d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge anf fix for build.

Browse Source
This commit is contained in:
Mark Murray 1999-09-19 21:56:09 +00:00
parent 2d8fad26b3
commit 99a2afa8ae
35 changed files with 359 additions and 3040 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
crypto/kerberosIV/appl/bsd/bsd_locl.h
View File

@ -37,9 +37,12 @@
*/
/* $Id: bsd_locl.h,v 1.109.2.1 1999/07/22 03:13:49 assar Exp $ */
/* $FreeBSD$ */
#define LOGALL
#ifndef KERBEROS
#define KERBEROS
#endif
#define KLOGIN_PARANOID
#define LOGIN_ACCESS
#define PASSWD_FALLBACK
@ -292,10 +295,12 @@ int krcmd_mutual(char **ahost, u_int16_t rport, char *remuser,
int klogin(struct passwd *pw, char *instance, char *localhost, char *password);
#if 0
typedef struct {
int cnt;
char *buf;
} BUF;
#endif
char *colon(char *cp);
int okname(char *cp0);
@ -332,10 +337,6 @@ int login_access(struct passwd *user, char *from);
void fatal(int f, const char *msg, int syserr);
extern int LEFT_JUSTIFIED;
int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
des_cblock *iv);
int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
des_cblock *iv);
/* used in des_read and des_write */
#define DES_RW_MAXWRITE (1024*16)

279
crypto/kerberosIV/appl/bsd/iruserok.c
View File

@ -1,279 +0,0 @@
/*
* Copyright (c) 1983, 1993, 1994
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "bsd_locl.h"
RCSID("$Id: iruserok.c,v 1.15 1997/03/23 04:54:00 assar Exp $");
#ifndef HAVE_IRUSEROK
int __check_rhosts_file = 1;
char *__rcmd_errstr = 0;
/*
* Returns "true" if match, 0 if no match.
*/
static
int
__icheckhost(u_int32_t raddr, const char *lhost)
{
struct hostent *hp;
u_long laddr;
char **pp;
/* Try for raw ip address first. */
if (isdigit(*lhost) && (long)(laddr = inet_addr(lhost)) != -1)
return (raddr == laddr);
/* Better be a hostname. */
if ((hp = gethostbyname(lhost)) == NULL)
return (0);
/* Spin through ip addresses. */
for (pp = hp->h_addr_list; *pp; ++pp)
if (memcmp(&raddr, *pp, sizeof(u_long)) == 0)
return (1);
/* No match. */
return (0);
}
#ifndef HAVE_INNETGR
static int
innetgr(const char *netgroup, const char *machine,
const char *user, const char *domain)
{
return 0;
}
#endif
/*
* Returns 0 if ok, -1 if not ok.
*/
static
int
__ivaliduser(FILE *hostf, u_int32_t raddr, const char *luser,
const char *ruser)
{
char *user, *p;
int ch;
char buf[MaxHostNameLen + 128]; /* host + login */
char hname[MaxHostNameLen];
struct hostent *hp;
/* Presumed guilty until proven innocent. */
int userok = 0, hostok = 0;
#ifdef HAVE_YP_GET_DEFAULT_DOMAIN
char *ypdomain;
if (yp_get_default_domain(&ypdomain))
ypdomain = NULL;
#else
#define ypdomain NULL
#endif
/* We need to get the damn hostname back for netgroup matching. */
if ((hp = gethostbyaddr((char *)&raddr,
sizeof(u_long),
AF_INET)) == NULL)
return (-1);
strncpy(hname, hp->h_name, sizeof(hname));
hname[sizeof(hname) - 1] = '\0';
while (fgets(buf, sizeof(buf), hostf)) {
p = buf;
/* Skip lines that are too long. */
if (strchr(p, '\n') == NULL) {
while ((ch = getc(hostf)) != '\n' && ch != EOF);
continue;
}
if (*p == '\n' || *p == '#') {
/* comment... */
continue;
}
while (*p != '\n' && *p != ' ' && *p != '\t' && *p != '\0') {
*p = isupper(*p) ? tolower(*p) : *p;
p++;
}
if (*p == ' ' || *p == '\t') {
*p++ = '\0';
while (*p == ' ' || *p == '\t')
p++;
user = p;
while (*p != '\n' && *p != ' ' &&
*p != '\t' && *p != '\0')
p++;
} else
user = p;
*p = '\0';
/*
* Do +/- and +@/-@ checking. This looks really nasty,
* but it matches SunOS's behavior so far as I can tell.
*/
switch(buf[0]) {
case '+':
if (!buf[1]) { /* '+' matches all hosts */
hostok = 1;
break;
}
if (buf[1] == '@') /* match a host by netgroup */
hostok = innetgr((char *)&buf[2],
(char *)&hname, NULL, ypdomain);
else /* match a host by addr */
hostok = __icheckhost(raddr,(char *)&buf[1]);
break;
case '-': /* reject '-' hosts and all their users */
if (buf[1] == '@') {
if (innetgr((char *)&buf[2],
(char *)&hname, NULL, ypdomain))
return(-1);
} else {
if (__icheckhost(raddr,(char *)&buf[1]))
return(-1);
}
break;
default: /* if no '+' or '-', do a simple match */
hostok = __icheckhost(raddr, buf);
break;
}
switch(*user) {
case '+':
if (!*(user+1)) { /* '+' matches all users */
userok = 1;
break;
}
if (*(user+1) == '@') /* match a user by netgroup */
userok = innetgr(user+2, NULL, (char *)ruser,
ypdomain);
else /* match a user by direct specification */
userok = !(strcmp(ruser, user+1));
break;
case '-': /* if we matched a hostname, */
if (hostok) { /* check for user field rejections */
if (!*(user+1))
return(-1);
if (*(user+1) == '@') {
if (innetgr(user+2, NULL,
(char *)ruser, ypdomain))
return(-1);
} else {
if (!strcmp(ruser, user+1))
return(-1);
}
}
break;
default: /* no rejections: try to match the user */
if (hostok)
userok = !(strcmp(ruser,*user ? user : luser));
break;
}
if (hostok && userok)
return(0);
}
return (-1);
}
/*
* New .rhosts strategy: We are passed an ip address. We spin through
* hosts.equiv and .rhosts looking for a match. When the .rhosts only
* has ip addresses, we don't have to trust a nameserver. When it
* contains hostnames, we spin through the list of addresses the nameserver
* gives us and look for a match.
*
* Returns 0 if ok, -1 if not ok.
*/
int
iruserok(u_int32_t raddr, int superuser, const char *ruser, const char *luser)
{
char *cp;
struct stat sbuf;
struct passwd *pwd;
FILE *hostf;
uid_t uid;
int first;
char pbuf[MaxPathLen];
first = 1;
hostf = superuser ? NULL : fopen(_PATH_HEQUIV, "r");
again:
if (hostf) {
if (__ivaliduser(hostf, raddr, luser, ruser) == 0) {
fclose(hostf);
return (0);
}
fclose(hostf);
}
if (first == 1 && (__check_rhosts_file || superuser)) {
first = 0;
if ((pwd = k_getpwnam((char*)luser)) == NULL)
return (-1);
strcpy(pbuf, pwd->pw_dir);
strcat(pbuf, "/.rhosts");
/*
* Change effective uid while opening .rhosts. If root and
* reading an NFS mounted file system, can't read files that
* are protected read/write owner only.
*/
uid = geteuid();
seteuid(pwd->pw_uid);
hostf = fopen(pbuf, "r");
seteuid(uid);
if (hostf == NULL)
return (-1);
/*
* If not a regular file, or is owned by someone other than
* user or root or if writeable by anyone but the owner, quit.
*/
cp = NULL;
if (lstat(pbuf, &sbuf) < 0)
cp = ".rhosts lstat failed";
else if (!S_ISREG(sbuf.st_mode))
cp = ".rhosts not regular file";
else if (fstat(fileno(hostf), &sbuf) < 0)
cp = ".rhosts fstat failed";
else if (sbuf.st_uid && sbuf.st_uid != pwd->pw_uid)
cp = "bad .rhosts owner";
else if (sbuf.st_mode & (S_IWGRP|S_IWOTH))
cp = ".rhosts writeable by other than owner";
/* If there were any problems, quit. */
if (cp) {
__rcmd_errstr = cp;
fclose(hostf);
return (-1);
}
goto again;
}
return (-1);
}
#endif /* !HAVE_IRUSEROK */

1
crypto/kerberosIV/appl/bsd/pathnames.h → crypto/kerberosIV/appl/bsd/pathnames.h_
View File

@ -32,6 +32,7 @@
*
* from: @(#)pathnames.h 5.2 (Berkeley) 4/9/90
* $Id: pathnames.h,v 1.25 1998/02/03 23:29:30 assar Exp $
* $FreeBSD$
*/
/******* First fix default path, we stick to _PATH_DEFPATH everywhere */

