From dda7a7f32733539d77387492e5cb4096e9eaff4f Mon Sep 17 00:00:00 2001
From: Johan Danielsson <joda@pdc.kth.se>
Date: Sat, 13 Sep 1997 04:47:04 +0000
Subject: [PATCH] Kerberos 5 patches

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@3495 ec53bebd-3082-4978-b11e-865c3cabbd6b
---
 appl/xnlock/Makefile.am | 12 +++++++++
 appl/xnlock/xnlock.c    | 57 ++++++++++++++++++++++++++++++++++++-----
 2 files changed, 63 insertions(+), 6 deletions(-)
 create mode 100644 appl/xnlock/Makefile.am

diff --git a/appl/xnlock/Makefile.am b/appl/xnlock/Makefile.am
new file mode 100644
index 000000000..5e15adb18
--- /dev/null
+++ b/appl/xnlock/Makefile.am
@@ -0,0 +1,12 @@
+# $Id$
+
+AUTOMAKE_OPTIONS = no-dependencies foreign
+
+XINCS = @X_CFLAGS@
+XLIBS = @X_LIBS@ -lXt @X_PRE_LIBS@ -lX11 @X_EXTRA_LIBS@
+
+INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) $(X_CFLAGS) -DBINDIR=\"$(bindir)\"
+
+bin_PROGRAMS = xnlock
+
+LDADD = $(top_builddir)/lib/kafs/libkafs.a $(LIB_krb4) $(top_builddir)/lib/krb5/libkrb5.a $(top_builddir)/lib/asn1/libasn1.a $(top_builddir)/lib/des/libdes.a $(top_builddir)/lib/roken/libroken.a $(XLIBS)
diff --git a/appl/xnlock/xnlock.c b/appl/xnlock/xnlock.c
index 58a835418..3d2abbc9f 100644
--- a/appl/xnlock/xnlock.c
+++ b/appl/xnlock/xnlock.c
@@ -8,7 +8,6 @@
  */
 #ifdef HAVE_CONFIG_H
 #include <config.h>
-#include <protos.h>
 RCSID("$Id$");
 #endif
 
@@ -29,8 +28,15 @@ RCSID("$Id$");
 #include <pwd.h>
 #endif
 
+#ifdef KRB5
+#include <krb5.h>
+#endif
+#ifdef KRB4
 #include <krb.h>
+#endif
+#if defined(KRB4) || defined(KRB5)
 #include <kafs.h>
+#endif
 
 #include <roken.h>
 #include <err.h>
@@ -223,8 +229,7 @@ init_words (int argc, char **argv)
 		    errx (1, "cannot allocate memory for message");
 	    }
 	} else {
-	    appres.text = malloc(128);
-	    appres.text[0] = 0;
+	    appres.text = strdup("");
 	    if (appres.text == NULL)
 		errx (1, "cannot allocate memory for message");
 	    while (argv[i]) {
@@ -233,7 +238,6 @@ init_words (int argc, char **argv)
 				    strlen(appres.text) + n + 2);
 		if (tmp == NULL)
 		    errx (1, "cannot allocate memory for message");
-		appres.text = tmp;
 		strcat (appres.text, argv[i]);
 		strcat (appres.text, " ");
 		++i;
@@ -541,6 +545,41 @@ countdown(XtPointer _t, XtIntervalId *_d)
     return;
 }
 
+static int
+verify_krb5(const char *name, const char *inst, const char *realm, 
+	    const char *password)
+{
+    krb5_context context;
+    krb5_principal client;
+    krb5_error_code ret;
+    krb5_ccache id;
+    
+    krb5_init_context(&context);
+    if(inst && inst[0] == 0)
+	inst = NULL;
+    krb5_make_principal(context, &client, realm, name, inst, NULL);
+    krb5_cc_default(context, &id);
+    ret = krb5_verify_user(context,
+			   client, 
+			   id,
+			   password, 
+			   0,
+			   NULL);
+    krb5_free_principal(context, client);
+    if (ret == 0){
+	if (k_hasafs())
+	    krb5_afslog(context, id, NULL, NULL);
+	krb5_free_context(context);
+	return 0;
+    }
+    if (ret != INTK_BADPW)
+	krb5_warn(context, ret, "verify_krb5");
+    
+    krb5_free_context(context);
+    return -1;
+}
+
+
 static int
 verify(char *password)
 {
@@ -582,12 +621,18 @@ verify(char *password)
 	return 0;
 
     /*
-     * Try to verify as user with kerberos.
+     * Try to verify as user with kerberos 5.
+     */
+    if(verify_krb5(name, inst, realm, password) == 0)
+	return 0;
+
+    /*
+     * Try to verify as user with kerberos 4.
      */
     ret = krb_verify_user(name, inst, realm, password, 0, NULL);
     if (ret == KSUCCESS){
 	if (k_hasafs())
-	    k_afsklog(0, 0);
+	    krb_afslog(NULL, NULL);
 	return 0;
     }
     if (ret != INTK_BADPW)