function to write a bit of raw data to the net. - * It will force a transmit of the buffer if necessary - * - * arguments - * ptr - A pointer to a character string to write - * len - How many bytes to write - */ -void -writenet(unsigned char *ptr, int len) -{ - /* flush buffer if no room for new data) */ - while ((&netobuf[BUFSIZ] - nfrontp) < len) { - /* if this fails, don't worry, buffer is a little big */ - netflush(); - } - - memmove(nfrontp, ptr, len); - nfrontp += len; -} - - -/* - * miscellaneous functions doing a variety of little jobs follow ... - */ - - -void fatal(int f, char *msg) -{ - char buf[BUFSIZ]; - - snprintf(buf, sizeof(buf), "telnetd: %s.\r\n", msg); -#ifdef ENCRYPTION - if (encrypt_output) { - /* - * Better turn off encryption first.... - * Hope it flushes... - */ - encrypt_send_end(); - netflush(); - } -#endif - write(f, buf, (int)strlen(buf)); - sleep(1); /*XXX*/ - exit(1); -} - -void -fatalperror(int f, const char *msg) -{ - char buf[BUFSIZ]; - - snprintf(buf, sizeof(buf), "%s: %s", msg, strerror(errno)); - fatal(f, buf); -} - -char editedhost[32]; - -void edithost(char *pat, char *host) -{ - char *res = editedhost; - - if (!pat) - pat = ""; - while (*pat) { - switch (*pat) { - - case '#': - if (*host) - host++; - break; - - case '@': - if (*host) - *res++ = *host++; - break; - - default: - *res++ = *pat; - break; - } - if (res == &editedhost[sizeof editedhost - 1]) { - *res = '\0'; - return; - } - pat++; - } - if (*host) - strlcpy (res, host, - sizeof editedhost - (res - editedhost)); - else - *res = '\0'; - editedhost[sizeof editedhost - 1] = '\0'; -} - -static char *putlocation; - -void -putstr(char *s) -{ - - while (*s) - putchr(*s++); -} - -void -putchr(int cc) -{ - *putlocation++ = cc; -} - -/* - * This is split on two lines so that SCCS will not see the M - * between two % signs and expand it... - */ -static char fmtstr[] = { "%l:%M" "%P on %A, %d %B %Y" }; - -void putf(char *cp, char *where) -{ -#ifdef HAVE_UNAME - struct utsname name; -#endif - char *slash; - time_t t; - char db[100]; - - /* if we don't have uname, set these to sensible values */ - char *sysname = "Unix", - *machine = "", - *release = "", - *version = ""; - -#ifdef HAVE_UNAME - uname(&name); - sysname=name.sysname; - machine=name.machine; - release=name.release; - version=name.version; -#endif - - putlocation = where; - - while (*cp) { - if (*cp != '%') { - putchr(*cp++); - continue; - } - switch (*++cp) { - - case 't': -#ifdef STREAMSPTY - /* names are like /dev/pts/2 -- we want pts/2 */ - slash = strchr(line+1, '/'); -#else - slash = strrchr(line, '/'); -#endif - if (slash == (char *) 0) - putstr(line); - else - putstr(&slash[1]); - break; - - case 'h': - putstr(editedhost); - break; - - case 's': - putstr(sysname); - break; - - case 'm': - putstr(machine); - break; - - case 'r': - putstr(release); - break; - - case 'v': - putstr(version); - break; - - case 'd': - time(&t); - strftime(db, sizeof(db), fmtstr, localtime(&t)); - putstr(db); - break; - - case '%': - putchr('%'); - break; - } - cp++; - } -} - -#ifdef DIAGNOSTICS -/* - * Print telnet options and commands in plain text, if possible. - */ -void -printoption(char *fmt, int option) -{ - if (TELOPT_OK(option)) - output_data("%s %s\r\n", - fmt, - TELOPT(option)); - else if (TELCMD_OK(option)) - output_data("%s %s\r\n", - fmt, - TELCMD(option)); - else - output_data("%s %d\r\n", - fmt, - option); - return; -} - -void -printsub(int direction, unsigned char *pointer, int length) - /* '<' or '>' */ - /* where suboption data sits */ - /* length of suboption data */ -{ - int i = 0; - unsigned char buf[512]; - - if (!(diagnostic & TD_OPTIONS)) - return; - - if (direction) { - output_data("td: %s suboption ", - direction == '<' ? "recv" : "send"); - if (length >= 3) { - int j; - - i = pointer[length-2]; - j = pointer[length-1]; - - if (i != IAC || j != SE) { - output_data("(terminated by "); - if (TELOPT_OK(i)) - output_data("%s ", - TELOPT(i)); - else if (TELCMD_OK(i)) - output_data("%s ", - TELCMD(i)); - else - output_data("%d ", - i); - if (TELOPT_OK(j)) - output_data("%s", - TELOPT(j)); - else if (TELCMD_OK(j)) - output_data("%s", - TELCMD(j)); - else - output_data("%d", - j); - output_data(", not IAC SE!) "); - } - } - length -= 2; - } - if (length < 1) { - output_data("(Empty suboption??\?)"); - return; - } - switch (pointer[0]) { - case TELOPT_TTYPE: - output_data("TERMINAL-TYPE "); - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS \"%.*s\"", - length-2, - (char *)pointer+2); - break; - case TELQUAL_SEND: - output_data("SEND"); - break; - default: - output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - case TELOPT_TSPEED: - output_data("TERMINAL-SPEED"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_IS: - output_data(" IS %.*s", length-2, (char *)pointer+2); - break; - default: - if (pointer[1] == 1) - output_data(" SEND"); - else - output_data(" %d (unknown)", pointer[1]); - for (i = 2; i < length; i++) { - output_data(" ?%d?", pointer[i]); - } - break; - } - break; - - case TELOPT_LFLOW: - output_data("TOGGLE-FLOW-CONTROL"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case LFLOW_OFF: - output_data(" OFF"); - break; - case LFLOW_ON: - output_data(" ON"); - break; - case LFLOW_RESTART_ANY: - output_data(" RESTART-ANY"); - break; - case LFLOW_RESTART_XON: - output_data(" RESTART-XON"); - break; - default: - output_data(" %d (unknown)", - pointer[1]); - } - for (i = 2; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - - case TELOPT_NAWS: - output_data("NAWS"); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - if (length == 2) { - output_data(" ?%d?", - pointer[1]); - break; - } - output_data(" %u %u(%u)", - pointer[1], - pointer[2], - (((unsigned int)pointer[1])<<8) + pointer[2]); - if (length == 4) { - output_data(" ?%d?", - pointer[3]); - break; - } - output_data(" %u %u(%u)", - pointer[3], - pointer[4], - (((unsigned int)pointer[3])<<8) + pointer[4]); - for (i = 5; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - - case TELOPT_LINEMODE: - output_data("LINEMODE "); - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case WILL: - output_data("WILL "); - goto common; - case WONT: - output_data("WONT "); - goto common; - case DO: - output_data("DO "); - goto common; - case DONT: - output_data("DONT "); - common: - if (length < 3) { - output_data("(no option??\?)"); - break; - } - switch (pointer[2]) { - case LM_FORWARDMASK: - output_data("Forward Mask"); - for (i = 3; i < length; i++) { - output_data(" %x", pointer[i]); - } - break; - default: - output_data("%d (unknown)", - pointer[2]); - for (i = 3; i < length; i++) { - output_data(" %d", - pointer[i]); - } - break; - } - break; - - case LM_SLC: - output_data("SLC"); - for (i = 2; i < length - 2; i += 3) { - if (SLC_NAME_OK(pointer[i+SLC_FUNC])) - output_data(" %s", - SLC_NAME(pointer[i+SLC_FUNC])); - else - output_data(" %d", - pointer[i+SLC_FUNC]); - switch (pointer[i+SLC_FLAGS]&SLC_LEVELBITS) { - case SLC_NOSUPPORT: - output_data(" NOSUPPORT"); - break; - case SLC_CANTCHANGE: - output_data(" CANTCHANGE"); - break; - case SLC_VARIABLE: - output_data(" VARIABLE"); - break; - case SLC_DEFAULT: - output_data(" DEFAULT"); - break; - } - output_data("%s%s%s", - pointer[i+SLC_FLAGS]&SLC_ACK ? "|ACK" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHIN ? "|FLUSHIN" : "", - pointer[i+SLC_FLAGS]&SLC_FLUSHOUT ? "|FLUSHOUT" : ""); - if (pointer[i+SLC_FLAGS]& ~(SLC_ACK|SLC_FLUSHIN| - SLC_FLUSHOUT| SLC_LEVELBITS)) { - output_data("(0x%x)", - pointer[i+SLC_FLAGS]); - } - output_data(" %d;", - pointer[i+SLC_VALUE]); - if ((pointer[i+SLC_VALUE] == IAC) && - (pointer[i+SLC_VALUE+1] == IAC)) - i++; - } - for (; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - - case LM_MODE: - output_data("MODE "); - if (length < 3) { - output_data("(no mode??\?)"); - break; - } - { - char tbuf[32]; - snprintf(tbuf, - sizeof(tbuf), - "%s%s%s%s%s", - pointer[2]&MODE_EDIT ? "|EDIT" : "", - pointer[2]&MODE_TRAPSIG ? "|TRAPSIG" : "", - pointer[2]&MODE_SOFT_TAB ? "|SOFT_TAB" : "", - pointer[2]&MODE_LIT_ECHO ? "|LIT_ECHO" : "", - pointer[2]&MODE_ACK ? "|ACK" : ""); - output_data("%s", - tbuf[1] ? &tbuf[1] : "0"); - } - if (pointer[2]&~(MODE_EDIT|MODE_TRAPSIG|MODE_ACK)) { - output_data(" (0x%x)", - pointer[2]); - } - for (i = 3; i < length; i++) { - output_data(" ?0x%x?", - pointer[i]); - } - break; - default: - output_data("%d (unknown)", - pointer[1]); - for (i = 2; i < length; i++) { - output_data(" %d", pointer[i]); - } - } - break; - - case TELOPT_STATUS: { - char *cp; - int j, k; - - output_data("STATUS"); - - switch (pointer[1]) { - default: - if (pointer[1] == TELQUAL_SEND) - output_data(" SEND"); - else - output_data(" %d (unknown)", - pointer[1]); - for (i = 2; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - case TELQUAL_IS: - output_data(" IS\r\n"); - - for (i = 2; i < length; i++) { - switch(pointer[i]) { - case DO: cp = "DO"; goto common2; - case DONT: cp = "DONT"; goto common2; - case WILL: cp = "WILL"; goto common2; - case WONT: cp = "WONT"; goto common2; - common2: - i++; - if (TELOPT_OK(pointer[i])) - output_data(" %s %s", - cp, - TELOPT(pointer[i])); - else - output_data(" %s %d", - cp, - pointer[i]); - - output_data("\r\n"); - break; - - case SB: - output_data(" SB "); - i++; - j = k = i; - while (j < length) { - if (pointer[j] == SE) { - if (j+1 == length) - break; - if (pointer[j+1] == SE) - j++; - else - break; - } - pointer[k++] = pointer[j++]; - } - printsub(0, &pointer[i], k - i); - if (i < length) { - output_data(" SE"); - i = j; - } else - i = j - 1; - - output_data("\r\n"); - - break; - - default: - output_data(" %d", - pointer[i]); - break; - } - } - break; - } - break; - } - - case TELOPT_XDISPLOC: - output_data("X-DISPLAY-LOCATION "); - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS \"%.*s\"", - length-2, - (char *)pointer+2); - break; - case TELQUAL_SEND: - output_data("SEND"); - break; - default: - output_data("- unknown qualifier %d (0x%x).", - pointer[1], pointer[1]); - } - break; - - case TELOPT_NEW_ENVIRON: - output_data("NEW-ENVIRON "); - goto env_common1; - case TELOPT_OLD_ENVIRON: - output_data("OLD-ENVIRON"); - env_common1: - switch (pointer[1]) { - case TELQUAL_IS: - output_data("IS "); - goto env_common; - case TELQUAL_SEND: - output_data("SEND "); - goto env_common; - case TELQUAL_INFO: - output_data("INFO "); - env_common: - { - int noquote = 2; - for (i = 2; i < length; i++ ) { - switch (pointer[i]) { - case NEW_ENV_VAR: - output_data("\" VAR " + noquote); - noquote = 2; - break; - - case NEW_ENV_VALUE: - output_data("\" VALUE " + noquote); - noquote = 2; - break; - - case ENV_ESC: - output_data("\" ESC " + noquote); - noquote = 2; - break; - - case ENV_USERVAR: - output_data("\" USERVAR " + noquote); - noquote = 2; - break; - - default: - if (isprint(pointer[i]) && pointer[i] != '"') { - if (noquote) { - output_data ("\""); - noquote = 0; - } - output_data ("%c", pointer[i]); - } else { - output_data("\" %03o " + noquote, - pointer[i]); - noquote = 2; - } - break; - } - } - if (!noquote) - output_data ("\""); - break; - } - } - break; - -#ifdef AUTHENTICATION - case TELOPT_AUTHENTICATION: - output_data("AUTHENTICATION"); - - if (length < 2) { - output_data(" (empty suboption??\?)"); - break; - } - switch (pointer[1]) { - case TELQUAL_REPLY: - case TELQUAL_IS: - output_data(" %s ", - (pointer[1] == TELQUAL_IS) ? - "IS" : "REPLY"); - if (AUTHTYPE_NAME_OK(pointer[2])) - output_data("%s ", - AUTHTYPE_NAME(pointer[2])); - else - output_data("%d ", - pointer[2]); - if (length < 3) { - output_data("(partial suboption??\?)"); - break; - } - output_data("%s|%s", - ((pointer[3] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[3] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - - auth_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - output_data("%s", - buf); - break; - - case TELQUAL_SEND: - i = 2; - output_data(" SEND "); - while (i < length) { - if (AUTHTYPE_NAME_OK(pointer[i])) - output_data("%s ", - AUTHTYPE_NAME(pointer[i])); - else - output_data("%d ", - pointer[i]); - if (++i >= length) { - output_data("(partial suboption??\?)"); - break; - } - output_data("%s|%s ", - ((pointer[i] & AUTH_WHO_MASK) == AUTH_WHO_CLIENT) ? - "CLIENT" : "SERVER", - ((pointer[i] & AUTH_HOW_MASK) == AUTH_HOW_MUTUAL) ? - "MUTUAL" : "ONE-WAY"); - ++i; - } - break; - - case TELQUAL_NAME: - i = 2; - output_data(" NAME \"%.*s\"", - length - 2, - pointer); - break; - - default: - for (i = 2; i < length; i++) { - output_data(" ?%d?", - pointer[i]); - } - break; - } - break; -#endif - -#ifdef ENCRYPTION - case TELOPT_ENCRYPT: - output_data("ENCRYPT"); - if (length < 2) { - output_data(" (empty suboption?)"); - break; - } - switch (pointer[1]) { - case ENCRYPT_START: - output_data(" START"); - break; - - case ENCRYPT_END: - output_data(" END"); - break; - - case ENCRYPT_REQSTART: - output_data(" REQUEST-START"); - break; - - case ENCRYPT_REQEND: - output_data(" REQUEST-END"); - break; - - case ENCRYPT_IS: - case ENCRYPT_REPLY: - output_data(" %s ", - (pointer[1] == ENCRYPT_IS) ? - "IS" : "REPLY"); - if (length < 3) { - output_data(" (partial suboption?)"); - break; - } - if (ENCTYPE_NAME_OK(pointer[2])) - output_data("%s ", - ENCTYPE_NAME(pointer[2])); - else - output_data(" %d (unknown)", - pointer[2]); - - encrypt_printsub(&pointer[1], length - 1, buf, sizeof(buf)); - output_data("%s", - buf); - break; - - case ENCRYPT_SUPPORT: - i = 2; - output_data(" SUPPORT "); - while (i < length) { - if (ENCTYPE_NAME_OK(pointer[i])) - output_data("%s ", - ENCTYPE_NAME(pointer[i])); - else - output_data("%d ", - pointer[i]); - i++; - } - break; - - case ENCRYPT_ENC_KEYID: - output_data(" ENC_KEYID %d", pointer[1]); - goto encommon; - - case ENCRYPT_DEC_KEYID: - output_data(" DEC_KEYID %d", pointer[1]); - goto encommon; - - default: - output_data(" %d (unknown)", pointer[1]); - encommon: - for (i = 2; i < length; i++) { - output_data(" %d", pointer[i]); - } - break; - } - break; -#endif - - default: - if (TELOPT_OK(pointer[0])) - output_data("%s (unknown)", - TELOPT(pointer[0])); - else - output_data("%d (unknown)", - pointer[i]); - for (i = 1; i < length; i++) { - output_data(" %d", pointer[i]); - } - break; - } - output_data("\r\n"); -} - -/* - * Dump a data buffer in hex and ascii to the output data stream. - */ -void -printdata(char *tag, char *ptr, int cnt) -{ - int i; - char xbuf[30]; - - while (cnt) { - /* flush net output buffer if no room for new data) */ - if ((&netobuf[BUFSIZ] - nfrontp) < 80) { - netflush(); - } - - /* add a line of output */ - output_data("%s: ", tag); - for (i = 0; i < 20 && cnt; i++) { - output_data("%02x", *ptr); - if (isprint(*ptr)) { - xbuf[i] = *ptr; - } else { - xbuf[i] = '.'; - } - if (i % 2) { - output_data(" "); - } - cnt--; - ptr++; - } - xbuf[i] = '\0'; - output_data(" %s\r\n", xbuf); - } -} -#endif /* DIAGNOSTICS */ diff --git a/crypto/kerberosIV/cf/ChangeLog b/crypto/kerberosIV/cf/ChangeLog deleted file mode 100644 index 13d9bfd93d2e..000000000000 --- a/crypto/kerberosIV/cf/ChangeLog +++ /dev/null @@ -1,216 +0,0 @@ -1999-11-05 Assar Westerlund - - * check-x.m4: include X_PRE_LIBS and X_EXTRA_LIBS when testing - -1999-11-01 Assar Westerlund - - * Makefile.am.common (install-build-headers): use `cp' instead of - INSTALL_DATA for copying header files inside the build tree. The - user might have redefined INSTALL_DATA to specify owners and other - information. - -1999-10-30 Assar Westerlund - - * find-func-no-libs2.m4: add yet another argument to allow specify - linker flags that will be added _before_ the library when trying - to link - - * find-func-no-libs.m4: add yet another argument to allow specify - linker flags that will be added _before_ the library when trying - to link - -1999-10-12 Assar Westerlund - - * find-func-no-libs2.m4 (AC_FIND_FUNC_NO_LIBS2): new argument - `extra libs' - - * find-func-no-libs.m4 (AC_FIND_FUNC_NO_LIBS): new argument `extra - libs' - -1999-09-01 Johan Danielsson - - * capabilities.m4: sgi capabilities - -1999-07-29 Assar Westerlund - - * have-struct-field.m4: quote macros when undefining - -1999-07-28 Assar Westerlund - - * Makefile.am.common (install-build-headers): add dependencies - -1999-07-24 Assar Westerlund - - * have-type.m4: try to get autoheader to co-operate - - * have-type.m4: stolen from Arla - - * krb-struct-sockaddr-sa-len.m4: not used any longer. removed. - -1999-06-13 Assar Westerlund - - * krb-struct-spwd.m4: consequent name of cache variables - - * krb-func-getlogin.m4: new file for testing for posix (broken) - getlogin - - * shared-libs.m4 (freebsd[34]): don't use ld -Bshareable - -1999-06-02 Johan Danielsson - - * check-x.m4: extended test for X - -1999-05-14 Assar Westerlund - - * check-netinet-ip-and-tcp.m4: proper autoheader tricks - - * check-netinet-ip-and-tcp.m4: new file for checking for - netinet/{ip,tcp}.h. These are special as they on Irix 6.5.3 - require to be included in advance. - - * check-xau.m4: we also need to check for XauFilename since it's - used by appl/kx. And on Irix 6.5 that function requires linking - with -lX11. - -1999-05-08 Assar Westerlund - - * krb-find-db.m4: try with more header files than ndbm.h - -1999-04-19 Assar Westerlund - - * test-package.m4: try to handle the case of --without-package - correctly - -1999-04-17 Assar Westerlund - - * make-aclocal: removed. Not used anymore, being replaced by - aclocal from automake. - -Thu Apr 15 14:17:26 1999 Johan Danielsson - - * make-proto.pl: handle __attribute__ - -Fri Apr 9 20:37:18 1999 Assar Westerlund - - * shared-libs.m4: quote $@ - (freebsd3): add install_symlink_command2 - -Wed Apr 7 20:40:22 1999 Assar Westerlund - - * shared-libs.m4 (hpux): no library dependencies - -Mon Apr 5 16:13:08 1999 Johan Danielsson - - * test-package.m4: compile and link, rather than looking for - files; also export more information, so it's possible to add rpath - information - -Tue Mar 30 13:49:54 1999 Johan Danielsson - - * Makefile.am.common: CFLAGS -> AM_CFLAGS - -Mon Mar 29 16:51:12 1999 Johan Danielsson - - * check-xau.m4: check for XauWriteAuth before checking for - XauReadAuth to catch -lX11:s not containing XauWriteAuth, and IRIX - 6.5 that doesn't work with -lXau - -Sat Mar 27 18:03:58 1999 Johan Danielsson - - * osfc2.m4: --enable-osfc2 - -Fri Mar 19 15:34:52 1999 Johan Danielsson - - * shared-libs.m4: move shared lib stuff here - -Wed Mar 24 23:24:51 1999 Assar Westerlund - - * Makefile.am.common (install-build-headers): simplify loop - -Tue Mar 23 17:31:23 1999 Johan Danielsson - - * check-getpwnam_r-posix.m4: check for getpwnam_r, and if it's - posix or not - -Tue Mar 23 00:00:13 1999 Assar Westerlund - - * Makefile.am.common (install_build_headers): try to make it work - better when list of headers is empty. handle make rewriting the - filenames. - - * Makefile.am.common: hesoid -> hesiod - -Sun Mar 21 14:48:03 1999 Johan Danielsson - - * grok-type.m4: - - * Makefile.am.common: fix for automake bug/feature; add more LIB_* - - * test-package.m4: fix typo - - * check-man.m4: fix some typos - - * auth-modules.m4: tests for authentication modules - -Thu Mar 18 11:02:55 1999 Johan Danielsson - - * Makefile.am.common: make install-build-headers a multi - dependency target - - * Makefile.am.common: remove include_dir hack - - * Makefile.am.common: define LIB_kafs and LIB_gssapi - - * krb-find-db.m4: subst DBLIB also - - * check-xau.m4: test for Xau{Read,Write}Auth - -Wed Mar 10 19:29:20 1999 Johan Danielsson - - * wflags.m4: AC_WFLAGS - -Mon Mar 1 11:23:41 1999 Johan Danielsson - - * have-struct-field.m4: remove extra AC_MSG_RESULT - - * proto-compat.m4: typo - - * krb-func-getcwd-broken.m4: update to autoconf 2.13 - - * krb-find-db.m4: update to autoconf 2.13 - - * check-declaration.m4: typo - - * have-pragma-weak.m4: update to autoconf 2.13 - - * have-struct-field.m4: better handling of types with spaces - -Mon Feb 22 20:05:06 1999 Johan Danielsson - - * broken-glob.m4: check for broken glob - -Sun Jan 31 06:50:33 1999 Assar Westerlund - - * krb-ipv6.m4: more magic for different v6 implementations. From - Jun-ichiro itojun Hagino - -Sun Nov 22 12:16:06 1998 Assar Westerlund - - * krb-struct-spwd.m4: new file - -Thu Jun 4 04:07:41 1998 Assar Westerlund - - * find-func-no-libs2.m4: new file - -Fri May 1 23:31:28 1998 Assar Westerlund - - * c-attribute.m4, c-function.m4: new files (from arla) - -Wed Mar 18 23:11:29 1998 Assar Westerlund - - * krb-ipv6.m4: rename HAVE_STRUCT_SOCKADDR_IN6 to HAVE_IPV6 - -Thu Feb 26 02:37:49 1998 Assar Westerlund - - * make-proto.pl: should work with perl4 - diff --git a/crypto/kerberosIV/cf/Makefile.am.common b/crypto/kerberosIV/cf/Makefile.am.common deleted file mode 100644 index e7d747b269dc..000000000000 --- a/crypto/kerberosIV/cf/Makefile.am.common +++ /dev/null @@ -1,255 +0,0 @@ -# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ - -AUTOMAKE_OPTIONS = foreign no-dependencies - -SUFFIXES = .et .h - -INCLUDES = -I$(top_builddir)/include - -AM_CFLAGS += $(WFLAGS) - -COMPILE_ET = $(top_builddir)/lib/com_err/compile_et - -## set build_HEADERZ to headers that should just be installed in build tree - -buildinclude = $(top_builddir)/include - -## these aren't detected by automake -LIB_XauReadAuth = @LIB_XauReadAuth@ -LIB_crypt = @LIB_crypt@ -LIB_dbm_firstkey = @LIB_dbm_firstkey@ -LIB_dbopen = @LIB_dbopen@ -LIB_dlopen = @LIB_dlopen@ -LIB_dn_expand = @LIB_dn_expand@ -LIB_el_init = @LIB_el_init@ -LIB_getattr = @LIB_getattr@ -LIB_gethostbyname = @LIB_gethostbyname@ -LIB_getpwent_r = @LIB_getpwent_r@ -LIB_getpwnam_r = @LIB_getpwnam_r@ -LIB_getsockopt = @LIB_getsockopt@ -LIB_logout = @LIB_logout@ -LIB_logwtmp = @LIB_logwtmp@ -LIB_odm_initialize = @LIB_odm_initialize@ -LIB_readline = @LIB_readline@ -LIB_res_search = @LIB_res_search@ -LIB_setpcred = @LIB_setpcred@ -LIB_setsockopt = @LIB_setsockopt@ -LIB_socket = @LIB_socket@ -LIB_syslog = @LIB_syslog@ -LIB_tgetent = @LIB_tgetent@ - -HESIODLIB = @HESIODLIB@ -HESIODINCLUDE = @HESIODINCLUDE@ -INCLUDE_hesiod = @INCLUDE_hesiod@ -LIB_hesiod = @LIB_hesiod@ - -INCLUDE_krb4 = @INCLUDE_krb4@ -LIB_krb4 = @LIB_krb4@ - -INCLUDE_readline = @INCLUDE_readline@ -LIB_readline = @LIB_readline@ - -LEXLIB = @LEXLIB@ - -install-suid-programs: - @foo='$(bin_SUIDS)'; \ - for file in $$foo; do \ - x=$(DESTDIR)$(bindir)/$$file; \ - if chown 0:0 $$x && chmod u+s $$x; then :; else \ - chmod 0 $$x; fi; done - -install-exec-hook: install-suid-programs - -install-build-headers:: $(include_HEADERS) $(build_HEADERZ) - @foo='$(include_HEADERS) $(build_HEADERZ)'; \ - for f in $$foo; do \ - f=`basename $$f`; \ - if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ - else file="$$f"; fi; \ - if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ - : ; else \ - echo " cp $$file $(buildinclude)/$$f"; \ - cp $$file $(buildinclude)/$$f; \ - fi ; \ - done - -all-local: install-build-headers - -cat1dir = $(mandir)/cat1 -cat3dir = $(mandir)/cat3 -cat5dir = $(mandir)/cat5 -cat8dir = $(mandir)/cat8 - -MANRX = \(.*\)\.\([0-9]\) -CATSUFFIX = @CATSUFFIX@ - -SUFFIXES += .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 - -NROFF_MAN = groff -mandoc -Tascii -#NROFF_MAN = nroff -man -.1.cat1: - $(NROFF_MAN) $< > $@ -.3.cat3: - $(NROFF_MAN) $< > $@ -.5.cat5: - $(NROFF_MAN) $< > $@ -.8.cat8: - $(NROFF_MAN) $< > $@ - -## MAINTAINERCLEANFILES += - -dist-cat1-mans: - @foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat3-mans: - @foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat5-mans: - @foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-cat8-mans: - @foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done ;\ - for i in $$foo; do \ - x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ - echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ - $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ - done - -dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans - -install-cat1-mans: - @ext=1;\ - foo='$(man1_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.1) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat3-mans: - @ext=3;\ - foo='$(man3_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.3) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat5-mans: - @ext=5;\ - foo='$(man5_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.5) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - -install-cat8-mans: - @ext=8;\ - foo='$(man8_MANS)'; \ - bar='$(man_MANS)'; \ - for i in $$bar; do \ - case $$i in \ - *.8) foo="$$foo $$i";; \ - esac; done; \ - if test "$$foo"; then \ - $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ - for x in $$foo; do \ - f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ - if test -f "$(srcdir)/$$f"; then \ - b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ - echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ - fi; \ - done ;\ - fi - - -install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans - -install-data-local: install-cat-mans - - -.et.h: - $(COMPILE_ET) $< -.et.c: - $(COMPILE_ET) $< - -if KRB4 -LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) -endif - -if KRB5 -LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la \ - $(top_builddir)/lib/asn1/libasn1.la -LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la -endif - diff --git a/crypto/kerberosIV/cf/auth-modules.m4 b/crypto/kerberosIV/cf/auth-modules.m4 deleted file mode 100644 index 2f11c7354cde..000000000000 --- a/crypto/kerberosIV/cf/auth-modules.m4 +++ /dev/null @@ -1,27 +0,0 @@ -dnl $Id: auth-modules.m4,v 1.1 1999/03/21 13:48:00 joda Exp $ -dnl -dnl Figure what authentication modules should be built - -AC_DEFUN(AC_AUTH_MODULES,[ -AC_MSG_CHECKING(which authentication modules should be built) - -LIB_AUTH_SUBDIRS= - -if test "$ac_cv_header_siad_h" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia" -fi - -if test "$ac_cv_header_security_pam_modules_h" = yes -a "$enable_shared" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam" -fi - -case "${host}" in -changequote(,)dnl -*-*-irix[56]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;; -changequote([,])dnl -esac - -AC_MSG_RESULT($LIB_AUTH_SUBDIRS) - -AC_SUBST(LIB_AUTH_SUBDIRS)dnl -]) diff --git a/crypto/kerberosIV/cf/broken-glob.m4 b/crypto/kerberosIV/cf/broken-glob.m4 deleted file mode 100644 index 8d5279275006..000000000000 --- a/crypto/kerberosIV/cf/broken-glob.m4 +++ /dev/null @@ -1,22 +0,0 @@ -dnl $Id: broken-glob.m4,v 1.2 1999/03/01 09:52:15 joda Exp $ -dnl -dnl check for glob(3) -dnl -AC_DEFUN(AC_BROKEN_GLOB,[ -AC_CACHE_CHECK(for working glob, ac_cv_func_glob_working, -ac_cv_func_glob_working=yes -AC_TRY_LINK([ -#include -#include ],[ -glob(NULL, GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE, NULL, NULL); -],:,ac_cv_func_glob_working=no,:)) - -if test "$ac_cv_func_glob_working" = yes; then - AC_DEFINE(HAVE_GLOB, 1, [define if you have a glob() that groks - GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, and GLOB_TILDE]) -fi -if test "$ac_cv_func_glob_working" = yes; then -AC_NEED_PROTO([#include -#include ],glob) -fi -]) diff --git a/crypto/kerberosIV/cf/broken-snprintf.m4 b/crypto/kerberosIV/cf/broken-snprintf.m4 deleted file mode 100644 index efd69f0aa53d..000000000000 --- a/crypto/kerberosIV/cf/broken-snprintf.m4 +++ /dev/null @@ -1,58 +0,0 @@ -dnl $Id: broken-snprintf.m4,v 1.3 1999/03/01 09:52:22 joda Exp $ -dnl -AC_DEFUN(AC_BROKEN_SNPRINTF, [ -AC_CACHE_CHECK(for working snprintf,ac_cv_func_snprintf_working, -ac_cv_func_snprintf_working=yes -AC_TRY_RUN([ -#include -#include -int main() -{ -changequote(`,')dnl - char foo[3]; -changequote([,])dnl - snprintf(foo, 2, "12"); - return strcmp(foo, "1"); -}],:,ac_cv_func_snprintf_working=no,:)) - -if test "$ac_cv_func_snprintf_working" = yes; then - AC_DEFINE_UNQUOTED(HAVE_SNPRINTF, 1, [define if you have a working snprintf]) -fi -if test "$ac_cv_func_snprintf_working" = yes; then -AC_NEED_PROTO([#include ],snprintf) -fi -]) - -AC_DEFUN(AC_BROKEN_VSNPRINTF,[ -AC_CACHE_CHECK(for working vsnprintf,ac_cv_func_vsnprintf_working, -ac_cv_func_vsnprintf_working=yes -AC_TRY_RUN([ -#include -#include -#include - -int foo(int num, ...) -{ -changequote(`,')dnl - char bar[3]; -changequote([,])dnl - va_list arg; - va_start(arg, num); - vsnprintf(bar, 2, "%s", arg); - va_end(arg); - return strcmp(bar, "1"); -} - - -int main() -{ - return foo(0, "12"); -}],:,ac_cv_func_vsnprintf_working=no,:)) - -if test "$ac_cv_func_vsnprintf_working" = yes; then - AC_DEFINE_UNQUOTED(HAVE_VSNPRINTF, 1, [define if you have a working vsnprintf]) -fi -if test "$ac_cv_func_vsnprintf_working" = yes; then -AC_NEED_PROTO([#include ],vsnprintf) -fi -]) diff --git a/crypto/kerberosIV/cf/broken.m4 b/crypto/kerberosIV/cf/broken.m4 deleted file mode 100644 index 404406470476..000000000000 --- a/crypto/kerberosIV/cf/broken.m4 +++ /dev/null @@ -1,19 +0,0 @@ -dnl $Id: broken.m4,v 1.3 1998/03/16 22:16:19 joda Exp $ -dnl -dnl -dnl Same as AC _REPLACE_FUNCS, just define HAVE_func if found in normal -dnl libraries - -AC_DEFUN(AC_BROKEN, -[for ac_func in $1 -do -AC_CHECK_FUNC($ac_func, [ -ac_tr_func=HAVE_[]upcase($ac_func) -AC_DEFINE_UNQUOTED($ac_tr_func)],[LIBOBJS[]="$LIBOBJS ${ac_func}.o"]) -dnl autoheader tricks *sigh* -: << END -@@@funcs="$funcs $1"@@@ -END -done -AC_SUBST(LIBOBJS)dnl -]) diff --git a/crypto/kerberosIV/cf/c-attribute.m4 b/crypto/kerberosIV/cf/c-attribute.m4 deleted file mode 100644 index 87cea037b173..000000000000 --- a/crypto/kerberosIV/cf/c-attribute.m4 +++ /dev/null @@ -1,31 +0,0 @@ -dnl -dnl $Id: c-attribute.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl - -dnl -dnl Test for __attribute__ -dnl - -AC_DEFUN(AC_C___ATTRIBUTE__, [ -AC_MSG_CHECKING(for __attribute__) -AC_CACHE_VAL(ac_cv___attribute__, [ -AC_TRY_COMPILE([ -#include -], -[ -static void foo(void) __attribute__ ((noreturn)); - -static void -foo(void) -{ - exit(1); -} -], -ac_cv___attribute__=yes, -ac_cv___attribute__=no)]) -if test "$ac_cv___attribute__" = "yes"; then - AC_DEFINE(HAVE___ATTRIBUTE__, 1, [define if your compiler has __attribute__]) -fi -AC_MSG_RESULT($ac_cv___attribute__) -]) - diff --git a/crypto/kerberosIV/cf/c-function.m4 b/crypto/kerberosIV/cf/c-function.m4 deleted file mode 100644 index b16d5562bb0a..000000000000 --- a/crypto/kerberosIV/cf/c-function.m4 +++ /dev/null @@ -1,33 +0,0 @@ -dnl -dnl $Id: c-function.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl - -dnl -dnl Test for __FUNCTION__ -dnl - -AC_DEFUN(AC_C___FUNCTION__, [ -AC_MSG_CHECKING(for __FUNCTION__) -AC_CACHE_VAL(ac_cv___function__, [ -AC_TRY_RUN([ -#include - -static char *foo() -{ - return __FUNCTION__; -} - -int main() -{ - return strcmp(foo(), "foo") != 0; -} -], -ac_cv___function__=yes, -ac_cv___function__=no, -ac_cv___function__=no)]) -if test "$ac_cv___function__" = "yes"; then - AC_DEFINE(HAVE___FUNCTION__, 1, [define if your compiler has __FUNCTION__]) -fi -AC_MSG_RESULT($ac_cv___function__) -]) - diff --git a/crypto/kerberosIV/cf/capabilities.m4 b/crypto/kerberosIV/cf/capabilities.m4 deleted file mode 100644 index 6d2669bfe130..000000000000 --- a/crypto/kerberosIV/cf/capabilities.m4 +++ /dev/null @@ -1,14 +0,0 @@ -dnl -dnl $Id: capabilities.m4,v 1.2 1999/09/01 11:02:26 joda Exp $ -dnl - -dnl -dnl Test SGI capabilities -dnl - -AC_DEFUN(KRB_CAPABILITIES,[ - -AC_CHECK_HEADERS(capability.h sys/capability.h) - -AC_CHECK_FUNCS(sgi_getcapabilitybyname cap_set_proc) -]) diff --git a/crypto/kerberosIV/cf/check-declaration.m4 b/crypto/kerberosIV/cf/check-declaration.m4 deleted file mode 100644 index 5f584e5c38f3..000000000000 --- a/crypto/kerberosIV/cf/check-declaration.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl $Id: check-declaration.m4,v 1.3 1999/03/01 13:03:08 joda Exp $ -dnl -dnl -dnl Check if we need the declaration of a variable -dnl - -dnl AC_HAVE_DECLARATION(includes, variable) -AC_DEFUN(AC_CHECK_DECLARATION, [ -AC_MSG_CHECKING([if $2 is properly declared]) -AC_CACHE_VAL(ac_cv_var_$2_declaration, [ -AC_TRY_COMPILE([$1 -extern struct { int foo; } $2;], -[$2.foo = 1;], -eval "ac_cv_var_$2_declaration=no", -eval "ac_cv_var_$2_declaration=yes") -]) - -define(foo, [HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION]) - -AC_MSG_RESULT($ac_cv_var_$2_declaration) -if eval "test \"\$ac_cv_var_$2_declaration\" = yes"; then - AC_DEFINE(foo, 1, [define if your system declares $2]) -fi -undefine([foo]) -]) diff --git a/crypto/kerberosIV/cf/check-getpwnam_r-posix.m4 b/crypto/kerberosIV/cf/check-getpwnam_r-posix.m4 deleted file mode 100644 index cc75666a6daf..000000000000 --- a/crypto/kerberosIV/cf/check-getpwnam_r-posix.m4 +++ /dev/null @@ -1,24 +0,0 @@ -dnl $Id: check-getpwnam_r-posix.m4,v 1.2 1999/03/23 16:47:31 joda Exp $ -dnl -dnl check for getpwnam_r, and if it's posix or not - -AC_DEFUN(AC_CHECK_GETPWNAM_R_POSIX,[ -AC_FIND_FUNC_NO_LIBS(getpwnam_r,c_r) -if test "$ac_cv_func_getpwnam_r" = yes; then - AC_CACHE_CHECK(if getpwnam_r is posix,ac_cv_func_getpwnam_r_posix, - ac_libs="$LIBS" - LIBS="$LIBS $LIB_getpwnam_r" - AC_TRY_RUN([ -#include -int main() -{ - struct passwd pw, *pwd; - return getpwnam_r("", &pw, NULL, 0, &pwd) < 0; -} -],ac_cv_func_getpwnam_r_posix=yes,ac_cv_func_getpwnam_r_posix=no,:) -LIBS="$ac_libs") -if test "$ac_cv_func_getpwnam_r_posix" = yes; then - AC_DEFINE(POSIX_GETPWNAM_R, 1, [Define if getpwnam_r has POSIX flavour.]) -fi -fi -]) \ No newline at end of file diff --git a/crypto/kerberosIV/cf/check-man.m4 b/crypto/kerberosIV/cf/check-man.m4 deleted file mode 100644 index 21330697d499..000000000000 --- a/crypto/kerberosIV/cf/check-man.m4 +++ /dev/null @@ -1,59 +0,0 @@ -dnl $Id: check-man.m4,v 1.2 1999/03/21 14:30:50 joda Exp $ -dnl check how to format manual pages -dnl - -AC_DEFUN(AC_CHECK_MAN, -[AC_PATH_PROG(NROFF, nroff) -AC_PATH_PROG(GROFF, groff) -AC_CACHE_CHECK(how to format man pages,ac_cv_sys_man_format, -[cat > conftest.1 << END -.Dd January 1, 1970 -.Dt CONFTEST 1 -.Sh NAME -.Nm conftest -.Nd -foobar -END - -if test "$NROFF" ; then - for i in "-mdoc" "-mandoc"; do - if "$NROFF" $i conftest.1 2> /dev/null | \ - grep Jan > /dev/null 2>&1 ; then - ac_cv_sys_man_format="$NROFF $i" - break - fi - done -fi -if test "$ac_cv_sys_man_format" = "" -a "$GROFF" ; then - for i in "-mdoc" "-mandoc"; do - if "$GROFF" -Tascii $i conftest.1 2> /dev/null | \ - grep Jan > /dev/null 2>&1 ; then - ac_cv_sys_man_format="$GROFF -Tascii $i" - break - fi - done -fi -if test "$ac_cv_sys_man_format"; then - ac_cv_sys_man_format="$ac_cv_sys_man_format \[$]< > \[$]@" -fi -]) -if test "$ac_cv_sys_man_format"; then - CATMAN="$ac_cv_sys_man_format" - AC_SUBST(CATMAN) -fi -AM_CONDITIONAL(CATMAN, test "$CATMAN") -AC_CACHE_CHECK(extension of pre-formatted manual pages,ac_cv_sys_catman_ext, -[if grep _suffix /etc/man.conf > /dev/null 2>&1; then - ac_cv_sys_catman_ext=0 -else - ac_cv_sys_catman_ext=number -fi -]) -if test "$ac_cv_sys_catman_ext" = number; then - CATMANEXT='$$ext' -else - CATMANEXT=0 -fi -AC_SUBST(CATMANEXT) - -]) \ No newline at end of file diff --git a/crypto/kerberosIV/cf/check-netinet-ip-and-tcp.m4 b/crypto/kerberosIV/cf/check-netinet-ip-and-tcp.m4 deleted file mode 100644 index 8cb529de2379..000000000000 --- a/crypto/kerberosIV/cf/check-netinet-ip-and-tcp.m4 +++ /dev/null @@ -1,38 +0,0 @@ -dnl -dnl $Id: check-netinet-ip-and-tcp.m4,v 1.2 1999/05/14 13:15:40 assar Exp $ -dnl - -dnl extra magic check for netinet/{ip.h,tcp.h} because on irix 6.5.3 -dnl you have to include standards.h before including these files - -AC_DEFUN(CHECK_NETINET_IP_AND_TCP, -[ -AC_CHECK_HEADERS(standards.h) -for i in netinet/ip.h netinet/tcp.h; do - -cv=`echo "$i" | sed 'y%./+-%__p_%'` - -AC_MSG_CHECKING([for $i]) -AC_CACHE_VAL([ac_cv_header_$cv], -[AC_TRY_CPP([\ -#ifdef HAVE_STANDARDS_H -#include -#endif -#include <$i> -], -eval "ac_cv_header_$cv=yes", -eval "ac_cv_header_$cv=no")]) -AC_MSG_RESULT(`eval echo \\$ac_cv_header_$cv`) -changequote(, )dnl -if test `eval echo \\$ac_cv_header_$cv` = yes; then - ac_tr_hdr=HAVE_`echo $i | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` -changequote([, ])dnl - AC_DEFINE_UNQUOTED($ac_tr_hdr, 1) -fi -done -dnl autoheader tricks *sigh* -: << END -@@@headers="$headers netinet/ip.h netinet/tcp.h"@@@ -END - -]) diff --git a/crypto/kerberosIV/cf/check-type-extra.m4 b/crypto/kerberosIV/cf/check-type-extra.m4 deleted file mode 100644 index e6af4bd51377..000000000000 --- a/crypto/kerberosIV/cf/check-type-extra.m4 +++ /dev/null @@ -1,23 +0,0 @@ -dnl $Id: check-type-extra.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl -dnl ac_check_type + extra headers - -dnl AC_CHECK_TYPE_EXTRA(TYPE, DEFAULT, HEADERS) -AC_DEFUN(AC_CHECK_TYPE_EXTRA, -[AC_REQUIRE([AC_HEADER_STDC])dnl -AC_MSG_CHECKING(for $1) -AC_CACHE_VAL(ac_cv_type_$1, -[AC_EGREP_CPP(dnl -changequote(<<,>>)dnl -<<$1[^a-zA-Z_0-9]>>dnl -changequote([,]), [#include -#if STDC_HEADERS -#include -#include -#endif -$3], ac_cv_type_$1=yes, ac_cv_type_$1=no)])dnl -AC_MSG_RESULT($ac_cv_type_$1) -if test $ac_cv_type_$1 = no; then - AC_DEFINE($1, $2, [Define this to what the type $1 should be.]) -fi -]) diff --git a/crypto/kerberosIV/cf/check-var.m4 b/crypto/kerberosIV/cf/check-var.m4 deleted file mode 100644 index 9f37366d73e7..000000000000 --- a/crypto/kerberosIV/cf/check-var.m4 +++ /dev/null @@ -1,20 +0,0 @@ -dnl $Id: check-var.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl -dnl AC_CHECK_VAR(includes, variable) -AC_DEFUN(AC_CHECK_VAR, [ -AC_MSG_CHECKING(for $2) -AC_CACHE_VAL(ac_cv_var_$2, [ -AC_TRY_LINK([extern int $2; -int foo() { return $2; }], - [foo()], - ac_cv_var_$2=yes, ac_cv_var_$2=no) -]) -define([foo], [HAVE_]translit($2, [a-z], [A-Z])) - -AC_MSG_RESULT(`eval echo \\$ac_cv_var_$2`) -if test `eval echo \\$ac_cv_var_$2` = yes; then - AC_DEFINE_UNQUOTED(foo, 1, [define if you have $2]) - AC_CHECK_DECLARATION([$1],[$2]) -fi -undefine([foo]) -]) diff --git a/crypto/kerberosIV/cf/check-x.m4 b/crypto/kerberosIV/cf/check-x.m4 deleted file mode 100644 index 1791e5aaf95b..000000000000 --- a/crypto/kerberosIV/cf/check-x.m4 +++ /dev/null @@ -1,52 +0,0 @@ -dnl -dnl See if there is any X11 present -dnl -dnl $Id: check-x.m4,v 1.2 1999/11/05 04:25:23 assar Exp $ - -AC_DEFUN(KRB_CHECK_X,[ -AC_PATH_XTRA - -# try to figure out if we need any additional ld flags, like -R -# and yes, the autoconf X test is utterly broken -if test "$no_x" != yes; then - AC_CACHE_CHECK(for special X linker flags,krb_cv_sys_x_libs_rpath,[ - ac_save_libs="$LIBS" - ac_save_cflags="$CFLAGS" - CFLAGS="$CFLAGS $X_CFLAGS" - krb_cv_sys_x_libs_rpath="" - krb_cv_sys_x_libs="" - for rflag in "" "-R" "-R " "-rpath "; do - if test "$rflag" = ""; then - foo="$X_LIBS" - else - foo="" - for flag in $X_LIBS; do - case $flag in - -L*) - foo="$foo $flag `echo $flag | sed \"s/-L/$rflag/\"`" - ;; - *) - foo="$foo $flag" - ;; - esac - done - fi - LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS" - AC_TRY_RUN([ - #include - foo() - { - XOpenDisplay(NULL); - } - main() - { - return 0; - } - ], krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break,:) - done - LIBS="$ac_save_libs" - CFLAGS="$ac_save_cflags" - ]) - X_LIBS="$krb_cv_sys_x_libs" -fi -]) diff --git a/crypto/kerberosIV/cf/check-xau.m4 b/crypto/kerberosIV/cf/check-xau.m4 deleted file mode 100644 index bad2a6023be5..000000000000 --- a/crypto/kerberosIV/cf/check-xau.m4 +++ /dev/null @@ -1,64 +0,0 @@ -dnl $Id: check-xau.m4,v 1.3 1999/05/14 01:17:06 assar Exp $ -dnl -dnl check for Xau{Read,Write}Auth and XauFileName -dnl -AC_DEFUN(AC_CHECK_XAU,[ -save_CFLAGS="$CFLAGS" -CFLAGS="$X_CFLAGS $CFLAGS" -save_LIBS="$LIBS" -dnl LIBS="$X_LIBS $X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -save_LDFLAGS="$LDFLAGS" -LDFLAGS="$LDFLAGS $X_LIBS" - -## check for XauWriteAuth first, so we detect the case where -## XauReadAuth is in -lX11, but XauWriteAuth is only in -lXau this -## could be done by checking for XauReadAuth in -lXau first, but this -## breaks in IRIX 6.5 - -AC_FIND_FUNC_NO_LIBS(XauWriteAuth, X11 Xau) -ac_xxx="$LIBS" -LIBS="$LIB_XauWriteAuth $LIBS" -AC_FIND_FUNC_NO_LIBS(XauReadAuth, X11 Xau) -LIBS="$LIB_XauReadAauth $LIBS" -AC_FIND_FUNC_NO_LIBS(XauFileName, X11 Xau) -LIBS="$ac_xxx" - -## set LIB_XauReadAuth to union of these tests, since this is what the -## Makefiles are using -case "$ac_cv_funclib_XauWriteAuth" in -yes) ;; -no) ;; -*) if test "$ac_cv_funclib_XauReadAuth" = yes; then - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauWriteAuth $LIB_XauFileName" - fi - else - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth $LIB_XauFileName" - fi - fi - ;; -esac - -if test "$AUTOMAKE" != ""; then - AM_CONDITIONAL(NEED_WRITEAUTH, test "$ac_cv_func_XauWriteAuth" != "yes") -else - AC_SUBST(NEED_WRITEAUTH_TRUE) - AC_SUBST(NEED_WRITEAUTH_FALSE) - if test "$ac_cv_func_XauWriteAuth" != "yes"; then - NEED_WRITEAUTH_TRUE= - NEED_WRITEAUTH_FALSE='#' - else - NEED_WRITEAUTH_TRUE='#' - NEED_WRITEAUTH_FALSE= - fi -fi -CFLAGS=$save_CFLAGS -LIBS=$save_LIBS -LDFLAGS=$save_LDFLAGS -]) diff --git a/crypto/kerberosIV/cf/find-func-no-libs.m4 b/crypto/kerberosIV/cf/find-func-no-libs.m4 deleted file mode 100644 index 3deab02b9d9d..000000000000 --- a/crypto/kerberosIV/cf/find-func-no-libs.m4 +++ /dev/null @@ -1,9 +0,0 @@ -dnl $Id: find-func-no-libs.m4,v 1.5 1999/10/30 21:08:18 assar Exp $ -dnl -dnl -dnl Look for function in any of the specified libraries -dnl - -dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments, extra libs, extra args) -AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [ -AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4], [$5], [$6])]) diff --git a/crypto/kerberosIV/cf/find-func-no-libs2.m4 b/crypto/kerberosIV/cf/find-func-no-libs2.m4 deleted file mode 100644 index c404a7c1b476..000000000000 --- a/crypto/kerberosIV/cf/find-func-no-libs2.m4 +++ /dev/null @@ -1,63 +0,0 @@ -dnl $Id: find-func-no-libs2.m4,v 1.3 1999/10/30 21:09:53 assar Exp $ -dnl -dnl -dnl Look for function in any of the specified libraries -dnl - -dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments, extra libs, extra args) -AC_DEFUN(AC_FIND_FUNC_NO_LIBS2, [ - -AC_MSG_CHECKING([for $1]) -AC_CACHE_VAL(ac_cv_funclib_$1, -[ -if eval "test \"\$ac_cv_func_$1\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in $2; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS="$6 $ac_lib $5 $ac_save_LIBS" - AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break) - done - eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}" - LIBS="$ac_save_LIBS" -fi -]) - -eval "ac_res=\$ac_cv_funclib_$1" - -dnl autoheader tricks *sigh* -: << END -@@@funcs="$funcs $1"@@@ -@@@libs="$libs $2"@@@ -END - -# $1 -eval "ac_tr_func=HAVE_[]upcase($1)" -eval "ac_tr_lib=HAVE_LIB[]upcase($ac_res | sed -e 's/-l//')" -eval "LIB_$1=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_$1=yes" - eval "LIB_$1=" - AC_DEFINE_UNQUOTED($ac_tr_func) - AC_MSG_RESULT([yes]) - ;; - no) - eval "ac_cv_func_$1=no" - eval "LIB_$1=" - AC_MSG_RESULT([no]) - ;; - *) - eval "ac_cv_func_$1=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - AC_DEFINE_UNQUOTED($ac_tr_func) - AC_DEFINE_UNQUOTED($ac_tr_lib) - AC_MSG_RESULT([yes, in $ac_res]) - ;; -esac -AC_SUBST(LIB_$1) -]) diff --git a/crypto/kerberosIV/cf/find-func.m4 b/crypto/kerberosIV/cf/find-func.m4 deleted file mode 100644 index bb2b3ac70966..000000000000 --- a/crypto/kerberosIV/cf/find-func.m4 +++ /dev/null @@ -1,9 +0,0 @@ -dnl $Id: find-func.m4,v 1.1 1997/12/14 15:58:58 joda Exp $ -dnl -dnl AC_FIND_FUNC(func, libraries, includes, arguments) -AC_DEFUN(AC_FIND_FUNC, [ -AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4]) -if test -n "$LIB_$1"; then - LIBS="$LIB_$1 $LIBS" -fi -]) diff --git a/crypto/kerberosIV/cf/find-if-not-broken.m4 b/crypto/kerberosIV/cf/find-if-not-broken.m4 deleted file mode 100644 index e855ec7a6903..000000000000 --- a/crypto/kerberosIV/cf/find-if-not-broken.m4 +++ /dev/null @@ -1,13 +0,0 @@ -dnl $Id: find-if-not-broken.m4,v 1.2 1998/03/16 22:16:27 joda Exp $ -dnl -dnl -dnl Mix between AC_FIND_FUNC and AC_BROKEN -dnl - -AC_DEFUN(AC_FIND_IF_NOT_BROKEN, -[AC_FIND_FUNC([$1], [$2], [$3], [$4]) -if eval "test \"$ac_cv_func_$1\" != yes"; then -LIBOBJS[]="$LIBOBJS $1.o" -fi -AC_SUBST(LIBOBJS)dnl -]) diff --git a/crypto/kerberosIV/cf/grok-type.m4 b/crypto/kerberosIV/cf/grok-type.m4 deleted file mode 100644 index 5bc6a66241fb..000000000000 --- a/crypto/kerberosIV/cf/grok-type.m4 +++ /dev/null @@ -1,38 +0,0 @@ -dnl $Id: grok-type.m4,v 1.4 1999/11/29 11:16:48 joda Exp $ -dnl -AC_DEFUN(AC_GROK_TYPE, [ -AC_CACHE_VAL(ac_cv_type_$1, -AC_TRY_COMPILE([ -#ifdef HAVE_INTTYPES_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif -], -$i x; -, -eval ac_cv_type_$1=yes, -eval ac_cv_type_$1=no))]) - -AC_DEFUN(AC_GROK_TYPES, [ -for i in $1; do - AC_MSG_CHECKING(for $i) - AC_GROK_TYPE($i) - eval ac_res=\$ac_cv_type_$i - if test "$ac_res" = yes; then - type=HAVE_[]upcase($i) - AC_DEFINE_UNQUOTED($type) - fi - AC_MSG_RESULT($ac_res) -done -]) diff --git a/crypto/kerberosIV/cf/have-pragma-weak.m4 b/crypto/kerberosIV/cf/have-pragma-weak.m4 deleted file mode 100644 index 330e6012c8f2..000000000000 --- a/crypto/kerberosIV/cf/have-pragma-weak.m4 +++ /dev/null @@ -1,37 +0,0 @@ -dnl $Id: have-pragma-weak.m4,v 1.3 1999/03/01 11:55:25 joda Exp $ -dnl -AC_DEFUN(AC_HAVE_PRAGMA_WEAK, [ -if test "${enable_shared}" = "yes"; then -AC_MSG_CHECKING(for pragma weak) -AC_CACHE_VAL(ac_have_pragma_weak, [ -ac_have_pragma_weak=no -cat > conftest_foo.$ac_ext <<'EOF' -[#]line __oline__ "configure" -#include "confdefs.h" -#pragma weak foo = _foo -int _foo = 17; -EOF -cat > conftest_bar.$ac_ext <<'EOF' -[#]line __oline__ "configure" -#include "confdefs.h" -extern int foo; - -int t() { - return foo; -} - -int main() { - return t(); -} -EOF -if AC_TRY_EVAL('CC -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest_foo.$ac_ext conftest_bar.$ac_ext 1>&AC_FD_CC'); then -ac_have_pragma_weak=yes -fi -rm -rf conftest* -]) -if test "$ac_have_pragma_weak" = "yes"; then - AC_DEFINE(HAVE_PRAGMA_WEAK, 1, [Define this if your compiler supports \`#pragma weak.'])dnl -fi -AC_MSG_RESULT($ac_have_pragma_weak) -fi -]) diff --git a/crypto/kerberosIV/cf/have-struct-field.m4 b/crypto/kerberosIV/cf/have-struct-field.m4 deleted file mode 100644 index 88ad5c3b29ab..000000000000 --- a/crypto/kerberosIV/cf/have-struct-field.m4 +++ /dev/null @@ -1,19 +0,0 @@ -dnl $Id: have-struct-field.m4,v 1.6 1999/07/29 01:44:32 assar Exp $ -dnl -dnl check for fields in a structure -dnl -dnl AC_HAVE_STRUCT_FIELD(struct, field, headers) - -AC_DEFUN(AC_HAVE_STRUCT_FIELD, [ -define(cache_val, translit(ac_cv_type_$1_$2, [A-Z ], [a-z_])) -AC_CACHE_CHECK([for $2 in $1], cache_val,[ -AC_TRY_COMPILE([$3],[$1 x; x.$2;], -cache_val=yes, -cache_val=no)]) -if test "$cache_val" = yes; then - define(foo, translit(HAVE_$1_$2, [a-z ], [A-Z_])) - AC_DEFINE(foo, 1, [Define if $1 has field $2.]) - undefine([foo]) -fi -undefine([cache_val]) -]) diff --git a/crypto/kerberosIV/cf/have-type.m4 b/crypto/kerberosIV/cf/have-type.m4 deleted file mode 100644 index 79633551c6e5..000000000000 --- a/crypto/kerberosIV/cf/have-type.m4 +++ /dev/null @@ -1,31 +0,0 @@ -dnl $Id: have-type.m4,v 1.4 1999/07/24 19:23:01 assar Exp $ -dnl -dnl check for existance of a type - -dnl AC_HAVE_TYPE(TYPE,INCLUDES) -AC_DEFUN(AC_HAVE_TYPE, [ -cv=`echo "$1" | sed 'y%./+- %__p__%'` -AC_MSG_CHECKING(for $1) -AC_CACHE_VAL([ac_cv_type_$cv], -AC_TRY_COMPILE( -[#include -#if STDC_HEADERS -#include -#include -#endif -$2], -[$1 foo;], -eval "ac_cv_type_$cv=yes", -eval "ac_cv_type_$cv=no"))dnl -AC_MSG_RESULT(`eval echo \\$ac_cv_type_$cv`) -if test `eval echo \\$ac_cv_type_$cv` = yes; then - ac_tr_hdr=HAVE_`echo $1 | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` -dnl autoheader tricks *sigh* -define(foo,translit($1, [ ], [_])) -: << END -@@@funcs="$funcs foo"@@@ -END -undefine([foo]) - AC_DEFINE_UNQUOTED($ac_tr_hdr, 1) -fi -]) diff --git a/crypto/kerberosIV/cf/have-types.m4 b/crypto/kerberosIV/cf/have-types.m4 deleted file mode 100644 index 7c85c5ddddba..000000000000 --- a/crypto/kerberosIV/cf/have-types.m4 +++ /dev/null @@ -1,14 +0,0 @@ -dnl -dnl $Id: have-types.m4,v 1.1 1999/07/24 18:38:58 assar Exp $ -dnl - -AC_DEFUN(AC_HAVE_TYPES, [ -for i in $1; do - AC_HAVE_TYPE($i) -done -: << END -changequote(`,')dnl -@@@funcs="$funcs $1"@@@ -changequote([,])dnl -END -]) diff --git a/crypto/kerberosIV/cf/krb-find-db.m4 b/crypto/kerberosIV/cf/krb-find-db.m4 deleted file mode 100644 index 002730c155f1..000000000000 --- a/crypto/kerberosIV/cf/krb-find-db.m4 +++ /dev/null @@ -1,100 +0,0 @@ -dnl $Id: krb-find-db.m4,v 1.5.16.1 2000/08/16 04:11:57 assar Exp $ -dnl -dnl find a suitable database library -dnl -dnl AC_FIND_DB(libraries) -AC_DEFUN(KRB_FIND_DB, [ - -lib_dbm=no -lib_db=no - -for i in $1; do - - if test "$i"; then - m="lib$i" - l="-l$i" - else - m="libc" - l="" - fi - - AC_MSG_CHECKING(for dbm_open in $m) - AC_CACHE_VAL(ac_cv_krb_dbm_open_$m, [ - - save_LIBS="$LIBS" - LIBS="$l $LIBS" - AC_TRY_RUN([ -#include -#include -#if defined(HAVE_NDBM_H) -#include -#elif defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_DBM_H) -#include -#elif defined(HAVE_RPCSVC_DBM_H) -#include -#elif defined(HAVE_DB_H) -#define DB_DBM_HSEARCH 1 -#include -#endif -int main() -{ - DBM *d; - - d = dbm_open("conftest", O_RDWR | O_CREAT, 0666); - if(d == NULL) - return 1; - dbm_close(d); - return 0; -}], [ - if test -f conftest.db; then - ac_res=db - else - ac_res=dbm - fi], ac_res=no, ac_res=no) - - LIBS="$save_LIBS" - - eval ac_cv_krb_dbm_open_$m=$ac_res]) - eval ac_res=\$ac_cv_krb_dbm_open_$m - AC_MSG_RESULT($ac_res) - - if test "$lib_dbm" = no -a $ac_res = dbm; then - lib_dbm="$l" - elif test "$lib_db" = no -a $ac_res = db; then - lib_db="$l" - break - fi -done - -AC_MSG_CHECKING(for NDBM library) -ac_ndbm=no -if test "$lib_db" != no; then - LIB_DBM="$lib_db" - ac_ndbm=yes - AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files ending in .db).]) - if test "$LIB_DBM"; then - ac_res="yes, $LIB_DBM" - else - ac_res=yes - fi -elif test "$lib_dbm" != no; then - LIB_DBM="$lib_dbm" - ac_ndbm=yes - if test "$LIB_DBM"; then - ac_res="yes, $LIB_DBM" - else - ac_res=yes - fi -else - LIB_DBM="" - ac_res=no -fi -test "$ac_ndbm" = yes && AC_DEFINE(NDBM, 1, [Define if you have NDBM (and not DBM)])dnl -AC_SUBST(LIB_DBM) -DBLIB="$LIB_DBM" -AC_SUBST(DBLIB) -AC_MSG_RESULT($ac_res) - -]) diff --git a/crypto/kerberosIV/cf/krb-func-getcwd-broken.m4 b/crypto/kerberosIV/cf/krb-func-getcwd-broken.m4 deleted file mode 100644 index d248922c9768..000000000000 --- a/crypto/kerberosIV/cf/krb-func-getcwd-broken.m4 +++ /dev/null @@ -1,42 +0,0 @@ -dnl $Id: krb-func-getcwd-broken.m4,v 1.2 1999/03/01 13:03:32 joda Exp $ -dnl -dnl -dnl test for broken getcwd in (SunOS braindamage) -dnl - -AC_DEFUN(AC_KRB_FUNC_GETCWD_BROKEN, [ -if test "$ac_cv_func_getcwd" = yes; then -AC_MSG_CHECKING(if getcwd is broken) -AC_CACHE_VAL(ac_cv_func_getcwd_broken, [ -ac_cv_func_getcwd_broken=no - -AC_TRY_RUN([ -#include -char *getcwd(char*, int); - -void *popen(char *cmd, char *mode) -{ - errno = ENOTTY; - return 0; -} - -int main() -{ - char *ret; - ret = getcwd(0, 1024); - if(ret == 0 && errno == ENOTTY) - return 0; - return 1; -} -], ac_cv_func_getcwd_broken=yes,:,:) -]) -if test "$ac_cv_func_getcwd_broken" = yes; then - AC_DEFINE(BROKEN_GETCWD, 1, [Define if getcwd is broken (like in SunOS 4).])dnl - LIBOBJS="$LIBOBJS getcwd.o" - AC_SUBST(LIBOBJS)dnl - AC_MSG_RESULT($ac_cv_func_getcwd_broken) -else - AC_MSG_RESULT([seems ok]) -fi -fi -]) diff --git a/crypto/kerberosIV/cf/krb-func-getlogin.m4 b/crypto/kerberosIV/cf/krb-func-getlogin.m4 deleted file mode 100644 index 921c5ab8dff0..000000000000 --- a/crypto/kerberosIV/cf/krb-func-getlogin.m4 +++ /dev/null @@ -1,22 +0,0 @@ -dnl -dnl $Id: krb-func-getlogin.m4,v 1.1 1999/07/13 17:45:30 assar Exp $ -dnl -dnl test for POSIX (broken) getlogin -dnl - - -AC_DEFUN(AC_FUNC_GETLOGIN, [ -AC_CHECK_FUNCS(getlogin setlogin) -if test "$ac_cv_func_getlogin" = yes; then -AC_CACHE_CHECK(if getlogin is posix, ac_cv_func_getlogin_posix, [ -if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then - ac_cv_func_getlogin_posix=no -else - ac_cv_func_getlogin_posix=yes -fi -]) -if test "$ac_cv_func_getlogin_posix" = yes; then - AC_DEFINE(POSIX_GETLOGIN, 1, [Define if getlogin has POSIX flavour (and not BSD).]) -fi -fi -]) diff --git a/crypto/kerberosIV/cf/krb-ipv6.m4 b/crypto/kerberosIV/cf/krb-ipv6.m4 deleted file mode 100644 index 490058d7c061..000000000000 --- a/crypto/kerberosIV/cf/krb-ipv6.m4 +++ /dev/null @@ -1,130 +0,0 @@ -dnl $Id: krb-ipv6.m4,v 1.5 1999/03/21 14:06:16 joda Exp $ -dnl -dnl test for IPv6 -dnl -AC_DEFUN(AC_KRB_IPV6, [ -AC_CACHE_CHECK(for IPv6,ac_cv_lib_ipv6, -AC_TRY_COMPILE([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -], -[ -#if defined(IN6ADDR_ANY_INIT) -struct in6_addr any = IN6ADDR_ANY_INIT; -#elif defined(IPV6ADDR_ANY_INIT) -struct in6_addr any = IPV6ADDR_ANY_INIT; -#else -#error no any? -#endif - struct sockaddr_in6 sin6; - int s; - - s = socket(AF_INET6, SOCK_DGRAM, 0); - - sin6.sin6_family = AF_INET6; - sin6.sin6_port = htons(17); - sin6.sin6_addr = any; - bind(s, (struct sockaddr *)&sin6, sizeof(sin6)); -], -ac_cv_lib_ipv6=yes, -ac_cv_lib_ipv6=no)) -if test "$ac_cv_lib_ipv6" = yes; then - AC_DEFINE(HAVE_IPV6, 1, [Define if you have IPv6.]) - - dnl check for different v6 implementations (by itojun) - v6type=unknown - v6lib=none - - AC_MSG_CHECKING([ipv6 stack type]) - for i in v6d toshiba kame inria zeta linux; do - case $i in - v6d) - AC_EGREP_CPP(yes, [dnl -#include -#ifdef __V6D__ -yes -#endif], - [v6type=$i; v6lib=v6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-I/usr/local/v6/include $CFLAGS"]) - ;; - toshiba) - AC_EGREP_CPP(yes, [dnl -#include -#ifdef _TOSHIBA_INET6 -yes -#endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - kame) - AC_EGREP_CPP(yes, [dnl -#include -#ifdef __KAME__ -yes -#endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - inria) - AC_EGREP_CPP(yes, [dnl -#include -#ifdef IPV6_INRIA_VERSION -yes -#endif], - [v6type=$i; CFLAGS="-DINET6 $CFLAGS"]) - ;; - zeta) - AC_EGREP_CPP(yes, [dnl -#include -#ifdef _ZETA_MINAMI_INET6 -yes -#endif], - [v6type=$i; v6lib=inet6; - v6libdir=/usr/local/v6/lib; - CFLAGS="-DINET6 $CFLAGS"]) - ;; - linux) - if test -d /usr/inet6; then - v6type=$i - v6lib=inet6 - v6libdir=/usr/inet6 - CFLAGS="-DINET6 $CFLAGS" - fi - ;; - esac - if test "$v6type" != "unknown"; then - break - fi - done - AC_MSG_RESULT($v6type) - - if test "$v6lib" != "none"; then - for dir in $v6libdir /usr/local/v6/lib /usr/local/lib; do - if test -d $dir -a -f $dir/lib$v6lib.a; then - LIBS="-L$dir -l$v6lib $LIBS" - break - fi - done -dnl AC_CHECK_LIB($v6lib, getaddrinfo, -dnl [SERVER_LIBS="-l$v6lib $SERVER_LIBS"], -dnl [dnl -dnl echo "Fatal: no $v6lib library found. cannot continue." -dnl echo "You need to fetch lib$v6lib.a from appropriate v6 kit and" -dnl echo 'compile beforehand.' -dnl exit 1]) - fi -fi -]) diff --git a/crypto/kerberosIV/cf/krb-prog-ln-s.m4 b/crypto/kerberosIV/cf/krb-prog-ln-s.m4 deleted file mode 100644 index efb706ec2a68..000000000000 --- a/crypto/kerberosIV/cf/krb-prog-ln-s.m4 +++ /dev/null @@ -1,28 +0,0 @@ -dnl $Id: krb-prog-ln-s.m4,v 1.1 1997/12/14 15:59:01 joda Exp $ -dnl -dnl -dnl Better test for ln -s, ln or cp -dnl - -AC_DEFUN(AC_KRB_PROG_LN_S, -[AC_MSG_CHECKING(for ln -s or something else) -AC_CACHE_VAL(ac_cv_prog_LN_S, -[rm -f conftestdata -if ln -s X conftestdata 2>/dev/null -then - rm -f conftestdata - ac_cv_prog_LN_S="ln -s" -else - touch conftestdata1 - if ln conftestdata1 conftestdata2; then - rm -f conftestdata* - ac_cv_prog_LN_S=ln - else - ac_cv_prog_LN_S=cp - fi -fi])dnl -LN_S="$ac_cv_prog_LN_S" -AC_MSG_RESULT($ac_cv_prog_LN_S) -AC_SUBST(LN_S)dnl -]) - diff --git a/crypto/kerberosIV/cf/krb-prog-ranlib.m4 b/crypto/kerberosIV/cf/krb-prog-ranlib.m4 deleted file mode 100644 index fd1d3db2b9d7..000000000000 --- a/crypto/kerberosIV/cf/krb-prog-ranlib.m4 +++ /dev/null @@ -1,8 +0,0 @@ -dnl $Id: krb-prog-ranlib.m4,v 1.1 1997/12/14 15:59:01 joda Exp $ -dnl -dnl -dnl Also look for EMXOMF for OS/2 -dnl - -AC_DEFUN(AC_KRB_PROG_RANLIB, -[AC_CHECK_PROGS(RANLIB, ranlib EMXOMF, :)]) diff --git a/crypto/kerberosIV/cf/krb-prog-yacc.m4 b/crypto/kerberosIV/cf/krb-prog-yacc.m4 deleted file mode 100644 index 28ae59c7a378..000000000000 --- a/crypto/kerberosIV/cf/krb-prog-yacc.m4 +++ /dev/null @@ -1,8 +0,0 @@ -dnl $Id: krb-prog-yacc.m4,v 1.1 1997/12/14 15:59:02 joda Exp $ -dnl -dnl -dnl We prefer byacc or yacc because they do not use `alloca' -dnl - -AC_DEFUN(AC_KRB_PROG_YACC, -[AC_CHECK_PROGS(YACC, byacc yacc 'bison -y')]) diff --git a/crypto/kerberosIV/cf/krb-struct-sockaddr-sa-len.m4 b/crypto/kerberosIV/cf/krb-struct-sockaddr-sa-len.m4 deleted file mode 100644 index ac806900e429..000000000000 --- a/crypto/kerberosIV/cf/krb-struct-sockaddr-sa-len.m4 +++ /dev/null @@ -1,22 +0,0 @@ -dnl $Id: krb-struct-sockaddr-sa-len.m4,v 1.1 1997/12/14 15:59:02 joda Exp $ -dnl -dnl -dnl Check for sa_len in sys/socket.h -dnl - -AC_DEFUN(AC_KRB_STRUCT_SOCKADDR_SA_LEN, [ -AC_MSG_CHECKING(for sa_len in struct sockaddr) -AC_CACHE_VAL(ac_cv_struct_sockaddr_sa_len, [ -AC_TRY_COMPILE( -[#include -#include ], -[struct sockaddr sa; -int foo = sa.sa_len;], -ac_cv_struct_sockaddr_sa_len=yes, -ac_cv_struct_sockaddr_sa_len=no) -]) -if test "$ac_cv_struct_sockaddr_sa_len" = yes; then - AC_DEFINE(SOCKADDR_HAS_SA_LEN)dnl -fi -AC_MSG_RESULT($ac_cv_struct_sockaddr_sa_len) -]) diff --git a/crypto/kerberosIV/cf/krb-struct-spwd.m4 b/crypto/kerberosIV/cf/krb-struct-spwd.m4 deleted file mode 100644 index 4ab81fd34f52..000000000000 --- a/crypto/kerberosIV/cf/krb-struct-spwd.m4 +++ /dev/null @@ -1,22 +0,0 @@ -dnl $Id: krb-struct-spwd.m4,v 1.3 1999/07/13 21:04:11 assar Exp $ -dnl -dnl Test for `struct spwd' - -AC_DEFUN(AC_KRB_STRUCT_SPWD, [ -AC_MSG_CHECKING(for struct spwd) -AC_CACHE_VAL(ac_cv_struct_spwd, [ -AC_TRY_COMPILE( -[#include -#ifdef HAVE_SHADOW_H -#include -#endif], -[struct spwd foo;], -ac_cv_struct_spwd=yes, -ac_cv_struct_spwd=no) -]) -AC_MSG_RESULT($ac_cv_struct_spwd) - -if test "$ac_cv_struct_spwd" = "yes"; then - AC_DEFINE(HAVE_STRUCT_SPWD, 1, [define if you have struct spwd]) -fi -]) diff --git a/crypto/kerberosIV/cf/krb-struct-winsize.m4 b/crypto/kerberosIV/cf/krb-struct-winsize.m4 deleted file mode 100644 index f89f68337c3a..000000000000 --- a/crypto/kerberosIV/cf/krb-struct-winsize.m4 +++ /dev/null @@ -1,27 +0,0 @@ -dnl $Id: krb-struct-winsize.m4,v 1.2 1999/03/01 09:52:23 joda Exp $ -dnl -dnl -dnl Search for struct winsize -dnl - -AC_DEFUN(AC_KRB_STRUCT_WINSIZE, [ -AC_MSG_CHECKING(for struct winsize) -AC_CACHE_VAL(ac_cv_struct_winsize, [ -ac_cv_struct_winsize=no -for i in sys/termios.h sys/ioctl.h; do -AC_EGREP_HEADER( -changequote(, )dnl -struct[ ]*winsize,dnl -changequote([,])dnl -$i, ac_cv_struct_winsize=yes; break)dnl -done -]) -if test "$ac_cv_struct_winsize" = "yes"; then - AC_DEFINE(HAVE_STRUCT_WINSIZE, 1, [define if struct winsize is declared in sys/termios.h]) -fi -AC_MSG_RESULT($ac_cv_struct_winsize) -AC_EGREP_HEADER(ws_xpixel, termios.h, - AC_DEFINE(HAVE_WS_XPIXEL, 1, [define if struct winsize has ws_xpixel])) -AC_EGREP_HEADER(ws_ypixel, termios.h, - AC_DEFINE(HAVE_WS_YPIXEL, 1, [define if struct winsize has ws_ypixel])) -]) diff --git a/crypto/kerberosIV/cf/krb-sys-aix.m4 b/crypto/kerberosIV/cf/krb-sys-aix.m4 deleted file mode 100644 index a538005513a2..000000000000 --- a/crypto/kerberosIV/cf/krb-sys-aix.m4 +++ /dev/null @@ -1,15 +0,0 @@ -dnl $Id: krb-sys-aix.m4,v 1.1 1997/12/14 15:59:02 joda Exp $ -dnl -dnl -dnl AIX have a very different syscall convention -dnl -AC_DEFUN(AC_KRB_SYS_AIX, [ -AC_MSG_CHECKING(for AIX) -AC_CACHE_VAL(krb_cv_sys_aix, -AC_EGREP_CPP(yes, -[#ifdef _AIX - yes -#endif -], krb_cv_sys_aix=yes, krb_cv_sys_aix=no) ) -AC_MSG_RESULT($krb_cv_sys_aix) -]) diff --git a/crypto/kerberosIV/cf/krb-sys-nextstep.m4 b/crypto/kerberosIV/cf/krb-sys-nextstep.m4 deleted file mode 100644 index 31dc907be4e1..000000000000 --- a/crypto/kerberosIV/cf/krb-sys-nextstep.m4 +++ /dev/null @@ -1,21 +0,0 @@ -dnl $Id: krb-sys-nextstep.m4,v 1.2 1998/06/03 23:48:40 joda Exp $ -dnl -dnl -dnl NEXTSTEP is not posix compliant by default, -dnl you need a switch -posix to the compiler -dnl - -AC_DEFUN(AC_KRB_SYS_NEXTSTEP, [ -AC_MSG_CHECKING(for NEXTSTEP) -AC_CACHE_VAL(krb_cv_sys_nextstep, -AC_EGREP_CPP(yes, -[#if defined(NeXT) && !defined(__APPLE__) - yes -#endif -], krb_cv_sys_nextstep=yes, krb_cv_sys_nextstep=no) ) -if test "$krb_cv_sys_nextstep" = "yes"; then - CFLAGS="$CFLAGS -posix" - LIBS="$LIBS -posix" -fi -AC_MSG_RESULT($krb_cv_sys_nextstep) -]) diff --git a/crypto/kerberosIV/cf/krb-version.m4 b/crypto/kerberosIV/cf/krb-version.m4 deleted file mode 100644 index a4a12211a6ea..000000000000 --- a/crypto/kerberosIV/cf/krb-version.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl $Id: krb-version.m4,v 1.1 1997/12/14 15:59:03 joda Exp $ -dnl -dnl -dnl output a C header-file with some version strings -dnl -AC_DEFUN(AC_KRB_VERSION,[ -dnl AC_OUTPUT_COMMANDS([ -cat > include/newversion.h.in </dev/null | sed 1q` - Date=`date` - mv -f include/newversion.h.in include/version.h.in - sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h -fi -dnl ],host=$host PACKAGE=$PACKAGE VERSION=$VERSION) -]) diff --git a/crypto/kerberosIV/cf/make-proto.pl b/crypto/kerberosIV/cf/make-proto.pl deleted file mode 100644 index 9a47aedbed42..000000000000 --- a/crypto/kerberosIV/cf/make-proto.pl +++ /dev/null @@ -1,199 +0,0 @@ -# Make prototypes from .c files -# $Id: make-proto.pl,v 1.11 1999/04/15 12:37:54 joda Exp $ - -##use Getopt::Std; -require 'getopts.pl'; - -$brace = 0; -$line = ""; -$debug = 0; - -do Getopts('o:p:d') || die "foo"; - -if($opt_d) { - $debug = 1; -} - -while(<>) { - print $brace, " ", $_ if($debug); - if(/^\#if 0/) { - $if_0 = 1; - } - if($if_0 && /^\#endif/) { - $if_0 = 0; - } - if($if_0) { next } - if(/^\s*\#/) { - next; - } - if(/^\s*$/) { - $line = ""; - next; - } - if(/\{/){ - $_ = $line; - while(s/\*\//\ca/){ - s/\/\*(.|\n)*\ca//; - } - s/^\s*//; - s/\s$//; - s/\s+/ /g; - if($line =~ /\)\s$/){ - if(!/^static/ && !/^PRIVATE/){ - if(/(.*)(__attribute__\s?\(.*\))/) { - $attr = $2; - $_ = $1; - } else { - $attr = ""; - } - # remove outer () - s/\s*\(/@/; - s/\)\s?$/@/; - # remove , within () - while(s/\(([^()]*),(.*)\)/($1\$$2)/g){} - s/,\s*/,\n\t/g; - # fix removed , - s/\$/,/g; - # match function name - /([a-zA-Z0-9_]+)\s*@/; - $f = $1; - # only add newline if more than one parameter - $LP = "(("; # XXX workaround for indentation bug in emacs - $RP = "))"; - $P = "__P(("; - if(/,/){ - s/@/ __P$LP\n\t/; - }else{ - s/@/ __P$LP/; - } - s/@/$RP/; - # insert newline before function name - s/(.*)\s([a-zA-Z0-9_]+ __P)/$1\n$2/; - if($attr ne "") { - $_ .= "\n $attr"; - } - $_ = $_ . ";"; - $funcs{$f} = $_; - } - } - $line = ""; - $brace++; - } - if(/\}/){ - $brace--; - } - if(/^\}/){ - $brace = 0; - } - if($brace == 0) { - $line = $line . " " . $_; - } -} - -sub foo { - local ($arg) = @_; - $_ = $arg; - s/.*\/([^\/]*)/$1/; - s/[^a-zA-Z0-9]/_/g; - "__" . $_ . "__"; -} - -if($opt_o) { - open(OUT, ">$opt_o"); - $block = &foo($opt_o); -} else { - $block = "__public_h__"; -} - -if($opt_p) { - open(PRIV, ">$opt_p"); - $private = &foo($opt_p); -} else { - $private = "__private_h__"; -} - -$public_h = ""; -$private_h = ""; - -$public_h_header = "/* This is a generated file */ -#ifndef $block -#define $block - -#ifdef __STDC__ -#include -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -"; - -$private_h_header = "/* This is a generated file */ -#ifndef $private -#define $private - -#ifdef __STDC__ -#include -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -"; - -foreach(sort keys %funcs){ - if(/^(main)$/) { next } - if(/^_/) { - $private_h .= $funcs{$_} . "\n\n"; - if($funcs{$_} =~ /__attribute__/) { - $private_attribute_seen = 1; - } - } else { - $public_h .= $funcs{$_} . "\n\n"; - if($funcs{$_} =~ /__attribute__/) { - $public_attribute_seen = 1; - } - } -} - -if ($public_attribute_seen) { - $public_h_header .= "#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -"; -} - -if ($private_attribute_seen) { - $private_h_header .= "#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -"; -} - - -if ($public_h ne "") { - $public_h = $public_h_header . $public_h . "#endif /* $block */\n"; -} -if ($private_h ne "") { - $private_h = $private_h_header . $private_h . "#endif /* $private */\n"; -} - -if($opt_o) { - print OUT $public_h; -} -if($opt_p) { - print PRIV $private_h; -} - -close OUT; -close PRIV; diff --git a/crypto/kerberosIV/cf/mips-abi.m4 b/crypto/kerberosIV/cf/mips-abi.m4 deleted file mode 100644 index c7b88150ce25..000000000000 --- a/crypto/kerberosIV/cf/mips-abi.m4 +++ /dev/null @@ -1,87 +0,0 @@ -dnl $Id: mips-abi.m4,v 1.4 1998/05/16 20:44:15 joda Exp $ -dnl -dnl -dnl Check for MIPS/IRIX ABI flags. Sets $abi and $abilibdirext to some -dnl value. - -AC_DEFUN(AC_MIPS_ABI, [ -AC_ARG_WITH(mips_abi, -[ --with-mips-abi=abi ABI to use for IRIX (32, n32, or 64)]) - -case "$host_os" in -irix*) -with_mips_abi="${with_mips_abi:-yes}" -if test -n "$GCC"; then - -# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select -# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs. -# -# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old -# GCC and revert back to O32. The same goes if O32 is asked for - old -# GCCs doesn't like the -mabi option, and new GCCs can't output O32. -# -# Don't you just love *all* the different SGI ABIs? - -case "${with_mips_abi}" in - 32|o32) abi='-mabi=32'; abilibdirext='' ;; - n32|yes) abi='-mabi=n32'; abilibdirext='32' ;; - 64) abi='-mabi=64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) AC_ERROR("Invalid ABI specified") ;; -esac -if test -n "$abi" ; then -ac_foo=krb_cv_gcc_`echo $abi | tr =- __` -dnl -dnl can't use AC_CACHE_CHECK here, since it doesn't quote CACHE-ID to -dnl AC_MSG_RESULT -dnl -AC_MSG_CHECKING([if $CC supports the $abi option]) -AC_CACHE_VAL($ac_foo, [ -save_CFLAGS="$CFLAGS" -CFLAGS="$CFLAGS $abi" -AC_TRY_COMPILE(,int x;, eval $ac_foo=yes, eval $ac_foo=no) -CFLAGS="$save_CFLAGS" -]) -ac_res=`eval echo \\\$$ac_foo` -AC_MSG_RESULT($ac_res) -if test $ac_res = no; then -# Try to figure out why that failed... -case $abi in - -mabi=32) - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -mabi=n32" - AC_TRY_COMPILE(,int x;, ac_res=yes, ac_res=no) - CLAGS="$save_CFLAGS" - if test $ac_res = yes; then - # New GCC - AC_ERROR([$CC does not support the $with_mips_abi ABI]) - fi - # Old GCC - abi='' - abilibdirext='' - ;; - -mabi=n32|-mabi=64) - if test $with_mips_abi = yes; then - # Old GCC, default to O32 - abi='' - abilibdirext='' - else - # Some broken GCC - AC_ERROR([$CC does not support the $with_mips_abi ABI]) - fi - ;; -esac -fi #if test $ac_res = no; then -fi #if test -n "$abi" ; then -else -case "${with_mips_abi}" in - 32|o32) abi='-32'; abilibdirext='' ;; - n32|yes) abi='-n32'; abilibdirext='32' ;; - 64) abi='-64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) AC_ERROR("Invalid ABI specified") ;; -esac -fi #if test -n "$GCC"; then -;; -esac -]) diff --git a/crypto/kerberosIV/cf/misc.m4 b/crypto/kerberosIV/cf/misc.m4 deleted file mode 100644 index 0be97a4758d1..000000000000 --- a/crypto/kerberosIV/cf/misc.m4 +++ /dev/null @@ -1,3 +0,0 @@ -dnl $Id: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $ -dnl -define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl diff --git a/crypto/kerberosIV/cf/need-proto.m4 b/crypto/kerberosIV/cf/need-proto.m4 deleted file mode 100644 index 8c8d1d349081..000000000000 --- a/crypto/kerberosIV/cf/need-proto.m4 +++ /dev/null @@ -1,25 +0,0 @@ -dnl $Id: need-proto.m4,v 1.2 1999/03/01 09:52:24 joda Exp $ -dnl -dnl -dnl Check if we need the prototype for a function -dnl - -dnl AC_NEED_PROTO(includes, function) - -AC_DEFUN(AC_NEED_PROTO, [ -if test "$ac_cv_func_$2+set" != set -o "$ac_cv_func_$2" = yes; then -AC_CACHE_CHECK([if $2 needs a prototype], ac_cv_func_$2_noproto, -AC_TRY_COMPILE([$1], -[struct foo { int foo; } xx; -extern int $2 (struct foo*); -$2(&xx); -], -eval "ac_cv_func_$2_noproto=yes", -eval "ac_cv_func_$2_noproto=no")) -define([foo], [NEED_]translit($2, [a-z], [A-Z])[_PROTO]) -if test "$ac_cv_func_$2_noproto" = yes; then - AC_DEFINE(foo, 1, [define if the system is missing a prototype for $2()]) -fi -undefine([foo]) -fi -]) diff --git a/crypto/kerberosIV/cf/osfc2.m4 b/crypto/kerberosIV/cf/osfc2.m4 deleted file mode 100644 index d8cb2e112210..000000000000 --- a/crypto/kerberosIV/cf/osfc2.m4 +++ /dev/null @@ -1,14 +0,0 @@ -dnl $Id: osfc2.m4,v 1.2 1999/03/27 17:28:16 joda Exp $ -dnl -dnl enable OSF C2 stuff - -AC_DEFUN(AC_CHECK_OSFC2,[ -AC_ARG_ENABLE(osfc2, -[ --enable-osfc2 enable some OSF C2 support]) -LIB_security= -if test "$enable_osfc2" = yes; then - AC_DEFINE(HAVE_OSFC2, 1, [Define to enable basic OSF C2 support.]) - LIB_security=-lsecurity -fi -AC_SUBST(LIB_security) -]) diff --git a/crypto/kerberosIV/cf/proto-compat.m4 b/crypto/kerberosIV/cf/proto-compat.m4 deleted file mode 100644 index 942f658889d2..000000000000 --- a/crypto/kerberosIV/cf/proto-compat.m4 +++ /dev/null @@ -1,22 +0,0 @@ -dnl $Id: proto-compat.m4,v 1.3 1999/03/01 13:03:48 joda Exp $ -dnl -dnl -dnl Check if the prototype of a function is compatible with another one -dnl - -dnl AC_PROTO_COMPAT(includes, function, prototype) - -AC_DEFUN(AC_PROTO_COMPAT, [ -AC_CACHE_CHECK([if $2 is compatible with system prototype], -ac_cv_func_$2_proto_compat, -AC_TRY_COMPILE([$1], -[$3;], -eval "ac_cv_func_$2_proto_compat=yes", -eval "ac_cv_func_$2_proto_compat=no")) -define([foo], translit($2, [a-z], [A-Z])[_PROTO_COMPATIBLE]) -if test "$ac_cv_func_$2_proto_compat" = yes; then - AC_DEFINE(foo, 1, [define if prototype of $2 is compatible with - $3]) -fi -undefine([foo]) -]) \ No newline at end of file diff --git a/crypto/kerberosIV/cf/shared-libs.m4 b/crypto/kerberosIV/cf/shared-libs.m4 deleted file mode 100644 index 283898fd6673..000000000000 --- a/crypto/kerberosIV/cf/shared-libs.m4 +++ /dev/null @@ -1,192 +0,0 @@ -dnl -dnl $Id: shared-libs.m4,v 1.4.14.3 2000/12/07 18:03:00 bg Exp $ -dnl -dnl Shared library stuff has to be different everywhere -dnl - -AC_DEFUN(AC_SHARED_LIBS, [ - -dnl Check if we want to use shared libraries -AC_ARG_ENABLE(shared, -[ --enable-shared create shared libraries for Kerberos]) - -AC_SUBST(CFLAGS)dnl -AC_SUBST(LDFLAGS)dnl - -case ${enable_shared} in - yes ) enable_shared=yes;; - no ) enable_shared=no;; - * ) enable_shared=no;; -esac - -# NOTE: Building shared libraries may not work if you do not use gcc! -# -# OS $SHLIBEXT -# HP-UX sl -# Linux so -# NetBSD so -# FreeBSD so -# OSF so -# SunOS5 so -# SunOS4 so.0.5 -# Irix so -# -# LIBEXT is the extension we should build (.a or $SHLIBEXT) -LINK='$(CC)' -AC_SUBST(LINK) -lib_deps=yes -REAL_PICFLAGS="-fpic" -LDSHARED='$(CC) $(PICFLAGS) -shared' -LIBPREFIX=lib -build_symlink_command=@true -install_symlink_command=@true -install_symlink_command2=@true -REAL_SHLIBEXT=so -changequote({,})dnl -SHLIB_VERSION=`echo $VERSION | sed 's/\([0-9.]*\).*/\1/'` -SHLIB_SONAME=`echo $VERSION | sed 's/\([0-9]*\).*/\1/'` -changequote([,])dnl -case "${host}" in -*-*-hpux*) - REAL_SHLIBEXT=sl - REAL_LD_FLAGS='-Wl,+b$(libdir)' - if test -z "$GCC"; then - LDSHARED="ld -b" - REAL_PICFLAGS="+z" - fi - lib_deps=no - ;; -*-*-linux*) - LDSHARED='$(CC) -shared -Wl,-soname,$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_LD_FLAGS='-Wl,-rpath,$(libdir)' - REAL_SHLIBEXT=so.$SHLIB_VERSION - build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so' - install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - ;; -changequote(,)dnl -*-*-freebsd[345]* | *-*-freebsdelf[345]*) -changequote([,])dnl - REAL_SHLIBEXT=so.$SHLIB_VERSION - REAL_LD_FLAGS='-Wl,-R$(libdir)' - build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so' - install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - ;; -*-*-*bsd*) - REAL_SHLIBEXT=so.$SHLIB_VERSION - LDSHARED='ld -Bshareable' - REAL_LD_FLAGS='-Wl,-R$(libdir)' - ;; -*-*-osf*) - REAL_LD_FLAGS='-Wl,-rpath,$(libdir)' - REAL_PICFLAGS= - LDSHARED='ld -shared -expect_unresolved \*' - ;; -*-*-solaris2*) - LDSHARED='$(CC) -shared -Wl,-h$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_SHLIBEXT=so.$SHLIB_VERSION - build_symlink_command='$(LN_S) [$][@] $(LIBNAME).so' - install_symlink_command='$(LN_S) $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - REAL_LD_FLAGS='-Wl,-R$(libdir)' - if test -z "$GCC"; then - LDSHARED='$(CC) -G -h$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_PICFLAGS="-Kpic" - fi - ;; -*-fujitsu-uxpv*) - REAL_LD_FLAGS='' # really: LD_RUN_PATH=$(libdir) cc -o ... - REAL_LINK='LD_RUN_PATH=$(libdir) $(CC)' - LDSHARED='$(CC) -G' - REAL_PICFLAGS="-Kpic" - lib_deps=no # fails in mysterious ways - ;; -*-*-sunos*) - REAL_SHLIBEXT=so.$SHLIB_VERSION - REAL_LD_FLAGS='-Wl,-L$(libdir)' - lib_deps=no - ;; -*-*-irix*) - libdir="${libdir}${abilibdirext}" - REAL_LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)" - LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)" - LDSHARED="\$(CC) -shared ${abi}" - REAL_PICFLAGS= - CFLAGS="${abi} ${CFLAGS}" - ;; -*-*-os2*) - LIBPREFIX= - EXECSUFFIX='.exe' - RANLIB=EMXOMF - LD_FLAGS=-Zcrtdll - REAL_SHLIBEXT=nobuild - ;; -*-*-cygwin32*) - EXECSUFFIX='.exe' - REAL_SHLIBEXT=nobuild - ;; -*) REAL_SHLIBEXT=nobuild - REAL_PICFLAGS= - ;; -esac - -if test "${enable_shared}" != "yes" ; then - PICFLAGS="" - SHLIBEXT="nobuild" - LIBEXT="a" - build_symlink_command=@true - install_symlink_command=@true - install_symlink_command2=@true -else - PICFLAGS="$REAL_PICFLAGS" - SHLIBEXT="$REAL_SHLIBEXT" - LIBEXT="$SHLIBEXT" - AC_MSG_CHECKING(whether to use -rpath) - case "$libdir" in - /lib | /usr/lib | /usr/local/lib) - AC_MSG_RESULT(no) - REAL_LD_FLAGS= - LD_FLAGS= - ;; - *) - LD_FLAGS="$REAL_LD_FLAGS" - test "$REAL_LINK" && LINK="$REAL_LINK" - AC_MSG_RESULT($LD_FLAGS) - ;; - esac -fi - -if test "$lib_deps" = yes; then - lib_deps_yes="" - lib_deps_no="# " -else - lib_deps_yes="# " - lib_deps_no="" -fi -AC_SUBST(lib_deps_yes) -AC_SUBST(lib_deps_no) - -# use supplied ld-flags, or none if `no' -if test "$with_ld_flags" = no; then - LD_FLAGS= -elif test -n "$with_ld_flags"; then - LD_FLAGS="$with_ld_flags" -fi - -AC_SUBST(REAL_PICFLAGS) dnl -AC_SUBST(REAL_SHLIBEXT) dnl -AC_SUBST(REAL_LD_FLAGS) dnl - -AC_SUBST(PICFLAGS) dnl -AC_SUBST(SHLIBEXT) dnl -AC_SUBST(LDSHARED) dnl -AC_SUBST(LD_FLAGS) dnl -AC_SUBST(LIBEXT) dnl -AC_SUBST(LIBPREFIX) dnl -AC_SUBST(EXECSUFFIX) dnl - -AC_SUBST(build_symlink_command)dnl -AC_SUBST(install_symlink_command)dnl -AC_SUBST(install_symlink_command2)dnl -]) diff --git a/crypto/kerberosIV/cf/test-package.m4 b/crypto/kerberosIV/cf/test-package.m4 deleted file mode 100644 index 6bae158da60a..000000000000 --- a/crypto/kerberosIV/cf/test-package.m4 +++ /dev/null @@ -1,88 +0,0 @@ -dnl $Id: test-package.m4,v 1.7 1999/04/19 13:33:05 assar Exp $ -dnl -dnl AC_TEST_PACKAGE_NEW(package,headers,libraries,extra libs,default locations) - -AC_DEFUN(AC_TEST_PACKAGE,[AC_TEST_PACKAGE_NEW($1,[#include <$2>],$4,,$5)]) - -AC_DEFUN(AC_TEST_PACKAGE_NEW,[ -AC_ARG_WITH($1, -[ --with-$1=dir use $1 in dir]) -AC_ARG_WITH($1-lib, -[ --with-$1-lib=dir use $1 libraries in dir], -[if test "$withval" = "yes" -o "$withval" = "no"; then - AC_MSG_ERROR([No argument for --with-$1-lib]) -elif test "X$with_$1" = "X"; then - with_$1=yes -fi]) -AC_ARG_WITH($1-include, -[ --with-$1-include=dir use $1 headers in dir], -[if test "$withval" = "yes" -o "$withval" = "no"; then - AC_MSG_ERROR([No argument for --with-$1-include]) -elif test "X$with_$1" = "X"; then - with_$1=yes -fi]) - -AC_MSG_CHECKING(for $1) - -case "$with_$1" in -yes) ;; -no) ;; -"") ;; -*) if test "$with_$1_include" = ""; then - with_$1_include="$with_$1/include" - fi - if test "$with_$1_lib" = ""; then - with_$1_lib="$with_$1/lib$abilibdirext" - fi - ;; -esac -header_dirs= -lib_dirs= -d='$5' -for i in $d; do - header_dirs="$header_dirs $i/include" - lib_dirs="$lib_dirs $i/lib$abilibdirext" -done - -case "$with_$1_include" in -yes) ;; -no) ;; -*) header_dirs="$with_$1_include $header_dirs";; -esac -case "$with_$1_lib" in -yes) ;; -no) ;; -*) lib_dirs="$with_$1_lib $lib_dirs";; -esac - -save_CFLAGS="$CFLAGS" -save_LIBS="$LIBS" -ires= lres= -for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - AC_TRY_COMPILE([$2],,ires=$i;break) -done -for i in $lib_dirs; do - LIBS="-L$i $3 $4 $save_LIBS" - AC_TRY_LINK([$2],,lres=$i;break) -done -CFLAGS="$save_CFLAGS" -LIBS="$save_LIBS" - -if test "$ires" -a "$lres" -a "$with_$1" != "no"; then - $1_includedir="$ires" - $1_libdir="$lres" - INCLUDE_$1="-I$$1_includedir" - LIB_$1="-L$$1_libdir $3" - AC_DEFINE_UNQUOTED(upcase($1),1,[Define if you have the $1 package.]) - with_$1=yes - AC_MSG_RESULT([headers $ires, libraries $lres]) -else - INCLUDE_$1= - LIB_$1= - with_$1=no - AC_MSG_RESULT($with_$1) -fi -AC_SUBST(INCLUDE_$1) -AC_SUBST(LIB_$1) -]) diff --git a/crypto/kerberosIV/cf/wflags.m4 b/crypto/kerberosIV/cf/wflags.m4 deleted file mode 100644 index 6d9e0736618b..000000000000 --- a/crypto/kerberosIV/cf/wflags.m4 +++ /dev/null @@ -1,21 +0,0 @@ -dnl $Id: wflags.m4,v 1.3 1999/03/11 12:11:41 joda Exp $ -dnl -dnl set WFLAGS - -AC_DEFUN(AC_WFLAGS,[ -WFLAGS_NOUNUSED="" -WFLAGS_NOIMPLICITINT="" -if test -z "$WFLAGS" -a "$GCC" = "yes"; then - # -Wno-implicit-int for broken X11 headers - # leave these out for now: - # -Wcast-align doesn't work well on alpha osf/1 - # -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast - # -Wmissing-declarations -Wnested-externs - WFLAGS="ifelse($#, 0,-Wall, $1)" - WFLAGS_NOUNUSED="-Wno-unused" - WFLAGS_NOIMPLICITINT="-Wno-implicit-int" -fi -AC_SUBST(WFLAGS)dnl -AC_SUBST(WFLAGS_NOUNUSED)dnl -AC_SUBST(WFLAGS_NOIMPLICITINT)dnl -]) diff --git a/crypto/kerberosIV/config.guess b/crypto/kerberosIV/config.guess deleted file mode 100644 index 265ea69c4443..000000000000 --- a/crypto/kerberosIV/config.guess +++ /dev/null @@ -1,1291 +0,0 @@ -#! /bin/sh -# Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000 -# Free Software Foundation, Inc. - -version='2000-09-05' - -# This file is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, but -# WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -# General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -# -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# Written by Per Bothner . -# Please send patches to . -# -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. -# -# The plan is that this can be called by configure scripts if you -# don't specify an explicit system type (host/target name). -# -# Only a few systems have been added to this list; please add others -# (but try to keep the structure clean). -# - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] - -Output the configuration name of this system. - -Operation modes: - -h, --help print this help, then exit - -V, --version print version number, then exit" - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case "$1" in - --version | --vers* | -V ) - echo "$version" ; exit 0 ;; - --help | --h* | -h ) - echo "$usage"; exit 0 ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - exec >&2 - echo "$me: invalid option $1" - echo "$help" - exit 1 ;; - * ) - break ;; - esac -done - -if test $# != 0; then - echo "$me: too many arguments$help" >&2 - exit 1 -fi - -# Use $HOST_CC if defined. $CC may point to a cross-compiler -if test x"$CC_FOR_BUILD" = x; then - if test x"$HOST_CC" != x; then - CC_FOR_BUILD="$HOST_CC" - else - if test x"$CC" != x; then - CC_FOR_BUILD="$CC" - else - CC_FOR_BUILD=cc - fi - fi -fi - - -# This is needed to find uname on a Pyramid OSx when run in the BSD universe. -# (ghazi@noc.rutgers.edu 8/24/94.) -if (test -f /.attbin/uname) >/dev/null 2>&1 ; then - PATH=$PATH:/.attbin ; export PATH -fi - -UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown -UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown -UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown -UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown - -dummy=dummy-$$ -trap 'rm -f $dummy.c $dummy.o $dummy; exit 1' 1 2 15 - -# Note: order is significant - the case branches are not exclusive. - -case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in - *:NetBSD:*:*) - # Netbsd (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, - # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently - # switched to ELF, *-*-netbsd* would select the old - # object file format. This provides both forward - # compatibility and a consistent mechanism for selecting the - # object file format. - # Determine the machine/vendor (is the vendor relevant). - case "${UNAME_MACHINE}" in - amiga) machine=m68k-unknown ;; - arm32) machine=arm-unknown ;; - atari*) machine=m68k-atari ;; - sun3*) machine=m68k-sun ;; - mac68k) machine=m68k-apple ;; - macppc) machine=powerpc-apple ;; - hp3[0-9][05]) machine=m68k-hp ;; - ibmrt|romp-ibm) machine=romp-ibm ;; - *) machine=${UNAME_MACHINE}-unknown ;; - esac - # The Operating System including object format. - if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep __ELF__ >/dev/null - then - # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). - # Return netbsd for either. FIX? - os=netbsd - else - os=netbsdelf - fi - # The OS release - release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` - # Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM: - # contains redundant information, the shorter form: - # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. - echo "${machine}-${os}${release}" - exit 0 ;; - alpha:OSF1:*:*) - if test $UNAME_RELEASE = "V4.0"; then - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` - fi - # A Vn.n version is a released version. - # A Tn.n version is a released field test version. - # A Xn.n version is an unreleased experimental baselevel. - # 1.2 uses "1.2" for uname -r. - cat <$dummy.s - .data -\$Lformat: - .byte 37,100,45,37,120,10,0 # "%d-%x\n" - - .text - .globl main - .align 4 - .ent main -main: - .frame \$30,16,\$26,0 - ldgp \$29,0(\$27) - .prologue 1 - .long 0x47e03d80 # implver \$0 - lda \$2,-1 - .long 0x47e20c21 # amask \$2,\$1 - lda \$16,\$Lformat - mov \$0,\$17 - not \$1,\$18 - jsr \$26,printf - ldgp \$29,0(\$26) - mov 0,\$16 - jsr \$26,exit - .end main -EOF - $CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null - if test "$?" = 0 ; then - case `./$dummy` in - 0-0) - UNAME_MACHINE="alpha" - ;; - 1-0) - UNAME_MACHINE="alphaev5" - ;; - 1-1) - UNAME_MACHINE="alphaev56" - ;; - 1-101) - UNAME_MACHINE="alphapca56" - ;; - 2-303) - UNAME_MACHINE="alphaev6" - ;; - 2-307) - UNAME_MACHINE="alphaev67" - ;; - esac - fi - rm -f $dummy.s $dummy - echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit 0 ;; - Alpha\ *:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # Should we change UNAME_MACHINE based on the output of uname instead - # of the specific Alpha model? - echo alpha-pc-interix - exit 0 ;; - 21064:Windows_NT:50:3) - echo alpha-dec-winnt3.5 - exit 0 ;; - Amiga*:UNIX_System_V:4.0:*) - echo m68k-unknown-sysv4 - exit 0;; - amiga:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - *:[Aa]miga[Oo][Ss]:*:*) - echo ${UNAME_MACHINE}-unknown-amigaos - exit 0 ;; - arc64:OpenBSD:*:*) - echo mips64el-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - arc:OpenBSD:*:*) - echo mipsel-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - hkmips:OpenBSD:*:*) - echo mips-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - pmax:OpenBSD:*:*) - echo mipsel-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - sgi:OpenBSD:*:*) - echo mips-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - wgrisc:OpenBSD:*:*) - echo mipsel-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - *:OS/390:*:*) - echo i370-ibm-openedition - exit 0 ;; - arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) - echo arm-acorn-riscix${UNAME_RELEASE} - exit 0;; - SR2?01:HI-UX/MPP:*:*) - echo hppa1.1-hitachi-hiuxmpp - exit 0;; - Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*) - # akee@wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE. - if test "`(/bin/universe) 2>/dev/null`" = att ; then - echo pyramid-pyramid-sysv3 - else - echo pyramid-pyramid-bsd - fi - exit 0 ;; - NILE*:*:*:dcosx) - echo pyramid-pyramid-svr4 - exit 0 ;; - sun4H:SunOS:5.*:*) - echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; - sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) - echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; - i86pc:SunOS:5.*:*) - echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; - sun4*:SunOS:6*:*) - # According to config.sub, this is the proper way to canonicalize - # SunOS6. Hard to guess exactly what SunOS6 will be like, but - # it's likely to be more like Solaris than SunOS4. - echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; - sun4*:SunOS:*:*) - case "`/usr/bin/arch -k`" in - Series*|S4*) - UNAME_RELEASE=`uname -v` - ;; - esac - # Japanese Language versions have a version number like `4.1.3-JL'. - echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'` - exit 0 ;; - sun3*:SunOS:*:*) - echo m68k-sun-sunos${UNAME_RELEASE} - exit 0 ;; - sun*:*:4.2BSD:*) - UNAME_RELEASE=`(head -1 /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null` - test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3 - case "`/bin/arch`" in - sun3) - echo m68k-sun-sunos${UNAME_RELEASE} - ;; - sun4) - echo sparc-sun-sunos${UNAME_RELEASE} - ;; - esac - exit 0 ;; - aushp:SunOS:*:*) - echo sparc-auspex-sunos${UNAME_RELEASE} - exit 0 ;; - atari*:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - # The situation for MiNT is a little confusing. The machine name - # can be virtually everything (everything which is not - # "atarist" or "atariste" at least should have a processor - # > m68000). The system name ranges from "MiNT" over "FreeMiNT" - # to the lowercase version "mint" (or "freemint"). Finally - # the system name "TOS" denotes a system which is actually not - # MiNT. But MiNT is downward compatible to TOS, so this should - # be no problem. - atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; - atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; - *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} - exit 0 ;; - milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit 0 ;; - hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit 0 ;; - *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit 0 ;; - sun3*:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mac68k:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvme68k:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - mvme88k:OpenBSD:*:*) - echo m88k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - powerpc:machten:*:*) - echo powerpc-apple-machten${UNAME_RELEASE} - exit 0 ;; - RISC*:Mach:*:*) - echo mips-dec-mach_bsd4.3 - exit 0 ;; - RISC*:ULTRIX:*:*) - echo mips-dec-ultrix${UNAME_RELEASE} - exit 0 ;; - VAX*:ULTRIX*:*:*) - echo vax-dec-ultrix${UNAME_RELEASE} - exit 0 ;; - 2020:CLIX:*:* | 2430:CLIX:*:*) - echo clipper-intergraph-clix${UNAME_RELEASE} - exit 0 ;; - mips:*:*:UMIPS | mips:*:*:RISCos) - sed 's/^ //' << EOF >$dummy.c -#ifdef __cplusplus -#include /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif - #if defined (host_mips) && defined (MIPSEB) - #if defined (SYSTYPE_SYSV) - printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_SVR4) - printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0); - #endif - #if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD) - printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0); - #endif - #endif - exit (-1); - } -EOF - $CC_FOR_BUILD $dummy.c -o $dummy \ - && ./$dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \ - && rm $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy - echo mips-mips-riscos${UNAME_RELEASE} - exit 0 ;; - Night_Hawk:Power_UNIX:*:*) - echo powerpc-harris-powerunix - exit 0 ;; - m88k:CX/UX:7*:*) - echo m88k-harris-cxux7 - exit 0 ;; - m88k:*:4*:R4*) - echo m88k-motorola-sysv4 - exit 0 ;; - m88k:*:3*:R3*) - echo m88k-motorola-sysv3 - exit 0 ;; - AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` - if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110] - then - if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ - [ ${TARGET_BINARY_INTERFACE}x = x ] - then - echo m88k-dg-dgux${UNAME_RELEASE} - else - echo m88k-dg-dguxbcs${UNAME_RELEASE} - fi - else - echo i586-dg-dgux${UNAME_RELEASE} - fi - exit 0 ;; - M88*:DolphinOS:*:*) # DolphinOS (SVR3) - echo m88k-dolphin-sysv3 - exit 0 ;; - M88*:*:R3*:*) - # Delta 88k system running SVR3 - echo m88k-motorola-sysv3 - exit 0 ;; - XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3) - echo m88k-tektronix-sysv3 - exit 0 ;; - Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD) - echo m68k-tektronix-bsd - exit 0 ;; - *:IRIX*:*:*) - echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'` - exit 0 ;; - ????????:AIX?:[12].1:2) # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX. - echo romp-ibm-aix # uname -m gives an 8 hex-code CPU id - exit 0 ;; # Note that: echo "'`uname -s`'" gives 'AIX ' - i?86:AIX:*:*) - echo i386-ibm-aix - exit 0 ;; - *:AIX:2:3) - if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then - sed 's/^ //' << EOF >$dummy.c - #include - - main() - { - if (!__power_pc()) - exit(1); - puts("powerpc-ibm-aix3.2.5"); - exit(0); - } -EOF - $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy - echo rs6000-ibm-aix3.2.5 - elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then - echo rs6000-ibm-aix3.2.4 - else - echo rs6000-ibm-aix3.2 - fi - exit 0 ;; - *:AIX:*:4) - IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | head -1 | awk '{ print $1 }'` - if /usr/sbin/lsattr -EHl ${IBM_CPU_ID} | grep POWER >/dev/null 2>&1; then - IBM_ARCH=rs6000 - else - IBM_ARCH=powerpc - fi - if [ -x /usr/bin/oslevel ] ; then - IBM_REV=`/usr/bin/oslevel` - else - IBM_REV=4.${UNAME_RELEASE} - fi - echo ${IBM_ARCH}-ibm-aix${IBM_REV} - exit 0 ;; - *:AIX:*:*) - echo rs6000-ibm-aix - exit 0 ;; - ibmrt:4.4BSD:*|romp-ibm:BSD:*) - echo romp-ibm-bsd4.4 - exit 0 ;; - ibmrt:*BSD:*|romp-ibm:BSD:*) # covers RT/PC BSD and - echo romp-ibm-bsd${UNAME_RELEASE} # 4.3 with uname added to - exit 0 ;; # report: romp-ibm BSD 4.3 - *:BOSX:*:*) - echo rs6000-bull-bosx - exit 0 ;; - DPX/2?00:B.O.S.:*:*) - echo m68k-bull-sysv3 - exit 0 ;; - 9000/[34]??:4.3bsd:1.*:*) - echo m68k-hp-bsd - exit 0 ;; - hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*) - echo m68k-hp-bsd4.4 - exit 0 ;; - 9000/[34678]??:HP-UX:*:*) - case "${UNAME_MACHINE}" in - 9000/31? ) HP_ARCH=m68000 ;; - 9000/[34]?? ) HP_ARCH=m68k ;; - 9000/[678][0-9][0-9]) - sed 's/^ //' << EOF >$dummy.c - - #define _HPUX_SOURCE - #include - #include - - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); - - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } -EOF - (CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null ) && HP_ARCH=`./$dummy` - rm -f $dummy.c $dummy - esac - HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'` - echo ${HP_ARCH}-hp-hpux${HPUX_REV} - exit 0 ;; - 3050*:HI-UX:*:*) - sed 's/^ //' << EOF >$dummy.c - #include - int - main () - { - long cpu = sysconf (_SC_CPU_VERSION); - /* The order matters, because CPU_IS_HP_MC68K erroneously returns - true for CPU_PA_RISC1_0. CPU_IS_PA_RISC returns correct - results, however. */ - if (CPU_IS_PA_RISC (cpu)) - { - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break; - case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break; - default: puts ("hppa-hitachi-hiuxwe2"); break; - } - } - else if (CPU_IS_HP_MC68K (cpu)) - puts ("m68k-hitachi-hiuxwe2"); - else puts ("unknown-hitachi-hiuxwe2"); - exit (0); - } -EOF - $CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy - echo unknown-hitachi-hiuxwe2 - exit 0 ;; - 9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* ) - echo hppa1.1-hp-bsd - exit 0 ;; - 9000/8??:4.3bsd:*:*) - echo hppa1.0-hp-bsd - exit 0 ;; - *9??*:MPE/iX:*:*) - echo hppa1.0-hp-mpeix - exit 0 ;; - hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* ) - echo hppa1.1-hp-osf - exit 0 ;; - hp8??:OSF1:*:*) - echo hppa1.0-hp-osf - exit 0 ;; - i?86:OSF1:*:*) - if [ -x /usr/sbin/sysversion ] ; then - echo ${UNAME_MACHINE}-unknown-osf1mk - else - echo ${UNAME_MACHINE}-unknown-osf1 - fi - exit 0 ;; - parisc*:Lites*:*:*) - echo hppa1.1-hp-lites - exit 0 ;; - hppa*:OpenBSD:*:*) - echo hppa-unknown-openbsd - exit 0 ;; - C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) - echo c1-convex-bsd - exit 0 ;; - C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit 0 ;; - C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) - echo c34-convex-bsd - exit 0 ;; - C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) - echo c38-convex-bsd - exit 0 ;; - C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) - echo c4-convex-bsd - exit 0 ;; - CRAY*X-MP:*:*:*) - echo xmp-cray-unicos - exit 0 ;; - CRAY*Y-MP:*:*:*) - echo ymp-cray-unicos${UNAME_RELEASE} - exit 0 ;; - CRAY*[A-Z]90:*:*:*) - echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \ - | sed -e 's/CRAY.*\([A-Z]90\)/\1/' \ - -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ - exit 0 ;; - CRAY*TS:*:*:*) - echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; - CRAY*T3E:*:*:*) - echo alpha-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; - CRAY*SV1:*:*:*) - echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' - exit 0 ;; - CRAY-2:*:*:*) - echo cray2-cray-unicos - exit 0 ;; - F300:UNIX_System_V:*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "f300-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit 0 ;; - F301:UNIX_System_V:*:*) - echo f301-fujitsu-uxpv`echo $UNAME_RELEASE | sed 's/ .*//'` - exit 0 ;; - hp300:OpenBSD:*:*) - echo m68k-unknown-openbsd${UNAME_RELEASE} - exit 0 ;; - i?86:BSD/386:*:* | i?86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) - echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} - exit 0 ;; - sparc*:BSD/OS:*:*) - echo sparc-unknown-bsdi${UNAME_RELEASE} - exit 0 ;; - *:BSD/OS:*:*) - echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} - exit 0 ;; - *:FreeBSD:*:*) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` - exit 0 ;; - *:OpenBSD:*:*) - echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'` - exit 0 ;; - i*:CYGWIN*:*) - echo ${UNAME_MACHINE}-pc-cygwin - exit 0 ;; - i*:MINGW*:*) - echo ${UNAME_MACHINE}-pc-mingw32 - exit 0 ;; - i*:PW*:*) - echo ${UNAME_MACHINE}-pc-pw32 - exit 0 ;; - i*:Windows_NT*:* | Pentium*:Windows_NT*:*) - # How do we know it's Interix rather than the generic POSIX subsystem? - # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we - # UNAME_MACHINE based on the output of uname instead of i386? - echo i386-pc-interix - exit 0 ;; - i*:UWIN*:*) - echo ${UNAME_MACHINE}-pc-uwin - exit 0 ;; - p*:CYGWIN*:*) - echo powerpcle-unknown-cygwin - exit 0 ;; - prep*:SunOS:5.*:*) - echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` - exit 0 ;; - *:GNU:*:*) - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` - exit 0 ;; - i*86:Minix:*:*) - echo ${UNAME_MACHINE}-pc-minix - exit 0 ;; - *:Linux:*:*) - - # The BFD linker knows what the default object file format is, so - # first see if it will tell us. cd to the root directory to prevent - # problems with other programs or directories called `ld' in the path. - ld_help_string=`cd /; ld --help 2>&1` - ld_supported_emulations=`echo $ld_help_string \ - | sed -ne '/supported emulations:/!d - s/[ ][ ]*/ /g - s/.*supported emulations: *// - s/ .*// - p'` - case "$ld_supported_emulations" in - *ia64) - echo "${UNAME_MACHINE}-unknown-linux" - exit 0 - ;; - i?86linux) - echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit 0 - ;; - elf_i?86) - TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" - ;; - i?86coff) - echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit 0 - ;; - sparclinux) - echo "${UNAME_MACHINE}-unknown-linux-gnuaout" - exit 0 - ;; - armlinux) - echo "${UNAME_MACHINE}-unknown-linux-gnuaout" - exit 0 - ;; - elf32arm*) - echo "${UNAME_MACHINE}-unknown-linux-gnuoldld" - exit 0 - ;; - armelf_linux*) - echo "${UNAME_MACHINE}-unknown-linux-gnu" - exit 0 - ;; - m68klinux) - echo "${UNAME_MACHINE}-unknown-linux-gnuaout" - exit 0 - ;; - elf32ppc | elf32ppclinux) - # Determine Lib Version - cat >$dummy.c < -#if defined(__GLIBC__) -extern char __libc_version[]; -extern char __libc_release[]; -#endif -main(argc, argv) - int argc; - char *argv[]; -{ -#if defined(__GLIBC__) - printf("%s %s\n", __libc_version, __libc_release); -#else - printf("unkown\n"); -#endif - return 0; -} -EOF - LIBC="" - $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null - if test "$?" = 0 ; then - ./$dummy | grep 1\.99 > /dev/null - if test "$?" = 0 ; then - LIBC="libc1" - fi - fi - rm -f $dummy.c $dummy - echo powerpc-unknown-linux-gnu${LIBC} - exit 0 - ;; - shelf_linux) - echo "${UNAME_MACHINE}-unknown-linux-gnu" - exit 0 - ;; - esac - - if test "${UNAME_MACHINE}" = "alpha" ; then - cat <$dummy.s - .data - \$Lformat: - .byte 37,100,45,37,120,10,0 # "%d-%x\n" - - .text - .globl main - .align 4 - .ent main - main: - .frame \$30,16,\$26,0 - ldgp \$29,0(\$27) - .prologue 1 - .long 0x47e03d80 # implver \$0 - lda \$2,-1 - .long 0x47e20c21 # amask \$2,\$1 - lda \$16,\$Lformat - mov \$0,\$17 - not \$1,\$18 - jsr \$26,printf - ldgp \$29,0(\$26) - mov 0,\$16 - jsr \$26,exit - .end main -EOF - LIBC="" - $CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null - if test "$?" = 0 ; then - case `./$dummy` in - 0-0) - UNAME_MACHINE="alpha" - ;; - 1-0) - UNAME_MACHINE="alphaev5" - ;; - 1-1) - UNAME_MACHINE="alphaev56" - ;; - 1-101) - UNAME_MACHINE="alphapca56" - ;; - 2-303) - UNAME_MACHINE="alphaev6" - ;; - 2-307) - UNAME_MACHINE="alphaev67" - ;; - esac - - objdump --private-headers $dummy | \ - grep ld.so.1 > /dev/null - if test "$?" = 0 ; then - LIBC="libc1" - fi - fi - rm -f $dummy.s $dummy - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} ; exit 0 - elif test "${UNAME_MACHINE}" = "mips" ; then - cat >$dummy.c < /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif -#ifdef __MIPSEB__ - printf ("%s-unknown-linux-gnu\n", argv[1]); -#endif -#ifdef __MIPSEL__ - printf ("%sel-unknown-linux-gnu\n", argv[1]); -#endif - return 0; -} -EOF - $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy - elif test "${UNAME_MACHINE}" = "s390"; then - echo s390-ibm-linux && exit 0 - elif test "${UNAME_MACHINE}" = "x86_64"; then - echo x86_64-unknown-linux-gnu && exit 0 - else - # Either a pre-BFD a.out linker (linux-gnuoldld) - # or one that does not give us useful --help. - # GCC wants to distinguish between linux-gnuoldld and linux-gnuaout. - # If ld does not provide *any* "supported emulations:" - # that means it is gnuoldld. - echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations:" - test $? != 0 && echo "${UNAME_MACHINE}-pc-linux-gnuoldld" && exit 0 - - case "${UNAME_MACHINE}" in - i?86) - VENDOR=pc; - ;; - *) - VENDOR=unknown; - ;; - esac - # Determine whether the default compiler is a.out or elf - cat >$dummy.c < -#ifdef __cplusplus -#include /* for printf() prototype */ - int main (int argc, char *argv[]) { -#else - int main (argc, argv) int argc; char *argv[]; { -#endif -#ifdef __ELF__ -# ifdef __GLIBC__ -# if __GLIBC__ >= 2 - printf ("%s-${VENDOR}-linux-gnu\n", argv[1]); -# else - printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]); -# endif -# else - printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]); -# endif -#else - printf ("%s-${VENDOR}-linux-gnuaout\n", argv[1]); -#endif - return 0; -} -EOF - $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0 - rm -f $dummy.c $dummy - test x"${TENTATIVE}" != x && echo "${TENTATIVE}" && exit 0 - fi ;; -# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. earlier versions -# are messed up and put the nodename in both sysname and nodename. - i?86:DYNIX/ptx:4*:*) - echo i386-sequent-sysv4 - exit 0 ;; - i?86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, - # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. - echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} - exit 0 ;; - i?86:*:4.*:* | i?86:SYSTEM_V:4.*:*) - UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'` - if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then - echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL} - else - echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL} - fi - exit 0 ;; - i?86:*:5:7*) - # Fixed at (any) Pentium or better - UNAME_MACHINE=i586 - if [ ${UNAME_SYSTEM} = "UnixWare" ] ; then - echo ${UNAME_MACHINE}-sco-sysv${UNAME_RELEASE}uw${UNAME_VERSION} - else - echo ${UNAME_MACHINE}-pc-sysv${UNAME_RELEASE} - fi - exit 0 ;; - i?86:*:3.2:*) - if test -f /usr/options/cb.name; then - UNAME_REL=`sed -n 's/.*Version //p' /dev/null >/dev/null ; then - UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')` - (/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486 - (/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \ - && UNAME_MACHINE=i586 - (/bin/uname -X|egrep '^Machine.*Pent ?II' >/dev/null) \ - && UNAME_MACHINE=i686 - (/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \ - && UNAME_MACHINE=i686 - echo ${UNAME_MACHINE}-pc-sco$UNAME_REL - else - echo ${UNAME_MACHINE}-pc-sysv32 - fi - exit 0 ;; - i?86:*DOS:*:*) - echo ${UNAME_MACHINE}-pc-msdosdjgpp - exit 0 ;; - pc:*:*:*) - # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i386. - echo i386-pc-msdosdjgpp - exit 0 ;; - Intel:Mach:3*:*) - echo i386-pc-mach3 - exit 0 ;; - paragon:*:*:*) - echo i860-intel-osf1 - exit 0 ;; - i860:*:4.*:*) # i860-SVR4 - if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then - echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4 - else # Add other i860-SVR4 vendors below as they are discovered. - echo i860-unknown-sysv${UNAME_RELEASE} # Unknown i860-SVR4 - fi - exit 0 ;; - mini*:CTIX:SYS*5:*) - # "miniframe" - echo m68010-convergent-sysv - exit 0 ;; - M68*:*:R3V[567]*:*) - test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;; - 3[34]??:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0) - OS_REL='' - test -r /etc/.relid \ - && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && echo i486-ncr-sysv4.3${OS_REL} && exit 0 - /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ - && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;; - 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && echo i486-ncr-sysv4 && exit 0 ;; - m68*:LynxOS:2.*:*) - echo m68k-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; - mc68030:UNIX_System_V:4.*:*) - echo m68k-atari-sysv4 - exit 0 ;; - i?86:LynxOS:2.*:* | i?86:LynxOS:3.[01]*:*) - echo i386-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; - TSUNAMI:LynxOS:2.*:*) - echo sparc-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; - rs6000:LynxOS:2.*:* | PowerPC:LynxOS:2.*:*) - echo rs6000-unknown-lynxos${UNAME_RELEASE} - exit 0 ;; - SM[BE]S:UNIX_SV:*:*) - echo mips-dde-sysv${UNAME_RELEASE} - exit 0 ;; - RM*:ReliantUNIX-*:*:*) - echo mips-sni-sysv4 - exit 0 ;; - RM*:SINIX-*:*:*) - echo mips-sni-sysv4 - exit 0 ;; - *:SINIX-*:*:*) - if uname -p 2>/dev/null >/dev/null ; then - UNAME_MACHINE=`(uname -p) 2>/dev/null` - echo ${UNAME_MACHINE}-sni-sysv4 - else - echo ns32k-sni-sysv - fi - exit 0 ;; - PENTIUM:CPunix:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit 0 ;; - *:UNIX_System_V:4*:FTX*) - # From Gerald Hewes . - # How about differentiating between stratus architectures? -djm - echo hppa1.1-stratus-sysv4 - exit 0 ;; - *:*:*:FTX*) - # From seanf@swdc.stratus.com. - echo i860-stratus-sysv4 - exit 0 ;; - mc68*:A/UX:*:*) - echo m68k-apple-aux${UNAME_RELEASE} - exit 0 ;; - news*:NEWS-OS:6*:*) - echo mips-sony-newsos6 - exit 0 ;; - R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) - if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} - else - echo mips-unknown-sysv${UNAME_RELEASE} - fi - exit 0 ;; - BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. - echo powerpc-be-beos - exit 0 ;; - BeMac:BeOS:*:*) # BeOS running on Mac or Mac clone, PPC only. - echo powerpc-apple-beos - exit 0 ;; - BePC:BeOS:*:*) # BeOS running on Intel PC compatible. - echo i586-pc-beos - exit 0 ;; - SX-4:SUPER-UX:*:*) - echo sx4-nec-superux${UNAME_RELEASE} - exit 0 ;; - SX-5:SUPER-UX:*:*) - echo sx5-nec-superux${UNAME_RELEASE} - exit 0 ;; - Power*:Rhapsody:*:*) - echo powerpc-apple-rhapsody${UNAME_RELEASE} - exit 0 ;; - *:Rhapsody:*:*) - echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE} - exit 0 ;; - *:Darwin:*:*) - echo `uname -p`-apple-darwin${UNAME_RELEASE} - exit 0 ;; - *:procnto*:*:* | *:QNX:[0123456789]*:*) - if test "${UNAME_MACHINE}" = "x86pc"; then - UNAME_MACHINE=pc - fi - echo `uname -p`-${UNAME_MACHINE}-nto-qnx - exit 0 ;; - *:QNX:*:4*) - echo i386-pc-qnx - exit 0 ;; - NSR-[KW]:NONSTOP_KERNEL:*:*) - echo nsr-tandem-nsk${UNAME_RELEASE} - exit 0 ;; - BS2000:POSIX*:*:*) - echo bs2000-siemens-sysv - exit 0 ;; - DS/*:UNIX_System_V:*:*) - echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE} - exit 0 ;; - *:Plan9:*:*) - # "uname -m" is not consistent, so use $cputype instead. 386 - # is converted to i386 for consistency with other x86 - # operating systems. - if test "$cputype" = "386"; then - UNAME_MACHINE=i386 - else - UNAME_MACHINE="$cputype" - fi - echo ${UNAME_MACHINE}-unknown-plan9 - exit 0 ;; - *:OS/2:*:*) - echo ${UNAME_MACHINE}-pc-os2_emx -esac - -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - -cat >$dummy.c < -# include -#endif -main () -{ -#if defined (sony) -#if defined (MIPSEB) - /* BFD wants "bsd" instead of "newsos". Perhaps BFD should be changed, - I don't know.... */ - printf ("mips-sony-bsd\n"); exit (0); -#else -#include - printf ("m68k-sony-newsos%s\n", -#ifdef NEWSOS4 - "4" -#else - "" -#endif - ); exit (0); -#endif -#endif - -#if defined (__arm) && defined (__acorn) && defined (__unix) - printf ("arm-acorn-riscix"); exit (0); -#endif - -#if defined (hp300) && !defined (hpux) - printf ("m68k-hp-bsd\n"); exit (0); -#endif - -#if defined (NeXT) -#if !defined (__ARCHITECTURE__) -#define __ARCHITECTURE__ "m68k" -#endif - int version; - version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`; - if (version < 4) - printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version); - else - printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version); - exit (0); -#endif - -#if defined (MULTIMAX) || defined (n16) -#if defined (UMAXV) - printf ("ns32k-encore-sysv\n"); exit (0); -#else -#if defined (CMU) - printf ("ns32k-encore-mach\n"); exit (0); -#else - printf ("ns32k-encore-bsd\n"); exit (0); -#endif -#endif -#endif - -#if defined (__386BSD__) - printf ("i386-pc-bsd\n"); exit (0); -#endif - -#if defined (sequent) -#if defined (i386) - printf ("i386-sequent-dynix\n"); exit (0); -#endif -#if defined (ns32000) - printf ("ns32k-sequent-dynix\n"); exit (0); -#endif -#endif - -#if defined (_SEQUENT_) - struct utsname un; - - uname(&un); - - if (strncmp(un.version, "V2", 2) == 0) { - printf ("i386-sequent-ptx2\n"); exit (0); - } - if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */ - printf ("i386-sequent-ptx1\n"); exit (0); - } - printf ("i386-sequent-ptx\n"); exit (0); - -#endif - -#if defined (vax) -#if !defined (ultrix) - printf ("vax-dec-bsd\n"); exit (0); -#else - printf ("vax-dec-ultrix\n"); exit (0); -#endif -#endif - -#if defined (alliant) && defined (i860) - printf ("i860-alliant-bsd\n"); exit (0); -#endif - - exit (1); -} -EOF - -$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm $dummy.c $dummy && exit 0 -rm -f $dummy.c $dummy - -# Apollos put the system type in the environment. - -test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; } - -# Convex versions that predate uname can use getsysinfo(1) - -if [ -x /usr/convex/getsysinfo ] -then - case `getsysinfo -f cpu_type` in - c1*) - echo c1-convex-bsd - exit 0 ;; - c2*) - if getsysinfo -f scalar_acc - then echo c32-convex-bsd - else echo c2-convex-bsd - fi - exit 0 ;; - c34*) - echo c34-convex-bsd - exit 0 ;; - c38*) - echo c38-convex-bsd - exit 0 ;; - c4*) - echo c4-convex-bsd - exit 0 ;; - esac -fi - -cat >&2 < in order to provide the needed -information to handle your system. - -config.guess version = $version - -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null` - -hostinfo = `(hostinfo) 2>/dev/null` -/bin/universe = `(/bin/universe) 2>/dev/null` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null` -/bin/arch = `(/bin/arch) 2>/dev/null` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null` - -UNAME_MACHINE = ${UNAME_MACHINE} -UNAME_RELEASE = ${UNAME_RELEASE} -UNAME_SYSTEM = ${UNAME_SYSTEM} -UNAME_VERSION = ${UNAME_VERSION} -EOF - -exit 1 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "version='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/crypto/kerberosIV/config.sub b/crypto/kerberosIV/config.sub deleted file mode 100644 index 42fc991d08ac..000000000000 --- a/crypto/kerberosIV/config.sub +++ /dev/null @@ -1,1328 +0,0 @@ -#! /bin/sh -# Configuration validation subroutine script, version 1.1. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000 -# Free Software Foundation, Inc. - -version='2000-09-11' - -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or -# (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, -# Boston, MA 02111-1307, USA. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# Please send patches to . -# -# Configuration subroutine to validate and canonicalize a configuration type. -# Supply the specified configuration type as an argument. -# If it is invalid, we print an error message on stderr and exit with code 1. -# Otherwise, we print the canonical config type on stdout and succeed. - -# This file is supposed to be the same for all GNU packages -# and recognize all the CPU types, system types and aliases -# that are meaningful with *any* GNU software. -# Each package is responsible for reporting which valid configurations -# it does not support. The user should be able to distinguish -# a failure to support a valid configuration from a meaningless -# configuration. - -# The goal of this file is to map all the various variations of a given -# machine specification into a single specification in the form: -# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM -# or in some cases, the newer four-part form: -# CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM -# It is wrong to echo any other type of specification. - -me=`echo "$0" | sed -e 's,.*/,,'` - -usage="\ -Usage: $0 [OPTION] CPU-MFR-OPSYS - $0 [OPTION] ALIAS - -Canonicalize a configuration name. - -Operation modes: - -h, --help print this help, then exit - -V, --version print version number, then exit" - -help=" -Try \`$me --help' for more information." - -# Parse command line -while test $# -gt 0 ; do - case "$1" in - --version | --vers* | -V ) - echo "$version" ; exit 0 ;; - --help | --h* | -h ) - echo "$usage"; exit 0 ;; - -- ) # Stop option processing - shift; break ;; - - ) # Use stdin as input. - break ;; - -* ) - exec >&2 - echo "$me: invalid option $1" - echo "$help" - exit 1 ;; - - *local*) - # First pass through any local machine types. - echo $1 - exit 0;; - - * ) - break ;; - esac -done - -case $# in - 0) echo "$me: missing argument$help" >&2 - exit 1;; - 1) ;; - *) echo "$me: too many arguments$help" >&2 - exit 1;; -esac - -# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any). -# Here we must recognize all the valid KERNEL-OS combinations. -maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` -case $maybe_os in - nto-qnx* | linux-gnu*) - os=-$maybe_os - basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` - ;; - *) - basic_machine=`echo $1 | sed 's/-[^-]*$//'` - if [ $basic_machine != $1 ] - then os=`echo $1 | sed 's/.*-/-/'` - else os=; fi - ;; -esac - -### Let's recognize common machines as not being operating systems so -### that things like config.sub decstation-3100 work. We also -### recognize some manufacturers as not being operating systems, so we -### can provide default operating systems below. -case $os in - -sun*os*) - # Prevent following clause from handling this invalid input. - ;; - -dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \ - -att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \ - -unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \ - -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ - -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ - -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis) - os= - basic_machine=$1 - ;; - -sim | -cisco | -oki | -wec | -winbond) - os= - basic_machine=$1 - ;; - -scout) - ;; - -wrs) - os=-vxworks - basic_machine=$1 - ;; - -hiux*) - os=-hiuxwe2 - ;; - -sco5) - os=-sco3.2v5 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco4) - os=-sco3.2v4 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2.[4-9]*) - os=`echo $os | sed -e 's/sco3.2./sco3.2v/'` - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco3.2v[4-9]*) - # Don't forget version if it is 3.2v4 or newer. - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -sco*) - os=-sco3.2v2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -udk*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -isc) - os=-isc2.2 - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -clix*) - basic_machine=clipper-intergraph - ;; - -isc*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` - ;; - -lynx*) - os=-lynxos - ;; - -ptx*) - basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'` - ;; - -windowsnt*) - os=`echo $os | sed -e 's/windowsnt/winnt/'` - ;; - -psos*) - os=-psos - ;; - -mint | -mint[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; -esac - -# Decode aliases for certain CPU-COMPANY combinations. -case $basic_machine in - # Recognize the basic CPU types without company name. - # Some are omitted here because they have special meanings below. - tahoe | i860 | ia64 | m32r | m68k | m68000 | m88k | ns32k | arc | arm \ - | arme[lb] | armv[2345] | armv[345][lb] | pyramid | mn10200 | mn10300 | tron | a29k \ - | 580 | i960 | h8300 \ - | x86 | ppcbe | mipsbe | mipsle | shbe | shle | armbe | armle \ - | hppa | hppa1.0 | hppa1.1 | hppa2.0 | hppa2.0w | hppa2.0n \ - | hppa64 \ - | alpha | alphaev[4-8] | alphaev56 | alphapca5[67] \ - | alphaev6[78] \ - | we32k | ns16k | clipper | i370 | sh | sh[34] \ - | powerpc | powerpcle \ - | 1750a | dsp16xx | pdp11 | mips16 | mips64 | mipsel | mips64el \ - | mips64orion | mips64orionel | mipstx39 | mipstx39el \ - | mips64vr4300 | mips64vr4300el | mips64vr4100 | mips64vr4100el \ - | mips64vr5000 | miprs64vr5000el | mcore \ - | sparc | sparclet | sparclite | sparc64 | sparcv9 | v850 | c4x \ - | thumb | d10v | d30v | fr30 | avr) - basic_machine=$basic_machine-unknown - ;; - m6811 | m68hc11 | m6812 | m68hc12) - # Motorola 68HC11/12. - basic_machine=$basic_machine-unknown - os=-none - ;; - m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | z8k | v70 | h8500 | w65 | pj | pjl) - ;; - - # We use `pc' rather than `unknown' - # because (1) that's what they normally are, and - # (2) the word "unknown" tends to confuse beginning users. - i[234567]86 | x86_64) - basic_machine=$basic_machine-pc - ;; - # Object if more than one company name word. - *-*-*) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; - # Recognize the basic CPU types with company name. - # FIXME: clean up the formatting here. - vax-* | tahoe-* | i[234567]86-* | i860-* | ia64-* | m32r-* | m68k-* | m68000-* \ - | m88k-* | sparc-* | ns32k-* | fx80-* | arc-* | arm-* | c[123]* \ - | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* \ - | power-* | none-* | 580-* | cray2-* | h8300-* | h8500-* | i960-* \ - | xmp-* | ymp-* \ - | x86-* | ppcbe-* | mipsbe-* | mipsle-* | shbe-* | shle-* | armbe-* | armle-* \ - | hppa-* | hppa1.0-* | hppa1.1-* | hppa2.0-* | hppa2.0w-* \ - | hppa2.0n-* | hppa64-* \ - | alpha-* | alphaev[4-8]-* | alphaev56-* | alphapca5[67]-* \ - | alphaev6[78]-* \ - | we32k-* | cydra-* | ns16k-* | pn-* | np1-* | xps100-* \ - | clipper-* | orion-* \ - | sparclite-* | pdp11-* | sh-* | powerpc-* | powerpcle-* \ - | sparc64-* | sparcv9-* | sparc86x-* | mips16-* | mips64-* | mipsel-* \ - | mips64el-* | mips64orion-* | mips64orionel-* \ - | mips64vr4100-* | mips64vr4100el-* | mips64vr4300-* | mips64vr4300el-* \ - | mipstx39-* | mipstx39el-* | mcore-* \ - | f301-* | armv*-* | s390-* | sv1-* | t3e-* \ - | m88110-* | m680[01234]0-* | m683?2-* | m68360-* | z8k-* | d10v-* \ - | thumb-* | v850-* | d30v-* | tic30-* | c30-* | fr30-* \ - | bs2000-* | tic54x-* | c54x-* | x86_64-*) - ;; - # Recognize the various machine names and aliases which stand - # for a CPU type and a company and sometimes even an OS. - 386bsd) - basic_machine=i386-unknown - os=-bsd - ;; - 3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc) - basic_machine=m68000-att - ;; - 3b*) - basic_machine=we32k-att - ;; - a29khif) - basic_machine=a29k-amd - os=-udi - ;; - adobe68k) - basic_machine=m68010-adobe - os=-scout - ;; - alliant | fx80) - basic_machine=fx80-alliant - ;; - altos | altos3068) - basic_machine=m68k-altos - ;; - am29k) - basic_machine=a29k-none - os=-bsd - ;; - amdahl) - basic_machine=580-amdahl - os=-sysv - ;; - amiga | amiga-*) - basic_machine=m68k-unknown - ;; - amigaos | amigados) - basic_machine=m68k-unknown - os=-amigaos - ;; - amigaunix | amix) - basic_machine=m68k-unknown - os=-sysv4 - ;; - apollo68) - basic_machine=m68k-apollo - os=-sysv - ;; - apollo68bsd) - basic_machine=m68k-apollo - os=-bsd - ;; - aux) - basic_machine=m68k-apple - os=-aux - ;; - balance) - basic_machine=ns32k-sequent - os=-dynix - ;; - convex-c1) - basic_machine=c1-convex - os=-bsd - ;; - convex-c2) - basic_machine=c2-convex - os=-bsd - ;; - convex-c32) - basic_machine=c32-convex - os=-bsd - ;; - convex-c34) - basic_machine=c34-convex - os=-bsd - ;; - convex-c38) - basic_machine=c38-convex - os=-bsd - ;; - cray | ymp) - basic_machine=ymp-cray - os=-unicos - ;; - cray2) - basic_machine=cray2-cray - os=-unicos - ;; - [ctj]90-cray) - basic_machine=c90-cray - os=-unicos - ;; - crds | unos) - basic_machine=m68k-crds - ;; - cris | cris-* | etrax*) - basic_machine=cris-axis - ;; - da30 | da30-*) - basic_machine=m68k-da30 - ;; - decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn) - basic_machine=mips-dec - ;; - delta | 3300 | motorola-3300 | motorola-delta \ - | 3300-motorola | delta-motorola) - basic_machine=m68k-motorola - ;; - delta88) - basic_machine=m88k-motorola - os=-sysv3 - ;; - dpx20 | dpx20-*) - basic_machine=rs6000-bull - os=-bosx - ;; - dpx2* | dpx2*-bull) - basic_machine=m68k-bull - os=-sysv3 - ;; - ebmon29k) - basic_machine=a29k-amd - os=-ebmon - ;; - elxsi) - basic_machine=elxsi-elxsi - os=-bsd - ;; - encore | umax | mmax) - basic_machine=ns32k-encore - ;; - es1800 | OSE68k | ose68k | ose | OSE) - basic_machine=m68k-ericsson - os=-ose - ;; - fx2800) - basic_machine=i860-alliant - ;; - genix) - basic_machine=ns32k-ns - ;; - gmicro) - basic_machine=tron-gmicro - os=-sysv - ;; - h3050r* | hiux*) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - h8300hms) - basic_machine=h8300-hitachi - os=-hms - ;; - h8300xray) - basic_machine=h8300-hitachi - os=-xray - ;; - h8500hms) - basic_machine=h8500-hitachi - os=-hms - ;; - harris) - basic_machine=m88k-harris - os=-sysv3 - ;; - hp300-*) - basic_machine=m68k-hp - ;; - hp300bsd) - basic_machine=m68k-hp - os=-bsd - ;; - hp300hpux) - basic_machine=m68k-hp - os=-hpux - ;; - hp3k9[0-9][0-9] | hp9[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k2[0-9][0-9] | hp9k31[0-9]) - basic_machine=m68000-hp - ;; - hp9k3[2-9][0-9]) - basic_machine=m68k-hp - ;; - hp9k6[0-9][0-9] | hp6[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hp9k7[0-79][0-9] | hp7[0-79][0-9]) - basic_machine=hppa1.1-hp - ;; - hp9k78[0-9] | hp78[0-9]) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893) - # FIXME: really hppa2.0-hp - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][13679] | hp8[0-9][13679]) - basic_machine=hppa1.1-hp - ;; - hp9k8[0-9][0-9] | hp8[0-9][0-9]) - basic_machine=hppa1.0-hp - ;; - hppa-next) - os=-nextstep3 - ;; - hppaosf) - basic_machine=hppa1.1-hp - os=-osf - ;; - hppro) - basic_machine=hppa1.1-hp - os=-proelf - ;; - i370-ibm* | ibm*) - basic_machine=i370-ibm - ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? - i[34567]86v32) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv32 - ;; - i[34567]86v4*) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv4 - ;; - i[34567]86v) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-sysv - ;; - i[34567]86sol2) - basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` - os=-solaris2 - ;; - i386mach) - basic_machine=i386-mach - os=-mach - ;; - i386-vsta | vsta) - basic_machine=i386-unknown - os=-vsta - ;; - i386-go32 | go32) - basic_machine=i386-unknown - os=-go32 - ;; - i386-mingw32 | mingw32) - basic_machine=i386-unknown - os=-mingw32 - ;; - i[34567]86-pw32 | pw32) - basic_machine=i586-unknown - os=-pw32 - ;; - iris | iris4d) - basic_machine=mips-sgi - case $os in - -irix*) - ;; - *) - os=-irix4 - ;; - esac - ;; - isi68 | isi) - basic_machine=m68k-isi - os=-sysv - ;; - m88k-omron*) - basic_machine=m88k-omron - ;; - magnum | m3230) - basic_machine=mips-mips - os=-sysv - ;; - merlin) - basic_machine=ns32k-utek - os=-sysv - ;; - miniframe) - basic_machine=m68000-convergent - ;; - *mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*) - basic_machine=m68k-atari - os=-mint - ;; - mipsel*-linux*) - basic_machine=mipsel-unknown - os=-linux-gnu - ;; - mips*-linux*) - basic_machine=mips-unknown - os=-linux-gnu - ;; - mips3*-*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'` - ;; - mips3*) - basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown - ;; - mmix*) - basic_machine=mmix-knuth - os=-mmixware - ;; - monitor) - basic_machine=m68k-rom68k - os=-coff - ;; - msdos) - basic_machine=i386-unknown - os=-msdos - ;; - mvs) - basic_machine=i370-ibm - os=-mvs - ;; - ncr3000) - basic_machine=i486-ncr - os=-sysv4 - ;; - netbsd386) - basic_machine=i386-unknown - os=-netbsd - ;; - netwinder) - basic_machine=armv4l-rebel - os=-linux - ;; - news | news700 | news800 | news900) - basic_machine=m68k-sony - os=-newsos - ;; - news1000) - basic_machine=m68030-sony - os=-newsos - ;; - news-3600 | risc-news) - basic_machine=mips-sony - os=-newsos - ;; - necv70) - basic_machine=v70-nec - os=-sysv - ;; - next | m*-next ) - basic_machine=m68k-next - case $os in - -nextstep* ) - ;; - -ns2*) - os=-nextstep2 - ;; - *) - os=-nextstep3 - ;; - esac - ;; - nh3000) - basic_machine=m68k-harris - os=-cxux - ;; - nh[45]000) - basic_machine=m88k-harris - os=-cxux - ;; - nindy960) - basic_machine=i960-intel - os=-nindy - ;; - mon960) - basic_machine=i960-intel - os=-mon960 - ;; - np1) - basic_machine=np1-gould - ;; - nsr-tandem) - basic_machine=nsr-tandem - ;; - op50n-* | op60c-*) - basic_machine=hppa1.1-oki - os=-proelf - ;; - OSE68000 | ose68000) - basic_machine=m68000-ericsson - os=-ose - ;; - os68k) - basic_machine=m68k-none - os=-os68k - ;; - pa-hitachi) - basic_machine=hppa1.1-hitachi - os=-hiuxwe2 - ;; - paragon) - basic_machine=i860-intel - os=-osf - ;; - pbd) - basic_machine=sparc-tti - ;; - pbb) - basic_machine=m68k-tti - ;; - pc532 | pc532-*) - basic_machine=ns32k-pc532 - ;; - pentium | p5 | k5 | k6 | nexen) - basic_machine=i586-pc - ;; - pentiumpro | p6 | 6x86 | athlon) - basic_machine=i686-pc - ;; - pentiumii | pentium2) - basic_machine=i786-pc - ;; - pentium-* | p5-* | k5-* | k6-* | nexen-*) - basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumpro-* | p6-* | 6x86-* | athlon-*) - basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pentiumii-* | pentium2-*) - basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - pn) - basic_machine=pn-gould - ;; - power) basic_machine=rs6000-ibm - ;; - ppc) basic_machine=powerpc-unknown - ;; - ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ppcle | powerpclittle | ppc-le | powerpc-little) - basic_machine=powerpcle-unknown - ;; - ppcle-* | powerpclittle-*) - basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'` - ;; - ps2) - basic_machine=i386-ibm - ;; - rom68k) - basic_machine=m68k-rom68k - os=-coff - ;; - rm[46]00) - basic_machine=mips-siemens - ;; - rtpc | rtpc-*) - basic_machine=romp-ibm - ;; - sa29200) - basic_machine=a29k-amd - os=-udi - ;; - sequent) - basic_machine=i386-sequent - ;; - sh) - basic_machine=sh-hitachi - os=-hms - ;; - sparclite-wrs) - basic_machine=sparclite-wrs - os=-vxworks - ;; - sps7) - basic_machine=m68k-bull - os=-sysv2 - ;; - spur) - basic_machine=spur-unknown - ;; - st2000) - basic_machine=m68k-tandem - ;; - stratus) - basic_machine=i860-stratus - os=-sysv4 - ;; - sun2) - basic_machine=m68000-sun - ;; - sun2os3) - basic_machine=m68000-sun - os=-sunos3 - ;; - sun2os4) - basic_machine=m68000-sun - os=-sunos4 - ;; - sun3os3) - basic_machine=m68k-sun - os=-sunos3 - ;; - sun3os4) - basic_machine=m68k-sun - os=-sunos4 - ;; - sun4os3) - basic_machine=sparc-sun - os=-sunos3 - ;; - sun4os4) - basic_machine=sparc-sun - os=-sunos4 - ;; - sun4sol2) - basic_machine=sparc-sun - os=-solaris2 - ;; - sun3 | sun3-*) - basic_machine=m68k-sun - ;; - sun4) - basic_machine=sparc-sun - ;; - sun386 | sun386i | roadrunner) - basic_machine=i386-sun - ;; - sv1) - basic_machine=sv1-cray - os=-unicos - ;; - symmetry) - basic_machine=i386-sequent - os=-dynix - ;; - t3e) - basic_machine=t3e-cray - os=-unicos - ;; - tic54x | c54x*) - basic_machine=tic54x-unknown - os=-coff - ;; - tx39) - basic_machine=mipstx39-unknown - ;; - tx39el) - basic_machine=mipstx39el-unknown - ;; - tower | tower-32) - basic_machine=m68k-ncr - ;; - udi29k) - basic_machine=a29k-amd - os=-udi - ;; - ultra3) - basic_machine=a29k-nyu - os=-sym1 - ;; - v810 | necv810) - basic_machine=v810-nec - os=-none - ;; - vaxv) - basic_machine=vax-dec - os=-sysv - ;; - vms) - basic_machine=vax-dec - os=-vms - ;; - vpp*|vx|vx-*) - basic_machine=f301-fujitsu - ;; - vxworks960) - basic_machine=i960-wrs - os=-vxworks - ;; - vxworks68) - basic_machine=m68k-wrs - os=-vxworks - ;; - vxworks29k) - basic_machine=a29k-wrs - os=-vxworks - ;; - w65*) - basic_machine=w65-wdc - os=-none - ;; - w89k-*) - basic_machine=hppa1.1-winbond - os=-proelf - ;; - xmp) - basic_machine=xmp-cray - os=-unicos - ;; - xps | xps100) - basic_machine=xps100-honeywell - ;; - z8k-*-coff) - basic_machine=z8k-unknown - os=-sim - ;; - none) - basic_machine=none-none - os=-none - ;; - -# Here we handle the default manufacturer of certain CPU types. It is in -# some cases the only manufacturer, in others, it is the most popular. - w89k) - basic_machine=hppa1.1-winbond - ;; - op50n) - basic_machine=hppa1.1-oki - ;; - op60c) - basic_machine=hppa1.1-oki - ;; - mips) - if [ x$os = x-linux-gnu ]; then - basic_machine=mips-unknown - else - basic_machine=mips-mips - fi - ;; - romp) - basic_machine=romp-ibm - ;; - rs6000) - basic_machine=rs6000-ibm - ;; - vax) - basic_machine=vax-dec - ;; - pdp11) - basic_machine=pdp11-dec - ;; - we32k) - basic_machine=we32k-att - ;; - sh3 | sh4) - base_machine=sh-unknown - ;; - sparc | sparcv9) - basic_machine=sparc-sun - ;; - cydra) - basic_machine=cydra-cydrome - ;; - orion) - basic_machine=orion-highlevel - ;; - orion105) - basic_machine=clipper-highlevel - ;; - mac | mpw | mac-mpw) - basic_machine=m68k-apple - ;; - pmac | pmac-mpw) - basic_machine=powerpc-apple - ;; - c4x*) - basic_machine=c4x-none - os=-coff - ;; - *) - echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2 - exit 1 - ;; -esac - -# Here we canonicalize certain aliases for manufacturers. -case $basic_machine in - *-digital*) - basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'` - ;; - *-commodore*) - basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'` - ;; - *) - ;; -esac - -# Decode manufacturer-specific aliases for certain operating systems. - -if [ x"$os" != x"" ] -then -case $os in - # First match some system type aliases - # that might get confused with valid system types. - # -solaris* is a basic system type, with this one exception. - -solaris1 | -solaris1.*) - os=`echo $os | sed -e 's|solaris1|sunos4|'` - ;; - -solaris) - os=-solaris2 - ;; - -svr4*) - os=-sysv4 - ;; - -unixware*) - os=-sysv4.2uw - ;; - -gnu/linux*) - os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'` - ;; - # First accept the basic system types. - # The portable systems comes first. - # Each alternative MUST END IN A *, to match a version number. - # -sysv* is not here because it comes later, after sysvr4. - -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ - | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* \ - | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ - | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ - | -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \ - | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ - | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ - | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \ - | -interix* | -uwin* | -rhapsody* | -darwin* | -opened* \ - | -openstep* | -oskit* | -conix* | -pw32*) - # Remember, each alternative MUST END IN *, to match a version number. - ;; - -qnx*) - case $basic_machine in - x86-* | i[34567]86-*) - ;; - *) - os=-nto$os - ;; - esac - ;; - -nto*) - os=-nto-qnx - ;; - -sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \ - | -windows* | -osx | -abug | -netware* | -os9* | -beos* \ - | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*) - ;; - -mac*) - os=`echo $os | sed -e 's|mac|macos|'` - ;; - -linux*) - os=`echo $os | sed -e 's|linux|linux-gnu|'` - ;; - -sunos5*) - os=`echo $os | sed -e 's|sunos5|solaris2|'` - ;; - -sunos6*) - os=`echo $os | sed -e 's|sunos6|solaris3|'` - ;; - -opened*) - os=-openedition - ;; - -wince*) - os=-wince - ;; - -osfrose*) - os=-osfrose - ;; - -osf*) - os=-osf - ;; - -utek*) - os=-bsd - ;; - -dynix*) - os=-bsd - ;; - -acis*) - os=-aos - ;; - -386bsd) - os=-bsd - ;; - -ctix* | -uts*) - os=-sysv - ;; - -ns2 ) - os=-nextstep2 - ;; - -nsk*) - os=-nsk - ;; - # Preserve the version number of sinix5. - -sinix5.*) - os=`echo $os | sed -e 's|sinix|sysv|'` - ;; - -sinix*) - os=-sysv4 - ;; - -triton*) - os=-sysv3 - ;; - -oss*) - os=-sysv3 - ;; - -svr4) - os=-sysv4 - ;; - -svr3) - os=-sysv3 - ;; - -sysvr4) - os=-sysv4 - ;; - # This must come after -sysvr4. - -sysv*) - ;; - -ose*) - os=-ose - ;; - -es1800*) - os=-ose - ;; - -xenix) - os=-xenix - ;; - -*mint | -*MiNT) - os=-mint - ;; - -none) - ;; - *) - # Get rid of the `-' at the beginning of $os. - os=`echo $os | sed 's/[^-]*-//'` - echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2 - exit 1 - ;; -esac -else - -# Here we handle the default operating systems that come with various machines. -# The value should be what the vendor currently ships out the door with their -# machine or put another way, the most popular os provided with the machine. - -# Note that if you're going to try to match "-MANUFACTURER" here (say, -# "-sun"), then you have to tell the case statement up towards the top -# that MANUFACTURER isn't an operating system. Otherwise, code above -# will signal an error saying that MANUFACTURER isn't an operating -# system, and we'll never get to this point. - -case $basic_machine in - *-acorn) - os=-riscix1.2 - ;; - arm*-rebel) - os=-linux - ;; - arm*-semi) - os=-aout - ;; - pdp11-*) - os=-none - ;; - *-dec | vax-*) - os=-ultrix4.2 - ;; - m68*-apollo) - os=-domain - ;; - i386-sun) - os=-sunos4.0.2 - ;; - m68000-sun) - os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 - ;; - m68*-cisco) - os=-aout - ;; - mips*-cisco) - os=-elf - ;; - mips*-*) - os=-elf - ;; - *-tti) # must be before sparc entry or we get the wrong os. - os=-sysv3 - ;; - sparc-* | *-sun) - os=-sunos4.1.1 - ;; - *-be) - os=-beos - ;; - *-ibm) - os=-aix - ;; - *-wec) - os=-proelf - ;; - *-winbond) - os=-proelf - ;; - *-oki) - os=-proelf - ;; - *-hp) - os=-hpux - ;; - *-hitachi) - os=-hiux - ;; - i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent) - os=-sysv - ;; - *-cbm) - os=-amigaos - ;; - *-dg) - os=-dgux - ;; - *-dolphin) - os=-sysv3 - ;; - m68k-ccur) - os=-rtu - ;; - m88k-omron*) - os=-luna - ;; - *-next ) - os=-nextstep - ;; - *-sequent) - os=-ptx - ;; - *-crds) - os=-unos - ;; - *-ns) - os=-genix - ;; - i370-*) - os=-mvs - ;; - *-next) - os=-nextstep3 - ;; - *-gould) - os=-sysv - ;; - *-highlevel) - os=-bsd - ;; - *-encore) - os=-bsd - ;; - *-sgi) - os=-irix - ;; - *-siemens) - os=-sysv4 - ;; - *-masscomp) - os=-rtu - ;; - f301-fujitsu) - os=-uxpv - ;; - *-rom68k) - os=-coff - ;; - *-*bug) - os=-coff - ;; - *-apple) - os=-macos - ;; - *-atari*) - os=-mint - ;; - *) - os=-none - ;; -esac -fi - -# Here we handle the case where we know the os, and the CPU type, but not the -# manufacturer. We pick the logical manufacturer. -vendor=unknown -case $basic_machine in - *-unknown) - case $os in - -riscix*) - vendor=acorn - ;; - -sunos*) - vendor=sun - ;; - -aix*) - vendor=ibm - ;; - -beos*) - vendor=be - ;; - -hpux*) - vendor=hp - ;; - -mpeix*) - vendor=hp - ;; - -hiux*) - vendor=hitachi - ;; - -unos*) - vendor=crds - ;; - -dgux*) - vendor=dg - ;; - -luna*) - vendor=omron - ;; - -genix*) - vendor=ns - ;; - -mvs* | -opened*) - vendor=ibm - ;; - -ptx*) - vendor=sequent - ;; - -vxsim* | -vxworks*) - vendor=wrs - ;; - -aux*) - vendor=apple - ;; - -hms*) - vendor=hitachi - ;; - -mpw* | -macos*) - vendor=apple - ;; - -*mint | -*MiNT) - vendor=atari - ;; - esac - basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"` - ;; -esac - -echo $basic_machine$os -exit 0 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "version='" -# time-stamp-format: "%:y-%02m-%02d" -# time-stamp-end: "'" -# End: diff --git a/crypto/kerberosIV/configure b/crypto/kerberosIV/configure deleted file mode 100644 index 0ee1b832b7b9..000000000000 --- a/crypto/kerberosIV/configure +++ /dev/null @@ -1,11632 +0,0 @@ -#! /bin/sh - -# From configure.in Revision: 1.432.2.14 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Define a conditional. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -# Guess values for system-dependent variables and create Makefiles. -# Generated automatically using autoconf version 2.13 -# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc. -# -# This configure script is free software; the Free Software Foundation -# gives unlimited permission to copy, distribute and modify it. - -# Defaults: -ac_help= -ac_default_prefix=/usr/local -# Any additions from configure.in: -ac_default_prefix=/usr/athena -ac_help="$ac_help - --with-socks=dir use socks in dir" -ac_help="$ac_help - --with-socks-lib=dir use socks libraries in dir" -ac_help="$ac_help - --with-socks-include=dir use socks headers in dir" -ac_help="$ac_help - --enable-legacy-kdestroy kdestroy doesn't destroy tokens by default" -ac_help="$ac_help - --enable-match-subdomains match realm in subdomains" -ac_help="$ac_help - --with-ld-flags=flags what flags use when linking" -ac_help="$ac_help - --with-cracklib=dir use the cracklib.a in dir" -ac_help="$ac_help - --with-dictpath=path use this dictionary with cracklib -" -ac_help="$ac_help - --with-mailspool=dir this is the mail spool directory -" -ac_help="$ac_help - --with-db-dir=dir this is the database directory (default /var/kerberos)" -ac_help="$ac_help - --enable-random-mkey use new code for master keys" -ac_help="$ac_help - --with-mkey=file where to put the master key" -ac_help="$ac_help - --disable-otp if you don't want OTP support" -ac_help="$ac_help - --enable-osfc2 enable some OSF C2 support" -ac_help="$ac_help - --disable-mmap disable use of mmap" -ac_help="$ac_help - --disable-dynamic-afs don't use loaded AFS library with AIX" -ac_help="$ac_help - --without-berkeley-db if you don't want berkeley db" -ac_help="$ac_help - --without-afs-support if you don't want support for afs" -ac_help="$ac_help - --with-des-quad-checksum=kind - default checksum to use (new, old, or guess)" -ac_help="$ac_help - --with-afsws=dir use AFS includes and libraries from dir=/usr/afsws" -ac_help="$ac_help - --enable-rxkad build rxkad library" -ac_help="$ac_help - --disable-cat-manpages don't install any preformatted manpages" -ac_help="$ac_help - --with-readline=dir use readline in dir" -ac_help="$ac_help - --with-readline-lib=dir use readline libraries in dir" -ac_help="$ac_help - --with-readline-include=dir use readline headers in dir" -ac_help="$ac_help - --with-mips-abi=abi ABI to use for IRIX (32, n32, or 64)" -ac_help="$ac_help - --with-hesiod=dir use hesiod in dir" -ac_help="$ac_help - --with-hesiod-lib=dir use hesiod libraries in dir" -ac_help="$ac_help - --with-hesiod-include=dir use hesiod headers in dir" -ac_help="$ac_help - --enable-shared create shared libraries for Kerberos" -ac_help="$ac_help - --with-x use the X Window System" - -# Initialize some variables set by options. -# The variables have the same names as the options, with -# dashes changed to underlines. -build=NONE -cache_file=./config.cache -exec_prefix=NONE -host=NONE -no_create= -nonopt=NONE -no_recursion= -prefix=NONE -program_prefix=NONE -program_suffix=NONE -program_transform_name=s,x,x, -silent= -site= -srcdir= -target=NONE -verbose= -x_includes=NONE -x_libraries=NONE -bindir='${exec_prefix}/bin' -sbindir='${exec_prefix}/sbin' -libexecdir='${exec_prefix}/libexec' -datadir='${prefix}/share' -sysconfdir='${prefix}/etc' -sharedstatedir='${prefix}/com' -localstatedir='${prefix}/var' -libdir='${exec_prefix}/lib' -includedir='${prefix}/include' -oldincludedir='/usr/include' -infodir='${prefix}/info' -mandir='${prefix}/man' - -# Initialize some other variables. -subdirs= -MFLAGS= MAKEFLAGS= -SHELL=${CONFIG_SHELL-/bin/sh} -# Maximum number of lines to put in a shell here document. -ac_max_here_lines=12 - -ac_prev= -for ac_option -do - - # If the previous option needs an argument, assign it. - if test -n "$ac_prev"; then - eval "$ac_prev=\$ac_option" - ac_prev= - continue - fi - - case "$ac_option" in - -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;; - *) ac_optarg= ;; - esac - - # Accept the important Cygnus configure options, so we can diagnose typos. - - case "$ac_option" in - - -bindir | --bindir | --bindi | --bind | --bin | --bi) - ac_prev=bindir ;; - -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*) - bindir="$ac_optarg" ;; - - -build | --build | --buil | --bui | --bu) - ac_prev=build ;; - -build=* | --build=* | --buil=* | --bui=* | --bu=*) - build="$ac_optarg" ;; - - -cache-file | --cache-file | --cache-fil | --cache-fi \ - | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c) - ac_prev=cache_file ;; - -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \ - | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*) - cache_file="$ac_optarg" ;; - - -datadir | --datadir | --datadi | --datad | --data | --dat | --da) - ac_prev=datadir ;; - -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \ - | --da=*) - datadir="$ac_optarg" ;; - - -disable-* | --disable-*) - ac_feature=`echo $ac_option|sed -e 's/-*disable-//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then - { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } - fi - ac_feature=`echo $ac_feature| sed 's/-/_/g'` - eval "enable_${ac_feature}=no" ;; - - -enable-* | --enable-*) - ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then - { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; } - fi - ac_feature=`echo $ac_feature| sed 's/-/_/g'` - case "$ac_option" in - *=*) ;; - *) ac_optarg=yes ;; - esac - eval "enable_${ac_feature}='$ac_optarg'" ;; - - -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ - | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ - | --exec | --exe | --ex) - ac_prev=exec_prefix ;; - -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \ - | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \ - | --exec=* | --exe=* | --ex=*) - exec_prefix="$ac_optarg" ;; - - -gas | --gas | --ga | --g) - # Obsolete; use --with-gas. - with_gas=yes ;; - - -help | --help | --hel | --he) - # Omit some internal or obsolete options to make the list less imposing. - # This message is too long to be a string in the A/UX 3.1 sh. - cat << EOF -Usage: configure [options] [host] -Options: [defaults in brackets after descriptions] -Configuration: - --cache-file=FILE cache test results in FILE - --help print this message - --no-create do not create output files - --quiet, --silent do not print \`checking...' messages - --version print the version of autoconf that created configure -Directory and file names: - --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] - --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [same as prefix] - --bindir=DIR user executables in DIR [EPREFIX/bin] - --sbindir=DIR system admin executables in DIR [EPREFIX/sbin] - --libexecdir=DIR program executables in DIR [EPREFIX/libexec] - --datadir=DIR read-only architecture-independent data in DIR - [PREFIX/share] - --sysconfdir=DIR read-only single-machine data in DIR [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data in DIR - [PREFIX/com] - --localstatedir=DIR modifiable single-machine data in DIR [PREFIX/var] - --libdir=DIR object code libraries in DIR [EPREFIX/lib] - --includedir=DIR C header files in DIR [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc in DIR [/usr/include] - --infodir=DIR info documentation in DIR [PREFIX/info] - --mandir=DIR man documentation in DIR [PREFIX/man] - --srcdir=DIR find the sources in DIR [configure dir or ..] - --program-prefix=PREFIX prepend PREFIX to installed program names - --program-suffix=SUFFIX append SUFFIX to installed program names - --program-transform-name=PROGRAM - run sed PROGRAM on installed program names -EOF - cat << EOF -Host type: - --build=BUILD configure for building on BUILD [BUILD=HOST] - --host=HOST configure for HOST [guessed] - --target=TARGET configure for TARGET [TARGET=HOST] -Features and packages: - --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) - --enable-FEATURE[=ARG] include FEATURE [ARG=yes] - --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] - --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --x-includes=DIR X include files are in DIR - --x-libraries=DIR X library files are in DIR -EOF - if test -n "$ac_help"; then - echo "--enable and --with options recognized:$ac_help" - fi - exit 0 ;; - - -host | --host | --hos | --ho) - ac_prev=host ;; - -host=* | --host=* | --hos=* | --ho=*) - host="$ac_optarg" ;; - - -includedir | --includedir | --includedi | --included | --include \ - | --includ | --inclu | --incl | --inc) - ac_prev=includedir ;; - -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \ - | --includ=* | --inclu=* | --incl=* | --inc=*) - includedir="$ac_optarg" ;; - - -infodir | --infodir | --infodi | --infod | --info | --inf) - ac_prev=infodir ;; - -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*) - infodir="$ac_optarg" ;; - - -libdir | --libdir | --libdi | --libd) - ac_prev=libdir ;; - -libdir=* | --libdir=* | --libdi=* | --libd=*) - libdir="$ac_optarg" ;; - - -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \ - | --libexe | --libex | --libe) - ac_prev=libexecdir ;; - -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \ - | --libexe=* | --libex=* | --libe=*) - libexecdir="$ac_optarg" ;; - - -localstatedir | --localstatedir | --localstatedi | --localstated \ - | --localstate | --localstat | --localsta | --localst \ - | --locals | --local | --loca | --loc | --lo) - ac_prev=localstatedir ;; - -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \ - | --localstate=* | --localstat=* | --localsta=* | --localst=* \ - | --locals=* | --local=* | --loca=* | --loc=* | --lo=*) - localstatedir="$ac_optarg" ;; - - -mandir | --mandir | --mandi | --mand | --man | --ma | --m) - ac_prev=mandir ;; - -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*) - mandir="$ac_optarg" ;; - - -nfp | --nfp | --nf) - # Obsolete; use --without-fp. - with_fp=no ;; - - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c) - no_create=yes ;; - - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) - no_recursion=yes ;; - - -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \ - | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \ - | --oldin | --oldi | --old | --ol | --o) - ac_prev=oldincludedir ;; - -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \ - | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \ - | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*) - oldincludedir="$ac_optarg" ;; - - -prefix | --prefix | --prefi | --pref | --pre | --pr | --p) - ac_prev=prefix ;; - -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*) - prefix="$ac_optarg" ;; - - -program-prefix | --program-prefix | --program-prefi | --program-pref \ - | --program-pre | --program-pr | --program-p) - ac_prev=program_prefix ;; - -program-prefix=* | --program-prefix=* | --program-prefi=* \ - | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*) - program_prefix="$ac_optarg" ;; - - -program-suffix | --program-suffix | --program-suffi | --program-suff \ - | --program-suf | --program-su | --program-s) - ac_prev=program_suffix ;; - -program-suffix=* | --program-suffix=* | --program-suffi=* \ - | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*) - program_suffix="$ac_optarg" ;; - - -program-transform-name | --program-transform-name \ - | --program-transform-nam | --program-transform-na \ - | --program-transform-n | --program-transform- \ - | --program-transform | --program-transfor \ - | --program-transfo | --program-transf \ - | --program-trans | --program-tran \ - | --progr-tra | --program-tr | --program-t) - ac_prev=program_transform_name ;; - -program-transform-name=* | --program-transform-name=* \ - | --program-transform-nam=* | --program-transform-na=* \ - | --program-transform-n=* | --program-transform-=* \ - | --program-transform=* | --program-transfor=* \ - | --program-transfo=* | --program-transf=* \ - | --program-trans=* | --program-tran=* \ - | --progr-tra=* | --program-tr=* | --program-t=*) - program_transform_name="$ac_optarg" ;; - - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - silent=yes ;; - - -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) - ac_prev=sbindir ;; - -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ - | --sbi=* | --sb=*) - sbindir="$ac_optarg" ;; - - -sharedstatedir | --sharedstatedir | --sharedstatedi \ - | --sharedstated | --sharedstate | --sharedstat | --sharedsta \ - | --sharedst | --shareds | --shared | --share | --shar \ - | --sha | --sh) - ac_prev=sharedstatedir ;; - -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \ - | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \ - | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \ - | --sha=* | --sh=*) - sharedstatedir="$ac_optarg" ;; - - -site | --site | --sit) - ac_prev=site ;; - -site=* | --site=* | --sit=*) - site="$ac_optarg" ;; - - -srcdir | --srcdir | --srcdi | --srcd | --src | --sr) - ac_prev=srcdir ;; - -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*) - srcdir="$ac_optarg" ;; - - -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \ - | --syscon | --sysco | --sysc | --sys | --sy) - ac_prev=sysconfdir ;; - -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \ - | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*) - sysconfdir="$ac_optarg" ;; - - -target | --target | --targe | --targ | --tar | --ta | --t) - ac_prev=target ;; - -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*) - target="$ac_optarg" ;; - - -v | -verbose | --verbose | --verbos | --verbo | --verb) - verbose=yes ;; - - -version | --version | --versio | --versi | --vers) - echo "configure generated by autoconf version 2.13" - exit 0 ;; - - -with-* | --with-*) - ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then - { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } - fi - ac_package=`echo $ac_package| sed 's/-/_/g'` - case "$ac_option" in - *=*) ;; - *) ac_optarg=yes ;; - esac - eval "with_${ac_package}='$ac_optarg'" ;; - - -without-* | --without-*) - ac_package=`echo $ac_option|sed -e 's/-*without-//'` - # Reject names that are not valid shell variable names. - if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then - { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; } - fi - ac_package=`echo $ac_package| sed 's/-/_/g'` - eval "with_${ac_package}=no" ;; - - --x) - # Obsolete; use --with-x. - with_x=yes ;; - - -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \ - | --x-incl | --x-inc | --x-in | --x-i) - ac_prev=x_includes ;; - -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \ - | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*) - x_includes="$ac_optarg" ;; - - -x-libraries | --x-libraries | --x-librarie | --x-librari \ - | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l) - ac_prev=x_libraries ;; - -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \ - | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) - x_libraries="$ac_optarg" ;; - - -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; } - ;; - - *) - if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then - echo "configure: warning: $ac_option: invalid host type" 1>&2 - fi - if test "x$nonopt" != xNONE; then - { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; } - fi - nonopt="$ac_option" - ;; - - esac -done - -if test -n "$ac_prev"; then - { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; } -fi - -trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 - -# File descriptor usage: -# 0 standard input -# 1 file creation -# 2 errors and warnings -# 3 some systems may open it to /dev/tty -# 4 used on the Kubota Titan -# 6 checking for... messages and results -# 5 compiler messages saved in config.log -if test "$silent" = yes; then - exec 6>/dev/null -else - exec 6>&1 -fi -exec 5>./config.log - -echo "\ -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. -" 1>&5 - -# Strip out --no-create and --no-recursion so they do not pile up. -# Also quote any args containing shell metacharacters. -ac_configure_args= -for ac_arg -do - case "$ac_arg" in - -no-create | --no-create | --no-creat | --no-crea | --no-cre \ - | --no-cr | --no-c) ;; - -no-recursion | --no-recursion | --no-recursio | --no-recursi \ - | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;; - *" "*|*" "*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*) - ac_configure_args="$ac_configure_args '$ac_arg'" ;; - *) ac_configure_args="$ac_configure_args $ac_arg" ;; - esac -done - -# NLS nuisances. -# Only set these to C if already set. These must not be set unconditionally -# because not all systems understand e.g. LANG=C (notably SCO). -# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'! -# Non-C LC_CTYPE values break the ctype check. -if test "${LANG+set}" = set; then LANG=C; export LANG; fi -if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi -if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi -if test "${LC_CTYPE+set}" = set; then LC_CTYPE=C; export LC_CTYPE; fi - -# confdefs.h avoids OS command line length limits that DEFS can exceed. -rm -rf conftest* confdefs.h -# AIX cpp loses on an empty file, so make sure it contains at least a newline. -echo > confdefs.h - -# A filename unique to this package, relative to the directory that -# configure is in, which we can look for to find out if srcdir is correct. -ac_unique_file=lib/krb/getrealm.c - -# Find the source files, if location was not specified. -if test -z "$srcdir"; then - ac_srcdir_defaulted=yes - # Try the directory containing this script, then its parent. - ac_prog=$0 - ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'` - test "x$ac_confdir" = "x$ac_prog" && ac_confdir=. - srcdir=$ac_confdir - if test ! -r $srcdir/$ac_unique_file; then - srcdir=.. - fi -else - ac_srcdir_defaulted=no -fi -if test ! -r $srcdir/$ac_unique_file; then - if test "$ac_srcdir_defaulted" = yes; then - { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; } - else - { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; } - fi -fi -srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'` - -# Prefer explicitly selected file to automatically selected ones. -if test -z "$CONFIG_SITE"; then - if test "x$prefix" != xNONE; then - CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site" - else - CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site" - fi -fi -for ac_site_file in $CONFIG_SITE; do - if test -r "$ac_site_file"; then - echo "loading site script $ac_site_file" - . "$ac_site_file" - fi -done - -if test -r "$cache_file"; then - echo "loading cache $cache_file" - . $cache_file -else - echo "creating cache $cache_file" - > $cache_file -fi - -ac_ext=c -# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. -ac_cpp='$CPP $CPPFLAGS' -ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' -cross_compiling=$ac_cv_prog_cc_cross - -ac_exeext= -ac_objext=o -if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then - # Stardent Vistra SVR4 grep lacks -e, says ghazi@caip.rutgers.edu. - if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then - ac_n= ac_c=' -' ac_t=' ' - else - ac_n=-n ac_c= ac_t= - fi -else - ac_n= ac_c='\c' ac_t= -fi - - - - - -PACKAGE=krb4 -VERSION=1.0.5 -cat >> confdefs.h <> confdefs.h <&2; exit 1; } -fi -ac_config_guess=$ac_aux_dir/config.guess -ac_config_sub=$ac_aux_dir/config.sub -ac_configure=$ac_aux_dir/configure # This should be Cygnus configure. - - -# Make sure we can run config.sub. -if ${CONFIG_SHELL-/bin/sh} $ac_config_sub sun4 >/dev/null 2>&1; then : -else { echo "configure: error: can not run $ac_config_sub" 1>&2; exit 1; } -fi - -echo $ac_n "checking host system type""... $ac_c" 1>&6 -echo "configure:750: checking host system type" >&5 - -host_alias=$host -case "$host_alias" in -NONE) - case $nonopt in - NONE) - if host_alias=`${CONFIG_SHELL-/bin/sh} $ac_config_guess`; then : - else { echo "configure: error: can not guess host type; you must specify one" 1>&2; exit 1; } - fi ;; - *) host_alias=$nonopt ;; - esac ;; -esac - -host=`${CONFIG_SHELL-/bin/sh} $ac_config_sub $host_alias` -host_cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'` -host_vendor=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'` -host_os=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'` -echo "$ac_t""$host" 1>&6 - -CANONICAL_HOST=$host - - - -sunos=no -case "$host" in -*-*-sunos4*) - sunos=40 - ;; -*-*-solaris2.7) - sunos=57 - ;; -*-*-solaris2.8) - sunos=58 - ;; -*-*-solaris2*) - sunos=50 - ;; -esac -if test "$sunos" != no; then - cat >> confdefs.h <&6 -echo "configure:797: checking whether ${MAKE-make} sets \${MAKE}" >&5 -set dummy ${MAKE-make}; ac_make=`echo "$2" | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_prog_make_${ac_make}_set'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftestmake <<\EOF -all: - @echo 'ac_maketemp="${MAKE}"' -EOF -# GNU make sometimes prints "make[1]: Entering...", which would confuse us. -eval `${MAKE-make} -f conftestmake 2>/dev/null | grep temp=` -if test -n "$ac_maketemp"; then - eval ac_cv_prog_make_${ac_make}_set=yes -else - eval ac_cv_prog_make_${ac_make}_set=no -fi -rm -f conftestmake -fi -if eval "test \"`echo '$ac_cv_prog_make_'${ac_make}_set`\" = yes"; then - echo "$ac_t""yes" 1>&6 - SET_MAKE= -else - echo "$ac_t""no" 1>&6 - SET_MAKE="MAKE=${MAKE-make}" -fi - -if test "$program_transform_name" = s,x,x,; then - program_transform_name= -else - # Double any \ or $. echo might interpret backslashes. - cat <<\EOF_SED > conftestsed -s,\\,\\\\,g; s,\$,$$,g -EOF_SED - program_transform_name="`echo $program_transform_name|sed -f conftestsed`" - rm -f conftestsed -fi -test "$program_prefix" != NONE && - program_transform_name="s,^,${program_prefix},; $program_transform_name" -# Use a double $ so make ignores it. -test "$program_suffix" != NONE && - program_transform_name="s,\$\$,${program_suffix},; $program_transform_name" - -# sed with no file args requires a program. -test "$program_transform_name" = "" && program_transform_name="s,x,x," - - -# We want these before the checks, so the checks can modify their values. -test -z "$LDFLAGS" && LDFLAGS=-g - - -echo $ac_n "checking for ln -s or something else""... $ac_c" 1>&6 -echo "configure:848: checking for ln -s or something else" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_LN_S'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - rm -f conftestdata -if ln -s X conftestdata 2>/dev/null -then - rm -f conftestdata - ac_cv_prog_LN_S="ln -s" -else - touch conftestdata1 - if ln conftestdata1 conftestdata2; then - rm -f conftestdata* - ac_cv_prog_LN_S=ln - else - ac_cv_prog_LN_S=cp - fi -fi -fi -LN_S="$ac_cv_prog_LN_S" -echo "$ac_t""$ac_cv_prog_LN_S" 1>&6 - -# Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:873: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_CC="gcc" - break - fi - done - IFS="$ac_save_ifs" -fi -fi -CC="$ac_cv_prog_CC" -if test -n "$CC"; then - echo "$ac_t""$CC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:903: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_prog_rejected=no - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - break - fi - done - IFS="$ac_save_ifs" -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# -gt 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - set dummy "$ac_dir/$ac_word" "$@" - shift - ac_cv_prog_CC="$@" - fi -fi -fi -fi -CC="$ac_cv_prog_CC" -if test -n "$CC"; then - echo "$ac_t""$CC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - - if test -z "$CC"; then - case "`uname -s`" in - *win32* | *WIN32*) - # Extract the first word of "cl", so it can be a program name with args. -set dummy cl; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:954: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_CC="cl" - break - fi - done - IFS="$ac_save_ifs" -fi -fi -CC="$ac_cv_prog_CC" -if test -n "$CC"; then - echo "$ac_t""$CC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - ;; - esac - fi - test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; } -fi - -echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6 -echo "configure:986: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5 - -ac_ext=c -# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. -ac_cpp='$CPP $CPPFLAGS' -ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' -cross_compiling=$ac_cv_prog_cc_cross - -cat > conftest.$ac_ext << EOF - -#line 997 "configure" -#include "confdefs.h" - -main(){return(0);} -EOF -if { (eval echo configure:1002: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - ac_cv_prog_cc_works=yes - # If we can't run a trivial program, we are probably using a cross compiler. - if (./conftest; exit) 2>/dev/null; then - ac_cv_prog_cc_cross=no - else - ac_cv_prog_cc_cross=yes - fi -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - ac_cv_prog_cc_works=no -fi -rm -fr conftest* -ac_ext=c -# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options. -ac_cpp='$CPP $CPPFLAGS' -ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5' -ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5' -cross_compiling=$ac_cv_prog_cc_cross - -echo "$ac_t""$ac_cv_prog_cc_works" 1>&6 -if test $ac_cv_prog_cc_works = no; then - { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; } -fi -echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6 -echo "configure:1028: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5 -echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6 -cross_compiling=$ac_cv_prog_cc_cross - -echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6 -echo "configure:1033: checking whether we are using GNU C" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.c <&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then - ac_cv_prog_gcc=yes -else - ac_cv_prog_gcc=no -fi -fi - -echo "$ac_t""$ac_cv_prog_gcc" 1>&6 - -if test $ac_cv_prog_gcc = yes; then - GCC=yes -else - GCC= -fi - -ac_test_CFLAGS="${CFLAGS+set}" -ac_save_CFLAGS="$CFLAGS" -CFLAGS= -echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6 -echo "configure:1061: checking whether ${CC-cc} accepts -g" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - echo 'void f(){}' > conftest.c -if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then - ac_cv_prog_cc_g=yes -else - ac_cv_prog_cc_g=no -fi -rm -f conftest* - -fi - -echo "$ac_t""$ac_cv_prog_cc_g" 1>&6 -if test "$ac_test_CFLAGS" = set; then - CFLAGS="$ac_save_CFLAGS" -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi -fi - -echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6 -echo "configure:1093: checking how to run the C preprocessor" >&5 -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then -if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - # This must be in double quotes, not single quotes, because CPP may get - # substituted into the Makefile and "${CC-cc}" will confuse make. - CPP="${CC-cc} -E" - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. - cat > conftest.$ac_ext < -Syntax Error -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1114: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - : -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - CPP="${CC-cc} -E -traditional-cpp" - cat > conftest.$ac_ext < -Syntax Error -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1131: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - : -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - CPP="${CC-cc} -nologo -E" - cat > conftest.$ac_ext < -Syntax Error -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:1148: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - : -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - CPP=/lib/cpp -fi -rm -f conftest* -fi -rm -f conftest* -fi -rm -f conftest* - ac_cv_prog_CPP="$CPP" -fi - CPP="$ac_cv_prog_CPP" -else - ac_cv_prog_CPP="$CPP" -fi -echo "$ac_t""$CPP" 1>&6 - -echo $ac_n "checking for POSIXized ISC""... $ac_c" 1>&6 -echo "configure:1173: checking for POSIXized ISC" >&5 -if test -d /etc/conf/kconfig.d && - grep _POSIX_VERSION /usr/include/sys/unistd.h >/dev/null 2>&1 -then - echo "$ac_t""yes" 1>&6 - ISC=yes # If later tests want to check for ISC. - cat >> confdefs.h <<\EOF -#define _POSIX_SOURCE 1 -EOF - - if test "$GCC" = yes; then - CC="$CC -posix" - else - CC="$CC -Xp" - fi -else - echo "$ac_t""no" 1>&6 - ISC= -fi - -for ac_prog in byacc yacc 'bison -y' -do -# Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1198: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_YACC'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$YACC"; then - ac_cv_prog_YACC="$YACC" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_YACC="$ac_prog" - break - fi - done - IFS="$ac_save_ifs" -fi -fi -YACC="$ac_cv_prog_YACC" -if test -n "$YACC"; then - echo "$ac_t""$YACC" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -test -n "$YACC" && break -done - -# Extract the first word of "flex", so it can be a program name with args. -set dummy flex; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1230: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_LEX'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$LEX"; then - ac_cv_prog_LEX="$LEX" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_LEX="flex" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_LEX" && ac_cv_prog_LEX="lex" -fi -fi -LEX="$ac_cv_prog_LEX" -if test -n "$LEX"; then - echo "$ac_t""$LEX" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -if test -z "$LEXLIB" -then - case "$LEX" in - flex*) ac_lib=fl ;; - *) ac_lib=l ;; - esac - echo $ac_n "checking for yywrap in -l$ac_lib""... $ac_c" 1>&6 -echo "configure:1264: checking for yywrap in -l$ac_lib" >&5 -ac_lib_var=`echo $ac_lib'_'yywrap | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-l$ac_lib $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - LEXLIB="-l$ac_lib" -else - echo "$ac_t""no" 1>&6 -fi - -fi - -# Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1308: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_RANLIB="ranlib" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":" -fi -fi -RANLIB="$ac_cv_prog_RANLIB" -if test -n "$RANLIB"; then - echo "$ac_t""$RANLIB" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -# Find a good install program. We prefer a C program (faster), -# so one script is as good as another. But avoid the broken or -# incompatible versions: -# SysV /etc/install, /usr/sbin/install -# SunOS /usr/etc/install -# IRIX /sbin/install -# AIX /bin/install -# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag -# AFS /usr/afsws/bin/install, which mishandles nonexistent args -# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" -# ./install, which can be erroneously created by make from ./install.sh. -echo $ac_n "checking for a BSD compatible install""... $ac_c" 1>&6 -echo "configure:1347: checking for a BSD compatible install" >&5 -if test -z "$INSTALL"; then -if eval "test \"`echo '$''{'ac_cv_path_install'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - IFS="${IFS= }"; ac_save_IFS="$IFS"; IFS=":" - for ac_dir in $PATH; do - # Account for people who put trailing slashes in PATH elements. - case "$ac_dir/" in - /|./|.//|/etc/*|/usr/sbin/*|/usr/etc/*|/sbin/*|/usr/afsws/bin/*|/usr/ucb/*) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - if test -f $ac_dir/$ac_prog; then - if test $ac_prog = install && - grep dspmsg $ac_dir/$ac_prog >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - else - ac_cv_path_install="$ac_dir/$ac_prog -c" - break 2 - fi - fi - done - ;; - esac - done - IFS="$ac_save_IFS" - -fi - if test "${ac_cv_path_install+set}" = set; then - INSTALL="$ac_cv_path_install" - else - # As a last resort, use the slow shell script. We don't cache a - # path for INSTALL within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the path is relative. - INSTALL="$ac_install_sh" - fi -fi -echo "$ac_t""$INSTALL" 1>&6 - -# Use test -z because SunOS4 sh mishandles braces in ${var-val}. -# It thinks the first close brace ends the variable substitution. -test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - -test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL_PROGRAM}' - -test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' - -for ac_prog in mawk gawk nawk awk -do -# Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1404: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_AWK'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$AWK"; then - ac_cv_prog_AWK="$AWK" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_AWK="$ac_prog" - break - fi - done - IFS="$ac_save_ifs" -fi -fi -AWK="$ac_cv_prog_AWK" -if test -n "$AWK"; then - echo "$ac_t""$AWK" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - -test -n "$AWK" && break -done - -# Extract the first word of "makeinfo", so it can be a program name with args. -set dummy makeinfo; ac_word=$2 -echo $ac_n "checking for $ac_word""... $ac_c" 1>&6 -echo "configure:1436: checking for $ac_word" >&5 -if eval "test \"`echo '$''{'ac_cv_prog_MAKEINFO'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test -n "$MAKEINFO"; then - ac_cv_prog_MAKEINFO="$MAKEINFO" # Let the user override the test. -else - IFS="${IFS= }"; ac_save_ifs="$IFS"; IFS=":" - ac_dummy="$PATH" - for ac_dir in $ac_dummy; do - test -z "$ac_dir" && ac_dir=. - if test -f $ac_dir/$ac_word; then - ac_cv_prog_MAKEINFO="makeinfo" - break - fi - done - IFS="$ac_save_ifs" - test -z "$ac_cv_prog_MAKEINFO" && ac_cv_prog_MAKEINFO=":" -fi -fi -MAKEINFO="$ac_cv_prog_MAKEINFO" -if test -n "$MAKEINFO"; then - echo "$ac_t""$MAKEINFO" 1>&6 -else - echo "$ac_t""no" 1>&6 -fi - - -WFLAGS="" -WFLAGS_NOUNUSED="" -WFLAGS_NOIMPLICITINT="" - - - -# Check whether --with-socks or --without-socks was given. -if test "${with_socks+set}" = set; then - withval="$with_socks" - : -fi - -# Check whether --with-socks-lib or --without-socks-lib was given. -if test "${with_socks_lib+set}" = set; then - withval="$with_socks_lib" - if test "$withval" = "yes" -o "$withval" = "no"; then - { echo "configure: error: No argument for --with-socks-lib" 1>&2; exit 1; } -elif test "X$with_socks" = "X"; then - with_socks=yes -fi -fi - -# Check whether --with-socks-include or --without-socks-include was given. -if test "${with_socks_include+set}" = set; then - withval="$with_socks_include" - if test "$withval" = "yes" -o "$withval" = "no"; then - { echo "configure: error: No argument for --with-socks-include" 1>&2; exit 1; } -elif test "X$with_socks" = "X"; then - with_socks=yes -fi -fi - - -echo $ac_n "checking for socks""... $ac_c" 1>&6 -echo "configure:1498: checking for socks" >&5 - -case "$with_socks" in -yes) ;; -no) ;; -"") ;; -*) if test "$with_socks_include" = ""; then - with_socks_include="$with_socks/include" - fi - if test "$with_socks_lib" = ""; then - with_socks_lib="$with_socks/lib$abilibdirext" - fi - ;; -esac -header_dirs= -lib_dirs= -d='' -for i in $d; do - header_dirs="$header_dirs $i/include" - lib_dirs="$lib_dirs $i/lib$abilibdirext" -done - -case "$with_socks_include" in -yes) ;; -no) ;; -*) header_dirs="$with_socks_include $header_dirs";; -esac -case "$with_socks_lib" in -yes) ;; -no) ;; -*) lib_dirs="$with_socks_lib $lib_dirs";; -esac - -save_CFLAGS="$CFLAGS" -save_LIBS="$LIBS" -ires= lres= -for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - cat > conftest.$ac_ext < -int main() { - -; return 0; } -EOF -if { (eval echo configure:1544: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ires=$i;break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -done -for i in $lib_dirs; do - LIBS="-L$i -lsocks5 $save_LIBS" - cat > conftest.$ac_ext < -int main() { - -; return 0; } -EOF -if { (eval echo configure:1563: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - lres=$i;break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -done -CFLAGS="$save_CFLAGS" -LIBS="$save_LIBS" - -if test "$ires" -a "$lres" -a "$with_socks" != "no"; then - socks_includedir="$ires" - socks_libdir="$lres" - INCLUDE_socks="-I$socks_includedir" - LIB_socks="-L$socks_libdir -lsocks5" - cat >> confdefs.h <&6 -else - INCLUDE_socks= - LIB_socks= - with_socks=no - echo "$ac_t""$with_socks" 1>&6 -fi - - - -CFLAGS="$INCLUDE_socks $CFLAGS" -LIBS="$LIB_socks $LIBS" - -# Check whether --enable-legacy-kdestroy or --disable-legacy-kdestroy was given. -if test "${enable_legacy_kdestroy+set}" = set; then - enableval="$enable_legacy_kdestroy" - -if test "$enableval" = "yes"; then - cat >> confdefs.h <<\EOF -#define LEGACY_KDESTROY 1 -EOF - -fi - -fi - - -# Check whether --enable-match-subdomains or --disable-match-subdomains was given. -if test "${enable_match_subdomains+set}" = set; then - enableval="$enable_match_subdomains" - if test "$enableval" = "yes"; then - cat >> confdefs.h <<\EOF -#define MATCH_SUBDOMAINS 1 -EOF - -fi - -fi - - -# Check whether --with-ld-flags or --without-ld-flags was given. -if test "${with_ld_flags+set}" = set; then - withval="$with_ld_flags" - : -fi - - -# Check whether --with-cracklib or --without-cracklib was given. -if test "${with_cracklib+set}" = set; then - withval="$with_cracklib" - : -fi - - -# Check whether --with-dictpath or --without-dictpath was given. -if test "${with_dictpath+set}" = set; then - withval="$with_dictpath" - : -fi - - -(test -z "$with_cracklib" && test -n "$with_dictpath") || -(test -n "$with_cracklib" && test -z "$with_dictpath") && -{ echo "configure: error: --with-cracklib requires --with-dictpath and vice versa" 1>&2; exit 1; } -test -n "$with_cracklib" && -CRACKLIB="-L$with_cracklib -lcrack" && -echo "$ac_t""Using cracklib in $with_cracklib" 1>&6 -test -n "$with_dictpath" && -echo "$ac_t""Using dictpath=$with_dictpath" 1>&6 && -cat >> confdefs.h <> confdefs.h <> confdefs.h <> confdefs.h <<\EOF -#define RANDOM_MKEY 1 -EOF - -fi - -fi - - -# Check whether --with-mkey or --without-mkey was given. -if test "${with_mkey+set}" = set; then - withval="$with_mkey" - -if test -n "$withval"; then - cat >> confdefs.h <> confdefs.h <<\EOF -#define OTP 1 -EOF - - LIB_otp='-L$(top_builddir)/lib/otp -lotp' - OTP_dir=otp - LIB_SUBDIRS="$LIB_SUBDIRS otp" -fi - - - - -# Check whether --enable-osfc2 or --disable-osfc2 was given. -if test "${enable_osfc2+set}" = set; then - enableval="$enable_osfc2" - : -fi - -LIB_security= -if test "$enable_osfc2" = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_OSFC2 1 -EOF - - LIB_security=-lsecurity -fi - - - -mmap=yes -# Check whether --enable-mmap or --disable-mmap was given. -if test "${enable_mmap+set}" = set; then - enableval="$enable_mmap" - -if test "$enableval" = "no"; then - mmap=no -fi - -fi - -if test "$mmap" = "no"; then - cat >> confdefs.h <<\EOF -#define NO_MMAP 1 -EOF - -fi - -aix_dynamic_afs=yes -# Check whether --enable-dynamic-afs or --disable-dynamic-afs was given. -if test "${enable_dynamic_afs+set}" = set; then - enableval="$enable_dynamic_afs" - -if test "$enableval" = "no"; then - aix_dynamic_afs=no -fi - -fi - - -berkeley_db=db -# Check whether --with-berkeley-db or --without-berkeley-db was given. -if test "${with_berkeley_db+set}" = set; then - withval="$with_berkeley_db" - -if test "$withval" = no; then - berkeley_db="" -fi - -fi - - -afs_support=yes -# Check whether --with-afs-support or --without-afs-support was given. -if test "${with_afs_support+set}" = set; then - withval="$with_afs_support" - -if test "$withval" = no; then - cat >> confdefs.h <<\EOF -#define NO_AFS 1 -EOF - - afs_support=no -fi - -fi - - -des_quad=guess -# Check whether --with-des-quad-checksum or --without-des-quad-checksum was given. -if test "${with_des_quad_checksum+set}" = set; then - withval="$with_des_quad_checksum" - -des_quad="$withval" - -fi - -if test "$des_quad" = "new"; then - ac_x=DES_QUAD_NEW -elif test "$des_quad" = "old"; then - ac_x=DES_QUAD_OLD -else - ac_x=DES_QUAD_GUESS -fi -cat >> confdefs.h <&2; exit 1; } -elif test "X$with_readline" = "X"; then - with_readline=yes -fi -fi - -# Check whether --with-readline-include or --without-readline-include was given. -if test "${with_readline_include+set}" = set; then - withval="$with_readline_include" - if test "$withval" = "yes" -o "$withval" = "no"; then - { echo "configure: error: No argument for --with-readline-include" 1>&2; exit 1; } -elif test "X$with_readline" = "X"; then - with_readline=yes -fi -fi - - -echo $ac_n "checking for readline""... $ac_c" 1>&6 -echo "configure:1899: checking for readline" >&5 - -case "$with_readline" in -yes) ;; -no) ;; -"") ;; -*) if test "$with_readline_include" = ""; then - with_readline_include="$with_readline/include" - fi - if test "$with_readline_lib" = ""; then - with_readline_lib="$with_readline/lib$abilibdirext" - fi - ;; -esac -header_dirs= -lib_dirs= -d='' -for i in $d; do - header_dirs="$header_dirs $i/include" - lib_dirs="$lib_dirs $i/lib$abilibdirext" -done - -case "$with_readline_include" in -yes) ;; -no) ;; -*) header_dirs="$with_readline_include $header_dirs";; -esac -case "$with_readline_lib" in -yes) ;; -no) ;; -*) lib_dirs="$with_readline_lib $lib_dirs";; -esac - -save_CFLAGS="$CFLAGS" -save_LIBS="$LIBS" -ires= lres= -for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - cat > conftest.$ac_ext < -#include - -int main() { - -; return 0; } -EOF -if { (eval echo configure:1948: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ires=$i;break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -done -for i in $lib_dirs; do - LIBS="-L$i -lreadline $save_LIBS" - cat > conftest.$ac_ext < -#include - -int main() { - -; return 0; } -EOF -if { (eval echo configure:1970: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - lres=$i;break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -done -CFLAGS="$save_CFLAGS" -LIBS="$save_LIBS" - -if test "$ires" -a "$lres" -a "$with_readline" != "no"; then - readline_includedir="$ires" - readline_libdir="$lres" - INCLUDE_readline="-I$readline_includedir" - LIB_readline="-L$readline_libdir -lreadline" - cat >> confdefs.h <&6 -else - INCLUDE_readline= - LIB_readline= - with_readline=no - echo "$ac_t""$with_readline" 1>&6 -fi - - - - - -# Check whether --with-mips_abi or --without-mips_abi was given. -if test "${with_mips_abi+set}" = set; then - withval="$with_mips_abi" - : -fi - - -case "$host_os" in -irix*) -with_mips_abi="${with_mips_abi:-yes}" -if test -n "$GCC"; then - -# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select -# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs. -# -# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old -# GCC and revert back to O32. The same goes if O32 is asked for - old -# GCCs doesn't like the -mabi option, and new GCCs can't output O32. -# -# Don't you just love *all* the different SGI ABIs? - -case "${with_mips_abi}" in - 32|o32) abi='-mabi=32'; abilibdirext='' ;; - n32|yes) abi='-mabi=n32'; abilibdirext='32' ;; - 64) abi='-mabi=64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) { echo "configure: error: "Invalid ABI specified"" 1>&2; exit 1; } ;; -esac -if test -n "$abi" ; then -ac_foo=krb_cv_gcc_`echo $abi | tr =- __` -echo $ac_n "checking if $CC supports the $abi option""... $ac_c" 1>&6 -echo "configure:2035: checking if $CC supports the $abi option" >&5 -if eval "test \"`echo '$''{'$ac_foo'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -save_CFLAGS="$CFLAGS" -CFLAGS="$CFLAGS $abi" -cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval $ac_foo=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval $ac_foo=no -fi -rm -f conftest* -CFLAGS="$save_CFLAGS" - -fi - -ac_res=`eval echo \\\$$ac_foo` -echo "$ac_t""$ac_res" 1>&6 -if test $ac_res = no; then -# Try to figure out why that failed... -case $abi in - -mabi=32) - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -mabi=n32" - cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_res=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_res=no -fi -rm -f conftest* - CLAGS="$save_CFLAGS" - if test $ac_res = yes; then - # New GCC - { echo "configure: error: $CC does not support the $with_mips_abi ABI" 1>&2; exit 1; } - fi - # Old GCC - abi='' - abilibdirext='' - ;; - -mabi=n32|-mabi=64) - if test $with_mips_abi = yes; then - # Old GCC, default to O32 - abi='' - abilibdirext='' - else - # Some broken GCC - { echo "configure: error: $CC does not support the $with_mips_abi ABI" 1>&2; exit 1; } - fi - ;; -esac -fi #if test $ac_res = no; then -fi #if test -n "$abi" ; then -else -case "${with_mips_abi}" in - 32|o32) abi='-32'; abilibdirext='' ;; - n32|yes) abi='-n32'; abilibdirext='32' ;; - 64) abi='-64'; abilibdirext='64' ;; - no) abi=''; abilibdirext='';; - *) { echo "configure: error: "Invalid ABI specified"" 1>&2; exit 1; } ;; -esac -fi #if test -n "$GCC"; then -;; -esac - - - -# Check whether --with-hesiod or --without-hesiod was given. -if test "${with_hesiod+set}" = set; then - withval="$with_hesiod" - : -fi - -# Check whether --with-hesiod-lib or --without-hesiod-lib was given. -if test "${with_hesiod_lib+set}" = set; then - withval="$with_hesiod_lib" - if test "$withval" = "yes" -o "$withval" = "no"; then - { echo "configure: error: No argument for --with-hesiod-lib" 1>&2; exit 1; } -elif test "X$with_hesiod" = "X"; then - with_hesiod=yes -fi -fi - -# Check whether --with-hesiod-include or --without-hesiod-include was given. -if test "${with_hesiod_include+set}" = set; then - withval="$with_hesiod_include" - if test "$withval" = "yes" -o "$withval" = "no"; then - { echo "configure: error: No argument for --with-hesiod-include" 1>&2; exit 1; } -elif test "X$with_hesiod" = "X"; then - with_hesiod=yes -fi -fi - - -echo $ac_n "checking for hesiod""... $ac_c" 1>&6 -echo "configure:2154: checking for hesiod" >&5 - -case "$with_hesiod" in -yes) ;; -no) ;; -"") ;; -*) if test "$with_hesiod_include" = ""; then - with_hesiod_include="$with_hesiod/include" - fi - if test "$with_hesiod_lib" = ""; then - with_hesiod_lib="$with_hesiod/lib$abilibdirext" - fi - ;; -esac -header_dirs= -lib_dirs= -d='' -for i in $d; do - header_dirs="$header_dirs $i/include" - lib_dirs="$lib_dirs $i/lib$abilibdirext" -done - -case "$with_hesiod_include" in -yes) ;; -no) ;; -*) header_dirs="$with_hesiod_include $header_dirs";; -esac -case "$with_hesiod_lib" in -yes) ;; -no) ;; -*) lib_dirs="$with_hesiod_lib $lib_dirs";; -esac - -save_CFLAGS="$CFLAGS" -save_LIBS="$LIBS" -ires= lres= -for i in $header_dirs; do - CFLAGS="-I$i $save_CFLAGS" - cat > conftest.$ac_ext < -int main() { - -; return 0; } -EOF -if { (eval echo configure:2200: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ires=$i;break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -done -for i in $lib_dirs; do - LIBS="-L$i -lhesiod $save_LIBS" - cat > conftest.$ac_ext < -int main() { - -; return 0; } -EOF -if { (eval echo configure:2219: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - lres=$i;break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -done -CFLAGS="$save_CFLAGS" -LIBS="$save_LIBS" - -if test "$ires" -a "$lres" -a "$with_hesiod" != "no"; then - hesiod_includedir="$ires" - hesiod_libdir="$lres" - INCLUDE_hesiod="-I$hesiod_includedir" - LIB_hesiod="-L$hesiod_libdir -lhesiod" - cat >> confdefs.h <&6 -else - INCLUDE_hesiod= - LIB_hesiod= - with_hesiod=no - echo "$ac_t""$with_hesiod" 1>&6 -fi - - - - - - -# Check whether --enable-shared or --disable-shared was given. -if test "${enable_shared+set}" = set; then - enableval="$enable_shared" - : -fi - - - -case ${enable_shared} in - yes ) enable_shared=yes;; - no ) enable_shared=no;; - * ) enable_shared=no;; -esac - -# NOTE: Building shared libraries may not work if you do not use gcc! -# -# OS $SHLIBEXT -# HP-UX sl -# Linux so -# NetBSD so -# FreeBSD so -# OSF so -# SunOS5 so -# SunOS4 so.0.5 -# Irix so -# -# LIBEXT is the extension we should build (.a or $SHLIBEXT) -LINK='$(CC)' - -lib_deps=yes -REAL_PICFLAGS="-fpic" -LDSHARED='$(CC) $(PICFLAGS) -shared' -LIBPREFIX=lib -build_symlink_command=@true -install_symlink_command=@true -install_symlink_command2=@true -REAL_SHLIBEXT=so -SHLIB_VERSION=`echo $VERSION | sed 's/\([0-9.]*\).*/\1/'` -SHLIB_SONAME=`echo $VERSION | sed 's/\([0-9]*\).*/\1/'` -case "${host}" in -*-*-hpux*) - REAL_SHLIBEXT=sl - REAL_LD_FLAGS='-Wl,+b$(libdir)' - if test -z "$GCC"; then - LDSHARED="ld -b" - REAL_PICFLAGS="+z" - fi - lib_deps=no - ;; -*-*-linux*) - LDSHARED='$(CC) -shared -Wl,-soname,$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_LD_FLAGS='-Wl,-rpath,$(libdir)' - REAL_SHLIBEXT=so.$SHLIB_VERSION - build_symlink_command='$(LN_S) -f $@ $(LIBNAME).so' - install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - ;; -*-*-freebsd[345]* | *-*-freebsdelf[345]*) - REAL_SHLIBEXT=so.$SHLIB_VERSION - REAL_LD_FLAGS='-Wl,-R$(libdir)' - build_symlink_command='$(LN_S) -f $@ $(LIBNAME).so' - install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - ;; -*-*-*bsd*) - REAL_SHLIBEXT=so.$SHLIB_VERSION - LDSHARED='ld -Bshareable' - REAL_LD_FLAGS='-Wl,-R$(libdir)' - ;; -*-*-osf*) - REAL_LD_FLAGS='-Wl,-rpath,$(libdir)' - REAL_PICFLAGS= - LDSHARED='ld -shared -expect_unresolved \*' - ;; -*-*-solaris2*) - LDSHARED='$(CC) -shared -Wl,-h$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_SHLIBEXT=so.$SHLIB_VERSION - build_symlink_command='$(LN_S) $@ $(LIBNAME).so' - install_symlink_command='$(LN_S) $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so' - install_symlink_command2='$(LN_S) $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so' - REAL_LD_FLAGS='-Wl,-R$(libdir)' - if test -z "$GCC"; then - LDSHARED='$(CC) -G -h$(LIBNAME).so.'"${SHLIB_SONAME}" - REAL_PICFLAGS="-Kpic" - fi - ;; -*-fujitsu-uxpv*) - REAL_LD_FLAGS='' # really: LD_RUN_PATH=$(libdir) cc -o ... - REAL_LINK='LD_RUN_PATH=$(libdir) $(CC)' - LDSHARED='$(CC) -G' - REAL_PICFLAGS="-Kpic" - lib_deps=no # fails in mysterious ways - ;; -*-*-sunos*) - REAL_SHLIBEXT=so.$SHLIB_VERSION - REAL_LD_FLAGS='-Wl,-L$(libdir)' - lib_deps=no - ;; -*-*-irix*) - libdir="${libdir}${abilibdirext}" - REAL_LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)" - LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)" - LDSHARED="\$(CC) -shared ${abi}" - REAL_PICFLAGS= - CFLAGS="${abi} ${CFLAGS}" - ;; -*-*-os2*) - LIBPREFIX= - EXECSUFFIX='.exe' - RANLIB=EMXOMF - LD_FLAGS=-Zcrtdll - REAL_SHLIBEXT=nobuild - ;; -*-*-cygwin32*) - EXECSUFFIX='.exe' - REAL_SHLIBEXT=nobuild - ;; -*) REAL_SHLIBEXT=nobuild - REAL_PICFLAGS= - ;; -esac - -if test "${enable_shared}" != "yes" ; then - PICFLAGS="" - SHLIBEXT="nobuild" - LIBEXT="a" - build_symlink_command=@true - install_symlink_command=@true - install_symlink_command2=@true -else - PICFLAGS="$REAL_PICFLAGS" - SHLIBEXT="$REAL_SHLIBEXT" - LIBEXT="$SHLIBEXT" - echo $ac_n "checking whether to use -rpath""... $ac_c" 1>&6 -echo "configure:2388: checking whether to use -rpath" >&5 - case "$libdir" in - /lib | /usr/lib | /usr/local/lib) - echo "$ac_t""no" 1>&6 - REAL_LD_FLAGS= - LD_FLAGS= - ;; - *) - LD_FLAGS="$REAL_LD_FLAGS" - test "$REAL_LINK" && LINK="$REAL_LINK" - echo "$ac_t""$LD_FLAGS" 1>&6 - ;; - esac -fi - -if test "$lib_deps" = yes; then - lib_deps_yes="" - lib_deps_no="# " -else - lib_deps_yes="# " - lib_deps_no="" -fi - - - -# use supplied ld-flags, or none if `no' -if test "$with_ld_flags" = no; then - LD_FLAGS= -elif test -n "$with_ld_flags"; then - LD_FLAGS="$with_ld_flags" -fi - - - - - -echo $ac_n "checking whether byte ordering is bigendian""... $ac_c" 1>&6 -echo "configure:2425: checking whether byte ordering is bigendian" >&5 -if eval "test \"`echo '$''{'ac_cv_c_bigendian'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_cv_c_bigendian=unknown -# See if sys/param.h defines the BYTE_ORDER macro. -cat > conftest.$ac_ext < -#include -int main() { - -#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN - bogus endian macros -#endif -; return 0; } -EOF -if { (eval echo configure:2443: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - # It does; now see whether it defined to BIG_ENDIAN or not. -cat > conftest.$ac_ext < -#include -int main() { - -#if BYTE_ORDER != BIG_ENDIAN - not big endian -#endif -; return 0; } -EOF -if { (eval echo configure:2458: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_c_bigendian=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_c_bigendian=no -fi -rm -f conftest* -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -if test $ac_cv_c_bigendian = unknown; then -if test "$cross_compiling" = yes; then - { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } -else - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_c_bigendian=no -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_c_bigendian=yes -fi -rm -fr conftest* -fi - -fi -fi - -echo "$ac_t""$ac_cv_c_bigendian" 1>&6 -if test $ac_cv_c_bigendian = yes; then - cat >> confdefs.h <<\EOF -#define WORDS_BIGENDIAN 1 -EOF - -fi - - -echo $ac_n "checking for working const""... $ac_c" 1>&6 -echo "configure:2516: checking for working const" >&5 -if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <j = 5; -} -{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */ - const int foo = 10; -} - -; return 0; } -EOF -if { (eval echo configure:2570: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_c_const=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_c_const=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_c_const" 1>&6 -if test $ac_cv_c_const = no; then - cat >> confdefs.h <<\EOF -#define const -EOF - -fi - - -echo $ac_n "checking for inline""... $ac_c" 1>&6 -echo "configure:2592: checking for inline" >&5 -if eval "test \"`echo '$''{'ac_cv_c_inline'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_cv_c_inline=no -for ac_kw in inline __inline__ __inline; do - cat > conftest.$ac_ext <&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_c_inline=$ac_kw; break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* -done - -fi - -echo "$ac_t""$ac_cv_c_inline" 1>&6 -case "$ac_cv_c_inline" in - inline | yes) ;; - no) cat >> confdefs.h <<\EOF -#define inline -EOF - ;; - *) cat >> confdefs.h <&6 -echo "configure:2634: checking for __attribute__" >&5 -if eval "test \"`echo '$''{'ac_cv___attribute__'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - -int main() { - -static void foo(void) __attribute__ ((noreturn)); - -static void -foo(void) -{ - exit(1); -} - -; return 0; } -EOF -if { (eval echo configure:2657: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv___attribute__=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv___attribute__=no -fi -rm -f conftest* -fi - -if test "$ac_cv___attribute__" = "yes"; then - cat >> confdefs.h <<\EOF -#define HAVE___ATTRIBUTE__ 1 -EOF - -fi -echo "$ac_t""$ac_cv___attribute__" 1>&6 - - - - -echo $ac_n "checking for NEXTSTEP""... $ac_c" 1>&6 -echo "configure:2681: checking for NEXTSTEP" >&5 -if eval "test \"`echo '$''{'krb_cv_sys_nextstep'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <&5 | - egrep "yes" >/dev/null 2>&1; then - rm -rf conftest* - krb_cv_sys_nextstep=yes -else - rm -rf conftest* - krb_cv_sys_nextstep=no -fi -rm -f conftest* - -fi - -if test "$krb_cv_sys_nextstep" = "yes"; then - CFLAGS="$CFLAGS -posix" - LIBS="$LIBS -posix" -fi -echo "$ac_t""$krb_cv_sys_nextstep" 1>&6 - - -echo $ac_n "checking for AIX""... $ac_c" 1>&6 -echo "configure:2713: checking for AIX" >&5 -if eval "test \"`echo '$''{'krb_cv_sys_aix'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <&5 | - egrep "yes" >/dev/null 2>&1; then - rm -rf conftest* - krb_cv_sys_aix=yes -else - rm -rf conftest* - krb_cv_sys_aix=no -fi -rm -f conftest* - -fi - -echo "$ac_t""$krb_cv_sys_aix" 1>&6 - - -if test "$krb_cv_sys_aix" = yes ;then - if test "$aix_dynamic_afs" = yes; then - AFS_EXTRA_OBJS= - AFS_EXTRA_LIBS=afslib.so - # this works differently in AIX <=3 and 4 - if test `uname -v` = 4 ; then - AFS_EXTRA_LD="-bnoentry" - else - AFS_EXTRA_LD="-e _nostart" - fi - AFS_EXTRA_DEFS= - - - -echo $ac_n "checking for dlopen""... $ac_c" 1>&6 -echo "configure:2755: checking for dlopen" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_dlopen'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_dlopen\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" dl; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dlopen=$ac_lib; else ac_cv_funclib_dlopen=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_dlopen=\${ac_cv_funclib_dlopen-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dlopen" - -: << END -@@@funcs="$funcs dlopen"@@@ -@@@libs="$libs "" dl"@@@ -END - -# dlopen -eval "ac_tr_func=HAVE_`echo dlopen | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dlopen=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dlopen=yes" - eval "LIB_dlopen=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_dlopen=no" - eval "LIB_dlopen=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_dlopen=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - - if test "$ac_cv_funclib_dlopen" = yes; then - AIX_EXTRA_KAFS= - elif test "$ac_cv_funclib_dlopen" != no; then - AIX_EXTRA_KAFS="$ac_cv_funclib_dlopen" - else - AFS_EXTRA_OBJS="$AFS_EXTRA_OBJS dlfcn.o" - AIX_EXTRA_KAFS=-lld - fi - else - AFS_EXTRA_OBJS='$(srcdir)/afsl.exp afslib.o' - AFS_EXTRA_LIBS= - AFS_EXTRA_DEFS='-DSTATIC_AFS_SYSCALLS' - AIX_EXTRA_KAFS= - fi - fi - -# -# AIX needs /lib/pse.exp for getmsg, but alas that file is broken in -# AIX414 -# - -case "${host}" in -*-*-aix4.1*) -if test -f /lib/pse.exp ;then - LIBS="$LIBS -Wl,-bnolibpath -Wl,-bI:/lib/pse.exp" -fi -;; -*-*-aix*) - LIBS="$LIBS -Wl,-bnolibpath" - ;; -esac - - -echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6 -echo "configure:2870: checking for ANSI C header files" >&5 -if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#include -#include -#include -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:2883: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - ac_cv_header_stdc=yes -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_header_stdc=no -fi -rm -f conftest* - -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. -cat > conftest.$ac_ext < -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "memchr" >/dev/null 2>&1; then - : -else - rm -rf conftest* - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. -cat > conftest.$ac_ext < -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "free" >/dev/null 2>&1; then - : -else - rm -rf conftest* - ac_cv_header_stdc=no -fi -rm -f conftest* - -fi - -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. -if test "$cross_compiling" = yes; then - : -else - cat > conftest.$ac_ext < -#define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -#define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int main () { int i; for (i = 0; i < 256; i++) -if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2); -exit (0); } - -EOF -if { (eval echo configure:2950: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - : -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_header_stdc=no -fi -rm -fr conftest* -fi - -fi -fi - -echo "$ac_t""$ac_cv_header_stdc" 1>&6 -if test $ac_cv_header_stdc = yes; then - cat >> confdefs.h <<\EOF -#define STDC_HEADERS 1 -EOF - -fi - - -for ac_hdr in arpa/ftp.h \ - arpa/inet.h \ - arpa/nameser.h \ - arpa/telnet.h \ - bsd/bsd.h \ - bsdsetjmp.h \ - capability.h \ - crypt.h \ - curses.h \ - db.h \ - dbm.h \ - dirent.h \ - err.h \ - errno.h \ - fcntl.h \ - fnmatch.h \ - gdbm/ndbm.h \ - grp.h \ - inttypes.h \ - io.h \ - lastlog.h \ - libutil.h \ - limits.h \ - login.h \ - maillock.h \ - ndbm.h \ - net/if.h \ - net/if_tun.h \ - net/if_var.h \ - netdb.h \ - netinet/in.h \ - netinet/in6_machtypes.h \ - netinet/in_systm.h \ - paths.h \ - pty.h \ - pwd.h \ - resolv.h \ - rpcsvc/dbm.h \ - rpcsvc/ypclnt.h \ - sac.h \ - security/pam_modules.h \ - shadow.h \ - siad.h \ - signal.h \ - stropts.h \ - sys/bitypes.h \ - sys/category.h \ - sys/file.h \ - sys/filio.h \ - sys/ioccom.h \ - sys/ioctl.h \ - sys/locking.h \ - sys/mman.h \ - sys/param.h \ - sys/proc.h \ - sys/pty.h \ - sys/ptyio.h \ - sys/ptyvar.h \ - sys/resource.h \ - sys/select.h \ - sys/socket.h \ - sys/sockio.h \ - sys/stat.h \ - sys/str_tty.h \ - sys/stream.h \ - sys/stropts.h \ - sys/strtty.h \ - sys/syscall.h \ - sys/sysctl.h \ - sys/termio.h \ - sys/time.h \ - sys/timeb.h \ - sys/times.h \ - sys/tty.h \ - sys/types.h \ - sys/uio.h \ - sys/un.h \ - sys/utsname.h \ - sys/wait.h \ - syslog.h \ - term.h \ - termcap.h \ - termio.h \ - termios.h \ - tmpdir.h \ - ttyent.h \ - udb.h \ - ulimit.h \ - unistd.h \ - userpw.h \ - usersec.h \ - util.h \ - utime.h \ - utmp.h \ - utmpx.h \ - wait.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:3073: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:3083: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <&6 -fi -done - - -echo $ac_n "checking whether time.h and sys/time.h may both be included""... $ac_c" 1>&6 -echo "configure:3111: checking whether time.h and sys/time.h may both be included" >&5 -if eval "test \"`echo '$''{'ac_cv_header_time'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#include -#include -int main() { -struct tm *tp; -; return 0; } -EOF -if { (eval echo configure:3125: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_header_time=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_header_time=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_header_time" 1>&6 -if test $ac_cv_header_time = yes; then - cat >> confdefs.h <<\EOF -#define TIME_WITH_SYS_TIME 1 -EOF - -fi - -echo $ac_n "checking for sys_siglist declaration in signal.h or unistd.h""... $ac_c" 1>&6 -echo "configure:3146: checking for sys_siglist declaration in signal.h or unistd.h" >&5 -if eval "test \"`echo '$''{'ac_cv_decl_sys_siglist'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#include -/* NetBSD declares sys_siglist in unistd.h. */ -#ifdef HAVE_UNISTD_H -#include -#endif -int main() { -char *msg = *(sys_siglist + 1); -; return 0; } -EOF -if { (eval echo configure:3163: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_decl_sys_siglist=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_decl_sys_siglist=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_decl_sys_siglist" 1>&6 -if test $ac_cv_decl_sys_siglist = yes; then - cat >> confdefs.h <<\EOF -#define SYS_SIGLIST_DECLARED 1 -EOF - -fi - - - -for ac_hdr in standards.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:3189: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:3199: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <&6 -fi -done - -for i in netinet/ip.h netinet/tcp.h; do - -cv=`echo "$i" | sed 'y%./+-%__p_%'` - -echo $ac_n "checking for $i""... $ac_c" 1>&6 -echo "configure:3230: checking for $i" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$cv'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#include <$i> - -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:3245: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$cv=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$cv=no" -fi -rm -f conftest* -fi - -echo "$ac_t""`eval echo \\$ac_cv_header_$cv`" 1>&6 -if test `eval echo \\$ac_cv_header_$cv` = yes; then - ac_tr_hdr=HAVE_`echo $i | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <&6 -echo "configure:3289: checking for $i" >&5 - -if eval "test \"`echo '$''{'ac_cv_type_$i'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - -int main() { -$i x; - -; return 0; } -EOF -if { (eval echo configure:3319: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval ac_cv_type_$i=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval ac_cv_type_$i=no -fi -rm -f conftest* -fi - - eval ac_res=\$ac_cv_type_$i - if test "$ac_res" = yes; then - type=HAVE_`echo $i | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` - cat >> confdefs.h <&6 -done - - -for i in u_int8_t u_int16_t u_int32_t u_int64_t; do - echo $ac_n "checking for $i""... $ac_c" 1>&6 -echo "configure:3345: checking for $i" >&5 - -if eval "test \"`echo '$''{'ac_cv_type_$i'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_BIND_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - -int main() { -$i x; - -; return 0; } -EOF -if { (eval echo configure:3375: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval ac_cv_type_$i=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval ac_cv_type_$i=no -fi -rm -f conftest* -fi - - eval ac_res=\$ac_cv_type_$i - if test "$ac_res" = yes; then - type=HAVE_`echo $i | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` - cat >> confdefs.h <&6 -done - - -echo $ac_n "checking for strange sys/bitypes.h""... $ac_c" 1>&6 -echo "configure:3400: checking for strange sys/bitypes.h" >&5 -if eval "test \"`echo '$''{'krb_cv_int8_t_ifdef'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif - -int main() { -int8_t x; - -; return 0; } -EOF -if { (eval echo configure:3424: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - krb_cv_int8_t_ifdef=no -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - krb_cv_int8_t_ifdef=yes -fi -rm -f conftest* -fi - -echo "$ac_t""$krb_cv_int8_t_ifdef" 1>&6 -if test "$krb_cv_int8_t_ifdef" = "yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_STRANGE_INT8_T 1 -EOF -fi - - - - - -echo $ac_n "checking for crypt""... $ac_c" 1>&6 -echo "configure:3448: checking for crypt" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_crypt'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_crypt\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" crypt; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_crypt=$ac_lib; else ac_cv_funclib_crypt=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_crypt=\${ac_cv_funclib_crypt-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_crypt" - -: << END -@@@funcs="$funcs crypt"@@@ -@@@libs="$libs "" crypt"@@@ -END - -# crypt -eval "ac_tr_func=HAVE_`echo crypt | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_crypt=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_crypt=yes" - eval "LIB_crypt=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_crypt=no" - eval "LIB_crypt=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_crypt=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - - - - - - -echo $ac_n "checking for socket""... $ac_c" 1>&6 -echo "configure:3535: checking for socket" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_socket'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_socket\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" socket; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -int main() { -socket(0,0,0) -; return 0; } -EOF -if { (eval echo configure:3562: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_socket=$ac_lib; else ac_cv_funclib_socket=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_socket=\${ac_cv_funclib_socket-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_socket" - -: << END -@@@funcs="$funcs socket"@@@ -@@@libs="$libs "" socket"@@@ -END - -# socket -eval "ac_tr_func=HAVE_`echo socket | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_socket=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_socket=yes" - eval "LIB_socket=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_socket=no" - eval "LIB_socket=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_socket=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_socket"; then - LIBS="$LIB_socket $LIBS" -fi - - - - - -echo $ac_n "checking for gethostbyname""... $ac_c" 1>&6 -echo "configure:3630: checking for gethostbyname" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_gethostbyname'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_gethostbyname\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" nsl; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -int main() { -gethostbyname("foo") -; return 0; } -EOF -if { (eval echo configure:3657: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_gethostbyname=$ac_lib; else ac_cv_funclib_gethostbyname=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_gethostbyname=\${ac_cv_funclib_gethostbyname-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_gethostbyname" - -: << END -@@@funcs="$funcs gethostbyname"@@@ -@@@libs="$libs "" nsl"@@@ -END - -# gethostbyname -eval "ac_tr_func=HAVE_`echo gethostbyname | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_gethostbyname=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_gethostbyname=yes" - eval "LIB_gethostbyname=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_gethostbyname=no" - eval "LIB_gethostbyname=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_gethostbyname=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_gethostbyname"; then - LIBS="$LIB_gethostbyname $LIBS" -fi - - - - - - - -echo $ac_n "checking for odm_initialize""... $ac_c" 1>&6 -echo "configure:3727: checking for odm_initialize" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_odm_initialize'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_odm_initialize\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" odm; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_odm_initialize=$ac_lib; else ac_cv_funclib_odm_initialize=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_odm_initialize=\${ac_cv_funclib_odm_initialize-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_odm_initialize" - -: << END -@@@funcs="$funcs odm_initialize"@@@ -@@@libs="$libs "" odm"@@@ -END - -# odm_initialize -eval "ac_tr_func=HAVE_`echo odm_initialize | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_odm_initialize=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_odm_initialize=yes" - eval "LIB_odm_initialize=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_odm_initialize=no" - eval "LIB_odm_initialize=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_odm_initialize=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_odm_initialize"; then - LIBS="$LIB_odm_initialize $LIBS" -fi - - - - - -echo $ac_n "checking for getattr""... $ac_c" 1>&6 -echo "configure:3817: checking for getattr" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_getattr'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_getattr\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" cfg; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_getattr=$ac_lib; else ac_cv_funclib_getattr=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_getattr=\${ac_cv_funclib_getattr-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_getattr" - -: << END -@@@funcs="$funcs getattr"@@@ -@@@libs="$libs "" cfg"@@@ -END - -# getattr -eval "ac_tr_func=HAVE_`echo getattr | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_getattr=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_getattr=yes" - eval "LIB_getattr=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_getattr=no" - eval "LIB_getattr=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_getattr=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_getattr"; then - LIBS="$LIB_getattr $LIBS" -fi - - - - - -echo $ac_n "checking for setpcred""... $ac_c" 1>&6 -echo "configure:3907: checking for setpcred" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_setpcred'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_setpcred\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" s; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_setpcred=$ac_lib; else ac_cv_funclib_setpcred=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_setpcred=\${ac_cv_funclib_setpcred-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_setpcred" - -: << END -@@@funcs="$funcs setpcred"@@@ -@@@libs="$libs "" s"@@@ -END - -# setpcred -eval "ac_tr_func=HAVE_`echo setpcred | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_setpcred=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_setpcred=yes" - eval "LIB_setpcred=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_setpcred=no" - eval "LIB_setpcred=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_setpcred=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_setpcred"; then - LIBS="$LIB_setpcred $LIBS" -fi - - - - - -echo $ac_n "checking for logwtmp""... $ac_c" 1>&6 -echo "configure:3997: checking for logwtmp" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_logwtmp'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_logwtmp\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" util; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_logwtmp=$ac_lib; else ac_cv_funclib_logwtmp=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_logwtmp=\${ac_cv_funclib_logwtmp-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_logwtmp" - -: << END -@@@funcs="$funcs logwtmp"@@@ -@@@libs="$libs "" util"@@@ -END - -# logwtmp -eval "ac_tr_func=HAVE_`echo logwtmp | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_logwtmp=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_logwtmp=yes" - eval "LIB_logwtmp=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_logwtmp=no" - eval "LIB_logwtmp=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_logwtmp=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_logwtmp"; then - LIBS="$LIB_logwtmp $LIBS" -fi - - - - - - -echo $ac_n "checking for logout""... $ac_c" 1>&6 -echo "configure:4088: checking for logout" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_logout'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_logout\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" util; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_logout=$ac_lib; else ac_cv_funclib_logout=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_logout=\${ac_cv_funclib_logout-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_logout" - -: << END -@@@funcs="$funcs logout"@@@ -@@@libs="$libs "" util"@@@ -END - -# logout -eval "ac_tr_func=HAVE_`echo logout | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_logout=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_logout=yes" - eval "LIB_logout=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_logout=no" - eval "LIB_logout=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_logout=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_logout"; then - LIBS="$LIB_logout $LIBS" -fi - - - - -echo $ac_n "checking for tgetent""... $ac_c" 1>&6 -echo "configure:4177: checking for tgetent" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_tgetent'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_tgetent\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" termcap ncurses curses; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_tgetent=$ac_lib; else ac_cv_funclib_tgetent=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_tgetent=\${ac_cv_funclib_tgetent-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_tgetent" - -: << END -@@@funcs="$funcs tgetent"@@@ -@@@libs="$libs "" termcap ncurses curses"@@@ -END - -# tgetent -eval "ac_tr_func=HAVE_`echo tgetent | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_tgetent=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_tgetent=yes" - eval "LIB_tgetent=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_tgetent=no" - eval "LIB_tgetent=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_tgetent=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - - -# If we find X, set shell vars x_includes and x_libraries to the -# paths, otherwise set no_x=yes. -# Uses ac_ vars as temps to allow command line to override cache and checks. -# --without-x overrides everything else, but does not touch the cache. -echo $ac_n "checking for X""... $ac_c" 1>&6 -echo "configure:4264: checking for X" >&5 - -# Check whether --with-x or --without-x was given. -if test "${with_x+set}" = set; then - withval="$with_x" - : -fi - -# $have_x is `yes', `no', `disabled', or empty when we do not yet know. -if test "x$with_x" = xno; then - # The user explicitly disabled X. - have_x=disabled -else - if test "x$x_includes" != xNONE && test "x$x_libraries" != xNONE; then - # Both variables are already set. - have_x=yes - else -if eval "test \"`echo '$''{'ac_cv_have_x'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - # One or both of the vars are not set, and there is no cached value. -ac_x_includes=NO ac_x_libraries=NO -rm -fr conftestdir -if mkdir conftestdir; then - cd conftestdir - # Make sure to not put "make" in the Imakefile rules, since we grep it out. - cat > Imakefile <<'EOF' -acfindx: - @echo 'ac_im_incroot="${INCROOT}"; ac_im_usrlibdir="${USRLIBDIR}"; ac_im_libdir="${LIBDIR}"' -EOF - if (xmkmf) >/dev/null 2>/dev/null && test -f Makefile; then - # GNU make sometimes prints "make[1]: Entering...", which would confuse us. - eval `${MAKE-make} acfindx 2>/dev/null | grep -v make` - # Open Windows xmkmf reportedly sets LIBDIR instead of USRLIBDIR. - for ac_extension in a so sl; do - if test ! -f $ac_im_usrlibdir/libX11.$ac_extension && - test -f $ac_im_libdir/libX11.$ac_extension; then - ac_im_usrlibdir=$ac_im_libdir; break - fi - done - # Screen out bogus values from the imake configuration. They are - # bogus both because they are the default anyway, and because - # using them would break gcc on systems where it needs fixed includes. - case "$ac_im_incroot" in - /usr/include) ;; - *) test -f "$ac_im_incroot/X11/Xos.h" && ac_x_includes="$ac_im_incroot" ;; - esac - case "$ac_im_usrlibdir" in - /usr/lib | /lib) ;; - *) test -d "$ac_im_usrlibdir" && ac_x_libraries="$ac_im_usrlibdir" ;; - esac - fi - cd .. - rm -fr conftestdir -fi - -if test "$ac_x_includes" = NO; then - # Guess where to find include files, by looking for this one X11 .h file. - test -z "$x_direct_test_include" && x_direct_test_include=X11/Intrinsic.h - - # First, try using that file with no special directory specified. -cat > conftest.$ac_ext < -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:4331: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - # We can compile using X headers with no special include directory. -ac_x_includes= -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - # Look for the header file in a standard set of common directories. -# Check X11 before X11Rn because it is often a symlink to the current release. - for ac_dir in \ - /usr/X11/include \ - /usr/X11R6/include \ - /usr/X11R5/include \ - /usr/X11R4/include \ - \ - /usr/include/X11 \ - /usr/include/X11R6 \ - /usr/include/X11R5 \ - /usr/include/X11R4 \ - \ - /usr/local/X11/include \ - /usr/local/X11R6/include \ - /usr/local/X11R5/include \ - /usr/local/X11R4/include \ - \ - /usr/local/include/X11 \ - /usr/local/include/X11R6 \ - /usr/local/include/X11R5 \ - /usr/local/include/X11R4 \ - \ - /usr/X386/include \ - /usr/x386/include \ - /usr/XFree86/include/X11 \ - \ - /usr/include \ - /usr/local/include \ - /usr/unsupported/include \ - /usr/athena/include \ - /usr/local/x11r5/include \ - /usr/lpp/Xamples/include \ - \ - /usr/openwin/include \ - /usr/openwin/share/include \ - ; \ - do - if test -r "$ac_dir/$x_direct_test_include"; then - ac_x_includes=$ac_dir - break - fi - done -fi -rm -f conftest* -fi # $ac_x_includes = NO - -if test "$ac_x_libraries" = NO; then - # Check for the libraries. - - test -z "$x_direct_test_library" && x_direct_test_library=Xt - test -z "$x_direct_test_function" && x_direct_test_function=XtMalloc - - # See if we find them without any special options. - # Don't add to $LIBS permanently. - ac_save_LIBS="$LIBS" - LIBS="-l$x_direct_test_library $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - LIBS="$ac_save_LIBS" -# We can link X programs with no special library path. -ac_x_libraries= -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - LIBS="$ac_save_LIBS" -# First see if replacing the include by lib works. -# Check X11 before X11Rn because it is often a symlink to the current release. -for ac_dir in `echo "$ac_x_includes" | sed s/include/lib/` \ - /usr/X11/lib \ - /usr/X11R6/lib \ - /usr/X11R5/lib \ - /usr/X11R4/lib \ - \ - /usr/lib/X11 \ - /usr/lib/X11R6 \ - /usr/lib/X11R5 \ - /usr/lib/X11R4 \ - \ - /usr/local/X11/lib \ - /usr/local/X11R6/lib \ - /usr/local/X11R5/lib \ - /usr/local/X11R4/lib \ - \ - /usr/local/lib/X11 \ - /usr/local/lib/X11R6 \ - /usr/local/lib/X11R5 \ - /usr/local/lib/X11R4 \ - \ - /usr/X386/lib \ - /usr/x386/lib \ - /usr/XFree86/lib/X11 \ - \ - /usr/lib \ - /usr/local/lib \ - /usr/unsupported/lib \ - /usr/athena/lib \ - /usr/local/x11r5/lib \ - /usr/lpp/Xamples/lib \ - /lib/usr/lib/X11 \ - \ - /usr/openwin/lib \ - /usr/openwin/share/lib \ - ; \ -do - for ac_extension in a so sl; do - if test -r $ac_dir/lib${x_direct_test_library}.$ac_extension; then - ac_x_libraries=$ac_dir - break 2 - fi - done -done -fi -rm -f conftest* -fi # $ac_x_libraries = NO - -if test "$ac_x_includes" = NO || test "$ac_x_libraries" = NO; then - # Didn't find X anywhere. Cache the known absence of X. - ac_cv_have_x="have_x=no" -else - # Record where we found X for the cache. - ac_cv_have_x="have_x=yes \ - ac_x_includes=$ac_x_includes ac_x_libraries=$ac_x_libraries" -fi -fi - fi - eval "$ac_cv_have_x" -fi # $with_x != no - -if test "$have_x" != yes; then - echo "$ac_t""$have_x" 1>&6 - no_x=yes -else - # If each of the values was on the command line, it overrides each guess. - test "x$x_includes" = xNONE && x_includes=$ac_x_includes - test "x$x_libraries" = xNONE && x_libraries=$ac_x_libraries - # Update the cache value to reflect the command line values. - ac_cv_have_x="have_x=yes \ - ac_x_includes=$x_includes ac_x_libraries=$x_libraries" - echo "$ac_t""libraries $x_libraries, headers $x_includes" 1>&6 -fi - - -if test "$no_x" = yes; then - # Not all programs may use this symbol, but it does not hurt to define it. - cat >> confdefs.h <<\EOF -#define X_DISPLAY_MISSING 1 -EOF - - X_CFLAGS= X_PRE_LIBS= X_LIBS= X_EXTRA_LIBS= -else - if test -n "$x_includes"; then - X_CFLAGS="$X_CFLAGS -I$x_includes" - fi - - # It would also be nice to do this for all -L options, not just this one. - if test -n "$x_libraries"; then - X_LIBS="$X_LIBS -L$x_libraries" - # For Solaris; some versions of Sun CC require a space after -R and - # others require no space. Words are not sufficient . . . . - case "`(uname -sr) 2>/dev/null`" in - "SunOS 5"*) - echo $ac_n "checking whether -R must be followed by a space""... $ac_c" 1>&6 -echo "configure:4514: checking whether -R must be followed by a space" >&5 - ac_xsave_LIBS="$LIBS"; LIBS="$LIBS -R$x_libraries" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_R_nospace=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_R_nospace=no -fi -rm -f conftest* - if test $ac_R_nospace = yes; then - echo "$ac_t""no" 1>&6 - X_LIBS="$X_LIBS -R$x_libraries" - else - LIBS="$ac_xsave_LIBS -R $x_libraries" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_R_space=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_R_space=no -fi -rm -f conftest* - if test $ac_R_space = yes; then - echo "$ac_t""yes" 1>&6 - X_LIBS="$X_LIBS -R $x_libraries" - else - echo "$ac_t""neither works" 1>&6 - fi - fi - LIBS="$ac_xsave_LIBS" - esac - fi - - # Check for system-dependent libraries X programs must link with. - # Do this before checking for the system-independent R6 libraries - # (-lICE), since we may need -lsocket or whatever for X linking. - - if test "$ISC" = yes; then - X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl_s -linet" - else - # Martyn.Johnson@cl.cam.ac.uk says this is needed for Ultrix, if the X - # libraries were built with DECnet support. And karl@cs.umb.edu says - # the Alpha needs dnet_stub (dnet does not exist). - echo $ac_n "checking for dnet_ntoa in -ldnet""... $ac_c" 1>&6 -echo "configure:4579: checking for dnet_ntoa in -ldnet" >&5 -ac_lib_var=`echo dnet'_'dnet_ntoa | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldnet $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet" -else - echo "$ac_t""no" 1>&6 -fi - - if test $ac_cv_lib_dnet_dnet_ntoa = no; then - echo $ac_n "checking for dnet_ntoa in -ldnet_stub""... $ac_c" 1>&6 -echo "configure:4620: checking for dnet_ntoa in -ldnet_stub" >&5 -ac_lib_var=`echo dnet_stub'_'dnet_ntoa | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-ldnet_stub $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - X_EXTRA_LIBS="$X_EXTRA_LIBS -ldnet_stub" -else - echo "$ac_t""no" 1>&6 -fi - - fi - - # msh@cis.ufl.edu says -lnsl (and -lsocket) are needed for his 386/AT, - # to get the SysV transport functions. - # chad@anasazi.com says the Pyramis MIS-ES running DC/OSx (SVR4) - # needs -lnsl. - # The nsl library prevents programs from opening the X display - # on Irix 5.2, according to dickey@clark.net. - echo $ac_n "checking for gethostbyname""... $ac_c" 1>&6 -echo "configure:4668: checking for gethostbyname" >&5 -if eval "test \"`echo '$''{'ac_cv_func_gethostbyname'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char gethostbyname(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_gethostbyname) || defined (__stub___gethostbyname) -choke me -#else -gethostbyname(); -#endif - -; return 0; } -EOF -if { (eval echo configure:4696: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_gethostbyname=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_gethostbyname=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'gethostbyname`\" = yes"; then - echo "$ac_t""yes" 1>&6 - : -else - echo "$ac_t""no" 1>&6 -fi - - if test $ac_cv_func_gethostbyname = no; then - echo $ac_n "checking for gethostbyname in -lnsl""... $ac_c" 1>&6 -echo "configure:4717: checking for gethostbyname in -lnsl" >&5 -ac_lib_var=`echo nsl'_'gethostbyname | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lnsl $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - X_EXTRA_LIBS="$X_EXTRA_LIBS -lnsl" -else - echo "$ac_t""no" 1>&6 -fi - - fi - - # lieder@skyler.mavd.honeywell.com says without -lsocket, - # socket/setsockopt and other routines are undefined under SCO ODT - # 2.0. But -lsocket is broken on IRIX 5.2 (and is not necessary - # on later versions), says simon@lia.di.epfl.ch: it contains - # gethostby* variants that don't use the nameserver (or something). - # -lsocket must be given before -lnsl if both are needed. - # We assume that if connect needs -lnsl, so does gethostbyname. - echo $ac_n "checking for connect""... $ac_c" 1>&6 -echo "configure:4766: checking for connect" >&5 -if eval "test \"`echo '$''{'ac_cv_func_connect'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char connect(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_connect) || defined (__stub___connect) -choke me -#else -connect(); -#endif - -; return 0; } -EOF -if { (eval echo configure:4794: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_connect=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_connect=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'connect`\" = yes"; then - echo "$ac_t""yes" 1>&6 - : -else - echo "$ac_t""no" 1>&6 -fi - - if test $ac_cv_func_connect = no; then - echo $ac_n "checking for connect in -lsocket""... $ac_c" 1>&6 -echo "configure:4815: checking for connect in -lsocket" >&5 -ac_lib_var=`echo socket'_'connect | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lsocket $X_EXTRA_LIBS $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - X_EXTRA_LIBS="-lsocket $X_EXTRA_LIBS" -else - echo "$ac_t""no" 1>&6 -fi - - fi - - # gomez@mi.uni-erlangen.de says -lposix is necessary on A/UX. - echo $ac_n "checking for remove""... $ac_c" 1>&6 -echo "configure:4858: checking for remove" >&5 -if eval "test \"`echo '$''{'ac_cv_func_remove'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char remove(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_remove) || defined (__stub___remove) -choke me -#else -remove(); -#endif - -; return 0; } -EOF -if { (eval echo configure:4886: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_remove=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_remove=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'remove`\" = yes"; then - echo "$ac_t""yes" 1>&6 - : -else - echo "$ac_t""no" 1>&6 -fi - - if test $ac_cv_func_remove = no; then - echo $ac_n "checking for remove in -lposix""... $ac_c" 1>&6 -echo "configure:4907: checking for remove in -lposix" >&5 -ac_lib_var=`echo posix'_'remove | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lposix $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - X_EXTRA_LIBS="$X_EXTRA_LIBS -lposix" -else - echo "$ac_t""no" 1>&6 -fi - - fi - - # BSDI BSD/OS 2.1 needs -lipc for XOpenDisplay. - echo $ac_n "checking for shmat""... $ac_c" 1>&6 -echo "configure:4950: checking for shmat" >&5 -if eval "test \"`echo '$''{'ac_cv_func_shmat'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char shmat(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_shmat) || defined (__stub___shmat) -choke me -#else -shmat(); -#endif - -; return 0; } -EOF -if { (eval echo configure:4978: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_shmat=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_shmat=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'shmat`\" = yes"; then - echo "$ac_t""yes" 1>&6 - : -else - echo "$ac_t""no" 1>&6 -fi - - if test $ac_cv_func_shmat = no; then - echo $ac_n "checking for shmat in -lipc""... $ac_c" 1>&6 -echo "configure:4999: checking for shmat in -lipc" >&5 -ac_lib_var=`echo ipc'_'shmat | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lipc $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - X_EXTRA_LIBS="$X_EXTRA_LIBS -lipc" -else - echo "$ac_t""no" 1>&6 -fi - - fi - fi - - # Check for libraries that X11R6 Xt/Xaw programs need. - ac_save_LDFLAGS="$LDFLAGS" - test -n "$x_libraries" && LDFLAGS="$LDFLAGS -L$x_libraries" - # SM needs ICE to (dynamically) link under SunOS 4.x (so we have to - # check for ICE first), but we must link in the order -lSM -lICE or - # we get undefined symbols. So assume we have SM if we have ICE. - # These have to be linked with before -lX11, unlike the other - # libraries we check for below, so use a different variable. - # --interran@uluru.Stanford.EDU, kb@cs.umb.edu. - echo $ac_n "checking for IceConnectionNumber in -lICE""... $ac_c" 1>&6 -echo "configure:5051: checking for IceConnectionNumber in -lICE" >&5 -ac_lib_var=`echo ICE'_'IceConnectionNumber | sed 'y%./+-%__p_%'` -if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_save_LIBS="$LIBS" -LIBS="-lICE $X_EXTRA_LIBS $LIBS" -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_lib_$ac_lib_var=no" -fi -rm -f conftest* -LIBS="$ac_save_LIBS" - -fi -if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then - echo "$ac_t""yes" 1>&6 - X_PRE_LIBS="$X_PRE_LIBS -lSM -lICE" -else - echo "$ac_t""no" 1>&6 -fi - - LDFLAGS="$ac_save_LDFLAGS" - -fi - - -# try to figure out if we need any additional ld flags, like -R -# and yes, the autoconf X test is utterly broken -if test "$no_x" != yes; then - echo $ac_n "checking for special X linker flags""... $ac_c" 1>&6 -echo "configure:5099: checking for special X linker flags" >&5 -if eval "test \"`echo '$''{'krb_cv_sys_x_libs_rpath'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - - ac_save_libs="$LIBS" - ac_save_cflags="$CFLAGS" - CFLAGS="$CFLAGS $X_CFLAGS" - krb_cv_sys_x_libs_rpath="" - krb_cv_sys_x_libs="" - for rflag in "" "-R" "-R " "-rpath "; do - if test "$rflag" = ""; then - foo="$X_LIBS" - else - foo="" - for flag in $X_LIBS; do - case $flag in - -L*) - foo="$foo $flag `echo $flag | sed \"s/-L/$rflag/\"`" - ;; - *) - foo="$foo $flag" - ;; - esac - done - fi - LIBS="$ac_save_libs $foo $X_PRE_LIBS -lX11 $X_EXTRA_LIBS" - if test "$cross_compiling" = yes; then - { echo "configure: error: can not run test program while cross compiling" 1>&2; exit 1; } -else - cat > conftest.$ac_ext < - foo() - { - XOpenDisplay(NULL); - } - main() - { - return 0; - } - -EOF -if { (eval echo configure:5144: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - : -fi -rm -fr conftest* -fi - - done - LIBS="$ac_save_libs" - CFLAGS="$ac_save_cflags" - -fi - -echo "$ac_t""$krb_cv_sys_x_libs_rpath" 1>&6 - X_LIBS="$krb_cv_sys_x_libs" -fi - -if test "$no_x" = "yes" ; then - MAKE_X_PROGS_BIN="" - MAKE_X_SCRIPTS_BIN="" - MAKE_X_PROGS_LIBEXEC="" -else - MAKE_X_PROGS_BIN='$(X_PROGS_BIN)' - MAKE_X_SCRIPTS_BIN='$(X_SCRIPTS_BIN)' - MAKE_X_PROGS_LIBEXEC='$(X_PROGS_LIBEXEC)' -fi - - -save_CFLAGS="$CFLAGS" -CFLAGS="$X_CFLAGS $CFLAGS" -save_LIBS="$LIBS" -LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS" -save_LDFLAGS="$LDFLAGS" -LDFLAGS="$LDFLAGS $X_LIBS" - - - - - -echo $ac_n "checking for XauWriteAuth""... $ac_c" 1>&6 -echo "configure:5189: checking for XauWriteAuth" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_XauWriteAuth'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_XauWriteAuth\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" X11 Xau; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauWriteAuth=$ac_lib; else ac_cv_funclib_XauWriteAuth=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_XauWriteAuth=\${ac_cv_funclib_XauWriteAuth-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_XauWriteAuth" - -: << END -@@@funcs="$funcs XauWriteAuth"@@@ -@@@libs="$libs "" X11 Xau"@@@ -END - -# XauWriteAuth -eval "ac_tr_func=HAVE_`echo XauWriteAuth | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_XauWriteAuth=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_XauWriteAuth=yes" - eval "LIB_XauWriteAuth=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_XauWriteAuth=no" - eval "LIB_XauWriteAuth=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_XauWriteAuth=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -ac_xxx="$LIBS" -LIBS="$LIB_XauWriteAuth $LIBS" - - - -echo $ac_n "checking for XauReadAuth""... $ac_c" 1>&6 -echo "configure:5276: checking for XauReadAuth" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_XauReadAuth'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_XauReadAuth\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" X11 Xau; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauReadAuth=$ac_lib; else ac_cv_funclib_XauReadAuth=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_XauReadAuth=\${ac_cv_funclib_XauReadAuth-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_XauReadAuth" - -: << END -@@@funcs="$funcs XauReadAuth"@@@ -@@@libs="$libs "" X11 Xau"@@@ -END - -# XauReadAuth -eval "ac_tr_func=HAVE_`echo XauReadAuth | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_XauReadAuth=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_XauReadAuth=yes" - eval "LIB_XauReadAuth=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_XauReadAuth=no" - eval "LIB_XauReadAuth=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_XauReadAuth=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -LIBS="$LIB_XauReadAauth $LIBS" - - - -echo $ac_n "checking for XauFileName""... $ac_c" 1>&6 -echo "configure:5362: checking for XauFileName" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_XauFileName'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_XauFileName\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" X11 Xau; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_XauFileName=$ac_lib; else ac_cv_funclib_XauFileName=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_XauFileName=\${ac_cv_funclib_XauFileName-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_XauFileName" - -: << END -@@@funcs="$funcs XauFileName"@@@ -@@@libs="$libs "" X11 Xau"@@@ -END - -# XauFileName -eval "ac_tr_func=HAVE_`echo XauFileName | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_XauFileName=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_XauFileName=yes" - eval "LIB_XauFileName=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_XauFileName=no" - eval "LIB_XauFileName=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_XauFileName=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -LIBS="$ac_xxx" - -case "$ac_cv_funclib_XauWriteAuth" in -yes) ;; -no) ;; -*) if test "$ac_cv_funclib_XauReadAuth" = yes; then - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauWriteAuth $LIB_XauFileName" - fi - else - if test "$ac_cv_funclib_XauFileName" = yes; then - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth" - else - LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth $LIB_XauFileName" - fi - fi - ;; -esac - -if test "$AUTOMAKE" != ""; then - - -if test "$ac_cv_func_XauWriteAuth" != "yes"; then - NEED_WRITEAUTH_TRUE= - NEED_WRITEAUTH_FALSE='#' -else - NEED_WRITEAUTH_TRUE='#' - NEED_WRITEAUTH_FALSE= -fi -else - - - if test "$ac_cv_func_XauWriteAuth" != "yes"; then - NEED_WRITEAUTH_TRUE= - NEED_WRITEAUTH_FALSE='#' - else - NEED_WRITEAUTH_TRUE='#' - NEED_WRITEAUTH_FALSE= - fi -fi -CFLAGS=$save_CFLAGS -LIBS=$save_LIBS -LDFLAGS=$save_LDFLAGS - - - - - -lib_dbm=no -lib_db=no - -for i in "" $berkeley_db gdbm ndbm; do - - if test "$i"; then - m="lib$i" - l="-l$i" - else - m="libc" - l="" - fi - - echo $ac_n "checking for dbm_open in $m""... $ac_c" 1>&6 -echo "configure:5507: checking for dbm_open in $m" >&5 - if eval "test \"`echo '$''{'ac_cv_krb_dbm_open_$m'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - - - save_LIBS="$LIBS" - LIBS="$l $LIBS" - if test "$cross_compiling" = yes; then - ac_res=no -else - cat > conftest.$ac_ext < -#include -#if defined(HAVE_NDBM_H) -#include -#elif defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_DBM_H) -#include -#elif defined(HAVE_RPCSVC_DBM_H) -#include -#elif defined(HAVE_DB_H) -#define DB_DBM_HSEARCH 1 -#include -#endif -int main() -{ - DBM *d; - - d = dbm_open("conftest", O_RDWR | O_CREAT, 0666); - if(d == NULL) - return 1; - dbm_close(d); - return 0; -} -EOF -if { (eval echo configure:5547: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - - if test -f conftest.db; then - ac_res=db - else - ac_res=dbm - fi -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_res=no -fi -rm -fr conftest* -fi - - - LIBS="$save_LIBS" - - eval ac_cv_krb_dbm_open_$m=$ac_res -fi - - eval ac_res=\$ac_cv_krb_dbm_open_$m - echo "$ac_t""$ac_res" 1>&6 - - if test "$lib_dbm" = no -a $ac_res = dbm; then - lib_dbm="$l" - elif test "$lib_db" = no -a $ac_res = db; then - lib_db="$l" - break - fi -done - -echo $ac_n "checking for NDBM library""... $ac_c" 1>&6 -echo "configure:5582: checking for NDBM library" >&5 -ac_ndbm=no -if test "$lib_db" != no; then - LIB_DBM="$lib_db" - ac_ndbm=yes - cat >> confdefs.h <<\EOF -#define HAVE_NEW_DB 1 -EOF - - if test "$LIB_DBM"; then - ac_res="yes, $LIB_DBM" - else - ac_res=yes - fi -elif test "$lib_dbm" != no; then - LIB_DBM="$lib_dbm" - ac_ndbm=yes - if test "$LIB_DBM"; then - ac_res="yes, $LIB_DBM" - else - ac_res=yes - fi -else - LIB_DBM="" - ac_res=no -fi -test "$ac_ndbm" = yes && cat >> confdefs.h <<\EOF -#define NDBM 1 -EOF - -DBLIB="$LIB_DBM" - -echo "$ac_t""$ac_res" 1>&6 - - - - - - - -echo $ac_n "checking for syslog""... $ac_c" 1>&6 -echo "configure:5623: checking for syslog" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_syslog'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_syslog\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" syslog; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_syslog=$ac_lib; else ac_cv_funclib_syslog=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_syslog=\${ac_cv_funclib_syslog-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_syslog" - -: << END -@@@funcs="$funcs syslog"@@@ -@@@libs="$libs "" syslog"@@@ -END - -# syslog -eval "ac_tr_func=HAVE_`echo syslog | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_syslog=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_syslog=yes" - eval "LIB_syslog=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_syslog=no" - eval "LIB_syslog=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_syslog=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_syslog"; then - LIBS="$LIB_syslog $LIBS" -fi - - - -echo $ac_n "checking for working snprintf""... $ac_c" 1>&6 -echo "configure:5711: checking for working snprintf" >&5 -if eval "test \"`echo '$''{'ac_cv_func_snprintf_working'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_cv_func_snprintf_working=yes -if test "$cross_compiling" = yes; then - : -else - cat > conftest.$ac_ext < -#include -int main() -{ - char foo[3]; - snprintf(foo, 2, "12"); - return strcmp(foo, "1"); -} -EOF -if { (eval echo configure:5732: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - : -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_func_snprintf_working=no -fi -rm -fr conftest* -fi - -fi - -echo "$ac_t""$ac_cv_func_snprintf_working" 1>&6 - -if test "$ac_cv_func_snprintf_working" = yes; then - cat >> confdefs.h <&6 -echo "configure:5758: checking if snprintf needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_snprintf_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -int main() { -struct foo { int foo; } xx; -extern int snprintf (struct foo*); -snprintf(&xx); - -; return 0; } -EOF -if { (eval echo configure:5773: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_snprintf_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_snprintf_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_snprintf_noproto" 1>&6 - -if test "$ac_cv_func_snprintf_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_SNPRINTF_PROTO 1 -EOF - -fi - -fi - -fi - - -echo $ac_n "checking for working glob""... $ac_c" 1>&6 -echo "configure:5800: checking for working glob" >&5 -if eval "test \"`echo '$''{'ac_cv_func_glob_working'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_cv_func_glob_working=yes -cat > conftest.