386
crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
View File

@ -29,126 +29,17 @@
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
* $FreeBSD$
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
RCSID("$Id$");
#endif
/*
* FTP server.
*/
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
#include <sys/ioctl.h>
#endif
#ifdef TIME_WITH_SYS_TIME
#include <sys/time.h>
#include <time.h>
#elif defined(HAVE_SYS_TIME_H)
#include <sys/time.h>
#else
#include <time.h>
#endif
#ifdef HAVE_SYS_RESOURCE_H
#include <sys/resource.h>
#endif
#ifdef HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETINET_IN_SYSTM_H
#include <netinet/in_systm.h>
#endif
#ifdef HAVE_NETINET_IP_H
#include <netinet/ip.h>
#endif
#ifdef HAVE_SYS_MMAN_H
#include <sys/mman.h>
#endif
#define FTP_NAMES
#include <arpa/ftp.h>
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#ifdef HAVE_ARPA_TELNET_H
#include <arpa/telnet.h>
#include "ftpd_locl.h"
#ifdef KRB5
#include <krb5.h>
#endif
#include <ctype.h>
#ifdef HAVE_DIRENT_H
#include <dirent.h>
#endif
#include <errno.h>
#ifdef HAVE_FCNTL_H
#include <fcntl.h>
#endif
#include <glob.h>
#include <limits.h>
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
#include <setjmp.h>
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
#ifdef HAVE_SYSLOG_H
#include <syslog.h>
#endif
#include <time.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_GRP_H
#include <grp.h>
#endif
#include <err.h>
#include "pathnames.h"
#include "extern.h"
#include "common.h"
#include "auth.h"
#include <krb.h>
#include <kafs.h>
#include "roken.h"
#ifdef OTP
#include <otp.h>
#endif
#ifdef SOCKS
#include <socks.h>
extern int LIBPREFIX(fclose) __P((FILE *));
#endif
void yyparse();
#ifndef LOG_FTP
#define LOG_FTP LOG_DAEMON
#endif
RCSID("$Id: ftpd.c,v 1.115 1999/06/15 03:51:47 assar Exp $");
static char version[] = "Version 6.00";
@ -166,7 +57,7 @@ jmp_buf errcatch, urgcatch;
int oobflag;
int logged_in;
struct passwd *pw;
int debug;
int debug = 0;
int ftpd_timeout = 900; /* timeout after 15 minutes of inactivity */
int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */
int logging;
@ -250,12 +141,12 @@ static void usage(void);
static char *
curdir(void)
{
static char path[MaxPathLen+1+1]; /* path + '/' + '\0' */
static char path[MaxPathLen+1]; /* path + '/' + '\0' */
if (getcwd(path, sizeof(path)-2) == NULL)
if (getcwd(path, sizeof(path)-1) == NULL)
return ("");
if (path[1] != '\0') /* special case for root dir. */
strcat(path, "/");
strcat_truncate(path, "/", sizeof(path));
/* For guest account, skip / since it's chrooted */
return (guest ? path+1 : path);
}
@ -317,18 +208,20 @@ main(int argc, char **argv)
int not_inetd = 0;
int port;
struct servent *sp;
char tkfile[1024];
set_progname (argv[0]);
#ifdef KRB4
/* detach from any tickets and tokens */
snprintf(tkfile, sizeof(tkfile),
"/tmp/ftp_%u", (unsigned)getpid());
krb_set_tkt_string(tkfile);
if(k_hasafs())
k_setpag();
{
char tkfile[1024];
snprintf(tkfile, sizeof(tkfile),
"/tmp/ftp_%u", (unsigned)getpid());
krb_set_tkt_string(tkfile);
if(k_hasafs())
k_setpag();
}
#endif
sp = getservbyname("ftp", "tcp");
if(sp)
port = sp->s_port;
@ -430,7 +323,6 @@ main(int argc, char **argv)
syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
#endif
data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1);
debug = 0;
/* set this here so it can be put in wtmp */
snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid());
@ -444,8 +336,6 @@ main(int argc, char **argv)
syslog(LOG_ERR, "signal: %m");
#endif
auth_init();
/* Try to handle urgent data inline */
#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on,
@ -490,9 +380,22 @@ main(int argc, char **argv)
fclose(fd);
/* reply(220,) must follow */
}
k_gethostname(hostname, sizeof(hostname));
reply(220, "%s FTP server (%s+%s) ready.", hostname,
version, krb4_version);
gethostname(hostname, sizeof(hostname));
reply(220, "%s FTP server (%s"
#ifdef KRB5
"+%s"
#endif
#ifdef KRB4
"+%s"
#endif
") ready.", hostname, version
#ifdef KRB5
,heimdal_version
#endif
#ifdef KRB4
,krb4_version
#endif
);
setjmp(errcatch);
for (;;)
yyparse();
@ -576,7 +479,7 @@ user(char *name)
{
char *cp, *shell;
if(auth_level == 0 && !auth_complete){
if(auth_level == 0 && !sec_complete){
reply(530, "No login allowed without authorization.");
return;
}
@ -611,7 +514,7 @@ user(char *name)
remotehost, inet_ntoa(his_addr.sin_addr));
return;
}
if((auth_level & AUTH_PLAIN) == 0 && !auth_complete){
if((auth_level & AUTH_PLAIN) == 0 && !sec_complete){
reply(530, "Only authorized and anonymous login allowed.");
return;
}
@ -636,32 +539,41 @@ user(char *name)
}
}
if (logging)
strncpy(curname, name, sizeof(curname)-1);
if(auth_ok())
ct->userok(name);
#ifdef OTP
else {
strcpy_truncate(curname, name, sizeof(curname));
if(sec_complete) {
if(sec_userok(name) == 0)
do_login(232, name);
else
reply(530, "User %s access denied.", name);
} else {
char ss[256];
#ifdef OTP
if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) {
reply(331, "Password %s for %s required.",
ss, name);
askpasswd = 1;
} else if ((auth_level & AUTH_OTP) == 0) {
} else
#endif
if ((auth_level & AUTH_OTP) == 0) {
reply(331, "Password required for %s.", name);
askpasswd = 1;
} else {
char *s;
if (s = otp_error (&otp_ctx))
#ifdef OTP
if ((s = otp_error (&otp_ctx)) != NULL)
lreply(530, "OTP: %s", s);
#endif
reply(530,
"Only authorized, anonymous and OTP "
"Only authorized, anonymous"
#ifdef OTP
" and OTP "
#endif
"login allowed.");
}
}
#endif
/*
* Delay before reading passwd after first failed
* attempt to slow down passwd-guessing programs.
@ -714,11 +626,7 @@ checkuser(char *fname, char *name)
static int
match(const char *pattern, const char *string)
{
#ifdef HAVE_FNMATCH
return fnmatch(pattern, string, FNM_NOESCAPE);
#else
return strcmp(pattern, "*") != 0 && strcmp(pattern, string) != 0;
#endif
}
static int
@ -767,7 +675,7 @@ int do_login(int code, char *passwd)
initgroups(pw->pw_name, pw->pw_gid);
/* open wtmp before chroot */
logwtmp(ttyline, pw->pw_name, remotehost);
ftpd_logwtmp(ttyline, pw->pw_name, remotehost);
logged_in = 1;
dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name);
@ -850,7 +758,7 @@ end_login(void)
seteuid((uid_t)0);
if (logged_in)
logwtmp(ttyline, "", "");
ftpd_logwtmp(ttyline, "", "");
pw = NULL;
logged_in = 0;
guest = 0;
@ -878,28 +786,33 @@ pass(char *passwd)
if (pw == NULL)
rval = 1; /* failure below */
#ifdef OTP
else if (otp_verify_user (&otp_ctx, passwd) == 0)
else if (otp_verify_user (&otp_ctx, passwd) == 0) {
rval = 0;
}
#endif
else if((auth_level & AUTH_OTP) == 0) {
#ifdef KRB4
char realm[REALM_SZ];
if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS)
rval = krb_verify_user(pw->pw_name, "", realm,
passwd, 1, NULL);
if (rval == KSUCCESS ){
rval = krb_verify_user(pw->pw_name,
"", realm,
passwd,
KRB_VERIFY_SECURE, NULL);
if (rval == KSUCCESS ) {
chown (tkt_string(), pw->pw_uid, pw->pw_gid);
if(k_hasafs())
k_afsklog(0, 0);
}else
krb_afslog(0, 0);
} else
#endif
rval = unix_verify_user(pw->pw_name, passwd);
}
#ifdef OTP
else {
} else {
char *s;
if (s = otp_error(&otp_ctx))
#ifdef OTP
if ((s = otp_error(&otp_ctx)) != NULL)
lreply(530, "OTP: %s", s);
}
#endif
}
memset (passwd, 0, strlen(passwd));
/*
@ -948,14 +861,15 @@ retrieve(char *cmd, char *name)
st.st_size = 0;
if(fin == NULL){
struct cmds {
char *ext;
char *cmd;
const char *ext;
const char *cmd;
const char *rev_cmd;
} cmds[] = {
{".tar", "/bin/gtar cPf - %s"},
{".tar.gz", "/bin/gtar zcPf - %s"},
{".tar.Z", "/bin/gtar ZcPf - %s"},
{".gz", "/bin/gzip -c %s"},
{".Z", "/bin/compress -c %s"},
{".tar", "/bin/gtar cPf - %s", NULL},
{".tar.gz", "/bin/gtar zcPf - %s", NULL},
{".tar.Z", "/bin/gtar ZcPf - %s", NULL},
{".gz", "/bin/gzip -c %s", "/bin/gzip -c -d %s"},
{".Z", "/bin/compress -c %s", "/bin/uncompress -c -d %s"},
{NULL, NULL}
};
struct cmds *p;
@ -971,6 +885,21 @@ retrieve(char *cmd, char *name)
break;
}
*tail = c;
if (p->rev_cmd != NULL) {
char *ext;
asprintf(&ext, "%s%s", name, p->ext);
if (ext != NULL) {
if (access(ext, R_OK) == 0) {
snprintf (line, sizeof(line),
p->rev_cmd, ext);
free(ext);
break;
}
free(ext);
}
}
}
if(p->ext){
fin = ftpd_popen(line, "r", 0, 0);
@ -1186,14 +1115,14 @@ dataconn(char *name, off_t size, char *mode)
{
char sizebuf[32];
FILE *file;
int retry = 0, tos;
int retry = 0;
file_size = size;
byte_count = 0;
if (size != (off_t) -1)
snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", size);
if (size >= 0)
snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size);
else
strcpy(sizebuf, "");
*sizebuf = '\0';
if (pdata >= 0) {
struct sockaddr_in from;
int s, fromlen = sizeof(from);
@ -1208,9 +1137,12 @@ dataconn(char *name, off_t size, char *mode)
close(pdata);
pdata = s;
#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
tos = IPTOS_THROUGHPUT;
setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos,
sizeof(int));
{
int tos = IPTOS_THROUGHPUT;
setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos,
sizeof(tos));
}
#endif
reply(150, "Opening %s mode data connection for '%s'%s.",
type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
@ -1262,8 +1194,6 @@ send_data(FILE *instr, FILE *outstr)
int c, cnt, filefd, netfd;
static char *buf;
static size_t bufsize;
int i = 0;
char s[1024];
transflag++;
if (setjmp(urgcatch)) {
@ -1273,31 +1203,24 @@ send_data(FILE *instr, FILE *outstr)
switch (type) {
case TYPE_A:
while ((c = getc(instr)) != EOF) {
byte_count++;
if(i > 1022){
auth_write(fileno(outstr), s, i);
i = 0;
}
if(c == '\n')
s[i++] = '\r';
s[i++] = c;
}
if(i)
auth_write(fileno(outstr), s, i);
auth_write(fileno(outstr), s, 0);
fflush(outstr);
transflag = 0;
if (ferror(instr))
goto file_err;
if (ferror(outstr))
goto data_err;
reply(226, "Transfer complete.");
return;
while ((c = getc(instr)) != EOF) {
byte_count++;
if(c == '\n')
sec_putc('\r', outstr);
sec_putc(c, outstr);
}
sec_fflush(outstr);
transflag = 0;
if (ferror(instr))
goto file_err;
if (ferror(outstr))
goto data_err;
reply(226, "Transfer complete.");
return;
case TYPE_I:
case TYPE_L:
#ifdef HAVE_MMAP
#if defined(HAVE_MMAP) && !defined(NO_MMAP)
#ifndef MAP_FAILED
#define MAP_FAILED (-1)
#endif
@ -1307,13 +1230,13 @@ send_data(FILE *instr, FILE *outstr)
int in = fileno(instr);
if(fstat(in, &st) == 0 && S_ISREG(st.st_mode)) {
chunk = mmap(0, st.st_size, PROT_READ, MAP_SHARED, in, 0);
if(chunk != (void *)MAP_FAILED) {
if((void *)chunk != (void *)MAP_FAILED) {
cnt = st.st_size - restart_point;
auth_write(fileno(outstr),
sec_write(fileno(outstr),
chunk + restart_point,
cnt);
munmap(chunk, st.st_size);
auth_write(fileno(outstr), NULL, 0);
sec_fflush(outstr);
byte_count = cnt;
transflag = 0;
}
@ -1334,9 +1257,9 @@ send_data(FILE *instr, FILE *outstr)
return;
}
while ((cnt = read(filefd, buf, bufsize)) > 0 &&
auth_write(netfd, buf, cnt) == cnt)
sec_write(netfd, buf, cnt) == cnt)
byte_count += cnt;
auth_write(netfd, buf, 0); /* to end an encrypted stream */
sec_fflush(outstr); /* to end an encrypted stream */
transflag = 0;
if (cnt != 0) {
if (cnt < 0)
@ -1394,7 +1317,7 @@ receive_data(FILE *instr, FILE *outstr)
case TYPE_I:
case TYPE_L:
while ((cnt = auth_read(fileno(instr), buf, bufsize)) > 0) {
while ((cnt = sec_read(fileno(instr), buf, bufsize)) > 0) {
if (write(fileno(outstr), buf, cnt) != cnt)
goto file_err;
byte_count += cnt;
@ -1413,7 +1336,7 @@ receive_data(FILE *instr, FILE *outstr)
{
char *p, *q;
int cr_flag = 0;
while ((cnt = auth_read(fileno(instr),
while ((cnt = sec_read(fileno(instr),
buf + cr_flag,
bufsize - cr_flag)) > 0){
byte_count += cnt;
@ -1422,7 +1345,7 @@ receive_data(FILE *instr, FILE *outstr)
for(p = buf, q = buf; p < buf + cnt;) {
if(*p == '\n')
bare_lfs++;
if(*p == '\r')
if(*p == '\r') {
if(p == buf + cnt - 1){
cr_flag = 1;
p++;
@ -1432,6 +1355,7 @@ receive_data(FILE *instr, FILE *outstr)
p += 2;
continue;
}
}
*q++ = *p++;
}
fwrite(buf, q - buf, 1, outstr);
@ -1576,21 +1500,21 @@ __attribute__ ((format (printf, 3, 0)))
static void
int_reply(int n, char *c, const char *fmt, va_list ap)
{
char buf[10240];
char *p;
p=buf;
if(n){
snprintf(p, sizeof(buf), "%d%s", n, c);
p+=strlen(p);
}
vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap);
p+=strlen(p);
snprintf(p, sizeof(buf) - strlen(p), "\r\n");
p+=strlen(p);
auth_printf("%s", buf);
fflush(stdout);
if (debug)
syslog(LOG_DEBUG, "<--- %s- ", buf);
char buf[10240];
char *p;
p=buf;
if(n){
snprintf(p, sizeof(buf), "%d%s", n, c);
p+=strlen(p);
}
vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap);
p+=strlen(p);
snprintf(p, sizeof(buf) - strlen(p), "\r\n");
p+=strlen(p);
sec_fprintf(stdout, "%s", buf);
fflush(stdout);
if (debug)
syslog(LOG_DEBUG, "<--- %s- ", buf);
}
void
@ -1711,7 +1635,7 @@ removedir(char *name)
void
pwd(void)
{
char path[MaxPathLen + 1];
char path[MaxPathLen];
char *ret;
/* SunOS has a broken getcwd that does popen(pwd) (!!!), this
@ -1775,10 +1699,10 @@ dologout(int status)
transflag = 0;
if (logged_in) {
seteuid((uid_t)0);
logwtmp(ttyline, "", "");
dest_tkt();
if(k_hasafs())
k_unlog();
ftpd_logwtmp(ttyline, "", "");
#ifdef KRB4
cond_kdestroy();
#endif
}
/* beware of flushing buffers after a SIGPIPE */
#ifdef XXX
@ -1814,7 +1738,7 @@ myoob(int signo)
#if 0
cp = tmpline;
if (getline(cp, 7) == NULL) {
if (ftpd_getline(cp, 7) == NULL) {
reply(221, "You could at least say goodbye.");
dologout(0);
}
@ -1995,7 +1919,7 @@ send_file_list(char *whichf)
}
snprintf(buf, sizeof(buf), "%s%s\n", dirname,
type == TYPE_A ? "\r" : "");
auth_write(fileno(dout), buf, strlen(buf));
sec_write(fileno(dout), buf, strlen(buf));
byte_count += strlen(dirname) + 1;
continue;
} else if (!S_ISDIR(st.st_mode))
@ -2032,7 +1956,7 @@ send_file_list(char *whichf)
else
snprintf(buf, sizeof(buf), "%s%s\n", nbuf,
type == TYPE_A ? "\r" : "");
auth_write(fileno(dout), buf, strlen(buf));
sec_write(fileno(dout), buf, strlen(buf));
byte_count += strlen(nbuf) + 1;
}
}
@ -2047,7 +1971,7 @@ send_file_list(char *whichf)
transflag = 0;
if (dout != NULL){
auth_write(fileno(dout), buf, 0); /* XXX flush */
sec_write(fileno(dout), buf, 0); /* XXX flush */
fclose(dout);
}

