Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-1-5]: src Pull up revisions 1.2-1.4 (requested by assar):
details: https://anonhg.NetBSD.org/src/rev/e71349803c96
branches: netbsd-1-5
changeset: 491151:e71349803c96
user: he <he%NetBSD.org@localhost>
date: Thu Apr 05 23:25:10 2001 +0000
description:
Pull up revisions 1.2-1.4 (requested by assar):
Upgrade Heimdal to version 0.3e.
diffstat:
crypto/dist/heimdal/lib/krb5/changepw.c | 87 ++-
crypto/dist/heimdal/lib/krb5/crypto.c | 763 ++++++++++++++++++++++++++++---
lib/libkrb5/shlib_version | 4 +-
3 files changed, 727 insertions(+), 127 deletions(-)
diffs (truncated from 1447 to 300 lines):
diff -r a15c4e4868bd -r e71349803c96 crypto/dist/heimdal/lib/krb5/changepw.c
--- a/crypto/dist/heimdal/lib/krb5/changepw.c Thu Apr 05 23:25:08 2001 +0000
+++ b/crypto/dist/heimdal/lib/krb5/changepw.c Thu Apr 05 23:25:10 2001 +0000
@@ -33,7 +33,7 @@
#include <krb5_locl.h>
-RCSID("$Id: changepw.c,v 1.1.1.1 2000/06/16 18:32:56 thorpej Exp $");
+RCSID("$Id: changepw.c,v 1.1.1.1.2.1 2001/04/05 23:25:10 he Exp $");
static krb5_error_code
get_kdc_address (krb5_context context,
@@ -52,10 +52,12 @@
return ret;
port = ntohs(krb5_getportbyname (context, "kpasswd", "udp", KPASSWD_PORT));
- error = roken_getaddrinfo_hostspec(*hostlist, port, ai);
+ error = roken_getaddrinfo_hostspec2(*hostlist, SOCK_DGRAM, port, ai);
krb5_free_krbhst (context, hostlist);
- return error;
+ if(error)
+ return krb5_eai_to_heim_errno(error);
+ return 0;
}
static krb5_error_code
@@ -138,7 +140,12 @@
static void
str2data (krb5_data *d,
- char *fmt,
+ const char *fmt,
+ ...) __attribute__ ((__format__ (__printf__, 2, 3)));
+
+static void
+str2data (krb5_data *d,
+ const char *fmt,
...)
{
va_list args;
@@ -261,6 +268,7 @@
int sock;
int i;
struct addrinfo *ai, *a;
+ int done = 0;
ret = krb5_auth_con_init (context, &auth_context);
if (ret)
@@ -270,62 +278,71 @@
if (ret)
goto out;
- krb5_auth_con_setflags (context, auth_context,
- KRB5_AUTH_CONTEXT_DO_SEQUENCE);
+ for (a = ai; !done && a != NULL; a = a->ai_next) {
+ int replied = 0;
- for (a = ai; a != NULL; a = a->ai_next) {
sock = socket (a->ai_family, a->ai_socktype, a->ai_protocol);
if (sock < 0)
continue;
- for (i = 0; i < 5; ++i) {
+ for (i = 0; !done && i < 5; ++i) {
fd_set fdset;
struct timeval tv;
- ret = send_request (context,
- &auth_context,
- creds,
- sock,
- a->ai_addr,
- a->ai_addrlen,
- newpw);
- if (ret) {
- close(sock);
+ if (!replied) {
+ replied = 0;
+ ret = send_request (context,
+ &auth_context,
+ creds,
+ sock,
+ a->ai_addr,
+ a->ai_addrlen,
+ newpw);
+ if (ret) {
+ close(sock);
+ goto out;
+ }
+ }
+
+ if (sock >= FD_SETSIZE) {
+ ret = ERANGE;
+ close (sock);
goto out;
}
FD_ZERO(&fdset);
FD_SET(sock, &fdset);
tv.tv_usec = 0;
- tv.tv_sec = 1 << i;
+ tv.tv_sec = 1 + (1 << i);
ret = select (sock + 1, &fdset, NULL, NULL, &tv);
if (ret < 0 && errno != EINTR) {
close(sock);
goto out;
}
- if (ret == 1)
- break;
- }
- if (i == 5) {
- ret = KRB5_KDC_UNREACH;
- close (sock);
- continue;
+ if (ret == 1) {
+ ret = process_reply (context,
+ auth_context,
+ sock,
+ result_code,
+ result_code_string,
+ result_string);
+ if (ret == 0)
+ done = 1;
+ else if (i > 0 && ret == KRB5KRB_AP_ERR_MUT_FAIL)
+ replied = 1;
+ } else {
+ ret = KRB5_KDC_UNREACH;
+ }
}
-
- ret = process_reply (context,
- auth_context,
- sock,
- result_code,
- result_code_string,
- result_string);
close (sock);
- if (ret == 0)
- break;
}
freeaddrinfo (ai);
out:
krb5_auth_con_free (context, auth_context);
- return ret;
+ if (done)
+ return 0;
+ else
+ return ret;
}
diff -r a15c4e4868bd -r e71349803c96 crypto/dist/heimdal/lib/krb5/crypto.c
--- a/crypto/dist/heimdal/lib/krb5/crypto.c Thu Apr 05 23:25:08 2001 +0000
+++ b/crypto/dist/heimdal/lib/krb5/crypto.c Thu Apr 05 23:25:10 2001 +0000
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan
+ * Copyright (c) 1997 - 2001 Kungliga Tekniska Högskolan
* (Royal Institute of Technology, Stockholm, Sweden).
