summaryrefslogtreecommitdiff
path: root/kerberosIV/kadm
diff options
context:
space:
mode:
authorArtur Grabowski <art@cvs.openbsd.org>1997-12-01 04:47:01 +0000
committerArtur Grabowski <art@cvs.openbsd.org>1997-12-01 04:47:01 +0000
commit3bcbf38101d656808bda3c5494982b40108eabb0 (patch)
tree1e6ec63561ce4885e74716b3aea09db79913ea32 /kerberosIV/kadm
parent6a80c92a21d463b9cbde2b09b808d286f9fdde82 (diff)
Another minimal upgrade to kth-krb4-0.9.7.
Diffstat (limited to 'kerberosIV/kadm')
-rw-r--r--kerberosIV/kadm/kadm_cli_wrap.c350
-rw-r--r--kerberosIV/kadm/kadm_err.et13
-rw-r--r--kerberosIV/kadm/kadm_local.h3
-rw-r--r--kerberosIV/kadm/kadm_stream.c241
-rw-r--r--kerberosIV/kadm/kadm_supp.c79
-rw-r--r--kerberosIV/kadm/shlib_version2
6 files changed, 365 insertions, 323 deletions
diff --git a/kerberosIV/kadm/kadm_cli_wrap.c b/kerberosIV/kadm/kadm_cli_wrap.c
index 4a0155a54bb..214c32c0c23 100644
--- a/kerberosIV/kadm/kadm_cli_wrap.c
+++ b/kerberosIV/kadm/kadm_cli_wrap.c
@@ -1,25 +1,25 @@
-/* $Id: kadm_cli_wrap.c,v 1.2 1996/09/16 03:16:27 tholo Exp $ */
+/* $KTH: kadm_cli_wrap.c,v 1.22 1997/08/17 07:30:04 assar Exp $ */
-/*-
- * Copyright (C) 1989 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- *
- */
+/*
+ Copyright (C) 1989 by the Massachusetts Institute of Technology
+
+ Export of this software from the United States of America is assumed
+ to require a specific license from the United States Government.
+ It is the responsibility of any person or organization contemplating
+ export to obtain such a license before exporting.
+
+WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+distribute this software and its documentation for any purpose and
+without fee is hereby granted, provided that the above copyright
+notice appear in all copies and that both that copyright notice and
+this permission notice appear in supporting documentation, and that
+the name of M.I.T. not be used in advertising or publicity pertaining
+to distribution of the software without specific, written prior
+permission. M.I.T. makes no representations about the suitability of
+this software for any purpose. It is provided "as is" without express
+or implied warranty.
+
+ */
/*
* Kerberos administration server client-side routines
@@ -29,7 +29,7 @@
* kadm_cli_wrap.c the client side wrapping of the calls to the admin server
*/
-#include "kadm_local.h"
+#include "kadm_locl.h"
#ifndef NULL
#define NULL 0
@@ -45,20 +45,20 @@ static des_cblock sess_key; /* to be filled in by kadm_cli_keyd */
static des_key_schedule sess_sched;
static void
-clear_secrets()
+clear_secrets(void)
{
- bzero((char *)sess_key, sizeof(sess_key));
- bzero((char *)sess_sched, sizeof(sess_sched));
+ memset(sess_key, 0, sizeof(sess_key));
+ memset(sess_sched, 0, sizeof(sess_sched));
return;
}
static void (*opipe)();
static void
-kadm_cli_disconn()
+kadm_cli_disconn(void)
{
- (void) close(client_parm.admin_fd);
- (void) signal(SIGPIPE, opipe);
+ close(client_parm.admin_fd);
+ signal(SIGPIPE, opipe);
return;
}
@@ -70,43 +70,37 @@ kadm_cli_disconn()
* data about the connection between the server and client, the services
* used, the locations and other fun things
*/
+
int
-kadm_init_link(n, i, r)
- char *n;
- char *i;
- char *r;
+kadm_init_link(char *n, char *i, char *r)
{
- struct servent *sep; /* service we will talk to */
struct hostent *hop; /* host we will talk to */
char adm_hostname[MAXHOSTNAMELEN];
- (void) init_kadm_err_tbl();
- (void) init_krb_err_tbl();
- (void) strcpy(client_parm.sname, n);
- (void) strcpy(client_parm.sinst, i);
- (void) strcpy(client_parm.krbrlm, r);
+ init_kadm_err_tbl();
+ init_krb_err_tbl();
+ strcpy(client_parm.sname, n);
+ strcpy(client_parm.sinst, i);
+ strcpy(client_parm.krbrlm, r);
client_parm.admin_fd = -1;
/* set up the admin_addr - fetch name of admin host */
if (krb_get_admhst(adm_hostname, client_parm.krbrlm, 1) != KSUCCESS)
return KADM_NO_HOST;
if ((hop = gethostbyname(adm_hostname)) == NULL)
- return KADM_UNK_HOST; /* couldnt find the admin servers
- * address */
- if ((sep = getservbyname(KADM_SNAME, "tcp")) == NULL)
- return KADM_NO_SERV; /* couldnt find the admin service */
- bzero((char *) &client_parm.admin_addr,
