src - OpenBSD base system

diff options


context:
space:
mode:

author	Artur Grabowski <art@cvs.openbsd.org>	1997-12-12 11:29:27 +0000
committer	Artur Grabowski <art@cvs.openbsd.org>	1997-12-12 11:29:27 +0000
commit	390045d41f0f925904ec89d6771a384ac0bebdb5 (patch)
tree	ec00f7265ef398de9be021f15d518de352ac2ac3 /kerberosIV/kdb
parent	91fd22b210ba01ba83638017a0cc1750f2aeea5a (diff)

cleanup, check pointers, fix strcpy's, etc.

Diffstat (limited to 'kerberosIV/kdb')

-rw-r--r--

kerberosIV/kdb/copykey.c

-rw-r--r--

kerberosIV/kdb/kdb_locl.h

-rw-r--r--

kerberosIV/kdb/krb_cache.c

-rw-r--r--

kerberosIV/kdb/krb_dbm.c

-rw-r--r--

kerberosIV/kdb/krb_kdb_utils.c

286

-rw-r--r--

kerberosIV/kdb/krb_lib.c

-rw-r--r--

kerberosIV/kdb/print_princ.c

7 files changed, 183 insertions, 219 deletions

diff --git a/kerberosIV/kdb/copykey.c b/kerberosIV/kdb/copykey.c
index ba4e89630ac..ad1b703dafa 100644
--- a/kerberosIV/kdb/copykey.c
+++ b/kerberosIV/kdb/copykey.c

@@ -1,3 +1,4 @@

+/* $OpenBSD: copykey.c,v 1.2 1997/12/12 11:29:23 art Exp $ */

/* $KTH: copykey.c,v 1.10 1997/04/01 08:18:17 joda Exp $" */

diff --git a/kerberosIV/kdb/kdb_locl.h b/kerberosIV/kdb/kdb_locl.h
index 815c8ce9440..4bb06dc5c93 100644
--- a/kerberosIV/kdb/kdb_locl.h
+++ b/kerberosIV/kdb/kdb_locl.h

@@ -1,3 +1,4 @@

+/* $OpenBSD: kdb_locl.h,v 1.4 1997/12/12 11:29:23 art Exp $ */

/* $KTH: kdb_locl.h,v 1.9 1997/05/02 14:29:08 assar Exp $ */

diff --git a/kerberosIV/kdb/krb_cache.c b/kerberosIV/kdb/krb_cache.c
index a70a1967f94..d5d2dc74b7c 100644
--- a/kerberosIV/kdb/krb_cache.c
+++ b/kerberosIV/kdb/krb_cache.c

@@ -1,3 +1,4 @@

+/* $OpenBSD: krb_cache.c,v 1.3 1997/12/12 11:29:24 art Exp $ */

/* $KTH: krb_cache.c,v 1.6 1997/05/02 10:27:53 joda Exp $ */

@@ -56,28 +57,28 @@ kerb_cache_get_principal(char *serv, char *inst, Principal *principal, unsigned

/* max number of name structs to return */

{

- int found = 0;

+ int found = 0;

- if (!init)

+ if (init == 0)

kerb_cache_init();

#ifdef DEBUG

if (kerb_debug & 2)

fprintf(stderr, "cache_get_principal for %s %s max = %d\n",

- serv, inst, max);

+ serv, inst, max);

#endif /* DEBUG */

#ifdef DEBUG

if (kerb_debug & 2) {

if (found) {

fprintf(stderr, "cache get %s %s found %s %s sid = %d\n",

- serv, inst, principal->name, principal->instance);

+ serv, inst, principal->name, principal->instance);

} else {

fprintf(stderr, "cache %s %s not found\n", serv,

- inst);

+ inst);

}

#endif

- return (found);

+ return found;

}

@@ -92,10 +93,10 @@ kerb_cache_put_principal(Principal *principal, unsigned int max)

* insert */

{

- u_long i;

- int count = 0;

+ u_long i;

+ int count = 0;

- if (!init)

+ if (init == 0)

kerb_cache_init();

#ifdef DEBUG

@@ -130,28 +131,28 @@ kerb_cache_get_dba(char *serv, char *inst, Dba *dba, unsigned int max)

