src - OpenBSD base system

diff options


context:
space:
mode:

author	Todd C. Miller <millert@cvs.openbsd.org>	2003-04-07 03:31:11 +0000
committer	Todd C. Miller <millert@cvs.openbsd.org>	2003-04-07 03:31:11 +0000
commit	0e5bcbfa6c0b83de7bd2013d2c0b74a1e4affa9d (patch)
tree	7fc63bac9b590fed01526d15c9a0370ab797596e
parent	2f2d0a26cc415e1a04c84188bb0519d5b1ec64bb (diff)

Sync with sudo 1.6.7p3; fixes kerberos 5 compilation issues w/ MIT kerberos.

Diffstat

-rw-r--r--

usr.bin/sudo/CHANGES

-rw-r--r--

usr.bin/sudo/Makefile.in

-rw-r--r--

usr.bin/sudo/auth/kerb5.c

-rw-r--r--

usr.bin/sudo/config.h.in

-rw-r--r--

usr.bin/sudo/configure

-rw-r--r--

usr.bin/sudo/configure.in

-rw-r--r--

usr.bin/sudo/version.h

7 files changed, 96 insertions, 19 deletions

diff --git a/usr.bin/sudo/CHANGES b/usr.bin/sudo/CHANGES
index 31bce32bcc9..b4290f8c3d1 100644
--- a/usr.bin/sudo/CHANGES
+++ b/usr.bin/sudo/CHANGES

@@ -1615,3 +1615,9 @@ Sudo 1.6.7p1 released.

caused problems on Tru64 Unix.

Sudo 1.6.7p2 released.

+507) Kerberos V support should work on latest MIT Kerberos V and Heimdal.

+Sudo 1.6.7p3 released.

+508) BSD-style warn/err functions are now used throughout.

diff --git a/usr.bin/sudo/Makefile.in b/usr.bin/sudo/Makefile.in
index 451433fcb76..027522c894f 100644
--- a/usr.bin/sudo/Makefile.in
+++ b/usr.bin/sudo/Makefile.in

@@ -140,7 +140,7 @@ TESTOBJS = interfaces.o testsudoers.o $(PARSEOBJS)

LIBOBJS = @LIBOBJS@ @ALLOCA@

-VERSION = 1.6.7p2

+VERSION = 1.6.7p3

DISTFILES = $(SRCS) $(HDRS) BUGS CHANGES HISTORY INSTALL INSTALL.configure \

LICENSE Makefile.in PORTING README RUNSON TODO TROUBLESHOOTING \

diff --git a/usr.bin/sudo/auth/kerb5.c b/usr.bin/sudo/auth/kerb5.c
index 151b40573cd..358c4f18e37 100644
--- a/usr.bin/sudo/auth/kerb5.c
+++ b/usr.bin/sudo/auth/kerb5.c

@@ -65,9 +65,15 @@

#include "sudo_auth.h"

#ifndef lint

-static const char rcsid[] = "$Sudo: kerb5.c,v 1.14 2003/04/02 18:57:34 millert Exp $";

+static const char rcsid[] = "$Sudo: kerb5.c,v 1.16 2003/04/04 17:46:57 millert Exp $";

#endif /* lint */

+#ifdef HAVE_HEIMDAL

+# define krb5_free_data_contents(c, d) krb5_data_free(d)

+#else

+# define krb5_principal_get_realm(c, p) (krb5_princ_realm(c, p)->data)

+#endif

static int verify_krb_v5_tgt __P((krb5_context, krb5_ccache, char *));

static struct _sudo_krb5_data {

krb5_context sudo_context;

@@ -276,7 +282,7 @@ verify_krb_v5_tgt(sudo_context, ccache, auth_name)

* and enctype is currently ignored anyhow.)

if ((error = krb5_kt_read_service_key(sudo_context, NULL, princ, 0,

- ETYPE_DES_CBC_MD5, &keyblock))) {

+ ENCTYPE_DES_CBC_MD5, &keyblock))) {

/* Keytab or service key does not exist. */

log_error(NO_EXIT,

"%s: host service key not found: %s", auth_name,

@@ -301,7 +307,7 @@ verify_krb_v5_tgt(sudo_context, ccache, auth_name)

NULL, NULL, NULL);

cleanup:

if (packet.data)

- krb5_data_free(&packet);

+ krb5_free_data_contents(sudo_context, &packet);

krb5_free_principal(sudo_context, princ);

if (error)

diff --git a/usr.bin/sudo/config.h.in b/usr.bin/sudo/config.h.in
index cbcc2200d0a..de446890570 100644
--- a/usr.bin/sudo/config.h.in
+++ b/usr.bin/sudo/config.h.in

