oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

New drop with windows code from Secure Endpoints/Asanka

Browse Source
This commit is contained in:
Love Hornquist Astrand
2010-09-14 10:08:03 -07:00
parent a37554cc27 079cbf7a1a
commit d05098b950
45 changed files with 2533 additions and 2095 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
NTMakefile
View File

@@ -2,19 +2,19 @@
# #
# Copyright (c) 2009, Secure Endpoints Inc. # Copyright (c) 2009, Secure Endpoints Inc.
# All rights reserved. # All rights reserved.
# #
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions # modification, are permitted provided that the following conditions
# are met: # are met:
# #
# - Redistributions of source code must retain the above copyright # - Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer. # notice, this list of conditions and the following disclaimer.
# #
# - Redistributions in binary form must reproduce the above copyright # - Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in # notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the # the documentation and/or other materials provided with the
# distribution. # distribution.
# #
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT # "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS # LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
@@ -27,9 +27,14 @@
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE. # POSSIBILITY OF SUCH DAMAGE.
# #
SUBDIRS = include lib kuser kdc admin kadmin kpasswd appl doc tools tests packages etc !if exist(thirdparty/NTMakefile)
thirdparty=thirdparty
!endif
SUBDIRS = include lib kuser kdc admin kadmin kpasswd appl doc \
tools tests packages etc $(thirdparty)
!include windows/NTMakefile.w32 !include windows/NTMakefile.w32

10
cf/w32-list-externs-from-objs.pl
View File

@@ -17,8 +17,8 @@ sub dump_symbols_for_file($)
while (<SP>) { while (<SP>) {
# 008 00000000 SECT3 notype () External | _encode_AccessDescription # 008 00000000 SECT3 notype () External | _encode_AccessDescription
/^[[:xdigit:]]{3,}\s[[:xdigit:]]{8,}\s(\w+)\s+\w*\s+(?:\(\)| )\s+(\w+)\s+\|\s+(\w+)$/ && do { /^[[:xdigit:]]{3,}\s[[:xdigit:]]{8,}\s(\w+)\s+\w*\s+(\(\)| )\s+(\w+)\s+\|\s+([0-9a-zA-Z\@\_]+)$/ && do {
my ($section, $visibility, $symbol) = ($1, $2, $3); my ($section, $type, $visibility, $symbol) = ($1, $2, $3, $4);
if ($section ne "UNDEF" && $visibility eq "External") { if ($section ne "UNDEF" && $visibility eq "External") {
print $fn if $show_module_name; print $fn if $show_module_name;
@@ -27,7 +27,13 @@ sub dump_symbols_for_file($)
if ($strip_leading_underscore && $symbol =~ /_(.*)/) { if ($strip_leading_underscore && $symbol =~ /_(.*)/) {
$symbol = $1; $symbol = $1;
} }
if ($strip_leading_underscore && $symbol =~ /(.*)\@.*$/) {
$symbol = $1;
}
print $symbol; print $symbol;
if ($type ne "()") {
print "\tDATA";
}
print "\n"; print "\n";
} }
}; };

2
include/NTMakefile
View File

@@ -59,6 +59,7 @@ while(<>) {
if ("$(KRB5)") { print "#define KRB5 1\n"; } if ("$(KRB5)") { print "#define KRB5 1\n"; }
if ("$(KRB4)") { print "#define KRB4 1\n"; } if ("$(KRB4)") { print "#define KRB4 1\n"; }
if ("$(WEAK_CRYPTO)") { print "#define HEIM_WEAK_CRYPTO 1\n"; }
if ("$(PKINIT)") { print "#define PKINIT 1\n"; } if ("$(PKINIT)") { print "#define PKINIT 1\n"; }
if ("$(NO_AFS)") { print "#define NO_AFS 1\n"; } if ("$(NO_AFS)") { print "#define NO_AFS 1\n"; }
if ("$(OPENLDAP)") { print "#define OPENLDAP 1\n"; } if ("$(OPENLDAP)") { print "#define OPENLDAP 1\n"; }
@@ -74,6 +75,7 @@ while(<>) {
if ("$(HAVE_KCM)") { print "#define HAVE_KCM 1\n"; } if ("$(HAVE_KCM)") { print "#define HAVE_KCM 1\n"; }
if ("$(HAVE_SCC)") { print "#define HAVE_SCC 1\n"; } if ("$(HAVE_SCC)") { print "#define HAVE_SCC 1\n"; }
if ("$(DIR_hdbdir)") { print "#define HDB_DB_DIR \"".'$(DIR_hdbdir)'."\"\n"; } if ("$(DIR_hdbdir)") { print "#define HDB_DB_DIR \"".'$(DIR_hdbdir)'."\"\n"; }
if ("$(HAVE_MSLSA_CACHE)") { print "#define HAVE_MSLSA_CACHE 1\n"; }
} elsif (m/\@VERSION_OPTDEFS\@/) { } elsif (m/\@VERSION_OPTDEFS\@/) {

5
kuser/klist.c
View File

@@ -248,9 +248,12 @@ print_tickets (krb5_context context,
} }
free (str); free (str);
if(do_verbose) if(do_verbose) {
printf ("%17s: %d\n", N_("Cache version", ""), printf ("%17s: %d\n", N_("Cache version", ""),
krb5_cc_get_version(context, ccache)); krb5_cc_get_version(context, ccache));
} else {
krb5_cc_set_flags(context, ccache, KRB5_TC_NOTICKET);
}
ret = krb5_cc_get_kdc_offset(context, ccache, &sec); ret = krb5_cc_get_kdc_offset(context, ccache, &sec);

13
lib/asn1/check-common.c
View File

@@ -44,6 +44,7 @@
#include <err.h> #include <err.h>
#include <roken.h> #include <roken.h>
#include "asn1-common.h"
#include "check-common.h" #include "check-common.h"
RCSID("$Id$"); RCSID("$Id$");
@@ -195,12 +196,12 @@ int
generic_test (const struct test_case *tests, generic_test (const struct test_case *tests,
unsigned ntests, unsigned ntests,
size_t data_size, size_t data_size,
int (*encode)(unsigned char *, size_t, void *, size_t *), int (ASN1CALL *encode)(unsigned char *, size_t, void *, size_t *),
int (*length)(void *), int (ASN1CALL *length)(void *),
int (*decode)(unsigned char *, size_t, void *, size_t *), int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *),
int (*free_data)(void *), int (ASN1CALL *free_data)(void *),
int (*cmp)(void *a, void *b), int (*cmp)(void *a, void *b),
int (*copy)(const void *from, void *to)) int (ASN1CALL *copy)(const void *from, void *to))
{ {
unsigned char *buf, *buf2; unsigned char *buf, *buf2;
int i; int i;
@@ -353,7 +354,7 @@ int
generic_decode_fail (const struct test_case *tests, generic_decode_fail (const struct test_case *tests,
unsigned ntests, unsigned ntests,
size_t data_size, size_t data_size,
int (*decode)(unsigned char *, size_t, void *, size_t *)) int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *))
{ {
unsigned char *buf; unsigned char *buf;
int i; int i;