- sizeof(client_parm.admin_addr));
+ return KADM_UNK_HOST;
+ memset(&client_parm.admin_addr, 0, sizeof(client_parm.admin_addr));
+ client_parm.admin_addr.sin_port =
+ k_getportbyname(KADM_SNAME, "tcp", htons(KADM_PORT));
client_parm.admin_addr.sin_family = hop->h_addrtype;
- bcopy((char *) hop->h_addr, (char *) &client_parm.admin_addr.sin_addr,
- hop->h_length);
- client_parm.admin_addr.sin_port = sep->s_port;
+ memcpy(&client_parm.admin_addr.sin_addr, hop->h_addr,
+ sizeof(client_parm.admin_addr.sin_addr));
return KADM_SUCCESS;
-} /* procedure kadm_init_link */
+}
static int
-kadm_cli_conn()
+kadm_cli_conn(void)
{ /* this connects and sets my_addr */
int on = 1;
@@ -116,7 +110,7 @@ kadm_cli_conn()
if (connect(client_parm.admin_fd,
(struct sockaddr *) & client_parm.admin_addr,
sizeof(client_parm.admin_addr))) {
- (void) close(client_parm.admin_fd);
+ close(client_parm.admin_fd);
client_parm.admin_fd = -1;
return KADM_NO_CONN; /* couldnt get the connect */
}
@@ -125,16 +119,17 @@ kadm_cli_conn()
if (getsockname(client_parm.admin_fd,
(struct sockaddr *) & client_parm.my_addr,
&client_parm.my_addr_len) < 0) {
- (void) close(client_parm.admin_fd);
+ close(client_parm.admin_fd);
client_parm.admin_fd = -1;
- (void) signal(SIGPIPE, opipe);
+ signal(SIGPIPE, opipe);
return KADM_NO_HERE; /* couldnt find out who we are */
}
- if (setsockopt(client_parm.admin_fd, SOL_SOCKET, SO_KEEPALIVE, &on,
+ if (setsockopt(client_parm.admin_fd, SOL_SOCKET, SO_KEEPALIVE,
+ (void *)&on,
sizeof(on)) < 0) {
- (void) close(client_parm.admin_fd);
+ close(client_parm.admin_fd);
client_parm.admin_fd = -1;
- (void) signal(SIGPIPE, opipe);
+ signal(SIGPIPE, opipe);
return KADM_NO_CONN; /* XXX */
}
return KADM_SUCCESS;
@@ -142,9 +137,9 @@ kadm_cli_conn()
/* takes in the sess_key and key_schedule and sets them appropriately */
static int
-kadm_cli_keyd(s_k, s_s)
- des_cblock *s_k; /* session key */
- struct des_ks_struct *s_s; /* session key schedule */
+kadm_cli_keyd(des_cblock (*s_k), struct des_ks_struct *s_s)
+ /* session key */
+ /* session key schedule */
{
CREDENTIALS cred; /* to get key data */
int stat;
@@ -153,10 +148,10 @@ kadm_cli_keyd(s_k, s_s)
if ((stat = krb_get_cred(client_parm.sname, client_parm.sinst,
client_parm.krbrlm, &cred)))
return stat + krb_err_base;
- bcopy((char *) cred.session, (char *) s_k, sizeof(des_cblock));
- bzero((char *) cred.session, sizeof(des_cblock));
+ memcpy(s_k, cred.session, sizeof(des_cblock));
+ memset(cred.session, 0, sizeof(des_cblock));
#ifdef NOENCRYPTION
- bzero(s_s, sizeof(des_key_schedule));
+ memset(s_s, 0, sizeof(des_key_schedule));
#else
if ((stat = des_key_sched(s_k,s_s)))
return(stat+krb_err_base);
@@ -165,43 +160,40 @@ kadm_cli_keyd(s_k, s_s)
} /* This code "works" */
static int
-kadm_cli_out(dat, dat_len, ret_dat, ret_siz)
- u_char *dat;
- int dat_len;
- u_char **ret_dat;
- int *ret_siz;
+kadm_cli_out(u_char *dat, int dat_len, u_char **ret_dat, int *ret_siz)
{
- u_short dlen;
+ u_int16_t dlen;
int retval;
+ char tmp[4];
- dlen = (u_short) dat_len;
+ dlen = (u_int16_t) dat_len;
if (dat_len != (int)dlen)
return (KADM_NO_ROOM);
- dlen = htons(dlen);
- if (krb_net_write(client_parm.admin_fd, (char *) &dlen,
- sizeof(u_short)) < 0)
- return (errno); /* XXX */
+ tmp[0] = (dlen >> 8) & 0xff;
+ tmp[1] = dlen & 0xff;
+ if (krb_net_write(client_parm.admin_fd, tmp, 2) != 2)
+ return (errno); /* XXX */
if (krb_net_write(client_parm.admin_fd, (char *) dat, dat_len) < 0)
return (errno); /* XXX */
- if ((retval = krb_net_read(client_parm.admin_fd, (char *) &dlen,
- sizeof(u_short)) != sizeof(u_short))) {
+
+ if ((retval = krb_net_read(client_parm.admin_fd, tmp, 2)) != 2){
if (retval < 0)
return(errno); /* XXX */
else
return(EPIPE); /* short read ! */
}
+ dlen = (tmp[0] << 8) | tmp[1];
- dlen = ntohs(dlen);
*ret_dat = (u_char *)malloc((unsigned)dlen);
if (!*ret_dat)
return(KADM_NOMEM);
- if ((retval = krb_net_read(client_parm.admin_fd, (char *) *ret_dat,
- (int) dlen) != dlen)) {
+ if ((retval = krb_net_read(client_parm.admin_fd, *ret_dat,
+ dlen) != dlen)) {
if (retval < 0)
return(errno); /* XXX */
else
@@ -230,11 +222,11 @@ kadm_cli_out(dat, dat_len, ret_dat, ret_siz)
* then it sends the data and waits for a reply.