$ac_ext < -#include -int main() { - -glob(NULL, GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE, NULL, NULL); - -; return 0; } -EOF -if { (eval echo configure:5817: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - : -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_func_glob_working=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_glob_working" 1>&6 - -if test "$ac_cv_func_glob_working" = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_GLOB 1 -EOF - -fi -if test "$ac_cv_func_glob_working" = yes; then - -if test "$ac_cv_func_glob+set" != set -o "$ac_cv_func_glob" = yes; then -echo $ac_n "checking if glob needs a prototype""... $ac_c" 1>&6 -echo "configure:5841: checking if glob needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_glob_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#include -int main() { -struct foo { int foo; } xx; -extern int glob (struct foo*); -glob(&xx); - -; return 0; } -EOF -if { (eval echo configure:5857: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_glob_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_glob_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_glob_noproto" 1>&6 - -if test "$ac_cv_func_glob_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_GLOB_PROTO 1 -EOF - -fi - -fi - -fi - - -if test "$ac_cv_func_glob_working" != yes; then - EXTRA_LOCL_HEADERS="$EXTRA_LOCL_HEADERS glob.h" - LIBOBJS="$LIBOBJS glob.o" -fi - -for ac_func in \ - _getpty \ - _scrsize \ - _setsid \ - _stricmp \ - asnprintf \ - asprintf \ - atexit \ - cgetent \ - chroot \ - fattach \ - fchmod \ - fcntl \ - forkpty \ - frevoke \ - getpriority \ - getrlimit \ - getservbyname \ - getspnam \ - gettimeofday \ - gettosbyname \ - getuid \ - grantpt \ - mktime \ - on_exit \ - parsetos \ - ptsname \ - rand \ - random \ - revoke \ - setitimer \ - setpgid \ - setpriority \ - setproctitle \ - setregid \ - setresgid \ - setresuid \ - setreuid \ - setsid \ - setutent \ - sigaction \ - sysconf \ - sysctl \ - ttyname \ - ttyslot \ - ulimit \ - uname \ - unlockpt \ - vasnprintf \ - vasprintf \ - vhangup \ - vsnprintf \ - yp_get_default_domain \ - -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:5944: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:5972: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` - cat >> confdefs.h <&6 -fi -done - - - - -for ac_hdr in capability.h sys/capability.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:6003: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6013: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <&6 -fi -done - - -for ac_func in sgi_getcapabilitybyname cap_set_proc -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:6043: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:6071: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` - cat >> confdefs.h <&6 -fi -done - - - - - - - -echo $ac_n "checking for getpwnam_r""... $ac_c" 1>&6 -echo "configure:6102: checking for getpwnam_r" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_getpwnam_r'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_getpwnam_r\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" c_r; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_getpwnam_r=$ac_lib; else ac_cv_funclib_getpwnam_r=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_getpwnam_r=\${ac_cv_funclib_getpwnam_r-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_getpwnam_r" - -: << END -@@@funcs="$funcs getpwnam_r"@@@ -@@@libs="$libs "" c_r"@@@ -END - -# getpwnam_r -eval "ac_tr_func=HAVE_`echo getpwnam_r | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_getpwnam_r=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_getpwnam_r=yes" - eval "LIB_getpwnam_r=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_getpwnam_r=no" - eval "LIB_getpwnam_r=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_getpwnam_r=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test "$ac_cv_func_getpwnam_r" = yes; then - echo $ac_n "checking if getpwnam_r is posix""... $ac_c" 1>&6 -echo "configure:6185: checking if getpwnam_r is posix" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getpwnam_r_posix'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - ac_libs="$LIBS" - LIBS="$LIBS $LIB_getpwnam_r" - if test "$cross_compiling" = yes; then - : -else - cat > conftest.$ac_ext < -int main() -{ - struct passwd pw, *pwd; - return getpwnam_r("", &pw, NULL, 0, &pwd) < 0; -} - -EOF -if { (eval echo configure:6206: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_func_getpwnam_r_posix=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_func_getpwnam_r_posix=no -fi -rm -fr conftest* -fi - -LIBS="$ac_libs" -fi - -echo "$ac_t""$ac_cv_func_getpwnam_r_posix" 1>&6 -if test "$ac_cv_func_getpwnam_r_posix" = yes; then - cat >> confdefs.h <<\EOF -#define POSIX_GETPWNAM_R 1 -EOF - -fi -fi - - - - - -echo $ac_n "checking for getsockopt""... $ac_c" 1>&6 -echo "configure:6235: checking for getsockopt" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_getsockopt'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_getsockopt\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -int main() { -getsockopt(0,0,0,0,0) -; return 0; } -EOF -if { (eval echo configure:6262: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_getsockopt=$ac_lib; else ac_cv_funclib_getsockopt=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_getsockopt=\${ac_cv_funclib_getsockopt-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_getsockopt" - -: << END -@@@funcs="$funcs getsockopt"@@@ -@@@libs="$libs "" "@@@ -END - -# getsockopt -eval "ac_tr_func=HAVE_`echo getsockopt | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_getsockopt=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_getsockopt=yes" - eval "LIB_getsockopt=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_getsockopt=no" - eval "LIB_getsockopt=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_getsockopt=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - - - - -echo $ac_n "checking for setsockopt""... $ac_c" 1>&6 -echo "configure:6325: checking for setsockopt" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_setsockopt'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_setsockopt\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" ; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -int main() { -setsockopt(0,0,0,0,0) -; return 0; } -EOF -if { (eval echo configure:6352: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_setsockopt=$ac_lib; else ac_cv_funclib_setsockopt=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_setsockopt=\${ac_cv_funclib_setsockopt-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_setsockopt" - -: << END -@@@funcs="$funcs setsockopt"@@@ -@@@libs="$libs "" "@@@ -END - -# setsockopt -eval "ac_tr_func=HAVE_`echo setsockopt | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_setsockopt=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_setsockopt=yes" - eval "LIB_setsockopt=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_setsockopt=no" - eval "LIB_setsockopt=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_setsockopt=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - - -for ac_func in getudbnam setlim -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:6415: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:6443: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` - cat >> confdefs.h <&6 -fi -done - - - - - - -echo $ac_n "checking for res_search""... $ac_c" 1>&6 -echo "configure:6473: checking for res_search" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_res_search'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_res_search\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext < -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -int main() { -res_search(0,0,0,0,0) -; return 0; } -EOF -if { (eval echo configure:6509: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_res_search=$ac_lib; else ac_cv_funclib_res_search=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_res_search=\${ac_cv_funclib_res_search-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_res_search" - -: << END -@@@funcs="$funcs res_search"@@@ -@@@libs="$libs "" resolv"@@@ -END - -# res_search -eval "ac_tr_func=HAVE_`echo res_search | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_res_search=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_res_search=yes" - eval "LIB_res_search=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_res_search=no" - eval "LIB_res_search=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_res_search=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_res_search"; then - LIBS="$LIB_res_search $LIBS" -fi - - - - - - -echo $ac_n "checking for dn_expand""... $ac_c" 1>&6 -echo "configure:6578: checking for dn_expand" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_dn_expand'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_dn_expand\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext < -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -int main() { -dn_expand(0,0,0,0,0) -; return 0; } -EOF -if { (eval echo configure:6614: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_dn_expand=$ac_lib; else ac_cv_funclib_dn_expand=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_dn_expand=\${ac_cv_funclib_dn_expand-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_dn_expand" - -: << END -@@@funcs="$funcs dn_expand"@@@ -@@@libs="$libs "" resolv"@@@ -END - -# dn_expand -eval "ac_tr_func=HAVE_`echo dn_expand | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_dn_expand=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_dn_expand=yes" - eval "LIB_dn_expand=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_dn_expand=no" - eval "LIB_dn_expand=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_dn_expand=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_dn_expand"; then - LIBS="$LIB_dn_expand $LIBS" -fi - - - -for ac_hdr in unistd.h -do -ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'` -echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6 -echo "configure:6683: checking for $ac_hdr" >&5 -if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -EOF -ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out" -{ (eval echo configure:6693: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; } -ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"` -if test -z "$ac_err"; then - rm -rf conftest* - eval "ac_cv_header_$ac_safe=yes" -else - echo "$ac_err" >&5 - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_header_$ac_safe=no" -fi -rm -f conftest* -fi -if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'` - cat >> confdefs.h <&6 -fi -done - -for ac_func in getpagesize -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:6722: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:6750: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` - cat >> confdefs.h <&6 -fi -done - -echo $ac_n "checking for working mmap""... $ac_c" 1>&6 -echo "configure:6775: checking for working mmap" >&5 -if eval "test \"`echo '$''{'ac_cv_func_mmap_fixed_mapped'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test "$cross_compiling" = yes; then - ac_cv_func_mmap_fixed_mapped=no -else - cat > conftest.$ac_ext < -#include -#include - -/* This mess was copied from the GNU getpagesize.h. */ -#ifndef HAVE_GETPAGESIZE -# ifdef HAVE_UNISTD_H -# include -# endif - -/* Assume that all systems that can run configure have sys/param.h. */ -# ifndef HAVE_SYS_PARAM_H -# define HAVE_SYS_PARAM_H 1 -# endif - -# ifdef _SC_PAGESIZE -# define getpagesize() sysconf(_SC_PAGESIZE) -# else /* no _SC_PAGESIZE */ -# ifdef HAVE_SYS_PARAM_H -# include -# ifdef EXEC_PAGESIZE -# define getpagesize() EXEC_PAGESIZE -# else /* no EXEC_PAGESIZE */ -# ifdef NBPG -# define getpagesize() NBPG * CLSIZE -# ifndef CLSIZE -# define CLSIZE 1 -# endif /* no CLSIZE */ -# else /* no NBPG */ -# ifdef NBPC -# define getpagesize() NBPC -# else /* no NBPC */ -# ifdef PAGESIZE -# define getpagesize() PAGESIZE -# endif /* PAGESIZE */ -# endif /* no NBPC */ -# endif /* no NBPG */ -# endif /* no EXEC_PAGESIZE */ -# else /* no HAVE_SYS_PARAM_H */ -# define getpagesize() 8192 /* punt totally */ -# endif /* no HAVE_SYS_PARAM_H */ -# endif /* no _SC_PAGESIZE */ - -#endif /* no HAVE_GETPAGESIZE */ - -#ifdef __cplusplus -extern "C" { void *malloc(unsigned); } -#else -char *malloc(); -#endif - -int -main() -{ - char *data, *data2, *data3; - int i, pagesize; - int fd; - - pagesize = getpagesize(); - - /* - * First, make a file with some known garbage in it. - */ - data = malloc(pagesize); - if (!data) - exit(1); - for (i = 0; i < pagesize; ++i) - *(data + i) = rand(); - umask(0); - fd = creat("conftestmmap", 0600); - if (fd < 0) - exit(1); - if (write(fd, data, pagesize) != pagesize) - exit(1); - close(fd); - - /* - * Next, try to mmap the file at a fixed address which - * already has something else allocated at it. If we can, - * also make sure that we see the same garbage. - */ - fd = open("conftestmmap", O_RDWR); - if (fd < 0) - exit(1); - data2 = malloc(2 * pagesize); - if (!data2) - exit(1); - data2 += (pagesize - ((int) data2 & (pagesize - 1))) & (pagesize - 1); - if (data2 != mmap(data2, pagesize, PROT_READ | PROT_WRITE, - MAP_PRIVATE | MAP_FIXED, fd, 0L)) - exit(1); - for (i = 0; i < pagesize; ++i) - if (*(data + i) != *(data2 + i)) - exit(1); - - /* - * Finally, make sure that changes to the mapped area - * do not percolate back to the file as seen by read(). - * (This is a bug on some variants of i386 svr4.0.) - */ - for (i = 0; i < pagesize; ++i) - *(data2 + i) = *(data2 + i) + 1; - data3 = malloc(pagesize); - if (!data3) - exit(1); - if (read(fd, data3, pagesize) != pagesize) - exit(1); - for (i = 0; i < pagesize; ++i) - if (*(data + i) != *(data3 + i)) - exit(1); - close(fd); - unlink("conftestmmap"); - exit(0); -} - -EOF -if { (eval echo configure:6923: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_func_mmap_fixed_mapped=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_func_mmap_fixed_mapped=no -fi -rm -fr conftest* -fi - -fi - -echo "$ac_t""$ac_cv_func_mmap_fixed_mapped" 1>&6 -if test $ac_cv_func_mmap_fixed_mapped = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_MMAP 1 -EOF - -fi - -# The Ultrix 4.2 mips builtin alloca declared by alloca.h only works -# for constant arguments. Useless! -echo $ac_n "checking for working alloca.h""... $ac_c" 1>&6 -echo "configure:6948: checking for working alloca.h" >&5 -if eval "test \"`echo '$''{'ac_cv_header_alloca_h'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -int main() { -char *p = alloca(2 * sizeof(int)); -; return 0; } -EOF -if { (eval echo configure:6960: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_header_alloca_h=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_header_alloca_h=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_header_alloca_h" 1>&6 -if test $ac_cv_header_alloca_h = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_ALLOCA_H 1 -EOF - -fi - -echo $ac_n "checking for alloca""... $ac_c" 1>&6 -echo "configure:6981: checking for alloca" >&5 -if eval "test \"`echo '$''{'ac_cv_func_alloca_works'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -# define alloca _alloca -# else -# if HAVE_ALLOCA_H -# include -# else -# ifdef _AIX - #pragma alloca -# else -# ifndef alloca /* predefined by HP cc +Olibcalls */ -char *alloca (); -# endif -# endif -# endif -# endif -#endif - -int main() { -char *p = (char *) alloca(1); -; return 0; } -EOF -if { (eval echo configure:7014: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_func_alloca_works=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_func_alloca_works=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_alloca_works" 1>&6 -if test $ac_cv_func_alloca_works = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_ALLOCA 1 -EOF - -fi - -if test $ac_cv_func_alloca_works = no; then - # The SVR3 libPW and SVR4 libucb both contain incompatible functions - # that cause trouble. Some versions do not even contain alloca or - # contain a buggy version. If you still want to use their alloca, - # use ar to extract alloca.o from them instead of compiling alloca.c. - ALLOCA=alloca.${ac_objext} - cat >> confdefs.h <<\EOF -#define C_ALLOCA 1 -EOF - - -echo $ac_n "checking whether alloca needs Cray hooks""... $ac_c" 1>&6 -echo "configure:7046: checking whether alloca needs Cray hooks" >&5 -if eval "test \"`echo '$''{'ac_cv_os_cray'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext <&5 | - egrep "webecray" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_os_cray=yes -else - rm -rf conftest* - ac_cv_os_cray=no -fi -rm -f conftest* - -fi - -echo "$ac_t""$ac_cv_os_cray" 1>&6 -if test $ac_cv_os_cray = yes; then -for ac_func in _getb67 GETB67 getb67; do - echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7076: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7104: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - cat >> confdefs.h <&6 -fi - -done -fi - -echo $ac_n "checking stack direction for C alloca""... $ac_c" 1>&6 -echo "configure:7131: checking stack direction for C alloca" >&5 -if eval "test \"`echo '$''{'ac_cv_c_stack_direction'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test "$cross_compiling" = yes; then - ac_cv_c_stack_direction=0 -else - cat > conftest.$ac_ext < addr) ? 1 : -1; -} -main () -{ - exit (find_stack_direction() < 0); -} -EOF -if { (eval echo configure:7158: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_c_stack_direction=1 -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_c_stack_direction=-1 -fi -rm -fr conftest* -fi - -fi - -echo "$ac_t""$ac_cv_c_stack_direction" 1>&6 -cat >> confdefs.h <&6 -echo "configure:7184: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7212: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'` - cat >> confdefs.h <&6 -fi -done - -if test "$ac_cv_func_getlogin" = yes; then -echo $ac_n "checking if getlogin is posix""... $ac_c" 1>&6 -echo "configure:7238: checking if getlogin is posix" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getlogin_posix'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if test "$ac_cv_func_getlogin" = yes -a "$ac_cv_func_setlogin" = yes; then - ac_cv_func_getlogin_posix=no -else - ac_cv_func_getlogin_posix=yes -fi - -fi - -echo "$ac_t""$ac_cv_func_getlogin_posix" 1>&6 -if test "$ac_cv_func_getlogin_posix" = yes; then - cat >> confdefs.h <<\EOF -#define POSIX_GETLOGIN 1 -EOF - -fi -fi - - - - - - -echo $ac_n "checking for hstrerror""... $ac_c" 1>&6 -echo "configure:7266: checking for hstrerror" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_hstrerror'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_hstrerror\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" resolv; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext < -#endif -int main() { -hstrerror(17) -; return 0; } -EOF -if { (eval echo configure:7290: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_hstrerror=$ac_lib; else ac_cv_funclib_hstrerror=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_hstrerror=\${ac_cv_funclib_hstrerror-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_hstrerror" - -: << END -@@@funcs="$funcs hstrerror"@@@ -@@@libs="$libs "" resolv"@@@ -END - -# hstrerror -eval "ac_tr_func=HAVE_`echo hstrerror | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_hstrerror=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_hstrerror=yes" - eval "LIB_hstrerror=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_hstrerror=no" - eval "LIB_hstrerror=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_hstrerror=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test -n "$LIB_hstrerror"; then - LIBS="$LIB_hstrerror $LIBS" -fi - -if eval "test \"$ac_cv_func_hstrerror\" != yes"; then -LIBOBJS="$LIBOBJS hstrerror.o" -fi - -if test "$ac_cv_func_hstrerror" = yes; then - -if test "$ac_cv_func_hstrerror+set" != set -o "$ac_cv_func_hstrerror" = yes; then -echo $ac_n "checking if hstrerror needs a prototype""... $ac_c" 1>&6 -echo "configure:7361: checking if hstrerror needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_hstrerror_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -int main() { -struct foo { int foo; } xx; -extern int hstrerror (struct foo*); -hstrerror(&xx); - -; return 0; } -EOF -if { (eval echo configure:7379: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_hstrerror_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_hstrerror_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_hstrerror_noproto" 1>&6 - -if test "$ac_cv_func_hstrerror_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_HSTRERROR_PROTO 1 -EOF - -fi - -fi - -fi - -for ac_func in chown copyhostent daemon err errx fchown flock fnmatch freehostent -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7407: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7435: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs chown copyhostent daemon err errx fchown flock fnmatch freehostent"@@@ -END -done - -for ac_func in getcwd getdtablesize gethostname getipnodebyaddr getipnodebyname -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7468: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7496: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs getcwd getdtablesize gethostname getipnodebyaddr getipnodebyname"@@@ -END -done - -for ac_func in geteuid getgid getegid -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7529: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7557: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs geteuid getgid getegid"@@@ -END -done - -for ac_func in getopt getusershell -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7590: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7618: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs getopt getusershell"@@@ -END -done - -for ac_func in inet_aton inet_ntop inet_pton initgroups innetgr iruserok lstat -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7651: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7679: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs inet_aton inet_ntop inet_pton initgroups innetgr iruserok lstat"@@@ -END -done - -for ac_func in memmove -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7712: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7740: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs memmove"@@@ -END -done - -for ac_func in mkstemp putenv rcmd readv recvmsg sendmsg setegid setenv seteuid -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7773: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7801: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs mkstemp putenv rcmd readv recvmsg sendmsg setegid setenv seteuid"@@@ -END -done - -for ac_func in strcasecmp strncasecmp strdup strerror strftime -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7834: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7862: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs strcasecmp strncasecmp strdup strerror strftime"@@@ -END -done - -for ac_func in strlcat strlcpy strlwr -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7895: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7923: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs strlcat strlcpy strlwr"@@@ -END -done - -for ac_func in strndup strnlen strptime strsep strtok_r strupr -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:7956: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:7984: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs strndup strnlen strptime strsep strtok_r strupr"@@@ -END -done - -for ac_func in swab unsetenv verr verrx vsyslog -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:8017: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:8045: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs swab unsetenv verr verrx vsyslog"@@@ -END -done - -for ac_func in vwarn vwarnx warn warnx writev -do -echo $ac_n "checking for $ac_func""... $ac_c" 1>&6 -echo "configure:8078: checking for $ac_func" >&5 -if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char $ac_func(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_$ac_func) || defined (__stub___$ac_func) -choke me -#else -$ac_func(); -#endif - -; return 0; } -EOF -if { (eval echo configure:8106: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_$ac_func=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_$ac_func=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then - echo "$ac_t""yes" 1>&6 - -ac_tr_func=HAVE_`echo $ac_func | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ` -cat >> confdefs.h <&6 -LIBOBJS="$LIBOBJS ${ac_func}.o" -fi - -: << END -@@@funcs="$funcs vwarn vwarnx warn warnx writev"@@@ -END -done - - -if test "$ac_cv_func_gethostname" = "yes"; then - -if test "$ac_cv_func_gethostname+set" != set -o "$ac_cv_func_gethostname" = yes; then -echo $ac_n "checking if gethostname needs a prototype""... $ac_c" 1>&6 -echo "configure:8141: checking if gethostname needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_gethostname_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -int main() { -struct foo { int foo; } xx; -extern int gethostname (struct foo*); -gethostname(&xx); - -; return 0; } -EOF -if { (eval echo configure:8157: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_gethostname_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_gethostname_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_gethostname_noproto" 1>&6 - -if test "$ac_cv_func_gethostname_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_GETHOSTNAME_PROTO 1 -EOF - -fi - -fi - -fi - -if test "$ac_cv_func_mkstemp" = "yes"; then - -if test "$ac_cv_func_mkstemp+set" != set -o "$ac_cv_func_mkstemp" = yes; then -echo $ac_n "checking if mkstemp needs a prototype""... $ac_c" 1>&6 -echo "configure:8186: checking if mkstemp needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_mkstemp_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -int main() { -struct foo { int foo; } xx; -extern int mkstemp (struct foo*); -mkstemp(&xx); - -; return 0; } -EOF -if { (eval echo configure:8202: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_mkstemp_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_mkstemp_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_mkstemp_noproto" 1>&6 - -if test "$ac_cv_func_mkstemp_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_MKSTEMP_PROTO 1 -EOF - -fi - -fi - -fi - -if test "$ac_cv_func_inet_aton" = "yes"; then - -if test "$ac_cv_func_inet_aton+set" != set -o "$ac_cv_func_inet_aton" = yes; then -echo $ac_n "checking if inet_aton needs a prototype""... $ac_c" 1>&6 -echo "configure:8231: checking if inet_aton needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_inet_aton_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -int main() { -struct foo { int foo; } xx; -extern int inet_aton (struct foo*); -inet_aton(&xx); - -; return 0; } -EOF -if { (eval echo configure:8258: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_inet_aton_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_inet_aton_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_inet_aton_noproto" 1>&6 - -if test "$ac_cv_func_inet_aton_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_INET_ATON_PROTO 1 -EOF - -fi - -fi - -fi - -echo $ac_n "checking if realloc is broken""... $ac_c" 1>&6 -echo "configure:8284: checking if realloc is broken" >&5 -if eval "test \"`echo '$''{'ac_cv_func_realloc_broken'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -ac_cv_func_realloc_broken=no -if test "$cross_compiling" = yes; then - : -else - cat > conftest.$ac_ext < -#include - -int main() -{ - return realloc(NULL, 17) == NULL; -} - -EOF -if { (eval echo configure:8306: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - : -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_func_realloc_broken=yes -fi -rm -fr conftest* -fi - - -fi - -echo "$ac_t""$ac_cv_func_realloc_broken" 1>&6 -if test "$ac_cv_func_realloc_broken" = yes ; then - cat >> confdefs.h <<\EOF -#define BROKEN_REALLOC 1 -EOF - -fi - - -if test "$ac_cv_func_getcwd" = yes; then -echo $ac_n "checking if getcwd is broken""... $ac_c" 1>&6 -echo "configure:8332: checking if getcwd is broken" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getcwd_broken'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -ac_cv_func_getcwd_broken=no - -if test "$cross_compiling" = yes; then - : -else - cat > conftest.$ac_ext < -char *getcwd(char*, int); - -void *popen(char *cmd, char *mode) -{ - errno = ENOTTY; - return 0; -} - -int main() -{ - char *ret; - ret = getcwd(0, 1024); - if(ret == 0 && errno == ENOTTY) - return 0; - return 1; -} - -EOF -if { (eval echo configure:8365: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_func_getcwd_broken=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - : -fi -rm -fr conftest* -fi - - -fi - -if test "$ac_cv_func_getcwd_broken" = yes; then - cat >> confdefs.h <<\EOF -#define BROKEN_GETCWD 1 -EOF - LIBOBJS="$LIBOBJS getcwd.o" - echo "$ac_t""$ac_cv_func_getcwd_broken" 1>&6 -else - echo "$ac_t""seems ok" 1>&6 -fi -fi - - - -echo $ac_n "checking which authentication modules should be built""... $ac_c" 1>&6 -echo "configure:8394: checking which authentication modules should be built" >&5 - -LIB_AUTH_SUBDIRS= - -if test "$ac_cv_header_siad_h" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia" -fi - -if test "$ac_cv_header_security_pam_modules_h" = yes -a "$enable_shared" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam" -fi - -case "${host}" in -*-*-irix[56]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;; -esac - -echo "$ac_t""$LIB_AUTH_SUBDIRS" 1>&6 - - - - -echo $ac_n "checking if gethostbyname is compatible with system prototype""... $ac_c" 1>&6 -echo "configure:8416: checking if gethostbyname is compatible with system prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_gethostbyname_proto_compat'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -int main() { -struct hostent *gethostbyname(const char *); -; return 0; } -EOF -if { (eval echo configure:8444: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_gethostbyname_proto_compat=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_gethostbyname_proto_compat=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_gethostbyname_proto_compat" 1>&6 - -if test "$ac_cv_func_gethostbyname_proto_compat" = yes; then - cat >> confdefs.h <<\EOF -#define GETHOSTBYNAME_PROTO_COMPATIBLE 1 -EOF - -fi - - - - -echo $ac_n "checking if gethostbyaddr is compatible with system prototype""... $ac_c" 1>&6 -echo "configure:8469: checking if gethostbyaddr is compatible with system prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_gethostbyaddr_proto_compat'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -int main() { -struct hostent *gethostbyaddr(const void *, size_t, int); -; return 0; } -EOF -if { (eval echo configure:8497: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_gethostbyaddr_proto_compat=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_gethostbyaddr_proto_compat=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_gethostbyaddr_proto_compat" 1>&6 - -if test "$ac_cv_func_gethostbyaddr_proto_compat" = yes; then - cat >> confdefs.h <<\EOF -#define GETHOSTBYADDR_PROTO_COMPATIBLE 1 -EOF - -fi - - - - -echo $ac_n "checking if getservbyname is compatible with system prototype""... $ac_c" 1>&6 -echo "configure:8522: checking if getservbyname is compatible with system prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getservbyname_proto_compat'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -int main() { -struct servent *getservbyname(const char *, const char *); -; return 0; } -EOF -if { (eval echo configure:8550: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_getservbyname_proto_compat=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_getservbyname_proto_compat=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_getservbyname_proto_compat" 1>&6 - -if test "$ac_cv_func_getservbyname_proto_compat" = yes; then - cat >> confdefs.h <<\EOF -#define GETSERVBYNAME_PROTO_COMPATIBLE 1 -EOF - -fi - - - - -echo $ac_n "checking if openlog is compatible with system prototype""... $ac_c" 1>&6 -echo "configure:8575: checking if openlog is compatible with system prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_openlog_proto_compat'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif - -int main() { -void openlog(const char *, int, int); -; return 0; } -EOF -if { (eval echo configure:8591: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_openlog_proto_compat=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_openlog_proto_compat=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_openlog_proto_compat" 1>&6 - -if test "$ac_cv_func_openlog_proto_compat" = yes; then - cat >> confdefs.h <<\EOF -#define OPENLOG_PROTO_COMPATIBLE 1 -EOF - -fi - - - - -if test "$ac_cv_func_crypt+set" != set -o "$ac_cv_func_crypt" = yes; then -echo $ac_n "checking if crypt needs a prototype""... $ac_c" 1>&6 -echo "configure:8617: checking if crypt needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_crypt_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -int main() { -struct foo { int foo; } xx; -extern int crypt (struct foo*); -crypt(&xx); - -; return 0; } -EOF -if { (eval echo configure:8639: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_crypt_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_crypt_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_crypt_noproto" 1>&6 - -if test "$ac_cv_func_crypt_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_CRYPT_PROTO 1 -EOF - -fi - -fi - - - -if test "$ac_cv_func_fclose+set" != set -o "$ac_cv_func_fclose" = yes; then -echo $ac_n "checking if fclose needs a prototype""... $ac_c" 1>&6 -echo "configure:8666: checking if fclose needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_fclose_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < - -int main() { -struct foo { int foo; } xx; -extern int fclose (struct foo*); -fclose(&xx); - -; return 0; } -EOF -if { (eval echo configure:8683: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_fclose_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_fclose_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_fclose_noproto" 1>&6 - -if test "$ac_cv_func_fclose_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_FCLOSE_PROTO 1 -EOF - -fi - -fi - - - -if test "$ac_cv_func_strtok_r+set" != set -o "$ac_cv_func_strtok_r" = yes; then -echo $ac_n "checking if strtok_r needs a prototype""... $ac_c" 1>&6 -echo "configure:8710: checking if strtok_r needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_strtok_r_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < - -int main() { -struct foo { int foo; } xx; -extern int strtok_r (struct foo*); -strtok_r(&xx); - -; return 0; } -EOF -if { (eval echo configure:8727: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_strtok_r_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_strtok_r_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_strtok_r_noproto" 1>&6 - -if test "$ac_cv_func_strtok_r_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_STRTOK_R_PROTO 1 -EOF - -fi - -fi - - - -if test "$ac_cv_func_strsep+set" != set -o "$ac_cv_func_strsep" = yes; then -echo $ac_n "checking if strsep needs a prototype""... $ac_c" 1>&6 -echo "configure:8754: checking if strsep needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_strsep_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < - -int main() { -struct foo { int foo; } xx; -extern int strsep (struct foo*); -strsep(&xx); - -; return 0; } -EOF -if { (eval echo configure:8771: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_strsep_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_strsep_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_strsep_noproto" 1>&6 - -if test "$ac_cv_func_strsep_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_STRSEP_PROTO 1 -EOF - -fi - -fi - - - -if test "$ac_cv_func_getusershell+set" != set -o "$ac_cv_func_getusershell" = yes; then -echo $ac_n "checking if getusershell needs a prototype""... $ac_c" 1>&6 -echo "configure:8798: checking if getusershell needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getusershell_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < - -int main() { -struct foo { int foo; } xx; -extern int getusershell (struct foo*); -getusershell(&xx); - -; return 0; } -EOF -if { (eval echo configure:8815: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_getusershell_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_getusershell_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_getusershell_noproto" 1>&6 - -if test "$ac_cv_func_getusershell_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_GETUSERSHELL_PROTO 1 -EOF - -fi - -fi - - - -if test "$ac_cv_func_utime+set" != set -o "$ac_cv_func_utime" = yes; then -echo $ac_n "checking if utime needs a prototype""... $ac_c" 1>&6 -echo "configure:8842: checking if utime needs a prototype" >&5 -if eval "test \"`echo '$''{'ac_cv_func_utime_noproto'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#endif - -int main() { -struct foo { int foo; } xx; -extern int utime (struct foo*); -utime(&xx); - -; return 0; } -EOF -if { (eval echo configure:8861: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_func_utime_noproto=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_utime_noproto=no" -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_utime_noproto" 1>&6 - -if test "$ac_cv_func_utime_noproto" = yes; then - cat >> confdefs.h <<\EOF -#define NEED_UTIME_PROTO 1 -EOF - -fi - -fi - - - -echo $ac_n "checking for h_errno""... $ac_c" 1>&6 -echo "configure:8887: checking for h_errno" >&5 -if eval "test \"`echo '$''{'ac_cv_var_h_errno'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_var_h_errno=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_var_h_errno=no -fi -rm -f conftest* - -fi - - - -echo "$ac_t""`eval echo \\$ac_cv_var_h_errno`" 1>&6 -if test `eval echo \\$ac_cv_var_h_errno` = yes; then - cat >> confdefs.h <&6 -echo "configure:8924: checking if h_errno is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_h_errno_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#endif -#ifdef HAVE_NETDB_H -#include -#endif -extern struct { int foo; } h_errno; -int main() { -h_errno.foo = 1; -; return 0; } -EOF -if { (eval echo configure:8943: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_h_errno_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_h_errno_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_h_errno_declaration" 1>&6 -if eval "test \"\$ac_cv_var_h_errno_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_H_ERRNO_DECLARATION 1 -EOF - -fi - - -fi - - - - -echo $ac_n "checking for h_errlist""... $ac_c" 1>&6 -echo "configure:8974: checking for h_errlist" >&5 -if eval "test \"`echo '$''{'ac_cv_var_h_errlist'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_var_h_errlist=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_var_h_errlist=no -fi -rm -f conftest* - -fi - - - -echo "$ac_t""`eval echo \\$ac_cv_var_h_errlist`" 1>&6 -if test `eval echo \\$ac_cv_var_h_errlist` = yes; then - cat >> confdefs.h <&6 -echo "configure:9011: checking if h_errlist is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_h_errlist_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#endif -extern struct { int foo; } h_errlist; -int main() { -h_errlist.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9027: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_h_errlist_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_h_errlist_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_h_errlist_declaration" 1>&6 -if eval "test \"\$ac_cv_var_h_errlist_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_H_ERRLIST_DECLARATION 1 -EOF - -fi - - -fi - - - - -echo $ac_n "checking for h_nerr""... $ac_c" 1>&6 -echo "configure:9058: checking for h_nerr" >&5 -if eval "test \"`echo '$''{'ac_cv_var_h_nerr'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_var_h_nerr=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_var_h_nerr=no -fi -rm -f conftest* - -fi - - - -echo "$ac_t""`eval echo \\$ac_cv_var_h_nerr`" 1>&6 -if test `eval echo \\$ac_cv_var_h_nerr` = yes; then - cat >> confdefs.h <&6 -echo "configure:9095: checking if h_nerr is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_h_nerr_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#endif -extern struct { int foo; } h_nerr; -int main() { -h_nerr.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9111: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_h_nerr_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_h_nerr_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_h_nerr_declaration" 1>&6 -if eval "test \"\$ac_cv_var_h_nerr_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_H_NERR_DECLARATION 1 -EOF - -fi - - -fi - - - - -echo $ac_n "checking for __progname""... $ac_c" 1>&6 -echo "configure:9142: checking for __progname" >&5 -if eval "test \"`echo '$''{'ac_cv_var___progname'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_var___progname=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_var___progname=no -fi -rm -f conftest* - -fi - - - -echo "$ac_t""`eval echo \\$ac_cv_var___progname`" 1>&6 -if test `eval echo \\$ac_cv_var___progname` = yes; then - cat >> confdefs.h <&6 -echo "configure:9179: checking if __progname is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var___progname_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#endif -extern struct { int foo; } __progname; -int main() { -__progname.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9195: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var___progname_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var___progname_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var___progname_declaration" 1>&6 -if eval "test \"\$ac_cv_var___progname_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE___PROGNAME_DECLARATION 1 -EOF - -fi - - -fi - - - - -echo $ac_n "checking if optarg is properly declared""... $ac_c" 1>&6 -echo "configure:9226: checking if optarg is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_optarg_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#ifdef HAVE_UNISTD_H -#include -#endif -extern struct { int foo; } optarg; -int main() { -optarg.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9243: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_optarg_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_optarg_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_optarg_declaration" 1>&6 -if eval "test \"\$ac_cv_var_optarg_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_OPTARG_DECLARATION 1 -EOF - -fi - - - -echo $ac_n "checking if optind is properly declared""... $ac_c" 1>&6 -echo "configure:9270: checking if optind is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_optind_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#ifdef HAVE_UNISTD_H -#include -#endif -extern struct { int foo; } optind; -int main() { -optind.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9287: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_optind_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_optind_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_optind_declaration" 1>&6 -if eval "test \"\$ac_cv_var_optind_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_OPTIND_DECLARATION 1 -EOF - -fi - - - -echo $ac_n "checking if opterr is properly declared""... $ac_c" 1>&6 -echo "configure:9314: checking if opterr is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_opterr_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#ifdef HAVE_UNISTD_H -#include -#endif -extern struct { int foo; } opterr; -int main() { -opterr.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9331: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_opterr_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_opterr_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_opterr_declaration" 1>&6 -if eval "test \"\$ac_cv_var_opterr_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_OPTERR_DECLARATION 1 -EOF - -fi - - - -echo $ac_n "checking if optopt is properly declared""... $ac_c" 1>&6 -echo "configure:9358: checking if optopt is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_optopt_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#ifdef HAVE_UNISTD_H -#include -#endif -extern struct { int foo; } optopt; -int main() { -optopt.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9375: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_optopt_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_optopt_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_optopt_declaration" 1>&6 -if eval "test \"\$ac_cv_var_optopt_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_OPTOPT_DECLARATION 1 -EOF - -fi - - - - -echo $ac_n "checking if environ is properly declared""... $ac_c" 1>&6 -echo "configure:9403: checking if environ is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_environ_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -extern struct { int foo; } environ; -int main() { -environ.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9417: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_environ_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_environ_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_environ_declaration" 1>&6 -if eval "test \"\$ac_cv_var_environ_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_ENVIRON_DECLARATION 1 -EOF - -fi - - - -echo $ac_n "checking return type of signal handlers""... $ac_c" 1>&6 -echo "configure:9444: checking return type of signal handlers" >&5 -if eval "test \"`echo '$''{'ac_cv_type_signal'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#include -#ifdef signal -#undef signal -#endif -#ifdef __cplusplus -extern "C" void (*signal (int, void (*)(int)))(int); -#else -void (*signal ()) (); -#endif - -int main() { -int i; -; return 0; } -EOF -if { (eval echo configure:9466: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_signal=void -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_signal=int -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_signal" 1>&6 -cat >> confdefs.h <> confdefs.h <<\EOF -#define VOID_RETSIGTYPE 1 -EOF - -fi - - - - -echo $ac_n "checking for ut_addr in struct utmp""... $ac_c" 1>&6 -echo "configure:9495: checking for ut_addr in struct utmp" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_addr'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmp x; x.ut_addr; -; return 0; } -EOF -if { (eval echo configure:9509: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmp_ut_addr=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmp_ut_addr=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmp_ut_addr" 1>&6 -if test "$ac_cv_type_struct_utmp_ut_addr" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMP_UT_ADDR 1 -EOF - - -fi - - - - -echo $ac_n "checking for ut_host in struct utmp""... $ac_c" 1>&6 -echo "configure:9535: checking for ut_host in struct utmp" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_host'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmp x; x.ut_host; -; return 0; } -EOF -if { (eval echo configure:9549: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmp_ut_host=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmp_ut_host=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmp_ut_host" 1>&6 -if test "$ac_cv_type_struct_utmp_ut_host" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMP_UT_HOST 1 -EOF - - -fi - - - - -echo $ac_n "checking for ut_id in struct utmp""... $ac_c" 1>&6 -echo "configure:9575: checking for ut_id in struct utmp" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_id'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmp x; x.ut_id; -; return 0; } -EOF -if { (eval echo configure:9589: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmp_ut_id=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmp_ut_id=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmp_ut_id" 1>&6 -if test "$ac_cv_type_struct_utmp_ut_id" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMP_UT_ID 1 -EOF - - -fi - - - - -echo $ac_n "checking for ut_pid in struct utmp""... $ac_c" 1>&6 -echo "configure:9615: checking for ut_pid in struct utmp" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_pid'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmp x; x.ut_pid; -; return 0; } -EOF -if { (eval echo configure:9629: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmp_ut_pid=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmp_ut_pid=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmp_ut_pid" 1>&6 -if test "$ac_cv_type_struct_utmp_ut_pid" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMP_UT_PID 1 -EOF - - -fi - - - - -echo $ac_n "checking for ut_type in struct utmp""... $ac_c" 1>&6 -echo "configure:9655: checking for ut_type in struct utmp" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_type'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmp x; x.ut_type; -; return 0; } -EOF -if { (eval echo configure:9669: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmp_ut_type=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmp_ut_type=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmp_ut_type" 1>&6 -if test "$ac_cv_type_struct_utmp_ut_type" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMP_UT_TYPE 1 -EOF - - -fi - - - - -echo $ac_n "checking for ut_user in struct utmp""... $ac_c" 1>&6 -echo "configure:9695: checking for ut_user in struct utmp" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmp_ut_user'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmp x; x.ut_user; -; return 0; } -EOF -if { (eval echo configure:9709: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmp_ut_user=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmp_ut_user=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmp_ut_user" 1>&6 -if test "$ac_cv_type_struct_utmp_ut_user" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMP_UT_USER 1 -EOF - - -fi - - - - -echo $ac_n "checking for ut_exit in struct utmpx""... $ac_c" 1>&6 -echo "configure:9735: checking for ut_exit in struct utmpx" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmpx_ut_exit'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmpx x; x.ut_exit; -; return 0; } -EOF -if { (eval echo configure:9749: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmpx_ut_exit=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmpx_ut_exit=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmpx_ut_exit" 1>&6 -if test "$ac_cv_type_struct_utmpx_ut_exit" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMPX_UT_EXIT 1 -EOF - - -fi - - - - -echo $ac_n "checking for ut_syslen in struct utmpx""... $ac_c" 1>&6 -echo "configure:9775: checking for ut_syslen in struct utmpx" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_utmpx_ut_syslen'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < - #include -int main() { -struct utmpx x; x.ut_syslen; -; return 0; } -EOF -if { (eval echo configure:9789: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_utmpx_ut_syslen=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_utmpx_ut_syslen=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_utmpx_ut_syslen" 1>&6 -if test "$ac_cv_type_struct_utmpx_ut_syslen" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_UTMPX_UT_SYSLEN 1 -EOF - - -fi - - - - - - -echo $ac_n "checking for tm_gmtoff in struct tm""... $ac_c" 1>&6 -echo "configure:9817: checking for tm_gmtoff in struct tm" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_tm_tm_gmtoff'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -int main() { -struct tm x; x.tm_gmtoff; -; return 0; } -EOF -if { (eval echo configure:9830: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_tm_tm_gmtoff=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_tm_tm_gmtoff=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_tm_tm_gmtoff" 1>&6 -if test "$ac_cv_type_struct_tm_tm_gmtoff" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_TM_TM_GMTOFF 1 -EOF - - -fi - - - - -echo $ac_n "checking for tm_zone in struct tm""... $ac_c" 1>&6 -echo "configure:9856: checking for tm_zone in struct tm" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_tm_tm_zone'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -int main() { -struct tm x; x.tm_zone; -; return 0; } -EOF -if { (eval echo configure:9869: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_tm_tm_zone=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_tm_tm_zone=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_tm_tm_zone" 1>&6 -if test "$ac_cv_type_struct_tm_tm_zone" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_TM_TM_ZONE 1 -EOF - - -fi - - - - - -echo $ac_n "checking for timezone""... $ac_c" 1>&6 -echo "configure:9896: checking for timezone" >&5 -if eval "test \"`echo '$''{'ac_cv_var_timezone'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - ac_cv_var_timezone=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_var_timezone=no -fi -rm -f conftest* - -fi - - - -echo "$ac_t""`eval echo \\$ac_cv_var_timezone`" 1>&6 -if test `eval echo \\$ac_cv_var_timezone` = yes; then - cat >> confdefs.h <&6 -echo "configure:9933: checking if timezone is properly declared" >&5 -if eval "test \"`echo '$''{'ac_cv_var_timezone_declaration'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -extern struct { int foo; } timezone; -int main() { -timezone.foo = 1; -; return 0; } -EOF -if { (eval echo configure:9947: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_var_timezone_declaration=no" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_var_timezone_declaration=yes" -fi -rm -f conftest* - -fi - - - - -echo "$ac_t""$ac_cv_var_timezone_declaration" 1>&6 -if eval "test \"\$ac_cv_var_timezone_declaration\" = yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_TIMEZONE_DECLARATION 1 -EOF - -fi - - -fi - - - - -cv=`echo "sa_family_t" | sed 'y%./+- %__p__%'` -echo $ac_n "checking for sa_family_t""... $ac_c" 1>&6 -echo "configure:9979: checking for sa_family_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_$cv'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif -#include -int main() { -sa_family_t foo; -; return 0; } -EOF -if { (eval echo configure:9996: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_type_$cv=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_type_$cv=no" -fi -rm -f conftest* -fi -echo "$ac_t""`eval echo \\$ac_cv_type_$cv`" 1>&6 -if test `eval echo \\$ac_cv_type_$cv` = yes; then - ac_tr_hdr=HAVE_`echo sa_family_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` - -: << END -@@@funcs="$funcs sa_family_t"@@@ -END - - cat >> confdefs.h <&6 -echo "configure:10025: checking for socklen_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_$cv'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif -#include -int main() { -socklen_t foo; -; return 0; } -EOF -if { (eval echo configure:10042: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_type_$cv=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_type_$cv=no" -fi -rm -f conftest* -fi -echo "$ac_t""`eval echo \\$ac_cv_type_$cv`" 1>&6 -if test `eval echo \\$ac_cv_type_$cv` = yes; then - ac_tr_hdr=HAVE_`echo socklen_t | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` - -: << END -@@@funcs="$funcs socklen_t"@@@ -END - - cat >> confdefs.h <&6 -echo "configure:10071: checking for struct sockaddr_storage" >&5 -if eval "test \"`echo '$''{'ac_cv_type_$cv'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif -#include -int main() { -struct sockaddr_storage foo; -; return 0; } -EOF -if { (eval echo configure:10088: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - eval "ac_cv_type_$cv=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_type_$cv=no" -fi -rm -f conftest* -fi -echo "$ac_t""`eval echo \\$ac_cv_type_$cv`" 1>&6 -if test `eval echo \\$ac_cv_type_$cv` = yes; then - ac_tr_hdr=HAVE_`echo struct sockaddr_storage | sed 'y%abcdefghijklmnopqrstuvwxyz./- %ABCDEFGHIJKLMNOPQRSTUVWXYZ____%'` - -: << END -@@@funcs="$funcs struct_sockaddr_storage"@@@ -END - - cat >> confdefs.h <&6 -echo "configure:10116: checking for struct spwd" >&5 -if eval "test \"`echo '$''{'ac_cv_struct_spwd'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#ifdef HAVE_SHADOW_H -#include -#endif -int main() { -struct spwd foo; -; return 0; } -EOF -if { (eval echo configure:10132: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_struct_spwd=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_struct_spwd=no -fi -rm -f conftest* - -fi - -echo "$ac_t""$ac_cv_struct_spwd" 1>&6 - -if test "$ac_cv_struct_spwd" = "yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_SPWD 1 -EOF - -fi - - -echo $ac_n "checking for st_blksize in struct stat""... $ac_c" 1>&6 -echo "configure:10156: checking for st_blksize in struct stat" >&5 -if eval "test \"`echo '$''{'ac_cv_struct_st_blksize'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#include -int main() { -struct stat s; s.st_blksize; -; return 0; } -EOF -if { (eval echo configure:10169: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_struct_st_blksize=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_struct_st_blksize=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_struct_st_blksize" 1>&6 -if test $ac_cv_struct_st_blksize = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_ST_BLKSIZE 1 -EOF - -fi - - - - -echo $ac_n "checking for struct winsize""... $ac_c" 1>&6 -echo "configure:10193: checking for struct winsize" >&5 -if eval "test \"`echo '$''{'ac_cv_struct_winsize'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -ac_cv_struct_winsize=no -for i in sys/termios.h sys/ioctl.h; do -cat > conftest.$ac_ext < -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "struct[ ]*winsize" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_struct_winsize=yes; break -fi -rm -f conftest* -done - -fi - -if test "$ac_cv_struct_winsize" = "yes"; then - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_WINSIZE 1 -EOF - -fi -echo "$ac_t""$ac_cv_struct_winsize" 1>&6 -cat > conftest.$ac_ext < -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "ws_xpixel" >/dev/null 2>&1; then - rm -rf conftest* - cat >> confdefs.h <<\EOF -#define HAVE_WS_XPIXEL 1 -EOF - -fi -rm -f conftest* - -cat > conftest.$ac_ext < -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "ws_ypixel" >/dev/null 2>&1; then - rm -rf conftest* - cat >> confdefs.h <<\EOF -#define HAVE_WS_YPIXEL 1 -EOF - -fi -rm -f conftest* - - - - -echo $ac_n "checking for pid_t""... $ac_c" 1>&6 -echo "configure:10256: checking for pid_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_pid_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "(^|[^a-zA-Z_0-9])pid_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_pid_t=yes -else - rm -rf conftest* - ac_cv_type_pid_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_pid_t" 1>&6 -if test $ac_cv_type_pid_t = no; then - cat >> confdefs.h <<\EOF -#define pid_t int -EOF - -fi - -echo $ac_n "checking for uid_t in sys/types.h""... $ac_c" 1>&6 -echo "configure:10289: checking for uid_t in sys/types.h" >&5 -if eval "test \"`echo '$''{'ac_cv_type_uid_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "uid_t" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_uid_t=yes -else - rm -rf conftest* - ac_cv_type_uid_t=no -fi -rm -f conftest* - -fi - -echo "$ac_t""$ac_cv_type_uid_t" 1>&6 -if test $ac_cv_type_uid_t = no; then - cat >> confdefs.h <<\EOF -#define uid_t int -EOF - - cat >> confdefs.h <<\EOF -#define gid_t int -EOF - -fi - -echo $ac_n "checking for off_t""... $ac_c" 1>&6 -echo "configure:10323: checking for off_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_off_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "(^|[^a-zA-Z_0-9])off_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_off_t=yes -else - rm -rf conftest* - ac_cv_type_off_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_off_t" 1>&6 -if test $ac_cv_type_off_t = no; then - cat >> confdefs.h <<\EOF -#define off_t long -EOF - -fi - -echo $ac_n "checking for size_t""... $ac_c" 1>&6 -echo "configure:10356: checking for size_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "(^|[^a-zA-Z_0-9])size_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_size_t=yes -else - rm -rf conftest* - ac_cv_type_size_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_size_t" 1>&6 -if test $ac_cv_type_size_t = no; then - cat >> confdefs.h <<\EOF -#define size_t unsigned -EOF - -fi - - -echo $ac_n "checking for ssize_t""... $ac_c" 1>&6 -echo "configure:10390: checking for ssize_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_ssize_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "ssize_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_ssize_t=yes -else - rm -rf conftest* - ac_cv_type_ssize_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_ssize_t" 1>&6 -if test $ac_cv_type_ssize_t = no; then - cat >> confdefs.h <<\EOF -#define ssize_t int -EOF - -fi - - -echo $ac_n "checking for sig_atomic_t""... $ac_c" 1>&6 -echo "configure:10428: checking for sig_atomic_t" >&5 -if eval "test \"`echo '$''{'ac_cv_type_sig_atomic_t'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -#if STDC_HEADERS -#include -#include -#endif -#include -EOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - egrep "sig_atomic_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then - rm -rf conftest* - ac_cv_type_sig_atomic_t=yes -else - rm -rf conftest* - ac_cv_type_sig_atomic_t=no -fi -rm -f conftest* - -fi -echo "$ac_t""$ac_cv_type_sig_atomic_t" 1>&6 -if test $ac_cv_type_sig_atomic_t = no; then - cat >> confdefs.h <<\EOF -#define sig_atomic_t int -EOF - -fi - - - -echo $ac_n "checking for broken sys/socket.h""... $ac_c" 1>&6 -echo "configure:10464: checking for broken sys/socket.h" >&5 -if eval "test \"`echo '$''{'krb_cv_header_sys_socket_h_broken'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#include -#include -int main() { - -; return 0; } -EOF -if { (eval echo configure:10479: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - krb_cv_header_sys_socket_h_broken=no -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - krb_cv_header_sys_socket_h_broken=yes -fi -rm -f conftest* -fi - -echo "$ac_t""$krb_cv_header_sys_socket_h_broken" 1>&6 - - - -echo $ac_n "checking for broken netdb.h""... $ac_c" 1>&6 -echo "configure:10496: checking for broken netdb.h" >&5 -if eval "test \"`echo '$''{'krb_cv_header_netdb_h_broken'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#include -#include -int main() { - -; return 0; } -EOF -if { (eval echo configure:10511: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - krb_cv_header_netdb_h_broken=no -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - krb_cv_header_netdb_h_broken=yes -fi -rm -f conftest* -fi - -echo "$ac_t""$krb_cv_header_netdb_h_broken" 1>&6 - -if test "$krb_cv_header_netdb_h_broken" = "yes"; then - EXTRA_HEADERS="$EXTRA_HEADERS netdb.h" -fi - - - - -echo $ac_n "checking for sa_len in struct sockaddr""... $ac_c" 1>&6 -echo "configure:10533: checking for sa_len in struct sockaddr" >&5 -if eval "test \"`echo '$''{'ac_cv_type_struct_sockaddr_sa_len'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -#include -int main() { -struct sockaddr x; x.sa_len; -; return 0; } -EOF -if { (eval echo configure:10547: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_struct_sockaddr_sa_len=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_struct_sockaddr_sa_len=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_struct_sockaddr_sa_len" 1>&6 -if test "$ac_cv_type_struct_sockaddr_sa_len" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_STRUCT_SOCKADDR_SA_LEN 1 -EOF - - -fi - - - - -if test "$ac_cv_header_siad_h" = yes; then - - -echo $ac_n "checking for ouid in SIAENTITY""... $ac_c" 1>&6 -echo "configure:10576: checking for ouid in SIAENTITY" >&5 -if eval "test \"`echo '$''{'ac_cv_type_siaentity_ouid'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -cat > conftest.$ac_ext < -int main() { -SIAENTITY x; x.ouid; -; return 0; } -EOF -if { (eval echo configure:10589: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_type_siaentity_ouid=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_type_siaentity_ouid=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_type_siaentity_ouid" 1>&6 -if test "$ac_cv_type_siaentity_ouid" = yes; then - - cat >> confdefs.h <<\EOF -#define HAVE_SIAENTITY_OUID 1 -EOF - - -fi - - -fi - - -echo $ac_n "checking for getmsg""... $ac_c" 1>&6 -echo "configure:10616: checking for getmsg" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getmsg'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - cat > conftest.$ac_ext < -/* Override any gcc2 internal prototype to avoid an error. */ -/* We use char because int might match the return type of a gcc2 - builtin and then its argument prototype would still apply. */ -char getmsg(); - -int main() { - -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined (__stub_getmsg) || defined (__stub___getmsg) -choke me -#else -getmsg(); -#endif - -; return 0; } -EOF -if { (eval echo configure:10644: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "ac_cv_func_getmsg=yes" -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - eval "ac_cv_func_getmsg=no" -fi -rm -f conftest* -fi - -if eval "test \"`echo '$ac_cv_func_'getmsg`\" = yes"; then - echo "$ac_t""yes" 1>&6 - : -else - echo "$ac_t""no" 1>&6 -fi - - -if test "$ac_cv_func_getmsg" = "yes"; then - -echo $ac_n "checking for working getmsg""... $ac_c" 1>&6 -echo "configure:10667: checking for working getmsg" >&5 -if eval "test \"`echo '$''{'ac_cv_func_getmsg_work'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if test "$cross_compiling" = yes; then - ac_cv_func_getmsg_work=no -else - cat > conftest.$ac_ext < -#include - -int main() -{ - int ret; - ret = getmsg(open("/dev/null", 0), NULL, NULL, NULL); - if(ret < 0 && errno == ENOSYS) - return 1; - return 0; -} - -EOF -if { (eval echo configure:10691: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null -then - ac_cv_func_getmsg_work=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -fr conftest* - ac_cv_func_getmsg_work=no -fi -rm -fr conftest* -fi - -fi - -echo "$ac_t""$ac_cv_func_getmsg_work" 1>&6 -test "$ac_cv_func_getmsg_work" = "yes" && -cat >> confdefs.h <<\EOF -#define HAVE_GETMSG 1 -EOF - - -fi - - - - - - -echo $ac_n "checking for el_init""... $ac_c" 1>&6 -echo "configure:10720: checking for el_init" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_el_init'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_el_init\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" edit; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $LIB_tgetent $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_el_init=$ac_lib; else ac_cv_funclib_el_init=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_el_init=\${ac_cv_funclib_el_init-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_el_init" - -: << END -@@@funcs="$funcs el_init"@@@ -@@@libs="$libs "" edit"@@@ -END - -# el_init -eval "ac_tr_func=HAVE_`echo el_init | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_el_init=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_el_init=yes" - eval "LIB_el_init=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_el_init=no" - eval "LIB_el_init=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_el_init=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -if test "$ac_cv_func_el_init" = yes ; then - echo $ac_n "checking for four argument el_init""... $ac_c" 1>&6 -echo "configure:10803: checking for four argument el_init" >&5 -if eval "test \"`echo '$''{'ac_cv_func_el_init_four'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - - cat > conftest.$ac_ext < - #include -int main() { -el_init("", NULL, NULL, NULL); -; return 0; } -EOF -if { (eval echo configure:10817: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then - rm -rf conftest* - ac_cv_func_el_init_four=yes -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 - rm -rf conftest* - ac_cv_func_el_init_four=no -fi -rm -f conftest* -fi - -echo "$ac_t""$ac_cv_func_el_init_four" 1>&6 - if test "$ac_cv_func_el_init_four" = yes; then - cat >> confdefs.h <<\EOF -#define HAVE_FOUR_VALUED_EL_INIT 1 -EOF - - fi -fi - - -save_LIBS="$LIBS" -LIBS="$LIB_tgetent $LIBS" - - - -echo $ac_n "checking for readline""... $ac_c" 1>&6 -echo "configure:10845: checking for readline" >&5 -if eval "test \"`echo '$''{'ac_cv_funclib_readline'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - -if eval "test \"\$ac_cv_func_readline\" != yes" ; then - ac_save_LIBS="$LIBS" - for ac_lib in "" edit readline; do - if test -n "$ac_lib"; then - ac_lib="-l$ac_lib" - else - ac_lib="" - fi - LIBS=" $ac_lib $ac_save_LIBS" - cat > conftest.$ac_ext <&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then - rm -rf conftest* - eval "if test -n \"$ac_lib\";then ac_cv_funclib_readline=$ac_lib; else ac_cv_funclib_readline=yes; fi";break -else - echo "configure: failed program was:" >&5 - cat conftest.$ac_ext >&5 -fi -rm -f conftest* - done - eval "ac_cv_funclib_readline=\${ac_cv_funclib_readline-no}" - LIBS="$ac_save_LIBS" -fi - -fi - - -eval "ac_res=\$ac_cv_funclib_readline" - -: << END -@@@funcs="$funcs readline"@@@ -@@@libs="$libs "" edit readline"@@@ -END - -# readline -eval "ac_tr_func=HAVE_`echo readline | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`" -eval "LIB_readline=$ac_res" - -case "$ac_res" in - yes) - eval "ac_cv_func_readline=yes" - eval "LIB_readline=" - cat >> confdefs.h <&6 - ;; - no) - eval "ac_cv_func_readline=no" - eval "LIB_readline=" - echo "$ac_t""no" 1>&6 - ;; - *) - eval "ac_cv_func_readline=yes" - eval "ac_cv_lib_`echo "$ac_res" | sed 's/-l//'`=yes" - cat >> confdefs.h <> confdefs.h <&6 - ;; -esac - - -LIBS="$save_LIBS" -el_yes="# " -if test "$with_readline" -a "$with_readline" != "no"; then - : -elif test "$ac_cv_func_readline" = yes; then - INCLUDE_readline= -elif test "$ac_cv_func_el_init" = yes; then - el_yes= - LIB_readline="-L\$(top_builddir)/lib/editline -lel_compat $LIB_el_init" - INCLUDE_readline='-I$(top_srcdir)/lib/editline' -else - LIB_readline='-L$(top_builddir)/lib/editline -leditline' - INCLUDE_readline='-I$(top_srcdir)/lib/editline' -fi -LIB_readline="$LIB_readline \$(LIB_tgetent)" -cat >> confdefs.h <<\EOF -#define HAVE_READLINE 1 -EOF - - - - - -cat >> confdefs.h <<\EOF -#define AUTHENTICATION 1 -EOF -cat >> confdefs.h <<\EOF -#define KRB4 1 -EOF -cat >> confdefs.h <<\EOF -#define ENCRYPTION 1 -EOF -cat >> confdefs.h <<\EOF -#define DES_ENCRYPTION 1 -EOF -cat >> confdefs.h <<\EOF -#define DIAGNOSTICS 1 -EOF -cat >> confdefs.h <<\EOF -#define OLD_ENVIRON 1 -EOF - -# Simple test for streamspty, based on the existance of getmsg(), alas -# this breaks on SunOS4 which have streams but BSD-like ptys -# -# And also something wierd has happend with dec-osf1, fallback to bsd-ptys - -echo $ac_n "checking for streamspty""... $ac_c" 1>&6 -echo "configure:10974: checking for streamspty" >&5 -case "`uname -sr`" in -SunOS\ 4*|OSF1*|IRIX\ 4*|HP-UX\ ?.1[01].*) - krb_cv_sys_streamspty=no - ;; -AIX*) - os_rel=`uname -v`.`uname -r` - if expr "$os_rel" : "3*" >/dev/null 2>&1; then - krb_cv_sys_streamspty=no - else - krb_cv_sys_streamspty="$ac_cv_func_getmsg_work" - fi - ;; -*) - krb_cv_sys_streamspty="$ac_cv_func_getmsg_work" - ;; -esac -if test "$krb_cv_sys_streamspty" = yes; then - cat >> confdefs.h <<\EOF -#define STREAMSPTY 1 -EOF - -fi -echo "$ac_t""$krb_cv_sys_streamspty" 1>&6 - -echo $ac_n "checking if /bin/ls takes -A""... $ac_c" 1>&6 -echo "configure:11000: checking if /bin/ls takes -A" >&5 -if /bin/ls -A > /dev/null 2>&1 ;then - cat >> confdefs.h <<\EOF -#define HAVE_LS_A 1 -EOF - - krb_ls_a=yes -else - krb_ls_a=no -fi -echo "$ac_t""$krb_ls_a" 1>&6 - -echo $ac_n "checking for suffix of preformatted manual pages""... $ac_c" 1>&6 -echo "configure:11013: checking for suffix of preformatted manual pages" >&5 -if eval "test \"`echo '$''{'krb_cv_sys_cat_suffix'+set}'`\" = set"; then - echo $ac_n "(cached) $ac_c" 1>&6 -else - if grep _version /etc/man.conf > /dev/null 2>&1; then - krb_cv_sys_cat_suffix=0 -else - krb_cv_sys_cat_suffix=number -fi -fi - -echo "$ac_t""$krb_cv_sys_cat_suffix" 1>&6 -if test "$krb_cv_sys_cat_suffix" = number; then - CATSUFFIX='$$s' -else - CATSUFFIX=0 -fi - - - -KRB_KAFS_LIB="-L\$(top_builddir)/lib/kafs -lkafs $AIX_EXTRA_KAFS" - - - - -test "x$prefix" = xNONE && prefix=$ac_default_prefix -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -for i in bin lib libexec sbin; do - i=${i}dir - foo=`echo $i | tr 'xindiscernible' 'XINDISCERNIBLE'` - x="\$${i}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - cat >> confdefs.h < confcache <<\EOF -# This file is a shell script that caches the results of configure -# tests run on this system so they can be shared between configure -# scripts and configure runs. It is not useful on other systems. -# If it contains results you don't want to keep, you may remove or edit it. -# -# By default, configure uses ./config.cache as the cache file, -# creating it if it does not exist already. You can give configure -# the --cache-file=FILE option to use a different cache file; that is -# what configure does when it calls configure scripts in -# subdirectories, so they share the cache. -# Giving --cache-file=/dev/null disables caching, for debugging configure. -# config.status only pays attention to the cache file if you give it the -# --recheck option to rerun configure. -# -EOF -# The following way of writing the cache mishandles newlines in values, -# but we know of no workaround that is simple, portable, and efficient. -# So, don't put newlines in cache variables' values. -# Ultrix sh set writes to stderr and can't be redirected directly, -# and sets the high bit in the cache file unless we assign to the vars. -(set) 2>&1 | - case `(ac_space=' '; set | grep ac_space) 2>&1` in - *ac_space=\ *) - # `set' does not quote correctly, so add quotes (double-quote substitution - # turns \\\\ into \\, and sed turns \\ into \). - sed -n \ - -e "s/'/'\\\\''/g" \ - -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p" - ;; - *) - # `set' quotes correctly as required by POSIX, so do not add quotes. - sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p' - ;; - esac >> confcache -if cmp -s $cache_file confcache; then - : -else - if test -w $cache_file; then - echo "updating cache $cache_file" - cat confcache > $cache_file - else - echo "not updating unwritable cache $cache_file" - fi -fi -rm -f confcache - -trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15 - -test "x$prefix" = xNONE && prefix=$ac_default_prefix -# Let make expand exec_prefix. -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -# Any assignment to VPATH causes Sun make to only execute -# the first set of double-colon rules, so remove it if not needed. -# If there is a colon in the path, we need to keep it. -if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=[^:]*$/d' -fi - -trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15 - -DEFS=-DHAVE_CONFIG_H - -# Without the "./", some shells look in PATH for config.status. -: ${CONFIG_STATUS=./config.status} - -echo creating $CONFIG_STATUS -rm -f $CONFIG_STATUS -cat > $CONFIG_STATUS </dev/null | sed 1q`: -# -# $0 $ac_configure_args -# -# Compiler output produced by configure, useful for debugging -# configure, is in ./config.log if it exists. - -ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]" -for ac_option -do - case "\$ac_option" in - -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) - echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion" - exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;; - -version | --version | --versio | --versi | --vers | --ver | --ve | --v) - echo "$CONFIG_STATUS generated by autoconf version 2.13" - exit 0 ;; - -help | --help | --hel | --he | --h) - echo "\$ac_cs_usage"; exit 0 ;; - *) echo "\$ac_cs_usage"; exit 1 ;; - esac -done - -ac_given_srcdir=$srcdir -ac_given_INSTALL="$INSTALL" - -trap 'rm -fr `echo "\ -Makefile \ -include/Makefile \ -include/sys/Makefile \ - \ -man/Makefile \ - \ -lib/Makefile \ -lib/com_err/Makefile \ -lib/des/Makefile \ -lib/krb/Makefile \ -lib/kdb/Makefile \ -lib/kadm/Makefile \ -lib/acl/Makefile \ -lib/kafs/Makefile \ -lib/roken/Makefile \ -lib/otp/Makefile \ -lib/sl/Makefile \ -lib/editline/Makefile \ -lib/rxkad/Makefile \ -lib/auth/Makefile \ -lib/auth/pam/Makefile \ -lib/auth/sia/Makefile \ -lib/auth/afskauthlib/Makefile \ - \ -kuser/Makefile \ -server/Makefile \ -slave/Makefile \ -admin/Makefile \ -kadmin/Makefile \ - \ -appl/Makefile \ - \ -appl/afsutil/Makefile \ -appl/ftp/Makefile \ -appl/ftp/common/Makefile \ -appl/ftp/ftp/Makefile \ -appl/ftp/ftpd/Makefile \ -appl/telnet/Makefile \ -appl/telnet/libtelnet/Makefile \ -appl/telnet/telnet/Makefile \ -appl/telnet/telnetd/Makefile \ -appl/bsd/Makefile \ -appl/kauth/Makefile \ -appl/popper/Makefile \ -appl/movemail/Makefile \ -appl/push/Makefile \ -appl/sample/Makefile \ -appl/xnlock/Makefile \ -appl/kx/Makefile \ -appl/kip/Makefile \ -appl/otp/Makefile \ -doc/Makefile \ -etc/inetd.conf.changes \ - include/config.h" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15 -EOF -cat >> $CONFIG_STATUS < conftest.subs <<\\CEOF -$ac_vpsub -$extrasub -s%@SHELL@%$SHELL%g -s%@CFLAGS@%$CFLAGS%g -s%@CPPFLAGS@%$CPPFLAGS%g -s%@CXXFLAGS@%$CXXFLAGS%g -s%@FFLAGS@%$FFLAGS%g -s%@DEFS@%$DEFS%g -s%@LDFLAGS@%$LDFLAGS%g -s%@LIBS@%$LIBS%g -s%@exec_prefix@%$exec_prefix%g -s%@prefix@%$prefix%g -s%@program_transform_name@%$program_transform_name%g -s%@bindir@%$bindir%g -s%@sbindir@%$sbindir%g -s%@libexecdir@%$libexecdir%g -s%@datadir@%$datadir%g -s%@sysconfdir@%$sysconfdir%g -s%@sharedstatedir@%$sharedstatedir%g -s%@localstatedir@%$localstatedir%g -s%@libdir@%$libdir%g -s%@includedir@%$includedir%g -s%@oldincludedir@%$oldincludedir%g -s%@infodir@%$infodir%g -s%@mandir@%$mandir%g -s%@PACKAGE@%$PACKAGE%g -s%@VERSION@%$VERSION%g -s%@host@%$host%g -s%@host_alias@%$host_alias%g -s%@host_cpu@%$host_cpu%g -s%@host_vendor@%$host_vendor%g -s%@host_os@%$host_os%g -s%@CANONICAL_HOST@%$CANONICAL_HOST%g -s%@SET_MAKE@%$SET_MAKE%g -s%@LN_S@%$LN_S%g -s%@CC@%$CC%g -s%@CPP@%$CPP%g -s%@YACC@%$YACC%g -s%@LEX@%$LEX%g -s%@LEXLIB@%$LEXLIB%g -s%@RANLIB@%$RANLIB%g -s%@INSTALL_PROGRAM@%$INSTALL_PROGRAM%g -s%@INSTALL_SCRIPT@%$INSTALL_SCRIPT%g -s%@INSTALL_DATA@%$INSTALL_DATA%g -s%@AWK@%$AWK%g -s%@MAKEINFO@%$MAKEINFO%g -s%@WFLAGS@%$WFLAGS%g -s%@WFLAGS_NOUNUSED@%$WFLAGS_NOUNUSED%g -s%@WFLAGS_NOIMPLICITINT@%$WFLAGS_NOIMPLICITINT%g -s%@INCLUDE_socks@%$INCLUDE_socks%g -s%@LIB_socks@%$LIB_socks%g -s%@CRACKLIB@%$CRACKLIB%g -s%@LIB_otp@%$LIB_otp%g -s%@OTP_dir@%$OTP_dir%g -s%@LIB_security@%$LIB_security%g -s%@AFSWS@%$AFSWS%g -s%@LIB_SUBDIRS@%$LIB_SUBDIRS%g -s%@disable_cat_manpages@%$disable_cat_manpages%g -s%@INCLUDE_readline@%$INCLUDE_readline%g -s%@LIB_readline@%$LIB_readline%g -s%@INCLUDE_hesiod@%$INCLUDE_hesiod%g -s%@LIB_hesiod@%$LIB_hesiod%g -s%@LINK@%$LINK%g -s%@lib_deps_yes@%$lib_deps_yes%g -s%@lib_deps_no@%$lib_deps_no%g -s%@REAL_PICFLAGS@%$REAL_PICFLAGS%g -s%@REAL_SHLIBEXT@%$REAL_SHLIBEXT%g -s%@REAL_LD_FLAGS@%$REAL_LD_FLAGS%g -s%@PICFLAGS@%$PICFLAGS%g -s%@SHLIBEXT@%$SHLIBEXT%g -s%@LDSHARED@%$LDSHARED%g -s%@LD_FLAGS@%$LD_FLAGS%g -s%@LIBEXT@%$LIBEXT%g -s%@LIBPREFIX@%$LIBPREFIX%g -s%@EXECSUFFIX@%$EXECSUFFIX%g -s%@build_symlink_command@%$build_symlink_command%g -s%@install_symlink_command@%$install_symlink_command%g -s%@install_symlink_command2@%$install_symlink_command2%g -s%@LIB_dlopen@%$LIB_dlopen%g -s%@AFS_EXTRA_OBJS@%$AFS_EXTRA_OBJS%g -s%@AFS_EXTRA_LIBS@%$AFS_EXTRA_LIBS%g -s%@AFS_EXTRA_LD@%$AFS_EXTRA_LD%g -s%@AFS_EXTRA_DEFS@%$AFS_EXTRA_DEFS%g -s%@AIX_EXTRA_KAFS@%$AIX_EXTRA_KAFS%g -s%@EXTRA_HEADERS@%$EXTRA_HEADERS%g -s%@EXTRA_LOCL_HEADERS@%$EXTRA_LOCL_HEADERS%g -s%@LIB_crypt@%$LIB_crypt%g -s%@LIB_socket@%$LIB_socket%g -s%@LIB_gethostbyname@%$LIB_gethostbyname%g -s%@LIB_odm_initialize@%$LIB_odm_initialize%g -s%@LIB_getattr@%$LIB_getattr%g -s%@LIB_setpcred@%$LIB_setpcred%g -s%@LIB_logwtmp@%$LIB_logwtmp%g -s%@LIB_logout@%$LIB_logout%g -s%@LIB_tgetent@%$LIB_tgetent%g -s%@X_CFLAGS@%$X_CFLAGS%g -s%@X_PRE_LIBS@%$X_PRE_LIBS%g -s%@X_LIBS@%$X_LIBS%g -s%@X_EXTRA_LIBS@%$X_EXTRA_LIBS%g -s%@MAKE_X_PROGS_BIN@%$MAKE_X_PROGS_BIN%g -s%@MAKE_X_SCRIPTS_BIN@%$MAKE_X_SCRIPTS_BIN%g -s%@MAKE_X_PROGS_LIBEXEC@%$MAKE_X_PROGS_LIBEXEC%g -s%@LIB_XauWriteAuth@%$LIB_XauWriteAuth%g -s%@LIB_XauReadAuth@%$LIB_XauReadAuth%g -s%@LIB_XauFileName@%$LIB_XauFileName%g -s%@NEED_WRITEAUTH_TRUE@%$NEED_WRITEAUTH_TRUE%g -s%@NEED_WRITEAUTH_FALSE@%$NEED_WRITEAUTH_FALSE%g -s%@LIB_DBM@%$LIB_DBM%g -s%@DBLIB@%$DBLIB%g -s%@LIB_syslog@%$LIB_syslog%g -s%@LIB_getpwnam_r@%$LIB_getpwnam_r%g -s%@LIB_getsockopt@%$LIB_getsockopt%g -s%@LIB_setsockopt@%$LIB_setsockopt%g -s%@LIB_res_search@%$LIB_res_search%g -s%@LIB_dn_expand@%$LIB_dn_expand%g -s%@ALLOCA@%$ALLOCA%g -s%@LIB_hstrerror@%$LIB_hstrerror%g -s%@LIBOBJS@%$LIBOBJS%g -s%@LIB_AUTH_SUBDIRS@%$LIB_AUTH_SUBDIRS%g -s%@krb_cv_header_sys_socket_h_broken@%$krb_cv_header_sys_socket_h_broken%g -s%@krb_cv_header_netdb_h_broken@%$krb_cv_header_netdb_h_broken%g -s%@LIB_el_init@%$LIB_el_init%g -s%@el_yes@%$el_yes%g -s%@CATSUFFIX@%$CATSUFFIX%g -s%@KRB_KAFS_LIB@%$KRB_KAFS_LIB%g - -CEOF -EOF - -cat >> $CONFIG_STATUS <<\EOF - -# Split the substitutions into bite-sized pieces for seds with -# small command number limits, like on Digital OSF/1 and HP-UX. -ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script. -ac_file=1 # Number of current file. -ac_beg=1 # First line for current file. -ac_end=$ac_max_sed_cmds # Line after last line for current file. -ac_more_lines=: -ac_sed_cmds="" -while $ac_more_lines; do - if test $ac_beg -gt 1; then - sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file - else - sed "${ac_end}q" conftest.subs > conftest.s$ac_file - fi - if test ! -s conftest.s$ac_file; then - ac_more_lines=false - rm -f conftest.s$ac_file - else - if test -z "$ac_sed_cmds"; then - ac_sed_cmds="sed -f conftest.s$ac_file" - else - ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file" - fi - ac_file=`expr $ac_file + 1` - ac_beg=$ac_end - ac_end=`expr $ac_end + $ac_max_sed_cmds` - fi -done -if test -z "$ac_sed_cmds"; then - ac_sed_cmds=cat -fi -EOF - -cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF -for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then - # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". - case "$ac_file" in - *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` - ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; - *) ac_file_in="${ac_file}.in" ;; - esac - - # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories. - - # Remove last slash and all that follows it. Not all systems have dirname. - ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` - if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then - # The file is in a subdirectory. - test ! -d "$ac_dir" && mkdir "$ac_dir" - ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`" - # A "../" for each directory in $ac_dir_suffix. - ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'` - else - ac_dir_suffix= ac_dots= - fi - - case "$ac_given_srcdir" in - .) srcdir=. - if test -z "$ac_dots"; then top_srcdir=. - else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;; - /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;; - *) # Relative path. - srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix" - top_srcdir="$ac_dots$ac_given_srcdir" ;; - esac - - case "$ac_given_INSTALL" in - [/$]*) INSTALL="$ac_given_INSTALL" ;; - *) INSTALL="$ac_dots$ac_given_INSTALL" ;; - esac - - echo creating "$ac_file" - rm -f "$ac_file" - configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure." - case "$ac_file" in - *Makefile*) ac_comsub="1i\\ -# $configure_input" ;; - *) ac_comsub= ;; - esac - - ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` - sed -e "$ac_comsub -s%@configure_input@%$configure_input%g -s%@srcdir@%$srcdir%g -s%@top_srcdir@%$top_srcdir%g -s%@INSTALL@%$INSTALL%g -" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file -fi; done -rm -f conftest.s* - -# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where -# NAME is the cpp macro being defined and VALUE is the value it is being given. -# -# ac_d sets the value in "#define NAME VALUE" lines. -ac_dA='s%^\([ ]*\)#\([ ]*define[ ][ ]*\)' -ac_dB='\([ ][ ]*\)[^ ]*%\1#\2' -ac_dC='\3' -ac_dD='%g' -# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE". -ac_uA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' -ac_uB='\([ ]\)%\1#\2define\3' -ac_uC=' ' -ac_uD='\4%g' -# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE". -ac_eA='s%^\([ ]*\)#\([ ]*\)undef\([ ][ ]*\)' -ac_eB='$%\1#\2define\3' -ac_eC=' ' -ac_eD='%g' - -if test "${CONFIG_HEADERS+set}" != set; then -EOF -cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF -fi -for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then - # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in". - case "$ac_file" in - *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'` - ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;; - *) ac_file_in="${ac_file}.in" ;; - esac - - echo creating $ac_file - - rm -f conftest.frag conftest.in conftest.out - ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"` - cat $ac_file_inputs > conftest.in - -EOF - -# Transform confdefs.h into a sed script conftest.vals that substitutes -# the proper values into config.h.in to produce config.h. And first: -# Protect against being on the right side of a sed subst in config.status. -# Protect against being in an unquoted here document in config.status. -rm -f conftest.vals -cat > conftest.hdr <<\EOF -s/[\\&%]/\\&/g -s%[\\$`]%\\&%g -s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp -s%ac_d%ac_u%gp -s%ac_u%ac_e%gp -EOF -sed -n -f conftest.hdr confdefs.h > conftest.vals -rm -f conftest.hdr - -# This sed command replaces #undef with comments. This is necessary, for -# example, in the case of _POSIX_SOURCE, which is predefined and required -# on some systems where configure will not decide to define it. -cat >> conftest.vals <<\EOF -s%^[ ]*#[ ]*undef[ ][ ]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */% -EOF - -# Break up conftest.vals because some shells have a limit on -# the size of here documents, and old seds have small limits too. - -rm -f conftest.tail -while : -do - ac_lines=`grep -c . conftest.vals` - # grep -c gives empty output for an empty file on some AIX systems. - if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi - # Write a limited-size here document to conftest.frag. - echo ' cat > conftest.frag <> $CONFIG_STATUS - sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS - echo 'CEOF - sed -f conftest.frag conftest.in > conftest.out - rm -f conftest.in - mv conftest.out conftest.in -' >> $CONFIG_STATUS - sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail - rm -f conftest.vals - mv conftest.tail conftest.vals -done -rm -f conftest.vals - -cat >> $CONFIG_STATUS <<\EOF - rm -f conftest.frag conftest.h - echo "/* $ac_file. Generated automatically by configure. */" > conftest.h - cat conftest.in >> conftest.h - rm -f conftest.in - if cmp -s $ac_file conftest.h 2>/dev/null; then - echo "$ac_file is unchanged" - rm -f conftest.h - else - # Remove last slash and all that follows it. Not all systems have dirname. - ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'` - if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then - # The file is in a subdirectory. - test ! -d "$ac_dir" && mkdir "$ac_dir" - fi - rm -f $ac_file - mv conftest.h $ac_file - fi -fi; done - -EOF -cat >> $CONFIG_STATUS <> $CONFIG_STATUS <<\EOF - -exit 0 -EOF -chmod +x $CONFIG_STATUS -rm -fr confdefs* $ac_clean_files -test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1 - - -cat > include/newversion.h.in </dev/null | sed 1q` - Date=`date` - mv -f include/newversion.h.in include/version.h.in - sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h -fi - diff --git a/crypto/kerberosIV/configure.in b/crypto/kerberosIV/configure.in deleted file mode 100644 index ed1bfa48b104..000000000000 --- a/crypto/kerberosIV/configure.in +++ /dev/null @@ -1,1286 +0,0 @@ -dnl -dnl *** PLEASE NOTE *** -dnl *** PLEASE NOTE *** -dnl *** PLEASE NOTE *** -dnl -dnl Update $VERSION before making a new release -dnl - -dnl Process this file with autoconf to produce a configure script. -dnl -AC_REVISION($Revision: 1.432.2.14 $) -AC_INIT(lib/krb/getrealm.c) -AC_CONFIG_HEADER(include/config.h) - -dnl -dnl definitions -dnl - -PACKAGE=krb4 -AC_SUBST(PACKAGE)dnl -VERSION=1.0.5 -AC_SUBST(VERSION)dnl -AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package])dnl -AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])dnl - -# This may be overridden using --prefix=/usr to configure -AC_PREFIX_DEFAULT(/usr/athena) - -AC_CANONICAL_HOST -CANONICAL_HOST=$host -AC_SUBST(CANONICAL_HOST) - -dnl OS specific defines - -sunos=no -case "$host" in -*-*-sunos4*) - sunos=40 - ;; -*-*-solaris2.7) - sunos=57 - ;; -*-*-solaris2.8) - sunos=58 - ;; -*-*-solaris2*) - sunos=50 - ;; -esac -if test "$sunos" != no; then - AC_DEFINE_UNQUOTED(SunOS, $sunos, - [Define to what version of SunOS you are running.]) -fi - -AC_PROG_MAKE_SET -AC_ARG_PROGRAM - -# We want these before the checks, so the checks can modify their values. -test -z "$LDFLAGS" && LDFLAGS=-g - -dnl -dnl check for programs -dnl - -AC_KRB_PROG_LN_S -AC_PROG_CC -AC_PROG_CPP -AC_ISC_POSIX -AC_KRB_PROG_YACC -AC_PROG_LEX -AC_PROG_RANLIB -AC_PROG_INSTALL -AC_PROG_AWK -AC_CHECK_PROG(MAKEINFO, makeinfo, makeinfo, :) - -dnl Use make Wall or make WFLAGS=".." -WFLAGS="" -WFLAGS_NOUNUSED="" -WFLAGS_NOIMPLICITINT="" -AC_SUBST(WFLAGS) dnl -AC_SUBST(WFLAGS_NOUNUSED) dnl -AC_SUBST(WFLAGS_NOIMPLICITINT) dnl - -dnl -dnl check for build options -dnl - -AC_TEST_PACKAGE_NEW(socks,[#include ],-lsocks5) -CFLAGS="$INCLUDE_socks $CFLAGS" -LIBS="$LIB_socks $LIBS" - -AC_ARG_ENABLE(legacy-kdestroy, -[ --enable-legacy-kdestroy kdestroy doesn't destroy tokens by default],[ -if test "$enableval" = "yes"; then - AC_DEFINE(LEGACY_KDESTROY,1, [Define to enable old kdestroy behavior.]) -fi -]) - -AC_ARG_ENABLE(match-subdomains, -[ --enable-match-subdomains match realm in subdomains], -[if test "$enableval" = "yes"; then - AC_DEFINE(MATCH_SUBDOMAINS,1, [Define if you want to match subdomains.]) -fi -]) - -AC_ARG_WITH(ld-flags, -[ --with-ld-flags=flags what flags use when linking]) - -AC_ARG_WITH(cracklib, -[ --with-cracklib=dir use the cracklib.a in dir], -) - -AC_ARG_WITH(dictpath, -[ --with-dictpath=path use this dictionary with cracklib] -) - -(test -z "$with_cracklib" && test -n "$with_dictpath") || -(test -n "$with_cracklib" && test -z "$with_dictpath") && -AC_MSG_ERROR(--with-cracklib requires --with-dictpath and vice versa) -test -n "$with_cracklib" && -CRACKLIB="-L$with_cracklib -lcrack" && -AC_MSG_RESULT(Using cracklib in $with_cracklib) -AC_SUBST(CRACKLIB)dnl -test -n "$with_dictpath" && -AC_MSG_RESULT(Using dictpath=$with_dictpath) && -AC_DEFINE_UNQUOTED(DICTPATH,"$with_dictpath", [Define this to be the directory where the - dictionary for cracklib resides.]) - -AC_ARG_WITH(mailspool, -[ --with-mailspool=dir this is the mail spool directory] -) - -test -n "$with_mailspool" && -AC_DEFINE_UNQUOTED(KRB4_MAILDIR, "$with_mailspool", [Define this to the path of the mail spool directory.]) - -AC_ARG_WITH(db-dir, -[ --with-db-dir=dir this is the database directory (default /var/kerberos)]) - -test -n "$with_db_dir" && -AC_DEFINE_UNQUOTED(DB_DIR, "$with_db_dir", [Define this to the kerberos database directory.]) - -AC_ARG_ENABLE(random-mkey, -[ --enable-random-mkey use new code for master keys],[ -if test "$enableval" = "yes"; then - AC_DEFINE(RANDOM_MKEY,1, [Define to enable new master key code.]) -fi -]) - -AC_ARG_WITH(mkey, -[ --with-mkey=file where to put the master key],[ -if test -n "$withval"; then - AC_DEFINE_UNQUOTED(MKEYFILE,"$withval", [Define this to the location of the master key.]) -fi -]) - -otp=yes -AC_ARG_ENABLE(otp, -[ --disable-otp if you don't want OTP support], -[ -if test "$enableval" = "no"; then - otp=no -fi -]) - -if test "$otp" = "yes"; then - AC_DEFINE(OTP) - LIB_otp='-L$(top_builddir)/lib/otp -lotp' - OTP_dir=otp - LIB_SUBDIRS="$LIB_SUBDIRS otp" -fi -AC_SUBST(LIB_otp) -AC_SUBST(OTP_dir) - -AC_CHECK_OSFC2 - -mmap=yes -AC_ARG_ENABLE(mmap, -[ --disable-mmap disable use of mmap], -[ -if test "$enableval" = "no"; then - mmap=no -fi -]) -if test "$mmap" = "no"; then - AC_DEFINE(NO_MMAP, 1, [Define if you don't want to use mmap.]) -fi - -aix_dynamic_afs=yes -AC_ARG_ENABLE(dynamic-afs, -[ --disable-dynamic-afs don't use loaded AFS library with AIX],[ -if test "$enableval" = "no"; then - aix_dynamic_afs=no -fi -]) - -berkeley_db=db -AC_ARG_WITH(berkeley-db, -[ --without-berkeley-db if you don't want berkeley db],[ -if test "$withval" = no; then - berkeley_db="" -fi -]) - -afs_support=yes -AC_ARG_WITH(afs-support, -[ --without-afs-support if you don't want support for afs],[ -if test "$withval" = no; then - AC_DEFINE(NO_AFS, 1, [Define if you don't wan't support for AFS.]) - afs_support=no -fi -]) - -des_quad=guess -AC_ARG_WITH(des-quad-checksum, -[ --with-des-quad-checksum=kind - default checksum to use (new, old, or guess)],[ -des_quad="$withval" -]) -if test "$des_quad" = "new"; then - ac_x=DES_QUAD_NEW -elif test "$des_quad" = "old"; then - ac_x=DES_QUAD_OLD -else - ac_x=DES_QUAD_GUESS -fi -AC_DEFINE_UNQUOTED(DES_QUAD_DEFAULT,$ac_x, - [Set this to the type of des-quad-cheksum to use.]) - -AC_ARG_WITH(afsws, -[ --with-afsws=dir use AFS includes and libraries from dir=/usr/afsws], -AFSWS=$withval, -AFSWS=/usr/afsws -) -test "$AFSWS" = "yes" && AFSWS=/usr/afsws -AC_SUBST(AFSWS) - -AC_ARG_ENABLE(rxkad, -[ --enable-rxkad build rxkad library]) - -if test "$afs_support" = yes -a "$enable_rxkad" = yes; then - LIB_SUBDIRS="$LIB_SUBDIRS rxkad" -fi -AC_SUBST(LIB_SUBDIRS) - -AC_ARG_ENABLE(cat-manpages, -[ --disable-cat-manpages don't install any preformatted manpages], -[ -if test "$enableval" = "no"; then - disable_cat_manpages=yes -fi -]) - -AC_SUBST(disable_cat_manpages)dnl - -AC_TEST_PACKAGE_NEW(readline,[ -#include -#include -],-lreadline) - -AC_MIPS_ABI - -AC_TEST_PACKAGE_NEW(hesiod,[#include ],-lhesiod) - -AC_SHARED_LIBS - -dnl -dnl Check for endian-ness, this breaks cross compilation -dnl -AC_C_BIGENDIAN - -dnl -dnl Check for constness -dnl -AC_C_CONST - -dnl -dnl Check for inline keyword -dnl -AC_C_INLINE - -dnl -dnl Check for __attribute__ -dnl -AC_C___ATTRIBUTE__ - -dnl -dnl Check for strange operating systems that you need to handle differently -dnl - -AC_KRB_SYS_NEXTSTEP -AC_KRB_SYS_AIX - -if test "$krb_cv_sys_aix" = yes ;then - if test "$aix_dynamic_afs" = yes; then - AFS_EXTRA_OBJS= - AFS_EXTRA_LIBS=afslib.so - # this works differently in AIX <=3 and 4 - if test `uname -v` = 4 ; then - AFS_EXTRA_LD="-bnoentry" - else - AFS_EXTRA_LD="-e _nostart" - fi - AFS_EXTRA_DEFS= - AC_FIND_FUNC_NO_LIBS(dlopen, dl) - if test "$ac_cv_funclib_dlopen" = yes; then - AIX_EXTRA_KAFS= - elif test "$ac_cv_funclib_dlopen" != no; then - AIX_EXTRA_KAFS="$ac_cv_funclib_dlopen" - else - AFS_EXTRA_OBJS="$AFS_EXTRA_OBJS dlfcn.o" - AIX_EXTRA_KAFS=-lld - fi - else - AFS_EXTRA_OBJS='$(srcdir)/afsl.exp afslib.o' - AFS_EXTRA_LIBS= - AFS_EXTRA_DEFS='-DSTATIC_AFS_SYSCALLS' - AIX_EXTRA_KAFS= - fi - AC_SUBST(AFS_EXTRA_OBJS)dnl - AC_SUBST(AFS_EXTRA_LIBS)dnl - AC_SUBST(AFS_EXTRA_LD)dnl - AC_SUBST(AFS_EXTRA_DEFS)dnl - AC_SUBST(AIX_EXTRA_KAFS)dnl -fi - -# -# AIX needs /lib/pse.exp for getmsg, but alas that file is broken in -# AIX414 -# - -case "${host}" in -*-*-aix4.1*) -if test -f /lib/pse.exp ;then - LIBS="$LIBS -Wl,-bnolibpath -Wl,-bI:/lib/pse.exp" -fi -;; -*-*-aix*) - LIBS="$LIBS -Wl,-bnolibpath" - ;; -esac - -dnl -dnl Various checks for headers and their contents -dnl - -AC_HEADER_STDC - -AC_CHECK_HEADERS([arpa/ftp.h \ - arpa/inet.h \ - arpa/nameser.h \ - arpa/telnet.h \ - bsd/bsd.h \ - bsdsetjmp.h \ - capability.h \ - crypt.h \ - curses.h \ - db.h \ - dbm.h \ - dirent.h \ - err.h \ - errno.h \ - fcntl.h \ - fnmatch.h \ - gdbm/ndbm.h \ - grp.h \ - inttypes.h \ - io.h \ - lastlog.h \ - libutil.h \ - limits.h \ - login.h \ - maillock.h \ - ndbm.h \ - net/if.h \ - net/if_tun.h \ - net/if_var.h \ - netdb.h \ - netinet/in.h \ - netinet/in6_machtypes.h \ - netinet/in_systm.h \ - paths.h \ - pty.h \ - pwd.h \ - resolv.h \ - rpcsvc/dbm.h \ - rpcsvc/ypclnt.h \ - sac.h \ - security/pam_modules.h \ - shadow.h \ - siad.h \ - signal.h \ - stropts.h \ - sys/bitypes.h \ - sys/category.h \ - sys/file.h \ - sys/filio.h \ - sys/ioccom.h \ - sys/ioctl.h \ - sys/locking.h \ - sys/mman.h \ - sys/param.h \ - sys/proc.h \ - sys/pty.h \ - sys/ptyio.h \ - sys/ptyvar.h \ - sys/resource.h \ - sys/select.h \ - sys/socket.h \ - sys/sockio.h \ - sys/stat.h \ - sys/str_tty.h \ - sys/stream.h \ - sys/stropts.h \ - sys/strtty.h \ - sys/syscall.h \ - sys/sysctl.h \ - sys/termio.h \ - sys/time.h \ - sys/timeb.h \ - sys/times.h \ - sys/tty.h \ - sys/types.h \ - sys/uio.h \ - sys/un.h \ - sys/utsname.h \ - sys/wait.h \ - syslog.h \ - term.h \ - termcap.h \ - termio.h \ - termios.h \ - tmpdir.h \ - ttyent.h \ - udb.h \ - ulimit.h \ - unistd.h \ - userpw.h \ - usersec.h \ - util.h \ - utime.h \ - utmp.h \ - utmpx.h \ - wait.h]) - -AC_HEADER_TIME -AC_DECL_SYS_SIGLIST - -CHECK_NETINET_IP_AND_TCP - -EXTRA_LOCL_HEADERS= -EXTRA_HEADERS= -if test "$ac_cv_header_err_h" != yes; then - EXTRA_HEADERS="$EXTRA_HEADERS err.h" -fi -if test "$ac_cv_header_fnmatch_h" != yes; then - EXTRA_LOCL_HEADERS="$EXTRA_LOCL_HEADERS fnmatch.h" -fi -AC_SUBST(EXTRA_HEADERS) -AC_SUBST(EXTRA_LOCL_HEADERS) - -AC_GROK_TYPES(int8_t int16_t int32_t int64_t) -AC_GROK_TYPES(u_int8_t u_int16_t u_int32_t u_int64_t) - -AC_MSG_CHECKING(for strange sys/bitypes.h) -AC_CACHE_VAL(krb_cv_int8_t_ifdef, [ -AC_TRY_COMPILE([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_BITYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H -#include -#endif -], -int8_t x; -, -krb_cv_int8_t_ifdef=no, -krb_cv_int8_t_ifdef=yes)]) -AC_MSG_RESULT($krb_cv_int8_t_ifdef) -if test "$krb_cv_int8_t_ifdef" = "yes"; then - AC_DEFINE(HAVE_STRANGE_INT8_T, 1, [Huh?])dnl -fi - -dnl -dnl Various checks for libraries and their contents -dnl - -AC_FIND_FUNC_NO_LIBS(crypt, crypt)dnl - -dnl -dnl System V is have misplaced the socket routines, should really be in libc -dnl - -AC_FIND_FUNC(socket, socket, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif], -[0,0,0]) -AC_FIND_FUNC(gethostbyname, nsl, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif], -"foo") - -dnl -dnl Horror AIX needs -lodm -lcfg to link login -dnl - -AC_FIND_FUNC(odm_initialize, odm) -AC_FIND_FUNC(getattr, cfg) -AC_FIND_FUNC(setpcred, s) -AC_FIND_FUNC(logwtmp, util) - -AC_FIND_FUNC(logout, util) -AC_FIND_FUNC_NO_LIBS(tgetent, termcap ncurses curses) - -dnl -dnl See if there is any X11 present -dnl -KRB_CHECK_X -if test "$no_x" = "yes" ; then - MAKE_X_PROGS_BIN="" - MAKE_X_SCRIPTS_BIN="" - MAKE_X_PROGS_LIBEXEC="" -else - MAKE_X_PROGS_BIN='$(X_PROGS_BIN)' - MAKE_X_SCRIPTS_BIN='$(X_SCRIPTS_BIN)' - MAKE_X_PROGS_LIBEXEC='$(X_PROGS_LIBEXEC)' -fi -AC_SUBST(MAKE_X_PROGS_BIN)dnl -AC_SUBST(MAKE_X_SCRIPTS_BIN)dnl -AC_SUBST(MAKE_X_PROGS_LIBEXEC)dnl - -AC_CHECK_XAU - -dnl -dnl Look for berkeley db, gdbm, and ndbm in that order. -dnl - -KRB_FIND_DB("" $berkeley_db gdbm ndbm) - -AC_FIND_FUNC(syslog, syslog) - -AC_BROKEN_SNPRINTF -AC_BROKEN_GLOB - -if test "$ac_cv_func_glob_working" != yes; then - EXTRA_LOCL_HEADERS="$EXTRA_LOCL_HEADERS glob.h" - LIBOBJS="$LIBOBJS glob.o" -fi - -AC_CHECK_FUNCS([ \ - _getpty \ - _scrsize \ - _setsid \ - _stricmp \ - asnprintf \ - asprintf \ - atexit \ - cgetent \ - chroot \ - fattach \ - fchmod \ - fcntl \ - forkpty \ - frevoke \ - getpriority \ - getrlimit \ - getservbyname \ - getspnam \ - gettimeofday \ - gettosbyname \ - getuid \ - grantpt \ - mktime \ - on_exit \ - parsetos \ - ptsname \ - rand \ - random \ - revoke \ - setitimer \ - setpgid \ - setpriority \ - setproctitle \ - setregid \ - setresgid \ - setresuid \ - setreuid \ - setsid \ - setutent \ - sigaction \ - sysconf \ - sysctl \ - ttyname \ - ttyslot \ - ulimit \ - uname \ - unlockpt \ - vasnprintf \ - vasprintf \ - vhangup \ - vsnprintf \ - yp_get_default_domain \ - ]) - -KRB_CAPABILITIES - -AC_CHECK_GETPWNAM_R_POSIX - -AC_FIND_FUNC_NO_LIBS(getsockopt,, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif], -[0,0,0,0,0]) -AC_FIND_FUNC_NO_LIBS(setsockopt,, -[#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif], -[0,0,0,0,0]) - -dnl Cray stuff -AC_CHECK_FUNCS(getudbnam setlim) - -AC_FIND_FUNC(res_search, resolv, -[ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -], -[0,0,0,0,0]) - -AC_FIND_FUNC(dn_expand, resolv, -[ -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -], -[0,0,0,0,0]) - -AC_SUBST(LIB_res_search)dnl -AC_SUBST(LIB_dn_expand)dnl - -AC_FUNC_MMAP -AC_FUNC_ALLOCA - -AC_FUNC_GETLOGIN - -AC_FIND_IF_NOT_BROKEN(hstrerror, resolv, -[#ifdef HAVE_NETDB_H -#include -#endif], -17) -if test "$ac_cv_func_hstrerror" = yes; then -AC_NEED_PROTO([ -#ifdef HAVE_NETDB_H -#include -#endif], -hstrerror) -fi - -AC_BROKEN(chown copyhostent daemon err errx fchown flock fnmatch freehostent) -AC_BROKEN(getcwd getdtablesize gethostname getipnodebyaddr getipnodebyname) -AC_BROKEN(geteuid getgid getegid) -AC_BROKEN(getopt getusershell) -AC_BROKEN(inet_aton inet_ntop inet_pton initgroups innetgr iruserok lstat) -AC_BROKEN(memmove) -AC_BROKEN(mkstemp putenv rcmd readv recvmsg sendmsg setegid setenv seteuid) -AC_BROKEN(strcasecmp strncasecmp strdup strerror strftime) -AC_BROKEN(strlcat strlcpy strlwr) -AC_BROKEN(strndup strnlen strptime strsep strtok_r strupr) -AC_BROKEN(swab unsetenv verr verrx vsyslog) -AC_BROKEN(vwarn vwarnx warn warnx writev) - -if test "$ac_cv_func_gethostname" = "yes"; then -AC_NEED_PROTO([ -#include ], -gethostname) -fi - -if test "$ac_cv_func_mkstemp" = "yes"; then -AC_NEED_PROTO([ -#include ], -mkstemp) -fi - -if test "$ac_cv_func_inet_aton" = "yes"; then -AC_NEED_PROTO([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif], -inet_aton) -fi - -AC_CACHE_CHECK(if realloc is broken, ac_cv_func_realloc_broken, [ -ac_cv_func_realloc_broken=no -AC_TRY_RUN([ -#include -#include - -int main() -{ - return realloc(NULL, 17) == NULL; -} -],:, ac_cv_func_realloc_broken=yes, :) -]) -if test "$ac_cv_func_realloc_broken" = yes ; then - AC_DEFINE(BROKEN_REALLOC, 1, [Define if realloc(NULL, X) doesn't work.]) -fi - -AC_KRB_FUNC_GETCWD_BROKEN - -dnl -dnl Figure what authentication modules should be built -dnl - -AC_MSG_CHECKING(which authentication modules should be built) - -LIB_AUTH_SUBDIRS= - -if test "$ac_cv_header_siad_h" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS sia" -fi - -if test "$ac_cv_header_security_pam_modules_h" = yes -a "$enable_shared" = yes; then - LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS pam" -fi - -case "${host}" in -changequote(,)dnl -*-*-irix[56]*) LIB_AUTH_SUBDIRS="$LIB_AUTH_SUBDIRS afskauthlib" ;; -changequote([,])dnl -esac - -AC_MSG_RESULT($LIB_AUTH_SUBDIRS) - -AC_SUBST(LIB_AUTH_SUBDIRS)dnl - -dnl -dnl Checks for prototypes and declarations -dnl - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -], -gethostbyname, struct hostent *gethostbyname(const char *)) - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -], -gethostbyaddr, struct hostent *gethostbyaddr(const void *, size_t, int)) - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -], -getservbyname, struct servent *getservbyname(const char *, const char *)) - -AC_PROTO_COMPAT([ -#ifdef HAVE_SYSLOG_H -#include -#endif -], -openlog, void openlog(const char *, int, int)) - -AC_NEED_PROTO([ -#ifdef HAVE_CRYPT_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -], -crypt) - -AC_NEED_PROTO([ -#include -], -fclose) - -AC_NEED_PROTO([ -#include -], -strtok_r) - -AC_NEED_PROTO([ -#include -], -strsep) - -AC_NEED_PROTO([ -#include -], -getusershell) - -AC_NEED_PROTO([ -#ifdef HAVE_UTIME_H -#include -#endif -], -utime) - -AC_CHECK_VAR([#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif], -h_errno) - -AC_CHECK_VAR([#ifdef HAVE_NETDB_H -#include -#endif], -h_errlist) - -AC_CHECK_VAR([#ifdef HAVE_NETDB_H -#include -#endif], -h_nerr) - -AC_CHECK_VAR([#ifdef HAVE_ERR_H -#include -#endif],[__progname]) - -AC_CHECK_DECLARATION([#include -#ifdef HAVE_UNISTD_H -#include -#endif], optarg) -AC_CHECK_DECLARATION([#include -#ifdef HAVE_UNISTD_H -#include -#endif], optind) -AC_CHECK_DECLARATION([#include -#ifdef HAVE_UNISTD_H -#include -#endif], opterr) -AC_CHECK_DECLARATION([#include -#ifdef HAVE_UNISTD_H -#include -#endif], optopt) - -AC_CHECK_DECLARATION([#include ], environ) - -dnl -dnl According to ANSI you are explicitly allowed to cast to void, -dnl but the standard fails to say what should happen. Some compilers -dnl think this is illegal: -dnl -dnl void foo(void) -dnl { -dnl return (void)0; -dnl } -dnl -dnl Thus explicitly test for void -dnl -AC_TYPE_SIGNAL -if test "$ac_cv_type_signal" = "void" ; then - AC_DEFINE(VOID_RETSIGTYPE, 1, [Define if RETSIGTYPE == void.]) -fi - -dnl -dnl Check for fields in struct utmp -dnl - -AC_HAVE_STRUCT_FIELD(struct utmp, ut_addr, -[#include - #include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_host, -[#include - #include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_id, -[#include - #include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_pid, -[#include - #include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_type, -[#include - #include ]) -AC_HAVE_STRUCT_FIELD(struct utmp, ut_user, -[#include - #include ]) -AC_HAVE_STRUCT_FIELD(struct utmpx, ut_exit, -[#include - #include ]) -AC_HAVE_STRUCT_FIELD(struct utmpx, ut_syslen, -[#include - #include ]) - -dnl -dnl Check for fields in struct tm -dnl - -AC_HAVE_STRUCT_FIELD(struct tm, tm_gmtoff, [#include ]) -AC_HAVE_STRUCT_FIELD(struct tm, tm_zone, [#include ]) - -dnl -dnl or do we have a variable `timezone' ? -dnl - -AC_CHECK_VAR( -[#include ], -timezone) - -AC_HAVE_TYPE([sa_family_t],[#include ]) - -AC_HAVE_TYPE([socklen_t],[#include ]) - -AC_HAVE_TYPE([struct sockaddr_storage], [#include ]) - -AC_KRB_STRUCT_SPWD - -AC_STRUCT_ST_BLKSIZE - -dnl -dnl Check for struct winsize -dnl - -AC_KRB_STRUCT_WINSIZE - -dnl -dnl Check for some common types -dnl - -AC_TYPE_PID_T -AC_TYPE_UID_T -AC_TYPE_OFF_T -AC_TYPE_SIZE_T - -AC_CHECK_TYPE_EXTRA(ssize_t, int, [ -#ifdef HAVE_UNISTD_H -#include -#endif]) - -AC_CHECK_TYPE_EXTRA(sig_atomic_t, int, [#include ]) - -dnl -dnl Check for broken ultrix sys/socket.h -dnl - -AC_MSG_CHECKING(for broken sys/socket.h) -AC_CACHE_VAL(krb_cv_header_sys_socket_h_broken, [ -AC_TRY_COMPILE( -[#include -#include -#include ],[], -krb_cv_header_sys_socket_h_broken=no, -krb_cv_header_sys_socket_h_broken=yes)]) -AC_MSG_RESULT($krb_cv_header_sys_socket_h_broken) -AC_SUBST(krb_cv_header_sys_socket_h_broken) - -dnl -dnl Check for broken ultrix netdb.h -dnl - -AC_MSG_CHECKING(for broken netdb.h) -AC_CACHE_VAL(krb_cv_header_netdb_h_broken, [ -AC_TRY_COMPILE( -[#include -#include -#include ],[], -krb_cv_header_netdb_h_broken=no, -krb_cv_header_netdb_h_broken=yes)]) -AC_MSG_RESULT($krb_cv_header_netdb_h_broken) -AC_SUBST(krb_cv_header_netdb_h_broken) -if test "$krb_cv_header_netdb_h_broken" = "yes"; then - EXTRA_HEADERS="$EXTRA_HEADERS netdb.h" -fi - -dnl -dnl Check for sa_len in sys/socket.h -dnl - -AC_HAVE_STRUCT_FIELD(struct sockaddr, sa_len, [#include -#include ]) - -dnl -dnl Check for ouid in sys/siad.h -dnl - -if test "$ac_cv_header_siad_h" = yes; then -AC_HAVE_STRUCT_FIELD(SIAENTITY, ouid, [#include ]) -fi - -dnl -dnl you can link with getmsg on AIX 3.2 but you cannot run the program -dnl - -AC_CHECK_FUNC(getmsg) - -if test "$ac_cv_func_getmsg" = "yes"; then - -AC_CACHE_CHECK(for working getmsg, ac_cv_func_getmsg_work, -AC_TRY_RUN( -[ -#include -#include - -int main() -{ - int ret; - ret = getmsg(open("/dev/null", 0), NULL, NULL, NULL); - if(ret < 0 && errno == ENOSYS) - return 1; - return 0; -} -], ac_cv_func_getmsg_work=yes, ac_cv_func_getmsg_work=no, -ac_cv_func_getmsg_work=no)) -test "$ac_cv_func_getmsg_work" = "yes" && -AC_DEFINE(HAVE_GETMSG, 1, [Define if you have a working getmsg.]) - -fi - -dnl -dnl Tests for editline -dnl - -dnl el_init - -AC_FIND_FUNC_NO_LIBS(el_init, edit, [], [], [$LIB_tgetent]) -if test "$ac_cv_func_el_init" = yes ; then - AC_CACHE_CHECK(for four argument el_init, ac_cv_func_el_init_four,[ - AC_TRY_COMPILE([#include - #include ], - [el_init("", NULL, NULL, NULL);], - ac_cv_func_el_init_four=yes, - ac_cv_func_el_init_four=no)]) - if test "$ac_cv_func_el_init_four" = yes; then - AC_DEFINE(HAVE_FOUR_VALUED_EL_INIT, 1, [Define if el_init takes four arguments.]) - fi -fi - -dnl readline - -save_LIBS="$LIBS" -LIBS="$LIB_tgetent $LIBS" -AC_FIND_FUNC_NO_LIBS(readline, edit readline) -LIBS="$save_LIBS" -el_yes="# " -if test "$with_readline" -a "$with_readline" != "no"; then - : -elif test "$ac_cv_func_readline" = yes; then - INCLUDE_readline= -elif test "$ac_cv_func_el_init" = yes; then - el_yes= - LIB_readline="-L\$(top_builddir)/lib/editline -lel_compat $LIB_el_init" - INCLUDE_readline='-I$(top_srcdir)/lib/editline' -else - LIB_readline='-L$(top_builddir)/lib/editline -leditline' - INCLUDE_readline='-I$(top_srcdir)/lib/editline' -fi -LIB_readline="$LIB_readline \$(LIB_tgetent)" -AC_DEFINE(HAVE_READLINE, 1, [Define if you have a readline function.])dnl XXX -AC_SUBST(LIB_readline) -AC_SUBST(INCLUDE_readline) -AC_SUBST(el_yes) - -dnl telnet muck -------------------------------------------------- - -AC_DEFINE(AUTHENTICATION)dnl -AC_DEFINE(KRB4)dnl -AC_DEFINE(ENCRYPTION)dnl -AC_DEFINE(DES_ENCRYPTION)dnl -AC_DEFINE(DIAGNOSTICS)dnl -AC_DEFINE(OLD_ENVIRON)dnl - -# Simple test for streamspty, based on the existance of getmsg(), alas -# this breaks on SunOS4 which have streams but BSD-like ptys -# -# And also something wierd has happend with dec-osf1, fallback to bsd-ptys - -AC_MSG_CHECKING(for streamspty) -case "`uname -sr`" in -SunOS\ 4*|OSF1*|IRIX\ 4*|HP-UX\ ?.1[[01]].*) - krb_cv_sys_streamspty=no - ;; -AIX*) - os_rel=`uname -v`.`uname -r` - if expr "$os_rel" : "3*" >/dev/null 2>&1; then - krb_cv_sys_streamspty=no - else - krb_cv_sys_streamspty="$ac_cv_func_getmsg_work" - fi - ;; -*) - krb_cv_sys_streamspty="$ac_cv_func_getmsg_work" - ;; -esac -if test "$krb_cv_sys_streamspty" = yes; then - AC_DEFINE(STREAMSPTY, 1, [Define if you have working stream ptys.]) -fi -dnl AC_SUBST(STREAMSPTY) -AC_MSG_RESULT($krb_cv_sys_streamspty) - -AC_MSG_CHECKING([if /bin/ls takes -A]) -if /bin/ls -A > /dev/null 2>&1 ;then - AC_DEFINE(HAVE_LS_A, 1, [Define if /bin/ls has a \`-A' flag.]) - krb_ls_a=yes -else - krb_ls_a=no -fi -AC_MSG_RESULT($krb_ls_a) - -dnl ------------------------------------------------------------ -AC_CACHE_CHECK(for suffix of preformatted manual pages, krb_cv_sys_cat_suffix, -if grep _version /etc/man.conf > /dev/null 2>&1; then - krb_cv_sys_cat_suffix=0 -else - krb_cv_sys_cat_suffix=number -fi) -if test "$krb_cv_sys_cat_suffix" = number; then - CATSUFFIX='$$s' -else - CATSUFFIX=0 -fi -AC_SUBST(CATSUFFIX) - -dnl ------------------------------------------------------------ - -KRB_KAFS_LIB="-L\$(top_builddir)/lib/kafs -lkafs $AIX_EXTRA_KAFS" -AC_SUBST(KRB_KAFS_LIB)dnl - -dnl ------------------------------------------------------------ - - -dnl This is done by AC_OUTPUT but we need the result here. - -test "x$prefix" = xNONE && prefix=$ac_default_prefix -test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' - -for i in bin lib libexec sbin; do - i=${i}dir - foo=`echo $i | tr 'xindiscernible' 'XINDISCERNIBLE'` - x="\$${i}" - eval y="$x" - while test "x$y" != "x$x"; do - x="$y" - eval y="$x" - done - AC_DEFINE_UNQUOTED($foo,"$x") -done - -dnl -dnl We are all set to emit the Makefiles and config.h -dnl -AC_OUTPUT( \ -Makefile \ -include/Makefile \ -include/sys/Makefile \ - \ -man/Makefile \ - \ -lib/Makefile \ -lib/com_err/Makefile \ -lib/des/Makefile \ -lib/krb/Makefile \ -lib/kdb/Makefile \ -lib/kadm/Makefile \ -lib/acl/Makefile \ -lib/kafs/Makefile \ -lib/roken/Makefile \ -lib/otp/Makefile \ -lib/sl/Makefile \ -lib/editline/Makefile \ -lib/rxkad/Makefile \ -lib/auth/Makefile \ -lib/auth/pam/Makefile \ -lib/auth/sia/Makefile \ -lib/auth/afskauthlib/Makefile \ - \ -kuser/Makefile \ -server/Makefile \ -slave/Makefile \ -admin/Makefile \ -kadmin/Makefile \ - \ -appl/Makefile \ - \ -appl/afsutil/Makefile \ -appl/ftp/Makefile \ -appl/ftp/common/Makefile \ -appl/ftp/ftp/Makefile \ -appl/ftp/ftpd/Makefile \ -appl/telnet/Makefile \ -appl/telnet/libtelnet/Makefile \ -appl/telnet/telnet/Makefile \ -appl/telnet/telnetd/Makefile \ -appl/bsd/Makefile \ -appl/kauth/Makefile \ -appl/popper/Makefile \ -appl/movemail/Makefile \ -appl/push/Makefile \ -appl/sample/Makefile \ -appl/xnlock/Makefile \ -appl/kx/Makefile \ -appl/kip/Makefile \ -appl/otp/Makefile \ -doc/Makefile \ -etc/inetd.conf.changes \ -) dnl end of AC_OUTPUT - -AC_KRB_VERSION diff --git a/crypto/kerberosIV/doc/Makefile.in b/crypto/kerberosIV/doc/Makefile.in deleted file mode 100644 index bbf870ece21b..000000000000 --- a/crypto/kerberosIV/doc/Makefile.in +++ /dev/null @@ -1,78 +0,0 @@ -# $Id: Makefile.in,v 1.19 1999/09/28 12:35:11 assar Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs -MAKEINFO = @MAKEINFO@ -TEXI2DVI = texi2dvi -TEXI2HTML = texi2html - -prefix = @prefix@ -infodir = @infodir@ - -TEXI_SOURCES = ack.texi \ - index.texi \ - install.texi \ - intro.texi \ - kth-krb.texi \ - otp.texi \ - problems.texi \ - setup.texi \ - whatis.texi - -all: info - -install: all installdirs - if test -f kth-krb.info; then \ - $(INSTALL_DATA) kth-krb.info $(DESTDIR)$(infodir)/kth-krb.info; \ - else \ - $(INSTALL_DATA) $(srcdir)/kth-krb.info $(DESTDIR)$(infodir)/kth-krb.info; \ - fi - if test -f $(DESTDIR)$(infodir)/dir ; then :; else \ - $(INSTALL_DATA) $(srcdir)/dir $(DESTDIR)$(infodir)/dir; \ - fi - -if $(SHELL) -c 'install-info --version' >/dev/null 2>&1; then \ - install-info --dir-file=$(DESTDIR)$(infodir)/dir $(DESTDIR)$(infodir)/kth-krb.info; \ - else \ - true; \ - fi - -uninstall: - rm -f $(DESTDIR)$(infodir)/kth-krb.info - -installdirs: - $(MKINSTALLDIRS) $(DESTDIR)$(infodir) - -info: kth-krb.info - -kth-krb.info: $(TEXI_SOURCES) - $(MAKEINFO) --no-split -I$(srcdir) -o $@ $(srcdir)/kth-krb.texi - -dvi: kth-krb.dvi - -kth-krb.dvi: $(TEXI_SOURCES) - $(TEXI2DVI) $(srcdir)/kth-krb.texi - -html: kth-krb.html - -kth-krb.html: $(TEXI_SOURCES) - $(TEXI2HTML) $(srcdir)/kth-krb.texi - -clean: - rm -f *.aux *.cp *.cps *.dvi *.fn *.ky *.log *.pg *.toc *.tp *.vr - -distclean: clean - -mostlyclean: clean - -maintainer-clean: clean - rm -f *.info* - -check: - -.PHONY: all install uninstall installdirs info dvi html clean distclean mostlyclean maintainer-clean check diff --git a/crypto/kerberosIV/doc/ack.texi b/crypto/kerberosIV/doc/ack.texi deleted file mode 100644 index 327220c991e0..000000000000 --- a/crypto/kerberosIV/doc/ack.texi +++ /dev/null @@ -1,106 +0,0 @@ -@node Acknowledgments, Index, Resolving frequent problems, Top -@comment node-name, next, previous, up -@appendix Acknowledgments - -People from the MIT Athena project wrote the original code that this is -based on. @w{Kerberos 4} @w{patch-level 9} was stripped of both the -encryption functions and the calls to them. This was exported from the -US as the ``Bones'' release. Eric Young put back the calls and hooked -in his libdes, thereby creating the ``eBones'' release. -@cindex Bones -@cindex eBones - -The ``rcmd'' programs where initially developed at the University of -California at Berkeley and then hacked on by the FreeBSD and NetBSD -projects. - -Berkeley also wrote @code{ftp}, @code{ftpd}, @code{telnet}, and -@code{telnetd}. The authentication and encryption code of @code{telnet} -and @code{telnetd} was added by David Borman (then of Cray Research, -Inc). The encryption code was removed when this was exported and then -added back by Juha Eskelinen, @code{}. - -The @code{popper} was also a Berkeley program initially. - -The @code{login} has the same origins but has received code written by -Wietse Venema at Eindhoven University of Technology, The Netherlands. - -@code{movemail} was (at least partially) written by Jonathan Kamens, -@code{}, and is Copyright @copyright{} 1986, 1991, -1992, 1993, 1994 Free Software Foundation, Inc. - -@code{xnlock} was originally written by Dan Heller in 1985 for sunview. -The X version was written by him in 1990. - -Some of the functions in @file{libroken} also come from Berkeley by the -way of NetBSD/FreeBSD. - -The code to handle the dynamic loading of the AFS module for AIX is -copyright @copyright{} 1992 HELIOS Software GmbH 30159 Hannover, -Germany. - -@code{editline} was written by Simmule Turner and Rich Salz. - -Bugfixes and code has been contributed by: -@table @asis -@item Derrick J Brashear -@code{} -@item Anders Gertz -@code{} -@item Dejan Ilic -@code{} -@item Kent Engström -@code{} -@item Simon Josefsson -@code{} -@item Robert Malmgren -@code{} -@item Fredrik Ljungberg -@code{} -@item Joakim Fallsjö -@code{jfa@@pobox.se} -@item Lars Malinowsky -@code{} -@item Fabien Coelho -@code{} -@item Chris Chiappa -@code{} -@item Gregory S. Stark -@code{} -@item Love Hörnquist-Åstrand -@code{} -@item Daniel Staaf -@code{} -@item Magnus Ahltorp -@code{} -@item Robert Burgess -@code{} -@item Lars Arvestad -@code{} -@item Jörgen Wahlsten -@code{} -@item Daniel Staaf -@code{} -@item R Lindsay Todd -@code{} -@item Åke Sandgren -@code{} -@item Thomas Nyström -@code{} -@item and we hope that those not mentioned here will forgive us. -@end table - -Ian Marsh @code{} removed the worst abuses of the English -language from this text. - -Ilja Hallberg @code{} is still promising to help us -finish the documentation. - -This work was supported in part by SUNET and the Centre for Parallel -Computers at KTH. - -The port to Windows 95/NT was supported by the Computer Council at KTH -and done by Jörgen Karlsson @code{}. - -All the bugs were introduced by ourselves. - diff --git a/crypto/kerberosIV/doc/dir b/crypto/kerberosIV/doc/dir deleted file mode 100644 index 911f622a2c9d..000000000000 --- a/crypto/kerberosIV/doc/dir +++ /dev/null @@ -1,17 +0,0 @@ -$Id: dir,v 1.1 1997/06/12 16:15:21 joda Exp $ -This is the file .../info/dir, which contains the topmost node of the -Info hierarchy. The first time you invoke Info you start off -looking at that node, which is (dir)Top. - -File: dir Node: Top This is the top of the INFO tree - - This (the Directory node) gives a menu of major topics. - Typing "q" exits, "?" lists all Info commands, "d" returns here, - "h" gives a primer for first-timers, - "mEmacs" visits the Emacs topic, etc. - - In Emacs, you can click mouse button 2 on a menu item or cross reference - to select it. - -* Menu: - diff --git a/crypto/kerberosIV/doc/index.texi b/crypto/kerberosIV/doc/index.texi deleted file mode 100644 index ebe5d911ce0c..000000000000 --- a/crypto/kerberosIV/doc/index.texi +++ /dev/null @@ -1,6 +0,0 @@ -@node Index, , Acknowledgments, Top -@comment node-name, next, previous, up -@unnumbered Index - -@printindex cp - diff --git a/crypto/kerberosIV/doc/install.texi b/crypto/kerberosIV/doc/install.texi deleted file mode 100644 index 26d2abf39412..000000000000 --- a/crypto/kerberosIV/doc/install.texi +++ /dev/null @@ -1,496 +0,0 @@ -@node Installing programs, How to set up a realm, What is Kerberos?, Top -@chapter Installing programs - -You have a choise to either build the distribution from source code or -to install binaries, if they are available for your machine. - -@c XXX - -We recommend building from sources, but using pre-compiled binaries -might be easier. If there are no binaries available for your machine or -you want to do some specific configuration, you will have to compile -from source. - -@menu -* Installing from source:: -* Installing a binary distribution:: -* Finishing the installation:: -* .klogin:: -* Authentication modules:: -@end menu - -@node Installing from source, Installing a binary distribution, Installing programs, Installing programs -@comment node-name, next, previous, up -@section Installing from source - -To build this software un-tar the distribution and run the -@code{configure} script. - -To compile successfully, you will need an ANSI C compiler, such as -@code{gcc}. Other compilers might also work, but setting the ``ANSI -compliance'' too high, might break in parts of the code, not to mention -the standard include files. - -To build in a separate build tree, run @code{configure} in the directory -where the tree should reside. You will need a Make that understands -VPATH correctly. GNU Make works fine. - -After building everything (which will take anywhere from a few minutes -to a long time), you can install everything in @file{/usr/athena} with -@kbd{make install} (running as root). It is possible to install in some -other place, but it isn't recommended. To do this you will have to run -@code{configure} with @samp{--prefix=/my/path}. - -If you need to change the default behavior, configure understands the -following options: - -@table @asis -@item @kbd{--enable-shared} -Create shared versions of the Kerberos libraries. Not really -recommended and might not work on all systems. - -@item @kbd{--with-ld-flags=}@var{flags} -This allows you to specify which extra flags to pass to @code{ld}. Since -this @emph{overrides} any choices made by configure, you should only use -this if you know what you are doing. - -@item @kbd{--with-cracklib=}@var{dir} -Use cracklib for password quality control in -@pindex kadmind -@code{kadmind}. This option requires -@cindex cracklib -cracklib with the patch from -@url{ftp://ftp.pdc.kth.se/pub/krb/src/cracklib.patch}. - -@item @kbd{--with-dictpath=}@var{dictpath} -This is the dictionary that cracklib should use. - -@item @kbd{--with-socks=}@var{dir} -@cindex firewall -@cindex socks -If you have to traverse a firewall and it uses the SocksV5 protocol -(@cite{RFC 1928}), you can build with socks-support. Point @var{dir} to -the directory where you have socks5 installed. For more information -about socks see @url{http://www.socks.nec.com/}. - -@item @kbd{--with-readline=}@var{dir} -@cindex readline -To enable history/line editing in @code{ftp} and @code{kadmin}, any -present version of readline will be used. If you have readline -installed but in a place where configure does not manage to find it, -you can use this option. The code also looks for @code{libedit}. If -there is no library at all, the bundled version of @code{editline} will -be used. - -@item @kbd{--with-mailspool=}@var{dir} -The configuration process tries to determine where your machine stores -its incoming mail. This is typically @file{/usr/spool/mail} or -@file{/var/mail}. If it does not work or you store your mail in some -unusual directory, this option can be used to specify where the mail -spool directory is located. This directory is only accessed by -@pindex popper -@code{popper}, and the mail check in -@pindex login -@code{login}. - -@item @kbd{--with-hesiod=}@var{dir} -@cindex Hesiod -Enable the Hesiod support in -@pindex push -@code{push}. With this option, it will try -to use the hesiod library to locate the mail post-office for the user. - -@c @item @kbd{--enable-random-mkey} -@c Do not use this option unless you think you know what you are doing. - -@item @kbd{--with-mkey=}@var{file} -Put the master key here, the default is @file{/.k}. - -@item @kbd{--with-db-dir=}@var{dir} -Where the kerberos database should be stored. The default is -@file{/var/kerberos}. - -@item @kbd{--without-berkeley-db} -If you have -@cindex Berkeley DB -Berkeley DB installed, it is preferred over -@c XXX -dbm. If you already are running Kerberos this option might be useful, -since there currently isn't an easy way to convert a dbm database to a -db one (you have to dump the old database and then load it with the new -binaries). - -@item @kbd{--without-afs-support} -Do not include AFS support. - -@item @kbd{--with-afsws=}@var{dir} -Where your AFS client installation resides. The default is -@file{/usr/afsws}. - -@item @kbd{--enable-rxkad} -Build the rxkad library. Normally automatically included if there is AFS. - -@item @kbd{--disable-dynamic-afs} -The AFS support in AIX consists of a shared library that is loaded at -runtime. This option disables this, and links with static system -calls. Doing this will make the built binaries crash on a machine that -doesn't have AFS in the kernel (for instance if the AFS module fails to -load at boot). - -@item @kbd{--with-mips-api=}@var{api} -This option enables creation of different types of binaries on Irix. -The allowed values are @kbd{32}, @kbd{n32}, and @kbd{64}. - -@item @kbd{--enable-legacy-kdestroy} -This compile-time option creates a @code{kdestroy} that does not destroy -any AFS tokens. - -@item @kbd{--disable-otp} -Do not build the OTP (@pxref{One-Time Passwords}) library and programs, -and do not include OTP support in the application programs. - -@item @kbd{--enable-match-subdomains} -Normally, the host @samp{host.domain} will be considered to be part of -the realm @samp{DOMAIN}. With this option will also enable hosts of the -form @samp{host.sub.domain}, @samp{host.sub1.sub2.domain}, and so on to -be considered part of the realm @samp{DOMAIN}. - -@item @kbd{--enable-osfc2} -Enable the use of enhanced C2 security on OSF/1. @xref{Digital SIA}. - -@item @kbd{--disable-mmap} -Do not use the mmap system call. Normally, configure detects if there -is a working mmap and it is only used if there is one. Only try this -option if it fails to work anyhow. - -@item @kbd{--disable-cat-manpages} -Do not install preformatted man pages. - -@c --with-des-quad-checksum - -@end table - -@node Installing a binary distribution, Finishing the installation, Installing from source, Installing programs -@comment node-name, next, previous, up -@section Installing a binary distribution - -The binary distribution is supposed to be installed in -@file{/usr/athena}, installing in some other place may work but is not -recommended. A symlink from @file{/usr/athena} to the install directory -should be fine. - -@node Finishing the installation, .klogin, Installing a binary distribution, Installing programs -@section Finishing the installation - -@pindex su -The only program that needs to be installed setuid to root is @code{su}. - -If -@pindex rlogin -@pindex rsh -@code{rlogin} and @code{rsh} are setuid to root they will fall back to -non-kerberised protocols if the kerberised ones fail for some -reason. The old protocols use reserved ports as security, and therefore -the programs have to be setuid to root. If you don't need this -functionality consider turning off the setuid bit. - -@pindex login -@code{login} does not have to be setuid, as it is always run by root -(users should use @code{su} rather than @code{login}). It will print a -helpful message when not setuid to root and run by a user. - -The programs intended to be run by users are located in -@file{/usr/athena/bin}. Inform your users to include -@file{/usr/athena/bin} in their paths, or copy or symlink the binaries -to some good place. The programs that you will want to use are: -@code{kauth}/@code{kinit}, -@pindex kauth -@pindex kinit -@code{klist}, @code{kdestroy}, @code{kpasswd}, @code{ftp}, -@pindex klist -@pindex kdestroy -@pindex kpasswd -@pindex ftp -@code{telnet}, @code{rcp}, @code{rsh}, @code{rlogin}, @code{su}, -@pindex telnet -@pindex rcp -@pindex rsh -@pindex rlogin -@pindex su -@pindex xnlock -@pindex afslog -@pindex pagsh -@pindex rxtelnet -@pindex tenletxr -@pindex rxterm -@code{rxtelnet}, @code{tenletxr}, @code{rxterm}, and -@code{xnlock}. If you are using AFS, @code{afslog} and @code{pagsh} -might also be useful. Administrators will want to use @code{kadmin} and -@code{ksrvutil}, which are located in @file{/usr/athena/sbin}. -@pindex kadmin -@pindex ksrvutil - -@code{telnetd} and @code{rlogind} assume that @code{login} is located in -@file{/usr/athena/bin} (or whatever path you used as -@samp{--prefix}). If for some reason you want to move @code{login}, you -will have to specify the new location with the @samp{-L} switch when -configuring -@pindex telnetd -telnetd -and -@pindex rlogind -rlogind -in @file{inetd.conf}. - -It should be possible to replace the system's default @code{login} with -the kerberised @code{login}. However some systems assume that login -performs some serious amount of magic that our login might not do (although -we've tried to do our best). So before replacing it on every machine, -try and see what happens. Another thing to try is to use one of the -authentication modules (@pxref{Authentication modules}) supplied. - -The @code{login} program that we use was in an earlier life the standard -login program from NetBSD. In order to use it with a lot of weird -systems, it has been ``enhanced'' with features from many other logins -(Solaris, SunOS, IRIX, AIX, and others). Some of these features are -actually useful and you might want to use them even on other systems. - -@table @file -@item /etc/fbtab -@pindex fbtab -@itemx /etc/logindevperm -@pindex logindevperm -Allows you to chown some devices when a user logs in on a certain -terminal. Commonly used to change the ownership of @file{/dev/mouse}, -@file{/dev/kbd}, and other devices when someone logs in on -@file{/dev/console}. - -@file{/etc/fbtab} is the SunOS file name and it is tried first. If -there is no such file then the Solaris file name -@file{/etc/logindevperm} is tried. -@item /etc/environment -@pindex environment -This file specifies what environment variables should be set when a user -logs in. (AIX-style) -@item /etc/default/login -@pindex default/login -Almost the same as @file{/etc/environment}, but the System V style. -@item /etc/login.access -@pindex login.access -Can be used to control who is allowed to login from where and on what -ttys. (From Wietse Venema) -@end table - -@menu -* .klogin:: -* Authentication modules:: -@end menu - -@node .klogin, Authentication modules, Finishing the installation, Installing programs -@comment node-name, next, previous, up - -Each user can have an authorization file @file{~@var{user}/.klogin} -@pindex .klogin -that -determines what principals can login as that user. It is similar to the -@file{~user/.rhosts} except that it does not use IP and privileged-port -based authentication. If this file does not exist, the user herself -@samp{user@@LOCALREALM} will be allowed to login. Supplementary local -realms (@pxref{Install the configuration files}) also apply here. If the -file exists, it should contain the additional principals that are to -be allowed to login as the local user @var{user}. - -This file is consulted by most of the daemons (@code{rlogind}, -@code{rshd}, @code{ftpd}, @code{telnetd}, @code{popper}, @code{kauthd}, and -@code{kxd}) -@pindex rlogind -@pindex rshd -@pindex ftpd -@pindex telnetd -@pindex popper -@pindex kauthd -@pindex kxd -to determine if the -principal requesting a service is allowed to receive it. It is also -used by -@pindex su -@code{su}, which is a good way of keeping an access control list (ACL) -on who is allowed to become root. Assuming that @file{~root/.klogin} -contains: - -@example -nisse.root@@FOO.SE -lisa.root@@FOO.SE -@end example - -both nisse and lisa will be able to su to root by entering the password -of their root instance. If that fails or if the user is not listed in -@file{~root/.klogin}, @code{su} falls back to the normal policy of who -is permitted to su. Also note that that nisse and lisa can login -with e.g. @code{telnet} as root provided that they have tickets for -their root instance. - -@node Authentication modules, , .klogin, Installing programs -@comment node-name, next, previous, up -@section Authentication modules -The problem of having different authentication mechanisms has been -recognised by several vendors, and several solutions has appeared. In -most cases these solutions involve some kind of shared modules that are -loaded at run-time. Modules for some of these systems can be found in -@file{lib/auth}. Presently there are modules for Digital's SIA, -Solaris' and Linux' PAM, and IRIX' @code{login} and @code{xdm} (in -@file{lib/auth/afskauthlib}). - -@menu -* Digital SIA:: -* IRIX:: -* PAM:: -@end menu - -@node Digital SIA, IRIX, Authentication modules, Authentication modules -@subsection Digital SIA - -To install the SIA module you will have to do the following: - -@itemize @bullet - -@item -Make sure @file{libsia_krb4.so} is available in -@file{/usr/athena/lib}. If @file{/usr/athena} is not on local disk, you -might want to put it in @file{/usr/shlib} or someplace else. If you do, -you'll have to edit @file{krb4_matrix.conf} to reflect the new location -(you will also have to do this if you installed in some other directory -than @file{/usr/athena}). If you built with shared libraries, you will -have to copy the shared @file{libkrb.so}, @file{libdes.so}, -@file{libkadm.so}, and @file{libkafs.so} to a place where the loader can -find them (such as @file{/usr/shlib}). -@item -Copy (your possibly edited) @file{krb4_matrix.conf} to @file{/etc/sia}. -@item -Apply @file{security.patch} to @file{/sbin/init.d/security}. -@item -Turn on KRB4 security by issuing @kbd{rcmgr set SECURITY KRB4} and -@kbd{rcmgr set KRB4_MATRIX_CONF krb4_matrix.conf}. -@item -Digital thinks you should reboot your machine, but that really shouldn't -be necessary. It's usually sufficient just to run -@kbd{/sbin/init.d/security start} (and restart any applications that use -SIA, like @code{xdm}.) -@end itemize - -Users with local passwords (like @samp{root}) should be able to login -safely. - -When using Digital's xdm the @samp{KRBTKFILE} environment variable isn't -passed along as it should (since xdm zaps the environment). Instead you -have to set @samp{KRBTKFILE} to the correct value in -@file{/usr/lib/X11/xdm/Xsession}. Add a line similar to -@example -KRBTKFILE=/tmp/tkt`id -u`_`ps -o ppid= -p $$`; export KRBTKFILE -@end example -If you use CDE, @code{dtlogin} allows you to specify which additional -environment variables it should export. To add @samp{KRBTKFILE} to this -list, edit @file{/usr/dt/config/Xconfig}, and look for the definition of -@samp{exportList}. You want to add something like: -@example -Dtlogin.exportList: KRBTKFILE -@end example - -@subsubheading Notes to users with Enhanced security - -Digital's @samp{ENHANCED} (C2) security, and Kerberos solves two -different problems. C2 deals with local security, adds better control of -who can do what, auditing, and similar things. Kerberos deals with -network security. - -To make C2 security work with Kerberos you will have to do the -following. - -@itemize @bullet -@item -Replace all occurencies of @file{krb4_matrix.conf} with -@file{krb4+c2_matrix.conf} in the directions above. -@item -You must enable ``vouching'' in the @samp{default} database. This will -make the OSFC2 module trust other SIA modules, so you can login without -giving your C2 password. To do this use @samp{edauth} to edit the -default entry @kbd{/usr/tcb/bin/edauth -dd default}, and add a -@samp{d_accept_alternate_vouching} capability, if not already present. -@item -For each user that does @emph{not} have a local C2 password, you should -set the password expiration field to zero. You can do this for each -user, or in the @samp{default} table. To do this use @samp{edauth} to -set (or change) the @samp{u_exp} capability to @samp{u_exp#0}. -@item -You also need to be aware that the shipped @file{login}, @file{rcp}, and -@file{rshd}, doesn't do any particular C2 magic (such as checking to -various forms of disabled accounts), so if you rely on those features, -you shouldn't use those programs. If you configure with -@samp{--enable-osfc2}, these programs will, however, set the login -UID. Still: use at your own risk. -@end itemize - -At present @samp{su} does not accept the vouching flag, so it will not -work as expected. - -Also, kerberised ftp will not work with C2 passwords. You can solve this -by using both Digital's ftpd and our on different ports. - -@strong{Remember}, if you do these changes you will get a system that -most certainly does @emph{not} fulfill the requirements of a C2 -system. If C2 is what you want, for instance if someone else is forcing -you to use it, you're out of luck. If you use enhanced security because -you want a system that is more secure than it would otherwise be, you -probably got an even more secure system. Passwords will not be sent in -the clear, for instance. - -@node IRIX, PAM, Digital SIA, Authentication modules -@subsection IRIX - -The IRIX support is a module that is compatible with Transarc's -@file{afskauthlib.so}. It should work with all programs that use this -library, this should include @file{login} and @file{xdm}. - -The interface is not very documented but it seems that you have to copy -@file{libkafs.so}, @file{libkrb.so}, and @file{libdes.so} to -@file{/usr/lib}, or build your @file{afskauthlib.so} statically. - -The @file{afskauthlib.so} itself is able to reside in -@file{/usr/vice/etc}, @file{/usr/afsws/lib}, or the current directory -(wherever that is). - -IRIX 6.4 and newer seems to have all programs (including @file{xdm} and -@file{login}) in the N32 object format, whereas in older versions they -were O32. For it to work, the @file{afskauthlib.so} library has to be in -the same object format as the program that tries to load it. This might -require that you have to configure and build for O32 in addition to the -default N32. - -Appart from this it should ``just work'', there are no configuration -files. - -@node PAM, , IRIX, Authentication modules -@subsection PAM - -The PAM module was written more out of curiosity that anything else. It -has not been updated for quite a while, but it seems to mostly work on -both Linux and Solaris. - -To use this module you should: - -@itemize @bullet -@item -Make sure @file{pam_krb4.so} is available in @file{/usr/athena/lib}. You -might actually want it on local disk, so @file{/lib/security} might be a -better place if @file{/usr/athena} is not local. -@item -Look at @file{pam.conf.add} for examples of what to add to -@file{/etc/pam.conf}. -@end itemize - -There is currently no support for changing kerberos passwords. Use -kpasswd instead. - -See also Derrick J Brashear's @code{} Kerberos PAM -module at @* @url{ftp://ftp.dementia.org/pub/pam}. It has a lot more -features, and it is also more in line with other PAM modules. diff --git a/crypto/kerberosIV/doc/intro.texi b/crypto/kerberosIV/doc/intro.texi deleted file mode 100644 index 7a28533cf343..000000000000 --- a/crypto/kerberosIV/doc/intro.texi +++ /dev/null @@ -1,41 +0,0 @@ -@node Introduction, What is Kerberos?, Top, Top -@comment node-name, next, previous, up -@chapter Introduction - -This is an attempt at documenting the Kerberos 4 distribution from -Kungliga Tekniska Högskolan (the Royal Institute of Technology in -Stockholm, Sweden). This distribution is based on eBones, but has been -improved in many ways. It is more portable, and several new features -have been added. It should run on any reasonably modern unix-like -system. - -In addition, some part compile and work on: - -@itemize @bullet -@item -OS/2 with EMX -@item -Windows 95/NT with gnu-win32 (with the proper amount of magic the -libraries should compile with Microsoft C as well) -@end itemize - -It should work on anything that is almost POSIX, has an ANSI C -compiler, a dbm library (for the server side), and BSD Sockets. - -A web-page is available at @url{http://www.pdc.kth.se/kth-krb/}. - -@heading Bug reports - -If you cannot build the programs or they do not behave as you think they -should, please send us a bug report. The bug report should be sent to -@code{}. Please include information on what -machine and operating system (including version) you are running, what -you are trying to do, what happens, what you think should have happened, -an example for us to repeat, the output you get when trying the example, -and a patch for the problem if you have one. Please make any patches -with @code{diff -u} or @code{diff -c}. The more detailed the bug report -is, the easier it will be for us to reproduce, understand, and fix it. - -Suggestions, comments and other non bug reports are welcome. Send them -to @code{}. - diff --git a/crypto/kerberosIV/doc/kth-krb.texi b/crypto/kerberosIV/doc/kth-krb.texi deleted file mode 100644 index 7898dffb86c6..000000000000 --- a/crypto/kerberosIV/doc/kth-krb.texi +++ /dev/null @@ -1,303 +0,0 @@ -\input texinfo @c -*- texinfo -*- -@c %**start of header -@c $Id: kth-krb.texi,v 1.80 1999/12/02 16:58:35 joda Exp $ -@c $FreeBSD$ -@setfilename kth-krb.info -@settitle KTH-KRB -@iftex -@afourpaper -@end iftex -@c some sensible characters, please? -@tex -\input latin1.tex -@end tex -@setchapternewpage on -@syncodeindex pg cp -@c %**end of header - -@ifinfo -@dircategory Kerberos -@direntry -* Kth-krb: (kth-krb). The Kerberos IV distribution from KTH -@end direntry -@end ifinfo - -@c title page -@titlepage -@title KTH-KRB -@subtitle Kerberos 4 from KTH -@subtitle For release 0.10. -@subtitle 1999 -@author Johan Danielsson -@author Assar Westerlund -@author last updated $Date: 1999/12/02 16:58:35 $ - -@def@copynext{@vskip 20pt plus 1fil@penalty-1000} -@def@copyrightstart{} -@def@copyrightend{} -@page -@copyrightstart -Copyright (c) 1995-1999 Kungliga Tekniska Högskolan -(Royal Institute of Technology, Stockholm, Sweden). -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. Neither the name of the Institute nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (C) 1995 Eric Young (eay@@mincom.oz.au) -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by Eric Young (eay@@mincom.oz.au) - -THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (c) 1983, 1990 The Regents of the University of California. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions -are met: - -1. Redistributions of source code must retain the above copyright - notice, this list of conditions and the following disclaimer. - -2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - -3. All advertising materials mentioning features or use of this software - must display the following acknowledgement: - This product includes software developed by the University of - California, Berkeley and its contributors. - -4. Neither the name of the University nor the names of its contributors - may be used to endorse or promote products derived from this software - without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -SUCH DAMAGE. - -@copynext - -Copyright (C) 1990 by the Massachusetts Institute of Technology - -Export of this software from the United States of America is assumed -to require a specific license from the United States Government. -It is the responsibility of any person or organization contemplating -export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - -@copynext - -Copyright 1987, 1989 by the Student Information Processing Board - of the Massachusetts Institute of Technology - -Permission to use, copy, modify, and distribute this software -and its documentation for any purpose and without fee is -hereby granted, provided that the above copyright notice -appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, -and that the names of M.I.T. and the M.I.T. S.I.P.B. not be -used in advertising or publicity pertaining to distribution -of the software without specific, written prior permission. -M.I.T. and the M.I.T. S.I.P.B. make no representations about -the suitability of this software for any purpose. It is -provided "as is" without express or implied warranty. - -@copynext - -Copyright 1992 Simmule Turner and Rich Salz. All rights reserved. - -This software is not subject to any license of the American Telephone -and Telegraph Company or of the Regents of the University of California. - -Permission is granted to anyone to use this software for any purpose on -any computer system, and to alter it and redistribute it freely, subject -to the following restrictions: - -1. The authors are not responsible for the consequences of use of this - software, no matter how awful, even if they arise from flaws in it. - -2. The origin of this software must not be misrepresented, either by - explicit claim or by omission. Since few users ever read sources, - credits must appear in the documentation. - -3. Altered versions must be plainly marked as such, and must not be - misrepresented as being the original software. Since few users - ever read sources, credits must appear in the documentation. - -4. This notice may not be removed or altered. - -@copyrightend -@end titlepage - -@c Less filling! Tastes great! -@iftex -@parindent=0pt -@global@parskip 6pt plus 1pt -@global@chapheadingskip = 15pt plus 4pt minus 2pt -@global@secheadingskip = 12pt plus 3pt minus 2pt -@global@subsecheadingskip = 9pt plus 2pt minus 2pt -@end iftex -@ifinfo -@paragraphindent 0 -@end ifinfo - -@ifinfo -@node Top, Introduction, (dir), (dir) -@top KTH-krb -@end ifinfo - -@menu -* Introduction:: -* What is Kerberos?:: -* Installing programs:: -* How to set up a realm:: -* One-Time Passwords:: -* Resolving frequent problems:: -* Acknowledgments:: -* Index:: - -@detailmenu - --- The Detailed Node Listing --- - -Installing programs - -* Installing from source:: -* Installing a binary distribution:: -* Finishing the installation:: -* Authentication modules:: - -Finishing the installation - -* Authentication modules:: - -Authentication modules - -* Digital SIA:: -* IRIX:: -* PAM:: - -How to set up a realm - -* How to set up the kerberos server:: -* Install the client programs:: -* Install the kerberised services:: -* Install a slave kerberos server:: -* Cross-realm functionality :: - -How to set up the kerberos server - -* Choose a realm name:: -* Choose a kerberos server:: -* Install the configuration files:: -* Install the /etc/services:: -* Install the kerberos server:: -* Set up the server:: -* Add a few important principals:: -* Start the server:: -* Try to get tickets:: -* Create initial ACL for the admin server:: -* Start the admin server:: -* Add users to the database:: -* Automate the startup of the servers:: - -One-Time Passwords - -* What are one time passwords?:: -* When to use one time passwords?:: -* Configuring OTPs:: - -Resolving frequent problems - -* Problems compiling Kerberos:: -* Problems with firewalls:: -* Common error messages:: -* Is Kerberos year 2000 safe?:: - -@end detailmenu -@end menu - -@include intro.texi -@include whatis.texi -@include install.texi -@include setup.texi -@include otp.texi -@include problems.texi -@include ack.texi -@include index.texi - -@c @shortcontents -@contents - -@bye diff --git a/crypto/kerberosIV/doc/latin1.tex b/crypto/kerberosIV/doc/latin1.tex deleted file mode 100644 index e683dd271dc1..000000000000 --- a/crypto/kerberosIV/doc/latin1.tex +++ /dev/null @@ -1,95 +0,0 @@ -% ISO Latin 1 (ISO 8859/1) encoding for Computer Modern fonts. -% Jan Michael Rynning 1990-10-12 -\def\inmathmode#1{\relax\ifmmode#1\else$#1$\fi} -\global\catcode`\^^a0=\active \global\let^^a0=~ % no-break space -\global\catcode`\^^a1=\active \global\def^^a1{!`} % inverted exclamation mark -\global\catcode`\^^a2=\active \global\def^^a2{{\rm\rlap/c}} % cent sign -\global\catcode`\^^a3=\active \global\def^^a3{{\it\$}} % pound sign -% currency sign, yen sign, broken bar -\global\catcode`\^^a7=\active \global\let^^a7=\S % section sign -\global\catcode`\^^a8=\active \global\def^^a8{\"{}} % diaeresis -\global\catcode`\^^a9=\active \global\let^^a9=\copyright % copyright sign -% feminine ordinal indicator, left angle quotation mark -\global\catcode`\^^ac=\active \global\def^^ac{\inmathmode\neg}% not sign -\global\catcode`\^^ad=\active \global\let^^ad=\- % soft hyphen -% registered trade mark sign -\global\catcode`\^^af=\active \global\def^^af{\={}} % macron -% ... -\global\catcode`\^^b1=\active \global\def^^b1{\inmathmode\pm} % plus minus -\global\catcode`\^^b2=\active \global\def^^b2{\inmathmode{{^2}}} -\global\catcode`\^^b3=\active \global\def^^b3{\inmathmode{{^3}}} -\global\catcode`\^^b4=\active \global\def^^b4{\'{}} % acute accent -\global\catcode`\^^b5=\active \global\def^^b5{\inmathmode\mu} % mu -\global\catcode`\^^b6=\active \global\let^^b6=\P % pilcroy -\global\catcode`\^^b7=\active \global\def^^b7{\inmathmode{{\cdot}}} -\global\catcode`\^^b8=\active \global\def^^b8{\c{}} % cedilla -\global\catcode`\^^b9=\active \global\def^^b9{\inmathmode{{^1}}} -% ... -\global\catcode`\^^bc=\active \global\def^^bc{\inmathmode{{1\over4}}} -\global\catcode`\^^bd=\active \global\def^^bd{\inmathmode{{1\over2}}} -\global\catcode`\^^be=\active \global\def^^be{\inmathmode{{3\over4}}} -\global\catcode`\^^bf=\active \global\def^^bf{?`} % inverted question mark -\global\catcode`\^^c0=\active \global\def^^c0{\`A} -\global\catcode`\^^c1=\active \global\def^^c1{\'A} -\global\catcode`\^^c2=\active \global\def^^c2{\^A} -\global\catcode`\^^c3=\active \global\def^^c3{\~A} -\global\catcode`\^^c4=\active \global\def^^c4{\"A} % capital a with diaeresis -\global\catcode`\^^c5=\active \global\let^^c5=\AA % capital a with ring above -\global\catcode`\^^c6=\active \global\let^^c6=\AE -\global\catcode`\^^c7=\active \global\def^^c7{\c C} -\global\catcode`\^^c8=\active \global\def^^c8{\`E} -\global\catcode`\^^c9=\active \global\def^^c9{\'E} -\global\catcode`\^^ca=\active \global\def^^ca{\^E} -\global\catcode`\^^cb=\active \global\def^^cb{\"E} -\global\catcode`\^^cc=\active \global\def^^cc{\`I} -\global\catcode`\^^cd=\active \global\def^^cd{\'I} -\global\catcode`\^^ce=\active \global\def^^ce{\^I} -\global\catcode`\^^cf=\active \global\def^^cf{\"I} -% capital eth -\global\catcode`\^^d1=\active \global\def^^d1{\~N} -\global\catcode`\^^d2=\active \global\def^^d2{\`O} -\global\catcode`\^^d3=\active \global\def^^d3{\'O} -\global\catcode`\^^d4=\active \global\def^^d4{\^O} -\global\catcode`\^^d5=\active \global\def^^d5{\~O} -\global\catcode`\^^d6=\active \global\def^^d6{\"O} % capital o with diaeresis -\global\catcode`\^^d7=\active \global\def^^d7{\inmathmode\times}% multiplication sign -\global\catcode`\^^d8=\active \global\let^^d8=\O -\global\catcode`\^^d9=\active \global\def^^d9{\`U} -\global\catcode`\^^da=\active \global\def^^da{\'U} -\global\catcode`\^^db=\active \global\def^^db{\^U} -\global\catcode`\^^dc=\active \global\def^^dc{\"U} -\global\catcode`\^^dd=\active \global\def^^dd{\'Y} -% capital thorn -\global\catcode`\^^df=\active \global\def^^df{\ss} -\global\catcode`\^^e0=\active \global\def^^e0{\`a} -\global\catcode`\^^e1=\active \global\def^^e1{\'a} -\global\catcode`\^^e2=\active \global\def^^e2{\^a} -\global\catcode`\^^e3=\active \global\def^^e3{\~a} -\global\catcode`\^^e4=\active \global\def^^e4{\"a} % small a with diaeresis -\global\catcode`\^^e5=\active \global\let^^e5=\aa % small a with ring above -\global\catcode`\^^e6=\active \global\let^^e6=\ae -\global\catcode`\^^e7=\active \global\def^^e7{\c c} -\global\catcode`\^^e8=\active \global\def^^e8{\`e} -\global\catcode`\^^e9=\active \global\def^^e9{\'e} -\global\catcode`\^^ea=\active \global\def^^ea{\^e} -\global\catcode`\^^eb=\active \global\def^^eb{\"e} -\global\catcode`\^^ec=\active \global\def^^ec{\`\i} -\global\catcode`\^^ed=\active \global\def^^ed{\'\i} -\global\catcode`\^^ee=\active \global\def^^ee{\^\i} -\global\catcode`\^^ef=\active \global\def^^ef{\"\i} -% small eth -\global\catcode`\^^f1=\active \global\def^^f1{\~n} -\global\catcode`\^^f2=\active \global\def^^f2{\`o} -\global\catcode`\^^f3=\active \global\def^^f3{\'o} -\global\catcode`\^^f4=\active \global\def^^f4{\^o} -\global\catcode`\^^f5=\active \global\def^^f5{\~o} -\global\catcode`\^^f6=\active \global\def^^f6{\"o} % small o with diaeresis -\global\catcode`\^^f7=\active \global\def^^f7{\inmathmode\div}% division sign -\global\catcode`\^^f8=\active \global\let^^f8=\o -\global\catcode`\^^f9=\active \global\def^^f9{\`u} -\global\catcode`\^^fa=\active \global\def^^fa{\'u} -\global\catcode`\^^fb=\active \global\def^^fb{\^u} -\global\catcode`\^^fc=\active \global\def^^fc{\"u} -\global\catcode`\^^fd=\active \global\def^^fd{\'y} -% capital thorn -\global\catcode`\^^ff=\active \global\def^^ff{\"y} diff --git a/crypto/kerberosIV/doc/problems.texi b/crypto/kerberosIV/doc/problems.texi deleted file mode 100644 index d7a525fd4a5a..000000000000 --- a/crypto/kerberosIV/doc/problems.texi +++ /dev/null @@ -1,342 +0,0 @@ -@node Resolving frequent problems, Acknowledgments, One-Time Passwords, Top -@chapter Resolving frequent problems - -@menu -* Problems compiling Kerberos:: -* Problems with firewalls:: -* Common error messages:: -* Is Kerberos year 2000 safe?:: -@end menu - -@node Problems compiling Kerberos, Problems with firewalls, Resolving frequent problems, Resolving frequent problems -@section Problems compiling Kerberos - -Many compilers require a switch to become ANSI compliant. Since krb4 -is written in ANSI C it is necessary to specify the name of the compiler -to be used and the required switch to make it ANSI compliant. This is -most easily done when running configure using the @kbd{env} command. For -instance to build under HP-UX using the native compiler do: - -@cartouche -@example -datan$ env CC="cc -Ae" ./configure -@end example -@end cartouche - -@cindex GCC -In general @kbd{gcc} works. The following combinations have also been -verified to successfully compile the distribution: - -@table @asis - -@item @samp{HP-UX} -@kbd{cc -Ae} -@item @samp{Digital UNIX} -@kbd{cc -std1} -@item @samp{AIX} -@kbd{xlc} -@item @samp{Solaris 2.x} -@kbd{cc} (unbundled one) -@item @samp{IRIX} -@kbd{cc} - -@end table - -@subheading Linux problems - -The libc functions gethostby*() under RedHat4.2 can sometimes cause -core dumps. If you experience these problems make sure that the file -@file{/etc/nsswitch.conf} contains a hosts entry no more complex than -the line - -@cartouche -hosts: files dns -@end cartouche - -Some systems have lost @file{/usr/include/ndbm.h} which is necessary to -build krb4 correctly. There is a @file{ndbm.h.Linux} right next to -the source distribution. - -@cindex Linux -There has been reports of non-working @file{libdb} on some Linux -distributions. If that happens, use the @kbd{--without-berkeley-db} -when configuring. - -@subheading SunOS 5 (aka Solaris 2) problems - -@cindex SunOS 5 - -When building shared libraries and using some combinations of GNU gcc/ld -you better set the environment variable RUN_PATH to /usr/athena/lib -(your target libdir). If you don't, then you will have to set -LD_LIBRARY_PATH during runtime and the PAM module will not work. - -@subheading HP-UX problems - -@cindex HP-UX -The shared library @file{/usr/lib/libndbm.sl} doesn't exist on all -systems. To make problems even worse, there is never an archive version -for static linking either. Therefore, when building ``truly portable'' -binaries first install GNU gdbm or Berkeley DB, and make sure that you -are linking against that library. - -@subheading Cray problems - -@kbd{rlogind} won't work on Crays until @code{forkpty()} has been -ported, in the mean time use @kbd{telnetd}. - -@subheading IRIX problems - -@cindex IRIX - -IRIX has three different ABI:s (Application Binary Interface), there's -an old 32 bit interface (known as O32, or just 32), a new 32 bit -interface (N32), and a 64 bit interface (64). O32 and N32 are both 32 -bits, but they have different calling conventions, and alignment -constraints, and similar. The N32 format is the default format from IRIX -6.4. - -You select ABI at compile time, and you can do this with the -@samp{--with-mips-abi} configure option. The valid arguments are -@samp{o32}, @samp{n32}, and @samp{64}, N32 is the default. Libraries for -the three different ABI:s are normally installed installed in different -directories (@samp{lib}, @samp{lib32}, and @samp{lib64}). If you want -more than one set of libraries you have to reconfigure and recompile for -each ABI, but you should probably install only N32 binaries. - -@cindex GCC -GCC had had some known problems with the different ABI:s. Old GCC could -only handle O32, newer GCC can handle N32, and 64, but not O32, but in -some versions of GCC the structure alignment was broken in N32. - -This confusion with different ABI:s can cause some trouble. For -instance, the @file{afskauthlib.so} library has to use the same ABI as -@file{xdm}, and @file{login}. The easiest way to check what ABI to use -is to run @samp{file} on @file{/usr/bin/X11/xdm}. - -@cindex AFS -Another problem that you might encounter if you run AFS is that Transarc -apparently doesn't support the 64-bit ABI, and because of this you can't -get tokens with a 64 bit application. If you really need to do this, -there is a kernel module that provides this functionality at -@url{ftp://ftp.pdc.kth.se/home/joda/irix-afs64.tar.gz}. - -@subheading AIX problems - -@cindex GCC -@kbd{gcc} version 2.7.2.* has a bug which makes it miscompile -@file{appl/telnet/telnetd/sys_term.c} (and possibily -@file{appl/bsd/forkpty.c}), if used with too much optimization. - -Some versions of the @kbd{xlc} preprocessor doesn't recognise the -(undocumented) @samp{-qnolm} option. If this option is passed to the -preprocessor (like via the configuration file @file{/etc/ibmcxx.cfg}, -configure will fail. - -The solution is to remove this option from the configuration file, -either globally, or for just the preprocessor: - -@example -$ cp /etc/ibmcxx.cfg /tmp -$ed /tmp/ibmcxx.cfg -8328 -/nolm - options = -D_AIX,-D_AIX32,-D_AIX41,-D_AIX43,-D_IBMR2,-D_POWER,-bpT:0x10000000,-bpD:0x20000000,-qnolm -s/,-qnolm//p - options = -D_AIX,-D_AIX32,-D_AIX41,-D_AIX43,-D_IBMR2,-D_POWER,-bpT:0x10000000,-bpD:0x20000000 -w -8321 -q -$ env CC=xlc CPP="xlc -E -F/tmp/ibmcxx.cfg" configure -@end example - -There is a bug in AFS 3.4 version 5.38 for AIX 4.3 that causes the -kernel to panic in some cases. There is a hack for this in @kbd{login}, -but other programs could be affected also. This seems to be fixed in -version 5.55. - -@subheading C2 problems - -@cindex C2 -The programs that checks passwords works with @file{passwd}, OTP, and -Kerberos paswords. This is problem if you use C2 security (or use some -other password database), that normally keeps passwords in some obscure -place. If you want to use Kerberos with C2 security you will have to -think about what kind of changes are necessary. See also the discussion -about Digital's SIA and C2 security, see @ref{Digital SIA}. - -@node Problems with firewalls, Common error messages, Problems compiling Kerberos, Resolving frequent problems -@section Problems with firewalls - -@cindex firewall -A firewall is a network device that filters out certain types of packets -going from one side of the firewall to the other. A firewall is supposed -to solve the same kinds of problems as Kerberos (basically hindering -unauthorised network use). The difference is that Kerberos tries to -authenticate users, while firewall splits the network in a `secure' -inside, and an `insecure' outside. - -Firewall people usually think that UDP is insecure, partly because many -`insecure' protocols use UDP. Since Kerberos by default uses UDP to send -and recieve packets, Kerberos and firewalls doesn't work very well -together. - -The symptoms of trying to use Kerberos behind a firewall is that you -can't get any tickets (@code{kinit} exits with the infamous @samp{Can't -send request} error message). - -There are a few ways to solve these problems: - -@itemize @bullet -@item -Convince your firewall administrator to open UDP port 750 or 88 for -incoming packets. This usually turns out to be difficult. -@item -Convince your firewall administrator to open TCP port 750 or 88 for -outgoing connections. This can be a lot easier, and might already be -enabled. -@item -Use TCP connections over some non-standard port. This requires that you -have to convince the administrator of the kerberos server to allow -connections on this port. -@item -@cindex HTTP -Use HTTP to get tickets. Since web-stuff has become almost infinitely -popular, many firewalls either has the HTTP port open, or has a HTTP -proxy. -@end itemize - -The last two methods might be considered to be offensive (since you are -not sending the `right' type of data in each port). You probably do best -in discussuing this with firewall administrator. - -For information on how to use other protocols when communication with -KDC, see @ref{Install the configuration files}. - -It is often the case that the firewall hides addresses on the `inside', -so it looks like all packets are coming from the firewall. Since address -of the client host is encoded in the ticket, this can cause trouble. If -you get errors like @samp{Incorrect network address}, when trying to use -the ticket, the problem is usually becuase the server you are trying to -talk to sees a different address than the KDC did. If you experience -this kind of trouble, the easiest way to solve them is probably to try -some other mechanism to fetch tickets. You might also be able to -convince the administrator of the server that the two different -addresses should be added to the @file{/etc/krb.equiv} file. - -@node Common error messages, Is Kerberos year 2000 safe?, Problems with firewalls, Resolving frequent problems -@section Common error messages - -These are some of the more obscure error messages you might encounter: - -@table @asis - -@item @samp{Time is out of bounds} - -The time on your machine differs from the time on either the kerberos -server or the machine you are trying to login to. If it isn't obvious -that this is the case, remember that all times are compared in UTC. - -On unix systems you usually can find out what the local time is by doing -@code{telnet machine daytime}. This time (again, usually is the keyword) -is with correction for time-zone and daylight savings. - -If you have problem keeping your clocks synchronized, consider using a -time keeping system such as NTP (see also the discussion in -@ref{Install the client programs}). - -@item @samp{Ticket issue date too far in the future} - -The time on the kerberos server is more than five minutes ahead of the -time on the server. - -@item @samp{Can't decode authenticator} - -This means that there is a mismatch between the service key in the -kerberos server and the service key file on the specific machine. -Either: -@itemize @bullet -@item -the server couldn't find a service key matching the request -@item -the service key (or version number) does not match the key the packet -was encrypted with -@end itemize - -@item @samp{Incorrect network address} - -The address in the ticket does not match the address you sent the -request from. This happens on systems with more than one network -address, either physically or logically. You can list addresses which -should be considered equal in @file{/etc/krb.equiv} on your servers. - -A note to programmers: a server should not pass @samp{*} as the instance -to @samp{krb_rd_req}. It should try to figure out on which interface the -request was received, for instance by using @samp{k_getsockinst}. - -If you change addresses on your computer you invalidate any tickets you -might have. The easiest way to fix this is to get new tickets with the -new address. - -@item @samp{Message integrity error} - -The packet is broken in some way: -@itemize @bullet -@item -the lengths does not match the size of the packet, or -@item -the checksum does not match the contents of the packet -@end itemize - -@item @samp{Can't send request} -There is some problem contacting the kerberos server. Either the server -is down, or it is using the wrong port (compare the entries for -@samp{kerberos-iv} in @file{/etc/services}). The client might also have -failed to guess what kerberos server to talk to (check -@file{/etc/krb.conf} and @file{/etc/krb.realms}). - -One reason you can't contact the kerberos server might be because you're -behind a firewall that doesn't allow kerberos packets to pass. For -possible solutions to this see the firewall section above. - -@item @samp{kerberos: socket: Unable to open socket...} - -The kerberos server has to open four sockets for each interface. If you -have a machine with lots of virtual interfaces, you run the risk of -running out of file descriptors. If that happens you will get this -error message. - -@item @samp{ftp: User foo access denied} - -This usually happens because the user's shell is not listed in -@file{/etc/shells}. Note that @kbd{ftpd} checks this file even on -systems where the system version does not and there is no -@file{/etc/shells}. - -@item @samp{Generic kerberos error} -This is a generic catch-all error message. - -@end table - -@node Is Kerberos year 2000 safe?, , Common error messages, Resolving frequent problems -@section Is Kerberos year 2000 safe? - -@cindex Year 2000 - -Yes. - -A somewhat longer answer is that we can't think of anything that can -break. The protocol itself doesn't use time stamps in textual form, the -two-digit year problems in the original MIT code has been fixed (this -was a problem mostly with log files). The FTP client had a bug in the -command `newer' (which fetches a file if it's newer than what you -already got). - -Another thing to look out for, but that isn't a Y2K problem per se, is -the expiration date of old principals. The MIT code set the default -expiration date for some new principals to 1999-12-31, so you might want -to check your database for things like this. - -Now, the Y2038 problem is something completely different (but the -authors should have retired by then, presumably growing rowanberrys in -some nice and warm place). diff --git a/crypto/kerberosIV/doc/setup.texi b/crypto/kerberosIV/doc/setup.texi deleted file mode 100644 index 24a955d5310c..000000000000 --- a/crypto/kerberosIV/doc/setup.texi +++ /dev/null @@ -1,905 +0,0 @@ -@node How to set up a realm, One-Time Passwords, Installing programs, Top -@chapter How to set up a realm - -@quotation -@flushleft - Who willed you? or whose will stands but mine? - There's none protector of the realm but I. - Break up the gates, I'll be your warrantize. - Shall I be flouted thus by dunghill grooms? - --- King Henry VI, 6.1 -@end flushleft -@end quotation - -@menu -* How to set up the kerberos server:: -* Install the client programs:: -* Install the kerberised services:: -* Install a slave kerberos server:: -* Cross-realm functionality :: -@end menu - -@node How to set up the kerberos server, Install the client programs, How to set up a realm, How to set up a realm -@section How to set up the kerberos server - -@menu -* Choose a realm name:: -* Choose a kerberos server:: -* Install the configuration files:: -* Install the /etc/services:: -* Install the kerberos server:: -* Set up the server:: -* Add a few important principals:: -* Start the server:: -* Try to get tickets:: -* Create initial ACL for the admin server:: -* Start the admin server:: -* Add users to the database:: -* Automate the startup of the servers:: -@end menu - -@node Choose a realm name, Choose a kerberos server, How to set up the kerberos server, How to set up the kerberos server -@subsection Choose a realm name - -A -@cindex realm -realm is an administrative domain. Kerberos realms are usually -written in uppercase and consist of a Internet domain -name@footnote{Using lowercase characters in the realm name might break -in mysterious ways. This really should have been fixed, but has not.}. -Call your realm the same as your Internet domain name if you do not have -strong reasons for not doing so. It will make life easier for you and -everyone else. - -@node Choose a kerberos server, Install the configuration files, Choose a realm name, How to set up the kerberos server -@subsection Choose a kerberos server - -You need to choose a machine to run the -@pindex kerberos -kerberos server program. If the kerberos database residing on this host -is compromised, your entire realm will be compromised. Therefore, this -machine must be as secure as possible. Preferably it should not run any -services other than Kerberos. The secure-minded administrator might -only allow logins on the console. - -This machine has also to be reliable. If it is down, you will not be -able to use any kerberised services unless you have also configured a -slave server (@pxref{Install a slave kerberos server}). - -Running the kerberos server requires very little CPU power and a small -amount of disk. An old PC with some hundreds of megabytes of free disk -space should do fine. Most of the disk space will be used for various -logs. - -@node Install the configuration files, Install the /etc/services, Choose a kerberos server, How to set up the kerberos server -@subsection Install the configuration files - -There are two important configuration files: @file{/etc/krb.conf} and -@file{/etc/krb.realms}. -@pindex krb.conf -@pindex krb.realms - -The @file{krb.conf} file determines which machines are servers for -different realms. The format of this file is: - -@example -THIS.REALM -SUPP.LOCAL.REALM -THIS.REALM kerberos.this.realm admin server -THIS.REALM kerberos-1.this.realm -SUPP.LOCAL.REALM kerberos.supp.local.realm admin server -ANOTHER.REALM kerberos.another.realm -@end example - -The first line defines the name of the local realm. The next few lines -optionally defines supplementary local realms. -@cindex supplementary local realms -The rest of the file -defines the names of the kerberos servers and the database -administration servers for all known realms. You can define any number -of kerberos slave servers similar to the one defined on line -four. Clients will try to contact servers in listed order. - -The @samp{admin server} clause at the first entry states that this is -the master server -@cindex master server -(the one to contact when modifying the database, such as changing -passwords). There should be only one such entry for each realm. - -In the original MIT Kerberos 4 (as in most others), the server -specification could only take the form of a host-name. To facilitate -having kerberos servers in odd places (such as behind a firewall), -support has been added for ports other than the default (750), and -protocols other than UDP. - -The formal syntax for an entry is now -@samp{[@var{proto}/]@var{host}[:@var{port}]}. @var{proto} is either -@samp{UDP}, @samp{TCP}, or @samp{HTTP}, and @var{port} is the port to -talk to. Default value for @var{proto} is @samp{UDP} and for @var{port} -whatever @samp{kerberos-iv} is defined to be in @file{/etc/services} or -750 if undefined. If @var{proto} is @samp{HTTP}, the default port is -80. An @samp{http} entry may also be specified in URL format. - -If the information about a realm is missing from the @file{krb.conf} -file, or if the information is wrong, the following methods will be -tried in order. - -@enumerate -@item -If you have an SRV-record (@cite{RFC 2052}) for your realm it will be -used. This record should be of the form -@samp{kerberos-iv.@var{protocol}.@var{REALM}}, where @var{proto} is -either @samp{UDP}, @samp{TCP}, or @samp{HTTP}. (Note: the current -implementation does not look at priority or weight when deciding which -server to talk to.) -@item -If there isn't any SRV-record, it tries to find a TXT-record for the -same domain. The contents of the record should have the same format as the -host specification in @file{krb.conf}. (Note: this is a temporary -solution if your name server doesn't support SRV records. The clients -should work fine with SRV records, so if your name server supports them, -they are very much preferred.) -@item -If no valid kerberos server is found, it will try to talk UDP to the -service @samp{kerberos-iv} with fall-back to port 750 with -@samp{kerberos.@var{REALM}} (which is also assumed to be the master -server), and then @samp{kerberos-1.@var{REALM}}, -@samp{kerberos-2.@var{REALM}}, and so on. -@end enumerate - -SRV records have been supported in BIND since 4.9.5T2A. An example -would look like the following in the zone file: - -@example -kerberos-iv.udp.foo.se. 1M IN SRV 1 0 750 kerberos-1.foo.se. -kerberos-iv.udp.foo.se. 1M IN SRV 0 0 750 kerberos.foo.se. -@end example - -We strongly recommend that you add a CNAME @samp{kerberos.@var{REALM}} -pointing to your kerberos master server. - -The @file{krb.realms} file is used to find out what realm a particular -host belongs to. An example of this file could look like: - -@example -this.realm THIS.REALM -.this.realm THIS.REALM -foo.com SOME.OTHER.REALM -www.foo.com A.STRANGE.REALM -.foo.com FOO.REALM -@end example - -Entries starting with a dot are taken as the name of a domain. Entries -not starting with a dot are taken as a host-name. The first entry matched -is used. The entry for @samp{this.realm} is only necessary if there is a -host named @samp{this.realm}. - -If no matching realm is found in @file{krb.realms}, DNS is searched for -the correct realm. For example, if we are looking for host @samp{a.b.c}, -@samp{krb4-realm.a.b.c} is first tried and then @samp{krb4-realm.b.c} -and so on. The entry should be a TXT record containing the name of the -realm, such as: - -@example -krb4-realm.pdc.kth.se. 7200 TXT "NADA.KTH.SE" -@end example - -If this didn't help the domain name sans the first part in uppercase is -tried. - -The plain vanilla version of Kerberos doesn't have any fancy methods of -getting realms and servers so it is generally a good idea to keep -@file{krb.conf} and @file{krb.realms} up to date. - -In addition to these commonly used files, @file{/etc/krb.extra} -@pindex krb.extra -holds some things that are not normally used. It consists of a number of -@samp{@var{variable} = @var{value}} pairs, blank lines and lines -beginning with a hash (#) are ignored. - -The currently defined variables are: - -@table @samp -@item kdc_timeout -@cindex kdc_timeout -The time in seconds to wait for an answer from the KDC (the default is 4 -seconds). -@item kdc_timesync -@cindex kdc_timesync -This flag enables storing of the time differential to the KDC when -getting an initial ticket. This differential is used later on to compute -the correct time. This can help if your machine doesn't have a working -clock. -@item firewall_address -@cindex firewall_address -The IP address that hosts outside the firewall see when connecting from -within the firewall. If this is specified, the code will try to compute -the value for @samp{reverse_lsb_test}. -@item krb4_proxy -@cindex krb4_proxy -When getting tickets via HTTP, this specifies the proxy to use. The -default is to speak directly to the KDC. -@item krb_default_tkt_root -@cindex krb_default_tkt_root -The default prefix for ticket files. The default is @file{/tmp/tkt}. -Normally the uid or tty is appended to this prefix. -@item krb_default_keyfile -@cindex krb_default_keyfile -The file where the server keys are stored, the default is @file{/etc/srvtab}. -@item nat_in_use -@cindex nat_in_use -If the client is behind a Network Address Translator (NAT). -@cindex Network Address Translator -@cindex NAT -@item reverse_lsb_test -@cindex reverse_lsb_test -Reverses the test used by @code{krb_mk_safe}, @code{krb_rd_safe}, -@code{krb_mk_priv}, and @code{krb_rd_priv} to compute the ordering of -the communicating hosts. This test can cause truble when using -firewalls. -@end table - -@node Install the /etc/services, Install the kerberos server, Install the configuration files, How to set up the kerberos server -@subsection Updating /etc/services - -You should append or merge the contents of @file{services.append} to -your @file{/etc/services} files or NIS-map. Remove any unused factory -installed kerberos port definitions to avoid possible conflicts. -@pindex services - -Most of the programs will fall back to the default ports if the port -numbers are not found in @file{/etc/services}, but it is convenient to -have them there anyway. - -@node Install the kerberos server, Set up the server, Install the /etc/services, How to set up the kerberos server -@subsection Install the kerberos server - -You should have already chosen the machine where you want to run the -kerberos server and the realm name. The machine should also be as -secure as possible (@pxref{Choose a kerberos server}) before installing -the kerberos server. In this example, we will install a kerberos server -for the realm @samp{FOO.SE} on a machine called @samp{hemlig.foo.se}. - -@node Set up the server, Add a few important principals, Install the kerberos server, How to set up the kerberos server -@subsection Setup the server - -Login as root on the console of the kerberos server. Add -@file{/usr/athena/bin} and @file{/usr/athena/sbin} to your path. Create -the directory @file{/var/kerberos} (@kbd{mkdir /var/kerberos}), which is -where the database will be stored. Then, to create the database, run -@kbd{kdb_init}: -@pindex kdb_init - -@example -@cartouche -hemlig# mkdir /var/kerberos -hemlig# kdb_init -Realm name [default FOO.SE ]: -You will be prompted for the database Master Password. -It is important that you NOT FORGET this password. - -Enter Kerberos master password: -Verifying password -Enter Kerberos master password: -@end cartouche -@end example - -If you have set up the configuration files correctly, @kbd{kdb_init} -should choose the correct realm as the default, otherwise a (good) guess -is made. Enter the master password. - -This password will only be used for encrypting the kerberos database on -disk and for generating new random keys. You will not have to remember -it, only to type it again when you run @kbd{kstash}. Choose something -long and random. Now run @kbd{kstash} using the same password: -@pindex kstash - -@example -@cartouche -hemlig# kstash - -Enter Kerberos master password: - -Current Kerberos master key version is 1. - -Master key entered. BEWARE! -Wrote master key to /.k -@end cartouche -@end example - -After entering the same master password it will be saved in the file -@file{/.k} and the kerberos server will read it when needed. Write down -the master password and put it in a sealed envelope in a safe, you might -need it if your disk crashes or should you want to set up a slave -server. - -@code{kdb_init} initializes the database with a few entries: - -@table @samp -@item krbtgt.@var{REALM} -The key used for authenticating to the kerberos server. - -@item changepw.kerberos -The key used for authenticating to the administrative server, i.e. when -adding users, changing passwords, and so on. - -@item default -This entry is copied to new items when these are added. Enter here the -values you want new entries to have, particularly the expiry date. - -@item K.M -This is the master key and it is only used to verify that the master key -that is saved un-encrypted in @file{/.k} is correct and corresponds to -this database. - -@end table - -@code{kstash} only reads the master password and writes it to -@file{/.k}. This enables the kerberos server to start without you -having to enter the master password. This file (@file{/.k}) is only -readable by root and resides on a ``secure'' machine. - -@node Add a few important principals, Start the server, Set up the server, How to set up the kerberos server -@subsection Add a few important principals - -Now the kerberos database has been created, containing only a few -principals. The next step is to add a few more so that you can test -that it works properly and so that you can administer your realm without -having to use the console on the kerberos server. Use @kbd{kdb_edit} -to edit the kerberos database directly on the server. -@pindex kdb_edit - -@code{kdb_edit} is intended as a bootstrapping and fall-back mechanism -for editing the database. For normal purposes, use the @code{kadmin} -program (@pxref{Add users to the database}). - -The following example shows the adding of the principal -@samp{nisse.admin} into the kerberos database. This principal is used -by @samp{nisse} when administrating the kerberos database. Later on the -normal principal for @samp{nisse} will be created. Replace @samp{nisse} -and @samp{password} with your own username and password. - -@example -@cartouche -hemlig# kdb_edit -n -Opening database... -Current Kerberos master key version is 1. - -Master key entered. BEWARE! -Previous or default values are in [brackets] , -enter return to leave the same, or new value. - -Principal name: -Instance: - -, Create [y] ? <> - -Principal: nisse, Instance: admin, kdc_key_ver: 1 -New Password: -Verifying password -New Password: - -Principal's new key version = 1 -Expiration date (enter yyyy-mm-dd) [ 2000-01-01 ] ? <> -Max ticket lifetime (*5 minutes) [ 255 ] ? <> -Attributes [ 0 ] ? <> -Edit O.K. -Principal name: <> -@end cartouche -@end example - -@code{kdb_edit} will loop until you hit the @kbd{return} key at the -``Principal name'' prompt. Now you have added nisse as an administrator. - -@page - -@node Start the server, Try to get tickets, Add a few important principals, How to set up the kerberos server -@subsection Start the server - -@pindex kerberos -@example -@cartouche -hemlig# /usr/athena/libexec/kerberos & -Kerberos server starting -Sleep forever on error -Log file is /var/log/kerberos.log -Current Kerberos master key version is 1. - -Master key entered. BEWARE! - -Current Kerberos master key version is 1 -Local realm: FOO.SE -@end cartouche -@end example - -@node Try to get tickets, Create initial ACL for the admin server, Start the server, How to set up the kerberos server -@subsection Try to get tickets - -You can now verify that these principals have been added and that the -server is working correctly. - -@pindex kinit -@example -@cartouche -hemlig# kinit -eBones International (hemlig.foo.se) -Kerberos Initialization -Kerberos name: -Password: -@end cartouche -@end example - -If you do not get any error message from @code{kinit}, then everything -is working (otherwise, see @ref{Common error messages}). Use -@code{klist} to verify the tickets you acquired with @code{kinit}: - -@pindex klist -@example -@cartouche -hemlig# klist -Ticket file: /tmp/tkt0 -Principal: nisse.admin@@FOO.SE - -Issued Expires Principal -May 24 21:06:03 May 25 07:06:03 krbtgt.FOO.SE@@FOO.SE -@end cartouche -@end example - -@node Create initial ACL for the admin server, Start the admin server, Try to get tickets, How to set up the kerberos server -@subsection Create initial ACL for the admin server - -The admin server, @code{kadmind}, uses a series of files to determine who has -@pindex kadmind -the right to perform certain operations. The files are: -@file{admin_acl.add}, @file{admin_acl.get}, @file{admin_acl.del}, and -@file{admin_acl.mod}. Create these with @samp{nisse.admin@@FOO.SE} as -the contents. -@pindex admin_acl.add -@pindex admin_acl.get -@pindex admin_acl.del -@pindex admin_acl.mod - -@example -@cartouche -hemlig# echo "nisse.admin@@FOO.SE" >> /var/kerberos/admin_acl.add -hemlig# echo "nisse.admin@@FOO.SE" >> /var/kerberos/admin_acl.get -hemlig# echo "nisse.admin@@FOO.SE" >> /var/kerberos/admin_acl.mod -hemlig# echo "nisse.admin@@FOO.SE" >> /var/kerberos/admin_acl.del -@end cartouche -@end example - -Later on you may wish to add more users with administration -privileges. Make sure that you create both the administration principals -and add them to the admin server ACL. - -@node Start the admin server, Add users to the database, Create initial ACL for the admin server, How to set up the kerberos server -@subsection Start the admin server - -@pindex kadmind -@example -@cartouche -hemlig# /usr/athena/libexec/kadmind & -KADM Server KADM0.0A initializing -Please do not use 'kill -9' to kill this job, use a -regular kill instead - -Current Kerberos master key version is 1. - -Master key entered. BEWARE! -@end cartouche -@end example - -@node Add users to the database, Automate the startup of the servers, Start the admin server, How to set up the kerberos server -@subsection Add users to the database - -Use the @code{kadmin} client to add users to the database: -@pindex kadmin - -@example -@cartouche -hemlig# kadmin -p nisse.admin -m -Welcome to the Kerberos Administration Program, version 2 -Type "help" if you need it. -admin: -Admin password: -Maximum ticket lifetime? (255) [Forever] -Attributes? [0x00] -Expiration date (enter yyyy-mm-dd) ? [Sat Jan 1 05:59:00 2000] -Password for nisse: -Verifying password Password for nisse: -nisse added to database. -@end cartouche -@end example - -Add whatever other users you want to have in the same way. Verify that -a user is in the database and check the database entry for that user: - -@example -@cartouche -admin: -Info in Database for nisse.: -Max Life: 255 (Forever) Exp Date: Sat Jan 1 05:59:59 2000 - -Attribs: 00 key: 0 0 -admin: <^D> -Cleaning up and exiting. -@end cartouche -@end example - -@node Automate the startup of the servers, , Add users to the database, How to set up the kerberos server -@subsection Automate the startup of the servers - -Add the lines that were used to start the kerberos server and the -admin server to your startup scripts (@file{/etc/rc} or similar). -@pindex rc - -@node Install the client programs, Install the kerberised services, How to set up the kerberos server, How to set up a realm -@section Install the client programs - -Making a machine a kerberos client only requires a few steps. First you -might need to change the configuration files as with the kerberos -server. (@pxref{Install the configuration files} and @pxref{Install the -/etc/services}.) Also you need to make the programs in -@file{/usr/athena/bin} available. This can be done by adding the -@file{/usr/athena/bin} directory to the users' paths, by making symbolic -links, or even by copying the programs. - -You should also verify that the local time on the client is synchronised -with the time on the kerberos server by some means. The maximum allowed -time difference between the participating servers and a client is 5 -minutes. -@cindex NTP. -One good way to synchronize the time is NTP (Network Time Protocol), see -@url{http://www.eecis.udel.edu/~ntp/}. - -If you need to run the client programs on a machine where you do not -have root-access, you can hopefully just use the binaries and no -configuration will be needed. The heuristics used are mentioned above -(see @ref{Install the configuration files}). If this is not the case -and you need to have @file{krb.conf} and/or @file{krb.realms}, you can -copy them into a directory of your choice and -@pindex krb.conf -@pindex krb.realms -set the environment variable @var{KRBCONFDIR} to point at this -@cindex KRBCONFDIR -directory. - -To test the client functionality, run the @code{kinit} program: - -@example -@cartouche -foo$ kinit -eBones International (foo.foo.se) -Kerberos Initialization -Kerberos name: -Password: - -foo$ klist -Ticket file: /tmp/tkt4711 -Principal: nisse@@FOO.SE - -Issued Expires Principal -May 24 21:06:03 May 25 07:06:03 krbtgt.FOO.SE@@FOO.SE -@end cartouche -@end example - -@node Install the kerberised services, Install a slave kerberos server, Install the client programs, How to set up a realm -@section Install the kerberised services - -These includes @code{rsh}, @code{rlogin}, @code{telnet}, @code{ftp}, -@code{rxtelnet}, and so on. -@pindex rsh -@pindex rlogin -@pindex telnet -@pindex ftp -@pindex rxtelnet - -First follow the steps mentioned in the prior section to make it a -client and verify its operation. Change @file{inetd.conf} next to use -the new daemons. Look at the file -@pindex inetd.conf -@file{etc/inetd.conf.changes} to see the changes that we recommend you -perform on @file{inetd.conf}. - -You should at this point decide what services you want to run on -each machine. - -@subsection rsh, rlogin, and rcp -@pindex rsh -@pindex rlogin -@pindex rcp - -These exist in kerberised versions and ``old-style'' versions. The -different versions use different port numbers, so you can choose none, -one, or both. If you do not want to use ``old-style'' r* services, you -can let the programs output the text ``Remote host requires Kerberos -authentication'' instead of just refusing connections to that port. -This is enabled with the @samp{-v} option. The kerberised services -exist in encrypted and non-encrypted versions. The encrypted services -have an ``e'' prepended to the name and the programs take @samp{-x} as an -option indicating encryption. - -Our recommendation is to only use the kerberised services and give -explanation messages for the old ports. - -@subsection telnet -@pindex telnet - -The telnet service always uses the same port and negotiates as to which -authentication method should be used. The @code{telnetd} program has -@pindex telnetd -an option ``-a user'' that only allows kerberised and authenticated -connections. If this is not included, it falls back to using clear text -passwords. For obvious reasons, we recommend that you enable this -option. If you want to use one-time passwords (@pxref{One-Time -Passwords}) you can use the ``-a otp'' option which will allow OTPs or -kerberised connections. - -@subsection ftp -@pindex ftp - -The ftp service works as telnet does, with just one port being used. By -default only kerberos authenticated connections are allowed. You can -specify additional levels that are thus allowed with these options: - -@table @asis -@item @kbd{-a otp} -Allow one-time passwords (@pxref{One-Time Passwords}). -@item @kbd{-a ftp} -Allow anonymous login (as user ``ftp'' or ``anonymous''). -@item @kbd{-a safe} -The same as @kbd{-a ftp}, for backwards compatibility. -@item @kbd{-a plain} -Allow clear-text passwords. -@item @kbd{-a none} -The same as @kbd{-a ftp -a plain}. -@item @kbd{-a user} -A no-op, also there for backwards compatibility reasons. -@end table - -When running anonymous ftp you should read the man page on @code{ftpd} -which explains how to set it up. - -@subsection pop -@pindex popper - -The Post Office Protocol (POP) is used to retrieve mail from the mail -hub. The @code{popper} program implements the standard POP3 protocol -and the kerberised KPOP. Use the @samp{-k} option to run the kerberos -version of the protocol. This service should only be run on your mail -hub. - -@subsection kx -@pindex kx - -@code{kx} allows you to run X over a kerberos-authenticated and -encrypted connection. This program is used by @code{rxtelnet}, -@code{tenletxr}, and @code{rxterm}. - -If you have some strange kind of operating system with X libraries that -do not allow you to use unix-sockets, you need to specify the @samp{-t} -@pindex kxd -option to @code{kxd}. Otherwise it should be sufficient by adding the -daemon in @file{inetd.conf}. - -@subsection kauth -@pindex kauth - -This service allows you to create tickets on a remote host. To -enable it just insert the corresponding line in @file{inetd.conf}. - -@section srvtabs -@pindex srvtab - -In the same way every user needs to have a password registered with -the kerberos server, every service needs to have a shared key with the -kerberos server. The service keys are stored in a file, usually called -@file{/etc/srvtab}. This file should not be readable to anyone but -root, in order to keep the key from being divulged. The name of this principal -in the kerberos database is usually the service name and the hostname. Examples -of such principals are @samp{pop.@var{hostname}} and -@samp{rcmd.@var{hostname}}. (rcmd comes from ``remote command''.) Here -is a list of the most commonly used srvtab types and what programs use them. - -@table @asis -@item rcmd.@var{hostname} -rsh, rcp, rlogin, telnet, kauth, su, kx -@item rcmd.kerberos -kprop -@item pop.@var{hostname} -popper, movemail, push -@item sample.@var{hostname} -sample_server, simple_server -@item changepw.kerberos -kadmin, kpasswd -@item krbtgt.@var{realm} -kerberos (not stored in any srvtab) -@item ftp.@var{hostname} -ftp (also tries with rcmd.@var{hostname}) -@item zephyr.zephyr -Zephyr -@item afs or afs.@var{cellname} -Andrew File System -@end table - -To create these keys you will use the the @code{ksrvutil} program. -Perform the -@pindex ksrvutil -following: - -@example -@cartouche -bar# ksrvutil -p nisse.admin get -Name [rcmd]: <> -Instance [bar]: <> -Realm [FOO.SE]: <> -Is this correct? (y,n) [y] <> -Add more keys? (y,n) [n] <> -Password for nisse.admin@@FOO.SE: -Written rcmd.bar -rcmd.bar@@FOO.SE -Old keyfile in /etc/srvtab.old. -@end cartouche -@end example - -@subsection Complete test of the kerberised services - -Obtain a ticket on one machine (@samp{foo}) and use it to login with a -kerberised service to a second machine (@samp{bar}). The test should -look like this if successful: - -@example -@cartouche -foo$ kinit nisse -eBones International (foo.foo.se) -Kerberos Initialization for "nisse" -Password: -foo$ klist -Ticket file: /tmp/tkt4711 -Principal: nisse@@FOO.SE - -Issued Expires Principal -May 30 13:48:03 May 30 23:48:03 krbtgt.FOO.SE@@FOO.SE -foo$ telnet bar -Trying 17.17.17.17... -Connected to bar.foo.se -Escape character is '^]'. -[ Trying mutual KERBEROS4 ... ] -[ Kerberos V4 accepts you ] -[ Kerberos V4 challenge successful ] -bar$ -@end cartouche -@end example - -You can also try with @code{rsh}, @code{rcp}, @code{rlogin}, -@code{rlogin -x}, and some other commands to see that everything is -working all right. - -@node Install a slave kerberos server, Cross-realm functionality , Install the kerberised services, How to set up a realm -@section Install a slave kerberos server - -It is desirable to have at least one backup (slave) server in case the -master server fails. It is possible to have any number of such slave -servers but more than three usually doesn't buy much more redundancy. - -First select a good server machine. (@pxref{Choose a kerberos -server}). - -On the master, add a @samp{rcmd.kerberos} (note, it should be literally -``kerberos'') principal (using @samp{ksrvutil get}). The -@pindex kprop -@code{kprop} program, running on the master, will use this when -authenticating to the -@pindex kpropd -@code{kpropd} daemons running on the slave servers. The @code{kpropd} -on the slave will use its @samp{rcmd.hostname} key for authenticating -the connection from the master. Therefore, the slave needs to have this -key in its srvtab, and it of course also needs to have enough of the -configuration files to act as a server. See @ref{Install the kerberised -services} for information on how to do this. - -To summarize, the master should have a key for @samp{rcmd.kerberos} and -the slave one for @samp{rcmd.hostname}. - -The slave will need the same master key as you used at the master. - -On your master server, create a file, e.g. @file{/var/kerberos/slaves}, -that contains the hostnames of your kerberos slave servers. - -Start @code{kpropd} with @samp{kpropd -i} on your slave servers. - -On your master server, create a dump of the database and then propagate -it. - -@example -foo# kdb_util slave_dump /var/kerberos/slave_dump -foo# kprop -@end example - -You should now have copies of the database on your slave servers. You -can verify this by issuing @samp{kdb_util dump @var{file}} on your -slave servers, and comparing with the original file on the master -server. Note that the entries will not be in the same order. - -This procedure should be automated with a script run regularly by cron, -for instance once an hour. - -Since the master and slave servers will use copies of the same -database, they need to use the same master key. Add the master key on -the slave with @code{kstash}. (@pxref{Set up the server}) - -To start the kerberos server on slaves, you first have to copy the -master key from the master server. You can do this either by remembering -the master password and issuing @samp{kstash}, or you can just copy the -keyfile. Remember that if you copy the file, do so on a safe media, not -over the network. Good means include floppy or paper. Paper is better, -since it is easier to swallow afterwards. - -The kerberos server should be started with @samp{-s} on the slave -servers. This enables sanity checks, for example checking the time since -the last update from the master. - -All changes to the database are made by @code{kadmind} at the master, -and then propagated to the slaves, so you should @strong{not} run -@code{kadmind} on the slaves. - -Finally add the slave servers to -@file{/etc/krb.conf}. The clients will ask the servers in the order -specified by that file. - -Consider adding CNAMEs to your slave servers, see @ref{Install the -configuration files}. - -@node Cross-realm functionality , , Install a slave kerberos server, How to set up a realm -@section Cross-realm functionality - -Suppose you are residing in the realm @samp{MY.REALM}, how do you -authenticate to a server in @samp{OTHER.REALM}? Having valid tickets in -@samp{MY.REALM} allows you to communicate with kerberised services in that -realm. However, the computer in the other realm does not have a secret -key shared with the kerberos server in your realm. - -It is possible to add a shared key between two realms that trust each -other. When a client program, such as @code{telnet}, finds that the -other computer is in a different realm, it will try to get a ticket -granting ticket for that other realm, but from the local kerberos -server. With that ticket granting ticket, it will then obtain service -tickets from the kerberos server in the other realm. - -To add this functionality you have to add a principal to each realm. The -principals should be @samp{krbtgt.OTHER.REALM} in @samp{MY.REALM}, and -@samp{krbtgt.MY.REALM} in @samp{OTHER.REALM}. The two different -principals should have the same key (and key version number). Remember -to transfer this key in a safe manner. This is all that is required. - -@page - -@example -@cartouche -blubb$ klist -Ticket file: /tmp/tkt3008 -Principal: joda@@NADA.KTH.SE - - Issued Expires Principal -Jun 7 02:26:23 Jun 7 12:26:23 krbtgt.NADA.KTH.SE@@NADA.KTH.SE -blubb$ telnet agat.e.kth.se -Trying 130.237.48.12... -Connected to agat.e.kth.se. -Escape character is '^]'. -[ Trying mutual KERBEROS4 ... ] -[ Kerberos V4 accepts you ] -[ Kerberos V4 challenge successful ] -Last login: Sun Jun 2 20:51:50 from emma.pdc.kth.se - -agat$ exit -Connection closed by foreign host. -blubb$ klist -Ticket file: /tmp/tkt3008 -Principal: joda@@NADA.KTH.SE - - Issued Expires Principal -Jun 7 02:26:23 Jun 7 12:26:23 krbtgt.NADA.KTH.SE@@NADA.KTH.SE -Jun 7 02:26:50 Jun 7 12:26:50 krbtgt.E.KTH.SE@@NADA.KTH.SE -Jun 7 02:26:51 Jun 7 12:26:51 rcmd.agat@@E.KTH.SE -@end cartouche -@end example diff --git a/crypto/kerberosIV/doc/whatis.texi b/crypto/kerberosIV/doc/whatis.texi deleted file mode 100644 index 6721c23edb73..000000000000 --- a/crypto/kerberosIV/doc/whatis.texi +++ /dev/null @@ -1,137 +0,0 @@ -@node What is Kerberos?, Installing programs, Introduction, Top -@chapter What is Kerberos? - -@quotation -@flushleft - Now this Cerberus had three heads of dogs, - the tail of a dragon, and on his back the - heads of all sorts of snakes. - --- Pseudo-Apollodorus Library 2.5.12 -@end flushleft -@end quotation - -Kerberos is a system for authenticating users and services on a network. -It is built upon the assumption that the network is ``unsafe''. For -example, data sent over the network can be eavesdropped and altered, and -addresses can also be faked. Therefore they cannot be used for -authentication purposes. -@cindex authentication - -Kerberos is a trusted third-party service. That means that there is a -third party (the kerberos server) that is trusted by all the entities on -the network (users and services, usually called @dfn{principals}). All -principals share a secret password (or key) with the kerberos server and -this enables principals to verify that the messages from the kerberos -server are authentic. Thus trusting the kerberos server, users and -services can authenticate each other. - -@section Basic mechanism - -@ifinfo -@macro sub{arg} -<\arg\> -@end macro -@end ifinfo - -@tex -@def@xsub#1{$_{#1}$} -@global@let@sub=@xsub -@end tex - -In Kerberos, principals use @dfn{tickets} to prove that they are who -they claim to be. In the following example, @var{A} is the initiator of -the authentication exchange, usually a user, and @var{B} is the service -that @var{A} wishes to use. - -To obtain a ticket for a specific service, @var{A} sends a ticket -request to the kerberos server. The request basically contains @var{A}'s -and @var{B}'s names. The kerberos server checks that both @var{A} and -@var{B} are valid principals. - -Having verified the validity of the principals, it creates a packet -containing @var{A}'s and @var{B}'s names, @var{A}'s network address -(@var{A@sub{addr}}), the current time (@var{t@sub{issue}}), the lifetime -of the ticket (@var{life}), and a secret @dfn{session key} -@cindex session key -(@var{K@sub{AB}}). This packet is encrypted with @var{B}'s secret key -(@var{K@sub{B}}). The actual ticket (@var{T@sub{AB}}) looks like this: -(@{@var{A}, @var{B}, @var{A@sub{addr}}, @var{t@sub{issue}}, @var{life}, -@var{K@sub{AB}}@}@var{K@sub{B}}). - -The reply to @var{A} consists of the ticket (@var{T@sub{AB}}), @var{B}'s -name, the current time, the lifetime of the ticket, and the session key, all -encrypted in @var{A}'s secret key (@{@var{B}, @var{t@sub{issue}}, -@var{life}, @var{K@sub{AB}}, @var{T@sub{AB}}@}@var{K@sub{A}}). @var{A} -decrypts the reply and retains it for later use. - -@sp 1 - -Before sending a message to @var{B}, @var{A} creates an authenticator -consisting of @var{A}'s name, @var{A}'s address, the current time, and a -``checksum'' chosen by @var{A}, all encrypted with the secret session -key (@{@var{A}, @var{A@sub{addr}}, @var{t@sub{current}}, -@var{checksum}@}@var{K@sub{AB}}). This is sent together with the ticket -received from the kerberos server to @var{B}. Upon reception, @var{B} -decrypts the ticket using @var{B}'s secret key. Since the ticket -contains the session key that the authenticator was encrypted with, -@var{B} can now also decrypt the authenticator. To verify that @var{A} -really is @var{A}, @var{B} now has to compare the contents of the ticket -with that of the authenticator. If everything matches, @var{B} now -considers @var{A} as properly authenticated. - -@c (here we should have some more explanations) - -@section Different attacks - -@subheading Impersonating A - -An impostor, @var{C} could steal the authenticator and the ticket as it -is transmitted across the network, and use them to impersonate -@var{A}. The address in the ticket and the authenticator was added to -make it more difficult to perform this attack. To succeed @var{C} will -have to either use the same machine as @var{A} or fake the source -addresses of the packets. By including the time stamp in the -authenticator, @var{C} does not have much time in which to mount the -attack. - -@subheading Impersonating B - -@var{C} can masquerade @var{B}'s network address, and when @var{A} sends -her credentials, @var{C} just pretend to verify them. @var{C} can't -be sure that she is talking to @var{A}. - -@section Defense strategies - -It would be possible to add a @dfn{replay cache} -@cindex replay cache -to the server side. The idea is to save the authenticators sent during -the last few minutes, so that @var{B} can detect when someone is trying -to retransmit an already used message. This is somewhat impractical -(mostly regarding efficiency), and is not part of Kerberos 4; MIT -Kerberos 5 contains it. - -To authenticate @var{B}, @var{A} might request that @var{B} sends -something back that proves that @var{B} has access to the session -key. An example of this is the checksum that @var{A} sent as part of the -authenticator. One typical procedure is to add one to the checksum, -encrypt it with the session key and send it back to @var{A}. This is -called @dfn{mutual authentication}. - -The session key can also be used to add cryptographic checksums to the -messages sent between @var{A} and @var{B} (known as @dfn{message -integrity}). Encryption can also be added (@dfn{message -confidentiality}). This is probably the best approach in all cases. -@cindex integrity -@cindex confidentiality - -@section Further reading - -The original paper on Kerberos from 1988 is @cite{Kerberos: An -Authentication Service for Open Network Systems}, by Jennifer Steiner, -Clifford Neuman and Jeffrey I. Schiller. - -A less technical description can be found in @cite{Designing an -Authentication System: a Dialogue in Four Scenes} by Bill Bryant, also -from 1988. - -These and several other documents can be found on our web-page. diff --git a/crypto/kerberosIV/eBones-p9.README b/crypto/kerberosIV/eBones-p9.README deleted file mode 100644 index 844298598e23..000000000000 --- a/crypto/kerberosIV/eBones-p9.README +++ /dev/null @@ -1,26 +0,0 @@ -The file eBones-p9.patch.Z is the compressed patch for Bones (patchlevel 9) -that puts back the calls to the DES encryption libraries. - -eBones-p9-des.tar.Z is a compressed tar file of MIT compatible -des encryption routines. Install these routines in src/lib/des. -The des_quad_cksum is not compatible with the MIT version -but I should fix that when I have access to ultrix 4 -* [It has now been fixed and is the same as MIT's] -(it has a binary copy of libdes.a)). There are two extra routines, -des_enc_read and des_enc_write. These routines are used in the -kerberos rcp, rlogin and rlogind to encrypt all network traffic. - -eBones-p9.tar.Z is a compressed tar file of Bones (patchlevel 9) -with the eBones-p9.patch applied and eBones-p9-des.tar.Z installed. - -When applying the patch to Bones, don't do a -find src -name "*.orig" -exec /bin/rm {} \; -There is a file called src/util/ss/ss.h.orig that is needed and -the above find will remove it. - -The Imakefile in src/lib/des assumes you have gcc. If you don't, -you will have to change the Imakefile. Compile this directory with -the maximum optimization your compiler has available. - -These modifications have been successfully unpacked and compiled -on a microvax 3600. diff --git a/crypto/kerberosIV/etc/README b/crypto/kerberosIV/etc/README deleted file mode 100644 index 68865ec7c8fc..000000000000 --- a/crypto/kerberosIV/etc/README +++ /dev/null @@ -1,41 +0,0 @@ - - How to update your files in the /etc directory! - -/etc/services (all machines) - - The contents of services.append can probably just be appended to -your local file. If you use NIS (YP) you need to do this on the NIS -master. Delete and duplicate definitions to prevent inconsistencies. - -/etc/krb.conf (all machines) - - Create a krb.conf file by substituting MY.REALM.NAME with your -domain name. If you create a domain name alias (CNAME) kerberos.domain -pointing to your master server, unconfigured clients will have a -chance to find your realm. - - It is no longer necessary to put each and every realm in -krb.