oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

kinit now builds and works on some machines

Browse Source 
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@302 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Assar Westerlund
1996-03-17 14:59:05 +00:00
parent 2968019168
commit e2475934ac
33 changed files with 781 additions and 432 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
lib/krb5/cache.c
View File

@@ -46,6 +46,10 @@ krb5_error_code
krb5_cc_default(krb5_context context,
krb5_ccache *id)
{
*id = malloc(sizeof(**id));
if (*id == NULL)
return ENOMEM;
return krb5_cc_resolve (context, id, "/tmp/foo");
}
static krb5_error_code
@@ -112,7 +116,7 @@ krb5_cc_initialize(krb5_context context,
if(ret = erase_file(f->filename))
return ret;
fd = open(f->filename, O_RDWR, 0600);
fd = open(f->filename, O_RDWR | O_CREAT | O_EXCL, 0600);
if(fd == -1)
return errno;
store_int16(fd, 0x503);

5
lib/krb5/config_file.y
View File

@@ -19,6 +19,9 @@ static krb5_config_relation **crel;
static krb5_config_relation **rels[16];
static int relp;
static void yyerror (char *);
static int yylex (void);
%}
%union {
@@ -143,7 +146,7 @@ static int yylex(void)
return type;
}
static void yyerror(char *s)
void yyerror(char *s)
{
printf("yyerror: %s\n", s);
}

45
lib/krb5/get_addrs.c Normal file
View File

@@ -0,0 +1,45 @@
#include "krb5_locl.h"
static krb5_error_code
get_addrs ()
{
/* here the code from krb4/lib/krb/getaddrs.c will go */
}
/*
* Try to get all addresses, but return the one corresponding to
* `hostname' if we fail.
*/
krb5_error_code
krb5_get_all_client_addrs (krb5_addresses *res)
{
krb5_error_code err;
char hostname[MAXHOSTNAMELEN];
struct hostent *hostent;
if (gethostname (hostname, sizeof(hostname)))
return errno;
hostent = gethostbyname (hostname);
if (hostent == NULL)
return errno;
res->number = 1;
res->addrs = malloc (sizeof(*res->addrs));
res->addrs[0].type = hostent->h_addrtype;
err = krb5_data_alloc (&res->addrs[0].address, hostent->h_length);
if (err)
return err;
memcpy (res->addrs[0].address.data,
hostent->h_addr,
hostent->h_length);
return 0;
}
/*
* Same as above, but with the fall-back to INADDR_ANY.
*/
krb5_error_code
krb5_get_all_server_addrs ()
{
}

