oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

Merge in last changes from Asanka for the win32 port

Browse Source 
Signed-off-by: Love Hornquist Astrand <lha@h5l.org>
This commit is contained in:
Love Hornquist Astrand
2009-12-23 14:17:43 +01:00
parent 4182a61eba be73fa4687
commit e35864d267
73 changed files with 2722 additions and 2095 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
appl/dceutils/k5dce.h
View File

@@ -55,7 +55,7 @@ typedef unsigned char krb5_octet;
typedef krb5_octet krb5_boolean;
typedef krb5short krb5_keytype; /* in k5.2 it's a short */
typedef krb5_int32 krb5_flags;
typedef krb5_int32 krb5_timestamp;
typedef krb5_int32 krb5_timestamp; /* is a time_t in krb5.h */
typedef char * krb5_pointer; /* pointer to unexposed data */

0
autogen.sh Normal file → Executable file
View File

2
configure.ac
View File

@@ -167,7 +167,7 @@ AM_CONDITIONAL(SQLITE3, test "X$with_sqlite3" = Xyes)
AC_ARG_ENABLE(sqlite-cache,
AS_HELP_STRING([--disable-sqlite-cache],[if you want support for cache in sqlite]))
if test "$enable_sqlite_cache" != no; then
AC_DEFINE(HAVE_SCC, 1, [Define if you want support for DCE/DFS PAG's.])
AC_DEFINE(HAVE_SCC, 1, [Define if you want support for cache in sqlite.])
fi
AM_CONDITIONAL(have_scc, test "$enable_sqlite_cache" != no)

23
include/NTMakefile
View File

@@ -43,19 +43,12 @@ INCFILES= \
$(INCDIR)\krb5-types.h \
$(INCDIR)\version.h
MAKECRYPTO=$(OBJ)\make_crypto.exe
$(INCDIR)\krb5-types.h: $(OBJ)\bits.exe
$(OBJ)\bits.exe $(INCDIR)\krb5-types.h
$(MAKECRYPTO): $(OBJ)\make_crypto.obj
$(OBJ)\bits.exe: $(OBJ)\bits.obj
$(EXECONLINK)
$(_VC_MANIFEST_EMBED_EXE)
$(_VC_MANIFEST_CLEAN)
$(_CODESIGN)
$(INCDIR)\krb5-types.h: krb5-types.h.w32
$(CP) $** $@
$(INCDIR)\crypto-headers.h: $(MAKECRYPTO)
$(MAKECRYPTO) $@
$(EXEPREP_NODIST)
$(INCDIR)\config.h: config.h.w32 ..\windows\NTMakefile.config NTMakefile
$(PERL) << < config.h.w32 > $@
@@ -79,14 +72,16 @@ while(<>) {
if ("$(HAVE_PTHREAD_H)") { print "#define HAVE_PTHREAD_H 1\n"; }
if ("$(ENV_HACK)") { print "#define ENV_HACK 1\n"; }
if ("$(HAVE_KCM)") { print "#define HAVE_KCM 1\n"; }
if ("$(DIR_hdbdir)") { print "#define HDB_DB_DIR \"$(DIR_hdbdir)\"\n"; }
if ("$(HAVE_SCC)") { print "#define HAVE_SCC 1\n"; }
if ("$(DIR_hdbdir)") { print "#define HDB_DB_DIR \"".'$(DIR_hdbdir)'."\"\n"; }
} elsif (m/\@VERSION_OPTDEFS\@/) {
if ("$(VER_PRERELEASE)") { print "#define VER_PRERELEASE 1\n"; }
if ("$(VER_PRIVATE)") { print "#define VER_PRIVATE \"$(VER_PRIVATE)\""; }
if ("$(VER_SPECIAL)") { print "#define VER_SPECIAL \"$(VER_SPECIAL)\""; }
if ("$(VER_PRIVATE)") { print "#define VER_PRIVATE \"$(VER_PRIVATE)\"\n"; }
if ("$(VER_SPECIAL)") { print "#define VER_SPECIAL \"$(VER_SPECIAL)\"\n"; }
if ("$(BUILD)" =~ "dbg") { print "#define VER_DEBUG 1\n"; }
print "#define HOST \"$(COMPUTERNAME)\"\n";
} else {

8
include/bits.c
View File

@@ -39,6 +39,9 @@ RCSID("$Id$");
#include <string.h>
#include <stdlib.h>
#include <ctype.h>
#ifdef WIN32
#include <ws2tcpip.h>
#endif
#define BITSIZE(TYPE) \
{ \
@@ -157,7 +160,11 @@ int main(int argc, char **argv)
fprintf(f, "#include <netinet/in6_machtypes.h>\n");
#endif
#ifdef HAVE_SOCKLEN_T
#ifndef WIN32
fprintf(f, "#include <sys/socket.h>\n");
#else
fprintf(f, "#include <ws2tcpip.h>\n");
#endif
#endif
fprintf(f, "\n");
@@ -236,7 +243,6 @@ int main(int argc, char **argv)
fprintf(f, "\n");
#if defined(_WIN32)
#include <ws2tcpip.h>
fprintf(f, "typedef SOCKET krb5_socket_t;\n");
#else
fprintf(f, "typedef int krb5_socket_t;\n");

3
include/kadm5/Makefile.am
View File

@@ -2,4 +2,5 @@
include $(top_srcdir)/Makefile.am.common
CLEANFILES = admin.h kadm5_err.h private.h kadm5-private.h kadm5-protos.h
CLEANFILES = admin.h kadm5_err.h private.h
CLEANFILES += kadm5-private.h kadm5-protos.h kadm5-pwcheck.h

41
kadmin/kadm_conn.c
View File

@@ -124,15 +124,15 @@ spawn_child(krb5_context context, int *socks,
struct sockaddr_storage __ss;
struct sockaddr *sa = (struct sockaddr *)&__ss;
socklen_t sa_size = sizeof(__ss);
int s;
krb5_socket_t s;
pid_t pid;
krb5_address addr;
char buf[128];
size_t buf_len;
s = accept(socks[this_sock], sa, &sa_size);
if(s < 0) {
krb5_warn(context, errno, "accept");
if(rk_IS_BAD_SOCKET(s)) {
krb5_warn(context, rk_SOCK_ERRNO, "accept");
return 1;
}
e = krb5_sockaddr2address(context, sa, &addr);
@@ -151,21 +151,21 @@ spawn_child(krb5_context context, int *socks,
pid = fork();
if(pid == 0) {
for(i = 0; i < num_socks; i++)
close(socks[i]);
rk_closesocket(socks[i]);
dup2(s, STDIN_FILENO);
dup2(s, STDOUT_FILENO);
if(s != STDIN_FILENO && s != STDOUT_FILENO)
close(s);
rk_closesocket(s);
return 0;
} else {
close(s);
rk_closesocket(s);
}
return 1;
}
static int
wait_for_connection(krb5_context context,
int *socks, unsigned int num_socks)
krb5_socket_t *socks, unsigned int num_socks)
{
unsigned int i;
int e;
@@ -195,9 +195,9 @@ wait_for_connection(krb5_context context,
while (term_flag == 0) {
read_set = orig_read_set;
e = select(max_fd + 1, &read_set, NULL, NULL, NULL);
if(e < 0) {
if(errno != EINTR)
krb5_warn(context, errno, "select");
if(rk_IS_SOCKET_ERROR(e)) {
if(rk_SOCK_ERRNO != EINTR)
krb5_warn(context, rk_SOCK_ERRNO, "select");
} else if(e == 0)
krb5_warnx(context, "select returned 0");
else {
@@ -226,7 +226,7 @@ start_server(krb5_context context)
int e;
struct kadm_port *p;
int *socks = NULL, *tmp;
krb5_socket_t *socks = NULL, *tmp;
unsigned int num_socks = 0;
int i;
@@ -259,23 +259,23 @@ start_server(krb5_context context)
}
socks = tmp;
for(ap = ai; ap; ap = ap->ai_next) {
int s = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol);
if(s < 0) {
krb5_warn(context, errno, "socket");
krb5_socket_t s = socket(ap->ai_family, ap->ai_socktype, ap->ai_protocol);
if(rk_IS_BAD_SOCKET(s)) {
krb5_warn(context, rk_SOCK_ERRNO, "socket");
continue;
}
socket_set_reuseaddr(s, 1);
socket_set_ipv6only(s, 1);
if (bind (s, ap->ai_addr, ap->ai_addrlen) < 0) {
krb5_warn(context, errno, "bind");
close(s);
if (rk_IS_SOCKET_ERROR(bind (s, ap->ai_addr, ap->ai_addrlen))) {
krb5_warn(context, rk_SOCK_ERRNO, "bind");
rk_closesocket(s);
continue;
}
if (listen (s, SOMAXCONN) < 0) {
krb5_warn(context, errno, "listen");
close(s);
if (rk_IS_SOCKET_ERROR(listen (s, SOMAXCONN))) {
krb5_warn(context, rk_SOCK_ERRNO, "listen");
rk_closesocket(s);
continue;
}
socks[num_socks++] = s;
@@ -284,5 +284,6 @@ start_server(krb5_context context)
}
if(num_socks == 0)
krb5_errx(context, 1, "no sockets to listen to - exiting");
return wait_for_connection(context, socks, num_socks);
}

15
kadmin/kadmind.c
View File

@@ -95,6 +95,7 @@ main(int argc, char **argv)
int i;
krb5_log_facility *logfacility;
krb5_keytab keytab;
krb5_socket_t sfd = rk_INVALID_SOCKET;
setprogname(argv[0]);
@@ -168,8 +169,9 @@ main(int argc, char **argv)
"tcp", 749);
else
debug_port = htons(atoi(port_str));
mini_inetd(debug_port, NULL);
mini_inetd(debug_port, &sfd);
} else {
#ifndef NO_INETD
struct sockaddr_storage __ss;
struct sockaddr *sa = (struct sockaddr *)&__ss;
socklen_t sa_size = sizeof(__ss);
@@ -180,17 +182,22 @@ main(int argc, char **argv)
*/
if(roken_getsockname(STDIN_FILENO, sa, &sa_size) < 0 &&
errno == ENOTSOCK) {
SOCK_ERRNO == ENOTSOCK) {
#endif
parse_ports(context, port_str ? port_str : "+");
pidfile(NULL);
start_server(context);
start_server(context, &sfd);
#ifndef NO_INETD
} else {
sfd = STDIN_FILENO;
}
#endif
}
if(realm)
krb5_set_default_realm(context, realm); /* XXX */
kadmind_loop(context, keytab, STDIN_FILENO);
kadmind_loop(context, keytab, sfd);
return 0;
}

4
kadmin/rpc.c
View File

@@ -1091,13 +1091,13 @@ process_stream(krb5_context context,
int
handle_mit(krb5_context context, void *buf, size_t len, int fd)
handle_mit(krb5_context context, void *buf, size_t len, krb5_socket_t sock)
{
krb5_storage *sp;
dcontext = context;
sp = krb5_storage_from_fd(fd);
sp = krb5_storage_from_fd(sock);
INSIST(sp != NULL);
process_stream(context, buf, len, sp);

14
kadmin/server.c
View File

@@ -440,7 +440,7 @@ v5_loop (krb5_context context,
krb5_auth_context ac,
krb5_boolean initial,
void *kadm_handle,
int fd)
krb5_socket_t fd)
{
krb5_error_code ret;
krb5_data in, out;
@@ -476,7 +476,7 @@ match_appl_version(const void *data, const char *appl_version)
static void
handle_v5(krb5_context context,
krb5_keytab keytab,
int fd)
krb5_socket_t fd)
{
krb5_error_code ret;
krb5_ticket *ticket;
@@ -539,13 +539,13 @@ handle_v5(krb5_context context,
krb5_error_code
kadmind_loop(krb5_context context,
krb5_keytab keytab,
int fd)
krb5_socket_t sock)
{
u_char buf[sizeof(KRB5_SENDAUTH_VERSION) + 4];
ssize_t n;
unsigned long len;
n = krb5_net_read(context, &fd, buf, 4);
n = krb5_net_read(context, &sock, buf, 4);
if(n == 0)
exit(0);
if(n < 0)
@@ -554,21 +554,21 @@ kadmind_loop(krb5_context context,
if (len == sizeof(KRB5_SENDAUTH_VERSION)) {
n = krb5_net_read(context, &fd, buf + 4, len);
n = krb5_net_read(context, &sock, buf + 4, len);
if (n < 0)
krb5_err (context, 1, errno, "reading sendauth version");
if (n == 0)
krb5_errx (context, 1, "EOF reading sendauth version");
if(memcmp(buf + 4, KRB5_SENDAUTH_VERSION, len) == 0) {
handle_v5(context, keytab, fd);
handle_v5(context, keytab, sock);
return 0;
}
len += 4;
} else
len = 4;
handle_mit(context, buf, len, fd);
handle_mit(context, buf, len, sock);
return 0;
}

10
kadmin/stash.c
View File

@@ -128,12 +128,18 @@ stash(struct stash_options *opt, int argc, char **argv)
unlink(new);
else {
unlink(old);
#ifndef NO_POSIX_LINKS
if(link(opt->key_file_string, old) < 0 && errno != ENOENT) {
ret = errno;
unlink(new);
} else if(rename(new, opt->key_file_string) < 0) {
ret = errno;
} else {
#endif
if(rename(new, opt->key_file_string) < 0) {
ret = errno;
}
#ifndef NO_POSIX_LINKS
}
#endif
}
out:
free(old);

15
kdc/NTMakefile
View File

@@ -37,7 +37,11 @@ BINPROGRAMS=$(BINDIR)\string2key.exe
SBINPROGRAMS=$(SBINDIR)\kstash.exe
LIBEXECPROGRAMS=$(LIBEXECDIR)\hprop.exe $(LIBEXECDIR)\hpropd.exe $(LIBEXECDIR)\kdc.exe
LIBEXECPROGRAMS= \
$(LIBEXECDIR)\hprop.exe \
$(LIBEXECDIR)\hpropd.exe \
$(LIBEXECDIR)\kdc.exe \
# $(LIBEXECDIR)\digest-service.exe
NOINST_PROGRAMS=$(OBJ)\kdc-replay.exe
@@ -90,7 +94,14 @@ $(BINDIR)\string2key.exe: $(OBJ)\string2key.obj $(BIN_LIBS)
$(_VC_MANIFEST_CLEAN)
$(_CODESIGN)
$(LIBEXECDIR)\kdc.exe: $(OBJ)\connect.obj $(OBJ)\config.obj $(OBJ)\main.obj $(LIBKDC) $(BIN_LIBS)
$(BINDIR)\digest-service.exe: $(OBJ)\digest-service.obj $(BIN_LIBS)
$(EXECONLINK)
$(_VC_MANIFEST_EMBED_EXE)
$(_VC_MANIFEST_CLEAN)
$(_CODESIGN)
$(LIBEXECDIR)\kdc.exe: \
$(OBJ)\connect.obj $(OBJ)\config.obj $(OBJ)\announce.obj $(OBJ)\main.obj $(LIBKDC) $(BIN_LIBS)
$(EXECONLINK)
$(_VC_MANIFEST_EMBED_EXE)
$(_VC_MANIFEST_CLEAN)

