Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src Pull up revision 1.2 (requested by assar):
details: https://anonhg.NetBSD.org/src/rev/93422e7707c7
branches: netbsd-1-5
changeset: 491149:93422e7707c7
user: he <he%NetBSD.org@localhost>
date: Thu Apr 05 23:25:03 2001 +0000
description:
Pull up revision 1.2 (requested by assar):
Upgrade Heimdal to version 0.3e.
diffstat:
crypto/dist/heimdal/lib/asn1/gen.c | 20 +++++-
crypto/dist/heimdal/lib/com_err/com_err.c | 7 +-
crypto/dist/heimdal/lib/des/rnd_keys.c | 12 +---
crypto/dist/heimdal/lib/hdb/hdb-private.h | 32 ----------
crypto/dist/heimdal/lib/krb5/get_cred.c | 96 +++++++++++++++++++++++-------
crypto/dist/heimdal/lib/roken/err.h | 4 +-
crypto/dist/heimdal/lib/roken/strlcat.c | 5 +-
crypto/dist/heimdal/lib/roken/strlcpy.c | 6 +-
lib/libsl/shlib_version | 2 +-
9 files changed, 99 insertions(+), 85 deletions(-)
diffs (truncated from 470 to 300 lines):
diff -r b3cbb515c883 -r 93422e7707c7 crypto/dist/heimdal/lib/asn1/gen.c
--- a/crypto/dist/heimdal/lib/asn1/gen.c Thu Apr 05 23:24:59 2001 +0000
+++ b/crypto/dist/heimdal/lib/asn1/gen.c Thu Apr 05 23:25:03 2001 +0000
@@ -33,7 +33,7 @@
#include "gen_locl.h"
-RCSID("$Id: gen.c,v 1.1.1.1 2000/06/16 18:32:38 thorpej Exp $");
+RCSID("$Id: gen.c,v 1.1.1.1.2.1 2001/04/05 23:25:03 he Exp $");
FILE *headerfile, *codefile, *logfile;
@@ -55,7 +55,7 @@
orig_filename = filename;
if(base)
strcpy(headerbase, base);
- snprintf(header, sizeof(header), "%s.hx", headerbase);
+ sprintf(header, "%s.hx", headerbase);
headerfile = fopen (header, "w");
if (headerfile == NULL)
err (1, "open %s", header);
@@ -227,7 +227,21 @@
break;
case TInteger:
space(level);
- fprintf (headerfile, "int %s;\n", name);
+ if(t->members == NULL) {
+ fprintf (headerfile, "int %s;\n", name);
+ } else {
+ Member *m;
+ int tag = -1;
+ fprintf (headerfile, "enum %s {\n", typedefp ? name : "");
+ for (m = t->members; m && m->val != tag; m = m->next) {
+ if(tag == -1)
+ tag = m->val;
+ space (level + 1);
+ fprintf(headerfile, "%s = %d%s\n", m->gen_name, m->val,
+ m->next->val == tag ? "" : ",");
+ }
+ fprintf (headerfile, "} %s;\n", name);
+ }
break;
case TUInteger:
space(level);
diff -r b3cbb515c883 -r 93422e7707c7 crypto/dist/heimdal/lib/com_err/com_err.c
--- a/crypto/dist/heimdal/lib/com_err/com_err.c Thu Apr 05 23:24:59 2001 +0000
+++ b/crypto/dist/heimdal/lib/com_err/com_err.c Thu Apr 05 23:25:03 2001 +0000
@@ -33,7 +33,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: com_err.c,v 1.1.1.1 2000/06/16 18:32:19 thorpej Exp $");
+RCSID("$Id: com_err.c,v 1.1.1.1.2.1 2001/04/05 23:25:03 he Exp $");
#endif
#include <stdio.h>
#include <stdlib.h>
@@ -43,7 +43,10 @@
struct et_list *_et_list = NULL;
-
+static void
+default_proc (const char *whoami, long code, const char *fmt, va_list args)
+ __attribute__((__format__(__printf__, 3, 0)));
+
const char *
error_message (long code)
{
diff -r b3cbb515c883 -r 93422e7707c7 crypto/dist/heimdal/lib/des/rnd_keys.c
--- a/crypto/dist/heimdal/lib/des/rnd_keys.c Thu Apr 05 23:24:59 2001 +0000
+++ b/crypto/dist/heimdal/lib/des/rnd_keys.c Thu Apr 05 23:25:03 2001 +0000
@@ -34,7 +34,7 @@
#ifdef HAVE_CONFIG_H
#include "config.h"
-RCSID("$Id: rnd_keys.c,v 1.1.1.1 2000/06/16 18:32:28 thorpej Exp $");
+RCSID("$Id: rnd_keys.c,v 1.1.1.1.2.1 2001/04/05 23:25:03 he Exp $");
#endif
#include <des.h>
@@ -98,13 +98,6 @@
int
des_new_random_key(des_cblock *key);
-
-
-
-
-
-
-
/*
* Generate "random" data by checksumming a file.
*
@@ -382,9 +375,6 @@
* problems with permissions.
*/
-void
-des_init_random_number_generator(des_cblock *seed);
-
/*
* In case the generator does not get initialized use this as fallback.
