[src/trunk]: src/gnu enable krb4 and gssapi authentication

[assar <assar%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/d923e67deadc
branches:  trunk
changeset: 504504:d923e67deadc
user:      assar <assar%NetBSD.org@localhost>
date:      Sun Mar 04 06:29:30 2001 +0000

description:
enable krb4 and gssapi authentication

diffstat:

 gnu/dist/cvs/src/client.c        |  20 +++++++-------------
 gnu/dist/cvs/src/server.c        |   3 ++-
 gnu/usr.bin/cvs/cvs/Makefile     |  11 ++++++++++-
 gnu/usr.bin/cvs/include/config.h |   8 ++++----
 4 files changed, 23 insertions(+), 19 deletions(-)

diffs (141 lines):

diff -r 802b27bfc77d -r d923e67deadc gnu/dist/cvs/src/client.c
--- a/gnu/dist/cvs/src/client.c Sun Mar 04 06:06:57 2001 +0000
+++ b/gnu/dist/cvs/src/client.c Sun Mar 04 06:29:30 2001 +0000
@@ -16,13 +16,6 @@
 #include "config.h"
 #endif /* HAVE_CONFIG_H */
 
-#ifdef HAVE_KERBEROS
-# error kerberos is not supported with the IPv6 patch
-#endif
-#ifdef HAVE_GSSAPI
-# error gssapi is not supported with the IPv6 patch
-#endif
-
 #include <assert.h>
 #include "cvs.h"
 #include "getline.h"
@@ -101,7 +94,7 @@
 /* This is needed for GSSAPI encryption.  */
 static gss_ctx_id_t gcontext;
 
-static int connect_to_gserver PROTO((int, struct hostent *));
+static int connect_to_gserver PROTO((int, const char *));
 
 #endif /* HAVE_GSSAPI */
 
@@ -3824,7 +3817,7 @@
     if (do_gssapi)
     {
 #ifdef HAVE_GSSAPI
-       if (! connect_to_gserver (sock, hostinfo))
+       if (! connect_to_gserver (sock, res0->ai_canonname))
            goto rejected;
 #else
        error (1, 0, "This client does not support GSSAPI authentication");
@@ -4081,7 +4074,8 @@
 
        /* We don't care about the checksum, and pass it as zero.  */
        status = krb_sendauth (KOPT_DO_MUTUAL, s, &ticket, "rcmd",
-                              hname, realm, (unsigned long) 0, &msg_data,
+                              hname, (char *)realm, (unsigned long) 0,
+                              &msg_data,
                               &cred, sched, &laddr, &sin, "KCVSV1.0");
        if (status != KSUCCESS)
            error (1, 0, "kerberos authentication failed: %s",
@@ -4128,9 +4122,9 @@
 /* Connect to the server using GSSAPI authentication.  */
 
 static int
-connect_to_gserver (sock, hostinfo)
+connect_to_gserver (sock, hostname)
      int sock;
-     struct hostent *hostinfo;
+     const char *hostname;
 {
     char *str;
     char buf[1024];
@@ -4143,7 +4137,7 @@
     if (send (sock, str, strlen (str), 0) < 0)
        error (1, 0, "cannot send: %s", SOCK_STRERROR (SOCK_ERRNO));
 
-    sprintf (buf, "cvs@%s", hostinfo->h_name);
+    sprintf (buf, "cvs@%s", hostname);
     tok_in.length = strlen (buf);
     tok_in.value = buf;
     gss_import_name (&stat_min, &tok_in, GSS_C_NT_HOSTBASED_SERVICE,
diff -r 802b27bfc77d -r d923e67deadc gnu/dist/cvs/src/server.c
--- a/gnu/dist/cvs/src/server.c Sun Mar 04 06:06:57 2001 +0000
+++ b/gnu/dist/cvs/src/server.c Sun Mar 04 06:29:30 2001 +0000
@@ -5804,7 +5804,8 @@
 #endif
 