2
kdc/connect.c
View File

@@ -877,11 +877,13 @@ loop(krb5_context context,
clear_descr(&d[i]);
continue;
}
#ifndef NO_LIMIT_FD_SETSIZE
if(max_fd < d[i].s)
max_fd = d[i].s;
#ifdef FD_SETSIZE
if (max_fd >= FD_SETSIZE)
krb5_errx(context, 1, "fd too large");
#endif
#endif
FD_SET(d[i].s, &fds);
} else if(min_free < 0 || i < min_free)

3
kdc/kerberos5.c
View File

@@ -286,8 +286,9 @@ _kdc_encode_reply(krb5_context context,
ret = krb5_crypto_init(context, skey, etype, &crypto);
if (ret) {
const char *msg;
free(buf);
const char *msg = krb5_get_error_message(context, ret);
msg = krb5_get_error_message(context, ret);
kdc_log(context, config, 0, "krb5_crypto_init failed: %s", msg);
krb5_free_error_message(context, msg);
return ret;

1
kdc/libkdc-exports.def
View File

@@ -10,3 +10,4 @@ EXPORTS
krb5_kdc_process_request
krb5_kdc_save_request
krb5_kdc_update_time
krb5_kdc_pk_initialize

106
lib/asn1/NTMakefile
View File

@@ -37,8 +37,8 @@ gen_files_k5 = \
$(OBJ)\asn1_AD_AND_OR.x \
$(OBJ)\asn1_AD_IF_RELEVANT.x \
$(OBJ)\asn1_AD_KDCIssued.x \
$(OBJ)\asn1_AD_MANDATORY_FOR_KDC.x \
$(OBJ)\asn1_AD_LoginAlias.x \
$(OBJ)\asn1_AD_MANDATORY_FOR_KDC.x \
$(OBJ)\asn1_APOptions.x \
$(OBJ)\asn1_AP_REP.x \
$(OBJ)\asn1_AP_REQ.x \
@@ -66,12 +66,15 @@ gen_files_k5 = \
$(OBJ)\asn1_EncryptedData.x \
$(OBJ)\asn1_EncryptionKey.x \
$(OBJ)\asn1_EtypeList.x \
$(OBJ)\asn1_FastOptions.x \
$(OBJ)\asn1_HostAddress.x \
$(OBJ)\asn1_HostAddresses.x \
$(OBJ)\asn1_KDCOptions.x \
$(OBJ)\asn1_KDC_REP.x \
$(OBJ)\asn1_KDC_REQ.x \
$(OBJ)\asn1_KDC_REQ_BODY.x \
$(OBJ)\asn1_KRB5SignedPath.x \
$(OBJ)\asn1_KRB5SignedPathData.x \
$(OBJ)\asn1_KRB_CRED.x \
$(OBJ)\asn1_KRB_ERROR.x \
$(OBJ)\asn1_KRB_PRIV.x \
@@ -80,27 +83,35 @@ gen_files_k5 = \
$(OBJ)\asn1_KerberosString.x \
$(OBJ)\asn1_KerberosTime.x \
$(OBJ)\asn1_KrbCredInfo.x \
$(OBJ)\asn1_KrbFastArmor.x \
$(OBJ)\asn1_KrbFastArmoredRep.x \
$(OBJ)\asn1_KrbFastArmoredReq.x \
$(OBJ)\asn1_KrbFastFinished.x \
$(OBJ)\asn1_KrbFastReq.x \
$(OBJ)\asn1_KrbFastResponse.x \
$(OBJ)\asn1_LR_TYPE.x \
$(OBJ)\asn1_LastReq.x \
$(OBJ)\asn1_MESSAGE_TYPE.x \
$(OBJ)\asn1_METHOD_DATA.x \
$(OBJ)\asn1_NAME_TYPE.x \
$(OBJ)\asn1_PA_FX_FAST_REPLY.x \
$(OBJ)\asn1_PA_FX_FAST_REQUEST.x \
$(OBJ)\asn1_PADATA_TYPE.x \
$(OBJ)\asn1_PA_ClientCanonicalized.x \
$(OBJ)\asn1_PA_ClientCanonicalizedNames.x \
$(OBJ)\asn1_PA_DATA.x \
$(OBJ)\asn1_PA_ENC_SAM_RESPONSE_ENC.x \
$(OBJ)\asn1_PA_ENC_SAM_RESPONSE_ENC.x \
$(OBJ)\asn1_PA_ENC_TS_ENC.x \
$(OBJ)\asn1_PA_PAC_REQUEST.x \
$(OBJ)\asn1_PA_S4U2Self.x \
$(OBJ)\asn1_PA_SAM_CHALLENGE_2.x \
$(OBJ)\asn1_PA_SAM_CHALLENGE_2_BODY.x \
$(OBJ)\asn1_PA_SAM_CHALLENGE_2_BODY.x \
$(OBJ)\asn1_PA_SAM_REDIRECT.x \
$(OBJ)\asn1_PA_SAM_RESPONSE_2.x \
$(OBJ)\asn1_PA_SAM_TYPE.x \
$(OBJ)\asn1_PA_ClientCanonicalized.x \
$(OBJ)\asn1_PA_ClientCanonicalizedNames.x \
$(OBJ)\asn1_PA_SvrReferralData.x \
$(OBJ)\asn1_PA_ServerReferralData.x \
$(OBJ)\asn1_PA_SERVER_REFERRAL_DATA.x \
$(OBJ)\asn1_PA_ServerReferralData.x \
$(OBJ)\asn1_PA_SvrReferralData.x \
$(OBJ)\asn1_PROV_SRV_LOCATION.x \
$(OBJ)\asn1_Principal.x \
$(OBJ)\asn1_PrincipalName.x \
@@ -115,9 +126,7 @@ gen_files_k5 = \
$(OBJ)\asn1_TransitedEncoding.x \
$(OBJ)\asn1_TypedData.x \
$(OBJ)\asn1_krb5int32.x \
$(OBJ)\asn1_krb5uint32.x \
$(OBJ)\asn1_KRB5SignedPathData.x \
$(OBJ)\asn1_KRB5SignedPath.x
$(OBJ)\asn1_krb5uint32.x
gen_files_cms = \
$(OBJ)\asn1_CMSAttributes.x \
@@ -215,7 +224,6 @@ gen_files_rfc2459 = \
$(OBJ)\asn1_SubjectPublicKeyInfo.x \
$(OBJ)\asn1_TBSCRLCertList.x \
$(OBJ)\asn1_TBSCertificate.x \
$(OBJ)\asn1_TeletexStringx.x \
$(OBJ)\asn1_Time.x \
$(OBJ)\asn1_UniqueIdentifier.x \
$(OBJ)\asn1_ValidationParms.x \
@@ -426,8 +434,10 @@ gen_files_pkcs9 = \
$(OBJ)\asn1_PKCS9_friendlyName.x
gen_files_test = \
$(OBJ)\asn1_TESTOptional.x \
$(OBJ)\asn1_TESTAlloc.x \
$(OBJ)\asn1_TESTAllocInner.x \
$(OBJ)\asn1_TESTBitString.x \
$(OBJ)\asn1_TESTCONTAINING.x \
$(OBJ)\asn1_TESTCONTAININGENCODEDBY.x \
$(OBJ)\asn1_TESTCONTAININGENCODEDBY2.x \
@@ -441,14 +451,21 @@ gen_files_test = \
$(OBJ)\asn1_TESTInteger2.x \
$(OBJ)\asn1_TESTInteger3.x \
$(OBJ)\asn1_TESTLargeTag.x \
$(OBJ)\asn1_TESTSeq.x \
$(OBJ)\asn1_TESTUSERCONSTRAINED.x \
$(OBJ)\asn1_TESTSeqOf.x \
$(OBJ)\asn1_TESTOSSize1.x \
$(OBJ)\asn1_TESTPreserve.x \
$(OBJ)\asn1_TESTSeq.x \
$(OBJ)\asn1_TESTSeqOf.x \
$(OBJ)\asn1_TESTSeqOf2.x \
$(OBJ)\asn1_TESTSeqOf3.x \
$(OBJ)\asn1_TESTSeqOfSeq.x \
$(OBJ)\asn1_TESTSeqOfSeq2.x \
$(OBJ)\asn1_TESTSeqOfSeq3.x \
$(OBJ)\asn1_TESTSeqSizeOf1.x \
$(OBJ)\asn1_TESTSeqSizeOf2.x \
$(OBJ)\asn1_TESTSeqSizeOf3.x \
$(OBJ)\asn1_TESTSeqSizeOf4.x
$(OBJ)\asn1_TESTSeqSizeOf4.x \
$(OBJ)\asn1_TESTUSERCONSTRAINED.x \
$(OBJ)\asn1_TESTuint32.x
gen_files_digest = \
$(OBJ)\asn1_DigestError.x \
@@ -464,18 +481,22 @@ gen_files_digest = \
$(OBJ)\asn1_NTLMInit.x \
$(OBJ)\asn1_NTLMInitReply.x \
$(OBJ)\asn1_NTLMRequest.x \
$(OBJ)\asn1_NTLMResponse.x
$(OBJ)\asn1_NTLMRequest2.x \
$(OBJ)\asn1_NTLMResponse.x \
$(OBJ)\asn1_NTLMReply.x
gen_files_kx509 = \
$(OBJ)\asn1_Kx509Response.x \
$(OBJ)\asn1_KX509_ERROR_CODE.x \
$(OBJ)\asn1_Kx509Request.x
ASN1_BINARIES = \
$(BINDIR)\asn1_compile.exe \
$(BINDIR)\asn1_print.exe \
$(LIBEXECDIR)\asn1_compile.exe \
$(LIBEXECDIR)\asn1_print.exe \
$(BINDIR)\asn1_gen.exe
$(BINDIR)\asn1_compile.exe: \
$(OBJ)\asn1parse.obj \
$(OBJ)\gen.obj \
$(OBJ)\gen_copy.obj \
$(OBJ)\gen_decode.obj \
@@ -484,10 +505,10 @@ $(BINDIR)\asn1_compile.exe: \
$(OBJ)\gen_glue.obj \
$(OBJ)\gen_length.obj \
$(OBJ)\gen_seq.obj \
$(OBJ)\gen_template.obj \
$(OBJ)\hash.obj \
$(OBJ)\lex.obj \
$(OBJ)\main.obj \
$(OBJ)\asn1parse.obj \
$(OBJ)\symbol.obj
$(EXECONLINK) $(LIBROKEN) $(LIBVERS)
$(_VC_MANIFEST_EMBED_EXE)
@@ -675,25 +696,41 @@ $(gen_files_test) $(OBJ)\test_asn1.hx: $(BINDIR)\asn1_compile.exe test.asn1
|| ($(RM) $(OBJ)\test_asn1.h ; exit /b 1)
cd $(SRCDIR)
INCFILES=$(INCDIR)\der.h $(INCDIR)\heim_asn1.h $(INCDIR)\der-protos.h \
INCFILES= \
$(INCDIR)\der.h \
$(INCDIR)\heim_asn1.h \
$(INCDIR)\der-protos.h \
$(INCDIR)\der-private.h \
$(INCDIR)\asn1-common.h \
$(INCDIR)\asn1-template.h \
$(OBJ)\asn1_err.h
$(INCDIR)\der-protos.h: $(OBJ)\der-protos.h
GENINCFILES= \
$(INCDIR)\asn1_err.h \
$(INCDIR)\cms_asn1.h \
$(INCDIR)\digest_asn1.h \
$(INCDIR)\krb5_asn1.h \
$(INCDIR)\kx509_asn1.h \
$(INCDIR)\pkcs12_asn1.h \
$(INCDIR)\pkcs8_asn1.h \
$(INCDIR)\pkcs9_asn1.h \
$(INCDIR)\pkinit_asn1.h \
$(INCDIR)\rfc2459_asn1.h
GENINCFILES= \
$(INCDIR)\asn1_err.h \
$(INCDIR)\cms_asn1.h \
$(INCDIR)\digest_asn1.h \
$(INCDIR)\krb5_asn1.h \
$(INCDIR)\kx509_asn1.h \
$(INCDIR)\pkcs12_asn1.h \
$(INCDIR)\pkcs8_asn1.h \
$(INCDIR)\pkcs9_asn1.h \
$(INCDIR)\pkinit_asn1.h \
$(INCDIR)\rfc2459_asn1.h \
$(OBJ)\krb5_asn1-priv.h \
$(OBJ)\pkinit_asn1-priv.h \
$(OBJ)\cms_asn1-priv.h \
$(OBJ)\rfc2459_asn1-priv.h \
$(OBJ)\pkcs8_asn1-priv.h \
$(OBJ)\pkcs9_asn1-priv.h \
$(OBJ)\pkcs12_asn1-priv.h \
$(OBJ)\digest_asn1-priv.h \
$(OBJ)\kx509_asn1-priv.h \
$(OBJ)\test_asn1.h \
$(OBJ)\test_asn1-priv.h
libasn1_SOURCES= \
der-protos.h \
der_locl.h \
der.c \
der.h \
@@ -708,9 +745,12 @@ libasn1_SOURCES= \
extra.c \
timegm.c
$(OBJ)\der-protos.h: $(libasn1_SOURCES:der-protos.h=)
$(OBJ)\der-protos.h: $(libasn1_SOURCES)
$(PERL) ..\..\cf\make-proto.pl -q -P remove -o $(OBJ)\der-protos.h $(libasn1_SOURCES) || $(RM) $(OBJ)\der-protos.h
$(OBJ)\der-private.h: $(libasn1_SOURCES)
$(PERL) ..\..\cf\make-proto.pl -q -P remove -p $(OBJ)\der-private.h $(libasn1_SOURCES) || $(RM) $(OBJ)\der-private.h
clean::
-$(RM) $(INCDIR)\der-protos.h

4
lib/asn1/gen.c
View File

@@ -739,7 +739,7 @@ define_type (int level, const char *name, const char *basename, Type *t, int typ
/* pad unused */
while (pos < m->val) {
asprintf (&n, "_unused%d:1;", pos);
asprintf (&n, "_unused%d:1", pos);
define_type (level + 1, n, newbasename, &i, FALSE, FALSE);
free(n);
pos++;
@@ -755,7 +755,7 @@ define_type (int level, const char *name, const char *basename, Type *t, int typ
/* pad to 32 elements */
while (pos < 32) {
char *n;
asprintf (&n, "_unused%d:1;", pos);
asprintf (&n, "_unused%d:1", pos);
define_type (level + 1, n, newbasename, &i, FALSE, FALSE);
free(n);
pos++;