/* max number of name structs to return */

{

- int found = 0;

+ int found = 0;

- if (!init)

+ if (init == 0)

kerb_cache_init();

#ifdef DEBUG

if (kerb_debug & 2)

fprintf(stderr, "cache_get_dba for %s %s max = %d\n",

- serv, inst, max);

+ serv, inst, max);

#endif

#ifdef DEBUG

if (kerb_debug & 2) {

if (found) {

fprintf(stderr, "cache get %s %s found %s %s sid = %d\n",

- serv, inst, dba->name, dba->instance);

+ serv, inst, dba->name, dba->instance);

} else {

fprintf(stderr, "cache %s %s not found\n", serv, inst);

}

#endif

- return (found);

+ return found;

}

diff --git a/kerberosIV/kdb/krb_dbm.c b/kerberosIV/kdb/krb_dbm.c
index 9f4ab9ba00f..53069bfbdb9 100644
--- a/kerberosIV/kdb/krb_dbm.c
+++ b/kerberosIV/kdb/krb_dbm.c

@@ -1,3 +1,4 @@

+/* $OpenBSD: krb_dbm.c,v 1.6 1997/12/12 11:29:24 art Exp $ */

/* $KTH: krb_dbm.c,v 1.27 1997/05/02 14:29:09 assar Exp $ */

@@ -37,7 +38,7 @@ static int init = 0;

static char default_db_name[] = DBM_FILE;

static char *current_db_name = default_db_name;

-static struct timeval timestamp;/* current time of request */

+static struct timeval timestamp; /* current time of request */

static int non_blocking = 0;

@@ -98,8 +99,6 @@ static int non_blocking = 0;

* Utility routine: generate name of database file.

-static char *gen_dbsuffix (char *db_name, char *sfx);

static char *

gen_dbsuffix(char *db_name, char *sfx)

{

@@ -109,13 +108,14 @@ gen_dbsuffix(char *db_name, char *sfx)

sfx = ".ok";

asprintf (&dbsuffix, "%s%s", db_name, sfx);

+ if (dbsuffix == NULL) { /* This might not be the nest solution */

+ fprintf(stderr, "gen_dbsuffix: not enough memory\n");

+ exit(1);

+ }

return dbsuffix;

}

static void

-decode_princ_key (datum *key, char *name, char *instance);

-static void

decode_princ_key(datum *key, char *name, char *instance)

{

strncpy(name, key->dptr, ANAME_SZ);

@@ -125,9 +125,6 @@ decode_princ_key(datum *key, char *name, char *instance)

}

static void

-encode_princ_contents (datum *contents, Principal *principal);

-static void

encode_princ_contents(datum *contents, Principal *principal)

{

contents->dsize = sizeof(*principal);

@@ -157,9 +154,6 @@ static int mylock = 0;

static int inited = 0;

static int

-kerb_dbl_init (void);

-static int

kerb_dbl_init()

{

if (!inited) {

@@ -171,15 +165,13 @@ kerb_dbl_init()

exit(1);

}

free(filename);

+ filename = NULL;

inited++;

}

- return (0);

+ return 0;

}

static void

-kerb_dbl_fini (void);

-static void

kerb_dbl_fini()

{

close(dblfd);

@@ -189,9 +181,6 @@ kerb_dbl_fini()

}

static int

-kerb_dbl_lock (int mode);

-static int

kerb_dbl_lock(int mode)

{

int flock_mode;

@@ -224,8 +213,6 @@ kerb_dbl_lock(int mode)

return 0;

}

-static void kerb_dbl_unlock (void);

static void

kerb_dbl_unlock()

{

@@ -244,9 +231,6 @@ kerb_dbl_unlock()

}

int

-kerb_db_set_lockmode (int mode);

-int

kerb_db_set_lockmode(int mode)

{

int old = non_blocking;

@@ -259,9 +243,6 @@ kerb_db_set_lockmode(int mode)

int

-kerb_db_init (void);

-int

kerb_db_init()

{

init = 1;

@@ -274,9 +255,6 @@ kerb_db_init()

void

-kerb_db_fini (void);

-void

kerb_db_fini()

{

}

@@ -289,9 +267,6 @@ kerb_db_fini()

int

-kerb_db_set_name (char *name);

