new files

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@1329 ec53bebd-3082-4978-b11e-865c3cabbd6b

lib/krb5/Makefile.am

@@ -12,10 +12,11 @@ libkrb5_a_SOURCES = cache.c config_file.y constants.c context.c data.c \
 	get_addrs.c get_cred.c get_in_tkt.c get_in_tkt_pw.c get_port.c \
 	krbhst.c misc.c principal.c principal_p.c send_to_kdc.c str2key.c \
 	crc.c build_ap_req.c build_auth.c mk_req.c get_host_realm.c \
-	auth_context.c rd_rep.c keytab.c store.c \
-	rd_req.c mk_rep.c mk_safe.c rd_safe.c \
+	auth_context.c rd_rep.c keytab.c store.c address.c \
+	rd_req.c mk_rep.c mk_safe.c rd_safe.c mk_priv.c rd_priv.c \
+	sendauth.c \
 	asn1_glue.c error/error.c error/krb5_err.c error/asn1_err.c \
-	encrypt.c checksum.c
+	encrypt.c decrypt.c checksum.c
 
 config_file.c: config_file.y
 	$(YACC) -p __k5cf_ $<

lib/krb5/address.c

@@ -0,0 +1,49 @@
+#include "krb5_locl.h"
+
+RCSID("$Id$");
+
+krb5_boolean
+krb5_address_search(krb5_context context,
+		    const krb5_address *addr,
+		    krb5_address *const *addrlist)
+{
+  krb5_address *a;
+
+  while((a = *addrlist++))
+    if (krb5_address_compare (context, addr, a))
+      return TRUE;
+  return FALSE;
+}
+
+krb5_boolean
+krb5_address_compare(krb5_context context,
+		     const krb5_address *addr1,
+		     const krb5_address *addr2)
+{
+  return addr1->type == addr2->type
+    && memcmp (addr1->address.data, addr2->address.data, addr1->address.length);
+}
+
+int
+krb5_address_order(krb5_context context,
+		   const krb5_address *addr1,
+		   const krb5_address *addr2)
+{
+  abort ();
+}
+
+krb5_error_code
+krb5_copy_addresses(krb5_context context,
+		    krb5_address *const *inaddr,
+		    krb5_address ***outaddr)
+{
+  abort ();
+}
+
+krb5_error_code
+krb5_free_address(krb5_context context,
+		  krb5_address *address)
+{
+  krb5_data_free (&address->address);
+  return 0;
+}

lib/krb5/decrypt.c

@@ -0,0 +1,34 @@
+#include <krb5_locl.h>
+#include "crc.h"
+
+RCSID("$Id$");
+
+krb5_error_code
+krb5_decrypt (krb5_context context,
+	      void *ptr,
+	      size_t len,
+	      krb5_keyblock *keyblock,
+	      krb5_data *result)
+{
+  u_char *p = (u_char *)ptr;
+  u_long my_crc, her_crc;
+  des_cblock key;
+  des_key_schedule schedule;
+
+  memcpy (&key, keyblock->contents.data, sizeof(key));
+  des_set_key (&key, schedule);
+  des_cbc_encrypt ((des_cblock *)ptr, (des_cblock *)ptr, len, schedule, &key, DES_DECRYPT);
+
+  her_crc = (p[11] << 24) | (p[10] << 16) | (p[9] << 8) | (p[8] << 0);
+  memset (p + 8, 0, sizeof(her_crc));
+  crc_init_table ();
+  my_crc = crc_update (ptr, len, 0);
+  if (my_crc != her_crc)
+    return KRB5KRB_AP_ERR_BAD_INTEGRITY;
+  result->length = len - 12;
+  result->data = malloc(result->length);
+  if (result->data == NULL)
+    return ENOMEM;
+  memcpy (result->data, (u_char *)ptr + 12, result->length);
+  return 0;
+}