{conf,realms}. If the domain name matches your realm name and you -have a CNAME kerberos.REALMNAME pointing at your kerberos server other -sites will find your realm even if it is not listed in krb.conf. -*** Please add this CNAME to your local DNS *** - -/etc/krb.realms (all machines) - - Substitue MY.REALM.NAME in krb.realms with your domain name. - Not strictly necessary when domain and realm names match. - -/etc/inetd.conf (all machines supporting incoming telnet, rsh etc.) - - Comment out the lines starting with shell, login and telnet and -append inetd.conf.changes. Be carefull to check that there are no -additional old entries of kshell, ekshell, klogin and eklogin left. - - The -v option to rshd and rlogin turns off that service and echo -an informational message to the user. - -/etc/srvtab - - With 'ksrvutil get' you can add entries to the Kerberos database and -put the service keys into your srvtab file. - diff --git a/crypto/kerberosIV/etc/default.login b/crypto/kerberosIV/etc/default.login deleted file mode 100644 index f01b2eee90a4..000000000000 --- a/crypto/kerberosIV/etc/default.login +++ /dev/null @@ -1,47 +0,0 @@ -# -# Sample /etc/default/login file, read by the login program -# -# For more info consult SysV login(1) -# -# Most things are environment variables. -# HZ and TZ are set only if they are still uninitialized. - -# This really variable TZ -#TIMEZONE=EST5EDT - -#HZ=100 - -# File size limit, se ulimit(2). -# Note that the limit must be specified in units of 512-byte blocks. -#ULIMIT=0 - -# If CONSOLE is set, root can only login on that device. -# When not set root can log in on any device. -#CONSOLE=/dev/console - -# PASSREQ determines if login requires a password. -PASSREQ=YES - -# ALTSHELL, really set SHELL=/bin/bash or other shell -# Extension: when ALTSHELL=YES, we set the SHELL variable even if it is /bin/sh -ALTSHELL=YES - -# Default PATH -#PATH=/usr/bin: - -# Default PATH for root user -#SUPATH=/usr/sbin:/usr/bin - -# TIMEOUT sets the number of seconds (between 0 and 900) to wait before -# abandoning a login session. -# -#TIMEOUT=300 - -# Use this for default umask(2) value -#UMASK=022 - -# Sleeptime between failed logins -# SLEEPTIME - -# Maximum number of failed login attempts, well the user can always reconnect -# MAXTRYS diff --git a/crypto/kerberosIV/etc/fbtab b/crypto/kerberosIV/etc/fbtab deleted file mode 100644 index 3e2137691471..000000000000 --- a/crypto/kerberosIV/etc/fbtab +++ /dev/null @@ -1,15 +0,0 @@ -# Sample /etc/fbtab file read by the login program -# This file can also be called /etc/logindevperm. - -# Use this to give away devices to the console user. The group of the -# devices is set to the owner's group specified in /etc/passwd. -# -# First column specifies the console device. -# -# Second the mode bits of the given away devices -# -# Third is a : separated list of devices to give away - -# console mode devices -/dev/console 0600 /dev/console:/dev/mouse -/dev/console 0600 /dev/floppy diff --git a/crypto/kerberosIV/etc/hosts.equiv b/crypto/kerberosIV/etc/hosts.equiv deleted file mode 100644 index 2fbb50c4a8dc..000000000000 --- a/crypto/kerberosIV/etc/hosts.equiv +++ /dev/null @@ -1 +0,0 @@ -localhost diff --git a/crypto/kerberosIV/etc/inetd.conf.changes b/crypto/kerberosIV/etc/inetd.conf.changes deleted file mode 100644 index c0a88caef8b2..000000000000 --- a/crypto/kerberosIV/etc/inetd.conf.changes +++ /dev/null @@ -1,33 +0,0 @@ -# -# $Id: inetd.conf.changes,v 1.13 1997/09/03 15:48:23 bg Exp $ -# -# Turn off vanilla rshd and rlogind with an informational message. -# If you really want this security problem remove the '-v' option! -shell stream tcp nowait root /usr/athena/libexec/rshd rshd -l -L -v -login stream tcp nowait root /usr/athena/libexec/rlogind rlogind -l -v -# -# Kerberos rsh -kshell stream tcp nowait root /usr/athena/libexec/rshd rshd -L -k -ekshell stream tcp nowait root /usr/athena/libexec/rshd rshd -L -k -x -ekshell2 stream tcp nowait root /usr/athena/libexec/rshd rshd -L -k -x -# -# Kerberos rlogin -klogin stream tcp nowait root /usr/athena/libexec/rlogind rlogind -k -eklogin stream tcp nowait root /usr/athena/libexec/rlogind rlogind -k -x -# -# Kerberized telnet and ftp, consider adding '-a user' to -# disallow cleartext passwords to both telnetd and ftpd. -telnet stream tcp nowait root /usr/athena/libexec/telnetd telnetd -a none -ftp stream tcp nowait root /usr/athena/libexec/ftpd ftpd -l -a none -# -# Kerberized POP. Server principal is pop.hostname, *not* rcmd.hostname! -#kpop stream tcp nowait root /usr/athena/libexec/popper popper -k -# -# Old POP3 with passwords in clear (not recommended, uses cleartext passwords) -#pop3 stream tcp nowait root /usr/athena/libexec/popper popper -# -# Kauthd, support for putting tickets on other machines in a secure fashion. -kauth stream tcp nowait root /usr/athena/libexec/kauthd kauthd -# -# Encrypted X connections -kx stream tcp nowait root /usr/athena/libexec/kxd kxd diff --git a/crypto/kerberosIV/etc/inetd.conf.changes.in b/crypto/kerberosIV/etc/inetd.conf.changes.in deleted file mode 100644 index 2ccb8f5a7d3f..000000000000 --- a/crypto/kerberosIV/etc/inetd.conf.changes.in +++ /dev/null @@ -1,33 +0,0 @@ -# -# $Id: inetd.conf.changes.in,v 1.14 1999/11/10 14:21:07 joda Exp $ -# -# Turn off vanilla rshd and rlogind with an informational message. -# If you really want this security problem remove the '-v' option! -shell stream tcp nowait root @prefix@/libexec/rshd rshd -l -L -v -login stream tcp nowait root @prefix@/libexec/rlogind rlogind -l -v -# -# Kerberos rsh -kshell stream tcp nowait root @prefix@/libexec/rshd rshd -L -k -ekshell stream tcp nowait root @prefix@/libexec/rshd rshd -L -k -x -ekshell2 stream tcp nowait root @prefix@/libexec/rshd rshd -L -k -x -# -# Kerberos rlogin -klogin stream tcp nowait root @prefix@/libexec/rlogind rlogind -k -eklogin stream tcp nowait root @prefix@/libexec/rlogind rlogind -k -x -# -# Kerberized telnet and ftp, consider adding '-a user' to -# disallow cleartext passwords to both telnetd and ftpd. -telnet stream tcp nowait root @prefix@/libexec/telnetd telnetd -a none -ftp stream tcp nowait root @prefix@/libexec/ftpd ftpd -l -a none -# -# Kerberized POP. Server principal is pop.hostname, *not* rcmd.hostname! -#kpop stream tcp nowait root @prefix@/libexec/popper popper -k -# -# Old POP3 with passwords in clear (not recommended, uses cleartext passwords) -#pop3 stream tcp nowait root @prefix@/libexec/popper popper -# -# Kauthd, support for putting tickets on other machines in a secure fashion. -kauth stream tcp nowait root @prefix@/libexec/kauthd kauthd -# -# Encrypted X connections -kx stream tcp nowait root @prefix@/libexec/kxd kxd diff --git a/crypto/kerberosIV/etc/krb.conf b/crypto/kerberosIV/etc/krb.conf deleted file mode 100644 index 9c694b5cdede..000000000000 --- a/crypto/kerberosIV/etc/krb.conf +++ /dev/null @@ -1,55 +0,0 @@ -MY.REALM.NAME -MY.REALM.NAME kerberos.MY.REALM.NAME admin server -SICS.SE kerberos.sics.se admin server -NADA.KTH.SE kerberos.nada.kth.se admin server -NADA.KTH.SE sysman.nada.kth.se -NADA.KTH.SE server.nada.kth.se -ADMIN.KTH.SE ulysses.admin.kth.se admin server -ADMIN.KTH.SE graziano.admin.kth.se -ADMIN.KTH.SE montano.admin.kth.se -BION.KTH.SE chaplin.bion.kth.se admin server -DSV.SU.SE ssi.dsv.su.se admin server -DSV.SU.SE vall.dsv.su.se -E.KTH.SE kerberos.e.kth.se admin server -E.KTH.SE kerberos-1.e.kth.se -E.KTH.SE kerberos-2.e.kth.se -IT.KTH.SE kerberos.it.kth.se -IT.KTH.SE kerberos-1.it.kth.se -IT.KTH.SE kerberos-2.it.kth.se -MECH.KTH.SE kerberos.mech.kth.se admin server -KTH.SE kth.se admin server -ML.KVA.SE gustava.ml.kva.se admin server -PI.SE liszt.adm.pi.se admin server -STACKEN.KTH.SE kerberos.stacken.kth.se admin server -SUNET.SE kerberos.sunet.se admin server -CYGNUS.COM kerberos.cygnus.com admin server -CYGNUS.COM kerberos-1.cygnus.com -CYGNUS.COM dumb.cygnus.com -DEVO.CYGNUS.COM dumber.cygnus.com admin server -MIRKWOOD.CYGNUS.COM mirkwood.cygnus.com admin server -KITHRUP.COM KITHRUP.COM admin server -ATHENA.MIT.EDU kerberos.mit.edu admin server -ATHENA.MIT.EDU kerberos-1.mit.edu -ATHENA.MIT.EDU kerberos-2.mit.edu -ATHENA.MIT.EDU kerberos-3.mit.edu -LCS.MIT.EDU kerberos.lcs.mit.edu admin server -SMS_TEST.MIT.EDU dodo.mit.edu admin server -LS.MIT.EDU ls.mit.edu admin server -IFS.UMICH.EDU kerberos.ifs.umich.edu -CS.WASHINGTON.EDU hawk.cs.washington.edu -CS.WASHINGTON.EDU aspen.cs.washington.edu -CS.BERKELEY.EDU okeeffe.berkeley.edu -SOUP.MIT.EDU soup.mit.edu admin server -TELECOM.MIT.EDU bitsy.mit.edu -MEDIA.MIT.EDU kerberos.media.mit.edu -NEAR.NET kerberos.near.net -CATS.UCSC.EDU mehitabel.ucsc.edu admin server -CATS.UCSC.EDU ucsch.ucsc.edu -WATCH.MIT.EDU kerberos.watch.mit.edu admin server -TELEBIT.COM napa.telebit.com. admin server -ARMADILLO.COM monad.armadillo.com admin server -TOAD.COM toad.com admin server -ZEN.ORG zen.org admin server -LLOYD.COM harry.lloyd.com admin server -EPRI.COM kerberos.epri.com admin server -EPRI.COM kerberos-2.epri.com diff --git a/crypto/kerberosIV/etc/krb.equiv b/crypto/kerberosIV/etc/krb.equiv deleted file mode 100644 index 6205c1f38b1c..000000000000 --- a/crypto/kerberosIV/etc/krb.equiv +++ /dev/null @@ -1,14 +0,0 @@ -# List of host with multiple adresses. -# -193.10.156.253 130.237.232.44 193.10.156.252 # scws scws-fddi scws-2. -193.10.156.250 130.237.232.15 # salmon-sp salmon. -# -# new krb.equiv syntax for all of SP. -# -193.10.156.0/24 193.10.157.0/24 \ # syk-X.pdc.kth.se syk-X-hps.pdc.kth.se -130.237.232.31 130.237.232.32 \ # syk-0101-fddi syk-0201-fddi -130.237.232.38 130.237.232.39 \ # syk-0115-fddi syk-0116-fddi -130.237.232.33 130.237.232.34 \ # syk-0301-fddi syk-0401-fddi -130.237.232.35 130.237.232.36 \ # syk-0501-fddi syk-0601-fddi -130.237.232.37 130.237.230.66 \ # syk-0602-fddi syk-0602-fcs -130.237.230.36 # syk-0606-hippi. diff --git a/crypto/kerberosIV/etc/krb.realms b/crypto/kerberosIV/etc/krb.realms deleted file mode 100644 index 7498bf0bcc13..000000000000 --- a/crypto/kerberosIV/etc/krb.realms +++ /dev/null @@ -1,54 +0,0 @@ -.MY.REALM.NAME MY.REALM.NAME -sics.se SICS.SE -.sics.se SICS.SE -nada.kth.se NADA.KTH.SE -pdc.kth.se NADA.KTH.SE -.hydro.kth.se NADA.KTH.SE -.mech.kth.se MECH.KTH.SE -.nada.kth.se NADA.KTH.SE -.pdc.kth.se NADA.KTH.SE -.sans.kth.se NADA.KTH.SE -.admin.kth.se ADMIN.KTH.SE -.e.kth.se E.KTH.SE -.s3.kth.se E.KTH.SE -.radio.kth.se E.KTH.SE -.ttt.kth.se E.KTH.SE -.electrum.kth.se IT.KTH.SE -.math.kth.se MATH.KTH.SE -.it.kth.se IT.KTH.SE -.sth.sunet.se SUNET.SE -.pilsnet.sunet.se SUNET.SE -.sunet.se SUNET.SE -.ml.kva.se ML.KVA.SE -pi.se PI.SE -.pi.se PI.SE -.adm.pi.se PI.SE -.stacken.kth.se STACKEN.KTH.SE -kth.se KTH.SE -.kth.se KTH.SE -.bion.kth.se BION.KTH.SE -.dsv.su.se DSV.SU.SE -.MIT.EDU ATHENA.MIT.EDU -.MIT.EDU. ATHENA.MIT.EDU -MIT.EDU ATHENA.MIT.EDU -DODO.MIT.EDU SMS_TEST.MIT.EDU -.UCSC.EDU CATS.UCSC.EDU -.UCSC.EDU. CATS.UCSC.EDU -CYGNUS.COM CYGNUS.COM -.CYGNUS.COM CYGNUS.COM -MIRKWOOD.CYGNUS.COM MIRKWOOD.CYGNUS.COM -KITHRUP.COM KITHRUP.COM -.KITHRUP.COM KITHRUP.COM -.berkeley.edu EECS.BERKELEY.EDU -.CS.berkeley.edu EECS.BERKELEY.EDU -.MIT.EDU ATHENA.MIT.EDU -.mit.edu ATHENA.MIT.EDU -.BSDI.COM BSDI.COM -ARMADILLO.COM ARMADILLO.COM -.ARMADILLO.COM ARMADILLO.COM -ZEN.ORG ZEN.ORG -.ZEN.ORG ZEN.ORG -toad.com TOAD.COM -.toad.com TOAD.COM -lloyd.com LLOYD.COM -.lloyd.com LLOYD.COM diff --git a/crypto/kerberosIV/etc/login.access b/crypto/kerberosIV/etc/login.access deleted file mode 100644 index f8116161af3a..000000000000 --- a/crypto/kerberosIV/etc/login.access +++ /dev/null @@ -1,54 +0,0 @@ -# Sample /etc/login.access file read by the login program -# -# Login access control table. -# -# When someone logs in, the table is scanned for the first entry that -# matches the (user, host) combination, or, in case of non-networked -# logins, the first entry that matches the (user, tty) combination. The -# permissions field of that table entry determines whether the login will -# be accepted or refused. -# -# Format of the login access control table is three fields separated by a -# ":" character: -# -# permission : users : origins -# -# The first field should be a "+" (access granted) or "-" (access denied) -# character. -# -# The second field should be a list of one or more login names, group -# names, or ALL (always matches). A pattern of the form user@host is -# matched when the login name matches the "user" part, and when the -# "host" part matches the local machine name. -# -# The third field should be a list of one or more tty names (for -# non-networked logins), host names, domain names (begin with "."), host -# addresses, internet network numbers (end with "."), ALL (always -# matches) or LOCAL (matches any string that does not contain a "." -# character). -# -# If you run NIS you can use @netgroupname in host or user patterns; this -# even works for @usergroup@@hostgroup patterns. Weird. -# -# The EXCEPT operator makes it possible to write very compact rules. -# -# The group file is searched only when a name does not match that of the -# logged-in user. Only groups are matched in which users are explicitly -# listed: the program does not look at a user's primary group id value. -# -############################################################################## -# -# Disallow console logins to all but a few accounts. -# --:ALL EXCEPT wheel shutdown sync:console -# -# Disallow non-local logins to privileged accounts (group wheel). -# --:wheel:ALL EXCEPT LOCAL .win.tue.nl -# -# Some accounts are not allowed to login from anywhere: -# --:wsbscaro wsbsecr wsbspac wsbsym wscosor wstaiwde:ALL -# -# All other accounts are allowed to login from anywhere. -# diff --git a/crypto/kerberosIV/etc/services.append b/crypto/kerberosIV/etc/services.append deleted file mode 100644 index 3b3ec615595b..000000000000 --- a/crypto/kerberosIV/etc/services.append +++ /dev/null @@ -1,26 +0,0 @@ -# -# $Id: services.append,v 1.13 1999/07/06 13:08:02 assar Exp $ -# -# Kerberos services -# -kerberos-sec 88/udp # Kerberos secondary port UDP -kerberos-sec 88/tcp # Kerberos secondary port TCP -kpasswd 464/udp # password changing -kpasswd 464/tdp # password changing -klogin 543/tcp # Kerberos authenticated rlogin -kshell 544/tcp krcmd # and remote shell -ekshell 545/tcp # Kerberos encrypted remote shell -kfall -ekshell2 2106/tcp # What U of Colorado @ Boulder uses? -kerberos-adm 749/udp # v5 kadmin -kerberos-adm 749/tcp # v5 kadmin -kerberos-iv 750/udp kerberos kdc # Kerberos authentication--udp -kerberos-iv 750/tcp kerberos kdc # Kerberos authentication--tcp -kerberos_master 751/udp # v4 kadmin -kerberos_master 751/tcp # v4 kadmin -krb_prop 754/tcp hprop # Kerberos slave propagation -kpop 1109/tcp # Pop with Kerberos -eklogin 2105/tcp # Kerberos encrypted rlogin -rkinit 2108/tcp # Kerberos remote kinit -kx 2111/tcp # X over kerberos -kip 2112/tcp # IP over kerberos -kauth 2120/tcp # Remote kauth diff --git a/crypto/kerberosIV/include/Makefile.in b/crypto/kerberosIV/include/Makefile.in deleted file mode 100644 index eb298903f032..000000000000 --- a/crypto/kerberosIV/include/Makefile.in +++ /dev/null @@ -1,180 +0,0 @@ -# $Id: Makefile.in,v 1.59.2.3 2000/12/13 14:41:37 assar Exp $ - -srcdir = @srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -CC = @CC@ -LINK = @LINK@ -DEFS = @DEFS@ -DHOST=\"@CANONICAL_HOST@\" -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs -LN_S = @LN_S@ -EXECSUFFIX = @EXECSUFFIX@ - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -includedir = @includedir@ -libdir = @libdir@ - -@SET_MAKE@ - -.c.o: - $(CC) -c $(DEFS) -I. -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -HEADERS = \ - acl.h com_err.h com_right.h des.h kadm.h kafs.h kdc.h \ - klog.h krb.h krb-protos.h krb-archaeology.h krb_db.h \ - ktypes.h otp.h prot.h sl.h \ - md4.h md5.h sha.h rc4.h @EXTRA_HEADERS@ - -LOCL_HEADERS = \ - base64.h roken-common.h protos.h resolve.h xdbm.h \ - krb_log.h getarg.h parse_time.h @EXTRA_LOCL_HEADERS@ - -CLEAN_FILES = roken.h krb_err.h kadm_err.h - -BITS_OBJECTS = bits.o - -SOURCES = bits.c - -SUBDIRS = sys - -all: stamp-headers - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) all); done - -Wall: - $(MAKE) CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(includedir) - for x in $(HEADERS); \ - do $(INSTALL_DATA) $$x $(DESTDIR)$(includedir)/$$x; done - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) install); done - -uninstall: - for x in $(HEADERS); do \ - rm -f $(DESTDIR)$(includedir)/$$x; \ - done - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done - -clean: - rm -f $(HEADERS) $(LOCL_HEADERS) \ - $(CLEAN_FILES) *.o bits stamp-headers - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) clean); done - -mostlyclean: clean - -distclean: - $(MAKE) clean - rm -f config.h version.h version.h.in - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) distclean); done - rm -f Makefile config.status *~ - -realclean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) realclean); done - -acl.h: - $(LN_S) $(srcdir)/../lib/acl/acl.h . - -com_err.h: - $(LN_S) $(srcdir)/../lib/com_err/com_err.h . -com_right.h: - $(LN_S) $(srcdir)/../lib/com_err/com_right.h . - -des.h: - $(LN_S) $(srcdir)/../lib/des/des.h . - -md4.h: - $(LN_S) $(srcdir)/../lib/des/md4.h . - -md5.h: - $(LN_S) $(srcdir)/../lib/des/md5.h . - -sha.h: - $(LN_S) $(srcdir)/../lib/des/sha.h . - -rc4.h: - $(LN_S) $(srcdir)/../lib/des/rc4.h . - -kadm.h: - $(LN_S) $(srcdir)/../lib/kadm/kadm.h . - -kafs.h: - $(LN_S) $(srcdir)/../lib/kafs/kafs.h . - -kdc.h: - $(LN_S) $(srcdir)/../lib/kdb/kdc.h . - -klog.h: - $(LN_S) $(srcdir)/../lib/krb/klog.h . -krb-archaeology.h: - $(LN_S) $(srcdir)/../lib/krb/krb-archaeology.h . -krb-protos.h: - $(LN_S) $(srcdir)/../lib/krb/krb-protos.h . -krb.h: - $(LN_S) $(srcdir)/../lib/krb/krb.h . -prot.h: - $(LN_S) $(srcdir)/../lib/krb/prot.h . - -krb_db.h: - $(LN_S) $(srcdir)/../lib/kdb/krb_db.h . -krb_log.h: - $(LN_S) $(srcdir)/../lib/krb/krb_log.h . - -otp.h: - $(LN_S) $(srcdir)/../lib/otp/otp.h . - -base64.h: - $(LN_S) $(srcdir)/../lib/roken/base64.h . -err.h: - $(LN_S) $(srcdir)/../lib/roken/err.h . -fnmatch.h: - $(LN_S) $(srcdir)/../lib/roken/fnmatch.h . -getarg.h: - $(LN_S) $(srcdir)/../lib/roken/getarg.h . -glob.h: - $(LN_S) $(srcdir)/../lib/roken/glob.h . -parse_time.h: - $(LN_S) $(srcdir)/../lib/roken/parse_time.h . -resolve.h: - $(LN_S) $(srcdir)/../lib/roken/resolve.h . -roken-common.h: - $(LN_S) $(srcdir)/../lib/roken/roken-common.h . -xdbm.h: - $(LN_S) $(srcdir)/../lib/roken/xdbm.h . - -sl.h: - $(LN_S) $(srcdir)/../lib/sl/sl.h . - -protos.h: - $(LN_S) $(srcdir)/protos.hin protos.h - -netdb.h: - $(LN_S) $(srcdir)/netdb.x netdb.h - -bits$(EXECSUFFIX): $(BITS_OBJECTS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(BITS_OBJECTS) - -bits.o: bits.c - -ktypes.h: bits$(EXECSUFFIX) - ./bits$(EXECSUFFIX) $@ - -stamp-headers: Makefile - $(MAKE) $(HEADERS) $(LOCL_HEADERS) - touch stamp-headers - -.PHONY: all Wall install uninstall clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/include/bits.c b/crypto/kerberosIV/include/bits.c deleted file mode 100644 index a2c40bc3df6b..000000000000 --- a/crypto/kerberosIV/include/bits.c +++ /dev/null @@ -1,208 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: bits.c,v 1.6 1999/12/02 16:58:36 joda Exp $"); -#endif -#include -#include -#include -#include - -#ifndef HAVE_STRUPR -static void -strupr(char *s) -{ - unsigned char *p = (unsigned char *)s; - while(*p){ - if(islower(*p)) - *p = toupper(*p); - p++; - } -} -#endif /* HAVE_STRUPR */ - -#define BITSIZE(TYPE) \ -{ \ - int b = 0; TYPE x = 1, zero = 0; char *pre = "u_"; \ - char tmp[128], tmp2[128]; \ - while(x){ x <<= 1; b++; if(x < zero) pre=""; } \ - if(b >= len){ \ - int tabs; \ - sprintf(tmp, "%sint%d_t" , pre, len); \ - sprintf(tmp2, "typedef %s %s;", #TYPE, tmp); \ - strupr(tmp); \ - tabs = 5 - strlen(tmp2) / 8; \ - fprintf(f, "%s", tmp2); \ - while(tabs-- > 0) fprintf(f, "\t"); \ - fprintf(f, "/* %2d bits */\n", b); \ - return; \ - } \ -} - -#ifndef HAVE___ATTRIBUTE__ -#define __attribute__(x) -#endif - -static void -try_signed(FILE *f, int len) __attribute__ ((unused)); - -static void -try_unsigned(FILE *f, int len) __attribute__ ((unused)); - -static void -try_signed(FILE *f, int len) -{ - BITSIZE(signed char); - BITSIZE(short); - BITSIZE(int); - BITSIZE(long); -#ifdef HAVE_LONG_LONG - BITSIZE(long long); -#endif - fprintf(f, "/* There is no %d bit type */\n", len); -} - -static void -try_unsigned(FILE *f, int len) -{ - BITSIZE(unsigned char); - BITSIZE(unsigned short); - BITSIZE(unsigned int); - BITSIZE(unsigned long); -#ifdef HAVE_LONG_LONG - BITSIZE(unsigned long long); -#endif - fprintf(f, "/* There is no %d bit type */\n", len); -} - -static int -print_bt(FILE *f, int flag) -{ - if(flag == 0){ - fprintf(f, "/* For compatibility with various type definitions */\n"); - fprintf(f, "#ifndef __BIT_TYPES_DEFINED__\n"); - fprintf(f, "#define __BIT_TYPES_DEFINED__\n"); - fprintf(f, "\n"); - } - return 1; -} - -int main(int argc, char **argv) -{ - FILE *f; - int flag; - char *fn, *hb; - - if(argc < 2){ - fn = "bits.h"; - hb = "__BITS_H__"; - f = stdout; - } else { - char *p; - fn = argv[1]; - hb = malloc(strlen(fn) + 5); - sprintf(hb, "__%s__", fn); - for(p = hb; *p; p++){ - if(!isalnum((unsigned char)*p)) - *p = '_'; - } - f = fopen(argv[1], "w"); - } - fprintf(f, "/* %s -- this file was generated for %s by\n", fn, HOST); - fprintf(f, " %*s %s */\n\n", (int)strlen(fn), "", - "$Id: bits.c,v 1.6 1999/12/02 16:58:36 joda Exp $"); - fprintf(f, "#ifndef %s\n", hb); - fprintf(f, "#define %s\n", hb); - fprintf(f, "\n"); -#ifdef HAVE_SYS_TYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_INTTYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_SYS_BITYPES_H - fprintf(f, "#include \n"); -#endif -#ifdef HAVE_NETINET_IN6_MACHTYPES_H - fprintf(f, "#include \n"); -#endif - fprintf(f, "\n"); - - flag = 0; -#ifndef HAVE_INT8_T - flag = print_bt(f, flag); - try_signed (f, 8); -#endif /* HAVE_INT8_T */ -#ifndef HAVE_INT16_T - flag = print_bt(f, flag); - try_signed (f, 16); -#endif /* HAVE_INT16_T */ -#ifndef HAVE_INT32_T - flag = print_bt(f, flag); - try_signed (f, 32); -#endif /* HAVE_INT32_T */ -#if 0 -#ifndef HAVE_INT64_T - flag = print_bt(f, flag); - try_signed (f, 64); -#endif /* HAVE_INT64_T */ -#endif - -#ifndef HAVE_U_INT8_T - flag = print_bt(f, flag); - try_unsigned (f, 8); -#endif /* HAVE_INT8_T */ -#ifndef HAVE_U_INT16_T - flag = print_bt(f, flag); - try_unsigned (f, 16); -#endif /* HAVE_U_INT16_T */ -#ifndef HAVE_U_INT32_T - flag = print_bt(f, flag); - try_unsigned (f, 32); -#endif /* HAVE_U_INT32_T */ -#if 0 -#ifndef HAVE_U_INT64_T - flag = print_bt(f, flag); - try_unsigned (f, 64); -#endif /* HAVE_U_INT64_T */ -#endif - - if(flag){ - fprintf(f, "\n"); - fprintf(f, "#endif /* __BIT_TYPES_DEFINED__ */\n\n"); - } - fprintf(f, "#endif /* %s */\n", hb); - return 0; -} diff --git a/crypto/kerberosIV/include/config.h.in b/crypto/kerberosIV/include/config.h.in deleted file mode 100644 index 4995c27302b4..000000000000 --- a/crypto/kerberosIV/include/config.h.in +++ /dev/null @@ -1,1280 +0,0 @@ -/* include/config.h.in. Generated automatically from configure.in by autoheader. */ - -/* Define if using alloca.c. */ -#undef C_ALLOCA - -/* Define to empty if the keyword does not work. */ -#undef const - -/* Define to one of _getb67, GETB67, getb67 for Cray-2 and Cray-YMP systems. - This function is required for alloca.c support on those systems. */ -#undef CRAY_STACKSEG_END - -/* Define to `int' if doesn't define. */ -#undef gid_t - -/* Define if you have alloca, as a function or macro. */ -#undef HAVE_ALLOCA - -/* Define if you have and it should be used (not on Ultrix). */ -#undef HAVE_ALLOCA_H - -/* Define if you have a working `mmap' system call. */ -#undef HAVE_MMAP - -/* Define if your struct stat has st_blksize. */ -#undef HAVE_ST_BLKSIZE - -/* Define as __inline if that's what the C compiler calls it. */ -#undef inline - -/* Define to `long' if doesn't define. */ -#undef off_t - -/* Define to `int' if doesn't define. */ -#undef pid_t - -/* Define if you need to in order for stat and other things to work. */ -#undef _POSIX_SOURCE - -/* Define as the return type of signal handlers (int or void). */ -#undef RETSIGTYPE - -/* Define to `unsigned' if doesn't define. */ -#undef size_t - -/* If using the C implementation of alloca, define if you know the - direction of stack growth for your system; otherwise it will be - automatically deduced at run-time. - STACK_DIRECTION > 0 => grows toward higher addresses - STACK_DIRECTION < 0 => grows toward lower addresses - STACK_DIRECTION = 0 => direction of growth unknown - */ -#undef STACK_DIRECTION - -/* Define if you have the ANSI C header files. */ -#undef STDC_HEADERS - -/* Define if `sys_siglist' is declared by . */ -#undef SYS_SIGLIST_DECLARED - -/* Define if you can safely include both and . */ -#undef TIME_WITH_SYS_TIME - -/* Define to `int' if doesn't define. */ -#undef uid_t - -/* Define if your processor stores words with the most significant - byte first (like Motorola and SPARC, unlike Intel and VAX). */ -#undef WORDS_BIGENDIAN - -/* Define if the X Window System is missing or not being used. */ -#undef X_DISPLAY_MISSING - -/* Define if you have the XauFileName function. */ -#undef HAVE_XAUFILENAME - -/* Define if you have the XauReadAuth function. */ -#undef HAVE_XAUREADAUTH - -/* Define if you have the XauWriteAuth function. */ -#undef HAVE_XAUWRITEAUTH - -/* Define if you have the _getpty function. */ -#undef HAVE__GETPTY - -/* Define if you have the _scrsize function. */ -#undef HAVE__SCRSIZE - -/* Define if you have the _setsid function. */ -#undef HAVE__SETSID - -/* Define if you have the _stricmp function. */ -#undef HAVE__STRICMP - -/* Define if you have the asnprintf function. */ -#undef HAVE_ASNPRINTF - -/* Define if you have the asprintf function. */ -#undef HAVE_ASPRINTF - -/* Define if you have the atexit function. */ -#undef HAVE_ATEXIT - -/* Define if you have the cap_set_proc function. */ -#undef HAVE_CAP_SET_PROC - -/* Define if you have the cgetent function. */ -#undef HAVE_CGETENT - -/* Define if you have the chown function. */ -#undef HAVE_CHOWN - -/* Define if you have the chroot function. */ -#undef HAVE_CHROOT - -/* Define if you have the copyhostent function. */ -#undef HAVE_COPYHOSTENT - -/* Define if you have the crypt function. */ -#undef HAVE_CRYPT - -/* Define if you have the daemon function. */ -#undef HAVE_DAEMON - -/* Define if you have the dlopen function. */ -#undef HAVE_DLOPEN - -/* Define if you have the dn_expand function. */ -#undef HAVE_DN_EXPAND - -/* Define if you have the el_init function. */ -#undef HAVE_EL_INIT - -/* Define if you have the err function. */ -#undef HAVE_ERR - -/* Define if you have the errx function. */ -#undef HAVE_ERRX - -/* Define if you have the fattach function. */ -#undef HAVE_FATTACH - -/* Define if you have the fchmod function. */ -#undef HAVE_FCHMOD - -/* Define if you have the fchown function. */ -#undef HAVE_FCHOWN - -/* Define if you have the fcntl function. */ -#undef HAVE_FCNTL - -/* Define if you have the flock function. */ -#undef HAVE_FLOCK - -/* Define if you have the fnmatch function. */ -#undef HAVE_FNMATCH - -/* Define if you have the forkpty function. */ -#undef HAVE_FORKPTY - -/* Define if you have the freehostent function. */ -#undef HAVE_FREEHOSTENT - -/* Define if you have the frevoke function. */ -#undef HAVE_FREVOKE - -/* Define if you have the getattr function. */ -#undef HAVE_GETATTR - -/* Define if you have the getcwd function. */ -#undef HAVE_GETCWD - -/* Define if you have the getdtablesize function. */ -#undef HAVE_GETDTABLESIZE - -/* Define if you have the getegid function. */ -#undef HAVE_GETEGID - -/* Define if you have the geteuid function. */ -#undef HAVE_GETEUID - -/* Define if you have the getgid function. */ -#undef HAVE_GETGID - -/* Define if you have the gethostbyname function. */ -#undef HAVE_GETHOSTBYNAME - -/* Define if you have the gethostname function. */ -#undef HAVE_GETHOSTNAME - -/* Define if you have the getipnodebyaddr function. */ -#undef HAVE_GETIPNODEBYADDR - -/* Define if you have the getipnodebyname function. */ -#undef HAVE_GETIPNODEBYNAME - -/* Define if you have the getlogin function. */ -#undef HAVE_GETLOGIN - -/* Define if you have the getopt function. */ -#undef HAVE_GETOPT - -/* Define if you have the getpagesize function. */ -#undef HAVE_GETPAGESIZE - -/* Define if you have the getpriority function. */ -#undef HAVE_GETPRIORITY - -/* Define if you have the getpwnam_r function. */ -#undef HAVE_GETPWNAM_R - -/* Define if you have the getrlimit function. */ -#undef HAVE_GETRLIMIT - -/* Define if you have the getservbyname function. */ -#undef HAVE_GETSERVBYNAME - -/* Define if you have the getsockopt function. */ -#undef HAVE_GETSOCKOPT - -/* Define if you have the getspnam function. */ -#undef HAVE_GETSPNAM - -/* Define if you have the gettimeofday function. */ -#undef HAVE_GETTIMEOFDAY - -/* Define if you have the gettosbyname function. */ -#undef HAVE_GETTOSBYNAME - -/* Define if you have the getudbnam function. */ -#undef HAVE_GETUDBNAM - -/* Define if you have the getuid function. */ -#undef HAVE_GETUID - -/* Define if you have the getusershell function. */ -#undef HAVE_GETUSERSHELL - -/* Define if you have the grantpt function. */ -#undef HAVE_GRANTPT - -/* Define if you have the hstrerror function. */ -#undef HAVE_HSTRERROR - -/* Define if you have the inet_aton function. */ -#undef HAVE_INET_ATON - -/* Define if you have the inet_ntop function. */ -#undef HAVE_INET_NTOP - -/* Define if you have the inet_pton function. */ -#undef HAVE_INET_PTON - -/* Define if you have the initgroups function. */ -#undef HAVE_INITGROUPS - -/* Define if you have the innetgr function. */ -#undef HAVE_INNETGR - -/* Define if you have the iruserok function. */ -#undef HAVE_IRUSEROK - -/* Define if you have the logout function. */ -#undef HAVE_LOGOUT - -/* Define if you have the logwtmp function. */ -#undef HAVE_LOGWTMP - -/* Define if you have the lstat function. */ -#undef HAVE_LSTAT - -/* Define if you have the memmove function. */ -#undef HAVE_MEMMOVE - -/* Define if you have the mkstemp function. */ -#undef HAVE_MKSTEMP - -/* Define if you have the mktime function. */ -#undef HAVE_MKTIME - -/* Define if you have the odm_initialize function. */ -#undef HAVE_ODM_INITIALIZE - -/* Define if you have the on_exit function. */ -#undef HAVE_ON_EXIT - -/* Define if you have the parsetos function. */ -#undef HAVE_PARSETOS - -/* Define if you have the ptsname function. */ -#undef HAVE_PTSNAME - -/* Define if you have the putenv function. */ -#undef HAVE_PUTENV - -/* Define if you have the rand function. */ -#undef HAVE_RAND - -/* Define if you have the random function. */ -#undef HAVE_RANDOM - -/* Define if you have the rcmd function. */ -#undef HAVE_RCMD - -/* Define if you have the readline function. */ -#undef HAVE_READLINE - -/* Define if you have the readv function. */ -#undef HAVE_READV - -/* Define if you have the recvmsg function. */ -#undef HAVE_RECVMSG - -/* Define if you have the res_search function. */ -#undef HAVE_RES_SEARCH - -/* Define if you have the revoke function. */ -#undef HAVE_REVOKE - -/* Define if you have the sa_family_t function. */ -#undef HAVE_SA_FAMILY_T - -/* Define if you have the sendmsg function. */ -#undef HAVE_SENDMSG - -/* Define if you have the setegid function. */ -#undef HAVE_SETEGID - -/* Define if you have the setenv function. */ -#undef HAVE_SETENV - -/* Define if you have the seteuid function. */ -#undef HAVE_SETEUID - -/* Define if you have the setitimer function. */ -#undef HAVE_SETITIMER - -/* Define if you have the setlim function. */ -#undef HAVE_SETLIM - -/* Define if you have the setlogin function. */ -#undef HAVE_SETLOGIN - -/* Define if you have the setpcred function. */ -#undef HAVE_SETPCRED - -/* Define if you have the setpgid function. */ -#undef HAVE_SETPGID - -/* Define if you have the setpriority function. */ -#undef HAVE_SETPRIORITY - -/* Define if you have the setproctitle function. */ -#undef HAVE_SETPROCTITLE - -/* Define if you have the setregid function. */ -#undef HAVE_SETREGID - -/* Define if you have the setresgid function. */ -#undef HAVE_SETRESGID - -/* Define if you have the setresuid function. */ -#undef HAVE_SETRESUID - -/* Define if you have the setreuid function. */ -#undef HAVE_SETREUID - -/* Define if you have the setsid function. */ -#undef HAVE_SETSID - -/* Define if you have the setsockopt function. */ -#undef HAVE_SETSOCKOPT - -/* Define if you have the setutent function. */ -#undef HAVE_SETUTENT - -/* Define if you have the sgi_getcapabilitybyname function. */ -#undef HAVE_SGI_GETCAPABILITYBYNAME - -/* Define if you have the sigaction function. */ -#undef HAVE_SIGACTION - -/* Define if you have the socket function. */ -#undef HAVE_SOCKET - -/* Define if you have the socklen_t function. */ -#undef HAVE_SOCKLEN_T - -/* Define if you have the strcasecmp function. */ -#undef HAVE_STRCASECMP - -/* Define if you have the strdup function. */ -#undef HAVE_STRDUP - -/* Define if you have the strerror function. */ -#undef HAVE_STRERROR - -/* Define if you have the strftime function. */ -#undef HAVE_STRFTIME - -/* Define if you have the strlcat function. */ -#undef HAVE_STRLCAT - -/* Define if you have the strlcpy function. */ -#undef HAVE_STRLCPY - -/* Define if you have the strlwr function. */ -#undef HAVE_STRLWR - -/* Define if you have the strncasecmp function. */ -#undef HAVE_STRNCASECMP - -/* Define if you have the strndup function. */ -#undef HAVE_STRNDUP - -/* Define if you have the strnlen function. */ -#undef HAVE_STRNLEN - -/* Define if you have the strptime function. */ -#undef HAVE_STRPTIME - -/* Define if you have the strsep function. */ -#undef HAVE_STRSEP - -/* Define if you have the strtok_r function. */ -#undef HAVE_STRTOK_R - -/* Define if you have the struct_sockaddr_storage function. */ -#undef HAVE_STRUCT_SOCKADDR_STORAGE - -/* Define if you have the strupr function. */ -#undef HAVE_STRUPR - -/* Define if you have the swab function. */ -#undef HAVE_SWAB - -/* Define if you have the sysconf function. */ -#undef HAVE_SYSCONF - -/* Define if you have the sysctl function. */ -#undef HAVE_SYSCTL - -/* Define if you have the syslog function. */ -#undef HAVE_SYSLOG - -/* Define if you have the tgetent function. */ -#undef HAVE_TGETENT - -/* Define if you have the ttyname function. */ -#undef HAVE_TTYNAME - -/* Define if you have the ttyslot function. */ -#undef HAVE_TTYSLOT - -/* Define if you have the ulimit function. */ -#undef HAVE_ULIMIT - -/* Define if you have the uname function. */ -#undef HAVE_UNAME - -/* Define if you have the unlockpt function. */ -#undef HAVE_UNLOCKPT - -/* Define if you have the unsetenv function. */ -#undef HAVE_UNSETENV - -/* Define if you have the vasnprintf function. */ -#undef HAVE_VASNPRINTF - -/* Define if you have the vasprintf function. */ -#undef HAVE_VASPRINTF - -/* Define if you have the verr function. */ -#undef HAVE_VERR - -/* Define if you have the verrx function. */ -#undef HAVE_VERRX - -/* Define if you have the vhangup function. */ -#undef HAVE_VHANGUP - -/* Define if you have the vsnprintf function. */ -#undef HAVE_VSNPRINTF - -/* Define if you have the vsyslog function. */ -#undef HAVE_VSYSLOG - -/* Define if you have the vwarn function. */ -#undef HAVE_VWARN - -/* Define if you have the vwarnx function. */ -#undef HAVE_VWARNX - -/* Define if you have the warn function. */ -#undef HAVE_WARN - -/* Define if you have the warnx function. */ -#undef HAVE_WARNX - -/* Define if you have the writev function. */ -#undef HAVE_WRITEV - -/* Define if you have the yp_get_default_domain function. */ -#undef HAVE_YP_GET_DEFAULT_DOMAIN - -/* Define if you have the header file. */ -#undef HAVE_ARPA_FTP_H - -/* Define if you have the header file. */ -#undef HAVE_ARPA_INET_H - -/* Define if you have the header file. */ -#undef HAVE_ARPA_NAMESER_H - -/* Define if you have the header file. */ -#undef HAVE_ARPA_TELNET_H - -/* Define if you have the header file. */ -#undef HAVE_BSD_BSD_H - -/* Define if you have the header file. */ -#undef HAVE_BSDSETJMP_H - -/* Define if you have the header file. */ -#undef HAVE_CAPABILITY_H - -/* Define if you have the header file. */ -#undef HAVE_CRYPT_H - -/* Define if you have the header file. */ -#undef HAVE_CURSES_H - -/* Define if you have the header file. */ -#undef HAVE_DB_H - -/* Define if you have the header file. */ -#undef HAVE_DBM_H - -/* Define if you have the header file. */ -#undef HAVE_DIRENT_H - -/* Define if you have the header file. */ -#undef HAVE_ERR_H - -/* Define if you have the header file. */ -#undef HAVE_ERRNO_H - -/* Define if you have the header file. */ -#undef HAVE_FCNTL_H - -/* Define if you have the header file. */ -#undef HAVE_FNMATCH_H - -/* Define if you have the header file. */ -#undef HAVE_GDBM_NDBM_H - -/* Define if you have the header file. */ -#undef HAVE_GRP_H - -/* Define if you have the header file. */ -#undef HAVE_INTTYPES_H - -/* Define if you have the header file. */ -#undef HAVE_IO_H - -/* Define if you have the header file. */ -#undef HAVE_LASTLOG_H - -/* Define if you have the header file. */ -#undef HAVE_LIBUTIL_H - -/* Define if you have the header file. */ -#undef HAVE_LIMITS_H - -/* Define if you have the header file. */ -#undef HAVE_LOGIN_H - -/* Define if you have the header file. */ -#undef HAVE_MAILLOCK_H - -/* Define if you have the header file. */ -#undef HAVE_NDBM_H - -/* Define if you have the header file. */ -#undef HAVE_NET_IF_H - -/* Define if you have the header file. */ -#undef HAVE_NET_IF_TUN_H - -/* Define if you have the header file. */ -#undef HAVE_NET_IF_VAR_H - -/* Define if you have the header file. */ -#undef HAVE_NETDB_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IN_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IN6_MACHTYPES_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IN_SYSTM_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IP_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_TCP_H - -/* Define if you have the header file. */ -#undef HAVE_PATHS_H - -/* Define if you have the header file. */ -#undef HAVE_PTY_H - -/* Define if you have the header file. */ -#undef HAVE_PWD_H - -/* Define if you have the header file. */ -#undef HAVE_RESOLV_H - -/* Define if you have the header file. */ -#undef HAVE_RPCSVC_DBM_H - -/* Define if you have the header file. */ -#undef HAVE_RPCSVC_YPCLNT_H - -/* Define if you have the header file. */ -#undef HAVE_SAC_H - -/* Define if you have the header file. */ -#undef HAVE_SECURITY_PAM_MODULES_H - -/* Define if you have the header file. */ -#undef HAVE_SHADOW_H - -/* Define if you have the header file. */ -#undef HAVE_SIAD_H - -/* Define if you have the header file. */ -#undef HAVE_SIGNAL_H - -/* Define if you have the header file. */ -#undef HAVE_STANDARDS_H - -/* Define if you have the header file. */ -#undef HAVE_STROPTS_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_BITYPES_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_CAPABILITY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_CATEGORY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_FILE_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_FILIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_IOCCOM_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_IOCTL_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_LOCKING_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_MMAN_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PARAM_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PROC_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PTY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PTYIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PTYVAR_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_RESOURCE_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SELECT_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SOCKET_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SOCKIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STAT_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STR_TTY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STREAM_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STROPTS_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STRTTY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SYSCALL_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SYSCTL_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TERMIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TIME_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TIMEB_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TIMES_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TTY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TYPES_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_UIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_UN_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_UTSNAME_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_WAIT_H - -/* Define if you have the header file. */ -#undef HAVE_SYSLOG_H - -/* Define if you have the header file. */ -#undef HAVE_TERM_H - -/* Define if you have the header file. */ -#undef HAVE_TERMCAP_H - -/* Define if you have the header file. */ -#undef HAVE_TERMIO_H - -/* Define if you have the header file. */ -#undef HAVE_TERMIOS_H - -/* Define if you have the header file. */ -#undef HAVE_TMPDIR_H - -/* Define if you have the header file. */ -#undef HAVE_TTYENT_H - -/* Define if you have the header file. */ -#undef HAVE_UDB_H - -/* Define if you have the header file. */ -#undef HAVE_ULIMIT_H - -/* Define if you have the header file. */ -#undef HAVE_UNISTD_H - -/* Define if you have the header file. */ -#undef HAVE_USERPW_H - -/* Define if you have the header file. */ -#undef HAVE_USERSEC_H - -/* Define if you have the header file. */ -#undef HAVE_UTIL_H - -/* Define if you have the header file. */ -#undef HAVE_UTIME_H - -/* Define if you have the header file. */ -#undef HAVE_UTMP_H - -/* Define if you have the header file. */ -#undef HAVE_UTMPX_H - -/* Define if you have the header file. */ -#undef HAVE_WAIT_H - -/* Define if you have the X11 library (-lX11). */ -#undef HAVE_LIBX11 - -/* Define if you have the Xau library (-lXau). */ -#undef HAVE_LIBXAU - -/* Define if you have the c_r library (-lc_r). */ -#undef HAVE_LIBC_R - -/* Define if you have the cfg library (-lcfg). */ -#undef HAVE_LIBCFG - -/* Define if you have the crypt library (-lcrypt). */ -#undef HAVE_LIBCRYPT - -/* Define if you have the curses library (-lcurses). */ -#undef HAVE_LIBCURSES - -/* Define if you have the dl library (-ldl). */ -#undef HAVE_LIBDL - -/* Define if you have the edit library (-ledit). */ -#undef HAVE_LIBEDIT - -/* Define if you have the ncurses library (-lncurses). */ -#undef HAVE_LIBNCURSES - -/* Define if you have the nsl library (-lnsl). */ -#undef HAVE_LIBNSL - -/* Define if you have the odm library (-lodm). */ -#undef HAVE_LIBODM - -/* Define if you have the readline library (-lreadline). */ -#undef HAVE_LIBREADLINE - -/* Define if you have the resolv library (-lresolv). */ -#undef HAVE_LIBRESOLV - -/* Define if you have the s library (-ls). */ -#undef HAVE_LIBS - -/* Define if you have the socket library (-lsocket). */ -#undef HAVE_LIBSOCKET - -/* Define if you have the syslog library (-lsyslog). */ -#undef HAVE_LIBSYSLOG - -/* Define if you have the termcap library (-ltermcap). */ -#undef HAVE_LIBTERMCAP - -/* Define if you have the util library (-lutil). */ -#undef HAVE_LIBUTIL - -/* Name of package */ -#undef PACKAGE - -/* Version number of package */ -#undef VERSION - -/* Define to what version of SunOS you are running. */ -#undef SunOS - -/* Define if you have the socks package. */ -#undef SOCKS - -/* Define to enable old kdestroy behavior. */ -#undef LEGACY_KDESTROY - -/* Define if you want to match subdomains. */ -#undef MATCH_SUBDOMAINS - -/* Define this to be the directory where the - dictionary for cracklib resides. */ -#undef DICTPATH - -/* Define this to the path of the mail spool directory. */ -#undef KRB4_MAILDIR - -/* Define this to the kerberos database directory. */ -#undef DB_DIR - -/* Define to enable new master key code. */ -#undef RANDOM_MKEY - -/* Define this to the location of the master key. */ -#undef MKEYFILE - -/* Define to enable basic OSF C2 support. */ -#undef HAVE_OSFC2 - -/* Define if you don't want to use mmap. */ -#undef NO_MMAP - -/* Define if you don't wan't support for AFS. */ -#undef NO_AFS - -/* Set this to the type of des-quad-cheksum to use. */ -#undef DES_QUAD_DEFAULT - -/* Define if you have the readline package. */ -#undef READLINE - -/* Define if you have the hesiod package. */ -#undef HESIOD - -/* define if your compiler has __attribute__ */ -#undef HAVE___ATTRIBUTE__ - -/* Huh? */ -#undef HAVE_STRANGE_INT8_T - -/* Define if NDBM really is DB (creates files ending in .db). */ -#undef HAVE_NEW_DB - -/* Define if you have NDBM (and not DBM) */ -#undef NDBM - -/* define if you have a working snprintf */ -#undef HAVE_SNPRINTF - -/* define if the system is missing a prototype for snprintf() */ -#undef NEED_SNPRINTF_PROTO - -/* define if you have a glob() that groks - GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, and GLOB_TILDE */ -#undef HAVE_GLOB - -/* define if the system is missing a prototype for glob() */ -#undef NEED_GLOB_PROTO - -/* Define if getpwnam_r has POSIX flavour. */ -#undef POSIX_GETPWNAM_R - -/* Define if getlogin has POSIX flavour (and not BSD). */ -#undef POSIX_GETLOGIN - -/* define if the system is missing a prototype for hstrerror() */ -#undef NEED_HSTRERROR_PROTO - -/* define if the system is missing a prototype for gethostname() */ -#undef NEED_GETHOSTNAME_PROTO - -/* define if the system is missing a prototype for mkstemp() */ -#undef NEED_MKSTEMP_PROTO - -/* define if the system is missing a prototype for inet_aton() */ -#undef NEED_INET_ATON_PROTO - -/* Define if realloc(NULL, X) doesn't work. */ -#undef BROKEN_REALLOC - -/* Define if getcwd is broken (like in SunOS 4). */ -#undef BROKEN_GETCWD - -/* define if prototype of gethostbyname is compatible with - struct hostent *gethostbyname(const char *) */ -#undef GETHOSTBYNAME_PROTO_COMPATIBLE - -/* define if prototype of gethostbyaddr is compatible with - struct hostent *gethostbyaddr(const void *, size_t, int) */ -#undef GETHOSTBYADDR_PROTO_COMPATIBLE - -/* define if prototype of getservbyname is compatible with - struct servent *getservbyname(const char *, const char *) */ -#undef GETSERVBYNAME_PROTO_COMPATIBLE - -/* define if prototype of openlog is compatible with - void openlog(const char *, int, int) */ -#undef OPENLOG_PROTO_COMPATIBLE - -/* define if the system is missing a prototype for crypt() */ -#undef NEED_CRYPT_PROTO - -/* define if the system is missing a prototype for fclose() */ -#undef NEED_FCLOSE_PROTO - -/* define if the system is missing a prototype for strtok_r() */ -#undef NEED_STRTOK_R_PROTO - -/* define if the system is missing a prototype for strsep() */ -#undef NEED_STRSEP_PROTO - -/* define if the system is missing a prototype for getusershell() */ -#undef NEED_GETUSERSHELL_PROTO - -/* define if the system is missing a prototype for utime() */ -#undef NEED_UTIME_PROTO - -/* define if you have h_errno */ -#undef HAVE_H_ERRNO - -/* define if your system declares h_errno */ -#undef HAVE_H_ERRNO_DECLARATION - -/* define if you have h_errlist */ -#undef HAVE_H_ERRLIST - -/* define if your system declares h_errlist */ -#undef HAVE_H_ERRLIST_DECLARATION - -/* define if you have h_nerr */ -#undef HAVE_H_NERR - -/* define if your system declares h_nerr */ -#undef HAVE_H_NERR_DECLARATION - -/* define if you have __progname */ -#undef HAVE___PROGNAME - -/* define if your system declares __progname */ -#undef HAVE___PROGNAME_DECLARATION - -/* define if your system declares optarg */ -#undef HAVE_OPTARG_DECLARATION - -/* define if your system declares optind */ -#undef HAVE_OPTIND_DECLARATION - -/* define if your system declares opterr */ -#undef HAVE_OPTERR_DECLARATION - -/* define if your system declares optopt */ -#undef HAVE_OPTOPT_DECLARATION - -/* define if your system declares environ */ -#undef HAVE_ENVIRON_DECLARATION - -/* Define if RETSIGTYPE == void. */ -#undef VOID_RETSIGTYPE - -/* Define if struct utmp has field ut_addr. */ -#undef HAVE_STRUCT_UTMP_UT_ADDR - -/* Define if struct utmp has field ut_host. */ -#undef HAVE_STRUCT_UTMP_UT_HOST - -/* Define if struct utmp has field ut_id. */ -#undef HAVE_STRUCT_UTMP_UT_ID - -/* Define if struct utmp has field ut_pid. */ -#undef HAVE_STRUCT_UTMP_UT_PID - -/* Define if struct utmp has field ut_type. */ -#undef HAVE_STRUCT_UTMP_UT_TYPE - -/* Define if struct utmp has field ut_user. */ -#undef HAVE_STRUCT_UTMP_UT_USER - -/* Define if struct utmpx has field ut_exit. */ -#undef HAVE_STRUCT_UTMPX_UT_EXIT - -/* Define if struct utmpx has field ut_syslen. */ -#undef HAVE_STRUCT_UTMPX_UT_SYSLEN - -/* Define if struct tm has field tm_gmtoff. */ -#undef HAVE_STRUCT_TM_TM_GMTOFF - -/* Define if struct tm has field tm_zone. */ -#undef HAVE_STRUCT_TM_TM_ZONE - -/* define if you have timezone */ -#undef HAVE_TIMEZONE - -/* define if your system declares timezone */ -#undef HAVE_TIMEZONE_DECLARATION - -/* define if you have struct spwd */ -#undef HAVE_STRUCT_SPWD - -/* define if struct winsize is declared in sys/termios.h */ -#undef HAVE_STRUCT_WINSIZE - -/* define if struct winsize has ws_xpixel */ -#undef HAVE_WS_XPIXEL - -/* define if struct winsize has ws_ypixel */ -#undef HAVE_WS_YPIXEL - -/* Define this to what the type ssize_t should be. */ -#undef ssize_t - -/* Define this to what the type sig_atomic_t should be. */ -#undef sig_atomic_t - -/* Define if struct sockaddr has field sa_len. */ -#undef HAVE_STRUCT_SOCKADDR_SA_LEN - -/* Define if SIAENTITY has field ouid. */ -#undef HAVE_SIAENTITY_OUID - -/* Define if you have a working getmsg. */ -#undef HAVE_GETMSG - -/* Define if el_init takes four arguments. */ -#undef HAVE_FOUR_VALUED_EL_INIT - -/* Define if you have a readline function. */ -#undef HAVE_READLINE - -/* Define if you have working stream ptys. */ -#undef STREAMSPTY - -/* Define if /bin/ls has a `-A' flag. */ -#undef HAVE_LS_A - - -#undef HAVE_INT8_T -#undef HAVE_INT16_T -#undef HAVE_INT32_T -#undef HAVE_INT64_T -#undef HAVE_U_INT8_T -#undef HAVE_U_INT16_T -#undef HAVE_U_INT32_T -#undef HAVE_U_INT64_T - -/* This for compat with heimdal (or something) */ -#define KRB_PUT_INT(f, t, l, s) krb_put_int((f), (t), (l), (s)) - -#define HAVE_KRB_ENABLE_DEBUG 1 - -#define HAVE_KRB_DISABLE_DEBUG 1 - -#define HAVE_KRB_GET_OUR_IP_FOR_REALM 1 - -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } - -/* - * Set ORGANIZATION to be the desired organization string printed - * by the 'kinit' program. It may have spaces. - */ -#define ORGANIZATION "eBones International" - -#if 0 -#undef BINDIR -#undef LIBDIR -#undef LIBEXECDIR -#undef SBINDIR -#endif - -#if 0 -#define KRB_CNF_FILES { "/etc/krb.conf", "/etc/kerberosIV/krb.conf", 0} -#define KRB_RLM_FILES { "/etc/krb.realms", "/etc/kerberosIV/krb.realms", 0} -#define KRB_EQUIV "/etc/krb.equiv" - -#define KEYFILE "/etc/srvtab" - -#define KRBDIR "/var/kerberos" -#define DBM_FILE KRBDIR "/principal" -#define DEFAULT_ACL_DIR KRBDIR - -#define KRBLOG "/var/log/kerberos.log" /* master server */ -#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* slave server */ -#define KADM_SYSLOG "/var/log/admin_server.syslog" -#define K_LOGFIL "/var/log/kpropd.log" -#endif - -/* Maximum values on all known systems */ -#define MaxHostNameLen (64+4) -#define MaxPathLen (1024+4) - -/* ftp stuff -------------------------------------------------- */ - -#define KERBEROS - -/* telnet stuff ----------------------------------------------- */ - -/* define this for OTP support */ -#undef OTP - -/* define this if you have kerberos 4 */ -#undef KRB4 - -/* define this if you want encryption */ -#undef ENCRYPTION - -/* define this if you want authentication */ -#undef AUTHENTICATION - -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif - -/* Set this if you want des encryption */ -#undef DES_ENCRYPTION - -/* Set this to the default system lead string for telnetd - * can contain %-escapes: %s=sysname, %m=machine, %r=os-release - * %v=os-version, %t=tty, %h=hostname, %d=date and time - */ -#undef USE_IM - -/* define this if you want diagnostics in telnetd */ -#undef DIAGNOSTICS - -/* define this if you want support for broken ENV_{VALUE,VAR} systems */ -#undef ENV_HACK - -/* */ -#undef OLD_ENVIRON - -/* Used with login -p */ -#undef LOGIN_ARGS - -/* set this to a sensible login */ -#ifndef LOGIN_PATH -#define LOGIN_PATH BINDIR "/login" -#endif - - -/* ------------------------------------------------------------ */ - -#ifdef BROKEN_REALLOC -#define realloc(X, Y) isoc_realloc((X), (Y)) -#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) -#endif - -#ifdef VOID_RETSIGTYPE -#define SIGRETURN(x) return -#else -#define SIGRETURN(x) return (RETSIGTYPE)(x) -#endif - -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -/* - * All these are system-specific defines that I would rather not have at all. - */ - -/* - * AIX braindamage! - */ -#if _AIX -#define _ALL_SOURCE -/* XXX this is gross, but kills about a gazillion warnings */ -struct ether_addr; -struct sockaddr; -struct sockaddr_dl; -struct sockaddr_in; -#endif - -#if defined(__sgi) || defined(sgi) -#if defined(__SYSTYPE_SVR4) || defined(_SYSTYPE_SVR4) -#define IRIX 5 -#else -#define IRIX 4 -#endif -#endif - -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif - -/* - * Defining this enables lots of useful (and used) extensions on - * glibc-based systems such as Linux - */ - -#define _GNU_SOURCE - -/* some strange OS/2 stuff. From */ - -#ifdef __EMX__ -#define _EMX_TCPIP -#define MAIL_USE_SYSTEM_LOCK -#endif - -#ifdef ROKEN_RENAME -#include "roken_rename.h" -#endif diff --git a/crypto/kerberosIV/include/netdb.x b/crypto/kerberosIV/include/netdb.x deleted file mode 100644 index 70559184749f..000000000000 --- a/crypto/kerberosIV/include/netdb.x +++ /dev/null @@ -1,7 +0,0 @@ -/* fix for broken ultrix netdb.h. */ -#ifndef __NETDB_H__ -#define __NETDB_H__ - -#include "/usr/include/netdb.h" - -#endif /* __NETDB_H__ */ diff --git a/crypto/kerberosIV/include/protos.H b/crypto/kerberosIV/include/protos.H deleted file mode 100644 index faf911e96615..000000000000 --- a/crypto/kerberosIV/include/protos.H +++ /dev/null @@ -1,277 +0,0 @@ -/* -*- C -*- - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Add here functions that don't have a prototype on your system. - * - * $Id: protos.H,v 1.46 1999/12/02 16:58:36 joda Exp $ - */ - -#ifdef NEED_CRYPT_PROTO -char *crypt(const char*, const char*); -#endif - -#ifdef NEED_STRTOK_R_PROTO -char *strtok_r (char *s1, const char *s2, char **lasts); -#endif - -#ifndef HAVE_OPTARG_DECLARATION -extern char *optarg; -#endif -#ifndef HAVE_OPTERR_DECLARATION -extern int opterr; -#endif -#ifndef HAVE_OPTIND_DECLARATION -extern int optind; -#endif -#ifndef HAVE_OPTOPT_DECLARATION -extern int optopt; -#endif - -#if defined(__GNUC__) && SunOS == 4 - -/* To get type fd_set */ -#include -#include - -/* To get struct sockaddr, struct in_addr and struct hostent */ -#include -#include -#include - -/* To get struct stat */ -#include - -/* To get struct utimbuf */ -#include - -#if !defined(HAVE_ATEXIT) && defined(HAVE_ON_EXIT) -#define atexit(X) on_exit(X, NULL) -#define HAVE_ATEXIT 1 -#endif -#ifdef NEED_UTIME_PROTO -int utime(const char *, const struct utimbuf *); -#endif -int syscall(int, ...); -pid_t getpid(void); -int ftruncate(int, off_t); -int fchmod(int, mode_t); -int fchown(int fd, int owner, int group); -int fsync(int); -int seteuid(uid_t); -int setreuid(int, int); -int flock(int, int); -int gettimeofday(struct timeval *tp, struct timezone *tzp); -int lstat(const char *, struct stat *); -int ioctl(int, int, void *); -int getpriority(int which, int who); -int setpriority(int which, int who, int priority); -int getdtablesize(void); -int initgroups(const char *name, int basegid); -long ulimit(int cmd, long newlimit); -int vhangup(void); - -int sigblock(int); -int sigsetmask(int); -int setitimer(int which, struct itimerval *value, struct itimerval *ovalue); - -int munmap(caddr_t addr, int len); - -int socket(int, int, int); -int setsockopt(int, int, int, void *, int); -int bind(int, void *, int); -int getsockname(int, struct sockaddr *, int *); -int accept(int, struct sockaddr *, int *); -int connect(int, struct sockaddr *, int); -int listen(int, int); -int recv(int s, void *buf, int len, int flags); -int recvfrom(int, char *, int, int, void *, int *); -int sendto(int, const char *, int, int, void *, int); -int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); -int shutdown(int, int); -int getpeername(int, struct sockaddr *, int *); -int getsockopt(int, int, int, void *, int *); -int send(int s, const void *msg, int len, int flags); -struct strbuf; -int getmsg(int fd, struct strbuf *ctlptr, struct strbuf *dataptr, int *flags); - -char *inet_ntoa(struct in_addr in); -unsigned long inet_addr(const char *cp); -int gethostname(char *, int); -struct hostent *gethostbyname(const char *); -int dn_expand(const u_char *msg, - const u_char *eomorig, - const u_char *comp_dn, - char *exp_dn, - int length); -int res_search(const char *dname, - int class, - int type, - u_char *answer, - int anslen); - -int yp_get_default_domain (char **outdomain); -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); - -char *getwd(char *pathname); - -void bzero(char *b, int length); -int strcasecmp(const char *, const char *); -void swab(const char *, char *, int); -int atoi(const char *str); -char *mktemp(char *); -void srandom(int seed); -int random(void); - -int rcmd(char **, unsigned short, char *, char *, char *, int *); -int rresvport(int *); -int openlog(const char *ident, int logopt, int facility); -int syslog(int priority, const char *message, ...); -int ttyslot(void); - -char *getpass(const char *); - -char *getusershell(void); -void setpwent(); -void endpwent(); - -#include -int fclose(FILE *); - -#endif /* SunOS4 */ - -#if SunOS == 5 - -#include -#include - -char *getusershell(void); -char *strtok_r(char *, const char *, char **); -int getpriority (int which, id_t who); -int setpriority (int which, id_t who, int prio); -int getdtablesize (void); -char *getusershell(void); -void setusershell(void); -void endusershell(void); - -#if defined(__GNUC__) - -int syscall(int, ...); -int gethostname(char *, int); - -struct timeval; -int gettimeofday(struct timeval *tp, void *); - -#endif -#endif - -#if defined(__osf__) /* OSF/1 */ - -#if 0 -/* To get type fd_set */ -#include -#include - -int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); -int fsync(int fildes); -int gethostname(char *address, int address_len); -int setreuid(int ruid, int euid); -int ioctl(int d, unsigned long request, void * arg); -#endif -int flock(int fildes, int operation); -int syscall(int, ...); - -unsigned short htons(unsigned short hostshort); -unsigned int htonl(unsigned int hostint); -unsigned short ntohs(unsigned short netshort); -unsigned int ntohl(unsigned int netint); - -char *mktemp(char *template); -char *getusershell(void); - -int rcmd(char **, unsigned short, char *, char *, char *, int *); -int rresvport (int *port); - -#endif /* OSF/1 */ - -#if defined(__sgi) -#include - -char *ptsname(int fd); -struct spwd *getspuid(uid_t); -#endif /* IRIX */ - -#if defined(__GNUC__) && defined(_AIX) /* AIX */ - -struct timeval; -struct timezone; -int gettimeofday (struct timeval *Tp, void *Tzp); - -#endif /* AIX */ - -#if defined(__GNUC__) && defined(__hpux) /* HP-UX */ - -int syscall(int, ...); - -int vhangup(void); - -char *ptsname(int fildes); - -void utmpname(const char *file); - -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); - -int dn_comp(char *exp_dn, char *comp_dn, int length, - char **dnptrs, char **lastdnptr); - -int res_query(char *dname, int class, int type, - unsigned char *answer, int anslen); - -int dn_expand(char *msg, char *eomorig, char *comp_dn, - char *exp_dn, int length); - -int res_search(char *dname, int class, int type, - unsigned char *answer, int anslen); - -#endif /* HP-UX */ - -#if defined(WIN32) /* Visual C++ 4.0 (Windows95/NT) */ - -int open(const char *, int, ...); -int close(int); -int read(int, void *, unsigned int); -int write(int, const void *, unsigned int); - -#endif /* WIN32 */ diff --git a/crypto/kerberosIV/include/protos.hin b/crypto/kerberosIV/include/protos.hin deleted file mode 100644 index c908f34d9e3c..000000000000 --- a/crypto/kerberosIV/include/protos.hin +++ /dev/null @@ -1,277 +0,0 @@ -/* -*- C -*- - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * Add here functions that don't have a prototype on your system. - * - * $Id: protos.hin,v 1.46.2.1 2000/12/13 14:41:38 assar Exp $ - */ - -#ifdef NEED_CRYPT_PROTO -char *crypt(const char*, const char*); -#endif - -#ifdef NEED_STRTOK_R_PROTO -char *strtok_r (char *s1, const char *s2, char **lasts); -#endif - -#ifndef HAVE_OPTARG_DECLARATION -extern char *optarg; -#endif -#ifndef HAVE_OPTERR_DECLARATION -extern int opterr; -#endif -#ifndef HAVE_OPTIND_DECLARATION -extern int optind; -#endif -#ifndef HAVE_OPTOPT_DECLARATION -extern int optopt; -#endif - -#if defined(__GNUC__) && SunOS == 4 - -/* To get type fd_set */ -#include -#include - -/* To get struct sockaddr, struct in_addr and struct hostent */ -#include -#include -#include - -/* To get struct stat */ -#include - -/* To get struct utimbuf */ -#include - -#if !defined(HAVE_ATEXIT) && defined(HAVE_ON_EXIT) -#define atexit(X) on_exit(X, NULL) -#define HAVE_ATEXIT 1 -#endif -#ifdef NEED_UTIME_PROTO -int utime(const char *, const struct utimbuf *); -#endif -int syscall(int, ...); -pid_t getpid(void); -int ftruncate(int, off_t); -int fchmod(int, mode_t); -int fchown(int fd, int owner, int group); -int fsync(int); -int seteuid(uid_t); -int setreuid(int, int); -int flock(int, int); -int gettimeofday(struct timeval *tp, struct timezone *tzp); -int lstat(const char *, struct stat *); -int ioctl(int, int, void *); -int getpriority(int which, int who); -int setpriority(int which, int who, int priority); -int getdtablesize(void); -int initgroups(const char *name, int basegid); -long ulimit(int cmd, long newlimit); -int vhangup(void); - -int sigblock(int); -int sigsetmask(int); -int setitimer(int which, struct itimerval *value, struct itimerval *ovalue); - -int munmap(caddr_t addr, int len); - -int socket(int, int, int); -int setsockopt(int, int, int, void *, int); -int bind(int, void *, int); -int getsockname(int, struct sockaddr *, int *); -int accept(int, struct sockaddr *, int *); -int connect(int, struct sockaddr *, int); -int listen(int, int); -int recv(int s, void *buf, int len, int flags); -int recvfrom(int, char *, int, int, void *, int *); -int sendto(int, const char *, int, int, void *, int); -int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); -int shutdown(int, int); -int getpeername(int, struct sockaddr *, int *); -int getsockopt(int, int, int, void *, int *); -int send(int s, const void *msg, int len, int flags); -struct strbuf; -int getmsg(int fd, struct strbuf *ctlptr, struct strbuf *dataptr, int *flags); - -char *inet_ntoa(struct in_addr in); -unsigned long inet_addr(const char *cp); -int gethostname(char *, int); -struct hostent *gethostbyname(const char *); -int dn_expand(const u_char *msg, - const u_char *eomorig, - const u_char *comp_dn, - char *exp_dn, - int length); -int res_search(const char *dname, - int class, - int type, - u_char *answer, - int anslen); - -int yp_get_default_domain (char **outdomain); -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); - -char *getwd(char *pathname); - -void bzero(char *b, int length); -int strcasecmp(const char *, const char *); -void swab(const char *, char *, int); -int atoi(const char *str); -char *mktemp(char *); -void srandom(int seed); -int random(void); - -int rcmd(char **, unsigned short, char *, char *, char *, int *); -int rresvport(int *); -int openlog(const char *ident, int logopt, int facility); -int syslog(int priority, const char *message, ...); -int ttyslot(void); - -char *getpass(const char *); - -char *getusershell(void); -void setpwent(); -void endpwent(); - -#include -int fclose(FILE *); - -#endif /* SunOS4 */ - -#if SunOS == 5 - -#include -#include - -char *getusershell(void); -char *strtok_r(char *, const char *, char **); -int getpriority (int which, id_t who); -int setpriority (int which, id_t who, int prio); -int getdtablesize (void); -char *getusershell(void); -void setusershell(void); -void endusershell(void); - -#if defined(__GNUC__) - -int syscall(int, ...); -int gethostname(char *, int); - -struct timeval; -int gettimeofday(struct timeval *tp, void *); - -#endif -#endif - -#if defined(__osf__) /* OSF/1 */ - -#if 0 -/* To get type fd_set */ -#include -#include - -int select(int, fd_set *, fd_set *, fd_set *, struct timeval *); -int fsync(int fildes); -int gethostname(char *address, int address_len); -int setreuid(int ruid, int euid); -int ioctl(int d, unsigned long request, void * arg); -#endif -int flock(int fildes, int operation); -int syscall(int, ...); - -unsigned short htons(unsigned short hostshort); -unsigned int htonl(unsigned int hostint); -unsigned short ntohs(unsigned short netshort); -unsigned int ntohl(unsigned int netint); - -char *mktemp(char *template); -char *getusershell(void); - -int rcmd(char **, unsigned short, char *, char *, char *, int *); -int rresvport (int *port); - -#endif /* OSF/1 */ - -#if defined(__sgi) -#include - -char *ptsname(int fd); -struct spwd *getspuid(uid_t); -#endif /* IRIX */ - -#if defined(__GNUC__) && defined(_AIX) /* AIX */ - -struct timeval; -struct timezone; -int gettimeofday (struct timeval *Tp, void *Tzp); - -#endif /* AIX */ - -#if defined(__GNUC__) && defined(__hpux) /* HP-UX */ - -int syscall(int, ...); - -int vhangup(void); - -char *ptsname(int fildes); - -void utmpname(const char *file); - -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); - -int dn_comp(char *exp_dn, char *comp_dn, int length, - char **dnptrs, char **lastdnptr); - -int res_query(char *dname, int class, int type, - unsigned char *answer, int anslen); - -int dn_expand(char *msg, char *eomorig, char *comp_dn, - char *exp_dn, int length); - -int res_search(char *dname, int class, int type, - unsigned char *answer, int anslen); - -#endif /* HP-UX */ - -#if defined(WIN32) /* Visual C++ 4.0 (Windows95/NT) */ - -int open(const char *, int, ...); -int close(int); -int read(int, void *, unsigned int); -int write(int, const void *, unsigned int); - -#endif /* WIN32 */ diff --git a/crypto/kerberosIV/include/sys/Makefile.in b/crypto/kerberosIV/include/sys/Makefile.in deleted file mode 100644 index cee60af370aa..000000000000 --- a/crypto/kerberosIV/include/sys/Makefile.in +++ /dev/null @@ -1,48 +0,0 @@ -# $Id: Makefile.in,v 1.22 1998/03/15 05:57:53 assar Exp $ - -srcdir = @srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -LN_S = @LN_S@ -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -includedir = @includedir@ -BROKEN_SOCKET_H = @krb_cv_header_sys_socket_h_broken@ - -@SET_MAKE@ - -HEADERS = socket.h - -all: stamp-headers - -Wall: - $(MAKE) CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -install: all - -uninstall: - -clean: - rm -f $(HEADERS) stamp-headers - -mostlyclean: clean -distclean: clean - rm -f Makefile config.status *~ - -realclean: clean - -socket.h: - if test "$(BROKEN_SOCKET_H)" = yes; then \ - $(LN_S) $(srcdir)/socket.x socket.h; \ - fi || true - -stamp-headers: - $(MAKE) $(HEADERS) - touch stamp-headers - -.PHONY: all Wall install uninstall clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/include/sys/socket.x b/crypto/kerberosIV/include/sys/socket.x deleted file mode 100644 index d5678c8ce0c1..000000000000 --- a/crypto/kerberosIV/include/sys/socket.x +++ /dev/null @@ -1,7 +0,0 @@ -/* fix for broken ultrix sys/socket.h. */ -#ifndef __SOCKET_H__ -#define __SOCKET_H__ - -#include "/usr/include/sys/socket.h" - -#endif /* __SOCKET_H__ */ diff --git a/crypto/kerberosIV/include/win32/config.h b/crypto/kerberosIV/include/win32/config.h deleted file mode 100644 index 199961ec77bb..000000000000 --- a/crypto/kerberosIV/include/win32/config.h +++ /dev/null @@ -1,1185 +0,0 @@ -/* include/config.h.in. Generated automatically from configure.in by autoheader. */ - -/* Define if using alloca.c. */ -#undef C_ALLOCA - -/* Define to empty if the keyword does not work. */ -#undef const - -/* Define to one of _getb67, GETB67, getb67 for Cray-2 and Cray-YMP systems. - This function is required for alloca.c support on those systems. */ -#undef CRAY_STACKSEG_END - -/* Define to `int' if doesn't define. */ -#define gid_t int - -/* Define if you have alloca, as a function or macro. */ -#undef HAVE_ALLOCA - -/* Define if you have and it should be used (not on Ultrix). */ -#undef HAVE_ALLOCA_H - -/* Define if you have a working `mmap' system call. */ -#undef HAVE_MMAP - -/* Define if your struct stat has st_blksize. */ -#undef HAVE_ST_BLKSIZE - -/* Define as __inline if that's what the C compiler calls it. */ -#undef inline - -/* Define to `long' if doesn't define. */ -#undef off_t - -/* Define to `int' if doesn't define. */ -#undef pid_t - -/* Define if you need to in order for stat and other things to work. */ -#undef _POSIX_SOURCE - -/* Define as the return type of signal handlers (int or void). */ -#undef RETSIGTYPE - -/* Define to `unsigned' if doesn't define. */ -#undef size_t - -/* If using the C implementation of alloca, define if you know the - direction of stack growth for your system; otherwise it will be - automatically deduced at run-time. - STACK_DIRECTION > 0 => grows toward higher addresses - STACK_DIRECTION < 0 => grows toward lower addresses - STACK_DIRECTION = 0 => direction of growth unknown - */ -#undef STACK_DIRECTION - -/* Define if you have the ANSI C header files. */ -#define STDC_HEADERS 1 - -/* Define if `sys_siglist' is declared by . */ -#undef SYS_SIGLIST_DECLARED - -/* Define if you can safely include both and . */ -#undef TIME_WITH_SYS_TIME - -/* Define to `int' if doesn't define. */ -#define uid_t int - -/* Define if your processor stores words with the most significant - byte first (like Motorola and SPARC, unlike Intel and VAX). */ -#undef WORDS_BIGENDIAN - -/* Define if the X Window System is missing or not being used. */ -#undef X_DISPLAY_MISSING - -/* Define if you have the _getpty function. */ -#undef HAVE__GETPTY - -/* Define if you have the _scrsize function. */ -#undef HAVE__SCRSIZE - -/* Define if you have the _setsid function. */ -#undef HAVE__SETSID - -/* Define if you have the _stricmp function. */ -#define HAVE__STRICMP 1 - -/* Define if you have the asnprintf function. */ -#undef HAVE_ASNPRINTF - -/* Define if you have the asprintf function. */ -#undef HAVE_ASPRINTF - -/* Define if you have the atexit function. */ -#undef HAVE_ATEXIT - -/* Define if you have the chown function. */ -#undef HAVE_CHOWN - -/* Define if you have the chroot function. */ -#undef HAVE_CHROOT - -/* Define if you have the crypt function. */ -#undef HAVE_CRYPT - -/* Define if you have the daemon function. */ -#undef HAVE_DAEMON - -/* Define if you have the dlopen function. */ -#undef HAVE_DLOPEN - -/* Define if you have the dn_expand function. */ -#undef HAVE_DN_EXPAND - -/* Define if you have the el_init function. */ -#undef HAVE_EL_INIT - -/* Define if you have the err function. */ -#undef HAVE_ERR - -/* Define if you have the errx function. */ -#undef HAVE_ERRX - -/* Define if you have the fattach function. */ -#undef HAVE_FATTACH - -/* Define if you have the fchmod function. */ -#undef HAVE_FCHMOD - -/* Define if you have the fchown function. */ -#undef HAVE_FCHOWN - -/* Define if you have the fcntl function. */ -#undef HAVE_FCNTL - -/* Define if you have the flock function. */ -#undef HAVE_FLOCK - -/* Define if you have the fnmatch function. */ -#undef HAVE_FNMATCH - -/* Define if you have the forkpty function. */ -#undef HAVE_FORKPTY - -/* Define if you have the frevoke function. */ -#undef HAVE_FREVOKE - -/* Define if you have the getattr function. */ -#undef HAVE_GETATTR - -/* Define if you have the getcwd function. */ -#undef HAVE_GETCWD - -/* Define if you have the getdtablesize function. */ -#undef HAVE_GETDTABLESIZE - -/* Define if you have the getegid function. */ -#undef HAVE_GETEGID - -/* Define if you have the geteuid function. */ -#undef HAVE_GETEUID - -/* Define if you have the getgid function. */ -#undef HAVE_GETGID - -/* Define if you have the gethostbyname function. */ -#define HAVE_GETHOSTBYNAME 1 - -/* Define if you have the gethostname function. */ -#define HAVE_GETHOSTNAME 1 - -/* Define if you have the getlogin function. */ -#undef HAVE_GETLOGIN - -/* Define if you have the getopt function. */ -#undef HAVE_GETOPT - -/* Define if you have the getpagesize function. */ -#undef HAVE_GETPAGESIZE - -/* Define if you have the getpriority function. */ -#undef HAVE_GETPRIORITY - -/* Define if you have the getpwnam_r function. */ -#undef HAVE_GETPWNAM_R - -/* Define if you have the getrlimit function. */ -#undef HAVE_GETRLIMIT - -/* Define if you have the getservbyname function. */ -#define HAVE_GETSERVBYNAME 1 - -/* Define if you have the getsockopt function. */ -#define HAVE_GETSOCKOPT 1 - -/* Define if you have the getspnam function. */ -#undef HAVE_GETSPNAM - -/* Define if you have the getspuid function. */ -#undef HAVE_GETSPUID - -/* Define if you have the gettimeofday function. */ -#undef HAVE_GETTIMEOFDAY - -/* Define if you have the gettosbyname function. */ -#undef HAVE_GETTOSBYNAME - -/* Define if you have the getudbnam function. */ -#undef HAVE_GETUDBNAM - -/* Define if you have the getuid function. */ -#undef HAVE_GETUID - -/* Define if you have the getusershell function. */ -#undef HAVE_GETUSERSHELL - -/* Define if you have the grantpt function. */ -#undef HAVE_GRANTPT - -/* Define if you have the hstrerror function. */ -#undef HAVE_HSTRERROR - -/* Define if you have the inet_aton function. */ -#undef HAVE_INET_ATON - -/* Define if you have the initgroups function. */ -#undef HAVE_INITGROUPS - -/* Define if you have the innetgr function. */ -#undef HAVE_INNETGR - -/* Define if you have the iruserok function. */ -#undef HAVE_IRUSEROK - -/* Define if you have the logout function. */ -#undef HAVE_LOGOUT - -/* Define if you have the logwtmp function. */ -#undef HAVE_LOGWTMP - -/* Define if you have the lstat function. */ -#undef HAVE_LSTAT - -/* Define if you have the memmove function. */ -#define HAVE_MEMMOVE 1 - -/* Define if you have the mkstemp function. */ -#undef HAVE_MKSTEMP - -/* Define if you have the mktime function. */ -#define HAVE_MKTIME 1 - -/* Define if you have the odm_initialize function. */ -#undef HAVE_ODM_INITIALIZE - -/* Define if you have the on_exit function. */ -#undef HAVE_ON_EXIT - -/* Define if you have the parsetos function. */ -#undef HAVE_PARSETOS - -/* Define if you have the ptsname function. */ -#undef HAVE_PTSNAME - -/* Define if you have the putenv function. */ -#undef HAVE_PUTENV - -/* Define if you have the rand function. */ -#define HAVE_RAND 1 - -/* Define if you have the random function. */ -#undef HAVE_RANDOM - -/* Define if you have the rcmd function. */ -#undef HAVE_RCMD - -/* Define if you have the readline function. */ -#undef HAVE_READLINE - -/* Define if you have the readv function. */ -#undef HAVE_READV - -/* Define if you have the res_search function. */ -#undef HAVE_RES_SEARCH - -/* Define if you have the revoke function. */ -#undef HAVE_REVOKE - -/* Define if you have the setegid function. */ -#undef HAVE_SETEGID - -/* Define if you have the setenv function. */ -#undef HAVE_SETENV - -/* Define if you have the seteuid function. */ -#undef HAVE_SETEUID - -/* Define if you have the setitimer function. */ -#undef HAVE_SETITIMER - -/* Define if you have the setlim function. */ -#undef HAVE_SETLIM - -/* Define if you have the setlogin function. */ -#undef HAVE_SETLOGIN - -/* Define if you have the setpcred function. */ -#undef HAVE_SETPCRED - -/* Define if you have the setpgid function. */ -#undef HAVE_SETPGID - -/* Define if you have the setpriority function. */ -#undef HAVE_SETPRIORITY - -/* Define if you have the setproctitle function. */ -#undef HAVE_SETPROCTITLE - -/* Define if you have the setregid function. */ -#undef HAVE_SETREGID - -/* Define if you have the setresgid function. */ -#undef HAVE_SETRESGID - -/* Define if you have the setresuid function. */ -#undef HAVE_SETRESUID - -/* Define if you have the setreuid function. */ -#undef HAVE_SETREUID - -/* Define if you have the setsid function. */ -#undef HAVE_SETSID - -/* Define if you have the setsockopt function. */ -#define HAVE_SETSOCKOPT 1 - -/* Define if you have the setutent function. */ -#undef HAVE_SETUTENT - -/* Define if you have the sigaction function. */ -#undef HAVE_SIGACTION - -/* Define if you have the socket function. */ -#define HAVE_SOCKET 1 - -/* Define if you have the strcasecmp function. */ -#undef HAVE_STRCASECMP - -/* Define if you have the strdup function. */ -#define HAVE_STRDUP 1 - -/* Define if you have the strerror function. */ -#undef HAVE_STRERROR - -/* Define if you have the strftime function. */ -#define HAVE_STRFTIME 1 - -/* Define if you have the strlwr function. */ -#define HAVE_STRLWR 1 - -/* Define if you have the strncasecmp function. */ -#undef HAVE_STRNCASECMP - -/* Define if you have the strnlen function. */ -#undef HAVE_STRNLEN - -/* Define if you have the strsep function. */ -#undef HAVE_STRSEP - -/* Define if you have the strtok_r function. */ -#undef HAVE_STRTOK_R - -/* Define if you have the strupr function. */ -#define HAVE_STRUPR 1 - -/* Define if you have the swab function. */ -#define HAVE_SWAB 1 - -/* Define if you have the sysconf function. */ -#undef HAVE_SYSCONF - -/* Define if you have the sysctl function. */ -#undef HAVE_SYSCTL - -/* Define if you have the syslog function. */ -#undef HAVE_SYSLOG - -/* Define if you have the tgetent function. */ -#undef HAVE_TGETENT - -/* Define if you have the ttyname function. */ -#undef HAVE_TTYNAME - -/* Define if you have the ttyslot function. */ -#undef HAVE_TTYSLOT - -/* Define if you have the ulimit function. */ -#undef HAVE_ULIMIT - -/* Define if you have the uname function. */ -#undef HAVE_UNAME - -/* Define if you have the unlockpt function. */ -#undef HAVE_UNLOCKPT - -/* Define if you have the unsetenv function. */ -#undef HAVE_UNSETENV - -/* Define if you have the vasnprintf function. */ -#undef HAVE_VASNPRINTF - -/* Define if you have the vasprintf function. */ -#undef HAVE_VASPRINTF - -/* Define if you have the verr function. */ -#undef HAVE_VERR - -/* Define if you have the verrx function. */ -#undef HAVE_VERRX - -/* Define if you have the vhangup function. */ -#undef HAVE_VHANGUP - -/* Define if you have the vsnprintf function. */ -#undef HAVE_VSNPRINTF - -/* Define if you have the vsyslog function. */ -#undef HAVE_VSYSLOG - -/* Define if you have the vwarn function. */ -#undef HAVE_VWARN - -/* Define if you have the vwarnx function. */ -#undef HAVE_VWARNX - -/* Define if you have the warn function. */ -#undef HAVE_WARN - -/* Define if you have the warnx function. */ -#undef HAVE_WARNX - -/* Define if you have the writev function. */ -#undef HAVE_WRITEV - -/* Define if you have the XauReadAuth function. */ -#undef HAVE_XAUREADAUTH - -/* Define if you have the XauWriteAuth function. */ -#undef HAVE_XAUWRITEAUTH - -/* Define if you have the yp_get_default_domain function. */ -#undef HAVE_YP_GET_DEFAULT_DOMAIN - -/* Define if you have the header file. */ -#undef HAVE_ARPA_FTP_H - -/* Define if you have the header file. */ -#undef HAVE_ARPA_INET_H - -/* Define if you have the header file. */ -#undef HAVE_ARPA_NAMESER_H - -/* Define if you have the header file. */ -#undef HAVE_ARPA_TELNET_H - -/* Define if you have the header file. */ -#undef HAVE_BSD_BSD_H - -/* Define if you have the header file. */ -#undef HAVE_BSDSETJMP_H - -/* Define if you have the header file. */ -#undef HAVE_CRYPT_H - -/* Define if you have the header file. */ -#undef HAVE_CURSES_H - -/* Define if you have the header file. */ -#undef HAVE_DBM_H - -/* Define if you have the header file. */ -#undef HAVE_DIRENT_H - -/* Define if you have the header file. */ -#undef HAVE_ERR_H - -/* Define if you have the header file. */ -#undef HAVE_ERRNO_H - -/* Define if you have the header file. */ -#define HAVE_FCNTL_H 1 - -/* Define if you have the header file. */ -#undef HAVE_FNMATCH_H - -/* Define if you have the header file. */ -#undef HAVE_GRP_H - -/* Define if you have the header file. */ -#undef HAVE_INTTYPES_H - -/* Define if you have the header file. */ -#define HAVE_IO_H 1 - -/* Define if you have the header file. */ -#undef HAVE_LASTLOG_H - -/* Define if you have the header file. */ -#undef HAVE_LIBUTIL_H - -/* Define if you have the header file. */ -#undef HAVE_LIMITS_H - -/* Define if you have the header file. */ -#undef HAVE_LOGIN_H - -/* Define if you have the header file. */ -#undef HAVE_MAILLOCK_H - -/* Define if you have the header file. */ -#undef HAVE_NDBM_H - -/* Define if you have the header file. */ -#undef HAVE_NET_IF_H - -/* Define if you have the header file. */ -#undef HAVE_NET_IF_TUN_H - -/* Define if you have the header file. */ -#undef HAVE_NET_IF_VAR_H - -/* Define if you have the header file. */ -#undef HAVE_NETDB_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IN_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IN6_MACHTYPES_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IN_SYSTM_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_IP_H - -/* Define if you have the header file. */ -#undef HAVE_NETINET_TCP_H - -/* Define if you have the header file. */ -#undef HAVE_PATHS_H - -/* Define if you have the header file. */ -#undef HAVE_PTY_H - -/* Define if you have the header file. */ -#undef HAVE_PWD_H - -/* Define if you have the header file. */ -#undef HAVE_RESOLV_H - -/* Define if you have the header file. */ -#undef HAVE_RPCSVC_DBM_H - -/* Define if you have the header file. */ -#undef HAVE_RPCSVC_YPCLNT_H - -/* Define if you have the header file. */ -#undef HAVE_SAC_H - -/* Define if you have the header file. */ -#undef HAVE_SECURITY_PAM_MODULES_H - -/* Define if you have the header file. */ -#undef HAVE_SHADOW_H - -/* Define if you have the header file. */ -#undef HAVE_SIAD_H - -/* Define if you have the header file. */ -#define HAVE_SIGNAL_H 1 - -/* Define if you have the header file. */ -#undef HAVE_STROPTS_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_BITYPES_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_CATEGORY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_FILE_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_FILIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_IOCCOM_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_IOCTL_H - -/* Define if you have the header file. */ -#define HAVE_SYS_LOCKING_H 1 - -/* Define if you have the header file. */ -#undef HAVE_SYS_MMAN_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PARAM_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PROC_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PTY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PTYIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_PTYVAR_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_RESOURCE_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SELECT_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SOCKET_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SOCKIO_H - -/* Define if you have the header file. */ -#define HAVE_SYS_STAT_H 1 - -/* Define if you have the header file. */ -#undef HAVE_SYS_STR_TTY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STREAM_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STROPTS_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_STRTTY_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SYSCALL_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_SYSCTL_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TERMIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TIME_H - -/* Define if you have the header file. */ -#define HAVE_SYS_TIMEB_H 1 - -/* Define if you have the header file. */ -#undef HAVE_SYS_TIMES_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_TTY_H - -/* Define if you have the header file. */ -#define HAVE_SYS_TYPES_H 1 - -/* Define if you have the header file. */ -#undef HAVE_SYS_UIO_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_UN_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_UTSNAME_H - -/* Define if you have the header file. */ -#undef HAVE_SYS_WAIT_H - -/* Define if you have the header file. */ -#undef HAVE_SYSLOG_H - -/* Define if you have the header file. */ -#undef HAVE_TERM_H - -/* Define if you have the header file. */ -#undef HAVE_TERMCAP_H - -/* Define if you have the header file. */ -#undef HAVE_TERMIO_H - -/* Define if you have the header file. */ -#undef HAVE_TERMIOS_H - -/* Define if you have the header file. */ -#undef HAVE_TMPDIR_H - -/* Define if you have the header file. */ -#undef HAVE_TTYENT_H - -/* Define if you have the header file. */ -#undef HAVE_UDB_H - -/* Define if you have the header file. */ -#undef HAVE_ULIMIT_H - -/* Define if you have the header file. */ -#undef HAVE_UNISTD_H - -/* Define if you have the header file. */ -#undef HAVE_USERPW_H - -/* Define if you have the header file. */ -#undef HAVE_USERSEC_H - -/* Define if you have the header file. */ -#undef HAVE_UTIL_H - -/* Define if you have the header file. */ -#undef HAVE_UTIME_H - -/* Define if you have the header file. */ -#undef HAVE_UTMP_H - -/* Define if you have the header file. */ -#undef HAVE_UTMPX_H - -/* Define if you have the header file. */ -#undef HAVE_WAIT_H - -/* Define if you have the c_r library (-lc_r). */ -#undef HAVE_LIBC_R - -/* Define if you have the cfg library (-lcfg). */ -#undef HAVE_LIBCFG - -/* Define if you have the crypt library (-lcrypt). */ -#undef HAVE_LIBCRYPT - -/* Define if you have the curses library (-lcurses). */ -#undef HAVE_LIBCURSES - -/* Define if you have the dl library (-ldl). */ -#undef HAVE_LIBDL - -/* Define if you have the edit library (-ledit). */ -#undef HAVE_LIBEDIT - -/* Define if you have the ncurses library (-lncurses). */ -#undef HAVE_LIBNCURSES - -/* Define if you have the nsl library (-lnsl). */ -#undef HAVE_LIBNSL - -/* Define if you have the odm library (-lodm). */ -#undef HAVE_LIBODM - -/* Define if you have the readline library (-lreadline). */ -#undef HAVE_LIBREADLINE - -/* Define if you have the resolv library (-lresolv). */ -#undef HAVE_LIBRESOLV - -/* Define if you have the s library (-ls). */ -#undef HAVE_LIBS - -/* Define if you have the socket library (-lsocket). */ -#undef HAVE_LIBSOCKET - -/* Define if you have the syslog library (-lsyslog). */ -#undef HAVE_LIBSYSLOG - -/* Define if you have the termcap library (-ltermcap). */ -#undef HAVE_LIBTERMCAP - -/* Define if you have the util library (-lutil). */ -#undef HAVE_LIBUTIL - -/* Define if you have the X11 library (-lX11). */ -#undef HAVE_LIBX11 - -/* Define if you have the Xau library (-lXau). */ -#undef HAVE_LIBXAU - -/* Name of package */ -#undef PACKAGE - -/* Version number of package */ -#undef VERSION - -/* Define if you have the socks package */ -#undef SOCKS - -/* Define to enable old kdestroy behavior. */ -#undef LEGACY_KDESTROY - -/* Define if you want to match subdomains. */ -#undef MATCH_SUBDOMAINS - -/* Define this to be the directory where the - dictionary for cracklib resides. */ -#undef DICTPATH - -/* Define this to the path of the mail spool directory. */ -#undef KRB4_MAILDIR - -/* Define this to the kerberos database directory. */ -#undef DB_DIR - -/* Define to enable new master key code. */ -#undef RANDOM_MKEY - -/* Define this to the location of the master key. */ -#undef MKEYFILE - -/* Define to enable basic OSF C2 support. */ -#undef HAVE_OSFC2 - -/* Define if you don't want to use mmap. */ -#undef NO_MMAP - -/* Define if you don't wan't support for AFS. */ -#undef NO_AFS - -/* Set this to the type of des-quad-cheksum to use. */ -#define DES_QUAD_DEFAULT DES_QUAD_GUESS - -/* Define if you have the readline package */ -#undef READLINE - -/* Define if you have the hesiod package */ -#undef HESIOD - -/* define if your compiler has __attribute__ */ -#undef HAVE___ATTRIBUTE__ - -/* Huh? */ -#undef HAVE_STRANGE_INT8_T - -/* Define if NDBM really is DB (creates files ending in .db). */ -#undef HAVE_NEW_DB - -/* Define if you have NDBM (and not DBM) */ -#undef NDBM - -/* define if you have a working snprintf */ -#undef HAVE_SNPRINTF - -/* define if the system is missing a prototype for snprintf() */ -#undef NEED_SNPRINTF_PROTO - -/* define if you have a glob() that groks - GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, and GLOB_TILDE */ -#undef HAVE_GLOB - -/* define if the system is missing a prototype for glob() */ -#undef NEED_GLOB_PROTO - -/* Define if getpwnam_r has POSIX flavour. */ -#undef POSIX_GETPWNAM_R - -/* Define if getlogin has POSIX flavour (and not BSD). */ -#undef POSIX_GETLOGIN - -/* define if the system is missing a prototype for hstrerror() */ -#undef NEED_HSTRERROR_PROTO - -/* define if the system is missing a prototype for gethostname() */ -#undef NEED_GETHOSTNAME_PROTO - -/* define if the system is missing a prototype for mkstemp() */ -#undef NEED_MKSTEMP_PROTO - -/* define if the system is missing a prototype for inet_aton() */ -#undef NEED_INET_ATON_PROTO - -/* Define if realloc(NULL, X) doesn't work. */ -#undef BROKEN_REALLOC - -/* Define if getcwd is broken (like in SunOS 4). */ -#undef BROKEN_GETCWD - -/* define if prototype of gethostbyname is compatible with - struct hostent *gethostbyname(const char *) */ -#undef GETHOSTBYNAME_PROTO_COMPATIBLE - -/* define if prototype of gethostbyaddr is compatible with - struct hostent *gethostbyaddr(const void *, size_t, int) */ -#undef GETHOSTBYADDR_PROTO_COMPATIBLE - -/* define if prototype of getservbyname is compatible with - struct servent *getservbyname(const char *, const char *) */ -#undef GETSERVBYNAME_PROTO_COMPATIBLE - -/* define if prototype of openlog is compatible with - void openlog(const char *, int, int) */ -#undef OPENLOG_PROTO_COMPATIBLE - -/* define if the system is missing a prototype for crypt() */ -#undef NEED_CRYPT_PROTO - -/* define if the system is missing a prototype for fclose() */ -#undef NEED_FCLOSE_PROTO - -/* define if the system is missing a prototype for strtok_r() */ -#undef NEED_STRTOK_R_PROTO - -/* define if the system is missing a prototype for getusershell() */ -#undef NEED_GETUSERSHELL_PROTO - -/* define if the system is missing a prototype for utime() */ -#undef NEED_UTIME_PROTO - -/* define if you have h_errno */ -#define HAVE_H_ERRNO 1 - -/* define if your system declares h_errno */ -#define HAVE_H_ERRNO_DECLARATION 1 - -/* define if you have h_errlist */ -#undef HAVE_H_ERRLIST - -/* define if your system declares h_errlist */ -#undef HAVE_H_ERRLIST_DECLARATION - -/* define if you have h_nerr */ -#undef HAVE_H_NERR - -/* define if your system declares h_nerr */ -#undef HAVE_H_NERR_DECLARATION - -/* define if you have __progname */ -#undef HAVE___PROGNAME - -/* define if your system declares __progname */ -#undef HAVE___PROGNAME_DECLARATION - -/* define if your system declares optarg */ -#undef HAVE_OPTARG_DECLARATION - -/* define if your system declares optind */ -#undef HAVE_OPTIND_DECLARATION - -/* define if your system declares opterr */ -#undef HAVE_OPTERR_DECLARATION - -/* define if your system declares optopt */ -#undef HAVE_OPTOPT_DECLARATION - -/* define if your system declares environ */ -#undef HAVE_ENVIRON_DECLARATION - -/* Define if RETSIGTYPE == void. */ -#define VOID_RETSIGTYPE 1 - -/* Define if struct utmp has field ut_addr. */ -#undef HAVE_STRUCT_UTMP_UT_ADDR - -/* Define if struct utmp has field ut_host. */ -#undef HAVE_STRUCT_UTMP_UT_HOST - -/* Define if struct utmp has field ut_id. */ -#undef HAVE_STRUCT_UTMP_UT_ID - -/* Define if struct utmp has field ut_pid. */ -#undef HAVE_STRUCT_UTMP_UT_PID - -/* Define if struct utmp has field ut_type. */ -#undef HAVE_STRUCT_UTMP_UT_TYPE - -/* Define if struct utmp has field ut_user. */ -#undef HAVE_STRUCT_UTMP_UT_USER - -/* Define if struct utmpx has field ut_exit. */ -#undef HAVE_STRUCT_UTMPX_UT_EXIT - -/* Define if struct utmpx has field ut_syslen. */ -#undef HAVE_STRUCT_UTMPX_UT_SYSLEN - -/* define if you have struct spwd */ -#undef HAVE_STRUCT_SPWD - -/* define if struct winsize is declared in sys/termios.h */ -#undef HAVE_STRUCT_WINSIZE - -/* define if struct winsize has ws_xpixel */ -#undef HAVE_WS_XPIXEL - -/* define if struct winsize has ws_ypixel */ -#undef HAVE_WS_YPIXEL - -/* Define this to what the type ssize_t should be. */ -#define ssize_t int - -/* Define if struct sockaddr has field sa_len. */ -#undef HAVE_STRUCT_SOCKADDR_SA_LEN - -/* Define if SIAENTITY has field ouid. */ -#undef HAVE_SIAENTITY_OUID - -/* Define if you have a working getmsg. */ -#undef HAVE_GETMSG - -/* Define if you have a readline function. */ -#undef HAVE_READLINE - -/* Define if you have working stream ptys. */ -#undef STREAMSPTY - -/* Define if /bin/ls has a `-A' flag. */ -#undef HAVE_LS_A - - -#undef HAVE_INT8_T -#undef HAVE_INT16_T -#undef HAVE_INT32_T -#undef HAVE_INT64_T -#undef HAVE_U_INT8_T -#undef HAVE_U_INT16_T -#undef HAVE_U_INT32_T -#undef HAVE_U_INT64_T - -/* This for compat with heimdal (or something) */ -#define KRB_PUT_INT(f, t, l, s) krb_put_int((f), (t), (l), (s)) - -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } - -/* - * Set ORGANIZATION to be the desired organization string printed - * by the 'kinit' program. It may have spaces. - */ -#define ORGANIZATION "eBones International" - -#if 0 -#undef BINDIR -#undef LIBDIR -#undef LIBEXECDIR -#undef SBINDIR -#endif - -#if 0 -#define KRB_CNF_FILES { "/etc/krb.conf", "/etc/kerberosIV/krb.conf", 0} -#define KRB_RLM_FILES { "/etc/krb.realms", "/etc/kerberosIV/krb.realms", 0} -#define KRB_EQUIV "/etc/krb.equiv" - -#define KEYFILE "/etc/srvtab" - -#define KRBDIR "/var/kerberos" -#define DBM_FILE KRBDIR "/principal" -#define DEFAULT_ACL_DIR KRBDIR - -#define KRBLOG "/var/log/kerberos.log" /* master server */ -#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* slave server */ -#define KADM_SYSLOG "/var/log/admin_server.syslog" -#define K_LOGFIL "/var/log/kpropd.log" -#endif - -/* Maximum values on all known systems */ -#define MaxHostNameLen (64+4) -#define MaxPathLen (1024+4) - -/* ftp stuff -------------------------------------------------- */ - -#define KERBEROS - -/* telnet stuff ----------------------------------------------- */ - -/* define this for OTP support */ -#undef OTP - -/* define this if you have kerberos 4 */ -#define KRB4 1 - -/* define this if you want encryption */ -#undef ENCRYPTION - -/* define this if you want authentication */ -#undef AUTHENTICATION - -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif - -/* Set this if you want des encryption */ -#undef DES_ENCRYPTION - -/* Set this to the default system lead string for telnetd - * can contain %-escapes: %s=sysname, %m=machine, %r=os-release - * %v=os-version, %t=tty, %h=hostname, %d=date and time - */ -#undef USE_IM - -/* define this if you want diagnostics in telnetd */ -#undef DIAGNOSTICS - -/* define this if you want support for broken ENV_{VALUE,VAR} systems */ -#undef ENV_HACK - -/* */ -#undef OLD_ENVIRON - -/* Used with login -p */ -#undef LOGIN_ARGS - -/* set this to a sensible login */ -#ifndef LOGIN_PATH -#define LOGIN_PATH BINDIR "/login" -#endif - - -/* ------------------------------------------------------------ */ - -#ifdef BROKEN_REALLOC -#define realloc(X, Y) isoc_realloc((X), (Y)) -#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) -#endif - -#ifdef VOID_RETSIGTYPE -#define SIGRETURN(x) return -#else -#define SIGRETURN(x) return (RETSIGTYPE)(x) -#endif - -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -/* - * All these are system-specific defines that I would rather not have at all. - */ - -/* - * AIX braindamage! - */ -#if _AIX -#define _ALL_SOURCE -/* XXX this is gross, but kills about a gazillion warnings */ -struct ether_addr; -struct sockaddr; -struct sockaddr_dl; -struct sockaddr_in; -#endif - -/* - * SunOS braindamage! (Sun include files are generally braindead) - */ -#if (defined(sun) || defined(__sun)) -#if defined(__svr4__) || defined(__SVR4) -#define SunOS 5 -#else -#define SunOS 4 -#endif -#endif - -#if defined(__sgi) || defined(sgi) -#if defined(__SYSTYPE_SVR4) || defined(_SYSTYPE_SVR4) -#define IRIX 5 -#else -#define IRIX 4 -#endif -#endif - -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif - -/* some strange OS/2 stuff. From */ - -#ifdef __EMX__ -#define _EMX_TCPIP -#define MAIL_USE_SYSTEM_LOCK -#endif - -#ifdef ROKEN_RENAME -#include "roken_rename.h" -#endif diff --git a/crypto/kerberosIV/include/win32/ktypes.h b/crypto/kerberosIV/include/win32/ktypes.h deleted file mode 100644 index 3d4af11d09b7..000000000000 --- a/crypto/kerberosIV/include/win32/ktypes.h +++ /dev/null @@ -1,11 +0,0 @@ -#ifndef __KTYPES_H__ -#define __KTYPES_H__ - -typedef signed char int8_t; -typedef unsigned char u_int8_t; -typedef short int16_t; -typedef unsigned short u_int16_t; -typedef int int32_t; -typedef unsigned int u_int32_t; - -#endif /* __KTYPES_H__ */ diff --git a/crypto/kerberosIV/include/win32/roken.h b/crypto/kerberosIV/include/win32/roken.h deleted file mode 100644 index 9a3117f75cf2..000000000000 --- a/crypto/kerberosIV/include/win32/roken.h +++ /dev/null @@ -1,214 +0,0 @@ -/* This is (as usual) a generated file, - it is also machine dependent */ - -#ifndef __ROKEN_H__ -#define __ROKEN_H__ - -/* -*- C -*- */ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken.h,v 1.8 1999/12/02 16:58:36 joda Exp $ */ - -#include -#include -#include -#include -#include -#include - - - -#define ROKEN_LIB_FUNCTION - -#include - - -int putenv(const char *string); - -int setenv(const char *var, const char *val, int rewrite); - -void unsetenv(const char *name); - -char *getusershell(void); -void endusershell(void); - -int snprintf (char *str, size_t sz, const char *format, ...) - __attribute__ ((format (printf, 3, 4))); - -int vsnprintf (char *str, size_t sz, const char *format, va_list ap) - __attribute__((format (printf, 3, 0))); - -int asprintf (char **ret, const char *format, ...) - __attribute__ ((format (printf, 2, 3))); - -int vasprintf (char **ret, const char *format, va_list ap) - __attribute__((format (printf, 2, 0))); - -int asnprintf (char **ret, size_t max_sz, const char *format, ...) - __attribute__ ((format (printf, 3, 4))); - -int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap) - __attribute__((format (printf, 3, 0))); - -char * strdup(const char *old); - -char * strlwr(char *); - -int strnlen(char*, int); - -char *strsep(char**, const char*); - -int strcasecmp(const char *s1, const char *s2); - - - -char * strupr(char *); - -size_t strlcpy (char *dst, const char *src, size_t dst_sz); - -size_t strlcat (char *dst, const char *src, size_t dst_sz); - -int getdtablesize(void); - -char *strerror(int eno); - -/* This causes a fatal error under Psoriasis */ -const char *hstrerror(int herr); - -extern int h_errno; - -int inet_aton(const char *cp, struct in_addr *adr); - -char* getcwd(char *path, size_t size); - - -int seteuid(uid_t euid); - -int setegid(gid_t egid); - -int lstat(const char *path, struct stat *buf); - -int mkstemp(char *); - -int initgroups(const char *name, gid_t basegid); - -int fchown(int fd, uid_t owner, gid_t group); - -int daemon(int nochdir, int noclose); - -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); - -int chown(const char *path, uid_t owner, gid_t group); - -int rcmd(char **ahost, unsigned short inport, const char *locuser, - const char *remuser, const char *cmd, int *fd2p); - -int innetgr(const char*, const char*, const char*, const char*); - -int iruserok(unsigned raddr, int superuser, const char *ruser, - const char *luser); - -int gethostname(char *name, int namelen); - -ssize_t -writev(int d, const struct iovec *iov, int iovcnt); - -ssize_t -readv(int d, const struct iovec *iov, int iovcnt); - -int -mkstemp(char *template); - -#define LOCK_SH 1 /* Shared lock */ -#define LOCK_EX 2 /* Exclusive lock */ -#define LOCK_NB 4 /* Don't block when locking */ -#define LOCK_UN 8 /* Unlock */ - -int flock(int fd, int operation); - -time_t tm2time (struct tm tm, int local); - -int unix_verify_user(char *user, char *password); - -void inaddr2str(struct in_addr addr, char *s, size_t len); - -void mini_inetd (int port); - -int roken_concat (char *s, size_t len, ...); - -size_t roken_mconcat (char **s, size_t max_len, ...); - -int roken_vconcat (char *s, size_t len, va_list args); - -size_t roken_vmconcat (char **s, size_t max_len, va_list args); - -ssize_t net_write (int fd, const void *buf, size_t nbytes); - -ssize_t net_read (int fd, void *buf, size_t nbytes); - -int issuid(void); - -struct winsize { - unsigned short ws_row, ws_col; - unsigned short ws_xpixel, ws_ypixel; -}; - -int get_window_size(int fd, struct winsize *); - -void vsyslog(int pri, const char *fmt, va_list ap); - -extern char *optarg; -extern int optind; -extern int opterr; - -extern const char *__progname; - -extern char **environ; - -/* - * kludges and such - */ - -int roken_gethostby_setup(const char*, const char*); -struct hostent* roken_gethostbyname(const char*); -struct hostent* roken_gethostbyaddr(const void*, size_t, int); - -#define roken_getservbyname(x,y) getservbyname((char *)x, (char *)y) - -#define roken_openlog(a,b,c) openlog((char *)a,b,c) - -void set_progname(char *argv0); - -#endif /* __ROKEN_H__ */ diff --git a/crypto/kerberosIV/include/win32/version.h b/crypto/kerberosIV/include/win32/version.h deleted file mode 100644 index 07fe2eb4641f..000000000000 --- a/crypto/kerberosIV/include/win32/version.h +++ /dev/null @@ -1,2 +0,0 @@ -char *krb4_long_version = "krb4-0.9.7 on Windows NT"; -char *krb4_version = "0.9.7"; diff --git a/crypto/kerberosIV/include/win32/winconf.sh b/crypto/kerberosIV/include/win32/winconf.sh deleted file mode 100644 index a7d5f28316b6..000000000000 --- a/crypto/kerberosIV/include/win32/winconf.sh +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/sh - -# $Id: winconf.sh,v 1.1 1997/11/09 14:35:15 joda Exp $ - -cat ../config.h.in | sed ' -s%#undef gid_t$%#define gid_t int% -s%#undef STDC_HEADERS$%#define STDC_HEADERS 1% -s%#undef uid_t$%#define uid_t int% -s%#undef ssize_t$%#define ssize_t int% -s%#undef VOID_RETSIGTYPE$%#define VOID_RETSIGTYPE 1% -s%#undef HAVE_H_ERRNO$%#define HAVE_H_ERRNO 1% -s%#undef HAVE_H_ERRNO_DECLARATION$%#define HAVE_H_ERRNO_DECLARATION 1% -s%#undef HAVE__STRICMP$%#define HAVE__STRICMP 1% -s%#undef HAVE_GETHOSTBYNAME$%#define HAVE_GETHOSTBYNAME 1% -s%#undef HAVE_GETHOSTNAME$%#define HAVE_GETHOSTNAME 1% -s%#undef HAVE_GETSERVBYNAME$%#define HAVE_GETSERVBYNAME 1% -s%#undef HAVE_GETSOCKOPT$%#define HAVE_GETSOCKOPT 1% -s%#undef HAVE_MEMMOVE$%#define HAVE_MEMMOVE 1% -s%#undef HAVE_MKTIME$%#define HAVE_MKTIME 1% -s%#undef HAVE_RAND$%#define HAVE_RAND 1% -s%#undef HAVE_SETSOCKOPT$%#define HAVE_SETSOCKOPT 1% -s%#undef HAVE_SOCKET$%#define HAVE_SOCKET 1% -s%#undef HAVE_STRDUP$%#define HAVE_STRDUP 1% -s%#undef HAVE_STRFTIME$%#define HAVE_STRFTIME 1% -s%#undef HAVE_STRLWR$%#define HAVE_STRLWR 1% -s%#undef HAVE_STRUPR$%#define HAVE_STRUPR 1% -s%#undef HAVE_SWAB$%#define HAVE_SWAB 1% -s%#undef HAVE_FCNTL_H$%#define HAVE_FCNTL_H 1% -s%#undef HAVE_IO_H$%#define HAVE_IO_H 1% -s%#undef HAVE_SIGNAL_H$%#define HAVE_SIGNAL_H 1% -s%#undef HAVE_SYS_LOCKING_H$%#define HAVE_SYS_LOCKING_H 1% -s%#undef HAVE_SYS_STAT_H$%#define HAVE_SYS_STAT_H 1% -s%#undef HAVE_SYS_TIMEB_H$%#define HAVE_SYS_TIMEB_H 1% -s%#undef HAVE_SYS_TYPES_H$%#define HAVE_SYS_TYPES_H 1% -s%#undef HAVE_WINSOCK_H$%#define HAVE_WINSOCK_H 1% -s%#undef KRB4$%#define KRB4 1% -s%#undef DES_QUAD_DEFAULT$%#define DES_QUAD_DEFAULT DES_QUAD_GUESS%' > config.h diff --git a/crypto/kerberosIV/install-sh b/crypto/kerberosIV/install-sh deleted file mode 100644 index ebc66913e940..000000000000 --- a/crypto/kerberosIV/install-sh +++ /dev/null @@ -1,250 +0,0 @@ -#! /bin/sh -# -# install - install a program, script, or datafile -# This comes from X11R5 (mit/util/scripts/install.sh). -# -# Copyright 1991 by the Massachusetts Institute of Technology -# -# Permission to use, copy, modify, distribute, and sell this software and its -# documentation for any purpose is hereby granted without fee, provided that -# the above copyright notice appear in all copies and that both that -# copyright notice and this permission notice appear in supporting -# documentation, and that the name of M.I.T. not be used in advertising or -# publicity pertaining to distribution of the software without specific, -# written prior permission. M.I.T. makes no representations about the -# suitability of this software for any purpose. It is provided "as is" -# without express or implied warranty. -# -# Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it -# when there is no Makefile. -# -# This script is compatible with the BSD install script, but was written -# from scratch. It can only install one file at a time, a restriction -# shared with many OS's install programs. - - -# set DOITPROG to echo to test this script - -# Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" - - -# put in absolute paths if you don't have them in your path; or use env. vars. - -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" - -transformbasename="" -transform_arg="" -instcmd="$mvprog" -chmodcmd="$chmodprog 0755" -chowncmd="" -chgrpcmd="" -stripcmd="" -rmcmd="$rmprog -f" -mvcmd="$mvprog" -src="" -dst="" -dir_arg="" - -while [ x"$1" != x ]; do - case $1 in - -c) instcmd="$cpprog" - shift - continue;; - - -d) dir_arg=true - shift - continue;; - - -m) chmodcmd="$chmodprog $2" - shift - shift - continue;; - - -o) chowncmd="$chownprog $2" - shift - shift - continue;; - - -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; - - -s) stripcmd="$stripprog" - shift - continue;; - - -t=*) transformarg=`echo $1 | sed 's/-t=//'` - shift - continue;; - - -b=*) transformbasename=`echo $1 | sed 's/-b=//'` - shift - continue;; - - *) if [ x"$src" = x ] - then - src=$1 - else - # this colon is to work around a 386BSD /bin/sh bug - : - dst=$1 - fi - shift - continue;; - esac -done - -if [ x"$src" = x ] -then - echo "install: no input file specified" - exit 1 -else - true -fi - -if [ x"$dir_arg" != x ]; then - dst=$src - src="" - - if [ -d $dst ]; then - instcmd=: - else - instcmd=mkdir - fi -else - -# Waiting for this to be detected by the "$instcmd $src $dsttmp" command -# might cause directories to be created, which would be especially bad -# if $src (and thus $dsttmp) contains '*'. - - if [ -f $src -o -d $src ] - then - true - else - echo "install: $src does not exist" - exit 1 - fi - - if [ x"$dst" = x ] - then - echo "install: no destination specified" - exit 1 - else - true - fi - -# If destination is a directory, append the input filename; if your system -# does not like double slashes in filenames, you may need to add some logic - - if [ -d $dst ] - then - dst="$dst"/`basename $src` - else - true - fi -fi - -## this sed command emulates the dirname command -dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` - -# Make sure that the destination directory exists. -# this part is taken from Noah Friedman's mkinstalldirs script - -# Skip lots of stat calls in the usual case. -if [ ! -d "$dstdir" ]; then -defaultIFS=' -' -IFS="${IFS-${defaultIFS}}" - -oIFS="${IFS}" -# Some sh's can't handle IFS=/ for some reason. -IFS='%' -set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` -IFS="${oIFS}" - -pathcomp='' - -while [ $# -ne 0 ] ; do - pathcomp="${pathcomp}${1}" - shift - - if [ ! -d "${pathcomp}" ] ; - then - $mkdirprog "${pathcomp}" - else - true - fi - - pathcomp="${pathcomp}/" -done -fi - -if [ x"$dir_arg" != x ] -then - $doit $instcmd $dst && - - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi -else - -# If we're going to rename the final executable, determine the name now. - - if [ x"$transformarg" = x ] - then - dstfile=`basename $dst` - else - dstfile=`basename $dst $transformbasename | - sed $transformarg`$transformbasename - fi - -# don't allow the sed command to completely eliminate the filename - - if [ x"$dstfile" = x ] - then - dstfile=`basename $dst` - else - true - fi - -# Make a temp file name in the proper directory. - - dsttmp=$dstdir/#inst.$$# - -# Move or copy the file name to the temp name - - $doit $instcmd $src $dsttmp && - - trap "rm -f ${dsttmp}" 0 && - -# and set any options; do chmod last to preserve setuid bits - -# If any of these fail, we abort the whole thing. If we want to -# ignore errors from any of these, just make sure not to ignore -# errors from the above "$doit $instcmd $src $dsttmp" command. - - if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && - if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && - if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && - if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && - -# Now rename the file to the real destination. - - $doit $rmcmd -f $dstdir/$dstfile && - $doit $mvcmd $dsttmp $dstdir/$dstfile - -fi && - - -exit 0 diff --git a/crypto/kerberosIV/kadmin/Design.txt b/crypto/kerberosIV/kadmin/Design.txt deleted file mode 100644 index 7763a04f4967..000000000000 --- a/crypto/kerberosIV/kadmin/Design.txt +++ /dev/null @@ -1,23 +0,0 @@ -// This file attempts to present the internal functioning of the new kerberos -// admin server and interface.. - -// -// The calling side -// - -// Outer interface (programmers interface) -kadm_mod_entry(vals *old_dat, vals *new_dat) returns (vals *cur_dat) - // sends a command telling the server to change all entries which match - // old_dat to entries matching new_dat - // returns in cur_dat the actual current values of the modified records - // implemented with calls to _vals_to_stream, _send_out, _take_in, and - // _stream_to_vals, _interpret_ret - -// Inner calls -_vals_to_stream (vals *, unsigned char *) - // converts a vals structure to a byte stream for transmission over the net - -_stream_to_vals (unsigned char *, vals *) - // converts a byte stream recieved into a vals structure - - diff --git a/crypto/kerberosIV/kadmin/Makefile.in b/crypto/kerberosIV/kadmin/Makefile.in deleted file mode 100644 index 0227ad63622d..000000000000 --- a/crypto/kerberosIV/kadmin/Makefile.in +++ /dev/null @@ -1,125 +0,0 @@ -# $Id: Makefile.in,v 1.47 1999/03/10 19:01:13 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -top_builddir=.. - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -LN_S = @LN_S@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ - -LIB_tgetent = @LIB_tgetent@ -LIB_readline = @LIB_readline@ -LIB_DBM = @LIB_DBM@ -LIBS = @LIBS@ - -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -CRACKLIB = @CRACKLIB@ - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -bindir = @bindir@ -sbindir = @sbindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROG_BIN = kpasswd$(EXECSUFFIX) \ - kadmin$(EXECSUFFIX) -PROG_SBIN = ksrvutil$(EXECSUFFIX) -PROG_LIBEXEC = kadmind$(EXECSUFFIX) -PROGS = $(PROG_BIN) $(PROG_SBIN) $(PROG_LIBEXEC) - -SOURCES = kpasswd.c kadmin.c kadm_server.c kadm_funcs.c pw_check.c \ - admin_server.c kadm_ser_wrap.c ksrvutil.c ksrvutil_get.c \ - new_pwd.c random_password.c - -OBJECTS = kpasswd.o kadmin.o kadm_server.o kadm_funcs.o \ - admin_server.o kadm_ser_wrap.o ksrvutil.o ksrvutil_get.o \ - new_pwd.o random_password.o - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - for x in $(PROG_BIN); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - $(MKINSTALLDIRS) $(DESTDIR)$(sbindir) - for x in $(PROG_SBIN); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(sbindir)/`echo $$x | sed '$(transform)'`; \ - done - $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) - for x in $(PROG_LIBEXEC); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - @rm -f $(prefix)/sbin/kadmin - -uninstall: - for x in $(PROG_BIN); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - for x in $(PROG_SBIN); do \ - rm -f $(DESTDIR)$(sbindir)/`echo $$x | sed '$(transform)'`; \ - done - for x in $(PROG_LIBEXEC); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../lib/kadm -lkadm -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/com_err -lcom_err -LIBROKEN=-L../lib/roken -lroken - -kpasswd$(EXECSUFFIX): kpasswd.o new_pwd.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kpasswd.o new_pwd.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -kadmin_OBJECTS = kadmin.o new_pwd.o random_password.o - -kadmin$(EXECSUFFIX): $(kadmin_OBJECTS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(kadmin_OBJECTS) $(KLIB) -L../lib/sl -lsl $(LIBROKEN) $(LIBS) $(LIB_readline) $(LIBROKEN) - -KADMIND_OBJECTS=kadm_server.o kadm_funcs.o admin_server.o kadm_ser_wrap.o pw_check.o - -kadmind$(EXECSUFFIX): $(KADMIND_OBJECTS) - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(KADMIND_OBJECTS) -L../lib/kdb -lkdb -L../lib/acl -lacl $(KLIB) $(CRACKLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) - -ksrvutil$(EXECSUFFIX): ksrvutil.o ksrvutil_get.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ ksrvutil.o ksrvutil_get.o $(KLIB) $(LIBROKEN) $(LIBS) - -$(OBJECTS): ../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/kadmin/admin_server.c b/crypto/kerberosIV/kadmin/admin_server.c deleted file mode 100644 index 14347fd3677b..000000000000 --- a/crypto/kerberosIV/kadmin/admin_server.c +++ /dev/null @@ -1,610 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Top-level loop of the kerberos Administration server - */ - -/* - admin_server.c - this holds the main loop and initialization and cleanup code for the server -*/ - -#include "kadm_locl.h" - -RCSID("$Id: admin_server.c,v 1.49.2.2 2000/10/18 20:24:57 assar Exp $"); - -/* Almost all procs and such need this, so it is global */ -admin_params prm; /* The command line parameters struct */ - -/* GLOBAL */ -char *acldir = DEFAULT_ACL_DIR; -static char krbrlm[REALM_SZ]; - -#define MAXCHILDREN 100 - -struct child { - pid_t pid; - int pipe_fd; - int authenticated; -}; - -static unsigned nchildren = 0; -static struct child children[MAXCHILDREN]; - -static int exit_now = 0; - -static -RETSIGTYPE -doexit(int sig) -{ - exit_now = 1; - SIGRETURN(0); -} - -static sig_atomic_t do_wait; - -static -RETSIGTYPE -do_child(int sig) -{ - do_wait = 1; - SIGRETURN(0); -} - - -static void -kill_children(void) -{ - int i; - - for (i = 0; i < nchildren; i++) { - kill(children[i].pid, SIGINT); - close (children[i].pipe_fd); - krb_log("killing child %d", children[i].pid); - } -} - -/* close the system log file */ -static void -close_syslog(void) -{ - krb_log("Shutting down admin server"); -} - -static void -byebye(void) /* say goodnight gracie */ -{ - printf("Admin Server (kadm server) has completed operation.\n"); -} - -static void -clear_secrets(void) -{ - memset(server_parm.master_key, 0, sizeof(server_parm.master_key)); - memset(server_parm.master_key_schedule, 0, - sizeof(server_parm.master_key_schedule)); - server_parm.master_key_version = 0L; -} - -static void -cleanexit(int val) -{ - kerb_fini(); - clear_secrets(); - exit(val); -} - -static RETSIGTYPE -sigalrm(int sig) -{ - cleanexit(1); -} - -/* - * handle the client on the socket `fd' from `who' - * `signal_fd' is a pipe on which to signal when the user has been - * authenticated - */ - -static void -process_client(int fd, struct sockaddr_in *who, int signal_fd) -{ - u_char *dat; - int dat_len; - u_short dlen; - int retval; - Principal service; - des_cblock skey; - int more; - int status; - int authenticated = 0; - - /* make this connection time-out after 1 second if the user has - not managed one transaction succesfully in kadm_ser_in */ - - signal(SIGALRM, sigalrm); - alarm(2); - -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - { - int on = 1; - - if (setsockopt(fd, SOL_SOCKET, SO_KEEPALIVE, - (void *)&on, sizeof(on)) < 0) - krb_log("setsockopt keepalive: %d",errno); - } -#endif - - server_parm.recv_addr = *who; - - if (kerb_init()) { /* Open as client */ - krb_log("can't open krb db"); - cleanexit(1); - } - /* need to set service key to changepw.KRB_MASTER */ - - status = kerb_get_principal(server_parm.sname, server_parm.sinst, &service, - 1, &more); - if (status == -1) { - /* db locked */ - char *pdat; - - dat_len = KADM_VERSIZE + 4; - dat = (u_char *) malloc(dat_len); - if (dat == NULL) { - krb_log("malloc failed"); - cleanexit(4); - } - pdat = (char *) dat; - memcpy(pdat, KADM_ULOSE, KADM_VERSIZE); - krb_put_int (KADM_DB_INUSE, pdat + KADM_VERSIZE, 4, 4); - goto out; - } else if (!status) { - krb_log("no service %s.%s",server_parm.sname, server_parm.sinst); - cleanexit(2); - } - - copy_to_key(&service.key_low, &service.key_high, skey); - memset(&service, 0, sizeof(service)); - kdb_encrypt_key (&skey, &skey, &server_parm.master_key, - server_parm.master_key_schedule, DES_DECRYPT); - krb_set_key(skey, 0); /* if error, will show up when - rd_req fails */ - memset(skey, 0, sizeof(skey)); - - while (1) { - void *errpkt; - - errpkt = malloc(KADM_VERSIZE + 4); - if (errpkt == NULL) { - krb_log("malloc: no memory"); - close(fd); - cleanexit(4); - } - - if ((retval = krb_net_read(fd, &dlen, sizeof(u_short))) != - sizeof(u_short)) { - if (retval < 0) - krb_log("dlen read: %s",error_message(errno)); - else if (retval) - krb_log("short dlen read: %d",retval); - close(fd); - cleanexit(retval ? 3 : 0); - } - if (exit_now) { - cleanexit(0); - } - dat_len = ntohs(dlen); - dat = (u_char *) malloc(dat_len); - if (dat == NULL) { - krb_log("malloc: No memory"); - close(fd); - cleanexit(4); - } - if ((retval = krb_net_read(fd, dat, dat_len)) != dat_len) { - if (retval < 0) - krb_log("data read: %s",error_message(errno)); - else - krb_log("short read: %d vs. %d", dat_len, retval); - close(fd); - cleanexit(5); - } - if (exit_now) { - cleanexit(0); - } - retval = kadm_ser_in(&dat, &dat_len, errpkt); - - if (retval == KADM_SUCCESS) { - if (!authenticated) { - unsigned char one = 1; - - authenticated = 1; - alarm (0); - write (signal_fd, &one, 1); - } - } else { - krb_log("processing request: %s", error_message(retval)); - } - - /* kadm_ser_in did the processing and returned stuff in - dat & dat_len , return the appropriate data */ - - out: - dlen = htons(dat_len); - - if (krb_net_write(fd, &dlen, sizeof(u_short)) < 0) { - krb_log("writing dlen to client: %s",error_message(errno)); - close(fd); - cleanexit(6); - } - - if (krb_net_write(fd, dat, dat_len) < 0) { - krb_log("writing to client: %s", error_message(errno)); - close(fd); - cleanexit(7); - } - free(dat); - } - /*NOTREACHED*/ -} - -static void -accept_client (int admin_fd) -{ - int pipe_fd[2]; - int addrlen; - struct sockaddr_in peer; - pid_t pid; - int peer_fd; - - /* using up the maximum number of children, try to get rid - of one unauthenticated one */ - - if (nchildren >= MAXCHILDREN) { - int i, nunauth = 0; - int victim; - - for (;;) { - for (i = 0; i < nchildren; ++i) - if (children[i].authenticated == 0) - ++nunauth; - if (nunauth == 0) - return; - - victim = rand() % nchildren; - if (children[victim].authenticated == 0) { - kill(children[victim].pid, SIGINT); - close(children[victim].pipe_fd); - for (i = victim; i < nchildren; ++i) - children[i] = children[i + 1]; - --nchildren; - break; - } - } - } - - /* accept the conn */ - addrlen = sizeof(peer); - peer_fd = accept(admin_fd, (struct sockaddr *)&peer, &addrlen); - if (peer_fd < 0) { - krb_log("accept: %s",error_message(errno)); - return; - } - if (pipe (pipe_fd) < 0) { - krb_log ("pipe: %s", error_message(errno)); - return; - } - - if (pipe_fd[0] >= FD_SETSIZE - || pipe_fd[1] >= FD_SETSIZE) { - krb_log ("pipe fds too large"); - close (pipe_fd[0]); - close (pipe_fd[1]); - return; - } - - pid = fork (); - - if (pid < 0) { - krb_log ("fork: %s", error_message(errno)); - close (pipe_fd[0]); - close (pipe_fd[1]); - return; - } - - if (pid != 0) { - /* parent */ - /* fork succeded: keep tabs on child */ - close(peer_fd); - children[nchildren].pid = pid; - children[nchildren].pipe_fd = pipe_fd[0]; - children[nchildren].authenticated = 0; - ++nchildren; - close (pipe_fd[1]); - - } else { - int i; - - /* child */ - close(admin_fd); - close(pipe_fd[0]); - - for (i = 0; i < nchildren; ++i) - close (children[i].pipe_fd); - - /* - * If we are multihomed we need to figure out which - * local address that is used this time since it is - * used in "direction" comparison. - */ - getsockname(peer_fd, - (struct sockaddr *)&server_parm.admin_addr, - &addrlen); - /* do stuff */ - process_client (peer_fd, &peer, pipe_fd[1]); - } -} - -/* - * handle data signaled from child `child' kadmind - */ - -static void -handle_child_signal (int child) -{ - int ret; - unsigned char data[1]; - - ret = read (children[child].pipe_fd, data, 1); - if (ret < 0) { - if (errno != EINTR) - krb_log ("read from child %d: %s", child, - error_message(errno)); - return; - } - if (ret == 0) { - close (children[child].pipe_fd); - children[child].pipe_fd = -1; - return; - } - if (data) - children[child].authenticated = 1; -} - -/* - * handle dead children - */ - -static void -handle_sigchld (void) -{ - pid_t pid; - int status; - int i, j; - - for (;;) { - int found = 0; - - pid = waitpid(-1, &status, WNOHANG|WUNTRACED); - if (pid == 0 || (pid < 0 && errno == ECHILD)) - break; - if (pid < 0) { - krb_log("waitpid: %s", error_message(errno)); - break; - } - for (i = 0; i < nchildren; i++) - if (children[i].pid == pid) { - /* found it */ - close(children[i].pipe_fd); - for (j = i; j < nchildren; j++) - /* copy others down */ - children[j] = children[j+1]; - --nchildren; -#if 0 - if ((WIFEXITED(status) && WEXITSTATUS(status) != 0) - || WIFSIGNALED(status)) - krb_log("child %d: termsig %d, retcode %d", pid, - WTERMSIG(status), WEXITSTATUS(status)); -#endif - found = 1; - } -#if 0 - if (!found) - krb_log("child %d not in list: termsig %d, retcode %d", pid, - WTERMSIG(status), WEXITSTATUS(status)); -#endif - } - do_wait = 0; -} - -/* -kadm_listen -listen on the admin servers port for a request -*/ -static int -kadm_listen(void) -{ - int found; - int admin_fd; - fd_set readfds; - - signal(SIGINT, doexit); - signal(SIGTERM, doexit); - signal(SIGHUP, doexit); - signal(SIGQUIT, doexit); - signal(SIGPIPE, SIG_IGN); /* get errors on write() */ - signal(SIGALRM, doexit); - signal(SIGCHLD, do_child); - if (setsid() < 0) - krb_log("setsid() failed"); - - if ((admin_fd = socket(AF_INET, SOCK_STREAM, 0)) < 0) - return KADM_NO_SOCK; - - if (admin_fd >= FD_SETSIZE) { - krb_log("admin_fd too big"); - return KADM_NO_BIND; - } - -#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT) - { - int one = 1; - setsockopt(admin_fd, SOL_SOCKET, SO_REUSEADDR, (void *)&one, - sizeof(one)); - } -#endif - if (bind(admin_fd, (struct sockaddr *)&server_parm.admin_addr, - sizeof(struct sockaddr_in)) < 0) - return KADM_NO_BIND; - if (listen(admin_fd, SOMAXCONN) < 0) - return KADM_NO_BIND; - - for (;;) { /* loop nearly forever */ - int i; - int maxfd = -1; - - if (exit_now) { - clear_secrets(); - kill_children(); - return(0); - } - if (do_wait) - handle_sigchld (); - - FD_ZERO(&readfds); - FD_SET(admin_fd, &readfds); - maxfd = max(maxfd, admin_fd); - for (i = 0; i < nchildren; ++i) - if (children[i].pipe_fd >= 0) { - FD_SET(children[i].pipe_fd, &readfds); - maxfd = max(maxfd, children[i].pipe_fd); - } - - found = select(maxfd + 1, &readfds, NULL, NULL, NULL); - if (found < 0) { - if (errno != EINTR) - krb_log("select: %s",error_message(errno)); - continue; - } - if (FD_ISSET(admin_fd, &readfds)) - accept_client (admin_fd); - for (i = 0; i < nchildren; ++i) - if (children[i].pipe_fd >= 0 - && FD_ISSET(children[i].pipe_fd, &readfds)) { - handle_child_signal (i); - } - } - /*NOTREACHED*/ -} - -/* -** Main does the logical thing, it sets up the database and RPC interface, -** as well as handling the creation and maintenance of the syslog file... -*/ -int -main(int argc, char **argv) /* admin_server main routine */ -{ - int errval; - int c; - struct in_addr i_addr; - - set_progname (argv[0]); - - umask(077); /* Create protected files */ - - i_addr.s_addr = INADDR_ANY; - /* initialize the admin_params structure */ - prm.sysfile = KADM_SYSLOG; /* default file name */ - prm.inter = 0; - - memset(krbrlm, 0, sizeof(krbrlm)); - - while ((c = getopt(argc, argv, "f:hmnd:a:r:i:")) != -1) - switch(c) { - case 'f': /* Syslog file name change */ - prm.sysfile = optarg; - break; - case 'n': - prm.inter = 0; - break; - case 'm': - prm.inter = 1; - break; - case 'a': /* new acl directory */ - acldir = optarg; - break; - case 'd': - /* put code to deal with alt database place */ - if ((errval = kerb_db_set_name(optarg))) - errx (1, "opening database %s: %s", - optarg, error_message(errval)); - break; - case 'r': - strlcpy (krbrlm, optarg, sizeof(krbrlm)); - break; - case 'i': - /* Only listen on this address */ - if(inet_aton (optarg, &i_addr) == 0) { - fprintf (stderr, "Bad address: %s\n", optarg); - exit (1); - } - break; - case 'h': /* get help on using admin_server */ - default: - errx(1, "Usage: kadmind [-h] [-n] [-m] [-r realm] [-d dbname] [-f filename] [-a acldir] [-i address_to_listen_on]"); - } - - if (krbrlm[0] == 0) - if (krb_get_lrealm(krbrlm, 1) != KSUCCESS) - errx (1, "Unable to get local realm. Fix krb.conf or use -r."); - - printf("KADM Server %s initializing\n",KADM_VERSTR); - printf("Please do not use 'kill -9' to kill this job, use a\n"); - printf("regular kill instead\n\n"); - - kset_logfile(prm.sysfile); - krb_log("Admin server starting"); - - kerb_db_set_lockmode(KERB_DBL_NONBLOCKING); - errval = kerb_init(); /* Open the Kerberos database */ - if (errval) { - warnx ("error: kerb_init() failed"); - close_syslog(); - byebye(); - } - /* set up the server_parm struct */ - if ((errval = kadm_ser_init(prm.inter, krbrlm, i_addr))==KADM_SUCCESS) { - kerb_fini(); /* Close the Kerberos database-- - will re-open later */ - errval = kadm_listen(); /* listen for calls to server from - clients */ - } - if (errval != KADM_SUCCESS) { - warnx("error: %s",error_message(errval)); - kerb_fini(); /* Close if error */ - } - close_syslog(); /* Close syslog file, print - closing note */ - byebye(); /* Say bye bye on the terminal - in use */ - exit(1); -} /* procedure main */ diff --git a/crypto/kerberosIV/kadmin/kadm_funcs.c b/crypto/kerberosIV/kadmin/kadm_funcs.c deleted file mode 100644 index 8ae8a411cb09..000000000000 --- a/crypto/kerberosIV/kadmin/kadm_funcs.c +++ /dev/null @@ -1,437 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - -*/ - -/* - * Kerberos administration server-side database manipulation routines - */ - -/* - * kadm_funcs.c - * the actual database manipulation code - */ - -#include "kadm_locl.h" - -RCSID("$Id: kadm_funcs.c,v 1.18 1999/09/16 20:41:40 assar Exp $"); - -static int -check_access(char *pname, char *pinst, char *prealm, enum acl_types acltype) -{ - char checkname[MAX_K_NAME_SZ]; - char filename[MaxPathLen]; - - snprintf(checkname, sizeof(checkname), "%s.%s@%s", pname, pinst, prealm); - - switch (acltype) { - case ADDACL: - snprintf(filename, sizeof(filename), "%s%s", acldir, ADD_ACL_FILE); - break; - case GETACL: - snprintf(filename, sizeof(filename), "%s%s", acldir, GET_ACL_FILE); - break; - case MODACL: - snprintf(filename, sizeof(filename), "%s%s", acldir, MOD_ACL_FILE); - break; - case DELACL: - snprintf(filename, sizeof(filename), "%s%s", acldir, DEL_ACL_FILE); - break; - default: - krb_log("WARNING in check_access: default case in switch"); - return 0; - } - return(acl_check(filename, checkname)); -} - -static int -wildcard(char *str) -{ - if (!strcmp(str, WILDCARD_STR)) - return(1); - return(0); -} - -static int -fail(int code, char *oper, char *princ) -{ - krb_log("ERROR: %s: %s (%s)", oper, princ, error_message(code)); - return code; -} - -#define failadd(code) { fail(code, "ADD", victim); return code; } -#define faildelete(code) { fail(code, "DELETE", victim); return code; } -#define failget(code) { fail(code, "GET", victim); return code; } -#define failmod(code) { fail(code, "MOD", victim); return code; } -#define failchange(code) { fail(code, "CHANGE", admin); return code; } - -int -kadm_add_entry (char *rname, char *rinstance, char *rrealm, - Kadm_vals *valsin, Kadm_vals *valsout) -{ - long numfound; /* check how many we get written */ - int more; /* pointer to more grabbed records */ - Principal data_i, data_o; /* temporary principal */ - u_char flags[4]; - des_cblock newpw; - Principal default_princ; - - char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ]; - - strlcpy(admin, - krb_unparse_name_long(rname, rinstance, rrealm), - sizeof(admin)); - strlcpy(victim, - krb_unparse_name_long(valsin->name, - valsin->instance, - NULL), - sizeof(victim)); - - krb_log("ADD: %s by %s", victim, admin); - - if (!check_access(rname, rinstance, rrealm, ADDACL)) { - krb_log("WARNING: ADD: %s permission denied", admin); - return KADM_UNAUTH; - } - - /* Need to check here for "legal" name and instance */ - if (wildcard(valsin->name) || wildcard(valsin->instance)) { - failadd(KADM_ILL_WILDCARD); - } - - numfound = kerb_get_principal(KERB_DEFAULT_NAME, KERB_DEFAULT_INST, - &default_princ, 1, &more); - if (numfound == -1) { - failadd(KADM_DB_INUSE); - } else if (numfound != 1) { - failadd(KADM_UK_RERROR); - } - - kadm_vals_to_prin(valsin->fields, &data_i, valsin); - strlcpy(data_i.name, valsin->name, ANAME_SZ); - strlcpy(data_i.instance, valsin->instance, INST_SZ); - - if (!IS_FIELD(KADM_EXPDATE,valsin->fields)) - data_i.exp_date = default_princ.exp_date; - if (!IS_FIELD(KADM_ATTR,valsin->fields)) - data_i.attributes = default_princ.attributes; - if (!IS_FIELD(KADM_MAXLIFE,valsin->fields)) - data_i.max_life = default_princ.max_life; - - memset(&default_princ, 0, sizeof(default_princ)); - - /* convert to host order */ - data_i.key_low = ntohl(data_i.key_low); - data_i.key_high = ntohl(data_i.key_high); - - - copy_to_key(&data_i.key_low, &data_i.key_high, newpw); - - /* encrypt new key in master key */ - kdb_encrypt_key (&newpw, &newpw, &server_parm.master_key, - server_parm.master_key_schedule, DES_ENCRYPT); - copy_from_key(newpw, &data_i.key_low, &data_i.key_high); - memset(newpw, 0, sizeof(newpw)); - - data_o = data_i; - numfound = kerb_get_principal(valsin->name, valsin->instance, - &data_o, 1, &more); - if (numfound == -1) { - failadd(KADM_DB_INUSE); - } else if (numfound) { - failadd(KADM_INUSE); - } else { - data_i.key_version++; - data_i.kdc_key_ver = server_parm.master_key_version; - strlcpy(data_i.mod_name, rname, sizeof(data_i.mod_name)); - strlcpy(data_i.mod_instance, rinstance, - sizeof(data_i.mod_instance)); - - numfound = kerb_put_principal(&data_i, 1); - if (numfound == -1) { - failadd(KADM_DB_INUSE); - } else if (numfound) { - failadd(KADM_UK_SERROR); - } else { - numfound = kerb_get_principal(valsin->name, valsin->instance, - &data_o, 1, &more); - if ((numfound!=1) || (more!=0)) { - failadd(KADM_UK_RERROR); - } - memset(flags, 0, sizeof(flags)); - SET_FIELD(KADM_NAME,flags); - SET_FIELD(KADM_INST,flags); - SET_FIELD(KADM_EXPDATE,flags); - SET_FIELD(KADM_ATTR,flags); - SET_FIELD(KADM_MAXLIFE,flags); - kadm_prin_to_vals(flags, valsout, &data_o); - krb_log("ADD: %s added", victim); - return KADM_DATA; /* Set all the appropriate fields */ - } - } -} - -int -kadm_delete_entry (char *rname, char *rinstance, char *rrealm, - Kadm_vals *valsin) -{ - int ret; - - char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ]; - - strlcpy(admin, - krb_unparse_name_long(rname, rinstance, rrealm), - sizeof(admin)); - strlcpy(victim, - krb_unparse_name_long(valsin->name, - valsin->instance, - NULL), - sizeof(victim)); - - krb_log("DELETE: %s by %s", victim, admin); - - if (!check_access(rname, rinstance, rrealm, DELACL)) { - krb_log("WARNING: DELETE: %s permission denied", admin); - return KADM_UNAUTH; - } - - /* Need to check here for "legal" name and instance */ - if (wildcard(valsin->name) || wildcard(valsin->instance)) { - faildelete(KADM_ILL_WILDCARD); - } - -#define EQ(V,N,I) (strcmp((V)->name, (N)) == 0 && strcmp((V)->instance, (I)) == 0) - - if(EQ(valsin, PWSERV_NAME, KRB_MASTER) || - EQ(valsin, "K", "M") || - EQ(valsin, "default", "") || - EQ(valsin, KRB_TICKET_GRANTING_TICKET, server_parm.krbrlm)){ - krb_log("WARNING: DELETE: %s is immutable", victim); - return KADM_IMMUTABLE; /* XXX */ - } - - ret = kerb_delete_principal(valsin->name, valsin->instance); - if(ret == -1) - return KADM_DB_INUSE; /* XXX */ - krb_log("DELETE: %s removed.", victim); - return KADM_SUCCESS; -} - - -int -kadm_get_entry (char *rname, char *rinstance, char *rrealm, - Kadm_vals *valsin, u_char *flags, Kadm_vals *valsout) -{ - long numfound; /* check how many were returned */ - int more; /* To point to more name.instances */ - Principal data_o; /* Data object to hold Principal */ - - char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ]; - - strlcpy(admin, - krb_unparse_name_long(rname, rinstance, rrealm), - sizeof(admin)); - strlcpy(victim, - krb_unparse_name_long(valsin->name, - valsin->instance, - NULL), - sizeof(victim)); - - krb_log("GET: %s by %s", victim, admin); - - if (!check_access(rname, rinstance, rrealm, GETACL)) { - krb_log("WARNING: GET: %s permission denied", admin); - return KADM_UNAUTH; - } - - if (wildcard(valsin->name) || wildcard(valsin->instance)) { - failget(KADM_ILL_WILDCARD); - } - - /* Look up the record in the database */ - numfound = kerb_get_principal(valsin->name, valsin->instance, - &data_o, 1, &more); - if (numfound == -1) { - failget(KADM_DB_INUSE); - } else if (numfound) { /* We got the record, let's return it */ - kadm_prin_to_vals(flags, valsout, &data_o); - krb_log("GET: %s retrieved", victim); - return KADM_DATA; /* Set all the appropriate fields */ - } else { - failget(KADM_NOENTRY); /* Else whimper and moan */ - } -} - -int -kadm_mod_entry (char *rname, char *rinstance, char *rrealm, - Kadm_vals *valsin, Kadm_vals *valsin2, Kadm_vals *valsout) -{ - long numfound; - int more; - Principal data_o, temp_key; - u_char fields[4]; - des_cblock newpw; - - char admin[MAX_K_NAME_SZ], victim[MAX_K_NAME_SZ]; - - strlcpy(admin, - krb_unparse_name_long(rname, rinstance, rrealm), - sizeof(admin)); - strlcpy(victim, - krb_unparse_name_long(valsin->name, - valsin->instance, - NULL), - sizeof(victim)); - - krb_log("MOD: %s by %s", victim, admin); - - if (wildcard(valsin->name) || wildcard(valsin->instance)) { - failmod(KADM_ILL_WILDCARD); - } - - if (!check_access(rname, rinstance, rrealm, MODACL)) { - krb_log("WARNING: MOD: %s permission denied", admin); - return KADM_UNAUTH; - } - - numfound = kerb_get_principal(valsin->name, valsin->instance, - &data_o, 1, &more); - if (numfound == -1) { - failmod(KADM_DB_INUSE); - } else if (numfound) { - kadm_vals_to_prin(valsin2->fields, &temp_key, valsin2); - strlcpy(data_o.name, valsin->name, ANAME_SZ); - strlcpy(data_o.instance, valsin->instance, INST_SZ); - if (IS_FIELD(KADM_EXPDATE,valsin2->fields)) - data_o.exp_date = temp_key.exp_date; - if (IS_FIELD(KADM_ATTR,valsin2->fields)) - data_o.attributes = temp_key.attributes; - if (IS_FIELD(KADM_MAXLIFE,valsin2->fields)) - data_o.max_life = temp_key.max_life; - if (IS_FIELD(KADM_DESKEY,valsin2->fields)) { - data_o.key_version++; - data_o.kdc_key_ver = server_parm.master_key_version; - - - /* convert to host order */ - temp_key.key_low = ntohl(temp_key.key_low); - temp_key.key_high = ntohl(temp_key.key_high); - - - copy_to_key(&temp_key.key_low, &temp_key.key_high, newpw); - - /* encrypt new key in master key */ - kdb_encrypt_key (&newpw, &newpw, &server_parm.master_key, - server_parm.master_key_schedule, DES_ENCRYPT); - copy_from_key(newpw, &data_o.key_low, &data_o.key_high); - memset(newpw, 0, sizeof(newpw)); - } - memset(&temp_key, 0, sizeof(temp_key)); - - strlcpy(data_o.mod_name, rname, sizeof(data_o.mod_name)); - strlcpy(data_o.mod_instance, rinstance, - sizeof(data_o.mod_instance)); - more = kerb_put_principal(&data_o, 1); - - memset(&data_o, 0, sizeof(data_o)); - - if (more == -1) { - failmod(KADM_DB_INUSE); - } else if (more) { - failmod(KADM_UK_SERROR); - } else { - numfound = kerb_get_principal(valsin->name, valsin->instance, - &data_o, 1, &more); - if ((more!=0)||(numfound!=1)) { - failmod(KADM_UK_RERROR); - } - memset(fields, 0, sizeof(fields)); - SET_FIELD(KADM_NAME,fields); - SET_FIELD(KADM_INST,fields); - SET_FIELD(KADM_EXPDATE,fields); - SET_FIELD(KADM_ATTR,fields); - SET_FIELD(KADM_MAXLIFE,fields); - kadm_prin_to_vals(fields, valsout, &data_o); - krb_log("MOD: %s modified", victim); - return KADM_DATA; /* Set all the appropriate fields */ - } - } - else { - failmod(KADM_NOENTRY); - } -} - -int -kadm_change (char *rname, char *rinstance, char *rrealm, unsigned char *newpw) -{ - long numfound; - int more; - Principal data_o; - des_cblock local_pw; - - char admin[MAX_K_NAME_SZ]; - - strlcpy(admin, - krb_unparse_name_long(rname, rinstance, rrealm), - sizeof(admin)); - - krb_log("CHANGE: %s", admin); - - if (strcmp(server_parm.krbrlm, rrealm)) { - krb_log("ERROR: CHANGE: request from wrong realm %s", rrealm); - return(KADM_WRONG_REALM); - } - - if (wildcard(rname) || wildcard(rinstance)) { - failchange(KADM_ILL_WILDCARD); - } - - memcpy(local_pw, newpw, sizeof(local_pw)); - - /* encrypt new key in master key */ - kdb_encrypt_key (&local_pw, &local_pw, &server_parm.master_key, - server_parm.master_key_schedule, DES_ENCRYPT); - - numfound = kerb_get_principal(rname, rinstance, - &data_o, 1, &more); - if (numfound == -1) { - failchange(KADM_DB_INUSE); - } else if (numfound) { - copy_from_key(local_pw, &data_o.key_low, &data_o.key_high); - data_o.key_version++; - data_o.kdc_key_ver = server_parm.master_key_version; - strlcpy(data_o.mod_name, rname, sizeof(data_o.mod_name)); - strlcpy(data_o.mod_instance, rinstance, - sizeof(data_o.mod_instance)); - more = kerb_put_principal(&data_o, 1); - memset(local_pw, 0, sizeof(local_pw)); - memset(&data_o, 0, sizeof(data_o)); - if (more == -1) { - failchange(KADM_DB_INUSE); - } else if (more) { - failchange(KADM_UK_SERROR); - } else { - krb_log("CHANGE: %s's password changed", admin); - return KADM_SUCCESS; - } - } - else { - failchange(KADM_NOENTRY); - } -} diff --git a/crypto/kerberosIV/kadmin/kadm_locl.h b/crypto/kerberosIV/kadmin/kadm_locl.h deleted file mode 100644 index 9c0da5490a29..000000000000 --- a/crypto/kerberosIV/kadmin/kadm_locl.h +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadm_locl.h,v 1.31 1999/12/02 16:58:36 joda Exp $ */ -/* $FreeBSD$ */ - -#include "config.h" -#include "protos.h" - -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif - -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif - -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif - -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif /* HAVE_SYS_RESOURCE_H */ -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#ifdef HAVE_SYSLOG_H -#include -#endif - -#include - -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#include - -#include -#include - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include -#include -#include -#include -#include -#include - -#include - -#include "kadm_server.h" -#include "pw_check.h" - -/* from libacl */ -/* int acl_check(char *acl, char *principal); */ - -/* GLOBALS */ -extern char *acldir; -extern Kadm_Server server_parm; - -/* Utils */ -int kadm_change (char *, char *, char *, des_cblock); -int kadm_add_entry (char *, char *, char *, Kadm_vals *, Kadm_vals *); -int kadm_mod_entry (char *, char *, char *, Kadm_vals *, Kadm_vals *, Kadm_vals *); -int kadm_get_entry (char *, char *, char *, Kadm_vals *, u_char *, Kadm_vals *); -int kadm_delete_entry (char *, char *, char *, Kadm_vals *); -int kadm_ser_cpw (u_char *, int, AUTH_DAT *, u_char **, int *); -int kadm_ser_add (u_char *, int, AUTH_DAT *, u_char **, int *); -int kadm_ser_mod (u_char *, int, AUTH_DAT *, u_char **, int *); -int kadm_ser_get (u_char *, int, AUTH_DAT *, u_char **, int *); -int kadm_ser_delete (u_char *, int, AUTH_DAT *, u_char **, int *); -int kadm_ser_init (int inter, char realm[], struct in_addr); -int kadm_ser_in (u_char **, int *, u_char *); - -int get_pw_new_pwd (char *pword, int pwlen, krb_principal *pr, int print_realm); - -/* cracklib */ -char *FascistCheck (char *password, char *path, char **strings); - -void -random_password(char *pw, size_t len, u_int32_t *low, u_int32_t *high); diff --git a/crypto/kerberosIV/kadmin/kadm_ser_wrap.c b/crypto/kerberosIV/kadmin/kadm_ser_wrap.c deleted file mode 100644 index 29f142c63661..000000000000 --- a/crypto/kerberosIV/kadmin/kadm_ser_wrap.c +++ /dev/null @@ -1,234 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Kerberos administration server-side support functions - */ - -/* -kadm_ser_wrap.c -unwraps wrapped packets and calls the appropriate server subroutine -*/ - -#include "kadm_locl.h" - -RCSID("$Id: kadm_ser_wrap.c,v 1.25 1999/09/16 20:41:41 assar Exp $"); - -/* GLOBAL */ -Kadm_Server server_parm; - -/* -kadm_ser_init -set up the server_parm structure -*/ -int -kadm_ser_init(int inter, /* interactive or from file */ - char *realm, - struct in_addr addr) -{ - struct hostent *hp; - char hostname[MaxHostNameLen]; - - init_kadm_err_tbl(); - init_krb_err_tbl(); - if (gethostname(hostname, sizeof(hostname))) - return KADM_NO_HOSTNAME; - - strlcpy(server_parm.sname, - PWSERV_NAME, - sizeof(server_parm.sname)); - strlcpy(server_parm.sinst, - KRB_MASTER, - sizeof(server_parm.sinst)); - strlcpy(server_parm.krbrlm, - realm, - sizeof(server_parm.krbrlm)); - - server_parm.admin_fd = -1; - /* setting up the addrs */ - memset(&server_parm.admin_addr,0, sizeof(server_parm.admin_addr)); - - server_parm.admin_addr.sin_port = k_getportbyname (KADM_SNAME, - "tcp", - htons(751)); - server_parm.admin_addr.sin_family = AF_INET; - if ((hp = gethostbyname(hostname)) == NULL) - return KADM_NO_HOSTNAME; - server_parm.admin_addr.sin_addr = addr; - /* setting up the database */ - if (kdb_get_master_key((inter==1), &server_parm.master_key, - server_parm.master_key_schedule) != 0) - return KADM_NO_MAST; - if ((server_parm.master_key_version = - kdb_verify_master_key(&server_parm.master_key, - server_parm.master_key_schedule,stderr))<0) - return KADM_NO_VERI; - return KADM_SUCCESS; -} - -/* - * - */ - -static void -errpkt(u_char *errdat, u_char **dat, int *dat_len, int code) -{ - free(*dat); /* free up req */ - *dat_len = KADM_VERSIZE + 4; - memcpy(errdat, KADM_ULOSE, KADM_VERSIZE); - krb_put_int (code, errdat + KADM_VERSIZE, 4, 4); - *dat = errdat; -} - -/* -kadm_ser_in -unwrap the data stored in dat, process, and return it. -*/ -int -kadm_ser_in(u_char **dat, int *dat_len, u_char *errdat) -{ - u_char *in_st; /* pointer into the sent packet */ - int in_len,retc; /* where in packet we are, for - returns */ - u_int32_t r_len; /* length of the actual packet */ - KTEXT_ST authent; /* the authenticator */ - AUTH_DAT ad; /* who is this, klink */ - u_int32_t ncksum; /* checksum of encrypted data */ - des_key_schedule sess_sched; /* our schedule */ - MSG_DAT msg_st; - u_char *retdat, *tmpdat; - int retval, retlen; - - if (*dat_len < (KADM_VERSIZE + sizeof(u_int32_t)) - || strncmp(KADM_VERSTR, (char *)*dat, KADM_VERSIZE) != 0) { - errpkt(errdat, dat, dat_len, KADM_BAD_VER); - return KADM_BAD_VER; - } - in_len = KADM_VERSIZE; - /* get the length */ - if ((retc = stv_long(*dat, &r_len, in_len, *dat_len)) < 0 || - (r_len > *dat_len - KADM_VERSIZE - sizeof(u_int32_t))) { - errpkt(errdat, dat, dat_len, KADM_LENGTH_ERROR); - return KADM_LENGTH_ERROR; - } - - in_len += retc; - authent.length = *dat_len - r_len - KADM_VERSIZE - sizeof(u_int32_t); - if (authent.length > MAX_KTXT_LEN) { - errpkt(errdat, dat, dat_len, KADM_LENGTH_ERROR); - return KADM_LENGTH_ERROR; - } - memcpy(authent.dat, (char *)(*dat) + in_len, authent.length); - authent.mbz = 0; - /* service key should be set before here */ - if ((retc = krb_rd_req(&authent, server_parm.sname, server_parm.sinst, - server_parm.recv_addr.sin_addr.s_addr, &ad, NULL))) - { - errpkt(errdat, dat, dat_len, retc + krb_err_base); - return retc + krb_err_base; - } - -#define clr_cli_secrets() {memset(sess_sched, 0, sizeof(sess_sched)); memset(ad.session, 0,sizeof(ad.session));} - - in_st = *dat + *dat_len - r_len; -#ifdef NOENCRYPTION - ncksum = 0; -#else - ncksum = des_quad_cksum((des_cblock *)in_st, (des_cblock *)0, (long) r_len, 0, &ad.session); -#endif - if (ncksum!=ad.checksum) { /* yow, are we correct yet */ - clr_cli_secrets(); - errpkt(errdat, dat, dat_len, KADM_BAD_CHK); - return KADM_BAD_CHK; - } -#ifdef NOENCRYPTION - memset(sess_sched, 0, sizeof(sess_sched)); -#else - des_key_sched(&ad.session, sess_sched); -#endif - if ((retc = (int) krb_rd_priv(in_st, r_len, sess_sched, &ad.session, - &server_parm.recv_addr, - &server_parm.admin_addr, &msg_st))) { - clr_cli_secrets(); - errpkt(errdat, dat, dat_len, retc + krb_err_base); - return retc + krb_err_base; - } - switch (msg_st.app_data[0]) { - case CHANGE_PW: - retval = kadm_ser_cpw(msg_st.app_data+1,(int) msg_st.app_length - 1, - &ad, &retdat, &retlen); - break; - case ADD_ENT: - retval = kadm_ser_add(msg_st.app_data+1,(int) msg_st.app_length - 1, - &ad, &retdat, &retlen); - break; - case GET_ENT: - retval = kadm_ser_get(msg_st.app_data+1,(int) msg_st.app_length - 1, - &ad, &retdat, &retlen); - break; - case MOD_ENT: - retval = kadm_ser_mod(msg_st.app_data+1,(int) msg_st.app_length - 1, - &ad, &retdat, &retlen); - break; - case DEL_ENT: - retval = kadm_ser_delete(msg_st.app_data + 1, msg_st.app_length - 1, - &ad, &retdat, &retlen); - break; - default: - clr_cli_secrets(); - errpkt(errdat, dat, dat_len, KADM_NO_OPCODE); - return KADM_NO_OPCODE; - } - /* Now seal the response back into a priv msg */ - tmpdat = (u_char *) malloc(retlen + KADM_VERSIZE + 4); - if (tmpdat == NULL) { - clr_cli_secrets(); - errpkt(errdat, dat, dat_len, KADM_NOMEM); - return KADM_NOMEM; - } - free(*dat); - memcpy(tmpdat, KADM_VERSTR, KADM_VERSIZE); - krb_put_int(retval, tmpdat + KADM_VERSIZE, 4, 4); - if (retlen) { - memcpy(tmpdat + KADM_VERSIZE + 4, retdat, retlen); - free(retdat); - } - /* slop for mk_priv stuff */ - *dat = (u_char *) malloc(retlen + KADM_VERSIZE + - sizeof(u_int32_t) + 200); - if (*dat == NULL) { - clr_cli_secrets(); - errpkt(errdat, dat, dat_len, KADM_NOMEM); - return KADM_NOMEM; - } - if ((*dat_len = krb_mk_priv(tmpdat, *dat, - (u_int32_t) (retlen + KADM_VERSIZE + - sizeof(u_int32_t)), - sess_sched, - &ad.session, &server_parm.admin_addr, - &server_parm.recv_addr)) < 0) { - clr_cli_secrets(); - errpkt(errdat, dat, dat_len, KADM_NO_ENCRYPT); - return KADM_NO_ENCRYPT; - } - clr_cli_secrets(); - return KADM_SUCCESS; -} diff --git a/crypto/kerberosIV/kadmin/kadm_server.c b/crypto/kerberosIV/kadmin/kadm_server.c deleted file mode 100644 index 1006f20c70ad..000000000000 --- a/crypto/kerberosIV/kadmin/kadm_server.c +++ /dev/null @@ -1,198 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Kerberos administration server-side subroutines - */ - -#include "kadm_locl.h" - -RCSID("$Id: kadm_server.c,v 1.9 1997/05/02 10:29:08 joda Exp $"); - -/* -kadm_ser_cpw - the server side of the change_password routine - recieves : KTEXT, {key} - returns : CKSUM, RETCODE - acl : caller can change only own password - -Replaces the password (i.e. des key) of the caller with that specified in key. -Returns no actual data from the master server, since this is called by a user -*/ -int -kadm_ser_cpw(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen) -{ - u_int32_t keylow, keyhigh; - des_cblock newkey; - int status; - int stvlen=0; - char *pw_msg; - char pword[MAX_KPW_LEN]; - char *strings[4]; - - /* take key off the stream, and change the database */ - - if ((status = stv_long(dat, &keyhigh, 0, len)) < 0) - return(KADM_LENGTH_ERROR); - stvlen=status; - if ((status = stv_long(dat, &keylow, stvlen, len)) < 0) - return(KADM_LENGTH_ERROR); - stvlen+=status; - - if((status = stv_string(dat, pword, stvlen, sizeof(pword), len))<0) - pword[0]=0; - - keylow = ntohl(keylow); - keyhigh = ntohl(keyhigh); - memcpy(((char *)newkey) + 4, &keyhigh, 4); - memcpy(newkey, &keylow, 4); - - strings[0] = ad->pname; - strings[1] = ad->pinst; - strings[2] = ad->prealm; - strings[3] = NULL; - status = kadm_pw_check(pword, &newkey, &pw_msg, strings); - - memset(pword, 0, sizeof(pword)); - memset(dat, 0, len); - - if(status != KADM_SUCCESS){ - *datout=malloc(0); - *outlen=vts_string(pw_msg, datout, 0); - return status; - } - *datout=0; - *outlen=0; - - return(kadm_change(ad->pname, ad->pinst, ad->prealm, newkey)); -} - - -/* -kadm_ser_add - the server side of the add_entry routine - recieves : KTEXT, {values} - returns : CKSUM, RETCODE, {values} - acl : su, sms (as alloc) - -Adds and entry containing values to the database -returns the values of the entry, so if you leave certain fields blank you will - be able to determine the default values they are set to -*/ -int -kadm_ser_add(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen) -{ - Kadm_vals values, retvals; - long status; - - if ((status = stream_to_vals(dat, &values, len)) < 0) - return(KADM_LENGTH_ERROR); - if ((status = kadm_add_entry(ad->pname, ad->pinst, ad->prealm, - &values, &retvals)) == KADM_DATA) { - *outlen = vals_to_stream(&retvals,datout); - return KADM_SUCCESS; - } else { - *outlen = 0; - return status; - } -} - -/* -kadm_ser_mod - the server side of the mod_entry routine - recieves : KTEXT, {values, values} - returns : CKSUM, RETCODE, {values} - acl : su, sms (as register or dealloc) - -Modifies all entries corresponding to the first values so they match the - second values. -returns the values for the changed entries -*/ -int -kadm_ser_mod(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen) -{ - Kadm_vals vals1, vals2, retvals; - int wh; - long status; - - if ((wh = stream_to_vals(dat, &vals1, len)) < 0) - return KADM_LENGTH_ERROR; - if ((status = stream_to_vals(dat+wh,&vals2, len-wh)) < 0) - return KADM_LENGTH_ERROR; - if ((status = kadm_mod_entry(ad->pname, ad->pinst, ad->prealm, &vals1, - &vals2, &retvals)) == KADM_DATA) { - *outlen = vals_to_stream(&retvals,datout); - return KADM_SUCCESS; - } else { - *outlen = 0; - return status; - } -} - -int -kadm_ser_delete(u_char *dat, int len, AUTH_DAT *ad, - u_char **datout, int *outlen) -{ - Kadm_vals values; - int wh; - int status; - - if((wh = stream_to_vals(dat, &values, len)) < 0) - return KADM_LENGTH_ERROR; - if(wh != len) - return KADM_LENGTH_ERROR; - status = kadm_delete_entry(ad->pname, ad->pinst, ad->prealm, - &values); - *outlen = 0; - return status; -} - -/* -kadm_ser_get - recieves : KTEXT, {values, flags} - returns : CKSUM, RETCODE, {count, values, values, values} - acl : su - -gets the fields requested by flags from all entries matching values -returns this data for each matching recipient, after a count of how many such - matches there were -*/ -int -kadm_ser_get(u_char *dat, int len, AUTH_DAT *ad, u_char **datout, int *outlen) -{ - Kadm_vals values, retvals; - u_char fl[FLDSZ]; - int loop,wh; - long status; - - if ((wh = stream_to_vals(dat, &values, len)) < 0) - return KADM_LENGTH_ERROR; - if (wh + FLDSZ > len) - return KADM_LENGTH_ERROR; - for (loop=FLDSZ-1; loop>=0; loop--) - fl[loop] = dat[wh++]; - if ((status = kadm_get_entry(ad->pname, ad->pinst, ad->prealm, - &values, fl, &retvals)) == KADM_DATA) { - *outlen = vals_to_stream(&retvals,datout); - return KADM_SUCCESS; - } else { - *outlen = 0; - return status; - } -} - diff --git a/crypto/kerberosIV/kadmin/kadm_server.h b/crypto/kerberosIV/kadmin/kadm_server.h deleted file mode 100644 index c730574249dc..000000000000 --- a/crypto/kerberosIV/kadmin/kadm_server.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* $Id: kadm_server.h,v 1.10 1997/05/11 04:08:26 assar Exp $ */ - -/* - * Definitions for Kerberos administration server & client - */ - -#ifndef KADM_SERVER_DEFS -#define KADM_SERVER_DEFS - -/* - * kadm_server.h - * Header file for the fourth attempt at an admin server - * Doug Church, December 28, 1989, MIT Project Athena - * ps. Yes that means this code belongs to athena etc... - * as part of our ongoing attempt to copyright all greek names - */ - -typedef struct { - struct sockaddr_in admin_addr; - struct sockaddr_in recv_addr; - int recv_addr_len; - int admin_fd; /* our link to clients */ - char sname[ANAME_SZ]; - char sinst[INST_SZ]; - char krbrlm[REALM_SZ]; - des_cblock master_key; - des_cblock session_key; - des_key_schedule master_key_schedule; - long master_key_version; -} Kadm_Server; - -/* the default syslog file */ -#ifndef KADM_SYSLOG -#define KADM_SYSLOG "/var/log/admin_server.syslog" -#endif /* KADM_SYSLOG */ - -#ifndef DEFAULT_ACL_DIR -#define DEFAULT_ACL_DIR "/var/kerberos" -#endif /* DEFAULT_ACL_DIR */ -#define ADD_ACL_FILE "/admin_acl.add" -#define GET_ACL_FILE "/admin_acl.get" -#define MOD_ACL_FILE "/admin_acl.mod" -#define DEL_ACL_FILE "/admin_acl.del" - -#endif /* KADM_SERVER_DEFS */ diff --git a/crypto/kerberosIV/kadmin/kadmin.c b/crypto/kerberosIV/kadmin/kadmin.c deleted file mode 100644 index a0d5d83b6623..000000000000 --- a/crypto/kerberosIV/kadmin/kadmin.c +++ /dev/null @@ -1,1145 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ -/* $FreeBSD$ */ - -/* - * Kerberos database administrator's tool. - * - * The default behavior of kadmin is if the -m option is given - * on the commandline, multiple requests are allowed to be given - * with one entry of the admin password (until the tickets expire). - */ - -#include "kadm_locl.h" -#include "getarg.h" -#include "parse_time.h" - -RCSID("$Id: kadmin.c,v 1.62 1999/11/02 17:02:14 bg Exp $"); - -static int change_password(int argc, char **argv); -static int change_key(int argc, char **argv); -static int change_admin_password(int argc, char **argv); -static int add_new_key(int argc, char **argv); -static int del_entry(int argc, char **argv); -static int get_entry(int argc, char **argv); -static int mod_entry(int argc, char **argv); -static int help(int argc, char **argv); -static int clean_up_cmd(int argc, char **argv); -static int quit_cmd(int argc, char **argv); -static int set_timeout_cmd(int argc, char **argv); - -static int set_timeout(const char *); - -static SL_cmd cmds[] = { - {"change_password", change_password, "Change a user's password"}, - {"cpw"}, - {"passwd"}, - {"change_key", change_key, "Change a user's password as a DES binary key"}, - {"ckey"}, - {"change_admin_password", change_admin_password, - "Change your admin password"}, - {"cap"}, - {"add_new_key", add_new_key, "Add new user to kerberos database"}, - {"ank"}, - {"del_entry", del_entry, "Delete entry from database"}, - {"del"}, - {"delete"}, - {"get_entry", get_entry, "Get entry from kerberos database"}, - {"mod_entry", mod_entry, "Modify entry in kerberos database"}, - {"destroy_tickets", clean_up_cmd, "Destroy admin tickets"}, - {"set_timeout", set_timeout_cmd, "Set ticket timeout"}, - {"timeout" }, - {"exit", quit_cmd, "Exit program"}, - {"quit"}, - {"help", help, "Help"}, - {"?"}, - {NULL} -}; - -#define BAD_PW 1 -#define GOOD_PW 0 -#define FUDGE_VALUE 15 /* for ticket expiration time */ -#define PE_NO 0 -#define PE_YES 1 -#define PE_UNSURE 2 - -/* for get_password, whether it should do the swapping...necessary for - using vals structure, unnecessary for change_pw requests */ -#define DONTSWAP 0 -#define SWAP 1 - -static krb_principal pr; -static char default_realm[REALM_SZ]; /* default kerberos realm */ -static char krbrlm[REALM_SZ]; /* current realm being administered */ - -#ifdef NOENCRYPTION -#define read_long_pw_string placebo_read_pw_string -#else -#define read_long_pw_string des_read_pw_string -#endif - -static void -get_maxlife(Kadm_vals *vals) -{ - char buff[BUFSIZ]; - time_t life; - int l; - - do { - printf("Maximum ticket lifetime? (%d) [%s] ", - vals->max_life, krb_life_to_atime(vals->max_life)); - fflush(stdout); - if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') { - clearerr(stdin); - return; - } - life = krb_atime_to_life(buff); - } while (life <= 0); - - l = strlen(buff); - if (buff[l-2] == 'm') - life = krb_time_to_life(0L, life*60); - if (buff[l-2] == 'h') - life = krb_time_to_life(0L, life*60*60); - - vals->max_life = life; - SET_FIELD(KADM_MAXLIFE,vals->fields); -} - -static void -get_attr(Kadm_vals *vals) -{ - char buff[BUFSIZ], *out; - int attr; - - do { - printf("Attributes? [0x%.2x] ", vals->attributes); - fflush(stdout); - if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') { - clearerr(stdin); - return; - } - attr = strtol(buff, &out, 0); - if (attr == 0 && out == buff) - attr = -1; - } while (attr < 0 || attr > 0xffff); - - vals->attributes = attr; - SET_FIELD(KADM_ATTR,vals->fields); -} - -static time_t -parse_expdate(const char *str) -{ - struct tm edate; - - memset(&edate, 0, sizeof(edate)); - if (sscanf(str, "%d-%d-%d", - &edate.tm_year, &edate.tm_mon, &edate.tm_mday) == 3) { - edate.tm_mon--; /* January is 0, not 1 */ - edate.tm_hour = 23; /* nearly midnight at the end of the */ - edate.tm_min = 59; /* specified day */ - } - if(krb_check_tm (edate)) - return -1; - edate.tm_year -= 1900; - return tm2time (edate, 1); -} - -static void -get_expdate(Kadm_vals *vals) -{ - char buff[BUFSIZ]; - time_t t; - - do { - strftime(buff, sizeof(buff), "%Y-%m-%d", k_localtime(&vals->exp_date)); - printf("Expiration date (enter yyyy-mm-dd) ? [%s] ", buff); - fflush(stdout); - if (fgets(buff, sizeof(buff), stdin) == NULL || *buff == '\n') { - clearerr(stdin); - return; - } - t = parse_expdate(buff); - }while(t < 0); - vals->exp_date = t; - SET_FIELD(KADM_EXPDATE,vals->fields); -} - -static int -princ_exists(char *name, char *instance, char *realm) -{ - int status; - - int old = krb_use_admin_server(1); - status = krb_get_pw_in_tkt(name, instance, realm, - KRB_TICKET_GRANTING_TICKET, - realm, 1, ""); - krb_use_admin_server(old); - - if ((status == KSUCCESS) || (status == INTK_BADPW)) - return(PE_YES); - else if (status == KDC_PR_UNKNOWN) - return(PE_NO); - else - return(PE_UNSURE); -} - -static void -passwd_to_lowhigh(u_int32_t *low, u_int32_t *high, char *password, int byteswap) -{ - des_cblock newkey; - - if (strlen(password) == 0) { - printf("Using random password.\n"); -#ifdef NOENCRYPTION - memset(newkey, 0, sizeof(newkey)); -#else - des_random_key(newkey); -#endif - } else { -#ifdef NOENCRYPTION - memset(newkey, 0, sizeof(newkey)); -#else - des_string_to_key(password, &newkey); -#endif - } - - memcpy(low, newkey, 4); - memcpy(high, ((char *)newkey) + 4, 4); - - memset(newkey, 0, sizeof(newkey)); - -#ifdef NOENCRYPTION - *low = 1; -#endif - - if (byteswap != DONTSWAP) { - *low = htonl(*low); - *high = htonl(*high); - } -} - -static int -get_password(u_int32_t *low, u_int32_t *high, char *prompt, int byteswap) -{ - char new_passwd[MAX_KPW_LEN]; /* new password */ - - if (read_long_pw_string(new_passwd, sizeof(new_passwd)-1, prompt, 1)) - return(BAD_PW); - passwd_to_lowhigh (low, high, new_passwd, byteswap); - memset (new_passwd, 0, sizeof(new_passwd)); - return(GOOD_PW); -} - -static int -get_admin_password(void) -{ - int status; - char admin_passwd[MAX_KPW_LEN]; /* Admin's password */ - int ticket_life = 1; /* minimum ticket lifetime */ - CREDENTIALS c; - - alarm(0); - /* If admin tickets exist and are valid, just exit. */ - memset(&c, 0, sizeof(c)); - if (krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c) == KSUCCESS) - /* - * If time is less than lifetime - FUDGE_VALUE after issue date, - * tickets will probably last long enough for the next - * transaction. - */ - if (time(0) < (c.issue_date + (5 * 60 * c.lifetime) - FUDGE_VALUE)) - return(KADM_SUCCESS); - ticket_life = DEFAULT_TKT_LIFE; - - if (princ_exists(pr.name, pr.instance, pr.realm) != PE_NO) { - char prompt[256]; - snprintf(prompt, sizeof(prompt), "%s's Password: ", - krb_unparse_name(&pr)); - if (read_long_pw_string(admin_passwd, - sizeof(admin_passwd)-1, - prompt, 0)) { - warnx ("Error reading admin password."); - goto bad; - } - status = krb_get_pw_in_tkt(pr.name, pr.instance, pr.realm, - PWSERV_NAME, KADM_SINST, - ticket_life, admin_passwd); - memset(admin_passwd, 0, sizeof(admin_passwd)); - - /* Initialize non shared random sequence from session key. */ - memset(&c, 0, sizeof(c)); - krb_get_cred(PWSERV_NAME, KADM_SINST, krbrlm, &c); - } - else - status = KDC_PR_UNKNOWN; - - switch(status) { - case GT_PW_OK: - return(GOOD_PW); - case KDC_PR_UNKNOWN: - printf("Principal %s does not exist.\n", krb_unparse_name(&pr)); - goto bad; - case GT_PW_BADPW: - printf("Incorrect admin password.\n"); - goto bad; - default: - com_err("kadmin", status+krb_err_base, - "while getting password tickets"); - goto bad; - } - - bad: - memset(admin_passwd, 0, sizeof(admin_passwd)); - dest_tkt(); - return(BAD_PW); -} - -static char *principal; -static char *username; -static char *realm; -static char *timeout; -static int tflag; /* use existing tickets */ -static int mflag; /* compatibility */ -static int version_flag; -static int help_flag; - -static time_t destroy_timeout = 5 * 60; - -struct getargs args[] = { - { NULL, 'p', arg_string, &principal, - "principal to authenticate as"}, - { NULL, 'u', arg_string, &username, - "username, other than default" }, - { NULL, 'r', arg_string, &realm, "local realm" }, - { NULL, 'm', arg_flag, &mflag, "disable ticket timeout" }, - { NULL, 'T', arg_string, &timeout, "default ticket timeout" }, - { NULL, 't', arg_flag, &tflag, "use existing tickets" }, - { "version",0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag }, -}; - -static int num_args = sizeof(args) / sizeof(args[0]); - -static int -clean_up() -{ - if(!tflag) - return dest_tkt() == KSUCCESS; - return 0; -} - -static int -clean_up_cmd (int argc, char **argv) -{ - clean_up(); - return 0; -} - -static int -quit_cmd (int argc, char **argv) -{ - return 1; -} - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "[command]"); - exit(code); -} - -static int -do_init(int argc, char **argv) -{ - int optind = 0; - int ret; - - set_progname (argv[0]); - - if(getarg(args, num_args, argc, argv, &optind) < 0) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - memset(&pr, 0, sizeof(pr)); - ret = krb_get_default_principal(pr.name, pr.instance, default_realm); - if(ret < 0) - errx(1, "Can't figure out default principal"); - if(pr.instance[0] == '\0') - strlcpy(pr.instance, "admin", sizeof(pr.instance)); - if(principal) { - if(username) - warnx("Ignoring username when principal is given"); - ret = krb_parse_name(principal, &pr); - if(ret) - errx(1, "%s: %s", principal, krb_get_err_text(ret)); - if(pr.realm[0] != '\0') - strlcpy(default_realm, pr.realm, sizeof(default_realm)); - } else if(username) { - strlcpy(pr.name, username, sizeof(pr.name)); - strlcpy(pr.instance, "admin", sizeof(pr.instance)); - } - - if(realm) - strlcpy(default_realm, realm, sizeof(default_realm)); - - strlcpy(krbrlm, default_realm, sizeof(krbrlm)); - - if(pr.realm[0] == '\0') - strlcpy(pr.realm, krbrlm, sizeof(pr.realm)); - - if (kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm) != KADM_SUCCESS) - *krbrlm = '\0'; - - if(timeout) { - if(set_timeout(timeout) == -1) - warnx("bad timespecification `%s'", timeout); - } else if(mflag) - destroy_timeout = 0; - - if (tflag) - destroy_timeout = 0; /* disable timeout */ - else{ - char tktstring[128]; - snprintf(tktstring, sizeof(tktstring), "%s_adm_%d", - TKT_ROOT, (int)getpid()); - krb_set_tkt_string(tktstring); - } - return optind; -} - -static void -sigalrm(int sig) -{ - if(clean_up()) - printf("\nTickets destroyed.\n"); -} - -int -main(int argc, char **argv) -{ - int optind = do_init(argc, argv); - if(argc > optind) - sl_command(cmds, argc - optind, argv + optind); - else { - void *data = NULL; - signal(SIGALRM, sigalrm); - while(sl_command_loop(cmds, "kadmin: ", &data) == 0) - alarm(destroy_timeout); - } - clean_up(); - exit(0); -} - -static int -setvals(Kadm_vals *vals, char *string) -{ - char realm[REALM_SZ]; - int status = KADM_SUCCESS; - - memset(vals, 0, sizeof(*vals)); - memset(realm, 0, sizeof(realm)); - - SET_FIELD(KADM_NAME,vals->fields); - SET_FIELD(KADM_INST,vals->fields); - if ((status = kname_parse(vals->name, vals->instance, realm, string))) { - printf("kerberos error: %s\n", krb_get_err_text(status)); - return status; - } - if (!realm[0]) - strlcpy(realm, default_realm, sizeof(realm)); - if (strcmp(realm, krbrlm)) { - strlcpy(krbrlm, realm, sizeof(krbrlm)); - if ((status = kadm_init_link(PWSERV_NAME, KRB_MASTER, krbrlm)) - != KADM_SUCCESS) - printf("kadm error for realm %s: %s\n", - krbrlm, error_message(status)); - } - if (status) - return 1; - else - return KADM_SUCCESS; -} - -static int -set_timeout(const char *timespec) -{ - int t = parse_time(timespec, "s"); - if(t == -1) - return -1; - destroy_timeout = t; - return 0; -} - -static int -set_timeout_cmd(int argc, char **argv) -{ - char ts[128]; - if (argc > 2) { - printf("Usage: set_timeout [timeout]\n"); - return 0; - } - if(argc == 2) { - if(set_timeout(argv[1]) == -1){ - printf("Bad time specification `%s'\n", argv[1]); - return 0; - } - } - if(destroy_timeout == 0) - printf("Timeout disabled.\n"); - else{ - unparse_time(destroy_timeout, ts, sizeof(ts)); - printf("Timeout after %s.\n", ts); - } - return 0; -} - -static int -change_password(int argc, char **argv) -{ - Kadm_vals old, new; - int status; - char pw_prompt[BUFSIZ]; - - char pw[32]; - int generate_password = 0; - int i; - int optind = 0; - char *user = NULL; - - struct getargs cpw_args[] = { - { "random", 'r', arg_flag, NULL, "generate random password" }, - }; - i = 0; - cpw_args[i++].value = &generate_password; - - if(getarg(cpw_args, sizeof(cpw_args) / sizeof(cpw_args[0]), - argc, argv, &optind)){ - arg_printusage(cpw_args, - sizeof(cpw_args) / sizeof(cpw_args[0]), - "cpw", - "principal"); - return 0; - } - - argc -= optind; - argv += optind; - - if (argc != 1) { - printf("Usage: change_password [options] principal\n"); - return 0; - } - - user = argv[0]; - - if (setvals(&old, user) != KADM_SUCCESS) - return 0; - - new = old; - - SET_FIELD(KADM_DESKEY,new.fields); - - if (princ_exists(old.name, old.instance, krbrlm) != PE_NO) { - /* get the admin's password */ - if (get_admin_password() != GOOD_PW) - return 0; - - - if (generate_password) { - random_password(pw, sizeof(pw), &new.key_low, &new.key_high); - } else { - /* get the new password */ - snprintf(pw_prompt, sizeof(pw_prompt), - "New password for %s:", user); - - if (get_password(&new.key_low, &new.key_high, - pw_prompt, SWAP) != GOOD_PW) { - printf("Error reading password; password unchanged\n"); - return 0; - } - } - - status = kadm_mod(&old, &new); - if (status == KADM_SUCCESS) { - printf("Password changed for %s.\n", user); - if (generate_password) - printf("Password is: %s\n", pw); - } else { - printf("kadmin: %s\nwhile changing password for %s", - error_message(status), user); - } - - memset(pw, 0, sizeof(pw)); - memset(&new, 0, sizeof(new)); - } else - printf("kadmin: Principal %s does not exist.\n", - krb_unparse_name_long (old.name, old.instance, krbrlm)); - return 0; -} - -static int -getkey(unsigned char *k) -{ - int i, c; - for (i = 0; i < 8; i++) - { - c = getchar(); - if (c == EOF) - return 0; - else if (c == '\\') - { - int oct = -1; - scanf("%03o", &oct); - if (oct < 0 || oct > 255) - return 0; - k[i] = oct; - } - else if (!isalpha(c)) - return 0; - else - k[i] = c; - } - c = getchar(); - if (c != '\n') - return 0; - return 1; /* Success */ -} - -static void -printkey(unsigned char *tkey) -{ - int j; - for(j = 0; j < 8; j++) - if(tkey[j] != '\\' && isalpha(tkey[j]) != 0) - printf("%c", tkey[j]); - else - printf("\\%03o",(unsigned char)tkey[j]); - printf("\n"); -} - -static int -change_key(int argc, char **argv) -{ - Kadm_vals old, new; - unsigned char newkey[8]; - int status; - - if (argc != 2) { - printf("Usage: change_key principal-name\n"); - return 0; - } - - if (setvals(&old, argv[1]) != KADM_SUCCESS) - return 0; - - new = old; - - SET_FIELD(KADM_DESKEY,new.fields); - - if (princ_exists(old.name, old.instance, krbrlm) != PE_NO) { - /* get the admin's password */ - if (get_admin_password() != GOOD_PW) - return 0; - - /* get the new password */ - printf("New DES key for %s: ", argv[1]); - - if (getkey(newkey)) { - memcpy(&new.key_low, newkey, 4); - memcpy(&new.key_high, ((char *)newkey) + 4, 4); - printf("Entered key for %s: ", argv[1]); - printkey(newkey); - memset(newkey, 0, sizeof(newkey)); - - status = kadm_mod(&old, &new); - if (status == KADM_SUCCESS) { - printf("Key changed for %s.\n", argv[1]); - } else { - printf("kadmin: %s\nwhile changing key for %s", - error_message(status), argv[1]); - } - } else - printf("Error reading key; key unchanged\n"); - memset(&new, 0, sizeof(new)); - } - else - printf("kadmin: Principal %s does not exist.\n", - krb_unparse_name_long (old.name, old.instance, krbrlm)); - return 0; -} - -static int -change_admin_password(int argc, char **argv) -{ - des_cblock newkey; - int status; - char pword[MAX_KPW_LEN]; - char *pw_msg; - - alarm(0); - if (argc != 1) { - printf("Usage: change_admin_password\n"); - return 0; - } - if (get_pw_new_pwd(pword, sizeof(pword), &pr, 1) == 0) { - des_string_to_key(pword, &newkey); - status = kadm_change_pw_plain(newkey, pword, &pw_msg); - if(status == KADM_INSECURE_PW) - printf("Insecure password: %s\n", pw_msg); - else if (status == KADM_SUCCESS) - printf("Admin password changed\n"); - else - printf("kadm error: %s\n",error_message(status)); - memset(newkey, 0, sizeof(newkey)); - memset(pword, 0, sizeof(pword)); - } - return 0; -} - -void random_password(char*, size_t, u_int32_t*, u_int32_t*); - -static int -add_new_key(int argc, char **argv) -{ - int i; - char pw_prompt[BUFSIZ]; - int status; - int generate_password = 0; - char *password = NULL; - - char *expiration_string = NULL; - time_t default_expiration = 0; - int expiration_set = 0; - - char *life_string = NULL; - time_t default_life = 0; - int life_set = 0; - - int attributes = -1; - int default_attributes = 0; - int attributes_set = 0; - - int optind = 0; - - /* XXX remember to update value assignments below */ - struct getargs add_args[] = { - { "random", 'r', arg_flag, NULL, "generate random password" }, - { "password", 'p', arg_string, NULL }, - { "life", 'l', arg_string, NULL, "max ticket life" }, - { "expiration", 'e', arg_string, NULL, "principal expiration" }, - { "attributes", 'a', arg_integer, NULL } - }; - i = 0; - add_args[i++].value = &generate_password; - add_args[i++].value = &password; - add_args[i++].value = &life_string; - add_args[i++].value = &expiration_string; - add_args[i++].value = &attributes; - - - if(getarg(add_args, sizeof(add_args) / sizeof(add_args[0]), - argc, argv, &optind)){ - arg_printusage(add_args, - sizeof(add_args) / sizeof(add_args[0]), - "add", - "principal ..."); - return 0; - } - - if(expiration_string) { - default_expiration = parse_expdate(expiration_string); - if(default_expiration < 0) - warnx("Unknown expiration date `%s'", expiration_string); - else - expiration_set = 1; - } - if(life_string) { - time_t t = parse_time(life_string, "hour"); - if(t == -1) - warnx("Unknown lifetime `%s'", life_string); - else { - default_life = krb_time_to_life(0, t); - life_set = 1; - } - } - if(attributes != -1) { - default_attributes = attributes; - attributes_set = 1; - } - - - { - char default_name[ANAME_SZ + INST_SZ + 1]; - char old_default[INST_SZ + 1] = ""; - Kadm_vals new, default_vals; - char pw[32]; - u_char fields[4]; - - for(i = optind; i < argc; i++) { - if (setvals(&new, argv[i]) != KADM_SUCCESS) - return 0; - SET_FIELD(KADM_EXPDATE, new.fields); - SET_FIELD(KADM_ATTR, new.fields); - SET_FIELD(KADM_MAXLIFE, new.fields); - SET_FIELD(KADM_DESKEY, new.fields); - - if (princ_exists(new.name, new.instance, krbrlm) == PE_YES) { - printf("kadmin: Principal %s already exists.\n", argv[i]); - continue; - } - /* get the admin's password */ - if (get_admin_password() != GOOD_PW) - return 0; - - snprintf (default_name, sizeof(default_name), - "default.%s", new.instance); - if(strcmp(old_default, default_name) != 0) { - memset(fields, 0, sizeof(fields)); - SET_FIELD(KADM_NAME, fields); - SET_FIELD(KADM_INST, fields); - SET_FIELD(KADM_EXPDATE, fields); - SET_FIELD(KADM_ATTR, fields); - SET_FIELD(KADM_MAXLIFE, fields); - if (setvals(&default_vals, default_name) != KADM_SUCCESS) - return 0; - - if (kadm_get(&default_vals, fields) != KADM_SUCCESS) { - /* no such entry, try just `default' */ - if (setvals(&default_vals, "default") != KADM_SUCCESS) - continue; - if ((status = kadm_get(&default_vals, fields)) != KADM_SUCCESS) { - warnx ("kadm error: %s", error_message(status)); - break; /* no point in continuing */ - } - } - - if (default_vals.max_life == 255) /* Defaults not set! */ { - /* This is the default maximum lifetime for new principals. */ - if (strcmp(new.instance, "admin") == 0) - default_vals.max_life = 1 + (CLOCK_SKEW/(5*60)); /* 5+5 minutes */ - else if (strcmp(new.instance, "root") == 0) - default_vals.max_life = 96; /* 8 hours */ - else if (krb_life_to_time(0, 162) >= 24*60*60) - default_vals.max_life = 162; /* ca 100 hours */ - else - default_vals.max_life = 255; /* ca 21 hours (maximum) */ - - /* Also fix expiration date. */ - { - time_t now; - struct tm tm; - - now = time(0); - tm = *gmtime(&now); - if (strcmp(new.name, "rcmd") == 0 || - strcmp(new.name, "ftp") == 0 || - strcmp(new.name, "pop") == 0) - tm.tm_year += 5; - else - tm.tm_year += 2; - default_vals.exp_date = mktime(&tm); - } - default_vals.attributes = default_vals.attributes; - } - if(!life_set) - default_life = default_vals.max_life; - if(!expiration_set) - default_expiration = default_vals.exp_date; - if(!attributes_set) - default_attributes = default_vals.attributes; - } - - new.max_life = default_life; - new.exp_date = default_expiration; - new.attributes = default_attributes; - if(!life_set) - get_maxlife(&new); - if(!attributes_set) - get_attr(&new); - if(!expiration_set) - get_expdate(&new); - - if(generate_password) { - random_password(pw, sizeof(pw), &new.key_low, &new.key_high); - } else if (password == NULL) { - /* get the new password */ - snprintf(pw_prompt, sizeof(pw_prompt), "Password for %s:", - argv[i]); - - if (get_password(&new.key_low, &new.key_high, - pw_prompt, SWAP) != GOOD_PW) { - printf("Error reading password: %s not added\n", argv[i]); - memset(&new, 0, sizeof(new)); - return 0; - } - } else { - passwd_to_lowhigh (&new.key_low, &new.key_high, password, SWAP); - memset (password, 0, strlen(password)); - } - - status = kadm_add(&new); - if (status == KADM_SUCCESS) { - printf("%s added to database", argv[i]); - if (generate_password) - printf (" with password `%s'", pw); - printf (".\n"); - } else - printf("kadm error: %s\n",error_message(status)); - - memset(pw, 0, sizeof(pw)); - memset(&new, 0, sizeof(new)); - } - } - - return 0; -} - -static int -del_entry(int argc, char **argv) -{ - int status; - Kadm_vals vals; - int i; - - if (argc < 2) { - printf("Usage: delete principal...\n"); - return 0; - } - - for(i = 1; i < argc; i++) { - if (setvals(&vals, argv[i]) != KADM_SUCCESS) - return 0; - - if (princ_exists(vals.name, vals.instance, krbrlm) != PE_NO) { - /* get the admin's password */ - if (get_admin_password() != GOOD_PW) - return 0; - - if ((status = kadm_del(&vals)) == KADM_SUCCESS) - printf("%s removed from database.\n", argv[i]); - else - printf("kadm error: %s\n",error_message(status)); - } - else - printf("kadmin: Principal %s does not exist.\n", - krb_unparse_name_long (vals.name, vals.instance, krbrlm)); - } - return 0; -} - -static int -get_entry(int argc, char **argv) -{ - int status; - u_char fields[4]; - Kadm_vals vals; - - if (argc != 2) { - printf("Usage: get_entry username\n"); - return 0; - } - - memset(fields, 0, sizeof(fields)); - - SET_FIELD(KADM_NAME,fields); - SET_FIELD(KADM_INST,fields); - SET_FIELD(KADM_EXPDATE,fields); - SET_FIELD(KADM_ATTR,fields); - SET_FIELD(KADM_MAXLIFE,fields); -#if 0 - SET_FIELD(KADM_DESKEY,fields); -#endif -#ifdef EXTENDED_KADM - SET_FIELD(KADM_MODDATE, fields); - SET_FIELD(KADM_MODNAME, fields); - SET_FIELD(KADM_MODINST, fields); - SET_FIELD(KADM_KVNO, fields); -#endif - - if (setvals(&vals, argv[1]) != KADM_SUCCESS) - return 0; - - - if (princ_exists(vals.name, vals.instance, krbrlm) != PE_NO) { - /* get the admin's password */ - if (get_admin_password() != GOOD_PW) - return 0; - - if ((status = kadm_get(&vals, fields)) == KADM_SUCCESS) - prin_vals(&vals); - else - printf("kadm error: %s\n",error_message(status)); - } - else - printf("kadmin: Principal %s does not exist.\n", - krb_unparse_name_long (vals.name, vals.instance, krbrlm)); - return 0; -} - -static int -mod_entry(int argc, char **argv) -{ - int status; - u_char fields[4]; - Kadm_vals ovals, nvals; - int i; - - char *expiration_string = NULL; - time_t default_expiration = 0; - int expiration_set = 0; - - char *life_string = NULL; - time_t default_life = 0; - int life_set = 0; - - int attributes = -1; - int default_attributes = 0; - int attributes_set = 0; - - int optind = 0; - - /* XXX remember to update value assignments below */ - struct getargs mod_args[] = { - { "life", 'l', arg_string, NULL, "max ticket life" }, - { "expiration", 'e', arg_string, NULL, "principal expiration" }, - { "attributes", 'a', arg_integer, NULL } - }; - i = 0; - mod_args[i++].value = &life_string; - mod_args[i++].value = &expiration_string; - mod_args[i++].value = &attributes; - - - if(getarg(mod_args, sizeof(mod_args) / sizeof(mod_args[0]), - argc, argv, &optind)){ - arg_printusage(mod_args, - sizeof(mod_args) / sizeof(mod_args[0]), - "mod", - "principal ..."); - return 0; - } - - if(expiration_string) { - default_expiration = parse_expdate(expiration_string); - if(default_expiration < 0) - warnx("Unknown expiration date `%s'", expiration_string); - else - expiration_set = 1; - } - if(life_string) { - time_t t = parse_time(life_string, "hour"); - if(t == -1) - warnx("Unknown lifetime `%s'", life_string); - else { - default_life = krb_time_to_life(0, t); - life_set = 1; - } - } - if(attributes != -1) { - default_attributes = attributes; - attributes_set = 1; - } - - - for(i = optind; i < argc; i++) { - - memset(fields, 0, sizeof(fields)); - - SET_FIELD(KADM_NAME,fields); - SET_FIELD(KADM_INST,fields); - SET_FIELD(KADM_EXPDATE,fields); - SET_FIELD(KADM_ATTR,fields); - SET_FIELD(KADM_MAXLIFE,fields); - - if (setvals(&ovals, argv[i]) != KADM_SUCCESS) - return 0; - - nvals = ovals; - - if (princ_exists(ovals.name, ovals.instance, krbrlm) == PE_NO) { - printf("kadmin: Principal %s does not exist.\n", - krb_unparse_name_long (ovals.name, ovals.instance, krbrlm)); - return 0; - } - - /* get the admin's password */ - if (get_admin_password() != GOOD_PW) - return 0; - - if ((status = kadm_get(&ovals, fields)) != KADM_SUCCESS) { - printf("[ unable to retrieve current settings: %s ]\n", - error_message(status)); - nvals.max_life = DEFAULT_TKT_LIFE; - nvals.exp_date = 0; - nvals.attributes = 0; - } else { - nvals.max_life = ovals.max_life; - nvals.exp_date = ovals.exp_date; - nvals.attributes = ovals.attributes; - } - - if(life_set) { - nvals.max_life = default_life; - SET_FIELD(KADM_MAXLIFE, nvals.fields); - } else - get_maxlife(&nvals); - if(attributes_set) { - nvals.attributes = default_attributes; - SET_FIELD(KADM_ATTR, nvals.fields); - } else - get_attr(&nvals); - if(expiration_set) { - nvals.exp_date = default_expiration; - SET_FIELD(KADM_EXPDATE, nvals.fields); - } else - get_expdate(&nvals); - - if (IS_FIELD(KADM_MAXLIFE, nvals.fields) || - IS_FIELD(KADM_ATTR, nvals.fields) || - IS_FIELD(KADM_EXPDATE, nvals.fields)) { - if ((status = kadm_mod(&ovals, &nvals)) != KADM_SUCCESS) { - printf("kadm error: %s\n",error_message(status)); - goto out; - } - if ((status = kadm_get(&ovals, fields)) != KADM_SUCCESS) { - printf("kadm error: %s\n",error_message(status)); - goto out; - } - } - prin_vals(&ovals); - } - -out: - return 0; -} - -static int -help(int argc, char **argv) -{ - sl_help (cmds, argc, argv); - return 0; -} diff --git a/crypto/kerberosIV/kadmin/kpasswd.c b/crypto/kerberosIV/kadmin/kpasswd.c deleted file mode 100644 index d0d35be99cc7..000000000000 --- a/crypto/kerberosIV/kadmin/kpasswd.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * change your password with kerberos - */ - -#include "kadm_locl.h" - -RCSID("$Id: kpasswd.c,v 1.29 1999/11/13 06:33:20 assar Exp $"); - -static void -usage(int value) -{ - fprintf(stderr, "Usage: "); - fprintf(stderr, "kpasswd [-h ] [-n user] [-i instance] [-r realm] "); - fprintf(stderr, "[-u fullname]\n"); - exit(value); -} - -int -main(int argc, char **argv) -{ - krb_principal principal; - krb_principal default_principal; - int realm_given = 0; /* True if realm was give on cmdline */ - int use_default = 1; /* True if we should use default name */ - int status; /* return code */ - char pword[MAX_KPW_LEN]; - int c; - char tktstring[MaxPathLen]; - - set_progname (argv[0]); - - memset (&principal, 0, sizeof(principal)); - memset (&default_principal, 0, sizeof(default_principal)); - - krb_get_default_principal (default_principal.name, - default_principal.instance, - default_principal.realm); - - while ((c = getopt(argc, argv, "u:n:i:r:h")) != -1) { - switch (c) { - case 'u': - status = krb_parse_name (optarg, &principal); - if (status != KSUCCESS) - errx (2, "%s", krb_get_err_text(status)); - if (principal.realm[0]) - realm_given++; - else if (krb_get_lrealm(principal.realm, 1) != KSUCCESS) - errx (1, "Could not find default realm!"); - break; - case 'n': - if (k_isname(optarg)) - strlcpy(principal.name, - optarg, - sizeof(principal.name)); - else { - warnx("Bad name: %s", optarg); - usage(1); - } - break; - case 'i': - if (k_isinst(optarg)) - strlcpy(principal.instance, - optarg, - sizeof(principal.instance)); - else { - warnx("Bad instance: %s", optarg); - usage(1); - } - break; - case 'r': - if (k_isrealm(optarg)) { - strlcpy(principal.realm, - optarg, - sizeof(principal.realm)); - realm_given++; - } else { - warnx("Bad realm: %s", optarg); - usage(1); - } - break; - case 'h': - usage(0); - break; - default: - usage(1); - break; - } - use_default = 0; - } - if (optind < argc) { - use_default = 0; - status = krb_parse_name (argv[optind], &principal); - if(status != KSUCCESS) - errx (1, "%s", krb_get_err_text (status)); - } - - if (use_default) { - strlcpy(principal.name, - default_principal.name, - sizeof(principal.name)); - strlcpy(principal.instance, - default_principal.instance, - sizeof(principal.instance)); - strlcpy(principal.realm, - default_principal.realm, - sizeof(principal.realm)); - } else { - if (!principal.name[0]) - strlcpy(principal.name, - default_principal.name, - sizeof(principal.name)); - if (!principal.realm[0]) - strlcpy(principal.realm, - default_principal.realm, - sizeof(principal.realm)); - } - - snprintf(tktstring, sizeof(tktstring), "%s_cpw_%u", - TKT_ROOT, (unsigned)getpid()); - krb_set_tkt_string(tktstring); - - if (get_pw_new_pwd(pword, sizeof(pword), &principal, - realm_given)) { - dest_tkt (); - exit(1); - } - - status = kadm_init_link (PWSERV_NAME, KRB_MASTER, principal.realm); - if (status != KADM_SUCCESS) - com_err(argv[0], status, "while initializing"); - else { - des_cblock newkey; - char *pw_msg; /* message from server */ - - des_string_to_key(pword, &newkey); - status = kadm_change_pw_plain((unsigned char*)&newkey, pword, &pw_msg); - memset(newkey, 0, sizeof(newkey)); - - if (status == KADM_INSECURE_PW) - warnx ("Insecure password: %s", pw_msg); - else if (status != KADM_SUCCESS) - com_err(argv[0], status, " attempting to change password."); - } - memset(pword, 0, sizeof(pword)); - - if (status != KADM_SUCCESS) - fprintf(stderr,"Password NOT changed.\n"); - else - printf("Password changed.\n"); - - dest_tkt(); - if (status) - return 2; - else - return 0; -} diff --git a/crypto/kerberosIV/kadmin/kpasswd_standalone.c b/crypto/kerberosIV/kadmin/kpasswd_standalone.c deleted file mode 100644 index 3cb7f9716fa7..000000000000 --- a/crypto/kerberosIV/kadmin/kpasswd_standalone.c +++ /dev/null @@ -1,228 +0,0 @@ -/* - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * Copyright.MIT. - * - * change your password with kerberos - */ - -#ifndef lint -#if 0 -static char rcsid_kpasswd_c[] = - "BonesHeader: /afs/athena.mit.edu/astaff/project/kerberos/src/kadmin/RCS/kpasswd.c,v 4.3 89/09/26 09:33:02 jtkohl Exp "; -#endif -static const char rcsid[] = - "$FreeBSD$"; -#endif lint - -/* - * kpasswd - * change your password with kerberos - */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include "kadm.h" - -#include "extern.h" - -extern void krb_set_tkt_string(); -static void go_home(char *, int); - - -int krb_passwd(char *uname, char *iflag, char *rflag, char *uflag) -{ - char name[ANAME_SZ]; /* name of user */ - char inst[INST_SZ]; /* instance of user */ - char realm[REALM_SZ]; /* realm of user */ - char default_name[ANAME_SZ]; - char default_inst[INST_SZ]; - char default_realm[REALM_SZ]; - int realm_given = 0; /* True if realm was give on cmdline */ - int use_default = 1; /* True if we should use default name */ - struct passwd *pw; - int status; /* return code */ - des_cblock new_key; - extern char *optarg; - extern int optind; - char tktstring[MAXPATHLEN]; - - void get_pw_new_key(); - -#ifdef NOENCRYPTION -int placebo_long_pw_string(); -#define read_long_pw_string placebo_read_pw_string -#else -#define read_long_pw_string des_read_pw_string -#endif - - bzero(name, sizeof(name)); - bzero(inst, sizeof(inst)); - bzero(realm, sizeof(realm)); - - if (krb_get_tf_fullname(TKT_FILE, default_name, default_inst, - default_realm) != KSUCCESS) { - pw = getpwuid((int) getuid()); - if (pw) { - strcpy(default_name, pw->pw_name); - } else { - /* seems like a null name is kinda silly */ - strcpy(default_name, ""); - } - strcpy(default_inst, ""); - if (krb_get_lrealm(default_realm, 1) != KSUCCESS) - strcpy(default_realm, KRB_REALM); - } - - if(uflag) { - if ((status = kname_parse(name, inst, realm, uflag))) { - errx(2, "Kerberos error: %s", krb_err_txt[status]); - } - if (realm[0]) - realm_given++; - else - if (krb_get_lrealm(realm, 1) != KSUCCESS) - strcpy(realm, KRB_REALM); - } - - if(uname) { - if (k_isname(uname)) { - strncpy(name, uname, sizeof(name) - 1); - } else { - errx(1, "bad name: %s", uname); - } - } - - if(iflag) { - if (k_isinst(iflag)) { - strncpy(inst, iflag, sizeof(inst) - 1); - } else { - errx(1, "bad instance: %s", iflag); - } - } - - if(rflag) { - if (k_isrealm(rflag)) { - strncpy(realm, rflag, sizeof(realm) - 1); - realm_given++; - } else { - errx(1, "bad realm: %s", rflag); - } - } - - if(uname || iflag || rflag || uflag) use_default = 0; - - if (use_default) { - strcpy(name, default_name); - strcpy(inst, default_inst); - strcpy(realm, default_realm); - } else { - if (!name[0]) - strcpy(name, default_name); - if (!realm[0]) - strcpy(realm, default_realm); - } - - (void) sprintf(tktstring, "/tmp/tkt_cpw_%d",getpid()); - krb_set_tkt_string(tktstring); - - get_pw_new_key(new_key, name, inst, realm, realm_given); - - if ((status = kadm_init_link("changepw", KRB_MASTER, realm)) - != KADM_SUCCESS) - com_err("kpasswd", status, "while initializing"); - else if ((status = kadm_change_pw(new_key)) != KADM_SUCCESS) - com_err("kpasswd", status, " attempting to change password."); - - if (status != KADM_SUCCESS) - fprintf(stderr,"Password NOT changed.\n"); - else - printf("Password changed.\n"); - - (void) dest_tkt(); - if (status) - exit(2); - else - exit(0); -} - -void get_pw_new_key(new_key, name, inst, realm, print_realm) - des_cblock new_key; - char *name; - char *inst; - char *realm; - int print_realm; /* True if realm was give on cmdline */ -{ - char ppromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */ - char pword[MAX_KPW_LEN]; /* storage for the password */ - char npromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */ - - char local_realm[REALM_SZ]; - int status; - - /* - * We don't care about failure; this is to determine whether or - * not to print the realm in the prompt for a new password. - */ - (void) krb_get_lrealm(local_realm, 1); - - if (strcmp(local_realm, realm)) - print_realm++; - - (void) sprintf(ppromp,"Old password for %s%s%s%s%s:", - name, *inst ? "." : "", inst, - print_realm ? "@" : "", print_realm ? realm : ""); - if (read_long_pw_string(pword, sizeof(pword)-1, ppromp, 0)) { - fprintf(stderr, "Error reading old password.\n"); - exit(1); - } - - if ((status = krb_get_pw_in_tkt(name, inst, realm, PWSERV_NAME, - KADM_SINST, 1, pword)) != KSUCCESS) { - if (status == INTK_BADPW) { - printf("Incorrect old password.\n"); - exit(0); - } - else { - fprintf(stderr, "Kerberos error: %s\n", krb_err_txt[status]); - exit(1); - } - } - bzero(pword, sizeof(pword)); - do { - (void) sprintf(npromp,"New Password for %s%s%s%s%s:", - name, *inst ? "." : "", inst, - print_realm ? "@" : "", print_realm ? realm : ""); - if (read_long_pw_string(pword, sizeof(pword)-1, npromp, 1)) - go_home("Error reading new password, password unchanged.\n",0); - if (strlen(pword) == 0) - printf("Null passwords are not allowed; try again.\n"); - } while (strlen(pword) == 0); - -#ifdef NOENCRYPTION - bzero((char *) new_key, sizeof(des_cblock)); - new_key[0] = (unsigned char) 1; -#else - (void) des_string_to_key(pword, (des_cblock *)new_key); -#endif - bzero(pword, sizeof(pword)); -} - -static void -go_home(str,x) - char *str; - int x; -{ - fprintf(stderr, str, x); - (void) dest_tkt(); - exit(1); -} diff --git a/crypto/kerberosIV/kadmin/ksrvutil.c b/crypto/kerberosIV/kadmin/ksrvutil.c deleted file mode 100644 index 0770a03f8aca..000000000000 --- a/crypto/kerberosIV/kadmin/ksrvutil.c +++ /dev/null @@ -1,628 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ -/* $FreeBSD$ */ - -/* - * list and update contents of srvtab files - */ - -/* - * ksrvutil - * list and update the contents of srvtab files - */ - -#include "kadm_locl.h" - -RCSID("$Id: ksrvutil.c,v 1.50 1999/11/13 06:33:59 assar Exp $"); - -#include "ksrvutil.h" - -#ifdef NOENCRYPTION -#define read_long_pw_string placebo_read_pw_string -#else /* NOENCRYPTION */ -#define read_long_pw_string des_read_pw_string -#endif /* NOENCRYPTION */ - -#define SRVTAB_MODE 0600 /* rw------- */ -#define PAD " " -#define VNO_HEADER "Version" -#define VNO_FORMAT "%4d " -#define KEY_HEADER " Key " /* 17 characters long */ -#define PRINC_HEADER " Principal\n" -#define PRINC_FORMAT "%s" - -char u_name[ANAME_SZ]; -char u_inst[INST_SZ]; -char u_realm[REALM_SZ]; - -int destroyp = FALSE; /* Should the ticket file be destroyed? */ - -static unsigned short -get_mode(char *filename) -{ - struct stat statbuf; - unsigned short mode; - - memset(&statbuf, 0, sizeof(statbuf)); - - if (stat(filename, &statbuf) < 0) - mode = SRVTAB_MODE; - else - mode = statbuf.st_mode; - - return(mode); -} - -static void -copy_keyfile(char *keyfile, char *backup_keyfile) -{ - int keyfile_fd; - int backup_keyfile_fd; - int keyfile_mode; - char buf[BUFSIZ]; /* for copying keyfiles */ - int rcount; /* for copying keyfiles */ - int try_again; - - memset(buf, 0, sizeof(buf)); - - do { - try_again = FALSE; - if ((keyfile_fd = open(keyfile, O_RDONLY, 0)) < 0) { - if (errno != ENOENT) - err (1, "open %s", keyfile); - else { - try_again = TRUE; - if ((keyfile_fd = - open(keyfile, - O_WRONLY | O_TRUNC | O_CREAT, SRVTAB_MODE)) < 0) - err(1, "create %s", keyfile); - else - if (close(keyfile_fd) < 0) - err (1, "close %s", keyfile); - } - } - } while(try_again); - - keyfile_mode = get_mode(keyfile); - - if ((backup_keyfile_fd = - open(backup_keyfile, O_WRONLY | O_TRUNC | O_CREAT, - keyfile_mode)) < 0) - err (1, "open %s", backup_keyfile); - do { - if ((rcount = read(keyfile_fd, buf, sizeof(buf))) < 0) - err (1, "read %s", keyfile); - if (rcount && (write(backup_keyfile_fd, buf, rcount) != rcount)) - err (1, "write %s", backup_keyfile); - } while (rcount); - if (close(backup_keyfile_fd) < 0) - err(1, "close %s", backup_keyfile); - if (close(keyfile_fd) < 0) - err(1, "close %s", keyfile); -} - -void -leave(char *str, int x) -{ - if (str) - fprintf(stderr, "%s\n", str); - if (destroyp) - dest_tkt(); - exit(x); -} - -void -safe_read_stdin(char *prompt, char *buf, size_t size) -{ - printf("%s", prompt); - fflush(stdout); - memset(buf, 0, size); - if (read(0, buf, size - 1) < 0) { - warn("read stdin"); - leave(NULL, 1); - } - buf[strlen(buf)-1] = 0; -} - -void -safe_write(char *filename, int fd, void *buf, size_t len) -{ - if (write(fd, buf, len) != len) { - warn("write %s", filename); - close(fd); - leave("In progress srvtab in this file.", 1); - } -} - -static int -yes_no(char *string, int dflt) -{ - char ynbuf[5]; - - printf("%s (y,n) [%c]", string, dflt?'y':'n'); - for (;;) { - safe_read_stdin("", ynbuf, sizeof(ynbuf)); - - if ((ynbuf[0] == 'n') || (ynbuf[0] == 'N')) - return(0); - else if ((ynbuf[0] == 'y') || (ynbuf[0] == 'Y')) - return(1); - else if(ynbuf[0] == 0) - return dflt; - else { - printf("Please enter 'y' or 'n': "); - fflush(stdout); - } - } -} - -int yn(char *string) -{ - return yes_no(string, 1); -} - -int ny(char *string) -{ - return yes_no(string, 0); -} - -static void -append_srvtab(char *filename, int fd, char *sname, char *sinst, char *srealm, - unsigned char key_vno, unsigned char *key) -{ - /* Add one to append null */ - safe_write(filename, fd, sname, strlen(sname) + 1); - safe_write(filename, fd, sinst, strlen(sinst) + 1); - safe_write(filename, fd, srealm, strlen(srealm) + 1); - safe_write(filename, fd, &key_vno, 1); - safe_write(filename, fd, key, sizeof(des_cblock)); - fsync(fd); -} - -static void -print_key(unsigned char *key) -{ - int i; - - for (i = 0; i < 4; i++) - printf("%02x", key[i]); - printf(" "); - for (i = 4; i < 8; i++) - printf("%02x", key[i]); -} - -static void -print_name(char *name, char *inst, char *realm) -{ - printf("%s", krb_unparse_name_long(name, inst, realm)); -} - -static int -get_svc_new_key(des_cblock *new_key, char *sname, char *sinst, - char *srealm, char *keyfile) -{ - int status = KADM_SUCCESS; - - if (((status = krb_get_svc_in_tkt(sname, sinst, srealm, PWSERV_NAME, - KADM_SINST, 1, keyfile)) == KSUCCESS) && - ((status = kadm_init_link(PWSERV_NAME, KRB_MASTER, srealm)) == - KADM_SUCCESS)) { -#ifdef NOENCRYPTION - memset(new_key, 0, sizeof(des_cblock)); - (*new_key)[0] = (unsigned char) 1; -#else /* NOENCRYPTION */ - des_random_key(*new_key); -#endif /* NOENCRYPTION */ - return(KADM_SUCCESS); - } - - return(status); -} - -static void -get_key_from_password(des_cblock (*key), char *cellname) -{ - char password[MAX_KPW_LEN]; /* storage for the password */ - - if (read_long_pw_string(password, sizeof(password)-1, "Password: ", 1)) - leave("Error reading password.", 1); - -#ifdef NOENCRYPTION - memset(key, 0, sizeof(des_cblock)); - (*key)[0] = (unsigned char) 1; -#else /* NOENCRYPTION */ - if (strlen(cellname) == 0) - des_string_to_key(password, key); - else - afs_string_to_key(password, cellname, key); -#endif /* NOENCRYPTION */ - memset(password, 0, sizeof(password)); -} - -static void -usage(void) -{ - fprintf(stderr, "Usage: ksrvutil [-f keyfile] [-i] [-k] "); - fprintf(stderr, "[-p principal] [-r realm] [-u]"); - fprintf(stderr, "[-c AFS cellname] "); - fprintf(stderr, "{list | change | add | get | delete}\n"); - fprintf(stderr, " -i causes the program to ask for " - "confirmation before changing keys.\n"); - fprintf(stderr, " -k causes the key to printed for list or change.\n"); - fprintf(stderr, " -u creates one keyfile for each principal " - "(only used with `get')\n"); - exit(1); -} - -int -main(int argc, char **argv) -{ - char sname[ANAME_SZ]; /* name of service */ - char sinst[INST_SZ]; /* instance of service */ - char srealm[REALM_SZ]; /* realm of service */ - unsigned char key_vno; /* key version number */ - int status; /* general purpose error status */ - des_cblock new_key; - des_cblock old_key; - char change_tkt[MaxPathLen]; /* Ticket to use for key change */ - char keyfile[MaxPathLen]; /* Original keyfile */ - char work_keyfile[MaxPathLen]; /* Working copy of keyfile */ - char backup_keyfile[MaxPathLen]; /* Backup copy of keyfile */ - unsigned short keyfile_mode; /* Protections on keyfile */ - int work_keyfile_fd = -1; /* Initialize so that */ - int backup_keyfile_fd = -1; /* compiler doesn't complain */ - char local_realm[REALM_SZ]; /* local kerberos realm */ - char cellname[1024]; /* AFS cell name */ - int c; - int interactive = FALSE; - int list = FALSE; - int change = FALSE; - int unique_filename = FALSE; - int add = FALSE; - int delete = FALSE; - int get = FALSE; - int key = FALSE; /* do we show keys? */ - int arg_entered = FALSE; - int change_this_key = FALSE; - char databuf[BUFSIZ]; - int first_printed = FALSE; /* have we printed the first item? */ - - memset(sname, 0, sizeof(sname)); - memset(sinst, 0, sizeof(sinst)); - memset(srealm, 0, sizeof(srealm)); - - memset(change_tkt, 0, sizeof(change_tkt)); - memset(keyfile, 0, sizeof(keyfile)); - memset(work_keyfile, 0, sizeof(work_keyfile)); - memset(backup_keyfile, 0, sizeof(backup_keyfile)); - memset(local_realm, 0, sizeof(local_realm)); - memset(cellname, 0, sizeof(cellname)); - - set_progname (argv[0]); - - if (krb_get_default_principal(u_name, u_inst, u_realm) < 0) - errx (1, "could not get default principal"); - - /* This is used only as a default for adding keys */ - if (krb_get_lrealm(local_realm, 1) != KSUCCESS) - strlcpy(local_realm, - KRB_REALM, - sizeof(local_realm)); - - while((c = getopt(argc, argv, "ikc:f:p:r:u")) != -1) { - switch (c) { - case 'i': - interactive++; - break; - case 'k': - key++; - break; - case 'c': - strlcpy(cellname, optarg, sizeof(cellname)); - break; - case 'f': - strlcpy(keyfile, optarg, sizeof(keyfile)); - break; - case 'p': - if((status = kname_parse (u_name, u_inst, u_realm, optarg)) != - KSUCCESS) - errx (1, "principal %s: %s", optarg, - krb_get_err_text(status)); - break; - case 'r': - strlcpy(u_realm, optarg, sizeof(u_realm)); - break; - case 'u': - unique_filename = 1; - break; - case '?': - usage(); - } - } - if (optind >= argc) - usage(); - if (*u_realm == '\0') - strlcpy (u_realm, local_realm, sizeof(u_realm)); - if (strcmp(argv[optind], "list") == 0) { - if (arg_entered) - usage(); - else { - arg_entered++; - list++; - } - } - else if (strcmp(argv[optind], "change") == 0) { - if (arg_entered) - usage(); - else { - arg_entered++; - change++; - } - } - else if (strcmp(argv[optind], "add") == 0) { - if (arg_entered) - usage(); - else { - arg_entered++; - add++; - } - } - else if (strcmp(argv[optind], "get") == 0) { - if (arg_entered) - usage(); - else { - arg_entered++; - get++; - } - } - else if (strcmp(argv[optind], "delete") == 0) { - if (arg_entered) - usage(); - else { - arg_entered++; - delete++; - } - } - else - usage(); - ++optind; - - if (!arg_entered) - usage(); - - if(unique_filename && !get) - warnx("`-u' flag is only used with `get'"); - - if (!keyfile[0]) - strlcpy(keyfile, KEYFILE, sizeof(keyfile)); - - strlcpy(work_keyfile, keyfile, sizeof(work_keyfile)); - strlcpy(backup_keyfile, keyfile, sizeof(backup_keyfile)); - - if (change || add || (get && !unique_filename) || delete) { - snprintf(work_keyfile, sizeof(work_keyfile), "%s.work", keyfile); - snprintf(backup_keyfile, sizeof(backup_keyfile), "%s.old", keyfile); - copy_keyfile(keyfile, backup_keyfile); - } - - if (add || (get && !unique_filename)) - copy_keyfile(backup_keyfile, work_keyfile); - - keyfile_mode = get_mode(keyfile); - - if (change || list || delete) - if ((backup_keyfile_fd = open(backup_keyfile, O_RDONLY, 0)) < 0) - err (1, "open %s", backup_keyfile); - - if (change || delete) { - if ((work_keyfile_fd = - open(work_keyfile, O_WRONLY | O_CREAT | O_TRUNC, - SRVTAB_MODE)) < 0) - err (1, "creat %s", work_keyfile); - } - else if (add) { - if ((work_keyfile_fd = - open(work_keyfile, O_APPEND | O_WRONLY, SRVTAB_MODE)) < 0) - err (1, "open with append %s", work_keyfile ); - } - else if (get && !unique_filename) { - if ((work_keyfile_fd = - open(work_keyfile, O_RDWR | O_CREAT, SRVTAB_MODE)) < 0) - err (1, "open for writing %s", work_keyfile); - } - - if (change || list || delete) { - while ((getst(backup_keyfile_fd, sname, SNAME_SZ) > 0) && - (getst(backup_keyfile_fd, sinst, INST_SZ) > 0) && - (getst(backup_keyfile_fd, srealm, REALM_SZ) > 0) && - (read(backup_keyfile_fd, &key_vno, 1) > 0) && - (read(backup_keyfile_fd, old_key, sizeof(old_key)) > 0)) { - if (list) { - if (!first_printed) { - printf(VNO_HEADER); - printf(PAD); - if (key) { - printf(KEY_HEADER); - printf(PAD); - } - printf(PRINC_HEADER); - first_printed = 1; - } - printf(VNO_FORMAT, key_vno); - printf(PAD); - if (key) { - print_key(old_key); - printf(PAD); - } - print_name(sname, sinst, srealm); - printf("\n"); - } - else if (change) { - snprintf(change_tkt, sizeof(change_tkt), "%s_ksrvutil.%u", - TKT_ROOT, (unsigned)getpid()); - krb_set_tkt_string(change_tkt); - destroyp = TRUE; - - printf("\nPrincipal: "); - print_name(sname, sinst, srealm); - printf("; version %d\n", key_vno); - if (interactive) - change_this_key = yn("Change this key?"); - else - change_this_key = 1; - - if (change_this_key) - printf("Changing to version %d.\n", key_vno + 1); - else if (change) - printf("Not changing this key.\n"); - - if (change_this_key) { - /* - * Pick a new key and determine whether or not - * it is safe to change - */ - if ((status = - get_svc_new_key(&new_key, sname, sinst, - srealm, keyfile)) == KADM_SUCCESS) - key_vno++; - else { - memcpy(new_key, old_key, sizeof(new_key)); - warnx ("Key NOT changed: %s\n", - krb_get_err_text(status)); - change_this_key = FALSE; - } - } - else - memcpy(new_key, old_key, sizeof(new_key)); - append_srvtab(work_keyfile, work_keyfile_fd, - sname, sinst, srealm, key_vno, new_key); - if (key && change_this_key) { - printf("Old key: "); - print_key(old_key); - printf("; new key: "); - print_key(new_key); - printf("\n"); - } - if (change_this_key) { - if ((status = kadm_change_pw(new_key)) == KADM_SUCCESS) { - printf("Key changed.\n"); - dest_tkt(); - } - else { - com_err(__progname, status, - " attempting to change password."); - dest_tkt(); - /* XXX This knows the format of a keyfile */ - if (lseek(work_keyfile_fd, -9, SEEK_CUR) >= 0) { - key_vno--; - safe_write(work_keyfile, - work_keyfile_fd, &key_vno, 1); - safe_write(work_keyfile, work_keyfile_fd, - old_key, sizeof(des_cblock)); - fsync(work_keyfile_fd); - fprintf(stderr,"Key NOT changed.\n"); - } else { - warn ("Unable to revert keyfile"); - leave("", 1); - } - } - } - } else if(delete) { - int delete_this_key; - printf("\nPrincipal: "); - print_name(sname, sinst, srealm); - printf("; version %d\n", key_vno); - delete_this_key = yn("Delete this key?"); - - if (delete_this_key) - printf("Deleting this key.\n"); - - if (!delete_this_key) { - append_srvtab(work_keyfile, work_keyfile_fd, - sname, sinst, srealm, key_vno, old_key); - } - } - memset(old_key, 0, sizeof(des_cblock)); - memset(new_key, 0, sizeof(des_cblock)); - } - } - else if (add) { - do { - do { - char *p; - - safe_read_stdin("Name: ", databuf, sizeof(databuf)); - p = strchr(databuf, '.'); - if (p != NULL) { - *p++ = '\0'; - strlcpy (sname, databuf, sizeof(sname)); - strlcpy (sinst, p, sizeof(sinst)); - } else { - strlcpy (sname, databuf, sizeof(sname)); - safe_read_stdin("Instance: ", databuf, sizeof(databuf)); - strlcpy (sinst, databuf, sizeof(databuf)); - } - - safe_read_stdin("Realm: ", databuf, sizeof(databuf)); - if (databuf[0] != '\0') - strlcpy (srealm, databuf, sizeof(srealm)); - else - strlcpy (srealm, local_realm, sizeof(srealm)); - - safe_read_stdin("Version number: ", databuf, sizeof(databuf)); - key_vno = atoi(databuf); - if (!srealm[0]) - strlcpy(srealm, local_realm, sizeof(srealm)); - printf("New principal: "); - print_name(sname, sinst, srealm); - printf("; version %d\n", key_vno); - } while (!yn("Is this correct?")); - get_key_from_password(&new_key, cellname); - if (key) { - printf("Key: "); - print_key(new_key); - printf("\n"); - } - append_srvtab(work_keyfile, work_keyfile_fd, - sname, sinst, srealm, key_vno, new_key); - printf("Key successfully added.\n"); - } while (yn("Would you like to add another key?")); - } - else if (get) { - ksrvutil_get(unique_filename, work_keyfile_fd, work_keyfile, - argc - optind, argv + optind); - } - - if (change || list || delete) - if (close(backup_keyfile_fd) < 0) - warn ("close %s", backup_keyfile); - - if (change || add || (get && !unique_filename) || delete) { - if (close(work_keyfile_fd) < 0) - err (1, "close %s", work_keyfile); - if (rename(work_keyfile, keyfile) < 0) - err (1, "rename(%s, %s)", work_keyfile, keyfile); - chmod(backup_keyfile, keyfile_mode); - chmod(keyfile, keyfile_mode); - printf("Old keyfile in %s.\n", backup_keyfile); - } - return 0; -} diff --git a/crypto/kerberosIV/kadmin/ksrvutil.h b/crypto/kerberosIV/kadmin/ksrvutil.h deleted file mode 100644 index 2b562ac9064e..000000000000 --- a/crypto/kerberosIV/kadmin/ksrvutil.h +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: ksrvutil.h,v 1.10 1999/12/02 16:58:36 joda Exp $ - * - */ - -extern char u_name[], u_inst[], u_realm[]; -extern int destroyp; - -void leave(char *str, int x); -void safe_read_stdin(char *prompt, char *buf, size_t size); -void safe_write(char *filename, int fd, void *buf, size_t len); - -int yn(char *string); -int ny(char *string); - -void ksrvutil_get(int unique_filename, int fd, - char *filename, int argc, char **argv); diff --git a/crypto/kerberosIV/kadmin/ksrvutil_get.c b/crypto/kerberosIV/kadmin/ksrvutil_get.c deleted file mode 100644 index dc7b6c0ae564..000000000000 --- a/crypto/kerberosIV/kadmin/ksrvutil_get.c +++ /dev/null @@ -1,428 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "kadm_locl.h" -#include "ksrvutil.h" - -RCSID("$Id: ksrvutil_get.c,v 1.43 1999/12/02 16:58:36 joda Exp $"); - -#define BAD_PW 1 -#define GOOD_PW 0 -#define FUDGE_VALUE 15 /* for ticket expiration time */ -#define PE_NO 0 -#define PE_YES 1 -#define PE_UNSURE 2 - -static char tktstring[MaxPathLen]; - -static int -princ_exists(char *name, char *instance, char *realm) -{ - int status; - - status = krb_get_pw_in_tkt(name, instance, realm, - KRB_TICKET_GRANTING_TICKET, - realm, 1, ""); - - if ((status == KSUCCESS) || (status == INTK_BADPW)) - return(PE_YES); - else if (status == KDC_PR_UNKNOWN) - return(PE_NO); - else - return(PE_UNSURE); -} - -static int -get_admin_password(char *myname, char *myinst, char *myrealm) -{ - int status; - char admin_passwd[MAX_KPW_LEN]; /* Admin's password */ - int ticket_life = 1; /* minimum ticket lifetime */ - char buf[1024]; - CREDENTIALS c; - - if (princ_exists(myname, myinst, myrealm) != PE_NO) { - snprintf(buf, sizeof(buf), "Password for %s: ", - krb_unparse_name_long (myname, myinst, myrealm)); - if (des_read_pw_string(admin_passwd, sizeof(admin_passwd)-1, - buf, 0)) { - fprintf(stderr, "Error reading admin password.\n"); - goto bad; - } - status = krb_get_pw_in_tkt(myname, myinst, myrealm, PWSERV_NAME, - KADM_SINST, ticket_life, admin_passwd); - memset(admin_passwd, 0, sizeof(admin_passwd)); - } else - status = KDC_PR_UNKNOWN; - - switch(status) { - case GT_PW_OK: - return(GOOD_PW); - case KDC_PR_UNKNOWN: - printf("Principal %s does not exist.\n", - krb_unparse_name_long(myname, myinst, myrealm)); - goto bad; - case GT_PW_BADPW: - printf("Incorrect admin password.\n"); - goto bad; - default: - com_err("kadmin", status+krb_err_base, - "while getting password tickets"); - goto bad; - } - -bad: - memset(admin_passwd, 0, sizeof(admin_passwd)); - dest_tkt(); - return(BAD_PW); -} - -static void -srvtab_put_key (int fd, char *filename, char *name, char *inst, char *realm, - int8_t kvno, des_cblock key) -{ - char sname[ANAME_SZ]; /* name of service */ - char sinst[INST_SZ]; /* instance of service */ - char srealm[REALM_SZ]; /* realm of service */ - int8_t skvno; - des_cblock skey; - - lseek(fd, 0, SEEK_SET); - - while(getst(fd, sname, SNAME_SZ) > 0 && - getst(fd, sinst, INST_SZ) > 0 && - getst(fd, srealm, REALM_SZ) > 0 && - read(fd, &skvno, sizeof(skvno)) > 0 && - read(fd, skey, sizeof(skey)) > 0) { - if(strcmp(name, sname) == 0 && - strcmp(inst, sinst) == 0 && - strcmp(realm, srealm) == 0) { - lseek(fd, lseek(fd,0,SEEK_CUR)-(sizeof(skvno) + sizeof(skey)), SEEK_SET); - safe_write(filename, fd, &kvno, sizeof(kvno)); - safe_write(filename, fd, key, sizeof(des_cblock)); - return; - } - } - safe_write(filename, fd, name, strlen(name) + 1); - safe_write(filename, fd, inst, strlen(inst) + 1); - safe_write(filename, fd, realm, strlen(realm) + 1); - safe_write(filename, fd, &kvno, sizeof(kvno)); - safe_write(filename, fd, key, sizeof(des_cblock)); -} - -/* - * node list of services - */ - -struct srv_ent{ - char name[SNAME_SZ]; - char inst[INST_SZ]; - char realm[REALM_SZ]; - struct srv_ent *next; -}; - -static int -key_to_key(const char *user, - char *instance, - const char *realm, - const void *arg, - des_cblock *key) -{ - memcpy(key, arg, sizeof(des_cblock)); - return 0; -} - -static void -get_srvtab_ent(int unique_filename, int fd, char *filename, - char *name, char *inst, char *realm) -{ - char chname[128]; - des_cblock newkey; - char old_tktfile[MaxPathLen], new_tktfile[MaxPathLen]; - char garbage_name[ANAME_SZ]; - char garbage_inst[ANAME_SZ]; - CREDENTIALS c; - u_int8_t kvno; - Kadm_vals values; - int ret; - - strlcpy(chname, krb_get_phost(inst), sizeof(chname)); - if(strcmp(inst, chname)) - fprintf(stderr, - "Warning: Are you sure `%s' should not be `%s'?\n", - inst, chname); - - memset(&values, 0, sizeof(values)); - strlcpy(values.name, name, sizeof(values.name)); - strlcpy(values.instance, inst, sizeof(values.instance)); - des_random_key(newkey); - values.key_low = (newkey[0] << 24) | (newkey[1] << 16) - | (newkey[2] << 8) | (newkey[3] << 0); - values.key_high = (newkey[4] << 24) | (newkey[5] << 16) - | (newkey[6] << 8) | (newkey[7] << 0); - - SET_FIELD(KADM_NAME,values.fields); - SET_FIELD(KADM_INST,values.fields); - SET_FIELD(KADM_DESKEY,values.fields); - - ret = kadm_mod(&values, &values); - if(ret == KADM_NOENTRY) - ret = kadm_add(&values); - if (ret != KSUCCESS) { - warnx ("Couldn't get srvtab entry for %s.%s: %s", - name, inst, error_message(ret)); - return; - } - - values.key_low = values.key_high = 0; - - /* get the key version number */ - { - int old = krb_use_admin_server(1); - - strlcpy(old_tktfile, tkt_string(), sizeof(old_tktfile)); - snprintf(new_tktfile, sizeof(new_tktfile), "%s_ksrvutil-get.%u", - TKT_ROOT, (unsigned)getpid()); - krb_set_tkt_string(new_tktfile); - - ret = krb_get_in_tkt(name, inst, realm, name, inst, - 1, key_to_key, NULL, &newkey); - krb_use_admin_server(old); - if (ret) { - warnx ("getting tickets for %s: %s", - krb_unparse_name_long(name, inst, realm), - krb_get_err_text(ret)); - return; - } - } - - if (ret == KSUCCESS && - (ret = tf_init(tkt_string(), R_TKT_FIL)) == KSUCCESS && - (ret = tf_get_pname(garbage_name)) == KSUCCESS && - (ret = tf_get_pinst(garbage_inst)) == KSUCCESS && - (ret = tf_get_cred(&c)) == KSUCCESS) - kvno = c.kvno; - else { - warnx ("Could not find the cred in the ticket file: %s", - krb_get_err_text(ret)); - return; - } - - tf_close(); - krb_set_tkt_string(old_tktfile); - unlink(new_tktfile); - - if(ret != KSUCCESS) { - memset(&newkey, 0, sizeof(newkey)); - warnx ("Could not get a ticket for %s: %s\n", - krb_unparse_name_long(name, inst, realm), - krb_get_err_text(ret)); - return; - } - - /* Write the new key & c:o to the srvtab file */ - - if(unique_filename){ - char *fn; - asprintf(&fn, "%s-%s", filename, - krb_unparse_name_long(name, inst, realm)); - if(fn == NULL){ - warnx("Out of memory"); - leave(NULL, 1); - } - fd = open(fn, O_RDWR | O_CREAT | O_TRUNC, 0600); /* XXX flags, mode? */ - if(fd < 0){ - warn("%s", fn); - leave(NULL, 1); - } - srvtab_put_key (fd, fn, name, inst, realm, kvno, newkey); - close(fd); - fprintf (stderr, "Created %s\n", fn); - free(fn); - }else{ - srvtab_put_key (fd, filename, name, inst, realm, kvno, newkey); - fprintf (stderr, "Added %s\n", - krb_unparse_name_long (name, inst, realm)); - } - memset(&newkey, 0, sizeof(newkey)); -} - -static void -ksrvutil_kadm(int unique_filename, int fd, char *filename, struct srv_ent *p) -{ - int ret; - CREDENTIALS c; - - ret = kadm_init_link(PWSERV_NAME, KADM_SINST, u_realm); - if (ret != KADM_SUCCESS) { - warnx("Couldn't initialize kadmin link: %s", error_message(ret)); - leave(NULL, 1); - } - - ret = krb_get_cred (PWSERV_NAME, KADM_SINST, u_realm, &c); - if (ret != KSUCCESS) { - umask(077); - - /* - * create ticket file and get admin tickets - */ - snprintf(tktstring, sizeof(tktstring), "%s_ksrvutil_%d", - TKT_ROOT, (int)getpid()); - krb_set_tkt_string(tktstring); - destroyp = TRUE; - - ret = get_admin_password(u_name, u_inst, u_realm); - if (ret) { - warnx("Couldn't get admin password."); - leave(NULL, 1); - } - } - for(;p;){ - get_srvtab_ent(unique_filename, fd, filename, p->name, p->inst, p->realm); - p=p->next; - } - unlink(tktstring); -} - -static void -parseinput (char *result, size_t sz, char *val, char *def) -{ - char *lim; - int inq; - - if (val[0] == '\0') { - strlcpy (result, def, sz); - return; - } - lim = result + sz - 1; - inq = 0; - while(*val && result < lim) { - switch(*val) { - case '\'' : - inq = !inq; - ++val; - break; - case '\\' : - if(!inq) - val++; - default: - *result++ = *val++; - break; - } - } - *result = '\0'; -} - -void -ksrvutil_get(int unique_filename, int fd, char *filename, int argc, char **argv) -{ - char sname[ANAME_SZ]; /* name of service */ - char sinst[INST_SZ]; /* instance of service */ - char srealm[REALM_SZ]; /* realm of service */ - char databuf[BUFSIZ]; - char local_hostname[100]; - char prompt[100]; - struct srv_ent *head=NULL; - int i; - - gethostname(local_hostname, sizeof(local_hostname)); - strlcpy(local_hostname, - krb_get_phost(local_hostname), - sizeof(local_hostname)); - - if (argc) - for(i=0; i < argc; ++i) { - struct srv_ent *p=malloc(sizeof(*p)); - - if(p == NULL) { - warnx ("out of memory in malloc"); - leave(NULL,1); - } - p->next = head; - strlcpy (p->realm, u_realm, sizeof(p->realm)); - if (kname_parse (p->name, p->inst, p->realm, argv[i]) != - KSUCCESS) { - warnx ("parse error on '%s'\n", argv[i]); - free(p); - continue; - } - if (p->name[0] == '\0') - strlcpy(p->name, "rcmd", sizeof(p->name)); - if (p->inst[0] == '\0') - strlcpy(p->inst, local_hostname, sizeof(p->inst)); - if (p->realm[0] == '\0') - strlcpy(p->realm, u_realm, sizeof(p->realm)); - head = p; - } - - else - do{ - safe_read_stdin("Name [rcmd]: ", databuf, sizeof(databuf)); - parseinput (sname, sizeof(sname), databuf, "rcmd"); - - snprintf(prompt, sizeof(prompt), "Instance [%s]: ", local_hostname); - safe_read_stdin(prompt, databuf, sizeof(databuf)); - parseinput (sinst, sizeof(sinst), databuf, local_hostname); - - snprintf(prompt, sizeof(prompt), "Realm [%s]: ", u_realm); - safe_read_stdin(prompt, databuf, sizeof(databuf)); - parseinput (srealm, sizeof(srealm), databuf, u_realm); - - if(yn("Is this correct?")){ - struct srv_ent *p=(struct srv_ent*)malloc(sizeof(struct srv_ent)); - if (p == NULL) { - warnx ("out of memory in malloc"); - leave(NULL,1); - } - p->next=head; - head=p; - strlcpy(p->name, sname, sizeof(p->name)); - strlcpy(p->inst, sinst, sizeof(p->inst)); - strlcpy(p->realm, srealm, sizeof(p->realm)); - } - }while(ny("Add more keys?")); - - - ksrvutil_kadm(unique_filename, fd, filename, head); - - { - struct srv_ent *p=head, *q; - while(p){ - q=p; - p=p->next; - free(q); - } - } - -} diff --git a/crypto/kerberosIV/kadmin/new_pwd.c b/crypto/kerberosIV/kadmin/new_pwd.c deleted file mode 100644 index cfeb095d2ea9..000000000000 --- a/crypto/kerberosIV/kadmin/new_pwd.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm_locl.h" - -RCSID("$Id: new_pwd.c,v 1.14 1999/12/02 16:58:36 joda Exp $"); - -#ifdef NOENCRYPTION -#define read_long_pw_string placebo_read_pw_string -#else -#define read_long_pw_string des_read_pw_string -#endif - -static char * -check_pw (char *pword) -{ - int ret = kadm_check_pw(pword); - switch(ret) { - case 0: - return NULL; - case KADM_PASS_Q_NULL: - return "Null passwords are not allowed - " - "Please enter a longer password."; - case KADM_PASS_Q_TOOSHORT: - return "Password is to short - Please enter a longer password."; - case KADM_PASS_Q_CLASS: - /* XXX */ - return "Please don't use an all-lower case password.\n" - "\tUnusual capitalization, delimiter characters or " - "digits are suggested."; - } - return "Password is insecure"; /* XXX this shouldn't happen */ -} - -int -get_pw_new_pwd(char *pword, int pwlen, krb_principal *pr, int print_realm) -{ - char ppromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */ - char npromp[40+ANAME_SZ+INST_SZ+REALM_SZ]; /* for the password prompt */ - - char p[MAX_K_NAME_SZ]; - - char local_realm[REALM_SZ]; - int status; - char *expl; - - /* - * We don't care about failure; this is to determine whether or - * not to print the realm in the prompt for a new password. - */ - krb_get_lrealm(local_realm, 1); - - if (strcmp(local_realm, pr->realm)) - print_realm++; - - { - char *q; - krb_unparse_name_r(pr, p); - if(print_realm == 0 && (q = strrchr(p, '@'))) - *q = 0; - } - - snprintf(ppromp, sizeof(ppromp), "Old password for %s:", p); - if (read_long_pw_string(pword, pwlen-1, ppromp, 0)) { - fprintf(stderr, "Error reading old password.\n"); - return -1; - } - - status = krb_get_pw_in_tkt(pr->name, pr->instance, pr->realm, - PWSERV_NAME, KADM_SINST, 1, pword); - if (status != KSUCCESS) { - if (status == INTK_BADPW) { - printf("Incorrect old password.\n"); - return -1; - } - else { - fprintf(stderr, "Kerberos error: %s\n", krb_get_err_text(status)); - return -1; - } - } - memset(pword, 0, pwlen); - - do { - char verify[MAX_KPW_LEN]; - - snprintf(npromp, sizeof(npromp), "New Password for %s:",p); - if (read_long_pw_string(pword, pwlen-1, npromp, 0)) { - fprintf(stderr, - "Error reading new password, password unchanged.\n"); - return -1; - } - expl = check_pw (pword); - if (expl) { - printf("\n\t%s\n\n", expl); - continue; - } - /* Now we got an ok password, verify it. */ - snprintf(npromp, sizeof(npromp), "Verifying New Password for %s:", p); - if (read_long_pw_string(verify, MAX_KPW_LEN-1, npromp, 0)) { - fprintf(stderr, - "Error reading new password, password unchanged.\n"); - return -1; - } - if (strcmp(pword, verify) != 0) { - printf("Verify failure - try again\n"); - expl = ""; /* continue */ - } - } while (expl); - return 0; -} diff --git a/crypto/kerberosIV/kadmin/pw_check.c b/crypto/kerberosIV/kadmin/pw_check.c deleted file mode 100644 index 448ad37297e0..000000000000 --- a/crypto/kerberosIV/kadmin/pw_check.c +++ /dev/null @@ -1,82 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm_locl.h" - -RCSID("$Id: pw_check.c,v 1.14 1999/12/02 16:58:36 joda Exp $"); - -/* - * kadm_pw_check - * - * pw : new password or "" if none passed - * newkey : key for pw as passed from client - * strings : interesting strings to check for - * - * returns NULL if pw is ok, else an explanatory string - */ -int -kadm_pw_check(char *pw, des_cblock *newkey, char **pw_msg, - char **strings) -{ - des_cblock pwkey; - int status=KADM_SUCCESS; - - if (pw == NULL || *pw == '\0') - return status; /* XXX - Change this later */ - -#ifndef NO_PW_CHECK - *pw_msg = NULL; - des_string_to_key(pw, &pwkey); /* Check AFS string to key also! */ - if (memcmp(pwkey, *newkey, sizeof(pwkey)) != 0) - { - /* no password or bad key */ - status=KADM_PW_MISMATCH; - *pw_msg = "Password doesn't match supplied DES key"; - } - else if (strlen(pw) < MIN_KPW_LEN) - { - status = KADM_INSECURE_PW; - *pw_msg="Password is too short"; - } - -#ifdef DICTPATH - *pw_msg = FascistCheck(pw, DICTPATH, strings); - if (*pw_msg) - return KADM_INSECURE_PW; -#endif - - memset(pwkey, 0, sizeof(pwkey)); -#endif - - return status; -} diff --git a/crypto/kerberosIV/kadmin/pw_check.h b/crypto/kerberosIV/kadmin/pw_check.h deleted file mode 100644 index 8b717f8b5dd0..000000000000 --- a/crypto/kerberosIV/kadmin/pw_check.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * $Id: pw_check.h,v 1.7 1999/12/02 16:58:36 joda Exp $ - */ - -int kadm_pw_check(char *pw, des_cblock *newkey, - char **pw_msg, char **strings); - diff --git a/crypto/kerberosIV/kadmin/random_password.c b/crypto/kerberosIV/kadmin/random_password.c deleted file mode 100644 index ca9855a93830..000000000000 --- a/crypto/kerberosIV/kadmin/random_password.c +++ /dev/null @@ -1,161 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "kadm_locl.h" - -RCSID("$Id: random_password.c,v 1.4 1999/12/02 16:58:36 joda Exp $"); - -/* This file defines some a function that generates a random password, - that can be used when creating a large amount of principals (such - as for a batch of students). Since this is a political matter, you - should think about how secure generated passwords has to be. - - Both methods defined here will give you at least 55 bits of - entropy. - */ - -/* If you want OTP-style passwords, define OTP_STYLE */ - -#ifdef OTP_STYLE -#include -#else -static void generate_password(char **pw, int num_classes, ...); -#endif - -void -random_password(char *pw, size_t len, u_int32_t *low, u_int32_t *high) -{ - des_cblock newkey; -#ifdef OTP_STYLE - des_random_key(&newkey); - otp_print_stddict (newkey, pw, len); - strlwr(pw); -#else - char *pass; - generate_password(&pass, 3, - "abcdefghijklmnopqrstuvwxyz", 7, - "ABCDEFGHIJKLMNOPQRSTUVWXYZ", 2, - "@$%&*()-+=:,/<>1234567890", 1); - strlcpy(pw, pass, len); - memset(pass, 0, strlen(pass)); - free(pass); -#endif - des_string_to_key(pw, &newkey); - memcpy(low, newkey, 4); - memcpy(high, ((char *)newkey) + 4, 4); - memset(newkey, 0, sizeof(newkey)); - - *low = htonl(*low); - *high = htonl(*high); -} - -/* some helper functions */ - -#ifndef OTP_STYLE -/* return a random value in range 0-127 */ -static int -RND(des_cblock *key, int *left) -{ - if(*left == 0){ - des_random_key(*key); - *left = 8; - } - (*left)--; - return ((unsigned char*)key)[*left]; -} - -/* This a helper function that generates a random password with a - number of characters from a set of character classes. - - If there are n classes, and the size of each class is Pi, and the - number of characters from each class is Ni, the number of possible - passwords are (given that the character classes are disjoint): - - n n - ----- / ---- \ - | | Ni | \ | - | | Pi | \ Ni| ! - | | ---- * | / | - | | Ni! | /___ | - i=1 \ i=1 / - - Since it uses the RND function above, neither the size of each - class, nor the total length of the generated password should be - larger than 127 (without fixing RND). - - */ -static void -generate_password(char **pw, int num_classes, ...) -{ - struct { - const char *str; - int len; - int freq; - } *classes; - va_list ap; - int len, i; - des_cblock rbuf; /* random buffer */ - int rleft = 0; - - classes = malloc(num_classes * sizeof(*classes)); - va_start(ap, num_classes); - len = 0; - for(i = 0; i < num_classes; i++){ - classes[i].str = va_arg(ap, const char*); - classes[i].len = strlen(classes[i].str); - classes[i].freq = va_arg(ap, int); - len += classes[i].freq; - } - va_end(ap); - *pw = malloc(len + 1); - if(*pw == NULL) - return; - for(i = 0; i < len; i++) { - int j; - int x = RND(&rbuf, &rleft) % (len - i); - int t = 0; - for(j = 0; j < num_classes; j++) { - if(x < t + classes[j].freq) { - (*pw)[i] = classes[j].str[RND(&rbuf, &rleft) % classes[j].len]; - classes[j].freq--; - break; - } - t += classes[j].freq; - } - } - (*pw)[len] = '\0'; - memset(rbuf, 0, sizeof(rbuf)); - free(classes); -} -#endif diff --git a/crypto/kerberosIV/kuser/Makefile.in b/crypto/kerberosIV/kuser/Makefile.in deleted file mode 100644 index 9047bdd55370..000000000000 --- a/crypto/kerberosIV/kuser/Makefile.in +++ /dev/null @@ -1,90 +0,0 @@ -# $Id: Makefile.in,v 1.30 1999/03/10 19:01:14 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -top_builddir = .. - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -LIBS = @LIBS@ -KRB_KAFS_LIB = @KRB_KAFS_LIB@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -bindir = @bindir@ -libdir = @libdir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROGS = kinit$(EXECSUFFIX) \ - kdestroy$(EXECSUFFIX) \ - klist$(EXECSUFFIX) - -SOURCES = kinit.c kdestroy.c klist.c - -OBJECTS = kinit.o kdestroy.o klist.o - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -KLIB=-L../lib/krb -lkrb -L../lib/des -ldes -LIBROKEN=-L../lib/roken -lroken - -kinit$(EXECSUFFIX): kinit.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kinit.o $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -kdestroy$(EXECSUFFIX): kdestroy.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdestroy.o $(KRB_KAFS_LIB) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -klist$(EXECSUFFIX): klist.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ klist.o $(KRB_KAFS_LIB) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN) - -# su move to appl/bsd - -$(OBJECTS): ../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/kuser/kdestroy.c b/crypto/kerberosIV/kuser/kdestroy.c deleted file mode 100644 index 93e3a66bf127..000000000000 --- a/crypto/kerberosIV/kuser/kdestroy.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kuser_locl.h" -#include -#include - -RCSID("$Id: kdestroy.c,v 1.17 1999/12/02 16:58:36 joda Exp $"); - -#ifdef LEGACY_KDESTROY -int ticket_flag = 1; -int unlog_flag = 0; -#else -int ticket_flag = -1; -int unlog_flag = -1; -#endif -int quiet_flag; -int help_flag; -int version_flag; - -struct getargs args[] = { - { "quiet", 'q', arg_flag, &quiet_flag, - "don't print any messages" }, - { NULL, 'f', arg_flag, &quiet_flag }, - { "tickets", 't', arg_flag, &ticket_flag, - "destroy tickets" }, - { "unlog", 'u', arg_flag, &unlog_flag, - "destroy AFS tokens" }, - { "version", 0, arg_flag, &version_flag }, - { "help", 'h', arg_flag, &help_flag } -}; - -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, ""); - exit(code); -} - -int -main(int argc, char **argv) -{ - int optind = 0; - int ret = RET_TKFIL; - - set_progname(argv[0]); - if(getarg(args, num_args, argc, argv, &optind)) - usage(1); - - if(help_flag) - usage(0); - - if(version_flag) { - print_version(NULL); - exit(0); - } - - if (unlog_flag == -1 && ticket_flag == -1) - unlog_flag = ticket_flag = 1; - - if (ticket_flag) - ret = dest_tkt(); - - if (unlog_flag && k_hasafs()) - k_unlog(); - - if (!quiet_flag) { - if (ret == KSUCCESS) - printf("Tickets destroyed.\n"); - else if (ret == RET_TKFIL) - printf("No tickets to destroy.\n"); - else { - printf("Tickets NOT destroyed.\n"); - } - } - - if (ret == KSUCCESS || ret == RET_TKFIL) - return 0; - else - return 1; -} diff --git a/crypto/kerberosIV/kuser/kinit.c b/crypto/kerberosIV/kuser/kinit.c deleted file mode 100644 index 96c0e4fdb2c8..000000000000 --- a/crypto/kerberosIV/kuser/kinit.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Routine to initialize user to Kerberos. Prompts optionally for - * user, instance and realm. Authenticates user and gets a ticket - * for the Kerberos ticket-granting service for future use. - * - * Options are: - * - * -i[instance] - * -r[realm] - * -v[erbose] - * -l[ifetime] - * -p - * - * $FreeBSD$ - */ - -#include "kuser_locl.h" - -RCSID("$Id: kinit.c,v 1.17 1997/12/12 04:48:44 assar Exp $"); - -#define LIFE DEFAULT_TKT_LIFE /* lifetime of ticket in 5-minute units */ -#define CHPASSLIFE 2 - -static void -get_input(char *s, int size, FILE *stream) -{ - char *p; - - if (fgets(s, size, stream) == NULL) - exit(1); - if ( (p = strchr(s, '\n')) != NULL) - *p = '\0'; -} - - -static void -usage(void) -{ - fprintf(stderr, "Usage: %s [-irvlp] [name]\n", __progname); - exit(1); -} - -int -main(int argc, char **argv) -{ - char aname[ANAME_SZ]; - char inst[INST_SZ]; - char realm[REALM_SZ]; - char buf[MaxHostNameLen]; - char name[MAX_K_NAME_SZ]; - char *username = NULL; - int iflag, rflag, vflag, lflag, pflag, lifetime, k_errno; - int i; - - set_progname (argv[0]); - - *inst = *realm = '\0'; - iflag = rflag = vflag = lflag = pflag = 0; - lifetime = LIFE; - - while (--argc) { - if ((*++argv)[0] != '-') { - if (username) - usage(); - username = *argv; - continue; - } - for (i = 1; (*argv)[i] != '\0'; i++) - switch ((*argv)[i]) { - case 'i': /* Instance */ - ++iflag; - continue; - case 'r': /* Realm */ - ++rflag; - continue; - case 'v': /* Verbose */ - ++vflag; - continue; - case 'l': - ++lflag; - continue; - case 'p': - ++pflag; /* chpass-tickets */ - lifetime = CHPASSLIFE; - break; - default: - usage(); - } - } - if (username && - (k_errno = kname_parse(aname, inst, realm, username)) != KSUCCESS) { - warnx("%s", krb_get_err_text(k_errno)); - iflag = rflag = 1; - username = NULL; - } - if (gethostname(buf, MaxHostNameLen)) - err(1, "gethostname failed"); - printf("%s (%s)\n", ORGANIZATION, buf); - if (username) { - printf("Kerberos Initialization for \"%s", aname); - if (*inst) - printf(".%s", inst); - if (*realm) - printf("@%s", realm); - printf("\"\n"); - } else { - printf("Kerberos Initialization\n"); - printf("Kerberos name: "); - get_input(name, sizeof(name), stdin); - if (!*name) - return 0; - if ((k_errno = kname_parse(aname, inst, realm, name)) != KSUCCESS ) - errx(1, "%s", krb_get_err_text(k_errno)); - } - /* optional instance */ - if (iflag) { - printf("Kerberos instance: "); - get_input(inst, sizeof(inst), stdin); - if (!k_isinst(inst)) - errx(1, "bad Kerberos instance format"); - } - if (rflag) { - printf("Kerberos realm: "); - get_input(realm, sizeof(realm), stdin); - if (!k_isrealm(realm)) - errx(1, "bad Kerberos realm format"); - } - if (lflag) { - printf("Kerberos ticket lifetime (minutes): "); - get_input(buf, sizeof(buf), stdin); - lifetime = atoi(buf); - if (lifetime < 5) - lifetime = 1; - else - lifetime = krb_time_to_life(0, lifetime*60); - /* This should be changed if the maximum ticket lifetime */ - /* changes */ - if (lifetime > 255) - lifetime = 255; - } - if (!*realm && krb_get_lrealm(realm, 1)) - errx(1, "krb_get_lrealm failed"); - k_errno = krb_get_pw_in_tkt(aname, inst, realm, - pflag ? PWSERV_NAME : - KRB_TICKET_GRANTING_TICKET, - pflag ? KADM_SINST : realm, - lifetime, 0); - if (vflag) { - printf("Kerberos realm %s:\n", realm); - printf("%s\n", krb_get_err_text(k_errno)); - } else if (k_errno) - errx(1, "%s", krb_get_err_text(k_errno)); - exit(0); -} diff --git a/crypto/kerberosIV/kuser/klist.c b/crypto/kerberosIV/kuser/klist.c deleted file mode 100644 index 591ebd0a9ccd..000000000000 --- a/crypto/kerberosIV/kuser/klist.c +++ /dev/null @@ -1,395 +0,0 @@ -/* - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Lists your current Kerberos tickets. - * Written by Bill Sommerfeld, MIT Project Athena. - */ - -#include "kuser_locl.h" - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif - -#ifdef HAVE_SYS_IOCCOM_H -#include -#endif - -#include - -#include - -RCSID("$Id: klist.c,v 1.44.2.3 2000/10/18 20:38:29 assar Exp $"); - -static int option_verbose = 0; - -static char * -short_date(int32_t dp) -{ - char *cp; - time_t t = (time_t)dp; - - if (t == (time_t)(-1L)) return "*** Never *** "; - cp = ctime(&t) + 4; - cp[15] = '\0'; - return (cp); -} - -/* prints the approximate kdc time differential as something human - readable */ - -static void -print_time_diff(void) -{ - int d = abs(krb_get_kdc_time_diff()); - char buf[80]; - - if ((option_verbose && d > 0) || d > 60) { - unparse_time_approx (d, buf, sizeof(buf)); - printf ("Time diff:\t%s\n", buf); - } -} - -static -int -display_tktfile(char *file, int tgt_test, int long_form) -{ - krb_principal pr; - char buf1[20], buf2[20]; - int k_errno; - CREDENTIALS c; - int header = 1; - - if ((file == NULL) && ((file = getenv("KRBTKFILE")) == NULL)) - file = TKT_FILE; - - if (long_form) - printf("Ticket file: %s\n", file); - - /* - * Since krb_get_tf_realm will return a ticket_file error, - * we will call tf_init and tf_close first to filter out - * things like no ticket file. Otherwise, the error that - * the user would see would be - * klist: can't find realm of ticket file: No ticket file (tf_util) - * instead of - * klist: No ticket file (tf_util) - */ - - /* Open ticket file */ - if ((k_errno = tf_init(file, R_TKT_FIL))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - /* Close ticket file */ - tf_close(); - - /* - * We must find the realm of the ticket file here before calling - * tf_init because since the realm of the ticket file is not - * really stored in the principal section of the file, the - * routine we use must itself call tf_init and tf_close. - */ - if ((k_errno = krb_get_tf_realm(file, pr.realm)) != KSUCCESS) { - if (!tgt_test) - warnx("can't find realm of ticket file: %s", - krb_get_err_text(k_errno)); - return 1; - } - - /* Open ticket file */ - if ((k_errno = tf_init(file, R_TKT_FIL))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - /* Get principal name and instance */ - if ((k_errno = tf_get_pname(pr.name)) || - (k_errno = tf_get_pinst(pr.instance))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - - /* - * You may think that this is the obvious place to get the - * realm of the ticket file, but it can't be done here as the - * routine to do this must open the ticket file. This is why - * it was done before tf_init. - */ - - if (!tgt_test && long_form) { - printf("Principal:\t%s\n", krb_unparse_name(&pr)); - print_time_diff(); - printf("\n"); - } - while ((k_errno = tf_get_cred(&c)) == KSUCCESS) { - if (!tgt_test && long_form && header) { - printf("%-15s %-15s %s%s\n", - " Issued", " Expires", " Principal", - option_verbose ? " (kvno)" : ""); - header = 0; - } - if (tgt_test) { - c.issue_date = krb_life_to_time(c.issue_date, c.lifetime); - if (!strcmp(c.service, KRB_TICKET_GRANTING_TICKET) && - !strcmp(c.instance, pr.realm)) { - if (time(0) < c.issue_date) - return 0; /* tgt hasn't expired */ - else - return 1; /* has expired */ - } - continue; /* not a tgt */ - } - if (long_form) { - struct timeval tv; - strlcpy(buf1, - short_date(c.issue_date), - sizeof(buf1)); - c.issue_date = krb_life_to_time(c.issue_date, c.lifetime); - krb_kdctimeofday(&tv); - if (option_verbose || tv.tv_sec < (unsigned long) c.issue_date) - strlcpy(buf2, - short_date(c.issue_date), - sizeof(buf2)); - else - strlcpy(buf2, - ">>> Expired <<<", - sizeof(buf2)); - printf("%s %s ", buf1, buf2); - } - printf("%s", krb_unparse_name_long(c.service, c.instance, c.realm)); - if(long_form && option_verbose) - printf(" (%d)", c.kvno); - printf("\n"); - } - if (tgt_test) - return 1; /* no tgt found */ - if (header && long_form && k_errno == EOF) { - printf("No tickets in file.\n"); - } - tf_close(); - - if (long_form && krb_get_config_bool("nat_in_use")) { - char realm[REALM_SZ]; - struct in_addr addr; - - printf("-----\nNAT addresses\n"); - - /* Open ticket file (again) */ - if ((k_errno = tf_init(file, R_TKT_FIL))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - - /* Get principal name and instance */ - if ((k_errno = tf_get_pname(pr.name)) || - (k_errno = tf_get_pinst(pr.instance))) { - if (!tgt_test) - warnx("%s", krb_get_err_text(k_errno)); - return 1; - } - - while ((k_errno = tf_get_cred_addr(realm, sizeof(realm), - &addr)) == KSUCCESS) { - printf("%s: %s\n", realm, inet_ntoa(addr)); - } - tf_close(); - } - - return 0; -} - -/* adapted from getst() in librkb */ -/* - * ok_getst() takes a file descriptor, a string and a count. It reads - * from the file until either it has read "count" characters, or until - * it reads a null byte. When finished, what has been read exists in - * the given string "s". If "count" characters were actually read, the - * last is changed to a null, so the returned string is always null- - * terminated. ok_getst() returns the number of characters read, including - * the null terminator. - * - * If there is a read error, it returns -1 (like the read(2) system call) - */ - -static int -ok_getst(int fd, char *s, int n) -{ - int count = n; - int err; - while ((err = read(fd, s, 1)) > 0 && --count) - if (*s++ == '\0') - return (n - count); - if (err < 0) - return(-1); - *s = '\0'; - return (n - count); -} - -static void -display_tokens(void) -{ - u_int32_t i; - unsigned char t[128]; - struct ViceIoctl parms; - - parms.in = (void *)&i; - parms.in_size = sizeof(i); - parms.out = (void *)t; - parms.out_size = sizeof(t); - - for (i = 0; k_pioctl(NULL, VIOCGETTOK, &parms, 0) == 0; i++) { - int32_t size_secret_tok, size_public_tok; - const char *cell; - struct ClearToken ct; - const unsigned char *r = t; - struct timeval tv; - char buf1[20], buf2[20]; - - memcpy(&size_secret_tok, r, sizeof(size_secret_tok)); - /* dont bother about the secret token */ - r += size_secret_tok + sizeof(size_secret_tok); - memcpy(&size_public_tok, r, sizeof(size_public_tok)); - r += sizeof(size_public_tok); - memcpy(&ct, r, size_public_tok); - r += size_public_tok; - /* there is a int32_t with length of cellname, but we dont read it */ - r += sizeof(int32_t); - cell = (const char *)r; - - krb_kdctimeofday (&tv); - strlcpy (buf1, short_date(ct.BeginTimestamp), sizeof(buf1)); - if (option_verbose || tv.tv_sec < ct.EndTimestamp) - strlcpy (buf2, short_date(ct.EndTimestamp), sizeof(buf2)); - else - strlcpy (buf2, ">>> Expired <<<", sizeof(buf2)); - - printf("%s %s ", buf1, buf2); - - if ((ct.EndTimestamp - ct.BeginTimestamp) & 1) - printf("User's (AFS ID %d) tokens for %s", ct.ViceId, cell); - else - printf("Tokens for %s", cell); - if (option_verbose) - printf(" (%d)", ct.AuthHandle); - putchar('\n'); - } -} - -static void -display_srvtab(char *file) -{ - int stab; - char serv[SNAME_SZ]; - char inst[INST_SZ]; - char rlm[REALM_SZ]; - unsigned char key[8]; - unsigned char vno; - int count; - - printf("Server key file: %s\n", file); - - if ((stab = open(file, O_RDONLY, 0400)) < 0) { - perror(file); - exit(1); - } - printf("%-15s %-15s %-10s %s\n","Service","Instance","Realm", - "Key Version"); - printf("------------------------------------------------------\n"); - - /* argh. getst doesn't return error codes, it silently fails */ - while (((count = ok_getst(stab, serv, SNAME_SZ)) > 0) - && ((count = ok_getst(stab, inst, INST_SZ)) > 0) - && ((count = ok_getst(stab, rlm, REALM_SZ)) > 0)) { - if (((count = read(stab, &vno,1)) != 1) || - ((count = read(stab, key,8)) != 8)) { - if (count < 0) - err(1, "reading from key file"); - else - errx(1, "key file truncated"); - } - printf("%-15s %-15s %-15s %d\n",serv,inst,rlm,vno); - } - if (count < 0) - warn("%s", file); - close(stab); -} - -static void -usage(void) -{ - fprintf(stderr, - "Usage: %s [ -v | -s | -t ] [ -f filename ] [-tokens] [-srvtab ]\n", - __progname); - exit(1); -} - -/* ARGSUSED */ -int -main(int argc, char **argv) -{ - int long_form = 1; - int tgt_test = 0; - int do_srvtab = 0; - int do_tokens = 0; - char *tkt_file = NULL; - int eval; - - set_progname(argv[0]); - - while (*(++argv)) { - if (!strcmp(*argv, "-v")) { - option_verbose = 1; - continue; - } - if (!strcmp(*argv, "-s")) { - long_form = 0; - continue; - } - if (!strcmp(*argv, "-t")) { - tgt_test = 1; - long_form = 0; - continue; - } - if (strcmp(*argv, "-tokens") == 0 - || strcmp(*argv, "-T") == 0) { - do_tokens = k_hasafs(); - continue; - } - if (!strcmp(*argv, "-l")) { /* now default */ - continue; - } - if (!strncmp(*argv, "-f", 2)) { - if (*(++argv)) { - tkt_file = *argv; - continue; - } else - usage(); - } - if (!strcmp(*argv, "-srvtab")) { - if (tkt_file == NULL) /* if no other file spec'ed, - set file to default srvtab */ - tkt_file = (char *)KEYFILE; - do_srvtab = 1; - continue; - } - usage(); - } - - eval = 0; - if (do_srvtab) - display_srvtab(tkt_file); - else - eval = display_tktfile(tkt_file, tgt_test, long_form); - if (long_form && do_tokens){ - printf("\nAFS tokens:\n"); - display_tokens(); - } - exit(eval); -} diff --git a/crypto/kerberosIV/kuser/kuser_locl.h b/crypto/kerberosIV/kuser/kuser_locl.h deleted file mode 100644 index 970ad6ba3732..000000000000 --- a/crypto/kerberosIV/kuser/kuser_locl.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kuser_locl.h,v 1.11 1999/12/02 16:58:37 joda Exp $ */ - -#include "config.h" -#include "protos.h" - -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#include -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif - -#ifdef HAVE_PWD_H -#include -#endif - -#ifdef SOCKS -#include -#endif - -#include - -#include - -#include -#include -#include -#include diff --git a/crypto/kerberosIV/lib/Makefile.in b/crypto/kerberosIV/lib/Makefile.in deleted file mode 100644 index 44a8918c6bb8..000000000000 --- a/crypto/kerberosIV/lib/Makefile.in +++ /dev/null @@ -1,48 +0,0 @@ -# -# $Id: Makefile.in,v 1.27 1998/04/05 10:27:59 assar Exp $ -# - -srcdir = @srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -@SET_MAKE@ - -SUBDIRS = roken com_err des krb kdb kadm acl kafs auth editline sl @LIB_SUBDIRS@ - -all: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) all); done - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -install: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) install); done - -uninstall: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done - -check: all - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) check); done - -clean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) clean); done - -mostlyclean: clean - -distclean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) distclean); done - rm -f Makefile config.status *~ - -realclean: - for i in $(SUBDIRS); \ - do (cd $$i && $(MAKE) $(MFLAGS) realclean); done - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/acl/Makefile.in b/crypto/kerberosIV/lib/acl/Makefile.in deleted file mode 100644 index 96d74240eaa0..000000000000 --- a/crypto/kerberosIV/lib/acl/Makefile.in +++ /dev/null @@ -1,86 +0,0 @@ -# -# $Id: Makefile.in,v 1.29.4.1 2000/06/23 03:20:00 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -LN_S = @LN_S@ -RANLIB = @RANLIB@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -PICFLAGS = # @PICFLAGS@ - -LIBNAME = $(LIBPREFIX)acl -#LIBEXT = @LIBEXT@ Always build archive library! -LIBEXT = a -LIBPREFIX = @LIBPREFIX@ -SHLIBEXT = @SHLIBEXT@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) - -SOURCES = acl_files.c - -OBJECTS = acl_files.o - -all: $(LIB) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) -I. $(CFLAGS) $(PICFLAGS) $(CPPFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) - -uninstall: - rm -f $(DESTDIR)$(libdir)/$(LIB) - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o *.a - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ roken_rename.h - -realclean: distclean - rm -f TAGS - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) - -$(OBJECTS): ../../include/config.h roken_rename.h - -roken_rename.h: - $(LN_S) $(srcdir)/../krb/roken_rename.h . - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/acl/acl.h b/crypto/kerberosIV/lib/acl/acl.h deleted file mode 100644 index a92bbdd5fbea..000000000000 --- a/crypto/kerberosIV/lib/acl/acl.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: acl.h,v 1.7 1999/12/02 16:58:37 joda Exp $ */ - -#ifndef __ACL_H -#define __ACL_H - -void acl_canonicalize_principal __P((char *principal, char *canon)); -int acl_initialize __P((char *acl_file, int perm)); -int acl_exact_match __P((char *acl, char *principal)); -int acl_check __P((char *acl, char *principal)); -int acl_add __P((char *acl, char *principal)); -int acl_delete __P((char *acl, char *principal)); - -#endif /* __ACL_H */ diff --git a/crypto/kerberosIV/lib/acl/acl_files.c b/crypto/kerberosIV/lib/acl/acl_files.c deleted file mode 100644 index 550107597b69..000000000000 --- a/crypto/kerberosIV/lib/acl/acl_files.c +++ /dev/null @@ -1,510 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "config.h" -#include "protos.h" - -RCSID("$Id: acl_files.c,v 1.14 1999/09/16 20:41:43 assar Exp $"); - -#include -#include -#include - -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#include -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif - -#include -#include - -#include - -#include -#include - -/*** Routines for manipulating access control list files ***/ - -/* "aname.inst@realm" */ -#define MAX_PRINCIPAL_SIZE (ANAME_SZ + INST_SZ + REALM_SZ + 3) -#define INST_SEP '.' -#define REALM_SEP '@' - -#define LINESIZE 2048 /* Maximum line length in an acl file */ - -#define NEW_FILE "%s.~NEWACL~" /* Format for name of altered acl file */ -#define WAIT_TIME 300 /* Maximum time allowed write acl file */ - -#define CACHED_ACLS 8 /* How many acls to cache */ - /* Each acl costs 1 open file descriptor */ -#define ACL_LEN 16 /* Twice a reasonable acl length */ - -#define COR(a,b) ((a!=NULL)?(a):(b)) - -/* - * Canonicalize a principal name. - * If instance is missing, it becomes "" - * If realm is missing, it becomes the local realm - * Canonicalized form is put in canon, which must be big enough to - * hold MAX_PRINCIPAL_SIZE characters - * - */ - -void -acl_canonicalize_principal(char *principal, char *canon) -{ - krb_principal princ; - int ret; - ret = krb_parse_name(principal, &princ); - if(ret) { /* ? */ - *canon = '\0'; - return; - } - if(princ.realm[0] == '\0') - krb_get_lrealm(princ.realm, 1); - krb_unparse_name_r(&princ, canon); -} - -/* Get a lock to modify acl_file */ -/* Return new FILE pointer */ -/* or NULL if file cannot be modified */ -/* REQUIRES WRITE PERMISSION TO CONTAINING DIRECTORY */ -static -FILE *acl_lock_file(char *acl_file) -{ - struct stat s; - char new[LINESIZE]; - int nfd; - FILE *nf; - int mode; - - if(stat(acl_file, &s) < 0) return(NULL); - mode = s.st_mode; - snprintf(new, sizeof(new), NEW_FILE, acl_file); - for(;;) { - /* Open the new file */ - if((nfd = open(new, O_WRONLY|O_CREAT|O_EXCL, mode)) < 0) { - if(errno == EEXIST) { - /* Maybe somebody got here already, maybe it's just old */ - if(stat(new, &s) < 0) return(NULL); - if(time(0) - s.st_ctime > WAIT_TIME) { - /* File is stale, kill it */ - unlink(new); - continue; - } else { - /* Wait and try again */ - sleep(1); - continue; - } - } else { - /* Some other error, we lose */ - return(NULL); - } - } - - /* If we got to here, the lock file is ours and ok */ - /* Reopen it under stdio */ - if((nf = fdopen(nfd, "w")) == NULL) { - /* Oops, clean up */ - unlink(new); - } - return(nf); - } -} - -/* Abort changes to acl_file written onto FILE *f */ -/* Returns 0 if successful, < 0 otherwise */ -/* Closes f */ -static int -acl_abort(char *acl_file, FILE *f) -{ - char new[LINESIZE]; - int ret; - struct stat s; - - /* make sure we aren't nuking someone else's file */ - if(fstat(fileno(f), &s) < 0 - || s.st_nlink == 0) { - fclose(f); - return(-1); - } else { - snprintf(new, sizeof(new), NEW_FILE, acl_file); - ret = unlink(new); - fclose(f); - return(ret); - } -} - -/* Commit changes to acl_file written onto FILE *f */ -/* Returns zero if successful */ -/* Returns > 0 if lock was broken */ -/* Returns < 0 if some other error occurs */ -/* Closes f */ -static int -acl_commit(char *acl_file, FILE *f) -{ - char new[LINESIZE]; - int ret; - struct stat s; - - snprintf(new, sizeof(new), NEW_FILE, acl_file); - if(fflush(f) < 0 - || fstat(fileno(f), &s) < 0 - || s.st_nlink == 0) { - acl_abort(acl_file, f); - return(-1); - } - - ret = rename(new, acl_file); - fclose(f); - return(ret); -} - -/* Initialize an acl_file */ -/* Creates the file with permissions perm if it does not exist */ -/* Erases it if it does */ -/* Returns return value of acl_commit */ -int -acl_initialize(char *acl_file, int perm) -{ - FILE *new; - int fd; - - /* Check if the file exists already */ - if((new = acl_lock_file(acl_file)) != NULL) { - return(acl_commit(acl_file, new)); - } else { - /* File must be readable and writable by owner */ - if((fd = open(acl_file, O_CREAT|O_EXCL, perm|0600)) < 0) { - return(-1); - } else { - close(fd); - return(0); - } - } -} - -/* Eliminate all whitespace character in buf */ -/* Modifies its argument */ -static void -nuke_whitespace(char *buf) -{ - unsigned char *pin, *pout; - - for(pin = pout = (unsigned char *)buf; *pin != '\0'; pin++) - if(!isspace(*pin)) - *pout++ = *pin; - *pout = '\0'; /* Terminate the string */ -} - -/* Hash table stuff */ - -struct hashtbl { - int size; /* Max number of entries */ - int entries; /* Actual number of entries */ - char **tbl; /* Pointer to start of table */ -}; - -/* Make an empty hash table of size s */ -static struct hashtbl * -make_hash(int size) -{ - struct hashtbl *h; - - if(size < 1) size = 1; - h = (struct hashtbl *) malloc(sizeof(struct hashtbl)); - if (h == NULL) - return NULL; - h->size = size; - h->entries = 0; - h->tbl = (char **) calloc(size, sizeof(char *)); - if (h->tbl == NULL) { - free (h); - return NULL; - } - return(h); -} - -/* Destroy a hash table */ -static void -destroy_hash(struct hashtbl *h) -{ - int i; - - for(i = 0; i < h->size; i++) { - if(h->tbl[i] != NULL) free(h->tbl[i]); - } - free(h->tbl); - free(h); -} - -/* Compute hash value for a string */ -static unsigned int -hashval(char *s) -{ - unsigned hv; - - for(hv = 0; *s != '\0'; s++) { - hv ^= ((hv << 3) ^ *s); - } - return(hv); -} - -/* Add an element to a hash table */ -static void -add_hash(struct hashtbl *h, char *el) -{ - unsigned hv; - char *s; - char **old; - int i; - - /* Make space if it isn't there already */ - if(h->entries + 1 > (h->size >> 1)) { - old = h->tbl; - h->tbl = (char **) calloc(h->size << 1, sizeof(char *)); - for(i = 0; i < h->size; i++) { - if(old[i] != NULL) { - hv = hashval(old[i]) % (h->size << 1); - while(h->tbl[hv] != NULL) hv = (hv+1) % (h->size << 1); - h->tbl[hv] = old[i]; - } - } - h->size = h->size << 1; - free(old); - } - - hv = hashval(el) % h->size; - while(h->tbl[hv] != NULL && strcmp(h->tbl[hv], el)) hv = (hv+1) % h->size; - s = strdup(el); - if (s != NULL) { - h->tbl[hv] = s; - h->entries++; - } -} - -/* Returns nonzero if el is in h */ -static int -check_hash(struct hashtbl *h, char *el) -{ - unsigned hv; - - for(hv = hashval(el) % h->size; - h->tbl[hv] != NULL; - hv = (hv + 1) % h->size) { - if(!strcmp(h->tbl[hv], el)) return(1); - } - return(0); -} - -struct acl { - char filename[LINESIZE]; /* Name of acl file */ - int fd; /* File descriptor for acl file */ - struct stat status; /* File status at last read */ - struct hashtbl *acl; /* Acl entries */ -}; - -static struct acl acl_cache[CACHED_ACLS]; - -static int acl_cache_count = 0; -static int acl_cache_next = 0; - -/* Returns < 0 if unsuccessful in loading acl */ -/* Returns index into acl_cache otherwise */ -/* Note that if acl is already loaded, this is just a lookup */ -static int -acl_load(char *name) -{ - int i; - FILE *f; - struct stat s; - char buf[MAX_PRINCIPAL_SIZE]; - char canon[MAX_PRINCIPAL_SIZE]; - - /* See if it's there already */ - for(i = 0; i < acl_cache_count; i++) { - if(!strcmp(acl_cache[i].filename, name) - && acl_cache[i].fd >= 0) goto got_it; - } - - /* It isn't, load it in */ - /* maybe there's still room */ - if(acl_cache_count < CACHED_ACLS) { - i = acl_cache_count++; - } else { - /* No room, clean one out */ - i = acl_cache_next; - acl_cache_next = (acl_cache_next + 1) % CACHED_ACLS; - close(acl_cache[i].fd); - if(acl_cache[i].acl) { - destroy_hash(acl_cache[i].acl); - acl_cache[i].acl = (struct hashtbl *) 0; - } - } - - /* Set up the acl */ - strlcpy(acl_cache[i].filename, name, LINESIZE); - if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); - /* Force reload */ - acl_cache[i].acl = (struct hashtbl *) 0; - - got_it: - /* - * See if the stat matches - * - * Use stat(), not fstat(), as the file may have been re-created by - * acl_add or acl_delete. If this happens, the old inode will have - * no changes in the mod-time and the following test will fail. - */ - if(stat(acl_cache[i].filename, &s) < 0) return(-1); - if(acl_cache[i].acl == (struct hashtbl *) 0 - || s.st_nlink != acl_cache[i].status.st_nlink - || s.st_mtime != acl_cache[i].status.st_mtime - || s.st_ctime != acl_cache[i].status.st_ctime) { - /* Gotta reload */ - if(acl_cache[i].fd >= 0) close(acl_cache[i].fd); - if((acl_cache[i].fd = open(name, O_RDONLY, 0)) < 0) return(-1); - if((f = fdopen(acl_cache[i].fd, "r")) == NULL) return(-1); - if(acl_cache[i].acl) destroy_hash(acl_cache[i].acl); - acl_cache[i].acl = make_hash(ACL_LEN); - while(fgets(buf, sizeof(buf), f) != NULL) { - nuke_whitespace(buf); - acl_canonicalize_principal(buf, canon); - add_hash(acl_cache[i].acl, canon); - } - fclose(f); - acl_cache[i].status = s; - } - return(i); -} - -/* Returns nonzero if it can be determined that acl contains principal */ -/* Principal is not canonicalized, and no wildcarding is done */ -int -acl_exact_match(char *acl, char *principal) -{ - int idx; - - return((idx = acl_load(acl)) >= 0 - && check_hash(acl_cache[idx].acl, principal)); -} - -/* Returns nonzero if it can be determined that acl contains principal */ -/* Recognizes wildcards in acl of the form - name.*@realm, *.*@realm, and *.*@* */ -int -acl_check(char *acl, char *principal) -{ - char buf[MAX_PRINCIPAL_SIZE]; - char canon[MAX_PRINCIPAL_SIZE]; - char *realm; - - acl_canonicalize_principal(principal, canon); - - /* Is it there? */ - if(acl_exact_match(acl, canon)) return(1); - - /* Try the wildcards */ - realm = strchr(canon, REALM_SEP); - *strchr(canon, INST_SEP) = '\0'; /* Chuck the instance */ - - snprintf(buf, sizeof(buf), "%s.*%s", canon, realm); - if(acl_exact_match(acl, buf)) return(1); - - snprintf(buf, sizeof(buf), "*.*%s", realm); - if(acl_exact_match(acl, buf) || acl_exact_match(acl, "*.*@*")) return(1); - - return(0); -} - -/* Adds principal to acl */ -/* Wildcards are interpreted literally */ -int -acl_add(char *acl, char *principal) -{ - int idx; - int i; - FILE *new; - char canon[MAX_PRINCIPAL_SIZE]; - - acl_canonicalize_principal(principal, canon); - - if((new = acl_lock_file(acl)) == NULL) return(-1); - if((acl_exact_match(acl, canon)) - || (idx = acl_load(acl)) < 0) { - acl_abort(acl, new); - return(-1); - } - /* It isn't there yet, copy the file and put it in */ - for(i = 0; i < acl_cache[idx].acl->size; i++) { - if(acl_cache[idx].acl->tbl[i] != NULL) { - if(fputs(acl_cache[idx].acl->tbl[i], new) == EOF - || putc('\n', new) != '\n') { - acl_abort(acl, new); - return(-1); - } - } - } - fputs(canon, new); - putc('\n', new); - return(acl_commit(acl, new)); -} - -/* Removes principal from acl */ -/* Wildcards are interpreted literally */ -int -acl_delete(char *acl, char *principal) -{ - int idx; - int i; - FILE *new; - char canon[MAX_PRINCIPAL_SIZE]; - - acl_canonicalize_principal(principal, canon); - - if((new = acl_lock_file(acl)) == NULL) return(-1); - if((!acl_exact_match(acl, canon)) - || (idx = acl_load(acl)) < 0) { - acl_abort(acl, new); - return(-1); - } - /* It isn't there yet, copy the file and put it in */ - for(i = 0; i < acl_cache[idx].acl->size; i++) { - if(acl_cache[idx].acl->tbl[i] != NULL - && strcmp(acl_cache[idx].acl->tbl[i], canon)) { - fputs(acl_cache[idx].acl->tbl[i], new); - putc('\n', new); - } - } - return(acl_commit(acl, new)); -} diff --git a/crypto/kerberosIV/lib/acl/acl_files.doc b/crypto/kerberosIV/lib/acl/acl_files.doc deleted file mode 100644 index 78c448a6d698..000000000000 --- a/crypto/kerberosIV/lib/acl/acl_files.doc +++ /dev/null @@ -1,107 +0,0 @@ -PROTOTYPE ACL LIBRARY - -Introduction - -An access control list (ACL) is a list of principals, where each -principal is is represented by a text string which cannot contain -whitespace. The library allows application programs to refer to named -access control lists to test membership and to atomically add and -delete principals using a natural and intuitive interface. At -present, the names of access control lists are required to be Unix -filenames, and refer to human-readable Unix files; in the future, when -a networked ACL server is implemented, the names may refer to a -different namespace specific to the ACL service. - - -Usage - -cc -lacl -lkrb. - - - -Principal Names - -Principal names have the form - -[.][@] - -e.g. - -asp -asp.root -asp@ATHENA.MIT.EDU -asp.@ATHENA.MIT.EDU -asp.root@ATHENA.MIT.EDU - -It is possible for principals to be underspecified. If instance is -missing, it is assumed to be "". If realm is missing, it is assumed -to be local_realm. The canonical form contains all of name, instance, -and realm; the acl_add and acl_delete routines will always -leave the file in that form. Note that the canonical form of -asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU. - - -Routines - -acl_canonicalize_principal(principal, buf) -char *principal; -char *buf; /*RETVAL*/ - -Store the canonical form of principal in buf. Buf must contain enough -space to store a principal, given the limits on the sizes of name, -instance, and realm specified in /usr/include/krb.h. - -acl_check(acl, principal) -char *acl; -char *principal; - -Returns nonzero if principal appears in acl. Returns 0 if principal -does not appear in acl, or if an error occurs. Canonicalizes -principal before checking, and allows the ACL to contain wildcards. - -acl_exact_match(acl, principal) -char *acl; -char *principal; - -Like acl_check, but does no canonicalization or wildcarding. - -acl_add(acl, principal) -char *acl; -char *principal; - -Atomically adds principal to acl. Returns 0 if successful, nonzero -otherwise. It is considered a failure if principal is already in acl. -This routine will canonicalize principal, but will treat wildcards -literally. - -acl_delete(acl, principal) -char *acl; -char *principal; - -Atomically deletes principal from acl. Returns 0 if successful, -nonzero otherwise. It is consider a failure if principal is not -already in acl. This routine will canonicalize principal, but will -treat wildcards literally. - -acl_initialize(acl, mode) -char *acl; -int mode; - -Initialize acl. If acl file does not exist, creates it with mode -mode. If acl exists, removes all members. Returns 0 if successful, -nonzero otherwise. WARNING: Mode argument is likely to change with -the eventual introduction of an ACL service. - - -Known problems - -In the presence of concurrency, there is a very small chance that -acl_add or acl_delete could report success even though it would have -had no effect. This is a necessary side effect of using lock files -for concurrency control rather than flock(2), which is not supported -by NFS. - -The current implementation caches ACLs in memory in a hash-table -format for increased efficiency in checking membership; one effect of -the caching scheme is that one file descriptor will be kept open for -each ACL cached, up to a maximum of 8. diff --git a/crypto/kerberosIV/lib/auth/ChangeLog b/crypto/kerberosIV/lib/auth/ChangeLog deleted file mode 100644 index f9c948ca7146..000000000000 --- a/crypto/kerberosIV/lib/auth/ChangeLog +++ /dev/null @@ -1,65 +0,0 @@ -1999-11-15 Assar Westerlund - - * */lib/Makefile.in: set LIBNAME. From Enrico Scholz - - -1999-10-17 Assar Westerlund - - * afskauthlib/verify.c (verify_krb5): need realm for v5 -> v4 - -1999-10-03 Assar Westerlund - - * afskauthlib/verify.c (verify_krb5): update to new - krb524_convert_creds_kdc - -1999-09-28 Assar Westerlund - - * sia/sia.c (doauth): use krb5_get_local_realms and - krb5_verify_user_lrealm - - * afskauthlib/verify.c (verify_krb5): remove krb5_kuserok. use - krb5_verify_user_lrealm - -1999-08-11 Johan Danielsson - - * afskauthlib/verify.c: make this compile w/o krb4 - -1999-08-04 Assar Westerlund - - * afskauthlib/verify.c: incorporate patches from Miroslav Ruda - - -Thu Apr 8 14:35:34 1999 Johan Danielsson - - * sia/sia.c: remove definition of KRB_VERIFY_USER (moved to - config.h) - - * sia/Makefile.am: make it build w/o krb4 - - * afskauthlib/verify.c: add krb5 support - - * afskauthlib/Makefile.am: build afskauthlib.so - -Wed Apr 7 14:06:22 1999 Johan Danielsson - - * sia/sia.c: make it compile w/o krb4 - - * sia/Makefile.am: make it compile w/o krb4 - -Thu Apr 1 18:09:23 1999 Johan Danielsson - - * sia/sia_locl.h: POSIX_GETPWNAM_R is defined in config.h - -Sun Mar 21 14:08:30 1999 Johan Danielsson - - * sia/Makefile.in: add posix_getpw.c - - * sia/Makefile.am: makefile for sia - - * sia/posix_getpw.c: move from sia.c - - * sia/sia_locl.h: merge with krb5 version - - * sia/sia.c: merge with krb5 version - - * sia/sia5.c: remove unused variables diff --git a/crypto/kerberosIV/lib/auth/Makefile.am b/crypto/kerberosIV/lib/auth/Makefile.am deleted file mode 100644 index 0310dc36d6cc..000000000000 --- a/crypto/kerberosIV/lib/auth/Makefile.am +++ /dev/null @@ -1,6 +0,0 @@ -# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -SUBDIRS = @LIB_AUTH_SUBDIRS@ -DIST_SUBDIRS = afskauthlib pam sia diff --git a/crypto/kerberosIV/lib/auth/Makefile.in b/crypto/kerberosIV/lib/auth/Makefile.in deleted file mode 100644 index 53fde5fc16a9..000000000000 --- a/crypto/kerberosIV/lib/auth/Makefile.in +++ /dev/null @@ -1,55 +0,0 @@ -# -# $Id: Makefile.in,v 1.12 1998/03/15 05:58:10 assar Exp $ -# - -srcdir = @srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -@SET_MAKE@ - -SUBDIRS = @LIB_AUTH_SUBDIRS@ - -all: - SUBDIRS='$(SUBDIRS)'; \ - for i in $$SUBDIRS; \ - do (cd $$i && $(MAKE) $(MFLAGS) all); done - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -install: - SUBDIRS=$(SUBDIRS); \ - for i in $$SUBDIRS; \ - do (cd $$i && $(MAKE) $(MFLAGS) install); done - -uninstall: - SUBDIRS=$(SUBDIRS); \ - for i in $$SUBDIRS; \ - do (cd $$i && $(MAKE) $(MFLAGS) uninstall); done - -check: - SUBDIRS=$(SUBDIRS); \ - for i in $$SUBDIRS; \ - do (cd $$i && $(MAKE) $(MFLAGS) check); done - -clean: - SUBDIRS=$(SUBDIRS); \ - for i in $$SUBDIRS; \ - do (cd $$i && $(MAKE) $(MFLAGS) clean); done - -mostlyclean: clean - -distclean: - SUBDIRS=$(SUBDIRS); \ - for i in $$SUBDIRS; \ - do (cd $$i && $(MAKE) $(MFLAGS) distclean); done - rm -f Makefile *~ - -realclean: - SUBDIRS=$(SUBDIRS); \ - for i in $$SUBDIRS; \ - do (cd $$i && $(MAKE) $(MFLAGS) realclean); done - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.am b/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.am deleted file mode 100644 index 7dd6d5283fe9..000000000000 --- a/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.am +++ /dev/null @@ -1,38 +0,0 @@ -# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += $(INCLUDE_krb4) - -DEFS = @DEFS@ - -foodir = $(libdir) -foo_DATA = afskauthlib.so - -SUFFIXES += .c .o - -SRCS = verify.c -OBJS = verify.o - -CLEANFILES = $(foo_DATA) $(OBJS) so_locations - -afskauthlib.so: $(OBJS) - $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L) - -.c.o: - $(COMPILE) -c $< - -if KRB4 -KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a -endif - -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb5/.libs/libkrb5.a \ - $(top_builddir)/lib/asn1/.libs/libasn1.a \ - $(LIB_krb4) \ - $(top_builddir)/lib/des/.libs/libdes.a \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - -lc - -$(OBJS): $(top_builddir)/include/config.h diff --git a/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in b/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in deleted file mode 100644 index 5e073af77c04..000000000000 --- a/crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in +++ /dev/null @@ -1,87 +0,0 @@ -# -# $Id: Makefile.in,v 1.25.2.1 2000/06/23 03:20:05 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -LN_S = @LN_S@ -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -@lib_deps_yes@LIB_DEPS = -L../../kafs -lkafs \ -@lib_deps_yes@ -L../../krb -lkrb \ -@lib_deps_yes@ -L../../des -ldes \ -@lib_deps_yes@ -L../../roken -lroken \ -@lib_deps_yes@ -lc -@lib_deps_no@LIB_DEPS = - -PICFLAGS = @REAL_PICFLAGS@ -LDSHARED = @LDSHARED@ -SHLIBEXT = @REAL_SHLIBEXT@ -LD_FLAGS = @REAL_LD_FLAGS@ - -LIBNAME = afskauthlib -LIB = $(LIBNAME).