Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src/crypto/dist/heimdal/kpasswd Pull up revision 1.3 (via p...
details: https://anonhg.NetBSD.org/src/rev/175534b619d1
branches: netbsd-1-5
changeset: 491181:175534b619d1
user: he <he%NetBSD.org@localhost>
date: Thu Apr 05 23:31:45 2001 +0000
description:
Pull up revision 1.3 (via patch, requested by assar):
Upgrade Heimdal to version 0.3e.
diffstat:
crypto/dist/heimdal/kpasswd/kpasswdd.c | 124 +++++++++++---------------------
1 files changed, 44 insertions(+), 80 deletions(-)
diffs (233 lines):
diff -r 6a33f1219f9a -r 175534b619d1 crypto/dist/heimdal/kpasswd/kpasswdd.c
--- a/crypto/dist/heimdal/kpasswd/kpasswdd.c Thu Apr 05 23:31:14 2001 +0000
+++ b/crypto/dist/heimdal/kpasswd/kpasswdd.c Thu Apr 05 23:31:45 2001 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997-2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997-2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,12 +32,9 @@
*/
#include "kpasswd_locl.h"
-RCSID("$Id: kpasswdd.c,v 1.1.1.1.2.1 2000/09/19 19:00:22 fvdl Exp $");
+RCSID("$Id: kpasswdd.c,v 1.1.1.1.2.2 2001/04/05 23:31:45 he Exp $");
#include <kadm5/admin.h>
-#ifdef HAVE_DLFCN_H
-#include <dlfcn.h>
-#endif
#include <hdb.h>
@@ -166,7 +163,7 @@
krb5_data e_data;
ret = krb5_mk_rep (context,
- &auth_context,
+ auth_context,
&ap_rep_data);
if (ret) {
krb5_warn (context, ret, "Could not even generate error reply");
@@ -206,14 +203,10 @@
{
krb5_error_code ret;
char *client;
- kadm5_principal_ent_rec ent;
- krb5_key_data *kd;
- krb5_salt salt;
- krb5_keyblock new_keyblock;
const char *pwd_reason;
- int unchanged;
kadm5_config_params conf;
void *kadm5_handle;
+ char *tmp;
memset (&conf, 0, sizeof(conf));
@@ -244,75 +237,27 @@
return;
}
- ret = kadm5_get_principal (kadm5_handle,
- principal,
- &ent,
- KADM5_KEY_DATA);
- if (ret) {
- krb5_warn (context, ret, "kadm5_get_principal");
+ tmp = malloc (pwd_data->length + 1);
+ if (tmp == NULL) {
+ krb5_warnx (context, "malloc: out of memory");
reply_priv (auth_context, s, sa, sa_size, 2,
"Internal error");
- kadm5_destroy (kadm5_handle);
- return;
+ goto out;
}
-
- /*
- * Compare with the first key to see if it already has been
- * changed. If it hasn't, store the new key in the database and
- * string2key all the rest of them.
- */
-
- kd = &ent.key_data[0];
-
- salt.salttype = kd->key_data_type[1];
- salt.saltvalue.length = kd->key_data_length[1];
- salt.saltvalue.data = kd->key_data_contents[1];
-
- memset (&new_keyblock, 0, sizeof(new_keyblock));
- krb5_string_to_key_data_salt (context,
- kd->key_data_type[0],
- *pwd_data,
- salt,
- &new_keyblock);
-
- unchanged = new_keyblock.keytype == kd->key_data_type[0]
- && new_keyblock.keyvalue.length == kd->key_data_length[0]
- && memcmp(new_keyblock.keyvalue.data,
- kd->key_data_contents[0],
- new_keyblock.keyvalue.length) == 0;
+ memcpy (tmp, pwd_data->data, pwd_data->length);
+ tmp[pwd_data->length] = '\0';
- krb5_free_keyblock_contents (context, &new_keyblock);
-
- if (unchanged) {
- ret = 0;
- } else {
- char *tmp;
-
- tmp = malloc (pwd_data->length + 1);
- if (tmp == NULL) {
- krb5_warnx (context, "malloc: out of memory");
