Make kdc build on windows

Signed-off-by: Love Hornquist Astrand <lha@h5l.org>

configure.ac

@@ -195,6 +195,9 @@ AM_CONDITIONAL(KRB4, false)
 AM_CONDITIONAL(KRB5, true)
 AM_CONDITIONAL(do_roken_rename, true)
 
+AC_DEFINE(SUPPORT_INETD, 1, [Enable use of inetd style startup.])dnl
+
+
 AC_DEFINE(KRB5, 1, [Enable Kerberos 5 support in applications.])dnl
 AC_SUBST(LIB_kdb)dnl
 

include/config.h.w32

@@ -1362,9 +1362,6 @@ static const char *const rcsid[] = { (const char *)rcsid, "@(#)" msg }
 /* Define if the Unix rand method is not defined */
 #define NO_RAND_UNIX_METHOD 1
 
-/* Define if fd_sets aren't limited to FD_SETSIZE sockets */
-#define NO_LIMIT_FD_SETSIZE 1
-
 /* Define if PID files should not be used. */
 #define NO_PIDFILES 1
 

kadmin/kadm_conn.c

@@ -175,8 +175,10 @@ wait_for_connection(krb5_context context,
     FD_ZERO(&orig_read_set);
 
     for(i = 0; i < num_socks; i++) {
+#ifdef FD_SETSIZE
 	if (socks[i] >= FD_SETSIZE)
 	    errx (1, "fd too large");
+#endif
 	FD_SET(socks[i], &orig_read_set);
 	max_fd = max(max_fd, socks[i]);
     }

kdc/connect.c

@@ -217,7 +217,7 @@ parse_ports(krb5_context context,
  */
 
 struct descr {
-    int s;
+    krb5_socket_t s;
     int type;
     int port;
     unsigned char *buf;
@@ -235,7 +235,7 @@ init_descr(struct descr *d)
 {
     memset(d, 0, sizeof(*d));
     d->sa = (struct sockaddr *)&d->__ss;
-    d->s = -1;
+    d->s = rk_INVALID_SOCKET;
 }
 
 /*
@@ -270,8 +270,8 @@ init_socket(krb5_context context,
     ret = krb5_addr2sockaddr (context, a, sa, &sa_size, port);
     if (ret) {
 	krb5_warn(context, ret, "krb5_addr2sockaddr");
-	close(d->s);
-	d->s = -1;
+	rk_closesocket(d->s);
+	d->s = rk_INVALID_SOCKET;
 	return;
     }
 
@@ -279,9 +279,9 @@ init_socket(krb5_context context,
 	return;
 
     d->s = socket(family, type, 0);
-    if(d->s < 0){
+    if(rk_IS_BAD_SOCKET(d->s)){
 	krb5_warn(context, errno, "socket(%d, %d, 0)", family, type);
-	d->s = -1;
+	d->s = rk_INVALID_SOCKET;
 	return;
     }
 #if defined(HAVE_SETSOCKOPT) && defined(SOL_SOCKET) && defined(SO_REUSEADDR)
@@ -293,24 +293,24 @@ init_socket(krb5_context context,
     d->type = type;
     d->port = port;
 
-    if(bind(d->s, sa, sa_size) < 0){
+    if(rk_IS_SOCKET_ERROR(bind(d->s, sa, sa_size))){
 	char a_str[256];
 	size_t len;
 
 	krb5_print_address (a, a_str, sizeof(a_str), &len);
 	krb5_warn(context, errno, "bind %s/%d", a_str, ntohs(port));
-	close(d->s);
-	d->s = -1;
+	rk_closesocket(d->s);
+	d->s = rk_INVALID_SOCKET;
 	return;
     }
-    if(type == SOCK_STREAM && listen(d->s, SOMAXCONN) < 0){
+    if(type == SOCK_STREAM && rk_IS_SOCKET_ERROR(listen(d->s, SOMAXCONN))){
 	char a_str[256];
 	size_t len;
 