22
lib/asn1/check-common.h
View File

@@ -40,28 +40,28 @@ struct test_case {
char *name; char *name;
}; };
typedef int (*generic_encode)(unsigned char *, size_t, void *, size_t *); typedef int (ASN1CALL *generic_encode)(unsigned char *, size_t, void *, size_t *);
typedef int (*generic_length)(void *); typedef int (ASN1CALL *generic_length)(void *);
typedef int (*generic_decode)(unsigned char *, size_t, void *, size_t *); typedef int (ASN1CALL *generic_decode)(unsigned char *, size_t, void *, size_t *);
typedef int (*generic_free)(void *); typedef int (ASN1CALL *generic_free)(void *);
typedef int (*generic_copy)(const void *, void *); typedef int (ASN1CALL *generic_copy)(const void *, void *);
int int
generic_test (const struct test_case *tests, generic_test (const struct test_case *tests,
unsigned ntests, unsigned ntests,
size_t data_size, size_t data_size,
int (*encode)(unsigned char *, size_t, void *, size_t *), int (ASN1CALL *encode)(unsigned char *, size_t, void *, size_t *),
int (*length)(void *), int (ASN1CALL *length)(void *),
int (*decode)(unsigned char *, size_t, void *, size_t *), int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *),
int (*free_data)(void *), int (ASN1CALL *free_data)(void *),
int (*cmp)(void *a, void *b), int (*cmp)(void *a, void *b),
int (*copy)(const void *a, void *b)); int (ASN1CALL *copy)(const void *a, void *b));
int int
generic_decode_fail(const struct test_case *tests, generic_decode_fail(const struct test_case *tests,
unsigned ntests, unsigned ntests,
size_t data_size, size_t data_size,
int (*decode)(unsigned char *, size_t, void *, size_t *)); int (ASN1CALL *decode)(unsigned char *, size_t, void *, size_t *));
struct map_page; struct map_page;

2
lib/asn1/gen.c
View File

@@ -451,7 +451,7 @@ generate_constant (const Symbol *s)
fprintf (headerfile, "} */\n"); fprintf (headerfile, "} */\n");
fprintf (headerfile, fprintf (headerfile,
"extern const heim_oid asn1_oid_%s;\n" "extern ASN1EXP const heim_oid asn1_oid_%s;\n"
"#define ASN1_OID_%s (&asn1_oid_%s)\n\n", "#define ASN1_OID_%s (&asn1_oid_%s)\n\n",
s->gen_name, s->gen_name,
gen_upper, gen_upper,

2872
lib/asn1/libasn1-exports.def
View File

File diff suppressed because it is too large Load Diff

8
lib/gssapi/libgssapi-exports.def
View File

@@ -3,7 +3,8 @@ EXPORTS
__gss_ntlm_mechanism_oid_desc __gss_ntlm_mechanism_oid_desc
__gss_spnego_mechanism_oid_desc __gss_spnego_mechanism_oid_desc
__gss_sasl_digest_md5_mechanism_oid_desc __gss_sasl_digest_md5_mechanism_oid_desc
__gss_c_nt_anonymous_oid_desc __gss_c_nt_anonymous_oid_desc ;!
;! __gss_c_nt_anonymous
__gss_c_nt_export_name_oid_desc __gss_c_nt_export_name_oid_desc
__gss_c_nt_hostbased_service_oid_desc __gss_c_nt_hostbased_service_oid_desc
__gss_c_nt_hostbased_service_x_oid_desc __gss_c_nt_hostbased_service_x_oid_desc
@@ -31,9 +32,11 @@ EXPORTS
gss_duplicate_name gss_duplicate_name
gss_duplicate_oid gss_duplicate_oid
gss_encapsulate_token gss_encapsulate_token
gss_export_cred
gss_export_name gss_export_name
gss_export_sec_context gss_export_sec_context
gss_get_mic gss_get_mic
gss_import_cred
gss_import_name gss_import_name
gss_import_sec_context gss_import_sec_context
gss_indicate_mechs gss_indicate_mechs
@@ -44,8 +47,7 @@ EXPORTS
gss_inquire_cred_by_oid gss_inquire_cred_by_oid
gss_inquire_mechs_for_name gss_inquire_mechs_for_name
gss_inquire_names_for_mech gss_inquire_names_for_mech
gss_inquire_sec_context_by_oid gss_inquire_sec_context_by_oid ;!
gss_inquire_sec_context_by_oid
gss_krb5_ccache_name gss_krb5_ccache_name
gss_krb5_copy_ccache gss_krb5_copy_ccache
gss_krb5_export_lucid_sec_context gss_krb5_export_lucid_sec_context

2
lib/hcrypto/NTMakefile
View File

@@ -196,7 +196,7 @@ $(OBJ)\test_engine_dso.exe: $(OBJ)\test_engine_dso.obj $(LIBHEIMDAL) $(LIBROKEN)
$(EXECONLINK) $(EXECONLINK)
$(EXEPREP_NODIST) $(EXEPREP_NODIST)
$(OBJ)\test_hmac.exe: $(OBJ)\test_hmac.obj $(LIBHEIMDAL) $(OBJ)\test_hmac.exe: $(OBJ)\test_hmac.obj $(LIBHEIMDAL) $(LIBROKEN)
$(EXECONLINK) $(EXECONLINK)
$(EXEPREP_NODIST) $(EXEPREP_NODIST)