3191
lib/asn1/libasn1-exports.def
View File

File diff suppressed because it is too large Load Diff

2
lib/com_err/libcom_err-exports.def
View File

@@ -1,5 +1,6 @@
EXPORTS
com_right
com_right_r
free_error_table
initialize_error_table_r
add_to_error_table
@@ -10,3 +11,4 @@ EXPORTS
init_error_table
reset_com_err_hook
set_com_err_hook
_et_list DATA

343
lib/gssapi/NTMakefile
View File

@@ -42,6 +42,7 @@ krb5src = \
krb5/aeap.c \
krb5/arcfour.c \
krb5/canonicalize_name.c \
krb5/creds.c \
krb5/ccache_name.c \
krb5/cfx.c \
krb5/cfx.h \
@@ -101,6 +102,7 @@ mechsrc = \
mech/gss_compare_name.c \
mech/gss_context_time.c \
mech/gss_create_empty_oid_set.c \
mech/gss_cred.c \
mech/gss_decapsulate_token.c \
mech/gss_delete_sec_context.c \
mech/gss_display_name.c \
@@ -219,19 +221,15 @@ $(gssapi_files:.x=.c): $$(@R).x
$(spnego_files:.x=.c): $$(@R).x
$(OBJ)\gssapi\gssapi_asn1.h: $(OBJ)\gssapi\gssapi_asn1.hx
$(CP) $** $@
$(OBJ)\spnego\spnego_asn1.h: $(OBJ)\spnego\spnego_asn1.hx
$(CP) $** $@
$(gssapi_files) $(OBJ)\gssapi\gssapi_asn1.hx: $(BINDIR)\asn1_compile.exe mech\gssapi.asn1
$(gssapi_files) $(OBJ)\gssapi\gssapi_asn1.hx $(OBJ)\gssapi\gssapi_asn1-priv.hx: \
$(BINDIR)\asn1_compile.exe mech\gssapi.asn1
cd $(OBJ)\gssapi
$(BINDIR)\asn1_compile.exe $(SRCDIR)\mech\gssapi.asn1 gssapi_asn1 \
|| ( $(RM) $(OBJ)\gssapi\gssapi_asn1.h ; exit /b 1 )
cd $(SRCDIR)
$(spnego_files) $(OBJ)\spnego\spnego_asn1.hx: $(BINDIR)\asn1_compile.exe spnego\spnego.asn1
$(spnego_files) $(OBJ)\spnego\spnego_asn1.hx $(OBJ)\spnego\spnego_asn1-priv.hx: \
$(BINDIR)\asn1_compile.exe spnego\spnego.asn1
cd $(OBJ)\spnego
$(BINDIR)\asn1_compile --sequence=MechTypeList $(SRCDIR)\spnego\spnego.asn1 spnego_asn1 \
|| ( $(RM) $(OBJ)\spnego\spnego_asn1.h ; exit /b 1 )
@@ -242,164 +240,168 @@ $(OBJ)\gkrb5_err.c $(OBJ)\gkrb5_err.h: krb5\gkrb5_err.et
$(BINDIR)\compile_et.exe $(SRCDIR)\krb5\gkrb5_err.et
cd $(SRCDIR)
INCFILES= \
$(INCDIR)\gssapi.h \
$(INCDIR)\gssapi\gssapi.h \
$(INCDIR)\gssapi\gssapi_krb5.h \
$(INCDIR)\gssapi\gssapi_ntlm.h \
$(INCDIR)\gssapi\gssapi_spnego.h \
$(OBJ)\ntlm\ntlm-private.h \
$(OBJ)\spnego\spnego-private.h \
$(OBJ)\krb5\gsskrb5-private.h \
$(OBJ)\gkrb5_err.h \
$(OBJ)\gssapi\gssapi_asn1.h \
$(OBJ)\spnego\spnego_asn1.h
INCFILES= \
$(INCDIR)\gssapi.h \
$(INCDIR)\gssapi\gssapi.h \
$(INCDIR)\gssapi\gssapi_krb5.h \
$(INCDIR)\gssapi\gssapi_ntlm.h \
$(INCDIR)\gssapi\gssapi_spnego.h \
$(OBJ)\ntlm\ntlm-private.h \
$(OBJ)\spnego\spnego-private.h \
$(OBJ)\krb5\gsskrb5-private.h \
$(OBJ)\gkrb5_err.h \
$(OBJ)\gssapi\gssapi_asn1.h \
$(OBJ)\gssapi\gssapi_asn1-priv.h \
$(OBJ)\spnego\spnego_asn1.h \
$(OBJ)\spnego\spnego_asn1-priv.h
all:: $(INCFILES)
libgssapi_OBJs= \
$(OBJ)\krb5\8003.obj \
$(OBJ)\krb5\accept_sec_context.obj \
$(OBJ)\krb5\acquire_cred.obj \
$(OBJ)\krb5\add_cred.obj \
$(OBJ)\krb5\address_to_krb5addr.obj \
$(OBJ)\krb5\aeap.obj \
$(OBJ)\krb5\arcfour.obj \
$(OBJ)\krb5\canonicalize_name.obj \
$(OBJ)\krb5\ccache_name.obj \
$(OBJ)\krb5\cfx.obj \
$(OBJ)\krb5\compare_name.obj \
$(OBJ)\krb5\compat.obj \
$(OBJ)\krb5\context_time.obj \
$(OBJ)\krb5\copy_ccache.obj \
$(OBJ)\krb5\decapsulate.obj \
$(OBJ)\krb5\delete_sec_context.obj \
$(OBJ)\krb5\display_name.obj \
$(OBJ)\krb5\display_status.obj \
$(OBJ)\krb5\duplicate_name.obj \
$(OBJ)\krb5\encapsulate.obj \
$(OBJ)\krb5\export_name.obj \
$(OBJ)\krb5\export_sec_context.obj \
$(OBJ)\krb5\external.obj \
$(OBJ)\krb5\get_mic.obj \
$(OBJ)\krb5\import_name.obj \
$(OBJ)\krb5\import_sec_context.obj \
$(OBJ)\krb5\indicate_mechs.obj \
$(OBJ)\krb5\init.obj \
$(OBJ)\krb5\init_sec_context.obj \
$(OBJ)\krb5\inquire_context.obj \
$(OBJ)\krb5\inquire_cred.obj \
$(OBJ)\krb5\inquire_cred_by_mech.obj \
$(OBJ)\krb5\inquire_cred_by_oid.obj \
$(OBJ)\krb5\inquire_mechs_for_name.obj \
$(OBJ)\krb5\inquire_names_for_mech.obj \
$(OBJ)\krb5\inquire_sec_context_by_oid.obj \
$(OBJ)\krb5\process_context_token.obj \
$(OBJ)\krb5\prf.obj \
$(OBJ)\krb5\release_buffer.obj \
$(OBJ)\krb5\release_cred.obj \
$(OBJ)\krb5\release_name.obj \
$(OBJ)\krb5\sequence.obj \
$(OBJ)\krb5\store_cred.obj \
$(OBJ)\krb5\set_cred_option.obj \
$(OBJ)\krb5\set_sec_context_option.obj \
$(OBJ)\krb5\ticket_flags.obj \
$(OBJ)\krb5\unwrap.obj \
$(OBJ)\krb5\verify_mic.obj \
$(OBJ)\krb5\wrap.obj \
$(OBJ)\mech\context.obj \
$(OBJ)\mech\doxygen.obj \
$(OBJ)\mech\gss_accept_sec_context.obj \
$(OBJ)\mech\gss_acquire_cred.obj \
$(OBJ)\mech\gss_add_cred.obj \
$(OBJ)\mech\gss_add_oid_set_member.obj \
$(OBJ)\mech\gss_aeap.obj \
$(OBJ)\mech\gss_buffer_set.obj \
$(OBJ)\mech\gss_canonicalize_name.obj \
$(OBJ)\mech\gss_compare_name.obj \
$(OBJ)\mech\gss_context_time.obj \
$(OBJ)\mech\gss_create_empty_oid_set.obj \
$(OBJ)\mech\gss_decapsulate_token.obj \
$(OBJ)\mech\gss_delete_sec_context.obj \
$(OBJ)\mech\gss_display_name.obj \
$(OBJ)\mech\gss_display_status.obj \
$(OBJ)\mech\gss_duplicate_name.obj \
$(OBJ)\mech\gss_duplicate_oid.obj \
$(OBJ)\mech\gss_encapsulate_token.obj \
$(OBJ)\mech\gss_export_name.obj \
$(OBJ)\mech\gss_export_sec_context.obj \
$(OBJ)\mech\gss_get_mic.obj \
$(OBJ)\mech\gss_import_name.obj \
$(OBJ)\mech\gss_import_sec_context.obj \
$(OBJ)\mech\gss_indicate_mechs.obj \
$(OBJ)\mech\gss_init_sec_context.obj \
$(OBJ)\mech\gss_inquire_context.obj \
$(OBJ)\mech\gss_inquire_cred.obj \
$(OBJ)\mech\gss_inquire_cred_by_mech.obj \
$(OBJ)\mech\gss_inquire_cred_by_oid.obj \
$(OBJ)\mech\gss_inquire_mechs_for_name.obj \
$(OBJ)\mech\gss_inquire_names_for_mech.obj \
$(OBJ)\mech\gss_krb5.obj \
$(OBJ)\mech\gss_mech_switch.obj \
$(OBJ)\mech\gss_names.obj \
$(OBJ)\mech\gss_oid_equal.obj \
$(OBJ)\mech\gss_oid_to_str.obj \
$(OBJ)\mech\gss_process_context_token.obj \
$(OBJ)\mech\gss_pseudo_random.obj \
$(OBJ)\mech\gss_release_buffer.obj \
$(OBJ)\mech\gss_release_cred.obj \
$(OBJ)\mech\gss_release_name.obj \
$(OBJ)\mech\gss_release_oid.obj \
$(OBJ)\mech\gss_release_oid_set.obj \
$(OBJ)\mech\gss_seal.obj \
$(OBJ)\mech\gss_set_cred_option.obj \
$(OBJ)\mech\gss_set_sec_context_option.obj \
$(OBJ)\mech\gss_sign.obj \
$(OBJ)\mech\gss_store_cred.obj \
$(OBJ)\mech\gss_test_oid_set_member.obj \
$(OBJ)\mech\gss_unseal.obj \
$(OBJ)\mech\gss_unwrap.obj \
$(OBJ)\mech\gss_utils.obj \
$(OBJ)\mech\gss_verify.obj \
$(OBJ)\mech\gss_verify_mic.obj \
$(OBJ)\mech\gss_wrap.obj \
$(OBJ)\mech\gss_wrap_size_limit.obj \
$(OBJ)\mech\gss_inquire_sec_context_by_oid.obj \
$(OBJ)\ntlm\accept_sec_context.obj \
$(OBJ)\ntlm\acquire_cred.obj \
$(OBJ)\ntlm\add_cred.obj \
$(OBJ)\ntlm\canonicalize_name.obj \
$(OBJ)\ntlm\compare_name.obj \
$(OBJ)\ntlm\context_time.obj \
$(OBJ)\ntlm\crypto.obj \
$(OBJ)\ntlm\delete_sec_context.obj \
$(OBJ)\ntlm\display_name.obj \
$(OBJ)\ntlm\display_status.obj \
$(OBJ)\ntlm\duplicate_name.obj \
$(OBJ)\ntlm\export_name.obj \
$(OBJ)\ntlm\export_sec_context.obj \
$(OBJ)\ntlm\external.obj \
$(OBJ)\ntlm\import_name.obj \
$(OBJ)\ntlm\import_sec_context.obj \
$(OBJ)\ntlm\indicate_mechs.obj \
$(OBJ)\ntlm\init_sec_context.obj \
$(OBJ)\ntlm\inquire_context.obj \
$(OBJ)\ntlm\inquire_cred.obj \
$(OBJ)\ntlm\inquire_cred_by_mech.obj \
$(OBJ)\ntlm\inquire_mechs_for_name.obj \
$(OBJ)\ntlm\inquire_names_for_mech.obj \
$(OBJ)\ntlm\process_context_token.obj \
$(OBJ)\ntlm\release_cred.obj \
$(OBJ)\ntlm\release_name.obj \
$(OBJ)\ntlm\kdc.obj \
$(OBJ)\spnego\accept_sec_context.obj \
$(OBJ)\spnego\compat.obj \
$(OBJ)\spnego\context_stubs.obj \
$(OBJ)\spnego\cred_stubs.obj \
$(OBJ)\spnego\external.obj \
$(OBJ)\spnego\init_sec_context.obj \
libgssapi_OBJs = \
$(OBJ)\krb5/8003.obj \
$(OBJ)\krb5/accept_sec_context.obj \
$(OBJ)\krb5/acquire_cred.obj \
$(OBJ)\krb5/add_cred.obj \
$(OBJ)\krb5/address_to_krb5addr.obj \
$(OBJ)\krb5/aeap.obj \
$(OBJ)\krb5/arcfour.obj \
$(OBJ)\krb5/canonicalize_name.obj \
$(OBJ)\krb5/creds.obj \
$(OBJ)\krb5/ccache_name.obj \
$(OBJ)\krb5/cfx.obj \
$(OBJ)\krb5/compare_name.obj \
$(OBJ)\krb5/compat.obj \
$(OBJ)\krb5/context_time.obj \
$(OBJ)\krb5/copy_ccache.obj \
$(OBJ)\krb5/decapsulate.obj \
$(OBJ)\krb5/delete_sec_context.obj \
$(OBJ)\krb5/display_name.obj \
$(OBJ)\krb5/display_status.obj \
$(OBJ)\krb5/duplicate_name.obj \
$(OBJ)\krb5/encapsulate.obj \
$(OBJ)\krb5/export_name.obj \
$(OBJ)\krb5/export_sec_context.obj \
$(OBJ)\krb5/external.obj \
$(OBJ)\krb5/get_mic.obj \
$(OBJ)\krb5/import_name.obj \
$(OBJ)\krb5/import_sec_context.obj \
$(OBJ)\krb5/indicate_mechs.obj \
$(OBJ)\krb5/init.obj \
$(OBJ)\krb5/init_sec_context.obj \
$(OBJ)\krb5/inquire_context.obj \
$(OBJ)\krb5/inquire_cred.obj \
$(OBJ)\krb5/inquire_cred_by_mech.obj \
$(OBJ)\krb5/inquire_cred_by_oid.obj \
$(OBJ)\krb5/inquire_mechs_for_name.obj \
$(OBJ)\krb5/inquire_names_for_mech.obj \
$(OBJ)\krb5/inquire_sec_context_by_oid.obj \
$(OBJ)\krb5/process_context_token.obj \
$(OBJ)\krb5/prf.obj \
$(OBJ)\krb5/release_buffer.obj \
$(OBJ)\krb5/release_cred.obj \
$(OBJ)\krb5/release_name.obj \
$(OBJ)\krb5/sequence.obj \
$(OBJ)\krb5/store_cred.obj \
$(OBJ)\krb5/set_cred_option.obj \
$(OBJ)\krb5/set_sec_context_option.obj \
$(OBJ)\krb5/ticket_flags.obj \
$(OBJ)\krb5/unwrap.obj \
$(OBJ)\krb5/verify_mic.obj \
$(OBJ)\krb5/wrap.obj \
$(OBJ)\mech/context.obj \
$(OBJ)\mech/doxygen.obj \
$(OBJ)\mech/gss_accept_sec_context.obj \
$(OBJ)\mech/gss_acquire_cred.obj \
$(OBJ)\mech/gss_add_cred.obj \
$(OBJ)\mech/gss_add_oid_set_member.obj \
$(OBJ)\mech/gss_aeap.obj \
$(OBJ)\mech/gss_buffer_set.obj \
$(OBJ)\mech/gss_canonicalize_name.obj \
$(OBJ)\mech/gss_compare_name.obj \
$(OBJ)\mech/gss_context_time.obj \
$(OBJ)\mech/gss_create_empty_oid_set.obj \
$(OBJ)\mech/gss_cred.obj \
$(OBJ)\mech/gss_decapsulate_token.obj \
$(OBJ)\mech/gss_delete_sec_context.obj \
$(OBJ)\mech/gss_display_name.obj \
$(OBJ)\mech/gss_display_status.obj \
$(OBJ)\mech/gss_duplicate_name.obj \
$(OBJ)\mech/gss_duplicate_oid.obj \
$(OBJ)\mech/gss_encapsulate_token.obj \
$(OBJ)\mech/gss_export_name.obj \
$(OBJ)\mech/gss_export_sec_context.obj \
$(OBJ)\mech/gss_get_mic.obj \
$(OBJ)\mech/gss_import_name.obj \
$(OBJ)\mech/gss_import_sec_context.obj \
$(OBJ)\mech/gss_indicate_mechs.obj \
$(OBJ)\mech/gss_init_sec_context.obj \
$(OBJ)\mech/gss_inquire_context.obj \
$(OBJ)\mech/gss_inquire_cred.obj \
$(OBJ)\mech/gss_inquire_cred_by_mech.obj \
$(OBJ)\mech/gss_inquire_cred_by_oid.obj \
$(OBJ)\mech/gss_inquire_mechs_for_name.obj \
$(OBJ)\mech/gss_inquire_names_for_mech.obj \
$(OBJ)\mech/gss_krb5.obj \
$(OBJ)\mech/gss_mech_switch.obj \
$(OBJ)\mech/gss_names.obj \
$(OBJ)\mech/gss_oid_equal.obj \
$(OBJ)\mech/gss_oid_to_str.obj \
$(OBJ)\mech/gss_process_context_token.obj \
$(OBJ)\mech/gss_pseudo_random.obj \
$(OBJ)\mech/gss_release_buffer.obj \
$(OBJ)\mech/gss_release_cred.obj \
$(OBJ)\mech/gss_release_name.obj \
$(OBJ)\mech/gss_release_oid.obj \
$(OBJ)\mech/gss_release_oid_set.obj \
$(OBJ)\mech/gss_seal.obj \
$(OBJ)\mech/gss_set_cred_option.obj \
$(OBJ)\mech/gss_set_sec_context_option.obj \
$(OBJ)\mech/gss_sign.obj \
$(OBJ)\mech/gss_store_cred.obj \
$(OBJ)\mech/gss_test_oid_set_member.obj \
$(OBJ)\mech/gss_unseal.obj \
$(OBJ)\mech/gss_unwrap.obj \
$(OBJ)\mech/gss_utils.obj \
$(OBJ)\mech/gss_verify.obj \
$(OBJ)\mech/gss_verify_mic.obj \
$(OBJ)\mech/gss_wrap.obj \
$(OBJ)\mech/gss_wrap_size_limit.obj \
$(OBJ)\mech/gss_inquire_sec_context_by_oid.obj \
$(OBJ)\spnego/accept_sec_context.obj \
$(OBJ)\spnego/compat.obj \
$(OBJ)\spnego/context_stubs.obj \
$(OBJ)\spnego/cred_stubs.obj \
$(OBJ)\spnego/external.obj \
$(OBJ)\spnego/init_sec_context.obj \
$(OBJ)\ntlm/accept_sec_context.obj \
$(OBJ)\ntlm/acquire_cred.obj \
$(OBJ)\ntlm/add_cred.obj \
$(OBJ)\ntlm/canonicalize_name.obj \
$(OBJ)\ntlm/compare_name.obj \
$(OBJ)\ntlm/context_time.obj \
$(OBJ)\ntlm/crypto.obj \
$(OBJ)\ntlm/delete_sec_context.obj \
$(OBJ)\ntlm/display_name.obj \
$(OBJ)\ntlm/display_status.obj \
$(OBJ)\ntlm/duplicate_name.obj \
$(OBJ)\ntlm/export_name.obj \
$(OBJ)\ntlm/export_sec_context.obj \
$(OBJ)\ntlm/external.obj \
$(OBJ)\ntlm/import_name.obj \
$(OBJ)\ntlm/import_sec_context.obj \
$(OBJ)\ntlm/indicate_mechs.obj \
$(OBJ)\ntlm/init_sec_context.obj \
$(OBJ)\ntlm/inquire_context.obj \
$(OBJ)\ntlm/inquire_cred.obj \
$(OBJ)\ntlm/inquire_cred_by_mech.obj \
$(OBJ)\ntlm/inquire_mechs_for_name.obj \
$(OBJ)\ntlm/inquire_names_for_mech.obj \
$(OBJ)\ntlm/process_context_token.obj \
$(OBJ)\ntlm/release_cred.obj \
$(OBJ)\ntlm/release_name.obj \
$(OBJ)\ntlm/kdc.obj \
$(OBJ)\gkrb5_err.obj \
$(spnego_files:.x=.obj) \
$(spnego_files:.x=.obj) \
$(gssapi_files:.x=.obj)
GCOPTS=-I$(SRCDIR) -I$(OBJ) -Igssapi -DBUILD_GSSAPI_LIB
@@ -446,6 +448,12 @@ GCOPTS=-I$(SRCDIR) -I$(OBJ) -Igssapi -DBUILD_GSSAPI_LIB
{gssapi}.h{$(INCDIR)\gssapi}.h:
$(CP) $** $@
{$(OBJ)\gssapi}.hx{$(OBJ)\gssapi}.h:
$(CP) $** $@
{$(OBJ)\spnego}.hx{$(OBJ)\spnego}.h:
$(CP) $** $@
LIBGSSAPI_LIBS=\
$(LIBROKEN) \
$(LIBASN1) \
@@ -516,3 +524,14 @@ clean::
-$(RM) $(OBJ)\spnego\*.*
-$(RM) $(OBJ)\mech\*.*
-$(RM) $(OBJ)\gssapi\*.*
!ifdef ELISP
# This macro invocation is used to update the libgssapi_OBJs
# definition below (generate-obj-macro is defined in maint.el):
(generate-obj-macro "libgssapi_OBJs"
(concat "\t$(OBJ)\\gkrb5_err.obj \\\n"
"\t$(spnego_files:.x=.obj) \\\n"
"\t$(gssapi_files:.x=.obj)")
"krb5src" "mechsrc" "spnegosrc" "ntlmsrc")
!endif