*/
static int
-kadm_cli_send(st_dat, st_siz, ret_dat, ret_siz)
- u_char *st_dat; /* the actual data */
- int st_siz; /* length of said data */
- u_char **ret_dat; /* to give return info */
- int *ret_siz; /* length of returned info */
+kadm_cli_send(u_char *st_dat, int st_siz, u_char **ret_dat, int *ret_siz)
+ /* the actual data */
+ /* length of said data */
+ /* to give return info */
+ /* length of returned info */
{
int act_len, retdat; /* current offset into packet, return
* data */
@@ -247,11 +239,11 @@ kadm_cli_send(st_dat, st_siz, ret_dat, ret_siz)
u_char *return_dat;
act_st = (u_char *) malloc(KADM_VERSIZE); /* verstr stored first */
- (void) strncpy((char *)act_st, KADM_VERSTR, KADM_VERSIZE);
+ strncpy((char *)act_st, KADM_VERSTR, KADM_VERSIZE);
act_len = KADM_VERSIZE;
- if ((retdat = kadm_cli_keyd((des_cblock *)&sess_key, sess_sched)) != KADM_SUCCESS) {
- free((char *)act_st);
+ if ((retdat = kadm_cli_keyd(&sess_key, sess_sched)) != KADM_SUCCESS) {
+ free(act_st);
return retdat; /* couldnt get key working */
}
priv_pak = (u_char *) malloc((unsigned)(st_siz + 200));
@@ -273,40 +265,37 @@ kadm_cli_send(st_dat, st_siz, ret_dat, ret_siz)
&sess_key);
#endif
if ((retdat = krb_mk_req(&authent, client_parm.sname, client_parm.sinst,
- client_parm.krbrlm, (long)cksum))) {
+ client_parm.krbrlm, cksum))) {
/* authenticator? */
RET_N_FREE(retdat + krb_err_base);
}
- act_st = (u_char *) realloc((char *) act_st,
- (unsigned) (act_len + authent.length
- + priv_len));
+ act_st = (u_char *) realloc(act_st,
+ act_len + authent.length + priv_len);
if (!act_st) {
clear_secrets();
- free((char *)priv_pak);
+ free(priv_pak);
return(KADM_NOMEM);
}
- bcopy((char *) authent.dat, (char *) act_st + act_len, authent.length);
- bcopy((char *) priv_pak, (char *) act_st + act_len + authent.length,
- priv_len);
- free((char *)priv_pak);
+ memcpy((char *)act_st + act_len, authent.dat, authent.length);
+ memcpy((char *)act_st + act_len + authent.length, priv_pak, priv_len);
+ free(priv_pak);
if ((retdat = kadm_cli_out(act_st,
act_len + authent.length + priv_len,
ret_dat, ret_siz)) != KADM_SUCCESS)
RET_N_FREE(retdat);
- free((char *)act_st);
-#define RET_N_FREE2(r) {free((char *)*ret_dat); clear_secrets(); return(r);}
+ free(act_st);
+#define RET_N_FREE2(r) {free(*ret_dat); clear_secrets(); return(r);}
/* first see if it's a YOULOUSE */
if ((*ret_siz >= KADM_VERSIZE) &&
!strncmp(KADM_ULOSE, (char *)*ret_dat, KADM_VERSIZE)) {
- u_int32_t errcode;
+ unsigned char *p;
/* it's a youlose packet */
- if (*ret_siz < KADM_VERSIZE + sizeof(u_int32_t))
+ if (*ret_siz < KADM_VERSIZE + 4)
RET_N_FREE2(KADM_BAD_VER);
- bcopy((char *)(*ret_dat) + KADM_VERSIZE, (char *)&errcode,
- sizeof(u_int32_t));
- retdat = (int) ntohl(errcode);
+ p = (*ret_dat)+KADM_VERSIZE;
+ retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
RET_N_FREE2(retdat);
}
/* need to decode the ret_dat */
@@ -320,39 +309,42 @@ kadm_cli_send(st_dat, st_siz, ret_dat, ret_siz)
if (strncmp((char *)mdat.app_data, KADM_VERSTR, KADM_VERSIZE))
/* bad version */
RET_N_FREE2(KADM_BAD_VER);
- bcopy((char *)mdat.app_data+KADM_VERSIZE,
- (char *)&retdat, sizeof(u_int32_t));
- retdat = ntohl((u_int32_t)retdat);
- if (!(return_dat = (u_char *)malloc((unsigned)(mdat.app_length -
- KADM_VERSIZE - sizeof(u_int32_t)))))
+ {
+ unsigned char *p = mdat.app_data+KADM_VERSIZE;
+ retdat = (p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3];
+ }
+ {
+ int s=mdat.app_length - KADM_VERSIZE - 4;
+ if(s<=0) s=1;
+ if (!(return_dat = (u_char *)malloc(s)))
RET_N_FREE2(KADM_NOMEM);
- bcopy((char *) mdat.app_data + KADM_VERSIZE + sizeof(u_int32_t),
- (char *)return_dat,
- (int)mdat.app_length - KADM_VERSIZE - sizeof(u_int32_t));
- free((char *)*ret_dat);
+ }
+ memcpy(return_dat,
+ (char *) mdat.app_data + KADM_VERSIZE + 4,
+ mdat.app_length - KADM_VERSIZE - 4);
+ free(*ret_dat);
clear_secrets();
*ret_dat = return_dat;
- *ret_siz = mdat.app_length - KADM_VERSIZE - sizeof(u_int32_t);
+ *ret_siz = mdat.app_length - KADM_VERSIZE - 4;
return retdat;
}
-/*
- * kadm_change_pw
- * recieves : key
+
+
+/*
+ * kadm_change_pw_plain
+ *
+ * see kadm_change_pw
*
- * Replaces the password (i.e. des key) of the caller with that specified in