-int

kerb_db_set_name(char *name)

{

DBM *db;

@@ -312,9 +287,6 @@ kerb_db_set_name(char *name)

time_t

-kerb_get_db_age (void);

-time_t

kerb_get_db_age()

{

struct stat st;

@@ -329,6 +301,7 @@ kerb_get_db_age()

age = st.st_mtime;

free (okname);

+ okname = NULL;

return age;

}

@@ -341,9 +314,6 @@ kerb_get_db_age()

static time_t

-kerb_start_update (char *db_name);

-static time_t

kerb_start_update(char *db_name)

{

char *okname = gen_dbsuffix(db_name, ".ok");

@@ -354,13 +324,11 @@ kerb_start_update(char *db_name)

age = -1;

}

free (okname);

+ okname = NULL;

return age;

}

static int

-kerb_end_update (char *db_name, time_t age);

-static int

kerb_end_update(char *db_name, time_t age)

{

int fd;

@@ -389,22 +357,19 @@ kerb_end_update(char *db_name, time_t age)

}

free (new_okname);

+ new_okname = NULL;

free (okname);

+ okname = NULL;

return retval;

}

static time_t

-kerb_start_read (void);

-static time_t

kerb_start_read()

{

return kerb_get_db_age();

}

-static int kerb_end_read (time_t age);

static int

kerb_end_read(time_t age)

{

@@ -488,7 +453,9 @@ kerb_db_rename(char *from, char *to)

ok = 1;

}

free (fromdb);

+ fromdb = NULL;

free (todb);

+ todb = NULL;

#else

if ((rename (fromdir, todir) == 0)

&& (rename (frompag, topag) == 0)) {

@@ -496,11 +463,16 @@ kerb_db_rename(char *from, char *to)

ok = 1;

}

free (fromdir);

+ fromdir = NULL;

free (todir);

+ todir = NULL;

free (frompag);

+ frompag = NULL;

free (topag);

+ topag = NULL;

#endif

free (fromok);

+ fromok = NULL;

if (ok)

return kerb_end_update(to, trans);

else

@@ -703,9 +675,6 @@ kerb_db_update(long *db, Principal *principal, unsigned int max)

int

-kerb_db_put_principal (Principal *principal, unsigned int max);

-int

kerb_db_put_principal(Principal *principal,

unsigned max)

@@ -724,9 +693,6 @@ kerb_db_put_principal(Principal *principal,

}

void

-kerb_db_get_stat (DB_stat *s);

-void

kerb_db_get_stat(DB_stat *s)

{

gettimeofday(&timestamp, NULL);

@@ -745,17 +711,11 @@ kerb_db_get_stat(DB_stat *s)

}

void

-kerb_db_put_stat (DB_stat *s);

-void

kerb_db_put_stat(DB_stat *s)

{

}

void

-delta_stat (DB_stat *a, DB_stat *b, DB_stat *c);

-void

delta_stat(DB_stat *a, DB_stat *b, DB_stat *c)

{

/* c = a - b then b = a for the next time */

@@ -772,7 +732,6 @@ delta_stat(DB_stat *a, DB_stat *b, DB_stat *c)

c->n_put_stat = a->n_put_stat - b->n_put_stat;

memcpy(b, a, sizeof(DB_stat));

- return;

}

diff --git a/kerberosIV/kdb/krb_kdb_utils.c b/kerberosIV/kdb/krb_kdb_utils.c
index 55a07352c97..c775a6ba5c6 100644
--- a/kerberosIV/kdb/krb_kdb_utils.c
+++ b/kerberosIV/kdb/krb_kdb_utils.c

@@ -1,3 +1,4 @@

+/* $OpenBSD: krb_kdb_utils.c,v 1.3 1997/12/12 11:29:25 art Exp $ */

/* $KTH: krb_kdb_utils.c,v 1.23 1997/05/02 14:29:10 assar Exp $ */

@@ -41,122 +42,122 @@ static char *master_key_files[] = { MKEYFILE, "/.k", NULL };

int

kdb_new_get_master_key(des_cblock *key, des_key_schedule schedule)

{

- int kfile;

- int i;

- char buf[1024];

