diff options
153 files changed, 23808 insertions, 0 deletions
diff --git a/kerberosIV/src/Makefile.am b/kerberosIV/src/Makefile.am new file mode 100644 index 00000000000..ac4b0644c3e --- /dev/null +++ b/kerberosIV/src/Makefile.am @@ -0,0 +1,10 @@ +# $KTH: Makefile.am,v 1.4 2001/09/13 00:03:58 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +SUBDIRS = include lib kuser server slave admin kadmin appl doc tools + +ACLOCAL_AMFLAGS = -I cf +## ACLOCAL = @ACLOCAL@ -I cf + +EXTRA_DIST = Makefile.am.common diff --git a/kerberosIV/src/Makefile.am.common b/kerberosIV/src/Makefile.am.common new file mode 100644 index 00000000000..26413d73c74 --- /dev/null +++ b/kerberosIV/src/Makefile.am.common @@ -0,0 +1,35 @@ +# $KTH: Makefile.am.common,v 1.1 2000/11/05 17:16:23 joda Exp $ + +include $(top_srcdir)/cf/Makefile.am.common + +SUFFIXES += .x + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +CHECK_LOCAL = $(PROGRAMS) + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi diff --git a/kerberosIV/src/admin/Makefile.am b/kerberosIV/src/admin/Makefile.am new file mode 100644 index 00000000000..8e9d6607e21 --- /dev/null +++ b/kerberosIV/src/admin/Makefile.am @@ -0,0 +1,16 @@ +# $KTH: Makefile.am,v 1.5 2001/08/28 08:42:56 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_des) + +sbin_PROGRAMS = ext_srvtab kdb_destroy kdb_edit kdb_init kdb_util kstash + +man_MANS = ext_srvtab.8 kdb_destroy.8 kdb_edit.8 kdb_init.8 kdb_util.8 kstash.8 + +LDADD = \ + $(top_builddir)/lib/kdb/libkdb.la \ + $(top_builddir)/lib/krb/libkrb.la \ + $(LIB_des) \ + $(LIB_roken) \ + $(DBLIB) diff --git a/kerberosIV/src/admin/ext_srvtab.8 b/kerberosIV/src/admin/ext_srvtab.8 new file mode 100644 index 00000000000..400637d028c --- /dev/null +++ b/kerberosIV/src/admin/ext_srvtab.8 @@ -0,0 +1,62 @@ +.\" $KTH: ext_srvtab.8,v 1.1 2000/11/08 17:34:06 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH EXT_SRVTAB 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +ext_srvtab \- extract service key files from Kerberos key distribution center database +.SH SYNOPSIS +ext_srvtab [ +.B \-n +] [ +.B \-r realm +] [ +.B hostname ... +] +.SH DESCRIPTION +.I ext_srvtab +extracts service key files from the Kerberos key distribution center +(KDC) database. +.PP +Upon execution, it prompts the user to enter the master key string for +the database. If the +.B \-n +option is specified, the master key is instead fetched from the master +key cache file. +.PP +For each +.I hostname +specified on the command line, +.I ext_srvtab +creates the service key file +.IR hostname -new-srvtab, +containing all the entries in the database with an instance field of +.I hostname. +This new file contains all the keys registered for Kerberos-mediated +service providing programs which use the +.IR krb_get_phost (3) +principal and instance conventions to run on the host +.IR hostname . +If the +.B \-r +option is specified, the realm fields in the extracted file will +match the given realm rather than the local realm. +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.SH FILES +.TP 20n +.IR hostname -new-srvtab +Service key file generated for +.I hostname +.TP +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.TP +/.k +Master key cache file. +.SH SEE ALSO +read_service_key(3), krb_get_phost(3) diff --git a/kerberosIV/src/admin/kdb_destroy.8 b/kerberosIV/src/admin/kdb_destroy.8 new file mode 100644 index 00000000000..88806287103 --- /dev/null +++ b/kerberosIV/src/admin/kdb_destroy.8 @@ -0,0 +1,32 @@ +.\" $KTH: kdb_destroy.8,v 1.1 2000/11/08 17:34:06 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_DESTROY 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_destroy \- destroy Kerberos key distribution center database +.SH SYNOPSIS +kdb_destroy +.SH DESCRIPTION +.I kdb_destroy +deletes a Kerberos key distribution center database. +.PP +The user is prompted to verify that the database should be destroyed. A +response beginning with `y' or `Y' confirms deletion. +Any other response aborts deletion. +.SH DIAGNOSTICS +.TP 20n +"Database cannot be deleted at /var/kerberos/principal" +The attempt to delete the database failed (probably due to a system or +access permission error). +.TP +"Database not deleted." +The user aborted the deletion. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.SH SEE ALSO +kdb_init(8) diff --git a/kerberosIV/src/admin/kdb_edit.8 b/kerberosIV/src/admin/kdb_edit.8 new file mode 100644 index 00000000000..ceea02be1b7 --- /dev/null +++ b/kerberosIV/src/admin/kdb_edit.8 @@ -0,0 +1,54 @@ +.\" $KTH: kdb_edit.8,v 1.1 2000/11/08 17:34:06 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_EDIT 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_edit \- Kerberos key distribution center database editing utility +.SH SYNOPSIS +kdb_edit [ +.B \-n +] +.SH DESCRIPTION +.I kdb_edit +is used to create or change principals stored in the Kerberos key +distribution center (KDC) database. +.PP +When executed, +.I kdb_edit +prompts for the master key string and verifies that it matches the +master key stored in the database. +If the +.B \-n +option is specified, the master key is instead fetched from the master +key cache file. +.PP +Once the master key has been verified, +.I kdb_edit +begins a prompt loop. The user is prompted for the principal and +instance to be modified. If the entry is not found the user may create +it. +Once an entry is found or created, the user may set the password, +expiration date, maximum ticket lifetime, and attributes. +Default expiration dates, maximum ticket lifetimes, and attributes are +presented in brackets; if the user presses return the default is selected. +There is no default password. +The password RANDOM is interpreted specially, and if entered +the user may have the program select a random DES key for the +principal. +.PP +Upon successfully creating or changing the entry, ``Edit O.K.'' is +printed. +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.TP +/.k +Master key cache file. diff --git a/kerberosIV/src/admin/kdb_init.8 b/kerberosIV/src/admin/kdb_init.8 new file mode 100644 index 00000000000..721cf8ee64b --- /dev/null +++ b/kerberosIV/src/admin/kdb_init.8 @@ -0,0 +1,37 @@ +.\" $KTH: kdb_init.8,v 1.1 2000/11/08 17:34:07 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_INIT 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_init \- Initialize Kerberos key distribution center database +.SH SYNOPSIS +kdb_init [ +.B realm +] +.SH DESCRIPTION +.I kdb_init +initializes a Kerberos key distribution center database, creating the +necessary principals. +.PP +If the optional +.I realm +argument is not present, +.I kdb_init +prompts for a realm name. +After determining the realm to be created, it prompts for +a master key password. The master key password is used to encrypt +every encryption key stored in the database. +.SH DIAGNOSTICS +.TP 20n +"/var/kerberos/principal: File exists" +An attempt was made to create a database on a machine which already had +an existing database. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.SH SEE ALSO +kdb_destroy(8) diff --git a/kerberosIV/src/admin/kdb_util.8 b/kerberosIV/src/admin/kdb_util.8 new file mode 100644 index 00000000000..aef78ed74e9 --- /dev/null +++ b/kerberosIV/src/admin/kdb_util.8 @@ -0,0 +1,68 @@ +.\" $KTH: kdb_util.8,v 1.1 2000/11/08 17:34:07 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDB_UTIL 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdb_util \- Kerberos key distribution center database utility +.SH SYNOPSIS +kdb_util +.B operation filename +.SH DESCRIPTION +.I kdb_util +allows the Kerberos key distribution center (KDC) database administrator to +perform utility functions on the database. +.PP +.I Operation +must be one of the following: +.TP 10n +.I load +initializes the KDC database with the records described by the +text contained in the file +.IR filename . +Any existing database is overwritten. +.TP +.I dump +dumps the KDC database into a text representation in the file +.IR filename . +.TP +.I slave_dump +performs a database dump like the +.I dump +operation, and additionally creates a semaphore file signalling the +propagation software that an update is available for distribution to +slave KDC databases. +.TP +.I merge +merges in the entries from +.IR filename +into the database. +.TP +.I new_master_key +prompts for the old and new master key strings, and then dumps the KDC +database into a text representation in the file +.IR filename . +The keys in the text representation are encrypted in the new master key. +.TP +.I convert_old_db +prompts for the master key string, and then dumps the KDC database into +a text representation in the file +.IR filename . +The existing database is assumed to be encrypted using the old format +(encrypted by the key schedule of the master key); the dumped database +is encrypted using the new format (encrypted directly with master key). +.PP +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.SH FILES +.TP 20n +/kerberos/principal.pag, /kerberos/principal.dir +DBM files containing database +.TP +.IR filename .ok +semaphore file created by +.IR slave_dump. diff --git a/kerberosIV/src/admin/kstash.8 b/kerberosIV/src/admin/kstash.8 new file mode 100644 index 00000000000..ff440a64d1c --- /dev/null +++ b/kerberosIV/src/admin/kstash.8 @@ -0,0 +1,40 @@ +.\" $KTH: kstash.8,v 1.1 2000/11/08 17:34:07 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KSTASH 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kstash \- stash Kerberos key distribution center database master key +.SH SYNOPSIS +kstash +.SH DESCRIPTION +.I kstash +saves the Kerberos key distribution center (KDC) database master key in +the master key cache file. +.PP +The user is prompted to enter the key, to verify the authenticity of the +key and the authorization to store the key in the file. +.SH DIAGNOSTICS +.TP 20n +"verify_master_key: Invalid master key, does not match database." +The master key string entered was incorrect. +.TP +"kstash: Unable to open master key file" +The attempt to open the cache file for writing failed (probably due to a +system or access permission error). +.TP +"kstash: Write I/O error on master key file" +The +.BR write (2) +system call returned an error while +.I kstash +was attempting to write the key to the file. +.SH FILES +.TP 20n +/var/kerberos/principal.pag, /var/kerberos/principal.dir +DBM files containing database +.TP +/.k +Master key cache file. diff --git a/kerberosIV/src/appl/afsutil/Makefile.am b/kerberosIV/src/appl/afsutil/Makefile.am new file mode 100644 index 00000000000..cc73de5b364 --- /dev/null +++ b/kerberosIV/src/appl/afsutil/Makefile.am @@ -0,0 +1,17 @@ +# $KTH: Makefile.am,v 1.5 2001/08/28 08:42:57 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_des) + +bin_PROGRAMS = pagsh afslog kstring2key + +afslog_SOURCES = aklog.c + +man_MANS = afslog.1 pagsh.1 + +LDADD = \ + $(LIB_kafs) \ + $(LIB_krb4) \ + $(LIB_des) \ + $(LIB_roken) diff --git a/kerberosIV/src/appl/afsutil/afslog.1 b/kerberosIV/src/appl/afsutil/afslog.1 new file mode 100644 index 00000000000..2b55f8b60a7 --- /dev/null +++ b/kerberosIV/src/appl/afsutil/afslog.1 @@ -0,0 +1,71 @@ +.\" $KTH: afslog.1,v 1.2 2001/05/01 18:53:24 assar Exp $ +.\" +.Dd April 27, 1996 +.Dt AFSLOG 1 +.Os KTH-KRB +.Sh NAME +.Nm afslog +.Nd "obtains AFS tokens for specified cells" +.Sh SYNOPSIS +.Nm +.Op Fl d +.Op Fl c Ar cell +.Op Fl k Ar realm +.Op Fl p Pa path +.Op Fl unlog +.Op Fl createuser +.Op Ar args +.Sh DESCRIPTION +The +.Nm +command obtains AFS tokens, +.Ar args +are either a name of a cell or a pathnames of a file in the cell to +get tokens for. If an argument is +.Li . +or +.Li .. +or contains a slash it is assumed to be a pathname. Otherwise it is +assumed to be a name of a cell or a prefix thereof. +.Pp +The +.Fl c +and +.Fl p +flags can be used to resolve ambiguities. +.Pp +.Nm +might fail to guess the Kerberos realm to get tickets for (for +instance if the volume location servers of the cell does not reside in +the kerberos realm that holds the AFS service key, and the correct +realm isn't the same as the cell name or the local realm (I didn't say +this was a common problem)). Anyway, the +.Fl k +can be used to give a hint. It should not be used unless there is a +problem, since all tickets will be taken from the specified realm and +this is not (usually) what you want. +.Pp +.Fl createuser +means that +.Nm +should try to run +.Nm pts +to create a remote user principal in another cell. +.Fl d +can be used for debugging. +.Pp +If the +.Fl unlog +flag is given any tokens are removed and all other arguments are ignored. +.Sh SEE ALSO +.Xr kauth 1 , +.Xr kafs 3 +.Sh BUGS +It should be able to handle the MIT Athena +.Nm aklog +flags +.Fl hosts , +.Fl zsubs , +and +.Fl noprdb , +but does not. diff --git a/kerberosIV/src/appl/afsutil/pagsh.1 b/kerberosIV/src/appl/afsutil/pagsh.1 new file mode 100644 index 00000000000..e7dfacd9e86 --- /dev/null +++ b/kerberosIV/src/appl/afsutil/pagsh.1 @@ -0,0 +1,25 @@ +.