$(SHLIBEXT) - -SOURCES = verify.c - -OBJECTS = verify.o - -all: $(LIB) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - -if test "$(LIB)" != ""; then \ - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) ; \ - fi - -uninstall: - -if test "$(LIB)" != ""; then \ - rm -f $(DESTDIR)$(libdir)/$(LIB) ; \ - fi - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -$(OBJECTS): ../../../include/config.h - -$(LIB): $(OBJECTS) - rm -f $@ - $(LDSHARED) $(CFLAGS) -o $@ $(OBJECTS) $(LD_FLAGS) $(LIB_DEPS) - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/auth/afskauthlib/README b/crypto/kerberosIV/lib/auth/afskauthlib/README deleted file mode 100644 index 6052a261a1a5..000000000000 --- a/crypto/kerberosIV/lib/auth/afskauthlib/README +++ /dev/null @@ -1,25 +0,0 @@ - -IRIX ----- - -The IRIX support is a module that is compatible with Transarc's -`afskauthlib.so'. It should work with all programs that use this -library, this should include `login' and `xdm'. - -The interface is not very documented but it seems that you have to copy -`libkafs.so', `libkrb.so', and `libdes.so' to `/usr/lib', or build your -`afskauthlib.so' statically. - -The `afskauthlib.so' itself is able to reside in `/usr/vice/etc', -`/usr/afsws/lib', or the current directory (wherever that is). - -IRIX 6.4 and newer seems to have all programs (including `xdm' and -`login') in the N32 object format, whereas in older versions they were -O32. For it to work, the `afskauthlib.so' library has to be in the same -object format as the program that tries to load it. This might require -that you have to configure and build for O32 in addition to the default -N32. - -Appart from this it should "just work", there are no configuration -files. - diff --git a/crypto/kerberosIV/lib/auth/afskauthlib/verify.c b/crypto/kerberosIV/lib/auth/afskauthlib/verify.c deleted file mode 100644 index 1c23119f9fc7..000000000000 --- a/crypto/kerberosIV/lib/auth/afskauthlib/verify.c +++ /dev/null @@ -1,288 +0,0 @@ -/* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verify.c,v 1.20 1999/12/02 16:58:37 joda Exp $"); -#endif -#include -#include -#include -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#include -#endif -#include - -#ifdef KRB5 -static char krb5ccname[128]; -#endif -#ifdef KRB4 -static char krbtkfile[128]; -#endif - -/* - In some cases is afs_gettktstring called twice (once before - afs_verify and once after afs_verify). - In some cases (rlogin with access allowed via .rhosts) - afs_verify is not called! - So we can't rely on correct value in krbtkfile in some - cases! -*/ - -static int correct_tkfilename=0; -static int pag_set=0; - -#ifdef KRB4 -static void -set_krbtkfile(uid_t uid) -{ - snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); - krb_set_tkt_string (krbtkfile); - correct_tkfilename = 1; -} -#endif - -/* XXX this has to be the default cache name, since the KRB5CCNAME - * environment variable isn't exported by login/xdm - */ - -#ifdef KRB5 -static void -set_krb5ccname(uid_t uid) -{ - snprintf (krb5ccname, sizeof(krb5ccname), "FILE:/tmp/krb5cc_%d", uid); -#ifdef KRB4 - snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); -#endif - correct_tkfilename = 1; -} -#endif - -static void -set_spec_krbtkfile(void) -{ - int fd; -#ifdef KRB4 - snprintf (krbtkfile, sizeof(krbtkfile), "%s_XXXXXX", TKT_ROOT); - fd = mkstemp(krbtkfile); - close(fd); - unlink(krbtkfile); - krb_set_tkt_string (krbtkfile); -#endif -#ifdef KRB5 - snprintf(krb5ccname, sizeof(krb5ccname),"FILE:/tmp/krb5cc_XXXXXX"); - fd=mkstemp(krb5ccname+5); - close(fd); - unlink(krb5ccname+5); -#endif -} - -#ifdef KRB5 -static int -verify_krb5(struct passwd *pwd, - char *password, - int32_t *exp, - int quiet) -{ - krb5_context context; - krb5_error_code ret; - krb5_ccache ccache; - krb5_principal principal; - - krb5_init_context(&context); - - ret = krb5_parse_name (context, pwd->pw_name, &principal); - if (ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_parse_name: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - set_krb5ccname(pwd->pw_uid); - ret = krb5_cc_resolve(context, krb5ccname, &ccache); - if(ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_resolve: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - ret = krb5_verify_user_lrealm(context, - principal, - ccache, - password, - TRUE, - NULL); - if(ret) { - syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s", - krb5_get_err_text(context, ret)); - goto out; - } - - if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) { - syslog(LOG_AUTH|LOG_DEBUG, "chown: %s", - krb5_get_err_text(context, errno)); - goto out; - } - -#ifdef KRB4 - if (krb5_config_get_bool(context, NULL, - "libdefaults", - "krb4_get_tickets", - NULL)) { - CREDENTIALS c; - krb5_creds mcred, cred; - krb5_realm realm; - - krb5_get_default_realm(context, &realm); - krb5_make_principal(context, &mcred.server, realm, - "krbtgt", - realm, - NULL); - free (realm); - ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); - if(ret == 0) { - ret = krb524_convert_creds_kdc(context, ccache, &cred, &c); - if(ret) - krb5_warn(context, ret, "converting creds"); - else { - set_krbtkfile(pwd->pw_uid); - tf_setup(&c, c.pname, c.pinst); - } - memset(&c, 0, sizeof(c)); - krb5_free_creds_contents(context, &cred); - } else - syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_retrieve_cred: %s", - krb5_get_err_text(context, ret)); - - krb5_free_principal(context, mcred.server); - } - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set = 1; - krb5_afslog_uid_home(context, ccache, NULL, NULL, - pwd->pw_uid, pwd->pw_dir); - } -#endif -out: - if(ret && !quiet) - printf ("%s\n", krb5_get_err_text (context, ret)); - return ret; -} -#endif - -#ifdef KRB4 -static int -verify_krb4(struct passwd *pwd, - char *password, - int32_t *exp, - int quiet) -{ - int ret = 1; - char lrealm[REALM_SZ]; - - if (krb_get_lrealm (lrealm, 1) != KFAILURE) { - set_krbtkfile(pwd->pw_uid); - ret = krb_verify_user (pwd->pw_name, "", lrealm, password, - KRB_VERIFY_SECURE, NULL); - if (ret == KSUCCESS) { - if (!pag_set && k_hasafs()) { - k_setpag (); - pag_set = 1; - krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir); - } - } else if (!quiet) - printf ("%s\n", krb_get_err_text (ret)); - } - return ret; -} -#endif - -int -afs_verify(char *name, - char *password, - int32_t *exp, - int quiet) -{ - int ret = 1; - struct passwd *pwd = k_getpwnam (name); - - if(pwd == NULL) - return 1; - if (ret) - ret = unix_verify_user (name, password); -#ifdef KRB5 - if (ret) - ret = verify_krb5(pwd, password, exp, quiet); -#endif -#ifdef KRB4 - if(ret) - ret = verify_krb4(pwd, password, exp, quiet); -#endif - return ret; -} - -char * -afs_gettktstring (void) -{ - char *ptr; - struct passwd *pwd; - - if (!correct_tkfilename) { - ptr = getenv("LOGNAME"); - if (ptr != NULL && ((pwd = getpwnam(ptr)) != NULL)) { - set_krb5ccname(pwd->pw_uid); -#ifdef KRB4 - set_krbtkfile(pwd->pw_uid); - if (!pag_set && k_hasafs()) { - k_setpag(); - pag_set=1; - } -#endif - } else { - set_spec_krbtkfile(); - } - } -#ifdef KRB5 - setenv("KRB5CCNAME",krb5ccname,1); -#endif -#ifdef KRB4 - setenv("KRBTKFILE",krbtkfile,1); - return krbtkfile; -#else - return ""; -#endif -} diff --git a/crypto/kerberosIV/lib/auth/pam/Makefile.am b/crypto/kerberosIV/lib/auth/pam/Makefile.am deleted file mode 100644 index abde2d9a4938..000000000000 --- a/crypto/kerberosIV/lib/auth/pam/Makefile.am +++ /dev/null @@ -1,3 +0,0 @@ -# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $ - -include $(top_srcdir)/Makefile.am.common diff --git a/crypto/kerberosIV/lib/auth/pam/Makefile.in b/crypto/kerberosIV/lib/auth/pam/Makefile.in deleted file mode 100644 index 4369532dac3a..000000000000 --- a/crypto/kerberosIV/lib/auth/pam/Makefile.in +++ /dev/null @@ -1,87 +0,0 @@ -# -# $Id: Makefile.in,v 1.25.2.2 2000/12/07 16:44:11 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -PICFLAGS = @REAL_PICFLAGS@ -LDSHARED = @LDSHARED@ -SHLIBEXT = @REAL_SHLIBEXT@ -LD_FLAGS = @REAL_LD_FLAGS@ - -LIB_res_search = @LIB_res_search@ -LIB_dn_expand = @LIB_dn_expand@ - -@lib_deps_yes@LIB_DEPS = ../../kafs/libkafs_pic.a \ -@lib_deps_yes@ ../../krb/libkrb_pic.a ../../des/libdes_pic.a \ -@lib_deps_yes@ $(LIB_res_search) $(LIB_dn_expand) -lpam -lc -@lib_deps_no@LIB_DEPS = - -LIBNAME = pam_krb4 -LIB = $(LIBNAME).$(SHLIBEXT) - -SOURCES = pam.c - -OBJECTS = pam.o - -all: $(LIB) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - -if test "$(LIB)" != ""; then \ - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) ; \ - fi - -uninstall: - -if test "$(LIB)" != ""; then \ - rm -f $(DESTDIR)$(libdir)/$(LIB) ; \ - fi - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -$(OBJECTS): ../../../include/config.h - -$(LIB): $(OBJECTS) - rm -f $@ - $(LDSHARED) -Wl,-Bsymbolic -o $@ $(OBJECTS) $(LD_FLAGS) $(LIB_DEPS) - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/auth/pam/README b/crypto/kerberosIV/lib/auth/pam/README deleted file mode 100644 index 2c45a53db5ed..000000000000 --- a/crypto/kerberosIV/lib/auth/pam/README +++ /dev/null @@ -1,25 +0,0 @@ - -PAM ---- - -The PAM module was written more out of curiosity that anything else. It -has not been updated for quite a while, but it seems to mostly work on -both Linux and Solaris. - -To use this module you should: - - * Make sure `pam_krb4.so' is available in `/usr/athena/lib'. You - might actually want it on local disk, so `/lib/security' might be a - better place if `/usr/athena' is not local. - - * Look at `pam.conf.add' for examples of what to add to - `/etc/pam.conf'. - -There is currently no support for changing kerberos passwords. Use -kpasswd instead. - -See also Derrick J Brashear's `' Kerberos PAM -module at -. It has a lot more features, and it is -also more in line with other PAM modules. - diff --git a/crypto/kerberosIV/lib/auth/pam/pam.c b/crypto/kerberosIV/lib/auth/pam/pam.c deleted file mode 100644 index 22dfc7459244..000000000000 --- a/crypto/kerberosIV/lib/auth/pam/pam.c +++ /dev/null @@ -1,443 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: pam.c,v 1.22.2.2 2000/10/13 15:41:09 assar Exp $"); -#endif - -#include -#include -#include -#include -#include -#include -#include - -#include -#include -#ifndef PAM_AUTHTOK_RECOVERY_ERR /* Fix linsux typo. */ -#define PAM_AUTHTOK_RECOVERY_ERR PAM_AUTHTOK_RECOVER_ERR -#endif - -#include -#include -#include - -#if 0 -/* Debugging PAM modules is a royal pain, truss helps. */ -#define DEBUG(msg) (access(msg " at line", __LINE__)) -#endif - -static void -psyslog(int level, const char *format, ...) -{ - va_list args; - va_start(args, format); - openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(level, format, args); - va_end(args); - closelog(); -} - -enum { - KRB4_DEBUG, - KRB4_USE_FIRST_PASS, - KRB4_TRY_FIRST_PASS, - KRB4_IGNORE_ROOT, - KRB4_NO_VERIFY, - KRB4_REAFSLOG, - KRB4_CTRLS /* Number of ctrl arguments defined. */ -}; - -#define KRB4_DEFAULTS 0 - -static int ctrl_flags = KRB4_DEFAULTS; -#define ctrl_on(x) (krb4_args[x].flag & ctrl_flags) -#define ctrl_off(x) (!ctrl_on(x)) - -typedef struct -{ - const char *token; - unsigned int flag; -} krb4_ctrls_t; - -static krb4_ctrls_t krb4_args[KRB4_CTRLS] = -{ - /* KRB4_DEBUG */ { "debug", 0x01 }, - /* KRB4_USE_FIRST_PASS */ { "use_first_pass", 0x02 }, - /* KRB4_TRY_FIRST_PASS */ { "try_first_pass", 0x04 }, - /* KRB4_IGNORE_ROOT */ { "ignore_root", 0x08 }, - /* KRB4_NO_VERIFY */ { "no_verify", 0x10 }, - /* KRB4_REAFSLOG */ { "reafslog", 0x20 }, -}; - -static void -parse_ctrl(int argc, const char **argv) -{ - int i, j; - - ctrl_flags = KRB4_DEFAULTS; - for (i = 0; i < argc; i++) - { - for (j = 0; j < KRB4_CTRLS; j++) - if (strcmp(argv[i], krb4_args[j].token) == 0) - break; - - if (j >= KRB4_CTRLS) - psyslog(LOG_ALERT, "unrecognized option [%s]", *argv); - else - ctrl_flags |= krb4_args[j].flag; - } -} - -static void -pdeb(const char *format, ...) -{ - va_list args; - if (ctrl_off(KRB4_DEBUG)) - return; - va_start(args, format); - openlog("pam_krb4", LOG_CONS|LOG_PID, LOG_AUTH); - vsyslog(LOG_DEBUG, format, args); - va_end(args); - closelog(); -} - -#define ENTRY(func) pdeb("%s() flags = %d ruid = %d euid = %d", func, flags, getuid(), geteuid()) - -static void -set_tkt_string(uid_t uid) -{ - char buf[128]; - - snprintf(buf, sizeof(buf), "%s%u", TKT_ROOT, (unsigned)uid); - krb_set_tkt_string(buf); - -#if 0 - /* pam_set_data+pam_get_data are not guaranteed to work, grr. */ - pam_set_data(pamh, "KRBTKFILE", strdup(t), cleanup); - if (pam_get_data(pamh, "KRBTKFILE", (const void**)&tkt) == PAM_SUCCESS) - { - pam_putenv(pamh, var); - } -#endif - - /* We don't want to inherit this variable. - * If we still do, it must have a sane value. */ - if (getenv("KRBTKFILE") != 0) - { - char *var = malloc(sizeof(buf)); - snprintf(var, sizeof(buf), "KRBTKFILE=%s", tkt_string()); - putenv(var); - /* free(var); XXX */ - } -} - -static int -verify_pass(pam_handle_t *pamh, - const char *name, - const char *inst, - const char *pass) -{ - char realm[REALM_SZ]; - int ret, krb_verify, old_euid, old_ruid; - - krb_get_lrealm(realm, 1); - if (ctrl_on(KRB4_NO_VERIFY)) - krb_verify = KRB_VERIFY_SECURE_FAIL; - else - krb_verify = KRB_VERIFY_SECURE; - old_ruid = getuid(); - old_euid = geteuid(); - setreuid(0, 0); - ret = krb_verify_user(name, inst, realm, pass, krb_verify, NULL); - pdeb("krb_verify_user(`%s', `%s', `%s', pw, %d, NULL) returns %s", - name, inst, realm, krb_verify, - krb_get_err_text(ret)); - setreuid(old_ruid, old_euid); - if (getuid() != old_ruid || geteuid() != old_euid) - { - psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", - old_ruid, old_euid, __LINE__); - exit(1); - } - - switch(ret) { - case KSUCCESS: - return PAM_SUCCESS; - case KDC_PR_UNKNOWN: - return PAM_USER_UNKNOWN; - case SKDC_CANT: - case SKDC_RETRY: - case RD_AP_TIME: - return PAM_AUTHINFO_UNAVAIL; - default: - return PAM_AUTH_ERR; - } -} - -static int -krb4_auth(pam_handle_t *pamh, - int flags, - const char *name, - const char *inst, - struct pam_conv *conv) -{ - struct pam_response *resp; - char prompt[128]; - struct pam_message msg, *pmsg = &msg; - int ret; - - if (ctrl_on(KRB4_TRY_FIRST_PASS) || ctrl_on(KRB4_USE_FIRST_PASS)) - { - char *pass = 0; - ret = pam_get_item(pamh, PAM_AUTHTOK, (void **) &pass); - if (ret != PAM_SUCCESS) - { - psyslog(LOG_ERR , "pam_get_item returned error to get-password"); - return ret; - } - else if (pass != 0 && verify_pass(pamh, name, inst, pass) == PAM_SUCCESS) - return PAM_SUCCESS; - else if (ctrl_on(KRB4_USE_FIRST_PASS)) - return PAM_AUTHTOK_RECOVERY_ERR; /* Wrong password! */ - else - /* We tried the first password but it didn't work, cont. */; - } - - msg.msg_style = PAM_PROMPT_ECHO_OFF; - if (*inst == 0) - snprintf(prompt, sizeof(prompt), "%s's Password: ", name); - else - snprintf(prompt, sizeof(prompt), "%s.%s's Password: ", name, inst); - msg.msg = prompt; - - ret = conv->conv(1, &pmsg, &resp, conv->appdata_ptr); - if (ret != PAM_SUCCESS) - return ret; - - ret = verify_pass(pamh, name, inst, resp->resp); - if (ret == PAM_SUCCESS) - { - memset(resp->resp, 0, strlen(resp->resp)); /* Erase password! */ - free(resp->resp); - free(resp); - } - else - { - pam_set_item(pamh, PAM_AUTHTOK, resp->resp); /* Save password. */ - /* free(resp->resp); XXX */ - /* free(resp); XXX */ - } - - return ret; -} - -int -pam_sm_authenticate(pam_handle_t *pamh, - int flags, - int argc, - const char **argv) -{ - char *user; - int ret; - struct pam_conv *conv; - struct passwd *pw; - uid_t uid = -1; - const char *name, *inst; - char realm[REALM_SZ]; - realm[0] = 0; - - parse_ctrl(argc, argv); - ENTRY("pam_sm_authenticate"); - - ret = pam_get_user(pamh, &user, "login: "); - if (ret != PAM_SUCCESS) - return ret; - - if (ctrl_on(KRB4_IGNORE_ROOT) && strcmp(user, "root") == 0) - return PAM_AUTHINFO_UNAVAIL; - - ret = pam_get_item(pamh, PAM_CONV, (void*)&conv); - if (ret != PAM_SUCCESS) - return ret; - - pw = getpwnam(user); - if (pw != 0) - { - uid = pw->pw_uid; - set_tkt_string(uid); - } - - if (strcmp(user, "root") == 0 && getuid() != 0) - { - pw = getpwuid(getuid()); - if (pw != 0) - { - name = strdup(pw->pw_name); - inst = "root"; - } - } - else - { - name = user; - inst = ""; - } - - ret = krb4_auth(pamh, flags, name, inst, conv); - - /* - * The realm was lost inside krb_verify_user() so we can't simply do - * a krb_kuserok() when inst != "". - */ - if (ret == PAM_SUCCESS && inst[0] != 0) - { - uid_t old_euid = geteuid(); - uid_t old_ruid = getuid(); - - setreuid(0, 0); /* To read ticket file. */ - if (krb_get_tf_fullname(tkt_string(), 0, 0, realm) != KSUCCESS) - ret = PAM_SERVICE_ERR; - else if (krb_kuserok(name, inst, realm, user) != KSUCCESS) - { - setreuid(0, uid); /* To read ~/.klogin. */ - if (krb_kuserok(name, inst, realm, user) != KSUCCESS) - ret = PAM_PERM_DENIED; - } - - if (ret != PAM_SUCCESS) - { - dest_tkt(); /* Passwd known, ok to kill ticket. */ - psyslog(LOG_NOTICE, - "%s.%s@%s is not allowed to log in as %s", - name, inst, realm, user); - } - - setreuid(old_ruid, old_euid); - if (getuid() != old_ruid || geteuid() != old_euid) - { - psyslog(LOG_ALERT , "setreuid(%d, %d) failed at line %d", - old_ruid, old_euid, __LINE__); - exit(1); - } - } - - if (ret == PAM_SUCCESS) - { - psyslog(LOG_INFO, - "%s.%s@%s authenticated as user %s", - name, inst, realm, user); - if (chown(tkt_string(), uid, -1) == -1) - { - dest_tkt(); - psyslog(LOG_ALERT , "chown(%s, %d, -1) failed", tkt_string(), uid); - exit(1); - } - } - - /* - * Kludge alert!!! Sun dtlogin unlock screen fails to call - * pam_setcred(3) with PAM_REFRESH_CRED after a successful - * authentication attempt, sic. - * - * This hack is designed as a workaround to that problem. - */ - if (ctrl_on(KRB4_REAFSLOG)) - if (ret == PAM_SUCCESS) - pam_sm_setcred(pamh, PAM_REFRESH_CRED, argc, argv); - - return ret; -} - -int -pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_setcred"); - - switch (flags & ~PAM_SILENT) { - case 0: - case PAM_ESTABLISH_CRED: - if (k_hasafs()) - k_setpag(); - /* Fall through, fill PAG with credentials below. */ - case PAM_REINITIALIZE_CRED: - case PAM_REFRESH_CRED: - if (k_hasafs()) - { - void *user = 0; - - if (pam_get_item(pamh, PAM_USER, &user) == PAM_SUCCESS) - { - struct passwd *pw = getpwnam((char *)user); - if (pw != 0) - krb_afslog_uid_home(/*cell*/ 0,/*realm_hint*/ 0, - pw->pw_uid, pw->pw_dir); - } - } - break; - case PAM_DELETE_CRED: - dest_tkt(); - if (k_hasafs()) - k_unlog(); - break; - default: - psyslog(LOG_ALERT , "pam_sm_setcred: unknown flags 0x%x", flags); - break; - } - - return PAM_SUCCESS; -} - -int -pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_open_session"); - - return PAM_SUCCESS; -} - - -int -pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char**argv) -{ - parse_ctrl(argc, argv); - ENTRY("pam_sm_close_session"); - - /* This isn't really kosher, but it's handy. */ - pam_sm_setcred(pamh, PAM_DELETE_CRED, argc, argv); - - return PAM_SUCCESS; -} diff --git a/crypto/kerberosIV/lib/auth/pam/pam.conf.add b/crypto/kerberosIV/lib/auth/pam/pam.conf.add deleted file mode 100644 index 64a4915dbf48..000000000000 --- a/crypto/kerberosIV/lib/auth/pam/pam.conf.add +++ /dev/null @@ -1,81 +0,0 @@ -To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch: - ---- /etc/pam.conf.DIST Mon Jul 20 15:37:46 1998 -+++ /etc/pam.conf Tue Feb 15 19:39:12 2000 -@@ -4,15 +4,19 @@ - # - # Authentication management - # -+login auth sufficient /usr/athena/lib/pam_krb4.so - login auth required /usr/lib/security/pam_unix.so.1 - login auth required /usr/lib/security/pam_dial_auth.so.1 - # - rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1 - rlogin auth required /usr/lib/security/pam_unix.so.1 - # -+dtlogin auth sufficient /usr/athena/lib/pam_krb4.so - dtlogin auth required /usr/lib/security/pam_unix.so.1 - # - rsh auth required /usr/lib/security/pam_rhosts_auth.so.1 -+# Reafslog is for dtlogin lock display -+other auth sufficient /usr/athena/lib/pam_krb4.so reafslog - other auth required /usr/lib/security/pam_unix.so.1 - # - # Account management -@@ -24,6 +28,8 @@ - # - # Session management - # -+dtlogin session required /usr/athena/lib/pam_krb4.so -+login session required /usr/athena/lib/pam_krb4.so - other session required /usr/lib/security/pam_unix.so.1 - # - # Password management ---------------------------------------------------------------------------- -To enable PAM in /bin/login and xdm under Red Hat 6.1 apply these patches: - ---- /etc/pam.d/login~ Thu Jul 8 00:14:02 1999 -+++ /etc/pam.d/login Mon Aug 30 14:33:12 1999 -@@ -1,9 +1,12 @@ - #%PAM-1.0 -+# Updated to work with kerberos -+auth sufficient /lib/security/pam_krb4.so - auth required /lib/security/pam_securetty.so - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so nullok use_authtok shadow -+session required /lib/security/pam_krb4.so - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so ---- /etc/pam.d/xdm~ Mon Jun 14 17:39:05 1999 -+++ /etc/pam.d/xdm Mon Aug 30 14:54:51 1999 -@@ -1,8 +1,10 @@ - #%PAM-1.0 -+auth sufficient /lib/security/pam_krb4.so - auth required /lib/security/pam_pwdb.so shadow nullok - auth required /lib/security/pam_nologin.so - account required /lib/security/pam_pwdb.so - password required /lib/security/pam_cracklib.so - password required /lib/security/pam_pwdb.so shadow nullok use_authtok -+session required /lib/security/pam_krb4.so - session required /lib/security/pam_pwdb.so - session optional /lib/security/pam_console.so --------------------------------------------------------------------------- - -This stuff may work under some other system. - -# To get this to work, you will have to add entries to /etc/pam.conf -# -# To make login kerberos-aware, you might change pam.conf to look -# like: - -# login authorization -login auth sufficient /lib/security/pam_krb4.so -login auth required /lib/security/pam_securetty.so -login auth required /lib/security/pam_unix_auth.so -login account required /lib/security/pam_unix_acct.so -login password required /lib/security/pam_unix_passwd.so -login session required /lib/security/pam_krb4.so -login session required /lib/security/pam_unix_session.so diff --git a/crypto/kerberosIV/lib/auth/sia/Makefile.am b/crypto/kerberosIV/lib/auth/sia/Makefile.am deleted file mode 100644 index 5a58cb72d359..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/Makefile.am +++ /dev/null @@ -1,48 +0,0 @@ -# $Id: Makefile.am,v 1.4 1999/04/08 12:36:40 joda Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += $(INCLUDE_krb4) - -WFLAGS += $(WFLAGS_NOIMPLICITINT) - -DEFS = @DEFS@ - -## this is horribly ugly, but automake/libtool doesn't allow us to -## unconditionally build shared libraries, and it does not allow us to -## link with non-installed libraries - -if KRB4 -KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a -endif - -L = \ - $(KAFS) \ - $(top_builddir)/lib/krb5/.libs/libkrb5.a \ - $(top_builddir)/lib/asn1/.libs/libasn1.a \ - $(LIB_krb4) \ - $(top_builddir)/lib/des/.libs/libdes.a \ - $(top_builddir)/lib/com_err/.libs/libcom_err.a \ - $(top_builddir)/lib/roken/.libs/libroken.a \ - $(LIB_getpwnam_r) \ - -lc - -EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch - -foodir = $(libdir) -foo_DATA = libsia_krb5.so - -LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\* - -OBJS = sia.o posix_getpw.o - -libsia_krb5.so: $(OBJS) - ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L) - ostrip -x -z $@ - -CLEANFILES = libsia_krb5.so $(OBJS) so_locations - -SUFFIXES += .c .o - -.c.o: - $(COMPILE) -c $< diff --git a/crypto/kerberosIV/lib/auth/sia/Makefile.in b/crypto/kerberosIV/lib/auth/sia/Makefile.in deleted file mode 100644 index a17c3417a208..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/Makefile.in +++ /dev/null @@ -1,90 +0,0 @@ -# -# $Id: Makefile.in,v 1.30.2.1 2000/06/23 03:20:06 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -PICFLAGS = @REAL_PICFLAGS@ -SHARED = @SHARED@ -LDSHARED = @LDSHARED@ -SHLIBEXT = @REAL_SHLIBEXT@ -LD_FLAGS = @REAL_LD_FLAGS@ - -@lib_deps_yes@LIB_DEPS = -L../../kafs -lkafs \ -@lib_deps_yes@ -L../../kadm -lkadm \ -@lib_deps_yes@ -L../../krb -lkrb \ -@lib_deps_yes@ -L../../des -ldes \ -@lib_deps_yes@ -L../../com_err -lcom_err \ -@lib_deps_yes@ -L../../roken -lroken \ -@lib_deps_yes@ @LIB_getpwnam_r@ \ -@lib_deps_yes@ -lc -@lib_deps_no@LIB_DEPS = - -LIBNAME = libsia_krb4 -LIB = $(LIBNAME).$(SHLIBEXT) - -SOURCES = sia.c posix_getpw.c - -OBJECTS = sia.o posix_getpw.o - -all: $(LIB) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - -if test "$(LIB)" != ""; then \ - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) ; \ - fi - -uninstall: - -if test "$(LIB)" != ""; then \ - rm -f $(DESTDIR)$(libdir)/$(LIB) ; \ - fi - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -$(OBJECTS): ../../../include/config.h - -$(LIB): $(OBJECTS) - rm -f $@ - $(LDSHARED) -shared -o $@ -rpath $(libdir) -hidden -exported_symbol siad_\* $(OBJECTS) $(LIB_DEPS) - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/auth/sia/README b/crypto/kerberosIV/lib/auth/sia/README deleted file mode 100644 index 65957345dad1..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/README +++ /dev/null @@ -1,87 +0,0 @@ - -Digital SIA ------------ - -To install the SIA module you will have to do the following: - - * Make sure `libsia_krb4.so' is available in `/usr/athena/lib'. If - `/usr/athena' is not on local disk, you might want to put it in - `/usr/shlib' or someplace else. If you do, you'll have to edit - `krb4_matrix.conf' to reflect the new location (you will also have - to do this if you installed in some other directory than - `/usr/athena'). If you built with shared libraries, you will have - to copy the shared `libkrb.so', `libdes.so', `libkadm.so', and - `libkafs.so' to a place where the loader can find them (such as - `/usr/shlib'). - - * Copy (your possibly edited) `krb4_matrix.conf' to `/etc/sia'. - - * Apply `security.patch' to `/sbin/init.d/security'. - - * Turn on KRB4 security by issuing `rcmgr set SECURITY KRB4' and - `rcmgr set KRB4_MATRIX_CONF krb4_matrix.conf'. - - * Digital thinks you should reboot your machine, but that really - shouldn't be necessary. It's usually sufficient just to run - `/sbin/init.d/security start' (and restart any applications that - use SIA, like `xdm'.) - -Users with local passwords (like `root') should be able to login safely. - -When using Digital's xdm the `KRBTKFILE' environment variable isn't -passed along as it should (since xdm zaps the environment). Instead you -have to set `KRBTKFILE' to the correct value in -`/usr/lib/X11/xdm/Xsession'. Add a line similar to - KRBTKFILE=/tmp/tkt`id -u`_`ps -o ppid= -p $$`; export KRBTKFILE -If you use CDE, `dtlogin' allows you to specify which additional -environment variables it should export. To add `KRBTKFILE' to this -list, edit `/usr/dt/config/Xconfig', and look for the definition of -`exportList'. You want to add something like: - Dtlogin.exportList: KRBTKFILE - -Notes to users with Enhanced security -..................................... - -Digital's `ENHANCED' (C2) security, and Kerberos solves two different -problems. C2 deals with local security, adds better control of who can -do what, auditing, and similar things. Kerberos deals with network -security. - -To make C2 security work with Kerberos you will have to do the -following. - - * Replace all occurencies of `krb4_matrix.conf' with - `krb4+c2_matrix.conf' in the directions above. - - * You must enable "vouching" in the `default' database. This will - make the OSFC2 module trust other SIA modules, so you can login - without giving your C2 password. To do this use `edauth' to edit - the default entry `/usr/tcb/bin/edauth -dd default', and add a - `d_accept_alternate_vouching' capability, if not already present. - - * For each user that does _not_ have a local C2 password, you should - set the password expiration field to zero. You can do this for each - user, or in the `default' table. To do this use `edauth' to set - (or change) the `u_exp' capability to `u_exp#0'. - - * You also need to be aware that the shipped `login', `rcp', and - `rshd', doesn't do any particular C2 magic (such as checking to - various forms of disabled accounts), so if you rely on those - features, you shouldn't use those programs. If you configure with - `--enable-osfc2', these programs will, however, set the login UID. - Still: use at your own risk. - -At present `su' does not accept the vouching flag, so it will not work -as expected. - -Also, kerberised ftp will not work with C2 passwords. You can solve this -by using both Digital's ftpd and our on different ports. - -*Remember*, if you do these changes you will get a system that most -certainly does _not_ fulfill the requirements of a C2 system. If C2 is -what you want, for instance if someone else is forcing you to use it, -you're out of luck. If you use enhanced security because you want a -system that is more secure than it would otherwise be, you probably got -an even more secure system. Passwords will not be sent in the clear, -for instance. - diff --git a/crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf b/crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf deleted file mode 100644 index 4b90e0264a37..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright (c) 1998 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -# $Id: krb4+c2_matrix.conf,v 1.4 1999/12/02 16:58:37 joda Exp $ - -# sia matrix configuration file (Kerberos 4 + C2) - -siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chk_invoker=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_estab=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_finger=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_shell=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf b/crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf deleted file mode 100644 index 4f55a810ce71..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright (c) 1998 Kungliga Tekniska Högskolan -# (Royal Institute of Technology, Stockholm, Sweden). -# All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted provided that the following conditions -# are met: -# -# 1. Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# 2. Redistributions in binary form must reproduce the above copyright -# notice, this list of conditions and the following disclaimer in the -# documentation and/or other materials provided with the distribution. -# -# 3. Neither the name of the Institute nor the names of its contributors -# may be used to endorse or promote products derived from this software -# without specific prior written permission. -# -# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND -# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE -# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -# SUCH DAMAGE. - -# $Id: krb4_matrix.conf,v 1.6 1999/12/02 16:58:37 joda Exp $ - -# sia matrix configuration file (Kerberos 4 + BSD) - -siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chk_invoker=(BSD,libc.so) -siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so) -siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_ses_estab=(BSD,libc.so) -siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chg_finger=(BSD,libc.so) -siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chg_shell=(BSD,libc.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) -siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) - diff --git a/crypto/kerberosIV/lib/auth/sia/krb5+c2_matrix.conf b/crypto/kerberosIV/lib/auth/sia/krb5+c2_matrix.conf deleted file mode 100644 index c2952e2db8f6..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/krb5+c2_matrix.conf +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: krb5+c2_matrix.conf,v 1.2 1998/11/26 20:58:18 assar Exp $ - -# sia matrix configuration file (Kerberos 5 + C2) - -siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_invoker=(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_estab=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_ses_reauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_finger=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_password=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chg_shell=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) -siad_chk_user=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/kerberosIV/lib/auth/sia/krb5_matrix.conf b/crypto/kerberosIV/lib/auth/sia/krb5_matrix.conf deleted file mode 100644 index e49366aefc67..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/krb5_matrix.conf +++ /dev/null @@ -1,27 +0,0 @@ -# $Id: krb5_matrix.conf,v 1.1 1997/05/15 18:34:18 joda Exp $ - -# sia matrix configuration file (Kerberos 5 + BSD) - -siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_invoker=(BSD,libc.so) -siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so) -siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_estab=(BSD,libc.so) -siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_ses_reauthent=(BSD,libc.so) -siad_chg_finger=(BSD,libc.so) -siad_chg_password=(BSD,libc.so) -siad_chg_shell=(BSD,libc.so) -siad_getpwent=(BSD,libc.so) -siad_getpwuid=(BSD,libc.so) -siad_getpwnam=(BSD,libc.so) -siad_setpwent=(BSD,libc.so) -siad_endpwent=(BSD,libc.so) -siad_getgrent=(BSD,libc.so) -siad_getgrgid=(BSD,libc.so) -siad_getgrnam=(BSD,libc.so) -siad_setgrent=(BSD,libc.so) -siad_endgrent=(BSD,libc.so) -siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) -siad_chk_user=(BSD,libc.so) diff --git a/crypto/kerberosIV/lib/auth/sia/posix_getpw.c b/crypto/kerberosIV/lib/auth/sia/posix_getpw.c deleted file mode 100644 index c5961dcd2c5b..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/posix_getpw.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#include "sia_locl.h" - -RCSID("$Id: posix_getpw.c,v 1.1 1999/03/21 17:07:02 joda Exp $"); - -#ifndef POSIX_GETPWNAM_R -/* - * These functions translate from the old Digital UNIX 3.x interface - * to POSIX.1c. - */ - -int -posix_getpwnam_r(const char *name, struct passwd *pwd, - char *buffer, int len, struct passwd **result) -{ - int ret = getpwnam_r(name, pwd, buffer, len); - if(ret == 0) - *result = pwd; - else{ - *result = NULL; - ret = _Geterrno(); - if(ret == 0){ - ret = ERANGE; - _Seterrno(ret); - } - } - return ret; -} - -int -posix_getpwuid_r(uid_t uid, struct passwd *pwd, - char *buffer, int len, struct passwd **result) -{ - int ret = getpwuid_r(uid, pwd, buffer, len); - if(ret == 0) - *result = pwd; - else{ - *result = NULL; - ret = _Geterrno(); - if(ret == 0){ - ret = ERANGE; - _Seterrno(ret); - } - } - return ret; -} -#endif /* POSIX_GETPWNAM_R */ diff --git a/crypto/kerberosIV/lib/auth/sia/security.patch b/crypto/kerberosIV/lib/auth/sia/security.patch deleted file mode 100644 index c407876d6362..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/security.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- /sbin/init.d/security~ Tue Aug 20 22:44:09 1996 -+++ /sbin/init.d/security Fri Nov 1 14:52:56 1996 -@@ -49,7 +49,7 @@ - SECURITY=BASE - fi - ;; -- BASE) -+ BASE|KRB4) - ;; - *) - echo "security configuration set to default (BASE)." diff --git a/crypto/kerberosIV/lib/auth/sia/sia.c b/crypto/kerberosIV/lib/auth/sia/sia.c deleted file mode 100644 index 979bb58bb81e..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/sia.c +++ /dev/null @@ -1,672 +0,0 @@ -/* - * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sia_locl.h" - -RCSID("$Id: sia.c,v 1.32.2.1 1999/12/20 09:49:30 joda Exp $"); - -int -siad_init(void) -{ - return SIADSUCCESS; -} - -int -siad_chk_invoker(void) -{ - SIA_DEBUG(("DEBUG", "siad_chk_invoker")); - return SIADFAIL; -} - -int -siad_ses_init(SIAENTITY *entity, int pkgind) -{ - struct state *s = malloc(sizeof(*s)); - SIA_DEBUG(("DEBUG", "siad_ses_init")); - if(s == NULL) - return SIADFAIL; - memset(s, 0, sizeof(*s)); -#ifdef SIA_KRB5 - krb5_init_context(&s->context); -#endif - entity->mech[pkgind] = (int*)s; - return SIADSUCCESS; -} - -static int -setup_name(SIAENTITY *e, prompt_t *p) -{ - SIA_DEBUG(("DEBUG", "setup_name")); - e->name = malloc(SIANAMEMIN + 1); - if(e->name == NULL){ - SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIANAMEMIN+1)); - return SIADFAIL; - } - p->prompt = (unsigned char*)"login: "; - p->result = (unsigned char*)e->name; - p->min_result_length = 1; - p->max_result_length = SIANAMEMIN; - p->control_flags = 0; - return SIADSUCCESS; -} - -static int -setup_password(SIAENTITY *e, prompt_t *p) -{ - SIA_DEBUG(("DEBUG", "setup_password")); - e->password = malloc(SIAMXPASSWORD + 1); - if(e->password == NULL){ - SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIAMXPASSWORD+1)); - return SIADFAIL; - } - p->prompt = (unsigned char*)"Password: "; - p->result = (unsigned char*)e->password; - p->min_result_length = 0; - p->max_result_length = SIAMXPASSWORD; - p->control_flags = SIARESINVIS; - return SIADSUCCESS; -} - - -static int -doauth(SIAENTITY *entity, int pkgind, char *name) -{ - struct passwd pw, *pwd; - char pwbuf[1024]; - struct state *s = (struct state*)entity->mech[pkgind]; -#ifdef SIA_KRB5 - krb5_realm *realms, *r; - krb5_principal principal; - krb5_ccache ccache; - krb5_error_code ret; -#endif -#ifdef SIA_KRB4 - char realm[REALM_SZ]; - char *toname, *toinst; - int ret; - struct passwd fpw, *fpwd; - char fpwbuf[1024]; - int secure; -#endif - - if(getpwnam_r(name, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0){ - SIA_DEBUG(("DEBUG", "failed to getpwnam(%s)", name)); - return SIADFAIL; - } - -#ifdef SIA_KRB5 - ret = krb5_get_default_realms(s->context, &realms); - - for (r = realms; *r != NULL; ++r) { - krb5_make_principal (s->context, &principal, *r, entity->name, NULL); - - if(krb5_kuserok(s->context, principal, entity->name)) - break; - } - krb5_free_host_realm (s->context, realms); - if (*r == NULL) - return SIADFAIL; - - sprintf(s->ticket, "FILE:/tmp/krb5_cc%d_%d", pwd->pw_uid, getpid()); - ret = krb5_cc_resolve(s->context, s->ticket, &ccache); - if(ret) - return SIADFAIL; -#endif - -#ifdef SIA_KRB4 - snprintf(s->ticket, sizeof(s->ticket), - "%s%u_%u", TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); - krb_get_lrealm(realm, 1); - toname = name; - toinst = ""; - if(entity->authtype == SIA_A_SUAUTH){ - uid_t ouid; -#ifdef HAVE_SIAENTITY_OUID - ouid = entity->ouid; -#else - ouid = getuid(); -#endif - if(getpwuid_r(ouid, &fpw, fpwbuf, sizeof(fpwbuf), &fpwd) != 0){ - SIA_DEBUG(("DEBUG", "failed to getpwuid(%u)", ouid)); - return SIADFAIL; - } - snprintf(s->ticket, sizeof(s->ticket), "%s_%s_to_%s_%d", - TKT_ROOT, fpwd->pw_name, pwd->pw_name, getpid()); - if(strcmp(pwd->pw_name, "root") == 0){ - toname = fpwd->pw_name; - toinst = pwd->pw_name; - } - } - if(entity->authtype == SIA_A_REAUTH) - snprintf(s->ticket, sizeof(s->ticket), "%s", tkt_string()); - - krb_set_tkt_string(s->ticket); - - setuid(0); /* XXX fix for fix in tf_util.c */ - if(krb_kuserok(toname, toinst, realm, name)){ - SIA_DEBUG(("DEBUG", "%s.%s@%s is not allowed to login as %s", - toname, toinst, realm, name)); - return SIADFAIL; - } -#endif -#ifdef SIA_KRB5 - ret = krb5_verify_user_lrealm(s->context, principal, ccache, - entity->password, 1, NULL); - if(ret){ - /* if this is most likely a local user (such as - root), just silently return failure when the - principal doesn't exist */ - if(ret != KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN && - ret != KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) - SIALOG("WARNING", "krb5_verify_user(%s): %s", - entity->name, error_message(ret)); - return SIADFAIL; - } -#endif -#ifdef SIA_KRB4 - if (getuid () == 0) - secure = KRB_VERIFY_SECURE; - else - secure = KRB_VERIFY_NOT_SECURE; - - ret = krb_verify_user(toname, toinst, realm, - entity->password, secure, NULL); - if(ret){ - SIA_DEBUG(("DEBUG", "krb_verify_user: %s", krb_get_err_text(ret))); - if(ret != KDC_PR_UNKNOWN) - /* since this is most likely a local user (such as - root), just silently return failure when the - principal doesn't exist */ - SIALOG("WARNING", "krb_verify_user(%s.%s): %s", - toname, toinst, krb_get_err_text(ret)); - return SIADFAIL; - } -#endif - if(sia_make_entity_pwd(pwd, entity) == SIAFAIL) - return SIADFAIL; - s->valid = 1; - return SIADSUCCESS; -} - - -static int -common_auth(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - prompt_t prompts[2], *pr; - char *name; - - SIA_DEBUG(("DEBUG", "common_auth")); - if((siastat == SIADSUCCESS) && (geteuid() == 0)) - return SIADSUCCESS; - if(entity == NULL) { - SIA_DEBUG(("DEBUG", "entity == NULL")); - return SIADFAIL | SIADSTOP; - } - name = entity->name; - if(entity->acctname) - name = entity->acctname; - - if((collect != NULL) && entity->colinput) { - int num; - pr = prompts; - if(name == NULL){ - if(setup_name(entity, pr) != SIADSUCCESS) - return SIADFAIL; - pr++; - } - if(entity->password == NULL){ - if(setup_password(entity, pr) != SIADSUCCESS) - return SIADFAIL; - pr++; - } - num = pr - prompts; - if(num == 1){ - if((*collect)(240, SIAONELINER, (unsigned char*)"", num, - prompts) != SIACOLSUCCESS){ - SIA_DEBUG(("DEBUG", "collect failed")); - return SIADFAIL | SIADSTOP; - } - } else if(num > 0){ - if((*collect)(0, SIAFORM, (unsigned char*)"", num, - prompts) != SIACOLSUCCESS){ - SIA_DEBUG(("DEBUG", "collect failed")); - return SIADFAIL | SIADSTOP; - } - } - } - if(name == NULL) - name = entity->name; - if(name == NULL || name[0] == '\0'){ - SIA_DEBUG(("DEBUG", "name is null")); - return SIADFAIL; - } - - if(entity->password == NULL || strlen(entity->password) > SIAMXPASSWORD){ - SIA_DEBUG(("DEBUG", "entity->password is null")); - return SIADFAIL; - } - - return doauth(entity, pkgind, name); -} - - -int -siad_ses_authent(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_authent")); - return common_auth(collect, entity, siastat, pkgind); -} - -int -siad_ses_estab(sia_collect_func_t *collect, - SIAENTITY *entity, int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_estab")); - return SIADFAIL; -} - -int -siad_ses_launch(sia_collect_func_t *collect, - SIAENTITY *entity, - int pkgind) -{ - static char env[MaxPathLen]; - struct state *s = (struct state*)entity->mech[pkgind]; - SIA_DEBUG(("DEBUG", "siad_ses_launch")); - if(s->valid){ -#ifdef SIA_KRB5 - chown(s->ticket + sizeof("FILE:") - 1, - entity->pwd->pw_uid, - entity->pwd->pw_gid); - snprintf(env, sizeof(env), "KRB5CCNAME=%s", s->ticket); -#endif -#ifdef SIA_KRB4 - chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); - snprintf(env, sizeof(env), "KRBTKFILE=%s", s->ticket); -#endif - putenv(env); - } -#ifdef KRB4 - if (k_hasafs()) { - char cell[64]; - k_setpag(); - if(k_afs_cell_of_file(entity->pwd->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog_home(0, 0, entity->pwd->pw_dir); - } -#endif - return SIADSUCCESS; -} - -int -siad_ses_release(SIAENTITY *entity, int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_release")); - if(entity->mech[pkgind]){ -#ifdef SIA_KRB5 - struct state *s = (struct state*)entity->mech[pkgind]; - krb5_free_context(s->context); -#endif - free(entity->mech[pkgind]); - } - return SIADSUCCESS; -} - -int -siad_ses_suauthent(sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - SIA_DEBUG(("DEBUG", "siad_ses_suauth")); - if(geteuid() != 0) - return SIADFAIL; - if(entity->name == NULL) - return SIADFAIL; - if(entity->name[0] == '\0') { - free(entity->name); - entity->name = strdup("root"); - if (entity->name == NULL) - return SIADFAIL; - } - return common_auth(collect, entity, siastat, pkgind); -} - -int -siad_ses_reauthent (sia_collect_func_t *collect, - SIAENTITY *entity, - int siastat, - int pkgind) -{ - int ret; - SIA_DEBUG(("DEBUG", "siad_ses_reauthent")); - if(entity == NULL || entity->name == NULL) - return SIADFAIL; - ret = common_auth(collect, entity, siastat, pkgind); - if((ret & SIADSUCCESS)){ - /* launch isn't (always?) called when doing reauth, so we must - duplicate some code here... */ - struct state *s = (struct state*)entity->mech[pkgind]; - chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); -#ifdef KRB4 - if(k_hasafs()) { - char cell[64]; - if(k_afs_cell_of_file(entity->pwd->pw_dir, - cell, sizeof(cell)) == 0) - krb_afslog(cell, 0); - krb_afslog_home(0, 0, entity->pwd->pw_dir); - } -#endif - } - return ret; -} - -int -siad_chg_finger (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - SIA_DEBUG(("DEBUG", "siad_chg_finger")); - return SIADFAIL; -} - -#ifdef SIA_KRB5 -int -siad_chg_password (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - return SIADFAIL; -} -#endif - -#ifdef SIA_KRB4 -static void -sia_message(sia_collect_func_t *collect, int rendition, - const char *title, const char *message) -{ - prompt_t prompt; - prompt.prompt = (unsigned char*)message; - (*collect)(0, rendition, (unsigned char*)title, 1, &prompt); -} - -static int -init_change(sia_collect_func_t *collect, krb_principal *princ) -{ - prompt_t prompt; - char old_pw[MAX_KPW_LEN+1]; - char *msg; - char tktstring[128]; - int ret; - - SIA_DEBUG(("DEBUG", "init_change")); - prompt.prompt = (unsigned char*)"Old password: "; - prompt.result = (unsigned char*)old_pw; - prompt.min_result_length = 0; - prompt.max_result_length = sizeof(old_pw) - 1; - prompt.control_flags = SIARESINVIS; - asprintf(&msg, "Changing password for %s", krb_unparse_name(princ)); - if(msg == NULL){ - SIA_DEBUG(("DEBUG", "out of memory")); - return SIADFAIL; - } - ret = (*collect)(60, SIAONELINER, (unsigned char*)msg, 1, &prompt); - free(msg); - SIA_DEBUG(("DEBUG", "ret = %d", ret)); - if(ret != SIACOLSUCCESS) - return SIADFAIL; - snprintf(tktstring, sizeof(tktstring), - "%s_cpw_%u", TKT_ROOT, (unsigned)getpid()); - krb_set_tkt_string(tktstring); - - ret = krb_get_pw_in_tkt(princ->name, princ->instance, princ->realm, - PWSERV_NAME, KADM_SINST, 1, old_pw); - if (ret != KSUCCESS) { - SIA_DEBUG(("DEBUG", "krb_get_pw_in_tkt: %s", krb_get_err_text(ret))); - if (ret == INTK_BADPW) - sia_message(collect, SIAWARNING, "", "Incorrect old password."); - else - sia_message(collect, SIAWARNING, "", "Kerberos error."); - memset(old_pw, 0, sizeof(old_pw)); - return SIADFAIL; - } - if(chown(tktstring, getuid(), -1) < 0){ - dest_tkt(); - return SIADFAIL; - } - memset(old_pw, 0, sizeof(old_pw)); - return SIADSUCCESS; -} - -int -siad_chg_password (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - prompt_t prompts[2]; - krb_principal princ; - int ret; - char new_pw1[MAX_KPW_LEN+1]; - char new_pw2[MAX_KPW_LEN+1]; - static struct et_list *et_list; - - set_progname(argv[0]); - - SIA_DEBUG(("DEBUG", "siad_chg_password")); - if(collect == NULL) - return SIADFAIL; - - if(username == NULL) - username = getlogin(); - - ret = krb_parse_name(username, &princ); - if(ret) - return SIADFAIL; - if(princ.realm[0] == '\0') - krb_get_lrealm(princ.realm, 1); - - if(et_list == NULL) { - initialize_kadm_error_table_r(&et_list); - initialize_krb_error_table_r(&et_list); - } - - ret = init_change(collect, &princ); - if(ret != SIADSUCCESS) - return ret; - -again: - prompts[0].prompt = (unsigned char*)"New password: "; - prompts[0].result = (unsigned char*)new_pw1; - prompts[0].min_result_length = MIN_KPW_LEN; - prompts[0].max_result_length = sizeof(new_pw1) - 1; - prompts[0].control_flags = SIARESINVIS; - prompts[1].prompt = (unsigned char*)"Verify new password: "; - prompts[1].result = (unsigned char*)new_pw2; - prompts[1].min_result_length = MIN_KPW_LEN; - prompts[1].max_result_length = sizeof(new_pw2) - 1; - prompts[1].control_flags = SIARESINVIS; - if((*collect)(120, SIAFORM, (unsigned char*)"", 2, prompts) != - SIACOLSUCCESS) { - dest_tkt(); - return SIADFAIL; - } - if(strcmp(new_pw1, new_pw2) != 0){ - sia_message(collect, SIAWARNING, "", "Password mismatch."); - goto again; - } - ret = kadm_check_pw(new_pw1); - if(ret) { - sia_message(collect, SIAWARNING, "", com_right(et_list, ret)); - goto again; - } - - memset(new_pw2, 0, sizeof(new_pw2)); - ret = kadm_init_link (PWSERV_NAME, KRB_MASTER, princ.realm); - if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "Error initing kadmin connection", - com_right(et_list, ret)); - else { - des_cblock newkey; - char *pw_msg; /* message from server */ - - des_string_to_key(new_pw1, &newkey); - ret = kadm_change_pw_plain((unsigned char*)&newkey, new_pw1, &pw_msg); - memset(newkey, 0, sizeof(newkey)); - - if (ret == KADM_INSECURE_PW) - sia_message(collect, SIAWARNING, "Insecure password", pw_msg); - else if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "Error changing password", - com_right(et_list, ret)); - } - memset(new_pw1, 0, sizeof(new_pw1)); - - if (ret != KADM_SUCCESS) - sia_message(collect, SIAWARNING, "", "Password NOT changed."); - else - sia_message(collect, SIAINFO, "", "Password changed."); - - dest_tkt(); - if(ret) - return SIADFAIL; - return SIADSUCCESS; -} -#endif - -int -siad_chg_shell (sia_collect_func_t *collect, - const char *username, - int argc, - char *argv[]) -{ - return SIADFAIL; -} - -int -siad_getpwent(struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getpwuid (uid_t uid, - struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getpwnam (const char *name, - struct passwd *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_setpwent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_endpwent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrent(struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrgid (gid_t gid, - struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_getgrnam (const char *name, - struct group *result, - char *buf, - int bufsize, - struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_setgrent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_endgrent (struct sia_context *context) -{ - return SIADFAIL; -} - -int -siad_chk_user (const char *logname, int checkflag) -{ - if(checkflag != CHGPASSWD) - return SIADFAIL; - return SIADSUCCESS; -} diff --git a/crypto/kerberosIV/lib/auth/sia/sia_locl.h b/crypto/kerberosIV/lib/auth/sia/sia_locl.h deleted file mode 100644 index 0f3f74d98d3b..000000000000 --- a/crypto/kerberosIV/lib/auth/sia/sia_locl.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -/* $Id: sia_locl.h,v 1.2 1999/04/01 16:09:22 joda Exp $ */ - -#ifndef __sia_locl_h__ -#define __sia_locl_h__ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include -#include -#include -#include -#include - -#ifdef KRB5 -#define SIA_KRB5 -#elif defined(KRB4) -#define SIA_KRB4 -#endif - -#ifdef SIA_KRB5 -#include -#include -#endif -#ifdef SIA_KRB4 -#include -#include -#include -#include -#endif -#ifdef KRB4 -#include -#endif - -#include - -#ifndef POSIX_GETPWNAM_R - -#define getpwnam_r posix_getpwnam_r -#define getpwuid_r posix_getpwuid_r - -#endif /* POSIX_GETPWNAM_R */ - -#ifndef DEBUG -#define SIA_DEBUG(X) -#else -#define SIA_DEBUG(X) SIALOG X -#endif - -struct state{ -#ifdef SIA_KRB5 - krb5_context context; - krb5_auth_context auth_context; -#endif - char ticket[MaxPathLen]; - int valid; -}; - -#endif /* __sia_locl_h__ */ diff --git a/crypto/kerberosIV/lib/com_err/ChangeLog b/crypto/kerberosIV/lib/com_err/ChangeLog deleted file mode 100644 index ea7a5f6d01ee..000000000000 --- a/crypto/kerberosIV/lib/com_err/ChangeLog +++ /dev/null @@ -1,106 +0,0 @@ -1999-07-03 Assar Westerlund - - * parse.y (statement): use asprintf - -1999-06-13 Assar Westerlund - - * Makefile.in: make it solaris make vpath-safe - -Thu Apr 1 11:13:53 1999 Johan Danielsson - - * compile_et.c: use getargs - -Sat Mar 20 00:16:30 1999 Assar Westerlund - - * compile_et.c: static-ize - -Thu Mar 18 11:22:13 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Tue Mar 16 22:30:05 1999 Assar Westerlund - - * parse.y: use YYACCEPT instead of return - -Sat Mar 13 22:22:56 1999 Assar Westerlund - - * compile_et.c (generate_h): cast when calling is* to get rid of a - warning - -Thu Mar 11 15:00:51 1999 Johan Danielsson - - * parse.y: prototype for error_message - -Sun Nov 22 10:39:02 1998 Assar Westerlund - - * compile_et.h: include ctype and roken - - * compile_et.c: include err.h - (generate_h): remove unused variable - - * Makefile.in (WFLAGS): set - -Fri Nov 20 06:58:59 1998 Assar Westerlund - - * lex.l: undef ECHO to work around AIX lex bug - -Sun Sep 27 02:23:59 1998 Johan Danielsson - - * com_err.c (error_message): try to pass code to strerror, to see - if it might be an errno code (this if broken, but some MIT code - seems to expect this behaviour) - -Sat Sep 26 17:42:39 1998 Johan Danielsson - - * compile_et.c: -> "foo_err.h" - -Tue Jun 30 17:17:36 1998 Assar Westerlund - - * Makefile.in: add str{cpy,cat}_truncate - -Mon May 25 05:24:39 1998 Assar Westerlund - - * Makefile.in (clean): try to remove shared library debris - -Sun Apr 19 09:50:17 1998 Assar Westerlund - - * Makefile.in: add symlink magic for linux - -Sun Apr 5 09:22:11 1998 Assar Westerlund - - * parse.y: define alloca to malloc in case we're using bison but - don't have alloca - -Tue Mar 24 05:13:01 1998 Assar Westerlund - - * Makefile.in: link with snprintf (From Derrick J Brashear - ) - -Fri Feb 27 05:01:42 1998 Assar Westerlund - - * parse.y: initialize ec->next - -Thu Feb 26 02:22:25 1998 Assar Westerlund - - * Makefile.am: @LEXLIB@ - -Sat Feb 21 15:18:54 1998 assar westerlund - - * Makefile.in: set YACC and LEX - -Tue Feb 17 22:20:27 1998 Bjoern Groenvall - - * com_right.h: Change typedefs so that one may mix MIT compile_et - generated code with krb4 dito. - -Tue Feb 17 16:30:55 1998 Johan Danielsson - - * compile_et.c (generate): Always return a value. - - * parse.y: Files don't have to end with `end'. - -Mon Feb 16 16:09:20 1998 Johan Danielsson - - * lex.l (getstring): Replace getc() with input(). - - * Makefile.am: Fixes for new compile_et. diff --git a/crypto/kerberosIV/lib/com_err/Makefile.am b/crypto/kerberosIV/lib/com_err/Makefile.am deleted file mode 100644 index 2c7525b96d23..000000000000 --- a/crypto/kerberosIV/lib/com_err/Makefile.am +++ /dev/null @@ -1,24 +0,0 @@ -# $Id: Makefile.am,v 1.23 1999/04/09 18:26:55 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -YFLAGS = -d - -lib_LTLIBRARIES = libcom_err.la -libcom_err_la_LDFLAGS = -version-info 1:0:0 - -bin_PROGRAMS = compile_et - -include_HEADERS = com_err.h com_right.h - -compile_et_SOURCES = compile_et.c compile_et.h parse.y lex.l - -libcom_err_la_SOURCES = error.c com_err.c roken_rename.h - -CLEANFILES = lex.c parse.c parse.h - -$(compile_et_OBJECTS): parse.h - -compile_et_LDADD = \ - $(LIB_roken) \ - $(LEXLIB) diff --git a/crypto/kerberosIV/lib/com_err/Makefile.in b/crypto/kerberosIV/lib/com_err/Makefile.in deleted file mode 100644 index 883b5225b46e..000000000000 --- a/crypto/kerberosIV/lib/com_err/Makefile.in +++ /dev/null @@ -1,151 +0,0 @@ -# -# $Id: Makefile.in,v 1.30.2.1 2000/10/10 14:34:33 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -EXECSUFFIX=@EXECSUFFIX@ - -YACC = @YACC@ -LEX = @LEX@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -bindir = @bindir@ -includedir = @includedir@ - -PICFLAGS = @PICFLAGS@ - -LIB_DEPS = @lib_deps_yes@ -lc -build_symlink_command = @build_symlink_command@ -#install_symlink_command = @install_symlink_command@ -install_symlink_command = @true - -LIBNAME = $(LIBPREFIX)com_err -#LIBEXT = @LIBEXT@ Always build archive library! -LIBEXT = a -SHLIBEXT = @SHLIBEXT@ -LIBPREFIX = @LIBPREFIX@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) -lib_LIBRARIES = $(LIBNAME).$(LIBEXT) -bin_PROGRAMS = compile_et$(EXECSUFFIX) -include_HEADERS = com_right.h com_err.h - -SOURCES = error.c com_err.c compile_et.c -OBJECTS = error.o com_err.o $(LIBADD) -EXTRA_SOURCES = -LIBADD = - -all: $(lib_LIBRARIES) $(bin_PROGRAMS) $(include_HEADERS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I. -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(includedir) - @for i in $(include_HEADERS); do \ - f=`basename $$i`; \ - if test -f "$(srcdir)/$$f" ; then x="$(srcdir)/$$f"; \ - else x="$$f"; fi ;\ - echo "$(INSTALL_DATA) $$x $(DESTDIR)$(includedir)/$$f" ;\ - $(INSTALL_DATA) $$x $(DESTDIR)$(includedir)/$$f ; done - - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - @for i in $(lib_LIBRARIES); do \ - echo "$(INSTALL) -m 0555 $$i $(DESTDIR)$(libdir)/$$i" ;\ - $(INSTALL) -m 0555 $$i $(DESTDIR)$(libdir)/$$i ; done - @install_symlink_command@ - - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - @for i in $(bin_PROGRAMS); do \ - echo "$(INSTALL) -m 0555 $$i $(DESTDIR)$(bindir)/$$i" ;\ - $(INSTALL) -m 0555 $$i $(DESTDIR)$(bindir)/$$i ; done - -uninstall: - @for i in $(include_HEADERS); do \ - f=`basename $$i`; \ - echo "rm -f $(DESTDIR)$(includedir)/$$f" ;\ - rm -f $(DESTDIR)$(includedir)/$$f ; done - - @for i in $(lib_LIBRARIES); do \ - echo "rm -f $(DESTDIR)$(libdir)/$$i" ;\ - rm -f $(DESTDIR)$(libdir)/$$i ; done - - @for i in $(bin_PROGRAMS); do \ - echo "rm -f $(DESTDIR)$(bindir)/$$i" ;\ - rm -f $(DESTDIR)$(bindir)/$$i ; done - -TAGS: $(SOURCES) - etags $(SOURCES) - -clean: - rm -f $(LIB) *.o *.a *.so *.so.* so_locations \ - krb_err.c krb_err.h parse.h parse.c lex.c \ - $(lib_LIBRARIES) $(bin_PROGRAMS) $(EXTRA_SOURCES) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) $(LIB_DEPS) - @build_symlink_command@ - -COBJ = compile_et.o parse.o lex.o - -$(COBJ): parse.h - -compile_et$(EXECSUFFIX): $(COBJ) - $(LINK) $(CFLAGS) -o $@ $(COBJ) -L../roken -lroken - -parse.c: parse.h -parse.h: $(srcdir)/parse.y - $(YACC) -d $(srcdir)/parse.y - mv -f y.tab.h parse.h - mv -f y.tab.c parse.c - -lex.c: $(srcdir)/lex.l - $(LEX) $(srcdir)/lex.l - mv -f lex.yy.c lex.c - -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . - -strlcat.c: - $(LN_S) $(srcdir)/../roken/strlcat.c . - -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . - -.PHONY: all Wall install uninstall clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/com_err/com_err.c b/crypto/kerberosIV/lib/com_err/com_err.c deleted file mode 100644 index d945d1268438..000000000000 --- a/crypto/kerberosIV/lib/com_err/com_err.c +++ /dev/null @@ -1,151 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: com_err.c,v 1.14.2.1 2000/06/23 03:22:13 assar Exp $"); -#endif -#include -#include -#include -#include -#include "com_err.h" - -struct et_list *_et_list = NULL; - - -const char * -error_message (long code) -{ - static char msg[128]; - const char *p = com_right(_et_list, code); - if (p == NULL) - p = strerror(code); - if (p != NULL && *p != '\0') { - strncpy(msg, p, sizeof(msg) - 1); - msg[sizeof(msg) - 1] = 0; - } else - sprintf(msg, "Unknown error %ld", code); - return msg; -} - -int -init_error_table(const char **msgs, long base, int count) -{ - initialize_error_table_r(&_et_list, msgs, count, base); - return 0; -} - -static void -default_proc (const char *whoami, long code, const char *fmt, va_list args) -{ - if (whoami) - fprintf(stderr, "%s: ", whoami); - if (code) - fprintf(stderr, "%s ", error_message(code)); - if (fmt) - vfprintf(stderr, fmt, args); - fprintf(stderr, "\r\n"); /* ??? */ -} - -static errf com_err_hook = default_proc; - -void -com_err_va (const char *whoami, - long code, - const char *fmt, - va_list args) -{ - (*com_err_hook) (whoami, code, fmt, args); -} - -void -com_err (const char *whoami, - long code, - const char *fmt, - ...) -{ - va_list ap; - va_start(ap, fmt); - com_err_va (whoami, code, fmt, ap); - va_end(ap); -} - -errf -set_com_err_hook (errf new) -{ - errf old = com_err_hook; - - if (new) - com_err_hook = new; - else - com_err_hook = default_proc; - - return old; -} - -errf -reset_com_err_hook (void) -{ - return set_com_err_hook(NULL); -} - -#define ERRCODE_RANGE 8 /* # of bits to shift table number */ -#define BITS_PER_CHAR 6 /* # bits to shift per character in name */ - -static const char char_set[] = - "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_"; - -static char buf[6]; - -const char * -error_table_name(int num) -{ - int ch; - int i; - char *p; - - /* num = aa aaa abb bbb bcc ccc cdd ddd d?? ??? ??? */ - p = buf; - num >>= ERRCODE_RANGE; - /* num = ?? ??? ??? aaa aaa bbb bbb ccc ccc ddd ddd */ - num &= 077777777; - /* num = 00 000 000 aaa aaa bbb bbb ccc ccc ddd ddd */ - for (i = 4; i >= 0; i--) { - ch = (num >> BITS_PER_CHAR * i) & ((1 << BITS_PER_CHAR) - 1); - if (ch != 0) - *p++ = char_set[ch-1]; - } - *p = '\0'; - return(buf); -} diff --git a/crypto/kerberosIV/lib/com_err/com_err.h b/crypto/kerberosIV/lib/com_err/com_err.h deleted file mode 100644 index 06373de37a5f..000000000000 --- a/crypto/kerberosIV/lib/com_err/com_err.h +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: com_err.h,v 1.4.2.1 2000/06/23 03:23:05 assar Exp $ */ - -/* MIT compatible com_err library */ - -#ifndef __COM_ERR_H__ -#define __COM_ERR_H__ - -#include - -typedef void (*errf) __P((const char *, long, const char *, va_list)); - -const char * error_message __P((long)); -int init_error_table __P((const char**, long, int)); - -void com_err_va __P((const char *, long, const char *, va_list)); -void com_err __P((const char *, long, const char *, ...)); - -errf set_com_err_hook __P((errf)); -errf reset_com_err_hook __P((void)); - -const char *error_table_name __P((int num)); - -#endif /* __COM_ERR_H__ */ diff --git a/crypto/kerberosIV/lib/com_err/com_right.h b/crypto/kerberosIV/lib/com_err/com_right.h deleted file mode 100644 index e8c7488593e6..000000000000 --- a/crypto/kerberosIV/lib/com_err/com_right.h +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: com_right.h,v 1.9.2.1 2000/06/23 03:23:44 assar Exp $ */ - -#ifndef __COM_RIGHT_H__ -#define __COM_RIGHT_H__ - -#ifdef __STDC__ -#include -#endif - -#ifndef __P -#ifdef __STDC__ -#define __P(X) X -#else -#define __P(X) () -#endif -#endif - -struct error_table { - char const * const * msgs; - long base; - int n_msgs; -}; -struct et_list { - struct et_list *next; - struct error_table *table; -}; -extern struct et_list *_et_list; - -const char *com_right __P((struct et_list *list, long code)); -void initialize_error_table_r __P((struct et_list **, const char **, int, long);) -void free_error_table __P((struct et_list *)); - -#endif /* __COM_RIGHT_H__ */ diff --git a/crypto/kerberosIV/lib/com_err/compile_et.c b/crypto/kerberosIV/lib/com_err/compile_et.c deleted file mode 100644 index f982dcd5a5ff..000000000000 --- a/crypto/kerberosIV/lib/com_err/compile_et.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#undef ROKEN_RENAME -#include "compile_et.h" -#include - -RCSID("$Id: compile_et.c,v 1.13 1999/12/02 16:58:38 joda Exp $"); - -#include -#include -#include "parse.h" - -int numerror; -extern FILE *yyin; - -extern void yyparse(void); - -long base; -int number; -char *prefix; -char *id_str; - -char name[128]; -char Basename[128]; - -#ifdef YYDEBUG -extern int yydebug = 1; -#endif - -char *filename; -char hfn[128]; -char cfn[128]; - -struct error_code *codes = NULL; - -static int -generate_c(void) -{ - int n; - struct error_code *ec; - - FILE *c_file = fopen(cfn, "w"); - if(c_file == NULL) - return 1; - - fprintf(c_file, "/* Generated from %s */\n", filename); - if(id_str) - fprintf(c_file, "/* %s */\n", id_str); - fprintf(c_file, "\n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "#include \"%s\"\n", hfn); - fprintf(c_file, "\n"); - - fprintf(c_file, "static const char *text[] = {\n"); - - for(ec = codes, n = 0; ec; ec = ec->next, n++) { - while(n < ec->number) { - fprintf(c_file, "\t/* %03d */ \"Reserved %s error (%d)\",\n", - n, name, n); - n++; - - } - fprintf(c_file, "\t/* %03d */ \"%s\",\n", ec->number, ec->string); - } - - fprintf(c_file, "\tNULL\n"); - fprintf(c_file, "};\n"); - fprintf(c_file, "\n"); - fprintf(c_file, - "void initialize_%s_error_table_r(struct et_list **list)\n", - name); - fprintf(c_file, "{\n"); - fprintf(c_file, - " initialize_error_table_r(list, text, " - "%s_num_errors, ERROR_TABLE_BASE_%s);\n", name, name); - fprintf(c_file, "}\n"); - fprintf(c_file, "\n"); - fprintf(c_file, "void initialize_%s_error_table(void)\n", name); - fprintf(c_file, "{\n"); - fprintf(c_file, - " init_error_table(text, ERROR_TABLE_BASE_%s, " - "%s_num_errors);\n", name, name); - fprintf(c_file, "}\n"); - - fclose(c_file); - return 0; -} - -static int -generate_h(void) -{ - struct error_code *ec; - char fn[128]; - FILE *h_file = fopen(hfn, "w"); - char *p; - - if(h_file == NULL) - return 1; - - snprintf(fn, sizeof(fn), "__%s__", hfn); - for(p = fn; *p; p++) - if(!isalnum((unsigned char)*p)) - *p = '_'; - - fprintf(h_file, "/* Generated from %s */\n", filename); - if(id_str) - fprintf(h_file, "/* %s */\n", id_str); - fprintf(h_file, "\n"); - fprintf(h_file, "#ifndef %s\n", fn); - fprintf(h_file, "#define %s\n", fn); - fprintf(h_file, "\n"); - fprintf(h_file, "#include \n"); - fprintf(h_file, "\n"); - fprintf(h_file, - "void initialize_%s_error_table_r(struct et_list **);\n", - name); - fprintf(h_file, "\n"); - fprintf(h_file, "void initialize_%s_error_table(void);\n", name); - fprintf(h_file, "#define init_%s_err_tbl initialize_%s_error_table\n", - name, name); - fprintf(h_file, "\n"); - fprintf(h_file, "typedef enum %s_error_number{\n", name); - fprintf(h_file, "\tERROR_TABLE_BASE_%s = %ld,\n", name, base); - fprintf(h_file, "\t%s_err_base = %ld,\n", name, base); - - for(ec = codes; ec; ec = ec->next) { - fprintf(h_file, "\t%s = %ld,\n", ec->name, base + ec->number); - } - - fprintf(h_file, "\t%s_num_errors = %d\n", name, number); - fprintf(h_file, "} %s_error_number;\n", name); - fprintf(h_file, "\n"); - fprintf(h_file, "#endif /* %s */\n", fn); - - - fclose(h_file); - return 0; -} - -static int -generate(void) -{ - return generate_c() || generate_h(); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "error-table"); - exit(code); -} - -int -main(int argc, char **argv) -{ - char *p; - int optind = 0; - - set_progname(argv[0]); - if(getarg(args, num_args, argc, argv, &optind)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(optind == argc) - usage(1); - filename = argv[optind]; - yyin = fopen(filename, "r"); - if(yyin == NULL) - err(1, "%s", filename); - - - p = strrchr(filename, '/'); - if(p) - p++; - else - p = filename; - strncpy(Basename, p, sizeof(Basename)); - Basename[sizeof(Basename) - 1] = '\0'; - - Basename[strcspn(Basename, ".")] = '\0'; - - snprintf(hfn, sizeof(hfn), "%s.h", Basename); - snprintf(cfn, sizeof(cfn), "%s.c", Basename); - - yyparse(); - if(numerror) - return 1; - - return generate(); -} diff --git a/crypto/kerberosIV/lib/com_err/compile_et.h b/crypto/kerberosIV/lib/com_err/compile_et.h deleted file mode 100644 index e9c5e7bbc8ee..000000000000 --- a/crypto/kerberosIV/lib/com_err/compile_et.h +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: compile_et.h,v 1.4 1999/12/02 16:58:38 joda Exp $ */ - -#ifndef __COMPILE_ET_H__ -#define __COMPILE_ET_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include - -#include - -extern long base; -extern int number; -extern char *prefix; -extern char name[128]; -extern char *id_str; -extern char *filename; -extern int numerror; - -struct error_code { - unsigned number; - char *name; - char *string; - struct error_code *next, **tail; -}; - -extern struct error_code *codes; - -#define APPEND(L, V) \ -do { \ - if((L) == NULL) { \ - (L) = (V); \ - (L)->tail = &(V)->next; \ - (L)->next = NULL; \ - }else{ \ - *(L)->tail = (V); \ - (L)->tail = &(V)->next; \ - } \ -}while(0) - -#endif /* __COMPILE_ET_H__ */ diff --git a/crypto/kerberosIV/lib/com_err/error.c b/crypto/kerberosIV/lib/com_err/error.c deleted file mode 100644 index d1220076d3da..000000000000 --- a/crypto/kerberosIV/lib/com_err/error.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: error.c,v 1.14 1999/12/02 16:58:38 joda Exp $"); -#endif -#include -#include -#include -#include - -const char * -com_right(struct et_list *list, long code) -{ - struct et_list *p; - for (p = list; p; p = p->next) { - if (code >= p->table->base && code < p->table->base + p->table->n_msgs) - return p->table->msgs[code - p->table->base]; - } - return NULL; -} - -struct foobar { - struct et_list etl; - struct error_table et; -}; - -void -initialize_error_table_r(struct et_list **list, - const char **messages, - int num_errors, - long base) -{ - struct et_list *et; - struct foobar *f; - for (et = *list; et; et = et->next) - if (et->table->msgs == messages) - return; - f = malloc(sizeof(*f)); - if (f == NULL) - return; - et = &f->etl; - et->table = &f->et; - et->table->msgs = messages; - et->table->n_msgs = num_errors; - et->table->base = base; - et->next = *list; - *list = et; -} - - -void -free_error_table(struct et_list *et) -{ - while(et){ - struct et_list *p = et; - et = et->next; - free(p); - } -} diff --git a/crypto/kerberosIV/lib/com_err/lex.l b/crypto/kerberosIV/lib/com_err/lex.l deleted file mode 100644 index f5ee60ca8b40..000000000000 --- a/crypto/kerberosIV/lib/com_err/lex.l +++ /dev/null @@ -1,122 +0,0 @@ -%{ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * This is to handle the definition of this symbol in some AIX - * headers, which will conflict with the definition that lex will - * generate for it. It's only a problem for AIX lex. - */ - -#undef ECHO - -#include "compile_et.h" -#include "parse.h" - -RCSID("$Id: lex.l,v 1.5 1999/12/02 16:58:38 joda Exp $"); - -static unsigned lineno = 1; -void error_message(char *, ...); -int getstring(void); - -%} - - -%% -et { return ET; } -error_table { return ET; } -ec { return EC; } -error_code { return EC; } -prefix { return PREFIX; } -index { return INDEX; } -id { return ID; } -end { return END; } -[0-9]+ { yylval.number = atoi(yytext); return NUMBER; } -#[^\n]* ; -[ \t] ; -\n { lineno++; } -\" { return getstring(); } -[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; } -. { return *yytext; } -%% - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -int -getstring(void) -{ - char x[128]; - int i = 0; - int c; - int quote = 0; - while((c = input()) != EOF){ - if(quote) { - x[i++] = c; - quote = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - quote++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - yylval.string = strdup(x); - return STRING; -} - -void -error_message (char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d:", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; -} diff --git a/crypto/kerberosIV/lib/com_err/parse.y b/crypto/kerberosIV/lib/com_err/parse.y deleted file mode 100644 index addf772f8262..000000000000 --- a/crypto/kerberosIV/lib/com_err/parse.y +++ /dev/null @@ -1,166 +0,0 @@ -%{ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "compile_et.h" -RCSID("$Id: parse.y,v 1.10 1999/12/02 16:58:38 joda Exp $"); - -void yyerror (char *s); -long name2number(const char *str); -void error_message(char *, ...); - -extern char *yytext; - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - -%} - -%union { - char *string; - int number; -} - -%token ET INDEX PREFIX EC ID END -%token STRING -%token NUMBER - -%% - -file : /* */ - | header statements - ; - -header : id et - | et - ; - -id : ID STRING - { - id_str = $2; - } - ; - -et : ET STRING - { - base = name2number($2); - strncpy(name, $2, sizeof(name)); - name[sizeof(name) - 1] = '\0'; - free($2); - } - | ET STRING STRING - { - base = name2number($2); - strncpy(name, $3, sizeof(name)); - name[sizeof(name) - 1] = '\0'; - free($2); - free($3); - } - ; - -statements : statement - | statements statement - ; - -statement : INDEX NUMBER - { - number = $2; - } - | PREFIX STRING - { - prefix = realloc(prefix, strlen($2) + 2); - strcpy(prefix, $2); - strcat(prefix, "_"); - free($2); - } - | PREFIX - { - prefix = realloc(prefix, 1); - *prefix = '\0'; - } - | EC STRING ',' STRING - { - struct error_code *ec = malloc(sizeof(*ec)); - - ec->next = NULL; - ec->number = number; - if(prefix && *prefix != '\0') { - asprintf (&ec->name, "%s%s", prefix, $2); - free($2); - } else - ec->name = $2; - ec->string = $4; - APPEND(codes, ec); - number++; - } - | END - { - YYACCEPT; - } - ; - -%% - -long -name2number(const char *str) -{ - const char *p; - long base = 0; - const char *x = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz0123456789_"; - if(strlen(str) > 4) { - yyerror("table name too long"); - return 0; - } - for(p = str; *p; p++){ - char *q = strchr(x, *p); - if(q == NULL) { - yyerror("invalid character in table name"); - return 0; - } - base = (base << 6) + (q - x) + 1; - } - base <<= 8; - if(base > 0x7fffffff) - base = -(0xffffffff - base + 1); - return base; -} - -void -yyerror (char *s) -{ - error_message ("%s\n", s); -} diff --git a/crypto/kerberosIV/lib/com_err/roken_rename.h b/crypto/kerberosIV/lib/com_err/roken_rename.h deleted file mode 100644 index 173c9a7d5ae9..000000000000 --- a/crypto/kerberosIV/lib/com_err/roken_rename.h +++ /dev/null @@ -1,39 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:38 joda Exp $ */ - -#ifndef __roken_rename_h__ -#define __roken_rename_h__ - -#endif /* __roken_rename_h__ */ diff --git a/crypto/kerberosIV/lib/kadm/Makefile.in b/crypto/kerberosIV/lib/kadm/Makefile.in deleted file mode 100644 index 7f610c011def..000000000000 --- a/crypto/kerberosIV/lib/kadm/Makefile.in +++ /dev/null @@ -1,126 +0,0 @@ -# -# $Id: Makefile.in,v 1.47.4.1 2000/06/23 03:20:01 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -CP = cp -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -COMPILE_ET = ../com_err/compile_et - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -top_builddir = ../.. - -includedir = @includedir@ - -incdir = $(includedir) -inc_DATA = kadm_err.h -idir = $(top_builddir)/include - -PICFLAGS = @PICFLAGS@ - -@lib_deps_yes@LIB_DEPS = -L../krb -lkrb \ -@lib_deps_yes@ -L../des -ldes \ -@lib_deps_yes@ -lc -@lib_deps_no@LIB_DEPS = - -build_symlink_command = @build_symlink_command@ -install_symlink_command = @install_symlink_command@ - -LIBNAME = $(LIBPREFIX)kadm -LIBEXT = @LIBEXT@ -LIBPREFIX = @LIBPREFIX@ -EXECSUFFIX = @EXECSUFFIX@ -SHLIBEXT = @SHLIBEXT@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) - -SOURCES = kadm_cli_wrap.c kadm_err.c kadm_stream.c kadm_supp.c check_password.c - -OBJECTS = kadm_cli_wrap.o kadm_err.o kadm_stream.o kadm_supp.o check_password.o - -all: $(LIB) all-local - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I. -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) - @install_symlink_command@ - $(MKINSTALLDIRS) $(DESTDIR)$(includedir) - @for i in $(inc_DATA); do \ - echo " $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i";\ - $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i; done - -uninstall: - rm -f $(DESTDIR)$(libdir)/$(LIB) - @for i in $(inc_DATA); do \ - echo " rm -f $(DESTDIR)$(incdir)/$$i";\ - rm -f $(DESTDIR)$(incdir)/$$i; done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o *.a *.so *.so.* so_locations kadm_err.c kadm_err.h - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ roken_rename.h - -realclean: distclean - rm -f TAGS - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) $(LIB_DEPS) - @build_symlink_command@ - -kadm_err.c kadm_err.h: $(srcdir)/kadm_err.et - $(COMPILE_ET) $(srcdir)/kadm_err.et - -$(OBJECTS): ../../include/config.h roken_rename.h -$(OBJECTS): kadm_err.h kadm_locl.h - -roken_rename.h: - $(LN_S) $(srcdir)/../krb/roken_rename.h . - -all-local: $(inc_DATA) - @for i in $(inc_DATA); do \ - if cmp -s $$i $(idir)/$$i 2> /dev/null ; then :; else\ - echo " $(CP) $$i $(idir)/$$i"; \ - $(CP) $$i $(idir)/$$i; \ - fi ; \ - done - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean all-local diff --git a/crypto/kerberosIV/lib/kadm/check_password.c b/crypto/kerberosIV/lib/kadm/check_password.c deleted file mode 100644 index ba6ba4879a27..000000000000 --- a/crypto/kerberosIV/lib/kadm/check_password.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kadm_locl.h" -RCSID("$Id: check_password.c,v 1.3 1999/12/02 16:58:39 joda Exp $"); - -/* This is a client side password check. Should perhaps be merged with - kadmind version that lives in pw_check.c */ - -int -kadm_check_pw (const char *password) -{ - const char *t; - if (strlen(password) == 0) - return KADM_PASS_Q_NULL; - if (strlen(password) < MIN_KPW_LEN) - return KADM_PASS_Q_TOOSHORT; - - /* Don't allow all lower case passwords regardless of length */ - for (t = password; *t && islower((unsigned char)*t); t++) - ; - if (*t == '\0') - return KADM_PASS_Q_CLASS; - return 0; -} diff --git a/crypto/kerberosIV/lib/kadm/kadm.h b/crypto/kerberosIV/lib/kadm/kadm.h deleted file mode 100644 index fd3d75b34d6d..000000000000 --- a/crypto/kerberosIV/lib/kadm/kadm.h +++ /dev/null @@ -1,156 +0,0 @@ -/* - * $Id: kadm.h,v 1.17 1998/10/23 14:25:55 joda Exp $ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Definitions for Kerberos administration server & client - */ - -#ifndef KADM_DEFS -#define KADM_DEFS - -/* - * kadm.h - * Header file for the fourth attempt at an admin server - * Doug Church, December 28, 1989, MIT Project Athena - */ - -#include - -/* The global structures for the client and server */ -typedef struct { - struct sockaddr_in admin_addr; - struct sockaddr_in my_addr; - int my_addr_len; - int admin_fd; /* file descriptor for link to admin server */ - char sname[ANAME_SZ]; /* the service name */ - char sinst[INST_SZ]; /* the services instance */ - char krbrlm[REALM_SZ]; -} Kadm_Client; - -typedef struct { /* status of the server, i.e the parameters */ - int inter; /* Space for command line flags */ - char *sysfile; /* filename of server */ -} admin_params; /* Well... it's the admin's parameters */ - -/* Largest password length to be supported */ -#define MAX_KPW_LEN 128 -/* Minimum allowed password length */ -#define MIN_KPW_LEN 6 - -/* Largest packet the admin server will ever allow itself to return */ -#define KADM_RET_MAX 2048 - -/* That's right, versions are 8 byte strings */ -#define KADM_VERSTR "KADM0.0A" -#define KADM_ULOSE "KYOULOSE" /* sent back when server can't - decrypt client's msg */ -#define KADM_VERSIZE strlen(KADM_VERSTR) - -/* the lookups for the server instances */ -#define PWSERV_NAME "changepw" -#define KADM_SNAME "kerberos_master" -#define KADM_PORT 751 -#define KADM_SINST "kerberos" - -/* Attributes fields constants and macros */ -#define ALLOC 2 -#define RESERVED 3 -#define DEALLOC 4 -#define DEACTIVATED 5 -#define ACTIVE 6 - -/* Kadm_vals structure for passing db fields into the server routines */ -#define FLDSZ 4 - -/* XXX enable new extended kadm fields */ -#define EXTENDED_KADM 1 - -typedef struct { - u_int8_t fields[FLDSZ]; /* The active fields in this struct */ - char name[ANAME_SZ]; - char instance[INST_SZ]; - u_int32_t key_low; - u_int32_t key_high; - u_int32_t exp_date; - u_int16_t attributes; - u_int8_t max_life; -#ifdef EXTENDED_KADM - u_int32_t mod_date; - char mod_name[ANAME_SZ]; - char mod_instance[INST_SZ]; - u_int8_t key_version; -#endif -} Kadm_vals; /* The basic values structure in Kadm */ - -/* Need to define fields types here */ -#define KADM_NAME 31 -#define KADM_INST 30 -#define KADM_EXPDATE 29 -#define KADM_ATTR 28 -#define KADM_MAXLIFE 27 -#define KADM_DESKEY 26 - -#ifdef EXTENDED_KADM -#define KADM_MODDATE 25 -#define KADM_MODNAME 24 -#define KADM_MODINST 23 -#define KADM_KVNO 22 -#endif - -/* To set a field entry f in a fields structure d */ -#define SET_FIELD(f,d) (d[3-(f/8)]|=(1<<(f%8))) - -/* To set a field entry f in a fields structure d */ -#define CLEAR_FIELD(f,d) (d[3-(f/8)]&=(~(1<<(f%8)))) - -/* Is field f in fields structure d */ -#define IS_FIELD(f,d) (d[3-(f/8)]&(1<<(f%8))) - -/* Various return codes */ -#define KADM_SUCCESS 0 - -#define WILDCARD_STR "*" - -enum acl_types { -ADDACL, -GETACL, -MODACL, -STABACL, /* not used */ -DELACL -}; - -/* Various opcodes for the admin server's functions */ -#define CHANGE_PW 2 -#define ADD_ENT 3 -#define MOD_ENT 4 -#define GET_ENT 5 -#define CHECK_PW 6 /* not used */ -#define CHG_STAB 7 /* not used */ -#define DEL_ENT 8 - -void prin_vals __P((Kadm_vals *)); -int stv_long __P((u_char *, u_int32_t *, int, int)); -int vts_long __P((u_int32_t, u_char **, int)); -int vts_string __P((char *, u_char **, int)); -int stv_string __P((u_char *, char *, int, int, int)); - -int stream_to_vals __P((u_char *, Kadm_vals *, int)); -int vals_to_stream __P((Kadm_vals *, u_char **)); - -int kadm_init_link __P((char *, char *, char *)); -int kadm_change_pw __P((unsigned char *)); -int kadm_change_pw_plain __P((unsigned char *, char *, char**)); -int kadm_change_pw2 __P((unsigned char *, char *, char**)); -int kadm_mod __P((Kadm_vals *, Kadm_vals *)); -int kadm_get __P((Kadm_vals *, u_char *)); -int kadm_add __P((Kadm_vals *)); -int kadm_del __P((Kadm_vals *)); -void kadm_vals_to_prin __P((u_char *, Principal *, Kadm_vals *)); -void kadm_prin_to_vals __P((u_char *, Kadm_vals *, Principal *)); -int kadm_check_pw __P((const char*)); - -#endif /* KADM_DEFS */ diff --git a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c b/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c deleted file mode 100644 index 72084876fe75..000000000000 --- a/crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c +++ /dev/null @@ -1,632 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Kerberos administration server client-side routines - */ - -/* - * kadm_cli_wrap.c the client side wrapping of the calls to the admin server - */ - -#include "kadm_locl.h" - -/* RCSID("$Id: kadm_cli_wrap.c,v 1.27 1999/09/16 20:41:46 assar Exp $");*/ -RCSID("$FreeBSD$"); - -static Kadm_Client client_parm; - -/* Macros for use in returning data... used in kadm_cli_send */ -#define RET_N_FREE(r) {clear_secrets(); free(act_st); free(priv_pak); return r;} - -/* Keys for use in the transactions */ -static des_cblock sess_key; /* to be filled in by kadm_cli_keyd */ -static des_key_schedule sess_sched; - -static void -clear_secrets(void) -{ - memset(sess_key, 0, sizeof(sess_key)); - memset(sess_sched, 0, sizeof(sess_sched)); -} - -static RETSIGTYPE (*opipe)(); - -static void -kadm_cli_disconn(void) -{ - close(client_parm.admin_fd); - signal(SIGPIPE, opipe); -} - -/* - * kadm_init_link - * receives : name, inst, realm - * - * initializes client parm, the Kadm_Client structure which holds the - * data about the connection between the server and client, the services - * used, the locations and other fun things - */ - -int -kadm_init_link(char *n, char *i, char *r) -{ - struct hostent *hop; /* host we will talk to */ - char adm_hostname[MaxHostNameLen]; - - init_kadm_err_tbl(); - init_krb_err_tbl(); - strlcpy(client_parm.sname, n, ANAME_SZ); - strlcpy(client_parm.sinst, i, INST_SZ); - strlcpy(client_parm.krbrlm, r, REALM_SZ); - client_parm.admin_fd = -1; - - /* set up the admin_addr - fetch name of admin host */ - if (krb_get_admhst(adm_hostname, client_parm.krbrlm, 1) != KSUCCESS) - return KADM_NO_HOST; - if ((hop = gethostbyname(adm_hostname)) == NULL) - return KADM_UNK_HOST; - memset(&client_parm.admin_addr, 0, sizeof(client_parm.admin_addr)); - client_parm.admin_addr.sin_port = - k_getportbyname(KADM_SNAME, "tcp", htons(KADM_PORT)); - client_parm.admin_addr.sin_family = hop->h_addrtype; - memcpy(&client_parm.admin_addr.sin_addr, hop->h_addr, - sizeof(client_parm.admin_addr.sin_addr)); - - return KADM_SUCCESS; -} - -static int -kadm_cli_conn(void) -{ /* this connects and sets my_addr */ - client_parm.admin_fd = - socket(client_parm.admin_addr.sin_family, SOCK_STREAM, 0); - - if (client_parm.admin_fd < 0) - return KADM_NO_SOCK; /* couldn't create the socket */ - if (connect(client_parm.admin_fd, - (struct sockaddr *) & client_parm.admin_addr, - sizeof(client_parm.admin_addr))) { - close(client_parm.admin_fd); - client_parm.admin_fd = -1; - return KADM_NO_CONN; /* couldn't get the connect */ - } - opipe = signal(SIGPIPE, SIG_IGN); - client_parm.my_addr_len = sizeof(client_parm.my_addr); - if (getsockname(client_parm.admin_fd, - (struct sockaddr *) & client_parm.my_addr, - &client_parm.my_addr_len) < 0) { - close(client_parm.admin_fd); - client_parm.admin_fd = -1; - signal(SIGPIPE, opipe); - return KADM_NO_HERE; /* couldn't find out who we are */ - } -#if defined(SO_KEEPALIVE) && defined(HAVE_SETSOCKOPT) - { - int on = 1; - - if (setsockopt(client_parm.admin_fd, SOL_SOCKET, SO_KEEPALIVE, - (void *)&on, - sizeof(on)) < 0) { - close(client_parm.admin_fd); - client_parm.admin_fd = -1; - signal(SIGPIPE, opipe); - return KADM_NO_CONN; /* XXX */ - } - } -#endif - return KADM_SUCCESS; -} - -/* takes in the sess_key and key_schedule and sets them appropriately */ -static int -kadm_cli_keyd(des_cblock (*s_k), /* session key */ - des_key_schedule s_s) /* session key schedule */ -{ - CREDENTIALS cred; /* to get key data */ - int stat; - - /* want .sname and .sinst here.... */ - if ((stat = krb_get_cred(client_parm.sname, client_parm.sinst, - client_parm.krbrlm, &cred))) - return stat + krb_err_base; - memcpy(s_k, cred.session, sizeof(des_cblock)); - memset(cred.session, 0, sizeof(des_cblock)); -#ifdef NOENCRYPTION - memset(s_s, 0, sizeof(des_key_schedule)); -#else - if ((stat = des_key_sched(s_k,s_s))) - return stat+krb_err_base; -#endif - return KADM_SUCCESS; -} /* This code "works" */ - -static int -kadm_cli_out(u_char *dat, int dat_len, u_char **ret_dat, int *ret_siz) -{ - u_int16_t dlen; - int retval; - char tmp[4]; - - *ret_dat = NULL; - *ret_siz = 0; - dlen = (u_int16_t) dat_len; - - if (dat_len != (int)dlen) - return (KADM_NO_ROOM); - - tmp[0] = (dlen >> 8) & 0xff; - tmp[1] = dlen & 0xff; - if (krb_net_write(client_parm.admin_fd, tmp, 2) != 2) - return (errno); /* XXX */ - - if (krb_net_write(client_parm.admin_fd, dat, dat_len) < 0) - return (errno); /* XXX */ - - - if ((retval = krb_net_read(client_parm.admin_fd, tmp, 2)) != 2){ - if (retval < 0) - return(errno); /* XXX */ - else - return(EPIPE); /* short read ! */ - } - dlen = (tmp[0] << 8) | tmp[1]; - - *ret_dat = malloc(dlen); - if (*ret_dat == NULL) - return(KADM_NOMEM); - - if ((retval = krb_net_read(client_parm.admin_fd, *ret_dat, - dlen) != dlen)) { - free(*ret_dat); - *ret_dat = NULL; - if (retval < 0) - return(errno); /* XXX */ - else - return(EPIPE); /* short read ! */ - } - *ret_siz = (int) dlen; - return KADM_SUCCESS; -} - -/* - * kadm_cli_send - * recieves : opcode, packet, packet length, serv_name, serv_inst - * returns : return code from the packet build, the server, or - * something else - * - * It assembles a packet as follows: - * 8 bytes : VERSION STRING - * 4 bytes : LENGTH OF MESSAGE DATA and OPCODE - * : KTEXT - * : OPCODE \ - * : DATA > Encrypted (with make priv) - * : ...... / - * - * If it builds the packet and it is small enough, then it attempts to open the - * connection to the admin server. If the connection is succesfully open - * then it sends the data and waits for a reply. - */ -static int -kadm_cli_send(u_char *st_dat, /* the actual data */ - int st_siz, /* length of said data */ - u_char **ret_dat, /* to give return info */ - int *ret_siz) /* length of returned info */ -{ - int act_len, retdat; /* current offset into packet, return - * data */ - KTEXT_ST authent; /* the authenticator we will build */ - u_char *act_st; /* the pointer to the complete packet */ - u_char *priv_pak; /* private version of the packet */ - int priv_len; /* length of private packet */ - u_int32_t cksum; /* checksum of the packet */ - MSG_DAT mdat; - u_char *return_dat; - int tmp; - void *tmp_ptr; - - *ret_dat = NULL; - *ret_siz = 0; - - act_st = malloc(KADM_VERSIZE); /* verstr stored first */ - if (act_st == NULL) { - clear_secrets (); - return KADM_NOMEM; - } - memcpy(act_st, KADM_VERSTR, KADM_VERSIZE); - act_len = KADM_VERSIZE; - - if ((retdat = kadm_cli_keyd(&sess_key, sess_sched)) != KADM_SUCCESS) { - free(act_st); - clear_secrets(); - return retdat; /* couldnt get key working */ - } - priv_pak = malloc(st_siz + 200); - /* 200 bytes for extra info case */ - if (priv_pak == NULL) { - free(act_st); - clear_secrets (); - return KADM_NOMEM; - } - priv_len = krb_mk_priv(st_dat, priv_pak, st_siz, - sess_sched, &sess_key, &client_parm.my_addr, - &client_parm.admin_addr); - - if (priv_len < 0) - RET_N_FREE(KADM_NO_ENCRYPT); /* whoops... we got a lose - * here */ - /* here is the length of priv data. receiver calcs - size of authenticator by subtracting vno size, priv size, and - sizeof(u_int32_t) (for the size indication) from total size */ - - tmp = vts_long(priv_len, &act_st, act_len); - if (tmp < 0) - RET_N_FREE(KADM_NOMEM); - act_len += tmp; -#ifdef NOENCRYPTION - cksum = 0; -#else - cksum = des_quad_cksum((des_cblock *)priv_pak, - (des_cblock *)0, priv_len, 0, - &sess_key); -#endif - - retdat = krb_mk_req(&authent, client_parm.sname, client_parm.sinst, - client_parm.krbrlm, cksum); - - if (retdat) { - /* authenticator? */ - RET_N_FREE(retdat + krb_err_base); - } - - tmp_ptr = realloc(act_st, - act_len + authent.length + priv_len); - if (tmp_ptr == NULL) { - clear_secrets(); - free (priv_pak); - free (act_st); - return KADM_NOMEM; - } - act_st = tmp_ptr; - memcpy(act_st + act_len, authent.dat, authent.length); - memcpy(act_st + act_len + authent.length, priv_pak, priv_len); - free(priv_pak); - retdat = kadm_cli_out(act_st, - act_len + authent.length + priv_len, - ret_dat, ret_siz); - free(act_st); - if (retdat != KADM_SUCCESS) { - clear_secrets(); - return retdat; - } -#define RET_N_FREE2(r) {free(*ret_dat); *ret_dat = NULL; clear_secrets(); return(r);} - - /* first see if it's a YOULOUSE */ - if ((*ret_siz >= KADM_VERSIZE) && - !strncmp(KADM_ULOSE, (char *)*ret_dat, KADM_VERSIZE)) { - unsigned char *p; - /* it's a youlose packet */ - if (*ret_siz < KADM_VERSIZE + 4) - RET_N_FREE2(KADM_BAD_VER); - p = (*ret_dat)+KADM_VERSIZE; - retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - RET_N_FREE2(retdat); - } - /* need to decode the ret_dat */ - retdat = krb_rd_priv(*ret_dat, (u_int32_t)*ret_siz, sess_sched, - &sess_key, &client_parm.admin_addr, - &client_parm.my_addr, &mdat); - if (retdat) - RET_N_FREE2(retdat+krb_err_base); - if (mdat.app_length < KADM_VERSIZE + 4) - /* too short! */ - RET_N_FREE2(KADM_BAD_VER); - if (strncmp((char *)mdat.app_data, KADM_VERSTR, KADM_VERSIZE)) - /* bad version */ - RET_N_FREE2(KADM_BAD_VER); - { - unsigned char *p = mdat.app_data+KADM_VERSIZE; - retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - } - { - int s = mdat.app_length - KADM_VERSIZE - 4; - - if(s <= 0) - s=1; - return_dat = malloc(s); - if (return_dat == NULL) - RET_N_FREE2(KADM_NOMEM); - } - memcpy(return_dat, - (char *) mdat.app_data + KADM_VERSIZE + 4, - mdat.app_length - KADM_VERSIZE - 4); - free(*ret_dat); - clear_secrets(); - *ret_dat = return_dat; - *ret_siz = mdat.app_length - KADM_VERSIZE - 4; - return retdat; -} - - - -/* - * kadm_change_pw_plain - * - * see kadm_change_pw - * - */ -int kadm_change_pw_plain(unsigned char *newkey, char *password, char **pw_msg) -{ - int stsize, retc; /* stream size and return code */ - u_char *send_st; /* send stream */ - u_char *ret_st; - int ret_sz; - int status; - static char msg[128]; - - /* possible problem with vts_long on a non-multiple of four boundary */ - - stsize = 0; /* start of our output packet */ - send_st = malloc(9); - if (send_st == NULL) - return KADM_NOMEM; - send_st[stsize++] = (u_char) CHANGE_PW; - memcpy(send_st + stsize + 4, newkey, 4); /* yes, this is backwards */ - memcpy(send_st + stsize, newkey + 4, 4); - stsize += 8; - - /* change key to stream */ - - if(password && *password) { - int tmp = vts_string(password, &send_st, stsize); - - if (tmp < 0) { - free(send_st); - return KADM_NOMEM; - } - stsize += tmp; - } - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(send_st); - return(retc); - } - retc = kadm_cli_send(send_st, stsize, &ret_st, &ret_sz); - free(send_st); - - if(retc != KADM_SUCCESS){ - status = stv_string(ret_st, msg, 0, sizeof(msg), ret_sz); - if(status<0) - msg[0]=0; - *pw_msg=msg; - } - free(ret_st); - - kadm_cli_disconn(); - return(retc); -} - -/* - * This function is here for compatibility with CNS - */ - -int kadm_change_pw2(unsigned char *newkey, char *password, char **pw_msg) -{ - return kadm_change_pw_plain (newkey, password, pw_msg); -} - - -/* - * kadm_change_pw - * recieves : key - * - * Replaces the password (i.e. des key) of the caller with that specified in - * key. Returns no actual data from the master server, since this is called - * by a user - */ - -int kadm_change_pw(unsigned char *newkey) -{ - char *pw_msg; - return kadm_change_pw_plain(newkey, "", &pw_msg); -} - -/* - * kadm_add - * receives : vals - * returns : vals - * - * Adds and entry containing values to the database returns the values of the - * entry, so if you leave certain fields blank you will be able to determine - * the default values they are set to - */ -int -kadm_add(Kadm_vals *vals) -{ - u_char *st, *st2; /* st will hold the stream of values */ - int st_len; /* st2 the final stream with opcode */ - int retc; /* return code from call */ - u_char *ret_st; - int ret_sz; - - st_len = vals_to_stream(vals, &st); - st2 = malloc(1 + st_len); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = (u_char) ADD_ENT; /* here's the opcode */ - memcpy((char *) st2 + 1, st, st_len); /* append st on */ - free(st); - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz); - free(st2); - if (retc == KADM_SUCCESS) { - /* ret_st has vals */ - if (stream_to_vals(ret_st, vals, ret_sz) < 0) - retc = KADM_LENGTH_ERROR; - } - free(ret_st); - kadm_cli_disconn(); - return(retc); -} - -/* - * kadm_mod - * receives : KTEXT, {values, values} - * returns : CKSUM, RETCODE, {values} - * acl : su, sms (as register or dealloc) - * - * Modifies all entries corresponding to the first values so they match the - * second values. returns the values for the changed entries in vals2 - */ -int -kadm_mod(Kadm_vals *vals1, Kadm_vals *vals2) -{ - u_char *st, *st2; /* st will hold the stream of values */ - int st_len, nlen; /* st2 the final stream with opcode */ - u_char *ret_st; - int ret_sz; - void *tmp_ptr; - - /* nlen is the length of second vals */ - int retc; /* return code from call */ - - st_len = vals_to_stream(vals1, &st); - st2 = malloc(1 + st_len); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = (u_char) MOD_ENT; /* here's the opcode */ - memcpy((char *)st2 + 1, st, st_len++); /* append st on */ - free(st); - nlen = vals_to_stream(vals2, &st); - tmp_ptr = realloc(st2, st_len + nlen); - if (tmp_ptr == NULL) { - free(st); - free(st2); - return KADM_NOMEM; - } - st2 = tmp_ptr; - memcpy((char *) st2 + st_len, st, nlen); /* append st on */ - free(st); - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - - retc = kadm_cli_send(st2, st_len + nlen, &ret_st, &ret_sz); - free(st2); - if (retc == KADM_SUCCESS) { - /* ret_st has vals */ - if (stream_to_vals(ret_st, vals2, ret_sz) < 0) - retc = KADM_LENGTH_ERROR; - } - free(ret_st); - kadm_cli_disconn(); - return(retc); -} - - -int -kadm_del(Kadm_vals *vals) -{ - unsigned char *st, *st2; /* st will hold the stream of values */ - int st_len; /* st2 the final stream with opcode */ - int retc; /* return code from call */ - u_char *ret_st; - int ret_sz; - - st_len = vals_to_stream(vals, &st); - st2 = malloc(st_len + 1); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = DEL_ENT; /* here's the opcode */ - memcpy(st2 + 1, st, st_len); /* append st on */ - free (st); - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz); - free(st2); - free(ret_st); - kadm_cli_disconn(); - return(retc); -} - - -/* - * kadm_get - * receives : KTEXT, {values, flags} - * returns : CKSUM, RETCODE, {count, values, values, values} - * acl : su - * - * gets the fields requested by flags from all entries matching values returns - * this data for each matching recipient, after a count of how many such - * matches there were - */ -int -kadm_get(Kadm_vals *vals, u_char *fl) -{ - int loop; /* for copying the fields data */ - u_char *st, *st2; /* st will hold the stream of values */ - int st_len; /* st2 the final stream with opcode */ - int retc; /* return code from call */ - u_char *ret_st; - int ret_sz; - - st_len = vals_to_stream(vals, &st); - st2 = malloc(1 + st_len + FLDSZ); - if (st2 == NULL) { - free(st); - return KADM_NOMEM; - } - *st2 = (u_char) GET_ENT; /* here's the opcode */ - memcpy((char *)st2 + 1, st, st_len); /* append st on */ - free(st); - for (loop = FLDSZ - 1; loop >= 0; loop--) - *(st2 + st_len + FLDSZ - loop) = fl[loop]; /* append the flags */ - - if ((retc = kadm_cli_conn()) != KADM_SUCCESS) { - free(st2); - return(retc); - } - retc = kadm_cli_send(st2, st_len + 1 + FLDSZ, &ret_st, &ret_sz); - free(st2); - if (retc == KADM_SUCCESS) { - /* ret_st has vals */ - if (stream_to_vals(ret_st, vals, ret_sz) < 0) - retc = KADM_LENGTH_ERROR; - } - free(ret_st); - kadm_cli_disconn(); - return(retc); -} diff --git a/crypto/kerberosIV/lib/kadm/kadm_err.et b/crypto/kerberosIV/lib/kadm/kadm_err.et deleted file mode 100644 index 097e87c2ed6d..000000000000 --- a/crypto/kerberosIV/lib/kadm/kadm_err.et +++ /dev/null @@ -1,67 +0,0 @@ -# $Id: kadm_err.et,v 1.5 1998/01/16 23:11:27 joda Exp $ -# -# Copyright 1988 by the Massachusetts Institute of Technology. -# -# For copying and distribution information, please see the file -# . -# -# Kerberos administration server error table -# -# $FreeBSD$ -# - et kadm - -# KADM_SUCCESS, as all success codes should be, is zero - -ec KADM_RCSID, "$Id: kadm_err.et,v 1.5 1998/01/16 23:11:27 joda Exp $" -# /* Building and unbuilding the packet errors */ -ec KADM_NO_REALM, "Cannot fetch local realm" -ec KADM_NO_CRED, "Unable to fetch credentials" -ec KADM_BAD_KEY, "Bad key supplied" -ec KADM_NO_ENCRYPT, "Can't encrypt data" -ec KADM_NO_AUTH, "Cannot encode/decode authentication info" -ec KADM_WRONG_REALM, "Principal attemping change is in wrong realm" -ec KADM_NO_ROOM, "Packet is too large" -ec KADM_BAD_VER, "Version number is incorrect" -ec KADM_BAD_CHK, "Checksum does not match" -ec KADM_NO_READ, "Unsealing private data failed" -ec KADM_NO_OPCODE, "Unsupported operation" -ec KADM_NO_HOST, "Could not find administrating host" -ec KADM_UNK_HOST, "Administrating host name is unknown" -ec KADM_NO_SERV, "Could not find service name in services database" -ec KADM_NO_SOCK, "Could not create socket" -ec KADM_NO_CONN, "Could not connect to server" -ec KADM_NO_HERE, "Could not fetch local socket address" -ec KADM_NO_MAST, "Could not fetch master key" -ec KADM_NO_VERI, "Could not verify master key" - -# /* From the server side routines */ -ec KADM_INUSE, "Entry already exists in database" -ec KADM_UK_SERROR, "Database store error" -ec KADM_UK_RERROR, "Database read error" -ec KADM_UNAUTH, "Insufficient access to perform requested operation" -# KADM_DATA isn't really an error, but... -ec KADM_DATA, "Data is available for return to client" -ec KADM_NOENTRY, "No such entry in the database" - -ec KADM_NOMEM, "Memory exhausted" -ec KADM_NO_HOSTNAME, "Could not fetch system hostname" -ec KADM_NO_BIND, "Could not bind port" -ec KADM_LENGTH_ERROR, "Length mismatch problem" -ec KADM_ILL_WILDCARD, "Illegal use of wildcard" - -ec KADM_DB_INUSE, "Database is locked or in use--try again later" - -ec KADM_INSECURE_PW, "Insecure password rejected" -ec KADM_PW_MISMATCH, "Cleartext password and DES key did not match" - -ec KADM_NOT_SERV_PRINC, "Invalid principal for change srvtab request" -ec KADM_IMMUTABLE, "Attempt do delete immutable principal" -# password quality basically stolen from OV libkadm5 -index 64 -prefix KADM_PASS_Q -ec NULL, "Null passwords are not allowed" -ec TOOSHORT, "Password is too short" -ec CLASS, "Too few character classes in password" -ec DICT, "Password is in the password dictionary" -end diff --git a/crypto/kerberosIV/lib/kadm/kadm_locl.h b/crypto/kerberosIV/lib/kadm/kadm_locl.h deleted file mode 100644 index 53f6d9a3248f..000000000000 --- a/crypto/kerberosIV/lib/kadm/kadm_locl.h +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kadm_locl.h,v 1.12 1999/12/02 16:58:39 joda Exp $ */ -/* $FreeBSD$ */ - -#include "config.h" -#include "protos.h" - -#include -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#include - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include -#include -#include -#include -#include - -int vts_long __P((u_int32_t, u_char **, int)); -int vals_to_stream __P((Kadm_vals *, u_char **)); -int stream_to_vals __P((u_char *, Kadm_vals *, int)); - -int kadm_init_link __P((char n[], char i[], char r[])); -int kadm_change_pw __P((des_cblock)); -int kadm_add __P((Kadm_vals *)); -int kadm_mod __P((Kadm_vals *, Kadm_vals *)); -int kadm_get __P((Kadm_vals *, u_char fl[4])); - - diff --git a/crypto/kerberosIV/lib/kadm/kadm_stream.c b/crypto/kerberosIV/lib/kadm/kadm_stream.c deleted file mode 100644 index d890164d25ed..000000000000 --- a/crypto/kerberosIV/lib/kadm/kadm_stream.c +++ /dev/null @@ -1,353 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Stream conversion functions for Kerberos administration server - */ - -/* - kadm_stream.c - this holds the stream support routines for the kerberos administration server - - vals_to_stream: converts a vals struct to a stream for transmission - internals build_field_header, vts_[string, char, long, short] - stream_to_vals: converts a stream to a vals struct - internals check_field_header, stv_[string, char, long, short] - error: prints out a kadm error message, returns - fatal: prints out a kadm fatal error message, exits -*/ - -#include "kadm_locl.h" - -RCSID("$Id: kadm_stream.c,v 1.13 1998/10/22 15:38:01 joda Exp $"); - -static int -build_field_header(u_char *cont, /* container for fields data */ - u_char **st) /* stream */ -{ - *st = malloc (4); - if (*st == NULL) - return -1; - memcpy(*st, cont, 4); - return 4; /* return pointer to current stream location */ -} - -static int -check_field_header(u_char *st, /* stream */ - u_char *cont, /* container for fields data */ - int maxlen) -{ - if (4 > maxlen) - return(-1); - memcpy(cont, st, 4); - return 4; /* return pointer to current stream location */ -} - -int -vts_string(char *dat, /* a string to put on the stream */ - u_char **st, /* base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - void *tmp; - - tmp = realloc(*st, loc + strlen(dat) + 1); - if(tmp == NULL) - return -1; - memcpy((char *)tmp + loc, dat, strlen(dat)+1); - *st = tmp; - return strlen(dat)+1; -} - - -static int -vts_short(u_int16_t dat, /* the attributes field */ - u_char **st, /* a base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - unsigned char *p; - - p = realloc(*st, loc + 2); - if(p == NULL) - return -1; - p[loc] = (dat >> 8) & 0xff; - p[loc+1] = dat & 0xff; - *st = p; - return 2; -} - -static int -vts_char(u_char dat, /* the attributes field */ - u_char **st, /* a base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - unsigned char *p; - - p = realloc(*st, loc + 1); - - if(p == NULL) - return -1; - p[loc] = dat; - *st = p; - return 1; -} - -int -vts_long(u_int32_t dat, /* the attributes field */ - u_char **st, /* a base pointer to the stream */ - int loc) /* offset into the stream for current data */ -{ - unsigned char *p; - - p = realloc(*st, loc + 4); - if(p == NULL) - return -1; - p[loc] = (dat >> 24) & 0xff; - p[loc+1] = (dat >> 16) & 0xff; - p[loc+2] = (dat >> 8) & 0xff; - p[loc+3] = dat & 0xff; - *st = p; - return 4; -} - -int -stv_string(u_char *st, /* base pointer to the stream */ - char *dat, /* a string to read from the stream */ - int loc, /* offset into the stream for current data */ - int stlen, /* max length of string to copy in */ - int maxlen) /* max length of input stream */ -{ - int maxcount; /* max count of chars to copy */ - int len; - - maxcount = min(maxlen - loc, stlen); - - if(maxcount <= 0) - return -1; - - len = strnlen ((char *)st + loc, maxlen - loc); - - if (len >= stlen) - return -1; - - memcpy(dat, st + loc, len); - dat[len] = '\0'; - return len + 1; -} - -static int -stv_short(u_char *st, /* a base pointer to the stream */ - u_int16_t *dat, /* the attributes field */ - int loc, /* offset into the stream for current data */ - int maxlen) -{ - if (maxlen - loc < 2) - return -1; - - *dat = (st[loc] << 8) | st[loc + 1]; - return 2; -} - -int -stv_long(u_char *st, /* a base pointer to the stream */ - u_int32_t *dat, /* the attributes field */ - int loc, /* offset into the stream for current data */ - int maxlen) /* maximum length of st */ -{ - if (maxlen - loc < 4) - return -1; - - *dat = (st[loc] << 24) | (st[loc+1] << 16) | (st[loc+2] << 8) | st[loc+3]; - return 4; -} - -static int -stv_char(u_char *st, /* a base pointer to the stream */ - u_char *dat, /* the attributes field */ - int loc, /* offset into the stream for current data */ - int maxlen) -{ - if (maxlen - loc < 1) - return -1; - - *dat = st[loc]; - return 1; -} - -/* -vals_to_stream - recieves : kadm_vals *, u_char * - returns : a realloced and filled in u_char * - -this function creates a byte-stream representation of the kadm_vals structure -*/ -int -vals_to_stream(Kadm_vals *dt_in, u_char **dt_out) -{ - int vsloop, stsize; /* loop counter, stream size */ - - stsize = build_field_header(dt_in->fields, dt_out); - if (stsize < 0) - return stsize; - for (vsloop=31; vsloop>=0; vsloop--) - if (IS_FIELD(vsloop,dt_in->fields)) { - int tmp = 0; - - switch (vsloop) { - case KADM_NAME: - tmp = vts_string(dt_in->name, dt_out, stsize); - break; - case KADM_INST: - tmp = vts_string(dt_in->instance, dt_out, stsize); - break; - case KADM_EXPDATE: - tmp = vts_long(dt_in->exp_date, dt_out, stsize); - break; - case KADM_ATTR: - tmp = vts_short(dt_in->attributes, dt_out, stsize); - break; - case KADM_MAXLIFE: - tmp = vts_char(dt_in->max_life, dt_out, stsize); - break; - case KADM_DESKEY: - tmp = vts_long(dt_in->key_high, dt_out, stsize); - if(tmp > 0) - tmp += vts_long(dt_in->key_low, dt_out, stsize + tmp); - break; -#ifdef EXTENDED_KADM - case KADM_MODDATE: - tmp = vts_long(dt_in->mod_date, dt_out, stsize); - break; - case KADM_MODNAME: - tmp = vts_string(dt_in->mod_name, dt_out, stsize); - break; - case KADM_MODINST: - tmp = vts_string(dt_in->mod_instance, dt_out, stsize); - break; - case KADM_KVNO: - tmp = vts_char(dt_in->key_version, dt_out, stsize); - break; -#endif - default: - break; - } - if (tmp < 0) { - free(*dt_out); - return tmp; - } - stsize += tmp; - } - return(stsize); -} - -/* -stream_to_vals - recieves : u_char *, kadm_vals * - returns : a kadm_vals filled in according to u_char * - -this decodes a byte stream represntation of a vals struct into kadm_vals -*/ -int -stream_to_vals(u_char *dt_in, - Kadm_vals *dt_out, - int maxlen) /* max length to use */ -{ - int vsloop, stsize; /* loop counter, stream size */ - int status; - - memset(dt_out, 0, sizeof(*dt_out)); - - stsize = check_field_header(dt_in, dt_out->fields, maxlen); - if (stsize < 0) - return(-1); - for (vsloop=31; vsloop>=0; vsloop--) - if (IS_FIELD(vsloop,dt_out->fields)) - switch (vsloop) { - case KADM_NAME: - if ((status = stv_string(dt_in, dt_out->name, stsize, - sizeof(dt_out->name), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_INST: - if ((status = stv_string(dt_in, dt_out->instance, stsize, - sizeof(dt_out->instance), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_EXPDATE: - if ((status = stv_long(dt_in, &dt_out->exp_date, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_ATTR: - if ((status = stv_short(dt_in, &dt_out->attributes, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_MAXLIFE: - if ((status = stv_char(dt_in, &dt_out->max_life, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_DESKEY: - if ((status = stv_long(dt_in, &dt_out->key_high, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - if ((status = stv_long(dt_in, &dt_out->key_low, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; -#ifdef EXTENDED_KADM - case KADM_MODDATE: - if ((status = stv_long(dt_in, &dt_out->mod_date, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_MODNAME: - if ((status = stv_string(dt_in, dt_out->mod_name, stsize, - sizeof(dt_out->mod_name), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_MODINST: - if ((status = stv_string(dt_in, dt_out->mod_instance, stsize, - sizeof(dt_out->mod_instance), maxlen)) < 0) - return(-1); - stsize += status; - break; - case KADM_KVNO: - if ((status = stv_char(dt_in, &dt_out->key_version, stsize, - maxlen)) < 0) - return(-1); - stsize += status; - break; -#endif - default: - break; - } - return stsize; -} diff --git a/crypto/kerberosIV/lib/kadm/kadm_supp.c b/crypto/kerberosIV/lib/kadm/kadm_supp.c deleted file mode 100644 index 2a19cae193d0..000000000000 --- a/crypto/kerberosIV/lib/kadm/kadm_supp.c +++ /dev/null @@ -1,188 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Support functions for Kerberos administration server & clients - */ - -/* - kadm_supp.c - this holds the support routines for the kerberos administration server - - error: prints out a kadm error message, returns - fatal: prints out a kadm fatal error message, exits - prin_vals: prints out data associated with a Principal in the vals - structure -*/ - -#include "kadm_locl.h" - -RCSID("$Id: kadm_supp.c,v 1.14 1999/09/16 20:41:46 assar Exp $"); - -static void -time2str(char *buf, size_t len, time_t t) -{ - strftime(buf, len, "%Y-%m-%d %H:%M:%S", localtime(&t)); -} - -/* -prin_vals: - recieves : a vals structure -*/ -void -prin_vals(Kadm_vals *vals) -{ - char date[32]; - if(IS_FIELD(KADM_NAME, vals->fields) && IS_FIELD(KADM_INST, vals->fields)) - printf("%20s: %s\n", "Principal", - krb_unparse_name_long(vals->name, vals->instance, NULL)); - else { - printf("Dump of funny entry:\n"); - if(IS_FIELD(KADM_NAME, vals->fields)) - printf("%20s: %s\n", "Name", vals->name); - if(IS_FIELD(KADM_INST, vals->fields)) - printf("%20s: %s\n", "Instance", vals->instance); - } - if(IS_FIELD(KADM_MAXLIFE, vals->fields)) - printf("%20s: %d (%s)\n", "Max ticket life", - vals->max_life, - krb_life_to_atime(vals->max_life)); - if(IS_FIELD(KADM_EXPDATE, vals->fields)) { - time2str(date, sizeof(date), vals->exp_date); - printf("%20s: %s\n", "Expiration date", date); - } - if(IS_FIELD(KADM_ATTR, vals->fields)) - printf("%20s: %d\n", "Attributes", - vals->attributes); - if(IS_FIELD(KADM_DESKEY, vals->fields)) - printf("%20s: %#lx %#lx\n", "Key", - (unsigned long)vals->key_low, - (unsigned long)vals->key_high); - -#ifdef EXTENDED_KADM - if (IS_FIELD(KADM_MODDATE,vals->fields)) { - time2str(date, sizeof(date), vals->mod_date); - printf("%20s: %s\n", "Modification date", date); - } - if (IS_FIELD(KADM_MODNAME,vals->fields) && - IS_FIELD(KADM_MODINST,vals->fields)) - printf("%20s: %s\n", "Modifier", - krb_unparse_name_long(vals->mod_name, vals->mod_instance, NULL)); - if (IS_FIELD(KADM_KVNO,vals->fields)) - printf("%20s: %d\n", "Key version", vals->key_version); -#endif - -#if 0 - printf("Info in Database for %s.%s:\n", vals->name, vals->instance); - printf(" Max Life: %d (%s) Exp Date: %s\n", - vals->max_life, - krb_life_to_atime(vals->max_life), - asctime(k_localtime(&vals->exp_date))); - printf(" Attribs: %.2x key: %#lx %#lx\n", - vals->attributes, - (unsigned long)vals->key_low, - (unsigned long)vals->key_high); -#endif -} - -/* kadm_prin_to_vals takes a fields arguments, a Kadm_vals and a Principal, - it copies the fields in Principal specified by fields into Kadm_vals, - i.e from old to new */ - -void -kadm_prin_to_vals(u_char *fields, Kadm_vals *new, Principal *old) -{ - memset(new, 0, sizeof(*new)); - if (IS_FIELD(KADM_NAME,fields)) { - strlcpy(new->name, old->name, ANAME_SZ); - SET_FIELD(KADM_NAME, new->fields); - } - if (IS_FIELD(KADM_INST,fields)) { - strlcpy(new->instance, old->instance, INST_SZ); - SET_FIELD(KADM_INST, new->fields); - } - if (IS_FIELD(KADM_EXPDATE,fields)) { - new->exp_date = old->exp_date; - SET_FIELD(KADM_EXPDATE, new->fields); - } - if (IS_FIELD(KADM_ATTR,fields)) { - new->attributes = old->attributes; - SET_FIELD(KADM_ATTR, new->fields); - } - if (IS_FIELD(KADM_MAXLIFE,fields)) { - new->max_life = old->max_life; - SET_FIELD(KADM_MAXLIFE, new->fields); - } - if (IS_FIELD(KADM_DESKEY,fields)) { - new->key_low = old->key_low; - new->key_high = old->key_high; - SET_FIELD(KADM_DESKEY, new->fields); - } -#ifdef EXTENDED_KADM - if (IS_FIELD(KADM_MODDATE,fields)) { - new->mod_date = old->mod_date; - SET_FIELD(KADM_MODDATE, new->fields); - } - if (IS_FIELD(KADM_MODNAME,fields)) { - strlcpy(new->mod_name, old->mod_name, ANAME_SZ); - SET_FIELD(KADM_MODNAME, new->fields); - } - if (IS_FIELD(KADM_MODINST,fields)) { - strlcpy(new->mod_instance, old->mod_instance, ANAME_SZ); - SET_FIELD(KADM_MODINST, new->fields); - } - if (IS_FIELD(KADM_KVNO,fields)) { - new->key_version = old->key_version; - SET_FIELD(KADM_KVNO, new->fields); - } -#endif -} - -void -kadm_vals_to_prin(u_char *fields, Principal *new, Kadm_vals *old) -{ - - memset(new, 0, sizeof(*new)); - if (IS_FIELD(KADM_NAME,fields)) - strlcpy(new->name, old->name, ANAME_SZ); - if (IS_FIELD(KADM_INST,fields)) - strlcpy(new->instance, old->instance, INST_SZ); - if (IS_FIELD(KADM_EXPDATE,fields)) - new->exp_date = old->exp_date; - if (IS_FIELD(KADM_ATTR,fields)) - new->attributes = old->attributes; - if (IS_FIELD(KADM_MAXLIFE,fields)) - new->max_life = old->max_life; - if (IS_FIELD(KADM_DESKEY,fields)) { - new->key_low = old->key_low; - new->key_high = old->key_high; - } -#ifdef EXTENDED_KADM - if (IS_FIELD(KADM_MODDATE,fields)) - new->mod_date = old->mod_date; - if (IS_FIELD(KADM_MODNAME,fields)) - strlcpy(new->mod_name, old->mod_name, ANAME_SZ); - if (IS_FIELD(KADM_MODINST,fields)) - strlcpy(new->mod_instance, old->mod_instance, ANAME_SZ); - if (IS_FIELD(KADM_KVNO,fields)) - new->key_version = old->key_version; -#endif -} diff --git a/crypto/kerberosIV/lib/kafs/ChangeLog b/crypto/kerberosIV/lib/kafs/ChangeLog deleted file mode 100644 index 43e93f6576ba..000000000000 --- a/crypto/kerberosIV/lib/kafs/ChangeLog +++ /dev/null @@ -1,175 +0,0 @@ -2000-03-20 Assar Westerlund - - * afssysdefs.h: make versions later than 5.7 of solaris also use - 73 - -2000-03-13 Assar Westerlund - - * afssysdefs.h: add 230 for MacOS X per information from - - -1999-11-22 Assar Westerlund - - * afskrb5.c (afslog_uid_int): handle d->realm == NULL - -1999-11-17 Assar Westerlund - - * afskrb5.c (afslog_uid_int): don't look at the local realm at - all. just use the realm from the ticket file. - -1999-10-20 Assar Westerlund - - * Makefile.am: set version to 1:1:1 - - * afskrb5.c (get_cred): always request a DES key - -Mon Oct 18 17:40:21 1999 Bjoern Groenvall - - * common.c (find_cells): Trim trailing whitespace from - cellname. Lines starting with # are regarded as comments. - -Fri Oct 8 18:17:22 1999 Bjoern Groenvall - - * afskrb.c, common.c : Change code to make a clear distinction - between hinted realm and ticket realm. - - * kafs_locl.h: Added argument realm_hint. - - * common.c (_kafs_get_cred): Change code to acquire the ``best'' - possible ticket. Use cross-cell authentication only as method of - last resort. - - * afskrb.c (afslog_uid_int): Add realm_hint argument and extract - realm from ticket file. - - * afskrb5.c (afslog_uid_int): Added argument realm_hint. - -1999-10-03 Assar Westerlund - - * afskrb5.c (get_cred): update to new krb524_convert_creds_kdc - -1999-08-12 Johan Danielsson - - * Makefile.am: ignore the comlicated aix construct if !krb4 - -1999-07-26 Assar Westerlund - - * Makefile.am: set version to 1:0:1 - -1999-07-22 Assar Westerlund - - * afssysdefs.h: define AFS_SYSCALL to 73 for Solaris 2.7 - -1999-07-07 Assar Westerlund - - * afskrb5.c (krb5_realm_of_cell): new function - - * afskrb.c (krb_realm_of_cell): new function - (afslog_uid_int): call krb_get_lrealm correctly - -1999-06-15 Assar Westerlund - - * common.c (realm_of_cell): rename to _kafs_realm_of_cell and - un-staticize - -Fri Mar 19 14:52:29 1999 Johan Danielsson - - * Makefile.am: add version-info - -Thu Mar 18 11:24:02 1999 Johan Danielsson - - * Makefile.am: include Makefile.am.common - -Sat Feb 27 19:46:21 1999 Johan Danielsson - - * Makefile.am: remove EXTRA_DATA (as of autoconf 2.13/automake - 1.4) - -Thu Feb 11 22:57:37 1999 Johan Danielsson - - * Makefile.am: set AIX_SRC also if !AIX - -Tue Dec 1 14:45:15 1998 Johan Danielsson - - * Makefile.am: fix AIX linkage - -Sun Nov 22 10:40:44 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - -Sat Nov 21 16:55:19 1998 Johan Danielsson - - * afskrb5.c: add homedir support - -Sun Sep 6 20:16:27 1998 Assar Westerlund - - * add new functionality for specifying the homedir to krb_afslog - et al - -Thu Jul 16 01:27:19 1998 Assar Westerlund - - * afssys.c: reorganize order of definitions. - (try_one, try_two): conditionalize - -Thu Jul 9 18:31:52 1998 Johan Danielsson - - * common.c (realm_of_cell): make the dns fallback work - -Wed Jul 8 01:39:44 1998 Assar Westerlund - - * afssys.c (map_syscall_name_to_number): new function for finding - the number of a syscall given the name on solaris - (k_hasafs): try using map_syscall_name_to_number - -Tue Jun 30 17:19:00 1998 Assar Westerlund - - * afssys.c: rewrite and add support for environment variable - AFS_SYSCALL - - * Makefile.in (distclean): don't remove roken_rename.h - -Fri May 29 19:03:20 1998 Assar Westerlund - - * Makefile.in (roken_rename.h): remove dependency - -Mon May 25 05:25:54 1998 Assar Westerlund - - * Makefile.in (clean): try to remove shared library debris - -Sun Apr 19 09:58:40 1998 Assar Westerlund - - * Makefile.in: add symlink magic for linux - -Sat Apr 4 15:08:48 1998 Assar Westerlund - - * kafs.h: add arla paths - - * common.c (_kafs_afslog_all_local_cells): Try _PATH_ARLA_* - (_realm_of_cell): Try _PATH_ARLA_CELLSERVDB - -Thu Feb 19 14:50:22 1998 Johan Danielsson - - * common.c: Don't store expired tokens (this broke when using - pag-less rsh-sessions, and `non-standard' ticket files). - -Thu Feb 12 11:20:15 1998 Johan Danielsson - - * Makefile.in: Install/uninstall one library at a time. - -Thu Feb 12 05:38:58 1998 Assar Westerlund - - * Makefile.in (install): one library at a time. - -Mon Feb 9 23:40:32 1998 Assar Westerlund - - * common.c (find_cells): ignore empty lines - -Tue Jan 6 04:25:58 1998 Assar Westerlund - - * afssysdefs.h (AFS_SYSCALL): add FreeBSD - -Fri Jan 2 17:08:24 1998 Assar Westerlund - - * kafs.h: new VICEIOCTL's. From - - * afssysdefs.h: Add OpenBSD diff --git a/crypto/kerberosIV/lib/kafs/Makefile.am b/crypto/kerberosIV/lib/kafs/Makefile.am deleted file mode 100644 index 2333221958fa..000000000000 --- a/crypto/kerberosIV/lib/kafs/Makefile.am +++ /dev/null @@ -1,70 +0,0 @@ -# $Id: Makefile.am,v 1.17 1999/10/19 23:54:05 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -INCLUDES += $(INCLUDE_krb4) $(AFS_EXTRA_DEFS) - -if KRB4 -AFSLIBS = libkafs.la - -if AIX -AFSL_EXP = $(srcdir)/afsl.exp - -if AIX4 -AFS_EXTRA_LD = -bnoentry -else -AFS_EXTRA_LD = -e _nostart -endif - -if AIX_DYNAMIC_AFS -if HAVE_DLOPEN -AIX_SRC = -else -AIX_SRC = dlfcn.c -endif -AFS_EXTRA_LIBS = afslib.so -AFS_EXTRA_DEFS = -else -AIX_SRC = afslib.c -AFS_EXTRA_LIBS = -AFS_EXTRA_DEFS = -DSTATIC_AFS -endif - -else -AFSL_EXP = -AIX_SRC = -endif # AIX - -else -AFSLIBS = -endif # KRB4 - - -lib_LTLIBRARIES = $(AFSLIBS) -libkafs_la_LDFLAGS = -version-info 1:1:1 -foodir = $(libdir) -foo_DATA = $(AFS_EXTRA_LIBS) -# EXTRA_DATA = afslib.so - -CLEANFILES= $(AFS_EXTRA_LIBS) - -include_HEADERS = kafs.h - -if KRB5 -afskrb5_c = afskrb5.c -endif - -libkafs_la_SOURCES = afssys.c afskrb.c $(afskrb5_c) common.c $(AIX_SRC) kafs_locl.h afssysdefs.h -#afslib_so_SOURCES = afslib.c - -EXTRA_libkafs_la_SOURCES = afskrb5.c dlfcn.c afslib.c dlfcn.h - -EXTRA_DIST = README.dlfcn afsl.exp afslib.exp - - -# AIX: this almost works with gcc, but somehow it fails to use the -# correct ld, use ld instead -afslib.so: afslib.o - ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp $(AFS_EXTRA_LD) afslib.o -lc - -$(OBJECTS): ../../include/config.h diff --git a/crypto/kerberosIV/lib/kafs/Makefile.in b/crypto/kerberosIV/lib/kafs/Makefile.in deleted file mode 100644 index 1a60bf75c2b3..000000000000 --- a/crypto/kerberosIV/lib/kafs/Makefile.in +++ /dev/null @@ -1,121 +0,0 @@ -# -# $Id: Makefile.in,v 1.50.2.2 2000/12/07 16:44:12 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -DLIBDIR='"$(libdir)"' @AFS_EXTRA_DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -PICFLAGS = @PICFLAGS@ - -LIB_DEPS = @lib_deps_yes@ -lc -build_symlink_command = @build_symlink_command@ -install_symlink_command = @install_symlink_command@ - -LIBNAME = $(LIBPREFIX)kafs -LIBEXT = @LIBEXT@ -SHLIBEXT = @SHLIBEXT@ -LIBPREFIX = @LIBPREFIX@ -LDSHARED = @LDSHARED@ -AFS_EXTRA_OBJS = @AFS_EXTRA_OBJS@ -AFS_EXTRA_LIBS = @AFS_EXTRA_LIBS@ -LIB = $(LIBNAME).$(LIBEXT) $(AFS_EXTRA_LIBS) - -SOURCES = afssys.c afskrb.c common.c afslib.c - -EXTRA_SOURCE = issuid.c strlcpy.c strlcat.c - -EXTRA_OBJECT = issuid.o strlcpy.o strlcat.o - -OBJECTS = afssys.o afskrb.o common.o $(EXTRA_OBJECT) $(AFS_EXTRA_OBJS) - -all: $(LIB) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) -I. $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - @for i in $(LIB); do \ - echo "$(INSTALL) $$i $(DESTDIR)$(libdir)/$$i" ;\ - $(INSTALL) $$i $(DESTDIR)$(libdir)/$$i ; done - @install_symlink_command@ - -uninstall: - @for i in $(LIB); do \ - echo "rm -f $(DESTDIR)$(libdir)/$$i" ;\ - rm -f $(DESTDIR)$(libdir)/$$i ; done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o *.a *.so *.so.* so_locations $(EXTRA_SOURCE) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ roken_rename.h - -realclean: distclean - rm -f TAGS - -$(LIBNAME)_pic.a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) $(LIBNAME)_pic.a - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) $(LIB_DEPS) - @build_symlink_command@ - -# AIX: this almost works with gcc, but somehow it fails to use the -# correct ld, use ld instead -afslib.so: afslib.o - ld -o $@ -bM:SRE -bI:$(srcdir)/afsl.exp -bE:$(srcdir)/afslib.exp @AFS_EXTRA_LD@ afslib.o -lc - -$(OBJECTS): ../../include/config.h roken_rename.h - -roken_rename.h: - $(LN_S) $(srcdir)/../krb/roken_rename.h . - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean - -issuid.c: - $(LN_S) $(srcdir)/../roken/issuid.c . - -strlcat.c: - $(LN_S) $(srcdir)/../roken/strlcat.c . - -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . - diff --git a/crypto/kerberosIV/lib/kafs/README.dlfcn b/crypto/kerberosIV/lib/kafs/README.dlfcn deleted file mode 100644 index cee1b751939e..000000000000 --- a/crypto/kerberosIV/lib/kafs/README.dlfcn +++ /dev/null @@ -1,246 +0,0 @@ -Copyright (c) 1992,1993,1995,1996, Jens-Uwe Mager, Helios Software GmbH -Not derived from licensed software. - -Permission is granted to freely use, copy, modify, and redistribute -this software, provided that the author is not construed to be liable -for any results of using the software, alterations are clearly marked -as such, and this notice is not modified. - -libdl.a -------- - -This is an emulation library to emulate the SunOS/System V.4 functions -to access the runtime linker. The functions are emulated by using the -AIX load() function and by reading the .loader section of the loaded -module to find the exports. The to be loaded module should be linked as -follows (if using AIX 3): - - cc -o module.so -bM:SRE -bE:module.exp -e _nostart $(OBJS) - -For AIX 4: - - cc -o module.so -bM:SRE -bE:module.exp -bnoentry $(OBJS) - -If you want to reference symbols from the main part of the program in a -loaded module, you will have to link against the export file of the -main part: - - cc -o main -bE:main.exp $(MAIN_OBJS) - cc -o module.so -bM:SRE -bI:main.exp -bE:module.exp -bnoentry $(OBJS) - -Note that you explicitely have to specify what functions are supposed -to be accessible from your loaded modules, this is different from -SunOS/System V.4 where any global is automatically exported. If you -want to export all globals, the following script might be of help: - -#!/bin/sh -/usr/ucb/nm -g $* | awk '$2 == "B" || $2 == "D" { print $3 }' - -The module export file contains the symbols to be exported. Because -this library uses the loader section, the final module.so file can be -stripped. C++ users should build their shared objects using the script -makeC++SharedLib (part of the IBM C++ compiler), this will make sure -that constructors and destructors for static and global objects will be -called upon loading and unloading the module. GNU C++ users should use -the -shared option to g++ to link the shared object: - - g++ -o module.so -shared $(OBJS) - -If the shared object does have permissions for anybody, the shared -object will be loaded into the shared library segment and it will stay -there even if the main application terminates. If you rebuild your -shared object after a bugfix and you want to make sure that you really -get the newest version you will have to use the "slibclean" command -before starting the application again to garbage collect the shared -library segment. If the performance utilities (bosperf) are installed -you can use the following command to see what shared objects are -loaded: - -/usr/lpp/bosperf/genkld | sort | uniq - -For easier debugging you can avoid loading the shared object into the -shared library segment alltogether by removing permissions for others -from the module.so file: - -chmod o-rwx module.so - -This will ensure you get a fresh copy of the shared object for every -dlopen() call which is loaded into the application's data segment. - -Usage ------ - -void *dlopen(const char *path, int mode); - -This routine loads the module pointed to by path and reads its export -table. If the path does not contain a '/' character, dlopen will search -for the module using the LIBPATH environment variable. It returns an -opaque handle to the module or NULL on error. The mode parameter can be -either RTLD_LAZY (for lazy function binding) or RTLD_NOW for immediate -function binding. The AIX implementation currently does treat RTLD_NOW -the same as RTLD_LAZY. The flag RTLD_GLOBAL might be or'ed into the -mode parameter to allow loaded modules to bind to global variables or -functions in other loaded modules loaded by dlopen(). If RTLD_GLOBAL is -not specified, only globals from the main part of the executable or -shared libraries are used to look for undefined symbols in loaded -modules. - - -void *dlsym(void *handle, const char *symbol); - -This routine searches for the symbol in the module referred to by -handle and returns its address. If the symbol could not be found, the -function returns NULL. The return value must be casted to a proper -function pointer before it can be used. SunOS/System V.4 allows handle -to be a NULL pointer to refer to the module the call is made from, this -is not implemented. - -int dlclose(void *handle); - -This routine unloads the module referred to by the handle and disposes -of any local storage. this function returns -1 on failure. Any function -pointers obtained through dlsym() should be considered invalid after -closing a module. - -As AIX caches shared objects in the shared library segment, function -pointers obtained through dlsym() might still work even though the -module has been unloaded. This can introduce subtle bugs that will -segment fault later if AIX garbage collects or immediatly on -SunOS/System V.4 as the text segment is unmapped. - -char *dlerror(void); - -This routine can be used to retrieve a text message describing the most -recent error that occured on on of the above routines. This function -returns NULL if there is no error information. - -Initialization and termination handlers ---------------------------------------- - -The emulation provides for an initialization and a termination -handler. The dlfcn.h file contains a structure declaration named -dl_info with following members: - - void (*init)(void); - void (*fini)(void); - -The init function is called upon first referencing the library. The -fini function is called at dlclose() time or when the process exits. -The module should declare a variable named dl_info that contains this -structure which must be exported. These functions correspond to the -documented _init() and _fini() functions of SunOS 4.x, but these are -appearently not implemented in SunOS. When using SunOS 5.0, these -correspond to #pragma init and #pragma fini respectively. At the same -time any static or global C++ object's constructors or destructors will -be called. - -BUGS ----- - -Please note that there is currently a problem with implicitely loaded -shared C++ libaries: if you refer to a shared C++ library from a loaded -module that is not yet used by the main program, the dlopen() emulator -does not notice this and does not call the static constructors for the -implicitely loaded library. This can be easily demonstrated by -referencing the C++ standard streams from a loaded module if the main -program is a plain C program. - -Jens-Uwe Mager - -HELIOS Software GmbH -Lavesstr. 80 -30159 Hannover -Germany - -Phone: +49 511 36482-0 -FAX: +49 511 36482-69 -AppleLink: helios.de/jum -Internet: jum@helios.de - -Revison History ---------------- - -SCCS/s.dlfcn.h: - -D 1.4 95/04/25 09:36:52 jum 4 3 00018/00004/00028 -MRs: -COMMENTS: -added RTLD_GLOBAL, include and C++ guards - -D 1.3 92/12/27 20:58:32 jum 3 2 00001/00001/00031 -MRs: -COMMENTS: -we always have prototypes on RS/6000 - -D 1.2 92/08/16 17:45:11 jum 2 1 00009/00000/00023 -MRs: -COMMENTS: -added dl_info structure to implement initialize and terminate functions - -D 1.1 92/08/02 18:08:45 jum 1 0 00023/00000/00000 -MRs: -COMMENTS: -Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum - -SCCS/s.dlfcn.c: - -D 1.11 96/04/10 20:12:51 jum 13 12 00037/00000/00533 -MRs: -COMMENTS: -Integrated the changes from John W. Eaton to initialize -g++ generated shared objects. - -D 1.10 96/02/15 17:42:44 jum 12 10 00012/00007/00521 -MRs: -COMMENTS: -the C++ constructor and destructor chains are now called properly for either -xlC 2 or xlC 3 (CSet++). - -D 1.9 95/09/22 11:09:38 markus 10 9 00001/00008/00527 -MRs: -COMMENTS: -Fix version number - -D 1.8 95/09/22 10:14:34 markus 9 8 00008/00001/00527 -MRs: -COMMENTS: -Added version number for dl lib - -D 1.7 95/08/14 19:08:38 jum 8 6 00026/00004/00502 -MRs: -COMMENTS: -Integrated the fixes from Kirk Benell (kirk@rsinc.com) to allow loading of -shared objects generated under AIX 4. Fixed bug that symbols with exactly -8 characters would use garbage characters from the following symbol value. - -D 1.6 95/04/25 09:38:03 jum 6 5 00046/00006/00460 -MRs: -COMMENTS: -added handling of C++ static constructors and destructors, added RTLD_GLOBAL to bind against other loaded modules - -D 1.5 93/02/14 20:14:17 jum 5 4 00002/00000/00464 -MRs: -COMMENTS: -added path to dlopen error message to make clear where there error occured. - -D 1.4 93/01/03 19:13:56 jum 4 3 00061/00005/00403 -MRs: -COMMENTS: -to allow calling symbols in the main module call load with L_NOAUTODEFER and -do a loadbind later with the main module. - -D 1.3 92/12/27 20:59:55 jum 3 2 00066/00008/00342 -MRs: -COMMENTS: -added search by L_GETINFO if module got loaded by LIBPATH - -D 1.2 92/08/16 17:45:43 jum 2 1 00074/00006/00276 -MRs: -COMMENTS: -implemented initialize and terminate functions, added reference counting to avoid multiple loads of the same library - -D 1.1 92/08/02 18:08:45 jum 1 0 00282/00000/00000 -MRs: -COMMENTS: -Erstellungsdatum und -uhrzeit 92/08/02 18:08:45 von jum - diff --git a/crypto/kerberosIV/lib/kafs/afskrb.c b/crypto/kerberosIV/lib/kafs/afskrb.c deleted file mode 100644 index ccfecb75d5c3..000000000000 --- a/crypto/kerberosIV/lib/kafs/afskrb.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: afskrb.c,v 1.13.2.1 2000/06/23 03:26:53 assar Exp $"); - -struct krb_kafs_data { - const char *realm; -}; - -static int -get_cred(kafs_data *data, const char *name, const char *inst, - const char *realm, CREDENTIALS *c) -{ - KTEXT_ST tkt; - int ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, c); - - if (ret) { - ret = krb_mk_req(&tkt, (char*)name, (char*)inst, (char*)realm, 0); - if (ret == KSUCCESS) - ret = krb_get_cred((char*)name, (char*)inst, (char*)realm, c); - } - return ret; -} - -static int -afslog_uid_int(kafs_data *data, - const char *cell, - const char *realm_hint, - uid_t uid, - const char *homedir) -{ - int ret; - CREDENTIALS c; - char realm[REALM_SZ]; - - if (cell == 0 || cell[0] == 0) - return _kafs_afslog_all_local_cells (data, uid, homedir); - - /* Extract realm from ticket file. */ - ret = krb_get_tf_fullname(tkt_string(), NULL, NULL, realm); - if (ret != KSUCCESS) - return ret; - - ret = _kafs_get_cred(data, cell, realm_hint, realm, &c); - - if (ret == 0) - ret = kafs_settoken(cell, uid, &c); - return ret; -} - -static char * -get_realm(kafs_data *data, const char *host) -{ - char *r = krb_realmofhost(host); - if(r != NULL) - return strdup(r); - else - return NULL; -} - -int -krb_afslog_uid_home(const char *cell, const char *realm_hint, uid_t uid, - const char *homedir) -{ - kafs_data kd; - - kd.afslog_uid = afslog_uid_int; - kd.get_cred = get_cred; - kd.get_realm = get_realm; - kd.data = 0; - return afslog_uid_int(&kd, cell, realm_hint, uid, homedir); -} - -int -krb_afslog_uid(const char *cell, const char *realm_hint, uid_t uid) -{ - return krb_afslog_uid_home(cell, realm_hint, uid, NULL); -} - -int -krb_afslog(const char *cell, const char *realm_hint) -{ - return krb_afslog_uid(cell, realm_hint, getuid()); -} - -int -krb_afslog_home(const char *cell, const char *realm_hint, const char *homedir) -{ - return krb_afslog_uid_home(cell, realm_hint, getuid(), homedir); -} - -/* - * - */ - -int -krb_realm_of_cell(const char *cell, char **realm) -{ - kafs_data kd; - - kd.get_realm = get_realm; - return _kafs_realm_of_cell(&kd, cell, realm); -} diff --git a/crypto/kerberosIV/lib/kafs/afskrb5.c b/crypto/kerberosIV/lib/kafs/afskrb5.c deleted file mode 100644 index 4c35ea7382f2..000000000000 --- a/crypto/kerberosIV/lib/kafs/afskrb5.c +++ /dev/null @@ -1,179 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: afskrb5.c,v 1.13 1999/12/02 16:58:39 joda Exp $"); - -struct krb5_kafs_data { - krb5_context context; - krb5_ccache id; - krb5_const_realm realm; -}; - -static int -get_cred(kafs_data *data, const char *name, const char *inst, - const char *realm, CREDENTIALS *c) -{ - krb5_error_code ret; - krb5_creds in_creds, *out_creds; - struct krb5_kafs_data *d = data->data; - - memset(&in_creds, 0, sizeof(in_creds)); - ret = krb5_425_conv_principal(d->context, name, inst, realm, - &in_creds.server); - if(ret) - return ret; - ret = krb5_cc_get_principal(d->context, d->id, &in_creds.client); - if(ret){ - krb5_free_principal(d->context, in_creds.server); - return ret; - } - in_creds.session.keytype = KEYTYPE_DES; - ret = krb5_get_credentials(d->context, 0, d->id, &in_creds, &out_creds); - krb5_free_principal(d->context, in_creds.server); - krb5_free_principal(d->context, in_creds.client); - if(ret) - return ret; - ret = krb524_convert_creds_kdc(d->context, d->id, out_creds, c); - krb5_free_creds(d->context, out_creds); - return ret; -} - -static krb5_error_code -afslog_uid_int(kafs_data *data, const char *cell, const char *rh, uid_t uid, - const char *homedir) -{ - krb5_error_code ret; - CREDENTIALS c; - krb5_principal princ; - krb5_realm *trealm; /* ticket realm */ - struct krb5_kafs_data *d = data->data; - - if (cell == 0 || cell[0] == 0) - return _kafs_afslog_all_local_cells (data, uid, homedir); - - ret = krb5_cc_get_principal (d->context, d->id, &princ); - if (ret) - return ret; - - trealm = krb5_princ_realm (d->context, princ); - - if (d->realm != NULL && strcmp (d->realm, *trealm) == 0) { - trealm = NULL; - krb5_free_principal (d->context, princ); - } - - ret = _kafs_get_cred(data, cell, d->realm, *trealm, &c); - if(trealm) - krb5_free_principal (d->context, princ); - - if(ret == 0) - ret = kafs_settoken(cell, uid, &c); - return ret; -} - -static char * -get_realm(kafs_data *data, const char *host) -{ - struct krb5_kafs_data *d = data->data; - krb5_realm *realms; - char *r; - if(krb5_get_host_realm(d->context, host, &realms)) - return NULL; - r = strdup(realms[0]); - krb5_free_host_realm(d->context, realms); - return r; -} - -krb5_error_code -krb5_afslog_uid_home(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid, - const char *homedir) -{ - kafs_data kd; - struct krb5_kafs_data d; - kd.afslog_uid = afslog_uid_int; - kd.get_cred = get_cred; - kd.get_realm = get_realm; - kd.data = &d; - d.context = context; - d.id = id; - d.realm = realm; - return afslog_uid_int(&kd, cell, 0, uid, homedir); -} - -krb5_error_code -krb5_afslog_uid(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid) -{ - return krb5_afslog_uid_home (context, id, cell, realm, uid, NULL); -} - -krb5_error_code -krb5_afslog(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm) -{ - return krb5_afslog_uid (context, id, cell, realm, getuid()); -} - -krb5_error_code -krb5_afslog_home(krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - const char *homedir) -{ - return krb5_afslog_uid_home (context, id, cell, realm, getuid(), homedir); -} - -/* - * - */ - -krb5_error_code -krb5_realm_of_cell(const char *cell, char **realm) -{ - kafs_data kd; - - kd.get_realm = get_realm; - return _kafs_realm_of_cell(&kd, cell, realm); -} diff --git a/crypto/kerberosIV/lib/kafs/afsl.exp b/crypto/kerberosIV/lib/kafs/afsl.exp deleted file mode 100644 index 4d2b00e28337..000000000000 --- a/crypto/kerberosIV/lib/kafs/afsl.exp +++ /dev/null @@ -1,6 +0,0 @@ -#!/unix - -* This mumbo jumbo creates entry points to syscalls in _AIX - -lpioctl syscall -lsetpag syscall diff --git a/crypto/kerberosIV/lib/kafs/afslib.c b/crypto/kerberosIV/lib/kafs/afslib.c deleted file mode 100644 index ae3b5a5692d7..000000000000 --- a/crypto/kerberosIV/lib/kafs/afslib.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * This file is only used with AIX - */ - -#include "kafs_locl.h" - -RCSID("$Id: afslib.c,v 1.6 1999/12/02 16:58:40 joda Exp $"); - -int -aix_pioctl(char *a_path, - int o_opcode, - struct ViceIoctl *a_paramsP, - int a_followSymlinks) -{ - return lpioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); -} - -int -aix_setpag(void) -{ - return lsetpag(); -} diff --git a/crypto/kerberosIV/lib/kafs/afslib.exp b/crypto/kerberosIV/lib/kafs/afslib.exp deleted file mode 100644 index f288717706ea..000000000000 --- a/crypto/kerberosIV/lib/kafs/afslib.exp +++ /dev/null @@ -1,3 +0,0 @@ -#! -aix_pioctl -aix_setpag diff --git a/crypto/kerberosIV/lib/kafs/afssys.c b/crypto/kerberosIV/lib/kafs/afssys.c deleted file mode 100644 index a45f4457eb55..000000000000 --- a/crypto/kerberosIV/lib/kafs/afssys.c +++ /dev/null @@ -1,398 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: afssys.c,v 1.65.2.1 2000/06/23 03:27:23 assar Exp $"); - -int _kafs_debug; /* this should be done in a better way */ - -#define NO_ENTRY_POINT 0 -#define SINGLE_ENTRY_POINT 1 -#define MULTIPLE_ENTRY_POINT 2 -#define SINGLE_ENTRY_POINT2 3 -#define SINGLE_ENTRY_POINT3 4 -#define AIX_ENTRY_POINTS 5 -#define UNKNOWN_ENTRY_POINT 6 -static int afs_entry_point = UNKNOWN_ENTRY_POINT; -static int afs_syscalls[2]; - -/* Magic to get AIX syscalls to work */ -#ifdef _AIX - -static int (*Pioctl)(char*, int, struct ViceIoctl*, int); -static int (*Setpag)(void); - -#include "dlfcn.h" - -/* - * - */ - -static int -try_aix(void) -{ -#ifdef STATIC_AFS_SYSCALLS - Pioctl = aix_pioctl; - Setpag = aix_setpag; -#else - void *ptr; - char path[MaxPathLen], *p; - /* - * If we are root or running setuid don't trust AFSLIBPATH! - */ - if (getuid() != 0 && !issuid() && (p = getenv("AFSLIBPATH")) != NULL) - strlcpy(path, p, sizeof(path)); - else - snprintf(path, sizeof(path), "%s/afslib.so", LIBDIR); - - ptr = dlopen(path, RTLD_NOW); - if(ptr == NULL) { - if(_kafs_debug) { - if(errno == ENOEXEC && (p = dlerror()) != NULL) - fprintf(stderr, "dlopen(%s): %s\n", path, p); - else if (errno != ENOENT) - fprintf(stderr, "dlopen(%s): %s\n", path, strerror(errno)); - } - return 1; - } - Setpag = (int (*)(void))dlsym(ptr, "aix_setpag"); - Pioctl = (int (*)(char*, int, - struct ViceIoctl*, int))dlsym(ptr, "aix_pioctl"); -#endif - afs_entry_point = AIX_ENTRY_POINTS; - return 0; -} -#endif /* _AIX */ - -/* - * This probably only works under Solaris and could get confused if - * there's a /etc/name_to_sysnum file. - */ - -#define _PATH_ETC_NAME_TO_SYSNUM "/etc/name_to_sysnum" - -static int -map_syscall_name_to_number (const char *str, int *res) -{ - FILE *f; - char buf[256]; - size_t str_len = strlen (str); - - f = fopen (_PATH_ETC_NAME_TO_SYSNUM, "r"); - if (f == NULL) - return -1; - while (fgets (buf, sizeof(buf), f) != NULL) { - if (buf[0] == '#') - continue; - - if (strncmp (str, buf, str_len) == 0) { - char *begptr = buf + str_len; - char *endptr; - long val = strtol (begptr, &endptr, 0); - - if (val != 0 && endptr != begptr) { - fclose (f); - *res = val; - return 0; - } - } - } - fclose (f); - return -1; -} - -int -k_pioctl(char *a_path, - int o_opcode, - struct ViceIoctl *a_paramsP, - int a_followSymlinks) -{ -#ifndef NO_AFS - switch(afs_entry_point){ -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) - case SINGLE_ENTRY_POINT: - case SINGLE_ENTRY_POINT2: - case SINGLE_ENTRY_POINT3: - return syscall(afs_syscalls[0], AFSCALL_PIOCTL, - a_path, o_opcode, a_paramsP, a_followSymlinks); -#endif -#if defined(AFS_PIOCTL) - case MULTIPLE_ENTRY_POINT: - return syscall(afs_syscalls[0], - a_path, o_opcode, a_paramsP, a_followSymlinks); -#endif -#ifdef _AIX - case AIX_ENTRY_POINTS: - return Pioctl(a_path, o_opcode, a_paramsP, a_followSymlinks); -#endif - } - - errno = ENOSYS; -#ifdef SIGSYS - kill(getpid(), SIGSYS); /* You loose! */ -#endif -#endif /* NO_AFS */ - return -1; -} - -int -k_afs_cell_of_file(const char *path, char *cell, int len) -{ - struct ViceIoctl parms; - parms.in = NULL; - parms.in_size = 0; - parms.out = cell; - parms.out_size = len; - return k_pioctl((char*)path, VIOC_FILE_CELL_NAME, &parms, 1); -} - -int -k_unlog(void) -{ - struct ViceIoctl parms; - memset(&parms, 0, sizeof(parms)); - return k_pioctl(0, VIOCUNLOG, &parms, 0); -} - -int -k_setpag(void) -{ -#ifndef NO_AFS - switch(afs_entry_point){ -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) - case SINGLE_ENTRY_POINT: - case SINGLE_ENTRY_POINT2: - case SINGLE_ENTRY_POINT3: - return syscall(afs_syscalls[0], AFSCALL_SETPAG); -#endif -#if defined(AFS_PIOCTL) - case MULTIPLE_ENTRY_POINT: - return syscall(afs_syscalls[1]); -#endif -#ifdef _AIX - case AIX_ENTRY_POINTS: - return Setpag(); -#endif - } - - errno = ENOSYS; -#ifdef SIGSYS - kill(getpid(), SIGSYS); /* You loose! */ -#endif -#endif /* NO_AFS */ - return -1; -} - -static jmp_buf catch_SIGSYS; - -#ifdef SIGSYS - -static RETSIGTYPE -SIGSYS_handler(int sig) -{ - errno = 0; - signal(SIGSYS, SIGSYS_handler); /* Need to reinstall handler on SYSV */ - longjmp(catch_SIGSYS, 1); -} - -#endif - -/* - * Try to see if `syscall' is a pioctl. Return 0 iff succesful. - */ - -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) -static int -try_one (int syscall_num) -{ - struct ViceIoctl parms; - memset(&parms, 0, sizeof(parms)); - - if (setjmp(catch_SIGSYS) == 0) { - syscall(syscall_num, AFSCALL_PIOCTL, - 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); - if (errno == EINVAL) { - afs_entry_point = SINGLE_ENTRY_POINT; - afs_syscalls[0] = syscall_num; - return 0; - } - } - return 1; -} -#endif - -/* - * Try to see if `syscall_pioctl' is a pioctl syscall. Return 0 iff - * succesful. - * - */ - -#ifdef AFS_PIOCTL -static int -try_two (int syscall_pioctl, int syscall_setpag) -{ - struct ViceIoctl parms; - memset(&parms, 0, sizeof(parms)); - - if (setjmp(catch_SIGSYS) == 0) { - syscall(syscall_pioctl, - 0, VIOCSETTOK, &parms, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0); - if (errno == EINVAL) { - afs_entry_point = MULTIPLE_ENTRY_POINT; - afs_syscalls[0] = syscall_pioctl; - afs_syscalls[1] = syscall_setpag; - return 0; - } - } - return 1; -} -#endif - -int -k_hasafs(void) -{ -#if !defined(NO_AFS) && defined(SIGSYS) - RETSIGTYPE (*saved_func)(); -#endif - int saved_errno; - char *env = getenv ("AFS_SYSCALL"); - - /* - * Already checked presence of AFS syscalls? - */ - if (afs_entry_point != UNKNOWN_ENTRY_POINT) - return afs_entry_point != NO_ENTRY_POINT; - - /* - * Probe kernel for AFS specific syscalls, - * they (currently) come in two flavors. - * If the syscall is absent we recive a SIGSYS. - */ - afs_entry_point = NO_ENTRY_POINT; - - saved_errno = errno; -#ifndef NO_AFS -#ifdef SIGSYS - saved_func = signal(SIGSYS, SIGSYS_handler); -#endif - -#if defined(AFS_SYSCALL) || defined(AFS_SYSCALL2) || defined(AFS_SYSCALL3) - { - int tmp; - - if (env != NULL) { - if (sscanf (env, "%d", &tmp) == 1) { - if (try_one (tmp) == 0) - goto done; - } else { - char *end = NULL; - char *p; - char *s = strdup (env); - - if (s != NULL) { - for (p = strtok_r (s, ",", &end); - p != NULL; - p = strtok_r (NULL, ",", &end)) { - if (map_syscall_name_to_number (p, &tmp) == 0) - if (try_one (tmp) == 0) { - free (s); - goto done; - } - } - free (s); - } - } - } - } -#endif /* AFS_SYSCALL || AFS_SYSCALL2 || AFS_SYSCALL3 */ - -#ifdef AFS_SYSCALL - if (try_one (AFS_SYSCALL) == 0) - goto done; -#endif /* AFS_SYSCALL */ - -#ifdef AFS_PIOCTL - { - int tmp[2]; - - if (env != NULL && sscanf (env, "%d%d", &tmp[0], &tmp[1]) == 2) - if (try_two (tmp[0], tmp[1]) == 2) - goto done; - } -#endif /* AFS_PIOCTL */ - -#ifdef AFS_PIOCTL - if (try_two (AFS_PIOCTL, AFS_SETPAG) == 0) - goto done; -#endif /* AFS_PIOCTL */ - -#ifdef AFS_SYSCALL2 - if (try_one (AFS_SYSCALL2) == 0) - goto done; -#endif /* AFS_SYSCALL2 */ - -#ifdef AFS_SYSCALL3 - if (try_one (AFS_SYSCALL3) == 0) - goto done; -#endif /* AFS_SYSCALL3 */ - -#ifdef _AIX -#if 0 - if (env != NULL) { - char *pos = NULL; - char *pioctl_name; - char *setpag_name; - - pioctl_name = strtok_r (env, ", \t", &pos); - if (pioctl_name != NULL) { - setpag_name = strtok_r (NULL, ", \t", &pos); - if (setpag_name != NULL) - if (try_aix (pioctl_name, setpag_name) == 0) - goto done; - } - } -#endif - - if(try_aix() == 0) - goto done; -#endif - -done: -#ifdef SIGSYS - signal(SIGSYS, saved_func); -#endif -#endif /* NO_AFS */ - errno = saved_errno; - return afs_entry_point != NO_ENTRY_POINT; -} diff --git a/crypto/kerberosIV/lib/kafs/afssysdefs.h b/crypto/kerberosIV/lib/kafs/afssysdefs.h deleted file mode 100644 index 685e375816c1..000000000000 --- a/crypto/kerberosIV/lib/kafs/afssysdefs.h +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: afssysdefs.h,v 1.21.2.2 2000/03/26 20:10:11 assar Exp $ */ - -/* - * This section is for machines using single entry point AFS syscalls! - * and/or - * This section is for machines using multiple entry point AFS syscalls! - * - * SunOS 4 is an example of single entry point and sgi of multiple - * entry point syscalls. - */ - -#if SunOS == 40 -#define AFS_SYSCALL 31 -#endif - -#if SunOS >= 50 && SunOS < 57 -#define AFS_SYSCALL 105 -#endif - -#if SunOS >= 57 -#define AFS_SYSCALL 73 -#endif - -#if defined(__hpux) -#define AFS_SYSCALL 50 -#define AFS_SYSCALL2 49 -#define AFS_SYSCALL3 48 -#endif - -#if defined(_AIX) -/* _AIX is too weird */ -#endif - -#if defined(__sgi) -#define AFS_PIOCTL (64+1000) -#define AFS_SETPAG (65+1000) -#endif - -#if defined(__osf__) -#define AFS_SYSCALL 232 -#define AFS_SYSCALL2 258 -#endif - -#if defined(__ultrix) -#define AFS_SYSCALL 31 -#endif - -#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) -#define AFS_SYSCALL 210 -#endif - -#ifdef __APPLE__ /* MacOS X */ -#define AFS_SYSCALL 230 -#endif - -#ifdef SYS_afs_syscall -#define AFS_SYSCALL3 SYS_afs_syscall -#endif diff --git a/crypto/kerberosIV/lib/kafs/common.c b/crypto/kerberosIV/lib/kafs/common.c deleted file mode 100644 index 207b9b643de7..000000000000 --- a/crypto/kerberosIV/lib/kafs/common.c +++ /dev/null @@ -1,396 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kafs_locl.h" - -RCSID("$Id: common.c,v 1.19 1999/12/02 16:58:40 joda Exp $"); - -#define AUTH_SUPERUSER "afs" - -/* - * Here only ASCII characters are relevant. - */ - -#define IsAsciiLower(c) ('a' <= (c) && (c) <= 'z') - -#define ToAsciiUpper(c) ((c) - 'a' + 'A') - -static void -foldup(char *a, const char *b) -{ - for (; *b; a++, b++) - if (IsAsciiLower(*b)) - *a = ToAsciiUpper(*b); - else - *a = *b; - *a = '\0'; -} - -int -kafs_settoken(const char *cell, uid_t uid, CREDENTIALS *c) -{ - struct ViceIoctl parms; - struct ClearToken ct; - int32_t sizeof_x; - char buf[2048], *t; - int ret; - - /* - * Build a struct ClearToken - */ - ct.AuthHandle = c->kvno; - memcpy (ct.HandShakeKey, c->session, sizeof(c->session)); - ct.ViceId = uid; - ct.BeginTimestamp = c->issue_date; - ct.EndTimestamp = krb_life_to_time(c->issue_date, c->lifetime); - if(ct.EndTimestamp < time(NULL)) - return 0; /* don't store tokens that has expired (and possibly - overwriting valid tokens)*/ - -#define ODD(x) ((x) & 1) - /* According to Transarc conventions ViceId is valid iff - * (EndTimestamp - BeginTimestamp) is odd. By decrementing EndTime - * the transformations: - * - * (issue_date, life) -> (StartTime, EndTime) -> (issue_date, life) - * preserves the original values. - */ - if (uid != 0) /* valid ViceId */ - { - if (!ODD(ct.EndTimestamp - ct.BeginTimestamp)) - ct.EndTimestamp--; - } - else /* not valid ViceId */ - { - if (ODD(ct.EndTimestamp - ct.BeginTimestamp)) - ct.EndTimestamp--; - } - - t = buf; - /* - * length of secret token followed by secret token - */ - sizeof_x = c->ticket_st.length; - memcpy(t, &sizeof_x, sizeof(sizeof_x)); - t += sizeof(sizeof_x); - memcpy(t, c->ticket_st.dat, sizeof_x); - t += sizeof_x; - /* - * length of clear token followed by clear token - */ - sizeof_x = sizeof(ct); - memcpy(t, &sizeof_x, sizeof(sizeof_x)); - t += sizeof(sizeof_x); - memcpy(t, &ct, sizeof_x); - t += sizeof_x; - - /* - * do *not* mark as primary cell - */ - sizeof_x = 0; - memcpy(t, &sizeof_x, sizeof(sizeof_x)); - t += sizeof(sizeof_x); - /* - * follow with cell name - */ - sizeof_x = strlen(cell) + 1; - memcpy(t, cell, sizeof_x); - t += sizeof_x; - - /* - * Build argument block - */ - parms.in = buf; - parms.in_size = t - buf; - parms.out = 0; - parms.out_size = 0; - ret = k_pioctl(0, VIOCSETTOK, &parms, 0); - return ret; -} - -/* Try to get a db-server for an AFS cell from a AFSDB record */ - -static int -dns_find_cell(const char *cell, char *dbserver, size_t len) -{ - struct dns_reply *r; - int ok = -1; - r = dns_lookup(cell, "afsdb"); - if(r){ - struct resource_record *rr = r->head; - while(rr){ - if(rr->type == T_AFSDB && rr->u.afsdb->preference == 1){ - strlcpy(dbserver, - rr->u.afsdb->domain, - len); - ok = 0; - break; - } - rr = rr->next; - } - dns_free_data(r); - } - return ok; -} - - -/* - * Try to find the cells we should try to klog to in "file". - */ -static void -find_cells(char *file, char ***cells, int *index) -{ - FILE *f; - char cell[64]; - int i; - int ind = *index; - - f = fopen(file, "r"); - if (f == NULL) - return; - while (fgets(cell, sizeof(cell), f)) { - char *t; - t = cell + strlen(cell); - for (; t >= cell; t--) - if (*t == '\n' || *t == '\t' || *t == ' ') - *t = 0; - if (cell[0] == '\0' || cell[0] == '#') - continue; - for(i = 0; i < ind; i++) - if(strcmp((*cells)[i], cell) == 0) - break; - if(i == ind){ - char **tmp; - - tmp = realloc(*cells, (ind + 1) * sizeof(**cells)); - if (tmp == NULL) - break; - *cells = tmp; - (*cells)[ind] = strdup(cell); - if ((*cells)[ind] == NULL) - break; - ++ind; - } - } - fclose(f); - *index = ind; -} - -/* - * Get tokens for all cells[] - */ -static int -afslog_cells(kafs_data *data, char **cells, int max, uid_t uid, - const char *homedir) -{ - int ret = 0; - int i; - for (i = 0; i < max; i++) { - int er = (*data->afslog_uid)(data, cells[i], 0, uid, homedir); - if (er) - ret = er; - } - return ret; -} - -int -_kafs_afslog_all_local_cells(kafs_data *data, uid_t uid, const char *homedir) -{ - int ret; - char **cells = NULL; - int index = 0; - - if (homedir == NULL) - homedir = getenv("HOME"); - if (homedir != NULL) { - char home[MaxPathLen]; - snprintf(home, sizeof(home), "%s/.TheseCells", homedir); - find_cells(home, &cells, &index); - } - find_cells(_PATH_THESECELLS, &cells, &index); - find_cells(_PATH_THISCELL, &cells, &index); - find_cells(_PATH_ARLA_THESECELLS, &cells, &index); - find_cells(_PATH_ARLA_THISCELL, &cells, &index); - - ret = afslog_cells(data, cells, index, uid, homedir); - while(index > 0) - free(cells[--index]); - free(cells); - return ret; -} - - -/* Find the realm associated with cell. Do this by opening - /usr/vice/etc/CellServDB and getting the realm-of-host for the - first VL-server for the cell. - - This does not work when the VL-server is living in one realm, but - the cell it is serving is living in another realm. - - Return 0 on success, -1 otherwise. - */ - -int -_kafs_realm_of_cell(kafs_data *data, const char *cell, char **realm) -{ - FILE *F; - char buf[1024]; - char *p; - int ret = -1; - - if ((F = fopen(_PATH_CELLSERVDB, "r")) - || (F = fopen(_PATH_ARLA_CELLSERVDB, "r"))) { - while (fgets(buf, sizeof(buf), F)) { - if (buf[0] != '>') - continue; /* Not a cell name line, try next line */ - if (strncmp(buf + 1, cell, strlen(cell)) == 0) { - /* - * We found the cell name we're looking for. - * Read next line on the form ip-address '#' hostname - */ - if (fgets(buf, sizeof(buf), F) == NULL) - break; /* Read failed, give up */ - p = strchr(buf, '#'); - if (p == NULL) - break; /* No '#', give up */ - p++; - if (buf[strlen(buf) - 1] == '\n') - buf[strlen(buf) - 1] = '\0'; - *realm = (*data->get_realm)(data, p); - if (*realm && **realm != '\0') - ret = 0; - break; /* Won't try any more */ - } - } - fclose(F); - } - if (*realm == NULL && dns_find_cell(cell, buf, sizeof(buf)) == 0) { - *realm = strdup(krb_realmofhost(buf)); - if(*realm != NULL) - ret = 0; - } - return ret; -} - -int -_kafs_get_cred(kafs_data *data, - const char *cell, - const char *realm_hint, - const char *realm, - CREDENTIALS *c) -{ - int ret = -1; - char *vl_realm; - char CELL[64]; - - /* We're about to find the the realm that holds the key for afs in - * the specified cell. The problem is that null-instance - * afs-principals are common and that hitting the wrong realm might - * yield the wrong afs key. The following assumptions were made. - * - * Any realm passed to us is preferred. - * - * If there is a realm with the same name as the cell, it is most - * likely the correct realm to talk to. - * - * In most (maybe even all) cases the database servers of the cell - * will live in the realm we are looking for. - * - * Try the local realm, but if the previous cases fail, this is - * really a long shot. - * - */ - - /* comments on the ordering of these tests */ - - /* If the user passes a realm, she probably knows something we don't - * know and we should try afs@realm_hint (otherwise we're talking with a - * blondino and she might as well have it.) - */ - - if (realm_hint) { - ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, realm_hint, c); - if (ret == 0) return 0; - ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", realm_hint, c); - if (ret == 0) return 0; - } - - foldup(CELL, cell); - - /* - * If cell == realm we don't need no cross-cell authentication. - * Try afs@REALM. - */ - if (strcmp(CELL, realm) == 0) { - ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", realm, c); - if (ret == 0) return 0; - /* Try afs.cell@REALM below. */ - } - - /* - * If the AFS servers have a file /usr/afs/etc/krb.conf containing - * REALM we still don't have to resort to cross-cell authentication. - * Try afs.cell@REALM. - */ - ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, realm, c); - if (ret == 0) return 0; - - /* - * We failed to get ``first class tickets'' for afs, - * fall back to cross-cell authentication. - * Try afs@CELL. - * Try afs.cell@CELL. - */ - ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", CELL, c); - if (ret == 0) return 0; - ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, CELL, c); - if (ret == 0) return 0; - - /* - * Perhaps the cell doesn't correspond to any realm? - * Use realm of first volume location DB server. - * Try afs.cell@VL_REALM. - * Try afs@VL_REALM??? - */ - if (_kafs_realm_of_cell(data, cell, &vl_realm) == 0 - && strcmp(vl_realm, realm) != 0 - && strcmp(vl_realm, CELL) != 0) { - ret = (*data->get_cred)(data, AUTH_SUPERUSER, cell, vl_realm, c); - if (ret) - ret = (*data->get_cred)(data, AUTH_SUPERUSER, "", vl_realm, c); - free(vl_realm); - if (ret == 0) return 0; - } - - return ret; -} diff --git a/crypto/kerberosIV/lib/kafs/dlfcn.c b/crypto/kerberosIV/lib/kafs/dlfcn.c deleted file mode 100644 index 728cf5cdd768..000000000000 --- a/crypto/kerberosIV/lib/kafs/dlfcn.c +++ /dev/null @@ -1,581 +0,0 @@ -/* - * @(#)dlfcn.c 1.11 revision of 96/04/10 20:12:51 - * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH - * 30159 Hannover, Germany - */ - -/* - * Changes marked with `--jwe' were made on April 7 1996 by John W. Eaton - * to support g++ and/or use with Octave. - */ - -/* - * This makes my life easier with Octave. --jwe - */ -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include -#include -#include -#include "dlfcn.h" - -/* - * We simulate dlopen() et al. through a call to load. Because AIX has - * no call to find an exported symbol we read the loader section of the - * loaded module and build a list of exported symbols and their virtual - * address. - */ - -typedef struct { - char *name; /* the symbols's name */ - void *addr; /* its relocated virtual address */ -} Export, *ExportPtr; - -/* - * xlC uses the following structure to list its constructors and - * destructors. This is gleaned from the output of munch. - */ -typedef struct { - void (*init)(void); /* call static constructors */ - void (*term)(void); /* call static destructors */ -} Cdtor, *CdtorPtr; - -typedef void (*GccCDtorPtr)(void); - -/* - * The void * handle returned from dlopen is actually a ModulePtr. - */ -typedef struct Module { - struct Module *next; - char *name; /* module name for refcounting */ - int refCnt; /* the number of references */ - void *entry; /* entry point from load */ - struct dl_info *info; /* optional init/terminate functions */ - CdtorPtr cdtors; /* optional C++ constructors */ - GccCDtorPtr gcc_ctor; /* g++ constructors --jwe */ - GccCDtorPtr gcc_dtor; /* g++ destructors --jwe */ - int nExports; /* the number of exports found */ - ExportPtr exports; /* the array of exports */ -} Module, *ModulePtr; - -/* - * We keep a list of all loaded modules to be able to call the fini - * handlers and destructors at atexit() time. - */ -static ModulePtr modList; - -/* - * The last error from one of the dl* routines is kept in static - * variables here. Each error is returned only once to the caller. - */ -static char errbuf[BUFSIZ]; -static int errvalid; - -/* - * The `fixed' gcc header files on AIX 3.2.5 provide a prototype for - * strdup(). --jwe - */ -#ifndef HAVE_STRDUP -extern char *strdup(const char *); -#endif -static void caterr(char *); -static int readExports(ModulePtr); -static void terminate(void); -static void *findMain(void); - -void *dlopen(const char *path, int mode) -{ - ModulePtr mp; - static void *mainModule; - - /* - * Upon the first call register a terminate handler that will - * close all libraries. Also get a reference to the main module - * for use with loadbind. - */ - if (!mainModule) { - if ((mainModule = findMain()) == NULL) - return NULL; - atexit(terminate); - } - /* - * Scan the list of modules if we have the module already loaded. - */ - for (mp = modList; mp; mp = mp->next) - if (strcmp(mp->name, path) == 0) { - mp->refCnt++; - return mp; - } - if ((mp = (ModulePtr)calloc(1, sizeof(*mp))) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), "calloc: %s", strerror(errno)); - return NULL; - } - if ((mp->name = strdup(path)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), "strdup: %s", strerror(errno)); - free(mp); - return NULL; - } - /* - * load should be declared load(const char *...). Thus we - * cast the path to a normal char *. Ugly. - */ - if ((mp->entry = (void *)load((char *)path, L_NOAUTODEFER, NULL)) == NULL) { - free(mp->name); - free(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "dlopen: %s: ", path); - /* - * If AIX says the file is not executable, the error - * can be further described by querying the loader about - * the last error. - */ - if (errno == ENOEXEC) { - char *tmp[BUFSIZ/sizeof(char *)]; - if (loadquery(L_GETMESSAGES, tmp, sizeof(tmp)) == -1) - strlcpy(errbuf, - strerror(errno), - sizeof(errbuf)); - else { - char **p; - for (p = tmp; *p; p++) - caterr(*p); - } - } else - strlcat(errbuf, - strerror(errno), - sizeof(errbuf)); - return NULL; - } - mp->refCnt = 1; - mp->next = modList; - modList = mp; - if (loadbind(0, mainModule, mp->entry) == -1) { - dlclose(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "loadbind: %s", strerror(errno)); - return NULL; - } - /* - * If the user wants global binding, loadbind against all other - * loaded modules. - */ - if (mode & RTLD_GLOBAL) { - ModulePtr mp1; - for (mp1 = mp->next; mp1; mp1 = mp1->next) - if (loadbind(0, mp1->entry, mp->entry) == -1) { - dlclose(mp); - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "loadbind: %s", - strerror(errno)); - return NULL; - } - } - if (readExports(mp) == -1) { - dlclose(mp); - return NULL; - } - /* - * If there is a dl_info structure, call the init function. - */ - if (mp->info = (struct dl_info *)dlsym(mp, "dl_info")) { - if (mp->info->init) - (*mp->info->init)(); - } else - errvalid = 0; - /* - * If the shared object was compiled using xlC we will need - * to call static constructors (and later on dlclose destructors). - */ - if (mp->cdtors = (CdtorPtr)dlsym(mp, "__cdtors")) { - CdtorPtr cp = mp->cdtors; - while (cp->init || cp->term) { - if (cp->init && cp->init != (void (*)(void))0xffffffff) - (*cp->init)(); - cp++; - } - /* - * If the shared object was compiled using g++, we will need - * to call global constructors using the _GLOBAL__DI function, - * and later, global destructors using the _GLOBAL_DD - * funciton. --jwe - */ - } else if (mp->gcc_ctor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DI")) { - (*mp->gcc_ctor)(); - mp->gcc_dtor = (GccCDtorPtr)dlsym(mp, "_GLOBAL__DD"); - } else - errvalid = 0; - return mp; -} - -/* - * Attempt to decipher an AIX loader error message and append it - * to our static error message buffer. - */ -static void caterr(char *s) -{ - char *p = s; - - while (*p >= '0' && *p <= '9') - p++; - switch(atoi(s)) { - case L_ERROR_TOOMANY: - strlcat(errbuf, "to many errors", sizeof(errbuf)); - break; - case L_ERROR_NOLIB: - strlcat(errbuf, "can't load library", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_UNDEF: - strlcat(errbuf, "can't find symbol", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_RLDBAD: - strlcat(errbuf, "bad RLD", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_FORMAT: - strlcat(errbuf, "bad exec format in", sizeof(errbuf)); - strlcat(errbuf, p, sizeof(errbuf)); - break; - case L_ERROR_ERRNO: - strlcat(errbuf, strerror(atoi(++p)), sizeof(errbuf)); - break; - default: - strlcat(errbuf, s, sizeof(errbuf)); - break; - } -} - -void *dlsym(void *handle, const char *symbol) -{ - ModulePtr mp = (ModulePtr)handle; - ExportPtr ep; - int i; - - /* - * Could speed up the search, but I assume that one assigns - * the result to function pointers anyways. - */ - for (ep = mp->exports, i = mp->nExports; i; i--, ep++) - if (strcmp(ep->name, symbol) == 0) - return ep->addr; - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "dlsym: undefined symbol %s", symbol); - return NULL; -} - -char *dlerror(void) -{ - if (errvalid) { - errvalid = 0; - return errbuf; - } - return NULL; -} - -int dlclose(void *handle) -{ - ModulePtr mp = (ModulePtr)handle; - int result; - ModulePtr mp1; - - if (--mp->refCnt > 0) - return 0; - if (mp->info && mp->info->fini) - (*mp->info->fini)(); - if (mp->cdtors) { - CdtorPtr cp = mp->cdtors; - while (cp->init || cp->term) { - if (cp->term && cp->init != (void (*)(void))0xffffffff) - (*cp->term)(); - cp++; - } - /* - * If the function to handle global destructors for g++ - * exists, call it. --jwe - */ - } else if (mp->gcc_dtor) { - (*mp->gcc_dtor)(); - } - result = unload(mp->entry); - if (result == -1) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "%s", strerror(errno)); - } - if (mp->exports) { - ExportPtr ep; - int i; - for (ep = mp->exports, i = mp->nExports; i; i--, ep++) - if (ep->name) - free(ep->name); - free(mp->exports); - } - if (mp == modList) - modList = mp->next; - else { - for (mp1 = modList; mp1; mp1 = mp1->next) - if (mp1->next == mp) { - mp1->next = mp->next; - break; - } - } - free(mp->name); - free(mp); - return result; -} - -static void terminate(void) -{ - while (modList) - dlclose(modList); -} - -/* - * Build the export table from the XCOFF .loader section. - */ -static int readExports(ModulePtr mp) -{ - LDFILE *ldp = NULL; - SCNHDR sh, shdata; - LDHDR *lhp; - char *ldbuf; - LDSYM *ls; - int i; - ExportPtr ep; - - if ((ldp = ldopen(mp->name, ldp)) == NULL) { - struct ld_info *lp; - char *buf; - int size = 4*1024; - if (errno != ENOENT) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - /* - * The module might be loaded due to the LIBPATH - * environment variable. Search for the loaded - * module using L_GETINFO. - */ - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { - free(buf); - size += 4*1024; - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - return -1; - } - } - if (i == -1) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: %s", - strerror(errno)); - free(buf); - return -1; - } - /* - * Traverse the list of loaded modules. The entry point - * returned by load() does actually point to the data - * segment origin. - */ - lp = (struct ld_info *)buf; - while (lp) { - if (lp->ldinfo_dataorg == mp->entry) { - ldp = ldopen(lp->ldinfo_filename, ldp); - break; - } - if (lp->ldinfo_next == 0) - lp = NULL; - else - lp = (struct ld_info *)((char *)lp + lp->ldinfo_next); - } - free(buf); - if (!ldp) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - return -1; - } - } - if (TYPE(ldp) != U802TOCMAGIC) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), "readExports: bad magic"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * Get the padding for the data section. This is needed for - * AIX 4.1 compilers. This is used when building the final - * function pointer to the exported symbol. - */ - if (ldnshread(ldp, _DATA, &shdata) != SUCCESS) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read data section header"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (ldnshread(ldp, _LOADER, &sh) != SUCCESS) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read loader section header"); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * We read the complete loader section in one chunk, this makes - * finding long symbol names residing in the string table easier. - */ - if ((ldbuf = (char *)malloc(sh.s_size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (FSEEK(ldp, sh.s_scnptr, BEGINNING) != OKFSEEK) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot seek to loader section"); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - if (FREAD(ldbuf, sh.s_size, 1, ldp) != 1) { - errvalid++; - snprintf(errbuf, sizeof(errbuf), - "readExports: cannot read loader section"); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - lhp = (LDHDR *)ldbuf; - ls = (LDSYM *)(ldbuf+LDHDRSZ); - /* - * Count the number of exports to include in our export table. - */ - for (i = lhp->l_nsyms; i; i--, ls++) { - if (!LDR_EXPORT(*ls)) - continue; - mp->nExports++; - } - if ((mp->exports = (ExportPtr)calloc(mp->nExports, sizeof(*mp->exports))) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "readExports: %s", strerror(errno)); - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return -1; - } - /* - * Fill in the export table. All entries are relative to - * the entry point we got from load. - */ - ep = mp->exports; - ls = (LDSYM *)(ldbuf+LDHDRSZ); - for (i = lhp->l_nsyms; i; i--, ls++) { - char *symname; - char tmpsym[SYMNMLEN+1]; - if (!LDR_EXPORT(*ls)) - continue; - if (ls->l_zeroes == 0) - symname = ls->l_offset+lhp->l_stoff+ldbuf; - else { - /* - * The l_name member is not zero terminated, we - * must copy the first SYMNMLEN chars and make - * sure we have a zero byte at the end. - */ - strlcpy (tmpsym, ls->l_name, - SYMNMLEN + 1); - symname = tmpsym; - } - ep->name = strdup(symname); - ep->addr = (void *)((unsigned long)mp->entry + - ls->l_value - shdata.s_vaddr); - ep++; - } - free(ldbuf); - while(ldclose(ldp) == FAILURE) - ; - return 0; -} - -/* - * Find the main modules entry point. This is used as export pointer - * for loadbind() to be able to resolve references to the main part. - */ -static void * findMain(void) -{ - struct ld_info *lp; - char *buf; - int size = 4*1024; - int i; - void *ret; - - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - return NULL; - } - while ((i = loadquery(L_GETINFO, buf, size)) == -1 && errno == ENOMEM) { - free(buf); - size += 4*1024; - if ((buf = malloc(size)) == NULL) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - return NULL; - } - } - if (i == -1) { - errvalid++; - snprintf (errbuf, sizeof(errbuf), - "findMail: %s", strerror(errno)); - free(buf); - return NULL; - } - /* - * The first entry is the main module. The entry point - * returned by load() does actually point to the data - * segment origin. - */ - lp = (struct ld_info *)buf; - ret = lp->ldinfo_dataorg; - free(buf); - return ret; -} diff --git a/crypto/kerberosIV/lib/kafs/dlfcn.h b/crypto/kerberosIV/lib/kafs/dlfcn.h deleted file mode 100644 index 5671e9caa3a7..000000000000 --- a/crypto/kerberosIV/lib/kafs/dlfcn.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * @(#)dlfcn.h 1.4 revision of 95/04/25 09:36:52 - * This is an unpublished work copyright (c) 1992 HELIOS Software GmbH - * 30159 Hannover, Germany - */ - -#ifndef __dlfcn_h__ -#define __dlfcn_h__ - -#ifdef __cplusplus -extern "C" { -#endif - -/* - * Mode flags for the dlopen routine. - */ -#define RTLD_LAZY 1 /* lazy function call binding */ -#define RTLD_NOW 2 /* immediate function call binding */ -#define RTLD_GLOBAL 0x100 /* allow symbols to be global */ - -/* - * To be able to intialize, a library may provide a dl_info structure - * that contains functions to be called to initialize and terminate. - */ -struct dl_info { - void (*init)(void); - void (*fini)(void); -}; - -#if __STDC__ || defined(_IBMR2) -void *dlopen(const char *path, int mode); -void *dlsym(void *handle, const char *symbol); -char *dlerror(void); -int dlclose(void *handle); -#else -void *dlopen(); -void *dlsym(); -char *dlerror(); -int dlclose(); -#endif - -#ifdef __cplusplus -} -#endif - -#endif /* __dlfcn_h__ */ diff --git a/crypto/kerberosIV/lib/kafs/kafs.h b/crypto/kerberosIV/lib/kafs/kafs.h deleted file mode 100644 index cb4b0003d792..000000000000 --- a/crypto/kerberosIV/lib/kafs/kafs.h +++ /dev/null @@ -1,192 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kafs.h,v 1.32 1999/12/02 16:58:40 joda Exp $ */ -/* $FreeBSD$ */ - -#ifndef __KAFS_H -#define __KAFS_H - -/* XXX must include krb5.h or krb.h */ - -/* sys/ioctl.h must be included manually before kafs.h */ - -/* - */ -#define AFSCALL_PIOCTL 20 -#define AFSCALL_SETPAG 21 - -#ifndef _VICEIOCTL -#define _VICEIOCTL(id) ((unsigned int ) _IOW('V', id, struct ViceIoctl)) -#endif /* _VICEIOCTL */ - -#define VIOCSETAL _VICEIOCTL(1) -#define VIOCGETAL _VICEIOCTL(2) -#define VIOCSETTOK _VICEIOCTL(3) -#define VIOCGETVOLSTAT _VICEIOCTL(4) -#define VIOCSETVOLSTAT _VICEIOCTL(5) -#define VIOCFLUSH _VICEIOCTL(6) -#define VIOCGETTOK _VICEIOCTL(8) -#define VIOCUNLOG _VICEIOCTL(9) -#define VIOCCKSERV _VICEIOCTL(10) -#define VIOCCKBACK _VICEIOCTL(11) -#define VIOCCKCONN _VICEIOCTL(12) -#define VIOCWHEREIS _VICEIOCTL(14) -#define VIOCACCESS _VICEIOCTL(20) -#define VIOCUNPAG _VICEIOCTL(21) -#define VIOCGETFID _VICEIOCTL(22) -#define VIOCSETCACHESIZE _VICEIOCTL(24) -#define VIOCFLUSHCB _VICEIOCTL(25) -#define VIOCNEWCELL _VICEIOCTL(26) -#define VIOCGETCELL _VICEIOCTL(27) -#define VIOC_AFS_DELETE_MT_PT _VICEIOCTL(28) -#define VIOC_AFS_STAT_MT_PT _VICEIOCTL(29) -#define VIOC_FILE_CELL_NAME _VICEIOCTL(30) -#define VIOC_GET_WS_CELL _VICEIOCTL(31) -#define VIOC_AFS_MARINER_HOST _VICEIOCTL(32) -#define VIOC_GET_PRIMARY_CELL _VICEIOCTL(33) -#define VIOC_VENUSLOG _VICEIOCTL(34) -#define VIOC_GETCELLSTATUS _VICEIOCTL(35) -#define VIOC_SETCELLSTATUS _VICEIOCTL(36) -#define VIOC_FLUSHVOLUME _VICEIOCTL(37) -#define VIOC_AFS_SYSNAME _VICEIOCTL(38) -#define VIOC_EXPORTAFS _VICEIOCTL(39) -#define VIOCGETCACHEPARAMS _VICEIOCTL(40) -#define VIOC_GCPAGS _VICEIOCTL(48) - -struct ViceIoctl { - caddr_t in, out; - short in_size; - short out_size; -}; - -struct ClearToken { - int32_t AuthHandle; - char HandShakeKey[8]; - int32_t ViceId; - int32_t BeginTimestamp; - int32_t EndTimestamp; -}; - -#ifdef __STDC__ -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -/* Use k_hasafs() to probe if the machine supports AFS syscalls. - The other functions will generate a SIGSYS if AFS is not supported */ - -int k_hasafs __P((void)); - -int krb_afslog __P((const char *cell, const char *realm)); -int krb_afslog_uid __P((const char *cell, const char *realm, uid_t uid)); -int krb_afslog_home __P((const char *cell, const char *realm, - const char *homedir)); -int krb_afslog_uid_home __P((const char *cell, const char *realm, uid_t uid, - const char *homedir)); - -int krb_realm_of_cell __P((const char *cell, char **realm)); - -/* compat */ -#define k_afsklog krb_afslog -#define k_afsklog_uid krb_afslog_uid - -int k_pioctl __P((char *a_path, - int o_opcode, - struct ViceIoctl *a_paramsP, - int a_followSymlinks)); -int k_unlog __P((void)); -int k_setpag __P((void)); -int k_afs_cell_of_file __P((const char *path, char *cell, int len)); - - - -/* XXX */ -#ifdef KFAILURE -#define KRB_H_INCLUDED -#endif - -#ifdef KRB5_RECVAUTH_IGNORE_VERSION -#define KRB5_H_INCLUDED -#endif - -#ifdef KRB_H_INCLUDED -int kafs_settoken __P((const char*, uid_t, CREDENTIALS*)); -#endif - -#ifdef KRB5_H_INCLUDED -krb5_error_code krb5_afslog_uid __P((krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid)); -krb5_error_code krb5_afslog __P((krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm)); -krb5_error_code krb5_afslog_uid_home __P((krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - uid_t uid, - const char *homedir)); - -krb5_error_code krb5_afslog_home __P((krb5_context context, - krb5_ccache id, - const char *cell, - krb5_const_realm realm, - const char *homedir)); - -krb5_error_code krb5_realm_of_cell __P((const char *cell, char **realm)); - -#endif - - -#define _PATH_VICE "/usr/vice/etc/" -#define _PATH_THISCELL _PATH_VICE "ThisCell" -#define _PATH_CELLSERVDB _PATH_VICE "CellServDB" -#define _PATH_THESECELLS _PATH_VICE "TheseCells" - -#define _PATH_ARLA_VICE "/usr/arla/etc/" -#define _PATH_ARLA_THISCELL _PATH_ARLA_VICE "ThisCell" -#define _PATH_ARLA_CELLSERVDB _PATH_ARLA_VICE "CellServDB" -#define _PATH_ARLA_THESECELLS _PATH_ARLA_VICE "TheseCells" - -extern int _kafs_debug; - -#endif /* __KAFS_H */ diff --git a/crypto/kerberosIV/lib/kafs/kafs_locl.h b/crypto/kerberosIV/lib/kafs/kafs_locl.h deleted file mode 100644 index ac1c2f6d9faa..000000000000 --- a/crypto/kerberosIV/lib/kafs/kafs_locl.h +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kafs_locl.h,v 1.15 1999/12/02 16:58:40 joda Exp $ */ - -#ifndef __KAFS_LOCL_H__ -#define __KAFS_LOCL_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif - -#ifdef HAVE_SYS_SYSCALL_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -#include - -#ifdef KRB5 -#include -#endif -#ifdef KRB4 -#include -#endif -#include - -#include - -#include "afssysdefs.h" - -struct kafs_data; -typedef int (*afslog_uid_func_t)(struct kafs_data *, - const char *cell, - const char *realm_hint, - uid_t, - const char *homedir); - -typedef int (*get_cred_func_t)(struct kafs_data*, const char*, const char*, - const char*, CREDENTIALS*); - -typedef char* (*get_realm_func_t)(struct kafs_data*, const char*); - -typedef struct kafs_data { - afslog_uid_func_t afslog_uid; - get_cred_func_t get_cred; - get_realm_func_t get_realm; - void *data; -} kafs_data; - -int _kafs_afslog_all_local_cells(kafs_data*, uid_t, const char*); - -int _kafs_get_cred(kafs_data*, const char*, const char*, const char *, - CREDENTIALS*); - -int -_kafs_realm_of_cell(kafs_data *data, const char *cell, char **realm); - -#ifdef _AIX -int aix_pioctl(char*, int, struct ViceIoctl*, int); -int aix_setpag(void); -#endif - -#endif /* __KAFS_LOCL_H__ */ diff --git a/crypto/kerberosIV/lib/kclient/KClient.c b/crypto/kerberosIV/lib/kclient/KClient.c deleted file mode 100644 index 6d4ed60ca182..000000000000 --- a/crypto/kerberosIV/lib/kclient/KClient.c +++ /dev/null @@ -1,440 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* KClient.c - KClient glue to krb4.dll - * Author: Jörgen Karlsson - d93-jka@nada.kth.se - * Date: June 1996 - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: KClient.c,v 1.14 1999/12/02 16:58:40 joda Exp $"); -#endif - -#ifdef WIN32 /* Visual C++ 4.0 (Windows95/NT) */ -#include -#endif /* WIN32 */ - -//#include -#include -#include "passwd_dlg.h" -#include "KClient.h" -#include "krb.h" - -char guser[64]; - -void -msg(char *text) -{ - HWND wnd = GetActiveWindow(); - MessageBox(wnd, text, "KClient message", MB_OK|MB_APPLMODAL); -} - -BOOL -SendTicketForService(LPSTR service, LPSTR version, int fd) -{ - KTEXT_ST ticket; - MSG_DAT mdat; - CREDENTIALS cred; - des_key_schedule schedule; - char name[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - int ret; - static KClientSessionInfo foo; - KClientKey key; - - kname_parse(name, inst, realm, service); - strlcpy(foo.realm, realm, sizeof(foo.realm)); - - if(KClientStatus(&foo) == KClientNotLoggedIn) - KClientLogin(&foo, &key); - - ret = krb_sendauth (0, fd, &ticket, - name, inst, realm, 17, &mdat, - &cred, &schedule, NULL, NULL, version); - if(ret) - return FALSE; - return TRUE; -} - -BOOL WINAPI -DllMain(HANDLE hInst, ULONG reason, LPVOID lpReserved) -{ - WORD wVersionRequested; - WSADATA wsaData; - int err; - - switch(reason){ - case DLL_PROCESS_ATTACH: - wVersionRequested = MAKEWORD(1, 1); - - err = WSAStartup(wVersionRequested, &wsaData); - - if (err != 0) - { - /* Tell the user that we couldn't find a useable */ - /* winsock.dll. */ - msg("Cannot find winsock.dll"); - return FALSE; - } - break; - case DLL_PROCESS_DETACH: - WSACleanup(); - } - - return TRUE; -} - -Kerr -KClientMessage(char *text, Kerr error) -{ - msg(text); - return error; -} - -/* KClientInitSession - * You need to call this routine before calling most other routines. - * It initializes a KClientSessionInfo structure. - * The local and remote addresses are for use in KClientEncrypt, - * KClientDecrypt, KClientMakeSendAuth and KClientVerifySendAuth. - * If you don't use any of these routines it's perfectly OK to do the following... - * err = KClientInitSession(session,0,0,0,0); - */ -Kerr -KClientInitSession(KClientSessionInfo *session, - unsigned long lAddr, - unsigned short lPort, - unsigned long fAddr, - unsigned short fPort) -{ - session->lAddr = lAddr; - session->lPort = lPort; - session->fAddr = fAddr; - session->fPort = fPort; - if(tf_get_pname(session->user) != KSUCCESS) - *(session->user) = '\0'; - if(tf_get_pinst(session->inst) != KSUCCESS) - *(session->inst) = '\0'; - krb_get_lrealm (session->realm, 1); - if(*(session->user)) - strlcpy(guser, session->user, sizeof(guser)); - else - *guser ='\0'; - - return 0; -} - - -/* KClientGetTicketForService - * This routine gets an authenticator to be passed to a service. - * If the user isn't already logged in the user is prompted for a password. - */ -Kerr -KClientGetTicketForService(KClientSessionInfo *session, - char *service, - void *buf, - unsigned long *buflen) -{ - CREDENTIALS c; - KClientKey k; - KTEXT_ST ticket; - char serv[255], inst[255], realm[255]; - Kerr err; - - // KClientSetUserName(session->user); - err = kname_parse(serv,inst,realm,service); - if(*realm) - strlcpy(session->realm, realm, sizeof(session->realm)); - else - strlcpy(realm, session->realm, sizeof(realm)); - if(KClientStatus(session) == KClientNotLoggedIn) - if((err = KClientLogin(session, &k)) != KSUCCESS) - return err; - - if((err = krb_mk_req(&ticket, serv, inst, realm, 0)) != KSUCCESS) - return KClientMessage(KClientErrorText(err,0),err); - if((err = krb_get_cred(serv, inst, realm, &c)) != KSUCCESS) - return KClientMessage(KClientErrorText(err,0),err); - - if(*buflen >= ticket.length) - { - *buflen = ticket.length + sizeof(unsigned long); - CopyMemory(buf, &ticket, *buflen); - CopyMemory(session->key, c.session, sizeof(session->key)); - } - else - err = -1; - return err; -} - - -/* KClientLogin - * This routine "logs in" by getting a ticket granting ticket from kerberos. - * It returns the user's private key which can be used to automate login at - * a later time with KClientKeyLogin. - */ - -Kerr -KClientLogin(KClientSessionInfo *session, - KClientKey *privateKey) -{ - CREDENTIALS c; - Kerr err; - char passwd[100]; - - if((err = pwd_dialog(guser, passwd))) - return err; - if(KClientStatus(session) == KClientNotLoggedIn) - { - - if((err = krb_get_pw_in_tkt(guser, session->inst, session->realm, - "krbtgt", session->realm, - DEFAULT_TKT_LIFE, passwd)) != KSUCCESS) - return KClientMessage(KClientErrorText(err,0),err); - } - if((err = krb_get_cred("krbtgt", session->realm, - session->realm, &c)) == KSUCCESS) - CopyMemory(privateKey, c.session, sizeof(*privateKey)); - return err; -} - - -/* KClientPasswordLogin - * This routine is similiar to KClientLogin but instead of prompting the user - * for a password it uses the password supplied to establish login. - */ -Kerr -KClientPasswordLogin(KClientSessionInfo *session, - char *password, - KClientKey *privateKey) -{ - return krb_get_pw_in_tkt(guser, session->inst, session->realm, - "krbtgt", - session->realm, - DEFAULT_TKT_LIFE, - password); -} - - -static key_proc_t -key_proc(void *arg) -{ - return arg; -} - -/* KClientKeyLogin - * This routine is similiar to KClientLogin but instead of prompting the user - * for a password it uses the private key supplied to establish login. - */ -Kerr -KClientKeyLogin(KClientSessionInfo *session, - KClientKey *privateKey) -{ - return krb_get_in_tkt(guser, session->inst, session->realm, - "krbtgt", - session->realm, - DEFAULT_TKT_LIFE, - key_proc, - 0, - privateKey); -} - -/* KClientLogout - * This routine destroys all credentials stored in the credential cache - * effectively logging the user out. - */ -Kerr -KClientLogout(void) -{ - return 0; -} - - -/* KClientStatus - * This routine returns the user's login status which can be - * KClientLoggedIn or KClientNotLoggedIn. - */ -short -KClientStatus(KClientSessionInfo *session) -{ - CREDENTIALS c; - if(krb_get_cred("krbtgt", - session->realm, - session->realm, &c) == KSUCCESS) - return KClientLoggedIn; - else - return KClientNotLoggedIn; -} - - -/* KClientGetUserName - * This routine returns the name the user supplied in the login dialog. - * No name is returned if the user is not logged in. - */ -Kerr -KClientGetUserName(char *user) -{ - strcpy(user, guser); - return 0; -} - - -/* KClientSetUserName - * This routine sets the name that will come up in the login dialog - * the next time the user is prompted for a password. - */ -Kerr -KClientSetUserName(char *user) -{ - strlcpy(guser, user, sizeof(guser)); - return 0; -} - - -/* KClientCacheInitialTicket - * This routine is used to obtain a ticket for the password changing service. - */ -Kerr -KClientCacheInitialTicket(KClientSessionInfo *session, - char *service) -{ - return 0; -} - - -/* KClientGetSessionKey - * This routine can be used to obtain the session key which is stored - * in the KClientSessionInfo record. The session key has no usefullness - * with any KClient calls but it can be used to with the MIT kerberos API. - */ -Kerr -KClientGetSessionKey(KClientSessionInfo *session, - KClientKey *sessionKey) -{ - CopyMemory(sessionKey, session->key, sizeof(*sessionKey)); - return 0; -} - - -/* KClientMakeSendAuth - * This routine is used to create an authenticator that is the same as those - * created by the kerberos routine SendAuth. - */ -Kerr -KClientMakeSendAuth(KClientSessionInfo *session, - char *service, - void *buf, - unsigned long *buflen, - long checksum, - char *applicationVersion) -{ - return 0; -} - - -/* KClientVerifySendAuth - * This routine is used to verify a response made by a server doing RecvAuth. - * The two routines KClientMakeSendAuth and KClientVerifySendAuth together - * provide the functionality of SendAuth minus the transmission of authenticators - * between client->server->client. - */ -Kerr -KClientVerifySendAuth(KClientSessionInfo *session, - void *buf, - unsigned long *buflen) -{ - return 0; -} - - -/* KClientEncrypt - * This routine encrypts a series a bytes for transmission to the remote host. - * For this to work properly you must be logged in and you must have specified - * the remote and local addresses in KClientInitSession. The unencrypted - * message pointed to by buf and of length buflen is returned encrypted - * in encryptBuf of length encryptLength. - * The encrypted buffer must be at least 26 bytes longer the buf. - */ -Kerr -KClientEncrypt(KClientSessionInfo *session, - void *buf, - unsigned long buflen, - void *encryptBuf, - unsigned long *encryptLength) -{ - int num = 64; - des_cfb64_encrypt(buf, encryptBuf, buflen, - (struct des_ks_struct*) session->key, - 0, &num, 1); - return 0; -} - - -/* KClientDecrypt - * This routine decrypts a series of bytes received from the remote host. - - * NOTE: this routine will not reverse a KClientEncrypt call. - * It can only decrypt messages sent from the remote host. - - * Instead of copying the decrypted message to an out buffer, - * the message is decrypted in place and you are returned - * an offset into the buffer where the decrypted message begins. - */ -Kerr -KClientDecrypt(KClientSessionInfo *session, - void *buf, - unsigned long buflen, - unsigned long *decryptOffset, - unsigned long *decryptLength) -{ - int num; - des_cfb64_encrypt(buf, buf, buflen, - (struct des_ks_struct*)session->key, 0, &num, 0); - *decryptOffset = 0; - *decryptLength = buflen; - return 0; -} - - -/* KClientErrorText - * This routine returns a text description of errors returned by any of - * the calls in this library. - */ -char * -KClientErrorText(Kerr err, - char *text) -{ - char *t = krb_get_err_text(err); - if(text) - strcpy(text, t); - return t; -} diff --git a/crypto/kerberosIV/lib/kclient/KClient.def b/crypto/kerberosIV/lib/kclient/KClient.def deleted file mode 100644 index 9b55b2c21332..000000000000 --- a/crypto/kerberosIV/lib/kclient/KClient.def +++ /dev/null @@ -1,19 +0,0 @@ -LIBRARY kclnt32 -EXPORTS - KClientInitSession - KClientGetTicketForService - KClientLogin - KClientPasswordLogin - KClientKeyLogin - KClientLogout - KClientStatus - KClientGetUserName - KClientSetUserName - KClientCacheInitialTicket - KClientGetSessionKey - KClientMakeSendAuth - KClientVerifySendAuth - KClientEncrypt - KClientDecrypt - KClientErrorText - SendTicketForService diff --git a/crypto/kerberosIV/lib/kclient/KClient.dsp b/crypto/kerberosIV/lib/kclient/KClient.dsp deleted file mode 100644 index de4dde2af9f7..000000000000 --- a/crypto/kerberosIV/lib/kclient/KClient.dsp +++ /dev/null @@ -1,127 +0,0 @@ -# Microsoft Developer Studio Project File - Name="kclient" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 5.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=kclient - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "KClient.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "KClient.mak" CFG="kclient - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "kclient - Win32 Release" (based on\ - "Win32 (x86) Dynamic-Link Library") -!MESSAGE "kclient - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "kclient - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir ".\Release" -# PROP BASE Intermediate_Dir ".\Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir ".\Release" -# PROP Intermediate_Dir ".\Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MT /W3 /GX /O2 /I "." /I "..\krb" /I "..\..\include" /I "..\..\include\win32" /I "..\des" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 -# ADD LINK32 ..\krb\Release\krb.lib ..\des\Release\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000" /subsystem:windows /dll /machine:I386 /out:".\Release/kclnt32.dll" - -!ELSEIF "$(CFG)" == "kclient - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir ".\Debug" -# PROP BASE Intermediate_Dir ".\Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir ".\Debug" -# PROP Intermediate_Dir ".\Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\krb" /I "..\..\include" /I "..\..\include\win32" /I "..\des" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 -# ADD LINK32 ..\krb\Debug\krb.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000" /subsystem:windows /dll /debug /machine:I386 /out:".\Debug/kclnt32.dll" - -!ENDIF - -# Begin Target - -# Name "kclient - Win32 Release" -# Name "kclient - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;hpj;bat;for;f90" -# Begin Source File - -SOURCE=.\KClient.c -# End Source File -# Begin Source File - -SOURCE=.\KClient.def -# End Source File -# Begin Source File - -SOURCE=.\passwd_dialog.rc -# End Source File -# Begin Source File - -SOURCE=.\passwd_dlg.c -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl;fi;fd" -# Begin Source File - -SOURCE=.\KClient.h -# End Source File -# Begin Source File - -SOURCE=.\passwd_dlg.h -# End Source File -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;cnt;rtf;gif;jpg;jpeg;jpe" -# End Group -# End Target -# End Project diff --git a/crypto/kerberosIV/lib/kclient/KClient.h b/crypto/kerberosIV/lib/kclient/KClient.h deleted file mode 100644 index d8916c5fbb1d..000000000000 --- a/crypto/kerberosIV/lib/kclient/KClient.h +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* KClient.h - KClient glue to krb4.dll - * Author: Jörgen Karlsson - d93-jka@nada.kth.se - * Date: June 1996 - */ - -/* $Id: KClient.h,v 1.8 1999/12/02 16:58:40 joda Exp $ */ - -#ifndef KCLIENT_H -#define KCLIENT_H - -#ifdef MacOS -#include -typedef OSerr Kerr; -#endif /* MacOS */ - -#ifdef WIN32 /* Visual C++ 4.0 (Windows95/NT) */ -typedef int Kerr; -#endif /* WIN32 */ - -enum { KClientLoggedIn, KClientNotLoggedIn }; - -struct _KClientKey -{ - unsigned char keyBytes[8]; -}; -typedef struct _KClientKey KClientKey; - -struct _KClientSessionInfo -{ - unsigned long lAddr; - unsigned short lPort; - unsigned long fAddr; - unsigned short fPort; - char user[32]; - char inst[32]; - char realm[32]; - char key[8]; -}; -typedef struct _KClientSessionInfo KClientSessionInfo; - -#ifdef __cplusplus -extern "C" { -#endif - -Kerr KClientMessage(char *text, Kerr error); - -/* KClientInitSession */ -Kerr KClientInitSession(KClientSessionInfo *session, - unsigned long lAddr, - unsigned short lPort, - unsigned long fAddr, - unsigned short fPort); - -/* KClientGetTicketForService */ -Kerr KClientGetTicketForService(KClientSessionInfo *session, - char *service, - void *buf, - unsigned long *buflen); - - -/* KClientLogin */ -Kerr KClientLogin(KClientSessionInfo *session, - KClientKey *privateKey ); - -/* KClientPasswordLogin */ -Kerr KClientPasswordLogin(KClientSessionInfo *session, - char *password, - KClientKey *privateKey); - -/* KClientKeyLogin */ -Kerr KClientKeyLogin(KClientSessionInfo *session, KClientKey *privateKey); - -/* KClientLogout */ -Kerr KClientLogout(void); - -/* KClientStatus */ -short KClientStatus(KClientSessionInfo *session); - -/* KClientGetUserName */ -Kerr KClientGetUserName(char *user); - -/* KClientSetUserName */ -Kerr KClientSetUserName(char *user); - -/* KClientCacheInitialTicket */ -Kerr KClientCacheInitialTicket(KClientSessionInfo *session, - char *service); - -/* KClientGetSessionKey */ -Kerr KClientGetSessionKey(KClientSessionInfo *session, - KClientKey *sessionKey); - -/* KClientMakeSendAuth */ -Kerr KClientMakeSendAuth(KClientSessionInfo *session, - char *service, - void *buf, - unsigned long *buflen, - long checksum, - char *applicationVersion); - -/* KClientVerifySendAuth */ -Kerr KClientVerifySendAuth(KClientSessionInfo *session, - void *buf, - unsigned long *buflen); - -/* KClientEncrypt */ -Kerr KClientEncrypt(KClientSessionInfo *session, - void *buf, - unsigned long buflen, - void *encryptBuf, - unsigned long *encryptLength); - -/* KClientDecrypt */ -Kerr KClientDecrypt(KClientSessionInfo *session, - void *buf, - unsigned long buflen, - unsigned long *decryptOffset, - unsigned long *decryptLength); - -/* KClientErrorText */ -char *KClientErrorText(Kerr err, char *text); - -#ifdef __cplusplus -} -#endif - -#endif /* KCLIENT_H */ diff --git a/crypto/kerberosIV/lib/kclient/KClient.mak b/crypto/kerberosIV/lib/kclient/KClient.mak deleted file mode 100644 index 40d4ab860398..000000000000 --- a/crypto/kerberosIV/lib/kclient/KClient.mak +++ /dev/null @@ -1,297 +0,0 @@ -# Microsoft Developer Studio Generated NMAKE File, Based on KClient.dsp -!IF "$(CFG)" == "" -CFG=kclient - Win32 Release -!MESSAGE No configuration specified. Defaulting to kclient - Win32 Release. -!ENDIF - -!IF "$(CFG)" != "kclient - Win32 Release" && "$(CFG)" !=\ - "kclient - Win32 Debug" -!MESSAGE Invalid configuration "$(CFG)" specified. -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "KClient.mak" CFG="kclient - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "kclient - Win32 Release" (based on\ - "Win32 (x86) Dynamic-Link Library") -!MESSAGE "kclient - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE -!ERROR An invalid configuration is specified. -!ENDIF - -!IF "$(OS)" == "Windows_NT" -NULL= -!ELSE -NULL=nul -!ENDIF - -!IF "$(CFG)" == "kclient - Win32 Release" - -OUTDIR=.\Release -INTDIR=.\Release -# Begin Custom Macros -OutDir=.\.\Release -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\kclnt32.dll" - -!ELSE - -ALL : "krb - Win32 Release" "$(OUTDIR)\kclnt32.dll" - -!ENDIF - -!IF "$(RECURSE)" == "1" -CLEAN :"krb - Win32 ReleaseCLEAN" -!ELSE -CLEAN : -!ENDIF - -@erase "$(INTDIR)\KClient.obj" - -@erase "$(INTDIR)\passwd_dialog.res" - -@erase "$(INTDIR)\passwd_dlg.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(OUTDIR)\kclnt32.dll" - -@erase "$(OUTDIR)\kclnt32.exp" - -@erase "$(OUTDIR)\kclnt32.lib" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP=cl.exe -CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "." /I "..\krb" /I "..\..\include" /I\ - "..\..\include\win32" /I "..\des" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D\ - "HAVE_CONFIG_H" /Fp"$(INTDIR)\KClient.pch" /YX /Fo"$(INTDIR)\\"\ - /Fd"$(INTDIR)\\" /FD /c -CPP_OBJS=.\Release/ -CPP_SBRS=. - -.c{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.c{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -MTL=midl.exe -MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /win32 -RSC=rc.exe -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\passwd_dialog.res" /d "NDEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\KClient.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=..\krb\Release\krb.lib ..\des\Release\des.lib wsock32.lib\ - kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\ - shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000"\ - /subsystem:windows /dll /incremental:no /pdb:"$(OUTDIR)\kclnt32.pdb"\ - /machine:I386 /def:".\KClient.def" /out:"$(OUTDIR)\kclnt32.dll"\ - /implib:"$(OUTDIR)\kclnt32.lib" -DEF_FILE= \ - ".\KClient.def" -LINK32_OBJS= \ - "$(INTDIR)\KClient.obj" \ - "$(INTDIR)\passwd_dialog.res" \ - "$(INTDIR)\passwd_dlg.obj" \ - "..\krb\Release\krb.lib" - -"$(OUTDIR)\kclnt32.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ELSEIF "$(CFG)" == "kclient - Win32 Debug" - -OUTDIR=.\Debug -INTDIR=.\Debug -# Begin Custom Macros -OutDir=.\.\Debug -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\kclnt32.dll" - -!ELSE - -ALL : "krb - Win32 Debug" "$(OUTDIR)\kclnt32.dll" - -!ENDIF - -!IF "$(RECURSE)" == "1" -CLEAN :"krb - Win32 DebugCLEAN" -!ELSE -CLEAN : -!ENDIF - -@erase "$(INTDIR)\KClient.obj" - -@erase "$(INTDIR)\passwd_dialog.res" - -@erase "$(INTDIR)\passwd_dlg.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(INTDIR)\vc50.pdb" - -@erase "$(OUTDIR)\kclnt32.dll" - -@erase "$(OUTDIR)\kclnt32.exp" - -@erase "$(OUTDIR)\kclnt32.ilk" - -@erase "$(OUTDIR)\kclnt32.lib" - -@erase "$(OUTDIR)\kclnt32.pdb" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP=cl.exe -CPP_PROJ=/nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\krb" /I "..\..\include"\ - /I "..\..\include\win32" /I "..\des" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D\ - "HAVE_CONFIG_H" /Fp"$(INTDIR)\KClient.pch" /YX /Fo"$(INTDIR)\\"\ - /Fd"$(INTDIR)\\" /FD /c -CPP_OBJS=.\Debug/ -CPP_SBRS=. - -.c{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.c{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -MTL=midl.exe -MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /win32 -RSC=rc.exe -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\passwd_dialog.res" /d "_DEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\KClient.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=..\krb\Debug\krb.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib\ - user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib\ - ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x1320000" /subsystem:windows\ - /dll /incremental:yes /pdb:"$(OUTDIR)\kclnt32.pdb" /debug /machine:I386\ - /def:".\KClient.def" /out:"$(OUTDIR)\kclnt32.dll"\ - /implib:"$(OUTDIR)\kclnt32.lib" -DEF_FILE= \ - ".\KClient.def" -LINK32_OBJS= \ - "$(INTDIR)\KClient.obj" \ - "$(INTDIR)\passwd_dialog.res" \ - "$(INTDIR)\passwd_dlg.obj" \ - "..\krb\Debug\krb.lib" - -"$(OUTDIR)\kclnt32.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ENDIF - - -!IF "$(CFG)" == "kclient - Win32 Release" || "$(CFG)" ==\ - "kclient - Win32 Debug" -SOURCE=.\KClient.c -DEP_CPP_KCLIE=\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\des\des.h"\ - "..\krb\krb-protos.h"\ - "..\krb\krb.h"\ - ".\KClient.h"\ - ".\passwd_dlg.h"\ - - -"$(INTDIR)\KClient.obj" : $(SOURCE) $(DEP_CPP_KCLIE) "$(INTDIR)" - - -SOURCE=.\passwd_dialog.rc - -"$(INTDIR)\passwd_dialog.res" : $(SOURCE) "$(INTDIR)" - $(RSC) $(RSC_PROJ) $(SOURCE) - - -SOURCE=.\passwd_dlg.c -DEP_CPP_PASSW=\ - "..\..\include\win32\config.h"\ - ".\passwd_dlg.h"\ - - -"$(INTDIR)\passwd_dlg.obj" : $(SOURCE) $(DEP_CPP_PASSW) "$(INTDIR)" - - -!IF "$(CFG)" == "kclient - Win32 Release" - -"krb - Win32 Release" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb" - $(MAKE) /$(MAKEFLAGS) /F ".\krb.mak" CFG="krb - Win32 Release" - cd "..\kclient" - -"krb - Win32 ReleaseCLEAN" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb" - $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\krb.mak" CFG="krb - Win32 Release"\ - RECURSE=1 - cd "..\kclient" - -!ELSEIF "$(CFG)" == "kclient - Win32 Debug" - -"krb - Win32 Debug" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb" - $(MAKE) /$(MAKEFLAGS) /F ".\krb.mak" CFG="krb - Win32 Debug" - cd "..\kclient" - -"krb - Win32 DebugCLEAN" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\krb" - $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\krb.mak" CFG="krb - Win32 Debug" RECURSE=1\ - - cd "..\kclient" - -!ENDIF - - -!ENDIF - diff --git a/crypto/kerberosIV/lib/kclient/passwd_dialog.rc b/crypto/kerberosIV/lib/kclient/passwd_dialog.rc deleted file mode 100644 index 6478e5f24e62..000000000000 --- a/crypto/kerberosIV/lib/kclient/passwd_dialog.rc +++ /dev/null @@ -1,143 +0,0 @@ -//Microsoft Developer Studio generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// Swedish resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_SVE) -#ifdef _WIN32 -LANGUAGE LANG_SWEDISH, SUBLANG_DEFAULT -#pragma code_page(1252) -#endif //_WIN32 - -///////////////////////////////////////////////////////////////////////////// -// -// Dialog -// - -IDD_DIALOG1 DIALOG DISCARDABLE 0, 0, 186, 95 -STYLE DS_ABSALIGN | DS_MODALFRAME | DS_CENTER | WS_POPUP | WS_CAPTION -CAPTION "User data" -FONT 8, "MS Sans Serif" -BEGIN - EDITTEXT IDC_EDIT1,71,19,40,14,ES_AUTOHSCROLL - EDITTEXT IDC_EDIT2,71,36,40,14,ES_PASSWORD | ES_AUTOHSCROLL - DEFPUSHBUTTON "OK",IDOK,31,74,50,14 - PUSHBUTTON "Cancel",IDCANCEL,105,74,50,14 - LTEXT "User name:",IDC_STATIC,27,23,37,8,NOT WS_GROUP - LTEXT "Password:",IDC_STATIC,27,39,34,8,NOT WS_GROUP -END - - -///////////////////////////////////////////////////////////////////////////// -// -// DESIGNINFO -// - -#ifdef APSTUDIO_INVOKED -GUIDELINES DESIGNINFO DISCARDABLE -BEGIN - IDD_DIALOG1, DIALOG - BEGIN - LEFTMARGIN, 7 - RIGHTMARGIN, 179 - TOPMARGIN, 7 - BOTTOMMARGIN, 88 - END -END -#endif // APSTUDIO_INVOKED - - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE DISCARDABLE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE DISCARDABLE -BEGIN - "#include ""afxres.h""\r\n" - "\0" -END - -3 TEXTINCLUDE DISCARDABLE -BEGIN - "\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -#ifndef _MAC -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,0,0,1 - PRODUCTVERSION 1,0,0,1 - FILEFLAGSMASK 0x3fL -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x40004L - FILETYPE 0x2L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "Royal Institute of Technology (KTH)\0" - VALUE "FileDescription", "kclient\0" - VALUE "FileVersion", "4, 0, 9, 9\0" - VALUE "InternalName", "kclient\0" - VALUE "LegalCopyright", "Copyright © 1996 - 1998 Royal Institute of Technology (KTH)\0" - VALUE "OriginalFilename", "kclnt32.dll\0" - VALUE "ProductName", "KTH Kerberos\0" - VALUE "ProductVersion", "4,0,9,9\0" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - -#endif // !_MAC - -#endif // Swedish resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// - - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - diff --git a/crypto/kerberosIV/lib/kclient/passwd_dialog.res b/crypto/kerberosIV/lib/kclient/passwd_dialog.res deleted file mode 100644 index fc4556fe3646..000000000000 Binary files a/crypto/kerberosIV/lib/kclient/passwd_dialog.res and /dev/null differ diff --git a/crypto/kerberosIV/lib/kclient/passwd_dlg.c b/crypto/kerberosIV/lib/kclient/passwd_dlg.c deleted file mode 100644 index fb2f46803dec..000000000000 --- a/crypto/kerberosIV/lib/kclient/passwd_dlg.c +++ /dev/null @@ -1,109 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* passwd_dlg.c - Dialog boxes for Windows95/NT - * Author: Jörgen Karlsson - d93-jka@nada.kth.se - * Date: June 1996 - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: passwd_dlg.c,v 1.11 1999/12/02 16:58:40 joda Exp $"); -#endif - -#ifdef WIN32 /* Visual C++ 4.0 (Windows95/NT) */ -#include -#include "passwd_dlg.h" -#include "Resource.h" -#define passwdBufSZ 64 -#define usr_nameSZ 64 - -static char user_name[usr_nameSZ]; -static char passwd[passwdBufSZ]; - -BOOL CALLBACK -pwd_dialog_proc(HWND hwndDlg, - UINT uMsg, - WPARAM wParam, - LPARAM lParam) -{ - switch(uMsg) - { - case WM_INITDIALOG: - SetDlgItemText(hwndDlg, IDC_EDIT1, user_name); - return TRUE; - break; - - case WM_COMMAND: - switch(wParam) - { - case IDOK: - if(!GetDlgItemText(hwndDlg,IDC_EDIT1, user_name, usr_nameSZ)) - EndDialog(hwndDlg, IDCANCEL); - if(!GetDlgItemText(hwndDlg,IDC_EDIT2, passwd, passwdBufSZ)) - EndDialog(hwndDlg, IDCANCEL); - case IDCANCEL: - EndDialog(hwndDlg, wParam); - return TRUE; - } - break; - } - return FALSE; -} - - -/* return 0 if ok, 1 otherwise */ -int -pwd_dialog(char *user, size_t user_sz, - char *password, size_t password_sz) -{ - int i; - HWND wnd = GetActiveWindow(); - HANDLE hInst = GetModuleHandle("kclnt32"); - - strlcpy(user_name, user, sizeof(user_name)); - switch(DialogBox(hInst,MAKEINTRESOURCE(IDD_DIALOG1),wnd,pwd_dialog_proc)) - { - case IDOK: - strlcpy(user, user_name, user_sz); - strlcpy(password, passwd, password_sz); - memset (passwd, 0, sizeof(passwd)); - return 0; - case IDCANCEL: - default: - memset (passwd, 0, sizeof(passwd)); - return 1; - } -} - -#endif /* WIN32 */ diff --git a/crypto/kerberosIV/lib/kclient/passwd_dlg.h b/crypto/kerberosIV/lib/kclient/passwd_dlg.h deleted file mode 100644 index 543a560ca971..000000000000 --- a/crypto/kerberosIV/lib/kclient/passwd_dlg.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* passwd_dlg.h - Dialog boxes for Windows95/NT - * Author: Jörgen Karlsson - d93-jka@nada.kth.se - * Date: June 1996 - */ - -/* $Id: passwd_dlg.h,v 1.7 1999/12/02 16:58:40 joda Exp $ */ - -#ifndef PASSWD_DLG_H -#define PASSWD_DLG_H - -int pwd_dialog(char *user, size_t user_sz, - char *password, size_t password_sz); - -#endif /* PASSWD_DLG_H */ diff --git a/crypto/kerberosIV/lib/kclient/resource.h b/crypto/kerberosIV/lib/kclient/resource.h deleted file mode 100644 index 76a6eb5e3e9c..000000000000 --- a/crypto/kerberosIV/lib/kclient/resource.h +++ /dev/null @@ -1,18 +0,0 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Developer Studio generated include file. -// Used by passwd_dialog.rc -// -#define IDD_DIALOG1 101 -#define IDC_EDIT1 1000 -#define IDC_EDIT2 1001 - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NEXT_RESOURCE_VALUE 103 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 1002 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif diff --git a/crypto/kerberosIV/lib/kdb/Makefile.in b/crypto/kerberosIV/lib/kdb/Makefile.in deleted file mode 100644 index 119ff6bf1d3c..000000000000 --- a/crypto/kerberosIV/lib/kdb/Makefile.in +++ /dev/null @@ -1,94 +0,0 @@ -# -# $Id: Makefile.in,v 1.40.4.1 2000/06/23 03:20:00 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -PICFLAGS = @PICFLAGS@ - -LIB_DBM = @LIB_DBM@ -LIB_DEPS = @lib_deps_yes@ $(LIB_DBM) -lc -build_symlink_command = @build_symlink_command@ -install_symlink_command = @install_symlink_command@ - -LIBNAME = $(LIBPREFIX)kdb -LIBEXT = @LIBEXT@ -SHLIBEXT = @SHLIBEXT@ -LIBPREFIX = @LIBPREFIX@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) - -SOURCES = krb_cache.c krb_kdb_utils.c copykey.c krb_lib.c \ - krb_dbm.c print_princ.c - -OBJECTS = krb_cache.o krb_kdb_utils.o copykey.o krb_lib.o \ - krb_dbm.o print_princ.o - -all: $(LIB) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I$(srcdir) -I. $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) - @install_symlink_command@ - -uninstall: - rm -f $(DESTDIR)$(libdir)/$(LIB) - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(LIB) *.o *.a *.so *.so.* so_locations - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ roken_rename.h - -realclean: distclean - rm -f TAGS - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) $(LIB_DEPS) - @build_symlink_command@ - -$(OBJECTS): ../../include/config.h roken_rename.h - -roken_rename.h: - $(LN_S) $(srcdir)/../krb/roken_rename.h . - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/kdb/copykey.c b/crypto/kerberosIV/lib/kdb/copykey.c deleted file mode 100644 index 72b2b69180b6..000000000000 --- a/crypto/kerberosIV/lib/kdb/copykey.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "kdb_locl.h" - -RCSID("$Id: copykey.c,v 1.11 1999/12/02 16:58:40 joda Exp $"); - -void -copy_from_key(des_cblock in, u_int32_t *lo, u_int32_t *hi) -{ - memcpy(lo, ((char *) in) + 0, 4); - memcpy(hi, ((char *) in) + 4, 4); -} - -void -copy_to_key(u_int32_t *lo, u_int32_t *hi, des_cblock out) -{ - memcpy(((char *)out) + 0, lo, 4); - memcpy(((char *)out) + 4, hi, 4); -} diff --git a/crypto/kerberosIV/lib/kdb/kdb_locl.h b/crypto/kerberosIV/lib/kdb/kdb_locl.h deleted file mode 100644 index 2478f645da10..000000000000 --- a/crypto/kerberosIV/lib/kdb/kdb_locl.h +++ /dev/null @@ -1,93 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: kdb_locl.h,v 1.10 1999/12/02 16:58:40 joda Exp $ */ - -#ifndef __kdb_locl_h -#define __kdb_locl_h - -#include "config.h" -#include "protos.h" - -#include "base64.h" - -#include -#include -#include - -#include -#include - -#include - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif - -#include -#include -#include -#include -#include - -#include -#include - -/* --- */ - -/* Globals! */ - -/* Utils */ - -int kerb_db_set_lockmode __P((int)); -void kerb_db_fini __P((void)); -int kerb_db_init __P((void)); -int kerb_db_get_principal __P((char *name, char *, Principal *, unsigned int, int *)); -int kerb_db_get_dba __P((char *, char *, Dba *, unsigned int, int *)); - -void delta_stat __P((DB_stat *, DB_stat *, DB_stat *)); - -int kerb_cache_init __P((void)); -int kerb_cache_get_principal __P((char *name, char *, Principal *, unsigned int)); -int kerb_cache_put_principal __P((Principal *, unsigned int)); -int kerb_cache_get_dba __P((char *, char *, Dba *, unsigned int)); -int kerb_cache_put_dba __P((Dba *, unsigned int)); - -void krb_print_principal __P((Principal *)); - -#endif /* __kdb_locl_h */ diff --git a/crypto/kerberosIV/lib/kdb/kdc.h b/crypto/kerberosIV/lib/kdb/kdc.h deleted file mode 100644 index 968775dde4ce..000000000000 --- a/crypto/kerberosIV/lib/kdb/kdc.h +++ /dev/null @@ -1,35 +0,0 @@ -/* - * $Id: kdc.h,v 1.8 1997/04/01 03:59:05 assar Exp $ - * $FreeBSD$ - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Include file for the Kerberos Key Distribution Center. - */ - -#ifndef KDC_DEFS -#define KDC_DEFS - -/* Don't depend on this! */ -#ifndef MKEYFILE -#if 1 -#define MKEYFILE "/etc/kerberosIV/master-key" -#else -#define MKEYFILE "/.k" -#endif -#endif -#ifndef K_LOGFIL -#define K_LOGFIL "/var/log/kpropd.log" -#endif - -#define ONE_MINUTE 60 -#define FIVE_MINUTES (5 * ONE_MINUTE) -#define ONE_HOUR (60 * ONE_MINUTE) -#define ONE_DAY (24 * ONE_HOUR) -#define THREE_DAYS (3 * ONE_DAY) - -#endif /* KDC_DEFS */ - diff --git a/crypto/kerberosIV/lib/kdb/krb_cache.c b/crypto/kerberosIV/lib/kdb/krb_cache.c deleted file mode 100644 index bd8da505d876..000000000000 --- a/crypto/kerberosIV/lib/kdb/krb_cache.c +++ /dev/null @@ -1,183 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * This is where a cache would be implemented, if it were necessary. - */ - -#include "kdb_locl.h" - -RCSID("$Id: krb_cache.c,v 1.7 1998/06/09 19:25:14 joda Exp $"); - -#ifdef DEBUG -extern int debug; -extern long kerb_debug; -#endif -static int init = 0; - -/* - * initialization routine for cache - */ - -int -kerb_cache_init(void) -{ - init = 1; - return (0); -} - -/* - * look up a principal in the cache returns number of principals found - */ - -int -kerb_cache_get_principal(char *serv, /* could have wild card */ - char *inst, /* could have wild card */ - Principal *principal, - unsigned int max) /* max number of name structs to return */ -{ - int found = 0; - - if (!init) - kerb_cache_init(); -#ifdef DEBUG - if (kerb_debug & 2) - fprintf(stderr, "cache_get_principal for %s %s max = %d\n", - serv, inst, max); -#endif /* DEBUG */ - -#ifdef DEBUG - if (kerb_debug & 2) { - if (found) { - fprintf(stderr, "cache get %s %s found %s %s sid = %d\n", - serv, inst, principal->name, principal->instance); - } else { - fprintf(stderr, "cache %s %s not found\n", serv, - inst); - } - } -#endif - return (found); -} - -/* - * insert/replace a principal in the cache returns number of principals - * inserted - */ - -int -kerb_cache_put_principal(Principal *principal, - unsigned int max) - /* max number of principal structs to - * insert */ -{ - u_long i; - int count = 0; - - if (!init) - kerb_cache_init(); - -#ifdef DEBUG - if (kerb_debug & 2) { - fprintf(stderr, "kerb_cache_put_principal max = %d", - max); - } -#endif - - for (i = 0; i < max; i++) { -#ifdef DEBUG - if (kerb_debug & 2) - fprintf(stderr, "\n %s %s", - principal->name, principal->instance); -#endif - /* DO IT */ - count++; - principal++; - } - return count; -} - -/* - * look up a dba in the cache returns number of dbas found - */ - -int -kerb_cache_get_dba(char *serv, /* could have wild card */ - char *inst, /* could have wild card */ - Dba *dba, - unsigned int max) /* max number of name structs to return */ -{ - int found = 0; - - if (!init) - kerb_cache_init(); - -#ifdef DEBUG - if (kerb_debug & 2) - fprintf(stderr, "cache_get_dba for %s %s max = %d\n", - serv, inst, max); -#endif - -#ifdef DEBUG - if (kerb_debug & 2) { - if (found) { - fprintf(stderr, "cache get %s %s found %s %s sid = %d\n", - serv, inst, dba->name, dba->instance); - } else { - fprintf(stderr, "cache %s %s not found\n", serv, inst); - } - } -#endif - return (found); -} - -/* - * insert/replace a dba in the cache returns number of dbas inserted - */ - -int -kerb_cache_put_dba(Dba *dba, - unsigned int max) - /* max number of dba structs to insert */ -{ - u_long i; - int count = 0; - - if (!init) - kerb_cache_init(); -#ifdef DEBUG - if (kerb_debug & 2) { - fprintf(stderr, "kerb_cache_put_dba max = %d", max); - } -#endif - for (i = 0; i < max; i++) { -#ifdef DEBUG - if (kerb_debug & 2) - fprintf(stderr, "\n %s %s", - dba->name, dba->instance); -#endif - /* DO IT */ - count++; - dba++; - } - return count; -} - diff --git a/crypto/kerberosIV/lib/kdb/krb_db.h b/crypto/kerberosIV/lib/kdb/krb_db.h deleted file mode 100644 index d0fc260c5240..000000000000 --- a/crypto/kerberosIV/lib/kdb/krb_db.h +++ /dev/null @@ -1,138 +0,0 @@ -/* - * $Id: krb_db.h,v 1.15 1996/12/17 20:34:32 assar Exp $ - * $FreeBSD$ - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * spm Project Athena 8/85 - * - * This file defines data structures for the kerberos - * authentication/authorization database. - * - * They MUST correspond to those defined in *.rel - */ - -#ifndef KRB_DB_DEFS -#define KRB_DB_DEFS - -#include - -#define KERB_M_NAME "K" /* Kerberos */ -#define KERB_M_INST "M" /* Master */ -#define KERB_DEFAULT_NAME "default" -#define KERB_DEFAULT_INST "" -#ifndef DB_DIR -#define DB_DIR "/var/db/kerberos" -#endif -#ifndef DBM_FILE -#define DBM_FILE DB_DIR "/principal" -#endif - -/* this also defines the number of queue headers */ -#define KERB_DB_HASH_MODULO 64 - - -/* Arguments to kerb_dbl_lock() */ - -#define KERB_DBL_EXCLUSIVE 1 -#define KERB_DBL_SHARED 0 - -/* arguments to kerb_db_set_lockmode() */ - -#define KERB_DBL_BLOCKING 0 -#define KERB_DBL_NONBLOCKING 1 - -/* arguments to kdb_get_master_key */ - -#define KDB_GET_PROMPT 1 -#define KDB_GET_TWICE 2 - -/* Principal defines the structure of a principal's name */ - -typedef struct { - char name[ANAME_SZ]; - char instance[INST_SZ]; - - u_int32_t key_low; - u_int32_t key_high; - u_int32_t exp_date; - char exp_date_txt[DATE_SZ]; - u_int32_t mod_date; - char mod_date_txt[DATE_SZ]; - u_int16_t attributes; - u_int8_t max_life; - u_int8_t kdc_key_ver; - u_int8_t key_version; - - char mod_name[ANAME_SZ]; - char mod_instance[INST_SZ]; - char *old; /* cast to (Principal *); not in db, - * ptr to old vals */ -} Principal; - -typedef struct { - int32_t cpu; - int32_t elapsed; - int32_t dio; - int32_t pfault; - int32_t t_stamp; - int32_t n_retrieve; - int32_t n_replace; - int32_t n_append; - int32_t n_get_stat; - int32_t n_put_stat; -} DB_stat; - -/* Dba defines the structure of a database administrator */ - -typedef struct { - char name[ANAME_SZ]; - char instance[INST_SZ]; - u_int16_t attributes; - u_int32_t exp_date; - char exp_date_txt[DATE_SZ]; - char *old; /* - * cast to (Dba *); not in db, ptr to - * old vals - */ -} Dba; - -typedef int (*k_iter_proc_t)(void*, Principal*); - -void copy_from_key __P((des_cblock in, u_int32_t *lo, u_int32_t *hi)); -void copy_to_key __P((u_int32_t *lo, u_int32_t *hi, des_cblock out)); - -void kdb_encrypt_key __P((des_cblock *, des_cblock *, des_cblock *, - des_key_schedule, int)); -int kdb_get_master_key __P((int prompt, des_cblock *master_key, - des_key_schedule master_key_sched)); -int kdb_get_new_master_key __P((des_cblock *, des_key_schedule, int)); -int kdb_kstash __P((des_cblock *, char *)); -int kdb_new_get_master_key __P((des_cblock *, des_key_schedule)); -int kdb_new_get_new_master_key __P((des_cblock *key, des_key_schedule schedule, int verify)); -long kdb_verify_master_key __P((des_cblock *, des_key_schedule, FILE *)); -long *kerb_db_begin_update __P((void)); -int kerb_db_create __P((char *db_name)); -int kerb_db_delete_principal (char *name, char *inst); -void kerb_db_end_update __P((long *db)); -int kerb_db_get_dba __P((char *, char *, Dba *, unsigned, int *)); -void kerb_db_get_stat __P((DB_stat *)); -int kerb_db_iterate __P((k_iter_proc_t, void*)); -int kerb_db_put_principal __P((Principal *, unsigned int)); -void kerb_db_put_stat __P((DB_stat *)); -int kerb_db_rename __P((char *, char *)); -int kerb_db_set_lockmode __P((int)); -int kerb_db_set_name __P((char *)); -int kerb_db_update __P((long *db, Principal *principal, unsigned int max)); -int kerb_delete_principal __P((char *name, char *inst)); -void kerb_fini __P((void)); -int kerb_get_dba __P((char *, char *, Dba *, unsigned int, int *)); -time_t kerb_get_db_age __P((void)); -int kerb_get_principal __P((char *, char *, Principal *, unsigned int, int *)); -int kerb_init __P((void)); -int kerb_put_principal __P((Principal *, unsigned int)); - -#endif /* KRB_DB_DEFS */ diff --git a/crypto/kerberosIV/lib/kdb/krb_dbm.c b/crypto/kerberosIV/lib/kdb/krb_dbm.c deleted file mode 100644 index 7265e205b65e..000000000000 --- a/crypto/kerberosIV/lib/kdb/krb_dbm.c +++ /dev/null @@ -1,768 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "kdb_locl.h" - -RCSID("$Id: krb_dbm.c,v 1.37 1999/09/16 20:41:49 assar Exp $"); - -#include - -#define KERB_DB_MAX_RETRY 5 - -#ifdef DEBUG -extern int debug; -extern long kerb_debug; -extern char *progname; -#endif - -static int init = 0; -static char default_db_name[] = DBM_FILE; -static char *current_db_name = default_db_name; - -static struct timeval timestamp;/* current time of request */ -static int non_blocking = 0; - -/* - * This module contains all of the code which directly interfaces to - * the underlying representation of the Kerberos database; this - * implementation uses a DBM or NDBM indexed "file" (actually - * implemented as two separate files) to store the relations, plus a - * third file as a semaphore to allow the database to be replaced out - * from underneath the KDC server. - */ - -/* - * Locking: - * - * There are two distinct locking protocols used. One is designed to - * lock against processes (the admin_server, for one) which make - * incremental changes to the database; the other is designed to lock - * against utilities (kdb_util, kpropd) which replace the entire - * database in one fell swoop. - * - * The first locking protocol is implemented using flock() in the - * krb_dbl_lock() and krb_dbl_unlock routines. - * - * The second locking protocol is necessary because DBM "files" are - * actually implemented as two separate files, and it is impossible to - * atomically rename two files simultaneously. It assumes that the - * database is replaced only very infrequently in comparison to the time - * needed to do a database read operation. - * - * A third file is used as a "version" semaphore; the modification - * time of this file is the "version number" of the database. - * At the start of a read operation, the reader checks the version - * number; at the end of the read operation, it checks again. If the - * version number changed, or if the semaphore was nonexistant at - * either time, the reader sleeps for a second to let things - * stabilize, and then tries again; if it does not succeed after - * KERB_DB_MAX_RETRY attempts, it gives up. - * - * On update, the semaphore file is deleted (if it exists) before any - * update takes place; at the end of the update, it is replaced, with - * a version number strictly greater than the version number which - * existed at the start of the update. - * - * If the system crashes in the middle of an update, the semaphore - * file is not automatically created on reboot; this is a feature, not - * a bug, since the database may be inconsistant. Note that the - * absence of a semaphore file does not prevent another _update_ from - * taking place later. Database replacements take place automatically - * only on slave servers; a crash in the middle of an update will be - * fixed by the next slave propagation. A crash in the middle of an - * update on the master would be somewhat more serious, but this would - * likely be noticed by an administrator, who could fix the problem and - * retry the operation. - */ - - -/* - * Utility routine: generate name of database file. - */ - -static char * -gen_dbsuffix(char *db_name, char *sfx) -{ - char *dbsuffix; - - if (sfx == NULL) - sfx = ".ok"; - - asprintf (&dbsuffix, "%s%s", db_name, sfx); - if (dbsuffix == NULL) { - fprintf (stderr, "gen_dbsuffix: out of memory\n"); - exit(1); - } - return dbsuffix; -} - -static void -decode_princ_key(datum *key, char *name, char *instance) -{ - strlcpy (name, key->dptr, ANAME_SZ); - strlcpy (instance, (char *)key->dptr + ANAME_SZ, INST_SZ); -} - -static void -encode_princ_contents(datum *contents, Principal *principal) -{ - contents->dsize = sizeof(*principal); - contents->dptr = (char *) principal; -} - -static void -decode_princ_contents (datum *contents, Principal *principal) -{ - memcpy(principal, contents->dptr, sizeof(*principal)); -} - -static void -encode_princ_key (datum *key, char *name, char *instance) -{ - static char keystring[ANAME_SZ + INST_SZ]; - - memset(keystring, 0, ANAME_SZ + INST_SZ); - strncpy(keystring, name, ANAME_SZ); - strncpy(&keystring[ANAME_SZ], instance, INST_SZ); - key->dptr = keystring; - key->dsize = ANAME_SZ + INST_SZ; -} - -static int dblfd = -1; /* db LOCK fd */ -static int mylock = 0; -static int inited = 0; - -static int -kerb_dbl_init(void) -{ - if (!inited) { - char *filename = gen_dbsuffix (current_db_name, ".ok"); - if ((dblfd = open(filename, O_RDWR)) < 0) { - fprintf(stderr, "kerb_dbl_init: couldn't open %s\n", filename); - fflush(stderr); - perror("open"); - exit(1); - } - free(filename); - inited++; - } - return (0); -} - -static void -kerb_dbl_fini(void) -{ - close(dblfd); - dblfd = -1; - inited = 0; - mylock = 0; -} - -static int -kerb_dbl_lock(int mode) -{ - int flock_mode; - - if (!inited) - kerb_dbl_init(); - if (mylock) { /* Detect lock call when lock already - * locked */ - fprintf(stderr, "Kerberos locking error (mylock)\n"); - fflush(stderr); - exit(1); - } - switch (mode) { - case KERB_DBL_EXCLUSIVE: - flock_mode = LOCK_EX; - break; - case KERB_DBL_SHARED: - flock_mode = LOCK_SH; - break; - default: - fprintf(stderr, "invalid lock mode %d\n", mode); - abort(); - } - if (non_blocking) - flock_mode |= LOCK_NB; - - if (flock(dblfd, flock_mode) < 0) - return errno; - mylock++; - return 0; -} - -static void -kerb_dbl_unlock(void) -{ - if (!mylock) { /* lock already unlocked */ - fprintf(stderr, "Kerberos database lock not locked when unlocking.\n"); - fflush(stderr); - exit(1); - } - if (flock(dblfd, LOCK_UN) < 0) { - fprintf(stderr, "Kerberos database lock error. (unlocking)\n"); - fflush(stderr); - perror("flock"); - exit(1); - } - mylock = 0; -} - -int -kerb_db_set_lockmode(int mode) -{ - int old = non_blocking; - non_blocking = mode; - return old; -} - -/* - * initialization for data base routines. - */ - -int -kerb_db_init(void) -{ - init = 1; - return (0); -} - -/* - * gracefully shut down database--must be called by ANY program that does - * a kerb_db_init - */ - -void -kerb_db_fini(void) -{ -} - -/* - * Set the "name" of the current database to some alternate value. - * - * Passing a null pointer as "name" will set back to the default. - * If the alternate database doesn't exist, nothing is changed. - */ - -int -kerb_db_set_name(char *name) -{ - DBM *db; - - if (name == NULL) - name = default_db_name; - db = dbm_open(name, 0, 0); - if (db == NULL) - return errno; - dbm_close(db); - kerb_dbl_fini(); - current_db_name = name; - return 0; -} - -/* - * Return the last modification time of the database. - */ - -time_t -kerb_get_db_age(void) -{ - struct stat st; - char *okname; - time_t age; - - okname = gen_dbsuffix(current_db_name, ".ok"); - - if (stat (okname, &st) < 0) - age = 0; - else - age = st.st_mtime; - - free (okname); - return age; -} - -/* - * Remove the semaphore file; indicates that database is currently - * under renovation. - * - * This is only for use when moving the database out from underneath - * the server (for example, during slave updates). - */ - -static time_t -kerb_start_update(char *db_name) -{ - char *okname = gen_dbsuffix(db_name, ".ok"); - time_t age = kerb_get_db_age(); - - if (unlink(okname) < 0 - && errno != ENOENT) { - age = -1; - } - free (okname); - return age; -} - -static int -kerb_end_update(char *db_name, time_t age) -{ - int fd; - int retval = 0; - char *new_okname = gen_dbsuffix(db_name, ".ok#"); - char *okname = gen_dbsuffix(db_name, ".ok"); - - fd = open (new_okname, O_CREAT|O_RDWR|O_TRUNC, 0600); - if (fd < 0) - retval = errno; - else { - struct stat st; - struct utimbuf tv; - /* make sure that semaphore is "after" previous value. */ - if (fstat (fd, &st) == 0 - && st.st_mtime <= age) { - tv.actime = st.st_atime; - tv.modtime = age; - /* set times.. */ - utime (new_okname, &tv); - fsync(fd); - } - close(fd); - if (rename (new_okname, okname) < 0) - retval = errno; - } - - free (new_okname); - free (okname); - - return retval; -} - -static time_t -kerb_start_read(void) -{ - return kerb_get_db_age(); -} - -static int -kerb_end_read(time_t age) -{ - if (kerb_get_db_age() != age || age == -1) { - return -1; - } - return 0; -} - -/* - * Create the database, assuming it's not there. - */ -int -kerb_db_create(char *db_name) -{ - char *okname = gen_dbsuffix(db_name, ".ok"); - int fd; - int ret = 0; -#ifdef NDBM - DBM *db; - - db = dbm_open(db_name, O_RDWR|O_CREAT|O_EXCL, 0600); - if (db == NULL) - ret = errno; - else - dbm_close(db); -#else - char *dirname = gen_dbsuffix(db_name, ".dir"); - char *pagname = gen_dbsuffix(db_name, ".pag"); - - fd = open(dirname, O_RDWR|O_CREAT|O_EXCL, 0600); - if (fd < 0) - ret = errno; - else { - close(fd); - fd = open (pagname, O_RDWR|O_CREAT|O_EXCL, 0600); - if (fd < 0) - ret = errno; - else - close(fd); - } - if (dbminit(db_name) < 0) - ret = errno; -#endif - if (ret == 0) { - fd = open (okname, O_CREAT|O_RDWR|O_TRUNC, 0600); - if (fd < 0) - ret = errno; - close(fd); - } - return ret; -} - -/* - * "Atomically" rename the database in a way that locks out read - * access in the middle of the rename. - * - * Not perfect; if we crash in the middle of an update, we don't - * necessarily know to complete the transaction the rename, but... - */ - -int -kerb_db_rename(char *from, char *to) -{ -#ifdef HAVE_NEW_DB - char *fromdb = gen_dbsuffix (from, ".db"); - char *todb = gen_dbsuffix (to, ".db"); -#else - char *fromdir = gen_dbsuffix (from, ".dir"); - char *todir = gen_dbsuffix (to, ".dir"); - char *frompag = gen_dbsuffix (from , ".pag"); - char *topag = gen_dbsuffix (to, ".pag"); -#endif - char *fromok = gen_dbsuffix(from, ".ok"); - long trans = kerb_start_update(to); - int ok = 0; - -#ifdef HAVE_NEW_DB - if (rename (fromdb, todb) == 0) { - unlink (fromok); - ok = 1; - } - free (fromdb); - free (todb); -#else - if ((rename (fromdir, todir) == 0) - && (rename (frompag, topag) == 0)) { - unlink (fromok); - ok = 1; - } - free (fromdir); - free (todir); - free (frompag); - free (topag); -#endif - free (fromok); - if (ok) - return kerb_end_update(to, trans); - else - return -1; -} - -int -kerb_db_delete_principal (char *name, char *inst) -{ - DBM *db; - int try; - int done = 0; - int code; - datum key; - - if(!init) - kerb_db_init(); - - for(try = 0; try < KERB_DB_MAX_RETRY; try++){ - if((code = kerb_dbl_lock(KERB_DBL_EXCLUSIVE)) != 0) - return -1; - - db = dbm_open(current_db_name, O_RDWR, 0600); - if(db == NULL) - return -1; - encode_princ_key(&key, name, inst); - if(dbm_delete(db, key) == 0) - done = 1; - - dbm_close(db); - kerb_dbl_unlock(); - if(done) - break; - if(!non_blocking) - sleep(1); - } - if(!done) - return -1; - return 0; -} - - -/* - * look up a principal in the data base returns number of principals - * found , and whether there were more than requested. - */ - -int -kerb_db_get_principal (char *name, char *inst, Principal *principal, - unsigned int max, int *more) -{ - int found = 0, code; - int wildp, wildi; - datum key, contents; - char testname[ANAME_SZ], testinst[INST_SZ]; - u_long trans; - int try; - DBM *db; - - if (!init) - kerb_db_init(); /* initialize database routines */ - - for (try = 0; try < KERB_DB_MAX_RETRY; try++) { - trans = kerb_start_read(); - - if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0) - return -1; - - db = dbm_open(current_db_name, O_RDONLY, 0600); - if (db == NULL) - return -1; - - *more = 0; - -#ifdef DEBUG - if (kerb_debug & 2) - fprintf(stderr, - "%s: db_get_principal for %s %s max = %d", - progname, name, inst, max); -#endif - - wildp = !strcmp(name, "*"); - wildi = !strcmp(inst, "*"); - - if (!wildi && !wildp) { /* nothing's wild */ - encode_princ_key(&key, name, inst); - contents = dbm_fetch(db, key); - if (contents.dptr == NULL) { - found = 0; - goto done; - } - decode_princ_contents(&contents, principal); -#ifdef DEBUG - if (kerb_debug & 1) { - fprintf(stderr, "\t found %s %s p_n length %d t_n length %d\n", - principal->name, principal->instance, - strlen(principal->name), - strlen(principal->instance)); - } -#endif - found = 1; - goto done; - } - /* process wild cards by looping through entire database */ - - for (key = dbm_firstkey(db); key.dptr != NULL; - key = dbm_next(db, key)) { - decode_princ_key(&key, testname, testinst); - if ((wildp || !strcmp(testname, name)) && - (wildi || !strcmp(testinst, inst))) { /* have a match */ - if (found >= max) { - *more = 1; - goto done; - } else { - found++; - contents = dbm_fetch(db, key); - decode_princ_contents(&contents, principal); -#ifdef DEBUG - if (kerb_debug & 1) { - fprintf(stderr, - "\tfound %s %s p_n length %d t_n length %d\n", - principal->name, principal->instance, - strlen(principal->name), - strlen(principal->instance)); - } -#endif - principal++; /* point to next */ - } - } - } - - done: - kerb_dbl_unlock(); /* unlock read lock */ - dbm_close(db); - if (kerb_end_read(trans) == 0) - break; - found = -1; - if (!non_blocking) - sleep(1); - } - return (found); -} - -/* Use long * rather than DBM * so that the database structure is private */ - -long * -kerb_db_begin_update(void) -{ - int code; - - gettimeofday(×tamp, NULL); - - if (!init) - kerb_db_init(); - - if ((code = kerb_dbl_lock(KERB_DBL_EXCLUSIVE)) != 0) - return 0; - - return (long *) dbm_open(current_db_name, O_RDWR, 0600); -} - -void -kerb_db_end_update(long *db) -{ - dbm_close((DBM *)db); - kerb_dbl_unlock(); /* unlock database */ -} - -int -kerb_db_update(long *db, Principal *principal, unsigned int max) -{ - int found = 0; - u_long i; - datum key, contents; - -#ifdef DEBUG - if (kerb_debug & 2) - fprintf(stderr, "%s: kerb_db_put_principal max = %d", - progname, max); -#endif - - /* for each one, stuff temps, and do replace/append */ - for (i = 0; i < max; i++) { - encode_princ_contents(&contents, principal); - encode_princ_key(&key, principal->name, principal->instance); - if(dbm_store((DBM *)db, key, contents, DBM_REPLACE) < 0) - return found; /* XXX some better mechanism to report - failure should exist */ -#ifdef DEBUG - if (kerb_debug & 1) { - fprintf(stderr, "\n put %s %s\n", - principal->name, principal->instance); - } -#endif - found++; - principal++; /* bump to next struct */ - } - return found; -} - -/* - * Update a name in the data base. Returns number of names - * successfully updated. - */ - -int -kerb_db_put_principal(Principal *principal, - unsigned max) - -{ - int found; - long *db; - - db = kerb_db_begin_update(); - if (db == 0) - return -1; - - found = kerb_db_update(db, principal, max); - - kerb_db_end_update(db); - return (found); -} - -void -kerb_db_get_stat(DB_stat *s) -{ - gettimeofday(×tamp, NULL); - - s->cpu = 0; - s->elapsed = 0; - s->dio = 0; - s->pfault = 0; - s->t_stamp = timestamp.tv_sec; - s->n_retrieve = 0; - s->n_replace = 0; - s->n_append = 0; - s->n_get_stat = 0; - s->n_put_stat = 0; - /* update local copy too */ -} - -void -kerb_db_put_stat(DB_stat *s) -{ -} - -void -delta_stat(DB_stat *a, DB_stat *b, DB_stat *c) -{ - /* c = a - b then b = a for the next time */ - - c->cpu = a->cpu - b->cpu; - c->elapsed = a->elapsed - b->elapsed; - c->dio = a->dio - b->dio; - c->pfault = a->pfault - b->pfault; - c->t_stamp = a->t_stamp - b->t_stamp; - c->n_retrieve = a->n_retrieve - b->n_retrieve; - c->n_replace = a->n_replace - b->n_replace; - c->n_append = a->n_append - b->n_append; - c->n_get_stat = a->n_get_stat - b->n_get_stat; - c->n_put_stat = a->n_put_stat - b->n_put_stat; - - memcpy(b, a, sizeof(DB_stat)); -} - -/* - * look up a dba in the data base returns number of dbas found , and - * whether there were more than requested. - */ - -int -kerb_db_get_dba(char *dba_name, /* could have wild card */ - char *dba_inst, /* could have wild card */ - Dba *dba, - unsigned max, /* max number of name structs to return */ - int *more) /* where there more than 'max' tuples? */ -{ - *more = 0; - return (0); -} - -int -kerb_db_iterate (k_iter_proc_t func, void *arg) -{ - datum key, contents; - Principal *principal; - int code; - DBM *db; - - kerb_db_init(); /* initialize and open the database */ - if ((code = kerb_dbl_lock(KERB_DBL_SHARED)) != 0) - return code; - - db = dbm_open(current_db_name, O_RDONLY, 0600); - if (db == NULL) - return errno; - - for (key = dbm_firstkey (db); key.dptr != NULL; key = dbm_next(db, key)) { - contents = dbm_fetch (db, key); - /* XXX may not be properly aligned */ - principal = (Principal *) contents.dptr; - if ((code = (*func)(arg, principal)) != 0) - return code; - } - dbm_close(db); - kerb_dbl_unlock(); - return 0; -} diff --git a/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c b/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c deleted file mode 100644 index af941dcee488..000000000000 --- a/crypto/kerberosIV/lib/kdb/krb_kdb_utils.c +++ /dev/null @@ -1,267 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * Utility routines for Kerberos programs which directly access - * the database. This code was duplicated in too many places - * before I gathered it here. - * - * Jon Rochlis, MIT Telecom, March 1988 - */ - -#include "kdb_locl.h" - -#include - -RCSID("$Id: krb_kdb_utils.c,v 1.25 1999/03/13 21:24:21 assar Exp $"); - -/* always try /.k for backwards compatibility */ -static char *master_key_files[] = { MKEYFILE, "/.k", NULL }; - -#ifdef HAVE_STRERROR -#define k_strerror(e) strerror(e) -#else -static -char * -k_strerror(int eno) -{ - extern int sys_nerr; - extern char *sys_errlist[]; - - static char emsg[128]; - - if (eno < 0 || eno >= sys_nerr) - snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno); - else - return sys_errlist[eno]; - - return emsg; -} -#endif - -int -kdb_new_get_master_key(des_cblock *key, des_key_schedule schedule) -{ - int kfile = -1; - int i; - char buf[1024]; - - char **mkey; - - for(mkey = master_key_files; *mkey; mkey++){ - kfile = open(*mkey, O_RDONLY); - if(kfile < 0 && errno != ENOENT) - fprintf(stderr, "Failed to open master key file \"%s\": %s\n", - *mkey, - k_strerror(errno)); - if(kfile >= 0) - break; - } - if(*mkey){ - int bytes; - bytes = read(kfile, (char*)key, sizeof(des_cblock)); - close(kfile); - if(bytes == sizeof(des_cblock)){ - des_key_sched(key, schedule); - return 0; - } - fprintf(stderr, "Could only read %d bytes from master key file %s\n", - bytes, *mkey); - }else{ - fprintf(stderr, "No master key file found.