- char **mkey;

- for(mkey = master_key_files; *mkey; mkey++){

- kfile = open(*mkey, O_RDONLY);

- if(kfile < 0 && errno != ENOENT)

- fprintf(stderr, "Failed to open master key file \"%s\": %s\n",

- *mkey,

- k_strerror(errno));

- if(kfile >= 0)

- break;

- }

- if(*mkey){

- int bytes;

- bytes = read(kfile, (char*)key, sizeof(des_cblock));

- close(kfile);

- if(bytes == sizeof(des_cblock)){

- des_key_sched(key, schedule);

- return 0;

- }

- fprintf(stderr, "Could only read %d bytes from master key file %s\n",

- bytes, *mkey);

- }else{

- fprintf(stderr, "No master key file found.\n");

- }

+ int kfile;

+ int i;

+ char buf[1024];

+ char **mkey;

+ for(mkey = master_key_files; *mkey; mkey++){

+ kfile = open(*mkey, O_RDONLY);

+ if(kfile < 0 && errno != ENOENT)

+ fprintf(stderr, "Failed to open master key file \"%s\": %s\n",

+ *mkey,

+ k_strerror(errno));

+ if(kfile >= 0)

+ break;

+ }

+ if(*mkey != NULL){

+ int bytes;

+ bytes = read(kfile, (char*)key, sizeof(des_cblock));

+ close(kfile);

+ if(bytes == sizeof(des_cblock)){

+ des_key_sched(key, schedule);

+ return 0;

+ }

+ fprintf(stderr, "Could only read %d bytes from master key file %s\n",

+ bytes, *mkey);

+ }else{

+ fprintf(stderr, "No master key file found.\n");

+ }

- i=0;

- while(i < 3){

- if(des_read_pw_string(buf, sizeof(buf), "Enter master password: ", 0))

- break;

- /* buffer now contains either an old format master key password or a

- * new format base64 encoded master key

- */

+ i=0;

+ while(i < 3){

+ if(des_read_pw_string(buf, sizeof(buf), "Enter master password: ", 0))

+ break;

+ /* buffer now contains either an old format master key password or a

+ * new format base64 encoded master key

+ */

- /* try to verify as old password */

- des_string_to_key(buf, key);

- des_key_sched(key, schedule);

+ /* try to verify as old password */

+ des_string_to_key(buf, key);

+ des_key_sched(key, schedule);

- if(kdb_verify_master_key(key, schedule, NULL) != -1){

- memset(buf, 0, sizeof(buf));

- return 0;

- }

+ if(kdb_verify_master_key(key, schedule, NULL) != -1){

+ memset(buf, 0, sizeof(buf));

+ return 0;

+ }

- /* failed test, so must be base64 encoded */

+ /* failed test, so must be base64 encoded */

- if(base64_decode(buf, key) == 8){

- des_key_sched(key, schedule);

- if(kdb_verify_master_key(key, schedule, NULL) != -1){

- memset(buf, 0, sizeof(buf));

- return 0;

- }

+ if(base64_decode(buf, key) == 8){

+ des_key_sched(key, schedule);

+ if(kdb_verify_master_key(key, schedule, NULL) != -1){

+ memset(buf, 0, sizeof(buf));

+ return 0;

+ }

- memset(buf, 0, sizeof(buf));

- fprintf(stderr, "Failed to verify master key.\n");

- i++;

- }

+ memset(buf, 0, sizeof(buf));

+ fprintf(stderr, "Failed to verify master key.\n");

+ i++;

+ }

- /* life sucks */

- fprintf(stderr, "You loose.\n");

- exit(1);

+ /* life sucks */

+ fprintf(stderr, "You loose.\n");

+ exit(1);

}

int kdb_new_get_new_master_key(des_cblock *key, des_key_schedule schedule,

int verify)

{

#ifndef RANDOM_MKEY

- des_read_password(key, "\nEnter Kerberos master password: ", verify);

- printf ("\n");

+ des_read_password(key, "\nEnter Kerberos master password: ", verify);

+ printf ("\n");

#else

- char buf[1024];

- des_generate_random_block (key);

- des_key_sched(key, schedule);

+ char buf[1024];

+ des_generate_random_block (key);