- * key. Returns no actual data from the master server, since this is called
- * by a user
*/
-int
-kadm_change_pw(newkey)
- unsigned char *newkey; /* The DES form of the users key */
+int kadm_change_pw_plain(unsigned char *newkey, char *password, char **pw_msg)
{
int stsize, retc; /* stream size and return code */
u_char *send_st; /* send stream */
u_char *ret_st;
int ret_sz;
- u_int32_t keytmp;
+ int status;
+ static char msg[128];
if ((retc = kadm_cli_conn()) != KADM_SUCCESS)
return(retc);
@@ -364,24 +356,57 @@ kadm_change_pw(newkey)
/* change key to stream */
- bcopy((char *) (((long *) newkey) + 1), (char *) &keytmp, 4);
- keytmp = htonl(keytmp);
- stsize += vts_long(keytmp, &send_st, stsize);
-
- bcopy((char *) newkey, (char *) &keytmp, 4);
- keytmp = htonl(keytmp);
- stsize += vts_long(keytmp, &send_st, stsize);
+ send_st = realloc(send_st, stsize + 8);
+ memcpy(send_st + stsize + 4, newkey, 4); /* yes, this is backwards */
+ memcpy(send_st + stsize, newkey + 4, 4);
+ stsize += 8;
+ if(password && *password)
+ stsize += vts_string(password, &send_st, stsize);
+
retc = kadm_cli_send(send_st, stsize, &ret_st, &ret_sz);
- free((char *)send_st);
- if (retc == KADM_SUCCESS) {
- free((char *)ret_st);
+ free(send_st);
+
+ if(retc != KADM_SUCCESS){
+ status = stv_string(ret_st, msg, 0, sizeof(msg), ret_sz);
+ if(status<0)
+ msg[0]=0;
+ *pw_msg=msg;
}
+
+ if (ret_st)
+ free(ret_st);
+
kadm_cli_disconn();
return(retc);
}
/*
+ * This function is here for compatibility with CNS
+ */
+
+int kadm_change_pw2(unsigned char *newkey, char *password, char **pw_msg)
+{
+ return kadm_change_pw_plain (newkey, password, pw_msg);
+}
+
+
+/*
+ * kadm_change_pw
+ * recieves : key
+ *
+ * Replaces the password (i.e. des key) of the caller with that specified in
+ * key. Returns no actual data from the master server, since this is called
+ * by a user
+ */
+
+int kadm_change_pw(unsigned char *newkey)
+{
+ char *pw_msg;
+ return kadm_change_pw_plain(newkey, "", &pw_msg);
+}
+
+/*
* kadm_add
* receives : vals
* returns : vals
@@ -391,8 +416,7 @@ kadm_change_pw(newkey)
* the default values they are set to
*/
int
-kadm_add(vals)
- Kadm_vals *vals;
+kadm_add(Kadm_vals *vals)
{
u_char *st, *st2; /* st will hold the stream of values */
int st_len; /* st2 the final stream with opcode */
@@ -405,15 +429,15 @@ kadm_add(vals)
st_len = vals_to_stream(vals, &st);
st2 = (u_char *) malloc((unsigned)(1 + st_len));
*st2 = (u_char) ADD_ENT; /* here's the opcode */
- bcopy((char *) st, (char *) st2 + 1, st_len); /* append st on */
+ memcpy((char *) st2 + 1, st, st_len); /* append st on */
retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz);
- free((char *)st);
- free((char *)st2);
+ free(st);
+ free(st2);
if (retc == KADM_SUCCESS) {
/* ret_st has vals */
if (stream_to_vals(ret_st, vals, ret_sz) < 0)
retc = KADM_LENGTH_ERROR;
- free((char *)ret_st);
+ free(ret_st);
}
kadm_cli_disconn();
return(retc);
@@ -429,9 +453,7 @@ kadm_add(vals)
* second values. returns the values for the changed entries in vals2
*/
int
-kadm_mod(vals1, vals2)
- Kadm_vals *vals1;
- Kadm_vals *vals2;
+kadm_mod(Kadm_vals *vals1, Kadm_vals *vals2)
{
u_char *st, *st2; /* st will hold the stream of values */
int st_len, nlen; /* st2 the final stream with opcode */
@@ -447,24 +469,48 @@ kadm_mod(vals1, vals2)
st_len = vals_to_stream(vals1, &st);
st2 = (u_char *) malloc((unsigned)(1 + st_len));
*st2 = (u_char) MOD_ENT; /* here's the opcode */
- bcopy((char *) st, (char *) st2 + 1, st_len++); /* append st on */
- free((char *)st);
+ memcpy((char *)st2 + 1, st, st_len++); /* append st on */
+ free(st);
nlen = vals_to_stream(vals2, &st);
st2 = (u_char *) realloc((char *) st2, (unsigned)(st_len + nlen));
- bcopy((char *) st, (char *) st2 + st_len, nlen); /* append st on */
+ memcpy((char *) st2 + st_len, st, nlen); /* append st on */
retc = kadm_cli_send(st2, st_len + nlen, &ret_st, &ret_sz);
- free((char *)st);
- free((char *)st2);
+ free(st);
+ free(st2);
if (retc == KADM_SUCCESS) {
/* ret_st has vals */
if (stream_to_vals(ret_st, vals2, ret_sz) < 0)
retc = KADM_LENGTH_ERROR;
- free((char *)ret_st);
+ free(ret_st);
}
kadm_cli_disconn();
return(retc);
}