5
crypto/kerberosIV/appl/kauth/ksrvtgt.in
View File

@ -1,5 +1,6 @@
#! /bin/sh
# $Id$
# $Id: ksrvtgt.in,v 1.3 1997/09/13 03:39:03 joda Exp $
# $FreeBSD$
usage="Usage: `basename $0` name instance [[realm] srvtab]"
@ -11,4 +12,4 @@ fi
srvtab="${4-${3-/etc/kerberosIV/srvtab}}"
realm="${4+@$3}"
kauth -n "$1.$2$realm" -l 5 -f "$srvtab "
%bindir%/kauth -n "$1.$2$realm" -l 5 -f "$srvtab"

1
crypto/kerberosIV/doc/kth-krb.texi
View File

@ -1,6 +1,7 @@
\input texinfo @c -*- texinfo -*-
@c %**start of header
@c $Id: kth-krb.texi,v 1.77.2.1 1999/08/18 21:11:25 joda Exp $
@c $FreeBSD$
@setfilename kth-krb.info
@settitle KTH-KRB
@iftex

127
crypto/kerberosIV/doc/otp.texi
View File

@ -1,127 +0,0 @@
@node One-Time Passwords, Resolving frequent problems, How to set up a realm, Top
@chapter One-Time Passwords
@cindex OTP
@cindex One time passwords
There is also support for using @dfn{one time passwords} (OTP) in this
package. Specifically @code{login}, @code{ftpd}, and @code{popper} have
support for using them.
@menu
* What are one time passwords?::
* When to use one time passwords?::
* Configuring OTPs::
@end menu
@node What are one time passwords?, When to use one time passwords?, One-Time Passwords, One-Time Passwords
@comment node-name, next, previous, up
@section What are one time passwords?
One time passwords are, as the name implies, passwords that can only
be used once. This means that even if someone is eavesdropping on the
network, they will not be able to make use of the passwords they steal.
The OTPs used in this package support @cite{RFC 1938}. This standard is
also backwards compatible with the well-known S/Key. There are lots of
programs for generating these on everything from HP 48's to Crays.
@cindex S/Key
@node When to use one time passwords?, Configuring OTPs, What are one time passwords?, One-Time Passwords
@comment node-name, next, previous, up
@section When to use one time passwords?
Why would you want to use OTPs instead of Kerberos? The advantage of
OTPs is that they don't require a computer to operate. You can print
out a list of passwords and take with you, or you could use your
calculator or hand-held computer to generate them.
The downside is that they only protect you against passive attacks.
Only the initial connection is authenticated. After that, anyone can
eavesdrop on your session, so you should not send or view any sensitive
data (e.g. passwords) over a OTP-initiated link. You are also
vulnerable to active attacks where intruders try to take over your
TCP-session and/or introduce data in the middle of it. In other words,
they provide initial authentication, but neither integrity nor
confidentiality.
The OTPs are generated from the tuple (@var{seed}, @var{sequence
number}, @var{pass-phrase}). The seed and the sequence number will be
printed as part of the @dfn{challenge} and you will have to generate the
corresponding password or pick it from a list.
In conclusion, they are simple and can be used everywhere but don't
protect against all threats that Kerberos does. Use them when you can't
use Kerberos.
@node Configuring OTPs, , When to use one time passwords?, One-Time Passwords
@comment node-name, next, previous, up
@section Configuring OTPs
@heading Initializing
To initialize your OTPs use the @code{otp} program. This program will
write an entry in a local file on this host with your current password
(in this case the 100th) and the corresponding seed (@samp{foobar}).
@pindex otp
@example
@cartouche
datan:>otp 100 foobar
Pass-phrase: <pass-phrase>
Verifying password Pass-phrase: <pass-phrase>
@end cartouche
@end example
@heading Generating
To print out a list of them there is a program called
@code{otpprint}.
@pindex otpprint
@example
@cartouche
datan:>otpprint 100 foobar
Pass-phrase: <pass-phrase>
91: SLAM BUY SUP DUSK SKY BEST
92: DEEM SIGH ROB RASH JUG MAT
93: DUET FISK HERS AREA TOLL SUP
94: WOW RAIN LEAK SARA MARK WING
95: COG YELL MILK CART ABE BAWL
96: GROW SILK GIST OMEN CAM ANNE
97: JAG QUAD NUT BEAT BHOY MAGI
98: ADAM USED GENE NIP EYE SIS
99: MY SUNG HERO AT DASH RAKE
100: CORN KNIT BOTH TOGO SOUL BOG
@end cartouche
@end example
@heading Using the OTPs
When you try to use one and have initialized a series of
one-time passwords for yourself you will get a challenge with the
algorithm being used, the sequence number, and the seed. Enter those in
your generator or find the corresponding password in your list.
@example
@cartouche
login: assar
assar's [ otp-md5 99 foobar ] Password: <MY SUNG HERO AT DASH RAKE>
@end cartouche
@end example
The sequence number of the password will start at one less that the
number you gave to @code{otp} and decrease by one every time you use it.
You should try to keep track of which should be the current one so that
you can be assured that nobody has stolen some of your passwords and
used them. When the number has reached zero you need to acquire a new
series of passwords.
Once you have initialized your series of passwords, you can always use
them at any password prompt where you get the challenge as shown above.
@heading Configuring servers
@code{ftpd}, @code{telnetd}, and @code{popper} can be configured to
require one-time passwords when the connection has not been kerberos
authenticated. Check the man pages for these programs for the correct
options.

64
crypto/kerberosIV/include/ktypes.c
View File

@ -1,64 +0,0 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
RCSID("$Id: ktypes.c,v 1.4 1997/05/31 08:52:09 bg Exp $");
#endif
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_BITYPES_H
#include <sys/bitypes.h>
#endif
#ifdef HAVE_BIND_BITYPES_H
#include <bind/bitypes.h>
#endif
#ifdef HAVE_NETINET_IN6_MACHTYPES_H
#include <netinet/in6_machtypes.h>
#endif
int
main(void)
{
printf ("/*\n"
" * This file was automatically generated by\n"
" * $Id: ktypes.c,v 1.4 1997/05/31 08:52:09 bg Exp $.\n"
" * Please do not edit\n"
" */\n\n");
printf ("#ifndef __KTYPES_H__\n"
"#define __KTYPES_H__\n\n");
#ifdef HAVE_SYS_TYPES_H
printf("#include <sys/types.h>\n");
#endif
#ifdef HAVE_SYS_BITYPES_H
printf("#include <sys/bitypes.h>\n");
#endif
#ifdef HAVE_BIND_BITYPES_H
printf("#include <bind/bitypes.h>\n");
#endif
#ifdef HAVE_NETINET_IN6_MACHTYPES_H
printf("#include <netinet/in6_machtypes.h>\n");
#endif
#ifndef HAVE_INT8_T
printf("typedef signed char int8_t;\n");
#endif
#ifndef HAVE_U_INT8_T
printf("typedef unsigned char u_int8_t;\n");
#endif
#ifndef HAVE_INT16_T
printf("typedef short int16_t;\n");
#endif
#ifndef HAVE_U_INT16_T
printf("typedef unsigned short u_int16_t;\n");
#endif
#ifndef HAVE_INT32_T
printf("typedef int int32_t;\n");
#endif
#ifndef HAVE_U_INT32_T
printf("typedef unsigned int u_int32_t;\n");
#endif
printf("\n#endif /* __KTYPES_H__ */\n");
return 0;
}

276
crypto/kerberosIV/include/protos.h
View File

@ -1,276 +0,0 @@
/* -*- C -*-
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* Add here functions that don't have a prototype on your system.
*
* $Id: protos.H,v 1.43 1997/05/28 01:09:36 assar Exp $
*/
#ifdef NEED_CRYPT_PROTO
char *crypt(const char*, const char*);
#endif
#ifdef NEED_STRTOK_R_PROTO
char *strtok_r (char *s1, const char *s2, char **lasts);
#endif
#ifndef HAVE_OPTARG_DECLARATION
extern char *optarg;
#endif
#ifndef HAVE_OPTERR_DECLARATION
extern int opterr;
#endif
#ifndef HAVE_OPTIND_DECLARATION
extern int optind;
#endif
#ifndef HAVE_OPTOPT_DECLARATION
extern int optopt;
#endif
#if defined(__GNUC__) && SunOS == 4
/* To get type fd_set */
#include <sys/types.h>
#include <sys/time.h>
/* To get struct sockaddr, struct in_addr and struct hostent */
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
/* To get struct stat */
#include <sys/stat.h>
/* To get struct utimbuf */
#include <utime.h>
int utime(const char *, struct utimbuf *);
int syscall(int, ...);
pid_t getpid(void);
int ftruncate(int, off_t);
int fchmod(int, mode_t);
int fchown(int fd, int owner, int group);
int fsync(int);
int seteuid(uid_t);
int setreuid(int, int);
int flock(int, int);
int gettimeofday(struct timeval *tp, struct timezone *tzp);
int lstat(const char *, struct stat *);
int ioctl(int, int, void *);
int getpriority(int which, int who);
int setpriority(int which, int who, int priority);
int getdtablesize(void);
int initgroups(const char *name, int basegid);
long ulimit(int cmd, long newlimit);
int vhangup(void);
int sigblock(int);
int sigsetmask(int);
int setitimer(int which, struct itimerval *value, struct itimerval *ovalue);
int munmap(caddr_t addr, int len);
int socket(int, int, int);
int setsockopt(int, int, int, void *, int);
int bind(int, void *, int);
int getsockname(int, struct sockaddr *, int *);
int accept(int, struct sockaddr *, int *);
int connect(int, struct sockaddr *, int);
int listen(int, int);
int recv(int s, void *buf, int len, int flags);
int recvfrom(int, char *, int, int, void *, int *);
int sendto(int, const char *, int, int, void *, int);
int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
int shutdown(int, int);
int getpeername(int, struct sockaddr *, int *);
int getsockopt(int, int, int, void *, int *);
int send(int s, const void *msg, int len, int flags);
struct strbuf;
int getmsg(int fd, struct strbuf *ctlptr, struct strbuf *dataptr, int *flags);
char *inet_ntoa(struct in_addr in);
unsigned long inet_addr(const char *cp);
int gethostname(char *, int);
struct hostent *gethostbyname(const char *);
int dn_expand(const u_char *msg,
const u_char *eomorig,
const u_char *comp_dn,
char *exp_dn,
int length);
int res_search(const char *dname,
int class,
int type,
u_char *answer,
int anslen);
int yp_get_default_domain (char **outdomain);
int innetgr(const char *netgroup, const char *machine,
const char *user, const char *domain);
char *getwd(char *pathname);
void bzero(char *b, int length);
int strcasecmp(const char *, const char *);
void swab(const char *, char *, int);
int atoi(const char *str);
char *mktemp(char *);
void srandom(int seed);
int random(void);
int rcmd(char **, unsigned short, char *, char *, char *, int *);
int rresvport(int *);
int openlog(const char *ident, int logopt, int facility);
int syslog(int priority, const char *message, ...);
int ttyslot(void);
char *getpass(const char *);
char *getusershell(void);
void setpwent();
void endpwent();
#include <stdio.h>
int fclose(FILE *);
#endif /* SunOS4 */
#if SunOS == 5
#include <sys/types.h>
#include <sys/resource.h>
char *getusershell(void);
char *strtok_r(char *, const char *, char **);
int getpriority (int which, id_t who);
int setpriority (int which, id_t who, int prio);
int getdtablesize (void);
char *getusershell(void);
void setusershell(void);
void endusershell(void);
#if defined(__GNUC__)
int syscall(int, ...);
int gethostname(char *, int);
struct timeval;
int gettimeofday(struct timeval *tp, void *);
#endif
#endif
#if defined(__osf__) /* OSF/1 */
#if 0
/* To get type fd_set */
#include <sys/types.h>
#include <sys/time.h>
int select(int, fd_set *, fd_set *, fd_set *, struct timeval *);
int fsync(int fildes);
int gethostname(char *address, int address_len);
int setreuid(int ruid, int euid);
int ioctl(int d, unsigned long request, void * arg);
#endif
int flock(int fildes, int operation);
int syscall(int, ...);
unsigned short htons(unsigned short hostshort);
unsigned int htonl(unsigned int hostint);
unsigned short ntohs(unsigned short netshort);
unsigned int ntohl(unsigned int netint);
char *mktemp(char *template);
char *getusershell(void);
int rcmd(char **, unsigned short, char *, char *, char *, int *);
int rresvport (int *port);
#endif /* OSF/1 */
#if defined(__sgi)
#include <sys/types.h>
char *ptsname(int fd);
struct spwd *getspuid(uid_t);
#endif /* IRIX */
#if defined(__GNUC__) && defined(_AIX) /* AIX */
struct timeval;
struct timezone;
int gettimeofday (struct timeval *Tp, void *Tzp);
#endif /* AIX */
#if defined(__GNUC__) && defined(__hpux) /* HP-UX */
int syscall(int, ...);
int vhangup(void);
char *ptsname(int fildes);
void utmpname(const char *file);
int innetgr(const char *netgroup, const char *machine,
const char *user, const char *domain);
int dn_comp(char *exp_dn, char *comp_dn, int length,
char **dnptrs, char **lastdnptr);
int res_query(char *dname, int class, int type,
unsigned char *answer, int anslen);
int dn_expand(char *msg, char *eomorig, char *comp_dn,
char *exp_dn, int length);
int res_search(char *dname, int class, int type,
unsigned char *answer, int anslen);
#endif /* HP-UX */
#if defined(WIN32) /* Visual C++ 4.0 (Windows95/NT) */
int open(const char *, int, ...);
int close(int);
int read(int, void *, unsigned int);
int write(int, const void *, unsigned int);
#endif /* WIN32 */