\n"); - } - - - i=0; - while(i < 3){ - if(des_read_pw_string(buf, sizeof(buf), "Enter master password: ", 0)) - break; - - /* buffer now contains either an old format master key password or a - * new format base64 encoded master key - */ - - /* try to verify as old password */ - des_string_to_key(buf, key); - des_key_sched(key, schedule); - - if(kdb_verify_master_key(key, schedule, NULL) != -1){ - memset(buf, 0, sizeof(buf)); - return 0; - } - - /* failed test, so must be base64 encoded */ - - if(base64_decode(buf, key) == 8){ - des_key_sched(key, schedule); - if(kdb_verify_master_key(key, schedule, NULL) != -1){ - memset(buf, 0, sizeof(buf)); - return 0; - } - } - - memset(buf, 0, sizeof(buf)); - fprintf(stderr, "Failed to verify master key.\n"); - i++; - } - - /* life sucks */ - fprintf(stderr, "You loose.\n"); - exit(1); -} - -int -kdb_new_get_new_master_key(des_cblock *key, - des_key_schedule schedule, - int verify) -{ -#ifndef RANDOM_MKEY - des_read_password(key, "\nEnter Kerberos master password: ", verify); - printf ("\n"); -#else - char buf[1024]; - des_generate_random_block (key); - des_key_sched(key, schedule); - - des_read_pw_string(buf, sizeof(buf), "Enter master key seed: ", 0); - des_cbc_cksum((des_cblock*)buf, key, sizeof(buf), schedule, key); - memset(buf, 0, sizeof(buf)); -#endif - des_key_sched(key, schedule); - return 0; -} - -int -kdb_get_master_key(int prompt, - des_cblock *master_key, - des_key_schedule master_key_sched) -{ - int ask = (prompt == KDB_GET_TWICE); -#ifndef RANDOM_MKEY - ask |= (prompt == KDB_GET_PROMPT); -#endif - - if(ask) - kdb_new_get_new_master_key(master_key, master_key_sched, - prompt == KDB_GET_TWICE); - else - kdb_new_get_master_key(master_key, master_key_sched); - return 0; -} - -int -kdb_kstash(des_cblock *master_key, char *file) -{ - int kfile; - - kfile = open(file, O_TRUNC | O_RDWR | O_CREAT, 0600); - if (kfile < 0) { - return -1; - } - if (write(kfile, master_key, sizeof(des_cblock)) != sizeof(des_cblock)) { - close(kfile); - return -1; - } - close(kfile); - return 0; -} - -/* The old algorithm used the key schedule as the initial vector which - was byte order depedent ... */ - -void -kdb_encrypt_key (des_cblock (*in), des_cblock (*out), - des_cblock (*master_key), - des_key_schedule master_key_sched, int e_d_flag) -{ - -#ifdef NOENCRYPTION - memcpy(out, in, sizeof(des_cblock)); -#else - des_pcbc_encrypt(in,out,(long)sizeof(des_cblock),master_key_sched,master_key, - e_d_flag); -#endif -} - -/* The caller is reasponsible for cleaning up the master key and sched, - even if we can't verify the master key */ - -/* Returns master key version if successful, otherwise -1 */ - -long -kdb_verify_master_key (des_cblock *master_key, - des_key_schedule master_key_sched, - FILE *out) /* NULL -> no output */ -{ - des_cblock key_from_db; - Principal principal_data[1]; - int n, more = 0; - long master_key_version; - - /* lookup the master key version */ - n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data, - 1 /* only one please */, &more); - if ((n != 1) || more) { - if (out != NULL) - fprintf(out, - "verify_master_key: %s, %d found.\n", - "Kerberos error on master key version lookup", - n); - return (-1); - } - - master_key_version = (long) principal_data[0].key_version; - - /* set up the master key */ - if (out != NULL) /* should we punt this? */ - fprintf(out, "Current Kerberos master key version is %d.\n", - principal_data[0].kdc_key_ver); - - /* - * now use the master key to decrypt the key in the db, had better - * be the same! - */ - copy_to_key(&principal_data[0].key_low, - &principal_data[0].key_high, - key_from_db); - kdb_encrypt_key (&key_from_db, &key_from_db, - master_key, master_key_sched, DES_DECRYPT); - - /* the decrypted database key had better equal the master key */ - n = memcmp(master_key, key_from_db, sizeof(master_key)); - /* this used to zero the master key here! */ - memset(key_from_db, 0, sizeof(key_from_db)); - memset(principal_data, 0, sizeof (principal_data)); - - if (n && (out != NULL)) { - fprintf(out, "\n\07\07verify_master_key: Invalid master key; "); - fprintf(out, "does not match database.\n"); - } - if(n) - return (-1); - - if (out != (FILE *) NULL) { - fprintf(out, "\nMaster key entered. BEWARE!\07\07\n"); - fflush(out); - } - - return (master_key_version); -} diff --git a/crypto/kerberosIV/lib/kdb/krb_lib.c b/crypto/kerberosIV/lib/kdb/krb_lib.c deleted file mode 100644 index 59949f971ff9..000000000000 --- a/crypto/kerberosIV/lib/kdb/krb_lib.c +++ /dev/null @@ -1,252 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "kdb_locl.h" - -RCSID("$Id: krb_lib.c,v 1.13 1998/11/22 09:41:43 assar Exp $"); - -#ifdef DEBUG -extern int debug; -extern char *progname; -long kerb_debug; -#endif - -static int init = 0; - -/* - * initialization routine for data base - */ - -int -kerb_init(void) -{ -#ifdef DEBUG - if (!init) { - char *dbg = getenv("KERB_DBG"); - if (dbg) - sscanf(dbg, "%d", &kerb_debug); - init = 1; - } -#endif - kerb_db_init(); - -#ifdef CACHE - kerb_cache_init(); -#endif - - /* successful init, return 0, else errcode */ - return (0); -} - -/* - * finalization routine for database -- NOTE: MUST be called by any - * program using kerb_init. ALSO will have to be modified to finalize - * caches, if they're ever really implemented. - */ - -void -kerb_fini(void) -{ - kerb_db_fini(); -} - - -int -kerb_delete_principal(char *name, char *inst) -{ - int ret; - - if (!init) - kerb_init(); - - ret = kerb_db_delete_principal(name, inst); -#ifdef CACHE - if(ret == 0){ - kerb_cache_delete_principal(name, inst); - } -#endif - return ret; -} - - -/* - * look up a principal in the cache or data base returns number of - * principals found - */ - -int -kerb_get_principal(char *name, /* could have wild card */ - char *inst, /* could have wild card */ - Principal *principal, - unsigned int max, /* max number of name structs to return */ - int *more) /* more tuples than room for */ -{ - int found = 0; -#ifdef CACHE - static int wild = 0; -#endif - if (!init) - kerb_init(); - -#ifdef DEBUG - if (kerb_debug & 1) - fprintf(stderr, "\n%s: kerb_get_principal for %s %s max = %d\n", - progname, name, inst, max); -#endif - - /* - * if this is a request including a wild card, have to go to db - * since the cache may not be exhaustive. - */ - - /* clear the principal area */ - memset(principal, 0, max * sizeof(Principal)); - -#ifdef CACHE - /* - * so check to see if the name contains a wildcard "*" or "?", not - * preceeded by a backslash. - */ - wild = 0; - if (index(name, '*') || index(name, '?') || - index(inst, '*') || index(inst, '?')) - wild = 1; - - if (!wild) { - /* try the cache first */ - found = kerb_cache_get_principal(name, inst, principal, max, more); - if (found) - return (found); - } -#endif - /* If we didn't try cache, or it wasn't there, try db */ - found = kerb_db_get_principal(name, inst, principal, max, more); - /* try to insert principal(s) into cache if it was found */ -#ifdef CACHE - if (found > 0) { - kerb_cache_put_principal(principal, found); - } -#endif - return (found); -} - -/* principals */ -int -kerb_put_principal(Principal *principal, - unsigned int n) - /* number of principal structs to write */ -{ - /* set mod date */ - principal->mod_date = time((time_t *)0); - /* and mod date string */ - - strftime(principal->mod_date_txt, - sizeof(principal->mod_date_txt), - "%Y-%m-%d", k_localtime(&principal->mod_date)); - strftime(principal->exp_date_txt, - sizeof(principal->exp_date_txt), - "%Y-%m-%d", k_localtime(&principal->exp_date)); -#ifdef DEBUG - if (kerb_debug & 1) { - int i; - fprintf(stderr, "\nkerb_put_principal..."); - for (i = 0; i < n; i++) { - krb_print_principal(&principal[i]); - } - } -#endif - /* write database */ - if (kerb_db_put_principal(principal, n) < 0) { -#ifdef DEBUG - if (kerb_debug & 1) - fprintf(stderr, "\n%s: kerb_db_put_principal err", progname); - /* watch out for cache */ -#endif - return -1; - } -#ifdef CACHE - /* write cache */ - if (!kerb_cache_put_principal(principal, n)) { -#ifdef DEBUG - if (kerb_debug & 1) - fprintf(stderr, "\n%s: kerb_cache_put_principal err", progname); -#endif - return -1; - } -#endif - return 0; -} - -int -kerb_get_dba(char *name, /* could have wild card */ - char *inst, /* could have wild card */ - Dba *dba, - unsigned int max, /* max number of name structs to return */ - int *more) /* more tuples than room for */ -{ - int found = 0; -#ifdef CACHE - static int wild = 0; -#endif - if (!init) - kerb_init(); - -#ifdef DEBUG - if (kerb_debug & 1) - fprintf(stderr, "\n%s: kerb_get_dba for %s %s max = %d\n", - progname, name, inst, max); -#endif - /* - * if this is a request including a wild card, have to go to db - * since the cache may not be exhaustive. - */ - - /* clear the dba area */ - memset(dba, 0, max * sizeof(Dba)); - -#ifdef CACHE - /* - * so check to see if the name contains a wildcard "*" or "?", not - * preceeded by a backslash. - */ - - wild = 0; - if (index(name, '*') || index(name, '?') || - index(inst, '*') || index(inst, '?')) - wild = 1; - - if (!wild) { - /* try the cache first */ - found = kerb_cache_get_dba(name, inst, dba, max, more); - if (found) - return (found); - } -#endif - /* If we didn't try cache, or it wasn't there, try db */ - found = kerb_db_get_dba(name, inst, dba, max, more); -#ifdef CACHE - /* try to insert dba(s) into cache if it was found */ - if (found) { - kerb_cache_put_dba(dba, found); - } -#endif - return (found); -} diff --git a/crypto/kerberosIV/lib/kdb/print_princ.c b/crypto/kerberosIV/lib/kdb/print_princ.c deleted file mode 100644 index 786c5a93a218..000000000000 --- a/crypto/kerberosIV/lib/kdb/print_princ.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "kdb_locl.h" - -RCSID("$Id: print_princ.c,v 1.5 1997/05/07 01:37:13 assar Exp $"); - -void -krb_print_principal(Principal *a_n) -{ - struct tm *time_p; - - /* run-time database does not contain string versions */ - time_p = k_localtime(&(a_n->exp_date)); - - fprintf(stderr, - "\n%s %s expires %4d-%2d-%2d %2d:%2d, max_life %d*5 = %d min attr 0x%02x", - a_n->name, a_n->instance, - time_p->tm_year + 1900, - time_p->tm_mon + 1, time_p->tm_mday, - time_p->tm_hour, time_p->tm_min, - a_n->max_life, 5 * a_n->max_life, a_n->attributes); - - fprintf(stderr, - "\n\tkey_ver %d k_low 0x%08lx k_high 0x%08lx akv %d exists %ld\n", - a_n->key_version, (long)a_n->key_low, (long)a_n->key_high, - a_n->kdc_key_ver, (long)a_n->old); - - fflush(stderr); -} diff --git a/crypto/kerberosIV/lib/krb/Makefile.in b/crypto/kerberosIV/lib/krb/Makefile.in deleted file mode 100644 index 2196db2d2c75..000000000000 --- a/crypto/kerberosIV/lib/krb/Makefile.in +++ /dev/null @@ -1,373 +0,0 @@ -# -# $Id: Makefile.in,v 1.113.2.2 2000/12/07 16:44:12 assar Exp $ -# -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -CP = cp -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -EXECSUFFIX=@EXECSUFFIX@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs -top_builddir = ../.. - -COMPILE_ET = ../com_err/compile_et - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ - -includedir = @includedir@ - -incdir = $(includedir) -inc_DATA = krb_err.h -idir = $(top_builddir)/include - -PICFLAGS = @PICFLAGS@ - -# Under SunOS-5.x it is necessary to link with -ldes to be binary compatible. - -LIBDES=`test -r /usr/lib/libkrb.so.1 && echo "@LD_FLAGS@ -L../des -ldes"; true` - -LIB_DEPS = @lib_deps_yes@ `echo @LIB_res_search@ @LIB_dn_expand@ | sort | uniq` $(LIBDES) -lc -build_symlink_command = @build_symlink_command@ -install_symlink_command = @install_symlink_command@ - -PROGS = sizetest$(EXECSUFFIX) -LIBNAME = $(LIBPREFIX)krb -LIBEXT = @LIBEXT@ -SHLIBEXT = @SHLIBEXT@ -LIBPREFIX = @LIBPREFIX@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) - -SOURCES = \ - check_time.c \ - cr_err_reply.c \ - create_auth_reply.c \ - create_ciph.c \ - create_death_packet.c \ - create_ticket.c \ - debug_decl.c \ - decomp_ticket.c \ - defaults.c \ - dest_tkt.c \ - encrypt_ktext.c \ - extra.c \ - get_ad_tkt.c \ - getfile.c \ - get_cred.c \ - get_default_principal.c \ - get_host.c \ - get_in_tkt.c \ - get_krbrlm.c \ - get_svc_in_tkt.c \ - get_tf_fullname.c \ - get_tf_realm.c \ - getaddrs.c \ - getrealm.c \ - getst.c \ - k_getport.c \ - k_getsockinst.c \ - k_localtime.c \ - kdc_reply.c \ - kntoln.c \ - krb_check_auth.c \ - krb_equiv.c \ - krb_err.c \ - krb_err_txt.c \ - krb_get_in_tkt.c \ - kuserok.c \ - lifetime.c \ - logging.c \ - lsb_addr_comp.c \ - mk_auth.c \ - mk_err.c \ - mk_priv.c \ - mk_req.c \ - mk_safe.c \ - month_sname.c \ - name2name.c \ - krb_net_read.c \ - krb_net_write.c \ - one.c \ - parse_name.c \ - rd_err.c \ - rd_priv.c \ - rd_req.c \ - rd_safe.c \ - read_service_key.c \ - realm_parse.c \ - recvauth.c \ - rw.c \ - save_credentials.c \ - send_to_kdc.c \ - sendauth.c \ - solaris_compat.c \ - stime.c \ - str2key.c \ - tf_util.c \ - time.c \ - tkt_string.c \ - unparse_name.c \ - verify_user.c \ - krb_ip_realm.c - -# these files reside in ../roken or ../com_err/ -EXTRA_SOURCE = \ - base64.c \ - concat.c \ - flock.c \ - gethostname.c \ - gettimeofday.c \ - getuid.c \ - resolve.c \ - snprintf.c \ - strcasecmp.c \ - strlcat.c \ - strlcpy.c \ - strdup.c \ - strncasecmp.c \ - strnlen.c \ - strtok_r.c \ - swab.c - -SHLIB_EXTRA_SOURCE = \ - com_err.c \ - error.c - -OBJECTS = \ - check_time.o \ - cr_err_reply.o \ - create_auth_reply.o \ - create_ciph.o \ - create_death_packet.o \ - create_ticket.o \ - debug_decl.o \ - decomp_ticket.o \ - defaults.o \ - dest_tkt.o \ - encrypt_ktext.o \ - extra.o \ - get_ad_tkt.o \ - getfile.o \ - get_cred.o \ - get_default_principal.o \ - get_host.o \ - get_in_tkt.o \ - get_krbrlm.o \ - get_svc_in_tkt.o \ - get_tf_fullname.o \ - get_tf_realm.o \ - getaddrs.o \ - getrealm.o \ - getst.o \ - k_getport.o \ - k_getsockinst.o \ - k_localtime.o \ - kdc_reply.o \ - kntoln.o \ - krb_check_auth.o \ - krb_equiv.o \ - krb_err.o \ - krb_err_txt.o \ - krb_get_in_tkt.o \ - kuserok.o \ - lifetime.o \ - logging.o \ - lsb_addr_comp.o \ - mk_auth.o \ - mk_err.o \ - mk_priv.o \ - mk_req.o \ - mk_safe.o \ - month_sname.o \ - name2name.o \ - krb_net_read.o \ - krb_net_write.o \ - one.o \ - parse_name.o \ - rd_err.o \ - rd_priv.o \ - rd_req.o \ - rd_safe.o \ - read_service_key.o \ - realm_parse.o \ - recvauth.o \ - rw.o \ - save_credentials.o \ - send_to_kdc.o \ - sendauth.o \ - solaris_compat.o \ - stime.o \ - str2key.o \ - tf_util.o \ - time.o \ - tkt_string.o \ - unparse_name.o \ - verify_user.o \ - krb_ip_realm.o \ - $(LIBADD) - -LIBADD = \ - base64.o \ - concat.o \ - flock.o \ - gethostname.o \ - gettimeofday.o \ - getuid.o \ - net_read.o \ - net_write.o \ - resolve.o \ - snprintf.o \ - strcasecmp.o \ - strlcat.o \ - strlcpy.o \ - strdup.o \ - strncasecmp.o \ - strnlen.o \ - strtok_r.o \ - swab.o - -SHLIB_LIBADD = \ - com_err.o \ - error.o - -all: $(LIB) $(PROGS) all-local - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I. -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - $(INSTALL_DATA) $(LIB) $(DESTDIR)$(libdir)/$(LIB) - @install_symlink_command@ - $(MKINSTALLDIRS) $(DESTDIR)$(includedir) - @for i in $(inc_DATA); do \ - echo " $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i";\ - $(INSTALL_DATA) $$i $(DESTDIR)$(incdir)/$$i; done - -uninstall: - rm -f $(DESTDIR)$(libdir)/$(LIB) - @for i in $(inc_DATA); do \ - echo " rm -f $(DESTDIR)$(incdir)/$$i";\ - rm -f $(DESTDIR)$(incdir)/$$i; done - -TAGS: $(SOURCES) - etags $(SOURCES) - -sizetest.o: sizetest.c - $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $< - -sizetest$(EXECSUFFIX): sizetest.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ sizetest.o - -check: sizetest$(EXECSUFFIX) - ./sizetest$(EXECSUFFIX) - -clean: - rm -f $(LIB) *.o *.a *.so *.so.* so_locations \ - krb_err.c krb_err.h $(PROGS) $(EXTRA_SOURCE) $(SHLIB_EXTRA_SOURCE) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -$(LIBNAME)_pic.a: $(OBJECTS) $(SHLIB_LIBADD) - rm -f $@ - $(AR) cr $@ $(OBJECTS) $(SHLIB_LIBADD) - -$(RANLIB) $@ - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) $(SHLIB_LIBADD) $(LIBNAME)_pic.a - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) $(SHLIB_LIBADD) $(LIB_DEPS) - @build_symlink_command@ - -krb_err.c krb_err.h: krb_err.et - $(COMPILE_ET) $(srcdir)/krb_err.et - -# this doesn't work with parallel makes -#$(EXTRA_SOURCE): -# for i in $(EXTRA_SOURCE); do \ -# test -f $$i || $(LN_S) $(srcdir)/../roken/$$i .; \ -# done - -base64.c: - $(LN_S) $(srcdir)/../roken/base64.c . -concat.c: - $(LN_S) $(srcdir)/../roken/concat.c . -flock.c: - $(LN_S) $(srcdir)/../roken/flock.c . -gethostname.c: - $(LN_S) $(srcdir)/../roken/gethostname.c . -gettimeofday.c: - $(LN_S) $(srcdir)/../roken/gettimeofday.c . -getuid.c: - $(LN_S) $(srcdir)/../roken/getuid.c . -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . -strcasecmp.c: - $(LN_S) $(srcdir)/../roken/strcasecmp.c . -strlcat.c: - $(LN_S) $(srcdir)/../roken/strlcat.c . -strlcpy.c: - $(LN_S) $(srcdir)/../roken/strlcpy.c . -strncasecmp.c: - $(LN_S) $(srcdir)/../roken/strncasecmp.c . -strnlen.c: - $(LN_S) $(srcdir)/../roken/strnlen.c . -strdup.c: - $(LN_S) $(srcdir)/../roken/strdup.c . -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . -swab.c: - $(LN_S) $(srcdir)/../roken/swab.c . -resolve.c: - $(LN_S) $(srcdir)/../roken/resolve.c . -net_read.c: - $(LN_S) $(srcdir)/../roken/net_read.c . -net_write.c: - $(LN_S) $(srcdir)/../roken/net_write.c . -com_err.c: - $(LN_S) $(srcdir)/../com_err/com_err.c . -error.c: - $(LN_S) $(srcdir)/../com_err/error.c . - - -$(OBJECTS): ../../include/config.h -$(OBJECTS): krb_locl.h krb.h -rw.o: ../../include/version.h - -all-local: $(inc_DATA) - @for i in $(inc_DATA); do \ - if cmp -s $$i $(idir)/$$i 2> /dev/null ; then :; else\ - echo " $(CP) $$i $(idir)/$$i"; \ - $(CP) $$i $(idir)/$$i; \ - fi ; \ - done - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean all-local diff --git a/crypto/kerberosIV/lib/krb/check_time.c b/crypto/kerberosIV/lib/krb/check_time.c deleted file mode 100644 index be028fae1b54..000000000000 --- a/crypto/kerberosIV/lib/krb/check_time.c +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: check_time.c,v 1.5 1999/12/02 16:58:40 joda Exp $"); - -int -krb_check_tm (struct tm tm) -{ - return tm.tm_mon < 0 - || tm.tm_mon > 11 - || tm.tm_hour < 0 - || tm.tm_hour > 23 - || tm.tm_min < 0 - || tm.tm_min > 59 - || tm.tm_sec < 0 - || tm.tm_sec > 59 - || tm.tm_year < 1901 - || tm.tm_year > 2038; -} diff --git a/crypto/kerberosIV/lib/krb/cr_err_reply.c b/crypto/kerberosIV/lib/krb/cr_err_reply.c deleted file mode 100644 index 33085291c26e..000000000000 --- a/crypto/kerberosIV/lib/krb/cr_err_reply.c +++ /dev/null @@ -1,122 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: cr_err_reply.c,v 1.11 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine is used by the Kerberos authentication server to - * create an error reply packet to send back to its client. - * - * It takes a pointer to the packet to be built, the name, instance, - * and realm of the principal, the client's timestamp, an error code - * and an error string as arguments. Its return value is undefined. - * - * The packet is built in the following format: - * - * type variable data - * or constant - * ---- ----------- ---- - * - * unsigned char req_ack_vno protocol version number - * - * unsigned char AUTH_MSG_ERR_REPLY protocol message type - * - * [least significant HOST_BYTE_ORDER sender's (server's) byte - * bit of above field] order - * - * string pname principal's name - * - * string pinst principal's instance - * - * string prealm principal's realm - * - * unsigned long time_ws client's timestamp - * - * unsigned long e error code - * - * string e_string error text - */ - -int -cr_err_reply(KTEXT pkt, char *pname, char *pinst, char *prealm, - u_int32_t time_ws, u_int32_t e, char *e_string) -{ - unsigned char *p = pkt->dat; - int tmp; - size_t rem = sizeof(pkt->dat); - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_ERR_REPLY, p, rem, 1); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - if (pname == NULL) pname = ""; - if (pinst == NULL) pinst = ""; - if (prealm == NULL) prealm = ""; - - tmp = krb_put_nir(pname, pinst, prealm, p, rem); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(time_ws, p, rem, 4); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(e, p, rem, 4); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(e_string, p, rem); - if (tmp < 0) - return -1; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - return 0; -} diff --git a/crypto/kerberosIV/lib/krb/create_auth_reply.c b/crypto/kerberosIV/lib/krb/create_auth_reply.c deleted file mode 100644 index 7f6cf46aae84..000000000000 --- a/crypto/kerberosIV/lib/krb/create_auth_reply.c +++ /dev/null @@ -1,159 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_auth_reply.c,v 1.15 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine is called by the Kerberos authentication server - * to create a reply to an authentication request. The routine - * takes the user's name, instance, and realm, the client's - * timestamp, the number of tickets, the user's key version - * number and the ciphertext containing the tickets themselves. - * It constructs a packet and returns a pointer to it. - * - * Notes: The packet returned by this routine is static. Thus, if you - * intend to keep the result beyond the next call to this routine, you - * must copy it elsewhere. - * - * The packet is built in the following format: - * - * variable - * type or constant data - * ---- ----------- ---- - * - * unsigned char KRB_PROT_VERSION protocol version number - * - * unsigned char AUTH_MSG_KDC_REPLY protocol message type - * - * [least significant HOST_BYTE_ORDER sender's (server's) byte - * bit of above field] order - * - * string pname principal's name - * - * string pinst principal's instance - * - * string prealm principal's realm - * - * unsigned long time_ws client's timestamp - * - * unsigned char n number of tickets - * - * unsigned long x_date expiration date - * - * unsigned char kvno master key version - * - * short w_1 cipher length - * - * --- cipher->dat cipher data - */ - -KTEXT -create_auth_reply(char *pname, /* Principal's name */ - char *pinst, /* Principal's instance */ - char *prealm, /* Principal's authentication domain */ - int32_t time_ws, /* Workstation time */ - int n, /* Number of tickets */ - u_int32_t x_date, /* Principal's expiration date */ - int kvno, /* Principal's key version number */ - KTEXT cipher) /* Cipher text with tickets and session keys */ -{ - static KTEXT_ST pkt_st; - KTEXT pkt = &pkt_st; - - unsigned char *p = pkt->dat; - int tmp; - size_t rem = sizeof(pkt->dat); - - if(n != 0) - return NULL; - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_KDC_REPLY, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(pname, pinst, prealm, p, rem); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(time_ws, p, rem, 4); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(n, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(x_date, p, rem, 4); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(kvno, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(cipher->length, p, rem, 2); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - if (rem < cipher->length) - return NULL; - memcpy(p, cipher->dat, cipher->length); - p += cipher->length; - rem -= cipher->length; - - pkt->length = p - pkt->dat; - - return pkt; -} diff --git a/crypto/kerberosIV/lib/krb/create_ciph.c b/crypto/kerberosIV/lib/krb/create_ciph.c deleted file mode 100644 index f73e8d74baec..000000000000 --- a/crypto/kerberosIV/lib/krb/create_ciph.c +++ /dev/null @@ -1,142 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_ciph.c,v 1.13 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine is used by the authentication server to create - * a packet for its client, containing a ticket for the requested - * service (given in "tkt"), and some information about the ticket, - * - * Returns KSUCCESS no matter what. - * - * The length of the cipher is stored in c->length; the format of - * c->dat is as follows: - * - * variable - * type or constant data - * ---- ----------- ---- - * - * - * 8 bytes session session key for client, service - * - * string service service name - * - * string instance service instance - * - * string realm KDC realm - * - * unsigned char life ticket lifetime - * - * unsigned char kvno service key version number - * - * unsigned char tkt->length length of following ticket - * - * data tkt->dat ticket for service - * - * 4 bytes kdc_time KDC's timestamp - * - * <=7 bytes null null pad to 8 byte multiple - * - */ - -int -create_ciph(KTEXT c, /* Text block to hold ciphertext */ - unsigned char *session, /* Session key to send to user */ - char *service, /* Service name on ticket */ - char *instance, /* Instance name on ticket */ - char *realm, /* Realm of this KDC */ - u_int32_t life, /* Lifetime of the ticket */ - int kvno, /* Key version number for service */ - KTEXT tkt, /* The ticket for the service */ - u_int32_t kdc_time, /* KDC time */ - des_cblock *key) /* Key to encrypt ciphertext with */ - -{ - unsigned char *p = c->dat; - size_t rem = sizeof(c->dat); - int tmp; - - memset(c, 0, sizeof(KTEXT_ST)); - - if (rem < 8) - return KFAILURE; - memcpy(p, session, 8); - p += 8; - rem -= 8; - - tmp = krb_put_nir(service, instance, realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - - tmp = krb_put_int(life, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(kvno, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(tkt->length, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < tkt->length) - return KFAILURE; - memcpy(p, tkt->dat, tkt->length); - p += tkt->length; - rem -= tkt->length; - - tmp = krb_put_int(kdc_time, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* multiple of eight bytes */ - c->length = (p - c->dat + 7) & ~7; - - encrypt_ktext(c, key, DES_ENCRYPT); - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/create_death_packet.c b/crypto/kerberosIV/lib/krb/create_death_packet.c deleted file mode 100644 index 15e026771431..000000000000 --- a/crypto/kerberosIV/lib/krb/create_death_packet.c +++ /dev/null @@ -1,98 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_death_packet.c,v 1.10 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine creates a packet to type AUTH_MSG_DIE which is sent to - * the Kerberos server to make it shut down. It is used only in the - * development environment. - * - * It takes a string "a_name" which is sent in the packet. A pointer - * to the packet is returned. - * - * The format of the killer packet is: - * - * type variable data - * or constant - * ---- ----------- ---- - * - * unsigned char KRB_PROT_VERSION protocol version number - * - * unsigned char AUTH_MSG_DIE message type - * - * [least significant HOST_BYTE_ORDER byte order of sender - * bit of above field] - * - * string a_name presumably, name of - * principal sending killer - * packet - */ - -#ifdef DEBUG -KTEXT -krb_create_death_packet(char *a_name) -{ - static KTEXT_ST pkt_st; - KTEXT pkt = &pkt_st; - - unsigned char *p = pkt->dat; - int tmp; - int rem = sizeof(pkt->dat); - - pkt->length = 0; - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_DIE, p, rem, 1); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(a_name, p, rem); - if (tmp < 0) - return NULL; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - return pkt; -} -#endif /* DEBUG */ diff --git a/crypto/kerberosIV/lib/krb/create_ticket.c b/crypto/kerberosIV/lib/krb/create_ticket.c deleted file mode 100644 index 32cb0a0573fb..000000000000 --- a/crypto/kerberosIV/lib/krb/create_ticket.c +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: create_ticket.c,v 1.14 1999/12/02 16:58:41 joda Exp $"); - -/* - * Create ticket takes as arguments information that should be in a - * ticket, and the KTEXT object in which the ticket should be - * constructed. It then constructs a ticket and returns, leaving the - * newly created ticket in tkt. - * The length of the ticket is a multiple of - * eight bytes and is in tkt->length. - * - * If the ticket is too long, the ticket will contain nulls. - * - * The corresponding routine to extract information from a ticket it - * decomp_ticket. When changes are made to this routine, the - * corresponding changes should also be made to that file. - * - * The packet is built in the following format: - * - * variable - * type or constant data - * ---- ----------- ---- - * - * tkt->length length of ticket (multiple of 8 bytes) - * - * tkt->dat: - * - * unsigned char flags namely, HOST_BYTE_ORDER - * - * string pname client's name - * - * string pinstance client's instance - * - * string prealm client's realm - * - * 4 bytes paddress client's address - * - * 8 bytes session session key - * - * 1 byte life ticket lifetime - * - * 4 bytes time_sec KDC timestamp - * - * string sname service's name - * - * string sinstance service's instance - * - * <=7 bytes null null pad to 8 byte multiple - * - */ - -int -krb_create_ticket(KTEXT tkt, /* Gets filled in by the ticket */ - unsigned char flags, /* Various Kerberos flags */ - char *pname, /* Principal's name */ - char *pinstance, /* Principal's instance */ - char *prealm, /* Principal's authentication domain */ - int32_t paddress, /* Net address of requesting entity */ - void *session, /* Session key inserted in ticket */ - int16_t life, /* Lifetime of the ticket */ - int32_t time_sec, /* Issue time and date */ - char *sname, /* Service Name */ - char *sinstance, /* Instance Name */ - des_cblock *key) /* Service's secret key */ -{ - unsigned char *p = tkt->dat; - int tmp; - size_t rem = sizeof(tkt->dat); - - memset(tkt, 0, sizeof(KTEXT_ST)); - - tmp = krb_put_int(flags, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(pname, pinstance, prealm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_address(paddress, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < 8) - return KFAILURE; - memcpy(p, session, 8); - p += 8; - rem -= 8; - - tmp = krb_put_int(life, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(time_sec, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(sname, sinstance, NULL, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* multiple of eight bytes */ - tkt->length = (p - tkt->dat + 7) & ~7; - - /* Check length of ticket */ - if (tkt->length > (sizeof(KTEXT_ST) - 7)) { - memset(tkt->dat, 0, tkt->length); - tkt->length = 0; - return KFAILURE /* XXX */; - } - - encrypt_ktext(tkt, key, DES_ENCRYPT); - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/debug_decl.c b/crypto/kerberosIV/lib/krb/debug_decl.c deleted file mode 100644 index 5cbab7705cb1..000000000000 --- a/crypto/kerberosIV/lib/krb/debug_decl.c +++ /dev/null @@ -1,44 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: debug_decl.c,v 1.10 1999/06/16 15:10:38 joda Exp $"); - -/* Declare global debugging variables. */ - -int krb_ap_req_debug = 0; -int krb_debug = 0; -int krb_dns_debug = 0; - -int -krb_enable_debug(void) -{ - krb_ap_req_debug = krb_debug = krb_dns_debug = 1; - return 0; -} - -int -krb_disable_debug(void) -{ - krb_ap_req_debug = krb_debug = krb_dns_debug = 0; - return 0; -} diff --git a/crypto/kerberosIV/lib/krb/decomp_ticket.c b/crypto/kerberosIV/lib/krb/decomp_ticket.c deleted file mode 100644 index 12bdf4428fae..000000000000 --- a/crypto/kerberosIV/lib/krb/decomp_ticket.c +++ /dev/null @@ -1,117 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: decomp_ticket.c,v 1.20 1999/12/02 16:58:41 joda Exp $"); - -/* - * This routine takes a ticket and pointers to the variables that - * should be filled in based on the information in the ticket. It - * fills in values for its arguments. - * - * The routine returns KFAILURE if any of the "pname", "pinstance", - * or "prealm" fields is too big, otherwise it returns KSUCCESS. - * - * The corresponding routine to generate tickets is create_ticket. - * When changes are made to this routine, the corresponding changes - * should also be made to that file. - * - * See create_ticket.c for the format of the ticket packet. - */ - -int -decomp_ticket(KTEXT tkt, /* The ticket to be decoded */ - unsigned char *flags, /* Kerberos ticket flags */ - char *pname, /* Authentication name */ - char *pinstance, /* Principal's instance */ - char *prealm, /* Principal's authentication domain */ - u_int32_t *paddress,/* Net address of entity requesting ticket */ - unsigned char *session, /* Session key inserted in ticket */ - int *life, /* Lifetime of the ticket */ - u_int32_t *time_sec, /* Issue time and date */ - char *sname, /* Service name */ - char *sinstance, /* Service instance */ - des_cblock *key, /* Service's secret key (to decrypt the ticket) */ - des_key_schedule schedule) /* The precomputed key schedule */ - -{ - unsigned char *p = tkt->dat; - - int little_endian; - - des_pcbc_encrypt((des_cblock *)tkt->dat, (des_cblock *)tkt->dat, - tkt->length, schedule, key, DES_DECRYPT); - - tkt->mbz = 0; - - *flags = *p++; - - little_endian = *flags & 1; - - if(strlen((char*)p) > ANAME_SZ) - return KFAILURE; - p += krb_get_string(p, pname, ANAME_SZ); - - if(strlen((char*)p) > INST_SZ) - return KFAILURE; - p += krb_get_string(p, pinstance, INST_SZ); - - if(strlen((char*)p) > REALM_SZ) - return KFAILURE; - p += krb_get_string(p, prealm, REALM_SZ); - - if (*prealm == '\0') - krb_get_lrealm (prealm, 1); - - if(tkt->length - (p - tkt->dat) < 8 + 1 + 4) - return KFAILURE; - p += krb_get_address(p, paddress); - - memcpy(session, p, 8); - p += 8; - - *life = *p++; - - p += krb_get_int(p, time_sec, 4, little_endian); - - if(strlen((char*)p) > SNAME_SZ) - return KFAILURE; - p += krb_get_string(p, sname, SNAME_SZ); - - if(strlen((char*)p) > INST_SZ) - return KFAILURE; - p += krb_get_string(p, sinstance, INST_SZ); - - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/defaults.c b/crypto/kerberosIV/lib/krb/defaults.c deleted file mode 100644 index e4fe027f9a04..000000000000 --- a/crypto/kerberosIV/lib/krb/defaults.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: defaults.c,v 1.3 1999/12/02 16:58:41 joda Exp $"); - -const -char * -krb_get_default_tkt_root(void) -{ - const char *t = krb_get_config_string("krb_default_tkt_root"); - if (t) - return t; - else - return "/tmp/tkt"; -} - -const -char * -krb_get_default_keyfile(void) -{ - const char *t = krb_get_config_string("krb_default_keyfile"); - if (t) - return t; - else - return "/etc/srvtab"; -} diff --git a/crypto/kerberosIV/lib/krb/dest_tkt.c b/crypto/kerberosIV/lib/krb/dest_tkt.c deleted file mode 100644 index 4330df262606..000000000000 --- a/crypto/kerberosIV/lib/krb/dest_tkt.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: dest_tkt.c,v 1.11.14.2 2000/10/18 20:26:42 assar Exp $"); - -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -/* - * dest_tkt() is used to destroy the ticket store upon logout. - * If the ticket file does not exist, dest_tkt() returns RET_TKFIL. - * Otherwise the function returns RET_OK on success, KFAILURE on - * failure. - * - * The ticket file (TKT_FILE) is defined in "krb.h". - */ - -int -dest_tkt(void) -{ - const char *filename = TKT_FILE; - int i, fd; - struct stat sb1, sb2; - char buf[BUFSIZ]; - int error = 0; - - if (lstat (filename, &sb1) < 0) { - error = errno; - goto out; - } - - fd = open (filename, O_RDWR | O_BINARY); - if (fd < 0) { - error = errno; - goto out; - } - - if (unlink (filename) < 0) { - error = errno; - close(fd); - goto out; - } - - if (fstat (fd, &sb2) < 0) { - error = errno; - close(fd); - goto out; - } - - if (sb1.st_dev != sb2.st_dev || sb1.st_ino != sb2.st_ino) { - close (fd); - error = EPERM; - goto out; - } - - if (sb2.st_nlink != 0) { - close (fd); - error = EPERM; - goto out; - } - - for (i = 0; i < sb2.st_size; i += sizeof(buf)) { - int ret; - - ret = write(fd, buf, sizeof(buf)); - if (ret != sizeof(buf)) { - if (ret < 0) - error = errno; - else - error = EINVAL; - fsync(fd); - close(fd); - goto out; - } - } - - fsync(fd); - close(fd); - -out: - if (error == ENOENT) - return RET_TKFIL; - else if (error != 0) - return KFAILURE; - else - return(KSUCCESS); -} diff --git a/crypto/kerberosIV/lib/krb/dllmain.c b/crypto/kerberosIV/lib/krb/dllmain.c deleted file mode 100644 index 4e22e9ab5df0..000000000000 --- a/crypto/kerberosIV/lib/krb/dllmain.c +++ /dev/null @@ -1,139 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* dllmain.c - main function to krb4.dll - * Author: J Karlsson - * Date: June 1996 - */ - -#include "krb_locl.h" -#include "ticket_memory.h" -#include - -RCSID("$Id: dllmain.c,v 1.9 1999/12/02 16:58:41 joda Exp $"); - -void -msg(char *text, int error) -{ - char *buf; - - asprintf (&buf, "%s\nAn error of type: %d", text, error); - - MessageBox(GetActiveWindow(), - buf ? buf : "Out of memory!", - "kerberos message", - MB_OK|MB_APPLMODAL); - free (buf); -} - -void -PostUpdateMessage(void) -{ - HWND hWnd; - static UINT km_message; - - if(km_message == 0) - km_message = RegisterWindowMessage("krb4-update-cache"); - - hWnd = FindWindow("KrbManagerWndClass", NULL); - if (hWnd == NULL) - hWnd = HWND_BROADCAST; - PostMessage(hWnd, km_message, 0, 0); -} - - -BOOL WINAPI -DllMain (HANDLE hInst, - ULONG reason, - LPVOID lpReserved) -{ - WORD wVersionRequested; - WSADATA wsaData; - PROCESS_INFORMATION p; - int err; - - switch(reason){ - case DLL_PROCESS_ATTACH: - wVersionRequested = MAKEWORD(1, 1); - err = WSAStartup(wVersionRequested, &wsaData); - if (err != 0) - { - /* Tell the user that we couldn't find a useable */ - /* winsock.dll. */ - msg("Cannot find winsock.dll", err); - return FALSE; - } - if(newTktMem(0) != KSUCCESS) - { - /* Tell the user that we couldn't alloc shared memory. */ - msg("Cannot allocate shared ticket memory", GetLastError()); - return FALSE; - } - if(GetLastError() != ERROR_ALREADY_EXISTS) - { - STARTUPINFO s = { - sizeof(s), - NULL, - NULL, - NULL, - 0,0, - 0,0, - 0,0, - 0, - STARTF_USESHOWWINDOW, - SW_SHOWMINNOACTIVE, - 0, NULL, - NULL, NULL, NULL - }; - - if(!CreateProcess(0,"krbmanager", - 0,0,FALSE,0,0, - 0,&s, &p)) { -#if 0 - msg("Unable to create Kerberos manager process.\n" - "Make sure krbmanager.exe is in your PATH.", - GetLastError()); - return FALSE; -#endif - } - } - break; - case DLL_PROCESS_DETACH: - /* should this really be done here? */ - freeTktMem(0); - WSACleanup(); - break; - } - - return TRUE; -} diff --git a/crypto/kerberosIV/lib/krb/encrypt_ktext.c b/crypto/kerberosIV/lib/krb/encrypt_ktext.c deleted file mode 100644 index dc5c60d8dd5f..000000000000 --- a/crypto/kerberosIV/lib/krb/encrypt_ktext.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: encrypt_ktext.c,v 1.5 1999/12/02 16:58:41 joda Exp $"); - -void -encrypt_ktext(KTEXT cip, des_cblock *key, int encrypt) -{ - des_key_schedule schedule; - des_set_key(key, schedule); - des_pcbc_encrypt((des_cblock*)cip->dat, (des_cblock*)cip->dat, - cip->length, schedule, key, encrypt); - memset(schedule, 0, sizeof(des_key_schedule)); -} diff --git a/crypto/kerberosIV/lib/krb/extra.c b/crypto/kerberosIV/lib/krb/extra.c deleted file mode 100644 index 17193a477483..000000000000 --- a/crypto/kerberosIV/lib/krb/extra.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: extra.c,v 1.7.2.1 2000/12/07 16:06:09 assar Exp $"); - -struct value { - char *variable; - char *value; - struct value *next; -}; - -static struct value *_extra_values; - -static int _krb_extra_read = 0; - -static int -define_variable(const char *variable, const char *value) -{ - struct value *e; - e = malloc(sizeof(*e)); - if(e == NULL) - return ENOMEM; - e->variable = strdup(variable); - if(e->variable == NULL) { - free(e); - return ENOMEM; - } - e->value = strdup(value); - if(e->value == NULL) { - free(e->variable); - free(e); - return ENOMEM; - } - e->next = _extra_values; - _extra_values = e; - return 0; -} - -#ifndef WIN32 - -static int -read_extra_file(void) -{ - int i = 0; - char file[128]; - char line[1024]; - if(_krb_extra_read) - return 0; - _krb_extra_read = 1; - while(krb_get_krbextra(i++, file, sizeof(file)) == 0) { - FILE *f = fopen(file, "r"); - if(f == NULL) - continue; - while(fgets(line, sizeof(line), f)) { - char *var, *tmp, *val; - - /* skip initial whitespace */ - var = line + strspn(line, " \t"); - /* skip non-whitespace */ - tmp = var + strcspn(var, " \t="); - /* skip whitespace */ - val = tmp + strspn(tmp, " \t="); - *tmp = '\0'; - tmp = val + strcspn(val, " \t\n"); - *tmp = '\0'; - if(*var == '\0' || *var == '#' || *val == '\0') - continue; - if(krb_debug) - krb_warning("%s: setting `%s' to `%s'\n", file, var, val); - define_variable(var, val); - } - fclose(f); - return 0; - } - return ENOENT; -} - -#else /* WIN32 */ - -static int -read_extra_file(void) -{ - char name[1024], data[1024]; - DWORD name_sz, data_sz; - DWORD type; - int num = 0; - HKEY reg_key; - - if(_krb_extra_read) - return 0; - _krb_extra_read = 1; - - if(RegCreateKey(HKEY_CURRENT_USER, "krb4", ®_key) != 0) - return -1; - - - while(1) { - name_sz = sizeof(name); - data_sz = sizeof(data); - if(RegEnumValue(reg_key, - num++, - name, - &name_sz, - NULL, - &type, - data, - &data_sz) != 0) - break; - if(type == REG_SZ) - define_variable(name, data); - } - RegCloseKey(reg_key); - return 0; -} - -#endif - -static const char* -find_variable(const char *variable) -{ - struct value *e; - for(e = _extra_values; e; e = e->next) { - if(strcasecmp(variable, e->variable) == 0) - return e->value; - } - return NULL; -} - -const char * -krb_get_config_string(const char *variable) -{ - read_extra_file(); - return find_variable(variable); -} - -int -krb_get_config_bool(const char *variable) -{ - const char *value = krb_get_config_string(variable); - if(value == NULL) - return 0; - return strcasecmp(value, "yes") == 0 || - strcasecmp(value, "true") == 0 || - atoi(value); -} diff --git a/crypto/kerberosIV/lib/krb/get_ad_tkt.c b/crypto/kerberosIV/lib/krb/get_ad_tkt.c deleted file mode 100644 index 56d7d56b04de..000000000000 --- a/crypto/kerberosIV/lib/krb/get_ad_tkt.c +++ /dev/null @@ -1,203 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_ad_tkt.c,v 1.22 1999/12/02 16:58:41 joda Exp $"); - -/* - * get_ad_tkt obtains a new service ticket from Kerberos, using - * the ticket-granting ticket which must be in the ticket file. - * It is typically called by krb_mk_req() when the client side - * of an application is creating authentication information to be - * sent to the server side. - * - * get_ad_tkt takes four arguments: three pointers to strings which - * contain the name, instance, and realm of the service for which the - * ticket is to be obtained; and an integer indicating the desired - * lifetime of the ticket. - * - * It returns an error status if the ticket couldn't be obtained, - * or AD_OK if all went well. The ticket is stored in the ticket - * cache. - * - * The request sent to the Kerberos ticket-granting service looks - * like this: - * - * pkt->dat - * - * TEXT original contents of authenticator+ticket - * pkt->dat built in krb_mk_req call - * - * 4 bytes time_ws always 0 (?) - * char lifetime lifetime argument passed - * string service service name argument - * string sinstance service instance arg. - * - * See "prot.h" for the reply packet layout and definitions of the - * extraction macros like pkt_version(), pkt_msg_type(), etc. - */ - -int -get_ad_tkt(char *service, char *sinstance, char *realm, int lifetime) -{ - static KTEXT_ST pkt_st; - KTEXT pkt = & pkt_st; /* Packet to KDC */ - static KTEXT_ST rpkt_st; - KTEXT rpkt = &rpkt_st; /* Returned packet */ - - CREDENTIALS cr; - char lrealm[REALM_SZ]; - u_int32_t time_ws = 0; - int kerror; - unsigned char *p; - size_t rem; - int tmp; - - /* - * First check if we have a "real" TGT for the corresponding - * realm, if we don't, use ordinary inter-realm authentication. - */ - - kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, &cr); - if (kerror == KSUCCESS) { - strlcpy(lrealm, realm, REALM_SZ); - } else - kerror = krb_get_tf_realm(TKT_FILE, lrealm); - - if (kerror != KSUCCESS) - return(kerror); - - /* - * Look for the session key (and other stuff we don't need) - * in the ticket file for krbtgt.realm@lrealm where "realm" - * is the service's realm (passed in "realm" argument) and - * lrealm is the realm of our initial ticket. If we don't - * have this, we will try to get it. - */ - - if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, - realm, lrealm, &cr)) != KSUCCESS) { - /* - * If realm == lrealm, we have no hope, so let's not even try. - */ - if ((strncmp(realm, lrealm, REALM_SZ)) == 0) - return(AD_NOTGT); - else{ - if ((kerror = - get_ad_tkt(KRB_TICKET_GRANTING_TICKET, - realm, lrealm, lifetime)) != KSUCCESS) { - if (kerror == KDC_PR_UNKNOWN) - return(AD_INTR_RLM_NOTGT); - else - return(kerror); - } - if ((kerror = krb_get_cred(KRB_TICKET_GRANTING_TICKET, - realm, lrealm, &cr)) != KSUCCESS) - return(kerror); - } - } - - /* - * Make up a request packet to the "krbtgt.realm@lrealm". - * Start by calling krb_mk_req() which puts ticket+authenticator - * into "pkt". Then tack other stuff on the end. - */ - - kerror = krb_mk_req(pkt, - KRB_TICKET_GRANTING_TICKET, - realm,lrealm,0L); - - if (kerror) - return(AD_NOTGT); - - p = pkt->dat + pkt->length; - rem = sizeof(pkt->dat) - pkt->length; - - tmp = krb_put_int(time_ws, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(lifetime, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(service, sinstance, NULL, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - rpkt->length = 0; - - /* Send the request to the local ticket-granting server */ - if ((kerror = send_to_kdc(pkt, rpkt, realm))) return(kerror); - - /* check packet version of the returned packet */ - - { - KTEXT_ST cip; - CREDENTIALS cred; - struct timeval tv; - - kerror = kdc_reply_cipher(rpkt, &cip); - if(kerror != KSUCCESS) - return kerror; - - encrypt_ktext(&cip, &cr.session, DES_DECRYPT); - - kerror = kdc_reply_cred(&cip, &cred); - if(kerror != KSUCCESS) - return kerror; - - if (strcmp(cred.service, service) || strcmp(cred.instance, sinstance) || - strcmp(cred.realm, realm)) /* not what we asked for */ - return INTK_ERR; /* we need a better code here XXX */ - - krb_kdctimeofday(&tv); - if (abs((int)(tv.tv_sec - cred.issue_date)) > CLOCK_SKEW) { - return RD_AP_TIME; /* XXX should probably be better code */ - } - - - kerror = save_credentials(cred.service, cred.instance, cred.realm, - cred.session, cred.lifetime, cred.kvno, - &cred.ticket_st, tv.tv_sec); - return kerror; - } -} diff --git a/crypto/kerberosIV/lib/krb/get_cred.c b/crypto/kerberosIV/lib/krb/get_cred.c deleted file mode 100644 index 085184bbb29a..000000000000 --- a/crypto/kerberosIV/lib/krb/get_cred.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_cred.c,v 1.7 1997/12/15 17:12:55 assar Exp $"); - -/* - * krb_get_cred takes a service name, instance, and realm, and a - * structure of type CREDENTIALS to be filled in with ticket - * information. It then searches the ticket file for the appropriate - * ticket and fills in the structure with the corresponding - * information from the file. If successful, it returns KSUCCESS. - * On failure it returns a Kerberos error code. - */ - -int -krb_get_cred(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - CREDENTIALS *c) /* Credentials struct */ -{ - int tf_status; /* return value of tf function calls */ - CREDENTIALS cr; - - if (c == NULL) - c = &cr; - - /* Open ticket file and lock it for shared reading */ - if ((tf_status = tf_init(TKT_FILE, R_TKT_FIL)) != KSUCCESS) - return(tf_status); - - /* Copy principal's name and instance into the CREDENTIALS struc c */ - - if ( (tf_status = tf_get_pname(c->pname)) != KSUCCESS || - (tf_status = tf_get_pinst(c->pinst)) != KSUCCESS ) - return (tf_status); - - /* Search for requested service credentials and copy into c */ - - while ((tf_status = tf_get_cred(c)) == KSUCCESS) { - if ((strcmp(c->service,service) == 0) && - (strcmp(c->instance,instance) == 0) && - (strcmp(c->realm,realm) == 0)) - break; - } - tf_close(); - - if (tf_status == EOF) - return (GC_NOTKT); - return(tf_status); -} diff --git a/crypto/kerberosIV/lib/krb/get_default_principal.c b/crypto/kerberosIV/lib/krb/get_default_principal.c deleted file mode 100644 index 860f237b5daa..000000000000 --- a/crypto/kerberosIV/lib/krb/get_default_principal.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_default_principal.c,v 1.14.2.1 2000/06/23 03:29:10 assar Exp $"); - -int -krb_get_default_principal(char *name, char *instance, char *realm) -{ - char *file; - int ret; - char *p; - - file = tkt_string (); - - ret = krb_get_tf_fullname(file, name, instance, realm); - if(ret == KSUCCESS) - return 0; - - p = getenv("KRB4PRINCIPAL"); - if(p && kname_parse(name, instance, realm, p) == KSUCCESS) - return 1; - -#ifdef HAVE_PWD_H - { - struct passwd *pw; - pw = getpwuid(getuid()); - if(pw == NULL){ - return -1; - } - - strlcpy (name, pw->pw_name, ANAME_SZ); - strlcpy (instance, "", INST_SZ); - krb_get_lrealm(realm, 1); - - if(strcmp(name, "root") == 0) { - p = NULL; -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - p = getlogin(); -#endif - if(p == NULL) - p = getenv("USER"); - if(p == NULL) - p = getenv("LOGNAME"); - if(p){ - strlcpy (name, p, ANAME_SZ); - strlcpy (instance, "root", INST_SZ); - } - } - return 1; - } -#else - return -1; -#endif -} diff --git a/crypto/kerberosIV/lib/krb/get_host.c b/crypto/kerberosIV/lib/krb/get_host.c deleted file mode 100644 index 0eb2224c4099..000000000000 --- a/crypto/kerberosIV/lib/krb/get_host.c +++ /dev/null @@ -1,387 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_host.c,v 1.48 1999/12/02 16:58:41 joda Exp $"); - -static struct host_list { - struct krb_host *this; - struct host_list *next; -} *hosts; - -static int krb_port = 0; - -static void -free_hosts(struct host_list *h) -{ - struct host_list *t; - while(h){ - if(h->this->realm) - free(h->this->realm); - if(h->this->host) - free(h->this->host); - t = h; - h = h->next; - free(t); - } -} - -static int -parse_address(char *address, enum krb_host_proto *proto, - char **host, int *port) -{ - char *p, *q; - int default_port = krb_port; - *proto = PROTO_UDP; - if(strncmp(address, "http://", 7) == 0){ - p = address + 7; - *proto = PROTO_HTTP; - default_port = 80; - }else{ - p = strchr(address, '/'); - if(p){ - char prot[32]; - strlcpy (prot, address, - min(p - address + 1, sizeof(prot))); - if(strcasecmp(prot, "udp") == 0) - *proto = PROTO_UDP; - else if(strcasecmp(prot, "tcp") == 0) - *proto = PROTO_TCP; - else if(strcasecmp(prot, "http") == 0) { - *proto = PROTO_HTTP; - default_port = 80; - } else - krb_warning("Unknown protocol `%s', Using default `udp'.\n", - prot); - p++; - }else - p = address; - } - q = strchr(p, ':'); - if(q) { - *host = malloc(q - p + 1); - if (*host == NULL) - return -1; - strlcpy (*host, p, q - p + 1); - q++; - { - struct servent *sp = getservbyname(q, NULL); - if(sp) - *port = ntohs(sp->s_port); - else - if(sscanf(q, "%d", port) != 1){ - krb_warning("Bad port specification `%s', using port %d.", - q, krb_port); - *port = krb_port; - } - } - } else { - *port = default_port; - q = strchr(p, '/'); - if (q) { - *host = malloc(q - p + 1); - if (*host == NULL) - return -1; - strlcpy (*host, p, q - p + 1); - } else { - *host = strdup(p); - if(*host == NULL) - return -1; - } - } - return 0; -} - -static int -add_host(const char *realm, char *address, int admin, int validate) -{ - struct krb_host *host; - struct host_list *p, **last = &hosts; - - host = (struct krb_host*)malloc(sizeof(struct krb_host)); - if (host == NULL) - return 1; - if(parse_address(address, &host->proto, &host->host, &host->port) < 0) { - free(host); - return 1; - } - if (validate) { - if (krb_dns_debug) - krb_warning("Getting host entry for %s...", host->host); - if (gethostbyname(host->host) == NULL) { - if (krb_dns_debug) - krb_warning("Didn't get it.\n"); - free(host->host); - free(host); - return 1; - } - else if (krb_dns_debug) - krb_warning("Got it.\n"); - } - host->admin = admin; - for(p = hosts; p; p = p->next){ - if(strcmp(realm, p->this->realm) == 0 && - strcmp(host->host, p->this->host) == 0 && - host->proto == p->this->proto && - host->port == p->this->port){ - free(host->host); - free(host); - return 1; - } - last = &p->next; - } - host->realm = strdup(realm); - if (host->realm == NULL) { - free(host->host); - free(host); - return 1; - } - p = (struct host_list*)malloc(sizeof(struct host_list)); - if (p == NULL) { - free(host->realm); - free(host->host); - free(host); - return 1; - } - p->this = host; - p->next = NULL; - *last = p; - return 0; -} - -static int -read_file(const char *filename, const char *r) -{ - char line[1024]; - int nhosts = 0; - FILE *f = fopen(filename, "r"); - - if(f == NULL) - return -1; - while(fgets(line, sizeof(line), f) != NULL) { - char *realm, *address, *admin; - char *save; - - realm = strtok_r (line, " \t\n\r", &save); - if (realm == NULL) - continue; - if (strcmp(realm, r)) - continue; - address = strtok_r (NULL, " \t\n\r", &save); - if (address == NULL) - continue; - admin = strtok_r (NULL, " \t\n\r", &save); - if (add_host(realm, - address, - admin != NULL && strcasecmp(admin, "admin") == 0, - 0) == 0) - ++nhosts; - } - fclose(f); - return nhosts; -} - -#if 0 -static int -read_cellservdb (const char *filename, const char *realm) -{ - char line[1024]; - FILE *f = fopen (filename, "r"); - int nhosts = 0; - - if (f == NULL) - return -1; - while (fgets (line, sizeof(line), f) != NULL) { - if (line[0] == '>' - && strncasecmp (line + 1, realm, strlen(realm)) == 0) { - while (fgets (line, sizeof(line), f) != NULL && *line != '>') { - char *hash; - - if (line [strlen(line) - 1] == '\n') - line [strlen(line) - 1] = '\0'; - - hash = strchr (line, '#'); - - if (hash != NULL - && add_host (realm, hash + 1, 0, 0) == 0) - ++nhosts; - } - break; - } - } - fclose (f); - return nhosts; -} -#endif - -static int -init_hosts(char *realm) -{ - int i, j, ret = 0; - char file[MaxPathLen]; - - /* - * proto should really be NULL, but there are libraries out there - * that don't like that so we use "udp" instead. - */ - - krb_port = ntohs(k_getportbyname (KRB_SERVICE, "udp", htons(KRB_PORT))); - for(i = 0; krb_get_krbconf(i, file, sizeof(file)) == 0; i++) { - j = read_file(file, realm); - if (j > 0) ret += j; - } - return ret; -} - -static void -srv_find_realm(char *realm, char *proto, char *service) -{ - char *domain; - struct dns_reply *r; - struct resource_record *rr; - - roken_mconcat(&domain, 1024, service, ".", proto, ".", realm, ".", NULL); - - if(domain == NULL) - return; - - r = dns_lookup(domain, "srv"); - if(r == NULL) - r = dns_lookup(domain, "txt"); - if(r == NULL){ - free(domain); - return; - } - for(rr = r->head; rr; rr = rr->next){ - if(rr->type == T_SRV){ - char buf[1024]; - - if (snprintf (buf, - sizeof(buf), - "%s/%s:%u", - proto, - rr->u.srv->target, - rr->u.srv->port) < sizeof(buf)) - add_host(realm, buf, 0, 0); - }else if(rr->type == T_TXT) - add_host(realm, rr->u.txt, 0, 0); - } - dns_free_data(r); - free(domain); -} - -struct krb_host* -krb_get_host(int nth, const char *realm, int admin) -{ - struct host_list *p; - static char orealm[REALM_SZ]; - - if(orealm[0] == 0 || strcmp(realm, orealm)){ - /* quick optimization */ - if(realm && realm[0]){ - strlcpy (orealm, realm, sizeof(orealm)); - }else{ - int ret = krb_get_lrealm(orealm, 1); - if(ret != KSUCCESS) - return NULL; - } - - if(hosts){ - free_hosts(hosts); - hosts = NULL; - } - - if (init_hosts(orealm) < nth) { - srv_find_realm(orealm, "udp", KRB_SERVICE); - srv_find_realm(orealm, "tcp", KRB_SERVICE); - srv_find_realm(orealm, "http", KRB_SERVICE); - - { - char *host; - int i = 0; - - asprintf(&host, "kerberos.%s.", orealm); - if (host == NULL) { - free_hosts(hosts); - hosts = NULL; - return NULL; - } - add_host(orealm, host, 1, 1); - do { - i++; - free(host); - asprintf(&host, "kerberos-%d.%s.", i, orealm); - } while(host != NULL - && i < 100000 - && add_host(orealm, host, 0, 1) == 0); - free(host); - } - } -#if 0 - read_cellservdb ("/usr/vice/etc/CellServDB", orealm); - read_cellservdb ("/usr/arla/etc/CellServDB", orealm); -#endif - } - - for(p = hosts; p; p = p->next){ - if(strcmp(orealm, p->this->realm) == 0 && - (!admin || p->this->admin)) { - if(nth == 1) - return p->this; - else - nth--; - } - } - return NULL; -} - -int -krb_get_krbhst(char *host, char *realm, int nth) -{ - struct krb_host *p = krb_get_host(nth, realm, 0); - if(p == NULL) - return KFAILURE; - strlcpy (host, p->host, MaxHostNameLen); - return KSUCCESS; -} - -int -krb_get_admhst(char *host, char *realm, int nth) -{ - struct krb_host *p = krb_get_host(nth, realm, 1); - if(p == NULL) - return KFAILURE; - strlcpy (host, p->host, MaxHostNameLen); - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/get_in_tkt.c b/crypto/kerberosIV/lib/krb/get_in_tkt.c deleted file mode 100644 index 9b405086a159..000000000000 --- a/crypto/kerberosIV/lib/krb/get_in_tkt.c +++ /dev/null @@ -1,188 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_in_tkt.c,v 1.24 1999/11/25 05:22:43 assar Exp $"); - -/* - * This file contains three routines: passwd_to_key() and - * passwd_to_afskey() converts a password into a DES key, using the - * normal strinttokey and the AFS one, respectively, and - * krb_get_pw_in_tkt() gets an initial ticket for a user. - */ - -/* - * passwd_to_key() and passwd_to_afskey: given a password, return a DES key. - */ - -int -passwd_to_key(const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key) -{ -#ifndef NOENCRYPTION - des_string_to_key((char *)passwd, key); -#endif - return 0; -} - -int -passwd_to_5key(const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key) -{ - char *p; - size_t len; - len = roken_mconcat (&p, 512, passwd, realm, user, instance, NULL); - if(len == 0) - return -1; - des_string_to_key(p, key); - memset(p, 0, len); - free(p); - return 0; -} - - -int -passwd_to_afskey(const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key) -{ -#ifndef NOENCRYPTION - afs_string_to_key(passwd, realm, key); -#endif - return (0); -} - -/* - * krb_get_pw_in_tkt() takes the name of the server for which the initial - * ticket is to be obtained, the name of the principal the ticket is - * for, the desired lifetime of the ticket, and the user's password. - * It passes its arguments on to krb_get_in_tkt(), which contacts - * Kerberos to get the ticket, decrypts it using the password provided, - * and stores it away for future use. - * - * krb_get_pw_in_tkt() passes two additional arguments to krb_get_in_tkt(): - * the name of a routine (passwd_to_key()) to be used to get the - * password in case the "password" argument is null and NULL for the - * decryption procedure indicating that krb_get_in_tkt should use the - * default method of decrypting the response from the KDC. - * - * The result of the call to krb_get_in_tkt() is returned. - */ - -typedef int (*const_key_proc_t) __P((const char *name, - const char *instance, /* IN parameter */ - const char *realm, - const void *password, - des_cblock *key)); - -int -krb_get_pw_in_tkt2(const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password, - des_cblock *key) -{ - char pword[100]; /* storage for the password */ - int code; - - /* Only request password once! */ - if (!password) { - if (des_read_pw_string(pword, sizeof(pword)-1, "Password: ", 0)){ - memset(pword, 0, sizeof(pword)); - return INTK_BADPW; - } - password = pword; - } - - { - KTEXT_ST as_rep; - CREDENTIALS cred; - int ret = 0; - const_key_proc_t key_procs[] = { passwd_to_key, - passwd_to_afskey, - passwd_to_5key, - NULL }; - const_key_proc_t *kp; - - code = krb_mk_as_req(user, instance, realm, - service, sinstance, life, &as_rep); - if(code) - return code; - for(kp = key_procs; *kp; kp++){ - KTEXT_ST tmp; - memcpy(&tmp, &as_rep, sizeof(as_rep)); - code = krb_decode_as_rep(user, - (char *)instance, /* const_key_proc_t */ - realm, - service, - sinstance, - (key_proc_t)*kp, /* const_key_proc_t */ - NULL, - password, - &tmp, - &cred); - if(code == 0){ - if(key) - (**kp)(user, instance, realm, password, key); - break; - } - if(code != INTK_BADPW) - ret = code; /* this is probably a better code than - what code gets after this loop */ - } - if(code) - return ret ? ret : code; - - code = tf_setup(&cred, user, instance); - if (code == KSUCCESS) { - if (krb_get_config_bool("nat_in_use")) - krb_add_our_ip_for_realm(user, instance, realm, password); - } - } - if (password == pword) - memset(pword, 0, sizeof(pword)); - return(code); -} - -int -krb_get_pw_in_tkt(const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password) -{ - return krb_get_pw_in_tkt2(user, instance, realm, - service, sinstance, life, password, NULL); -} diff --git a/crypto/kerberosIV/lib/krb/get_krbrlm.c b/crypto/kerberosIV/lib/krb/get_krbrlm.c deleted file mode 100644 index a6b0ba932af2..000000000000 --- a/crypto/kerberosIV/lib/krb/get_krbrlm.c +++ /dev/null @@ -1,137 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: get_krbrlm.c,v 1.25 1999/12/02 16:58:41 joda Exp $"); - -/* - * krb_get_lrealm takes a pointer to a string, and a number, n. It fills - * in the string, r, with the name of the nth realm specified on the - * first line of the kerberos config file (KRB_CONF, defined in "krb.h"). - * It returns 0 (KSUCCESS) on success, and KFAILURE on failure. If the - * config file does not exist, and if n=1, a successful return will occur - * with r = KRB_REALM (also defined in "krb.h"). - * - * For the format of the KRB_CONF file, see comments describing the routine - * krb_get_krbhst(). - */ - -static int -krb_get_lrealm_f(char *r, int n, const char *fname) -{ - char buf[1024]; - char *p; - int nchar; - FILE *f; - int ret = KFAILURE; - - if (n < 0) - return KFAILURE; - if(n == 0) - n = 1; - - f = fopen(fname, "r"); - if (f == 0) - return KFAILURE; - - for (; n > 0; n--) - if (fgets(buf, sizeof(buf), f) == 0) - goto done; - - /* We now have the n:th line, remove initial white space. */ - p = buf + strspn(buf, " \t"); - - /* Collect realmname. */ - nchar = strcspn(p, " \t\n"); - if (nchar == 0 || nchar > REALM_SZ) - goto done; /* No realmname */ - strncpy(r, p, nchar); - r[nchar] = 0; - - /* Does more junk follow? */ - p += nchar; - nchar = strspn(p, " \t\n"); - if (p[nchar] == 0) - ret = KSUCCESS; /* This was a realm name only line. */ - - done: - fclose(f); - return ret; -} - -static const char *no_default_realm = "NO.DEFAULT.REALM"; - -int -krb_get_lrealm(char *r, int n) -{ - int i; - char file[MaxPathLen]; - - for (i = 0; krb_get_krbconf(i, file, sizeof(file)) == 0; i++) - if (krb_get_lrealm_f(r, n, file) == KSUCCESS) - return KSUCCESS; - - /* When nothing else works try default realm */ - if (n == 1) { - char *t = krb_get_default_realm(); - - if (strcmp(t, no_default_realm) == 0) - return KFAILURE; /* Can't figure out default realm */ - - strcpy(r, t); - return KSUCCESS; - } - else - return(KFAILURE); -} - -/* Returns local realm if that can be figured out else NO.DEFAULT.REALM */ -char * -krb_get_default_realm(void) -{ - static char local_realm[REALM_SZ]; /* Local kerberos realm */ - - if (local_realm[0] == 0) { - char *t, hostname[MaxHostNameLen]; - - strlcpy(local_realm, no_default_realm, - sizeof(local_realm)); /* Provide default */ - - gethostname(hostname, sizeof(hostname)); - t = krb_realmofhost(hostname); - if (t && strcmp(t, no_default_realm) != 0) - strlcpy(local_realm, t, sizeof(local_realm)); - } - return local_realm; -} diff --git a/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c b/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c deleted file mode 100644 index daf7ae1bdb0f..000000000000 --- a/crypto/kerberosIV/lib/krb/get_svc_in_tkt.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_svc_in_tkt.c,v 1.9 1999/06/29 21:18:04 bg Exp $"); - -/* - * This file contains two routines: srvtab_to_key(), which gets - * a server's key from a srvtab file, and krb_get_svc_in_tkt() which - * gets an initial ticket for a server. - */ - -/* - * srvtab_to_key(): given a "srvtab" file (where the keys for the - * service on a host are stored), return the private key of the - * given service (user.instance@realm). - * - * srvtab_to_key() passes its arguments on to read_service_key(), - * plus one additional argument, the key version number. - * (Currently, the key version number is always 0; this value - * is treated as a wildcard by read_service_key().) - * - * If the "srvtab" argument is null, KEYFILE (defined in "krb.h") - * is passed in its place. - * - * It returns the return value of the read_service_key() call. - * The service key is placed in "key". - */ - -int -srvtab_to_key(const char *user, - char *instance, - const char *realm, - const void *srvtab, - des_cblock *key) -{ - if (!srvtab) - srvtab = KEYFILE; - - return(read_service_key(user, instance, realm, 0, (char *)srvtab, - (char *)key)); -} - -/* - * krb_get_svc_in_tkt() passes its arguments on to krb_get_in_tkt(), - * plus two additional arguments: a pointer to the srvtab_to_key() - * function to be used to get the key from the key file and a NULL - * for the decryption procedure indicating that krb_get_in_tkt should - * use the default method of decrypting the response from the KDC. - * - * It returns the return value of the krb_get_in_tkt() call. - */ - -int -krb_get_svc_in_tkt(char *user, char *instance, char *realm, char *service, - char *sinstance, int life, char *srvtab) -{ - return(krb_get_in_tkt(user, instance, realm, service, sinstance, - life, srvtab_to_key, NULL, srvtab)); -} diff --git a/crypto/kerberosIV/lib/krb/get_tf_fullname.c b/crypto/kerberosIV/lib/krb/get_tf_fullname.c deleted file mode 100644 index 75688b090ed0..000000000000 --- a/crypto/kerberosIV/lib/krb/get_tf_fullname.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_tf_fullname.c,v 1.8 1999/09/16 20:41:51 assar Exp $"); - -/* - * This file contains a routine to extract the fullname of a user - * from the ticket file. - */ - -/* - * krb_get_tf_fullname() takes four arguments: the name of the - * ticket file, and variables for name, instance, and realm to be - * returned in. Since the realm of a ticket file is not really fully - * supported, the realm used will be that of the the first ticket in - * the file as this is the one that was obtained with a password by - * krb_get_in_tkt(). - */ - -int -krb_get_tf_fullname(char *ticket_file, char *name, char *instance, char *realm) -{ - int tf_status; - CREDENTIALS c; - - if ((tf_status = tf_init(ticket_file, R_TKT_FIL)) != KSUCCESS) - return(tf_status); - - if (((tf_status = tf_get_pname(c.pname)) != KSUCCESS) || - ((tf_status = tf_get_pinst(c.pinst)) != KSUCCESS)) - return (tf_status); - - if (name) - strlcpy (name, c.pname, ANAME_SZ); - if (instance) - strlcpy (instance, c.pinst, INST_SZ); - if ((tf_status = tf_get_cred(&c)) == KSUCCESS) { - if (realm) - strlcpy (realm, c.realm, REALM_SZ); - } - else { - if (tf_status == EOF) - return(KFAILURE); - else - return(tf_status); - } - tf_close(); - - return(tf_status); -} diff --git a/crypto/kerberosIV/lib/krb/get_tf_realm.c b/crypto/kerberosIV/lib/krb/get_tf_realm.c deleted file mode 100644 index 1a3c7d1cb5b8..000000000000 --- a/crypto/kerberosIV/lib/krb/get_tf_realm.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: get_tf_realm.c,v 1.5 1997/03/23 03:53:10 joda Exp $"); - -/* - * This file contains a routine to extract the realm of a kerberos - * ticket file. - */ - -/* - * krb_get_tf_realm() takes two arguments: the name of a ticket - * and a variable to store the name of the realm in. - * - */ - -int -krb_get_tf_realm(char *ticket_file, char *realm) -{ - return(krb_get_tf_fullname(ticket_file, 0, 0, realm)); -} diff --git a/crypto/kerberosIV/lib/krb/getaddrs.c b/crypto/kerberosIV/lib/krb/getaddrs.c deleted file mode 100644 index c4ee6ad7ec13..000000000000 --- a/crypto/kerberosIV/lib/krb/getaddrs.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * $FreeBSD$ - */ - -#include "krb_locl.h" - -RCSID("$Id: getaddrs.c,v 1.28.2.1 2000/06/23 03:29:53 assar Exp $"); - -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_NET_IF_H -#ifdef __osf__ -struct rtentry; -struct mbuf; -#endif -#ifdef _AIX -#undef __P /* XXX hack for AIX 4.3 */ -#endif -#include -#endif - -#ifdef HAVE_SYS_SOCKIO_H -#include -#endif /* HAVE_SYS_SOCKIO_H */ - -/* - * Return number and list of all local adresses. - */ - -int -k_get_all_addrs (struct in_addr **l) -{ -#if !defined(SIOCGIFCONF) || !defined(SIOCGIFFLAGS) || !defined(SIOCGIFADDR) - char name[MaxHostNameLen]; - struct hostent *he; - - if (gethostname(name, sizeof(name)) < 0) - return -1; - he = gethostbyname (name); - if (he == NULL) - return -1; - *l = malloc(sizeof(**l)); - if (*l == NULL) - return -1; - memcpy (*l, he->h_addr_list[0], sizeof(*l)); - return 1; -#else - int fd; - char *inbuf = NULL; - size_t in_len = 8192; - struct ifreq ifreq; - struct ifconf ifconf; - int num, j; - char *p; - size_t sz; - - *l = NULL; - fd = socket(AF_INET, SOCK_DGRAM, 0); - if (fd < 0) - return -1; - - for(;;) { - void *tmp; - - tmp = realloc (inbuf, in_len); - if (tmp == NULL) - goto fail; - inbuf = tmp; - - ifconf.ifc_len = in_len; - ifconf.ifc_buf = inbuf; - - /* - * Solaris returns EINVAL when the buffer is too small. - */ - - if(ioctl(fd, SIOCGIFCONF, &ifconf) < 0 && errno != EINVAL) - goto fail; - if(ifconf.ifc_len + sizeof(ifreq) < in_len) - break; - in_len *= 2; - } - num = ifconf.ifc_len / sizeof(struct ifreq); - *l = malloc(num * sizeof(struct in_addr)); - if(*l == NULL) - goto fail; - - j = 0; - ifreq.ifr_name[0] = '\0'; - for (p = ifconf.ifc_buf; p < ifconf.ifc_buf + ifconf.ifc_len; p += sz) { - struct ifreq *ifr = (struct ifreq *)p; - sz = sizeof(*ifr); -#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN - sz = max(sz, sizeof(ifr->ifr_name) + ifr->ifr_addr.sa_len); -#endif - - if(strncmp(ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name))) { - if(ioctl(fd, SIOCGIFFLAGS, ifr) < 0) - continue; - if (ifr->ifr_flags & IFF_UP) { - if(ioctl(fd, SIOCGIFADDR, ifr) < 0) - continue; - (*l)[j++] = ((struct sockaddr_in *)&ifr->ifr_addr)->sin_addr; - } - memcpy(&ifreq, ifr, sizeof(ifreq)); - } - } - if (j != num) { - void *tmp; - tmp = realloc (*l, j * sizeof(struct in_addr)); - if(tmp == NULL) - goto fail; - *l = tmp; - } - close (fd); - free(inbuf); - return j; -fail: - close(fd); - free(inbuf); - free(*l); - return -1; -#endif /* SIOCGIFCONF */ -} diff --git a/crypto/kerberosIV/lib/krb/getfile.c b/crypto/kerberosIV/lib/krb/getfile.c deleted file mode 100644 index 7684aee9cc09..000000000000 --- a/crypto/kerberosIV/lib/krb/getfile.c +++ /dev/null @@ -1,91 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: getfile.c,v 1.5.2.1 2000/12/07 17:04:48 assar Exp $"); - -static int -is_suid(void) -{ - int ret = 0; -#ifdef HAVE_GETUID - ret |= getuid() != geteuid(); -#endif -#ifdef HAVE_GETGID - ret |= getgid() != getegid(); -#endif - return ret; -} - -static int -get_file(const char **files, int num, const char *file, char *buf, size_t len) -{ - const char *p, **q; - int i = 0; - if(getuid() != 0 && !is_suid() && (p = getenv("KRBCONFDIR"))){ - if(num == i){ - snprintf(buf, len, "%s/%s", p, file); - return 0; - } - i++; - } - for(q = files; *q; q++, i++){ - if(num == i){ - snprintf(buf, len, "%s", *q); - return 0; - } - } - return -1; -} - -int -krb_get_krbconf(int num, char *buf, size_t len) -{ - const char *files[] = KRB_CNF_FILES; - return get_file(files, num, "krb.conf", buf, len); -} - -int -krb_get_krbrealms(int num, char *buf, size_t len) -{ - const char *files[] = KRB_RLM_FILES; - return get_file(files, num, "krb.realms", buf, len); -} - -int -krb_get_krbextra(int num, char *buf, size_t len) -{ - const char *files[] = { "/etc/krb.extra", NULL }; - return get_file(files, num, "krb.extra", buf, len); -} diff --git a/crypto/kerberosIV/lib/krb/getrealm.c b/crypto/kerberosIV/lib/krb/getrealm.c deleted file mode 100644 index 2dcb4cf33fe9..000000000000 --- a/crypto/kerberosIV/lib/krb/getrealm.c +++ /dev/null @@ -1,185 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: getrealm.c,v 1.36 1999/09/16 20:41:51 assar Exp $"); - -#ifndef MATCH_SUBDOMAINS -#define MATCH_SUBDOMAINS 0 -#endif - -/* - * krb_realmofhost. - * Given a fully-qualified domain-style primary host name, - * return the name of the Kerberos realm for the host. - * If the hostname contains no discernable domain, or an error occurs, - * return the local realm name, as supplied by get_krbrlm(). - * If the hostname contains a domain, but no translation is found, - * the hostname's domain is converted to upper-case and returned. - * - * The format of each line of the translation file is: - * domain_name kerberos_realm - * -or- - * host_name kerberos_realm - * - * domain_name should be of the form .XXX.YYY (e.g. .LCS.MIT.EDU) - * host names should be in the usual form (e.g. FOO.BAR.BAZ) - */ - -/* To automagically find the correct realm of a host (without - * krb.realms) add a text record for your domain with the name of your - * realm, like this: - * - * krb4-realm IN TXT FOO.SE - * - * The search is recursive, so you can also add entries for specific - * hosts. To find the realm of host a.b.c, it first tries - * krb4-realm.a.b.c, then krb4-realm.b.c and so on. - */ - -static int -dns_find_realm(char *hostname, char *realm) -{ - char domain[MaxHostNameLen + sizeof("krb4-realm..")]; - char *p; - int level = 0; - struct dns_reply *r; - - p = hostname; - - while(1){ - snprintf(domain, sizeof(domain), "krb4-realm.%s.", p); - p = strchr(p, '.'); - if(p == NULL) - break; - p++; - r = dns_lookup(domain, "TXT"); - if(r){ - struct resource_record *rr = r->head; - while(rr){ - if(rr->type == T_TXT){ - strlcpy(realm, rr->u.txt, REALM_SZ); - dns_free_data(r); - return level; - } - rr = rr->next; - } - dns_free_data(r); - } - level++; - } - return -1; -} - - -static FILE * -open_krb_realms(void) -{ - int i; - char file[MaxPathLen]; - FILE *res; - - for(i = 0; krb_get_krbrealms(i, file, sizeof(file)) == 0; i++) - if ((res = fopen(file, "r")) != NULL) - return res; - return NULL; -} - -static int -file_find_realm(const char *phost, const char *domain, - char *ret_realm, size_t ret_realm_sz) -{ - FILE *trans_file; - char buf[1024]; - int ret = -1; - - if ((trans_file = open_krb_realms()) == NULL) - return -1; - - while (fgets(buf, sizeof(buf), trans_file) != NULL) { - char *save = NULL; - char *tok; - char *tmp_host; - char *tmp_realm; - - tok = strtok_r(buf, " \t\r\n", &save); - if(tok == NULL) - continue; - tmp_host = tok; - tok = strtok_r(NULL, " \t\r\n", &save); - if(tok == NULL) - continue; - tmp_realm = tok; - if (strcasecmp(tmp_host, phost) == 0) { - /* exact match of hostname, so return the realm */ - strlcpy(ret_realm, tmp_realm, ret_realm_sz); - ret = 0; - break; - } - if ((tmp_host[0] == '.') && domain) { - const char *cp = domain; - do { - if(strcasecmp(tmp_host, cp) == 0){ - /* domain match, save for later */ - strlcpy(ret_realm, tmp_realm, ret_realm_sz); - ret = 0; - break; - } - cp = strchr(cp + 1, '.'); - } while(MATCH_SUBDOMAINS && cp); - } - if (ret == 0) - break; - } - fclose(trans_file); - return ret; -} - -char * -krb_realmofhost(const char *host) -{ - static char ret_realm[REALM_SZ]; - char *domain; - char phost[MaxHostNameLen]; - - krb_name_to_name(host, phost, sizeof(phost)); - - domain = strchr(phost, '.'); - - if(file_find_realm(phost, domain, ret_realm, sizeof ret_realm) == 0) - return ret_realm; - - if(dns_find_realm(phost, ret_realm) >= 0) - return ret_realm; - - if (domain) { - char *cp; - - strlcpy(ret_realm, &domain[1], REALM_SZ); - /* Upper-case realm */ - for (cp = ret_realm; *cp; cp++) - *cp = toupper(*cp); - } else { - strncpy(ret_realm, krb_get_default_realm(), REALM_SZ); /* Wild guess */ - } - return ret_realm; -} diff --git a/crypto/kerberosIV/lib/krb/getst.c b/crypto/kerberosIV/lib/krb/getst.c deleted file mode 100644 index de9996264ee6..000000000000 --- a/crypto/kerberosIV/lib/krb/getst.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: getst.c,v 1.6 1997/03/23 03:53:11 joda Exp $"); - -/* - * getst() takes a file descriptor, a string and a count. It reads - * from the file until either it has read "count" characters, or until - * it reads a null byte. When finished, what has been read exists in - * the given string "s". If "count" characters were actually read, the - * last is changed to a null, so the returned string is always null- - * terminated. getst() returns the number of characters read, including - * the null terminator. - */ - -int -getst(int fd, char *s, int n) -{ - int count = n; - while (read(fd, s, 1) > 0 && --count) - if (*s++ == '\0') - return (n - count); - *s = '\0'; - return (n - count); -} diff --git a/crypto/kerberosIV/lib/krb/k_getport.c b/crypto/kerberosIV/lib/krb/k_getport.c deleted file mode 100644 index 063a0b21cd0e..000000000000 --- a/crypto/kerberosIV/lib/krb/k_getport.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_getport.c,v 1.11 1999/12/02 16:58:42 joda Exp $"); - -int -k_getportbyname (const char *service, const char *proto, int default_port) -{ -#ifdef HAVE_GETSERVBYNAME - struct servent *sp; - - sp = getservbyname(service, proto); - if(sp != NULL) - return sp->s_port; - - krb_warning ("%s/%s unknown service, using default port %d\n", - service, proto ? proto : "*", ntohs(default_port)); -#endif - return default_port; -} diff --git a/crypto/kerberosIV/lib/krb/k_getsockinst.c b/crypto/kerberosIV/lib/krb/k_getsockinst.c deleted file mode 100644 index 2b0453cd8bd3..000000000000 --- a/crypto/kerberosIV/lib/krb/k_getsockinst.c +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_getsockinst.c,v 1.13 1999/12/02 16:58:42 joda Exp $"); - -/* - * Return in inst the name of the local interface bound to socket - * fd. On Failure return the 'wildcard' instance "*". - */ - -int -k_getsockinst(int fd, char *inst, size_t inst_size) -{ - struct sockaddr_in addr; - int len = sizeof(addr); - struct hostent *hnam; - - if (getsockname(fd, (struct sockaddr *)&addr, &len) < 0) - goto fail; - - hnam = gethostbyaddr((char *)&addr.sin_addr, - sizeof(addr.sin_addr), - addr.sin_family); - if (hnam == 0) - goto fail; - - strlcpy (inst, hnam->h_name, inst_size); - k_ricercar(inst); /* Canonicalize name */ - return 0; /* Success */ - - fail: - inst[0] = '*'; - inst[1] = 0; - return -1; -} diff --git a/crypto/kerberosIV/lib/krb/k_localtime.c b/crypto/kerberosIV/lib/krb/k_localtime.c deleted file mode 100644 index e8cbdd66397c..000000000000 --- a/crypto/kerberosIV/lib/krb/k_localtime.c +++ /dev/null @@ -1,43 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: k_localtime.c,v 1.8 1999/12/02 16:58:42 joda Exp $"); - -struct tm *k_localtime(u_int32_t *tp) -{ - time_t t; - t = *tp; - return localtime(&t); -} diff --git a/crypto/kerberosIV/lib/krb/kdc_reply.c b/crypto/kerberosIV/lib/krb/kdc_reply.c deleted file mode 100644 index 888ab160b780..000000000000 --- a/crypto/kerberosIV/lib/krb/kdc_reply.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: kdc_reply.c,v 1.12.2.2 2000/12/04 14:34:28 assar Exp $"); - -static int little_endian; /* XXX ugly */ - -int -kdc_reply_cred(KTEXT cip, CREDENTIALS *cred) -{ - unsigned char *p = cip->dat; - - memcpy(cred->session, p, 8); - p += 8; - - if(p + strlen((char*)p) > cip->dat + cip->length) - return INTK_BADPW; - p += krb_get_string(p, cred->service, sizeof(cred->service)); - - if(p + strlen((char*)p) > cip->dat + cip->length) - return INTK_BADPW; - p += krb_get_string(p, cred->instance, sizeof(cred->instance)); - - if(p + strlen((char*)p) > cip->dat + cip->length) - return INTK_BADPW; - p += krb_get_string(p, cred->realm, sizeof(cred->realm)); - - if(p + 3 > cip->dat + cip->length) - return INTK_BADPW; - cred->lifetime = *p++; - cred->kvno = *p++; - cred->ticket_st.length = *p++; - - if(p + cred->ticket_st.length + 4 > cip->dat + cip->length) - return INTK_BADPW; - memcpy(cred->ticket_st.dat, p, cred->ticket_st.length); - p += cred->ticket_st.length; - - p += krb_get_int(p, (u_int32_t *)&cred->issue_date, 4, little_endian); - - return KSUCCESS; -} - -int -kdc_reply_cipher(KTEXT reply, KTEXT cip) -{ - unsigned char *p; - unsigned char pvno; - unsigned char type; - - char aname[ANAME_SZ]; - char inst[INST_SZ]; - char realm[REALM_SZ]; - - u_int32_t kdc_time; - u_int32_t exp_date; - u_int32_t clen; - - p = reply->dat; - - pvno = *p++; - - if (pvno != KRB_PROT_VERSION ) - return INTK_PROT; - - type = *p++; - little_endian = type & 1; - - type &= ~1; - - if(type == AUTH_MSG_ERR_REPLY){ - u_int32_t code; - /* skip these fields */ - p += strlen((char*)p) + 1; /* name */ - p += strlen((char*)p) + 1; /* instance */ - p += strlen((char*)p) + 1; /* realm */ - p += 4; /* time */ - p += krb_get_int(p, &code, 4, little_endian); - if(code == 0) - code = KFAILURE; /* things will go bad otherwise */ - return code; - } - if(type != AUTH_MSG_KDC_REPLY) - return INTK_PROT; - - p += krb_get_nir(p, - aname, sizeof(aname), - inst, sizeof(inst), - realm, sizeof(realm)); - p += krb_get_int(p, &kdc_time, 4, little_endian); - p++; /* number of tickets */ - p += krb_get_int(p, &exp_date, 4, little_endian); - p++; /* master key version number */ - p += krb_get_int(p, &clen, 2, little_endian); - if (reply->length - (p - reply->dat) < clen) - return INTK_PROT; - - cip->length = clen; - memcpy(cip->dat, p, clen); - p += clen; - - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/klog.h b/crypto/kerberosIV/lib/krb/klog.h deleted file mode 100644 index cee92d973c20..000000000000 --- a/crypto/kerberosIV/lib/krb/klog.h +++ /dev/null @@ -1,47 +0,0 @@ -/* - * $Id: klog.h,v 1.5 1997/05/11 11:05:28 assar Exp $ - * - * Copyright 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * This file defines the types of log messages logged by klog. Each - * type of message may be selectively turned on or off. - */ - -#ifndef KLOG_DEFS -#define KLOG_DEFS - -#ifndef KRBLOG -#define KRBLOG "/var/log/kerberos.log" /* master server */ -#endif -#ifndef KRBSLAVELOG -#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* slave server */ -#endif -#define NLOGTYPE 100 /* Maximum number of log msg types */ - -#define L_NET_ERR 1 /* Error in network code */ -#define L_NET_INFO 2 /* Info on network activity */ -#define L_KRB_PERR 3 /* Kerberos protocol errors */ -#define L_KRB_PINFO 4 /* Kerberos protocol info */ -#define L_INI_REQ 5 /* Request for initial ticket */ -#define L_NTGT_INTK 6 /* Initial request not for TGT */ -#define L_DEATH_REQ 7 /* Request for server death */ -#define L_TKT_REQ 8 /* All ticket requests using a tgt */ -#define L_ERR_SEXP 9 /* Service expired */ -#define L_ERR_MKV 10 /* Master key version incorrect */ -#define L_ERR_NKY 11 /* User's key is null */ -#define L_ERR_NUN 12 /* Principal not unique */ -#define L_ERR_UNK 13 /* Principal Unknown */ -#define L_ALL_REQ 14 /* All requests */ -#define L_APPL_REQ 15 /* Application requests (using tgt) */ -#define L_KRB_PWARN 16 /* Protocol warning messages */ - -char * klog __P((int type, const char *format, ...)) -#ifdef __GNUC__ -__attribute__ ((format (printf, 2, 3))) -#endif -; - -#endif /* KLOG_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/kntoln.c b/crypto/kerberosIV/lib/krb/kntoln.c deleted file mode 100644 index 86e5205ab3aa..000000000000 --- a/crypto/kerberosIV/lib/krb/kntoln.c +++ /dev/null @@ -1,177 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -/* - * krb_kntoln converts an auth name into a local name by looking up - * the auth name in the /etc/aname file. The format of the aname - * file is: - * - * +-----+-----+-----+-----+------+----------+-------+-------+ - * | anl | inl | rll | lnl | name | instance | realm | lname | - * +-----+-----+-----+-----+------+----------+-------+-------+ - * | 1by | 1by | 1by | 1by | name | instance | realm | lname | - * +-----+-----+-----+-----+------+----------+-------+-------+ - * - * If the /etc/aname file can not be opened it will set the - * local name to the auth name. Thus, in this case it performs as - * the identity function. - * - * The name instance and realm are passed to krb_kntoln through - * the AUTH_DAT structure (ad). - * - * Now here's what it *really* does: - * - * Given a Kerberos name in an AUTH_DAT structure, check that the - * instance is null, and that the realm is the same as the local - * realm, and return the principal's name in "lname". Return - * KSUCCESS if all goes well, otherwise KFAILURE. - */ - -#include "krb_locl.h" - -RCSID("$Id: kntoln.c,v 1.10 1998/06/09 19:25:21 joda Exp $"); - -int -krb_kntoln(AUTH_DAT *ad, char *lname) -{ - static char lrealm[REALM_SZ] = ""; - - if (!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) - return(KFAILURE); - - if (strcmp(ad->pinst, "")) - return(KFAILURE); - if (strcmp(ad->prealm, lrealm)) - return(KFAILURE); - strcpy(lname, ad->pname); - return(KSUCCESS); -} - -#if 0 -/* Posted to usenet by "Derrick J. Brashear" */ - -#include -#include -#include -#include -#include -#include -#include - -extern int errno; -/* - * antoln converts an authentication name into a local name by looking up - * the authentication name in the /etc/aname dbm database. - * - * If the /etc/aname file can not be opened it will set the - * local name to the principal name. Thus, in this case it performs as - * the identity function. - * - * The name instance and realm are passed to antoln through - * the AUTH_DAT structure (ad). - */ - -static char lrealm[REALM_SZ] = ""; - -int -an_to_ln(AUTH_DAT *ad, char *lname) -{ - static DBM *aname = NULL; - char keyname[ANAME_SZ+INST_SZ+REALM_SZ+2]; - - if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) - return(KFAILURE); - - if((strcmp(ad->pinst,"") && strcmp(ad->pinst,"root")) || - strcmp(ad->prealm,lrealm)) { - datum val; - datum key; - /* - * Non-local name (or) non-null and non-root instance. - * Look up in dbm file. - */ - if (!aname) { - if ((aname = dbm_open("/etc/aname", O_RDONLY, 0)) - == NULL) return (KFAILURE); - } - /* Construct dbm lookup key. */ - an_to_a(ad, keyname); - key.dptr = keyname; - key.dsize = strlen(keyname)+1; - flock(dbm_dirfno(aname), LOCK_SH); - val = dbm_fetch(aname, key); - flock(dbm_dirfno(aname), LOCK_UN); - if (!val.dptr) { - dbm_close(aname); - return(KFAILURE); - } - /* Got it! */ - strcpy(lname,val.dptr); - return(KSUCCESS); - } else strcpy(lname,ad->pname); - return(KSUCCESS); -} - -void -an_to_a(AUTH_DAT *ad, char *str) -{ - strcpy(str, ad->pname); - if(*ad->pinst) { - strcat(str, "."); - strcat(str, ad->pinst); - } - strcat(str, "@"); - strcat(str, ad->prealm); -} - -/* - * Parse a string of the form "user[.instance][@realm]" - * into a struct AUTH_DAT. - */ - -int -a_to_an(char *str, AUTH_DAT *ad) -{ - char *buf = (char *)malloc(strlen(str)+1); - char *rlm, *inst, *princ; - - if(!(*lrealm) && (krb_get_lrealm(lrealm,1) == KFAILURE)) { - free(buf); - return(KFAILURE); - } - /* destructive string hacking is more fun.. */ - strcpy(buf, str); - - if (rlm = index(buf, '@')) { - *rlm++ = '\0'; - } - if (inst = index(buf, '.')) { - *inst++ = '\0'; - } - strcpy(ad->pname, buf); - if(inst) strcpy(ad->pinst, inst); - else *ad->pinst = '\0'; - if (rlm) strcpy(ad->prealm, rlm); - else strcpy(ad->prealm, lrealm); - free(buf); - return(KSUCCESS); -} -#endif diff --git a/crypto/kerberosIV/lib/krb/krb-archaeology.h b/crypto/kerberosIV/lib/krb/krb-archaeology.h deleted file mode 100644 index 0757996eeb37..000000000000 --- a/crypto/kerberosIV/lib/krb/krb-archaeology.h +++ /dev/null @@ -1,131 +0,0 @@ -/* - * $Id: krb-archaeology.h,v 1.2 1997/12/05 02:04:44 joda Exp $ - * - * Most of the cruft in this file is probably: - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * . - */ - -#ifndef __KRB_ARCHAEOLOGY_H__ -#define __KRB_ARCHAEOLOGY_H__ - -/* Compare x and y in VAX byte order, result is -1, 0 or 1. */ - -#define krb_lsb_antinet_ulong_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ulong_cmp(x, y)) - -#define krb_lsb_antinet_ushort_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ushort_cmp(x, y)) - -int krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y); -int krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y); -u_int32_t lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst); - -/* Macro's to obtain various fields from a packet */ - -#define pkt_version(packet) (unsigned int) *(packet->dat) -#define pkt_msg_type(packet) (unsigned int) *(packet->dat+1) -#define pkt_a_name(packet) (packet->dat+2) -#define pkt_a_inst(packet) \ - (packet->dat+3+strlen((char *)pkt_a_name(packet))) -#define pkt_a_realm(packet) \ - (pkt_a_inst(packet)+1+strlen((char *)pkt_a_inst(packet))) - -/* Macro to obtain realm from application request */ -#define apreq_realm(auth) (auth->dat + 3) - -#define pkt_time_ws(packet) (char *) \ - (packet->dat+5+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) - -#define pkt_no_req(packet) (unsigned short) \ - *(packet->dat+9+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) -#define pkt_x_date(packet) (char *) \ - (packet->dat+10+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) -#define pkt_err_code(packet) ( (char *) \ - (packet->dat+9+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet)))) -#define pkt_err_text(packet) \ - (packet->dat+13+strlen((char *)pkt_a_name(packet)) + \ - strlen((char *)pkt_a_inst(packet)) + \ - strlen((char *)pkt_a_realm(packet))) - -/* - * macros for byte swapping; also scratch space - * u_quad 0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0 - * u_int32_t 0-->3, 1-->2, 2-->1, 3-->0 - * u_int16_t 0-->1, 1-->0 - */ - -#define swap_u_16(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(((char *) x) +0, ((char *) _krb_swap_tmp) +14 ,2); \ - swab(((char *) x) +2, ((char *) _krb_swap_tmp) +12 ,2); \ - swab(((char *) x) +4, ((char *) _krb_swap_tmp) +10 ,2); \ - swab(((char *) x) +6, ((char *) _krb_swap_tmp) +8 ,2); \ - swab(((char *) x) +8, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +10,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +12,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +14,((char *) _krb_swap_tmp) +0 ,2); \ - memcpy(x, _krb_swap_tmp, 16);\ - } - -#define swap_u_12(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) x, ((char *) _krb_swap_tmp) +10 ,2); \ - swab(((char *) x) +2, ((char *) _krb_swap_tmp) +8 ,2); \ - swab(((char *) x) +4, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +6, ((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +8, ((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +10,((char *) _krb_swap_tmp) +0 ,2); \ - memcpy(x, _krb_swap_tmp, 12);\ - } - -#define swap_C_Block(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) x, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) x) +2,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) x) +4,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) x) +6,((char *) _krb_swap_tmp) ,2); \ - memcpy(x, _krb_swap_tmp, 8);\ - } -#define swap_u_quad(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab(( char *) &x, ((char *) _krb_swap_tmp) +6 ,2); \ - swab(((char *) &x) +2,((char *) _krb_swap_tmp) +4 ,2); \ - swab(((char *) &x) +4,((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) &x) +6,((char *) _krb_swap_tmp) ,2); \ - memcpy(x, _krb_swap_tmp, 8);\ - } - -#define swap_u_long(x) {\ - u_int32_t _krb_swap_tmp[4];\ - swab((char *) &x, ((char *) _krb_swap_tmp) +2 ,2); \ - swab(((char *) &x) +2,((char *) _krb_swap_tmp),2); \ - x = _krb_swap_tmp[0]; \ - } - -#define swap_u_short(x) {\ - u_int16_t _krb_swap_sh_tmp; \ - swab((char *) &x, ( &_krb_swap_sh_tmp) ,2); \ - x = (u_int16_t) _krb_swap_sh_tmp; \ - } -/* Kerberos ticket flag field bit definitions */ -#define K_FLAG_ORDER 0 /* bit 0 --> lsb */ -#define K_FLAG_1 /* reserved */ -#define K_FLAG_2 /* reserved */ -#define K_FLAG_3 /* reserved */ -#define K_FLAG_4 /* reserved */ -#define K_FLAG_5 /* reserved */ -#define K_FLAG_6 /* reserved */ -#define K_FLAG_7 /* reserved, bit 7 --> msb */ - -#endif /* __KRB_ARCHAEOLOGY_H__ */ diff --git a/crypto/kerberosIV/lib/krb/krb-protos.h b/crypto/kerberosIV/lib/krb/krb-protos.h deleted file mode 100644 index 69bd1cad7376..000000000000 --- a/crypto/kerberosIV/lib/krb/krb-protos.h +++ /dev/null @@ -1,790 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb-protos.h,v 1.24.2.1 2000/06/23 03:32:04 assar Exp $ */ -/* $FreeBSD$ */ - -#ifndef __krb_protos_h__ -#define __krb_protos_h__ - -#if defined (__STDC__) || defined (_MSC_VER) -#include -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -#ifdef __STDC__ -struct in_addr; -struct sockaddr_in; -struct timeval; -#endif - -#ifndef KRB_LIB_FUNCTION -#if defined(__BORLANDC__) -#define KRB_LIB_FUNCTION /* not-ready-definition-yet */ -#elif defined(_MSC_VER) -#define KRB_LIB_FUNCTION /* not-ready-definition-yet2 */ -#else -#define KRB_LIB_FUNCTION -#endif -#endif - -void KRB_LIB_FUNCTION -afs_string_to_key __P(( - const char *str, - const char *cell, - des_cblock *key)); - -int KRB_LIB_FUNCTION -create_ciph __P(( - KTEXT c, - unsigned char *session, - char *service, - char *instance, - char *realm, - u_int32_t life, - int kvno, - KTEXT tkt, - u_int32_t kdc_time, - des_cblock *key)); - -int KRB_LIB_FUNCTION -cr_err_reply __P(( - KTEXT pkt, - char *pname, - char *pinst, - char *prealm, - u_int32_t time_ws, - u_int32_t e, - char *e_string)); - -int KRB_LIB_FUNCTION -decomp_ticket __P(( - KTEXT tkt, - unsigned char *flags, - char *pname, - char *pinstance, - char *prealm, - u_int32_t *paddress, - unsigned char *session, - int *life, - u_int32_t *time_sec, - char *sname, - char *sinstance, - des_cblock *key, - des_key_schedule schedule)); - -int KRB_LIB_FUNCTION -dest_tkt __P((void)); - -int KRB_LIB_FUNCTION -get_ad_tkt __P(( - char *service, - char *sinstance, - char *realm, - int lifetime)); - -int KRB_LIB_FUNCTION -getst __P(( - int fd, - char *s, - int n)); - -int KRB_LIB_FUNCTION -in_tkt __P(( - char *pname, - char *pinst)); - -int KRB_LIB_FUNCTION -k_get_all_addrs __P((struct in_addr **l)); - -int KRB_LIB_FUNCTION -k_gethostname __P(( - char *name, - int namelen)); - -int KRB_LIB_FUNCTION -k_getportbyname __P(( - const char *service, - const char *proto, - int default_port)); - -int KRB_LIB_FUNCTION -k_getsockinst __P(( - int fd, - char *inst, - size_t inst_size)); - -int KRB_LIB_FUNCTION -k_isinst __P((char *s)); - -int KRB_LIB_FUNCTION -k_isname __P((char *s)); - -int KRB_LIB_FUNCTION -k_isrealm __P((char *s)); - -struct tm * KRB_LIB_FUNCTION -k_localtime __P((u_int32_t *tp)); - -int KRB_LIB_FUNCTION -kname_parse __P(( - char *np, - char *ip, - char *rp, - char *fullname)); - -int KRB_LIB_FUNCTION -krb_atime_to_life __P((char *atime)); - -int KRB_LIB_FUNCTION -krb_check_auth __P(( - KTEXT packet, - u_int32_t checksum, - MSG_DAT *msg_data, - des_cblock *session, - des_key_schedule schedule, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr)); - -int KRB_LIB_FUNCTION -krb_check_tm __P((struct tm tm)); - -KTEXT KRB_LIB_FUNCTION -krb_create_death_packet __P((char *a_name)); - -int KRB_LIB_FUNCTION -krb_create_ticket __P(( - KTEXT tkt, - unsigned char flags, - char *pname, - char *pinstance, - char *prealm, - int32_t paddress, - void *session, - int16_t life, - int32_t time_sec, - char *sname, - char *sinstance, - des_cblock *key)); - -int KRB_LIB_FUNCTION -krb_decode_as_rep __P(( - const char *user, - char *instance, /* INOUT parameter */ - const char *realm, - const char *service, - const char *sinstance, - key_proc_t key_proc, - decrypt_proc_t decrypt_proc, - const void *arg, - KTEXT as_rep, - CREDENTIALS *cred)); - -int KRB_LIB_FUNCTION -krb_disable_debug __P((void)); - -int KRB_LIB_FUNCTION -krb_enable_debug __P((void)); - -int KRB_LIB_FUNCTION -krb_equiv __P(( - u_int32_t a, - u_int32_t b)); - -int KRB_LIB_FUNCTION -krb_get_address __P(( - void *from, - u_int32_t *to)); - -int KRB_LIB_FUNCTION -krb_get_admhst __P(( - char *host, - char *realm, - int nth)); - -int KRB_LIB_FUNCTION -krb_get_config_bool __P((const char *variable)); - -const char * KRB_LIB_FUNCTION -krb_get_config_string __P((const char *variable)); - -int KRB_LIB_FUNCTION -krb_get_cred __P(( - char *service, - char *instance, - char *realm, - CREDENTIALS *c)); - -int KRB_LIB_FUNCTION -krb_get_default_principal __P(( - char *name, - char *instance, - char *realm)); - -char * KRB_LIB_FUNCTION -krb_get_default_realm __P((void)); - -const char * KRB_LIB_FUNCTION -krb_get_default_tkt_root __P((void)); - -const char * KRB_LIB_FUNCTION -krb_get_default_keyfile __P((void)); - -const char * KRB_LIB_FUNCTION -krb_get_err_text __P((int code)); - -struct krb_host* KRB_LIB_FUNCTION -krb_get_host __P(( - int nth, - const char *realm, - int admin)); - -int KRB_LIB_FUNCTION -krb_get_in_tkt __P(( - char *user, - char *instance, - char *realm, - char *service, - char *sinstance, - int life, - key_proc_t key_proc, - decrypt_proc_t decrypt_proc, - void *arg)); - -int KRB_LIB_FUNCTION -krb_get_int __P(( - void *f, - u_int32_t *to, - int size, - int lsb)); - -int KRB_LIB_FUNCTION -krb_get_kdc_time_diff __P((void)); - -int KRB_LIB_FUNCTION -krb_get_krbconf __P(( - int num, - char *buf, - size_t len)); - -int KRB_LIB_FUNCTION -krb_get_krbextra __P(( - int num, - char *buf, - size_t len)); - -int KRB_LIB_FUNCTION -krb_get_krbhst __P(( - char *host, - char *realm, - int nth)); - -int KRB_LIB_FUNCTION -krb_get_krbrealms __P(( - int num, - char *buf, - size_t len)); - -int KRB_LIB_FUNCTION -krb_get_lrealm __P(( - char *r, - int n)); - -int KRB_LIB_FUNCTION -krb_get_nir __P(( - void *from, - char *name, size_t name_len, - char *instance, size_t instance_len, - char *realm, size_t realm_len)); - -char * KRB_LIB_FUNCTION -krb_get_phost __P((const char *alias)); - -int KRB_LIB_FUNCTION -krb_get_pw_in_tkt __P(( - const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password)); - -int KRB_LIB_FUNCTION -krb_get_pw_in_tkt2 __P(( - const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - const char *password, - des_cblock *key)); - -int KRB_LIB_FUNCTION -krb_get_string __P(( - void *from, - char *to, - size_t to_size)); - -int KRB_LIB_FUNCTION -krb_get_svc_in_tkt __P(( - char *user, - char *instance, - char *realm, - char *service, - char *sinstance, - int life, - char *srvtab)); - -int KRB_LIB_FUNCTION -krb_get_tf_fullname __P(( - char *ticket_file, - char *name, - char *instance, - char *realm)); - -int KRB_LIB_FUNCTION -krb_get_tf_realm __P(( - char *ticket_file, - char *realm)); - -void KRB_LIB_FUNCTION -krb_kdctimeofday __P((struct timeval *tv)); - -int KRB_LIB_FUNCTION -krb_kntoln __P(( - AUTH_DAT *ad, - char *lname)); - -int KRB_LIB_FUNCTION -krb_kuserok __P(( - char *name, - char *instance, - char *realm, - char *luser)); - -char * KRB_LIB_FUNCTION -krb_life_to_atime __P((int life)); - -u_int32_t KRB_LIB_FUNCTION -krb_life_to_time __P(( - u_int32_t start, - int life_)); - -int KRB_LIB_FUNCTION -krb_lsb_antinet_ulong_cmp __P(( - u_int32_t x, - u_int32_t y)); - -int KRB_LIB_FUNCTION -krb_lsb_antinet_ushort_cmp __P(( - u_int16_t x, - u_int16_t y)); - -int KRB_LIB_FUNCTION -krb_mk_as_req __P(( - const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - KTEXT cip)); - -int KRB_LIB_FUNCTION -krb_mk_auth __P(( - int32_t options, - KTEXT ticket, - char *service, - char *instance, - char *realm, - u_int32_t checksum, - char *version, - KTEXT buf)); - -int32_t KRB_LIB_FUNCTION -krb_mk_err __P(( - u_char *p, - int32_t e, - char *e_string)); - -int32_t KRB_LIB_FUNCTION -krb_mk_priv __P(( - void *in, - void *out, - u_int32_t length, - des_key_schedule schedule, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver)); - -int KRB_LIB_FUNCTION -krb_mk_req __P(( - KTEXT authent, - char *service, - char *instance, - char *realm, - int32_t checksum)); - -int32_t KRB_LIB_FUNCTION -krb_mk_safe __P(( - void *in, - void *out, - u_int32_t length, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver)); - -int KRB_LIB_FUNCTION -krb_net_read __P(( - int fd, - void *v, - size_t len)); - -int KRB_LIB_FUNCTION -krb_net_write __P(( - int fd, - const void *v, - size_t len)); - -int KRB_LIB_FUNCTION -krb_parse_name __P(( - const char *fullname, - krb_principal *principal)); - -int KRB_LIB_FUNCTION -krb_put_address __P(( - u_int32_t addr, - void *to, - size_t rem)); - -int KRB_LIB_FUNCTION -krb_put_int __P(( - u_int32_t from, - void *to, - size_t rem, - int size)); - -int KRB_LIB_FUNCTION -krb_put_nir __P(( - const char *name, - const char *instance, - const char *realm, - void *to, - size_t rem)); - -int KRB_LIB_FUNCTION -krb_put_string __P(( - const char *from, - void *to, - size_t rem)); - -int KRB_LIB_FUNCTION -krb_rd_err __P(( - u_char *in, - u_int32_t in_length, - int32_t *code, - MSG_DAT *m_data)); - -int32_t KRB_LIB_FUNCTION -krb_rd_priv __P(( - void *in, - u_int32_t in_length, - des_key_schedule schedule, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver, - MSG_DAT *m_data)); - -int KRB_LIB_FUNCTION -krb_rd_req __P(( - KTEXT authent, - char *service, - char *instance, - int32_t from_addr, - AUTH_DAT *ad, - char *fn)); - -int32_t KRB_LIB_FUNCTION -krb_rd_safe __P(( - void *in, - u_int32_t in_length, - des_cblock *key, - struct sockaddr_in *sender, - struct sockaddr_in *receiver, - MSG_DAT *m_data)); - -int KRB_LIB_FUNCTION -krb_realm_parse __P(( - char *realm, - int length)); - -char * KRB_LIB_FUNCTION -krb_realmofhost __P((const char *host)); - -int KRB_LIB_FUNCTION -krb_recvauth __P(( - int32_t options, - int fd, - KTEXT ticket, - char *service, - char *instance, - struct sockaddr_in *faddr, - struct sockaddr_in *laddr, - AUTH_DAT *kdata, - char *filename, - des_key_schedule schedule, - char *version)); - -int KRB_LIB_FUNCTION -krb_sendauth __P(( - int32_t options, - int fd, - KTEXT ticket, - char *service, - char *instance, - char *realm, - u_int32_t checksum, - MSG_DAT *msg_data, - CREDENTIALS *cred, - des_key_schedule schedule, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr, - char *version)); - -void KRB_LIB_FUNCTION -krb_set_kdc_time_diff __P((int diff)); - -int KRB_LIB_FUNCTION -krb_set_key __P(( - void *key, - int cvt)); - -int KRB_LIB_FUNCTION -krb_set_lifetime __P((int newval)); - -void KRB_LIB_FUNCTION -krb_set_tkt_string __P((const char *val)); - -const char * KRB_LIB_FUNCTION -krb_stime __P((time_t *t)); - -int KRB_LIB_FUNCTION -krb_time_to_life __P(( - u_int32_t start, - u_int32_t end)); - -char * KRB_LIB_FUNCTION -krb_unparse_name __P((krb_principal *pr)); - -char * KRB_LIB_FUNCTION -krb_unparse_name_long __P(( - char *name, - char *instance, - char *realm)); - -char * KRB_LIB_FUNCTION -krb_unparse_name_long_r __P(( - char *name, - char *instance, - char *realm, - char *fullname)); - -char * KRB_LIB_FUNCTION -krb_unparse_name_r __P(( - krb_principal *pr, - char *fullname)); - -int KRB_LIB_FUNCTION -krb_use_admin_server __P((int flag)); - -int KRB_LIB_FUNCTION -krb_verify_user __P(( - char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance)); - -int KRB_LIB_FUNCTION -krb_verify_user_srvtab __P(( - char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance, - char *srvtab)); - -int KRB_LIB_FUNCTION -kuserok __P(( - AUTH_DAT *auth, - char *luser)); - -u_int32_t KRB_LIB_FUNCTION -lsb_time __P(( - time_t t, - struct sockaddr_in *src, - struct sockaddr_in *dst)); - -const char * KRB_LIB_FUNCTION -month_sname __P((int n)); - -int KRB_LIB_FUNCTION -passwd_to_5key __P(( - const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key)); - -int KRB_LIB_FUNCTION -passwd_to_afskey __P(( - const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key)); - -int KRB_LIB_FUNCTION -passwd_to_key __P(( - const char *user, - const char *instance, - const char *realm, - const void *passwd, - des_cblock *key)); - -int KRB_LIB_FUNCTION -read_service_key __P(( - const char *service, - char *instance, - const char *realm, - int kvno, - const char *file, - void *key)); - -int KRB_LIB_FUNCTION -save_credentials __P(( - char *service, - char *instance, - char *realm, - unsigned char *session, - int lifetime, - int kvno, - KTEXT ticket, - int32_t issue_date)); - -int KRB_LIB_FUNCTION -send_to_kdc __P(( - KTEXT pkt, - KTEXT rpkt, - const char *realm)); - -int KRB_LIB_FUNCTION -srvtab_to_key __P(( - const char *user, - char *instance, /* INOUT parameter */ - const char *realm, - const void *srvtab, - des_cblock *key)); - -void KRB_LIB_FUNCTION -tf_close __P((void)); - -int KRB_LIB_FUNCTION -tf_create __P((char *tf_name)); - -int KRB_LIB_FUNCTION -tf_get_cred __P((CREDENTIALS *c)); - -int KRB_LIB_FUNCTION -tf_get_cred_addr __P((char *realm, size_t realm_sz, struct in_addr *addr)); - -int KRB_LIB_FUNCTION -tf_get_pinst __P((char *inst)); - -int KRB_LIB_FUNCTION -tf_get_pname __P((char *p)); - -int KRB_LIB_FUNCTION -tf_init __P(( - char *tf_name, - int rw)); - -int KRB_LIB_FUNCTION -tf_put_pinst __P((const char *inst)); - -int KRB_LIB_FUNCTION -tf_put_pname __P((const char *p)); - -int KRB_LIB_FUNCTION -tf_save_cred __P(( - char *service, - char *instance, - char *realm, - unsigned char *session, - int lifetime, - int kvno, - KTEXT ticket, - u_int32_t issue_date)); - -int KRB_LIB_FUNCTION -tf_setup __P(( - CREDENTIALS *cred, - const char *pname, - const char *pinst)); - -int KRB_LIB_FUNCTION -tf_get_addr __P(( - const char *realm, - struct in_addr *addr)); - -int KRB_LIB_FUNCTION -tf_store_addr __P((const char *realm, struct in_addr *addr)); - -char * KRB_LIB_FUNCTION -tkt_string __P((void)); - -int KRB_LIB_FUNCTION -krb_add_our_ip_for_realm __P((const char *user, const char *instance, - const char *realm, const char *password)); - -#endif /* __krb_protos_h__ */ diff --git a/crypto/kerberosIV/lib/krb/krb.def b/crypto/kerberosIV/lib/krb/krb.def deleted file mode 100644 index 1158e60c1638..000000000000 --- a/crypto/kerberosIV/lib/krb/krb.def +++ /dev/null @@ -1,96 +0,0 @@ -LIBRARY krb BASE=0x07000000 -EXPORTS - krb_get_err_text - - newTktMem - getTktMem - firstCred - nextCredIndex - currCredIndex - nextFreeIndex - - k_localtime - k_getsockinst - k_getportbyname - k_get_all_addrs - - krb_set_kdc_time_diff - krb_get_kdc_time_diff - - krb_get_config_bool - krb_get_config_string - - krb_equiv - - afs_string_to_key - - krb_life_to_time - krb_time_to_life - krb_life_to_atime - krb_atime_to_life - - tf_get_cred - tf_get_pinst - tf_get_pname - tf_put_pinst - tf_put_pname - tf_init - tf_create - tf_save_cred - tf_close - - krb_mk_priv - krb_rd_priv - - create_auth_reply - krb_get_phost - krb_realmofhost - tkt_string - create_ciph - decomp_ticket - dest_tkt - get_ad_tkt - in_tkt - k_gethostname - k_isinst - k_isname - k_isrealm - kname_parse - krb_parse_name - krb_unparse_name - krb_unparse_name_long - krb_create_ticket - krb_get_admhst - krb_get_cred - krb_get_in_tkt - krb_get_krbhst - krb_get_lrealm - krb_get_default_realm - krb_get_pw_in_tkt - krb_get_svc_in_tkt - krb_get_tf_fullname - krb_get_tf_realm - krb_kntoln - krb_mk_req - krb_net_read - krb_net_write - krb_rd_err - krb_rd_req - krb_recvauth - krb_sendauth - krb_set_key - krb_set_lifetime - read_service_key - save_credentials - send_to_kdc - krb_mk_err - krb_mk_safe - krb_rd_safe - ad_print - cr_err_reply - krb_set_tkt_string - krb_get_default_principal - krb_realm_parse - krb_verify_user - kset_logfile - getst diff --git a/crypto/kerberosIV/lib/krb/krb.dsp b/crypto/kerberosIV/lib/krb/krb.dsp deleted file mode 100644 index efec3b2d46dc..000000000000 --- a/crypto/kerberosIV/lib/krb/krb.dsp +++ /dev/null @@ -1,398 +0,0 @@ -# Microsoft Developer Studio Project File - Name="krb" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 5.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=krb - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "krb.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "krb.mak" CFG="krb - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "krb - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "krb - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "krb - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir ".\Release" -# PROP BASE Intermediate_Dir ".\Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir ".\Release" -# PROP Intermediate_Dir ".\Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 -# ADD LINK32 ..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll /machine:I386 - -!ELSEIF "$(CFG)" == "krb - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir ".\Debug" -# PROP BASE Intermediate_Dir ".\Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir ".\Debug" -# PROP Intermediate_Dir ".\Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 -# ADD LINK32 ..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll /debug /machine:I386 - -!ENDIF - -# Begin Target - -# Name "krb - Win32 Release" -# Name "krb - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;hpj;bat;for;f90" -# Begin Source File - -SOURCE=.\cr_err_reply.c -# End Source File -# Begin Source File - -SOURCE=.\create_auth_reply.c -# End Source File -# Begin Source File - -SOURCE=.\create_ciph.c -# End Source File -# Begin Source File - -SOURCE=.\create_ticket.c -# End Source File -# Begin Source File - -SOURCE=.\debug_decl.c -# End Source File -# Begin Source File - -SOURCE=.\decomp_ticket.c -# End Source File -# Begin Source File - -SOURCE=.\dllmain.c -# End Source File -# Begin Source File - -SOURCE=.\encrypt_ktext.c -# End Source File -# Begin Source File - -SOURCE=.\extra.c -# End Source File -# Begin Source File - -SOURCE=.\get_ad_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\get_cred.c -# End Source File -# Begin Source File - -SOURCE=.\get_default_principal.c -# End Source File -# Begin Source File - -SOURCE=.\get_host.c -# End Source File -# Begin Source File - -SOURCE=.\get_in_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\get_krbrlm.c -# End Source File -# Begin Source File - -SOURCE=.\get_svc_in_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\get_tf_fullname.c -# End Source File -# Begin Source File - -SOURCE=.\get_tf_realm.c -# End Source File -# Begin Source File - -SOURCE=.\getaddrs.c -# End Source File -# Begin Source File - -SOURCE=.\getfile.c -# End Source File -# Begin Source File - -SOURCE=.\getrealm.c -# End Source File -# Begin Source File - -SOURCE=.\getst.c -# End Source File -# Begin Source File - -SOURCE=.\k_gethostname.c -# End Source File -# Begin Source File - -SOURCE=.\k_getport.c -# End Source File -# Begin Source File - -SOURCE=.\k_getsockinst.c -# End Source File -# Begin Source File - -SOURCE=.\k_localtime.c -# End Source File -# Begin Source File - -SOURCE=.\kdc_reply.c -# End Source File -# Begin Source File - -SOURCE=.\kntoln.c -# End Source File -# Begin Source File - -SOURCE=.\krb.def -# End Source File -# Begin Source File - -SOURCE=.\krb_check_auth.c -# End Source File -# Begin Source File - -SOURCE=.\krb_equiv.c -# End Source File -# Begin Source File - -SOURCE=.\krb_err_txt.c -# End Source File -# Begin Source File - -SOURCE=.\krb_get_in_tkt.c -# End Source File -# Begin Source File - -SOURCE=.\lifetime.c -# End Source File -# Begin Source File - -SOURCE=.\logging.c -# End Source File -# Begin Source File - -SOURCE=.\lsb_addr_comp.c -# End Source File -# Begin Source File - -SOURCE=.\mk_auth.c -# End Source File -# Begin Source File - -SOURCE=.\mk_err.c -# End Source File -# Begin Source File - -SOURCE=.\mk_priv.c -# End Source File -# Begin Source File - -SOURCE=.\mk_req.c -# End Source File -# Begin Source File - -SOURCE=.\mk_safe.c -# End Source File -# Begin Source File - -SOURCE=.\month_sname.c -# End Source File -# Begin Source File - -SOURCE=.\name2name.c -# End Source File -# Begin Source File - -SOURCE=.\netread.c -# End Source File -# Begin Source File - -SOURCE=.\netwrite.c -# End Source File -# Begin Source File - -SOURCE=.\one.c -# End Source File -# Begin Source File - -SOURCE=.\parse_name.c -# End Source File -# Begin Source File - -SOURCE=.\rd_err.c -# End Source File -# Begin Source File - -SOURCE=.\rd_priv.c -# End Source File -# Begin Source File - -SOURCE=.\rd_req.c -# End Source File -# Begin Source File - -SOURCE=.\rd_safe.c -# End Source File -# Begin Source File - -SOURCE=.\read_service_key.c -# End Source File -# Begin Source File - -SOURCE=.\realm_parse.c -# End Source File -# Begin Source File - -SOURCE=.\recvauth.c -# End Source File -# Begin Source File - -SOURCE=.\rw.c -# End Source File -# Begin Source File - -SOURCE=.\save_credentials.c -# End Source File -# Begin Source File - -SOURCE=.\send_to_kdc.c -# End Source File -# Begin Source File - -SOURCE=.\sendauth.c -# End Source File -# Begin Source File - -SOURCE=.\stime.c -# End Source File -# Begin Source File - -SOURCE=.\str2key.c -# End Source File -# Begin Source File - -SOURCE=.\ticket_memory.c -# End Source File -# Begin Source File - -SOURCE=.\time.c -# End Source File -# Begin Source File - -SOURCE=.\tkt_string.c -# End Source File -# Begin Source File - -SOURCE=.\unparse_name.c -# End Source File -# Begin Source File - -SOURCE=.\util.c -# End Source File -# Begin Source File - -SOURCE=.\verify_user.c -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl;fi;fd" -# Begin Source File - -SOURCE=.\klog.h -# End Source File -# Begin Source File - -SOURCE=".\krb-protos.h" -# End Source File -# Begin Source File - -SOURCE=.\krb.h -# End Source File -# Begin Source File - -SOURCE=.\krb_locl.h -# End Source File -# Begin Source File - -SOURCE=.\krb_log.h -# End Source File -# Begin Source File - -SOURCE=.\prot.h -# End Source File -# Begin Source File - -SOURCE=.\ticket_memory.h -# End Source File -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;cnt;rtf;gif;jpg;jpeg;jpe" -# Begin Source File - -SOURCE=.\krb.rc -# End Source File -# End Group -# End Target -# End Project diff --git a/crypto/kerberosIV/lib/krb/krb.h b/crypto/kerberosIV/lib/krb/krb.h deleted file mode 100644 index 1a850ca4dad8..000000000000 --- a/crypto/kerberosIV/lib/krb/krb.h +++ /dev/null @@ -1,360 +0,0 @@ -/* - * $Id: krb.h,v 1.99 1999/11/16 14:02:47 bg Exp $ - * $FreeBSD$ - * - * Copyright 1987, 1988 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Include file for the Kerberos library. - */ - -#if !defined (__STDC__) && !defined(_MSC_VER) -#define const -#define signed -#endif - -#include -#include - -#ifndef __KRB_H__ -#define __KRB_H__ - -/* XXX */ -#ifndef __BEGIN_DECLS -#if defined(__cplusplus) -#define __BEGIN_DECLS extern "C" { -#define __END_DECLS }; -#else -#define __BEGIN_DECLS -#define __END_DECLS -#endif -#endif - -#if defined (__STDC__) || defined (_MSC_VER) -#ifndef __P -#define __P(x) x -#endif -#else -#ifndef __P -#define __P(x) () -#endif -#endif - -__BEGIN_DECLS - -/* Need some defs from des.h */ -#if !defined(NOPROTO) && !defined(__STDC__) -#define NOPROTO -#endif -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include - -/* CNS compatibility ahead! */ -#ifndef KRB_INT32 -#define KRB_INT32 int32_t -#endif -#ifndef KRB_UINT32 -#define KRB_UINT32 u_int32_t -#endif - -/* Global library variables. */ -extern int krb_ignore_ip_address; /* To turn off IP address comparison */ -extern int krb_no_long_lifetimes; /* To disable AFS compatible lifetimes */ -extern int krbONE; -#define HOST_BYTE_ORDER (* (char *) &krbONE) -/* Debug variables */ -extern int krb_debug; -extern int krb_ap_req_debug; -extern int krb_dns_debug; - - -/* Text describing error codes */ -#define MAX_KRB_ERRORS 256 -extern const char *krb_err_txt[MAX_KRB_ERRORS]; - -/* General definitions */ -#define KSUCCESS 0 -#define KFAILURE 255 - -/* - * Kerberos specific definitions - * - * KRBLOG is the log file for the kerberos master server. KRB_CONF is - * the configuration file where different host machines running master - * and slave servers can be found. KRB_MASTER is the name of the - * machine with the master database. The admin_server runs on this - * machine, and all changes to the db (as opposed to read-only - * requests, which can go to slaves) must go to it. KRB_HOST is the - * default machine * when looking for a kerberos slave server. Other - * possibilities are * in the KRB_CONF file. KRB_REALM is the name of - * the realm. - */ - -/* /etc/kerberosIV is only for backwards compatibility, don't use it! */ -#ifndef KRB_CONF -#define KRB_CONF "/etc/kerberosIV/krb.conf" -#endif -#ifndef KRB_RLM_TRANS -#define KRB_RLM_TRANS "/etc/kerberosIV/krb.realms" -#endif -#ifndef KRB_CNF_FILES -#define KRB_CNF_FILES { KRB_CONF, "/etc/krb.conf", 0} -#endif -#ifndef KRB_RLM_FILES -#define KRB_RLM_FILES { KRB_RLM_TRANS, "/etc/krb.realms", 0} -#endif -#ifndef KRB_EQUIV -#define KRB_EQUIV "/etc/kerberosIV/krb.equiv" -#endif -#define KRB_MASTER "kerberos" -#ifndef KRB_REALM -#define KRB_REALM (krb_get_default_realm()) -#endif - -/* The maximum sizes for aname, realm, sname, and instance +1 */ -#define ANAME_SZ 40 -#define REALM_SZ 40 -#define SNAME_SZ 40 -#define INST_SZ 40 -/* Leave space for quoting */ -#define MAX_K_NAME_SZ (2*ANAME_SZ + 2*INST_SZ + 2*REALM_SZ - 3) -#define KKEY_SZ 100 -#define VERSION_SZ 1 -#define MSG_TYPE_SZ 1 -#define DATE_SZ 26 /* RTI date output */ - -#define MAX_HSTNM 100 /* for compatibility */ - -typedef struct krb_principal{ - char name[ANAME_SZ]; - char instance[INST_SZ]; - char realm[REALM_SZ]; -}krb_principal; - -#ifndef DEFAULT_TKT_LIFE /* allow compile-time override */ -/* default lifetime for krb_mk_req & co., 10 hrs */ -#define DEFAULT_TKT_LIFE 120 -#endif - -#define KRB_TICKET_GRANTING_TICKET "krbtgt" - -/* Definition of text structure used to pass text around */ -#define MAX_KTXT_LEN 1250 - -struct ktext { - unsigned int length; /* Length of the text */ - unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ - u_int32_t mbz; /* zero to catch runaway strings */ -}; - -typedef struct ktext *KTEXT; -typedef struct ktext KTEXT_ST; - - -/* Definitions for send_to_kdc */ -#define CLIENT_KRB_TIMEOUT 4 /* default time between retries */ -#define CLIENT_KRB_RETRY 5 /* retry this many times */ -#define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */ - -/* Definitions for ticket file utilities */ -#define R_TKT_FIL 0 -#define W_TKT_FIL 1 - -/* Parameters for rd_ap_req */ -/* Maximum alloable clock skew in seconds */ -#define CLOCK_SKEW 5*60 -/* Filename for readservkey */ -#ifndef KEYFILE -#define KEYFILE (krb_get_default_keyfile()) -#endif - -/* Structure definition for rd_ap_req */ - -struct auth_dat { - unsigned char k_flags; /* Flags from ticket */ - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* His Instance */ - char prealm[REALM_SZ]; /* His Realm */ - u_int32_t checksum; /* Data checksum (opt) */ - des_cblock session; /* Session Key */ - int life; /* Life of ticket */ - u_int32_t time_sec; /* Time ticket issued */ - u_int32_t address; /* Address in ticket */ - KTEXT_ST reply; /* Auth reply (opt) */ -}; - -typedef struct auth_dat AUTH_DAT; - -/* Structure definition for credentials returned by get_cred */ - -struct credentials { - char service[ANAME_SZ]; /* Service name */ - char instance[INST_SZ]; /* Instance */ - char realm[REALM_SZ]; /* Auth domain */ - des_cblock session; /* Session key */ - int lifetime; /* Lifetime */ - int kvno; /* Key version number */ - KTEXT_ST ticket_st; /* The ticket itself */ - int32_t issue_date; /* The issue time */ - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* Principal's instance */ -}; - -typedef struct credentials CREDENTIALS; - -/* Structure definition for rd_private_msg and rd_safe_msg */ - -struct msg_dat { - unsigned char *app_data; /* pointer to appl data */ - u_int32_t app_length; /* length of appl data */ - u_int32_t hash; /* hash to lookup replay */ - int swap; /* swap bytes? */ - int32_t time_sec; /* msg timestamp seconds */ - unsigned char time_5ms; /* msg timestamp 5ms units */ -}; - -typedef struct msg_dat MSG_DAT; - -struct krb_host { - char *realm; - char *host; - enum krb_host_proto { PROTO_UDP, PROTO_TCP, PROTO_HTTP } proto; - int port; - int admin; -}; - -/* Location of ticket file for save_cred and get_cred */ -#define TKT_FILE tkt_string() -#ifndef TKT_ROOT -#define TKT_ROOT (krb_get_default_tkt_root()) -#endif - -/* Error codes returned from the KDC */ -#define KDC_OK 0 /* Request OK */ -#define KDC_NAME_EXP 1 /* Principal expired */ -#define KDC_SERVICE_EXP 2 /* Service expired */ -#define KDC_AUTH_EXP 3 /* Auth expired */ -#define KDC_PKT_VER 4 /* Protocol version unknown */ -#define KDC_P_MKEY_VER 5 /* Wrong master key version */ -#define KDC_S_MKEY_VER 6 /* Wrong master key version */ -#define KDC_BYTE_ORDER 7 /* Byte order unknown */ -#define KDC_PR_UNKNOWN 8 /* Principal unknown */ -#define KDC_PR_N_UNIQUE 9 /* Principal not unique */ -#define KDC_NULL_KEY 10 /* Principal has null key */ -#define KDC_GEN_ERR 20 /* Generic error from KDC */ - - -/* Values returned by get_credentials */ -#define GC_OK 0 /* Retrieve OK */ -#define RET_OK 0 /* Retrieve OK */ -#define GC_TKFIL 21 /* Can't read ticket file */ -#define RET_TKFIL 21 /* Can't read ticket file */ -#define GC_NOTKT 22 /* Can't find ticket or TGT */ -#define RET_NOTKT 22 /* Can't find ticket or TGT */ - - -/* Values returned by mk_ap_req */ -#define MK_AP_OK 0 /* Success */ -#define MK_AP_TGTEXP 26 /* TGT Expired */ - -/* Values returned by rd_ap_req */ -#define RD_AP_OK 0 /* Request authentic */ -#define RD_AP_UNDEC 31 /* Can't decode authenticator */ -#define RD_AP_EXP 32 /* Ticket expired */ -#define RD_AP_NYV 33 /* Ticket not yet valid */ -#define RD_AP_REPEAT 34 /* Repeated request */ -#define RD_AP_NOT_US 35 /* The ticket isn't for us */ -#define RD_AP_INCON 36 /* Request is inconsistent */ -#define RD_AP_TIME 37 /* delta_t too big */ -#define RD_AP_BADD 38 /* Incorrect net address */ -#define RD_AP_VERSION 39 /* protocol version mismatch */ -#define RD_AP_MSG_TYPE 40 /* invalid msg type */ -#define RD_AP_MODIFIED 41 /* message stream modified */ -#define RD_AP_ORDER 42 /* message out of order */ -#define RD_AP_UNAUTHOR 43 /* unauthorized request */ - -/* Values returned by get_pw_tkt */ -#define GT_PW_OK 0 /* Got password changing tkt */ -#define GT_PW_NULL 51 /* Current PW is null */ -#define GT_PW_BADPW 52 /* Incorrect current password */ -#define GT_PW_PROT 53 /* Protocol Error */ -#define GT_PW_KDCERR 54 /* Error returned by KDC */ -#define GT_PW_NULLTKT 55 /* Null tkt returned by KDC */ - - -/* Values returned by send_to_kdc */ -#define SKDC_OK 0 /* Response received */ -#define SKDC_RETRY 56 /* Retry count exceeded */ -#define SKDC_CANT 57 /* Can't send request */ - -/* - * Values returned by get_intkt - * (can also return SKDC_* and KDC errors) - */ - -#define INTK_OK 0 /* Ticket obtained */ -#define INTK_W_NOTALL 61 /* Not ALL tickets returned */ -#define INTK_BADPW 62 /* Incorrect password */ -#define INTK_PROT 63 /* Protocol Error */ -#define INTK_ERR 70 /* Other error */ - -/* Values returned by get_adtkt */ -#define AD_OK 0 /* Ticket Obtained */ -#define AD_NOTGT 71 /* Don't have tgt */ -#define AD_INTR_RLM_NOTGT 72 /* Can't get inter-realm tgt */ - -/* Error codes returned by ticket file utilities */ -#define NO_TKT_FIL 76 /* No ticket file found */ -#define TKT_FIL_ACC 77 /* Couldn't access tkt file */ -#define TKT_FIL_LCK 78 /* Couldn't lock ticket file */ -#define TKT_FIL_FMT 79 /* Bad ticket file format */ -#define TKT_FIL_INI 80 /* tf_init not called first */ - -/* Error code returned by kparse_name */ -#define KNAME_FMT 81 /* Bad Kerberos name format */ - -/* Error code returned by krb_mk_safe */ -#define SAFE_PRIV_ERROR -1 /* syscall error */ - -/* Defines for krb_sendauth and krb_recvauth */ - -#define KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */ -#define KOPT_DO_MUTUAL 0x00000002 /* do mutual auth */ - -#define KOPT_DONT_CANON 0x00000004 /* - * don't canonicalize inst as - * a hostname - */ - -#define KOPT_IGNORE_PROTOCOL 0x0008 - -#define KRB_SENDAUTH_VLEN 8 /* length for version strings */ - - -/* flags for krb_verify_user() */ -#define KRB_VERIFY_NOT_SECURE 0 -#define KRB_VERIFY_SECURE 1 -#define KRB_VERIFY_SECURE_FAIL 2 - -extern char *krb4_version; - -typedef int (*key_proc_t) __P((const char *name, - char *instance, /* INOUT parameter */ - const char *realm, - const void *password, - des_cblock *key)); - -typedef int (*decrypt_proc_t) __P((const char *name, - const char *instance, - const char *realm, - const void *arg, - key_proc_t, - KTEXT *)); - -#include "krb-protos.h" - -__END_DECLS - -#endif /* __KRB_H__ */ diff --git a/crypto/kerberosIV/lib/krb/krb.mak b/crypto/kerberosIV/lib/krb/krb.mak deleted file mode 100644 index e9d5690762c8..000000000000 --- a/crypto/kerberosIV/lib/krb/krb.mak +++ /dev/null @@ -1,1902 +0,0 @@ -# Microsoft Developer Studio Generated NMAKE File, Based on krb.dsp -!IF "$(CFG)" == "" -CFG=krb - Win32 Release -!MESSAGE No configuration specified. Defaulting to krb - Win32 Release. -!ENDIF - -!IF "$(CFG)" != "krb - Win32 Release" && "$(CFG)" != "krb - Win32 Debug" -!MESSAGE Invalid configuration "$(CFG)" specified. -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "krb.mak" CFG="krb - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "krb - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "krb - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE -!ERROR An invalid configuration is specified. -!ENDIF - -!IF "$(OS)" == "Windows_NT" -NULL= -!ELSE -NULL=nul -!ENDIF - -!IF "$(CFG)" == "krb - Win32 Release" - -OUTDIR=.\Release -INTDIR=.\Release -# Begin Custom Macros -OutDir=.\.\Release -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\krb.dll" - -!ELSE - -ALL : "des - Win32 Release" "$(OUTDIR)\krb.dll" - -!ENDIF - -!IF "$(RECURSE)" == "1" -CLEAN :"des - Win32 ReleaseCLEAN" -!ELSE -CLEAN : -!ENDIF - -@erase "$(INTDIR)\cr_err_reply.obj" - -@erase "$(INTDIR)\create_auth_reply.obj" - -@erase "$(INTDIR)\create_ciph.obj" - -@erase "$(INTDIR)\create_ticket.obj" - -@erase "$(INTDIR)\debug_decl.obj" - -@erase "$(INTDIR)\decomp_ticket.obj" - -@erase "$(INTDIR)\dllmain.obj" - -@erase "$(INTDIR)\encrypt_ktext.obj" - -@erase "$(INTDIR)\get_ad_tkt.obj" - -@erase "$(INTDIR)\get_cred.obj" - -@erase "$(INTDIR)\get_default_principal.obj" - -@erase "$(INTDIR)\get_host.obj" - -@erase "$(INTDIR)\get_in_tkt.obj" - -@erase "$(INTDIR)\get_krbrlm.obj" - -@erase "$(INTDIR)\get_svc_in_tkt.obj" - -@erase "$(INTDIR)\get_tf_fullname.obj" - -@erase "$(INTDIR)\get_tf_realm.obj" - -@erase "$(INTDIR)\getaddrs.obj" - -@erase "$(INTDIR)\getfile.obj" - -@erase "$(INTDIR)\getrealm.obj" - -@erase "$(INTDIR)\getst.obj" - -@erase "$(INTDIR)\k_flock.obj" - -@erase "$(INTDIR)\k_gethostname.obj" - -@erase "$(INTDIR)\k_getport.obj" - -@erase "$(INTDIR)\k_getsockinst.obj" - -@erase "$(INTDIR)\k_localtime.obj" - -@erase "$(INTDIR)\kdc_reply.obj" - -@erase "$(INTDIR)\kntoln.obj" - -@erase "$(INTDIR)\krb.res" - -@erase "$(INTDIR)\krb_check_auth.obj" - -@erase "$(INTDIR)\krb_equiv.obj" - -@erase "$(INTDIR)\krb_err_txt.obj" - -@erase "$(INTDIR)\krb_get_in_tkt.obj" - -@erase "$(INTDIR)\lifetime.obj" - -@erase "$(INTDIR)\logging.obj" - -@erase "$(INTDIR)\lsb_addr_comp.obj" - -@erase "$(INTDIR)\mk_auth.obj" - -@erase "$(INTDIR)\mk_err.obj" - -@erase "$(INTDIR)\mk_priv.obj" - -@erase "$(INTDIR)\mk_req.obj" - -@erase "$(INTDIR)\mk_safe.obj" - -@erase "$(INTDIR)\month_sname.obj" - -@erase "$(INTDIR)\name2name.obj" - -@erase "$(INTDIR)\netread.obj" - -@erase "$(INTDIR)\netwrite.obj" - -@erase "$(INTDIR)\one.obj" - -@erase "$(INTDIR)\parse_name.obj" - -@erase "$(INTDIR)\rd_err.obj" - -@erase "$(INTDIR)\rd_priv.obj" - -@erase "$(INTDIR)\rd_req.obj" - -@erase "$(INTDIR)\rd_safe.obj" - -@erase "$(INTDIR)\read_service_key.obj" - -@erase "$(INTDIR)\realm_parse.obj" - -@erase "$(INTDIR)\recvauth.obj" - -@erase "$(INTDIR)\rw.obj" - -@erase "$(INTDIR)\save_credentials.obj" - -@erase "$(INTDIR)\send_to_kdc.obj" - -@erase "$(INTDIR)\sendauth.obj" - -@erase "$(INTDIR)\stime.obj" - -@erase "$(INTDIR)\str2key.obj" - -@erase "$(INTDIR)\ticket_memory.obj" - -@erase "$(INTDIR)\time.obj" - -@erase "$(INTDIR)\tkt_string.obj" - -@erase "$(INTDIR)\unparse_name.obj" - -@erase "$(INTDIR)\util.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(INTDIR)\verify_user.obj" - -@erase "$(OUTDIR)\krb.dll" - -@erase "$(OUTDIR)\krb.exp" - -@erase "$(OUTDIR)\krb.lib" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP=cl.exe -CPP_PROJ=/nologo /MT /W3 /GX /O2 /I "." /I "..\..\include" /I\ - "..\..\include\win32" /I "..\des" /I "..\roken" /D "NDEBUG" /D "WIN32" /D\ - "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)\krb.pch" /YX /Fo"$(INTDIR)\\"\ - /Fd"$(INTDIR)\\" /FD /c -CPP_OBJS=.\Release/ -CPP_SBRS=. - -.c{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.c{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -MTL=midl.exe -MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /win32 -RSC=rc.exe -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\krb.res" /d "NDEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\krb.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=..\roken\Release\roken.lib ..\des\Release\des.lib wsock32.lib\ - kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\ - shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll\ - /incremental:no /pdb:"$(OUTDIR)\krb.pdb" /machine:I386 /def:".\krb.def"\ - /out:"$(OUTDIR)\krb.dll" /implib:"$(OUTDIR)\krb.lib" -DEF_FILE= \ - ".\krb.def" -LINK32_OBJS= \ - "$(INTDIR)\cr_err_reply.obj" \ - "$(INTDIR)\create_auth_reply.obj" \ - "$(INTDIR)\create_ciph.obj" \ - "$(INTDIR)\create_ticket.obj" \ - "$(INTDIR)\debug_decl.obj" \ - "$(INTDIR)\decomp_ticket.obj" \ - "$(INTDIR)\dllmain.obj" \ - "$(INTDIR)\encrypt_ktext.obj" \ - "$(INTDIR)\get_ad_tkt.obj" \ - "$(INTDIR)\get_cred.obj" \ - "$(INTDIR)\get_default_principal.obj" \ - "$(INTDIR)\get_host.obj" \ - "$(INTDIR)\get_in_tkt.obj" \ - "$(INTDIR)\get_krbrlm.obj" \ - "$(INTDIR)\get_svc_in_tkt.obj" \ - "$(INTDIR)\get_tf_fullname.obj" \ - "$(INTDIR)\get_tf_realm.obj" \ - "$(INTDIR)\getaddrs.obj" \ - "$(INTDIR)\getfile.obj" \ - "$(INTDIR)\getrealm.obj" \ - "$(INTDIR)\getst.obj" \ - "$(INTDIR)\k_flock.obj" \ - "$(INTDIR)\k_gethostname.obj" \ - "$(INTDIR)\k_getport.obj" \ - "$(INTDIR)\k_getsockinst.obj" \ - "$(INTDIR)\k_localtime.obj" \ - "$(INTDIR)\kdc_reply.obj" \ - "$(INTDIR)\kntoln.obj" \ - "$(INTDIR)\krb.res" \ - "$(INTDIR)\krb_check_auth.obj" \ - "$(INTDIR)\krb_equiv.obj" \ - "$(INTDIR)\krb_err_txt.obj" \ - "$(INTDIR)\krb_get_in_tkt.obj" \ - "$(INTDIR)\lifetime.obj" \ - "$(INTDIR)\logging.obj" \ - "$(INTDIR)\lsb_addr_comp.obj" \ - "$(INTDIR)\mk_auth.obj" \ - "$(INTDIR)\mk_err.obj" \ - "$(INTDIR)\mk_priv.obj" \ - "$(INTDIR)\mk_req.obj" \ - "$(INTDIR)\mk_safe.obj" \ - "$(INTDIR)\month_sname.obj" \ - "$(INTDIR)\name2name.obj" \ - "$(INTDIR)\netread.obj" \ - "$(INTDIR)\netwrite.obj" \ - "$(INTDIR)\one.obj" \ - "$(INTDIR)\parse_name.obj" \ - "$(INTDIR)\rd_err.obj" \ - "$(INTDIR)\rd_priv.obj" \ - "$(INTDIR)\rd_req.obj" \ - "$(INTDIR)\rd_safe.obj" \ - "$(INTDIR)\read_service_key.obj" \ - "$(INTDIR)\realm_parse.obj" \ - "$(INTDIR)\recvauth.obj" \ - "$(INTDIR)\rw.obj" \ - "$(INTDIR)\save_credentials.obj" \ - "$(INTDIR)\send_to_kdc.obj" \ - "$(INTDIR)\sendauth.obj" \ - "$(INTDIR)\stime.obj" \ - "$(INTDIR)\str2key.obj" \ - "$(INTDIR)\ticket_memory.obj" \ - "$(INTDIR)\time.obj" \ - "$(INTDIR)\tkt_string.obj" \ - "$(INTDIR)\unparse_name.obj" \ - "$(INTDIR)\util.obj" \ - "$(INTDIR)\verify_user.obj" \ - "..\des\Release\des.lib" - -"$(OUTDIR)\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ELSEIF "$(CFG)" == "krb - Win32 Debug" - -OUTDIR=.\Debug -INTDIR=.\Debug -# Begin Custom Macros -OutDir=.\.\Debug -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\krb.dll" - -!ELSE - -ALL : "des - Win32 Debug" "$(OUTDIR)\krb.dll" - -!ENDIF - -!IF "$(RECURSE)" == "1" -CLEAN :"des - Win32 DebugCLEAN" -!ELSE -CLEAN : -!ENDIF - -@erase "$(INTDIR)\cr_err_reply.obj" - -@erase "$(INTDIR)\create_auth_reply.obj" - -@erase "$(INTDIR)\create_ciph.obj" - -@erase "$(INTDIR)\create_ticket.obj" - -@erase "$(INTDIR)\debug_decl.obj" - -@erase "$(INTDIR)\decomp_ticket.obj" - -@erase "$(INTDIR)\dllmain.obj" - -@erase "$(INTDIR)\encrypt_ktext.obj" - -@erase "$(INTDIR)\get_ad_tkt.obj" - -@erase "$(INTDIR)\get_cred.obj" - -@erase "$(INTDIR)\get_default_principal.obj" - -@erase "$(INTDIR)\get_host.obj" - -@erase "$(INTDIR)\get_in_tkt.obj" - -@erase "$(INTDIR)\get_krbrlm.obj" - -@erase "$(INTDIR)\get_svc_in_tkt.obj" - -@erase "$(INTDIR)\get_tf_fullname.obj" - -@erase "$(INTDIR)\get_tf_realm.obj" - -@erase "$(INTDIR)\getaddrs.obj" - -@erase "$(INTDIR)\getfile.obj" - -@erase "$(INTDIR)\getrealm.obj" - -@erase "$(INTDIR)\getst.obj" - -@erase "$(INTDIR)\k_flock.obj" - -@erase "$(INTDIR)\k_gethostname.obj" - -@erase "$(INTDIR)\k_getport.obj" - -@erase "$(INTDIR)\k_getsockinst.obj" - -@erase "$(INTDIR)\k_localtime.obj" - -@erase "$(INTDIR)\kdc_reply.obj" - -@erase "$(INTDIR)\kntoln.obj" - -@erase "$(INTDIR)\krb.res" - -@erase "$(INTDIR)\krb_check_auth.obj" - -@erase "$(INTDIR)\krb_equiv.obj" - -@erase "$(INTDIR)\krb_err_txt.obj" - -@erase "$(INTDIR)\krb_get_in_tkt.obj" - -@erase "$(INTDIR)\lifetime.obj" - -@erase "$(INTDIR)\logging.obj" - -@erase "$(INTDIR)\lsb_addr_comp.obj" - -@erase "$(INTDIR)\mk_auth.obj" - -@erase "$(INTDIR)\mk_err.obj" - -@erase "$(INTDIR)\mk_priv.obj" - -@erase "$(INTDIR)\mk_req.obj" - -@erase "$(INTDIR)\mk_safe.obj" - -@erase "$(INTDIR)\month_sname.obj" - -@erase "$(INTDIR)\name2name.obj" - -@erase "$(INTDIR)\netread.obj" - -@erase "$(INTDIR)\netwrite.obj" - -@erase "$(INTDIR)\one.obj" - -@erase "$(INTDIR)\parse_name.obj" - -@erase "$(INTDIR)\rd_err.obj" - -@erase "$(INTDIR)\rd_priv.obj" - -@erase "$(INTDIR)\rd_req.obj" - -@erase "$(INTDIR)\rd_safe.obj" - -@erase "$(INTDIR)\read_service_key.obj" - -@erase "$(INTDIR)\realm_parse.obj" - -@erase "$(INTDIR)\recvauth.obj" - -@erase "$(INTDIR)\rw.obj" - -@erase "$(INTDIR)\save_credentials.obj" - -@erase "$(INTDIR)\send_to_kdc.obj" - -@erase "$(INTDIR)\sendauth.obj" - -@erase "$(INTDIR)\stime.obj" - -@erase "$(INTDIR)\str2key.obj" - -@erase "$(INTDIR)\ticket_memory.obj" - -@erase "$(INTDIR)\time.obj" - -@erase "$(INTDIR)\tkt_string.obj" - -@erase "$(INTDIR)\unparse_name.obj" - -@erase "$(INTDIR)\util.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(INTDIR)\vc50.pdb" - -@erase "$(INTDIR)\verify_user.obj" - -@erase "$(OUTDIR)\krb.dll" - -@erase "$(OUTDIR)\krb.exp" - -@erase "$(OUTDIR)\krb.ilk" - -@erase "$(OUTDIR)\krb.lib" - -@erase "$(OUTDIR)\krb.pdb" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP=cl.exe -CPP_PROJ=/nologo /MDd /W3 /Gm /GX /Zi /Od /I "." /I "..\..\include" /I\ - "..\..\include\win32" /I "..\des" /I "..\roken" /D "_DEBUG" /D "WIN32" /D\ - "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)\krb.pch" /YX /Fo"$(INTDIR)\\"\ - /Fd"$(INTDIR)\\" /FD /c -CPP_OBJS=.\Debug/ -CPP_SBRS=. - -.c{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.c{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -MTL=midl.exe -MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /win32 -RSC=rc.exe -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\krb.res" /d "_DEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\krb.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=..\roken\Debug\roken.lib ..\des\Debug\des.lib wsock32.lib\ - kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib\ - shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll\ - /incremental:yes /pdb:"$(OUTDIR)\krb.pdb" /debug /machine:I386 /def:".\krb.def"\ - /out:"$(OUTDIR)\krb.dll" /implib:"$(OUTDIR)\krb.lib" -DEF_FILE= \ - ".\krb.def" -LINK32_OBJS= \ - "$(INTDIR)\cr_err_reply.obj" \ - "$(INTDIR)\create_auth_reply.obj" \ - "$(INTDIR)\create_ciph.obj" \ - "$(INTDIR)\create_ticket.obj" \ - "$(INTDIR)\debug_decl.obj" \ - "$(INTDIR)\decomp_ticket.obj" \ - "$(INTDIR)\dllmain.obj" \ - "$(INTDIR)\encrypt_ktext.obj" \ - "$(INTDIR)\get_ad_tkt.obj" \ - "$(INTDIR)\get_cred.obj" \ - "$(INTDIR)\get_default_principal.obj" \ - "$(INTDIR)\get_host.obj" \ - "$(INTDIR)\get_in_tkt.obj" \ - "$(INTDIR)\get_krbrlm.obj" \ - "$(INTDIR)\get_svc_in_tkt.obj" \ - "$(INTDIR)\get_tf_fullname.obj" \ - "$(INTDIR)\get_tf_realm.obj" \ - "$(INTDIR)\getaddrs.obj" \ - "$(INTDIR)\getfile.obj" \ - "$(INTDIR)\getrealm.obj" \ - "$(INTDIR)\getst.obj" \ - "$(INTDIR)\k_flock.obj" \ - "$(INTDIR)\k_gethostname.obj" \ - "$(INTDIR)\k_getport.obj" \ - "$(INTDIR)\k_getsockinst.obj" \ - "$(INTDIR)\k_localtime.obj" \ - "$(INTDIR)\kdc_reply.obj" \ - "$(INTDIR)\kntoln.obj" \ - "$(INTDIR)\krb.res" \ - "$(INTDIR)\krb_check_auth.obj" \ - "$(INTDIR)\krb_equiv.obj" \ - "$(INTDIR)\krb_err_txt.obj" \ - "$(INTDIR)\krb_get_in_tkt.obj" \ - "$(INTDIR)\lifetime.obj" \ - "$(INTDIR)\logging.obj" \ - "$(INTDIR)\lsb_addr_comp.obj" \ - "$(INTDIR)\mk_auth.obj" \ - "$(INTDIR)\mk_err.obj" \ - "$(INTDIR)\mk_priv.obj" \ - "$(INTDIR)\mk_req.obj" \ - "$(INTDIR)\mk_safe.obj" \ - "$(INTDIR)\month_sname.obj" \ - "$(INTDIR)\name2name.obj" \ - "$(INTDIR)\netread.obj" \ - "$(INTDIR)\netwrite.obj" \ - "$(INTDIR)\one.obj" \ - "$(INTDIR)\parse_name.obj" \ - "$(INTDIR)\rd_err.obj" \ - "$(INTDIR)\rd_priv.obj" \ - "$(INTDIR)\rd_req.obj" \ - "$(INTDIR)\rd_safe.obj" \ - "$(INTDIR)\read_service_key.obj" \ - "$(INTDIR)\realm_parse.obj" \ - "$(INTDIR)\recvauth.obj" \ - "$(INTDIR)\rw.obj" \ - "$(INTDIR)\save_credentials.obj" \ - "$(INTDIR)\send_to_kdc.obj" \ - "$(INTDIR)\sendauth.obj" \ - "$(INTDIR)\stime.obj" \ - "$(INTDIR)\str2key.obj" \ - "$(INTDIR)\ticket_memory.obj" \ - "$(INTDIR)\time.obj" \ - "$(INTDIR)\tkt_string.obj" \ - "$(INTDIR)\unparse_name.obj" \ - "$(INTDIR)\util.obj" \ - "$(INTDIR)\verify_user.obj" \ - "..\des\Debug\des.lib" - -"$(OUTDIR)\krb.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ENDIF - - -!IF "$(CFG)" == "krb - Win32 Release" || "$(CFG)" == "krb - Win32 Debug" -SOURCE=.\cr_err_reply.c -DEP_CPP_CR_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\cr_err_reply.obj" : $(SOURCE) $(DEP_CPP_CR_ER) "$(INTDIR)" - - -SOURCE=.\create_auth_reply.c -DEP_CPP_CREAT=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\create_auth_reply.obj" : $(SOURCE) $(DEP_CPP_CREAT) "$(INTDIR)" - - -SOURCE=.\create_ciph.c -DEP_CPP_CREATE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\create_ciph.obj" : $(SOURCE) $(DEP_CPP_CREATE) "$(INTDIR)" - - -SOURCE=.\create_ticket.c -DEP_CPP_CREATE_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\create_ticket.obj" : $(SOURCE) $(DEP_CPP_CREATE_) "$(INTDIR)" - - -SOURCE=.\debug_decl.c -DEP_CPP_DEBUG=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\debug_decl.obj" : $(SOURCE) $(DEP_CPP_DEBUG) "$(INTDIR)" - - -SOURCE=.\decomp_ticket.c -DEP_CPP_DECOM=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\decomp_ticket.obj" : $(SOURCE) $(DEP_CPP_DECOM) "$(INTDIR)" - - -SOURCE=.\dllmain.c -DEP_CPP_DLLMA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - ".\ticket_memory.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\dllmain.obj" : $(SOURCE) $(DEP_CPP_DLLMA) "$(INTDIR)" - - -SOURCE=.\encrypt_ktext.c -DEP_CPP_ENCRY=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\encrypt_ktext.obj" : $(SOURCE) $(DEP_CPP_ENCRY) "$(INTDIR)" - - -SOURCE=.\get_ad_tkt.c -DEP_CPP_GET_A=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_ad_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_A) "$(INTDIR)" - - -SOURCE=.\get_cred.c -DEP_CPP_GET_C=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_cred.obj" : $(SOURCE) $(DEP_CPP_GET_C) "$(INTDIR)" - - -SOURCE=.\get_default_principal.c -DEP_CPP_GET_D=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_default_principal.obj" : $(SOURCE) $(DEP_CPP_GET_D) "$(INTDIR)" - - -SOURCE=.\get_host.c -DEP_CPP_GET_H=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_host.obj" : $(SOURCE) $(DEP_CPP_GET_H) "$(INTDIR)" - - -SOURCE=.\get_in_tkt.c -DEP_CPP_GET_I=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_I) "$(INTDIR)" - - -SOURCE=.\get_krbrlm.c -DEP_CPP_GET_K=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_krbrlm.obj" : $(SOURCE) $(DEP_CPP_GET_K) "$(INTDIR)" - - -SOURCE=.\get_svc_in_tkt.c -DEP_CPP_GET_S=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_svc_in_tkt.obj" : $(SOURCE) $(DEP_CPP_GET_S) "$(INTDIR)" - - -SOURCE=.\get_tf_fullname.c -DEP_CPP_GET_T=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_tf_fullname.obj" : $(SOURCE) $(DEP_CPP_GET_T) "$(INTDIR)" - - -SOURCE=.\get_tf_realm.c -DEP_CPP_GET_TF=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\get_tf_realm.obj" : $(SOURCE) $(DEP_CPP_GET_TF) "$(INTDIR)" - - -SOURCE=.\getaddrs.c -DEP_CPP_GETAD=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getaddrs.obj" : $(SOURCE) $(DEP_CPP_GETAD) "$(INTDIR)" - - -SOURCE=.\getfile.c -DEP_CPP_GETFI=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getfile.obj" : $(SOURCE) $(DEP_CPP_GETFI) "$(INTDIR)" - - -SOURCE=.\getrealm.c -DEP_CPP_GETRE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - ".\resolve.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getrealm.obj" : $(SOURCE) $(DEP_CPP_GETRE) "$(INTDIR)" - - -SOURCE=.\getst.c -DEP_CPP_GETST=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getst.obj" : $(SOURCE) $(DEP_CPP_GETST) "$(INTDIR)" - - -SOURCE=.\k_flock.c -DEP_CPP_K_FLO=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_flock.obj" : $(SOURCE) $(DEP_CPP_K_FLO) "$(INTDIR)" - - -SOURCE=.\k_gethostname.c -DEP_CPP_K_GET=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_gethostname.obj" : $(SOURCE) $(DEP_CPP_K_GET) "$(INTDIR)" - - -SOURCE=.\k_getport.c -DEP_CPP_K_GETP=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_getport.obj" : $(SOURCE) $(DEP_CPP_K_GETP) "$(INTDIR)" - - -SOURCE=.\k_getsockinst.c -DEP_CPP_K_GETS=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_getsockinst.obj" : $(SOURCE) $(DEP_CPP_K_GETS) "$(INTDIR)" - - -SOURCE=.\k_localtime.c -DEP_CPP_K_LOC=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\k_localtime.obj" : $(SOURCE) $(DEP_CPP_K_LOC) "$(INTDIR)" - - -SOURCE=.\kdc_reply.c -DEP_CPP_KDC_R=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\kdc_reply.obj" : $(SOURCE) $(DEP_CPP_KDC_R) "$(INTDIR)" - - -SOURCE=.\kntoln.c -DEP_CPP_KNTOL=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\kntoln.obj" : $(SOURCE) $(DEP_CPP_KNTOL) "$(INTDIR)" - - -SOURCE=.\krb_check_auth.c -DEP_CPP_KRB_C=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_check_auth.obj" : $(SOURCE) $(DEP_CPP_KRB_C) "$(INTDIR)" - - -SOURCE=.\krb_equiv.c -DEP_CPP_KRB_E=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_equiv.obj" : $(SOURCE) $(DEP_CPP_KRB_E) "$(INTDIR)" - - -SOURCE=.\krb_err_txt.c -DEP_CPP_KRB_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_err_txt.obj" : $(SOURCE) $(DEP_CPP_KRB_ER) "$(INTDIR)" - - -SOURCE=.\krb_get_in_tkt.c -DEP_CPP_KRB_G=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\krb_get_in_tkt.obj" : $(SOURCE) $(DEP_CPP_KRB_G) "$(INTDIR)" - - -SOURCE=.\lifetime.c -DEP_CPP_LIFET=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\lifetime.obj" : $(SOURCE) $(DEP_CPP_LIFET) "$(INTDIR)" - - -SOURCE=.\logging.c -DEP_CPP_LOGGI=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\klog.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\logging.obj" : $(SOURCE) $(DEP_CPP_LOGGI) "$(INTDIR)" - - -SOURCE=.\lsb_addr_comp.c -DEP_CPP_LSB_A=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\lsb_addr_comp.obj" : $(SOURCE) $(DEP_CPP_LSB_A) "$(INTDIR)" - - -SOURCE=.\mk_auth.c -DEP_CPP_MK_AU=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_auth.obj" : $(SOURCE) $(DEP_CPP_MK_AU) "$(INTDIR)" - - -SOURCE=.\mk_err.c -DEP_CPP_MK_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_err.obj" : $(SOURCE) $(DEP_CPP_MK_ER) "$(INTDIR)" - - -SOURCE=.\mk_priv.c -DEP_CPP_MK_PR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_priv.obj" : $(SOURCE) $(DEP_CPP_MK_PR) "$(INTDIR)" - - -SOURCE=.\mk_req.c -DEP_CPP_MK_RE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_req.obj" : $(SOURCE) $(DEP_CPP_MK_RE) "$(INTDIR)" - - -SOURCE=.\mk_safe.c -DEP_CPP_MK_SA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\mk_safe.obj" : $(SOURCE) $(DEP_CPP_MK_SA) "$(INTDIR)" - - -SOURCE=.\month_sname.c -DEP_CPP_MONTH=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\month_sname.obj" : $(SOURCE) $(DEP_CPP_MONTH) "$(INTDIR)" - - -SOURCE=.\name2name.c -DEP_CPP_NAME2=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\name2name.obj" : $(SOURCE) $(DEP_CPP_NAME2) "$(INTDIR)" - - -SOURCE=.\netread.c -DEP_CPP_NETRE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\netread.obj" : $(SOURCE) $(DEP_CPP_NETRE) "$(INTDIR)" - - -SOURCE=.\netwrite.c -DEP_CPP_NETWR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\netwrite.obj" : $(SOURCE) $(DEP_CPP_NETWR) "$(INTDIR)" - - -SOURCE=.\one.c - -"$(INTDIR)\one.obj" : $(SOURCE) "$(INTDIR)" - - -SOURCE=.\parse_name.c -DEP_CPP_PARSE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\parse_name.obj" : $(SOURCE) $(DEP_CPP_PARSE) "$(INTDIR)" - - -SOURCE=.\rd_err.c -DEP_CPP_RD_ER=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_err.obj" : $(SOURCE) $(DEP_CPP_RD_ER) "$(INTDIR)" - - -SOURCE=.\rd_priv.c -DEP_CPP_RD_PR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_priv.obj" : $(SOURCE) $(DEP_CPP_RD_PR) "$(INTDIR)" - - -SOURCE=.\rd_req.c -DEP_CPP_RD_RE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_req.obj" : $(SOURCE) $(DEP_CPP_RD_RE) "$(INTDIR)" - - -SOURCE=.\rd_safe.c -DEP_CPP_RD_SA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-archaeology.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rd_safe.obj" : $(SOURCE) $(DEP_CPP_RD_SA) "$(INTDIR)" - - -SOURCE=.\read_service_key.c -DEP_CPP_READ_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\read_service_key.obj" : $(SOURCE) $(DEP_CPP_READ_) "$(INTDIR)" - - -SOURCE=.\realm_parse.c -DEP_CPP_REALM=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\realm_parse.obj" : $(SOURCE) $(DEP_CPP_REALM) "$(INTDIR)" - - -SOURCE=.\recvauth.c -DEP_CPP_RECVA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\recvauth.obj" : $(SOURCE) $(DEP_CPP_RECVA) "$(INTDIR)" - - -SOURCE=.\resolve.c -DEP_CPP_RESOL=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)" - - -SOURCE=.\rw.c -DEP_CPP_RW_C6a=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\..\include\win32\version.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\rw.obj" : $(SOURCE) $(DEP_CPP_RW_C6a) "$(INTDIR)" - - -SOURCE=.\save_credentials.c -DEP_CPP_SAVE_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\save_credentials.obj" : $(SOURCE) $(DEP_CPP_SAVE_) "$(INTDIR)" - - -SOURCE=.\send_to_kdc.c -DEP_CPP_SEND_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\base64.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\send_to_kdc.obj" : $(SOURCE) $(DEP_CPP_SEND_) "$(INTDIR)" - - -SOURCE=.\sendauth.c -DEP_CPP_SENDA=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\sendauth.obj" : $(SOURCE) $(DEP_CPP_SENDA) "$(INTDIR)" - - -SOURCE=.\stime.c -DEP_CPP_STIME=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\stime.obj" : $(SOURCE) $(DEP_CPP_STIME) "$(INTDIR)" - - -SOURCE=.\str2key.c -DEP_CPP_STR2K=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\str2key.obj" : $(SOURCE) $(DEP_CPP_STR2K) "$(INTDIR)" - - -SOURCE=.\ticket_memory.c -DEP_CPP_TICKE=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - ".\ticket_memory.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\ticket_memory.obj" : $(SOURCE) $(DEP_CPP_TICKE) "$(INTDIR)" - - -SOURCE=.\time.c -DEP_CPP_TIME_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\time.obj" : $(SOURCE) $(DEP_CPP_TIME_) "$(INTDIR)" - - -SOURCE=.\tkt_string.c -DEP_CPP_TKT_S=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\tkt_string.obj" : $(SOURCE) $(DEP_CPP_TKT_S) "$(INTDIR)" - - -SOURCE=.\unparse_name.c -DEP_CPP_UNPAR=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\unparse_name.obj" : $(SOURCE) $(DEP_CPP_UNPAR) "$(INTDIR)" - - -SOURCE=.\util.c -DEP_CPP_UTIL_=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\util.obj" : $(SOURCE) $(DEP_CPP_UTIL_) "$(INTDIR)" - - -SOURCE=.\verify_user.c -DEP_CPP_VERIF=\ - "..\..\include\protos.h"\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\ktypes.h"\ - "..\..\include\win32\roken.h"\ - "..\des\des.h"\ - "..\roken\err.h"\ - "..\roken\roken-common.h"\ - ".\krb-protos.h"\ - ".\krb.h"\ - ".\krb_locl.h"\ - ".\krb_log.h"\ - ".\prot.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\verify_user.obj" : $(SOURCE) $(DEP_CPP_VERIF) "$(INTDIR)" - - -SOURCE=.\krb.rc - -"$(INTDIR)\krb.res" : $(SOURCE) "$(INTDIR)" - $(RSC) $(RSC_PROJ) $(SOURCE) - - -!IF "$(CFG)" == "krb - Win32 Release" - -"des - Win32 Release" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) /F ".\des.mak" CFG="des - Win32 Release" - cd "..\krb" - -"des - Win32 ReleaseCLEAN" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\des.mak" CFG="des - Win32 Release"\ - RECURSE=1 - cd "..\krb" - -!ELSEIF "$(CFG)" == "krb - Win32 Debug" - -"des - Win32 Debug" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) /F ".\des.mak" CFG="des - Win32 Debug" - cd "..\krb" - -"des - Win32 DebugCLEAN" : - cd "\tmp\wirus-krb\krb4-pre-0.9.9\lib\des" - $(MAKE) /$(MAKEFLAGS) CLEAN /F ".\des.mak" CFG="des - Win32 Debug" RECURSE=1\ - - cd "..\krb" - -!ENDIF - - -!ENDIF - diff --git a/crypto/kerberosIV/lib/krb/krb.rc b/crypto/kerberosIV/lib/krb/krb.rc deleted file mode 100644 index 413e706bbede..000000000000 --- a/crypto/kerberosIV/lib/krb/krb.rc +++ /dev/null @@ -1,105 +0,0 @@ -//Microsoft Developer Studio generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// Swedish resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_SVE) -#ifdef _WIN32 -LANGUAGE LANG_SWEDISH, SUBLANG_DEFAULT -#pragma code_page(1252) -#endif //_WIN32 - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE DISCARDABLE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE DISCARDABLE -BEGIN - "#include ""afxres.h""\r\n" - "\0" -END - -3 TEXTINCLUDE DISCARDABLE -BEGIN - "\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -#ifndef _MAC -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,0,0,1 - PRODUCTVERSION 1,0,0,1 - FILEFLAGSMASK 0x3fL -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x40004L - FILETYPE 0x2L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "Royal Institute of Technology (KTH)\0" - VALUE "FileDescription", "krb\0" - VALUE "FileVersion", "4, 0, 9, 9\0" - VALUE "InternalName", "krb\0" - VALUE "LegalCopyright", "Copyright © 1996 - 1998 Royal Institute of Technology (KTH)\0" - VALUE "OriginalFilename", "krb.dll\0" - VALUE "ProductName", "KTH Kerberos\0" - VALUE "ProductVersion", "4,0,9,9\0" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - -#endif // !_MAC - -#endif // Swedish resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// - - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - diff --git a/crypto/kerberosIV/lib/krb/krb_check_auth.c b/crypto/kerberosIV/lib/krb/krb_check_auth.c deleted file mode 100644 index 00e68ca44c2f..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_check_auth.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: krb_check_auth.c,v 1.5 1999/12/02 16:58:42 joda Exp $"); - -/* - * - * Receive an mutual-authenticator for a server in `packet', with - * `checksum', `session', and `schedule' having the appropriate values - * and return the data in `msg_data'. - * - * Return KSUCCESS if the received checksum is correct. - * - */ - -int -krb_check_auth(KTEXT packet, - u_int32_t checksum, - MSG_DAT *msg_data, - des_cblock *session, - des_key_schedule schedule, - struct sockaddr_in *laddr, - struct sockaddr_in *faddr) -{ - int ret; - u_int32_t checksum2; - - ret = krb_rd_priv (packet->dat, packet->length, schedule, session, faddr, - laddr, msg_data); - if (ret != RD_AP_OK) - return ret; - if (msg_data->app_length != 4) - return KFAILURE; - krb_get_int (msg_data->app_data, &checksum2, 4, 0); - if (checksum2 == checksum + 1) - return KSUCCESS; - else - return KFAILURE; -} diff --git a/crypto/kerberosIV/lib/krb/krb_equiv.c b/crypto/kerberosIV/lib/krb/krb_equiv.c deleted file mode 100644 index 271d42221af7..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_equiv.c +++ /dev/null @@ -1,140 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * int krb_equiv(u_int32_t ipaddr_a, u_int32_t ipaddr_b); - * - * Given two IP adresses return true if they match - * or are considered to belong to the same host. - * - * For example if /etc/krb.equiv looks like - * - * 130.237.223.3 192.16.126.3 # alv alv1 - * 130.237.223.4 192.16.126.4 # byse byse1 - * 130.237.228.152 192.16.126.9 # topsy topsy1 - * - * krb_equiv(alv, alv1) would return true but - * krb_equiv(alv, byse1) would not. - * - * A comment starts with an '#' and ends with '\n'. - * - */ -#include "krb_locl.h" - -RCSID("$Id: krb_equiv.c,v 1.15 1999/12/02 16:58:42 joda Exp $"); - -int krb_ignore_ip_address = 0; - -int -krb_equiv(u_int32_t a, u_int32_t b) -{ - FILE *fil; - char line[256]; - int hit_a, hit_b; - int iscomment; - - if (a == b) /* trivial match, also the common case */ - return 1; - - if (krb_ignore_ip_address) - return 1; /* if we have decided not to compare */ - - a = ntohl(a); - b = ntohl(b); - - fil = fopen(KRB_EQUIV, "r"); - if (fil == NULL) /* open failed */ - return 0; - - hit_a = hit_b = 0; - iscomment = 0; - while (fgets(line, sizeof(line)-1, fil) != NULL) /* for each line */ - { - char *t = line; - int len = strlen(t); - - /* for each item on this line */ - while (*t != 0) /* more addresses on this line? */ - if (*t == '\n') { - iscomment = hit_a = hit_b = 0; - break; - } else if (iscomment) - t = line + len - 1; - else if (*t == '#') { /* rest is comment */ - iscomment = 1; - ++t; - } else if (*t == '\\' ) /* continuation */ - break; - else if (isspace((unsigned char)*t)) /* skip space */ - t++; - else if (isdigit((unsigned char)*t)) /* an address? */ - { - u_int32_t tmp; - u_int32_t tmpa, tmpb, tmpc, tmpd; - - sscanf(t, "%d.%d.%d.%d", &tmpa, &tmpb, &tmpc, &tmpd); - tmp = (tmpa << 24) | (tmpb << 16) | (tmpc << 8) | tmpd; - - /* done with this address */ - while (*t == '.' || isdigit((unsigned char)*t)) - t++; - - if (tmp != -1) { /* an address (and not broadcast) */ - u_int32_t mask = (u_int32_t)~0; - - if (*t == '/') { - ++t; - mask <<= 32 - atoi(t); - - while(isdigit((unsigned char)*t)) - ++t; - } - - if ((tmp & mask) == (a & mask)) - hit_a = 1; - if ((tmp & mask) == (b & mask)) - hit_b = 1; - if (hit_a && hit_b) { - fclose(fil); - return 1; - } - } - } - else - ++t; /* garbage on this line, skip it */ - - } - - fclose(fil); - return 0; -} diff --git a/crypto/kerberosIV/lib/krb/krb_err.et b/crypto/kerberosIV/lib/krb/krb_err.et deleted file mode 100644 index 9dce192fb6f6..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_err.et +++ /dev/null @@ -1,65 +0,0 @@ -# Copyright 1987,1988 Massachusetts Institute of Technology -# -# For copying and distribution information, see the file -# "mit-copyright.h". -# -# This might look like a com_err file, but is not -# -id "$Id: krb_err.et,v 1.7 1998/03/29 14:19:52 bg Exp $" - -error_table krb - -prefix KRBET -ec KSUCCESS, "Kerberos successful" -ec KDC_NAME_EXP, "Kerberos principal expired" -ec KDC_SERVICE_EXP, "Kerberos service expired" -ec KDC_AUTH_EXP, "Kerberos auth expired" -ec KDC_PKT_VER, "Incorrect kerberos master key version" -ec KDC_P_MKEY_VER, "Incorrect kerberos master key version" -ec KDC_S_MKEY_VER, "Incorrect kerberos master key version" -ec KDC_BYTE_ORDER, "Kerberos error: byte order unknown" -ec KDC_PR_UNKNOWN, "Kerberos principal unknown" -ec KDC_PR_N_UNIQUE, "Kerberos principal not unique" -ec KDC_NULL_KEY, "Kerberos principal has null key" -index 20 -ec KDC_GEN_ERR, "Generic error from Kerberos KDC" -ec GC_TKFIL, "Can't read Kerberos ticket file" -ec GC_NOTKT, "Can't find Kerberos ticket or TGT" -index 26 -ec MK_AP_TGTEXP, "Kerberos TGT Expired" -index 31 -ec RD_AP_UNDEC, "Kerberos error: Can't decode authenticator" -ec RD_AP_EXP, "Kerberos ticket expired" -ec RD_AP_NYV, "Kerberos ticket not yet valid" -ec RD_AP_REPEAT, "Kerberos error: Repeated request" -ec RD_AP_NOT_US, "The kerberos ticket isn't for us" -ec RD_AP_INCON, "Kerberos request inconsistent" -ec RD_AP_TIME, "Kerberos error: delta_t too big" -ec RD_AP_BADD, "Kerberos error: incorrect net address" -ec RD_AP_VERSION, "Kerberos protocol version mismatch" -ec RD_AP_MSG_TYPE, "Kerberos error: invalid msg type" -ec RD_AP_MODIFIED, "Kerberos error: message stream modified" -ec RD_AP_ORDER, "Kerberos error: message out of order" -ec RD_AP_UNAUTHOR, "Kerberos error: unauthorized request" -index 51 -ec GT_PW_NULL, "Kerberos error: current PW is null" -ec GT_PW_BADPW, "Kerberos error: Incorrect current password" -ec GT_PW_PROT, "Kerberos protocol error" -ec GT_PW_KDCERR, "Error returned by Kerberos KDC" -ec GT_PW_NULLTKT, "Null Kerberos ticket returned by KDC" -ec SKDC_RETRY, "Kerberos error: Retry count exceeded" -ec SKDC_CANT, "Kerberos error: Can't send request" -index 61 -ec INTK_W_NOTALL, "Kerberos error: not all tickets returned" -ec INTK_BADPW, "Kerberos error: incorrect password" -ec INTK_PROT, "Kerberos error: Protocol Error" -index 70 -ec INTK_ERR, "Other error" -ec AD_NOTGT, "Don't have Kerberos ticket-granting ticket" -index 76 -ec NO_TKT_FIL, "No ticket file found" -ec TKT_FIL_ACC, "Couldn't access ticket file" -ec TKT_FIL_LCK, "Couldn't lock ticket file" -ec TKT_FIL_FMT, "Bad ticket file format" -ec TKT_FIL_INI, "tf_init not called first" -ec KNAME_FMT, "Bad Kerberos name format" diff --git a/crypto/kerberosIV/lib/krb/krb_err_txt.c b/crypto/kerberosIV/lib/krb/krb_err_txt.c deleted file mode 100644 index cb6cd132e029..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_err_txt.c +++ /dev/null @@ -1,299 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_err_txt.c,v 1.13 1998/01/31 08:11:52 joda Exp $"); - -/* - * This file contains an array of error text strings. - * The associated error codes (which are defined in "krb.h") - * follow the string in the comments at the end of each line. - */ - -const char *krb_err_txt[256] = { - "OK", /* 000 */ - "Principal expired (kerberos)", /* 001 */ - "Service expired (kerberos)", /* 002 */ - "Authentication expired (kerberos)", /* 003 */ - "Unknown protocol version number (kerberos)", /* 004 */ - "Principal: Incorrect master key version (kerberos)", /* 005 */ - "Service: Incorrect master key version (kerberos)", /* 006 */ - "Bad byte order (kerberos)", /* 007 */ - "Principal unknown (kerberos)", /* 008 */ - "Principal not unique (kerberos)", /* 009 */ - "Principal has null key (kerberos)", /* 010 */ - "Timeout in request (kerberos)", /* 011 */ - "Reserved error message 12 (kerberos)", /* 012 */ - "Reserved error message 13 (kerberos)", /* 013 */ - "Reserved error message 14 (kerberos)", /* 014 */ - "Reserved error message 15 (kerberos)", /* 015 */ - "Reserved error message 16 (kerberos)", /* 016 */ - "Reserved error message 17 (kerberos)", /* 017 */ - "Reserved error message 18 (kerberos)", /* 018 */ - "Reserved error message 19 (kerberos)", /* 019 */ - "Permission Denied (kerberos)", /* 020 */ - "Can't read ticket file (krb_get_cred)", /* 021 */ - "Can't find ticket (krb_get_cred)", /* 022 */ - "Reserved error message 23 (krb_get_cred)", /* 023 */ - "Reserved error message 24 (krb_get_cred)", /* 024 */ - "Reserved error message 25 (krb_get_cred)", /* 025 */ - "Ticket granting ticket expired (krb_mk_req)", /* 026 */ - "Reserved error message 27 (krb_mk_req)", /* 027 */ - "Reserved error message 28 (krb_mk_req)", /* 028 */ - "Reserved error message 29 (krb_mk_req)", /* 029 */ - "Reserved error message 30 (krb_mk_req)", /* 030 */ - "Can't decode authenticator (krb_rd_req)", /* 031 */ - "Ticket expired (krb_rd_req)", /* 032 */ - "Ticket issue date too far in the future (krb_rd_req)",/* 033 */ - "Repeat request (krb_rd_req)", /* 034 */ - "Ticket for wrong server (krb_rd_req)", /* 035 */ - "Request inconsistent (krb_rd_req)", /* 036 */ - "Time is out of bounds (krb_rd_req)", /* 037 */ - "Incorrect network address (krb_rd_req)", /* 038 */ - "Protocol version mismatch (krb_rd_req)", /* 039 */ - "Invalid message type (krb_rd_req)", /* 040 */ - "Message integrity error (krb_rd_req)", /* 041 */ - "Message duplicate or out of order (krb_rd_req)", /* 042 */ - "Unauthorized request (krb_rd_req)", /* 043 */ - "Reserved error message 44 (krb_rd_req)", /* 044 */ - "Reserved error message 45 (krb_rd_req)", /* 045 */ - "Reserved error message 46 (krb_rd_req)", /* 046 */ - "Reserved error message 47 (krb_rd_req)", /* 047 */ - "Reserved error message 48 (krb_rd_req)", /* 048 */ - "Reserved error message 49 (krb_rd_req)", /* 049 */ - "Reserved error message 50 (krb_rd_req)", /* 050 */ - "Current password is NULL (get_pw_tkt)", /* 051 */ - "Current password incorrect (get_pw_tkt)", /* 052 */ - "Protocol error (gt_pw_tkt)", /* 053 */ - "Error returned by KDC (gt_pw_tkt)", /* 054 */ - "Null ticket returned by KDC (gt_pw_tkt)", /* 055 */ - "Retry count exceeded (send_to_kdc)", /* 056 */ - "Can't send request (send_to_kdc)", /* 057 */ - "Reserved error message 58 (send_to_kdc)", /* 058 */ - "Reserved error message 59 (send_to_kdc)", /* 059 */ - "Reserved error message 60 (send_to_kdc)", /* 060 */ - "Warning: Not ALL tickets returned", /* 061 */ - "Password incorrect", /* 062 */ - "Protocol error (get_in_tkt)", /* 063 */ - "Reserved error message 64 (get_in_tkt)", /* 064 */ - "Reserved error message 65 (get_in_tkt)", /* 065 */ - "Reserved error message 66 (get_in_tkt)", /* 066 */ - "Reserved error message 67 (get_in_tkt)", /* 067 */ - "Reserved error message 68 (get_in_tkt)", /* 068 */ - "Reserved error message 69 (get_in_tkt)", /* 069 */ - "Generic error (get_in_tkt)(can't write ticket file)", /* 070 */ - "Don't have ticket granting ticket (get_ad_tkt)", /* 071 */ - "Can't get inter-realm ticket granting ticket (get_ad_tkt)", /* 072 */ - "Reserved error message 73 (get_ad_tkt)", /* 073 */ - "Reserved error message 74 (get_ad_tkt)", /* 074 */ - "Reserved error message 75 (get_ad_tkt)", /* 075 */ - "No ticket file (tf_util)", /* 076 */ - "Can't access ticket file (tf_util)", /* 077 */ - "Can't lock ticket file; try later (tf_util)", /* 078 */ - "Bad ticket file format (tf_util)", /* 079 */ - "Read ticket file before tf_init (tf_util)", /* 080 */ - "Bad Kerberos name format (kname_parse)", /* 081 */ - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "(reserved)", - "Generic kerberos error (kfailure)", /* 255 */ -}; - -static const char err_failure[] = "Unknown error code passed (krb_get_err_text)"; - -const char * -krb_get_err_text(int code) -{ - if(code < 0 || code >= MAX_KRB_ERRORS) - return err_failure; - return krb_err_txt[code]; -} diff --git a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c b/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c deleted file mode 100644 index 46de59f8eb1e..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_get_in_tkt.c +++ /dev/null @@ -1,235 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_get_in_tkt.c,v 1.30 1999/12/02 16:58:42 joda Exp $"); - -/* - * decrypt_tkt(): Given user, instance, realm, passwd, key_proc - * and the cipher text sent from the KDC, decrypt the cipher text - * using the key returned by key_proc. - */ - -static int -decrypt_tkt(const char *user, - char *instance, - const char *realm, - const void *arg, - key_proc_t key_proc, - KTEXT *cip) -{ - des_cblock key; /* Key for decrypting cipher */ - int ret; - - ret = key_proc(user, instance, realm, arg, &key); - if (ret != 0) - return ret; - - encrypt_ktext(*cip, &key, DES_DECRYPT); - - memset(&key, 0, sizeof(key)); - return 0; -} - -/* - * krb_get_in_tkt() gets a ticket for a given principal to use a given - * service and stores the returned ticket and session key for future - * use. - * - * The "user", "instance", and "realm" arguments give the identity of - * the client who will use the ticket. The "service" and "sinstance" - * arguments give the identity of the server that the client wishes - * to use. (The realm of the server is the same as the Kerberos server - * to whom the request is sent.) The "life" argument indicates the - * desired lifetime of the ticket; the "key_proc" argument is a pointer - * to the routine used for getting the client's private key to decrypt - * the reply from Kerberos. The "decrypt_proc" argument is a pointer - * to the routine used to decrypt the reply from Kerberos; and "arg" - * is an argument to be passed on to the "key_proc" routine. - * - * If all goes well, krb_get_in_tkt() returns INTK_OK, otherwise it - * returns an error code: If an AUTH_MSG_ERR_REPLY packet is returned - * by Kerberos, then the error code it contains is returned. Other - * error codes returned by this routine include INTK_PROT to indicate - * wrong protocol version, INTK_BADPW to indicate bad password (if - * decrypted ticket didn't make sense), INTK_ERR if the ticket was for - * the wrong server or the ticket store couldn't be initialized. - * - * The format of the message sent to Kerberos is as follows: - * - * Size Variable Field - * ---- -------- ----- - * - * 1 byte KRB_PROT_VERSION protocol version number - * 1 byte AUTH_MSG_KDC_REQUEST | message type - * HOST_BYTE_ORDER local byte order in lsb - * string user client's name - * string instance client's instance - * string realm client's realm - * 4 bytes tlocal.tv_sec timestamp in seconds - * 1 byte life desired lifetime - * string service service's name - * string sinstance service's instance - */ - -int -krb_mk_as_req(const char *user, - const char *instance, - const char *realm, - const char *service, - const char *sinstance, - int life, - KTEXT cip) -{ - KTEXT_ST pkt_st; - KTEXT pkt = &pkt_st; /* Packet to KDC */ - KTEXT_ST rpkt_st; - KTEXT rpkt = &rpkt_st; /* Reply from KDC */ - - int kerror; - struct timeval tv; - - /* BUILD REQUEST PACKET */ - - unsigned char *p = pkt->dat; - int tmp; - size_t rem = sizeof(pkt->dat); - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_KDC_REQUEST, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(user, instance, realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - gettimeofday(&tv, NULL); - tmp = krb_put_int(tv.tv_sec, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(life, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_nir(service, sinstance, NULL, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - pkt->length = p - pkt->dat; - - rpkt->length = 0; - - /* SEND THE REQUEST AND RECEIVE THE RETURN PACKET */ - - kerror = send_to_kdc(pkt, rpkt, realm); - if(kerror) return kerror; - kerror = kdc_reply_cipher(rpkt, cip); - return kerror; -} - -int -krb_decode_as_rep(const char *user, - char *instance, - const char *realm, - const char *service, - const char *sinstance, - key_proc_t key_proc, - decrypt_proc_t decrypt_proc, - const void *arg, - KTEXT as_rep, - CREDENTIALS *cred) -{ - int kerror; - time_t now; - - if (decrypt_proc == NULL) - decrypt_tkt(user, instance, realm, arg, key_proc, &as_rep); - else - (*decrypt_proc)(user, instance, realm, arg, key_proc, &as_rep); - - kerror = kdc_reply_cred(as_rep, cred); - if(kerror != KSUCCESS) - return kerror; - - if (strcmp(cred->service, service) || - strcmp(cred->instance, sinstance) || - strcmp(cred->realm, realm)) /* not what we asked for */ - return INTK_ERR; /* we need a better code here XXX */ - - now = time(NULL); - if(krb_get_config_bool("kdc_timesync")) - krb_set_kdc_time_diff(cred->issue_date - now); - else if (abs((int)(now - cred->issue_date)) > CLOCK_SKEW) - return RD_AP_TIME; /* XXX should probably be better code */ - - return 0; -} - -int -krb_get_in_tkt(char *user, char *instance, char *realm, - char *service, char *sinstance, int life, - key_proc_t key_proc, decrypt_proc_t decrypt_proc, void *arg) -{ - KTEXT_ST as_rep; - CREDENTIALS cred; - int ret; - - ret = krb_mk_as_req(user, instance, realm, - service, sinstance, life, &as_rep); - if(ret) - return ret; - ret = krb_decode_as_rep(user, instance, realm, service, sinstance, - key_proc, decrypt_proc, arg, &as_rep, &cred); - if(ret) - return ret; - - return tf_setup(&cred, user, instance); -} diff --git a/crypto/kerberosIV/lib/krb/krb_ip_realm.c b/crypto/kerberosIV/lib/krb/krb_ip_realm.c deleted file mode 100644 index a9581f1304a8..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_ip_realm.c +++ /dev/null @@ -1,104 +0,0 @@ -/* - * Copyright (c) 1999 Thomas Nyström and Stacken Computer Club - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_ip_realm.c,v 1.2.2.1 1999/12/06 23:01:12 assar Exp $"); - -/* - * Obtain a ticket for ourselves (`user.instance') in REALM and decrypt - * it using `password' to verify the address that the KDC got our - * request from. - * Store in the ticket cache. - */ - -int -krb_add_our_ip_for_realm(const char *user, const char *instance, - const char *realm, const char *password) -{ - des_cblock newkey; - des_key_schedule schedule; - char scrapbuf[1024]; - struct in_addr myAddr; - KTEXT_ST ticket; - CREDENTIALS c; - int err; - u_int32_t addr; - - if ((err = krb_mk_req(&ticket, (char *)user, (char *)instance, - (char *)realm, 0)) != KSUCCESS) - return err; - - if ((err = krb_get_cred((char *)user, (char *)instance, (char *)realm, - &c)) != KSUCCESS) - return err; - - des_string_to_key((char *)password, &newkey); - des_set_key(&newkey, schedule); - err = decomp_ticket(&c.ticket_st, - (unsigned char *)scrapbuf, /* Flags */ - scrapbuf, /* Authentication name */ - scrapbuf, /* Principal's instance */ - scrapbuf, /* Principal's authentication domain */ - /* The Address Of Me That Servers Sees */ - (u_int32_t *)&addr, - (unsigned char *)scrapbuf, /* Session key in ticket */ - (int *)scrapbuf, /* Lifetime of ticket */ - (u_int32_t *)scrapbuf, /* Issue time and date */ - scrapbuf, /* Service name */ - scrapbuf, /* Service instance */ - &newkey, /* Secret key */ - schedule /* Precomp. key schedule */ - ); - - if (err != KSUCCESS) { - memset(newkey, 0, sizeof(newkey)); - memset(schedule, 0, sizeof(schedule)); - return err; - } - - myAddr.s_addr = addr; - - err = tf_store_addr(realm, &myAddr); - - memset(newkey, 0, sizeof(newkey)); - memset(schedule, 0, sizeof(schedule)); - - return err; -} - -int -krb_get_our_ip_for_realm(const char *realm, struct in_addr *ip_addr) -{ - return tf_get_addr(realm, ip_addr); -} diff --git a/crypto/kerberosIV/lib/krb/krb_locl.h b/crypto/kerberosIV/lib/krb/krb_locl.h deleted file mode 100644 index 02e7fa20748c..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_locl.h +++ /dev/null @@ -1,175 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb_locl.h,v 1.50 1999/12/02 16:58:42 joda Exp $ */ - -#ifndef __krb_locl_h -#define __krb_locl_h - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include "protos.h" - -#include -#include -#include -#include -#include -#include - -#include - -#ifdef HAVE_PWD_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#ifdef HAVE_IO_H -#include -#endif - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif - -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_SELECT_H -#include -#endif - -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif - -#ifdef HAVE_WINSOCK_H -#include -#endif - -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif - -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif - -#ifdef SOCKS -#include - -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); - -#endif - -#include - -#include -#include - -#include "resolve.h" -#include "krb_log.h" - -/* --- */ - -/* Utils */ -int -krb_name_to_name __P(( - const char *host, - char *phost, - size_t phost_size)); - -void -encrypt_ktext __P(( - KTEXT cip, - des_cblock *key, - int encrypt)); - -int -kdc_reply_cipher __P(( - KTEXT reply, - KTEXT cip)); - -int -kdc_reply_cred __P(( - KTEXT cip, - CREDENTIALS *cred)); - -void -k_ricercar __P((char *name)); - - -/* used in rd_safe.c and mk_safe.c */ - -void -fixup_quad_cksum __P(( - void *start, - size_t len, - des_cblock *key, - void *new_checksum, - void *old_checksum, - int little)); - -void -krb_kdctimeofday __P((struct timeval *tv)); - -#endif /* __krb_locl_h */ diff --git a/crypto/kerberosIV/lib/krb/krb_log.h b/crypto/kerberosIV/lib/krb/krb_log.h deleted file mode 100644 index 5155bc73c28a..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_log.h +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: krb_log.h,v 1.3 1999/12/02 16:58:42 joda Exp $ */ - -#include - -#ifndef __KRB_LOG_H__ -#define __KRB_LOG_H__ - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(X) -#endif - -__BEGIN_DECLS - -/* logging.c */ - -typedef int (*krb_log_func_t) __P((FILE *, const char *, va_list)); - -typedef krb_log_func_t krb_warnfn_t; - -struct krb_log_facility; - -int krb_vlogger __P((struct krb_log_facility*, const char *, va_list)) - __attribute__ ((format (printf, 2, 0))); -int krb_logger __P((struct krb_log_facility*, const char *, ...)) - __attribute__ ((format (printf, 2, 3))); -int krb_openlog __P((struct krb_log_facility*, char*, FILE*, krb_log_func_t)); - -void krb_set_warnfn __P((krb_warnfn_t)); -krb_warnfn_t krb_get_warnfn __P((void)); -void krb_warning __P((const char*, ...)) - __attribute__ ((format (printf, 1, 2))); - -void kset_logfile __P((char*)); -void krb_log __P((const char*, ...)) - __attribute__ ((format (printf, 1, 2))); -char *klog __P((int, const char*, ...)) - __attribute__ ((format (printf, 2, 3))); - -__END_DECLS - -#endif /* __KRB_LOG_H__ */ diff --git a/crypto/kerberosIV/lib/krb/krb_net_read.c b/crypto/kerberosIV/lib/krb/krb_net_read.c deleted file mode 100644 index 3830cf94a525..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_net_read.c +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_net_read.c,v 1.3 1999/12/02 16:58:42 joda Exp $"); - -int -krb_net_read (int fd, void *buf, size_t nbytes) -{ - return net_read (fd, buf, nbytes); -} diff --git a/crypto/kerberosIV/lib/krb/krb_net_write.c b/crypto/kerberosIV/lib/krb/krb_net_write.c deleted file mode 100644 index 04736857a1a7..000000000000 --- a/crypto/kerberosIV/lib/krb/krb_net_write.c +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: krb_net_write.c,v 1.3 1999/12/02 16:58:42 joda Exp $"); - -int -krb_net_write (int fd, const void *buf, size_t nbytes) -{ - return net_write (fd, buf, nbytes); -} diff --git a/crypto/kerberosIV/lib/krb/kuserok.c b/crypto/kerberosIV/lib/krb/kuserok.c deleted file mode 100644 index 4913eaf16c73..000000000000 --- a/crypto/kerberosIV/lib/krb/kuserok.c +++ /dev/null @@ -1,169 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: kuserok.c,v 1.25 1999/12/02 16:58:42 joda Exp $"); - -#define OK 0 -#define NOTOK 1 -#define MAX_USERNAME 10 - -/* - * Return OK if `r' is one of the local realms, else NOTOK - */ - -static int -is_local_realm (const char *r) -{ - char lrealm[REALM_SZ]; - int n; - - for (n = 1; krb_get_lrealm(lrealm, n) == KSUCCESS; ++n) { - if (strcmp (r, lrealm) == 0) - return OK; - } - return NOTOK; -} - -/* - * Given a Kerberos principal and a local username, determine whether - * user is authorized to login according to the authorization file - * ("~luser/.klogin" by default). Returns OK if authorized, NOTOK if - * not authorized. - * - * IMPORTANT CHANGE: To eliminate the need of making a distinction - * between the 3 cases: - * - * 1. We can't verify that a .klogin file doesn't exist (no home dir). - * 2. It's there but we aren't allowed to read it. - * 3. We can read it and ~luser@LOCALREALM is (not) included. - * - * We instead make the assumption that luser@LOCALREALM is *always* - * included. Thus it is impossible to have an empty .klogin file and - * also to exclude luser@LOCALREALM from it. Root is treated differently - * since it's home should always be available. - * - * OLD STRATEGY: - * If there is no account for "luser" on the local machine, returns - * NOTOK. If there is no authorization file, and the given Kerberos - * name "kdata" translates to the same name as "luser" (using - * krb_kntoln()), returns OK. Otherwise, if the authorization file - * can't be accessed, returns NOTOK. Otherwise, the file is read for - * a matching principal name, instance, and realm. If one is found, - * returns OK, if none is found, returns NOTOK. - * - * The file entries are in the format: - * - * name.instance@realm - * - * one entry per line. - * - */ - -int -krb_kuserok(char *name, char *instance, char *realm, char *luser) -{ - struct passwd *pwd; - FILE *f; - char line[1024]; - char file[MaxPathLen]; - struct stat st; - - pwd = getpwnam(luser); - if(pwd == NULL) - return NOTOK; - if (pwd->pw_uid != 0 - && strcmp (name, luser) == 0 - && strcmp (instance, "") == 0 - && is_local_realm (realm) == OK) - return OK; - - snprintf(file, sizeof(file), "%s/.klogin", pwd->pw_dir); - - f = fopen(file, "r"); - if(f == NULL) - return NOTOK; - - /* this is not a working test in filesystems like AFS and DFS */ - if(fstat(fileno(f), &st) < 0){ - fclose(f); - return NOTOK; - } - - if(st.st_uid != pwd->pw_uid){ - fclose(f); - return NOTOK; - } - - while(fgets(line, sizeof(line), f)){ - char fname[ANAME_SZ], finst[INST_SZ], frealm[REALM_SZ]; - if(line[strlen(line) - 1] != '\n') - /* read till end of line */ - while(1){ - int c = fgetc(f); - if(c == '\n' || c == EOF) - break; - } - else - line[strlen(line) - 1] = 0; - - if(kname_parse(fname, finst, frealm, line)) - continue; - if(strcmp(name, fname)) - continue; - if(strcmp(instance, finst)) - continue; -#if 0 /* don't support principals without realm any longer */ - if(frealm[0] == 0) { - if (is_local_realm (realm) != OK) - continue; - } else -#endif - if (strcmp (realm, frealm)) - continue; - - fclose(f); - return OK; - } - fclose(f); - return NOTOK; -} - -/* compatibility interface */ - -int -kuserok(AUTH_DAT *auth, char *luser) -{ - return krb_kuserok(auth->pname, auth->pinst, auth->prealm, luser); -} diff --git a/crypto/kerberosIV/lib/krb/lifetime.c b/crypto/kerberosIV/lib/krb/lifetime.c deleted file mode 100644 index 1866996669cf..000000000000 --- a/crypto/kerberosIV/lib/krb/lifetime.c +++ /dev/null @@ -1,213 +0,0 @@ -/* - * Ticket lifetime. This defines the table used to lookup lifetime - * for the fixed part of rande of the one byte lifetime field. Values - * less than 0x80 are intrpreted as the number of 5 minute intervals. - * Values from 0x80 to 0xBF should be looked up in this table. The - * value of 0x80 is the same using both methods: 10 and two-thirds - * hours . The lifetime of 0xBF is 30 days. The intervening values - * of have a fixed ratio of roughly 1.06914. The value 0xFF is - * defined to mean a ticket has no expiration time. This should be - * used advisedly since individual servers may impose defacto - * upperbounds on ticket lifetimes. - */ - -#include "krb_locl.h" - -RCSID("$Id: lifetime.c,v 1.9 1997/05/02 14:29:18 assar Exp $"); - -/* If you want to disable this feature */ -int krb_no_long_lifetimes = 0; - -#define TKTLIFENUMFIXED 64 -#define TKTLIFEMINFIXED 0x80 -#define TKTLIFEMAXFIXED 0xBF -#define TKTLIFENOEXPIRE 0xFF -#define MAXTKTLIFETIME (30*24*3600) /* 30 days */ -#ifndef NEVERDATE -#define NEVERDATE ((unsigned long)0x7fffffffL) -#endif - -static const int tkt_lifetimes[TKTLIFENUMFIXED] = { - 38400, /* 10.67 hours, 0.44 days */ - 41055, /* 11.40 hours, 0.48 days */ - 43894, /* 12.19 hours, 0.51 days */ - 46929, /* 13.04 hours, 0.54 days */ - 50174, /* 13.94 hours, 0.58 days */ - 53643, /* 14.90 hours, 0.62 days */ - 57352, /* 15.93 hours, 0.66 days */ - 61318, /* 17.03 hours, 0.71 days */ - 65558, /* 18.21 hours, 0.76 days */ - 70091, /* 19.47 hours, 0.81 days */ - 74937, /* 20.82 hours, 0.87 days */ - 80119, /* 22.26 hours, 0.93 days */ - 85658, /* 23.79 hours, 0.99 days */ - 91581, /* 25.44 hours, 1.06 days */ - 97914, /* 27.20 hours, 1.13 days */ - 104684, /* 29.08 hours, 1.21 days */ - 111922, /* 31.09 hours, 1.30 days */ - 119661, /* 33.24 hours, 1.38 days */ - 127935, /* 35.54 hours, 1.48 days */ - 136781, /* 37.99 hours, 1.58 days */ - 146239, /* 40.62 hours, 1.69 days */ - 156350, /* 43.43 hours, 1.81 days */ - 167161, /* 46.43 hours, 1.93 days */ - 178720, /* 49.64 hours, 2.07 days */ - 191077, /* 53.08 hours, 2.21 days */ - 204289, /* 56.75 hours, 2.36 days */ - 218415, /* 60.67 hours, 2.53 days */ - 233517, /* 64.87 hours, 2.70 days */ - 249664, /* 69.35 hours, 2.89 days */ - 266926, /* 74.15 hours, 3.09 days */ - 285383, /* 79.27 hours, 3.30 days */ - 305116, /* 84.75 hours, 3.53 days */ - 326213, /* 90.61 hours, 3.78 days */ - 348769, /* 96.88 hours, 4.04 days */ - 372885, /* 103.58 hours, 4.32 days */ - 398668, /* 110.74 hours, 4.61 days */ - 426234, /* 118.40 hours, 4.93 days */ - 455705, /* 126.58 hours, 5.27 days */ - 487215, /* 135.34 hours, 5.64 days */ - 520904, /* 144.70 hours, 6.03 days */ - 556921, /* 154.70 hours, 6.45 days */ - 595430, /* 165.40 hours, 6.89 days */ - 636601, /* 176.83 hours, 7.37 days */ - 680618, /* 189.06 hours, 7.88 days */ - 727680, /* 202.13 hours, 8.42 days */ - 777995, /* 216.11 hours, 9.00 days */ - 831789, /* 231.05 hours, 9.63 days */ - 889303, /* 247.03 hours, 10.29 days */ - 950794, /* 264.11 hours, 11.00 days */ - 1016537, /* 282.37 hours, 11.77 days */ - 1086825, /* 301.90 hours, 12.58 days */ - 1161973, /* 322.77 hours, 13.45 days */ - 1242318, /* 345.09 hours, 14.38 days */ - 1328218, /* 368.95 hours, 15.37 days */ - 1420057, /* 394.46 hours, 16.44 days */ - 1518247, /* 421.74 hours, 17.57 days */ - 1623226, /* 450.90 hours, 18.79 days */ - 1735464, /* 482.07 hours, 20.09 days */ - 1855462, /* 515.41 hours, 21.48 days */ - 1983758, /* 551.04 hours, 22.96 days */ - 2120925, /* 589.15 hours, 24.55 days */ - 2267576, /* 629.88 hours, 26.25 days */ - 2424367, /* 673.44 hours, 28.06 days */ - 2592000}; /* 720.00 hours, 30.00 days */ - -/* - * krb_life_to_time - takes a start time and a Kerberos standard - * lifetime char and returns the corresponding end time. There are - * four simple cases to be handled. The first is a life of 0xff, - * meaning no expiration, and results in an end time of 0xffffffff. - * The second is when life is less than the values covered by the - * table. In this case, the end time is the start time plus the - * number of 5 minute intervals specified by life. The third case - * returns start plus the MAXTKTLIFETIME if life is greater than - * TKTLIFEMAXFIXED. The last case, uses the life value (minus - * TKTLIFEMINFIXED) as an index into the table to extract the lifetime - * in seconds, which is added to start to produce the end time. - */ -u_int32_t -krb_life_to_time(u_int32_t start, int life_) -{ - unsigned char life = (unsigned char) life_; - - if (krb_no_long_lifetimes) return start + life*5*60; - - if (life == TKTLIFENOEXPIRE) return NEVERDATE; - if (life < TKTLIFEMINFIXED) return start + life*5*60; - if (life > TKTLIFEMAXFIXED) return start + MAXTKTLIFETIME; - return start + tkt_lifetimes[life - TKTLIFEMINFIXED]; -} - -/* - * krb_time_to_life - takes start and end times for the ticket and - * returns a Kerberos standard lifetime char, possibily using the - * tkt_lifetimes table for lifetimes above 127*5 minutes. First, the - * special case of (end == NEVERDATE) is handled to mean no - * expiration. Then negative lifetimes and those greater than the - * maximum ticket lifetime are rejected. Then lifetimes less than the - * first table entry are handled by rounding the requested lifetime - * *up* to the next 5 minute interval. The final step is to search - * the table for the smallest entry *greater than or equal* to the - * requested entry. - */ -int krb_time_to_life(u_int32_t start, u_int32_t end) -{ - int i; - long lifetime = end - start; - - if (krb_no_long_lifetimes) return (lifetime + 5*60 - 1)/(5*60); - - if (end >= NEVERDATE) return TKTLIFENOEXPIRE; - if (lifetime > MAXTKTLIFETIME || lifetime <= 0) return 0; - if (lifetime < tkt_lifetimes[0]) return (lifetime + 5*60 - 1)/(5*60); - for (i=0; i - -RCSID("$Id: logging.c,v 1.18.2.1 2000/10/13 15:57:34 assar Exp $"); - -struct krb_log_facility { - char filename[MaxPathLen]; - FILE *file; - krb_log_func_t func; -}; - -int -krb_vlogger(struct krb_log_facility *f, const char *format, va_list args) -{ - FILE *file = NULL; - int ret; - - if (f->file != NULL) - file = f->file; - else if (f->filename && f->filename[0]) - file = fopen(f->filename, "a"); - - if (file == NULL) - return KFAILURE; - - ret = f->func(file, format, args); - - if (file != f->file) - fclose(file); - return ret; -} - -int -krb_logger(struct krb_log_facility *f, const char *format, ...) -{ - va_list args; - int ret; - va_start(args, format); - ret = krb_vlogger(f, format, args); - va_end(args); - return ret; -} - -/* - * If FILE * is given log to it, otherwise, log to filename. When - * given a file name the file is opened and closed for each log - * record. - */ -int -krb_openlog(struct krb_log_facility *f, - char *filename, - FILE *file, - krb_log_func_t func) -{ - strlcpy(f->filename, filename, MaxPathLen); - f->file = file; - f->func = func; - return KSUCCESS; -} - -/* ------------------------------------------------------------ - Compatibility functions from warning.c - ------------------------------------------------------------ */ - -static int -log_tty(FILE *f, const char *format, va_list args) -{ - if (f != NULL && isatty(fileno(f))) - vfprintf(f, format, args); - return KSUCCESS; -} - -/* stderr */ -static struct krb_log_facility std_log = { "/dev/tty", NULL, log_tty }; - -static void -init_std_log (void) -{ - static int done = 0; - - if (!done) { - std_log.file = stderr; - done = 1; - } -} - -/* - * - */ -void -krb_set_warnfn (krb_warnfn_t newfunc) -{ - init_std_log (); - std_log.func = newfunc; -} - -/* - * - */ -krb_warnfn_t -krb_get_warnfn (void) -{ - init_std_log (); - return std_log.func; -} - -/* - * Log warnings to stderr if it's a tty. - */ -void -krb_warning (const char *format, ...) -{ - va_list args; - - init_std_log (); - va_start(args, format); - krb_vlogger(&std_log, format, args); - va_end(args); -} - -/* ------------------------------------------------------------ - Compatibility functions from klog.c and log.c - ------------------------------------------------------------ */ - -/* - * Used by kerberos and kadmind daemons and in libkrb (rd_req.c). - * - * By default they log to the kerberos server log-file (KRBLOG) to be - * backwards compatible. - */ - -static int -log_with_timestamp_and_nl(FILE *file, const char *format, va_list args) -{ - time_t now; - if(file == NULL) - return KFAILURE; - time(&now); - fputs(krb_stime(&now), file); - fputs(": ", file); - vfprintf(file, format, args); - fputs("\n", file); - fflush(file); - return KSUCCESS; -} - -static struct krb_log_facility -file_log = { KRBLOG, NULL, log_with_timestamp_and_nl }; - -/* - * kset_logfile() changes the name of the file to which - * messages are logged. If kset_logfile() is not called, - * the logfile defaults to KRBLOG, defined in "krb.h". - */ - -void -kset_logfile(char *filename) -{ - krb_openlog(&file_log, filename, NULL, log_with_timestamp_and_nl); -} - -/* - * krb_log() and klog() is used to add entries to the logfile. - * - * The log entry consists of a timestamp and the given arguments - * printed according to the given "format" string. - * - * The log file is opened and closed for each log entry. - * - * If the given log type "type" is unknown, or if the log file - * cannot be opened, no entry is made to the log file. - * - * CHANGE: the type is always ignored - * - * The return value of klog() is always a pointer to the formatted log - * text string "logtxt". - */ - -/* Used in kerberos.c only. */ -char * -klog(int type, const char *format, ...) -{ - static char logtxt[1024]; - - va_list ap; - - va_start(ap, format); - vsnprintf(logtxt, sizeof(logtxt), format, ap); - va_end(ap); - - krb_logger(&file_log, "%s", logtxt); - - return logtxt; -} - -/* Used in kadmind and rd_req.c */ -void -krb_log(const char *format, ...) -{ - va_list args; - - va_start(args, format); - krb_vlogger(&file_log, format, args); - va_end(args); -} diff --git a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c b/crypto/kerberosIV/lib/krb/lsb_addr_comp.c deleted file mode 100644 index e74614da6e46..000000000000 --- a/crypto/kerberosIV/lib/krb/lsb_addr_comp.c +++ /dev/null @@ -1,134 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: lsb_addr_comp.c,v 1.16 1999/12/02 16:58:42 joda Exp $"); - -#include "krb-archaeology.h" - -int -krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y) -{ - int i; - u_int32_t a = 0, b = 0; - u_int8_t *p = (u_int8_t*) &x; - u_int8_t *q = (u_int8_t*) &y; - - for(i = sizeof(u_int32_t) - 1; i >= 0; i--){ - a = (a << 8) | p[i]; - b = (b << 8) | q[i]; - } - if(a > b) - return 1; - if(a < b) - return -1; - return 0; -} - -int -krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y) -{ - int i; - u_int16_t a = 0, b = 0; - u_int8_t *p = (u_int8_t*) &x; - u_int8_t *q = (u_int8_t*) &y; - - for(i = sizeof(u_int16_t) - 1; i >= 0; i--){ - a = (a << 8) | p[i]; - b = (b << 8) | q[i]; - } - if(a > b) - return 1; - if(a < b) - return -1; - return 0; -} - -u_int32_t -lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst) -{ - int dir = 1; - const char *fw; - - /* - * direction bit is the sign bit of the timestamp. Ok until - * 2038?? - */ - if(krb_debug) { - krb_warning("lsb_time: src = %s:%u\n", - inet_ntoa(src->sin_addr), ntohs(src->sin_port)); - krb_warning("lsb_time: dst = %s:%u\n", - inet_ntoa(dst->sin_addr), ntohs(dst->sin_port)); - } - - /* For compatibility with broken old code, compares are done in VAX - byte order (LSBFIRST) */ - if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, /* src < recv */ - dst->sin_addr.s_addr) < 0) - dir = -1; - else if (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, - dst->sin_addr.s_addr)==0) - if (krb_lsb_antinet_ushort_less(src->sin_port, dst->sin_port) < 0) - dir = -1; - /* - * all that for one tiny bit! Heaven help those that talk to - * themselves. - */ - if(krb_get_config_bool("reverse_lsb_test")) { - if(krb_debug) - krb_warning("lsb_time: reversing direction: %d -> %d\n", dir, -dir); - dir = -dir; - }else if((fw = krb_get_config_string("firewall_address"))) { - struct in_addr fw_addr; - fw_addr.s_addr = inet_addr(fw); - if(fw_addr.s_addr != INADDR_NONE) { - int s_lt_d, d_lt_f; - krb_warning("lsb_time: fw = %s\n", inet_ntoa(fw_addr)); - /* negate if src < dst < fw || fw < dst < src */ - s_lt_d = (krb_lsb_antinet_ulong_less(src->sin_addr.s_addr, - dst->sin_addr.s_addr) == -1); - d_lt_f = (krb_lsb_antinet_ulong_less(fw_addr.s_addr, - dst->sin_addr.s_addr) == 1); - if((s_lt_d ^ d_lt_f) == 0) { - if(krb_debug) - krb_warning("lsb_time: reversing direction: %d -> %d\n", - dir, -dir); - dir = -dir; - } - } - } - t = t * dir; - t = t & 0xffffffff; - return t; -} diff --git a/crypto/kerberosIV/lib/krb/mk_auth.c b/crypto/kerberosIV/lib/krb/mk_auth.c deleted file mode 100644 index 65354a9c364a..000000000000 --- a/crypto/kerberosIV/lib/krb/mk_auth.c +++ /dev/null @@ -1,113 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_auth.c,v 1.8 1999/12/02 16:58:43 joda Exp $"); - -/* - * Generate an authenticator for service.instance@realm. - * instance is canonicalized by `krb_get_phost' - * realm is set to the local realm if realm == NULL - * The ticket acquired by `krb_mk_req' is returned in `ticket' and the - * authenticator in `buf'. - * Options control the behaviour (see krb_sendauth). - */ - -int -krb_mk_auth(int32_t options, - KTEXT ticket, - char *service, - char *instance, - char *realm, - u_int32_t checksum, - char *version, - KTEXT buf) -{ - char realinst[INST_SZ]; - char realrealm[REALM_SZ]; - int ret; - char *tmp; - - if (options & KOPT_DONT_CANON) - tmp = instance; - else - tmp = krb_get_phost (instance); - - strlcpy(realinst, tmp, sizeof(realinst)); - - if (realm == NULL) { - ret = krb_get_lrealm (realrealm, 1); - if (ret != KSUCCESS) - return ret; - realm = realrealm; - } - - if(!(options & KOPT_DONT_MK_REQ)) { - ret = krb_mk_req (ticket, service, realinst, realm, checksum); - if (ret != KSUCCESS) - return ret; - } - - { - int tmp; - size_t rem = sizeof(buf->dat); - unsigned char *p = buf->dat; - - p = buf->dat; - - if (rem < 2 * KRB_SENDAUTH_VLEN) - return KFAILURE; - memcpy (p, KRB_SENDAUTH_VERS, KRB_SENDAUTH_VLEN); - p += KRB_SENDAUTH_VLEN; - rem -= KRB_SENDAUTH_VLEN; - - memcpy (p, version, KRB_SENDAUTH_VLEN); - p += KRB_SENDAUTH_VLEN; - rem -= KRB_SENDAUTH_VLEN; - - tmp = krb_put_int(ticket->length, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < ticket->length) - return KFAILURE; - memcpy(p, ticket->dat, ticket->length); - p += ticket->length; - rem -= ticket->length; - buf->length = p - buf->dat; - } - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/mk_err.c b/crypto/kerberosIV/lib/krb/mk_err.c deleted file mode 100644 index 11fc0599b2fe..000000000000 --- a/crypto/kerberosIV/lib/krb/mk_err.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_err.c,v 1.7 1998/06/09 19:25:22 joda Exp $"); - -/* - * This routine creates a general purpose error reply message. It - * doesn't use KTEXT because application protocol may have long - * messages, and may want this part of buffer contiguous to other - * stuff. - * - * The error reply is built in "p", using the error code "e" and - * error text "e_string" given. The length of the error reply is - * returned. - * - * The error reply is in the following format: - * - * unsigned char KRB_PROT_VERSION protocol version no. - * unsigned char AUTH_MSG_APPL_ERR message type - * (least significant - * bit of above) HOST_BYTE_ORDER local byte order - * 4 bytes e given error code - * string e_string given error text - */ - -int32_t -krb_mk_err(u_char *p, int32_t e, char *e_string) -{ - unsigned char *start = p; - - p += krb_put_int(KRB_PROT_VERSION, p, 1, 1); - p += krb_put_int(AUTH_MSG_APPL_ERR, p, 1, 1); - - p += krb_put_int(e, p, 4, 4); - p += krb_put_string(e_string, p, strlen(e_string) + 1); - return p - start; -} diff --git a/crypto/kerberosIV/lib/krb/mk_priv.c b/crypto/kerberosIV/lib/krb/mk_priv.c deleted file mode 100644 index 97a91c570782..000000000000 --- a/crypto/kerberosIV/lib/krb/mk_priv.c +++ /dev/null @@ -1,121 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: mk_priv.c,v 1.22 1999/12/02 16:58:43 joda Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -/* - * krb_mk_priv() constructs an AUTH_MSG_PRIVATE message. It takes - * some user data "in" of "length" bytes and creates a packet in "out" - * consisting of the user data, a timestamp, and the sender's network - * address. - * The packet is encrypted by pcbc_encrypt(), using the given - * "key" and "schedule". - * The length of the resulting packet "out" is - * returned. - * - * It is similar to krb_mk_safe() except for the additional key - * schedule argument "schedule" and the fact that the data is encrypted - * rather than appended with a checksum. The protocol version is - * KRB_PROT_VERSION, defined in "krb.h". - * - * The "out" packet consists of: - * - * Size Variable Field - * ---- -------- ----- - * - * 1 byte KRB_PROT_VERSION protocol version number - * 1 byte AUTH_MSG_PRIVATE | message type plus local - * HOST_BYTE_ORDER byte order in low bit - * - * 4 bytes c_length length of data - * we encrypt from here with pcbc_encrypt - * - * 4 bytes length length of user data - * length in user data - * 1 byte msg_time_5ms timestamp milliseconds - * 4 bytes sender->sin.addr.s_addr sender's IP address - * - * 4 bytes msg_time_sec or timestamp seconds with - * -msg_time_sec direction in sign bit - * - * 0<=n<=7 bytes pad to 8 byte multiple zeroes - */ - -int32_t -krb_mk_priv(void *in, void *out, u_int32_t length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver) -{ - unsigned char *p = (unsigned char*)out; - unsigned char *cipher; - - struct timeval tv; - u_int32_t src_addr; - u_int32_t len; - - p += krb_put_int(KRB_PROT_VERSION, p, 1, 1); - p += krb_put_int(AUTH_MSG_PRIVATE, p, 1, 1); - - len = 4 + length + 1 + 4 + 4; - len = (len + 7) & ~7; - p += krb_put_int(len, p, 4, 4); - - cipher = p; - - p += krb_put_int(length, p, 4, 4); - - memcpy(p, in, length); - p += length; - - krb_kdctimeofday(&tv); - - *p++ =tv.tv_usec / 5000; - - src_addr = sender->sin_addr.s_addr; - p += krb_put_address(src_addr, p, 4); - - p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4, 4); - - memset(p, 0, 7); - - des_pcbc_encrypt((des_cblock *)cipher, (des_cblock *)cipher, - len, schedule, key, DES_ENCRYPT); - - return (cipher - (unsigned char*)out) + len; -} diff --git a/crypto/kerberosIV/lib/krb/mk_req.c b/crypto/kerberosIV/lib/krb/mk_req.c deleted file mode 100644 index 5e72e2264653..000000000000 --- a/crypto/kerberosIV/lib/krb/mk_req.c +++ /dev/null @@ -1,258 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_req.c,v 1.22 1999/12/02 16:58:43 joda Exp $"); - -static int lifetime = 255; /* But no longer than TGT says. */ - - -static int -build_request(KTEXT req, char *name, char *inst, char *realm, - u_int32_t checksum) -{ - struct timeval tv; - unsigned char *p = req->dat; - int tmp; - size_t rem = sizeof(req->dat); - - tmp = krb_put_nir(name, inst, realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(checksum, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* Fill in the times on the request id */ - krb_kdctimeofday(&tv); - - if (rem < 1) - return KFAILURE; - - *p++ = tv.tv_usec / 5000; /* 5ms */ - --rem; - - tmp = krb_put_int(tv.tv_sec, p, rem, 4); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* Fill to a multiple of 8 bytes for DES */ - req->length = ((p - req->dat + 7)/8) * 8; - return 0; -} - - -/* - * krb_mk_req takes a text structure in which an authenticator is to - * be built, the name of a service, an instance, a realm, - * and a checksum. It then retrieves a ticket for - * the desired service and creates an authenticator in the text - * structure passed as the first argument. krb_mk_req returns - * KSUCCESS on success and a Kerberos error code on failure. - * - * The peer procedure on the other end is krb_rd_req. When making - * any changes to this routine it is important to make corresponding - * changes to krb_rd_req. - * - * The authenticator consists of the following: - * - * authent->dat - * - * unsigned char KRB_PROT_VERSION protocol version no. - * unsigned char AUTH_MSG_APPL_REQUEST message type - * (least significant - * bit of above) HOST_BYTE_ORDER local byte ordering - * unsigned char kvno from ticket server's key version - * string realm server's realm - * unsigned char tl ticket length - * unsigned char idl request id length - * text ticket->dat ticket for server - * text req_id->dat request id - * - * The ticket information is retrieved from the ticket cache or - * fetched from Kerberos. The request id (called the "authenticator" - * in the papers on Kerberos) contains the following: - * - * req_id->dat - * - * string cr.pname {name, instance, and - * string cr.pinst realm of principal - * string myrealm making this request} - * 4 bytes checksum checksum argument given - * unsigned char tv_local.tf_usec time (milliseconds) - * 4 bytes tv_local.tv_sec time (seconds) - * - * req_id->length = 3 strings + 3 terminating nulls + 5 bytes for time, - * all rounded up to multiple of 8. - */ - -int -krb_mk_req(KTEXT authent, char *service, char *instance, char *realm, - int32_t checksum) -{ - KTEXT_ST req_st; - KTEXT req_id = &req_st; - - CREDENTIALS cr; /* Credentials used by retr */ - KTEXT ticket = &(cr.ticket_st); /* Pointer to tkt_st */ - int retval; /* Returned by krb_get_cred */ - - char myrealm[REALM_SZ]; - - unsigned char *p = authent->dat; - int rem = sizeof(authent->dat); - int tmp; - - tmp = krb_put_int(KRB_PROT_VERSION, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(AUTH_MSG_APPL_REQUEST, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - /* Get the ticket and move it into the authenticator */ - if (krb_ap_req_debug) - krb_warning("Realm: %s\n", realm); - - retval = krb_get_cred(service,instance,realm,&cr); - - if (retval == RET_NOTKT) { - retval = get_ad_tkt(service, instance, realm, lifetime); - if (retval == KSUCCESS) - retval = krb_get_cred(service, instance, realm, &cr); - } - - if (retval != KSUCCESS) - return retval; - - - /* - * With multi realm ticket files either find a matching TGT or - * else use the first TGT for inter-realm authentication. - * - * In myrealm hold the realm of the principal "owning" the - * corresponding ticket-granting-ticket. - */ - - retval = krb_get_cred(KRB_TICKET_GRANTING_TICKET, realm, realm, 0); - if (retval == KSUCCESS) { - strlcpy(myrealm, realm, REALM_SZ); - } else - retval = krb_get_tf_realm(TKT_FILE, myrealm); - - if (retval != KSUCCESS) - return retval; - - if (krb_ap_req_debug) - krb_warning("serv=%s.%s@%s princ=%s.%s@%s\n", service, instance, realm, - cr.pname, cr.pinst, myrealm); - - tmp = krb_put_int(cr.kvno, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(realm, p, rem); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - tmp = krb_put_int(ticket->length, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - retval = build_request(req_id, cr.pname, cr.pinst, myrealm, checksum); - if (retval != KSUCCESS) - return retval; - - encrypt_ktext(req_id, &cr.session, DES_ENCRYPT); - - tmp = krb_put_int(req_id->length, p, rem, 1); - if (tmp < 0) - return KFAILURE; - p += tmp; - rem -= tmp; - - if (rem < ticket->length + req_id->length) - return KFAILURE; - - memcpy(p, ticket->dat, ticket->length); - p += ticket->length; - rem -= ticket->length; - memcpy(p, req_id->dat, req_id->length); - p += req_id->length; - rem -= req_id->length; - - authent->length = p - authent->dat; - - memset(&cr, 0, sizeof(cr)); - memset(&req_st, 0, sizeof(req_st)); - - if (krb_ap_req_debug) - krb_warning("Authent->length = %d\n", authent->length); - - return KSUCCESS; -} - -/* - * krb_set_lifetime sets the default lifetime for additional tickets - * obtained via krb_mk_req(). - * - * It returns the previous value of the default lifetime. - */ - -int -krb_set_lifetime(int newval) -{ - int olife = lifetime; - - lifetime = newval; - return(olife); -} diff --git a/crypto/kerberosIV/lib/krb/mk_safe.c b/crypto/kerberosIV/lib/krb/mk_safe.c deleted file mode 100644 index c0bbc9afe938..000000000000 --- a/crypto/kerberosIV/lib/krb/mk_safe.c +++ /dev/null @@ -1,135 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: mk_safe.c,v 1.25.2.1 2000/10/10 13:19:25 assar Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -#ifndef DES_QUAD_GUESS -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -#define DES_QUAD_DEFAULT DES_QUAD_GUESS - -#endif /* DES_QUAD_GUESS */ - -/* from rd_safe.c */ -extern int dqc_type; -void fixup_quad_cksum(void*, size_t, des_cblock*, void*, void*, int); - -/* - * krb_mk_safe() constructs an AUTH_MSG_SAFE message. It takes some - * user data "in" of "length" bytes and creates a packet in "out" - * consisting of the user data, a timestamp, and the sender's network - * address, followed by a checksum computed on the above, using the - * given "key". The length of the resulting packet is returned. - * - * The "out" packet consists of: - * - * Size Variable Field - * ---- -------- ----- - * - * 1 byte KRB_PROT_VERSION protocol version number - * 1 byte AUTH_MSG_SAFE | message type plus local - * HOST_BYTE_ORDER byte order in low bit - * - * ===================== begin checksum ================================ - * - * 4 bytes length length of user data - * length in user data - * 1 byte msg_time_5ms timestamp milliseconds - * 4 bytes sender->sin.addr.s_addr sender's IP address - * - * 4 bytes msg_time_sec or timestamp seconds with - * -msg_time_sec direction in sign bit - * - * ======================= end checksum ================================ - * - * 16 bytes big_cksum quadratic checksum of - * above using "key" - */ - -int32_t -krb_mk_safe(void *in, void *out, u_int32_t length, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver) -{ - unsigned char * p = (unsigned char*)out; - struct timeval tv; - unsigned char *start; - u_int32_t src_addr; - - p += krb_put_int(KRB_PROT_VERSION, p, 1, 1); - p += krb_put_int(AUTH_MSG_SAFE, p, 1, 1); - - start = p; - - p += krb_put_int(length, p, 4, 4); - - memcpy(p, in, length); - p += length; - - krb_kdctimeofday(&tv); - - *p++ = tv.tv_usec/5000; /* 5ms */ - - src_addr = sender->sin_addr.s_addr; - p += krb_put_address(src_addr, p, 4); - - p += krb_put_int(lsb_time(tv.tv_sec, sender, receiver), p, 4, 4); - - { - /* We are faking big endian mode, so we need to fix the - * checksum (that is byte order dependent). We always send a - * checksum of the new type, unless we know that we are - * talking to an old client (this requires a call to - * krb_rd_safe first). - */ - unsigned char new_checksum[16]; - unsigned char old_checksum[16]; - fixup_quad_cksum(start, p - start, key, new_checksum, old_checksum, 0); - - if((dqc_type == DES_QUAD_GUESS && DES_QUAD_DEFAULT == DES_QUAD_OLD) || - dqc_type == DES_QUAD_OLD) - memcpy(p, old_checksum, 16); - else - memcpy(p, new_checksum, 16); - } - p += 16; - - return p - (unsigned char*)out; -} diff --git a/crypto/kerberosIV/lib/krb/month_sname.c b/crypto/kerberosIV/lib/krb/month_sname.c deleted file mode 100644 index aaceee5f094b..000000000000 --- a/crypto/kerberosIV/lib/krb/month_sname.c +++ /dev/null @@ -1,39 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: month_sname.c,v 1.5 1997/03/23 03:53:14 joda Exp $"); - -/* - * Given an integer 1-12, month_sname() returns a string - * containing the first three letters of the corresponding - * month. Returns 0 if the argument is out of range. - */ - -const char *month_sname(int n) -{ - static const char *name[] = { - "Jan","Feb","Mar","Apr","May","Jun", - "Jul","Aug","Sep","Oct","Nov","Dec" - }; - return((n < 1 || n > 12) ? 0 : name [n-1]); -} diff --git a/crypto/kerberosIV/lib/krb/name2name.c b/crypto/kerberosIV/lib/krb/name2name.c deleted file mode 100644 index 49e457d05ef3..000000000000 --- a/crypto/kerberosIV/lib/krb/name2name.c +++ /dev/null @@ -1,108 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: name2name.c,v 1.22 1999/12/02 16:58:43 joda Exp $"); - -/* convert host to a more fully qualified domain name, returns 0 if - * phost is the same as host, 1 otherwise. phost should be - * phost_size bytes long. - */ - -int -krb_name_to_name(const char *host, char *phost, size_t phost_size) -{ - struct hostent *hp; - struct in_addr adr; - const char *tmp; - - adr.s_addr = inet_addr(host); - if (adr.s_addr != INADDR_NONE) - hp = gethostbyaddr((char *)&adr, sizeof(adr), AF_INET); - else - hp = gethostbyname(host); - if (hp == NULL) - tmp = host; - else { - tmp = hp->h_name; - /* - * Broken SunOS 5.4 sometimes keeps the official name as the - * 1:st alias. - */ - if (strchr(tmp, '.') == NULL - && hp->h_aliases != NULL - && hp->h_aliases[0] != NULL - && strchr (hp->h_aliases[0], '.') != NULL) - tmp = hp->h_aliases[0]; - } - strlcpy (phost, tmp, phost_size); - - if (strcmp(phost, host) == 0) - return 0; - else - return 1; -} - -/* lowercase and truncate */ - -void -k_ricercar(char *name) -{ - unsigned char *p = (unsigned char *)name; - - while(*p && *p != '.'){ - if(isupper(*p)) - *p = tolower(*p); - p++; - } - if(*p == '.') - *p = 0; -} - -/* - * This routine takes an alias for a host name and returns the first - * field, in lower case, of its domain name. - * - * Example: "fOo.BAR.com" -> "foo" - */ - -char * -krb_get_phost(const char *alias) -{ - static char phost[MaxHostNameLen]; - - krb_name_to_name(alias, phost, sizeof(phost)); - k_ricercar(phost); - return phost; -} diff --git a/crypto/kerberosIV/lib/krb/one.c b/crypto/kerberosIV/lib/krb/one.c deleted file mode 100644 index d43b2840e08c..000000000000 --- a/crypto/kerberosIV/lib/krb/one.c +++ /dev/null @@ -1,27 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - - WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - distribute this software and its documentation for any purpose and - without fee is hereby granted, provided that the above copyright - notice appear in all copies and that both that copyright notice and - this permission notice appear in supporting documentation, and that - the name of M.I.T. not be used in advertising or publicity pertaining - to distribution of the software without specific, written prior - permission. M.I.T. makes no representations about the suitability of - this software for any purpose. It is provided "as is" without express - or implied warranty. - - */ - -/* - * definition of variable set to 1. - * used in krb_conf.h to determine host byte order. - */ - -int krbONE = 1; diff --git a/crypto/kerberosIV/lib/krb/parse_name.c b/crypto/kerberosIV/lib/krb/parse_name.c deleted file mode 100644 index fcb339455a07..000000000000 --- a/crypto/kerberosIV/lib/krb/parse_name.c +++ /dev/null @@ -1,194 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: parse_name.c,v 1.7 1999/12/02 16:58:43 joda Exp $"); - -int -krb_parse_name(const char *fullname, krb_principal *principal) -{ - const char *p; - char *ns, *np; - enum {n, i, r} pos = n; - int quote = 0; - ns = np = principal->name; - - principal->name[0] = 0; - principal->instance[0] = 0; - principal->realm[0] = 0; - - for(p = fullname; *p; p++){ - if(np - ns == ANAME_SZ - 1) /* XXX they have the same size */ - return KNAME_FMT; - if(quote){ - *np++ = *p; - quote = 0; - continue; - } - if(*p == '\\') - quote = 1; - else if(*p == '.' && pos == n){ - *np = 0; - ns = np = principal->instance; - pos = i; - }else if(*p == '@' && (pos == n || pos == i)){ - *np = 0; - ns = np = principal->realm; - pos = r; - }else - *np++ = *p; - } - *np = 0; - if(quote || principal->name[0] == 0) - return KNAME_FMT; - return KSUCCESS; -} - -int -kname_parse(char *np, char *ip, char *rp, char *fullname) -{ - krb_principal p; - int ret; - if((ret = krb_parse_name(fullname, &p)) == 0){ - strlcpy (np, p.name, ANAME_SZ); - strlcpy (ip, p.instance, INST_SZ); - if(p.realm[0]) - strlcpy (rp, p.realm, REALM_SZ); - } - return ret; -} -/* - * k_isname() returns 1 if the given name is a syntactically legitimate - * Kerberos name; returns 0 if it's not. - */ - -int -k_isname(char *s) -{ - char c; - int backslash = 0; - - if (!*s) - return 0; - if (strlen(s) > ANAME_SZ - 1) - return 0; - while ((c = *s++)) { - if (backslash) { - backslash = 0; - continue; - } - switch(c) { - case '\\': - backslash = 1; - break; - case '.': - return 0; - /* break; */ - case '@': - return 0; - /* break; */ - } - } - return 1; -} - - -/* - * k_isinst() returns 1 if the given name is a syntactically legitimate - * Kerberos instance; returns 0 if it's not. - */ - -int -k_isinst(char *s) -{ - char c; - int backslash = 0; - - if (strlen(s) > INST_SZ - 1) - return 0; - while ((c = *s++)) { - if (backslash) { - backslash = 0; - continue; - } - switch(c) { - case '\\': - backslash = 1; - break; - case '.': -#if INSTANCE_DOTS_OK - break; -#else /* INSTANCE_DOTS_OK */ - return 0; -#endif /* INSTANCE_DOTS_OK */ - /* break; */ - case '@': - return 0; - /* break; */ - } - } - return 1; -} - -/* - * k_isrealm() returns 1 if the given name is a syntactically legitimate - * Kerberos realm; returns 0 if it's not. - */ - -int -k_isrealm(char *s) -{ - char c; - int backslash = 0; - - if (!*s) - return 0; - if (strlen(s) > REALM_SZ - 1) - return 0; - while ((c = *s++)) { - if (backslash) { - backslash = 0; - continue; - } - switch(c) { - case '\\': - backslash = 1; - break; - case '@': - return 0; - /* break; */ - } - } - return 1; -} diff --git a/crypto/kerberosIV/lib/krb/prot.h b/crypto/kerberosIV/lib/krb/prot.h deleted file mode 100644 index e20788123bba..000000000000 --- a/crypto/kerberosIV/lib/krb/prot.h +++ /dev/null @@ -1,72 +0,0 @@ -/* - * $Id: prot.h,v 1.9 1999/11/30 18:57:46 bg Exp $ - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * . - * - * Include file with authentication protocol information. - */ - -#ifndef PROT_DEFS -#define PROT_DEFS - -#include - -#define KRB_SERVICE "kerberos-iv" -#define KRB_PORT 750 /* PC's don't have - * /etc/services */ -#define KRB_PROT_VERSION 4 -#define MAX_PKT_LEN 1000 -#define MAX_TXT_LEN 1000 - -/* Routines to create and read packets may be found in prot.c */ - -KTEXT create_auth_reply(char *pname, char *pinst, char *prealm, - int32_t time_ws, int n, u_int32_t x_date, - int kvno, KTEXT cipher); -#ifdef DEBUG -KTEXT krb_create_death_packet(char *a_name); -#endif - -/* Message types , always leave lsb for byte order */ - -#define AUTH_MSG_KDC_REQUEST (1<<1) -#define AUTH_MSG_KDC_REPLY (2<<1) -#define AUTH_MSG_APPL_REQUEST (3<<1) -#define AUTH_MSG_APPL_REQUEST_MUTUAL (4<<1) -#define AUTH_MSG_ERR_REPLY (5<<1) -#define AUTH_MSG_PRIVATE (6<<1) -#define AUTH_MSG_SAFE (7<<1) -#define AUTH_MSG_APPL_ERR (8<<1) -#define AUTH_MSG_KDC_FORWARD (9<<1) -#define AUTH_MSG_KDC_RENEW (10<<1) -#define AUTH_MSG_DIE (63<<1) - -/* values for kerb error codes */ - -#define KERB_ERR_OK 0 -#define KERB_ERR_NAME_EXP 1 -#define KERB_ERR_SERVICE_EXP 2 -#define KERB_ERR_AUTH_EXP 3 -#define KERB_ERR_PKT_VER 4 -#define KERB_ERR_NAME_MAST_KEY_VER 5 -#define KERB_ERR_SERV_MAST_KEY_VER 6 -#define KERB_ERR_BYTE_ORDER 7 -#define KERB_ERR_PRINCIPAL_UNKNOWN 8 -#define KERB_ERR_PRINCIPAL_NOT_UNIQUE 9 -#define KERB_ERR_NULL_KEY 10 -#define KERB_ERR_TIMEOUT 11 - -/* sendauth - recvauth */ - -/* - * If the protocol changes, you will need to change the version string - * be sure to support old versions of krb_sendauth! - */ - -#define KRB_SENDAUTH_VERS "AUTHV0.1" /* MUST be KRB_SENDAUTH_VLEN chars */ - -#endif /* PROT_DEFS */ diff --git a/crypto/kerberosIV/lib/krb/rd_err.c b/crypto/kerberosIV/lib/krb/rd_err.c deleted file mode 100644 index 76544f1d39ec..000000000000 --- a/crypto/kerberosIV/lib/krb/rd_err.c +++ /dev/null @@ -1,77 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: rd_err.c,v 1.9 1999/12/02 16:58:43 joda Exp $"); - -/* - * Given an AUTH_MSG_APPL_ERR message, "in" and its length "in_length", - * return the error code from the message in "code" and the text in - * "m_data" as follows: - * - * m_data->app_data points to the error text - * m_data->app_length points to the length of the error text - * - * If all goes well, return RD_AP_OK. If the version number - * is wrong, return RD_AP_VERSION, and if it's not an AUTH_MSG_APPL_ERR - * type message, return RD_AP_MSG_TYPE. - * - * The AUTH_MSG_APPL_ERR message format can be found in mk_err.c - */ - -int -krb_rd_err(u_char *in, u_int32_t in_length, int32_t *code, MSG_DAT *m_data) -{ - unsigned char *p = (unsigned char*)in; - - unsigned char pvno, type; - int little_endian; - - pvno = *p++; - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - little_endian = type & 1; - type &= ~1; - - if(type != AUTH_MSG_APPL_ERR) - return RD_AP_MSG_TYPE; - - p += krb_get_int(p, (u_int32_t *)&code, 4, little_endian); - - m_data->app_data = p; - m_data->app_length = in_length; /* XXX is this correct? */ - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/rd_priv.c b/crypto/kerberosIV/lib/krb/rd_priv.c deleted file mode 100644 index 5ae161a43af7..000000000000 --- a/crypto/kerberosIV/lib/krb/rd_priv.c +++ /dev/null @@ -1,125 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: rd_priv.c,v 1.27 1999/12/02 16:58:43 joda Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -/* - * krb_rd_priv() decrypts and checks the integrity of an - * AUTH_MSG_PRIVATE message. Given the message received, "in", - * the length of that message, "in_length", the key "schedule" - * and "key", and the network addresses of the - * "sender" and "receiver" of the message, krb_rd_safe() returns - * RD_AP_OK if the message is okay, otherwise some error code. - * - * The message data retrieved from "in" are returned in the structure - * "m_data". The pointer to the application data - * (m_data->app_data) refers back to the appropriate place in "in". - * - * See the file "mk_priv.c" for the format of the AUTH_MSG_PRIVATE - * message. The structure containing the extracted message - * information, MSG_DAT, is defined in "krb.h". - */ - -int32_t -krb_rd_priv(void *in, u_int32_t in_length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver, - MSG_DAT *m_data) -{ - unsigned char *p = (unsigned char*)in; - int little_endian; - u_int32_t clen; - struct timeval tv; - u_int32_t src_addr; - int delta_t; - - unsigned char pvno, type; - - pvno = *p++; - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - little_endian = type & 1; - type &= ~1; - - p += krb_get_int(p, &clen, 4, little_endian); - - if(clen + 2 > in_length) - return RD_AP_MODIFIED; - - des_pcbc_encrypt((des_cblock*)p, (des_cblock*)p, clen, - schedule, key, DES_DECRYPT); - - p += krb_get_int(p, &m_data->app_length, 4, little_endian); - if(m_data->app_length + 17 > in_length) - return RD_AP_MODIFIED; - - m_data->app_data = p; - p += m_data->app_length; - - m_data->time_5ms = *p++; - - p += krb_get_address(p, &src_addr); - - if (!krb_equiv(src_addr, sender->sin_addr.s_addr)) - return RD_AP_BADD; - - p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian); - - m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver); - - gettimeofday(&tv, NULL); - - /* check the time integrity of the msg */ - delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec)); - if (delta_t > CLOCK_SKEW) - return RD_AP_TIME; - if (krb_debug) - krb_warning("delta_t = %d\n", (int) delta_t); - - /* - * caller must check timestamps for proper order and - * replays, since server might have multiple clients - * each with its own timestamps and we don't assume - * tightly synchronized clocks. - */ - - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/rd_req.c b/crypto/kerberosIV/lib/krb/rd_req.c deleted file mode 100644 index 4dca78e41af9..000000000000 --- a/crypto/kerberosIV/lib/krb/rd_req.c +++ /dev/null @@ -1,324 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: rd_req.c,v 1.27.2.2 2000/06/23 04:00:20 assar Exp $"); - -static struct timeval t_local = { 0, 0 }; - -/* - * Keep the following information around for subsequent calls - * to this routine by the same server using the same key. - */ - -static des_key_schedule serv_key; /* Key sched to decrypt ticket */ -static des_cblock ky; /* Initialization vector */ -static int st_kvno; /* version number for this key */ -static char st_rlm[REALM_SZ]; /* server's realm */ -static char st_nam[ANAME_SZ]; /* service name */ -static char st_inst[INST_SZ]; /* server's instance */ - -/* - * This file contains two functions. krb_set_key() takes a DES - * key or password string and returns a DES key (either the original - * key, or the password converted into a DES key) and a key schedule - * for it. - * - * krb_rd_req() reads an authentication request and returns information - * about the identity of the requestor, or an indication that the - * identity information was not authentic. - */ - -/* - * krb_set_key() takes as its first argument either a DES key or a - * password string. The "cvt" argument indicates how the first - * argument "key" is to be interpreted: if "cvt" is null, "key" is - * taken to be a DES key; if "cvt" is non-null, "key" is taken to - * be a password string, and is converted into a DES key using - * string_to_key(). In either case, the resulting key is returned - * in the external static variable "ky". A key schedule is - * generated for "ky" and returned in the external static variable - * "serv_key". - * - * This routine returns the return value of des_key_sched. - * - * krb_set_key() needs to be in the same .o file as krb_rd_req() so that - * the key set by krb_set_key() is available in private storage for - * krb_rd_req(). - */ - -int -krb_set_key(void *key, int cvt) -{ -#ifdef NOENCRYPTION - memset(ky, 0, sizeof(ky)); - return KSUCCESS; -#else /* Encrypt */ - if (cvt) - des_string_to_key((char*)key, &ky); - else - memcpy((char*)ky, key, 8); - return(des_key_sched(&ky, serv_key)); -#endif /* NOENCRYPTION */ -} - - -/* - * krb_rd_req() takes an AUTH_MSG_APPL_REQUEST or - * AUTH_MSG_APPL_REQUEST_MUTUAL message created by krb_mk_req(), - * checks its integrity and returns a judgement as to the requestor's - * identity. - * - * The "authent" argument is a pointer to the received message. - * The "service" and "instance" arguments name the receiving server, - * and are used to get the service's ticket to decrypt the ticket - * in the message, and to compare against the server name inside the - * ticket. "from_addr" is the network address of the host from which - * the message was received; this is checked against the network - * address in the ticket. If "from_addr" is zero, the check is not - * performed. "ad" is an AUTH_DAT structure which is - * filled in with information about the sender's identity according - * to the authenticator and ticket sent in the message. Finally, - * "fn" contains the name of the file containing the server's key. - * (If "fn" is NULL, the server's key is assumed to have been set - * by krb_set_key(). If "fn" is the null string ("") the default - * file KEYFILE, defined in "krb.h", is used.) - * - * krb_rd_req() returns RD_AP_OK if the authentication information - * was genuine, or one of the following error codes (defined in - * "krb.h"): - * - * RD_AP_VERSION - wrong protocol version number - * RD_AP_MSG_TYPE - wrong message type - * RD_AP_UNDEC - couldn't decipher the message - * RD_AP_INCON - inconsistencies found - * RD_AP_BADD - wrong network address - * RD_AP_TIME - client time (in authenticator) - * too far off server time - * RD_AP_NYV - Kerberos time (in ticket) too - * far off server time - * RD_AP_EXP - ticket expired - * - * For the message format, see krb_mk_req(). - * - * Mutual authentication is not implemented. - */ - -int -krb_rd_req(KTEXT authent, /* The received message */ - char *service, /* Service name */ - char *instance, /* Service instance */ - int32_t from_addr, /* Net address of originating host */ - AUTH_DAT *ad, /* Structure to be filled in */ - char *a_fn) /* Filename to get keys from */ -{ - static KTEXT_ST ticket; /* Temp storage for ticket */ - static KTEXT tkt = &ticket; - static KTEXT_ST req_id_st; /* Temp storage for authenticator */ - KTEXT req_id = &req_id_st; - - char realm[REALM_SZ]; /* Realm of issuing kerberos */ - - unsigned char skey[KKEY_SZ]; /* Session key from ticket */ - char sname[SNAME_SZ]; /* Service name from ticket */ - char iname[INST_SZ]; /* Instance name from ticket */ - char r_aname[ANAME_SZ]; /* Client name from authenticator */ - char r_inst[INST_SZ]; /* Client instance from authenticator */ - char r_realm[REALM_SZ]; /* Client realm from authenticator */ - u_int32_t r_time_sec; /* Coarse time from authenticator */ - unsigned long delta_t; /* Time in authenticator - local time */ - long tkt_age; /* Age of ticket */ - static unsigned char s_kvno;/* Version number of the server's key - * Kerberos used to encrypt ticket */ - - struct timeval tv; - int status; - - int pvno; - int type; - int little_endian; - - const char *fn = a_fn; - - unsigned char *p; - - if (authent->length <= 0) - return(RD_AP_MODIFIED); - - p = authent->dat; - - /* get msg version, type and byte order, and server key version */ - - pvno = *p++; - - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - - little_endian = type & 1; - type &= ~1; - - if(type != AUTH_MSG_APPL_REQUEST && type != AUTH_MSG_APPL_REQUEST_MUTUAL) - return RD_AP_MSG_TYPE; - - s_kvno = *p++; - - p += krb_get_string(p, realm, sizeof(realm)); - - /* - * If "fn" is NULL, key info should already be set; don't - * bother with ticket file. Otherwise, check to see if we - * already have key info for the given server and key version - * (saved in the static st_* variables). If not, go get it - * from the ticket file. If "fn" is the null string, use the - * default ticket file. - */ - if (fn && (strcmp(st_nam,service) || strcmp(st_inst,instance) || - strcmp(st_rlm,realm) || (st_kvno != s_kvno))) { - if (*fn == 0) fn = (char *)KEYFILE; - st_kvno = s_kvno; - if (read_service_key(service, instance, realm, s_kvno, - fn, (char *)skey)) - return(RD_AP_UNDEC); - if ((status = krb_set_key((char*)skey, 0))) - return(status); - strlcpy (st_rlm, realm, REALM_SZ); - strlcpy (st_nam, service, SNAME_SZ); - strlcpy (st_inst, instance, INST_SZ); - } - - tkt->length = *p++; - - req_id->length = *p++; - - if(tkt->length + (p - authent->dat) > authent->length) - return RD_AP_MODIFIED; - - memcpy(tkt->dat, p, tkt->length); - p += tkt->length; - - if (krb_ap_req_debug) - krb_log("ticket->length: %d",tkt->length); - - /* Decrypt and take apart ticket */ - if (decomp_ticket(tkt, &ad->k_flags, ad->pname, ad->pinst, ad->prealm, - &ad->address, ad->session, &ad->life, - &ad->time_sec, sname, iname, &ky, serv_key)) - return RD_AP_UNDEC; - - if (krb_ap_req_debug) { - krb_log("Ticket Contents."); - krb_log(" Aname: %s.%s",ad->pname, ad->prealm); - krb_log(" Service: %s", krb_unparse_name_long(sname, iname, NULL)); - } - - /* Extract the authenticator */ - - if(req_id->length + (p - authent->dat) > authent->length) - return RD_AP_MODIFIED; - - memcpy(req_id->dat, p, req_id->length); - p = req_id->dat; - -#ifndef NOENCRYPTION - /* And decrypt it with the session key from the ticket */ - if (krb_ap_req_debug) krb_log("About to decrypt authenticator"); - - encrypt_ktext(req_id, &ad->session, DES_DECRYPT); - - if (krb_ap_req_debug) krb_log("Done."); -#endif /* NOENCRYPTION */ - - /* cast req_id->length to int? */ -#define check_ptr() if ((ptr - (char *) req_id->dat) > req_id->length) return(RD_AP_MODIFIED); - - p += krb_get_nir(p, - r_aname, sizeof(r_aname), - r_inst, sizeof(r_inst), - r_realm, sizeof(r_realm)); - - p += krb_get_int(p, &ad->checksum, 4, little_endian); - - p++; /* time_5ms is not used */ - - p += krb_get_int(p, &r_time_sec, 4, little_endian); - - /* Check for authenticity of the request */ - if (krb_ap_req_debug) - krb_log("Principal: %s.%s@%s / %s.%s@%s",ad->pname,ad->pinst, ad->prealm, - r_aname, r_inst, r_realm); - if (strcmp(ad->pname, r_aname) != 0 || - strcmp(ad->pinst, r_inst) != 0 || - strcmp(ad->prealm, r_realm) != 0) - return RD_AP_INCON; - - if (krb_ap_req_debug) - krb_log("Address: %x %x", ad->address, from_addr); - - if (from_addr && (!krb_equiv(ad->address, from_addr))) - return RD_AP_BADD; - - gettimeofday(&tv, NULL); - delta_t = abs((int)(tv.tv_sec - r_time_sec)); - if (delta_t > CLOCK_SKEW) { - if (krb_ap_req_debug) - krb_log("Time out of range: %lu - %lu = %lu", - (unsigned long)t_local.tv_sec, - (unsigned long)r_time_sec, - (unsigned long)delta_t); - return RD_AP_TIME; - } - - /* Now check for expiration of ticket */ - - tkt_age = tv.tv_sec - ad->time_sec; - if (krb_ap_req_debug) - krb_log("Time: %ld Issue Date: %lu Diff: %ld Life %x", - (long)tv.tv_sec, - (unsigned long)ad->time_sec, - tkt_age, - ad->life); - - if ((tkt_age < 0) && (-tkt_age > CLOCK_SKEW)) - return RD_AP_NYV; - - if (tv.tv_sec > krb_life_to_time(ad->time_sec, ad->life)) - return RD_AP_EXP; - - /* All seems OK */ - ad->reply.length = 0; - - return(RD_AP_OK); -} diff --git a/crypto/kerberosIV/lib/krb/rd_safe.c b/crypto/kerberosIV/lib/krb/rd_safe.c deleted file mode 100644 index 1d536abdff84..000000000000 --- a/crypto/kerberosIV/lib/krb/rd_safe.c +++ /dev/null @@ -1,183 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: rd_safe.c,v 1.26.2.1 2000/10/10 13:20:36 assar Exp $"); - -/* application include files */ -#include "krb-archaeology.h" - -#ifndef DES_QUAD_GUESS -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -#define DES_QUAD_DEFAULT DES_QUAD_GUESS - -#endif /* DES_QUAD_GUESS */ - -/* Generate two checksums in the given byteorder of the data, one - * new-form and one old-form. It has to be done this way to be - * compatible with the old version of des_quad_cksum. - */ - -/* des_quad_chsum-type; 0 == unknown, 1 == new PL10++, 2 == old */ -int dqc_type = DES_QUAD_DEFAULT; - -void -fixup_quad_cksum(void *start, size_t len, des_cblock *key, - void *new_checksum, void *old_checksum, int little) -{ - des_quad_cksum((des_cblock*)start, (des_cblock*)new_checksum, len, 2, key); - if(HOST_BYTE_ORDER){ - if(little){ - memcpy(old_checksum, new_checksum, 16); - }else{ - u_int32_t *tmp = (u_int32_t*)new_checksum; - memcpy(old_checksum, new_checksum, 16); - swap_u_16(old_checksum); - swap_u_long(tmp[0]); - swap_u_long(tmp[1]); - swap_u_long(tmp[2]); - swap_u_long(tmp[3]); - } - }else{ - if(little){ - u_int32_t *tmp = (u_int32_t*)new_checksum; - swap_u_long(tmp[0]); - swap_u_long(tmp[1]); - swap_u_long(tmp[2]); - swap_u_long(tmp[3]); - memcpy(old_checksum, new_checksum, 16); - }else{ - u_int32_t tmp[4]; - tmp[0] = ((u_int32_t*)new_checksum)[3]; - tmp[1] = ((u_int32_t*)new_checksum)[2]; - tmp[2] = ((u_int32_t*)new_checksum)[1]; - tmp[3] = ((u_int32_t*)new_checksum)[0]; - memcpy(old_checksum, tmp, 16); - } - } -} - -/* - * krb_rd_safe() checks the integrity of an AUTH_MSG_SAFE message. - * Given the message received, "in", the length of that message, - * "in_length", the "key" to compute the checksum with, and the - * network addresses of the "sender" and "receiver" of the message, - * krb_rd_safe() returns RD_AP_OK if message is okay, otherwise - * some error code. - * - * The message data retrieved from "in" is returned in the structure - * "m_data". The pointer to the application data (m_data->app_data) - * refers back to the appropriate place in "in". - * - * See the file "mk_safe.c" for the format of the AUTH_MSG_SAFE - * message. The structure containing the extracted message - * information, MSG_DAT, is defined in "krb.h". - */ - -int32_t -krb_rd_safe(void *in, u_int32_t in_length, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver, - MSG_DAT *m_data) -{ - unsigned char *p = (unsigned char*)in, *start; - - unsigned char pvno, type; - int little_endian; - struct timeval tv; - u_int32_t src_addr; - int delta_t; - - - pvno = *p++; - if(pvno != KRB_PROT_VERSION) - return RD_AP_VERSION; - - type = *p++; - little_endian = type & 1; - type &= ~1; - if(type != AUTH_MSG_SAFE) - return RD_AP_MSG_TYPE; - - start = p; - - p += krb_get_int(p, &m_data->app_length, 4, little_endian); - - if(m_data->app_length + 31 > in_length) - return RD_AP_MODIFIED; - - m_data->app_data = p; - - p += m_data->app_length; - - m_data->time_5ms = *p++; - - p += krb_get_address(p, &src_addr); - - if (!krb_equiv(src_addr, sender->sin_addr.s_addr)) - return RD_AP_BADD; - - p += krb_get_int(p, (u_int32_t *)&m_data->time_sec, 4, little_endian); - m_data->time_sec = lsb_time(m_data->time_sec, sender, receiver); - - gettimeofday(&tv, NULL); - - delta_t = abs((int)((long) tv.tv_sec - m_data->time_sec)); - if (delta_t > CLOCK_SKEW) return RD_AP_TIME; - - /* - * caller must check timestamps for proper order and replays, since - * server might have multiple clients each with its own timestamps - * and we don't assume tightly synchronized clocks. - */ - - { - unsigned char new_checksum[16]; - unsigned char old_checksum[16]; - fixup_quad_cksum(start, p - start, key, - new_checksum, old_checksum, little_endian); - if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_NEW) && - memcmp(new_checksum, p, 16) == 0) - dqc_type = DES_QUAD_NEW; - else if((dqc_type == DES_QUAD_GUESS || dqc_type == DES_QUAD_OLD) && - memcmp(old_checksum, p, 16) == 0) - dqc_type = DES_QUAD_OLD; - else - return RD_AP_MODIFIED; - } - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/read_service_key.c b/crypto/kerberosIV/lib/krb/read_service_key.c deleted file mode 100644 index 55fb98df90e6..000000000000 --- a/crypto/kerberosIV/lib/krb/read_service_key.c +++ /dev/null @@ -1,117 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: read_service_key.c,v 1.12 1999/09/16 20:41:54 assar Exp $"); - -/* - * The private keys for servers on a given host are stored in a - * "srvtab" file (typically "/etc/srvtab"). This routine extracts - * a given server's key from the file. - * - * read_service_key() takes the server's name ("service"), "instance", - * and "realm" and a key version number "kvno", and looks in the given - * "file" for the corresponding entry, and if found, returns the entry's - * key field in "key". - * - * If "instance" contains the string "*", then it will match - * any instance, and the chosen instance will be copied to that - * string. For this reason it is important that the there is enough - * space beyond the "*" to receive the entry. - * - * If "kvno" is 0, it is treated as a wild card and the first - * matching entry regardless of the "vno" field is returned. - * - * This routine returns KSUCCESS on success, otherwise KFAILURE. - * - * The format of each "srvtab" entry is as follows: - * - * Size Variable Field in file - * ---- -------- ------------- - * string serv server name - * string inst server instance - * string realm server realm - * 1 byte vno server key version # - * 8 bytes key server's key - * ... ... ... - */ - - -int -read_service_key(const char *service, /* Service Name */ - char *instance, /* Instance name or "*" */ - const char *realm, /* Realm */ - int kvno, /* Key version number */ - const char *file, /* Filename */ - void *key) /* Pointer to key to be filled in */ -{ - char serv[SNAME_SZ]; - char inst[INST_SZ]; - char rlm[REALM_SZ]; - unsigned char vno; /* Key version number */ - int wcard; - - int stab; - - if ((stab = open(file, O_RDONLY, 0)) < 0) - return(KFAILURE); - - wcard = (instance[0] == '*') && (instance[1] == '\0'); - - while (getst(stab,serv,SNAME_SZ) > 0) { /* Read sname */ - getst(stab,inst,INST_SZ); /* Instance */ - getst(stab,rlm,REALM_SZ); /* Realm */ - /* Vers number */ - if (read(stab, &vno, 1) != 1) { - close(stab); - return(KFAILURE); - } - /* Key */ - if (read(stab,key,8) != 8) { - close(stab); - return(KFAILURE); - } - /* Is this the right service */ - if (strcmp(serv,service)) - continue; - /* How about instance */ - if (!wcard && strcmp(inst,instance)) - continue; - if (wcard) { - strlcpy (instance, inst, INST_SZ); - } - /* Is this the right realm */ - if (strcmp(rlm,realm)) - continue; - - /* How about the key version number */ - if (kvno && kvno != (int) vno) - continue; - - close(stab); - return(KSUCCESS); - } - - /* Can't find the requested service */ - close(stab); - return(KFAILURE); -} diff --git a/crypto/kerberosIV/lib/krb/realm_parse.c b/crypto/kerberosIV/lib/krb/realm_parse.c deleted file mode 100644 index a4f0e7f82173..000000000000 --- a/crypto/kerberosIV/lib/krb/realm_parse.