aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMark Murray <markm@FreeBSD.org>1999-09-19 14:19:32 +0000
committerMark Murray <markm@FreeBSD.org>1999-09-19 14:19:32 +0000
commitf4c5d10e699c47c4d903bcf9f8486ecea140ef8f (patch)
tree36ce70fe2e8419130e546c38a7790e8ab224a362
parent03656ac1b015e707cea8379d6dab400f41a2dd86 (diff)
downloadsrc-f4c5d10e699c47c4d903bcf9f8486ecea140ef8f.tar.gz
src-f4c5d10e699c47c4d903bcf9f8486ecea140ef8f.zip
Clean import of KTH krb4-0.10.1.
Notes
Notes: svn path=/vendor-crypto/kerberosIV/dist/; revision=51415
-rw-r--r--crypto/kerberosIV/COPYRIGHT2
-rw-r--r--crypto/kerberosIV/ChangeLog1492
-rw-r--r--crypto/kerberosIV/Makefile.in11
-rw-r--r--crypto/kerberosIV/NEWS115
-rw-r--r--crypto/kerberosIV/PROBLEMS40
-rw-r--r--crypto/kerberosIV/README3
-rw-r--r--crypto/kerberosIV/TODO6
-rw-r--r--crypto/kerberosIV/acconfig.h194
-rw-r--r--crypto/kerberosIV/acinclude.m49
-rw-r--r--crypto/kerberosIV/aclocal.m41418
-rw-r--r--crypto/kerberosIV/admin/Makefile.in34
-rw-r--r--crypto/kerberosIV/admin/ext_srvtab.c33
-rw-r--r--crypto/kerberosIV/admin/kdb_destroy.c21
-rw-r--r--crypto/kerberosIV/admin/kdb_edit.c85
-rw-r--r--crypto/kerberosIV/admin/kdb_init.c23
-rw-r--r--crypto/kerberosIV/admin/kdb_util.c52
-rw-r--r--crypto/kerberosIV/appl/Makefile.in8
-rw-r--r--crypto/kerberosIV/appl/afsutil/Makefile.in89
-rw-r--r--crypto/kerberosIV/appl/afsutil/aklog.c239
-rw-r--r--crypto/kerberosIV/appl/afsutil/kstring2key.c142
-rw-r--r--crypto/kerberosIV/appl/afsutil/pagsh.c141
-rw-r--r--crypto/kerberosIV/appl/bsd/Makefile.in65
-rw-r--r--crypto/kerberosIV/appl/bsd/bsd_locl.h46
-rw-r--r--crypto/kerberosIV/appl/bsd/encrypt.c24
-rw-r--r--crypto/kerberosIV/appl/bsd/forkpty.c53
-rw-r--r--crypto/kerberosIV/appl/bsd/kcmd.c12
-rw-r--r--crypto/kerberosIV/appl/bsd/klogin.c86
-rw-r--r--crypto/kerberosIV/appl/bsd/login.c268
-rw-r--r--crypto/kerberosIV/appl/bsd/login_access.c71
-rw-r--r--crypto/kerberosIV/appl/bsd/login_fbtab.c18
-rw-r--r--crypto/kerberosIV/appl/bsd/osfc2.c84
-rw-r--r--crypto/kerberosIV/appl/bsd/pathnames.h11
-rw-r--r--crypto/kerberosIV/appl/bsd/rcmd_util.c4
-rw-r--r--crypto/kerberosIV/appl/bsd/rcp.c165
-rw-r--r--crypto/kerberosIV/appl/bsd/rcp_util.c42
-rw-r--r--crypto/kerberosIV/appl/bsd/rlogin.c66
-rw-r--r--crypto/kerberosIV/appl/bsd/rlogind.c51
-rw-r--r--crypto/kerberosIV/appl/bsd/rsh.c65
-rw-r--r--crypto/kerberosIV/appl/bsd/rshd.c33
-rw-r--r--crypto/kerberosIV/appl/bsd/su.c42
-rw-r--r--crypto/kerberosIV/appl/bsd/sysv_default.c6
-rw-r--r--crypto/kerberosIV/appl/bsd/sysv_environ.c7
-rw-r--r--crypto/kerberosIV/appl/bsd/sysv_shadow.c4
-rw-r--r--crypto/kerberosIV/appl/bsd/sysv_shadow.h4
-rw-r--r--crypto/kerberosIV/appl/bsd/utmp_login.c18
-rw-r--r--crypto/kerberosIV/appl/bsd/utmpx_login.c6
-rw-r--r--crypto/kerberosIV/appl/ftp/ChangeLog196
-rw-r--r--crypto/kerberosIV/appl/ftp/Makefile.am5
-rw-r--r--crypto/kerberosIV/appl/ftp/Makefile.in7
-rw-r--r--crypto/kerberosIV/appl/ftp/common/Makefile.am12
-rw-r--r--crypto/kerberosIV/appl/ftp/common/Makefile.in13
-rw-r--r--crypto/kerberosIV/appl/ftp/common/buffer.c3
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/Makefile.am44
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/Makefile.in66
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/cmds.c581
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/cmdtab.c11
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/domacro.c4
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/extern.h12
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/ftp.c1121
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h21
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/gssapi.c334
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/kauth.c57
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/krb4.c612
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/main.c21
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/ruserpass.c350
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/security.c730
-rw-r--r--crypto/kerberosIV/appl/ftp/ftp/security.h130
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/Makefile.am53
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/Makefile.in40
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/extern.h21
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y543
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/ftpd.c381
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h168
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c74
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/kauth.c161
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c28
-rw-r--r--crypto/kerberosIV/appl/ftp/ftpd/popen.c8
-rw-r--r--crypto/kerberosIV/appl/kauth/ChangeLog24
-rw-r--r--crypto/kerberosIV/appl/kauth/Makefile.am42
-rw-r--r--crypto/kerberosIV/appl/kauth/Makefile.in36
-rw-r--r--crypto/kerberosIV/appl/kauth/kauth.c141
-rw-r--r--crypto/kerberosIV/appl/kauth/kauth.h9
-rw-r--r--crypto/kerberosIV/appl/kauth/kauthd.c18
-rw-r--r--crypto/kerberosIV/appl/kauth/ksrvtgt.in4
-rw-r--r--crypto/kerberosIV/appl/kauth/marshall.c86
-rw-r--r--crypto/kerberosIV/appl/kauth/rkinit.c16
-rw-r--r--crypto/kerberosIV/appl/kip/Makefile.in30
-rw-r--r--crypto/kerberosIV/appl/kip/kip.c22
-rw-r--r--crypto/kerberosIV/appl/kip/kip.h5
-rw-r--r--crypto/kerberosIV/appl/kip/kipd.c8
-rw-r--r--crypto/kerberosIV/appl/sample/Makefile.in83
-rw-r--r--crypto/kerberosIV/appl/sample/sample.h81
-rw-r--r--crypto/kerberosIV/appl/sample/sample_client.c168
-rw-r--r--crypto/kerberosIV/appl/sample/sample_server.c153
-rw-r--r--crypto/kerberosIV/appl/sample/simple.h14
-rw-r--r--crypto/kerberosIV/appl/sample/simple_client.c202
-rw-r--r--crypto/kerberosIV/appl/sample/simple_server.c140
-rw-r--r--crypto/kerberosIV/appl/telnet/ChangeLog232
-rw-r--r--crypto/kerberosIV/appl/telnet/Makefile.am11
-rw-r--r--crypto/kerberosIV/appl/telnet/Makefile.in42
-rw-r--r--crypto/kerberosIV/appl/telnet/README.ORIG743
-rw-r--r--crypto/kerberosIV/appl/telnet/arpa/telnet.h323
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/Makefile.am24
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/Makefile.in54
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/auth-proto.h122
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/auth.c657
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/auth.h81
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/enc-proto.h132
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/enc_des.c671
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/encrypt.c995
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/encrypt.h98
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/genget.c103
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/kerberos.c717
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/kerberos5.c734
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/krb4encpwd.c437
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/misc-proto.h79
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/misc.c94
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/misc.h42
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/rsaencpwd.c487
-rw-r--r--crypto/kerberosIV/appl/telnet/libtelnet/spx.c586
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet.state80
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/Makefile.am20
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/Makefile.in75
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/authenc.c91
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/commands.c2693
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/defines.h60
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/externs.h429
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/main.c321
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/network.c163
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/ring.c321
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/ring.h99
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/sys_bsd.c972
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/telnet.c2313
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/telnet_locl.h176
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/terminal.c225
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/types.h52
-rw-r--r--crypto/kerberosIV/appl/telnet/telnet/utilities.c863
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/Makefile.am21
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/Makefile.in79
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/authenc.c82
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/defs.h190
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/ext.h204
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/global.c107
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/slc.c57
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/state.c1356
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/sys_term.c1863
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/telnetd.c1357
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/telnetd.h224
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/termstat.c140
-rw-r--r--crypto/kerberosIV/appl/telnet/telnetd/utility.c1157
-rw-r--r--crypto/kerberosIV/cf/ChangeLog158
-rw-r--r--crypto/kerberosIV/cf/Makefile.am.common255
-rw-r--r--crypto/kerberosIV/cf/auth-modules.m427
-rw-r--r--crypto/kerberosIV/cf/broken-glob.m422
-rw-r--r--crypto/kerberosIV/cf/broken-snprintf.m458
-rw-r--r--crypto/kerberosIV/cf/broken.m419
-rw-r--r--crypto/kerberosIV/cf/c-attribute.m431
-rw-r--r--crypto/kerberosIV/cf/c-function.m433
-rw-r--r--crypto/kerberosIV/cf/check-declaration.m425
-rw-r--r--crypto/kerberosIV/cf/check-getpwnam_r-posix.m424
-rw-r--r--crypto/kerberosIV/cf/check-man.m459
-rw-r--r--crypto/kerberosIV/cf/check-netinet-ip-and-tcp.m438
-rw-r--r--crypto/kerberosIV/cf/check-type-extra.m423
-rw-r--r--crypto/kerberosIV/cf/check-var.m420
-rw-r--r--crypto/kerberosIV/cf/check-x.m452
-rw-r--r--crypto/kerberosIV/cf/check-xau.m464
-rw-r--r--crypto/kerberosIV/cf/find-func-no-libs.m49
-rw-r--r--crypto/kerberosIV/cf/find-func-no-libs2.m463
-rw-r--r--crypto/kerberosIV/cf/find-func.m49
-rw-r--r--crypto/kerberosIV/cf/find-if-not-broken.m413
-rw-r--r--crypto/kerberosIV/cf/grok-type.m435
-rw-r--r--crypto/kerberosIV/cf/have-pragma-weak.m437
-rw-r--r--crypto/kerberosIV/cf/have-struct-field.m419
-rw-r--r--crypto/kerberosIV/cf/krb-find-db.m498
-rw-r--r--crypto/kerberosIV/cf/krb-func-getcwd-broken.m442
-rw-r--r--crypto/kerberosIV/cf/krb-ipv6.m4130
-rw-r--r--crypto/kerberosIV/cf/krb-prog-ln-s.m428
-rw-r--r--crypto/kerberosIV/cf/krb-prog-ranlib.m48
-rw-r--r--crypto/kerberosIV/cf/krb-prog-yacc.m48
-rw-r--r--crypto/kerberosIV/cf/krb-struct-sockaddr-sa-len.m422
-rw-r--r--crypto/kerberosIV/cf/krb-struct-spwd.m422
-rw-r--r--crypto/kerberosIV/cf/krb-struct-winsize.m427
-rw-r--r--crypto/kerberosIV/cf/krb-sys-aix.m415
-rw-r--r--crypto/kerberosIV/cf/krb-sys-nextstep.m421
-rw-r--r--crypto/kerberosIV/cf/krb-version.m425
-rw-r--r--crypto/kerberosIV/cf/make-proto.pl199
-rw-r--r--crypto/kerberosIV/cf/mips-abi.m487
-rw-r--r--crypto/kerberosIV/cf/misc.m43
-rw-r--r--crypto/kerberosIV/cf/need-proto.m425
-rw-r--r--crypto/kerberosIV/cf/osfc2.m414
-rw-r--r--crypto/kerberosIV/cf/proto-compat.m422
-rw-r--r--crypto/kerberosIV/cf/shared-libs.m4186
-rw-r--r--crypto/kerberosIV/cf/test-package.m488
-rw-r--r--crypto/kerberosIV/cf/wflags.m421
-rw-r--r--crypto/kerberosIV/config.guess280
-rw-r--r--crypto/kerberosIV/config.sub109
-rw-r--r--crypto/kerberosIV/configure5756
-rw-r--r--crypto/kerberosIV/configure.in938
-rw-r--r--crypto/kerberosIV/doc/Makefile.in25
-rw-r--r--crypto/kerberosIV/doc/ack.texi26
-rw-r--r--crypto/kerberosIV/doc/dir17
-rw-r--r--crypto/kerberosIV/doc/install.texi64
-rw-r--r--crypto/kerberosIV/doc/intro.texi42
-rw-r--r--crypto/kerberosIV/doc/kth-krb.texi17
-rw-r--r--crypto/kerberosIV/doc/problems.texi147
-rw-r--r--crypto/kerberosIV/doc/setup.texi110
-rw-r--r--crypto/kerberosIV/doc/whatis.texi2
-rw-r--r--crypto/kerberosIV/etc/inetd.conf.changes4
-rw-r--r--crypto/kerberosIV/etc/krb.conf19
-rw-r--r--crypto/kerberosIV/etc/krb.realms7
-rw-r--r--crypto/kerberosIV/etc/services.append14
-rw-r--r--crypto/kerberosIV/include/Makefile.in125
-rw-r--r--crypto/kerberosIV/include/bits.c213
-rw-r--r--crypto/kerberosIV/include/config.h.in607
-rw-r--r--crypto/kerberosIV/include/protos.H282
-rw-r--r--crypto/kerberosIV/include/sys/Makefile.in21
-rw-r--r--crypto/kerberosIV/include/sys/socket.x7
-rw-r--r--crypto/kerberosIV/kadmin/Makefile.in54
-rw-r--r--crypto/kerberosIV/kadmin/admin_server.c78
-rw-r--r--crypto/kerberosIV/kadmin/kadm_funcs.c72
-rw-r--r--crypto/kerberosIV/kadmin/kadm_locl.h45
-rw-r--r--crypto/kerberosIV/kadmin/kadm_ser_wrap.c84
-rw-r--r--crypto/kerberosIV/kadmin/kadmin.c918
-rw-r--r--crypto/kerberosIV/kadmin/kpasswd.c36
-rw-r--r--crypto/kerberosIV/kadmin/ksrvutil.c224
-rw-r--r--crypto/kerberosIV/kadmin/ksrvutil.h7
-rw-r--r--crypto/kerberosIV/kadmin/ksrvutil_get.c231
-rw-r--r--crypto/kerberosIV/kadmin/new_pwd.c35
-rw-r--r--crypto/kerberosIV/kadmin/random_password.c165
-rw-r--r--crypto/kerberosIV/kuser/Makefile.in30
-rw-r--r--crypto/kerberosIV/kuser/kdestroy.c126
-rw-r--r--crypto/kerberosIV/kuser/kinit.c7
-rw-r--r--crypto/kerberosIV/kuser/klist.c109
-rw-r--r--crypto/kerberosIV/lib/Makefile.in6
-rw-r--r--crypto/kerberosIV/lib/acl/Makefile.in32
-rw-r--r--crypto/kerberosIV/lib/acl/acl.h4
-rw-r--r--crypto/kerberosIV/lib/acl/acl_files.c100
-rw-r--r--crypto/kerberosIV/lib/auth/ChangeLog34
-rw-r--r--crypto/kerberosIV/lib/auth/Makefile.am6
-rw-r--r--crypto/kerberosIV/lib/auth/Makefile.in55
-rw-r--r--crypto/kerberosIV/lib/auth/afskauthlib/Makefile.am38
-rw-r--r--crypto/kerberosIV/lib/auth/afskauthlib/Makefile.in86
-rw-r--r--crypto/kerberosIV/lib/auth/afskauthlib/README25
-rw-r--r--crypto/kerberosIV/lib/auth/afskauthlib/verify.c213
-rw-r--r--crypto/kerberosIV/lib/auth/pam/Makefile.am3
-rw-r--r--crypto/kerberosIV/lib/auth/pam/Makefile.in83
-rw-r--r--crypto/kerberosIV/lib/auth/pam/README25
-rw-r--r--crypto/kerberosIV/lib/auth/pam/pam.c244
-rw-r--r--crypto/kerberosIV/lib/auth/pam/pam.conf.add13
-rw-r--r--crypto/kerberosIV/lib/auth/sia/Makefile.am48
-rw-r--r--crypto/kerberosIV/lib/auth/sia/Makefile.in89
-rw-r--r--crypto/kerberosIV/lib/auth/sia/README87
-rw-r--r--crypto/kerberosIV/lib/auth/sia/krb4+c2_matrix.conf63
-rw-r--r--crypto/kerberosIV/lib/auth/sia/krb4_matrix.conf64
-rw-r--r--crypto/kerberosIV/lib/auth/sia/krb5+c2_matrix.conf27
-rw-r--r--crypto/kerberosIV/lib/auth/sia/krb5_matrix.conf27
-rw-r--r--crypto/kerberosIV/lib/auth/sia/posix_getpw.c78
-rw-r--r--crypto/kerberosIV/lib/auth/sia/security.patch11
-rw-r--r--crypto/kerberosIV/lib/auth/sia/sia.c673
-rw-r--r--crypto/kerberosIV/lib/auth/sia/sia_locl.h94
-rw-r--r--crypto/kerberosIV/lib/kadm/Makefile.in81
-rw-r--r--crypto/kerberosIV/lib/kadm/check_password.c60
-rw-r--r--crypto/kerberosIV/lib/kadm/kadm.h41
-rw-r--r--crypto/kerberosIV/lib/kadm/kadm_cli_wrap.c284
-rw-r--r--crypto/kerberosIV/lib/kadm/kadm_err.et12
-rw-r--r--crypto/kerberosIV/lib/kadm/kadm_locl.h8
-rw-r--r--crypto/kerberosIV/lib/kadm/kadm_stream.c298
-rw-r--r--crypto/kerberosIV/lib/kadm/kadm_supp.c177
-rw-r--r--crypto/kerberosIV/lib/kafs/ChangeLog117
-rw-r--r--crypto/kerberosIV/lib/kafs/Makefile.am69
-rw-r--r--crypto/kerberosIV/lib/kafs/Makefile.in71
-rw-r--r--crypto/kerberosIV/lib/kafs/README.dlfcn246
-rw-r--r--crypto/kerberosIV/lib/kafs/afskrb.c374
-rw-r--r--crypto/kerberosIV/lib/kafs/afskrb5.c177
-rw-r--r--crypto/kerberosIV/lib/kafs/afssys.c265
-rw-r--r--crypto/kerberosIV/lib/kafs/afssysdefs.h13
-rw-r--r--crypto/kerberosIV/lib/kafs/common.c370
-rw-r--r--crypto/kerberosIV/lib/kafs/dlfcn.c119
-rw-r--r--crypto/kerberosIV/lib/kafs/kafs.h108
-rw-r--r--crypto/kerberosIV/lib/kafs/kafs_locl.h49
-rw-r--r--crypto/kerberosIV/lib/kdb/Makefile.in49
-rw-r--r--crypto/kerberosIV/lib/kdb/krb_cache.c32
-rw-r--r--crypto/kerberosIV/lib/kdb/krb_dbm.c121
-rw-r--r--crypto/kerberosIV/lib/kdb/krb_kdb_utils.c28
-rw-r--r--crypto/kerberosIV/lib/kdb/krb_lib.c47
-rw-r--r--crypto/kerberosIV/lib/krb/Makefile.in474
-rw-r--r--crypto/kerberosIV/lib/krb/cr_err_reply.c50
-rw-r--r--crypto/kerberosIV/lib/krb/create_auth_reply.c63
-rw-r--r--crypto/kerberosIV/lib/krb/create_ciph.c44
-rw-r--r--crypto/kerberosIV/lib/krb/create_death_packet.c30
-rw-r--r--crypto/kerberosIV/lib/krb/create_ticket.c45
-rw-r--r--crypto/kerberosIV/lib/krb/debug_decl.c17
-rw-r--r--crypto/kerberosIV/lib/krb/decomp_ticket.c19
-rw-r--r--crypto/kerberosIV/lib/krb/dllmain.c50
-rw-r--r--crypto/kerberosIV/lib/krb/extra.c207
-rw-r--r--crypto/kerberosIV/lib/krb/get_ad_tkt.c38
-rw-r--r--crypto/kerberosIV/lib/krb/get_cred.c4
-rw-r--r--crypto/kerberosIV/lib/krb/get_default_principal.c20
-rw-r--r--crypto/kerberosIV/lib/krb/get_host.c246
-rw-r--r--crypto/kerberosIV/lib/krb/get_in_tkt.c109
-rw-r--r--crypto/kerberosIV/lib/krb/get_krbrlm.c182
-rw-r--r--crypto/kerberosIV/lib/krb/get_svc_in_tkt.c7
-rw-r--r--crypto/kerberosIV/lib/krb/get_tf_fullname.c8
-rw-r--r--crypto/kerberosIV/lib/krb/getaddrs.c93
-rw-r--r--crypto/kerberosIV/lib/krb/getfile.c96
-rw-r--r--crypto/kerberosIV/lib/krb/getrealm.c169
-rw-r--r--crypto/kerberosIV/lib/krb/k_getsockinst.c5
-rw-r--r--crypto/kerberosIV/lib/krb/kdc_reply.c13
-rw-r--r--crypto/kerberosIV/lib/krb/kntoln.c145
-rw-r--r--crypto/kerberosIV/lib/krb/krb-archaeology.h131
-rw-r--r--crypto/kerberosIV/lib/krb/krb-protos.h773
-rw-r--r--crypto/kerberosIV/lib/krb/krb.def16
-rw-r--r--crypto/kerberosIV/lib/krb/krb.dsp398
-rw-r--r--crypto/kerberosIV/lib/krb/krb.h317
-rw-r--r--crypto/kerberosIV/lib/krb/krb.mak3301
-rw-r--r--crypto/kerberosIV/lib/krb/krb.rc105
-rw-r--r--crypto/kerberosIV/lib/krb/krb_equiv.c13
-rw-r--r--crypto/kerberosIV/lib/krb/krb_err.et310
-rw-r--r--crypto/kerberosIV/lib/krb/krb_err_txt.c6
-rw-r--r--crypto/kerberosIV/lib/krb/krb_get_in_tkt.c153
-rw-r--r--crypto/kerberosIV/lib/krb/krb_locl.h59
-rw-r--r--crypto/kerberosIV/lib/krb/krb_log.h79
-rw-r--r--crypto/kerberosIV/lib/krb/krb_net_read.c47
-rw-r--r--crypto/kerberosIV/lib/krb/krb_net_write.c47
-rw-r--r--crypto/kerberosIV/lib/krb/kuserok.c48
-rw-r--r--crypto/kerberosIV/lib/krb/logging.c6
-rw-r--r--crypto/kerberosIV/lib/krb/lsb_addr_comp.c42
-rw-r--r--crypto/kerberosIV/lib/krb/mk_auth.c50
-rw-r--r--crypto/kerberosIV/lib/krb/mk_err.c11
-rw-r--r--crypto/kerberosIV/lib/krb/mk_priv.c20
-rw-r--r--crypto/kerberosIV/lib/krb/mk_req.c102
-rw-r--r--crypto/kerberosIV/lib/krb/mk_safe.c18
-rw-r--r--crypto/kerberosIV/lib/krb/name2name.c29
-rw-r--r--crypto/kerberosIV/lib/krb/parse_name.c8
-rw-r--r--crypto/kerberosIV/lib/krb/prot.h59
-rw-r--r--crypto/kerberosIV/lib/krb/rd_priv.c6
-rw-r--r--crypto/kerberosIV/lib/krb/rd_req.c12
-rw-r--r--crypto/kerberosIV/lib/krb/rd_safe.c4
-rw-r--r--crypto/kerberosIV/lib/krb/read_service_key.c15
-rw-r--r--crypto/kerberosIV/lib/krb/realm_parse.c22
-rw-r--r--crypto/kerberosIV/lib/krb/recvauth.c16
-rw-r--r--crypto/kerberosIV/lib/krb/resource.h15
-rw-r--r--crypto/kerberosIV/lib/krb/roken_rename.h103
-rw-r--r--crypto/kerberosIV/lib/krb/rw.c66
-rw-r--r--crypto/kerberosIV/lib/krb/send_to_kdc.c473
-rw-r--r--crypto/kerberosIV/lib/krb/sendauth.c8
-rw-r--r--crypto/kerberosIV/lib/krb/sizetest.c17
-rw-r--r--crypto/kerberosIV/lib/krb/solaris_compat.c94
-rw-r--r--crypto/kerberosIV/lib/krb/str2key.c31
-rw-r--r--crypto/kerberosIV/lib/krb/tf_util.c77
-rw-r--r--crypto/kerberosIV/lib/krb/ticket_memory.c86
-rw-r--r--crypto/kerberosIV/lib/krb/ticket_memory.h3
-rw-r--r--crypto/kerberosIV/lib/krb/time.c76
-rw-r--r--crypto/kerberosIV/lib/krb/tkt_string.c28
-rw-r--r--crypto/kerberosIV/lib/krb/unparse_name.c18
-rw-r--r--crypto/kerberosIV/lib/krb/verify_user.c118
-rw-r--r--crypto/kerberosIV/lib/roken/ChangeLog373
-rw-r--r--crypto/kerberosIV/lib/roken/Makefile.am157
-rw-r--r--crypto/kerberosIV/lib/roken/Makefile.in182
-rw-r--r--crypto/kerberosIV/lib/roken/base64.c151
-rw-r--r--crypto/kerberosIV/lib/roken/base64.h47
-rw-r--r--crypto/kerberosIV/lib/roken/concat.c117
-rw-r--r--crypto/kerberosIV/lib/roken/daemon.c47
-rw-r--r--crypto/kerberosIV/lib/roken/emalloc.c61
-rw-r--r--crypto/kerberosIV/lib/roken/eread.c62
-rw-r--r--crypto/kerberosIV/lib/roken/erealloc.c61
-rw-r--r--crypto/kerberosIV/lib/roken/err.h6
-rw-r--r--crypto/kerberosIV/lib/roken/estrdup.c61
-rw-r--r--crypto/kerberosIV/lib/roken/ewrite.c62
-rw-r--r--crypto/kerberosIV/lib/roken/flock.c92
-rw-r--r--crypto/kerberosIV/lib/roken/fnmatch.c173
-rw-r--r--crypto/kerberosIV/lib/roken/fnmatch.h49
-rw-r--r--crypto/kerberosIV/lib/roken/get_default_username.c85
-rw-r--r--crypto/kerberosIV/lib/roken/get_window_size.c57
-rw-r--r--crypto/kerberosIV/lib/roken/getarg.c488
-rw-r--r--crypto/kerberosIV/lib/roken/getarg.h74
-rw-r--r--crypto/kerberosIV/lib/roken/getcwd.c9
-rw-r--r--crypto/kerberosIV/lib/roken/getdtablesize.c6
-rw-r--r--crypto/kerberosIV/lib/roken/getegid.c53
-rw-r--r--crypto/kerberosIV/lib/roken/geteuid.c53
-rw-r--r--crypto/kerberosIV/lib/roken/getgid.c53
-rw-r--r--crypto/kerberosIV/lib/roken/gethostname.c77
-rw-r--r--crypto/kerberosIV/lib/roken/gettimeofday.c60
-rw-r--r--crypto/kerberosIV/lib/roken/getuid.c53
-rw-r--r--crypto/kerberosIV/lib/roken/glob.c835
-rw-r--r--crypto/kerberosIV/lib/roken/glob.h84
-rw-r--r--crypto/kerberosIV/lib/roken/hstrerror.c19
-rw-r--r--crypto/kerberosIV/lib/roken/inaddr2str.c29
-rw-r--r--crypto/kerberosIV/lib/roken/inet_aton.c9
-rw-r--r--crypto/kerberosIV/lib/roken/innetgr.c49
-rw-r--r--crypto/kerberosIV/lib/roken/iruserok.c294
-rw-r--r--crypto/kerberosIV/lib/roken/issuid.c58
-rw-r--r--crypto/kerberosIV/lib/roken/k_getpwnam.c6
-rw-r--r--crypto/kerberosIV/lib/roken/k_getpwuid.c6
-rw-r--r--crypto/kerberosIV/lib/roken/make-print-version.c73
-rw-r--r--crypto/kerberosIV/lib/roken/memmove.c4
-rw-r--r--crypto/kerberosIV/lib/roken/mini_inetd.c30
-rw-r--r--crypto/kerberosIV/lib/roken/net_read.c79
-rw-r--r--crypto/kerberosIV/lib/roken/net_write.c77
-rw-r--r--crypto/kerberosIV/lib/roken/parse_time.c83
-rw-r--r--crypto/kerberosIV/lib/roken/parse_time.h56
-rw-r--r--crypto/kerberosIV/lib/roken/parse_units.c327
-rw-r--r--crypto/kerberosIV/lib/roken/parse_units.h78
-rw-r--r--crypto/kerberosIV/lib/roken/print_version.c83
-rw-r--r--crypto/kerberosIV/lib/roken/readv.c72
-rw-r--r--crypto/kerberosIV/lib/roken/recvmsg.c74
-rw-r--r--crypto/kerberosIV/lib/roken/resolve.c358
-rw-r--r--crypto/kerberosIV/lib/roken/resolve.h108
-rw-r--r--crypto/kerberosIV/lib/roken/resource.h15
-rw-r--r--crypto/kerberosIV/lib/roken/roken-common.h147
-rw-r--r--crypto/kerberosIV/lib/roken/roken.awk35
-rw-r--r--crypto/kerberosIV/lib/roken/roken.def15
-rw-r--r--crypto/kerberosIV/lib/roken/roken.dsp156
-rw-r--r--crypto/kerberosIV/lib/roken/roken.h.in435
-rw-r--r--crypto/kerberosIV/lib/roken/roken.mak362
-rw-r--r--crypto/kerberosIV/lib/roken/roken.rc105
-rw-r--r--crypto/kerberosIV/lib/roken/roken_gethostby.c285
-rw-r--r--crypto/kerberosIV/lib/roken/sendmsg.c70
-rw-r--r--crypto/kerberosIV/lib/roken/setegid.c6
-rw-r--r--crypto/kerberosIV/lib/roken/seteuid.c6
-rw-r--r--crypto/kerberosIV/lib/roken/simple_exec.c124
-rw-r--r--crypto/kerberosIV/lib/roken/snprintf.c254
-rw-r--r--crypto/kerberosIV/lib/roken/strcasecmp.c147
-rw-r--r--crypto/kerberosIV/lib/roken/strcat_truncate.c55
-rw-r--r--crypto/kerberosIV/lib/roken/strcpy_truncate.c65
-rw-r--r--crypto/kerberosIV/lib/roken/strerror.c6
-rw-r--r--crypto/kerberosIV/lib/roken/strftime.c2
-rw-r--r--crypto/kerberosIV/lib/roken/strncasecmp.c65
-rw-r--r--crypto/kerberosIV/lib/roken/strndup.c61
-rw-r--r--crypto/kerberosIV/lib/roken/strnlen.c11
-rw-r--r--crypto/kerberosIV/lib/roken/strsep.c66
-rw-r--r--crypto/kerberosIV/lib/roken/swab.c59
-rw-r--r--crypto/kerberosIV/lib/roken/verr.c5
-rw-r--r--crypto/kerberosIV/lib/roken/verrx.c5
-rw-r--r--crypto/kerberosIV/lib/roken/vsyslog.c62
-rw-r--r--crypto/kerberosIV/lib/roken/vwarn.c4
-rw-r--r--crypto/kerberosIV/lib/roken/vwarnx.c4
-rw-r--r--crypto/kerberosIV/lib/roken/warnerr.c6
-rw-r--r--crypto/kerberosIV/lib/roken/writev.c69
-rw-r--r--crypto/kerberosIV/lib/roken/xdbm.h7
-rw-r--r--crypto/kerberosIV/lib/sl/ChangeLog112
-rw-r--r--crypto/kerberosIV/lib/sl/Makefile.am44
-rw-r--r--crypto/kerberosIV/lib/sl/Makefile.in91
-rw-r--r--crypto/kerberosIV/lib/sl/lex.l119
-rw-r--r--crypto/kerberosIV/lib/sl/make_cmds.c245
-rw-r--r--crypto/kerberosIV/lib/sl/make_cmds.h74
-rw-r--r--crypto/kerberosIV/lib/sl/parse.y199
-rw-r--r--crypto/kerberosIV/lib/sl/roken_rename.h66
-rw-r--r--crypto/kerberosIV/lib/sl/sl.c148
-rw-r--r--crypto/kerberosIV/lib/sl/sl.h10
-rw-r--r--crypto/kerberosIV/lib/sl/sl_locl.h9
-rw-r--r--crypto/kerberosIV/lib/sl/ss.c138
-rw-r--r--crypto/kerberosIV/lib/sl/ss.h60
-rw-r--r--crypto/kerberosIV/man/Makefile11
-rw-r--r--crypto/kerberosIV/man/Makefile.in158
-rw-r--r--crypto/kerberosIV/man/afslog.172
-rw-r--r--crypto/kerberosIV/man/ftp.11193
-rw-r--r--crypto/kerberosIV/man/ftpd.8473
-rw-r--r--crypto/kerberosIV/man/ftpusers.538
-rw-r--r--crypto/kerberosIV/man/kadmin.8284
-rw-r--r--crypto/kerberosIV/man/kadmind.811
-rw-r--r--crypto/kerberosIV/man/kafs.370
-rw-r--r--crypto/kerberosIV/man/kauth.18
-rw-r--r--crypto/kerberosIV/man/kdestroy.116
-rw-r--r--crypto/kerberosIV/man/kerberos.114
-rw-r--r--crypto/kerberosIV/man/kerberos.8180
-rw-r--r--crypto/kerberosIV/man/kinit.14
-rw-r--r--crypto/kerberosIV/man/kpasswd.185
-rw-r--r--crypto/kerberosIV/man/krb.conf.535
-rw-r--r--crypto/kerberosIV/man/krb.extra.542
-rw-r--r--crypto/kerberosIV/man/login.1160
-rw-r--r--crypto/kerberosIV/man/login.access.550
-rw-r--r--crypto/kerberosIV/man/pagsh.122
-rw-r--r--crypto/kerberosIV/man/rcp.1161
-rw-r--r--crypto/kerberosIV/man/rlogin.1190
-rw-r--r--crypto/kerberosIV/man/rlogind.8178
-rw-r--r--crypto/kerberosIV/man/rsh.1182
-rw-r--r--crypto/kerberosIV/man/rshd.8221
-rw-r--r--crypto/kerberosIV/man/su.1189
-rw-r--r--crypto/kerberosIV/man/telnet.11369
-rw-r--r--crypto/kerberosIV/man/telnetd.8527
-rw-r--r--crypto/kerberosIV/server/Makefile.in24
-rw-r--r--crypto/kerberosIV/server/kerberos.c513
-rw-r--r--crypto/kerberosIV/slave/Makefile.in26
-rw-r--r--crypto/kerberosIV/slave/kprop.c117
-rw-r--r--crypto/kerberosIV/slave/kpropd.c46
-rw-r--r--crypto/kerberosIV/slave/slav_locl.h7
487 files changed, 67597 insertions, 12770 deletions
diff --git a/crypto/kerberosIV/COPYRIGHT b/crypto/kerberosIV/COPYRIGHT
index 1ec6394da320..9a327a8d7019 100644
--- a/crypto/kerberosIV/COPYRIGHT
+++ b/crypto/kerberosIV/COPYRIGHT
@@ -1,4 +1,4 @@
-Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+Copyright (c) 1995-1999 Kungliga Tekniska Högskolan
(Royal Institute of Technology, Stockholm, Sweden).
All rights reserved.
diff --git a/crypto/kerberosIV/ChangeLog b/crypto/kerberosIV/ChangeLog
index 146748835025..64ca7ace9b59 100644
--- a/crypto/kerberosIV/ChangeLog
+++ b/crypto/kerberosIV/ChangeLog
@@ -1,3 +1,1495 @@
+1999-08-22
+
+ * release 0.10
+
+ * configure.in (VERSION): bump to 0.10
+
+1999-08-19
+
+ * release 0.10pre5
+
+ * configure.in (VERSION): bump to 0.10pre5
+
+1999-08-18
+
+ * release 0.10pre4
+
+ * configure.in (VERSION): bump to 0.10pre4
+
+1999-08-16
+
+ * release 0.10pre3
+
+ * configure.in (VERSION): bump to 0.10pre3
+
+1999-07-22
+
+ * release 0.10pre2
+
+ * configure.in (VERSION): bump to 0.10pre2
+
+
+ * acconfig.h (SunOS): remove definition
+
+ * configure.in: define SunOS to xy for SunOS x.y
+
+1999-07-08
+
+ * Release 0.10pre1.
+
+ * configure.in (VERSION): bump to 0.10pre1
+
+1999-07-07
+
+ * kadmin/admin_server.c (main): call krb_get_lrealm correctly
+
+ * appl/bsd/rlogind.c (lowtmp): fill in ut_id
+
+1999-07-06
+
+ * include/bits.c: move around __attribute__ to make it work with
+ old gcc
+
+ * appl/bsd/rcp.c (rsource): remove trailing slashes which
+ otherwise makes us fail
+
+1999-07-04
+
+ * appl/afsutil/aklog.c (epxand_cell_name): terminate on #
+
+ * lib/kadm/kadm_cli_wrap.c (kadm_cli_send): free the right memory
+ (none) when kadm_cli_out fails. based on a patch by Buck Huppmann
+ <Charles-Huppmann@UIowa.edu>
+
+1999-06-24
+
+ * configure.in: check for sgi capability stuff
+
+ * appl/bsd/login.c: add some kind of sgi capability capability
+
+1999-06-23
+
+ * acconfig.h (HAVE_KRB_DISABLE_DEBUG): always define. this makes
+ the telnet code easier when building heimdal with an older krb4
+
+ * lib/krb/kuserok.c (krb_kuserok): add support for multiple local
+ realms and de-support entries without realm in ~/.klogin
+
+1999-06-19
+
+ * lib/krb/send_to_kdc.c: and a new variable `timeout' in krb.extra
+ instead of always having a timeout of four seconds. based on a
+ patch by Mattias Amnefelt <mattiasa@stacken.kth.se>
+
+1999-06-17
+
+ * appl/bsd/rshd.c: use DES_RW_MAXWRITE instead of BUFSIZ (for
+ consistency)
+
+ * appl/bsd/rsh.c: use DES_RW_MAXWRITE instead of BUFSIZ.
+ Otherwise, des_enc_read might be buffering data to us and it can
+ get returned on a des_enc_read to another fd that the original one
+ :-(
+
+ * appl/bsd/bsd_locl.h: DES_RW_{MAXWRITE,BSIZE}
+
+ * appl/bsd/encrypt.c: move MAXWRITE and BSIZE to bsd_locl.h and
+ rename them to DES_RW_\1
+
+1999-06-16
+
+ * kuser/kdestroy.c: make unlog and tickets function correctly
+
+ * configure.in: correct variables used for socks includes and libs
+
+
+ * lib/krb/{debug_decl.c,krb-protos.h}: add krb_disable_debug
+
+1999-06-15
+
+ * kuser/klist.c (display_tokens): type correctness
+
+ * lib/krb/send_to_kdc.c (url_parse): always return the port in
+ network byte order (and be more careful when parsing the port
+ number)
+
+ * lib/krb/send_to_kdc.c (http_recv): handle both HTTP/1.0 and
+ HTTP/1.1 in reply
+
+Wed Jun 2 1999
+
+ * kadmin/kadmin.c: use print_version; (mod_entry): add command
+ line options
+
+1999-05-21
+
+ * appl/bsd/login.c: limit more stuff for crays; fix call to
+ login_access
+
+1999-05-19
+
+ * man/Makefile.in (install, uninstall): handle relative paths (fix
+ editline)
+
+1999-05-18
+
+ * appl/bsd/bsd_locl.h: update prototype for login_access; declare
+ `struct aud_rec' to keep AIX xlc happy
+
+1999-05-14
+
+ * appl/bsd/login_access.c: merge in more recent code
+
+ * configure.in (CHECK_NETINET_IP_AND_TCP): use
+
+1999-05-10
+
+ * lib/krb/get_host.c (parse_address): remove trailing slash
+
+ * lib/krb/send_to_kdc.c (prog): nuke
+ (send_to_kdc): restructure. make sure we have used all of the
+ addresses from gethostbyname before calling send_recv
+ (send_recv): removed unused parameters
+ (url_parse): remove trailing slash
+ (http_recv): make sure the http transaction was succesful
+
+1999-05-08
+
+ * configure.in: use the correct include files for the utmp tests
+
+ * appl/movemail/pop.c: rename getline -> pop_getline removed
+ duplicate prototypes
+
+ * configure.in: db.h: test for
+ (getmsg): check for existence before checking if it works (otherwise
+ it fails with glibc2.1 that implements an always failing getmsg)
+
+ * acconfig.h (_GNU_SOURCE): define this to enable (used)
+ extensions on glibc-based systems such as linux
+
+ * configure.in: test for strndup
+
+1999-04-21
+
+ * configure.in: replace AC_TEST_PACKAGE with AC_TEST_PACKAGE_NEW
+ fix test for readline.h add test for four argument el_init
+ remember to link with $LIB_tgetent when trying linking with
+ readline
+
+1999-04-16
+
+ * configure.in: check for prototype of strsep
+
+Sat Apr 10 1999
+
+ * configure.in: fix readline logic
+
+Fri Apr 9 1999
+
+ * man/Makefile.in: add editline and push. make install rules
+ handle paths
+
+Wed Apr 7 1999
+
+ * appl/movemail/Makefile.in: fix names of hesiod variables
+
+ * configure.in: fix readline flags
+
+Mon Mar 29 1999
+
+ * appl/bsd/utmpx_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
+
+ * appl/bsd/utmp_login.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
+
+ * appl/bsd/rlogind.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
+
+ * configure.in: include <sys/types.h> in test for ut_*; use
+ AC_CHECK_XAU
+
+ * configure.in: utmp{,x} -> struct utmp{,x}
+
+Sat Mar 27 1999
+
+ * configure.in: AC_CHECK_OSFC2
+
+Fri Mar 19 1999
+
+ * configure.in: use AC_SHARED_LIBS
+
+ * configure.in: remove AIX install hack (fixed in autoconf 2.13)
+
+
+ * server/kerberos.c: fix some printf format strings
+
+Wed Mar 17 1999
+
+ * lib/krb/krb.h (KRB_VERIFY_NOT_SECURE): add for completeness
+
+ * lib/auth/sia/sia.c (common_auth): use KRB_VERIFY_SECURE instead
+ of 1
+
+ * lib/auth/pam/pam.c (doit): use KRB_VERIFY_SECURE instead of 1
+
+ * lib/auth/afskauthlib/verify.c (afs_verify): use
+ KRB_VERIFY_SECURE instead of 1
+
+Tue Mar 16 1999
+
+ * lib/krb/verify_user.c (krb_verify_user): handle multiple local
+ realms
+ (krb_verify_user_multiple): remove
+
+ * lib/krb/krb-protos.h (krb_verify_user_multiple): remove
+
+ * lib/auth/pam/pam.c: krb_verify_user_multiple -> krb_verify_user
+
+ * lib/auth/sia/sia.c: krb_verify_user_multiple -> krb_verify_user
+
+ * lib/auth/afskauthlib/verify.c: krb_verify_user_multiple ->
+ krb_verify_user
+
+
+ * lib/krb/getaddrs.c: SOCKADDR_HAS_SA_LEN ->
+ HAVE_STRUCT_SOCKADDR_SA_LEN
+
+Sat Mar 13 1999
+
+ * lib/kadm/check_password.c (kadm_check_pw): cast when calling is*
+ to get rid of a warning
+
+ * lib/acl/acl_files.c (nuke_whitespace): cast when calling is* to
+ get rid of a warning
+
+ * kadmin/ksrvutil.c (usage): update. improve error messages
+
+ * appl/bsd/sysv_default.c (trim): cast when calling is* to get rid
+ of a warning
+
+ * appl/bsd/rshd.c (doit): more parenthesis to make gcc happy
+
+ * appl/bsd/rsh.c: add `-p'
+
+ * appl/bsd/rlogin.c (main): more paranoid parsing of `-p'
+
+ * appl/bsd/rcp.c (sink): cast when calling is* to get rid of a
+ warning
+
+ * appl/bsd/login_access.c (login_access): cast when calling
+ isspace to get rid of a warning
+
+ * include/bits.c (my_strupr): rename to strupr and ifdef
+ (try_signed, try_unsigned): add __attribute__ junk to get rid of two
+ warnings
+
+ * appl/bsd/Makefile.in (SOURCES): add osfc2.c
+
+ * admin/kdb_util.c (update_ok_file): add fallback utimes (some
+ systems seem to fail updating the timestamp with open(), close())
+
+ * server/kerberos.c (main): more paranoid parsing of `-a' and `-p'
+
+Thu Mar 11 1999
+
+ * configure.in: AC_BROKEN innetgr
+
+ * lib/krb/send_to_kdc.c: fix types in format string
+
+ * lib/krb/get_host.c: add some if-braces to keep gcc happy
+
+ * lib/kadm/kadm_supp.c: fix types in format string
+
+ * lib/auth/sia/Makefile.in: WFLAGS
+
+ * include/bits.c: fix types in format string
+
+ * appl/bsd/su.c: add some if-braces to keep gcc happy
+
+ * appl/bsd/rlogind.c: add some if-braces to keep gcc happy
+
+ * appl/bsd/rlogin.c: add some if-braces to keep gcc happy
+
+ * appl/bsd/login.c: add some if-braces to keep gcc happy
+
+ * appl/afsutil/pagsh.c: fix types in format string
+
+Wed Mar 10 1999
+
+ * server/kerberos.c: remove unused k_instance
+
+ * lib/krb/krb-protos.h (read_service_key): add some consts to
+ prototype
+
+ * lib/krb/read_service_key.c (read_service_key): add some consts
+ to prototype
+
+ * appl/sample/sample_server.c: openlog -> roken_openlog
+
+ * appl/kip/kipd.c: openlog -> roken_openlog
+
+ * configure.in: use AC_WFLAGS
+
+Mon Mar 1 1999
+
+ * acinclude.m4: add
+
+ * configure.in: typo
+
+ * Makefile.in: use aclocal
+
+ * Makefile.export: use aclocal
+
+ * configure.in: update to autoconf 2.13
+
+ * aclocal.m4.in: have-struct-field.m4, check-type-extra.m4
+
+ * acconfig.h: update to autoconf 2.13
+
+ * lib/auth/sia/sia.c: SIAENTITY_HAS_OUID -> HAVE_SIAENTITY_OUID
+
+Tue Feb 23 1999
+
+ * configure.in: don't include afsl.exp in libkafs.a if building
+ with dynamic afs support (breaks egcs 1.1.1)
+
+ * configure.in: don't build rxkad if not building afs-support
+
+Mon Feb 22 1999
+
+ * include/Makefile.in: clean up handling of missing system headers
+
+ * configure.in: clean up handling of missing system headers
+
+ * aclocal.m4.in: broken-snprintf.m4 broken-glob.m4
+
+ * acconfig.h: NEED_{SNPRINTF,GLOB}_PROTO
+
+Mon Feb 15 1999
+
+ * configure.in (gethostname, mkstemp): test for prototype
+
+ * configure.in: homogenize broken detection with heimdal
+
+Thu Feb 11 1999
+
+ * lib/krb/verify_user.c: If secure == KRB_VERIFY_SECURE_FAIL,
+ return ok if there isn't any service key (or if it can't be read).
+
+ * lib/krb/krb.h: KRB_VERIFY_SECURE, KRB_VERIFY_SECURE_FAIL
+
+Wed Jan 13 1999
+
+ * kadmin/kadmin.c (add_new_key): enable the `-p password' option
+ and add the missing code.
+
+ * appl/bsd/login_fbtab.c (login_protect): remove `/*' from string
+ before reading the directory. From "Brandon S. Allbery"
+ <allbery@ece.cmu.edu>
+
+Fri Dec 18 1998
+
+ * man/kadmin.8 (-t): add a note about using `kinit -p'
+
+Mon Dec 14 1998
+
+ * lib/krb/name2name.c (krb_name_to_name): really verify we have an
+ alias before trying to use it as the primary name.
+
+Fri Nov 27 1998
+
+ * lib/krb/send_to_kdc.c (url_parse): use correct length when
+ copying the hostname
+
+Sun Nov 22 1998
+
+ * configure.in, acconfig.h: NEED_HSTRERROR_PROTO
+
+
+ * configure.in: use AC_KRB_STRUCT_SPWD
+
+ * slave/Makefile.in (WFLAGS): set
+
+ * server/Makefile.in (WFLAGS): set
+
+ * lib/krb/send_to_kdc.c (send_recv): add `int'
+
+ * lib/krb/decomp_ticket.c (decomp_ticket): if the realm is empty,
+ use the local realm.
+
+ * lib/krb/Makefile.in (WFLAGS): set
+
+ * lib/kdb/krb_lib.c (kerb_get_principal): correct test
+ (kerb_put_principal): remove unused variable
+
+ * lib/kdb/Makefile.in (WFLAGS): set
+
+ * lib/auth/pam/Makefile.in (WFLAGS): set
+
+ * lib/auth/afskauthlib/Makefile.in (WFLAGS): set
+
+ * lib/acl/Makefile.in (WFLAGS): set
+
+ * kuser/Makefile.in (WFLAGS): set
+
+ * kadmin/Makefile.in (WFLAGS): set
+
+ * include/Makefile.in (WFLAGS): set
+
+ * appl/sample/sample_client.c (main): remove unused variable
+
+ * appl/sample/Makefile.in (WFLAGS): set
+
+ * appl/movemail/Makefile.in (WFLAGS): set
+
+ * appl/kip/Makefile.in (WFLAGS): set
+
+ * appl/bsd/Makefile.in (WFLAGS): set
+
+ * appl/afsutil/pagsh.c (main): fall back to running /bin/sh if
+ execvp fails.
+
+ * appl/afsutil/Makefile.in (WFLAGS): set
+
+ * admin/kdb_edit.c (change_principal): remove unused variable
+
+ * admin/Makefile.in (WFLAGS): set
+
+ * configure.in: check for crypt, environ and struct spwd
+
+Thu Nov 19 1998
+
+ * appl/movemail/Makefile.in: link and include hesiod
+
+ * configure.in: test for hesiod
+
+Wed Nov 18 1998
+
+ * kadmin/kadm_locl.h: include <arpa/inet.h>
+
+ * configure.in (freebsd3): seems to like symbolic links for the
+ shared libraries
+
+1998-11-07
+
+ * Makefile.export (ChangeLOG): handle emacs20-style changelog
+ entries
+
+ * lib/kdb/krb_dbm.c (kerb_db_get_principal, kerb_db_iterate):
+ check return value from `dbm_open'
+
+Fri Oct 23 1998
+
+ * lib/kadm/kadm.h: enable new extended kadmin fields by default
+
+Thu Oct 22 1998
+
+ * lib/krb/get_host.c (read_file): add more kinds of whitespace
+
+ * lib/krb/lsb_addr_comp.c: fix(?) calculations regrding
+ `firewall_address'
+
+ * kadmin/kadmin.c: change timeout to 5 minutes, (sigarlm): only
+ print message if any tickets were actually destroyed, (main): less
+ noise, (add_new_key): some cleanup, (del_entry): allow more than
+ one principal on command line, (get_entry): set more flags
+
+ * lib/kadm/kadm.h: add code to get modification date, modifier and
+ key version number
+
+ * lib/kadm/kadm_supp.c: add code to get modification date,
+ modifier and key version number
+
+ * lib/kadm/kadm_stream.c: add code to get modification date,
+ modifier and key version number
+
+Tue Oct 13 1998
+
+ * lib/kadm/Makefile.in: ROKEN_RENAME
+
+ * lib/krb/roken_rename.h: add strnlen
+
+ * lib/krb/Makefile.in: add strnlen
+
+Sat Oct 3 1998
+
+ * doc/install.texi: add comment about afskauthlib being in the
+ correct object format
+
+Thu Oct 1 1998
+
+ * kadmin/kadmin.c (change_admin_password): add `alarm(0)' to
+ prevent it from timing out
+
+
+ * lib/krb/time.c (krb_kdctimeofday): set `tv'. fix from Thomas
+ Nyström <thn@stacken.kth.se>
+
+Mon Sep 28 1998
+
+ * appl/bsd/osfc2.c: lots of C2 magic
+
+ * appl/bsd/{rshd,rcp_util,rcp}.c: do C2 stuff
+
+ * appl/bsd/login.c: move C2 stuff to osfc2.c
+
+ * appl/bsd/login.c: call `set_auth_parameters' if OSFC2
+
+Sun Sep 27 1998
+
+ * appl/bsd/login.c: add some code to call setluid
+
+Sat Sep 26 1998
+
+ * appl/sample/sample_client.c (main): correct test
+
+Sat Sep 12 1998
+
+ * configure.in (XauReadAuth): reverse test and check for -lX11
+ before -lXau, otherwise the test fails on Irix 6.5
+
+Sun Sep 6 1998
+
+ * lib/krb/krb-protos.h: fix prototypes for krb_net_{read,write}
+
+ * lib/krb/krb_net_{read,write}.c: new files
+
+ * lib/krb/Makefile.in: add krb_net_{read,write}
+
+Fri Sep 4 1998
+
+ * lib/auth/sia/sia.c (siad_ses_launch, siad_ses_reauthent): use
+ krb_afslog_home
+
+ * lib/auth/pam/pam.c (pam_sm_open_session): use krb_afslog_home
+
+ * lib/auth/afskauthlib/verify.c (afs_verify): use
+ krb_afslog_uid_home
+
+Sun Aug 30 1998
+
+ * lib/krb/get_host.c: patch from Derrick J Brashear
+ <shadow@dementia.org> for doing less DNS lookups
+
+Sun Aug 23 1998
+
+ * lib/krb/ticket_memory.c (tf_save_cred): use memcpy to copy the
+ session key.
+
+Tue Aug 18 1998
+
+ * kadmin/kadmin.c (change_password): add `--random'. From Love
+ Hörnquist-Åstrand <lha@elixir.e.kth.se>
+
+Thu Aug 13 1998
+
+ * lib/kclient/KClient.c (KClientErrorText): copy the string.
+ Patch from Daniel Staaf <d96-dst@nada.kth.se>
+
+Tue Jul 28 1998
+
+ * appl/bsd/rsh.c (main): make sure not to send `-K' before the
+ hostname when re-execing
+
+ * appl/bsd/su.c: openlog LOG_AUTH
+
+Fri Jul 24 1998
+
+ * lib/krb/create_ciph.c: typo: s/tmp/rem/
+
+Wed Jul 22 1998
+
+ * lib/krb/send_to_kdc.c (send_recv): return FALSE if recv failed
+ so that we try the next server
+
+ * configure.in (*-*-sunos): no lib_deps
+
+ * include/protos.H (utime): update prototype
+
+Thu Jul 16 1998
+
+ * acconfig.h (DBDIR, MATCH_SUBDOMAINS): added
+
+ * configure.in (--enable-match-subdomains): added
+ (--with-db-dir): added
+
+ * lib/krb/getrealm.c (file_find_realm): fix MATCH_SUBDOMAINS code.
+ Patch originally from R Lindsay Todd <toddr@rpi.edu>
+
+ * lib/krb/dllmain.c: clean-up patch from <d96-dst@nada.kth.se>
+
+ * appl/krbmanager: patches from <d96-dst>
+
+Mon Jul 13 1998
+
+ * appl/sample/sample_client.c (main): don't advance
+ hostent->h_addr_list, use a copy instead
+
+ * appl/bsd/kcmd.c (kcmd): don't advance hostent->h_addr_list, use
+ a copy instead
+
+Fri Jul 10 1998
+
+ * lib/krb/net{read,write}.c: removed
+
+ * lib/krb/Makefile.in: grab net_{read,write}.c from roken
+
+ * lib/krb/roken_rename.h: add krb_net_{write,read}
+
+ * lib/krb/create_ciph.c (create_ciph): return KFAILURE instead of
+ NULL
+
+ * lib/kadm/kadm_cli_wrap.c (kadm_get): return KADM_NOMEM, not NULL
+
+Wed Jul 8 1998
+
+ * server/kerberos.c (make_sockets): strdup the port specification
+ before strtok_r:ing it
+
+ * lib/krb/extra.c (define_variable): return 0
+
+ * kuser/klist.c (display_tktfile): only print time diff and
+ newline if using the longform
+
+Tue Jun 30 1998
+
+ * lib/krb/send_to_kdc.c (send_to_kdc): be careful in not advancing
+ the h_addr_list pointer in the hostent structure
+
+ * lib/krb/time.c (krb_kdctimeofday): handle the case of `time_t'
+ and the type of `tv_sec' being different. patch originally from
+ <art@stacken.kth.se>
+
+ * man/afslog.1: add refs to kafs and kauth
+
+ * man/kauth.1: add refs to kafs
+
+ * lib/krb/krb_get_in_tkt.c (krb_mk_as_req): remove old code laying
+ around.
+
+ * lib/krb/Makefile.in: add strcat_truncate.c
+
+ * lib/auth/sia/krb4+c2_matrix.conf: fix broken lines and typos
+
+ * kuser/klist.c (display_tokens): print expired for expired tokens
+
+Sat Jun 13 1998
+
+ * kadmin/kadm_ser_wrap.c (kadm_ser_init): new argument `addr'
+
+ * kadmin/admin_server.c: new argument `-i' for listening on a
+ single address
+
+Mon Jun 8 1998
+
+ * Release 0.9.9
+
+Wed Jun 3 1998
+
+ * lib/krb/extra.c: implement read_extra_file() for Win32
+
+Fri May 29 1998
+
+ * configure.in: removed duplicate crypt
+
+ * lib/kdb/Makefile.in (roken_rename.h): remove dependency
+
+ * lib/acl/Makefile.in (roken_rename.h): remove dependency
+
+ * lib/krb/roken_rename.h: remove duplicate flock
+
+ * appl/afsutil/aklog.c (createuser): fclose the file
+
+Wed May 27 1998
+
+ * lib/krb/Makefile.in (extra.c): add
+
+ * slave/kpropd.c: k_flock -> flock
+
+ * slave/kprop.c: k_flock -> flock
+
+ * lib/krb/tf_util.c: k_flock -> flock
+
+ * lib/krb/roken_rename.h: add base64* and flock
+
+ * lib/krb/kntoln.c: k_flock -> flock
+
+ * lib/kdb/krb_dbm.c: k_flock -> flock
+
+ * lib/kdb/Makefile.in: use ROKEN_RENAME to get hold of renames
+ symbols
+
+Tue May 26 1998
+
+ * lib/krb/extra.c: add read flag, so we don't have to look for
+ non-existant files several times
+
+ * lib/krb/send_to_kdc.c: use krb_get_config_string()
+
+ * lib/krb/lsb_addr_comp.c: use krb_get_config_bool()
+
+ * lib/krb/krb_get_in_tkt.c: use krb_get_config_bool()
+
+ * lib/krb/extra.c: parse and use krb.extra file for special
+ configurations, to lessen the number of environment variables used
+
+ * lib/krb/getfile.c: cleanup and add `krb_get_krbextra'
+
+ * lib/krb/debug_decl.c: add krb_enable_debug
+
+ * lib/krb/lsb_addr_comp.c (lsb_time): if KRB_REVERSE_DIRECTION is
+ set, negate time (fix for some firewalls)
+
+Mon May 25 1998
+
+ * lib/krb/Makefile.in (clean): try to remove shared library debris
+ (LIBDES and LIB_DEPS): try to figure out dependencies
+
+ * lib/kdb/Makefile.in (clean): try to remove shared library debris
+
+ * lib/kadm/Makefile.in (clean): try to remove shared library
+ debris
+
+ * configure.in: make symlink magic work with libsl
+
+Mon May 18 1998
+
+ * appl/bsd/login.c: Hack for AIX 4.3.
+
+Thu May 14 1998
+
+ * configure.in: mips-api support. From Derrick J Brashear
+ <shadow@dementia.org>
+
+ * configure.in: --enable-legacy-kdestroy: added. From Derrick J
+ Brashear <shadow@dementia.org>
+
+ * kuser/kdestroy.c: LEGACY_KDESTROY: add
+
+Wed May 13 1998
+
+ * lib/krb/krb.h (const, signed): define when compiling with
+ non-ANSI comilers. From Derrick J Brashear <shadow@dementia.org>
+
+Mon May 11 1998
+
+ * kadmin/admin_server.c: Fix reallocation bug.
+
+Fri May 1 1998
+
+ * configure.in: don't test for winsock.h
+
+ * slave/kprop.c: unifdef -DHAVE_H_ERRNO
+
+ * appl/sample/sample_client.c: unifdef -DHAVE_H_ERRNO
+
+ * appl/movemail/pop.c: unifdef -DHAVE_H_ERRNO
+
+ * appl/kip/kip.c: unifdef -DHAVE_H_ERRNO
+
+Mon Apr 27 1998
+
+ * appl/ftp/ftpd/krb4.c (krb4_adat): applied patch from Love
+ <lha@elixir.e.kth.se> for checking address in krb_rd_req
+
+Sun Apr 26 1998
+
+ * appl/Makefile.in (SUBDIRS): add push
+
+Sun Apr 19 1998
+
+ * configure.in: fix for the symlink magic. From Gregory S. Stark
+ <gsstark@mit.edu>
+
+ * doc/Makefile.in (install): ignore failures from install-info.
+
+ * lib/krb/Makefile.in (install): don't install include files with
+ x bit
+
+ * lib/kadm/Makefile.in (install): don't install include files with
+ x bit
+
+ * man/Makefile.in: don't install getusershell
+
+ * lib/krb/Makefile.in: add symlink magic for linux.
+ only link in com_err.o and error.o if building shared
+
+ * lib/kdb/Makefile.in: add symlink magic for linux
+
+ * lib/kadm/Makefile.in: add symlink magic for linux
+
+ * configure.in: add symlink magic for Linux
+
+ * appl/kx/common.c (connect_local_xsocket): update to try the list
+ of potential socket pathnames
+
+Tue Apr 7 1998
+
+ * lib/krb/getaddrs.c: Don't bail out if various ioctl's fail.
+
+
+ * doc/Makefile.in (kth-krb.info): use `--no-split'
+
+Mon Apr 6 1998
+
+ * configure.in: add --disable-cat-manpages
+
+ * configure.in: call the shared libraries so.0.9.9 on linux
+
+Sat Apr 4 1998
+
+ * lib/Makefile.in (SUBDIRS): changed order so that editline is
+ built before sl
+
+ * lib/*/Makefile.in: shared library dependency information
+
+ * doc/Makefile.in (clean): remove *.info*
+
+ * merge in win32 changes from <flag@astrogator.se> and
+ <jfa@pobox.se>
+
+ * Makefile.export: aux -> cf
+
+ * Makefile.in: aux -> cf
+
+ * appl/voodoo/TelnetEngine.cpp (TelnetEngine::Connect): check the
+ return from `gethostbyname'
+
+ * appl/bsd/bsd_locl.h: Check for <io.h> and conditionalize
+ prepare_utmp. From <d96-mst@nada.kth.se>
+
+ * acconfig.h (__EMX__): define MAIL_USE_SYSTEM_LOCK. From
+ <d96-mst@nada.kth.se>
+
+ * include/bits.c: renamed `strupr' to `my_strupr' not to conflict
+ with any exiting strupr.
+
+Sat Mar 28 1998
+
+ * Makefile.in (install): use DESTDIR
+
+ * include/Makefile.in (install): depend on all
+
+ * man/Makefile.in (install, uninstall): use transform correctly
+
+Fri Mar 27 1998
+
+ * configure.in: don't look for dbopen. From Derrick J Brashear
+ <shadow@dementia.org>
+ (termcap.h): check for
+
+ * lib/krb/Makefile.in: fix for LD options on solaris. From
+ Derrick J Brashear <shadow@dementia.org>
+
+Thu Mar 19 1998
+
+ * appl/kx/common.c: Trying binding sockets in the special
+ directories for some versions of Solaris and HP-UX
+
+
+ * lib/krb/kdc_reply.c: Check for error code of zero in error
+ packet from KDC.
+
+Wed Mar 18 1998
+
+ * appl/kx/common.c (get_xsockets): try getting sockets in lots of
+ places
+
+ * appl/kauth/kauth.c: return error code from child (plus shell
+ magic)
+
+
+ * lib/krb/getrealm.c (krb_realmofhost), lib/krb/get_krbrlm.c
+ (krb_get_lrealm, krb_get_default_realm): When figuring out a
+ default local realm name avoid going into infinite loops.
+
+Sun Mar 15 1998
+
+ * configure.in: test for <term.h> and search for `tgetent' in
+ ncurses. From Gregory S. Stark <gsstark@mit.edu>
+
+ * **/Makefile.in: add DESTDIR support and .PHONY
+
+Sat Mar 7 1998
+
+ * kadmin/ksrvutil.c: Remove kvno zero restriction.
+
+ * configure.in: Add option `--disable-dynamic-afs' do disable AIX
+ dynamic loading of afs syscall library. This should hopefully also
+ work with AIX 3.
+
+ * kadmin/ksrvutil.c: Add `delete' function (from Chris Chiappa
+ <griffon+@cmu.edu>).
+
+Thu Feb 26 1998
+
+ * kadmin/kadmin.c (do_init): fix check of return value from
+ krb_get_default_principal
+
+ * lib/kadm/kadm_stream.c (stv_string): use correct offset
+
+Sat Feb 21 1998
+
+ * include/Makefile.in: add parse_time.h
+
+ * lib/krb/solaris_compat.c: new file with alternative entry points
+ compatible with solaris's libkrb.
+
+Thu Feb 19 1998
+
+ * lib/krb/time.c: Various time related functions.
+
+Tue Feb 17 1998
+
+ * lib/krb/send_to_kdc.c: Add some more connection debug traces.
+
+Sun Feb 15 1998
+
+ * lib/krb/get_host.c (init_hosts): call k_getportbyname with proto
+ == "udp" instead of NULL. NULL would be the right thing, but some
+ libraries are not happy with that.
+
+ * appl/bsd/rcp.c: renamed `{local,foreign}' to \1_addr to avoid
+ conflicts with system header files on mklinux.
+
+
+ * lib/kadm/Makefile.in: Fix rules for kadm_err.[ch].
+
+ * lib/krb/krb_err.et: Fix for changes to compile_et.
+
+ * lib/com_err/{error.c,com_err.h,com_right.h}: Rename error.h to
+ com_right.h.
+
+ * lib/com_err/{compile_et.c,compile_et.h,lex.l,parse.y}: Switch
+ back to a yacc-based compile_et.
+
+Tue Feb 10 1998
+
+ * appl/kx/kxd.c (doit): fix stupid mistake when marshalling
+
+ * lib/krb/Makefile.in: add strcpy_truncate
+
+Sun Feb 8 1998
+
+ * lib/krb/netwrite.c (krb_net_write): restart if errno == EINTR
+
+ * lib/krb/netread.c (krb_net_read): restart if errno == EINTR
+
+ * appl/kx/rxterm.in: redirect std{in,out,err} of xterm to make
+ sure rshd does not hang.
+
+Sat Feb 7 1998
+
+ * lib/acl/acl_files.c (acl_canonicalize_principal): use
+ krb_parse_name
+
+
+ * lib/krb/rw.c: add a parameter containting maximum size. Change
+ all callers.
+
+ * lots-of-files: replace {REALM_SZ, *_SZ, MaxPathLen,
+ MaxHostNameLen} + 1 with \1
+
+ * appl/bsd/rlogind.c (cleanup): logout -> rlogind_logout
+
+ * lib/acl/acl_files.c (acl_canonicalize_principal): use
+ strcpy_truncate
+
+ * include/Makefile.in: fnmatch.h
+
+ * appl/ftp/ftpd/ftpd.c: <fnmatch.h>
+
+ * lib/kadm/kadm_stream.c (stv_string): don't use strncpy
+
+ * lib/auth/sia/sia.c (siad_ses_suauthent): do ugly magic to make
+ sure `entity->name' is long enough.
+
+ * appl/ftp/ftpd/ftpcmd.y: HASSETPROCTITLE -> HAVE_SETPROCTITLE
+
+ * appl/bsd/rlogind.c (logout): renamed to rlogind_logout to avoid
+ conflict with logout() in libutil.