149
crypto/kerberosIV/include/sys/cdefs.H
View File

@ -1,149 +0,0 @@
/* -*- C -*-
*
* ++Copyright++ 1991, 1993
* -
* Copyright (c) 1991, 1993
* The Regents of the University of California. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the University of
* California, Berkeley and its contributors.
* 4. Neither the name of the University nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
* -
* Portions Copyright (c) 1993 by Digital Equipment Corporation.
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies, and that
* the name of Digital Equipment Corporation not be used in advertising or
* publicity pertaining to distribution of the document or software without
* specific, written prior permission.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL
* WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT
* CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL
* DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR
* PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS
* ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS
* SOFTWARE.
* -
* --Copyright--
*/
/*
* @(#)cdefs.h 8.1 (Berkeley) 6/2/93
* $Id: cdefs.H,v 1.2 1995/09/10 20:18:56 d91-jda Exp $
*/
#ifndef _CDEFS_H_
#define _CDEFS_H_
#if defined(__cplusplus)
#define __BEGIN_DECLS extern "C" {
#define __END_DECLS };
#else
#define __BEGIN_DECLS
#define __END_DECLS
#endif
/*
* The __CONCAT macro is used to concatenate parts of symbol names, e.g.
* with "#define OLD(foo) __CONCAT(old,foo)", OLD(foo) produces oldfoo.
* The __CONCAT macro is a bit tricky -- make sure you don't put spaces
* in between its arguments. __CONCAT can also concatenate double-quoted
* strings produced by the __STRING macro, but this only works with ANSI C.
*/
#if defined(__STDC__) || defined(__cplusplus)
#ifndef __P /* it's quite popular to define this */
#define __P(protos) protos /* full-blown ANSI C */
#endif
#define __CONCAT(x,y) x ## y
#define __STRING(x) #x
#define __const const /* define reserved names to standard */
#define __signed signed
#define __volatile volatile
#if defined(__cplusplus)
#define __inline inline /* convert to C++ keyword */
#else
#ifndef __GNUC__
#define __inline /* delete GCC keyword */
#endif /* !__GNUC__ */
#endif /* !__cplusplus */
#else /* !(__STDC__ || __cplusplus) */
#ifndef __P
#define __P(protos) () /* traditional C preprocessor */
#endif
#define __CONCAT(x,y) x/**/y
#define __STRING(x) "x"
#ifndef __GNUC__
#define __const /* delete pseudo-ANSI C keywords */
#define __inline
#define __signed
#define __volatile
/*
* In non-ANSI C environments, new programs will want ANSI-only C keywords
* deleted from the program and old programs will want them left alone.
* When using a compiler other than gcc, programs using the ANSI C keywords
* const, inline etc. as normal identifiers should define -DNO_ANSI_KEYWORDS.
* When using "gcc -traditional", we assume that this is the intent; if
* __GNUC__ is defined but __STDC__ is not, we leave the new keywords alone.
*/
#ifndef NO_ANSI_KEYWORDS
#define const /* delete ANSI C keywords */
#define inline
#define signed
#define volatile
#endif
#endif /* !__GNUC__ */
#endif /* !(__STDC__ || __cplusplus) */
/*
* GCC1 and some versions of GCC2 declare dead (non-returning) and
* pure (no side effects) functions using "volatile" and "const";
* unfortunately, these then cause warnings under "-ansi -pedantic".
* GCC2 uses a new, peculiar __attribute__((attrs)) style. All of
* these work for GNU C++ (modulo a slight glitch in the C++ grammar
* in the distribution version of 2.5.5).
*/
#if !defined(__GNUC__) || __GNUC__ < 2 || __GNUC_MINOR__ < 5
#define __attribute__(x) /* delete __attribute__ if non-gcc or gcc1 */
#if defined(__GNUC__) && !defined(__STRICT_ANSI__)
#define __dead __volatile
#define __pure __const
#endif
#endif
/* Delete pseudo-keywords wherever they are not available or needed. */
#ifndef __dead
#define __dead
#define __pure
#endif
#endif /* !_CDEFS_H_ */

52
crypto/kerberosIV/kuser/kinit.c
View File

@ -15,11 +15,13 @@
* -v[erbose]
* -l[ifetime]
* -p
*
* $FreeBSD$
*/
#include "kuser_locl.h"
RCSID("$Id$");
RCSID("$Id: kinit.c,v 1.17 1997/12/12 04:48:44 assar Exp $");
#define LIFE DEFAULT_TKT_LIFE /* lifetime of ticket in 5-minute units */
#define CHPASSLIFE 2
@ -60,7 +62,6 @@ main(int argc, char **argv)
*inst = *realm = '\0';
iflag = rflag = vflag = lflag = pflag = 0;
lifetime = LIFE;
set_progname(argv[0]);
while (--argc) {
if ((*++argv)[0] != '-') {
@ -97,8 +98,8 @@ main(int argc, char **argv)
iflag = rflag = 1;
username = NULL;
}
if (k_gethostname(buf, MaxHostNameLen))
err(1, "k_gethostname failed");
if (gethostname(buf, MaxHostNameLen))
err(1, "gethostname failed");
printf("%s (%s)\n", ORGANIZATION, buf);
if (username) {
printf("Kerberos Initialization for \"%s", aname);
@ -108,41 +109,13 @@ main(int argc, char **argv)
printf("@%s", realm);
printf("\"\n");
} else {
if (iflag) {
printf("Kerberos Initialization\n");
printf("Kerberos name: ");
get_input(name, sizeof(name), stdin);
if (!*name)
return 0;
if ((k_errno = kname_parse(aname, inst, realm, name))
!= KSUCCESS )
errx(1, "%s", krb_get_err_text(k_errno));
} else {
int uid = getuid();
char *getenv();
struct passwd *pwd;
/* default to current user name unless running as root */
if (uid == 0 && (username = getenv("USER")) &&
strcmp(username, "root") != 0) {
strncpy(aname, username, sizeof(aname));
strncpy(inst, "root", sizeof(inst));
} else {
pwd = getpwuid(uid);
if (pwd == (struct passwd *) NULL) {
fprintf(stderr, "Unknown name for your uid\n");
printf("Kerberos name: ");
get_input(aname, sizeof(aname), stdin);
} else
strncpy(aname, pwd->pw_name, sizeof(aname));
}
if (!*aname)
return 0;
if (!k_isname(aname)) {
errx(1, "%s", "bad Kerberos name format");
}
}
printf("Kerberos Initialization\n");
printf("Kerberos name: ");
get_input(name, sizeof(name), stdin);
if (!*name)
return 0;
if ((k_errno = kname_parse(aname, inst, realm, name)) != KSUCCESS )
errx(1, "%s", krb_get_err_text(k_errno));
}
/* optional instance */
if (iflag) {
@ -179,7 +152,6 @@ main(int argc, char **argv)
lifetime, 0);
if (vflag) {
printf("Kerberos realm %s:\n", realm);
printf("Ticket file: %s\n", tkt_string());
printf("%s\n", krb_get_err_text(k_errno));
} else if (k_errno)
errx(1, "%s", krb_get_err_text(k_errno));

2
crypto/kerberosIV/lib/kadm/kadm_err.et
View File

@ -6,6 +6,8 @@
# <mit-copyright.h>.
#
# Kerberos administration server error table
#
# $FreeBSD$
#
et kadm

109
crypto/kerberosIV/lib/kafs/kafs.h
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@ -36,13 +36,14 @@
* SUCH DAMAGE.
*/
/* $Id$ */
/* $Id: kafs.h,v 1.31 1999/07/07 12:30:40 assar Exp $ */
/* $FreeBSD$ */
#ifndef __KAFS_H
#define __KAFS_H
#include <sys/types.h>
#include <sys/cdefs.h>
/* XXX must include krb5.h or krb.h */
/* sys/ioctl.h must be included manually before kafs.h */
/*
@ -54,10 +55,39 @@
#define _VICEIOCTL(id) ((unsigned int ) _IOW('V', id, struct ViceIoctl))
#endif /* _VICEIOCTL */
#define VIOCSETAL _VICEIOCTL(1)
#define VIOCGETAL _VICEIOCTL(2)
#define VIOCSETTOK _VICEIOCTL(3)
#define VIOCGETVOLSTAT _VICEIOCTL(4)
#define VIOCSETVOLSTAT _VICEIOCTL(5)
#define VIOCFLUSH _VICEIOCTL(6)
#define VIOCGETTOK _VICEIOCTL(8)
#define VIOCUNLOG _VICEIOCTL(9)
#define VIOCCKSERV _VICEIOCTL(10)
#define VIOCCKBACK _VICEIOCTL(11)
#define VIOCCKCONN _VICEIOCTL(12)
#define VIOCWHEREIS _VICEIOCTL(14)
#define VIOCACCESS _VICEIOCTL(20)
#define VIOCUNPAG _VICEIOCTL(21)
#define VIOCGETFID _VICEIOCTL(22)
#define VIOCSETCACHESIZE _VICEIOCTL(24)
#define VIOCFLUSHCB _VICEIOCTL(25)
#define VIOCNEWCELL _VICEIOCTL(26)
#define VIOCGETCELL _VICEIOCTL(27)
#define VIOC_AFS_DELETE_MT_PT _VICEIOCTL(28)
#define VIOC_AFS_STAT_MT_PT _VICEIOCTL(29)
#define VIOC_FILE_CELL_NAME _VICEIOCTL(30)
#define VIOC_GET_WS_CELL _VICEIOCTL(31)
#define VIOC_AFS_MARINER_HOST _VICEIOCTL(32)
#define VIOC_GET_PRIMARY_CELL _VICEIOCTL(33)
#define VIOC_VENUSLOG _VICEIOCTL(34)
#define VIOC_GETCELLSTATUS _VICEIOCTL(35)
#define VIOC_SETCELLSTATUS _VICEIOCTL(36)
#define VIOC_FLUSHVOLUME _VICEIOCTL(37)
#define VIOC_AFS_SYSNAME _VICEIOCTL(38)
#define VIOC_EXPORTAFS _VICEIOCTL(39)
#define VIOCGETCACHEPARAMS _VICEIOCTL(40)
#define VIOC_GCPAGS _VICEIOCTL(48)
struct ViceIoctl {
caddr_t in, out;
@ -73,17 +103,34 @@ struct ClearToken {
int32_t EndTimestamp;
};
#ifdef __STDC__
#ifndef __P
#define __P(x) x
#endif
#else
#ifndef __P
#define __P(x) ()
#endif
#endif
/* Use k_hasafs() to probe if the machine supports AFS syscalls.
The other functions will generate a SIGSYS if AFS is not supported */
int k_hasafs __P((void));
int k_afsklog __P((const char *cell, const char *realm));
int k_afsklog_uid __P((const char *cell, const char *realm, uid_t uid));
int krb_afslog __P((const char *cell, const char *realm));
int krb_afslog_uid __P((const char *cell, const char *realm, uid_t uid));
int krb_afslog_home __P((const char *cell, const char *realm,
const char *homedir));
int krb_afslog_uid_home __P((const char *cell, const char *realm, uid_t uid,
const char *homedir));
int krb_realm_of_cell __P((const char *cell, char **realm));
/* compat */
#define k_afsklog krb_afslog
#define k_afsklog_uid krb_afslog_uid
int k_pioctl __P((char *a_path,
int o_opcode,
struct ViceIoctl *a_paramsP,
@ -92,9 +139,59 @@ int k_unlog __P((void));
int k_setpag __P((void));
int k_afs_cell_of_file __P((const char *path, char *cell, int len));
/* XXX */
#ifdef KFAILURE
#define KRB_H_INCLUDED
#endif
#ifdef KRB5_RECVAUTH_IGNORE_VERSION
#define KRB5_H_INCLUDED
#endif
#ifdef KRB_H_INCLUDED
int kafs_settoken __P((const char*, uid_t, CREDENTIALS*));
#endif
#ifdef KRB5_H_INCLUDED
krb5_error_code krb5_afslog_uid __P((krb5_context context,
krb5_ccache id,
const char *cell,
krb5_const_realm realm,
uid_t uid));
krb5_error_code krb5_afslog __P((krb5_context context,
krb5_ccache id,
const char *cell,
krb5_const_realm realm));
krb5_error_code krb5_afslog_uid_home __P((krb5_context context,
krb5_ccache id,
const char *cell,
krb5_const_realm realm,
uid_t uid,
const char *homedir));
krb5_error_code krb5_afslog_home __P((krb5_context context,
krb5_ccache id,
const char *cell,
krb5_const_realm realm,
const char *homedir));
krb5_error_code krb5_realm_of_cell __P((const char *cell, char **realm));
#endif
#define _PATH_VICE "/usr/vice/etc/"
#define _PATH_THISCELL _PATH_VICE "ThisCell"
#define _PATH_CELLSERVDB _PATH_VICE "CellServDB"
#define _PATH_THESECELLS _PATH_VICE "TheseCells"
#define _PATH_ARLA_VICE "/usr/arla/etc/"
#define _PATH_ARLA_THISCELL _PATH_ARLA_VICE "ThisCell"
#define _PATH_ARLA_CELLSERVDB _PATH_ARLA_VICE "CellServDB"
#define _PATH_ARLA_THESECELLS _PATH_ARLA_VICE "TheseCells"
extern int _kafs_debug;
#endif /* __KAFS_H */