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: realm_parse.c,v 1.17 1999/12/02 16:58:43 joda Exp $"); - -static int -realm_parse(char *realm, int length, const char *file) -{ - FILE *F; - char tr[128]; - char *p; - - if ((F = fopen(file,"r")) == NULL) - return -1; - - while(fgets(tr, sizeof(tr), F)){ - char *unused = NULL; - p = strtok_r(tr, " \t\n\r", &unused); - if(p && strcasecmp(p, realm) == 0){ - fclose(F); - strlcpy (realm, p, length); - return 0; - } - } - fclose(F); - return -1; -} - -int -krb_realm_parse(char *realm, int length) -{ - int i; - char file[MaxPathLen]; - - for(i = 0; krb_get_krbconf(i, file, sizeof(file)) == 0; i++) - if (realm_parse(realm, length, file) == 0) - return 0; - return -1; -} diff --git a/crypto/kerberosIV/lib/krb/recvauth.c b/crypto/kerberosIV/lib/krb/recvauth.c deleted file mode 100644 index 1bd805dda17d..000000000000 --- a/crypto/kerberosIV/lib/krb/recvauth.c +++ /dev/null @@ -1,193 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: recvauth.c,v 1.19 1998/06/09 19:25:25 joda Exp $"); - -/* - * krb_recvauth() reads (and optionally responds to) a message sent - * using krb_sendauth(). The "options" argument is a bit-field of - * selected options (see "sendauth.c" for options description). - * The only option relevant to krb_recvauth() is KOPT_DO_MUTUAL - * (mutual authentication requested). The "fd" argument supplies - * a file descriptor to read from (and write to, if mutual authenti- - * cation is requested). - * - * Part of the received message will be a Kerberos ticket sent by the - * client; this is read into the "ticket" argument. The "service" and - * "instance" arguments supply the server's Kerberos name. If the - * "instance" argument is the string "*", it is treated as a wild card - * and filled in during the krb_rd_req() call (see read_service_key()). - * - * The "faddr" and "laddr" give the sending (client) and receiving - * (local server) network addresses. ("laddr" may be left NULL unless - * mutual authentication is requested, in which case it must be set.) - * - * The authentication information extracted from the message is returned - * in "kdata". The "filename" argument indicates the file where the - * server's key can be found. (It is passed on to krb_rd_req().) If - * left null, the default "/etc/srvtab" will be used. - * - * If mutual authentication is requested, the session key schedule must - * be computed in order to reply; this schedule is returned in the - * "schedule" argument. A string containing the application version - * number from the received message is returned in "version", which - * should be large enough to hold a KRB_SENDAUTH_VLEN-character string. - * - * See krb_sendauth() for the format of the received client message. - * - * krb_recvauth() first reads the protocol version string from the - * given file descriptor. If it doesn't match the current protocol - * version (KRB_SENDAUTH_VERS), the old-style format is assumed. In - * that case, the string of characters up to the first space is read - * and interpreted as the ticket length, then the ticket is read. - * - * If the first string did match KRB_SENDAUTH_VERS, krb_recvauth() - * next reads the application protocol version string. Then the - * ticket length and ticket itself are read. - * - * The ticket is decrypted and checked by the call to krb_rd_req(). - * If no mutual authentication is required, the result of the - * krb_rd_req() call is retured by this routine. If mutual authenti- - * cation is required, a message in the following format is returned - * on "fd": - * - * Size Variable Field - * ---- -------- ----- - * - * 4 bytes tkt_len length of ticket or -1 - * if error occurred - * - * priv_len tmp_buf "private" message created - * by krb_mk_priv() which - * contains the incremented - * checksum sent by the client - * encrypted in the session - * key. (This field is not - * present in case of error.) - * - * If all goes well, KSUCCESS is returned; otherwise KFAILURE or some - * other error code is returned. - */ - -static int -send_error_reply(int fd) -{ - unsigned char tmp[4] = { 255, 255, 255, 255 }; - if(krb_net_write(fd, tmp, sizeof(tmp)) != sizeof(tmp)) - return -1; - return 0; -} - -int -krb_recvauth(int32_t options, /* bit-pattern of options */ - int fd, /* file descr. to read from */ - KTEXT ticket, /* storage for client's ticket */ - char *service, /* service expected */ - char *instance, /* inst expected (may be filled in) */ - struct sockaddr_in *faddr, /* address of foreign host on fd */ - struct sockaddr_in *laddr, /* local address */ - AUTH_DAT *kdata, /* kerberos data (returned) */ - char *filename, /* name of file with service keys */ - des_key_schedule schedule, /* key schedule (return) */ - char *version) /* version string (filled in) */ -{ - int cc; - char krb_vers[KRB_SENDAUTH_VLEN + 1]; /* + 1 for the null terminator */ - int rem; - int32_t priv_len; - u_char tmp_buf[MAX_KTXT_LEN+max(KRB_SENDAUTH_VLEN+1,21)]; - - if (!(options & KOPT_IGNORE_PROTOCOL)) { - /* read the protocol version number */ - if (krb_net_read(fd, krb_vers, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN) - return(errno); - krb_vers[KRB_SENDAUTH_VLEN] = '\0'; - } - - /* read the application version string */ - if (krb_net_read(fd, version, KRB_SENDAUTH_VLEN) != KRB_SENDAUTH_VLEN) - return(errno); - version[KRB_SENDAUTH_VLEN] = '\0'; - - /* get the length of the ticket */ - { - char tmp[4]; - if (krb_net_read(fd, tmp, 4) != 4) - return -1; - krb_get_int(tmp, &ticket->length, 4, 0); - } - - /* sanity check */ - if (ticket->length <= 0 || ticket->length > MAX_KTXT_LEN) { - if (options & KOPT_DO_MUTUAL) { - if(send_error_reply(fd)) - return -1; - return KFAILURE; - } else - return KFAILURE; /* XXX there may still be junk on the fd? */ - } - - /* read the ticket */ - if (krb_net_read(fd, ticket->dat, ticket->length) != ticket->length) - return -1; - /* - * now have the ticket. decrypt it to get the authenticated - * data. - */ - rem = krb_rd_req(ticket, service, instance, faddr->sin_addr.s_addr, - kdata, filename); - - /* if we are doing mutual auth, compose a response */ - if (options & KOPT_DO_MUTUAL) { - if (rem != KSUCCESS){ - /* the krb_rd_req failed */ - if(send_error_reply(fd)) - return -1; - return rem; - } - - /* add one to the (formerly) sealed checksum, and re-seal it - for return to the client */ - { - unsigned char cs[4]; - krb_put_int(kdata->checksum + 1, cs, sizeof(cs), 4); -#ifndef NOENCRYPTION - des_key_sched(&kdata->session,schedule); -#endif - priv_len = krb_mk_priv(cs, - tmp_buf+4, - 4, - schedule, - &kdata->session, - laddr, - faddr); - } - /* mk_priv will never fail */ - priv_len += krb_put_int(priv_len, tmp_buf, 4, 4); - - if((cc = krb_net_write(fd, tmp_buf, priv_len)) != priv_len) - return -1; - } - return rem; -} diff --git a/crypto/kerberosIV/lib/krb/resource.h b/crypto/kerberosIV/lib/krb/resource.h deleted file mode 100644 index d50551f2920a..000000000000 --- a/crypto/kerberosIV/lib/krb/resource.h +++ /dev/null @@ -1,15 +0,0 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Developer Studio generated include file. -// Used by krb.rc -// - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NEXT_RESOURCE_VALUE 101 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 1000 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif diff --git a/crypto/kerberosIV/lib/krb/roken_rename.h b/crypto/kerberosIV/lib/krb/roken_rename.h deleted file mode 100644 index 7bd86e288622..000000000000 --- a/crypto/kerberosIV/lib/krb/roken_rename.h +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken_rename.h,v 1.8.2.1 2000/06/23 03:35:31 assar Exp $ */ - -#ifndef __roken_rename_h__ -#define __roken_rename_h__ - -/* - * Libroken routines that are added libkrb - */ - -#define base64_decode _krb_base64_decode -#define base64_encode _krb_base64_encode - -#define net_write roken_net_write -#define net_read roken_net_read - -#ifndef HAVE_FLOCK -#define flock _krb_flock -#endif -#ifndef HAVE_GETHOSTNAME -#define gethostname _krb_gethostname -#endif -#ifndef HAVE_GETTIMEOFDAY -#define gettimeofday _krb_gettimeofday -#endif -#ifndef HAVE_GETUID -#define getuid _krb_getuid -#endif -#ifndef HAVE_SNPRINTF -#define snprintf _krb_snprintf -#endif -#ifndef HAVE_ASPRINTF -#define asprintf _krb_asprintf -#endif -#ifndef HAVE_ASNPRINTF -#define asnprintf _krb_asnprintf -#endif -#ifndef HAVE_VASPRINTF -#define vasprintf _krb_vasprintf -#endif -#ifndef HAVE_VASNPRINTF -#define vasnprintf _krb_vasnprintf -#endif -#ifndef HAVE_VSNPRINTF -#define vsnprintf _krb_vsnprintf -#endif -#ifndef HAVE_STRCASECMP -#define strcasecmp _krb_strcasecmp -#endif -#ifndef HAVE_STRNCASECMP -#define strncasecmp _krb_strncasecmp -#endif -#ifndef HAVE_STRDUP -#define strdup _krb_strdup -#endif -#ifndef HAVE_STRLCAT -#define strlcat _krb_strlcat -#endif -#ifndef HAVE_STRLCPY -#define strlcpy _krb_strlcpy -#endif -#ifndef HAVE_STRNLEN -#define strnlen _krb_strnlen -#endif -#ifndef HAVE_SWAB -#define swab _krb_swab -#endif -#ifndef HAVE_STRTOK_R -#define strtok_r _krb_strtok_r -#endif - -#define dns_free_data _krb_dns_free_data -#define dns_lookup _krb_dns_lookup - -#endif /* __roken_rename_h__ */ diff --git a/crypto/kerberosIV/lib/krb/rw.c b/crypto/kerberosIV/lib/krb/rw.c deleted file mode 100644 index 5064a6f40a42..000000000000 --- a/crypto/kerberosIV/lib/krb/rw.c +++ /dev/null @@ -1,156 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* Almost all programs use these routines (implicitly) so it's a good - * place to put the version string. */ - -#include "version.h" - -#include "krb_locl.h" - -RCSID("$Id: rw.c,v 1.12.2.1 2000/06/23 03:37:33 assar Exp $"); - -int -krb_get_int(void *f, u_int32_t *to, int size, int lsb) -{ - int i; - unsigned char *from = (unsigned char *)f; - - *to = 0; - if(lsb){ - for(i = size-1; i >= 0; i--) - *to = (*to << 8) | from[i]; - }else{ - for(i = 0; i < size; i++) - *to = (*to << 8) | from[i]; - } - return size; -} - -int -krb_put_int(u_int32_t from, void *to, size_t rem, int size) -{ - int i; - unsigned char *p = (unsigned char *)to; - - if (rem < size) - return -1; - - for(i = size - 1; i >= 0; i--){ - p[i] = from & 0xff; - from >>= 8; - } - return size; -} - - -/* addresses are always sent in network byte order */ - -int -krb_get_address(void *from, u_int32_t *to) -{ - unsigned char *p = (unsigned char*)from; - *to = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); - return 4; -} - -int -krb_put_address(u_int32_t addr, void *to, size_t rem) -{ - return krb_put_int(ntohl(addr), to, rem, 4); -} - -int -krb_put_string(const char *from, void *to, size_t rem) -{ - size_t len = strlen(from) + 1; - - if (rem < len) - return -1; - memcpy(to, from, len); - return len; -} - -int -krb_get_string(void *from, char *to, size_t to_size) -{ - strlcpy (to, (char *)from, to_size); - return strlen((char *)from) + 1; -} - -int -krb_get_nir(void *from, - char *name, size_t name_len, - char *instance, size_t instance_len, - char *realm, size_t realm_len) -{ - char *p = (char *)from; - - p += krb_get_string(p, name, name_len); - p += krb_get_string(p, instance, instance_len); - if(realm) - p += krb_get_string(p, realm, realm_len); - return p - (char *)from; -} - -int -krb_put_nir(const char *name, - const char *instance, - const char *realm, - void *to, - size_t rem) -{ - char *p = (char *)to; - int tmp; - - tmp = krb_put_string(name, p, rem); - if (tmp < 0) - return tmp; - p += tmp; - rem -= tmp; - - tmp = krb_put_string(instance, p, rem); - if (tmp < 0) - return tmp; - p += tmp; - rem -= tmp; - - if (realm) { - tmp = krb_put_string(realm, p, rem); - if (tmp < 0) - return tmp; - p += tmp; - rem -= tmp; - } - return p - (char *)to; -} diff --git a/crypto/kerberosIV/lib/krb/save_credentials.c b/crypto/kerberosIV/lib/krb/save_credentials.c deleted file mode 100644 index cfd6c07eeceb..000000000000 --- a/crypto/kerberosIV/lib/krb/save_credentials.c +++ /dev/null @@ -1,59 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: save_credentials.c,v 1.5 1997/03/23 03:53:17 joda Exp $"); - -/* - * This routine takes a ticket and associated info and calls - * tf_save_cred() to store them in the ticket cache. The peer - * routine for extracting a ticket and associated info from the - * ticket cache is krb_get_cred(). When changes are made to - * this routine, the corresponding changes should be made - * in krb_get_cred() as well. - * - * Returns KSUCCESS if all goes well, otherwise an error returned - * by the tf_init() or tf_save_cred() routines. - */ - -int -save_credentials(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - unsigned char *session, /* Session key */ - int lifetime, /* Lifetime */ - int kvno, /* Key version number */ - KTEXT ticket, /* The ticket itself */ - int32_t issue_date) /* The issue time */ -{ - int tf_status; /* return values of the tf_util calls */ - - /* Open and lock the ticket file for writing */ - if ((tf_status = tf_init(TKT_FILE, W_TKT_FIL)) != KSUCCESS) - return(tf_status); - - /* Save credentials by appending to the ticket file */ - tf_status = tf_save_cred(service, instance, realm, session, - lifetime, kvno, ticket, issue_date); - tf_close(); - return (tf_status); -} diff --git a/crypto/kerberosIV/lib/krb/send_to_kdc.c b/crypto/kerberosIV/lib/krb/send_to_kdc.c deleted file mode 100644 index 4fc2c956785e..000000000000 --- a/crypto/kerberosIV/lib/krb/send_to_kdc.c +++ /dev/null @@ -1,533 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" -#include - -RCSID("$Id: send_to_kdc.c,v 1.71.2.1 2000/10/10 12:47:21 assar Exp $"); - -struct host { - struct sockaddr_in addr; - const char *hostname; - enum krb_host_proto proto; -}; - -static int send_recv(KTEXT pkt, KTEXT rpkt, struct host *host); - -/* - * send_to_kdc() sends a message to the Kerberos authentication - * server(s) in the given realm and returns the reply message. - * The "pkt" argument points to the message to be sent to Kerberos; - * the "rpkt" argument will be filled in with Kerberos' reply. - * The "realm" argument indicates the realm of the Kerberos server(s) - * to transact with. If the realm is null, the local realm is used. - * - * If more than one Kerberos server is known for a given realm, - * different servers will be queried until one of them replies. - * Several attempts (retries) are made for each server before - * giving up entirely. - * - * If an answer was received from a Kerberos host, KSUCCESS is - * returned. The following errors can be returned: - * - * SKDC_CANT - can't get local realm - * - can't find "kerberos" in /etc/services database - * - can't open socket - * - can't bind socket - * - all ports in use - * - couldn't find any Kerberos host - * - * SKDC_RETRY - couldn't get an answer from any Kerberos server, - * after several retries - */ - -/* always use the admin server */ -static int krb_use_admin_server_flag = 0; - -static int client_timeout = -1; - -int -krb_use_admin_server(int flag) -{ - int old = krb_use_admin_server_flag; - krb_use_admin_server_flag = flag; - return old; -} - -#define PROXY_VAR "krb4_proxy" - -static int -expand (struct host **ptr, size_t sz) -{ - void *tmp; - - tmp = realloc (*ptr, sz) ; - if (tmp == NULL) - return SKDC_CANT; - *ptr = tmp; - return 0; -} - -int -send_to_kdc(KTEXT pkt, KTEXT rpkt, const char *realm) -{ - int i; - int no_host; /* was a kerberos host found? */ - int retry; - int n_hosts; - int retval; - struct hostent *host; - char lrealm[REALM_SZ]; - struct krb_host *k_host; - struct host *hosts = malloc(sizeof(*hosts)); - const char *proxy = krb_get_config_string (PROXY_VAR); - - if (hosts == NULL) - return SKDC_CANT; - - if (client_timeout == -1) { - const char *to; - - client_timeout = CLIENT_KRB_TIMEOUT; - to = krb_get_config_string ("kdc_timeout"); - if (to != NULL) { - int tmp; - char *end; - - tmp = strtol (to, &end, 0); - if (end != to) - client_timeout = tmp; - } - } - - /* - * If "realm" is non-null, use that, otherwise get the - * local realm. - */ - if (realm == NULL) { - if (krb_get_lrealm(lrealm,1)) { - if (krb_debug) - krb_warning("send_to_kdc: can't get local realm\n"); - return(SKDC_CANT); - } - realm = lrealm; - } - if (krb_debug) - krb_warning("lrealm is %s\n", realm); - - no_host = 1; - /* get an initial allocation */ - n_hosts = 0; - for (i = 1; - (k_host = krb_get_host(i, realm, krb_use_admin_server_flag)); - ++i) { - char *p; - char **addr_list; - int j; - int n_addrs; - struct host *tmp; - - if (k_host->proto == PROTO_HTTP && proxy != NULL) { - n_addrs = 1; - no_host = 0; - - retval = expand (&hosts, (n_hosts + n_addrs) * sizeof(*hosts)); - if (retval) - goto rtn; - - memset (&hosts[n_hosts].addr, 0, sizeof(struct sockaddr_in)); - hosts[n_hosts].addr.sin_port = htons(k_host->port); - hosts[n_hosts].proto = k_host->proto; - hosts[n_hosts].hostname = k_host->host; - } else { - if (krb_debug) - krb_warning("Getting host entry for %s...", k_host->host); - host = gethostbyname(k_host->host); - if (krb_debug) { - krb_warning("%s.\n", - host ? "Got it" : "Didn't get it"); - } - if (host == NULL) - continue; - no_host = 0; /* found at least one */ - - n_addrs = 0; - for (addr_list = host->h_addr_list; - *addr_list != NULL; - ++addr_list) - ++n_addrs; - - retval = expand (&hosts, (n_hosts + n_addrs) * sizeof(*hosts)); - if (retval) - goto rtn; - - for (addr_list = host->h_addr_list, j = 0; - (p = *addr_list) != NULL; - ++addr_list, ++j) { - memset (&hosts[n_hosts + j].addr, 0, - sizeof(struct sockaddr_in)); - hosts[n_hosts + j].addr.sin_family = host->h_addrtype; - hosts[n_hosts + j].addr.sin_port = htons(k_host->port); - hosts[n_hosts + j].proto = k_host->proto; - hosts[n_hosts + j].hostname = k_host->host; - memcpy(&hosts[n_hosts + j].addr.sin_addr, p, - sizeof(struct in_addr)); - } - } - - for (j = 0; j < n_addrs; ++j) { - if (send_recv(pkt, rpkt, &hosts[n_hosts + j])) { - retval = KSUCCESS; - goto rtn; - } - if (krb_debug) { - krb_warning("Timeout, error, or wrong descriptor\n"); - } - } - n_hosts += j; - } - if (no_host) { - if (krb_debug) - krb_warning("send_to_kdc: can't find any Kerberos host.\n"); - retval = SKDC_CANT; - goto rtn; - } - /* retry each host in sequence */ - for (retry = 0; retry < CLIENT_KRB_RETRY; ++retry) { - for (i = 0; i < n_hosts; ++i) { - if (send_recv(pkt, rpkt, &hosts[i])) { - retval = KSUCCESS; - goto rtn; - } - } - } - retval = SKDC_RETRY; -rtn: - free(hosts); - return(retval); -} - -static int -udp_socket(void) -{ - return socket(AF_INET, SOCK_DGRAM, 0); -} - -static int -udp_connect(int s, struct host *host) -{ - if(krb_debug) { - krb_warning("connecting to %s (%s) udp, port %d\n", - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - return connect(s, (struct sockaddr*)&host->addr, sizeof(host->addr)); -} - -static int -udp_send(int s, struct host *host, KTEXT pkt) -{ - if(krb_debug) { - krb_warning("sending %d bytes to %s (%s), udp port %d\n", - pkt->length, - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - return send(s, pkt->dat, pkt->length, 0); -} - -static int -tcp_socket(void) -{ - return socket(AF_INET, SOCK_STREAM, 0); -} - -static int -tcp_connect(int s, struct host *host) -{ - if(krb_debug) { - krb_warning("connecting to %s (%s), tcp port %d\n", - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - return connect(s, (struct sockaddr*)&host->addr, sizeof(host->addr)); -} - -static int -tcp_send(int s, struct host *host, KTEXT pkt) -{ - unsigned char len[4]; - - if(krb_debug) { - krb_warning("sending %d bytes to %s (%s), tcp port %d\n", - pkt->length, - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - krb_put_int(pkt->length, len, sizeof(len), 4); - if(send(s, len, sizeof(len), 0) != sizeof(len)) - return -1; - return send(s, pkt->dat, pkt->length, 0); -} - -static int -udptcp_recv(void *buf, size_t len, KTEXT rpkt) -{ - int pktlen = min(len, MAX_KTXT_LEN); - - if(krb_debug) - krb_warning("recieved %lu bytes on udp/tcp socket\n", - (unsigned long)len); - memcpy(rpkt->dat, buf, pktlen); - rpkt->length = pktlen; - return 0; -} - -static int -url_parse(const char *url, char *host, size_t len, short *port) -{ - const char *p; - size_t n; - - if(strncmp(url, "http://", 7)) - return -1; - url += 7; - p = strchr(url, ':'); - if(p) { - char *end; - - *port = htons(strtol(p + 1, &end, 0)); - if (end == p + 1) - return -1; - n = p - url; - } else { - *port = k_getportbyname ("http", "tcp", htons(80)); - p = strchr(url, '/'); - if (p) - n = p - url; - else - n = strlen(url); - } - if (n >= len) - return -1; - memcpy(host, url, n); - host[n] = '\0'; - return 0; -} - -static int -http_connect(int s, struct host *host) -{ - const char *proxy = krb_get_config_string(PROXY_VAR); - char proxy_host[MaxHostNameLen]; - short port; - struct hostent *hp; - struct sockaddr_in sin; - - if(proxy == NULL) { - if(krb_debug) - krb_warning("Not using proxy.\n"); - return tcp_connect(s, host); - } - if(url_parse(proxy, proxy_host, sizeof(proxy_host), &port) < 0) - return -1; - hp = gethostbyname(proxy_host); - if(hp == NULL) - return -1; - memset(&sin, 0, sizeof(sin)); - sin.sin_family = AF_INET; - memcpy(&sin.sin_addr, hp->h_addr, sizeof(sin.sin_addr)); - sin.sin_port = port; - if(krb_debug) { - krb_warning("connecting to proxy on %s (%s) port %d\n", - proxy_host, inet_ntoa(sin.sin_addr), ntohs(port)); - } - return connect(s, (struct sockaddr*)&sin, sizeof(sin)); -} - -static int -http_send(int s, struct host *host, KTEXT pkt) -{ - const char *proxy = krb_get_config_string (PROXY_VAR); - char *str; - char *msg; - - if(base64_encode(pkt->dat, pkt->length, &str) < 0) - return -1; - if(proxy != NULL) { - if(krb_debug) { - krb_warning("sending %d bytes to %s, tcp port %d (via proxy)\n", - pkt->length, - host->hostname, - ntohs(host->addr.sin_port)); - } - asprintf(&msg, "GET http://%s:%d/%s HTTP/1.0\r\n\r\n", - host->hostname, - ntohs(host->addr.sin_port), - str); - } else { - if(krb_debug) { - krb_warning("sending %d bytes to %s (%s), http port %d\n", - pkt->length, - host->hostname, - inet_ntoa(host->addr.sin_addr), - ntohs(host->addr.sin_port)); - } - asprintf(&msg, "GET %s HTTP/1.0\r\n\r\n", str); - } - free(str); - - if (msg == NULL) - return -1; - - if(send(s, msg, strlen(msg), 0) != strlen(msg)){ - free(msg); - return -1; - } - free(msg); - return 0; -} - -static int -http_recv(void *buf, size_t len, KTEXT rpkt) -{ - char *p; - char *tmp = malloc(len + 1); - - if (tmp == NULL) - return -1; - memcpy(tmp, buf, len); - tmp[len] = 0; - p = strstr(tmp, "\r\n\r\n"); - if(p == NULL){ - free(tmp); - return -1; - } - p += 4; - if(krb_debug) - krb_warning("recieved %lu bytes on http socket\n", - (unsigned long)((tmp + len) - p)); - if((tmp + len) - p > MAX_KTXT_LEN) { - free(tmp); - return -1; - } - if (strncasecmp (tmp, "HTTP/1.0 2", 10) != 0 - && strncasecmp (tmp, "HTTP/1.1 2", 10) != 0) { - free (tmp); - return -1; - } - memcpy(rpkt->dat, p, (tmp + len) - p); - rpkt->length = (tmp + len) - p; - free(tmp); - return 0; -} - -static struct proto_descr { - int proto; - int stream_flag; - int (*socket)(void); - int (*connect)(int, struct host *host); - int (*send)(int, struct host *host, KTEXT); - int (*recv)(void*, size_t, KTEXT); -} protos[] = { - { PROTO_UDP, 0, udp_socket, udp_connect, udp_send, udptcp_recv }, - { PROTO_TCP, 1, tcp_socket, tcp_connect, tcp_send, udptcp_recv }, - { PROTO_HTTP, 1, tcp_socket, http_connect, http_send, http_recv } -}; - -static int -send_recv(KTEXT pkt, KTEXT rpkt, struct host *host) -{ - int i; - int s; - unsigned char buf[MAX_KTXT_LEN]; - int offset = 0; - - for(i = 0; i < sizeof(protos) / sizeof(protos[0]); i++){ - if(protos[i].proto == host->proto) - break; - } - if(i == sizeof(protos) / sizeof(protos[0])) - return FALSE; - if((s = (*protos[i].socket)()) < 0) - return FALSE; - if((*protos[i].connect)(s, host) < 0) { - close(s); - return FALSE; - } - if((*protos[i].send)(s, host, pkt) < 0) { - close(s); - return FALSE; - } - do{ - fd_set readfds; - struct timeval timeout; - int len; - timeout.tv_sec = client_timeout; - timeout.tv_usec = 0; - FD_ZERO(&readfds); - if (s >= FD_SETSIZE) { - if (krb_debug) - krb_warning("fd too large\n"); - close (s); - return FALSE; - } - FD_SET(s, &readfds); - - /* select - either recv is ready, or timeout */ - /* see if timeout or error or wrong descriptor */ - if(select(s + 1, &readfds, 0, 0, &timeout) < 1 - || !FD_ISSET(s, &readfds)) { - if (krb_debug) - krb_warning("select failed: errno = %d\n", errno); - close(s); - return FALSE; - } - len = recv(s, buf + offset, sizeof(buf) - offset, 0); - if (len < 0) { - close(s); - return FALSE; - } - if(len == 0) - break; - offset += len; - } while(protos[i].stream_flag); - close(s); - if((*protos[i].recv)(buf, offset, rpkt) < 0) - return FALSE; - return TRUE; -} - -/* The configuration line "hosts: dns files" in /etc/nsswitch.conf is - * rumored to avoid triggering this bug. */ -#if defined(linux) && defined(HAVE__DNS_GETHOSTBYNAME) && 0 -/* Linux libc 5.3 is broken probably somewhere in nsw_hosts.o, - * for now keep this kludge. */ -static -struct hostent *gethostbyname(const char *name) -{ - return (void *)_dns_gethostbyname(name); -} -#endif diff --git a/crypto/kerberosIV/lib/krb/sendauth.c b/crypto/kerberosIV/lib/krb/sendauth.c deleted file mode 100644 index df73e46a51cd..000000000000 --- a/crypto/kerberosIV/lib/krb/sendauth.c +++ /dev/null @@ -1,166 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: sendauth.c,v 1.18 1999/09/16 20:41:55 assar Exp $"); - -/* - * krb_sendauth() transmits a ticket over a file descriptor for a - * desired service, instance, and realm, doing mutual authentication - * with the server if desired. - */ - -/* - * The first argument to krb_sendauth() contains a bitfield of - * options (the options are defined in "krb.h"): - * - * KOPT_DONT_CANON Don't canonicalize instance as a hostname. - * (If this option is not chosen, krb_get_phost() - * is called to canonicalize it.) - * - * KOPT_DONT_MK_REQ Don't request server ticket from Kerberos. - * A ticket must be supplied in the "ticket" - * argument. - * (If this option is not chosen, and there - * is no ticket for the given server in the - * ticket cache, one will be fetched using - * krb_mk_req() and returned in "ticket".) - * - * KOPT_DO_MUTUAL Do mutual authentication, requiring that the - * receiving server return the checksum+1 encrypted - * in the session key. The mutual authentication - * is done using krb_mk_priv() on the other side - * (see "recvauth.c") and krb_rd_priv() on this - * side. - * - * The "fd" argument is a file descriptor to write to the remote - * server on. The "ticket" argument is used to store the new ticket - * from the krb_mk_req() call. If the KOPT_DONT_MK_REQ options is - * chosen, the ticket must be supplied in the "ticket" argument. - * The "service", "inst", and "realm" arguments identify the ticket. - * If "realm" is null, the local realm is used. - * - * The following arguments are only needed if the KOPT_DO_MUTUAL option - * is chosen: - * - * The "checksum" argument is a number that the server will add 1 to - * to authenticate itself back to the client; the "msg_data" argument - * holds the returned mutual-authentication message from the server - * (i.e., the checksum+1); the "cred" structure is used to hold the - * session key of the server, extracted from the ticket file, for use - * in decrypting the mutual authentication message from the server; - * and "schedule" holds the key schedule for that decryption. The - * the local and server addresses are given in "laddr" and "faddr". - * - * The application protocol version number (of up to KRB_SENDAUTH_VLEN - * characters) is passed in "version". - * - * If all goes well, KSUCCESS is returned, otherwise some error code. - * - * The format of the message sent to the server is: - * - * Size Variable Field - * ---- -------- ----- - * - * KRB_SENDAUTH_VLEN KRB_SENDAUTH_VER sendauth protocol - * bytes version number - * - * KRB_SENDAUTH_VLEN version application protocol - * bytes version number - * - * 4 bytes ticket->length length of ticket - * - * ticket->length ticket->dat ticket itself - */ - -int -krb_sendauth(int32_t options, /* bit-pattern of options */ - int fd, /* file descriptor to write onto */ - KTEXT ticket, /* where to put ticket (return); or - * supplied in case of KOPT_DONT_MK_REQ */ - char *service, /* service name, instance, realm */ - char *instance, - char *realm, - u_int32_t checksum, /* checksum to include in request */ - MSG_DAT *msg_data, /* mutual auth MSG_DAT (return) */ - CREDENTIALS *cred, /* credentials (return) */ - des_key_schedule schedule, /* key schedule (return) */ - struct sockaddr_in *laddr, /* local address */ - struct sockaddr_in *faddr, /* address of foreign host on fd */ - char *version) /* version string */ -{ - int ret; - KTEXT_ST buf; - char realrealm[REALM_SZ]; - - if (realm == NULL) { - ret = krb_get_lrealm (realrealm, 1); - if (ret != KSUCCESS) - return ret; - realm = realrealm; - } - ret = krb_mk_auth (options, ticket, service, instance, realm, checksum, - version, &buf); - if (ret != KSUCCESS) - return ret; - ret = krb_net_write(fd, buf.dat, buf.length); - if(ret < 0) - return -1; - - if (options & KOPT_DO_MUTUAL) { - char tmp[4]; - u_int32_t len; - char inst[INST_SZ]; - char *i; - - ret = krb_net_read (fd, tmp, 4); - if (ret < 0) - return -1; - - krb_get_int (tmp, &len, 4, 0); - if (len == 0xFFFFFFFF || len > sizeof(buf.dat)) - return KFAILURE; - buf.length = len; - ret = krb_net_read (fd, buf.dat, len); - if (ret < 0) - return -1; - - if (options & KOPT_DONT_CANON) - i = instance; - else - i = krb_get_phost(instance); - strlcpy (inst, i, sizeof(inst)); - - ret = krb_get_cred (service, inst, realm, cred); - if (ret != KSUCCESS) - return ret; - - des_key_sched(&cred->session, schedule); - - ret = krb_check_auth (&buf, checksum, msg_data, &cred->session, - schedule, laddr, faddr); - if (ret != KSUCCESS) - return ret; - } - return KSUCCESS; -} diff --git a/crypto/kerberosIV/lib/krb/sizetest.c b/crypto/kerberosIV/lib/krb/sizetest.c deleted file mode 100644 index e6834168cf25..000000000000 --- a/crypto/kerberosIV/lib/krb/sizetest.c +++ /dev/null @@ -1,40 +0,0 @@ -#include "krb_locl.h" - -RCSID("$Id: sizetest.c,v 1.6 1998/01/01 22:29:04 assar Exp $"); - -static void -fatal(const char *msg) -{ - fputs(msg, stderr); - exit(1); -} - -int -main(void) -{ - if (sizeof(u_int8_t) < 1) - fatal("sizeof(u_int8_t) is smaller than 1 byte\n"); - if (sizeof(u_int16_t) < 2) - fatal("sizeof(u_int16_t) is smaller than 2 bytes\n"); - if (sizeof(u_int32_t) < 4) - fatal("sizeof(u_int32_t) is smaller than 4 bytes\n"); - - if (sizeof(u_int8_t) > 1) - fputs("warning: sizeof(u_int8_t) is larger than 1 byte, " - "some stuff may not work properly!\n", stderr); - - { - u_int8_t u = 1; - int i; - for (i = 0; u != 0 && i < 100; i++) - u <<= 1; - - if (i < 8) - fatal("u_int8_t is smaller than 8 bits\n"); - else if (i > 8) - fputs("warning: u_int8_t is larger than 8 bits, " - "some stuff may not work properly!\n", stderr); - } - - exit(0); -} diff --git a/crypto/kerberosIV/lib/krb/solaris_compat.c b/crypto/kerberosIV/lib/krb/solaris_compat.c deleted file mode 100644 index b8443137714f..000000000000 --- a/crypto/kerberosIV/lib/krb/solaris_compat.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $FreeBSD$ */ - -#include "krb_locl.h" - -RCSID("$Id: solaris_compat.c,v 1.4 1999/12/02 16:58:44 joda Exp $"); - -#if (SunOS + 0) >= 50 -/* - * Compatibility with solaris' libkrb. - */ - -int32_t -_C0095C2A(void *in, void *out, u_int32_t length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver) -{ - return krb_mk_priv (in, out, length, schedule, key, sender, receiver); -} - -int32_t -_C0095C2B(void *in, u_int32_t in_length, - des_key_schedule schedule, des_cblock *key, - struct sockaddr_in *sender, struct sockaddr_in *receiver, - MSG_DAT *m_data) -{ - return krb_rd_priv (in, in_length, schedule, key, - sender, receiver, m_data); -} - -void -_C0095B2B(des_cblock *input,des_cblock *output, - des_key_schedule ks,int enc) -{ - des_ecb_encrypt(input, output, ks, enc); -} - -void -_C0095B2A(des_cblock (*input), - des_cblock (*output), - long length, - des_key_schedule schedule, - des_cblock (*ivec), - int encrypt) -{ - des_cbc_encrypt(input, output, length, schedule, ivec, encrypt); -} - -void -_C0095B2C(des_cblock (*input), - des_cblock (*output), - long length, - des_key_schedule schedule, - des_cblock (*ivec), - int encrypt) -{ - des_pcbc_encrypt(input, output, length, schedule, ivec, encrypt); -} -#endif /* (SunOS-0) >= 50 */ diff --git a/crypto/kerberosIV/lib/krb/stime.c b/crypto/kerberosIV/lib/krb/stime.c deleted file mode 100644 index ec57d8fd301b..000000000000 --- a/crypto/kerberosIV/lib/krb/stime.c +++ /dev/null @@ -1,35 +0,0 @@ -/* - * $Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $ - * - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * . - */ - -#include "krb_locl.h" - -RCSID("$Id: stime.c,v 1.6 1997/05/02 14:29:20 assar Exp $"); - -/* - * Given a pointer to a long containing the number of seconds - * since the beginning of time (midnight 1 Jan 1970 GMT), return - * a string containing the local time in the form: - * - * "25-Jan-1988 10:17:56" - */ - -const char * -krb_stime(time_t *t) -{ - static char st[40]; - struct tm *tm; - - tm = localtime(t); - snprintf(st, sizeof(st), - "%2d-%s-%04d %02d:%02d:%02d",tm->tm_mday, - month_sname(tm->tm_mon + 1),tm->tm_year + 1900, - tm->tm_hour, tm->tm_min, tm->tm_sec); - return st; -} diff --git a/crypto/kerberosIV/lib/krb/str2key.c b/crypto/kerberosIV/lib/krb/str2key.c deleted file mode 100644 index 4ef4c57deeb7..000000000000 --- a/crypto/kerberosIV/lib/krb/str2key.c +++ /dev/null @@ -1,105 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: str2key.c,v 1.17 1999/12/02 16:58:44 joda Exp $"); - -#define lowcase(c) (('A' <= (c) && (c) <= 'Z') ? ((c) - 'A' + 'a') : (c)) - -/* - * The string to key function used by Transarc AFS. - */ -void -afs_string_to_key(const char *pass, const char *cell, des_cblock *key) -{ - if (strlen(pass) <= 8) /* Short passwords. */ - { - char buf[8 + 1], *s; - int i; - - /* - * XOR cell and password and pad (or fill) with 'X' to length 8, - * then use crypt(3) to create DES key. - */ - for (i = 0; i < 8; i++) - { - buf[i] = *pass ^ lowcase(*cell); - if (buf[i] == 0) - buf[i] = 'X'; - if (*pass != 0) - pass++; - if (*cell != 0) - cell++; - } - buf[8] = 0; - - s = crypt(buf, "p1"); /* Result from crypt is 7bit chars. */ - s = s + 2; /* Skip 2 chars of salt. */ - for (i = 0; i < 8; i++) - ((char *) key)[i] = s[i] << 1; /* High bit is always zero */ - des_fixup_key_parity(key); /* Low bit is parity */ - } - else /* Long passwords */ - { - int plen, clen; - char *buf, *t; - des_key_schedule sched; - des_cblock ivec; - - /* - * Concatenate password with cell name, - * then checksum twice to create DES key. - */ - plen = strlen(pass); - clen = strlen(cell); - buf = malloc(plen + clen + 1); - memcpy(buf, pass, plen); - for (t = buf + plen; *cell != 0; t++, cell++) - *t = lowcase(*cell); - - memcpy(&ivec, "kerberos", 8); - memcpy(key, "kdsbdsns", 8); - des_key_sched(key, sched); - /* Beware, ivec is passed twice */ - des_cbc_cksum((des_cblock *)buf, &ivec, plen + clen, sched, &ivec); - - memcpy(key, &ivec, 8); - des_fixup_key_parity(key); - des_key_sched(key, sched); - /* Beware, ivec is passed twice */ - des_cbc_cksum((des_cblock *)buf, key, plen + clen, sched, &ivec); - free(buf); - des_fixup_key_parity(key); - } -} diff --git a/crypto/kerberosIV/lib/krb/tf_util.c b/crypto/kerberosIV/lib/krb/tf_util.c deleted file mode 100644 index 0d5361fd4954..000000000000 --- a/crypto/kerberosIV/lib/krb/tf_util.c +++ /dev/null @@ -1,791 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: tf_util.c,v 1.39.2.2 2000/06/23 04:03:58 assar Exp $"); - - -#define TOO_BIG -1 -#define TF_LCK_RETRY ((unsigned)2) /* seconds to sleep before - * retry if ticket file is - * locked */ -#define TF_LCK_RETRY_COUNT (50) /* number of retries */ - -#ifndef O_BINARY -#define O_BINARY 0 -#endif - -#define MAGIC_TICKET_NAME "magic" -#define MAGIC_TICKET_TIME_DIFF_INST "time-diff" -#define MAGIC_TICKET_ADDR_INST "our-address" - -/* - * fd must be initialized to something that won't ever occur as a real - * file descriptor. Since open(2) returns only non-negative numbers as - * valid file descriptors, and tf_init always stuffs the return value - * from open in here even if it is an error flag, we must - * a. Initialize fd to a negative number, to indicate that it is - * not initially valid. - * b. When checking for a valid fd, assume that negative values - * are invalid (ie. when deciding whether tf_init has been - * called.) - * c. In tf_close, be sure it gets reinitialized to a negative - * number. - */ -static int fd = -1; -static int curpos; /* Position in tfbfr */ -static int lastpos; /* End of tfbfr */ -static char tfbfr[BUFSIZ]; /* Buffer for ticket data */ - -static int tf_gets(char *s, int n); -static int tf_read(void *s, int n); - -/* - * This file contains routines for manipulating the ticket cache file. - * - * The ticket file is in the following format: - * - * principal's name (null-terminated string) - * principal's instance (null-terminated string) - * CREDENTIAL_1 - * CREDENTIAL_2 - * ... - * CREDENTIAL_n - * EOF - * - * Where "CREDENTIAL_x" consists of the following fixed-length - * fields from the CREDENTIALS structure (see "krb.h"): - * - * char service[ANAME_SZ] - * char instance[INST_SZ] - * char realm[REALM_SZ] - * C_Block session - * int lifetime - * int kvno - * KTEXT_ST ticket_st - * u_int32_t issue_date - * - * Short description of routines: - * - * tf_init() opens the ticket file and locks it. - * - * tf_get_pname() returns the principal's name. - * - * tf_put_pname() writes the principal's name to the ticket file. - * - * tf_get_pinst() returns the principal's instance (may be null). - * - * tf_put_pinst() writes the instance. - * - * tf_get_cred() returns the next CREDENTIALS record. - * - * tf_save_cred() appends a new CREDENTIAL record to the ticket file. - * - * tf_close() closes the ticket file and releases the lock. - * - * tf_gets() returns the next null-terminated string. It's an internal - * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred(). - * - * tf_read() reads a given number of bytes. It's an internal routine - * used by tf_get_cred(). - */ - -/* - * tf_init() should be called before the other ticket file routines. - * It takes the name of the ticket file to use, "tf_name", and a - * read/write flag "rw" as arguments. - * - * It tries to open the ticket file, checks the mode, and if everything - * is okay, locks the file. If it's opened for reading, the lock is - * shared. If it's opened for writing, the lock is exclusive. - * - * Returns KSUCCESS if all went well, otherwise one of the following: - * - * NO_TKT_FIL - file wasn't there - * TKT_FIL_ACC - file was in wrong mode, etc. - * TKT_FIL_LCK - couldn't lock the file, even after a retry - */ - -#ifdef _NO_LOCKING -#undef flock -#define flock(F, M) 0 -#endif - -int -tf_init(char *tf_name, int rw) -{ - /* Unix implementation */ - int wflag; - struct stat stat_buf; - int i_retry; - - switch (rw) { - case R_TKT_FIL: - wflag = 0; - break; - case W_TKT_FIL: - wflag = 1; - break; - default: - if (krb_debug) - krb_warning("tf_init: illegal parameter\n"); - return TKT_FIL_ACC; - } - if (lstat(tf_name, &stat_buf) < 0) - switch (errno) { - case ENOENT: - return NO_TKT_FIL; - default: - return TKT_FIL_ACC; - } - if (!S_ISREG(stat_buf.st_mode)) - return TKT_FIL_ACC; - - /* The code tries to guess when the calling program is running - * set-uid and prevent unauthorized access. - * - * All library functions now assume that the right set of userids - * are set upon entry, therefore it's not strictly necessary to - * perform these test for programs adhering to these assumptions. - * - * This doesn't work on cygwin because getuid() returns a different - * uid than the owner of files that are created. - */ -#ifndef __CYGWIN__ - { - uid_t me = getuid(); - if (stat_buf.st_uid != me && me != 0) - return TKT_FIL_ACC; - } -#endif - - /* - * If "wflag" is set, open the ticket file in append-writeonly mode - * and lock the ticket file in exclusive mode. If unable to lock - * the file, sleep and try again. If we fail again, return with the - * proper error message. - */ - - curpos = sizeof(tfbfr); - - - if (wflag) { - fd = open(tf_name, O_RDWR | O_BINARY, 0600); - if (fd < 0) { - return TKT_FIL_ACC; - } - for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) { - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - if (krb_debug) - krb_warning("tf_init: retry %d of write lock of `%s'.\n", - i_retry, tf_name); - sleep (TF_LCK_RETRY); - } else { - return KSUCCESS; /* all done */ - } - } - close (fd); - fd = -1; - return TKT_FIL_LCK; - } - /* - * Otherwise "wflag" is not set and the ticket file should be opened - * for read-only operations and locked for shared access. - */ - - fd = open(tf_name, O_RDONLY | O_BINARY, 0600); - if (fd < 0) { - return TKT_FIL_ACC; - } - - for (i_retry = 0; i_retry < TF_LCK_RETRY_COUNT; i_retry++) { - if (flock(fd, LOCK_SH | LOCK_NB) < 0) { - if (krb_debug) - krb_warning("tf_init: retry %d of read lock of `%s'.\n", - i_retry, tf_name); - sleep (TF_LCK_RETRY); - } else { - return KSUCCESS; /* all done */ - } - } - /* failure */ - close(fd); - fd = -1; - return TKT_FIL_LCK; -} - -/* - * tf_create() should be called when creating a new ticket file. - * The only argument is the name of the ticket file. - * After calling this, it should be possible to use other tf_* functions. - * - * New algoritm for creating ticket file: - * 1. try to erase contents of existing file. - * 2. try to remove old file. - * 3. try to open with O_CREAT and O_EXCL - * 4. if this fails, someone has created a file in between 1 and 2 and - * we should fail. Otherwise, all is wonderful. - */ - -int -tf_create(char *tf_name) -{ - if (unlink (tf_name) && errno != ENOENT) - return TKT_FIL_ACC; - - fd = open(tf_name, O_RDWR | O_CREAT | O_EXCL | O_BINARY, 0600); - if (fd < 0) - return TKT_FIL_ACC; - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - sleep(TF_LCK_RETRY); - if (flock(fd, LOCK_EX | LOCK_NB) < 0) { - close(fd); - fd = -1; - return TKT_FIL_LCK; - } - } - return KSUCCESS; -} - -/* - * tf_get_pname() reads the principal's name from the ticket file. It - * should only be called after tf_init() has been called. The - * principal's name is filled into the "p" parameter. If all goes well, - * KSUCCESS is returned. If tf_init() wasn't called, TKT_FIL_INI is - * returned. If the name was null, or EOF was encountered, or the name - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. - */ - -int -tf_get_pname(char *p) -{ - if (fd < 0) { - if (krb_debug) - krb_warning("tf_get_pname called before tf_init.\n"); - return TKT_FIL_INI; - } - if (tf_gets(p, ANAME_SZ) < 2) /* can't be just a null */ - { - if (krb_debug) - krb_warning ("tf_get_pname: pname < 2.\n"); - return TKT_FIL_FMT; - } - return KSUCCESS; -} - -/* - * tf_put_pname() sets the principal's name in the ticket file. Call - * after tf_create(). - */ - -int -tf_put_pname(const char *p) -{ - unsigned count; - - if (fd < 0) { - if (krb_debug) - krb_warning("tf_put_pname called before tf_create.\n"); - return TKT_FIL_INI; - } - count = strlen(p)+1; - if (write(fd,p,count) != count) - return(KFAILURE); - return KSUCCESS; -} - -/* - * tf_get_pinst() reads the principal's instance from a ticket file. - * It should only be called after tf_init() and tf_get_pname() have been - * called. The instance is filled into the "inst" parameter. If all - * goes well, KSUCCESS is returned. If tf_init() wasn't called, - * TKT_FIL_INI is returned. If EOF was encountered, or the instance - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. Note that the - * instance may be null. - */ - -int -tf_get_pinst(char *inst) -{ - if (fd < 0) { - if (krb_debug) - krb_warning("tf_get_pinst called before tf_init.\n"); - return TKT_FIL_INI; - } - if (tf_gets(inst, INST_SZ) < 1) - { - if (krb_debug) - krb_warning("tf_get_pinst: inst_sz < 1.\n"); - return TKT_FIL_FMT; - } - return KSUCCESS; -} - -/* - * tf_put_pinst writes the principal's instance to the ticket file. - * Call after tf_create. - */ - -int -tf_put_pinst(const char *inst) -{ - unsigned count; - - if (fd < 0) { - if (krb_debug) - krb_warning("tf_put_pinst called before tf_create.\n"); - return TKT_FIL_INI; - } - count = strlen(inst)+1; - if (write(fd,inst,count) != count) - return(KFAILURE); - return KSUCCESS; -} - -/* - * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills - * in the given structure "c". It should only be called after tf_init(), - * tf_get_pname(), and tf_get_pinst() have been called. If all goes well, - * KSUCCESS is returned. Possible error codes are: - * - * TKT_FIL_INI - tf_init wasn't called first - * TKT_FIL_FMT - bad format - * EOF - end of file encountered - */ - -static int -real_tf_get_cred(CREDENTIALS *c) -{ - KTEXT ticket = &c->ticket_st; /* pointer to ticket */ - int k_errno; - - if (fd < 0) { - if (krb_debug) - krb_warning ("tf_get_cred called before tf_init.\n"); - return TKT_FIL_INI; - } - if ((k_errno = tf_gets(c->service, SNAME_SZ)) < 2) - switch (k_errno) { - case TOO_BIG: - if (krb_debug) - krb_warning("tf_get_cred: too big service cred.\n"); - case 1: /* can't be just a null */ - tf_close(); - if (krb_debug) - krb_warning("tf_get_cred: null service cred.\n"); - return TKT_FIL_FMT; - case 0: - return EOF; - } - if ((k_errno = tf_gets(c->instance, INST_SZ)) < 1) - switch (k_errno) { - case TOO_BIG: - if (krb_debug) - krb_warning ("tf_get_cred: too big instance cred.\n"); - return TKT_FIL_FMT; - case 0: - return EOF; - } - if ((k_errno = tf_gets(c->realm, REALM_SZ)) < 2) - switch (k_errno) { - case TOO_BIG: - if (krb_debug) - krb_warning ("tf_get_cred: too big realm cred.\n"); - case 1: /* can't be just a null */ - tf_close(); - if (krb_debug) - krb_warning ("tf_get_cred: null realm cred.\n"); - return TKT_FIL_FMT; - case 0: - return EOF; - } - if ( - tf_read((c->session), DES_KEY_SZ) < 1 || - tf_read(&(c->lifetime), sizeof(c->lifetime)) < 1 || - tf_read(&(c->kvno), sizeof(c->kvno)) < 1 || - tf_read(&(ticket->length), sizeof(ticket->length)) - < 1 || - /* don't try to read a silly amount into ticket->dat */ - ticket->length > MAX_KTXT_LEN || - tf_read((ticket->dat), ticket->length) < 1 || - tf_read(&(c->issue_date), sizeof(c->issue_date)) < 1 - ) { - tf_close(); - if (krb_debug) - krb_warning ("tf_get_cred: failed tf_read.\n"); - return TKT_FIL_FMT; - } - return KSUCCESS; -} - -int -tf_get_cred(CREDENTIALS *c) -{ - int ret; - int fake; - - do { - fake = 0; - - ret = real_tf_get_cred (c); - if (ret) - return ret; - - if(strcmp(c->service, MAGIC_TICKET_NAME) == 0) { - if(strcmp(c->instance, MAGIC_TICKET_TIME_DIFF_INST) == 0) { - /* we found the magic `time diff' ticket; update the kdc time - differential, and then get the next ticket */ - u_int32_t d; - - krb_get_int(c->ticket_st.dat, &d, 4, 0); - krb_set_kdc_time_diff(d); - fake = 1; - } else if (strcmp(c->instance, MAGIC_TICKET_ADDR_INST) == 0) { - fake = 1; - } - } - } while (fake); - return ret; -} - -int -tf_get_cred_addr(char *realm, size_t realm_sz, struct in_addr *addr) -{ - int ret; - int fake; - CREDENTIALS cred; - - do { - fake = 1; - - ret = real_tf_get_cred (&cred); - if (ret) - return ret; - - if(strcmp(cred.service, MAGIC_TICKET_NAME) == 0) { - if(strcmp(cred.instance, MAGIC_TICKET_TIME_DIFF_INST) == 0) { - /* we found the magic `time diff' ticket; update the kdc time - differential, and then get the next ticket */ - u_int32_t d; - - krb_get_int(cred.ticket_st.dat, &d, 4, 0); - krb_set_kdc_time_diff(d); - } else if (strcmp(cred.instance, MAGIC_TICKET_ADDR_INST) == 0) { - strlcpy(realm, cred.realm, realm_sz); - memcpy (addr, cred.ticket_st.dat, sizeof(*addr)); - fake = 0; - } - } - } while (fake); - return ret; -} - -/* - * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is - * not a valid file descriptor, it just returns. It also clears the - * buffer used to read tickets. - * - * The return value is not defined. - */ - -void -tf_close(void) -{ - if (!(fd < 0)) { - flock(fd, LOCK_UN); - close(fd); - fd = -1; /* see declaration of fd above */ - } - memset(tfbfr, 0, sizeof(tfbfr)); -} - -/* - * tf_gets() is an internal routine. It takes a string "s" and a count - * "n", and reads from the file until either it has read "n" characters, - * or until it reads a null byte. When finished, what has been read exists - * in "s". If it encounters EOF or an error, it closes the ticket file. - * - * Possible return values are: - * - * n the number of bytes read (including null terminator) - * when all goes well - * - * 0 end of file or read error - * - * TOO_BIG if "count" characters are read and no null is - * encountered. This is an indication that the ticket - * file is seriously ill. - */ - -static int -tf_gets(char *s, int n) -{ - int count; - - if (fd < 0) { - if (krb_debug) - krb_warning ("tf_gets called before tf_init.\n"); - return TKT_FIL_INI; - } - for (count = n - 1; count > 0; --count) { - if (curpos >= sizeof(tfbfr)) { - lastpos = read(fd, tfbfr, sizeof(tfbfr)); - curpos = 0; - } - if (curpos == lastpos) { - tf_close(); - return 0; - } - *s = tfbfr[curpos++]; - if (*s++ == '\0') - return (n - count); - } - tf_close(); - return TOO_BIG; -} - -/* - * tf_read() is an internal routine. It takes a string "s" and a count - * "n", and reads from the file until "n" bytes have been read. When - * finished, what has been read exists in "s". If it encounters EOF or - * an error, it closes the ticket file. - * - * Possible return values are: - * - * n the number of bytes read when all goes well - * - * 0 on end of file or read error - */ - -static int -tf_read(void *v, int n) -{ - char *s = (char *)v; - int count; - - for (count = n; count > 0; --count) { - if (curpos >= sizeof(tfbfr)) { - lastpos = read(fd, tfbfr, sizeof(tfbfr)); - curpos = 0; - } - if (curpos == lastpos) { - tf_close(); - return 0; - } - *s++ = tfbfr[curpos++]; - } - return n; -} - -/* - * tf_save_cred() appends an incoming ticket to the end of the ticket - * file. You must call tf_init() before calling tf_save_cred(). - * - * The "service", "instance", and "realm" arguments specify the - * server's name; "session" contains the session key to be used with - * the ticket; "kvno" is the server key version number in which the - * ticket is encrypted, "ticket" contains the actual ticket, and - * "issue_date" is the time the ticket was requested (local host's time). - * - * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't - * called previously, and KFAILURE for anything else that went wrong. - */ - -int -tf_save_cred(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - unsigned char *session, /* Session key */ - int lifetime, /* Lifetime */ - int kvno, /* Key version number */ - KTEXT ticket, /* The ticket itself */ - u_int32_t issue_date) /* The issue time */ -{ - int count; /* count for write */ - - if (fd < 0) { /* fd is ticket file as set by tf_init */ - if (krb_debug) - krb_warning ("tf_save_cred called before tf_init.\n"); - return TKT_FIL_INI; - } - /* Find the end of the ticket file */ - lseek(fd, 0L, SEEK_END); - - /* Write the ticket and associated data */ - /* Service */ - count = strlen(service) + 1; - if (write(fd, service, count) != count) - goto bad; - /* Instance */ - count = strlen(instance) + 1; - if (write(fd, instance, count) != count) - goto bad; - /* Realm */ - count = strlen(realm) + 1; - if (write(fd, realm, count) != count) - goto bad; - /* Session key */ - if (write(fd, session, 8) != 8) - goto bad; - /* Lifetime */ - if (write(fd, &lifetime, sizeof(int)) != sizeof(int)) - goto bad; - /* Key vno */ - if (write(fd, &kvno, sizeof(int)) != sizeof(int)) - goto bad; - /* Tkt length */ - if (write(fd, &(ticket->length), sizeof(int)) != - sizeof(int)) - goto bad; - /* Ticket */ - count = ticket->length; - if (write(fd, ticket->dat, count) != count) - goto bad; - /* Issue date */ - if (write(fd, &issue_date, sizeof(issue_date)) != sizeof(issue_date)) - goto bad; - - return (KSUCCESS); -bad: - return (KFAILURE); -} - -int -tf_setup(CREDENTIALS *cred, const char *pname, const char *pinst) -{ - int ret; - ret = tf_create(tkt_string()); - if (ret != KSUCCESS) - return ret; - - if (tf_put_pname(pname) != KSUCCESS || - tf_put_pinst(pinst) != KSUCCESS) { - tf_close(); - return INTK_ERR; - } - - if(krb_get_kdc_time_diff() != 0) { - /* Add an extra magic ticket containing the time differential - to the kdc. The first ticket defines which realm we belong - to, but since this ticket gets the same realm as the tgt, - this shouldn't be a problem */ - des_cblock s = { 0, 0, 0, 0, 0, 0, 0, 0 }; - KTEXT_ST t; - int d = krb_get_kdc_time_diff(); - krb_put_int(d, t.dat, sizeof(t.dat), 4); - t.length = 4; - tf_save_cred(MAGIC_TICKET_NAME, MAGIC_TICKET_TIME_DIFF_INST, - cred->realm, s, - cred->lifetime, 0, &t, cred->issue_date); - } - ret = tf_save_cred(cred->service, cred->instance, cred->realm, - cred->session, cred->lifetime, cred->kvno, - &cred->ticket_st, cred->issue_date); - tf_close(); - return ret; -} - -int -in_tkt(char *pname, char *pinst) -{ - int ret; - - ret = tf_create (tkt_string()); - if (ret != KSUCCESS) - return ret; - - if (tf_put_pname(pname) != KSUCCESS || - tf_put_pinst(pinst) != KSUCCESS) { - tf_close(); - return INTK_ERR; - } - - tf_close(); - return KSUCCESS; -} - -/* - * If there's a magic ticket with an address for realm `realm' in - * ticket file, return it in `addr'. - * realm == NULL means any realm. - */ - -int -tf_get_addr (const char *realm, struct in_addr *addr) -{ - CREDENTIALS cred; - krb_principal princ; - int ret; - - ret = tf_init (tkt_string (), R_TKT_FIL); - if (ret) - return ret; - - ret = tf_get_pname (princ.name); - if (ret) - goto out; - ret = tf_get_pinst (princ.name); - if (ret) - goto out; - while ((ret = real_tf_get_cred (&cred)) == KSUCCESS) { - if (strcmp (cred.service, MAGIC_TICKET_NAME) == 0 - && strcmp (cred.instance, MAGIC_TICKET_ADDR_INST) == 0 - && (realm == NULL - || strcmp (cred.realm, realm) == 0)) { - memcpy (addr, cred.ticket_st.dat, sizeof(*addr)); - goto out; - } - } - ret = KFAILURE; - -out: - tf_close (); - return ret; -} - -/* - * Store `realm, addr' as a magic ticket. - */ - -int -tf_store_addr (const char *realm, struct in_addr *addr) -{ - CREDENTIALS c; - krb_principal princ; - int ret; - des_cblock s = { 0, 0, 0, 0, 0, 0, 0, 0 }; - KTEXT_ST t; - - ret = tf_init (tkt_string (), W_TKT_FIL); - if (ret) - return ret; - - t.length = sizeof(*addr); - memcpy (t.dat, addr, sizeof(*addr)); - - ret = tf_save_cred (MAGIC_TICKET_NAME, MAGIC_TICKET_ADDR_INST, - (char *)realm, s, 0, /* lifetime */ - 0, /* kvno */ - &t, time(NULL)); - tf_close (); - return ret; -} diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.c b/crypto/kerberosIV/lib/krb/ticket_memory.c deleted file mode 100644 index f694190df651..000000000000 --- a/crypto/kerberosIV/lib/krb/ticket_memory.c +++ /dev/null @@ -1,435 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* ticket_memory.c - Storage for tickets in memory - * Author: d93-jka@nada.kth.se - June 1996 - */ - -#define WIN32_LEAN_AND_MEAN -#include -#include "krb_locl.h" -#include "ticket_memory.h" - -RCSID("$Id: ticket_memory.c,v 1.15 1999/12/02 16:58:44 joda Exp $"); - -void msg(char *text, int error); - -/* Global variables for memory mapping. */ -HANDLE SharedMemoryHandle; -tktmem *SharedMemory; - -static int CredIndex = -1; - -void PostUpdateMessage(void); - -int -newTktMem(const char *tf_name) -{ - if(!SharedMemory){ - SharedMemoryHandle = CreateFileMapping((HANDLE)-1, 0, - PAGE_READWRITE, - sizeof(tktmem) >> 16, - sizeof(tktmem) & 0xffff, - "krb_memory"); - - if(!SharedMemoryHandle){ - msg("Could not create shared memory.", GetLastError()); - return KFAILURE; - } - - SharedMemory = MapViewOfFile(SharedMemoryHandle, - FILE_MAP_WRITE, 0, 0, 0); - if(!SharedMemory){ - msg("Unable to alloc shared memory.", GetLastError()); - return KFAILURE; - } - if(GetLastError() != ERROR_ALREADY_EXISTS) { - memset(SharedMemory, 0, sizeof(*SharedMemory)); - if(tf_name) - strlcpy(SharedMemory->tmname, - tf_name, sizeof(SharedMemory->tmname)); - } - } - CredIndex = 0; - return KSUCCESS; -} - -int -freeTktMem(const char *tf_name) -{ - if(SharedMemory) { - UnmapViewOfFile(SharedMemory); - CloseHandle(SharedMemoryHandle); - } - return KSUCCESS; -} - - - -tktmem * -getTktMem(const char *tf_name) -{ - return SharedMemory; -} - -void -firstCred(void) -{ - if(getTktMem(0)->last_cred_no > 0) - CredIndex = 0; - else - CredIndex = -1; -} - -int -nextCredIndex(void) -{ - const tktmem *mem; - int last; - mem = getTktMem(0); - last = mem->last_cred_no; - if(CredIndex >= 0 && CredIndex < last ) - return CredIndex++; - else - return CredIndex = -1; -} - -int -currCredIndex(void) -{ - const tktmem *mem; - int last; - mem = getTktMem(0); - last = mem->last_cred_no; - if(CredIndex >= 0 && CredIndex < last) - return CredIndex; - else - return CredIndex = -1; -} - -int -nextFreeIndex(void) -{ - tktmem *mem = getTktMem(0); - if(mem->last_cred_no > CRED_VEC_SZ) - return -1; - else - return mem->last_cred_no++; -} - -/* - * in_tkt() is used to initialize the ticket store. It creates the - * file to contain the tickets and writes the given user's name "pname" - * and instance "pinst" in the file. in_tkt() returns KSUCCESS on - * success, or KFAILURE if something goes wrong. - */ - -int -in_tkt(char *pname, char *pinst) -{ - /* Here goes code to initialize shared memory, to store tickets in. */ - /* Implemented somewhere else. */ - return KFAILURE; -} - -/* - * dest_tkt() is used to destroy the ticket store upon logout. - * If the ticket file does not exist, dest_tkt() returns RET_TKFIL. - * Otherwise the function returns RET_OK on success, KFAILURE on - * failure. - * - * The ticket file (TKT_FILE) is defined in "krb.h". - */ - -int -dest_tkt(void) -{ - memset(getTktMem(0), 0, sizeof(tktmem)); - return 0; -} - -/* Short description of routines: - * - * tf_init() opens the ticket file and locks it. - * - * tf_get_pname() returns the principal's name. - * - * tf_put_pname() writes the principal's name to the ticket file. - * - * tf_get_pinst() returns the principal's instance (may be null). - * - * tf_put_pinst() writes the instance. - * - * tf_get_cred() returns the next CREDENTIALS record. - * - * tf_save_cred() appends a new CREDENTIAL record to the ticket file. - * - * tf_close() closes the ticket file and releases the lock. - * - * tf_gets() returns the next null-terminated string. It's an internal - * routine used by tf_get_pname(), tf_get_pinst(), and tf_get_cred(). - * - * tf_read() reads a given number of bytes. It's an internal routine - * used by tf_get_cred(). - */ - -/* - * tf_init() should be called before the other ticket file routines. - * It takes the name of the ticket file to use, "tf_name", and a - * read/write flag "rw" as arguments. - * - * Returns KSUCCESS if all went well, otherwise one of the following: - * - * NO_TKT_FIL - file wasn't there - * TKT_FIL_ACC - file was in wrong mode, etc. - * TKT_FIL_LCK - couldn't lock the file, even after a retry - */ - -int -tf_init(char *tf_name, int rw) -{ - if(!getTktMem(tf_name)) - return NO_TKT_FIL; - firstCred(); - return KSUCCESS; -} - -/* - * tf_create() should be called when creating a new ticket file. - * The only argument is the name of the ticket file. - * After calling this, it should be possible to use other tf_* functions. - */ - -int -tf_create(char *tf_name) -{ - if(newTktMem(tf_name) != KSUCCESS) - return NO_TKT_FIL; - return KSUCCESS; -} - -/* - * tf_get_pname() reads the principal's name from the ticket file. It - * should only be called after tf_init() has been called. The - * principal's name is filled into the "p" parameter. If all goes well, - * KSUCCESS is returned. If tf_init() wasn't called, TKT_FIL_INI is - * returned. If the name was null, or EOF was encountered, or the name - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. - */ - -int -tf_get_pname(char *p) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - if(!TktStore->pname[0]) - return KFAILURE; - strlcpy(p, TktStore->pname, ANAME_SZ); - return KSUCCESS; -} - -/* - * tf_put_pname() sets the principal's name in the ticket file. Call - * after tf_create(). - */ - -int -tf_put_pname(char *p) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - strlcpy(TktStore->pname, p, sizeof(TktStore->pname)); - return KSUCCESS; -} - -/* - * tf_get_pinst() reads the principal's instance from a ticket file. - * It should only be called after tf_init() and tf_get_pname() have been - * called. The instance is filled into the "inst" parameter. If all - * goes well, KSUCCESS is returned. If tf_init() wasn't called, - * TKT_FIL_INI is returned. If EOF was encountered, or the instance - * was longer than ANAME_SZ, TKT_FIL_FMT is returned. Note that the - * instance may be null. - */ - -int -tf_get_pinst(char *inst) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - strlcpy(inst, TktStore->pinst, INST_SZ); - return KSUCCESS; -} - -/* - * tf_put_pinst writes the principal's instance to the ticket file. - * Call after tf_create. - */ - -int -tf_put_pinst(char *inst) -{ - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - strlcpy(TktStore->pinst, inst, sizeof(TktStore->pinst)); - return KSUCCESS; -} - -/* - * tf_get_cred() reads a CREDENTIALS record from a ticket file and fills - * in the given structure "c". It should only be called after tf_init(), - * tf_get_pname(), and tf_get_pinst() have been called. If all goes well, - * KSUCCESS is returned. Possible error codes are: - * - * TKT_FIL_INI - tf_init wasn't called first - * TKT_FIL_FMT - bad format - * EOF - end of file encountered - */ - -int -tf_get_cred(CREDENTIALS *c) -{ - int index; - CREDENTIALS *cred; - tktmem *TktStore; - - if(!(TktStore = getTktMem(0))) - return KFAILURE; - krb_set_kdc_time_diff(TktStore->kdc_diff); - if((index = nextCredIndex()) == -1) - return EOF; - if(!(cred = TktStore->cred_vec+index)) - return KFAILURE; - if(!c) - return KFAILURE; - memcpy(c, cred, sizeof(*c)); - return KSUCCESS; -} - -/* - * tf_close() closes the ticket file and sets "fd" to -1. If "fd" is - * not a valid file descriptor, it just returns. It also clears the - * buffer used to read tickets. - */ - -void -tf_close(void) -{ -} - -/* - * tf_save_cred() appends an incoming ticket to the end of the ticket - * file. You must call tf_init() before calling tf_save_cred(). - * - * The "service", "instance", and "realm" arguments specify the - * server's name; "session" contains the session key to be used with - * the ticket; "kvno" is the server key version number in which the - * ticket is encrypted, "ticket" contains the actual ticket, and - * "issue_date" is the time the ticket was requested (local host's time). - * - * Returns KSUCCESS if all goes well, TKT_FIL_INI if tf_init() wasn't - * called previously, and KFAILURE for anything else that went wrong. - */ - -int -tf_save_cred(char *service, /* Service name */ - char *instance, /* Instance */ - char *realm, /* Auth domain */ - unsigned char *session, /* Session key */ - int lifetime, /* Lifetime */ - int kvno, /* Key version number */ - KTEXT ticket, /* The ticket itself */ - u_int32_t issue_date) /* The issue time */ -{ - CREDENTIALS *cred; - tktmem *mem = getTktMem(0); - int last = nextFreeIndex(); - - if(last == -1) - return KFAILURE; - cred = mem->cred_vec+last; - strlcpy(cred->service, service, sizeof(cred->service)); - strlcpy(cred->instance, instance, sizeof(cred->instance)); - strlcpy(cred->realm, realm, sizeof(cred->realm)); - memcpy(cred->session, session, sizeof(cred->session)); - cred->lifetime = lifetime; - cred->kvno = kvno; - memcpy(&(cred->ticket_st), ticket, sizeof(*ticket)); - cred->issue_date = issue_date; - strlcpy(cred->pname, mem->pname, sizeof(cred->pname)); - strlcpy(cred->pinst, mem->pinst, sizeof(cred->pinst)); - PostUpdateMessage(); - return KSUCCESS; -} - - -static void -set_time_diff(time_t diff) -{ - tktmem *TktStore = getTktMem(0); - if(TktStore == NULL) - return; - TktStore->kdc_diff = diff; -} - - -int -tf_setup(CREDENTIALS *cred, char *pname, char *pinst) -{ - int ret; - ret = tf_create(tkt_string()); - if (ret != KSUCCESS) - return ret; - - if (tf_put_pname(pname) != KSUCCESS || - tf_put_pinst(pinst) != KSUCCESS) { - tf_close(); - return INTK_ERR; - } - - set_time_diff(krb_get_kdc_time_diff()); - - ret = tf_save_cred(cred->service, cred->instance, cred->realm, - cred->session, cred->lifetime, cred->kvno, - &cred->ticket_st, cred->issue_date); - tf_close(); - return ret; -} diff --git a/crypto/kerberosIV/lib/krb/ticket_memory.h b/crypto/kerberosIV/lib/krb/ticket_memory.h deleted file mode 100644 index 72fb68621972..000000000000 --- a/crypto/kerberosIV/lib/krb/ticket_memory.h +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* ticket_memory.h - Storage for tickets in memory - * Author: d93-jka@nada.kth.se - June 1996 - */ - -/* $Id: ticket_memory.h,v 1.8 1999/12/02 16:58:44 joda Exp $ */ - -#ifndef TICKET_MEMORY_H -#define TICKET_MEMORY_H - -#include "krb_locl.h" - -#define CRED_VEC_SZ 20 - -typedef struct _tktmem -{ - char tmname[64]; - char pname[ANAME_SZ]; /* Principal's name */ - char pinst[INST_SZ]; /* Principal's instance */ - int last_cred_no; - CREDENTIALS cred_vec[CRED_VEC_SZ]; - time_t kdc_diff; -} tktmem; - -int newTktMem(const char *tf_name); -int freeTktMem(const char *tf_name); -tktmem *getTktMem(const char *tf_name); -void firstCred(void); -int nextCredIndex(void); -int currCredIndex(void); -int nextFreeIndex(void); - -#endif /* TICKET_MEMORY_H */ diff --git a/crypto/kerberosIV/lib/krb/time.c b/crypto/kerberosIV/lib/krb/time.c deleted file mode 100644 index 015259bcfca0..000000000000 --- a/crypto/kerberosIV/lib/krb/time.c +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: time.c,v 1.4 1999/12/02 16:58:44 joda Exp $"); - -/* number of seconds the kdc clock is ahead of us */ -static int time_diff; - -void -krb_set_kdc_time_diff(int diff) -{ - time_diff = diff; - if(krb_debug) - krb_warning("Setting time diff to %d\n", diff); -} - -int -krb_get_kdc_time_diff(void) -{ - return time_diff; -} - -/* return the time at the kdc (local time corrected with a time - differential) */ -void -krb_kdctimeofday(struct timeval *tv) -{ - time_t t; - - gettimeofday(tv, NULL); - t = tv->tv_sec; - - if(krb_debug) - krb_warning("Machine time: %s", ctime(&t)); - t += krb_get_kdc_time_diff(); - if(krb_debug) - krb_warning("Correcting to %s", ctime(&t)); - tv->tv_sec = t; -} diff --git a/crypto/kerberosIV/lib/krb/tkt_string.c b/crypto/kerberosIV/lib/krb/tkt_string.c deleted file mode 100644 index 0aa787c6ba7f..000000000000 --- a/crypto/kerberosIV/lib/krb/tkt_string.c +++ /dev/null @@ -1,75 +0,0 @@ -/* - Copyright (C) 1989 by the Massachusetts Institute of Technology - - Export of this software from the United States of America is assumed - to require a specific license from the United States Government. - It is the responsibility of any person or organization contemplating - export to obtain such a license before exporting. - -WITHIN THAT CONSTRAINT, permission to use, copy, modify, and -distribute this software and its documentation for any purpose and -without fee is hereby granted, provided that the above copyright -notice appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, and that -the name of M.I.T. not be used in advertising or publicity pertaining -to distribution of the software without specific, written prior -permission. M.I.T. makes no representations about the suitability of -this software for any purpose. It is provided "as is" without express -or implied warranty. - - */ - -#include "krb_locl.h" - -RCSID("$Id: tkt_string.c,v 1.15 1999/09/16 20:41:55 assar Exp $"); - -/* - * This routine is used to generate the name of the file that holds - * the user's cache of server tickets and associated session keys. - * - * If it is set, krb_ticket_string contains the ticket file name. - * Otherwise, the filename is constructed as follows: - * - * If it is set, the environment variable "KRBTKFILE" will be used as - * the ticket file name. Otherwise TKT_ROOT (defined in "krb.h") and - * the user's uid are concatenated to produce the ticket file name - * (e.g., "/tmp/tkt123"). A pointer to the string containing the ticket - * file name is returned. - */ - -static char krb_ticket_string[MaxPathLen] = ""; - -char * -tkt_string(void) -{ - char *env; - - if (!*krb_ticket_string) { - if ((env = getenv("KRBTKFILE"))) { - strlcpy (krb_ticket_string, - env, - sizeof(krb_ticket_string)); - } else { - snprintf(krb_ticket_string, sizeof(krb_ticket_string), - "%s%u",TKT_ROOT, (unsigned)getuid()); - } - } - return krb_ticket_string; -} - -/* - * This routine is used to set the name of the file that holds the user's - * cache of server tickets and associated session keys. - * - * The value passed in is copied into local storage. - * - * NOTE: This routine should be called during initialization, before other - * Kerberos routines are called; otherwise tkt_string() above may be called - * and return an undesired ticket file name until this routine is called. - */ - -void -krb_set_tkt_string(const char *val) -{ - strlcpy (krb_ticket_string, val, sizeof(krb_ticket_string)); -} diff --git a/crypto/kerberosIV/lib/krb/unparse_name.c b/crypto/kerberosIV/lib/krb/unparse_name.c deleted file mode 100644 index 36f0a71c9f80..000000000000 --- a/crypto/kerberosIV/lib/krb/unparse_name.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: unparse_name.c,v 1.10 1999/12/02 16:58:44 joda Exp $"); - -static void -quote_string(char *quote, char *from, char *to) -{ - while(*from){ - if(strchr(quote, *from)) - *to++ = '\\'; - *to++ = *from++; - } - *to = 0; -} - -/* To be compatible with old functions, we quote differently in each - part of the principal*/ - -char * -krb_unparse_name_r(krb_principal *pr, char *fullname) -{ - quote_string("'@\\", pr->name, fullname); - if(pr->instance[0]){ - strcat(fullname, "."); - quote_string("@\\", pr->instance, fullname + strlen(fullname)); - } - if(pr->realm[0]){ - strcat(fullname, "@"); - quote_string("\\", pr->realm, fullname + strlen(fullname)); - } - return fullname; -} - -char * -krb_unparse_name_long_r(char *name, char *instance, char *realm, - char *fullname) -{ - krb_principal pr; - - memset(&pr, 0, sizeof(pr)); - strlcpy(pr.name, name, sizeof(pr.name)); - if(instance) - strlcpy(pr.instance, instance, sizeof(pr.instance)); - if(realm) - strlcpy(pr.realm, realm, sizeof(pr.realm)); - return krb_unparse_name_r(&pr, fullname); -} - -char * -krb_unparse_name(krb_principal *pr) -{ - static char principal[MAX_K_NAME_SZ]; - krb_unparse_name_r(pr, principal); - return principal; -} - -char * -krb_unparse_name_long(char *name, char *instance, char *realm) -{ - krb_principal pr; - - memset(&pr, 0, sizeof(pr)); - strlcpy(pr.name, name, sizeof(pr.name)); - if(instance) - strlcpy(pr.instance, instance, sizeof(pr.instance)); - if(realm) - strlcpy(pr.realm, realm, sizeof(pr.realm)); - return krb_unparse_name(&pr); -} diff --git a/crypto/kerberosIV/lib/krb/verify_user.c b/crypto/kerberosIV/lib/krb/verify_user.c deleted file mode 100644 index 24138e214b59..000000000000 --- a/crypto/kerberosIV/lib/krb/verify_user.c +++ /dev/null @@ -1,184 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "krb_locl.h" - -RCSID("$Id: verify_user.c,v 1.17.2.2 2000/12/15 14:43:37 assar Exp $"); - -/* - * Verify user (name.instance@realm) with `password'. - * - * If secure, also verify against local - * service key (`linstance'.hostname) (or rcmd if linstance == NULL), - * this can (usually) only be done by root. - * - * If secure == KRB_VERIFY_SECURE, fail if there's no key. - * If secure == KRB_VERIFY_SECURE_FAIL, don't fail if there's no such - * key in the srvtab. - * - * As a side effect, fresh tickets are obtained. - * - * srvtab is where the key is found. - * - * Returns zero if ok, a positive kerberos error or -1 for system - * errors. - */ - -static int -krb_verify_user_srvtab_exact(char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance, - char *srvtab) -{ - int ret; - - ret = krb_get_pw_in_tkt(name, instance, realm, - KRB_TICKET_GRANTING_TICKET, - realm, - DEFAULT_TKT_LIFE, password); - if(ret != KSUCCESS) - return ret; - - if(secure == KRB_VERIFY_SECURE || secure == KRB_VERIFY_SECURE_FAIL){ - struct hostent *hp; - int32_t addr; - - KTEXT_ST ticket; - AUTH_DAT auth; - int n; - - char lrealm[REALM_SZ]; - char hostname[MaxHostNameLen]; - char *phost; - - if (gethostname(hostname, sizeof(hostname)) == -1) { - dest_tkt(); - return -1; - } - - hp = gethostbyname(hostname); - if(hp == NULL){ - dest_tkt(); - return -1; - } - memcpy(&addr, hp->h_addr, sizeof(addr)); - phost = krb_get_phost(hostname); - if (linstance == NULL) - linstance = "rcmd"; - - ret = KFAILURE; - - for (n = 1; krb_get_lrealm(lrealm, n) == KSUCCESS; ++n) { - if(secure == KRB_VERIFY_SECURE_FAIL) { - des_cblock key; - ret = read_service_key(linstance, phost, lrealm, 0, srvtab, - &key); - memset(key, 0, sizeof(key)); - if(ret == KFAILURE) - continue; - } - - ret = krb_mk_req(&ticket, linstance, phost, lrealm, 0); - if(ret == KSUCCESS) { - ret = krb_rd_req(&ticket, linstance, phost, addr, &auth, - srvtab); - if (ret == KSUCCESS) - break; - } - } - if (ret != KSUCCESS) { - dest_tkt(); - return ret; - } - } - return 0; -} - -/* - * Try to verify the user and password against all the local realms. - */ - -int -krb_verify_user_srvtab(char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance, - char *srvtab) -{ - int ret; - int n; - char rlm[256]; - - /* First try to verify against the supplied realm. */ - ret = krb_verify_user_srvtab_exact(name, instance, realm, password, - secure, linstance, srvtab); - if (ret == KSUCCESS) - return KSUCCESS; - - /* Verify all local realms, except the supplied realm. */ - for (n = 1; krb_get_lrealm(rlm, n) == KSUCCESS; n++) - if (strcmp(rlm, realm) != 0) { - ret = krb_verify_user_srvtab_exact(name, instance, rlm, password, - secure, linstance, srvtab); - if (ret == KSUCCESS) - return KSUCCESS; - } - - return ret; -} - -/* - * Compat function without srvtab. - */ - -int -krb_verify_user(char *name, - char *instance, - char *realm, - char *password, - int secure, - char *linstance) -{ - return krb_verify_user_srvtab (name, - instance, - realm, - password, - secure, - linstance, - (char *)KEYFILE); -} diff --git a/crypto/kerberosIV/lib/roken/ChangeLog b/crypto/kerberosIV/lib/roken/ChangeLog deleted file mode 100644 index 116fdbdc1a58..000000000000 --- a/crypto/kerberosIV/lib/roken/ChangeLog +++ /dev/null @@ -1,614 +0,0 @@ -1999-11-25 Assar Westerlund - - * getopt.c (getopt): return -1 instead of EOF. From - - -1999-11-13 Assar Westerlund - - * strftime.c (strftime): handle `%z' and `%Z' in a tm_gmtoff-less - world - - * getcap.c: make sure to use db only if we have both the library - and the header file - -1999-11-12 Assar Westerlund - - * getarg.h: add arg_counter - * getarg.c: add a new type of argument: `arg_counter' re-organize - the code somewhat - - * Makefile.am: add strptime and strpftime-test - - * snprintf.c (xyzprintf): try to do the right thing with an % at - the end of the format string - - * strptime.c (strptime): implement '%U', '%V', '%W' - * strftime.c (strftime): implement '%U', '%V', '%W', '%z' - - * strftime.c (strftime): correct %E and %O handling. do something - reasonable with "...%" - - * strftime.c: replace the BSD implementation by one of our own - coding - - * strptime.c : new file - * strpftime-test.c: new file - -1999-11-07 Assar Westerlund - - * parse_bytes-test.c: new file - - * Makefile.am: add parse_bytes-test - - * parse_units.c (parse_something): try to handle the case of no - value specified a little bit better - -1999-11-04 Assar Westerlund - - * Makefile.am: bump version to 3:2:0 - -1999-10-30 Assar Westerlund - - * snprintf.c (PARSE_INT_FORMAT): add redundant casts to work - around a gcc-bug that manifests itself on Linux-PPC. From Tom - Rini - -1999-10-28 Assar Westerlund - - * Makefile.am: bump version to 3:1:0 - - * roken.h.in: use `unsigned char' instead of `u_int8_t' to avoid - having to have that definition. this is the easy way out instead - of getting the definition here where it's needed. flame me. - -Fri Oct 22 15:39:31 1999 Bjoern Groenvall - - * k_getpwuid.c (k_getpwuid): getspuid() does not exist (even - though it should), use getspnam(). - -1999-10-20 Assar Westerlund - - * Makefile.am: set version to 3:0:0 - -1999-10-18 Johan Danielsson - - * getarg.3: document arg_collect - - * getarg.c: change the way arg_collect works; it's still quite - horrible though - - * getarg.h: change type of the collect function - -1999-10-17 Assar Westerlund - - * xdbm.h: undo last commit - - * xdbm.h: reorder db includes - -1999-10-10 Assar Westerlund - - * socket.c: const-ize and comment - - * net_write.c: const-ize - - * base64.c: const-ize - -1999-10-06 Assar Westerlund - - * getarg.c (getarg): also set optind when returning error - -1999-09-26 Assar Westerlund - - * Makefile.am: add parse_bytes.[ch] - -1999-09-24 Johan Danielsson - - * getarg.3: getarg manpage - - * getarg.{c,h}: add a callback type to do more complicated processing - - * getarg.{c,h}: add floating point support - -1999-09-16 Assar Westerlund - - * strlcat.c (strlcat): call strlcpy - - * strlcpy.c: update name and prototype - - * strlcat.c: update name and prototype - - * roken.h.in: rename strc{py,at}_truncate to strlc{py,at} - - * Makefile.am: rename strc{py,at}_truncate -> strlc{py,at} - - * Makefile.in: rename strc{py,at}_truncate -> strlc{py,at} - - * strcpy_truncate.c (strcpy_truncate): change return value to be - the length of `src' - -1999-08-16 Assar Westerlund - - * getcap.c: try to make this work on systems with DB - -1999-08-16 Johan Danielsson - - * getcap.c: protect from db-less systems - -1999-08-09 Johan Danielsson - - * simple_exec.c: add simple_exec{ve,le} - - * getcap.c: getcap from NetBSD - -1999-08-06 Assar Westerlund - - * roken.h.in (sockaddr_storage): cater for those that have - v6-support also - -1999-08-05 Assar Westerlund - - * inet_ntop.c (inet_ntop_v4): remember to call ntohl - -1999-08-04 Assar Westerlund - - * roken-common.h: add shutdown constants - - * mini_inetd.c (listen_v4, listen_v6): handle the case of the - protocol not being supported - -1999-08-01 Assar Westerlund - - * mini_inetd.c (socket_set_reuseaddr): remove duplicate - -1999-07-29 Assar Westerlund - - * mini_inetd.c (mini_inetd): fix my stupid bugs - -1999-07-28 Assar Westerlund - - * roken-common.h: add socket* functions - - * Makefile.am (libroken_la_SOURCES): add socket.c - - * socket.c: new file, originally from appl/ftp/common - - * Makefile.am: set version to 2:0:2 - - * roken.h.in (inet_pton): add prototype - - * Makefile.am (EXTRA_libroken_la_SOURCES): add inet_pton - - * inet_pton.c: new file - - * getipnodebyname.c (getipnodebyname): try gethostbyname2 if we - have it - -1999-07-27 Assar Westerlund - - * mini_inetd.c: support IPv6 - -1999-07-26 Assar Westerlund - - * Makefile.am: set version to 1:0:1 - - * roken.h.in (inet_ntop): add prototype - - * roken-common.h: (INET{,6}_ADDRSTRLEN): add - - * inet_ntop.c: new file - - * Makefile.am (EXTRA_libroken_la_SOURCES): add inet_ntop.c - - * Makefile.am: move some files from libroken_la_SOURCES to - EXTRA_libroken_la_SOURCES - - * snprintf.c: some signed vs unsigned casts - -1999-07-24 Assar Westerlund - - * roken.h.in (struct sockaddr_storage): define it needed - -1999-07-19 Assar Westerlund - - * Makefile.am (libroken_la_SOURCES): add copyhostent.c, - freehostent.c, getipnodebyname.c, getipnodebyaddr.c - - * roken.h.in: : include - (copyhostent, freehostent, getipnodebyname, getipnodebyaddr): add - prototypes - - * roken-common.h: new constants for getipnodeby* - - * Makefile.in (SOURCES): add freehostent, copyhostent, - getipnodebyname, getipnodebyaddr - - * freehostent.c: new file - - * copyhostent.c: new file - - * getipnodebyaddr.c: new file - - * getipnodebyname.c: new file - -1999-07-13 Assar Westerlund - - * roken.h.in (k_getpwnam): update prototype - - * k_getpwnam.c (k_getpwnam): const-ize - - * get_default_username.c (get_default_username): a better way of - guessing when the user has su:ed - -1999-07-08 Johan Danielsson - - * roken.awk: use puts, as suggested by Jeffrey Hutzelman - - -1999-07-06 Assar Westerlund - - * readv.c (readv): typo - -1999-07-03 Assar Westerlund - - * writev.c (writev): error check malloc properly - - * sendmsg.c (sendmsg): error check malloc properly - - * resolve.c (parse_reply): error check malloc properly - - * recvmsg.c (recvmsg): error check malloc properly - - * readv.c (readv): error check malloc properly - -1999-06-23 Assar Westerlund - - * parse_units.c (acc_units): move the special case of 0 -> 1 to - parse_something to avoid having it happen at the end of the string - -1999-06-15 Assar Westerlund - - * Makefile.in: add get_default_username - - * get_default_username.c: new file - - * roken.h.in (get_default_username): add prototype - - * Makefile.am: add get_default_username - -1999-05-08 Assar Westerlund - - * xdbm.h: also try with DB_DBM_HSEARCH == 1 - - * strnlen.c (strnlen): update prototype - - * Makefile.am: strndup.c: add - - * Makefile.in: strndup.c: add - - * roken.h.in (strndup): add - (strnlen): update prototype - - * strndup.c: new file - -Fri Apr 16 17:59:30 1999 Assar Westerlund - - * roken.h.in: include strsep prototype if needed - -Thu Apr 15 14:04:03 1999 Johan Danielsson - - * Makefile.am: make make-print-version.o depend on version.h - -Wed Apr 7 14:11:00 1999 Johan Danielsson - - * Makefile.am: make it compile w/o krb4 - -Sat Mar 27 17:33:03 1999 Johan Danielsson - - * snprintf.c (vasnprintf): correct check if realloc returns NULL - -Sat Mar 27 12:37:55 1999 Johan Danielsson - - * Makefile.am: link print_version with -ldes to avoid unresolved - references if -lkrb is shared - -Sat Mar 20 03:42:30 1999 Assar Westerlund - - * roken-common.h (eread, ewrite): add - - * simple_exec.c: add - -Fri Mar 19 21:29:58 1999 Assar Westerlund - - * Makefile.in: add eread, ewrite - - * eread.c, ewrite.c: new files - - * Makefile.am (libroken_la_SOURCES): add eread and ewrite - -Fri Mar 19 14:52:57 1999 Johan Danielsson - - * Makefile.am: add version-info - -Thu Mar 18 12:53:32 1999 Johan Danielsson - - * Makefile.am: remove include_dir hack - - * Makefile.am: parse_units.h - - * Makefile.am: include Makefile.am.common - -Sat Mar 13 23:31:35 1999 Assar Westerlund - - * Makefile.in (SOURCES): add glob.c - -Thu Mar 11 15:02:21 1999 Johan Danielsson - - * iruserok.c: move innetgr() to separate file - - * innetgr.c: move innetgr() to separate file - - * hstrerror.c (hstrerror): add const to return type - - * erealloc.c: fix types in format string - - * emalloc.c: fix types in format string - -Wed Mar 10 16:36:55 1999 Johan Danielsson - - * resolve.c: ugly fix for crays - -Mon Mar 8 11:52:20 1999 Johan Danielsson - - * roken.h.in: protos for {un,}setenv - -1999-02-16 Assar Westerlund - - * Makefile.in (SOURCES): add fnmatch - - * roken-common.h (abs): add - -Sat Feb 13 17:12:53 1999 Assar Westerlund - - * emalloc.c, erealloc.c, estrup.c: new files - - * roken.h.in (mkstemp, gethostname): also includes prototypes if - they are needed. - -1998-12-23 Assar Westerlund - - * roken.h.in: mkstemp: add prototype - -1998-12-20 Assar Westerlund - - * snprintf.c, iruserok.c, parse-units.c: unsigned char-correctness - - * roken.h.in (inet_aton): also chedk NEED_INET_ATON_PROTO - - * roken-common.h: __attribute__: check for autoconf'd - HAVE___ATTRIBUTE__ instead of GNUC - -Sun Dec 6 19:53:21 1998 Assar Westerlund - - * parse_units.c (parse_something): func is called with val == 0 if - no unit was given - (acc_flags, acc_units): update to new standard - -Fri Nov 27 03:09:42 1998 Assar Westerlund - - * resolve.c (stot): constify - (type_to_string): always declare - (dns_lookup_int): correct debug output - -Thu Nov 26 23:43:55 1998 Assar Westerlund - - * resolve.c (dns_lookup_int): send rr_class to res_search - -Thu Nov 26 17:09:47 1998 Johan Danielsson - - * resolve.c: some cleanup - - * resolve.h: add T_NAPTR - -Sun Nov 22 10:23:07 1998 Assar Westerlund - - * Makefile.in (WFLAGS): set - - * k_getpwnam.c (k_getpwnam): check for `struct spwd' - - * k_getpwuid.c (k_getpwuid): check for `struct spwd' - -Tue Sep 8 05:18:31 1998 Assar Westerlund - - * recvmsg.c (recvmsg): patch from bpreece@unity.ncsu.edu - -Fri Sep 4 16:29:27 1998 Johan Danielsson - - * vsyslog.c: asprintf -> vasprintf - -Tue Aug 18 22:25:52 1998 Assar Westerlund - - * getarg.h (arg_printusage): new signature - - * getarg.c (arg_printusage): new parameter `progname'. NULL means - __progname. - -Sun Aug 9 14:53:44 1998 Johan Danielsson - - * Makefile.am: net_{read,write}.c - -Fri Jul 24 21:56:02 1998 Assar Westerlund - - * simple_exec.c (simple_execvp): loop around waitpid when errno == - EINTR - -Thu Jul 23 20:24:35 1998 Johan Danielsson - - * Makefile.am: net_{read,write}.c - -Wed Jul 22 21:38:35 1998 Assar Westerlund - - * simple_exec.c (simple_execlp): initialize `argv' - -Mon Jul 13 23:01:22 1998 Assar Westerlund - - * inaddr2str.c (inaddr2str): don't advance hostent->h_addr_list, - use a copy instead - -Fri Jul 10 01:20:08 1998 Assar Westerlund - - * roken.h.in (net_write, net_read): add prototypes - - * Makefile.in: net_{read,write}.c: add - - * net_{read,write}.c: new files - -Tue Jun 30 17:29:09 1998 Assar Westerlund - - * roken.h.in (issuid): add - - * get_window_size.c: fix misspelling of TIOCGWINSZ and bad use of - fields - -Sun May 31 03:24:34 1998 Johan Danielsson - - * getarg.c (mandoc_template): Put short and long options in - SYNOPSIS within the same [ ] pair. - -Sat May 30 00:13:01 1998 Johan Danielsson - - * getarg.c (arg_printusage): try to keep options shorter than - column width - - * get_window_size.c (get_window_size): check COLUMNS and LINES - -Fri May 29 00:05:04 1998 Johan Danielsson - - * getarg.c (mandoc_template): Put short and long options in - DESCRIPTION on the same line. - - * getarg.c (arg_match_long): make sure you only get an exact match - if the strings are the same length - -Thu May 14 02:23:40 1998 Assar Westerlund - - * roken.awk: stupid cray awk wants \# - -Fri May 1 01:29:36 1998 Assar Westerlund - - * print_version.c (print_version): according to ISO/ANSI C the - elements of `arg' are not constant and therefore not settable at - compile-time. Set the at run-time instead. - -Sun Apr 19 10:00:06 1998 Assar Westerlund - - * roken.h.in: include paths.h - -Sun Apr 5 12:30:49 1998 Assar Westerlund - - * Makefile.in (SOURCES): add roken_gethostby.c to make solaris - make happy - -Thu Mar 19 20:41:25 1998 Johan Danielsson - - * simple_exec.c: Simple fork+exec system() replacement. - -Fri Mar 6 00:21:53 1998 Johan Danielsson - - * roken_gethostby.c: Make `roken_gethostby_setup' take url-like - specification instead of split up versions. Makes it easier for - calling applications. - - * roken_gethostby.c: Another miracle of the 20th century: - gethostby* over HTTP. - -Sat Feb 21 15:18:36 1998 assar westerlund - - * parse_time.c (unparse_time_approx): new function that calls - `unparse_units_approx' - - * parse_units.c (unparse_units_approx): new function that will - only print the first unit. - - * Makefile.in: include parse_{time,units} - -Thu Feb 12 03:30:08 1998 Assar Westerlund - - * parse_time.c (print_time_table): don't return a void value. - -Tue Feb 3 11:06:24 1998 Johan Danielsson - - * getarg.c (mandoc_template): Change date format to full month - name, and day of month without leading zero. - -Thu Jan 22 21:23:23 1998 Johan Danielsson - - * getarg.c: Fix long form of negative flags. - -Mon Dec 29 23:31:10 1997 Johan Danielsson - - * roken.h.in: Include , to get linux __progname. - -Sun Dec 21 09:45:18 1997 Assar Westerlund - - * parse_time.c (print_time_table): new function - - * parse_units.c (print_flags_table, print_units_table): new - functions. - -Thu Dec 4 02:51:46 1997 Assar Westerlund - - * iruserok.c: moved here. - - * snprintf.c (sn_append_char): don't write any terminating zero. - (as_reserve): don't loop. better heuristic for how much space to - realloc. - (vasnprintf): simplify initializing to one. - -Sun Nov 30 14:56:59 1997 Johan Danielsson - - * getarg.c: Add mandoc help back-end to getarg. - -Wed Nov 12 01:09:17 1997 Johan Danielsson - - * verr.c, verrx.c: Fix warnings by moving exit from. - -Tue Nov 11 21:12:09 1997 Johan Danielsson - - * parse_units.c: Change the list of separating characters (between - units) to comma, space, and tab, removing digits. Having digits in - this list makes a flag like `T42 generate a parse error. This - change makes `17m3s' an invalid time-spec (you need a space). - -Tue Nov 11 02:38:44 1997 Assar Westerlund - - * roken.h: add - -Sun Nov 9 04:48:46 1997 Johan Danielsson - - * fnmatch.c: Add fnmatch from NetBSD - -Sun Nov 9 02:00:08 1997 Assar Westerlund - - * parse_units.c (parse_something): ignore white-space and ',' - -Mon Nov 3 22:38:32 1997 Assar Westerlund - - * roken.h: fclose prototype - - * roken.h: add prototype for vsyslog - - * Makefile.in: add some more source files to make soriasis make - happy - -Sat Nov 1 00:19:21 1997 Assar Westerlund - - * roken.h: include and . - prototypes for readv and writev - - * readv.c, writev.c: new files - -Wed Oct 29 02:21:38 1997 Assar Westerlund - - * roken.h: Add ugly macros for openlog, gethostbyname, - gethostbyaddr, and getservbyname for the benefit of Crays. Add - default definition of MAXPATHLEN diff --git a/crypto/kerberosIV/lib/roken/Makefile.am b/crypto/kerberosIV/lib/roken/Makefile.am deleted file mode 100644 index e680230c5a49..000000000000 --- a/crypto/kerberosIV/lib/roken/Makefile.am +++ /dev/null @@ -1,177 +0,0 @@ -# $Id: Makefile.am,v 1.54 1999/12/03 04:04:13 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -CLEANFILES = roken.h make-roken.c print_version.h - -lib_LTLIBRARIES = libroken.la -libroken_la_LDFLAGS = -version-info 3:2:0 - -noinst_PROGRAMS = make-roken make-print-version - -check_PROGRAMS = parse_bytes-test strpftime-test getaddrinfo-test -TESTS = $(check_PROGRAMS) - -getaddrinfo_test_LDADD = libroken.la -parse_bytes_test_LDADD = libroken.la -strpftime_test_LDADD = strftime.o strptime.o - -if KRB4 -if KRB5 -## need to link with des here; otherwise, if krb4 is shared the link -## will fail with unresolved references -make_print_version_LDADD += $(LIB_krb4) -ldes -endif -endif - -libroken_la_SOURCES = \ - base64.c \ - concat.c \ - emalloc.c \ - eread.c \ - erealloc.c \ - estrdup.c \ - ewrite.c \ - get_default_username.c \ - get_window_size.c \ - getarg.c \ - inaddr2str.c \ - issuid.c \ - k_getpwnam.c \ - k_getpwuid.c \ - mini_inetd.c \ - net_read.c \ - net_write.c \ - parse_bytes.c \ - parse_time.c \ - parse_units.c \ - print_version.c \ - resolve.c \ - roken_gethostby.c \ - signal.c \ - simple_exec.c \ - snprintf.c \ - socket.c \ - tm2time.c \ - verify.c \ - warnerr.c \ - xdbm.h - -EXTRA_libroken_la_SOURCES = \ - chown.c \ - copyhostent.c \ - daemon.c \ - err.c \ - err.h \ - errx.c \ - fchown.c \ - flock.c \ - fnmatch.c \ - fnmatch.h \ - freeaddrinfo.c \ - freehostent.c \ - gai_strerror.c \ - getaddrinfo.c \ - getdtablesize.c \ - getegid.c \ - geteuid.c \ - getgid.c \ - gethostname.c \ - getipnodebyaddr.c \ - getipnodebyname.c \ - getnameinfo.c \ - getopt.c \ - gettimeofday.c \ - getuid.c \ - getusershell.c \ - glob.h \ - hstrerror.c \ - inet_aton.c \ - inet_ntop.c \ - inet_pton.c \ - initgroups.c \ - innetgr.c \ - iruserok.c \ - lstat.c \ - memmove.c \ - mkstemp.c \ - putenv.c \ - rcmd.c \ - readv.c \ - recvmsg.c \ - sendmsg.c \ - setegid.c \ - setenv.c \ - seteuid.c \ - strcasecmp.c \ - strdup.c \ - strerror.c \ - strftime.c \ - strlcat.c \ - strlcpy.c \ - strlwr.c \ - strncasecmp.c \ - strndup.c \ - strnlen.c \ - strptime.c \ - strsep.c \ - strtok_r.c \ - strupr.c \ - swab.c \ - unsetenv.c \ - verr.c \ - verrx.c \ - vsyslog.c \ - vwarn.c \ - vwarnx.c \ - warn.c \ - warnx.c \ - writev.c - -EXTRA_DIST = resource.h roken.awk roken.def roken.dsp roken.h.in \ - roken.mak roken.rc - - - -libroken_la_LIBADD = @LTLIBOBJS@ - -$(LTLIBOBJS) $(libroken_la_OBJECTS): roken.h - -include_HEADERS = $(err_h) base64.h getarg.h \ - parse_bytes.h parse_time.h parse_units.h \ - resolve.h roken.h roken-common.h - -build_HEADERZ = $(err_h) $(fnmatch_h) $(glob_h) xdbm.h - -if have_err_h -err_h = -else -err_h = err.h -endif - -if have_fnmatch_h -fnmatch_h = -else -fnmatch_h = fnmatch.h -endif - -if have_glob_h -glob_h = -else -glob_h = glob.h -endif - -roken.h: make-roken - @./make-roken > tmp.h ;\ - if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ - else rm -f roken.h; mv tmp.h roken.h; fi - -make-roken.c: roken.h.in roken.awk - $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c - -print_version.lo: print_version.h - -print_version.h: make-print-version - ./make-print-version print_version.h - -make-print-version.o: $(top_builddir)/include/version.h diff --git a/crypto/kerberosIV/lib/roken/Makefile.in b/crypto/kerberosIV/lib/roken/Makefile.in deleted file mode 100644 index e3afbae39666..000000000000 --- a/crypto/kerberosIV/lib/roken/Makefile.in +++ /dev/null @@ -1,223 +0,0 @@ -# -# $Id: Makefile.in,v 1.73.2.1 2000/06/23 04:37:43 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -CPP = @CPP@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -AWK = @AWK@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -EXECSUFFIX = @EXECSUFFIX@ -PICFLAGS = # @PICFLAGS@ - -LIBNAME = $(LIBPREFIX)roken -#LIBEXT = @LIBEXT@ Always build archive library and don't install! -LIBEXT = a -LIBPREFIX = @LIBPREFIX@ -SHLIBEXT = @SHLIBEXT@ -LDSHARED = @LDSHARED@ -LIB = $(LIBNAME).$(LIBEXT) - -SOURCES = \ - base64.c \ - chown.c \ - concat.c \ - copyhostent.c \ - daemon.c \ - emalloc.c \ - erealloc.c \ - estrdup.c \ - eread.c \ - err.c \ - errx.c \ - ewrite.c \ - fchown.c \ - flock.c \ - fnmatch.c \ - freehostent.c \ - get_window_size.c \ - getarg.c \ - getcwd.c \ - get_default_username.c \ - getdtablesize.c \ - gethostname.c \ - getipnodebyaddr.c \ - getipnodebyname.c \ - getopt.c \ - getusershell.c \ - glob.c \ - hstrerror.c \ - inaddr2str.c \ - inet_aton.c \ - inet_ntop.c \ - initgroups.c \ - iruserok.c \ - issuid.c \ - k_getpwnam.c \ - k_getpwuid.c \ - lstat.c \ - memmove.c \ - mini_inetd.c \ - mkstemp.c \ - net_read.c \ - net_write.c \ - parse_time.c \ - parse_units.c \ - print_version.c \ - putenv.c \ - resolve.c \ - rcmd.c \ - roken_gethostby.c \ - readv.c \ - setegid.c \ - setenv.c \ - seteuid.c \ - signal.c \ - simple_exec.c \ - snprintf.c \ - socket.c \ - strcasecmp.c \ - strcollect.c \ - strdup.c \ - strerror.c \ - strftime.c \ - strlcat.c \ - strlcpy.c \ - strlwr.c \ - strncasecmp.c \ - strndup.c \ - strnlen.c \ - strsep.c \ - strtok_r.c \ - strupr.c \ - tm2time.c \ - unsetenv.c \ - verify.c \ - verr.c \ - verrx.c \ - vsyslog.c \ - vwarn.c \ - vwarnx.c \ - warn.c \ - warnerr.c \ - warnx.c - -EXTRA_SOURCES = \ - make-print-version.c - -OBJECTS = \ - base64.o \ - concat.o \ - emalloc.o \ - eread.o \ - erealloc.o \ - estrdup.o \ - ewrite.o \ - get_default_username.o \ - get_window_size.o \ - getarg.o \ - inaddr2str.o \ - issuid.o \ - k_getpwnam.o \ - k_getpwuid.o \ - mini_inetd.o \ - net_read.o \ - net_write.o \ - parse_time.o \ - parse_units.o \ - print_version.o \ - resolve.o \ - roken_gethostby.o \ - signal.o \ - simple_exec.o \ - snprintf.o \ - socket.o \ - strcollect.o \ - tm2time.o \ - verify.o \ - warnerr.o \ - @LIBOBJS@ - -all: $(LIB) install-roken-h - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I. -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - -uninstall: - -TAGS: $(SOURCES) $(EXTRA_SOURCES) - etags $(SOURCES) $(EXTRA_SOURCES) - -check: - -clean: - rm -f $(LIB) *.o *.a roken.h make-roken$(EXECSUFFIX) make-roken.c \ - make-print-version$(EXECSUFFIX) print_version.h - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -$(LIBNAME).a: $(OBJECTS) - rm -f $@ - $(AR) cr $@ $(OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(OBJECTS) - rm -f $@ - $(LDSHARED) -o $@ $(OBJECTS) - -roken.h: make-roken$(EXECSUFFIX) - @./make-roken > tmp.h ;\ - if [ -f roken.h ] && cmp -s tmp.h roken.h ; then rm -f tmp.h ; \ - else rm -f roken.h; mv tmp.h roken.h; fi - -make-roken$(EXECSUFFIX): make-roken.o - $(LINK) $(CFLAGS) -o $@ make-roken.o - -make-roken.c: roken.h.in roken.awk - $(AWK) -f $(srcdir)/roken.awk $(srcdir)/roken.h.in > make-roken.c - -print_version.o: print_version.h - -print_version.h: make-print-version$(EXECSUFFIX) - @./make-print-version$(EXECSUFFIX) print_version.h - -make-print-version$(EXECSUFFIX): make-print-version.o - $(LINK) $(CFLAGS) -o $@ make-print-version.o - -install-roken-h: roken.h - @if [ -f ../../include/roken.h ] && cmp -s ../../include/roken.h roken.h ; \ - then :; else \ - echo " $(INSTALL) roken.h ../../include/roken.h"; \ - $(INSTALL) roken.h ../../include/roken.h; fi - -$(OBJECTS): ../../include/config.h roken.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean install-roken-h diff --git a/crypto/kerberosIV/lib/roken/base64.c b/crypto/kerberosIV/lib/roken/base64.c deleted file mode 100644 index daed8697ce26..000000000000 --- a/crypto/kerberosIV/lib/roken/base64.c +++ /dev/null @@ -1,146 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: base64.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); -#endif -#include -#include -#include "base64.h" - -static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/"; - -static int pos(char c) -{ - char *p; - for(p = base64; *p; p++) - if(*p == c) - return p - base64; - return -1; -} - -int base64_encode(const void *data, int size, char **str) -{ - char *s, *p; - int i; - int c; - const unsigned char *q; - - p = s = (char*)malloc(size*4/3+4); - if (p == NULL) - return -1; - q = (const unsigned char*)data; - i=0; - for(i = 0; i < size;){ - c=q[i++]; - c*=256; - if(i < size) - c+=q[i]; - i++; - c*=256; - if(i < size) - c+=q[i]; - i++; - p[0]=base64[(c&0x00fc0000) >> 18]; - p[1]=base64[(c&0x0003f000) >> 12]; - p[2]=base64[(c&0x00000fc0) >> 6]; - p[3]=base64[(c&0x0000003f) >> 0]; - if(i > size) - p[3]='='; - if(i > size+1) - p[2]='='; - p+=4; - } - *p=0; - *str = s; - return strlen(s); -} - -int base64_decode(const char *str, void *data) -{ - const char *p; - unsigned char *q; - int c; - int x; - int done = 0; - q=(unsigned char*)data; - for(p=str; *p && !done; p+=4){ - x = pos(p[0]); - if(x >= 0) - c = x; - else{ - done = 3; - break; - } - c*=64; - - x = pos(p[1]); - if(x >= 0) - c += x; - else - return -1; - c*=64; - - if(p[2] == '=') - done++; - else{ - x = pos(p[2]); - if(x >= 0) - c += x; - else - return -1; - } - c*=64; - - if(p[3] == '=') - done++; - else{ - if(done) - return -1; - x = pos(p[3]); - if(x >= 0) - c += x; - else - return -1; - } - if(done < 3) - *q++=(c&0x00ff0000)>>16; - - if(done < 2) - *q++=(c&0x0000ff00)>>8; - if(done < 1) - *q++=(c&0x000000ff)>>0; - } - return q - (unsigned char*)data; -} diff --git a/crypto/kerberosIV/lib/roken/base64.h b/crypto/kerberosIV/lib/roken/base64.h deleted file mode 100644 index 5ad1e3b18ea9..000000000000 --- a/crypto/kerberosIV/lib/roken/base64.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: base64.h,v 1.2 1999/12/02 16:58:45 joda Exp $ */ - -#ifndef _BASE64_H_ -#define _BASE64_H_ - -int base64_encode(const void *data, int size, char **str); -int base64_decode(const char *str, void *data); - -#endif diff --git a/crypto/kerberosIV/lib/roken/chown.c b/crypto/kerberosIV/lib/roken/chown.c deleted file mode 100644 index f3d34e303030..000000000000 --- a/crypto/kerberosIV/lib/roken/chown.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: chown.c,v 1.3 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include "roken.h" - -int -chown(const char *path, uid_t owner, gid_t group) -{ - return 0; -} diff --git a/crypto/kerberosIV/lib/roken/concat.c b/crypto/kerberosIV/lib/roken/concat.c deleted file mode 100644 index ca295c030ae5..000000000000 --- a/crypto/kerberosIV/lib/roken/concat.c +++ /dev/null @@ -1,112 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: concat.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); -#endif -#include "roken.h" - -int -roken_concat (char *s, size_t len, ...) -{ - int ret; - va_list args; - - va_start(args, len); - ret = roken_vconcat (s, len, args); - va_end(args); - return ret; -} - -int -roken_vconcat (char *s, size_t len, va_list args) -{ - const char *a; - - while ((a = va_arg(args, const char*))) { - size_t n = strlen (a); - - if (n >= len) - return -1; - memcpy (s, a, n); - s += n; - len -= n; - } - *s = '\0'; - return 0; -} - -size_t -roken_vmconcat (char **s, size_t max_len, va_list args) -{ - const char *a; - char *p, *q; - size_t len = 0; - *s = NULL; - p = malloc(1); - if(p == NULL) - return 0; - len = 1; - while ((a = va_arg(args, const char*))) { - size_t n = strlen (a); - - if(max_len && len + n > max_len){ - free(p); - return 0; - } - q = realloc(p, len + n); - if(q == NULL){ - free(p); - return 0; - } - p = q; - memcpy (p + len - 1, a, n); - len += n; - } - p[len - 1] = '\0'; - *s = p; - return len; -} - -size_t -roken_mconcat (char **s, size_t max_len, ...) -{ - int ret; - va_list args; - - va_start(args, max_len); - ret = roken_vmconcat (s, max_len, args); - va_end(args); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/copyhostent.c b/crypto/kerberosIV/lib/roken/copyhostent.c deleted file mode 100644 index a3be6db9134d..000000000000 --- a/crypto/kerberosIV/lib/roken/copyhostent.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: copyhostent.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include "roken.h" - -/* - * return a malloced copy of `h' - */ - -struct hostent * -copyhostent (const struct hostent *h) -{ - struct hostent *res; - char **p; - int i, n; - - res = malloc (sizeof (*res)); - if (res == NULL) - return NULL; - res->h_name = NULL; - res->h_aliases = NULL; - res->h_addrtype = h->h_addrtype; - res->h_length = h->h_length; - res->h_addr_list = NULL; - res->h_name = strdup (h->h_name); - if (res->h_name == NULL) { - freehostent (res); - return NULL; - } - for (n = 0, p = h->h_aliases; *p != NULL; ++p) - ++n; - res->h_aliases = malloc ((n + 1) * sizeof(*res->h_aliases)); - if (res->h_aliases == NULL) { - freehostent (res); - return NULL; - } - for (i = 0; i < n + 1; ++i) - res->h_aliases[i] = NULL; - for (i = 0; i < n; ++i) { - res->h_aliases[i] = strdup (h->h_aliases[i]); - if (res->h_aliases[i] == NULL) { - freehostent (res); - return NULL; - } - } - - for (n = 0, p = h->h_addr_list; *p != NULL; ++p) - ++n; - res->h_addr_list = malloc ((n + 1) * sizeof(*res->h_addr_list)); - if (res->h_addr_list == NULL) { - freehostent (res); - return NULL; - } - for (i = 0; i < n + 1; ++i) { - res->h_addr_list[i] = NULL; - } - for (i = 0; i < n; ++i) { - res->h_addr_list[i] = malloc (h->h_length); - if (res->h_addr_list[i] == NULL) { - freehostent (res); - return NULL; - } - memcpy (res->h_addr_list[i], h->h_addr_list[i], h->h_length); - } - return res; -} - diff --git a/crypto/kerberosIV/lib/roken/daemon.c b/crypto/kerberosIV/lib/roken/daemon.c deleted file mode 100644 index 758856c8ada8..000000000000 --- a/crypto/kerberosIV/lib/roken/daemon.c +++ /dev/null @@ -1,88 +0,0 @@ -/*- - * Copyright (c) 1990, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)daemon.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: daemon.c,v 1.3 1997/10/04 21:55:48 joda Exp $"); - -#ifndef HAVE_DAEMON - -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_PATHS_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "roken.h" - -int -daemon(int nochdir, int noclose) -{ - int fd; - - switch (fork()) { - case -1: - return (-1); - case 0: - break; - default: - _exit(0); - } - - if (setsid() == -1) - return (-1); - - if (!nochdir) - chdir("/"); - - if (!noclose && (fd = open(_PATH_DEVNULL, O_RDWR, 0)) != -1) { - dup2(fd, STDIN_FILENO); - dup2(fd, STDOUT_FILENO); - dup2(fd, STDERR_FILENO); - if (fd > 2) - close (fd); - } - return (0); -} - -#endif /* HAVE_DAEMON */ diff --git a/crypto/kerberosIV/lib/roken/emalloc.c b/crypto/kerberosIV/lib/roken/emalloc.c deleted file mode 100644 index bbea1e0b5f0b..000000000000 --- a/crypto/kerberosIV/lib/roken/emalloc.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: emalloc.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include -#include - -#include - -/* - * Like malloc but never fails. - */ - -void * -emalloc (size_t sz) -{ - void *tmp = malloc (sz); - - if (tmp == NULL && sz != 0) - err (1, "malloc %lu", (unsigned long)sz); - return tmp; -} diff --git a/crypto/kerberosIV/lib/roken/eread.c b/crypto/kerberosIV/lib/roken/eread.c deleted file mode 100644 index 9a1b24bd55df..000000000000 --- a/crypto/kerberosIV/lib/roken/eread.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: eread.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include -#include - -#include - -/* - * Like read but never fails (and never returns partial data). - */ - -ssize_t -eread (int fd, void *buf, size_t nbytes) -{ - ssize_t ret; - - ret = net_read (fd, buf, nbytes); - if (ret < 0) - err (1, "read"); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/erealloc.c b/crypto/kerberosIV/lib/roken/erealloc.c deleted file mode 100644 index 8afa8f3d7b61..000000000000 --- a/crypto/kerberosIV/lib/roken/erealloc.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: erealloc.c,v 1.4 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include -#include - -#include - -/* - * Like realloc but never fails. - */ - -void * -erealloc (void *ptr, size_t sz) -{ - void *tmp = realloc (ptr, sz); - - if (tmp == NULL && sz != 0) - err (1, "realloc %lu", (unsigned long)sz); - return tmp; -} diff --git a/crypto/kerberosIV/lib/roken/err.c b/crypto/kerberosIV/lib/roken/err.c deleted file mode 100644 index 29b1f7b5672d..000000000000 --- a/crypto/kerberosIV/lib/roken/err.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: err.c,v 1.6 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include "err.h" - -void -err(int eval, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - verr(eval, fmt, ap); - va_end(ap); -} diff --git a/crypto/kerberosIV/lib/roken/err.h b/crypto/kerberosIV/lib/roken/err.h deleted file mode 100644 index b0b649f92b46..000000000000 --- a/crypto/kerberosIV/lib/roken/err.h +++ /dev/null @@ -1,71 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: err.h,v 1.15 1999/12/02 16:58:45 joda Exp $ */ - -#ifndef __ERR_H__ -#define __ERR_H__ - -#include -#include -#include -#include -#include - -extern const char *__progname; - -#if !defined(__GNUC__) && !defined(__attribute__) -#define __attribute__(x) -#endif - -void warnerr(int doerrno, const char *fmt, va_list ap) - __attribute__ ((format (printf, 2, 0))); - -void verr(int eval, const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 2, 0))); -void err(int eval, const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 2, 3))); -void verrx(int eval, const char *fmt, va_list ap) - __attribute__ ((noreturn, format (printf, 2, 0))); -void errx(int eval, const char *fmt, ...) - __attribute__ ((noreturn, format (printf, 2, 3))); -void vwarn(const char *fmt, va_list ap) - __attribute__ ((format (printf, 1, 0))); -void warn(const char *fmt, ...) - __attribute__ ((format (printf, 1, 2))); -void vwarnx(const char *fmt, va_list ap) - __attribute__ ((format (printf, 1, 0))); -void warnx(const char *fmt, ...) - __attribute__ ((format (printf, 1, 2))); - -#endif /* __ERR_H__ */ diff --git a/crypto/kerberosIV/lib/roken/errx.c b/crypto/kerberosIV/lib/roken/errx.c deleted file mode 100644 index 2f8ec18dd24e..000000000000 --- a/crypto/kerberosIV/lib/roken/errx.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: errx.c,v 1.6 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include "err.h" - -void -errx(int eval, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - verrx(eval, fmt, ap); - va_end(ap); -} diff --git a/crypto/kerberosIV/lib/roken/estrdup.c b/crypto/kerberosIV/lib/roken/estrdup.c deleted file mode 100644 index 8c0d9a748cb3..000000000000 --- a/crypto/kerberosIV/lib/roken/estrdup.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: estrdup.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include -#include - -#include - -/* - * Like strdup but never fails. - */ - -char * -estrdup (const char *str) -{ - char *tmp = strdup (str); - - if (tmp == NULL) - err (1, "strdup"); - return tmp; -} diff --git a/crypto/kerberosIV/lib/roken/ewrite.c b/crypto/kerberosIV/lib/roken/ewrite.c deleted file mode 100644 index b2c43de8dbc9..000000000000 --- a/crypto/kerberosIV/lib/roken/ewrite.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: ewrite.c,v 1.2 1999/12/02 16:58:45 joda Exp $"); -#endif - -#include -#include - -#include - -/* - * Like write but never fails (and never returns partial data). - */ - -ssize_t -ewrite (int fd, const void *buf, size_t nbytes) -{ - ssize_t ret; - - ret = net_write (fd, buf, nbytes); - if (ret < 0) - err (1, "write"); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/fchown.c b/crypto/kerberosIV/lib/roken/fchown.c deleted file mode 100644 index 61e854691e83..000000000000 --- a/crypto/kerberosIV/lib/roken/fchown.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: fchown.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include "roken.h" - -int -fchown(int fd, uid_t owner, gid_t group) -{ - return 0; -} diff --git a/crypto/kerberosIV/lib/roken/flock.c b/crypto/kerberosIV/lib/roken/flock.c deleted file mode 100644 index 13da4f474bef..000000000000 --- a/crypto/kerberosIV/lib/roken/flock.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifndef HAVE_FLOCK -RCSID("$Id: flock.c,v 1.4 1999/12/02 16:58:46 joda Exp $"); - -#include "roken.h" - - -#define OP_MASK (LOCK_SH | LOCK_EX | LOCK_UN) - -int -flock(int fd, int operation) -{ -#if defined(HAVE_FCNTL) && defined(F_SETLK) - struct flock arg; - int code, cmd; - - arg.l_whence = SEEK_SET; - arg.l_start = 0; - arg.l_len = 0; /* means to EOF */ - - if (operation & LOCK_NB) - cmd = F_SETLK; - else - cmd = F_SETLKW; /* Blocking */ - - switch (operation & OP_MASK) { - case LOCK_UN: - arg.l_type = F_UNLCK; - code = fcntl(fd, F_SETLK, &arg); - break; - case LOCK_SH: - arg.l_type = F_RDLCK; - code = fcntl(fd, cmd, &arg); - break; - case LOCK_EX: - arg.l_type = F_WRLCK; - code = fcntl(fd, cmd, &arg); - break; - default: - errno = EINVAL; - code = -1; - break; - } - return code; -#else - return -1; -#endif -} - -#endif - diff --git a/crypto/kerberosIV/lib/roken/fnmatch.c b/crypto/kerberosIV/lib/roken/fnmatch.c deleted file mode 100644 index dc01d6ea61ba..000000000000 --- a/crypto/kerberosIV/lib/roken/fnmatch.c +++ /dev/null @@ -1,173 +0,0 @@ -/* $NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $ */ - -/* - * Copyright (c) 1989, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -#if 0 -static char sccsid[] = "@(#)fnmatch.c 8.2 (Berkeley) 4/16/94"; -#else -static char rcsid[] = "$NetBSD: fnmatch.c,v 1.11 1995/02/27 03:43:06 cgd Exp $"; -#endif -#endif /* LIBC_SCCS and not lint */ - -/* - * Function fnmatch() as specified in POSIX 1003.2-1992, section B.6. - * Compares a filename or pathname to a pattern. - */ - -#include -#include - -#define EOS '\0' - -static const char *rangematch (const char *, int, int); - -int -fnmatch(const char *pattern, const char *string, int flags) -{ - const char *stringstart; - char c, test; - - for (stringstart = string;;) - switch (c = *pattern++) { - case EOS: - return (*string == EOS ? 0 : FNM_NOMATCH); - case '?': - if (*string == EOS) - return (FNM_NOMATCH); - if (*string == '/' && (flags & FNM_PATHNAME)) - return (FNM_NOMATCH); - if (*string == '.' && (flags & FNM_PERIOD) && - (string == stringstart || - ((flags & FNM_PATHNAME) && *(string - 1) == '/'))) - return (FNM_NOMATCH); - ++string; - break; - case '*': - c = *pattern; - /* Collapse multiple stars. */ - while (c == '*') - c = *++pattern; - - if (*string == '.' && (flags & FNM_PERIOD) && - (string == stringstart || - ((flags & FNM_PATHNAME) && *(string - 1) == '/'))) - return (FNM_NOMATCH); - - /* Optimize for pattern with * at end or before /. */ - if (c == EOS) - if (flags & FNM_PATHNAME) - return (strchr(string, '/') == NULL ? - 0 : FNM_NOMATCH); - else - return (0); - else if (c == '/' && flags & FNM_PATHNAME) { - if ((string = strchr(string, '/')) == NULL) - return (FNM_NOMATCH); - break; - } - - /* General case, use recursion. */ - while ((test = *string) != EOS) { - if (!fnmatch(pattern, string, flags & ~FNM_PERIOD)) - return (0); - if (test == '/' && flags & FNM_PATHNAME) - break; - ++string; - } - return (FNM_NOMATCH); - case '[': - if (*string == EOS) - return (FNM_NOMATCH); - if (*string == '/' && flags & FNM_PATHNAME) - return (FNM_NOMATCH); - if ((pattern = - rangematch(pattern, *string, flags)) == NULL) - return (FNM_NOMATCH); - ++string; - break; - case '\\': - if (!(flags & FNM_NOESCAPE)) { - if ((c = *pattern++) == EOS) { - c = '\\'; - --pattern; - } - } - /* FALLTHROUGH */ - default: - if (c != *string++) - return (FNM_NOMATCH); - break; - } - /* NOTREACHED */ -} - -static const char * -rangematch(const char *pattern, int test, int flags) -{ - int negate, ok; - char c, c2; - - /* - * A bracket expression starting with an unquoted circumflex - * character produces unspecified results (IEEE 1003.2-1992, - * 3.13.2). This implementation treats it like '!', for - * consistency with the regular expression syntax. - * J.T. Conklin (conklin@ngai.kaleida.com) - */ - if (negate = (*pattern == '!' || *pattern == '^')) - ++pattern; - - for (ok = 0; (c = *pattern++) != ']';) { - if (c == '\\' && !(flags & FNM_NOESCAPE)) - c = *pattern++; - if (c == EOS) - return (NULL); - if (*pattern == '-' - && (c2 = *(pattern+1)) != EOS && c2 != ']') { - pattern += 2; - if (c2 == '\\' && !(flags & FNM_NOESCAPE)) - c2 = *pattern++; - if (c2 == EOS) - return (NULL); - if (c <= test && test <= c2) - ok = 1; - } else if (c == test) - ok = 1; - } - return (ok == negate ? NULL : pattern); -} diff --git a/crypto/kerberosIV/lib/roken/fnmatch.h b/crypto/kerberosIV/lib/roken/fnmatch.h deleted file mode 100644 index 95c91d600b64..000000000000 --- a/crypto/kerberosIV/lib/roken/fnmatch.h +++ /dev/null @@ -1,49 +0,0 @@ -/* $NetBSD: fnmatch.h,v 1.5 1994/10/26 00:55:53 cgd Exp $ */ - -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)fnmatch.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _FNMATCH_H_ -#define _FNMATCH_H_ - -#define FNM_NOMATCH 1 /* Match failed. */ - -#define FNM_NOESCAPE 0x01 /* Disable backslash escaping. */ -#define FNM_PATHNAME 0x02 /* Slash must be matched by slash. */ -#define FNM_PERIOD 0x04 /* Period must be matched by period. */ - -int fnmatch (const char *, const char *, int); - -#endif /* !_FNMATCH_H_ */ diff --git a/crypto/kerberosIV/lib/roken/freehostent.c b/crypto/kerberosIV/lib/roken/freehostent.c deleted file mode 100644 index 0cd92cd732cd..000000000000 --- a/crypto/kerberosIV/lib/roken/freehostent.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: freehostent.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include "roken.h" - -/* - * free a malloced hostent - */ - -void -freehostent (struct hostent *h) -{ - char **p; - - free (h->h_name); - if (h->h_aliases != NULL) { - for (p = h->h_aliases; *p != NULL; ++p) - free (*p); - free (h->h_aliases); - } - if (h->h_addr_list != NULL) { - for (p = h->h_addr_list; *p != NULL; ++p) - free (*p); - free (h->h_addr_list); - } - free (h); -} diff --git a/crypto/kerberosIV/lib/roken/get_default_username.c b/crypto/kerberosIV/lib/roken/get_default_username.c deleted file mode 100644 index 10b0863888d3..000000000000 --- a/crypto/kerberosIV/lib/roken/get_default_username.c +++ /dev/null @@ -1,80 +0,0 @@ -/* - * Copyright (c) 1997 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: get_default_username.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); -#endif /* HAVE_CONFIG_H */ - -#include "roken.h" - -/* - * Try to return what should be considered the default username or - * NULL if we can't guess at all. - */ - -const char * -get_default_username (void) -{ - const char *user; - - user = getenv ("USER"); - if (user == NULL) - user = getenv ("LOGNAME"); - if (user == NULL) - user = getenv ("USERNAME"); - -#if defined(HAVE_GETLOGIN) && !defined(POSIX_GETLOGIN) - if (user == NULL) { - user = (const char *)getlogin (); - if (user != NULL) - return user; - } -#endif -#ifdef HAVE_PWD_H - { - uid_t uid = getuid (); - struct passwd *pwd; - - if (user != NULL) { - pwd = k_getpwnam (user); - if (pwd != NULL && pwd->pw_uid == uid) - return user; - } - pwd = k_getpwuid (uid); - if (pwd != NULL) - return pwd->pw_name; - } -#endif - return user; -} diff --git a/crypto/kerberosIV/lib/roken/get_window_size.c b/crypto/kerberosIV/lib/roken/get_window_size.c deleted file mode 100644 index 4eff8d2d2c6e..000000000000 --- a/crypto/kerberosIV/lib/roken/get_window_size.c +++ /dev/null @@ -1,102 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: get_window_size.c,v 1.9 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#if 0 /* Where were those needed? /confused */ -#ifdef HAVE_SYS_PROC_H -#include -#endif - -#ifdef HAVE_SYS_TTY_H -#include -#endif -#endif - -#ifdef HAVE_TERMIOS_H -#include -#endif - -#include - -int -get_window_size(int fd, struct winsize *wp) -{ - int ret = -1; - - memset(wp, 0, sizeof(*wp)); - -#if defined(TIOCGWINSZ) - ret = ioctl(fd, TIOCGWINSZ, wp); -#elif defined(TIOCGSIZE) - { - struct ttysize ts; - - ret = ioctl(fd, TIOCGSIZE, &ts); - if(ret == 0) { - wp->ws_row = ts.ts_lines; - wp->ws_col = ts.ts_cols; - } - } -#elif defined(HAVE__SCRSIZE) - { - int dst[2]; - - _scrsize(dst); - wp->ws_row = dst[1]; - wp->ws_col = dst[0]; - ret = 0; - } -#endif - if (ret != 0) { - char *s; - if((s = getenv("COLUMNS"))) - wp->ws_col = atoi(s); - if((s = getenv("LINES"))) - wp->ws_row = atoi(s); - if(wp->ws_col > 0 && wp->ws_row > 0) - ret = 0; - } - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/getarg.3 b/crypto/kerberosIV/lib/roken/getarg.3 deleted file mode 100644 index fc4ca83c29a1..000000000000 --- a/crypto/kerberosIV/lib/roken/getarg.3 +++ /dev/null @@ -1,311 +0,0 @@ -.\" Copyright (c) 1999 Kungliga Tekniska Högskolan -.\" $Id: getarg.3,v 1.2 1999/10/18 17:14:31 joda Exp $ -.Dd September 24, 1999 -.Dt GETARG 3 -.Os ROKEN -.Sh NAME -.Nm getarg , -.Nm arg_printusage -.Nd collect command line options -.Sh SYNOPSIS -.Fd #include -.Ft int -.Fn getarg "struct getargs *args" "size_t num_args" "int argc" "char **argv" "int *optind" -.Ft void -.Fn arg_printusage "struct getargs *args" "size_t num_args" "const char *progname" "const char *extra_string" -.Sh DESCRIPTION -.Fn getarg -collects any command line options given to a program in an easily used way. -.Fn arg_printusage -pretty-prints the available options, with a short help text. -.Pp -.Fa args -is the option specification to use, and it's an array of -.Fa struct getargs -elements. -.Fa num_args -is the size of -.Fa args -(in elements). -.Fa argc -and -.Fa argv -are the argument count and argument vector to extract option from. -.Fa optind -is a pointer to an integer where the index to the last processed -argument is stored, it must be initialised to the first index (minus -one) to process (normally 0) before the first call. -.Pp -.Fa arg_printusage -take the same -.Fa args -and -.Fa num_args -as getarg; -.Fa progname -is the name of the program (to be used in the help text), and -.Fa extra_string -is a string to print after the actual options to indicate more -arguments. The usefulness of this function is realised only be people -who has used programs that has help strings that doesn't match what -the code does. -.Pp -The -.Fa getargs -struct has the following elements. -.Bd -literal -struct getargs{ - const char *long_name; - char short_name; - enum { arg_integer, - arg_string, - arg_flag, - arg_negative_flag, - arg_strings, - arg_double, - arg_collect - } type; - void *value; - const char *help; - const char *arg_help; -}; -.Ed -.Pp -.Fa long_name -is the long name of the option, it can be -.Dv NULL , -if you don't want a long name. -.Fa short_name -is the characted to use as short option, it can be zero. If the option -has a value the -.Fa value -field gets filled in with that value interpreted as specified by the -.Fa type -field. -.Fa help -is a longer help string for the option as a whole, if it's -.Dv NULL -the help text for the option is omitted (but it's still displayed in -the synopsis). -.Fa arg_help -is a description of the argument, if -.Dv NULL -a default value will be used, depending on the type of the option: -.Pp -.Bl -hang -width arg_negative_flag -.It arg_integer -the argument is a signed integer, and -.Fa value -should point to an -.Fa int . -.It Fa arg_string -the argument is a string, and -.Fa value -should point to a -.Fa char* . -.It Fa arg_flag -the argument is a flag, and -.Fa value -should point to a -.Fa int . -It gets filled in with either zero or one, depending on how the option -is given, the normal case beeing one. Note that if the option isn't -given, the value isn't altered, so it should be initialised to some -useful default. -.It Fa arg_negative_flag -this is the same as -.Fa arg_flag -but it reverses the meaning of the flag (a given short option clears -the flag), and the synopsis of a long option is negated. -.It Fa arg_strings -the argument can be given multiple times, and the values are collected -in an array; -.Fa value -should be a pointer to a -.Fa struct getarg_strings -structure, which holds a length and a string pointer. -.It Fa arg_double -argument is a double precision floating point value, and -.Fa value -should point to a -.Fa double . -.It Fa arg_collect -allows more fine-grained control of the option parsing process. -.Fa value -should be a pointer to a -.Fa getarg_collect_info -structure: -.Bd -literal -typedef int (*getarg_collect_func)(int short_opt, - int argc, - char **argv, - int *optind, - int *optarg, - void *data); - -typedef struct getarg_collect_info { - getarg_collect_func func; - void *data; -} getarg_collect_info; -.Ed -.Pp -With the -.Fa func -member set to a function to call, and -.Fa data -to some application specific data. The parameters to the collect function are: -.Bl -inset -.It Fa short_flag -non-zero if this call is via a short option flag, zero otherwise -.It Fa argc , argv -the whole argument list -.It Fa optind -pointer to the index in argv where the flag is -.It Fa optarg -pointer to the index in argv[*optind] where the flag name starts -.It Fa data -application specific data -.El -.Pp -You can modify -.Fa *optind , -and -.Fa *optarg , -but to do this correct you (more or less) have to know about the inner -workings of getarg. -.Pp -You can skip parts of arguments by increasing -.Fa *optarg -(you could -implement the -.Fl z Ns Ar 3 -set of flags from -.Nm gzip -with this), or whole argument strings by increasing -.Fa *optind -(let's say you want a flag -.Fl c Ar x y z -to specify a coordinate); if you also have to set -.Fa *optarg -to a sane value. -.Pp -The collect function should return one of -.Dv ARG_ERR_NO_MATCH , ARG_ERR_BAD_ARG , ARG_ERR_NO_ARG -on error, zero otherwise. -.Pp -For your convenience there is a function, -.Fn getarg_optarg , -that returns the traditional argument string, and you pass it all -arguments, sans data, that where given to the collection function. -.Pp -Don't use this more this unless you absolutely have to. -.El -.Pp -Option parsing is similar to what -.Xr getopt -uses. Short options without arguments can be compressed -.Pf ( Fl xyz -is the same as -.Fl x y z ) , -and short -options with arguments take these as either the rest of the -argv-string or as the next option -.Pf ( Fl o Ns Ar foo , -or -.Fl o Ar foo ) . -.Pp -Long option names are prefixed with -- (double dash), and the value -with a = (equal), -.Fl -foo= Ns Ar bar . -Long option flags can either be specified as they are -.Pf ( Fl -help ) , -or with an (boolean parsable) option -.Pf ( Fl -help= Ns Ar yes , -.Fl -help= Ns Ar true , -or similar), or they can also be negated -.Pf ( Fl -no-help -is the same as -.Fl -help= Ns no ) , -and if you're really confused you can do it multiple times -.Pf ( Fl -no-no-help= Ns Ar false , -or even -.Fl -no-no-help= Ns Ar maybe ) . -.Sh EXAMPLE -.Bd -literal -#include -#include -#include - -char *source = "Ouagadougou"; -char *destination; -int weight; -int include_catalog = 1; -int help_flag; - -struct getargs args[] = { - { "source", 's', arg_string, &source, - "source of shippment", "city" }, - { "destination", 'd', arg_string, &destination, - "destination of shippment", "city" }, - { "weight", 'w', arg_integer, &weight, - "weight of shippment", "tons" }, - { "catalog", 'c', arg_negative_flag, &include_catalog, - "include product catalog" }, - { "help", 'h', arg_flag, &help_flag } -}; - -int num_args = sizeof(args) / sizeof(args[0]); /* number of elements in args */ - -const char *progname = "ship++"; - -int -main(int argc, char **argv) -{ - int optind = 0; - if (getarg(args, num_args, argc, argv, &optind)) { - arg_printusage(args, num_args, progname, "stuff..."); - exit (1); - } - if (help_flag) { - arg_printusage(args, num_args, progname, "stuff..."); - exit (0); - } - if (destination == NULL) { - fprintf(stderr, "%s: must specify destination\en", progname); - exit(1); - } - if (strcmp(source, destination) == 0) { - fprintf(stderr, "%s: destination must be different from source\en"); - exit(1); - } - /* include more stuff here ... */ - exit(2); -} -.Ed -.Pp -The output help output from this program looks like this: -.Bd -literal -$ ship++ --help -Usage: ship++ [--source=city] [-s city] [--destination=city] [-d city] - [--weight=tons] [-w tons] [--no-catalog] [-c] [--help] [-h] stuff... --s city, --source=city source of shippment --d city, --destination=city destination of shippment --w tons, --weight=tons weight of shippment --c, --no-catalog include product catalog -.Ed -.Sh BUGS -It should be more flexible, so it would be possible to use other more -complicated option syntaxes, such as what -.Xr ps 1 , -and -.Xr tar 1 , -uses, or the AFS model where you can skip the flag names as long as -the options come in the correct order. -.Pp -Options with multiple arguments should be handled better. -.Pp -Should be integreated with SL. -.Pp -It's very confusing that the struct you pass in is called getargS. -.Sh SEE ALSO -.Xr getopt 3 diff --git a/crypto/kerberosIV/lib/roken/getarg.c b/crypto/kerberosIV/lib/roken/getarg.c deleted file mode 100644 index 505e41867ad6..000000000000 --- a/crypto/kerberosIV/lib/roken/getarg.c +++ /dev/null @@ -1,547 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getarg.c,v 1.32 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include -#include -#include "getarg.h" - -#define ISFLAG(X) ((X).type == arg_flag || (X).type == arg_negative_flag) - -static size_t -print_arg (char *string, size_t len, int mdoc, int longp, struct getargs *arg) -{ - const char *s; - - *string = '\0'; - - if (ISFLAG(*arg) || (!longp && arg->type == arg_counter)) - return 0; - - if(mdoc){ - if(longp) - strlcat(string, "= Ns", len); - strlcat(string, " Ar ", len); - }else - if (longp) - strlcat (string, "=", len); - else - strlcat (string, " ", len); - - if (arg->arg_help) - s = arg->arg_help; - else if (arg->type == arg_integer || arg->type == arg_counter) - s = "integer"; - else if (arg->type == arg_string) - s = "string"; - else if (arg->type == arg_double) - s = "float"; - else - s = ""; - - strlcat(string, s, len); - return 1 + strlen(s); -} - -static void -mandoc_template(struct getargs *args, - size_t num_args, - const char *progname, - const char *extra_string) -{ - int i; - char timestr[64], cmd[64]; - char buf[128]; - const char *p; - time_t t; - - printf(".\\\" Things to fix:\n"); - printf(".\\\" * correct section, and operating system\n"); - printf(".\\\" * remove Op from mandatory flags\n"); - printf(".\\\" * use better macros for arguments (like .Pa for files)\n"); - printf(".\\\"\n"); - t = time(NULL); - strftime(timestr, sizeof(timestr), "%B %e, %Y", localtime(&t)); - printf(".Dd %s\n", timestr); - p = strrchr(progname, '/'); - if(p) p++; else p = progname; - strlcpy(cmd, p, sizeof(cmd)); - strupr(cmd); - - printf(".Dt %s SECTION\n", cmd); - printf(".Os OPERATING_SYSTEM\n"); - printf(".Sh NAME\n"); - printf(".Nm %s\n", p); - printf(".Nd\n"); - printf("in search of a description\n"); - printf(".Sh SYNOPSIS\n"); - printf(".Nm\n"); - for(i = 0; i < num_args; i++){ - /* we seem to hit a limit on number of arguments if doing - short and long flags with arguments -- split on two lines */ - if(ISFLAG(args[i]) || - args[i].short_name == 0 || args[i].long_name == NULL) { - printf(".Op "); - - if(args[i].short_name) { - print_arg(buf, sizeof(buf), 1, 0, args + i); - printf("Fl %c%s", args[i].short_name, buf); - if(args[i].long_name) - printf(" | "); - } - if(args[i].long_name) { - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf("Fl -%s%s", args[i].long_name, buf); - } - printf("\n"); - } else { - print_arg(buf, sizeof(buf), 1, 0, args + i); - printf(".Oo Fl %c%s \\*(Ba Xo\n", args[i].short_name, buf); - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf(".Fl -%s%s Oc\n.Xc\n", args[i].long_name, buf); - } - /* - if(args[i].type == arg_strings) - fprintf (stderr, "..."); - */ - } - if (extra_string && *extra_string) - printf (".Ar %s\n", extra_string); - printf(".Sh DESCRIPTION\n"); - printf("Supported options:\n"); - printf(".Bl -tag -width Ds\n"); - for(i = 0; i < num_args; i++){ - printf(".It Xo\n"); - if(args[i].short_name){ - printf(".Fl %c", args[i].short_name); - print_arg(buf, sizeof(buf), 1, 0, args + i); - printf("%s", buf); - if(args[i].long_name) - printf(" Ns ,"); - printf("\n"); - } - if(args[i].long_name){ - printf(".Fl -%s", args[i].long_name); - print_arg(buf, sizeof(buf), 1, 1, args + i); - printf("%s\n", buf); - } - printf(".Xc\n"); - if(args[i].help) - printf("%s\n", args[i].help); - /* - if(args[i].type == arg_strings) - fprintf (stderr, "..."); - */ - } - printf(".El\n"); - printf(".\\\".Sh ENVIRONMENT\n"); - printf(".\\\".Sh FILES\n"); - printf(".\\\".Sh EXAMPLES\n"); - printf(".\\\".Sh DIAGNOSTICS\n"); - printf(".\\\".Sh SEE ALSO\n"); - printf(".\\\".Sh STANDARDS\n"); - printf(".\\\".Sh HISTORY\n"); - printf(".\\\".Sh AUTHORS\n"); - printf(".\\\".Sh BUGS\n"); -} - -static int -check_column(FILE *f, int col, int len, int columns) -{ - if(col + len > columns) { - fprintf(f, "\n"); - col = fprintf(f, " "); - } - return col; -} - -void -arg_printusage (struct getargs *args, - size_t num_args, - const char *progname, - const char *extra_string) -{ - int i; - size_t max_len = 0; - char buf[128]; - int col = 0, columns; - struct winsize ws; - - if (progname == NULL) - progname = __progname; - - if(getenv("GETARGMANDOC")){ - mandoc_template(args, num_args, progname, extra_string); - return; - } - if(get_window_size(2, &ws) == 0) - columns = ws.ws_col; - else - columns = 80; - col = 0; - col += fprintf (stderr, "Usage: %s", progname); - for (i = 0; i < num_args; ++i) { - size_t len = 0; - - if (args[i].long_name) { - buf[0] = '\0'; - strlcat(buf, "[--", sizeof(buf)); - len += 2; - if(args[i].type == arg_negative_flag) { - strlcat(buf, "no-", sizeof(buf)); - len += 3; - } - strlcat(buf, args[i].long_name, sizeof(buf)); - len += strlen(args[i].long_name); - len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), - 0, 1, &args[i]); - strlcat(buf, "]", sizeof(buf)); - if(args[i].type == arg_strings) - strlcat(buf, "...", sizeof(buf)); - col = check_column(stderr, col, strlen(buf) + 1, columns); - col += fprintf(stderr, " %s", buf); - } - if (args[i].short_name) { - snprintf(buf, sizeof(buf), "[-%c", args[i].short_name); - len += 2; - len += print_arg(buf + strlen(buf), sizeof(buf) - strlen(buf), - 0, 0, &args[i]); - strlcat(buf, "]", sizeof(buf)); - if(args[i].type == arg_strings) - strlcat(buf, "...", sizeof(buf)); - col = check_column(stderr, col, strlen(buf) + 1, columns); - col += fprintf(stderr, " %s", buf); - } - if (args[i].long_name && args[i].short_name) - len += 2; /* ", " */ - max_len = max(max_len, len); - } - if (extra_string) { - col = check_column(stderr, col, strlen(extra_string) + 1, columns); - fprintf (stderr, " %s\n", extra_string); - } else - fprintf (stderr, "\n"); - for (i = 0; i < num_args; ++i) { - if (args[i].help) { - size_t count = 0; - - if (args[i].short_name) { - count += fprintf (stderr, "-%c", args[i].short_name); - print_arg (buf, sizeof(buf), 0, 0, &args[i]); - count += fprintf(stderr, "%s", buf); - } - if (args[i].short_name && args[i].long_name) - count += fprintf (stderr, ", "); - if (args[i].long_name) { - count += fprintf (stderr, "--"); - if (args[i].type == arg_negative_flag) - count += fprintf (stderr, "no-"); - count += fprintf (stderr, "%s", args[i].long_name); - print_arg (buf, sizeof(buf), 0, 1, &args[i]); - count += fprintf(stderr, "%s", buf); - } - while(count++ <= max_len) - putc (' ', stderr); - fprintf (stderr, "%s\n", args[i].help); - } - } -} - -static void -add_string(getarg_strings *s, char *value) -{ - s->strings = realloc(s->strings, (s->num_strings + 1) * sizeof(*s->strings)); - s->strings[s->num_strings] = value; - s->num_strings++; -} - -static int -arg_match_long(struct getargs *args, size_t num_args, - char *argv, int argc, char **rargv, int *optind) -{ - int i; - char *optarg = NULL; - int negate = 0; - int partial_match = 0; - struct getargs *partial = NULL; - struct getargs *current = NULL; - int argv_len; - char *p; - - argv_len = strlen(argv); - p = strchr (argv, '='); - if (p != NULL) - argv_len = p - argv; - - for (i = 0; i < num_args; ++i) { - if(args[i].long_name) { - int len = strlen(args[i].long_name); - char *p = argv; - int p_len = argv_len; - negate = 0; - - for (;;) { - if (strncmp (args[i].long_name, p, p_len) == 0) { - if(p_len == len) - current = &args[i]; - else { - ++partial_match; - partial = &args[i]; - } - optarg = p + p_len; - } else if (ISFLAG(args[i]) && strncmp (p, "no-", 3) == 0) { - negate = !negate; - p += 3; - p_len -= 3; - continue; - } - break; - } - if (current) - break; - } - } - if (current == NULL) { - if (partial_match == 1) - current = partial; - else - return ARG_ERR_NO_MATCH; - } - - if(*optarg == '\0' - && !ISFLAG(*current) - && current->type != arg_collect - && current->type != arg_counter) - return ARG_ERR_NO_MATCH; - switch(current->type){ - case arg_integer: - { - int tmp; - if(sscanf(optarg + 1, "%d", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(int*)current->value = tmp; - return 0; - } - case arg_string: - { - *(char**)current->value = optarg + 1; - return 0; - } - case arg_strings: - { - add_string((getarg_strings*)current->value, optarg + 1); - return 0; - } - case arg_flag: - case arg_negative_flag: - { - int *flag = current->value; - if(*optarg == '\0' || - strcmp(optarg + 1, "yes") == 0 || - strcmp(optarg + 1, "true") == 0){ - *flag = !negate; - return 0; - } else if (*optarg && strcmp(optarg + 1, "maybe") == 0) { - *flag = rand() & 1; - } else { - *flag = negate; - return 0; - } - return ARG_ERR_BAD_ARG; - } - case arg_counter : - { - int val; - - if (*optarg == '\0') - val = 1; - else { - char *endstr; - - val = strtol (optarg, &endstr, 0); - if (endstr == optarg) - return ARG_ERR_BAD_ARG; - } - *(int *)current->value += val; - return 0; - } - case arg_double: - { - double tmp; - if(sscanf(optarg + 1, "%lf", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(double*)current->value = tmp; - return 0; - } - case arg_collect:{ - struct getarg_collect_info *c = current->value; - int o = argv - rargv[*optind]; - return (*c->func)(FALSE, argc, rargv, optind, &o, c->data); - } - - default: - abort (); - } -} - -static int -arg_match_short (struct getargs *args, size_t num_args, - char *argv, int argc, char **rargv, int *optind) -{ - int j, k; - - for(j = 1; j > 0 && j < strlen(rargv[*optind]); j++) { - for(k = 0; k < num_args; k++) { - char *optarg; - - if(args[k].short_name == 0) - continue; - if(argv[j] == args[k].short_name) { - if(args[k].type == arg_flag) { - *(int*)args[k].value = 1; - break; - } - if(args[k].type == arg_negative_flag) { - *(int*)args[k].value = 0; - break; - } - if(args[k].type == arg_counter) { - ++*(int *)args[k].value; - break; - } - if(args[k].type == arg_collect) { - struct getarg_collect_info *c = args[k].value; - - if((*c->func)(TRUE, argc, rargv, optind, &j, c->data)) - return ARG_ERR_BAD_ARG; - break; - } - - if(argv[j + 1]) - optarg = &argv[j + 1]; - else { - ++*optind; - optarg = rargv[*optind]; - } - if(optarg == NULL) - return ARG_ERR_NO_ARG; - if(args[k].type == arg_integer) { - int tmp; - if(sscanf(optarg, "%d", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(int*)args[k].value = tmp; - return 0; - } else if(args[k].type == arg_string) { - *(char**)args[k].value = optarg; - return 0; - } else if(args[k].type == arg_strings) { - add_string((getarg_strings*)args[k].value, optarg); - return 0; - } else if(args[k].type == arg_double) { - double tmp; - if(sscanf(optarg, "%lf", &tmp) != 1) - return ARG_ERR_BAD_ARG; - *(double*)args[k].value = tmp; - return 0; - } - return ARG_ERR_BAD_ARG; - } - } - if (k == num_args) - return ARG_ERR_NO_MATCH; - } - return 0; -} - -int -getarg(struct getargs *args, size_t num_args, - int argc, char **argv, int *optind) -{ - int i; - int ret = 0; - - srand (time(NULL)); - (*optind)++; - for(i = *optind; i < argc; i++) { - if(argv[i][0] != '-') - break; - if(argv[i][1] == '-'){ - if(argv[i][2] == 0){ - i++; - break; - } - ret = arg_match_long (args, num_args, argv[i] + 2, - argc, argv, &i); - } else { - ret = arg_match_short (args, num_args, argv[i], - argc, argv, &i); - } - if(ret) - break; - } - *optind = i; - return ret; -} - -#if TEST -int foo_flag = 2; -int flag1 = 0; -int flag2 = 0; -int bar_int; -char *baz_string; - -struct getargs args[] = { - { NULL, '1', arg_flag, &flag1, "one", NULL }, - { NULL, '2', arg_flag, &flag2, "two", NULL }, - { "foo", 'f', arg_negative_flag, &foo_flag, "foo", NULL }, - { "bar", 'b', arg_integer, &bar_int, "bar", "seconds"}, - { "baz", 'x', arg_string, &baz_string, "baz", "name" }, -}; - -int main(int argc, char **argv) -{ - int optind = 0; - while(getarg(args, 5, argc, argv, &optind)) - printf("Bad arg: %s\n", argv[optind]); - printf("flag1 = %d\n", flag1); - printf("flag2 = %d\n", flag2); - printf("foo_flag = %d\n", foo_flag); - printf("bar_int = %d\n", bar_int); - printf("baz_flag = %s\n", baz_string); - arg_printusage (args, 5, argv[0], "nothing here"); -} -#endif diff --git a/crypto/kerberosIV/lib/roken/getarg.h b/crypto/kerberosIV/lib/roken/getarg.h deleted file mode 100644 index 7fd374bba53d..000000000000 --- a/crypto/kerberosIV/lib/roken/getarg.h +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1997, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: getarg.h,v 1.10 1999/12/02 16:58:46 joda Exp $ */ - -#ifndef __GETARG_H__ -#define __GETARG_H__ - -#include - -struct getargs{ - const char *long_name; - char short_name; - enum { arg_integer, - arg_string, - arg_flag, - arg_negative_flag, - arg_strings, - arg_double, - arg_collect, - arg_counter - } type; - void *value; - const char *help; - const char *arg_help; -}; - -enum { - ARG_ERR_NO_MATCH = 1, - ARG_ERR_BAD_ARG, - ARG_ERR_NO_ARG -}; - -typedef struct getarg_strings { - int num_strings; - char **strings; -} getarg_strings; - -typedef int (*getarg_collect_func)(int short_opt, - int argc, - char **argv, - int *optind, - int *optarg, - void *data); - -typedef struct getarg_collect_info { - getarg_collect_func func; - void *data; -} getarg_collect_info; - -int getarg(struct getargs *args, size_t num_args, - int argc, char **argv, int *optind); - -void arg_printusage (struct getargs *args, - size_t num_args, - const char *progname, - const char *extra_string); - -#endif /* __GETARG_H__ */ diff --git a/crypto/kerberosIV/lib/roken/getcap.c b/crypto/kerberosIV/lib/roken/getcap.c deleted file mode 100644 index 997fabf253cd..000000000000 --- a/crypto/kerberosIV/lib/roken/getcap.c +++ /dev/null @@ -1,1118 +0,0 @@ -/* $NetBSD: getcap.c,v 1.29 1999/03/29 09:27:29 abs Exp $ */ - -/*- - * Copyright (c) 1992, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Casey Leedom of Lawrence Livermore National Laboratory. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" -RCSID("$Id: getcap.c,v 1.7 1999/11/17 21:11:58 assar Exp $"); - -#include -#include -#if defined(HAVE_DB_185_H) -#include -#elif defined(HAVE_DB_H) -#include -#endif -#include -#include -#include -#include -#include -#include -#include - -#define BFRAG 1024 -#if 0 -#define BSIZE 1024 -#endif -#define ESC ('[' & 037) /* ASCII ESC */ -#define MAX_RECURSION 32 /* maximum getent recursion */ -#define SFRAG 100 /* cgetstr mallocs in SFRAG chunks */ - -#define RECOK (char)0 -#define TCERR (char)1 -#define SHADOW (char)2 - -static size_t topreclen; /* toprec length */ -static char *toprec; /* Additional record specified by cgetset() */ -static int gottoprec; /* Flag indicating retrieval of toprecord */ - -#if defined(HAVE_DBOPEN) && defined(HAVE_DB_H) -#define USE_DB -#endif - -#ifdef USE_DB -static int cdbget (DB *, char **, const char *); -#endif -static int getent (char **, size_t *, char **, int, const char *, int, char *); -static int nfcmp (char *, char *); - - -int cgetset(const char *ent); -char *cgetcap(char *buf, const char *cap, int type); -int cgetent(char **buf, char **db_array, const char *name); -int cgetmatch(const char *buf, const char *name); -int cgetclose(void); -#if 0 -int cgetfirst(char **buf, char **db_array); -int cgetnext(char **bp, char **db_array); -#endif -int cgetstr(char *buf, const char *cap, char **str); -int cgetustr(char *buf, const char *cap, char **str); -int cgetnum(char *buf, const char *cap, long *num); -/* - * Cgetset() allows the addition of a user specified buffer to be added - * to the database array, in effect "pushing" the buffer on top of the - * virtual database. 0 is returned on success, -1 on failure. - */ -int -cgetset(const char *ent) -{ - const char *source, *check; - char *dest; - - if (ent == NULL) { - if (toprec) - free(toprec); - toprec = NULL; - topreclen = 0; - return (0); - } - topreclen = strlen(ent); - if ((toprec = malloc (topreclen + 1)) == NULL) { - errno = ENOMEM; - return (-1); - } - gottoprec = 0; - - source=ent; - dest=toprec; - while (*source) { /* Strip whitespace */ - *dest++ = *source++; /* Do not check first field */ - while (*source == ':') { - check=source+1; - while (*check && (isspace((unsigned char)*check) || - (*check=='\\' && isspace((unsigned char)check[1])))) - ++check; - if( *check == ':' ) - source=check; - else - break; - - } - } - *dest=0; - - return (0); -} - -/* - * Cgetcap searches the capability record buf for the capability cap with - * type `type'. A pointer to the value of cap is returned on success, NULL - * if the requested capability couldn't be found. - * - * Specifying a type of ':' means that nothing should follow cap (:cap:). - * In this case a pointer to the terminating ':' or NUL will be returned if - * cap is found. - * - * If (cap, '@') or (cap, terminator, '@') is found before (cap, terminator) - * return NULL. - */ -char * -cgetcap(char *buf, const char *cap, int type) -{ - char *bp; - const char *cp; - - bp = buf; - for (;;) { - /* - * Skip past the current capability field - it's either the - * name field if this is the first time through the loop, or - * the remainder of a field whose name failed to match cap. - */ - for (;;) - if (*bp == '\0') - return (NULL); - else - if (*bp++ == ':') - break; - - /* - * Try to match (cap, type) in buf. - */ - for (cp = cap; *cp == *bp && *bp != '\0'; cp++, bp++) - continue; - if (*cp != '\0') - continue; - if (*bp == '@') - return (NULL); - if (type == ':') { - if (*bp != '\0' && *bp != ':') - continue; - return(bp); - } - if (*bp != type) - continue; - bp++; - return (*bp == '@' ? NULL : bp); - } - /* NOTREACHED */ -} - -/* - * Cgetent extracts the capability record name from the NULL terminated file - * array db_array and returns a pointer to a malloc'd copy of it in buf. - * Buf must be retained through all subsequent calls to cgetcap, cgetnum, - * cgetflag, and cgetstr, but may then be free'd. 0 is returned on success, - * -1 if the requested record couldn't be found, -2 if a system error was - * encountered (couldn't open/read a file, etc.), and -3 if a potential - * reference loop is detected. - */ -int -cgetent(char **buf, char **db_array, const char *name) -{ - size_t dummy; - - return (getent(buf, &dummy, db_array, -1, name, 0, NULL)); -} - -/* - * Getent implements the functions of cgetent. If fd is non-negative, - * *db_array has already been opened and fd is the open file descriptor. We - * do this to save time and avoid using up file descriptors for tc= - * recursions. - * - * Getent returns the same success/failure codes as cgetent. On success, a - * pointer to a malloc'ed capability record with all tc= capabilities fully - * expanded and its length (not including trailing ASCII NUL) are left in - * *cap and *len. - * - * Basic algorithm: - * + Allocate memory incrementally as needed in chunks of size BFRAG - * for capability buffer. - * + Recurse for each tc=name and interpolate result. Stop when all - * names interpolated, a name can't be found, or depth exceeds - * MAX_RECURSION. - */ -static int -getent(char **cap, size_t *len, char **db_array, int fd, - const char *name, int depth, char *nfield) -{ - char *r_end, *rp = NULL, **db_p; /* pacify gcc */ - int myfd = 0, eof, foundit; - char *record; - int tc_not_resolved; - - /* - * Return with ``loop detected'' error if we've recursed more than - * MAX_RECURSION times. - */ - if (depth > MAX_RECURSION) - return (-3); - - /* - * Check if we have a top record from cgetset(). - */ - if (depth == 0 && toprec != NULL && cgetmatch(toprec, name) == 0) { - if ((record = malloc (topreclen + BFRAG)) == NULL) { - errno = ENOMEM; - return (-2); - } - (void)strcpy(record, toprec); /* XXX: strcpy is safe */ - db_p = db_array; - rp = record + topreclen + 1; - r_end = rp + BFRAG; - goto tc_exp; - } - /* - * Allocate first chunk of memory. - */ - if ((record = malloc(BFRAG)) == NULL) { - errno = ENOMEM; - return (-2); - } - r_end = record + BFRAG; - foundit = 0; - /* - * Loop through database array until finding the record. - */ - - for (db_p = db_array; *db_p != NULL; db_p++) { - eof = 0; - - /* - * Open database if not already open. - */ - - if (fd >= 0) { - (void)lseek(fd, (off_t)0, SEEK_SET); - } else { -#ifdef USE_DB - char pbuf[_POSIX_PATH_MAX]; - char *cbuf; - size_t clen; - int retval; - DB *capdbp; - - (void)snprintf(pbuf, sizeof(pbuf), "%s.db", *db_p); - if ((capdbp = dbopen(pbuf, O_RDONLY, 0, DB_HASH, 0)) - != NULL) { - free(record); - retval = cdbget(capdbp, &record, name); - if (retval < 0) { - /* no record available */ - (void)capdbp->close(capdbp); - return (retval); - } - /* save the data; close frees it */ - clen = strlen(record); - cbuf = malloc(clen + 1); - memmove(cbuf, record, clen + 1); - if (capdbp->close(capdbp) < 0) { - free(cbuf); - return (-2); - } - *len = clen; - *cap = cbuf; - return (retval); - } else -#endif - { - fd = open(*db_p, O_RDONLY, 0); - if (fd < 0) { - /* No error on unfound file. */ - continue; - } - myfd = 1; - } - } - /* - * Find the requested capability record ... - */ - { - char buf[BUFSIZ]; - char *b_end, *bp, *cp; - int c, slash; - - /* - * Loop invariants: - * There is always room for one more character in record. - * R_end always points just past end of record. - * Rp always points just past last character in record. - * B_end always points just past last character in buf. - * Bp always points at next character in buf. - * Cp remembers where the last colon was. - */ - b_end = buf; - bp = buf; - cp = 0; - slash = 0; - for (;;) { - - /* - * Read in a line implementing (\, newline) - * line continuation. - */ - rp = record; - for (;;) { - if (bp >= b_end) { - int n; - - n = read(fd, buf, sizeof(buf)); - if (n <= 0) { - if (myfd) - (void)close(fd); - if (n < 0) { - free(record); - return (-2); - } else { - fd = -1; - eof = 1; - break; - } - } - b_end = buf+n; - bp = buf; - } - - c = *bp++; - if (c == '\n') { - if (slash) { - slash = 0; - rp--; - continue; - } else - break; - } - if (slash) { - slash = 0; - cp = 0; - } - if (c == ':') { - /* - * If the field was `empty' (i.e. - * contained only white space), back up - * to the colon (eliminating the - * field). - */ - if (cp) - rp = cp; - else - cp = rp; - } else if (c == '\\') { - slash = 1; - } else if (c != ' ' && c != '\t') { - /* - * Forget where the colon was, as this - * is not an empty field. - */ - cp = 0; - } - *rp++ = c; - - /* - * Enforce loop invariant: if no room - * left in record buffer, try to get - * some more. - */ - if (rp >= r_end) { - u_int pos; - size_t newsize; - - pos = rp - record; - newsize = r_end - record + BFRAG; - record = realloc(record, newsize); - if (record == NULL) { - errno = ENOMEM; - if (myfd) - (void)close(fd); - return (-2); - } - r_end = record + newsize; - rp = record + pos; - } - } - /* Eliminate any white space after the last colon. */ - if (cp) - rp = cp + 1; - /* Loop invariant lets us do this. */ - *rp++ = '\0'; - - /* - * If encountered eof check next file. - */ - if (eof) - break; - - /* - * Toss blank lines and comments. - */ - if (*record == '\0' || *record == '#') - continue; - - /* - * See if this is the record we want ... - */ - if (cgetmatch(record, name) == 0) { - if (nfield == NULL || !nfcmp(nfield, record)) { - foundit = 1; - break; /* found it! */ - } - } - } - } - if (foundit) - break; - } - - if (!foundit) - return (-1); - - /* - * Got the capability record, but now we have to expand all tc=name - * references in it ... - */ - tc_exp: { - char *newicap, *s; - size_t ilen, newilen; - int diff, iret, tclen; - char *icap, *scan, *tc, *tcstart, *tcend; - - /* - * Loop invariants: - * There is room for one more character in record. - * R_end points just past end of record. - * Rp points just past last character in record. - * Scan points at remainder of record that needs to be - * scanned for tc=name constructs. - */ - scan = record; - tc_not_resolved = 0; - for (;;) { - if ((tc = cgetcap(scan, "tc", '=')) == NULL) - break; - - /* - * Find end of tc=name and stomp on the trailing `:' - * (if present) so we can use it to call ourselves. - */ - s = tc; - for (;;) - if (*s == '\0') - break; - else - if (*s++ == ':') { - *(s - 1) = '\0'; - break; - } - tcstart = tc - 3; - tclen = s - tcstart; - tcend = s; - - iret = getent(&icap, &ilen, db_p, fd, tc, depth+1, - NULL); - newicap = icap; /* Put into a register. */ - newilen = ilen; - if (iret != 0) { - /* an error */ - if (iret < -1) { - if (myfd) - (void)close(fd); - free(record); - return (iret); - } - if (iret == 1) - tc_not_resolved = 1; - /* couldn't resolve tc */ - if (iret == -1) { - *(s - 1) = ':'; - scan = s - 1; - tc_not_resolved = 1; - continue; - - } - } - /* not interested in name field of tc'ed record */ - s = newicap; - for (;;) - if (*s == '\0') - break; - else - if (*s++ == ':') - break; - newilen -= s - newicap; - newicap = s; - - /* make sure interpolated record is `:'-terminated */ - s += newilen; - if (*(s-1) != ':') { - *s = ':'; /* overwrite NUL with : */ - newilen++; - } - - /* - * Make sure there's enough room to insert the - * new record. - */ - diff = newilen - tclen; - if (diff >= r_end - rp) { - u_int pos, tcpos, tcposend; - size_t newsize; - - pos = rp - record; - newsize = r_end - record + diff + BFRAG; - tcpos = tcstart - record; - tcposend = tcend - record; - record = realloc(record, newsize); - if (record == NULL) { - errno = ENOMEM; - if (myfd) - (void)close(fd); - free(icap); - return (-2); - } - r_end = record + newsize; - rp = record + pos; - tcstart = record + tcpos; - tcend = record + tcposend; - } - - /* - * Insert tc'ed record into our record. - */ - s = tcstart + newilen; - memmove(s, tcend, (size_t)(rp - tcend)); - memmove(tcstart, newicap, newilen); - rp += diff; - free(icap); - - /* - * Start scan on `:' so next cgetcap works properly - * (cgetcap always skips first field). - */ - scan = s-1; - } - - } - /* - * Close file (if we opened it), give back any extra memory, and - * return capability, length and success. - */ - if (myfd) - (void)close(fd); - *len = rp - record - 1; /* don't count NUL */ - if (r_end > rp) - if ((record = - realloc(record, (size_t)(rp - record))) == NULL) { - errno = ENOMEM; - return (-2); - } - - *cap = record; - if (tc_not_resolved) - return (1); - return (0); -} - -#ifdef USE_DB -static int -cdbget(DB *capdbp, char **bp, const char *name) -{ - DBT key; - DBT data; - - /* LINTED key is not modified */ - key.data = (char *)name; - key.size = strlen(name); - - for (;;) { - /* Get the reference. */ - switch(capdbp->get(capdbp, &key, &data, 0)) { - case -1: - return (-2); - case 1: - return (-1); - } - - /* If not an index to another record, leave. */ - if (((char *)data.data)[0] != SHADOW) - break; - - key.data = (char *)data.data + 1; - key.size = data.size - 1; - } - - *bp = (char *)data.data + 1; - return (((char *)(data.data))[0] == TCERR ? 1 : 0); -} -#endif /* USE_DB */ - -/* - * Cgetmatch will return 0 if name is one of the names of the capability - * record buf, -1 if not. - */ -int -cgetmatch(const char *buf, const char *name) -{ - const char *np, *bp; - - /* - * Start search at beginning of record. - */ - bp = buf; - for (;;) { - /* - * Try to match a record name. - */ - np = name; - for (;;) - if (*np == '\0') { - if (*bp == '|' || *bp == ':' || *bp == '\0') - return (0); - else - break; - } else - if (*bp++ != *np++) - break; - - /* - * Match failed, skip to next name in record. - */ - bp--; /* a '|' or ':' may have stopped the match */ - for (;;) - if (*bp == '\0' || *bp == ':') - return (-1); /* match failed totally */ - else - if (*bp++ == '|') - break; /* found next name */ - } -} - -#if 0 -int -cgetfirst(char **buf, char **db_array) -{ - (void)cgetclose(); - return (cgetnext(buf, db_array)); -} -#endif - -static FILE *pfp; -static int slash; -static char **dbp; - -int -cgetclose(void) -{ - if (pfp != NULL) { - (void)fclose(pfp); - pfp = NULL; - } - dbp = NULL; - gottoprec = 0; - slash = 0; - return(0); -} - -#if 0 -/* - * Cgetnext() gets either the first or next entry in the logical database - * specified by db_array. It returns 0 upon completion of the database, 1 - * upon returning an entry with more remaining, and -1 if an error occurs. - */ -int -cgetnext(char **bp, char **db_array) -{ - size_t len; - int status, done; - char *cp, *line, *rp, *np, buf[BSIZE], nbuf[BSIZE]; - size_t dummy; - - if (dbp == NULL) - dbp = db_array; - - if (pfp == NULL && (pfp = fopen(*dbp, "r")) == NULL) { - (void)cgetclose(); - return (-1); - } - for(;;) { - if (toprec && !gottoprec) { - gottoprec = 1; - line = toprec; - } else { - line = fgetln(pfp, &len); - if (line == NULL && pfp) { - if (ferror(pfp)) { - (void)cgetclose(); - return (-1); - } else { - (void)fclose(pfp); - pfp = NULL; - if (*++dbp == NULL) { - (void)cgetclose(); - return (0); - } else if ((pfp = - fopen(*dbp, "r")) == NULL) { - (void)cgetclose(); - return (-1); - } else - continue; - } - } else - line[len - 1] = '\0'; - if (len == 1) { - slash = 0; - continue; - } - if (isspace((unsigned char)*line) || - *line == ':' || *line == '#' || slash) { - if (line[len - 2] == '\\') - slash = 1; - else - slash = 0; - continue; - } - if (line[len - 2] == '\\') - slash = 1; - else - slash = 0; - } - - - /* - * Line points to a name line. - */ - done = 0; - np = nbuf; - for (;;) { - for (cp = line; *cp != '\0'; cp++) { - if (*cp == ':') { - *np++ = ':'; - done = 1; - break; - } - if (*cp == '\\') - break; - *np++ = *cp; - } - if (done) { - *np = '\0'; - break; - } else { /* name field extends beyond the line */ - line = fgetln(pfp, &len); - if (line == NULL && pfp) { - if (ferror(pfp)) { - (void)cgetclose(); - return (-1); - } - (void)fclose(pfp); - pfp = NULL; - *np = '\0'; - break; - } else - line[len - 1] = '\0'; - } - } - rp = buf; - for(cp = nbuf; *cp != '\0'; cp++) - if (*cp == '|' || *cp == ':') - break; - else - *rp++ = *cp; - - *rp = '\0'; - /* - * XXX - * Last argument of getent here should be nbuf if we want true - * sequential access in the case of duplicates. - * With NULL, getent will return the first entry found - * rather than the duplicate entry record. This is a - * matter of semantics that should be resolved. - */ - status = getent(bp, &dummy, db_array, -1, buf, 0, NULL); - if (status == -2 || status == -3) - (void)cgetclose(); - - return (status + 1); - } - /* NOTREACHED */ -} -#endif - -/* - * Cgetstr retrieves the value of the string capability cap from the - * capability record pointed to by buf. A pointer to a decoded, NUL - * terminated, malloc'd copy of the string is returned in the char * - * pointed to by str. The length of the string not including the trailing - * NUL is returned on success, -1 if the requested string capability - * couldn't be found, -2 if a system error was encountered (storage - * allocation failure). - */ -int -cgetstr(char *buf, const char *cap, char **str) -{ - u_int m_room; - const char *bp; - char *mp; - int len; - char *mem; - - /* - * Find string capability cap - */ - bp = cgetcap(buf, cap, '='); - if (bp == NULL) - return (-1); - - /* - * Conversion / storage allocation loop ... Allocate memory in - * chunks SFRAG in size. - */ - if ((mem = malloc(SFRAG)) == NULL) { - errno = ENOMEM; - return (-2); /* couldn't even allocate the first fragment */ - } - m_room = SFRAG; - mp = mem; - - while (*bp != ':' && *bp != '\0') { - /* - * Loop invariants: - * There is always room for one more character in mem. - * Mp always points just past last character in mem. - * Bp always points at next character in buf. - */ - if (*bp == '^') { - bp++; - if (*bp == ':' || *bp == '\0') - break; /* drop unfinished escape */ - *mp++ = *bp++ & 037; - } else if (*bp == '\\') { - bp++; - if (*bp == ':' || *bp == '\0') - break; /* drop unfinished escape */ - if ('0' <= *bp && *bp <= '7') { - int n, i; - - n = 0; - i = 3; /* maximum of three octal digits */ - do { - n = n * 8 + (*bp++ - '0'); - } while (--i && '0' <= *bp && *bp <= '7'); - *mp++ = n; - } - else switch (*bp++) { - case 'b': case 'B': - *mp++ = '\b'; - break; - case 't': case 'T': - *mp++ = '\t'; - break; - case 'n': case 'N': - *mp++ = '\n'; - break; - case 'f': case 'F': - *mp++ = '\f'; - break; - case 'r': case 'R': - *mp++ = '\r'; - break; - case 'e': case 'E': - *mp++ = ESC; - break; - case 'c': case 'C': - *mp++ = ':'; - break; - default: - /* - * Catches '\', '^', and - * everything else. - */ - *mp++ = *(bp-1); - break; - } - } else - *mp++ = *bp++; - m_room--; - - /* - * Enforce loop invariant: if no room left in current - * buffer, try to get some more. - */ - if (m_room == 0) { - size_t size = mp - mem; - - if ((mem = realloc(mem, size + SFRAG)) == NULL) - return (-2); - m_room = SFRAG; - mp = mem + size; - } - } - *mp++ = '\0'; /* loop invariant let's us do this */ - m_room--; - len = mp - mem - 1; - - /* - * Give back any extra memory and return value and success. - */ - if (m_room != 0) - if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) - return (-2); - *str = mem; - return (len); -} - -/* - * Cgetustr retrieves the value of the string capability cap from the - * capability record pointed to by buf. The difference between cgetustr() - * and cgetstr() is that cgetustr does not decode escapes but rather treats - * all characters literally. A pointer to a NUL terminated malloc'd - * copy of the string is returned in the char pointed to by str. The - * length of the string not including the trailing NUL is returned on success, - * -1 if the requested string capability couldn't be found, -2 if a system - * error was encountered (storage allocation failure). - */ -int -cgetustr(char *buf, const char *cap, char **str) -{ - u_int m_room; - const char *bp; - char *mp; - int len; - char *mem; - - /* - * Find string capability cap - */ - if ((bp = cgetcap(buf, cap, '=')) == NULL) - return (-1); - - /* - * Conversion / storage allocation loop ... Allocate memory in - * chunks SFRAG in size. - */ - if ((mem = malloc(SFRAG)) == NULL) { - errno = ENOMEM; - return (-2); /* couldn't even allocate the first fragment */ - } - m_room = SFRAG; - mp = mem; - - while (*bp != ':' && *bp != '\0') { - /* - * Loop invariants: - * There is always room for one more character in mem. - * Mp always points just past last character in mem. - * Bp always points at next character in buf. - */ - *mp++ = *bp++; - m_room--; - - /* - * Enforce loop invariant: if no room left in current - * buffer, try to get some more. - */ - if (m_room == 0) { - size_t size = mp - mem; - - if ((mem = realloc(mem, size + SFRAG)) == NULL) - return (-2); - m_room = SFRAG; - mp = mem + size; - } - } - *mp++ = '\0'; /* loop invariant let's us do this */ - m_room--; - len = mp - mem - 1; - - /* - * Give back any extra memory and return value and success. - */ - if (m_room != 0) - if ((mem = realloc(mem, (size_t)(mp - mem))) == NULL) - return (-2); - *str = mem; - return (len); -} - -/* - * Cgetnum retrieves the value of the numeric capability cap from the - * capability record pointed to by buf. The numeric value is returned in - * the long pointed to by num. 0 is returned on success, -1 if the requested - * numeric capability couldn't be found. - */ -int -cgetnum(char *buf, const char *cap, long *num) -{ - long n; - int base, digit; - const char *bp; - - /* - * Find numeric capability cap - */ - bp = cgetcap(buf, cap, '#'); - if (bp == NULL) - return (-1); - - /* - * Look at value and determine numeric base: - * 0x... or 0X... hexadecimal, - * else 0... octal, - * else decimal. - */ - if (*bp == '0') { - bp++; - if (*bp == 'x' || *bp == 'X') { - bp++; - base = 16; - } else - base = 8; - } else - base = 10; - - /* - * Conversion loop ... - */ - n = 0; - for (;;) { - if ('0' <= *bp && *bp <= '9') - digit = *bp - '0'; - else if ('a' <= *bp && *bp <= 'f') - digit = 10 + *bp - 'a'; - else if ('A' <= *bp && *bp <= 'F') - digit = 10 + *bp - 'A'; - else - break; - - if (digit >= base) - break; - - n = n * base + digit; - bp++; - } - - /* - * Return value and success. - */ - *num = n; - return (0); -} - - -/* - * Compare name field of record. - */ -static int -nfcmp(char *nf, char *rec) -{ - char *cp, tmp; - int ret; - - for (cp = rec; *cp != ':'; cp++) - ; - - tmp = *(cp + 1); - *(cp + 1) = '\0'; - ret = strcmp(nf, rec); - *(cp + 1) = tmp; - - return (ret); -} diff --git a/crypto/kerberosIV/lib/roken/getcwd.c b/crypto/kerberosIV/lib/roken/getcwd.c deleted file mode 100644 index c1f26100216c..000000000000 --- a/crypto/kerberosIV/lib/roken/getcwd.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getcwd.c,v 1.12 1999/12/02 16:58:46 joda Exp $"); -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#include "roken.h" - -char* -getcwd(char *path, size_t size) -{ - char xxx[MaxPathLen]; - char *ret; - ret = getwd(xxx); - if(ret) - strlcpy(path, xxx, size); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/getdtablesize.c b/crypto/kerberosIV/lib/roken/getdtablesize.c deleted file mode 100644 index 9f9c74bdc59b..000000000000 --- a/crypto/kerberosIV/lib/roken/getdtablesize.c +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getdtablesize.c,v 1.10 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include "roken.h" - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif - -#ifdef HAVE_SYS_RESOURCE_H -#include -#endif - -#ifdef HAVE_SYS_SYSCTL_H -#include -#endif - -int getdtablesize(void) -{ - int files = -1; -#if defined(HAVE_SYSCONF) && defined(_SC_OPEN_MAX) - files = sysconf(_SC_OPEN_MAX); -#else /* !defined(HAVE_SYSCONF) */ -#if defined(HAVE_GETRLIMIT) && defined(RLIMIT_NOFILE) - struct rlimit res; - if (getrlimit(RLIMIT_NOFILE, &res) == 0) - files = res.rlim_cur; -#else /* !definded(HAVE_GETRLIMIT) */ -#if defined(HAVE_SYSCTL) && defined(CTL_KERN) && defined(KERN_MAXFILES) - int mib[2]; - size_t len; - - mib[0] = CTL_KERN; - mib[1] = KERN_MAXFILES; - len = sizeof(files); - sysctl(&mib, 2, &files, sizeof(nfil), NULL, 0); -#endif /* defined(HAVE_SYSCTL) */ -#endif /* !definded(HAVE_GETRLIMIT) */ -#endif /* !defined(HAVE_SYSCONF) */ - -#ifdef OPEN_MAX - if (files < 0) - files = OPEN_MAX; -#endif - -#ifdef NOFILE - if (files < 0) - files = NOFILE; -#endif - - return files; -} diff --git a/crypto/kerberosIV/lib/roken/getegid.c b/crypto/kerberosIV/lib/roken/getegid.c deleted file mode 100644 index b6eab857e41a..000000000000 --- a/crypto/kerberosIV/lib/roken/getegid.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETEGID - -RCSID("$Id: getegid.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); - -int getegid(void) -{ - return getgid(); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/geteuid.c b/crypto/kerberosIV/lib/roken/geteuid.c deleted file mode 100644 index 4bdf531bf921..000000000000 --- a/crypto/kerberosIV/lib/roken/geteuid.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETEUID - -RCSID("$Id: geteuid.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); - -int geteuid(void) -{ - return getuid(); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/getgid.c b/crypto/kerberosIV/lib/roken/getgid.c deleted file mode 100644 index f2ca01a69982..000000000000 --- a/crypto/kerberosIV/lib/roken/getgid.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETGID - -RCSID("$Id: getgid.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); - -int getgid(void) -{ - return 17; -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/gethostname.c b/crypto/kerberosIV/lib/roken/gethostname.c deleted file mode 100644 index 753ba9f1b6b9..000000000000 --- a/crypto/kerberosIV/lib/roken/gethostname.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETHOSTNAME - -#ifdef HAVE_SYS_UTSNAME_H -#include -#endif - -/* - * Return the local host's name in "name", up to "namelen" characters. - * "name" will be null-terminated if "namelen" is big enough. - * The return code is 0 on success, -1 on failure. (The calling - * interface is identical to gethostname(2).) - */ - -int -gethostname(char *name, int namelen) -{ -#if defined(HAVE_UNAME) - { - struct utsname utsname; - int ret; - - ret = uname (&utsname); - if (ret < 0) - return ret; - strlcpy (name, utsname.nodename, namelen); - return 0; - } -#else - strlcpy (name, "some.random.host", namelen); - return 0; -#endif -} - -#endif /* GETHOSTNAME */ diff --git a/crypto/kerberosIV/lib/roken/getipnodebyaddr.c b/crypto/kerberosIV/lib/roken/getipnodebyaddr.c deleted file mode 100644 index f22aad7f73cb..000000000000 --- a/crypto/kerberosIV/lib/roken/getipnodebyaddr.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getipnodebyaddr.c,v 1.2 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include "roken.h" - -/* - * lookup `src, len' (address family `af') in DNS and return a pointer - * to a malloced struct hostent or NULL. - */ - -struct hostent * -getipnodebyaddr (const void *src, size_t len, int af, int *error_num) -{ - struct hostent *tmp; - - tmp = gethostbyaddr (src, len, af); - if (tmp == NULL) { - switch (h_errno) { - case HOST_NOT_FOUND : - case TRY_AGAIN : - case NO_RECOVERY : - *error_num = h_errno; - break; - case NO_DATA : - *error_num = NO_ADDRESS; - break; - default : - *error_num = NO_RECOVERY; - break; - } - return NULL; - } - tmp = copyhostent (tmp); - if (tmp == NULL) { - *error_num = TRY_AGAIN; - return NULL; - } - return tmp; -} diff --git a/crypto/kerberosIV/lib/roken/getipnodebyname.c b/crypto/kerberosIV/lib/roken/getipnodebyname.c deleted file mode 100644 index 576feef0aea6..000000000000 --- a/crypto/kerberosIV/lib/roken/getipnodebyname.c +++ /dev/null @@ -1,86 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: getipnodebyname.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include "roken.h" - -#ifndef HAVE_H_ERRNO -static int h_errno = NO_RECOVERY; -#endif - -/* - * lookup `name' (address family `af') in DNS and return a pointer - * to a malloced struct hostent or NULL. - */ - -struct hostent * -getipnodebyname (const char *name, int af, int flags, int *error_num) -{ - struct hostent *tmp; - -#ifdef HAVE_GETHOSTBYNAME2 - tmp = gethostbyname2 (name, af); -#else - if (af != AF_INET) { - *error_num = NO_ADDRESS; - return NULL; - } - tmp = gethostbyname (name); -#endif - if (tmp == NULL) { - switch (h_errno) { - case HOST_NOT_FOUND : - case TRY_AGAIN : - case NO_RECOVERY : - *error_num = h_errno; - break; - case NO_DATA : - *error_num = NO_ADDRESS; - break; - default : - *error_num = NO_RECOVERY; - break; - } - return NULL; - } - tmp = copyhostent (tmp); - if (tmp == NULL) { - *error_num = TRY_AGAIN; - return NULL; - } - return tmp; -} diff --git a/crypto/kerberosIV/lib/roken/getopt.c b/crypto/kerberosIV/lib/roken/getopt.c deleted file mode 100644 index 45fc35023453..000000000000 --- a/crypto/kerberosIV/lib/roken/getopt.c +++ /dev/null @@ -1,128 +0,0 @@ -/* - * Copyright (c) 1987, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#if defined(LIBC_SCCS) && !defined(lint) -static char sccsid[] = "@(#)getopt.c 8.1 (Berkeley) 6/4/93"; -#endif /* LIBC_SCCS and not lint */ - -#ifndef __STDC__ -#define const -#endif -#include -#include -#include - -/* - * get option letter from argument vector - */ -int opterr = 1, /* if error message should be printed */ - optind = 1, /* index into parent argv vector */ - optopt, /* character checked for validity */ - optreset; /* reset getopt */ -char *optarg; /* argument associated with option */ - -#define BADCH (int)'?' -#define BADARG (int)':' -#define EMSG "" - -int -getopt(nargc, nargv, ostr) - int nargc; - char * const *nargv; - const char *ostr; -{ - static char *place = EMSG; /* option letter processing */ - char *oli; /* option letter list index */ - char *p; - - if (optreset || !*place) { /* update scanning pointer */ - optreset = 0; - if (optind >= nargc || *(place = nargv[optind]) != '-') { - place = EMSG; - return(-1); - } - if (place[1] && *++place == '-') { /* found "--" */ - ++optind; - place = EMSG; - return(-1); - } - } /* option letter okay? */ - if ((optopt = (int)*place++) == (int)':' || - !(oli = strchr(ostr, optopt))) { - /* - * if the user didn't specify '-' as an option, - * assume it means -1 (EOF). - */ - if (optopt == (int)'-') - return(-1); - if (!*place) - ++optind; - if (opterr && *ostr != ':') { - if (!(p = strrchr(*nargv, '/'))) - p = *nargv; - else - ++p; - fprintf(stderr, "%s: illegal option -- %c\n", - p, optopt); - } - return(BADCH); - } - if (*++oli != ':') { /* don't need argument */ - optarg = NULL; - if (!*place) - ++optind; - } - else { /* need an argument */ - if (*place) /* no white space */ - optarg = place; - else if (nargc <= ++optind) { /* no arg */ - place = EMSG; - if (!(p = strrchr(*nargv, '/'))) - p = *nargv; - else - ++p; - if (*ostr == ':') - return(BADARG); - if (opterr) - fprintf(stderr, - "%s: option requires an argument -- %c\n", - p, optopt); - return(BADCH); - } - else /* white space */ - optarg = nargv[optind]; - place = EMSG; - ++optind; - } - return(optopt); /* dump back option letter */ -} diff --git a/crypto/kerberosIV/lib/roken/gettimeofday.c b/crypto/kerberosIV/lib/roken/gettimeofday.c deleted file mode 100644 index ec8b62f64e76..000000000000 --- a/crypto/kerberosIV/lib/roken/gettimeofday.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" -#ifndef HAVE_GETTIMEOFDAY - -RCSID("$Id: gettimeofday.c,v 1.8 1999/12/02 16:58:46 joda Exp $"); - -/* - * Simple gettimeofday that only returns seconds. - */ -int -gettimeofday (struct timeval *tp, void *ignore) -{ - time_t t; - - t = time(NULL); - tp->tv_sec = t; - tp->tv_usec = 0; - return 0; -} -#endif diff --git a/crypto/kerberosIV/lib/roken/getuid.c b/crypto/kerberosIV/lib/roken/getuid.c deleted file mode 100644 index 6ebce0a810cd..000000000000 --- a/crypto/kerberosIV/lib/roken/getuid.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_GETUID - -RCSID("$Id: getuid.c,v 1.3 1999/12/02 16:58:46 joda Exp $"); - -int getuid(void) -{ - return 17; -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/getusershell.c b/crypto/kerberosIV/lib/roken/getusershell.c deleted file mode 100644 index 87a48ece19b5..000000000000 --- a/crypto/kerberosIV/lib/roken/getusershell.c +++ /dev/null @@ -1,160 +0,0 @@ -/* - * Copyright (c) 1985, 1993 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -RCSID("$Id: getusershell.c,v 1.8 1997/04/20 06:18:03 assar Exp $"); - -#ifndef HAVE_GETUSERSHELL - -#include -#include -#ifdef HAVE_PATHS_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_SYS_PARAM_H -#include -#endif - -#ifndef _PATH_SHELLS -#define _PATH_SHELLS "/etc/shells" -#endif - -#ifndef _PATH_BSHELL -#define _PATH_BSHELL "/bin/sh" -#endif - -#ifndef _PATH_CSHELL -#define _PATH_CSHELL "/bin/csh" -#endif - -/* - * Local shells should NOT be added here. They should be added in - * /etc/shells. - */ - -static char *okshells[] = { _PATH_BSHELL, _PATH_CSHELL, NULL }; -static char **curshell, **shells, *strings; -static char **initshells (void); - -/* - * Get a list of shells from _PATH_SHELLS, if it exists. - */ -char * -getusershell() -{ - char *ret; - - if (curshell == NULL) - curshell = initshells(); - ret = *curshell; - if (ret != NULL) - curshell++; - return (ret); -} - -void -endusershell() -{ - - if (shells != NULL) - free(shells); - shells = NULL; - if (strings != NULL) - free(strings); - strings = NULL; - curshell = NULL; -} - -void -setusershell() -{ - - curshell = initshells(); -} - -static char ** -initshells() -{ - char **sp, *cp; - FILE *fp; - struct stat statb; - - if (shells != NULL) - free(shells); - shells = NULL; - if (strings != NULL) - free(strings); - strings = NULL; - if ((fp = fopen(_PATH_SHELLS, "r")) == NULL) - return (okshells); - if (fstat(fileno(fp), &statb) == -1) { - fclose(fp); - return (okshells); - } - if ((strings = malloc((u_int)statb.st_size)) == NULL) { - fclose(fp); - return (okshells); - } - shells = calloc((unsigned)statb.st_size / 3, sizeof (char *)); - if (shells == NULL) { - fclose(fp); - free(strings); - strings = NULL; - return (okshells); - } - sp = shells; - cp = strings; - while (fgets(cp, MaxPathLen + 1, fp) != NULL) { - while (*cp != '#' && *cp != '/' && *cp != '\0') - cp++; - if (*cp == '#' || *cp == '\0') - continue; - *sp++ = cp; - while (!isspace(*cp) && *cp != '#' && *cp != '\0') - cp++; - *cp++ = '\0'; - } - *sp = NULL; - fclose(fp); - return (shells); -} -#endif /* HAVE_GETUSERSHELL */ diff --git a/crypto/kerberosIV/lib/roken/glob.c b/crypto/kerberosIV/lib/roken/glob.c deleted file mode 100644 index 66e8ec6db8cb..000000000000 --- a/crypto/kerberosIV/lib/roken/glob.c +++ /dev/null @@ -1,835 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* - * glob(3) -- a superset of the one defined in POSIX 1003.2. - * - * The [!...] convention to negate a range is supported (SysV, Posix, ksh). - * - * Optional extra services, controlled by flags not defined by POSIX: - * - * GLOB_QUOTE: - * Escaping convention: \ inhibits any special meaning the following - * character might have (except \ at end of string is retained). - * GLOB_MAGCHAR: - * Set in gl_flags if pattern contained a globbing character. - * GLOB_NOMAGIC: - * Same as GLOB_NOCHECK, but it will only append pattern if it did - * not contain any magic characters. [Used in csh style globbing] - * GLOB_ALTDIRFUNC: - * Use alternately specified directory access functions. - * GLOB_TILDE: - * expand ~user/foo to the /home/dir/of/user/foo - * GLOB_BRACE: - * expand {1,2}{a,b} to 1a 1b 2a 2b - * gl_matchc: - * Number of matches in the current invocation of glob. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif - -#include -#ifdef HAVE_DIRENT_H -#include -#endif -#include -#ifdef HAVE_PWD_H -#include -#endif -#include -#include -#include -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "glob.h" -#include "roken.h" - -#define CHAR_DOLLAR '$' -#define CHAR_DOT '.' -#define CHAR_EOS '\0' -#define CHAR_LBRACKET '[' -#define CHAR_NOT '!' -#define CHAR_QUESTION '?' -#define CHAR_QUOTE '\\' -#define CHAR_RANGE '-' -#define CHAR_RBRACKET ']' -#define CHAR_SEP '/' -#define CHAR_STAR '*' -#define CHAR_TILDE '~' -#define CHAR_UNDERSCORE '_' -#define CHAR_LBRACE '{' -#define CHAR_RBRACE '}' -#define CHAR_SLASH '/' -#define CHAR_COMMA ',' - -#ifndef DEBUG - -#define M_QUOTE 0x8000 -#define M_PROTECT 0x4000 -#define M_MASK 0xffff -#define M_ASCII 0x00ff - -typedef u_short Char; - -#else - -#define M_QUOTE 0x80 -#define M_PROTECT 0x40 -#define M_MASK 0xff -#define M_ASCII 0x7f - -typedef char Char; - -#endif - - -#define CHAR(c) ((Char)((c)&M_ASCII)) -#define META(c) ((Char)((c)|M_QUOTE)) -#define M_ALL META('*') -#define M_END META(']') -#define M_NOT META('!') -#define M_ONE META('?') -#define M_RNG META('-') -#define M_SET META('[') -#define ismeta(c) (((c)&M_QUOTE) != 0) - - -static int compare (const void *, const void *); -static void g_Ctoc (const Char *, char *); -static int g_lstat (Char *, struct stat *, glob_t *); -static DIR *g_opendir (Char *, glob_t *); -static Char *g_strchr (Char *, int); -#ifdef notdef -static Char *g_strcat (Char *, const Char *); -#endif -static int g_stat (Char *, struct stat *, glob_t *); -static int glob0 (const Char *, glob_t *); -static int glob1 (Char *, glob_t *); -static int glob2 (Char *, Char *, Char *, glob_t *); -static int glob3 (Char *, Char *, Char *, Char *, glob_t *); -static int globextend (const Char *, glob_t *); -static const Char * globtilde (const Char *, Char *, glob_t *); -static int globexp1 (const Char *, glob_t *); -static int globexp2 (const Char *, const Char *, glob_t *, int *); -static int match (Char *, Char *, Char *); -#ifdef DEBUG -static void qprintf (const char *, Char *); -#endif - -int -glob(const char *pattern, - int flags, - int (*errfunc)(const char *, int), - glob_t *pglob) -{ - const u_char *patnext; - int c; - Char *bufnext, *bufend, patbuf[MaxPathLen+1]; - - patnext = (u_char *) pattern; - if (!(flags & GLOB_APPEND)) { - pglob->gl_pathc = 0; - pglob->gl_pathv = NULL; - if (!(flags & GLOB_DOOFFS)) - pglob->gl_offs = 0; - } - pglob->gl_flags = flags & ~GLOB_MAGCHAR; - pglob->gl_errfunc = errfunc; - pglob->gl_matchc = 0; - - bufnext = patbuf; - bufend = bufnext + MaxPathLen; - if (flags & GLOB_QUOTE) { - /* Protect the quoted characters. */ - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) - if (c == CHAR_QUOTE) { - if ((c = *patnext++) == CHAR_EOS) { - c = CHAR_QUOTE; - --patnext; - } - *bufnext++ = c | M_PROTECT; - } - else - *bufnext++ = c; - } - else - while (bufnext < bufend && (c = *patnext++) != CHAR_EOS) - *bufnext++ = c; - *bufnext = CHAR_EOS; - - if (flags & GLOB_BRACE) - return globexp1(patbuf, pglob); - else - return glob0(patbuf, pglob); -} - -/* - * Expand recursively a glob {} pattern. When there is no more expansion - * invoke the standard globbing routine to glob the rest of the magic - * characters - */ -static int globexp1(const Char *pattern, glob_t *pglob) -{ - const Char* ptr = pattern; - int rv; - - /* Protect a single {}, for find(1), like csh */ - if (pattern[0] == CHAR_LBRACE && pattern[1] == CHAR_RBRACE && pattern[2] == CHAR_EOS) - return glob0(pattern, pglob); - - while ((ptr = (const Char *) g_strchr((Char *) ptr, CHAR_LBRACE)) != NULL) - if (!globexp2(ptr, pattern, pglob, &rv)) - return rv; - - return glob0(pattern, pglob); -} - - -/* - * Recursive brace globbing helper. Tries to expand a single brace. - * If it succeeds then it invokes globexp1 with the new pattern. - * If it fails then it tries to glob the rest of the pattern and returns. - */ -static int globexp2(const Char *ptr, const Char *pattern, - glob_t *pglob, int *rv) -{ - int i; - Char *lm, *ls; - const Char *pe, *pm, *pl; - Char patbuf[MaxPathLen + 1]; - - /* copy part up to the brace */ - for (lm = patbuf, pm = pattern; pm != ptr; *lm++ = *pm++) - continue; - ls = lm; - - /* Find the balanced brace */ - for (i = 0, pe = ++ptr; *pe; pe++) - if (*pe == CHAR_LBRACKET) { - /* Ignore everything between [] */ - for (pm = pe++; *pe != CHAR_RBRACKET && *pe != CHAR_EOS; pe++) - continue; - if (*pe == CHAR_EOS) { - /* - * We could not find a matching CHAR_RBRACKET. - * Ignore and just look for CHAR_RBRACE - */ - pe = pm; - } - } - else if (*pe == CHAR_LBRACE) - i++; - else if (*pe == CHAR_RBRACE) { - if (i == 0) - break; - i--; - } - - /* Non matching braces; just glob the pattern */ - if (i != 0 || *pe == CHAR_EOS) { - *rv = glob0(patbuf, pglob); - return 0; - } - - for (i = 0, pl = pm = ptr; pm <= pe; pm++) - switch (*pm) { - case CHAR_LBRACKET: - /* Ignore everything between [] */ - for (pl = pm++; *pm != CHAR_RBRACKET && *pm != CHAR_EOS; pm++) - continue; - if (*pm == CHAR_EOS) { - /* - * We could not find a matching CHAR_RBRACKET. - * Ignore and just look for CHAR_RBRACE - */ - pm = pl; - } - break; - - case CHAR_LBRACE: - i++; - break; - - case CHAR_RBRACE: - if (i) { - i--; - break; - } - /* FALLTHROUGH */ - case CHAR_COMMA: - if (i && *pm == CHAR_COMMA) - break; - else { - /* Append the current string */ - for (lm = ls; (pl < pm); *lm++ = *pl++) - continue; - /* - * Append the rest of the pattern after the - * closing brace - */ - for (pl = pe + 1; (*lm++ = *pl++) != CHAR_EOS;) - continue; - - /* Expand the current pattern */ -#ifdef DEBUG - qprintf("globexp2:", patbuf); -#endif - *rv = globexp1(patbuf, pglob); - - /* move after the comma, to the next string */ - pl = pm + 1; - } - break; - - default: - break; - } - *rv = 0; - return 0; -} - - - -/* - * expand tilde from the passwd file. - */ -static const Char * -globtilde(const Char *pattern, Char *patbuf, glob_t *pglob) -{ - struct passwd *pwd; - char *h; - const Char *p; - Char *b; - - if (*pattern != CHAR_TILDE || !(pglob->gl_flags & GLOB_TILDE)) - return pattern; - - /* Copy up to the end of the string or / */ - for (p = pattern + 1, h = (char *) patbuf; *p && *p != CHAR_SLASH; - *h++ = *p++) - continue; - - *h = CHAR_EOS; - - if (((char *) patbuf)[0] == CHAR_EOS) { - /* - * handle a plain ~ or ~/ by expanding $HOME - * first and then trying the password file - */ - if ((h = getenv("HOME")) == NULL) { - if ((pwd = k_getpwuid(getuid())) == NULL) - return pattern; - else - h = pwd->pw_dir; - } - } - else { - /* - * Expand a ~user - */ - if ((pwd = k_getpwnam((char*) patbuf)) == NULL) - return pattern; - else - h = pwd->pw_dir; - } - - /* Copy the home directory */ - for (b = patbuf; *h; *b++ = *h++) - continue; - - /* Append the rest of the pattern */ - while ((*b++ = *p++) != CHAR_EOS) - continue; - - return patbuf; -} - - -/* - * The main glob() routine: compiles the pattern (optionally processing - * quotes), calls glob1() to do the real pattern matching, and finally - * sorts the list (unless unsorted operation is requested). Returns 0 - * if things went well, nonzero if errors occurred. It is not an error - * to find no matches. - */ -static int -glob0(const Char *pattern, glob_t *pglob) -{ - const Char *qpatnext; - int c, err, oldpathc; - Char *bufnext, patbuf[MaxPathLen+1]; - - qpatnext = globtilde(pattern, patbuf, pglob); - oldpathc = pglob->gl_pathc; - bufnext = patbuf; - - /* We don't need to check for buffer overflow any more. */ - while ((c = *qpatnext++) != CHAR_EOS) { - switch (c) { - case CHAR_LBRACKET: - c = *qpatnext; - if (c == CHAR_NOT) - ++qpatnext; - if (*qpatnext == CHAR_EOS || - g_strchr((Char *) qpatnext+1, CHAR_RBRACKET) == NULL) { - *bufnext++ = CHAR_LBRACKET; - if (c == CHAR_NOT) - --qpatnext; - break; - } - *bufnext++ = M_SET; - if (c == CHAR_NOT) - *bufnext++ = M_NOT; - c = *qpatnext++; - do { - *bufnext++ = CHAR(c); - if (*qpatnext == CHAR_RANGE && - (c = qpatnext[1]) != CHAR_RBRACKET) { - *bufnext++ = M_RNG; - *bufnext++ = CHAR(c); - qpatnext += 2; - } - } while ((c = *qpatnext++) != CHAR_RBRACKET); - pglob->gl_flags |= GLOB_MAGCHAR; - *bufnext++ = M_END; - break; - case CHAR_QUESTION: - pglob->gl_flags |= GLOB_MAGCHAR; - *bufnext++ = M_ONE; - break; - case CHAR_STAR: - pglob->gl_flags |= GLOB_MAGCHAR; - /* collapse adjacent stars to one, - * to avoid exponential behavior - */ - if (bufnext == patbuf || bufnext[-1] != M_ALL) - *bufnext++ = M_ALL; - break; - default: - *bufnext++ = CHAR(c); - break; - } - } - *bufnext = CHAR_EOS; -#ifdef DEBUG - qprintf("glob0:", patbuf); -#endif - - if ((err = glob1(patbuf, pglob)) != 0) - return(err); - - /* - * If there was no match we are going to append the pattern - * if GLOB_NOCHECK was specified or if GLOB_NOMAGIC was specified - * and the pattern did not contain any magic characters - * GLOB_NOMAGIC is there just for compatibility with csh. - */ - if (pglob->gl_pathc == oldpathc && - ((pglob->gl_flags & GLOB_NOCHECK) || - ((pglob->gl_flags & GLOB_NOMAGIC) && - !(pglob->gl_flags & GLOB_MAGCHAR)))) - return(globextend(pattern, pglob)); - else if (!(pglob->gl_flags & GLOB_NOSORT)) - qsort(pglob->gl_pathv + pglob->gl_offs + oldpathc, - pglob->gl_pathc - oldpathc, sizeof(char *), compare); - return(0); -} - -static int -compare(const void *p, const void *q) -{ - return(strcmp(*(char **)p, *(char **)q)); -} - -static int -glob1(Char *pattern, glob_t *pglob) -{ - Char pathbuf[MaxPathLen+1]; - - /* A null pathname is invalid -- POSIX 1003.1 sect. 2.4. */ - if (*pattern == CHAR_EOS) - return(0); - return(glob2(pathbuf, pathbuf, pattern, pglob)); -} - -/* - * The functions glob2 and glob3 are mutually recursive; there is one level - * of recursion for each segment in the pattern that contains one or more - * meta characters. - */ - -#ifndef S_ISLNK -#if defined(S_IFLNK) && defined(S_IFMT) -#define S_ISLNK(mode) (((mode) & S_IFMT) == S_IFLNK) -#else -#define S_ISLNK(mode) 0 -#endif -#endif - -static int -glob2(Char *pathbuf, Char *pathend, Char *pattern, glob_t *pglob) -{ - struct stat sb; - Char *p, *q; - int anymeta; - - /* - * Loop over pattern segments until end of pattern or until - * segment with meta character found. - */ - for (anymeta = 0;;) { - if (*pattern == CHAR_EOS) { /* End of pattern? */ - *pathend = CHAR_EOS; - if (g_lstat(pathbuf, &sb, pglob)) - return(0); - - if (((pglob->gl_flags & GLOB_MARK) && - pathend[-1] != CHAR_SEP) && (S_ISDIR(sb.st_mode) - || (S_ISLNK(sb.st_mode) && - (g_stat(pathbuf, &sb, pglob) == 0) && - S_ISDIR(sb.st_mode)))) { - *pathend++ = CHAR_SEP; - *pathend = CHAR_EOS; - } - ++pglob->gl_matchc; - return(globextend(pathbuf, pglob)); - } - - /* Find end of next segment, copy tentatively to pathend. */ - q = pathend; - p = pattern; - while (*p != CHAR_EOS && *p != CHAR_SEP) { - if (ismeta(*p)) - anymeta = 1; - *q++ = *p++; - } - - if (!anymeta) { /* No expansion, do next segment. */ - pathend = q; - pattern = p; - while (*pattern == CHAR_SEP) - *pathend++ = *pattern++; - } else /* Need expansion, recurse. */ - return(glob3(pathbuf, pathend, pattern, p, pglob)); - } - /* CHAR_NOTREACHED */ -} - -static int -glob3(Char *pathbuf, Char *pathend, Char *pattern, Char *restpattern, - glob_t *pglob) -{ - struct dirent *dp; - DIR *dirp; - int err; - char buf[MaxPathLen]; - - /* - * The readdirfunc declaration can't be prototyped, because it is - * assigned, below, to two functions which are prototyped in glob.h - * and dirent.h as taking pointers to differently typed opaque - * structures. - */ - struct dirent *(*readdirfunc)(void *); - - *pathend = CHAR_EOS; - errno = 0; - - if ((dirp = g_opendir(pathbuf, pglob)) == NULL) { - /* TODO: don't call for ENOENT or ENOTDIR? */ - if (pglob->gl_errfunc) { - g_Ctoc(pathbuf, buf); - if (pglob->gl_errfunc(buf, errno) || - pglob->gl_flags & GLOB_ERR) - return (GLOB_ABEND); - } - return(0); - } - - err = 0; - - /* Search directory for matching names. */ - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - readdirfunc = pglob->gl_readdir; - else - readdirfunc = (struct dirent *(*)(void *))readdir; - while ((dp = (*readdirfunc)(dirp))) { - u_char *sc; - Char *dc; - - /* Initial CHAR_DOT must be matched literally. */ - if (dp->d_name[0] == CHAR_DOT && *pattern != CHAR_DOT) - continue; - for (sc = (u_char *) dp->d_name, dc = pathend; - (*dc++ = *sc++) != CHAR_EOS;) - continue; - if (!match(pathend, pattern, restpattern)) { - *pathend = CHAR_EOS; - continue; - } - err = glob2(pathbuf, --dc, restpattern, pglob); - if (err) - break; - } - - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - (*pglob->gl_closedir)(dirp); - else - closedir(dirp); - return(err); -} - - -/* - * Extend the gl_pathv member of a glob_t structure to accomodate a new item, - * add the new item, and update gl_pathc. - * - * This assumes the BSD realloc, which only copies the block when its size - * crosses a power-of-two boundary; for v7 realloc, this would cause quadratic - * behavior. - * - * Return 0 if new item added, error code if memory couldn't be allocated. - * - * Invariant of the glob_t structure: - * Either gl_pathc is zero and gl_pathv is NULL; or gl_pathc > 0 and - * gl_pathv points to (gl_offs + gl_pathc + 1) items. - */ -static int -globextend(const Char *path, glob_t *pglob) -{ - char **pathv; - int i; - u_int newsize; - char *copy; - const Char *p; - - newsize = sizeof(*pathv) * (2 + pglob->gl_pathc + pglob->gl_offs); - pathv = pglob->gl_pathv ? - realloc(pglob->gl_pathv, newsize) : - malloc(newsize); - if (pathv == NULL) - return(GLOB_NOSPACE); - - if (pglob->gl_pathv == NULL && pglob->gl_offs > 0) { - /* first time around -- clear initial gl_offs items */ - pathv += pglob->gl_offs; - for (i = pglob->gl_offs; --i >= 0; ) - *--pathv = NULL; - } - pglob->gl_pathv = pathv; - - for (p = path; *p++;) - continue; - if ((copy = malloc(p - path)) != NULL) { - g_Ctoc(path, copy); - pathv[pglob->gl_offs + pglob->gl_pathc++] = copy; - } - pathv[pglob->gl_offs + pglob->gl_pathc] = NULL; - return(copy == NULL ? GLOB_NOSPACE : 0); -} - - -/* - * pattern matching function for filenames. Each occurrence of the * - * pattern causes a recursion level. - */ -static int -match(Char *name, Char *pat, Char *patend) -{ - int ok, negate_range; - Char c, k; - - while (pat < patend) { - c = *pat++; - switch (c & M_MASK) { - case M_ALL: - if (pat == patend) - return(1); - do - if (match(name, pat, patend)) - return(1); - while (*name++ != CHAR_EOS); - return(0); - case M_ONE: - if (*name++ == CHAR_EOS) - return(0); - break; - case M_SET: - ok = 0; - if ((k = *name++) == CHAR_EOS) - return(0); - if ((negate_range = ((*pat & M_MASK) == M_NOT)) != CHAR_EOS) - ++pat; - while (((c = *pat++) & M_MASK) != M_END) - if ((*pat & M_MASK) == M_RNG) { - if (c <= k && k <= pat[1]) - ok = 1; - pat += 2; - } else if (c == k) - ok = 1; - if (ok == negate_range) - return(0); - break; - default: - if (*name++ != c) - return(0); - break; - } - } - return(*name == CHAR_EOS); -} - -/* Free allocated data belonging to a glob_t structure. */ -void -globfree(glob_t *pglob) -{ - int i; - char **pp; - - if (pglob->gl_pathv != NULL) { - pp = pglob->gl_pathv + pglob->gl_offs; - for (i = pglob->gl_pathc; i--; ++pp) - if (*pp) - free(*pp); - free(pglob->gl_pathv); - } -} - -static DIR * -g_opendir(Char *str, glob_t *pglob) -{ - char buf[MaxPathLen]; - - if (!*str) - strlcpy(buf, ".", sizeof(buf)); - else - g_Ctoc(str, buf); - - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_opendir)(buf)); - - return(opendir(buf)); -} - -static int -g_lstat(Char *fn, struct stat *sb, glob_t *pglob) -{ - char buf[MaxPathLen]; - - g_Ctoc(fn, buf); - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_lstat)(buf, sb)); - return(lstat(buf, sb)); -} - -static int -g_stat(Char *fn, struct stat *sb, glob_t *pglob) -{ - char buf[MaxPathLen]; - - g_Ctoc(fn, buf); - if (pglob->gl_flags & GLOB_ALTDIRFUNC) - return((*pglob->gl_stat)(buf, sb)); - return(stat(buf, sb)); -} - -static Char * -g_strchr(Char *str, int ch) -{ - do { - if (*str == ch) - return (str); - } while (*str++); - return (NULL); -} - -#ifdef notdef -static Char * -g_strcat(Char *dst, const Char *src) -{ - Char *sdst = dst; - - while (*dst++) - continue; - --dst; - while((*dst++ = *src++) != CHAR_EOS) - continue; - - return (sdst); -} -#endif - -static void -g_Ctoc(const Char *str, char *buf) -{ - char *dc; - - for (dc = buf; (*dc++ = *str++) != CHAR_EOS;) - continue; -} - -#ifdef DEBUG -static void -qprintf(const Char *str, Char *s) -{ - Char *p; - - printf("%s:\n", str); - for (p = s; *p; p++) - printf("%c", CHAR(*p)); - printf("\n"); - for (p = s; *p; p++) - printf("%c", *p & M_PROTECT ? '"' : ' '); - printf("\n"); - for (p = s; *p; p++) - printf("%c", ismeta(*p) ? '_' : ' '); - printf("\n"); -} -#endif diff --git a/crypto/kerberosIV/lib/roken/glob.h b/crypto/kerberosIV/lib/roken/glob.h deleted file mode 100644 index bece48a89cd7..000000000000 --- a/crypto/kerberosIV/lib/roken/glob.h +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1989, 1993 - * The Regents of the University of California. All rights reserved. - * - * This code is derived from software contributed to Berkeley by - * Guido van Rossum. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * - * @(#)glob.h 8.1 (Berkeley) 6/2/93 - */ - -#ifndef _GLOB_H_ -#define _GLOB_H_ - -struct stat; -typedef struct { - int gl_pathc; /* Count of total paths so far. */ - int gl_matchc; /* Count of paths matching pattern. */ - int gl_offs; /* Reserved at beginning of gl_pathv. */ - int gl_flags; /* Copy of flags parameter to glob. */ - char **gl_pathv; /* List of paths matching pattern. */ - /* Copy of errfunc parameter to glob. */ - int (*gl_errfunc) (const char *, int); - - /* - * Alternate filesystem access methods for glob; replacement - * versions of closedir(3), readdir(3), opendir(3), stat(2) - * and lstat(2). - */ - void (*gl_closedir) (void *); - struct dirent *(*gl_readdir) (void *); - void *(*gl_opendir) (const char *); - int (*gl_lstat) (const char *, struct stat *); - int (*gl_stat) (const char *, struct stat *); -} glob_t; - -#define GLOB_APPEND 0x0001 /* Append to output from previous call. */ -#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */ -#define GLOB_ERR 0x0004 /* Return on error. */ -#define GLOB_MARK 0x0008 /* Append / to matching directories. */ -#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */ -#define GLOB_NOSORT 0x0020 /* Don't sort. */ - -#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */ -#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */ -#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */ -#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */ -#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */ -#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */ - -#define GLOB_NOSPACE (-1) /* Malloc call failed. */ -#define GLOB_ABEND (-2) /* Unignored error. */ - -int glob (const char *, int, int (*)(const char *, int), glob_t *); -void globfree (glob_t *); - -#endif /* !_GLOB_H_ */ diff --git a/crypto/kerberosIV/lib/roken/hstrerror.c b/crypto/kerberosIV/lib/roken/hstrerror.c deleted file mode 100644 index 522de52ad905..000000000000 --- a/crypto/kerberosIV/lib/roken/hstrerror.c +++ /dev/null @@ -1,89 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: hstrerror.c,v 1.22 1999/12/02 16:58:46 joda Exp $"); -#endif - -#ifndef HAVE_HSTRERROR - -#include "roken.h" - -#include - -#ifdef HAVE_NETDB_H -#if (defined(SunOS) && (SunOS >= 50)) -#define hstrerror broken_proto -#endif -#include -#undef hstrerror -#endif - -#ifndef HAVE_H_ERRNO -int h_errno = -17; /* Some magic number */ -#endif - -#if !(defined(HAVE_H_ERRLIST) && defined(HAVE_H_NERR)) -static const char *const h_errlist[] = { - "Resolver Error 0 (no error)", - "Unknown host", /* 1 HOST_NOT_FOUND */ - "Host name lookup failure", /* 2 TRY_AGAIN */ - "Unknown server error", /* 3 NO_RECOVERY */ - "No address associated with name", /* 4 NO_ADDRESS */ -}; - -static -const -int h_nerr = { sizeof h_errlist / sizeof h_errlist[0] }; -#else - -#ifndef HAVE_H_ERRLIST_DECLARATION -extern const char *h_errlist[]; -extern int h_nerr; -#endif - -#endif - -const char * -hstrerror(int herr) -{ - if (0 <= herr && herr < h_nerr) - return h_errlist[herr]; - else if(herr == -17) - return "unknown error"; - else - return "Error number out of range (hstrerror)"; -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/inaddr2str.c b/crypto/kerberosIV/lib/roken/inaddr2str.c deleted file mode 100644 index 5a1ab56810a3..000000000000 --- a/crypto/kerberosIV/lib/roken/inaddr2str.c +++ /dev/null @@ -1,90 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: inaddr2str.c,v 1.12 1999/12/02 16:58:46 joda Exp $"); -#endif - -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#include "roken.h" - -/* - * Get a verified name for `addr'. - * If unable to find it in the DNS, return x.y.z.a - */ - -void -inaddr2str(struct in_addr addr, char *s, size_t len) -{ - struct hostent *h; - char **p; - - h = roken_gethostbyaddr ((const char *)&addr, sizeof(addr), AF_INET); - if (h) { - h = roken_gethostbyname (h->h_name); - if(h) - for(p = h->h_addr_list; - *p; - ++p) - if (memcmp (*p, &addr, sizeof(addr)) == 0) { - strlcpy (s, h->h_name, len); - return; - } - } - strlcpy (s, inet_ntoa (addr), len); - return; -} diff --git a/crypto/kerberosIV/lib/roken/inet_aton.c b/crypto/kerberosIV/lib/roken/inet_aton.c deleted file mode 100644 index 755e4261766f..000000000000 --- a/crypto/kerberosIV/lib/roken/inet_aton.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: inet_aton.c,v 1.12 1999/12/02 16:58:47 joda Exp $"); -#endif - -#include "roken.h" - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -/* Minimal implementation of inet_aton. - * Cannot distinguish between failure and a local broadcast address. */ - -int -inet_aton(const char *cp, struct in_addr *addr) -{ - addr->s_addr = inet_addr(cp); - return (addr->s_addr == INADDR_NONE) ? 0 : 1; -} diff --git a/crypto/kerberosIV/lib/roken/inet_ntop.c b/crypto/kerberosIV/lib/roken/inet_ntop.c deleted file mode 100644 index f79a35eb334b..000000000000 --- a/crypto/kerberosIV/lib/roken/inet_ntop.c +++ /dev/null @@ -1,153 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: inet_ntop.c,v 1.3 1999/12/02 16:58:47 joda Exp $"); -#endif - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#include - -/* - * - */ - -static const char * -inet_ntop_v4 (const void *src, char *dst, size_t size) -{ - const char digits[] = "0123456789"; - int i; - struct in_addr *addr = (struct in_addr *)src; - u_long a = ntohl(addr->s_addr); - const char *orig_dst = dst; - - if (size < INET_ADDRSTRLEN) { - errno = ENOSPC; - return NULL; - } - for (i = 0; i < 4; ++i) { - int n = (a >> (24 - i * 8)) & 0xFF; - int non_zerop = 0; - - if (non_zerop || n / 100 > 0) { - *dst++ = digits[n / 100]; - n %= 100; - non_zerop = 1; - } - if (non_zerop || n / 10 > 0) { - *dst++ = digits[n / 10]; - n %= 10; - non_zerop = 1; - } - *dst++ = digits[n]; - if (i != 3) - *dst++ = '.'; - } - *dst++ = '\0'; - return orig_dst; -} - -#ifdef HAVE_IPV6 -static const char * -inet_ntop_v6 (const void *src, char *dst, size_t size) -{ - const char xdigits[] = "0123456789abcdef"; - int i; - const struct in6_addr *addr = (struct in6_addr *)src; - const u_char *ptr = addr->s6_addr; - const char *orig_dst = dst; - - if (size < INET6_ADDRSTRLEN) { - errno = ENOSPC; - return NULL; - } - for (i = 0; i < 8; ++i) { - int non_zerop = 1; - - if (non_zerop || (ptr[0] >> 4)) { - *dst++ = xdigits[ptr[0] >> 4]; - non_zerop = 1; - } - if (non_zerop || (ptr[0] & 0x0F)) { - *dst++ = xdigits[ptr[0] & 0x0F]; - non_zerop = 1; - } - if (non_zerop || (ptr[1] >> 4)) { - *dst++ = xdigits[ptr[1] >> 4]; - non_zerop = 1; - } - if (non_zerop || (ptr[1] & 0x0F)) { - *dst++ = xdigits[ptr[1] & 0x0F]; - non_zerop = 1; - } - if (i != 7) - *dst++ = ':'; - ptr += 2; - } - *dst++ = '\0'; - return orig_dst; -} -#endif /* HAVE_IPV6 */ - -const char * -inet_ntop(int af, const void *src, char *dst, size_t size) -{ - switch (af) { - case AF_INET : - return inet_ntop_v4 (src, dst, size); -#ifdef HAVE_IPV6 - case AF_INET6 : - return inet_ntop_v6 (src, dst, size); -#endif - default : - errno = EAFNOSUPPORT; - return NULL; - } -} diff --git a/crypto/kerberosIV/lib/roken/inet_pton.c b/crypto/kerberosIV/lib/roken/inet_pton.c deleted file mode 100644 index 9b195c23dafc..000000000000 --- a/crypto/kerberosIV/lib/roken/inet_pton.c +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: inet_pton.c,v 1.2 1999/12/02 16:58:47 joda Exp $"); -#endif - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - -#include - -int -inet_pton(int af, const char *src, void *dst) -{ - if (af != AF_INET) { - errno = EAFNOSUPPORT; - return -1; - } - return inet_aton (src, dst); -} diff --git a/crypto/kerberosIV/lib/roken/initgroups.c b/crypto/kerberosIV/lib/roken/initgroups.c deleted file mode 100644 index dcf1d08e968f..000000000000 --- a/crypto/kerberosIV/lib/roken/initgroups.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: initgroups.c,v 1.3 1999/12/02 16:58:47 joda Exp $"); -#endif - -#include "roken.h" - -int -initgroups(const char *name, gid_t basegid) -{ - return 0; -} diff --git a/crypto/kerberosIV/lib/roken/innetgr.c b/crypto/kerberosIV/lib/roken/innetgr.c deleted file mode 100644 index 4bc57f93e566..000000000000 --- a/crypto/kerberosIV/lib/roken/innetgr.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_INNETGR - -RCSID("$Id: innetgr.c,v 1.1 1999/03/11 14:04:01 joda Exp $"); - -int -innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain) -{ - return 0; -} -#endif - diff --git a/crypto/kerberosIV/lib/roken/iruserok.c b/crypto/kerberosIV/lib/roken/iruserok.c deleted file mode 100644 index 7cac29f412a2..000000000000 --- a/crypto/kerberosIV/lib/roken/iruserok.c +++ /dev/null @@ -1,294 +0,0 @@ -/* - * Copyright (c) 1983, 1993, 1994 - * The Regents of the University of California. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the University of - * California, Berkeley and its contributors. - * 4. Neither the name of the University nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: iruserok.c,v 1.22 1999/09/16 20:06:06 assar Exp $"); -#endif - -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_RPCSVC_YPCLNT_H -#include -#endif - -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#include "roken.h" - -int __check_rhosts_file = 1; -char *__rcmd_errstr = 0; - -/* - * Returns "true" if match, 0 if no match. - */ -static -int -__icheckhost(unsigned raddr, const char *lhost) -{ - struct hostent *hp; - u_long laddr; - char **pp; - - /* Try for raw ip address first. */ - if (isdigit((unsigned char)*lhost) - && (long)(laddr = inet_addr(lhost)) != -1) - return (raddr == laddr); - - /* Better be a hostname. */ - if ((hp = gethostbyname(lhost)) == NULL) - return (0); - - /* Spin through ip addresses. */ - for (pp = hp->h_addr_list; *pp; ++pp) - if (memcmp(&raddr, *pp, sizeof(u_long)) == 0) - return (1); - - /* No match. */ - return (0); -} - -/* - * Returns 0 if ok, -1 if not ok. - */ -static -int -__ivaliduser(FILE *hostf, unsigned raddr, const char *luser, - const char *ruser) -{ - char *user, *p; - int ch; - char buf[MaxHostNameLen + 128]; /* host + login */ - char hname[MaxHostNameLen]; - struct hostent *hp; - /* Presumed guilty until proven innocent. */ - int userok = 0, hostok = 0; -#ifdef HAVE_YP_GET_DEFAULT_DOMAIN - char *ypdomain; - - if (yp_get_default_domain(&ypdomain)) - ypdomain = NULL; -#else -#define ypdomain NULL -#endif - /* We need to get the damn hostname back for netgroup matching. */ - if ((hp = gethostbyaddr((char *)&raddr, - sizeof(u_long), - AF_INET)) == NULL) - return (-1); - strlcpy(hname, hp->h_name, sizeof(hname)); - - while (fgets(buf, sizeof(buf), hostf)) { - p = buf; - /* Skip lines that are too long. */ - if (strchr(p, '\n') == NULL) { - while ((ch = getc(hostf)) != '\n' && ch != EOF); - continue; - } - if (*p == '\n' || *p == '#') { - /* comment... */ - continue; - } - while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') { - if (isupper((unsigned char)*p)) - *p = tolower((unsigned char)*p); - p++; - } - if (*p == ' ' || *p == '\t') { - *p++ = '\0'; - while (*p == ' ' || *p == '\t') - p++; - user = p; - while (*p != '\n' && *p != ' ' && - *p != '\t' && *p != '\0') - p++; - } else - user = p; - *p = '\0'; - /* - * Do +/- and +@/-@ checking. This looks really nasty, - * but it matches SunOS's behavior so far as I can tell. - */ - switch(buf[0]) { - case '+': - if (!buf[1]) { /* '+' matches all hosts */ - hostok = 1; - break; - } - if (buf[1] == '@') /* match a host by netgroup */ - hostok = innetgr((char *)&buf[2], - (char *)&hname, NULL, ypdomain); - else /* match a host by addr */ - hostok = __icheckhost(raddr,(char *)&buf[1]); - break; - case '-': /* reject '-' hosts and all their users */ - if (buf[1] == '@') { - if (innetgr((char *)&buf[2], - (char *)&hname, NULL, ypdomain)) - return(-1); - } else { - if (__icheckhost(raddr,(char *)&buf[1])) - return(-1); - } - break; - default: /* if no '+' or '-', do a simple match */ - hostok = __icheckhost(raddr, buf); - break; - } - switch(*user) { - case '+': - if (!*(user+1)) { /* '+' matches all users */ - userok = 1; - break; - } - if (*(user+1) == '@') /* match a user by netgroup */ - userok = innetgr(user+2, NULL, (char *)ruser, - ypdomain); - else /* match a user by direct specification */ - userok = !(strcmp(ruser, user+1)); - break; - case '-': /* if we matched a hostname, */ - if (hostok) { /* check for user field rejections */ - if (!*(user+1)) - return(-1); - if (*(user+1) == '@') { - if (innetgr(user+2, NULL, - (char *)ruser, ypdomain)) - return(-1); - } else { - if (!strcmp(ruser, user+1)) - return(-1); - } - } - break; - default: /* no rejections: try to match the user */ - if (hostok) - userok = !(strcmp(ruser,*user ? user : luser)); - break; - } - if (hostok && userok) - return(0); - } - return (-1); -} - -/* - * New .rhosts strategy: We are passed an ip address. We spin through - * hosts.equiv and .rhosts looking for a match. When the .rhosts only - * has ip addresses, we don't have to trust a nameserver. When it - * contains hostnames, we spin through the list of addresses the nameserver - * gives us and look for a match. - * - * Returns 0 if ok, -1 if not ok. - */ -int -iruserok(unsigned raddr, int superuser, const char *ruser, const char *luser) -{ - char *cp; - struct stat sbuf; - struct passwd *pwd; - FILE *hostf; - uid_t uid; - int first; - char pbuf[MaxPathLen]; - - first = 1; - hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "r"); -again: - if (hostf) { - if (__ivaliduser(hostf, raddr, luser, ruser) == 0) { - fclose(hostf); - return (0); - } - fclose(hostf); - } - if (first == 1 && (__check_rhosts_file || superuser)) { - first = 0; - if ((pwd = k_getpwnam((char*)luser)) == NULL) - return (-1); - snprintf (pbuf, sizeof(pbuf), "%s/.rhosts", pwd->pw_dir); - - /* - * Change effective uid while opening .rhosts. If root and - * reading an NFS mounted file system, can't read files that - * are protected read/write owner only. - */ - uid = geteuid(); - seteuid(pwd->pw_uid); - hostf = fopen(pbuf, "r"); - seteuid(uid); - - if (hostf == NULL) - return (-1); - /* - * If not a regular file, or is owned by someone other than - * user or root or if writeable by anyone but the owner, quit. - */ - cp = NULL; - if (lstat(pbuf, &sbuf) < 0) - cp = ".rhosts lstat failed"; - else if (!S_ISREG(sbuf.st_mode)) - cp = ".rhosts not regular file"; - else if (fstat(fileno(hostf), &sbuf) < 0) - cp = ".rhosts fstat failed"; - else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid) - cp = "bad .rhosts owner"; - else if (sbuf.st_mode & (S_IWGRP|S_IWOTH)) - cp = ".rhosts writeable by other than owner"; - /* If there were any problems, quit. */ - if (cp) { - __rcmd_errstr = cp; - fclose(hostf); - return (-1); - } - goto again; - } - return (-1); -} diff --git a/crypto/kerberosIV/lib/roken/issuid.c b/crypto/kerberosIV/lib/roken/issuid.c deleted file mode 100644 index af2aae542875..000000000000 --- a/crypto/kerberosIV/lib/roken/issuid.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: issuid.c,v 1.3 1999/12/02 16:58:47 joda Exp $"); -#endif - -#include "roken.h" - -int -issuid(void) -{ -#if defined(HAVE_GETUID) && defined(HAVE_GETEUID) - if(getuid() != geteuid()) - return 1; -#endif -#if defined(HAVE_GETGID) && defined(HAVE_GETEGID) - if(getgid() != getegid()) - return 2; -#endif - return 0; -} diff --git a/crypto/kerberosIV/lib/roken/k_getpwnam.c b/crypto/kerberosIV/lib/roken/k_getpwnam.c deleted file mode 100644 index 40681cd2d01b..000000000000 --- a/crypto/kerberosIV/lib/roken/k_getpwnam.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: k_getpwnam.c,v 1.9 1999/12/02 16:58:47 joda Exp $"); -#endif /* HAVE_CONFIG_H */ - -#include "roken.h" -#ifdef HAVE_SHADOW_H -#include -#endif - -struct passwd * -k_getpwnam (const char *user) -{ - struct passwd *p; - - p = getpwnam (user); -#if defined(HAVE_GETSPNAM) && defined(HAVE_STRUCT_SPWD) - if(p) - { - struct spwd *spwd; - - spwd = getspnam (user); - if (spwd) - p->pw_passwd = spwd->sp_pwdp; - endspent (); - } -#else - endpwent (); -#endif - return p; -} diff --git a/crypto/kerberosIV/lib/roken/k_getpwuid.c b/crypto/kerberosIV/lib/roken/k_getpwuid.c deleted file mode 100644 index 1e2ca5476fe4..000000000000 --- a/crypto/kerberosIV/lib/roken/k_getpwuid.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: k_getpwuid.c,v 1.9 1999/12/02 16:58:47 joda Exp $"); -#endif /* HAVE_CONFIG_H */ - -#include "roken.h" -#ifdef HAVE_SHADOW_H -#include -#endif - -struct passwd * -k_getpwuid (uid_t uid) -{ - struct passwd *p; - - p = getpwuid (uid); -#if defined(HAVE_GETSPNAM) && defined(HAVE_STRUCT_SPWD) - if (p) - { - struct spwd *spwd; - - spwd = getspnam (p->pw_name); - if (spwd) - p->pw_passwd = spwd->sp_pwdp; - endspent (); - } -#else - endpwent (); -#endif - return p; -} diff --git a/crypto/kerberosIV/lib/roken/lstat.c b/crypto/kerberosIV/lib/roken/lstat.c deleted file mode 100644 index 2f03e19d18f1..000000000000 --- a/crypto/kerberosIV/lib/roken/lstat.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: lstat.c,v 1.4 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include "roken.h" - -int -lstat(const char *path, struct stat *buf) -{ - return stat(path, buf); -} diff --git a/crypto/kerberosIV/lib/roken/make-print-version.c b/crypto/kerberosIV/lib/roken/make-print-version.c deleted file mode 100644 index d08e023da950..000000000000 --- a/crypto/kerberosIV/lib/roken/make-print-version.c +++ /dev/null @@ -1,68 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: make-print-version.c,v 1.2 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include - -#ifdef KRB5 -extern char *heimdal_version; -#endif -#ifdef KRB4 -extern char *krb4_version; -#endif -#include - -int -main(int argc, char **argv) -{ - FILE *f; - if(argc != 2) - return 1; - f = fopen(argv[1], "w"); - if(f == NULL) - return 1; - fprintf(f, "#define VERSIONLIST { "); -#ifdef KRB5 - fprintf(f, "\"%s\", ", heimdal_version); -#endif -#ifdef KRB4 - fprintf(f, "\"%s\", ", krb4_version); -#endif - fprintf(f, "}\n"); - fclose(f); - return 0; -} diff --git a/crypto/kerberosIV/lib/roken/memmove.c b/crypto/kerberosIV/lib/roken/memmove.c deleted file mode 100644 index b77d56af9616..000000000000 --- a/crypto/kerberosIV/lib/roken/memmove.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: memmove.c,v 1.7 1999/12/02 16:58:51 joda Exp $"); -#endif - -/* - * memmove for systems that doesn't have it - */ - -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -void* memmove(void *s1, const void *s2, size_t n) -{ - char *s=(char*)s2, *d=(char*)s1; - - if(d > s){ - s+=n-1; - d+=n-1; - while(n){ - *d--=*s--; - n--; - } - }else if(d < s) - while(n){ - *d++=*s++; - n--; - } - return s1; -} diff --git a/crypto/kerberosIV/lib/roken/mini_inetd.c b/crypto/kerberosIV/lib/roken/mini_inetd.c deleted file mode 100644 index 0d3b3b64f43c..000000000000 --- a/crypto/kerberosIV/lib/roken/mini_inetd.c +++ /dev/null @@ -1,198 +0,0 @@ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: mini_inetd.c,v 1.18.2.1 2000/10/10 13:22:33 assar Exp $"); -#endif - -#include - -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_TIME_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif - - -#include - -static int -listen_v4 (int port) -{ - struct sockaddr_in sa; - int s; - - s = socket(AF_INET, SOCK_STREAM, 0); - if(s < 0) { - if (errno == ENOSYS) - return -1; - perror("socket"); - exit(1); - } - socket_set_reuseaddr (s, 1); - memset(&sa, 0, sizeof(sa)); - sa.sin_family = AF_INET; - sa.sin_port = port; - sa.sin_addr.s_addr = INADDR_ANY; - if(bind(s, (struct sockaddr*)&sa, sizeof(sa)) < 0){ - perror("bind"); - exit(1); - } - if(listen(s, SOMAXCONN) < 0){ - perror("listen"); - exit(1); - } - return s; -} - -#ifdef HAVE_IPV6 -static int -listen_v6 (int port) -{ - struct sockaddr_in6 sa; - int s; - - s = socket(AF_INET6, SOCK_STREAM, 0); - if(s < 0) { - if (errno == ENOSYS) - return -1; - perror("socket"); - exit(1); - } - socket_set_reuseaddr (s, 1); - memset(&sa, 0, sizeof(sa)); - sa.sin6_family = AF_INET6; - sa.sin6_port = port; - sa.sin6_addr = in6addr_any; - if(bind(s, (struct sockaddr*)&sa, sizeof(sa)) < 0){ - perror("bind"); - exit(1); - } - if(listen(s, SOMAXCONN) < 0){ - perror("listen"); - exit(1); - } - return s; -} -#endif /* HAVE_IPV6 */ - -/* - * accept a connection on `s' and pretend it's served by inetd. - */ - -static void -accept_it (int s) -{ - int s2; - - s2 = accept(s, NULL, 0); - if(s2 < 0){ - perror("accept"); - exit(1); - } - close(s); - dup2(s2, STDIN_FILENO); - dup2(s2, STDOUT_FILENO); - /* dup2(s2, STDERR_FILENO); */ - close(s2); -} - -/* - * Listen on `port' emulating inetd. - */ - -void -mini_inetd (int port) -{ - int ret; - int max_fd = -1; - int sock_v4 = -1; - int sock_v6 = -1; - fd_set orig_read_set, read_set; - - FD_ZERO(&orig_read_set); - - sock_v4 = listen_v4 (port); - if (sock_v4 >= 0) { - max_fd = max(max_fd, sock_v4); - if (max_fd >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(sock_v4, &orig_read_set); - } -#ifdef HAVE_IPV6 - sock_v6 = listen_v6 (port); - if (sock_v6 >= 0) { - max_fd = max(max_fd, sock_v6); - if (max_fd >= FD_SETSIZE) - errx (1, "fd too large"); - FD_SET(sock_v6, &orig_read_set); - } -#endif - - do { - read_set = orig_read_set; - - ret = select (max_fd + 1, &read_set, NULL, NULL, NULL); - if (ret < 0 && ret != EINTR) { - perror ("select"); - exit (1); - } - } while (ret <= 0); - - if (sock_v4 > 0 && FD_ISSET (sock_v4, &read_set)) { - accept_it (sock_v4); - return; - } - if (sock_v6 > 0 && FD_ISSET (sock_v6, &read_set)) { - accept_it (sock_v6); - return; - } - abort (); -} diff --git a/crypto/kerberosIV/lib/roken/mkstemp.c b/crypto/kerberosIV/lib/roken/mkstemp.c deleted file mode 100644 index 350f4cb7aee1..000000000000 --- a/crypto/kerberosIV/lib/roken/mkstemp.c +++ /dev/null @@ -1,84 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#include - -RCSID("$Id: mkstemp.c,v 1.3 1999/12/02 16:58:51 joda Exp $"); - -#ifndef HAVE_MKSTEMP - -int -mkstemp(char *template) -{ - int start, i; - pid_t val; - val = getpid(); - start = strlen(template) - 1; - while(template[start] == 'X') { - template[start] = '0' + val % 10; - val /= 10; - start--; - } - - do{ - int fd; - fd = open(template, O_RDWR | O_CREAT | O_EXCL, 0600); - if(fd >= 0 || errno != EEXIST) - return fd; - i = start + 1; - do{ - if(template[i] == 0) - return -1; - template[i]++; - if(template[i] == '9' + 1) - template[i] = 'a'; - if(template[i] <= 'z') - break; - template[i] = 'a'; - i++; - }while(1); - }while(1); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/net_read.c b/crypto/kerberosIV/lib/roken/net_read.c deleted file mode 100644 index 6d45bfa5471a..000000000000 --- a/crypto/kerberosIV/lib/roken/net_read.c +++ /dev/null @@ -1,74 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: net_read.c,v 1.3 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include -#include -#include - -#include - -/* - * Like read but never return partial data. - */ - -ssize_t -net_read (int fd, void *buf, size_t nbytes) -{ - char *cbuf = (char *)buf; - ssize_t count; - size_t rem = nbytes; - - while (rem > 0) { -#ifdef WIN32 - count = recv (fd, cbuf, rem, 0); -#else - count = read (fd, cbuf, rem); -#endif - if (count < 0) { - if (errno == EINTR) - continue; - else - return count; - } else if (count == 0) { - return count; - } - cbuf += count; - rem -= count; - } - return nbytes; -} diff --git a/crypto/kerberosIV/lib/roken/net_write.c b/crypto/kerberosIV/lib/roken/net_write.c deleted file mode 100644 index 2f63dbeed10e..000000000000 --- a/crypto/kerberosIV/lib/roken/net_write.c +++ /dev/null @@ -1,72 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: net_write.c,v 1.4 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include -#include -#include - -#include - -/* - * Like write but never return partial data. - */ - -ssize_t -net_write (int fd, const void *buf, size_t nbytes) -{ - const char *cbuf = (const char *)buf; - ssize_t count; - size_t rem = nbytes; - - while (rem > 0) { -#ifdef WIN32 - count = send (fd, cbuf, rem, 0); -#else - count = write (fd, cbuf, rem); -#endif - if (count < 0) { - if (errno == EINTR) - continue; - else - return count; - } - cbuf += count; - rem -= count; - } - return nbytes; -} diff --git a/crypto/kerberosIV/lib/roken/parse_bytes-test.c b/crypto/kerberosIV/lib/roken/parse_bytes-test.c deleted file mode 100644 index 499d942bf060..000000000000 --- a/crypto/kerberosIV/lib/roken/parse_bytes-test.c +++ /dev/null @@ -1,92 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_bytes-test.c,v 1.2 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include "roken.h" -#include "parse_bytes.h" - -static struct testcase { - int canonicalp; - int val; - const char *def_unit; - const char *str; -} tests[] = { - {0, 0, NULL, "0 bytes"}, - {1, 0, NULL, "0"}, - {0, 1, NULL, "1"}, - {1, 1, NULL, "1 byte"}, - {0, 0, "kilobyte", "0"}, - {0, 1024, "kilobyte", "1"}, - {1, 1024, "kilobyte", "1 kilobyte"}, - {1, 1024 * 1024, NULL, "1 megabyte"}, - {0, 1025, NULL, "1 kilobyte 1"}, - {1, 1025, NULL, "1 kilobyte 1 byte"}, -}; - -int -main(int argc, char **argv) -{ - int i; - int ret = 0; - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) { - char buf[256]; - int val = parse_bytes (tests[i].str, tests[i].def_unit); - size_t len; - - if (val != tests[i].val) { - printf ("parse_bytes (%s, %s) = %d != %d\n", - tests[i].str, - tests[i].def_unit ? tests[i].def_unit : "none", - val, tests[i].val); - ++ret; - } - if (tests[i].canonicalp) { - len = unparse_bytes (tests[i].val, buf, sizeof(buf)); - if (strcmp (tests[i].str, buf) != 0) { - printf ("unparse_bytes (%d) = \"%s\" != \"%s\"\n", - tests[i].val, buf, tests[i].str); - ++ret; - } - } - } - if (ret) { - printf ("%d errors\n", ret); - return 1; - } else - return 0; -} diff --git a/crypto/kerberosIV/lib/roken/parse_bytes.c b/crypto/kerberosIV/lib/roken/parse_bytes.c deleted file mode 100644 index f3c514fcd677..000000000000 --- a/crypto/kerberosIV/lib/roken/parse_bytes.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_bytes.c,v 1.2 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include -#include "parse_bytes.h" - -static units bytes_units[] = { - { "gigabyte", 1024 * 1024 * 1024 }, - { "gbyte", 1024 * 1024 * 1024 }, - { "GB", 1024 * 1024 * 1024 }, - { "megabyte", 1024 * 1024 }, - { "mbyte", 1024 * 1024 }, - { "MB", 1024 * 1024 }, - { "kilobyte", 1024 }, - { "KB", 1024 }, - { "byte", 1 }, - { NULL, 0 } -}; - -static units bytes_short_units[] = { - { "GB", 1024 * 1024 * 1024 }, - { "MB", 1024 * 1024 }, - { "KB", 1024 }, - { NULL, 0 } -}; - -int -parse_bytes (const char *s, const char *def_unit) -{ - return parse_units (s, bytes_units, def_unit); -} - -size_t -unparse_bytes (int t, char *s, size_t len) -{ - return unparse_units (t, bytes_units, s, len); -} - -size_t -unparse_bytes_short (int t, char *s, size_t len) -{ - return unparse_units_approx (t, bytes_short_units, s, len); -} diff --git a/crypto/kerberosIV/lib/roken/parse_bytes.h b/crypto/kerberosIV/lib/roken/parse_bytes.h deleted file mode 100644 index 8116c1c8ad77..000000000000 --- a/crypto/kerberosIV/lib/roken/parse_bytes.h +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: parse_bytes.h,v 1.2 1999/12/02 16:58:51 joda Exp $ */ - -#ifndef __PARSE_BYTES_H__ -#define __PARSE_BYTES_H__ - -int -parse_bytes (const char *s, const char *def_unit); - -size_t -unparse_bytes (int t, char *s, size_t len); - -size_t -unparse_bytes_short (int t, char *s, size_t len); - -#endif /* __PARSE_BYTES_H__ */ diff --git a/crypto/kerberosIV/lib/roken/parse_time.c b/crypto/kerberosIV/lib/roken/parse_time.c deleted file mode 100644 index a09ded758de8..000000000000 --- a/crypto/kerberosIV/lib/roken/parse_time.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_time.c,v 1.5 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include -#include "parse_time.h" - -static units time_units[] = { - {"year", 365 * 24 * 60 * 60}, - {"month", 30 * 24 * 60 * 60}, - {"week", 7 * 24 * 60 * 60}, - {"day", 24 * 60 * 60}, - {"hour", 60 * 60}, - {"h", 60 * 60}, - {"minute", 60}, - {"m", 60}, - {"second", 1}, - {"s", 1}, - {NULL, 0}, -}; - -int -parse_time (const char *s, const char *def_unit) -{ - return parse_units (s, time_units, def_unit); -} - -size_t -unparse_time (int t, char *s, size_t len) -{ - return unparse_units (t, time_units, s, len); -} - -size_t -unparse_time_approx (int t, char *s, size_t len) -{ - return unparse_units_approx (t, time_units, s, len); -} - -void -print_time_table (FILE *f) -{ - print_units_table (time_units, f); -} diff --git a/crypto/kerberosIV/lib/roken/parse_time.h b/crypto/kerberosIV/lib/roken/parse_time.h deleted file mode 100644 index 55de505dbba3..000000000000 --- a/crypto/kerberosIV/lib/roken/parse_time.h +++ /dev/null @@ -1,51 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: parse_time.h,v 1.4 1999/12/02 16:58:51 joda Exp $ */ - -#ifndef __PARSE_TIME_H__ -#define __PARSE_TIME_H__ - -int -parse_time (const char *s, const char *def_unit); - -size_t -unparse_time (int t, char *s, size_t len); - -size_t -unparse_time_approx (int t, char *s, size_t len); - -void -print_time_table (FILE *f); - -#endif /* __PARSE_TIME_H__ */ diff --git a/crypto/kerberosIV/lib/roken/parse_units.c b/crypto/kerberosIV/lib/roken/parse_units.c deleted file mode 100644 index 34c5030cb65e..000000000000 --- a/crypto/kerberosIV/lib/roken/parse_units.c +++ /dev/null @@ -1,324 +0,0 @@ -/* - * Copyright (c) 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: parse_units.c,v 1.12 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include -#include -#include -#include -#include "parse_units.h" - -/* - * Parse string in `s' according to `units' and return value. - * def_unit defines the default unit. - */ - -static int -parse_something (const char *s, const struct units *units, - const char *def_unit, - int (*func)(int res, int val, unsigned mult), - int init, - int accept_no_val_p) -{ - const char *p; - int res = init; - unsigned def_mult = 1; - - if (def_unit != NULL) { - const struct units *u; - - for (u = units; u->name; ++u) { - if (strcasecmp (u->name, def_unit) == 0) { - def_mult = u->mult; - break; - } - } - if (u->name == NULL) - return -1; - } - - p = s; - while (*p) { - double val; - char *next; - const struct units *u, *partial_unit; - size_t u_len; - unsigned partial; - int no_val_p = 0; - - while(isspace((unsigned char)*p) || *p == ',') - ++p; - - val = strtod (p, &next); /* strtol(p, &next, 0); */ - if (val == 0 && p == next) { - if(!accept_no_val_p) - return -1; - no_val_p = 1; - } - p = next; - while (isspace((unsigned char)*p)) - ++p; - if (*p == '\0') { - res = (*func)(res, val, def_mult); - if (res < 0) - return res; - break; - } else if (*p == '+') { - ++p; - val = 1; - } else if (*p == '-') { - ++p; - val = -1; - } - if (no_val_p && val == 0) - val = 1; - u_len = strcspn (p, ", \t"); - partial = 0; - partial_unit = NULL; - if (u_len > 1 && p[u_len - 1] == 's') - --u_len; - for (u = units; u->name; ++u) { - if (strncasecmp (p, u->name, u_len) == 0) { - if (u_len == strlen (u->name)) { - p += u_len; - res = (*func)(res, val, u->mult); - if (res < 0) - return res; - break; - } else { - ++partial; - partial_unit = u; - } - } - } - if (u->name == NULL) { - if (partial == 1) { - p += u_len; - res = (*func)(res, val, partial_unit->mult); - if (res < 0) - return res; - } else { - return -1; - } - } - if (*p == 's') - ++p; - } - return res; -} - -/* - * The string consists of a sequence of `n unit' - */ - -static int -acc_units(int res, int val, unsigned mult) -{ - return res + val * mult; -} - -int -parse_units (const char *s, const struct units *units, - const char *def_unit) -{ - return parse_something (s, units, def_unit, acc_units, 0, 0); -} - -/* - * The string consists of a sequence of `[+-]flag'. `orig' consists - * the original set of flags, those are then modified and returned as - * the function value. - */ - -static int -acc_flags(int res, int val, unsigned mult) -{ - if(val == 1) - return res | mult; - else if(val == -1) - return res & ~mult; - else if (val == 0) - return mult; - else - return -1; -} - -int -parse_flags (const char *s, const struct units *units, - int orig) -{ - return parse_something (s, units, NULL, acc_flags, orig, 1); -} - -/* - * Return a string representation according to `units' of `num' in `s' - * with maximum length `len'. The actual length is the function value. - */ - -static size_t -unparse_something (int num, const struct units *units, char *s, size_t len, - int (*print) (char *s, size_t len, int div, - const char *name, int rem), - int (*update) (int in, unsigned mult), - const char *zero_string) -{ - const struct units *u; - size_t ret = 0, tmp; - - if (num == 0) - return snprintf (s, len, "%s", zero_string); - - for (u = units; num > 0 && u->name; ++u) { - int div; - - div = num / u->mult; - if (div) { - num = (*update) (num, u->mult); - tmp = (*print) (s, len, div, u->name, num); - - len -= tmp; - s += tmp; - ret += tmp; - } - } - return ret; -} - -static int -print_unit (char *s, size_t len, int div, const char *name, int rem) -{ - return snprintf (s, len, "%u %s%s%s", - div, name, - div == 1 ? "" : "s", - rem > 0 ? " " : ""); -} - -static int -update_unit (int in, unsigned mult) -{ - return in % mult; -} - -static int -update_unit_approx (int in, unsigned mult) -{ - if (in / mult > 0) - return 0; - else - return update_unit (in, mult); -} - -size_t -unparse_units (int num, const struct units *units, char *s, size_t len) -{ - return unparse_something (num, units, s, len, - print_unit, - update_unit, - "0"); -} - -size_t -unparse_units_approx (int num, const struct units *units, char *s, size_t len) -{ - return unparse_something (num, units, s, len, - print_unit, - update_unit_approx, - "0"); -} - -void -print_units_table (const struct units *units, FILE *f) -{ - const struct units *u, *u2; - unsigned max_sz = 0; - - for (u = units; u->name; ++u) { - max_sz = max(max_sz, strlen(u->name)); - } - - for (u = units; u->name;) { - char buf[1024]; - const struct units *next; - - for (next = u + 1; next->name && next->mult == u->mult; ++next) - ; - - if (next->name) { - for (u2 = next; - u2->name && u->mult % u2->mult != 0; - ++u2) - ; - if (u2->name == NULL) - --u2; - unparse_units (u->mult, u2, buf, sizeof(buf)); - fprintf (f, "1 %*s = %s\n", max_sz, u->name, buf); - } else { - fprintf (f, "1 %s\n", u->name); - } - u = next; - } -} - -static int -print_flag (char *s, size_t len, int div, const char *name, int rem) -{ - return snprintf (s, len, "%s%s", name, rem > 0 ? ", " : ""); -} - -static int -update_flag (int in, unsigned mult) -{ - return in - mult; -} - -size_t -unparse_flags (int num, const struct units *units, char *s, size_t len) -{ - return unparse_something (num, units, s, len, - print_flag, - update_flag, - ""); -} - -void -print_flags_table (const struct units *units, FILE *f) -{ - const struct units *u; - - for(u = units; u->name; ++u) - fprintf(f, "%s%s", u->name, (u+1)->name ? ", " : "\n"); -} diff --git a/crypto/kerberosIV/lib/roken/parse_units.h b/crypto/kerberosIV/lib/roken/parse_units.h deleted file mode 100644 index f159d30e9007..000000000000 --- a/crypto/kerberosIV/lib/roken/parse_units.h +++ /dev/null @@ -1,73 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: parse_units.h,v 1.6 1999/12/02 16:58:51 joda Exp $ */ - -#ifndef __PARSE_UNITS_H__ -#define __PARSE_UNITS_H__ - -#include -#include - -struct units { - const char *name; - unsigned mult; -}; - -typedef struct units units; - -int -parse_units (const char *s, const struct units *units, - const char *def_unit); - -void -print_units_table (const struct units *units, FILE *f); - -int -parse_flags (const char *s, const struct units *units, - int orig); - -size_t -unparse_units (int num, const struct units *units, char *s, size_t len); - -size_t -unparse_units_approx (int num, const struct units *units, char *s, - size_t len); - -size_t -unparse_flags (int num, const struct units *units, char *s, size_t len); - -void -print_flags_table (const struct units *units, FILE *f); - -#endif /* __PARSE_UNITS_H__ */ diff --git a/crypto/kerberosIV/lib/roken/print_version.c b/crypto/kerberosIV/lib/roken/print_version.c deleted file mode 100644 index 57f6bd297532..000000000000 --- a/crypto/kerberosIV/lib/roken/print_version.c +++ /dev/null @@ -1,78 +0,0 @@ -/* - * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: print_version.c,v 1.5.2.1 2000/10/10 13:23:43 assar Exp $"); -#endif -#include "roken.h" - -#include "print_version.h" - -void -print_version(const char *progname) -{ - const char *arg[] = VERSIONLIST; - const int num_args = sizeof(arg) / sizeof(arg[0]); - char *msg; - size_t len = 0; - int i; - - if(progname == NULL) - progname = __progname; - - if(num_args == 0) - msg = "no version information"; - else { - for(i = 0; i < num_args; i++) { - if(i > 0) - len += 2; - len += strlen(arg[i]); - } - msg = malloc(len + 1); - if(msg == NULL) { - fprintf(stderr, "%s: out of memory\n", progname); - return; - } - msg[0] = '\0'; - for(i = 0; i < num_args; i++) { - if(i > 0) - strcat(msg, ", "); - strcat(msg, arg[i]); - } - } - fprintf(stderr, "%s (%s)\n", progname, msg); - fprintf(stderr, "Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan\n"); - if(num_args != 0) - free(msg); -} diff --git a/crypto/kerberosIV/lib/roken/putenv.c b/crypto/kerberosIV/lib/roken/putenv.c deleted file mode 100644 index 80951d12c534..000000000000 --- a/crypto/kerberosIV/lib/roken/putenv.c +++ /dev/null @@ -1,76 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: putenv.c,v 1.6 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include - -extern char **environ; - -/* - * putenv -- - * String points to a string of the form name=value. - * - * Makes the value of the environment variable name equal to - * value by altering an existing variable or creating a new one. - */ -int putenv(const char *string) -{ - int i; - int len; - - len = string - strchr(string, '=') + 1; - - if(environ == NULL){ - environ = malloc(sizeof(char*)); - if(environ == NULL) - return 1; - environ[0] = NULL; - } - - for(i = 0; environ[i]; i++) - if(strncmp(string, environ[i], len)){ - environ[len] = string; - return 0; - } - environ = realloc(environ, sizeof(char*) * (i + 1)); - if(environ == NULL) - return 1; - environ[i] = string; - environ[i+1] = NULL; - return 0; -} - diff --git a/crypto/kerberosIV/lib/roken/rcmd.c b/crypto/kerberosIV/lib/roken/rcmd.c deleted file mode 100644 index 41179484bce5..000000000000 --- a/crypto/kerberosIV/lib/roken/rcmd.c +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: rcmd.c,v 1.3 1999/12/02 16:58:51 joda Exp $"); -#endif - -#include "roken.h" -#include - -int -rcmd(char **ahost, - unsigned short inport, - const char *locuser, - const char *remuser, - const char *cmd, - int *fd2p) -{ - fprintf(stderr, "Only kerberized services are implemented\n"); - return -1; -} diff --git a/crypto/kerberosIV/lib/roken/readv.c b/crypto/kerberosIV/lib/roken/readv.c deleted file mode 100644 index de2f9ea8af72..000000000000 --- a/crypto/kerberosIV/lib/roken/readv.c +++ /dev/null @@ -1,67 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: readv.c,v 1.5 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include "roken.h" - -ssize_t -readv(int d, const struct iovec *iov, int iovcnt) -{ - ssize_t ret, nb; - size_t tot = 0; - int i; - char *buf, *p; - - for(i = 0; i < iovcnt; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - nb = ret = read (d, buf, tot); - p = buf; - while (nb > 0) { - ssize_t cnt = min(nb, iov->iov_len); - - memcpy (iov->iov_base, p, cnt); - p += cnt; - nb -= cnt; - } - free(buf); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/recvmsg.c b/crypto/kerberosIV/lib/roken/recvmsg.c deleted file mode 100644 index e94ad68c80be..000000000000 --- a/crypto/kerberosIV/lib/roken/recvmsg.c +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: recvmsg.c,v 1.5 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include "roken.h" - -ssize_t -recvmsg(int s, struct msghdr *msg, int flags) -{ - ssize_t ret, nb; - size_t tot = 0; - int i; - char *buf, *p; - struct iovec *iov = msg->msg_iov; - - for(i = 0; i < msg->msg_iovlen; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - nb = ret = recvfrom (s, buf, tot, flags, msg->msg_name, &msg->msg_namelen); - p = buf; - while (nb > 0) { - ssize_t cnt = min(nb, iov->iov_len); - - memcpy (iov->iov_base, p, cnt); - p += cnt; - nb -= cnt; - ++iov; - } - free(buf); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/resolve.c b/crypto/kerberosIV/lib/roken/resolve.c deleted file mode 100644 index 8840740532cc..000000000000 --- a/crypto/kerberosIV/lib/roken/resolve.c +++ /dev/null @@ -1,353 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" -#ifdef HAVE_ARPA_NAMESER_H -#include -#endif -#ifdef HAVE_RESOLV_H -#include -#endif -#include "resolve.h" - -RCSID("$Id: resolve.c,v 1.22 1999/12/02 16:58:52 joda Exp $"); - -#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) - -#define DECL(X) {#X, T_##X} - -static struct stot{ - const char *name; - int type; -}stot[] = { - DECL(A), - DECL(NS), - DECL(CNAME), - DECL(PTR), - DECL(MX), - DECL(TXT), - DECL(AFSDB), - DECL(SRV), - {NULL, 0} -}; - -int _resolve_debug; - -static int -string_to_type(const char *name) -{ - struct stot *p = stot; - for(p = stot; p->name; p++) - if(strcasecmp(name, p->name) == 0) - return p->type; - return -1; -} - -static const char * -type_to_string(int type) -{ - struct stot *p = stot; - for(p = stot; p->name; p++) - if(type == p->type) - return p->name; - return NULL; -} - -void -dns_free_data(struct dns_reply *r) -{ - struct resource_record *rr; - if(r->q.domain) - free(r->q.domain); - for(rr = r->head; rr;){ - struct resource_record *tmp = rr; - if(rr->domain) - free(rr->domain); - if(rr->u.data) - free(rr->u.data); - rr = rr->next; - free(tmp); - } - free (r); -} - -static struct dns_reply* -parse_reply(unsigned char *data, int len) -{ - unsigned char *p; - char host[128]; - int status; - - struct dns_reply *r; - struct resource_record **rr; - - r = calloc(1, sizeof(*r)); - if (r == NULL) - return NULL; - - p = data; -#if 0 - /* doesn't work on Crays */ - memcpy(&r->h, p, sizeof(HEADER)); - p += sizeof(HEADER); -#else - memcpy(&r->h, p, 12); /* XXX this will probably be mostly garbage */ - p += 12; -#endif - status = dn_expand(data, data + len, p, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - r->q.domain = strdup(host); - if(r->q.domain == NULL) { - dns_free_data(r); - return NULL; - } - p += status; - r->q.type = (p[0] << 8 | p[1]); - p += 2; - r->q.class = (p[0] << 8 | p[1]); - p += 2; - rr = &r->head; - while(p < data + len){ - int type, class, ttl, size; - status = dn_expand(data, data + len, p, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - p += status; - type = (p[0] << 8) | p[1]; - p += 2; - class = (p[0] << 8) | p[1]; - p += 2; - ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - p += 4; - size = (p[0] << 8) | p[1]; - p += 2; - *rr = (struct resource_record*)calloc(1, - sizeof(struct resource_record)); - if(*rr == NULL) { - dns_free_data(r); - return NULL; - } - (*rr)->domain = strdup(host); - if((*rr)->domain == NULL) { - dns_free_data(r); - return NULL; - } - (*rr)->type = type; - (*rr)->class = class; - (*rr)->ttl = ttl; - (*rr)->size = size; - switch(type){ - case T_NS: - case T_CNAME: - case T_PTR: - status = dn_expand(data, data + len, p, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - (*rr)->u.txt = strdup(host); - if((*rr)->u.txt == NULL) { - dns_free_data(r); - return NULL; - } - break; - case T_MX: - case T_AFSDB:{ - status = dn_expand(data, data + len, p + 2, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - (*rr)->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) + - strlen(host)); - if((*rr)->u.mx == NULL) { - dns_free_data(r); - return NULL; - } - (*rr)->u.mx->preference = (p[0] << 8) | p[1]; - strcpy((*rr)->u.mx->domain, host); - break; - } - case T_SRV:{ - status = dn_expand(data, data + len, p + 6, host, sizeof(host)); - if(status < 0){ - dns_free_data(r); - return NULL; - } - (*rr)->u.srv = - (struct srv_record*)malloc(sizeof(struct srv_record) + - strlen(host)); - if((*rr)->u.srv == NULL) { - dns_free_data(r); - return NULL; - } - (*rr)->u.srv->priority = (p[0] << 8) | p[1]; - (*rr)->u.srv->weight = (p[2] << 8) | p[3]; - (*rr)->u.srv->port = (p[4] << 8) | p[5]; - strcpy((*rr)->u.srv->target, host); - break; - } - case T_TXT:{ - (*rr)->u.txt = (char*)malloc(size + 1); - if((*rr)->u.txt == NULL) { - dns_free_data(r); - return NULL; - } - strncpy((*rr)->u.txt, (char*)p + 1, *p); - (*rr)->u.txt[*p] = 0; - break; - } - - default: - (*rr)->u.data = (unsigned char*)malloc(size); - if(size != 0 && (*rr)->u.data == NULL) { - dns_free_data(r); - return NULL; - } - memcpy((*rr)->u.data, p, size); - } - p += size; - rr = &(*rr)->next; - } - *rr = NULL; - return r; -} - -static struct dns_reply * -dns_lookup_int(const char *domain, int rr_class, int rr_type) -{ - unsigned char reply[1024]; - int len; - struct dns_reply *r = NULL; - u_long old_options = 0; - - if (_resolve_debug) { - old_options = _res.options; - _res.options |= RES_DEBUG; - fprintf(stderr, "dns_lookup(%s, %d, %s)\n", domain, - rr_class, type_to_string(rr_type)); - } - len = res_search(domain, rr_class, rr_type, reply, sizeof(reply)); - if (_resolve_debug) { - _res.options = old_options; - fprintf(stderr, "dns_lookup(%s, %d, %s) --> %d\n", - domain, rr_class, type_to_string(rr_type), len); - } - if (len >= 0) - r = parse_reply(reply, len); - return r; -} - -struct dns_reply * -dns_lookup(const char *domain, const char *type_name) -{ - int type; - - type = string_to_type(type_name); - if(type == -1) { - if(_resolve_debug) - fprintf(stderr, "dns_lookup: unknown resource type: `%s'\n", - type_name); - return NULL; - } - return dns_lookup_int(domain, C_IN, type); -} - -#else /* NOT defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */ - -struct dns_reply * -dns_lookup(const char *domain, const char *type_name) -{ - return NULL; -} - -void -dns_free_data(struct dns_reply *r) -{ -} - -#endif - -#ifdef TEST -int -main(int argc, char **argv) -{ - struct dns_reply *r; - struct resource_record *rr; - r = dns_lookup(argv[1], argv[2]); - if(r == NULL){ - printf("No reply.