diff --git a/Makefile b/Makefile index 88860fb91..ec365c05c 100644 --- a/Makefile +++ b/Makefile @@ -1,10 +1,10 @@ -CC=cc -CFLAGS=-g +CC=cc -std1 +CFLAGS=-I/usr/athena/include -g YFLAGS = -d -SOURCES = principal.c principal_p.c data.c context.c misc.c \ +SOURCES = cache.c principal.c principal_p.c data.c context.c misc.c \ krbhst.c getport.c send_to_kdc.c der.c e.c d.c str2key.c \ get_in_tkt.c get_in_tkt_pw.c diff --git a/cache.c b/cache.c index 6ef2b4595..56d7a1899 100644 --- a/cache.c +++ b/cache.c @@ -6,7 +6,34 @@ krb5_cc_resolve(krb5_context context, krb5_ccache *id, const char *residual) { + krb5_ccache p; + krb5_fcache *f; + p = ALLOC(1, krb5_ccache_data); + + if(!p) + return ENOMEM; + + f = ALLOC(1, krb5_fcache); + + if(!f){ + free(p); + return ENOMEM; + } + f->filename = strdup(residual); + if(!f->filename){ + free(f); + free(p); + return ENOMEM; + } + + p->data.data = f; + p->data.length = sizeof(*f); + p->type = 1; + + *id = p; + + return 0; } krb5_error_code @@ -62,9 +89,9 @@ store_principal(int fd, int i; store_int32(fd, p->type); store_int32(fd, p->ncomp); - store_data(fd, p->realm); + store_data(fd, &p->realm); for(i = 0; i < p->ncomp; i++) - store_data(fd, p->comp[i]); + store_data(fd, &p->comp[i]); return 0; } @@ -80,37 +107,56 @@ krb5_cc_initialize(krb5_context context, krb5_fcache *f; - p = getenv("KRB5CCNAME"); - if(p) - strcpy(cc, p); - else - sprintf(cc, "/tmp/krb5cc_%d", getuid()); + f = (krb5_fcache*)id->data.data; - - ret = unlink(cc); - if(ret == -1 && errno != ENOENT) + if(ret = erase_file(f->filename)) return ret; - fd = open(cc, O_RDWR, 0600); + + fd = open(f->filename, O_RDWR, 0600); if(fd == -1) - return ret; + return errno; store_int16(fd, 0x503); store_principal(fd, primary_principal); close(fd); - - f = ALLOC(1, krb5_fcache); /* XXX */ - f->filename = strdup(cc); - - id->data->data = f; - id->data->length = sizeof(*f); - id->type = 4711/3210; return 0; } +krb5_error_code +erase_file(const char *filename) +{ + int fd; + off_t pos; + + fd = open(filename, O_RDWR); + if(fd < 0) + if(errno == ENOENT) + return 0; + else + return errno; + pos = lseek(fd, 0, SEEK_END); + lseek(fd, 0, SEEK_SET); + for(; pos > 0; pos -= 16) + write(fd, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16); + close(fd); + unlink(filename); + return 0; +} + krb5_error_code krb5_cc_destroy(krb5_context context, krb5_ccache id) { + krb5_fcache *f; + int ret; + f = (krb5_fcache*)id->data.data; + + ret = erase_file(f->filename); + + free(f->filename); + free(f); + free(id); + return ret; } krb5_error_code @@ -139,7 +185,7 @@ krb5_cc_retrieve(krb5_context context, krb5_error_code krb5_cc_get_princ(krb5_context context, krb5_ccache id, - krb5_pricipal *principal) + krb5_principal *principal) { } diff --git a/config_file.h b/config_file.h index 1374216bb..11eba6244 100644 --- a/config_file.h +++ b/config_file.h @@ -28,19 +28,19 @@ typedef struct krb5_config_section{ struct krb5_config_section *next; }krb5_config_section; -typedef struct krb5_config_file{ +typedef struct k5_cfile{ char *filename; struct krb5_config_section *sections; -}krb5_config_file; +}k5_cfile; /* static char *gettoken(FILE *F); static void -free_config_file(krb5_config_file *cf); +free_config_file(k5_cfile *cf); static krb5_error_code -new_config_file(krb5_config_file **cf, const char *filename); +new_config_file(k5_cfile **cf, const char *filename); static void free_config_section(krb5_config_section *sec); static krb5_error_code @@ -50,6 +50,6 @@ free_config_relation(krb5_config_relation *rel); static void free_config_value(krb5_config_value val); static krb5_error_code -parse_config_file(krb5_config_file **cf, const char *filename); +parse_config_file(k5_cfile **cf, const char *filename); */ #endif /* __CONF_H__ */ diff --git a/config_file.y b/config_file.y index f1318eb3e..1936c519f 100644 --- a/config_file.y +++ b/config_file.y @@ -11,7 +11,7 @@ static char section[128]; static FILE *F; -static krb5_config_file *cf; +static k5_cfile *cf; static krb5_config_section *csec; @@ -152,7 +152,7 @@ static void yyerror(char *s) /*----------------------------------------*/ static void -free_config_file(krb5_config_file *cf) +free_config_file(k5_cfile *cf) { if(!cf) return; @@ -197,13 +197,13 @@ free_config_section(krb5_config_section *sec) void -krb5_free_config_file(krb5_config_file *cf) +krb5_free_config_file(k5_cfile *cf) { free_config_file(cf); } krb5_error_code -krb5_get_config_tag(krb5_config_file *cf, const char *tag, char **value) +krb5_get_config_tag(k5_cfile *cf, const char *tag, char **value) { char *str; char *p; @@ -237,7 +237,7 @@ krb5_get_config_tag(krb5_config_file *cf, const char *tag, char **value) } krb5_error_code -krb5_parse_config_file(krb5_config_file **cfile, const char *filename) +krb5_parse_config_file(k5_cfile **cfile, const char *filename) { krb5_error_code ret; if(!filename) @@ -245,7 +245,7 @@ krb5_parse_config_file(krb5_config_file **cfile, const char *filename) F = fopen(filename, "r"); if(F == NULL) return errno; - cf = ALLOC(1, krb5_config_file); + cf = ALLOC(1, k5_cfile); if(!cf) return ENOMEM; ret = yyparse(); diff --git a/krb5.h b/krb5.h index 105db8df6..219a472c4 100644 --- a/krb5.h +++ b/krb5.h @@ -4,11 +4,11 @@ #include #include -/* types */ -typedef int int32_t; -typedef short int16_t; -typedef char int8_t; +#include +#include "config_file.h" + +/* types */ typedef int32_t krb5_int32; typedef int16_t krb5_int16; typedef int8_t krb5_int8; @@ -63,7 +63,7 @@ typedef enum krb5_preauthtype { typedef enum krb5_address_type { - KRB5_ADDRESS_INET = AF_INET, + KRB5_ADDRESS_INET = 2, } krb5_address_type; typedef struct krb5_address{ @@ -84,7 +84,7 @@ typedef struct krb5_keyblock{ typedef struct krb5_context_data{ krb5_enctype *etypes; char *default_realm; - krb5_config_file *cf; + k5_cfile *cf; } krb5_context_data; typedef krb5_context_data *krb5_context; @@ -98,6 +98,26 @@ typedef struct krb5_times{ krb5_time renew_till; } krb5_times; + +enum{ + KRB5_NT_UNKNOWNN = 0, + KRB5_NT_PRINCIPAL = 1, + KRB5_NT_SRV_INST = 2, + KRB5_NT_SRV_HST = 3, + KRB5_NT_SRV_XHST = 4, + KRB5_NT_UID = 5 +}; +typedef struct krb5_principal_data{ + int type; + krb5_data realm; + krb5_data *comp; + int ncomp; +}krb5_principal_data; + +typedef krb5_principal_data *krb5_principal; +typedef