* All rights reserved.
*
@@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
-RCSID("$Id: crypto.c,v 1.1.1.1 2000/06/16 18:32:56 thorpej Exp $");
+RCSID("$Id: crypto.c,v 1.1.1.1.2.1 2001/04/05 23:25:10 he Exp $");
#undef CRYPTO_DEBUG
#ifdef CRYPTO_DEBUG
@@ -65,6 +65,7 @@
#define F_DERIVED 4 /* uses derived keys */
#define F_VARIANT 8 /* uses `variant' keys (6.4.3) */
#define F_PSEUDO 16 /* not a real protocol type */
+#define F_SPECIAL 32 /* backwards */
struct salt_type {
krb5_salttype type;
@@ -93,9 +94,16 @@
size_t blocksize;
size_t checksumsize;
unsigned flags;
- void (*checksum)(krb5_context, struct key_data*, void*, size_t, Checksum*);
- krb5_error_code (*verify)(krb5_context, struct key_data*,
- void*, size_t, Checksum*);
+ void (*checksum)(krb5_context context,
+ struct key_data *key,
+ const void *buf, size_t len,
+ unsigned usage,
+ Checksum *csum);
+ krb5_error_code (*verify)(krb5_context context,
+ struct key_data *key,
+ const void *buf, size_t len,
+ unsigned usage,
+ Checksum *csum);
};
struct encryption_type {
@@ -107,7 +115,11 @@
struct checksum_type *cksumtype;
struct checksum_type *keyed_checksum;
unsigned flags;
- void (*encrypt)(struct key_data *, void *, size_t, int);
+ krb5_error_code (*encrypt)(struct key_data *key,
+ void *data, size_t len,
+ krb5_boolean encrypt,
+ int usage,
+ void *ivec);
};
#define ENCRYPTION_USAGE(U) (((U) << 8) | 0xAA)
@@ -189,7 +201,8 @@
for(i = 0; i < 8; i++) {
char c = ((i < pw.length) ? ((char*)pw.data)[i] : 0) ^
- ((i < cell.length) ? ((char*)cell.data)[i] : 0);
+ ((i < cell.length) ?
+ tolower(((unsigned char*)cell.data)[i]) : 0);
password[i] = c ? c : 'X';
}
password[8] = '\0';
@@ -219,23 +232,25 @@
size_t passlen;
memcpy(password, pw.data, min(pw.length, sizeof(password)));
- if(pw.length < sizeof(password))
- memcpy(password + pw.length,
- cell.data, min(cell.length,
- sizeof(password) - pw.length));
+ if(pw.length < sizeof(password)) {
+ int len = min(cell.length, sizeof(password) - pw.length);
+ int i;
+
+ memcpy(password + pw.length, cell.data, len);
+ for (i = pw.length; i < pw.length + len; ++i)
+ password[i] = tolower((unsigned char)password[i]);
+ }
passlen = min(sizeof(password), pw.length + cell.length);
memcpy(&ivec, "kerberos", 8);
memcpy(&temp_key, "kerberos", 8);
des_set_odd_parity (&temp_key);
des_set_key (&temp_key, schedule);
- des_cbc_cksum ((const void *)password, &ivec, passlen,
- schedule, &ivec);
+ des_cbc_cksum ((const void *)password, &ivec, passlen, schedule, &ivec);
memcpy(&temp_key, &ivec, 8);
des_set_odd_parity (&temp_key);
des_set_key (&temp_key, schedule);
- des_cbc_cksum ((const void *)password, key, passlen,
- schedule, &ivec);
+ des_cbc_cksum ((const void *)password, key, passlen, schedule, &ivec);
memset(&schedule, 0, sizeof(schedule));
memset(&temp_key, 0, sizeof(temp_key));
memset(&ivec, 0, sizeof(ivec));
@@ -416,7 +431,7 @@
int i;
MD4_CTX m;
- len = 2 * (password.length + salt.saltvalue.length);
+ len = 2 * password.length;
s = malloc (len);
if (len != 0 && s == NULL)
return ENOMEM;
@@ -424,10 +439,6 @@
*p++ = ((char *)password.data)[i];
*p++ = 0;
}
- for (i = 0; i < salt.saltvalue.length; ++i) {
- *p++ = ((char *)salt.saltvalue.data)[i];
- *p++ = 0;
- }
MD4Init (&m);
MD4Update (&m, s, len);
key->keytype = enctype;
@@ -670,6 +681,11 @@
return krb5_string_to_key_data(context, enctype, pw, principal, key);
}
+/*
+ * Do a string -> key for encryption type `enctype' operation on
+ * `password' (with salt `salt'), returning the resulting key in `key'
+ */
+
krb5_error_code
krb5_string_to_key_data_salt (krb5_context context,
krb5_enctype enctype,
@@ -687,6 +703,12 @@
return HEIM_ERR_SALTTYPE_NOSUPP;
}
+/*
+ * Do a string -> key for encryption type `enctype' operation on the
+ * string `password' (with salt `salt'), returning the resulting key
+ * in `key'
+ */
+
krb5_error_code
krb5_string_to_key_salt (krb5_context context,
Home |
Main Index |
Thread Index |
Old Index