\" $KTH: pagsh.1,v 1.2 2001/05/01 18:53:24 assar Exp $ +.\" +.Dd April 27, 1996 +.Dt PAGSH 1 +.Os KTH-KRB +.Sh NAME +.Nm pagsh +.Nd execute a command without authentication +.Sh SYNOPSIS +.Nm pagsh +.Oo +.Op Fl c +.Ar command Ar args +.Oc +.Sh DESCRIPTION +Starts a new subprocess that is detached from any Kerberos ticket +cache and AFS tokens. +Without +.Ar command +a new shell is started. +.Sh ENVIRONMENT +.Bl -tag -width $SHELL +.It Ev $SHELL +Default shell. +.El diff --git a/kerberosIV/src/appl/bsd/Makefile.am b/kerberosIV/src/appl/bsd/Makefile.am new file mode 100644 index 00000000000..b63b89b4e73 --- /dev/null +++ b/kerberosIV/src/appl/bsd/Makefile.am @@ -0,0 +1,50 @@ +# $KTH: Makefile.am,v 1.8 2001/09/17 03:02:07 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -DBINDIR='"$(bindir)"' $(INCLUDE_des) + +bin_PROGRAMS = rsh rcp rlogin su login +bin_SUIDS = rsh rcp rlogin su +libexec_PROGRAMS = rshd rlogind + +man_MANS = login.1 login.access.5 rcp.1 rlogin.1 rlogind.8 rsh.1 \ + rshd.8 su.1 + +LDADD = \ + libbsd.a \ + $(LIB_krb4) \ + $(LIB_des) \ + $(LIB_roken) + +noinst_LIBRARIES = libbsd.a + +libbsd_a_SOURCES = kcmd.c krcmd.c encrypt.c rcmd_util.c osfc2.c + +rcp_SOURCES = rcp.c rcp_util.c +login_SOURCES = login.c klogin.c login_fbtab.c login_access.c \ + sysv_default.c sysv_environ.c sysv_shadow.c \ + utmp_login.c utmpx_login.c stty_default.c tty.c +rlogind_SOURCES = rlogind.c forkpty.c tty.c + + +rcp_LDADD = \ + $(LIB_kafs) \ + $(LDADD) \ + $(LIB_security) + +rshd_LDADD = $(rcp_LDADD) + +rlogind_LDADD = \ + $(LIB_kafs) \ + $(LIB_logwtmp) \ + $(LDADD) + +login_LDADD = \ + $(LIB_setpcred) \ + $(LIB_otp) \ + $(rcp_LDADD) \ + $(LIB_odm_initialize) \ + $(LIB_getattr) + +su_LDADD = $(rcp_LDADD) diff --git a/kerberosIV/src/appl/bsd/login.1 b/kerberosIV/src/appl/bsd/login.1 new file mode 100644 index 00000000000..b05a6a4dce6 --- /dev/null +++ b/kerberosIV/src/appl/bsd/login.1 @@ -0,0 +1,160 @@ +.\" Copyright (c) 1980, 1990, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)login.1 8.1 (Berkeley) 6/9/93 +.\" +.Dd June 9, 1993 +.Dt LOGIN 1 +.Os BSD 4 +.Sh NAME +.Nm login +.Nd log into the computer +.Sh SYNOPSIS +.Nm login +.Op Fl fp +.Op Fl h Ar hostname +.Op Ar user +.Sh DESCRIPTION +.Sy Note: +this manual page describes the original login program for +NetBSD. Everything in here might not be true. +.Pp +The +.Nm login +utility logs users (and pseudo-users) into the computer system. +.Pp +If no user is specified, or if a user is specified and authentication +of the user fails, +.Nm login +prompts for a user name. +Authentication of users is done via passwords. +.Pp +The options are as follows: +.Bl -tag -width Ds +.It Fl f +The +.Fl f +option is used when a user name is specified to indicate that proper +authentication has already been done and that no password need be +requested. +This option may only be used by the super-user or when an already +logged in user is logging in as themselves. +.It Fl h +The +.Fl h +option specifies the host from which the connection was received. +It is used by various daemons such as +.Xr telnetd 8 . +This option may only be used by the super-user. +.It Fl p +By default, +.Nm login +discards any previous environment. +The +.Fl p +option disables this behavior. +.El +.Pp +If the file +.Pa /etc/nologin +exists, +.Nm login +dislays its contents to the user and exits. +This is used by +.Xr shutdown 8 +to prevent users from logging in when the system is about to go down. +.Pp +If the file +.Pa /etc/fbtab +exists, +.Nm login +changes the protection and ownership of certain devices specified in this +file. +.Pp +Immediately after logging a user in, +.Nm login +displays the system copyright notice, the date and time the user last +logged in, the message of the day as well as other information. +If the file +.Dq Pa .hushlogin +exists in the user's home directory, all of these messages are suppressed. +This is to simplify logins for non-human users, such as +.Xr uucp 1 . +.Nm Login +then records an entry in the +.Xr wtmp 5 +and +.Xr utmp 5 +files and executes the user's command interpretor. +.Pp +Login enters information into the environment (see +.Xr environ 7 ) +specifying the user's home directory (HOME), command interpreter (SHELL), +search path (PATH), terminal type (TERM) and user name (both LOGNAME and +USER). +.Pp +The standard shells, +.Xr csh 1 +and +.Xr sh 1 , +do not fork before executing the +.Nm login +utility. +.Sh FILES +.Bl -tag -width /var/mail/userXXX -compact +.It Pa /etc/fbtab +changes device protections +.It Pa /etc/motd +message-of-the-day +.It Pa /etc/nologin +disallows logins +.It Pa /var/run/utmp +current logins +.It Pa /var/log/wtmp +login account records +.It Pa /var/mail/user +system mailboxes +.It Pa \&.hushlogin +makes login quieter +.El +.Sh SEE ALSO +.Xr chpass 1 , +.Xr passwd 1 , +.Xr rlogin 1 , +.Xr getpass 3 , +.Xr fbtab 5 , +.Xr utmp 5 , +.Xr environ 7 +.Sh HISTORY +A +.Nm login +appeared in +.At v6 . diff --git a/kerberosIV/src/appl/bsd/login.access.5 b/kerberosIV/src/appl/bsd/login.access.5 new file mode 100644 index 00000000000..deb1b7c866d --- /dev/null +++ b/kerberosIV/src/appl/bsd/login.access.5 @@ -0,0 +1,50 @@ +.\" this is comment +.Dd April 30, 1994 +.Dt SKEY.ACCESS 5 +.Os FreeBSD +.Sh NAME +.Nm login.access +.Nd Login access control table +.Sh DESCRIPTION +The +.Nm login.access +file specifies (user, host) combinations and/or (user, tty) +combinations for which a login will be either accepted or refused. +.Pp +When someone logs in, the +.Nm login.access +is scanned for the first entry that +matches the (user, host) combination, or, in case of non-networked +logins, the first entry that matches the (user, tty) combination. The +permissions field of that table entry determines whether the login will +be accepted or refused. +.Pp +Each line of the login access control table has three fields separated by a +":" character: permission : users : origins +.Pp +The first field should be a "+" (access granted) or "-" (access denied) +character. The second field should be a list of one or more login names, +group names, or ALL (always matches). The third field should be a list +of one or more tty names (for non-networked logins), host names, domain +names (begin with "."), host addresses, internet network numbers (end +with "."), ALL (always matches) or LOCAL (matches any string that does +not contain a "." character). If you run NIS you can use @netgroupname +in host or user patterns. +.Pp +The EXCEPT operator makes it possible to write very compact rules. +.Pp +The group file is searched only when a name does not match that of the +logged-in user. Only groups are matched in which users are explicitly +listed: the program does not look at a user's primary group id value. +.Sh FILES +.Bl -tag -width /etc/login.access -compact +.It Pa /etc/login.access +The +.Nm login.access +file resides in +.Pa /etc . +.El +.Sh SEE ALSO +.Xr login 1 +.Sh AUTHOR +Guido van Rooij diff --git a/kerberosIV/src/appl/bsd/rcp.1 b/kerberosIV/src/appl/bsd/rcp.1 new file mode 100644 index 00000000000..048d7da11bf --- /dev/null +++ b/kerberosIV/src/appl/bsd/rcp.1 @@ -0,0 +1,161 @@ +.\" $NetBSD: rcp.1,v 1.5 1995/03/21 08:19:04 cgd Exp $ +.\" +.\" Copyright (c) 1983, 1990, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)rcp.1 8.1 (Berkeley) 5/31/93 +.\" +.Dd May 31, 1993 +.Dt RCP 1 +.Os BSD 4.3r +.Sh NAME +.Nm rcp +.Nd remote file copy +.Sh SYNOPSIS +.Nm rcp +.Op Fl Kpx +.Op Fl k Ar realm +.Ar file1 file2 +.Nm rcp +.Op Fl Kprx +.Op Fl k Ar realm +.Ar +.Ar directory +.Sh DESCRIPTION +.Nm Rcp +copies files between machines. Each +.Ar file +or +.Ar directory +argument is either a remote file name of the +form ``rname@rhost:path'', or a local file name (containing no `:' characters, +or a `/' before any `:'s). +.Pp +.Bl -tag -width flag +.It Fl K +The +.Fl K +option turns off all Kerberos authentication. +.It Fl k +The +.Fl k +option requests +.Nm rcp +to obtain tickets +for the remote host in realm +.Ar realm +instead of the remote host's realm as determined by +.Xr krb_realmofhost 3 . +.It Fl p +The +.Fl p +option causes +.Nm rcp +to attempt to preserve (duplicate) in its copies the modification +times and modes of the source files, ignoring the +.Ar umask . +By default, the mode and owner of +.Ar file2 +are preserved if it already existed; otherwise the mode of the source file +modified by the +.Xr umask 2 +on the destination host is used. +.It Fl r +If any of the source files are directories, +.Nm rcp +copies each subtree rooted at that name; in this case +the destination must be a directory. +.It Fl x +The +.Fl x +option turns on +.Tn DES +encryption for all data passed by +.Nm rcp . +This may impact response time and +.Tn CPU +utilization, but provides +increased security. +.El +.Pp +If +.Ar path +is not a full path name, it is interpreted relative to +the login directory of the specified user +.Ar ruser +on +.Ar rhost , +or your current user name if no other remote user name is specified. +A +.Ar path +on a remote host may be quoted (using \e, ", or \(aa) +so that the metacharacters are interpreted remotely. +.Pp +.Nm Rcp +does not prompt for passwords; it performs remote execution +via +.Xr rsh 1 , +and requires the same authorization. +.Pp +.Nm Rcp +handles third party copies, where neither source nor target files +are on the current machine. +.Sh SEE ALSO +.Xr cp 1 , +.Xr ftp 1 , +.Xr rlogin 1 , +.Xr rsh 1 +.Sh HISTORY +The +.Nm rcp +command appeared in +.Bx 4.2 . +The version of +.Nm rcp +described here +has been reimplemented with Kerberos in +.Bx 4.3 Reno . +.Sh BUGS +Doesn't detect all cases where the target of a copy might +be a file in cases where only a directory should be legal. +.Pp +Is confused by any output generated by commands in a +.Pa \&.login , +.Pa \&.profile , +or +.Pa \&.cshrc +file on the remote host. +.Pp +The destination user and hostname may have to be specified as +``rhost.rname'' when the destination machine is running the +.Bx 4.2 +version of +.Nm rcp . diff --git a/kerberosIV/src/appl/bsd/rlogin.1 b/kerberosIV/src/appl/bsd/rlogin.1 new file mode 100644 index 00000000000..ca896a65f6c --- /dev/null +++ b/kerberosIV/src/appl/bsd/rlogin.1 @@ -0,0 +1,190 @@ +.\" $NetBSD: rlogin.1,v 1.3 1995/03/21 07:58:37 cgd Exp $ +.\" +.\" Copyright (c) 1983, 1990, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)rlogin.1 8.1 (Berkeley) 6/6/93 +.\" +.Dd June 6, 1993 +.Dt RLOGIN 1 +.Os BSD 4.2 +.Sh NAME +.Nm rlogin +.Nd remote login +.Sh SYNOPSIS +.Ar rlogin +.Op Fl 8EKLdx +.Op Fl e Ar char +.Op Fl k Ar realm +.Op Fl l Ar username +.Op Fl p Ar portnumber +.Ar host +.Sh DESCRIPTION +.Nm Rlogin +starts a terminal session on a remote host +.Ar host . +.Pp +.Nm Rlogin +first attempts to use the Kerberos authorization mechanism, described below. +If the remote host does not supporting Kerberos the standard Berkeley +.Pa rhosts +authorization mechanism is used. +The options are as follows: +.Bl -tag -width flag +.It Fl 8 +The +.Fl 8 +option allows an eight-bit input data path at all times; otherwise +parity bits are stripped except when the remote side's stop and start +characters are other than +^S/^Q . +.It Fl E +The +.Fl E +option stops any character from being recognized as an escape character. +When used with the +.Fl 8 +option, this provides a completely transparent connection. +.It Fl K +The +.Fl K +option turns off all Kerberos authentication. +.It Fl L +The +.Fl L +option allows the rlogin session to be run in ``litout'' (see +.Xr tty 4 ) +mode. +.It Fl d +The +.Fl d +option turns on socket debugging (see +.Xr setsockopt 2 ) +on the TCP sockets used for communication with the remote host. +.It Fl e +The +.Fl e +option allows user specification of the escape character, which is +``~'' by default. +This specification may be as a literal character, or as an octal +value in the form \ennn. +.It Fl k +The +.Fl k +option requests rlogin to obtain tickets for the remote host +in realm +.Ar realm +instead of the remote host's realm as determined by +.Xr krb_realmofhost 3 . +.It Fl x +The +.Fl x +option turns on +.Tn DES +encryption for all data passed via the +rlogin session. +This may impact response time and +.Tn CPU +utilization, but provides +increased security. +.It Fl D +Use the TCP nodelay option (see setsockopt(2)). +.It Fl p portnumber +Specifies the port number to connect to on the remote host. +.El +.Pp +A line of the form ``<escape char>.'' disconnects from the remote host. +Similarly, the line ``<escape char>^Z'' will suspend the +.Nm rlogin +session, and ``<escape char><delayed-suspend char>'' suspends the +send portion of the rlogin, but allows output from the remote system. +By default, the tilde (``~'') character is the escape character, and +normally control-Y (``^Y'') is the delayed-suspend character. +.Pp +All echoing takes place at the remote site, so that (except for delays) +the +.Nm rlogin +is transparent. +Flow control via ^S/^Q and flushing of input and output on interrupts +are handled properly. +.Sh KERBEROS AUTHENTICATION +Each user may have a private authorization list in the file +.Pa .klogin +in their home directory. +Each line in this file should contain a Kerberos principal name of the +form +.Ar principal.instance@realm . +If the originating user is authenticated to one of the principals named +in +.Pa .klogin , +access is granted to the account. +The principal +.Ar accountname.