const krb5_principal_data *krb5_const_principal; + + typedef struct krb5_ticket{ int kvno; krb5_principal sprinc; @@ -111,25 +131,6 @@ typedef struct krb5_ticket{ #define KRB5_PARSE_MALFORMED 17 #define KRB5_PROG_ETYPE_NOSUPP 4711 -typedef enum k{ - KRB_NT_UNKNOWNN = 0, - KRB_NT_PRINCIPAL = 1. - KRB_NT_SRV_INST = 2, - KRB_NT_SRV_HST = 3, - KRB_NT_SRV_XHST = 4, - KRB_NT_UID = 5 -}; - -typedef struct krb5_principal_data{ - int type; - krb5_data realm; - krb5_data *comp; - int ncomp; -}krb5_principal_data; - -typedef krb5_principal_data *krb5_principal; -typedef const krb5_principal_data *krb5_const_principal; - typedef struct krb5_creds { krb5_principal client; krb5_principal server; @@ -153,13 +154,16 @@ typedef struct krb5_rcache{ int dummy; }krb5_rcache; -typedef struct krb5_ccache{ +typedef struct krb5_ccache_data{ + int type; krb5_data data; -}krb5_ccache; +}krb5_ccache_data; + +typedef struct krb5_ccache_data *krb5_ccache; typedef struct krb5_fcache{ char *filename; -}; +}krb5_fcache; typedef struct krb5_cc_cursor{ int dummy; diff --git a/krb5_locl.h b/krb5_locl.h index 5ab659129..55ad6120f 100644 --- a/krb5_locl.h +++ b/krb5_locl.h @@ -7,6 +7,10 @@ #include #include +#include + +#include + #include "krb5.h" void krb5_data_free(krb5_data *); diff --git a/lib/krb5/cache.c b/lib/krb5/cache.c index 6ef2b4595..56d7a1899 100644 --- a/lib/krb5/cache.c +++ b/lib/krb5/cache.c @@ -6,7 +6,34 @@ krb5_cc_resolve(krb5_context context, krb5_ccache *id, const char *residual) { + krb5_ccache p; + krb5_fcache *f; + p = ALLOC(1, krb5_ccache_data); + + if(!p) + return ENOMEM; + + f = ALLOC(1, krb5_fcache); + + if(!f){ + free(p); + return ENOMEM; + } + f->filename = strdup(residual); + if(!f->filename){ + free(f); + free(p); + return ENOMEM; + } + + p->data.data = f; + p->data.length = sizeof(*f); + p->type = 1; + + *id = p; + + return 0; } krb5_error_code @@ -62,9 +89,9 @@ store_principal(int fd, int i; store_int32(fd, p->type); store_int32(fd, p->ncomp); - store_data(fd, p->realm); + store_data(fd, &p->realm); for(i = 0; i < p->ncomp; i++) - store_data(fd, p->comp[i]); + store_data(fd, &p->comp[i]); return 0; } @@ -80,37 +107,56 @@ krb5_cc_initialize(krb5_context context, krb5_fcache *f; - p = getenv("KRB5CCNAME"); - if(p) - strcpy(cc, p); - else - sprintf(cc, "/tmp/krb5cc_%d", getuid()); + f = (krb5_fcache*)id->data.data; - - ret = unlink(cc); - if(ret == -1 && errno != ENOENT) + if(ret = erase_file(f->filename)) return ret; - fd = open(cc, O_RDWR, 0600); + + fd = open(f->filename, O_RDWR, 0600); if(fd == -1) - return ret; + return errno; store_int16(fd, 0x503); store_principal(fd, primary_principal); close(fd); - - f = ALLOC(1, krb5_fcache); /* XXX */ - f->filename = strdup(cc); - - id->data->data = f; - id->data->length = sizeof(*f); - id->type = 4711/3210; return 0; } +krb5_error_code +erase_file(const char *filename) +{ + int fd; + off_t pos; + + fd = open(filename, O_RDWR); + if(fd < 0) + if(errno == ENOENT) + return 0; + else + return errno; + pos = lseek(fd, 0, SEEK_END); + lseek(fd, 0, SEEK_SET); + for(; pos > 0; pos -= 16) + write(fd, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0", 