110
lib/krb5/get_in_tkt.c
View File

@@ -1,4 +1,7 @@
#include "krb5_locl.h"
#include <krb5_error.h>
#include <d.h>
#include <k5_der.h>
static krb5_error_code
krb5_get_salt (krb5_principal princ,
@@ -10,22 +13,52 @@ krb5_get_salt (krb5_principal princ,
krb5_error_code err;
char *p;
len = realm->len;
len = realm.length;
for (i = 0; i < princ->ncomp; ++i)
len += princ->comp[i].length;
err = krb5_alloc (salt, len);
err = krb5_data_alloc (salt, len);
if (err)
return err;
p = salt->data;
strncpy (p, realm->data, realm->len);
p += realm->len;
for (i = 0; i < princ->cnomp; ++i) {
strncpy (p, realm.data, realm.length);
p += realm.length;
for (i = 0; i < princ->ncomp; ++i) {
strncpy (p, princ->comp[i].data, princ->comp[i].length);
p += princ->comp[i].length;
}
return 0;
}
static krb5_error_code
decrypt_tkt (krb5_context context,
const krb5_keyblock *key,
krb5_const_pointer decrypt_arg,
krb5_kdc_rep *dec_rep)
{
des_key_schedule sched;
char *buf;
Buffer buffer;
des_set_key (key->contents.data, sched);
buf = malloc (dec_rep->enc_part.cipher.length);
if (buf == NULL)
return ENOMEM;
des_cbc_encrypt ((des_cblock *)dec_rep->enc_part.cipher.data,
(des_cblock *)buf,
dec_rep->enc_part.cipher.length,
sched,
key->contents.data,
DES_DECRYPT);
/* XXX: Check CRC */
buf_init (&buffer, buf + 12, dec_rep->enc_part.cipher.length - 12);
if (der_get_enctgsreppart (&buffer, &dec_rep->enc_part2) == -1) {
free (buf);
return ASN1_PARSE_ERROR;
}
free (buf);
return 0;
}
/*
*
*/
@@ -44,65 +77,82 @@ krb5_get_in_tkt(krb5_context context,
krb5_ccache ccache,
krb5_kdc_rep **ret_as_reply)
{
krb5_error_code err;
As_Req a;
Kdc_Rep rep;
krb5_principal server;
krb5_kdc_rep rep;
krb5_principal_data server;
krb5_data req, resp;
char buf[BUFSIZ];
Buffer buf;
Buffer buffer;
krb5_data salt;
krb5_keyblock *key;
server.type = KRB_NT_SRV_INST;
server.type = KRB5_NT_SRV_INST;
server.ncomp = 2;
server.comp = malloc (sizeof(*server.comp) * server.ncomp);
server.comp[0] = string_make ("krbtgt");
server.comp[1] = creds->client.realm;
server.comp[1] = creds->client->realm;
a.pvno = 5;
a.msg_type = KRB_AS_REQ;
/* a.kdc_options */
a.cname = &creds->client;
a.cname = creds->client;
a.sname = &server;
a.realm = creds->client.realm;
a.realm = creds->client->realm;
a.till = creds->times.endtime;
a.nonce = 17;
if (etypes)
a.etypes = etypes;
else
a.etypes = context->etypes;
if (addrs)
a.addresses = addrs;
else
a.addresses = krb5_get_all_client_addrs ();
else {
err = krb5_get_default_in_tkt_etypes (context, &a.etypes);
if (err)
return err;
a.num_etypes = 1;
}
if (addrs){
} else {
err = krb5_get_all_client_addrs (&a.addrs);
if (err)
return err;
}
req.data = buf;
req.len = der_put_as_req (req.data + sizeof(buf) - 1, &a);
string_free (server.comp[0]);
req.length = der_put_as_req (buf + sizeof(buf) - 1, &a);
req.data = buf + sizeof(buf) - req.length;
free (server.comp);
if (addrs == NULL)
free (a.addresses);
if (addrs == NULL) {
int i;
err = krb5_sendto_kdc (context, &req, a.realm, &resp);
for (i = 0; i < a.addrs.number; ++i)
krb5_data_free (&a.addrs.addrs[i].address);
free (a.addrs.addrs);
}
err = krb5_sendto_kdc (context, &req, &a.realm, &resp);
if (err) {
return err;
}
buf_init (&buffer, resp.data, resp.len);
buf_init (&buffer, resp.data, resp.length);
if (der_get_as_rep (&buffer, &rep) == -1) {
return ASN1_PARSE_ERROR;
}
err = krb5_get_salt (creds->client, creds->client.realm, &salt);
salt.length = 0;
salt.data = NULL;
err = krb5_get_salt (creds->client, creds->client->realm, &salt);
if (err)
return err;
err = (*key_proc)(context, b.enc_part.etype, salt, keyseed, &key);
err = (*key_proc)(context, rep.enc_part.etype, &salt, keyseed, &key);
krb5_data_free (&salt);
if (err)
return err;
if (decrypt_proc == NULL)
decrypt_proc = decrypt_tkt;
err = (*decrypt_proc)(context, key, decryptarg, &rep);
memset (&key.contents.data, 0, key.contents.length);
krb5_data_free (&key.contents);
memset (key->contents.data, 0, key->contents.length);
krb5_data_free (&key->contents);
free (key);
if (err)
return err;
return 0;
}

14
lib/krb5/get_in_tkt_pw.c
View File

@@ -11,15 +11,17 @@ key_proc (krb5_context context,
char *password = (char *)keyseed;
char buf[BUFSIZ];
key = malloc (sizeof (*key));
if (key == NULL)
*key = malloc (sizeof (**key));
if (*key == NULL)
return ENOMEM;
key->keytype = type;
(*key)->keytype = type;
(*key)->contents.length = 0;
(*key)->contents.data = NULL;
if (password == NULL) {
des_read_pw_string (buf, sizeof(buf), "Password: ", 0);
password = buf;
}
err = krb5_string_to_key (password, salt, key);
err = krb5_string_to_key (password, salt, *key);
memset (buf, 0, sizeof(buf));
return err;
}
@@ -33,9 +35,9 @@ krb5_get_in_tkt_with_password (krb5_context context,
const char *password,
krb5_ccache ccache,
krb5_creds *creds,
krb5_kdc-rep **ret_as_reply)
krb5_kdc_rep **ret_as_reply)
{
return krb5_get_in_tkt (context, options, addrs, etypes,
pre_auth_types, key_proc, password,
NULL, NULL, creds, cache, ret_as_reply);
NULL, NULL, creds, ccache, ret_as_reply);
}