@localrealm +is granted access if +there is no +.Pa .klogin +file. +Otherwise a login and password will be prompted for on the remote machine +as in +.Xr login 1 . +To avoid certain security problems, the +.Pa .klogin +file must be owned by +the remote user. +.Pp +If Kerberos authentication fails, a warning message is printed and the +standard Berkeley +.Nm rlogin +is used instead. +.Sh ENVIRONMENT +The following environment variable is utilized by +.Nm rlogin : +.Bl -tag -width TERM +.It Ev TERM +Determines the user's terminal type. +.El +.Sh SEE ALSO +.Xr rsh 1 , +.Xr kerberos 3 , +.Xr krb_realmofhost 3 , +.Xr krb_sendauth 3 +.Sh HISTORY +The +.Nm rlogin +command appeared in +.Bx 4.2 . +.Sh BUGS +.Nm Rlogin +will be replaced by +.Xr telnet 1 +in the near future. +.Pp +More of the environment should be propagated. diff --git a/kerberosIV/src/appl/bsd/rlogind.8 b/kerberosIV/src/appl/bsd/rlogind.8 new file mode 100644 index 00000000000..bc99529b81a --- /dev/null +++ b/kerberosIV/src/appl/bsd/rlogind.8 @@ -0,0 +1,178 @@ +.\" Copyright (c) 1983, 1989, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)rlogind.8 8.1 (Berkeley) 6/4/93 +.\" +.Dd August 25, 1996 +.Dt RLOGIND 8 +.Os BSD 4.2 +.Sh NAME +.Nm rlogind +.Nd remote login server +.Sh SYNOPSIS +.Nm rlogind +.Op Fl ailnkvxD +.Op Fl p Ar portnumber +.Op Fl L Ar /bin/login +.Sh DESCRIPTION +.Nm Rlogind +is the server for the +.Xr rlogin 1 +program. The server provides a remote login facility with +kerberos-based authentication or traditional pseudo-authentication with +privileged port numbers from trusted hosts. +.Pp +Options supported by +.Nm rlogind : +.Bl -tag -width Ds +.It Fl a +No-op. For backwards compatibility. Hostnames are always verified. +.It Fl l +Prevent any authentication based on the user's +.Dq Pa .rhosts +file, unless the user is logging in as the superuser. +.It Fl n +Disable keep-alive messages. +.It Fl k +Enable kerberos authentication. +.It Fl i +Do not expect to be spawned by inetd and create a socket and listen on +it yourself. +.It Fl p portnumber +Specifies the port number it should listen on in case the +.It Fl i +flag has been given. +.It Fl v +Vacuous, echo "Remote host requires Kerberos authentication" and exit. +.It Fl x +Provides an encrypted communications channel. This options requires the +.Fl k +flag. +.It Fl L pathname +Specify pathname to an alternative login program. +.It Fl D +Use the TCP nodelay option (see setsockopt(2)). +.El +.Pp +When a service request is received, +.Nm rlogind +verifies the kerberos ticket supplied by the user. +.Pp +For non-kerberised connections, the following protocol is initiated: +.Bl -enum +.It +The server checks the client's source port. +If the port is not in the range 512-1023, the server +aborts the connection. +.It +The server checks the client's source address +and requests the corresponding host name (see +.Xr gethostbyaddr 3 , +.Xr hosts 5 +and +.Xr named 8 ) . +If the hostname cannot be determined, +the dot-notation representation of the host address is used. +The addresses for the hostname are requested, +verifying that the name and address correspond. +Normal authentication is bypassed if the address verification fails. +.El +.Pp +Once the source port and address have been checked, +.Nm rlogind +proceeds with the authentication process described in +.Xr rshd 8 . +.Pp +It then allocates a pseudo terminal (see +.Xr pty 4 ) , +and manipulates file descriptors so that the slave +half of the pseudo terminal becomes the +.Em stdin , +.Em stdout , +and +.Em stderr +for a login process. +The login process is an instance of the +.Xr login 1 +program, invoked with the +.Fl f +option if authentication has succeeded. +If automatic authentication fails, the user is +prompted to log in as if on a standard terminal line. +.Pp +The parent of the login process manipulates the master side of +the pseudo terminal, operating as an intermediary +between the login process and the client instance of the +.Xr rlogin +program. In normal operation, the packet protocol described +in +.Xr pty 4 +is invoked to provide +.Ql ^S/^Q +type facilities and propagate +interrupt signals to the remote programs. The login process +propagates the client terminal's baud rate and terminal type, +as found in the environment variable, +.Ql Ev TERM ; +see +.Xr environ 7 . +The screen or window size of the terminal is requested from the client, +and window size changes from the client are propagated to the pseudo terminal. +.Pp +Transport-level keepalive messages are enabled unless the +.Fl n +option is present. +The use of keepalive messages allows sessions to be timed out +if the client crashes or becomes unreachable. +.Sh DIAGNOSTICS +All initial diagnostic messages are indicated +by a leading byte with a value of 1, +after which any network connections are closed. +If there are no errors before +.Xr login +is invoked, a null byte is returned as in indication of success. +.Bl -tag -width Ds +.It Sy Try again. +A +.Xr fork +by the server failed. +.El +.Sh SEE ALSO +.Xr login 1 , +.Xr ruserok 3 , +.Xr rshd 8 +.Sh BUGS +A more extensible protocol should be used. +.Sh HISTORY +The +.Nm +command appeared in +.Bx 4.2 . diff --git a/kerberosIV/src/appl/bsd/rsh.1 b/kerberosIV/src/appl/bsd/rsh.1 new file mode 100644 index 00000000000..1b41a72ed22 --- /dev/null +++ b/kerberosIV/src/appl/bsd/rsh.1 @@ -0,0 +1,182 @@ +.\" Copyright (c) 1983, 1990 The Regents of the University of California. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" from: @(#)rsh.1 6.10 (Berkeley) 7/24/91 +.\" $KTH: rsh.1,v 1.2 2001/07/12 08:47:04 assar Exp $ +.\" +.Dd July 24, 1991 +.Dt RSH 1 +.Os BSD 4.2 +.Sh NAME +.Nm rsh +.Nd remote shell +.Sh SYNOPSIS +.Nm rsh +.Op Fl Kdnx +.Op Fl k Ar realm +.Op Fl l Ar username +.Ar host +.Op command +.Sh DESCRIPTION +.Nm Rsh +executes +.Ar command +on +.Ar host . +.Pp +.Nm Rsh +copies its standard input to the remote command, the standard +output of the remote command to its standard output, and the +standard error of the remote command to its standard error. +Interrupt, quit and terminate signals are propagated to the remote +command; +.Nm rsh +normally terminates when the remote command does. +The options are as follows: +.Bl -tag -width flag +.It Fl K +The +.Fl K +option turns off all Kerberos authentication. +.It Fl d +The +.Fl d +option turns on socket debugging (using +.Xr setsockopt 2 ) +on the +.Tn TCP +sockets used for communication with the remote host. +.It Fl k +The +.Fl k +option causes +.Nm rsh +to obtain tickets for the remote host in +.Ar realm +instead of the remote host's realm as determined by +.Xr krb_realmofhost 3 . +.It Fl l +By default, the remote username is the same as the local username. +The +.Fl l +option allows the remote name to be specified. +Kerberos authentication is used, and authorization is determined +as in +.Xr rlogin 1 . +.It Fl n +The +.Fl n +option redirects input from the special device +.Pa /dev/null +(see the +.Sx BUGS +section of this manual page). +.It Fl x +The +.Fl x +option turns on +.Tn DES +encryption for all data exchange. +This may introduce a significant delay in response time. +.El +.Pp +If no +.Ar command +is specified, you will be logged in on the remote host using +.Xr rlogin 1 . +.Pp +Shell metacharacters which are not quoted are interpreted on local machine, +while quoted metacharacters are interpreted on the remote machine. +For example, the command +.Pp +.Dl rsh otherhost cat remotefile >> localfile +.Pp +appends the remote file +.Ar remotefile +to the local file +.Ar localfile , +while +.Pp +.Dl rsh otherhost cat remotefile \&">>\&" other_remotefile +.Pp +appends +.Ar remotefile +to +.Ar other_remotefile . +.\" .Pp +.\" Many sites specify a large number of host names as commands in the +.\" directory /usr/hosts. +.\" If this directory is included in your search path, you can use the +.\" shorthand ``host command'' for the longer form ``rsh host command''. +.Sh FILES +.Bl -tag -width /etc/hosts -compact +.It Pa /etc/hosts +.El +.Sh SEE ALSO +.Xr rlogin 1 , +.Xr kerberos 3 , +.Xr krb_realmofhost 3 , +.Xr krb_sendauth 3 +.Sh HISTORY +The +.Nm rsh +command appeared in +.Bx 4.2 . +.Sh BUGS +If you are using +.Xr csh 1 +and put a +.Nm rsh +in the background without redirecting its input away from the terminal, +it will block even if no reads are posted by the remote command. +If no input is desired you should redirect the input of +.Nm rsh +to +.Pa /dev/null +using the +.Fl n +option. +.Pp +You cannot run an interactive command +(like +.Xr rogue 6 +or +.Xr vi 1 ) +using +.Nm rsh ; +use +.Xr rlogin 1 +instead. +.Pp +Stop signals stop the local +.Nm rsh +process only; this is arguably wrong, but currently hard to fix for reasons +too complicated to explain here. diff --git a/kerberosIV/src/appl/bsd/rshd.8 b/kerberosIV/src/appl/bsd/rshd.8 new file mode 100644 index 00000000000..8bd661f1527 --- /dev/null +++ b/kerberosIV/src/appl/bsd/rshd.8 @@ -0,0 +1,221 @@ +.\" Copyright (c) 1983, 1989, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)rshd.8 8.1 (Berkeley) 6/4/93 +.\" +.Dd August 25, 1996 +.Dt RSHD 8 +.Os BSD 4.2 +.Sh NAME +.Nm rshd +.Nd remote shell server +.Sh SYNOPSIS +.Nm rshd +.Op Fl ailnkvxLP +.Op Fl p Ar portnumber +.Sh DESCRIPTION +The +.Nm rshd +server +is the server for the +.Xr rcmd 3 +routine and, consequently, for the +.Xr rsh 1 +program. The server provides remote execution facilities with +kerberos-based authentication or traditional pseudo-authentication +with privileged port numbers from trusted hosts. +.Pp +The +.Nm rshd +server +listens for service requests at the port indicated in +the ``cmd'' service specification; see +.Xr services 5 . +When a service request is received +.Nm rshd +verifies the kerberos ticket supplied by the user. +.Pp +For non-kerberised connections, the following protocol is initiated: +.Bl -enum +.It +The server checks the client's source port. +If the port is not in the range 512-1023, the server +aborts the connection. +.It +The server reads characters from the socket up +to a null (`\e0') byte. The resultant string is +interpreted as an +.Tn ASCII +number, base 10. +.It +If the number received in step 2 is non-zero, +it is interpreted as the port number of a secondary +stream to be used for the +.Em stderr . +A second connection is then created to the specified +port on the client's machine. The source port of this +second connection is also in the range 512-1023. +.It +The server checks the client's source address +and requests the corresponding host name (see +.Xr gethostbyaddr 3 , +.Xr hosts 5 +and +.Xr named 8 ) . +If the hostname cannot be determined, +the dot-notation representation of the host address is used. +The addresses for the hostname are requested, +verifying that the name and address correspond. +If address verification fails, the connection is aborted +with the message, ``Host address mismatch.'' +.It +A null terminated user name of at most 16 characters +is retrieved on the initial socket. This user name +is interpreted as the user identity on the +.Em client Ns 's +machine. +.It +A null terminated user name of at most 16 characters +is retrieved on the initial socket. This user name +is interpreted as a user identity to use on the +.Sy server Ns 's +machine. +.It +A null terminated command to be passed to a +shell is retrieved on the initial socket. The length of +the command is limited by the upper bound on the size of +the system's argument list. +.It +.Nm Rshd +then validates the user using +.Xr ruserok 3 , +which uses the