+ (doit): use forkpty_truncate it there's one
+
+ * appl/afsutil/kstring2key.c (krb5_string_to_key): don't use
+ strcat
+
+ * configure.in: add lots of functions and headers that were used
+ in the code but not tested for.
+
+ * lib/krb/send_to_kdc.c (url_parse): re-structured
+
+ * kadmin/kadm_locl.h: add prototype for random_password and remove
+ __P
+
+ * appl/bsd/forkpty.c (forkpty_truncate): new function.
+ use strcpy_truncate instead of strcpy
+
+ * appl/bsd/bsd_locl.h: include <libutil.h>.
+ prototype for forkpty_truncate()
+
+ * configure.in: test for <libutil.h>
+
+Fri Feb 6 1998
+
+ * kadmin/random_password.c: Random password generation.
+
+ * kadmin/kadmin.c: Add some functionality to add_new_key, to make
+ it more useful with batch creation.
+
+Wed Feb 4 1998
+
+ * appl/bsd/login.c (find_in_etc_securetty): new function
+ (rootterm): call `find_in_etc_securetty'
+
+ * appl/bsd/pathnames.h (_PATH_ETC_SECURETTY): add
+
+Tue Feb 3 1998
+
+ * kadmin/kadmin.c: Fix `-t' flag. Centralize the calling of
+ alarm() to a modified sl_loop().
+
+ * kadmin/kadmin.c: Add support for `batch' processing, taking a
+ command from the command line. Remove the automatic destruction of
+ tickets, instead add a timeout (initially set to 1 minute), after
+ which any tickets will be destroyed. Option `-m' now sets this
+ timeout to 0 (disabling timeout). Options `-p' takes a full
+ principal, and `-u' takes a `username' that is used as the name of
+ the admin principal to use.
+
+Sat Jan 31 1998
+
+ * lib/auth/sia/sia.c: Chown ticket file when doing reauth.
+
+Thu Jan 29 1998
+
+ * lib/auth/sia/sia.c: Add support for reauthentication.
+
+Mon Jan 26 1998
+
+ * appl/kauth/kauth.c (main): Add debug switch -d to kauth to aid
+ in finding miss-configurations.
+
+Mon Jan 19 1998
+
+ * lib/krb/name2name.c: If inet_addr thinks host's a valid
+ ip-address, assume it is, and don't call gethostbyname(). This
+ should fix things like `rsh 1.2.3.4'.
+
+Sat Jan 17 1998
+
+ * lib/krb/get_host.c: Check for http-srv records.
+
+ * lib/krb/get_host.c: Don't use getprotobyname. Check for `http'
+ as well as `udp' and `tcp'.
+
+ * lib/auth/sia/sia.c: Add password changing support.
+
+ * kadmin/new_pwd.c: Use kadm_check_pw.
+
+ * lib/kadm/check_password.c: Password quality check, moved from
+ kpasswd.c.
+
+Fri Jan 16 1998
+
+ * kadmin/ksrvutil_get.c: Add `-u' flag to put each key in a
+ separate file.
+
+Mon Jan 12 1998
+
+ * kadmin/admin_server.c: Fix broken realloc of pidarray.
+
+Fri Jan 9 1998
+
+ * rename logwtmp -> ftpd_logwtmp not to conflict with libc.
+
+Sun Dec 21 1997
+
+ * lib/krb/verify_user.c (krb_verify_user): new argument `srvtab'.
+ Changed all callers.
+
+Sat Dec 13 1997
+
+ * lib/kdb/krb_dbm.c: check return value from dbm_store
+
+Thu Dec 11 1997
+
+ * lib/krb/k_flock.c (k_flock): Re-included an implementaion of
+ k_flock. Changed all library and core application source to use
+ k_flock.
+
+Tue Dec 9 1997
+
+ * appl/kx/kxd.c,common.c: more error testing from Love
+ Hörnquist-Åstrand <e96_lho@elixir.e.kth.se>
+ Use the correct number of X for mkstemp.
+
+
+ * Release 0.9.8
+
+ * Add `--disable-mmap' configure option, do disable all use of
+ mmap.
+
+ * Rename all k_afsklog to krb_afslog.
+
+Mon Dec 8 1997
+
+ * kuser/klist.c: Add a header for tokens.
+
+Fri Dec 5 1997
+
+ * lib/krb/krb.h: Moved prototypes to krb-protos.h, cruft to
+ krb-archaeology.h.
+
+Thu Dec 4 1997
+
+ * appl/kauth/kauth.c: Use krb_get_pw_in_tkt2.
+
+ * lib/krb/get_in_tkt.c: krb_get_pw_in_tkt2 that returns key.
+
+Sun Nov 30 1997
+
+ * configure.in: check for tgetent in libcurses
+
+Mon Nov 24 1997
+
+ * appl/krbmanager: incorporate patches from <d96-dst@nada.kth.se>
+ for making sure there's only one instance of krbmanager.
+
+Fri Nov 21 1997
+
+ * admin/ext_srvtab.c: use atexit() to stamp out secrets.
+
+Thu Nov 20 1997
+
+ * server/kerberos.c: Log funny HTTP requests.
+
+ * server/kerberos.c: Add comma to list of port separators for
+ `-P'.
+
+
+ * appl/voodoo/TelnetEngine.cpp (TelnetEngine::Connect): better
+ error message (from <d96-dst@nada.kth.se>)
+
+Wed Nov 12 1997
+
+ * kuser/klist.c (display_tokens): patch from <e96_lho@e.kth.se>
+
+Sun Nov 9 1997
+
+ * Release 0.9.7
+
+
+ * configure.in: test for ssize_t
+
+ * appl/bsd/rlogind.c: Fill in ut_type, and ut_exit if they exist.
+
+ * appl/kx/common.c (create_and_write_cookie): Create temp file
+ with mkstemp.
+
+
+ * appl/ftp/ftpd/ftpd.c: conditionalize otp
+
+ * appl/bsd/login.c: conditionalize otp
+
+ * configure.in: add --disable-otp. update Makefile.in's
+
+ * configure.in: define CANONICAL_HOST
+
+ * configure.in, aclocal.m4: remove <bind/bitypes.h>. contains
+ bogus information on Crays.
+
+ * include/bits.c: stolen from Heimdal
+
+ * include/Makefile.in: replace ktypes.c with bits.c
+
+ * lib/krb/getaddrs.c (k_get_all_addrs): cray fix
+
+ * configure.in: updated header files
+
+
+ * slave/kpropd.c: Make sure it's the kprop service that tries to
+ send data.
+
+Fri Nov 7 1997
+
+ * configure.in: Added option --with-afsws=/usr/afsws.
+
+ * lib/Makefile.in: Build lib/rxkad if we have include file rx/rx.h
+
+Thu Nov 6 1997
+
+ * appl/ftp/ftp/ftp.c (sendrequest, recvrequest): do correct tests
+ for `-'
+
+ * appl/ftp/ftp/cmds.c (getit): removed stupid goto
+
+
+ * appl/kauth/kauth.c: Use krb_get_pw_in_tkt(), now that it is
+ fixed.
+
+ * appl/ftp/ftp/cmds.c: Don't retrieve files that start with `..'
+ or `/' without asking. Reverse test in confirm() to check for `y'
+ rather than not `n'. Use mkstemp.
+
+ * appl/ftp/ftp/ftp.c: Add extra parameter to recvrequest,
+ specifying if local filenames should be parsed as "-" and "|".
+
+Mon Nov 3 1997
+
+ * configure.in: updated broken list. add fclose for proto check.
+
+ * kadmin/kadmin.c: updated functions to new style of sl
+
+ * appl/bsd/rcp.c, rlogin.c, rsh.c: setuid before doing kerberos
+ authentication. if that fails, exec ourselves with -K
+
+ * appl/bsd/pathnames.h: add _PATH_RCP
+
+ * configure.in: test for readv, writev
+
+Fri Oct 24 1997
+
+ * lib/krb/tkt_string.c (krb_set_tkt_string): const-ized
+
+ * appl/ftp/ftp{,d}: new commands: kdestroy, krbtkfile and afslog.
+
+ * appl/afsutil/aklog.c (expand_cell_name): fix parsing of
+ CellServDB
+
+Sat Oct 11 1997
+
+ * appl/telnet/telnetd/sys_term.c (start_login): moved `user' so it
+ works even if !defined(HAVE_UTMPX_H)
+
+Fri Oct 10 1997
+
+ * lib/krb/send_to_kdc.c: Change send_recv* to use a lookup table
+ indexed by protocol.
+
+ Implement http proxy use, enabled via `krb4_proxy' environment
+ variable.
+
+Thu Oct 9 1997
+
+ * lib/krb/getrealm.c: Don't lookup top-level domains. Try files
+ before doing DNS.
+
+Thu Oct 2 1997
+
+ * appl/krbmanager: Turned into a ticket management program.
+
+ * lib/krb/{dllmain,ticket_memory}.c: Add some KrbManager
+ interaction.
+
+Sat Sep 27 1997
+
+ * appl/voodoo: Major fixes of terminal emulation, and other
+ things.
+
+Fri Sep 26 1997
+
+ * server/kerberos.c: Cleanup socket-opening code. Add HTTP
+ support.
+
+ * lib/krb/send_to_kdc.c: Add Kerberos over HTTP.
+
+ * lib/krb/get_host.c: Parse URL-style host-specifications.
+
+
+ * include/win32: add `version.h' and `ktypes.h'
+
+ * lib/kclient/KClient.def: rename kclnt32 to make Eudora
+ happy. Add SendTicketForService
+
+ * lib/kclient/KClient.c: implement SendTicketForService. Used by
+ Eudora.
+
+ * appl/voodoo/voodoo.mak: kclient renamed as kclnt32
+
+Thu Sep 25 1997
+
+ * Moved various base64 implementations to roken.
+
+Thu Sep 18 1997
+
+ * appl/telnet/telnetd/telnetd.c: Move the call to startslave()
+ into the telnet() loop. This way we'll maximise the chance that
+ the transmission is encrypted before starting login. This will
+ hopefully remove the irritating warning you would get with some
+ macintosh telnet clients.
+
+Wed Sep 17 1997
+
+ * appl/telnet/telnetd/sys_term.c: Fix for duplicate `-- user'.
+
+Tue Sep 9 1997
+
+ * server/kerberos.c: More detailed logging
+
+Fri Sep 5 1997
+
+ * lib/kafs/afssysdefs.h: HP-UX 10.20 seems to use 48
+
+Thu Sep 4 1997
+
+ * lib/des/Makefile.in: quote the test for $(CC) correctly
+
+Wed Sep 3 1997
+
+ * include/ktypes.c: Move __BIT_TYPES_DEFINED__ to after including
+ other stuff.
+
+
+ * lib/rxkad/rxk_locl.c (rxkad_calc_header_iv): Simplify header IV
+ calculation.
+
+ * lib/rxkad/osi_alloc.c (osi_Alloc): Memory allocation routines
+ for user space. There is no longer any need for conditional
+ compilation of user/kernel-space versions of librxkad.a.
+
+ * lib/rxkad/rxk_clnt.c (rxkad_NewClientSecurityObject): Use
+ Transarc FC-crypto to generate random numbers. We no longer need
+ to link a DES library into the kernel.
+
+Tue Sep 2 1997
+
+ * appl/ftp/ftpd/ftpd.c (pass): chown the ticket file is logging in
+ with clear-text passwords and using kerberos
+
+ * lib/krb/krb_log.h: new file
+
+ * lib/krb/krb.h: moved all logging functions to krb_log.h.
+ Include krb_log.h in appropriate places. From
+ <shadow@dementia.org>
+
+Mon Sep 1 1997
+
+ * appl/kx/kx.c: more intelligent check for passive mode new option
+ `-P' to force passive mode
+
+Sat Aug 23 1997
+
+ * lib/krb/krb_get_in_tkt.c: rename krb_as_req -> krb_mk_as_req
+
+Wed Aug 20 1997
+
+ * lib/rxkad/rxkad.h, rxk_serv.c (server_CheckResponse): Increase
+ limit of ticket lengths to 1024 at server end.
+
+ * lib/rxkad/rxk_clnt.c (rxkad_NewClientSecurityObject): Support
+ for almost arbitrary ticket lengths.
+
+Tue Aug 19 1997
+
+ * kadmin/ksrvutil_get.c: Make sure we're talking to the admin
+ server when getting ticket.
+
+ * lib/krb/send_to_kdc.c: Add flag to always use admin server.
+
+Sun Aug 17 1997
+
+ * appl/kx/rxtelnet.in: reverse the looking for xterm loops Use
+ `-n' and not `-name' to xterm
+
+ * server/kerberos.c: implement `-i' for only listening on one
+ address
+
+ * lib/kadm/kadm_cli_wrap.c: Implement kadm_change_pw2 to be
+ compatible with CNS. From <shadow@dementia.org>
+
+ * appl/ftp/ftpd/ftpd.c: removed bogus reset of `debug'
+
+ * appl/ftp/ftpd/extern.h: define NBBY if needed
+
+ * configure.in: os2 fixes: -Zcrtdll and check for chroot
+
+Wed Aug 13 1997
+
+ * lib/krb/get_in_tkt.c: Use new get_in_tkt functions, and
+ implement kerberos 5 salts.
+
+ * lib/krb/krb_get_in_tkt.c: Split krb_get_in_tkt in two functions
+ so it's possible to try several key-procs with just one request to
+ the KDC.
+
+Wed Jul 23 1997
+
+ * lib/rxkad/rxk_serv.c (decode_krb4_ticket): New functions
+ decode_xxx_ticket so that it is possible to also decode kerberos
+ version 5 tickets.
+
+Sat Jul 19 1997
+
+ * doc/Makefile.in: `test -f' is more portable than `test -e'
+
+Tue Jul 15 1997
+
+ * lib/kafs/kafs.h, lib/krb/krb.h: swap order of <sys/cdefs.h> and
+ <ktypes.h>. Another fix form <shadow@dementia.org>
+
+Fri Jul 11 1997
+
+ * lib/krb/krb.h: non-ANSI fix from <shadow@dementia.org>
+
+Fri Jun 27 1997
+
+ * man/otp.1: `-o' option
+
+ * appl/otp/otp.c: List lock-time with `-l'. New option `-o' to
+ open an locked entry.
+
+ * lib/otp/otp_db.c (otp_get_internal): Save lock_time in returned
+ struct.
+
+ * lib/otp/otp.h: New field `lock_time' in OtpContext
+
+Thu Jun 26 1997
+
+ * man/otp.1, man/otpprint.1: Update changed default to `md5'
+
+ * appl/bsd/rsh.c: Don't use a hard-coded constant in `select'
+
+ * configure.in, include/ktypes.c: Handle the case of there being
+ an old version of our `sys/bitypes.h'.
+
+Sun Jun 22 1997
+
+ * lib/des: Merge in changes from libdes 4.01. The optimizations
+ written in assembler are not used since they in general wont't
+ work with shared libraries.
+
+Fri Jun 20 1997
+
+ * lib/krb/netread.c, netwrite.c: Handle windows discrimation of
+ sockets.
+
+Sun Jun 15 1997
+
+ * appl/kpopper/pop_init.c: Use `STDIN_FILENO' and `STDOUT_FILENO'
+ instead of `sp'. OSF's libc isn't quite prepared to have two
+ different FILEs refer to the same file descriptor.
+
+Thu Jun 12 1997
+
+ * doc/dir: Add dir template file.
+
+
+ * appl/kauth/kauth.c (main): AFS style positional argument for -n
+ option.
+
+ * appl/xnlock/xnlock.c (verify): New resource destroyTickets and
+ corresponding option -nodestroytickets. First try local
+ authentication and if it fails try kerberos.
+
+Sun Jun 8 1997
+
+ * appl/ftp/ftpd/popen.c (ftpd_popen): Correct initialization of
+ `foo' before call to `strtok_r'
+
+Wed Jun 4 1997
+
+ * doc/*.texi: Use @url.
+
+ * doc/setup.texi: Added @ifinfo around @dircategory
+
Tue Jun 3 1997
* Release 0.9.6
diff --git a/crypto/kerberosIV/Makefile.in b/crypto/kerberosIV/Makefile.in
index afa77fbec745..b2e986419554 100644
--- a/crypto/kerberosIV/Makefile.in
+++ b/crypto/kerberosIV/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.30 1997/05/20 18:58:34 bg Exp $
+# $Id: Makefile.in,v 1.36 1999/03/01 13:04:23 joda Exp $
srcdir = @srcdir@
prefix = @prefix@
@@ -14,7 +14,7 @@ TRAVELKIT = appl/kauth/kauth kuser/klist appl/telnet/telnet/telnet \
@SET_MAKE@
-SUBDIRS = util include lib kuser server slave admin kadmin appl man doc
+SUBDIRS = include lib kuser server slave admin kadmin appl man doc
all:
for i in $(SUBDIRS); \
@@ -27,7 +27,7 @@ check:
cd lib && $(MAKE) $(MFLAGS) check
install:
- $(MKINSTALLDIRS) $(prefix)
+ $(MKINSTALLDIRS) $(DESTDIR)$(prefix)
for i in $(SUBDIRS); \
do (cd $$i && $(MAKE) $(MFLAGS) install); done
@@ -67,4 +67,7 @@ realclean:
for i in $(SUBDIRS); \
do (cd $$i && $(MAKE) $(MFLAGS) realclean); done
-.PHONY: all install install-strip uninstall travelkit travelkit-strip clean distclean realclean mostlyclean
+$(srcdir)/aclocal.m4:
+ cd $(srcdir) && aclocal -I cf
+
+.PHONY: all Wall check install install-strip uninstall travelkit travelkit-strip clean mostlyclean distclean realclean
diff --git a/crypto/kerberosIV/NEWS b/crypto/kerberosIV/NEWS
index cddbb2291699..6c6f84f52434 100644
--- a/crypto/kerberosIV/NEWS
+++ b/crypto/kerberosIV/NEWS
@@ -1,3 +1,118 @@
+Changes in release 0.10.1:
+
+* Bug fixes:
+ - krb_get_lrealm now works with zero `n'
+ - kadmin cosmetic fix
+ - login now compiles on IRIX < 6.5
+ - kxd fix for solaris waitpid breakage, fix for unicos setjob
+ breakage, better handling of fork failures
+
+Changes in release 0.10:
+
+* Some support for Irix 6.5 capabilities
+
+* Improved kadmin interface; you can get more info via kadmin.
+
+* Some improved support for OSF C2.
+
+* General bug-fixes and improvements, including a large number of
+ potential buffer overrun fixes. A large number of portability
+ improvements.
+
+* Support for multiple local realms.
+
+* Support batch kadmin operation.
+
+* Heimdal support in push.
+
+* Removed `--with-shared' configure option (use `--enable-shared'.)
+
+* Now uses Autoconf 2.13.
+
+Changes in release 0.9.9:
+
+* New configuration file /etc/krb.extra
+
+* New program `push' for popping mail.
+
+* Add (still little tested) support for maildir spool files in popper.
+
+* Added `delete' to ksrvutil.
+
+* Support the strange X11 sockets used on HP-UX and some versions of
+ Solaris.
+
+* Arla compatibility in libkafs.
+
+* More compatibility with the Solaris version of libkrb.
+
+* New configure option `--with-mips-abi'
+
+* Support `/etc/securetty' in login.
+
+* Bug fixes and improvements to the Win32 telnet.
+
+* Add support for installing with DESTDIR
+
+* SIA module with added support for password changing, and
+ reauthentication.
+
+* Add better support for MIT `compile_et' and `mk_cmds', this should
+ make it easier to build things like `zephyr'.
+
+* Bug fixes:
+ - Krb: fixed dangling references to flock in libkrb
+ - FTP: fixed `logwtmp' name conflict
+ - Telnet: fix a few literal IP-number bugs
+ - Telnet: hopefully fixed stair-stepping bug
+ - Kafs: don't store expired tokens in the kernel
+ - Kafs: fix broken installation of afslib.so in AIX
+
+Changes in release 0.9.8:
+
+* several bug fixes; some which deserve mentioning:
+ - fix non-working `kauth -h'
+ - the sia-module should work again
+ - don't leave tickets in popper
+
+Changes in release 0.9.7:
+
+* new configure option --disable-otp
+
+* new configure option --with-afsws
+
+* includes rxkad implementation
+
+* ftp client is more careful with suspicious filenames (|, .., /)
+
+* fixed setuid-vulnerability of rcp, rlogin, and rsh.
+
+* removed use of tgetent from telnetd (thereby eliminating buffer-overflow)
+
+* new commands in ftp and ftpd: kdestroy, krbtkfile, and afslog.
+
+* implement HTTP transport in libkrb and KDC.
+
+* win32 terminal program much improved. also implemented ticket
+ management program.
+
+* introduce `-i' option to kerberos server for listening only on one
+ interface.
+
+* updated otp applications and man pages.
+
+* merged in libdes 4.01
+
+* popper is more resilient to badly formatted mails.
+
+* minor fixes for Cray support.
+
+* fix popen bug i ftpd.
+
+* lots of bug fixes and portability fixes.
+
+* better compatibility with Heimdal.
+
Minor changes in release 0.9.6:
* utmp(x) works correctly on systems with utmpx.
diff --git a/crypto/kerberosIV/PROBLEMS b/crypto/kerberosIV/PROBLEMS
index f6eeeef3e858..732766ef41d9 100644
--- a/crypto/kerberosIV/PROBLEMS
+++ b/crypto/kerberosIV/PROBLEMS
@@ -2,8 +2,8 @@
Problems compiling Kerberos
===========================
-Many compilers require a switch to become ANSI compliant. Since kth-krb
-is written in ANSI C it is necessary to specify the name of the compiler
+Many compilers require a switch to become ANSI compliant. Since krb4 is
+written in ANSI C it is necessary to specify the name of the compiler
to be used and the required switch to make it ANSI compliant. This is
most easily done when running configure using the `env' command. For
instance to build under HP-UX using the native compiler do:
@@ -31,8 +31,15 @@ verified to successfully compile the distribution:
Linux problems
--------------
+The libc functions gethostby*() under RedHat4.2 can sometimes cause
+core dumps. If you experience these problems make sure that the file
+`/etc/nsswitch.conf' contains a hosts entry no more complex than the
+line
+
+hosts: files dns
+
Some systems have lost `/usr/include/ndbm.h' which is necessary to
-build kth-krb correctly. There is a `ndbm.h.Linux' right next to the
+build krb4 correctly. There is a `ndbm.h.Linux' right next to the
source distribution.
There has been reports of non-working `libdb' on some Linux
@@ -57,10 +64,35 @@ mean time use `telnetd'.
AIX problems
------------
-`gcc' version 2.7.2.1 has a bug which makes it miscompile
+`gcc' version 2.7.2.* has a bug which makes it miscompile
`appl/telnet/telnetd/sys_term.c' (and possibily `appl/bsd/forkpty.c'),
if used with too much optimization.
+Some versions of the `xlc' preprocessor doesn't recognise the
+(undocumented) `-qnolm' option. If this option is passed to the
+preprocessor (like via the configuration file `/etc/ibmcxx.cfg',
+configure will fail.
+
+The solution is to remove this option from the configuration file,
+either globally, or for just the preprocessor:
+
+ $ cp /etc/ibmcxx.cfg /tmp
+ $ed /tmp/ibmcxx.cfg
+ 8328
+ /nolm
+ options = -D_AIX,-D_AIX32,-D_AIX41,-D_AIX43,-D_IBMR2,-D_POWER,-bpT:0x10000000,-bpD:0x20000000,-qnolm
+ s/,-qnolm//p
+ options = -D_AIX,-D_AIX32,-D_AIX41,-D_AIX43,-D_IBMR2,-D_POWER,-bpT:0x10000000,-bpD:0x20000000
+ w
+ 8321
+ q
+ $ env CC=xlc CPP="xlc -E -F/tmp/ibmcxx.cfg" configure
+
+There is a bug in AFS 3.4 version 5.38 for AIX 4.3 that causes the
+kernel to panic in some cases. There is a hack for this in `login', but
+other programs could be affected also. This seems to be fixed in
+version 5.55.
+
C2 problems
-----------
diff --git a/crypto/kerberosIV/README b/crypto/kerberosIV/README
index 064761495f48..9c2f4a106e64 100644
--- a/crypto/kerberosIV/README
+++ b/crypto/kerberosIV/README
@@ -1,3 +1,6 @@
+
+*** PLEASE REPORT BUGS AND PROBLEMS TO kth-krb-bugs@nada.kth.se ***
+
This is a severly hacked up version of Eric Young's eBones-p9 kerberos
version. The DES library has been updated with his 3.23 version and
numerous patches collected over the years have been applied to both
diff --git a/crypto/kerberosIV/TODO b/crypto/kerberosIV/TODO
index 66aa1f13b8c2..83c308e772a8 100644
--- a/crypto/kerberosIV/TODO
+++ b/crypto/kerberosIV/TODO
@@ -2,6 +2,9 @@
rlogind, rshd, popper, ftpd (telnetd uses nonce?)
Add a replay cache.
+rcp
+ figure out how it should really behave with -r
+
telnet, rlogin, rsh, rcp
Some form of support for ticket forwarding, perhaps only for AFS tickets.
@@ -25,9 +28,6 @@ autoconf
libraries
generate archive and shared libraries in some portable way.
-k_get_all_addrs
- for Cray UNICOS
-
ftpd
kx
diff --git a/crypto/kerberosIV/acconfig.h b/crypto/kerberosIV/acconfig.h
index bb7b7aa83214..cd9867d43b77 100644
--- a/crypto/kerberosIV/acconfig.h
+++ b/crypto/kerberosIV/acconfig.h
@@ -1,104 +1,4 @@
-/* $Id: acconfig.h,v 1.71 1997/06/01 22:32:24 assar Exp $ */
-
-/* Define this if RETSIGTYPE == void */
-#undef VOID_RETSIGTYPE
-
-/* Define this if struct utmp have ut_user */
-#undef HAVE_UT_USER
-
-/* Define this if struct utmp have ut_host */
-#undef HAVE_UT_HOST
-
-/* Define this if struct utmp have ut_addr */
-#undef HAVE_UT_ADDR
-
-/* Define this if struct utmp have ut_type */
-#undef HAVE_UT_TYPE
-
-/* Define this if struct utmp have ut_pid */
-#undef HAVE_UT_PID
-
-/* Define this if struct utmp have ut_id */
-#undef HAVE_UT_ID
-
-/* Define this if struct utmpx have ut_syslen */
-#undef HAVE_UT_SYSLEN
-
-/* Define this if struct winsize is declared in sys/termios.h */
-#undef HAVE_STRUCT_WINSIZE
-
-/* Define this if struct winsize have ws_xpixel */
-#undef HAVE_WS_XPIXEL
-
-/* Define this if struct winsize have ws_ypixel */
-#undef HAVE_WS_YPIXEL
-
-/* Define this to be the directory where the dictionary for cracklib */
-/* resides */
-#undef DICTPATH
-
-/* Define this if you want to use SOCKS v5 */
-#undef SOCKS
-
-/* Define this to the path of the mail spool directory */
-#undef KRB4_MAILDIR
-
-/* Define this if `struct sockaddr' includes sa_len */
-#undef SOCKADDR_HAS_SA_LEN
-
-/* Define this if `struct siaentity' includes ouid */
-#undef SIAENTITY_HAS_OUID
-
-/* Define if getlogin has POSIX flavour, as opposed to BSD */
-#undef POSIX_GETLOGIN
-
-/* Define if getpwnam_r has POSIX flavour */
-#undef POSIX_GETPWNAM_R
-
-/* define if getcwd() is broken (such as in SunOS) */
-#undef BROKEN_GETCWD
-
-/* define if the system is missing a prototype for crypt() */
-#undef NEED_CRYPT_PROTO
-
-/* define if the system is missing a prototype for strtok_r() */
-#undef NEED_STRTOK_R_PROTO
-
-/* define if /bin/ls takes -A */
-#undef HAVE_LS_A
-
-/* define if you have h_errno */
-#undef HAVE_H_ERRNO
-
-/* define if you have h_errlist but not hstrerror */
-#undef HAVE_H_ERRLIST
-
-/* define if you have h_nerr but not hstrerror */
-#undef HAVE_H_NERR
-
-/* define if your system doesn't declare h_errlist */
-#undef HAVE_H_ERRLIST_DECLARATION
-
-/* define if your system doesn't declare h_nerr */
-#undef HAVE_H_NERR_DECLARATION
-
-/* define this if you need a declaration for h_errno */
-#undef HAVE_H_ERRNO_DECLARATION
-
-/* define if you need a declaration for optarg */
-#undef HAVE_OPTARG_DECLARATION
-
-/* define if you need a declaration for optind */
-#undef HAVE_OPTIND_DECLARATION
-
-/* define if you need a declaration for opterr */
-#undef HAVE_OPTERR_DECLARATION
-
-/* define if you need a declaration for optopt */
-#undef HAVE_OPTOPT_DECLARATION
-
-/* define if you need a declaration for __progname */
-#undef HAVE___PROGNAME_DECLARATION
+/* $Id: acconfig.h,v 1.103.2.1 1999/07/22 03:12:42 assar Exp $ */
@BOTTOM@
@@ -111,6 +11,13 @@
#undef HAVE_U_INT32_T
#undef HAVE_U_INT64_T
+/* This for compat with heimdal (or something) */
+#define KRB_PUT_INT(f, t, l, s) krb_put_int((f), (t), (l), (s))
+
+#define HAVE_KRB_ENABLE_DEBUG 1
+
+#define HAVE_KRB_DISABLE_DEBUG 1
+
#define RCSID(msg) \
static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
@@ -148,20 +55,15 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
#define MaxHostNameLen (64+4)
#define MaxPathLen (1024+4)
-/*
- * Define NDBM if you are using the 4.3 ndbm library (which is part of
- * libc). If not defined, 4.2 dbm will be assumed.
- */
-#if defined(HAVE_DBM_FIRSTKEY)
-#define NDBM
-#endif
-
/* ftp stuff -------------------------------------------------- */
#define KERBEROS
/* telnet stuff ----------------------------------------------- */
+/* define this for OTP support */
+#undef OTP
+
/* define this if you have kerberos 4 */
#undef KRB4
@@ -196,9 +98,6 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
/* Used with login -p */
#undef LOGIN_ARGS
-/* Define if there are working stream ptys */
-#undef STREAMSPTY
-
/* set this to a sensible login */
#ifndef LOGIN_PATH
#define LOGIN_PATH BINDIR "/login"
@@ -207,27 +106,10 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
/* ------------------------------------------------------------ */
-/*
- * Define this if your ndbm-library really is berkeley db and creates
- * files that ends in .db.
- */
-#undef HAVE_NEW_DB
-
-/* Define this if you have a working getmsg */
-#undef HAVE_GETMSG
-
-/* Define to enable new master key code */
-#undef RANDOM_MKEY
-
-/* Location of the master key file, default value lives in <kdc.h> */
-#undef MKEYFILE
-
-/* Define if you don't want support for afs, might be a good idea on
- AIX if you don't have afs */
-#undef NO_AFS
-
-/* Define if you have a readline compatible library */
-#undef HAVE_READLINE
+#ifdef BROKEN_REALLOC
+#define realloc(X, Y) isoc_realloc((X), (Y))
+#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y))
+#endif
#ifdef VOID_RETSIGTYPE
#define SIGRETURN(x) return
@@ -235,37 +117,25 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
#define SIGRETURN(x) return (RETSIGTYPE)(x)
#endif
-/* Define this if your compiler supports '#pragma weak' */
-#undef HAVE_PRAGMA_WEAK
-
/* Temporary fixes for krb_{rd,mk}_safe */
#define DES_QUAD_GUESS 0
#define DES_QUAD_NEW 1
#define DES_QUAD_OLD 2
-/* Set this to one of the constants above to specify default checksum
- type to emit */
-#undef DES_QUAD_DEFAULT
+/*
+ * All these are system-specific defines that I would rather not have at all.
+ */
/*
* AIX braindamage!
*/
#if _AIX
#define _ALL_SOURCE
-#define _POSIX_SOURCE
-/* this is left for hysteric reasons :-) */
-#define unix /* well, ok... */
-#endif
-
-/*
- * SunOS braindamage! (Sun include files are generally braindead)
- */
-#if (defined(sun) || defined(__sun))
-#if defined(__svr4__) || defined(__SVR4)
-#define SunOS 5
-#else
-#define SunOS 4
-#endif
+/* XXX this is gross, but kills about a gazillion warnings */
+struct ether_addr;
+struct sockaddr;
+struct sockaddr_dl;
+struct sockaddr_in;
#endif
#if defined(__sgi) || defined(sgi)
@@ -280,3 +150,21 @@ static /**/const char *const rcsid[] = { (char *)rcsid, "\100(#)" msg }
#if IRIX == 4 && !defined(__STDC__)
#define __STDC__ 0
#endif
+
+/*
+ * Defining this enables lots of useful (and used) extensions on
+ * glibc-based systems such as Linux
+ */
+
+#define _GNU_SOURCE
+
+/* some strange OS/2 stuff. From <d96-mst@nada.kth.se> */
+
+#ifdef __EMX__
+#define _EMX_TCPIP
+#define MAIL_USE_SYSTEM_LOCK
+#endif
+
+#ifdef ROKEN_RENAME
+#include "roken_rename.h"
+#endif
diff --git a/crypto/kerberosIV/acinclude.m4 b/crypto/kerberosIV/acinclude.m4
new file mode 100644
index 000000000000..7e7de6fa2c1e
--- /dev/null
+++ b/crypto/kerberosIV/acinclude.m4
@@ -0,0 +1,9 @@
+dnl $Id: acinclude.m4,v 1.2 1999/03/01 13:06:21 joda Exp $
+dnl
+dnl Only put things that for some reason can't live in the `cf'
+dnl directory in this file.
+dnl
+
+dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $
+dnl
+define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl
diff --git a/crypto/kerberosIV/aclocal.m4 b/crypto/kerberosIV/aclocal.m4
index 133e19d93e43..ca2982bb1c0d 100644
--- a/crypto/kerberosIV/aclocal.m4
+++ b/crypto/kerberosIV/aclocal.m4
@@ -1,28 +1,543 @@
+dnl aclocal.m4 generated automatically by aclocal 1.4
+
+dnl Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc.
+dnl This file is free software; the Free Software Foundation
+dnl gives unlimited permission to copy and/or distribute it,
+dnl with or without modifications, as long as this notice is preserved.
+
+dnl This program is distributed in the hope that it will be useful,
+dnl but WITHOUT ANY WARRANTY, to the extent permitted by law; without
+dnl even the implied warranty of MERCHANTABILITY or FITNESS FOR A
+dnl PARTICULAR PURPOSE.
+
+dnl $Id: acinclude.m4,v 1.2 1999/03/01 13:06:21 joda Exp $
+dnl
+dnl Only put things that for some reason can't live in the `cf'
+dnl directory in this file.
+dnl
+
+dnl $xId: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $
+dnl
+define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl
+
+dnl $Id: krb-prog-ln-s.m4,v 1.1 1997/12/14 15:59:01 joda Exp $
+dnl
+dnl
+dnl Better test for ln -s, ln or cp
+dnl
+
+AC_DEFUN(AC_KRB_PROG_LN_S,
+[AC_MSG_CHECKING(for ln -s or something else)
+AC_CACHE_VAL(ac_cv_prog_LN_S,
+[rm -f conftestdata
+if ln -s X conftestdata 2>/dev/null
+then
+ rm -f conftestdata
+ ac_cv_prog_LN_S="ln -s"
+else
+ touch conftestdata1
+ if ln conftestdata1 conftestdata2; then
+ rm -f conftestdata*
+ ac_cv_prog_LN_S=ln
+ else
+ ac_cv_prog_LN_S=cp
+ fi
+fi])dnl
+LN_S="$ac_cv_prog_LN_S"
+AC_MSG_RESULT($ac_cv_prog_LN_S)
+AC_SUBST(LN_S)dnl
+])
+
+
+dnl $Id: krb-prog-yacc.m4,v 1.1 1997/12/14 15:59:02 joda Exp $
+dnl
+dnl
+dnl We prefer byacc or yacc because they do not use `alloca'
+dnl
+
+AC_DEFUN(AC_KRB_PROG_YACC,
+[AC_CHECK_PROGS(YACC, byacc yacc 'bison -y')])
+
+dnl $Id: test-package.m4,v 1.7 1999/04/19 13:33:05 assar Exp $
+dnl
+dnl AC_TEST_PACKAGE_NEW(package,headers,libraries,extra libs,default locations)
+
+AC_DEFUN(AC_TEST_PACKAGE,[AC_TEST_PACKAGE_NEW($1,[#include <$2>],$4,,$5)])
+
+AC_DEFUN(AC_TEST_PACKAGE_NEW,[
+AC_ARG_WITH($1,
+[ --with-$1=dir use $1 in dir])
+AC_ARG_WITH($1-lib,
+[ --with-$1-lib=dir use $1 libraries in dir],
+[if test "$withval" = "yes" -o "$withval" = "no"; then
+ AC_MSG_ERROR([No argument for --with-$1-lib])
+elif test "X$with_$1" = "X"; then
+ with_$1=yes
+fi])
+AC_ARG_WITH($1-include,
+[ --with-$1-include=dir use $1 headers in dir],
+[if test "$withval" = "yes" -o "$withval" = "no"; then
+ AC_MSG_ERROR([No argument for --with-$1-include])
+elif test "X$with_$1" = "X"; then
+ with_$1=yes
+fi])
+
+AC_MSG_CHECKING(for $1)
+
+case "$with_$1" in
+yes) ;;
+no) ;;
+"") ;;
+*) if test "$with_$1_include" = ""; then
+ with_$1_include="$with_$1/include"
+ fi
+ if test "$with_$1_lib" = ""; then
+ with_$1_lib="$with_$1/lib$abilibdirext"
+ fi
+ ;;
+esac
+header_dirs=
+lib_dirs=
+d='$5'
+for i in $d; do
+ header_dirs="$header_dirs $i/include"
+ lib_dirs="$lib_dirs $i/lib$abilibdirext"
+done
+
+case "$with_$1_include" in
+yes) ;;
+no) ;;
+*) header_dirs="$with_$1_include $header_dirs";;
+esac
+case "$with_$1_lib" in
+yes) ;;
+no) ;;
+*) lib_dirs="$with_$1_lib $lib_dirs";;
+esac
+
+save_CFLAGS="$CFLAGS"
+save_LIBS="$LIBS"
+ires= lres=
+for i in $header_dirs; do
+ CFLAGS="-I$i $save_CFLAGS"
+ AC_TRY_COMPILE([$2],,ires=$i;break)
+done
+for i in $lib_dirs; do
+ LIBS="-L$i $3 $4 $save_LIBS"
+ AC_TRY_LINK([$2],,lres=$i;break)
+done
+CFLAGS="$save_CFLAGS"
+LIBS="$save_LIBS"
+
+if test "$ires" -a "$lres" -a "$with_$1" != "no"; then
+ $1_includedir="$ires"
+ $1_libdir="$lres"
+ INCLUDE_$1="-I$$1_includedir"
+ LIB_$1="-L$$1_libdir $3"
+ AC_DEFINE_UNQUOTED(upcase($1),1,[Define if you have the $1 package.])
+ with_$1=yes
+ AC_MSG_RESULT([headers $ires, libraries $lres])
+else
+ INCLUDE_$1=
+ LIB_$1=
+ with_$1=no
+ AC_MSG_RESULT($with_$1)
+fi
+AC_SUBST(INCLUDE_$1)
+AC_SUBST(LIB_$1)
+])
+
+dnl $Id: osfc2.m4,v 1.2 1999/03/27 17:28:16 joda Exp $
+dnl
+dnl enable OSF C2 stuff
+
+AC_DEFUN(AC_CHECK_OSFC2,[
+AC_ARG_ENABLE(osfc2,
+[ --enable-osfc2 enable some OSF C2 support])
+LIB_security=
+if test "$enable_osfc2" = yes; then
+ AC_DEFINE(HAVE_OSFC2, 1, [Define to enable basic OSF C2 support.])
+ LIB_security=-lsecurity
+fi
+AC_SUBST(LIB_security)
+])
+
+dnl $Id: mips-abi.m4,v 1.4 1998/05/16 20:44:15 joda Exp $
+dnl
+dnl
+dnl Check for MIPS/IRIX ABI flags. Sets $abi and $abilibdirext to some
+dnl value.
+
+AC_DEFUN(AC_MIPS_ABI, [
+AC_ARG_WITH(mips_abi,
+[ --with-mips-abi=abi ABI to use for IRIX (32, n32, or 64)])
+
+case "$host_os" in
+irix*)
+with_mips_abi="${with_mips_abi:-yes}"
+if test -n "$GCC"; then
+
+# GCC < 2.8 only supports the O32 ABI. GCC >= 2.8 has a flag to select
+# which ABI to use, but only supports (as of 2.8.1) the N32 and 64 ABIs.
+#
+# Default to N32, but if GCC doesn't grok -mabi=n32, we assume an old
+# GCC and revert back to O32. The same goes if O32 is asked for - old
+# GCCs doesn't like the -mabi option, and new GCCs can't output O32.
+#
+# Don't you just love *all* the different SGI ABIs?
+
+case "${with_mips_abi}" in
+ 32|o32) abi='-mabi=32'; abilibdirext='' ;;
+ n32|yes) abi='-mabi=n32'; abilibdirext='32' ;;
+ 64) abi='-mabi=64'; abilibdirext='64' ;;
+ no) abi=''; abilibdirext='';;
+ *) AC_ERROR("Invalid ABI specified") ;;
+esac
+if test -n "$abi" ; then
+ac_foo=krb_cv_gcc_`echo $abi | tr =- __`
+dnl
+dnl can't use AC_CACHE_CHECK here, since it doesn't quote CACHE-ID to
+dnl AC_MSG_RESULT
+dnl
+AC_MSG_CHECKING([if $CC supports the $abi option])
+AC_CACHE_VAL($ac_foo, [
+save_CFLAGS="$CFLAGS"
+CFLAGS="$CFLAGS $abi"
+AC_TRY_COMPILE(,int x;, eval $ac_foo=yes, eval $ac_foo=no)
+CFLAGS="$save_CFLAGS"
+])
+ac_res=`eval echo \\\$$ac_foo`
+AC_MSG_RESULT($ac_res)
+if test $ac_res = no; then
+# Try to figure out why that failed...
+case $abi in
+ -mabi=32)
+ save_CFLAGS="$CFLAGS"
+ CFLAGS="$CFLAGS -mabi=n32"
+ AC_TRY_COMPILE(,int x;, ac_res=yes, ac_res=no)
+ CLAGS="$save_CFLAGS"
+ if test $ac_res = yes; then
+ # New GCC
+ AC_ERROR([$CC does not support the $with_mips_abi ABI])
+ fi
+ # Old GCC
+ abi=''
+ abilibdirext=''
+ ;;
+ -mabi=n32|-mabi=64)
+ if test $with_mips_abi = yes; then
+ # Old GCC, default to O32
+ abi=''
+ abilibdirext=''
+ else
+ # Some broken GCC
+ AC_ERROR([$CC does not support the $with_mips_abi ABI])
+ fi
+ ;;
+esac
+fi #if test $ac_res = no; then
+fi #if test -n "$abi" ; then
+else
+case "${with_mips_abi}" in
+ 32|o32) abi='-32'; abilibdirext='' ;;
+ n32|yes) abi='-n32'; abilibdirext='32' ;;
+ 64) abi='-64'; abilibdirext='64' ;;
+ no) abi=''; abilibdirext='';;
+ *) AC_ERROR("Invalid ABI specified") ;;
+esac
+fi #if test -n "$GCC"; then
+;;
+esac
+])
+
+dnl
+dnl $Id: shared-libs.m4,v 1.3 1999/04/09 15:34:25 assar Exp $
+dnl
+dnl Shared library stuff has to be different everywhere
+dnl
+
+AC_DEFUN(AC_SHARED_LIBS, [
+
+dnl Check if we want to use shared libraries
+AC_ARG_ENABLE(shared,
+[ --enable-shared create shared libraries for Kerberos])
+
+AC_SUBST(CFLAGS)dnl
+AC_SUBST(LDFLAGS)dnl
+
+case ${enable_shared} in
+ yes ) enable_shared=yes;;
+ no ) enable_shared=no;;
+ * ) enable_shared=no;;
+esac
+
+# NOTE: Building shared libraries may not work if you do not use gcc!
+#
+# OS $SHLIBEXT
+# HP-UX sl
+# Linux so
+# NetBSD so
+# FreeBSD so
+# OSF so
+# SunOS5 so
+# SunOS4 so.0.5
+# Irix so
+#
+# LIBEXT is the extension we should build (.a or $SHLIBEXT)
+LINK='$(CC)'
+AC_SUBST(LINK)
+lib_deps=yes
+REAL_PICFLAGS="-fpic"
+LDSHARED='$(CC) $(PICFLAGS) -shared'
+LIBPREFIX=lib
+build_symlink_command=@true
+install_symlink_command=@true
+install_symlink_command2=@true
+REAL_SHLIBEXT=so
+changequote({,})dnl
+SHLIB_VERSION=`echo $VERSION | sed 's/\([0-9.]*\).*/\1/'`
+SHLIB_SONAME=`echo $VERSION | sed 's/\([0-9]*\).*/\1/'`
+changequote([,])dnl
+case "${host}" in
+*-*-hpux*)
+ REAL_SHLIBEXT=sl
+ REAL_LD_FLAGS='-Wl,+b$(libdir)'
+ if test -z "$GCC"; then
+ LDSHARED="ld -b"
+ REAL_PICFLAGS="+z"
+ fi
+ lib_deps=no
+ ;;
+*-*-linux*)
+ LDSHARED='$(CC) -shared -Wl,-soname,$(LIBNAME).so.'"${SHLIB_SONAME}"
+ REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
+ REAL_SHLIBEXT=so.$SHLIB_VERSION
+ build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so'
+ install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
+ install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so.'"${SHLIB_SONAME}"';$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so'
+ ;;
+*-*-freebsd3*)
+ REAL_SHLIBEXT=so.$SHLIB_VERSION
+ LDSHARED='ld -Bshareable'
+ REAL_LD_FLAGS='-Wl,-R$(libdir)'
+ build_symlink_command='$(LN_S) -f [$][@] $(LIBNAME).so'
+ install_symlink_command='$(LN_S) -f $(LIB) $(DESTDIR)$(libdir)/$(LIBNAME).so'
+ install_symlink_command2='$(LN_S) -f $(LIB2) $(DESTDIR)$(libdir)/$(LIBNAME2).so'
+ ;;
+*-*-*bsd*)
+ REAL_SHLIBEXT=so.$SHLIB_VERSION
+ LDSHARED='ld -Bshareable'
+ REAL_LD_FLAGS='-Wl,-R$(libdir)'
+ ;;
+*-*-osf*)
+ REAL_LD_FLAGS='-Wl,-rpath,$(libdir)'
+ REAL_PICFLAGS=
+ LDSHARED='ld -shared -expect_unresolved \*'
+ ;;
+*-*-solaris2*)
+ REAL_LD_FLAGS='-Wl,-R$(libdir)'
+ if test -z "$GCC"; then
+ LDSHARED='$(CC) -G'
+ REAL_PICFLAGS="-Kpic"
+ fi
+ ;;
+*-fujitsu-uxpv*)
+ REAL_LD_FLAGS='' # really: LD_RUN_PATH=$(libdir) cc -o ...
+ REAL_LINK='LD_RUN_PATH=$(libdir) $(CC)'
+ LDSHARED='$(CC) -G'
+ REAL_PICFLAGS="-Kpic"
+ lib_deps=no # fails in mysterious ways
+ ;;
+*-*-sunos*)
+ REAL_SHLIBEXT=so.$SHLIB_VERSION
+ REAL_LD_FLAGS='-Wl,-L$(libdir)'
+ lib_deps=no
+ ;;
+*-*-irix*)
+ libdir="${libdir}${abilibdirext}"
+ REAL_LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)"
+ LD_FLAGS="${abi} -Wl,-rpath,\$(libdir)"
+ LDSHARED="\$(CC) -shared ${abi}"
+ REAL_PICFLAGS=
+ CFLAGS="${abi} ${CFLAGS}"
+ ;;
+*-*-os2*)
+ LIBPREFIX=
+ EXECSUFFIX='.exe'
+ RANLIB=EMXOMF
+ LD_FLAGS=-Zcrtdll
+ REAL_SHLIBEXT=nobuild
+ ;;
+*-*-cygwin32*)
+ EXECSUFFIX='.exe'
+ REAL_SHLIBEXT=nobuild
+ ;;
+*) REAL_SHLIBEXT=nobuild
+ REAL_PICFLAGS=
+ ;;
+esac
+
+if test "${enable_shared}" != "yes" ; then
+ PICFLAGS=""
+ SHLIBEXT="nobuild"
+ LIBEXT="a"
+ build_symlink_command=@true
+ install_symlink_command=@true
+ install_symlink_command2=@true
+else
+ PICFLAGS="$REAL_PICFLAGS"
+ SHLIBEXT="$REAL_SHLIBEXT"
+ LIBEXT="$SHLIBEXT"
+ AC_MSG_CHECKING(whether to use -rpath)
+ case "$libdir" in
+ /lib | /usr/lib | /usr/local/lib)
+ AC_MSG_RESULT(no)
+ REAL_LD_FLAGS=
+ LD_FLAGS=
+ ;;
+ *)
+ LD_FLAGS="$REAL_LD_FLAGS"
+ test "$REAL_LINK" && LINK="$REAL_LINK"
+ AC_MSG_RESULT($LD_FLAGS)
+ ;;
+ esac
+fi
+
+if test "$lib_deps" = yes; then
+ lib_deps_yes=""
+ lib_deps_no="# "
+else
+ lib_deps_yes="# "
+ lib_deps_no=""
+fi
+AC_SUBST(lib_deps_yes)
+AC_SUBST(lib_deps_no)
+
+# use supplied ld-flags, or none if `no'
+if test "$with_ld_flags" = no; then
+ LD_FLAGS=
+elif test -n "$with_ld_flags"; then
+ LD_FLAGS="$with_ld_flags"
+fi
+
+AC_SUBST(REAL_PICFLAGS) dnl
+AC_SUBST(REAL_SHLIBEXT) dnl
+AC_SUBST(REAL_LD_FLAGS) dnl
+
+AC_SUBST(PICFLAGS) dnl
+AC_SUBST(SHLIBEXT) dnl
+AC_SUBST(LDSHARED) dnl
+AC_SUBST(LD_FLAGS) dnl
+AC_SUBST(LIBEXT) dnl
+AC_SUBST(LIBPREFIX) dnl
+AC_SUBST(EXECSUFFIX) dnl
+
+AC_SUBST(build_symlink_command)dnl
+AC_SUBST(install_symlink_command)dnl
+AC_SUBST(install_symlink_command2)dnl
+])
+
+dnl
+dnl $Id: c-attribute.m4,v 1.2 1999/03/01 09:52:23 joda Exp $
+dnl
+
dnl
-dnl $Id: aclocal.m4,v 1.38 1997/05/18 18:47:30 assar Exp $
+dnl Test for __attribute__
dnl
+AC_DEFUN(AC_C___ATTRIBUTE__, [
+AC_MSG_CHECKING(for __attribute__)
+AC_CACHE_VAL(ac_cv___attribute__, [
+AC_TRY_COMPILE([
+#include <stdlib.h>
+],
+[
+static void foo(void) __attribute__ ((noreturn));
+
+static void
+foo(void)
+{
+ exit(1);
+}
+],
+ac_cv___attribute__=yes,
+ac_cv___attribute__=no)])
+if test "$ac_cv___attribute__" = "yes"; then
+ AC_DEFINE(HAVE___ATTRIBUTE__, 1, [define if your compiler has __attribute__])
+fi
+AC_MSG_RESULT($ac_cv___attribute__)
+])
+
+
+dnl $Id: krb-sys-nextstep.m4,v 1.2 1998/06/03 23:48:40 joda Exp $
+dnl
+dnl
+dnl NEXTSTEP is not posix compliant by default,
+dnl you need a switch -posix to the compiler
+dnl
+
+AC_DEFUN(AC_KRB_SYS_NEXTSTEP, [
+AC_MSG_CHECKING(for NEXTSTEP)
+AC_CACHE_VAL(krb_cv_sys_nextstep,
+AC_EGREP_CPP(yes,
+[#if defined(NeXT) && !defined(__APPLE__)
+ yes
+#endif
+], krb_cv_sys_nextstep=yes, krb_cv_sys_nextstep=no) )
+if test "$krb_cv_sys_nextstep" = "yes"; then
+ CFLAGS="$CFLAGS -posix"
+ LIBS="$LIBS -posix"
+fi
+AC_MSG_RESULT($krb_cv_sys_nextstep)
+])
+
+dnl $Id: krb-sys-aix.m4,v 1.1 1997/12/14 15:59:02 joda Exp $
dnl
-dnl General tests
dnl
+dnl AIX have a very different syscall convention
+dnl
+AC_DEFUN(AC_KRB_SYS_AIX, [
+AC_MSG_CHECKING(for AIX)
+AC_CACHE_VAL(krb_cv_sys_aix,
+AC_EGREP_CPP(yes,
+[#ifdef _AIX
+ yes
+#endif
+], krb_cv_sys_aix=yes, krb_cv_sys_aix=no) )
+AC_MSG_RESULT($krb_cv_sys_aix)
+])
+dnl $Id: find-func-no-libs.m4,v 1.3 1998/06/04 02:06:50 assar Exp $
+dnl
dnl
dnl Look for function in any of the specified libraries
dnl
dnl AC_FIND_FUNC_NO_LIBS(func, libraries, includes, arguments)
AC_DEFUN(AC_FIND_FUNC_NO_LIBS, [
+AC_FIND_FUNC_NO_LIBS2([$1], ["" $2], [$3], [$4])])
+
+dnl $Id: find-func-no-libs2.m4,v 1.1 1998/06/04 02:07:12 assar Exp $
+dnl
+dnl
+dnl Look for function in any of the specified libraries
+dnl
+
+dnl AC_FIND_FUNC_NO_LIBS2(func, libraries, includes, arguments)
+AC_DEFUN(AC_FIND_FUNC_NO_LIBS2, [
AC_MSG_CHECKING([for $1])
AC_CACHE_VAL(ac_cv_funclib_$1,
[
if eval "test \"\$ac_cv_func_$1\" != yes" ; then
ac_save_LIBS="$LIBS"
- for ac_lib in "" $2; do
+ for ac_lib in $2; do
if test -n "$ac_lib"; then
ac_lib="-l$ac_lib"
- LIBS="$ac_lib $ac_save_LIBS"
+ else
+ ac_lib=""
fi
+ LIBS="$ac_lib $ac_save_LIBS"
AC_TRY_LINK([$3],[$1($4)],eval "if test -n \"$ac_lib\";then ac_cv_funclib_$1=$ac_lib; else ac_cv_funclib_$1=yes; fi";break)
done
eval "ac_cv_funclib_$1=\${ac_cv_funclib_$1-no}"
@@ -32,17 +547,16 @@ fi
eval "ac_res=\$ac_cv_funclib_$1"
-# autoheader tricks *sigh*
+dnl autoheader tricks *sigh*
: << END
@@@funcs="$funcs $1"@@@
@@@libs="$libs $2"@@@
END
-changequote(, )dnl
-eval "ac_tr_func=HAVE_`echo $1 | tr '[a-z]' '[A-Z]'`"
-eval "ac_tr_lib=HAVE_LIB`echo $ac_res | sed -e 's/-l//' | tr '[a-z]' '[A-Z]'`"
+# $1
+eval "ac_tr_func=HAVE_[]upcase($1)"
+eval "ac_tr_lib=HAVE_LIB[]upcase($ac_res | sed -e 's/-l//')"
eval "LIB_$1=$ac_res"
-changequote([, ])dnl
case "$ac_res" in
yes)
@@ -67,210 +581,376 @@ esac
AC_SUBST(LIB_$1)
])
-dnl AC_FIND_FUNC(func, libraries, includes, arguments)
-AC_DEFUN(AC_FIND_FUNC, [
-AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4])
-if test -n "$LIB_$1"; then
- LIBS="$LIB_$1 $LIBS"
-fi
-])
-
dnl
-dnl Same as AC _REPLACE_FUNCS, just define HAVE_func if found in normal
-dnl libraries
+dnl $Id: check-netinet-ip-and-tcp.m4,v 1.2 1999/05/14 13:15:40 assar Exp $
+dnl
-AC_DEFUN(AC_BROKEN,
-[for ac_func in $1
-do
-AC_CHECK_FUNC($ac_func, [
+dnl extra magic check for netinet/{ip.h,tcp.h} because on irix 6.5.3
+dnl you have to include standards.h before including these files
+
+AC_DEFUN(CHECK_NETINET_IP_AND_TCP,
+[
+AC_CHECK_HEADERS(standards.h)
+for i in netinet/ip.h netinet/tcp.h; do
+
+cv=`echo "$i" | sed 'y%./+-%__p_%'`
+
+AC_MSG_CHECKING([for $i])
+AC_CACHE_VAL([ac_cv_header_$cv],
+[AC_TRY_CPP([\
+#ifdef HAVE_STANDARDS_H
+#include <standards.h>
+#endif
+#include <$i>
+],
+eval "ac_cv_header_$cv=yes",
+eval "ac_cv_header_$cv=no")])
+AC_MSG_RESULT(`eval echo \\$ac_cv_header_$cv`)
changequote(, )dnl
-ac_tr_func=HAVE_`echo $ac_func | tr '[a-z]' '[A-Z]'`
+if test `eval echo \\$ac_cv_header_$cv` = yes; then
+ ac_tr_hdr=HAVE_`echo $i | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
changequote([, ])dnl
-AC_DEFINE_UNQUOTED($ac_tr_func)],[LIBOBJS="$LIBOBJS ${ac_func}.o"])
-# autoheader tricks *sigh*
+ AC_DEFINE_UNQUOTED($ac_tr_hdr, 1)
+fi
+done
+dnl autoheader tricks *sigh*
: << END
-@@@funcs="$funcs $1"@@@
+@@@headers="$headers netinet/ip.h netinet/tcp.h"@@@
END
+
+])
+
+dnl $Id: grok-type.m4,v 1.3 1999/03/21 18:59:56 joda Exp $
+dnl
+AC_DEFUN(AC_GROK_TYPE, [
+AC_CACHE_VAL(ac_cv_type_$1,
+AC_TRY_COMPILE([
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_BITYPES_H
+#include <sys/bitypes.h>
+#endif
+#ifdef HAVE_BIND_BITYPES_H
+#include <bind/bitypes.h>
+#endif
+#ifdef HAVE_NETINET_IN6_MACHTYPES_H
+#include <netinet/in6_machtypes.h>
+#endif
+],
+$i x;
+,
+eval ac_cv_type_$1=yes,
+eval ac_cv_type_$1=no))])
+
+AC_DEFUN(AC_GROK_TYPES, [
+for i in $1; do
+ AC_MSG_CHECKING(for $i)
+ AC_GROK_TYPE($i)
+ eval ac_res=\$ac_cv_type_$i
+ if test "$ac_res" = yes; then
+ type=HAVE_[]upcase($i)
+ AC_DEFINE_UNQUOTED($type)
+ fi
+ AC_MSG_RESULT($ac_res)
done
-AC_SUBST(LIBOBJS)dnl
])
+dnl $Id: find-func.m4,v 1.1 1997/12/14 15:58:58 joda Exp $
dnl
-dnl Mix between AC_FIND_FUNC and AC_BROKEN
+dnl AC_FIND_FUNC(func, libraries, includes, arguments)
+AC_DEFUN(AC_FIND_FUNC, [
+AC_FIND_FUNC_NO_LIBS([$1], [$2], [$3], [$4])
+if test -n "$LIB_$1"; then
+ LIBS="$LIB_$1 $LIBS"
+fi
+])
+
+dnl
+dnl See if there is any X11 present
dnl
+dnl $Id: check-x.m4,v 1.1 1999/06/03 00:22:10 joda Exp $
-AC_DEFUN(AC_FIND_IF_NOT_BROKEN,
-[AC_FIND_FUNC([$1], [$2], [$3], [$4])
-if eval "test \"$ac_cv_func_$1\" != yes"; then
-LIBOBJS="$LIBOBJS $1.o"
+AC_DEFUN(KRB_CHECK_X,[
+AC_PATH_XTRA
+
+# try to figure out if we need any additional ld flags, like -R
+# and yes, the autoconf X test is utterly broken
+if test "$no_x" != yes; then
+ AC_CACHE_CHECK(for special X linker flags,krb_cv_sys_x_libs_rpath,[
+ ac_save_libs="$LIBS"
+ ac_save_cflags="$CFLAGS"
+ CFLAGS="$CFLAGS $X_CFLAGS"
+ krb_cv_sys_x_libs_rpath=""
+ krb_cv_sys_x_libs=""
+ for rflag in "" "-R" "-R " "-rpath "; do
+ if test "$rflag" = ""; then
+ foo="$X_LIBS"
+ else
+ foo=""
+ for flag in $X_LIBS; do
+ case $flag in
+ -L*)
+ foo="$foo $flag `echo $flag | sed \"s/-L/$rflag/\"`"
+ ;;
+ *)
+ foo="$foo $flag"
+ ;;
+ esac
+ done
+ fi
+ LIBS="$ac_save_libs $foo -lX11"
+ AC_TRY_RUN([
+ #include <X11/Xlib.h>
+ foo()
+ {
+ XOpenDisplay(NULL);
+ }
+ main()
+ {
+ return 0;
+ }
+ ], krb_cv_sys_x_libs_rpath="$rflag"; krb_cv_sys_x_libs="$foo"; break,:)
+ done
+ LIBS="$ac_save_libs"
+ CFLAGS="$ac_save_cflags"
+ ])
+ X_LIBS="$krb_cv_sys_x_libs"
fi
-AC_SUBST(LIBOBJS)dnl
])
+dnl $Id: check-xau.m4,v 1.3 1999/05/14 01:17:06 assar Exp $
dnl
+dnl check for Xau{Read,Write}Auth and XauFileName
dnl
-dnl
+AC_DEFUN(AC_CHECK_XAU,[
+save_CFLAGS="$CFLAGS"
+CFLAGS="$X_CFLAGS $CFLAGS"
+save_LIBS="$LIBS"
+dnl LIBS="$X_LIBS $X_PRE_LIBS $X_EXTRA_LIBS $LIBS"
+LIBS="$X_PRE_LIBS $X_EXTRA_LIBS $LIBS"
+save_LDFLAGS="$LDFLAGS"
+LDFLAGS="$LDFLAGS $X_LIBS"
-dnl AC_TEST_PACKAGE(package,header,lib,linkline)
-AC_DEFUN(AC_TEST_PACKAGE,
-[
-AC_MSG_CHECKING(for $1)
-AC_ARG_WITH($1,
-[ --with-$1=dir use $1 in dir],
-[if test "$with_$1" = "no"; then
- with_$1=
-fi]
-)
-AC_ARG_WITH($1-lib,
-[ --with-$1-lib=dir use $1-lib in dir],
-[if test "$withval" = "yes" -o "$withval" = "no"; then
- AC_MSG_ERROR([No argument for --with-$1-lib])
-elif test "X$with_$1" = "X"; then
- with_$1=yes
-fi]
-)
-AC_ARG_WITH($1-include,
-[ --with-$1-include=dir use $1-include in dir],
-[if test "$withval" = "yes" -o "$withval" = "no"; then
- AC_MSG_ERROR([No argument for --with-$1-include])
-elif test "X$with_$1" = "X"; then
- with_$1=yes
-fi]
-)
-define([foo], translit($1, [a-z], [A-Z]))
-: << END
-@@@syms="$syms foo"@@@
-END
+AC_FIND_FUNC_NO_LIBS(XauWriteAuth, X11 Xau)
+ac_xxx="$LIBS"
+LIBS="$LIB_XauWriteAuth $LIBS"
+AC_FIND_FUNC_NO_LIBS(XauReadAuth, X11 Xau)
+LIBS="$LIB_XauReadAauth $LIBS"
+AC_FIND_FUNC_NO_LIBS(XauFileName, X11 Xau)
+LIBS="$ac_xxx"
-if test -n "$with_$1"; then
- AC_DEFINE([foo])
- if test "$with_$1" != "yes"; then
- $1_dir=$with_$1
- fi
-dnl Try to find include
- if test -n "$with_$1_include"; then
- trydir=$with_$1_include
- elif test "$with_$1" != "yes"; then
- trydir="$with_$1 $with_$1/include"
- else
- trydir=
- fi
- found=
- for i in $trydir ""; do
- if test -n "$i"; then
- if test -f $i/$2; then
- found=yes; res=$i; break
- fi
- else
- AC_TRY_CPP([#include <$2>], [found=yes; res=$i; break])
- fi
- done
- if test -n "$found"; then
- $1_include=$res
- else
- AC_MSG_ERROR(Cannot find $2)
- fi
-dnl Try to find lib
- if test -n "$with_$1_lib"; then
- trydir=$with_$1_lib
- elif test "$with_$1" != "yes"; then
- trydir="$with_$1 $with_$1/lib"
- else
- trydir=
- fi
- found=
- for i in $trydir ""; do
- if test -n "$i"; then
- if test -f $i/$3; then
- found=yes; res=$i; break
- fi
- else
- old_LIBS=$LIBS
- LIBS="$4 $LIBS"
- AC_TRY_LINK([], [], [found=yes; res=$i; LIBS=$old_LIBS; break])
- LIBS=$old_LIBS
- fi
- done
- if test -n "$found"; then
- $1_lib=$res
- else
- AC_MSG_ERROR(Cannot find $3)
- fi
- AC_MSG_RESULT([headers $$1_include, libraries $$1_lib])
- AC_DEFINE_UNQUOTED(foo)
- if test -n "$$1_include"; then
- foo[INCLUDE]="-I$$1_include"
- fi
- AC_SUBST(foo[INCLUDE])
- if test -n "$$1_lib"; then
- foo[LIB]="-L$$1_lib"
- fi
- foo[LIB]="$foo[LIB] $4"
- AC_SUBST(foo[LIB])
+case "$ac_cv_funclib_XauWriteAuth" in
+yes) ;;
+no) ;;
+*) if test "$ac_cv_funclib_XauReadAuth" = yes; then
+ if test "$ac_cv_funclib_XauFileName" = yes; then
+ LIB_XauReadAuth="$LIB_XauWriteAuth"
+ else
+ LIB_XauReadAuth="$LIB_XauWriteAuth $LIB_XauFileName"
+ fi
+ else
+ if test "$ac_cv_funclib_XauFileName" = yes; then
+ LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth"
+ else
+ LIB_XauReadAuth="$LIB_XauReadAuth $LIB_XauWriteAuth $LIB_XauFileName"
+ fi
+ fi
+ ;;
+esac
+
+if test "$AUTOMAKE" != ""; then
+ AM_CONDITIONAL(NEED_WRITEAUTH, test "$ac_cv_func_XauWriteAuth" != "yes")
else
- AC_MSG_RESULT(no)
+ AC_SUBST(NEED_WRITEAUTH_TRUE)
+ AC_SUBST(NEED_WRITEAUTH_FALSE)
+ if test "$ac_cv_func_XauWriteAuth" != "yes"; then
+ NEED_WRITEAUTH_TRUE=
+ NEED_WRITEAUTH_FALSE='#'
+ else
+ NEED_WRITEAUTH_TRUE='#'
+ NEED_WRITEAUTH_FALSE=
+ fi
fi
-undefine([foo])
+CFLAGS=$save_CFLAGS
+LIBS=$save_LIBS
+LDFLAGS=$save_LDFLAGS
])
+# Define a conditional.