+ des_key_sched(key, schedule);

- des_read_pw_string(buf, sizeof(buf), "Enter master key seed: ", 0);

- des_cbc_cksum((des_cblock*)buf, key, sizeof(buf), schedule, key);

- memset(buf, 0, sizeof(buf));

+ des_read_pw_string(buf, sizeof(buf), "Enter master key seed: ", 0);

+ des_cbc_cksum((des_cblock*)buf, key, sizeof(buf), schedule, key);

+ memset(buf, 0, sizeof(buf));

#endif

- des_key_sched(key, schedule);

- return 0;

+ des_key_sched(key, schedule);

+ return 0;

}

int kdb_get_master_key(int prompt, des_cblock *master_key,

des_key_schedule master_key_sched)

{

- int ask = (prompt == KDB_GET_TWICE);

+ int ask = (prompt == KDB_GET_TWICE);

#ifndef RANDOM_MKEY

- ask |= (prompt == KDB_GET_PROMPT);

+ ask |= (prompt == KDB_GET_PROMPT);

#endif

- if(ask)

- kdb_new_get_new_master_key(master_key, master_key_sched,

- prompt == KDB_GET_TWICE);

- else

- kdb_new_get_master_key(master_key, master_key_sched);

- return 0;

+ if(ask)

+ kdb_new_get_new_master_key(master_key, master_key_sched,

+ prompt == KDB_GET_TWICE);

+ else

+ kdb_new_get_master_key(master_key, master_key_sched);

+ return 0;

}

int kdb_kstash(des_cblock *master_key, char *file)

{

- int kfile;

- kfile = open(file, O_TRUNC | O_RDWR | O_CREAT, 0600);

- if (kfile < 0) {

- return -1;

- }

- if (write(kfile, master_key, sizeof(des_cblock)) != sizeof(des_cblock)) {

+ int kfile;

+ kfile = open(file, O_TRUNC | O_RDWR | O_CREAT, 0600);

+ if (kfile < 0) {

+ return -1;

+ }

+ if (write(kfile, master_key, sizeof(des_cblock)) != sizeof(des_cblock)) {

+ close(kfile);

+ return -1;

+ }

close(kfile);

- return -1;

- }

- close(kfile);

- return 0;

+ return 0;

}

/* The old algorithm used the key schedule as the initial vector which

@@ -167,12 +168,11 @@ kdb_encrypt_key (des_cblock (*in), des_cblock (*out),

des_cblock (*master_key),

des_key_schedule master_key_sched, int e_d_flag)

{

#ifdef NOENCRYPTION

- memcpy(out, in, sizeof(des_cblock));

+ memcpy(out, in, sizeof(des_cblock));

#else

- des_pcbc_encrypt(in,out,(long)sizeof(des_cblock),master_key_sched,master_key,

- e_d_flag);

+ des_pcbc_encrypt(in, out, (long)sizeof(des_cblock), master_key_sched,

+ master_key, e_d_flag);

#endif

}

@@ -186,57 +186,57 @@ kdb_verify_master_key (des_cblock *master_key,

des_key_schedule master_key_sched,

FILE *out) /* NULL -> no output */

{

- des_cblock key_from_db;

- Principal principal_data[1];

- int n, more = 0;

- long master_key_version;

- /* lookup the master key version */

- n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data,

- 1 /* only one please */, &more);

- if ((n != 1) || more) {

- if (out != (FILE *) NULL)

- fprintf(out,

- "verify_master_key: %s, %d found.\n",

- "Kerberos error on master key version lookup",

- n);

- return (-1);

- }

- master_key_version = (long) principal_data[0].key_version;

- /* set up the master key */

- if (out != (FILE *) NULL) /* should we punt this? */

- fprintf(out, "Current Kerberos master key version is %d.\n",

- principal_data[0].kdc_key_ver);

- /*

- * now use the master key to decrypt the key in the db, had better

- * be the same!