150
crypto/kerberosIV/lib/kdb/base64.c
View File

@ -1,150 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
RCSID("$Id: base64.c,v 1.7 1997/04/01 08:18:16 joda Exp $");
#endif
#include <stdlib.h>
#include <ctype.h>
#include <string.h>
#include "base64.h"
static char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";
static int POS(char c)
{
if(c == '=') return 64;
if(isupper(c))
return c - 'A';
if(islower(c))
return c - 'a' + 26;
if(isdigit(c))
return c - '0' + 52;
if(c == '+')
return 62;
if(c == '/')
return 63;
return -1;
}
char *base64_encode(const void *buf, int size)
{
char *str = (char*)malloc((size+3)*4/3+1);
char *p=str;
unsigned char *q = (unsigned char*)buf;
int i;
int c;
i=0;
while(i<size){
c=q[i++];
c*=256;
if(i<size)
c+=q[i];
i++;
c*=256;
if(i<size)
c+=q[i];
i++;
p[0]=base64[(c&0x00fc0000) >> 18];
p[1]=base64[(c&0x0003f000) >> 12];
p[2]=base64[(c&0x00000fc0) >> 6];
p[3]=base64[(c&0x0000003f) >> 0];
if(i>size)
p[3]='=';
if(i>size+1)
p[2]='=';
p+=4;
}
*p=0;
return str;
}
/* convert string in s to binary data. s should be a multiple of 4
* bytes long. data should be at least len(s) * 3 / 4 bytes long.
* returns
*/
int base64_decode(char *s, void *data)
{
char *p;
unsigned char *q;
int n[4];
if(strlen(s) % 4)
return -1;
q=(unsigned char*)data;
for(p=s; *p; p+=4){
n[0] = POS(p[0]);
n[1] = POS(p[1]);
n[2] = POS(p[2]);
n[3] = POS(p[3]);
if((n[0] | n[1] | n[2] | n[3]) < 0)
return -1;
if(n[0] == 64 || n[1] == 64)
return -1;
if(n[2] == 64 && n[3] < 64)
return -1;
q[0] = (n[0] << 2) + (n[1] >> 4);
if(n[2] < 64){
q[1] = ((n[1] & 15) << 4) + (n[2] >> 2);
}
if(n[3] < 64){
q[2] = ((n[2] & 3) << 6) + n[3];
}
q+=3;
}
q -= (n[2] == 64) + (n[3] == 64);
return q - (unsigned char*)data;
}
#ifdef TEST
int main(int argc, char **argv)
{
char str[128];
char buf[128];
char *p;
printf("base64_encode(\"%s\") = \"%s\"\n", argv[1],
p=base64_encode(argv[1], strlen(argv[1])));
printf("base64_decode(\"%s\") = %d", p, base64_decode(p, buf));
printf(" (\"%s\")\n", buf);
printf("base64_decode(\"%s\") = %d", argv[1], base64_decode(argv[1], buf));
printf(" (\"%s\")\n", buf);
}
#endif

47
crypto/kerberosIV/lib/kdb/base64.h
View File

@ -1,47 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: base64.h,v 1.5 1997/04/01 08:18:16 joda Exp $ */
#ifndef _BASE64_H_
#define _BASE64_H_
char *base64_encode(const void *buf, int size);
int base64_decode(char *s, void *data);
#endif

3
crypto/kerberosIV/lib/kdb/kdc.h
View File

@ -1,5 +1,6 @@
/*
* $Id$
* $Id: kdc.h,v 1.8 1997/04/01 03:59:05 assar Exp $
* $FreeBSD$
*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
*

3
crypto/kerberosIV/lib/kdb/krb_db.h
View File

@ -1,5 +1,6 @@
/*
* $Id$
* $Id: krb_db.h,v 1.15 1996/12/17 20:34:32 assar Exp $
* $FreeBSD$
*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
*

71
crypto/kerberosIV/lib/krb/et_list.c
View File

@ -1,71 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/*
* This is a hack to resolve the reference to _et_list when making a
* shared library under Psoriasis and possibly other systems. Presumably
* they define __ELF__, some people say Linux does so.
*/
#include "config.h"
RCSID("$Id: et_list.c,v 1.1.1.1 1997/09/04 06:04:22 markm Exp $");
struct et_list {
struct et_list *next;
const struct error_table *table;
};
#if defined(__GNUC__)
struct et_list * _et_list __attribute__ ((weak)) = 0;
#else /* !__GNUC__ */
#ifdef HAVE_PRAGMA_WEAK
#pragma weak _et_list = __et_list
struct et_list * __et_list = 0;
#else /* !HAVE_PRAGMA_WEAK */
struct et_list * _et_list = 0;
#endif /* !HAVE_PRAGMA_WEAK */
#endif /* !__GNUC__ */

56
crypto/kerberosIV/lib/krb/gettimeofday.c
View File

@ -1,56 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "krb_locl.h"
RCSID("$Id: gettimeofday.c,v 1.5 1997/04/01 08:18:29 joda Exp $");
#ifndef HAVE_GETTIMEOFDAY
/*
* Simple gettimeofday that only returns seconds.
*/
int
gettimeofday (struct timeval *tp, void *ignore)
{
time_t t;
t = time(NULL);
tp->tv_sec = t;
tp->tv_usec = 0;
return 0;
}
#endif

116
crypto/kerberosIV/lib/krb/k_concat.c
View File

@ -1,116 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "krb_locl.h"
RCSID("$Id: k_concat.c,v 1.5 1997/05/02 08:56:39 joda Exp $");
int
k_concat (char *s, size_t len, ...)
{
int ret;
va_list args;
va_start(args, len);
ret = k_vconcat (s, len, args);
va_end(args);
return ret;
}
int
k_vconcat (char *s, size_t len, va_list args)
{
const char *a;
while ((a = va_arg(args, const char*))) {
size_t n = strlen (a);
if (n >= len)
return -1;
strncpy (s, a, n);
s += n;
len -= n;
}
*s = '\0';
return 0;
}
size_t
k_vmconcat (char **s, size_t max_len, va_list args)
{
const char *a;
char *p, *q;
size_t len = 0;
*s = NULL;
p = malloc(1);
if(p == NULL)
return 0;
*p = 0;
len = 1;
while ((a = va_arg(args, const char*))) {
size_t n = strlen (a);
if(max_len && len + n > max_len){
free(p);
return 0;
}
q = realloc(p, len + n);
if(q == NULL){
free(p);
return 0;
}
p = q;
len += n;
strcat(p, a);
}
*s = p;
return len;
}
size_t
k_mconcat (char **s, size_t max_len, ...)
{
int ret;
va_list args;
va_start(args, max_len);
ret = k_vmconcat (s, max_len, args);
va_end(args);
return ret;
}

95
crypto/kerberosIV/lib/krb/k_flock.c
View File

@ -1,95 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "krb_locl.h"
RCSID("$Id: k_flock.c,v 1.8 1997/04/01 08:18:30 joda Exp $");
#define K_OP_MASK (K_LOCK_SH | K_LOCK_EX | K_LOCK_UN)
int
k_flock(int fd, int operation)
{
#ifdef HAVE_FLOCK
int op = 0;
if (operation & K_LOCK_SH)
op |= LOCK_SH;
if (operation & K_LOCK_EX)
op |= LOCK_EX;
if (operation & K_LOCK_UN)
op |= LOCK_UN;
if (operation & K_LOCK_NB)
op |= LOCK_NB;
return flock(fd, op);
#elif defined(HAVE_FCNTL) && defined(F_SETLK)
struct flock arg;
int code, cmd;
arg.l_whence = SEEK_SET;
arg.l_start = 0;
arg.l_len = 0; /* means to EOF */
if (operation & K_LOCK_NB)
cmd = F_SETLK;
else
cmd = F_SETLKW; /* Blocking */
switch (operation & K_OP_MASK) {
case K_LOCK_UN:
arg.l_type = F_UNLCK;
code = fcntl(fd, F_SETLK, &arg);
break;
case K_LOCK_SH:
arg.l_type = F_RDLCK;
code = fcntl(fd, cmd, &arg);
break;
case K_LOCK_EX:
arg.l_type = F_WRLCK;
code = fcntl(fd, cmd, &arg);
break;
default:
errno = EINVAL;
code = -1;
break;
}
return code;
#else
return -1;
#endif /* !HAVE_FLOCK */
}

58
crypto/kerberosIV/lib/krb/k_gethostname.c
View File

@ -1,58 +0,0 @@
/*
Copyright (C) 1989 by the Massachusetts Institute of Technology
Export of this software from the United States of America is assumed
to require a specific license from the United States Government.
It is the responsibility of any person or organization contemplating
export to obtain such a license before exporting.
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
distribute this software and its documentation for any purpose and
without fee is hereby granted, provided that the above copyright
notice appear in all copies and that both that copyright notice and
this permission notice appear in supporting documentation, and that
the name of M.I.T. not be used in advertising or publicity pertaining
to distribution of the software without specific, written prior
permission. M.I.T. makes no representations about the suitability of
this software for any purpose. It is provided "as is" without express
or implied warranty.
*/
#include "krb_locl.h"
RCSID("$Id: k_gethostname.c,v 1.10 1997/03/23 03:53:12 joda Exp $");
#ifdef HAVE_SYS_UTSNAME_H
#include <sys/utsname.h>
#endif
/*
* Return the local host's name in "name", up to "namelen" characters.
* "name" will be null-terminated if "namelen" is big enough.
* The return code is 0 on success, -1 on failure. (The calling
* interface is identical to gethostname(2).)
*/
int
k_gethostname(char *name, int namelen)
{
#if defined(HAVE_GETHOSTNAME)
return gethostname(name, namelen);
#elif defined(HAVE_UNAME)
{
struct utsname utsname;
int ret;
ret = uname (&utsname);
if (ret < 0)
return ret;
strncpy (name, utsname.nodename, namelen);
name[namelen-1] = '\0';
return 0;
}
#else
strncpy (name, "some.random.host", namelen);
name[namelen-1] = '\0';
return 0;
#endif
}