+
+AC_DEFUN(AM_CONDITIONAL,
+[AC_SUBST($1_TRUE)
+AC_SUBST($1_FALSE)
+if $2; then
+ $1_TRUE=
+ $1_FALSE='#'
+else
+ $1_TRUE='#'
+ $1_FALSE=
+fi])
+
+dnl $Id: krb-find-db.m4,v 1.5 1999/05/08 02:24:04 assar Exp $
dnl
-dnl Check if we need the declaration of a variable
+dnl find a suitable database library
dnl
+dnl AC_FIND_DB(libraries)
+AC_DEFUN(KRB_FIND_DB, [
-dnl AC_HAVE_DECLARATION(includes, variable)
-AC_DEFUN(AC_CHECK_DECLARATION, [
-AC_MSG_CHECKING([if $2 is properly declared])
-AC_CACHE_VAL(ac_cv_var_$2_declaration, [
-AC_TRY_COMPILE([$1
-extern struct { int foo; } $2;],
-[$2.foo = 1;],
-eval "ac_cv_var_$2_declaration=no",
-eval "ac_cv_var_$2_declaration=yes")
-])
+lib_dbm=no
+lib_db=no
-ac_tr_var=[HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION]
+for i in $1; do
-define([foo], [HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION])
-: << END
-@@@syms="$syms foo"@@@
-END
-undefine([foo])
+ if test "$i"; then
+ m="lib$i"
+ l="-l$i"
+ else
+ m="libc"
+ l=""
+ fi
-AC_MSG_RESULT($ac_cv_var_$2_declaration)
-if eval "test \"\$ac_cv_var_$2_declaration\" = yes"; then
- AC_DEFINE_UNQUOTED($ac_tr_var)
+ AC_MSG_CHECKING(for dbm_open in $m)
+ AC_CACHE_VAL(ac_cv_krb_dbm_open_$m, [
+
+ save_LIBS="$LIBS"
+ LIBS="$l $LIBS"
+ AC_TRY_RUN([
+#include <unistd.h>
+#include <fcntl.h>
+#if defined(HAVE_NDBM_H)
+#include <ndbm.h>
+#elif defined(HAVE_DBM_H)
+#include <dbm.h>
+#elif defined(HAVE_RPCSVC_DBM_H)
+#include <rpcsvc/dbm.h>
+#elif defined(HAVE_DB_H)
+#define DB_DBM_HSEARCH 1
+#include <db.h>
+#endif
+int main()
+{
+ DBM *d;
+
+ d = dbm_open("conftest", O_RDWR | O_CREAT, 0666);
+ if(d == NULL)
+ return 1;
+ dbm_close(d);
+ return 0;
+}], [
+ if test -f conftest.db; then
+ ac_res=db
+ else
+ ac_res=dbm
+ fi], ac_res=no, ac_res=no)
+
+ LIBS="$save_LIBS"
+
+ eval ac_cv_krb_dbm_open_$m=$ac_res])
+ eval ac_res=\$ac_cv_krb_dbm_open_$m
+ AC_MSG_RESULT($ac_res)
+
+ if test "$lib_dbm" = no -a $ac_res = dbm; then
+ lib_dbm="$l"
+ elif test "$lib_db" = no -a $ac_res = db; then
+ lib_db="$l"
+ break
+ fi
+done
+
+AC_MSG_CHECKING(for NDBM library)
+ac_ndbm=no
+if test "$lib_db" != no; then
+ LIB_DBM="$lib_db"
+ ac_ndbm=yes
+ AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files ending in .db).])
+ if test "$LIB_DBM"; then
+ ac_res="yes, $LIB_DBM"
+ else
+ ac_res=yes
+ fi
+elif test "$lib_dbm" != no; then
+ LIB_DBM="$lib_dbm"
+ ac_ndbm=yes
+ if test "$LIB_DBM"; then
+ ac_res="yes, $LIB_DBM"
+ else
+ ac_res=yes
+ fi
+else
+ LIB_DBM=""
+ ac_res=no
fi
+test "$ac_ndbm" = yes && AC_DEFINE(NDBM, 1, [Define if you have NDBM (and not DBM)])dnl
+AC_SUBST(LIB_DBM)
+DBLIB="$LIB_DBM"
+AC_SUBST(DBLIB)
+AC_MSG_RESULT($ac_res)
+
])
+dnl $Id: broken-snprintf.m4,v 1.3 1999/03/01 09:52:22 joda Exp $
dnl
-dnl
-dnl
+AC_DEFUN(AC_BROKEN_SNPRINTF, [
+AC_CACHE_CHECK(for working snprintf,ac_cv_func_snprintf_working,
+ac_cv_func_snprintf_working=yes
+AC_TRY_RUN([
+#include <stdio.h>
+#include <string.h>
+int main()
+{
+changequote(`,')dnl
+ char foo[3];
+changequote([,])dnl
+ snprintf(foo, 2, "12");
+ return strcmp(foo, "1");
+}],:,ac_cv_func_snprintf_working=no,:))
-dnl AC_CHECK_VAR(includes, variable)
-AC_DEFUN(AC_CHECK_VAR, [
-AC_MSG_CHECKING(for $2)
-AC_CACHE_VAL(ac_cv_var_$2, [
-AC_TRY_LINK([extern int $2;
-int foo() { return $2; }],
- [foo()],
- ac_cv_var_$2=yes, ac_cv_var_$2=no)
+if test "$ac_cv_func_snprintf_working" = yes; then
+ AC_DEFINE_UNQUOTED(HAVE_SNPRINTF, 1, [define if you have a working snprintf])
+fi
+if test "$ac_cv_func_snprintf_working" = yes; then
+AC_NEED_PROTO([#include <stdio.h>],snprintf)
+fi
])
-eval "ac_tr_var=[HAVE_]translit($2,[a-z],[A-Z])"
-define([foo], [HAVE_]translit($2, [a-z], [A-Z]))
-: << END
-@@@syms="$syms foo"@@@
-END
-undefine([foo])
+AC_DEFUN(AC_BROKEN_VSNPRINTF,[
+AC_CACHE_CHECK(for working vsnprintf,ac_cv_func_vsnprintf_working,
+ac_cv_func_vsnprintf_working=yes
+AC_TRY_RUN([
+#include <stdio.h>
+#include <string.h>
+#include <stdarg.h>
-AC_MSG_RESULT(`eval echo \\$ac_cv_var_$2`)
-if test `eval echo \\$ac_cv_var_$2` = yes; then
- AC_DEFINE_UNQUOTED($ac_tr_var)
- AC_CHECK_DECLARATION([$1],[$2])
+int foo(int num, ...)
+{
+changequote(`,')dnl
+ char bar[3];
+changequote([,])dnl
+ va_list arg;
+ va_start(arg, num);
+ vsnprintf(bar, 2, "%s", arg);
+ va_end(arg);
+ return strcmp(bar, "1");
+}
+
+
+int main()
+{
+ return foo(0, "12");
+}],:,ac_cv_func_vsnprintf_working=no,:))
+
+if test "$ac_cv_func_vsnprintf_working" = yes; then
+ AC_DEFINE_UNQUOTED(HAVE_VSNPRINTF, 1, [define if you have a working vsnprintf])
+fi
+if test "$ac_cv_func_vsnprintf_working" = yes; then
+AC_NEED_PROTO([#include <stdio.h>],vsnprintf)
fi
])
+dnl $Id: need-proto.m4,v 1.2 1999/03/01 09:52:24 joda Exp $
+dnl
dnl
dnl Check if we need the prototype for a function
dnl
@@ -278,6 +958,7 @@ dnl
dnl AC_NEED_PROTO(includes, function)
AC_DEFUN(AC_NEED_PROTO, [
+if test "$ac_cv_func_$2+set" != set -o "$ac_cv_func_$2" = yes; then
AC_CACHE_CHECK([if $2 needs a prototype], ac_cv_func_$2_noproto,
AC_TRY_COMPILE([$1],
[struct foo { int foo; } xx;
@@ -288,158 +969,95 @@ eval "ac_cv_func_$2_noproto=yes",
eval "ac_cv_func_$2_noproto=no"))
define([foo], [NEED_]translit($2, [a-z], [A-Z])[_PROTO])
if test "$ac_cv_func_$2_noproto" = yes; then
- AC_DEFINE(foo)
+ AC_DEFINE(foo, 1, [define if the system is missing a prototype for $2()])
fi
-: << END
-@@@syms="$syms foo"@@@
-END
undefine([foo])
+fi
])
-dnl AC_MSG_RESULT($ac_cv_func_$3_proto)
-dnl if eval "test \"\$ac_cv_func_$3_proto\" = yes"; then
-dnl AC_DEFINE_UNQUOTED($ac_tr_func)
-dnl fi
-dnl ])
-dnl
-dnl AC_DEFUN(AC_NEED_PROTO, [
-dnl AC_MSG_CHECKING([if $3 needs a proto])
-dnl AC_CACHE_VAL(ac_cv_func_$3_proto, [
-dnl AC_TRY_COMPILE([$1],
-dnl [$2],
-dnl eval "ac_cv_func_$3_proto=no",
-dnl eval "ac_cv_func_$3_proto=yes")
-dnl ])
-dnl changequote(, )dnl
-dnl eval "ac_tr_func=NEED_`echo $3 | tr '[a-z]' '[A-Z]'`_PROTO"
-dnl changequote([, ])dnl
-dnl
-dnl define([foo], [NEED_]translit($3, [a-z], [A-Z])[_PROTO])
-dnl : << END
-dnl @@@syms="$syms foo"@@@
-dnl END
-dnl undefine([foo])
-dnl
-dnl AC_MSG_RESULT($ac_cv_func_$3_proto)
-dnl if eval "test \"\$ac_cv_func_$3_proto\" = yes"; then
-dnl AC_DEFINE_UNQUOTED($ac_tr_func)
-dnl fi
-dnl ])
-
-AC_DEFUN(AC_GROK_TYPE, [
-AC_CACHE_VAL(ac_cv_type_$1,
-AC_TRY_COMPILE([
-#include "confdefs.h"
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_BIND_BITYPES_H
-#include <bind/bitypes.h>
-#endif
-#ifdef HAVE_NETINET_IN6_MACHTYPES_H
-#include <netinet/in6_machtypes.h>
-#endif
-],
-$i x;
-,
-eval ac_cv_type_$1=yes,
-eval ac_cv_type_$1=no))])
-
-
-AC_DEFUN(AC_GROK_TYPES, [
-for i in $1; do
- AC_MSG_CHECKING(for $i)
- AC_GROK_TYPE($i)
- eval ac_res=\$ac_cv_type_$i
- if test "$ac_res" = yes; then
- type=HAVE_`echo $i | tr '[a-z]' '[A-Z]'`
- AC_DEFINE_UNQUOTED($type)
- fi
- AC_MSG_RESULT($ac_res)
-done
-])
-
-dnl
-dnl Specific tests
-dnl
-
-dnl
-dnl We prefer byacc or yacc because they do not use `alloca'
-dnl
-
-AC_DEFUN(AC_KRB_PROG_YACC,
-[AC_CHECK_PROGS(YACC, byacc yacc 'bison -y')])
-
+dnl $Id: broken-glob.m4,v 1.2 1999/03/01 09:52:15 joda Exp $
dnl
-dnl Also look for EMXOMF for OS/2
+dnl check for glob(3)
dnl
+AC_DEFUN(AC_BROKEN_GLOB,[
+AC_CACHE_CHECK(for working glob, ac_cv_func_glob_working,
+ac_cv_func_glob_working=yes
+AC_TRY_LINK([
+#include <stdio.h>
+#include <glob.h>],[
+glob(NULL, GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE, NULL, NULL);
+],:,ac_cv_func_glob_working=no,:))
-AC_DEFUN(AC_KRB_PROG_RANLIB,
-[AC_CHECK_PROGS(RANLIB, ranlib EMXOMF, :)])
+if test "$ac_cv_func_glob_working" = yes; then
+ AC_DEFINE(HAVE_GLOB, 1, [define if you have a glob() that groks
+ GLOB_BRACE, GLOB_NOCHECK, GLOB_QUOTE, and GLOB_TILDE])
+fi
+if test "$ac_cv_func_glob_working" = yes; then
+AC_NEED_PROTO([#include <stdio.h>
+#include <glob.h>],glob)
+fi
+])
+dnl $Id: check-getpwnam_r-posix.m4,v 1.2 1999/03/23 16:47:31 joda Exp $
dnl
-dnl Better test for ln -s, ln or cp
-dnl
+dnl check for getpwnam_r, and if it's posix or not
-AC_DEFUN(AC_KRB_PROG_LN_S,
-[AC_MSG_CHECKING(for ln -s or something else)
-AC_CACHE_VAL(ac_cv_prog_LN_S,
-[rm -f conftestdata
-if ln -s X conftestdata 2>/dev/null
-then
- rm -f conftestdata
- ac_cv_prog_LN_S="ln -s"
-else
- touch conftestdata1
- if ln conftestdata1 conftestdata2; then
- rm -f conftestdata*
- ac_cv_prog_LN_S=ln
- else
- ac_cv_prog_LN_S=cp
- fi
-fi])dnl
-LN_S="$ac_cv_prog_LN_S"
-AC_MSG_RESULT($ac_cv_prog_LN_S)
-AC_SUBST(LN_S)dnl
+AC_DEFUN(AC_CHECK_GETPWNAM_R_POSIX,[
+AC_FIND_FUNC_NO_LIBS(getpwnam_r,c_r)
+if test "$ac_cv_func_getpwnam_r" = yes; then
+ AC_CACHE_CHECK(if getpwnam_r is posix,ac_cv_func_getpwnam_r_posix,
+ ac_libs="$LIBS"
+ LIBS="$LIBS $LIB_getpwnam_r"
+ AC_TRY_RUN([
+#include <pwd.h>
+int main()
+{
+ struct passwd pw, *pwd;
+ return getpwnam_r("", &pw, NULL, 0, &pwd) < 0;
+}
+],ac_cv_func_getpwnam_r_posix=yes,ac_cv_func_getpwnam_r_posix=no,:)
+LIBS="$ac_libs")
+if test "$ac_cv_func_getpwnam_r_posix" = yes; then
+ AC_DEFINE(POSIX_GETPWNAM_R, 1, [Define if getpwnam_r has POSIX flavour.])
+fi
+fi
])
-
+dnl $Id: find-if-not-broken.m4,v 1.2 1998/03/16 22:16:27 joda Exp $
dnl
-dnl NEXTSTEP is not posix compliant by default,
-dnl you need a switch -posix to the compiler
+dnl
+dnl Mix between AC_FIND_FUNC and AC_BROKEN
dnl
-AC_DEFUN(AC_KRB_SYS_NEXTSTEP, [
-AC_MSG_CHECKING(for NEXTSTEP)
-AC_CACHE_VAL(krb_cv_sys_nextstep,
-AC_EGREP_CPP(yes,
-[#ifdef NeXT
- yes
-#endif
-], krb_cv_sys_nextstep=yes, krb_cv_sys_nextstep=no) )
-if test "$krb_cv_sys_nextstep" = "yes"; then
- CFLAGS="$CFLAGS -posix"
- LIBS="$LIBS -posix"
+AC_DEFUN(AC_FIND_IF_NOT_BROKEN,
+[AC_FIND_FUNC([$1], [$2], [$3], [$4])
+if eval "test \"$ac_cv_func_$1\" != yes"; then
+LIBOBJS[]="$LIBOBJS $1.o"
fi
-AC_MSG_RESULT($krb_cv_sys_nextstep)
+AC_SUBST(LIBOBJS)dnl
])
+dnl $Id: broken.m4,v 1.3 1998/03/16 22:16:19 joda Exp $
dnl
-dnl AIX have a very different syscall convention
dnl
-AC_DEFUN(AC_KRB_SYS_AIX, [
-AC_MSG_CHECKING(for AIX)
-AC_CACHE_VAL(krb_cv_sys_aix,
-AC_EGREP_CPP(yes,
-[#ifdef _AIX
- yes
-#endif
-], krb_cv_sys_aix=yes, krb_cv_sys_aix=no) )
-AC_MSG_RESULT($krb_cv_sys_aix)
+dnl Same as AC _REPLACE_FUNCS, just define HAVE_func if found in normal
+dnl libraries
+
+AC_DEFUN(AC_BROKEN,
+[for ac_func in $1
+do
+AC_CHECK_FUNC($ac_func, [
+ac_tr_func=HAVE_[]upcase($ac_func)
+AC_DEFINE_UNQUOTED($ac_tr_func)],[LIBOBJS[]="$LIBOBJS ${ac_func}.o"])
+dnl autoheader tricks *sigh*
+: << END
+@@@funcs="$funcs $1"@@@
+END
+done
+AC_SUBST(LIBOBJS)dnl
])
+dnl $Id: krb-func-getcwd-broken.m4,v 1.2 1999/03/01 13:03:32 joda Exp $
+dnl
dnl
dnl test for broken getcwd in (SunOS braindamage)
dnl
@@ -471,7 +1089,7 @@ int main()
], ac_cv_func_getcwd_broken=yes,:,:)
])
if test "$ac_cv_func_getcwd_broken" = yes; then
- AC_DEFINE(BROKEN_GETCWD, 1)dnl
+ AC_DEFINE(BROKEN_GETCWD, 1, [Define if getcwd is broken (like in SunOS 4).])dnl
LIBOBJS="$LIBOBJS getcwd.o"
AC_SUBST(LIBOBJS)dnl
AC_MSG_RESULT($ac_cv_func_getcwd_broken)
@@ -481,43 +1099,120 @@ fi
fi
])
+dnl $Id: proto-compat.m4,v 1.3 1999/03/01 13:03:48 joda Exp $
+dnl
+dnl
+dnl Check if the prototype of a function is compatible with another one
+dnl
+
+dnl AC_PROTO_COMPAT(includes, function, prototype)
+
+AC_DEFUN(AC_PROTO_COMPAT, [
+AC_CACHE_CHECK([if $2 is compatible with system prototype],
+ac_cv_func_$2_proto_compat,
+AC_TRY_COMPILE([$1],
+[$3;],
+eval "ac_cv_func_$2_proto_compat=yes",
+eval "ac_cv_func_$2_proto_compat=no"))
+define([foo], translit($2, [a-z], [A-Z])[_PROTO_COMPATIBLE])
+if test "$ac_cv_func_$2_proto_compat" = yes; then
+ AC_DEFINE(foo, 1, [define if prototype of $2 is compatible with
+ $3])
+fi
+undefine([foo])
+])
+dnl $Id: check-var.m4,v 1.2 1999/03/01 09:52:23 joda Exp $
+dnl
+dnl AC_CHECK_VAR(includes, variable)
+AC_DEFUN(AC_CHECK_VAR, [
+AC_MSG_CHECKING(for $2)
+AC_CACHE_VAL(ac_cv_var_$2, [
+AC_TRY_LINK([extern int $2;
+int foo() { return $2; }],
+ [foo()],
+ ac_cv_var_$2=yes, ac_cv_var_$2=no)
+])
+define([foo], [HAVE_]translit($2, [a-z], [A-Z]))
+
+AC_MSG_RESULT(`eval echo \\$ac_cv_var_$2`)
+if test `eval echo \\$ac_cv_var_$2` = yes; then
+ AC_DEFINE_UNQUOTED(foo, 1, [define if you have $2])
+ AC_CHECK_DECLARATION([$1],[$2])
+fi
+undefine([foo])
+])
+
+dnl $Id: check-declaration.m4,v 1.3 1999/03/01 13:03:08 joda Exp $
+dnl
+dnl
+dnl Check if we need the declaration of a variable
+dnl
-AC_DEFUN(AC_HAVE_PRAGMA_WEAK, [
-if test "${with_shared}" = "yes"; then
-AC_MSG_CHECKING(for pragma weak)
-AC_CACHE_VAL(ac_have_pragma_weak, [
-ac_have_pragma_weak=no
-cat > conftest_foo.$ac_ext <<'EOF'
-[#]line __oline__ "configure"
-#include "confdefs.h"
-#pragma weak foo = _foo
-int _foo = 17;
-EOF
-cat > conftest_bar.$ac_ext <<'EOF'
-[#]line __oline__ "configure"
-#include "confdefs.h"
-extern int foo;
+dnl AC_HAVE_DECLARATION(includes, variable)
+AC_DEFUN(AC_CHECK_DECLARATION, [
+AC_MSG_CHECKING([if $2 is properly declared])
+AC_CACHE_VAL(ac_cv_var_$2_declaration, [
+AC_TRY_COMPILE([$1
+extern struct { int foo; } $2;],
+[$2.foo = 1;],
+eval "ac_cv_var_$2_declaration=no",
+eval "ac_cv_var_$2_declaration=yes")
+])
-int t() {
- return foo;
-}
+define(foo, [HAVE_]translit($2, [a-z], [A-Z])[_DECLARATION])
-int main() {
- return t();
-}
-EOF
-if AC_TRY_EVAL('CC -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest_foo.$ac_ext conftest_bar.$ac_ext 1>&AC_FD_CC'); then
-ac_have_pragma_weak=yes
+AC_MSG_RESULT($ac_cv_var_$2_declaration)
+if eval "test \"\$ac_cv_var_$2_declaration\" = yes"; then
+ AC_DEFINE(foo, 1, [define if your system declares $2])
fi
-rm -rf conftest*
+undefine([foo])
])
-if test "$ac_have_pragma_weak" = "yes"; then
- AC_DEFINE(HAVE_PRAGMA_WEAK, 1)dnl
+
+dnl $Id: have-struct-field.m4,v 1.5 1999/03/01 13:10:35 joda Exp $
+dnl
+dnl check for fields in a structure
+dnl
+dnl AC_HAVE_STRUCT_FIELD(struct, field, headers)
+
+AC_DEFUN(AC_HAVE_STRUCT_FIELD, [
+define(cache_val, translit(ac_cv_type_$1_$2, [A-Z ], [a-z_]))
+AC_CACHE_CHECK([for $2 in $1], cache_val,[
+AC_TRY_COMPILE([$3],[$1 x; x.$2;],
+cache_val=yes,
+cache_val=no)])
+if test "$cache_val" = yes; then
+ define(foo, translit(HAVE_$1_$2, [a-z ], [A-Z_]))
+ AC_DEFINE(foo, 1, [Define if $1 has field $2.])
+ undefine(foo)
fi
-AC_MSG_RESULT($ac_have_pragma_weak)
+undefine(cache_val)
+])
+
+dnl $Id
+dnl
+dnl Test for `struct spwd'
+
+AC_DEFUN(AC_KRB_STRUCT_SPWD, [
+AC_MSG_CHECKING(for struct spwd)
+AC_CACHE_VAL(ac_cv_type_struct_spwd, [
+AC_TRY_COMPILE(
+[#include <pwd.h>
+#ifdef HAVE_SHADOW_H
+#include <shadow.h>
+#endif],
+[struct spwd foo;],
+ac_cv_struct_spwd=yes,
+ac_cv_struct_spwd=no)
+])
+AC_MSG_RESULT($ac_cv_struct_spwd)
+
+if test "$ac_cv_struct_spwd" = "yes"; then
+ AC_DEFINE(HAVE_STRUCT_SPWD, 1, [define if you have struct spwd])
fi
])
+dnl $Id: krb-struct-winsize.m4,v 1.2 1999/03/01 09:52:23 joda Exp $
+dnl
dnl
dnl Search for struct winsize
dnl
@@ -535,9 +1230,62 @@ $i, ac_cv_struct_winsize=yes; break)dnl
done
])
if test "$ac_cv_struct_winsize" = "yes"; then
- AC_DEFINE(HAVE_STRUCT_WINSIZE, 1)dnl
+ AC_DEFINE(HAVE_STRUCT_WINSIZE, 1, [define if struct winsize is declared in sys/termios.h])
fi
AC_MSG_RESULT($ac_cv_struct_winsize)
-AC_EGREP_HEADER(ws_xpixel, termios.h, AC_DEFINE(HAVE_WS_XPIXEL))
-AC_EGREP_HEADER(ws_ypixel, termios.h, AC_DEFINE(HAVE_WS_YPIXEL))
+AC_EGREP_HEADER(ws_xpixel, termios.h,
+ AC_DEFINE(HAVE_WS_XPIXEL, 1, [define if struct winsize has ws_xpixel]))
+AC_EGREP_HEADER(ws_ypixel, termios.h,
+ AC_DEFINE(HAVE_WS_YPIXEL, 1, [define if struct winsize has ws_ypixel]))
+])
+
+dnl $Id: check-type-extra.m4,v 1.2 1999/03/01 09:52:23 joda Exp $
+dnl
+dnl ac_check_type + extra headers
+
+dnl AC_CHECK_TYPE_EXTRA(TYPE, DEFAULT, HEADERS)
+AC_DEFUN(AC_CHECK_TYPE_EXTRA,
+[AC_REQUIRE([AC_HEADER_STDC])dnl
+AC_MSG_CHECKING(for $1)
+AC_CACHE_VAL(ac_cv_type_$1,
+[AC_EGREP_CPP(dnl
+changequote(<<,>>)dnl
+<<$1[^a-zA-Z_0-9]>>dnl
+changequote([,]), [#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#include <stddef.h>
+#endif
+$3], ac_cv_type_$1=yes, ac_cv_type_$1=no)])dnl
+AC_MSG_RESULT($ac_cv_type_$1)
+if test $ac_cv_type_$1 = no; then
+ AC_DEFINE($1, $2, [Define this to what the type $1 should be.])
+fi
])
+
+dnl $Id: krb-version.m4,v 1.1 1997/12/14 15:59:03 joda Exp $
+dnl
+dnl
+dnl output a C header-file with some version strings
+dnl
+AC_DEFUN(AC_KRB_VERSION,[
+dnl AC_OUTPUT_COMMANDS([
+cat > include/newversion.h.in <<FOOBAR
+char *${PACKAGE}_long_version = "@(#)\$Version: $PACKAGE-$VERSION by @USER@ on @HOST@ ($host) @DATE@ \$";
+char *${PACKAGE}_version = "$PACKAGE-$VERSION";
+FOOBAR
+
+if test -f include/version.h && cmp -s include/newversion.h.in include/version.h.in; then
+ echo "include/version.h is unchanged"
+ rm -f include/newversion.h.in
+else
+ echo "creating include/version.h"
+ User=${USER-${LOGNAME}}
+ Host=`(hostname || uname -n) 2>/dev/null | sed 1q`
+ Date=`date`
+ mv -f include/newversion.h.in include/version.h.in
+ sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h
+fi
+dnl ],host=$host PACKAGE=$PACKAGE VERSION=$VERSION)
+])
+
diff --git a/crypto/kerberosIV/admin/Makefile.in b/crypto/kerberosIV/admin/Makefile.in
index d0b68b1532ef..31de19d6a914 100644
--- a/crypto/kerberosIV/admin/Makefile.in
+++ b/crypto/kerberosIV/admin/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.26 1997/05/04 08:33:50 assar Exp $
+# $Id: Makefile.in,v 1.32 1999/03/10 19:01:10 joda Exp $
SHELL = /bin/sh
@@ -6,10 +6,12 @@ srcdir = @srcdir@
VPATH = @srcdir@
CC = @CC@
+LINK = @LINK@
AR = ar
RANLIB = @RANLIB@
DEFS = @DEFS@
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
LD_FLAGS = @LD_FLAGS@
LIBS = @LIBS@
LIB_DBM = @LIB_DBM@
@@ -45,17 +47,17 @@ Wall:
make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
.c.o:
- $(CC) -c $(CPPFLAGS) $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $<
+ $(CC) -c $(DEFS) -I../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $<
install: all
- $(MKINSTALLDIRS) $(sbindir)
+ $(MKINSTALLDIRS) $(DESTDIR)$(sbindir)
for x in $(PROGS); do \
- $(INSTALL_PROGRAM) $$x $(sbindir)/`echo $$x|sed '$(transform)'`; \
+ $(INSTALL_PROGRAM) $$x $(DESTDIR)$(sbindir)/`echo $$x|sed '$(transform)'`; \
done
uninstall:
for x in $(PROGS); do \
- rm -f $(sbindir)/`echo $$x|sed '$(transform)'`; \
+ rm -f $(DESTDIR)$(sbindir)/`echo $$x|sed '$(transform)'`; \
done
TAGS: $(SOURCES)
@@ -74,31 +76,27 @@ distclean: clean
realclean: distclean
rm -f TAGS
-dist: $(DISTFILES)
- for file in $(DISTFILES); do \
- ln $$file ../`cat ../.fname`/lib \
- || cp -p $$file ../`cat ../.fname`/lib; \
- done
-
KLIB=-L../lib/kdb -lkdb -L../lib/krb -lkrb -L../lib/des -ldes
LIBROKEN= -L../lib/roken -lroken
ext_srvtab$(EXECSUFFIX): ext_srvtab.o
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ ext_srvtab.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ ext_srvtab.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
kdb_destroy$(EXECSUFFIX): kdb_destroy.o
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_destroy.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_destroy.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
kdb_edit$(EXECSUFFIX): kdb_edit.o
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_edit.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_edit.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
kdb_init$(EXECSUFFIX): kdb_init.o
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_init.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_init.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
kdb_util$(EXECSUFFIX): kdb_util.o
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_util.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kdb_util.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
kstash$(EXECSUFFIX): kstash.o
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ kstash.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kstash.o $(KLIB) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
$(OBJECTS): ../include/config.h
+
+.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean
diff --git a/crypto/kerberosIV/admin/ext_srvtab.c b/crypto/kerberosIV/admin/ext_srvtab.c
index 9c029219d899..f1f1752080cd 100644
--- a/crypto/kerberosIV/admin/ext_srvtab.c
+++ b/crypto/kerberosIV/admin/ext_srvtab.c
@@ -9,7 +9,7 @@
#include "adm_locl.h"
-RCSID("$Id: ext_srvtab.c,v 1.13 1997/05/02 14:27:33 assar Exp $");
+RCSID("$Id: ext_srvtab.c,v 1.17 1998/06/09 19:24:13 joda Exp $");
static des_cblock master_key;
static des_cblock session_key;
@@ -17,15 +17,6 @@ static des_key_schedule master_key_schedule;
static char realm[REALM_SZ];
static void
-usage(void)
-{
- fprintf(stderr,
- "Usage: %s [-n] [-r realm] instance [instance ...]\n",
- __progname);
- exit(1);
-}
-
-static void
StampOutSecrets(void)
{
memset(master_key, 0, sizeof master_key);
@@ -34,8 +25,11 @@ StampOutSecrets(void)
}
static void
-Die(void)
+usage(void)
{
+ fprintf(stderr,
+ "Usage: %s [-n] [-r realm] instance [instance ...]\n",
+ __progname);
StampOutSecrets();
exit(1);
}
@@ -44,8 +38,8 @@ static void
FWrite(void *p, int size, int n, FILE *f)
{
if (fwrite(p, size, n, f) != n) {
- printf("Error writing output file. Terminating.\n");
- Die();
+ StampOutSecrets();
+ errx(1, "Error writing output file. Terminating.\n");
}
}
@@ -64,6 +58,10 @@ main(int argc, char **argv)
set_progname (argv[0]);
memset(realm, 0, sizeof(realm));
+#ifdef HAVE_ATEXIT
+ atexit(StampOutSecrets);
+#endif
+
/* Parse commandline arguments */
if (argc < 2)
usage();
@@ -75,7 +73,7 @@ main(int argc, char **argv)
if (++i >= argc)
usage();
else {
- strcpy(realm, argv[i]);
+ strcpy_truncate(realm, argv[i], REALM_SZ);
/*
* This is to humor the broken way commandline
* argument parsing is done. Later, this
@@ -104,8 +102,10 @@ main(int argc, char **argv)
/* For each arg, search for instances of arg, and produce */
/* srvtab file */
if (!realm[0])
- if (krb_get_lrealm(realm, 1) != KSUCCESS)
+ if (krb_get_lrealm(realm, 1) != KSUCCESS) {
+ StampOutSecrets();
errx (1, "couldn't get local realm");
+ }
umask(077);
for (arg = 1; arg < argc; arg++) {
@@ -135,9 +135,6 @@ main(int argc, char **argv)
}
fclose(fout);
}
-
StampOutSecrets();
-
return fopen_errs; /* 0 errors if successful */
-
}
diff --git a/crypto/kerberosIV/admin/kdb_destroy.c b/crypto/kerberosIV/admin/kdb_destroy.c
index fca339f0dd6b..ec4a5d008776 100644
--- a/crypto/kerberosIV/admin/kdb_destroy.c
+++ b/crypto/kerberosIV/admin/kdb_destroy.c
@@ -9,14 +9,12 @@
#include "adm_locl.h"
-RCSID("$Id: kdb_destroy.c,v 1.7 1997/03/31 02:25:21 assar Exp $");
+RCSID("$Id: kdb_destroy.c,v 1.9 1998/06/09 19:24:13 joda Exp $");
int
main(int argc, char **argv)
{
char answer[10]; /* user input */
- char dbm[256]; /* database path and name */
- char dbm1[256]; /* database path and name */
#ifdef HAVE_NEW_DB
char *file; /* database file names */
#else
@@ -25,21 +23,22 @@ main(int argc, char **argv)
set_progname (argv[0]);
- strcpy(dbm, DBM_FILE);
#ifdef HAVE_NEW_DB
- file = strcat(dbm, ".db");
+ asprintf(&file, "%s.db", DBM_FILE);
+ if (file == NULL)
+ err (1, "malloc");
#else
- strcpy(dbm1, DBM_FILE);
- file1 = strcat(dbm, ".dir");
- file2 = strcat(dbm1, ".pag");
+ asprintf(&file1, "%s.dir", DBM_FILE);
+ asprintf(&file2, "%s.pag", DBM_FILE);
+ if (file1 == NULL || file2 == NULL)
+ err (1, "malloc");
#endif
printf("You are about to destroy the Kerberos database ");
printf("on this machine.\n");
printf("Are you sure you want to do this (y/n)? ");
- fgets(answer, sizeof(answer), stdin);
-
- if (answer[0] == 'y' || answer[0] == 'Y') {
+ if (fgets(answer, sizeof(answer), stdin) != NULL
+ && (answer[0] == 'y' || answer[0] == 'Y')) {
#ifdef HAVE_NEW_DB
if (unlink(file) == 0)
#else
diff --git a/crypto/kerberosIV/admin/kdb_edit.c b/crypto/kerberosIV/admin/kdb_edit.c
index 5d07135e9780..bd9df2dbdca4 100644
--- a/crypto/kerberosIV/admin/kdb_edit.c
+++ b/crypto/kerberosIV/admin/kdb_edit.c
@@ -15,14 +15,12 @@
#include "adm_locl.h"
-RCSID("$Id: kdb_edit.c,v 1.25 1997/05/07 01:34:05 assar Exp $");
+RCSID("$Id: kdb_edit.c,v 1.27 1998/11/22 09:26:31 assar Exp $");
#ifdef DEBUG
extern kerb_debug;
#endif
-#define zaptime(foo) memset((foo), 0, sizeof(*(foo)))
-
static int nflag = 0;
static int debug;
@@ -74,8 +72,7 @@ change_principal(void)
int editpw = 0;
int changed = 0;
long temp_long; /* Don't change to int32_t, used by scanf */
- int n;
- struct tm *tp, edate;
+ struct tm edate;
fprintf(stdout, "\nPrincipal name: ");
fflush(stdout);
@@ -96,8 +93,12 @@ change_principal(void)
/* make a new principal, fill in defaults */
j = 1;
creating = 1;
- strcpy(principal_data[0].name, input_name);
- strcpy(principal_data[0].instance, input_instance);
+ strcpy_truncate(principal_data[0].name,
+ input_name,
+ ANAME_SZ);
+ strcpy_truncate(principal_data[0].instance,
+ input_instance,
+ INST_SZ);
principal_data[0].old = NULL;
principal_data[0].exp_date = default_princ.exp_date;
if (strcmp(input_instance, "admin") == 0)
@@ -110,12 +111,7 @@ change_principal(void)
principal_data[0].kdc_key_ver = (unsigned char) master_key_version;
principal_data[0].key_version = 0; /* bumped up later */
}
- tp = k_localtime(&principal_data[0].exp_date);
- snprintf(principal_data[0].exp_date_txt,
- sizeof(principal_data[0].exp_date_txt),
- "%4d-%02d-%02d",
- tp->tm_year + 1900,
- tp->tm_mon + 1, tp->tm_mday); /* January is 0, not 1 */
+ *principal_data[0].exp_date_txt = '\0';
for (i = 0; i < j; i++) {
for (;;) {
fprintf(stdout,
@@ -219,35 +215,38 @@ change_principal(void)
changed = 1;
}
/* expiration date */
- fprintf(stdout, "Expiration date (enter yyyy-mm-dd) [ %s ] ? ",
- principal_data[i].exp_date_txt);
- fflush(stdout);
- zaptime(&edate);
- while (n_gets(temp, sizeof(temp)) && ((n = strlen(temp)) >
- sizeof(principal_data[0].exp_date_txt))) {
- bad_date:
- fprintf(stdout, "\07\07Date Invalid\n");
- fprintf(stdout,
- "Expiration date (enter yyyy-mm-dd) [ %s ] ? ",
- principal_data[i].exp_date_txt);
- fflush(stdout);
- zaptime(&edate);
- }
-
- if (*temp) {
- if (sscanf(temp, "%d-%d-%d", &edate.tm_year,
- &edate.tm_mon, &edate.tm_mday) != 3)
- goto bad_date;
- edate.tm_mon--; /* January is 0, not 1 */
- edate.tm_hour = 23; /* nearly midnight at the end of the */
- edate.tm_min = 59; /* specified day */
- if (krb_check_tm (edate))
- goto bad_date;
- edate.tm_year -= 1900;
- temp_long = tm2time (edate, 1);
- strcpy(principal_data[i].exp_date_txt, temp);
- principal_data[i].exp_date = temp_long;
- changed = 1;
+ {
+ char d[DATE_SZ];
+ struct tm *tm;
+ tm = k_localtime(&principal_data[i].exp_date);
+ strftime(d, sizeof(d), "%Y-%m-%d", tm);
+ while(1) {
+ printf("Expiration date (yyyy-mm-dd) [ %s ] ? ", d);
+ fflush(stdout);
+ if(n_gets(temp, sizeof(temp)) == NULL) {
+ printf("Invalid date.\n");
+ continue;
+ }
+ if (*temp) {
+ memset(&edate, 0, sizeof(edate));
+ if (sscanf(temp, "%d-%d-%d", &edate.tm_year,
+ &edate.tm_mon, &edate.tm_mday) != 3) {
+ printf("Invalid date.\n");
+ continue;
+ }
+ edate.tm_mon--; /* January is 0, not 1 */
+ edate.tm_hour = 23; /* at the end of the */
+ edate.tm_min = 59; /* specified day */
+ if (krb_check_tm (edate)) {
+ printf("Invalid date.\n");
+ continue;
+ }
+ edate.tm_year -= 1900;
+ principal_data[i].exp_date = tm2time (edate, 1);
+ changed = 1;
+ }
+ break;
+ }
}
/* maximum lifetime */
@@ -281,7 +280,7 @@ change_principal(void)
goto bad_att;
if (temp_long > 65535 || (temp_long < 0)) {
bad_att:
- fprintf(stdout, "\07\07Invalid, choose 0-65535\n");
+ fprintf(stdout, "Invalid, choose 0-65535\n");
fprintf(stdout, "Attributes [ %d ] ? ",
principal_data[i].attributes);
fflush(stdout);
diff --git a/crypto/kerberosIV/admin/kdb_init.c b/crypto/kerberosIV/admin/kdb_init.c
index b9ea009c5d1c..bf340a75942a 100644
--- a/crypto/kerberosIV/admin/kdb_init.c
+++ b/crypto/kerberosIV/admin/kdb_init.c
@@ -10,7 +10,7 @@
#include "adm_locl.h"
-RCSID("$Id: kdb_init.c,v 1.23 1997/03/30 17:45:05 assar Exp $");
+RCSID("$Id: kdb_init.c,v 1.24 1998/06/09 19:24:13 joda Exp $");
enum ap_op {
NULL_KEY, /* setup null keys */
@@ -28,12 +28,11 @@ static int
add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife)
{
Principal principal;
- struct tm *tm;
des_cblock new_key;
memset(&principal, 0, sizeof(principal));
- strncpy(principal.name, name, ANAME_SZ);
- strncpy(principal.instance, instance, INST_SZ);
+ strcpy_truncate(principal.name, name, ANAME_SZ);
+ strcpy_truncate(principal.instance, instance, INST_SZ);
switch (aap_op) {
case NULL_KEY:
principal.key_low = 0;
@@ -58,19 +57,19 @@ add_principal(char *name, char *instance, enum ap_op aap_op, int maxlife)
copy_from_key(new_key, &principal.key_low, &principal.key_high);
break;
}
- principal.exp_date = 946702799; /* Happy new century */
- strncpy(principal.exp_date_txt, "12/31/99", DATE_SZ);
principal.mod_date = time(0);
+ *principal.mod_date_txt = '\0';
+ principal.exp_date = principal.mod_date + 5 * 365 * 24 * 60 * 60;
+ *principal.exp_date_txt = '\0';
- tm = k_localtime(&principal.mod_date);
principal.attributes = 0;
principal.max_life = maxlife;
principal.kdc_key_ver = 1;
principal.key_version = 1;
- strncpy(principal.mod_name, "db_creation", ANAME_SZ);
- strncpy(principal.mod_instance, "", INST_SZ);
+ strcpy_truncate(principal.mod_name, "db_creation", ANAME_SZ);
+ strcpy_truncate(principal.mod_instance, "", INST_SZ);
principal.old = 0;
if (kerb_db_put_principal(&principal, 1) != 1)
@@ -109,10 +108,10 @@ main(int argc, char **argv)
kerb_db_set_name(database);
if (argc == 2)
- strncpy(realm, argv[1], REALM_SZ);
+ strcpy_truncate(realm, argv[1], REALM_SZ);
else {
if (krb_get_lrealm(realm, 1) != KSUCCESS)
- strcpy(realm, KRB_REALM);
+ strcpy_truncate(realm, KRB_REALM, REALM_SZ);
fprintf(stderr, "Realm name [default %s ]: ", realm);
if (fgets(realm, sizeof(realm), stdin) == NULL)
errx (1, "\nEOF reading realm");
@@ -120,7 +119,7 @@ main(int argc, char **argv)
*cp = '\0';
if (!*realm) /* no realm given */
if (krb_get_lrealm(realm, 1) != KSUCCESS)
- strcpy(realm, KRB_REALM);
+ strcpy_truncate(realm, KRB_REALM, REALM_SZ);
}
if (!k_isrealm(realm))
errx (1, "Bad kerberos realm name \"%s\"", realm);
diff --git a/crypto/kerberosIV/admin/kdb_util.c b/crypto/kerberosIV/admin/kdb_util.c
index b221fddb1e6b..4700df1d594a 100644
--- a/crypto/kerberosIV/admin/kdb_util.c
+++ b/crypto/kerberosIV/admin/kdb_util.c
@@ -15,13 +15,11 @@
#include "adm_locl.h"
-RCSID("$Id: kdb_util.c,v 1.35 1997/05/07 00:57:45 assar Exp $");
+RCSID("$Id: kdb_util.c,v 1.40 1999/07/05 21:43:52 assar Exp $");
static des_cblock master_key, new_master_key;
static des_key_schedule master_key_schedule, new_master_key_schedule;
-#define zaptime(foo) memset((foo), 0, sizeof(*(foo)))
-
/* cv_key is a procedure which takes a principle and changes its key,
either for a new method of encrypting the keys, or a new master key.
if cv_key is null no transformation of key is done (other than net byte
@@ -52,11 +50,10 @@ time_explode(char *cp)
struct tm tp;
int local;
- zaptime(&tp); /* clear out the struct */
+ memset(&tp, 0, sizeof(tp)); /* clear out the struct */
if (strlen(cp) > 10) { /* new format */
- strncpy(wbuf, cp, 4);
- wbuf[4] = 0;
+ strcpy_truncate(wbuf, cp, sizeof(wbuf));
tp.tm_year = atoi(wbuf) - 1900;
cp += 4; /* step over the year */
local = 0; /* GMT */
@@ -86,13 +83,13 @@ time_explode(char *cp)
wbuf[1] = *cp++;
tp.tm_min = atoi(wbuf);
-
return(tm2time(tp, local));
}
static int
-dump_db_1(void *arg, Principal *principal)
-{ /* replace null strings with "*" */
+dump_db_1(void *arg,
+ Principal *principal) /* replace null strings with "*" */
+{
struct callback_args *a = (struct callback_args *)arg;
if (principal->instance[0] == '\0') {
@@ -135,7 +132,7 @@ dump_db (char *db_file, FILE *output_file, void (*cv_key) (Principal *))
a.cv_key = cv_key;
a.output_file = output_file;
- kerb_db_iterate ((k_iter_proc_t)dump_db_1, &a);
+ kerb_db_iterate (dump_db_1, &a);
return fflush(output_file);
}
@@ -198,14 +195,12 @@ static void
load_db (char *db_file, FILE *input_file)
{
long *db;
- int temp1;
int code;
char *temp_db_file;
- temp1 = strlen(db_file)+2;
- temp_db_file = malloc (temp1);
- strcpy(temp_db_file, db_file);
- strcat(temp_db_file, "~");
+ asprintf (&temp_db_file, "%s~", db_file);
+ if(temp_db_file == NULL)
+ errx (1, "out of memory");
/* Create the database */
if ((code = kerb_db_create(temp_db_file)) != 0)
@@ -244,15 +239,20 @@ update_ok_file (char *file_name)
/* handle slave locking/failure stuff */
char *file_ok;
int fd;
- static char ok[]=".dump_ok";
- asprintf (&file_ok, "%s%s", file_name, ok);
+ asprintf (&file_ok, "%s.dump_ok", file_name);
if (file_ok == NULL)
errx (1, "out of memory");
- if ((fd = open(file_ok, O_WRONLY|O_CREAT|O_TRUNC, 0400)) < 0)
+ if ((fd = open(file_ok, O_WRONLY|O_CREAT|O_TRUNC, 0600)) < 0)
err (1, "Error creating %s", file_ok);
free(file_ok);
close(fd);
+ /*
+ * Some versions of BSD don't update the mtime in the above open so
+ * we call utimes just in case.
+ */
+ if (utime(file_name, NULL) < 0)
+ err (1, "utime %s", file_name);
}
static void
@@ -271,10 +271,12 @@ convert_key_new_master (Principal *p)
(p->key_version)++;
} else {
copy_to_key(&p->key_low, &p->key_high, key);
- kdb_encrypt_key (&key, &key, &master_key, master_key_schedule, DES_DECRYPT);
+ kdb_encrypt_key (&key, &key, &master_key,
+ master_key_schedule, DES_DECRYPT);
}
- kdb_encrypt_key (&key, &key, &new_master_key, new_master_key_schedule, DES_ENCRYPT);
+ kdb_encrypt_key (&key, &key, &new_master_key,
+ new_master_key_schedule, DES_ENCRYPT);
copy_from_key(key, &(p->key_low), &(p->key_high));
memset(key, 0, sizeof (key)); /* a little paranoia ... */
@@ -319,9 +321,15 @@ convert_new_master_key (char *db_file, FILE *out)
dump_db (db_file, out, convert_key_new_master);
{
- char fname[128];
- snprintf(fname, sizeof(fname), "%s.new", MKEYFILE);
+ char *fname;
+
+ asprintf(&fname, "%s.new", MKEYFILE);
+ if(fname == NULL) {
+ clear_secrets();
+ errx(1, "malloc: failed");
+ }
kdb_kstash(&new_master_key, fname);
+ free(fname);
}
#endif /* RANDOM_MKEY */
}
diff --git a/crypto/kerberosIV/appl/Makefile.in b/crypto/kerberosIV/appl/Makefile.in
index c9512589525f..2cc839102df7 100644
--- a/crypto/kerberosIV/appl/Makefile.in
+++ b/crypto/kerberosIV/appl/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.27 1997/05/20 18:58:37 bg Exp $
+# $Id: Makefile.in,v 1.31 1998/04/26 09:59:31 assar Exp $
srcdir = @srcdir@
VPATH = @srcdir@
@@ -7,8 +7,8 @@ SHELL = /bin/sh
@SET_MAKE@
-SUBDIRS = sample kauth bsd movemail afsutil \
- kpopper xnlock kx otp @APPL_KIP_DIR@ ftp telnet
+SUBDIRS = sample kauth bsd movemail push afsutil \
+ popper xnlock kx @OTP_dir@ @APPL_KIP_DIR@ ftp telnet
all:
for i in $(SUBDIRS); \
@@ -40,4 +40,4 @@ realclean:
for i in $(SUBDIRS); \
do (cd $$i && $(MAKE) $(MFLAGS) realclean); done
-.PHONY: all install uninstall clean distclean realclean mostlyclean
+.PHONY: all Wall install uninstall clean mostlyclean distclean realclean
diff --git a/crypto/kerberosIV/appl/afsutil/Makefile.in b/crypto/kerberosIV/appl/afsutil/Makefile.in
new file mode 100644
index 000000000000..86adb88b5108
--- /dev/null
+++ b/crypto/kerberosIV/appl/afsutil/Makefile.in
@@ -0,0 +1,89 @@
+# $Id: Makefile.in,v 1.27 1999/03/10 19:01:10 joda Exp $
+
+SHELL = /bin/sh
+
+srcdir = @srcdir@
+VPATH = @srcdir@
+
+top_builddir = ../..
+
+CC = @CC@
+LINK = @LINK@
+AR = ar
+RANLIB = @RANLIB@
+DEFS = @DEFS@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
+LD_FLAGS= @LD_FLAGS@
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+LIBROKEN = -L../../lib/roken -lroken
+LIBS = @KRB_KAFS_LIB@ -L../../lib/krb -lkrb -L../../lib/des -ldes $(LIBROKEN) @LIBS@ $(LIBROKEN)
+MKINSTALLDIRS = @top_srcdir@/mkinstalldirs
+
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+libdir = @libdir@
+libexecdir = @libexecdir@
+bindir = @bindir@
+transform=@program_transform_name@
+EXECSUFFIX=@EXECSUFFIX@
+
+PROG_BIN = pagsh$(EXECSUFFIX) \
+ afslog$(EXECSUFFIX) \
+ kstring2key$(EXECSUFFIX)
+PROG_LIBEXEC =
+PROGS = $(PROG_BIN) $(PROG_LIBEXEC)
+
+SOURCES = pagsh.c aklog.c kstring2key.c
+
+OBJECTS = pagsh.o aklog.o kstring2key.o
+
+all: $(PROGS)
+
+Wall:
+ make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
+
+.c.o:
+ $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $<
+
+install: all
+ $(MKINSTALLDIRS) $(DESTDIR)$(bindir)
+ for x in $(PROG_BIN); do \
+ $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \
+ done
+
+uninstall:
+ for x in $(PROG_BIN); do \
+ rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \
+ done
+
+TAGS: $(SOURCES)
+ etags $(SOURCES)
+
+check:
+
+clean:
+ rm -f *.a *.o $(PROGS)
+
+mostlyclean: clean
+
+distclean: clean
+ rm -f Makefile *.tab.c *~
+
+realclean: distclean
+ rm -f TAGS
+
+pagsh$(EXECSUFFIX): pagsh.o
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ pagsh.o $(LIBS)
+
+afslog$(EXECSUFFIX): aklog.o
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ aklog.o $(LIBS)
+
+kstring2key$(EXECSUFFIX): kstring2key.o
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ kstring2key.o $(LIBS)
+
+
+$(OBJECTS): ../../include/config.h
+
+.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean
diff --git a/crypto/kerberosIV/appl/afsutil/aklog.c b/crypto/kerberosIV/appl/afsutil/aklog.c
new file mode 100644
index 000000000000..f3bcb8bd45af
--- /dev/null
+++ b/crypto/kerberosIV/appl/afsutil/aklog.c
@@ -0,0 +1,239 @@
+/*
+ * Copyright (c) 1995 - 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <ctype.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
+#include <sys/ioctl.h>
+#endif
+#ifdef HAVE_SYS_IOCCOM_H
+#include <sys/ioccom.h>
+#endif
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+#include <err.h>
+#include <krb.h>
+#include <kafs.h>
+
+#include <roken.h>
+
+RCSID("$Id: aklog.c,v 1.22.2.1 1999/07/22 03:13:22 assar Exp $");
+
+static int debug = 0;
+
+static void
+DEBUG(const char *, ...)
+#ifdef __GNUC__
+__attribute__ ((format (printf, 1, 2)))
+#endif
+;
+
+static void
+DEBUG(const char *fmt, ...)
+{
+ va_list ap;
+ if (debug) {
+ va_start(ap, fmt);
+ vwarnx(fmt, ap);
+ va_end(ap);
+ }
+}
+
+static char *
+expand_cell_name(char *cell)
+{
+ FILE *f;
+ static char buf[128];
+ char *p;
+
+ f = fopen(_PATH_CELLSERVDB, "r");
+ if(f == NULL)
+ return cell;
+ while(fgets(buf, sizeof(buf), f) != NULL) {
+ if(buf[0] == '>') {
+ for(p=buf; *p && !isspace(*p) && *p != '#'; p++)
+ ;
+ *p = '\0';
+ if(strstr(buf, cell)){
+ fclose(f);
+ return buf + 1;
+ }
+ }
+ buf[0] = 0;
+ }
+ fclose(f);
+ return cell;
+}
+
+static int
+createuser (char *cell)
+{
+ char cellbuf[64];
+ char name[ANAME_SZ];
+ char instance[INST_SZ];
+ char realm[REALM_SZ];
+ char cmd[1024];
+
+ if (cell == NULL) {
+ FILE *f;
+ int len;
+
+ f = fopen (_PATH_THISCELL, "r");
+ if (f == NULL)
+ err (1, "open(%s)", _PATH_THISCELL);
+ if (fgets (cellbuf, sizeof(cellbuf), f) == NULL)
+ err (1, "read cellname from %s", _PATH_THISCELL);
+ fclose (f);
+ len = strlen(cellbuf);
+ if (cellbuf[len-1] == '\n')
+ cellbuf[len-1] = '\0';
+ cell = cellbuf;
+ }
+
+ if(krb_get_default_principal(name, instance, realm))
+ errx (1, "Could not even figure out who you are");
+
+ snprintf (cmd, sizeof(cmd),
+ "pts createuser %s%s%s@%s -cell %s",
+ name, *instance ? "." : "", instance, strlwr(realm),
+ cell);
+ DEBUG("Executing %s", cmd);
+ return system(cmd);
+}
+
+int
+main(int argc, char **argv)
+{
+ int i;
+ int do_aklog = -1;
+ int do_createuser = -1;
+ char *cell = NULL;
+ char *realm = NULL;
+ char cellbuf[64];
+
+ set_progname (argv[0]);
+
+ if(!k_hasafs())
+ exit(1);
+
+ for(i = 1; i < argc; i++){
+ if(!strncmp(argv[i], "-createuser", 11)){
+ do_createuser = do_aklog = 1;
+
+ }else if(!strncmp(argv[i], "-c", 2) && i + 1 < argc){
+ cell = expand_cell_name(argv[++i]);
+ do_aklog = 1;
+
+ }else if(!strncmp(argv[i], "-k", 2) && i + 1 < argc){
+ realm = argv[++i];
+
+ }else if(!strncmp(argv[i], "-p", 2) && i + 1 < argc){
+ if(k_afs_cell_of_file(argv[++i], cellbuf, sizeof(cellbuf)))
+ errx (1, "No cell found for file \"%s\".", argv[i]);
+ else
+ cell = cellbuf;
+ do_aklog = 1;
+
+ }else if(!strncmp(argv[i], "-unlog", 6)){
+ exit(k_unlog());
+
+ }else if(!strncmp(argv[i], "-hosts", 6)){
+ warnx ("Argument -hosts is not implemented.");
+
+ }else if(!strncmp(argv[i], "-zsubs", 6)){
+ warnx("Argument -zsubs is not implemented.");
+
+ }else if(!strncmp(argv[i], "-noprdb", 6)){
+ warnx("Argument -noprdb is not implemented.");
+
+ }else if(!strncmp(argv[i], "-d", 6)){
+ debug = 1;
+
+ }else{
+ if(!strcmp(argv[i], ".") ||
+ !strcmp(argv[i], "..") ||
+ strchr(argv[i], '/')){
+ DEBUG("I guess that \"%s\" is a filename.", argv[i]);
+ if(k_afs_cell_of_file(argv[i], cellbuf, sizeof(cellbuf)))
+ errx (1, "No cell found for file \"%s\".", argv[i]);
+ else {
+ cell = cellbuf;
+ DEBUG("The file \"%s\" lives in cell \"%s\".", argv[i], cell);
+ }
+ }else{
+ cell = expand_cell_name(argv[i]);
+ DEBUG("I guess that %s is cell %s.", argv[i], cell);
+ }
+ do_aklog = 1;
+ }
+ if(do_aklog == 1){
+ do_aklog = 0;
+ if(krb_afslog(cell, realm))
+ errx (1, "Failed getting tokens for cell %s in realm %s.",
+ cell?cell:"(local cell)", realm?realm:"(local realm)");
+ }
+ if(do_createuser == 1) {
+ do_createuser = 0;
+ if(createuser(cell))
+ errx (1, "Failed creating user in cell %s", cell?cell:"(local cell)");
+ }
+ }
+ if(do_aklog == -1 && do_createuser == -1 && krb_afslog(0, realm))
+ errx (1, "Failed getting tokens for cell %s in realm %s.",
+ cell?cell:"(local cell)", realm?realm:"(local realm)");
+ return 0;
+}
diff --git a/crypto/kerberosIV/appl/afsutil/kstring2key.c b/crypto/kerberosIV/appl/afsutil/kstring2key.c
new file mode 100644
index 000000000000..30482f0d692d
--- /dev/null
+++ b/crypto/kerberosIV/appl/afsutil/kstring2key.c
@@ -0,0 +1,142 @@
+/*
+ * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "config.h"
+
+RCSID("$Id: kstring2key.c,v 1.14 1998/06/09 19:24:14 joda Exp $");
+
+#include <stdio.h>
+#include <string.h>
+#include <ctype.h>
+#include <err.h>
+
+#include <roken.h>
+
+#include <des.h>
+#include <krb.h>
+
+#define VERIFY 0
+
+static void
+usage(void)
+{
+ fprintf(stderr,
+ "Usage: %s [-c AFS cellname] [ -5 krb5salt ] [ password ]\n",
+ __progname);
+ fprintf(stderr,
+ " krb5salt is realmname APPEND principal APPEND instance\n");
+ exit(1);
+}
+
+static
+void
+krb5_string_to_key(char *str,
+ char *salt,
+ des_cblock *key)
+{
+ char *foo;
+
+ asprintf(&foo, "%s%s", str, salt);
+ if (foo == NULL)
+ errx (1, "malloc: out of memory");
+ des_string_to_key(foo, key);
+ free (foo);
+}
+
+
+int
+main(int argc, char **argv)
+{
+ des_cblock key;
+ char buf[1024];
+ char *cellname = 0, *salt = 0;
+
+ set_progname (argv[0]);
+
+ if (argc >= 3 && argv[1][0] == '-' && argv[1][1] == 'c')
+ {
+ cellname = argv[2];
+ argv += 2;
+ argc -= 2;
+ }
+ else if (argc >= 3 && argv[1][0] == '-' && argv[1][1] == '5')
+ {
+ salt = argv[2];
+ argv += 2;
+ argc -= 2;
+ }
+ if (argc >= 2 && argv[1][0] == '-')
+ usage();
+
+ switch (argc) {
+ case 1:
+ if (des_read_pw_string(buf, sizeof(buf)-1, "password: ", VERIFY))
+ errx (1, "Error reading password.");
+ break;
+ case 2:
+ strcpy_truncate(buf, argv[1], sizeof(buf));
+ break;
+ default:
+ usage();
+ break;
+ }
+
+ if (cellname != 0)
+ afs_string_to_key(buf, cellname, &key);
+ else if (salt != 0)
+ krb5_string_to_key(buf, salt, &key);
+ else
+ des_string_to_key(buf, &key);
+
+ {
+ int j;
+ unsigned char *tkey = (unsigned char *) &key;
+ printf("ascii = ");
+ for(j = 0; j < 8; j++)
+ if(tkey[j] != '\\' && isalpha(tkey[j]) != 0)
+ printf("%c", tkey[j]);
+ else
+ printf("\\%03o",(unsigned char)tkey[j]);
+ printf("\n");
+ printf("hex = ");
+ for(j = 0; j < 8; j++)
+ printf("%02x",(unsigned char)tkey[j]);
+ printf("\n");
+ }
+ exit(0);
+}
diff --git a/crypto/kerberosIV/appl/afsutil/pagsh.c b/crypto/kerberosIV/appl/afsutil/pagsh.c
new file mode 100644
index 000000000000..1f02ee8f0c37
--- /dev/null
+++ b/crypto/kerberosIV/appl/afsutil/pagsh.c
@@ -0,0 +1,141 @@
+/*
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+RCSID("$Id: pagsh.c,v 1.21 1999/03/11 13:56:55 joda Exp $");
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#include <time.h>
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+
+#include <err.h>
+#include <roken.h>
+
+#include <krb.h>
+#include <kafs.h>
+
+int
+main(int argc, char **argv)
+{
+ int f;
+ char tf[1024];
+ char *p;
+
+ char *path;
+ char **args;
+ int i;
+
+ do {
+ snprintf(tf, sizeof(tf), "%s%u_%u", TKT_ROOT, (unsigned int)getuid(),
+ (unsigned int)(getpid()*time(0)));
+ f = open(tf, O_CREAT|O_EXCL|O_RDWR);
+ } while(f < 0);
+ close(f);
+ unlink(tf);
+ setenv("KRBTKFILE", tf, 1);
+
+ i = 0;
+
+ args = (char **) malloc((argc + 10)*sizeof(char *));
+ if (args == NULL)
+ errx (1, "Out of memory allocating %lu bytes",
+ (unsigned long)((argc + 10)*sizeof(char *)));
+
+ argv++;
+
+ if(*argv == NULL) {
+ path = getenv("SHELL");
+ if(path == NULL){
+ struct passwd *pw = k_getpwuid(geteuid());
+ path = strdup(pw->pw_shell);
+ }
+ } else {
+ if(strcmp(*argv, "-c") == 0) argv++;
+ path = strdup(*argv++);
+ }
+ if (path == NULL)
+ errx (1, "Out of memory copying path");
+
+ p=strrchr(path, '/');
+ if(p)
+ args[i] = strdup(p+1);
+ else
+ args[i] = strdup(path);
+
+ if (args[i++] == NULL)
+ errx (1, "Out of memory copying arguments");
+
+ while(*argv)
+ args[i++] = *argv++;
+
+ args[i++] = NULL;
+
+ if(k_hasafs())
+ k_setpag();
+
+ execvp(path, args);
+ if (errno == ENOENT) {
+ char **sh_args = malloc ((i + 2) * sizeof(char *));
+ int j;
+
+ if (sh_args == NULL)
+ errx (1, "Out of memory copying sh arguments");
+ for (j = 1; j < i; ++j)
+ sh_args[j + 2] = args[j];
+ sh_args[0] = "sh";
+ sh_args[1] = "-c";
+ sh_args[2] = path;
+ execv ("/bin/sh", sh_args);
+ }
+ perror("execvp");
+ exit(1);
+}
diff --git a/crypto/kerberosIV/appl/bsd/Makefile.in b/crypto/kerberosIV/appl/bsd/Makefile.in
index 57a810890094..fdda8c19e28a 100644
--- a/crypto/kerberosIV/appl/bsd/Makefile.in
+++ b/crypto/kerberosIV/appl/bsd/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.56 1997/05/20 20:35:04 assar Exp $
+# $Id: Makefile.in,v 1.68 1999/03/27 17:05:34 joda Exp $
SHELL = /bin/sh
@@ -6,13 +6,15 @@ srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
-topdir = ../..
+top_builddir = ../..
CC = @CC@
+LINK = @LINK@
AR = ar
RANLIB = @RANLIB@
DEFS = @DEFS@ -DBINDIR='"$(bindir)"'
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
LD_FLAGS = @LD_FLAGS@
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
@@ -39,19 +41,20 @@ PROG_LIBEXEC = rshd$(EXECSUFFIX) \
PROGS = $(PROG_SUIDBIN) $(PROG_BIN) $(PROG_LIBEXEC)
SOURCES = rsh.c kcmd.c krcmd.c rlogin.c rcp.c rcp_util.c rshd.c \
- login.c klogin.c login_access.c su.c rlogind.c iruserok.c \
+ login.c klogin.c login_access.c su.c rlogind.c \
login_fbtab.c forkpty.c sysv_default.c sysv_environ.c sysv_shadow.c \
- utmp_login.c utmpx_login.c stty_default.c encrypt.c rcmd_util.c tty.c
+ utmp_login.c utmpx_login.c stty_default.c encrypt.c rcmd_util.c tty.c \
+ osfc2.c
rsh_OBJS = rsh.o kcmd.o krcmd.o encrypt.o rcmd_util.o
-rcp_OBJS = rcp.o rcp_util.o kcmd.o krcmd.o encrypt.o rcmd_util.o
+rcp_OBJS = rcp.o rcp_util.o kcmd.o krcmd.o encrypt.o rcmd_util.o osfc2.o
rlogin_OBJS = rlogin.o kcmd.o krcmd.o encrypt.o rcmd_util.o
login_OBJS = login.o klogin.o login_fbtab.o login_access.o \
sysv_default.o sysv_environ.o sysv_shadow.o \
- utmp_login.o utmpx_login.o stty_default.o tty.o
+ utmp_login.o utmpx_login.o stty_default.o tty.o osfc2.o
su_OBJS = su.o
-rshd_OBJS = rshd.o iruserok.o encrypt.o rcmd_util.o
-rlogind_OBJS = rlogind.o iruserok.o forkpty.o encrypt.o rcmd_util.o tty.o
+rshd_OBJS = rshd.o encrypt.o rcmd_util.o osfc2.o
+rlogind_OBJS = rlogind.o forkpty.o encrypt.o rcmd_util.o tty.o
all: $(PROGS)
@@ -60,30 +63,30 @@ Wall:
make CFLAGS="-g -Wall -Wno-comment -Wmissing-prototypes -Wmissing-declarations -D__USE_FIXED_PROTOTYPES__"
.c.o:
- $(CC) -c $(CPPFLAGS) $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $<
+ $(CC) -c $(DEFS) -I../../include -I$(srcdir) $(CFLAGS) $(CPPFLAGS) $<
install: all
- $(MKINSTALLDIRS) $(libexecdir)
+ $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir)
for x in $(PROG_LIBEXEC); do \
- $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x| sed '$(transform)'`; \
+ $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x| sed '$(transform)'`; \
done
- $(MKINSTALLDIRS) $(bindir)
+ $(MKINSTALLDIRS) $(DESTDIR)$(bindir)
for x in $(PROG_BIN); do \
- $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x| sed '$(transform)'`; \
+ $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \
done
-for x in $(PROG_SUIDBIN); do \
- $(INSTALL_PROGRAM) -o root -m 04555 $$x $(bindir)/`echo $$x| sed '$(transform)'`; \
+ $(INSTALL_PROGRAM) -o root -m 04555 $$x $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \
done
uninstall:
for x in $(PROG_LIBEXEC); do \
- rm -f $(libexecdir)/`echo $$x| sed '$(transform)'`; \
+ rm -f $(DESTDIR)$(libexecdir)/`echo $$x| sed '$(transform)'`; \
done
for x in $(PROG_BIN); do \
- rm -f $(bindir)/`echo $$x| sed '$(transform)'`; \
+ rm -f $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \
done
for x in $(PROG_SUIDBIN); do \
- rm -f $(bindir)/`echo $$x| sed '$(transform)'`; \
+ rm -f $(DESTDIR)$(bindir)/`echo $$x| sed '$(transform)'`; \
done
TAGS: $(SOURCES)
@@ -102,34 +105,32 @@ distclean: clean
realclean: distclean
rm -f TAGS
-dist: $(DISTFILES)
- for file in $(DISTFILES); do \
- ln $$file ../`cat ../.fname`/lib \
- || cp -p $$file ../`cat ../.fname`/lib; \
- done
-
KLIB=-L../../lib/krb -lkrb -L../../lib/des -ldes
KLIB_AFS=@KRB_KAFS_LIB@ $(KLIB)
-OTPLIB=-L../../lib/otp -lotp
+OTPLIB=@LIB_otp@
LIBROKEN=-L../../lib/roken -lroken
+LIB_security=@LIB_security@
+
rcp$(EXECSUFFIX): $(rcp_OBJS)
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rcp_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rcp_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN) $(LIB_security)
rsh$(EXECSUFFIX): $(rsh_OBJS)
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rsh_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rsh_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
rshd$(EXECSUFFIX): $(rshd_OBJS)
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rshd_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rshd_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN) $(LIB_security)
rlogin$(EXECSUFFIX): $(rlogin_OBJS)
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rlogin_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rlogin_OBJS) $(KLIB) $(LIBROKEN) $(LIBS) $(LIBROKEN)
rlogind$(EXECSUFFIX): $(rlogind_OBJS)
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rlogind_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(rlogind_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
login$(EXECSUFFIX): $(login_OBJS)
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(login_OBJS) $(OTPLIB) $(KLIB_AFS) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(login_OBJS) $(OTPLIB) $(KLIB_AFS) $(LIBROKEN) $(LIB_DBM) $(LIBS) $(LIBROKEN) $(LIB_security)
su$(EXECSUFFIX): $(su_OBJS)
- $(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(su_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+ $(LINK) $(LD_FLAGS) $(LDFLAGS) -o $@ $(su_OBJS) $(KLIB_AFS) $(LIBROKEN) $(LIBS) $(LIBROKEN)
+
+.PHONY: all Wall install uninstall check clean mostlyclean distclean realclean
diff --git a/crypto/kerberosIV/appl/bsd/bsd_locl.h b/crypto/kerberosIV/appl/bsd/bsd_locl.h
index d0b37aa56f66..2731f0387713 100644
--- a/crypto/kerberosIV/appl/bsd/bsd_locl.h
+++ b/crypto/kerberosIV/appl/bsd/bsd_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -36,7 +36,7 @@
* SUCH DAMAGE.