+
+int
+kadm_del(Kadm_vals *vals)
+{
+ unsigned char *st, *st2; /* st will hold the stream of values */
+ int st_len; /* st2 the final stream with opcode */
+ int retc; /* return code from call */
+ u_char *ret_st;
+ int ret_sz;
+
+ if ((retc = kadm_cli_conn()) != KADM_SUCCESS)
+ return(retc);
+ st_len = vals_to_stream(vals, &st);
+ st2 = (unsigned char *) malloc(st_len + 1);
+ *st2 = DEL_ENT; /* here's the opcode */
+ memcpy(st2 + 1, st, st_len); /* append st on */
+ retc = kadm_cli_send(st2, st_len + 1, &ret_st, &ret_sz);
+ free(st);
+ free(st2);
+ kadm_cli_disconn();
+ return(retc);
+}
+
+
/*
* kadm_get
* receives : KTEXT, {values, flags}
@@ -476,9 +522,7 @@ kadm_mod(vals1, vals2)
* matches there were
*/
int
-kadm_get(vals, fl)
- Kadm_vals *vals;
- u_char *fl;
+kadm_get(Kadm_vals *vals, u_char *fl)
{
int loop; /* for copying the fields data */
u_char *st, *st2; /* st will hold the stream of values */
@@ -492,17 +536,17 @@ kadm_get(vals, fl)
st_len = vals_to_stream(vals, &st);
st2 = (u_char *) malloc((unsigned)(1 + st_len + FLDSZ));
*st2 = (u_char) GET_ENT; /* here's the opcode */
- bcopy((char *) st, (char *) st2 + 1, st_len); /* append st on */
+ memcpy((char *)st2 + 1, st, st_len); /* append st on */
for (loop = FLDSZ - 1; loop >= 0; loop--)
*(st2 + st_len + FLDSZ - loop) = fl[loop]; /* append the flags */
retc = kadm_cli_send(st2, st_len + 1 + FLDSZ, &ret_st, &ret_sz);
- free((char *)st);
- free((char *)st2);
+ free(st);
+ free(st2);
if (retc == KADM_SUCCESS) {
/* ret_st has vals */
if (stream_to_vals(ret_st, vals, ret_sz) < 0)
retc = KADM_LENGTH_ERROR;
- free((char *)ret_st);
+ free(ret_st);
}
kadm_cli_disconn();
return(retc);
diff --git a/kerberosIV/kadm/kadm_err.et b/kerberosIV/kadm/kadm_err.et
index fb1c47dbdf6..450d2f6e5db 100644
--- a/kerberosIV/kadm/kadm_err.et
+++ b/kerberosIV/kadm/kadm_err.et
@@ -1,5 +1,6 @@
-# $Id: kadm_err.et,v 1.1 1995/12/14 06:52:45 tholo Exp $
-
+# $OpenBSD: kadm_err.et,v 1.2 1997/12/01 04:46:58 art Exp $
+# $KTH: kadm_err.et,v 1.4 1996/06/12 08:01:34 bg Exp $
+#
# Copyright 1988 by the Massachusetts Institute of Technology.
#
# For copying and distribution information, please see the file
@@ -11,7 +12,7 @@
# KADM_SUCCESS, as all success codes should be, is zero
-ec KADM_RCSID, "$Header: /cvs/OpenBSD/src/kerberosIV/kadm/Attic/kadm_err.et,v 1.1 1995/12/14 06:52:45 tholo Exp $"
+ec KADM_RCSID, "$Header: /cvs/OpenBSD/src/kerberosIV/kadm/Attic/kadm_err.et,v 1.2 1997/12/01 04:46:58 art Exp $"
# /* Building and unbuilding the packet errors */
ec KADM_NO_REALM, "Cannot fetch local realm"
ec KADM_NO_CRED, "Unable to fetch credentials"
@@ -49,4 +50,10 @@ ec KADM_LENGTH_ERROR, "Length mismatch problem"
ec KADM_ILL_WILDCARD, "Illegal use of wildcard"
ec KADM_DB_INUSE, "Database is locked or in use--try again later"
+
+ec KADM_INSECURE_PW, "Insecure password rejected"
+ec KADM_PW_MISMATCH, "Cleartext password and DES key did not match"
+
+ec KADM_NOT_SERV_PRINC, "Invalid principal for change srvtab request"
+ec KADM_IMMUTABLE, "Attempt do delete immutable principal"
end
diff --git a/kerberosIV/kadm/kadm_local.h b/kerberosIV/kadm/kadm_local.h
index 4c7d9fe99ac..829f43c5444 100644
--- a/kerberosIV/kadm/kadm_local.h
+++ b/kerberosIV/kadm/kadm_local.h
@@ -1,4 +1,4 @@
-/* $Id: kadm_local.h,v 1.2 1997/06/29 10:56:14 provos Exp $ */
+/* $Id: kadm_local.h,v 1.3 1997/12/01 04:46:59 art Exp $ */
#include <stdio.h>
#include <stdlib.h>
@@ -8,6 +8,7 @@
#include <time.h>
#include <errno.h>
+#include <sys/types.h>
#include <sys/socket.h>
#include <sys/param.h>
#include <netinet/in.h>
diff --git a/kerberosIV/kadm/kadm_stream.c b/kerberosIV/kadm/kadm_stream.c
index 50aae668868..e06d0fefd0a 100644
--- a/kerberosIV/kadm/kadm_stream.c
+++ b/kerberosIV/kadm/kadm_stream.c
@@ -1,24 +1,25 @@
-/* $Id: kadm_stream.c,v 1.1 1995/12/14 06:52:45 tholo Exp $ */
+/* $KTH: kadm_stream.c,v 1.11 1997/05/02 10:28:05 joda Exp $ */
-/*-
- * Copyright (C) 1989 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
+/*
+ Copyright (C) 1989 by the Massachusetts Institute of Technology
+
+ Export of this software from the United States of America is assumed
+ to require a specific license from the United States Government.