\n"); - return 1; - } - for(rr = r->head; rr;rr=rr->next){ - printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl); - switch(rr->type){ - case T_NS: - printf("%s\n", (char*)rr->u.data); - break; - case T_A: - printf("%d.%d.%d.%d\n", - ((unsigned char*)rr->u.data)[0], - ((unsigned char*)rr->u.data)[1], - ((unsigned char*)rr->u.data)[2], - ((unsigned char*)rr->u.data)[3]); - break; - case T_MX: - case T_AFSDB:{ - struct mx_record *mx = (struct mx_record*)rr->u.data; - printf("%d %s\n", mx->preference, mx->domain); - break; - } - case T_SRV:{ - struct srv_record *srv = (struct srv_record*)rr->u.data; - printf("%d %d %d %s\n", srv->priority, srv->weight, - srv->port, srv->target); - break; - } - default: - printf("\n"); - break; - } - } - - return 0; -} -#endif diff --git a/crypto/kerberosIV/lib/roken/resolve.h b/crypto/kerberosIV/lib/roken/resolve.h deleted file mode 100644 index c90f6b54ada5..000000000000 --- a/crypto/kerberosIV/lib/roken/resolve.h +++ /dev/null @@ -1,103 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: resolve.h,v 1.8 1999/12/02 16:58:52 joda Exp $ */ - -#ifndef __RESOLVE_H__ -#define __RESOLVE_H__ - -/* We use these, but they are not always present in */ - -#ifndef T_TXT -#define T_TXT 16 -#endif -#ifndef T_AFSDB -#define T_AFSDB 18 -#endif -#ifndef T_SRV -#define T_SRV 33 -#endif -#ifndef T_NAPTR -#define T_NAPTR 35 -#endif - -struct dns_query{ - char *domain; - unsigned type; - unsigned class; -}; - -struct mx_record{ - unsigned preference; - char domain[1]; -}; - -struct srv_record{ - unsigned priority; - unsigned weight; - unsigned port; - char target[1]; -}; - -struct resource_record{ - char *domain; - unsigned type; - unsigned class; - unsigned ttl; - unsigned size; - union { - void *data; - struct mx_record *mx; - struct mx_record *afsdb; /* mx and afsdb are identical */ - struct srv_record *srv; - struct in_addr *a; - char *txt; - }u; - struct resource_record *next; -}; - -#ifndef T_A /* XXX if isn't included */ -typedef int HEADER; /* will never be used */ -#endif - -struct dns_reply{ - HEADER h; - struct dns_query q; - struct resource_record *head; -}; - - -struct dns_reply* dns_lookup(const char *, const char *); -void dns_free_data(struct dns_reply *); - -#endif /* __RESOLVE_H__ */ diff --git a/crypto/kerberosIV/lib/roken/resource.h b/crypto/kerberosIV/lib/roken/resource.h deleted file mode 100644 index 01cd01d76c8c..000000000000 --- a/crypto/kerberosIV/lib/roken/resource.h +++ /dev/null @@ -1,15 +0,0 @@ -//{{NO_DEPENDENCIES}} -// Microsoft Developer Studio generated include file. -// Used by roken.rc -// - -// Next default values for new objects -// -#ifdef APSTUDIO_INVOKED -#ifndef APSTUDIO_READONLY_SYMBOLS -#define _APS_NEXT_RESOURCE_VALUE 101 -#define _APS_NEXT_COMMAND_VALUE 40001 -#define _APS_NEXT_CONTROL_VALUE 1000 -#define _APS_NEXT_SYMED_VALUE 101 -#endif -#endif diff --git a/crypto/kerberosIV/lib/roken/roken-common.h b/crypto/kerberosIV/lib/roken/roken-common.h deleted file mode 100644 index a57f54d5c715..000000000000 --- a/crypto/kerberosIV/lib/roken/roken-common.h +++ /dev/null @@ -1,265 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken-common.h,v 1.19.2.2 2000/08/16 03:37:26 assar Exp $ */ - -#ifndef __ROKEN_COMMON_H__ -#define __ROKEN_COMMON_H__ - -#ifndef INADDR_NONE -#define INADDR_NONE 0xffffffff -#endif - -#ifndef SOMAXCONN -#define SOMAXCONN 5 -#endif - -#ifndef STDIN_FILENO -#define STDIN_FILENO 0 -#endif - -#ifndef STDOUT_FILENO -#define STDOUT_FILENO 1 -#endif - -#ifndef STDERR_FILENO -#define STDERR_FILENO 2 -#endif - -#ifndef max -#define max(a,b) (((a)>(b))?(a):(b)) -#endif - -#ifndef min -#define min(a,b) (((a)<(b))?(a):(b)) -#endif - -#ifndef TRUE -#define TRUE 1 -#endif - -#ifndef FALSE -#define FALSE 0 -#endif - -#ifndef LOG_DAEMON -#define openlog(id,option,facility) openlog((id),(option)) -#define LOG_DAEMON 0 -#endif -#ifndef LOG_ODELAY -#define LOG_ODELAY 0 -#endif -#ifndef LOG_NDELAY -#define LOG_NDELAY 0x08 -#endif -#ifndef LOG_CONS -#define LOG_CONS 0 -#endif -#ifndef LOG_AUTH -#define LOG_AUTH 0 -#endif -#ifndef LOG_AUTHPRIV -#define LOG_AUTHPRIV LOG_AUTH -#endif - -#ifndef F_OK -#define F_OK 0 -#endif - -#ifndef O_ACCMODE -#define O_ACCMODE 003 -#endif - -#ifndef _PATH_DEV -#define _PATH_DEV "/dev/" -#endif - -#ifndef _PATH_DEVNULL -#define _PATH_DEVNULL "/dev/null" -#endif - -#ifndef _PATH_HEQUIV -#define _PATH_HEQUIV "/etc/hosts.equiv" -#endif - -#ifndef MAXPATHLEN -#define MAXPATHLEN (1024+4) -#endif - -#ifndef SIG_ERR -#define SIG_ERR ((RETSIGTYPE (*)())-1) -#endif - -#ifndef HOST_NOT_FOUND -#define HOST_NOT_FOUND 1 -#endif - -#ifndef TRY_AGAIN -#define TRY_AGAIN 2 -#endif - -#ifndef NO_RECOVERY -#define NO_RECOVERY 3 -#endif - -#ifndef NO_DATA -#define NO_DATA 4 -#endif - -#ifndef NO_ADDRESS -#define NO_ADDRESS NO_DATA -#endif - -#if 0 - -struct addrinfo { - int ai_flags; - int ai_family; - int ai_socktype; - int ai_protocol; - size_t ai_addrlen; - char *ai_canonname; - struct sockaddr *ai_addr; - struct addrinfo *ai_next; -}; - -#define EAI_ADDRFAMILY 1 /* address family for nodename not supported */ -#define EAI_AGAIN 2 /* temporary failure in name resolution */ -#define EAI_BADFLAGS 3 /* invalid value for ai_flags */ -#define EAI_FAIL 4 /* non-recoverable failure in name resolution */ -#define EAI_FAMILY 5 /* ai_family not supported */ -#define EAI_MEMORY 6 /* memory allocation failure */ -#define EAI_NODATA 7 /* no address associated with nodename */ -#define EAI_NONAME 8 /* nodename nor servname provided, or not known */ -#define EAI_SERVICE 9 /* servname not supported for ai_socktype */ -#define EAI_SOCKTYPE 10 /* ai_socktype not supported */ -#define EAI_SYSTEM 11 /* system error returned in errno */ - -/* flags for getaddrinfo() */ - -#define AI_PASSIVE 0x01 -#define AI_CANONNAME 0x02 -#define AI_NUMERICHOST 0x04 - -#endif - -/* - * constants for inet_ntop - */ - -#ifndef INET_ADDRSTRLEN -#define INET_ADDRSTRLEN 16 -#endif - -#ifndef INET6_ADDRSTRLEN -#define INET6_ADDRSTRLEN 46 -#endif - -/* - * for shutdown(2) - */ - -#ifndef SHUT_RD -#define SHUT_RD 0 -#endif - -#ifndef SHUT_WR -#define SHUT_WR 1 -#endif - -#ifndef SHUT_RDWR -#define SHUT_RDWR 2 -#endif - -#ifndef HAVE___ATTRIBUTE__ -#define __attribute__(x) -#endif - -#if IRIX != 4 /* fix for compiler bug */ -#ifdef RETSIGTYPE -typedef RETSIGTYPE (*SigAction)(/* int??? */); -SigAction signal(int iSig, SigAction pAction); /* BSD compatible */ -#endif -#endif - -int ROKEN_LIB_FUNCTION simple_execve(const char*, char*const[], char*const[]); -int ROKEN_LIB_FUNCTION simple_execvp(const char*, char *const[]); -int ROKEN_LIB_FUNCTION simple_execlp(const char*, ...); -int ROKEN_LIB_FUNCTION simple_execle(const char*, ...); - -void ROKEN_LIB_FUNCTION print_version(const char *); - -void *ROKEN_LIB_FUNCTION emalloc (size_t); -void *ROKEN_LIB_FUNCTION erealloc (void *, size_t); -char *ROKEN_LIB_FUNCTION estrdup (const char *); - -ssize_t ROKEN_LIB_FUNCTION eread (int fd, void *buf, size_t nbytes); -ssize_t ROKEN_LIB_FUNCTION ewrite (int fd, const void *buf, size_t nbytes); - -void -socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port); - -size_t -socket_addr_size (const struct sockaddr *sa); - -void -socket_set_any (struct sockaddr *sa, int af); - -size_t -socket_sockaddr_size (const struct sockaddr *sa); - -void * -socket_get_address (struct sockaddr *sa); - -int -socket_get_port (const struct sockaddr *sa); - -void -socket_set_port (struct sockaddr *sa, int port); - -void -socket_set_debug (int sock); - -void -socket_set_tos (int sock, int tos); - -void -socket_set_reuseaddr (int sock, int val); - -char ** -vstrcollect(va_list *ap); - -char ** -strcollect(char *first, ...); - -#endif /* __ROKEN_COMMON_H__ */ diff --git a/crypto/kerberosIV/lib/roken/roken.awk b/crypto/kerberosIV/lib/roken/roken.awk deleted file mode 100644 index 626fae5906e0..000000000000 --- a/crypto/kerberosIV/lib/roken/roken.awk +++ /dev/null @@ -1,35 +0,0 @@ -BEGIN { - print "#include " - print "#ifdef HAVE_CONFIG_H" - print "#include " - print "#endif" - print "" - print "int main()" - print "{" - print "puts(\"/* This is an OS dependent, generated file */\");" - print "puts(\"\\n\");" - print "puts(\"#ifndef __ROKEN_H__\");" - print "puts(\"#define __ROKEN_H__\");" - print "puts(\"\");" -} -END { - print "puts(\"#endif /* __ROKEN_H__ */\");" - print "exit(0);" - print "}" -} - -$1 == "\#ifdef" || $1 == "\#ifndef" || $1 == "\#if" || $1 == "\#else" || $1 == "\#elif" || $1 == "\#endif" || $1 == "#ifdef" || $1 == "#ifndef" || $1 == "#if" || $1 == "#else" || $1 == "#elif" || $1 == "#endif" { - print $0; - next -} - -{ - s = "" - for(i = 1; i <= length; i++){ - x = substr($0, i, 1) - if(x == "\"" || x == "\\") - s = s "\\"; - s = s x; - } - print "puts(\"" s "\");" -} diff --git a/crypto/kerberosIV/lib/roken/roken.def b/crypto/kerberosIV/lib/roken/roken.def deleted file mode 100644 index f9b0369dd1dd..000000000000 --- a/crypto/kerberosIV/lib/roken/roken.def +++ /dev/null @@ -1,17 +0,0 @@ -LIBRARY roken BASE=0x68f0000 -EXPORTS - gettimeofday - strcasecmp - strtok_r - snprintf - asprintf - vsnprintf - base64_decode - base64_encode - roken_concat - roken_vconcat - roken_vmconcat - roken_mconcat - getuid - dns_free_data - dns_lookup diff --git a/crypto/kerberosIV/lib/roken/roken.dsp b/crypto/kerberosIV/lib/roken/roken.dsp deleted file mode 100644 index d84854e3d30d..000000000000 --- a/crypto/kerberosIV/lib/roken/roken.dsp +++ /dev/null @@ -1,156 +0,0 @@ -# Microsoft Developer Studio Project File - Name="roken" - Package Owner=<4> -# Microsoft Developer Studio Generated Build File, Format Version 5.00 -# ** DO NOT EDIT ** - -# TARGTYPE "Win32 (x86) Dynamic-Link Library" 0x0102 - -CFG=roken - Win32 Release -!MESSAGE This is not a valid makefile. To build this project using NMAKE, -!MESSAGE use the Export Makefile command and run -!MESSAGE -!MESSAGE NMAKE /f "roken.mak". -!MESSAGE -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "roken.mak" CFG="roken - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "roken - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "roken - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE - -# Begin Project -# PROP Scc_ProjName "" -# PROP Scc_LocalPath "" -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "roken - Win32 Release" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 0 -# PROP BASE Output_Dir ".\Release" -# PROP BASE Intermediate_Dir ".\Release" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 0 -# PROP Output_Dir ".\Release" -# PROP Intermediate_Dir ".\Release" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MT /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MT /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "NDEBUG" /win32 -# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "NDEBUG" -# ADD RSC /l 0x409 /d "NDEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /base:"0x68e7780" /subsystem:windows /dll /machine:I386 - -!ELSEIF "$(CFG)" == "roken - Win32 Debug" - -# PROP BASE Use_MFC 0 -# PROP BASE Use_Debug_Libraries 1 -# PROP BASE Output_Dir ".\Debug" -# PROP BASE Intermediate_Dir ".\Debug" -# PROP BASE Target_Dir "" -# PROP Use_MFC 0 -# PROP Use_Debug_Libraries 1 -# PROP Output_Dir ".\Debug" -# PROP Intermediate_Dir ".\Debug" -# PROP Ignore_Export_Lib 0 -# PROP Target_Dir "" -# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /c -# ADD CPP /nologo /MDd /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D "_WINDOWS" /D "HAVE_CONFIG_H" /YX /FD /c -# ADD BASE MTL /nologo /D "_DEBUG" /win32 -# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /win32 -# ADD BASE RSC /l 0x409 /d "_DEBUG" -# ADD RSC /l 0x409 /d "_DEBUG" -BSC32=bscmake.exe -# ADD BASE BSC32 /nologo -# ADD BSC32 /nologo -LINK32=link.exe -# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /dll /debug /machine:I386 -# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo /subsystem:windows /dll /debug /machine:I386 /def:".\roken.def" -# SUBTRACT LINK32 /pdb:none - -!ENDIF - -# Begin Target - -# Name "roken - Win32 Release" -# Name "roken - Win32 Debug" -# Begin Group "Source Files" - -# PROP Default_Filter "cpp;c;cxx;rc;def;r;odl;hpj;bat;for;f90" -# Begin Source File - -SOURCE=.\base64.c -# End Source File -# Begin Source File - -SOURCE=.\concat.c -# End Source File -# Begin Source File - -SOURCE=.\gettimeofday.c -# End Source File -# Begin Source File - -SOURCE=.\getuid.c -# End Source File -# Begin Source File - -SOURCE=.\resolve.c -# End Source File -# Begin Source File - -SOURCE=.\roken.def - -!IF "$(CFG)" == "roken - Win32 Release" - -!ELSEIF "$(CFG)" == "roken - Win32 Debug" - -# PROP Exclude_From_Build 1 - -!ENDIF - -# End Source File -# Begin Source File - -SOURCE=.\snprintf.c -# End Source File -# Begin Source File - -SOURCE=.\strcasecmp.c -# End Source File -# Begin Source File - -SOURCE=.\strtok_r.c -# End Source File -# End Group -# Begin Group "Header Files" - -# PROP Default_Filter "h;hpp;hxx;hm;inl;fi;fd" -# Begin Source File - -SOURCE=.\resolve.h -# End Source File -# End Group -# Begin Group "Resource Files" - -# PROP Default_Filter "ico;cur;bmp;dlg;rc2;rct;bin;cnt;rtf;gif;jpg;jpeg;jpe" -# Begin Source File - -SOURCE=.\roken.rc -# End Source File -# End Group -# End Target -# End Project diff --git a/crypto/kerberosIV/lib/roken/roken.h.in b/crypto/kerberosIV/lib/roken/roken.h.in deleted file mode 100644 index be0774e89e21..000000000000 --- a/crypto/kerberosIV/lib/roken/roken.h.in +++ /dev/null @@ -1,520 +0,0 @@ -/* -*- C -*- */ -/* - * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken.h.in,v 1.125.2.4 2000/03/12 20:32:51 assar Exp $ */ - -#include -#include -#include -#include -#include -#ifdef HAVE_SYS_PARAM_H -#include -#endif -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_SYS_UIO_H -#include -#endif -#ifdef HAVE_GRP_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN6_H -#include -#endif -#ifdef HAVE_NETINET6_IN6_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_SYSLOG_H -#include -#endif -#ifdef HAVE_WINSOCK_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#ifdef HAVE_ERRNO_H -#include -#endif -#ifdef HAVE_ERR_H -#include -#endif -#ifdef HAVE_TERMIOS_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif - -#ifdef HAVE_PATHS_H -#include -#endif - -#ifdef __cplusplus -extern "C" { -#endif - -#ifndef ROKEN_LIB_FUNCTION -#if defined(__BORLANDC__) -#define ROKEN_LIB_FUNCTION /* not-ready-definition-yet */ -#elif defined(_MSC_VER) -#define ROKEN_LIB_FUNCTION /* not-ready-definition-yet2 */ -#else -#define ROKEN_LIB_FUNCTION -#endif -#endif - -#include - -#if !defined(HAVE_SETSID) && defined(HAVE__SETSID) -#define setsid _setsid -#endif - -#ifndef HAVE_PUTENV -int putenv(const char *string); -#endif - -#if !defined(HAVE_SETENV) || defined(NEED_SETENV_PROTO) -int setenv(const char *var, const char *val, int rewrite); -#endif - -#if !defined(HAVE_UNSETENV) || defined(NEED_UNSETENV_PROTO) -void unsetenv(const char *name); -#endif - -#if !defined(HAVE_GETUSERSHELL) || defined(NEED_GETUSERSHELL_PROTO) -char *getusershell(void); -void endusershell(void); -#endif - -#if !defined(HAVE_SNPRINTF) || defined(NEED_SNPRINTF_PROTO) -int snprintf (char *str, size_t sz, const char *format, ...) - __attribute__ ((format (printf, 3, 4))); -#endif - -#if !defined(HAVE_VSNPRINTF) || defined(NEED_VSNPRINTF_PROTO) -int vsnprintf (char *str, size_t sz, const char *format, va_list ap) - __attribute__((format (printf, 3, 0))); -#endif - -#if !defined(HAVE_ASPRINTF) || defined(NEED_ASPRINTF_PROTO) -int asprintf (char **ret, const char *format, ...) - __attribute__ ((format (printf, 2, 3))); -#endif - -#if !defined(HAVE_VASPRINTF) || defined(NEED_VASPRINTF_PROTO) -int vasprintf (char **ret, const char *format, va_list ap) - __attribute__((format (printf, 2, 0))); -#endif - -#if !defined(HAVE_ASNPRINTF) || defined(NEED_ASNPRINTF_PROTO) -int asnprintf (char **ret, size_t max_sz, const char *format, ...) - __attribute__ ((format (printf, 3, 4))); -#endif - -#if !defined(HAVE_VASNPRINTF) || defined(NEED_VASNPRINTF_PROTO) -int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap) - __attribute__((format (printf, 3, 0))); -#endif - -#ifndef HAVE_STRDUP -char * strdup(const char *old); -#endif - -#ifndef HAVE_STRNDUP -char * strndup(const char *old, size_t sz); -#endif - -#ifndef HAVE_STRLWR -char * strlwr(char *); -#endif - -#ifndef HAVE_STRNLEN -size_t strnlen(const char*, size_t); -#endif - -#if !defined(HAVE_STRSEP) || defined(NEED_STRSEP_PROTO) -char *strsep(char**, const char*); -#endif - -#ifndef HAVE_STRCASECMP -int strcasecmp(const char *s1, const char *s2); -#endif - -#ifdef NEED_FCLOSE_PROTO -int fclose(FILE *); -#endif - -#ifdef NEED_STRTOK_R_PROTO -char *strtok_r(char *s1, const char *s2, char **lasts); -#endif - -#ifndef HAVE_STRUPR -char * strupr(char *); -#endif - -#ifndef HAVE_STRLCPY -size_t strlcpy (char *dst, const char *src, size_t dst_sz); -#endif - -#ifndef HAVE_STRLCAT -size_t strlcat (char *dst, const char *src, size_t dst_sz); -#endif - -#ifndef HAVE_GETDTABLESIZE -int getdtablesize(void); -#endif - -#if !defined(HAVE_STRERROR) && !defined(strerror) -char *strerror(int eno); -#endif - -#if !defined(HAVE_HSTRERROR) || defined(NEED_HSTRERROR_PROTO) -/* This causes a fatal error under Psoriasis */ -#if !(defined(SunOS) && (SunOS >= 50)) -const char *hstrerror(int herr); -#endif -#endif - -#ifndef HAVE_H_ERRNO_DECLARATION -extern int h_errno; -#endif - -#if !defined(HAVE_INET_ATON) || defined(NEED_INET_ATON_PROTO) -int inet_aton(const char *cp, struct in_addr *adr); -#endif - -#ifndef HAVE_INET_NTOP -const char * -inet_ntop(int af, const void *src, char *dst, size_t size); -#endif - -#ifndef HAVE_INET_PTON -int -inet_pton(int af, const char *src, void *dst); -#endif - -#if !defined(HAVE_GETCWD) -char* getcwd(char *path, size_t size); -#endif - -#ifdef HAVE_PWD_H -#include -struct passwd *k_getpwnam (const char *user); -struct passwd *k_getpwuid (uid_t uid); -#endif - -const char *get_default_username (void); - -#ifndef HAVE_SETEUID -int seteuid(uid_t euid); -#endif - -#ifndef HAVE_SETEGID -int setegid(gid_t egid); -#endif - -#ifndef HAVE_LSTAT -int lstat(const char *path, struct stat *buf); -#endif - -#if !defined(HAVE_MKSTEMP) || defined(NEED_MKSTEMP_PROTO) -int mkstemp(char *); -#endif - -#ifndef HAVE_CGETENT -int cgetent(char **buf, char **db_array, const char *name); -int cgetstr(char *buf, const char *cap, char **str); -#endif - -#ifndef HAVE_INITGROUPS -int initgroups(const char *name, gid_t basegid); -#endif - -#ifndef HAVE_FCHOWN -int fchown(int fd, uid_t owner, gid_t group); -#endif - -#ifndef HAVE_DAEMON -int daemon(int nochdir, int noclose); -#endif - -#ifndef HAVE_INNETGR -int innetgr(const char *netgroup, const char *machine, - const char *user, const char *domain); -#endif - -#ifndef HAVE_CHOWN -int chown(const char *path, uid_t owner, gid_t group); -#endif - -#ifndef HAVE_RCMD -int rcmd(char **ahost, unsigned short inport, const char *locuser, - const char *remuser, const char *cmd, int *fd2p); -#endif - -#if !defined(HAVE_INNETGR) || defined(NEED_INNETGR_PROTO) -int innetgr(const char*, const char*, const char*, const char*); -#endif - -#ifndef HAVE_IRUSEROK -int iruserok(unsigned raddr, int superuser, const char *ruser, - const char *luser); -#endif - -#if !defined(HAVE_GETHOSTNAME) || defined(NEED_GETHOSTNAME_PROTO) -int gethostname(char *name, int namelen); -#endif - -#ifndef HAVE_WRITEV -ssize_t -writev(int d, const struct iovec *iov, int iovcnt); -#endif - -#ifndef HAVE_READV -ssize_t -readv(int d, const struct iovec *iov, int iovcnt); -#endif - -#ifndef HAVE_MKSTEMP -int -mkstemp(char *template); -#endif - -#ifndef HAVE_FLOCK -#ifndef LOCK_SH -#define LOCK_SH 1 /* Shared lock */ -#endif -#ifndef LOCK_EX -#define LOCK_EX 2 /* Exclusive lock */ -#endif -#ifndef LOCK_NB -#define LOCK_NB 4 /* Don't block when locking */ -#endif -#ifndef LOCK_UN -#define LOCK_UN 8 /* Unlock */ -#endif - -int flock(int fd, int operation); -#endif /* HAVE_FLOCK */ - -time_t tm2time (struct tm tm, int local); - -int unix_verify_user(char *user, char *password); - -void inaddr2str(struct in_addr addr, char *s, size_t len); - -void mini_inetd (int port); - -int roken_concat (char *s, size_t len, ...); - -size_t roken_mconcat (char **s, size_t max_len, ...); - -int roken_vconcat (char *s, size_t len, va_list args); - -size_t roken_vmconcat (char **s, size_t max_len, va_list args); - -ssize_t net_write (int fd, const void *buf, size_t nbytes); - -ssize_t net_read (int fd, void *buf, size_t nbytes); - -int issuid(void); - -#ifndef HAVE_STRUCT_WINSIZE -struct winsize { - unsigned short ws_row, ws_col; - unsigned short ws_xpixel, ws_ypixel; -}; -#endif - -int get_window_size(int fd, struct winsize *); - -#ifndef HAVE_VSYSLOG -void vsyslog(int pri, const char *fmt, va_list ap); -#endif - -#ifndef HAVE_OPTARG_DECLARATION -extern char *optarg; -#endif -#ifndef HAVE_OPTIND_DECLARATION -extern int optind; -#endif -#ifndef HAVE_OPTERR_DECLARATION -extern int opterr; -#endif - -#ifndef HAVE___PROGNAME_DECLARATION -extern const char *__progname; -#endif - -#ifndef HAVE_ENVIRON_DECLARATION -extern char **environ; -#endif - -#ifndef HAVE_GETIPNODEBYNAME -struct hostent * -getipnodebyname (const char *name, int af, int flags, int *error_num); -#endif - -#ifndef HAVE_GETIPNODEBYADDR -struct hostent * -getipnodebyaddr (const void *src, size_t len, int af, int *error_num); -#endif - -#ifndef HAVE_FREEHOSTENT -void -freehostent (struct hostent *h); -#endif - -#ifndef HAVE_COPYHOSTENT -struct hostent * -copyhostent (const struct hostent *h); -#endif - -#ifndef HAVE_SOCKLEN_T -typedef int socklen_t; -#endif - -#ifndef HAVE_STRUCT_SOCKADDR_STORAGE - -#ifndef HAVE_SA_FAMILY_T -typedef unsigned short sa_family_t; -#endif - -#ifdef HAVE_IPV6 -#define _SS_MAXSIZE sizeof(struct sockaddr_in6) -#else -#define _SS_MAXSIZE sizeof(struct sockaddr_in) -#endif - -#define _SS_ALIGNSIZE sizeof(unsigned long) - -#if HAVE_STRUCT_SOCKADDR_SA_LEN - -typedef unsigned char roken_sa_family_t; - -#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t) - sizeof(unsigned char)) % _SS_ALIGNSIZE) -#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + sizeof(unsigned char) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) - -struct sockaddr_storage { - unsigned char __ss_len; - roken_sa_family_t __ss_family; - char __ss_pad1[_SS_PAD1SIZE]; - unsigned long __ss_align[_SS_PAD2SIZE / sizeof(unsigned long) + 1]; -}; - -#else /* !HAVE_STRUCT_SOCKADDR_SA_LEN */ - -typedef unsigned short roken_sa_family_t; - -#define _SS_PAD1SIZE ((2 * _SS_ALIGNSIZE - sizeof (roken_sa_family_t)) % _SS_ALIGNSIZE) -#define _SS_PAD2SIZE (_SS_MAXSIZE - (sizeof (roken_sa_family_t) + _SS_PAD1SIZE + _SS_ALIGNSIZE)) - -struct sockaddr_storage { - roken_sa_family_t __ss_family; - char __ss_pad1[_SS_PAD1SIZE]; - unsigned long __ss_align[_SS_PAD2SIZE / sizeof(unsigned long) + 1]; -}; - -#endif /* HAVE_STRUCT_SOCKADDR_SA_LEN */ - -#endif /* HAVE_STRUCT_SOCKADDR_STORAGE */ - -/* - * kludges and such - */ - -#if 1 -int roken_gethostby_setup(const char*, const char*); -struct hostent* roken_gethostbyname(const char*); -struct hostent* roken_gethostbyaddr(const void*, size_t, int); -#else -#ifdef GETHOSTBYNAME_PROTO_COMPATIBLE -#define roken_gethostbyname(x) gethostbyname(x) -#else -#define roken_gethostbyname(x) gethostbyname((char *)x) -#endif - -#ifdef GETHOSTBYADDR_PROTO_COMPATIBLE -#define roken_gethostbyaddr(a, l, t) gethostbyaddr(a, l, t) -#else -#define roken_gethostbyaddr(a, l, t) gethostbyaddr((char *)a, l, t) -#endif -#endif - -#ifdef GETSERVBYNAME_PROTO_COMPATIBLE -#define roken_getservbyname(x,y) getservbyname(x,y) -#else -#define roken_getservbyname(x,y) getservbyname((char *)x, (char *)y) -#endif - -#ifdef OPENLOG_PROTO_COMPATIBLE -#define roken_openlog(a,b,c) openlog(a,b,c) -#else -#define roken_openlog(a,b,c) openlog((char *)a,b,c) -#endif - -void set_progname(char *argv0); - -#ifdef __cplusplus -} -#endif diff --git a/crypto/kerberosIV/lib/roken/roken.mak b/crypto/kerberosIV/lib/roken/roken.mak deleted file mode 100644 index da9a834e5551..000000000000 --- a/crypto/kerberosIV/lib/roken/roken.mak +++ /dev/null @@ -1,316 +0,0 @@ -# Microsoft Developer Studio Generated NMAKE File, Based on roken.dsp -!IF "$(CFG)" == "" -CFG=roken - Win32 Release -!MESSAGE No configuration specified. Defaulting to roken - Win32 Release. -!ENDIF - -!IF "$(CFG)" != "roken - Win32 Release" && "$(CFG)" != "roken - Win32 Debug" -!MESSAGE Invalid configuration "$(CFG)" specified. -!MESSAGE You can specify a configuration when running NMAKE -!MESSAGE by defining the macro CFG on the command line. For example: -!MESSAGE -!MESSAGE NMAKE /f "roken.mak" CFG="roken - Win32 Release" -!MESSAGE -!MESSAGE Possible choices for configuration are: -!MESSAGE -!MESSAGE "roken - Win32 Release" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE "roken - Win32 Debug" (based on "Win32 (x86) Dynamic-Link Library") -!MESSAGE -!ERROR An invalid configuration is specified. -!ENDIF - -!IF "$(OS)" == "Windows_NT" -NULL= -!ELSE -NULL=nul -!ENDIF - -CPP=cl.exe -MTL=midl.exe -RSC=rc.exe - -!IF "$(CFG)" == "roken - Win32 Release" - -OUTDIR=.\Release -INTDIR=.\Release -# Begin Custom Macros -OutDir=.\.\Release -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\roken.dll" - -!ELSE - -ALL : "$(OUTDIR)\roken.dll" - -!ENDIF - -CLEAN : - -@erase "$(INTDIR)\base64.obj" - -@erase "$(INTDIR)\concat.obj" - -@erase "$(INTDIR)\gettimeofday.obj" - -@erase "$(INTDIR)\getuid.obj" - -@erase "$(INTDIR)\resolve.obj" - -@erase "$(INTDIR)\roken.res" - -@erase "$(INTDIR)\snprintf.obj" - -@erase "$(INTDIR)\strcasecmp.obj" - -@erase "$(INTDIR)\strtok_r.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(OUTDIR)\roken.dll" - -@erase "$(OUTDIR)\roken.exp" - -@erase "$(OUTDIR)\roken.lib" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP_PROJ=/nologo /MT /GX /O2 /I "..\krb" /I "..\des" /I "..\..\include" /I\ - "..\..\include\win32" /I "." /D "NDEBUG" /D "WIN32" /D "_WINDOWS" /D\ - "HAVE_CONFIG_H" /Fp"$(INTDIR)\roken.pch" /YX /Fo"$(INTDIR)\\" /Fd"$(INTDIR)\\"\ - /FD /c -CPP_OBJS=.\Release/ -CPP_SBRS=. -MTL_PROJ=/nologo /D "NDEBUG" /mktyplib203 /win32 -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\roken.res" /d "NDEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\roken.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\ - advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo\ - /base:"0x68e7780" /subsystem:windows /dll /incremental:no\ - /pdb:"$(OUTDIR)\roken.pdb" /machine:I386 /def:".\roken.def"\ - /out:"$(OUTDIR)\roken.dll" /implib:"$(OUTDIR)\roken.lib" -DEF_FILE= \ - ".\roken.def" -LINK32_OBJS= \ - "$(INTDIR)\base64.obj" \ - "$(INTDIR)\concat.obj" \ - "$(INTDIR)\gettimeofday.obj" \ - "$(INTDIR)\getuid.obj" \ - "$(INTDIR)\resolve.obj" \ - "$(INTDIR)\roken.res" \ - "$(INTDIR)\snprintf.obj" \ - "$(INTDIR)\strcasecmp.obj" \ - "$(INTDIR)\strtok_r.obj" - -"$(OUTDIR)\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ELSEIF "$(CFG)" == "roken - Win32 Debug" - -OUTDIR=.\Debug -INTDIR=.\Debug -# Begin Custom Macros -OutDir=.\.\Debug -# End Custom Macros - -!IF "$(RECURSE)" == "0" - -ALL : "$(OUTDIR)\roken.dll" - -!ELSE - -ALL : "$(OUTDIR)\roken.dll" - -!ENDIF - -CLEAN : - -@erase "$(INTDIR)\base64.obj" - -@erase "$(INTDIR)\concat.obj" - -@erase "$(INTDIR)\gettimeofday.obj" - -@erase "$(INTDIR)\getuid.obj" - -@erase "$(INTDIR)\resolve.obj" - -@erase "$(INTDIR)\roken.res" - -@erase "$(INTDIR)\snprintf.obj" - -@erase "$(INTDIR)\strcasecmp.obj" - -@erase "$(INTDIR)\strtok_r.obj" - -@erase "$(INTDIR)\vc50.idb" - -@erase "$(INTDIR)\vc50.pdb" - -@erase "$(OUTDIR)\roken.dll" - -@erase "$(OUTDIR)\roken.exp" - -@erase "$(OUTDIR)\roken.ilk" - -@erase "$(OUTDIR)\roken.lib" - -@erase "$(OUTDIR)\roken.pdb" - -"$(OUTDIR)" : - if not exist "$(OUTDIR)/$(NULL)" mkdir "$(OUTDIR)" - -CPP_PROJ=/nologo /MDd /Gm /GX /Zi /Od /I "..\krb" /I "..\des" /I\ - "..\..\include" /I "..\..\include\win32" /I "." /D "_DEBUG" /D "WIN32" /D\ - "_WINDOWS" /D "HAVE_CONFIG_H" /Fp"$(INTDIR)\roken.pch" /YX /Fo"$(INTDIR)\\"\ - /Fd"$(INTDIR)\\" /FD /c -CPP_OBJS=.\Debug/ -CPP_SBRS=. -MTL_PROJ=/nologo /D "_DEBUG" /mktyplib203 /win32 -RSC_PROJ=/l 0x409 /fo"$(INTDIR)\roken.res" /d "_DEBUG" -BSC32=bscmake.exe -BSC32_FLAGS=/nologo /o"$(OUTDIR)\roken.bsc" -BSC32_SBRS= \ - -LINK32=link.exe -LINK32_FLAGS=kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib\ - advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib /nologo\ - /subsystem:windows /dll /incremental:yes /pdb:"$(OUTDIR)\roken.pdb" /debug\ - /machine:I386 /def:".\roken.def" /out:"$(OUTDIR)\roken.dll"\ - /implib:"$(OUTDIR)\roken.lib" -LINK32_OBJS= \ - "$(INTDIR)\base64.obj" \ - "$(INTDIR)\concat.obj" \ - "$(INTDIR)\gettimeofday.obj" \ - "$(INTDIR)\getuid.obj" \ - "$(INTDIR)\resolve.obj" \ - "$(INTDIR)\roken.res" \ - "$(INTDIR)\snprintf.obj" \ - "$(INTDIR)\strcasecmp.obj" \ - "$(INTDIR)\strtok_r.obj" - -"$(OUTDIR)\roken.dll" : "$(OUTDIR)" $(DEF_FILE) $(LINK32_OBJS) - $(LINK32) @<< - $(LINK32_FLAGS) $(LINK32_OBJS) -<< - -!ENDIF - -.c{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_OBJS)}.obj:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.c{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cpp{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - -.cxx{$(CPP_SBRS)}.sbr:: - $(CPP) @<< - $(CPP_PROJ) $< -<< - - -!IF "$(CFG)" == "roken - Win32 Release" || "$(CFG)" == "roken - Win32 Debug" -SOURCE=.\base64.c -DEP_CPP_BASE6=\ - "..\..\include\win32\config.h"\ - ".\base64.h"\ - - -"$(INTDIR)\base64.obj" : $(SOURCE) $(DEP_CPP_BASE6) "$(INTDIR)" - - -SOURCE=.\concat.c -DEP_CPP_CONCA=\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\roken.h"\ - ".\err.h"\ - ".\roken-common.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\concat.obj" : $(SOURCE) $(DEP_CPP_CONCA) "$(INTDIR)" - - -SOURCE=.\gettimeofday.c -DEP_CPP_GETTI=\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\roken.h"\ - ".\err.h"\ - ".\roken-common.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\gettimeofday.obj" : $(SOURCE) $(DEP_CPP_GETTI) "$(INTDIR)" - - -SOURCE=.\getuid.c -DEP_CPP_GETUI=\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\roken.h"\ - ".\err.h"\ - ".\roken-common.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\getuid.obj" : $(SOURCE) $(DEP_CPP_GETUI) "$(INTDIR)" - - -SOURCE=.\resolve.c -DEP_CPP_RESOL=\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\roken.h"\ - ".\err.h"\ - ".\resolve.h"\ - ".\roken-common.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\resolve.obj" : $(SOURCE) $(DEP_CPP_RESOL) "$(INTDIR)" - - -SOURCE=.\snprintf.c -DEP_CPP_SNPRI=\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\roken.h"\ - ".\err.h"\ - ".\roken-common.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\snprintf.obj" : $(SOURCE) $(DEP_CPP_SNPRI) "$(INTDIR)" - - -SOURCE=.\strcasecmp.c -DEP_CPP_STRCA=\ - "..\..\include\win32\config.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\strcasecmp.obj" : $(SOURCE) $(DEP_CPP_STRCA) "$(INTDIR)" - - -SOURCE=.\strtok_r.c -DEP_CPP_STRTO=\ - "..\..\include\win32\config.h"\ - "..\..\include\win32\roken.h"\ - ".\err.h"\ - ".\roken-common.h"\ - {$(INCLUDE)}"sys\stat.h"\ - {$(INCLUDE)}"sys\types.h"\ - - -"$(INTDIR)\strtok_r.obj" : $(SOURCE) $(DEP_CPP_STRTO) "$(INTDIR)" - - -SOURCE=.\roken.rc - -"$(INTDIR)\roken.res" : $(SOURCE) "$(INTDIR)" - $(RSC) $(RSC_PROJ) $(SOURCE) - - - -!ENDIF - diff --git a/crypto/kerberosIV/lib/roken/roken.rc b/crypto/kerberosIV/lib/roken/roken.rc deleted file mode 100644 index e7e2f3e499ca..000000000000 --- a/crypto/kerberosIV/lib/roken/roken.rc +++ /dev/null @@ -1,105 +0,0 @@ -//Microsoft Developer Studio generated resource script. -// -#include "resource.h" - -#define APSTUDIO_READONLY_SYMBOLS -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 2 resource. -// -#include "afxres.h" - -///////////////////////////////////////////////////////////////////////////// -#undef APSTUDIO_READONLY_SYMBOLS - -///////////////////////////////////////////////////////////////////////////// -// Swedish resources - -#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_SVE) -#ifdef _WIN32 -LANGUAGE LANG_SWEDISH, SUBLANG_DEFAULT -#pragma code_page(1252) -#endif //_WIN32 - -#ifdef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// TEXTINCLUDE -// - -1 TEXTINCLUDE DISCARDABLE -BEGIN - "resource.h\0" -END - -2 TEXTINCLUDE DISCARDABLE -BEGIN - "#include ""afxres.h""\r\n" - "\0" -END - -3 TEXTINCLUDE DISCARDABLE -BEGIN - "\r\n" - "\0" -END - -#endif // APSTUDIO_INVOKED - - -#ifndef _MAC -///////////////////////////////////////////////////////////////////////////// -// -// Version -// - -VS_VERSION_INFO VERSIONINFO - FILEVERSION 1,0,0,1 - PRODUCTVERSION 1,0,0,1 - FILEFLAGSMASK 0x3fL -#ifdef _DEBUG - FILEFLAGS 0x1L -#else - FILEFLAGS 0x0L -#endif - FILEOS 0x40004L - FILETYPE 0x2L - FILESUBTYPE 0x0L -BEGIN - BLOCK "StringFileInfo" - BEGIN - BLOCK "040904b0" - BEGIN - VALUE "CompanyName", "Royal Institute of Technology (KTH)\0" - VALUE "FileDescription", "roken\0" - VALUE "FileVersion", "4, 0, 9, 9\0" - VALUE "InternalName", "roken\0" - VALUE "LegalCopyright", "Copyright © 1996 - 1998 Royal Institute of Technology (KTH)\0" - VALUE "OriginalFilename", "roken.dll\0" - VALUE "ProductName", "KTH Kerberos\0" - VALUE "ProductVersion", "4,0,9,9\0" - END - END - BLOCK "VarFileInfo" - BEGIN - VALUE "Translation", 0x409, 1200 - END -END - -#endif // !_MAC - -#endif // Swedish resources -///////////////////////////////////////////////////////////////////////////// - - - -#ifndef APSTUDIO_INVOKED -///////////////////////////////////////////////////////////////////////////// -// -// Generated from the TEXTINCLUDE 3 resource. -// - - -///////////////////////////////////////////////////////////////////////////// -#endif // not APSTUDIO_INVOKED - diff --git a/crypto/kerberosIV/lib/roken/roken_gethostby.c b/crypto/kerberosIV/lib/roken/roken_gethostby.c deleted file mode 100644 index 8eb23258cdc3..000000000000 --- a/crypto/kerberosIV/lib/roken/roken_gethostby.c +++ /dev/null @@ -1,280 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: roken_gethostby.c,v 1.4 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include -#ifdef HAVE_NETDB_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#undef roken_gethostbyname -#undef roken_gethostbyaddr - -static struct sockaddr_in dns_addr; -static char *dns_req; - -static int -make_address(const char *address, struct in_addr *ip) -{ - if(inet_aton(address, ip) == 0){ - /* try to resolve as hostname, it might work if the address we - are trying to lookup is local, for instance a web proxy */ - struct hostent *he = gethostbyname(address); - if(he) { - unsigned char *p = (unsigned char*)he->h_addr; - ip->s_addr = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]; - } else { - return -1; - } - } - return 0; -} - -static int -setup_int(const char *proxy_host, short proxy_port, - const char *dns_host, short dns_port, - const char *dns_path) -{ - memset(&dns_addr, 0, sizeof(dns_addr)); - if(dns_req) - free(dns_req); - if(proxy_host) { - if(make_address(proxy_host, &dns_addr.sin_addr) != 0) - return -1; - dns_addr.sin_port = htons(proxy_port); - asprintf(&dns_req, "http://%s:%d%s", dns_host, dns_port, dns_path); - } else { - if(make_address(dns_host, &dns_addr.sin_addr) != 0) - return -1; - dns_addr.sin_port = htons(dns_port); - asprintf(&dns_req, "%s", dns_path); - } - dns_addr.sin_family = AF_INET; - return 0; -} - -static void -split_spec(const char *spec, char **host, int *port, char **path, int def_port) -{ - char *p; - *host = strdup(spec); - p = strchr(*host, ':'); - if(p) { - *p++ = '\0'; - if(sscanf(p, "%d", port) != 1) - *port = def_port; - } else - *port = def_port; - p = strchr(p ? p : *host, '/'); - if(p) { - if(path) - *path = strdup(p); - *p = '\0'; - }else - if(path) - *path = NULL; -} - - -int -roken_gethostby_setup(const char *proxy_spec, const char *dns_spec) -{ - char *proxy_host = NULL; - int proxy_port; - char *dns_host, *dns_path; - int dns_port; - - int ret = -1; - - split_spec(dns_spec, &dns_host, &dns_port, &dns_path, 80); - if(dns_path == NULL) - goto out; - if(proxy_spec) - split_spec(proxy_spec, &proxy_host, &proxy_port, NULL, 80); - ret = setup_int(proxy_host, proxy_port, dns_host, dns_port, dns_path); -out: - free(proxy_host); - free(dns_host); - free(dns_path); - return ret; -} - - -/* Try to lookup a name or an ip-address using http as transport - mechanism. See the end of this file for an example program. */ -static struct hostent* -roken_gethostby(const char *hostname) -{ - int s; - struct sockaddr_in sin; - char *request; - char buf[1024]; - int offset = 0; - int n; - char *p, *foo; - - if(dns_addr.sin_family == 0) - return NULL; /* no configured host */ - sin = dns_addr; - asprintf(&request, "GET %s?%s HTTP/1.0\r\n\r\n", dns_req, hostname); - if(request == NULL) - return NULL; - s = socket(AF_INET, SOCK_STREAM, 0); - if(s < 0) { - free(request); - return NULL; - } - if(connect(s, (struct sockaddr*)&sin, sizeof(sin)) < 0) { - close(s); - free(request); - return NULL; - } - if(write(s, request, strlen(request)) != strlen(request)) { - close(s); - free(request); - return NULL; - } - free(request); - while(1) { - n = read(s, buf + offset, sizeof(buf) - offset); - if(n <= 0) - break; - offset += n; - } - buf[offset] = '\0'; - close(s); - p = strstr(buf, "\r\n\r\n"); /* find end of header */ - if(p) p += 4; - else return NULL; - foo = NULL; - p = strtok_r(p, " \t\r\n", &foo); - if(p == NULL) - return NULL; - { - /* make a hostent to return */ -#define MAX_ADDRS 16 - static struct hostent he; - static char addrs[4 * MAX_ADDRS]; - static char *addr_list[MAX_ADDRS]; - int num_addrs = 0; - - he.h_name = p; - he.h_aliases = NULL; - he.h_addrtype = AF_INET; - he.h_length = 4; - - while((p = strtok_r(NULL, " \t\r\n", &foo)) && num_addrs < MAX_ADDRS) { - struct in_addr ip; - inet_aton(p, &ip); - ip.s_addr = ntohl(ip.s_addr); - addr_list[num_addrs] = &addrs[num_addrs * 4]; - addrs[num_addrs * 4 + 0] = (ip.s_addr >> 24) & 0xff; - addrs[num_addrs * 4 + 1] = (ip.s_addr >> 16) & 0xff; - addrs[num_addrs * 4 + 2] = (ip.s_addr >> 8) & 0xff; - addrs[num_addrs * 4 + 3] = (ip.s_addr >> 0) & 0xff; - addr_list[++num_addrs] = NULL; - } - he.h_addr_list = addr_list; - return &he; - } -} - -struct hostent* -roken_gethostbyname(const char *hostname) -{ - struct hostent *he; - he = gethostbyname(hostname); - if(he) - return he; - return roken_gethostby(hostname); -} - -struct hostent* -roken_gethostbyaddr(const void *addr, size_t len, int type) -{ - struct in_addr a; - const char *p; - struct hostent *he; - he = gethostbyaddr(addr, len, type); - if(he) - return he; - if(type != AF_INET || len != 4) - return NULL; - p = addr; - a.s_addr = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); - return roken_gethostby(inet_ntoa(a)); -} - -#if 0 - -/* this program can be used as a cgi `script' to lookup names and - ip-addresses */ - -#include -#include -#include -#include - -int -main(int argc, char **argv) -{ - char *query = getenv("QUERY_STRING"); - char host[MAXHOSTNAMELEN]; - int i; - struct hostent *he; - - printf("Content-type: text/plain\n\n"); - if(query == NULL) - exit(0); - he = gethostbyname(query); - strncpy(host, he->h_name, sizeof(host)); - host[sizeof(host) - 1] = '\0'; - he = gethostbyaddr(he->h_addr, he->h_length, AF_INET); - printf("%s\n", he->h_name); - for(i = 0; he->h_addr_list[i]; i++) { - struct in_addr ip; - unsigned char *p = (unsigned char*)he->h_addr_list[i]; - ip.s_addr = htonl((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]); - printf("%s\n", inet_ntoa(ip)); - } - exit(0); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/sendmsg.c b/crypto/kerberosIV/lib/roken/sendmsg.c deleted file mode 100644 index 7075bf214211..000000000000 --- a/crypto/kerberosIV/lib/roken/sendmsg.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: sendmsg.c,v 1.4 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include "roken.h" - -ssize_t -sendmsg(int s, const struct msghdr *msg, int flags) -{ - ssize_t ret; - size_t tot = 0; - int i; - char *buf, *p; - struct iovec *iov = msg->msg_iov; - - for(i = 0; i < msg->msg_iovlen; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - p = buf; - for (i = 0; i < msg->msg_iovlen; ++i) { - memcpy (p, iov[i].iov_base, iov[i].iov_len); - p += iov[i].iov_len; - } - ret = sendto (s, buf, tot, flags, msg->msg_name, msg->msg_namelen); - free (buf); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/setegid.c b/crypto/kerberosIV/lib/roken/setegid.c deleted file mode 100644 index 2f46fe4bf8ea..000000000000 --- a/crypto/kerberosIV/lib/roken/setegid.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: setegid.c,v 1.9 1999/12/02 16:58:52 joda Exp $"); -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "roken.h" - -int -setegid(gid_t egid) -{ -#ifdef HAVE_SETREGID - return setregid(-1, egid); -#endif - -#ifdef HAVE_SETRESGID - return setresgid(-1, egid, -1); -#endif - - return -1; -} diff --git a/crypto/kerberosIV/lib/roken/setenv.c b/crypto/kerberosIV/lib/roken/setenv.c deleted file mode 100644 index 15b58113ea8e..000000000000 --- a/crypto/kerberosIV/lib/roken/setenv.c +++ /dev/null @@ -1,66 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: setenv.c,v 1.9 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include "roken.h" - -#include -#include - -/* - * This is the easy way out, use putenv to implement setenv. We might - * leak some memory but that is ok since we are usally about to exec - * anyway. - */ - -int -setenv(const char *var, const char *val, int rewrite) -{ - char *t; - - if (!rewrite && getenv(var) != 0) - return 0; - - asprintf (&t, "%s=%s", var, val); - if (t == NULL) - return -1; - - if (putenv(t) == 0) - return 0; - else - return -1; -} diff --git a/crypto/kerberosIV/lib/roken/seteuid.c b/crypto/kerberosIV/lib/roken/seteuid.c deleted file mode 100644 index ee68ba785e47..000000000000 --- a/crypto/kerberosIV/lib/roken/seteuid.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: seteuid.c,v 1.10 1999/12/02 16:58:52 joda Exp $"); -#endif - -#ifdef HAVE_UNISTD_H -#include -#endif - -#include "roken.h" - -int -seteuid(uid_t euid) -{ -#ifdef HAVE_SETREUID - return setreuid(-1, euid); -#endif - -#ifdef HAVE_SETRESUID - return setresuid(-1, euid, -1); -#endif - - return -1; -} diff --git a/crypto/kerberosIV/lib/roken/signal.c b/crypto/kerberosIV/lib/roken/signal.c deleted file mode 100644 index 7f2ba290771d..000000000000 --- a/crypto/kerberosIV/lib/roken/signal.c +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: signal.c,v 1.9.2.1 2000/03/12 19:36:16 assar Exp $"); -#endif - -#include - -/* - * We would like to always use this signal but there is a link error - * on NEXTSTEP - */ -#if !defined(NeXT) && !defined(__APPLE__) -/* - * Bugs: - * - * Do we need any extra hacks for SIGCLD and/or SIGCHLD? - */ - -typedef RETSIGTYPE (*SigAction)(/* int??? */); - -SigAction -signal(int iSig, SigAction pAction) -{ - struct sigaction saNew, saOld; - - saNew.sa_handler = pAction; - sigemptyset(&saNew.sa_mask); - saNew.sa_flags = 0; - - if (iSig == SIGALRM) - { -#ifdef SA_INTERRUPT - saNew.sa_flags |= SA_INTERRUPT; -#endif - } - else - { -#ifdef SA_RESTART - saNew.sa_flags |= SA_RESTART; -#endif - } - - if (sigaction(iSig, &saNew, &saOld) < 0) - return(SIG_ERR); - - return(saOld.sa_handler); -} -#endif diff --git a/crypto/kerberosIV/lib/roken/simple_exec.c b/crypto/kerberosIV/lib/roken/simple_exec.c deleted file mode 100644 index 426f494fcc04..000000000000 --- a/crypto/kerberosIV/lib/roken/simple_exec.c +++ /dev/null @@ -1,171 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: simple_exec.c,v 1.6 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif -#ifdef HAVE_UNISTD_H -#include -#endif -#include - -#include - -#define EX_NOEXEC 126 -#define EX_NOTFOUND 127 - -/* return values: - -1 on `unspecified' system errors - -2 on fork failures - -3 on waitpid errors - 0- is return value from subprocess - 126 if the program couldn't be executed - 127 if the program couldn't be found - 128- is 128 + signal that killed subprocess - */ - -static int -check_status(pid_t pid) -{ - while(1) { - int status; - - while(waitpid(pid, &status, 0) < 0) - if (errno != EINTR) - return -3; - if(WIFSTOPPED(status)) - continue; - if(WIFEXITED(status)) - return WEXITSTATUS(status); - if(WIFSIGNALED(status)) - return WTERMSIG(status) + 128; - } -} - -int -simple_execvp(const char *file, char *const args[]) -{ - pid_t pid = fork(); - switch(pid){ - case -1: - return -2; - case 0: - execvp(file, args); - exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); - default: - return check_status(pid); - } -} - -/* gee, I'd like a execvpe */ -int -simple_execve(const char *file, char *const args[], char *const envp[]) -{ - pid_t pid = fork(); - switch(pid){ - case -1: - return -2; - case 0: - execve(file, args, envp); - exit((errno == ENOENT) ? EX_NOTFOUND : EX_NOEXEC); - default: - return check_status(pid); - } -} - -static char ** -collect_args(va_list *ap) -{ - char **argv = NULL; - int argc = 0, i = 0; - do { - if(i == argc) { - /* realloc argv */ - char **tmp = realloc(argv, (argc + 5) * sizeof(*argv)); - if(tmp == NULL) { - errno = ENOMEM; - return NULL; - } - argv = tmp; - argc += 5; - } - argv[i++] = va_arg(*ap, char*); - } while(argv[i - 1] != NULL); - return argv; -} - -int -simple_execlp(const char *file, ...) -{ - va_list ap; - char **argv; - int ret; - - va_start(ap, file); - argv = collect_args(&ap); - va_end(ap); - if(argv == NULL) - return -1; - ret = simple_execvp(file, argv); - free(argv); - return ret; -} - -int -simple_execle(const char *file, ... /* ,char *const envp[] */) -{ - va_list ap; - char **argv; - char *const* envp; - int ret; - - va_start(ap, file); - argv = collect_args(&ap); - envp = va_arg(ap, char **); - va_end(ap); - if(argv == NULL) - return -1; - ret = simple_execve(file, argv, envp); - free(argv); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/snprintf.c b/crypto/kerberosIV/lib/roken/snprintf.c deleted file mode 100644 index 8450e8b90e27..000000000000 --- a/crypto/kerberosIV/lib/roken/snprintf.c +++ /dev/null @@ -1,619 +0,0 @@ -/* - * Copyright (c) 1995-2000 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: snprintf.c,v 1.24.2.1 2000/06/14 07:26:49 joda Exp $"); -#endif -#include -#include -#include -#include -#include -#include - -enum format_flags { - minus_flag = 1, - plus_flag = 2, - space_flag = 4, - alternate_flag = 8, - zero_flag = 16 -}; - -/* - * Common state - */ - -struct state { - unsigned char *str; - unsigned char *s; - unsigned char *theend; - size_t sz; - size_t max_sz; - int (*append_char)(struct state *, unsigned char); - int (*reserve)(struct state *, size_t); - /* XXX - methods */ -}; - -#ifndef HAVE_VSNPRINTF -static int -sn_reserve (struct state *state, size_t n) -{ - return state->s + n > state->theend; -} - -static int -sn_append_char (struct state *state, unsigned char c) -{ - if (sn_reserve (state, 1)) { - return 1; - } else { - *state->s++ = c; - return 0; - } -} -#endif - -static int -as_reserve (struct state *state, size_t n) -{ - if (state->s + n > state->theend) { - int off = state->s - state->str; - unsigned char *tmp; - - if (state->max_sz && state->sz >= state->max_sz) - return 1; - - state->sz = max(state->sz * 2, state->sz + n); - if (state->max_sz) - state->sz = min(state->sz, state->max_sz); - tmp = realloc (state->str, state->sz); - if (tmp == NULL) - return 1; - state->str = tmp; - state->s = state->str + off; - state->theend = state->str + state->sz - 1; - } - return 0; -} - -static int -as_append_char (struct state *state, unsigned char c) -{ - if(as_reserve (state, 1)) - return 1; - else { - *state->s++ = c; - return 0; - } -} - -static int -append_number(struct state *state, - unsigned long num, unsigned base, char *rep, - int width, int prec, int flags, int minusp) -{ - int len = 0; - int i; - - /* given precision, ignore zero flag */ - if(prec != -1) - flags &= ~zero_flag; - else - prec = 1; - /* zero value with zero precision -> "" */ - if(prec == 0 && num == 0) - return 0; - do{ - if((*state->append_char)(state, rep[num % base])) - return 1; - len++; - num /= base; - }while(num); - prec -= len; - /* pad with prec zeros */ - while(prec-- > 0){ - if((*state->append_char)(state, '0')) - return 1; - len++; - } - /* add length of alternate prefix (added later) to len */ - if(flags & alternate_flag && (base == 16 || base == 8)) - len += base / 8; - /* pad with zeros */ - if(flags & zero_flag){ - width -= len; - if(minusp || (flags & space_flag) || (flags & plus_flag)) - width--; - while(width-- > 0){ - if((*state->append_char)(state, '0')) - return 1; - len++; - } - } - /* add alternate prefix */ - if(flags & alternate_flag && (base == 16 || base == 8)){ - if(base == 16) - if((*state->append_char)(state, rep[10] + 23)) /* XXX */ - return 1; - if((*state->append_char)(state, '0')) - return 1; - } - /* add sign */ - if(minusp){ - if((*state->append_char)(state, '-')) - return 1; - len++; - } else if(flags & plus_flag) { - if((*state->append_char)(state, '+')) - return 1; - len++; - } else if(flags & space_flag) { - if((*state->append_char)(state, ' ')) - return 1; - len++; - } - if(flags & minus_flag) - /* swap before padding with spaces */ - for(i = 0; i < len / 2; i++){ - char c = state->s[-i-1]; - state->s[-i-1] = state->s[-len+i]; - state->s[-len+i] = c; - } - width -= len; - while(width-- > 0){ - if((*state->append_char)(state, ' ')) - return 1; - len++; - } - if(!(flags & minus_flag)) - /* swap after padding with spaces */ - for(i = 0; i < len / 2; i++){ - char c = state->s[-i-1]; - state->s[-i-1] = state->s[-len+i]; - state->s[-len+i] = c; - } - - return 0; -} - -static int -append_string (struct state *state, - unsigned char *arg, - int width, - int prec, - int flags) -{ - if(prec != -1) - width -= prec; - else - width -= strlen((char *)arg); - if(!(flags & minus_flag)) - while(width-- > 0) - if((*state->append_char) (state, ' ')) - return 1; - if (prec != -1) { - while (*arg && prec--) - if ((*state->append_char) (state, *arg++)) - return 1; - } else { - while (*arg) - if ((*state->append_char) (state, *arg++)) - return 1; - } - if(flags & minus_flag) - while(width-- > 0) - if((*state->append_char) (state, ' ')) - return 1; - return 0; -} - -static int -append_char(struct state *state, - unsigned char arg, - int width, - int flags) -{ - while(!(flags & minus_flag) && --width > 0) - if((*state->append_char) (state, ' ')) - return 1; - - if((*state->append_char) (state, arg)) - return 1; - while((flags & minus_flag) && --width > 0) - if((*state->append_char) (state, ' ')) - return 1; - - return 0; -} - -/* - * This can't be made into a function... - */ - -#define PARSE_INT_FORMAT(res, arg, unsig) \ -if (long_flag) \ - res = (unsig long)va_arg(arg, unsig long); \ -else if (short_flag) \ - res = (unsig short)va_arg(arg, unsig int); \ -else \ - res = (unsig int)va_arg(arg, unsig int) - -/* - * zyxprintf - return 0 or -1 - */ - -static int -xyzprintf (struct state *state, const char *char_format, va_list ap) -{ - const unsigned char *format = (const unsigned char *)char_format; - unsigned char c; - - while((c = *format++)) { - if (c == '%') { - int flags = 0; - int width = 0; - int prec = -1; - int long_flag = 0; - int short_flag = 0; - - /* flags */ - while((c = *format++)){ - if(c == '-') - flags |= minus_flag; - else if(c == '+') - flags |= plus_flag; - else if(c == ' ') - flags |= space_flag; - else if(c == '#') - flags |= alternate_flag; - else if(c == '0') - flags |= zero_flag; - else - break; - } - - if((flags & space_flag) && (flags & plus_flag)) - flags ^= space_flag; - - if((flags & minus_flag) && (flags & zero_flag)) - flags ^= zero_flag; - - /* width */ - if (isdigit(c)) - do { - width = width * 10 + c - '0'; - c = *format++; - } while(isdigit(c)); - else if(c == '*') { - width = va_arg(ap, int); - c = *format++; - } - - /* precision */ - if (c == '.') { - prec = 0; - c = *format++; - if (isdigit(c)) - do { - prec = prec * 10 + c - '0'; - c = *format++; - } while(isdigit(c)); - else if (c == '*') { - prec = va_arg(ap, int); - c = *format++; - } - } - - /* size */ - - if (c == 'h') { - short_flag = 1; - c = *format++; - } else if (c == 'l') { - long_flag = 1; - c = *format++; - } - - switch (c) { - case 'c' : - if(append_char(state, va_arg(ap, int), width, flags)) - return -1; - break; - case 's' : - if (append_string(state, - va_arg(ap, unsigned char*), - width, - prec, - flags)) - return -1; - break; - case 'd' : - case 'i' : { - long arg; - unsigned long num; - int minusp = 0; - - PARSE_INT_FORMAT(arg, ap, signed); - - if (arg < 0) { - minusp = 1; - num = -arg; - } else - num = arg; - - if (append_number (state, num, 10, "0123456789", - width, prec, flags, minusp)) - return -1; - break; - } - case 'u' : { - unsigned long arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - if (append_number (state, arg, 10, "0123456789", - width, prec, flags, 0)) - return -1; - break; - } - case 'o' : { - unsigned long arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - if (append_number (state, arg, 010, "01234567", - width, prec, flags, 0)) - return -1; - break; - } - case 'x' : { - unsigned long arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - if (append_number (state, arg, 0x10, "0123456789abcdef", - width, prec, flags, 0)) - return -1; - break; - } - case 'X' :{ - unsigned long arg; - - PARSE_INT_FORMAT(arg, ap, unsigned); - - if (append_number (state, arg, 0x10, "0123456789ABCDEF", - width, prec, flags, 0)) - return -1; - break; - } - case 'p' : { - unsigned long arg = (unsigned long)va_arg(ap, void*); - - if (append_number (state, arg, 0x10, "0123456789ABCDEF", - width, prec, flags, 0)) - return -1; - break; - } - case 'n' : { - int *arg = va_arg(ap, int*); - *arg = state->s - state->str; - break; - } - case '\0' : - --format; - /* FALLTHROUGH */ - case '%' : - if ((*state->append_char)(state, c)) - return -1; - break; - default : - if ( (*state->append_char)(state, '%') - || (*state->append_char)(state, c)) - return -1; - break; - } - } else - if ((*state->append_char) (state, c)) - return -1; - } - return 0; -} - -#ifndef HAVE_SNPRINTF -int -snprintf (char *str, size_t sz, const char *format, ...) -{ - va_list args; - int ret; - - va_start(args, format); - ret = vsnprintf (str, sz, format, args); - -#ifdef PARANOIA - { - int ret2; - char *tmp; - - tmp = malloc (sz); - if (tmp == NULL) - abort (); - - ret2 = vsprintf (tmp, format, args); - if (ret != ret2 || strcmp(str, tmp)) - abort (); - free (tmp); - } -#endif - - va_end(args); - return ret; -} -#endif - -#ifndef HAVE_ASPRINTF -int -asprintf (char **ret, const char *format, ...) -{ - va_list args; - int val; - - va_start(args, format); - val = vasprintf (ret, format, args); - -#ifdef PARANOIA - { - int ret2; - char *tmp; - tmp = malloc (val + 1); - if (tmp == NULL) - abort (); - - ret2 = vsprintf (tmp, format, args); - if (val != ret2 || strcmp(*ret, tmp)) - abort (); - free (tmp); - } -#endif - - va_end(args); - return val; -} -#endif - -#ifndef HAVE_ASNPRINTF -int -asnprintf (char **ret, size_t max_sz, const char *format, ...) -{ - va_list args; - int val; - - va_start(args, format); - val = vasnprintf (ret, max_sz, format, args); - -#ifdef PARANOIA - { - int ret2; - char *tmp; - tmp = malloc (val + 1); - if (tmp == NULL) - abort (); - - ret2 = vsprintf (tmp, format, args); - if (val != ret2 || strcmp(*ret, tmp)) - abort (); - free (tmp); - } -#endif - - va_end(args); - return val; -} -#endif - -#ifndef HAVE_VASPRINTF -int -vasprintf (char **ret, const char *format, va_list args) -{ - return vasnprintf (ret, 0, format, args); -} -#endif - - -#ifndef HAVE_VASNPRINTF -int -vasnprintf (char **ret, size_t max_sz, const char *format, va_list args) -{ - int st; - size_t len; - struct state state; - - state.max_sz = max_sz; - state.sz = 1; - state.str = malloc(state.sz); - if (state.str == NULL) { - *ret = NULL; - return -1; - } - state.s = state.str; - state.theend = state.s + state.sz - 1; - state.append_char = as_append_char; - state.reserve = as_reserve; - - st = xyzprintf (&state, format, args); - if (st) { - free (state.str); - *ret = NULL; - return -1; - } else { - char *tmp; - - *state.s = '\0'; - len = state.s - state.str; - tmp = realloc (state.str, len+1); - if (tmp == NULL) { - free (state.str); - *ret = NULL; - return -1; - } - *ret = tmp; - return len; - } -} -#endif - -#ifndef HAVE_VSNPRINTF -int -vsnprintf (char *str, size_t sz, const char *format, va_list args) -{ - struct state state; - int ret; - unsigned char *ustr = (unsigned char *)str; - - state.max_sz = 0; - state.sz = sz; - state.str = ustr; - state.s = ustr; - state.theend = ustr + sz - 1; - state.append_char = sn_append_char; - state.reserve = sn_reserve; - - ret = xyzprintf (&state, format, args); - *state.s = '\0'; - if (ret) - return sz; - else - return state.s - state.str; -} -#endif - diff --git a/crypto/kerberosIV/lib/roken/socket.c b/crypto/kerberosIV/lib/roken/socket.c deleted file mode 100644 index 6e9c3dfe9b0a..000000000000 --- a/crypto/kerberosIV/lib/roken/socket.c +++ /dev/null @@ -1,282 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: socket.c,v 1.3 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_NETINET_IN_SYSTM_H -#include -#endif -#ifdef HAVE_NETINET_IP_H -#include -#endif - -#include - -#include - -/* - * Set `sa' to the unitialized address of address family `af' - */ - -void -socket_set_any (struct sockaddr *sa, int af) -{ - switch (af) { - case AF_INET : { - struct sockaddr_in *sin = (struct sockaddr_in *)sa; - - memset (sin, 0, sizeof(*sin)); - sin->sin_family = AF_INET; - sin->sin_port = 0; - sin->sin_addr.s_addr = INADDR_ANY; - break; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - memset (sin6, 0, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_port = 0; - sin6->sin6_addr = in6addr_any; - break; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * set `sa' to (`ptr', `port') - */ - -void -socket_set_address_and_port (struct sockaddr *sa, const void *ptr, int port) -{ - switch (sa->sa_family) { - case AF_INET : { - struct sockaddr_in *sin = (struct sockaddr_in *)sa; - - memset (sin, 0, sizeof(*sin)); - sin->sin_family = AF_INET; - sin->sin_port = port; - memcpy (&sin->sin_addr, ptr, sizeof(struct in_addr)); - break; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - - memset (sin6, 0, sizeof(*sin6)); - sin6->sin6_family = AF_INET6; - sin6->sin6_port = port; - memcpy (&sin6->sin6_addr, ptr, sizeof(struct in6_addr)); - break; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the size of an address of the type in `sa' - */ - -size_t -socket_addr_size (const struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : - return sizeof(struct in_addr); -#ifdef HAVE_IPV6 - case AF_INET6 : - return sizeof(struct in6_addr); -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the size of a `struct sockaddr' in `sa'. - */ - -size_t -socket_sockaddr_size (const struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : - return sizeof(struct sockaddr_in); -#ifdef HAVE_IPV6 - case AF_INET6 : - return sizeof(struct sockaddr_in6); -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the binary address of `sa'. - */ - -void * -socket_get_address (struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : { - struct sockaddr_in *sin = (struct sockaddr_in *)sa; - return &sin->sin_addr; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - return &sin6->sin6_addr; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Return the port number from `sa'. - */ - -int -socket_get_port (const struct sockaddr *sa) -{ - switch (sa->sa_family) { - case AF_INET : { - const struct sockaddr_in *sin = (const struct sockaddr_in *)sa; - return sin->sin_port; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; - return sin6->sin6_port; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Set the port in `sa' to `port'. - */ - -void -socket_set_port (struct sockaddr *sa, int port) -{ - switch (sa->sa_family) { - case AF_INET : { - struct sockaddr_in *sin = (struct sockaddr_in *)sa; - sin->sin_port = port; - break; - } -#ifdef HAVE_IPV6 - case AF_INET6 : { - struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)sa; - sin6->sin6_port = port; - break; - } -#endif - default : - errx (1, "unknown address family %d", sa->sa_family); - break; - } -} - -/* - * Enable debug on `sock'. - */ - -void -socket_set_debug (int sock) -{ - int on = 1; - -#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT) - if (setsockopt (sock, SOL_SOCKET, SO_DEBUG, (void *) &on, sizeof (on)) < 0) - warn ("setsockopt SO_DEBUG (ignored)"); -#endif -} - -/* - * Set the type-of-service of `sock' to `tos'. - */ - -void -socket_set_tos (int sock, int tos) -{ -#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT) - if (setsockopt (sock, IPPROTO_IP, IP_TOS, (void *) &tos, sizeof (int)) < 0) - warn ("setsockopt TOS (ignored)"); -#endif -} - -/* - * set the reuse of addresses on `sock' to `val'. - */ - -void -socket_set_reuseaddr (int sock, int val) -{ -#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT) - if(setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&val, - sizeof(val)) < 0) - err (1, "setsockopt SO_REUSEADDR"); -#endif -} diff --git a/crypto/kerberosIV/lib/roken/strcasecmp.c b/crypto/kerberosIV/lib/roken/strcasecmp.c deleted file mode 100644 index b5e20e75caf2..000000000000 --- a/crypto/kerberosIV/lib/roken/strcasecmp.c +++ /dev/null @@ -1,58 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strcasecmp.c,v 1.9 1999/12/02 16:58:52 joda Exp $"); -#endif - -#include -#include -#include -#include "roken.h" - -#ifndef HAVE_STRCASECMP - -int -strcasecmp(const char *s1, const char *s2) -{ - while(toupper(*s1) == toupper(*s2)) { - if(*s1 == '\0') - return 0; - s1++; - s2++; - } - return toupper(*s1) - toupper(*s2); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/strcat_truncate.c b/crypto/kerberosIV/lib/roken/strcat_truncate.c deleted file mode 100644 index bbd808d16841..000000000000 --- a/crypto/kerberosIV/lib/roken/strcat_truncate.c +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strcat_truncate.c,v 1.2 1998/05/29 18:25:06 joda Exp $"); - -#ifndef HAVE_STRCAT_TRUNCATE - -int -strcat_truncate (char *dst, const char *src, size_t dst_sz) -{ - int len = strlen(dst); - - return len + strcpy_truncate (dst + len, src, dst_sz - len); -} -#endif diff --git a/crypto/kerberosIV/lib/roken/strcollect.c b/crypto/kerberosIV/lib/roken/strcollect.c deleted file mode 100644 index a42f9046a714..000000000000 --- a/crypto/kerberosIV/lib/roken/strcollect.c +++ /dev/null @@ -1,96 +0,0 @@ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strcollect.c,v 1.1.8.1 2000/06/23 04:37:44 assar Exp $"); -#endif - -#include -#include -#include -#include -#include - -enum { initial = 10, increment = 5 }; - -static char ** -sub (char **argv, int i, int argc, va_list *ap) -{ - do { - if(i == argc) { - /* realloc argv */ - char **tmp = realloc(argv, (argc + increment) * sizeof(*argv)); - if(tmp == NULL) { - free(argv); - errno = ENOMEM; - return NULL; - } - argv = tmp; - argc += increment; - } - argv[i++] = va_arg(*ap, char*); - } while(argv[i - 1] != NULL); - return argv; -} - -/* - * return a malloced vector of pointers to the strings in `ap' - * terminated by NULL. - */ - -char ** -vstrcollect(va_list *ap) -{ - return sub (NULL, 0, 0, ap); -} - -/* - * - */ - -char ** -strcollect(char *first, ...) -{ - va_list ap; - char **ret = malloc (initial * sizeof(char *)); - - if (ret == NULL) - return ret; - - ret[0] = first; - va_start(ap, first); - ret = sub (ret, 1, initial, &ap); - va_end(ap); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/strcpy_truncate.c b/crypto/kerberosIV/lib/roken/strcpy_truncate.c deleted file mode 100644 index ba3668bde394..000000000000 --- a/crypto/kerberosIV/lib/roken/strcpy_truncate.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. All advertising materials mentioning features or use of this software - * must display the following acknowledgement: - * This product includes software developed by the Kungliga Tekniska - * Högskolan and its contributors. - * - * 4. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strcpy_truncate.c,v 1.2 1998/06/09 19:25:38 joda Exp $"); - -#ifndef HAVE_STRCPY_TRUNCATE - -int -strcpy_truncate (char *dst, const char *src, size_t dst_sz) -{ - int n; - char *p; - - for (p = dst, n = 0; - n + 1 < dst_sz && *src != '\0'; - ++p, ++src, ++n) - *p = *src; - *p = '\0'; - if (*src == '\0') - return n; - else - return dst_sz; -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/strdup.c b/crypto/kerberosIV/lib/roken/strdup.c deleted file mode 100644 index 87fb43eb7d6e..000000000000 --- a/crypto/kerberosIV/lib/roken/strdup.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strdup.c,v 1.10 1999/12/02 16:58:53 joda Exp $"); -#endif -#include -#include - -#ifndef HAVE_STRDUP -char * -strdup(const char *old) -{ - char *t = malloc(strlen(old)+1); - if (t != 0) - strcpy(t, old); - return t; -} -#endif diff --git a/crypto/kerberosIV/lib/roken/strerror.c b/crypto/kerberosIV/lib/roken/strerror.c deleted file mode 100644 index 21936d71630b..000000000000 --- a/crypto/kerberosIV/lib/roken/strerror.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strerror.c,v 1.10 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include -#include -#include - -extern int sys_nerr; -extern char *sys_errlist[]; - -char* -strerror(int eno) -{ - static char emsg[1024]; - - if(eno < 0 || eno >= sys_nerr) - snprintf(emsg, sizeof(emsg), "Error %d occurred.", eno); - else - snprintf(emsg, sizeof(emsg), "%s", sys_errlist[eno]); - - return emsg; -} diff --git a/crypto/kerberosIV/lib/roken/strftime.c b/crypto/kerberosIV/lib/roken/strftime.c deleted file mode 100644 index b90614bb4c4e..000000000000 --- a/crypto/kerberosIV/lib/roken/strftime.c +++ /dev/null @@ -1,396 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strftime.c,v 1.10 1999/11/13 04:18:33 assar Exp $"); - -static const char *abb_weekdays[] = { - "Sun", - "Mon", - "Tue", - "Wed", - "Thu", - "Fri", - "Sat", -}; - -static const char *full_weekdays[] = { - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday", -}; - -static const char *abb_month[] = { - "Jan", - "Feb", - "Mar", - "Apr", - "May", - "Jun", - "Jul", - "Aug", - "Sep", - "Oct", - "Nov", - "Dec" -}; - -static const char *full_month[] = { - "January", - "February", - "Mars", - "April", - "May", - "June", - "July", - "August", - "September", - "October", - "November", - "December" -}; - -static const char *ampm[] = { - "AM", - "PM" -}; - -/* - * Convert hour in [0, 24] to [12 1 - 11 12 1 - 11 12] - */ - -static int -hour_24to12 (int hour) -{ - int ret = hour % 12; - - if (ret == 0) - ret = 12; - return ret; -} - -/* - * Return AM or PM for `hour' - */ - -static const char * -hour_to_ampm (int hour) -{ - return ampm[hour / 12]; -} - -/* - * Return the week number of `tm' (Sunday being the first day of the week) - * as [0, 53] - */ - -static int -week_number_sun (const struct tm *tm) -{ - return (tm->tm_yday + 7 - (tm->tm_yday % 7 - tm->tm_wday + 7) % 7) / 7; -} - -/* - * Return the week number of `tm' (Monday being the first day of the week) - * as [0, 53] - */ - -static int -week_number_mon (const struct tm *tm) -{ - int wday = (tm->tm_wday + 6) % 7; - - return (tm->tm_yday + 7 - (tm->tm_yday % 7 - wday + 7) % 7) / 7; -} - -/* - * Return the week number of `tm' (Monday being the first day of the - * week) as [01, 53]. Week number one is the one that has four or more - * days in that year. - */ - -static int -week_number_mon4 (const struct tm *tm) -{ - int wday = (tm->tm_wday + 6) % 7; - int w1day = (wday - tm->tm_yday % 7 + 7) % 7; - int ret; - - ret = (tm->tm_yday + w1day) / 7; - if (w1day >= 4) - --ret; - if (ret == -1) - ret = 53; - else - ++ret; - return ret; -} - -/* - * - */ - -size_t -strftime (char *buf, size_t maxsize, const char *format, - const struct tm *tm) -{ - size_t n = 0; - size_t ret; - - while (*format != '\0' && n < maxsize) { - if (*format == '%') { - ++format; - if(*format == 'E' || *format == 'O') - ++format; - switch (*format) { - case 'a' : - ret = snprintf (buf, maxsize - n, - "%s", abb_weekdays[tm->tm_wday]); - break; - case 'A' : - ret = snprintf (buf, maxsize - n, - "%s", full_weekdays[tm->tm_wday]); - break; - case 'h' : - case 'b' : - ret = snprintf (buf, maxsize - n, - "%s", abb_month[tm->tm_mon]); - break; - case 'B' : - ret = snprintf (buf, maxsize - n, - "%s", full_month[tm->tm_mon]); - break; - case 'c' : - ret = snprintf (buf, maxsize - n, - "%d:%02d:%02d %02d:%02d:%02d", - tm->tm_year, - tm->tm_mon + 1, - tm->tm_mday, - tm->tm_hour, - tm->tm_min, - tm->tm_sec); - break; - case 'C' : - ret = snprintf (buf, maxsize - n, - "%02d", (tm->tm_year + 1900) / 100); - break; - case 'd' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_mday); - break; - case 'D' : - ret = snprintf (buf, maxsize - n, - "%02d/%02d/%02d", - tm->tm_mon + 1, - tm->tm_mday, - (tm->tm_year + 1900) % 100); - break; - case 'e' : - ret = snprintf (buf, maxsize - n, - "%2d", tm->tm_mday); - break; - case 'F': - ret = snprintf (buf, maxsize - n, - "%04d-%02d-%02d", tm->tm_year + 1900, - tm->tm_mon + 1, tm->tm_mday); - break; - case 'g': - /* last two digits of week-based year */ - abort(); - case 'G': - /* week-based year */ - abort(); - case 'H' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_hour); - break; - case 'I' : - ret = snprintf (buf, maxsize - n, - "%02d", - hour_24to12 (tm->tm_hour)); - break; - case 'j' : - ret = snprintf (buf, maxsize - n, - "%03d", tm->tm_yday + 1); - break; - case 'k' : - ret = snprintf (buf, maxsize - n, - "%2d", tm->tm_hour); - break; - case 'l' : - ret = snprintf (buf, maxsize - n, - "%2d", - hour_24to12 (tm->tm_hour)); - break; - case 'm' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_mon + 1); - break; - case 'M' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_min); - break; - case 'n' : - ret = snprintf (buf, maxsize - n, "\n"); - break; - case 'p' : - ret = snprintf (buf, maxsize - n, "%s", - hour_to_ampm (tm->tm_hour)); - break; - case 'r' : - ret = snprintf (buf, maxsize - n, - "%02d:%02d:%02d %s", - hour_24to12 (tm->tm_hour), - tm->tm_min, - tm->tm_sec, - hour_to_ampm (tm->tm_hour)); - break; - case 'R' : - ret = snprintf (buf, maxsize - n, - "%02d:%02d", - tm->tm_hour, - tm->tm_min); - - case 's' : - ret = snprintf (buf, maxsize - n, - "%d", (int)mktime((struct tm *)tm)); - break; - case 'S' : - ret = snprintf (buf, maxsize - n, - "%02d", tm->tm_sec); - break; - case 't' : - ret = snprintf (buf, maxsize - n, "\t"); - break; - case 'T' : - case 'X' : - ret = snprintf (buf, maxsize - n, - "%02d:%02d:%02d", - tm->tm_hour, - tm->tm_min, - tm->tm_sec); - break; - case 'u' : - ret = snprintf (buf, maxsize - n, - "%d", (tm->tm_wday == 0) ? 7 : tm->tm_wday); - break; - case 'U' : - ret = snprintf (buf, maxsize - n, - "%02d", week_number_sun (tm)); - break; - case 'V' : - ret = snprintf (buf, maxsize - n, - "%02d", week_number_mon4 (tm)); - break; - case 'w' : - ret = snprintf (buf, maxsize - n, - "%d", tm->tm_wday); - break; - case 'W' : - ret = snprintf (buf, maxsize - n, - "%02d", week_number_mon (tm)); - break; - case 'x' : - ret = snprintf (buf, maxsize - n, - "%d:%02d:%02d", - tm->tm_year, - tm->tm_mon + 1, - tm->tm_mday); - break; - case 'y' : - ret = snprintf (buf, maxsize - n, - "%02d", (tm->tm_year + 1900) % 100); - break; - case 'Y' : - ret = snprintf (buf, maxsize - n, - "%d", tm->tm_year + 1900); - break; - case 'z': - ret = snprintf (buf, maxsize - n, - "%ld", -#if defined(HAVE_STRUCT_TM_TM_GMTOFF) - (long)tm->tm_gmtoff -#elif defined(HAVE_TIMEZONE) - tm->tm_isdst ? - (long)altzone : - (long)timezone -#else -#error Where in timezone chaos are you? -#endif - ); - break; - case 'Z' : - ret = snprintf (buf, maxsize - n, - "%s", - -#if defined(HAVE_STRUCT_TM_TM_ZONE) - tm->tm_zone -#elif defined(HAVE_TIMEZONE) - tzname[tm->tm_isdst] -#else -#error what? -#endif - ); - break; - case '\0' : - --format; - /* FALLTHROUGH */ - case '%' : - ret = snprintf (buf, maxsize - n, - "%%"); - break; - default : - ret = snprintf (buf, maxsize - n, - "%%%c", *format); - break; - } - if (ret >= maxsize - n) - return 0; - n += ret; - buf += ret; - ++format; - } else { - *buf++ = *format++; - ++n; - } - } - *buf++ = '\0'; - return n; -} diff --git a/crypto/kerberosIV/lib/roken/strlcat.c b/crypto/kerberosIV/lib/roken/strlcat.c deleted file mode 100644 index d3c8baa6cc35..000000000000 --- a/crypto/kerberosIV/lib/roken/strlcat.c +++ /dev/null @@ -1,50 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strlcat.c,v 1.5 1999/12/02 16:58:53 joda Exp $"); - -#ifndef HAVE_STRLCAT - -size_t -strlcat (char *dst, const char *src, size_t dst_sz) -{ - size_t len = strlen(dst); - - return len + strlcpy (dst + len, src, dst_sz - len); -} -#endif diff --git a/crypto/kerberosIV/lib/roken/strlcpy.c b/crypto/kerberosIV/lib/roken/strlcpy.c deleted file mode 100644 index 33cd9cb2af36..000000000000 --- a/crypto/kerberosIV/lib/roken/strlcpy.c +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strlcpy.c,v 1.5 1999/12/02 16:58:53 joda Exp $"); - -#ifndef HAVE_STRLCPY - -size_t -strlcpy (char *dst, const char *src, size_t dst_sz) -{ - size_t n; - char *p; - - for (p = dst, n = 0; - n + 1 < dst_sz && *src != '\0'; - ++p, ++src, ++n) - *p = *src; - *p = '\0'; - if (*src == '\0') - return n; - else - return n + strlen (src); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/strlwr.c b/crypto/kerberosIV/lib/roken/strlwr.c deleted file mode 100644 index cb367893f7ec..000000000000 --- a/crypto/kerberosIV/lib/roken/strlwr.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strlwr.c,v 1.4 1999/12/02 16:58:53 joda Exp $"); -#endif -#include -#include - -#include - -#ifndef HAVE_STRLWR -char * -strlwr(char *str) -{ - char *s; - - for(s = str; *s; s++) - *s = tolower(*s); - return str; -} -#endif diff --git a/crypto/kerberosIV/lib/roken/strncasecmp.c b/crypto/kerberosIV/lib/roken/strncasecmp.c deleted file mode 100644 index 7c6474f78a3f..000000000000 --- a/crypto/kerberosIV/lib/roken/strncasecmp.c +++ /dev/null @@ -1,60 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strncasecmp.c,v 1.2 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include -#include -#include - -#ifndef HAVE_STRNCASECMP - -int -strncasecmp(const char *s1, const char *s2, size_t n) -{ - while(n > 0 && toupper(*s1) == toupper(*s2)) { - if(*s1 == '\0') - return 0; - s1++; - s2++; - n--; - } - if(n == 0) - return 0; - return toupper(*s1) - toupper(*s2); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/strndup.c b/crypto/kerberosIV/lib/roken/strndup.c deleted file mode 100644 index 31e7e9f6a1c4..000000000000 --- a/crypto/kerberosIV/lib/roken/strndup.c +++ /dev/null @@ -1,56 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strndup.c,v 1.2 1999/12/02 16:58:53 joda Exp $"); -#endif -#include -#include - -#include - -#ifndef HAVE_STRNDUP -char * -strndup(const char *old, size_t sz) -{ - size_t len = strnlen (old, sz); - char *t = malloc(len + 1); - - if (t != NULL) { - memcpy (t, old, len); - t[len] = '\0'; - } - return t; -} -#endif /* HAVE_STRNDUP */ diff --git a/crypto/kerberosIV/lib/roken/strnlen.c b/crypto/kerberosIV/lib/roken/strnlen.c deleted file mode 100644 index fffb3b74f555..000000000000 --- a/crypto/kerberosIV/lib/roken/strnlen.c +++ /dev/null @@ -1,49 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strnlen.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include "roken.h" - -size_t -strnlen(const char *s, size_t len) -{ - size_t i; - - for(i = 0; i < len && s[i]; i++) - ; - return i; -} diff --git a/crypto/kerberosIV/lib/roken/strpftime-test.c b/crypto/kerberosIV/lib/roken/strpftime-test.c deleted file mode 100644 index 7eb8fb85eb2a..000000000000 --- a/crypto/kerberosIV/lib/roken/strpftime-test.c +++ /dev/null @@ -1,287 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -RCSID("$Id: strpftime-test.c,v 1.2 1999/11/12 15:29:55 assar Exp $"); - -enum { MAXSIZE = 26 }; - -static struct testcase { - time_t t; - struct { - const char *format; - const char *result; - } vals[MAXSIZE]; -} tests[] = { - {0, - { - {"%A", "Thursday"}, - {"%a", "Thu"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "01"}, - {"%e", " 1"}, - {"%H", "00"}, - {"%I", "12"}, - {"%j", "001"}, - {"%k", " 0"}, - {"%l", "12"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "4"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL}} - }, - {90000, - { - {"%A", "Friday"}, - {"%a", "Fri"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "02"}, - {"%e", " 2"}, - {"%H", "01"}, - {"%I", "01"}, - {"%j", "002"}, - {"%k", " 1"}, - {"%l", " 1"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "5"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL} - } - }, - {216306, - { - {"%A", "Saturday"}, - {"%a", "Sat"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "03"}, - {"%e", " 3"}, - {"%H", "12"}, - {"%I", "12"}, - {"%j", "003"}, - {"%k", "12"}, - {"%l", "12"}, - {"%M", "05"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "PM"}, - {"%S", "06"}, - {"%t", "\t"}, - {"%w", "6"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL} - } - }, - {259200, - { - {"%A", "Sunday"}, - {"%a", "Sun"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "04"}, - {"%e", " 4"}, - {"%H", "00"}, - {"%I", "12"}, - {"%j", "004"}, - {"%k", " 0"}, - {"%l", "12"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "0"}, - {"%Y", "1970"}, - {"%y", "70"}, - {"%U", "01"}, - {"%W", "00"}, - {"%V", "01"}, - {"%%", "%"}, - {NULL, NULL} - } - }, - {915148800, - { - {"%A", "Friday"}, - {"%a", "Fri"}, - {"%B", "January"}, - {"%b", "Jan"}, - {"%C", "19"}, - {"%d", "01"}, - {"%e", " 1"}, - {"%H", "00"}, - {"%I", "12"}, - {"%j", "001"}, - {"%k", " 0"}, - {"%l", "12"}, - {"%M", "00"}, - {"%m", "01"}, - {"%n", "\n"}, - {"%p", "AM"}, - {"%S", "00"}, - {"%t", "\t"}, - {"%w", "5"}, - {"%Y", "1999"}, - {"%y", "99"}, - {"%U", "00"}, - {"%W", "00"}, - {"%V", "53"}, - {"%%", "%"}, - {NULL, NULL}} - }, - {942161105, - { - - {"%A", "Tuesday"}, - {"%a", "Tue"}, - {"%B", "November"}, - {"%b", "Nov"}, - {"%C", "19"}, - {"%d", "09"}, - {"%e", " 9"}, - {"%H", "15"}, - {"%I", "03"}, - {"%j", "313"}, - {"%k", "15"}, - {"%l", " 3"}, - {"%M", "25"}, - {"%m", "11"}, - {"%n", "\n"}, - {"%p", "PM"}, - {"%S", "05"}, - {"%t", "\t"}, - {"%w", "2"}, - {"%Y", "1999"}, - {"%y", "99"}, - {"%U", "45"}, - {"%W", "45"}, - {"%V", "45"}, - {"%%", "%"}, - {NULL, NULL} - } - } -}; - -int -main(int argc, char **argv) -{ - int i, j; - int ret = 0; - - for (i = 0; i < sizeof(tests)/sizeof(tests[0]); ++i) { - struct tm *tm; - - tm = gmtime (&tests[i].t); - - for (j = 0; tests[i].vals[j].format != NULL; ++j) { - char buf[128]; - size_t len; - struct tm tm2; - char *ptr; - - len = strftime (buf, sizeof(buf), tests[i].vals[j].format, tm); - if (len != strlen (buf)) { - printf ("length of strftime(\"%s\") = %d (\"%s\")\n", - tests[i].vals[j].format, len, - buf); - ++ret; - continue; - } - if (strcmp (buf, tests[i].vals[j].result) != 0) { - printf ("result of strftime(\"%s\") = \"%s\" != \"%s\"\n", - tests[i].vals[j].format, buf, - tests[i].vals[j].result); - ++ret; - continue; - } - memset (&tm2, 0, sizeof(tm2)); - ptr = strptime (tests[i].vals[j].result, - tests[i].vals[j].format, - &tm2); - if (ptr == NULL || *ptr != '\0') { - printf ("bad return value from strptime(" - "\"%s\", \"%s\")\n", - tests[i].vals[j].result, - tests[i].vals[j].format); - ++ret; - } - strftime (buf, sizeof(buf), tests[i].vals[j].format, &tm2); - if (strcmp (buf, tests[i].vals[j].result) != 0) { - printf ("reverse of \"%s\" failed: \"%s\" vs \"%s\"\n", - tests[i].vals[j].format, - buf, tests[i].vals[j].result); - ++ret; - } - } - } - if (ret) { - printf ("%d errors\n", ret); - return 1; - } else - return 0; -} diff --git a/crypto/kerberosIV/lib/roken/strptime.c b/crypto/kerberosIV/lib/roken/strptime.c deleted file mode 100644 index 36f0822431f8..000000000000 --- a/crypto/kerberosIV/lib/roken/strptime.c +++ /dev/null @@ -1,444 +0,0 @@ -/* - * Copyright (c) 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of KTH nor the names of its contributors may be - * used to endorse or promote products derived from this software without - * specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY - * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR - * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, - * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR - * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF - * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include "roken.h" - -RCSID("$Id: strptime.c,v 1.2 1999/11/12 15:29:55 assar Exp $"); - -static const char *abb_weekdays[] = { - "Sun", - "Mon", - "Tue", - "Wed", - "Thu", - "Fri", - "Sat", - NULL -}; - -static const char *full_weekdays[] = { - "Sunday", - "Monday", - "Tuesday", - "Wednesday", - "Thursday", - "Friday", - "Saturday", - NULL -}; - -static const char *abb_month[] = { - "Jan", - "Feb", - "Mar", - "Apr", - "May", - "Jun", - "Jul", - "Aug", - "Sep", - "Oct", - "Nov", - "Dec", - NULL -}; - -static const char *full_month[] = { - "January", - "February", - "Mars", - "April", - "May", - "June", - "July", - "August", - "September", - "October", - "November", - "December", - NULL, -}; - -static const char *ampm[] = { - "am", - "pm", - NULL -}; - -/* - * Try to match `*buf' to one of the strings in `strs'. Return the - * index of the matching string (or -1 if none). Also advance buf. - */ - -static int -match_string (const char **buf, const char **strs) -{ - int i = 0; - - for (i = 0; strs[i] != NULL; ++i) { - int len = strlen (strs[i]); - - if (strncasecmp (*buf, strs[i], len) == 0) { - *buf += len; - return i; - } - } - return -1; -} - -/* - * tm_year is relative this year */ - -const int tm_year_base = 1900; - -/* - * Return TRUE iff `year' was a leap year. - */ - -static int -is_leap_year (int year) -{ - return (year % 4) == 0 && ((year % 100) != 0 || (year % 400) == 0); -} - -/* - * Return the weekday [0,6] (0 = Sunday) of the first day of `year' - */ - -static int -first_day (int year) -{ - int ret = 4; - - for (; year > 1970; --year) - ret = (ret + 365 + is_leap_year (year) ? 1 : 0) % 7; - return ret; -} - -/* - * Set `timeptr' given `wnum' (week number [0, 53]) - */ - -static void -set_week_number_sun (struct tm *timeptr, int wnum) -{ - int fday = first_day (timeptr->tm_year + tm_year_base); - - timeptr->tm_yday = wnum * 7 + timeptr->tm_wday - fday; - if (timeptr->tm_yday < 0) { - timeptr->tm_wday = fday; - timeptr->tm_yday = 0; - } -} - -/* - * Set `timeptr' given `wnum' (week number [0, 53]) - */ - -static void -set_week_number_mon (struct tm *timeptr, int wnum) -{ - int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7; - - timeptr->tm_yday = wnum * 7 + (timeptr->tm_wday + 6) % 7 - fday; - if (timeptr->tm_yday < 0) { - timeptr->tm_wday = (fday + 1) % 7; - timeptr->tm_yday = 0; - } -} - -/* - * Set `timeptr' given `wnum' (week number [0, 53]) - */ - -static void -set_week_number_mon4 (struct tm *timeptr, int wnum) -{ - int fday = (first_day (timeptr->tm_year + tm_year_base) + 6) % 7; - int offset = 0; - - if (fday < 4) - offset += 7; - - timeptr->tm_yday = offset + (wnum - 1) * 7 + timeptr->tm_wday - fday; - if (timeptr->tm_yday < 0) { - timeptr->tm_wday = fday; - timeptr->tm_yday = 0; - } -} - -/* - * - */ - -char * -strptime (const char *buf, const char *format, struct tm *timeptr) -{ - char c; - - for (; (c = *format) != '\0'; ++format) { - char *s; - int ret; - - if (isspace (c)) { - while (isspace (*buf)) - ++buf; - } else if (c == '%' && format[1] != '\0') { - c = *++format; - if (c == 'E' || c == 'O') - c = *++format; - switch (c) { - case 'A' : - ret = match_string (&buf, full_weekdays); - if (ret < 0) - return NULL; - timeptr->tm_wday = ret; - break; - case 'a' : - ret = match_string (&buf, abb_weekdays); - if (ret < 0) - return NULL; - timeptr->tm_wday = ret; - break; - case 'B' : - ret = match_string (&buf, full_month); - if (ret < 0) - return NULL; - timeptr->tm_mon = ret; - break; - case 'b' : - case 'h' : - ret = match_string (&buf, abb_month); - if (ret < 0) - return NULL; - timeptr->tm_mon = ret; - break; - case 'C' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_year = (ret * 100) - tm_year_base; - buf = s; - break; - case 'c' : - abort (); - case 'D' : /* %m/%d/%y */ - s = strptime (buf, "%m/%d/%y", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'd' : - case 'e' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_mday = ret; - buf = s; - break; - case 'H' : - case 'k' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_hour = ret; - buf = s; - break; - case 'I' : - case 'l' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - if (ret == 12) - timeptr->tm_hour = 0; - else - timeptr->tm_hour = ret; - buf = s; - break; - case 'j' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_yday = ret - 1; - buf = s; - break; - case 'm' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_mon = ret - 1; - buf = s; - break; - case 'M' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_min = ret; - buf = s; - break; - case 'n' : - if (*buf == '\n') - ++buf; - else - return NULL; - break; - case 'p' : - ret = match_string (&buf, ampm); - if (ret < 0) - return NULL; - if (timeptr->tm_hour == 0) { - if (ret == 1) - timeptr->tm_hour = 12; - } else - timeptr->tm_hour += 12; - break; - case 'r' : /* %I:%M:%S %p */ - s = strptime (buf, "%I:%M:%S %p", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'R' : /* %H:%M */ - s = strptime (buf, "%H:%M", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'S' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_sec = ret; - buf = s; - break; - case 't' : - if (*buf == '\t') - ++buf; - else - return NULL; - break; - case 'T' : /* %H:%M:%S */ - case 'X' : - s = strptime (buf, "%H:%M:%S", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'u' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_wday = ret - 1; - buf = s; - break; - case 'w' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_wday = ret; - buf = s; - break; - case 'U' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - set_week_number_sun (timeptr, ret); - buf = s; - break; - case 'V' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - set_week_number_mon4 (timeptr, ret); - buf = s; - break; - case 'W' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - set_week_number_mon (timeptr, ret); - buf = s; - break; - case 'x' : - s = strptime (buf, "%Y:%m:%d", timeptr); - if (s == NULL) - return NULL; - buf = s; - break; - case 'y' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - if (ret < 70) - timeptr->tm_year = 100 + ret; - else - timeptr->tm_year = ret; - buf = s; - break; - case 'Y' : - ret = strtol (buf, &s, 10); - if (s == buf) - return NULL; - timeptr->tm_year = ret - tm_year_base; - buf = s; - break; - case 'Z' : - abort (); - case '\0' : - --format; - /* FALLTHROUGH */ - case '%' : - if (*buf == '%') - ++buf; - else - return NULL; - break; - default : - if (*buf == '%' || *++buf == c) - ++buf; - else - return NULL; - break; - } - } else { - if (*buf == c) - ++buf; - else - return NULL; - } - } - return (char *)buf; -} diff --git a/crypto/kerberosIV/lib/roken/strsep.c b/crypto/kerberosIV/lib/roken/strsep.c deleted file mode 100644 index efc714a66426..000000000000 --- a/crypto/kerberosIV/lib/roken/strsep.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strsep.c,v 1.3 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include - -#include "roken.h" - -#ifndef HAVE_STRSEP - -char * -strsep(char **str, const char *delim) -{ - char *save = *str; - if(*str == NULL) - return NULL; - *str = *str + strcspn(*str, delim); - if(**str == 0) - *str = NULL; - else{ - **str = 0; - (*str)++; - } - return save; -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/strtok_r.c b/crypto/kerberosIV/lib/roken/strtok_r.c deleted file mode 100644 index 45b036aa9f36..000000000000 --- a/crypto/kerberosIV/lib/roken/strtok_r.c +++ /dev/null @@ -1,65 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strtok_r.c,v 1.5 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include - -#include "roken.h" - -#ifndef HAVE_STRTOK_R - -char * -strtok_r(char *s1, const char *s2, char **lasts) -{ - char *ret; - - if (s1 == NULL) - s1 = *lasts; - while(*s1 && strchr(s2, *s1)) - ++s1; - if(*s1 == '\0') - return NULL; - ret = s1; - while(*s1 && !strchr(s2, *s1)) - ++s1; - if(*s1) - *s1++ = '\0'; - *lasts = s1; - return ret; -} - -#endif /* HAVE_STRTOK_R */ diff --git a/crypto/kerberosIV/lib/roken/strupr.c b/crypto/kerberosIV/lib/roken/strupr.c deleted file mode 100644 index 96dd042a83e7..000000000000 --- a/crypto/kerberosIV/lib/roken/strupr.c +++ /dev/null @@ -1,53 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: strupr.c,v 1.4 1999/12/02 16:58:53 joda Exp $"); -#endif -#include -#include - -#include - -#ifndef HAVE_STRUPR -char * -strupr(char *str) -{ - char *s; - - for(s = str; *s; s++) - *s = toupper(*s); - return str; -} -#endif diff --git a/crypto/kerberosIV/lib/roken/swab.c b/crypto/kerberosIV/lib/roken/swab.c deleted file mode 100644 index c623bd0708e7..000000000000 --- a/crypto/kerberosIV/lib/roken/swab.c +++ /dev/null @@ -1,54 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include "roken.h" - -#ifndef HAVE_SWAB - -RCSID("$Id: swab.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); - -void -swab (char *from, char *to, int nbytes) -{ - while(nbytes >= 2) { - *(to + 1) = *from; - *to = *(from + 1); - to += 2; - from += 2; - nbytes -= 2; - } -} -#endif diff --git a/crypto/kerberosIV/lib/roken/tm2time.c b/crypto/kerberosIV/lib/roken/tm2time.c deleted file mode 100644 index b912e32dae33..000000000000 --- a/crypto/kerberosIV/lib/roken/tm2time.c +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: tm2time.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); -#endif - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif -#include "roken.h" - -time_t -tm2time (struct tm tm, int local) -{ - time_t t; - - tm.tm_isdst = -1; - - t = mktime (&tm); - - if (!local) - t += t - mktime (gmtime (&t)); - return t; -} diff --git a/crypto/kerberosIV/lib/roken/unsetenv.c b/crypto/kerberosIV/lib/roken/unsetenv.c deleted file mode 100644 index 6d95a513dcd3..000000000000 --- a/crypto/kerberosIV/lib/roken/unsetenv.c +++ /dev/null @@ -1,70 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: unsetenv.c,v 1.7 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include -#include - -#include "roken.h" - -extern char **environ; - -/* - * unsetenv -- - */ -void -unsetenv(const char *name) -{ - int len; - const char *np; - char **p; - - if (name == 0 || environ == 0) - return; - - for (np = name; *np && *np != '='; np++) - /* nop */; - len = np - name; - - for (p = environ; *p != 0; p++) - if (strncmp(*p, name, len) == 0 && (*p)[len] == '=') - break; - - for (; *p != 0; p++) - *p = *(p + 1); -} - diff --git a/crypto/kerberosIV/lib/roken/verify.c b/crypto/kerberosIV/lib/roken/verify.c deleted file mode 100644 index 842fa9a3aee8..000000000000 --- a/crypto/kerberosIV/lib/roken/verify.c +++ /dev/null @@ -1,62 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verify.c,v 1.13 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include -#ifdef HAVE_UNISTD_H -#include -#endif -#ifdef HAVE_CRYPT_H -#include -#endif -#include "roken.h" - -int -unix_verify_user(char *user, char *password) -{ - struct passwd *pw; - - pw = k_getpwnam(user); - if(pw == NULL) - return -1; - if(strlen(pw->pw_passwd) == 0 && strlen(password) == 0) - return 0; - if(strcmp(crypt(password, pw->pw_passwd), pw->pw_passwd) == 0) - return 0; - return -1; -} - diff --git a/crypto/kerberosIV/lib/roken/verr.c b/crypto/kerberosIV/lib/roken/verr.c deleted file mode 100644 index 511e6402e030..000000000000 --- a/crypto/kerberosIV/lib/roken/verr.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verr.c,v 1.8 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include "err.h" - -void -verr(int eval, const char *fmt, va_list ap) -{ - warnerr(1, fmt, ap); - exit(eval); -} diff --git a/crypto/kerberosIV/lib/roken/verrx.c b/crypto/kerberosIV/lib/roken/verrx.c deleted file mode 100644 index f4578d322bc7..000000000000 --- a/crypto/kerberosIV/lib/roken/verrx.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: verrx.c,v 1.8 1999/12/02 16:58:53 joda Exp $"); -#endif - -#include "err.h" - -void -verrx(int eval, const char *fmt, va_list ap) -{ - warnerr(0, fmt, ap); - exit(eval); -} diff --git a/crypto/kerberosIV/lib/roken/vsyslog.c b/crypto/kerberosIV/lib/roken/vsyslog.c deleted file mode 100644 index 22e6a35a80c0..000000000000 --- a/crypto/kerberosIV/lib/roken/vsyslog.c +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: vsyslog.c,v 1.3 1999/12/02 16:58:54 joda Exp $"); -#endif - -#ifndef HAVE_VSYSLOG - -#include -#include -#include - -#include "roken.h" - -void -vsyslog(int pri, const char *fmt, va_list ap) -{ - char *p; - - vasprintf (&p, fmt, ap); - syslog (pri, "%s", p); - free (p); -} - -#endif diff --git a/crypto/kerberosIV/lib/roken/vwarn.c b/crypto/kerberosIV/lib/roken/vwarn.c deleted file mode 100644 index 15f9a3827650..000000000000 --- a/crypto/kerberosIV/lib/roken/vwarn.c +++ /dev/null @@ -1,45 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: vwarn.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); -#endif - -#include "err.h" - -void -vwarn(const char *fmt, va_list ap) -{ - warnerr(1, fmt, ap); -} diff --git a/crypto/kerberosIV/lib/roken/vwarnx.c b/crypto/kerberosIV/lib/roken/vwarnx.c deleted file mode 100644 index 48f1ffd46bfc..000000000000 --- a/crypto/kerberosIV/lib/roken/vwarnx.c +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: vwarnx.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); -#endif - -#include "err.h" - -void -vwarnx(const char *fmt, va_list ap) -{ - warnerr(0, fmt, ap); -} - diff --git a/crypto/kerberosIV/lib/roken/warn.c b/crypto/kerberosIV/lib/roken/warn.c deleted file mode 100644 index d8ee335106a1..000000000000 --- a/crypto/kerberosIV/lib/roken/warn.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: warn.c,v 1.6 1999/12/02 16:58:54 joda Exp $"); -#endif - -#include "err.h" - -void -warn(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - vwarn(fmt, ap); - va_end(ap); -} diff --git a/crypto/kerberosIV/lib/roken/warnerr.c b/crypto/kerberosIV/lib/roken/warnerr.c deleted file mode 100644 index 4df375da67f5..000000000000 --- a/crypto/kerberosIV/lib/roken/warnerr.c +++ /dev/null @@ -1,79 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: warnerr.c,v 1.8 1999/12/02 16:58:54 joda Exp $"); -#endif - -#include "roken.h" -#include "err.h" - -#ifndef HAVE___PROGNAME -const char *__progname; -#endif - -void -set_progname(char *argv0) -{ -#ifndef HAVE___PROGNAME - char *p; - if(argv0 == NULL) - return; - p = strrchr(argv0, '/'); - if(p == NULL) - p = argv0; - else - p++; - __progname = p; -#endif -} - -void -warnerr(int doerrno, const char *fmt, va_list ap) -{ - int sverrno = errno; - if(__progname != NULL){ - fprintf(stderr, "%s", __progname); - if(fmt != NULL || doerrno) - fprintf(stderr, ": "); - } - if (fmt != NULL){ - vfprintf(stderr, fmt, ap); - if(doerrno) - fprintf(stderr, ": "); - } - if(doerrno) - fprintf(stderr, "%s", strerror(sverrno)); - fprintf(stderr, "\n"); -} diff --git a/crypto/kerberosIV/lib/roken/warnx.c b/crypto/kerberosIV/lib/roken/warnx.c deleted file mode 100644 index c991176a9de1..000000000000 --- a/crypto/kerberosIV/lib/roken/warnx.c +++ /dev/null @@ -1,48 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: warnx.c,v 1.6 1999/12/02 16:58:54 joda Exp $"); -#endif - -#include "err.h" - -void -warnx(const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - vwarnx(fmt, ap); - va_end(ap); -} diff --git a/crypto/kerberosIV/lib/roken/writev.c b/crypto/kerberosIV/lib/roken/writev.c deleted file mode 100644 index e3859bfe332c..000000000000 --- a/crypto/kerberosIV/lib/roken/writev.c +++ /dev/null @@ -1,64 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: writev.c,v 1.3 1999/12/02 16:58:54 joda Exp $"); -#endif - -#include "roken.h" - -ssize_t -writev(int d, const struct iovec *iov, int iovcnt) -{ - ssize_t ret; - size_t tot = 0; - int i; - char *buf, *p; - - for(i = 0; i < iovcnt; ++i) - tot += iov[i].iov_len; - buf = malloc(tot); - if (tot != 0 && buf == NULL) { - errno = ENOMEM; - return -1; - } - p = buf; - for (i = 0; i < iovcnt; ++i) { - memcpy (p, iov[i].iov_base, iov[i].iov_len); - p += iov[i].iov_len; - } - ret = write (d, buf, tot); - free (buf); - return ret; -} diff --git a/crypto/kerberosIV/lib/roken/xdbm.h b/crypto/kerberosIV/lib/roken/xdbm.h deleted file mode 100644 index ebfb7d705417..000000000000 --- a/crypto/kerberosIV/lib/roken/xdbm.h +++ /dev/null @@ -1,75 +0,0 @@ -/* - * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: xdbm.h,v 1.6.2.1 2000/08/16 04:11:29 assar Exp $ */ - -/* Generic *dbm include file */ - -#ifndef __XDBM_H__ -#define __XDBM_H__ - -#ifdef HAVE_NDBM_H -#include -#elif defined(HAVE_GDBM_NDBM_H) -#include -#elif defined(HAVE_DBM_H) -#include -#elif defined(HAVE_RPCSVC_DBM_H) -#include -#elif defined(HAVE_DB_H) -#define DB_DBM_HSEARCH 1 -#include -#endif - -/* Macros to convert ndbm names to dbm names. - * Note that dbm_nextkey() cannot be simply converted using a macro, since - * it is invoked giving the database, and nextkey() needs the previous key. - * - * Instead, all routines call "dbm_next" instead. - */ - -#ifndef NDBM -typedef char DBM; - -#define dbm_open(file, flags, mode) ((dbminit(file) == 0)?"":((char *)0)) -#define dbm_fetch(db, key) fetch(key) -#define dbm_store(db, key, content, flag) store(key, content) -#define dbm_delete(db, key) delete(key) -#define dbm_firstkey(db) firstkey() -#define dbm_next(db,key) nextkey(key) -#define dbm_close(db) dbmclose() -#else -#define dbm_next(db,key) dbm_nextkey(db) -#endif - -#endif /* __XDBM_H__ */ diff --git a/crypto/kerberosIV/lib/sl/ChangeLog b/crypto/kerberosIV/lib/sl/ChangeLog deleted file mode 100644 index a8647de0ed27..000000000000 --- a/crypto/kerberosIV/lib/sl/ChangeLog +++ /dev/null @@ -1,112 +0,0 @@ -Thu Apr 1 17:03:59 1999 Johan Danielsson - - * make_cmds.c: use getarg - -Tue Mar 23 14:36:21 1999 Johan Danielsson - - * Makefile.am: don't rename - -Sun Mar 21 14:13:29 1999 Johan Danielsson - - * Makefile.am: don't roken-rename - -Sat Mar 20 03:43:30 1999 Assar Westerlund - - * parse.y: replace return with YYACCEPT - -Fri Mar 19 14:53:20 1999 Johan Danielsson - - * Makefile.am: add libss; add version-info - -Thu Mar 18 15:07:06 1999 Johan Danielsson - - * Makefile.am: clean lex.c parse.c parse.h - - * Makefile.am: install ss.h - - * Makefile.am: include Makefile.am.common - -Thu Mar 11 15:01:01 1999 Johan Danielsson - - * parse.y: prototype for error_message - -Tue Feb 9 23:45:37 1999 Johan Danielsson - - * Makefile.in: add snprintf.o to make_cmds - -Sun Nov 22 10:46:23 1998 Assar Westerlund - - * sl.c (sl_command_loop): remove unused variable - - * ss.c (ss_error): remove unused variable - - * make_cmds.c: include err.h - (main): remove unused variable - - * Makefile.in (WFLAGS): set - -Sun Sep 27 01:28:21 1998 Assar Westerlund - - * make_cmds.c: clean-up and simplification - -Mon May 25 02:54:13 1998 Assar Westerlund - - * Makefile.in (clean): try to remove shared library debris - - * Makefile.in: make symlink magic work - -Sun Apr 19 10:00:26 1998 Assar Westerlund - - * Makefile.in: add symlink magic for linux - -Sun Apr 5 09:21:43 1998 Assar Westerlund - - * parse.y: define alloca to malloc in case we're using bison but - don't have alloca - -Sat Mar 28 11:39:00 1998 Assar Westerlund - - * sl.c (sl_loop): s/2/1 - -Sat Mar 21 00:46:51 1998 Johan Danielsson - - * sl.c (sl_loop): check that there is at least one argument before - calling sl_command - -Sun Mar 1 05:14:37 1998 Johan Danielsson - - * sl.c (sl_loop): Fix general broken-ness. - - * sl.c: Cleanup printing of help strings. - -Thu Feb 26 02:22:02 1998 Assar Westerlund - - * Makefile.am: @LEXLIB@ - -Sat Feb 21 15:18:21 1998 assar westerlund - - * Makefile.in: set YACC and LEX - -Mon Feb 16 16:08:25 1998 Johan Danielsson - - * Makefile.am: Some fixes for ss/mk_cmds. - -Sun Feb 15 05:12:11 1998 Johan Danielsson - - * Makefile.in: Install libsl under the `libss' name too. Install - mk_cmds, and ss.h. - - * make_cmds.c: A mk_cmds clone that creates SL structures. - - * ss.c: SS compatibility functions. - - * sl.c: Move command line split to function `sl_make_argv'. - -Tue Feb 3 16:45:44 1998 Johan Danielsson - - * sl.c: Add sl_command_loop, that is the loop body of sl_loop. - -Mon Oct 20 01:13:21 1997 Assar Westerlund - - * sl.c (sl_help): actually use the `help' field of `SL_cmd' - diff --git a/crypto/kerberosIV/lib/sl/Makefile.am b/crypto/kerberosIV/lib/sl/Makefile.am deleted file mode 100644 index 54bc75b033ca..000000000000 --- a/crypto/kerberosIV/lib/sl/Makefile.am +++ /dev/null @@ -1,44 +0,0 @@ -# $Id: Makefile.am,v 1.14 1999/04/09 18:28:29 assar Exp $ - -include $(top_srcdir)/Makefile.am.common - -YFLAGS = -d - -include_HEADERS = sl.h - -lib_LTLIBRARIES = libsl.la libss.la -libsl_la_LDFLAGS = -version-info 0:0:0 -libss_la_LDFLAGS = -version-info 0:0:0 - -RENAME_SRC = roken_rename.h strtok_r.c snprintf.c - -libsl_la_SOURCES = sl_locl.h sl.c -libss_la_SOURCES = $(libsl_la_SOURCES) ss.c ss.h - -EXTRA_libsl_la_SOURCES = strtok_r.c snprintf.c roken_rename.h - -# install these? - -noinst_PROGRAMS = mk_cmds - -mk_cmds_SOURCES = make_cmds.c make_cmds.h parse.y lex.l - -RENAME_mk_cmds_SRC = roken_rename.h snprintf.c - -EXTRA_mk_cmds_SOURCES = snprintf.c roken_rename.h - -ssincludedir = $(includedir)/ss -ssinclude_HEADERS = ss.h - -CLEANFILES = lex.c parse.c parse.h snprintf.c strtok_r.c - -$(mk_cmds_OBJECTS): parse.h - -LDADD = \ - $(LIB_roken) \ - $(LEXLIB) - -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . diff --git a/crypto/kerberosIV/lib/sl/Makefile.in b/crypto/kerberosIV/lib/sl/Makefile.in deleted file mode 100644 index 3d605b0d4fc1..000000000000 --- a/crypto/kerberosIV/lib/sl/Makefile.in +++ /dev/null @@ -1,142 +0,0 @@ -# -# $Id: Makefile.in,v 1.31.16.2 2000/06/23 03:20:04 assar Exp $ -# - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -top_builddir=../.. - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -LN_S = @LN_S@ -DEFS = @DEFS@ -DROKEN_RENAME -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ -YACC = @YACC@ -LEX = @LEX@ - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -bindir = @bindir@ -includedir = @includedir@ - -LIB_tgetent = @LIB_tgetent@ -LIB_DEPS = @lib_deps_yes@ @LIB_readline@ -lc -build_symlink_command = @build_symlink_command@ -install_symlink_command = @install_symlink_command@ -install_symlink_command2 = @install_symlink_command2@ - -PICFLAGS = @PICFLAGS@ -EXECSUFFIX = @EXECSUFFIX@ - -LIBEXT = @LIBEXT@ -SHLIBEXT = @SHLIBEXT@ -LIBPREFIX = @LIBPREFIX@ -LIBNAME = $(LIBPREFIX)sl -sl_LIB = $(LIBNAME).$(LIBEXT) -LIB = $(sl_LIB) -LIBNAME2 = $(LIBPREFIX)ss -ss_LIB = $(LIBNAME2).$(LIBEXT) -LIB2 = $(ss_LIB) -LDSHARED = @LDSHARED@ -PROGS = mk_cmds$(EXECSUFFIX) - -LIB_SOURCES = sl.c ss.c -EXTRA_SOURCES = strtok_r.c snprintf.c strupr.c - -SOURCES = $(LIB_SOURCES) make_cmds.c $(EXTRA_SOURCES) - -LIBADD = strtok_r.o snprintf.o strupr.o - -LIB_OBJECTS = sl.o ss.o $(LIBADD) - -mk_cmds_OBJECTS = make_cmds.o parse.o lex.o snprintf.o - -OBJECTS = $(LIB_OBJECTS) $(mk_cmds_OBJECTS) - -all: $(sl_LIB) $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../../include -I. -I$(srcdir) -I$(srcdir)/../des $(CFLAGS) $(CPPFLAGS) $(PICFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(includedir)/ss - $(INSTALL_DATA) $(srcdir)/ss.h $(DESTDIR)$(includedir)/ss/ss.h - $(MKINSTALLDIRS) $(DESTDIR)$(libdir) - $(INSTALL) -m 555 $(sl_LIB) $(DESTDIR)$(libdir)/$(sl_LIB) - $(INSTALL) -m 555 $(sl_LIB) $(DESTDIR)$(libdir)/$(ss_LIB) - @install_symlink_command@ - @install_symlink_command2@ - $(MKINSTALLDIRS) $(DESTDIR)$(bindir) - $(INSTALL) $(PROGS) $(DESTDIR)$(bindir)/$(PROGS) - -uninstall: - rm -f $(DESTDIR)$(includedir)/ss/ss.h - rm -f $(DESTDIR)$(libdir)/$(sl_LIB) $(DESTDIR)$(libdir)/$(ss_LIB) - rm -f $(DESTDIR)$(bindir)/$(PROGS) - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f $(sl_LIB) $(PROGS) lex.c parse.c parse.h *.o *.a *.so *.so.* so_locations - -mostlyclean: clean - -distclean: clean - rm -f Makefile *~ - -realclean: distclean - rm -f TAGS - -$(LIBNAME).a: $(LIB_OBJECTS) - rm -f $@ - $(AR) cr $@ $(LIB_OBJECTS) - -$(RANLIB) $@ - -$(LIBNAME).$(SHLIBEXT): $(LIB_OBJECTS) - rm -f $@ - $(LDSHARED) -o $@ $(LIB_OBJECTS) $(LIB_DEPS) - @build_symlink_command@ - -$(OBJECTS): ../../include/config.h - -$(mk_cmds_OBJECTS): parse.h - -mk_cmds$(EXECSUFFIX): $(mk_cmds_OBJECTS) - $(LINK) $(CFLAGS) -o $@ $(mk_cmds_OBJECTS) -L../roken -lroken - -parse.c: parse.h -parse.h: $(srcdir)/parse.y - $(YACC) -d $(srcdir)/parse.y - mv -f y.tab.h parse.h - mv -f y.tab.c parse.c - -lex.c: $(srcdir)/lex.l - $(LEX) $(srcdir)/lex.l - mv -f lex.yy.c lex.c - -strtok_r.c: - $(LN_S) $(srcdir)/../roken/strtok_r.c . -snprintf.c: - $(LN_S) $(srcdir)/../roken/snprintf.c . -strupr.c: - $(LN_S) $(srcdir)/../roken/strupr.c . - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/lib/sl/lex.l b/crypto/kerberosIV/lib/sl/lex.l deleted file mode 100644 index b7c1c4432346..000000000000 --- a/crypto/kerberosIV/lib/sl/lex.l +++ /dev/null @@ -1,114 +0,0 @@ -%{ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -#include "parse.h" - -RCSID("$Id: lex.l,v 1.3 1999/12/02 16:58:55 joda Exp $"); - -static unsigned lineno = 1; -void error_message(char *, ...); -int getstring(void); - -%} - - -%% -command_table { return TABLE; } -request { return REQUEST; } -unknown { return UNKNOWN; } -unimplemented { return UNIMPLEMENTED; } -end { return END; } -#[^\n]* ; -[ \t] ; -\n { lineno++; } -\" { return getstring(); } -[a-zA-Z0-9_]+ { yylval.string = strdup(yytext); return STRING; } -. { return *yytext; } -%% - -#ifndef yywrap /* XXX */ -int -yywrap () -{ - return 1; -} -#endif - -int -getstring(void) -{ - char x[128]; - int i = 0; - int c; - int backslash = 0; - while((c = input()) != EOF){ - if(backslash) { - if(c == 'n') - c = '\n'; - else if(c == 't') - c = '\t'; - x[i++] = c; - backslash = 0; - continue; - } - if(c == '\n'){ - error_message("unterminated string"); - lineno++; - break; - } - if(c == '\\'){ - backslash++; - continue; - } - if(c == '\"') - break; - x[i++] = c; - } - x[i] = '\0'; - yylval.string = strdup(x); - return STRING; -} - -void -error_message (char *format, ...) -{ - va_list args; - - va_start (args, format); - fprintf (stderr, "%s:%d: ", filename, lineno); - vfprintf (stderr, format, args); - va_end (args); - numerror++; -} diff --git a/crypto/kerberosIV/lib/sl/make_cmds.c b/crypto/kerberosIV/lib/sl/make_cmds.c deleted file mode 100644 index 492e9e671272..000000000000 --- a/crypto/kerberosIV/lib/sl/make_cmds.c +++ /dev/null @@ -1,240 +0,0 @@ -/* - * Copyright (c) 1998-1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -#include - -RCSID("$Id: make_cmds.c,v 1.6 1999/12/02 16:58:55 joda Exp $"); - -#include -#include -#include "parse.h" - -int numerror; -extern FILE *yyin; -FILE *c_file; - -extern void yyparse(void); - -#ifdef YYDEBUG -extern int yydebug = 1; -#endif - -char *filename; -char *table_name; - -static struct command_list *commands; - -void -add_command(char *function, - char *help, - struct string_list *aliases, - unsigned flags) -{ - struct command_list *cl = malloc(sizeof(*cl)); - - if (cl == NULL) - err (1, "malloc"); - cl->function = function; - cl->help = help; - cl->aliases = aliases; - cl->flags = flags; - cl->next = NULL; - if(commands) { - *commands->tail = cl; - commands->tail = &cl->next; - return; - } - cl->tail = &cl->next; - commands = cl; -} - -static char * -quote(const char *str) -{ - char buf[1024]; /* XXX */ - const char *p; - char *q; - q = buf; - - *q++ = '\"'; - for(p = str; *p != '\0'; p++) { - if(*p == '\n') { - *q++ = '\\'; - *q++ = 'n'; - continue; - } - if(*p == '\t') { - *q++ = '\\'; - *q++ = 't'; - continue; - } - if(*p == '\"' || *p == '\\') - *q++ = '\\'; - *q++ = *p; - } - *q++ = '\"'; - *q++ = '\0'; - return strdup(buf); -} - -static void -generate_commands(void) -{ - char *base; - char *cfn; - char *p; - - p = strrchr(table_name, '/'); - if(p == NULL) - p = table_name; - else - p++; - - base = strdup (p); - if (base == NULL) - err (1, "strdup"); - - p = strrchr(base, '.'); - if(p) - *p = '\0'; - - asprintf(&cfn, "%s.c", base); - if (cfn == NULL) - err (1, "asprintf"); - - c_file = fopen(cfn, "w"); - if (c_file == NULL) - err (1, "cannot fopen %s", cfn); - - fprintf(c_file, "/* Generated from %s */\n", filename); - fprintf(c_file, "\n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "#include \n"); - fprintf(c_file, "\n"); - - { - struct command_list *cl, *xl; - char *p, *q; - - for(cl = commands; cl; cl = cl->next) { - for(xl = commands; xl != cl; xl = xl->next) - if(strcmp(cl->function, xl->function) == 0) - break; - if(xl != cl) - continue; - /* XXX hack for ss_quit */ - if(strcmp(cl->function, "ss_quit") == 0) { - fprintf(c_file, "int %s (int, char**);\n", cl->function); - fprintf(c_file, "#define _ss_quit_wrap ss_quit\n\n"); - continue; - } - fprintf(c_file, "void %s (int, char**);\n", cl->function); - fprintf(c_file, "static int _%s_wrap (int argc, char **argv)\n", - cl->function); - fprintf(c_file, "{\n"); - fprintf(c_file, " %s (argc, argv);\n", cl->function); - fprintf(c_file, " return 0;\n"); - fprintf(c_file, "}\n\n"); - } - - fprintf(c_file, "SL_cmd %s[] = {\n", table_name); - for(cl = commands; cl; cl = cl->next) { - struct string_list *sl; - sl = cl->aliases; - p = quote(sl->string); - q = quote(cl->help); - fprintf(c_file, " { %s, _%s_wrap, %s },\n", p, cl->function, q); - free(p); - free(q); - - for(sl = sl->next; sl; sl = sl->next) { - p = quote(sl->string); - fprintf(c_file, " { %s },\n", p); - free(p); - } - } - fprintf(c_file, " { NULL },\n"); - fprintf(c_file, "};\n"); - fprintf(c_file, "\n"); - } - fclose(c_file); - free(base); - free(cfn); -} - -int version_flag; -int help_flag; -struct getargs args[] = { - { "version", 0, arg_flag, &version_flag }, - { "help", 0, arg_flag, &help_flag } -}; -int num_args = sizeof(args) / sizeof(args[0]); - -static void -usage(int code) -{ - arg_printusage(args, num_args, NULL, "command-table"); - exit(code); -} - -int -main(int argc, char **argv) -{ - int optind = 0; - - set_progname(argv[0]); - if(getarg(args, num_args, argc, argv, &optind)) - usage(1); - if(help_flag) - usage(0); - if(version_flag) { - print_version(NULL); - exit(0); - } - - if(argc == optind) - usage(1); - filename = argv[optind]; - yyin = fopen(filename, "r"); - if(yyin == NULL) - err(1, "%s", filename); - - yyparse(); - - generate_commands(); - - if(numerror) - return 1; - return 0; -} diff --git a/crypto/kerberosIV/lib/sl/make_cmds.h b/crypto/kerberosIV/lib/sl/make_cmds.h deleted file mode 100644 index 24dbd60d6c59..000000000000 --- a/crypto/kerberosIV/lib/sl/make_cmds.h +++ /dev/null @@ -1,69 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: make_cmds.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */ - -#ifndef __MAKE_CMDS_H__ -#define __MAKE_CMDS_H__ - -#ifdef HAVE_CONFIG_H -#include -#endif - -#include -#include -#include -#include - -extern char *filename; -extern char *table_name; -extern int numerror; - -struct command_list { - char *function; - char *help; - struct string_list *aliases; - unsigned flags; - struct command_list *next; - struct command_list **tail; -}; - -struct string_list { - char *string; - struct string_list *next; - struct string_list **tail; -}; - -void add_command(char*, char*, struct string_list*, unsigned); - -#endif /* __MAKE_CMDS_H__ */ diff --git a/crypto/kerberosIV/lib/sl/parse.y b/crypto/kerberosIV/lib/sl/parse.y deleted file mode 100644 index b8b2d6335f71..000000000000 --- a/crypto/kerberosIV/lib/sl/parse.y +++ /dev/null @@ -1,194 +0,0 @@ -%{ -/* - * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "make_cmds.h" -RCSID("$Id: parse.y,v 1.5 1999/12/02 16:58:55 joda Exp $"); - -void yyerror (char *s); -long name2number(const char *str); -void error_message(char *, ...); - -struct string_list* append_string(struct string_list*, char*); -void free_string_list(struct string_list *list); -unsigned string_to_flag(const char *); - -/* This is for bison */ - -#if !defined(alloca) && !defined(HAVE_ALLOCA) -#define alloca(x) malloc(x) -#endif - -%} - -%union { - char *string; - unsigned number; - struct string_list *list; -} - -%token TABLE REQUEST UNKNOWN UNIMPLEMENTED END -%token STRING -%type flag flags -%type aliases - -%% - -file : /* */ - | statements - ; - -statements : statement - | statements statement - ; - -statement : TABLE STRING ';' - { - table_name = $2; - } - | REQUEST STRING ',' STRING ',' aliases ',' '(' flags ')' ';' - { - add_command($2, $4, $6, $9); - } - | REQUEST STRING ',' STRING ',' aliases ';' - { - add_command($2, $4, $6, 0); - } - | UNIMPLEMENTED STRING ',' STRING ',' aliases ';' - { - free($2); - free($4); - free_string_list($6); - } - | UNKNOWN aliases ';' - { - free_string_list($2); - } - | END ';' - { - YYACCEPT; - } - ; - -aliases : STRING - { - $$ = append_string(NULL, $1); - } - | aliases ',' STRING - { - $$ = append_string($1, $3); - } - ; - -flags : flag - { - $$ = $1; - } - | flags ',' flag - { - $$ = $1 | $3; - } - ; -flag : STRING - { - $$ = string_to_flag($1); - free($1); - } - ; - - - -%% - -long -name2number(const char *str) -{ - const char *p; - long base = 0; - const char *x = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz0123456789_"; - if(strlen(str) > 4) { - yyerror("table name too long"); - return 0; - } - for(p = str; *p; p++){ - char *q = strchr(x, *p); - if(q == NULL) { - yyerror("invalid character in table name"); - return 0; - } - base = (base << 6) + (q - x) + 1; - } - base <<= 8; - if(base > 0x7fffffff) - base = -(0xffffffff - base + 1); - return base; -} - -void -yyerror (char *s) -{ - error_message ("%s\n", s); -} - -struct string_list* -append_string(struct string_list *list, char *str) -{ - struct string_list *sl = malloc(sizeof(*sl)); - sl->string = str; - sl->next = NULL; - if(list) { - *list->tail = sl; - list->tail = &sl->next; - return list; - } - sl->tail = &sl->next; - return sl; -} - -void -free_string_list(struct string_list *list) -{ - while(list) { - struct string_list *sl = list->next; - free(list->string); - free(list); - list = sl; - } -} - -unsigned -string_to_flag(const char *string) -{ - return 0; -} diff --git a/crypto/kerberosIV/lib/sl/roken_rename.h b/crypto/kerberosIV/lib/sl/roken_rename.h deleted file mode 100644 index c668802ac5d5..000000000000 --- a/crypto/kerberosIV/lib/sl/roken_rename.h +++ /dev/null @@ -1,61 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken_rename.h,v 1.3 1999/12/02 16:58:55 joda Exp $ */ - -#ifndef __roken_rename_h__ -#define __roken_rename_h__ - -#ifndef HAVE_STRTOK_R -#define strtok_r _sl_strtok_r -#endif -#ifndef HAVE_SNPRINTF -#define snprintf _sl_snprintf -#endif -#ifndef HAVE_ASPRINTF -#define asprintf _sl_asprintf -#endif -#ifndef HAVE_ASNPRINTF -#define asnprintf _sl_asnprintf -#endif -#ifndef HAVE_VASPRINTF -#define vasprintf _sl_vasprintf -#endif -#ifndef HAVE_VASNPRINTF -#define vasnprintf _sl_vasnprintf -#endif -#ifndef HAVE_VSNPRINTF -#define vsnprintf _sl_vsnprintf -#endif - -#endif /* __roken_rename_h__ */ diff --git a/crypto/kerberosIV/lib/sl/sl.c b/crypto/kerberosIV/lib/sl/sl.c deleted file mode 100644 index 688ca8b22a25..000000000000 --- a/crypto/kerberosIV/lib/sl/sl.c +++ /dev/null @@ -1,223 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#ifdef HAVE_CONFIG_H -#include -RCSID("$Id: sl.c,v 1.25 1999/12/02 16:58:55 joda Exp $"); -#endif - -#include "sl_locl.h" - -static SL_cmd * -sl_match (SL_cmd *cmds, char *cmd, int exactp) -{ - SL_cmd *c, *current = NULL, *partial_cmd = NULL; - int partial_match = 0; - - for (c = cmds; c->name; ++c) { - if (c->func) - current = c; - if (strcmp (cmd, c->name) == 0) - return current; - else if (strncmp (cmd, c->name, strlen(cmd)) == 0 && - partial_cmd != current) { - ++partial_match; - partial_cmd = current; - } - } - if (partial_match == 1 && !exactp) - return partial_cmd; - else - return NULL; -} - -void -sl_help (SL_cmd *cmds, int argc, char **argv) -{ - SL_cmd *c, *prev_c; - - if (argc == 1) { - prev_c = NULL; - for (c = cmds; c->name; ++c) { - if (c->func) { - if(prev_c) - printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", - prev_c->usage ? "\n" : ""); - prev_c = c; - printf ("%s", c->name); - } else - printf (", %s", c->name); - } - if(prev_c) - printf ("\n\t%s%s", prev_c->usage ? prev_c->usage : "", - prev_c->usage ? "\n" : ""); - } else { - c = sl_match (cmds, argv[1], 0); - if (c == NULL) - printf ("No such command: %s. " - "Try \"help\" for a list of all commands\n", - argv[1]); - else { - printf ("%s\t%s\n", c->name, c->usage); - if(c->help && *c->help) - printf ("%s\n", c->help); - if((++c)->name && c->func == NULL) { - printf ("Synonyms:"); - while (c->name && c->func == NULL) - printf ("\t%s", (c++)->name); - printf ("\n"); - } - } - } -} - -#ifdef HAVE_READLINE - -char *readline(char *prompt); -void add_history(char *p); - -#else - -static char * -readline(char *prompt) -{ - char buf[BUFSIZ]; - printf ("%s", prompt); - fflush (stdout); - if(fgets(buf, sizeof(buf), stdin) == NULL) - return NULL; - if (buf[strlen(buf) - 1] == '\n') - buf[strlen(buf) - 1] = '\0'; - return strdup(buf); -} - -static void -add_history(char *p) -{ -} - -#endif - -int -sl_command(SL_cmd *cmds, int argc, char **argv) -{ - SL_cmd *c; - c = sl_match (cmds, argv[0], 0); - if (c == NULL) - return -1; - return (*c->func)(argc, argv); -} - -struct sl_data { - int max_count; - char **ptr; -}; - -int -sl_make_argv(char *line, int *ret_argc, char ***ret_argv) -{ - char *foo = NULL; - char *p; - int argc, nargv; - char **argv; - - nargv = 10; - argv = malloc(nargv * sizeof(*argv)); - if(argv == NULL) - return ENOMEM; - argc = 0; - - for(p = strtok_r (line, " \t", &foo); - p; - p = strtok_r (NULL, " \t", &foo)) { - if(argc == nargv - 1) { - char **tmp; - nargv *= 2; - tmp = realloc (argv, nargv * sizeof(*argv)); - if (tmp == NULL) { - free(argv); - return ENOMEM; - } - argv = tmp; - } - argv[argc++] = p; - } - argv[argc] = NULL; - *ret_argc = argc; - *ret_argv = argv; - return 0; -} - -/* return values: 0 on success, -1 on fatal error, or return value of command */ -int -sl_command_loop(SL_cmd *cmds, char *prompt, void **data) -{ - int ret = 0; - char *buf; - int argc; - char **argv; - - ret = 0; - buf = readline(prompt); - if(buf == NULL) - return 1; - - if(*buf) - add_history(buf); - ret = sl_make_argv(buf, &argc, &argv); - if(ret) { - fprintf(stderr, "sl_loop: out of memory\n"); - free(buf); - return -1; - } - if (argc >= 1) { - ret = sl_command(cmds, argc, argv); - if(ret == -1) { - printf ("Unrecognized command: %s\n", argv[0]); - ret = 0; - } - } - free(buf); - free(argv); - return ret; -} - -int -sl_loop(SL_cmd *cmds, char *prompt) -{ - void *data = NULL; - int ret; - while((ret = sl_command_loop(cmds, prompt, &data)) == 0) - ; - return ret; -} diff --git a/crypto/kerberosIV/lib/sl/sl.h b/crypto/kerberosIV/lib/sl/sl.h deleted file mode 100644 index 1a6d3fa6e6e1..000000000000 --- a/crypto/kerberosIV/lib/sl/sl.h +++ /dev/null @@ -1,57 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: sl.h,v 1.7 1999/12/02 16:58:55 joda Exp $ */ - -#ifndef _SL_H -#define _SL_H - -typedef int (*cmd_func)(int, char **); - -struct sl_cmd { - char *name; - cmd_func func; - char *usage; - char *help; -}; - -typedef struct sl_cmd SL_cmd; - -void sl_help (SL_cmd *, int argc, char **argv); -int sl_loop (SL_cmd *, char *prompt); -int sl_command_loop (SL_cmd *cmds, char *prompt, void **data); -int sl_command (SL_cmd *cmds, int argc, char **argv); -int sl_make_argv(char*, int*, char***); - - -#endif /* _SL_H */ diff --git a/crypto/kerberosIV/lib/sl/sl_locl.h b/crypto/kerberosIV/lib/sl/sl_locl.h deleted file mode 100644 index 4bd966003b3d..000000000000 --- a/crypto/kerberosIV/lib/sl/sl_locl.h +++ /dev/null @@ -1,46 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: sl_locl.h,v 1.6 1999/12/02 16:58:55 joda Exp $ */ - -#ifdef HAVE_CONFIG_H -#include -#endif -#include -#include -#include -#include - -#include - -#include diff --git a/crypto/kerberosIV/lib/sl/ss.c b/crypto/kerberosIV/lib/sl/ss.c deleted file mode 100644 index f3c0546b4d78..000000000000 --- a/crypto/kerberosIV/lib/sl/ss.c +++ /dev/null @@ -1,133 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "sl_locl.h" -#include -#include "ss.h" - -RCSID("$Id: ss.c,v 1.4 1999/12/02 16:58:55 joda Exp $"); - -struct ss_subst { - char *name; - char *version; - char *info; - ss_request_table *table; -}; - -static struct ss_subst subsystems[2]; -static int num_subsystems; - -int -ss_create_invocation(const char *subsystem, - const char *version, - const char *info, - ss_request_table *table, - int *code) -{ - struct ss_subst *ss; - if(num_subsystems >= sizeof(subsystems) / sizeof(subsystems[0])) { - *code = 17; - return 0; - } - ss = &subsystems[num_subsystems]; - ss->name = subsystem ? strdup(subsystem) : NULL; - ss->version = version ? strdup(version) : NULL; - ss->info = info ? strdup(info) : NULL; - ss->table = table; - *code = 0; - return num_subsystems++; -} - -void -ss_error (int index, long code, const char *fmt, ...) -{ - va_list ap; - va_start(ap, fmt); - com_err_va (subsystems[index].name, code, fmt, ap); - va_end(ap); -} - -void -ss_perror (int index, long code, const char *msg) -{ - ss_error(index, code, "%s", msg); -} - -int -ss_execute_command(int index, char **argv) -{ - int argc = 0; - while(argv[argc++]); - sl_command(subsystems[index].table, argc, argv); - return 0; -} - -int -ss_execute_line (int index, const char *line) -{ - char *buf = strdup(line); - int argc; - char **argv; - - sl_make_argv(buf, &argc, &argv); - sl_command(subsystems[index].table, argc, argv); - free(buf); - return 0; -} - -int -ss_listen (int index) -{ - char *prompt = malloc(strlen(subsystems[index].name) + 3); - if(prompt == NULL) { - abort(); - } - strcpy(prompt, subsystems[index].name); - strcat(prompt, ": "); - sl_loop(subsystems[index].table, prompt); - free(prompt); - return 0; -} - -int -ss_list_requests(int argc, char **argv /* , int index, void *info */) -{ - sl_help(subsystems[0 /* index */].table, argc, argv); - return 0; -} - -int -ss_quit(int argc, char **argv) -{ - return 1; -} diff --git a/crypto/kerberosIV/lib/sl/ss.h b/crypto/kerberosIV/lib/sl/ss.h deleted file mode 100644 index 0d9d2977b7ac..000000000000 --- a/crypto/kerberosIV/lib/sl/ss.h +++ /dev/null @@ -1,55 +0,0 @@ -/* - * Copyright (c) 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ -/* $Id: ss.h,v 1.2 1999/12/02 16:58:55 joda Exp $ */ - -/* SS compatibility for SL */ - -#ifndef __ss_h__ -#define __ss_h__ - -#include - -typedef SL_cmd ss_request_table; - -int ss_create_invocation (const char *, const char *, const char*, - ss_request_table*, int*); - -void ss_error (int, long, const char*, ...); -int ss_execute_command (int, char**); -int ss_execute_line (int, const char*); -int ss_list_requests (int argc, char**); -int ss_listen (int); -void ss_perror (int, long, const char*); -int ss_quit (int argc, char**); - -#endif /* __ss_h__ */ diff --git a/crypto/kerberosIV/man/Makefile b/crypto/kerberosIV/man/Makefile deleted file mode 100644 index 6e6442add459..000000000000 --- a/crypto/kerberosIV/man/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -# -# *** THIS FILE IS NORMALLY OVERWRITTEN BY CONFIGURE *** -# -# -# $Id: Makefile,v 1.3 1997/09/09 15:06:35 bg Exp $ - -all: - $(MAKE) -f Makefile.in cat - -clean: - rm -f *.cat[1358] *~ diff --git a/crypto/kerberosIV/man/Makefile.in b/crypto/kerberosIV/man/Makefile.in deleted file mode 100644 index c4941b1e83ca..000000000000 --- a/crypto/kerberosIV/man/Makefile.in +++ /dev/null @@ -1,153 +0,0 @@ -# Makefile.in,v 1.2 1994/05/13 05:02:46 assar Exp - -srcdir = @srcdir@ -VPATH = @srcdir@ - -SHELL = /bin/sh - -INSTALL = @INSTALL@ -INSTALL_DATA = @INSTALL_DATA@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -mandir = @mandir@ -transform = @program_transform_name@ - -disable_cat_manpages = @disable_cat_manpages@ - -# You need a BSD44 system or groff to create the manpages -NROFF_MAN = groff -mandoc -Tascii -#NROFF_MAN = nroff -man -.SUFFIXES: .1 .cat1 .3 .cat3 .5 .cat5 .8 .cat8 -.1.cat1: ; $(NROFF_MAN) $< > $@ -.3.cat3: ; $(NROFF_MAN) $< > $@ -.5.cat5: ; $(NROFF_MAN) $< > $@ -.8.cat8: ; $(NROFF_MAN) $< > $@ - - -MANRX = \(.*\)\.\([0-9]\) -CATRX = \(.*\)\.cat\([0-9]\) -CATSUFFIX=@CATSUFFIX@ - -MAN1 = afslog.1 des.1 ftp.1 kauth.1 kdestroy.1 \ - kerberos.1 kinit.1 klist.1 kpasswd.1 ksrvtgt.1 \ - kx.1 login.1 movemail.1 otp.1 otpprint.1 pagsh.1 \ - rcp.1 rlogin.1 rsh.1 rxtelnet.1 rxterm.1 su.1 \ - telnet.1 tenletxr.1 - -CAT1 = afslog.cat1 des.cat1 ftp.cat1 kauth.cat1 kdestroy.cat1 \ - kerberos.cat1 kinit.cat1 klist.cat1 kpasswd.cat1 ksrvtgt.cat1 \ - kx.cat1 login.cat1 movemail.cat1 otp.cat1 otpprint.cat1 pagsh.cat1 \ - rcp.cat1 rlogin.cat1 rsh.cat1 rxtelnet.cat1 rxterm.cat1 su.cat1 \ - telnet.cat1 tenletxr.cat1 - -MAN3 = acl_check.3 des_crypt.3 kafs.3 \ - kerberos.3 krb_realmofhost.3 krb_sendauth.3 \ - krb_set_tkt_string.3 kuserok.3 tf_util.3 \ - ../lib/editline/editline.3 - -# getusershell.3 - -CAT3 = acl_check.cat3 des_crypt.cat3 kafs.cat3 \ - kerberos.cat3 krb_realmofhost.cat3 krb_sendauth.cat3 \ - krb_set_tkt_string.cat3 kuserok.cat3 tf_util.cat3 \ - ../lib/editline/editline.cat3 - -# getusershell.cat3 - -MAN5 = ftpusers.5 krb.conf.5 krb.equiv.5 krb.extra.5 \ - krb.realms.5 login.access.5 - -CAT5 = ftpusers.cat5 krb.conf.cat5 krb.equiv.cat5 \ - krb.realms.cat5 login.access.cat5 - -MAN8 = ext_srvtab.8 ftpd.8 kadmin.8 kadmind.8 kauthd.8 \ - kdb_destroy.8 kdb_edit.8 kdb_init.8 kdb_util.8 \ - kerberos.8 kprop.8 kpropd.8 ksrvutil.8 kstash.8 \ - kxd.8 popper.8 rlogind.8 rshd.8 telnetd.8 \ - ../appl/push/push.8 - -CAT8 = ext_srvtab.cat8 ftpd.cat8 kadmin.cat8 kadmind.cat8 kauthd.cat8 \ - kdb_destroy.cat8 kdb_edit.cat8 kdb_init.cat8 kdb_util.cat8 \ - kerberos.cat8 kprop.cat8 kpropd.cat8 ksrvutil.cat8 kstash.cat8 \ - kxd.cat8 popper.cat8 rlogind.cat8 rshd.cat8 telnetd.cat8 \ - ../appl/push/push.cat8 - -all: - -cat: $(CAT1) $(CAT3) $(CAT5) $(CAT8) - -Wall: - -install: all - for x in man1 man3 man5 man8; do \ - $(MKINSTALLDIRS) $(DESTDIR)$(mandir)/$$x; done - if test "$(disable_cat_manpages)" != "yes"; then \ - for x in cat1 cat3 cat5 cat8; do \ - $(MKINSTALLDIRS) $(DESTDIR)$(mandir)/$$x; done \ - fi - @(cd $(srcdir); \ - for x in $(MAN1) $(MAN8); do \ - f=`basename $$x`; \ - b=`echo $$f | sed 's!$(MANRX)!\1!'`; \ - s=`echo $$x | sed 's!$(MANRX)!\2!'` ; \ - m=`echo $$b | sed '$(transform)'`.$$s; \ - echo "$(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/man$$s/$$m";\ - $(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/man$$s/$$m; done ;\ - for x in $(MAN3) $(MAN5); do \ - f=`basename $$x`; \ - s=`echo $$f | sed 's!$(MANRX)!\2!'` ; \ - echo "$(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/man$$s/$$f";\ - $(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/man$$s/$$f; done ;\ - if test "$(disable_cat_manpages)" != "yes"; then \ - for x in $(CAT1) $(CAT8); do \ - if test -f $$x; then \ - f=`basename $$x`; \ - b=`echo $$f | sed 's!$(CATRX)!\1!'`; \ - s=`echo $$x | sed 's!$(CATRX)!\2!'`; \ - m=`echo $$b | sed '$(transform)'`; \ - echo "$(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/cat$$s/$$m.$(CATSUFFIX)";\ - $(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/cat$$s/$$m.$(CATSUFFIX);\ - fi; done ;\ - for x in $(CAT3) $(CAT5); do \ - if test -f $$x; then \ - f=`basename $$x`; \ - s=`echo $$f | sed 's!$(CATRX)!\2!'`; \ - b=`echo $$f | sed 's!$(CATRX)!\1!'`; \ - echo "$(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/cat$$s/$$b.$(CATSUFFIX)";\ - $(INSTALL_DATA) $$x $(DESTDIR)$(mandir)/cat$$s/$$b.$(CATSUFFIX);\ - fi; done; fi ) - -uninstall: - for x in $(MAN1) $(MAN8); do \ - f=`basename $$x`; \ - b=`echo $$f | sed 's!$(MANRX)!\1!'`; \ - s=`echo $$x | sed 's!$(MANRX)!\2!'` ; \ - m=`echo $$b | sed '$(transform)'`.$$s; \ - rm -f $(DESTDIR)$(mandir)/man$$s/$$m; done - for x in $(MAN3) $(MAN5); do \ - f=`basename $$x`; \ - s=`echo $$f | sed 's!$(MANRX)!\2!'` ; \ - rm -f $(DESTDIR)$(mandir)/man$$s/$$f; done - for x in $(CAT1) $(CAT8); do \ - f=`basename $$x`; \ - b=`echo $$f | sed 's!$(CATRX)!\1!'`; \ - s=`echo $$x | sed 's!$(CATRX)!\2!'`; \ - m=`echo $$b | sed '$(transform)'`; \ - rm -f $(DESTDIR)$(mandir)/cat$$s/$$m.$(CATSUFFIX); done - for x in $(CAT3) $(CAT5); do \ - f=`basename $$x`; \ - s=`echo $$f | sed 's!$(CATRX)!\2!'`; \ - b=`echo $$x | sed 's!$(CATRX)!\1!'`; \ - rm -f $(DESTDIR)$(mandir)/cat$$s/$$b.$(CATSUFFIX); done - -clean: - -mostlyclean: clean - -distclean: - rm -f Makefile *~ - -realclean: distclean - -.PHONY: all cat Wall install uninstall clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/man/acl_check.3 b/crypto/kerberosIV/man/acl_check.3 deleted file mode 100644 index 53bb7c8bf961..000000000000 --- a/crypto/kerberosIV/man/acl_check.3 +++ /dev/null @@ -1,182 +0,0 @@ -.\" $Id: acl_check.3,v 1.2 1996/06/12 21:29:08 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH ACL_CHECK 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -acl_canonicalize_principal, acl_check, acl_exact_match, acl_add, -acl_delete, acl_initialize \- Access control list routines -.SH SYNOPSIS -.nf -.nj -.ft B -cc \-lacl \-lkrb -.PP -.ft B -#include -.PP -.ft B -acl_canonicalize_principal(principal, buf) -char *principal; -char *buf; -.PP -.ft B -acl_check(acl, principal) -char *acl; -char *principal; -.PP -.ft B -acl_exact_match(acl, principal) -char *acl; -char *principal; -.PP -.ft B -acl_add(acl, principal) -char *acl; -char *principal; -.PP -.ft B -acl_delete(acl, principal) -char *acl; -char *principal; -.PP -.ft B -acl_initialize(acl_file, mode) -char *acl_file; -int mode; -.fi -.ft R -.SH DESCRIPTION -.SS Introduction -.PP -An access control list (ACL) is a list of principals, where each -principal is represented by a text string which cannot contain -whitespace. The library allows application programs to refer to named -access control lists to test membership and to atomically add and -delete principals using a natural and intuitive interface. At -present, the names of access control lists are required to be Unix -filenames, and refer to human-readable Unix files; in the future, when -a networked ACL server is implemented, the names may refer to a -different namespace specific to the ACL service. -.PP -.SS Principal Names -.PP -Principal names have the form -.nf -.in +5n -[.][@] -.in -5n -e.g.: -.in +5n -asp -asp.root -asp@ATHENA.MIT.EDU -asp.@ATHENA.MIT.EDU -asp.root@ATHENA.MIT.EDU -.in -5n -.fi -It is possible for principals to be underspecified. If an instance is -missing, it is assumed to be "". If realm is missing, it is assumed -to be the local realm as determined by -.IR krb_get_lrealm (3). -The canonical form contains all of name, instance, -and realm; the acl_add and acl_delete routines will always -leave the file in that form. Note that the canonical form of -asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU. -.SS Routines -.PP -.I acl_canonicalize_principal -stores the canonical form of -.I principal -in -.IR buf . -.I Buf -must contain enough -space to store a principal, given the limits on the sizes of name, -instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ, -respectively, in -.IR /usr/include/krb.h . -.PP -.I acl_check -returns nonzero if -.I principal -appears in -.IR acl . -Returns 0 if principal -does not appear in acl, or if an error occurs. Canonicalizes -principal before checking, and allows the ACL to contain wildcards. The -only supported wildcards are entries of the form -name.*@realm, *.*@realm, and *.*@*. An asterisk matches any value for the -its component field. For example, "jtkohl.*@*" would match principal -jtkohl, with any instance and any realm. -.PP -.I acl_exact_match -performs like -.IR acl_check , -but does no canonicalization or wildcard matching. -.PP -.I acl_add -atomically adds -.I principal -to -.IR acl . -Returns 0 if successful, nonzero otherwise. It is considered a failure -if -.I principal -is already in -.IR acl . -This routine will canonicalize -.IR principal , -but will treat wildcards literally. -.PP -.I acl_delete -atomically deletes -.I principal -from -.IR acl . -Returns 0 if successful, -nonzero otherwise. It is considered a failure if -.I principal -is not -already in -.IR acl . -This routine will canonicalize -.IR principal , -but will treat wildcards literally. -.PP -.I acl_initialize -initializes -.IR acl_file . -If the file -.I acl_file -does not exist, -.I acl_initialize -creates it with mode -.IR mode . -If the file -.I acl_file -exists, -.I acl_initialize -removes all members. Returns 0 if successful, -nonzero otherwise. WARNING: Mode argument is likely to change with -the eventual introduction of an ACL service. -.SH NOTES -In the presence of concurrency, there is a very small chance that -.I acl_add -or -.I acl_delete -could report success even though it would have -had no effect. This is a necessary side effect of using lock files -for concurrency control rather than flock(2), which is not supported -by NFS. -.PP -The current implementation caches ACLs in memory in a hash-table -format for increased efficiency in checking membership; one effect of -the caching scheme is that one file descriptor will be kept open for -each ACL cached, up to a maximum of 8. -.SH SEE ALSO -kerberos(3), krb_get_lrealm(3) -.SH AUTHOR -James Aspnes (MIT Project Athena) diff --git a/crypto/kerberosIV/man/afslog.1 b/crypto/kerberosIV/man/afslog.1 deleted file mode 100644 index 5202a71bb63e..000000000000 --- a/crypto/kerberosIV/man/afslog.1 +++ /dev/null @@ -1,71 +0,0 @@ -.\" $Id: afslog.1,v 1.3 1998/06/30 15:28:48 assar Exp $ -.\" -.Dd April 27, 1996 -.Dt AFSLOG 1 -.Os KTH-KRB -.Sh NAME -.Nm afslog -.Nd "obtains AFS tokens for specified cells" -.Sh SYNOPSIS -.Nm -.Op Fl d -.Op Fl c Ar cell -.Op Fl k Ar realm -.Op Fl p Pa path -.Op Fl unlog -.Op Fl createuser -.Op Ar args -.Sh DESCRIPTION -The -.Nm -command obtains AFS tokens, -.Ar args -are either a name of a cell or a pathnames of a file in the cell to -get tokens for. If an argument is -.Li . -or -.Li .. -or contains a slash it is assumed to be a pathname. Otherwise it is -assumed to be a name of a cell or a prefix thereof. -.Pp -The -.Fl c -and -.Fl p -flags can be used to resolve ambiguities. -.Pp -.Nm -might fail to guess the Kerberos realm to get tickets for (for -instance if the volume location servers of the cell does not reside in -the kerberos realm that holds the AFS service key, and the correct -realm isn't the same as the cell name or the local realm (I didn't say -this was a common problem)). Anyway, the -.Fl k -can be used to give a hint. It should not be used unless there is a -problem, since all tickets will be taken from the specified realm and -this is not (usually) what you want. -.Pp -.Fl createuser -means that -.Nm -should try to run -.Nm pts -to create a remote user principal in another cell. -.Fl d -can be used for debugging. -.Pp -If the -.Fl unlog -flag is given any tokens are removed and all other arguments are ignored. -.Sh SEE ALSO -.Xr kauth 1 , -.Xr kafs 3 -.Sh BUGS -It should be able to handle the MIT Athena -.Nm aklog -flags -.Fl hosts , -.Fl zsubs , -and -.Fl noprdb , -but does not. diff --git a/crypto/kerberosIV/man/ext_srvtab.8 b/crypto/kerberosIV/man/ext_srvtab.8 deleted file mode 100644 index 4f2c12006be5..000000000000 --- a/crypto/kerberosIV/man/ext_srvtab.8 +++ /dev/null @@ -1,62 +0,0 @@ -.\" $Id: ext_srvtab.8,v 1.3 1997/04/02 21:09:51 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH EXT_SRVTAB 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -ext_srvtab \- extract service key files from Kerberos key distribution center database -.SH SYNOPSIS -ext_srvtab [ -.B \-n -] [ -.B \-r realm -] [ -.B hostname ... -] -.SH DESCRIPTION -.I ext_srvtab -extracts service key files from the Kerberos key distribution center -(KDC) database. -.PP -Upon execution, it prompts the user to enter the master key string for -the database. If the -.B \-n -option is specified, the master key is instead fetched from the master -key cache file. -.PP -For each -.I hostname -specified on the command line, -.I ext_srvtab -creates the service key file -.IR hostname -new-srvtab, -containing all the entries in the database with an instance field of -.I hostname. -This new file contains all the keys registered for Kerberos-mediated -service providing programs which use the -.IR krb_get_phost (3) -principal and instance conventions to run on the host -.IR hostname . -If the -.B \-r -option is specified, the realm fields in the extracted file will -match the given realm rather than the local realm. -.SH DIAGNOSTICS -.TP 20n -"verify_master_key: Invalid master key, does not match database." -The master key string entered was incorrect. -.SH FILES -.TP 20n -.IR hostname -new-srvtab -Service key file generated for -.I hostname -.TP -/var/kerberos/principal.pag, /var/kerberos/principal.dir -DBM files containing database -.TP -/.k -Master key cache file. -.SH SEE ALSO -read_service_key(3), krb_get_phost(3) diff --git a/crypto/kerberosIV/man/ftp.1 b/crypto/kerberosIV/man/ftp.1 deleted file mode 100644 index 9ad7f4c9e9b5..000000000000 --- a/crypto/kerberosIV/man/ftp.1 +++ /dev/null @@ -1,1193 +0,0 @@ -.\" $NetBSD: ftp.1,v 1.11 1995/09/08 01:06:24 tls Exp $ -.\" -.\" Copyright (c) 1985, 1989, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)ftp.1 8.3 (Berkeley) 10/9/94 -.\" -.Dd April 27, 1996 -.Dt FTP 1 -.Os BSD 4.2 -.Sh NAME -.Nm ftp -.Nd -.Tn ARPANET -file transfer program -.Sh SYNOPSIS -.Nm ftp -.Op Fl t -.Op Fl v -.Op Fl d -.Op Fl i -.Op Fl n -.Op Fl g -.Op Fl p -.Op Ar host -.Sh DESCRIPTION -.Nm Ftp -is the user interface to the -.Tn ARPANET -standard File Transfer Protocol. -The program allows a user to transfer files to and from a -remote network site. -.Pp -Modifications has been made so that it almost follows the ftpsec -Internet draft. -.Pp -Options may be specified at the command line, or to the -command interpreter. -.Bl -tag -width flag -.It Fl t -Enables packet tracing. -.It Fl v -Verbose option forces -.Nm ftp -to show all responses from the remote server, as well -as report on data transfer statistics. -.It Fl n -Restrains -.Nm ftp -from attempting \*(Lqauto-login\*(Rq upon initial connection. -If auto-login is enabled, -.Nm ftp -will check the -.Pa .netrc -(see below) file in the user's home directory for an entry describing -an account on the remote machine. -If no entry exists, -.Nm ftp -will prompt for the remote machine login name (default is the user -identity on the local machine), and, if necessary, prompt for a password -and an account with which to login. -.It Fl i -Turns off interactive prompting during -multiple file transfers. -.It Fl p -Turn on passive mode. -.It Fl d -Enables debugging. -.It Fl g -Disables file name globbing. -.El -.Pp -The client host with which -.Nm ftp -is to communicate may be specified on the command line. -If this is done, -.Nm ftp -will immediately attempt to establish a connection to an -.Tn FTP -server on that host; otherwise, -.Nm ftp -will enter its command interpreter and await instructions -from the user. -When -.Nm ftp -is awaiting commands from the user the prompt -.Ql ftp> -is provided to the user. -The following commands are recognized -by -.Nm ftp : -.Bl -tag -width Fl -.It Ic \&! Op Ar command Op Ar args -Invoke an interactive shell on the local machine. -If there are arguments, the first is taken to be a command to execute -directly, with the rest of the arguments as its arguments. -.It Ic \&$ Ar macro-name Op Ar args -Execute the macro -.Ar macro-name -that was defined with the -.Ic macdef -command. -Arguments are passed to the macro unglobbed. -.It Ic account Op Ar passwd -Supply a supplemental password required by a remote system for access -to resources once a login has been successfully completed. -If no argument is included, the user will be prompted for an account -password in a non-echoing input mode. -.It Ic append Ar local-file Op Ar remote-file -Append a local file to a file on the remote machine. -If -.Ar remote-file -is left unspecified, the local file name is used in naming the -remote file after being altered by any -.Ic ntrans -or -.Ic nmap -setting. -File transfer uses the current settings for -.Ic type , -.Ic format , -.Ic mode , -and -.Ic structure . -.It Ic ascii -Set the file transfer -.Ic type -to network -.Tn ASCII . -This is the default type. -.It Ic bell -Arrange that a bell be sounded after each file transfer -command is completed. -.It Ic binary -Set the file transfer -.Ic type -to support binary image transfer. -.It Ic bye -Terminate the -.Tn FTP -session with the remote server -and exit -.Nm ftp . -An end of file will also terminate the session and exit. -.It Ic case -Toggle remote computer file name case mapping during -.Ic mget -commands. -When -.Ic case -is on (default is off), remote computer file names with all letters in -upper case are written in the local directory with the letters mapped -to lower case. -.It Ic \&cd Ar remote-directory -Change the working directory on the remote machine -to -.Ar remote-directory . -.It Ic cdup -Change the remote machine working directory to the parent of the -current remote machine working directory. -.It Ic chmod Ar mode file-name -Change the permission modes of the file -.Ar file-name -on the remote -sytem to -.Ar mode . -.It Ic close -Terminate the -.Tn FTP -session with the remote server, and -return to the command interpreter. -Any defined macros are erased. -.It Ic \&cr -Toggle carriage return stripping during -ascii type file retrieval. -Records are denoted by a carriage return/linefeed sequence -during ascii type file transfer. -When -.Ic \&cr -is on (the default), carriage returns are stripped from this -sequence to conform with the -.Ux -single linefeed record -delimiter. -Records on -.Pf non\- Ns Ux -remote systems may contain single linefeeds; -when an ascii type transfer is made, these linefeeds may be -distinguished from a record delimiter only when -.Ic \&cr -is off. -.It Ic delete Ar remote-file -Delete the file -.Ar remote-file -on the remote machine. -.It Ic debug Op Ar debug-value -Toggle debugging mode. -If an optional -.Ar debug-value -is specified it is used to set the debugging level. -When debugging is on, -.Nm ftp -prints each command sent to the remote machine, preceded -by the string -.Ql \-\-> -.It Xo -.Ic dir -.Op Ar remote-directory -.Op Ar local-file -.Xc -Print a listing of the directory contents in the -directory, -.Ar remote-directory , -and, optionally, placing the output in -.Ar local-file . -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic dir -output. -If no directory is specified, the current working -directory on the remote machine is used. -If no local -file is specified, or -.Ar local-file -is -.Fl , -output comes to the terminal. -.It Ic disconnect -A synonym for -.Ar close . -.It Ic form Ar format -Set the file transfer -.Ic form -to -.Ar format . -The default format is \*(Lqfile\*(Rq. -.It Ic get Ar remote-file Op Ar local-file -Retrieve the -.Ar remote-file -and store it on the local machine. -If the local -file name is not specified, it is given the same -name it has on the remote machine, subject to -alteration by the current -.Ic case , -.Ic ntrans , -and -.Ic nmap -settings. -The current settings for -.Ic type , -.Ic form , -.Ic mode , -and -.Ic structure -are used while transferring the file. -.It Ic glob -Toggle filename expansion for -.Ic mdelete , -.Ic mget -and -.Ic mput . -If globbing is turned off with -.Ic glob , -the file name arguments -are taken literally and not expanded. -Globbing for -.Ic mput -is done as in -.Xr csh 1 . -For -.Ic mdelete -and -.Ic mget , -each remote file name is expanded -separately on the remote machine and the lists are not merged. -Expansion of a directory name is likely to be -different from expansion of the name of an ordinary file: -the exact result depends on the foreign operating system and ftp server, -and can be previewed by doing -.Ql mls remote-files \- . -As a security measure, remotely globbed files that starts with -.Sq / -or contains -.Sq ../ , -will not be automatically received. If you have interactive prompting -turned off, these filenames will be ignored. Note: -.Ic mget -and -.Ic mput -are not meant to transfer -entire directory subtrees of files. -That can be done by -transferring a -.Xr tar 1 -archive of the subtree (in binary mode). -.It Ic hash -Toggle hash-sign (``#'') printing for each data block -transferred. -The size of a data block is 1024 bytes. -.It Ic help Op Ar command -Print an informative message about the meaning of -.Ar command . -If no argument is given, -.Nm ftp -prints a list of the known commands. -.It Ic idle Op Ar seconds -Set the inactivity timer on the remote server to -.Ar seconds -seconds. -If -.Ar seconds -is omitted, the current inactivity timer is printed. -.It Ic lcd Op Ar directory -Change the working directory on the local machine. -If -no -.Ar directory -is specified, the user's home directory is used. -.It Xo -.Ic \&ls -.Op Ar remote-directory -.Op Ar local-file -.Xc -Print a listing of the contents of a -directory on the remote machine. -The listing includes any system-dependent information that the server -chooses to include; for example, most -.Ux -systems will produce -output from the command -.Ql ls \-l . -(See also -.Ic nlist . ) -If -.Ar remote-directory -is left unspecified, the current working directory is used. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic \&ls -output. -If no local file is specified, or if -.Ar local-file -is -.Sq Fl , -the output is sent to the terminal. -.It Ic macdef Ar macro-name -Define a macro. -Subsequent lines are stored as the macro -.Ar macro-name ; -a null line (consecutive newline characters -in a file or -carriage returns from the terminal) terminates macro input mode. -There is a limit of 16 macros and 4096 total characters in all -defined macros. -Macros remain defined until a -.Ic close -command is executed. -The macro processor interprets `$' and `\e' as special characters. -A `$' followed by a number (or numbers) is replaced by the -corresponding argument on the macro invocation command line. -A `$' followed by an `i' signals that macro processor that the -executing macro is to be looped. -On the first pass `$i' is -replaced by the first argument on the macro invocation command line, -on the second pass it is replaced by the second argument, and so on. -A `\e' followed by any character is replaced by that character. -Use the `\e' to prevent special treatment of the `$'. -.It Ic mdelete Op Ar remote-files -Delete the -.Ar remote-files -on the remote machine. -.It Ic mdir Ar remote-files local-file -Like -.Ic dir , -except multiple remote files may be specified. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic mdir -output. -.It Ic mget Ar remote-files -Expand the -.Ar remote-files -on the remote machine -and do a -.Ic get -for each file name thus produced. -See -.Ic glob -for details on the filename expansion. -Resulting file names will then be processed according to -.Ic case , -.Ic ntrans , -and -.Ic nmap -settings. -Files are transferred into the local working directory, -which can be changed with -.Ql lcd directory ; -new local directories can be created with -.Ql "\&! mkdir directory" . -.It Ic mkdir Ar directory-name -Make a directory on the remote machine. -.It Ic mls Ar remote-files local-file -Like -.Ic nlist , -except multiple remote files may be specified, -and the -.Ar local-file -must be specified. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic mls -output. -.It Ic mode Op Ar mode-name -Set the file transfer -.Ic mode -to -.Ar mode-name . -The default mode is \*(Lqstream\*(Rq mode. -.It Ic modtime Ar file-name -Show the last modification time of the file on the remote machine. -.It Ic mput Ar local-files -Expand wild cards in the list of local files given as arguments -and do a -.Ic put -for each file in the resulting list. -See -.Ic glob -for details of filename expansion. -Resulting file names will then be processed according to -.Ic ntrans -and -.Ic nmap -settings. -.It Ic newer Ar file-name -Get the file only if the modification time of the remote file is more -recent that the file on the current system. -If the file does not -exist on the current system, the remote file is considered -.Ic newer . -Otherwise, this command is identical to -.Ar get . -.It Xo -.Ic nlist -.Op Ar remote-directory -.Op Ar local-file -.Xc -Print a list of the files in a -directory on the remote machine. -If -.Ar remote-directory -is left unspecified, the current working directory is used. -If interactive prompting is on, -.Nm ftp -will prompt the user to verify that the last argument is indeed the -target local file for receiving -.Ic nlist -output. -If no local file is specified, or if -.Ar local-file -is -.Fl , -the output is sent to the terminal. -.It Ic nmap Op Ar inpattern outpattern -Set or unset the filename mapping mechanism. -If no arguments are specified, the filename mapping mechanism is unset. -If arguments are specified, remote filenames are mapped during -.Ic mput -commands and -.Ic put -commands issued without a specified remote target filename. -If arguments are specified, local filenames are mapped during -.Ic mget -commands and -.Ic get -commands issued without a specified local target filename. -This command is useful when connecting to a -.No non\- Ns Ux -remote computer -with different file naming conventions or practices. -The mapping follows the pattern set by -.Ar inpattern -and -.Ar outpattern . -.Op Ar Inpattern -is a template for incoming filenames (which may have already been -processed according to the -.Ic ntrans -and -.Ic case -settings). -Variable templating is accomplished by including the -sequences `$1', `$2', ..., `$9' in -.Ar inpattern . -Use `\\' to prevent this special treatment of the `$' character. -All other characters are treated literally, and are used to determine the -.Ic nmap -.Op Ar inpattern -variable values. -For example, given -.Ar inpattern -$1.$2 and the remote file name "mydata.data", $1 would have the value -"mydata", and $2 would have the value "data". -The -.Ar outpattern -determines the resulting mapped filename. -The sequences `$1', `$2', ...., `$9' are replaced by any value resulting -from the -.Ar inpattern -template. -The sequence `$0' is replace by the original filename. -Additionally, the sequence -.Ql Op Ar seq1 , Ar seq2 -is replaced by -.Op Ar seq1 -if -.Ar seq1 -is not a null string; otherwise it is replaced by -.Ar seq2 . -For example, the command -.Pp -.Bd -literal -offset indent -compact -nmap $1.$2.$3 [$1,$2].[$2,file] -.Ed -.Pp -would yield -the output filename "myfile.data" for input filenames "myfile.data" and -"myfile.data.old", "myfile.file" for the input filename "myfile", and -"myfile.myfile" for the input filename ".myfile". -Spaces may be included in -.Ar outpattern , -as in the example: `nmap $1 sed "s/ *$//" > $1' . -Use the `\e' character to prevent special treatment -of the `$','[','[', and `,' characters. -.It Ic ntrans Op Ar inchars Op Ar outchars -Set or unset the filename character translation mechanism. -If no arguments are specified, the filename character -translation mechanism is unset. -If arguments are specified, characters in -remote filenames are translated during -.Ic mput -commands and -.Ic put -commands issued without a specified remote target filename. -If arguments are specified, characters in -local filenames are translated during -.Ic mget -commands and -.Ic get -commands issued without a specified local target filename. -This command is useful when connecting to a -.No non\- Ns Ux -remote computer -with different file naming conventions or practices. -Characters in a filename matching a character in -.Ar inchars -are replaced with the corresponding character in -.Ar outchars . -If the character's position in -.Ar inchars -is longer than the length of -.Ar outchars , -the character is deleted from the file name. -.It Ic open Ar host Op Ar port -Establish a connection to the specified -.Ar host -.Tn FTP -server. -An optional port number may be supplied, -in which case, -.Nm ftp -will attempt to contact an -.Tn FTP -server at that port. -If the -.Ic auto-login -option is on (default), -.Nm ftp -will also attempt to automatically log the user in to -the -.Tn FTP -server (see below). -.It Ic passive -Toggle passive mode. If passive mode is turned on -(default is off), the ftp client will -send a -.Dv PASV -command for all data connections instead of the usual -.Dv PORT -command. The -.Dv PASV -command requests that the remote server open a port for the data connection -and return the address of that port. The remote server listens on that -port and the client connects to it. When using the more traditional -.Dv PORT -command, the client listens on a port and sends that address to the remote -server, who connects back to it. Passive mode is useful when using -.Nm ftp -through a gateway router or host that controls the directionality of -traffic. -(Note that though ftp servers are required to support the -.Dv PASV -command by RFC 1123, some do not.) -.It Ic prompt -Toggle interactive prompting. -Interactive prompting -occurs during multiple file transfers to allow the -user to selectively retrieve or store files. -If prompting is turned off (default is on), any -.Ic mget -or -.Ic mput -will transfer all files, and any -.Ic mdelete -will delete all files. -.It Ic proxy Ar ftp-command -Execute an ftp command on a secondary control connection. -This command allows simultaneous connection to two remote ftp -servers for transferring files between the two servers. -The first -.Ic proxy -command should be an -.Ic open , -to establish the secondary control connection. -Enter the command "proxy ?" to see other ftp commands executable on the -secondary connection. -The following commands behave differently when prefaced by -.Ic proxy : -.Ic open -will not define new macros during the auto-login process, -.Ic close -will not erase existing macro definitions, -.Ic get -and -.Ic mget -transfer files from the host on the primary control connection -to the host on the secondary control connection, and -.Ic put , -.Ic mput , -and -.Ic append -transfer files from the host on the secondary control connection -to the host on the primary control connection. -Third party file transfers depend upon support of the ftp protocol -.Dv PASV -command by the server on the secondary control connection. -.It Ic put Ar local-file Op Ar remote-file -Store a local file on the remote machine. -If -.Ar remote-file -is left unspecified, the local file name is used -after processing according to any -.Ic ntrans -or -.Ic nmap -settings -in naming the remote file. -File transfer uses the -current settings for -.Ic type , -.Ic format , -.Ic mode , -and -.Ic structure . -.It Ic pwd -Print the name of the current working directory on the remote -machine. -.It Ic quit -A synonym for -.Ic bye . -.It Ic quote Ar arg1 arg2 ... -The arguments specified are sent, verbatim, to the remote -.Tn FTP -server. -.It Ic recv Ar remote-file Op Ar local-file -A synonym for get. -.It Ic reget Ar remote-file Op Ar local-file -Reget acts like get, except that if -.Ar local-file -exists and is -smaller than -.Ar remote-file , -.Ar local-file -is presumed to be -a partially transferred copy of -.Ar remote-file -and the transfer -is continued from the apparent point of failure. -This command -is useful when transferring very large files over networks that -are prone to dropping connections. -.It Ic remotehelp Op Ar command-name -Request help from the remote -.Tn FTP -server. -If a -.Ar command-name -is specified it is supplied to the server as well. -.It Ic remotestatus Op Ar file-name -With no arguments, show status of remote machine. -If -.Ar file-name -is specified, show status of -.Ar file-name -on remote machine. -.It Xo -.Ic rename -.Op Ar from -.Op Ar to -.Xc -Rename the file -.Ar from -on the remote machine, to the file -.Ar to . -.It Ic reset -Clear reply queue. -This command re-synchronizes command/reply sequencing with the remote -ftp server. -Resynchronization may be necessary following a violation of the ftp protocol -by the remote server. -.It Ic restart Ar marker -Restart the immediately following -.Ic get -or -.Ic put -at the -indicated -.Ar marker . -On -.Ux -systems, marker is usually a byte -offset into the file. -.It Ic rmdir Ar directory-name -Delete a directory on the remote machine. -.It Ic runique -Toggle storing of files on the local system with unique filenames. -If a file already exists with a name equal to the target -local filename for a -.Ic get -or -.Ic mget -command, a ".1" is appended to the name. -If the resulting name matches another existing file, -a ".2" is appended to the original name. -If this process continues up to ".99", an error -message is printed, and the transfer does not take place. -The generated unique filename will be reported. -Note that -.Ic runique -will not affect local files generated from a shell command -(see below). -The default value is off. -.It Ic send Ar local-file Op Ar remote-file -A synonym for put. -.It Ic sendport -Toggle the use of -.Dv PORT -commands. -By default, -.Nm ftp -will attempt to use a -.Dv PORT -command when establishing -a connection for each data transfer. -The use of -.Dv PORT -commands can prevent delays -when performing multiple file transfers. -If the -.Dv PORT -command fails, -.Nm ftp -will use the default data port. -When the use of -.Dv PORT -commands is disabled, no attempt will be made to use -.Dv PORT -commands for each data transfer. -This is useful -for certain -.Tn FTP -implementations which do ignore -.Dv PORT -commands but, incorrectly, indicate they've been accepted. -.It Ic site Ar arg1 arg2 ... -The arguments specified are sent, verbatim, to the remote -.Tn FTP -server as a -.Dv SITE -command. -.It Ic size Ar file-name -Return size of -.Ar file-name -on remote machine. -.It Ic status -Show the current status of -.Nm ftp . -.It Ic struct Op Ar struct-name -Set the file transfer -.Ar structure -to -.Ar struct-name . -By default \*(Lqstream\*(Rq structure is used. -.It Ic sunique -Toggle storing of files on remote machine under unique file names. -Remote ftp server must support ftp protocol -.Dv STOU -command for -successful completion. -The remote server will report unique name. -Default value is off. -.It Ic system -Show the type of operating system running on the remote machine. -.It Ic tenex -Set the file transfer type to that needed to -talk to -.Tn TENEX -machines. -.It Ic trace -Toggle packet tracing. -.It Ic type Op Ar type-name -Set the file transfer -.Ic type -to -.Ar type-name . -If no type is specified, the current type -is printed. -The default type is network -.Tn ASCII . -.It Ic umask Op Ar newmask -Set the default umask on the remote server to -.Ar newmask . -If -.Ar newmask -is omitted, the current umask is printed. -.It Xo -.Ic user Ar user-name -.Op Ar password -.Op Ar account -.Xc -Identify yourself to the remote -.Tn FTP -server. -If the -.Ar password -is not specified and the server requires it, -.Nm ftp -will prompt the user for it (after disabling local echo). -If an -.Ar account -field is not specified, and the -.Tn FTP -server -requires it, the user will be prompted for it. -If an -.Ar account -field is specified, an account command will -be relayed to the remote server after the login sequence -is completed if the remote server did not require it -for logging in. -Unless -.Nm ftp -is invoked with \*(Lqauto-login\*(Rq disabled, this -process is done automatically on initial connection to -the -.Tn FTP -server. -.It Ic verbose -Toggle verbose mode. -In verbose mode, all responses from -the -.Tn FTP -server are displayed to the user. -In addition, -if verbose is on, when a file transfer completes, statistics -regarding the efficiency of the transfer are reported. -By default, -verbose is on. -.It Ic \&? Op Ar command -A synonym for help. -.El -.Pp -The following command can be used with ftpsec-aware servers. -.Bl -tag -width Fl -.It Xo -.Ic prot -.Ar clear | -.Ar safe | -.Ar confidential | -.Ar private -.Xc -Set the data protection level to the requested level. -.El -.Pp -The following command can be used with ftp servers that has -implemented the KAUTH site command. -.Bl -tag -width Fl -.It Ic kauth Op Ar principal -Obtain remote tickets. -.El -.Pp -Command arguments which have embedded spaces may be quoted with -quote `"' marks. -.Sh ABORTING A FILE TRANSFER -To abort a file transfer, use the terminal interrupt key -(usually Ctrl-C). -Sending transfers will be immediately halted. -Receiving transfers will be halted by sending a ftp protocol -.Dv ABOR -command to the remote server, and discarding any further data received. -The speed at which this is accomplished depends upon the remote -server's support for -.Dv ABOR -processing. -If the remote server does not support the -.Dv ABOR -command, an -.Ql ftp> -prompt will not appear until the remote server has completed -sending the requested file. -.Pp -The terminal interrupt key sequence will be ignored when -.Nm ftp -has completed any local processing and is awaiting a reply -from the remote server. -A long delay in this mode may result from the ABOR processing described -above, or from unexpected behavior by the remote server, including -violations of the ftp protocol. -If the delay results from unexpected remote server behavior, the local -.Nm ftp -program must be killed by hand. -.Sh FILE NAMING CONVENTIONS -Files specified as arguments to -.Nm ftp -commands are processed according to the following rules. -.Bl -enum -.It -If the file name -.Sq Fl -is specified, the -.Ar stdin -(for reading) or -.Ar stdout -(for writing) is used. -.It -If the first character of the file name is -.Sq \&| , -the -remainder of the argument is interpreted as a shell command. -.Nm Ftp -then forks a shell, using -.Xr popen 3 -with the argument supplied, and reads (writes) from the stdout -(stdin). -If the shell command includes spaces, the argument -must be quoted; e.g. -\*(Lq" ls -lt"\*(Rq. -A particularly -useful example of this mechanism is: \*(Lqdir more\*(Rq. -.It -Failing the above checks, if ``globbing'' is enabled, -local file names are expanded -according to the rules used in the -.Xr csh 1 ; -c.f. the -.Ic glob -command. -If the -.Nm ftp -command expects a single local file (.e.g. -.Ic put ) , -only the first filename generated by the "globbing" operation is used. -.It -For -.Ic mget -commands and -.Ic get -commands with unspecified local file names, the local filename is -the remote filename, which may be altered by a -.Ic case , -.Ic ntrans , -or -.Ic nmap -setting. -The resulting filename may then be altered if -.Ic runique -is on. -.It -For -.Ic mput -commands and -.Ic put -commands with unspecified remote file names, the remote filename is -the local filename, which may be altered by a -.Ic ntrans -or -.Ic nmap -setting. -The resulting filename may then be altered by the remote server if -.Ic sunique -is on. -.El -.Sh FILE TRANSFER PARAMETERS -The FTP specification specifies many parameters which may -affect a file transfer. -The -.Ic type -may be one of \*(Lqascii\*(Rq, \*(Lqimage\*(Rq (binary), -\*(Lqebcdic\*(Rq, and \*(Lqlocal byte size\*(Rq (for -.Tn PDP Ns -10's -and -.Tn PDP Ns -20's -mostly). -.Nm Ftp -supports the ascii and image types of file transfer, -plus local byte size 8 for -.Ic tenex -mode transfers. -.Pp -.Nm Ftp -supports only the default values for the remaining -file transfer parameters: -.Ic mode , -.Ic form , -and -.Ic struct . -.Sh THE .netrc FILE -The -.Pa .netrc -file contains login and initialization information -used by the auto-login process. -It resides in the user's home directory. -The following tokens are recognized; they may be separated by spaces, -tabs, or new-lines: -.Bl -tag -width password -.It Ic machine Ar name -Identify a remote machine -.Ar name . -The auto-login process searches the -.Pa .netrc -file for a -.Ic machine -token that matches the remote machine specified on the -.Nm ftp -command line or as an -.Ic open -command argument. -Once a match is made, the subsequent -.Pa .netrc -tokens are processed, -stopping when the end of file is reached or another -.Ic machine -or a -.Ic default -token is encountered. -.It Ic default -This is the same as -.Ic machine -.Ar name -except that -.Ic default -matches any name. -There can be only one -.Ic default -token, and it must be after all -.Ic machine -tokens. -This is normally used as: -.Pp -.Dl default login anonymous password user@site -.Pp -thereby giving the user -.Ar automatic -anonymous ftp login to -machines not specified in -.Pa .netrc . -This can be overridden -by using the -.Fl n -flag to disable auto-login. -.It Ic login Ar name -Identify a user on the remote machine. -If this token is present, the auto-login process will initiate -a login using the specified -.Ar name . -.It Ic password Ar string -Supply a password. -If this token is present, the auto-login process will supply the -specified string if the remote server requires a password as part -of the login process. -Note that if this token is present in the -.Pa .netrc -file for any user other -than -.Ar anonymous , -.Nm ftp -will abort the auto-login process if the -.Pa .netrc -is readable by -anyone besides the user. -.It Ic account Ar string -Supply an additional account password. -If this token is present, the auto-login process will supply the -specified string if the remote server requires an additional -account password, or the auto-login process will initiate an -.Dv ACCT -command if it does not. -.It Ic macdef Ar name -Define a macro. -This token functions like the -.Nm ftp -.Ic macdef -command functions. -A macro is defined with the specified name; its contents begin with the -next -.Pa .netrc -line and continue until a null line (consecutive new-line -characters) is encountered. -If a macro named -.Ic init -is defined, it is automatically executed as the last step in the -auto-login process. -.El -.Sh ENVIRONMENT -.Nm Ftp -utilizes the following environment variables. -.Bl -tag -width Fl -.It Ev HOME -For default location of a -.Pa .netrc -file, if one exists. -.It Ev SHELL -For default shell. -.El -.Sh SEE ALSO -.Xr ftpd 8 , -.%T RFC2228 -.Sh HISTORY -The -.Nm ftp -command appeared in -.Bx 4.2 . -.Sh BUGS -Correct execution of many commands depends upon proper behavior -by the remote server. -.Pp -An error in the treatment of carriage returns -in the -.Bx 4.2 -ascii-mode transfer code -has been corrected. -This correction may result in incorrect transfers of binary files -to and from -.Bx 4.2 -servers using the ascii type. -Avoid this problem by using the binary image type. diff --git a/crypto/kerberosIV/man/ftpd.8 b/crypto/kerberosIV/man/ftpd.8 deleted file mode 100644 index 745090c3f0e0..000000000000 --- a/crypto/kerberosIV/man/ftpd.8 +++ /dev/null @@ -1,473 +0,0 @@ -.\" $NetBSD: ftpd.8,v 1.7 1995/04/11 02:44:53 cgd Exp $ -.\" -.\" Copyright (c) 1985, 1988, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)ftpd.8 8.2 (Berkeley) 4/19/94 -.\" -.Dd April 19, 1997 -.Dt FTPD 8 -.Os BSD 4.2 -.Sh NAME -.Nm ftpd -.Nd Internet File Transfer Protocol server -.Sh SYNOPSIS -.Nm ftpd -.Op Fl a Ar authmode -.Op Fl dilv -.Op Fl g Ar umask -.Op Fl p Ar port -.Op Fl T Ar maxtimeout -.Op Fl t Ar timeout -.Op Fl u Ar default umask -.Sh DESCRIPTION -.Nm Ftpd -is the -Internet File Transfer Protocol -server process. The server uses the -.Tn TCP -protocol -and listens at the port specified in the -.Dq ftp -service specification; see -.Xr services 5 . -.Pp -Available options: -.Bl -tag -width Ds -.It Fl a -Select the level of authentication required. Kerberised login can not -be turned off. The default is to only allow kerberised login. Other -possibilities can be turned on by giving a string of comma separated -flags as argument to -.Fl a . -Recognised flags are: -.Bl -tag -width plain -.It Ar plain -Allow logging in with plaintext password. The password can be a(n) OTP -or an ordinary password. -.It Ar otp -Same as -.Ar plain , -but only OTP is allowed. -.It Ar ftp -Allow anonymous login. -.El -.Pp -The following combination modes exists for backwards compatibility: -.Bl -tag -width plain -.It Ar none -Same as -.Ar plain,ftp . -.It Ar safe -Same as -.Ar ftp . -.It Ar user -Ignored. -.El -.It Fl d -Debugging information is written to the syslog using LOG_FTP. -.It Fl g -Anonymous users will get a umask of -.Ar umask . -.It Fl i -Open a socket and wait for a connection. This is mainly used for -debugging when ftpd isn't started by inetd. -.It Fl l -Each successful and failed -.Xr ftp 1 -session is logged using syslog with a facility of LOG_FTP. -If this option is specified twice, the retrieve (get), store (put), append, -delete, make directory, remove directory and rename operations and -their filename arguments are also logged. -.It Fl p -Use -.Ar port -(a service name or number) instead of the default -.Ar ftp/tcp . -.It Fl T -A client may also request a different timeout period; -the maximum period allowed may be set to -.Ar timeout -seconds with the -.Fl T -option. -The default limit is 2 hours. -.It Fl t -The inactivity timeout period is set to -.Ar timeout -seconds (the default is 15 minutes). -.It Fl u -Set the initial umask to something else than the default 027. -.It Fl v -Verbose mode. -.El -.Pp -The file -.Pa /etc/nologin -can be used to disable ftp access. -If the file exists, -.Nm -displays it and exits. -If the file -.Pa /etc/ftpwelcome -exists, -.Nm -prints it before issuing the -.Dq ready -message. -If the file -.Pa /etc/motd -exists, -.Nm -prints it after a successful login. -.Pp -The ftp server currently supports the following ftp requests. -The case of the requests is ignored. -.Bl -column "Request" -offset indent -.It Request Ta "Description" -.It ABOR Ta "abort previous command" -.It ACCT Ta "specify account (ignored)" -.It ALLO Ta "allocate storage (vacuously)" -.It APPE Ta "append to a file" -.It CDUP Ta "change to parent of current working directory" -.It CWD Ta "change working directory" -.It DELE Ta "delete a file" -.It HELP Ta "give help information" -.It LIST Ta "give list files in a directory" Pq Dq Li "ls -lgA" -.It MKD Ta "make a directory" -.It MDTM Ta "show last modification time of file" -.It MODE Ta "specify data transfer" Em mode -.It NLST Ta "give name list of files in directory" -.It NOOP Ta "do nothing" -.It PASS Ta "specify password" -.It PASV Ta "prepare for server-to-server transfer" -.It PORT Ta "specify data connection port" -.It PWD Ta "print the current working directory" -.It QUIT Ta "terminate session" -.It REST Ta "restart incomplete transfer" -.It RETR Ta "retrieve a file" -.It RMD Ta "remove a directory" -.It RNFR Ta "specify rename-from file name" -.It RNTO Ta "specify rename-to file name" -.It SITE Ta "non-standard commands (see next section)" -.It SIZE Ta "return size of file" -.It STAT Ta "return status of server" -.It STOR Ta "store a file" -.It STOU Ta "store a file with a unique name" -.It STRU Ta "specify data transfer" Em structure -.It SYST Ta "show operating system type of server system" -.It TYPE Ta "specify data transfer" Em type -.It USER Ta "specify user name" -.It XCUP Ta "change to parent of current working directory (deprecated)" -.It XCWD Ta "change working directory (deprecated)" -.It XMKD Ta "make a directory (deprecated)" -.It XPWD Ta "print the current working directory (deprecated)" -.It XRMD Ta "remove a directory (deprecated)" -.El -.Pp -The following commands are specified by RFC2228. -.Bl -column Request -offset indent -.It AUTH Ta "authentication/security mechanism" -.It ADAT Ta "authentication/security data" -.It PROT Ta "data channel protection level" -.It PBSZ Ta "protection buffer size" -.It MIC Ta "integrity protected command" -.It CONF Ta "confidentiality protected command" -.It ENC Ta "privacy protected command" -.It CCC Ta "clear command channel" -.El -.Pp -The following non-standard or -.Tn UNIX -specific commands are supported -by the -SITE request. -.Pp -.Bl -column Request -offset indent -.It UMASK Ta change umask, (e.g. -.Ic "SITE UMASK 002" ) -.It IDLE Ta set idle-timer, (e.g. -.Ic "SITE IDLE 60" ) -.It CHMOD Ta change mode of a file (e.g. -.Ic "SITE CHMOD 755 filename" ) -.It FIND Ta quickly find a specific file with GNU -.Xr locate 1 . -.It HELP Ta give help information. -.El -.Pp -The following Kerberos related site commands are understood. -.Bl -column Request -offset indent -.It KAUTH Ta obtain remote tickets. -.It KLIST Ta show remote tickets -.El -.Pp -The remaining ftp requests specified in Internet RFC 959 -are -recognized, but not implemented. -MDTM and SIZE are not specified in RFC 959, but will appear in the -next updated FTP RFC. -.Pp -The ftp server will abort an active file transfer only when the -ABOR -command is preceded by a Telnet "Interrupt Process" (IP) -signal and a Telnet "Synch" signal in the command Telnet stream, -as described in Internet RFC 959. -If a -STAT -command is received during a data transfer, preceded by a Telnet IP -and Synch, transfer status will be returned. -.Pp -.Nm Ftpd -interprets file names according to the -.Dq globbing -conventions used by -.Xr csh 1 . -This allows users to utilize the metacharacters -.Dq Li \&*?[]{}~ . -.Pp -.Nm Ftpd -authenticates users according to these rules. -.Pp -.Bl -enum -offset indent -.It -If Kerberos authentication is used, the user must pass valid tickets -and the principal must be allowed to login as the remote user. -.It -The login name must be in the password data base, and not have a null -password (if kerberos is used the password field is not checked). In -this case a password must be provided by the client before any file -operations may be performed. If the user has an OTP key, the response -from a successful USER command will include an OTP challenge. The -client may choose to respond with a PASS command giving either a -standard password or an OTP one-time password. The server will -automatically determine which type of password it has been given and -attempt to authenticate accordingly. See -.Xr otp 1 -for more information on OTP authentication. -.It -The login name must not appear in the file -.Pa /etc/ftpusers . -.It -The user must have a standard shell returned by -.Xr getusershell 3 . -.It -If the user name appears in the file -.Pa /etc/ftpchroot -the session's root will be changed to the user's login directory by -.Xr chroot 2 -as for an -.Dq anonymous -or -.Dq ftp -account (see next item). However, the user must still supply a password. -This feature is intended as a compromise between a fully anonymous account -and a fully privileged account. The account should also be set up as for an -anonymous account. -.It -If the user name is -.Dq anonymous -or -.Dq ftp , -an -anonymous ftp account must be present in the password -file (user -.Dq ftp ) . -In this case the user is allowed -to log in by specifying any password (by convention an email address for -the user should be used as the password). -.El -.Pp -In the last case, -.Nm ftpd -takes special measures to restrict the client's access privileges. -The server performs a -.Xr chroot 2 -to the home directory of the -.Dq ftp -user. -In order that system security is not breached, it is recommended -that the -.Dq ftp -subtree be constructed with care, consider following these guidelines -for anonymous ftp. -.Pp -In general all files should be owned by -.Dq root , -and have non-write permissions (644 or 755 depending on the kind of -file). No files should be owned or writable by -.Dq ftp -(possibly with exception for the -.Pa ~ftp/incoming , -as specified below). -.Bl -tag -width "~ftp/pub" -offset indent -.It Pa ~ftp -The -.Dq ftp -homedirectory should be owned by root. -.It Pa ~ftp/bin -The directory for external programs (such as -.Xr ls 1 ) . -These programs must either be statically linked, or you must setup an -environment for dynamic linking when running chrooted. -These programs will be used if present: -.Bl -tag -width "locate" -offset indent -.It ls -Used when listing files. -.It compress -When retrieving a filename that ends in -.Pa .Z , -and that file isn't present, -.Nm -will try to find the filename without -.Pa .Z -and compress it on the fly. -.It gzip -Same as compress, just with files ending in -.Pa .gz . -.It gtar -Enables retrieval of whole directories as files ending in -.Pa .tar . -Can also be combined with compression. You must use GNU Tar (or some -other that supports the -.Fl z -and -.Fl Z -flags). -.It locate -Will enable ``fast find'' with the -.Ic SITE FIND -command. You must also create a -.Pa locatedb -file in -.Pa ~ftp/etc . -.El -.It Pa ~ftp/etc -If you put copies of the -.Xr passwd 5 -and -.Xr group 5 -files here, ls will be able to produce owner names rather than -numbers. Remember to remove any passwords from these files. -.Pp -The file -.Pa motd , -if present, will be printed after a successful login. -.It Pa ~ftp/dev -Put a copy of -.Xr /dev/null 7 -here. -.It Pa ~ftp/pub -Traditional place to put whatever you want to make public. -.El -.Pp -If you want guests to be able to upload files, create a -.Pa ~ftp/incoming -directory owned by -.Dq root , -and group -.Dq ftp -with mode 730 (make sure -.Dq ftp -is member of group -.Dq ftp ) . -The following restrictions apply to anonymous users: -.Bl -bullet -.It -Directories created will have mode 700. -.It -Uploaded files will be created with an umask of 777, if not changed -with the -.Fl g -option. -.It -These command are not accessible: -.Ic DELE , RMD , RNTO , RNFR , -.Ic SITE UMASK , -and -.Ic SITE CHMOD . -.It -Filenames must start with an alpha-numeric character, and consist of -alpha-numeric characters or any of the following: -.Li \&+ -(plus), -.Li \&- -(minus), -.Li \&= -(equal), -.Li \&_ -(underscore), -.Li \&. -(period), and -.Li \&, -(comma). -.El -.Sh FILES -.Bl -tag -width /etc/ftpwelcome -compact -.It Pa /etc/ftpusers -Access list for users. -.It Pa /etc/ftpchroot -List of normal users who should be chroot'd. -.It Pa /etc/ftpwelcome -Welcome notice. -.It Pa /etc/motd -Welcome notice after login. -.It Pa /etc/nologin -Displayed and access refused. -.It Pa ~/.klogin -Login access for Kerberos. -.El -.Sh SEE ALSO -.Xr ftp 1 , -.Xr otp 1 , -.Xr getusershell 3 , -.Xr ftpusers 5 , -.Xr syslogd 8 , -.Sh STANDARDS -.Bl -tag -compact -width "RFC 1938" -.It Cm RFC 959 -FTP PROTOCOL SPECIFICATION -.It Cm RFC 1938 -OTP Specification -.It Cm RFC 2228 -FTP Security Extensions. -.El -.Sh BUGS -The server must run as the super-user -to create sockets with privileged port numbers. It maintains -an effective user id of the logged in user, reverting to -the super-user only when binding addresses to sockets. The -possible security holes have been extensively -scrutinized, but are possibly incomplete. -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . diff --git a/crypto/kerberosIV/man/ftpusers.5 b/crypto/kerberosIV/man/ftpusers.5 deleted file mode 100644 index c1960d192beb..000000000000 --- a/crypto/kerberosIV/man/ftpusers.5 +++ /dev/null @@ -1,37 +0,0 @@ -.\" $Id: ftpusers.5,v 1.2 1997/05/07 20:11:11 joda Exp $ -.\" -.Dd May 7, 1997 -.Dt FTPUSERS 5 -.Os KTH-KRB -.Sh NAME -.Pa /etc/ftpusers -.Nd FTP access list file -.Sh DESCRIPTION -.Pa /etc/ftpusers -contains a list of users that should be allowed or denied FTP -access. Each line contains a user, optionally followed by -.Dq allow -(anything but -.Dq allow -is ignored). The semi-user -.Dq * -matches any user. Users that has an explicit -.Dq allow , -or that does not match any line, are allowed access. Anyone else is -denied access. -.Pp -Note that this is compatible with the old format, where this file -contained a list of users that should be denied access. -.Sh EXAMPLES -This will deny anyone but -.Dq foo -and -.Dq bar -to use FTP: -.Bd -literal -foo allow -bar allow -* -.Ed -.Sh SEE ALSO -.Xr ftpd 8 diff --git a/crypto/kerberosIV/man/getusershell.3 b/crypto/kerberosIV/man/getusershell.3 deleted file mode 100644 index 84dc3ad932ba..000000000000 --- a/crypto/kerberosIV/man/getusershell.3 +++ /dev/null @@ -1,99 +0,0 @@ -.\" $NetBSD: getusershell.3,v 1.3 1995/02/27 04:13:24 cgd Exp $ -.\" -.\" Copyright (c) 1985, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)getusershell.3 8.1 (Berkeley) 6/4/93 -.\" -.Dd June 4, 1993 -.Dt GETUSERSHELL 3 -.Os BSD 4.3 -.Sh NAME -.Nm getusershell , -.Nm setusershell , -.Nm endusershell -.Nd get legal user shells -.Sh SYNOPSIS -.Ft char * -.Fn getusershell void -.Ft void -.Fn setusershell void -.Ft void -.Fn endusershell void -.Sh DESCRIPTION -The -.Fn getusershell -function -returns a pointer to a legal user shell as defined by the -system manager in the file -.Pa /etc/shells . -If -.Pa /etc/shells -is unreadable or does not exist, -.Fn getusershell -behaves as if -.Pa /bin/sh -and -.Pa /bin/csh -were listed in the file. -.Pp -The -.Fn getusershell -function -reads the next -line (opening the file if necessary); -.Fn setusershell -rewinds the file; -.Fn endusershell -closes it. -.Sh FILES -.Bl -tag -width /etc/shells -compact -.It Pa /etc/shells -.El -.Sh DIAGNOSTICS -The routine -.Fn getusershell -returns a null pointer (0) on -.Dv EOF . -.Sh SEE ALSO -.Xr shells 5 -.Sh HISTORY -The -.Fn getusershell -function appeared in -.Bx 4.3 . -.Sh BUGS -The -.Fn getusershell -function leaves its result in an internal static object and returns -a pointer to that object. Subsequent calls to -.Fn getusershell -will modify the same object. diff --git a/crypto/kerberosIV/man/kadmin.8 b/crypto/kerberosIV/man/kadmin.8 deleted file mode 100644 index bc2f43bb7d01..000000000000 --- a/crypto/kerberosIV/man/kadmin.8 +++ /dev/null @@ -1,138 +0,0 @@ -.\" $Id: kadmin.8,v 1.6 1998/12/18 16:56:29 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.Dd February 3, 1998 -.Dt KADMIN 8 -.Os "KTH-KRB" -.Sh NAME -.Nm kadmin -.Nd "network utility for Kerberos database administration" -.Sh SYNOPSIS -.Nm -.Op Fl p Ar principal -.Op Fl u Ar username -.Op Fl r Ar realm -.Op Fl m -.Op Fl T Ar timeout -.Op Fl t -.Op Fl -version -.Op Fl h -.Op Fl -help -.Op Ar command -.Sh DESCRIPTION -This utility provides a unified administration interface to the -Kerberos master database. Kerberos administrators use -.Nm -to register new users and services to the master database, and to -change information about existing database entries, such as changing a -user's Kerberos password. A Kerberos administrator is a user with an -.Dq admin -instance whose name appears on one of the Kerberos administration -access control lists. -.Pp -Supported options: -.Bl -tag -width Ds -.It Fl p Ar principal -This is the adminstrator principal to use when talking to the Kadmin -server. The default is taken from the users environment. -.It Fl r Ar realm -This is the default realm to use for transactions. Default is the -local realm. -.It Fl u Ar username -This is similar to -.Fl p , -but specifies a name, that gets appended with a -.Dq admin -instance. -.It Fl T Ar timeout -To prevent someone from walking up to an unguarded terminal and doing -malicious things, administrator tickets are destroyed after a period -of inactivity. This flag changes the timeout from the default of one -minute. A timeout of zero seconds disables this functionality. -.It Fl m -Historically -.Nm -destroyed tickets after every command; this flag used to stop this -behaviour (only destroying tickets upon exit). Now it's just a synonym -for -.Fl T Ar 0 . -.It Fl t -Use existing tickets (if any are available), this also disbles -timeout, and doesn't destroy any tickets upon exit. -.Pp -These tickets have to be for the changepw.kerberos service. Use -.Nm kinit -p -to acquire them. -.El -.Pp -The -.Nm -program communicates over the network with the -.Nm kadmind -program, which runs on the machine housing the Kerberos master -database, and does the actual modifications to the database. -.Pp -When you enter the -.Nm -command, the program displays a message that welcomes you and explains -how to ask for help. Then -.Nm -waits for you to enter commands (which are described below). It then -asks you for your administrator's password before accessing the -database. -.Pp -All commands can be abbreviated as long as they are unique. Some -short versions of the commands are also recognized for backwards -compatibility. -.Pp -Recognised commands: -.Bl -tag -width Ds -.It add_new_key Ar principal -Creates a new principal in the Kerberos database. You give the name of -the new principal as an argument. You will then be asked for a maximum -ticket lifetime, attributes, the expiration date of the principal, and -finally the password of the principal. -.It change_password Ar principal -Changes a principal's password. You will be prompted for the new -password. -.It change_key Ar principal -This is the same as change_password, but the password is given as a -raw DES key (for the few occations when you need this). -.It change_admin_password -Changes your own admin password. It will prompt you for you old and -new passwords. -.It del_entry Ar principal -Removes principal from the database. -.It get_entry Ar principal -Show various information for the given principal. Note that the key is -shown as zeros. -.It mod_entry Ar principal -Modifies a particular entry, for instance to change the expiration -date. -.It destroy_tickets -Destroys your admin tickets explicitly. -.It quit -Obvious. -.El -.\".Sh ENVIRONMENT -.\".Sh FILES -.\".Sh EXAMPLES -.\".Sh DIAGNOSTICS -.Sh SEE ALSO -.Xr kerberos 1 , -.Xr kadmind 8 , -.Xr kpasswd 1 , -.Xr kinit 1 , -.Xr ksrvutil 8 -.\".Sh STANDARDS -.\".Sh HISTORY -.Sh AUTHORS -Jeffrey I. Schiller, MIT Project Athena -.Pp -Emanuel Jay Berkenbilt, MIT Project Athena -.Sh BUGS -The user interface is primitive, and the command names could be -better. diff --git a/crypto/kerberosIV/man/kadmind.8 b/crypto/kerberosIV/man/kadmind.8 deleted file mode 100644 index 71660faa23fe..000000000000 --- a/crypto/kerberosIV/man/kadmind.8 +++ /dev/null @@ -1,134 +0,0 @@ -.\" $Id: kadmind.8,v 1.6 1999/09/15 15:10:08 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KADMIND 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kadmind \- network daemon for Kerberos database administration -.SH SYNOPSIS -.B kadmind -[ -.B \-n -] [ -.B \-m -] [ -.B \-h -] [ -.B \-r realm -] [ -.B \-f filename -] [ -.B \-d dbname -] [ -.B \-a acldir -] [ -.B \-i address -] -.SH DESCRIPTION -.I kadmind -is the network database server for the Kerberos password-changing and -administration tools. -.PP -Upon execution, it fetches the master key from the key cache file. -.PP -If the -.B \-m -option is specified, it instead prompts the user to enter the master -key string for the database. -.PP -The -.B \-n -option is a no-op and is left for compatibility reasons. -.PP -If the -.B \-r -.I realm -option is specified, the admin server will pretend that its -local realm is -.I realm -instead of the actual local realm of the host it is running on. -This makes it possible to run a server for a foreign kerberos -realm. -.PP -If the -.B \-f -.I filename -option is specified, then that file is used to hold the log information -instead of the default. -.PP -If the -.B \-d -.I dbname -option is specified, then that file is used as the database name instead -of the default. -.PP -If the -.B \-a -.I acldir -option is specified, then -.I acldir -is used as the directory in which to search for access control lists -instead of the default. -.PP -If the -.B \-h -option is specified, -.I kadmind -prints out a short summary of the permissible control arguments, and -then exits. -.PP -If the -.B \-i -option is specified, -.I kadmind -will only listen on that particular address and not on all configured -addresses of the host, which is the default. -.PP -When performing requests on behalf of clients, -.I kadmind -checks access control lists (ACLs) to determine the authorization of the client -to perform the requested action. -Currently four distinct access types are supported: -.TP 1i -Addition -(.add ACL file). If a principal is on this list, it may add new -principals to the database. -.TP -Retrieval -(.get ACL file). If a principal is on this list, it may retrieve -database entries. NOTE: A principal's private key is never returned by -the get functions. -.TP -Modification -(.mod ACL file). If a principal is on this list, it may modify entries -in the database. -.TP -Deletions -(.del ACL file). If a principal is on this list, if may delete -entries from the database. -.PP -A principal is always granted authorization to change its own password. -.SH FILES -.TP 20n -/var/log/admin_server.syslog -Default log file. -.TP -/var/kerberos -Default access control list directory. -.TP -admin_acl.{add,get,mod} -Access control list files (within the directory) -.TP -/var/kerberos/principal.pag, /var/kerberos/principal.dir -Default DBM files containing database -.TP -/.k -Master key cache file. -.SH "SEE ALSO" -kerberos(1), kpasswd(1), kadmin(8), acl_check(3) -.SH AUTHORS -Douglas A. Church, MIT Project Athena -.br -John T. Kohl, Project Athena/Digital Equipment Corporation diff --git a/crypto/kerberosIV/man/kafs.3 b/crypto/kerberosIV/man/kafs.3 deleted file mode 100644 index 9afac16e50b3..000000000000 --- a/crypto/kerberosIV/man/kafs.3 +++ /dev/null @@ -1,157 +0,0 @@ -.\" $Id: kafs.3,v 1.3 1998/06/30 15:41:52 assar Exp $ -.\" -.Dd May 7, 1997 -.Os KTH-KRB -.Dt KAFS 3 -.Sh NAME -.Nm k_hasafs , -.Nm k_pioctl , -.Nm k_unlog , -.Nm k_setpag , -.Nm k_afs_cell_of_file , -.Nm krb_afslog , -.Nm krb_afslog_uid -.\" .Nm krb5_afslog , -.\" .Nm krb5_afslog_uid -.Nd AFS library -.Sh SYNOPSIS -.Fd #include -.Ft int -.Fn k_afs_cell_of_file "const char *path" "char *cell" "int len" -.Ft int -.Fn k_hasafs -.Ft int -.Fn k_pioctl "char *a_path" "int o_opcode" "struct ViceIoctl *a_paramsP" "int a_followSymlinks" -.Ft int -.Fn k_setpag -.Ft int -.Fn k_unlog -.Ft int -.Fn krb_afslog "char *cell" "char *realm" -.Ft int -.Fn krb_afslog_uid "char *cell" "char *realm" "uid_t uid" -.\" .Ft krb5_error_code -.\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid" -.\" .Ft krb5_error_code -.\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" -.Sh DESCRIPTION -.Fn k_hasafs -initializes some library internal structures, and tests for the -presense of AFS in the kernel, none of the other functions should be -called before -.Fn k_hasafs -is called, or if it fails. -.Pp -.Fn krb_afslog , -and -.Fn krb_afslog_uid -obtains new tokens (and possibly tickets) for the specified -.Fa cell -and -.Fa realm . -If -.Fa cell -is -.Dv NULL , -the local cell is used. If -.Fa realm -is -.Dv NULL , -the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass -.Dv NULL . -.Fn krb_afslog -will use the real user-id for the -.Dv ViceId -field in the token, -.Fn krb_afslog_uid -will use -.Fa uid . -.Pp -.\" .Fn krb5_afslog , -.\" and -.\" .Fn krb5_afslog_uid -.\" are the Kerberos 5 equivalents of -.\" .Fn krb_afslog , -.\" and -.\" .Fn krb_afslog_uid . -.\" The extra arguments are the ubiquitous context, and the cache id where -.\" to store any obtained tickets. Since AFS servers normally can't handle -.\" Kerberos 5 tickets directly, these functions will first obtain version -.\" 5 tickets for the requested cells, and then convert them to version 4 -.\" tickets, that can be stashed in the kernel. To convert tickets the -.\" .Fn krb524_convert_creds_kdc -.\" function will be used. -.\" .Pp -.Fn k_afs_cell_of_file -will in -.Fa cell -return the cell of a specified file, no more than -.Fa len -characters is put in -.Fa cell . -.Pp -.Fn k_pioctl -does a -.Fn pioctl -syscall with the specified arguments. This function is equivalent to -.Fn lpioctl . -.Pp -.Fn k_setpag -initializes a new PAG. -.Pp -.Fn k_unlog -removes destroys all tokens in the current PAG. -.Sh ENVIRONMENT -The following environment variable affect the mode of operation of -.Nm kafs : -.Bl -tag -width AFS_SYSCALL -.It Ev AFS_SYSCALL -Normally, -.Nm kafs -will try to figure out the correct system call(s) that are used by AFS -by itself. If it does not manage to do that, or does it incorrectly, -you can set this variable to the system call number or list of system -call numbers that should be used. -.El -.Sh RETURN VALUES -.Fn k_hasafs -returns 1 if AFS is present in the kernel, 0 otherwise. -.Fn krb_afslog -and -.Fn krb_afslog_uid -returns 0 on success, or a kerberos error number on failure. -.Fn k_afs_cell_of_file , -.Fn k_pioctl , -.Fn k_setpag , -and -.Fn k_unlog -all return the value of the underlaying system call, 0 on success. -.Sh EXAMPLES -The following code from -.Nm login -will obtain a new PAG and tokens for the local cell and the cell of -the users home directory. -.Bd -literal -if (k_hasafs()) { - char cell[64]; - k_setpag(); - if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0) - krb_afslog(cell, NULL); - krb_afslog(NULL, NULL); -} -.Ed -.Sh ERRORS -If any of these functions (appart from -.Fn k_hasafs ) -is called without AFS beeing present in the kernel, the process will -usually (depending on the operating system) receive a SIGSYS signal. -.Sh SEE ALSO -.Rs -.%A Transarc Corporation -.%J AFS-3 Programmer's Reference -.%T File Server/Cache Manager Interface -.%D 1991 -.Re -.Sh BUGS -.Ev AFS_SYSCALL -has no effect under AIX. diff --git a/crypto/kerberosIV/man/kauth.1 b/crypto/kerberosIV/man/kauth.1 deleted file mode 100644 index 72146e6b3d05..000000000000 --- a/crypto/kerberosIV/man/kauth.1 +++ /dev/null @@ -1,66 +0,0 @@ -.\" $Id: kauth.1,v 1.3 1998/06/30 15:29:17 assar Exp $ -.\" -.Dd May 4, 1996 -.Dt KAUTH 1 -.Os KTH-KRB -.Sh NAME -.Nm kauth -.Nd overworked Kerberos login program -.Sh SYNOPSIS -.Nm -.Op Fl n Ar name -.Op Fl r Ar remote user -.Op Fl t Pa remote ticket file -.Op Fl h Ar hosts... -.Op Fl l Ar lifetime -.Op Fl f Pa srvtab -.Op Fl c Ar cell -.Op Ar command ... -.Sh DESCRIPTION -The -.Nm -command obtains ticket granting tickets as well as AFS ticket and -tokens. It also does a whole lot of other stuff. -.Pp -The following flags are supported: -.Bl -tag -width xxxx -.It Fl n -Principal to get tickets for. If no other arguments are present this -can be given without the -.Fl n -flag. -.It Fl h -Remote hosts to obtain tickets for. This works similar to the MIT -Athena Kerberos 4 patchlevel 10 command -.Xr rkinit 1 , -however not in a compatible way. It requires that the remote host runs -the -.Xr kauthd 8 , -server. The -.Fl r -and -.Fl t -flags are useful only with this option. -.It Fl r -User on the remote host that should own the ticket file. -.It Fl t -Ticket file on remote host. -.It Fl l -Lifetime of tickets in minutes. A value of -1 is used for maximum -ticket lifetime. -.It Fl f -Srvtab to get service keys from. Default is -.Pa /etc/srvtab . -This is mainly used with batch services that need to run -authenticated. If any command is given, it will be executed in an -authenticated fashion and when the program exits the tickets are -destroyed. For long running jobs the tickets will be renewed. -.It Fl c -AFS cell to get tokens for, default is your local cell. -.El -.Sh SEE ALSO -.Xr kinit 1 , -.Xr kauthd 8 , -.Xr kafs 3 -.Sh BUGS -There is no help-switch. diff --git a/crypto/kerberosIV/man/kauthd.8 b/crypto/kerberosIV/man/kauthd.8 deleted file mode 100644 index 541e696286d0..000000000000 --- a/crypto/kerberosIV/man/kauthd.8 +++ /dev/null @@ -1,26 +0,0 @@ -.\" $Id: kauthd.8,v 1.2 1996/09/28 22:04:48 assar Exp $ -.\" -.Dd September 27, 1996 -.Dt KAUTHD 8 -.Os KTH-KRB -.Sh NAME -.Nm kauthd -.Nd remote Kerberos login daemon -.Sh SYNOPSIS -.Nm -.Sh DESCRIPTION -Daemon for the -.Xr kauth 1 -command. -.Pp -Options supported by -.Nm kauthd : -.Bl -tag -width Ds -.It Fl i -Interactive. Do not expect to be started by -.Nm inetd , -but allocate and listen to the socket yourself. Handy for testing -and debugging. -.El -.Sh SEE ALSO -.Xr kauth 1 diff --git a/crypto/kerberosIV/man/kdb_destroy.8 b/crypto/kerberosIV/man/kdb_destroy.8 deleted file mode 100644 index c6e47396fa0f..000000000000 --- a/crypto/kerberosIV/man/kdb_destroy.8 +++ /dev/null @@ -1,32 +0,0 @@ -.\" $Id: kdb_destroy.8,v 1.3 1997/04/02 21:09:54 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KDB_DESTROY 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kdb_destroy \- destroy Kerberos key distribution center database -.SH SYNOPSIS -kdb_destroy -.SH DESCRIPTION -.I kdb_destroy -deletes a Kerberos key distribution center database. -.PP -The user is prompted to verify that the database should be destroyed. A -response beginning with `y' or `Y' confirms deletion. -Any other response aborts deletion. -.SH DIAGNOSTICS -.TP 20n -"Database cannot be deleted at /var/kerberos/principal" -The attempt to delete the database failed (probably due to a system or -access permission error). -.TP -"Database not deleted." -The user aborted the deletion. -.SH FILES -.TP 20n -/var/kerberos/principal.pag, /var/kerberos/principal.dir -DBM files containing database -.SH SEE ALSO -kdb_init(8) diff --git a/crypto/kerberosIV/man/kdb_edit.8 b/crypto/kerberosIV/man/kdb_edit.8 deleted file mode 100644 index 14f7e92a0fd0..000000000000 --- a/crypto/kerberosIV/man/kdb_edit.8 +++ /dev/null @@ -1,54 +0,0 @@ -.\" $Id: kdb_edit.8,v 1.3 1997/04/02 21:09:54 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KDB_EDIT 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kdb_edit \- Kerberos key distribution center database editing utility -.SH SYNOPSIS -kdb_edit [ -.B \-n -] -.SH DESCRIPTION -.I kdb_edit -is used to create or change principals stored in the Kerberos key -distribution center (KDC) database. -.PP -When executed, -.I kdb_edit -prompts for the master key string and verifies that it matches the -master key stored in the database. -If the -.B \-n -option is specified, the master key is instead fetched from the master -key cache file. -.PP -Once the master key has been verified, -.I kdb_edit -begins a prompt loop. The user is prompted for the principal and -instance to be modified. If the entry is not found the user may create -it. -Once an entry is found or created, the user may set the password, -expiration date, maximum ticket lifetime, and attributes. -Default expiration dates, maximum ticket lifetimes, and attributes are -presented in brackets; if the user presses return the default is selected. -There is no default password. -The password RANDOM is interpreted specially, and if entered -the user may have the program select a random DES key for the -principal. -.PP -Upon successfully creating or changing the entry, ``Edit O.K.'' is -printed. -.SH DIAGNOSTICS -.TP 20n -"verify_master_key: Invalid master key, does not match database." -The master key string entered was incorrect. -.SH FILES -.TP 20n -/var/kerberos/principal.pag, /var/kerberos/principal.dir -DBM files containing database -.TP -/.k -Master key cache file. diff --git a/crypto/kerberosIV/man/kdb_init.8 b/crypto/kerberosIV/man/kdb_init.8 deleted file mode 100644 index f019dd4a413e..000000000000 --- a/crypto/kerberosIV/man/kdb_init.8 +++ /dev/null @@ -1,37 +0,0 @@ -.\" $Id: kdb_init.8,v 1.3 1997/04/02 21:09:54 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KDB_INIT 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kdb_init \- Initialize Kerberos key distribution center database -.SH SYNOPSIS -kdb_init [ -.B realm -] -.SH DESCRIPTION -.I kdb_init -initializes a Kerberos key distribution center database, creating the -necessary principals. -.PP -If the optional -.I realm -argument is not present, -.I kdb_init -prompts for a realm name. -After determining the realm to be created, it prompts for -a master key password. The master key password is used to encrypt -every encryption key stored in the database. -.SH DIAGNOSTICS -.TP 20n -"/var/kerberos/principal: File exists" -An attempt was made to create a database on a machine which already had -an existing database. -.SH FILES -.TP 20n -/var/kerberos/principal.pag, /var/kerberos/principal.dir -DBM files containing database -.SH SEE ALSO -kdb_destroy(8) diff --git a/crypto/kerberosIV/man/kdb_util.8 b/crypto/kerberosIV/man/kdb_util.8 deleted file mode 100644 index 0e3c201a514c..000000000000 --- a/crypto/kerberosIV/man/kdb_util.8 +++ /dev/null @@ -1,68 +0,0 @@ -.\" $Id: kdb_util.8,v 1.3 1997/04/02 20:45:38 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KDB_UTIL 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kdb_util \- Kerberos key distribution center database utility -.SH SYNOPSIS -kdb_util -.B operation filename -.SH DESCRIPTION -.I kdb_util -allows the Kerberos key distribution center (KDC) database administrator to -perform utility functions on the database. -.PP -.I Operation -must be one of the following: -.TP 10n -.I load -initializes the KDC database with the records described by the -text contained in the file -.IR filename . -Any existing database is overwritten. -.TP -.I dump -dumps the KDC database into a text representation in the file -.IR filename . -.TP -.I slave_dump -performs a database dump like the -.I dump -operation, and additionally creates a semaphore file signalling the -propagation software that an update is available for distribution to -slave KDC databases. -.TP -.I merge -merges in the entries from -.IR filename -into the database. -.TP -.I new_master_key -prompts for the old and new master key strings, and then dumps the KDC -database into a text representation in the file -.IR filename . -The keys in the text representation are encrypted in the new master key. -.TP -.I convert_old_db -prompts for the master key string, and then dumps the KDC database into -a text representation in the file -.IR filename . -The existing database is assumed to be encrypted using the old format -(encrypted by the key schedule of the master key); the dumped database -is encrypted using the new format (encrypted directly with master key). -.PP -.SH DIAGNOSTICS -.TP 20n -"verify_master_key: Invalid master key, does not match database." -The master key string entered was incorrect. -.SH FILES -.TP 20n -/kerberos/principal.pag, /kerberos/principal.dir -DBM files containing database -.TP -.IR filename .ok -semaphore file created by -.IR slave_dump. diff --git a/crypto/kerberosIV/man/kdestroy.1 b/crypto/kerberosIV/man/kdestroy.1 deleted file mode 100644 index c7797c0313dd..000000000000 --- a/crypto/kerberosIV/man/kdestroy.1 +++ /dev/null @@ -1,96 +0,0 @@ -.\" $Id: kdestroy.1,v 1.4 1999/06/15 13:29:32 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KDESTROY 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kdestroy \- destroy Kerberos tickets -.SH SYNOPSIS -.B kdestroy -[ -.B \-f -] -[ -.B \-q -] -[ -.B \-t -] -.SH DESCRIPTION -The -.I kdestroy -utility destroys the user's active -Kerberos -authorization tickets by writing zeros to the file that contains them. -If the ticket file does not exist, -.I kdestroy -displays a message to that effect. -.PP -After overwriting the file, -.I kdestroy -removes the file from the system. -The utility -displays a message indicating the success or failure of the -operation. -If -.I kdestroy -is unable to destroy the ticket file, -the utility will warn you by making your terminal beep. -.PP -In the Athena workstation environment, -the -.I toehold -service automatically destroys your tickets when you -end a workstation session. -If your site does not provide a similar ticket-destroying mechanism, -you can place the -.I kdestroy -command in your -.I .logout -file so that your tickets are destroyed automatically -when you logout. -.PP -The options to -.I kdestroy -are as follows: -.TP 7 -.B \-f -.I kdestroy -runs without displaying the status message. -.TP -.B \-q -.I kdestroy -will not make your terminal beep if it fails to destroy the tickets. -.TP -.B \-t -destroy tickets only and keep all AFS tokens. -.TP -.B \-u -unlog, i.e remove any AFS tokens associated with the current PAG -but leave the ticket file alone. -.PP -If neither -.B \-t -nor -.B \-u -is given, both tickets and AFS tokens are destroyed. -.SH FILES -KRBTKFILE environment variable if set, otherwise -.br -/tmp/tkt[uid] -.SH SEE ALSO -kerberos(1), kinit(1), klist(1) -.SH BUGS -.PP -Only the tickets in the user's current ticket file are destroyed. -Separate ticket files are used to hold root instance and password -changing tickets. These files should probably be destroyed too, or -all of a user's tickets kept in a single ticket file. -.SH AUTHORS -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.br -Clifford Neuman, MIT Project Athena -.br -Bill Sommerfeld, MIT Project Athena diff --git a/crypto/kerberosIV/man/kerberos.1 b/crypto/kerberosIV/man/kerberos.1 deleted file mode 100644 index 496882274617..000000000000 --- a/crypto/kerberosIV/man/kerberos.1 +++ /dev/null @@ -1,258 +0,0 @@ -.\" $Id: kerberos.1,v 1.3 1997/11/07 12:37:34 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KERBEROS 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kerberos \- introduction to the Kerberos system - -.SH DESCRIPTION -The -Kerberos -system authenticates -individual users in a network environment. -After authenticating yourself to -Kerberos, -you can use network utilities such as -.IR rlogin , -.IR rcp , -and -.IR rsh -without -having to present passwords to remote hosts and without having to bother -with -.I \.rhosts -files. -Note that these utilities will work without passwords only if -the remote machines you deal with -support the -Kerberos -system. -All Athena timesharing machines and public workstations support -Kerberos. -.PP -Before you can use -Kerberos, -you must register as an Athena user, -and you must make sure you have been added to -the -Kerberos -database. -You can use the -.I kinit -command to find out. -This command -tries to log you into the -Kerberos -system. -.I kinit -will prompt you for a username and password. -Enter your username and password. -If the utility lets you login without giving you a message, -you have already been registered. -.PP -If you enter your username and -.I kinit -responds with this message: -.nf - -Principal unknown (kerberos) - -.fi -you haven't been registered as a -Kerberos -user. -See your system administrator. -.PP -A Kerberos name contains three parts. -The first is the -.I principal name, -which is usually a user's or service's name. -The second is the -.I instance, -which in the case of a user is usually null. -Some users may have privileged instances, however, -such as ``root'' or ``admin''. -In the case of a service, the instance is the -name of the machine on which it runs; i.e. there -can be an -.I rlogin -service running on the machine ABC, which -is different from the rlogin service running on -the machine XYZ. -The third part of a Kerberos name -is the -.I realm. -The realm corresponds to the Kerberos service providing -authentication for the principal. -For example, at MIT there is a Kerberos running at the -Laboratory for Computer Science and one running at -Project Athena. -.PP -When writing a Kerberos name, the principal name is -separated from the instance (if not null) by a period, -and the realm (if not the local realm) follows, preceded by -an ``@'' sign. -The following are examples of valid Kerberos names: -.sp -.nf -.in +8 -billb -jis.admin -srz@lcs.mit.edu -treese.root@athena.mit.edu -.in -8 -.fi -.PP -When you authenticate yourself with -Kerberos, -through either the workstation -.I toehold -system or the -.I kinit -command, -Kerberos -gives you an initial -Kerberos -.IR ticket . -(A -Kerberos -ticket -is an encrypted protocol message that provides authentication.) -Kerberos -uses this ticket for network utilities -such as -.I rlogin -and -.IR rcp . -The ticket transactions are done transparently, -so you don't have to worry about their management. -.PP -Note, however, that tickets expire. -Privileged tickets, such as root instance tickets, -expire in a few minutes, while tickets that carry more ordinary -privileges may be good for several hours or a day, depending on the -installation's policy. -If your login session extends beyond the time limit, -you will have to re-authenticate yourself to -Kerberos -to get new tickets. -Use the -.IR kinit -command to re-authenticate yourself. -.PP -If you use the -.I kinit -command to get your tickets, -make sure you use the -.I kdestroy -command -to destroy your tickets before you end your login session. -You should probably put the -.I kdestroy -command in your -.I \.logout -file so that your tickets will be destroyed automatically when you logout. -For more information about the -.I kinit -and -.I kdestroy -commands, -see the -.I kinit(1) -and -.I kdestroy(1) -manual pages. -.PP -Currently, -Kerberos -supports the following network services: -.IR rlogin , -.IR rsh , -.IR rcp , -.IR pop , -.IR ftp , -.IR telnet , -.IR AFS -and -.IR NFS. - -.SH "SEE ALSO" -kdestroy(1), kinit(1), klist(1), kpasswd(1), des_crypt(3), kerberos(3), -kadmin(8) -.SH BUGS -Kerberos -will not do authentication forwarding. -In other words, -if you use -.I rlogin -to login to a remote host, -you cannot use -Kerberos -services from that host -until you authenticate yourself explicitly on that host. -Although you may need to authenticate yourself on the remote -host, -be aware that when you do so, -.I rlogin -sends your password across the network in clear text. - -.SH AUTHORS -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.br -Clifford Neuman, MIT Project Athena - -The following people helped out on various aspects of the system: - -Jeff Schiller designed and wrote the administration server and its -user interface, kadmin. -He also wrote the dbm version of the database management system. - -Mark Colan developed the -Kerberos -versions of -.IR rlogin , -.IR rsh , -and -.IR rcp , -as well as contributing work on the servers. - -John Ostlund developed the -Kerberos -versions of -.I passwd -and -.IR userreg . - -Stan Zanarotti pioneered Kerberos in a foreign realm (LCS), -and made many contributions based on that experience. - -Many people contributed code and/or useful ideas, including -Jim Aspnes, -Bob Baldwin, -John Barba, -Richard Basch, -Jim Bloom, -Bill Bryant, -Rob French, -Dan Geer, -David Jedlinsky, -John Kohl, -John Kubiatowicz, -Bob McKie, -Brian Murphy, -Ken Raeburn, -Chris Reed, -Jon Rochlis, -Mike Shanzer, -Bill Sommerfeld, -Jennifer Steiner, -Ted Ts'o, -and -Win Treese. - -.SH RESTRICTIONS - -COPYRIGHT 1985,1986 Massachusetts Institute of Technology diff --git a/crypto/kerberosIV/man/kerberos.3 b/crypto/kerberosIV/man/kerberos.3 deleted file mode 100644 index deff91dc22f0..000000000000 --- a/crypto/kerberosIV/man/kerberos.3 +++ /dev/null @@ -1,461 +0,0 @@ -.\" $Id: kerberos.3,v 1.2 1996/06/12 21:29:18 bg Exp $ -.\" $FreeBSD$ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KERBEROS 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -krb_mk_req, krb_rd_req, krb_kntoln, krb_set_key, krb_get_cred, -krb_mk_priv, krb_rd_priv, krb_mk_safe, krb_rd_safe, krb_mk_err, -krb_rd_err, krb_ck_repl \- Kerberos authentication library -.SH SYNOPSIS -.nf -.nj -.ft B -#include -#include -.PP -.ft B -extern char *krb_err_txt[]; -.PP -.ft B -int krb_mk_req(authent,service,instance,realm,checksum) -KTEXT authent; -char *service; -char *instance; -char *realm; -u_long checksum; -.PP -.ft B -int krb_rd_req(authent,service,instance,from_addr,ad,fn) -KTEXT authent; -char *service; -char *instance; -u_long from_addr; -AUTH_DAT *ad; -char *fn; -.PP -.ft B -int krb_kntoln(ad,lname) -AUTH_DAT *ad; -char *lname; -.PP -.ft B -int krb_set_key(key,cvt) -char *key; -int cvt; -.PP -.ft B -int krb_get_cred(service,instance,realm,c) -char *service; -char *instance; -char *realm; -CREDENTIALS *c; -.PP -.ft B -long krb_mk_priv(in,out,in_length,schedule,key,sender,receiver) -u_char *in; -u_char *out; -u_long in_length; -des_cblock key; -des_key_schedule schedule; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -.PP -.ft B -long krb_rd_priv(in,in_length,schedule,key,sender,receiver,msg_data) -u_char *in; -u_long in_length; -Key_schedule schedule; -des_cblock key; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -MSG_DAT *msg_data; -.PP -.ft B -long krb_mk_safe(in,out,in_length,key,sender,receiver) -u_char *in; -u_char *out; -u_long in_length; -des_cblock key; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -.PP -.ft B -long krb_rd_safe(in,length,key,sender,receiver,msg_data) -u_char *in; -u_long length; -des_cblock key; -struct sockaddr_in *sender; -struct sockaddr_in *receiver; -MSG_DAT *msg_data; -.PP -.ft B -long krb_mk_err(out,code,string) -u_char *out; -long code; -char *string; -.PP -.ft B -long krb_rd_err(in,length,code,msg_data) -u_char *in; -u_long length; -long code; -MSG_DAT *msg_data; -.fi -.ft R -.SH DESCRIPTION -This library supports network authentication and various related -operations. The library contains many routines beyond those described -in this man page, but they are not intended to be used directly. -Instead, they are called by the routines that are described, the -authentication server and the login program. -.PP -.I krb_err_txt[] -contains text string descriptions of various Kerberos error codes returned -by some of the routines below. -.PP -.I krb_mk_req -takes a pointer to a text structure in which an authenticator is to be -built. It also takes the name, instance, and realm of the service to be -used and an optional checksum. It is up to the application to decide -how to generate the checksum. -.I krb_mk_req -then retrieves a ticket for the desired service and creates an -authenticator. The authenticator is built in -.I authent -and is accessible -to the calling procedure. -.PP -It is up to the application to get the authenticator to the service -where it will be read by -.I krb_rd_req. -Unless an attacker posesses the session key contained in the ticket, it -will be unable to modify the authenticator. Thus, the checksum can be -used to verify the authenticity of the other data that will pass through -a connection. -.PP -.I krb_rd_req -takes an authenticator of type -.B KTEXT, -a service name, an instance, the address of the -host originating the request, and a pointer to a structure of type -.B AUTH_DAT -which is filled in with information obtained from the authenticator. -It also optionally takes the name of the file in which it will find the -secret key(s) for the service. -If the supplied -.I instance -contains "*", then the first service key with the same service name -found in the service key file will be used, and the -.I instance -argument will be filled in with the chosen instance. This means that -the caller must provide space for such an instance name. -.PP -It is used to find out information about the principal when a request -has been made to a service. It is up to the application protocol to get -the authenticator from the client to the service. The authenticator is -then passed to -.I krb_rd_req -to extract the desired information. -.PP -.I krb_rd_req -returns zero (RD_AP_OK) upon successful authentication. If a packet was -forged, modified, or replayed, authentication will fail. If the -authentication fails, a non-zero value is returned indicating the -particular problem encountered. See -.I krb.h -for the list of error codes. -.PP -If the last argument is the null string (""), krb_rd_req will use the -file /etc/srvtab to find its keys. If the last argument is NULL, it -will assume that the key has been set by -.I krb_set_key -and will not bother looking further. -.PP -.I krb_kntoln -converts a Kerberos name to a local name. It takes a structure -of type AUTH_DAT and uses the name and instance to look in the database -/etc/aname to find the corresponding local name. The local name is -returned and can be used by an application to change uids, directories, -or other parameters. It is not an integral part of Kerberos, but is -instead provided to support the use of Kerberos in existing utilities. -.PP -.I krb_set_key -takes as an argument a des key. It then creates -a key schedule from it and saves the original key to be used as an -initialization vector. -It is used to set the server's key which -must be used to decrypt tickets. -.PP -If called with a non-zero second argument, -.I krb_set_key -will first convert the input from a string of arbitrary length to a DES -key by encrypting it with a one-way function. -.PP -In most cases it should not be necessary to call -.I krb_set_key. -The necessary keys will usually be obtained and set inside -.I krb_rd_req. krb_set_key -is provided for those applications that do not wish to place the -application keys on disk. -.PP -.I krb_get_cred -searches the caller's ticket file for a ticket for the given service, instance, -and realm; and, if a ticket is found, fills in the given CREDENTIALS structure -with the ticket information. -.PP -If the ticket was found, -.I krb_get_cred -returns GC_OK. -If the ticket file can't be found, can't be read, doesn't belong to -the user (other than root), isn't a regular file, or is in the wrong -mode, the error GC_TKFIL is returned. -.PP -.I krb_mk_priv -creates an encrypted, authenticated -message from any arbitrary application data, pointed to by -.I in -and -.I in_length -bytes long. -The private session key, pointed to by -.I key -and the key schedule, -.I schedule, -are used to encrypt the data and some header information using -.I pcbc_encrypt. -.I sender -and -.I receiver -point to the Internet address of the two parties. -In addition to providing privacy, this protocol message protects -against modifications, insertions or replays. The encapsulated message and -header are placed in the area pointed to by -.I out -and the routine returns the length of the output, or -1 indicating -an error. -.PP -.I krb_rd_priv -decrypts and authenticates a received -.I krb_mk_priv -message. -.I in -points to the beginning of the received message, whose length -is specified in -.I in_length. -The private session key, pointed to by -.I key, -and the key schedule, -.I schedule, -are used to decrypt and verify the received message. -.I msg_data -is a pointer to a -.I MSG_DAT -struct, defined in -.I krb.h. -The routine fills in the -.I app_data -field with a pointer to the decrypted application data, -.I app_length -with the length of the -.I app_data -field, -.I time_sec -and -.I time_5ms -with the timestamps in the message, and -.I swap -with a 1 if the byte order of the receiver is different than that of -the sender. (The application must still determine if it is appropriate -to byte-swap application data; the Kerberos protocol fields are already taken -care of). The -.I hash -field returns a value useful as input to the -.I krb_ck_repl -routine. - -The routine returns zero if ok, or a Kerberos error code. Modified messages -and old messages cause errors, but it is up to the caller to -check the time sequence of messages, and to check against recently replayed -messages using -.I krb_ck_repl -if so desired. -.PP -.I krb_mk_safe -creates an authenticated, but unencrypted message from any arbitrary -application data, -pointed to by -.I in -and -.I in_length -bytes long. -The private session key, pointed to by -.I key, -is used to seed the -.I quad_cksum() -checksum algorithm used as part of the authentication. -.I sender -and -.I receiver -point to the Internet address of the two parties. -This message does not provide privacy, but does protect (via detection) -against modifications, insertions or replays. The encapsulated message and -header are placed in the area pointed to by -.I out -and the routine returns the length of the output, or -1 indicating -an error. -The authentication provided by this routine is not as strong as that -provided by -.I krb_mk_priv -or by computing the checksum using -.I cbc_cksum -instead, both of which authenticate via DES. -.PP - -.I krb_rd_safe -authenticates a received -.I krb_mk_safe -message. -.I in -points to the beginning of the received message, whose length -is specified in -.I in_length. -The private session key, pointed to by -.I key, -is used to seed the quad_cksum() routine as part of the authentication. -.I msg_data -is a pointer to a -.I MSG_DAT -struct, defined in -.I krb.h . -The routine fills in these -.I MSG_DAT -fields: -the -.I app_data -field with a pointer to the application data, -.I app_length -with the length of the -.I app_data -field, -.I time_sec -and -.I time_5ms -with the timestamps in the message, and -.I swap -with a 1 if the byte order of the receiver is different than that of -the sender. -(The application must still determine if it is appropriate -to byte-swap application data; the Kerberos protocol fields are already taken -care of). The -.I hash -field returns a value useful as input to the -.I krb_ck_repl -routine. - -The routine returns zero if ok, or a Kerberos error code. Modified messages -and old messages cause errors, but it is up to the caller to -check the time sequence of messages, and to check against recently replayed -messages using -.I krb_ck_repl -if so desired. -.PP -.I krb_mk_err -constructs an application level error message that may be used along -with -.I krb_mk_priv -or -.I krb_mk_safe. -.I out -is a pointer to the output buffer, -.I code -is an application specific error code, and -.I string -is an application specific error string. - -.PP -.I krb_rd_err -unpacks a received -.I krb_mk_err -message. -.I in -points to the beginning of the received message, whose length -is specified in -.I in_length. -.I code -is a pointer to a value to be filled in with the error -value provided by the application. -.I msg_data -is a pointer to a -.I MSG_DAT -struct, defined in -.I krb.h . -The routine fills in these -.I MSG_DAT -fields: the -.I app_data -field with a pointer to the application error text, -.I app_length -with the length of the -.I app_data -field, and -.I swap -with a 1 if the byte order of the receiver is different than that of -the sender. (The application must still determine if it is appropriate -to byte-swap application data; the Kerberos protocol fields are already taken -care of). - -The routine returns zero if the error message has been successfully received, -or a Kerberos error code. -.PP -The -.I KTEXT -structure is used to pass around text of varying lengths. It consists -of a buffer for the data, and a length. krb_rd_req takes an argument of this -type containing the authenticator, and krb_mk_req returns the -authenticator in a structure of this type. KTEXT itself is really a -pointer to the structure. The actual structure is of type KTEXT_ST. -.PP -The -.I AUTH_DAT -structure is filled in by krb_rd_req. It must be allocated before -calling krb_rd_req, and a pointer to it is passed. The structure is -filled in with data obtained from Kerberos. -.I MSG_DAT -structure is filled in by either krb_rd_priv, krb_rd_safe, or -krb_rd_err. It must be allocated before the call and a pointer to it -is passed. The structure is -filled in with data obtained from Kerberos. -.PP -.SH FILES -/usr/include/krb.h -.br -/usr/lib/libkrb.a -.br -/usr/include/des.h -.br -/usr/lib/libdes.a -.br -/etc/aname -.br -/etc/srvtab -.br -/tmp/tkt[uid] -.SH "SEE ALSO" -kerberos(1), des_crypt(3) -.SH DIAGNOSTICS -.SH BUGS -The caller of -.I krb_rd_req, krb_rd_priv, and krb_rd_safe -must check time order and for replay attempts. -.I krb_ck_repl -is not implemented yet. -.SH AUTHORS -Clifford Neuman, MIT Project Athena -.br -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.SH RESTRICTIONS -COPYRIGHT 1985,1986,1989 Massachusetts Institute of Technology diff --git a/crypto/kerberosIV/man/kerberos.8 b/crypto/kerberosIV/man/kerberos.8 deleted file mode 100644 index 0ad1a4ac92d3..000000000000 --- a/crypto/kerberosIV/man/kerberos.8 +++ /dev/null @@ -1,189 +0,0 @@ -.\" $Id: kerberos.8,v 1.4 1997/09/26 17:55:23 joda Exp $ -.