319
crypto/kerberosIV/lib/krb/krb.h
View File

@ -1,5 +1,6 @@
/*
* $Id$
* $Id: krb.h,v 1.97 1999/06/29 21:18:06 bg Exp $
* $FreeBSD$
*
* Copyright 1987, 1988 by the Massachusetts Institute of Technology.
*
@ -9,20 +10,39 @@
* Include file for the Kerberos library.
*/
/* Only one time, please */
#ifndef KRB_DEFS
#define KRB_DEFS
#if !defined (__STDC__) && !defined(_MSC_VER)
#define const
#define signed
#endif
#include <sys/types.h>
#include <sys/cdefs.h>
#include <stdarg.h>
#include <time.h>
__BEGIN_DECLS
#ifndef __KRB_H__
#define __KRB_H__
/* XXX */
#ifndef __BEGIN_DECLS
#if defined(__cplusplus)
#define __BEGIN_DECLS extern "C" {
#define __END_DECLS };
#else
#define __BEGIN_DECLS
#define __END_DECLS
#endif
#endif
#if defined (__STDC__) || defined (_MSC_VER)
#ifndef __P
#define __P(x) x
#endif
#else
#ifndef __P
#define __P(x) ()
#endif
#endif
__BEGIN_DECLS
/* Need some defs from des.h */
#if !defined(NOPROTO) && !defined(__STDC__)
@ -30,7 +50,7 @@ __BEGIN_DECLS
#endif
#include <des.h>
/* Don't use these guys, they are only for compatibility with CNS. */
/* CNS compatibility ahead! */
#ifndef KRB_INT32
#define KRB_INT32 int32_t
#endif
@ -43,15 +63,16 @@ extern int krb_ignore_ip_address; /* To turn off IP address comparison */
extern int krb_no_long_lifetimes; /* To disable AFS compatible lifetimes */
extern int krbONE;
#define HOST_BYTE_ORDER (* (char *) &krbONE)
/* Debug variables */
extern int krb_debug;
extern int krb_ap_req_debug;
extern int krb_dns_debug;
/* Text describing error codes */
#define MAX_KRB_ERRORS 256
extern const char *krb_err_txt[MAX_KRB_ERRORS];
/* Use this function rather than indexing in krb_err_txt */
const char *krb_get_err_text __P((int code));
/* General definitions */
#define KSUCCESS 0
#define KFAILURE 255
@ -71,7 +92,6 @@ const char *krb_get_err_text __P((int code));
*/
/* /etc/kerberosIV is only for backwards compatibility, don't use it! */
/* FreeBSD wants to maintain backwards compatibility */
#ifndef KRB_CONF
#define KRB_CONF "/etc/kerberosIV/krb.conf"
#endif
@ -133,7 +153,7 @@ typedef struct ktext KTEXT_ST;
/* Definitions for send_to_kdc */
#define CLIENT_KRB_TIMEOUT 4 /* time between retries */
#define CLIENT_KRB_TIMEOUT 4 /* default time between retries */
#define CLIENT_KRB_RETRY 5 /* retry this many times */
#define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */
@ -199,17 +219,14 @@ typedef struct msg_dat MSG_DAT;
struct krb_host {
char *realm;
char *host;
int proto;
enum krb_host_proto { PROTO_UDP, PROTO_TCP, PROTO_HTTP } proto;
int port;
int admin;
};
struct krb_host *krb_get_host __P((int, char*, int));
/* Location of ticket file for save_cred and get_cred */
#define TKT_FILE tkt_string()
#define TKT_ROOT "/tmp/tkt_"
#define TKT_ROOT "/tmp/tkt"
/* Error codes returned from the KDC */
#define KDC_OK 0 /* Request OK */
@ -298,76 +315,6 @@ struct krb_host *krb_get_host __P((int, char*, int));
/* Error code returned by krb_mk_safe */
#define SAFE_PRIV_ERROR -1 /* syscall error */
/*
* macros for byte swapping; also scratch space
* u_quad 0-->7, 1-->6, 2-->5, 3-->4, 4-->3, 5-->2, 6-->1, 7-->0
* u_int32_t 0-->3, 1-->2, 2-->1, 3-->0
* u_int16_t 0-->1, 1-->0
*/
#define swap_u_16(x) {\
u_int32_t _krb_swap_tmp[4];\
swab(((char *) x) +0, ((char *) _krb_swap_tmp) +14 ,2); \
swab(((char *) x) +2, ((char *) _krb_swap_tmp) +12 ,2); \
swab(((char *) x) +4, ((char *) _krb_swap_tmp) +10 ,2); \
swab(((char *) x) +6, ((char *) _krb_swap_tmp) +8 ,2); \
swab(((char *) x) +8, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) x) +10,((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) x) +12,((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) x) +14,((char *) _krb_swap_tmp) +0 ,2); \
memcpy(x, _krb_swap_tmp, 16);\
}
#define swap_u_12(x) {\
u_int32_t _krb_swap_tmp[4];\
swab(( char *) x, ((char *) _krb_swap_tmp) +10 ,2); \
swab(((char *) x) +2, ((char *) _krb_swap_tmp) +8 ,2); \
swab(((char *) x) +4, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) x) +6, ((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) x) +8, ((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) x) +10,((char *) _krb_swap_tmp) +0 ,2); \
memcpy(x, _krb_swap_tmp, 12);\
}
#define swap_C_Block(x) {\
u_int32_t _krb_swap_tmp[4];\
swab(( char *) x, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) x) +2,((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) x) +4,((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) x) +6,((char *) _krb_swap_tmp) ,2); \
memcpy(x, _krb_swap_tmp, 8);\
}
#define swap_u_quad(x) {\
u_int32_t _krb_swap_tmp[4];\
swab(( char *) &x, ((char *) _krb_swap_tmp) +6 ,2); \
swab(((char *) &x) +2,((char *) _krb_swap_tmp) +4 ,2); \
swab(((char *) &x) +4,((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) &x) +6,((char *) _krb_swap_tmp) ,2); \
memcpy(x, _krb_swap_tmp, 8);\
}
#define swap_u_long(x) {\
u_int32_t _krb_swap_tmp[4];\
swab((char *) &x, ((char *) _krb_swap_tmp) +2 ,2); \
swab(((char *) &x) +2,((char *) _krb_swap_tmp),2); \
x = _krb_swap_tmp[0]; \
}
#define swap_u_short(x) {\
u_int16_t _krb_swap_sh_tmp; \
swab((char *) &x, ( &_krb_swap_sh_tmp) ,2); \
x = (u_int16_t) _krb_swap_sh_tmp; \
}
/* Kerberos ticket flag field bit definitions */
#define K_FLAG_ORDER 0 /* bit 0 --> lsb */
#define K_FLAG_1 /* reserved */
#define K_FLAG_2 /* reserved */
#define K_FLAG_3 /* reserved */
#define K_FLAG_4 /* reserved */
#define K_FLAG_5 /* reserved */
#define K_FLAG_6 /* reserved */
#define K_FLAG_7 /* reserved, bit 7 --> msb */
/* Defines for krb_sendauth and krb_recvauth */
#define KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */
@ -378,189 +325,33 @@ struct krb_host *krb_get_host __P((int, char*, int));
* a hostname
*/
#define KOPT_IGNORE_PROTOCOL 0x0008
#define KRB_SENDAUTH_VLEN 8 /* length for version strings */
/* File locking */
#define K_LOCK_SH 1 /* Shared lock */
#define K_LOCK_EX 2 /* Exclusive lock */
#define K_LOCK_NB 4 /* Don't block when locking */
#define K_LOCK_UN 8 /* Unlock */
int k_flock __P((int fd, int operation));
struct tm *k_localtime __P((u_int32_t *));
int k_getsockinst __P((int fd, char *inst, size_t));
int k_getportbyname __P((const char *service, const char *proto, int default_port));
/* flags for krb_verify_user() */
#define KRB_VERIFY_NOT_SECURE 0
#define KRB_VERIFY_SECURE 1
#define KRB_VERIFY_SECURE_FAIL 2
extern char *krb4_version;
struct in_addr;
typedef int (*key_proc_t) __P((const char *name,
char *instance, /* INOUT parameter */
const char *realm,
const void *password,
des_cblock *key));
int k_get_all_addrs __P((struct in_addr **l));
typedef int (*decrypt_proc_t) __P((const char *name,
const char *instance,
const char *realm,
const void *arg,
key_proc_t,
KTEXT *));
/* Host address comparison */
int krb_equiv __P((u_int32_t, u_int32_t));
/* Password conversion */
void mit_string_to_key __P((char *str, char *cell, des_cblock *key));
void afs_string_to_key __P((char *str, char *cell, des_cblock *key));
/* Lifetime conversion */
u_int32_t krb_life_to_time __P((u_int32_t start, int life));
int krb_time_to_life __P((u_int32_t start, u_int32_t end));
char *krb_life_to_atime __P((int life));
int krb_atime_to_life __P((char *atime));
/* Ticket manipulation */
int tf_get_cred __P((CREDENTIALS *));
int tf_get_pinst __P((char *));
int tf_get_pname __P((char *));
int tf_put_pinst __P((char *));
int tf_put_pname __P((char *));
int tf_init __P((char *, int));
int tf_create __P((char *));
int tf_save_cred __P((char *, char *, char *, unsigned char *, int , int , KTEXT ticket, u_int32_t));
void tf_close __P((void));
int tf_setup __P((CREDENTIALS *cred, char *pname, char *pinst));
/* Private communication */
struct sockaddr_in;
int32_t krb_mk_priv __P((void *, void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *));
int32_t krb_rd_priv __P((void *, u_int32_t, struct des_ks_struct *, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *));
/* Misc */
KTEXT create_auth_reply __P((char *, char *, char *, int32_t, int, u_int32_t, int, KTEXT));
char *krb_get_phost __P((const char *));
char *krb_realmofhost __P((const char *));
char *tkt_string __P((void));
int create_ciph __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t, int, KTEXT, u_int32_t, des_cblock *));
int decomp_ticket __P((KTEXT, unsigned char *, char *, char *, char *, u_int32_t *, unsigned char *, int *, u_int32_t *, char *, char *, des_cblock *, struct des_ks_struct *));
int dest_tkt __P((void));
int get_ad_tkt __P((char *, char *, char *, int));
int get_pw_tkt __P((char *, char *, char *, char *));
int get_request __P((KTEXT, int, char **, char **));
int in_tkt __P((char *, char *));
int k_gethostname __P((char *, int ));
int k_isinst __P((char *));
int k_isname __P((char *));
int k_isrealm __P((char *));
int kname_parse __P((char *, char *, char *, char *));
int krb_parse_name __P((const char*, krb_principal*));
char *krb_unparse_name __P((krb_principal*));
char *krb_unparse_name_r __P((krb_principal*, char*));
char *krb_unparse_name_long __P((char*, char*, char*));
char *krb_unparse_name_long_r __P((char *name, char *instance, char *realm, char *fullname));
int krb_create_ticket __P((KTEXT, unsigned char, char *, char *, char *, int32_t, void *, int16_t, int32_t, char *, char *, des_cblock *));
int krb_get_admhst __P((char *, char *, int));
int krb_get_cred __P((char *, char *, char *, CREDENTIALS *));
typedef int (*key_proc_t) __P((char*, char*, char*, void*, des_cblock*));
typedef int (*decrypt_proc_t) __P((char*, char*, char*, void*,
key_proc_t, KTEXT*));
int krb_get_in_tkt __P((char*, char*, char*, char*, char*, int, key_proc_t,
decrypt_proc_t, void*));
int srvtab_to_key __P((char *, char *, char *, void *, des_cblock *));
int passwd_to_key __P((char *, char *, char *, void *, des_cblock *));
int passwd_to_afskey __P((char *, char *, char *, void *, des_cblock *));
int krb_get_krbhst __P((char *, char *, int));
int krb_get_lrealm __P((char *, int));
char *krb_get_default_realm __P((void));
int krb_get_pw_in_tkt __P((char *, char *, char *, char *, char *, int, char *));
int krb_get_svc_in_tkt __P((char *, char *, char *, char *, char *, int, char *));
int krb_get_tf_fullname __P((char *, char *, char *, char *));
int krb_get_tf_realm __P((char *, char *));
int krb_kntoln __P((AUTH_DAT *, char *));
int krb_mk_req __P((KTEXT , char *, char *, char *, int32_t));
int krb_net_read __P((int , void *, size_t));
int krb_net_write __P((int , const void *, size_t));
int krb_rd_err __P((u_char *, u_int32_t, int32_t *, MSG_DAT *));
int krb_rd_req __P((KTEXT , char *, char *, int32_t, AUTH_DAT *, char *));
int krb_recvauth __P((int32_t, int, KTEXT, char *, char *, struct sockaddr_in *, struct sockaddr_in *, AUTH_DAT *, char *, struct des_ks_struct *, char *));
int krb_sendauth __P((int32_t, int, KTEXT, char *,char *, char *, u_int32_t, MSG_DAT *, CREDENTIALS *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *, char *));
int krb_mk_auth __P((int32_t, KTEXT, char *, char *, char *, u_int32_t, char *, KTEXT));
int krb_check_auth __P((KTEXT, u_int32_t, MSG_DAT *, des_cblock *, struct des_ks_struct *, struct sockaddr_in *, struct sockaddr_in *));
int krb_set_key __P((void *, int));
int krb_set_lifetime __P((int));
int krb_kuserok __P((char *name, char *inst, char *realm, char *luser));
int kuserok __P((AUTH_DAT *, char *));
int read_service_key __P((char *, char *, char *, int , char *, char *));
int save_credentials __P((char *, char *, char *, unsigned char *, int , int , KTEXT , int32_t));
int send_to_kdc __P((KTEXT , KTEXT , char *));
int32_t krb_mk_err __P((u_char *, int32_t, char *));
int32_t krb_mk_safe __P((void *, void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *));
int32_t krb_rd_safe __P((void *, u_int32_t, des_cblock *, struct sockaddr_in *, struct sockaddr_in *, MSG_DAT *));
void ad_print __P((AUTH_DAT *));
void cr_err_reply __P((KTEXT, char *, char *, char *, u_int32_t, u_int32_t, char *));
void extract_ticket __P((KTEXT, int, char *, int *, int *, char *, KTEXT));
void krb_set_tkt_string __P((char *));
int krb_get_default_principal __P((char *, char *, char *));
int krb_realm_parse __P((char *, int));
int krb_verify_user __P((char*, char*, char*, char*, int, char *));
/* logging.c */
typedef int (*krb_log_func_t)(FILE *, const char *, va_list);
typedef krb_log_func_t krb_warnfn_t;
struct krb_log_facility;
int krb_vlogger __P((struct krb_log_facility*, const char *, va_list))
#ifdef __GNUC__
__attribute__ ((format (printf, 2, 0)))
#endif
;
int krb_logger __P((struct krb_log_facility*, const char *, ...))
#ifdef __GNUC__
__attribute__ ((format (printf, 2, 3)))
#endif
;
int krb_openlog __P((struct krb_log_facility*, char*, FILE*, krb_log_func_t));
void krb_set_warnfn __P((krb_warnfn_t));
krb_warnfn_t krb_get_warnfn __P((void));
void krb_warning __P((const char*, ...))
#ifdef __GNUC__
__attribute__ ((format (printf, 1, 2)))
#endif
;
void kset_logfile __P((char*));
void krb_log __P((const char*, ...))
#ifdef __GNUC__
__attribute__ ((format (printf, 1, 2)))
#endif
;
char *klog __P((int, const char*, ...))
#ifdef __GNUC__
__attribute__ ((format (printf, 2, 3)))
#endif
;
int getst __P((int, char *, int));
const char *month_sname __P((int));
const char *krb_stime __P((time_t *));
int krb_check_tm __P((struct tm));
int krb_get_int __P((void *from, u_int32_t *to, int size, int lsb));
int krb_put_int __P((u_int32_t from, void *to, int size));
int krb_get_address __P((void *from, u_int32_t *to));
int krb_put_address __P((u_int32_t addr, void *to));
int krb_put_string __P((char *from, void *to));
int krb_get_string __P((void *from, char *to));
int krb_get_nir __P((void *from, char *name, char *instance, char *realm));
int krb_put_nir __P((char *name, char *instance, char *realm, void *to));
#include "krb-protos.h"
__END_DECLS
#endif /* KRB_DEFS */
#endif /* __KRB_H__ */