 	krb5_print_address (a, a_str, sizeof(a_str), &len);
 	krb5_warn(context, errno, "listen %s/%d", a_str, ntohs(port));
-	close(d->s);
-	d->s = -1;
+	rk_closesocket(d->s);
+	d->s = rk_INVALID_SOCKET;
 	return;
     }
 }
@@ -348,7 +348,7 @@ init_sockets(krb5_context context,
 	for (j = 0; j < addresses.len; ++j) {
 	    init_socket(context, config, &d[num], &addresses.val[j],
 			ports[i].family, ports[i].type, ports[i].port);
-	    if(d[num].s != -1){
+	    if(d[num].s != rk_INVALID_SOCKET){
 		char a_str[80];
 		size_t len;
 
@@ -423,15 +423,16 @@ send_reply(krb5_context context,
 	l[1] = (reply->length >> 16) & 0xff;
 	l[2] = (reply->length >> 8) & 0xff;
 	l[3] = reply->length & 0xff;
-	if(sendto(d->s, l, sizeof(l), 0, d->sa, d->sock_len) < 0) {
+	if(rk_IS_SOCKET_ERROR(sendto(d->s, l, sizeof(l), 0, d->sa, d->sock_len))) {
 	    kdc_log (context, config,
-		     0, "sendto(%s): %s", d->addr_string, strerror(errno));
+		     0, "sendto(%s): %s", d->addr_string,
+		     strerror(rk_SOCK_ERRNO));
 	    return;
 	}
     }
-    if(sendto(d->s, reply->data, reply->length, 0, d->sa, d->sock_len) < 0) {
-	kdc_log (context, config,
-		 0, "sendto(%s): %s", d->addr_string, strerror(errno));
+    if(rk_IS_SOCKET_ERROR(sendto(d->s, reply->data, reply->length, 0, d->sa, d->sock_len))) {
+	kdc_log (context, config, 0, "sendto(%s): %s", d->addr_string,
+		 strerror(rk_SOCK_ERRNO));
 	return;
     }
 }
@@ -489,9 +490,9 @@ handle_udp(krb5_context context,
 
     d->sock_len = sizeof(d->__ss);
     n = recvfrom(d->s, buf, max_request_udp, 0, d->sa, &d->sock_len);
-    if(n < 0) {
-	krb5_warn(context, errno, "recvfrom");
-    } else {
+    if(rk_IS_SOCKET_ERROR(n))
+	krb5_warn(context, rk_SOCK_ERRNO, "recvfrom");
+    else {
 	addr_to_string (context, d->sa, d->sock_len,
 			d->addr_string, sizeof(d->addr_string));
 	if (n == max_request_udp) {
@@ -523,9 +524,9 @@ clear_descr(struct descr *d)
     if(d->buf)
 	memset(d->buf, 0, d->size);
     d->len = 0;
-    if(d->s != -1)
-	close(d->s);
-    d->s = -1;
+    if(d->s != rk_INVALID_SOCKET)
+	rk_closesocket(d->s);
+    d->s = rk_INVALID_SOCKET;
 }
 
 
@@ -559,23 +560,25 @@ add_new_tcp (krb5_context context,
 	     krb5_kdc_configuration *config,
 	     struct descr *d, int parent, int child)
 {
-    int s;
+    krb5_socket_t s;
 
     if (child == -1)
 	return;
 
     d[child].sock_len = sizeof(d[child].__ss);
     s = accept(d[parent].s, d[child].sa, &d[child].sock_len);
-    if(s < 0) {
-	krb5_warn(context, errno, "accept");
+    if(rk_IS_BAD_SOCKET(s)) {
+	krb5_warn(context, rk_SOCK_ERRNO, "accept");
 	return;
     }
-	
+
+#ifdef FD_SETSIZE
     if (s >= FD_SETSIZE) {
 	krb5_warnx(context, "socket FD too large");
-	close (s);
+	rk_closesocket (s);
 	return;
     }
+#endif
 