4
lib/gssapi/gssapi/gssapi.h
View File

@@ -45,10 +45,12 @@
#ifndef BUILD_GSSAPI_LIB
#if defined(_WIN32)
#define GSSAPI_LIB_FUNCTION _stdcall __declspec(dllimport)
#define GSSAPI_LIB_FUNCTION __declspec(dllimport)
#define GSSAPI_LIB_CALL __stdcall
#define GSSAPI_LIB_VARIABLE __declspec(dllimport)
#else
#define GSSAPI_LIB_FUNCTION
#define GSSAPI_LIB_CALL
#define GSSAPI_LIB_VARIABLE
#endif
#endif

16
lib/gssapi/gssapi/gssapi_krb5.h
View File

@@ -106,27 +106,27 @@ gss_krb5_ccache_name(OM_uint32 * /*minor_status*/,
const char ** /*out_name */);
OM_uint32 GSSAPI_LIB_FUNCTION gsskrb5_register_acceptor_identity
(const char */*identity*/);
(const char * /*identity*/);
OM_uint32 GSSAPI_LIB_FUNCTION krb5_gss_register_acceptor_identity
(const char */*identity*/);
(const char * /*identity*/);
OM_uint32 GSSAPI_LIB_FUNCTION gss_krb5_copy_ccache
(OM_uint32 */*minor*/,
(OM_uint32 * /*minor*/,
gss_cred_id_t /*cred*/,
struct krb5_ccache_data */*out*/);
struct krb5_ccache_data * /*out*/);
OM_uint32 GSSAPI_LIB_FUNCTION
gss_krb5_import_cred(OM_uint32 */*minor*/,
gss_krb5_import_cred(OM_uint32 * /*minor*/,
struct krb5_ccache_data * /*in*/,
struct Principal * /*keytab_principal*/,
struct krb5_keytab_data * /*keytab*/,
gss_cred_id_t */*out*/);
gss_cred_id_t * /*out*/);
OM_uint32 GSSAPI_LIB_FUNCTION gss_krb5_get_tkt_flags
(OM_uint32 */*minor*/,
(OM_uint32 * /*minor*/,
gss_ctx_id_t /*context_handle*/,
OM_uint32 */*tkt_flags*/);
OM_uint32 * /*tkt_flags*/);
OM_uint32 GSSAPI_LIB_FUNCTION
gsskrb5_extract_authz_data_from_sec_context

100
lib/gssapi/libgssapi-exports.def Normal file
View File

@@ -0,0 +1,100 @@
EXPORTS
GSS_KRB5_MECHANISM
GSS_NTLM_MECHANISM
GSS_SPNEGO_MECHANISM
GSS_SASL_DIGEST_MD5_MECHANISM
GSS_C_NT_ANONYMOUS
GSS_C_NT_EXPORT_NAME
GSS_C_NT_HOSTBASED_SERVICE
GSS_C_NT_HOSTBASED_SERVICE_X
GSS_C_NT_MACHINE_UID_NAME
GSS_C_NT_STRING_UID_NAME
GSS_C_NT_USER_NAME
GSS_KRB5_NT_PRINCIPAL_NAME
GSS_KRB5_NT_USER_NAME
GSS_KRB5_NT_MACHINE_UID_NAME
GSS_KRB5_NT_STRING_UID_NAME
gss_accept_sec_context
gss_acquire_cred
gss_add_buffer_set_member
gss_add_cred
gss_add_oid_set_member
gss_canonicalize_name
gss_compare_name
gss_context_query_attributes
gss_context_time
gss_create_empty_buffer_set
gss_create_empty_oid_set
gss_decapsulate_token
gss_delete_sec_context
gss_display_name
gss_display_status
gss_duplicate_name
gss_duplicate_oid
gss_encapsulate_token
gss_export_name
gss_export_sec_context
gss_get_mic
gss_import_name
gss_import_sec_context
gss_indicate_mechs
gss_init_sec_context
gss_inquire_context
gss_inquire_cred
gss_inquire_cred_by_mech
gss_inquire_cred_by_oid
gss_inquire_mechs_for_name
gss_inquire_names_for_mech
gss_inquire_sec_context_by_oid
gss_inquire_sec_context_by_oid
gss_krb5_ccache_name
gss_krb5_copy_ccache
gss_krb5_export_lucid_sec_context
gss_krb5_free_lucid_sec_context
gss_krb5_get_tkt_flags
gss_krb5_import_cred
gss_krb5_set_allowable_enctypes
gss_mg_collect_error
gss_oid_equal
gss_oid_to_str
gss_process_context_token
gss_pseudo_random
gss_release_buffer
gss_release_buffer_set
gss_release_cred
gss_release_iov_buffer
gss_release_name
gss_release_oid
gss_release_oid_set
gss_seal
gss_set_cred_option
gss_set_sec_context_option
gss_sign
gss_test_oid_set_member
gss_unseal
gss_unwrap
gss_unwrap_iov
gss_verify
gss_verify_mic
gss_wrap
gss_wrap_iov
gss_wrap_iov_length
gss_wrap_size_limit
gsskrb5_extract_authtime_from_sec_context
gsskrb5_extract_authz_data_from_sec_context
gsskrb5_extract_service_keyblock
gsskrb5_get_initiator_subkey
gsskrb5_get_subkey
gsskrb5_get_time_offset
gsskrb5_register_acceptor_identity
gsskrb5_set_default_realm
gsskrb5_set_dns_canonicalize
gsskrb5_set_send_to_kdc
gsskrb5_set_time_offset
krb5_gss_register_acceptor_identity
; _gsskrb5cfx_ are really internal symbols, but export
; then now to make testing easier.
_gsskrb5cfx_wrap_length_cfx
_gssapi_wrap_size_cfx

8
lib/gssapi/ntlm/accept_sec_context.c
View File

@@ -41,17 +41,17 @@ OM_uint32
_gss_ntlm_allocate_ctx(OM_uint32 *minor_status, ntlm_ctx *ctx)
{
OM_uint32 maj_stat;
struct ntlm_server_interface *interface = NULL;
struct ntlm_server_interface *ns_interface = NULL;
#ifdef DIGEST
interface = &ntlmsspi_kdc_digest;
ns_interface = &ntlmsspi_kdc_digest;
#endif
if (interface == NULL)
if (ns_interface == NULL)
return GSS_S_FAILURE;
*ctx = calloc(1, sizeof(**ctx));
(*ctx)->server = interface;
(*ctx)->server = ns_interface;
maj_stat = (*(*ctx)->server->nsi_init)(minor_status, &(*ctx)->ictx);
if (maj_stat != GSS_S_COMPLETE)

3
lib/gssapi/ntlm/ntlm.h
View File

@@ -44,12 +44,13 @@
#include <string.h>
#include <errno.h>
#include <roken.h>
#include <gssapi.h>
#include <gssapi_ntlm.h>
#include <gssapi_mech.h>
#include <krb5.h>
#include <roken.h>
#include <heim_threads.h>
#include <heimntlm.h>