file +.Pa /etc/hosts.equiv +and the +.Pa .rhosts +file found in the user's home directory. The +.Fl l +option prevents +.Xr ruserok 3 +from doing any validation based on the user's ``.rhosts'' file, +unless the user is the superuser. +.It +If the file +.Pa /etc/nologin +exists and the user is not the superuser, +the connection is closed. +.It +A null byte is returned on the initial socket +and the command line is passed to the normal login +shell of the user. The +shell inherits the network connections established +by +.Nm rshd . +.El +.Pp +Transport-level keepalive messages are enabled unless the +.Fl n +option is present. +The use of keepalive messages allows sessions to be timed out +if the client crashes or becomes unreachable. +.Pp +The +.Fl L +option causes all successful accesses to be logged to +.Xr syslogd 8 +as +.Li auth.info +messages. +.Bl -tag -width Ds +.It Fl k +Enable kerberos authentication. +.It Fl i +Do not expect to be spawned by inetd and create a socket and listen on +it yourself. +.It Fl p portnumber +Specifies the port number it should listen on in case the +.It Fl i +flag has been given. +.It Fl v +Vacuous, echo "Remote host requires Kerberos authentication" and exit. +.It Fl x +Provides an encrypted communications channel. This option requires the +.Fl k +flag. +.It Fl P +AFS only! Doesn't put the remote proccess in a new PAG. +.El +.Sh DIAGNOSTICS +Except for the last one listed below, +all diagnostic messages +are returned on the initial socket, +after which any network connections are closed. +An error is indicated by a leading byte with a value of +1 (0 is returned in step 10 above upon successful completion +of all the steps prior to the execution of the login shell). +.Bl -tag -width indent +.It Sy Locuser too long. +The name of the user on the client's machine is +longer than 16 characters. +.It Sy Ruser too long. +The name of the user on the remote machine is +longer than 16 characters. +.It Sy Command too long . +The command line passed exceeds the size of the argument +list (as configured into the system). +.It Sy Login incorrect. +No password file entry for the user name existed. +.It Sy Remote directory. +The +.Xr chdir +command to the home directory failed. +.It Sy Permission denied. +The authentication procedure described above failed. +.It Sy Can't make pipe. +The pipe needed for the +.Em stderr , +wasn't created. +.It Sy Can't fork; try again. +A +.Xr fork +by the server failed. +.It Sy <shellname>: ... +The user's login shell could not be started. This message is returned +on the connection associated with the +.Em stderr , +and is not preceded by a flag byte. +.El +.Sh SEE ALSO +.Xr rsh 1 , +.Xr rcmd 3 , +.Xr ruserok 3 +.Sh BUGS +A more extensible protocol (such as Telnet) should be used. diff --git a/kerberosIV/src/appl/bsd/su.1 b/kerberosIV/src/appl/bsd/su.1 new file mode 100644 index 00000000000..ab719c17150 --- /dev/null +++ b/kerberosIV/src/appl/bsd/su.1 @@ -0,0 +1,191 @@ +.\" Copyright (c) 1988, 1990 The Regents of the University of California. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" from: @(#)su.1 6.12 (Berkeley) 7/29/91 +.\" $KTH: su.1,v 1.3 2001/07/12 08:47:04 assar Exp $ +.\" +.Dd July 29, 1991 +.Dt SU 1 +.Os +.Sh NAME +.Nm su +.Nd substitute user identity +.Sh SYNOPSIS +.Nm su +.Op Fl Kflmi +.Op Ar login Op Ar "shell arguments" +.Sh DESCRIPTION +.Nm Su +requests the Kerberos password for +.Ar login +(or for +.Dq Ar login Ns .root , +if no login is provided), and switches to +that user and group ID after obtaining a Kerberos ticket granting ticket. +A shell is then executed, and any additional +.Ar "shell arguments" +after the login name +are passed to the shell. +.Nm Su +will resort to the local password file to find the password for +.Ar login +if there is a Kerberos error. +If +.Nm su +is executed by root, no password is requested and a shell +with the appropriate user ID is executed; no additional Kerberos tickets +are obtained. +.Pp +Alternately, if the user enters the password "s/key", they will be +authenticated using the S/Key one-time password system as described in +.Xr skey 1 . +S/Key is a Trademark of Bellcore. +.Pp +By default, the environment is unmodified with the exception of +.Ev USER , +.Ev HOME , +and +.Ev SHELL . +.Ev HOME +and +.Ev SHELL +are set to the target login's default values. +.Ev USER +is set to the target login, unless the target login has a user ID of 0, +in which case it is unmodified. +The invoked shell is the target login's. +This is the traditional behavior of +.Nm su . +.Pp +The options are as follows: +.Bl -tag -width Ds +.It Fl K +Do not attempt to use Kerberos to authenticate the user. +.It Fl k +Use Kerberos authentication, even when executed by root. +.It Fl f +If the invoked shell is +.Xr csh 1 , +this option prevents it from reading the +.Dq Pa .cshrc +file. +.It Fl l +Simulate a full login. +The environment is discarded except for +.Ev HOME , +.Ev SHELL , +.Ev PATH , +.Ev TERM , +and +.Ev USER . +.Ev HOME +and +.Ev SHELL +are modified as above. +.Ev USER +is set to the target login. +.Ev PATH +is set to +.Dq Pa /bin:/usr/bin . +.Ev TERM +is imported from your current environment. +The invoked shell is the target login's, and +.Nm su +will change directory to the target login's home directory. +.It Fl m +Leave the environment unmodified. +The invoked shell is your login shell, and no directory changes are made. +As a security precaution, if the target user's shell is a non-standard +shell (as defined by +.Xr getusershell 3 ) +and the caller's real uid is +non-zero, +.Nm su +will fail. +.It Fl i +If the kerberos root instance is not root any other value can be passed +using this switch. +.El +.Pp +The +.Fl l +and +.Fl m +options are mutually exclusive; the last one specified +overrides any previous ones. +.Pp +Only users mentioned in +.Dq Pa ~root/.klogin +(or in group 0 when not doing kerberos) can +.Nm su +to +.Dq root . +.Pp +By default (unless the prompt is reset by a startup file) the super-user +prompt is set to +.Dq Sy \&# +to remind one of its awesome power. +.Sh SEE ALSO +.Xr csh 1 , +.Xr kerberos 1 , +.Xr kinit 1 , +.Xr login 1 , +.Xr sh 1 , +.Xr skey 1 , +.Xr group 5 , +.Xr passwd 5 , +.Xr environ 7 +.Sh ENVIRONMENT +Environment variables used by +.Nm su : +.Bl -tag -width HOME +.It Ev HOME +Default home directory of real user ID unless modified as +specified above. +.It Ev PATH +Default search path of real user ID unless modified as specified above. +.It Ev TERM +Provides terminal type which may be retained for the substituted +user ID. +.It Ev USER +The user ID is always the effective ID (the target user ID) after an +.Nm su +unless the user ID is 0 (root). +.El +.Sh HISTORY +A +.Nm +command appeared in +.At v7 . +The version described +here is an adaptation of the +.Tn MIT +Athena Kerberos command. diff --git a/kerberosIV/src/appl/ftp/ftp/ftp.1 b/kerberosIV/src/appl/ftp/ftp/ftp.1 new file mode 100644 index 00000000000..f76ebd600f2 --- /dev/null +++ b/kerberosIV/src/appl/ftp/ftp/ftp.1 @@ -0,0 +1,1198 @@ +.\" $NetBSD: ftp.1,v 1.11 1995/09/08 01:06:24 tls Exp $ +.\" +.\" Copyright (c) 1985, 1989, 1990, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)ftp.1 8.3 (Berkeley) 10/9/94 +.\" +.Dd April 27, 1996 +.Dt FTP 1 +.Os BSD 4.2 +.Sh NAME +.Nm ftp +.Nd +.Tn ARPANET +file transfer program +.Sh SYNOPSIS +.Nm ftp +.Op Fl t +.Op Fl v +.Op Fl d +.Op Fl i +.Op Fl n +.Op Fl g +.Op Fl p +.Op Fl l +.Op Ar host +.Sh DESCRIPTION +.Nm Ftp +is the user interface to the +.Tn ARPANET +standard File Transfer Protocol. +The program allows a user to transfer files to and from a +remote network site. +.Pp +Modifications has been made so that it almost follows the ftpsec +Internet draft. +.Pp +Options may be specified at the command line, or to the +command interpreter. +.Bl -tag -width flag +.It Fl t +Enables packet tracing. +.It Fl v +Verbose option forces +.Nm ftp +to show all responses from the remote server, as well +as report on data transfer statistics. +.It Fl n +Restrains +.Nm ftp +from attempting \*(Lqauto-login\*(Rq upon initial connection. +If auto-login is enabled, +.Nm ftp +will check the +.Pa .netrc +(see below) file in the user's home directory for an entry describing +an account on the remote machine. +If no entry exists, +.Nm ftp +will prompt for the remote machine login name (default is the user +identity on the local machine), and, if necessary, prompt for a password +and an account with which to login. +.It Fl i +Turns off interactive prompting during +multiple file transfers. +.It Fl p +Turn on passive mode. +.It Fl d +Enables debugging. +.It Fl g +Disables file name globbing. +.It Fl l +Disables command line editing. +.El +.Pp +The client host with which +.Nm ftp +is to communicate may be specified on the command line. +If this is done, +.Nm ftp +will immediately attempt to establish a connection to an +.Tn FTP +server on that host; otherwise, +.Nm ftp +will enter its command interpreter and await instructions +from the user. +When +.Nm ftp +is awaiting commands from the user the prompt +.Ql ftp> +is provided to the user. +The following commands are recognized +by +.Nm ftp : +.Bl -tag -width Fl +.It Ic \&! Op Ar command Op Ar args +Invoke an interactive shell on the local machine. +If there are arguments, the first is taken to be a command to execute +directly, with the rest of the arguments as its arguments. +.It Ic \&$ Ar macro-name Op Ar args +Execute the macro +.Ar macro-name +that was defined with the +.Ic macdef +command. +Arguments are passed to the macro unglobbed. +.It Ic account Op Ar passwd +Supply a supplemental password required by a remote system for access +to resources once a login has been successfully completed. +If no argument is included, the user will be prompted for an account +password in a non-echoing input mode. +.It Ic append Ar local-file Op Ar remote-file +Append a local file to a file on the remote machine. +If +.Ar remote-file +is left unspecified, the local file name is used in naming the +remote file after being altered by any +.Ic ntrans +or +.Ic nmap +setting. +File transfer uses the current settings for +.Ic type , +.Ic format , +.Ic mode , +and +.Ic structure . +.It Ic ascii +Set the file transfer +.Ic type +to network +.Tn ASCII . +This is the default type. +.It Ic bell +Arrange that a bell be sounded after each file transfer +command is completed. +.It Ic binary +Set the file transfer +.Ic type +to support binary image transfer. +.It Ic bye +Terminate the +.Tn FTP +session with the remote server +and exit +.Nm ftp . +An end of file will also terminate the session and exit. +.It Ic case +Toggle remote computer file name case mapping during +.Ic mget +commands. +When +.Ic case +is on (default is off), remote computer file names with all letters in +upper case are written in the local directory with the letters mapped +to lower case. +.It Ic \&cd Ar remote-directory +Change the working directory on the remote machine +to +.Ar remote-directory . +.It Ic cdup +Change the remote machine working directory to the parent of the +current remote machine working directory. +.It Ic chmod Ar mode file-name +Change the permission modes of the file +.Ar file-name +on the remote +sytem to +.Ar mode . +.It Ic close +Terminate the +.Tn FTP +session with the remote server, and +return to the command interpreter. +Any defined macros are erased. +.It Ic \&cr +Toggle carriage return stripping during +ascii type file retrieval. +Records are denoted by a carriage return/linefeed sequence +during ascii type file transfer. +When +.Ic \&cr +is on (the default), carriage returns are stripped from this +sequence to conform with the +.Ux +single linefeed record +delimiter. +Records on +.Pf non\- Ns Ux +remote systems may contain single linefeeds; +when an ascii type transfer is made, these linefeeds may be +distinguished from a record delimiter only when +.Ic \&cr +is off. +.It Ic delete Ar remote-file +Delete the file +.Ar remote-file +on the remote machine. +.It Ic debug Op Ar debug-value +Toggle debugging mode. +If an optional +.Ar debug-value +is specified it is used to set the debugging level. +When debugging is on, +.Nm ftp +prints each command sent to the remote machine, preceded +by the string +.Ql \-\-> +.It Xo +.Ic dir +.Op Ar remote-directory +.Op Ar local-file +.Xc +Print a listing of the directory contents in the +directory, +.Ar remote-directory , +and, optionally, placing the output in +.Ar local-file . +If interactive prompting is on, +.Nm ftp +will prompt the user to verify that the last argument is indeed the +target local file for receiving +.Ic dir +output. +If no directory