44
lib/krb5/krb5.h
View File

@@ -8,6 +8,13 @@
#include "config_file.h"
/* simple constants */
#ifndef TRUE
#define TRUE 1
#define FALSE 0
#endif
/* types */
typedef int32_t krb5_int32;
typedef int16_t krb5_int16;
@@ -40,7 +47,7 @@ typedef enum krb5_cksumtype {
CKSUMTYPE_DES_MAC = 4,
CKSUMTYPE_DES_MAC_K = 5,
CKSUMTYPE_RSA_MD4_DES_K = 6,
CKSUMTYPE_RSA_MD5_DES = 7,
CKSUMTYPE_RSA_MD5_DES = 7
} krb5_cksumtype;
@@ -63,7 +70,7 @@ typedef enum krb5_preauthtype {
typedef enum krb5_address_type {
KRB5_ADDRESS_INET = 2,
KRB5_ADDRESS_INET = 2
} krb5_address_type;
typedef struct krb5_address{
@@ -71,7 +78,10 @@ typedef struct krb5_address{
krb5_data address;
} krb5_address;
typedef struct krb5_addresses {
int number;
krb5_address *addrs;
} krb5_addresses;
typedef enum krb5_keytype { KEYTYPE_DES } krb5_keytype;
@@ -80,7 +90,6 @@ typedef struct krb5_keyblock{
krb5_data contents;
} krb5_keyblock;
typedef struct krb5_context_data{
krb5_enctype *etypes;
char *default_realm;
@@ -107,6 +116,7 @@ enum{
KRB5_NT_SRV_XHST = 4,
KRB5_NT_UID = 5
};
typedef struct krb5_principal_data{
int type;
krb5_data realm;
@@ -117,6 +127,7 @@ typedef struct krb5_principal_data{
typedef krb5_principal_data *krb5_principal;
typedef const krb5_principal_data *krb5_const_principal;
typedef krb5_data krb5_realm;
typedef struct krb5_ticket{
int kvno;
@@ -198,10 +209,7 @@ typedef struct krb5_auth_context{
typedef krb5_uint32 krb5_flags;
typedef struct krb5_kdc_rep{
int dummy;
}krb5_kdc_rep;
typedef struct krb5_kdc_rep krb5_kdc_rep;
krb5_error_code
krb5_init_context(krb5_context *context);
@@ -223,13 +231,13 @@ krb5_get_credentials(krb5_context context,
krb5_creds *out_creds);
typedef krb5_error_code (*krb5_key_proc)(krb5_context context,
const krb5_keytype type,
krb5_keytype type,
krb5_data *salt,
krb5_const_pointer keyseed,
krb5_keyblock **key);
typedef krb5_error_code (*krb5_decrypt_proc)(krb5_context context,
const krb5_keyblock *key,
krb5_const_pointer *decrypt_arg,
krb5_const_pointer decrypt_arg,
krb5_kdc_rep *dec_rep);
krb5_error_code
@@ -246,6 +254,16 @@ krb5_get_in_tkt(krb5_context context,
krb5_ccache ccache,
krb5_kdc_rep **ret_as_reply);
krb5_error_code
krb5_get_in_tkt_with_password (krb5_context context,
krb5_flags options,
krb5_address *const *addrs,
const krb5_enctype *etypes,
const krb5_preauthtype *pre_auth_types,
const char *password,
krb5_ccache ccache,
krb5_creds *creds,
krb5_kdc_rep **ret_as_reply);
krb5_error_code
krb5_mk_req(krb5_context context,
@@ -354,5 +372,11 @@ krb5_free_krbhst (krb5_context context,
char *const *hostlist);
/* variables */
extern const char krb5_config_file[];
extern const char krb5_defkeyname[];
#endif /* __KRB5_H__ */

6
lib/krb5/krb5_error.h
View File

@@ -49,4 +49,10 @@
#define KRB_ERR_GENERIC 60
#define KRB_ERR_FIELD_TOOLONG 61
#define KRB5_KDC_UNREACH 155
/* Just some random number */
#define ASN1_PARSE_ERROR 274
#endif /* __KRB5_ERROR_H__ */

9
lib/krb5/krb5_locl.h
View File

@@ -7,7 +7,16 @@
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/types.h>
#include <sys/ioctl.h>
#include <sys/param.h>
#include <time.h>
#include <sys/time.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <netdb.h>
#include <des.h>