*/
-/* $Id: bsd_locl.h,v 1.98 1997/05/25 01:14:17 assar Exp $ */
+/* $Id: bsd_locl.h,v 1.109.2.1 1999/07/22 03:13:49 assar Exp $ */
#define LOGALL
#define KERBEROS
@@ -49,7 +49,7 @@
#endif
/* Any better way to test NO_MOTD? */
-#if (SunOS == 5) || defined(__hpux)
+#if (SunOS >= 50) || defined(__hpux)
#define NO_MOTD
#endif
@@ -62,13 +62,20 @@
#include <stdlib.h>
#include <ctype.h>
#include <setjmp.h>
+#include <limits.h>
#include <stdarg.h>
#include <errno.h>
+#ifdef HAVE_IO_H
+#include <io.h>
+#endif
#ifdef HAVE_UNISTD_H
#include <unistd.h>
#endif
+#ifdef HAVE_LIBUTIL_H
+#include <libutil.h>
+#endif
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
@@ -145,7 +152,7 @@
#include <netdb.h>
#endif
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
+#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
#include <sys/ioctl.h>
#endif
#ifdef HAVE_SYS_IOCCOM_H
@@ -228,10 +235,10 @@
#ifdef HAVE_UTMP_H
#include <utmp.h>
-#endif
#ifndef UT_NAMESIZE
#define UT_NAMESIZE sizeof(((struct utmp *)0)->ut_name)
#endif
+#endif
#ifdef HAVE_UTMPX_H
#include <utmpx.h>
@@ -242,9 +249,14 @@
#endif /* HAVE_USERPW_H */
#ifdef HAVE_USERSEC_H
+struct aud_rec;
#include <usersec.h>
#endif /* HAVE_USERSEC_H */
+#ifdef HAVE_OSFC2
+#include "/usr/include/prot.h"
+#endif
+
#ifndef PRIO_PROCESS
#define PRIO_PROCESS 0
#endif
@@ -255,6 +267,9 @@
#ifdef SOCKS
#include <socks.h>
+/* This doesn't belong here. */
+struct tm *localtime(const time_t *);
+struct hostent *gethostbyname(const char *);
#endif
#include <des.h>
@@ -289,6 +304,9 @@ int susystem(char *s, int userid);
int forkpty(int *amaster, char *name,
struct termios *termp, struct winsize *winp);
+int forkpty_truncate(int *amaster, char *name, size_t name_sz,
+ struct termios *termp, struct winsize *winp);
+
#ifndef MODEMASK
#define MODEMASK (S_ISUID|S_ISGID|S_ISTXT|S_IRWXU|S_IRWXG|S_IRWXO)
#endif
@@ -310,11 +328,7 @@ extern char **environ;
void sysv_newenv(int argc, char **argv, struct passwd *pwd,
char *term, int pflag);
-int login_access(char *user, char *from);
-#ifndef HAVE_IRUSEROK
-int iruserok(u_int32_t raddr, int superuser, const char *ruser,
- const char *luser);
-#endif
+int login_access(struct passwd *user, char *from);
void fatal(int f, const char *msg, int syserr);
extern int LEFT_JUSTIFIED;
@@ -323,6 +337,10 @@ int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
des_cblock *iv);
+/* used in des_read and des_write */
+#define DES_RW_MAXWRITE (1024*16)
+#define DES_RW_BSIZE (DES_RW_MAXWRITE+4)
+
void sysv_defaults(void);
void utmp_login(char *tty, char *username, char *hostname);
void sleepexit (int);
@@ -342,11 +360,11 @@ void sleepexit (int);
#ifndef _POSIX_VDISABLE
#define _POSIX_VDISABLE 0
#endif /* _POSIX_VDISABLE */
-#if SunOS == 4
+#if SunOS == 40
#include <sys/ttold.h>
#endif
-#if defined(_AIX)
+#if defined(HAVE_SYS_TERMIO_H) && !defined(HAVE_TERMIOS_H)
#include <sys/termio.h>
#endif
@@ -376,5 +394,9 @@ __attribute__ ((format (printf, 1, 2)))
char *clean_ttyname (char *tty);
char *make_id (char *tty);
+#ifdef HAVE_UTMP_H
void prepare_utmp (struct utmp *utmp, char *tty, char *username,
char *hostname);
+#endif
+
+int do_osfc2_magic(uid_t);
diff --git a/crypto/kerberosIV/appl/bsd/encrypt.c b/crypto/kerberosIV/appl/bsd/encrypt.c
index b74f329c4d79..9f835c6a7cf0 100644
--- a/crypto/kerberosIV/appl/bsd/encrypt.c
+++ b/crypto/kerberosIV/appl/bsd/encrypt.c
@@ -46,13 +46,7 @@
#include "bsd_locl.h"
-RCSID("$Id: encrypt.c,v 1.3 1996/04/30 13:50:54 bg Exp $");
-
-#undef BSIZE
-
-/* used in des_read and des_write */
-#define MAXWRITE (1024*16)
-#define BSIZE (MAXWRITE+4)
+RCSID("$Id: encrypt.c,v 1.4 1999/06/17 18:47:26 assar Exp $");
/* replacements for htonl and ntohl since I have no idea what to do
* when faced with machines with 8 byte longs. */
@@ -78,11 +72,11 @@ des_enc_read(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock
{
/* data to be unencrypted */
int net_num=0;
- unsigned char net[BSIZE];
+ unsigned char net[DES_RW_BSIZE];
/* extra unencrypted data
* for when a block of 100 comes in but is des_read one byte at
* a time. */
- static char unnet[BSIZE];
+ static char unnet[DES_RW_BSIZE];
static int unnet_start=0;
static int unnet_left=0;
int i;
@@ -114,7 +108,7 @@ des_enc_read(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock
}
/* We need to get more data. */
- if (len > MAXWRITE) len=MAXWRITE;
+ if (len > DES_RW_MAXWRITE) len=DES_RW_MAXWRITE;
/* first - get the length */
net_num=0;
@@ -133,7 +127,7 @@ des_enc_read(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock
/* num should be rounded up to the next group of eight
* we make sure that we have read a multiple of 8 bytes from the net.
*/
- if ((num > MAXWRITE) || (num < 0)) /* error */
+ if ((num > DES_RW_MAXWRITE) || (num < 0)) /* error */
return(-1);
rnum=(num < 8)?8:((num+7)/8*8);
@@ -172,7 +166,7 @@ des_enc_read(int fd, char *buf, int len, struct des_ks_struct *sched, des_cblock
* FIXED - Should be ok now 18-9-90 - eay */
if (len < rnum)
{
- char tmpbuf[BSIZE];
+ char tmpbuf[DES_RW_BSIZE];
if (des_rw_mode & DES_PCBC_MODE)
des_pcbc_encrypt((des_cblock *)net,
@@ -223,7 +217,7 @@ des_enc_write(int fd, char *buf, int len, struct des_ks_struct *sched, des_cbloc
{
long rnum;
int i,j,k,outnum;
- char outbuf[BSIZE+HDRSIZE];
+ char outbuf[DES_RW_BSIZE+HDRSIZE];
char shortbuf[8];
char *p;
static int start=1;
@@ -237,13 +231,13 @@ des_enc_write(int fd, char *buf, int len, struct des_ks_struct *sched, des_cbloc
}
/* lets recurse if we want to send the data in small chunks */
- if (len > MAXWRITE)
+ if (len > DES_RW_MAXWRITE)
{
j=0;
for (i=0; i<len; i+=k)
{
k=des_enc_write(fd,&(buf[i]),
- ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
+ ((len-i) > DES_RW_MAXWRITE)?DES_RW_MAXWRITE:(len-i),sched,iv);
if (k < 0)
return(k);
else
diff --git a/crypto/kerberosIV/appl/bsd/forkpty.c b/crypto/kerberosIV/appl/bsd/forkpty.c
index 5c0aaafa40aa..0ab7ef24dcaf 100644
--- a/crypto/kerberosIV/appl/bsd/forkpty.c
+++ b/crypto/kerberosIV/appl/bsd/forkpty.c
@@ -40,7 +40,7 @@
#ifndef HAVE_FORKPTY
-RCSID("$Id: forkpty.c,v 1.52 1997/05/25 07:37:01 assar Exp $");
+RCSID("$Id: forkpty.c,v 1.53.2.2 1999/08/19 13:37:16 assar Exp $");
/* Only CRAY is known to have problems with forkpty(). */
#if defined(CRAY)
@@ -150,7 +150,9 @@ pty_scan_tty(char *buf, size_t sz)
}
static int
-ptym_open_streams_flavor(char *pts_name, int *streams_pty)
+ptym_open_streams_flavor(char *pts_name,
+ size_t pts_name_sz,
+ int *streams_pty)
{
/* Try clone device master ptys */
const char *const clone[] = { "/dev/ptc", "/dev/ptmx",
@@ -166,7 +168,8 @@ ptym_open_streams_flavor(char *pts_name, int *streams_pty)
if (fdm >= 0) {
char *ptr1;
if ((ptr1 = ptsname(fdm)) != NULL) /* Get slave's name */
- strcpy(pts_name, ptr1); /* Return name of slave */
+ /* Return name of slave */
+ strcpy_truncate(pts_name, ptr1, pts_name_sz);
else {
close(fdm);
return(-4);
@@ -185,7 +188,7 @@ ptym_open_streams_flavor(char *pts_name, int *streams_pty)
}
static int
-ptym_open_bsd_flavor(char *pts_name, int *streams_pty)
+ptym_open_bsd_flavor(char *pts_name, size_t pts_name_sz, int *streams_pty)
{
int fdm;
char ptm[MaxPathLen];
@@ -196,7 +199,7 @@ ptym_open_bsd_flavor(char *pts_name, int *streams_pty)
fdm = open(ptm, O_RDWR);
if (fdm < 0)
continue;
-#if SunOS == 4
+#if SunOS == 40
/* Avoid a bug in SunOS4 ttydriver */
if (fdm > 0) {
int pgrp;
@@ -265,14 +268,14 @@ ptym_open(char *pts_name, size_t pts_name_sz, int *streams_pty)
char *p = _getpty(&fdm, O_RDWR, 0600, 1);
if (p) {
*streams_pty = 1;
- strcpy (pts_name, p);
+ strcpy_truncate (pts_name, p, pts_name_sz);
return fdm;
}
}
#endif
#ifdef STREAMSPTY
- fdm = ptym_open_streams_flavor(pts_name, streams_pty);
+ fdm = ptym_open_streams_flavor(pts_name, pts_name_sz, streams_pty);
if (fdm >= 0)
{
*streams_pty = 1;
@@ -280,7 +283,7 @@ ptym_open(char *pts_name, size_t pts_name_sz, int *streams_pty)
}
#endif
- fdm = ptym_open_bsd_flavor(pts_name, streams_pty);
+ fdm = ptym_open_bsd_flavor(pts_name, pts_name_sz, streams_pty);
if (fdm >= 0)
{
*streams_pty = 0;
@@ -288,7 +291,7 @@ ptym_open(char *pts_name, size_t pts_name_sz, int *streams_pty)
}
#ifndef STREAMSPTY
- fdm = ptym_open_streams_flavor(pts_name, streams_pty);
+ fdm = ptym_open_streams_flavor(pts_name, pts_name_sz, streams_pty);
if (fdm >= 0)
{
*streams_pty = 1;
@@ -363,8 +366,10 @@ ptys_open(int fdm, char *pts_name, int streams_pty)
gid = -1; /* group tty is not in the group file */
/* Grant access to slave */
- chown(pts_name, getuid(), gid);
- chmod(pts_name, S_IRUSR | S_IWUSR | S_IWGRP);
+ if (chown(pts_name, getuid(), gid) < 0)
+ fatal(0, "chown slave tty failed", 1);
+ if (chmod(pts_name, S_IRUSR | S_IWUSR | S_IWGRP) < 0)
+ fatal(0, "chmod slave tty failed", 1);
if ( (fds = open(pts_name, O_RDWR)) < 0) {
close(fdm);
@@ -375,10 +380,11 @@ ptys_open(int fdm, char *pts_name, int streams_pty)
}
int
-forkpty(int *ptrfdm,
- char *slave_name,
- struct termios *slave_termios,
- struct winsize *slave_winsize)
+forkpty_truncate(int *ptrfdm,
+ char *slave_name,
+ size_t slave_name_sz,
+ struct termios *slave_termios,
+ struct winsize *slave_winsize)
{
int fdm, fds, streams_pty;
pid_t pid;
@@ -391,7 +397,8 @@ forkpty(int *ptrfdm,
return -1;
if (slave_name != NULL)
- strcpy(slave_name, pts_name); /* Return name of slave */
+ /* Return name of slave */
+ strcpy_truncate(slave_name, pts_name, slave_name_sz);
pid = fork();
if (pid < 0)
@@ -458,4 +465,18 @@ forkpty(int *ptrfdm,
return(pid); /* Parent returns pid of child */
}
}
+
+int
+forkpty(int *ptrfdm,
+ char *slave_name,
+ struct termios *slave_termios,
+ struct winsize *slave_winsize)
+{
+ return forkpty_truncate (ptrfdm,
+ slave_name,
+ MaxPathLen,
+ slave_termios,
+ slave_winsize);
+}
+
#endif /* HAVE_FORKPTY */
diff --git a/crypto/kerberosIV/appl/bsd/kcmd.c b/crypto/kerberosIV/appl/bsd/kcmd.c
index 9fa7ab285aac..af2035749e64 100644
--- a/crypto/kerberosIV/appl/bsd/kcmd.c
+++ b/crypto/kerberosIV/appl/bsd/kcmd.c
@@ -33,7 +33,7 @@
#include "bsd_locl.h"
-RCSID("$Id: kcmd.c,v 1.19 1997/05/02 14:27:42 assar Exp $");
+RCSID("$Id: kcmd.c,v 1.20 1998/07/13 13:54:07 assar Exp $");
#define START_PORT 5120 /* arbitrary */
@@ -100,6 +100,7 @@ kcmd(int *sock,
int rc;
char *host_save;
int status;
+ char **h_addr_list;
pid = getpid();
hp = gethostbyname(*ahost);
@@ -112,6 +113,7 @@ kcmd(int *sock,
if (host_save == NULL)
return -1;
*ahost = host_save;
+ h_addr_list = hp->h_addr_list;
/* If realm is null, look up from table */
if (realm == NULL || realm[0] == '\0')
@@ -127,7 +129,7 @@ kcmd(int *sock,
return (-1);
}
sin.sin_family = hp->h_addrtype;
- memcpy (&sin.sin_addr, hp->h_addr, sizeof(sin.sin_addr));
+ memcpy (&sin.sin_addr, h_addr_list[0], sizeof(sin.sin_addr));
sin.sin_port = rport;
if (connect(s, (struct sockaddr *)&sin, sizeof(sin)) >= 0)
break;
@@ -144,12 +146,12 @@ kcmd(int *sock,
timo *= 2;
continue;
}
- if (hp->h_addr_list[1] != NULL) {
+ if (h_addr_list[1] != NULL) {
warn ("kcmd: connect (%s)",
inet_ntoa(sin.sin_addr));
- hp->h_addr_list++;
+ h_addr_list++;
memcpy(&sin.sin_addr,
- hp->h_addr_list[0],
+ *h_addr_list,
sizeof(sin.sin_addr));
fprintf(stderr, "Trying %s...\n",
inet_ntoa(sin.sin_addr));
diff --git a/crypto/kerberosIV/appl/bsd/klogin.c b/crypto/kerberosIV/appl/bsd/klogin.c
index 321da64cbf9b..41002dca8f25 100644
--- a/crypto/kerberosIV/appl/bsd/klogin.c
+++ b/crypto/kerberosIV/appl/bsd/klogin.c
@@ -33,7 +33,7 @@
#include "bsd_locl.h"
-RCSID("$Id: klogin.c,v 1.20 1997/05/02 14:27:42 assar Exp $");
+RCSID("$Id: klogin.c,v 1.24 1999/03/15 13:34:12 bg Exp $");
#ifdef KERBEROS
@@ -44,6 +44,63 @@ extern char *krbtkfile_env;
static char tkt_location[MaxPathLen];
+static int
+multiple_get_tkt(char *name,
+ char *instance,
+ char *realm,
+ char *service,
+ char *sinstance,
+ int life,
+ char *password)
+{
+ int n;
+ char rlm[256];
+#define ERICSSON_COMPAT 1
+#ifdef ERICSSON_COMPAT
+ FILE *f;
+
+ f = fopen("/etc/krb.localrealms", "r");
+ if (f != NULL) {
+ while (fgets(rlm, sizeof(rlm), f) != NULL) {
+ if (rlm[strlen(rlm) - 1] == '\n')
+ rlm[strlen(rlm) - 1] = '\0';
+
+ if (krb_get_pw_in_tkt(name,
+ instance,
+ rlm,
+ service,
+ realm,
+ life,
+ password) == KSUCCESS) {
+ fclose(f);
+ return KSUCCESS;
+ }
+ }
+ return krb_get_pw_in_tkt(name,
+ instance,
+ realm,
+ service,
+ realm,
+ life,
+ password);
+ }
+#endif
+ /* First try to verify against the supplied realm. */
+ if (krb_get_pw_in_tkt(name, instance, realm, service, realm, life, password)
+ == KSUCCESS)
+ return KSUCCESS;
+
+ /* Verify all local realms, except the supplied realm. */
+ for (n = 1; krb_get_lrealm(rlm, n) == KSUCCESS; n++)
+ if (strcmp(rlm, realm) != 0)
+ if (krb_get_pw_in_tkt(name, instance, rlm,service, realm, life, password)
+ == KSUCCESS)
+ return KSUCCESS;
+
+ return KFAILURE;
+
+}
+
/*
* Attempt to log the user in using Kerberos authentication
*
@@ -73,7 +130,7 @@ klogin(struct passwd *pw, char *instance, char *localhost, char *password)
* without issuing any tickets.
*/
if (strcmp(pw->pw_name, "root") == 0 ||
- krb_get_lrealm(realm, 0) != KSUCCESS)
+ krb_get_lrealm(realm, 1) != KSUCCESS)
return (1);
noticketsdontcomplain = 0; /* enable warning message */
@@ -96,9 +153,25 @@ klogin(struct passwd *pw, char *instance, char *localhost, char *password)
krbtkfile_env = tkt_location;
krb_set_tkt_string(tkt_location);
- kerror = krb_get_pw_in_tkt(pw->pw_name, instance,
- realm, KRB_TICKET_GRANTING_TICKET, realm,
- DEFAULT_TKT_LIFE, password);
+ /*
+ * Set real as well as effective ID to 0 for the moment,
+ * to make the kerberos library do the right thing.
+ */
+ if (setuid(0) < 0) {
+ warnx("setuid");
+ return (1);
+ }
+
+ /*
+ * Get ticket
+ */
+ kerror = multiple_get_tkt(pw->pw_name,
+ instance,
+ realm,
+ KRB_TICKET_GRANTING_TICKET,
+ realm,
+ DEFAULT_TKT_LIFE,
+ password);
/*
* If we got a TGT, get a local "rcmd" ticket and check it so as to
@@ -121,8 +194,7 @@ klogin(struct passwd *pw, char *instance, char *localhost, char *password)
if (chown(TKT_FILE, pw->pw_uid, pw->pw_gid) < 0)
syslog(LOG_ERR, "chown tkfile (%s): %m", TKT_FILE);
- strncpy(savehost, krb_get_phost(localhost), sizeof(savehost));
- savehost[sizeof(savehost)-1] = '\0';
+ strcpy_truncate(savehost, krb_get_phost(localhost), sizeof(savehost));
#ifdef KLOGIN_PARANOID
/*
diff --git a/crypto/kerberosIV/appl/bsd/login.c b/crypto/kerberosIV/appl/bsd/login.c
index c436f8db98bb..702c5ff15776 100644
--- a/crypto/kerberosIV/appl/bsd/login.c
+++ b/crypto/kerberosIV/appl/bsd/login.c
@@ -38,10 +38,18 @@
*/
#include "bsd_locl.h"
+#ifdef HAVE_CAPABILITY_H
+#include <capability.h>
+#endif
+#ifdef HAVE_SYS_CAPABILITY_H
+#include <sys/capability.h>
+#endif
-RCSID("$Id: login.c,v 1.104 1997/05/20 20:35:06 assar Exp $");
+RCSID("$Id: login.c,v 1.120.2.2 1999/09/02 08:55:26 joda Exp $");
+#ifdef OTP
#include <otp.h>
+#endif
#include "sysv_default.h"
#ifdef SYSV_SHADOW
@@ -93,22 +101,20 @@ static char rusername[100], lusername[100];
static int
change_passwd(struct passwd *who)
{
- int status;
- int pid;
- int wpid;
+ int status;
+ pid_t pid;
- switch (pid = fork()) {
- case -1:
- warn("fork /bin/passwd");
- sleepexit(1);
- case 0:
- execlp("/bin/passwd", "passwd", who->pw_name, (char *) 0);
- _exit(1);
- default:
- while ((wpid = wait(&status)) != -1 && wpid != pid)
- /* void */ ;
- return (status);
- }
+ switch (pid = fork()) {
+ case -1:
+ warn("fork /bin/passwd");
+ sleepexit(1);
+ case 0:
+ execlp("/bin/passwd", "passwd", who->pw_name, (char *) 0);
+ _exit(1);
+ default:
+ waitpid(pid, &status, 0);
+ return (status);
+ }
}
#ifndef NO_MOTD /* message of the day stuff */
@@ -177,7 +183,9 @@ main(int argc, char **argv)
char localhost[MaxHostNameLen];
char full_hostname[MaxHostNameLen];
int auth_level = AUTH_NONE;
+#ifdef OTP
OtpContext otp_ctx;
+#endif
int mask = 022; /* Default umask (set below) */
int maxtrys = 5; /* Default number of allowed failed logins */
@@ -210,7 +218,7 @@ main(int argc, char **argv)
*full_hostname = '\0';
domain = NULL;
- if (k_gethostname(localhost, sizeof(localhost)) < 0)
+ if (gethostname(localhost, sizeof(localhost)) < 0)
syslog(LOG_ERR, "couldn't get local hostname: %m");
else
domain = strchr(localhost, '.');
@@ -222,8 +230,10 @@ main(int argc, char **argv)
case 'a':
if (strcmp (optarg, "none") == 0)
auth_level = AUTH_NONE;
+#ifdef OTP
else if (strcmp (optarg, "otp") == 0)
auth_level = AUTH_OTP;
+#endif
else
warnx ("bad value for -a: %s", optarg);
break;
@@ -240,7 +250,9 @@ main(int argc, char **argv)
if (uid)
errx(1, "-h option: %s", strerror(EPERM));
hflag = 1;
- strncpy(full_hostname, optarg, sizeof(full_hostname)-1);
+ strcpy_truncate(full_hostname,
+ optarg,
+ sizeof(full_hostname));
if (domain && (p = strchr(optarg, '.')) &&
strcasecmp(p, domain) == 0)
*p = 0;
@@ -263,7 +275,9 @@ main(int argc, char **argv)
exit(1);
}
rflag = 1;
- strncpy(full_hostname, optarg, sizeof(full_hostname)-1);
+ strcpy_truncate(full_hostname,
+ optarg,
+ sizeof(full_hostname));
if (domain && (p = strchr(optarg, '.')) &&
strcasecmp(p, domain) == 0)
*p = 0;
@@ -275,8 +289,11 @@ main(int argc, char **argv)
if (!uid)
syslog(LOG_ERR, "invalid flag %c", ch);
fprintf(stderr,
- "usage: login [-fp] [-a otp]"
- "[-h hostname | -r hostname] [username]\n");
+ "usage: login [-fp]"
+#ifdef OTP
+ " [-a otp]"
+#endif
+ " [-h hostname | -r hostname] [username]\n");
exit(1);
}
argc -= optind;
@@ -366,7 +383,7 @@ main(int argc, char **argv)
badlogin(tbuf);
failures = 0;
}
- strcpy(tbuf, username);
+ strcpy_truncate(tbuf, username, sizeof(tbuf));
pwd = paranoid_getpwnam (username);
@@ -394,11 +411,14 @@ main(int argc, char **argv)
setpriority(PRIO_PROCESS, 0, -4);
+#ifdef OTP
if (otp_challenge (&otp_ctx, username,
ss, sizeof(ss)) == 0)
snprintf (prompt, sizeof(prompt), "%s's %s Password: ",
username, ss);
- else {
+ else
+#endif
+ {
if (auth_level == AUTH_NONE)
snprintf(prompt, sizeof(prompt), "%s's Password: ",
username);
@@ -406,9 +426,11 @@ main(int argc, char **argv)
char *s;
rval = 1;
+#ifdef OTP
s = otp_error(&otp_ctx);
if(s)
printf ("OTP: %s\n", s);
+#endif
continue;
}
}
@@ -419,9 +441,12 @@ main(int argc, char **argv)
/* Verify it somehow */
+#ifdef OTP
if (otp_verify_user (&otp_ctx, passwd) == 0)
rval = 0;
- else if (pwd == NULL)
+ else
+#endif
+ if (pwd == NULL)
;
else if (auth_level == AUTH_NONE) {
uid_t pwd_uid = pwd->pw_uid;
@@ -445,8 +470,10 @@ main(int argc, char **argv)
char *s;
rval = 1;
+#ifdef OTP
if ((s = otp_error(&otp_ctx)))
printf ("OTP: %s\n", s);
+#endif
}
memset (passwd, 0, sizeof(passwd));
@@ -507,28 +534,45 @@ main(int argc, char **argv)
struct udb *udb;
long t;
const long maxcpu = 46116860184; /* some random constant */
+
+ if(setjob(pwd->pw_uid, 0) < 0)
+ warn("setjob");
+
udb = getudbnam(pwd->pw_name);
- if(udb == UDB_NULL){
- warnx("Failed to get UDB entry.");
- exit(1);
- }
+ if(udb == UDB_NULL)
+ errx(1, "Failed to get UDB entry.");
+
+ /* per process cpu limit */
t = udb->ue_pcpulim[UDBRC_INTER];
if(t == 0 || t > maxcpu)
t = CPUUNLIM;
else
- t *= 100 * CLOCKS_PER_SEC;
+ t *= CLK_TCK;
if(limit(C_PROC, 0, L_CPU, t) < 0)
- warn("limit C_PROC");
+ warn("limit process cpu");
+ /* per process memory limit */
+ if(limit(C_PROC, 0, L_MEM, udb->ue_pmemlim[UDBRC_INTER]) < 0)
+ warn("limit process memory");
+
+ /* per job cpu limit */
t = udb->ue_jcpulim[UDBRC_INTER];
if(t == 0 || t > maxcpu)
t = CPUUNLIM;
else
- t *= 100 * CLOCKS_PER_SEC;
+ t *= CLK_TCK;
+
+ if(limit(C_JOB, 0, L_CPU, t) < 0)
+ warn("limit job cpu");
+
+ /* per job processor limit */
+ if(limit(C_JOB, 0, L_CPROC, udb->ue_jproclim[UDBRC_INTER]) < 0)
+ warn("limit job processors");
- if(limit(C_JOBPROCS, 0, L_CPU, t) < 0)
- warn("limit C_JOBPROCS");
+ /* per job memory limit */
+ if(limit(C_JOB, 0, L_MEM, udb->ue_jmemlim[UDBRC_INTER]) < 0)
+ warn("limit job memory");
nice(udb->ue_nice[UDBRC_INTER]);
}
@@ -590,9 +634,11 @@ main(int argc, char **argv)
*/
login_fbtab(tty, pwd->pw_uid, pwd->pw_gid);
- chown(ttyn, pwd->pw_uid,
- (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid);
- chmod(ttyn, S_IRUSR | S_IWUSR | S_IWGRP);
+ if (chown(ttyn, pwd->pw_uid,
+ (gr = getgrnam(TTYGRPNAME)) ? gr->gr_gid : pwd->pw_gid) < 0)
+ err(1, "chown tty failed");
+ if (chmod(ttyn, S_IRUSR | S_IWUSR | S_IWGRP) < 0)
+ err(1, "chmod tty failed");
setgid(pwd->pw_gid);
initgroups(username, pwd->pw_gid);
@@ -608,7 +654,7 @@ main(int argc, char **argv)
* that LD_* and IFS are never preserved.
*/
if (term[0] == '\0')
- strncpy(term, stypeof(tty), sizeof(term));
+ strcpy_truncate(term, stypeof(tty), sizeof(term));
/* set up a somewhat censored environment. */
sysv_newenv(argc, argv, pwd, term, pflag);
#ifdef KERBEROS
@@ -620,12 +666,13 @@ main(int argc, char **argv)
syslog(LOG_INFO, "DIALUP %s, %s", tty, pwd->pw_name);
/* If fflag is on, assume caller/authenticator has logged root login. */
- if (rootlogin && fflag == 0)
+ if (rootlogin && fflag == 0) {
if (hostname)
syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s FROM %s",
username, tty, hostname);
else
syslog(LOG_NOTICE, "ROOT LOGIN (%s) ON %s", username, tty);
+ }
#ifdef KERBEROS
if (!quietlog && notickets == 1 && !noticketsdontcomplain)
@@ -668,7 +715,7 @@ main(int argc, char **argv)
#endif /* NO_MOTD */
#ifdef LOGIN_ACCESS
- if (login_access(pwd->pw_name, hostname ? full_hostname : tty) == 0) {
+ if (login_access(pwd, hostname ? full_hostname : tty) == 0) {
printf("Permission denied\n");
if (hostname)
syslog(LOG_NOTICE, "%s LOGIN REFUSED FROM %s",
@@ -683,11 +730,12 @@ main(int argc, char **argv)
signal(SIGALRM, SIG_DFL);
signal(SIGQUIT, SIG_DFL);
signal(SIGINT, SIG_DFL);
+#ifdef SIGTSTP
signal(SIGTSTP, SIG_IGN);
+#endif
- tbuf[0] = '-';
- strcpy(tbuf + 1, (p = strrchr(pwd->pw_shell, '/')) ?
- p + 1 : pwd->pw_shell);
+ p = strrchr(pwd->pw_shell, '/');
+ snprintf (tbuf, sizeof(tbuf), "-%s", p ? p + 1 : pwd->pw_shell);
#ifdef HAVE_SETLOGIN
if (setlogin(pwd->pw_name) < 0)
@@ -703,6 +751,35 @@ main(int argc, char **argv)
spwd = getspnam (username);
endspent ();
#endif
+ /* perhaps work some magic */
+ if(do_osfc2_magic(pwd->pw_uid))
+ sleepexit(1);
+#if defined(HAVE_SGI_GETCAPABILITYBYNAME) && defined(HAVE_CAP_SET_PROC)
+ /* XXX SGI capability hack IRIX 6.x (x >= 0?) has something
+ called capabilities, that allow you to give away
+ permissions (such as chown) to specific processes. From 6.5
+ this is default on, and the default capability set seems to
+ not always be the empty set. The problem is that the
+ runtime linker refuses to do just about anything if the
+ process has *any* capabilities set, so we have to remove
+ them here (unless otherwise instructed by /etc/capability).
+ In IRIX < 6.5, these functions was called sgi_cap_setproc,
+ etc, but we ignore this fact (it works anyway). */
+ {
+ struct user_cap *ucap = sgi_getcapabilitybyname(pwd->pw_name);
+ cap_t cap;
+ if(ucap == NULL)
+ cap = cap_from_text("all=");
+ else
+ cap = cap_from_text(ucap->ca_default);
+ if(cap == NULL)
+ err(1, "cap_from_text");
+ if(cap_set_proc(cap) < 0)
+ err(1, "cap_set_proc");
+ cap_free(cap);
+ free(ucap);
+ }
+#endif
/* Discard permissions last so can't get killed and drop core. */
{
int uid = rootlogin ? 0 : pwd->pw_uid;
@@ -742,10 +819,18 @@ main(int argc, char **argv)
if (k_hasafs()) {
char cell[64];
+#ifdef _AIX
+ /* XXX this is a fix for a bug in AFS for AIX 4.3, w/o
+ this hack the kernel crashes on the following
+ pioctl... */
+ char *pw_dir = strdup(pwd->pw_dir);
+#else
+ char *pw_dir = pwd->pw_dir;
+#endif
k_setpag();
- if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0)
- k_afsklog(cell, 0);
- k_afsklog(0, 0);
+ if(k_afs_cell_of_file(pw_dir, cell, sizeof(cell)) == 0)
+ krb_afslog(cell, 0);
+ krb_afslog(0, 0);
}
execlp(pwd->pw_shell, tbuf, 0);
@@ -768,46 +853,77 @@ main(int argc, char **argv)
static void
getloginname(int prompt)
{
- int ch;
- char *p;
- static char nbuf[NBUFSIZ];
-
- for (;;) {
- if (prompt)
- if (ttyprompt && *ttyprompt)
- printf("%s", ttyprompt);
- else
- printf("login: ");
- prompt = 1;
- for (p = nbuf; (ch = getchar()) != '\n'; ) {
- if (ch == EOF) {
- badlogin(username);
- exit(0);
- }
- if (p < nbuf + (NBUFSIZ - 1))
- *p++ = ch;
- }
- if (p > nbuf)
- if (nbuf[0] == '-')
- warnx("login names may not start with '-'.");
- else {
- *p = '\0';
- username = nbuf;
- break;
- }
+ int ch;
+ char *p;
+ static char nbuf[NBUFSIZ];
+
+ for (;;) {
+ if (prompt) {
+ if (ttyprompt && *ttyprompt)
+ printf("%s", ttyprompt);
+ else
+ printf("login: ");
+ }
+ prompt = 1;
+ for (p = nbuf; (ch = getchar()) != '\n'; ) {
+ if (ch == EOF) {
+ badlogin(username);
+ exit(0);
+ }
+ if (p < nbuf + (NBUFSIZ - 1))
+ *p++ = ch;
+ }
+ if (p > nbuf) {
+ if (nbuf[0] == '-')
+ warnx("login names may not start with '-'.");
+ else {
+ *p = '\0';
+ username = nbuf;
+ break;
+ }
}
+ }
+}
+
+static int
+find_in_etc_securetty (char *ttyn)
+{
+ FILE *f;
+ char buf[128];
+ int ret = 0;
+
+ f = fopen (_PATH_ETC_SECURETTY, "r");
+ if (f == NULL)
+ return 0;
+ while (fgets(buf, sizeof(buf), f) != NULL) {
+ if(buf[strlen(buf) - 1] == '\n')
+ buf[strlen(buf) - 1] = '\0';
+ if (strcmp (buf, ttyn) == 0) {
+ ret = 1;
+ break;
+ }
+ }
+ fclose(f);
+ return ret;
}
static int
rootterm(char *ttyn)
{
-#ifndef HAVE_TTYENT_H
- return (default_console == 0 || strcmp(default_console, ttyname(0)) == 0);
-#else
+#ifdef HAVE_TTYENT_H
+ {
struct ttyent *t;
- return ((t = getttynam(ttyn)) && t->ty_status & TTY_SECURE);
+ t = getttynam (ttyn);
+ if (t && t->ty_status & TTY_SECURE)
+ return 1;
+ }
#endif
+ if (find_in_etc_securetty(ttyn))
+ return 1;
+ if (default_console == 0 || strcmp(default_console, ttyn) == 0)
+ return 1;
+ return 0;
}
static RETSIGTYPE
diff --git a/crypto/kerberosIV/appl/bsd/login_access.c b/crypto/kerberosIV/appl/bsd/login_access.c
index 0e017b10cdfd..7b79dc8295fd 100644
--- a/crypto/kerberosIV/appl/bsd/login_access.c
+++ b/crypto/kerberosIV/appl/bsd/login_access.c
@@ -9,7 +9,7 @@
#include "bsd_locl.h"
-RCSID("$Id: login_access.c,v 1.15 1997/06/01 03:12:28 assar Exp $");
+RCSID("$Id: login_access.c,v 1.19 1999/05/14 22:02:14 assar Exp $");
#ifdef LOGIN_ACCESS
@@ -23,15 +23,26 @@ static char sep[] = ", \t"; /* list-element separator */
#define YES 1
#define NO 0
-static int list_match(char *list, char *item, int (*match_fn)(char *, char *));
-static int user_match(char *tok, char *string);
-static int from_match(char *tok, char *string);
+ /*
+ * A structure to bundle up all login-related information to keep the
+ * functional interfaces as generic as possible.
+ */
+struct login_info {
+ struct passwd *user;
+ char *from;
+};
+
+static int list_match(char *list, struct login_info *item,
+ int (*match_fn)(char *, struct login_info *));
+static int user_match(char *tok, struct login_info *item);
+static int from_match(char *tok, struct login_info *item);
static int string_match(char *tok, char *string);
/* login_access - match username/group and host/tty with access control file */
-int login_access(char *user, char *from)
+int login_access(struct passwd *user, char *from)
{
+ struct login_info item;
FILE *fp;
char line[BUFSIZ];
char *perm; /* becomes permission field */
@@ -43,6 +54,12 @@ int login_access(char *user, char *from)
char *foo;
/*
+ * Bundle up the arguments to avoid unnecessary clumsiness lateron.
+ */
+ item.user = user;
+ item.from = from;
+
+ /*
* Process the table one line at a time and stop at the first match.
* Blank lines and lines that begin with a '#' character are ignored.
* Non-comment lines are broken at the ':' character. All fields are
@@ -60,7 +77,7 @@ int login_access(char *user, char *from)
}
if (line[0] == '#')
continue; /* comment line */
- while (end > 0 && isspace(line[end - 1]))
+ while (end > 0 && isspace((unsigned char)line[end - 1]))
end--;
line[end] = 0; /* strip trailing whitespace */
if (line[0] == 0) /* skip blank lines */
@@ -81,8 +98,8 @@ int login_access(char *user, char *from)
lineno);
continue;
}
- match = (list_match(froms, from, from_match)
- && list_match(users, user, user_match));
+ match = (list_match(froms, &item, from_match)
+ && list_match(users, &item, user_match));
}
fclose(fp);
} else if (errno != ENOENT) {
@@ -94,7 +111,9 @@ int login_access(char *user, char *from)
/* list_match - match an item against a list of tokens with exceptions */
static int
-list_match(char *list, char *item, int (*match_fn)(char *, char *))
+list_match(char *list,
+ struct login_info *item,
+ int (*match_fn)(char *, struct login_info *))
{
char *tok;
int match = NO;
@@ -126,6 +145,19 @@ list_match(char *list, char *item, int (*match_fn)(char *, char *))
return (NO);
}
+/* myhostname - figure out local machine name */
+
+static char *myhostname(void)
+{
+ static char name[MAXHOSTNAMELEN + 1] = "";
+
+ if (name[0] == 0) {
+ gethostname(name, sizeof(name));
+ name[MAXHOSTNAMELEN] = 0;
+ }
+ return (name);
+}
+
/* netgroup_match - match group against machine or user */
static int netgroup_match(char *group, char *machine, char *user)
@@ -144,22 +176,32 @@ static int netgroup_match(char *group, char *machine, char *user)
/* user_match - match a username against one token */
-static int user_match(char *tok, char *string)
+static int user_match(char *tok, struct login_info *item)
{
+ char *string = item->user->pw_name;
+ struct login_info fake_item;
struct group *group;
int i;
+ char *at;
/*
* If a token has the magic value "ALL" the match always succeeds.
- * Otherwise, return YES if the token fully matches the username, or if
- * the token is a group that contains the username.
+ * Otherwise, return YES if the token fully matches the username, if the
+ * token is a group that contains the username, or if the token is the
+ * name of the user's primary group.
*/
- if (tok[0] == '@') { /* netgroup */
+ if ((at = strchr(tok + 1, '@')) != 0) { /* split user@host pattern */
+ *at = 0;
+ fake_item.from = myhostname();
+ return (user_match(tok, item) && from_match(at + 1, &fake_item));
+ } else if (tok[0] == '@') { /* netgroup */
return (netgroup_match(tok + 1, (char *) 0, string));
} else if (string_match(tok, string)) { /* ALL or exact match */
return (YES);
} else if ((group = getgrnam(tok)) != 0) { /* try group membership */
+ if (item->user->pw_gid == group->gr_gid)
+ return (YES);
for (i = 0; group->gr_mem[i]; i++)
if (strcasecmp(string, group->gr_mem[i]) == 0)
return (YES);
@@ -169,8 +211,9 @@ static int user_match(char *tok, char *string)
/* from_match - match a host or tty against a list of tokens */
-static int from_match(char *tok, char *string)
+static int from_match(char *tok, struct login_info *item)
{
+ char *string = item->from;
int tok_len;
int str_len;
diff --git a/crypto/kerberosIV/appl/bsd/login_fbtab.c b/crypto/kerberosIV/appl/bsd/login_fbtab.c
index f7f53aa57c43..f831909d6f07 100644
--- a/crypto/kerberosIV/appl/bsd/login_fbtab.c
+++ b/crypto/kerberosIV/appl/bsd/login_fbtab.c
@@ -58,7 +58,7 @@
#include "bsd_locl.h"
-RCSID("$Id: login_fbtab.c,v 1.10 1997/06/01 03:12:54 assar Exp $");
+RCSID("$Id: login_fbtab.c,v 1.13 1999/01/14 00:37:59 assar Exp $");
void login_protect (char *, char *, int, uid_t, gid_t);
void login_fbtab (char *tty, uid_t uid, gid_t gid);
@@ -126,15 +126,25 @@ login_protect(char *table, char *path, int mask, uid_t uid, gid_t gid)
if (chown(path, uid, gid) && errno != ENOENT)
syslog(LOG_ERR, "%s: chown(%s): %m", table, path);
} else {
- strcpy(buf, path);
- buf[pathlen - 1] = 0;
+ strcpy_truncate (buf, path, sizeof(buf));
+ if (sizeof(buf) > pathlen)
+ buf[pathlen - 2] = '\0';
+ /* Solaris evidently operates on the directory as well */
+ login_protect(table, buf, mask | ((mask & 0444) >> 2), uid, gid);
if ((dir = opendir(buf)) == 0) {
syslog(LOG_ERR, "%s: opendir(%s): %m", table, path);
} else {
+ if (sizeof(buf) > pathlen) {
+ buf[pathlen - 2] = '/';
+ buf[pathlen - 1] = '\0';
+ }
+
while ((ent = readdir(dir)) != 0) {
if (strcmp(ent->d_name, ".") != 0
&& strcmp(ent->d_name, "..") != 0) {
- strcpy(buf + pathlen - 1, ent->d_name);
+ strcpy_truncate (buf + pathlen - 1,
+ ent->d_name,
+ sizeof(buf) - (pathlen + 1));
login_protect(table, buf, mask, uid, gid);
}
}
diff --git a/crypto/kerberosIV/appl/bsd/osfc2.c b/crypto/kerberosIV/appl/bsd/osfc2.c
new file mode 100644
index 000000000000..78f2e6e258ca
--- /dev/null
+++ b/crypto/kerberosIV/appl/bsd/osfc2.c
@@ -0,0 +1,84 @@
+/*
+ * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "bsd_locl.h"
+RCSID("$Id: osfc2.c,v 1.1 1998/09/28 11:47:36 joda Exp $");
+
+int
+do_osfc2_magic(uid_t uid)
+{
+#ifdef HAVE_OSFC2
+ struct es_passwd *epw;
+ char *argv[2];
+
+ /* fake */
+ argv[0] = (char*)__progname;
+ argv[1] = NULL;
+ set_auth_parameters(1, argv);
+
+ epw = getespwuid(uid);
+ if(epw == NULL) {
+ syslog(LOG_AUTHPRIV|LOG_NOTICE,
+ "getespwuid failed for %d", uid);
+ printf("Sorry.\n");
+ return 1;
+ }
+ /* We don't check for auto-retired, foo-retired,
+ bar-retired, or any other kind of retired accounts
+ here; neither do we check for time-locked accounts, or
+ any other kind of serious C2 mumbo-jumbo. We do,
+ however, call setluid, since failing to do so it not
+ very good (take my word for it). */
+
+ if(!epw->uflg->fg_uid) {
+ syslog(LOG_AUTHPRIV|LOG_NOTICE,
+ "attempted login by %s (has no uid)", epw->ufld->fd_name);
+ printf("Sorry.\n");
+ return 1;
+ }
+ setluid(epw->ufld->fd_uid);
+ if(getluid() != epw->ufld->fd_uid) {
+ syslog(LOG_AUTHPRIV|LOG_NOTICE,
+ "failed to set LUID for %s (%d)",
+ epw->ufld->fd_name, epw->ufld->fd_uid);
+ printf("Sorry.\n");
+ return 1;
+ }
+#endif /* HAVE_OSFC2 */
+ return 0;
+}
diff --git a/crypto/kerberosIV/appl/bsd/pathnames.h b/crypto/kerberosIV/appl/bsd/pathnames.h
index 3c10bff02404..671f6632a0d6 100644
--- a/crypto/kerberosIV/appl/bsd/pathnames.h
+++ b/crypto/kerberosIV/appl/bsd/pathnames.h
@@ -31,7 +31,7 @@
* SUCH DAMAGE.
*
* from: @(#)pathnames.h 5.2 (Berkeley) 4/9/90
- * $Id: pathnames.h,v 1.23 1996/11/17 06:36:42 joda Exp $
+ * $Id: pathnames.h,v 1.25 1998/02/03 23:29:30 assar Exp $
*/
/******* First fix default path, we stick to _PATH_DEFPATH everywhere */
@@ -65,6 +65,9 @@
#undef _PATH_RSH /* Redifine rsh */
#define _PATH_RSH BINDIR "/rsh"
+#undef _PATH_RCP /* Redifine rcp */
+#define _PATH_RCP BINDIR "/rcp"
+
#undef _PATH_LOGIN
#define _PATH_LOGIN BINDIR "/login"
@@ -175,6 +178,10 @@
#define _PATH_ETC_ENVIRONMENT "/etc/environment"
#endif
+#ifndef _PATH_ETC_SECURETTY
+#define _PATH_ETC_SECURETTY "/etc/securetty"
+#endif
+
/*
* NeXT KLUDGE ALERT!!!!!!!!!!!!!!!!!!
* Some sort of bug in the NEXTSTEP cpp.
@@ -186,6 +193,8 @@
#define _PATH_RLOGIN "/usr/athena/bin/rlogin"
#undef _PATH_RSH
#define _PATH_RSH "/usr/athena/bin/rsh"
+#undef _PATH_RCP
+#define _PATH_RCP "/usr/athena/bin/rcp"
#undef _PATH_LOGIN
#define _PATH_LOGIN "/usr/athena/bin/login"
#endif
diff --git a/crypto/kerberosIV/appl/bsd/rcmd_util.c b/crypto/kerberosIV/appl/bsd/rcmd_util.c
index 466900954a91..188413325657 100644
--- a/crypto/kerberosIV/appl/bsd/rcmd_util.c
+++ b/crypto/kerberosIV/appl/bsd/rcmd_util.c
@@ -38,7 +38,7 @@
#include "bsd_locl.h"
-RCSID("$Id: rcmd_util.c,v 1.15 1997/05/02 14:27:44 assar Exp $");
+RCSID("$Id: rcmd_util.c,v 1.17 1997/09/24 21:14:23 assar Exp $");
int
get_login_port(int kerberos, int encryption)
@@ -240,7 +240,7 @@ warning(const char *fmt, ...)
if (strncmp(rstar_no_warn, "yes", 3) != 0) {
/* XXX */
fprintf(stderr, "%s: warning, using standard ", __progname);
- warnx(fmt, args);
+ vwarnx(fmt, args);
}
va_end(args);
}
diff --git a/crypto/kerberosIV/appl/bsd/rcp.c b/crypto/kerberosIV/appl/bsd/rcp.c
index 6dfb4726680a..39fd36e49d6b 100644
--- a/crypto/kerberosIV/appl/bsd/rcp.c
+++ b/crypto/kerberosIV/appl/bsd/rcp.c
@@ -33,7 +33,7 @@
#include "bsd_locl.h"
-RCSID("$Id: rcp.c,v 1.43 1997/05/13 09:41:26 bg Exp $");
+RCSID("$Id: rcp.c,v 1.49 1999/07/06 03:17:58 assar Exp $");
/* Globals */
static char dst_realm_buf[REALM_SZ];
@@ -49,6 +49,9 @@ static u_short port;
static uid_t userid;
static int pflag, iamremote, iamrecursive, targetshouldbedirectory;
+static int argc_copy;
+static char **argv_copy;
+
#define CMDNEEDS 64
static char cmd[CMDNEEDS]; /* must hold "rcp -r -p -d\0" */
@@ -58,7 +61,7 @@ void rsource(char *name, struct stat *statp);
CREDENTIALS cred;
MSG_DAT msg_data;
-struct sockaddr_in foreign, local;
+struct sockaddr_in foreign_addr, local_addr;
Key_schedule schedule;
KTEXT_ST ticket;
@@ -71,18 +74,18 @@ send_auth(char *h, char *r)
long opts;
lslen = sizeof(struct sockaddr_in);
- if (getsockname(rem, (struct sockaddr *)&local, &lslen) < 0)
+ if (getsockname(rem, (struct sockaddr *)&local_addr, &lslen) < 0)
err(1, "getsockname");
fslen = sizeof(struct sockaddr_in);
- if (getpeername(rem, (struct sockaddr *)&foreign, &fslen) < 0)
+ if (getpeername(rem, (struct sockaddr *)&foreign_addr, &fslen) < 0)
err(1, "getpeername");
if ((r == NULL) || (*r == '\0'))
r = krb_realmofhost(h);
opts = KOPT_DO_MUTUAL;
if ((status = krb_sendauth(opts, rem, &ticket, SERVICE_NAME, h, r,
(unsigned long)getpid(), &msg_data, &cred,
- schedule, &local,
- &foreign, "KCMDV0.1")) != KSUCCESS)
+ schedule, &local_addr,
+ &foreign_addr, "KCMDV0.1")) != KSUCCESS)
errx(1, "krb_sendauth failure: %s", krb_get_err_text(status));
}
@@ -94,15 +97,15 @@ answer_auth(void)
char inst[INST_SZ], v[9];
lslen = sizeof(struct sockaddr_in);
- if (getsockname(rem, (struct sockaddr *)&local, &lslen) < 0)
+ if (getsockname(rem, (struct sockaddr *)&local_addr, &lslen) < 0)
err(1, "getsockname");
fslen = sizeof(struct sockaddr_in);
- if(getpeername(rem, (struct sockaddr *)&foreign, &fslen) < 0)
+ if(getpeername(rem, (struct sockaddr *)&foreign_addr, &fslen) < 0)
err(1, "getperrname");
k_getsockinst(rem, inst, sizeof(inst));
opts = KOPT_DO_MUTUAL;
if ((status = krb_recvauth(opts, rem, &ticket, SERVICE_NAME, inst,
- &foreign, &local,
+ &foreign_addr, &local_addr,
&kdata, "", schedule, v)) != KSUCCESS)
errx(1, "krb_recvauth failure: %s", krb_get_err_text(status));
}
@@ -143,10 +146,11 @@ run_err(const char *fmt, ...)
va_start(args, fmt);
++errs;
#define RCPERR "\001rcp: "
- strcpy (errbuf, RCPERR);
- vsnprintf (errbuf + strlen(RCPERR), sizeof(errbuf) - strlen(RCPERR),
+ strcpy_truncate (errbuf, RCPERR, sizeof(errbuf));
+ vsnprintf (errbuf + strlen(errbuf),
+ sizeof(errbuf) - strlen(errbuf),
fmt, args);
- strcat (errbuf, "\n");
+ strcat_truncate (errbuf, "\n", sizeof(errbuf));
des_write (rem, errbuf, strlen(errbuf));
if (!iamremote)
vwarnx(fmt, args);
@@ -351,11 +355,15 @@ rsource(char *name, struct stat *statp)
DIR *dirp;
struct dirent *dp;
char *last, *vect[1], path[MaxPathLen];
+ char *p;
if (!(dirp = opendir(name))) {
run_err("%s: %s", name, strerror(errno));
return;
}
+ for (p = name + strlen(name) - 1; p >= name && *p == '/'; --p)
+ *p = '\0';
+
last = strrchr(name, '/');
if (last == 0)
last = name;
@@ -403,8 +411,9 @@ static int
kerberos(char **host, char *bp, char *locuser, char *user)
{
int sock = -1, err;
-again:
+
if (use_kerberos) {
+ setuid(getuid());
rem = KSUCCESS;
errno = 0;
if (dest_realm == NULL)
@@ -439,13 +448,11 @@ again:
rem = sock;
#endif
if (rem < 0) {
- use_kerberos = 0;
- port = get_shell_port(use_kerberos, 0);
if (errno == ECONNREFUSED)
oldw("remote host doesn't support Kerberos");
else if (errno == ENOENT)
oldw("can't provide Kerberos authentication data");
- goto again;
+ execv(_PATH_RCP, argv_copy);
}
} else {
if (doencrypt)
@@ -493,29 +500,24 @@ toremote(char *targ, int argc, char **argv)
if (*src == 0)
src = ".";
host = strchr(argv[i], '@');
- len = strlen(_PATH_RSH) + strlen(argv[i]) +
- strlen(src) + (tuser ? strlen(tuser) : 0) +
- strlen(thost) + strlen(targ) + CMDNEEDS + 20;
- if (!(bp = malloc(len)))
- err(1, " ");
if (host) {
- *host++ = 0;
- suser = argv[i];
- if (*suser == '\0')
- suser = pwd->pw_name;
- else if (!okname(suser))
- continue;
- snprintf(bp, len,
- "%s %s -l %s -n %s %s '%s%s%s:%s'",
- _PATH_RSH, host, suser, cmd, src,
- tuser ? tuser : "", tuser ? "@" : "",
- thost, targ);
+ *host++ = 0;
+ suser = argv[i];
+ if (*suser == '\0')
+ suser = pwd->pw_name;
+ else if (!okname(suser))
+ continue;
+ asprintf(&bp, "%s %s -l %s -n %s %s '%s%s%s:%s'",
+ _PATH_RSH, host, suser, cmd, src,
+ tuser ? tuser : "", tuser ? "@" : "",
+ thost, targ);
} else
- snprintf(bp, len,
- "exec %s %s -n %s %s '%s%s%s:%s'",
- _PATH_RSH, argv[i], cmd, src,
- tuser ? tuser : "", tuser ? "@" : "",
- thost, targ);
+ asprintf(&bp, "exec %s %s -n %s %s '%s%s%s:%s'",
+ _PATH_RSH, argv[i], cmd, src,
+ tuser ? tuser : "", tuser ? "@" : "",
+ thost, targ);
+ if(bp == NULL)
+ errx(1, "out of memory");
susystem(bp, userid);
free(bp);
} else { /* local to remote */
@@ -623,7 +625,13 @@ sink(int argc, char **argv)
if (ch == '\n')
*--cp = 0;
-#define getnum(t) (t) = 0; while (isdigit(*cp)) (t) = (t) * 10 + (*cp++ - '0');
+#define getnum(t) \
+ do { \
+ (t) = 0; \
+ while (isdigit((unsigned char)*cp)) \
+ (t) = (t) * 10 + (*cp++ - '0'); \
+ } while(0)
+
cp = buf;
if (*cp == 'T') {
setimes++;
@@ -666,7 +674,7 @@ sink(int argc, char **argv)
if (*cp++ != ' ')
SCREWUP("mode not delimited");
- for (size = 0; isdigit(*cp);)
+ for (size = 0; isdigit((unsigned char)*cp);)
size = size * 10 + (*cp++ - '0');
if (*cp++ != ' ')
SCREWUP("size not delimited");
@@ -906,8 +914,28 @@ main(int argc, char **argv)
{
int ch, fflag, tflag;
char *targ;
+ int i;
set_progname(argv[0]);
+
+ /*
+ * Prepare for execing ourselves.
+ */
+
+ argc_copy = argc + 1;
+ argv_copy = malloc((argc_copy + 1) * sizeof(*argv_copy));
+ if (argv_copy == NULL)
+ err(1, "malloc");
+ argv_copy[0] = argv[0];
+ argv_copy[1] = "-K";
+ for(i = 1; i < argc; ++i) {
+ argv_copy[i + 1] = strdup(argv[i]);
+ if (argv_copy[i + 1] == NULL)
+ errx(1, "strdup: out of memory");
+ }
+ argv_copy[argc + 1] = NULL;
+
+
fflag = tflag = 0;
while ((ch = getopt(argc, argv, OPTIONS)) != EOF)
switch(ch) { /* User-visible flags. */
@@ -916,7 +944,7 @@ main(int argc, char **argv)
break;
case 'k':
dest_realm = dst_realm_buf;
- strncpy(dst_realm_buf, optarg, REALM_SZ);
+ strcpy_truncate(dst_realm_buf, optarg, REALM_SZ);
break;
case 'x':
doencrypt = 1;
@@ -951,47 +979,40 @@ main(int argc, char **argv)
* kshell service, pass 0 for no encryption */
port = get_shell_port(use_kerberos, 0);
+ userid = getuid();
+
#ifndef __CYGWIN32__
- if ((pwd = k_getpwuid(userid = getuid())) == NULL)
+ if ((pwd = k_getpwuid(userid)) == NULL)
errx(1, "unknown user %d", (int)userid);
#endif
rem = STDIN_FILENO; /* XXX */
- if (fflag) { /* Follow "protocol", send data. */
- if (doencrypt)
- answer_auth();
+ if (fflag || tflag) {
+ if (doencrypt)
+ answer_auth();
+ if(fflag)
response();
- setuid(userid);
- if (k_hasafs()) {
- /* Sometimes we will need cell specific tokens
- * to be able to read and write files, thus,
- * the token stuff done in rshd might not
- * suffice.
- */
- char cell[64];
- if (k_afs_cell_of_file(pwd->pw_dir,
- cell, sizeof(cell)) == 0)
- k_afsklog(cell, 0);
- k_afsklog(0, 0);
- }
+ if(do_osfc2_magic(pwd->pw_uid))
+ exit(1);
+ setuid(userid);
+ if (k_hasafs()) {
+ /* Sometimes we will need cell specific tokens
+ * to be able to read and write files, thus,
+ * the token stuff done in rshd might not
+ * suffice.
+ */
+ char cell[64];
+ if (k_afs_cell_of_file(pwd->pw_dir,
+ cell, sizeof(cell)) == 0)
+ krb_afslog(cell, 0);
+ krb_afslog(0, 0);
+ }
+ if(fflag)
source(argc, argv);
- exit(errs);
- }
-
- if (tflag) { /* Receive data. */
- if (doencrypt)
- answer_auth();
- setuid(userid);
- if (k_hasafs()) {
- char cell[64];
- if (k_afs_cell_of_file(pwd->pw_dir,
- cell, sizeof(cell)) == 0)
- k_afsklog(cell, 0);
- k_afsklog(0, 0);
- }
+ else
sink(argc, argv);
- exit(errs);
+ exit(errs);
}
if (argc < 2)
diff --git a/crypto/kerberosIV/appl/bsd/rcp_util.c b/crypto/kerberosIV/appl/bsd/rcp_util.c
index 6f0c5f06ea06..54233af0db62 100644
--- a/crypto/kerberosIV/appl/bsd/rcp_util.c
+++ b/crypto/kerberosIV/appl/bsd/rcp_util.c
@@ -33,7 +33,7 @@
#include "bsd_locl.h"
-RCSID("$Id: rcp_util.c,v 1.7 1996/11/17 20:23:05 assar Exp $");
+RCSID("$Id: rcp_util.c,v 1.8 1998/09/28 11:45:21 joda Exp $");
char *
colon(char *cp)
@@ -73,25 +73,27 @@ bad: warnx("%s: invalid user name", cp0);
int
susystem(char *s, int userid)
{
- RETSIGTYPE (*istat)(), (*qstat)();
- int status;
- pid_t pid;
+ RETSIGTYPE (*istat)(), (*qstat)();
+ int status;
+ pid_t pid;
- pid = fork();
- switch (pid) {
- case -1:
- return (127);
+ pid = fork();
+ switch (pid) {
+ case -1:
+ return (127);
- case 0:
- setuid(userid);
- execl(_PATH_BSHELL, "sh", "-c", s, NULL);
- _exit(127);
- }
- istat = signal(SIGINT, SIG_IGN);
- qstat = signal(SIGQUIT, SIG_IGN);
- if (waitpid(pid, &status, 0) < 0)
- status = -1;
- signal(SIGINT, istat);
- signal(SIGQUIT, qstat);
- return (status);
+ case 0:
+ if(do_osfc2_magic(userid))
+ exit(1);
+ setuid(userid);
+ execl(_PATH_BSHELL, "sh", "-c", s, NULL);
+ _exit(127);
+ }
+ istat = signal(SIGINT, SIG_IGN);
+ qstat = signal(SIGQUIT, SIG_IGN);
+ if (waitpid(pid, &status, 0) < 0)
+ status = -1;
+ signal(SIGINT, istat);
+ signal(SIGQUIT, qstat);
+ return (status);
}
diff --git a/crypto/kerberosIV/appl/bsd/rlogin.c b/crypto/kerberosIV/appl/bsd/rlogin.c
index 27aa8f032d37..5bc6196f09ce 100644
--- a/crypto/kerberosIV/appl/bsd/rlogin.c
+++ b/crypto/kerberosIV/appl/bsd/rlogin.c
@@ -36,7 +36,7 @@
*/
#include "bsd_locl.h"
-RCSID("$Id: rlogin.c,v 1.61 1997/05/25 01:14:47 assar Exp $");
+RCSID("$Id: rlogin.c,v 1.65 1999/03/13 21:13:54 assar Exp $");
CREDENTIALS cred;
Key_schedule schedule;
@@ -406,13 +406,14 @@ writer(void)
continue;
}
#endif /* VDSUSP */
- if (c != escapechar)
+ if (c != escapechar) {
#ifndef NOENCRYPTION
if (doencrypt)
des_enc_write(rem, &escapechar,1, schedule, &cred.session);
else
#endif
write(rem, &escapechar, 1);
+ }
}
if (doencrypt) {
@@ -578,7 +579,7 @@ main(int argc, char **argv)
break;
case 'k':
dest_realm = dst_realm_buf;
- strncpy(dest_realm, optarg, REALM_SZ);
+ strcpy_truncate(dest_realm, optarg, REALM_SZ);
break;
case 'l':
user = optarg;
@@ -586,22 +587,26 @@ main(int argc, char **argv)
case 'x':
doencrypt = 1;
break;
- case 'p':
- user_port = htons(atoi(optarg));
- break;
+ case 'p': {
+ char *endptr;
+
+ user_port = strtol (optarg, &endptr, 0);
+ if (user_port == 0 && optarg == endptr)
+ errx (1, "Bad port `%s'", optarg);
+ user_port = htons(user_port);
+ break;
+ }
case '?':
default:
usage();
}
optind += argoff;
- argc -= optind;
- argv += optind;
/* if haven't gotten a host yet, do so */
- if (!host && !(host = *argv++))
+ if (!host && !(host = argv[optind++]))
usage();
- if (*argv)
+ if (argv[optind])
usage();
if (!(pw = k_getpwuid(uid = getuid())))
@@ -609,7 +614,6 @@ main(int argc, char **argv)
if (!user)
user = pw->pw_name;
-
if (user_port)
sv_port = user_port;
else
@@ -636,17 +640,8 @@ main(int argc, char **argv)
get_window_size(0, &winsize);
- try_connect:
if (use_kerberos) {
- struct hostent *hp;
-
- /* Fully qualify hostname (needed for krb_realmofhost). */
- hp = gethostbyname(host);
- if (hp != NULL && !(host = strdup(hp->h_name))) {
- errno = ENOMEM;
- err(1, NULL);
- }
-
+ setuid(getuid());
rem = KSUCCESS;
errno = 0;
if (dest_realm == NULL)
@@ -656,18 +651,25 @@ main(int argc, char **argv)
rem = krcmd_mutual(&host, sv_port, user, term, 0,
dest_realm, &cred, schedule);
else
- rem = krcmd(&host, sv_port, user, term, 0,
- dest_realm);
+ rem = krcmd(&host, sv_port, user, term, 0,
+ dest_realm);
if (rem < 0) {
- use_kerberos = 0;
- if (user_port == 0)
- sv_port = get_login_port(use_kerberos,
- doencrypt);
- if (errno == ECONNREFUSED)
- warning("remote host doesn't support Kerberos");
- if (errno == ENOENT)
- warning("can't provide Kerberos auth data");
- goto try_connect;
+ int i;
+ char **newargv;
+
+ if (errno == ECONNREFUSED)
+ warning("remote host doesn't support Kerberos");
+ if (errno == ENOENT)
+ warning("can't provide Kerberos auth data");
+ newargv = malloc((argc + 2) * sizeof(*newargv));
+ if (newargv == NULL)
+ err(1, "malloc");
+ newargv[0] = argv[0];
+ newargv[1] = "-K";
+ for(i = 1; i < argc; ++i)
+ newargv[i + 1] = argv[i];
+ newargv[argc + 1] = NULL;
+ execv(_PATH_RLOGIN, newargv);
}
} else {
if (doencrypt)
diff --git a/crypto/kerberosIV/appl/bsd/rlogind.c b/crypto/kerberosIV/appl/bsd/rlogind.c
index c5d807749675..d36df928545a 100644
--- a/crypto/kerberosIV/appl/bsd/rlogind.c
+++ b/crypto/kerberosIV/appl/bsd/rlogind.c
@@ -42,7 +42,7 @@
#include "bsd_locl.h"
-RCSID("$Id: rlogind.c,v 1.100 1997/05/25 01:15:20 assar Exp $");
+RCSID("$Id: rlogind.c,v 1.107.2.1 1999/07/22 03:14:39 assar Exp $");
extern int __check_rhosts_file;
@@ -187,7 +187,7 @@ readstream(int p, char *ibuf, int bufsize)
#ifdef HAVE_UTMPX_H
static int
-logout(const char *line)
+rlogind_logout(const char *line)
{
struct utmpx utmpx, *utxp;
int ret = 1;
@@ -198,8 +198,9 @@ logout(const char *line)
strncpy(utmpx.ut_line, line, sizeof(utmpx.ut_line));
utxp = getutxline(&utmpx);
if (utxp) {
- strcpy(utxp->ut_user, "");
+ utxp->ut_user[0] = '\0';
utxp->ut_type = DEAD_PROCESS;
+#ifdef HAVE_STRUCT_UTMPX_UT_EXIT
#ifdef _STRUCT___EXIT_STATUS
utxp->ut_exit.__e_termination = 0;
utxp->ut_exit.__e_exit = 0;
@@ -210,6 +211,7 @@ logout(const char *line)
utxp->ut_exit.e_termination = 0;
utxp->ut_exit.e_exit = 0;
#endif
+#endif
gettimeofday(&utxp->ut_tv, NULL);
pututxline(utxp);
#ifdef WTMPX_FILE
@@ -223,7 +225,7 @@ logout(const char *line)
}
#else
static int
-logout(const char *line)
+rlogind_logout(const char *line)
{
FILE *fp;
struct utmp ut;
@@ -237,9 +239,24 @@ logout(const char *line)
strncmp(ut.ut_line, line, sizeof(ut.ut_line)))
continue;
memset(ut.ut_name, 0, sizeof(ut.ut_name));
-#ifdef HAVE_UT_HOST
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
memset(ut.ut_host, 0, sizeof(ut.ut_host));
#endif
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
+ ut.ut_type = DEAD_PROCESS;
+#endif
+#ifdef HAVE_STRUCT_UTMP_UT_EXIT
+#ifdef _STRUCT___EXIT_STATUS
+ ut.ut_exit.__e_termination = 0;
+ ut.ut_exit.__e_exit = 0;
+#elif defined(__osf__) /* XXX */
+ ut.ut_exit.ut_termination = 0;
+ ut.ut_exit.ut_exit = 0;
+#else
+ ut.ut_exit.e_termination = 0;
+ ut.ut_exit.e_exit = 0;
+#endif
+#endif
time(&ut.ut_time);
fseek(fp, (long)-sizeof(struct utmp), SEEK_CUR);
fwrite(&ut, sizeof(struct utmp), 1, fp);
@@ -265,13 +282,16 @@ logwtmp(const char *line, const char *name, const char *host)
if (!fstat(fd, &buf)) {
strncpy(ut.ut_line, line, sizeof(ut.ut_line));
strncpy(ut.ut_name, name, sizeof(ut.ut_name));
-#ifdef HAVE_UT_HOST
+#ifdef HAVE_STRUCT_UTMP_UT_ID
+ strncpy(ut.ut_id, make_id((char *)line), sizeof(ut.ut_id));
+#endif
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
strncpy(ut.ut_host, host, sizeof(ut.ut_host));
#endif
-#ifdef HAVE_UT_PID
+#ifdef HAVE_STRUCT_UTMP_UT_PID
ut.ut_pid = getpid();
#endif
-#ifdef HAVE_UT_TYPE
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
if(name[0])
ut.ut_type = USER_PROCESS;
else
@@ -440,7 +460,11 @@ doit(int f, struct sockaddr_in *fromp)
write(f, INSECURE_MESSAGE, strlen(INSECURE_MESSAGE));
netf = f;
+#ifdef HAVE_FORKPTY
pid = forkpty(&master, line, NULL, NULL);
+#else
+ pid = forkpty_truncate(&master, line, sizeof(line), NULL, NULL);
+#endif
if (pid < 0) {
if (errno == ENOENT)
fatal(f, "Out of ptys", 0);
@@ -482,7 +506,9 @@ doit(int f, struct sockaddr_in *fromp)
ioctl(f, FIONBIO, &on);
ioctl(master, FIONBIO, &on);
ioctl(master, TIOCPKT, &on);
+#ifdef SIGTSTP
signal(SIGTSTP, SIG_IGN);
+#endif
signal(SIGCHLD, cleanup);
setsid();
protocol(f, master);
@@ -532,7 +558,7 @@ send_oob(int fd, char c)
{
static char last_oob = 0xFF;
-#if (SunOS == 5) || defined(__hpux)
+#if (SunOS >= 50) || defined(__hpux)
/*
* PSoriasis and HP-UX always send TIOCPKT_DOSTOP at startup so we
* can avoid sending OOB data and thus not break on Linux by merging
@@ -571,12 +597,14 @@ protocol(int f, int master)
char cntl;
unsigned char oob_queue = 0;
+#ifdef SIGTTOU
/*
* Must ignore SIGTTOU, otherwise we'll stop
* when we try and set slave pty's window shape
* (our controlling tty is the master pty).