6
lib/hcrypto/libhcrypto-exports.def
View File

@@ -1,5 +1,6 @@
EXPORTS EXPORTS
hc_AES_cbc_encrypt hc_AES_cbc_encrypt
hc_AES_cfb8_encrypt
hc_AES_decrypt hc_AES_decrypt
hc_AES_decrypt_key hc_AES_decrypt_key
hc_BN_CTX_end hc_BN_CTX_end
@@ -67,7 +68,7 @@ EXPORTS
hc_DH_get_ex_data hc_DH_get_ex_data
hc_DH_imath_method hc_DH_imath_method
hc_DH_ltm_method hc_DH_ltm_method
; hc_DH_gmp_method ;! hc_DH_gmp_method
hc_DH_new hc_DH_new
hc_DH_new_method hc_DH_new_method
hc_DH_null_method hc_DH_null_method
@@ -246,7 +247,7 @@ EXPORTS
hc_RSA_get_default_method hc_RSA_get_default_method
hc_RSA_get_method hc_RSA_get_method
hc_RSA_imath_method hc_RSA_imath_method
hc_RSA_ltm_method hc_RSA_ltm_method ;!
hc_RSA_new hc_RSA_new
hc_RSA_new_method hc_RSA_new_method
hc_RSA_null_method hc_RSA_null_method
@@ -268,6 +269,7 @@ EXPORTS
hc_SHA256_Init hc_SHA256_Init
hc_SHA256_Update hc_SHA256_Update
hc_UI_UTIL_read_pw_string hc_UI_UTIL_read_pw_string
hc_i2d_DHparams
hc_d2i_RSAPrivateKey hc_d2i_RSAPrivateKey
hc_i2d_RSAPrivateKey hc_i2d_RSAPrivateKey
hc_i2d_RSAPublicKey hc_i2d_RSAPublicKey

1144
lib/hcrypto/libtommath/libtommath.dsp
View File

File diff suppressed because it is too large Load Diff

24
lib/hcrypto/libtommath/logs/README
View File

@@ -1,13 +1,13 @@
To use the pretty graphs you have to first build/run the ltmtest from the root directory of the package. To use the pretty graphs you have to first build/run the ltmtest from the root directory of the package.
Todo this type Todo this type
make timing ; ltmtest make timing ; ltmtest
in the root. It will run for a while [about ten minutes on most PCs] and produce a series of .log files in logs/. in the root. It will run for a while [about ten minutes on most PCs] and produce a series of .log files in logs/.
After doing that run "gnuplot graphs.dem" to make the PNGs. If you managed todo that all so far just open index.html to view After doing that run "gnuplot graphs.dem" to make the PNGs. If you managed todo that all so far just open index.html to view
them all :-) them all :-)
Have fun Have fun
Tom Tom

4
lib/hcrypto/test_crypto.in
View File

@@ -60,6 +60,8 @@ for a in unix fortuna egd w32crypto ;do
${rand} --method=${a} --file=crypto-test 2>error ${rand} --method=${a} --file=crypto-test 2>error
res=$? res=$?
if test "X$res" != X0 ; then if test "X$res" != X0 ; then
grep "unknown method" error && \
{ echo "random $a is not available" ; continue; }
grep "random not ready yet" error || \ grep "random not ready yet" error || \
{ echo "random $a ready failing" ; cat error; exit 1; } { echo "random $a ready failing" ; cat error; exit 1; }
echo "random method $a out for lunch" echo "random method $a out for lunch"
@@ -101,6 +103,8 @@ if [ -e /dev/random -o -e /dev/urandom -o -e /dev/srandom -o -e /dev/arandom ] ;
${rand} --method=unix --file=unix 2>error ${rand} --method=unix --file=unix 2>error
res=$? res=$?
if test "X$res" != X0 ; then if test "X$res" != X0 ; then
grep "unknown method" error && \
{ echo "random unix is not available"; exit 0; }
grep "random not ready yet" error || \ grep "random not ready yet" error || \
{ echo "random unix ready failing" ; cat error; exit 1; } { echo "random unix ready failing" ; cat error; exit 1; }
echo "random method unix out for lunch" echo "random method unix out for lunch"

2
lib/hcrypto/test_rand.c
View File

@@ -132,7 +132,7 @@ main(int argc, char **argv)
RAND_set_rand_method(RAND_w32crypto_method()); RAND_set_rand_method(RAND_w32crypto_method());
#endif #endif
else else
errx(0, "unknown method %s", rand_method); errx(1, "unknown method %s", rand_method);
} }
if (RAND_file_name(path, sizeof(path)) == NULL) if (RAND_file_name(path, sizeof(path)) == NULL)

1
lib/hdb/NTMakefile
View File

@@ -176,7 +176,6 @@ $(OBJ)\test_hdbkeys.exe: $(OBJ)\test_hdbkeys.obj $(LIBHDB) $(LIBHEIMDAL) $(LIBRO
test-run: test-run:
cd $(OBJ) cd $(OBJ)
test_dbinfo.exe test_dbinfo.exe
test_hdbkeys.exe
cd $(SRCDIR) cd $(SRCDIR)
!ifdef OPENLDAP_INC !ifdef OPENLDAP_INC

25
lib/hdb/libhdb-exports.def
View File

@@ -41,6 +41,7 @@ EXPORTS
hdb_generate_key_set_password hdb_generate_key_set_password
hdb_get_dbinfo hdb_get_dbinfo
hdb_init_db hdb_init_db
hdb_interface_version DATA
hdb_key2principal hdb_key2principal
hdb_list_builtin hdb_list_builtin
hdb_lock hdb_lock
@@ -65,31 +66,35 @@ EXPORTS
hdb_value2entry_alias hdb_value2entry_alias
hdb_write_master_key hdb_write_master_key
length_hdb_keyset length_hdb_keyset
initialize_hdb_error_table_r
hdb_kt_ops hdb_kt_ops
; some random bits needed for libkadm ; some random bits needed for libkadm
HDBFlags2int
asn1_HDBFlags_units
copy_Event copy_Event
copy_HDB_extensions copy_HDB_extensions
copy_Key copy_Key
copy_Salt copy_Salt
decode_HDB_Ext_Aliases
decode_HDB_Ext_PKINIT_acl
decode_HDB_extension decode_HDB_extension
decode_Key
encode_HDB_Ext_Aliases encode_HDB_Ext_Aliases
encode_HDB_Ext_PKINIT_acl
encode_HDB_extension
encode_Key
free_Event free_Event
free_HDB_Ext_Aliases
free_HDB_Ext_PKINIT_acl
free_HDB_extension free_HDB_extension
free_HDB_extensions free_HDB_extensions
free_Key free_Key
free_Salt
free_hdb_entry free_hdb_entry
asn1_HDBFlags_units
HDBFlags2int
int2HDBFlags int2HDBFlags
length_HDB_Ext_Aliases length_HDB_Ext_Aliases
decode_HDB_Ext_PKINIT_acl
free_HDB_Ext_PKINIT_acl
decode_HDB_Ext_Aliases
free_HDB_Ext_Aliases
length_HDB_extension
encode_HDB_extension
length_HDB_Ext_PKINIT_acl length_HDB_Ext_PKINIT_acl
encode_HDB_Ext_PKINIT_acl length_HDB_extension
length_Key