4
lib/gssapi/spnego/spnego_locl.h
View File

@@ -44,6 +44,8 @@
#include <sys/param.h>
#endif
#include <roken.h>
#ifdef HAVE_PTHREAD_H
#include <pthread.h>
#endif
@@ -69,8 +71,6 @@
#include "utils.h"
#include <der.h>
#include <roken.h>
#define ALLOC(X, N) (X) = calloc((N), sizeof(*(X)))
typedef struct {

58
lib/hcrypto/NTMakefile
View File

@@ -31,7 +31,7 @@
RELDIR=lib\hcrypto
AUXCFLAGS=$(AUXCFLAGS) -DKRB5 -I$(INCDIR)\hcrypto
AUXCFLAGS=$(AUXCFLAGS) -DKRB5 -I$(HCRYPTOINCLUDEDIR)
!include ../../windows/NTMakefile.w32
@@ -45,8 +45,13 @@ INCFILES= \
$(HCRYPTOINCLUDEDIR)\des.h \
$(HCRYPTOINCLUDEDIR)\dh.h \
$(HCRYPTOINCLUDEDIR)\dsa.h \
$(HCRYPTOINCLUDEDIR)\ec.h \
$(HCRYPTOINCLUDEDIR)\ecdh.h \
$(HCRYPTOINCLUDEDIR)\ecdsa.h \
$(HCRYPTOINCLUDEDIR)\engine.h \
$(HCRYPTOINCLUDEDIR)\evp.h \
$(HCRYPTOINCLUDEDIR)\evp-hcrypto.h \
$(HCRYPTOINCLUDEDIR)\evp-cc.h \
$(HCRYPTOINCLUDEDIR)\hmac.h \
$(HCRYPTOINCLUDEDIR)\md2.h \
$(HCRYPTOINCLUDEDIR)\md4.h \
@@ -74,8 +79,8 @@ all:: $(INCFILES)
# libhcrypto
libhcrypt_OBJs = \
$(OBJ)\imath.obj \
libhcrypto_OBJs = \
$(OBJ)\imath.obj \
$(OBJ)\iprime.obj \
$(OBJ)\aes.obj \
$(OBJ)\bn.obj \
@@ -87,16 +92,14 @@ libhcrypt_OBJs = \
$(OBJ)\dsa.obj \
$(OBJ)\evp.obj \
$(OBJ)\evp-hcrypto.obj \
$(OBJ)\evp-aes-cts.obj \
$(OBJ)\engine.obj \
$(OBJ)\hmac.obj \
$(OBJ)\md2.obj \
$(OBJ)\md4.obj \
$(OBJ)\md5.obj \
$(OBJ)\pkcs5.obj \
$(OBJ)\pkcs5.obj \
$(OBJ)\pkcs12.obj \
$(OBJ)\rand-fortuna.obj \
$(OBJ)\rand-timer.obj \
$(OBJ)\rand-w32.obj \
$(OBJ)\rand.obj \
$(OBJ)\rc2.obj \
$(OBJ)\rc4.obj \
@@ -113,13 +116,13 @@ libhcrypt_OBJs = \
$(LIBHCRYPTO): $(BINDIR)\libhcrypto.dll
$(BINDIR)\libhcrypto.dll: $(libhcrypt_OBJs) $(LIBROKEN) $(LIBASN1)
$(BINDIR)\libhcrypto.dll: $(libhcrypto_OBJs) $(LIBROKEN) $(LIBASN1)
$(DLLGUILINK) -def:libhcrypto-exports.def -implib:$(LIBHCRYPTO)
$(DLLPREP)
!else
$(LIBHCRYPTO): $(libhcrypt_OBJs)
$(LIBHCRYPTO): $(libhcrypto_OBJs)
$(LIBCON)
!endif
@@ -136,27 +139,28 @@ clean::
TESTLIB=$(OBJ)\libhctest.lib
$(TESTLIB): \
$(OBJ)\imath.obj \
$(OBJ)\des.obj \
$(TESTLIB): \
$(OBJ)\imath.obj \
$(OBJ)\des.obj \
$(OBJ)\ui.obj
$(LIBCON)
test-binaries: \
$(OBJ)\destest.exe \
$(OBJ)\mdtest.exe \
$(OBJ)\rc2test.exe \
$(OBJ)\rctest.exe \
$(OBJ)\test_bn.exe \
$(OBJ)\test_cipher.exe \
$(OBJ)\test_engine_dso.exe \
$(OBJ)\test_hmac.exe \
$(OBJ)\test_imath.exe \
$(OBJ)\test_pkcs5.exe \
$(OBJ)\test_pkcs12.exe \
$(OBJ)\test_rsa.exe \
$(OBJ)\test_dh.exe \
$(OBJ)\test_rand.exe \
test-binaries: \
$(OBJ)\destest.exe \
$(OBJ)\example_evp_cipher.exe \
$(OBJ)\mdtest.exe \
$(OBJ)\rc2test.exe \
$(OBJ)\rctest.exe \
$(OBJ)\test_bn.exe \
$(OBJ)\test_cipher.exe \
$(OBJ)\test_engine_dso.exe \
$(OBJ)\test_hmac.exe \
$(OBJ)\test_imath.exe \
$(OBJ)\test_pkcs5.exe \
$(OBJ)\test_pkcs12.exe \
$(OBJ)\test_rsa.exe \
$(OBJ)\test_dh.exe \
$(OBJ)\test_rand.exe \
$(OBJ)\test_crypto.sh
$(OBJ)\destest.exe: $(OBJ)\destest.obj $(TESTLIB) $(LIBROKEN)

45
lib/hcrypto/libhcrypto-exports.def
View File

@@ -138,14 +138,6 @@ EXPORTS
hc_EVP_aes_128_cbc
hc_EVP_aes_192_cbc
hc_EVP_aes_256_cbc
hc_EVP_hcrypto_aes_128_cbc
hc_EVP_hcrypto_aes_192_cbc
hc_EVP_hcrypto_aes_256_cbc
hc_EVP_hcrypto_aes_128_cts
hc_EVP_hcrypto_aes_256_cts
; hc_EVP_hcrypto_aes_cts_128_cbc
; hc_EVP_hcrypto_aes_cts_192_cbc
; hc_EVP_hcrypto_aes_cts_256_cbc
hc_EVP_des_cbc
hc_EVP_des_ede3_cbc
hc_EVP_camellia_128_cbc
@@ -165,6 +157,33 @@ EXPORTS
hc_EVP_sha
hc_EVP_sha1
hc_EVP_sha256
; hc_EVP_cc_md2
; hc_EVP_cc_md4
; hc_EVP_cc_md5
; hc_EVP_cc_sha1
; hc_EVP_cc_sha256
; hc_EVP_cc_des_ede3_cbc
; hc_EVP_cc_aes_128_cbc
; hc_EVP_cc_aes_192_cbc
; hc_EVP_cc_aes_256_cbc
hc_EVP_hcrypto_md2
hc_EVP_hcrypto_md4
hc_EVP_hcrypto_md5
hc_EVP_hcrypto_sha1
hc_EVP_hcrypto_sha256
hc_EVP_hcrypto_des_ede3_cbc
hc_EVP_hcrypto_aes_128_cbc
hc_EVP_hcrypto_aes_192_cbc
hc_EVP_hcrypto_aes_256_cbc
hc_EVP_hcrypto_rc4
hc_EVP_hcrypto_rc4_40
; hc_EVP_hcrypto_aes_128_cts
; hc_EVP_hcrypto_aes_192_cts
; hc_EVP_hcrypto_aes_256_cts
hc_HMAC
hc_HMAC_CTX_cleanup
hc_HMAC_CTX_init
@@ -193,7 +212,7 @@ EXPORTS
; hc_RAND_egd_bytes
; hc_RAND_egd_method
hc_RAND_file_name
hc_RAND_fortuna_method
; hc_RAND_fortuna_method
hc_RAND_get_rand_method
hc_RAND_load_file
hc_RAND_pseudo_bytes
@@ -203,6 +222,7 @@ EXPORTS
hc_RAND_status
; hc_RAND_unix_method
; hc_RAND_timer_method
hc_RAND_w32crypto_method
hc_RAND_write_file
hc_RC2_cbc_encrypt
hc_RC2_decryptc
@@ -242,5 +262,12 @@ EXPORTS
hc_d2i_RSAPrivateKey
hc_i2d_RSAPrivateKey
hc_i2d_RSAPublicKey
hc_d2i_RSAPublicKey
hc_EVP_CIPHER_CTX_ctrl
hc_EVP_CIPHER_CTX_rand_key
hc_EVP_CIPHER_CTX_set_key_length
hc_EVP_hcrypto_rc2_40_cbc
hc_EVP_hcrypto_camellia_128_cbc
hc_EVP_CipherUpdate
hc_EVP_CipherFinal_ex

134
lib/hcrypto/rand-w32.c Normal file
View File

@@ -0,0 +1,134 @@
/*
* Copyright (c) 2006 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* 3. Neither the name of the Institute nor the names of its contributors
* may be used to endorse or promote products derived from this software
* without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <config.h>
#include <roken.h>
#include <wincrypt.h>
#include <stdio.h>
#include <stdlib.h>
#include <rand.h>
#include <heim_threads.h>
#include "randi.h"
volatile static HCRYPTPROV g_cryptprovider = 0;
static HCRYPTPROV
_hc_CryptProvider(void)
{
BOOL res;
HCRYPTPROV cryptprovider = 0;
if (g_cryptprovider != 0)
return g_cryptprovider;
res = CryptAcquireContext(&cryptprovider, NULL,
MS_ENHANCED_PROV, PROV_RSA_FULL,
0);
if (GetLastError() == NTE_BAD_KEYSET) {
if(!res)
res = CryptAcquireContext(&cryptprovider, NULL,
MS_ENHANCED_PROV, PROV_RSA_FULL,
CRYPT_NEWKEYSET);
}
if (res &&
InterlockedCompareExchange(&g_cryptprovider, cryptprovider, 0) != 0) {
CryptReleaseContext(cryptprovider, 0);
cryptprovider = g_cryptprovider;
}
return cryptprovider;
}
/*
*
*/
static void
w32crypto_seed(const void *indata, int size)
{
}
static int
w32crypto_bytes(unsigned char *outdata, int size)
{
if (CryptGenRandom(_hc_CryptProvider(), size, outdata))
return 0;
return 1;
}
static void
w32crypto_cleanup(void)
{
}
static void
w32crypto_add(const void *indata, int size, double entropi)
{
}
static int
w32crypto_pseudorand(unsigned char *outdata, int size)
{
return 1;
}
static int
w32crypto_status(void)
{
if (_hc_CryptProvider() == 0)
return 0;
return 1;
}
const RAND_METHOD hc_rand_w32crypto_method = {
w32crypto_seed,
w32crypto_bytes,
w32crypto_cleanup,
w32crypto_add,
w32crypto_pseudorand,
w32crypto_status
};
const RAND_METHOD *
RAND_w32crypto_method(void)
{
return &hc_rand_w32crypto_method;
}

4
lib/hcrypto/rand.c
View File

@@ -60,7 +60,9 @@ init_method(void)
{
if (selected_meth != NULL)
return;
#ifdef __APPLE__
#if defined(_WIN32)
selected_meth = &hc_rand_w32crypto_method;
#elif defined(__APPLE__)
selected_meth = &hc_rand_unix_method;
#else
selected_meth = &hc_rand_fortuna_method;

1
lib/hcrypto/rand.h
View File

@@ -62,6 +62,7 @@ typedef struct RAND_METHOD RAND_METHOD;
#define RAND_fortuna_method hc_RAND_fortuna_method
#define RAND_egd_method hc_RAND_egd_method
#define RAND_unix_method hc_RAND_unix_method
#define RAND_w32crypto_method hc_RAND_w32crypto_method
/*
*

1
lib/hcrypto/randi.h
View File

@@ -42,6 +42,7 @@ extern const RAND_METHOD hc_rand_fortuna_method;
extern const RAND_METHOD hc_rand_unix_method;
extern const RAND_METHOD hc_rand_egd_method;
extern const RAND_METHOD hc_rand_timer_method;
extern const RAND_METHOD hc_rand_w32crypto_method;
const RAND_METHOD * RAND_timer_method(void);

19
lib/hdb/NTMakefile
View File

@@ -52,7 +52,7 @@ gen_files_hdb = \
$(OBJ)\asn1_hdb_entry_alias.x \
$(OBJ)\asn1_hdb_keyset.x
$(gen_files_hdb) $(OBJ)\hdb_asn1.hx: $(BINDIR)\asn1_compile.exe hdb.asn1
$(gen_files_hdb) $(OBJ)\hdb_asn1.hx $(OBJ)\hdb_asn1-priv.hx: $(BINDIR)\asn1_compile.exe hdb.asn1
cd $(OBJ)
$(BINDIR)\asn1_compile.exe $(SRCDIR)\hdb.asn1 hdb_asn1
cd $(SRCDIR)
@@ -90,6 +90,8 @@ dist_libhdb_la_SOURCES = \
$(ldap_c) \
hdb.c \
hdb-sqlite.c \
hdb-keytab.c \
hdb-mitdb.c \
hdb_locl.h \
keys.c \
keytab.c \
@@ -98,7 +100,7 @@ dist_libhdb_la_SOURCES = \
ndbm.c \
print.c
libhdb_OBJs= \
libhdb_OBJs = \
$(OBJ)\common.obj \
$(OBJ)\db.obj \
$(OBJ)\db3.obj \
@@ -106,6 +108,8 @@ libhdb_OBJs= \
$(ldap) \
$(OBJ)\hdb.obj \
$(OBJ)\hdb-sqlite.obj \
$(OBJ)\hdb-keytab.obj \
$(OBJ)\hdb-mitdb.obj \
$(OBJ)\keys.obj \
$(OBJ)\keytab.obj \
$(OBJ)\dbinfo.obj \
@@ -128,12 +132,13 @@ $(OBJ)\hdb-private.h: $(dist_libhdb_la_SOURCES)
$(PERL) ../../cf/make-proto.pl -q -P remote -p $@ $(dist_libhdb_la_SOURCES) \
|| $(RM) $@
INCFILES=\
$(INCDIR)\hdb.h \
$(INCDIR)\hdb-protos.h \
INCFILES= \
$(INCDIR)\hdb.h \
$(INCDIR)\hdb-protos.h \
$(OBJ)\hdb-private.h \
$(INCDIR)\hdb_err.h \
$(INCDIR)\hdb_asn1.h
$(INCDIR)\hdb_err.h \
$(INCDIR)\hdb_asn1.h \
$(INCDIR)\hdb_asn1-priv.h
!ifndef STATICLIBS