*/
signal(SIGTTOU, SIG_IGN);
+#endif
send_oob(f, TIOCPKT_WINDOW); /* indicate new rlogin */
@@ -600,12 +628,13 @@ protocol(int f, int master)
omask = &obits;
} else
FD_SET(f, &ibits);
- if (pcc >= 0)
+ if (pcc >= 0) {
if (pcc) {
FD_SET(f, &obits);
omask = &obits;
} else
FD_SET(master, &ibits);
+ }
FD_SET(master, &ebits);
if ((n = select(nfd, &ibits, omask, &ebits, 0)) < 0) {
if (errno == EINTR)
@@ -735,7 +764,7 @@ cleanup(int signo)
{
char *p = clean_ttyname (line);
- if (logout(p) == 0)
+ if (rlogind_logout(p) == 0)
logwtmp(p, "", "");
chmod(line, 0666);
chown(line, 0, 0);
diff --git a/crypto/kerberosIV/appl/bsd/rsh.c b/crypto/kerberosIV/appl/bsd/rsh.c
index 329ebf73ffe5..be2dfea9bf19 100644
--- a/crypto/kerberosIV/appl/bsd/rsh.c
+++ b/crypto/kerberosIV/appl/bsd/rsh.c
@@ -33,7 +33,7 @@
#include "bsd_locl.h"
-RCSID("$Id: rsh.c,v 1.35 1997/03/30 18:20:22 joda Exp $");
+RCSID("$Id: rsh.c,v 1.41 1999/06/17 18:49:18 assar Exp $");
CREDENTIALS cred;
Key_schedule schedule;
@@ -49,7 +49,7 @@ static void
usage(void)
{
fprintf(stderr,
- "usage: rsh [-ndKx] [-k realm] [-l login] host [command]\n");
+ "usage: rsh [-ndKx] [-k realm] [-p port] [-l login] host [command]\n");
exit(1);
}
@@ -63,11 +63,13 @@ copyargs(char **argv)
cc = 0;
for (ap = argv; *ap; ++ap)
cc += strlen(*ap) + 1;
- if (!(args = malloc(cc)))
+ args = malloc(cc);
+ if (args == NULL)
errx(1, "Out of memory.");
for (p = args, ap = argv; *ap; ++ap) {
strcpy(p, *ap);
- for (p = strcpy(p, *ap); *p; ++p);
+ while(*p)
+ ++p;
if (ap[1])
*p++ = ' ';
}
@@ -92,7 +94,7 @@ talk(int nflag, sigset_t omask, int pid, int rem)
int cc, wc;
char *bp;
fd_set readfrom, ready, rembits;
- char buf[BUFSIZ];
+ char buf[DES_RW_MAXWRITE];
if (pid == 0) {
if (nflag)
@@ -107,7 +109,7 @@ talk(int nflag, sigset_t omask, int pid, int rem)
rewrite: FD_ZERO(&rembits);
FD_SET(rem, &rembits);
- if (select(16, 0, &rembits, 0, 0) < 0) {
+ if (select(rem + 1, 0, &rembits, 0, 0) < 0) {
if (errno != EINTR)
err(1, "select");
goto rewrite;
@@ -142,7 +144,7 @@ talk(int nflag, sigset_t omask, int pid, int rem)
FD_SET(rfd2, &readfrom);
do {
ready = readfrom;
- if (select(16, &ready, 0, 0, 0) < 0) {
+ if (select(max(rem,rfd2)+1, &ready, 0, 0, 0) < 0) {
if (errno != EINTR)
err(1, "select");
continue;
@@ -184,7 +186,7 @@ int
main(int argc, char **argv)
{
struct passwd *pw;
- int sv_port;
+ int sv_port, user_port = 0;
sigset_t omask;
int argoff, ch, dflag, nflag, nfork, one, pid, rem, uid;
char *args, *host, *user, *local_user;
@@ -197,12 +199,12 @@ main(int argc, char **argv)
set_progname(argv[0]);
/* handle "rsh host flags" */
- if (!host && argc > 2 && argv[1][0] != '-') {
+ if (argc > 2 && argv[1][0] != '-') {
host = argv[1];
argoff = 1;
}
-#define OPTIONS "+8KLde:k:l:nwx"
+#define OPTIONS "+8KLde:k:l:np:wx"
while ((ch = getopt(argc - argoff, argv + argoff, OPTIONS)) != EOF)
switch(ch) {
case 'K':
@@ -221,7 +223,7 @@ main(int argc, char **argv)
break;
case 'k':
dest_realm = dst_realm_buf;
- strncpy(dest_realm, optarg, REALM_SZ);
+ strcpy_truncate(dest_realm, optarg, REALM_SZ);
break;
case 'n':
nflag = nfork = 1;
@@ -229,6 +231,15 @@ main(int argc, char **argv)
case 'x':
doencrypt = 1;
break;
+ case 'p': {
+ char *endptr;
+
+ user_port = strtol (optarg, &endptr, 0);
+ if (user_port == 0 && optarg == endptr)
+ errx (1, "Bad port `%s'", optarg);
+ user_port = htons(user_port);
+ break;
+ }
case '?':
default:
usage();
@@ -247,9 +258,6 @@ main(int argc, char **argv)
err(1, "can't exec %s", _PATH_RLOGIN);
}
- argc -= optind;
- argv += optind;
-
#ifndef __CYGWIN32__
if (!(pw = k_getpwuid(uid = getuid())))
errx(1, "unknown user id.");
@@ -266,12 +274,15 @@ main(int argc, char **argv)
if (doencrypt)
nfork = 0;
- args = copyargs(argv);
+ args = copyargs(argv+optind);
- sv_port=get_shell_port(use_kerberos, doencrypt);
+ if (user_port)
+ sv_port = user_port;
+ else
+ sv_port = get_shell_port(use_kerberos, doencrypt);
-try_connect:
if (use_kerberos) {
+ setuid(getuid());
rem = KSUCCESS;
errno = 0;
if (dest_realm == NULL)
@@ -284,13 +295,27 @@ try_connect:
rem = krcmd(&host, sv_port, user, args, &rfd2,
dest_realm);
if (rem < 0) {
+ int i = 0;
+ char **newargv;
+
if (errno == ECONNREFUSED)
warning("remote host doesn't support Kerberos");
if (errno == ENOENT)
warning("can't provide Kerberos auth data");
- use_kerberos = 0;
- sv_port=get_shell_port(use_kerberos, doencrypt);
- goto try_connect;
+ newargv = malloc((argc + 2) * sizeof(*newargv));
+ if (newargv == NULL)
+ err(1, "malloc");
+ newargv[i] = argv[i];
+ ++i;
+ if (argv[i][0] != '-') {
+ newargv[i] = argv[i];
+ ++i;
+ }
+ newargv[i++] = "-K";
+ for(; i <= argc; ++i)
+ newargv[i] = argv[i - 1];
+ newargv[argc + 1] = NULL;
+ execv(_PATH_RSH, newargv);
}
} else {
if (doencrypt)
diff --git a/crypto/kerberosIV/appl/bsd/rshd.c b/crypto/kerberosIV/appl/bsd/rshd.c
index 75ca1df454ba..1a30793b6091 100644
--- a/crypto/kerberosIV/appl/bsd/rshd.c
+++ b/crypto/kerberosIV/appl/bsd/rshd.c
@@ -42,7 +42,7 @@
#include "bsd_locl.h"
-RCSID("$Id: rshd.c,v 1.51 1997/05/13 09:42:39 bg Exp $");
+RCSID("$Id: rshd.c,v 1.58 1999/06/17 18:49:43 assar Exp $");
extern char *__rcmd_errstr; /* syslog hook from libc/net/rcmd.c. */
extern int __check_rhosts_file;
@@ -197,7 +197,7 @@ doit(struct sockaddr_in *fromp)
int one = 1;
const char *errorhost = "";
char *errorstr;
- char *cp, sig, buf[BUFSIZ];
+ char *cp, sig, buf[DES_RW_MAXWRITE];
char cmdbuf[NCARGS+1], locuser[16], remuser[16];
char remotehost[2 * MaxHostNameLen + 1];
@@ -279,7 +279,7 @@ doit(struct sockaddr_in *fromp)
}
if (vacuous) {
- error("rshd: remote host requires Kerberos authentication\n");
+ error("rshd: Remote host requires Kerberos authentication.\n");
exit(1);
}
@@ -298,7 +298,7 @@ doit(struct sockaddr_in *fromp)
if (getsockname(0, (struct sockaddr *)&local_addr,
&rc) < 0) {
syslog(LOG_ERR, "getsockname: %m");
- error("rlogind: getsockname: %m");
+ error("rshd: getsockname: %m");
exit(1);
}
authopts = KOPT_DO_MUTUAL;
@@ -369,9 +369,9 @@ doit(struct sockaddr_in *fromp)
} else
if (errorstr ||
- pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
+ (pwd->pw_passwd != 0 && *pwd->pw_passwd != '\0' &&
iruserok(fromp->sin_addr.s_addr, pwd->pw_uid == 0,
- remuser, locuser) < 0) {
+ remuser, locuser) < 0)) {
if (__rcmd_errstr)
syslog(LOG_INFO|LOG_AUTH,
"%s@%s as %s: permission denied (%s). cmd='%.80s'",
@@ -560,19 +560,18 @@ doit(struct sockaddr_in *fromp)
if (setpcred (pwd->pw_name, NULL) == -1)
syslog(LOG_ERR, "setpcred() failure: %m");
#endif /* HAVE_SETPCRED */
+ if(do_osfc2_magic(pwd->pw_uid))
+ exit(1);
setgid((gid_t)pwd->pw_gid);
initgroups(pwd->pw_name, pwd->pw_gid);
setuid((uid_t)pwd->pw_uid);
- strncat(homedir, pwd->pw_dir, sizeof(homedir)-6);
+ strcat_truncate(homedir, pwd->pw_dir, sizeof(homedir));
- /* Need to extend path to find rcp */
- strncat(path, BINDIR, sizeof(path)-1);
- strncat(path, ":", sizeof(path)-1);
- strncat(path, _PATH_DEFPATH, sizeof(path)-1);
- path[sizeof(path)-1] = '\0';
+ /* Need to prepend path with BINDIR (/usr/athena/bin) to find rcp */
+ snprintf(path, sizeof(path), "PATH=%s:%s", BINDIR, _PATH_DEFPATH);
- strncat(shell, pwd->pw_shell, sizeof(shell)-7);
- strncat(username, pwd->pw_name, sizeof(username)-6);
+ strcat_truncate(shell, pwd->pw_shell, sizeof(shell));
+ strcat_truncate(username, pwd->pw_name, sizeof(username));
cp = strrchr(pwd->pw_shell, '/');
if (cp)
cp++;
@@ -594,7 +593,7 @@ doit(struct sockaddr_in *fromp)
if (k_hasafs()) {
if (new_pag)
k_setpag(); /* Put users process in an new pag */
- k_afsklog(0, 0);
+ krb_afslog(0, 0);
}
execle(pwd->pw_shell, cp, "-c", cmdbuf, 0, envinit);
err(1, pwd->pw_shell);
@@ -620,8 +619,8 @@ error(const char *fmt, ...)
len = 1;
} else
len = 0;
- len = vsnprintf (bp, sizeof(buf) - len, fmt, ap);
- write (STDERR_FILENO, buf, len);
+ len += vsnprintf(bp, sizeof(buf) - len, fmt, ap);
+ write(STDERR_FILENO, buf, len);
va_end(ap);
}
diff --git a/crypto/kerberosIV/appl/bsd/su.c b/crypto/kerberosIV/appl/bsd/su.c
index 8c610e1d3036..d0da21d95a0d 100644
--- a/crypto/kerberosIV/appl/bsd/su.c
+++ b/crypto/kerberosIV/appl/bsd/su.c
@@ -33,7 +33,7 @@
#include "bsd_locl.h"
-RCSID ("$Id: su.c,v 1.59 1997/05/26 17:45:54 bg Exp $");
+RCSID ("$Id: su.c,v 1.66 1999/03/11 13:57:58 joda Exp $");
#ifdef SYSV_SHADOW
#include "sysv_shadow.h"
@@ -112,7 +112,7 @@ main (int argc, char **argv)
if (errno)
prio = 0;
setpriority (PRIO_PROCESS, 0, -2);
- openlog ("su", LOG_CONS, 0);
+ openlog ("su", LOG_CONS, LOG_AUTH);
/* get current login name and shell */
ruid = getuid ();
@@ -123,13 +123,17 @@ main (int argc, char **argv)
if (pwd == NULL)
errx (1, "who are you?");
username = strdup (pwd->pw_name);
- if (asme)
- if (pwd->pw_shell && *pwd->pw_shell)
- shell = strcpy (shellbuf, pwd->pw_shell);
- else {
+ if (username == NULL)
+ errx (1, "strdup: out of memory");
+ if (asme) {
+ if (pwd->pw_shell && *pwd->pw_shell) {
+ strcpy_truncate (shellbuf, pwd->pw_shell, sizeof(shellbuf));
+ shell = shellbuf;
+ } else {
shell = _PATH_BSHELL;
iscsh = NO;
}
+ }
/* get target login information, default to root */
user = *argv ? *argv : "root";
@@ -229,6 +233,8 @@ main (int argc, char **argv)
char *t = getenv ("TERM");
environ = malloc (10 * sizeof (char *));
+ if (environ == NULL)
+ err (1, "malloc");
environ[0] = NULL;
setenv ("PATH", _PATH_DEFPATH, 1);
if (t)
@@ -250,13 +256,13 @@ main (int argc, char **argv)
*np-- = "-m";
}
if (asthem) {
- avshellbuf[0] = '-';
- strcpy (avshellbuf + 1, avshell);
+ snprintf (avshellbuf, sizeof(avshellbuf),
+ "-%s", avshell);
avshell = avshellbuf;
} else if (iscsh == YES) {
/* csh strips the first character... */
- avshellbuf[0] = '_';
- strcpy (avshellbuf + 1, avshell);
+ snprintf (avshellbuf, sizeof(avshellbuf),
+ "_%s", avshell);
avshell = avshellbuf;
}
*np = avshell;
@@ -272,7 +278,7 @@ main (int argc, char **argv)
if (k_setpag () != 0)
warn ("setpag");
- code = k_afsklog (0, 0);
+ code = krb_afslog (0, 0);
if (code != KSUCCESS && code != KDC_PR_UNKNOWN)
warnx ("afsklog: %s", krb_get_err_text (code));
}
@@ -334,6 +340,15 @@ kerberos (char *username, char *user, int uid)
setenv ("KRBTKFILE", krbtkfile, 1);
krb_set_tkt_string (krbtkfile);
/*
+ * Set real as well as effective ID to 0 for the moment,
+ * to make the kerberos library do the right thing.
+ */
+ if (setuid(0) < 0) {
+ warn("setuid");
+ return (1);
+ }
+
+ /*
* Little trick here -- if we are su'ing to root, we need to get a ticket
* for "xxx.root", where xxx represents the name of the person su'ing.
* Otherwise (non-root case), we need to get a ticket for "yyy.", where
@@ -388,13 +403,12 @@ kerberos (char *username, char *user, int uid)
}
setpriority (PRIO_PROCESS, 0, -2);
- if (k_gethostname (hostname, sizeof (hostname)) == -1) {
+ if (gethostname (hostname, sizeof (hostname)) == -1) {
warn ("gethostname");
dest_tkt ();
return (1);
}
- strncpy (savehost, krb_get_phost (hostname), sizeof (savehost));
- savehost[sizeof (savehost) - 1] = '\0';
+ strcpy_truncate (savehost, krb_get_phost (hostname), sizeof (savehost));
kerno = krb_mk_req (&ticket, "rcmd", savehost, lrealm, 33);
diff --git a/crypto/kerberosIV/appl/bsd/sysv_default.c b/crypto/kerberosIV/appl/bsd/sysv_default.c
index cb36b849454f..e6b28a7280c7 100644
--- a/crypto/kerberosIV/appl/bsd/sysv_default.c
+++ b/crypto/kerberosIV/appl/bsd/sysv_default.c
@@ -2,7 +2,7 @@
#include "bsd_locl.h"
-RCSID("$Id: sysv_default.c,v 1.9 1997/03/31 01:47:59 assar Exp $");
+RCSID("$Id: sysv_default.c,v 1.11 1999/03/13 21:15:24 assar Exp $");
#include "sysv_default.h"
@@ -21,7 +21,7 @@ char *default_hz = 0;
char *default_path = _PATH_DEFPATH;
char *default_supath = _PATH_DEFSUPATH;
char *default_ulimit = 0;
-char *default_timeout = "60";
+char *default_timeout = "180";
char *default_umask = default_umask_value;
char *default_sleep = "4";
char *default_maxtrys = "5";
@@ -48,7 +48,7 @@ static struct sysv_default {
#define trim(s) { \
char *cp = s + strlen(s); \
- while (cp > s && isspace(cp[-1])) \
+ while (cp > s && isspace((unsigned char)cp[-1])) \
cp--; \
*cp = 0; \
}
diff --git a/crypto/kerberosIV/appl/bsd/sysv_environ.c b/crypto/kerberosIV/appl/bsd/sysv_environ.c
index f5e782d0da38..3df800eb1333 100644
--- a/crypto/kerberosIV/appl/bsd/sysv_environ.c
+++ b/crypto/kerberosIV/appl/bsd/sysv_environ.c
@@ -2,7 +2,7 @@
#include "bsd_locl.h"
-RCSID("$Id: sysv_environ.c,v 1.21 1997/05/14 17:34:15 joda Exp $");
+RCSID("$Id: sysv_environ.c,v 1.23 1997/12/14 23:50:44 assar Exp $");
#ifdef HAVE_ULIMIT_H
#include <ulimit.h>
@@ -86,7 +86,6 @@ void sysv_newenv(int argc, char **argv, struct passwd *pwd,
char *term, int pflag)
{
unsigned umask_val;
- long limit_val;
char buf[BUFSIZ];
int count = 0;
struct censored *cp;
@@ -153,7 +152,7 @@ void sysv_newenv(int argc, char **argv, struct passwd *pwd,
char *sep = "/";
if(KRB4_MAILDIR[strlen(KRB4_MAILDIR) - 1] == '/')
sep = "";
- k_concat(buf, sizeof(buf), KRB4_MAILDIR, sep, pwd->pw_name, NULL);
+ roken_concat(buf, sizeof(buf), KRB4_MAILDIR, sep, pwd->pw_name, NULL);
}
setenv("MAIL", buf, 1);
setenv("LOGNAME", pwd->pw_name, 1);
@@ -182,6 +181,8 @@ void sysv_newenv(int argc, char **argv, struct passwd *pwd,
}
#ifdef HAVE_ULIMIT
if (default_ulimit) {
+ long limit_val;
+
if (sscanf(default_ulimit, "%ld", &limit_val) == 1 && limit_val)
if (ulimit(UL_SETFSIZE, limit_val) < 0)
warn ("ulimit(UL_SETFSIZE, %ld)", limit_val);
diff --git a/crypto/kerberosIV/appl/bsd/sysv_shadow.c b/crypto/kerberosIV/appl/bsd/sysv_shadow.c
index 68394414129c..99794bd774e6 100644
--- a/crypto/kerberosIV/appl/bsd/sysv_shadow.c
+++ b/crypto/kerberosIV/appl/bsd/sysv_shadow.c
@@ -2,7 +2,7 @@
#include "bsd_locl.h"
-RCSID("$Id: sysv_shadow.c,v 1.7 1997/03/23 04:56:05 assar Exp $");
+RCSID("$Id: sysv_shadow.c,v 1.8 1997/12/29 19:56:07 bg Exp $");
#ifdef SYSV_SHADOW
@@ -16,7 +16,7 @@ sysv_expire(struct spwd *spwd)
long today;
tzset();
- today = time(0);
+ today = time(0)/(60*60*24); /* In days since Jan. 1, 1970 */
if (spwd->sp_expire > 0) {
if (today > spwd->sp_expire) {
diff --git a/crypto/kerberosIV/appl/bsd/sysv_shadow.h b/crypto/kerberosIV/appl/bsd/sysv_shadow.h
index 4f07b49a0d23..339035b68229 100644
--- a/crypto/kerberosIV/appl/bsd/sysv_shadow.h
+++ b/crypto/kerberosIV/appl/bsd/sysv_shadow.h
@@ -1,5 +1,5 @@
-/* $Id: sysv_shadow.h,v 1.6 1997/03/23 04:55:51 assar Exp $ */
+/* $Id: sysv_shadow.h,v 1.7 1999/03/13 21:15:43 assar Exp $ */
#include <shadow.h>
-extern sysv_expire(struct spwd *);
+int sysv_expire(struct spwd *);
diff --git a/crypto/kerberosIV/appl/bsd/utmp_login.c b/crypto/kerberosIV/appl/bsd/utmp_login.c
index da3f96a99047..8c1a2d379b9a 100644
--- a/crypto/kerberosIV/appl/bsd/utmp_login.c
+++ b/crypto/kerberosIV/appl/bsd/utmp_login.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -38,8 +38,9 @@
#include "bsd_locl.h"
-RCSID("$Id: utmp_login.c,v 1.13 1997/05/20 13:46:21 assar Exp $");
+RCSID("$Id: utmp_login.c,v 1.15 1999/03/29 17:57:16 joda Exp $");
+#ifdef HAVE_UTMP_H
void
prepare_utmp (struct utmp *utmp, char *tty, char *username, char *hostname)
{
@@ -50,11 +51,11 @@ prepare_utmp (struct utmp *utmp, char *tty, char *username, char *hostname)
strncpy(utmp->ut_line, ttyx, sizeof(utmp->ut_line));
strncpy(utmp->ut_name, username, sizeof(utmp->ut_name));
-# ifdef HAVE_UT_USER
+# ifdef HAVE_STRUCT_UTMP_UT_USER
strncpy(utmp->ut_user, username, sizeof(utmp->ut_user));
# endif
-# ifdef HAVE_UT_ADDR
+# ifdef HAVE_STRUCT_UTMP_UT_ADDR
if (hostname[0]) {
struct hostent *he;
if ((he = gethostbyname(hostname)))
@@ -63,22 +64,23 @@ prepare_utmp (struct utmp *utmp, char *tty, char *username, char *hostname)
}
# endif
-# ifdef HAVE_UT_HOST
+# ifdef HAVE_STRUCT_UTMP_UT_HOST
strncpy(utmp->ut_host, hostname, sizeof(utmp->ut_host));
# endif
-# ifdef HAVE_UT_TYPE
+# ifdef HAVE_STRUCT_UTMP_UT_TYPE
utmp->ut_type = USER_PROCESS;
# endif
-# ifdef HAVE_UT_PID
+# ifdef HAVE_STRUCT_UTMP_UT_PID
utmp->ut_pid = getpid();
# endif
-# ifdef HAVE_UT_ID
+# ifdef HAVE_STRUCT_UTMP_UT_ID
strncpy(utmp->ut_id, make_id(ttyx), sizeof(utmp->ut_id));
# endif
}
+#endif
#ifdef HAVE_UTMPX_H
void utmp_login(char *tty, char *username, char *hostname) { return; }
diff --git a/crypto/kerberosIV/appl/bsd/utmpx_login.c b/crypto/kerberosIV/appl/bsd/utmpx_login.c
index 005eca56b30b..acc6a15400ca 100644
--- a/crypto/kerberosIV/appl/bsd/utmpx_login.c
+++ b/crypto/kerberosIV/appl/bsd/utmpx_login.c
@@ -2,7 +2,7 @@
#include "bsd_locl.h"
-RCSID("$Id: utmpx_login.c,v 1.20 1997/06/01 03:13:15 assar Exp $");
+RCSID("$Id: utmpx_login.c,v 1.21 1999/03/29 17:57:31 joda Exp $");
/* utmpx_login - update utmp and wtmp after login */
@@ -17,12 +17,12 @@ utmpx_update(struct utmpx *ut, char *line, char *user, char *host)
char *clean_tty = clean_ttyname(line);
strncpy(ut->ut_line, clean_tty, sizeof(ut->ut_line));
-#ifdef HAVE_UT_ID
+#ifdef HAVE_STRUCT_UTMPX_UT_ID
strncpy(ut->ut_id, make_id(clean_tty), sizeof(ut->ut_id));
#endif
strncpy(ut->ut_user, user, sizeof(ut->ut_user));
strncpy(ut->ut_host, host, sizeof(ut->ut_host));
-#ifdef HAVE_UT_SYSLEN
+#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN
ut->ut_syslen = strlen(host) + 1;
if (ut->ut_syslen > sizeof(ut->ut_host))
ut->ut_syslen = sizeof(ut->ut_host);
diff --git a/crypto/kerberosIV/appl/ftp/ChangeLog b/crypto/kerberosIV/appl/ftp/ChangeLog
new file mode 100644
index 000000000000..422f4a501d54
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ChangeLog
@@ -0,0 +1,196 @@
+1999-08-18 Assar Westerlund <assar@sics.se>
+
+ * ftp/cmds.c (getit): be more suspicious when parsing the result
+ of MDTM. Do the comparison of timestamps correctly.
+
+1999-06-15 Assar Westerlund <assar@sics.se>
+
+ * ftp/krb4.c (krb4_auth): type correctness
+
+1999-06-02 Johan Danielsson <joda@pdc.kth.se>
+
+ * ftp/ftp.c (sendrequest): lmode != rmode
+
+1999-05-21 Assar Westerlund <assar@sics.se>
+
+ * ftp/extern.h (sendrequest): update prototype
+
+ * ftp/cmds.c: update calls to sendrequest and recvrequest to send
+ "b" when appropriate
+
+ * ftp/ftp.c (sendrequest): add argument for mode to open file in.
+
+1999-05-08 Assar Westerlund <assar@sics.se>
+
+ * ftpd/ftpcmd.y: rename getline -> ftpd_getline
+
+ * ftp/main.c (makeargv): fill in unused slots with NULL
+
+Thu Apr 8 15:06:40 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftpd/ftpd.c: remove definition of KRB_VERIFY_USER (moved to
+ config.h)
+
+Wed Apr 7 16:15:21 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftp/gssapi.c (gss_auth): call gss_display_status to get a sane
+ error message; return AUTH_{CONTINUE,ERROR}, where appropriate
+
+ * ftp/krb4.c: return AUTH_{CONTINUE,ERROR}, where appropriate
+
+ * ftp/security.c (sec_login): if mechanism returns AUTH_CONTINUE,
+ just continue with the next mechanism, this fixes the case of
+ having GSSAPI fail because of non-existant of expired tickets
+
+ * ftp/security.h: add AUTH_{OK,CONTINUE,ERROR}
+
+Thu Apr 1 16:59:04 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftpd/Makefile.am: don't run check-local
+
+ * ftp/Makefile.am: don't run check-local
+
+Mon Mar 22 22:15:18 1999 Assar Westerlund <assar@sics.se>
+
+ * ftpd/ftpd.c (pass): fall-back for KRB_VERIFY_SECURE
+
+ * ftpd/ftpd.c (pass): 1 -> KRB_VERIFY_SECURE
+
+Thu Mar 18 12:07:09 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftpd/Makefile.am: clean ftpcmd.c
+
+ * ftpd/ftpd_locl.h: remove krb5.h (breaks in ftpcmd.y)
+
+ * ftpd/ftpd.c: move include of krb5.h here
+
+ * ftpd/Makefile.am: include Makefile.am.common
+
+ * Makefile.am: include Makefile.am.common
+
+ * ftp/Makefile.am: include Makefile.am.common
+
+ * common/Makefile.am: include Makefile.am.common
+
+Tue Mar 16 22:28:37 1999 Assar Westerlund <assar@sics.se>
+
+ * ftpd/ftpd_locl.h: add krb5.h to get heimdal_version
+
+ * ftpd/ftpd.c: krb_verify_user_multiple -> krb_verify_user
+
+Thu Mar 11 14:54:59 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftp/Makefile.in: WFLAGS
+
+ * ftp/ruserpass.c: add some if-braces
+
+Wed Mar 10 20:02:55 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftpd/ftpd_locl.h: remove ifdef HAVE_FNMATCH
+
+Mon Mar 8 21:29:24 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftpd/ftpd.c: re-add version in greeting message
+
+Mon Mar 1 10:49:38 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftpd/logwtmp.c: HAVE_UT_* -> HAVE_STRUCT_UTMP*_UT_*
+
+Mon Feb 22 19:20:51 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * common/Makefile.in: remove glob
+
+Sat Feb 13 17:19:35 1999 Assar Westerlund <assar@sics.se>
+
+ * ftpd/ftpd.c (match): remove #ifdef HAVE_FNMATCH. We have a
+ fnmatch implementation in roken and therefore always have it.
+
+ * ftp/ftp.c (copy_stream): initialize `werr'
+
+Wed Jan 13 23:52:57 1999 Assar Westerlund <assar@sics.se>
+
+ * ftpd/ftpcmd.y: moved all check_login and check_login_no_guest to
+ the end of the rules to ensure we don't generate several
+ (independent) error messages. once again, having a yacc-grammar
+ for FTP with embedded actions doesn't strike me as the most
+ optimal way of doing it.
+
+Tue Dec 1 14:44:29 1998 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * ftpd/Makefile.am: link with extra libs for aix
+
+Sun Nov 22 10:28:20 1998 Assar Westerlund <assar@sics.se>
+
+ * ftpd/ftpd.c (retrying): support on-the-fly decompression
+
+ * ftpd/Makefile.in (WFLAGS): set
+
+ * ftp/ruserpass.c (guess_domain): new function
+ (ruserpass): use it
+
+ * common/Makefile.in (WFLAGS): set
+
+ * Makefile.in (WFLAGS): set
+
+Sat Nov 21 23:13:03 1998 Assar Westerlund <assar@sics.se>
+
+ * ftp/security.c: some more type correctness.
+
+ * ftp/gssapi.c (gss_adat): more braces to shut up warnings
+
+Wed Nov 18 21:47:55 1998 Assar Westerlund <assar@sics.se>
+
+ * ftp/main.c (main): new option `-p' for enable passive mode.
+
+Mon Nov 2 01:57:49 1998 Assar Westerlund <assar@sics.se>
+
+ * ftp/ftp.c (getreply): remove extra `break'
+
+ * ftp/gssapi.c (gss_auth): fixo typo(copyo?)
+
+ * ftp/security.c (sec_login): fix loop and return value
+
+Tue Sep 1 16:56:42 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * ftp/cmds.c (quote1): fix % quoting bug
+
+Fri Aug 14 17:10:06 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * ftp/krb4.c: krb_put_int -> KRB_PUT_INT
+
+Tue Jun 30 18:07:15 1998 Assar Westerlund <assar@sics.se>
+
+ * ftp/security.c (auth): free `app_data'
+ (sec_end): only destroy if it was initialized
+
+Tue Jun 9 21:01:59 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * ftp/krb4.c: pass client address to krb_rd_req
+
+Sat May 16 00:02:07 1998 Assar Westerlund <assar@sics.se>
+
+ * ftpd/Makefile.am: link with DBLIB
+
+Tue May 12 14:15:32 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * ftp/gssapi.c: Save client name for userok().
+
+ * ftpd/gss_userok.c: Userok for gssapi.
+
+Fri May 1 07:15:01 1998 Assar Westerlund <assar@sics.se>
+
+ * ftp/ftp.c: unifdef -DHAVE_H_ERRNO
+
+Fri Mar 27 00:46:07 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * Make compile w/o krb4.
+
+Thu Mar 26 03:49:12 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * ftp/*, ftpd/*: Changes for new framework.
+
+ * ftp/gssapi.c: GSS-API backend for the new security framework.
+
+ * ftp/krb4.c: Updated for new framework.
+
+ * ftp/security.{c,h}: New unified security framework.
diff --git a/crypto/kerberosIV/appl/ftp/Makefile.am b/crypto/kerberosIV/appl/ftp/Makefile.am
new file mode 100644
index 000000000000..f8831a308d03
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/Makefile.am
@@ -0,0 +1,5 @@
+# $Id: Makefile.am,v 1.5 1999/03/20 13:58:14 joda Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+SUBDIRS = common ftp ftpd
diff --git a/crypto/kerberosIV/appl/ftp/Makefile.in b/crypto/kerberosIV/appl/ftp/Makefile.in
index 6d0c4207ee48..68546abfc3b0 100644
--- a/crypto/kerberosIV/appl/ftp/Makefile.in
+++ b/crypto/kerberosIV/appl/ftp/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.9 1997/03/23 13:03:54 assar Exp $
+# $Id: Makefile.in,v 1.12 1999/03/10 19:01:11 joda Exp $
srcdir = @srcdir@
top_srcdir = @top_srcdir@
@@ -11,7 +11,8 @@ SHELL = /bin/sh
CC = @CC@
RANLIB = @RANLIB@
DEFS = @DEFS@
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
INSTALL = @INSTALL@
@@ -39,3 +40,5 @@ distclean:
for i in $(SUBDIRS); \
do (cd $$i && $(MAKE) $(MFLAGS) distclean); done
rm -f Makefile *~
+
+.PHONY: all install uninstall clean cleandir distclean
diff --git a/crypto/kerberosIV/appl/ftp/common/Makefile.am b/crypto/kerberosIV/appl/ftp/common/Makefile.am
new file mode 100644
index 000000000000..2ab5801d0f35
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/common/Makefile.am
@@ -0,0 +1,12 @@
+# $Id: Makefile.am,v 1.7 1999/03/20 13:58:14 joda Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+INCLUDES += $(INCLUDE_krb4)
+
+noinst_LIBRARIES = libcommon.a
+
+libcommon_a_SOURCES = \
+ sockbuf.c \
+ buffer.c \
+ common.h
diff --git a/crypto/kerberosIV/appl/ftp/common/Makefile.in b/crypto/kerberosIV/appl/ftp/common/Makefile.in
index 9ce1aa598bd1..b00bd0a4de13 100644
--- a/crypto/kerberosIV/appl/ftp/common/Makefile.in
+++ b/crypto/kerberosIV/appl/ftp/common/Makefile.in
@@ -1,4 +1,4 @@
-# $Id: Makefile.in,v 1.17 1997/05/18 20:00:06 assar Exp $
+# $Id: Makefile.in,v 1.23 1999/03/10 19:01:11 joda Exp $
SHELL = /bin/sh
@@ -10,16 +10,17 @@ CC = @CC@
AR = ar
RANLIB = @RANLIB@
DEFS = @DEFS@
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
INSTALL = @INSTALL@
prefix = @prefix@
-SOURCES = base64.c glob.c sockbuf.c buffer.c
+SOURCES = sockbuf.c buffer.c
OBJECTS = $(libcommon_OBJS)
-libcommon_OBJS = base64.o glob.o sockbuf.o buffer.o
+libcommon_OBJS = sockbuf.o buffer.o
LIBNAME = $(LIBPREFIX)common
LIBEXT = a
@@ -29,7 +30,7 @@ LIB = $(LIBNAME).$(LIBEXT)
all: $(LIB)
.c.o:
- $(CC) -c $(CFLAGS) -I$(srcdir) -I../../../include $(DEFS) $<
+ $(CC) -c -I$(srcdir) -I../../../include $(DEFS) $(CFLAGS) $(CPPFLAGS) $<
$(LIB): $(libcommon_OBJS)
rm -f $@
@@ -50,3 +51,5 @@ distclean:
rm -f Makefile
$(OBJECTS): ../../../include/config.h
+
+.PHONY: all install uninstall clean cleandir distclean
diff --git a/crypto/kerberosIV/appl/ftp/common/buffer.c b/crypto/kerberosIV/appl/ftp/common/buffer.c
index 5b7829a5da96..97e281533571 100644
--- a/crypto/kerberosIV/appl/ftp/common/buffer.c
+++ b/crypto/kerberosIV/appl/ftp/common/buffer.c
@@ -38,9 +38,10 @@
#include "common.h"
#include <stdio.h>
+#include <err.h>
#include "roken.h"
-RCSID("$Id: buffer.c,v 1.1 1997/05/18 19:59:24 assar Exp $");
+RCSID("$Id: buffer.c,v 1.2 1997/12/14 23:51:45 assar Exp $");
/*
* Allocate a buffer enough to handle st->st_blksize, if
diff --git a/crypto/kerberosIV/appl/ftp/ftp/Makefile.am b/crypto/kerberosIV/appl/ftp/ftp/Makefile.am
new file mode 100644
index 000000000000..081465a50416
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftp/Makefile.am
@@ -0,0 +1,44 @@
+# $Id: Makefile.am,v 1.12 1999/04/09 18:22:08 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+INCLUDES += -I$(srcdir)/../common $(INCLUDE_readline) $(INCLUDE_krb4)
+
+bin_PROGRAMS = ftp
+
+CHECK_LOCAL =
+
+if KRB4
+krb4_sources = krb4.c kauth.c
+endif
+if KRB5
+krb5_sources = gssapi.c
+endif
+
+ftp_SOURCES = \
+ cmds.c \
+ cmdtab.c \
+ extern.h \
+ ftp.c \
+ ftp_locl.h \
+ ftp_var.h \
+ main.c \
+ pathnames.h \
+ ruserpass.c \
+ domacro.c \
+ globals.c \
+ security.c \
+ security.h \
+ $(krb4_sources) \
+ $(krb5_sources)
+
+EXTRA_ftp_SOURCES = krb4.c kauth.c gssapi.c
+
+LDADD = \
+ ../common/libcommon.a \
+ $(LIB_gssapi) \
+ $(LIB_krb5) \
+ $(LIB_krb4) \
+ $(top_builddir)/lib/des/libdes.la \
+ $(LIB_roken) \
+ $(LIB_readline)
diff --git a/crypto/kerberosIV/appl/ftp/ftp/Makefile.in b/crypto/kerberosIV/appl/ftp/ftp/Makefile.in
index 62bde3b17eab..637d5539f3d4 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/Makefile.in
+++ b/crypto/kerberosIV/appl/ftp/ftp/Makefile.in
@@ -1,5 +1,5 @@
#
-# $Id: Makefile.in,v 1.24 1997/03/23 13:03:55 assar Exp $
+# $Id: Makefile.in,v 1.32 1999/03/11 13:58:09 joda Exp $
#
SHELL = /bin/sh
@@ -8,13 +8,14 @@ srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
-topdir = ../../..
+top_builddir = ../../..
CC = @CC@
RANLIB = @RANLIB@
DEFS = @DEFS@
-CFLAGS = @CFLAGS@
-CPPFLAGS= @CPPFLAGS@ -I. -I$(srcdir) -I$(topdir) -I$(top_srcdir) -I$(topdir)/include -I$(top_srcdir)/include -I$(srcdir)/../common @INCLUDE_readline@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
+CPPFLAGS= @CPPFLAGS@ -I. -I$(srcdir) -I$(top_builddir) -I$(top_srcdir) -I$(top_builddir)/include -I$(top_srcdir)/include -I$(srcdir)/../common @INCLUDE_readline@
LD_FLAGS = @LD_FLAGS@
LIB_tgetent = @LIB_tgetent@
LIBS = @LIBS@ @LIB_readline@
@@ -30,17 +31,35 @@ libdir = @libdir@
transform=@program_transform_name@
EXECSUFFIX=@EXECSUFFIX@
-INCTOP = $(topdir)/include
+INCTOP = $(top_builddir)/include
-LIBTOP = $(topdir)/lib
+LIBTOP = $(top_builddir)/lib
PROGS = ftp$(EXECSUFFIX)
-ftp_OBJS = cmds.o cmdtab.o ftp.o krb4.o main.o ruserpass.o domacro.o \
- globals.o kauth.o
-
-ftp_SOURCES = cmds.c cmdtab.c ftp.c krb4.c main.c ruserpass.c \
- domacro.c globals.c kauth.c
+ftp_SOURCES = \
+ cmds.c \
+ cmdtab.c \
+ domacro.c \
+ ftp.c \
+ globals.c \
+ kauth.c \
+ krb4.c \
+ main.c \
+ ruserpass.c \
+ security.c
+
+ftp_OBJS = \
+ cmds.o \
+ cmdtab.o \
+ domacro.o \
+ ftp.o \
+ globals.o \
+ kauth.o \
+ krb4.o \
+ main.o \
+ ruserpass.o \
+ security.o
OBJECTS = $(ftp_OBJS)
SOURCES = $(ftp_SOURCES)
@@ -48,29 +67,36 @@ SOURCES = $(ftp_SOURCES)
all: $(PROGS)
.c.o:
- $(CC) -c $(CFLAGS) $(CPPFLAGS) $(DEFS) $<
+ $(CC) -c -I$(srcdir) -I../../../include $(DEFS) $(CFLAGS) $(CPPFLAGS) $<
install: all
- $(MKINSTALLDIRS) $(bindir)
+ $(MKINSTALLDIRS) $(DESTDIR)$(bindir)
for x in $(PROGS); do \
- $(INSTALL_PROGRAM) $$x $(bindir)/`echo $$x | sed '$(transform)'`; \
+ $(INSTALL_PROGRAM) $$x $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \
done
uninstall:
for x in $(PROGS); do \
- rm -f $(bindir)/`echo $$x | sed '$(transform)'`; \
+ rm -f $(DESTDIR)$(bindir)/`echo $$x | sed '$(transform)'`; \
done
-ftp$(EXECSUFFIX): $(ftp_OBJS) # ../common/libcommon.a
+ftp$(EXECSUFFIX): $(ftp_OBJS)
$(CC) $(LD_FLAGS) $(LDFLAGS) -o $@ $(ftp_OBJS) -L../common -lcommon -L$(LIBTOP)/krb -lkrb -L$(LIBTOP)/des -ldes -L$(LIBTOP)/roken -lroken $(LIBS) -L$(LIBTOP)/roken -lroken
-TAGS: $(SOURCES)
+TAGS: $(SOURCES)
etags $(SOURCES)
-clean cleandir:
- rm -f *~ *.o core ftp \#*
+clean:
+ rm -f *~ *.o core ftp$(EXECSUFFIX) \#*
+
+mostlyclean: clean
-distclean:
+distclean: clean
rm -f Makefile
+realclean: distclean
+ rm -f TAGS
+
$(OBJECTS): ../../../include/config.h
+
+.PHONY: all install uninstall clean cleandir distclean
diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmds.c b/crypto/kerberosIV/appl/ftp/ftp/cmds.c
index 5e1980b703e1..1571fc8e0841 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/cmds.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/cmds.c
@@ -36,7 +36,7 @@
*/
#include "ftp_locl.h"
-RCSID("$Id: cmds.c,v 1.23 1997/06/01 22:52:37 assar Exp $");
+RCSID("$Id: cmds.c,v 1.34.2.1 1999/08/18 18:19:44 assar Exp $");
typedef void (*sighand)(int);
@@ -119,12 +119,17 @@ setpeer(int argc, char **argv)
/*
* Set up defaults for FTP.
*/
- strcpy(typename, "ascii"), type = TYPE_A;
+ strcpy_truncate(typename, "ascii", sizeof(typename));
+ type = TYPE_A;
curtype = TYPE_A;
- strcpy(formname, "non-print"), form = FORM_N;
- strcpy(modename, "stream"), mode = MODE_S;
- strcpy(structname, "file"), stru = STRU_F;
- strcpy(bytename, "8"), bytesize = 8;
+ strcpy_truncate(formname, "non-print", sizeof(formname));
+ form = FORM_N;
+ strcpy_truncate(modename, "stream", sizeof(modename));
+ mode = MODE_S;
+ strcpy_truncate(structname, "file", sizeof(structname));
+ stru = STRU_F;
+ strcpy_truncate(bytename, "8", sizeof(bytename));
+ bytesize = 8;
if (autologin)
login(argv[1]);
@@ -165,7 +170,7 @@ setpeer(int argc, char **argv)
* for text files unless changed by the user.
*/
type = 0;
- strcpy(typename, "binary");
+ strcpy_truncate(typename, "binary", sizeof(typename));
if (overbose)
printf("Using %s mode to transfer files.\n",
typename);
@@ -238,7 +243,7 @@ settype(int argc, char **argv)
else
comret = command("TYPE %s", p->t_mode);
if (comret == COMPLETE) {
- strcpy(typename, p->t_name);
+ strcpy_truncate(typename, p->t_name, sizeof(typename));
curtype = type = p->t_type;
}
}
@@ -398,7 +403,8 @@ usage:
argv[2] = domap(argv[2]);
}
sendrequest(cmd, argv[1], argv[2],
- argv[1] != oldargv1 || argv[2] != oldargv2);
+ curtype == TYPE_I ? "rb" : "r",
+ argv[1] != oldargv1 || argv[2] != oldargv2);
}
/* ARGSUSED */
@@ -428,133 +434,150 @@ mabort(int signo)
void
mput(int argc, char **argv)
{
- int i;
- RETSIGTYPE (*oldintr)();
- int ointer;
- char *tp;
+ int i;
+ RETSIGTYPE (*oldintr)();
+ int ointer;
+ char *tp;
- if (argc < 2 && !another(&argc, &argv, "local-files")) {
- printf("usage: %s local-files\n", argv[0]);
- code = -1;
- return;
- }
- mname = argv[0];
- mflag = 1;
- oldintr = signal(SIGINT, mabort);
- setjmp(jabort);
- if (proxy) {
- char *cp, *tp2, tmpbuf[MaxPathLen];
+ if (argc < 2 && !another(&argc, &argv, "local-files")) {
+ printf("usage: %s local-files\n", argv[0]);
+ code = -1;
+ return;
+ }
+ mname = argv[0];
+ mflag = 1;
+ oldintr = signal(SIGINT, mabort);
+ setjmp(jabort);
+ if (proxy) {
+ char *cp, *tp2, tmpbuf[MaxPathLen];
- while ((cp = remglob(argv,0)) != NULL) {
- if (*cp == 0) {
- mflag = 0;
- continue;
- }
- if (mflag && confirm(argv[0], cp)) {
- tp = cp;
- if (mcase) {
- while (*tp && !islower(*tp)) {
- tp++;
- }
- if (!*tp) {
- tp = cp;
- tp2 = tmpbuf;
- while ((*tp2 = *tp) != '\0') {
- if (isupper(*tp2)) {
- *tp2 = 'a' + *tp2 - 'A';
- }
- tp++;
- tp2++;
- }
- }
- tp = tmpbuf;
- }
- if (ntflag) {
- tp = dotrans(tp);
- }
- if (mapflag) {
- tp = domap(tp);
- }
- sendrequest((sunique) ? "STOU" : "STOR",
- cp, tp, cp != tp || !interactive);
- if (!mflag && fromatty) {
- ointer = interactive;
- interactive = 1;
- if (confirm("Continue with","mput")) {
- mflag++;
- }
- interactive = ointer;
- }
- }
- }
- signal(SIGINT, oldintr);
+ while ((cp = remglob(argv,0)) != NULL) {
+ if (*cp == 0) {
mflag = 0;
- return;
- }
- for (i = 1; i < argc; i++) {
- char **cpp;
- glob_t gl;
- int flags;
-
- if (!doglob) {
- if (mflag && confirm(argv[0], argv[i])) {
- tp = (ntflag) ? dotrans(argv[i]) : argv[i];
- tp = (mapflag) ? domap(tp) : tp;
- sendrequest((sunique) ? "STOU" : "STOR",
- argv[i], tp, tp != argv[i] || !interactive);
- if (!mflag && fromatty) {
- ointer = interactive;
- interactive = 1;
- if (confirm("Continue with","mput")) {
- mflag++;
- }
- interactive = ointer;
- }
+ continue;
+ }
+ if (mflag && confirm(argv[0], cp)) {
+ tp = cp;
+ if (mcase) {
+ while (*tp && !islower(*tp)) {
+ tp++;
+ }
+ if (!*tp) {
+ tp = cp;
+ tp2 = tmpbuf;
+ while ((*tp2 = *tp) != '\0') {
+ if (isupper(*tp2)) {
+ *tp2 = 'a' + *tp2 - 'A';
+ }
+ tp++;
+ tp2++;
}
- continue;
+ }
+ tp = tmpbuf;
}
-
- memset(&gl, 0, sizeof(gl));
- flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
- if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) {
- warnx("%s: not found", argv[i]);
- globfree(&gl);
- continue;
+ if (ntflag) {
+ tp = dotrans(tp);
}
- for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) {
- if (mflag && confirm(argv[0], *cpp)) {
- tp = (ntflag) ? dotrans(*cpp) : *cpp;
- tp = (mapflag) ? domap(tp) : tp;
- sendrequest((sunique) ? "STOU" : "STOR",
- *cpp, tp, *cpp != tp || !interactive);
- if (!mflag && fromatty) {
- ointer = interactive;
- interactive = 1;
- if (confirm("Continue with","mput")) {
- mflag++;
- }
- interactive = ointer;
- }
- }
+ if (mapflag) {
+ tp = domap(tp);
}
- globfree(&gl);
+ sendrequest((sunique) ? "STOU" : "STOR",
+ cp, tp,
+ curtype == TYPE_I ? "rb" : "r",
+ cp != tp || !interactive);
+ if (!mflag && fromatty) {
+ ointer = interactive;
+ interactive = 1;
+ if (confirm("Continue with","mput")) {
+ mflag++;
+ }
+ interactive = ointer;
+ }
+ }
}
signal(SIGINT, oldintr);
mflag = 0;
+ return;
+ }
+ for (i = 1; i < argc; i++) {
+ char **cpp;
+ glob_t gl;
+ int flags;
+
+ if (!doglob) {
+ if (mflag && confirm(argv[0], argv[i])) {
+ tp = (ntflag) ? dotrans(argv[i]) : argv[i];
+ tp = (mapflag) ? domap(tp) : tp;
+ sendrequest((sunique) ? "STOU" : "STOR",
+ argv[i],
+ curtype == TYPE_I ? "rb" : "r",
+ tp, tp != argv[i] || !interactive);
+ if (!mflag && fromatty) {
+ ointer = interactive;
+ interactive = 1;
+ if (confirm("Continue with","mput")) {
+ mflag++;
+ }
+ interactive = ointer;
+ }
+ }
+ continue;
+ }
+
+ memset(&gl, 0, sizeof(gl));
+ flags = GLOB_BRACE|GLOB_NOCHECK|GLOB_QUOTE|GLOB_TILDE;
+ if (glob(argv[i], flags, NULL, &gl) || gl.gl_pathc == 0) {
+ warnx("%s: not found", argv[i]);
+ globfree(&gl);
+ continue;
+ }
+ for (cpp = gl.gl_pathv; cpp && *cpp != NULL; cpp++) {
+ if (mflag && confirm(argv[0], *cpp)) {
+ tp = (ntflag) ? dotrans(*cpp) : *cpp;
+ tp = (mapflag) ? domap(tp) : tp;
+ sendrequest((sunique) ? "STOU" : "STOR",
+ *cpp, tp,
+ curtype == TYPE_I ? "rb" : "r",
+ *cpp != tp || !interactive);
+ if (!mflag && fromatty) {
+ ointer = interactive;
+ interactive = 1;
+ if (confirm("Continue with","mput")) {
+ mflag++;
+ }
+ interactive = ointer;
+ }
+ }
+ }
+ globfree(&gl);
+ }
+ signal(SIGINT, oldintr);
+ mflag = 0;
}
void
reget(int argc, char **argv)
{
-
- getit(argc, argv, 1, "r+w");
+ getit(argc, argv, 1, curtype == TYPE_I ? "r+wb" : "r+w");
}
void
get(int argc, char **argv)
{
+ char *mode;
- getit(argc, argv, 0, restart_point ? "r+w" : "w" );
+ if (restart_point)
+ if (curtype == TYPE_I)
+ mode = "r+wb";
+ else
+ mode = "r+w";
+ else
+ if (curtype == TYPE_I)
+ mode = "wb";
+ else
+ mode = "w";
+
+ getit(argc, argv, 0, mode);
}
/*
@@ -564,17 +587,17 @@ int
getit(int argc, char **argv, int restartit, char *mode)
{
int loc = 0;
+ int local_given = 1;
char *oldargv1, *oldargv2;
if (argc == 2) {
argc++;
+ local_given = 0;
argv[2] = argv[1];
loc++;
}
- if (argc < 2 && !another(&argc, &argv, "remote-file"))
- goto usage;
- if (argc < 3 && !another(&argc, &argv, "local-file")) {
-usage:
+ if ((argc < 2 && !another(&argc, &argv, "remote-file")) ||
+ (argc < 3 && !another(&argc, &argv, "local-file"))) {
printf("usage: %s remote-file [ local-file ]\n", argv[0]);
code = -1;
return (0);
@@ -619,50 +642,60 @@ usage:
return (0);
}
restart_point = stbuf.st_size;
- } else {
- if (ret == 0) {
- int overbose;
-
- overbose = verbose;
- if (debug == 0)
- verbose = -1;
- if (command("MDTM %s", argv[1]) == COMPLETE) {
- int yy, mo, day, hour, min, sec;
- struct tm *tm;
- verbose = overbose;
- sscanf(reply_string,
- "%*s %04d%02d%02d%02d%02d%02d",
- &yy, &mo, &day, &hour, &min, &sec);
- tm = gmtime(&stbuf.st_mtime);
- tm->tm_mon++;
- if (tm->tm_year > yy%100)
- return (1);
- if ((tm->tm_year == yy%100 &&
- tm->tm_mon > mo) ||
- (tm->tm_mon == mo &&
- tm->tm_mday > day) ||
- (tm->tm_mday == day &&
- tm->tm_hour > hour) ||
- (tm->tm_hour == hour &&
- tm->tm_min > min) ||
- (tm->tm_min == min &&
- tm->tm_sec > sec))
- return (1);
- } else {
- printf("%s\n", reply_string);
- verbose = overbose;
- return (0);
- }
+ } else if (ret == 0) {
+ int overbose;
+ int cmdret;
+ int yy, mo, day, hour, min, sec;
+ struct tm *tm;
+
+ overbose = verbose;
+ if (debug == 0)
+ verbose = -1;
+ cmdret = command("MDTM %s", argv[1]);
+ verbose = overbose;
+ if (cmdret != COMPLETE) {
+ printf("%s\n", reply_string);
+ return (0);
+ }
+ if (sscanf(reply_string,
+ "%*s %04d%02d%02d%02d%02d%02d",
+ &yy, &mo, &day, &hour, &min, &sec)
+ != 6) {
+ printf ("bad MDTM result\n");
+ return (0);
}
+
+ tm = gmtime(&stbuf.st_mtime);
+ tm->tm_mon++;
+ tm->tm_year += 1900;
+
+ if ((tm->tm_year > yy) ||
+ (tm->tm_year == yy &&
+ tm->tm_mon > mo) ||
+ (tm->tm_mon == mo &&
+ tm->tm_mday > day) ||
+ (tm->tm_mday == day &&
+ tm->tm_hour > hour) ||
+ (tm->tm_hour == hour &&
+ tm->tm_min > min) ||
+ (tm->tm_min == min &&
+ tm->tm_sec > sec))
+ return (1);
}
}
recvrequest("RETR", argv[2], argv[1], mode,
- argv[1] != oldargv1 || argv[2] != oldargv2);
+ argv[1] != oldargv1 || argv[2] != oldargv2, local_given);
restart_point = 0;
return (0);
}
+static int
+suspicious_filename(const char *fn)
+{
+ return strstr(fn, "../") != NULL || *fn == '/';
+}
+
/*
* Get multiple files.