is specified, the current working +directory on the remote machine is used. +If no local +file is specified, or +.Ar local-file +is +.Fl , +output comes to the terminal. +.It Ic disconnect +A synonym for +.Ar close . +.It Ic form Ar format +Set the file transfer +.Ic form +to +.Ar format . +The default format is \*(Lqfile\*(Rq. +.It Ic get Ar remote-file Op Ar local-file +Retrieve the +.Ar remote-file +and store it on the local machine. +If the local +file name is not specified, it is given the same +name it has on the remote machine, subject to +alteration by the current +.Ic case , +.Ic ntrans , +and +.Ic nmap +settings. +The current settings for +.Ic type , +.Ic form , +.Ic mode , +and +.Ic structure +are used while transferring the file. +.It Ic glob +Toggle filename expansion for +.Ic mdelete , +.Ic mget +and +.Ic mput . +If globbing is turned off with +.Ic glob , +the file name arguments +are taken literally and not expanded. +Globbing for +.Ic mput +is done as in +.Xr csh 1 . +For +.Ic mdelete +and +.Ic mget , +each remote file name is expanded +separately on the remote machine and the lists are not merged. +Expansion of a directory name is likely to be +different from expansion of the name of an ordinary file: +the exact result depends on the foreign operating system and ftp server, +and can be previewed by doing +.Ql mls remote-files \- . +As a security measure, remotely globbed files that starts with +.Sq / +or contains +.Sq ../ , +will not be automatically received. If you have interactive prompting +turned off, these filenames will be ignored. Note: +.Ic mget +and +.Ic mput +are not meant to transfer +entire directory subtrees of files. +That can be done by +transferring a +.Xr tar 1 +archive of the subtree (in binary mode). +.It Ic hash +Toggle hash-sign (``#'') printing for each data block +transferred. +The size of a data block is 1024 bytes. +.It Ic help Op Ar command +Print an informative message about the meaning of +.Ar command . +If no argument is given, +.Nm ftp +prints a list of the known commands. +.It Ic idle Op Ar seconds +Set the inactivity timer on the remote server to +.Ar seconds +seconds. +If +.Ar seconds +is omitted, the current inactivity timer is printed. +.It Ic lcd Op Ar directory +Change the working directory on the local machine. +If +no +.Ar directory +is specified, the user's home directory is used. +.It Xo +.Ic \&ls +.Op Ar remote-directory +.Op Ar local-file +.Xc +Print a listing of the contents of a +directory on the remote machine. +The listing includes any system-dependent information that the server +chooses to include; for example, most +.Ux +systems will produce +output from the command +.Ql ls \-l . +(See also +.Ic nlist . ) +If +.Ar remote-directory +is left unspecified, the current working directory is used. +If interactive prompting is on, +.Nm ftp +will prompt the user to verify that the last argument is indeed the +target local file for receiving +.Ic \&ls +output. +If no local file is specified, or if +.Ar local-file +is +.Sq Fl , +the output is sent to the terminal. +.It Ic macdef Ar macro-name +Define a macro. +Subsequent lines are stored as the macro +.Ar macro-name ; +a null line (consecutive newline characters +in a file or +carriage returns from the terminal) terminates macro input mode. +There is a limit of 16 macros and 4096 total characters in all +defined macros. +Macros remain defined until a +.Ic close +command is executed. +The macro processor interprets `$' and `\e' as special characters. +A `$' followed by a number (or numbers) is replaced by the +corresponding argument on the macro invocation command line. +A `$' followed by an `i' signals that macro processor that the +executing macro is to be looped. +On the first pass `$i' is +replaced by the first argument on the macro invocation command line, +on the second pass it is replaced by the second argument, and so on. +A `\e' followed by any character is replaced by that character. +Use the `\e' to prevent special treatment of the `$'. +.It Ic mdelete Op Ar remote-files +Delete the +.Ar remote-files +on the remote machine. +.It Ic mdir Ar remote-files local-file +Like +.Ic dir , +except multiple remote files may be specified. +If interactive prompting is on, +.Nm ftp +will prompt the user to verify that the last argument is indeed the +target local file for receiving +.Ic mdir +output. +.It Ic mget Ar remote-files +Expand the +.Ar remote-files +on the remote machine +and do a +.Ic get +for each file name thus produced. +See +.Ic glob +for details on the filename expansion. +Resulting file names will then be processed according to +.Ic case , +.Ic ntrans , +and +.Ic nmap +settings. +Files are transferred into the local working directory, +which can be changed with +.Ql lcd directory ; +new local directories can be created with +.Ql "\&! mkdir directory" . +.It Ic mkdir Ar directory-name +Make a directory on the remote machine. +.It Ic mls Ar remote-files local-file +Like +.Ic nlist , +except multiple remote files may be specified, +and the +.Ar local-file +must be specified. +If interactive prompting is on, +.Nm ftp +will prompt the user to verify that the last argument is indeed the +target local file for receiving +.Ic mls +output. +.It Ic mode Op Ar mode-name +Set the file transfer +.Ic mode +to +.Ar mode-name . +The default mode is \*(Lqstream\*(Rq mode. +.It Ic modtime Ar file-name +Show the last modification time of the file on the remote machine. +.It Ic mput Ar local-files +Expand wild cards in the list of local files given as arguments +and do a +.Ic put +for each file in the resulting list. +See +.Ic glob +for details of filename expansion. +Resulting file names will then be processed according to +.Ic ntrans +and +.Ic nmap +settings. +.It Ic newer Ar file-name +Get the file only if the modification time of the remote file is more +recent that the file on the current system. +If the file does not +exist on the current system, the remote file is considered +.Ic newer . +Otherwise, this command is identical to +.Ar get . +.It Xo +.Ic nlist +.Op Ar remote-directory +.Op Ar local-file +.Xc +Print a list of the files in a +directory on the remote machine. +If +.Ar remote-directory +is left unspecified, the current working directory is used. +If interactive prompting is on, +.Nm ftp +will prompt the user to verify that the last argument is indeed the +target local file for receiving +.Ic nlist +output. +If no local file is specified, or if +.Ar local-file +is +.Fl , +the output is sent to the terminal. +.It Ic nmap Op Ar inpattern outpattern +Set or unset the filename mapping mechanism. +If no arguments are specified, the filename mapping mechanism is unset. +If arguments are specified, remote filenames are mapped during +.Ic mput +commands and +.Ic put +commands issued without a specified remote target filename. +If arguments are specified, local filenames are mapped during +.Ic mget +commands and +.Ic get +commands issued without a specified local target filename. +This command is useful when connecting to a +.No non\- Ns Ux +remote computer +with different file naming conventions or practices. +The mapping follows the pattern set by +.Ar inpattern +and +.Ar outpattern . +.Op Ar Inpattern +is a template for incoming filenames (which may have already been +processed according to the +.Ic ntrans +and +.Ic case +settings). +Variable templating is accomplished by including the +sequences `$1', `$2', ..., `$9' in +.Ar inpattern . +Use `\\' to prevent this special treatment of the `$' character. +All other characters are treated literally, and are used to determine the +.Ic nmap +.Op Ar inpattern +variable values. +For example, given +.Ar inpattern +$1.$2 and the remote file name "mydata.data", $1 would have the value +"mydata", and $2 would have the value "data". +The +.Ar outpattern +determines the resulting mapped filename. +The sequences `$1', `$2', ...., `$9' are replaced by any value resulting +from the +.Ar inpattern +template. +The sequence `$0' is replace by the original filename. +Additionally, the sequence +.Ql Op Ar seq1 , Ar seq2 +is replaced by +.Op Ar seq1 +if +.Ar seq1 +is not a null string; otherwise it is replaced by +.Ar seq2 . +For example, the command +.Pp +.Bd -literal -offset indent -compact +nmap $1.$2.$3 [$1,$2].[$2,file] +.Ed +.Pp +would yield +the output filename "myfile.data" for input filenames "myfile.data" and +"myfile.data.old", "myfile.file" for the input filename "myfile", and +"myfile.myfile" for the input filename ".myfile". +Spaces may be included in +.Ar outpattern , +as in the example: `nmap $1 sed "s/ *$//" > $1' . +Use the `\e' character to prevent special treatment +of the `$','[','[', and `,' characters. +.It Ic ntrans Op Ar inchars Op Ar outchars +Set or unset the filename character translation mechanism. +If no arguments are specified, the filename character +translation mechanism is unset. +If arguments are specified, characters in +remote filenames are translated during +.Ic mput +commands and +.Ic put +commands issued without a specified remote target filename. +If arguments are specified, characters in +local filenames are translated during +.Ic mget +commands and +.Ic get +commands issued without a specified local target filename. +This command is useful when connecting to a +.No non\- Ns Ux +remote computer +with different file naming conventions or practices. +Characters in a filename matching a character in +.Ar inchars +are replaced with the corresponding character in +.Ar outchars . +If the character's position in +.Ar inchars +is longer than the length of +.Ar outchars , +the character is deleted from the file name. +.It Ic open Ar host Op Ar port +Establish a connection to the specified +.Ar host +.Tn FTP +server. +An optional port number may be supplied, +in which case, +.Nm ftp +will attempt to contact an +.Tn FTP +server at that port. +If the +.Ic auto-login +option is on (default), +.Nm ftp +will also attempt to automatically log the user in to +the +.Tn FTP +server (see below). +.It Ic passive +Toggle passive mode. If passive mode is turned on +(default is off), the ftp client will +send a +.Dv PASV +command for all data connections instead of the usual +.Dv PORT +command. The +.Dv PASV +command requests that the remote server open a port for the data connection +and return the address of that port. The remote server listens on that +port and the client connects to it. When using the more traditional +.Dv PORT +command, the client listens on a port and sends that address to the remote +server, who connects back to it. Passive mode is useful when using +.Nm ftp +through a gateway router or host that controls the directionality of +traffic. +(Note that though ftp servers are required to support the +.Dv PASV +command by RFC 1123, some do not.) +.It Ic prompt +Toggle interactive prompting. +Interactive prompting +occurs during multiple file transfers to allow the +user to selectively retrieve or store files. +If prompting is turned off (default is on), any +.Ic mget +or +.Ic mput +will transfer all files, and any +.Ic mdelete +will delete all files. +.It Ic proxy Ar ftp-command +Execute an ftp command on a secondary control connection. +This command allows simultaneous connection to two remote ftp +servers for transferring files between the two servers. +The first +.Ic proxy +command should be an +.Ic open , +to establish the secondary control connection. +Enter the command "proxy ?" to see other ftp commands executable on the +secondary connection. +The following commands behave differently when prefaced by +.Ic proxy : +.Ic open +will not define new macros during the auto-login process, +.Ic close +will not erase existing macro definitions, +.Ic get +and +.Ic mget +transfer files from the host on the primary control connection +to the host on the secondary control connection, and +.Ic put , +.Ic mput , +and +.Ic append +transfer files from the host on the secondary control connection +to the host on the primary control connection. +Third party file transfers depend upon support of the ftp protocol +.Dv PASV +command by the server on the secondary control connection. +.It Ic put Ar local-file Op Ar remote-file +Store a local file on the remote machine. +If +.Ar remote-file +is left unspecified, the local file name is used +after processing according to any +.Ic ntrans +or +.Ic nmap +settings +in naming the remote file. +File transfer uses the +current settings for +.Ic type , +.Ic format , +.Ic mode , +and +.Ic structure . +.It Ic pwd +Print the name of the current working directory on the remote +machine. +.It Ic quit +A synonym for +.Ic bye . +.It Ic quote Ar arg1 arg2 ... +The arguments specified are sent, verbatim, to the remote +.Tn FTP +server. +.It Ic recv Ar remote-file Op Ar local-file +A synonym for get. +.It Ic reget Ar remote-file Op Ar local-file +Reget acts like get, except that if +.Ar local-file +exists and is +smaller than +.Ar remote-file , +.Ar local-file +is presumed to be +a partially transferred copy of +.Ar remote-file +and the transfer +is continued from the apparent point of failure. +This command +is useful when transferring very large files over networks that +are prone to dropping connections. +.It Ic remotehelp Op Ar command-name +Request help from the remote +.Tn FTP +server. +If a +.Ar command-name +is specified it is supplied to the server as well. +.It Ic remotestatus Op Ar file-name +With no arguments, show status of remote machine. +If +.Ar file-name +is specified, show status of +.Ar file-name +on remote machine. +.It Xo +.Ic rename +.Op Ar from +.Op Ar to +.Xc +Rename the file +.Ar from +on the remote machine, to the file +.Ar to . +.It Ic reset +Clear reply queue. +This command re-synchronizes command/reply sequencing with the remote +ftp server. +Resynchronization may be necessary following a violation of the ftp protocol +by the remote server. +.It Ic restart Ar marker +Restart the immediately following +.Ic get +or +.Ic put +at the +indicated +.Ar marker . +On +.Ux +systems, marker is usually a byte +offset into the file. +.It Ic rmdir Ar directory-name +Delete a directory on the remote machine. +.It Ic runique +Toggle storing of files on the local system with unique filenames. +If a file already exists with a name equal to the target +local filename for a +.Ic get +or +.Ic mget +command, a ".1" is appended to the name. +If the resulting name matches another existing file, +a ".2" is appended to the original name. +If this process continues up to ".99", an error +message is printed, and the transfer does not take place. +The generated unique filename will be reported. +Note that +.Ic runique +will not affect local files generated from a shell command +(see below). +The default value is off. +.It Ic send Ar local-file Op Ar remote-file +A synonym for put. +.It Ic sendport +Toggle the use of +.Dv PORT +commands. +By default, +.Nm ftp +will attempt to use a +.Dv PORT +command when establishing +a connection for each data transfer. +The use of +.Dv PORT +commands can prevent delays +when performing multiple file transfers. +If the +.Dv PORT +command fails, +.Nm ftp +will use the default data port. +When the use of +.Dv PORT +commands is disabled, no attempt will be made to use +.Dv PORT +commands for each data transfer. +This is useful +for certain +.Tn FTP +implementations which do ignore +.Dv PORT +commands but, incorrectly, indicate they've been accepted. +.It Ic site Ar arg1 arg2 ... +The arguments specified are sent, verbatim, to the remote +.Tn FTP +server as a +.Dv SITE +command. +.It Ic size Ar file-name +Return size of +.Ar file-name +on remote machine. +.It Ic status +Show the current status of +.Nm ftp . +.It Ic struct Op Ar struct-name +Set the file transfer +.Ar structure +to +.Ar struct-name . +By default \*(Lqstream\*(Rq structure is used. +.It Ic sunique +Toggle storing of files on remote machine under unique file names. +Remote ftp server must support ftp protocol +.Dv STOU +command for +successful completion. +The remote server will report unique name. +Default value is off. +.It Ic system +Show the type of operating system running on the remote machine. +.It Ic tenex +Set the file transfer type to that needed to +talk to +.Tn TENEX +machines. +.It Ic trace +Toggle packet tracing. +.It Ic type Op Ar type-name +Set the file transfer +.Ic type +to +.Ar type-name . +If no type is specified, the current type +is printed. +The default type is network +.Tn ASCII . +.It Ic umask Op Ar newmask +Set the default umask on the remote server to +.Ar newmask . +If +.Ar newmask +is omitted, the current umask is printed. +.It Xo +.Ic user Ar user-name +.Op Ar password +.Op Ar account +.Xc +Identify yourself to the remote +.Tn FTP +server. +If the +.Ar password +is not specified and the server requires it, +.Nm ftp +will prompt the user for it (after disabling local echo). +If an +.Ar account +field is not specified, and the +.Tn FTP +server +requires it, the user will be prompted for it. +If an +.Ar account +field is specified, an account command will +be relayed to the remote server after the login sequence +is completed if the remote server did not require it +for logging in. +Unless +.Nm ftp +is invoked with \*(Lqauto-login\*(Rq disabled, this +process is done automatically on initial connection to +the +.Tn FTP +server. +.It Ic verbose +Toggle verbose mode. +In verbose mode, all responses from +the +.Tn FTP +server are displayed to the user. +In addition, +if verbose is on, when a file transfer completes, statistics +regarding the efficiency of the transfer are reported. +By default, +verbose is on. +.It Ic \&? Op Ar command +A synonym for help. +.El +.Pp +The following command can be used with ftpsec-aware servers. +.Bl -tag -width Fl +.It Xo +.Ic prot +.Ar clear | +.Ar safe | +.Ar confidential | +.Ar private +.Xc +Set the data protection level to the requested level. +.El +.Pp +The following command can be used with ftp servers that has +implemented the KAUTH site command. +.Bl -tag -width Fl +.It Ic kauth Op Ar principal +Obtain remote tickets. +.El +.Pp +Command arguments which have embedded spaces may be quoted with +quote `"' marks. +.Sh ABORTING A FILE TRANSFER +To abort a file transfer, use the terminal interrupt key +(usually Ctrl-C). +Sending transfers will be immediately halted. +Receiving transfers will be halted by sending a ftp protocol +.Dv ABOR +command to the remote server, and discarding any further data received. +The speed at which this is accomplished depends upon the remote +server's support for +.Dv ABOR +processing. +If the remote server does not support the +.Dv ABOR +command, an +.Ql ftp> +prompt will not appear until the remote server has completed +sending the requested file. +.Pp +The terminal interrupt key sequence will be ignored when +.Nm ftp +has completed any local processing and is awaiting a reply +from the remote server. +A long delay in this mode may result from the ABOR processing described +above, or from unexpected behavior by the remote server, including +violations of the ftp protocol. +If the delay results from unexpected remote server behavior, the local +.Nm ftp +program must be killed by hand. +.Sh FILE NAMING CONVENTIONS +Files specified as arguments to +.Nm ftp +commands are processed according to the following rules. +.Bl -enum +.It +If the file name +.Sq Fl +is specified, the +.Ar stdin +(for reading) or +.Ar stdout +(for writing) is used. +.It +If the first character of the file name is +.Sq \&| , +the +remainder of the argument is interpreted as a shell command. +.Nm Ftp +then forks a shell, using +.Xr popen 3 +with the argument supplied, and reads (writes) from the stdout +(stdin). +If the shell command includes spaces, the argument +must be quoted; e.g. +\*(Lq" ls -lt"\*(Rq. +A particularly +useful example of this mechanism is: \*(Lqdir more\*(Rq. +.It +Failing the above checks, if ``globbing'' is enabled, +local file names are expanded +according to the rules used in the +.Xr csh 1 ; +c.f. the +.Ic glob +command. +If the +.Nm ftp +command expects a single local file (.e.g. +.Ic put ) , +only the first filename generated by the "globbing" operation is used. +.It +For +.Ic mget +commands and +.Ic get +commands with unspecified local file names, the local filename is +the remote filename, which may be altered by a +.Ic case , +.Ic ntrans , +or +.Ic nmap +setting. +The resulting filename may then be altered if +.Ic runique +is on. +.It +For +.Ic mput +commands and +.Ic put +commands with unspecified remote file names, the remote filename is +the local filename, which may be altered by a +.Ic ntrans +or +.Ic nmap +setting. +The resulting filename may then be altered by the remote server if +.Ic sunique +is on. +.El +.Sh FILE TRANSFER PARAMETERS +The FTP specification specifies many parameters which may +affect a file transfer. +The +.Ic type +may be one of \*(Lqascii\*(Rq, \*(Lqimage\*(Rq (binary), +\*(Lqebcdic\*(Rq, and \*(Lqlocal byte size\*(Rq (for +.Tn PDP Ns -10's +and +.Tn PDP Ns -20's +mostly). +.Nm Ftp +supports the ascii and image types of file transfer, +plus local byte size 8 for +.Ic tenex +mode transfers. +.Pp +.Nm Ftp +supports only the default values for the remaining +file transfer parameters: +.Ic mode , +.Ic form , +and +.Ic struct . +.Sh THE .netrc FILE +The +.Pa .netrc +file contains login and initialization information +used by the auto-login process. +It resides in the user's home directory. +The following tokens are recognized; they may be separated by spaces, +tabs, or new-lines: +.Bl -tag -width password +.It Ic machine Ar name +Identify a remote machine +.Ar name . +The auto-login process searches the +.Pa .netrc +file for a +.Ic machine +token that matches the remote machine specified on the +.Nm ftp +command line or as an +.Ic open +command argument. +Once a match is made, the subsequent +.Pa .netrc +tokens are processed, +stopping when the end of file is reached or another +.Ic machine +or a +.Ic default +token is encountered. +.It Ic default +This is the same as +.Ic machine +.Ar name +except that +.Ic default +matches any name. +There can be only one +.Ic default +token, and it must be after all +.Ic machine +tokens. +This is normally used as: +.Pp +.Dl default login anonymous password user@site +.Pp +thereby giving the user +.Ar automatic +anonymous ftp login to +machines not specified in +.Pa .netrc . +This can be overridden +by using the +.Fl n +flag to disable auto-login. +.It Ic login Ar name +Identify a user on the remote machine. +If this token is present, the auto-login process will initiate +a login using the specified +.Ar name . +.It Ic password Ar string +Supply a password. +If this token is present, the auto-login process will supply the +specified string if the remote server requires a password as part +of the login process. +Note that if this token is present in the +.Pa .netrc +file for any user other +than +.Ar anonymous , +.Nm ftp +will abort the auto-login process if the +.Pa .netrc +is readable by +anyone besides the user. +.It Ic account Ar string +Supply an additional account password. +If this token is present, the auto-login process will supply the +specified string if the remote server requires an additional +account password, or the auto-login process will initiate an +.Dv ACCT +command if it does not. +.It Ic macdef Ar name +Define a macro. +This token functions like the +.Nm ftp +.Ic macdef +command functions. +A macro is defined with the specified name; its contents begin with the +next +.Pa .netrc +line and continue until a null line (consecutive new-line +characters) is encountered. +If a macro named +.Ic init +is defined, it is automatically executed as the last step in the +auto-login process. +.El +.Sh ENVIRONMENT +.Nm Ftp +utilizes the following environment variables. +.Bl -tag -width Fl +.It Ev HOME +For default location of a +.Pa .netrc +file, if one exists. +.It Ev SHELL +For default shell. +.El +.Sh SEE ALSO +.Xr ftpd 8 +.Rs +.%T RFC2228 +.Re +.Sh HISTORY +The +.Nm ftp +command appeared in +.Bx 4.2 . +.Sh BUGS +Correct execution of many commands depends upon proper behavior +by the remote server. +.Pp +An error in the treatment of carriage returns +in the +.Bx 4.2 +ascii-mode transfer code +has been corrected. +This correction may result in incorrect transfers of binary files +to and from +.Bx 4.2 +servers using the ascii type. +Avoid this problem by using the binary image type. diff --git a/kerberosIV/src/appl/ftp/ftpd/ftpd.8 b/kerberosIV/src/appl/ftp/ftpd/ftpd.8 new file mode 100644 index 00000000000..22152be6cf5 --- /dev/null +++ b/kerberosIV/src/appl/ftp/ftpd/ftpd.8 @@ -0,0 +1,492 @@ +.\" $NetBSD: ftpd.8,v 1.7 1995/04/11 02:44:53 cgd Exp $ +.\" +.\" Copyright (c) 1985, 1988, 1991, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)ftpd.8 8.2 (Berkeley) 4/19/94 +.