     d[child].s = s;
     d[child].timeout = time(NULL) + TCP_TIMEOUT;
@@ -718,14 +721,14 @@ handle_http_tcp (krb5_context context,
 	kdc_log(context, config, 0, "HTTP request from %s is non KDC request", d->addr_string);
 	kdc_log(context, config, 5, "HTTP request: %s", t);
 	free(data);
-	if (write(d->s, proto, strlen(proto)) < 0) {
+	if (rk_IS_SOCKET_ERROR(send(d->s, proto, strlen(proto), 0))) {
 	    kdc_log(context, config, 0, "HTTP write failed: %s: %s",
-		    d->addr_string, strerror(errno));
+		    d->addr_string, strerror(rk_SOCK_ERRNO));
 	    return -1;
 	}
-	if (write(d->s, msg, strlen(msg)) < 0) {
+	if (rk_IS_SOCKET_ERROR(send(d->s, msg, strlen(msg), 0))) {
 	    kdc_log(context, config, 0, "HTTP write failed: %s: %s",
-		    d->addr_string, strerror(errno));
+		    d->addr_string, strerror(rk_SOCK_ERRNO));
 	    return -1;
 	}
 	return -1;
@@ -738,16 +741,16 @@ handle_http_tcp (krb5_context context,
 	    "Pragma: no-cache\r\n"
 	    "Content-type: application/octet-stream\r\n"
 	    "Content-transfer-encoding: binary\r\n\r\n";
-	if (write(d->s, proto, strlen(proto)) < 0) {
+	if (rk_IS_SOCKET_ERROR(send(d->s, proto, strlen(proto), 0))) {
 	    free(data);
 	    kdc_log(context, config, 0, "HTTP write failed: %s: %s",
-		    d->addr_string, strerror(errno));
+		    d->addr_string, strerror(rk_SOCK_ERRNO));
 	    return -1;
 	}
-	if (write(d->s, msg, strlen(msg)) < 0) {
+	if (rk_IS_SOCKET_ERROR(send(d->s, msg, strlen(msg), 0))) {
 	    free(data);
 	    kdc_log(context, config, 0, "HTTP write failed: %s: %s",
-		    d->addr_string, strerror(errno));
+		    d->addr_string, strerror(rk_SOCK_ERRNO));
 	    return -1;
 	}
     }
@@ -778,8 +781,8 @@ handle_tcp(krb5_context context,
     }
 
     n = recvfrom(d[idx].s, buf, sizeof(buf), 0, NULL, NULL);
-    if(n < 0){
-	krb5_warn(context, errno, "recvfrom failed from %s to %s/%d",
+    if(rk_IS_SOCKET_ERROR(n)){
+	krb5_warn(context, rk_SOCK_ERRNO, "recvfrom failed from %s to %s/%d",
 		  d[idx].addr_string, descr_type(d + idx),
 		  ntohs(d[idx].port));
 	return;
@@ -865,7 +868,7 @@ loop(krb5_context context,
 