16
lib/hx509/NTMakefile
View File

@@ -195,7 +195,7 @@ $(OBJ)\hxtool-commands.c $(OBJ)\hxtool-commands.h: hxtool-commands.in $(SLC)
$(SLC) hxtool-commands.in $(SLC) hxtool-commands.in
cd $(SRCDIR) cd $(SRCDIR)
$(BINDIR)\hxtool.exe: $(OBJ)\hxtool.obj $(OBJ)\hxtool-commands.obj $(LIBHEIMDAL) $(OBJ)\hxtool-version.res $(BINDIR)\hxtool.exe: $(OBJ)\tool\hxtool.obj $(OBJ)\tool\hxtool-commands.obj $(LIBHEIMDAL) $(OBJ)\hxtool-version.res
$(EXECONLINK) $(LIBHEIMDAL) $(LIBROKEN) $(LIBSL) $(LIBVERS) $(LIBCOMERR) $(EXECONLINK) $(LIBHEIMDAL) $(LIBROKEN) $(LIBSL) $(LIBVERS) $(LIBCOMERR)
$(EXEPREP) $(EXEPREP)
@@ -228,7 +228,21 @@ $(OBJ)\sel-lex.c: sel-lex.l
all:: $(INCFILES) $(LIBHX509) all:: $(INCFILES) $(LIBHX509)
prep:: mktooldir
mktooldir:
! if !exist($(OBJ)\tool)
$(MKDIR) $(OBJ)\tool
! endif
all-tools:: $(BINDIR)\hxtool.exe all-tools:: $(BINDIR)\hxtool.exe
clean:: clean::
-$(RM) $(BINDIR)\hxtool.exe -$(RM) $(BINDIR)\hxtool.exe
-$(RM) $(OBJ)\tool\*.*
{}.c{$(OBJ)\tool}.obj::
$(C2OBJ_C) /Fd$(OBJ)\tool\ /Fo$(OBJ)\tool\ /MP /UASN1_LIB $<
{$(OBJ)}.c{$(OBJ)\tool}.obj::
$(C2OBJ_C) /Fd$(OBJ)\tool\ /Fo$(OBJ)\tool\ /MP /UASN1_LIB $<

15
lib/kadm5/NTMakefile
View File

@@ -237,12 +237,21 @@ test-binaries: \
$(OBJ)\test_pw_quality.exe \ $(OBJ)\test_pw_quality.exe \
$(OBJ)\sample_passwd_check.dll $(OBJ)\sample_passwd_check.dll
$(OBJ)\default_keys.exe: $(OBJ)\default_keys.obj $(OBJ)\default_keys.exe: $(OBJ)\default_keys.obj $(LIBHEIMDAL) $(LIBROKEN) $(LIBHDB)
$(EXECONLINK) $(EXECONLINK)
$(EXEPREP_NODIST) $(EXEPREP_NODIST)
$(OBJ)\sample_passwd_check.dll: $(OBJ)\sample_passwd_check.obj $(OBJ)\test_pw_quality.exe: $(OBJ)\test_pw_quality.obj \
$(DLLGUILINK) #TODO: Define exports $(LIBROKEN) $(LIBKADM5SRV) $(LIBVERS) $(LIBHEIMDAL)
$(EXECONLINK)
$(EXEPREP_NODIST)
$(OBJ)\sample_passwd_check.dll: $(OBJ)\sample_passwd_check.obj $(LIBHEIMDAL)
$(DLLGUILINK) /DEF:<<
EXPORTS
version DATA
check_length
<<
$(DLLPREP_NODIST) $(DLLPREP_NODIST)
test-run: test-run:

8
lib/kadm5/libkadm5srv-exports.def
View File

@@ -1,6 +1,6 @@
EXPORTS EXPORTS
; kadm5_ad_init_with_password ;! kadm5_ad_init_with_password
; kadm5_ad_init_with_password_ctx ;! kadm5_ad_init_with_password_ctx
kadm5_add_passwd_quality_verifier kadm5_add_passwd_quality_verifier
kadm5_check_password_quality kadm5_check_password_quality
kadm5_chpass_principal kadm5_chpass_principal
@@ -41,8 +41,8 @@ EXPORTS
kadm5_s_init_with_creds kadm5_s_init_with_creds
kadm5_s_chpass_principal_cond kadm5_s_chpass_principal_cond
kadm5_log_set_version kadm5_log_set_version
; kadm5_log_signal_socket ;! kadm5_log_signal_socket
kadm5_log_signal_socket_info kadm5_log_signal_socket_info ;!
kadm5_log_previous kadm5_log_previous
kadm5_log_goto_end kadm5_log_goto_end
kadm5_log_foreach kadm5_log_foreach

17
lib/krb5/NTMakefile
View File

@@ -264,6 +264,14 @@ dist_libkrb5_la_SOURCES = \
warn.c \ warn.c \
write_message.c write_message.c
!ifdef HAVE_MSLSA_CACHE
libkrb5_OBJS=$(libkrb5_OBJS) \
$(OBJ)\lsacache.obj
dist_libkrb5_la_SOURCES=$(dist_libkrb5_la_SOURCES) \
lsacache.c
!endif
$(OBJ)\krb5-protos.h: $(dist_libkrb5_la_SOURCES) $(OBJ)\krb5-protos.h: $(dist_libkrb5_la_SOURCES)
$(PERL) ..\..\cf\make-proto.pl -E KRB5_LIB -q -P remove -o $(OBJ)\krb5-protos.h $(dist_libkrb5_la_SOURCES) || $(RM) -f krb5-protos.h $(PERL) ..\..\cf\make-proto.pl -E KRB5_LIB -q -P remove -o $(OBJ)\krb5-protos.h $(dist_libkrb5_la_SOURCES) || $(RM) -f krb5-protos.h
@@ -309,6 +317,9 @@ all:: $(OBJ)\libkrb5-exports.def
clean:: clean::
-$(RM) $(OBJ)\libkrb5-exports.def -$(RM) $(OBJ)\libkrb5-exports.def
#----------------------------------------------------------------------
# Tools
all-tools:: $(BINDIR)\verify_krb5_conf.exe all-tools:: $(BINDIR)\verify_krb5_conf.exe
clean:: clean::
@@ -377,7 +388,7 @@ test-run:
store-test.exe store-test.exe
string-to-key-test.exe string-to-key-test.exe
test_acl.exe test_acl.exe
-test_addr.exe test_addr.exe
test_cc.exe test_cc.exe
test_config.exe test_config.exe
test_prf.exe test_prf.exe
@@ -393,8 +404,8 @@ test-run:
test_time.exe test_time.exe
cd $(SRCDIR) cd $(SRCDIR)
$(test_binaries): $$(@R).obj $(test_binaries): $$(@R).obj $(LIBHEIMDAL) $(LIBVERS) $(LIBROKEN)
$(EXECONLINK) $(LIBHEIMDAL) $(LIBVERS) $(LIBROKEN) $(EXECONLINK)
$(EXEPREP_NODIST) $(EXEPREP_NODIST)
$(test_binaries:.exe=.obj): $$(@B).c $(test_binaries:.exe=.obj): $$(@B).c