*/
@@ -687,6 +720,8 @@ mget(int argc, char **argv)
mflag = 0;
continue;
}
+ if (mflag && suspicious_filename(cp))
+ printf("*** Suspicious filename: %s\n", cp);
if (mflag && confirm(argv[0], cp)) {
tp = cp;
if (mcase) {
@@ -701,8 +736,9 @@ mget(int argc, char **argv)
if (mapflag) {
tp = domap(tp);
}
- recvrequest("RETR", tp, cp, "w",
- tp != cp || !interactive);
+ recvrequest("RETR", tp, cp,
+ curtype == TYPE_I ? "wb" : "w",
+ tp != cp || !interactive, 0);
if (!mflag && fromatty) {
ointer = interactive;
interactive = 1;
@@ -720,61 +756,71 @@ mget(int argc, char **argv)
char *
remglob(char **argv, int doswitch)
{
- char temp[16];
- static char buf[MaxPathLen];
- static FILE *ftemp = NULL;
- static char **args;
- int oldverbose, oldhash;
- char *cp, *mode;
+ char temp[16];
+ static char buf[MaxPathLen];
+ static FILE *ftemp = NULL;
+ static char **args;
+ int oldverbose, oldhash;
+ char *cp, *mode;
- if (!mflag) {
- if (!doglob) {
- args = NULL;
- }
- else {
- if (ftemp) {
- fclose(ftemp);
- ftemp = NULL;
- }
- }
- return (NULL);
- }
+ if (!mflag) {
if (!doglob) {
- if (args == NULL)
- args = argv;
- if ((cp = *++args) == NULL)
- args = NULL;
- return (cp);
+ args = NULL;
}
- if (ftemp == NULL) {
- strcpy(temp, _PATH_TMP_XXX);
- mktemp(temp);
- oldverbose = verbose, verbose = 0;
- oldhash = hash, hash = 0;
- if (doswitch) {
- pswitch(!proxy);
- }
- for (mode = "w"; *++argv != NULL; mode = "a")
- recvrequest ("NLST", temp, *argv, mode, 0);
- if (doswitch) {
- pswitch(!proxy);
- }
- verbose = oldverbose; hash = oldhash;
- ftemp = fopen(temp, "r");
- unlink(temp);
- if (ftemp == NULL) {
- printf("can't find list of remote files, oops\n");
- return (NULL);
- }
- }
- if (fgets(buf, sizeof (buf), ftemp) == NULL) {
+ else {
+ if (ftemp) {
fclose(ftemp);
ftemp = NULL;
- return (NULL);
+ }
}
+ return (NULL);
+ }
+ if (!doglob) {
+ if (args == NULL)
+ args = argv;
+ if ((cp = *++args) == NULL)
+ args = NULL;
+ return (cp);
+ }
+ if (ftemp == NULL) {
+ int fd;
+ strcpy_truncate(temp, _PATH_TMP_XXX, sizeof(temp));
+ fd = mkstemp(temp);
+ if(fd < 0){
+ warn("unable to create temporary file %s", temp);
+ return NULL;
+ }
+ close(fd);
+ oldverbose = verbose, verbose = 0;
+ oldhash = hash, hash = 0;
+ if (doswitch) {
+ pswitch(!proxy);
+ }
+ for (mode = "w"; *++argv != NULL; mode = "a")
+ recvrequest ("NLST", temp, *argv, mode, 0, 0);
+ if (doswitch) {
+ pswitch(!proxy);
+ }
+ verbose = oldverbose; hash = oldhash;
+ ftemp = fopen(temp, "r");
+ unlink(temp);
+ if (ftemp == NULL) {
+ printf("can't find list of remote files, oops\n");
+ return (NULL);
+ }
+ }
+ while(fgets(buf, sizeof (buf), ftemp)) {
if ((cp = strchr(buf, '\n')) != NULL)
- *cp = '\0';
- return (buf);
+ *cp = '\0';
+ if(!interactive && suspicious_filename(buf)){
+ printf("Ignoring remote globbed file `%s'\n", buf);
+ continue;
+ }
+ return buf;
+ }
+ fclose(ftemp);
+ ftemp = NULL;
+ return (NULL);
}
char *
@@ -1036,38 +1082,38 @@ delete(int argc, char **argv)
void
mdelete(int argc, char **argv)
{
- sighand oldintr;
- int ointer;
- char *cp;
+ sighand oldintr;
+ int ointer;
+ char *cp;
- if (argc < 2 && !another(&argc, &argv, "remote-files")) {
- printf("usage: %s remote-files\n", argv[0]);
- code = -1;
- return;
- }
- mname = argv[0];
- mflag = 1;
- oldintr = signal(SIGINT, mabort);
- setjmp(jabort);
- while ((cp = remglob(argv,0)) != NULL) {
- if (*cp == '\0') {
- mflag = 0;
- continue;
- }
- if (mflag && confirm(argv[0], cp)) {
- command("DELE %s", cp);
- if (!mflag && fromatty) {
- ointer = interactive;
- interactive = 1;
- if (confirm("Continue with", "mdelete")) {
- mflag++;
- }
- interactive = ointer;
- }
+ if (argc < 2 && !another(&argc, &argv, "remote-files")) {
+ printf("usage: %s remote-files\n", argv[0]);
+ code = -1;
+ return;
+ }
+ mname = argv[0];
+ mflag = 1;
+ oldintr = signal(SIGINT, mabort);
+ setjmp(jabort);
+ while ((cp = remglob(argv,0)) != NULL) {
+ if (*cp == '\0') {
+ mflag = 0;
+ continue;
+ }
+ if (mflag && confirm(argv[0], cp)) {
+ command("DELE %s", cp);
+ if (!mflag && fromatty) {
+ ointer = interactive;
+ interactive = 1;
+ if (confirm("Continue with", "mdelete")) {
+ mflag++;
}
+ interactive = ointer;
+ }
}
- signal(SIGINT, oldintr);
- mflag = 0;
+ }
+ signal(SIGINT, oldintr);
+ mflag = 0;
}
/*
@@ -1113,11 +1159,12 @@ ls(int argc, char **argv)
return;
}
if (strcmp(argv[2], "-") && *argv[2] != '|')
- if (!globulize(&argv[2]) || !confirm("output to local-file:", argv[2])) {
- code = -1;
- return;
- }
- recvrequest(cmd, argv[2], argv[1], "w", 0);
+ if (!globulize(&argv[2]) || !confirm("output to local-file:",
+ argv[2])) {
+ code = -1;
+ return;
+ }
+ recvrequest(cmd, argv[2], argv[1], "w", 0, 1);
}
/*
@@ -1154,7 +1201,7 @@ usage:
setjmp(jabort);
for (i = 1; mflag && i < argc-1; ++i) {
*mode = (i == 1) ? 'w' : 'a';
- recvrequest(cmd, dest, argv[i], mode, 0);
+ recvrequest(cmd, dest, argv[i], mode, 0, 1);
if (!mflag && fromatty) {
ointer = interactive;
interactive = 1;
@@ -1193,8 +1240,8 @@ shell(int argc, char **argv)
namep = strrchr(shell,'/');
if (namep == NULL)
namep = shell;
- strcpy(shellnam,"-");
- strcat(shellnam, ++namep);
+ snprintf (shellnam, sizeof(shellnam),
+ "-%s", ++namep);
if (strcmp(namep, "sh") != 0)
shellnam[0] = '+';
if (debug) {
@@ -1369,22 +1416,19 @@ site(int argc, char **argv)
void
quote1(char *initial, int argc, char **argv)
{
- int i, len;
- char buf[BUFSIZ]; /* must be >= sizeof(line) */
+ int i;
+ char buf[BUFSIZ]; /* must be >= sizeof(line) */
- strcpy(buf, initial);
- if (argc > 1) {
- len = strlen(buf);
- len += strlen(strcpy(&buf[len], argv[1]));
- for (i = 2; i < argc; i++) {
- buf[len++] = ' ';
- len += strlen(strcpy(&buf[len], argv[i]));
- }
- }
- if (command(buf) == PRELIM) {
- while (getreply(0) == PRELIM)
- continue;
- }
+ strcpy_truncate(buf, initial, sizeof(buf));
+ for(i = 1; i < argc; i++) {
+ if(i > 1)
+ strcat_truncate(buf, " ", sizeof(buf));
+ strcat_truncate(buf, argv[i], sizeof(buf));
+ }
+ if (command("%s", buf) == PRELIM) {
+ while (getreply(0) == PRELIM)
+ continue;
+ }
}
void
@@ -1467,7 +1511,7 @@ disconnect(int argc, char **argv)
}
cout = NULL;
connected = 0;
- krb4_quit();
+ sec_end();
data = -1;
if (!proxy) {
macnum = 0;
@@ -1485,7 +1529,7 @@ confirm(char *cmd, char *file)
fflush(stdout);
if (fgets(line, sizeof line, stdin) == NULL)
return (0);
- return (*line != 'n' && *line != 'N');
+ return (*line == 'y' || *line == 'Y');
}
void
@@ -1531,12 +1575,11 @@ account(int argc, char **argv)
if (argc > 1) {
++argv;
--argc;
- strncpy(acct,*argv,49);
- acct[49] = '\0';
+ strcpy_truncate (acct, *argv, sizeof(acct));
while (argc > 1) {
--argc;
++argv;
- strncat(acct,*argv, 49-strlen(acct));
+ strcat_truncate(acct, *argv, sizeof(acct));
}
}
else {
@@ -1648,14 +1691,12 @@ setntrans(int argc, char **argv)
}
ntflag++;
code = ntflag;
- strncpy(ntin, argv[1], 16);
- ntin[16] = '\0';
+ strcpy_truncate (ntin, argv[1], 17);
if (argc == 2) {
ntout[0] = '\0';
return;
}
- strncpy(ntout, argv[2], 16);
- ntout[16] = '\0';
+ strcpy_truncate (ntout, argv[2], 17);
}
char *
@@ -1712,10 +1753,10 @@ setnmap(int argc, char **argv)
cp = strchr(altarg, ' ');
}
*cp = '\0';
- strncpy(mapin, altarg, MaxPathLen - 1);
+ strcpy_truncate(mapin, altarg, MaxPathLen);
while (*++cp == ' ')
continue;
- strncpy(mapout, cp, MaxPathLen - 1);
+ strcpy_truncate(mapout, cp, MaxPathLen);
}
char *
@@ -1967,7 +2008,9 @@ macdef(int argc, char **argv)
if (interactive) {
printf("Enter macro line by line, terminating it with a null line\n");
}
- strncpy(macros[macnum].mac_name, argv[1], 8);
+ strcpy_truncate(macros[macnum].mac_name,
+ argv[1],
+ sizeof(macros[macnum].mac_name));
if (macnum == 0) {
macros[macnum].mac_start = macbuf;
}
@@ -2067,7 +2110,7 @@ void
newer(int argc, char **argv)
{
- if (getit(argc, argv, -1, "w"))
+ if (getit(argc, argv, -1, curtype == TYPE_I ? "wb" : "w"))
printf("Local file \"%s\" is newer than remote file \"%s\"\n",
argv[2], argv[1]);
}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c b/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c
index 9567e3c71d3a..5dc96efa3672 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/cmdtab.c
@@ -105,9 +105,13 @@ char userhelp[] = "send new user information";
char verbosehelp[] = "toggle verbose mode";
char prothelp[] = "set protection level";
+#ifdef KRB4
char kauthhelp[] = "get remote tokens";
char klisthelp[] = "show remote tickets";
-char aklog[] = "obtain remote AFS tokens";
+char kdestroyhelp[] = "destroy remote tickets";
+char krbtkfilehelp[] = "set filename of remote tickets";
+char afsloghelp[] = "obtain remote AFS tokens";
+#endif
struct cmd cmdtab[] = {
{ "!", shellhelp, 0, 0, 0, shell },
@@ -184,8 +188,13 @@ struct cmd cmdtab[] = {
{ "?", helphelp, 0, 0, 1, help },
{ "prot", prothelp, 0, 1, 0, sec_prot },
+#ifdef KRB4
{ "kauth", kauthhelp, 0, 1, 0, kauth },
{ "klist", klisthelp, 0, 1, 0, klist },
+ { "kdestroy", kdestroyhelp, 0, 1, 0, kdestroy },
+ { "krbtkfile", krbtkfilehelp, 0, 1, 0, krbtkfile },
+ { "afslog", afsloghelp, 0, 1, 0, afslog },
+#endif
{ 0 },
};
diff --git a/crypto/kerberosIV/appl/ftp/ftp/domacro.c b/crypto/kerberosIV/appl/ftp/ftp/domacro.c
index f5a89b9f1201..432e3e5758f6 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/domacro.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/domacro.c
@@ -32,7 +32,7 @@
*/
#include "ftp_locl.h"
-RCSID("$Id: domacro.c,v 1.5 1996/11/17 20:23:10 assar Exp $");
+RCSID("$Id: domacro.c,v 1.6 1998/06/09 19:24:21 joda Exp $");
void
domacro(int argc, char **argv)
@@ -56,7 +56,7 @@ domacro(int argc, char **argv)
code = -1;
return;
}
- strcpy(line2, line);
+ strcpy_truncate(line2, line, sizeof(line2));
TOP:
cp1 = macros[i].mac_start;
while (cp1 != macros[i].mac_end) {
diff --git a/crypto/kerberosIV/appl/ftp/ftp/extern.h b/crypto/kerberosIV/appl/ftp/ftp/extern.h
index b830999d664b..5efe9187c015 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/extern.h
+++ b/crypto/kerberosIV/appl/ftp/ftp/extern.h
@@ -33,7 +33,7 @@
* @(#)extern.h 8.3 (Berkeley) 10/9/94
*/
-/* $Id: extern.h,v 1.13 1997/04/20 05:46:48 assar Exp $ */
+/* $Id: extern.h,v 1.16 1999/05/21 09:21:51 assar Exp $ */
#include <setjmp.h>
#include <stdlib.h>
@@ -107,7 +107,7 @@ void pwd (int, char **);
void quit (int, char **);
void quote (int, char **);
void quote1 (char *, int, char **);
-void recvrequest (char *, char *, char *, char *, int);
+void recvrequest (char *, char *, char *, char *, int, int);
void reget (int, char **);
char *remglob (char **, int);
void removedir (int, char **);
@@ -117,7 +117,7 @@ void restart (int, char **);
void rmthelp (int, char **);
void rmtstatus (int, char **);
int ruserpass (char *, char **, char **, char **);
-void sendrequest (char *, char *, char *, int);
+void sendrequest (char *, char *, char *, char *, int);
void setascii (int, char **);
void setbell (int, char **);
void setbinary (int, char **);
@@ -165,3 +165,9 @@ extern int NCMDS;
extern char username[32];
extern char myhostname[];
extern char *mydomain;
+
+void afslog (int, char **);
+void kauth (int, char **);
+void kdestroy (int, char **);
+void klist (int, char **);
+void krbtkfile (int, char **);
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp.c b/crypto/kerberosIV/appl/ftp/ftp/ftp.c
index cfabda6a5688..3021a191fba2 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/ftp.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/ftp.c
@@ -32,42 +32,38 @@
*/
#include "ftp_locl.h"
-RCSID("$Id: ftp.c,v 1.44 1997/05/18 20:00:31 assar Exp $");
+RCSID ("$Id: ftp.c,v 1.55 1999/06/02 20:12:22 joda Exp $");
-struct sockaddr_in hisctladdr;
-struct sockaddr_in data_addr;
-int data = -1;
-int abrtflag = 0;
-jmp_buf ptabort;
-int ptabflg;
-int ptflag = 0;
-struct sockaddr_in myctladdr;
-off_t restart_point = 0;
+struct sockaddr_in hisctladdr;
+struct sockaddr_in data_addr;
+int data = -1;
+int abrtflag = 0;
+jmp_buf ptabort;
+int ptabflg;
+int ptflag = 0;
+struct sockaddr_in myctladdr;
+off_t restart_point = 0;
-FILE *cin, *cout;
+FILE *cin, *cout;
-typedef void (*sighand)(int);
+typedef void (*sighand) (int);
char *
-hookup(char *host, int port)
+hookup (char *host, int port)
{
struct hostent *hp = 0;
- int s, len, tos;
- static char hostnamebuf[80];
+ int s, len;
+ static char hostnamebuf[MaxHostNameLen];
- memset(&hisctladdr, 0, sizeof (hisctladdr));
- if(inet_aton(host, &hisctladdr.sin_addr)){
+ memset (&hisctladdr, 0, sizeof (hisctladdr));
+ if (inet_aton (host, &hisctladdr.sin_addr)) {
hisctladdr.sin_family = AF_INET;
- strncpy(hostnamebuf, host, sizeof(hostnamebuf));
+ strcpy_truncate (hostnamebuf, host, sizeof (hostnamebuf));
} else {
- hp = gethostbyname(host);
+ hp = gethostbyname (host);
if (hp == NULL) {
-#ifdef HAVE_H_ERRNO
warnx("%s: %s", host, hstrerror(h_errno));
-#else
- warnx("%s: %s", host, "unknown error");
-#endif
code = -1;
return NULL;
}
@@ -75,73 +71,75 @@ hookup(char *host, int port)
memmove(&hisctladdr.sin_addr,
hp->h_addr_list[0],
sizeof(hisctladdr.sin_addr));
- strncpy(hostnamebuf, hp->h_name, sizeof(hostnamebuf));
- hostnamebuf[sizeof(hostnamebuf) - 1] = '\0';
+ strcpy_truncate (hostnamebuf, hp->h_name, sizeof (hostnamebuf));
}
hostname = hostnamebuf;
- s = socket(hisctladdr.sin_family, SOCK_STREAM, 0);
+ s = socket (hisctladdr.sin_family, SOCK_STREAM, 0);
if (s < 0) {
- warn("socket");
+ warn ("socket");
code = -1;
return (0);
}
hisctladdr.sin_port = port;
- while (connect(s, (struct sockaddr *)&hisctladdr, sizeof (hisctladdr)) < 0) {
+ while (connect (s, (struct sockaddr *) & hisctladdr, sizeof (hisctladdr)) < 0) {
if (hp && hp->h_addr_list[1]) {
int oerrno = errno;
char *ia;
- ia = inet_ntoa(hisctladdr.sin_addr);
+ ia = inet_ntoa (hisctladdr.sin_addr);
errno = oerrno;
- warn("connect to address %s", ia);
+ warn ("connect to address %s", ia);
hp->h_addr_list++;
- memmove(&hisctladdr.sin_addr,
- hp->h_addr_list[0],
- sizeof(hisctladdr.sin_addr));
- fprintf(stdout, "Trying %s...\n",
- inet_ntoa(hisctladdr.sin_addr));
- close(s);
- s = socket(hisctladdr.sin_family, SOCK_STREAM, 0);
+ memmove (&hisctladdr.sin_addr,
+ hp->h_addr_list[0],
+ sizeof (hisctladdr.sin_addr));
+ fprintf (stdout, "Trying %s...\n",
+ inet_ntoa (hisctladdr.sin_addr));
+ close (s);
+ s = socket (hisctladdr.sin_family, SOCK_STREAM, 0);
if (s < 0) {
- warn("socket");
+ warn ("socket");
code = -1;
return (0);
}
continue;
}
- warn("connect");
+ warn ("connect");
code = -1;
goto bad;
}
len = sizeof (myctladdr);
- if (getsockname(s, (struct sockaddr *)&myctladdr, &len) < 0) {
- warn("getsockname");
+ if (getsockname (s, (struct sockaddr *) & myctladdr, &len) < 0) {
+ warn ("getsockname");
code = -1;
goto bad;
}
#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
- tos = IPTOS_LOWDELAY;
+ {
+ int tos = IPTOS_LOWDELAY;
+
if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0)
warn("setsockopt TOS (ignored)");
+ }
#endif
- cin = fdopen(s, "r");
- cout = fdopen(s, "w");
+ cin = fdopen (s, "r");
+ cout = fdopen (s, "w");
if (cin == NULL || cout == NULL) {
- warnx("fdopen failed.");
+ warnx ("fdopen failed.");
if (cin)
- fclose(cin);
+ fclose (cin);
if (cout)
- fclose(cout);
+ fclose (cout);
code = -1;
goto bad;
}
if (verbose)
- printf("Connected to %s.\n", hostname);
- if (getreply(0) > 2) { /* read startup message from server */
+ printf ("Connected to %s.\n", hostname);
+ if (getreply (0) > 2) { /* read startup message from server */
if (cin)
- fclose(cin);
+ fclose (cin);
if (cout)
- fclose(cout);
+ fclose (cout);
code = -1;
goto bad;
}
@@ -149,21 +147,21 @@ hookup(char *host, int port)
{
int on = 1;
- if (setsockopt(s, SOL_SOCKET, SO_OOBINLINE, (char *)&on, sizeof(on))
+ if (setsockopt (s, SOL_SOCKET, SO_OOBINLINE, (char *) &on, sizeof (on))
< 0 && debug) {
- warn("setsockopt");
+ warn ("setsockopt");
}
}
-#endif /* SO_OOBINLINE */
+#endif /* SO_OOBINLINE */
return (hostname);
bad:
- close(s);
+ close (s);
return NULL;
}
int
-login(char *host)
+login (char *host)
{
char tmp[80];
char defaultpass[128];
@@ -172,94 +170,97 @@ login(char *host)
char *myname = NULL;
struct passwd *pw = k_getpwuid(getuid());
+
if (pw != NULL)
myname = pw->pw_name;
user = pass = acct = 0;
- if(do_klogin(host))
+ if(sec_login(host))
printf("\n*** Using plaintext user and password ***\n\n");
else{
- printf("Kerberos authentication successful.\n\n");
+ printf("Authentication successful.\n\n");
}
- if (ruserpass(host, &user, &pass, &acct) < 0) {
+ if (ruserpass (host, &user, &pass, &acct) < 0) {
code = -1;
return (0);
}
while (user == NULL) {
if (myname)
- printf("Name (%s:%s): ", host, myname);
+ printf ("Name (%s:%s): ", host, myname);
else
- printf("Name (%s): ", host);
- fgets(tmp, sizeof(tmp) - 1, stdin);
- tmp[strlen(tmp) - 1] = '\0';
+ printf ("Name (%s): ", host);
+ fgets (tmp, sizeof (tmp) - 1, stdin);
+ tmp[strlen (tmp) - 1] = '\0';
if (*tmp == '\0')
user = myname;
else
user = tmp;
}
- strcpy(username, user);
+ strcpy_truncate(username, user, sizeof(username));
n = command("USER %s", user);
if (n == CONTINUE) {
- if(auth_complete)
+ if(sec_complete)
pass = myname;
else if (pass == NULL) {
char prompt[128];
if(myname &&
(!strcmp(user, "ftp") || !strcmp(user, "anonymous"))){
- snprintf(defaultpass, sizeof(defaultpass), "%s@%s", myname, mydomain);
- snprintf(prompt, sizeof(prompt), "Password (%s): ", defaultpass);
+ snprintf(defaultpass, sizeof(defaultpass),
+ "%s@%s", myname, mydomain);
+ snprintf(prompt, sizeof(prompt),
+ "Password (%s): ", defaultpass);
}else{
- strcpy(defaultpass, "");
+ *defaultpass = '\0';
snprintf(prompt, sizeof(prompt), "Password: ");
}
pass = defaultpass;
- des_read_pw_string (tmp, sizeof(tmp), prompt, 0);
- if(tmp[0])
+ des_read_pw_string (tmp, sizeof (tmp), prompt, 0);
+ if (tmp[0])
pass = tmp;
}
- n = command("PASS %s", pass);
+ n = command ("PASS %s", pass);
}
if (n == CONTINUE) {
aflag++;
acct = tmp;
- des_read_pw_string(acct, 128, "Account:", 0);
- n = command("ACCT %s", acct);
+ des_read_pw_string (acct, 128, "Account:", 0);
+ n = command ("ACCT %s", acct);
}
if (n != COMPLETE) {
- warnx("Login failed.");
+ warnx ("Login failed.");
return (0);
}
if (!aflag && acct != NULL)
- command("ACCT %s", acct);
+ command ("ACCT %s", acct);
if (proxy)
return (1);
for (n = 0; n < macnum; ++n) {
if (!strcmp("init", macros[n].mac_name)) {
- strcpy(line, "$init");
+ strcpy_truncate (line, "$init", sizeof (line));
makeargv();
domacro(margc, margv);
break;
}
}
- sec_set_protection_level();
+ sec_set_protection_level ();
return (1);
}
void
-cmdabort(int sig)
+cmdabort (int sig)
{
- printf("\n");
- fflush(stdout);
+ printf ("\n");
+ fflush (stdout);
abrtflag++;
if (ptflag)
- longjmp(ptabort,1);
+ longjmp (ptabort, 1);
}
int
-command(char *fmt, ...)
+command (char *fmt,...)
{
va_list ap;
int r;
@@ -267,7 +268,7 @@ command(char *fmt, ...)
abrtflag = 0;
if (cout == NULL) {
- warn("No control connection for command");
+ warn ("No control connection for command");
code = -1;
return (0);
}
@@ -281,29 +282,26 @@ command(char *fmt, ...)
vfprintf(stdout, fmt, ap);
va_start(ap, fmt);
}
- if(auth_complete)
- krb4_write_enc(cout, fmt, ap);
- else
- vfprintf(cout, fmt, ap);
+ sec_vfprintf(cout, fmt, ap);
va_end(ap);
if(debug){
printf("\n");
fflush(stdout);
}
- fprintf(cout, "\r\n");
- fflush(cout);
+ fprintf (cout, "\r\n");
+ fflush (cout);
cpend = 1;
- r = getreply(!strcmp(fmt, "QUIT"));
+ r = getreply (!strcmp (fmt, "QUIT"));
if (abrtflag && oldintr != SIG_IGN)
- (*oldintr)(SIGINT);
- signal(SIGINT, oldintr);
+ (*oldintr) (SIGINT);
+ signal (SIGINT, oldintr);
return (r);
}
-char reply_string[BUFSIZ]; /* last line of previous reply */
+char reply_string[BUFSIZ]; /* last line of previous reply */
int
-getreply(int expecteof)
+getreply (int expecteof)
{
char *p;
char *lead_string;
@@ -311,80 +309,82 @@ getreply(int expecteof)
struct sigaction sa, osa;
char buf[1024];
- sigemptyset(&sa.sa_mask);
+ sigemptyset (&sa.sa_mask);
sa.sa_flags = 0;
sa.sa_handler = cmdabort;
- sigaction(SIGINT, &sa, &osa);
-
+ sigaction (SIGINT, &sa, &osa);
+
p = buf;
- while(1){
- c = getc(cin);
- switch(c){
+ while (1) {
+ c = getc (cin);
+ switch (c) {
case EOF:
if (expecteof) {
- sigaction(SIGINT,&osa, NULL);
+ sigaction (SIGINT, &osa, NULL);
code = 221;
return 0;
}
- lostpeer(0);
+ lostpeer (0);
if (verbose) {
- printf("421 Service not available, "
- "remote server has closed connection\n");
- fflush(stdout);
+ printf ("421 Service not available, "
+ "remote server has closed connection\n");
+ fflush (stdout);
}
code = 421;
return (4);
- break;
case IAC:
- c = getc(cin);
- if(c == WILL || c == WONT)
- fprintf(cout, "%c%c%c", IAC, DONT, getc(cin));
- if(c == DO || c == DONT)
- fprintf(cout, "%c%c%c", IAC, WONT, getc(cin));
+ c = getc (cin);
+ if (c == WILL || c == WONT)
+ fprintf (cout, "%c%c%c", IAC, DONT, getc (cin));
+ if (c == DO || c == DONT)
+ fprintf (cout, "%c%c%c", IAC, WONT, getc (cin));
continue;
case '\n':
- *p++ = 0;
+ *p++ = '\0';
if(isdigit(buf[0])){
sscanf(buf, "%d", &code);
if(code == 631){
- krb4_read_mic(buf);
+ sec_read_msg(buf, prot_safe);
sscanf(buf, "%d", &code);
lead_string = "S:";
} else if(code == 632){
- krb4_read_enc(buf);
+ sec_read_msg(buf, prot_private);
sscanf(buf, "%d", &code);
lead_string = "P:";
}else if(code == 633){
- printf("Received confidential reply!\n");
- }else if(auth_complete)
+ sec_read_msg(buf, prot_confidential);
+ sscanf(buf, "%d", &code);
+ lead_string = "C:";
+ }else if(sec_complete)
lead_string = "!!";
else
lead_string = "";
- if(verbose > 0 || (verbose > -1 && code > 499))
- fprintf(stdout, "%s%s\n", lead_string, buf);
- if(buf[3] == ' '){
- strcpy(reply_string, buf);
+ if (verbose > 0 || (verbose > -1 && code > 499))
+ fprintf (stdout, "%s%s\n", lead_string, buf);
+ if (buf[3] == ' ') {
+ strcpy (reply_string, buf);
if (code >= 200)
cpend = 0;
- sigaction(SIGINT, &osa, NULL);
+ sigaction (SIGINT, &osa, NULL);
if (code == 421)
- lostpeer(0);
+ lostpeer (0);
#if 1
- if (abrtflag &&
- osa.sa_handler != cmdabort &&
+ if (abrtflag &&
+ osa.sa_handler != cmdabort &&
osa.sa_handler != SIG_IGN)
- osa.sa_handler(SIGINT);
+ osa.sa_handler (SIGINT);
#endif
- if(code == 227){
+ if (code == 227) {
char *p, *q;
+
pasv[0] = 0;
- p = strchr(reply_string, '(');
- if(p){
+ p = strchr (reply_string, '(');
+ if (p) {
p++;
q = strchr(p, ')');
if(q){
- strncpy(pasv, p, q - p);
+ memcpy (pasv, p, q - p);
pasv[q - p] = 0;
}
}
@@ -393,7 +393,7 @@ getreply(int expecteof)
}
}else{
if(verbose > 0 || (verbose > -1 && code > 499)){
- if(auth_complete)
+ if(sec_complete)
fprintf(stdout, "!!");
fprintf(stdout, "%s\n", buf);
}
@@ -404,13 +404,13 @@ getreply(int expecteof)
*p++ = c;
}
}
-
+
}
#if 0
int
-getreply(int expecteof)
+getreply (int expecteof)
{
int c, n;
int dig;
@@ -419,24 +419,24 @@ getreply(int expecteof)
int pflag = 0;
char *cp, *pt = pasv;
- oldintr = signal(SIGINT, cmdabort);
+ oldintr = signal (SIGINT, cmdabort);
for (;;) {
dig = n = code = 0;
cp = reply_string;
- while ((c = getc(cin)) != '\n') {
- if (c == IAC) { /* handle telnet commands */
- switch (c = getc(cin)) {
+ while ((c = getc (cin)) != '\n') {
+ if (c == IAC) { /* handle telnet commands */
+ switch (c = getc (cin)) {
case WILL:
case WONT:
- c = getc(cin);
- fprintf(cout, "%c%c%c", IAC, DONT, c);
- fflush(cout);
+ c = getc (cin);
+ fprintf (cout, "%c%c%c", IAC, DONT, c);
+ fflush (cout);
break;
case DO:
case DONT:
- c = getc(cin);
- fprintf(cout, "%c%c%c", IAC, WONT, c);
- fflush(cout);
+ c = getc (cin);
+ fprintf (cout, "%c%c%c", IAC, WONT, c);
+ fflush (cout);
break;
default:
break;
@@ -446,14 +446,14 @@ getreply(int expecteof)
dig++;
if (c == EOF) {
if (expecteof) {
- signal(SIGINT,oldintr);
+ signal (SIGINT, oldintr);
code = 221;
return (0);
}
- lostpeer(0);
+ lostpeer (0);
if (verbose) {
- printf("421 Service not available, remote server has closed connection\n");
- fflush(stdout);
+ printf ("421 Service not available, remote server has closed connection\n");
+ fflush (stdout);
}
code = 421;
return (4);
@@ -462,14 +462,14 @@ getreply(int expecteof)
(verbose > -1 && n == '5' && dig > 4))) {
if (proxflag &&
(dig == 1 || dig == 5 && verbose == 0))
- printf("%s:",hostname);
- putchar(c);
+ printf ("%s:", hostname);
+ putchar (c);
}
- if (dig < 4 && isdigit(c))
+ if (dig < 4 && isdigit (c))
code = code * 10 + (c - '0');
if (!pflag && code == 227)
pflag = 1;
- if (dig > 4 && pflag == 1 && isdigit(c))
+ if (dig > 4 && pflag == 1 && isdigit (c))
pflag = 2;
if (pflag == 2) {
if (c != '\r' && c != ')')
@@ -486,11 +486,11 @@ getreply(int expecteof)
}
if (n == 0)
n = c;
- if (cp < &reply_string[sizeof(reply_string) - 1])
+ if (cp < &reply_string[sizeof (reply_string) - 1])
*cp++ = c;
}
if (verbose > 0 || verbose > -1 && n == '5') {
- putchar(c);
+ putchar (c);
fflush (stdout);
}
if (continuation && code != originalcode) {
@@ -499,112 +499,114 @@ getreply(int expecteof)
continue;
}
*cp = '\0';
- if(auth_complete){
+ if(sec_complete){
if(code == 631)
- krb4_read_mic(reply_string);
- else
- krb4_read_enc(reply_string);
+ sec_read_msg(reply_string, prot_safe);
+ else if(code == 632)
+ sec_read_msg(reply_string, prot_private);
+ else if(code == 633)
+ sec_read_msg(reply_string, prot_confidential);
n = code / 100 + '0';
}
-
if (n != '1')
cpend = 0;
- signal(SIGINT,oldintr);
+ signal (SIGINT, oldintr);
if (code == 421 || originalcode == 421)
- lostpeer(0);
+ lostpeer (0);
if (abrtflag && oldintr != cmdabort && oldintr != SIG_IGN)
- (*oldintr)(SIGINT);
+ (*oldintr) (SIGINT);
return (n - '0');
}
}
+
#endif
int
-empty(fd_set *mask, int sec)
+empty (fd_set * mask, int sec)
{
struct timeval t;
t.tv_sec = (long) sec;
t.tv_usec = 0;
- return (select(32, mask, NULL, NULL, &t));
+ return (select (32, mask, NULL, NULL, &t));
}
-jmp_buf sendabort;
+jmp_buf sendabort;
static RETSIGTYPE
-abortsend(int sig)
+abortsend (int sig)
{
mflag = 0;
abrtflag = 0;
- printf("\nsend aborted\nwaiting for remote to finish abort\n");
- fflush(stdout);
- longjmp(sendabort, 1);
+ printf ("\nsend aborted\nwaiting for remote to finish abort\n");
+ fflush (stdout);
+ longjmp (sendabort, 1);
}
#define HASHBYTES 1024
static int
-copy_stream(FILE *from, FILE *to)
+copy_stream (FILE * from, FILE * to)
{
static size_t bufsize;
static char *buf;
int n;
int bytes = 0;
- int werr;
+ int werr = 0;
int hashbytes = HASHBYTES;
struct stat st;
-
-#ifdef HAVE_MMAP
+
+#if defined(HAVE_MMAP) && !defined(NO_MMAP)
void *chunk;
#ifndef MAP_FAILED
#define MAP_FAILED (-1)
#endif
- if(fstat(fileno(from), &st) == 0 && S_ISREG(st.st_mode)){
- chunk = mmap(0, st.st_size, PROT_READ, MAP_SHARED, fileno(from), 0);
- if (chunk != (void *)MAP_FAILED) {
+ if (fstat (fileno (from), &st) == 0 && S_ISREG (st.st_mode)) {
+ chunk = mmap (0, st.st_size, PROT_READ, MAP_SHARED, fileno (from), 0);
+ if (chunk != (void *) MAP_FAILED) {
int res;
- res = sec_write(fileno(to), chunk, st.st_size);
- if (munmap(chunk, st.st_size) < 0)
+ res = sec_write (fileno (to), chunk, st.st_size);
+ if (munmap (chunk, st.st_size) < 0)
warn ("munmap");
- sec_fflush(to);
+ sec_fflush (to);
return res;
}
}
#endif
buf = alloc_buffer (buf, &bufsize,
- fstat(fileno(from), &st) >= 0 ? &st : NULL);
+ fstat (fileno (from), &st) >= 0 ? &st : NULL);
if (buf == NULL)
return -1;
- while((n = read(fileno(from), buf, bufsize)) > 0){
- werr = sec_write(fileno(to), buf, n);
- if(werr < 0)
+ while ((n = read (fileno (from), buf, bufsize)) > 0) {
+ werr = sec_write (fileno (to), buf, n);
+ if (werr < 0)
break;
bytes += werr;
- while(hash && bytes > hashbytes){
- putchar('#');
+ while (hash && bytes > hashbytes) {
+ putchar ('#');
hashbytes += HASHBYTES;
}
}
- sec_fflush(to);
- if(n < 0)
- warn("local");
+ sec_fflush (to);
+ if (n < 0)
+ warn ("local");
- if(werr < 0){
- if(errno != EPIPE)
- warn("netout");
+ if (werr < 0) {
+ if (errno != EPIPE)
+ warn ("netout");
bytes = -1;
}
return bytes;
}
void
-sendrequest(char *cmd, char *local, char *remote, int printnames)
+sendrequest (char *cmd, char *local, char *remote, char *lmode, int printnames)
{
struct stat st;
struct timeval start, stop;
@@ -613,124 +615,123 @@ sendrequest(char *cmd, char *local, char *remote, int printnames)
int (*closefunc) (FILE *);
RETSIGTYPE (*oldintr)(), (*oldintp)();
long bytes = 0, hashbytes = HASHBYTES;
- char *lmode;
+ char *rmode = "w";
if (verbose && printnames) {
- if (local && *local != '-')
- printf("local: %s ", local);
+ if (local && strcmp (local, "-") != 0)
+ printf ("local: %s ", local);
if (remote)
- printf("remote: %s\n", remote);
+ printf ("remote: %s\n", remote);
}
if (proxy) {
- proxtrans(cmd, local, remote);
+ proxtrans (cmd, local, remote);
return;
}
if (curtype != type)
- changetype(type, 0);
+ changetype (type, 0);
closefunc = NULL;
oldintr = NULL;
oldintp = NULL;
- lmode = "w";
- if (setjmp(sendabort)) {
+
+ if (setjmp (sendabort)) {
while (cpend) {
- getreply(0);
+ getreply (0);
}
if (data >= 0) {
- close(data);
+ close (data);
data = -1;
}
if (oldintr)
- signal(SIGINT,oldintr);
+ signal (SIGINT, oldintr);
if (oldintp)
- signal(SIGPIPE,oldintp);
+ signal (SIGPIPE, oldintp);
code = -1;
return;
}
- oldintr = signal(SIGINT, abortsend);
- if (strcmp(local, "-") == 0)
+ oldintr = signal (SIGINT, abortsend);
+ if (strcmp (local, "-") == 0)
fin = stdin;
else if (*local == '|') {
- oldintp = signal(SIGPIPE,SIG_IGN);
- fin = popen(local + 1, "r");
+ oldintp = signal (SIGPIPE, SIG_IGN);
+ fin = popen (local + 1, lmode);
if (fin == NULL) {
- warn("%s", local + 1);
- signal(SIGINT, oldintr);
- signal(SIGPIPE, oldintp);
+ warn ("%s", local + 1);
+ signal (SIGINT, oldintr);
+ signal (SIGPIPE, oldintp);
code = -1;
return;
}
closefunc = pclose;
} else {
- fin = fopen(local, "r");
+ fin = fopen (local, lmode);
if (fin == NULL) {
- warn("local: %s", local);
- signal(SIGINT, oldintr);
+ warn ("local: %s", local);
+ signal (SIGINT, oldintr);
code = -1;
return;
}
closefunc = fclose;
- if (fstat(fileno(fin), &st) < 0 ||
- (st.st_mode&S_IFMT) != S_IFREG) {
- fprintf(stdout, "%s: not a plain file.\n", local);
- signal(SIGINT, oldintr);
- fclose(fin);
+ if (fstat (fileno (fin), &st) < 0 ||
+ (st.st_mode & S_IFMT) != S_IFREG) {
+ fprintf (stdout, "%s: not a plain file.\n", local);
+ signal (SIGINT, oldintr);
+ fclose (fin);
code = -1;
return;
}
}
- if (initconn()) {
- signal(SIGINT, oldintr);
+ if (initconn ()) {
+ signal (SIGINT, oldintr);
if (oldintp)
- signal(SIGPIPE, oldintp);
+ signal (SIGPIPE, oldintp);
code = -1;
if (closefunc != NULL)
- (*closefunc)(fin);
+ (*closefunc) (fin);
return;
}
- if (setjmp(sendabort))
+ if (setjmp (sendabort))
goto abort;
if (restart_point &&
- (strcmp(cmd, "STOR") == 0 || strcmp(cmd, "APPE") == 0)) {
+ (strcmp (cmd, "STOR") == 0 || strcmp (cmd, "APPE") == 0)) {
int rc;
switch (curtype) {
case TYPE_A:
- rc = fseek(fin, (long) restart_point, SEEK_SET);
+ rc = fseek (fin, (long) restart_point, SEEK_SET);
break;
case TYPE_I:
case TYPE_L:
- rc = lseek(fileno(fin), restart_point, SEEK_SET);
+ rc = lseek (fileno (fin), restart_point, SEEK_SET);
break;
}
if (rc < 0) {
- warn("local: %s", local);
+ warn ("local: %s", local);
restart_point = 0;
if (closefunc != NULL)
- (*closefunc)(fin);
+ (*closefunc) (fin);
return;
}
- if (command("REST %ld", (long) restart_point)
+ if (command ("REST %ld", (long) restart_point)
!= CONTINUE) {
restart_point = 0;
if (closefunc != NULL)
- (*closefunc)(fin);
+ (*closefunc) (fin);
return;
}
restart_point = 0;
- lmode = "r+w";
+ rmode = "r+w";
}
if (remote) {
- if (command("%s %s", cmd, remote) != PRELIM) {
- signal(SIGINT, oldintr);
+ if (command ("%s %s", cmd, remote) != PRELIM) {
+ signal (SIGINT, oldintr);
if (oldintp)
- signal(SIGPIPE, oldintp);
+ signal (SIGPIPE, oldintp);
if (closefunc != NULL)
- (*closefunc)(fin);
+ (*closefunc) (fin);
return;
}
- } else
- if (command("%s", cmd) != PRELIM) {
+ } else if (command ("%s", cmd) != PRELIM) {
signal(SIGINT, oldintr);
if (oldintp)
signal(SIGPIPE, oldintp);
@@ -738,101 +739,102 @@ sendrequest(char *cmd, char *local, char *remote, int printnames)
(*closefunc)(fin);
return;
}
- dout = dataconn(lmode);
+ dout = dataconn(rmode);
if (dout == NULL)
goto abort;
- set_buffer_size(fileno(dout), 0);
- gettimeofday(&start, (struct timezone *)0);
- oldintp = signal(SIGPIPE, SIG_IGN);
+ set_buffer_size (fileno (dout), 0);
+ gettimeofday (&start, (struct timezone *) 0);
+ oldintp = signal (SIGPIPE, SIG_IGN);
switch (curtype) {
case TYPE_I:
case TYPE_L:
errno = d = c = 0;
- bytes = copy_stream(fin, dout);
+ bytes = copy_stream (fin, dout);
break;
case TYPE_A:
- while ((c = getc(fin)) != EOF) {
+ while ((c = getc (fin)) != EOF) {
if (c == '\n') {
while (hash && (bytes >= hashbytes)) {
- putchar('#');
- fflush(stdout);
+ putchar ('#');
+ fflush (stdout);
hashbytes += HASHBYTES;
}
- if (ferror(dout))
+ if (ferror (dout))
break;
- sec_putc('\r', dout);
+ sec_putc ('\r', dout);
bytes++;
}
- sec_putc(c, dout);
+ sec_putc (c, dout);
bytes++;
}
- sec_fflush(dout);
+ sec_fflush (dout);
if (hash) {
if (bytes < hashbytes)
- putchar('#');
- putchar('\n');
- fflush(stdout);
+ putchar ('#');
+ putchar ('\n');
+ fflush (stdout);
}
- if (ferror(fin))
- warn("local: %s", local);
- if (ferror(dout)) {
+ if (ferror (fin))
+ warn ("local: %s", local);
+ if (ferror (dout)) {
if (errno != EPIPE)
- warn("netout");
+ warn ("netout");
bytes = -1;
}
break;
}
if (closefunc != NULL)
- (*closefunc)(fin);
- fclose(dout);
- gettimeofday(&stop, (struct timezone *)0);
- getreply(0);
- signal(SIGINT, oldintr);
+ (*closefunc) (fin);
+ fclose (dout);
+ gettimeofday (&stop, (struct timezone *) 0);
+ getreply (0);
+ signal (SIGINT, oldintr);
if (oldintp)
- signal(SIGPIPE, oldintp);
+ signal (SIGPIPE, oldintp);
if (bytes > 0)
- ptransfer("sent", bytes, &start, &stop);
+ ptransfer ("sent", bytes, &start, &stop);
return;
abort:
- signal(SIGINT, oldintr);
+ signal (SIGINT, oldintr);
if (oldintp)
- signal(SIGPIPE, oldintp);
+ signal (SIGPIPE, oldintp);
if (!cpend) {
code = -1;
return;
}
if (data >= 0) {
- close(data);
+ close (data);
data = -1;
}
if (dout)
- fclose(dout);
- getreply(0);
+ fclose (dout);
+ getreply (0);
code = -1;
if (closefunc != NULL && fin != NULL)
- (*closefunc)(fin);
- gettimeofday(&stop, (struct timezone *)0);
+ (*closefunc) (fin);
+ gettimeofday (&stop, (struct timezone *) 0);
if (bytes > 0)
- ptransfer("sent", bytes, &start, &stop);
+ ptransfer ("sent", bytes, &start, &stop);
}
-jmp_buf recvabort;
+jmp_buf recvabort;
void
-abortrecv(int sig)
+abortrecv (int sig)
{
mflag = 0;
abrtflag = 0;
- printf("\nreceive aborted\nwaiting for remote to finish abort\n");
- fflush(stdout);
- longjmp(recvabort, 1);
+ printf ("\nreceive aborted\nwaiting for remote to finish abort\n");
+ fflush (stdout);
+ longjmp (recvabort, 1);
}
void
-recvrequest(char *cmd, char *local, char *remote, char *lmode, int printnames)
+recvrequest (char *cmd, char *local, char *remote,
+ char *lmode, int printnames, int local_given)
{
FILE *fout, *din = 0;
int (*closefunc) (FILE *);
@@ -844,72 +846,71 @@ recvrequest(char *cmd, char *local, char *remote, char *lmode, int printnames)
struct timeval start, stop;
struct stat st;
- is_retr = strcmp(cmd, "RETR") == 0;
+ is_retr = strcmp (cmd, "RETR") == 0;
if (is_retr && verbose && printnames) {
- if (local && *local != '-')
- printf("local: %s ", local);
+ if (local && strcmp (local, "-") != 0)
+ printf ("local: %s ", local);
if (remote)
- printf("remote: %s\n", remote);
+ printf ("remote: %s\n", remote);
}
if (proxy && is_retr) {
- proxtrans(cmd, local, remote);
+ proxtrans (cmd, local, remote);
return;
}
closefunc = NULL;
oldintr = NULL;
oldintp = NULL;
tcrflag = !crflag && is_retr;
- if (setjmp(recvabort)) {
+ if (setjmp (recvabort)) {
while (cpend) {
- getreply(0);
+ getreply (0);
}
if (data >= 0) {
- close(data);
+ close (data);
data = -1;
}
if (oldintr)
- signal(SIGINT, oldintr);
+ signal (SIGINT, oldintr);
code = -1;
return;
}
- oldintr = signal(SIGINT, abortrecv);
- if (strcmp(local, "-") && *local != '|') {
- if (access(local, 2) < 0) {
- char *dir = strrchr(local, '/');
+ oldintr = signal (SIGINT, abortrecv);
+ if (!local_given || (strcmp (local, "-") && *local != '|')) {
+ if (access (local, 2) < 0) {
+ char *dir = strrchr (local, '/');
if (errno != ENOENT && errno != EACCES) {
- warn("local: %s", local);
- signal(SIGINT, oldintr);
+ warn ("local: %s", local);
+ signal (SIGINT, oldintr);
code = -1;
return;
}
if (dir != NULL)
*dir = 0;
- d = access(dir ? local : ".", 2);
+ d = access (dir ? local : ".", 2);
if (dir != NULL)
*dir = '/';
if (d < 0) {
- warn("local: %s", local);
- signal(SIGINT, oldintr);
+ warn ("local: %s", local);
+ signal (SIGINT, oldintr);
code = -1;
return;
}
if (!runique && errno == EACCES &&
- chmod(local, 0600) < 0) {
- warn("local: %s", local);
- signal(SIGINT, oldintr);
- signal(SIGINT, oldintr);
+ chmod (local, 0600) < 0) {
+ warn ("local: %s", local);
+ signal (SIGINT, oldintr);
+ signal (SIGINT, oldintr);
code = -1;
return;
}
if (runique && errno == EACCES &&
- (local = gunique(local)) == NULL) {
- signal(SIGINT, oldintr);
+ (local = gunique (local)) == NULL) {
+ signal (SIGINT, oldintr);
code = -1;
return;
}
- }
- else if (runique && (local = gunique(local)) == NULL) {
+ } else if (runique && (local = gunique (local)) == NULL) {
signal(SIGINT, oldintr);
code = -1;
return;
@@ -917,98 +918,98 @@ recvrequest(char *cmd, char *local, char *remote, char *lmode, int printnames)
}
if (!is_retr) {
if (curtype != TYPE_A)
- changetype(TYPE_A, 0);
+ changetype (TYPE_A, 0);
} else if (curtype != type)
- changetype(type, 0);
- if (initconn()) {
- signal(SIGINT, oldintr);
+ changetype (type, 0);
+ if (initconn ()) {
+ signal (SIGINT, oldintr);
code = -1;
return;
}
- if (setjmp(recvabort))
+ if (setjmp (recvabort))
goto abort;
if (is_retr && restart_point &&
- command("REST %ld", (long) restart_point) != CONTINUE)
+ command ("REST %ld", (long) restart_point) != CONTINUE)
return;
if (remote) {
- if (command("%s %s", cmd, remote) != PRELIM) {
- signal(SIGINT, oldintr);
+ if (command ("%s %s", cmd, remote) != PRELIM) {
+ signal (SIGINT, oldintr);
return;
}
} else {
- if (command("%s", cmd) != PRELIM) {
- signal(SIGINT, oldintr);
+ if (command ("%s", cmd) != PRELIM) {
+ signal (SIGINT, oldintr);
return;
}
}
- din = dataconn("r");
+ din = dataconn ("r");
if (din == NULL)
goto abort;
- set_buffer_size(fileno(din), 1);
- if (strcmp(local, "-") == 0)
+ set_buffer_size (fileno (din), 1);
+ if (local_given && strcmp (local, "-") == 0)
fout = stdout;
- else if (*local == '|') {
- oldintp = signal(SIGPIPE, SIG_IGN);
- fout = popen(local + 1, "w");
+ else if (local_given && *local == '|') {
+ oldintp = signal (SIGPIPE, SIG_IGN);
+ fout = popen (local + 1, "w");
if (fout == NULL) {
- warn("%s", local+1);
+ warn ("%s", local + 1);
goto abort;
}
closefunc = pclose;
} else {
- fout = fopen(local, lmode);
+ fout = fopen (local, lmode);
if (fout == NULL) {
- warn("local: %s", local);
+ warn ("local: %s", local);
goto abort;
}
closefunc = fclose;
}
buf = alloc_buffer (buf, &bufsize,
- fstat(fileno(fout), &st) >= 0 ? &st : NULL);
+ fstat (fileno (fout), &st) >= 0 ? &st : NULL);
if (buf == NULL)
goto abort;
- gettimeofday(&start, (struct timezone *)0);
+ gettimeofday (&start, (struct timezone *) 0);
switch (curtype) {
case TYPE_I:
case TYPE_L:
if (restart_point &&
- lseek(fileno(fout), restart_point, SEEK_SET) < 0) {
- warn("local: %s", local);
+ lseek (fileno (fout), restart_point, SEEK_SET) < 0) {
+ warn ("local: %s", local);
if (closefunc != NULL)
- (*closefunc)(fout);
+ (*closefunc) (fout);
return;
}
errno = d = 0;
- while ((c = sec_read(fileno(din), buf, bufsize)) > 0) {
- if ((d = write(fileno(fout), buf, c)) != c)
+ while ((c = sec_read (fileno (din), buf, bufsize)) > 0) {
+ if ((d = write (fileno (fout), buf, c)) != c)
break;
bytes += c;
if (hash) {
while (bytes >= hashbytes) {
- putchar('#');
+ putchar ('#');
hashbytes += HASHBYTES;
}
- fflush(stdout);
+ fflush (stdout);
}
}
if (hash && bytes > 0) {
if (bytes < HASHBYTES)
- putchar('#');
- putchar('\n');
- fflush(stdout);
+ putchar ('#');
+ putchar ('\n');
+ fflush (stdout);
}
if (c < 0) {
if (errno != EPIPE)
- warn("netin");
+ warn ("netin");
bytes = -1;
}
if (d < c) {
if (d < 0)
- warn("local: %s", local);
+ warn ("local: %s", local);
else
- warnx("%s: short write", local);
+ warnx ("%s: short write", local);
}
break;
@@ -1016,38 +1017,37 @@ recvrequest(char *cmd, char *local, char *remote, char *lmode, int printnames)
if (restart_point) {
int i, n, ch;
- if (fseek(fout, 0L, SEEK_SET) < 0)
+ if (fseek (fout, 0L, SEEK_SET) < 0)
goto done;
n = restart_point;
for (i = 0; i++ < n;) {
- if ((ch = sec_getc(fout)) == EOF)
+ if ((ch = sec_getc (fout)) == EOF)
goto done;
if (ch == '\n')
i++;
}
- if (fseek(fout, 0L, SEEK_CUR) < 0) {
- done:
- warn("local: %s", local);
+ if (fseek (fout, 0L, SEEK_CUR) < 0) {
+ done:
+ warn ("local: %s", local);
if (closefunc != NULL)
- (*closefunc)(fout);
+ (*closefunc) (fout);
return;
}
}
-
while ((c = sec_getc(din)) != EOF) {
if (c == '\n')
bare_lfs++;
while (c == '\r') {
while (hash && (bytes >= hashbytes)) {
- putchar('#');
- fflush(stdout);
+ putchar ('#');
+ fflush (stdout);
hashbytes += HASHBYTES;
}
bytes++;
- if ((c = sec_getc(din)) != '\n' || tcrflag) {
- if (ferror(fout))
+ if ((c = sec_getc (din)) != '\n' || tcrflag) {
+ if (ferror (fout))
goto break2;
- putc('\r', fout);
+ putc ('\r', fout);
if (c == '\0') {
bytes++;
goto contin2;
@@ -1056,69 +1056,68 @@ recvrequest(char *cmd, char *local, char *remote, char *lmode, int printnames)
goto contin2;
}
}
- putc(c, fout);
+ putc (c, fout);
bytes++;
- contin2: ;
+ contin2:;
}
- break2:
+break2:
if (bare_lfs) {
- printf("WARNING! %d bare linefeeds received in ASCII mode\n",
- bare_lfs);
- printf("File may not have transferred correctly.\n");
+ printf ("WARNING! %d bare linefeeds received in ASCII mode\n",
+ bare_lfs);
+ printf ("File may not have transferred correctly.\n");
}
if (hash) {
if (bytes < hashbytes)
- putchar('#');
- putchar('\n');
- fflush(stdout);
+ putchar ('#');
+ putchar ('\n');
+ fflush (stdout);
}
- if (ferror(din)) {
+ if (ferror (din)) {
if (errno != EPIPE)
- warn("netin");
+ warn ("netin");
bytes = -1;
}
- if (ferror(fout))
- warn("local: %s", local);
+ if (ferror (fout))
+ warn ("local: %s", local);
break;
}
if (closefunc != NULL)
- (*closefunc)(fout);
- signal(SIGINT, oldintr);
+ (*closefunc) (fout);
+ signal (SIGINT, oldintr);
if (oldintp)
- signal(SIGPIPE, oldintp);
- fclose(din);
- gettimeofday(&stop, (struct timezone *)0);
- getreply(0);
+ signal (SIGPIPE, oldintp);
+ fclose (din);
+ gettimeofday (&stop, (struct timezone *) 0);
+ getreply (0);
if (bytes > 0 && is_retr)
- ptransfer("received", bytes, &start, &stop);
+ ptransfer ("received", bytes, &start, &stop);
return;
abort:
/* abort using RFC959 recommended IP,SYNC sequence */
if (oldintp)
- signal(SIGPIPE, oldintr);
- signal(SIGINT, SIG_IGN);
+ signal (SIGPIPE, oldintr);
+ signal (SIGINT, SIG_IGN);
if (!cpend) {
code = -1;
- signal(SIGINT, oldintr);
+ signal (SIGINT, oldintr);
return;
}
-
abort_remote(din);
code = -1;
if (data >= 0) {
- close(data);
+ close (data);
data = -1;
}
if (closefunc != NULL && fout != NULL)
- (*closefunc)(fout);
+ (*closefunc) (fout);
if (din)
- fclose(din);
- gettimeofday(&stop, (struct timezone *)0);
+ fclose (din);
+ gettimeofday (&stop, (struct timezone *) 0);
if (bytes > 0)
- ptransfer("received", bytes, &start, &stop);
- signal(SIGINT, oldintr);
+ ptransfer ("received", bytes, &start, &stop);
+ signal (SIGINT, oldintr);
}
/*
@@ -1126,112 +1125,110 @@ abort:
* otherwise the server's connect may fail.
*/
int
-initconn(void)
+initconn (void)
{
int result, len, tmpno = 0;
int on = 1;
int a0, a1, a2, a3, p0, p1;
if (passivemode) {
- data = socket(AF_INET, SOCK_STREAM, 0);
+ data = socket (AF_INET, SOCK_STREAM, 0);
if (data < 0) {
- perror("ftp: socket");
- return(1);
+ perror ("ftp: socket");
+ return (1);
}
#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
if ((options & SO_DEBUG) &&
- setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on,
- sizeof (on)) < 0)
- perror("ftp: setsockopt (ignored)");
+ setsockopt (data, SOL_SOCKET, SO_DEBUG, (char *) &on,
+ sizeof (on)) < 0)
+ perror ("ftp: setsockopt (ignored)");
#endif
- if (command("PASV") != COMPLETE) {
- printf("Passive mode refused.\n");
+ if (command ("PASV") != COMPLETE) {
+ printf ("Passive mode refused.\n");
goto bad;
}
/*
- * What we've got at this point is a string of comma
- * separated one-byte unsigned integer values.
- * The first four are the an IP address. The fifth is
- * the MSB of the port number, the sixth is the LSB.
- * From that we'll prepare a sockaddr_in.
+ * What we've got at this point is a string of comma separated
+ * one-byte unsigned integer values. The first four are the an IP
+ * address. The fifth is the MSB of the port number, the sixth is the
+ * LSB. From that we'll prepare a sockaddr_in.
*/
- if (sscanf(pasv,"%d,%d,%d,%d,%d,%d",
- &a0, &a1, &a2, &a3, &p0, &p1) != 6) {
- printf("Passive mode address scan failure. "
- "Shouldn't happen!\n");
+ if (sscanf (pasv, "%d,%d,%d,%d,%d,%d",
+ &a0, &a1, &a2, &a3, &p0, &p1) != 6) {
+ printf ("Passive mode address scan failure. "
+ "Shouldn't happen!\n");
goto bad;
}
- if(a0 < 0 || a0 > 255 ||
- a1 < 0 || a1 > 255 ||
- a2 < 0 || a2 > 255 ||
- a3 < 0 || a3 > 255 ||
- p0 < 0 || p0 > 255 ||
- p1 < 0 || p1 > 255){
- printf("Can't parse passive mode string.\n");
+ if (a0 < 0 || a0 > 255 ||
+ a1 < 0 || a1 > 255 ||
+ a2 < 0 || a2 > 255 ||
+ a3 < 0 || a3 > 255 ||
+ p0 < 0 || p0 > 255 ||
+ p1 < 0 || p1 > 255) {
+ printf ("Can't parse passive mode string.\n");
goto bad;
}
-
memset(&data_addr, 0, sizeof(data_addr));
data_addr.sin_family = AF_INET;
- data_addr.sin_addr.s_addr = htonl((a0 << 24) | (a1 << 16) |
- (a2 << 8) | a3);
- data_addr.sin_port = htons((p0 << 8) | p1);
+ data_addr.sin_addr.s_addr = htonl ((a0 << 24) | (a1 << 16) |
+ (a2 << 8) | a3);
+ data_addr.sin_port = htons ((p0 << 8) | p1);
- if (connect(data, (struct sockaddr *)&data_addr,
- sizeof(data_addr)) < 0) {
- perror("ftp: connect");
+ if (connect (data, (struct sockaddr *) & data_addr,
+ sizeof (data_addr)) < 0) {
+ perror ("ftp: connect");
goto bad;
}
#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
on = IPTOS_THROUGHPUT;
- if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&on,
- sizeof(int)) < 0)
- perror("ftp: setsockopt TOS (ignored)");
+ if (setsockopt (data, IPPROTO_IP, IP_TOS, (char *) &on,
+ sizeof (int)) < 0)
+ perror ("ftp: setsockopt TOS (ignored)");
#endif
- return(0);
+ return (0);
}
-
noport:
data_addr = myctladdr;
if (sendport)
- data_addr.sin_port = 0; /* let system pick one */
+ data_addr.sin_port = 0; /* let system pick one */
if (data != -1)
- close(data);
- data = socket(AF_INET, SOCK_STREAM, 0);
+ close (data);
+ data = socket (AF_INET, SOCK_STREAM, 0);
if (data < 0) {
- warn("socket");
+ warn ("socket");
if (tmpno)
sendport = 1;
return (1);
}
#if defined(SO_REUSEADDR) && defined(HAVE_SETSOCKOPT)
if (!sendport)
- if (setsockopt(data, SOL_SOCKET, SO_REUSEADDR, (char *)&on, sizeof (on)) < 0) {
- warn("setsockopt (reuse address)");
+ if (setsockopt (data, SOL_SOCKET, SO_REUSEADDR, (char *) &on, sizeof (on)) < 0) {
+ warn ("setsockopt (reuse address)");
goto bad;
}
#endif
- if (bind(data, (struct sockaddr *)&data_addr, sizeof (data_addr)) < 0) {
- warn("bind");
+ if (bind (data, (struct sockaddr *) & data_addr, sizeof (data_addr)) < 0) {
+ warn ("bind");
goto bad;
}
#if defined(SO_DEBUG) && defined(HAVE_SETSOCKOPT)
if (options & SO_DEBUG &&
- setsockopt(data, SOL_SOCKET, SO_DEBUG, (char *)&on, sizeof (on)) < 0)
- warn("setsockopt (ignored)");
+ setsockopt (data, SOL_SOCKET, SO_DEBUG, (char *) &on, sizeof (on)) < 0)
+ warn ("setsockopt (ignored)");
#endif
len = sizeof (data_addr);
- if (getsockname(data, (struct sockaddr *)&data_addr, &len) < 0) {
- warn("getsockname");
+ if (getsockname (data, (struct sockaddr *) & data_addr, &len) < 0) {
+ warn ("getsockname");
goto bad;
}
- if (listen(data, 1) < 0)
- warn("listen");
+ if (listen (data, 1) < 0)
+ warn ("listen");
if (sendport) {
unsigned int a = ntohl(data_addr.sin_addr.s_addr);
unsigned int p = ntohs(data_addr.sin_port);
+
result = command("PORT %d,%d,%d,%d,%d,%d",
(a >> 24) & 0xff,
(a >> 16) & 0xff,
@@ -1250,88 +1247,88 @@ noport:
sendport = 1;
#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
on = IPTOS_THROUGHPUT;
- if (setsockopt(data, IPPROTO_IP, IP_TOS, (char *)&on, sizeof(int)) < 0)
- warn("setsockopt TOS (ignored)");
+ if (setsockopt (data, IPPROTO_IP, IP_TOS, (char *) &on, sizeof (int)) < 0)
+ warn ("setsockopt TOS (ignored)");
#endif
return (0);
bad:
- close(data), data = -1;
+ close (data), data = -1;
if (tmpno)
sendport = 1;
return (1);
}
FILE *
-dataconn(char *lmode)
+dataconn (char *lmode)
{
struct sockaddr_in from;
int s, fromlen = sizeof (from), tos;
if (passivemode)
- return (fdopen(data, lmode));
+ return (fdopen (data, lmode));
- s = accept(data, (struct sockaddr *) &from, &fromlen);
+ s = accept (data, (struct sockaddr *) & from, &fromlen);
if (s < 0) {
- warn("accept");
- close(data), data = -1;
+ warn ("accept");
+ close (data), data = -1;
return (NULL);
}
- close(data);
+ close (data);
data = s;
#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
tos = IPTOS_THROUGHPUT;
- if (setsockopt(s, IPPROTO_IP, IP_TOS, (char *)&tos, sizeof(int)) < 0)
- warn("setsockopt TOS (ignored)");
+ if (setsockopt (s, IPPROTO_IP, IP_TOS, (char *) &tos, sizeof (int)) < 0)
+ warn ("setsockopt TOS (ignored)");
#endif
- return (fdopen(data, lmode));
+ return (fdopen (data, lmode));
}
void
-ptransfer(char *direction, long int bytes,
- struct timeval *t0, struct timeval *t1)
+ptransfer (char *direction, long int bytes,
+ struct timeval * t0, struct timeval * t1)
{
struct timeval td;
float s;
float bs;
int prec;
char *unit;
-
+
if (verbose) {
td.tv_sec = t1->tv_sec - t0->tv_sec;
td.tv_usec = t1->tv_usec - t0->tv_usec;
- if(td.tv_usec < 0){
+ if (td.tv_usec < 0) {
td.tv_sec--;
td.tv_usec += 1000000;
}
s = td.tv_sec + (td.tv_usec / 1000000.);
- bs = bytes / (s?s:1);
- if(bs >= 1048576){
+ bs = bytes / (s ? s : 1);
+ if (bs >= 1048576) {
bs /= 1048576;
unit = "M";
prec = 2;
- }else if(bs >= 1024){
+ } else if (bs >= 1024) {
bs /= 1024;
unit = "k";
prec = 1;
- }else{
+ } else {
unit = "";
prec = 0;
}
-
- printf("%ld bytes %s in %.3g seconds (%.*f %sbyte/s)\n",
- bytes, direction, s, prec, bs, unit);
+
+ printf ("%ld bytes %s in %.3g seconds (%.*f %sbyte/s)\n",
+ bytes, direction, s, prec, bs, unit);
}
}
void
-psabort(int sig)
+psabort (int sig)
{
abrtflag++;
}
void
-pswitch(int flag)
+pswitch (int flag)
{
sighand oldintr;
static struct comvars {
@@ -1357,7 +1354,7 @@ pswitch(int flag)
struct comvars *ip, *op;
abrtflag = 0;
- oldintr = signal(SIGINT, psabort);
+ oldintr = signal (SIGINT, psabort);
if (flag) {
if (proxy)
return;
@@ -1374,8 +1371,7 @@ pswitch(int flag)
ip->connect = connected;
connected = op->connect;
if (hostname) {
- strncpy(ip->name, hostname, sizeof(ip->name) - 1);
- ip->name[strlen(ip->name)] = '\0';
+ strcpy_truncate (ip->name, hostname, sizeof (ip->name));
} else
ip->name[0] = 0;
hostname = op->name;
@@ -1401,48 +1397,44 @@ pswitch(int flag)
mcase = op->mcse;
ip->ntflg = ntflag;
ntflag = op->ntflg;
- strncpy(ip->nti, ntin, 16);
- (ip->nti)[strlen(ip->nti)] = '\0';
- strcpy(ntin, op->nti);
- strncpy(ip->nto, ntout, 16);
- (ip->nto)[strlen(ip->nto)] = '\0';
- strcpy(ntout, op->nto);
+ strcpy_truncate (ip->nti, ntin, sizeof (ip->nti));
+ strcpy_truncate (ntin, op->nti, 17);
+ strcpy_truncate (ip->nto, ntout, sizeof (ip->nto));
+ strcpy_truncate (ntout, op->nto, 17);
ip->mapflg = mapflag;
mapflag = op->mapflg;
- strncpy(ip->mi, mapin, MaxPathLen - 1);
- (ip->mi)[strlen(ip->mi)] = '\0';
- strcpy(mapin, op->mi);
- strncpy(ip->mo, mapout, MaxPathLen - 1);
- (ip->mo)[strlen(ip->mo)] = '\0';
- strcpy(mapout, op->mo);
+ strcpy_truncate (ip->mi, mapin, MaxPathLen);
+ strcpy_truncate (mapin, op->mi, MaxPathLen);
+ strcpy_truncate (ip->mo, mapout, MaxPathLen);
+ strcpy_truncate (mapout, op->mo, MaxPathLen);
signal(SIGINT, oldintr);
if (abrtflag) {
abrtflag = 0;
- (*oldintr)(SIGINT);
+ (*oldintr) (SIGINT);
}
}
void
-abortpt(int sig)
+abortpt (int sig)
{
- printf("\n");
- fflush(stdout);
+ printf ("\n");
+ fflush (stdout);
ptabflg++;
mflag = 0;
abrtflag = 0;
- longjmp(ptabort, 1);
+ longjmp (ptabort, 1);
}
void
-proxtrans(char *cmd, char *local, char *remote)
+proxtrans (char *cmd, char *local, char *remote)
{
sighand oldintr;
int secndflag = 0, prox_type, nfnd;
char *cmd2;
fd_set mask;
- if (strcmp(cmd, "RETR"))
+ if (strcmp (cmd, "RETR"))
cmd2 = "RETR";
else
cmd2 = runique ? "STOU" : "STOR";
@@ -1453,148 +1445,147 @@ proxtrans(char *cmd, char *local, char *remote)
prox_type = TYPE_A;
}
if (curtype != prox_type)
- changetype(prox_type, 1);
- if (command("PASV") != COMPLETE) {
- printf("proxy server does not support third party transfers.\n");
+ changetype (prox_type, 1);
+ if (command ("PASV") != COMPLETE) {
+ printf ("proxy server does not support third party transfers.\n");
return;
}
- pswitch(0);
+ pswitch (0);
if (!connected) {
- printf("No primary connection\n");
- pswitch(1);
+ printf ("No primary connection\n");
+ pswitch (1);
code = -1;
return;
}
if (curtype != prox_type)
- changetype(prox_type, 1);
- if (command("PORT %s", pasv) != COMPLETE) {
- pswitch(1);
+ changetype (prox_type, 1);
+ if (command ("PORT %s", pasv) != COMPLETE) {
+ pswitch (1);
return;
}
- if (setjmp(ptabort))
+ if (setjmp (ptabort))
goto abort;
- oldintr = signal(SIGINT, abortpt);
- if (command("%s %s", cmd, remote) != PRELIM) {
- signal(SIGINT, oldintr);
- pswitch(1);
+ oldintr = signal (SIGINT, abortpt);
+ if (command ("%s %s", cmd, remote) != PRELIM) {
+ signal (SIGINT, oldintr);
+ pswitch (1);
return;
}
- sleep(2);
- pswitch(1);
+ sleep (2);
+ pswitch (1);
secndflag++;
- if (command("%s %s", cmd2, local) != PRELIM)
+ if (command ("%s %s", cmd2, local) != PRELIM)
goto abort;
ptflag++;
- getreply(0);
- pswitch(0);
- getreply(0);
- signal(SIGINT, oldintr);
- pswitch(1);
+ getreply (0);
+ pswitch (0);
+ getreply (0);
+ signal (SIGINT, oldintr);
+ pswitch (1);
ptflag = 0;
- printf("local: %s remote: %s\n", local, remote);
+ printf ("local: %s remote: %s\n", local, remote);
return;
abort:
- signal(SIGINT, SIG_IGN);
+ signal (SIGINT, SIG_IGN);
ptflag = 0;
- if (strcmp(cmd, "RETR") && !proxy)
- pswitch(1);
- else if (!strcmp(cmd, "RETR") && proxy)
- pswitch(0);
- if (!cpend && !secndflag) { /* only here if cmd = "STOR" (proxy=1) */
- if (command("%s %s", cmd2, local) != PRELIM) {
- pswitch(0);
+ if (strcmp (cmd, "RETR") && !proxy)
+ pswitch (1);
+ else if (!strcmp (cmd, "RETR") && proxy)
+ pswitch (0);
+ if (!cpend && !secndflag) { /* only here if cmd = "STOR" (proxy=1) */
+ if (command ("%s %s", cmd2, local) != PRELIM) {
+ pswitch (0);
if (cpend)
- abort_remote((FILE *) NULL);
+ abort_remote ((FILE *) NULL);
}
- pswitch(1);
+ pswitch (1);
if (ptabflg)
code = -1;
- signal(SIGINT, oldintr);
+ signal (SIGINT, oldintr);
return;
}
if (cpend)
- abort_remote((FILE *) NULL);
- pswitch(!proxy);
- if (!cpend && !secndflag) { /* only if cmd = "RETR" (proxy=1) */
- if (command("%s %s", cmd2, local) != PRELIM) {
- pswitch(0);
+ abort_remote ((FILE *) NULL);
+ pswitch (!proxy);
+ if (!cpend && !secndflag) { /* only if cmd = "RETR" (proxy=1) */
+ if (command ("%s %s", cmd2, local) != PRELIM) {
+ pswitch (0);
if (cpend)
- abort_remote((FILE *) NULL);
- pswitch(1);
+ abort_remote ((FILE *) NULL);
+ pswitch (1);
if (ptabflg)
code = -1;
- signal(SIGINT, oldintr);
+ signal (SIGINT, oldintr);
return;
}
}
if (cpend)
- abort_remote((FILE *) NULL);
- pswitch(!proxy);
+ abort_remote ((FILE *) NULL);
+ pswitch (!proxy);
if (cpend) {
- FD_ZERO(&mask);
- FD_SET(fileno(cin), &mask);
- if ((nfnd = empty(&mask, 10)) <= 0) {
+ FD_ZERO (&mask);
+ FD_SET (fileno (cin), &mask);
+ if ((nfnd = empty (&mask, 10)) <= 0) {
if (nfnd < 0) {
- warn("abort");
+ warn ("abort");
}
if (ptabflg)
code = -1;
- lostpeer(0);
+ lostpeer (0);
}
- getreply(0);
- getreply(0);
+ getreply (0);
+ getreply (0);
}
if (proxy)
- pswitch(0);
- pswitch(1);
+ pswitch (0);
+ pswitch (1);
if (ptabflg)
code = -1;
- signal(SIGINT, oldintr);
+ signal (SIGINT, oldintr);
}
void
-reset(int argc, char **argv)
+reset (int argc, char **argv)
{
fd_set mask;
int nfnd = 1;
- FD_ZERO(&mask);
+ FD_ZERO (&mask);
while (nfnd > 0) {
- FD_SET(fileno(cin), &mask);
- if ((nfnd = empty(&mask,0)) < 0) {
- warn("reset");
+ FD_SET (fileno (cin), &mask);
+ if ((nfnd = empty (&mask, 0)) < 0) {
+ warn ("reset");
code = -1;
lostpeer(0);
- }
- else if (nfnd) {
+ } else if (nfnd) {
getreply(0);
}
}
}
char *
-gunique(char *local)
+gunique (char *local)
{
static char new[MaxPathLen];
- char *cp = strrchr(local, '/');
- int d, count=0;
+ char *cp = strrchr (local, '/');
+ int d, count = 0;
char ext = '1';
if (cp)
*cp = '\0';
- d = access(cp ? local : ".", 2);
+ d = access (cp ? local : ".", 2);
if (cp)
*cp = '/';
if (d < 0) {
- warn("local: %s", local);
+ warn ("local: %s", local);
return NULL;
}
- strcpy(new, local);
+ strcpy_truncate (new, local, sizeof(new));
cp = new + strlen(new);
*cp++ = '.';
while (!d) {
if (++count == 100) {
- printf("runique: can't find unique file name.\n");
+ printf ("runique: can't find unique file name.\n");
return NULL;
}
*cp++ = ext;
@@ -1603,7 +1594,7 @@ gunique(char *local)
ext = '0';
else
ext++;
- if ((d = access(new, 0)) < 0)
+ if ((d = access (new, 0)) < 0)
break;
if (ext != '0')
cp--;
@@ -1618,7 +1609,7 @@ gunique(char *local)
}
void
-abort_remote(FILE *din)
+abort_remote (FILE * din)
{
char buf[BUFSIZ];
int nfnd;
@@ -1628,31 +1619,31 @@ abort_remote(FILE *din)
* send IAC in urgent mode instead of DM because 4.3BSD places oob mark
* after urgent byte rather than before as is protocol now
*/
- snprintf(buf, sizeof(buf), "%c%c%c", IAC, IP, IAC);
- if (send(fileno(cout), buf, 3, MSG_OOB) != 3)
- warn("abort");
- fprintf(cout,"%cABOR\r\n", DM);
- fflush(cout);
- FD_ZERO(&mask);
- FD_SET(fileno(cin), &mask);
- if (din) {
- FD_SET(fileno(din), &mask);
- }
- if ((nfnd = empty(&mask, 10)) <= 0) {
+ snprintf (buf, sizeof (buf), "%c%c%c", IAC, IP, IAC);
+ if (send (fileno (cout), buf, 3, MSG_OOB) != 3)
+ warn ("abort");
+ fprintf (cout, "%cABOR\r\n", DM);
+ fflush (cout);
+ FD_ZERO (&mask);
+ FD_SET (fileno (cin), &mask);
+ if (din) {
+ FD_SET (fileno (din), &mask);
+ }
+ if ((nfnd = empty (&mask, 10)) <= 0) {
if (nfnd < 0) {
- warn("abort");
+ warn ("abort");
}
if (ptabflg)
code = -1;
- lostpeer(0);
+ lostpeer (0);
}
- if (din && FD_ISSET(fileno(din), &mask)) {
- while (read(fileno(din), buf, BUFSIZ) > 0)
- /* LOOP */;
+ if (din && FD_ISSET (fileno (din), &mask)) {
+ while (read (fileno (din), buf, BUFSIZ) > 0)
+ /* LOOP */ ;
}
- if (getreply(0) == ERROR && code == 552) {
+ if (getreply (0) == ERROR && code == 552) {
/* 552 needed for nic style abort */
- getreply(0);
+ getreply (0);
}
- getreply(0);
+ getreply (0);
}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h b/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
index 6ead7932ddf4..5ae44b121fa8 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
+++ b/crypto/kerberosIV/appl/ftp/ftp/ftp_locl.h
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -36,7 +36,7 @@
* SUCH DAMAGE.