 	FD_ZERO(&fds);
 	for(i = 0; i < ndescr; i++) {
-	    if(d[i].s >= 0){
+	    if(!rk_IS_BAD_SOCKET(d[i].s)){
 		if(d[i].type == SOCK_STREAM &&
 		   d[i].timeout && d[i].timeout < time(NULL)) {
 		    kdc_log(context, config, 1,
@@ -876,8 +879,10 @@ loop(krb5_context context,
 		}
 		if(max_fd < d[i].s)
 		    max_fd = d[i].s;
+#ifdef FD_SETSIZE
 		if (max_fd >= FD_SETSIZE)
 		    krb5_errx(context, 1, "fd too large");
+#endif
 		FD_SET(d[i].s, &fds);
 	    } else if(min_free < 0 || i < min_free)
 		min_free = i;
@@ -905,11 +910,11 @@ loop(krb5_context context,
 	    break;
 	case -1:
 	    if (errno != EINTR)
-		krb5_warn(context, errno, "select");
+		krb5_warn(context, rk_SOCK_ERRNO, "select");
 	    break;
 	default:
 	    for(i = 0; i < ndescr; i++)
-		if(d[i].s >= 0 && FD_ISSET(d[i].s, &fds)) {
+		if(!rk_IS_BAD_SOCKET(d[i].s) && FD_ISSET(d[i].s, &fds)) {
 		    if(d[i].type == SOCK_DGRAM)
 			handle_udp(context, config, &d[i]);
 		    else if(d[i].type == SOCK_STREAM)
@@ -917,8 +922,11 @@ loop(krb5_context context,
 		}
 	}
     }
-    if(exit_flag == SIGXCPU)
+    if (0);
+#ifdef SIGXCPU
+    else if(exit_flag == SIGXCPU)
 	kdc_log(context, config, 0, "CPU time limit exceeded");
+#endif
     else if(exit_flag == SIGINT || exit_flag == SIGTERM)
 	kdc_log(context, config, 0, "Terminated");
     else

kdc/hprop.c

@@ -131,6 +131,7 @@ v5_prop(krb5_context context, HDB *db, hdb_entry_ex *entry, void *appdata)
     return ret;
 }
 
+#ifdef KRB4
 int
 v4_prop(void *arg, struct v4_principal *p)
 {
@@ -255,6 +256,7 @@ v4_prop(void *arg, struct v4_principal *p)
     hdb_free_entry(pd->context, &ent);
     return ret;
 }
+#endif
 
 #include "kadb.h"
 
@@ -277,6 +279,8 @@ read_block(krb5_context context, int fd, int32_t pos, void *buf, size_t len)
 	krb5_errx(context, 1, "read(%lu) = %u", (unsigned long)len, ret);
 }
 
+#ifdef KRB4
+
 static int
 ka_convert(struct prop_data *pd, int fd, struct ka_entry *ent)
 {
@@ -405,7 +409,7 @@ ka_dump(struct prop_data *pd, const char *file)
     }
     return 0;
 }
-
+#endif	/* KRB4 */
 
 
 struct getargs args[] = {
@@ -414,13 +418,19 @@ struct getargs args[] = {
     { "source",   0,	arg_string, &source_type, "type of database to read",
       "heimdal"
       "|mit-dump"
+#ifdef KRB4
       "|krb4-dump"
       "|kaserver"
+#endif
     },
 
+#ifdef KRB4
     { "v4-realm", 'r',  arg_string, &v4_realm, "v4 realm to use" },
+#endif
     { "cell",	  'c',  arg_string, &afs_cell, "name of AFS cell" },
+#ifdef KRB4
     { "kaspecials", 'S', arg_flag,   &kaspecials_flag, "dump KASPECIAL keys"},
+#endif
     { "keytab",   'k',	arg_string, &ktname, "keytab to use for authentication", "keytab" },
     { "v5-realm", 'R',  arg_string, &local_realm, "v5 realm to use" },
     { "decrypt",  'D',  arg_flag,   &decrypt_flag,   "decrypt keys" },
@@ -526,6 +536,7 @@ iterate (krb5_context context,
     int ret;
 
     switch(type) {
+#ifdef KRB4
     case HPROP_KRB4_DUMP:
 	ret = v4_prop_dump(pd, database_name);
 	if(ret)
@@ -536,6 +547,7 @@ iterate (krb5_context context,
 	if(ret)
 	    krb5_warn(context, ret, "ka_dump");
 	break;
+#endif
     case HPROP_MIT_DUMP:
 	ret = mit_prop_dump(pd, database_name);
 	if (ret)