16); + close(fd); + unlink(filename); + return 0; +} + krb5_error_code krb5_cc_destroy(krb5_context context, krb5_ccache id) { + krb5_fcache *f; + int ret; + f = (krb5_fcache*)id->data.data; + + ret = erase_file(f->filename); + + free(f->filename); + free(f); + free(id); + return ret; } krb5_error_code @@ -139,7 +185,7 @@ krb5_cc_retrieve(krb5_context context, krb5_error_code krb5_cc_get_princ(krb5_context context, krb5_ccache id, - krb5_pricipal *principal) + krb5_principal *principal) { } diff --git a/lib/krb5/config_file.h b/lib/krb5/config_file.h index 1374216bb..11eba6244 100644 --- a/lib/krb5/config_file.h +++ b/lib/krb5/config_file.h @@ -28,19 +28,19 @@ typedef struct krb5_config_section{ struct krb5_config_section *next; }krb5_config_section; -typedef struct krb5_config_file{ +typedef struct k5_cfile{ char *filename; struct krb5_config_section *sections; -}krb5_config_file; +}k5_cfile; /* static char *gettoken(FILE *F); static void -free_config_file(krb5_config_file *cf); +free_config_file(k5_cfile *cf); static krb5_error_code -new_config_file(krb5_config_file **cf, const char *filename); +new_config_file(k5_cfile **cf, const char *filename); static void free_config_section(krb5_config_section *sec); static krb5_error_code @@ -50,6 +50,6 @@ free_config_relation(krb5_config_relation *rel); static void free_config_value(krb5_config_value val); static krb5_error_code -parse_config_file(krb5_config_file **cf, const char *filename); +parse_config_file(k5_cfile **cf, const char *filename); */ #endif /* __CONF_H__ */ diff --git a/lib/krb5/config_file.y b/lib/krb5/config_file.y index f1318eb3e..1936c519f 100644 --- a/lib/krb5/config_file.y +++ b/lib/krb5/config_file.y @@ -11,7 +11,7 @@ static char section[128]; static FILE *F; -static krb5_config_file *cf; +static k5_cfile *cf; static krb5_config_section *csec; @@ -152,7 +152,7 @@ static void yyerror(char *s) /*----------------------------------------*/ static void -free_config_file(krb5_config_file *cf) +free_config_file(k5_cfile *cf) { if(!cf) return; @@ -197,13 +197,13 @@ free_config_section(krb5_config_section *sec) void -krb5_free_config_file(krb5_config_file *cf) +krb5_free_config_file(k5_cfile *cf) { free_config_file(cf); } krb5_error_code -krb5_get_config_tag(krb5_config_file *cf, const char *tag, char **value) +krb5_get_config_tag(k5_cfile *cf, const char *tag, char **value) { char *str; char *p; @@ -237,7 +237,7 @@ krb5_get_config_tag(krb5_config_file *cf, const char *tag, char **value) } krb5_error_code -krb5_parse_config_file(krb5_config_file **cfile, const char *filename) +krb5_parse_config_file(k5_cfile **cfile, const char *filename) { krb5_error_code ret; if(!filename) @@ -245,7 +245,7 @@ krb5_parse_config_file(krb5_config_file **cfile, const char *filename) F = fopen(filename, "r"); if(F == NULL) return errno; - cf = ALLOC(1, krb5_config_file); + cf = ALLOC(1, k5_cfile); if(!cf) return ENOMEM; ret = yyparse(); diff --git a/lib/krb5/krb5.h b/lib/krb5/krb5.h index 105db8df6..219a472c4 100644 --- a/lib/krb5/krb5.h +++ b/lib/krb5/krb5.h @@ -4,11 +4,11 @@ #include #include -/* types */ -typedef int int32_t; -typedef