@@ -124,6 +124,9 @@

passwords) */

#undef HAVE_GETSPWUID

+/* Define if your Kerberos is Heimdal. */

+#undef HAVE_HEIMDAL

/* Define to 1 if you have the `initgroups' function. */

#undef HAVE_INITGROUPS

diff --git a/usr.bin/sudo/configure b/usr.bin/sudo/configure
index 20168b173f2..43b3c71d9ef 100644
--- a/usr.bin/sudo/configure
+++ b/usr.bin/sudo/configure

@@ -1,6 +1,6 @@

#! /bin/sh

# Guess values for system-dependent variables and create Makefiles.

-# Generated by GNU Autoconf 2.57 for sudo 1.6.7p2.

+# Generated by GNU Autoconf 2.57 for sudo 1.6.7p3.

# Free Software Foundation, Inc.

@@ -266,8 +266,8 @@ SHELL=${CONFIG_SHELL-/bin/sh}

# Identity of this package.

PACKAGE_NAME='sudo'

PACKAGE_TARNAME='sudo'

-PACKAGE_VERSION='1.6.7p2'

-PACKAGE_STRING='sudo 1.6.7p2'

+PACKAGE_VERSION='1.6.7p3'

+PACKAGE_STRING='sudo 1.6.7p3'

PACKAGE_BUGREPORT=''

# Factoring default headers for most tests.

@@ -776,7 +776,7 @@ if test "$ac_init_help" = "long"; then

# Omit some internal or obsolete options to make the list less imposing.

# This message is too long to be a string in the A/UX 3.1 sh.

cat <<_ACEOF

-\`configure' configures sudo 1.6.7p2 to adapt to many kinds of systems.

+\`configure' configures sudo 1.6.7p3 to adapt to many kinds of systems.

Usage: $0 [OPTION]... [VAR=VALUE]...

@@ -837,7 +837,7 @@ fi

if test -n "$ac_init_help"; then

case $ac_init_help in

- short | recursive ) echo "Configuration of sudo 1.6.7p2:";;

+ short | recursive ) echo "Configuration of sudo 1.6.7p3:";;

esac

cat <<\_ACEOF

@@ -1004,7 +1004,7 @@ fi

test -n "$ac_init_help" && exit 0

if $ac_init_version; then

cat <<\_ACEOF

-sudo configure 1.6.7p2

+sudo configure 1.6.7p3

generated by GNU Autoconf 2.57

@@ -1019,7 +1019,7 @@ cat >&5 <<_ACEOF

This file contains any messages produced by compilers while

running configure, to aid debugging if configure makes a mistake.

-It was created by sudo $as_me 1.6.7p2, which was

+It was created by sudo $as_me 1.6.7p3, which was

generated by GNU Autoconf 2.57. Invocation command line was

$ $0 $@

@@ -1357,8 +1357,8 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu

ac_config_headers="$ac_config_headers config.h pathnames.h"

-{ echo "$as_me:$LINENO: Configuring Sudo version 1.6.7p2" >&5

-echo "$as_me: Configuring Sudo version 1.6.7p2" >&6;}

+{ echo "$as_me:$LINENO: Configuring Sudo version 1.6.7p3" >&5

+echo "$as_me: Configuring Sudo version 1.6.7p3" >&6;}

@@ -13363,6 +13363,52 @@ _ACEOF

AUTH_OBJS="${AUTH_OBJS} kerb5.o"

CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"

SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`"

+ echo "$as_me:$LINENO: checking whether we are using Heimdal" >&5

+echo $ECHO_N "checking whether we are using Heimdal... $ECHO_C" >&6

+ cat >conftest.$ac_ext <<_ACEOF

+#line $LINENO "configure"

+/* confdefs.h. */

+_ACEOF

+cat confdefs.h >>conftest.$ac_ext

+cat >>conftest.$ac_ext <<_ACEOF

+/* end confdefs.h. */

+#include <krb5.h>

+int

+main ()

+const char *tmp = heimdal_version;

+ ;

+ return 0;

+_ACEOF

+rm -f conftest.$ac_objext

+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5

+ (eval $ac_compile) 2>&5

+ ac_status=$?

+ echo "$as_me:$LINENO: \$? = $ac_status" >&5

+ (exit $ac_status); } &&

+ { ac_try='test -s conftest.$ac_objext'

+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5

+ (eval $ac_try) 2>&5

+ ac_status=$?