kdc/hpropd.c

@@ -48,8 +48,10 @@ struct getargs args[] = {
     { "database", 'd', arg_string, &database, "database", "file" },
     { "stdin",    'n', arg_flag, &from_stdin, "read from stdin" },
     { "print",	    0, arg_flag, &print_dump, "print dump to stdout" },
+#ifdef SUPPORT_INETD
     { "inetd",	   'i',	arg_negative_flag,	&inetd_flag,
       "Not started from inetd" },
+#endif
     { "keytab",   'k',	arg_string, &ktname,	"keytab to use for authentication", "keytab" },
     { "realm",   'r',	arg_string, &local_realm, "realm to use" },
     { "version",    0, arg_flag, &version_flag, NULL, NULL },
@@ -74,7 +76,7 @@ main(int argc, char **argv)
     krb5_principal c1, c2;
     krb5_authenticator authent;
     krb5_keytab keytab;
-    int fd;
+    krb5_socket_t sock = rk_INVALID_SOCKET;
     HDB *db = NULL;
     int optidx = 0;
     char *tmp_db;
@@ -114,9 +116,9 @@ main(int argc, char **argv)
     if (database == NULL)
 	database = hdb_default_db(context);
 
-    if(from_stdin)
-	fd = STDIN_FILENO;
-    else {
+    if(from_stdin) {
+	sock = STDIN_FILENO;
+    } else {
 	struct sockaddr_storage ss;
 	struct sockaddr *sa = (struct sockaddr *)&ss;
 	socklen_t sin_len = sizeof(ss);
@@ -124,19 +126,24 @@ main(int argc, char **argv)
 	krb5_ticket *ticket;
 	char *server;
 
-	fd = STDIN_FILENO;
+	sock = STDIN_FILENO;
+#ifdef SUPPORT_INETD
 	if (inetd_flag == -1) {
-	    if (getpeername (fd, sa, &sin_len) < 0)
+	    if (getpeername (sock, sa, &sin_len) < 0) {
 		inetd_flag = 0;
-	    else
+	    } else {
 		inetd_flag = 1;
+	    }
 	}
+#else
+	inetd_flag = 0;
+#endif
 	if (!inetd_flag) {
 	    mini_inetd (krb5_getportbyname (context, "hprop", "tcp",
-					    HPROP_PORT), NULL);
+					    HPROP_PORT), &sock);
 	}
 	sin_len = sizeof(ss);
-	if(getpeername(fd, sa, &sin_len) < 0)
+	if(getpeername(sock, sa, &sin_len) < 0)
 	    krb5_err(context, 1, errno, "getpeername");
 
 	if (inet_ntop(sa->sa_family,
@@ -162,7 +169,7 @@ main(int argc, char **argv)
 		krb5_err (context, 1, ret, "krb5_kt_default");
 	}
 
-	ret = krb5_recvauth(context, &ac, &fd, HPROP_VERSION, NULL,
+	ret = krb5_recvauth(context, &ac, &sock, HPROP_VERSION, NULL,
 			    0, keytab, &ticket);
 	if(ret)
 	    krb5_err(context, 1, ret, "krb5_recvauth");
@@ -179,7 +186,7 @@ main(int argc, char **argv)
 	ret = krb5_auth_con_getauthenticator(context, ac, &authent);
 	if(ret)
 	    krb5_err(context, 1, ret, "krb5_auth_con_getauthenticator");
-	
+
 	ret = krb5_make_principal(context, &c1, NULL, "kadmin", "hprop", NULL);
 	if(ret)
 	    krb5_err(context, 1, ret, "krb5_make_principal");
@@ -217,11 +224,11 @@ main(int argc, char **argv)
 	hdb_entry_ex entry;
 