     status = krb_recvauth (KOPT_DO_MUTUAL, STDIN_FILENO, &ticket, "rcmd",
-                          instance, &peer, &laddr, &auth, "", sched,
+                          instance, (struct sockaddr_in *)&peer,
+                          (struct sockaddr_in *)&laddr, &auth, "", sched,
                           version);
     if (status != KSUCCESS)
     {
diff -r 802b27bfc77d -r d923e67deadc gnu/usr.bin/cvs/cvs/Makefile
--- a/gnu/usr.bin/cvs/cvs/Makefile      Sun Mar 04 06:06:57 2001 +0000
+++ b/gnu/usr.bin/cvs/cvs/Makefile      Sun Mar 04 06:29:30 2001 +0000
@@ -1,4 +1,4 @@
-#      $NetBSD: Makefile,v 1.2 2000/09/04 22:14:31 christos Exp $
+#      $NetBSD: Makefile,v 1.3 2001/03/04 06:29:30 assar Exp $
 
 .include "${.CURDIR}/../Makefile.inc"
 
@@ -21,4 +21,13 @@
 DPADD+= ${LIBDIFF} ${LIBCVS} ${LIBCRYPT} ${LIBZ}
 LDADD+= ${LIBDIFF} ${LIBCVS} -lcrypt -lz
 
+.if (${MKKERBEROS} != "no")
+CPPFLAGS+= -DHAVE_KERBEROS -I/usr/include/kerberosIV
+DPADD+= ${LIBKRB} ${LIBDES} ${LIBCOM_ERR} ${LIBROKEN} ${LIBCRYPT}
+LDADD+= -lkrb -ldes -lcom_err -lroken -lcrypt
+CPPFLAGS+= -DHAVE_GSSAPI -I/usr/include/krb5
+DPADD+= ${LIBGSSAPI} ${LIBKRB5} ${LIBDES} ${LIBASN1} ${LIBCOM_ERR} ${LIBROKEN} ${LIBCRYPT}
+LDADD+= -lgssapi -lkrb5 -ldes -lasn1 -lcom_err -lroken -lcrypt
+.endif
+
 .include <bsd.prog.mk>
diff -r 802b27bfc77d -r d923e67deadc gnu/usr.bin/cvs/include/config.h
--- a/gnu/usr.bin/cvs/include/config.h  Sun Mar 04 06:06:57 2001 +0000
+++ b/gnu/usr.bin/cvs/include/config.h  Sun Mar 04 06:29:30 2001 +0000
@@ -83,7 +83,7 @@
 
 /* Define if GSS_C_NT_HOSTBASED_SERVICE is defined in the gssapi.h
    header file.  Only relevant when using GSSAPI.  */
-/* #undef HAVE_GSS_C_NT_HOSTBASED_SERVICE */
+#define HAVE_GSS_C_NT_HOSTBASED_SERVICE 1
 
 /* Define if you want CVS to be able to be a remote repository client.  */
 #define CLIENT_SUPPORT 1
@@ -158,7 +158,7 @@
 #define HAVE_INITGROUPS 1
 
 /* Define if you have the krb_get_err_text function.  */
-/* #undef HAVE_KRB_GET_ERR_TEXT */
+#define HAVE_KRB_GET_ERR_TEXT 1
 
 /* Define if you have the memmove function.  */
 #define HAVE_MEMMOVE 1
@@ -242,7 +242,7 @@
 /* #undef HAVE_GSSAPI_H */
 
 /* Define if you have the <gssapi/gssapi.h> header file.  */
-/* #undef HAVE_GSSAPI_GSSAPI_H */
+#define HAVE_GSSAPI_GSSAPI_H 1
 
 /* Define if you have the <gssapi/gssapi_generic.h> header file.  */
 /* #undef HAVE_GSSAPI_GSSAPI_GENERIC_H */
@@ -251,7 +251,7 @@
 /* #undef HAVE_IO_H */
 
 /* Define if you have the <krb5.h> header file.  */
-/* #undef HAVE_KRB5_H */
+#define HAVE_KRB5_H 1
 
 /* Define if you have the <limits.h> header file.  */
 #define HAVE_LIMITS_H 1