6
lib/krb5/acache.c
View File

@@ -172,14 +172,16 @@ void
_heim_krb5_ipc_client_set_target_uid(uid_t uid) _heim_krb5_ipc_client_set_target_uid(uid_t uid)
{ {
init_ccapi(NULL); init_ccapi(NULL);
(*set_target_uid)(uid); if (set_target_uid != NULL)
(*set_target_uid)(uid);
} }
void void
_heim_krb5_ipc_client_clear_target(void) _heim_krb5_ipc_client_clear_target(void)
{ {
init_ccapi(NULL); init_ccapi(NULL);
(*clear_target)(); if (clear_target != NULL)
(*clear_target)();
} }
static krb5_error_code static krb5_error_code

27
lib/krb5/cache.c
View File

@@ -206,8 +206,10 @@ allocate_ccache (krb5_context context,
} }
ret = (*id)->ops->resolve(context, id, residual); ret = (*id)->ops->resolve(context, id, residual);
if(ret) if(ret) {
free(*id); free(*id);
*id = NULL;
}
#ifdef KRB5_USE_PATH_TOKENS #ifdef KRB5_USE_PATH_TOKENS
if (exp_residual) if (exp_residual)
@@ -217,6 +219,25 @@ allocate_ccache (krb5_context context,
return ret; return ret;
} }
static int
is_possible_path_name(const char * name)
{
const char * colon;
if ((colon = strchr(name, ':')) == NULL)
return TRUE;
#ifdef _WIN32
/* <drive letter>:\path\to\cache ? */
if (colon == name + 1 &&
strchr(colon + 1, ':') == NULL)
return TRUE;
#endif
return FALSE;
}
/** /**
* Find and allocate a ccache in `id' from the specification in `residual'. * Find and allocate a ccache in `id' from the specification in `residual'.
* If the ccache name doesn't contain any colon, interpret it as a file name. * If the ccache name doesn't contain any colon, interpret it as a file name.
@@ -251,7 +272,7 @@ krb5_cc_resolve(krb5_context context,
id); id);
} }
} }
if (strchr (name, ':') == NULL) if (is_possible_path_name(name))
return allocate_ccache (context, &krb5_fcc_ops, name, id); return allocate_ccache (context, &krb5_fcc_ops, name, id);
else { else {
krb5_set_error_message(context, KRB5_CC_UNKNOWN_TYPE, krb5_set_error_message(context, KRB5_CC_UNKNOWN_TYPE,
@@ -1413,7 +1434,7 @@ krb5_cccol_cursor_next(krb5_context context, krb5_cccol_cursor cursor,
cursor->cursor = NULL; cursor->cursor = NULL;
if (ret != KRB5_CC_END) if (ret != KRB5_CC_END)
break; break;
cursor->idx++; cursor->idx++;
} }
if (cursor->idx >= context->num_cc_ops) { if (cursor->idx >= context->num_cc_ops) {

3
lib/krb5/context.c
View File

@@ -246,6 +246,9 @@ cc_ops_register(krb5_context context)
krb5_cc_register(context, &krb5_akcm_ops, TRUE); krb5_cc_register(context, &krb5_akcm_ops, TRUE);
#endif #endif
krb5_cc_register(context, &krb5_kcm_ops, TRUE); krb5_cc_register(context, &krb5_kcm_ops, TRUE);
#endif
#ifdef HAVE_MSLSA_CACHE
_krb5_mslsa_register_cc_ops(context, TRUE);
#endif #endif
return 0; return 0;
} }

2
lib/krb5/data.c
View File

@@ -87,7 +87,7 @@ krb5_free_data(krb5_context context,
/** /**
* Allocate data of and krb5_data. * Allocate data of and krb5_data.
* *
* @param p krb5_data to free. * @param p krb5_data to allocate.
* @param len size to allocate. * @param len size to allocate.
* *
* @return Returns 0 to indicate success. Otherwise an kerberos et * @return Returns 0 to indicate success. Otherwise an kerberos et

5
lib/krb5/expand_path.c
View File

@@ -407,6 +407,11 @@ _krb5_expand_path_tokens(krb5_context context,
const char *path_left; const char *path_left;
size_t len = 0; size_t len = 0;
if (path_in == NULL || *path_in == '\0') {
*ppath_out = strdup("");
return 0;
}
*ppath_out = NULL; *ppath_out = NULL;
for (path_left = path_in; path_left && *path_left; ) { for (path_left = path_in; path_left && *path_left; ) {

12
lib/krb5/fcache.c
View File

@@ -813,7 +813,7 @@ fcc_remove_cred(krb5_context context,
return ret; return ret;
} }
ret = rename(&newname[5], FILENAME(id)); ret = rk_rename(&newname[5], FILENAME(id));
if (ret) if (ret)
ret = errno; ret = errno;
free(newname); free(newname);
@@ -909,15 +909,7 @@ fcc_move(krb5_context context, krb5_ccache from, krb5_ccache to)
{ {
krb5_error_code ret = 0; krb5_error_code ret = 0;
ret = rename(FILENAME(from), FILENAME(to)); ret = rk_rename(FILENAME(from), FILENAME(to));
#ifdef RENAME_DOES_NOT_UNLINK
if (ret && (errno == EEXIST || errno == EACCES)) {
ret = unlink(FILENAME(to));
if (ret == 0) {
ret = rename(FILENAME(from), FILENAME(to));
}
}
#endif
if (ret && errno != EXDEV) { if (ret && errno != EXDEV) {
char buf[128]; char buf[128];