+ It is the responsibility of any person or organization contemplating
+ export to obtain such a license before exporting.
+
+WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+distribute this software and its documentation for any purpose and
+without fee is hereby granted, provided that the above copyright
+notice appear in all copies and that both that copyright notice and
+this permission notice appear in supporting documentation, and that
+the name of M.I.T. not be used in advertising or publicity pertaining
+to distribution of the software without specific, written prior
+permission. M.I.T. makes no representations about the suitability of
+this software for any purpose. It is provided "as is" without express
+or implied warranty.
+
+ */
/*
* Stream conversion functions for Kerberos administration server
@@ -36,96 +37,107 @@
fatal: prints out a kadm fatal error message, exits
*/
-#include "kadm_local.h"
-
-#define min(a,b) (((a) < (b)) ? (a) : (b))
+#include "kadm_locl.h"
static int
-build_field_header(cont, st)
- u_char *cont; /* container for fields data */
- u_char **st; /* stream */
+build_field_header(u_char *cont, u_char **st)
+ /* container for fields data */
+ /* stream */
{
*st = (u_char *) malloc (4);
- bcopy((char *) cont, (char *) *st, 4);
+ memcpy(*st, cont, 4);
return 4; /* return pointer to current stream location */
}
static int
-check_field_header(st, cont, maxlen)
- u_char *st; /* stream */
- u_char *cont; /* container for fields data */
- int maxlen;
+check_field_header(u_char *st, u_char *cont, int maxlen)
+ /* stream */
+ /* container for fields data */
+
{
if (4 > maxlen)
return(-1);
- bcopy((char *) st, (char *) cont, 4);
+ memcpy(cont, st, 4);
return 4; /* return pointer to current stream location */
}
-static int
-vts_string(dat, st, loc)
- char *dat; /* a string to put on the stream */
- u_char **st; /* base pointer to the stream */
- int loc; /* offset into the stream for current data */
+int
+vts_string(char *dat, u_char **st, int loc)
+ /* a string to put on the stream */
+ /* base pointer to the stream */
+ /* offset into the stream for current data */
{
- *st = (u_char *) realloc ((char *)*st, (unsigned) (loc + strlen(dat) + 1));
- bcopy(dat, (char *)(*st + loc), strlen(dat)+1);
+ *st = (u_char *) realloc (*st, (unsigned) (loc + strlen(dat) + 1));
+ memcpy(*st + loc, dat, strlen(dat)+1);
return strlen(dat)+1;
}
static int
-vts_short(dat, st, loc)
- u_int16_t dat; /* the attributes field */
- u_char **st; /* a base pointer to the stream */
- int loc; /* offset into the stream for current data */
+vts_short(u_int16_t dat, u_char **st, int loc)
+ /* the attributes field */
+ /* a base pointer to the stream */
+ /* offset into the stream for current data */
{
- u_int16_t temp; /* to hold the net order short */
-
- temp = htons(dat); /* convert to network order */
- *st = (u_char *) realloc ((char *)*st, (unsigned)(loc + sizeof(u_int16_t)));
- bcopy((char *) &temp, (char *)(*st + loc), sizeof(u_int16_t));
- return sizeof(u_int16_t);
+ unsigned char *p;
+ p = realloc(*st, loc + 2);
+ if(p == NULL){
+ abort();
+ }
+ p[loc] = (dat >> 8) & 0xff;
+ p[loc+1] = dat & 0xff;
+ *st = p;
+ return 2;
}
static int
-vts_char(dat, st, loc)
- u_char dat; /* the attributes field */
- u_char **st; /* a base pointer to the stream */
- int loc; /* offset into the stream for current data */
+vts_char(u_char dat, u_char **st, int loc)
+ /* the attributes field */
+ /* a base pointer to the stream */
+ /* offset into the stream for current data */
{
- *st = (u_char *) realloc ((char *)*st, (unsigned)(loc + sizeof(u_char)));
- (*st)[loc] = (u_char) dat;
- return 1;
+ unsigned char *p = realloc(*st, loc + 1);
+ if(p == NULL){
+ abort();
+ }
+ p[loc] = dat;
+ *st = p;
+ return 1;
}
int
-vts_long(dat, st, loc)
- u_int32_t dat; /* the attributes field */
- u_char **st; /* a base pointer to the stream */
- int loc; /* offset into the stream for current data */
+vts_long(u_int32_t dat, u_char **st, int loc)
+ /* the attributes field */
+ /* a base pointer to the stream */
+ /* offset into the stream for current data */
{
- u_int32_t temp; /* to hold the net order short */
-
- temp = htonl(dat); /* convert to network order */
- *st = (u_char *) realloc ((char *)*st, (unsigned)(loc + sizeof(u_int32_t)));
- bcopy((char *) &temp, (char *)(*st + loc), sizeof(u_int32_t));
- return sizeof(u_int32_t);
+ unsigned char *p = realloc(*st, loc + 4);
+ if(p == NULL){
+ abort();
+ }
+ p[loc] = (dat >> 24) & 0xff;
+ p[loc+1] = (dat >> 16) & 0xff;
+ p[loc+2] = (dat >> 8) & 0xff;
+ p[loc+3] = dat & 0xff;
+ *st = p;