- reply_priv (auth_context, s, sa, sa_size, 2,
- "Internal error");
- goto out;
- }
- memcpy (tmp, pwd_data->data, pwd_data->length);
- tmp[pwd_data->length] = '\0';
-
- ret = kadm5_chpass_principal (kadm5_handle,
- principal,
- tmp);
- memset (tmp, 0, pwd_data->length);
- free (tmp);
- if (ret) {
- krb5_warn (context, ret, "kadm5_s_chpass_principal");
- reply_priv (auth_context, s, sa, sa_size, 2,
- "Internal error");
- goto out;
- }
+ ret = kadm5_s_chpass_principal_cond (kadm5_handle, principal, tmp);
+ memset (tmp, 0, pwd_data->length);
+ free (tmp);
+ if (ret) {
+ krb5_warn (context, ret, "kadm5_s_chpass_principal_cond");
+ reply_priv (auth_context, s, sa, sa_size, 2,
+ "Internal error");
+ goto out;
}
reply_priv (auth_context, s, sa, sa_size, 0, "Password changed");
out:
- kadm5_free_principal_ent (kadm5_handle, &ent);
kadm5_destroy (kadm5_handle);
}
@@ -421,9 +366,6 @@
return;
}
- krb5_auth_con_setflags (context, auth_context,
- KRB5_AUTH_CONTEXT_DO_SEQUENCE);
-
ret = krb5_sockaddr2address (sa, &other_addr);
if (ret) {
krb5_warn (context, ret, "krb5_sockaddr2address");
@@ -447,6 +389,7 @@
s,
sa, sa_size,
&out_data);
+ memset (out_data.data, 0, out_data.length);
krb5_free_ticket (context, ticket);
free (ticket);
}
@@ -556,6 +499,8 @@
krb5_err (context, 1, errno, "bind(%s)", str);
}
maxfd = max (maxfd, sockets[i]);
+ if (maxfd >= FD_SETSIZE)
+ krb5_errx (context, 1, "fd too large");
FD_SET(sockets[i], &real_fdset);
}
#ifdef INETD_SUPPORT
@@ -582,7 +527,7 @@
for (i = 0; i < n; ++i)
if (FD_ISSET(sockets[i], &fdset)) {
u_char buf[BUFSIZ];
- int addrlen = sizeof(__ss);
+ socklen_t addrlen = sizeof(__ss);
ret = recvfrom (sockets[i], buf, sizeof(buf), 0,
sa, &addrlen);
@@ -639,6 +584,7 @@
char *realm_str;
int version_flag;
int help_flag;
+char *port_str;
struct getargs args[] = {
#ifdef HAVE_DLOPEN
@@ -650,6 +596,7 @@
{ "keytab", 'k', arg_string, &keytab_str,
"keytab to get authentication key from", "kspec" },
{ "realm", 'r', arg_string, &realm_str, "default realm", "realm" },
+ { "port", 'p', arg_string, &port_str, "port" },
{ "version", 0, arg_flag, &version_flag },
{ "help", 0, arg_flag, &help_flag }
};
@@ -661,6 +608,7 @@
int optind;
krb5_keytab keytab;
krb5_error_code ret;
+ int port;
optind = krb5_program_setup(&context, argc, argv, args, num_args, NULL);
@@ -677,6 +625,22 @@
krb5_openlog (context, "kpasswdd", &log_facility);
krb5_set_warn_dest(context, log_facility);
+ if (port_str != NULL) {
+ struct servent *s = roken_getservbyname (port_str, "udp");
+
+ if (s != NULL)
+ port = s->s_port;
+ else {
+ char *ptr;
+
+ port = strtol (port_str, &ptr, 10);
+ if (port == 0 && ptr == port_str)
+ krb5_errx (context, 1, "bad port `%s'", port_str);
+ port = htons(port);
+ }
+ } else
+ port = krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT);
+
ret = krb5_kt_register(context, &hdb_kt_ops);
if(ret)
krb5_err(context, 1, ret, "krb5_kt_register");
@@ -703,7 +667,7 @@
signal(SIGTERM, sigterm);
#endif
- return doit (keytab,
- krb5_getportbyname (context, "kpasswd",
- "udp", KPASSWD_PORT));
+ pidfile(NULL);
+
+ return doit (keytab, port);
}
Home |
Main Index |
Thread Index |
Old Index