4
lib/krb5/krb5.h
View File

@@ -410,6 +410,10 @@ typedef union {
#define KRB5_TC_MATCH_2ND_TKT (1 << 23) #define KRB5_TC_MATCH_2ND_TKT (1 << 23)
#define KRB5_TC_MATCH_IS_SKEY (1 << 22) #define KRB5_TC_MATCH_IS_SKEY (1 << 22)
/* constants for get_flags and set_flags */
#define KRB5_TC_OPENCLOSE 0x00000001
#define KRB5_TC_NOTICKET 0x00000002
typedef AuthorizationData krb5_authdata; typedef AuthorizationData krb5_authdata;
typedef KRB_ERROR krb5_error; typedef KRB_ERROR krb5_error;

4
lib/krb5/libkrb5-exports.def.in
View File

@@ -77,6 +77,7 @@ EXPORTS
krb5_c_make_random_key krb5_c_make_random_key
krb5_c_prf krb5_c_prf
krb5_c_prf_length krb5_c_prf_length
krb5_c_random_make_octets
krb5_c_set_checksum krb5_c_set_checksum
krb5_c_valid_cksumtype krb5_c_valid_cksumtype
krb5_c_valid_enctype krb5_c_valid_enctype
@@ -88,7 +89,7 @@ EXPORTS
krb5_cc_clear_mcred krb5_cc_clear_mcred
krb5_cc_close krb5_cc_close
krb5_cc_copy_cache krb5_cc_copy_cache
krb5_cc_copy_creds krb5_cc_copy_creds ;!
krb5_cc_copy_match_f krb5_cc_copy_match_f
krb5_cc_default krb5_cc_default
krb5_cc_default_name krb5_cc_default_name
@@ -287,6 +288,7 @@ EXPORTS
krb5_free_creds_contents krb5_free_creds_contents
krb5_free_data krb5_free_data
krb5_free_data_contents krb5_free_data_contents
krb5_free_default_realm
krb5_free_error krb5_free_error
krb5_free_error_contents krb5_free_error_contents
krb5_free_error_string krb5_free_error_string

92
lib/krb5/lsacache.c Normal file
View File

@@ -0,0 +1,92 @@
/*
*/
#include "krb5_locl.h"
#ifdef HAVE_DLFCN_H
#include <dlfcn.h>
#endif
#include <assert.h>
static HEIMDAL_MUTEX lsacc_mutex = HEIMDAL_MUTEX_INITIALIZER;
const krb5_cc_ops * lsacc_ops = NULL;
static void *lsacc_handle;
krb5_error_code
_krb5_mslsa_register_cc_ops(krb5_context context, krb5_boolean override)
{
const char *lib = NULL;
HEIMDAL_MUTEX_lock(&lsacc_mutex);
if (lsacc_ops) {
HEIMDAL_MUTEX_unlock(&lsacc_mutex);
if (context) {
krb5_clear_error_message(context);
krb5_cc_register(context, lsacc_ops, override);
}
return 0;
}
if (context)
lib = krb5_config_get_string(context, NULL,
"libdefaults", "mslsa_library",
NULL);
if (lib == NULL) {
lib = "%{LIBDIR}/mslsa_cc.dll";
}
{
char * explib = NULL;
if (_krb5_expand_path_tokens(context, lib, &explib) == 0) {
lsacc_handle = dlopen(explib, RTLD_LAZY|RTLD_LOCAL);
free(explib);
}
}
if (lsacc_handle == NULL) {
HEIMDAL_MUTEX_unlock(&lsacc_mutex);
if (context)
krb5_set_error_message(context, KRB5_CC_NOSUPP,
N_("Failed to load MSLSA cache module %s", "file"),
lib);
return KRB5_CC_NOSUPP;
}
{
krb5_error_code ret = 0;
krb5_error_code (KRB5_CALLCONV *lsacc_get_ops)(const krb5_cc_ops ** ops);
lsacc_get_ops = (krb5_error_code (KRB5_CALLCONV *)(const krb5_cc_ops **))
dlsym(lsacc_handle, "lsacc_get_ops");
if (lsacc_get_ops) {
ret = (*lsacc_get_ops)(&lsacc_ops);
}
HEIMDAL_MUTEX_unlock(&lsacc_mutex);
if (ret != 0) {
if (context)
krb5_set_error_message(context, KRB5_CC_NOSUPP,
N_("LSA cache initialization failed (%d)",
"error"), ret);
dlclose(lsacc_handle);
return KRB5_CC_NOSUPP;
}
if (lsacc_get_ops == NULL) {
if (context)
krb5_set_error_message(context, KRB5_CC_NOSUPP,
N_("Failed to find lsacc_get_ops"
"in %s: %s", "file, error"), lib, dlerror());
dlclose(lsacc_handle);
return KRB5_CC_NOSUPP;
}
}
assert(lsacc_ops != NULL);
if (context)
return krb5_cc_register(context, lsacc_ops, override);
return 0;
}

40
lib/krb5/mit_glue.c
View File

@@ -378,6 +378,12 @@ krb5_c_prf(krb5_context context,
return ret; return ret;
} }
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_c_random_make_octets(krb5_context context, krb5_data * data)
{
return krb5_generate_random_keyblock(context, data->length, data->data);
}
/** /**
* MIT compat glue * MIT compat glue
* *
@@ -392,4 +398,38 @@ krb5_cc_copy_creds(krb5_context context,
return krb5_cc_copy_cache(context, from, to); return krb5_cc_copy_cache(context, from, to);
} }
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_auth_con_getsendsubkey(krb5_context context, krb5_auth_context auth_context,
krb5_keyblock **keyblock)
{
return krb5_auth_con_getlocalsubkey(context, auth_context, keyblock);
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_auth_con_getrecvsubkey(krb5_context context, krb5_auth_context auth_context,
krb5_keyblock **keyblock)
{
return krb5_auth_con_getremotesubkey(context, auth_context, keyblock);
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_auth_con_setsendsubkey(krb5_context context, krb5_auth_context auth_context,
krb5_keyblock *keyblock)
{
return krb5_auth_con_setlocalsubkey(context, auth_context, keyblock);
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_auth_con_setrecvsubkey(krb5_context context, krb5_auth_context auth_context,
krb5_keyblock *keyblock)
{
return krb5_auth_con_setremotesubkey(context, auth_context, keyblock);
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_free_default_realm(krb5_context context, krb5_realm realm)
{
return krb5_xfree(realm);
}
#endif /* HEIMDAL_SMALLER */ #endif /* HEIMDAL_SMALLER */