*/
diff -r b3cbb515c883 -r 93422e7707c7 crypto/dist/heimdal/lib/hdb/hdb-private.h
--- a/crypto/dist/heimdal/lib/hdb/hdb-private.h Thu Apr 05 23:24:59 2001 +0000
+++ b/crypto/dist/heimdal/lib/hdb/hdb-private.h Thu Apr 05 23:25:03 2001 +0000
@@ -13,36 +13,4 @@
#endif
#endif
-krb5_error_code
-_hdb_fetch __P((
- krb5_context context,
- HDB *db,
- unsigned flags,
- hdb_entry *entry));
-
-krb5_error_code
-_hdb_remove __P((
- krb5_context context,
- HDB *db,
- hdb_entry *entry));
-
-void
-_hdb_seal_keys_int __P((
- hdb_entry *ent,
- int key_version,
- krb5_data schedule));
-
-krb5_error_code
-_hdb_store __P((
- krb5_context context,
- HDB *db,
- unsigned flags,
- hdb_entry *entry));
-
-void
-_hdb_unseal_keys_int __P((
- hdb_entry *ent,
- int key_version,
- krb5_data schedule));
-
#endif /* __hdb_private_h__ */
diff -r b3cbb515c883 -r 93422e7707c7 crypto/dist/heimdal/lib/krb5/get_cred.c
--- a/crypto/dist/heimdal/lib/krb5/get_cred.c Thu Apr 05 23:24:59 2001 +0000
+++ b/crypto/dist/heimdal/lib/krb5/get_cred.c Thu Apr 05 23:25:03 2001 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: get_cred.c,v 1.1.1.1 2000/06/16 18:32:57 thorpej Exp $");
+RCSID("$Id: get_cred.c,v 1.1.1.1.2.1 2001/04/05 23:25:04 he Exp $");
/*
* Take the `body' and encode it into `padata' using the credentials
@@ -45,7 +45,8 @@
krb5_auth_context ac,
KDC_REQ_BODY *body,
PA_DATA *padata,
- krb5_creds *creds)
+ krb5_creds *creds,
+ krb5_key_usage usage)
{
u_char *buf;
size_t buf_size;
@@ -82,12 +83,14 @@
in_data.data = buf + buf_size - len;
ret = krb5_mk_req_internal(context, &ac, 0, &in_data, creds,
&padata->padata_value,
- KRB5_KU_TGS_REQ_AUTH_CKSUM);
+ KRB5_KU_TGS_REQ_AUTH_CKSUM,
+ usage
+ /* KRB5_KU_TGS_REQ_AUTH */);
out:
free (buf);
if(ret)
return ret;
- padata->padata_type = pa_tgs_req;
+ padata->padata_type = KRB5_PADATA_TGS_REQ;
return 0;
}
@@ -161,7 +164,8 @@
krb5_creds *krbtgt,
unsigned nonce,
krb5_keyblock **subkey,
- TGS_REQ *t)
+ TGS_REQ *t,
+ krb5_key_usage usage)
{
krb5_error_code ret;
@@ -191,6 +195,10 @@
ret = ENOMEM;
goto fail;
}
+
+ /* some versions of some code might require that the client be
+ present in TGS-REQs, but this is clearly against the spec */
+
ret = copy_PrincipalName(&in_creds->server->name, t->req_body.sname);
if (ret)
goto fail;
@@ -261,7 +269,8 @@
ac,
&t->req_body,
t->padata->val,
- krbtgt);
+ krbtgt,
+ usage);
if(ret) {
krb5_free_keyblock (context, key);
krb5_auth_con_free(context, ac);
@@ -273,6 +282,7 @@
}
fail:
if (ret)
+ /* XXX - don't free addresses? */
free_TGS_REQ (t);
return ret;
}
@@ -320,7 +330,9 @@
size_t size;
krb5_crypto crypto;
- krb5_crypto_init(context, key, 0, &crypto);
+ ret = krb5_crypto_init(context, key, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
usage,
@@ -329,7 +341,9 @@
krb5_crypto_destroy(context, crypto);
if(ret && subkey){
/* DCE compat -- try to decrypt with subkey */
- krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto);
+ ret = krb5_crypto_init(context, (krb5_keyblock*)subkey, 0, &crypto);
+ if (ret)
+ return ret;
ret = krb5_decrypt_EncryptedData (context,
crypto,
KRB5_KU_TGS_REP_ENC_PART_SUB_KEY,
@@ -356,13 +370,14 @@
}
static krb5_error_code
-get_cred_kdc(krb5_context context,
+get_cred_kdc_usage(krb5_context context,
krb5_ccache id,
krb5_kdc_flags flags,
krb5_addresses *addresses,
krb5_creds *in_creds,
krb5_creds *krbtgt,
- krb5_creds *out_creds)
+ krb5_creds *out_creds,
+ krb5_key_usage usage)
{
TGS_REQ req;
krb5_data enc;
@@ -397,7 +412,8 @@
krbtgt,
nonce,
&subkey,
- &req);
+ &req,
+ usage);
if(flags.b.enc_tkt_in_skey)
free_Ticket(&second_ticket);
if (ret)
@@ -496,6 +512,25 @@
}
+static krb5_error_code
+get_cred_kdc(krb5_context context,
+ krb5_ccache id,
+ krb5_kdc_flags flags,
+ krb5_addresses *addresses,
+ krb5_creds *in_creds,
+ krb5_creds *krbtgt,
+ krb5_creds *out_creds)
+{
+ krb5_error_code ret;
+
+ ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds,
+ krbtgt, out_creds, KRB5_KU_TGS_REQ_AUTH);
+ if (ret == KRB5KRB_AP_ERR_BAD_INTEGRITY)
+ ret = get_cred_kdc_usage(context, id, flags, addresses, in_creds,
+ krbtgt, out_creds, KRB5_KU_AP_REQ_AUTH);
+ return ret;
+}
Home |
Main Index |
Thread Index |
Old Index