\" +.Dd April 19, 1997 +.Dt FTPD 8 +.Os BSD 4.2 +.Sh NAME +.Nm ftpd +.Nd Internet File Transfer Protocol server +.Sh SYNOPSIS +.Nm +.Op Fl a Ar authmode +.Op Fl dilvU +.Op Fl g Ar umask +.Op Fl p Ar port +.Op Fl T Ar maxtimeout +.Op Fl t Ar timeout +.Op Fl u Ar default umask +.Op Fl B | Fl -builtin-ls +.Op Fl -good-chars= Ns Ar string +.Sh DESCRIPTION +.Nm Ftpd +is the +Internet File Transfer Protocol +server process. The server uses the +.Tn TCP +protocol +and listens at the port specified in the +.Dq ftp +service specification; see +.Xr services 5 . +.Pp +Available options: +.Bl -tag -width Ds +.It Fl a +Select the level of authentication required. Kerberised login can not +be turned off. The default is to only allow kerberised login. Other +possibilities can be turned on by giving a string of comma separated +flags as argument to +.Fl a . +Recognised flags are: +.Bl -tag -width plain +.It Ar plain +Allow logging in with plaintext password. The password can be a(n) OTP +or an ordinary password. +.It Ar otp +Same as +.Ar plain , +but only OTP is allowed. +.It Ar ftp +Allow anonymous login. +.El +.Pp +The following combination modes exists for backwards compatibility: +.Bl -tag -width plain +.It Ar none +Same as +.Ar plain,ftp . +.It Ar safe +Same as +.Ar ftp . +.It Ar user +Ignored. +.El +.It Fl d +Debugging information is written to the syslog using LOG_FTP. +.It Fl g +Anonymous users will get a umask of +.Ar umask . +.It Fl i +Open a socket and wait for a connection. This is mainly used for +debugging when ftpd isn't started by inetd. +.It Fl l +Each successful and failed +.Xr ftp 1 +session is logged using syslog with a facility of LOG_FTP. +If this option is specified twice, the retrieve (get), store (put), append, +delete, make directory, remove directory and rename operations and +their filename arguments are also logged. +.It Fl p +Use +.Ar port +(a service name or number) instead of the default +.Ar ftp/tcp . +.It Fl T +A client may also request a different timeout period; +the maximum period allowed may be set to +.Ar timeout +seconds with the +.Fl T +option. +The default limit is 2 hours. +.It Fl t +The inactivity timeout period is set to +.Ar timeout +seconds (the default is 15 minutes). +.It Fl u +Set the initial umask to something else than the default 027. +.It Fl U +In previous versions of +.Nm ftpd , +when a passive mode client requested a data connection to the server, the +server would use data ports in the range 1024..4999. Now, by default, +if the system supports the IP_PORTRANGE socket option, the server will +use data ports in the range 49152..65535. Specifying this option will +revert to the old behavior. +.It Fl v +Verbose mode. +.It Xo +.Fl B Ns , +.Fl -builtin-ls +.Xc +use built-in ls to list files +.It Xo +.Fl -good-chars= Ns Ar string +.Xc +allowed anonymous upload filename chars +.El +.Pp +The file +.Pa /etc/nologin +can be used to disable ftp access. +If the file exists, +.Nm +displays it and exits. +If the file +.Pa /etc/ftpwelcome +exists, +.Nm +prints it before issuing the +.Dq ready +message. +If the file +.Pa /etc/motd +exists, +.Nm +prints it after a successful login. +.Pp +The ftp server currently supports the following ftp requests. +The case of the requests is ignored. +.Bl -column "Request" -offset indent +.It Request Ta "Description" +.It ABOR Ta "abort previous command" +.It ACCT Ta "specify account (ignored)" +.It ALLO Ta "allocate storage (vacuously)" +.It APPE Ta "append to a file" +.It CDUP Ta "change to parent of current working directory" +.It CWD Ta "change working directory" +.It DELE Ta "delete a file" +.It HELP Ta "give help information" +.It LIST Ta "give list files in a directory" Pq Dq Li "ls -lgA" +.It MKD Ta "make a directory" +.It MDTM Ta "show last modification time of file" +.It MODE Ta "specify data transfer" Em mode +.It NLST Ta "give name list of files in directory" +.It NOOP Ta "do nothing" +.It PASS Ta "specify password" +.It PASV Ta "prepare for server-to-server transfer" +.It PORT Ta "specify data connection port" +.It PWD Ta "print the current working directory" +.It QUIT Ta "terminate session" +.It REST Ta "restart incomplete transfer" +.It RETR Ta "retrieve a file" +.It RMD Ta "remove a directory" +.It RNFR Ta "specify rename-from file name" +.It RNTO Ta "specify rename-to file name" +.It SITE Ta "non-standard commands (see next section)" +.It SIZE Ta "return size of file" +.It STAT Ta "return status of server" +.It STOR Ta "store a file" +.It STOU Ta "store a file with a unique name" +.It STRU Ta "specify data transfer" Em structure +.It SYST Ta "show operating system type of server system" +.It TYPE Ta "specify data transfer" Em type +.It USER Ta "specify user name" +.It XCUP Ta "change to parent of current working directory (deprecated)" +.It XCWD Ta "change working directory (deprecated)" +.It XMKD Ta "make a directory (deprecated)" +.It XPWD Ta "print the current working directory (deprecated)" +.It XRMD Ta "remove a directory (deprecated)" +.El +.Pp +The following commands are specified by RFC2228. +.Bl -column Request -offset indent +.It AUTH Ta "authentication/security mechanism" +.It ADAT Ta "authentication/security data" +.It PROT Ta "data channel protection level" +.It PBSZ Ta "protection buffer size" +.It MIC Ta "integrity protected command" +.It CONF Ta "confidentiality protected command" +.It ENC Ta "privacy protected command" +.It CCC Ta "clear command channel" +.El +.Pp +The following non-standard or +.Tn UNIX +specific commands are supported +by the +SITE request. +.Pp +.Bl -column Request -offset indent +.It UMASK Ta change umask, (e.g. +.Ic "SITE UMASK 002" ) +.It IDLE Ta set idle-timer, (e.g. +.Ic "SITE IDLE 60" ) +.It CHMOD Ta change mode of a file (e.g. +.Ic "SITE CHMOD 755 filename" ) +.It FIND Ta quickly find a specific file with GNU +.Xr locate 1 . +.It HELP Ta give help information. +.El +.Pp +The following Kerberos related site commands are understood. +.Bl -column Request -offset indent +.It KAUTH Ta obtain remote tickets. +.It KLIST Ta show remote tickets +.El +.Pp +The remaining ftp requests specified in Internet RFC 959 +are +recognized, but not implemented. +MDTM and SIZE are not specified in RFC 959, but will appear in the +next updated FTP RFC. +.Pp +The ftp server will abort an active file transfer only when the +ABOR +command is preceded by a Telnet "Interrupt Process" (IP) +signal and a Telnet "Synch" signal in the command Telnet stream, +as described in Internet RFC 959. +If a +STAT +command is received during a data transfer, preceded by a Telnet IP +and Synch, transfer status will be returned. +.Pp +.Nm Ftpd +interprets file names according to the +.Dq globbing +conventions used by +.Xr csh 1 . +This allows users to utilize the metacharacters +.Dq Li \&*?[]{}~ . +.Pp +.Nm Ftpd +authenticates users according to these rules. +.Pp +.Bl -enum -offset indent +.It +If Kerberos authentication is used, the user must pass valid tickets +and the principal must be allowed to login as the remote user. +.It +The login name must be in the password data base, and not have a null +password (if kerberos is used the password field is not checked). In +this case a password must be provided by the client before any file +operations may be performed. If the user has an OTP key, the response +from a successful USER command will include an OTP challenge. The +client may choose to respond with a PASS command giving either a +standard password or an OTP one-time password. The server will +automatically determine which type of password it has been given and +attempt to authenticate accordingly. See +.Xr otp 1 +for more information on OTP authentication. +.It +The login name must not appear in the file +.Pa /etc/ftpusers . +.It +The user must have a standard shell returned by +.Xr getusershell 3 . +.It +If the user name appears in the file +.Pa /etc/ftpchroot +the session's root will be changed to the user's login directory by +.Xr chroot 2 +as for an +.Dq anonymous +or +.Dq ftp +account (see next item). However, the user must still supply a password. +This feature is intended as a compromise between a fully anonymous account +and a fully privileged account. The account should also be set up as for an +anonymous account. +.It +If the user name is +.Dq anonymous +or +.Dq ftp , +an +anonymous ftp account must be present in the password +file (user +.Dq ftp ) . +In this case the user is allowed +to log in by specifying any password (by convention an email address for +the user should be used as the password). +.El +.Pp +In the last case, +.Nm ftpd +takes special measures to restrict the client's access privileges. +The server performs a +.Xr chroot 2 +to the home directory of the +.Dq ftp +user. +In order that system security is not breached, it is recommended +that the +.Dq ftp +subtree be constructed with care, consider following these guidelines +for anonymous ftp. +.Pp +In general all files should be owned by +.Dq root , +and have non-write permissions (644 or 755 depending on the kind of +file). No files should be owned or writable by +.Dq ftp +(possibly with exception for the +.Pa ~ftp/incoming , +as specified below). +.Bl -tag -width "~ftp/pub" -offset indent +.It Pa ~ftp +The +.Dq ftp +homedirectory should be owned by root. +.It Pa ~ftp/bin +The directory for external programs (such as +.Xr ls 1 ) . +These programs must either be statically linked, or you must setup an +environment for dynamic linking when running chrooted. +These programs will be used if present: +.Bl -tag -width "locate" -offset indent +.It ls +Used when listing files. +.It compress +When retrieving a filename that ends in +.Pa .Z , +and that file isn't present, +.Nm +will try to find the filename without +.Pa .Z +and compress it on the fly. +.It gzip +Same as compress, just with files ending in +.Pa .gz . +.It gtar +Enables retrieval of whole directories as files ending in +.Pa .tar . +Can also be combined with compression. You must use GNU Tar (or some +other that supports the +.Fl z +and +.Fl Z +flags). +.It locate +Will enable ``fast find'' with the +.Ic SITE FIND +command. You must also create a +.Pa locatedb +file in +.Pa ~ftp/etc . +.El +.It Pa ~ftp/etc +If you put copies of the +.Xr passwd 5 +and +.Xr group 5 +files here, ls will be able to produce owner names rather than +numbers. Remember to remove any passwords from these files. +.Pp +The file +.Pa motd , +if present, will be printed after a successful login. +.It Pa ~ftp/dev +Put a copy of +.Xr /dev/null 7 +here. +.It Pa ~ftp/pub +Traditional place to put whatever you want to make public. +.El +.Pp +If you want guests to be able to upload files, create a +.Pa ~ftp/incoming +directory owned by +.Dq root , +and group +.Dq ftp +with mode 730 (make sure +.Dq ftp +is member of group +.Dq ftp ) . +The following restrictions apply to anonymous users: +.Bl -bullet +.It +Directories created will have mode 700. +.It +Uploaded files will be created with an umask of 777, if not changed +with the +.Fl g +option. +.It +These command are not accessible: +.Ic DELE , RMD , RNTO , RNFR , +.Ic SITE UMASK , +and +.Ic SITE CHMOD . +.It +Filenames must start with an alpha-numeric character, and consist of +alpha-numeric characters or any of the following: +.Li \&+ +(plus), +.Li \&- +(minus), +.Li \&= +(equal), +.Li \&_ +(underscore), +.Li \&. +(period), and +.Li \&, +(comma). +.El +.Sh FILES +.Bl -tag -width /etc/ftpwelcome -compact +.It Pa /etc/ftpusers +Access list for users. +.It Pa /etc/ftpchroot +List of normal users who should be chroot'd. +.It Pa /etc/ftpwelcome +Welcome notice. +.It Pa /etc/motd +Welcome notice after login. +.It Pa /etc/nologin +Displayed and access refused. +.It Pa ~/.klogin +Login access for Kerberos. +.El +.Sh SEE ALSO +.Xr ftp 1 , +.Xr otp 1 , +.Xr getusershell 3 , +.Xr ftpusers 5 , +.Xr syslogd 8 +.Sh STANDARDS +.Bl -tag -compact -width "RFC 1938" +.It Cm RFC 959 +FTP PROTOCOL SPECIFICATION +.It Cm RFC 1938 +OTP Specification +.It Cm RFC 2228 +FTP Security Extensions. +.El +.Sh BUGS +The server must run as the super-user +to create sockets with privileged port numbers. It maintains +an effective user id of the logged in user, reverting to +the super-user only when binding addresses to sockets. The +possible security holes have been extensively +scrutinized, but are possibly incomplete. +.Sh HISTORY +The +.Nm +command appeared in +.Bx 4.2 . diff --git a/kerberosIV/src/appl/ftp/ftpd/ftpusers.5 b/kerberosIV/src/appl/ftp/ftpd/ftpusers.5 new file mode 100644 index 00000000000..03de2aeff28 --- /dev/null +++ b/kerberosIV/src/appl/ftp/ftpd/ftpusers.5 @@ -0,0 +1,37 @@ +.\" $KTH: ftpusers.5,v 1.4 2001/05/02 08:59:20 assar Exp $ +.