 	if(from_stdin) {
-	    ret = krb5_read_message(context, &fd, &data);
+	    ret = krb5_read_message(context, &sock, &data);
 	    if(ret != 0 && ret != HEIM_ERR_EOF)
 		krb5_err(context, 1, ret, "krb5_read_message");
 	} else {
-	    ret = krb5_read_priv_message(context, ac, &fd, &data);
+	    ret = krb5_read_priv_message(context, ac, &sock, &data);
 	    if(ret)
 		krb5_err(context, 1, ret, "krb5_read_priv_message");
 	}
@@ -230,7 +237,7 @@ main(int argc, char **argv)
 	    if(!from_stdin) {
 		data.data = NULL;
 		data.length = 0;
-		krb5_write_priv_message(context, ac, &fd, &data);
+		krb5_write_priv_message(context, ac, &sock, &data);
 	    }
 	    if(!print_dump) {
 		ret = db->hdb_rename(context, db, database);
@@ -267,5 +274,9 @@ main(int argc, char **argv)
     }
     if (!print_dump)
 	krb5_log(context, fac, 0, "Received %d principals", nprincs);
+
+    if (inetd_flag == 0)
+	rk_closesocket(sock);
+
     exit(0);
 }

kdc/kstash.c

@@ -144,13 +144,19 @@ main(int argc, char **argv)
 	if(ret)
 	    unlink(new);
 	else {
+#ifndef NO_POSIX_LINKS
 	    unlink(old);
 	    if(link(keyfile, old) < 0 && errno != ENOENT) {
 		ret = errno;
 		unlink(new);
-	    } else if(rename(new, keyfile) < 0) {
-		ret = errno;
+	    } else {
+#endif
+		if(rename(new, keyfile) < 0) {
+		    ret = errno;
+		}
+#ifndef NO_POSIX_LINKS
 	    }
+#endif
 	}
     out:
 	free(old);

kdc/libkdc-exports.def

@@ -0,0 +1,12 @@
+EXPORTS
+	kdc_log
+	kdc_log_msg
+	kdc_log_msg_va
+	kdc_openlog
+	krb5_kdc_windc_init
+	krb5_kdc_get_config
+	krb5_kdc_set_dbinfo
+	krb5_kdc_process_krb5_request
+	krb5_kdc_process_request
+	krb5_kdc_save_request
+	krb5_kdc_update_time

kdc/main.c

@@ -64,6 +64,7 @@ sigterm(int sig)
 static void
 switch_environment(void)
 {
+#ifdef HAVE_GETEUID
     if ((runas_string || chroot_string) && geteuid() != 0)
 	errx(1, "no running as root, can't switch user/chroot");
 
@@ -86,6 +87,7 @@ switch_environment(void)
 	if (setuid(pw->pw_uid) < 0)
 	    err(1, "setuid(%s)", runas_string);
     }
+#endif
 }
 
 
@@ -120,17 +122,25 @@ main(int argc, char **argv)
 
 	sigaction(SIGINT, &sa, NULL);
 	sigaction(SIGTERM, &sa, NULL);
+#ifdef SIGXCPU
 	sigaction(SIGXCPU, &sa, NULL);
+#endif
 
 	sa.sa_handler = SIG_IGN;
+#ifdef SIGPIPE
 	sigaction(SIGPIPE, &sa, NULL);
+#endif
     }
 #else
     signal(SIGINT, sigterm);
     signal(SIGTERM, sigterm);
+#ifdef SIGXCPU
     signal(SIGXCPU, sigterm);
+#endif
+#ifdef SIGPIPE
     signal(SIGPIPE, SIG_IGN);
 #endif
+#endif
 #ifdef SUPPORT_DETACH
     if (detach_from_console)
 	daemon(0, 0);

lib/roken/mini_inetd.c

@@ -124,7 +124,7 @@ mini_inetd_addrinfo (struct addrinfo *ai, rk_socket_t *ret_socket)
 	    fds[i] = rk_INVALID_SOCKET;
 	    continue;
 	}
-#ifndef NO_LIMIT_FD_SETSIZE
+#ifdef FD_SETSIZE
 	if (fds[i] >= FD_SETSIZE)
 	    errx (1, "fd too large");
 #endif