+ echo "$as_me:$LINENO: \$? = $ac_status" >&5

+ (exit $ac_status); }; }; then

+ echo "$as_me:$LINENO: result: yes" >&5

+echo "${ECHO_T}yes" >&6

+cat >>confdefs.h <<\_ACEOF

+#define HAVE_HEIMDAL 1

+_ACEOF

+else

+ echo "$as_me: failed program was:" >&5

+sed 's/^/| /' conftest.$ac_ext >&5

+fi

+rm -f conftest.$ac_objext conftest.$ac_ext

if test -n "$with_kerb5" -a -z "$KRB5CONFIG"; then

@@ -13457,6 +13503,11 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5

echo "$as_me:$LINENO: result: yes" >&5

echo "${ECHO_T}yes" >&6

+cat >>confdefs.h <<\_ACEOF

+#define HAVE_HEIMDAL 1

+_ACEOF

SUDO_LIBS="${SUDO_LIBS} -lkrb5 -ldes -lcom_err -lasn1"

echo "$as_me:$LINENO: checking for main in -lroken" >&5

echo $ECHO_N "checking for main in -lroken... $ECHO_C" >&6

@@ -14646,7 +14697,7 @@ _ASBOX

} >&5

cat >&5 <<_CSEOF

-This file was extended by sudo $as_me 1.6.7p2, which was

+This file was extended by sudo $as_me 1.6.7p3, which was

generated by GNU Autoconf 2.57. Invocation command line was

CONFIG_FILES = $CONFIG_FILES

@@ -14706,7 +14757,7 @@ _ACEOF

cat >>$CONFIG_STATUS <<_ACEOF

ac_cs_version="\\

-sudo config.status 1.6.7p2

+sudo config.status 1.6.7p3

configured by $0, generated by GNU Autoconf 2.57,

with options \\"`echo "$ac_configure_args" | sed 's/[\\""\`\$]/\\\\&/g'`\\"

diff --git a/usr.bin/sudo/configure.in b/usr.bin/sudo/configure.in
index bc67c458f3c..58255a12005 100644
--- a/usr.bin/sudo/configure.in
+++ b/usr.bin/sudo/configure.in

@@ -1,15 +1,15 @@

dnl

dnl Process this file with GNU autoconf to produce a configure script.

-dnl $Sudo: configure.in,v 1.381 2003/04/02 18:45:35 millert Exp $

+dnl $Sudo: configure.in,v 1.382 2003/04/04 17:45:24 millert Exp $

dnl

-AC_INIT(sudo, 1.6.7p2)

+AC_INIT(sudo, 1.6.7p3)

AC_CONFIG_HEADER(config.h pathnames.h)

dnl

dnl This won't work before AC_INIT()

dnl

-AC_MSG_NOTICE([Configuring Sudo version 1.6.7p2])

+AC_MSG_NOTICE([Configuring Sudo version 1.6.7p3])

dnl

dnl Variables that get substituted in the Makefile and man pages

dnl

@@ -1779,6 +1779,16 @@ if test "$with_kerb5" = "yes"; then

AUTH_OBJS="${AUTH_OBJS} kerb5.o"

CPPFLAGS="$CPPFLAGS `krb5-config --cflags`"

SUDO_LIBS="$SUDO_LIBS `krb5-config --libs`"

+ dnl

+ dnl Try to determine whether we have Heimdal or MIT Kerberos

+ dnl

+ AC_MSG_CHECKING(whether we are using Heimdal)

+ AC_TRY_COMPILE([#include <krb5.h>], [const char *tmp = heimdal_version;],

+ [

+ AC_MSG_RESULT(yes)

+ AC_DEFINE(HAVE_HEIMDAL, 1, [Define if your Kerberos is Heimdal.])

+ ]

+ )

if test -n "$with_kerb5" -a -z "$KRB5CONFIG"; then

@@ -1810,6 +1820,7 @@ if test -n "$with_kerb5" -a -z "$KRB5CONFIG"; then

AC_TRY_COMPILE([#include <krb5.h>], [const char *tmp = heimdal_version;],

[

AC_MSG_RESULT(yes)

+ AC_DEFINE(HAVE_HEIMDAL, 1, [Define if your Kerberos is Heimdal.])

SUDO_LIBS="${SUDO_LIBS} -lkrb5 -ldes -lcom_err -lasn1"

AC_CHECK_LIB(roken, main, [SUDO_LIBS="${SUDO_LIBS} -lroken"])

], [

diff --git a/usr.bin/sudo/version.h b/usr.bin/sudo/version.h
index 6fb72bff8a9..461415158be 100644
--- a/usr.bin/sudo/version.h
+++ b/usr.bin/sudo/version.h

@@ -37,6 +37,6 @@

#ifndef _SUDO_VERSION_H

#define _SUDO_VERSION_H

-static const char version[] = "1.6.7p2";

+static const char version[] = "1.6.7p3";

#endif /* _SUDO_VERSION_H */