3
lib/krb5/test_addr.c
View File

@@ -210,7 +210,10 @@ main(int argc, char **argv)
check_truncation(context, "IPv4:127.0.0.0"); check_truncation(context, "IPv4:127.0.0.0");
check_truncation(context, "RANGE:IPv4:127.0.0.0-IPv4:127.0.0.255"); check_truncation(context, "RANGE:IPv4:127.0.0.0-IPv4:127.0.0.255");
#ifdef HAVE_IPV6 #ifdef HAVE_IPV6
check_truncation(context, "IPv6:::");
check_truncation(context, "IPv6:::1"); check_truncation(context, "IPv6:::1");
check_truncation(context, "IPv6:fe80:9:c3e:0:209:6bff:fea0:e522");
check_truncation(context, "IPv6:fe80::209:0:0:0");
check_truncation(context, "IPv6:fe80::ffff:ffff:ffff:ffff"); check_truncation(context, "IPv6:fe80::ffff:ffff:ffff:ffff");
#endif #endif

8
lib/krb5/test_pknistkdf.c
View File

@@ -52,7 +52,11 @@ struct testcase {
} tests[] = { } tests[] = {
/* 0 */ /* 0 */
{ {
&asn1_oid_id_pkinit_kdf_ah_sha1, /* AlgorithmIdentifier */ NULL, /* AlgorithmIdentifier */
/* == &asn1_oid_id_pkinit_kdf_ah_sha1. Addresses of exported
* symbols are not considered constant on all platforms
* (Windows). So we set it in main() below. */
{ /* Z */ { /* Z */
256, 256,
"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
@@ -260,6 +264,8 @@ main(int argc, char **argv)
if (ret) if (ret)
errx (1, "krb5_init_context failed: %d", ret); errx (1, "krb5_init_context failed: %d", ret);
tests[0].oid = &asn1_oid_id_pkinit_kdf_ah_sha1;
for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++) for (i = 0; i < sizeof(tests)/sizeof(tests[0]); i++)
test_dh2key(context, i, &tests[i]); test_dh2key(context, i, &tests[i]);

1
lib/roken/NTMakefile
View File

@@ -75,6 +75,7 @@ libroken_la_OBJS = \
$(OBJ)\parse_time.obj \ $(OBJ)\parse_time.obj \
$(OBJ)\parse_units.obj \ $(OBJ)\parse_units.obj \
$(OBJ)\realloc.obj \ $(OBJ)\realloc.obj \
$(OBJ)\rename.obj \
$(OBJ)\resolve.obj \ $(OBJ)\resolve.obj \
$(OBJ)\roken_gethostby.obj \ $(OBJ)\roken_gethostby.obj \
$(OBJ)\rtbl.obj \ $(OBJ)\rtbl.obj \

21
lib/roken/inet_ntop.c
View File

@@ -83,6 +83,7 @@ inet_ntop_v6 (const void *src, char *dst, size_t size)
const struct in6_addr *addr = (struct in6_addr *)src; const struct in6_addr *addr = (struct in6_addr *)src;
const u_char *ptr = addr->s6_addr; const u_char *ptr = addr->s6_addr;
const char *orig_dst = dst; const char *orig_dst = dst;
int compressed = 0;
if (size < INET6_ADDRSTRLEN) { if (size < INET6_ADDRSTRLEN) {
errno = ENOSPC; errno = ENOSPC;
@@ -91,6 +92,26 @@ inet_ntop_v6 (const void *src, char *dst, size_t size)
for (i = 0; i < 8; ++i) { for (i = 0; i < 8; ++i) {
int non_zerop = 0; int non_zerop = 0;
if (compressed == 0 &&
ptr[0] == 0 && ptr[1] == 0 &&
i <= 5 &&
ptr[2] == 0 && ptr[3] == 0 &&
ptr[4] == 0 && ptr[5] == 0) {
compressed = 1;
if (i == 0)
*dst++ = ':';
*dst++ = ':';
for (ptr += 6, i += 3;
i < 8 && ptr[0] == 0 && ptr[1] == 0;
++i, ptr += 2);
if (i >= 8)
break;
}
if (non_zerop || (ptr[0] >> 4)) { if (non_zerop || (ptr[0] >> 4)) {
*dst++ = xdigits[ptr[0] >> 4]; *dst++ = xdigits[ptr[0] >> 4];
non_zerop = 1; non_zerop = 1;

3
lib/roken/net_read.c
View File

@@ -86,7 +86,8 @@ net_read(rk_socket_t sock, void *buf, size_t nbytes)
if (use_read == 0 && if (use_read == 0 &&
rk_IS_SOCKET_ERROR(count) && rk_IS_SOCKET_ERROR(count) &&
rk_SOCK_ERRNO == WSAENOTSOCK) { (rk_SOCK_ERRNO == WSANOTINITIALISED ||
rk_SOCK_ERRNO == WSAENOTSOCK)) {
use_read = 1; use_read = 1;
count = _read (sock, cbuf, rem); count = _read (sock, cbuf, rem);

3
lib/roken/net_write.c
View File

@@ -83,7 +83,8 @@ net_write(rk_socket_t sock, const void *buf, size_t nbytes)
if (use_write == 0 && if (use_write == 0 &&
rk_IS_SOCKET_ERROR(count) && rk_IS_SOCKET_ERROR(count) &&
rk_SOCK_ERRNO == WSAENOTSOCK) { (rk_SOCK_ERRNO == WSANOTINITIALISED ||
rk_SOCK_ERRNO == WSAENOTSOCK)) {
use_write = 1; use_write = 1;
count = _write (sock, cbuf, rem); count = _write (sock, cbuf, rem);

49
lib/roken/rename.c Normal file
View File

@@ -0,0 +1,49 @@
/***********************************************************************
* Copyright (c) 2010, Secure Endpoints Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* - Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* - Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
**********************************************************************/
#include <config.h>
#include "roken.h"
/* rename() for platforms where the native implementation doesn't
* unlink newname. */
int rk_rename(const char * oldname, const char * newname)
{
int ret;
ret = rename(oldname, newname);
if (ret != 0 && (errno == EEXIST || errno == EACCES)) {
ret = unlink(newname);
if (ret == 0)
ret = rename(oldname, newname);
}
return ret;
}