*/
-/* $Id: ftp_locl.h,v 1.29 1997/05/20 18:40:28 bg Exp $ */
+/* $Id: ftp_locl.h,v 1.33 1998/06/13 00:06:40 assar Exp $ */
#ifndef __FTP_LOCL_H__
#define __FTP_LOCL_H__
@@ -45,8 +45,6 @@
#include <config.h>
#endif
-#include <sys/cdefs.h>
-
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
@@ -121,7 +119,12 @@
#ifdef SOCKS
#include <socks.h>
-extern int LIBPREFIX(fclose) __P((FILE *));
+extern int LIBPREFIX(fclose) (FILE *);
+
+/* This doesn't belong here. */
+struct tm *localtime(const time_t *);
+struct hostent *gethostbyname(const char *);
+
#endif
#include "ftp_var.h"
@@ -129,13 +132,9 @@ extern int LIBPREFIX(fclose) __P((FILE *));
#include "common.h"
#include "pathnames.h"
-#include <des.h>
-
-#include <krb.h>
-
-#include "krb4.h"
-
#include "roken.h"
+#include "security.h"
+#include <des.h> /* for des_read_pw_string */
#if defined(__sun__) && !defined(__svr4)
int fclose(FILE*);
diff --git a/crypto/kerberosIV/appl/ftp/ftp/gssapi.c b/crypto/kerberosIV/appl/ftp/ftp/gssapi.c
new file mode 100644
index 000000000000..bc001a495036
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftp/gssapi.c
@@ -0,0 +1,334 @@
+/*
+ * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef FTP_SERVER
+#include "ftpd_locl.h"
+#else
+#include "ftp_locl.h"
+#endif
+#include <gssapi.h>
+
+RCSID("$Id: gssapi.c,v 1.7 1999/04/10 15:08:39 assar Exp $");
+
+struct gss_data {
+ gss_ctx_id_t context_hdl;
+ char *client_name;
+};
+
+static int
+gss_init(void *app_data)
+{
+ struct gss_data *d = app_data;
+ d->context_hdl = GSS_C_NO_CONTEXT;
+ return 0;
+}
+
+static int
+gss_check_prot(void *app_data, int level)
+{
+ if(level == prot_confidential)
+ return -1;
+ return 0;
+}
+
+static int
+gss_decode(void *app_data, void *buf, int len, int level)
+{
+ OM_uint32 maj_stat, min_stat;
+ gss_buffer_desc input, output;
+ gss_qop_t qop_state;
+ int conf_state;
+ struct gss_data *d = app_data;
+
+ input.length = len;
+ input.value = buf;
+ maj_stat = gss_unwrap (&min_stat,
+ d->context_hdl,
+ &input,
+ &output,
+ &conf_state,
+ &qop_state);
+ if(GSS_ERROR(maj_stat))
+ return -1;
+ memmove(buf, output.value, output.length);
+ return output.length;
+}
+
+static int
+gss_overhead(void *app_data, int level, int len)
+{
+ return 100; /* dunno? */
+}
+
+
+static int
+gss_encode(void *app_data, void *from, int length, int level, void **to)
+{
+ OM_uint32 maj_stat, min_stat;
+ gss_buffer_desc input, output;
+ int conf_state;
+ struct gss_data *d = app_data;
+
+ input.length = length;
+ input.value = from;
+ maj_stat = gss_wrap (&min_stat,
+ d->context_hdl,
+ level == prot_private,
+ GSS_C_QOP_DEFAULT,
+ &input,
+ &conf_state,
+ &output);
+ *to = output.value;
+ return output.length;
+}
+
+/* end common stuff */
+
+#ifdef FTP_SERVER
+
+static int
+gss_adat(void *app_data, void *buf, size_t len)
+{
+ char *p = NULL;
+ gss_buffer_desc input_token, output_token;
+ OM_uint32 maj_stat, min_stat;
+ gss_name_t client_name;
+ struct gss_data *d = app_data;
+
+ gss_channel_bindings_t bindings = malloc(sizeof(*bindings));
+ bindings->initiator_addrtype = GSS_C_AF_INET;
+ bindings->initiator_address.length = 4;
+ bindings->initiator_address.value = &his_addr.sin_addr;
+ bindings->acceptor_addrtype = GSS_C_AF_INET;
+ bindings->acceptor_address.length = 4;
+ bindings->acceptor_address.value = &ctrl_addr.sin_addr;
+ bindings->application_data.length = 0;
+ bindings->application_data.value = NULL;
+
+ input_token.value = buf;
+ input_token.length = len;
+
+ maj_stat = gss_accept_sec_context (&min_stat,
+ &d->context_hdl,
+ GSS_C_NO_CREDENTIAL,
+ &input_token,
+ bindings,
+ &client_name,
+ NULL,
+ &output_token,
+ NULL,
+ NULL,
+ NULL);
+
+ if(output_token.length) {
+ if(base64_encode(output_token.value, output_token.length, &p) < 0) {
+ reply(535, "Out of memory base64-encoding.");
+ return -1;
+ }
+ }
+ if(maj_stat == GSS_S_COMPLETE){
+ char *name;
+ gss_buffer_desc export_name;
+ maj_stat = gss_export_name(&min_stat, client_name, &export_name);
+ if(maj_stat != 0) {
+ reply(500, "Error exporting name");
+ goto out;
+ }
+ name = realloc(export_name.value, export_name.length + 1);
+ if(name == NULL) {
+ reply(500, "Out of memory");
+ free(export_name.value);
+ goto out;
+ }
+ name[export_name.length] = '\0';
+ d->client_name = name;
+ if(p)
+ reply(235, "ADAT=%s", p);
+ else
+ reply(235, "ADAT Complete");
+ sec_complete = 1;
+
+ } else if(maj_stat == GSS_S_CONTINUE_NEEDED) {
+ if(p)
+ reply(335, "ADAT=%s", p);
+ else
+ reply(335, "OK, need more data");
+ } else
+ reply(535, "foo?");
+out:
+ free(p);
+ return 0;
+}
+
+int gss_userok(void*, char*);
+
+struct sec_server_mech gss_server_mech = {
+ "GSSAPI",
+ sizeof(struct gss_data),
+ gss_init, /* init */
+ NULL, /* end */
+ gss_check_prot,
+ gss_overhead,
+ gss_encode,
+ gss_decode,
+ /* */
+ NULL,
+ gss_adat,
+ NULL, /* pbsz */
+ NULL, /* ccc */
+ gss_userok
+};
+
+#else /* FTP_SERVER */
+
+extern struct sockaddr_in hisctladdr, myctladdr;
+
+static int
+gss_auth(void *app_data, char *host)
+{
+
+ OM_uint32 maj_stat, min_stat;
+ gss_buffer_desc name;
+ gss_name_t target_name;
+ gss_buffer_desc input, output_token;
+ int context_established = 0;
+ char *p;
+ int n;
+ gss_channel_bindings_t bindings;
+ struct gss_data *d = app_data;
+
+ name.length = asprintf((char**)&name.value, "ftp@%s", host);
+ maj_stat = gss_import_name(&min_stat,
+ &name,
+ GSS_C_NT_HOSTBASED_SERVICE,
+ &target_name);
+ free(name.value);
+
+
+ input.length = 0;
+ input.value = NULL;
+
+ bindings = malloc(sizeof(*bindings));
+ bindings->initiator_addrtype = GSS_C_AF_INET;
+ bindings->initiator_address.length = 4;
+ bindings->initiator_address.value = &myctladdr.sin_addr;
+ bindings->acceptor_addrtype = GSS_C_AF_INET;
+ bindings->acceptor_address.length = 4;
+ bindings->acceptor_address.value = &hisctladdr.sin_addr;
+ bindings->application_data.length = 0;
+ bindings->application_data.value = NULL;
+
+ while(!context_established) {
+ maj_stat = gss_init_sec_context(&min_stat,
+ GSS_C_NO_CREDENTIAL,
+ &d->context_hdl,
+ target_name,
+ GSS_C_NO_OID,
+ GSS_C_MUTUAL_FLAG | GSS_C_SEQUENCE_FLAG,
+ 0,
+ bindings,
+ &input,
+ NULL,
+ &output_token,
+ NULL,
+ NULL);
+ if (GSS_ERROR(maj_stat)) {
+ int new_stat;
+ int msg_ctx = 0;
+ gss_buffer_desc status_string;
+
+ gss_display_status(&new_stat,
+ min_stat,
+ GSS_C_MECH_CODE,
+ GSS_C_NO_OID,
+ &msg_ctx,
+ &status_string);
+ printf("Error initializing security context: %s\n",
+ (char*)status_string.value);
+ gss_release_buffer(&new_stat, &status_string);
+ return AUTH_CONTINUE;
+ }
+
+ gss_release_buffer(&min_stat, &input);
+ if (output_token.length != 0) {
+ base64_encode(output_token.value, output_token.length, &p);
+ gss_release_buffer(&min_stat, &output_token);
+ n = command("ADAT %s", p);
+ free(p);
+ }
+ if (GSS_ERROR(maj_stat)) {
+ if (d->context_hdl != GSS_C_NO_CONTEXT)
+ gss_delete_sec_context (&min_stat,
+ &d->context_hdl,
+ GSS_C_NO_BUFFER);
+ break;
+ }
+ if (maj_stat & GSS_S_CONTINUE_NEEDED) {
+ p = strstr(reply_string, "ADAT=");
+ if(p == NULL){
+ printf("Error: expected ADAT in reply.\n");
+ return AUTH_ERROR;
+ } else {
+ p+=5;
+ input.value = malloc(strlen(p));
+ input.length = base64_decode(p, input.value);
+ }
+ } else {
+ if(code != 235) {
+ printf("Unrecognized response code: %d\n", code);
+ return AUTH_ERROR;
+ }
+ context_established = 1;
+ }
+ }
+ return AUTH_OK;
+}
+
+struct sec_client_mech gss_client_mech = {
+ "GSSAPI",
+ sizeof(struct gss_data),
+ gss_init,
+ gss_auth,
+ NULL, /* end */
+ gss_check_prot,
+ gss_overhead,
+ gss_encode,
+ gss_decode,
+};
+
+#endif /* FTP_SERVER */
diff --git a/crypto/kerberosIV/appl/ftp/ftp/kauth.c b/crypto/kerberosIV/appl/ftp/ftp/kauth.c
index 8bc9b9bf28dd..434dfb83cf7f 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/kauth.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/kauth.c
@@ -37,9 +37,11 @@
*/
#include "ftp_locl.h"
-RCSID("$Id: kauth.c,v 1.14 1997/05/11 04:08:04 assar Exp $");
+#include <krb.h>
+RCSID("$Id: kauth.c,v 1.17 1998/03/26 02:55:38 joda Exp $");
-void kauth(int argc, char **argv)
+void
+kauth(int argc, char **argv)
{
int ret;
char buf[1024];
@@ -120,7 +122,11 @@ void kauth(int argc, char **argv)
memset(key, 0, sizeof(key));
memset(schedule, 0, sizeof(schedule));
memset(passwd, 0, sizeof(passwd));
- base64_encode(tktcopy.dat, tktcopy.length, &p);
+ if(base64_encode(tktcopy.dat, tktcopy.length, &p) < 0) {
+ printf("Out of memory base64-encoding.\n");
+ code = -1;
+ return;
+ }
memset (tktcopy.dat, 0, tktcopy.length);
ret = command("SITE KAUTH %s %s", name, p);
free(p);
@@ -131,7 +137,8 @@ void kauth(int argc, char **argv)
code = 0;
}
-void klist(int argc, char **argv)
+void
+klist(int argc, char **argv)
{
int ret;
if(argc != 1){
@@ -143,3 +150,45 @@ void klist(int argc, char **argv)
ret = command("SITE KLIST");
code = (ret == COMPLETE);
}
+
+void
+kdestroy(int argc, char **argv)
+{
+ int ret;
+ if (argc != 1) {
+ printf("usage: %s\n", argv[0]);
+ code = -1;
+ return;
+ }
+ ret = command("SITE KDESTROY");
+ code = (ret == COMPLETE);
+}
+
+void
+krbtkfile(int argc, char **argv)
+{
+ int ret;
+ if(argc != 2) {
+ printf("usage: %s tktfile\n", argv[0]);
+ code = -1;
+ return;
+ }
+ ret = command("SITE KRBTKFILE %s", argv[1]);
+ code = (ret == COMPLETE);
+}
+
+void
+afslog(int argc, char **argv)
+{
+ int ret;
+ if(argc > 2) {
+ printf("usage: %s [cell]\n", argv[0]);
+ code = -1;
+ return;
+ }
+ if(argc == 2)
+ ret = command("SITE AFSLOG %s", argv[1]);
+ else
+ ret = command("SITE AFSLOG");
+ code = (ret == COMPLETE);
+}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/krb4.c b/crypto/kerberosIV/appl/ftp/ftp/krb4.c
index 872c5bc13f91..5b9b9b8d88c2 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/krb4.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/krb4.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -36,532 +36,260 @@
* SUCH DAMAGE.
*/
+#ifdef FTP_SERVER
+#include "ftpd_locl.h"
+#else
#include "ftp_locl.h"
-
-RCSID("$Id: krb4.c,v 1.18 1997/05/11 04:08:05 assar Exp $");
-
-static KTEXT_ST krb4_adat;
-
-static des_cblock key;
-static des_key_schedule schedule;
-
-static char *data_buffer;
-
-extern struct sockaddr_in hisctladdr, myctladdr;
-
-int auth_complete;
-
-static int command_prot;
-
-static int auth_pbsz;
-static int data_prot;
-
-static int request_data_prot;
-
-
-static struct {
- int level;
- char *name;
-} level_names[] = {
- { prot_clear, "clear" },
- { prot_safe, "safe" },
- { prot_confidential, "confidential" },
- { prot_private, "private" }
+#endif
+#include <krb.h>
+
+RCSID("$Id: krb4.c,v 1.30 1999/06/15 03:50:28 assar Exp $");
+
+#ifdef FTP_SERVER
+#define LOCAL_ADDR ctrl_addr
+#define REMOTE_ADDR his_addr
+#else
+#define LOCAL_ADDR myctladdr
+#define REMOTE_ADDR hisctladdr
+#endif
+extern struct sockaddr_in LOCAL_ADDR, REMOTE_ADDR;
+
+struct krb4_data {
+ des_cblock key;
+ des_key_schedule schedule;
+ char name[ANAME_SZ];
+ char instance[INST_SZ];
+ char realm[REALM_SZ];
};
-static char *level_to_name(int level)
-{
- int i;
- for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++)
- if(level_names[i].level == level)
- return level_names[i].name;
- return "unknown";
-}
-
-static int name_to_level(char *name)
-{
- int i;
- for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++)
- if(!strncasecmp(level_names[i].name, name, strlen(name)))
- return level_names[i].level;
- return -1;
-}
-
-void sec_status(void)
-{
- if(auth_complete){
- printf("Using KERBEROS_V4 for authentication.\n");
-
- command_prot = prot_private; /* this variable is not used */
-
- printf("Using %s command channel.\n",
- level_to_name(command_prot));
-
- printf("Using %s data channel.\n",
- level_to_name(data_prot));
- if(auth_pbsz > 0)
- printf("Protection buffer size: %d.\n", auth_pbsz);
- }else{
- printf("Not using any security mechanism.\n");
- }
-}
-
static int
-sec_prot_internal(int level)
+krb4_check_prot(void *app_data, int level)
{
- int ret;
- char *p;
- int s = 1048576;
-
- int old_verbose = verbose;
- verbose = 0;
-
- if(!auth_complete){
- printf("No security data exchange has taken place.\n");
+ if(level == prot_confidential)
return -1;
- }
-
- if(level){
- ret = command("PBSZ %d", s);
- if(ret != COMPLETE){
- printf("Failed to set protection buffer size.\n");
- return -1;
- }
- auth_pbsz = s;
- p = strstr(reply_string, "PBSZ=");
- if(p)
- sscanf(p, "PBSZ=%d", &s);
- if(s < auth_pbsz)
- auth_pbsz = s;
- if(data_buffer)
- free(data_buffer);
- data_buffer = malloc(auth_pbsz);
- }
- verbose = old_verbose;
- ret = command("PROT %c", level["CSEP"]); /* XXX :-) */
- if(ret != COMPLETE){
- printf("Failed to set protection level.\n");
- return -1;
- }
-
- data_prot = level;
return 0;
}
-
-void
-sec_prot(int argc, char **argv)
+static int
+krb4_decode(void *app_data, void *buf, int len, int level)
{
- int level = -1;
-
- if(argc != 2){
- printf("usage: %s (clear | safe | confidential | private)\n",
- argv[0]);
- code = -1;
- return;
- }
- if(!auth_complete){
- printf("No security data exchange has taken place.\n");
- code = -1;
- return;
- }
- level = name_to_level(argv[1]);
-
- if(level == -1){
- printf("usage: %s (clear | safe | confidential | private)\n",
- argv[0]);
- code = -1;
- return;
- }
+ MSG_DAT m;
+ int e;
+ struct krb4_data *d = app_data;
- if(level == prot_confidential){
- printf("Confidential protection is not defined with Kerberos.\n");
- code = -1;
- return;
- }
-
- if(sec_prot_internal(level) < 0){
- code = -1;
- return;
- }
- code = 0;
-}
-
-void
-sec_set_protection_level(void)
-{
- if(auth_complete && data_prot != request_data_prot)
- sec_prot_internal(request_data_prot);
-}
-
-
-int
-sec_request_prot(char *level)
-{
- int l = name_to_level(level);
- if(l == -1)
- return -1;
- request_data_prot = l;
- return 0;
-}
-
-
-int sec_getc(FILE *F)
-{
- if(auth_complete && data_prot)
- return krb4_getc(F);
+ if(level == prot_safe)
+ e = krb_rd_safe(buf, len, &d->key, &REMOTE_ADDR, &LOCAL_ADDR, &m);
else
- return getc(F);
+ e = krb_rd_priv(buf, len, d->schedule, &d->key,
+ &REMOTE_ADDR, &LOCAL_ADDR, &m);
+ if(e){
+ return -1;
+ }
+ memmove(buf, m.app_data, m.app_length);
+ return m.app_length;
}
-int sec_read(int fd, void *data, int length)
+static int
+krb4_overhead(void *app_data, int level, int len)
{
- if(auth_complete && data_prot)
- return krb4_read(fd, data, length);
- else
- return read(fd, data, length);
+ return 31;
}
static int
-krb4_recv(int fd)
+krb4_encode(void *app_data, void *from, int length, int level, void **to)
{
- int len;
- MSG_DAT m;
- int kerror;
-
- krb_net_read(fd, &len, sizeof(len));
- len = ntohl(len);
- krb_net_read(fd, data_buffer, len);
- if(data_prot == prot_safe)
- kerror = krb_rd_safe(data_buffer, len, &key,
- &hisctladdr, &myctladdr, &m);
+ struct krb4_data *d = app_data;
+ *to = malloc(length + 31);
+ if(level == prot_safe)
+ return krb_mk_safe(from, *to, length, &d->key,
+ &LOCAL_ADDR, &REMOTE_ADDR);
+ else if(level == prot_private)
+ return krb_mk_priv(from, *to, length, d->schedule, &d->key,
+ &LOCAL_ADDR, &REMOTE_ADDR);
else
- kerror = krb_rd_priv(data_buffer, len, schedule, &key,
- &hisctladdr, &myctladdr, &m);
- if(kerror){
return -1;
- }
- memmove(data_buffer, m.app_data, m.app_length);
- return m.app_length;
}
+#ifdef FTP_SERVER
-int krb4_getc(FILE *F)
+static int
+krb4_adat(void *app_data, void *buf, size_t len)
{
- static int bytes;
- static int index;
- if(bytes == 0){
- bytes = krb4_recv(fileno(F));
- index = 0;
- }
- if(bytes){
- bytes--;
- return (unsigned char)data_buffer[index++];
+ KTEXT_ST tkt;
+ AUTH_DAT auth_dat;
+ char *p;
+ int kerror;
+ u_int32_t cs;
+ char msg[35]; /* size of encrypted block */
+ int tmp_len;
+ struct krb4_data *d = app_data;
+ char inst[INST_SZ];
+
+ memcpy(tkt.dat, buf, len);
+ tkt.length = len;
+
+ k_getsockinst(0, inst, sizeof(inst));
+ kerror = krb_rd_req(&tkt, "ftp", inst,
+ his_addr.sin_addr.s_addr, &auth_dat, "");
+ if(kerror == RD_AP_UNDEC){
+ k_getsockinst(0, inst, sizeof(inst));
+ kerror = krb_rd_req(&tkt, "rcmd", inst,
+ his_addr.sin_addr.s_addr, &auth_dat, "");
}
- return EOF;
-}
-
-int krb4_read(int fd, char *data, int length)
-{
- static int left;
- static int index;
- static int eof;
- int len = left;
- int rx = 0;
- if(eof){
- eof = 0;
- return 0;
+ if(kerror){
+ reply(535, "Error reading request: %s.", krb_get_err_text(kerror));
+ return -1;
}
- if(left){
- if(length < len)
- len = length;
- memmove(data, data_buffer + index, len);
- length -= len;
- index += len;
- rx += len;
- left -= len;
+ memcpy(d->key, auth_dat.session, sizeof(d->key));
+ des_set_key(&d->key, d->schedule);
+
+ strcpy_truncate(d->name, auth_dat.pname, sizeof(d->name));
+ strcpy_truncate(d->instance, auth_dat.pinst, sizeof(d->instance));
+ strcpy_truncate(d->realm, auth_dat.prealm, sizeof(d->instance));
+
+ cs = auth_dat.checksum + 1;
+ {
+ unsigned char tmp[4];
+ KRB_PUT_INT(cs, tmp, 4, sizeof(tmp));
+ tmp_len = krb_mk_safe(tmp, msg, 4, &d->key, &LOCAL_ADDR, &REMOTE_ADDR);
}
-
- while(length){
- len = krb4_recv(fd);
- if(len == 0){
- if(rx)
- eof = 1;
- return rx;
- }
- if(len > length){
- left = len - length;
- len = index = length;
- }
- memmove(data, data_buffer, len);
- length -= len;
- data += len;
- rx += len;
+ if(tmp_len < 0){
+ reply(535, "Error creating reply: %s.", strerror(errno));
+ return -1;
}
- return rx;
-}
-
-
-static int
-krb4_encode(char *from, char *to, int length)
-{
- if(data_prot == prot_safe)
- return krb_mk_safe(from, to, length, &key,
- &myctladdr, &hisctladdr);
- else
- return krb_mk_priv(from, to, length, schedule, &key,
- &myctladdr, &hisctladdr);
-}
-
-static int
-krb4_overhead(int len)
-{
- if(data_prot == prot_safe)
- return 31;
- else
- return 26;
-}
-
-static char p_buf[1024];
-static int p_index;
-
-int
-sec_putc(int c, FILE *F)
-{
- if(data_prot){
- if((c == '\n' && p_index) || p_index == sizeof(p_buf)){
- sec_write(fileno(F), p_buf, p_index);
- p_index = 0;
- }
- p_buf[p_index++] = c;
- return c;
+ len = tmp_len;
+ if(base64_encode(msg, len, &p) < 0) {
+ reply(535, "Out of memory base64-encoding.");
+ return -1;
}
- return putc(c, F);
+ reply(235, "ADAT=%s", p);
+ sec_complete = 1;
+ free(p);
+ return 0;
}
static int
-sec_send(int fd, char *from, int length)
+krb4_userok(void *app_data, char *user)
{
- int bytes;
- bytes = krb4_encode(from, data_buffer, length);
- bytes = htonl(bytes);
- krb_net_write(fd, &bytes, sizeof(bytes));
- krb_net_write(fd, data_buffer, ntohl(bytes));
- return length;
+ struct krb4_data *d = app_data;
+ return krb_kuserok(d->name, d->instance, d->realm, user);
}
-int
-sec_fflush(FILE *F)
-{
- if(data_prot){
- if(p_index){
- sec_write(fileno(F), p_buf, p_index);
- p_index = 0;
- }
- sec_send(fileno(F), NULL, 0);
- }
- fflush(F);
- return 0;
-}
+struct sec_server_mech krb4_server_mech = {
+ "KERBEROS_V4",
+ sizeof(struct krb4_data),
+ NULL, /* init */
+ NULL, /* end */
+ krb4_check_prot,
+ krb4_overhead,
+ krb4_encode,
+ krb4_decode,
+ /* */
+ NULL,
+ krb4_adat,
+ NULL, /* pbsz */
+ NULL, /* ccc */
+ krb4_userok
+};
-int
-sec_write(int fd, char *data, int length)
-{
- int len = auth_pbsz;
- int tx = 0;
-
- if(data_prot == prot_clear)
- return write(fd, data, length);
-
- len -= krb4_overhead(len);
- while(length){
- if(length < len)
- len = length;
- sec_send(fd, data, len);
- length -= len;
- data += len;
- tx += len;
- }
- return tx;
-}
+#else /* FTP_SERVER */
static int
-do_auth(char *service, char *host, int checksum)
+mk_auth(struct krb4_data *d, KTEXT adat,
+ char *service, char *host, int checksum)
{
int ret;
CREDENTIALS cred;
char sname[SNAME_SZ], inst[INST_SZ], realm[REALM_SZ];
- strcpy(sname, service);
- strcpy(inst, krb_get_phost(host));
- strcpy(realm, krb_realmofhost(host));
- ret = krb_mk_req(&krb4_adat, sname, inst, realm, checksum);
+
+ strcpy_truncate(sname, service, sizeof(sname));
+ strcpy_truncate(inst, krb_get_phost(host), sizeof(inst));
+ strcpy_truncate(realm, krb_realmofhost(host), sizeof(realm));
+ ret = krb_mk_req(adat, sname, inst, realm, checksum);
if(ret)
return ret;
- strcpy(sname, service);
- strcpy(inst, krb_get_phost(host));
- strcpy(realm, krb_realmofhost(host));
+ strcpy_truncate(sname, service, sizeof(sname));
+ strcpy_truncate(inst, krb_get_phost(host), sizeof(inst));
+ strcpy_truncate(realm, krb_realmofhost(host), sizeof(realm));
ret = krb_get_cred(sname, inst, realm, &cred);
- memmove(&key, &cred.session, sizeof(des_cblock));
- des_key_sched(&key, schedule);
+ memmove(&d->key, &cred.session, sizeof(des_cblock));
+ des_key_sched(&d->key, d->schedule);
memset(&cred, 0, sizeof(cred));
return ret;
}
-
-int
-do_klogin(char *host)
+static int
+krb4_auth(void *app_data, char *host)
{
int ret;
char *p;
int len;
- char adat[1024];
+ KTEXT_ST adat;
MSG_DAT msg_data;
int checksum;
-
- int old_verbose = verbose;
-
- verbose = 0;
- printf("Trying KERBEROS_V4...\n");
- ret = command("AUTH KERBEROS_V4");
- if(ret != CONTINUE){
- if(code == 504){
- printf("Kerberos 4 is not supported by the server.\n");
- }else if(code == 534){
- printf("KERBEROS_V4 rejected as security mechanism.\n");
- }else if(ret == ERROR)
- printf("The server doesn't understand the FTP "
- "security extensions.\n");
- verbose = old_verbose;
- return -1;
- }
+ u_int32_t cs;
+ struct krb4_data *d = app_data;
checksum = getpid();
- ret = do_auth("ftp", host, checksum);
+ ret = mk_auth(d, &adat, "ftp", host, checksum);
if(ret == KDC_PR_UNKNOWN)
- ret = do_auth("rcmd", host, checksum);
+ ret = mk_auth(d, &adat, "rcmd", host, checksum);
if(ret){
printf("%s\n", krb_get_err_text(ret));
- verbose = old_verbose;
- return ret;
+ return AUTH_CONTINUE;
}
- base64_encode(krb4_adat.dat, krb4_adat.length, &p);
+ if(base64_encode(adat.dat, adat.length, &p) < 0) {
+ printf("Out of memory base64-encoding.\n");
+ return AUTH_CONTINUE;
+ }
ret = command("ADAT %s", p);
free(p);
if(ret != COMPLETE){
printf("Server didn't accept auth data.\n");
- verbose = old_verbose;
- return -1;
+ return AUTH_ERROR;
}
p = strstr(reply_string, "ADAT=");
if(!p){
printf("Remote host didn't send adat reply.\n");
- verbose = old_verbose;
- return -1;
+ return AUTH_ERROR;
}
- p+=5;
- len = base64_decode(p, adat);
+ p += 5;
+ len = base64_decode(p, adat.dat);
if(len < 0){
printf("Failed to decode base64 from server.\n");
- verbose = old_verbose;
- return -1;
+ return AUTH_ERROR;
}
- ret = krb_rd_safe(adat, len, &key,
+ adat.length = len;
+ ret = krb_rd_safe(adat.dat, adat.length, &d->key,
&hisctladdr, &myctladdr, &msg_data);
if(ret){
printf("Error reading reply from server: %s.\n",
krb_get_err_text(ret));
- verbose = old_verbose;
- return -1;
+ return AUTH_ERROR;
}
- {
- /* the draft doesn't tell what size the return has */
- int i;
- u_int32_t cs = 0;
- for(i = 0; i < msg_data.app_length; i++)
- cs = (cs<<8) + msg_data.app_data[i];
- if(cs - checksum != 1){
- printf("Bad checksum returned from server.\n");
- verbose = old_verbose;
- return -1;
- }
+ krb_get_int(msg_data.app_data, &cs, 4, 0);
+ if(cs - checksum != 1){
+ printf("Bad checksum returned from server.\n");
+ return AUTH_ERROR;
}
- auth_complete = 1;
- verbose = old_verbose;
- return 0;
-}
-
-void
-krb4_quit(void)
-{
- auth_complete = 0;
-}
-
-int krb4_write_enc(FILE *F, char *fmt, va_list ap)
-{
- int len;
- char *p;
- char buf[1024];
- char enc[1024];
-
- vsnprintf(buf, sizeof(buf), fmt, ap);
- len = krb_mk_priv(buf, enc, strlen(buf), schedule, &key,
- &myctladdr, &hisctladdr);
- base64_encode(enc, len, &p);
-
- fprintf(F, "ENC %s", p);
- free (p);
- return 0;
+ return AUTH_OK;
}
+struct sec_client_mech krb4_client_mech = {
+ "KERBEROS_V4",
+ sizeof(struct krb4_data),
+ NULL, /* init */
+ krb4_auth,
+ NULL, /* end */
+ krb4_check_prot,
+ krb4_overhead,
+ krb4_encode,
+ krb4_decode
+};
-int krb4_read_msg(char *s, int priv)
-{
- int len;
- int ret;
- char buf[1024];
- MSG_DAT m;
- int code;
-
- len = base64_decode(s + 4, buf);
- if(priv)
- ret = krb_rd_priv(buf, len, schedule, &key,
- &hisctladdr, &myctladdr, &m);
- else
- ret = krb_rd_safe(buf, len, &key, &hisctladdr, &myctladdr, &m);
- if(ret){
- printf("%s\n", krb_get_err_text(ret));
- return -1;
- }
-
- m.app_data[m.app_length] = 0;
- if(m.app_data[3] == '-')
- code = 0;
- else
- sscanf((char*)m.app_data, "%d", &code);
- strncpy(s, (char*)m.app_data, strlen((char*)m.app_data));
-
- s[m.app_length] = 0;
- len = strlen(s);
- if(s[len-1] == '\n')
- s[len-1] = 0;
-
- return code;
-}
-
-int
-krb4_read_mic(char *s)
-{
- return krb4_read_msg(s, 0);
-}
-
-int
-krb4_read_enc(char *s)
-{
- return krb4_read_msg(s, 1);
-}
-
+#endif /* FTP_SERVER */
diff --git a/crypto/kerberosIV/appl/ftp/ftp/main.c b/crypto/kerberosIV/appl/ftp/ftp/main.c
index 4d1b6a543cdf..5b0fe36ef3b9 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/main.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/main.c
@@ -36,7 +36,7 @@
*/
#include "ftp_locl.h"
-RCSID("$Id: main.c,v 1.20 1997/04/20 16:14:55 joda Exp $");
+RCSID("$Id: main.c,v 1.25 1999/05/08 02:22:09 assar Exp $");
int
main(int argc, char **argv)
@@ -54,8 +54,9 @@ main(int argc, char **argv)
doglob = 1;
interactive = 1;
autologin = 1;
+ passivemode = 0; /* passive mode not active */
- while ((ch = getopt(argc, argv, "dgintv")) != EOF) {
+ while ((ch = getopt(argc, argv, "dginptv")) != EOF) {
switch (ch) {
case 'd':
options |= SO_DEBUG;
@@ -74,6 +75,9 @@ main(int argc, char **argv)
autologin = 0;
break;
+ case 'p':
+ passivemode = 1;
+ break;
case 't':
trace++;
break;
@@ -84,7 +88,7 @@ main(int argc, char **argv)
default:
fprintf(stderr,
- "usage: ftp [-dgintv] [host [port]]\n");
+ "usage: ftp [-dginptv] [host [port]]\n");
exit(1);
}
}
@@ -96,7 +100,6 @@ main(int argc, char **argv)
verbose++;
cpend = 0; /* no pending replies */
proxy = 0; /* proxy not active */
- passivemode = 0; /* passive mode not active */
crflag = 1; /* strip c.r. on ascii gets */
sendport = -1; /* not using ports */
/*
@@ -104,8 +107,8 @@ main(int argc, char **argv)
*/
pw = k_getpwuid(getuid());
if (pw != NULL) {
+ strcpy_truncate(homedir, pw->pw_dir, sizeof(homedir));
home = homedir;
- strcpy(home, pw->pw_dir);
}
if (argc > 0) {
char *xargv[5];
@@ -174,6 +177,7 @@ lostpeer(int sig)
}
proxflag = 0;
pswitch(0);
+ sec_end();
SIGRETURN(0);
}
@@ -242,8 +246,7 @@ cmdscanner(int top)
p = readline("ftp> ");
if(p == NULL)
quit(0, 0);
- strncpy(line, p, sizeof(line));
- line[sizeof(line) - 1] = 0;
+ strcpy_truncate(line, p, sizeof(line));
add_history(p);
free(p);
} else{
@@ -337,12 +340,16 @@ makeargv(void)
for (margc = 0; ; margc++) {
/* Expand array if necessary */
if (margc == margvlen) {
+ int i;
+
margv = (margvlen == 0)
? (char **)malloc(20 * sizeof(char *))
: (char **)realloc(margv,
(margvlen + 20)*sizeof(char *));
if (margv == NULL)
errx(1, "cannot realloc argv array");
+ for(i = margvlen; i < margvlen + 20; ++i)
+ margv[i] = NULL;
margvlen += 20;
argp = margv + margc;
}
diff --git a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c b/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
index 8cea6d432016..043e6fb34132 100644
--- a/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
+++ b/crypto/kerberosIV/appl/ftp/ftp/ruserpass.c
@@ -32,7 +32,7 @@
*/
#include "ftp_locl.h"
-RCSID("$Id: ruserpass.c,v 1.10 1997/05/02 14:27:55 assar Exp $");
+RCSID("$Id: ruserpass.c,v 1.15 1999/03/11 13:54:58 joda Exp $");
static int token (void);
static FILE *cfile;
@@ -63,175 +63,213 @@ static struct toktab {
{ NULL, 0 }
};
+/*
+ * Write a copy of the hostname into `hostname, sz' and return a guess
+ * as to the `domain' of that hostname.
+ */
+
+static char *
+guess_domain (char *hostname, size_t sz)
+{
+ struct hostent *he;
+ char *dot;
+ char *a;
+ char **aliases;
+
+ if (gethostname (hostname, sz) < 0) {
+ strcpy_truncate (hostname, "", sz);
+ return "";
+ }
+ dot = strchr (hostname, '.');
+ if (dot != NULL)
+ return dot + 1;
+
+ he = gethostbyname (hostname);
+ if (he == NULL)
+ return hostname;
+
+ dot = strchr (he->h_name, '.');
+ if (dot != NULL) {
+ strcpy_truncate (hostname, he->h_name, sz);
+ return dot + 1;
+ }
+ for (aliases = he->h_aliases; (a = *aliases) != NULL; ++aliases) {
+ dot = strchr (a, '.');
+ if (dot != NULL) {
+ strcpy_truncate (hostname, a, sz);
+ return dot + 1;
+ }
+ }
+ return hostname;
+}
+
int
ruserpass(char *host, char **aname, char **apass, char **aacct)
{
- char *hdir, buf[BUFSIZ], *tmp;
- int t, i, c, usedefault = 0;
- struct stat stb;
+ char *hdir, buf[BUFSIZ], *tmp;
+ int t, i, c, usedefault = 0;
+ struct stat stb;
- if(k_gethostname(myhostname, MaxHostNameLen) < 0)
- strcpy(myhostname, "");
- if((mydomain = strchr(myhostname, '.')) == NULL)
- mydomain = myhostname;
- else
- mydomain++;
- hdir = getenv("HOME");
- if (hdir == NULL)
- hdir = ".";
- snprintf(buf, sizeof(buf), "%s/.netrc", hdir);
- cfile = fopen(buf, "r");
- if (cfile == NULL) {
- if (errno != ENOENT)
- warn("%s", buf);
- return (0);
- }
+ mydomain = guess_domain (myhostname, MaxHostNameLen);
+
+ hdir = getenv("HOME");
+ if (hdir == NULL)
+ hdir = ".";
+ snprintf(buf, sizeof(buf), "%s/.netrc", hdir);
+ cfile = fopen(buf, "r");
+ if (cfile == NULL) {
+ if (errno != ENOENT)
+ warn("%s", buf);
+ return (0);
+ }
next:
- while ((t = token())) switch(t) {
+ while ((t = token())) switch(t) {
- case DEFAULT:
- usedefault = 1;
- /* FALL THROUGH */
+ case DEFAULT:
+ usedefault = 1;
+ /* FALL THROUGH */
- case MACH:
- if (!usedefault) {
- if (token() != ID)
- continue;
- /*
- * Allow match either for user's input host name
- * or official hostname. Also allow match of
- * incompletely-specified host in local domain.
- */
- if (strcasecmp(host, tokval) == 0)
- goto match;
- if (strcasecmp(hostname, tokval) == 0)
- goto match;
- if ((tmp = strchr(hostname, '.')) != NULL &&
- tmp++ &&
- strcasecmp(tmp, mydomain) == 0 &&
- strncasecmp(hostname, tokval, tmp-hostname) == 0 &&
- tokval[tmp - hostname] == '\0')
- goto match;
- if ((tmp = strchr(host, '.')) != NULL &&
- tmp++ &&
- strcasecmp(tmp, mydomain) == 0 &&
- strncasecmp(host, tokval, tmp - host) == 0 &&
- tokval[tmp - host] == '\0')
- goto match;
- continue;
- }
- match:
- while ((t = token()) && t != MACH && t != DEFAULT) switch(t) {
+ case MACH:
+ if (!usedefault) {
+ if (token() != ID)
+ continue;
+ /*
+ * Allow match either for user's input host name
+ * or official hostname. Also allow match of
+ * incompletely-specified host in local domain.
+ */
+ if (strcasecmp(host, tokval) == 0)
+ goto match;
+ if (strcasecmp(hostname, tokval) == 0)
+ goto match;
+ if ((tmp = strchr(hostname, '.')) != NULL &&
+ tmp++ &&
+ strcasecmp(tmp, mydomain) == 0 &&
+ strncasecmp(hostname, tokval, tmp-hostname) == 0 &&
+ tokval[tmp - hostname] == '\0')
+ goto match;
+ if ((tmp = strchr(host, '.')) != NULL &&
+ tmp++ &&
+ strcasecmp(tmp, mydomain) == 0 &&
+ strncasecmp(host, tokval, tmp - host) == 0 &&
+ tokval[tmp - host] == '\0')
+ goto match;
+ continue;
+ }
+ match:
+ while ((t = token()) && t != MACH && t != DEFAULT) switch(t) {
- case LOGIN:
- if (token())
- if (*aname == 0) {
- *aname = strdup(tokval);
- } else {
- if (strcmp(*aname, tokval))
- goto next;
- }
- break;
- case PASSWD:
- if ((*aname == NULL || strcmp(*aname, "anonymous")) &&
- fstat(fileno(cfile), &stb) >= 0 &&
- (stb.st_mode & 077) != 0) {
- warnx("Error: .netrc file is readable by others.");
- warnx("Remove password or make file unreadable by others.");
- goto bad;
- }
- if (token() && *apass == 0) {
- *apass = strdup(tokval);
- }
- break;
- case ACCOUNT:
- if (fstat(fileno(cfile), &stb) >= 0
- && (stb.st_mode & 077) != 0) {
- warnx("Error: .netrc file is readable by others.");
- warnx("Remove account or make file unreadable by others.");
- goto bad;
- }
- if (token() && *aacct == 0) {
- *aacct = strdup(tokval);
- }
- break;
- case MACDEF:
- if (proxy) {
- fclose(cfile);
- return (0);
- }
- while ((c=getc(cfile)) != EOF && c == ' ' || c == '\t');
- if (c == EOF || c == '\n') {
- printf("Missing macdef name argument.\n");
- goto bad;
- }
- if (macnum == 16) {
- printf("Limit of 16 macros have already been defined\n");
- goto bad;
- }
- tmp = macros[macnum].mac_name;
- *tmp++ = c;
- for (i=0; i < 8 && (c=getc(cfile)) != EOF &&
- !isspace(c); ++i) {
- *tmp++ = c;
- }
- if (c == EOF) {
- printf("Macro definition missing null line terminator.\n");
- goto bad;
- }
- *tmp = '\0';
- if (c != '\n') {
- while ((c=getc(cfile)) != EOF && c != '\n');
- }
- if (c == EOF) {
- printf("Macro definition missing null line terminator.\n");
- goto bad;
- }
- if (macnum == 0) {
- macros[macnum].mac_start = macbuf;
- }
- else {
- macros[macnum].mac_start = macros[macnum-1].mac_end + 1;
- }
- tmp = macros[macnum].mac_start;
- while (tmp != macbuf + 4096) {
- if ((c=getc(cfile)) == EOF) {
- printf("Macro definition missing null line terminator.\n");
- goto bad;
- }
- *tmp = c;
- if (*tmp == '\n') {
- if (*(tmp-1) == '\0') {
- macros[macnum++].mac_end = tmp - 1;
- break;
- }
- *tmp = '\0';
- }
- tmp++;
- }
- if (tmp == macbuf + 4096) {
- printf("4K macro buffer exceeded\n");
- goto bad;
- }
- break;
- case PROT:
- token();
- if(sec_request_prot(tokval) < 0)
- warnx("Unknown protection level \"%s\"", tokval);
- break;
- default:
- warnx("Unknown .netrc keyword %s", tokval);
+ case LOGIN:
+ if (token()) {
+ if (*aname == 0) {
+ *aname = strdup(tokval);
+ } else {
+ if (strcmp(*aname, tokval))
+ goto next;
+ }
+ }
+ break;
+ case PASSWD:
+ if ((*aname == NULL || strcmp(*aname, "anonymous")) &&
+ fstat(fileno(cfile), &stb) >= 0 &&
+ (stb.st_mode & 077) != 0) {
+ warnx("Error: .netrc file is readable by others.");
+ warnx("Remove password or make file unreadable by others.");
+ goto bad;
+ }
+ if (token() && *apass == 0) {
+ *apass = strdup(tokval);
+ }
+ break;
+ case ACCOUNT:
+ if (fstat(fileno(cfile), &stb) >= 0
+ && (stb.st_mode & 077) != 0) {
+ warnx("Error: .netrc file is readable by others.");
+ warnx("Remove account or make file unreadable by others.");
+ goto bad;
+ }
+ if (token() && *aacct == 0) {
+ *aacct = strdup(tokval);
+ }
+ break;
+ case MACDEF:
+ if (proxy) {
+ fclose(cfile);
+ return (0);
+ }
+ while ((c=getc(cfile)) != EOF &&
+ (c == ' ' || c == '\t'));
+ if (c == EOF || c == '\n') {
+ printf("Missing macdef name argument.\n");
+ goto bad;
+ }
+ if (macnum == 16) {
+ printf("Limit of 16 macros have already been defined\n");
+ goto bad;
+ }
+ tmp = macros[macnum].mac_name;
+ *tmp++ = c;
+ for (i=0; i < 8 && (c=getc(cfile)) != EOF &&
+ !isspace(c); ++i) {
+ *tmp++ = c;
+ }
+ if (c == EOF) {
+ printf("Macro definition missing null line terminator.\n");
+ goto bad;
+ }
+ *tmp = '\0';
+ if (c != '\n') {
+ while ((c=getc(cfile)) != EOF && c != '\n');
+ }
+ if (c == EOF) {
+ printf("Macro definition missing null line terminator.\n");
+ goto bad;
+ }
+ if (macnum == 0) {
+ macros[macnum].mac_start = macbuf;
+ }
+ else {
+ macros[macnum].mac_start = macros[macnum-1].mac_end + 1;
+ }
+ tmp = macros[macnum].mac_start;
+ while (tmp != macbuf + 4096) {
+ if ((c=getc(cfile)) == EOF) {
+ printf("Macro definition missing null line terminator.\n");
+ goto bad;
+ }
+ *tmp = c;
+ if (*tmp == '\n') {
+ if (*(tmp-1) == '\0') {
+ macros[macnum++].mac_end = tmp - 1;
break;
+ }
+ *tmp = '\0';
}
- goto done;
+ tmp++;
+ }
+ if (tmp == macbuf + 4096) {
+ printf("4K macro buffer exceeded\n");
+ goto bad;
+ }
+ break;
+ case PROT:
+ token();
+ if(sec_request_prot(tokval) < 0)
+ warnx("Unknown protection level \"%s\"", tokval);
+ break;
+ default:
+ warnx("Unknown .netrc keyword %s", tokval);
+ break;
}
+ goto done;
+ }
done:
- fclose(cfile);
- return (0);
+ fclose(cfile);
+ return (0);
bad:
- fclose(cfile);
- return (-1);
+ fclose(cfile);
+ return (-1);
}
static int
diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.c b/crypto/kerberosIV/appl/ftp/ftp/security.c
new file mode 100644
index 000000000000..96d598f855c3
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftp/security.c
@@ -0,0 +1,730 @@
+/*
+ * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by the Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#ifdef FTP_SERVER
+#include "ftpd_locl.h"
+#else
+#include "ftp_locl.h"
+#endif
+
+RCSID("$Id: security.c,v 1.8 1999/04/07 14:16:48 joda Exp $");
+
+static enum protection_level command_prot;
+static enum protection_level data_prot;
+static size_t buffer_size;
+
+struct buffer {
+ void *data;
+ size_t size;
+ size_t index;
+ int eof_flag;
+};
+
+static struct buffer in_buffer, out_buffer;
+int sec_complete;
+
+static struct {
+ enum protection_level level;
+ const char *name;
+} level_names[] = {
+ { prot_clear, "clear" },
+ { prot_safe, "safe" },
+ { prot_confidential, "confidential" },
+ { prot_private, "private" }
+};
+
+static const char *
+level_to_name(enum protection_level level)
+{
+ int i;
+ for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++)
+ if(level_names[i].level == level)
+ return level_names[i].name;
+ return "unknown";
+}
+
+#ifndef FTP_SERVER /* not used in server */
+static enum protection_level
+name_to_level(const char *name)
+{
+ int i;
+ for(i = 0; i < sizeof(level_names) / sizeof(level_names[0]); i++)
+ if(!strncasecmp(level_names[i].name, name, strlen(name)))
+ return level_names[i].level;
+ return (enum protection_level)-1;
+}
+#endif
+
+#ifdef FTP_SERVER
+
+static struct sec_server_mech *mechs[] = {
+#ifdef KRB5
+ &gss_server_mech,
+#endif
+#ifdef KRB4
+ &krb4_server_mech,
+#endif
+ NULL
+};
+
+static struct sec_server_mech *mech;
+
+#else
+
+static struct sec_client_mech *mechs[] = {
+#ifdef KRB5
+ &gss_client_mech,
+#endif
+#ifdef KRB4
+ &krb4_client_mech,
+#endif
+ NULL
+};
+
+static struct sec_client_mech *mech;
+
+#endif
+
+static void *app_data;
+
+int
+sec_getc(FILE *F)
+{
+ if(sec_complete && data_prot) {
+ char c;
+ if(sec_read(fileno(F), &c, 1) == 0)
+ return EOF;
+ return c;
+ } else
+ return getc(F);
+}
+
+static int
+block_read(int fd, void *buf, size_t len)
+{
+ unsigned char *p = buf;
+ int b;
+ while(len) {
+ b = read(fd, p, len);
+ if(b <= 0)
+ return -1;
+ len -= b;
+ p += b;
+ }
+ return p - (unsigned char*)buf;
+}
+
+static int
+block_write(int fd, void *buf, size_t len)
+{
+ unsigned char *p = buf;
+ int b;
+ while(len) {
+ b = write(fd, p, len);
+ if(b < 0)
+ return -1;
+ len -= b;
+ p += b;
+ }
+ return p - (unsigned char*)buf;
+}
+
+static int
+sec_get_data(int fd, struct buffer *buf, int level)
+{
+ int len;
+
+ if(block_read(fd, &len, sizeof(len)) < 0)
+ return -1;
+ len = ntohl(len);
+ buf->data = realloc(buf->data, len);
+ if(block_read(fd, buf->data, len) < 0)
+ return -1;
+ buf->size = (*mech->decode)(app_data, buf->data, len, data_prot);
+ buf->index = 0;
+ return 0;
+}
+
+static size_t
+buffer_read(struct buffer *buf, void *data, size_t len)
+{
+ len = min(len, buf->size - buf->index);
+ memcpy(data, (char*)buf->data + buf->index, len);
+ buf->index += len;
+ return len;
+}
+
+static size_t
+buffer_write(struct buffer *buf, void *data, size_t len)
+{
+ if(buf->index + len > buf->size) {
+ void *tmp;
+ if(buf->data == NULL)
+ tmp = malloc(1024);
+ else
+ tmp = realloc(buf->data, buf->index + len);
+ if(tmp == NULL)
+ return -1;
+ buf->data = tmp;
+ buf->size = buf->index + len;
+ }
+ memcpy((char*)buf->data + buf->index, data, len);
+ buf->index += len;
+ return len;
+}
+
+int
+sec_read(int fd, void *data, int length)
+{
+ size_t len;
+ int rx = 0;
+
+ if(sec_complete == 0 || data_prot == 0)
+ return read(fd, data, length);
+
+ if(in_buffer.eof_flag){
+ in_buffer.eof_flag = 0;
+ return 0;
+ }
+
+ len = buffer_read(&in_buffer, data, length);
+ length -= len;
+ rx += len;
+ data = (char*)data + len;
+
+ while(length){
+ if(sec_get_data(fd, &in_buffer, data_prot) < 0)
+ return -1;
+ if(in_buffer.size == 0) {
+ if(rx)
+ in_buffer.eof_flag = 1;
+ return rx;
+ }
+ len = buffer_read(&in_buffer, data, length);
+ length -= len;
+ rx += len;
+ data = (char*)data + len;
+ }
+ return rx;
+}
+
+static int
+sec_send(int fd, char *from, int length)
+{
+ int bytes;
+ void *buf;
+ bytes = (*mech->encode)(app_data, from, length, data_prot, &buf);
+ bytes = htonl(bytes);
+ block_write(fd, &bytes, sizeof(bytes));
+ block_write(fd, buf, ntohl(bytes));
+ free(buf);
+ return length;
+}
+
+int
+sec_fflush(FILE *F)
+{
+ if(data_prot != prot_clear) {
+ if(out_buffer.index > 0){
+ sec_write(fileno(F), out_buffer.data, out_buffer.index);
+ out_buffer.index = 0;
+ }
+ sec_send(fileno(F), NULL, 0);
+ }
+ fflush(F);
+ return 0;
+}
+
+int
+sec_write(int fd, char *data, int length)
+{
+ int len = buffer_size;
+ int tx = 0;
+
+ if(data_prot == prot_clear)
+ return write(fd, data, length);
+
+ len -= (*mech->overhead)(app_data, data_prot, len);
+ while(length){
+ if(length < len)
+ len = length;
+ sec_send(fd, data, len);
+ length -= len;
+ data += len;
+ tx += len;
+ }
+ return tx;
+}
+
+int
+sec_putc(int c, FILE *F)
+{
+ char ch = c;
+ if(data_prot == prot_clear)
+ return putc(c, F);
+
+ buffer_write(&out_buffer, &ch, 1);
+ if(c == '\n' || out_buffer.index >= 1024 /* XXX */) {
+ sec_write(fileno(F), out_buffer.data, out_buffer.index);
+ out_buffer.index = 0;
+ }
+ return c;
+}
+
+int
+sec_read_msg(char *s, int level)
+{
+ int len;
+ char *buf;
+ int code;
+
+ buf = malloc(strlen(s));
+ len = base64_decode(s + 4, buf); /* XXX */
+
+ len = (*mech->decode)(app_data, buf, len, level);
+ if(len < 0)
+ return -1;
+
+ buf[len] = '\0';
+
+ if(buf[3] == '-')
+ code = 0;
+ else
+ sscanf(buf, "%d", &code);
+ if(buf[len-1] == '\n')
+ buf[len-1] = '\0';
+ strcpy(s, buf);
+ free(buf);
+ return code;
+}
+
+int
+sec_vfprintf(FILE *f, const char *fmt, va_list ap)
+{
+ char *buf;
+ void *enc;
+ int len;
+ if(!sec_complete)
+ return vfprintf(f, fmt, ap);
+
+ vasprintf(&buf, fmt, ap);
+ len = (*mech->encode)(app_data, buf, strlen(buf), command_prot, &enc);
+ free(buf);
+ if(len < 0) {
+ printf("Failed to encode command.\n");
+ return -1;
+ }
+ if(base64_encode(enc, len, &buf) < 0){
+ printf("Out of memory base64-encoding.\n");
+ return -1;
+ }
+#ifdef FTP_SERVER
+ if(command_prot == prot_safe)
+ fprintf(f, "631 %s\r\n", buf);
+ else if(command_prot == prot_private)
+ fprintf(f, "632 %s\r\n", buf);
+ else if(command_prot == prot_confidential)
+ fprintf(f, "633 %s\r\n", buf);
+#else
+ if(command_prot == prot_safe)
+ fprintf(f, "MIC %s", buf);
+ else if(command_prot == prot_private)
+ fprintf(f, "ENC %s", buf);
+ else if(command_prot == prot_confidential)
+ fprintf(f, "CONF %s", buf);
+#endif
+ free(buf);
+ return 0;
+}
+
+int
+sec_fprintf(FILE *f, const char *fmt, ...)
+{
+ va_list ap;
+ int ret;
+ va_start(ap, fmt);
+ ret = sec_vfprintf(f, fmt, ap);
+ va_end(ap);
+ return ret;
+}
+
+/* end common stuff */
+
+#ifdef FTP_SERVER
+
+void
+auth(char *auth_name)
+{
+ int i;
+ for(i = 0; (mech = mechs[i]) != NULL; i++){
+ if(!strcasecmp(auth_name, mech->name)){
+ app_data = realloc(app_data, mech->size);
+ if(mech->init && (*mech->init)(app_data) != 0) {
+ reply(431, "Unable to accept %s at this time", mech->name);
+ return;
+ }
+ if(mech->auth) {
+ (*mech->auth)(app_data);
+ return;
+ }
+ if(mech->adat)
+ reply(334, "Send authorization data.");
+ else
+ reply(234, "Authorization complete.");
+ return;
+ }
+ }
+ free (app_data);
+ reply(504, "%s is unknown to me", auth_name);
+}
+
+void
+adat(char *auth_data)
+{
+ if(mech && !sec_complete) {
+ void *buf = malloc(strlen(auth_data));
+ size_t len;
+ len = base64_decode(auth_data, buf);
+ (*mech->adat)(app_data, buf, len);
+ free(buf);
+ } else
+ reply(503, "You must %sissue an AUTH first.", mech ? "re-" : "");
+}
+
+void pbsz(int size)
+{
+ size_t new = size;
+ if(!sec_complete)
+ reply(503, "Incomplete security data exchange.");
+ if(mech->pbsz)
+ new = (*mech->pbsz)(app_data, size);
+ if(buffer_size != new){
+ buffer_size = size;
+ }
+ if(new != size)
+ reply(200, "PBSZ=%lu", (unsigned long)new);
+ else
+ reply(200, "OK");
+}
+
+void
+prot(char *pl)
+{
+ int p = -1;
+
+ if(buffer_size == 0){
+ reply(503, "No protection buffer size negotiated.");
+ return;
+ }
+
+ if(!strcasecmp(pl, "C"))
+ p = prot_clear;
+ else if(!strcasecmp(pl, "S"))
+ p = prot_safe;
+ else if(!strcasecmp(pl, "E"))
+ p = prot_confidential;
+ else if(!strcasecmp(pl, "P"))
+ p = prot_private;
+ else {
+ reply(504, "Unrecognized protection level.");
+ return;
+ }
+
+ if(sec_complete){
+ if((*mech->check_prot)(app_data, p)){
+ reply(536, "%s does not support %s protection.",
+ mech->name, level_to_name(p));
+ }else{
+ data_prot = (enum protection_level)p;
+ reply(200, "Data protection is %s.", level_to_name(p));
+ }
+ }else{
+ reply(503, "Incomplete security data exchange.");
+ }
+}
+
+void ccc(void)
+{
+ if(sec_complete){
+ if(mech->ccc && (*mech->ccc)(app_data) == 0)
+ command_prot = data_prot = prot_clear;
+ else
+ reply(534, "You must be joking.");
+ }else
+ reply(503, "Incomplete security data exchange.");
+}
+
+void mec(char *msg, enum protection_level level)
+{
+ void *buf;
+ size_t len;
+ if(!sec_complete) {
+ reply(503, "Incomplete security data exchange.");
+ return;
+ }
+ buf = malloc(strlen(msg) + 2); /* XXX go figure out where that 2
+ comes from :-) */
+ len = base64_decode(msg, buf);
+ command_prot = level;
+ if(len == (size_t)-1) {
+ reply(501, "Failed to base64-decode command");
+ return;
+ }
+ len = (*mech->decode)(app_data, buf, len, level);
+ if(len == (size_t)-1) {
+ reply(535, "Failed to decode command");
+ return;
+ }
+ ((char*)buf)[len] = '\0';
+ if(strstr((char*)buf, "\r\n") == NULL)
+ strcat((char*)buf, "\r\n");
+ new_ftp_command(buf);
+}
+
+/* ------------------------------------------------------------ */
+
+int
+sec_userok(char *user)
+{
+ if(sec_complete)
+ return (*mech->userok)(app_data, user);
+ return 0;
+}
+
+char *ftp_command;
+
+void
+new_ftp_command(char *command)
+{
+ ftp_command = command;
+}
+
+void
+delete_ftp_command(void)
+{
+ free(ftp_command);
+ ftp_command = NULL;
+}
+
+int
+secure_command(void)
+{
+ return ftp_command != NULL;
+}
+
+#else /* FTP_SERVER */
+
+void
+sec_status(void)
+{
+ if(sec_complete){
+ printf("Using %s for authentication.\n", mech->name);
+ printf("Using %s command channel.\n", level_to_name(command_prot));
+ printf("Using %s data channel.\n", level_to_name(data_prot));
+ if(buffer_size > 0)
+ printf("Protection buffer size: %lu.\n",
+ (unsigned long)buffer_size);
+ }else{
+ printf("Not using any security mechanism.\n");
+ }
+}
+
+static int
+sec_prot_internal(int level)
+{
+ int ret;
+ char *p;
+ unsigned int s = 1048576;
+
+ int old_verbose = verbose;
+ verbose = 0;
+
+ if(!sec_complete){
+ printf("No security data exchange has taken place.\n");
+ return -1;
+ }
+
+ if(level){
+ ret = command("PBSZ %u", s);
+ if(ret != COMPLETE){
+ printf("Failed to set protection buffer size.\n");
+ return -1;
+ }
+ buffer_size = s;
+ p = strstr(reply_string, "PBSZ=");
+ if(p)
+ sscanf(p, "PBSZ=%u", &s);
+ if(s < buffer_size)
+ buffer_size = s;
+ }
+ verbose = old_verbose;
+ ret = command("PROT %c", level["CSEP"]); /* XXX :-) */
+ if(ret != COMPLETE){
+ printf("Failed to set protection level.\n");
+ return -1;
+ }
+
+ data_prot = (enum protection_level)level;
+ return 0;
+}
+
+void
+sec_prot(int argc, char **argv)
+{
+ int level = -1;
+
+ if(argc != 2){
+ printf("usage: %s (clear | safe | confidential | private)\n",
+ argv[0]);
+ code = -1;
+ return;
+ }
+ if(!sec_complete){
+ printf("No security data exchange has taken place.\n");
+ code = -1;
+ return;
+ }
+ level = name_to_level(argv[1]);
+
+ if(level == -1){
+ printf("usage: %s (clear | safe | confidential | private)\n",
+ argv[0]);
+ code = -1;
+ return;
+ }
+
+ if((*mech->check_prot)(app_data, level)) {
+ printf("%s does not implement %s protection.\n",
+ mech->name, level_to_name(level));
+ code = -1;
+ return;
+ }
+
+ if(sec_prot_internal(level) < 0){
+ code = -1;
+ return;
+ }
+ code = 0;
+}
+
+static enum protection_level request_data_prot;
+
+void
+sec_set_protection_level(void)
+{
+ if(sec_complete && data_prot != request_data_prot)
+ sec_prot_internal(request_data_prot);
+}
+
+
+int
+sec_request_prot(char *level)
+{
+ int l = name_to_level(level);
+ if(l == -1)
+ return -1;
+ request_data_prot = (enum protection_level)l;
+ return 0;
+}
+
+int
+sec_login(char *host)
+{
+ int ret;
+ struct sec_client_mech **m;
+ int old_verbose = verbose;
+
+ verbose = -1; /* shut up all messages this will produce (they
+ are usually not very user friendly) */
+
+ for(m = mechs; *m && (*m)->name; m++) {
+ app_data = realloc(app_data, (*m)->size);
+ if((*m)->init && (*(*m)->init)(app_data) != 0) {
+ printf("Skipping %s...\n", (*m)->name);
+ continue;
+ }
+ printf("Trying %s...\n", (*m)->name);
+ ret = command("AUTH %s", (*m)->name);
+ if(ret != CONTINUE){
+ if(code == 504){
+ printf("%s is not supported by the server.\n", (*m)->name);
+ }else if(code == 534){
+ printf("%s rejected as security mechanism.\n", (*m)->name);
+ }else if(ret == ERROR) {
+ printf("The server doesn't support the FTP "
+ "security extensions.\n");
+ verbose = old_verbose;
+ return -1;
+ }
+ continue;
+ }
+
+ ret = (*(*m)->auth)(app_data, host);
+
+ if(ret == AUTH_CONTINUE)
+ continue;
+ else if(ret != AUTH_OK){
+ /* mechanism is supposed to output error string */
+ verbose = old_verbose;
+ return -1;
+ }
+ mech = *m;
+ sec_complete = 1;
+ command_prot = prot_safe;
+ break;
+ }
+
+ verbose = old_verbose;
+ return *m == NULL;
+}
+
+void
+sec_end(void)
+{
+ if (mech != NULL) {
+ if(mech->end)
+ (*mech->end)(app_data);
+ memset(app_data, 0, mech->size);
+ free(app_data);
+ }
+ sec_complete = 0;
+ data_prot = (enum protection_level)0;
+}
+
+#endif /* FTP_SERVER */
+
diff --git a/crypto/kerberosIV/appl/ftp/ftp/security.h b/crypto/kerberosIV/appl/ftp/ftp/security.h
new file mode 100644
index 000000000000..adac6890e93c
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftp/security.h
@@ -0,0 +1,130 @@
+/*
+ * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: security.h,v 1.3 1999/04/07 14:15:20 joda Exp $ */
+
+#ifndef __security_h__
+#define __security_h__
+
+enum protection_level {
+ prot_clear,
+ prot_safe,
+ prot_confidential,
+ prot_private
+};
+
+struct sec_client_mech {
+ char *name;
+ size_t size;
+ int (*init)(void *);
+ int (*auth)(void *, char*);
+ void (*end)(void *);
+ int (*check_prot)(void *, int);
+ int (*overhead)(void *, int, int);
+ int (*encode)(void *, void*, int, int, void**);
+ int (*decode)(void *, void*, int, int);
+};
+
+struct sec_server_mech {
+ char *name;
+ size_t size;
+ int (*init)(void *);
+ void (*end)(void *);
+ int (*check_prot)(void *, int);
+ int (*overhead)(void *, int, int);
+ int (*encode)(void *, void*, int, int, void**);
+ int (*decode)(void *, void*, int, int);
+
+ int (*auth)(void *);
+ int (*adat)(void *, void*, size_t);
+ size_t (*pbsz)(void *, size_t);
+ int (*ccc)(void*);
+ int (*userok)(void*, char*);
+};
+
+#define AUTH_OK 0
+#define AUTH_CONTINUE 1
+#define AUTH_ERROR 2
+
+#ifdef FTP_SERVER
+extern struct sec_server_mech krb4_server_mech, gss_server_mech;
+#else
+extern struct sec_client_mech krb4_client_mech, gss_client_mech;
+#endif
+
+extern int sec_complete;
+
+#ifdef FTP_SERVER
+extern char *ftp_command;
+void new_ftp_command(char*);
+void delete_ftp_command(void);
+#endif
+
+/* ---- */
+
+
+int sec_fflush (FILE *);
+int sec_fprintf (FILE *, const char *, ...);
+int sec_getc (FILE *);
+int sec_putc (int, FILE *);
+int sec_read (int, void *, int);
+int sec_read_msg (char *, int);
+int sec_vfprintf (FILE *, const char *, va_list);
+int sec_write (int, char *, int);
+
+#ifdef FTP_SERVER
+void adat (char *);
+void auth (char *);
+void ccc (void);
+void mec (char *, enum protection_level);
+void pbsz (int);
+void prot (char *);
+void delete_ftp_command (void);
+void new_ftp_command (char *);
+int sec_userok (char *);
+int secure_command (void);
+#else
+void sec_end (void);
+int sec_login (char *);
+void sec_prot (int, char **);
+int sec_request_prot (char *);
+void sec_set_protection_level (void);
+void sec_status (void);
+#endif
+
+#endif /* __security_h__ */
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am
new file mode 100644
index 000000000000..187fca308f38
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.am
@@ -0,0 +1,53 @@
+# $Id: Makefile.am,v 1.19 1999/04/25 13:24:55 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+INCLUDES += -I$(srcdir)/../common $(INCLUDE_krb4) -DFTP_SERVER
+
+libexec_PROGRAMS = ftpd
+
+CHECK_LOCAL =
+
+if KRB4
+krb4_sources = krb4.c kauth.c
+endif
+if KRB5
+krb5_sources = gssapi.c gss_userok.c
+endif
+
+ftpd_SOURCES = \
+ extern.h \
+ ftpcmd.y \
+ ftpd.c \
+ ftpd_locl.h \
+ logwtmp.c \
+ pathnames.h \
+ popen.c \
+ security.c \
+ $(krb4_sources) \
+ $(krb5_sources)
+
+EXTRA_ftpd_SOURCES = krb4.c kauth.c gssapi.c gss_userok.c
+
+$(ftpd_OBJECTS): security.h
+
+security.c:
+ @test -f security.c || $(LN_S) $(srcdir)/../ftp/security.c .
+security.h:
+ @test -f security.h || $(LN_S) $(srcdir)/../ftp/security.h .
+krb4.c:
+ @test -f krb4.c || $(LN_S) $(srcdir)/../ftp/krb4.c .
+gssapi.c:
+ @test -f gssapi.c || $(LN_S) $(srcdir)/../ftp/gssapi.c .
+
+CLEANFILES = security.c security.h krb4.c gssapi.c ftpcmd.c
+
+LDADD = ../common/libcommon.a \
+ $(LIB_kafs) \
+ $(LIB_gssapi) \
+ $(LIB_krb5) \
+ $(LIB_krb4) \
+ $(LIB_otp) \
+ $(top_builddir)/lib/des/libdes.la \
+ $(LIB_roken) \
+ $(DBLIB)
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
index 55981deb7ecd..3b555a60229e 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
+++ b/crypto/kerberosIV/appl/ftp/ftpd/Makefile.in
@@ -1,12 +1,12 @@
#
-# $Id: Makefile.in,v 1.31 1997/05/02 17:49:27 assar Exp $
+# $Id: Makefile.in,v 1.40 1999/03/10 19:01:11 joda Exp $
#
srcdir = @srcdir@
top_srcdir = @top_srcdir@
VPATH = @srcdir@
-topdir = ../../..
+top_builddir = ../../..