lib/krb5/mk_priv.c

@@ -0,0 +1,58 @@
+#include <krb5_locl.h>
+
+RCSID("$Id$");
+
+krb5_error_code
+krb5_mk_priv(krb5_context context,
+	     krb5_auth_context auth_context,
+	     const krb5_data *userdata,
+	     krb5_data *outbuf,
+	     /*krb5_replay_data*/ void *outdata)
+{
+  krb5_error_code r;
+  KRB_PRIV s;
+  EncKrbPrivPart part;
+  struct timeval tv;
+  unsigned usec;
+  krb5_addresses addr;
+  u_char buf[1024];
+  int len;
+
+  r = krb5_get_all_client_addrs (&addr);
+  if (r)
+    return r;
+
+  part.user_data = *userdata;
+  gettimeofday (&tv, NULL);
+  usec = tv.tv_usec;
+  part.timestamp  = &tv.tv_sec;
+  part.usec       = &usec;
+  part.seq_number = NULL;
+  part.s_address.addr_type = addr.addrs[0].type;
+  part.s_address.address   = addr.addrs[0].address;
+  part.r_address = NULL;
+
+  len = encode_EncKrbPrivPart (buf + sizeof(buf) - 1, sizeof(buf), &part);
+  if (len < 0)
+    return ASN1_PARSE_ERROR;
+
+  s.pvno = 5;
+  s.msg_type = krb_priv;
+  s.enc_part.etype = ETYPE_DES_CBC_CRC;
+  s.enc_part.kvno = NULL;
+
+  r = krb5_encrypt (context, buf + sizeof(buf) - len, len,
+		    &auth_context->key, &s.enc_part.cipher);
+  if (r)
+    return r;
+
+  len = encode_KRB_PRIV (buf + sizeof(buf) - 1, sizeof(buf), &s);
+  if (len < 0)
+    return ASN1_PARSE_ERROR;
+  outbuf->length = len;
+  outbuf->data   = malloc (len);
+  if (outbuf->data == NULL)
+    return ENOMEM;
+  memcpy (outbuf->data, buf + sizeof(buf) - len, len);
+  return 0;
+}

lib/krb5/rd_priv.c

@@ -0,0 +1,45 @@
+#include <krb5_locl.h>
+
+RCSID("$Id$");
+
+krb5_error_code
+krb5_rd_priv(krb5_context context,
+	     krb5_auth_context auth_context,
+	     const krb5_data *inbuf,
+	     krb5_data *outbuf,
+	     /*krb5_replay_data*/ void *outdata)
+{
+  krb5_error_code r;
+  KRB_PRIV priv;
+  EncKrbPrivPart part;
+  int len;
+  krb5_data plain;
+
+  len = decode_KRB_PRIV (inbuf->data, inbuf->length, &priv);
+  if (len < 0)
+    return ASN1_PARSE_ERROR;
+  if (priv.pvno != 5)
+    return KRB5KRB_AP_ERR_BADVERSION;
+  if (priv.msg_type != krb_safe)
+    return KRB5KRB_AP_ERR_MSG_TYPE;
+
+  r = krb5_decrypt (context,
+		    priv.enc_part.cipher.data,
+		    priv.enc_part.cipher.length,
+		    &auth_context->key,
+		    &plain);
+  if (r)
+    return r;
+
+  len = decode_EncKrbPrivPart (plain.data, plain.length, &part);
+  if (len < 0)
+    return ASN1_PARSE_ERROR;
+
+  r = krb5_data_copy (outbuf, part.user_data.data, part.user_data.length);
+  if (r)
+    return r;
+
+  /* XXX */
+
+  return 0;
+}

lib/krb5/sendauth.c

@@ -0,0 +1,20 @@
+#include "krb5_locl.h"
+
+RCSID("$Id$");
+
+krb5_error_code
+krb5_sendauth(krb5_context context,
+	      krb5_auth_context auth_context,
+	      krb5_pointer fd,
+	      char *appl_version,
+	      krb5_principal client,
+	      krb5_principal server,
+	      krb5_flags ap_req_options,
+	      krb5_data *in_data,
+	      krb5_creds *in_creds,
+	      krb5_ccache ccache,
+	      /*krb5_error*/ void **error,
+	      /*krb5_ap_rep_enc_part*/ void **rep_result,
+	      krb5_creds **out_creds)
+{
+}