6
lib/hx509/NTMakefile
View File

@@ -191,7 +191,10 @@ INCFILES= \
$(INCDIR)\hx509_err.h \
$(INCDIR)\ocsp_asn1.h \
$(INCDIR)\pkcs10_asn1.h \
$(INCDIR)\crmf_asn1.h
$(INCDIR)\crmf_asn1.h \
$(OBJ)\ocsp_asn1-priv.h \
$(OBJ)\pkcs10_asn1-priv.h \
$(OBJ)\crmf_asn1-priv.h
hxtool.c: $(OBJ)\hxtool-commands.h
@@ -240,4 +243,3 @@ all:: $(INCFILES) $(LIBHX509) $(BINDIR)\hxtool.exe
clean::
-$(RM) $(BINDIR)\hxtool.exe

4
lib/hx509/ks_dir.c
View File

@@ -113,9 +113,7 @@ dir_iter_start(hx509_context context,
free(d);
return errno;
}
#ifndef _WIN32
rk_cloexec(dirfd(d->dir));
#endif
rk_cloexec_dir(d->dir);
d->certs = NULL;
d->iter = NULL;

5
lib/hx509/libhx509-exports.def
View File

@@ -81,12 +81,14 @@ EXPORTS
hx509_certs_add
hx509_certs_append
hx509_certs_end_seq
hx509_certs_ref
hx509_certs_filter
hx509_certs_find
hx509_certs_free
hx509_certs_info
hx509_certs_init
hx509_certs_iter
; hx509_certs_iter
hx509_certs_iter_f
hx509_certs_merge
hx509_certs_next_cert
hx509_certs_start_seq
@@ -176,6 +178,7 @@ EXPORTS
hx509_pem_read
hx509_pem_write
hx509_print_stdout
hx509_print_cert
hx509_prompt_hidden
hx509_query_alloc
hx509_query_free

16
lib/kadm5/context_s.c
View File

@@ -53,6 +53,8 @@ set_funcs(kadm5_server_context *c)
SET(c, rename_principal);
}
#ifndef NO_UNIX_SOCKETS
static void
set_socket_name(krb5_context context, struct sockaddr_un *un)
{
@@ -61,7 +63,17 @@ set_socket_name(krb5_context context, struct sockaddr_un *un)
memset(un, 0, sizeof(*un));
un->sun_family = AF_UNIX;
strlcpy (un->sun_path, fn, sizeof(un->sun_path));
}
#else
static void
set_socket_info(krb5_context context, struct addrinfo **info)
{
kadm5_log_signal_socket_info(context, 0, info);
}
#endif
static kadm5_ret_t
find_db_spec(kadm5_server_context *ctx)
@@ -115,7 +127,11 @@ find_db_spec(kadm5_server_context *ctx)
if (ctx->log_context.log_file == NULL)
asprintf(&ctx->log_context.log_file, "%s/log", hdb_db_dir(context));
#ifndef NO_UNIX_SOCKETS
set_socket_name(context, &ctx->log_context.socket_name);
#else
set_socket_info(context, &ctx->log_context.socket_info);
#endif
return 0;
}

8
lib/kadm5/destroy_s.c
View File

@@ -56,7 +56,13 @@ static void
destroy_kadm5_log_context (kadm5_log_context *c)
{
free (c->log_file);
close (c->socket_fd);
rk_closesocket (c->socket_fd);
#ifndef NO_UNIX_SOCKETS
if (c->socket_info) {
freeaddrinfo(c->socket_info);
c->socket_info = NULL;
}
#endif
}
/*

2
lib/kadm5/get_s.c
View File

@@ -61,7 +61,7 @@ add_tl_data(kadm5_principal_ent_t ent, int16_t type,
return 0;
}
krb5_ssize_t KRB5_LIB_FUNCTION
KRB5_LIB_FUNCTION krb5_ssize_t KRB5_LIB_CALL
_krb5_put_int(void *buffer, unsigned long value, size_t size); /* XXX */
kadm5_ret_t

6
lib/kadm5/init_c.c
View File

@@ -33,9 +33,15 @@
#include "kadm5_locl.h"
#include <sys/types.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
#ifdef HAVE_NETDB_H
#include <netdb.h>
#endif
RCSID("$Id$");

10
lib/kadm5/init_s.c
View File

@@ -55,7 +55,11 @@ kadm5_s_init_with_context(krb5_context context,
assert(ctx->config.stash_file != NULL);
assert(ctx->config.acl_file != NULL);
assert(ctx->log_context.log_file != NULL);
#ifndef NO_UNIX_SOCKETS
assert(ctx->log_context.socket_name.sun_path[0] != '\0');
#else
assert(ctx->log_context.socket_info != NULL);
#endif
ret = hdb_create(ctx->context, &ctx->db, ctx->config.dbname);
if(ret)
@@ -67,7 +71,13 @@ kadm5_s_init_with_context(krb5_context context,
ctx->log_context.log_fd = -1;
#ifndef NO_UNIX_SOCKETS
ctx->log_context.socket_fd = socket (AF_UNIX, SOCK_DGRAM, 0);
#else
ctx->log_context.socket_fd = socket (ctx->log_context.socket_info->ai_family,
ctx->log_context.socket_info->ai_socktype,
ctx->log_context.socket_info->ai_protocol);
#endif
ret = krb5_parse_name(ctx->context, client_name, &ctx->caller);
if(ret)

4
lib/kadm5/ipropd_common.c
View File

@@ -63,7 +63,11 @@ setup_signal(void)
#else
signal(SIGINT, sigterm);
signal(SIGTERM, sigterm);
#ifndef NO_SIGXCPU
signal(SIGXCPU, sigterm);
#endif
#ifndef NO_SIGPIPE
signal(SIGPIPE, SIG_IGN);
#endif
#endif
}

61
lib/kadm5/ipropd_master.c
View File

@@ -45,12 +45,13 @@ static int time_before_gone;
const char *master_hostname;
static int
static krb5_socket_t
make_signal_socket (krb5_context context)
{
#ifndef NO_UNIX_SOCKETS
struct sockaddr_un addr;
const char *fn;
int fd;
krb5_socket_t fd;
fn = kadm5_log_signal_socket(context);
@@ -64,18 +65,32 @@ make_signal_socket (krb5_context context)
if (bind (fd, (struct sockaddr *)&addr, sizeof(addr)) < 0)
krb5_err (context, 1, errno, "bind %s", addr.sun_path);
return fd;
#else
struct addrinfo *ai = NULL;
krb5_socket_t fd;
kadm5_log_signal_socket_info(context, 1, &ai);
fd = socket(ai->ai_family, ai->ai_socktype, ai->ai_protocol);
if (rk_IS_BAD_SOCKET(fd))
krb5_err (context, 1, rk_SOCK_ERRNO, "socket AF=%d", ai->ai_family);
if (rk_IS_SOCKET_ERROR( bind (fd, ai->ai_addr, ai->ai_addrlen) ))
krb5_err (context, 1, rk_SOCK_ERRNO, "bind");
return fd;
#endif
}
static int
static krb5_socket_t
make_listen_socket (krb5_context context, const char *port_str)
{
int fd;
krb5_socket_t fd;
int one = 1;
struct sockaddr_in addr;
fd = socket (AF_INET, SOCK_STREAM, 0);
if (fd < 0)
krb5_err (context, 1, errno, "socket AF_INET");
if (rk_IS_BAD_SOCKET(fd))
krb5_err (context, 1, rk_SOCK_ERRNO, "socket AF_INET");
setsockopt (fd, SOL_SOCKET, SO_REUSEADDR, (void *)&one, sizeof(one));
memset (&addr, 0, sizeof(addr));
addr.sin_family = AF_INET;
@@ -105,7 +120,7 @@ make_listen_socket (krb5_context context, const char *port_str)
}
struct slave {
int fd;
krb5_socket_t fd;
struct sockaddr_in addr;
char *name;
krb5_auth_context ac;
@@ -180,9 +195,9 @@ slave_dead(krb5_context context, slave *s)
{
krb5_warnx(context, "slave %s dead", s->name);
if (s->fd >= 0) {
close (s->fd);
s->fd = -1;
if (!rk_IS_BAD_SOCKET(s->fd)) {
rk_closesocket (s->fd);
s->fd = rk_INVALID_SOCKET;
}
s->flags |= SLAVE_F_DEAD;
slave_seen(s);
@@ -193,8 +208,8 @@ remove_slave (krb5_context context, slave *s, slave **root)
{
slave **p;
if (s->fd >= 0)
close (s->fd);
if (!rk_IS_BAD_SOCKET(s->fd))
rk_closesocket (s->fd);
if (s->name)
free (s->name);
if (s->ac)
@@ -209,7 +224,8 @@ remove_slave (krb5_context context, slave *s, slave **root)
}
static void
add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd)
add_slave (krb5_context context, krb5_keytab keytab, slave **root,
krb5_socket_t fd)
{
krb5_principal server;
krb5_error_code ret;
@@ -228,8 +244,8 @@ add_slave (krb5_context context, krb5_keytab keytab, slave **root, int fd)
addr_len = sizeof(s->addr);
s->fd = accept (fd, (struct sockaddr *)&s->addr, &addr_len);
if (s->fd < 0) {
krb5_warn (context, errno, "accept");
if (rk_IS_BAD_SOCKET(s->fd)) {
krb5_warn (context, rk_SOCK_ERRNO, "accept");
goto error;
}
if (master_hostname)
@@ -294,7 +310,7 @@ error:
struct prop_context {
krb5_auth_context auth_context;
int fd;
krb5_socket_t fd;
};
static int
@@ -744,7 +760,7 @@ main(int argc, char **argv)
void *kadm_handle;
kadm5_server_context *server_context;
kadm5_config_params conf;
int signal_fd, listen_fd;
krb5_socket_t signal_fd, listen_fd;
int log_fd;
slave *slaves = NULL;
uint32_t current_version = 0, old_version = 0;
@@ -837,8 +853,10 @@ main(int argc, char **argv)
struct timeval to = {30, 0};
uint32_t vers;
#ifndef NO_LIMIT_FD_SETSIZE
if (signal_fd >= FD_SETSIZE || listen_fd >= FD_SETSIZE)
krb5_errx (context, 1, "fd too large");
#endif
FD_ZERO(&readset);
FD_SET(signal_fd, &readset);
@@ -880,7 +898,11 @@ main(int argc, char **argv)
}
if (ret && FD_ISSET(signal_fd, &readset)) {
#ifndef NO_UNIX_SOCKETS
struct sockaddr_un peer_addr;
#else
struct sockaddr_storage peer_addr;
#endif
socklen_t peer_len = sizeof(peer_addr);
if(recvfrom(signal_fd, (void *)&vers, sizeof(vers), 0,
@@ -931,8 +953,11 @@ main(int argc, char **argv)
write_stats(context, slaves, current_version);
}
if(exit_flag == SIGXCPU)
if (0) ;
#ifndef NO_SIGXCPU
else if(exit_flag == SIGXCPU)
krb5_warnx(context, "%s CPU time limit exceeded", getprogname());
#endif
else if(exit_flag == SIGINT || exit_flag == SIGTERM)
krb5_warnx(context, "%s terminated", getprogname());
else

7
lib/kadm5/ipropd_slave.c
View File

@@ -657,8 +657,10 @@ main(int argc, char **argv)
fd_set readset;
struct timeval to;
#ifndef NO_LIMIT_FD_SETSIZE
if (master_fd >= FD_SETSIZE)
krb5_errx (context, 1, "fd too large");
#endif
FD_ZERO(&readset);
FD_SET(master_fd, &readset);
@@ -730,8 +732,11 @@ main(int argc, char **argv)
reconnect = reconnect_max;
}
if(exit_flag == SIGXCPU)
if (0);
#ifndef NO_SIGXCPU
else if(exit_flag == SIGXCPU)
krb5_warnx(context, "%s CPU time limit exceeded", getprogname());
#endif
else if(exit_flag == SIGINT || exit_flag == SIGTERM)
krb5_warnx(context, "%s terminated", getprogname());
else

2
lib/kadm5/kadm5_locl.h
View File

@@ -37,6 +37,7 @@
#define __KADM5_LOCL_H__
#include <config.h>
#include <roken.h>
#include <stdio.h>
#include <stdlib.h>
@@ -76,7 +77,6 @@
#include "kadm5_err.h"
#include <hdb.h>
#include <der.h>
#include <roken.h>
#include <parse_units.h>
#include "private.h"

61
lib/kadm5/libkadm5srv-exports.def Normal file
View File

@@ -0,0 +1,61 @@
EXPORTS
; kadm5_ad_init_with_password
; kadm5_ad_init_with_password_ctx
kadm5_add_passwd_quality_verifier
kadm5_check_password_quality
kadm5_chpass_principal
kadm5_chpass_principal_with_key
kadm5_create_principal
kadm5_delete_principal
kadm5_destroy
kadm5_flush
kadm5_free_key_data
kadm5_free_name_list
kadm5_free_principal_ent
kadm5_get_principal
kadm5_get_principals
kadm5_get_privs
kadm5_init_with_creds
kadm5_init_with_creds_ctx
kadm5_init_with_password
kadm5_init_with_password_ctx
kadm5_init_with_skey
kadm5_init_with_skey_ctx
kadm5_modify_principal
kadm5_randkey_principal
kadm5_rename_principal
kadm5_ret_key_data
kadm5_ret_principal_ent
kadm5_ret_principal_ent_mask
kadm5_ret_tl_data
kadm5_setup_passwd_quality_check
kadm5_store_key_data
kadm5_store_principal_ent
kadm5_store_principal_ent_mask
kadm5_store_tl_data
kadm5_s_init_with_password_ctx
kadm5_s_init_with_password
kadm5_s_init_with_skey_ctx
kadm5_s_init_with_skey
kadm5_s_init_with_creds_ctx
kadm5_s_init_with_creds
kadm5_s_chpass_principal_cond
kadm5_log_set_version
; kadm5_log_signal_socket
kadm5_log_signal_socket_info
kadm5_log_previous
kadm5_log_goto_end
kadm5_log_foreach
kadm5_log_get_version_fd
kadm5_log_get_version
kadm5_log_replay
kadm5_log_end
kadm5_log_reinit
kadm5_log_init
kadm5_log_nop
kadm5_log_truncate
kadm5_log_modify
_kadm5_acl_check_permission
_kadm5_unmarshal_params
_kadm5_s_get_db
_kadm5_privs_to_string