SHELL = /bin/sh
@@ -14,7 +14,8 @@ CC = @CC@
YACC = @YACC@
RANLIB = @RANLIB@
DEFS = @DEFS@
-CFLAGS = @CFLAGS@
+WFLAGS = @WFLAGS@
+CFLAGS = @CFLAGS@ $(WFLAGS)
LD_FLAGS = @LD_FLAGS@
LIBS = @LIBS@
LIB_DBM = @LIB_DBM@
@@ -23,6 +24,8 @@ MKINSTALLDIRS = $(top_srcdir)/mkinstalldirs
INSTALL = @INSTALL@
INSTALL_PROGRAM = @INSTALL_PROGRAM@
+LN_S = @LN_S@
+
prefix = @prefix@
exec_prefix = @exec_prefix@
libdir = @libdir@
@@ -39,31 +42,42 @@ LIBTOP = $(ATHENA)/lib
LIBKAFS = @KRB_KAFS_LIB@
LIBKRB = -L$(LIBTOP)/krb -lkrb
LIBDES = -L$(LIBTOP)/des -ldes
-LIBOTP = -L$(LIBTOP)/otp -lotp
+LIBOTP = @LIB_otp@
LIBROKEN= -L$(LIBTOP)/roken -lroken
PROGS = ftpd$(EXECSUFFIX)
-ftpd_SOURCES = ftpd.c ftpcmd.c logwtmp.c popen.c auth.c krb4.c kauth.c
-ftpd_OBJS = ftpd.o ftpcmd.o logwtmp.o popen.o auth.o krb4.o kauth.o
+ftpd_SOURCES = ftpd.c ftpcmd.c logwtmp.c popen.c security.c krb4.c kauth.c
+ftpd_OBJS = ftpd.o ftpcmd.o logwtmp.o popen.o security.o krb4.o kauth.o
SOURCES = $(ftpd_SOURCES)
OBJECTS = $(ftpd_OBJS)
all: $(PROGS)
+$(ftpd_OBJS): security.h
+
+security.c:
+ $(LN_S) $(srcdir)/../ftp/security.c .
+security.h:
+ $(LN_S) $(srcdir)/../ftp/security.h .
+krb4.c:
+ $(LN_S) $(srcdir)/../ftp/krb4.c .
+gssapi.c:
+ $(LN_S) $(srcdir)/../ftp/gssapi.c .
+
.c.o:
- $(CC) -c $(CFLAGS) -I$(srcdir) -I$(srcdir)/../common -I$(INCTOP) $(DEFS) $<
+ $(CC) -c -DFTP_SERVER -I. -I$(srcdir) -I$(srcdir)/../common -I$(INCTOP) $(DEFS) $(CFLAGS) $(CPPFLAGS) $<
install: all
- $(MKINSTALLDIRS) $(libexecdir)
+ $(MKINSTALLDIRS) $(DESTDIR)$(libexecdir)
for x in $(PROGS); do \
- $(INSTALL_PROGRAM) $$x $(libexecdir)/`echo $$x | sed '$(transform)'`; \
+ $(INSTALL_PROGRAM) $$x $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \
done
uninstall:
for x in $(PROGS); do \
- rm -f $(libexecdir)/`echo $$x | sed '$(transform)'`; \
+ rm -f $(DESTDIR)$(libexecdir)/`echo $$x | sed '$(transform)'`; \
done
ftpd$(EXECSUFFIX): $(ftpd_OBJS)
@@ -77,8 +91,12 @@ ftpcmd.c: ftpcmd.y
TAGS: $(SOURCES)
etags $(SOURCES)
+CLEANFILES = ftpd$(EXECSUFFIX) ftpcmd.c security.c security.h krb4.c gssapi.c
+
clean cleandir:
- rm -f *~ *.o core ftpd ftpcmd.c \#*
+ rm -f *~ *.o core \#* $(CLEANFILES)
distclean:
rm -f Makefile
+
+.PHONY: all install uninstall clean cleandir distclean
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/extern.h b/crypto/kerberosIV/appl/ftp/ftpd/extern.h
index f9b800fee0bb..e96809e0daff 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/extern.h
+++ b/crypto/kerberosIV/appl/ftp/ftpd/extern.h
@@ -36,6 +36,9 @@
#ifndef _EXTERN_H_
#define _EXTERN_H_
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#endif
@@ -49,8 +52,13 @@
#ifdef HAVE_PWD_H
#include <pwd.h>
#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
+
+#ifdef HAVE_LIMITS_H
+#include <limits.h>
+#endif
+
+#ifndef NBBY
+#define NBBY CHAR_BIT
#endif
void abor(void);
@@ -63,8 +71,8 @@ void fatal(char *);
int filename_check(char *);
int ftpd_pclose(FILE *);
FILE *ftpd_popen(char *, char *, int, int);
-char *getline(char *, int);
-void logwtmp(char *, char *, char *);
+char *ftpd_getline(char *, int);
+void ftpd_logwtmp(char *, char *, char *);
void lreply(int, const char *, ...)
#ifdef __GNUC__
__attribute__ ((format (printf, 2, 3)))
@@ -105,6 +113,11 @@ void yyerror(char *);
void kauth(char *, char*);
void klist(void);
+void cond_kdestroy(void);
+void kdestroy(void);
+void krbtkfile(const char *tkfile);
+void afslog(const char *cell);
+void afsunlog(void);
int find(char *);
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y b/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
index 9368cdb10893..be36ea2bfe07 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
+++ b/crypto/kerberosIV/appl/ftp/ftpd/ftpcmd.y
@@ -42,73 +42,15 @@
%{
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-RCSID("$Id: ftpcmd.y,v 1.35 1997/05/25 14:38:49 assar Exp $");
-
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_ARPA_FTP_H
-#include <arpa/ftp.h>
-#endif
-
-#include <ctype.h>
-#include <errno.h>
-#include <glob.h>
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#include <setjmp.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-#include <time.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-
-#ifdef HAVE_BSD_BSD_H
-#include <bsd/bsd.h>
-#endif
-
-#include <roken.h>
-
-#ifdef SOCKS
-#include <socks.h>
-extern int LIBPREFIX(fclose) __P((FILE *));
-#endif
-
-#include "extern.h"
-#include "auth.h"
+#include "ftpd_locl.h"
+RCSID("$Id: ftpcmd.y,v 1.48 1999/05/08 02:22:43 assar Exp $");
off_t restart_point;
static int cmd_type;
static int cmd_form;
static int cmd_bytesz;
-char cbuf[512];
+char cbuf[2048];
char *fromname;
struct tab {
@@ -122,13 +64,13 @@ struct tab {
extern struct tab cmdtab[];
extern struct tab sitetab[];
-static char *copy (char *);
-static void help (struct tab *, char *);
+static char *copy (char *);
+static void help (struct tab *, char *);
static struct tab *
- lookup (struct tab *, char *);
-static void sizecmd (char *);
-static void toolong (int);
-static int yylex (void);
+ lookup (struct tab *, char *);
+static void sizecmd (char *);
+static RETSIGTYPE toolong (int);
+static int yylex (void);
/* This is for bison */
@@ -154,7 +96,7 @@ static int yylex (void);
APPE MLFL MAIL MSND MSOM MSAM
MRSQ MRCP ALLO REST RNFR RNTO
ABOR DELE CWD LIST NLST SITE
- STAT HELP NOOP MKD RMD PWD
+ sTAT HELP NOOP MKD RMD PWD
CDUP STOU SMNT SYST SIZE MDTM
UMASK IDLE CHMOD
@@ -162,14 +104,15 @@ static int yylex (void);
AUTH ADAT PROT PBSZ CCC MIC
CONF ENC
- KAUTH KLIST FIND URL
+ KAUTH KLIST KDESTROY KRBTKFILE AFSLOG
+ FIND URL
LEXERR
%token <s> STRING
%token <i> NUMBER
-%type <i> check_login check_login_no_guest octal_number byte_size
+%type <i> check_login check_login_no_guest check_secure octal_number byte_size
%type <i> struct_code mode_code type_code form_code
%type <s> pathstring pathname password username
@@ -193,38 +136,6 @@ cmd
user($3);
free($3);
}
- | AUTH SP STRING CRLF
- {
- auth($3);
- free($3);
- }
- | ADAT SP STRING CRLF
- {
- adat($3);
- free($3);
- }
- | PBSZ SP NUMBER CRLF
- {
- pbsz($3);
- }
- | PROT SP STRING CRLF
- {
- prot($3);
- }
- | CCC CRLF
- {
- ccc();
- }
- | MIC SP STRING CRLF
- {
- mic($3);
- free($3);
- }
- | CONF SP STRING CRLF
- {
- conf($3);
- free($3);
- }
| PASS SP password CRLF
{
pass($3);
@@ -311,100 +222,102 @@ cmd
{
reply(202, "ALLO command ignored.");
}
- | RETR check_login SP pathname CRLF
+ | RETR SP pathname CRLF check_login
{
- if ($2 && $4 != NULL)
- retrieve((char *) 0, $4);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ retrieve(0, $3);
+ if ($3 != NULL)
+ free($3);
}
- | STOR check_login SP pathname CRLF
+ | STOR SP pathname CRLF check_login
{
- if ($2 && $4 != NULL)
- do_store($4, "w", 0);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ do_store($3, "w", 0);
+ if ($3 != NULL)
+ free($3);
}
- | APPE check_login SP pathname CRLF
+ | APPE SP pathname CRLF check_login
{
- if ($2 && $4 != NULL)
- do_store($4, "a", 0);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ do_store($3, "a", 0);
+ if ($3 != NULL)
+ free($3);
}
- | NLST check_login CRLF
+ | NLST CRLF check_login
{
- if ($2)
+ if ($3)
send_file_list(".");
}
- | NLST check_login SP STRING CRLF
+ | NLST SP STRING CRLF check_login
{
- if ($2 && $4 != NULL)
- send_file_list($4);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ send_file_list($3);
+ if ($3 != NULL)
+ free($3);
}
- | LIST check_login CRLF
+ | LIST CRLF check_login
{
#ifdef HAVE_LS_A
char *cmd = "/bin/ls -lA";
#else
char *cmd = "/bin/ls -la";
#endif
- if ($2)
+ if ($3)
retrieve(cmd, "");
}
- | LIST check_login SP pathname CRLF
+ | LIST SP pathname CRLF check_login
{
#ifdef HAVE_LS_A
char *cmd = "/bin/ls -lA %s";
#else
char *cmd = "/bin/ls -la %s";
#endif
- if ($2 && $4 != NULL)
- retrieve(cmd, $4);
- if ($4 != NULL)
- free($4);
- }
- | STAT check_login SP pathname CRLF
- {
- if ($2 && $4 != NULL)
- statfilecmd($4);
- if ($4 != NULL)
- free($4);
- }
- | STAT CRLF
- {
- if(oobflag){
- if (file_size != (off_t) -1)
- reply(213, "Status: %ld of %ld bytes transferred",
- byte_count, file_size);
- else
- reply(213, "Status: %ld bytes transferred", byte_count);
- }else
- statcmd();
+ if ($5 && $3 != NULL)
+ retrieve(cmd, $3);
+ if ($3 != NULL)
+ free($3);
+ }
+ | sTAT SP pathname CRLF check_login
+ {
+ if ($5 && $3 != NULL)
+ statfilecmd($3);
+ if ($3 != NULL)
+ free($3);
+ }
+ | sTAT CRLF
+ {
+ if(oobflag){
+ if (file_size != (off_t) -1)
+ reply(213, "Status: %lu of %lu bytes transferred",
+ (unsigned long)byte_count,
+ (unsigned long)file_size);
+ else
+ reply(213, "Status: %lu bytes transferred",
+ (unsigned long)byte_count);
+ }else
+ statcmd();
}
- | DELE check_login_no_guest SP pathname CRLF
+ | DELE SP pathname CRLF check_login_no_guest
{
- if ($2 && $4 != NULL)
- do_delete($4);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ do_delete($3);
+ if ($3 != NULL)
+ free($3);
}
- | RNTO check_login_no_guest SP pathname CRLF
+ | RNTO SP pathname CRLF check_login_no_guest
{
- if($2){
+ if($5){
if (fromname) {
- renamecmd(fromname, $4);
+ renamecmd(fromname, $3);
free(fromname);
fromname = (char *) 0;
} else {
reply(503, "Bad sequence of commands.");
}
}
- if ($4 != NULL)
- free($4);
+ if ($3 != NULL)
+ free($3);
}
| ABOR CRLF
{
@@ -416,17 +329,17 @@ cmd
}else
reply(225, "ABOR command successful.");
}
- | CWD check_login CRLF
+ | CWD CRLF check_login
{
- if ($2)
+ if ($3)
cwd(pw->pw_dir);
}
- | CWD check_login SP pathname CRLF
+ | CWD SP pathname CRLF check_login
{
- if ($2 && $4 != NULL)
- cwd($4);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ cwd($3);
+ if ($3 != NULL)
+ free($3);
}
| HELP CRLF
{
@@ -451,28 +364,28 @@ cmd
{
reply(200, "NOOP command successful.");
}
- | MKD check_login SP pathname CRLF
+ | MKD SP pathname CRLF check_login
{
- if ($2 && $4 != NULL)
- makedir($4);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ makedir($3);
+ if ($3 != NULL)
+ free($3);
}
- | RMD check_login_no_guest SP pathname CRLF
+ | RMD SP pathname CRLF check_login_no_guest
{
- if ($2 && $4 != NULL)
- removedir($4);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ removedir($3);
+ if ($3 != NULL)
+ free($3);
}
- | PWD check_login CRLF
+ | PWD CRLF check_login
{
- if ($2)
+ if ($3)
pwd();
}
- | CDUP check_login CRLF
+ | CDUP CRLF check_login
{
- if ($2)
+ if ($3)
cwd("..");
}
| SITE SP HELP CRLF
@@ -483,44 +396,40 @@ cmd
{
help(sitetab, $5);
}
- | SITE SP UMASK check_login CRLF
+ | SITE SP UMASK CRLF check_login
{
- int oldmask;
-
- if ($4) {
- oldmask = umask(0);
+ if ($5) {
+ int oldmask = umask(0);
umask(oldmask);
reply(200, "Current UMASK is %03o", oldmask);
}
}
- | SITE SP UMASK check_login_no_guest SP octal_number CRLF
+ | SITE SP UMASK SP octal_number CRLF check_login_no_guest
{
- int oldmask;
-
- if ($4) {
- if (($6 == -1) || ($6 > 0777)) {
+ if ($7) {
+ if (($5 == -1) || ($5 > 0777)) {
reply(501, "Bad UMASK value");
} else {
- oldmask = umask($6);
+ int oldmask = umask($5);
reply(200,
- "UMASK set to %03o (was %03o)",
- $6, oldmask);
+ "UMASK set to %03o (was %03o)",
+ $5, oldmask);
}
}
}
- | SITE SP CHMOD check_login_no_guest SP octal_number SP pathname CRLF
+ | SITE SP CHMOD SP octal_number SP pathname CRLF check_login_no_guest
{
- if ($4 && $8 != NULL) {
- if ($6 > 0777)
+ if ($9 && $7 != NULL) {
+ if ($5 > 0777)
reply(501,
"CHMOD: Mode value must be between 0 and 0777");
- else if (chmod($8, $6) < 0)
- perror_reply(550, $8);
+ else if (chmod($7, $5) < 0)
+ perror_reply(550, $7);
else
reply(200, "CHMOD command successful.");
}
- if ($8 != NULL)
- free($8);
+ if ($7 != NULL)
+ free($7);
}
| SITE SP IDLE CRLF
{
@@ -543,47 +452,102 @@ cmd
}
}
- | SITE SP KAUTH check_login SP STRING CRLF
+ | SITE SP KAUTH SP STRING CRLF check_login
{
+#ifdef KRB4
char *p;
if(guest)
reply(500, "Can't be done as guest.");
else{
- if($4 && $6 != NULL){
- p = strpbrk($6, " \t");
+ if($7 && $5 != NULL){
+ p = strpbrk($5, " \t");
if(p){
*p++ = 0;
- kauth($6, p + strspn(p, " \t"));
+ kauth($5, p + strspn(p, " \t"));
}else
- kauth($6, NULL);
+ kauth($5, NULL);
}
}
- if($6 != NULL)
- free($6);
+ if($5 != NULL)
+ free($5);
+#else
+ reply(500, "Command not implemented.");
+#endif
}
- | SITE SP KLIST check_login CRLF
+ | SITE SP KLIST CRLF check_login
{
- if($4)
+#ifdef KRB4
+ if($5)
klist();
+#else
+ reply(500, "Command not implemented.");
+#endif
+ }
+ | SITE SP KDESTROY CRLF check_login
+ {
+#ifdef KRB4
+ if($5)
+ kdestroy();
+#else
+ reply(500, "Command not implemented.");
+#endif
+ }
+ | SITE SP KRBTKFILE SP STRING CRLF check_login
+ {
+#ifdef KRB4
+ if(guest)
+ reply(500, "Can't be done as guest.");
+ else if($7 && $5)
+ krbtkfile($5);
+ if($5)
+ free($5);
+#else
+ reply(500, "Command not implemented.");
+#endif
+ }
+ | SITE SP AFSLOG CRLF check_login
+ {
+#ifdef KRB4
+ if(guest)
+ reply(500, "Can't be done as guest.");
+ else if($5)
+ afslog(NULL);
+#else
+ reply(500, "Command not implemented.");
+#endif
+ }
+ | SITE SP AFSLOG SP STRING CRLF check_login
+ {
+#ifdef KRB4
+ if(guest)
+ reply(500, "Can't be done as guest.");
+ else if($7){
+ afslog($5);
+ }
+ if($5)
+ free($5);
+#else
+ reply(500, "Command not implemented.");
+#endif
}
- | SITE SP FIND check_login SP STRING CRLF
+ | SITE SP FIND SP STRING CRLF check_login
{
- if($4 && $6 != NULL)
- find($6);
- if($6 != NULL)
- free($6);
+ if($7 && $5 != NULL)
+ find($5);
+ if($5 != NULL)
+ free($5);
}
| SITE SP URL CRLF
{
reply(200, "http://www.pdc.kth.se/kth-krb/");
}
- | STOU check_login SP pathname CRLF
+ | STOU SP pathname CRLF check_login
{
- if ($2 && $4 != NULL)
- do_store($4, "w", 1);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ do_store($3, "w", 1);
+ if ($3 != NULL)
+ free($3);
}
| SYST CRLF
{
@@ -601,12 +565,12 @@ cmd
* Return size of file in a format suitable for
* using with RESTART (we just count bytes).
*/
- | SIZE check_login SP pathname CRLF
+ | SIZE SP pathname CRLF check_login
{
- if ($2 && $4 != NULL)
- sizecmd($4);
- if ($4 != NULL)
- free($4);
+ if ($5 && $3 != NULL)
+ sizecmd($3);
+ if ($3 != NULL)
+ free($3);
}
/*
@@ -618,15 +582,16 @@ cmd
* where xxx is the fractional second (of any precision,
* not necessarily 3 digits)
*/
- | MDTM check_login SP pathname CRLF
+ | MDTM SP pathname CRLF check_login
{
- if ($2 && $4 != NULL) {
+ if ($5 && $3 != NULL) {
struct stat stbuf;
- if (stat($4, &stbuf) < 0)
+ if (stat($3, &stbuf) < 0)
reply(550, "%s: %s",
- $4, strerror(errno));
+ $3, strerror(errno));
else if (!S_ISREG(stbuf.st_mode)) {
- reply(550, "%s: not a plain file.", $4);
+ reply(550,
+ "%s: not a plain file.", $3);
} else {
struct tm *t;
t = gmtime(&stbuf.st_mtime);
@@ -640,8 +605,8 @@ cmd
t->tm_sec);
}
}
- if ($4 != NULL)
- free($4);
+ if ($3 != NULL)
+ free($3);
}
| QUIT CRLF
{
@@ -654,13 +619,13 @@ cmd
}
;
rcmd
- : RNFR check_login_no_guest SP pathname CRLF
+ : RNFR SP pathname CRLF check_login_no_guest
{
restart_point = (off_t) 0;
- if ($2 && $4) {
- fromname = renamefrom($4);
- if (fromname == (char *) 0 && $4) {
- free($4);
+ if ($5 && $3) {
+ fromname = renamefrom($3);
+ if (fromname == (char *) 0 && $3) {
+ free($3);
}
}
}
@@ -672,9 +637,41 @@ rcmd
(long)restart_point,
"Send STORE or RETRIEVE to initiate transfer.");
}
+ | AUTH SP STRING CRLF
+ {
+ auth($3);
+ free($3);
+ }
+ | ADAT SP STRING CRLF
+ {
+ adat($3);
+ free($3);
+ }
+ | PBSZ SP NUMBER CRLF
+ {
+ pbsz($3);
+ }
+ | PROT SP STRING CRLF
+ {
+ prot($3);
+ }
+ | CCC CRLF
+ {
+ ccc();
+ }
+ | MIC SP STRING CRLF
+ {
+ mec($3, prot_safe);
+ free($3);
+ }
+ | CONF SP STRING CRLF
+ {
+ mec($3, prot_confidential);
+ free($3);
+ }
| ENC SP STRING CRLF
{
- enc($3);
+ mec($3, prot_private);
free($3);
}
;
@@ -861,19 +858,24 @@ check_login_no_guest : check_login
}
;
-check_login
- : /* empty */
+check_login : check_secure
{
- if(auth_complete && prot_level == prot_clear){
- reply(533, "Command protection level denied for paranoid reasons.");
- $$ = 0;
- }else
- if (logged_in)
- $$ = 1;
- else {
+ if($1) {
+ if(($$ = logged_in) == 0)
reply(530, "Please login with USER and PASS.");
- $$ = 0;
- }
+ } else
+ $$ = 0;
+ }
+ ;
+
+check_secure : /* empty */
+ {
+ $$ = 1;
+ if(sec_complete && !secure_command()) {
+ $$ = 0;
+ reply(533, "Command protection level denied "
+ "for paranoid reasons.");
+ }
}
;
@@ -925,7 +927,7 @@ struct tab cmdtab[] = { /* In order defined in RFC 765 */
{ "NLST", NLST, OSTR, 1, "[ <sp> path-name ]" },
{ "SITE", SITE, SITECMD, 1, "site-cmd [ <sp> arguments ]" },
{ "SYST", SYST, ARGS, 1, "(get type of operating system)" },
- { "STAT", STAT, OSTR, 1, "[ <sp> path-name ]" },
+ { "STAT", sTAT, OSTR, 1, "[ <sp> path-name ]" },
{ "HELP", HELP, OSTR, 1, "[ <sp> <string> ]" },
{ "NOOP", NOOP, ARGS, 1, "" },
{ "MKD", MKD, STR1, 1, "<sp> path-name" },
@@ -940,7 +942,7 @@ struct tab cmdtab[] = { /* In order defined in RFC 765 */
{ "SIZE", SIZE, OSTR, 1, "<sp> path-name" },
{ "MDTM", MDTM, OSTR, 1, "<sp> path-name" },
- /* extensions from draft-ietf-cat-ftpsec-08 */
+ /* extensions from RFC2228 */
{ "AUTH", AUTH, STR1, 1, "<sp> auth-type" },
{ "ADAT", ADAT, STR1, 1, "<sp> auth-data" },
{ "PBSZ", PBSZ, ARGS, 1, "<sp> buffer-size" },
@@ -961,6 +963,9 @@ struct tab sitetab[] = {
{ "KAUTH", KAUTH, STR1, 1, "<sp> principal [ <sp> ticket ]" },
{ "KLIST", KLIST, ARGS, 1, "(show ticket file)" },
+ { "KDESTROY", KDESTROY, ARGS, 1, "(destroy tickets)" },
+ { "KRBTKFILE", KRBTKFILE, STR1, 1, "<sp> ticket-file" },
+ { "AFSLOG", AFSLOG, OSTR, 1, "[<sp> cell]" },
{ "FIND", FIND, STR1, 1, "<sp> globexpr" },
@@ -979,13 +984,11 @@ lookup(struct tab *p, char *cmd)
return (0);
}
-#include <arpa/telnet.h>
-
/*
- * getline - a hacked up version of fgets to ignore TELNET escape codes.
+ * ftpd_getline - a hacked up version of fgets to ignore TELNET escape codes.
*/
char *
-getline(char *s, int n)
+ftpd_getline(char *s, int n)
{
int c;
char *cs;
@@ -993,7 +996,7 @@ getline(char *s, int n)
cs = s;
/* tmpline may contain saved command from urgent mode interruption */
if(ftp_command){
- strncpy(s, ftp_command, n);
+ strcpy_truncate(s, ftp_command, n);
if (debug)
syslog(LOG_DEBUG, "command: %s", s);
#ifdef XXX
@@ -1001,7 +1004,6 @@ getline(char *s, int n)
#endif
return s;
}
- prot_level = prot_clear;
while ((c = getc(stdin)) != EOF) {
c &= 0377;
if (c == IAC) {
@@ -1087,15 +1089,15 @@ yylex(void)
case CMD:
signal(SIGALRM, toolong);
alarm((unsigned) ftpd_timeout);
- if (getline(cbuf, sizeof(cbuf)-1) == NULL) {
+ if (ftpd_getline(cbuf, sizeof(cbuf)-1) == NULL) {
reply(221, "You could at least say goodbye.");
dologout(0);
}
alarm(0);
-#ifdef HASSETPROCTITLE
+#ifdef HAVE_SETPROCTITLE
if (strncasecmp(cbuf, "PASS", 4) != NULL)
setproctitle("%s: %s", proctitle, cbuf);
-#endif /* HASSETPROCTITLE */
+#endif /* HAVE_SETPROCTITLE */
if ((cp = strchr(cbuf, '\r'))) {
*cp++ = '\n';
*cp = '\0';
@@ -1333,16 +1335,21 @@ help(struct tab *ctab, char *s)
columns = 1;
lines = (NCMDS + columns - 1) / columns;
for (i = 0; i < lines; i++) {
- strcpy (buf, " ");
+ strcpy_truncate (buf, " ", sizeof(buf));
for (j = 0; j < columns; j++) {
c = ctab + j * lines + i;
- snprintf (buf + strlen(buf), sizeof(buf) - strlen(buf),
- "%s%c", c->name, c->implemented ? ' ' : '*');
+ snprintf (buf + strlen(buf),
+ sizeof(buf) - strlen(buf),
+ "%s%c",
+ c->name,
+ c->implemented ? ' ' : '*');
if (c + lines >= &ctab[NCMDS])
break;
w = strlen(c->name) + 1;
while (w < width) {
- strcat(buf, " ");
+ strcat_truncate (buf,
+ " ",
+ sizeof(buf));
w++;
}
}
@@ -1375,11 +1382,12 @@ sizecmd(char *filename)
reply(550, "%s: not a plain file.", filename);
else
reply(213, "%lu", (unsigned long)stbuf.st_size);
- break; }
+ break;
+ }
case TYPE_A: {
FILE *fin;
int c;
- off_t count;
+ size_t count;
struct stat stbuf;
fin = fopen(filename, "r");
if (fin == NULL) {
@@ -1400,8 +1408,9 @@ sizecmd(char *filename)
}
fclose(fin);
- reply(213, "%ld", count);
- break; }
+ reply(213, "%lu", (unsigned long)count);
+ break;
+ }
default:
reply(504, "SIZE not implemented for Type %c.", "?AEIL"[type]);
}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
index 17cd3b9d50d1..fa87fc252602 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/ftpd.c
@@ -31,122 +31,13 @@
* SUCH DAMAGE.
*/
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: ftpd.c,v 1.88 1997/06/01 03:13:48 assar Exp $");
-#endif
-
-/*
- * FTP server.
- */
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif
-#ifdef HAVE_SYS_STAT_H
-#include <sys/stat.h>
-#endif
-#ifdef HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif
-#if defined(HAVE_SYS_IOCTL_H) && SunOS != 4
-#include <sys/ioctl.h>
-#endif
-#ifdef TIME_WITH_SYS_TIME
-#include <sys/time.h>
-#include <time.h>
-#elif defined(HAVE_SYS_TIME_H)
-#include <sys/time.h>
-#else
-#include <time.h>
-#endif
-#ifdef HAVE_SYS_RESOURCE_H
-#include <sys/resource.h>
-#endif
-#ifdef HAVE_SYS_WAIT_H
-#include <sys/wait.h>
-#endif
-
-#ifdef HAVE_NETINET_IN_H
-#include <netinet/in.h>
-#endif
-#ifdef HAVE_NETINET_IN_SYSTM_H
-#include <netinet/in_systm.h>
-#endif
-#ifdef HAVE_NETINET_IP_H
-#include <netinet/ip.h>
-#endif
-
-#ifdef HAVE_SYS_MMAN_H
-#include <sys/mman.h>
-#endif
-
#define FTP_NAMES
-#include <arpa/ftp.h>
-#ifdef HAVE_ARPA_INET_H
-#include <arpa/inet.h>
-#endif
-#ifdef HAVE_ARPA_TELNET_H
-#include <arpa/telnet.h>
+#include "ftpd_locl.h"
+#ifdef KRB5
+#include <krb5.h>
#endif
-#include <ctype.h>
-#ifdef HAVE_DIRENT_H
-#include <dirent.h>
-#endif
-#include <errno.h>
-#ifdef HAVE_FCNTL_H
-#include <fcntl.h>
-#endif
-#include <glob.h>
-#include <limits.h>
-#ifdef HAVE_PWD_H
-#include <pwd.h>
-#endif
-#include <setjmp.h>
-#include <signal.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <stdarg.h>
-#include <string.h>
-#ifdef HAVE_SYSLOG_H
-#include <syslog.h>
-#endif
-#include <time.h>
-#ifdef HAVE_UNISTD_H
-#include <unistd.h>
-#endif
-#ifdef HAVE_GRP_H
-#include <grp.h>
-#endif
-
-#include <err.h>
-
-#include "pathnames.h"
-#include "extern.h"
-#include "common.h"
-
-#include "auth.h"
-
-#include <krb.h>
-
-#include <kafs.h>
-#include "roken.h"
-
-#include <otp.h>
-
-#ifdef SOCKS
-#include <socks.h>
-extern int LIBPREFIX(fclose) __P((FILE *));
-#endif
-
-void yyparse();
-
-#ifndef LOG_FTP
-#define LOG_FTP LOG_DAEMON
-#endif
+RCSID("$Id: ftpd.c,v 1.115 1999/06/15 03:51:47 assar Exp $");
static char version[] = "Version 6.00";
@@ -164,7 +55,7 @@ jmp_buf errcatch, urgcatch;
int oobflag;
int logged_in;
struct passwd *pw;
-int debug;
+int debug = 0;
int ftpd_timeout = 900; /* timeout after 15 minutes of inactivity */
int maxtimeout = 7200;/* don't allow idle time to be set beyond 2 hours */
int logging;
@@ -248,12 +139,12 @@ static void usage(void);
static char *
curdir(void)
{
- static char path[MaxPathLen+1+1]; /* path + '/' + '\0' */
+ static char path[MaxPathLen+1]; /* path + '/' + '\0' */
- if (getcwd(path, sizeof(path)-2) == NULL)
+ if (getcwd(path, sizeof(path)-1) == NULL)
return ("");
if (path[1] != '\0') /* special case for root dir. */
- strcat(path, "/");
+ strcat_truncate(path, "/", sizeof(path));
/* For guest account, skip / since it's chrooted */
return (guest ? path+1 : path);
}
@@ -274,8 +165,10 @@ parse_auth_level(char *str)
p = strtok_r(NULL, ",", &foo)) {
if(strcmp(p, "user") == 0)
;
+#ifdef OTP
else if(strcmp(p, "otp") == 0)
ret |= AUTH_PLAIN|AUTH_OTP;
+#endif
else if(strcmp(p, "ftp") == 0 ||
strcmp(p, "safe") == 0)
ret |= AUTH_FTP;
@@ -313,18 +206,20 @@ main(int argc, char **argv)
int not_inetd = 0;
int port;
struct servent *sp;
- char tkfile[1024];
set_progname (argv[0]);
+#ifdef KRB4
/* detach from any tickets and tokens */
-
- snprintf(tkfile, sizeof(tkfile),
- "/tmp/ftp_%u", (unsigned)getpid());
- krb_set_tkt_string(tkfile);
- if(k_hasafs())
- k_setpag();
-
+ {
+ char tkfile[1024];
+ snprintf(tkfile, sizeof(tkfile),
+ "/tmp/ftp_%u", (unsigned)getpid());
+ krb_set_tkt_string(tkfile);
+ if(k_hasafs())
+ k_setpag();
+ }
+#endif
sp = getservbyname("ftp", "tcp");
if(sp)
port = sp->s_port;
@@ -426,7 +321,6 @@ main(int argc, char **argv)
syslog(LOG_WARNING, "setsockopt (IP_TOS): %m");
#endif
data_source.sin_port = htons(ntohs(ctrl_addr.sin_port) - 1);
- debug = 0;
/* set this here so it can be put in wtmp */
snprintf(ttyline, sizeof(ttyline), "ftp%u", (unsigned)getpid());
@@ -440,8 +334,6 @@ main(int argc, char **argv)
syslog(LOG_ERR, "signal: %m");
#endif
- auth_init();
-
/* Try to handle urgent data inline */
#if defined(SO_OOBINLINE) && defined(HAVE_SETSOCKOPT)
if (setsockopt(0, SOL_SOCKET, SO_OOBINLINE, (void *)&on,
@@ -486,9 +378,22 @@ main(int argc, char **argv)
fclose(fd);
/* reply(220,) must follow */
}
- k_gethostname(hostname, sizeof(hostname));
- reply(220, "%s FTP server (%s+%s) ready.", hostname,
- version, krb4_version);
+ gethostname(hostname, sizeof(hostname));
+ reply(220, "%s FTP server (%s"
+#ifdef KRB5
+ "+%s"
+#endif
+#ifdef KRB4
+ "+%s"
+#endif
+ ") ready.", hostname, version
+#ifdef KRB5
+ ,heimdal_version
+#endif
+#ifdef KRB4
+ ,krb4_version
+#endif
+ );
setjmp(errcatch);
for (;;)
yyparse();
@@ -552,7 +457,9 @@ sgetpwnam(char *name)
static int login_attempts; /* number of failed login attempts */
static int askpasswd; /* had user command, ask for passwd */
static char curname[10]; /* current USER name */
+#ifdef OTP
OtpContext otp_ctx;
+#endif
/*
* USER command.
@@ -570,7 +477,7 @@ user(char *name)
{
char *cp, *shell;
- if(auth_level == 0 && !auth_complete){
+ if(auth_level == 0 && !sec_complete){
reply(530, "No login allowed without authorization.");
return;
}
@@ -605,7 +512,7 @@ user(char *name)
remotehost, inet_ntoa(his_addr.sin_addr));
return;
}
- if((auth_level & AUTH_PLAIN) == 0 && !auth_complete){
+ if((auth_level & AUTH_PLAIN) == 0 && !sec_complete){
reply(530, "Only authorized and anonymous login allowed.");
return;
}
@@ -630,26 +537,37 @@ user(char *name)
}
}
if (logging)
- strncpy(curname, name, sizeof(curname)-1);
- if(auth_ok())
- ct->userok(name);
- else {
+ strcpy_truncate(curname, name, sizeof(curname));
+ if(sec_complete) {
+ if(sec_userok(name) == 0)
+ do_login(232, name);
+ else
+ reply(530, "User %s access denied.", name);
+ } else {
char ss[256];
+#ifdef OTP
if (otp_challenge(&otp_ctx, name, ss, sizeof(ss)) == 0) {
reply(331, "Password %s for %s required.",
ss, name);
askpasswd = 1;
- } else if ((auth_level & AUTH_OTP) == 0) {
+ } else
+#endif
+ if ((auth_level & AUTH_OTP) == 0) {
reply(331, "Password required for %s.", name);
askpasswd = 1;
} else {
char *s;
- if (s = otp_error (&otp_ctx))
+#ifdef OTP
+ if ((s = otp_error (&otp_ctx)) != NULL)
lreply(530, "OTP: %s", s);
+#endif
reply(530,
- "Only authorized, anonymous and OTP "
+ "Only authorized, anonymous"
+#ifdef OTP
+ " and OTP "
+#endif
"login allowed.");
}
@@ -706,11 +624,7 @@ checkuser(char *fname, char *name)
static int
match(const char *pattern, const char *string)
{
-#ifdef HAVE_FNMATCH
return fnmatch(pattern, string, FNM_NOESCAPE);
-#else
- return strcmp(pattern, "*") != 0 && strcmp(pattern, string) != 0;
-#endif
}
static int
@@ -759,7 +673,7 @@ int do_login(int code, char *passwd)
initgroups(pw->pw_name, pw->pw_gid);
/* open wtmp before chroot */
- logwtmp(ttyline, pw->pw_name, remotehost);
+ ftpd_logwtmp(ttyline, pw->pw_name, remotehost);
logged_in = 1;
dochroot = checkuser(_PATH_FTPCHROOT, pw->pw_name);
@@ -842,7 +756,7 @@ end_login(void)
seteuid((uid_t)0);
if (logged_in)
- logwtmp(ttyline, "", "");
+ ftpd_logwtmp(ttyline, "", "");
pw = NULL;
logged_in = 0;
guest = 0;
@@ -869,23 +783,33 @@ pass(char *passwd)
if (!guest) { /* "ftp" is only account allowed no password */
if (pw == NULL)
rval = 1; /* failure below */
+#ifdef OTP
else if (otp_verify_user (&otp_ctx, passwd) == 0) {
rval = 0;
- } else if((auth_level & AUTH_OTP) == 0) {
+ }
+#endif
+ else if((auth_level & AUTH_OTP) == 0) {
+#ifdef KRB4
char realm[REALM_SZ];
if((rval = krb_get_lrealm(realm, 1)) == KSUCCESS)
- rval = krb_verify_user(pw->pw_name, "", realm,
- passwd, 1, NULL);
- if (rval == KSUCCESS ){
+ rval = krb_verify_user(pw->pw_name,
+ "", realm,
+ passwd,
+ KRB_VERIFY_SECURE, NULL);
+ if (rval == KSUCCESS ) {
+ chown (tkt_string(), pw->pw_uid, pw->pw_gid);
if(k_hasafs())
- k_afsklog(0, 0);
- }else
+ krb_afslog(0, 0);
+ } else
+#endif
rval = unix_verify_user(pw->pw_name, passwd);
} else {
char *s;
- if (s = otp_error(&otp_ctx))
+#ifdef OTP
+ if ((s = otp_error(&otp_ctx)) != NULL)
lreply(530, "OTP: %s", s);
+#endif
}
memset (passwd, 0, strlen(passwd));
@@ -935,14 +859,15 @@ retrieve(char *cmd, char *name)
st.st_size = 0;
if(fin == NULL){
struct cmds {
- char *ext;
- char *cmd;
+ const char *ext;
+ const char *cmd;
+ const char *rev_cmd;
} cmds[] = {
- {".tar", "/bin/gtar cPf - %s"},
- {".tar.gz", "/bin/gtar zcPf - %s"},
- {".tar.Z", "/bin/gtar ZcPf - %s"},
- {".gz", "/bin/gzip -c %s"},
- {".Z", "/bin/compress -c %s"},
+ {".tar", "/bin/gtar cPf - %s", NULL},
+ {".tar.gz", "/bin/gtar zcPf - %s", NULL},
+ {".tar.Z", "/bin/gtar ZcPf - %s", NULL},
+ {".gz", "/bin/gzip -c %s", "/bin/gzip -c -d %s"},
+ {".Z", "/bin/compress -c %s", "/bin/uncompress -c -d %s"},
{NULL, NULL}
};
struct cmds *p;
@@ -958,6 +883,21 @@ retrieve(char *cmd, char *name)
break;
}
*tail = c;
+ if (p->rev_cmd != NULL) {
+ char *ext;
+
+ asprintf(&ext, "%s%s", name, p->ext);
+ if (ext != NULL) {
+ if (access(ext, R_OK) == 0) {
+ snprintf (line, sizeof(line),
+ p->rev_cmd, ext);
+ free(ext);
+ break;
+ }
+ free(ext);
+ }
+ }
+
}
if(p->ext){
fin = ftpd_popen(line, "r", 0, 0);
@@ -1173,14 +1113,14 @@ dataconn(char *name, off_t size, char *mode)
{
char sizebuf[32];
FILE *file;
- int retry = 0, tos;
+ int retry = 0;
file_size = size;
byte_count = 0;
- if (size != (off_t) -1)
- snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", size);
+ if (size >= 0)
+ snprintf(sizebuf, sizeof(sizebuf), " (%ld bytes)", (long)size);
else
- strcpy(sizebuf, "");
+ *sizebuf = '\0';
if (pdata >= 0) {
struct sockaddr_in from;
int s, fromlen = sizeof(from);
@@ -1195,9 +1135,12 @@ dataconn(char *name, off_t size, char *mode)
close(pdata);
pdata = s;
#if defined(IP_TOS) && defined(HAVE_SETSOCKOPT)
- tos = IPTOS_THROUGHPUT;
- setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos,
- sizeof(int));
+ {
+ int tos = IPTOS_THROUGHPUT;
+
+ setsockopt(s, IPPROTO_IP, IP_TOS, (void *)&tos,
+ sizeof(tos));
+ }
#endif
reply(150, "Opening %s mode data connection for '%s'%s.",
type == TYPE_A ? "ASCII" : "BINARY", name, sizebuf);
@@ -1249,8 +1192,6 @@ send_data(FILE *instr, FILE *outstr)
int c, cnt, filefd, netfd;
static char *buf;
static size_t bufsize;
- int i = 0;
- char s[1024];
transflag++;
if (setjmp(urgcatch)) {
@@ -1260,31 +1201,24 @@ send_data(FILE *instr, FILE *outstr)
switch (type) {
case TYPE_A:
- while ((c = getc(instr)) != EOF) {
- byte_count++;
- if(i > 1022){
- auth_write(fileno(outstr), s, i);
- i = 0;
- }
- if(c == '\n')
- s[i++] = '\r';
- s[i++] = c;
- }
- if(i)
- auth_write(fileno(outstr), s, i);
- auth_write(fileno(outstr), s, 0);
- fflush(outstr);
- transflag = 0;
- if (ferror(instr))
- goto file_err;
- if (ferror(outstr))
- goto data_err;
- reply(226, "Transfer complete.");
- return;
+ while ((c = getc(instr)) != EOF) {
+ byte_count++;
+ if(c == '\n')
+ sec_putc('\r', outstr);
+ sec_putc(c, outstr);
+ }
+ sec_fflush(outstr);
+ transflag = 0;
+ if (ferror(instr))
+ goto file_err;
+ if (ferror(outstr))
+ goto data_err;
+ reply(226, "Transfer complete.");
+ return;
case TYPE_I:
case TYPE_L:
-#ifdef HAVE_MMAP
+#if defined(HAVE_MMAP) && !defined(NO_MMAP)
#ifndef MAP_FAILED
#define MAP_FAILED (-1)
#endif
@@ -1294,13 +1228,13 @@ send_data(FILE *instr, FILE *outstr)
int in = fileno(instr);
if(fstat(in, &st) == 0 && S_ISREG(st.st_mode)) {
chunk = mmap(0, st.st_size, PROT_READ, MAP_SHARED, in, 0);
- if(chunk != (void *)MAP_FAILED) {
+ if((void *)chunk != (void *)MAP_FAILED) {
cnt = st.st_size - restart_point;
- auth_write(fileno(outstr),
+ sec_write(fileno(outstr),
chunk + restart_point,
cnt);
munmap(chunk, st.st_size);
- auth_write(fileno(outstr), NULL, 0);
+ sec_fflush(outstr);
byte_count = cnt;
transflag = 0;
}
@@ -1321,9 +1255,9 @@ send_data(FILE *instr, FILE *outstr)
return;
}
while ((cnt = read(filefd, buf, bufsize)) > 0 &&
- auth_write(netfd, buf, cnt) == cnt)
+ sec_write(netfd, buf, cnt) == cnt)
byte_count += cnt;
- auth_write(netfd, buf, 0); /* to end an encrypted stream */
+ sec_fflush(outstr); /* to end an encrypted stream */
transflag = 0;
if (cnt != 0) {
if (cnt < 0)
@@ -1381,7 +1315,7 @@ receive_data(FILE *instr, FILE *outstr)
case TYPE_I:
case TYPE_L:
- while ((cnt = auth_read(fileno(instr), buf, bufsize)) > 0) {
+ while ((cnt = sec_read(fileno(instr), buf, bufsize)) > 0) {
if (write(fileno(outstr), buf, cnt) != cnt)
goto file_err;
byte_count += cnt;
@@ -1400,7 +1334,7 @@ receive_data(FILE *instr, FILE *outstr)
{
char *p, *q;
int cr_flag = 0;
- while ((cnt = auth_read(fileno(instr),
+ while ((cnt = sec_read(fileno(instr),
buf + cr_flag,
bufsize - cr_flag)) > 0){
byte_count += cnt;
@@ -1409,7 +1343,7 @@ receive_data(FILE *instr, FILE *outstr)
for(p = buf, q = buf; p < buf + cnt;) {
if(*p == '\n')
bare_lfs++;
- if(*p == '\r')
+ if(*p == '\r') {
if(p == buf + cnt - 1){
cr_flag = 1;
p++;
@@ -1419,6 +1353,7 @@ receive_data(FILE *instr, FILE *outstr)
p += 2;
continue;
}
+ }
*q++ = *p++;
}
fwrite(buf, q - buf, 1, outstr);
@@ -1563,21 +1498,21 @@ __attribute__ ((format (printf, 3, 0)))
static void
int_reply(int n, char *c, const char *fmt, va_list ap)
{
- char buf[10240];
- char *p;
- p=buf;
- if(n){
- snprintf(p, sizeof(buf), "%d%s", n, c);
- p+=strlen(p);
- }
- vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap);
- p+=strlen(p);
- snprintf(p, sizeof(buf) - strlen(p), "\r\n");
- p+=strlen(p);
- auth_printf("%s", buf);
- fflush(stdout);
- if (debug)
- syslog(LOG_DEBUG, "<--- %s- ", buf);
+ char buf[10240];
+ char *p;
+ p=buf;
+ if(n){
+ snprintf(p, sizeof(buf), "%d%s", n, c);
+ p+=strlen(p);
+ }
+ vsnprintf(p, sizeof(buf) - strlen(p), fmt, ap);
+ p+=strlen(p);
+ snprintf(p, sizeof(buf) - strlen(p), "\r\n");
+ p+=strlen(p);
+ sec_fprintf(stdout, "%s", buf);
+ fflush(stdout);
+ if (debug)
+ syslog(LOG_DEBUG, "<--- %s- ", buf);
}
void
@@ -1698,7 +1633,7 @@ removedir(char *name)
void
pwd(void)
{
- char path[MaxPathLen + 1];
+ char path[MaxPathLen];
char *ret;
/* SunOS has a broken getcwd that does popen(pwd) (!!!), this
@@ -1762,10 +1697,10 @@ dologout(int status)
transflag = 0;
if (logged_in) {
seteuid((uid_t)0);
- logwtmp(ttyline, "", "");
- dest_tkt();
- if(k_hasafs())
- k_unlog();
+ ftpd_logwtmp(ttyline, "", "");
+#ifdef KRB4
+ cond_kdestroy();
+#endif
}
/* beware of flushing buffers after a SIGPIPE */
#ifdef XXX
@@ -1801,7 +1736,7 @@ myoob(int signo)
#if 0
cp = tmpline;
- if (getline(cp, 7) == NULL) {
+ if (ftpd_getline(cp, 7) == NULL) {
reply(221, "You could at least say goodbye.");
dologout(0);
}
@@ -1982,7 +1917,7 @@ send_file_list(char *whichf)
}
snprintf(buf, sizeof(buf), "%s%s\n", dirname,
type == TYPE_A ? "\r" : "");
- auth_write(fileno(dout), buf, strlen(buf));
+ sec_write(fileno(dout), buf, strlen(buf));
byte_count += strlen(dirname) + 1;
continue;
} else if (!S_ISDIR(st.st_mode))
@@ -2019,7 +1954,7 @@ send_file_list(char *whichf)
else
snprintf(buf, sizeof(buf), "%s%s\n", nbuf,
type == TYPE_A ? "\r" : "");
- auth_write(fileno(dout), buf, strlen(buf));
+ sec_write(fileno(dout), buf, strlen(buf));
byte_count += strlen(nbuf) + 1;
}
}
@@ -2034,7 +1969,7 @@ send_file_list(char *whichf)
transflag = 0;
if (dout != NULL){
- auth_write(fileno(dout), buf, 0); /* XXX flush */
+ sec_write(fileno(dout), buf, 0); /* XXX flush */
fclose(dout);
}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h b/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h
new file mode 100644
index 000000000000..4bb3ad3b1ad9
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftpd/ftpd_locl.h
@@ -0,0 +1,168 @@
+/*
+ * Copyright (c) 1998, 1999 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+/* $Id: ftpd_locl.h,v 1.5.2.1 1999/07/22 03:24:42 assar Exp $ */
+
+#ifndef __ftpd_locl_h__
+#define __ftpd_locl_h__
+
+#ifdef HAVE_CONFIG_H
+#include <config.h>
+#endif
+
+/*
+ * FTP server.
+ */
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_PARAM_H
+#include <sys/param.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+#include <sys/stat.h>
+#endif
+#ifdef HAVE_SYS_SOCKET_H
+#include <sys/socket.h>
+#endif
+#if defined(HAVE_SYS_IOCTL_H) && SunOS != 40
+#include <sys/ioctl.h>
+#endif
+#ifdef TIME_WITH_SYS_TIME
+#include <sys/time.h>
+#include <time.h>
+#elif defined(HAVE_SYS_TIME_H)
+#include <sys/time.h>
+#else
+#include <time.h>
+#endif
+#ifdef HAVE_SYS_RESOURCE_H
+#include <sys/resource.h>
+#endif
+#ifdef HAVE_SYS_WAIT_H
+#include <sys/wait.h>
+#endif
+
+#ifdef HAVE_NETINET_IN_H
+#include <netinet/in.h>
+#endif
+#ifdef HAVE_NETINET_IN_SYSTM_H
+#include <netinet/in_systm.h>
+#endif
+#ifdef HAVE_NETINET_IP_H
+#include <netinet/ip.h>
+#endif
+
+#ifdef HAVE_SYS_MMAN_H
+#include <sys/mman.h>
+#endif
+
+#include <arpa/ftp.h>
+#ifdef HAVE_ARPA_INET_H
+#include <arpa/inet.h>
+#endif
+#ifdef HAVE_ARPA_TELNET_H
+#include <arpa/telnet.h>
+#endif
+
+#include <ctype.h>
+#ifdef HAVE_DIRENT_H
+#include <dirent.h>
+#endif
+#include <errno.h>
+#ifdef HAVE_FCNTL_H
+#include <fcntl.h>
+#endif
+#include <glob.h>
+#include <limits.h>
+#ifdef HAVE_PWD_H
+#include <pwd.h>
+#endif
+#include <setjmp.h>
+#include <signal.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#ifdef HAVE_SYSLOG_H
+#include <syslog.h>
+#endif
+#include <time.h>
+#ifdef HAVE_UNISTD_H
+#include <unistd.h>
+#endif
+#ifdef HAVE_GRP_H
+#include <grp.h>
+#endif
+#include <fnmatch.h>
+
+#ifdef HAVE_BSD_BSD_H
+#include <bsd/bsd.h>
+#endif
+
+#include <err.h>
+
+#include "pathnames.h"
+#include "extern.h"
+#include "common.h"
+
+#include "security.h"
+
+#include "roken.h"
+
+#ifdef KRB4
+#include <krb.h>
+#include <kafs.h>
+#endif
+
+#ifdef OTP
+#include <otp.h>
+#endif
+
+#ifdef SOCKS
+#include <socks.h>
+extern int LIBPREFIX(fclose) (FILE *);
+#endif
+
+int yyparse();
+
+#ifndef LOG_FTP
+#define LOG_FTP LOG_DAEMON
+#endif
+
+#endif /* __ftpd_locl_h__ */
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c b/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c
new file mode 100644
index 000000000000..8a1a8e36ec68
--- /dev/null
+++ b/crypto/kerberosIV/appl/ftp/ftpd/gss_userok.c
@@ -0,0 +1,74 @@
+/*
+ * Copyright (c) 1998 Kungliga Tekniska Högskolan
+ * (Royal Institute of Technology, Stockholm, Sweden).
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Kungliga Tekniska
+ * Högskolan and its contributors.
+ *
+ * 4. Neither the name of the Institute nor the names of its contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ */
+
+#include "ftpd_locl.h"
+#include <gssapi.h>
+#include <krb5.h>
+
+RCSID("$Id: gss_userok.c,v 1.1 1998/05/12 12:15:22 joda Exp $");
+
+/* XXX a bit too much of krb5 dependency here...
+ What is the correct way to do this?
+ */
+
+extern krb5_context gssapi_krb5_context;
+
+/* XXX sync with gssapi.c */
+struct gss_data {
+ gss_ctx_id_t context_hdl;
+ char *client_name;
+};
+
+int gss_userok(void*, char*); /* to keep gcc happy */
+
+int
+gss_userok(void *app_data, char *username)
+{
+ struct gss_data *data = app_data;
+ if(gssapi_krb5_context) {
+ krb5_principal client;
+ krb5_error_code ret;
+ ret = krb5_parse_name(gssapi_krb5_context, data->client_name, &client);
+ if(ret)
+ return 1;
+ ret = krb5_kuserok(gssapi_krb5_context, client, username);
+ krb5_free_principal(gssapi_krb5_context, client);
+ return !ret;
+ }
+ return 1;
+}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c b/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
index 02d23d65683b..33795b6eac0a 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/kauth.c
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan
+ * Copyright (c) 1995, 1996, 1997, 1998 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -36,34 +36,9 @@
* SUCH DAMAGE.
*/
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-#endif
-
-RCSID("$Id: kauth.c,v 1.14 1997/05/07 02:21:30 assar Exp $");
-
-#include <stdio.h>
-#include <stdlib.h>
-#include <string.h>
-
-#include <time.h>
-#ifdef HAVE_SYS_TIME_H
-#include <sys/time.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-
-#include <roken.h>
-
-#include <des.h>
-#include <krb.h>
-#include <kafs.h>
+#include "ftpd_locl.h"
-#include "extern.h"
-#include "krb4.h"
-#include "auth.h"
-#include "base64.h"
+RCSID("$Id: kauth.c,v 1.22 1999/06/29 21:19:33 bg Exp $");
static KTEXT_ST cip;
static unsigned int lifetime;
@@ -71,9 +46,15 @@ static time_t local_time;
static krb_principal pr;
+static int do_destroy_tickets = 1;
+
static int
-save_tkt(char *user, char *instance, char *realm, void *arg,
- int (*key_proc)(char*, char*, char*, void*, des_cblock*), KTEXT *cipp)
+save_tkt(const char *user,
+ const char *instance,
+ const char *realm,
+ const void *arg,
+ key_proc_t key_proc,
+ KTEXT *cipp)
{
local_time = time(0);
memmove(&cip, *cipp, sizeof(cip));
@@ -89,11 +70,9 @@ store_ticket(KTEXT cip)
unsigned char kvno;
KTEXT_ST tkt;
int left = cip->length;
-
+ int len;
int kerror;
- time_t kdc_time;
-
ptr = (char *) cip->dat;
/* extract session key */
@@ -101,29 +80,32 @@ store_ticket(KTEXT cip)
ptr += 8;
left -= 8;
- if (strnlen(ptr, left) == left)
+ len = strnlen(ptr, left);
+ if (len == left)
return(INTK_BADPW);
/* extract server's name */
- strcpy(sp.name, ptr);
- ptr += strlen(sp.name) + 1;
- left -= strlen(sp.name) + 1;
+ strcpy_truncate(sp.name, ptr, sizeof(sp.name));
+ ptr += len + 1;
+ left -= len + 1;
- if (strnlen(ptr, left) == left)
+ len = strnlen(ptr, left);
+ if (len == left)
return(INTK_BADPW);
-
+
/* extract server's instance */
- strcpy(sp.instance, ptr);
- ptr += strlen(sp.instance) + 1;
- left -= strlen(sp.instance) + 1;
+ strcpy_truncate(sp.instance, ptr, sizeof(sp.instance));
+ ptr += len + 1;
+ left -= len + 1;
- if (strnlen(ptr, left) == left)
+ len = strnlen(ptr, left);
+ if (len == left)
return(INTK_BADPW);
-
+
/* extract server's realm */
- strcpy(sp.realm,ptr);
- ptr += strlen(sp.realm) + 1;
- left -= strlen(sp.realm) + 1;
+ strcpy_truncate(sp.realm, ptr, sizeof(sp.realm));
+ ptr += len + 1;
+ left -= len + 1;
if(left < 3)
return INTK_BADPW;
@@ -154,14 +136,18 @@ store_ticket(KTEXT cip)
#if 0
/* check KDC time stamp */
- memmove(&kdc_time, ptr, sizeof(kdc_time));
- if (swap_bytes) swap_u_long(kdc_time);
+ {
+ time_t kdc_time;
- ptr += 4;
+ memmove(&kdc_time, ptr, sizeof(kdc_time));
+ if (swap_bytes) swap_u_long(kdc_time);
+
+ ptr += 4;
- if (abs((int)(local_time - kdc_time)) > CLOCK_SKEW) {
- return(RD_AP_TIME); /* XXX should probably be better
+ if (abs((int)(local_time - kdc_time)) > CLOCK_SKEW) {
+ return(RD_AP_TIME); /* XXX should probably be better
code */
+ }
}
#endif
@@ -184,7 +170,8 @@ store_ticket(KTEXT cip)
return(kerror);
}
-void kauth(char *principal, char *ticket)
+void
+kauth(char *principal, char *ticket)
{
char *p;
int ret;
@@ -209,8 +196,10 @@ void kauth(char *principal, char *ticket)
memset(&cip, 0, sizeof(cip));
return;
}
+ do_destroy_tickets = 1;
+
if(k_hasafs())
- k_afsklog(0, 0);
+ krb_afslog(0, 0);
reply(200, "Tickets will be destroyed on exit.");
return;
}
@@ -226,7 +215,10 @@ void kauth(char *principal, char *ticket)
reply(500, "Kerberos error: %s.", krb_get_err_text(ret));
return;
}
- base64_encode(cip.dat, cip.length, &p);
+ if(base64_encode(cip.dat, cip.length, &p) < 0) {
+ reply(500, "Out of memory while base64-encoding.");
+ return;
+ }
reply(300, "P=%s T=%s", krb_unparse_name(&pr), p);
free(p);
memset(&cip, 0, sizeof(cip));
@@ -245,7 +237,8 @@ short_date(int32_t dp)
return (cp);
}
-void klist(void)
+void
+klist(void)
{
int err;
@@ -302,6 +295,8 @@ void klist(void)
* it was done before tf_init.
*/
+ lreply(200, "Ticket file: %s", tkt_string());
+
lreply(200, "Principal: %s", krb_unparse_name(&pr));
while ((err = tf_get_cred(&c)) == KSUCCESS) {
if (header) {
@@ -309,17 +304,63 @@ void klist(void)
" Issued", " Expires", " Principal (kvno)");
header = 0;
}
- strcpy(buf1, short_date(c.issue_date));
+ strcpy_truncate(buf1, short_date(c.issue_date), sizeof(buf1));
c.issue_date = krb_life_to_time(c.issue_date, c.lifetime);
if (time(0) < (unsigned long) c.issue_date)
- strcpy(buf2, short_date(c.issue_date));
+ strcpy_truncate(buf2, short_date(c.issue_date), sizeof(buf2));
else
- strcpy(buf2, ">>> Expired <<< ");
+ strcpy_truncate(buf2, ">>> Expired <<< ", sizeof(buf2));
lreply(200, "%s %s %s (%d)", buf1, buf2,
krb_unparse_name_long(c.service, c.instance, c.realm), c.kvno);
}
if (header && err == EOF) {
lreply(200, "No tickets in file.");
}
- reply(200, "");
+ reply(200, " ");
+}
+
+/*
+ * Only destroy if we created the tickets
+ */
+
+void
+cond_kdestroy(void)
+{
+ if (do_destroy_tickets)
+ dest_tkt();
+ afsunlog();
+}
+
+void
+kdestroy(void)
+{
+ dest_tkt();
+ afsunlog();
+ reply(200, "Tickets destroyed");
+}
+
+void
+krbtkfile(const char *tkfile)
+{
+ do_destroy_tickets = 0;
+ krb_set_tkt_string(tkfile);
+ reply(200, "Using ticket file %s", tkfile);
+}
+
+void
+afslog(const char *cell)
+{
+ if(k_hasafs()) {
+ krb_afslog(cell, 0);
+ reply(200, "afslog done");
+ } else {
+ reply(200, "no AFS present");
+ }
+}
+
+void
+afsunlog(void)
+{
+ if(k_hasafs())
+ k_unlog();
}
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c b/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
index 95ab216a1718..d948a5a83eee 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/logwtmp.c
@@ -38,7 +38,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: logwtmp.c,v 1.10 1997/05/25 15:17:56 assar Exp $");
+RCSID("$Id: logwtmp.c,v 1.13 1999/03/01 09:49:37 joda Exp $");
#endif
#include <stdio.h>
@@ -74,18 +74,20 @@ RCSID("$Id: logwtmp.c,v 1.10 1997/05/25 15:17:56 assar Exp $");
#endif
void
-logwtmp(char *line, char *name, char *host)
+ftpd_logwtmp(char *line, char *name, char *host)
{
static int init = 0;
- static int fd, fdx;
- struct timeval tv;
+ static int fd;
+#ifdef WTMPX_FILE
+ static int fdx;
+#endif
struct utmp ut;
#ifdef WTMPX_FILE
struct utmpx utx;
#endif
memset(&ut, 0, sizeof(struct utmp));
-#ifdef HAVE_UT_TYPE
+#ifdef HAVE_STRUCT_UTMP_UT_TYPE
if(name[0])
ut.ut_type = USER_PROCESS;
else
@@ -93,10 +95,10 @@ logwtmp(char *line, char *name, char *host)
#endif
strncpy(ut.ut_line, line, sizeof(ut.ut_line));
strncpy(ut.ut_name, name, sizeof(ut.ut_name));
-#ifdef HAVE_UT_PID
+#ifdef HAVE_STRUCT_UTMP_UT_PID
ut.ut_pid = getpid();
#endif
-#ifdef HAVE_UT_HOST
+#ifdef HAVE_STRUCT_UTMP_UT_HOST
strncpy(ut.ut_host, host, sizeof(ut.ut_host));
#endif
ut.ut_time = time(NULL);
@@ -105,14 +107,18 @@ logwtmp(char *line, char *name, char *host)
strncpy(utx.ut_line, line, sizeof(utx.ut_line));
strncpy(utx.ut_user, name, sizeof(utx.ut_user));
strncpy(utx.ut_host, host, sizeof(utx.ut_host));
-#ifdef HAVE_UT_SYSLEN
+#ifdef HAVE_STRUCT_UTMPX_UT_SYSLEN
utx.ut_syslen = strlen(host) + 1;
if (utx.ut_syslen > sizeof(utx.ut_host))
utx.ut_syslen = sizeof(utx.ut_host);
#endif
- gettimeofday (&tv, 0);
- utx.ut_tv.tv_sec = tv.tv_sec;
- utx.ut_tv.tv_usec = tv.tv_usec;
+ {
+ struct timeval tv;
+
+ gettimeofday (&tv, 0);
+ utx.ut_tv.tv_sec = tv.tv_sec;
+ utx.ut_tv.tv_usec = tv.tv_usec;
+ }
if(name[0])
utx.ut_type = USER_PROCESS;
diff --git a/crypto/kerberosIV/appl/ftp/ftpd/popen.c b/crypto/kerberosIV/appl/ftp/ftpd/popen.c
index 58c4985a0b90..4bd5e04943f3 100644
--- a/crypto/kerberosIV/appl/ftp/ftpd/popen.c
+++ b/crypto/kerberosIV/appl/ftp/ftpd/popen.c
@@ -37,7 +37,7 @@
#ifdef HAVE_CONFIG_H
#include <config.h>
-RCSID("$Id: popen.c,v 1.16 1997/06/01 03:14:06 assar Exp $");
+RCSID("$Id: popen.c,v 1.18 1998/06/09 19:24:24 joda Exp $");
#endif
#include <sys/types.h>
@@ -89,10 +89,10 @@ ftp_rooted(const char *path)
if(!home[0])
if((pwd = k_getpwnam("ftp")))
- strcpy(home, pwd->pw_dir);
+ strcpy_truncate(home, pwd->pw_dir, sizeof(home));
snprintf(newpath, sizeof(newpath), "%s/%s", home, path);
if(access(newpath, X_OK))
- strcpy(newpath, path);
+ strcpy_truncate(newpath, path, sizeof(newpath));
return newpath;
}
@@ -125,8 +125,8 @@ ftpd_popen(char *program, char *type, int do_stderr, int no_glob)
return (NULL);
/* break up string into pieces */
+ foo = NULL;
for (argc = 0, cp = program;; cp = NULL) {
- foo = NULL;
if (!(argv[argc++] = strtok_r(cp, " \t\n", &foo)))
break;
}
diff --git a/crypto/kerberosIV/appl/kauth/ChangeLog b/crypto/kerberosIV/appl/kauth/ChangeLog
new file mode 100644
index 000000000000..ad849a298b31
--- /dev/null
+++ b/crypto/kerberosIV/appl/kauth/ChangeLog
@@ -0,0 +1,24 @@
+Thu Apr 15 15:05:33 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * kauth.c: add `-v'
+
+Thu Mar 18 11:17:14 1999 Johan Danielsson <joda@hella.pdc.kth.se>
+
+ * Makefile.am: include Makefile.am.common
+
+Sun Nov 22 10:30:47 1998 Assar Westerlund <assar@sics.se>
+
+ * Makefile.in (WFLAGS): set
+
+Tue May 26 17:41:47 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * kauth.c: use krb_enable_debug
+
+Fri May 1 07:15:18 1998 Assar Westerlund <assar@sics.se>
+
+ * rkinit.c: unifdef -DHAVE_H_ERRNO
+
+Thu Mar 19 16:07:18 1998 Johan Danielsson <joda@emma.pdc.kth.se>
+
+ * kauth.c: Check for negative return value from krb_afslog().
+
diff --git a/crypto/kerberosIV/appl/kauth/Makefile.am b/crypto/kerberosIV/appl/kauth/Makefile.am
new file mode 100644
index 000000000000..a5bf0fdacac6
--- /dev/null
+++ b/crypto/kerberosIV/appl/kauth/Makefile.am
@@ -0,0 +1,42 @@
+# $Id: Makefile.am,v 1.7 1999/04/09 18:22:45 assar Exp $
+
+include $(top_srcdir)/Makefile.am.common
+
+INCLUDES += $(INCLUDE_krb4)
+
+bin_PROGRAMS = kauth
+bin_SCRIPTS = ksrvtgt
+libexec_PROGRAMS = kauthd
+
+EXTRA_DIST = zrefresh ksrvtgt.in
+
+kauth_SOURCES = \
+ kauth.c \
+ kauth.h \
+ rkinit.c \
+ marshall.c \
+ encdata.c
+
+kauthd_SOURCES = \
+ kauthd.c \
+ kauth.h \
+ marshall.c \
+ encdata.c
+
+ksrvtgt: ksrvtgt.in
+ sed -e "s!%bindir%!$(bindir)!" $(srcdir)/ksrvtgt.in > $@
+ chmod +x $@
+
+install-exec-local:
+ if test -f $(bindir)/zrefresh -o -r $(bindir)/zrefresh; then \
+ true; \
+ else \
+ $(INSTALL_PROGRAM) $(srcdir)/zrefresh $(bindir)/`echo zrefresh | sed '$(transform)'`; \
+ fi
+
+LDADD = \
+ $(LIB_kafs) \
+ $(LIB_krb5) \
+ $(LIB_krb4) \
+ $(top_builddir)/lib/des/libdes.la \
+ $(LIB_roken)
diff --git a/crypto/kerberosIV/appl/kauth/Makefile.in b/crypto/kerberosIV/appl/kauth/Makefile.in
index 97bfdb42edf7..278facc21cc4 100644
--- a/crypto/kerberosIV/appl/kauth/Makefile.in
+++ b/crypto/kerberosIV/appl/kauth/Makefile.in
@@ -1,17 +1,19 @@
-# $Id: Makefile.in,v 1.33 1997/04/05 21:24:35 assar Exp $
+# $Id: Makefile.in,v 1.40 1999/03/10 19:01:11 joda Exp $
SHELL = /bin/sh
srcdir = @srcdir@
VPATH = @srcdir@
-topdir = ../..
+top_builddir = ../..
CC = @CC@
+LINK = @LINK@
AR = ar
RANLIB = @RANLIB@
DEFS = @DEFS@ -DBINDIR='"$(bindir)"'
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ $(WFLAGS)
+WFLAGS = @WFLAGS@
LD_FLAGS = @LD_FLAGS@
INSTALL = @INSTALL@
INSTA