6
lib/krb5/krbhst.c
View File

@@ -9,11 +9,11 @@ krb5_get_krbhst (krb5_context context,
char buf[BUFSIZ];
char *val;
sprintf (buf, "realms %s kdc", realm.data);
err = krb5_get_config_tag (context.cf, buf, &val);
sprintf (buf, "realms %.*s kdc", realm->length, realm->data);
err = krb5_get_config_tag (context->cf, buf, &val);
if (err)
return err;
**hostlist = malloc (2 * sizeof (char *));
*hostlist = malloc (2 * sizeof (char *));
(*hostlist)[0] = val;
(*hostlist)[1] = NULL;
return 0;

47
lib/krb5/send_to_kdc.c
View File

@@ -1,17 +1,18 @@
#include "krb5_locl.h"
#include "krb5_error.h"
static int
send_and_recv (int fd,
struct sockaddr_in *addr,
krb5_data *send,
const krb5_data *send,
krb5_data *recv)
{
struct fdset fdset;
struct fd_set fdset;
struct timeval timeout;
int ret;
long nbytes;
if (sendto (fd, send->data, send->len, 0,
if (sendto (fd, send->data, send->length, 0,
(struct sockaddr *)addr, sizeof(*addr)) < 0)
return -1;
FD_ZERO(&fdset);
@@ -22,24 +23,25 @@ send_and_recv (int fd,
if (ret <= 0)
return -1;
else {
ioctl (fd, FIONREAD, &nbytes);
int len;
nbytes -= sizeof(struct udphdr) + sizeof(struct iphdr);
if (ioctl (fd, FIONREAD, &nbytes) < 0)
return -1;
recv->data = malloc (nbytes);
ret = recvfrom (fd, recv->data, nbytes, 0, NULL, 0);
ret = recvfrom (fd, recv->data, nbytes, 0, NULL, &len);
if (ret < 0) {
free (recv->data);
return -1;
}
recv->data = realloc (recv->data, ret);
recv->len = ret;
recv->length = ret;
return 0;
}
}
krb5_error_code
krb5_sentdo_kdc (krb5_context context,
krb5_sendto_kdc (krb5_context context,
const krb5_data *send,
const krb5_data *realm,
krb5_data *receive)
@@ -51,35 +53,52 @@ krb5_sentdo_kdc (krb5_context context,
int port;
int i;
port = krb5_getportbyname ("kerberos", "udp", htons(750));
port = krb5_getportbyname ("kerberos", "udp", htons(88));
fd = socket (AF_INET, SOCK_DGRAM, 0);
if (fd < 0)
if (fd < 0) {
krb5_free_krbhst (context, hostlist);
return errno;
}
err = krb5_get_krbhst (context, realm, &hostlist);
if (err) {
close (fd);
return err;
}
for (i = 0; i < 3; ++i)
for (hp = hostlist; p = *hp; ++hp) {
char *addr;
char *colon;
colon = strchr (p, ':');
if (colon)
*colon = '\0';
hostent = gethostbyname (p);
if (colon)
*colon++ = ':';
while (addr = *hostent->h_addr_list++) {
struct sockaddr_in a;
memset (a, 0, sizeof(a));
memset (&a, 0, sizeof(a));
a.sin_family = AF_INET;
a.sin_port = port;
if (colon) {
int tmp;
sscanf (colon, "%d", &tmp);
a.sin_port = htons(tmp);
} else
a.sin_port = port;
a.sin_addr = *((struct in_addr *)addr);
if (send_and_recv (fd, &a, send, recv) == 0) {
if (send_and_recv (fd, &a, send, receive) == 0) {
close (fd);
krb5_free_krbhst (context, hostlist);
return KDC_ERR_NONE;
return 0;
}
}
}
close (fd);
krb5_free_krbhst (context, hostlist);
return KRB5_KDC_UNREACH;
}

6
lib/krb5/str2key.c
View File

@@ -86,7 +86,7 @@ init (unsigned char *a, unsigned char *b)
a[7] = b[7] << 1;
}
void
krb5_error_code
krb5_string_to_key (char *str,
krb5_data *salt,
krb5_keyblock *key)
@@ -98,7 +98,7 @@ krb5_string_to_key (char *str,
des_key_schedule sched;
krb5_error_code err;
len = strlen(str) + salt->len;
len = strlen(str) + salt->length;
#if 1
len = (len + 7) / 8 * 8;
#endif
@@ -113,7 +113,7 @@ krb5_string_to_key (char *str,
memset (s, 0, len);
strncpy (p, str, strlen(str));
p += strlen(str);
strncpy (p, salt->data, salt->len);
strncpy (p, salt->data, salt->length);
odd = 1;
memset (tempkey, 0, sizeof(tempkey));
for (i = 0; i < len; i += 8) {