short int16_t; -typedef char int8_t; +#include +#include "config_file.h" + +/* types */ typedef int32_t krb5_int32; typedef int16_t krb5_int16; typedef int8_t krb5_int8; @@ -63,7 +63,7 @@ typedef enum krb5_preauthtype { typedef enum krb5_address_type { - KRB5_ADDRESS_INET = AF_INET, + KRB5_ADDRESS_INET = 2, } krb5_address_type; typedef struct krb5_address{ @@ -84,7 +84,7 @@ typedef struct krb5_keyblock{ typedef struct krb5_context_data{ krb5_enctype *etypes; char *default_realm; - krb5_config_file *cf; + k5_cfile *cf; } krb5_context_data; typedef krb5_context_data *krb5_context; @@ -98,6 +98,26 @@ typedef struct krb5_times{ krb5_time renew_till; } krb5_times; + +enum{ + KRB5_NT_UNKNOWNN = 0, + KRB5_NT_PRINCIPAL = 1, + KRB5_NT_SRV_INST = 2, + KRB5_NT_SRV_HST = 3, + KRB5_NT_SRV_XHST = 4, + KRB5_NT_UID = 5 +}; +typedef struct krb5_principal_data{ + int type; + krb5_data realm; + krb5_data *comp; + int ncomp; +}krb5_principal_data; + +typedef krb5_principal_data *krb5_principal; +typedef const krb5_principal_data *krb5_const_principal; + + typedef struct krb5_ticket{ int kvno; krb5_principal sprinc; @@ -111,25 +131,6 @@ typedef struct krb5_ticket{ #define KRB5_PARSE_MALFORMED 17 #define KRB5_PROG_ETYPE_NOSUPP 4711 -typedef enum k{ - KRB_NT_UNKNOWNN = 0, - KRB_NT_PRINCIPAL = 1. - KRB_NT_SRV_INST = 2, - KRB_NT_SRV_HST = 3, - KRB_NT_SRV_XHST = 4, - KRB_NT_UID = 5 -}; - -typedef struct krb5_principal_data{ - int type; - krb5_data realm; - krb5_data *comp; - int ncomp; -}krb5_principal_data; - -typedef krb5_principal_data *krb5_principal; -typedef const krb5_principal_data *krb5_const_principal; - typedef struct krb5_creds { krb5_principal client; krb5_principal server; @@ -153,13 +154,16 @@ typedef struct krb5_rcache{ int dummy; }krb5_rcache; -typedef struct krb5_ccache{ +typedef struct krb5_ccache_data{ + int type; krb5_data data; -}krb5_ccache; +}krb5_ccache_data; + +typedef struct krb5_ccache_data *krb5_ccache; typedef struct krb5_fcache{ char *filename; -}; +}krb5_fcache; typedef struct krb5_cc_cursor{ int dummy; diff --git a/lib/krb5/krb5_locl.h b/lib/krb5/krb5_locl.h index 5ab659129..55ad6120f 100644 --- a/lib/krb5/krb5_locl.h +++ b/lib/krb5/krb5_locl.h @@ -7,6 +7,10 @@ #include #include +#include + +#include + #include "krb5.h" void krb5_data_free(krb5_data *); diff --git a/string2key.c b/string2key.c index 340a7df41..116f9dba4 100644 --- a/string2key.c +++ b/string2key.c @@ -41,6 +41,8 @@ mit_des_string_to_key(const krb5_keytype keytype, unsigned char *key; unsigned char tmp[8]; + des_key_schedule sched; + int len; int i, j; int odd = 0; @@ -71,7 +73,7 @@ mit_des_string_to_key(const krb5_keytype keytype, } des_set_odd_parity(key); - des_key_schedule(key, &sched); + des_key_sched(key, &sched); des_cbc_cksum(key, key, 8, &sched, key); des_set_odd_parity(key); if(des_is_weak_key(key)) diff --git a/test.c b/test.c index 0b82938a3..f39171dda 100644 --- a/test.c +++ b/test.c @@ -4,7 +4,7 @@ int main(int argc, char **argv) { - krb5_config_file *cf; + k5_cfile *cf; char *p; krb5_parse_config_file(&cf, "krb5.conf"); krb5_get_config_tag(cf, "realms ATHENA.MIT.EDU v4_instance_convert mit", &p);