26
crypto/kerberosIV/lib/krb/lsb_addr_comp.h
View File

@ -1,26 +0,0 @@
/*
* $Id: lsb_addr_comp.h,v 1.6 1996/10/05 00:18:02 joda Exp $
*
* Copyright 1988 by the Massachusetts Institute of Technology.
*
* For copying and distribution information, please see the file
* <mit-copyright.h>.
*
* Comparison macros to emulate LSBFIRST comparison results of network
* byte-order quantities
*/
#ifndef LSB_ADDR_COMP_DEFS
#define LSB_ADDR_COMP_DEFS
/* Compare x and y in VAX byte order, result is -1, 0 or 1. */
#define krb_lsb_antinet_ulong_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ulong_cmp(x, y))
#define krb_lsb_antinet_ushort_less(x, y) (((x) == (y)) ? 0 : krb_lsb_antinet_ushort_cmp(x, y))
int krb_lsb_antinet_ulong_cmp(u_int32_t x, u_int32_t y);
int krb_lsb_antinet_ushort_cmp(u_int16_t x, u_int16_t y);
u_int32_t lsb_time(time_t t, struct sockaddr_in *src, struct sockaddr_in *dst);
#endif /* LSB_ADDR_COMP_DEFS */

55
crypto/kerberosIV/lib/krb/netread.c
View File

@ -1,55 +0,0 @@
/*
Copyright (C) 1989 by the Massachusetts Institute of Technology
Export of this software from the United States of America is assumed
to require a specific license from the United States Government.
It is the responsibility of any person or organization contemplating
export to obtain such a license before exporting.
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
distribute this software and its documentation for any purpose and
without fee is hereby granted, provided that the above copyright
notice appear in all copies and that both that copyright notice and
this permission notice appear in supporting documentation, and that
the name of M.I.T. not be used in advertising or publicity pertaining
to distribution of the software without specific, written prior
permission. M.I.T. makes no representations about the suitability of
this software for any purpose. It is provided "as is" without express
or implied warranty.
*/
#include "krb_locl.h"
RCSID("$Id: netread.c,v 1.6 1997/03/23 03:53:15 joda Exp $");
/*
* krb_net_read() reads from the file descriptor "fd" to the buffer
* "buf", until either 1) "len" bytes have been read or 2) cannot
* read anymore from "fd". It returns the number of bytes read
* or a read() error. (The calling interface is identical to
* read(2).)
*
* XXX must not use non-blocking I/O
*/
int
krb_net_read (int fd, void *v, size_t len)
{
int cc, len2 = 0;
char *buf = v;
do {
cc = read(fd, buf, len);
if (cc < 0)
return(cc); /* errno is already set */
else if (cc == 0) {
return(len2);
} else {
buf += cc;
len2 += cc;
len -= cc;
}
} while (len > 0);
return(len2);
}

52
crypto/kerberosIV/lib/krb/netwrite.c
View File

@ -1,52 +0,0 @@
/*
Copyright (C) 1989 by the Massachusetts Institute of Technology
Export of this software from the United States of America is assumed
to require a specific license from the United States Government.
It is the responsibility of any person or organization contemplating
export to obtain such a license before exporting.
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
distribute this software and its documentation for any purpose and
without fee is hereby granted, provided that the above copyright
notice appear in all copies and that both that copyright notice and
this permission notice appear in supporting documentation, and that
the name of M.I.T. not be used in advertising or publicity pertaining
to distribution of the software without specific, written prior
permission. M.I.T. makes no representations about the suitability of
this software for any purpose. It is provided "as is" without express
or implied warranty.
*/
#include "krb_locl.h"
RCSID("$Id: netwrite.c,v 1.7 1997/03/23 03:53:15 joda Exp $");
/*
* krb_net_write() writes "len" bytes from "buf" to the file
* descriptor "fd". It returns the number of bytes written or
* a write() error. (The calling interface is identical to
* write(2).)
*
* XXX must not use non-blocking I/O
*/
int
krb_net_write(int fd, const void *v, size_t len)
{
int cc;
int wrlen = len;
const char *buf = (const char*)v;
do {
cc = write(fd, buf, wrlen);
if (cc < 0)
return(cc);
else {
buf += cc;
wrlen -= cc;
}
} while (wrlen > 0);
return(len);
}

288
crypto/kerberosIV/lib/krb/resolve.c
View File

@ -1,288 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include "krb_locl.h"
#include "resolve.h"
RCSID("$Id: resolve.c,v 1.11 1997/06/01 04:19:20 assar Exp $");
#if defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND)
#define DECL(X) {#X, T_##X}
static struct stot{
char *name;
int type;
}stot[] = {
DECL(A),
DECL(NS),
DECL(CNAME),
DECL(PTR),
DECL(MX),
DECL(TXT),
DECL(AFSDB),
DECL(SRV),
{NULL, 0}
};
static int
string_to_type(const char *name)
{
struct stot *p = stot;
for(p = stot; p->name; p++)
if(strcasecmp(name, p->name) == 0)
return p->type;
return -1;
}
#if 0
static char *
type_to_string(int type)
{
struct stot *p = stot;
for(p = stot; p->name; p++)
if(type == p->type)
return p->name;
return NULL;
}
#endif
void
dns_free_data(struct dns_reply *r)
{
struct resource_record *rr;
if(r->q.domain)
free(r->q.domain);
for(rr = r->head; rr;){
struct resource_record *tmp = rr;
if(rr->domain)
free(rr->domain);
if(rr->u.data)
free(rr->u.data);
rr = rr->next;
free(tmp);
}
free (r);
}
static struct dns_reply*
parse_reply(unsigned char *data, int len)
{
unsigned char *p;
char host[128];
int status;
struct dns_reply *r;
struct resource_record **rr;
r = (struct dns_reply*)malloc(sizeof(struct dns_reply));
memset(r, 0, sizeof(struct dns_reply));
p = data;
memcpy(&r->h, p, sizeof(HEADER));
p += sizeof(HEADER);
status = dn_expand(data, data + len, p, host, sizeof(host));
if(status < 0){
dns_free_data(r);
return NULL;
}
r->q.domain = strdup(host);
p += status;
r->q.type = (p[0] << 8 | p[1]);
p += 2;
r->q.class = (p[0] << 8 | p[1]);
p += 2;
rr = &r->head;
while(p < data + len){
int type, class, ttl, size;
status = dn_expand(data, data + len, p, host, sizeof(host));
if(status < 0){
dns_free_data(r);
return NULL;
}
p += status;
type = (p[0] << 8) | p[1];
p += 2;
class = (p[0] << 8) | p[1];
p += 2;
ttl = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
p += 4;
size = (p[0] << 8) | p[1];
p += 2;
*rr = (struct resource_record*)calloc(1,
sizeof(struct resource_record));
(*rr)->domain = strdup(host);
(*rr)->type = type;
(*rr)->class = class;
(*rr)->ttl = ttl;
(*rr)->size = size;
switch(type){
case T_NS:
case T_CNAME:
case T_PTR:
status = dn_expand(data, data + len, p, host, sizeof(host));
if(status < 0){
dns_free_data(r);
return NULL;
}
(*rr)->u.txt = strdup(host);
break;
case T_MX:
case T_AFSDB:{
status = dn_expand(data, data + len, p + 2, host, sizeof(host));
if(status < 0){
dns_free_data(r);
return NULL;
}
(*rr)->u.mx = (struct mx_record*)malloc(sizeof(struct mx_record) +
strlen(host));
(*rr)->u.mx->preference = (p[0] << 8) | p[1];
strcpy((*rr)->u.mx->domain, host);
break;
}
case T_SRV:{
status = dn_expand(data, data + len, p + 6, host, sizeof(host));
if(status < 0){
dns_free_data(r);
return NULL;
}
(*rr)->u.srv =
(struct srv_record*)malloc(sizeof(struct srv_record) +
strlen(host));
(*rr)->u.srv->priority = (p[0] << 8) | p[1];
(*rr)->u.srv->weight = (p[2] << 8) | p[3];
(*rr)->u.srv->port = (p[4] << 8) | p[5];
strcpy((*rr)->u.srv->target, host);
break;
}
case T_TXT:{
(*rr)->u.txt = (char*)malloc(size + 1);
strncpy((*rr)->u.txt, (char*)p + 1, *p);
(*rr)->u.txt[*p] = 0;
break;
}
default:
(*rr)->u.data = (unsigned char*)malloc(size);
memcpy((*rr)->u.data, p, size);
}
p += size;
rr = &(*rr)->next;
}
*rr = NULL;
return r;
}
struct dns_reply *
dns_lookup(const char *domain, const char *type_name)
{
unsigned char reply[1024];
int len;
int type;
struct dns_reply *r = NULL;
type = string_to_type(type_name);
len = res_search(domain, C_IN, type, reply, sizeof(reply));
if(len >= 0)
r = parse_reply(reply, len);
return r;
}
#else /* defined(HAVE_RES_SEARCH) && defined(HAVE_DN_EXPAND) */
struct dns_reply *
dns_lookup(const char *domain, const char *type_name)
{
return NULL;
}
void
dns_free_data(struct dns_reply *r)
{
}
#endif
#ifdef TEST
int
main(int argc, char **argv)
{
struct dns_reply *r;
struct resource_record *rr;
r = dns_lookup(argv[1], argv[2]);
if(r == NULL){
printf("No reply.\n");
return 1;
}
for(rr = r->head; rr;rr=rr->next){
printf("%s %s %d ", rr->domain, type_to_string(rr->type), rr->ttl);
switch(rr->type){
case T_NS:
printf("%s\n", (char*)rr->data);
break;
case T_A:
printf("%d.%d.%d.%d\n",
((unsigned char*)rr->data)[0],
((unsigned char*)rr->data)[1],
((unsigned char*)rr->data)[2],
((unsigned char*)rr->data)[3]);
break;
case T_MX:
case T_AFSDB:{
struct mx_record *mx = (struct mx_record*)rr->data;
printf("%d %s\n", mx->preference, mx->domain);
break;
}
case T_SRV:{
struct srv_record *srv = (struct srv_record*)rr->data;
printf("%d %d %d %s\n", srv->priority, srv->weight,
srv->port, srv->target);
break;
}
default:
printf("\n");
break;
}
}
return 0;
}
#endif

110
crypto/kerberosIV/lib/krb/resolve.h
View File

@ -1,110 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: resolve.h,v 1.5 1997/05/14 17:41:25 joda Exp $ */
/* THIS IS NOT (yet) A PUBLIC INTERFACE */
#ifndef __RESOLVE_H__
#define __RESOLVE_H__
/* We use these, but they are not always present in <arpa/nameser.h> */
#ifndef T_TXT
#define T_TXT 16
#endif
#ifndef T_AFSDB
#define T_AFSDB 18
#endif
#ifndef T_SRV
#define T_SRV 33
#endif
struct dns_query{
char *domain;
unsigned type;
unsigned class;
};
struct mx_record{
unsigned preference;
char domain[1];
};
struct srv_record{
unsigned priority;
unsigned weight;
unsigned port;
char target[1];
};
struct resource_record{
char *domain;
unsigned type;
unsigned class;
unsigned ttl;
unsigned size;
union {
void *data;
struct mx_record *mx;
struct mx_record *afsdb; /* mx and afsdb are identical */
struct srv_record *srv;
struct in_addr *a;
char *txt;
}u;
struct resource_record *next;
};
#ifndef HAVE_ARPA_NAMESER_H /* XXX */
typedef int HEADER; /* will never be used */
#endif
struct dns_reply{
HEADER h;
struct dns_query q;
struct resource_record *head;
};
struct dns_reply* dns_lookup(const char *, const char *);
void dns_free_data(struct dns_reply *r);
#endif /* __RESOLVE_H__ */