- */

- copy_to_key(&principal_data[0].key_low,

- &principal_data[0].key_high,

- key_from_db);

- kdb_encrypt_key (&key_from_db, &key_from_db,

- master_key, master_key_sched, DES_DECRYPT);

- /* the decrypted database key had better equal the master key */

- n = memcmp(master_key, key_from_db, sizeof(master_key));

- /* this used to zero the master key here! */

- memset(key_from_db, 0, sizeof(key_from_db));

- memset(principal_data, 0, sizeof (principal_data));

- if (n && (out != (FILE *) NULL)) {

- fprintf(out, "\n\07\07verify_master_key: Invalid master key; ");

- fprintf(out, "does not match database.\n");

- }

- if(n)

- return (-1);

- if (out != (FILE *) NULL) {

- fprintf(out, "\nMaster key entered. BEWARE!\07\07\n");

- fflush(out);

- }

- return (master_key_version);

+ des_cblock key_from_db;

+ Principal principal_data[1];

+ int n, more = 0;

+ long master_key_version;

+ /* lookup the master key version */

+ n = kerb_get_principal(KERB_M_NAME, KERB_M_INST, principal_data,

+ 1 /* only one please */, &more);

+ if ((n != 1) || more) {

+ if (out != (FILE *) NULL)

+ fprintf(out,

+ "verify_master_key: %s, %d found.\n",

+ "Kerberos error on master key version lookup",

+ n);

+ return (-1);

+ }

+ master_key_version = (long) principal_data[0].key_version;

+ /* set up the master key */

+ if (out != (FILE *) NULL) /* should we punt this? */

+ fprintf(out, "Current Kerberos master key version is %d.\n",

+ principal_data[0].kdc_key_ver);

+ /*

+ * now use the master key to decrypt the key in the db, had better

+ * be the same!

+ */

+ copy_to_key(&principal_data[0].key_low,

+ &principal_data[0].key_high,

+ key_from_db);

+ kdb_encrypt_key (&key_from_db, &key_from_db,

+ master_key, master_key_sched, DES_DECRYPT);

+ /* the decrypted database key had better equal the master key */

+ n = memcmp(master_key, key_from_db, sizeof(master_key));

+ /* this used to zero the master key here! */

+ memset(key_from_db, 0, sizeof(key_from_db));

+ memset(principal_data, 0, sizeof (principal_data));

+ if (n && (out != (FILE *) NULL)) {

+ fprintf(out, "\n\07\07verify_master_key: Invalid master key; ");

+ fprintf(out, "does not match database.\n");

+ }

+ if(n)

+ return (-1);

+ if (out != (FILE *) NULL) {

+ fprintf(out, "\nMaster key entered. BEWARE!\07\07\n");

+ fflush(out);

+ }

+ return master_key_version;

}

diff --git a/kerberosIV/kdb/krb_lib.c b/kerberosIV/kdb/krb_lib.c
index 4503dda02f8..81bd0d48eb9 100644
--- a/kerberosIV/kdb/krb_lib.c
+++ b/kerberosIV/kdb/krb_lib.c

@@ -1,3 +1,4 @@

+/* $OpenBSD: krb_lib.c,v 1.5 1997/12/12 11:29:25 art Exp $ */

/* $KTH: krb_lib.c,v 1.11 1997/05/07 01:36:08 assar Exp $ */

@@ -219,7 +220,7 @@ kerb_get_dba(char *name, char *inst, Dba *dba, unsigned int max, int *more)

#ifdef DEBUG

if (kerb_debug & 1)

fprintf(stderr, "\n%s: kerb_get_dba for %s %s max = %d\n",

- progname, name, inst, max);

+ progname, name, inst, max);

#endif

* if this is a request including a wild card, have to go to db

@@ -255,5 +256,5 @@ kerb_get_dba(char *name, char *inst, Dba *dba, unsigned int max, int *more)

kerb_cache_put_dba(dba, found);

}

#endif

- return (found);

+ return found;

}

diff --git a/kerberosIV/kdb/print_princ.c b/kerberosIV/kdb/print_princ.c
index 6ba635d5b79..9ffe978c70a 100644
--- a/kerberosIV/kdb/print_princ.c
+++ b/kerberosIV/kdb/print_princ.c

@@ -1,3 +1,4 @@

+/* $OpenBSD: print_princ.c,v 1.3 1997/12/12 11:29:26 art Exp $ */

/* $KTH: print_princ.c,v 1.5 1997/05/07 01:37:13 assar Exp $ */