+ return 4;
}
-static int
-stv_string(st, dat, loc, stlen, maxlen)
- register u_char *st; /* base pointer to the stream */
- char *dat; /* a string to read from the stream */
- register int loc; /* offset into the stream for current data */
- int stlen; /* max length of string to copy in */
- int maxlen; /* max length of input stream */
+int
+stv_string(u_char *st, /* base pointer to the stream */
+ char *dat, /* a string to read from the stream */
+ int loc, /* offset into the stream for current data */
+ int stlen, /* max length of string to copy in */
+ int maxlen) /* max length of input stream */
{
int maxcount; /* max count of chars to copy */
maxcount = min(maxlen - loc, stlen);
- (void) strncpy(dat, (char *)st + loc, maxcount);
+ if(maxcount <= 0)
+ return -1;
+
+ strncpy(dat, (char *)st + loc, maxcount);
if (dat[maxcount-1]) /* not null-term --> not enuf room */
return(-1);
@@ -133,49 +145,44 @@ stv_string(st, dat, loc, stlen, maxlen)
}
static int
-stv_short(st, dat, loc, maxlen)
- u_char *st; /* a base pointer to the stream */
- u_int16_t *dat; /* the attributes field */
- int loc; /* offset into the stream for current data */
- int maxlen;
+stv_short(u_char *st, u_int16_t *dat, int loc, int maxlen)
+ /* a base pointer to the stream */
+ /* the attributes field */
+ /* offset into the stream for current data */
+
{
- u_int16_t temp; /* to hold the net order short */
-
- if (loc + sizeof(temp) > maxlen)
- return(-1);
- /*bcopy((char *)((u_long)st+(u_long)loc), (char *) &temp, sizeof(u_short));*/
- bcopy(st + loc, (char *) &temp, sizeof(temp));
- *dat = ntohs(temp); /* convert to network order */
- return sizeof(temp);
+ if (maxlen - loc < 2)
+ return -1;
+
+ *dat = (st[loc] << 8) | st[loc + 1];
+ return 2;
}
int
-stv_long(st, dat, loc, maxlen)
- u_char *st; /* a base pointer to the stream */
- u_int32_t *dat; /* the attributes field */
- int loc; /* offset into the stream for current data */
- int maxlen; /* maximum length of st */
+stv_long(u_char *st, u_int32_t *dat, int loc, int maxlen)
+ /* a base pointer to the stream */
+ /* the attributes field */
+ /* offset into the stream for current data */
+ /* maximum length of st */
{
- u_int32_t temp; /* to hold the net order short */
-
- if (loc + sizeof(temp) > maxlen)
- return(-1);
- /*bcopy((char *)((u_long)st+(u_long)loc), (char *) &temp, sizeof(u_long));*/
- bcopy(st + loc, (char *) &temp, sizeof(temp));
- *dat = ntohl(temp); /* convert to network order */
- return sizeof(temp);
+ if (maxlen - loc < 4)
+ return -1;
+
+ *dat = (st[loc] << 24) | (st[loc+1] << 16) | (st[loc+2] << 8) | st[loc+3];
+ return 4;
}
static int
-stv_char(st, dat, loc, maxlen)
- u_char *st; /* a base pointer to the stream */
- u_char *dat; /* the attributes field */
- int loc; /* offset into the stream for current data */
- int maxlen;
+stv_char(u_char *st, u_char *dat, int loc, int maxlen)
+ /* a base pointer to the stream */
+ /* the attributes field */
+ /* offset into the stream for current data */
+
{
- if (loc + 1 > maxlen)
- return(-1);
- *dat = *(st + loc);
+ if (maxlen - loc < 1)
+ return -1;
+
+ *dat = st[loc];
return 1;
}
@@ -187,9 +194,7 @@ vals_to_stream
this function creates a byte-stream representation of the kadm_vals structure
*/
int
-vals_to_stream(dt_in, dt_out)
- Kadm_vals *dt_in;
- u_char **dt_out;
+vals_to_stream(Kadm_vals *dt_in, u_char **dt_out)
{
int vsloop, stsize; /* loop counter, stream size */
@@ -231,15 +236,15 @@ stream_to_vals
this decodes a byte stream represntation of a vals struct into kadm_vals
*/
int
-stream_to_vals(dt_in, dt_out, maxlen)
- u_char *dt_in;
- Kadm_vals *dt_out;
- int maxlen; /* max length to use */
+stream_to_vals(u_char *dt_in, Kadm_vals *dt_out, int maxlen)
+
+
+ /* max length to use */
{
- register int vsloop, stsize; /* loop counter, stream size */
- register int status;
+ int vsloop, stsize; /* loop counter, stream size */
+ int status;
- bzero((char *) dt_out, sizeof(*dt_out));
+ memset(dt_out, 0, sizeof(*dt_out));
stsize = check_field_header(dt_in, dt_out->fields, maxlen);
if (stsize < 0)
diff --git a/kerberosIV/kadm/kadm_supp.c b/kerberosIV/kadm/kadm_supp.c
index 8882b06d422..4a771ff5fca 100644
--- a/kerberosIV/kadm/kadm_supp.c
+++ b/kerberosIV/kadm/kadm_supp.c
@@ -1,24 +1,25 @@
-/* $Id: kadm_supp.c,v 1.1 1995/12/14 06:52:46 tholo Exp $ */
+/* $KTH: kadm_supp.c,v 1.8 1997/05/02 10:27:58 joda Exp $ */
-/*-
- * Copyright (C) 1989 by the Massachusetts Institute of Technology
- *
- * Export of this software from the United States of America is assumed
- * to require a specific license from the United States Government.