64
lib/kadm5/log.c
View File

@@ -206,15 +206,25 @@ kadm5_log_flush (kadm5_log_context *log_context,
krb5_data_free(&data);
return errno;
}
/*
* Try to send a signal to any running `ipropd-master'
*/
#ifndef NO_UNIX_SOCKETS
sendto (log_context->socket_fd,
(void *)&log_context->version,
sizeof(log_context->version),
0,
(struct sockaddr *)&log_context->socket_name,
sizeof(log_context->socket_name));
#else
sendto (log_context->socket_fd,
(void *)&log_context->version,
sizeof(log_context->version),
0,
log_context->socket_info->ai_addr,
log_context->socket_info->ai_addrlen);
#endif
krb5_data_free(&data);
return 0;
@@ -970,6 +980,8 @@ kadm5_log_truncate (kadm5_server_context *server_context)
}
#ifndef NO_UNIX_SOCKETS
static char *default_signal = NULL;
static HEIMDAL_MUTEX signal_mutex = HEIMDAL_MUTEX_INITIALIZER;
@@ -988,3 +1000,55 @@ kadm5_log_signal_socket(krb5_context context)
"signal_socket",
NULL);
}
#else /* NO_UNIX_SOCKETS */
#define SIGNAL_SOCKET_HOST "127.0.0.1"
#define SIGNAL_SOCKET_PORT "12701"
kadm5_ret_t
kadm5_log_signal_socket_info(krb5_context context,
int server_end,
struct addrinfo **ret_addrs)
{
struct addrinfo hints;
struct addrinfo *addrs = NULL;
kadm5_ret_t ret = KADM5_FAILURE;
int wsret;
memset(&hints, 0, sizeof(hints));
hints.ai_flags = AI_NUMERICHOST;
if (server_end)
hints.ai_flags |= AI_PASSIVE;
hints.ai_family = AF_INET;
hints.ai_socktype = SOCK_STREAM;
hints.ai_protocol = IPPROTO_TCP;
wsret = getaddrinfo(SIGNAL_SOCKET_HOST,
SIGNAL_SOCKET_PORT,
&hints, &addrs);
if (wsret != 0) {
krb5_set_error_message(context, KADM5_FAILURE,
"%s", gai_strerror(wsret));
goto done;
}
if (addrs == NULL) {
krb5_set_error_message(context, KADM5_FAILURE,
"getaddrinfo() failed to return address list");
goto done;
}
*ret_addrs = addrs;
addrs = NULL;
ret = 0;
done:
if (addrs)
freeaddrinfo(addrs);
return ret;
}
#endif

11
lib/kadm5/password_quality.c
View File

@@ -199,7 +199,7 @@ external_passwd_quality (krb5_context context,
fclose(out);
fclose(error);
waitpid(child, &status, 0);
wait_for_process(child);
return 1;
}
reply[strcspn(reply, "\n")] = '\0';
@@ -207,12 +207,9 @@ external_passwd_quality (krb5_context context,
fclose(out);
fclose(error);
if (waitpid(child, &status, 0) < 0) {
snprintf(message, length, "external program failed: %s", reply);
free(p);
return 1;
}
if (!WIFEXITED(status) || WEXITSTATUS(status) != 0) {
status = wait_for_process(child);
if (SE_IS_ERROR(status) || SE_PROCSTATUS(status) != 0) {
snprintf(message, length, "external program failed: %s", reply);
free(p);
return 1;

6
lib/kadm5/private.h
View File

@@ -74,8 +74,12 @@ typedef struct kadm5_log_context {
char *log_file;
int log_fd;
uint32_t version;
#ifndef NO_UNIX_SOCKETS
struct sockaddr_un socket_name;
int socket_fd;
#else
struct addrinfo *socket_info;
#endif
krb5_socket_t socket_fd;
} kadm5_log_context;
typedef struct kadm5_server_context {

2
lib/krb5/auth_context.c
View File

@@ -425,7 +425,7 @@ krb5_auth_con_setlocalseqnumber (krb5_context context,
return 0;
}
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_FUNCTION
KRB5_LIB_FUNCTION krb5_error_code KRB5_LIB_CALL
krb5_auth_con_getremoteseqnumber(krb5_context context,
krb5_auth_context auth_context,
int32_t *seqnumber)

20
lib/krb5/config_file.c
View File

@@ -473,6 +473,21 @@ krb5_config_parse_file_multi (krb5_context context,
return ENOENT;
#endif
} else {
#ifdef KRB5_USE_PATH_TOKENS
char * exp_fname = NULL;
ret = _krb5_expand_path_tokens(context, fname, &exp_fname);
if (ret) {
if (newfname)
free(newfname);
return ret;
}
if (newfname)
free(newfname);
fname = newfname = exp_fname;
#endif
f.f = fopen(fname, "r");
f.s = NULL;
if(f.f == NULL) {
@@ -494,8 +509,6 @@ krb5_config_parse_file_multi (krb5_context context,
return ret;
}
}
if (newfname)
free(newfname);
return 0;
}
@@ -1236,10 +1249,11 @@ krb5_config_get_int (krb5_context context,
* @ingroup krb5_deprecated
*/
KRB5_DEPRECATED
krb5_error_code KRB5_LIB_FUNCTION
krb5_config_parse_string_multi(krb5_context context,
const char *string,
krb5_config_section **res) KRB5_DEPRECATED
krb5_config_section **res)
{
const char *str;
unsigned lineno = 0;

19
lib/krb5/context.c
View File

@@ -245,22 +245,25 @@ cc_ops_register(krb5_context context)
static krb5_error_code
cc_ops_copy(krb5_context context, const krb5_context src_context)
{
krb5_cc_ops **cc_ops;
context->cc_ops = NULL;
context->num_cc_ops = 0;
if (src_context->num_cc_ops == 0)
return 0;
context->cc_ops = malloc(sizeof(context->cc_ops[0]) * src_context->num_cc_ops);
if (context->cc_ops == NULL) {
cc_ops = malloc(sizeof(cc_ops[0]) * src_context->num_cc_ops);
if (cc_ops == NULL) {
krb5_set_error_message(context, KRB5_CC_NOMEM,
N_("malloc: out of memory", ""));
return KRB5_CC_NOMEM;
}
memcpy(cc_ops, src_context->cc_ops,
sizeof(cc_ops[0]) * src_context->num_cc_ops);
context->cc_ops = cc_ops;
context->num_cc_ops = src_context->num_cc_ops;
memcpy(context->cc_ops, src_context->cc_ops,
sizeof(context->cc_ops[0]) * src_context->num_cc_ops);
return 0;
}
@@ -363,10 +366,8 @@ krb5_init_context(krb5_context *context)
if (ret)
goto out;
#endif
#ifdef NEED_SOCK_INIT
if (SOCK_INIT)
if (rk_SOCK_INIT())
p->flags |= KRB5_CTX_F_SOCKETS_INITIALIZED;
#endif
out:
if(ret) {
@@ -539,11 +540,9 @@ krb5_free_context(krb5_context context)
HEIMDAL_MUTEX_destroy(context->mutex);
free(context->mutex);
#ifdef NEED_SOCK_INIT
if (context->flags & KRB5_CTX_F_SOCKETS_INITIALIZED) {
SOCK_EXIT;
rk_SOCK_EXIT();
}
#endif
memset(context, 0, sizeof(*context));
free(context);

9
lib/krb5/deprecated.c
View File

@@ -631,8 +631,9 @@ krb5_get_cred_from_kdc(krb5_context context,
* @ingroup krb5_deprecated
*/
KRB5_DEPRECATED
void KRB5_LIB_FUNCTION
krb5_free_unparsed_name(krb5_context context, char *str) KRB5_DEPRECATED
krb5_free_unparsed_name(krb5_context context, char *str)
{
krb5_xfree(str);
}
@@ -643,10 +644,11 @@ krb5_free_unparsed_name(krb5_context context, char *str) KRB5_DEPRECATED
* @ingroup krb5_deprecated
*/
KRB5_DEPRECATED
krb5_error_code KRB5_LIB_FUNCTION
krb5_generate_subkey(krb5_context context,
const krb5_keyblock *key,
krb5_keyblock **subkey) KRB5_DEPRECATED
krb5_keyblock **subkey)
{
return krb5_generate_subkey_extended(context, key, ETYPE_NULL, subkey);
}
@@ -657,10 +659,11 @@ krb5_generate_subkey(krb5_context context,
* @ingroup krb5_deprecated
*/
KRB5_DEPRECATED
krb5_error_code KRB5_LIB_FUNCTION
krb5_auth_getremoteseqnumber(krb5_context context,
krb5_auth_context auth_context,
int32_t *seqnumber) KRB5_DEPRECATED
int32_t *seqnumber)
{
*seqnumber = auth_context->remote_seqnumber;
return 0;

3
lib/krb5/error_string.c
View File

@@ -279,8 +279,9 @@ krb5_free_error_message(krb5_context context, const char *msg)
* @ingroup krb5
*/
KRB5_DEPRECATED
KRB5_LIB_FUNCTION const char* KRB5_LIB_CALL
krb5_get_err_text(krb5_context context, krb5_error_code code) KRB5_DEPRECATED
krb5_get_err_text(krb5_context context, krb5_error_code code)
{
const char *p = NULL;
if(context != NULL)

7
lib/krb5/kuserok.c
View File

@@ -242,6 +242,8 @@ krb5_kuserok (krb5_context context,
char *buf;
size_t buflen;
struct passwd *pwd = NULL;
char *profile_dir = NULL;
krb5_boolean free_profile_dir = FALSE;
krb5_error_code ret;
krb5_boolean result = FALSE;
@@ -258,14 +260,15 @@ krb5_kuserok (krb5_context context,
#endif
if (pwd == NULL)
return FALSE;
profile_dir = pwd->pw_dir;
#define KLOGIN "/.k5login"
buflen = strlen(pwd->pw_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */
buflen = strlen(profile_dir) + sizeof(KLOGIN) + 2; /* 2 for .d */
buf = malloc(buflen);
if(buf == NULL)
return FALSE;
/* check user's ~/.k5login */
strlcpy(buf, pwd->pw_dir, buflen);
strlcpy(buf, profile_dir, buflen);
strlcat(buf, KLOGIN, buflen);
ret = check_one_file(context, buf, pwd, principal, &result);

86
lib/krb5/libkrb5-exports.def.in
View File

@@ -57,7 +57,6 @@ EXPORTS
krb5_auth_con_setuserkey
krb5_auth_getremoteseqnumber
krb5_build_ap_req
krb5_build_authenticator
krb5_build_principal
krb5_build_principal_ext
krb5_build_principal_va
@@ -96,6 +95,7 @@ EXPORTS
krb5_cc_get_config
krb5_cc_get_friendly_name
krb5_cc_get_full_name
krb5_cc_get_kdc_offset
krb5_cc_get_lifetime
krb5_cc_get_name
krb5_cc_get_ops
@@ -115,8 +115,10 @@ EXPORTS
krb5_cc_set_config
krb5_cc_set_default_name
krb5_cc_set_flags
krb5_cc_set_kdc_offset
krb5_cc_start_seq_get
krb5_cc_store_cred
krb5_cc_support_switch
krb5_cc_switch
krb5_cc_set_friendly_name
krb5_change_password
@@ -135,13 +137,13 @@ EXPORTS
krb5_compare_creds
krb5_config_file_free
krb5_config_free_strings
krb5_config_get
_krb5_config_get
krb5_config_get_bool
krb5_config_get_bool_default
krb5_config_get_int
krb5_config_get_int_default
krb5_config_get_list
krb5_config_get_next
_krb5_config_get_next
krb5_config_get_string
krb5_config_get_string_default
krb5_config_get_strings
@@ -150,13 +152,13 @@ EXPORTS
krb5_config_parse_file
krb5_config_parse_file_multi
krb5_config_parse_string_multi
krb5_config_vget
_krb5_config_vget
krb5_config_vget_bool
krb5_config_vget_bool_default
krb5_config_vget_int
krb5_config_vget_int_default
krb5_config_vget_list
krb5_config_vget_next
_krb5_config_vget_next
krb5_config_vget_string
krb5_config_vget_string_default
krb5_config_vget_strings
@@ -176,6 +178,7 @@ EXPORTS
krb5_create_checksum
krb5_create_checksum_iov
krb5_crypto_destroy
krb5_crypto_fx_cf2
krb5_crypto_get_checksum_type
krb5_crypto_getblocksize
krb5_crypto_getconfoundersize
@@ -293,6 +296,7 @@ EXPORTS
krb5_free_principal
krb5_free_salt
krb5_free_ticket
krb5_free_unparsed_name
krb5_fwd_tgt_creds
krb5_generate_random_block
krb5_generate_random_keyblock
@@ -328,6 +332,7 @@ EXPORTS
krb5_get_host_realm
krb5_get_ignore_addresses
krb5_get_in_cred
krb5_cccol_last_change_time
krb5_get_in_tkt
krb5_get_in_tkt_with_keytab
krb5_get_in_tkt_with_password
@@ -380,8 +385,8 @@ EXPORTS
krb5_init_ets
krb5_init_etype
krb5_initlog
krb5_is_thread_safe
krb5_is_config_principal
krb5_is_thread_safe
krb5_kerberos_enctypes
krb5_keyblock_get_enctype
krb5_keyblock_init
@@ -403,10 +408,10 @@ EXPORTS
krb5_kt_close
krb5_kt_compare
krb5_kt_copy_entry_contents
krb5_kt_destroy
krb5_kt_default
krb5_kt_default_modify_name
krb5_kt_default_name
krb5_kt_destroy
krb5_kt_end_seq_get
krb5_kt_free_entry
krb5_kt_get_entry
@@ -471,6 +476,7 @@ EXPORTS
krb5_plugin_register
krb5_prepend_config_files
krb5_prepend_config_files_default
krb5_prepend_error_message
krb5_princ_realm
krb5_princ_set_realm
krb5_principal_compare
@@ -554,15 +560,15 @@ EXPORTS
krb5_sendto_ctx_set_type
krb5_sendto_kdc
krb5_sendto_kdc_flags
krb5_set_home_dir_access
krb5_set_config_files
krb5_set_default_in_tkt_etypes
krb5_set_default_realm
krb5_set_dns_canonicalize_hostname
krb5_set_error_string
krb5_set_error_message
krb5_set_error_string
krb5_set_extra_addresses
krb5_set_fcache_version
krb5_set_home_dir_access
krb5_set_ignore_addresses
krb5_set_kdc_sec_offset
krb5_set_max_time_skew
@@ -662,8 +668,9 @@ EXPORTS
krb5_verrx
krb5_vlog
krb5_vlog_msg
krb5_vset_error_string
krb5_vprepend_error_message
krb5_vset_error_message
krb5_vset_error_string
krb5_vwarn
krb5_vwarnx
krb5_warn
@@ -687,36 +694,40 @@ EXPORTS
initialize_k524_error_table_r
initialize_k524_error_table
; variables
krb5_mcc_ops DATA
krb5_acc_ops DATA
krb5_fcc_ops DATA
krb5_scc_ops DATA
; variables
krb5_mcc_ops DATA
krb5_acc_ops DATA
krb5_fcc_ops DATA
#ifdef HAVE_SCC
krb5_scc_ops DATA
#endif
#ifdef HAVE_KCM
krb5_kcm_ops DATA
krb5_kcm_ops DATA
#endif
#ifdef KRB4
; krb4_fkt_ops DATA
#ifdef HAVE_KRB4
krb4_fkt_ops DATA
#endif
krb5_wrfkt_ops DATA
krb5_mkt_ops DATA
krb5_akf_ops DATA
krb5_any_ops DATA
__heimdal_version DATA
__heimdal_long_version DATA
krb5_config_file DATA
krb5_defkeyname DATA
krb5_cc_type_api DATA
krb5_cc_type_file DATA
krb5_cc_type_memory DATA
krb5_cc_type_kcm DATA
krb5_cc_type_scc DATA
krb5_wrfkt_ops DATA
krb5_mkt_ops DATA
krb5_akf_ops DATA
krb5_any_ops DATA
heimdal_version DATA
heimdal_long_version DATA
krb5_config_file DATA
krb5_defkeyname DATA
krb5_cc_type_api DATA
krb5_cc_type_file DATA
krb5_cc_type_memory DATA
krb5_cc_type_kcm DATA
krb5_cc_type_scc DATA
; Shared with GSSAPI krb5
_krb5_crc_init_table;
_krb5_crc_update;
; Shared with GSSAPI krb5
_krb5_crc_init_table
_krb5_crc_update
_krb5_get_krbtgt
_krb5_build_authenticator
; V4 compat glue
; V4 compat glue
_krb5_krb_tf_setup
_krb5_krb_dest_tkt
_krb5_krb_life_to_time
@@ -737,7 +748,6 @@ EXPORTS
_krb5_get_int
_krb5_pac_sign
_krb5_parse_moduli
_krb5_pk_enterprise_cert
_krb5_pk_kdf
_krb5_pk_load_id
_krb5_pk_mk_ContentInfo
@@ -752,6 +762,10 @@ EXPORTS
_krb5_s4u2self_to_checksumdata
_krb5_expand_path_tokens
; kinit helper
_krb5_get_init_creds_opt_set_pkinit_user_certs
_krb5_pk_enterprise_cert
; testing
; _krb5_aes_cts_encrypt
_krb5_n_fold