6
lib/roken/roken.h.in
View File

@@ -616,6 +616,12 @@ ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL initgroups(const char *, gid_t);
ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL fchown(int, uid_t, gid_t); ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL fchown(int, uid_t, gid_t);
#endif #endif
#ifdef RENAME_DOES_NOT_UNLINK
ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_rename(const char *, const char *);
#else
#define rk_rename rename
#endif
#if !defined(HAVE_DAEMON) || defined(NEED_DAEMON_PROTO) #if !defined(HAVE_DAEMON) || defined(NEED_DAEMON_PROTO)
#ifndef HAVE_DAEMON #ifndef HAVE_DAEMON
#define daemon rk_daemon #define daemon rk_daemon

11
lib/roken/strlcat.c
View File

@@ -39,9 +39,16 @@
ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL ROKEN_LIB_FUNCTION size_t ROKEN_LIB_CALL
strlcat (char *dst, const char *src, size_t dst_sz) strlcat (char *dst, const char *src, size_t dst_sz)
{ {
size_t len = strlen(dst); size_t len;
#if defined(_MSC_VER) && _MSC_VER >= 1400
len = strnlen_s(dst, dst_sz);
#elif defined(HAVE_STRNLEN)
len = strnlen(dst, dst_sz);
#else
len = strlen(dst);
#endif
if (dst_sz < len) if (dst_sz <= len)
/* the total size of dst is less than the string it contains; /* the total size of dst is less than the string it contains;
this could be considered bad input, but we might as well this could be considered bad input, but we might as well
handle it */ handle it */

3
lib/roken/strlcpy.c
View File

@@ -43,7 +43,8 @@ strlcpy (char *dst, const char *src, size_t dst_cch)
{ {
errno_t e; errno_t e;
e = strcpy_s(dst, dst_cch, src); if (dst_cch > 0)
e = strncpy_s(dst, dst_cch, src, _TRUNCATE);
return strlen (src); return strlen (src);
} }

2
packages/windows/NTMakefile
View File

@@ -30,7 +30,7 @@
# #
RELDIR=packages\windows RELDIR=packages\windows
SUBDIRS=kfw_shim SUBDIRS=kfw_shim sdk
!include ../../windows/NTMakefile.w32 !include ../../windows/NTMakefile.w32

98
packages/windows/sdk/NTMakefile Normal file
View File

@@ -0,0 +1,98 @@
########################################################################
#
# Copyright (c) 2009, Secure Endpoints Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# - Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# - Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in
# the documentation and/or other materials provided with the
# distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.
#
RELDIR=packages\sdk
!include ../../../windows/NTMakefile.w32
# This package pulls in all the SDK components into a single directory
# structure.
prep:: mksdkdirs
mksdkdirs:
! if !exist($(SDKSRCDIR))
$(MKDIR) $(SDKSRCDIR)
! endif
! if !exist($(SDKINCDIR))
$(MKDIR) $(SDKINCDIR)
! endif
! if !exist($(SDKINCDIR)\krb5)
$(MKDIR) $(SDKINCDIR)\krb5
! endif
! if !exist($(SDKINCDIR)\kadm5)
$(MKDIR) $(SDKINCDIR)\kadm5
! endif
! if !exist($(SDKLIBDIR))
$(MKDIR) $(SDKLIBDIR)
! endif
INCFILES=\
$(SDKINCDIR)\com_err.h \
$(SDKINCDIR)\com_right.h \
$(SDKINCDIR)\krb5\asn1_err.h \
$(SDKINCDIR)\krb5\heim_err.h \
$(SDKINCDIR)\krb5\k524_err.h \
$(SDKINCDIR)\krb5\krb5-protos.h \
$(SDKINCDIR)\krb5\krb5-types.h \
$(SDKINCDIR)\krb5\krb5-v4compat.h \
$(SDKINCDIR)\krb5\krb5.h \
$(SDKINCDIR)\krb5\krb5_asn1.h \
$(SDKINCDIR)\krb5\krb5_ccapi.h \
$(SDKINCDIR)\krb5\krb5_err.h \
$(SDKINCDIR)\krb5\krb5_locl.h \
$(SDKINCDIR)\kadm5\kadm5_err.h \
$(SDKINCDIR)\kadm5\kadm5-protos.h \
LIBFILES=\
$(SDKLIBDIR)\heimdal.lib \
$(SDKLIBDIR)\libcom_err.lib \
all:: $(INCFILES) $(LIBFILES)
.SUFFIXES: .h .c .lib
{$(LIBDIR)}.lib{$(SDKLIBDIR)}.lib:
$(CP) $** $@
{$(INCDIR)}.h{$(SDKINCDIR)}.h:
$(CP) $** $@
{$(INCDIR)}.h{$(SDKINCDIR)\krb5}.h:
$(CP) $** $@
{$(INCDIR)\kadm5}.h{$(SDKINCDIR)\kadm5}.h:
$(CP) $** $@
clean::
-$(RM) $(SDKINCDIR)\*.*
-$(RM) $(SDKINCDIR)\krb5\*.*
-$(RM) $(SDKLIBDIR)\*.*

6
windows/NTMakefile.config
View File

@@ -95,3 +95,9 @@ ENABLE_PTHREAD_SUPPORT=1
HAVE_SCC=1 HAVE_SCC=1
DIR_hdbdir=%{COMMON_APPDATA}/heimdal/hdb DIR_hdbdir=%{COMMON_APPDATA}/heimdal/hdb
# Enable MSLSA cache backend
HAVE_MSLSA_CACHE=1
# Enable weak crypto
WEAK_CRYPTO=1

4
windows/NTMakefile.w32
View File

@@ -81,6 +81,10 @@ BINDIR =$(DESTDIR)\bin
SBINDIR=$(BINDIR) SBINDIR=$(BINDIR)
LIBEXECDIR=$(BINDIR) LIBEXECDIR=$(BINDIR)
ASMDIR=$(BINDIR) ASMDIR=$(BINDIR)
SDKDIR=$(SRC)\out
SDKINCDIR=$(SRC)\out\inc
SDKLIBDIR=$(SRC)\out\lib\$(CPU)
SDKSRCDIR=$(SRC)\out\src
!ifdef RELDIR !ifdef RELDIR
SRCDIR =$(SRC)\$(RELDIR) SRCDIR =$(SRC)\$(RELDIR)