- * It is the responsibility of any person or organization contemplating
- * export to obtain such a license before exporting.
- *
- * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
- * distribute this software and its documentation for any purpose and
- * without fee is hereby granted, provided that the above copyright
- * notice appear in all copies and that both that copyright notice and
- * this permission notice appear in supporting documentation, and that
- * the name of M.I.T. not be used in advertising or publicity pertaining
- * to distribution of the software without specific, written prior
- * permission. M.I.T. makes no representations about the suitability of
- * this software for any purpose. It is provided "as is" without express
- * or implied warranty.
- */
+/*
+ Copyright (C) 1989 by the Massachusetts Institute of Technology
+
+ Export of this software from the United States of America is assumed
+ to require a specific license from the United States Government.
+ It is the responsibility of any person or organization contemplating
+ export to obtain such a license before exporting.
+
+WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+distribute this software and its documentation for any purpose and
+without fee is hereby granted, provided that the above copyright
+notice appear in all copies and that both that copyright notice and
+this permission notice appear in supporting documentation, and that
+the name of M.I.T. not be used in advertising or publicity pertaining
+to distribution of the software without specific, written prior
+permission. M.I.T. makes no representations about the suitability of
+this software for any purpose. It is provided "as is" without express
+or implied warranty.
+
+ */
/*
* Support functions for Kerberos administration server & clients
@@ -34,52 +35,39 @@
structure
*/
-#include "kadm_local.h"
+#include "kadm_locl.h"
/*
prin_vals:
recieves : a vals structure
*/
void
-prin_vals(vals)
- Kadm_vals *vals;
+prin_vals(Kadm_vals *vals)
{
printf("Info in Database for %s.%s:\n", vals->name, vals->instance);
printf(" Max Life: %d (%s) Exp Date: %s\n",
vals->max_life,
krb_life_to_atime(vals->max_life),
asctime(k_localtime(&vals->exp_date)));
- printf(" Attribs: %.2x key: %lu %lu\n",
+ printf(" Attribs: %.2x key: %#lx %#lx\n",
vals->attributes,
(long)vals->key_low, (long)vals->key_high);
}
-#ifdef notdef
-nierror(s)
-int s;
-{
- printf("Kerberos admin server loses..... %s\n",error_message(s));
- return(s);
-}
-#endif
-
/* kadm_prin_to_vals takes a fields arguments, a Kadm_vals and a Principal,
it copies the fields in Principal specified by fields into Kadm_vals,
i.e from old to new */
void
-kadm_prin_to_vals(fields, new, old)
- u_char *fields;
- Kadm_vals *new;
- Principal *old;
+kadm_prin_to_vals(u_char *fields, Kadm_vals *new, Principal *old)
{
- bzero((char *)new, sizeof(*new));
+ memset(new, 0, sizeof(*new));
if (IS_FIELD(KADM_NAME,fields)) {
- (void) strncpy(new->name, old->name, ANAME_SZ);
+ strncpy(new->name, old->name, ANAME_SZ);
SET_FIELD(KADM_NAME, new->fields);
}
if (IS_FIELD(KADM_INST,fields)) {
- (void) strncpy(new->instance, old->instance, INST_SZ);
+ strncpy(new->instance, old->instance, INST_SZ);
SET_FIELD(KADM_INST, new->fields);
}
if (IS_FIELD(KADM_EXPDATE,fields)) {
@@ -102,17 +90,14 @@ kadm_prin_to_vals(fields, new, old)
}
void
-kadm_vals_to_prin(fields, new, old)
- u_char *fields;
- Principal *new;
- Kadm_vals *old;
+kadm_vals_to_prin(u_char *fields, Principal *new, Kadm_vals *old)
{
- bzero((char *)new, sizeof(*new));
+ memset(new, 0, sizeof(*new));
if (IS_FIELD(KADM_NAME,fields))
- (void) strncpy(new->name, old->name, ANAME_SZ);
+ strncpy(new->name, old->name, ANAME_SZ);
if (IS_FIELD(KADM_INST,fields))
- (void) strncpy(new->instance, old->instance, INST_SZ);
+ strncpy(new->instance, old->instance, INST_SZ);
if (IS_FIELD(KADM_EXPDATE,fields))
new->exp_date = old->exp_date;
if (IS_FIELD(KADM_ATTR,fields))
diff --git a/kerberosIV/kadm/shlib_version b/kerberosIV/kadm/shlib_version
index d9961ea9fef..3066b9771e7 100644
--- a/kerberosIV/kadm/shlib_version
+++ b/kerberosIV/kadm/shlib_version
@@ -1,2 +1,2 @@
-major=4
+major=5
minor=0