1
lib/krb5/pkinit.c
View File

@@ -1959,7 +1959,6 @@ _krb5_pk_load_id(krb5_context context,
hx509_certs_free(&id->anchors);
hx509_certs_free(&id->certpool);
hx509_revoke_free(&id->revokectx);
hx509_context_free(&context->hx509ctx);
free(id);
} else
*ret_id = id;

4
lib/krb5/plugin.c
View File

@@ -205,9 +205,7 @@ load_plugins(krb5_context context)
d = opendir(*di);
if (d == NULL)
continue;
#ifdef HAVE_DIRFD
rk_cloexec(dirfd(d));
#endif
rk_cloexec_dir(d);
while ((entry = readdir(d)) != NULL) {
char *n = entry->d_name;

21
lib/ntlm/libheimntlm-exports.def Normal file
View File

@@ -0,0 +1,21 @@
EXPORTS
heim_ntlm_build_ntlm1_master
heim_ntlm_calculate_ntlm1
heim_ntlm_calculate_ntlm2
heim_ntlm_calculate_ntlm2_sess
heim_ntlm_decode_targetinfo
heim_ntlm_decode_type1
heim_ntlm_decode_type2
heim_ntlm_decode_type3
heim_ntlm_encode_targetinfo
heim_ntlm_encode_type1
heim_ntlm_encode_type2
heim_ntlm_encode_type3
heim_ntlm_free_buf
heim_ntlm_free_targetinfo
heim_ntlm_free_type1
heim_ntlm_free_type2
heim_ntlm_free_type3
heim_ntlm_nt_key
heim_ntlm_ntlmv2_key
heim_ntlm_verify_ntlm2

2
lib/ntlm/ntlm.c
View File

@@ -41,8 +41,8 @@
#include <errno.h>
#include <limits.h>
#include <krb5.h>
#include <roken.h>
#include <krb5.h>
#define HC_DEPRECATED_CRYPTO

2
lib/roken/NTMakefile
View File

@@ -38,6 +38,7 @@ libroken_la_OBJS = \
$(OBJ)\bswap.obj \
$(OBJ)\concat.obj \
$(OBJ)\cloexec.obj \
$(OBJ)\ct.obj \
$(OBJ)\dirent.obj \
$(OBJ)\dlfcn_w32.obj \
$(OBJ)\dumpdata.obj \
@@ -88,6 +89,7 @@ libroken_la_OBJS = \
$(OBJ)\socket.obj \
$(OBJ)\sockstartup_w32.obj \
$(OBJ)\strcollect.obj \
$(OBJ)\strerror_r.obj \
$(OBJ)\strlcat.obj \
$(OBJ)\strlcpy.obj \
$(OBJ)\strpool.obj \

8
lib/roken/cloexec.c
View File

@@ -56,3 +56,11 @@ rk_cloexec_file(FILE *f)
rk_cloexec(fileno(f));
#endif
}
void ROKEN_LIB_FUNCTION
rk_cloexec_dir(DIR * d)
{
#ifdef HAVE_DIRFD
rk_cloexec(dirfd(d));
#endif
}

57
include/krb5-types.h.w32 → lib/roken/dirent.h
View File

@@ -29,33 +29,38 @@
*
**********************************************************************/
#ifndef __krb5_types_h__
#define __krb5_types_h__
#ifndef __DIRENT_H__
#define __DIRENT_H__
#ifndef __BIT_TYPES_DEFINED__
#define __BIT_TYPES_DEFINED__
typedef __int8 int8_t;
typedef __int16 int16_t;
typedef __int32 int32_t;
typedef __int64 int64_t;
typedef unsigned __int8 uint8_t;
typedef unsigned __int16 uint16_t;
typedef unsigned __int32 uint32_t;
typedef unsigned __int64 uint64_t;
typedef uint8_t u_int8_t;
typedef uint16_t u_int16_t;
typedef uint32_t u_int32_t;
typedef uint64_t u_int64_t;
#endif /* __BIT_TYPES_DEFINED__ */
typedef int krb5_socklen_t;
#ifdef _WIN64
typedef __int64 krb5_ssize_t;
#ifndef ROKEN_LIB_FUNCTION
#ifdef _WIN32
#define ROKEN_LIB_FUNCTION
#define ROKEN_LIB_CALL __cdecl
#else
typedef int krb5_ssize_t;
#define ROKEN_LIB_FUNCTION
#define ROKEN_LIB_CALL
#endif
#endif
#endif /* __krb5_types_h__ */
#include<sys/types.h>
struct dirent {
ino_t d_ino;
char d_name[1];
};
typedef struct _dirent_dirinfo DIR;
ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL closedir(DIR *);
ROKEN_LIB_FUNCTION DIR * ROKEN_LIB_CALL opendir(const char *);
ROKEN_LIB_FUNCTION struct dirent * ROKEN_LIB_CALL readdir(DIR *);
ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL rewinddir(DIR *);
ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL seekdir(DIR *, long);
ROKEN_LIB_FUNCTION long ROKEN_LIB_CALL telldir(DIR *);
#endif

2
lib/roken/flock.c
View File

@@ -41,7 +41,7 @@
ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL
fk_flock(int fd, int operation)
rk_flock(int fd, int operation)
{
#if defined(HAVE_FCNTL) && defined(F_SETLK)
struct flock arg;

3
lib/roken/roken-common.h
View File

@@ -480,6 +480,9 @@ rk_cloexec(int);
ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL
rk_cloexec_file(FILE *);
ROKEN_LIB_FUNCTION void ROKEN_LIB_CALL
rk_cloexec_dir(DIR *);
ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL
ct_memcmp(const void *, const void *, size_t);

20
lib/roken/roken.h.in
View File

@@ -63,6 +63,8 @@
typedef SOCKET rk_socket_t;
#define rk_closesocket(x) closesocket(x)
#define rk_INVALID_SOCKET INVALID_SOCKET
#define rk_IS_BAD_SOCKET(s) ((s) == INVALID_SOCKET)
#define rk_IS_SOCKET_ERROR(rv) ((rv) == SOCKET_ERROR)
#define rk_SOCK_ERRNO WSAGetLastError()
@@ -72,8 +74,8 @@ typedef SOCKET rk_socket_t;
#define EWOULDBLOCK WSAEWOULDBLOCK
#define ENOTSOCK WSAENOTSOCK
#define rk_SOCK_INIT rk_WSAStartup()
#define rk_SOCK_EXIT rk_WSACleanup()
#define rk_SOCK_INIT() rk_WSAStartup()
#define rk_SOCK_EXIT() rk_WSACleanup()
ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_WSAStartup(void);
ROKEN_LIB_FUNCTION int ROKEN_LIB_CALL rk_WSACleanup(void);
@@ -220,6 +222,14 @@ struct sockaddr_dl;
#include <paths.h>
#endif
#ifdef HAVE_DIRENT_H
#include <dirent.h>
#endif
#ifdef BACKSLASH_PATH_DELIM
#define rk_PATH_DELIM '\\'
#endif
#ifndef HAVE_SSIZE_T
#ifdef _WIN64
typedef __int64 ssize_t;
@@ -303,7 +313,7 @@ rk_vsnprintf (char *str, size_t sz, const char *format, va_list args);
S_ISBLK(m)
*/
#endif
#endif /* _MSC_VER */
#ifndef HAVE_PUTENV
#define putenv rk_putenv
@@ -827,8 +837,10 @@ struct msghdr {
int msg_flags;
};
#define sendmsg sendmsg_w32
ROKEN_LIB_FUNCTION ssize_t ROKEN_LIB_CALL
sendmsg(rk_socket_t s, const struct msghdr * msg, int flags);
sendmsg_w32(rk_socket_t s, const struct msghdr * msg, int flags);
#endif

2
lib/roken/sendmsg.c
View File

@@ -100,7 +100,7 @@ sendmsg(rk_socket_t s, const struct msghdr *msg, int flags)
*
**********************************************************************/
/*
/**
* Implementation of sendmsg() for WIN32
*
* We are using a contrived definition of msghdr which actually uses

21
lib/roken/strerror_r.c
View File

@@ -39,6 +39,25 @@
#include <string.h>
#include <errno.h>
#ifdef _MSC_VER
int ROKEN_LIB_FUNCTION
rk_strerror_r(int eno, char * strerrbuf, size_t buflen)
{
errno_t err;
err = strerror_s(strerrbuf, buflen, eno);
if (err != 0) {
int code;
code = sprintf_s(strerrbuf, buflen, "Error % occurred.", eno);
err = ((code != 0)? errno : 0);
}
return err;
}
#else /* _MSC_VER */
#ifndef HAVE_STRERROR_R
extern int sys_nerr;
extern char *sys_errlist[];
@@ -68,4 +87,6 @@ rk_strerror_r(int eno, char *strerrbuf, size_t buflen)
#endif
}
#endif /* !_MSC_VER */
#endif

6
lib/roken/test-mini_inetd.c
View File

@@ -82,7 +82,7 @@ get_connected_socket(rk_socket_t * s_ret)
goto done;
*s_ret = s;
s = INVALID_SOCKET;
s = rk_INVALID_SOCKET;
rv = 0;
done:
@@ -105,7 +105,7 @@ const char * test_strings[] = {
static int
test_simple_echo_client(void)
{
rk_socket_t s = INVALID_SOCKET;
rk_socket_t s = rk_INVALID_SOCKET;
int rv;
char buf[81];
int i;
@@ -165,7 +165,7 @@ test_simple_echo_socket(void)
return test_simple_echo_client();
} else {
rk_socket_t s = INVALID_SOCKET;
rk_socket_t s = rk_INVALID_SOCKET;
fprintf (stderr, "[%s] Listening for connections...\n", prog);
mini_inetd(htons(PORT), &s);

1
lib/roken/version-script.map
View File

@@ -42,6 +42,7 @@ HEIMDAL_ROKEN_1.0 {
rk_cgetstr;
rk_cloexec;
rk_cloexec_file;
rk_cloexec_dir;
rk_closefrom;
rk_copyhostent;
rk_dns_free_data;

5
windows/NTMakefile.config
View File

@@ -91,4 +91,7 @@ ENABLE_PTHREAD_SUPPORT=1
# Use the Kerberos Credentials Manager
# HAVE_KCM=1
DIR_hdbdir=%{COMMON_APPDATA}\heimdal\hdb
# Use the sqlite backend
HAVE_SCC=1
DIR_hdbdir=%{COMMON_APPDATA}/heimdal/hdb

5
windows/NTMakefile.w32
View File

@@ -277,6 +277,9 @@ prep:: show-cmds
{$(OBJ)}.hx{$(INCDIR)}.h:
$(CP) $< $@
{$(OBJ)}.hx{$(OBJ)}.h:
$(CP) $< $@
{}.rc{$(OBJ)}.res:
$(RC2RES)
@@ -444,6 +447,8 @@ LIBHCRYPTO =$(LIBDIR)\libhcrypto.lib
LIBHX509 =$(LIBDIR)\libhx509.lib
LIBKRB5 =$(LIBDIR)\libkrb5.lib
LIBHEIMNTLM =$(LIBDIR)\libheimntlm.lib
LIBHEIMIPCC =$(LIBDIR)\libheim-ipcc.lib
LIBHEIMIPCS =$(LIBDIR)\libheim-ipcs.lib
LIBGSSAPI =$(LIBDIR)\libgssapi.lib
LIBHDB =$(LIBDIR)\libhdb.lib
LIBKADM5SRV =$(LIBDIR)\libkadm5srv.lib

34
windows/maint.el Normal file
View File

@@ -0,0 +1,34 @@
(defun generate-obj-macro (mname &optional postfix &rest slist)
"Generates a macro definition for an OBJs dependency based on a list of source definitions"
(let*
((replist (apply 'append (mapcar (lambda (sdef)
(goto-char 0)
(let*
((def (buffer-substring-no-properties
(search-forward (concat sdef " = \\\n") nil t)
(search-forward "\n\n" nil t)))
(st (split-string
(replace-regexp-in-string "^.*\\.h.*\n" "" def)
"\\s-+\\\\?\\|\n" t)))
st)) slist)))
(def-start (search-forward (concat mname " = \\\n") nil t))
(def-end (search-forward "\n\n" nil t))
(repl (mapconcat
(lambda (s)
(concat "\t"
(replace-regexp-in-string
"\\(\\s-*\\)\\(.*\\)\\.c" "\\1$(OBJ)\\\\\\2.obj" s)
" \\"))
replist "\n"))
(erepl (if postfix
(concat repl "\n" postfix "\n\n")
(concat repl "\n\n")))
)
(delete-region def-start def-end)
(insert erepl))
)