56
crypto/kerberosIV/lib/krb/swab.c
View File

@ -1,56 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
RCSID("$Id: swab.c,v 1.4 1997/04/01 08:18:45 joda Exp $");
#endif
#ifndef HAVE_SWAB
void
swab (char *from, char *to, int nbytes)
{
while(nbytes >= 2) {
*(to + 1) = *from;
*to = *(from + 1);
to += 2;
from += 2;
nbytes -= 2;
}
}
#endif

64
crypto/kerberosIV/lib/krb/util.c
View File

@ -1,64 +0,0 @@
/*
*
* Copyright 1988 by the Massachusetts Institute of Technology.
*
* For copying and distribution information, please see the file
* <mit-copyright.h>.
*
* Miscellaneous debug printing utilities
*/
#include "krb_locl.h"
RCSID("$Id: util.c,v 1.6 1996/10/05 00:18:34 joda Exp $");
/*
* Print some of the contents of the given authenticator structure
* (AUTH_DAT defined in "krb.h"). Fields printed are:
*
* pname, pinst, prealm, netaddr, flags, cksum, timestamp, session
*/
void
ad_print(AUTH_DAT *x)
{
/*
* Print the contents of an auth_dat struct.
*/
struct in_addr address;
address.s_addr = x->address;
printf("\n%s %s %s %s flags %u cksum 0x%X\n\ttkt_tm 0x%X sess_key",
x->pname, x->pinst, x->prealm,
inet_ntoa(address), x->k_flags,
x->checksum, x->time_sec);
printf("[8] =");
#ifdef NOENCRYPTION
placebo_cblock_print(x->session);
#else
des_cblock_print_file(&x->session,stdout);
#endif
/* skip reply for now */
}
/*
* Print in hex the 8 bytes of the given session key.
*
* Printed format is: " 0x { x, x, x, x, x, x, x, x }"
*/
#ifdef NOENCRYPTION
placebo_cblock_print(x)
des_cblock x;
{
unsigned char *y = (unsigned char *) x;
int i = 0;
printf(" 0x { ");
while (i++ <8) {
printf("%x",*y++);
if (i<8) printf(", ");
}
printf(" }");
}
#endif

338
crypto/kerberosIV/lib/roken/roken.h
View File

@ -1,338 +0,0 @@
/*
* Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by the Kungliga Tekniska
* Högskolan and its contributors.
*
* 4. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
/* $Id: roken.h,v 1.63 1997/05/28 05:38:09 assar Exp $ */
#ifndef __ROKEN_H__
#define __ROKEN_H__
#include <stdlib.h>
#include <stdarg.h>
#include <string.h>
#include <signal.h>
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
#ifdef HAVE_GRP_H
#include <grp.h>
#endif
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_TERMIOS_H
#include <termios.h>
#endif
#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
#include <sys/ioctl.h>
#endif
#include "protos.h"
#if !defined(HAVE_SETSID) && defined(HAVE__SETSID)
#define setsid _setsid
#endif
#ifndef HAVE_PUTENV
int putenv(const char *string);
#endif
#ifndef HAVE_SETENV
int setenv(const char *var, const char *val, int rewrite);
#endif
#ifndef HAVE_UNSETENV
void unsetenv(const char *name);
#endif
#ifndef HAVE_GETUSERSHELL
char *getusershell(void);
#endif
#if !defined(__GNUC__) && !defined(__attribute__)
#define __attribute__(x)
#endif
#ifndef HAVE_SNPRINTF
int snprintf (char *str, size_t sz, const char *format, ...)
__attribute__ ((format (printf, 3, 4)));
#endif
#ifndef HAVE_VSNPRINTF
int vsnprintf (char *str, size_t sz, const char *format, va_list ap)
__attribute__((format (printf, 3, 0)));
#endif
#ifndef HAVE_ASPRINTF
int asprintf (char **ret, const char *format, ...)
__attribute__ ((format (printf, 2, 3)));
#endif
#ifndef HAVE_VASPRINTF
int vasprintf (char **ret, const char *format, va_list ap)
__attribute__((format (printf, 2, 0)));
#endif
#ifndef HAVE_ASNPRINTF
int asnprintf (char **ret, size_t max_sz, const char *format, ...)
__attribute__ ((format (printf, 3, 4)));
#endif
#ifndef HAVE_VASNPRINTF
int vasnprintf (char **ret, size_t max_sz, const char *format, va_list ap)
__attribute__((format (printf, 3, 0)));
#endif
#ifndef HAVE_STRDUP
char * strdup(const char *old);
#endif
#ifndef HAVE_STRLWR
char * strlwr(char *);
#endif
#ifndef HAVE_STRNLEN
int strnlen(char*, int);
#endif
#ifndef HAVE_STRTOK_R
char *strtok_r(char *s1, const char *s2, char **lasts);
#endif
#ifndef HAVE_STRUPR
char * strupr(char *);
#endif
#ifndef HAVE_GETDTABLESIZE
int getdtablesize(void);
#endif
#if IRIX != 4 /* fix for compiler bug */
#ifdef RETSIGTYPE
typedef RETSIGTYPE (*SigAction)(/* int??? */);
SigAction signal(int iSig, SigAction pAction); /* BSD compatible */
#endif
#endif
#ifndef SIG_ERR
#define SIG_ERR ((RETSIGTYPE (*)())-1)
#endif
#if !defined(HAVE_STRERROR) && !defined(strerror)
char *strerror(int eno);
#endif
#ifndef HAVE_HSTRERROR
char *hstrerror(int herr);
#endif
#ifndef HAVE_H_ERRNO_DECLARATION
extern int h_errno;
#endif
#ifndef HAVE_INET_ATON
/* Minimal implementation of inet_aton. Doesn't handle hex numbers. */
int inet_aton(const char *cp, struct in_addr *adr);
#endif
#if !defined(HAVE_GETCWD)
char* getcwd(char *path, size_t size);
#endif
#ifndef HAVE_GETENT
int getent(char *cp, char *name);
#endif
#ifdef HAVE_PWD_H
#include <pwd.h>
struct passwd *k_getpwnam (char *user);
struct passwd *k_getpwuid (uid_t uid);
#endif
#ifndef HAVE_SETEUID
int seteuid(int euid);
#endif
#ifndef HAVE_SETEGID
int setegid(int egid);
#endif
#ifndef HAVE_LSTAT
int lstat(const char *path, struct stat *buf);
#endif
#ifndef HAVE_MKSTEMP
int mkstemp(char *);
#endif
#ifndef HAVE_INITGROUPS
int initgroups(const char *name, gid_t basegid);
#endif
#ifndef HAVE_FCHOWN
int fchown(int fd, uid_t owner, gid_t group);
#endif
#ifndef HAVE_CHOWN
int chown(const char *path, uid_t owner, gid_t group);
#endif
#ifndef HAVE_RCMD
int rcmd(char **ahost, unsigned short inport, const char *locuser,
const char *remuser, const char *cmd, int *fd2p);
#endif
#ifdef TIME_WITH_SYS_TIME
#include <sys/time.h>
#include <time.h>
#elif defined(HAVE_SYS_TIME_H)
#include <sys/time.h>
#else
#include <time.h>
#endif
time_t tm2time (struct tm tm, int local);
int unix_verify_user(char *user, char *password);
void inaddr2str(struct in_addr addr, char *s, size_t len);
void mini_inetd (int port);
#ifndef HAVE_STRUCT_WINSIZE
struct winsize {
unsigned short ws_row, ws_col;
unsigned short ws_xpixel, ws_ypixel;
};
#endif
int get_window_size(int fd, struct winsize *);
#ifndef INADDR_NONE
#define INADDR_NONE 0xffffffff
#endif
#ifndef SOMAXCONN
#define SOMAXCONN 5
#endif
#ifndef STDIN_FILENO
#define STDIN_FILENO 0
#endif
#ifndef STDOUT_FILENO
#define STDOUT_FILENO 1
#endif
#ifndef STDERR_FILENO
#define STDERR_FILENO 2
#endif
#ifndef max
#define max(a,b) (((a)>(b))?(a):(b))
#endif
#ifndef min
#define min(a,b) (((a)<(b))?(a):(b))
#endif
#ifndef TRUE
#define TRUE 1
#endif
#ifndef FALSE
#define FALSE 0
#endif
#ifdef HAVE_SYSLOG_H
#include <syslog.h>
/* Misc definitions for old syslogs */
#ifndef LOG_DAEMON
#define openlog(id,option,facility) openlog((id),(option))
#define LOG_DAEMON 0
#endif
#ifndef LOG_ODELAY
#define LOG_ODELAY 0
#endif
#ifndef LOG_NDELAY
#define LOG_NDELAY 0x08
#endif
#ifndef LOG_CONS
#define LOG_CONS 0
#endif
#ifndef LOG_AUTH
#define LOG_AUTH 0
#endif
#ifndef LOG_AUTHPRIV
#define LOG_AUTHPRIV LOG_AUTH
#endif
#endif
#ifndef HAVE_OPTARG_DECLARATION
extern char *optarg;
#endif
#ifndef HAVE_OPTIND_DECLARATION
extern int optind;
#endif
#ifndef HAVE_OPTERR_DECLARATION
extern int opterr;
#endif
#ifndef HAVE___PROGNAME_DECLARATION
extern const char *__progname;
#endif
void set_progname(char *argv0);
#ifdef HAVE_PATHS_H
#include <paths.h>
#endif
#ifndef _PATH_DEVNULL
#define _PATH_DEVNULL "/dev/null"
#endif
#endif /* __ROKEN_H__ */

7
crypto/kerberosIV/man/kinit.1
View File

@ -1,4 +1,5 @@
.\" $Id$
.\" $Id: kinit.1,v 1.4 1998/12/18 16:57:29 assar Exp $
.\" $FreeBSD$
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\"
.\" For copying and distribution information,
@ -110,7 +111,7 @@ server.
.B \-v
Verbose mode.
.I kinit
prints the realm you are in, the name of the ticket file used, and
prints the name of the ticket file used, and
a status message indicating the success or failure of
your login attempt.
.TP
@ -122,7 +123,7 @@ restrictions in Kerberos Version 4, this value must be between 5 and
.TP
.B \-p
.I kinit
will acquires a ticket for chpass.kerberos.
will acquires a ticket for changepw.kerberos.
.SH SEE ALSO
.PP
kerberos(1), kdestroy(1), klist(1), toehold(1)

7
crypto/kerberosIV/man/kprop.8
View File

@ -1,4 +1,5 @@
.\" $Id: kprop.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $
.\" $Id: kprop.8,v 1.2 1996/06/15 17:03:22 assar Exp $
.\" $FreeBSD$
.\"
.Dd June 7, 1996
.Dt KPROP 8
@ -53,6 +54,6 @@ on the master server.
.It Pa /etc/srvtab
.El
.Sh SEE ALSO
.Xr kadmind 8 ,
.Xr kpropd 8 ,
.Xr kerberos 8 ,
.Xr kpropd 8
.Xr kadmind 8

11
crypto/kerberosIV/man/kpropd.8
View File

@ -1,4 +1,5 @@
.\" $Id: kpropd.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $
.\" $Id: kpropd.8,v 1.2 1997/02/07 22:04:55 assar Exp $
.\" $FreeBSD$
.\"
.Dd June 7, 1996
.Dt KPROPD 8
@ -49,15 +50,15 @@ default is
Realm if other than the default realm.
.It Fl s
Srvtab if other than
.Pa /etc/srvtab .
.Pa /etc/kerberosIV/srvtab .
.El
.Sh FILES
.Bl -tag -width indent -compact
.It Pa /var/kerberos/principal.{db,dir,pag}
.It Pa /var/db/kerberos/principal.{db,dir,pag}
.It Pa /var/log/kpropd.log
.It Pa /etc/srvtab
.El
.Sh SEE ALSO
.Xr kadmind 8 ,
.Xr kprop 8 ,
.Xr kerberos 8 ,
.Xr kprop 8
.Xr kadmind 8

7
crypto/kerberosIV/man/ksrvutil.8
View File

@ -1,4 +1,5 @@
.\" $Id: ksrvutil.8,v 1.1.1.1 1997/09/04 06:04:32 markm Exp $
.\" $Id: ksrvutil.8,v 1.3 1996/06/12 21:29:27 bg Exp $
.\" $FreeBSD$
.\" Copyright 1989 by the Massachusetts Institute of Technology.
.\"
.\" For copying and distribution information,
@ -97,8 +98,8 @@ with the result should always give a usable keyfile, although the
resulting keyfile will have some out of date keys in it.
.Sh SEE ALSO
.Xr ksrvtgt 1 ,
.Xr kadmin 8
.Xr kadmin 8 ,
.Xr ksrvtgt 1
.Sh AUTHOR
Emanuel Jay Berkenbilt, MIT Project Athena