\" -.Dd September 26, 1997 -.Dt KERBEROS 8 -.Os KTH-KRB -.Sh NAME -.Nm kerberos -.Nd the kerberos daemon -.Sh SYNPOSIS -.Nm -.Op Fl mns -.Op Fl a Ar max age -.Op Fl i Ar address -.Op Fl l Ar log -.Op Fl p Ar pause -.Op Fl P Ar portspec -.Op Fl r Ar realm -.Op Ar database -.Sh DESCRIPTION -This is the -.Nm -daemon. -.Pp -Options: -.Bl -tag -width -ident -.It Fl a -Set the -.Ar max age -before the database is considered stale. -.It Fl i -Only listen on -.Ar address . -Normally, the kerberos server listens on all addresses of all -interfaces. -.It Fl l -Write the log to -.Ar log -.It Fl m -Run manually and prompt for master key. -.It Fl n -Do not check max age. -.It Fl p -Pause for -.Ar pause -before dying. -.It Fl P -Listen to the ports specified by -.Ar portspec . -This should be a white-space separated list of port specificatios. A -port specification follows the format: -.Ar port Ns Op / Ns Ar protocol . -The -.Ar port -can be either a symbolic port name (from -.Pa /etc/services ) , -or a number; -.Ar protocol can be either -.Li udp , -or -.Li tcp . -If left out, the KDC will listen to both UDP and TCP sockets on the -specified port. -.br -The special string -.Li + -mean that the default set of ports (TCP and UDP on ports 88 and 750) -should be included. -.It Fl r -Run as a server for realm -.Ar realm -.It Fl s -Set slave parameters. This will enable check to see if data is -getting too stale relative to the master. -.El -.Pp -If no -.Ar database -is given a default datbase will be used, normally -.Pa /var/kerberos/principal . -.Sh DIAGNOSTICS -The server logs several messages in a log file -.Pf ( Pa /var/run/kerberos.log -by default). The logging mechanism opens and closes the log file for -each message, so you can safely rename the log file when the server is -running. -.Ss Operational messages -These are normal messages that you will see in the log. They might be -followed by some error message. -.Bl -tag -width xxxxx -.It Li Getting key for Ar REALM -The server fetched the key for -.Sq krbtgt.REALM -for the specific -realm. You will see this at startup, and for every attempt to use -cross realm authentication. -.It Xo Li Starting Kerberos for -.Ar REALM -.Li (kvno Ar kvno ) -.Xc -You will see this also if you start with -.Fl m . -.It Xo Li AS REQ -.Ar name.instance@REALM -.Li for -.Ar sname.sinstance -.Li from -.Ar ip-number -.Xc -An initial (password authenticated) request was received. -.It Xo Li APPL REQ -.Ar name.instance@REALM -.Li for -.Ar sname.sinstance -.Li from Ar ip-number -.Xc -A tgt-based request for a ticket was made. -.El -.Ss Error messages -These messages reflects misconfigured clients, invalid requests, or -possibly attepted attacks. -.Bl -tag -width xxxxx -.It Li UNKNOWN Ar name.instance -The server received a request with an unknown principal. This is most -likely because someone typed the wrong name at a login prompt. It -could also be someone trying to get a list of possible users. -.It Xo Li Unknown realm Ar REALM -.Li from Ar ip-number -.Xc -There isn't a principal for -.Sq krbtgt.REALM -in the database. -.It Xo Li Can't hop realms: Ar REALM1 -.Li -> Ar REALM2 -.Xc -There was a request for a ticket for another realm. This might be -because of a misconfigured client. -.It Li Principal not unique Ar name.instance -There is more than one entry for this principal in the database. This -is not very good. -.It Li Null key Ar name.instance -Someone tried to use a principal that for some reason doesn't have a -key. -.It Xo Li Incorrect master key version for -.Ar name.instance -.Li : Ar number -.Li (should be Ar number ) -.Xc -The principal has it's key encrypted with the wrong master key. -.It Xo Li Principal Ar name.instance -.Li expired at Ar date -.Xc -The principal's key has expired. -.It Li krb_rd_req from Ar ip-number : error-message -The message couldn't be decoded properly. The error message will give -you further hints. You will see this if someone is trying to use -expired tickets. -.It Xo Li Unknown message type: Ar number -.Li from Ar ip-number -.Xc -The message received was not one that is understood by this server. -.It Li Can't authorize password changed based on TGT -Someone tried to get a -.Sq changepw.kerberos -via a tgt exchange. This is -because of a broken client, or possibly an attack. -.It Li KRB protocol version mismatch ( Ar number ) -The server received a request with an unknown version number. -.El -.Ss Fatal error messages -The following messages indicate problems when starting the server. -.Bl -tag -width xxxxx -.It Li Database unavailable! -There was some problem reading the database. -.It Li Database currently being updated! -Someone is currently updating the database (possibly via krop). -.It Li Database out of date! -The database is older than the maximum age specified. -.It Li Couldn't get master key. -The master key file wasn't found or the file is damaged. -.It Li Can't verify master key. -The key in the keyfile doesn't match the current databse. -.It Li Ticket granting ticket service unknown -The database doesn't contain a -.Sq krbtgt.REALM -for the local realm. -.El -.Sh SEE ALSO -.Xr kprop 8 , -.Xr kpropd 8 diff --git a/crypto/kerberosIV/man/kinit.1 b/crypto/kerberosIV/man/kinit.1 deleted file mode 100644 index f27f240da57e..000000000000 --- a/crypto/kerberosIV/man/kinit.1 +++ /dev/null @@ -1,131 +0,0 @@ -.\" $Id: kinit.1,v 1.4 1998/12/18 16:57:29 assar Exp $ -.\" $FreeBSD$ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kinit \- Kerberos login utility -.SH SYNOPSIS -.B kinit -[ -.B \-irvlp -] -.SH DESCRIPTION -The -.I kinit -command is used to login to the -Kerberos -authentication and authorization system. -Note that only registered -Kerberos -users can use the -Kerberos -system. -For information about registering as a -Kerberos -user, -see the -.I kerberos(1) -manual page. -.PP -If you are using a replaced -.I login -that already fetches tickets for you, you do not have to use -.I kinit. -You will need to use -.I kinit -only in those situations in which -your original tickets have expired. -(Tickets expire in about a day.) -Note as well that the modified -.I login -will automatically destroy your tickets when you logout from the workstation. -.PP -When you use -.I kinit -without options, -the utility -prompts for your username and Kerberos password, -and tries to authenticate your login with the local -Kerberos -server. -.PP -If -Kerberos -authenticates the login attempt, -.I kinit -retrieves your initial ticket and puts it in the ticket file specified by -your KRBTKFILE environment variable. -If this variable is undefined, -your ticket will be stored in the -.IR /tmp -directory, -in the file -.I tktuid , -where -.I uid -specifies your user identification number. -.PP -If you have logged in to -Kerberos -without the benefit of the modified -.I login -program, -make sure you use the -.I kdestroy -command to destroy any active tickets before you end your login session. -You may want to put the -.I kdestroy -command in your -.I \.logout -file so that your tickets will be destroyed automatically when you logout. -.PP -The options to -.I kinit -are as follows: -.TP 7 -.B \-i -.I kinit -prompts you for a -Kerberos -instance. -.TP -.B \-r -.I kinit -prompts you for a -Kerberos -realm. -This option lets you authenticate yourself with a remote -Kerberos -server. -.TP -.B \-v -Verbose mode. -.I kinit -prints the name of the ticket file used, and -a status message indicating the success or failure of -your login attempt. -.TP -.B \-l -.I kinit -prompts you for a ticket lifetime in minutes. Due to protocol -restrictions in Kerberos Version 4, this value must be between 5 and -1275 minutes. -.TP -.B \-p -.I kinit -will acquires a ticket for changepw.kerberos. -.SH SEE ALSO -.PP -kerberos(1), kdestroy(1), klist(1), login(1) -.SH BUGS -The -.B \-r -option has not been fully implemented. -.SH AUTHORS -Steve Miller, MIT Project Athena/Digital Equipment Corporation -.br -Clifford Neuman, MIT Project Athena diff --git a/crypto/kerberosIV/man/klist.1 b/crypto/kerberosIV/man/klist.1 deleted file mode 100644 index 76dec027bc95..000000000000 --- a/crypto/kerberosIV/man/klist.1 +++ /dev/null @@ -1,83 +0,0 @@ -.\" $Id: klist.1,v 1.2 1996/06/12 21:29:19 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KLIST 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -klist \- list currently held Kerberos tickets -.SH SYNOPSIS -.B klist -[ -\fB\-s \fR|\fB \-t\fR -] [ -.B \-file -name ] [ -.B \-srvtab -] -.br -.SH DESCRIPTION -.I klist -prints the name of the tickets file and the -identity of the principal the tickets are for (as listed in the -tickets file), and -lists the principal names of all Kerberos tickets currently held by -the user, along with the issue and expire time for each authenticator. -Principal names are listed in the form -.I name.instance@realm, -with the '.' omitted if the instance is null, -and the '@' omitted if the realm is null. - -If given the -.B \-s -option, -.I klist -does not print the issue and expire times, the name of the tickets file, -or the identity of the principal. - -If given the -.B \-t -option, -.B klist -checks for the existence of a non-expired ticket-granting-ticket in the -ticket file. If one is present, it exits with status 0, else it exits -with status 1. No output is generated when this option is specified. - -If given the -.B \-file -option, the following argument is used as the ticket file. -Otherwise, if the -.B KRBTKFILE -environment variable is set, it is used. -If this environment variable -is not set, the file -.B /tmp/tkt[uid] -is used, where -.B uid -is the current user-id of the user. - -If given the -.B \-srvtab -option, the file is treated as a service key file, and the names of the -keys contained therein are printed. If no file is -specified with a -.B \-file -option, the default is -.IR /etc/srvtab . -.SH FILES -.TP 2i -/etc/krb.conf -to get the name of the local realm -.TP -/tmp/tkt[uid] -as the default ticket file ([uid] is the decimal UID of the user). -.TP -/etc/srvtab -as the default service key file -.SH SEE ALSO -.PP -kerberos(1), kinit(1), kdestroy(1) -.SH BUGS -When reading a file as a service key file, very little sanity or error -checking is performed. diff --git a/crypto/kerberosIV/man/kpasswd.1 b/crypto/kerberosIV/man/kpasswd.1 deleted file mode 100644 index ad0c8584a83e..000000000000 --- a/crypto/kerberosIV/man/kpasswd.1 +++ /dev/null @@ -1,85 +0,0 @@ -.\" $Id: kpasswd.1,v 1.2 1996/06/12 21:29:21 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KPASSWD 1 "Kerberos Version 4.0" "MIT Project Athena" -.FM mit -.SH NAME -kpasswd \- change a user's Kerberos password -.SH SYNOPSIS -.B kpasswd -[ -.B \-h -] [ -.B \-n -.I name -] [ -.B \-i -.I instance -] [ -.B \-r -.I realm -] [ -\-u -.IR username[.instance][@realm] ] -.SH DESCRIPTION -The -.I kpasswd -command is used to change a Kerberos principal's password. -.PP -If the -.I \-h -option is specified, a brief summary of the options is printed, and -.I kpasswd -then exits. -.PP -If the -.I \-n -option is specified, -.I name -is used as the principal name rather than the username of the user -running -.IR kpasswd . -(This is determined from the ticket file if it exists; -otherwise, it is determined from the unix user id.) -.PP -If the -.I \-i -option is specified, -.I instance -is used as the instance rather than a null instance. -.PP -If the -.I \-r -option is specified, -.I realm -is used as the realm rather than the local realm. -.PP -If the -.I \-u -option is specified, a fully qualified kerberos -principal can be given. -.PP - -The utility prompts for the current Kerberos password (printing -the name of the principal for which it intends to change the password), -which is verified by the Kerberos server. If the old password is -correct, the user is prompted twice for the new password. A message is -printed indicating the success or failure of the password changing -operation. - -.SH BUGS - -.I kpasswd -does not handle names, instances, or realms with special -characters in them when the -n, -i, or -r options are used. Any -valid fullname is accepted, however, if the -u option is used. - -If the principal whose password you are trying to change does -not exist, you will not be told until after you have entered the -old password. - -.SH SEE ALSO -kerberos(1), kinit(1), passwd(1), kadmin(8) diff --git a/crypto/kerberosIV/man/kprop.8 b/crypto/kerberosIV/man/kprop.8 deleted file mode 100644 index ef45ad374c70..000000000000 --- a/crypto/kerberosIV/man/kprop.8 +++ /dev/null @@ -1,56 +0,0 @@ -.\" $Id: kprop.8,v 1.2 1996/06/15 17:03:22 assar Exp $ -.\" $FreeBSD$ -.\" -.Dd June 7, 1996 -.Dt KPROP 8 -.Os KTH-KRB -.Sh NAME -.Nm kprop -.Nd "the kerberos slave server update client" -.Sh SYNOPSIS -.Nm -.Op Fl force -.Op Fl realm Ar realm -.Op Ar dump-file -.Op Ar slave-file -.Sh DESCRIPTION -Changes to the database, such as changed passwords, are only made to -the master server through the -.Nm kadmind -service. To propagate these changes to the slave servers, -.Nm -should be run regularly on the master server. -.Pp -The following options are recognised. -.Bl -tag -width -force -.It Fl force -Propagate even if there hasn't been an update to the dump file since -last time. -.It Fl realm -Realm if other than the default. -.It dump-file -is a file created with -.Ic kdb_util slave_dump , -default is -.Pa /var/kerberos/slave_dump . -.It slave-file -Contains the names of the slave servers. Default is -.Pa /var/kerberos/slaves . -.El -.Pp -.Nm -will use the principal -.Nm rcmd.kerberos -to authenticate to the master servers. This principal has to be added -to the database, and it should also be put into the service key file -on the master server. -.Sh FILES -.Bl -tag -width indent -compact -.It Pa /var/kerberos/slave_dump -.It Pa /var/kerberos/slaves -.It Pa /etc/srvtab -.El -.Sh SEE ALSO -.Xr kpropd 8 , -.Xr kerberos 8 , -.Xr kadmind 8 diff --git a/crypto/kerberosIV/man/kpropd.8 b/crypto/kerberosIV/man/kpropd.8 deleted file mode 100644 index 1ca094430754..000000000000 --- a/crypto/kerberosIV/man/kpropd.8 +++ /dev/null @@ -1,62 +0,0 @@ -.\" $Id: kpropd.8,v 1.2 1997/02/07 22:04:55 assar Exp $ -.\" $FreeBSD$ -.\" -.Dd June 7, 1996 -.Dt KPROPD 8 -.Os KTH-KRB -.Sh NAME -.Nm kpropd -.Nd "the kerberos slave server update facility" -.Sh SYNOPSIS -.Nm -.Op Fl i -.Op Fl d Ar database -.Op Fl l Ar logfile -.Op Fl m -.Op Fl p Ar kdb_util -.Op Fl r Ar realm -.Op Fl s Ar srvtab -.Sh DESCRIPTION -The -.Nm -responds to database update requests from the -.Nm kprop -command. It can either be started from -.Nm inetd -or as an ordinary program. -.Pp -The following options are recognised: -.Bl -tag -width xxxx -.It Fl i -Run stand-alone. If this flag is not given, it is assumed to have -been started by -.Nm inetd . -.It Fl d -What database file to use, default is -.Pa /var/kerberos/principal . -.It Fl l -Logfile to use, default is -.Pa /var/log/kpropd.log . -.It Fl m -Treat data as changes to the database rather than a complete database. -.It Fl p -The path to -.Nm kdb_util , -default is -.Pa /usr/athena/sbin/kdb_util . -.It Fl r -Realm if other than the default realm. -.It Fl s -Srvtab if other than -.Pa /etc/kerberosIV/srvtab . -.El -.Sh FILES -.Bl -tag -width indent -compact -.It Pa /var/db/kerberos/principal.{db,dir,pag} -.It Pa /var/log/kpropd.log -.It Pa /etc/srvtab -.El -.Sh SEE ALSO -.Xr kprop 8 , -.Xr kerberos 8 , -.Xr kadmind 8 diff --git a/crypto/kerberosIV/man/krb.conf.5 b/crypto/kerberosIV/man/krb.conf.5 deleted file mode 100644 index 8ffa9afb7206..000000000000 --- a/crypto/kerberosIV/man/krb.conf.5 +++ /dev/null @@ -1,42 +0,0 @@ -.\" $Id: krb.conf.5,v 1.4 1999/08/02 16:09:57 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KRB.CONF 5 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -/etc/krb.conf \- Kerberos configuration file -.SH DESCRIPTION -.I krb.conf -contains configuration information describing the Kerberos realm(s) and the -Kerberos key distribution center (KDC) servers for known realms. -.PP -.I krb.conf -starts with a definition of the local realm on the first line, this is -followed by any number lines defining supplementary local realms. The -rest of the file consists of lines indicating realm/host entries. The -first token is a realm name, and the second is a server specification -of a host running a KDC for that realm. The words "admin server" -following the hostname indicate that the host also provides an -administrative database server. - -To be able to communicate with the KDC through a firewall it is -sometimes necessary to tunnel requests over HTTP or TCP. Tunnel -protocols and port numbers are specified in the server specification -using the syntax [(UDP|TCP|HTTP)/]hostname[:port]. - -For example: -.nf -.in +1i -SICS.SE -NADA.KTH.SE -SICS.SE TCP/kerberos.sics.se:88 admin server -NADA.KTH.SE kerberos.nada.kth.se admin server -NADA.KTH.SE kerberos-1.nada.kth.se -NADA.KTH.SE kerberos-2.nada.kth.se -NADA.KTH.SE HTTP/kerberos-3.nada.kth.se -KTH.SE kerberos.kth.se admin server -.in -1i -.SH SEE ALSO -krb.realms(5), krb_get_krbhst(3), krb_get_lrealm(3) diff --git a/crypto/kerberosIV/man/krb.equiv.5 b/crypto/kerberosIV/man/krb.equiv.5 deleted file mode 100644 index 511dbf09f25b..000000000000 --- a/crypto/kerberosIV/man/krb.equiv.5 +++ /dev/null @@ -1,27 +0,0 @@ -.\" $Id: krb.equiv.5,v 1.3 1996/06/18 16:26:20 joda Exp $ -.\" -.Dd June 18, 1996 -.Dt KRB.EQUIV 5 -.Os KTH-KRB -.Sh NAME -.Nm krb.equiv -.Nd Kerberos equivalent hosts file -.Sh DESCRIPTION -.Nm -contains a list of IP addresses that is to be considered being the -same host for Kerberos purposes. Plain addresses match a single -host. Addresses followed by a slash (/) and a number is taken as a -sub-network that should be considered equal. -.Pp -Hash (#) starts a comment. Backslash (\\) is a continuation character. -.Sh EXAMPLES -.Bd -literal -# A machine with two interfaces. -130.237.232.113 130.237.221.42 # emma emma-ether -# A machine with *many* interfaces -193.10.156.0/24 193.10.157.0/24 # syk-* syk-*-hps -.Ed -.Sh SEE ALSO -.Xr krb_equiv 3 , -.Xr krb.conf 5 , -.Xr krb.realms 5 diff --git a/crypto/kerberosIV/man/krb.extra.5 b/crypto/kerberosIV/man/krb.extra.5 deleted file mode 100644 index 565232376ded..000000000000 --- a/crypto/kerberosIV/man/krb.extra.5 +++ /dev/null @@ -1,50 +0,0 @@ -.\" $Id: krb.extra.5,v 1.4 1999/11/25 05:30:42 assar Exp $ -.\" -.Dd June 24, 1999 -.Dt KRB.EXTRA 5 -.Os KTH-KRB -.Sh NAME -.Nm krb.extra -.Nd Kerberos misc configuration file -.Sh DESCRIPTION -.Nm -contains a number of settings that are used by the kerberos library, -or directly by applications. Each line in the file consists of a -variable, an equal sign, and a value. Lines beginning with hash are -ignored. -.Pp -Currently defined variables are: -.Bl -tag -width foo -.It kdc_timeout -time in seconds to wait for an answer from the KDC (default is 4 -seconds) -.It kdc_timesync -if this is enabled, the time differential between the client and the -KDC will be stored, and used later on when computing the correct time; -this is useful if the client's clock is drifting -.It firewall_address -the outside address of the firewall; this is used in some places to -compute a direction bit, and this might break if the server has a -different idea about which address to use then the client -.It krb4_proxy -address of a web-proxy to use when connecting to the KDC via HTTP -.It krb_default_tkt_root -the default prefix for ticket files. E.g, if your uid is 42 and the -prefix is /tmp/tkt then your default ticket file will be /tmp/tkt42 -.It krb_default_keyfile -the default kefile, normally /etc/srvtab -.It nat_in_use -if a Network Address Translator (NAT) is being used. -.El -.Sh EXAMPLES -.Bd -literal -# this is a comment -krb_default_tkt_root = /tkt/tkt_ -kdc_timesync = yes -firewall_address = 10.0.0.1 -krb_default_keyfile = /etc/kerberosIV/srvtab -.Ed -.Sh SEE ALSO -.Xr krb.equiv 5 , -.Xr krb.conf 5 , -.Xr krb.realms 5 diff --git a/crypto/kerberosIV/man/krb.realms.5 b/crypto/kerberosIV/man/krb.realms.5 deleted file mode 100644 index 427c4550261e..000000000000 --- a/crypto/kerberosIV/man/krb.realms.5 +++ /dev/null @@ -1,38 +0,0 @@ -.\" $Id: krb.realms.5,v 1.2 1996/06/12 21:29:22 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KRB.REALMS 5 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -/etc/krb.realms \- host to Kerberos realm translation file -.SH DESCRIPTION -.I krb.realms -provides a translation from a hostname to the Kerberos realm name for -the services provided by that host. -.PP -Each line of the translation file is in one of the following forms -(domain_name should be of the form .XXX.YYY, e.g. .LCS.MIT.EDU): -.nf -.in +5n -host_name kerberos_realm -domain_name kerberos_realm -.in -5n -.fi -If a hostname exactly matches the -.I host_name -field in a line of the first -form, the corresponding realm is the realm of the host. -If a hostname does not match any -.I host_name -in the file, but its -domain exactly matches the -.I domain_name -field in a line of the second -form, the corresponding realm is the realm of the host. -.PP -If no translation entry applies, the host's realm is considered to be -the hostname's domain portion converted to upper case. -.SH SEE ALSO -krb_realmofhost(3) diff --git a/crypto/kerberosIV/man/krb_realmofhost.3 b/crypto/kerberosIV/man/krb_realmofhost.3 deleted file mode 100644 index d7c0ea6a5e45..000000000000 --- a/crypto/kerberosIV/man/krb_realmofhost.3 +++ /dev/null @@ -1,161 +0,0 @@ -.\" $Id: krb_realmofhost.3,v 1.2 1996/06/12 21:29:23 bg Exp $ -.\" $FreeBSD$ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KRB_REALMOFHOST 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -krb_realmofhost, krb_get_phost, krb_get_krbhst, krb_get_admhst, -krb_get_lrealm \- additional Kerberos utility routines -.SH SYNOPSIS -.nf -.nj -.ft B -#include -#include -#include -.PP -.ft B -char *krb_realmofhost(host) -char *host; -.PP -.ft B -char *krb_get_phost(alias) -char *alias; -.PP -.ft B -krb_get_krbhst(host,realm,n) -char *host; -char *realm; -int n; -.PP -.ft B -krb_get_admhst(host,realm,n) -char *host; -char *realm; -int n; -.PP -.ft B -krb_get_lrealm(realm,n) -char *realm; -int n; -.fi -.ft R -.SH DESCRIPTION -.I krb_realmofhost -returns the Kerberos realm of the host -.IR host , -as determined by the translation table -.IR /etc/krb.realms . -.I host -should be the fully-qualified domain-style primary host name of the host -in question. In order to prevent certain security attacks, this routine -must either have -.I a priori -knowledge of a host's realm, or obtain such information securely. -.PP -The format of the translation file is described by -.IR krb.realms (5). -If -.I host -exactly matches a host_name line, the corresponding realm -is returned. -Otherwise, if the domain portion of -.I host -matches a domain_name line, the corresponding realm -is returned. -If -.I host -contains a domain, but no translation is found, -.IR host 's -domain is converted to upper-case and returned. -If -.I host -contains no discernable domain, or an error occurs, -the local realm name, as supplied by -.IR krb_get_lrealm (3), -is returned. -.PP -.I krb_get_phost -converts the hostname -.I alias -(which can be either an official name or an alias) into the instance -name to be used in obtaining Kerberos tickets for most services, -including the Berkeley rcmd suite (rlogin, rcp, rsh). -.br -The current convention is to return the first segment of the official -domain-style name after conversion to lower case. -.PP -.I krb_get_krbhst -fills in -.I host -with the hostname of the -.IR n th -host running a Kerberos key distribution center (KDC) -for realm -.IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). -The configuration file is described by -.IR krb.conf (5). -If the host is successfully filled in, the routine -returns KSUCCESS. -If the file cannot be opened, and -.I n -equals 1, then the value of KRB_HOST as defined in -.I -is filled in, and KSUCCESS is returned. If there are fewer than -.I n -hosts running a Kerberos KDC for the requested realm, or the -configuration file is malformed, the routine -returns KFAILURE. -.PP -.I krb_get_admhst -fills in -.I host -with the hostname of the -.IR n th -host running a Kerberos KDC database administration server -for realm -.IR realm , -as specified in the configuration file (\fI/etc/krb.conf\fR). -If the file cannot be opened or is malformed, or there are fewer than -.I n -hosts running a Kerberos KDC database administration server, -the routine returns KFAILURE. -.PP -The character arrays used as return values for -.IR krb_get_krbhst , -.IR krb_get_admhst , -should be large enough to -hold any hostname (MAXHOSTNAMELEN from ). -.PP -.I krb_get_lrealm -fills in -.I realm -with the -.IR n th -realm of the local host, as specified in the configuration file. -.I realm -should be at least REALM_SZ (from -.IR ) characters long. -.PP -.SH SEE ALSO -kerberos(3), krb.conf(5), krb.realms(5) -.SH FILES -.TP 20n -/etc/krb.realms -translation file for host-to-realm mapping. -.TP -/etc/krb.conf -local realm-name and realm/server configuration file. -.SH BUGS -The current convention for instance names is too limited; the full -domain name should be used. -.PP -.I krb_get_lrealm -currently only supports -.I n -= 1. It should really consult the user's ticket cache to determine the -user's current realm, rather than consulting a file on the host. diff --git a/crypto/kerberosIV/man/krb_sendauth.3 b/crypto/kerberosIV/man/krb_sendauth.3 deleted file mode 100644 index cc99d4e58d09..000000000000 --- a/crypto/kerberosIV/man/krb_sendauth.3 +++ /dev/null @@ -1,348 +0,0 @@ -.\" $Id: krb_sendauth.3,v 1.2 1996/06/12 21:29:24 bg Exp $ -.\" $FreeBSD$ -.\" Copyright 1988 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KRB_SENDAUTH 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -krb_sendauth, krb_recvauth, krb_net_write, krb_net_read \- -Kerberos routines for sending authentication via network stream sockets -.SH SYNOPSIS -.nf -.nj -.ft B -#include -#include -#include -.PP -.fi -.HP 1i -.ft B -int krb_sendauth(options, fd, ktext, service, inst, realm, checksum, -msg_data, cred, schedule, laddr, faddr, version) -.nf -.RS 0 -.ft B -long options; -int fd; -KTEXT ktext; -char *service, *inst, *realm; -u_long checksum; -MSG_DAT *msg_data; -CREDENTIALS *cred; -Key_schedule schedule; -struct sockaddr_in *laddr, *faddr; -char *version; -.PP -.fi -.HP 1i -.ft B -int krb_recvauth(options, fd, ktext, service, inst, faddr, laddr, -auth_data, filename, schedule, version) -.nf -.RS 0 -.ft B -long options; -int fd; -KTEXT ktext; -char *service, *inst; -struct sockaddr_in *faddr, *laddr; -AUTH_DAT *auth_data; -char *filename; -Key_schedule schedule; -char *version; -.PP -.ft B -int krb_net_write(fd, buf, len) -int fd; -char *buf; -int len; -.PP -.ft B -int krb_net_read(fd, buf, len) -int fd; -char *buf; -int len; -.fi -.SH DESCRIPTION -.PP -These functions, -which are built on top of the core Kerberos library, -provide a convenient means for client and server -programs to send authentication messages -to one another through network connections. -The -.I krb_sendauth -function sends an authenticated ticket from the client program to -the server program by writing the ticket to a network socket. -The -.I krb_recvauth -function receives the ticket from the client by -reading from a network socket. - -.SH KRB_SENDAUTH -.PP -This function writes the ticket to -the network socket specified by the -file descriptor -.IR fd, -returning KSUCCESS if the write proceeds successfully, -and an error code if it does not. - -The -.I ktext -argument should point to an allocated KTEXT_ST structure. -The -.IR service, -.IR inst, -and -.IR realm -arguments specify the server program's Kerberos principal name, -instance, and realm. -If you are writing a client that uses the local realm exclusively, -you can set the -.I realm -argument to NULL. - -The -.I version -argument allows the client program to pass an application-specific -version string that the server program can then match against -its own version string. -The -.I version -string can be up to KSEND_VNO_LEN (see -.IR ) -characters in length. - -The -.I checksum -argument can be used to pass checksum information to the -server program. -The client program is responsible for specifying this information. -This checksum information is difficult to corrupt because -.I krb_sendauth -passes it over the network in encrypted form. -The -.I checksum -argument is passed as the checksum argument to -.IR krb_mk_req . - -You can set -.IR krb_sendauth's -other arguments to NULL unless you want the -client and server programs to mutually authenticate -themselves. -In the case of mutual authentication, -the client authenticates itself to the server program, -and demands that the server in turn authenticate itself to -the client. - -.SH KRB_SENDAUTH AND MUTUAL AUTHENTICATION -.PP -If you want mutual authentication, -make sure that you read all pending data from the local socket -before calling -.IR krb_sendauth. -Set -.IR krb_sendauth's -.I options -argument to -.BR KOPT_DO_MUTUAL -(this macro is defined in the -.IR krb.h -file); -make sure that the -.I laddr -argument points to -the address of the local socket, -and that -.I faddr -points to the foreign socket's network address. - -.I Krb_sendauth -fills in the other arguments-- -.IR msg_data , -.IR cred , -and -.IR schedule --before -sending the ticket to the server program. -You must, however, allocate space for these arguments -before calling the function. - -.I Krb_sendauth -supports two other options: -.BR KOPT_DONT_MK_REQ, -and -.BR KOPT_DONT_CANON. -If called with -.I options -set as KOPT_DONT_MK_REQ, -.I krb_sendauth -will not use the -.I krb_mk_req -function to retrieve the ticket from the Kerberos server. -The -.I ktext -argument must point to an existing ticket and authenticator (such as -would be created by -.IR krb_mk_req ), -and the -.IR service, -.IR inst, -and -.IR realm -arguments can be set to NULL. - -If called with -.I options -set as KOPT_DONT_CANON, -.I krb_sendauth -will not convert the service's instance to canonical form using -.IR krb_get_phost (3). - -If you want to call -.I krb_sendauth -with a multiple -.I options -specification, -construct -.I options -as a bitwise-OR of the options you want to specify. - -.SH KRB_RECVAUTH -.PP -The -.I krb_recvauth -function -reads a ticket/authenticator pair from the socket pointed to by the -.I fd -argument. -Set the -.I options -argument -as a bitwise-OR of the options desired. -Currently only KOPT_DO_MUTUAL is useful to the receiver. - -The -.I ktext -argument -should point to an allocated KTEXT_ST structure. -.I Krb_recvauth -fills -.I ktext -with the -ticket/authenticator pair read from -.IR fd , -then passes it to -.IR krb_rd_req . - -The -.I service -and -.I inst -arguments -specify the expected service and instance for which the ticket was -generated. They are also passed to -.IR krb_rd_req. -The -.I inst -argument may be set to "*" if the caller wishes -.I krb_mk_req -to fill in the instance used (note that there must be space in the -.I inst -argument to hold a full instance name, see -.IR krb_mk_req (3)). - -The -.I faddr -argument -should point to the address of the peer which is presenting the ticket. -It is also passed to -.IR krb_rd_req . - -If the client and server plan to mutually authenticate -one another, -the -.I laddr -argument -should point to the local address of the file descriptor. -Otherwise you can set this argument to NULL. - -The -.I auth_data -argument -should point to an allocated AUTH_DAT area. -It is passed to and filled in by -.IR krb_rd_req . -The checksum passed to the corresponding -.I krb_sendauth -is available as part of the filled-in AUTH_DAT area. - -The -.I filename -argument -specifies the filename -which the service program should use to obtain its service key. -.I Krb_recvauth -passes -.I filename -to the -.I krb_rd_req -function. -If you set this argument to "", -.I krb_rd_req -looks for the service key in the file -.IR /etc/srvtab. - -If the client and server are performing mutual authenication, -the -.I schedule -argument -should point to an allocated Key_schedule. -Otherwise it is ignored and may be NULL. - -The -.I version -argument should point to a character array of at least KSEND_VNO_LEN -characters. It is filled in with the version string passed by the client to -.IR krb_sendauth. -.PP -.SH KRB_NET_WRITE AND KRB_NET_READ -.PP -The -.I krb_net_write -function -emulates the write(2) system call, but guarantees that all data -specified is written to -.I fd -before returning, unless an error condition occurs. -.PP -The -.I krb_net_read -function -emulates the read(2) system call, but guarantees that the requested -amount of data is read from -.I fd -before returning, unless an error condition occurs. -.PP -.SH BUGS -.IR krb_sendauth, -.IR krb_recvauth, -.IR krb_net_write, -and -.IR krb_net_read -will not work properly on sockets set to non-blocking I/O mode. - -.SH SEE ALSO - -krb_mk_req(3), krb_rd_req(3), krb_get_phost(3) - -.SH AUTHOR -John T. Kohl, MIT Project Athena -.SH RESTRICTIONS -Copyright 1988, Massachusetts Instititute of Technology. -For copying and distribution information, -please see the file . diff --git a/crypto/kerberosIV/man/krb_set_tkt_string.3 b/crypto/kerberosIV/man/krb_set_tkt_string.3 deleted file mode 100644 index 9d941435a8b8..000000000000 --- a/crypto/kerberosIV/man/krb_set_tkt_string.3 +++ /dev/null @@ -1,42 +0,0 @@ -.\" $Id: krb_set_tkt_string.3,v 1.2 1996/06/12 21:29:24 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KRB_SET_TKT_STRING 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -krb_set_tkt_string \- set Kerberos ticket cache file name -.SH SYNOPSIS -.nf -.nj -.ft B -#include -.PP -.ft B -void krb_set_tkt_string(filename) -char *filename; -.fi -.ft R -.SH DESCRIPTION -.I krb_set_tkt_string -sets the name of the file that holds the user's -cache of Kerberos server tickets and associated session keys. -.PP -The string -.I filename -passed in is copied into local storage. -Only MAXPATHLEN-1 (see ) characters of the filename are -copied in for use as the cache file name. -.PP -This routine should be called during initialization, before other -Kerberos routines are called; otherwise the routines which fetch the -ticket cache file name may be called and return an undesired ticket file -name until this routine is called. -.SH FILES -.TP 20n -/tmp/tkt[uid] -default ticket file name, unless the environment variable KRBTKFILE is set. -[uid] denotes the user's uid, in decimal. -.SH SEE ALSO -kerberos(3), setenv(3) diff --git a/crypto/kerberosIV/man/ksrvtgt.1 b/crypto/kerberosIV/man/ksrvtgt.1 deleted file mode 100644 index ff8563cfbb9f..000000000000 --- a/crypto/kerberosIV/man/ksrvtgt.1 +++ /dev/null @@ -1,50 +0,0 @@ -.\" $Id: ksrvtgt.1,v 1.2 1996/06/12 21:29:26 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KSRVTGT 1 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -ksrvtgt \- fetch and store Kerberos ticket-granting-ticket using a -service key -.SH SYNOPSIS -.B ksrvtgt -name instance [[realm] srvtab] -.SH DESCRIPTION -.I ksrvtgt -retrieves a ticket-granting ticket with a lifetime of five (5) minutes -for the principal -.I name.instance@realm -(or -.I name.instance@localrealm -if -.I realm -is not supplied on the command line), decrypts the response using -the service key found in -.I srvtab -(or in -.B /etc/srvtab -if -.I srvtab -is not specified on the command line), and stores the ticket in the -standard ticket cache. -.PP -This command is intended primarily for use in shell scripts and other -batch-type facilities. -.SH DIAGNOSTICS -"Generic kerberos failure (kfailure)" can indicate a whole range of -problems, the most common of which is the inability to read the service -key file. -.SH FILES -.TP 2i -/etc/krb.conf -to get the name of the local realm. -.TP -/tmp/tkt[uid] -The default ticket file. -.TP -/etc/srvtab -The default service key file. -.SH SEE ALSO -kerberos(1), kinit(1), kdestroy(1) diff --git a/crypto/kerberosIV/man/ksrvutil.8 b/crypto/kerberosIV/man/ksrvutil.8 deleted file mode 100644 index d2bfa8ee3399..000000000000 --- a/crypto/kerberosIV/man/ksrvutil.8 +++ /dev/null @@ -1,100 +0,0 @@ -.\" $Id: ksrvutil.8,v 1.3 1996/06/12 21:29:27 bg Exp $ -.\" $FreeBSD$ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.Dd May 4, 1996 -.Dt KSRVUTIL 8 -.Os KTH-KRB -.Sh NAME -.Nm ksrvutil -.Nd "host kerberos keyfile (srvtab) manipulation utility" -.Sh SYNOPSIS -.Nm -.Op Fl f Pa keyfile -.Op Fl i -.Op Fl k -.Op Fl p Ar principal -.Op Fl r Ar realm -.Ar operation -.Sh DESCRIPTION -.Nm -allows a system manager to list or change keys currently in his -keyfile or to add new keys to the keyfile. -.Pp -Operation must be one of the following: -.Bl -tag -width indent -.It list -lists the keys in a keyfile showing version number and principal name. -If the -.Fl k -option is given, keys will also be shown. -.It change -changes all the keys in the keyfile by using the regular admin -protocol. If the -.Fl i -flag is given, -.Nm ksrvutil -will prompt for yes or no before changing each key. If the -.Fl k -option is used, the old and new keys will be displayed. -.It add -allows the user to add a key. -add -prompts for name, instance, realm, and key version number, asks -for confirmation, and then asks for a password. -.Nm -then converts the password to a key and appends the keyfile with the -new information. If the -.Fl k -option is used, the key is displayed. -.It get -gets a service from the Kerberos server, possibly creating the -principal. Names, instances and realms for the service keys to get are -prompted for. The default principal used in the kadmin transcation is -your root instance. This can be changed with the -.Fl p -option. -.El -.Pp -In all cases, the default file used is KEY_FILE as defined in krb.h -unless this is overridden by the -.Fl f -option. -.Pp -A good use for -.Nm -would be for adding keys to a keyfile. A system manager could -ask a kerberos administrator to create a new service key with -.Xr kadmin 8 -and could supply an initial password. Then, he could use -.Nm -to add the key to the keyfile and then to change the key so that it -will be random and unknown to either the system manager or the -kerberos administrator. -.Pp -.Nm -always makes a backup copy of the keyfile before making any changes. -.Sh DIAGNOSTICS -If -.Nm -should exit on an error condition at any time during a change or add, -a copy of the original keyfile can be found in -.Pa filename Ns .old -where -.Pa filename -is the name of the keyfile, and a copy of the file with all new -keys changed or added so far can be found in -.Pa filename Ns .work . -The original keyfile is left unmodified until the program exits at -which point it is removed and replaced it with the workfile. -Appending the workfile to the backup copy and replacing the keyfile -with the result should always give a usable keyfile, although the -resulting keyfile will have some out of date keys in it. -.Sh SEE ALSO -.Xr kadmin 8 , -.Xr ksrvtgt 1 -.Sh AUTHOR -Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/crypto/kerberosIV/man/kstash.8 b/crypto/kerberosIV/man/kstash.8 deleted file mode 100644 index 0197a3d2d11a..000000000000 --- a/crypto/kerberosIV/man/kstash.8 +++ /dev/null @@ -1,40 +0,0 @@ -.\" $Id: kstash.8,v 1.3 1997/04/02 21:09:56 assar Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KSTASH 8 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kstash \- stash Kerberos key distribution center database master key -.SH SYNOPSIS -kstash -.SH DESCRIPTION -.I kstash -saves the Kerberos key distribution center (KDC) database master key in -the master key cache file. -.PP -The user is prompted to enter the key, to verify the authenticity of the -key and the authorization to store the key in the file. -.SH DIAGNOSTICS -.TP 20n -"verify_master_key: Invalid master key, does not match database." -The master key string entered was incorrect. -.TP -"kstash: Unable to open master key file" -The attempt to open the cache file for writing failed (probably due to a -system or access permission error). -.TP -"kstash: Write I/O error on master key file" -The -.BR write (2) -system call returned an error while -.I kstash -was attempting to write the key to the file. -.SH FILES -.TP 20n -/var/kerberos/principal.pag, /var/kerberos/principal.dir -DBM files containing database -.TP -/.k -Master key cache file. diff --git a/crypto/kerberosIV/man/kuserok.3 b/crypto/kerberosIV/man/kuserok.3 deleted file mode 100644 index 098730898be7..000000000000 --- a/crypto/kerberosIV/man/kuserok.3 +++ /dev/null @@ -1,66 +0,0 @@ -.\" $Id: kuserok.3,v 1.3 1996/10/13 17:51:18 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH KUSEROK 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -kuserok \- Kerberos version of ruserok -.SH SYNOPSIS -.nf -.nj -.ft B -#include -.PP -.ft B -kuserok(kdata, localuser) -AUTH_DAT *auth_data; -char *localuser; -.fi -.ft R -.SH DESCRIPTION -.I kuserok -determines whether a Kerberos principal described by the structure -.I auth_data -is authorized to login as user -.I localuser -according to the authorization file -("~\fIlocaluser\fR/.klogin" by default). It returns 0 (zero) if authorized, -1 (one) if not authorized. -.PP -If there is no account for -.I localuser -on the local machine, authorization is not granted. -If there is no authorization file, and the Kerberos principal described -by -.I auth_data -translates to -.I localuser -(using -.IR krb_kntoln (3)), -authorization is granted. -If the authorization file -can't be accessed, or the file is not owned by -.IR localuser, -authorization is denied. Otherwise, the file is searched for -a matching principal name, instance, and realm. If a match is found, -authorization is granted, else authorization is denied. -.PP -The file entries are in the format: -.nf -.in +5n - name.instance@realm -.in -5n -.fi -with one entry per line. - -For convenience ~localuser@LOCALREALM is -always considered to be an entry in the file even when there is no -file or the file is unreadable. -.SH SEE ALSO -kerberos(3), ruserok(3), krb_kntoln(3) -.SH FILES -.TP 20n -~\fIlocaluser\fR/.klogin -authorization list diff --git a/crypto/kerberosIV/man/login.1 b/crypto/kerberosIV/man/login.1 deleted file mode 100644 index dcdc91927e08..000000000000 --- a/crypto/kerberosIV/man/login.1 +++ /dev/null @@ -1,160 +0,0 @@ -.\" Copyright (c) 1980, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)login.1 8.1 (Berkeley) 6/9/93 -.\" -.Dd June 9, 1993 -.Dt LOGIN 1 -.Os BSD 4 -.Sh NAME -.Nm login -.Nd log into the computer -.Sh SYNOPSIS -.Nm login -.Op Fl fp -.Op Fl h Ar hostname -.Op Ar user -.Sh DESCRIPTION -.Sy Note : -this manual page describes the original login program for -NetBSD. Everything in here might not be true. -.Pp -The -.Nm login -utility logs users (and pseudo-users) into the computer system. -.Pp -If no user is specified, or if a user is specified and authentication -of the user fails, -.Nm login -prompts for a user name. -Authentication of users is done via passwords. -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl f -The -.Fl f -option is used when a user name is specified to indicate that proper -authentication has already been done and that no password need be -requested. -This option may only be used by the super-user or when an already -logged in user is logging in as themselves. -.It Fl h -The -.Fl h -option specifies the host from which the connection was received. -It is used by various daemons such as -.Xr telnetd 8 . -This option may only be used by the super-user. -.It Fl p -By default, -.Nm login -discards any previous environment. -The -.Fl p -option disables this behavior. -.El -.Pp -If the file -.Pa /etc/nologin -exists, -.Nm login -dislays its contents to the user and exits. -This is used by -.Xr shutdown 8 -to prevent users from logging in when the system is about to go down. -.Pp -If the file -.Pa /etc/fbtab -exists, -.Nm login -changes the protection and ownership of certain devices specified in this -file. -.Pp -Immediately after logging a user in, -.Nm login -displays the system copyright notice, the date and time the user last -logged in, the message of the day as well as other information. -If the file -.Dq Pa .hushlogin -exists in the user's home directory, all of these messages are suppressed. -This is to simplify logins for non-human users, such as -.Xr uucp 1 . -.Nm Login -then records an entry in the -.Xr wtmp 5 -and -.Xr utmp 5 -files and executes the user's command interpretor. -.Pp -Login enters information into the environment (see -.Xr environ 7 ) -specifying the user's home directory (HOME), command interpreter (SHELL), -search path (PATH), terminal type (TERM) and user name (both LOGNAME and -USER). -.Pp -The standard shells, -.Xr csh 1 -and -.Xr sh 1 , -do not fork before executing the -.Nm login -utility. -.Sh FILES -.Bl -tag -width /var/mail/userXXX -compact -.It Pa /etc/fbtab -changes device protections -.It Pa /etc/motd -message-of-the-day -.It Pa /etc/nologin -disallows logins -.It Pa /var/run/utmp -current logins -.It Pa /var/log/wtmp -login account records -.It Pa /var/mail/user -system mailboxes -.It Pa \&.hushlogin -makes login quieter -.El -.Sh SEE ALSO -.Xr chpass 1 , -.Xr passwd 1 , -.Xr rlogin 1 , -.Xr getpass 3 , -.Xr fbtab 5 , -.Xr utmp 5 , -.Xr environ 7 -.Sh HISTORY -A -.Nm login -appeared in -.At v6 . diff --git a/crypto/kerberosIV/man/login.access.5 b/crypto/kerberosIV/man/login.access.5 deleted file mode 100644 index da93b9d54140..000000000000 --- a/crypto/kerberosIV/man/login.access.5 +++ /dev/null @@ -1,50 +0,0 @@ -.\" this is comment -.Dd April 30, 1994 -.Dt SKEY.ACCESS 5 -.Os FreeBSD -.Sh NAME -.Nm login.access -.Nd login access control table -.Sh DESCRIPTION -The -.Nm login.access -file specifies (user, host) combinations and/or (user, tty) -combinations for which a login will be either accepted or refused. -.Pp -When someone logs in, the -.Nm login.access -is scanned for the first entry that -matches the (user, host) combination, or, in case of non-networked -logins, the first entry that matches the (user, tty) combination. The -permissions field of that table entry determines whether the login will -be accepted or refused. -.Pp -Each line of the login access control table has three fields separated by a -":" character: permission : users : origins -.Pp -The first field should be a "+" (access granted) or "-" (access denied) -character. The second field should be a list of one or more login names, -group names, or ALL (always matches). The third field should be a list -of one or more tty names (for non-networked logins), host names, domain -names (begin with "."), host addresses, internet network numbers (end -with "."), ALL (always matches) or LOCAL (matches any string that does -not contain a "." character). If you run NIS you can use @netgroupname -in host or user patterns. -.Pp -The EXCEPT operator makes it possible to write very compact rules. -.Pp -The group file is searched only when a name does not match that of the -logged-in user. Only groups are matched in which users are explicitly -listed: the program does not look at a user's primary group id value. -.Sh FILES -.Bl -tag -width /etc/login.access -compact -.It Pa /etc/login.access -The -.Nm login.access -file resides in -.Pa /etc . -.El -.Sh SEE ALSO -.Xr login 1 -.Sh AUTHOR -Guido van Rooij diff --git a/crypto/kerberosIV/man/pagsh.1 b/crypto/kerberosIV/man/pagsh.1 deleted file mode 100644 index 2208fc87df09..000000000000 --- a/crypto/kerberosIV/man/pagsh.1 +++ /dev/null @@ -1,25 +0,0 @@ -.\" $Id: pagsh.1,v 1.1 1996/04/27 23:03:35 d91-jda Exp $ -.\" -.Dd April 27, 1996 -.Dt PAGSH 1 -.Os KTH-KRB -.Sh NAME -.Nm pagsh -.Nd execute a command without authentication -.Sh SYNOPSIS -.Nm pagsh -.Oo -.Op Fl c -.Ar command Ar args -.Oc -.Sh DESCRIPTION -Starts a new subprocess that is detached from any Kerberos ticket -cache and AFS tokens. -Without -.Ar command -a new shell is started. -.Sh ENVIRONMENT -.Bl -tag -width $SHELL -.It Ev $SHELL -Default shell. -.El diff --git a/crypto/kerberosIV/man/rcp.1 b/crypto/kerberosIV/man/rcp.1 deleted file mode 100644 index c52258e49764..000000000000 --- a/crypto/kerberosIV/man/rcp.1 +++ /dev/null @@ -1,161 +0,0 @@ -.\" $NetBSD: rcp.1,v 1.5 1995/03/21 08:19:04 cgd Exp $ -.\" -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rcp.1 8.1 (Berkeley) 5/31/93 -.\" -.Dd May 31, 1993 -.Dt RCP 1 -.Os BSD 4.3r -.Sh NAME -.Nm rcp -.Nd remote file copy -.Sh SYNOPSIS -.Nm rcp -.Op Fl Kpx -.Op Fl k Ar realm -.Ar file1 file2 -.Nm rcp -.Op Fl Kprx -.Op Fl k Ar realm -.Ar -.Ar directory -.Sh DESCRIPTION -.Nm Rcp -copies files between machines. Each -.Ar file -or -.Ar directory -argument is either a remote file name of the -form ``rname@rhost:path'', or a local file name (containing no `:' characters, -or a `/' before any `:'s). -.Pp -.Bl -tag -width flag -.It Fl K -The -.Fl K -option turns off all Kerberos authentication. -.It Fl k -The -.Fl k -option requests -.Nm rcp -to obtain tickets -for the remote host in realm -.Ar realm -instead of the remote host's realm as determined by -.Xr krb_realmofhost 3 . -.It Fl p -The -.Fl p -option causes -.Nm rcp -to attempt to preserve (duplicate) in its copies the modification -times and modes of the source files, ignoring the -.Ar umask . -By default, the mode and owner of -.Ar file2 -are preserved if it already existed; otherwise the mode of the source file -modified by the -.Xr umask 2 -on the destination host is used. -.It Fl r -If any of the source files are directories, -.Nm rcp -copies each subtree rooted at that name; in this case -the destination must be a directory. -.It Fl x -The -.Fl x -option turns on -.Tn DES -encryption for all data passed by -.Nm rcp . -This may impact response time and -.Tn CPU -utilization, but provides -increased security. -.El -.Pp -If -.Ar path -is not a full path name, it is interpreted relative to -the login directory of the specified user -.Ar ruser -on -.Ar rhost , -or your current user name if no other remote user name is specified. -A -.Ar path -on a remote host may be quoted (using \e, ", or \(aa) -so that the metacharacters are interpreted remotely. -.Pp -.Nm Rcp -does not prompt for passwords; it performs remote execution -via -.Xr rsh 1 , -and requires the same authorization. -.Pp -.Nm Rcp -handles third party copies, where neither source nor target files -are on the current machine. -.Sh SEE ALSO -.Xr cp 1 , -.Xr ftp 1 , -.Xr rsh 1 , -.Xr rlogin 1 -.Sh HISTORY -The -.Nm rcp -command appeared in -.Bx 4.2 . -The version of -.Nm rcp -described here -has been reimplemented with Kerberos in -.Bx 4.3 Reno . -.Sh BUGS -Doesn't detect all cases where the target of a copy might -be a file in cases where only a directory should be legal. -.Pp -Is confused by any output generated by commands in a -.Pa \&.login , -.Pa \&.profile , -or -.Pa \&.cshrc -file on the remote host. -.Pp -The destination user and hostname may have to be specified as -``rhost.rname'' when the destination machine is running the -.Bx 4.2 -version of -.Nm rcp . diff --git a/crypto/kerberosIV/man/rlogin.1 b/crypto/kerberosIV/man/rlogin.1 deleted file mode 100644 index c2d8b77f96ae..000000000000 --- a/crypto/kerberosIV/man/rlogin.1 +++ /dev/null @@ -1,190 +0,0 @@ -.\" $NetBSD: rlogin.1,v 1.3 1995/03/21 07:58:37 cgd Exp $ -.\" -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rlogin.1 8.1 (Berkeley) 6/6/93 -.\" -.Dd June 6, 1993 -.Dt RLOGIN 1 -.Os BSD 4.2 -.Sh NAME -.Nm rlogin -.Nd remote login -.Sh SYNOPSIS -.Ar rlogin -.Op Fl 8EKLdx -.Op Fl e Ar char -.Op Fl k Ar realm -.Op Fl l Ar username -.Op Fl p Ar portnumber -.Ar host -.Sh DESCRIPTION -.Nm Rlogin -starts a terminal session on a remote host -.Ar host . -.Pp -.Nm Rlogin -first attempts to use the Kerberos authorization mechanism, described below. -If the remote host does not supporting Kerberos the standard Berkeley -.Pa rhosts -authorization mechanism is used. -The options are as follows: -.Bl -tag -width flag -.It Fl 8 -The -.Fl 8 -option allows an eight-bit input data path at all times; otherwise -parity bits are stripped except when the remote side's stop and start -characters are other than -^S/^Q . -.It Fl E -The -.Fl E -option stops any character from being recognized as an escape character. -When used with the -.Fl 8 -option, this provides a completely transparent connection. -.It Fl K -The -.Fl K -option turns off all Kerberos authentication. -.It Fl L -The -.Fl L -option allows the rlogin session to be run in ``litout'' (see -.Xr tty 4 ) -mode. -.It Fl d -The -.Fl d -option turns on socket debugging (see -.Xr setsockopt 2 ) -on the TCP sockets used for communication with the remote host. -.It Fl e -The -.Fl e -option allows user specification of the escape character, which is -``~'' by default. -This specification may be as a literal character, or as an octal -value in the form \ennn. -.It Fl k -The -.Fl k -option requests rlogin to obtain tickets for the remote host -in realm -.Ar realm -instead of the remote host's realm as determined by -.Xr krb_realmofhost 3 . -.It Fl x -The -.Fl x -option turns on -.Tn DES -encryption for all data passed via the -rlogin session. -This may impact response time and -.Tn CPU -utilization, but provides -increased security. -.It Fl D -Use the TCP nodelay option (see setsockopt(2)). -.It Fl p portnumber -Specifies the port number to connect to on the remote host. -.El -.Pp -A line of the form ``.'' disconnects from the remote host. -Similarly, the line ``^Z'' will suspend the -.Nm rlogin -session, and ``'' suspends the -send portion of the rlogin, but allows output from the remote system. -By default, the tilde (``~'') character is the escape character, and -normally control-Y (``^Y'') is the delayed-suspend character. -.Pp -All echoing takes place at the remote site, so that (except for delays) -the -.Nm rlogin -is transparent. -Flow control via ^S/^Q and flushing of input and output on interrupts -are handled properly. -.Sh KERBEROS AUTHENTICATION -Each user may have a private authorization list in the file -.Pa .klogin -in their home directory. -Each line in this file should contain a Kerberos principal name of the -form -.Ar principal.instance@realm . -If the originating user is authenticated to one of the principals named -in -.Pa .klogin , -access is granted to the account. -The principal -.Ar accountname.@localrealm -is granted access if -there is no -.Pa .klogin -file. -Otherwise a login and password will be prompted for on the remote machine -as in -.Xr login 1 . -To avoid certain security problems, the -.Pa .klogin -file must be owned by -the remote user. -.Pp -If Kerberos authentication fails, a warning message is printed and the -standard Berkeley -.Nm rlogin -is used instead. -.Sh ENVIRONMENT -The following environment variable is utilized by -.Nm rlogin : -.Bl -tag -width TERM -.It Ev TERM -Determines the user's terminal type. -.El -.Sh SEE ALSO -.Xr rsh 1 , -.Xr kerberos 3 , -.Xr krb_sendauth 3 , -.Xr krb_realmofhost 3 -.Sh HISTORY -The -.Nm rlogin -command appeared in -.Bx 4.2 . -.Sh BUGS -.Nm Rlogin -will be replaced by -.Xr telnet 1 -in the near future. -.Pp -More of the environment should be propagated. diff --git a/crypto/kerberosIV/man/rlogind.8 b/crypto/kerberosIV/man/rlogind.8 deleted file mode 100644 index bc99529b81a0..000000000000 --- a/crypto/kerberosIV/man/rlogind.8 +++ /dev/null @@ -1,178 +0,0 @@ -.\" Copyright (c) 1983, 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rlogind.8 8.1 (Berkeley) 6/4/93 -.\" -.Dd August 25, 1996 -.Dt RLOGIND 8 -.Os BSD 4.2 -.Sh NAME -.Nm rlogind -.Nd remote login server -.Sh SYNOPSIS -.Nm rlogind -.Op Fl ailnkvxD -.Op Fl p Ar portnumber -.Op Fl L Ar /bin/login -.Sh DESCRIPTION -.Nm Rlogind -is the server for the -.Xr rlogin 1 -program. The server provides a remote login facility with -kerberos-based authentication or traditional pseudo-authentication with -privileged port numbers from trusted hosts. -.Pp -Options supported by -.Nm rlogind : -.Bl -tag -width Ds -.It Fl a -No-op. For backwards compatibility. Hostnames are always verified. -.It Fl l -Prevent any authentication based on the user's -.Dq Pa .rhosts -file, unless the user is logging in as the superuser. -.It Fl n -Disable keep-alive messages. -.It Fl k -Enable kerberos authentication. -.It Fl i -Do not expect to be spawned by inetd and create a socket and listen on -it yourself. -.It Fl p portnumber -Specifies the port number it should listen on in case the -.It Fl i -flag has been given. -.It Fl v -Vacuous, echo "Remote host requires Kerberos authentication" and exit. -.It Fl x -Provides an encrypted communications channel. This options requires the -.Fl k -flag. -.It Fl L pathname -Specify pathname to an alternative login program. -.It Fl D -Use the TCP nodelay option (see setsockopt(2)). -.El -.Pp -When a service request is received, -.Nm rlogind -verifies the kerberos ticket supplied by the user. -.Pp -For non-kerberised connections, the following protocol is initiated: -.Bl -enum -.It -The server checks the client's source port. -If the port is not in the range 512-1023, the server -aborts the connection. -.It -The server checks the client's source address -and requests the corresponding host name (see -.Xr gethostbyaddr 3 , -.Xr hosts 5 -and -.Xr named 8 ) . -If the hostname cannot be determined, -the dot-notation representation of the host address is used. -The addresses for the hostname are requested, -verifying that the name and address correspond. -Normal authentication is bypassed if the address verification fails. -.El -.Pp -Once the source port and address have been checked, -.Nm rlogind -proceeds with the authentication process described in -.Xr rshd 8 . -.Pp -It then allocates a pseudo terminal (see -.Xr pty 4 ) , -and manipulates file descriptors so that the slave -half of the pseudo terminal becomes the -.Em stdin , -.Em stdout , -and -.Em stderr -for a login process. -The login process is an instance of the -.Xr login 1 -program, invoked with the -.Fl f -option if authentication has succeeded. -If automatic authentication fails, the user is -prompted to log in as if on a standard terminal line. -.Pp -The parent of the login process manipulates the master side of -the pseudo terminal, operating as an intermediary -between the login process and the client instance of the -.Xr rlogin -program. In normal operation, the packet protocol described -in -.Xr pty 4 -is invoked to provide -.Ql ^S/^Q -type facilities and propagate -interrupt signals to the remote programs. The login process -propagates the client terminal's baud rate and terminal type, -as found in the environment variable, -.Ql Ev TERM ; -see -.Xr environ 7 . -The screen or window size of the terminal is requested from the client, -and window size changes from the client are propagated to the pseudo terminal. -.Pp -Transport-level keepalive messages are enabled unless the -.Fl n -option is present. -The use of keepalive messages allows sessions to be timed out -if the client crashes or becomes unreachable. -.Sh DIAGNOSTICS -All initial diagnostic messages are indicated -by a leading byte with a value of 1, -after which any network connections are closed. -If there are no errors before -.Xr login -is invoked, a null byte is returned as in indication of success. -.Bl -tag -width Ds -.It Sy Try again. -A -.Xr fork -by the server failed. -.El -.Sh SEE ALSO -.Xr login 1 , -.Xr ruserok 3 , -.Xr rshd 8 -.Sh BUGS -A more extensible protocol should be used. -.Sh HISTORY -The -.Nm -command appeared in -.Bx 4.2 . diff --git a/crypto/kerberosIV/man/rsh.1 b/crypto/kerberosIV/man/rsh.1 deleted file mode 100644 index 5d79faf87feb..000000000000 --- a/crypto/kerberosIV/man/rsh.1 +++ /dev/null @@ -1,182 +0,0 @@ -.\" Copyright (c) 1983, 1990 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" from: @(#)rsh.1 6.10 (Berkeley) 7/24/91 -.\" $Id: rsh.1,v 1.1.1.1 1995/10/23 11:20:27 d91-jda Exp $ -.\" -.Dd July 24, 1991 -.Dt RSH 1 -.Os BSD 4.2 -.Sh NAME -.Nm rsh -.Nd remote shell -.Sh SYNOPSIS -.Nm rsh -.Op Fl Kdnx -.Op Fl k Ar realm -.Op Fl l Ar username -.Ar host -.Op command -.Sh DESCRIPTION -.Nm Rsh -executes -.Ar command -on -.Ar host . -.Pp -.Nm Rsh -copies its standard input to the remote command, the standard -output of the remote command to its standard output, and the -standard error of the remote command to its standard error. -Interrupt, quit and terminate signals are propagated to the remote -command; -.Nm rsh -normally terminates when the remote command does. -The options are as follows: -.Bl -tag -width flag -.It Fl K -The -.Fl K -option turns off all Kerberos authentication. -.It Fl d -The -.Fl d -option turns on socket debugging (using -.Xr setsockopt 2 ) -on the -.Tn TCP -sockets used for communication with the remote host. -.It Fl k -The -.Fl k -option causes -.Nm rsh -to obtain tickets for the remote host in -.Ar realm -instead of the remote host's realm as determined by -.Xr krb_realmofhost 3 . -.It Fl l -By default, the remote username is the same as the local username. -The -.Fl l -option allows the remote name to be specified. -Kerberos authentication is used, and authorization is determined -as in -.Xr rlogin 1 . -.It Fl n -The -.Fl n -option redirects input from the special device -.Pa /dev/null -(see the -.Sx BUGS -section of this manual page). -.It Fl x -The -.Fl x -option turns on -.Tn DES -encryption for all data exchange. -This may introduce a significant delay in response time. -.El -.Pp -If no -.Ar command -is specified, you will be logged in on the remote host using -.Xr rlogin 1 . -.Pp -Shell metacharacters which are not quoted are interpreted on local machine, -while quoted metacharacters are interpreted on the remote machine. -For example, the command -.Pp -.Dl rsh otherhost cat remotefile >> localfile -.Pp -appends the remote file -.Ar remotefile -to the local file -.Ar localfile , -while -.Pp -.Dl rsh otherhost cat remotefile \&">>\&" other_remotefile -.Pp -appends -.Ar remotefile -to -.Ar other_remotefile . -.\" .Pp -.\" Many sites specify a large number of host names as commands in the -.\" directory /usr/hosts. -.\" If this directory is included in your search path, you can use the -.\" shorthand ``host command'' for the longer form ``rsh host command''. -.Sh FILES -.Bl -tag -width /etc/hosts -compact -.It Pa /etc/hosts -.El -.Sh SEE ALSO -.Xr rlogin 1 , -.Xr kerberos 3 , -.Xr krb_sendauth 3 , -.Xr krb_realmofhost 3 -.Sh HISTORY -The -.Nm rsh -command appeared in -.Bx 4.2 . -.Sh BUGS -If you are using -.Xr csh 1 -and put a -.Nm rsh -in the background without redirecting its input away from the terminal, -it will block even if no reads are posted by the remote command. -If no input is desired you should redirect the input of -.Nm rsh -to -.Pa /dev/null -using the -.Fl n -option. -.Pp -You cannot run an interactive command -(like -.Xr rogue 6 -or -.Xr vi 1 ) -using -.Nm rsh ; -use -.Xr rlogin 1 -instead. -.Pp -Stop signals stop the local -.Nm rsh -process only; this is arguably wrong, but currently hard to fix for reasons -too complicated to explain here. diff --git a/crypto/kerberosIV/man/rshd.8 b/crypto/kerberosIV/man/rshd.8 deleted file mode 100644 index 8bd661f1527f..000000000000 --- a/crypto/kerberosIV/man/rshd.8 +++ /dev/null @@ -1,221 +0,0 @@ -.\" Copyright (c) 1983, 1989, 1991, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)rshd.8 8.1 (Berkeley) 6/4/93 -.\" -.Dd August 25, 1996 -.Dt RSHD 8 -.Os BSD 4.2 -.Sh NAME -.Nm rshd -.Nd remote shell server -.Sh SYNOPSIS -.Nm rshd -.Op Fl ailnkvxLP -.Op Fl p Ar portnumber -.Sh DESCRIPTION -The -.Nm rshd -server -is the server for the -.Xr rcmd 3 -routine and, consequently, for the -.Xr rsh 1 -program. The server provides remote execution facilities with -kerberos-based authentication or traditional pseudo-authentication -with privileged port numbers from trusted hosts. -.Pp -The -.Nm rshd -server -listens for service requests at the port indicated in -the ``cmd'' service specification; see -.Xr services 5 . -When a service request is received -.Nm rshd -verifies the kerberos ticket supplied by the user. -.Pp -For non-kerberised connections, the following protocol is initiated: -.Bl -enum -.It -The server checks the client's source port. -If the port is not in the range 512-1023, the server -aborts the connection. -.It -The server reads characters from the socket up -to a null (`\e0') byte. The resultant string is -interpreted as an -.Tn ASCII -number, base 10. -.It -If the number received in step 2 is non-zero, -it is interpreted as the port number of a secondary -stream to be used for the -.Em stderr . -A second connection is then created to the specified -port on the client's machine. The source port of this -second connection is also in the range 512-1023. -.It -The server checks the client's source address -and requests the corresponding host name (see -.Xr gethostbyaddr 3 , -.Xr hosts 5 -and -.Xr named 8 ) . -If the hostname cannot be determined, -the dot-notation representation of the host address is used. -The addresses for the hostname are requested, -verifying that the name and address correspond. -If address verification fails, the connection is aborted -with the message, ``Host address mismatch.'' -.It -A null terminated user name of at most 16 characters -is retrieved on the initial socket. This user name -is interpreted as the user identity on the -.Em client Ns 's -machine. -.It -A null terminated user name of at most 16 characters -is retrieved on the initial socket. This user name -is interpreted as a user identity to use on the -.Sy server Ns 's -machine. -.It -A null terminated command to be passed to a -shell is retrieved on the initial socket. The length of -the command is limited by the upper bound on the size of -the system's argument list. -.It -.Nm Rshd -then validates the user using -.Xr ruserok 3 , -which uses the file -.Pa /etc/hosts.equiv -and the -.Pa .rhosts -file found in the user's home directory. The -.Fl l -option prevents -.Xr ruserok 3 -from doing any validation based on the user's ``.rhosts'' file, -unless the user is the superuser. -.It -If the file -.Pa /etc/nologin -exists and the user is not the superuser, -the connection is closed. -.It -A null byte is returned on the initial socket -and the command line is passed to the normal login -shell of the user. The -shell inherits the network connections established -by -.Nm rshd . -.El -.Pp -Transport-level keepalive messages are enabled unless the -.Fl n -option is present. -The use of keepalive messages allows sessions to be timed out -if the client crashes or becomes unreachable. -.Pp -The -.Fl L -option causes all successful accesses to be logged to -.Xr syslogd 8 -as -.Li auth.info -messages. -.Bl -tag -width Ds -.It Fl k -Enable kerberos authentication. -.It Fl i -Do not expect to be spawned by inetd and create a socket and listen on -it yourself. -.It Fl p portnumber -Specifies the port number it should listen on in case the -.It Fl i -flag has been given. -.It Fl v -Vacuous, echo "Remote host requires Kerberos authentication" and exit. -.It Fl x -Provides an encrypted communications channel. This option requires the -.Fl k -flag. -.It Fl P -AFS only! Doesn't put the remote proccess in a new PAG. -.El -.Sh DIAGNOSTICS -Except for the last one listed below, -all diagnostic messages -are returned on the initial socket, -after which any network connections are closed. -An error is indicated by a leading byte with a value of -1 (0 is returned in step 10 above upon successful completion -of all the steps prior to the execution of the login shell). -.Bl -tag -width indent -.It Sy Locuser too long. -The name of the user on the client's machine is -longer than 16 characters. -.It Sy Ruser too long. -The name of the user on the remote machine is -longer than 16 characters. -.It Sy Command too long . -The command line passed exceeds the size of the argument -list (as configured into the system). -.It Sy Login incorrect. -No password file entry for the user name existed. -.It Sy Remote directory. -The -.Xr chdir -command to the home directory failed. -.It Sy Permission denied. -The authentication procedure described above failed. -.It Sy Can't make pipe. -The pipe needed for the -.Em stderr , -wasn't created. -.It Sy Can't fork; try again. -A -.Xr fork -by the server failed. -.It Sy : ... -The user's login shell could not be started. This message is returned -on the connection associated with the -.Em stderr , -and is not preceded by a flag byte. -.El -.Sh SEE ALSO -.Xr rsh 1 , -.Xr rcmd 3 , -.Xr ruserok 3 -.Sh BUGS -A more extensible protocol (such as Telnet) should be used. diff --git a/crypto/kerberosIV/man/su.1 b/crypto/kerberosIV/man/su.1 deleted file mode 100644 index 78d5c8d48304..000000000000 --- a/crypto/kerberosIV/man/su.1 +++ /dev/null @@ -1,189 +0,0 @@ -.\" Copyright (c) 1988, 1990 The Regents of the University of California. -.\" All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" from: @(#)su.1 6.12 (Berkeley) 7/29/91 -.\" $Id: su.1,v 1.3 1996/02/11 23:56:09 d91-jda Exp $ -.\" -.Dd July 29, 1991 -.Dt SU 1 -.Os -.Sh NAME -.Nm su -.Nd substitute user identity -.Sh SYNOPSIS -.Nm su -.Op Fl Kflmi -.Op Ar login Op Ar "shell arguments" -.Sh DESCRIPTION -.Nm Su -requests the Kerberos password for -.Ar login -(or for -.Dq Ar login Ns .root , -if no login is provided), and switches to -that user and group ID after obtaining a Kerberos ticket granting ticket. -A shell is then executed, and any additional -.Ar "shell arguments" -after the login name -are passed to the shell. -.Nm Su -will resort to the local password file to find the password for -.Ar login -if there is a Kerberos error. -If -.Nm su -is executed by root, no password is requested and a shell -with the appropriate user ID is executed; no additional Kerberos tickets -are obtained. -.Pp -Alternately, if the user enters the password "s/key", they will be -authenticated using the S/Key one-time password system as described in -.Xr skey 1 . -S/Key is a Trademark of Bellcore. -.Pp -By default, the environment is unmodified with the exception of -.Ev USER , -.Ev HOME , -and -.Ev SHELL . -.Ev HOME -and -.Ev SHELL -are set to the target login's default values. -.Ev USER -is set to the target login, unless the target login has a user ID of 0, -in which case it is unmodified. -The invoked shell is the target login's. -This is the traditional behavior of -.Nm su . -.Pp -The options are as follows: -.Bl -tag -width Ds -.It Fl K -Do not attempt to use Kerberos to authenticate the user. -.It Fl f -If the invoked shell is -.Xr csh 1 , -this option prevents it from reading the -.Dq Pa .cshrc -file. -.It Fl l -Simulate a full login. -The environment is discarded except for -.Ev HOME , -.Ev SHELL , -.Ev PATH , -.Ev TERM , -and -.Ev USER . -.Ev HOME -and -.Ev SHELL -are modified as above. -.Ev USER -is set to the target login. -.Ev PATH -is set to -.Dq Pa /bin:/usr/bin . -.Ev TERM -is imported from your current environment. -The invoked shell is the target login's, and -.Nm su -will change directory to the target login's home directory. -.It Fl m -Leave the environment unmodified. -The invoked shell is your login shell, and no directory changes are made. -As a security precaution, if the target user's shell is a non-standard -shell (as defined by -.Xr getusershell 3 ) -and the caller's real uid is -non-zero, -.Nm su -will fail. -.It Fl i -If the kerberos root instance is not root any other value can be passed -using this switch. -.El -.Pp -The -.Fl l -and -.Fl m -options are mutually exclusive; the last one specified -overrides any previous ones. -.Pp -Only users mentioned in -.Dq Pa ~root/.klogin -(or in group 0 when not doing kerberos) can -.Nm su -to -.Dq root . -.Pp -By default (unless the prompt is reset by a startup file) the super-user -prompt is set to -.Dq Sy \&# -to remind one of its awesome power. -.Sh SEE ALSO -.Xr csh 1 , -.Xr login 1 , -.Xr sh 1 , -.Xr skey 1 , -.Xr kinit 1 , -.Xr kerberos 1 , -.Xr passwd 5 , -.Xr group 5 , -.Xr environ 7 -.Sh ENVIRONMENT -Environment variables used by -.Nm su : -.Bl -tag -width HOME -.It Ev HOME -Default home directory of real user ID unless modified as -specified above. -.It Ev PATH -Default search path of real user ID unless modified as specified above. -.It Ev TERM -Provides terminal type which may be retained for the substituted -user ID. -.It Ev USER -The user ID is always the effective ID (the target user ID) after an -.Nm su -unless the user ID is 0 (root). -.El -.Sh HISTORY -A -.Nm -command appeared in -.At v7 . -The version described -here is an adaptation of the -.Tn MIT -Athena Kerberos command. diff --git a/crypto/kerberosIV/man/telnet.1 b/crypto/kerberosIV/man/telnet.1 deleted file mode 100644 index 962783f7ce98..000000000000 --- a/crypto/kerberosIV/man/telnet.1 +++ /dev/null @@ -1,1373 +0,0 @@ -.\" Copyright (c) 1983, 1990, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)telnet.1 8.6 (Berkeley) 6/1/94 -.\" -.Dd June 1, 1994 -.Dt TELNET 1 -.Os BSD 4.2 -.Sh NAME -.Nm telnet -.Nd user interface to the -.Tn TELNET -protocol -.Sh SYNOPSIS -.Nm telnet -.Op Fl 78EFKLacdfrx -.Op Fl S Ar tos -.Op Fl X Ar authtype -.Op Fl e Ar escapechar -.Op Fl k Ar realm -.Op Fl l Ar user -.Op Fl n Ar tracefile -.Oo -.Ar host -.Op port -.Oc -.Sh DESCRIPTION -The -.Nm telnet -command -is used to communicate with another host using the -.Tn TELNET -protocol. -If -.Nm telnet -is invoked without the -.Ar host -argument, it enters command mode, -indicated by its prompt -.Pq Nm telnet\&> . -In this mode, it accepts and executes the commands listed below. -If it is invoked with arguments, it performs an -.Ic open -command with those arguments. -.Pp -Options: -.Bl -tag -width indent -.It Fl 8 -Specifies an 8-bit data path. This causes an attempt to -negotiate the -.Dv TELNET BINARY -option on both input and output. -.It Fl 7 -Do not try to negotiate -.Dv TELNET BINARY -option. -.It Fl E -Stops any character from being recognized as an escape character. -.It Fl F -If Kerberos V5 authentication is being used, the -.Fl F -option allows the local credentials to be forwarded -to the remote system, including any credentials that -have already been forwarded into the local environment. -.It Fl K -Specifies no automatic login to the remote system. -.It Fl L -Specifies an 8-bit data path on output. This causes the -BINARY option to be negotiated on output. -.It Fl S Ar tos -Sets the IP type-of-service (TOS) option for the telnet -connection to the value -.Ar tos , -which can be a numeric TOS value -or, on systems that support it, a symbolic -TOS name found in the /etc/iptos file. -.It Fl X Ar atype -Disables the -.Ar atype -type of authentication. -.It Fl a -Attempt automatic login. -Currently, this sends the user name via the -.Ev USER -variable -of the -.Ev ENVIRON -option if supported by the remote system. -The name used is that of the current user as returned by -.Xr getlogin 2 -if it agrees with the current user ID, -otherwise it is the name associated with the user ID. -.It Fl c -Disables the reading of the user's -.Pa \&.telnetrc -file. (See the -.Ic toggle skiprc -command on this man page.) -.It Fl d -Sets the initial value of the -.Ic debug -toggle to -.Dv TRUE -.It Fl e Ar escape char -Sets the initial -.Nm -.Nm telnet -escape character to -.Ar escape char . -If -.Ar escape char -is omitted, then -there will be no escape character. -.It Fl f -If Kerberos V5 authentication is being used, the -.Fl f -option allows the local credentials to be forwarded to the remote system. -.ne 1i -.It Fl k Ar realm -If Kerberos authentication is being used, the -.Fl k -option requests that telnet obtain tickets for the remote host in -realm realm instead of the remote host's realm, as determined -by -.Xr krb_realmofhost 3 . -.It Fl l Ar user -When connecting to the remote system, if the remote system -understands the -.Ev ENVIRON -option, then -.Ar user -will be sent to the remote system as the value for the variable USER. -This option implies the -.Fl a -option. -This option may also be used with the -.Ic open -command. -.It Fl n Ar tracefile -Opens -.Ar tracefile -for recording trace information. -See the -.Ic set tracefile -command below. -.It Fl r -Specifies a user interface similar to -.Xr rlogin 1 . -In this -mode, the escape character is set to the tilde (~) character, -unless modified by the -e option. -.It Fl x -Turns on encryption of the data stream if possible. This is -currently the default and when it fails a warning is issued. -.It Ar host -Indicates the official name, an alias, or the Internet address -of a remote host. -.It Ar port -Indicates a port number (address of an application). If a number is -not specified, the default -.Nm telnet -port is used. -.El -.Pp -When in rlogin mode, a line of the form ~. disconnects from the -remote host; ~ is the telnet escape character. -Similarly, the line ~^Z suspends the telnet session. -The line ~^] escapes to the normal telnet escape prompt. -.Pp -Once a connection has been opened, -.Nm telnet -will attempt to enable the -.Dv TELNET LINEMODE -option. -If this fails, then -.Nm telnet -will revert to one of two input modes: -either \*(Lqcharacter at a time\*(Rq -or \*(Lqold line by line\*(Rq -depending on what the remote system supports. -.Pp -When -.Dv LINEMODE -is enabled, character processing is done on the -local system, under the control of the remote system. When input -editing or character echoing is to be disabled, the remote system -will relay that information. The remote system will also relay -changes to any special characters that happen on the remote -system, so that they can take effect on the local system. -.Pp -In \*(Lqcharacter at a time\*(Rq mode, most -text typed is immediately sent to the remote host for processing. -.Pp -In \*(Lqold line by line\*(Rq mode, all text is echoed locally, -and (normally) only completed lines are sent to the remote host. -The \*(Lqlocal echo character\*(Rq (initially \*(Lq^E\*(Rq) may be used -to turn off and on the local echo -(this would mostly be used to enter passwords -without the password being echoed). -.Pp -If the -.Dv LINEMODE -option is enabled, or if the -.Ic localchars -toggle is -.Dv TRUE -(the default for \*(Lqold line by line\*(Lq; see below), -the user's -.Ic quit , -.Ic intr , -and -.Ic flush -characters are trapped locally, and sent as -.Tn TELNET -protocol sequences to the remote side. -If -.Dv LINEMODE -has ever been enabled, then the user's -.Ic susp -and -.Ic eof -are also sent as -.Tn TELNET -protocol sequences, -and -.Ic quit -is sent as a -.Dv TELNET ABORT -instead of -.Dv BREAK -There are options (see -.Ic toggle -.Ic autoflush -and -.Ic toggle -.Ic autosynch -below) -which cause this action to flush subsequent output to the terminal -(until the remote host acknowledges the -.Tn TELNET -sequence) and flush previous terminal input -(in the case of -.Ic quit -and -.Ic intr ) . -.Pp -While connected to a remote host, -.Nm telnet -command mode may be entered by typing the -.Nm telnet -\*(Lqescape character\*(Rq (initially \*(Lq^]\*(Rq). -When in command mode, the normal terminal editing conventions are available. -.Pp -The following -.Nm telnet -commands are available. -Only enough of each command to uniquely identify it need be typed -(this is also true for arguments to the -.Ic mode , -.Ic set , -.Ic toggle , -.Ic unset , -.Ic slc , -.Ic environ , -and -.Ic display -commands). -.Pp -.Bl -tag -width "mode type" -.It Ic auth Ar argument ... -The auth command manipulates the information sent through the -.Dv TELNET AUTHENTICATE -option. Valid arguments for the -auth command are as follows: -.Bl -tag -width "disable type" -.It Ic disable Ar type -Disables the specified type of authentication. To -obtain a list of available types, use the -.Ic auth disable ?\& -command. -.It Ic enable Ar type -Enables the specified type of authentication. To -obtain a list of available types, use the -.Ic auth enable ?\& -command. -.It Ic status -Lists the current status of the various types of -authentication. -.El -.It Ic close -Close a -.Tn TELNET -session and return to command mode. -.It Ic display Ar argument ... -Displays all, or some, of the -.Ic set -and -.Ic toggle -values (see below). -.It Ic encrypt Ar argument ... -The encrypt command manipulates the information sent through the -.Dv TELNET ENCRYPT -option. -.Pp -Note: Because of export controls, the -.Dv TELNET ENCRYPT -option is not supported outside of the United States and Canada. -.Pp -Valid arguments for the encrypt command are as follows: -.Bl -tag -width Ar -.It Ic disable Ar type Xo -.Op Cm input | output -.Xc -Disables the specified type of encryption. If you -omit the input and output, both input and output -are disabled. To obtain a list of available -types, use the -.Ic encrypt disable ?\& -command. -.It Ic enable Ar type Xo -.Op Cm input | output -.Xc -Enables the specified type of encryption. If you -omit input and output, both input and output are -enabled. To obtain a list of available types, use the -.Ic encrypt enable ?\& -command. -.It Ic input -This is the same as the -.Ic encrypt start input -command. -.It Ic -input -This is the same as the -.Ic encrypt stop input -command. -.It Ic output -This is the same as the -.Ic encrypt start output -command. -.It Ic -output -This is the same as the -.Ic encrypt stop output -command. -.It Ic start Op Cm input | output -Attempts to start encryption. If you omit -.Ic input -and -.Ic output , -both input and output are enabled. To -obtain a list of available types, use the -.Ic encrypt enable ?\& -command. -.It Ic status -Lists the current status of encryption. -.It Ic stop Op Cm input | output -Stops encryption. If you omit input and output, -encryption is on both input and output. -.It Ic type Ar type -Sets the default type of encryption to be used -with later -.Ic encrypt start -or -.Ic encrypt stop -commands. -.El -.It Ic environ Ar arguments ... -The -.Ic environ -command is used to manipulate the -the variables that my be sent through the -.Dv TELNET ENVIRON -option. -The initial set of variables is taken from the users -environment, with only the -.Ev DISPLAY -and -.Ev PRINTER -variables being exported by default. -The -.Ev USER -variable is also exported if the -.Fl a -or -.Fl l -options are used. -.br -Valid arguments for the -.Ic environ -command are: -.Bl -tag -width Fl -.It Ic define Ar variable value -Define the variable -.Ar variable -to have a value of -.Ar value . -Any variables defined by this command are automatically exported. -The -.Ar value -may be enclosed in single or double quotes so -that tabs and spaces may be included. -.It Ic undefine Ar variable -Remove -.Ar variable -from the list of environment variables. -.It Ic export Ar variable -Mark the variable -.Ar variable -to be exported to the remote side. -.It Ic unexport Ar variable -Mark the variable -.Ar variable -to not be exported unless -explicitly asked for by the remote side. -.It Ic list -List the current set of environment variables. -Those marked with a -.Cm * -will be sent automatically, -other variables will only be sent if explicitly requested. -.It Ic ?\& -Prints out help information for the -.Ic environ -command. -.El -.It Ic logout -Sends the -.Dv TELNET LOGOUT -option to the remote side. -This command is similar to a -.Ic close -command; however, if the remote side does not support the -.Dv LOGOUT -option, nothing happens. -If, however, the remote side does support the -.Dv LOGOUT -option, this command should cause the remote side to close the -.Tn TELNET -connection. -If the remote side also supports the concept of -suspending a user's session for later reattachment, -the logout argument indicates that you -should terminate the session immediately. -.It Ic mode Ar type -.Ar Type -is one of several options, depending on the state of the -.Tn TELNET -session. -The remote host is asked for permission to go into the requested mode. -If the remote host is capable of entering that mode, the requested -mode will be entered. -.Bl -tag -width Ar -.It Ic character -Disable the -.Dv TELNET LINEMODE -option, or, if the remote side does not understand the -.Dv LINEMODE -option, then enter \*(Lqcharacter at a time\*(Lq mode. -.It Ic line -Enable the -.Dv TELNET LINEMODE -option, or, if the remote side does not understand the -.Dv LINEMODE -option, then attempt to enter \*(Lqold-line-by-line\*(Lq mode. -.It Ic isig Pq Ic \-isig -Attempt to enable (disable) the -.Dv TRAPSIG -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic edit Pq Ic \-edit -Attempt to enable (disable) the -.Dv EDIT -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic softtabs Pq Ic \-softtabs -Attempt to enable (disable) the -.Dv SOFT_TAB -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.ne 1i -.It Ic litecho Pq Ic \-litecho -Attempt to enable (disable) the -.Dv LIT_ECHO -mode of the -.Dv LINEMODE -option. -This requires that the -.Dv LINEMODE -option be enabled. -.It Ic ?\& -Prints out help information for the -.Ic mode -command. -.El -.It Xo -.Ic open Ar host -.Op Fl l Ar user -.Op Oo Fl Oc Ns Ar port -.Xc -Open a connection to the named host. -If no port number -is specified, -.Nm telnet -will attempt to contact a -.Tn TELNET -server at the default port. -The host specification may be either a host name (see -.Xr hosts 5 ) -or an Internet address specified in the \*(Lqdot notation\*(Rq (see -.Xr inet 3 ) . -The -.Op Fl l -option may be used to specify the user name -to be passed to the remote system via the -.Ev ENVIRON -option. -When connecting to a non-standard port, -.Nm telnet -omits any automatic initiation of -.Tn TELNET -options. When the port number is preceded by a minus sign, -the initial option negotiation is done. -After establishing a connection, the file -.Pa \&.telnetrc -in the -users home directory is opened. Lines beginning with a # are -comment lines. Blank lines are ignored. Lines that begin -without white space are the start of a machine entry. The -first thing on the line is the name of the machine that is -being connected to. The rest of the line, and successive -lines that begin with white space are assumed to be -.Nm telnet -commands and are processed as if they had been typed -in manually to the -.Nm telnet -command prompt. -.It Ic quit -Close any open -.Tn TELNET -session and exit -.Nm telnet . -An end of file (in command mode) will also close a session and exit. -.It Ic send Ar arguments -Sends one or more special character sequences to the remote host. -The following are the arguments which may be specified -(more than one argument may be specified at a time): -.Pp -.Bl -tag -width escape -.It Ic abort -Sends the -.Dv TELNET ABORT -(Abort -processes) -sequence. -.It Ic ao -Sends the -.Dv TELNET AO -(Abort Output) sequence, which should cause the remote system to flush -all output -.Em from -the remote system -.Em to -the user's terminal. -.It Ic ayt -Sends the -.Dv TELNET AYT -(Are You There) -sequence, to which the remote system may or may not choose to respond. -.It Ic brk -Sends the -.Dv TELNET BRK -(Break) sequence, which may have significance to the remote -system. -.It Ic ec -Sends the -.Dv TELNET EC -(Erase Character) -sequence, which should cause the remote system to erase the last character -entered. -.It Ic el -Sends the -.Dv TELNET EL -(Erase Line) -sequence, which should cause the remote system to erase the line currently -being entered. -.It Ic eof -Sends the -.Dv TELNET EOF -(End Of File) -sequence. -.It Ic eor -Sends the -.Dv TELNET EOR -(End of Record) -sequence. -.It Ic escape -Sends the current -.Nm telnet -escape character (initially \*(Lq^\*(Rq). -.It Ic ga -Sends the -.Dv TELNET GA -(Go Ahead) -sequence, which likely has no significance to the remote system. -.It Ic getstatus -If the remote side supports the -.Dv TELNET STATUS -command, -.Ic getstatus -will send the subnegotiation to request that the server send -its current option status. -.ne 1i -.It Ic ip -Sends the -.Dv TELNET IP -(Interrupt Process) sequence, which should cause the remote -system to abort the currently running process. -.It Ic nop -Sends the -.Dv TELNET NOP -(No OPeration) -sequence. -.It Ic susp -Sends the -.Dv TELNET SUSP -(SUSPend process) -sequence. -.It Ic synch -Sends the -.Dv TELNET SYNCH -sequence. -This sequence causes the remote system to discard all previously typed -(but not yet read) input. -This sequence is sent as -.Tn TCP -urgent -data (and may not work if the remote system is a -.Bx 4.2 -system -- if -it doesn't work, a lower case \*(Lqr\*(Rq may be echoed on the terminal). -.It Ic do Ar cmd -.It Ic dont Ar cmd -.It Ic will Ar cmd -.It Ic wont Ar cmd -Sends the -.Dv TELNET DO -.Ar cmd -sequence. -.Ar Cmd -can be either a decimal number between 0 and 255, -or a symbolic name for a specific -.Dv TELNET -command. -.Ar Cmd -can also be either -.Ic help -or -.Ic ?\& -to print out help information, including -a list of known symbolic names. -.It Ic ?\& -Prints out help information for the -.Ic send -command. -.El -.It Ic set Ar argument value -.It Ic unset Ar argument value -The -.Ic set -command will set any one of a number of -.Nm telnet -variables to a specific value or to -.Dv TRUE . -The special value -.Ic off -turns off the function associated with -the variable, this is equivalent to using the -.Ic unset -command. -The -.Ic unset -command will disable or set to -.Dv FALSE -any of the specified functions. -The values of variables may be interrogated with the -.Ic display -command. -The variables which may be set or unset, but not toggled, are -listed here. In addition, any of the variables for the -.Ic toggle -command may be explicitly set or unset using -the -.Ic set -and -.Ic unset -commands. -.Bl -tag -width escape -.It Ic ayt -If -.Tn TELNET -is in localchars mode, or -.Dv LINEMODE -is enabled, and the status character is typed, a -.Dv TELNET AYT -sequence (see -.Ic send ayt -preceding) is sent to the -remote host. The initial value for the "Are You There" -character is the terminal's status character. -.It Ic echo -This is the value (initially \*(Lq^E\*(Rq) which, when in -\*(Lqline by line\*(Rq mode, toggles between doing local echoing -of entered characters (for normal processing), and suppressing -echoing of entered characters (for entering, say, a password). -.It Ic eof -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Rq mode, entering this character -as the first character on a line will cause this character to be -sent to the remote system. -The initial value of the eof character is taken to be the terminal's -.Ic eof -character. -.It Ic erase -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below), -.Sy and -if -.Nm telnet -is operating in \*(Lqcharacter at a time\*(Rq mode, then when this -character is typed, a -.Dv TELNET EC -sequence (see -.Ic send -.Ic ec -above) -is sent to the remote system. -The initial value for the erase character is taken to be -the terminal's -.Ic erase -character. -.It Ic escape -This is the -.Nm telnet -escape character (initially \*(Lq^[\*(Rq) which causes entry -into -.Nm telnet -command mode (when connected to a remote system). -.It Ic flushoutput -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic flushoutput -character is typed, a -.Dv TELNET AO -sequence (see -.Ic send -.Ic ao -above) -is sent to the remote host. -The initial value for the flush character is taken to be -the terminal's -.Ic flush -character. -.It Ic forw1 -.It Ic forw2 -If -.Tn TELNET -is operating in -.Dv LINEMODE , -these are the -characters that, when typed, cause partial lines to be -forwarded to the remote system. The initial value for -the forwarding characters are taken from the terminal's -eol and eol2 characters. -.It Ic interrupt -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic interrupt -character is typed, a -.Dv TELNET IP -sequence (see -.Ic send -.Ic ip -above) -is sent to the remote host. -The initial value for the interrupt character is taken to be -the terminal's -.Ic intr -character. -.It Ic kill -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below), -.Ic and -if -.Nm telnet -is operating in \*(Lqcharacter at a time\*(Rq mode, then when this -character is typed, a -.Dv TELNET EL -sequence (see -.Ic send -.Ic el -above) -is sent to the remote system. -The initial value for the kill character is taken to be -the terminal's -.Ic kill -character. -.It Ic lnext -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Lq mode, then this character is taken to -be the terminal's -.Ic lnext -character. -The initial value for the lnext character is taken to be -the terminal's -.Ic lnext -character. -.It Ic quit -If -.Nm telnet -is in -.Ic localchars -mode (see -.Ic toggle -.Ic localchars -below) -and the -.Ic quit -character is typed, a -.Dv TELNET BRK -sequence (see -.Ic send -.Ic brk -above) -is sent to the remote host. -The initial value for the quit character is taken to be -the terminal's -.Ic quit -character. -.It Ic reprint -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Lq mode, then this character is taken to -be the terminal's -.Ic reprint -character. -The initial value for the reprint character is taken to be -the terminal's -.Ic reprint -character. -.It Ic rlogin -This is the rlogin escape character. -If set, the normal -.Tn TELNET -escape character is ignored unless it is -preceded by this character at the beginning of a line. -This character, at the beginning of a line followed by -a "." closes the connection; when followed by a ^Z it -suspends the telnet command. The initial state is to -disable the rlogin escape character. -.It Ic start -If the -.Dv TELNET TOGGLE-FLOW-CONTROL -option has been enabled, -then this character is taken to -be the terminal's -.Ic start -character. -The initial value for the kill character is taken to be -the terminal's -.Ic start -character. -.It Ic stop -If the -.Dv TELNET TOGGLE-FLOW-CONTROL -option has been enabled, -then this character is taken to -be the terminal's -.Ic stop -character. -The initial value for the kill character is taken to be -the terminal's -.Ic stop -character. -.It Ic susp -If -.Nm telnet -is in -.Ic localchars -mode, or -.Dv LINEMODE -is enabled, and the -.Ic suspend -character is typed, a -.Dv TELNET SUSP -sequence (see -.Ic send -.Ic susp -above) -is sent to the remote host. -The initial value for the suspend character is taken to be -the terminal's -.Ic suspend -character. -.ne 1i -.It Ic tracefile -This is the file to which the output, caused by -.Ic netdata -or -.Ic option -tracing being -.Dv TRUE , -will be written. If it is set to -.Dq Fl , -then tracing information will be written to standard output (the default). -.It Ic worderase -If -.Nm telnet -is operating in -.Dv LINEMODE -or \*(Lqold line by line\*(Lq mode, then this character is taken to -be the terminal's -.Ic worderase -character. -The initial value for the worderase character is taken to be -the terminal's -.Ic worderase -character. -.It Ic ?\& -Displays the legal -.Ic set -.Pq Ic unset -commands. -.El -.It Ic slc Ar state -The -.Ic slc -command (Set Local Characters) is used to set -or change the state of the the special -characters when the -.Dv TELNET LINEMODE -option has -been enabled. Special characters are characters that get -mapped to -.Tn TELNET -commands sequences (like -.Ic ip -or -.Ic quit ) -or line editing characters (like -.Ic erase -and -.Ic kill ) . -By default, the local special characters are exported. -.Bl -tag -width Fl -.It Ic check -Verify the current settings for the current special characters. -The remote side is requested to send all the current special -character settings, and if there are any discrepancies with -the local side, the local side will switch to the remote value. -.It Ic export -Switch to the local defaults for the special characters. The -local default characters are those of the local terminal at -the time when -.Nm telnet -was started. -.It Ic import -Switch to the remote defaults for the special characters. -The remote default characters are those of the remote system -at the time when the -.Tn TELNET -connection was established. -.It Ic ?\& -Prints out help information for the -.Ic slc -command. -.El -.It Ic status -Show the current status of -.Nm telnet . -This includes the peer one is connected to, as well -as the current mode. -.It Ic toggle Ar arguments ... -Toggle (between -.Dv TRUE -and -.Dv FALSE ) -various flags that control how -.Nm telnet -responds to events. -These flags may be set explicitly to -.Dv TRUE -or -.Dv FALSE -using the -.Ic set -and -.Ic unset -commands listed above. -More than one argument may be specified. -The state of these flags may be interrogated with the -.Ic display -command. -Valid arguments are: -.Bl -tag -width Ar -.It Ic authdebug -Turns on debugging information for the authentication code. -.It Ic autoflush -If -.Ic autoflush -and -.Ic localchars -are both -.Dv TRUE , -then when the -.Ic ao , -or -.Ic quit -characters are recognized (and transformed into -.Tn TELNET -sequences; see -.Ic set -above for details), -.Nm telnet -refuses to display any data on the user's terminal -until the remote system acknowledges (via a -.Dv TELNET TIMING MARK -option) -that it has processed those -.Tn TELNET -sequences. -The initial value for this toggle is -.Dv TRUE -if the terminal user had not -done an "stty noflsh", otherwise -.Dv FALSE -(see -.Xr stty 1 ) . -.It Ic autodecrypt -When the -.Dv TELNET ENCRYPT -option is negotiated, by -default the actual encryption (decryption) of the data -stream does not start automatically. The autoencrypt -(autodecrypt) command states that encryption of the -output (input) stream should be enabled as soon as -possible. -.sp -.Pp -Note: Because of export controls, the -.Dv TELNET ENCRYPT -option is not supported outside the United States and Canada. -.It Ic autologin -If the remote side supports the -.Dv TELNET AUTHENTICATION -option -.Tn TELNET -attempts to use it to perform automatic authentication. If the -.Dv AUTHENTICATION -option is not supported, the user's login -name are propagated through the -.Dv TELNET ENVIRON -option. -This command is the same as specifying -.Ar a -option on the -.Ic open -command. -.It Ic autosynch -If -.Ic autosynch -and -.Ic localchars -are both -.Dv TRUE , -then when either the -.Ic intr -or -.Ic quit -characters is typed (see -.Ic set -above for descriptions of the -.Ic intr -and -.Ic quit -characters), the resulting -.Tn TELNET -sequence sent is followed by the -.Dv TELNET SYNCH -sequence. -This procedure -.Ic should -cause the remote system to begin throwing away all previously -typed input until both of the -.Tn TELNET -sequences have been read and acted upon. -The initial value of this toggle is -.Dv FALSE . -.It Ic binary -Enable or disable the -.Dv TELNET BINARY -option on both input and output. -.It Ic inbinary -Enable or disable the -.Dv TELNET BINARY -option on input. -.It Ic outbinary -Enable or disable the -.Dv TELNET BINARY -option on output. -.It Ic crlf -If this is -.Dv TRUE , -then carriage returns will be sent as -.Li . -If this is -.Dv FALSE , -then carriage returns will be send as -.Li . -The initial value for this toggle is -.Dv FALSE . -.It Ic crmod -Toggle carriage return mode. -When this mode is enabled, most carriage return characters received from -the remote host will be mapped into a carriage return followed by -a line feed. -This mode does not affect those characters typed by the user, only -those received from the remote host. -This mode is not very useful unless the remote host -only sends carriage return, but never line feed. -The initial value for this toggle is -.Dv FALSE . -.It Ic debug -Toggles socket level debugging (useful only to the -.Ic super user ) . -The initial value for this toggle is -.Dv FALSE . -.It Ic encdebug -Turns on debugging information for the encryption code. -.It Ic localchars -If this is -.Dv TRUE , -then the -.Ic flush , -.Ic interrupt , -.Ic quit , -.Ic erase , -and -.Ic kill -characters (see -.Ic set -above) are recognized locally, and transformed into (hopefully) appropriate -.Tn TELNET -control sequences -(respectively -.Ic ao , -.Ic ip , -.Ic brk , -.Ic ec , -and -.Ic el ; -see -.Ic send -above). -The initial value for this toggle is -.Dv TRUE -in \*(Lqold line by line\*(Rq mode, -and -.Dv FALSE -in \*(Lqcharacter at a time\*(Rq mode. -When the -.Dv LINEMODE -option is enabled, the value of -.Ic localchars -is ignored, and assumed to always be -.Dv TRUE . -If -.Dv LINEMODE -has ever been enabled, then -.Ic quit -is sent as -.Ic abort , -and -.Ic eof -and -.Ic suspend -are sent as -.Ic eof -and -.Ic susp , -see -.Ic send -above). -.It Ic netdata -Toggles the display of all network data (in hexadecimal format). -The initial value for this toggle is -.Dv FALSE . -.It Ic options -Toggles the display of some internal -.Nm telnet -protocol processing (having to do with -.Tn TELNET -options). -The initial value for this toggle is -.Dv FALSE . -.ne 1i -.It Ic prettydump -When the -.Ic netdata -toggle is enabled, if -.Ic prettydump -is enabled the output from the -.Ic netdata -command will be formatted in a more user readable format. -Spaces are put between each character in the output, and the -beginning of any -.Tn TELNET -escape sequence is preceded by a '*' to aid in locating them. -.It Ic skiprc -When the skiprc toggle is -.Dv TRUE , -.Tn TELNET -skips the reading of the -.Pa \&.telnetrc -file in the users home -directory when connections are opened. The initial -value for this toggle is -.Dv FALSE . -.It Ic termdata -Toggles the display of all terminal data (in hexadecimal format). -The initial value for this toggle is -.Dv FALSE . -.It Ic verbose_encrypt -When the -.Ic verbose_encrypt -toggle is -.Dv TRUE , -.Tn TELNET -prints out a message each time encryption is enabled or -disabled. The initial value for this toggle is -.Dv FALSE . -Note: Because of export controls, data encryption -is not supported outside of the United States and Canada. -.It Ic \&? -Displays the legal -.Ic toggle -commands. -.El -.It Ic z -Suspend -.Nm telnet . -This command only works when the user is using the -.Xr csh 1 . -.It Ic \&! Op Ar command -Execute a single command in a subshell on the local -system. If -.Ic command -is omitted, then an interactive -subshell is invoked. -.It Ic ?\& Op Ar command -Get help. With no arguments, -.Nm telnet -prints a help summary. -If a command is specified, -.Nm telnet -will print the help information for just that command. -.El -.Sh ENVIRONMENT -.Nm Telnet -uses at least the -.Ev HOME , -.Ev SHELL , -.Ev DISPLAY , -and -.Ev TERM -environment variables. -Other environment variables may be propagated -to the other side via the -.Dv TELNET ENVIRON -option. -.Sh FILES -.Bl -tag -width ~/.telnetrc -compact -.It Pa ~/.telnetrc -user customized telnet startup values -.El -.Sh HISTORY -The -.Nm Telnet -command appeared in -.Bx 4.2 . -.Sh NOTES -.Pp -On some remote systems, echo has to be turned off manually when in -\*(Lqold line by line\*(Rq mode. -.Pp -In \*(Lqold line by line\*(Rq mode or -.Dv LINEMODE -the terminal's -.Ic eof -character is only recognized (and sent to the remote system) -when it is the first character on a line. diff --git a/crypto/kerberosIV/man/telnetd.8 b/crypto/kerberosIV/man/telnetd.8 deleted file mode 100644 index 6609a4837348..000000000000 --- a/crypto/kerberosIV/man/telnetd.8 +++ /dev/null @@ -1,531 +0,0 @@ -.\" Copyright (c) 1983, 1993 -.\" The Regents of the University of California. All rights reserved. -.\" -.\" Redistribution and use in source and binary forms, with or without -.\" modification, are permitted provided that the following conditions -.\" are met: -.\" 1. Redistributions of source code must retain the above copyright -.\" notice, this list of conditions and the following disclaimer. -.\" 2. Redistributions in binary form must reproduce the above copyright -.\" notice, this list of conditions and the following disclaimer in the -.\" documentation and/or other materials provided with the distribution. -.\" 3. All advertising materials mentioning features or use of this software -.\" must display the following acknowledgement: -.\" This product includes software developed by the University of -.\" California, Berkeley and its contributors. -.\" 4. Neither the name of the University nor the names of its contributors -.\" may be used to endorse or promote products derived from this software -.\" without specific prior written permission. -.\" -.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND -.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE -.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE -.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE -.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS -.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) -.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT -.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY -.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF -.\" SUCH DAMAGE. -.\" -.\" @(#)telnetd.8 8.4 (Berkeley) 6/1/94 -.\" -.Dd June 1, 1994 -.Dt TELNETD 8 -.Os BSD 4.2 -.Sh NAME -.Nm telnetd -.Nd DARPA -.Tn TELNET -protocol server -.Sh SYNOPSIS -.Nm telnetd -.Op Fl BUhkln -.Op Fl D Ar debugmode -.Op Fl S Ar tos -.Op Fl X Ar authtype -.Op Fl a Ar authmode -.Op Fl r Ns Ar lowpty-highpty -.Op Fl u Ar len -.Op Fl debug -.Op Fl L Ar /bin/login -.Op Ar port -.Sh DESCRIPTION -The -.Nm telnetd -command is a server which supports the -.Tn DARPA -standard -.Tn TELNET -virtual terminal protocol. -.Nm Telnetd -is normally invoked by the internet server (see -.Xr inetd 8 ) -for requests to connect to the -.Tn TELNET -port as indicated by the -.Pa /etc/services -file (see -.Xr services 5 ) . -The -.Fl debug -option may be used to start up -.Nm telnetd -manually, instead of through -.Xr inetd 8 . -If started up this way, -.Ar port -may be specified to run -.Nm telnetd -on an alternate -.Tn TCP -port number. -.Pp -The -.Nm telnetd -command accepts the following options: -.Bl -tag -width "-a authmode" -.It Fl a Ar authmode -This option may be used for specifying what mode should -be used for authentication. -Note that this option is only useful if -.Nm telnetd -has been compiled with support for the -.Dv AUTHENTICATION -option. -There are several valid values for -.Ar authmode : -.Bl -tag -width debug -.It debug -Turns on authentication debugging code. -.It user -Only allow connections when the remote user -can provide valid authentication information -to identify the remote user, -and is allowed access to the specified account -without providing a password. -.It valid -Only allow connections when the remote user -can provide valid authentication information -to identify the remote user. -The -.Xr login 1 -command will provide any additional user verification -needed if the remote user is not allowed automatic -access to the specified account. -.It other -Only allow connections that supply some authentication information. -This option is currently not supported -by any of the existing authentication mechanisms, -and is thus the same as specifying -.Fl a -.Cm valid . -.It otp -Only allow authenticated connections (as with -.Fl a -.Cm user ) -and also logins with one-time passwords (OTPs). This option will call -login with an option so that only OTPs are accepted. The user can of -course still type secret information at the prompt. -.It none -This is the default state. -Authentication information is not required. -If no or insufficient authentication information -is provided, then the -.Xr login 1 -program will provide the necessary user -verification. -.It off -This disables the authentication code. -All user verification will happen through the -.Xr login 1 -program. -.El -.It Fl B -Ignored. -.It Fl D Ar debugmode -This option may be used for debugging purposes. -This allows -.Nm telnetd -to print out debugging information -to the connection, allowing the user to see what -.Nm telnetd -is doing. -There are several possible values for -.Ar debugmode : -.Bl -tag -width exercise -.It Cm options -Prints information about the negotiation of -.Tn TELNET -options. -.It Cm report -Prints the -.Cm options -information, plus some additional information -about what processing is going on. -.It Cm netdata -Displays the data stream received by -.Nm telnetd . -.It Cm ptydata -Displays data written to the pty. -.It Cm exercise -Has not been implemented yet. -.El -.It Fl h -Disables the printing of host-specific information before -login has been completed. -.It Fl k -.It Fl l -Ignored. -.It Fl n -Disable -.Dv TCP -keep-alives. Normally -.Nm telnetd -enables the -.Tn TCP -keep-alive mechanism to probe connections that -have been idle for some period of time to determine -if the client is still there, so that idle connections -from machines that have crashed or can no longer -be reached may be cleaned up. -.It Fl r Ar lowpty-highpty -This option is only enabled when -.Nm telnetd -is compiled for -.Dv UNICOS . -It specifies an inclusive range of pseudo-terminal devices to -use. If the system has sysconf variable -.Dv _SC_CRAY_NPTY -configured, the default pty search range is 0 to -.Dv _SC_CRAY_NPTY ; -otherwise, the default range is 0 to 128. Either -.Ar lowpty -or -.Ar highpty -may be omitted to allow changing -either end of the search range. If -.Ar lowpty -is omitted, the - character is still required so that -.Nm telnetd -can differentiate -.Ar highpty -from -.Ar lowpty . -.It Fl S Ar tos -.It Fl u Ar len -This option is used to specify the size of the field -in the -.Dv utmp -structure that holds the remote host name. -If the resolved host name is longer than -.Ar len , -the dotted decimal value will be used instead. -This allows hosts with very long host names that -overflow this field to still be uniquely identified. -Specifying -.Fl u0 -indicates that only dotted decimal addresses -should be put into the -.Pa utmp -file. -.ne 1i -.It Fl U -This option causes -.Nm telnetd -to refuse connections from addresses that -cannot be mapped back into a symbolic name -via the -.Xr gethostbyaddr 3 -routine. -.It Fl X Ar authtype -This option is only valid if -.Nm telnetd -has been built with support for the authentication option. -It disables the use of -.Ar authtype -authentication, and -can be used to temporarily disable -a specific authentication type without having to recompile -.Nm telnetd . -.It Fl L pathname -Specify pathname to an alternative login program. -.El -.Pp -.Nm Telnetd -operates by allocating a pseudo-terminal device (see -.Xr pty 4 ) -for a client, then creating a login process which has -the slave side of the pseudo-terminal as -.Dv stdin , -.Dv stdout -and -.Dv stderr . -.Nm Telnetd -manipulates the master side of the pseudo-terminal, -implementing the -.Tn TELNET -protocol and passing characters -between the remote client and the login process. -.Pp -When a -.Tn TELNET -session is started up, -.Nm telnetd -sends -.Tn TELNET -options to the client side indicating -a willingness to do the -following -.Tn TELNET -options, which are described in more detail below: -.Bd -literal -offset indent -DO AUTHENTICATION -WILL ENCRYPT -DO TERMINAL TYPE -DO TSPEED -DO XDISPLOC -DO NEW-ENVIRON -DO ENVIRON -WILL SUPPRESS GO AHEAD -DO ECHO -DO LINEMODE -DO NAWS -WILL STATUS -DO LFLOW -DO TIMING-MARK -.Ed -.Pp -The pseudo-terminal allocated to the client is configured -to operate in -.Dq cooked -mode, and with -.Dv XTABS and -.Dv CRMOD -enabled (see -.Xr tty 4 ) . -.Pp -.Nm Telnetd -has support for enabling locally the following -.Tn TELNET -options: -.Bl -tag -width "DO AUTHENTICATION" -.It "WILL ECHO" -When the -.Dv LINEMODE -option is enabled, a -.Dv WILL ECHO -or -.Dv WONT ECHO -will be sent to the client to indicate the -current state of terminal echoing. -When terminal echo is not desired, a -.Dv WILL ECHO -is sent to indicate that -.Tn telnetd -will take care of echoing any data that needs to be -echoed to the terminal, and then nothing is echoed. -When terminal echo is desired, a -.Dv WONT ECHO -is sent to indicate that -.Tn telnetd -will not be doing any terminal echoing, so the -client should do any terminal echoing that is needed. -.It "WILL BINARY" -Indicates that the client is willing to send a -8 bits of data, rather than the normal 7 bits -of the Network Virtual Terminal. -.It "WILL SGA" -Indicates that it will not be sending -.Dv IAC GA , -go ahead, commands. -.It "WILL STATUS" -Indicates a willingness to send the client, upon -request, of the current status of all -.Tn TELNET -options. -.It "WILL TIMING-MARK" -Whenever a -.Dv DO TIMING-MARK -command is received, it is always responded -to with a -.Dv WILL TIMING-MARK -.ne 1i -.It "WILL LOGOUT" -When a -.Dv DO LOGOUT -is received, a -.Dv WILL LOGOUT -is sent in response, and the -.Tn TELNET -session is shut down. -.It "WILL ENCRYPT" -Only sent if -.Nm telnetd -is compiled with support for data encryption, and -indicates a willingness to decrypt -the data stream. -.El -.Pp -.Nm Telnetd -has support for enabling remotely the following -.Tn TELNET -options: -.Bl -tag -width "DO AUTHENTICATION" -.It "DO BINARY" -Sent to indicate that -.Tn telnetd -is willing to receive an 8 bit data stream. -.It "DO LFLOW" -Requests that the client handle flow control -characters remotely. -.It "DO ECHO" -This is not really supported, but is sent to identify a 4.2BSD -.Xr telnet 1 -client, which will improperly respond with -.Dv WILL ECHO . -If a -.Dv WILL ECHO -is received, a -.Dv DONT ECHO -will be sent in response. -.It "DO TERMINAL-TYPE" -Indicates a desire to be able to request the -name of the type of terminal that is attached -to the client side of the connection. -.It "DO SGA" -Indicates that it does not need to receive -.Dv IAC GA , -the go ahead command. -.It "DO NAWS" -Requests that the client inform the server when -the window (display) size changes. -.It "DO TERMINAL-SPEED" -Indicates a desire to be able to request information -about the speed of the serial line to which -the client is attached. -.It "DO XDISPLOC" -Indicates a desire to be able to request the name -of the X windows display that is associated with -the telnet client. -.It "DO NEW-ENVIRON" -Indicates a desire to be able to request environment -variable information, as described in RFC 1572. -.It "DO ENVIRON" -Indicates a desire to be able to request environment -variable information, as described in RFC 1408. -.It "DO LINEMODE" -Only sent if -.Nm telnetd -is compiled with support for linemode, and -requests that the client do line by line processing. -.It "DO TIMING-MARK" -Only sent if -.Nm telnetd -is compiled with support for both linemode and -kludge linemode, and the client responded with -.Dv WONT LINEMODE . -If the client responds with -.Dv WILL TM , -the it is assumed that the client supports -kludge linemode. -Note that the -.Op Fl k -option can be used to disable this. -.It "DO AUTHENTICATION" -Only sent if -.Nm telnetd -is compiled with support for authentication, and -indicates a willingness to receive authentication -information for automatic login. -.It "DO ENCRYPT" -Only sent if -.Nm telnetd -is compiled with support for data encryption, and -indicates a willingness to decrypt -the data stream. -.El -.Sh ENVIRONMENT -.Sh FILES -.Pa /etc/services -.br -.Pa /etc/inittab -(UNICOS systems only) -.br -.Pa /etc/iptos -(if supported) -.br -.Sh "SEE ALSO" -.Xr telnet 1 , -.Xr login 1 -.Sh STANDARDS -.Bl -tag -compact -width RFC-1572 -.It Cm RFC-854 -.Tn TELNET -PROTOCOL SPECIFICATION -.It Cm RFC-855 -TELNET OPTION SPECIFICATIONS -.It Cm RFC-856 -TELNET BINARY TRANSMISSION -.It Cm RFC-857 -TELNET ECHO OPTION -.It Cm RFC-858 -TELNET SUPPRESS GO AHEAD OPTION -.It Cm RFC-859 -TELNET STATUS OPTION -.It Cm RFC-860 -TELNET TIMING MARK OPTION -.It Cm RFC-861 -TELNET EXTENDED OPTIONS - LIST OPTION -.It Cm RFC-885 -TELNET END OF RECORD OPTION -.It Cm RFC-1073 -Telnet Window Size Option -.It Cm RFC-1079 -Telnet Terminal Speed Option -.It Cm RFC-1091 -Telnet Terminal-Type Option -.It Cm RFC-1096 -Telnet X Display Location Option -.It Cm RFC-1123 -Requirements for Internet Hosts -- Application and Support -.It Cm RFC-1184 -Telnet Linemode Option -.It Cm RFC-1372 -Telnet Remote Flow Control Option -.It Cm RFC-1416 -Telnet Authentication Option -.It Cm RFC-1411 -Telnet Authentication: Kerberos Version 4 -.It Cm RFC-1412 -Telnet Authentication: SPX -.It Cm RFC-1571 -Telnet Environment Option Interoperability Issues -.It Cm RFC-1572 -Telnet Environment Option -.El -.Sh BUGS -Some -.Tn TELNET -commands are only partially implemented. -.Pp -Because of bugs in the original 4.2 BSD -.Xr telnet 1 , -.Nm telnetd -performs some dubious protocol exchanges to try to discover if the remote -client is, in fact, a 4.2 BSD -.Xr telnet 1 . -.Pp -Binary mode -has no common interpretation except between similar operating systems -(Unix in this case). -.Pp -The terminal type name received from the remote client is converted to -lower case. -.Pp -.Nm Telnetd -never sends -.Tn TELNET -.Dv IAC GA -(go ahead) commands. diff --git a/crypto/kerberosIV/man/tf_util.3 b/crypto/kerberosIV/man/tf_util.3 deleted file mode 100644 index 3f98321d491c..000000000000 --- a/crypto/kerberosIV/man/tf_util.3 +++ /dev/null @@ -1,150 +0,0 @@ -.\" $Id: tf_util.3,v 1.2 1996/06/12 21:29:29 bg Exp $ -.\" Copyright 1989 by the Massachusetts Institute of Technology. -.\" -.\" For copying and distribution information, -.\" please see the file . -.\" -.TH TF_UTIL 3 "Kerberos Version 4.0" "MIT Project Athena" -.SH NAME -tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close \ -\- Routines for manipulating a Kerberos ticket file -.SH SYNOPSIS -.nf -.nj -.ft B -#include -.PP -.ft B -extern char *krb_err_txt[]; -.PP -.ft B -tf_init(tf_name, rw) -char *tf_name; -int rw; -.PP -.ft B -tf_get_pname(pname) -char *pname; -.PP -.ft B -tf_get_pinst(pinst) -char *pinst; -.PP -.ft B -tf_get_cred(c) -CREDENTIALS *c; -.PP -.ft B -tf_close() -.PP -.fi -.SH DESCRIPTION -This group of routines are provided to manipulate the Kerberos tickets -file. A ticket file has the following format: -.nf -.in +4 -.sp -principal's name (null-terminated string) -principal's instance (null-terminated string) -CREDENTIAL_1 -CREDENTIAL_2 - ... -CREDENTIAL_n -EOF -.sp -.in -4 -.LP -Where "CREDENTIAL_x" consists of the following fixed-length -fields from the CREDENTIALS structure (defined in ): -.nf -.sp -.in +4 - char service[ANAME_SZ] - char instance[INST_SZ] - char realm[REALM_SZ] - des_cblock session - int lifetime - int kvno - KTEXT_ST ticket_st - long issue_date -.in -4 -.sp -.fi -.PP -.I tf_init -must be called before the other ticket file -routines. -It takes the name of the ticket file to use, -and a read/write flag as arguments. -It tries to open the ticket file, checks the mode and if -everything is okay, locks the file. If it's opened for -reading, the lock is shared. If it's opened for writing, -the lock is exclusive. -KSUCCESS is returned if all went well, otherwise one of the -following: -.nf -.sp -NO_TKT_FIL - file wasn't there -TKT_FIL_ACC - file was in wrong mode, etc. -TKT_FIL_LCK - couldn't lock the file, even after a retry -.sp -.fi -.PP -The -.I tf_get_pname -reads the principal's name from a ticket file. -It should only be called after tf_init has been called. The -principal's name is filled into the -.I pname -parameter. If all goes -well, KSUCCESS is returned. -If tf_init wasn't called, TKT_FIL_INI -is returned. -If the principal's name was null, or EOF was encountered, or the -name was longer than ANAME_SZ, TKT_FIL_FMT is returned. -.PP -The -.I tf_get_pinst -reads the principal's instance from a ticket file. -It should only be called after tf_init and tf_get_pname -have been called. -The principal's instance is filled into the -.I pinst -parameter. -If all goes -well, KSUCCESS is returned. -If tf_init wasn't called, TKT_FIL_INI -is returned. -If EOF was encountered, or the -name was longer than INST_SZ, TKT_FIL_FMT is returned. -Note that, unlike the principal name, the instance name may be null. -.PP -The -.I tf_get_cred -routine reads a CREDENTIALS record from a ticket file and -fills in the given structure. -It should only be called after -tf_init, tf_get_pname, and tf_get_pinst have been called. -If all goes well, KSUCCESS is returned. Possible error codes -are: -.nf -.sp -TKT_FIL_INI - tf_init wasn't called first -TKT_FIL_FMT - bad format -EOF - end of file encountered -.sp -.fi -.PP -.I tf_close -closes the ticket file and releases the lock on it. -.SH "SEE ALSO" -krb(3) -.SH DIAGNOSTICS -.SH BUGS -The ticket file routines have to be called in a certain order. -.SH AUTHORS -Jennifer Steiner, MIT Project Athena -.br -Bill Bryant, MIT Project Athena -.SH RESTRICTIONS -Copyright 1987 Massachusetts Institute of Technology diff --git a/crypto/kerberosIV/mkinstalldirs b/crypto/kerberosIV/mkinstalldirs deleted file mode 100644 index 1c13a50fadb2..000000000000 --- a/crypto/kerberosIV/mkinstalldirs +++ /dev/null @@ -1,40 +0,0 @@ -#! /bin/sh -# mkinstalldirs --- make directory hierarchy -# Author: Noah Friedman -# Created: 1993-05-16 -# Public domain - -# $Id: mkinstalldirs,v 1.1 1996/06/27 01:12:51 joda Exp $ - -errstatus=0 - -for file -do - set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` - shift - - pathcomp= - for d - do - pathcomp="$pathcomp$d" - case "$pathcomp" in - -* ) pathcomp=./$pathcomp ;; - esac - - if test ! -d "$pathcomp"; then - echo "mkdir $pathcomp" 1>&2 - - mkdir "$pathcomp" || lasterr=$? - - if test ! -d "$pathcomp"; then - errstatus=$lasterr - fi - fi - - pathcomp="$pathcomp/" - done -done - -exit $errstatus - -# mkinstalldirs ends here diff --git a/crypto/kerberosIV/server/Makefile.in b/crypto/kerberosIV/server/Makefile.in deleted file mode 100644 index 42bfaff68c02..000000000000 --- a/crypto/kerberosIV/server/Makefile.in +++ /dev/null @@ -1,77 +0,0 @@ -# $Id: Makefile.in,v 1.30 1999/03/10 19:01:17 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ - -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -LIBS = @LIBS@ -LIB_DBM = @LIB_DBM@ - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROGS = kerberos$(EXECSUFFIX) - -SOURCES = kerberos.c - -OBJECTS = kerberos.o - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../include -I$(srcdir) $(CPPFLAGS) $(CFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -kerberos$(EXECSUFFIX): kerberos.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kerberos.o -L../lib/kdb -lkdb -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/roken -lroken $(LIB_DBM) $(LIBS) -lroken - -$(OBJECTS): ../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/server/kerberos.c b/crypto/kerberosIV/server/kerberos.c deleted file mode 100644 index f4ffbc1dd58a..000000000000 --- a/crypto/kerberosIV/server/kerberos.c +++ /dev/null @@ -1,1089 +0,0 @@ -/* - * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute - * of Technology. - * - * For copying and distribution information, please see the file - * . - */ -/* $FreeBSD$ */ - -#include "config.h" -#include "protos.h" - -RCSID("$Id: kerberos.c,v 1.87.2.3 2000/10/18 20:24:13 assar Exp $"); - -/* - * If support for really large numbers of network interfaces is - * desired, define FD_SETSIZE to some suitable value. - */ -#define FD_SETSIZE (4*1024) - -#include -#include -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif - -#ifdef TIME_WITH_SYS_TIME -#include -#include -#elif defined(HAVE_SYS_TIME_H) -#include -#else -#include -#endif - -#ifdef HAVE_SYS_SELECT_H -#include -#endif - -#include -#ifdef HAVE_UNISTD_H -#include -#endif - -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif - -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40 -#include -#endif -#ifdef HAVE_SYS_FILIO_H -#include -#endif /* HAVE_SYS_FILIO_H */ - -#ifdef HAVE_NETDB_H -#include -#endif -#include - -#ifdef SOCKS -#include -#endif - -#include -#include - -#define OPENSSL_DES_LIBDES_COMPATIBILITY -#include -#include -#include -#include -#include - -#include - -#include - -static des_key_schedule master_key_schedule; -static des_cblock master_key; - -static struct timeval kerb_time; -static u_char master_key_version; -static char *lt; -static int more; - -static int mflag; /* Are we invoked manually? */ -static char *log_file = KRBLOG; /* name of alt. log file */ -static int nflag; /* don't check max age */ -static int rflag; /* alternate realm specified */ - -/* fields within the received request packet */ -static char *req_name_ptr; -static char *req_inst_ptr; -static char *req_realm_ptr; -static u_int32_t req_time_ws; - -static char local_realm[REALM_SZ]; - -/* options */ -static int max_age = -1; -static int pause_int = -1; - -/* - * Print usage message and exit. - */ -static void -usage(void) -{ - fprintf(stderr, "Usage: %s [-s] [-m] [-n] [-p pause_seconds]" - " [-a max_age] [-l log_file] [-i address_to_listen_on]" - " [-r realm] [database_pathname]\n", - __progname); - exit(1); -} - -/* - * kerb_err_reply creates an error reply packet and sends it to the - * client. - */ - -static void -kerb_err_reply(int f, struct sockaddr_in *client, int err, char *string) -{ - static KTEXT_ST e_pkt_st; - KTEXT e_pkt = &e_pkt_st; - static char e_msg[128]; - - snprintf (e_msg, sizeof(e_msg), - "\nKerberos error -- %s", string); - cr_err_reply(e_pkt, req_name_ptr, req_inst_ptr, req_realm_ptr, - req_time_ws, err, e_msg); - sendto(f, (char*)e_pkt->dat, e_pkt->length, 0, (struct sockaddr *)client, - sizeof(*client)); -} - -static void -hang(void) -{ - if (pause_int == -1) { - klog(L_KRB_PERR, "Kerberos will pause so as not to loop init"); - for (;;) - pause(); - } else { - char buf[256]; - snprintf(buf, sizeof(buf), - "Kerberos will wait %d seconds before dying so as not to loop init", - pause_int); - klog(L_KRB_PERR, buf); - sleep(pause_int); - klog(L_KRB_PERR, "Do svedania....\n"); - exit(1); - } -} - -static int -check_princ(char *p_name, char *instance, unsigned int lifetime, Principal *p) -{ - static int n; - static int more; - - n = kerb_get_principal(p_name, instance, p, 1, &more); - - if (n < 0) { - lt = klog(L_KRB_PERR, "Database unavailable!"); - hang(); - } - - /* - * if more than one p_name, pick one, randomly create a session key, - * compute maximum lifetime, lookup authorizations if applicable, - * and stuff into cipher. - */ - if (n == 0) { - /* service unknown, log error, skip to next request */ - lt = klog(L_ERR_UNK, "UNKNOWN %s.%s", p_name, instance); - return KERB_ERR_PRINCIPAL_UNKNOWN; - } - if (more) { - /* not unique, log error */ - lt = klog(L_ERR_NUN, "Principal not unique %s.%s", p_name, instance); - return KERB_ERR_PRINCIPAL_NOT_UNIQUE; - } - /* If the user's key is null, we want to return an error */ - if ((p->key_low == 0) && (p->key_high == 0)) { - /* User has a null key */ - lt = klog(L_ERR_NKY, "Null key %s.%s", p_name, instance); - return KERB_ERR_NULL_KEY; - } - if (master_key_version != p->kdc_key_ver) { - /* log error reply */ - lt = klog(L_ERR_MKV, - "Incorrect master key version for %s.%s: %d (should be %d)", - p->name, p->instance, p->kdc_key_ver, master_key_version); - return KERB_ERR_NAME_MAST_KEY_VER; - } - /* make sure the service hasn't expired */ - if ((u_int32_t) p->exp_date < (u_int32_t) kerb_time.tv_sec) { - /* service did expire, log it */ - time_t t = p->exp_date; - lt = klog(L_ERR_SEXP, - "Principal %s.%s expired at %s", p->name, p->instance, - krb_stime(&t)); - return KERB_ERR_NAME_EXP; - } - /* ok is zero */ - return 0; -} - -static void -unseal(des_cblock *key) -{ - kdb_encrypt_key(key, key, &master_key, master_key_schedule, DES_DECRYPT); -} - - -/* Set the key for krb_rd_req so we can check tgt */ -static int -set_tgtkey(char *r) - /* Realm for desired key */ -{ - int n; - static char lastrealm[REALM_SZ]; - Principal p_st; - Principal *p = &p_st; - des_cblock key; - - if (!strcmp(lastrealm, r)) - return (KSUCCESS); - - klog(L_ALL_REQ, "Getting key for %s", r); - - n = kerb_get_principal(KRB_TICKET_GRANTING_TICKET, r, p, 1, &more); - if (n == 0) - return (KFAILURE); - - /* unseal tgt key from master key */ - copy_to_key(&p->key_low, &p->key_high, key); - unseal(&key); - krb_set_key(key, 0); - strlcpy (lastrealm, r, REALM_SZ); - return (KSUCCESS); -} - - -static int -kerberos(unsigned char *buf, int len, - char *proto, struct sockaddr_in *client, - struct sockaddr_in *server, - KTEXT rpkt) -{ - int pvno; - int msg_type; - int lsb; - int life; - int flags = 0; - char name[ANAME_SZ], inst[INST_SZ], realm[REALM_SZ]; - char service[SNAME_SZ], sinst[INST_SZ]; - u_int32_t req_time; - static KTEXT_ST ticket, cipher, adat; - KTEXT tk = &ticket, ciph = &cipher, auth = &adat; - AUTH_DAT ad; - des_cblock session, key; - int err; - Principal a_name, s_name; - - char *msg; - - - unsigned char *p = buf; - if(len < 2){ - strlcpy((char*)rpkt->dat, - "Packet too short", - sizeof(rpkt->dat)); - return KFAILURE; - } - - gettimeofday(&kerb_time, NULL); - - pvno = *p++; - if(pvno != KRB_PROT_VERSION){ - msg = klog(L_KRB_PERR, "KRB protocol version mismatch (%d)", pvno); - strlcpy((char*)rpkt->dat, - msg, - sizeof(rpkt->dat)); - return KERB_ERR_PKT_VER; - } - msg_type = *p++; - lsb = msg_type & 1; - msg_type &= ~1; - switch(msg_type){ - case AUTH_MSG_KDC_REQUEST: - /* XXX range check */ - p += krb_get_nir(p, name, sizeof(name), - inst, sizeof(inst), - realm, sizeof(realm)); - p += krb_get_int(p, &req_time, 4, lsb); - life = *p++; - p += krb_get_nir(p, service, sizeof(service), - sinst, sizeof(sinst), NULL, 0); - klog(L_INI_REQ, - "AS REQ %s.%s@%s for %s.%s from %s (%s/%u)", - name, inst, realm, service, sinst, - inet_ntoa(client->sin_addr), - proto, ntohs(server->sin_port)); - if((err = check_princ(name, inst, 0, &a_name))){ - strlcpy((char*)rpkt->dat, - krb_get_err_text(err), - sizeof(rpkt->dat)); - return err; - } - tk->length = 0; - if((err = check_princ(service, sinst, 0, &s_name))){ - strlcpy((char*)rpkt->dat, - krb_get_err_text(err), - sizeof(rpkt->dat)); - return err; - } - life = min(life, s_name.max_life); - life = min(life, a_name.max_life); - - des_random_key(session); - copy_to_key(&s_name.key_low, &s_name.key_high, key); - unseal(&key); - krb_create_ticket(tk, flags, a_name.name, a_name.instance, - local_realm, client->sin_addr.s_addr, - session, - life, kerb_time.tv_sec, - s_name.name, s_name.instance, &key); - copy_to_key(&a_name.key_low, &a_name.key_high, key); - unseal(&key); - create_ciph(ciph, session, s_name.name, s_name.instance, - local_realm, life, s_name.key_version, tk, - kerb_time.tv_sec, &key); - memset(&session, 0, sizeof(session)); - memset(&key, 0, sizeof(key)); - { - KTEXT r; - r = create_auth_reply(name, inst, realm, req_time, 0, - a_name.exp_date, a_name.key_version, ciph); - memcpy(rpkt, r, sizeof(*rpkt)); - } - return 0; - case AUTH_MSG_APPL_REQUEST: - strlcpy(realm, (char*)buf + 3, REALM_SZ); - if((err = set_tgtkey(realm))){ - msg = klog(L_ERR_UNK, - "Unknown realm %s from %s (%s/%u)", - realm, inet_ntoa(client->sin_addr), - proto, ntohs(server->sin_port)); - strlcpy((char*)rpkt->dat, - msg, - sizeof(rpkt->dat)); - return err; - } - p = buf + strlen(realm) + 4; - p = p + p[0] + p[1] + 2; - auth->length = p - buf; - memcpy(auth->dat, buf, auth->length); - err = krb_rd_req(auth, KRB_TICKET_GRANTING_TICKET, - realm, client->sin_addr.s_addr, &ad, 0); - if(err){ - msg = klog(L_ERR_UNK, - "krb_rd_req from %s (%s/%u): %s", - inet_ntoa(client->sin_addr), - proto, - ntohs(server->sin_port), - krb_get_err_text(err)); - strlcpy((char*)rpkt->dat, - msg, - sizeof(rpkt->dat)); - return err; - } - p += krb_get_int(p, &req_time, 4, lsb); - life = *p++; - p += krb_get_nir(p, service, sizeof(service), - sinst, sizeof(sinst), NULL, 0); - klog(L_APPL_REQ, - "APPL REQ %s.%s@%s for %s.%s from %s (%s/%u)", - ad.pname, ad.pinst, ad.prealm, - service, sinst, - inet_ntoa(client->sin_addr), - proto, - ntohs(server->sin_port)); - - if(strcmp(ad.prealm, realm)){ - msg = klog(L_ERR_UNK, "Can't hop realms: %s -> %s", - realm, ad.prealm); - strlcpy((char*)rpkt->dat, - msg, - sizeof(rpkt->dat)); - return KERB_ERR_PRINCIPAL_UNKNOWN; - } - - if(!strcmp(service, "changepw")){ - strlcpy((char*)rpkt->dat, - "Can't authorize password changed based on TGT", - sizeof(rpkt->dat)); - return KERB_ERR_PRINCIPAL_UNKNOWN; - } - - err = check_princ(service, sinst, life, &s_name); - if(err){ - strlcpy((char*)rpkt->dat, - krb_get_err_text(err), - sizeof(rpkt->dat)); - return err; - } - life = min(life, - krb_time_to_life(kerb_time.tv_sec, - krb_life_to_time(ad.time_sec, - ad.life))); - life = min(life, s_name.max_life); - copy_to_key(&s_name.key_low, &s_name.key_high, key); - unseal(&key); - des_random_key(session); - krb_create_ticket(tk, flags, ad.pname, ad.pinst, ad.prealm, - client->sin_addr.s_addr, &session, - life, kerb_time.tv_sec, - s_name.name, s_name.instance, - &key); - - memset(&key, 0, sizeof(key)); - - create_ciph(ciph, session, service, sinst, local_realm, - life, s_name.key_version, tk, - kerb_time.tv_sec, &ad.session); - - memset(&session, 0, sizeof(session)); - memset(ad.session, 0, sizeof(ad.session)); - { - KTEXT r; - r =create_auth_reply(ad.pname, ad.pinst, ad.prealm, - req_time, 0, 0, 0, ciph); - memcpy(rpkt, r, sizeof(*rpkt)); - } - memset(&s_name, 0, sizeof(s_name)); - return 0; - - case AUTH_MSG_ERR_REPLY: - return -1; - default: - msg = klog(L_KRB_PERR, - "Unknown message type: %d from %s (%s/%u)", - msg_type, - inet_ntoa(client->sin_addr), - proto, - ntohs(server->sin_port)); - strlcpy((char*)rpkt->dat, - msg, - sizeof(rpkt->dat)); - return KFAILURE; - } -} - - -static void -kerberos_wrap(int s, KTEXT data, char *proto, struct sockaddr_in *client, - struct sockaddr_in *server) -{ - KTEXT_ST pkt; - int http_flag = strcmp(proto, "http") == 0; - int err = kerberos(data->dat, data->length, proto, client, server, &pkt); - if(err == -1) - return; - if(http_flag){ - const char *msg = - "HTTP/1.1 200 OK\r\n" - "Server: KTH-KRB/1\r\n" - "Content-type: application/octet-stream\r\n" - "Content-transfer-encoding: binary\r\n\r\n"; - sendto(s, msg, strlen(msg), 0, (struct sockaddr *)client, - sizeof(*client)); - } - if(err){ - kerb_err_reply(s, client, err, (char*)pkt.dat); - return; - } - sendto(s, pkt.dat, pkt.length, 0, (struct sockaddr *)client, - sizeof(*client)); -} - - -/* - * setup_disc - * - * disconnect all descriptors, remove ourself from the process - * group that spawned us. - */ - -static void -setup_disc(void) -{ - int s; - - for (s = 0; s < 3; s++) { - close(s); - } - - open("/dev/null", 0); - dup2(0, 1); - dup2(0, 2); - - setsid(); - - chdir("/tmp"); - return; -} - -/* - * Make sure that database isn't stale. - * - * Exit if it is; we don't want to tell lies. - */ - -static void -check_db_age(void) -{ - long age; - - if (max_age != -1) { - /* Requires existance of kerb_get_db_age() */ - gettimeofday(&kerb_time, 0); - age = kerb_get_db_age(); - if (age == 0) { - klog(L_KRB_PERR, "Database currently being updated!"); - hang(); - } - if ((age + max_age) < kerb_time.tv_sec) { - klog(L_KRB_PERR, "Database out of date!"); - hang(); - /* NOTREACHED */ - } - } -} - -struct descr{ - int s; - KTEXT_ST buf; - int type; - int timeout; - struct sockaddr_in addr; -}; - -static void -mksocket(struct descr *d, struct in_addr addr, int type, - const char *service, int port) -{ - int on = 1; - int sock; - - memset(d, 0, sizeof(struct descr)); - if ((sock = socket(AF_INET, type, 0)) < 0) - err (1, "socket"); - if (sock >= FD_SETSIZE) { - errno = EMFILE; - errx(1, "Aborting: too many descriptors"); - } -#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT) - if (setsockopt(sock, SOL_SOCKET, SO_REUSEADDR, (void *)&on, - sizeof(on)) < 0) - warn ("setsockopt (SO_REUSEADDR)"); -#endif - memset(&d->addr, 0, sizeof(d->addr)); - d->addr.sin_family = AF_INET; - d->addr.sin_port = port; - d->addr.sin_addr = addr; - if (bind(sock, (struct sockaddr *)&d->addr, sizeof(d->addr)) < 0) - err (1, "bind '%s/%s' (%d)", - service, (type == SOCK_DGRAM) ? "udp" : "tcp", - ntohs(d->addr.sin_port)); - - if(type == SOCK_STREAM) - listen(sock, SOMAXCONN); - d->s = sock; - d->type = type; -} - - -static void loop(struct descr *fds, int maxfd); - -struct port_spec { - int port; - int type; -}; - -static int -add_port(struct port_spec **ports, int *num_ports, int port, int type) -{ - struct port_spec *tmp; - tmp = realloc(*ports, (*num_ports + 1) * sizeof(*tmp)); - if(tmp == NULL) - return ENOMEM; - *ports = tmp; - tmp[*num_ports].port = port; - tmp[*num_ports].type = type; - (*num_ports)++; - return 0; -} - -static void -make_sockets(const char *port_spec, struct in_addr *i_addr, - struct descr **fds, int *nfds) -{ - int tp; - struct in_addr *a; - char *p, *q, *pos = NULL; - struct servent *sp; - struct port_spec *ports = NULL; - int num_ports = 0; - int i, j; - char *port_spec_copy = strdup (port_spec); - - if (port_spec_copy == NULL) - err (1, "strdup"); - - for(p = strtok_r(port_spec_copy, ", \t", &pos); - p; - p = strtok_r(NULL, ", \t", &pos)){ - if(strcmp(p, "+") == 0){ - add_port(&ports, &num_ports, 88, SOCK_DGRAM); - add_port(&ports, &num_ports, 88, SOCK_STREAM); - add_port(&ports, &num_ports, 750, SOCK_DGRAM); - add_port(&ports, &num_ports, 750, SOCK_STREAM); - }else{ - q = strchr(p, '/'); - if(q){ - *q = 0; - q++; - } - sp = getservbyname(p, q); - if(sp) - tp = ntohs(sp->s_port); - else if(sscanf(p, "%d", &tp) != 1) { - warnx("Unknown port: %s%s%s", p, q ? "/" : "", q ? q : ""); - continue; - } - if(q){ - if(strcasecmp(q, "tcp") == 0) - add_port(&ports, &num_ports, tp, SOCK_STREAM); - else if(strcasecmp(q, "udp") == 0) - add_port(&ports, &num_ports, tp, SOCK_DGRAM); - else - warnx("Unknown protocol type: %s", q); - }else{ - add_port(&ports, &num_ports, tp, SOCK_DGRAM); - add_port(&ports, &num_ports, tp, SOCK_STREAM); - } - } - } - free (port_spec_copy); - - if(num_ports == 0) - errx(1, "No valid ports specified!"); - - if (i_addr) { - *nfds = 1; - a = malloc(sizeof(*a) * *nfds); - if (a == NULL) - errx (1, "Failed to allocate %lu bytes", - (unsigned long)(sizeof(*a) * *nfds)); - memcpy(a, i_addr, sizeof(struct in_addr)); - } else - *nfds = k_get_all_addrs (&a); - if (*nfds < 0) { - struct in_addr any; - - any.s_addr = INADDR_ANY; - - warnx ("Could not get local addresses, binding to INADDR_ANY"); - *nfds = 1; - a = malloc(sizeof(*a) * *nfds); - if (a == NULL) - errx (1, "Failed to allocate %lu bytes", - (unsigned long)(sizeof(*a) * *nfds)); - memcpy(a, &any, sizeof(struct in_addr)); - } - *fds = malloc(*nfds * num_ports * sizeof(**fds)); - if (*fds == NULL) - errx (1, "Failed to allocate %lu bytes", - (unsigned long)(*nfds * num_ports * sizeof(**fds))); - for (i = 0; i < *nfds; i++) { - for(j = 0; j < num_ports; j++) { - mksocket(*fds + num_ports * i + j, a[i], - ports[j].type, "", htons(ports[j].port)); - } - } - *nfds *= num_ports; - free(ports); - free (a); -} - - -int -main(int argc, char **argv) -{ - int child; - int c; - struct descr *fds; - int nfds; - int n; - int kerror; - int i_flag = 0; - struct in_addr i_addr; - char *port_spec = "+"; - - umask(077); /* Create protected files */ - - set_progname (argv[0]); - - while ((c = getopt(argc, argv, "snmp:P:a:l:r:i:")) != -1) { - switch(c) { - case 's': - /* - * Set parameters to slave server defaults. - */ - if (max_age == -1 && !nflag) - max_age = THREE_DAYS; /* Survive weekend */ - if (pause_int == -1) - pause_int = FIVE_MINUTES; /* 5 minutes */ - break; - case 'n': - max_age = -1; /* don't check max age. */ - nflag++; - break; - case 'm': - mflag++; /* running manually; prompt for master key */ - break; - case 'p': { - /* Set pause interval. */ - char *tmp; - - pause_int = strtol (optarg, &tmp, 0); - if (pause_int == 0 && tmp == optarg) { - fprintf(stderr, "pause_int `%s' not a number\n", optarg); - usage (); - } - - if ((pause_int < 5) || (pause_int > ONE_HOUR)) { - fprintf(stderr, "pause_int must be between 5 and 3600 seconds.\n"); - usage(); - } - break; - } - case 'P': - port_spec = optarg; - break; - case 'a': { - /* Set max age. */ - char *tmp; - - max_age = strtol (optarg, &tmp, 0); - if (max_age == 0 && tmp == optarg) { - fprintf (stderr, "max_age `%s' not a number\n", optarg); - usage (); - } - if ((max_age < ONE_HOUR) || (max_age > THREE_DAYS)) { - fprintf(stderr, "max_age must be between one hour and " - "three days, in seconds\n"); - usage(); - } - break; - } - case 'l': - /* Set alternate log file */ - log_file = optarg; - break; - case 'r': - /* Set realm name */ - rflag++; - strlcpy(local_realm, optarg, sizeof(local_realm)); - break; - case 'i': - /* Only listen on this address */ - if(inet_aton (optarg, &i_addr) == 0) { - fprintf (stderr, "Bad address: %s\n", optarg); - exit (1); - } - ++i_flag; - break; - default: - usage(); - break; - } - } - - if (optind == (argc-1)) { - if (kerb_db_set_name(argv[optind]) != 0) { - fprintf(stderr, "Could not set alternate database name\n"); - exit(1); - } - optind++; - } - - if (optind != argc) - usage(); - - printf("Kerberos server starting\n"); - - if ((!nflag) && (max_age != -1)) - printf("\tMaximum database age: %d seconds\n", max_age); - if (pause_int != -1) - printf("\tSleep for %d seconds on error\n", pause_int); - else - printf("\tSleep forever on error\n"); - if (mflag) - printf("\tMaster key will be entered manually\n"); - - printf("\tLog file is %s\n", log_file); - - kset_logfile(log_file); - - make_sockets(port_spec, i_flag ? &i_addr : NULL, &fds, &nfds); - - /* do all the database and cache inits */ - if ((n = kerb_init())) { - if (mflag) { - printf("Kerberos db and cache init "); - printf("failed = %d ...exiting\n", n); - exit (1); - } else { - klog(L_KRB_PERR, - "Kerberos db and cache init failed = %d ...exiting", n); - hang(); - } - } - - /* Make sure database isn't stale */ - check_db_age(); - - /* setup master key */ - if (kdb_get_master_key (mflag, &master_key, master_key_schedule) != 0) { - klog (L_KRB_PERR, "kerberos: couldn't get master key."); - exit (1); - } - kerror = kdb_verify_master_key (&master_key, master_key_schedule, stdout); - if (kerror < 0) { - klog (L_KRB_PERR, "Can't verify master key."); - memset(master_key, 0, sizeof (master_key)); - memset (master_key_schedule, 0, sizeof (master_key_schedule)); - exit (1); - } - - master_key_version = (u_char) kerror; - - fprintf(stdout, "\nCurrent Kerberos master key version is %d\n", - master_key_version); - - if (!rflag) { - /* Look up our local realm */ - krb_get_lrealm(local_realm, 1); - } - fprintf(stdout, "Local realm: %s\n", local_realm); - fflush(stdout); - - if (set_tgtkey(local_realm)) { - /* Ticket granting service unknown */ - klog(L_KRB_PERR, "Ticket granting ticket service unknown"); - fprintf(stderr, "Ticket granting ticket service unknown\n"); - exit(1); - } - if (mflag) { - if ((child = fork()) != 0) { - printf("Kerberos started, PID=%d\n", child); - exit(0); - } - setup_disc(); - } - - klog(L_ALL_REQ, "Starting Kerberos for %s (kvno %d)", - local_realm, master_key_version); - - /* receive loop */ - loop(fds, nfds); - exit(1); -} - - -static void -read_socket(struct descr *n) -{ - int b; - struct sockaddr_in from; - int fromlen = sizeof(from); - b = recvfrom(n->s, n->buf.dat + n->buf.length, - MAX_PKT_LEN - n->buf.length, 0, - (struct sockaddr *)&from, &fromlen); - if(b < 0){ - if(n->type == SOCK_STREAM){ - close(n->s); - n->s = -1; - } - n->buf.length = 0; - return; - } - n->buf.length += b; - if(n->type == SOCK_STREAM){ - char *proto = "tcp"; - if(n->buf.length > 4 && - strncmp((char *)n->buf.dat, "GET ", 4) == 0 && - strncmp((char *)n->buf.dat + n->buf.length - 4, - "\r\n\r\n", 4) == 0){ - char *p; - char *save = NULL; - - n->buf.dat[n->buf.length - 1] = 0; - strtok_r((char *)n->buf.dat, " \t\r\n", &save); - p = strtok_r(NULL, " \t\r\n", &save); - if(p == NULL) - p = ""; - if(*p == '/') p++; - n->buf.length = base64_decode(p, n->buf.dat); - if(n->buf.length <= 0){ - const char *msg = - "HTTP/1.1 404 Not found\r\n" - "Server: KTH-KRB/1\r\n" - "Content-type: text/html\r\n" - "Content-transfer-encoding: 8bit\r\n\r\n" - "404 Not found\r\n" - "

404 Not found

\r\n" - "That page does not exist. Information about " - "KTH-KRB " - "is available elsewhere.\r\n"; - fromlen = sizeof(from); - if(getpeername(n->s,(struct sockaddr*)&from, &fromlen) == 0) - klog(L_KRB_PERR, "Unknown HTTP request from %s", - inet_ntoa(from.sin_addr)); - else - klog(L_KRB_PERR, "Unknown HTTP request from "); - write(n->s, msg, strlen(msg)); - close(n->s); - n->s = -1; - n->buf.length = 0; - return; - } - proto = "http"; - b = 0; - } - else if(n->buf.length >= 4 && n->buf.dat[0] == 0){ - /* if this is a new type of packet (with - the length attached to the head of the - packet), and there is no more data to - be read, fake an old packet, so the - code below will work */ - u_int32_t len; - krb_get_int(n->buf.dat, &len, 4, 0); - if(n->buf.length == len + 4){ - memmove(n->buf.dat, n->buf.dat + 4, len); - b = 0; - } - } - if(b == 0){ - /* handle request if there are - no more bytes to read */ - fromlen = sizeof(from); - getpeername(n->s,(struct sockaddr*)&from, &fromlen); - kerberos_wrap(n->s, &n->buf, proto, &from, - &n->addr); - n->buf.length = 0; - close(n->s); - n->s = -1; - } - }else{ - /* udp packets are atomic */ - kerberos_wrap(n->s, &n->buf, "udp", &from, - &n->addr); - n->buf.length = 0; - } -} - -static fd_set readfds; - -static void -loop(struct descr *fds, int base_nfds) -{ - int nfds = base_nfds; - int max_tcp = min(FD_SETSIZE, getdtablesize()) - fds[base_nfds - 1].s; - if (max_tcp <= 10) { - errno = EMFILE; - errx(1, "Aborting: too many descriptors"); - } - max_tcp -= 10; /* We need a few extra for DB, logs, etc. */ - if (max_tcp > 100) max_tcp = 100; /* Keep to some sane limit. */ - - for (;;) { - int ret; - struct timeval tv; - int next_timeout = 10; /* In seconds */ - int maxfd = 0; - struct descr *n, *minfree; - int accepted; /* accept at most one socket per `round' */ - - FD_ZERO(&readfds); - gettimeofday(&tv, NULL); - maxfd = 0; - minfree = NULL; - /* Remove expired TCP sockets, and add all other - to the set we are selecting on */ - for(n = fds; n < fds + nfds; n++){ - if(n->s >= 0 && n->timeout && tv.tv_sec > n->timeout){ - kerb_err_reply(n->s, NULL, KERB_ERR_TIMEOUT, "Timeout"); - close(n->s); - n->s = -1; - } - if(n->s < 0){ - if(minfree == NULL) minfree = n; - continue; - } - FD_SET(n->s, &readfds); - maxfd = max(maxfd, n->s); - next_timeout = min(next_timeout, tv.tv_sec - n->timeout); - } - /* add more space for sockets */ - if (minfree == NULL && nfds < base_nfds + max_tcp) { - int i = nfds; - struct descr *new; - nfds *=2; - if (nfds > base_nfds + max_tcp) - nfds = base_nfds + max_tcp; - new = realloc(fds, sizeof(struct descr) * nfds); - if(new){ - fds = new; - minfree = fds + i; - for(; i < nfds; i++) fds[i].s = -1; - } - } - if (minfree == NULL) { - /* - * We are possibly the subject of a DOS attack, pick a TCP - * connection at random and drop it. - */ - int r = rand() % (nfds - base_nfds); - r = r + base_nfds; - FD_CLR(fds[r].s, &readfds); - close(fds[r].s); - fds[r].s = -1; - minfree = &fds[r]; - } - if (next_timeout < 0) next_timeout = 0; - tv.tv_sec = next_timeout; - tv.tv_usec = 0; - ret = select(maxfd + 1, &readfds, 0, 0, &tv); - if (ret < 0) { - if (errno != EINTR) - klog(L_KRB_PERR, "select: %s", strerror(errno)); - continue; - } - accepted = 0; - for (n = fds; n < fds + nfds; n++){ - if(n->s < 0) continue; - if (FD_ISSET(n->s, &readfds)){ - if(n->type == SOCK_STREAM && n->timeout == 0){ - /* add accepted socket to list of sockets we are - selecting on */ - int s; - if(accepted) continue; - accepted = 1; - s = accept(n->s, NULL, 0); - if (minfree == NULL || s >= FD_SETSIZE) { - close(s); - }else{ - minfree->s = s; - minfree->type = SOCK_STREAM; - gettimeofday(&tv, NULL); - minfree->timeout = tv.tv_sec + 4; /* XXX */ - minfree->buf.length = 0; - memcpy(&minfree->addr, &n->addr, sizeof(minfree->addr)); - } - }else - read_socket(n); - } - } - } -} diff --git a/crypto/kerberosIV/slave/Makefile.in b/crypto/kerberosIV/slave/Makefile.in deleted file mode 100644 index 938e61c48565..000000000000 --- a/crypto/kerberosIV/slave/Makefile.in +++ /dev/null @@ -1,80 +0,0 @@ -# $Id: Makefile.in,v 1.33 1999/03/10 19:01:17 joda Exp $ - -SHELL = /bin/sh - -srcdir = @srcdir@ -VPATH = @srcdir@ - -CC = @CC@ -LINK = @LINK@ -AR = ar -RANLIB = @RANLIB@ -DEFS = @DEFS@ -DSBINDIR=\"$(sbindir)\" -CFLAGS = @CFLAGS@ $(WFLAGS) -WFLAGS = @WFLAGS@ -LD_FLAGS = @LD_FLAGS@ - -INSTALL = @INSTALL@ -INSTALL_PROGRAM = @INSTALL_PROGRAM@ -LIBS = @LIBS@ -MKINSTALLDIRS = @top_srcdir@/mkinstalldirs - -prefix = @prefix@ -exec_prefix = @exec_prefix@ -libdir = @libdir@ -libexecdir = @libexecdir@ -sbindir = @sbindir@ -transform=@program_transform_name@ -EXECSUFFIX=@EXECSUFFIX@ - -PROGS = kpropd$(EXECSUFFIX) \ - kprop$(EXECSUFFIX) - -SOURCES = kpropd.c kprop.c - -OBJECTS = kpropd.o kprop.o - -all: $(PROGS) - -Wall: - make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__" - -.c.o: - $(CC) -c $(DEFS) -I../include -I$(srcdir) $(CPPFLAGS) $(CFLAGS) $< - -install: all - $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir) - for x in $(PROGS); do \ - $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -uninstall: - for x in $(PROGS); do \ - rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \ - done - -TAGS: $(SOURCES) - etags $(SOURCES) - -check: - -clean: - rm -f *.a *.o $(PROGS) - -mostlyclean: clean - -distclean: clean - rm -f Makefile *.tab.c *~ - -realclean: distclean - rm -f TAGS - -kprop$(EXECSUFFIX): kprop.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kprop.o -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/roken -lroken $(LIBS) -lroken - -kpropd$(EXECSUFFIX): kpropd.o - $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kpropd.o -L../lib/krb -lkrb -L../lib/des -ldes -L../lib/roken -lroken $(LIBS) -lroken - -$(OBJECTS): ../include/config.h - -.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean diff --git a/crypto/kerberosIV/slave/kprop.c b/crypto/kerberosIV/slave/kprop.c deleted file mode 100644 index 2cb1aee37303..000000000000 --- a/crypto/kerberosIV/slave/kprop.c +++ /dev/null @@ -1,543 +0,0 @@ -/* - -Copyright 1987, 1988 by the Student Information Processing Board - of the Massachusetts Institute of Technology - -Permission to use, copy, modify, and distribute this software -and its documentation for any purpose and without fee is -hereby granted, provided that the above copyright notice -appear in all copies and that both that copyright notice and -this permission notice appear in supporting documentation, -and that the names of M.I.T. and the M.I.T. S.I.P.B. not be -used in advertising or publicity pertaining to distribution -of the software without specific, written prior permission. -M.I.T. and the M.I.T. S.I.P.B. make no representations about -the suitability of this software for any purpose. It is -provided "as is" without express or implied warranty. - -*/ - -#include "slav_locl.h" - -RCSID("$Id: kprop.c,v 1.37 1999/09/16 20:41:59 assar Exp $"); - -#include "kprop.h" - -static char kprop_version[KPROP_PROT_VERSION_LEN] = KPROP_PROT_VERSION; - -int debug = 0; - -char my_realm[REALM_SZ]; -int princ_data_size = 3 * sizeof(int32_t) + 3 * sizeof(unsigned char); -short transfer_mode, net_transfer_mode; -int force_flag; -static char ok[] = ".dump_ok"; - -struct slave_host { - u_int32_t net_addr; - char *name; - char *instance; - char *realm; - int not_time_yet; - int succeeded; - struct slave_host *next; -}; - -static int -get_slaves(struct slave_host **psl, - const char *dir_path, - const char *file, - time_t ok_mtime) -{ - FILE *fin; - char namebuf[128], *inst; - char *pc; - struct hostent *host; - struct slave_host **th; - char *last_prop_path; - struct stat stbuf; - - if ((fin = fopen(file, "r")) == NULL) - err (1, "open(%s)", file); - - th = psl; - while(fgets(namebuf, sizeof(namebuf), fin)){ - if ((pc = strchr(namebuf, '\n'))) { - *pc = '\0'; - } else { - if(strlen(namebuf) == sizeof(namebuf) - 1){ - warnx ("Hostname too long (>= %d chars) in '%s'.", - (int) sizeof(namebuf), file); - do{ - if(fgets(namebuf, sizeof(namebuf), fin) == NULL) - break; - }while(strchr(namebuf, '\n') == NULL); - continue; - } - } - if(namebuf[0] == 0 || namebuf[0] == '#') - continue; - host = gethostbyname(namebuf); - if (host == NULL) { - warnx ("Ignoring host '%s' in '%s': %s", - namebuf, file, - hstrerror(h_errno)); - continue; - } - (*th) = (struct slave_host *) malloc(sizeof(struct slave_host)); - if (!*th) - errx (1, "No memory reading host list from '%s'.", - file); - memset(*th, 0, sizeof(struct slave_host)); - (*th)->name = strdup(namebuf); - if ((*th)->name == NULL) - errx (1, "No memory reading host list from '%s'.", - file); - /* get kerberos cannonical instance name */ - inst = krb_get_phost ((*th)->name); - (*th)->instance = strdup(inst); - if ((*th)->instance == NULL) - errx (1, "No memory reading host list from '%s'.", - file); - /* what a concept, slave servers in different realms! */ - (*th)->realm = my_realm; - memcpy(&(*th)->net_addr, host->h_addr, sizeof((*th)->net_addr)); - (*th)->not_time_yet = 0; - (*th)->succeeded = 0; - (*th)->next = NULL; - asprintf(&last_prop_path, "%s%s-last-prop", dir_path, (*th)->name); - if (last_prop_path == NULL) - errx (1, "malloc failed"); - if (!force_flag - && !stat(last_prop_path, &stbuf) - && stbuf.st_mtime > ok_mtime) { - (*th)->not_time_yet = 1; - (*th)->succeeded = 1; /* no change since last success */ - } - free(last_prop_path); - th = &(*th)->next; - } - fclose(fin); - return (1); -} - -/* The master -> slave protocol looks like this: - 1) 8 byte version string - 2) 2 bytes of "transfer mode" (net byte order of course) - 3) ticket/authentication send by sendauth - 4) 4 bytes of "block" length (u_int32_t) - 5) data - - 4 and 5 repeat til EOF ... -*/ - -static int -prop_to_slaves(struct slave_host *sl, - int fd, - const char *dir_path, - const char *fslv) -{ - u_char buf[KPROP_BUFSIZ]; - u_char obuf[KPROP_BUFSIZ + 64]; /* leave room for private msg overhead */ - struct sockaddr_in sin, my_sin; - int i, n, s; - struct slave_host *cs; /* current slave */ - char my_host_name[MaxHostNameLen], *p_my_host_name; - char kprop_service_instance[INST_SZ]; - u_int32_t cksum; - u_int32_t length, nlength; - long kerror; - KTEXT_ST ticket; - CREDENTIALS cred; - MSG_DAT msg_dat; - static char tkstring[] = "/tmp/kproptktXXXXXX"; - des_key_schedule session_sched; - char *last_prop_path; - - close(mkstemp(tkstring)); - krb_set_tkt_string(tkstring); - - memset(&sin, 0, sizeof sin); - sin.sin_family = AF_INET; - sin.sin_port = k_getportbyname ("krb_prop", "tcp", htons(KPROP_PORT)); - sin.sin_addr.s_addr = INADDR_ANY; - - for (i = 0; i < 5; i++) { /* try each slave five times max */ - for (cs = sl; cs; cs = cs->next) { - if (!cs->succeeded) { - if ((s = socket(AF_INET, SOCK_STREAM, 0)) < 0) - err (1, "socket"); - memcpy(&sin.sin_addr, &cs->net_addr, - sizeof cs->net_addr); - - if (connect(s, (struct sockaddr *) &sin, sizeof sin) < 0) { - warn ("connect(%s)", cs->name); - close(s); - continue; /*** NEXT SLAVE ***/ - } - - /* for krb_mk_{priv, safe} */ - memset(&my_sin, 0, sizeof my_sin); - n = sizeof my_sin; - if (getsockname (s, (struct sockaddr *) &my_sin, &n) != 0) { - warn ("getsockname(%s)", cs->name); - close (s); - continue; /*** NEXT SLAVE ***/ - } - if (n != sizeof (my_sin)) { - warnx ("can't get socketname %s length", cs->name); - close (s); - continue; /*** NEXT SLAVE ***/ - } - - /* Get ticket */ - kerror = krb_mk_req (&ticket, KPROP_SERVICE_NAME, - cs->instance, cs->realm, (u_int32_t) 0); - /* if ticket has expired try to get a new one, but - * first get a TGT ... - */ - if (kerror != MK_AP_OK) { - if (gethostname (my_host_name, sizeof(my_host_name)) != 0) { - warnx ("gethostname(%s): %s", - my_host_name, - hstrerror(h_errno)); - close (s); - break; /* next one can't work either! */ - } - /* get canonical kerberos service instance name */ - p_my_host_name = krb_get_phost (my_host_name); - /* copy it to make sure gethostbyname static doesn't - * screw us. */ - strlcpy (kprop_service_instance, - p_my_host_name, - INST_SZ); - kerror = krb_get_svc_in_tkt (KPROP_SERVICE_NAME, -#if 0 - kprop_service_instance, -#else - KRB_MASTER, -#endif - my_realm, - KRB_TICKET_GRANTING_TICKET, - my_realm, - 96, - KPROP_SRVTAB); - if (kerror != INTK_OK) { - warnx ("%s: %s. While getting initial ticket\n", - cs->name, krb_get_err_text(kerror)); - close (s); - goto punt; - } - kerror = krb_mk_req (&ticket, KPROP_SERVICE_NAME, - cs->instance, cs->realm, - (u_int32_t) 0); - } - if (kerror != MK_AP_OK) { - warnx ("%s: krb_mk_req: %s", - cs->name, krb_get_err_text(kerror)); - close (s); - continue; /*** NEXT SLAVE ***/ - } - - if (write(s, kprop_version, sizeof(kprop_version)) - != sizeof(kprop_version)) { - warn ("%s", cs->name); - close (s); - continue; /*** NEXT SLAVE ***/ - } - - net_transfer_mode = htons (transfer_mode); - if (write(s, &net_transfer_mode, sizeof(net_transfer_mode)) - != sizeof(net_transfer_mode)) { - warn ("write(%s)", cs->name); - close (s); - continue; /*** NEXT SLAVE ***/ - } - - kerror = krb_get_cred (KPROP_SERVICE_NAME, cs->instance, - cs->realm, &cred); - if (kerror != KSUCCESS) { - warnx ("%s: %s. Getting session key.", - cs->name, krb_get_err_text(kerror)); - close (s); - continue; /*** NEXT SLAVE ***/ - } -#ifdef NOENCRYPTION - memset(session_sched, 0, sizeof(session_sched)); -#else - if (des_key_sched (&cred.session, session_sched)) { - warnx ("%s: can't make key schedule.", - cs->name); - close (s); - continue; /*** NEXT SLAVE ***/ - } -#endif - /* SAFE (quad_cksum) and CLEAR are just not good enough */ - cksum = 0; -#ifdef not_working_yet - if (transfer_mode != KPROP_TRANSFER_PRIVATE) { - cksum = get_data_checksum(fd, session_sched); - lseek(fd, 0L, 0); - } - else -#endif - { - struct stat st; - fstat (fd, &st); - cksum = st.st_size; - } - kerror = krb_sendauth(KOPT_DO_MUTUAL, - s, - &ticket, - KPROP_SERVICE_NAME, - cs->instance, - cs->realm, - cksum, - &msg_dat, - &cred, - session_sched, - &my_sin, - &sin, - KPROP_PROT_VERSION); - if (kerror != KSUCCESS) { - warnx ("%s: krb_sendauth: %s.", - cs->name, krb_get_err_text(kerror)); - close (s); - continue; /*** NEXT SLAVE ***/ - } - - lseek(fd, 0L, SEEK_SET); /* Rewind file before rereading it. */ - while ((n = read(fd, buf, sizeof buf))) { - if (n < 0) - err (1, "read"); - switch (transfer_mode) { - case KPROP_TRANSFER_PRIVATE: - case KPROP_TRANSFER_SAFE: - if (transfer_mode == KPROP_TRANSFER_PRIVATE) - length = krb_mk_priv (buf, obuf, n, - session_sched, &cred.session, - &my_sin, &sin); - else - length = krb_mk_safe (buf, obuf, n, - &cred.session, - &my_sin, &sin); - if (length == -1) { - warnx ("%s: %s failed.", - cs->name, - (transfer_mode == KPROP_TRANSFER_PRIVATE) - ? "krb_rd_priv" : "krb_rd_safe"); - close (s); - continue; /*** NEXT SLAVE ***/ - } - nlength = htonl(length); - if (write(s, &nlength, sizeof nlength) - != sizeof nlength) { - warn ("write(%s)", cs->name); - close (s); - continue; /*** NEXT SLAVE ***/ - } - if (write(s, obuf, length) != length) { - warn ("write(%s)", cs->name); - close(s); - continue; /*** NEXT SLAVE ***/ - } - break; - case KPROP_TRANSFER_CLEAR: - if (write(s, buf, n) != n) { - warn ("write(%s)", cs->name); - close(s); - continue; /*** NEXT SLAVE ***/ - } - break; - } - } - close(s); - cs->succeeded = 1; - printf("%s: success.\n", cs->name); - - asprintf(&last_prop_path, - "%s%s-last-prop", - dir_path, - cs->name); - if (last_prop_path == NULL) - errx (1, "malloc failed"); - - unlink(last_prop_path); - close(creat(last_prop_path, 0600)); - } - } - } -punt: - - dest_tkt(); - for (cs = sl; cs; cs = cs->next) { - if (!cs->succeeded) - return (0); /* didn't get this slave */ - } - return (1); -} - -static void -usage(void) -{ - /* already got floc and fslv, what is this? */ - fprintf(stderr, - "\nUsage: kprop [-force] [-realm realm] [-private" -#ifdef not_safe_yet - "|-safe|-clear" -#endif - "] [data_file [slaves_file]]\n\n"); - exit(1); -} - - -int -main(int argc, char **argv) -{ - int fd, i; - char *floc, *floc_ok; - char *fslv; - char *dir_path; - struct stat stbuf, stbuf_ok; - time_t l_init, l_final; - char *pc; - int l_diff; - static struct slave_host *slave_host_list = NULL; - struct slave_host *sh; - - set_progname (argv[0]); - - transfer_mode = KPROP_TRANSFER_PRIVATE; - - time(&l_init); - pc = ctime(&l_init); - pc[strlen(pc) - 1] = '\0'; - printf("\nStart slave propagation: %s\n", pc); - - floc = NULL; - fslv = NULL; - - if (krb_get_lrealm(my_realm,1) != KSUCCESS) - errx (1, "Getting my kerberos realm. Check krb.conf"); - - for (i = 1; i < argc; i++) - switch (argv[i][0]) { - case '-': - if (strcmp (argv[i], "-private") == 0) - transfer_mode = KPROP_TRANSFER_PRIVATE; -#ifdef not_safe_yet - else if (strcmp (argv[i], "-safe") == 0) - transfer_mode = KPROP_TRANSFER_SAFE; - else if (strcmp (argv[i], "-clear") == 0) - transfer_mode = KPROP_TRANSFER_CLEAR; -#endif - else if (strcmp (argv[i], "-realm") == 0) { - i++; - if (i < argc) - strlcpy(my_realm, argv[i], REALM_SZ); - else - usage(); - } else if (strcmp (argv[i], "-force") == 0) - force_flag++; - else { - warnx("unknown control argument %s.", argv[i]); - usage (); - } - break; - default: - /* positional arguments are marginal at best ... */ - if (floc == NULL) - floc = argv[i]; - else { - if (fslv == NULL) - fslv = argv[i]; - else - usage(); - } - } - if(floc == NULL) - floc = DB_DIR "/slave_dump"; - if(fslv == NULL) - fslv = DB_DIR "/slaves"; - - asprintf (&floc_ok, "%s%s", floc, ok); - if (floc_ok == NULL) - errx (1, "out of memory in copying %s", floc); - - dir_path = strdup(fslv); - if(dir_path == NULL) - errx (1, "malloc failed"); - pc = strrchr(dir_path, '/'); - if (pc != NULL) - ++pc; - else - pc = dir_path; - *pc = '\0'; - - if ((fd = open(floc, O_RDONLY)) < 0) - err (1, "open(%s)", floc); - if (flock(fd, LOCK_SH | LOCK_NB)) - err (1, "flock(%s)", floc); - if (stat(floc, &stbuf)) - err (1, "stat(%s)", floc); - if (stat(floc_ok, &stbuf_ok)) - err (1, "stat(%s)", floc_ok); - if (stbuf.st_mtime > stbuf_ok.st_mtime) - errx (1, "'%s' more recent than '%s'.", floc, floc_ok); - if (!get_slaves(&slave_host_list, dir_path, fslv, stbuf_ok.st_mtime)) - errx (1, "can't read slave host file '%s'.", fslv); -#ifdef KPROP_DBG - { - struct slave_host *sh; - int i; - fprintf(stderr, "\n\n"); - fflush(stderr); - for (sh = slave_host_list; sh; sh = sh->next) { - fprintf(stderr, "slave %d: %s, %s", i++, sh->name, - inet_ntoa(sh->net_addr)); - fflush(stderr); - } - } -#endif /* KPROP_DBG */ - - if (!prop_to_slaves(slave_host_list, fd, dir_path, fslv)) - errx (1, "propagation failed."); - if (flock(fd, LOCK_UN)) - err (1, "flock(%s, LOCK_UN)", floc); - printf("\n\n"); - for (sh = slave_host_list; sh; sh = sh->next) { - if (sh->not_time_yet) - printf( "%s:\t\tNot time yet\n", sh->name); - else if (sh->succeeded) - printf( "%s:\t\tSucceeded\n", sh->name); - else - fprintf(stderr, "%s:\t\tFAILED\n", sh->name); - fflush(stdout); - } - - time(&l_final); - l_diff = l_final - l_init; - printf("propagation finished, %d:%02d:%02d elapsed\n", - l_diff / 3600, (l_diff % 3600) / 60, l_diff % 60); - - exit(0); -} - -#ifdef doesnt_work_yet -u_long get_data_checksum(fd, key_sched) - int fd; - des_key_schedule key_sched; -{ - u_int32_t cksum = 0; - int n; - char buf[BUFSIZ]; - u_int32_t obuf[2]; - - while (n = read(fd, buf, sizeof buf)) { - if (n < 0) - err (1, "read"); - cksum = cbc_cksum(buf, obuf, n, key_sched, key_sched); - } - return cksum; -} -#endif diff --git a/crypto/kerberosIV/slave/kprop.h b/crypto/kerberosIV/slave/kprop.h deleted file mode 100644 index d66f63f73474..000000000000 --- a/crypto/kerberosIV/slave/kprop.h +++ /dev/null @@ -1,19 +0,0 @@ -/* - * Copyright 1987 by the Massachusetts Institute of Technology. - * - * For copying and distribution information, - * please see the file . - * - * $Id: kprop.h,v 1.5 1997/02/07 21:39:52 assar Exp $ - * - */ - -#define KPROP_SERVICE_NAME "rcmd" -#define KPROP_SRVTAB "/etc/srvtab" -#define KPROP_PROT_VERSION_LEN 8 -#define KPROP_PROT_VERSION "kprop01" -#define KPROP_TRANSFER_PRIVATE 1 -#define KPROP_TRANSFER_SAFE 2 -#define KPROP_TRANSFER_CLEAR 3 -#define KPROP_BUFSIZ 32768 -#define KPROP_PORT 754 diff --git a/crypto/kerberosIV/slave/kpropd.c b/crypto/kerberosIV/slave/kpropd.c deleted file mode 100644 index db745095b5b2..000000000000 --- a/crypto/kerberosIV/slave/kpropd.c +++ /dev/null @@ -1,318 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include "slav_locl.h" - -#include "kprop.h" - -RCSID("$Id: kpropd.c,v 2.32 1999/12/02 16:58:56 joda Exp $"); - -#ifndef SBINDIR -#define SBINDIR "/usr/athena/sbin" -#endif - -struct sockaddr_in master, slave; - -char *database = DBM_FILE; - -char *lockfile = DB_DIR "/slave_propagation"; - -char *logfile = K_LOGFIL; - -char *kdb_util = SBINDIR "/kdb_util"; - -char *kdb_util_command = "load"; - -char *srvtab = ""; - -char realm[REALM_SZ]; - -static -int -copy_data(int from, int to, des_cblock *session, des_key_schedule schedule) -{ - unsigned char tmp[4]; - char buf[KPROP_BUFSIZ + 26]; - u_int32_t length; - int n; - - int kerr; - MSG_DAT m; - - while(1){ - n = krb_net_read(from, tmp, 4); - if(n == 0) - break; - if(n < 0){ - klog(L_KRB_PERR, "krb_net_read: %s", strerror(errno)); - return -1; - } - if(n != 4){ - klog(L_KRB_PERR, "Premature end of data"); - return -1; - } - length = (tmp[0] << 24) | (tmp[1] << 16) | (tmp[2] << 8) | tmp[3]; - if(length > sizeof(buf)){ - klog(L_KRB_PERR, "Giant packet received: %d", length); - return -1; - } - if(krb_net_read(from, buf, length) != length){ - klog(L_KRB_PERR, "Premature end of data"); - return -1; - } - kerr = krb_rd_priv (buf, length, schedule, session, - &master, &slave, &m); - if(kerr != KSUCCESS){ - klog(L_KRB_PERR, "Kerberos error: %s", krb_get_err_text(kerr)); - return -1; - } - write(to, m.app_data, m.app_length); - } - return 0; -} - - -static -int -kprop(int s) -{ - char buf[128]; - int n; - KTEXT_ST ticket; - AUTH_DAT ad; - char sinst[INST_SZ]; - des_key_schedule schedule; - int mode; - int kerr; - int lock; - - n = sizeof(master); - if(getpeername(s, (struct sockaddr*)&master, &n) < 0){ - klog(L_KRB_PERR, "getpeername: %s", strerror(errno)); - return 1; - } - - n = sizeof(slave); - if(getsockname(s, (struct sockaddr*)&slave, &n) < 0){ - klog(L_KRB_PERR, "getsockname: %s", strerror(errno)); - return 1; - } - - klog(L_KRB_PERR, "Connection from %s", inet_ntoa(master.sin_addr)); - - n = krb_net_read(s, buf, KPROP_PROT_VERSION_LEN + 2); - if(n < KPROP_PROT_VERSION_LEN + 2){ - klog(L_KRB_PERR, "Premature end of data"); - return 1; - } - if(memcmp(buf, KPROP_PROT_VERSION, KPROP_PROT_VERSION_LEN) != 0){ - klog(L_KRB_PERR, "Bad protocol version string received"); - return 1; - } - mode = (buf[n-2] << 8) | buf[n-1]; - if(mode != KPROP_TRANSFER_PRIVATE){ - klog(L_KRB_PERR, "Bad transfer mode received: %d", mode); - return 1; - } - k_getsockinst(s, sinst, sizeof(sinst)); - kerr = krb_recvauth(KOPT_DO_MUTUAL, s, &ticket, - KPROP_SERVICE_NAME, sinst, - &master, &slave, - &ad, srvtab, schedule, - buf); - if(kerr != KSUCCESS){ - klog(L_KRB_PERR, "Kerberos error: %s", krb_get_err_text(kerr)); - return 1; - } - - if(strcmp(ad.pname, KPROP_SERVICE_NAME) || -#if 0 - strcmp(ad.pinst, /* XXX remote host */) || -#else - strcmp(ad.pinst, KRB_MASTER) || -#endif - strcmp(ad.prealm, realm)){ - klog(L_KRB_PERR, "Connection from unauthorized client: %s", - krb_unparse_name_long(ad.pname, ad.pinst, ad.prealm)); - return 1; - } - - des_set_key(&ad.session, schedule); - - lock = open(lockfile, O_WRONLY|O_CREAT, 0600); - if(lock < 0){ - klog(L_KRB_PERR, "Failed to open file: %s", strerror(errno)); - return 1; - } - if(flock(lock, LOCK_EX | LOCK_NB)){ - close(lock); - klog(L_KRB_PERR, "Failed to lock file: %s", strerror(errno)); - return 1; - } - - if(ftruncate(lock, 0) < 0){ - close(lock); - klog(L_KRB_PERR, "Failed to lock file: %s", strerror(errno)); - return 1; - } - - if(copy_data(s, lock, &ad.session, schedule)){ - close(lock); - return 1; - } - close(lock); - - if(simple_execlp(kdb_util, "kdb_util", kdb_util_command, - lockfile, database, NULL) != 0) { - klog(L_KRB_PERR, "*** Propagation failed ***"); - return 1; - }else{ - klog(L_KRB_PERR, "Propagation finished successfully"); - return 0; - } -} - -static int -doit(void) -{ - return kprop(0); -} - -static int -doit_interactive(void) -{ - struct sockaddr_in sa; - int salen; - int s, s2; - int ret; - - s = socket(AF_INET, SOCK_STREAM, 0); - if(s < 0){ - klog(L_KRB_PERR, "socket: %s", strerror(errno)); - return 1; - } - memset(&sa, 0, sizeof(sa)); - sa.sin_family = AF_INET; - sa.sin_port = k_getportbyname ("krb_prop", "tcp", htons(KPROP_PORT)); - ret = bind(s, (struct sockaddr*)&sa, sizeof(sa)); - if (ret < 0) { - klog(L_KRB_PERR, "bind: %s", strerror(errno)); - return 1; - } - ret = listen(s, SOMAXCONN); - if (ret < 0) { - klog(L_KRB_PERR, "listen: %s", strerror(errno)); - return 1; - } - for(;;) { - salen = sizeof(sa); - s2 = accept(s, (struct sockaddr*)&sa, &salen); - switch(fork()){ - case -1: - klog(L_KRB_PERR, "fork: %s", strerror(errno)); - return 1; - case 0: - close(s); - kprop(s2); - return 1; - default: { - int status; - close(s2); - wait(&status); - } - } - } -} - -static void -usage (void) -{ - fprintf (stderr, - "Usage: kpropd [-i] [-d database] [-l log] [-m] [-[p|P] program]" - " [-r realm] [-s srvtab]\n"); - exit (1); -} - -int -main(int argc, char **argv) -{ - int opt; - int interactive = 0; - - krb_get_lrealm(realm, 1); - - while((opt = getopt(argc, argv, ":d:l:mp:P:r:s:i")) >= 0){ - switch(opt){ - case 'd': - database = optarg; - break; - case 'l': - logfile = optarg; - break; - case 'm': - kdb_util_command = "merge"; - break; - case 'p': - case 'P': - kdb_util = optarg; - break; - case 'r': - strlcpy(realm, optarg, REALM_SZ); - break; - case 's': - srvtab = optarg; - break; - case 'i': - interactive = 1; - break; - default: - klog(L_KRB_PERR, "Bad option: -%c", optopt); - usage (); - exit(1); - } - } - if (!interactive) { - /* Use logfile as stderr so we don't lose error messages. */ - int fd = open(logfile, O_CREAT | O_WRONLY | O_APPEND, 0600); - if (fd == -1) - klog(L_KRB_PERR, "Can't open logfile %s: %s", logfile,strerror(errno)); - else - dup2(fd, 2); - close(fd); - } - kset_logfile(logfile); - if (interactive) - return doit_interactive (); - else - return doit (); -} diff --git a/crypto/kerberosIV/slave/slav_locl.h b/crypto/kerberosIV/slave/slav_locl.h deleted file mode 100644 index 2772ed99968a..000000000000 --- a/crypto/kerberosIV/slave/slav_locl.h +++ /dev/null @@ -1,101 +0,0 @@ -/* - * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: slav_locl.h,v 1.14 1999/12/02 16:58:56 joda Exp $ */ - -#ifndef __slav_locl_h -#define __slav_locl_h - -#include "config.h" -#include "protos.h" - -#include -#include -#include -#include -#include - -#include -#include - -#ifdef HAVE_SYS_TYPES_H -#include -#endif -#ifdef HAVE_SYS_STAT_H -#include -#endif -#ifdef HAVE_FCNTL_H -#include -#endif -#include -#ifdef HAVE_SYS_FILE_H -#include -#endif -#ifdef HAVE_SYS_WAIT_H -#include -#endif - -#ifdef HAVE_NETINET_IN_H -#include -#endif -#ifdef HAVE_ARPA_INET_H -#include -#endif -#ifdef HAVE_SYS_SOCKET_H -#include -#endif -#ifdef HAVE_NETDB_H -#include -#endif -#include - -#ifdef SOCKS -#include -/* This doesn't belong here. */ -struct tm *localtime(const time_t *); -struct hostent *gethostbyname(const char *); -#endif - -#include - -#include -#include -#include -#include -#include - -#include - -#include "kprop.h" - -#endif /* __slav_locl_h */ diff --git a/kerberosIV/Makefile b/kerberosIV/Makefile deleted file mode 100644 index f8efd7a3b57e..000000000000 --- a/kerberosIV/Makefile +++ /dev/null @@ -1,33 +0,0 @@ -# $FreeBSD$ - -MAINTAINER= markm@FreeBSD.org - -SUBDIR= include lib libexec usr.bin usr.sbin - -# These are the programs which depend on Kerberos. -KPROGS= lib/libpam \ - sbin/dump sbin/restore - -# This target is used to rebuild these programs WITH Kerberos. -kerberize: -.for entry in ${KPROGS} - cd ${.CURDIR}/../${entry}; \ - ${MAKE} ${MFLAGS} -DMAKE_KERBEROS4 cleandir; \ - ${MAKE} ${MFLAGS} -DMAKE_KERBEROS4 obj; \ - ${MAKE} ${MFLAGS} -DMAKE_KERBEROS4 depend; \ - ${MAKE} ${MFLAGS} -DMAKE_KERBEROS4 all; \ - ${MAKE} ${MFLAGS} -DMAKE_KERBEROS4 install -.endfor - -# This target is used to rebuild these programs WITHOUT Kerberos. -dekerberize: -.for entry in ${KPROGS} - cd ${.CURDIR}/../${entry}; \ - ${MAKE} ${MFLAGS} cleandir; \ - ${MAKE} ${MFLAGS} obj; \ - ${MAKE} ${MFLAGS} depend; \ - ${MAKE} ${MFLAGS} all; \ - ${MAKE} ${MFLAGS} install -.endfor - -.include diff --git a/kerberosIV/Makefile.inc b/kerberosIV/Makefile.inc deleted file mode 100644 index 52c532d04050..000000000000 --- a/kerberosIV/Makefile.inc +++ /dev/null @@ -1,99 +0,0 @@ -# $FreeBSD$ - -DISTRIBUTION?= krb4 -NOLINT= true - -.if !defined(INCLUDEOBJDIR) - -KRB4DIR= ${.CURDIR}/../../../crypto/kerberosIV -TELNETDIR= ${.CURDIR}/../../../crypto/telnet - -.if exists(${.OBJDIR}/../../include) -INCLUDEOBJDIR= ${.OBJDIR}/../../include -.else -INCLUDEOBJDIR= ${.CURDIR}/../../include -.endif - -.if exists(${.OBJDIR}/../../lib/libacl) -ROKENOBJDIR= ${.OBJDIR}/../../../kerberosIV/lib/libroken -.else -ROKENOBJDIR= ${.CURDIR}/../../../kerberosIV/lib/libroken -.endif - -.if exists(${.OBJDIR}/../../lib/libacl) -ACLOBJDIR= ${.OBJDIR}/../../lib/libacl -.else -ACLOBJDIR= ${.CURDIR}/../../lib/libacl -.endif - -.if exists(${.OBJDIR}/../../lib/libkadm) -KADMOBJDIR= ${.OBJDIR}/../../lib/libkadm -.else -KADMOBJDIR= ${.CURDIR}/../../lib/libkadm -.endif - -.if exists(${.OBJDIR}/../../lib/libkafs) -KAFSOBJDIR= ${.OBJDIR}/../../lib/libkafs -.else -KAFSOBJDIR= ${.CURDIR}/../../lib/libkafs -.endif - -.if exists(${.OBJDIR}/../../lib/libkdb) -KDBOBJDIR= ${.OBJDIR}/../../lib/libkdb -.else -KDBOBJDIR= ${.CURDIR}/../../lib/libkdb -.endif - -.if exists(${.OBJDIR}/../../lib/libkrb) -KRBOBJDIR= ${.OBJDIR}/../../lib/libkrb -.else -KRBOBJDIR= ${.CURDIR}/../../lib/libkrb -.endif - -.if exists(${.OBJDIR}/../../lib/libroken) -ROKENOBJDIR= ${.OBJDIR}/../../lib/libroken -.else -ROKENOBJDIR= ${.CURDIR}/../../lib/libroken -.endif - -.if exists(${.OBJDIR}/../../lib/libsl) -SLOBJDIR= ${.OBJDIR}/../../lib/libsl -.else -SLOBJDIR= ${.CURDIR}/../../lib/libsl -.endif - -.if exists(${.OBJDIR}/../../lib/libtelnet) -LIBTELNET= ${.OBJDIR}/../../lib/libtelnet/libtelnet.a -.else -LIBTELNET= ${.CURDIR}/../../lib/libtelnet/libtelnet.a -.endif - -CFLAGS+= -I${.CURDIR}/../../include -Wall -DHAVE_CONFIG_H \ - -I${INCLUDEOBJDIR} \ - -DBINDIR=\"/usr/bin\" -DSBINDIR=\"/usr/sbin\" \ - -DLIBEXECDIR=\"/usr/libexec\" - -protos.h: ${KRB4DIR}/include/protos.H - ln -sf ${.ALLSRC} ${.TARGET} - -COMPILE_ET= compile_et - -.ORDER: ${KADMOBJDIR}/kadm_err.c ${KADMOBJDIR}/kadm_err.h -${KADMOBJDIR}/kadm_err.c ${KADMOBJDIR}/kadm_err.h: ${KRB4DIR}/lib/kadm/kadm_err.et - test -e ${KADMOBJDIR}/kadm_err.et || ln -s ${.ALLSRC} ${KADMOBJDIR} - cd ${KADMOBJDIR}; ${COMPILE_ET} kadm_err.et - -CLEANFILES+=${KADMOBJDIR}/kadm_err.h ${KADMOBJDIR}/kadm_err.c ${KADMOBJDIR}/kadm_err.et - -.ORDER: ${KRBOBJDIR}/krb_err.c ${KRBOBJDIR}/krb_err.h -${KRBOBJDIR}/krb_err.c ${KRBOBJDIR}/krb_err.h: ${KRB4DIR}/lib/krb/krb_err.et - test -e ${KRBOBJDIR}/krb_err.et || ln -s ${.ALLSRC} ${KRBOBJDIR} - cd ${KRBOBJDIR}; ${COMPILE_ET} krb_err.et - -CLEANFILES+=${KRBOBJDIR}/krb_err.h ${KRBOBJDIR}/krb_err.c ${KRBOBJDIR}/krb_err.et - -.else - -KRB4DIR= ${.CURDIR}/../../crypto/kerberosIV - -.endif diff --git a/kerberosIV/README b/kerberosIV/README deleted file mode 100644 index 9f97cf60f95a..000000000000 --- a/kerberosIV/README +++ /dev/null @@ -1,13 +0,0 @@ -This subtree is world-exportable, as it does not contain any -cryptographic code. - -At the time of writing, it did not even contain source code, only -Makefiles and headers. - -Please maintain this "exportable" status quo. - -Thanks! - -MarkM -markm@freebsd.org -20th Sept 1997 diff --git a/kerberosIV/include/Makefile b/kerberosIV/include/Makefile deleted file mode 100644 index 3ec5c9a0aa81..000000000000 --- a/kerberosIV/include/Makefile +++ /dev/null @@ -1,11 +0,0 @@ -# $FreeBSD$ - -.if exists(${.OBJDIR}/../../include) -INCLUDEOBJDIR= ${.OBJDIR}/../include -.else -INCLUDEOBJDIR= ${.CURDIR}/../include -.endif - -depend lint tags: - -.include diff --git a/kerberosIV/include/config.h b/kerberosIV/include/config.h deleted file mode 100644 index 79676b766b0d..000000000000 --- a/kerberosIV/include/config.h +++ /dev/null @@ -1,1280 +0,0 @@ -/* include/config.h. Hand tweaked by MarkM. */ -/* include/config.h. Generated automatically by configure. */ -/* include/config.h.in. Generated automatically from configure.in by autoheader. */ - -/* $FreeBSD$ */ - -#define KRB4 1 - -/* Define if using alloca.c. */ -/* #undef C_ALLOCA */ - -/* Define to empty if the keyword does not work. */ -/* #undef const */ - -/* Define to one of _getb67, GETB67, getb67 for Cray-2 and Cray-YMP systems. - This function is required for alloca.c support on those systems. */ -/* #undef CRAY_STACKSEG_END */ - -/* Define to `int' if doesn't define. */ -/* #undef gid_t */ - -/* Define if you have alloca, as a function or macro. */ -#define HAVE_ALLOCA 1 - -/* Define if you have and it should be used (not on Ultrix). */ -/* #undef HAVE_ALLOCA_H */ - -/* Define if you have a working `mmap' system call. */ -#define HAVE_MMAP 1 - -/* Define if your struct stat has st_blksize. */ -#define HAVE_ST_BLKSIZE 1 - -/* Define as __inline if that's what the C compiler calls it. */ -/* #undef inline */ - -/* Define to `long' if doesn't define. */ -/* #undef off_t */ - -/* Define to `int' if doesn't define. */ -/* #undef pid_t */ - -/* Define if you need to in order for stat and other things to work. */ -/* #undef _POSIX_SOURCE */ - -/* Define as the return type of signal handlers (int or void). */ -#define RETSIGTYPE void - -/* Define to `unsigned' if doesn't define. */ -/* #undef size_t */ - -/* If using the C implementation of alloca, define if you know the - direction of stack growth for your system; otherwise it will be - automatically deduced at run-time. - STACK_DIRECTION > 0 => grows toward higher addresses - STACK_DIRECTION < 0 => grows toward lower addresses - STACK_DIRECTION = 0 => direction of growth unknown - */ -/* #undef STACK_DIRECTION */ - -/* Define if you have the ANSI C header files. */ -#define STDC_HEADERS 1 - -/* Define if `sys_siglist' is declared by . */ -#define SYS_SIGLIST_DECLARED 1 - -/* Define if you can safely include both and . */ -#define TIME_WITH_SYS_TIME 1 - -/* Define to `int' if doesn't define. */ -/* #undef uid_t */ - -/* Define if your processor stores words with the most significant - byte first (like Motorola and SPARC, unlike Intel and VAX). */ -/* #undef WORDS_BIGENDIAN */ - -/* Define if the X Window System is missing or not being used. */ -#define X_DISPLAY_MISSING 1 - -/* Define if you have the XauFileName function. */ -/* #undef HAVE_XAUFILENAME */ - -/* Define if you have the XauReadAuth function. */ -/* #undef HAVE_XAUREADAUTH */ - -/* Define if you have the XauWriteAuth function. */ -/* #undef HAVE_XAUWRITEAUTH */ - -/* Define if you have the _getpty function. */ -/* #undef HAVE__GETPTY */ - -/* Define if you have the _scrsize function. */ -/* #undef HAVE__SCRSIZE */ - -/* Define if you have the _setsid function. */ -#define HAVE__SETSID 1 - -/* Define if you have the _stricmp function. */ -/* #undef HAVE__STRICMP */ - -/* Define if you have the asnprintf function. */ -/* #undef HAVE_ASNPRINTF */ - -/* Define if you have the asprintf function. */ -#define HAVE_ASPRINTF 1 - -/* Define if you have the atexit function. */ -#define HAVE_ATEXIT 1 - -/* Define if you have the cap_set_proc function. */ -/* #undef HAVE_CAP_SET_PROC */ - -/* Define if you have the cgetent function. */ -#define HAVE_CGETENT 1 - -/* Define if you have the chown function. */ -#define HAVE_CHOWN 1 - -/* Define if you have the chroot function. */ -#define HAVE_CHROOT 1 - -/* Define if you have the copyhostent function. */ -/* #undef HAVE_COPYHOSTENT */ - -/* Define if you have the crypt function. */ -#define HAVE_CRYPT 1 - -/* Define if you have the daemon function. */ -#define HAVE_DAEMON 1 - -/* Define if you have the dlopen function. */ -/* #undef HAVE_DLOPEN */ - -/* Define if you have the dn_expand function. */ -#define HAVE_DN_EXPAND 1 - -/* Define if you have the el_init function. */ -#define HAVE_EL_INIT 1 - -/* Define if you have the err function. */ -#define HAVE_ERR 1 - -/* Define if you have the errx function. */ -#define HAVE_ERRX 1 - -/* Define if you have the fattach function. */ -/* #undef HAVE_FATTACH */ - -/* Define if you have the fchmod function. */ -#define HAVE_FCHMOD 1 - -/* Define if you have the fchown function. */ -#define HAVE_FCHOWN 1 - -/* Define if you have the fcntl function. */ -#define HAVE_FCNTL 1 - -/* Define if you have the flock function. */ -#define HAVE_FLOCK 1 - -/* Define if you have the fnmatch function. */ -#define HAVE_FNMATCH 1 - -/* Define if you have the forkpty function. */ -#define HAVE_FORKPTY 1 - -/* Define if you have the freehostent function. */ -#define HAVE_FREEHOSTENT 1 - -/* Define if you have the frevoke function. */ -/* #undef HAVE_FREVOKE */ - -/* Define if you have the getattr function. */ -/* #undef HAVE_GETATTR */ - -/* Define if you have the getcwd function. */ -#define HAVE_GETCWD 1 - -/* Define if you have the getdtablesize function. */ -#define HAVE_GETDTABLESIZE 1 - -/* Define if you have the getegid function. */ -#define HAVE_GETEGID 1 - -/* Define if you have the geteuid function. */ -#define HAVE_GETEUID 1 - -/* Define if you have the getgid function. */ -#define HAVE_GETGID 1 - -/* Define if you have the gethostbyname function. */ -#define HAVE_GETHOSTBYNAME 1 - -/* Define if you have the gethostname function. */ -#define HAVE_GETHOSTNAME 1 - -/* Define if you have the getipnodebyaddr function. */ -#define HAVE_GETIPNODEBYADDR 1 - -/* Define if you have the getipnodebyname function. */ -#define HAVE_GETIPNODEBYNAME 1 - -/* Define if you have the getlogin function. */ -#define HAVE_GETLOGIN 1 - -/* Define if you have the getmsg function. */ -/* #undef HAVE_GETMSG */ - -/* Define if you have the getopt function. */ -#define HAVE_GETOPT 1 - -/* Define if you have the getpagesize function. */ -#define HAVE_GETPAGESIZE 1 - -/* Define if you have the getpriority function. */ -#define HAVE_GETPRIORITY 1 - -/* Define if you have the getpwnam_r function. */ -/* #undef HAVE_GETPWNAM_R */ - -/* Define if you have the getrlimit function. */ -#define HAVE_GETRLIMIT 1 - -/* Define if you have the getservbyname function. */ -#define HAVE_GETSERVBYNAME 1 - -/* Define if you have the getsockopt function. */ -#define HAVE_GETSOCKOPT 1 - -/* Define if you have the getspnam function. */ -/* #undef HAVE_GETSPNAM */ - -/* Define if you have the gettimeofday function. */ -#define HAVE_GETTIMEOFDAY 1 - -/* Define if you have the gettosbyname function. */ -/* #undef HAVE_GETTOSBYNAME */ - -/* Define if you have the getudbnam function. */ -/* #undef HAVE_GETUDBNAM */ - -/* Define if you have the getuid function. */ -#define HAVE_GETUID 1 - -/* Define if you have the getusershell function. */ -#define HAVE_GETUSERSHELL 1 - -/* Define if you have the grantpt function. */ -/* #undef HAVE_GRANTPT */ - -/* Define if you have the hstrerror function. */ -#define HAVE_HSTRERROR 1 - -/* Define if you have the inet_aton function. */ -#define HAVE_INET_ATON 1 - -/* Define if you have the inet_ntop function. */ -#define HAVE_INET_NTOP 1 - -/* Define if you have the inet_pton function. */ -#define HAVE_INET_PTON 1 - -/* Define if you have the initgroups function. */ -#define HAVE_INITGROUPS 1 - -/* Define if you have the innetgr function. */ -#define HAVE_INNETGR 1 - -/* Define if you have the iruserok function. */ -#define HAVE_IRUSEROK 1 - -/* Define if you have the logout function. */ -#define HAVE_LOGOUT 1 - -/* Define if you have the logwtmp function. */ -#define HAVE_LOGWTMP 1 - -/* Define if you have the lstat function. */ -#define HAVE_LSTAT 1 - -/* Define if you have the memmove function. */ -#define HAVE_MEMMOVE 1 - -/* Define if you have the mkstemp function. */ -#define HAVE_MKSTEMP 1 - -/* Define if you have the mktime function. */ -#define HAVE_MKTIME 1 - -/* Define if you have the odm_initialize function. */ -/* #undef HAVE_ODM_INITIALIZE */ - -/* Define if you have the on_exit function. */ -/* #undef HAVE_ON_EXIT */ - -/* Define if you have the parsetos function. */ -/* #undef HAVE_PARSETOS */ - -/* Define if you have the ptsname function. */ -/* #undef HAVE_PTSNAME */ - -/* Define if you have the putenv function. */ -#define HAVE_PUTENV 1 - -/* Define if you have the rand function. */ -#define HAVE_RAND 1 - -/* Define if you have the random function. */ -#define HAVE_RANDOM 1 - -/* Define if you have the rcmd function. */ -#define HAVE_RCMD 1 - -/* Define if you have the readline function. */ -#define HAVE_READLINE 1 - -/* Define if you have the readv function. */ -#define HAVE_READV 1 - -/* Define if you have the recvmsg function. */ -#define HAVE_RECVMSG 1 - -/* Define if you have the res_search function. */ -#define HAVE_RES_SEARCH 1 - -/* Define if you have the revoke function. */ -#define HAVE_REVOKE 1 - -/* Define if you have the sa_family_t function. */ -#define HAVE_SA_FAMILY_T 1 - -/* Define if you have the sendmsg function. */ -#define HAVE_SENDMSG 1 - -/* Define if you have the setegid function. */ -#define HAVE_SETEGID 1 - -/* Define if you have the setenv function. */ -#define HAVE_SETENV 1 - -/* Define if you have the seteuid function. */ -#define HAVE_SETEUID 1 - -/* Define if you have the setitimer function. */ -#define HAVE_SETITIMER 1 - -/* Define if you have the setlim function. */ -/* #undef HAVE_SETLIM */ - -/* Define if you have the setlogin function. */ -#define HAVE_SETLOGIN 1 - -/* Define if you have the setpcred function. */ -/* #undef HAVE_SETPCRED */ - -/* Define if you have the setpgid function. */ -#define HAVE_SETPGID 1 - -/* Define if you have the setpriority function. */ -#define HAVE_SETPRIORITY 1 - -/* Define if you have the setproctitle function. */ -#define HAVE_SETPROCTITLE 1 - -/* Define if you have the setregid function. */ -#define HAVE_SETREGID 1 - -/* Define if you have the setresgid function. */ -/* #undef HAVE_SETRESGID */ - -/* Define if you have the setresuid function. */ -/* #undef HAVE_SETRESUID */ - -/* Define if you have the setreuid function. */ -#define HAVE_SETREUID 1 - -/* Define if you have the setsid function. */ -#define HAVE_SETSID 1 - -/* Define if you have the setsockopt function. */ -#define HAVE_SETSOCKOPT 1 - -/* Define if you have the setutent function. */ -/* #undef HAVE_SETUTENT */ - -/* Define if you have the sgi_getcapabilitybyname function. */ -/* #undef HAVE_SGI_GETCAPABILITYBYNAME */ - -/* Define if you have the sigaction function. */ -#define HAVE_SIGACTION 1 - -/* Define if you have the socket function. */ -#define HAVE_SOCKET 1 - -/* Define if you have the strcasecmp function. */ -#define HAVE_STRCASECMP 1 - -/* Define if you have the strdup function. */ -#define HAVE_STRDUP 1 - -/* Define if you have the strerror function. */ -#define HAVE_STRERROR 1 - -/* Define if you have the strftime function. */ -#define HAVE_STRFTIME 1 - -/* Define if you have the strlcat function. */ -#define HAVE_STRLCAT 1 - -/* Define if you have the strlcpy function. */ -#define HAVE_STRLCPY 1 - -/* Define if you have the strlwr function. */ -/* #undef HAVE_STRLWR */ - -/* Define if you have the strncasecmp function. */ -#define HAVE_STRNCASECMP 1 - -/* Define if you have the strndup function. */ -/* #undef HAVE_STRNDUP */ - -/* Define if you have the strnlen function. */ -/* #undef HAVE_STRNLEN */ - -/* Define if you have the strptime function. */ -#define HAVE_STRPTIME 1 - -/* Define if you have the strsep function. */ -#define HAVE_STRSEP 1 - -/* Define if you have the strtok_r function. */ -#define HAVE_STRTOK_R 1 - -/* Define if you have the struct_sockaddr_storage function. */ -#define HAVE_STRUCT_SOCKADDR_STORAGE 1 - -/* Define if you have the strupr function. */ -/* #undef HAVE_STRUPR */ - -/* Define if you have the swab function. */ -#define HAVE_SWAB 1 - -/* Define if you have the sysconf function. */ -#define HAVE_SYSCONF 1 - -/* Define if you have the sysctl function. */ -#define HAVE_SYSCTL 1 - -/* Define if you have the syslog function. */ -#define HAVE_SYSLOG 1 - -/* Define if you have the tgetent function. */ -#define HAVE_TGETENT 1 - -/* Define if you have the ttyname function. */ -#define HAVE_TTYNAME 1 - -/* Define if you have the ttyslot function. */ -#define HAVE_TTYSLOT 1 - -/* Define if you have the ulimit function. */ -/* #undef HAVE_ULIMIT */ - -/* Define if you have the uname function. */ -#define HAVE_UNAME 1 - -/* Define if you have the unlockpt function. */ -/* #undef HAVE_UNLOCKPT */ - -/* Define if you have the unsetenv function. */ -#define HAVE_UNSETENV 1 - -/* Define if you have the vasnprintf function. */ -/* #undef HAVE_VASNPRINTF */ - -/* Define if you have the vasprintf function. */ -#define HAVE_VASPRINTF 1 - -/* Define if you have the verr function. */ -#define HAVE_VERR 1 - -/* Define if you have the verrx function. */ -#define HAVE_VERRX 1 - -/* Define if you have the vhangup function. */ -/* #undef HAVE_VHANGUP */ - -/* Define if you have the vsnprintf function. */ -#define HAVE_VSNPRINTF 1 - -/* Define if you have the vsyslog function. */ -#define HAVE_VSYSLOG 1 - -/* Define if you have the vwarn function. */ -#define HAVE_VWARN 1 - -/* Define if you have the vwarnx function. */ -#define HAVE_VWARNX 1 - -/* Define if you have the warn function. */ -#define HAVE_WARN 1 - -/* Define if you have the warnx function. */ -#define HAVE_WARNX 1 - -/* Define if you have the writev function. */ -#define HAVE_WRITEV 1 - -/* Define if you have the yp_get_default_domain function. */ -#define HAVE_YP_GET_DEFAULT_DOMAIN 1 - -/* Define if you have the header file. */ -#define HAVE_ARPA_FTP_H 1 - -/* Define if you have the header file. */ -#define HAVE_ARPA_INET_H 1 - -/* Define if you have the header file. */ -#define HAVE_ARPA_NAMESER_H 1 - -/* Define if you have the header file. */ -#define HAVE_ARPA_TELNET_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_BSD_BSD_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_BSDSETJMP_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_CAPABILITY_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_CRYPT_H */ - -/* Define if you have the header file. */ -#define HAVE_CURSES_H 1 - -/* Define if you have the header file. */ -#define HAVE_DB_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_DBM_H */ - -/* Define if you have the header file. */ -#define HAVE_DIRENT_H 1 - -/* Define if you have the header file. */ -#define HAVE_ERR_H 1 - -/* Define if you have the header file. */ -#define HAVE_ERRNO_H 1 - -/* Define if you have the header file. */ -#define HAVE_FCNTL_H 1 - -/* Define if you have the header file. */ -#define HAVE_FNMATCH_H 1 - -/* Define if you have the header file. */ -#define HAVE_GRP_H 1 - -/* Define if you have the header file. */ -#define HAVE_INTTYPES_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_IO_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_LASTLOG_H */ - -/* Define if you have the header file. */ -#define HAVE_LIBUTIL_H 1 - -/* Define if you have the header file. */ -#define HAVE_LIMITS_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_LOGIN_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_MAILLOCK_H */ - -/* Define if you have the header file. */ -#define HAVE_NDBM_H 1 - -/* Define if you have the header file. */ -#define HAVE_NET_IF_H 1 - -/* Define if you have the header file. */ -#define HAVE_NET_IF_TUN_H 1 - -/* Define if you have the header file. */ -#define HAVE_NET_IF_VAR_H 1 - -/* Define if you have the header file. */ -#define HAVE_NETDB_H 1 - -/* Define if you have the header file. */ -#define HAVE_NETINET_IN_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_NETINET_IN6_MACHTYPES_H */ - -/* Define if you have the header file. */ -#define HAVE_NETINET_IN_SYSTM_H 1 - -/* Define if you have the header file. */ -#define HAVE_NETINET_IP_H 1 - -/* Define if you have the header file. */ -#define HAVE_NETINET_TCP_H 1 - -/* Define if you have the header file. */ -#define HAVE_PATHS_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_PTY_H */ - -/* Define if you have the header file. */ -#define HAVE_PWD_H 1 - -/* Define if you have the header file. */ -#define HAVE_RESOLV_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_RPCSVC_DBM_H */ - -/* Define if you have the header file. */ -#define HAVE_RPCSVC_YPCLNT_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SAC_H */ - -/* Define if you have the header file. */ -#define HAVE_SECURITY_PAM_MODULES_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SHADOW_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SIAD_H */ - -/* Define if you have the header file. */ -#define HAVE_SIGNAL_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_STANDARDS_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_STROPTS_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_BITYPES_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_CAPABILITY_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_CATEGORY_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_FILE_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_FILIO_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_IOCCOM_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_IOCTL_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_LOCKING_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_MMAN_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_PARAM_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_PROC_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_PTY_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_PTYIO_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_PTYVAR_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_RESOURCE_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_SELECT_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_SOCKET_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_SOCKIO_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_STAT_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_STR_TTY_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_STREAM_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_STROPTS_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_STRTTY_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_SYSCALL_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_SYSCTL_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_SYS_TERMIO_H */ - -/* Define if you have the header file. */ -#define HAVE_SYS_TIME_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_TIMEB_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_TIMES_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_TTY_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_TYPES_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_UIO_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_UN_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_UTSNAME_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYS_WAIT_H 1 - -/* Define if you have the header file. */ -#define HAVE_SYSLOG_H 1 - -/* Define if you have the header file. */ -#define HAVE_TERM_H 1 - -/* Define if you have the header file. */ -#define HAVE_TERMCAP_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_TERMIO_H */ - -/* Define if you have the header file. */ -#define HAVE_TERMIOS_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_TMPDIR_H */ - -/* Define if you have the header file. */ -#define HAVE_TTYENT_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_UDB_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_ULIMIT_H */ - -/* Define if you have the header file. */ -#define HAVE_UNISTD_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_USERPW_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_USERSEC_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_UTIL_H */ - -/* Define if you have the header file. */ -#define HAVE_UTIME_H 1 - -/* Define if you have the header file. */ -#define HAVE_UTMP_H 1 - -/* Define if you have the header file. */ -/* #undef HAVE_UTMPX_H */ - -/* Define if you have the header file. */ -/* #undef HAVE_WAIT_H */ - -/* Define if you have the X11 library (-lX11). */ -/* #undef HAVE_LIBX11 */ - -/* Define if you have the Xau library (-lXau). */ -/* #undef HAVE_LIBXAU */ - -/* Define if you have the c_r library (-lc_r). */ -/* #undef HAVE_LIBC_R */ - -/* Define if you have the cfg library (-lcfg). */ -/* #undef HAVE_LIBCFG */ - -/* Define if you have the crypt library (-lcrypt). */ -#define HAVE_LIBCRYPT 1 - -/* Define if you have the curses library (-lcurses). */ -/* #undef HAVE_LIBCURSES */ - -/* Define if you have the dl library (-ldl). */ -/* #undef HAVE_LIBDL */ - -/* Define if you have the edit library (-ledit). */ -#define HAVE_LIBEDIT 1 - -/* Define if you have the ncurses library (-lncurses). */ -/* #undef HAVE_LIBNCURSES */ - -/* Define if you have the nsl library (-lnsl). */ -/* #undef HAVE_LIBNSL */ - -/* Define if you have the odm library (-lodm). */ -/* #undef HAVE_LIBODM */ - -/* Define if you have the readline library (-lreadline). */ -#define HAVE_LIBREADLINE 1 - -/* Define if you have the resolv library (-lresolv). */ -/* #undef HAVE_LIBRESOLV */ - -/* Define if you have the s library (-ls). */ -/* #undef HAVE_LIBS */ - -/* Define if you have the socket library (-lsocket). */ -/* #undef HAVE_LIBSOCKET */ - -/* Define if you have the syslog library (-lsyslog). */ -/* #undef HAVE_LIBSYSLOG */ - -/* Define if you have the termcap library (-ltermcap). */ -#define HAVE_LIBTERMCAP 1 - -/* Define if you have the util library (-lutil). */ -#define HAVE_LIBUTIL 1 - -/* Name of package */ -#define PACKAGE "krb4" - -/* Version number of package */ -#define VERSION "1.0" - -/* Define to what version of SunOS you are running. */ -/* #undef SunOS */ - -/* Define if you have the socks package. */ -/* #undef SOCKS */ - -/* Define to enable old kdestroy behavior. */ -/* #undef LEGACY_KDESTROY */ - -/* Define if you want to match subdomains. */ -/* #undef MATCH_SUBDOMAINS */ - -/* Define this to be the directory where the - dictionary for cracklib resides. */ -/* #undef DICTPATH */ - -/* Define this to the path of the mail spool directory. */ -/* #undef KRB4_MAILDIR */ - -/* Define this to the kerberos database directory. */ -/* #undef DB_DIR */ - -/* Define to enable new master key code. */ -/* #undef RANDOM_MKEY */ - -/* Define this to the location of the master key. */ -/* #undef MKEYFILE */ - -/* Define to enable basic OSF C2 support. */ -/* #undef HAVE_OSFC2 */ - -/* Define if you don't want to use mmap. */ -/* #undef NO_MMAP */ - -/* Define if you don't wan't support for AFS. */ -/* #undef NO_AFS */ - -/* Set this to the type of des-quad-cheksum to use. */ -#define DES_QUAD_DEFAULT DES_QUAD_GUESS - -/* Define if you have the readline package. */ -/* #undef READLINE */ - -/* Define if you have the hesiod package. */ -/* #undef HESIOD */ - -/* define if your compiler has __attribute__ */ -#define HAVE___ATTRIBUTE__ 1 - -/* Huh? */ -/* #undef HAVE_STRANGE_INT8_T */ - -/* Define if NDBM really is DB (creates files ending in .db). */ -#define HAVE_NEW_DB 1 - -/* Define if you have NDBM (and not DBM) */ -#define NDBM 1 - -/* define if you have a working snprintf */ -#define HAVE_SNPRINTF 1 - -/* define if the system is missing a prototype for snprintf() */ -/* #undef NEED_SNPRINTF_PROTO */ - -/* define if you have a glob() that groks - GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, and GLOB_TILDE */ -#define HAVE_GLOB 1 - -/* define if the system is missing a prototype for glob() */ -/* #undef NEED_GLOB_PROTO */ - -/* Define if getpwnam_r has POSIX flavour. */ -/* #undef POSIX_GETPWNAM_R */ - -/* Define if getlogin has POSIX flavour (and not BSD). */ -/* #undef POSIX_GETLOGIN */ - -/* define if the system is missing a prototype for hstrerror() */ -/* #undef NEED_HSTRERROR_PROTO */ - -/* define if the system is missing a prototype for gethostname() */ -/* #undef NEED_GETHOSTNAME_PROTO */ - -/* define if the system is missing a prototype for mkstemp() */ -/* #undef NEED_MKSTEMP_PROTO */ - -/* define if the system is missing a prototype for inet_aton() */ -/* #undef NEED_INET_ATON_PROTO */ - -/* Define if realloc(NULL, X) doesn't work. */ -/* #undef BROKEN_REALLOC */ - -/* Define if getcwd is broken (like in SunOS 4). */ -/* #undef BROKEN_GETCWD */ - -/* define if prototype of gethostbyname is compatible with - struct hostent *gethostbyname(const char *) */ -#define GETHOSTBYNAME_PROTO_COMPATIBLE 1 - -/* define if prototype of gethostbyaddr is compatible with - struct hostent *gethostbyaddr(const void *, size_t, int) */ -/* #undef GETHOSTBYADDR_PROTO_COMPATIBLE */ - -/* define if prototype of getservbyname is compatible with - struct servent *getservbyname(const char *, const char *) */ -#define GETSERVBYNAME_PROTO_COMPATIBLE 1 - -/* define if prototype of openlog is compatible with - void openlog(const char *, int, int) */ -#define OPENLOG_PROTO_COMPATIBLE 1 - -/* define if the system is missing a prototype for crypt() */ -/* #undef NEED_CRYPT_PROTO */ - -/* define if the system is missing a prototype for fclose() */ -/* #undef NEED_FCLOSE_PROTO */ - -/* define if the system is missing a prototype for strtok_r() */ -/* #undef NEED_STRTOK_R_PROTO */ - -/* define if the system is missing a prototype for strsep() */ -/* #undef NEED_STRSEP_PROTO */ - -/* define if the system is missing a prototype for getusershell() */ -/* #undef NEED_GETUSERSHELL_PROTO */ - -/* define if the system is missing a prototype for utime() */ -/* #undef NEED_UTIME_PROTO */ - -/* define if you have h_errno */ -#define HAVE_H_ERRNO 1 - -/* define if your system declares h_errno */ -#define HAVE_H_ERRNO_DECLARATION 1 - -/* define if you have h_errlist */ -#define HAVE_H_ERRLIST 1 - -/* define if your system declares h_errlist */ -/* #undef HAVE_H_ERRLIST_DECLARATION */ - -/* define if you have h_nerr */ -#define HAVE_H_NERR 1 - -/* define if your system declares h_nerr */ -/* #undef HAVE_H_NERR_DECLARATION */ - -/* define if you have __progname */ -#define HAVE___PROGNAME 1 - -/* define if your system declares __progname */ -/* #undef HAVE___PROGNAME_DECLARATION */ - -/* define if your system declares optarg */ -#define HAVE_OPTARG_DECLARATION 1 - -/* define if your system declares optind */ -#define HAVE_OPTIND_DECLARATION 1 - -/* define if your system declares opterr */ -#define HAVE_OPTERR_DECLARATION 1 - -/* define if your system declares optopt */ -#define HAVE_OPTOPT_DECLARATION 1 - -/* define if your system declares environ */ -/* #undef HAVE_ENVIRON_DECLARATION */ - -/* Define if RETSIGTYPE == void. */ -#define VOID_RETSIGTYPE 1 - -/* Define if struct utmp has field ut_addr. */ -/* #undef HAVE_STRUCT_UTMP_UT_ADDR */ - -/* Define if struct utmp has field ut_host. */ -#define HAVE_STRUCT_UTMP_UT_HOST 1 - -/* Define if struct utmp has field ut_id. */ -/* #undef HAVE_STRUCT_UTMP_UT_ID */ - -/* Define if struct utmp has field ut_pid. */ -/* #undef HAVE_STRUCT_UTMP_UT_PID */ - -/* Define if struct utmp has field ut_type. */ -/* #undef HAVE_STRUCT_UTMP_UT_TYPE */ - -/* Define if struct utmp has field ut_user. */ -/* #undef HAVE_STRUCT_UTMP_UT_USER */ - -/* Define if struct utmpx has field ut_exit. */ -/* #undef HAVE_STRUCT_UTMPX_UT_EXIT */ - -/* Define if struct utmpx has field ut_syslen. */ -/* #undef HAVE_STRUCT_UTMPX_UT_SYSLEN */ - -/* Define if struct tm has field tm_gmtoff. */ -#define HAVE_STRUCT_TM_TM_GMTOFF 1 - -/* Define if struct tm has field tm_zone. */ -#define HAVE_STRUCT_TM_TM_ZONE 1 - -/* define if you have timezone */ -#define HAVE_TIMEZONE 1 - -/* define if your system declares timezone */ -#define HAVE_TIMEZONE_DECLARATION 1 - -/* define if you have struct spwd */ -/* #undef HAVE_STRUCT_SPWD */ - -/* define if struct winsize is declared in sys/termios.h */ -#define HAVE_STRUCT_WINSIZE 1 - -/* define if struct winsize has ws_xpixel */ -#define HAVE_WS_XPIXEL 1 - -/* define if struct winsize has ws_ypixel */ -#define HAVE_WS_YPIXEL 1 - -/* Define this to what the type ssize_t should be. */ -/* #undef ssize_t */ - -/* Define if struct sockaddr has field sa_len. */ -#define HAVE_STRUCT_SOCKADDR_SA_LEN 1 - -/* Define if SIAENTITY has field ouid. */ -/* #undef HAVE_SIAENTITY_OUID */ - -/* Define if you have a working getmsg. */ -/* #undef HAVE_GETMSG */ - -/* Define if el_init takes four arguments. */ -/* #undef HAVE_FOUR_VALUED_EL_INIT */ - -/* Define if you have a readline function. */ -#define HAVE_READLINE 1 - -/* Define if you have working stream ptys. */ -/* #undef STREAMSPTY */ - -/* Define if /bin/ls has a `-A' flag. */ -#define HAVE_LS_A 1 - - -#define HAVE_INT8_T 1 -#define HAVE_INT16_T 1 -#define HAVE_INT32_T 1 -#define HAVE_INT64_T 1 -#define HAVE_U_INT8_T 1 -#define HAVE_U_INT16_T 1 -#define HAVE_U_INT32_T 1 -#define HAVE_U_INT64_T 1 - -/* This for compat with heimdal (or something) */ -#define KRB_PUT_INT(f, t, l, s) krb_put_int((f), (t), (l), (s)) - -#define HAVE_KRB_ENABLE_DEBUG 1 - -#define HAVE_KRB_DISABLE_DEBUG 1 - -#define HAVE_KRB_GET_OUR_IP_FOR_REALM 1 - -#define RCSID(msg) \ -static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg } - -/* - * Set ORGANIZATION to be the desired organization string printed - * by the 'kinit' program. It may have spaces. - */ -#define ORGANIZATION "FreeBSD Inc." - -#if 0 -#define BINDIR "/usr/bin" -#define LIBDIR "/usr/lib" -#define LIBEXECDIR "/usr/libexec" -#define SBINDIR "/usr/sbin" -#endif - -#if 0 -#define KRB_CNF_FILES { "/etc/krb.conf", "/etc/kerberosIV/krb.conf", 0} -#define KRB_RLM_FILES { "/etc/krb.realms", "/etc/kerberosIV/krb.realms", 0} -#define KRB_EQUIV "/etc/krb.equiv" - -#define KEYFILE "/etc/srvtab" - -#define KRBDIR "/var/kerberos" -#define DBM_FILE KRBDIR "/principal" -#define DEFAULT_ACL_DIR KRBDIR - -#define KRBLOG "/var/log/kerberos.log" /* master server */ -#define KRBSLAVELOG "/var/log/kerberos_slave.log" /* slave server */ -#define KADM_SYSLOG "/var/log/admin_server.syslog" -#define K_LOGFIL "/var/log/kpropd.log" -#endif - -/* Maximum values on all known systems */ -#define MaxHostNameLen (64+4) -#define MaxPathLen (1024+4) - -/* ftp stuff -------------------------------------------------- */ - -#define KERBEROS - -/* telnet stuff ----------------------------------------------- */ - -/* define this for OTP support */ -/* #undef OTP */ - -/* define this if you have kerberos 4 */ -#define KRB4 1 - -/* define this if you want encryption */ -#define ENCRYPTION 1 - -/* define this if you want authentication */ -#define AUTHENTICATION 1 - -#if defined(ENCRYPTION) && !defined(AUTHENTICATION) -#define AUTHENTICATION 1 -#endif - -/* Set this if you want des encryption */ -#define DES_ENCRYPTION 1 - -/* Set this to the default system lead string for telnetd - * can contain %-escapes: %s=sysname, %m=machine, %r=os-release - * %v=os-version, %t=tty, %h=hostname, %d=date and time - */ -/* #undef USE_IM */ - -/* define this if you want diagnostics in telnetd */ -#define DIAGNOSTICS 1 - -/* define this if you want support for broken ENV_{VALUE,VAR} systems */ -/* #undef ENV_HACK */ - -/* */ -#define OLD_ENVIRON 1 - -/* Used with login -p */ -/* #undef LOGIN_ARGS */ - -/* set this to a sensible login */ -#ifndef LOGIN_PATH -#define LOGIN_PATH BINDIR "/login" -#endif - - -/* ------------------------------------------------------------ */ - -#ifdef BROKEN_REALLOC -#define realloc(X, Y) isoc_realloc((X), (Y)) -#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) -#endif - -#ifdef VOID_RETSIGTYPE -#define SIGRETURN(x) return -#else -#define SIGRETURN(x) return (RETSIGTYPE)(x) -#endif - -/* Temporary fixes for krb_{rd,mk}_safe */ -#define DES_QUAD_GUESS 0 -#define DES_QUAD_NEW 1 -#define DES_QUAD_OLD 2 - -/* - * All these are system-specific defines that I would rather not have at all. - */ - -/* - * AIX braindamage! - */ -#if _AIX -#define _ALL_SOURCE -/* XXX this is gross, but kills about a gazillion warnings */ -struct ether_addr; -struct sockaddr; -struct sockaddr_dl; -struct sockaddr_in; -#endif - -#if defined(__sgi) || defined(sgi) -#if defined(__SYSTYPE_SVR4) || defined(_SYSTYPE_SVR4) -#define IRIX 5 -#else -#define IRIX 4 -#endif -#endif - -/* IRIX 4 braindamage */ -#if IRIX == 4 && !defined(__STDC__) -#define __STDC__ 0 -#endif - -/* - * Defining this enables lots of useful (and used) extensions on - * glibc-based systems such as Linux - */ - -#define _GNU_SOURCE - -/* some strange OS/2 stuff. From */ - -#ifdef __EMX__ -#define _EMX_TCPIP -#define MAIL_USE_SYSTEM_LOCK -#endif - -#ifdef ROKEN_RENAME -#include "roken_rename.h" -#endif diff --git a/kerberosIV/include/roken.h b/kerberosIV/include/roken.h deleted file mode 100755 index e9bbff883ae9..000000000000 --- a/kerberosIV/include/roken.h +++ /dev/null @@ -1,188 +0,0 @@ -/* This is an OS dependent, generated file */ -/* Generated by Mark Murray */ - -#ifndef __ROKEN_H__ -#define __ROKEN_H__ - -/* -*- C -*- */ -/* - * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan - * (Royal Institute of Technology, Stockholm, Sweden). - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the Institute nor the names of its contributors - * may be used to endorse or promote products derived from this software - * without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND - * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE - * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL - * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS - * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -/* $Id: roken.h.in,v 1.125 1999/12/02 16:58:52 joda Exp $ */ -/* $FreeBSD$ */ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#include - - -#define ROKEN_LIB_FUNCTION - -#include - - - - - - - - - - -int asnprintf (char **ret, size_t max_sz, const char *format, ...) - __attribute__ ((format (printf, 3, 4))); - -int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap) - __attribute__((format (printf, 3, 0))); - - -char * strndup(const char *old, size_t sz); - -char * strlwr(char *); - -size_t strnlen(const char*, size_t); - - - - - -char * strupr(char *); - - - - - - - - - - - -#include -struct passwd *k_getpwnam (const char *user); -struct passwd *k_getpwuid (uid_t uid); - -const char *get_default_username (void); - - - - - - - - - - - - - - - - - - - -time_t tm2time (struct tm tm, int local); - -int unix_verify_user(char *user, char *password); - -void inaddr2str(struct in_addr addr, char *s, size_t len); - -void mini_inetd (int port); - -int roken_concat (char *s, size_t len, ...); - -size_t roken_mconcat (char **s, size_t max_len, ...); - -int roken_vconcat (char *s, size_t len, va_list args); - -size_t roken_vmconcat (char **s, size_t max_len, va_list args); - -ssize_t net_write (int fd, const void *buf, size_t nbytes); - -ssize_t net_read (int fd, void *buf, size_t nbytes); - -int issuid(void); - - -int get_window_size(int fd, struct winsize *); - - - -extern const char *__progname; - -extern char **environ; - - - - -struct hostent * -copyhostent (const struct hostent *h); - - -/* - * kludges and such - */ - -int roken_gethostby_setup(const char*, const char*); -struct hostent* roken_gethostbyname(const char*); -struct hostent* roken_gethostbyaddr(const void*, size_t, int); - -#define roken_getservbyname(x,y) getservbyname(x,y) - -#define roken_openlog(a,b,c) openlog(a,b,c) - -void set_progname(char *argv0); - -#endif /* __ROKEN_H__ */ diff --git a/kerberosIV/include/version.h b/kerberosIV/include/version.h deleted file mode 100644 index 1965192af8b6..000000000000 --- a/kerberosIV/include/version.h +++ /dev/null @@ -1,5 +0,0 @@ -/* $FreeBSD$ */ -char *krb4_long_version = "@(#)$Version: krb4-1.0.5 (FreeBSD) $"; -char *krb4_version = "krb4-1.0.5"; -char *heimdal_long_version = "@(#)$Version: Heimdal 0.5fb1 (FreeBSD) $"; -char *heimdal_version = "Heimdal 0.5fb1"; diff --git a/kerberosIV/lib/Makefile b/kerberosIV/lib/Makefile deleted file mode 100644 index f2b0a532f263..000000000000 --- a/kerberosIV/lib/Makefile +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -SUBDIR= libroken libsl libacl libkadm libkafs libkdb libkrb libtelnet - -.include diff --git a/kerberosIV/lib/Makefile.inc b/kerberosIV/lib/Makefile.inc deleted file mode 100644 index 7b0f08c3e34b..000000000000 --- a/kerberosIV/lib/Makefile.inc +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -SHLIB_MAJOR?= 3 - -.include "../Makefile.inc" diff --git a/kerberosIV/lib/libacl/Makefile b/kerberosIV/lib/libacl/Makefile deleted file mode 100644 index 347131b4cbf7..000000000000 --- a/kerberosIV/lib/libacl/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -# $FreeBSD$ - -LIB= acl -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/acl \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/lib/roken \ - -I${INCLUDEOBJDIR} \ - -I${.OBJDIR} -SRCS= acl_files.c protos.h -INCS= acl.h -MAN= ${KRB4DIR}/man/acl_check.3 -MLINKS= acl_check.3 acl_canonicalize_principal.3 \ - acl_check.3 acl_exact_match.3 \ - acl_check.3 acl_add.3 \ - acl_check.3 acl_delete.3 \ - acl_check.3 acl_initialize.3 - -.include - -.PATH: ${KRB4DIR}/lib/acl - -CLEANFILES+= protos.h diff --git a/kerberosIV/lib/libkadm/Makefile b/kerberosIV/lib/libkadm/Makefile deleted file mode 100644 index 9019aae78b6c..000000000000 --- a/kerberosIV/lib/libkadm/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -LIB= kadm -CFLAGS+= -I${KRB4DIR}/include \ - -I${INCLUDEOBJDIR} \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/roken \ - -I${KRBOBJDIR} \ - -I${KADMOBJDIR} \ - -I${.OBJDIR} -SRCS= kadm_cli_wrap.c kadm_stream.c kadm_supp.c \ - ${KADMOBJDIR}/kadm_err.c ${KADMOBJDIR}/kadm_err.h \ - ${KRBOBJDIR}/krb_err.h check_password.c protos.h -INCS= kadm.h ${KADMOBJDIR}/kadm_err.h - -.include - -.PATH: ${KRB4DIR}/lib/kadm - -CLEANFILES+= protos.h diff --git a/kerberosIV/lib/libkafs/Makefile b/kerberosIV/lib/libkafs/Makefile deleted file mode 100644 index 93af2f821b77..000000000000 --- a/kerberosIV/lib/libkafs/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -# $FreeBSD$ - -LIB= kafs -CFLAGS+= -I${KRB4DIR}/include \ - -I${INCLUDEOBJDIR} \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/lib/kafs -SRCS= afssys.c afskrb.c common.c issuid.c \ - strlcpy.c strlcat.c -INCS= kafs.h -MAN= ${KRB4DIR}/man/kafs.3 -MLINKS= kafs.3 k_hasafs.3 kafs.3 k_afsklog.3 kafs.3 k_afsklog_uid.3 \ - kafs.3 k_pioctl.3 kafs.3 k_unlog.3 kafs.3 k_setpag.3 \ - kafs.3 k_afs_cell_of_file.3 - -.include - -.PATH: ${KRB4DIR}/lib/kafs -.PATH: ${KRB4DIR}/lib/roken diff --git a/kerberosIV/lib/libkdb/Makefile b/kerberosIV/lib/libkdb/Makefile deleted file mode 100644 index fc5db4df709a..000000000000 --- a/kerberosIV/lib/libkdb/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# $FreeBSD$ - -LIB= kdb -CFLAGS+= -I${KRB4DIR}/include \ - -I${INCLUDEOBJDIR} \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/lib/kdb \ - -I${KADMOBJDIR} -SRCS= krb_cache.c krb_kdb_utils.c copykey.c krb_lib.c krb_dbm.c \ - print_princ.c -INCS= kdc.h krb_db.h - -.include - -.PATH: ${KRB4DIR}/lib/kdb diff --git a/kerberosIV/lib/libkrb/Makefile b/kerberosIV/lib/libkrb/Makefile deleted file mode 100644 index 69af18b7e764..000000000000 --- a/kerberosIV/lib/libkrb/Makefile +++ /dev/null @@ -1,68 +0,0 @@ -# $FreeBSD$ - -LIB= krb -CFLAGS+= -I${KRB4DIR}/include \ - -I${INCLUDEOBJDIR} \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/lib/roken \ - -I${KRBOBJDIR} \ - -I${.OBJDIR} -DPADD+= ${LIBCRYPT} -LDADD+= -lcrypt -SRCS= check_time.c cr_err_reply.c create_auth_reply.c \ - create_ciph.c create_death_packet.c create_ticket.c \ - debug_decl.c decomp_ticket.c defaults.c dest_tkt.c \ - encrypt_ktext.c extra.c get_ad_tkt.c getfile.c get_cred.c \ - get_default_principal.c get_host.c get_in_tkt.c get_krbrlm.c \ - get_svc_in_tkt.c get_tf_fullname.c get_tf_realm.c getaddrs.c \ - getrealm.c getst.c k_getport.c k_getsockinst.c k_localtime.c \ - kdc_reply.c kntoln.c krb_check_auth.c krb_equiv.c \ - krb_err_txt.c krb_get_in_tkt.c kuserok.c lifetime.c \ - logging.c lsb_addr_comp.c mk_auth.c mk_err.c mk_priv.c \ - mk_req.c mk_safe.c month_sname.c name2name.c krb_net_read.c \ - krb_net_write.c one.c parse_name.c rd_err.c rd_priv.c \ - rd_req.c rd_safe.c read_service_key.c realm_parse.c \ - recvauth.c rw.c save_credentials.c send_to_kdc.c sendauth.c \ - solaris_compat.c stime.c str2key.c tf_util.c time.c \ - tkt_string.c unparse_name.c verify_user.c krb_ip_realm.c \ - base64.c concat.c flock.c gethostname.c gettimeofday.c \ - getuid.c net_read.c net_write.c resolve.c snprintf.c \ - strcasecmp.c strlcat.c strlcpy.c strdup.c strncasecmp.c \ - strnlen.c strtok_r.c swab.c ${KRBOBJDIR}/krb_err.c \ - ${KRBOBJDIR}/krb_err.h protos.h -INCS= krb.h klog.h krb-protos.h prot.h ${KRBOBJDIR}/krb_err.h -MAN= ${KRB4DIR}/man/kerberos.3 \ - ${KRB4DIR}/man/krb_realmofhost.3 \ - ${KRB4DIR}/man/krb_sendauth.3 \ - ${KRB4DIR}/man/krb_set_tkt_string.3 \ - ${KRB4DIR}/man/kuserok.3 \ - ${KRB4DIR}/man/tf_util.3 -MLINKS= kerberos.3 krb_mk_req.3 \ - kerberos.3 krb_rd_req.3 \ - kerberos.3 krb_kntoln.3 \ - kerberos.3 krb_set_key.3 \ - kerberos.3 krb_get_cred.3 \ - kerberos.3 krb_mk_priv.3 \ - kerberos.3 krb_rd_priv.3 \ - kerberos.3 krb_mk_safe.3 \ - kerberos.3 krb_rd_safe.3 \ - kerberos.3 krb_mk_err.3 \ - kerberos.3 krb_rd_err.3 \ - kerberos.3 krb_ck_repl.3 \ - krb_realmofhost.3 krb_get_phost.3 \ - krb_realmofhost.3 krb_get_krbhst.3 \ - krb_realmofhost.3 krb_get_admhst.3 \ - krb_realmofhost.3 krb_get_lrealm.3 \ - krb_sendauth.3 krb_recvauth.3 \ - krb_sendauth.3 krb_net_write.3 \ - krb_sendauth.3 krb_net_read.3 \ - tf_util.3 tf_init.3 \ - tf_util.3 tf_get_pname.3 \ - tf_util.3 tf_get_pinst.3 \ - tf_util.3 tf_get_cred.3 \ - tf_util.3 tf_close.3 - -.include - -.PATH: ${KRB4DIR}/lib/krb -.PATH: ${KRB4DIR}/lib/roken diff --git a/kerberosIV/lib/libroken/Makefile b/kerberosIV/lib/libroken/Makefile deleted file mode 100644 index 4bd556f738ca..000000000000 --- a/kerberosIV/lib/libroken/Makefile +++ /dev/null @@ -1,30 +0,0 @@ -# $FreeBSD$ - -LIB= roken -INTERNALLIB= YES -CFLAGS+= -I${KRB4DIR}/include \ - -I${INCLUDEOBJDIR} \ - -I${KRB4DIR}/lib/roken \ - -I${.OBJDIR} -SRCS= base64.c concat.c emalloc.c eread.c erealloc.c estrdup.c \ - ewrite.c get_default_username.c get_window_size.c getarg.c \ - inaddr2str.c issuid.c k_getpwnam.c k_getpwuid.c mini_inetd.c \ - net_read.c net_write.c parse_time.c parse_units.c \ - print_version.c resolve.c roken_gethostby.c signal.c \ - simple_exec.c snprintf.c socket.c strcollect.c tm2time.c \ - verify.c warnerr.c copyhostent.c strlwr.c strndup.c \ - strnlen.c strupr.c print_version.h - -.include - -.PATH: ${KRB4DIR}/lib/roken - -build-tools: make-print-version - -print_version.h: make-print-version - ./make-print-version print_version.h - -make-print-version: make-print-version.c - ${CC} ${CFLAGS} -o ${.TARGET} ${.OODATE} - -CLEANFILES+= make-print-version print_version.h diff --git a/kerberosIV/lib/libsl/Makefile b/kerberosIV/lib/libsl/Makefile deleted file mode 100644 index 2a281a974d20..000000000000 --- a/kerberosIV/lib/libsl/Makefile +++ /dev/null @@ -1,14 +0,0 @@ -# $FreeBSD$ - -LIB= sl -INTERNALLIB= YES -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/sl \ - -I${KRB4DIR}/lib/roken \ - -I${INCLUDEOBJDIR} -SRCS= sl.c ss.c strtok_r.c - -.include - -.PATH: ${KRB4DIR}/lib/sl -.PATH: ${KRB4DIR}/lib/roken diff --git a/kerberosIV/lib/libtelnet/Makefile b/kerberosIV/lib/libtelnet/Makefile deleted file mode 100644 index 21d5b0b1f526..000000000000 --- a/kerberosIV/lib/libtelnet/Makefile +++ /dev/null @@ -1,33 +0,0 @@ -# $FreeBSD$ - -LIB= telnet - -INTERNALLIB= yes - -SRCS= genget.c getent.c misc.c encrypt.c auth.c \ - enc_des.c sra.c pk.c -SRCS+= kerberos.c - -CFLAGS+= -DENCRYPTION -DAUTHENTICATION -DSRA -I${TELNETDIR} -CFLAGS+= -DKRB4 -I${KRB4DIR}/lib/krb - -WARNS?= 0 - -INCS= ${TELNETDIR}/arpa/telnet.h -INCSDIR= ${INCLUDEDIR}/arpa - -.include - -.PATH: ${TELNETDIR}/libtelnet - -# -# Remove obsolete shared libraries, if any. We don't bother moving them -# to /usr/lib/compat, since they were only used by telnet, telnetd and -# tn3270. -# -beforeinstall: __remove-stale-libs -__remove-stale-libs: .PHONY -.if exists(${DESTDIR}${SHLIBDIR}/lib${LIB}.so.2.0) - -chflags noschg ${DESTDIR}${SHLIBDIR}/lib${LIB}.so.2.0 - rm -f ${DESTDIR}${SHLIBDIR}/lib${LIB}.so.2.0 -.endif diff --git a/kerberosIV/libexec/Makefile b/kerberosIV/libexec/Makefile deleted file mode 100644 index d8079b3e379f..000000000000 --- a/kerberosIV/libexec/Makefile +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -SUBDIR= kauthd kipd kpropd telnetd - -.include diff --git a/kerberosIV/libexec/Makefile.inc b/kerberosIV/libexec/Makefile.inc deleted file mode 100644 index 535597e7d2a5..000000000000 --- a/kerberosIV/libexec/Makefile.inc +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -BINDIR= /usr/libexec - -.include "../Makefile.inc" diff --git a/kerberosIV/libexec/kauthd/Makefile b/kerberosIV/libexec/kauthd/Makefile deleted file mode 100644 index 83cd7cbde79d..000000000000 --- a/kerberosIV/libexec/kauthd/Makefile +++ /dev/null @@ -1,17 +0,0 @@ -# $FreeBSD$ - -PROG= kauthd -MAN= ${KRB4DIR}/man/kauthd.8 -SRCS= kauthd.c encdata.c marshall.c -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kafs \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/appl/kauth -LDADD= -L${ROKENOBJDIR} -lroken -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/appl/kauth diff --git a/kerberosIV/libexec/kipd/Makefile b/kerberosIV/libexec/kipd/Makefile deleted file mode 100644 index 3c3d2a7bda88..000000000000 --- a/kerberosIV/libexec/kipd/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# $FreeBSD$ - -PROG= kipd -NOMAN= yes -SRCS= kipd.c common.c -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/appl/kip -LDADD= -L${ROKENOBJDIR} -lroken -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/appl/kip diff --git a/kerberosIV/libexec/kpropd/Makefile b/kerberosIV/libexec/kpropd/Makefile deleted file mode 100644 index 269cec101adc..000000000000 --- a/kerberosIV/libexec/kpropd/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -# $FreeBSD$ - -PROG= kpropd -MAN= ${KRB4DIR}/man/kpropd.8 -SRCS= kpropd.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/slave \ - -I${INCLOBJDIR} \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/slave diff --git a/kerberosIV/libexec/telnetd/Makefile b/kerberosIV/libexec/telnetd/Makefile deleted file mode 100644 index ea0a03cae950..000000000000 --- a/kerberosIV/libexec/telnetd/Makefile +++ /dev/null @@ -1,28 +0,0 @@ -# $FreeBSD$ - -# Do not define -DKLUDGELINEMODE, as it does not interact well with many -# telnet implementations. - -PROG= telnetd -MAN= telnetd.8 - -SRCS= global.c slc.c state.c sys_term.c telnetd.c \ - termstat.c utility.c authenc.c - -CFLAGS+= -DLINEMODE -DUSE_TERMIO -DDIAGNOSTICS -DOLD_ENVIRON \ - -DENV_HACK -DAUTHENTICATION -DENCRYPTION \ - -I${TELNETDIR} -DINET6 -CFLAGS+= -DKRB4 - -WARNS?= 2 - -DPADD= ${LIBUTIL} ${LIBTERMCAP} ${LIBTELNET} ${LIBMP} ${LIBCRYPTO} \ - ${LIBKRB} ${LIBCOM_ERR} \ - ${LIBCRYPT} ${LIBPAM} -LDADD= -lutil -ltermcap ${LIBTELNET} -lmp -lcrypto \ - -L${KRBOBJDIR} -lkrb -lcom_err \ - -lcrypt ${MINUSLPAM} - -.include - -.PATH: ${TELNETDIR}/telnetd diff --git a/kerberosIV/share/info/Makefile b/kerberosIV/share/info/Makefile deleted file mode 100644 index 3b8c37450caf..000000000000 --- a/kerberosIV/share/info/Makefile +++ /dev/null @@ -1,16 +0,0 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 -# $FreeBSD$ - -NOOBJ= noobj - -all clean cleandir depend lint tags: - -beforeinstall: - ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 444 dir-tmpl \ - ${DESTDIR}${BINDIR}/info/dir-tmpl - if [ ! -f ${DESTDIR}${BINDIR}/info/dir ]; then \ - ${INSTALL} -o ${BINOWN} -g ${BINGRP} -m 444 dir-tmpl \ - ${DESTDIR}${BINDIR}/info/dir ; \ - fi - -.include diff --git a/kerberosIV/usr.bin/Makefile b/kerberosIV/usr.bin/Makefile deleted file mode 100644 index 258c347eba2a..000000000000 --- a/kerberosIV/usr.bin/Makefile +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -SUBDIR= kadmin kauth kdestroy kinit klist ksrvtgt telnet - -.include diff --git a/kerberosIV/usr.bin/Makefile.inc b/kerberosIV/usr.bin/Makefile.inc deleted file mode 100644 index abd146b6720e..000000000000 --- a/kerberosIV/usr.bin/Makefile.inc +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -BINDIR= /usr/bin - -.include "../Makefile.inc" diff --git a/kerberosIV/usr.bin/kadmin/Makefile b/kerberosIV/usr.bin/kadmin/Makefile deleted file mode 100644 index 2f47c8f73768..000000000000 --- a/kerberosIV/usr.bin/kadmin/Makefile +++ /dev/null @@ -1,28 +0,0 @@ -# $FreeBSD$ - -PROG= kadmin -MAN= ${KRB4DIR}/man/kadmin.8 -SRCS= kadmin.c new_pwd.c random_password.c \ - ${KADMOBJDIR}/kadm_err.h ${KRBOBJDIR}/krb_err.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/sl \ - -I${KRB4DIR}/lib/acl \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/kadmin \ - -I${KADMOBJDIR} \ - -I${KRBOBJDIR} \ - -I${.CURDIR}/../include -LDADD= -L${ROKENOBJDIR} -lroken -L${SLOBJDIR} -lsl \ - -L${ACLOBJDIR} -lacl -L${KADMOBJDIR} -lkadm \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb \ - -lcrypto -lcrypt -lcom_err -lreadline -ltermcap -DPADD= ${LIBROKEN} ${LIBSL} ${LIBACL} ${LIBKADM} ${LIBKDB} ${LIBKRB} \ - ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} ${LIBREADLINE} \ - ${LIBTERMCAP} - -.include - -.PATH: ${KRB4DIR}/kadmin diff --git a/kerberosIV/usr.bin/kauth/Makefile b/kerberosIV/usr.bin/kauth/Makefile deleted file mode 100644 index cd53d350de63..000000000000 --- a/kerberosIV/usr.bin/kauth/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# $FreeBSD$ - -PROG= kauth -MAN= ${KRB4DIR}/man/kauth.1 -SRCS= kauth.c rkinit.c encdata.c marshall.c -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kafs \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/appl/kauth -LDADD= -L${ROKENOBJDIR} -lroken -L${KAFSOBJDIR} -lkafs \ - -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt -lcom_err -DPADD= ${LIBROKEN} ${LIBKAFS} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/appl/kauth diff --git a/kerberosIV/usr.bin/kdestroy/Makefile b/kerberosIV/usr.bin/kdestroy/Makefile deleted file mode 100644 index 0b86b2b78b05..000000000000 --- a/kerberosIV/usr.bin/kdestroy/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= kdestroy -MAN= ${KRB4DIR}/man/kdestroy.1 -SRCS= kdestroy.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kafs \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/kuser \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KAFSOBJDIR} -lkafs -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKAFS} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/kuser diff --git a/kerberosIV/usr.bin/kinit/Makefile b/kerberosIV/usr.bin/kinit/Makefile deleted file mode 100644 index 4beae7fcd61d..000000000000 --- a/kerberosIV/usr.bin/kinit/Makefile +++ /dev/null @@ -1,19 +0,0 @@ -# $FreeBSD$ - -PROG= kinit -MAN= ${KRB4DIR}/man/kinit.1 -SRCS= kinit.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/kuser \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt -lcom_err -DPADD= ${LIBROKEN} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/kuser diff --git a/kerberosIV/usr.bin/klist/Makefile b/kerberosIV/usr.bin/klist/Makefile deleted file mode 100644 index 2aeb9de872cb..000000000000 --- a/kerberosIV/usr.bin/klist/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= klist -MAN= ${KRB4DIR}/man/klist.1 -SRCS= klist.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kafs \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/kuser \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KAFSOBJDIR} -lkafs -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKAFS} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/kuser diff --git a/kerberosIV/usr.bin/ksrvtgt/Makefile b/kerberosIV/usr.bin/ksrvtgt/Makefile deleted file mode 100644 index ecb2b0d0ce60..000000000000 --- a/kerberosIV/usr.bin/ksrvtgt/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -# $FreeBSD$ - -SCRIPTS= ksrvtgt -MAN= ${KRB4DIR}/man/ksrvtgt.1 -CLEANFILES= ksrvtgt - -ksrvtgt: ksrvtgt.in - sed 's!%bindir%!${BINDIR}!' ${KRB4DIR}/appl/kauth/ksrvtgt.in > $@ - -.include - -.PATH: ${KRB4DIR}/appl/kauth diff --git a/kerberosIV/usr.bin/telnet/Makefile b/kerberosIV/usr.bin/telnet/Makefile deleted file mode 100644 index a3f8dd42f1ef..000000000000 --- a/kerberosIV/usr.bin/telnet/Makefile +++ /dev/null @@ -1,25 +0,0 @@ -# $FreeBSD$ - -PROG= telnet - -SRCS= authenc.c commands.c main.c network.c ring.c sys_bsd.c \ - telnet.c terminal.c utilities.c - -CFLAGS+= -DKLUDGELINEMODE -DUSE_TERMIO -DENV_HACK -DOPIE \ - -DENCRYPTION -DAUTHENTICATION -DIPSEC -DINET6 \ - -I${TELNETDIR} -I${TELNETDIR}/libtelnet/ - -CFLAGS+= -DKRB4 - -WARNS?= 2 - -DPADD= ${LIBTERMCAP} ${LIBTELNET} ${LIBMP} \ - ${LIBKRB} ${LIBCOM_ERR} \ - ${LIBCRYPTO} ${LIBCRYPT} ${LIBIPSEC} ${LIBPAM} -LDADD= -ltermcap ${LIBTELNET} -lmp \ - -L${KRBOBJDIR} -lkrb -lcom_err \ - -lcrypto -lcrypt -lipsec ${MINUSLPAM} - -.include - -.PATH: ${TELNETDIR}/telnet diff --git a/kerberosIV/usr.sbin/Makefile b/kerberosIV/usr.sbin/Makefile deleted file mode 100644 index 398bcd8e4951..000000000000 --- a/kerberosIV/usr.sbin/Makefile +++ /dev/null @@ -1,6 +0,0 @@ -# $FreeBSD$ - -SUBDIR= ext_srvtab kadmind kdb_destroy kdb_edit kdb_init kdb_util \ - kerberos kip kprop ksrvutil kstash - -.include diff --git a/kerberosIV/usr.sbin/Makefile.inc b/kerberosIV/usr.sbin/Makefile.inc deleted file mode 100644 index dab729d159e4..000000000000 --- a/kerberosIV/usr.sbin/Makefile.inc +++ /dev/null @@ -1,5 +0,0 @@ -# $FreeBSD$ - -BINDIR= /usr/sbin - -.include "../Makefile.inc" diff --git a/kerberosIV/usr.sbin/ext_srvtab/Makefile b/kerberosIV/usr.sbin/ext_srvtab/Makefile deleted file mode 100644 index 98dedbb8cf91..000000000000 --- a/kerberosIV/usr.sbin/ext_srvtab/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= ext_srvtab -MAN= ${KRB4DIR}/man/ext_srvtab.8 -SRCS= ext_srvtab.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/admin \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKDB} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/admin diff --git a/kerberosIV/usr.sbin/kadmind/Makefile b/kerberosIV/usr.sbin/kadmind/Makefile deleted file mode 100644 index 3a0dd6cb05a2..000000000000 --- a/kerberosIV/usr.sbin/kadmind/Makefile +++ /dev/null @@ -1,27 +0,0 @@ -# $FreeBSD$ - -PROG= kadmind -MAN= ${KRB4DIR}/man/kadmind.8 -SRCS= kadm_server.c kadm_funcs.c admin_server.c kadm_ser_wrap.c \ - pw_check.c ${KADMOBJDIR}/kadm_err.h ${KRBOBJDIR}/krb_err.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/sl \ - -I${KRB4DIR}/lib/acl \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/kadmin \ - -I${KADMOBJDIR} \ - -I${KRBOBJDIR} \ - -I${.CURDIR}/../include -LDADD= -L${ROKENOBJDIR} -lroken -L${SLOBJDIR} -lsl \ - -L${ACLOBJDIR} -lacl -L${KADMOBJDIR} -lkadm \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb \ - -lcrypto -lcom_err -lcrypt -DPADD= ${LIBROKEN} ${LIBSL} ${LIBACL} ${LIBKADM} ${LIBKDB} ${LIBKRB} \ - ${LIBCRYPTO} ${LIBCOM_ERR} ${LIBCRYPT} - -.include - -.PATH: ${KRB4DIR}/kadmin diff --git a/kerberosIV/usr.sbin/kdb_destroy/Makefile b/kerberosIV/usr.sbin/kdb_destroy/Makefile deleted file mode 100644 index 438d428cda54..000000000000 --- a/kerberosIV/usr.sbin/kdb_destroy/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= kdb_destroy -MAN= ${KRB4DIR}/man/kdb_destroy.8 -SRCS= kdb_destroy.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/admin \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKDB} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/admin diff --git a/kerberosIV/usr.sbin/kdb_edit/Makefile b/kerberosIV/usr.sbin/kdb_edit/Makefile deleted file mode 100644 index 2231dd0cfd1b..000000000000 --- a/kerberosIV/usr.sbin/kdb_edit/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= kdb_edit -MAN= ${KRB4DIR}/man/kdb_edit.8 -SRCS= kdb_edit.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/admin \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKDB} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/admin diff --git a/kerberosIV/usr.sbin/kdb_init/Makefile b/kerberosIV/usr.sbin/kdb_init/Makefile deleted file mode 100644 index e0729f37dbe5..000000000000 --- a/kerberosIV/usr.sbin/kdb_init/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= kdb_init -MAN= ${KRB4DIR}/man/kdb_init.8 -SRCS= kdb_init.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/admin \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKDB} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/admin diff --git a/kerberosIV/usr.sbin/kdb_util/Makefile b/kerberosIV/usr.sbin/kdb_util/Makefile deleted file mode 100644 index e366f2360576..000000000000 --- a/kerberosIV/usr.sbin/kdb_util/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= kdb_util -MAN= ${KRB4DIR}/man/kdb_util.8 -SRCS= kdb_util.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/admin \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKDB} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/admin diff --git a/kerberosIV/usr.sbin/kerberos/Makefile b/kerberosIV/usr.sbin/kerberos/Makefile deleted file mode 100644 index e58f7ef155f6..000000000000 --- a/kerberosIV/usr.sbin/kerberos/Makefile +++ /dev/null @@ -1,26 +0,0 @@ -# $FreeBSD$ - -PROG= kerberos -MAN= ${KRB4DIR}/man/kerberos.1 -MAN+= ${KRB4DIR}/man/krb.conf.5 ${KRB4DIR}/man/krb.realms.5 \ - ${KRB4DIR}/man/krb.equiv.5 -MAN+= ${KRB4DIR}/man/kerberos.8 -SRCS= kerberos.c -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KADMOBJDIR} \ - -I${KRBOBJDIR} \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKDB} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/server diff --git a/kerberosIV/usr.sbin/kip/Makefile b/kerberosIV/usr.sbin/kip/Makefile deleted file mode 100644 index b6d6e4bf5071..000000000000 --- a/kerberosIV/usr.sbin/kip/Makefile +++ /dev/null @@ -1,18 +0,0 @@ -# $FreeBSD$ - -PROG= kip -NOMAN= true -SRCS= kip.c common.c -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/kadmin \ - -I${KRBOBJDIR} \ - -I${.CURDIR}/../include -LDADD= -L${ROKENOBJDIR} -lroken -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/appl/kip diff --git a/kerberosIV/usr.sbin/kprop/Makefile b/kerberosIV/usr.sbin/kprop/Makefile deleted file mode 100644 index 000668e19131..000000000000 --- a/kerberosIV/usr.sbin/kprop/Makefile +++ /dev/null @@ -1,20 +0,0 @@ -# $FreeBSD$ - -PROG= kprop -MAN= ${KRB4DIR}/man/kprop.8 -SRCS= kprop.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/slave \ - -I${INCLOBJDIR} \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/slave diff --git a/kerberosIV/usr.sbin/ksrvutil/Makefile b/kerberosIV/usr.sbin/ksrvutil/Makefile deleted file mode 100644 index f074f9adbb1b..000000000000 --- a/kerberosIV/usr.sbin/ksrvutil/Makefile +++ /dev/null @@ -1,26 +0,0 @@ -# $FreeBSD$ - -PROG= ksrvutil -MAN= ${KRB4DIR}/man/ksrvutil.8 -SRCS= ksrvutil.c ksrvutil_get.c \ - ${KADMOBJDIR}/kadm_err.h ${KRBOBJDIR}/krb_err.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/sl \ - -I${KRB4DIR}/lib/acl \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/admin \ - -I${KADMOBJDIR} \ - -I${KRBOBJDIR} \ - -I${.CURDIR}/../include -LDADD= -L${ROKENOBJDIR} -lroken -L${KADMOBJDIR} -lkadm \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcom_err \ - -lcrypt -DPADD= ${LIBROKEN} ${LIBKADM} ${LIBKDB} ${LIBKRB} \ - ${LIBCRYPTO} ${LIBCOM_ERR} ${LIBCRYPT} - -.include - -.PATH: ${KRB4DIR}/kadmin diff --git a/kerberosIV/usr.sbin/kstash/Makefile b/kerberosIV/usr.sbin/kstash/Makefile deleted file mode 100644 index ee1490d4ad0d..000000000000 --- a/kerberosIV/usr.sbin/kstash/Makefile +++ /dev/null @@ -1,22 +0,0 @@ -# $FreeBSD$ - -PROG= kstash -MAN= ${KRB4DIR}/man/kstash.8 -SRCS= kstash.c protos.h -CFLAGS+= -I${KRB4DIR}/include \ - -I${KRB4DIR}/lib/roken \ - -I${KRB4DIR}/lib/krb \ - -I${KRB4DIR}/admin \ - -I${KRB4DIR}/lib/kadm \ - -I${KRB4DIR}/lib/kdb \ - -I${.CURDIR}/../include \ - -I${.OBJDIR} -LDADD= -L${ROKENOBJDIR} -lroken \ - -L${KDBOBJDIR} -lkdb -L${KRBOBJDIR} -lkrb -lcrypto -lcrypt \ - -lcom_err -DPADD= ${LIBROKEN} ${LIBKDB} ${LIBKRB} ${LIBCRYPTO} ${LIBCRYPT} \ - ${LIBCOM_ERR} - -.include - -.PATH: ${KRB4DIR}/admin