\" +.Dd May 7, 1997 +.Dt FTPUSERS 5 +.Os KTH-KRB +.Sh NAME +.Pa /etc/ftpusers +.Nd FTP access list file +.Sh DESCRIPTION +.Pa /etc/ftpusers +contains a list of users that should be allowed or denied FTP +access. Each line contains a user, optionally followed by +.Dq allow +(anything but +.Dq allow +is ignored). The semi-user +.Dq * +matches any user. Users that has an explicit +.Dq allow , +or that does not match any line, are allowed access. Anyone else is +denied access. +.Pp +Note that this is compatible with the old format, where this file +contained a list of users that should be denied access. +.Sh EXAMPLES +This will deny anyone but +.Dq foo +and +.Dq bar +to use FTP: +.Bd -literal +foo allow +bar allow +* +.Ed +.Sh SEE ALSO +.Xr ftpd 8 diff --git a/kerberosIV/src/appl/kauth/kauth.1 b/kerberosIV/src/appl/kauth/kauth.1 new file mode 100644 index 00000000000..90f5cd68eab --- /dev/null +++ b/kerberosIV/src/appl/kauth/kauth.1 @@ -0,0 +1,67 @@ +.\" $KTH: kauth.1,v 1.2.2.1 2002/02/06 03:32:53 assar Exp $ +.\" +.Dd Febbruary 8, 1998 +.Dt KAUTH 1 +.Os KTH-KRB +.Sh NAME +.Nm kauth +.Nd +overworked Kerberos login program +.Sh SYNOPSIS +.Nm +.Op Fl n Ar name +.Op Fl r Ar remote user +.Op Fl t Pa remote ticket file +.Op Fl h Ar hosts... +.Op Fl l Ar lifetime +.Op Fl f Pa srvtab +.Op Fl c Ar cell +.Op Ar command ... +.Sh DESCRIPTION +The +.Nm +command obtains ticket granting tickets as well as AFS ticket and +tokens. It also does a whole lot of other stuff. +.Pp +The following flags are supported: +.Bl -tag -width xxxx +.It Fl n +Principal to get tickets for. If no other arguments are present this +can be given without the +.Fl n +flag. +.It Fl h +Remote hosts to obtain tickets for. This works similar to the MIT +Athena Kerberos 4 patchlevel 10 command +.Xr rkinit 1 , +however not in a compatible way. It requires that the remote host runs +the +.Xr kauthd 8 , +server. The +.Fl r +and +.Fl t +flags are useful only with this option. +.It Fl r +User on the remote host that should own the ticket file. +.It Fl t +Ticket file on remote host. +.It Fl l +Lifetime of tickets in minutes. A value of -1 is used for maximum +ticket lifetime. +.It Fl f +Srvtab to get service keys from. Default is +.Pa /etc/srvtab . +This is mainly used with batch services that need to run +authenticated. If any command is given, it will be executed in an +authenticated fashion and when the program exits the tickets are +destroyed. For long running jobs the tickets will be renewed. +.It Fl c +AFS cell to get tokens for, default is your local cell. +.El +.Sh SEE ALSO +.Xr kinit 1 , +.Xr kafs 3 , +.Xr kauthd 8 +.Sh BUGS +There is no help-switch. diff --git a/kerberosIV/src/appl/kauth/kauthd.8 b/kerberosIV/src/appl/kauth/kauthd.8 new file mode 100644 index 00000000000..64bbf2691ca --- /dev/null +++ b/kerberosIV/src/appl/kauth/kauthd.8 @@ -0,0 +1,26 @@ +.\" $KTH: kauthd.8,v 1.2 2001/05/06 21:31:27 assar Exp $ +.\" +.Dd September 27, 1996 +.Dt KAUTHD 8 +.Os KTH-KRB +.Sh NAME +.Nm kauthd +.Nd remote Kerberos login daemon +.Sh SYNOPSIS +.Nm +.Sh DESCRIPTION +Daemon for the +.Xr kauth 1 +command. +.Pp +Options supported by +.Nm kauthd : +.Bl -tag -width Ds +.It Fl i +Interactive. Do not expect to be started by +.Nm inetd , +but allocate and listen to the socket yourself. Handy for testing +and debugging. +.El +.Sh SEE ALSO +.Xr kauth 1 diff --git a/kerberosIV/src/appl/kauth/ksrvtgt.1 b/kerberosIV/src/appl/kauth/ksrvtgt.1 new file mode 100644 index 00000000000..64da267dd28 --- /dev/null +++ b/kerberosIV/src/appl/kauth/ksrvtgt.1 @@ -0,0 +1,50 @@ +.\" $KTH: ksrvtgt.1,v 1.1 2000/11/08 17:34:10 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KSRVTGT 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +ksrvtgt \- fetch and store Kerberos ticket-granting-ticket using a +service key +.SH SYNOPSIS +.B ksrvtgt +name instance [[realm] srvtab] +.SH DESCRIPTION +.I ksrvtgt +retrieves a ticket-granting ticket with a lifetime of five (5) minutes +for the principal +.I name.instance@realm +(or +.I name.instance@localrealm +if +.I realm +is not supplied on the command line), decrypts the response using +the service key found in +.I srvtab +(or in +.B /etc/srvtab +if +.I srvtab +is not specified on the command line), and stores the ticket in the +standard ticket cache. +.PP +This command is intended primarily for use in shell scripts and other +batch-type facilities. +.SH DIAGNOSTICS +"Generic kerberos failure (kfailure)" can indicate a whole range of +problems, the most common of which is the inability to read the service +key file. +.SH FILES +.TP 2i +/etc/krb.conf +to get the name of the local realm. +.TP +/tmp/tkt[uid] +The default ticket file. +.TP +/etc/srvtab +The default service key file. +.SH SEE ALSO +kerberos(1), kinit(1), kdestroy(1) diff --git a/kerberosIV/src/appl/kip/Makefile.am b/kerberosIV/src/appl/kip/Makefile.am new file mode 100644 index 00000000000..340641b0ffb --- /dev/null +++ b/kerberosIV/src/appl/kip/Makefile.am @@ -0,0 +1,27 @@ +# $KTH: Makefile.am,v 1.3 2000/11/15 23:58:18 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -DLIBEXECDIR="\"$(libexecdir)\"" + +bin_PROGRAMS = kip +libexec_PROGRAMS = kipd +libexec_SCRIPTS = kip-join-network kipd-control +CLEANFILES = $(libexec_SCRIPTS) + +kip_SOURCES = kip.c common.c +kipd_SOURCES = kipd.c common.c + +LDADD = \ + $(top_builddir)/lib/krb/libkrb.la \ + $(LIB_des) \ + $(LIB_roken) + +kip-join-network: kip-join-network.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/kip-join-network.in > $@ + chmod +x $@ + +kipd-control: kipd-control.in + sed -e "s!%bindir%!$(bindir)!" $(srcdir)/kipd-control.in > $@ + chmod +x $@ + diff --git a/kerberosIV/src/appl/kx/kx.1 b/kerberosIV/src/appl/kx/kx.1 new file mode 100644 index 00000000000..7265b3f44f7 --- /dev/null +++ b/kerberosIV/src/appl/kx/kx.1 @@ -0,0 +1,62 @@ +.\" $KTH: kx.1,v 1.7 1997/09/01 15:59:07 assar Exp $ +.\" +.Dd September 27, 1996 +.Dt KX 1 +.Os KTH-KRB +.Sh NAME +.Nm kx +.Nd +securely forward X conections +.Sh SYNOPSIS +.Ar kx +.Op Fl l Ar username +.Op Fl k +.Op Fl d +.Op Fl t +.Op Fl p Ar port +.Op Fl P +.Ar host +.Sh DESCRIPTION +The +.Nm +program forwards a X connection from a remote client to a local screen +through an authenticated and encrypted stream. Options supported by +.Nm kx : +.Bl -tag -width Ds +.It Fl l +Log in on remote the host as user +.Ar username . +.It Fl k +Do not enable keep-alives on the TCP connections. +.It Fl d +Do not fork. This is mainly useful for debugging. +.It Fl t +Listen not only on a UNIX-domain socket but on a TCP socket as well. +.It Fl p +Use the port +.Ar port . +.It Fl P +Force passive mode. +.El +.Pp +This program is used by +.Nm rxtelnet +and +.Nm rxterm +and you should not need to run it directly. +.Pp +It connects to a +.Nm kxd +on the host +.Ar host +and then will relay the traffic from the remote X clients to the local +server. When started, it prints the display and Xauthority-file to be +used on host +.Ar host +and then goes to the background, waiting for connections from the +remote +.Nm kxd. +.Sh SEE ALSO +.Xr rxtelnet 1 , +.Xr rxterm 1 , +.Xr kxd 8 diff --git a/kerberosIV/src/appl/kx/kxd.8 b/kerberosIV/src/appl/kx/kxd.8 new file mode 100644 index 00000000000..53957abdef0 --- /dev/null +++ b/kerberosIV/src/appl/kx/kxd.8 @@ -0,0 +1,53 @@ +.\" $KTH: kxd.8,v 1.5 2001/01/11 16:16:26 assar Exp $ +.\" +.Dd September 27, 1996 +.Dt KXD 8 +.Os KTH-KRB +.Sh NAME +.Nm kxd +.Nd +securely forward X conections +.Sh SYNOPSIS +.Ar kxd +.Op Fl t +.Op Fl i +.Op Fl p Ar port +.Sh DESCRIPTION +This is the daemon for +.Nm kx . +.Pp +Options supported by +.Nm kxd : +.Bl -tag -width Ds +.It Fl t +TCP. Normally +.Nm kxd +will only listen for X connections on a UNIX socket, but some machines +(for example, Cray) have X libraries that are not able to use UNIX +sockets and thus you need to use TCP to talk to the pseudo-xserver +created by +.Nm kxd. +This option decreases the security significantly and should only be +used when it is necessary and you have considered the consequences of +doing so. +.It Fl i +Interactive. Do not expect to be started by +.Nm inetd, +but allocate and listen to the socket yourself. Handy for testing +and debugging. +.It Fl p +Port. Listen on the port +.Ar port . +Only usable with +.Fl i . +.El +.Sh EXAMPLES +Put the following in +.Pa /etc/inetd.conf : +.Bd -literal +kx stream tcp nowait root /usr/athena/libexec/kxd kxd +.Ed +.Sh SEE ALSO +.Xr kx 1 , +.Xr rxtelnet 1 , +.Xr rxterm 1 diff --git a/kerberosIV/src/appl/kx/rxtelnet.1 b/kerberosIV/src/appl/kx/rxtelnet.1 new file mode 100644 index 00000000000..8f42e5086bc --- /dev/null +++ b/kerberosIV/src/appl/kx/rxtelnet.1 @@ -0,0 +1,94 @@ +.\" $KTH: rxtelnet.1,v 1.9 2001/07/12 09:28:24 assar Exp $ +.\" +.Dd September 27, 1996 +.Dt RXTELNET 1 +.Os KTH_KRB +.Sh NAME +.Nm rxtelnet +.Nd +start a telnet and forward X-connections. +.Sh SYNOPSIS +.Nm rxtelnet +.Op Fl l Ar username +.Op Fl k +.Op Fl t Ar telnet_args +.Op Fl x Ar xterm_args +.Op Fl K Ar kx_args +.Op Fl w Ar term_emulator +.Op Fl b Ar telnet_program +.Op Fl n +.Op Fl v +.Ar host +.Op Ar port +.Sh DESCRIPTION +The +.Nm +program starts a +.Nm xterm +window with a telnet to host +.Ar host . +From this window you will also be able to run X clients that will be +able to connect securily to your X server. If +.Ar port +is given, that port will be used instead of the default. +.Pp +The supported options are: +.Bl -tag -width Ds +.It Fl l +Log in on the remote host as user +.Ar username +.It Fl k +Disables keep-alives +.It Fl t +Send +.Ar telnet_args +as arguments to +.Nm telnet +.It Fl x +Send +.Ar xterm_args +as arguments to +.Nm xterm +.It Fl X +Send +.Ar kx_args +as arguments to +.Nm kx +.It Fl w +Use +.Ar term_emulator +instead of xterm. +.It Fl b +Use +.Ar telnet_program +instead of telnet. +.It Fl n +Do not start any terminal emulator. +.It Fl v +Be verbose. +.El +.Sh EXAMPLE +To login from host +.Va foo +(where your display is) +to host +.Va bar , +you might do the following. +.Bl -enum +.It +On foo: +.Nm +.Va bar +.It +You will get a new window with a +.Nm telnet +to +.Va bar . +In this window you will be able to start X clients. +.El +.Sh SEE ALSO +.Xr kx 1 , +.Xr rxterm 1 , +.Xr telnet 1 , +.Xr tenletxr 1 , +.Xr kxd 8 diff --git a/kerberosIV/src/appl/kx/rxterm.1 b/kerberosIV/src/appl/kx/rxterm.1 new file mode 100644 index 00000000000..37f56097792 --- /dev/null +++ b/kerberosIV/src/appl/kx/rxterm.1 @@ -0,0 +1,90 @@ +.\" $KTH: rxterm.1,v 1.7 2001/07/12 09:35:26 assar Exp $ +.\" +.Dd September 27, 1996 +.Dt RXTERM 1 +.Os KTH_KRB +.Sh NAME +.Nm rxterm +.Nd +start a secure remote xterm +.Sh SYNOPSIS +.Nm rxterm +.Op Fl l Ar username +.Op Fl k +.Op Fl r Ar rsh_args +.Op Fl x Ar xterm_args +.Op Fl K Ar kx_args +.Op Fl w Ar term_emulator +.Op Fl b Ar rsh_program +.Ar host +.Op Ar port +.Sh DESCRIPTION +The +.Nm +program starts a +.Nm xterm +window on host +.Ar host . +From this window you will also be able to run X clients that will be +able to connect securily to your X server. If +.Ar port +is given, that port will be used instead of the default. +.Pp +The supported options are: +.Bl -tag -width Ds +.It Fl l +Log in on the remote host as user +.Ar username +.It Fl k +Disable keep-alives +.It Fl r +Send +.Ar rsh_args +as arguments to +.Nm rsh +.It Fl x +Send +.Ar xterm_args +as arguments to +.Nm xterm +.It Fl X +Send +.Ar kx_args +as arguments to +.Nm kx +.It Fl w +Use +.Ar term_emulator +instead of xterm. +.It Fl b +Use +.Ar rsh_program +instead of rsh. +.It Fl v +Be verbose. +.El +.Sh EXAMPLE +To login from host +.Va foo +(where your display is) +to host +.Va bar , +you might do the following. +.Bl -enum +.It +On foo: +.Nm +.Va bar +.It +You will get a new window running an +.Nm xterm +on host +.Va bar . +In this window you will be able to start X clients. +.El +.Sh SEE ALSO +.Xr kx 1 , +.Xr rsh 1 , +.Xr rxtelnet 1 , +.Xr tenletxr 1 , +.Xr kxd 8 diff --git a/kerberosIV/src/appl/kx/tenletxr.1 b/kerberosIV/src/appl/kx/tenletxr.1 new file mode 100644 index 00000000000..3c957faba04 --- /dev/null +++ b/kerberosIV/src/appl/kx/tenletxr.1 @@ -0,0 +1,61 @@ +.\" $KTH: tenletxr.1,v 1.3 2001/07/12 08:42:27 assar Exp $ +.\" +.Dd March 31, 1997 +.Dt TENLETXR 1 +.Os KTH_KRB +.Sh NAME +.Nm tenletxr +.Nd +forward X-connections backwards. +.Sh SYNOPSIS +.Nm tenletxr +.Op Fl l Ar username +.Op Fl k +.Ar host +.Op Ar port +.Sh DESCRIPTION +The +.Nm +program +enables forwarding of X-connections from this machine to host +.Ar host . +If +.Ar port +is given, that port will be used instead of the default. +.Pp +The supported options are: +.Bl -tag -width Ds +.It Fl l +Log in on the remote host as user +.Ar username +.It Fl k +Disables keep-alives. +.El +.Sh EXAMPLE +To login from host +.Va foo +to host +.Va bar +(where your display is), +you might do the following. +.Bl -enum +.It +On foo: +.Nm +.Va bar +.It +You will get a new shell where you will be able to start X clients +that will show their windows on +.Va bar . +.El +.Sh BUGS +It currently checks if you have permission to run it by checking if +you own +.Pa /dev/console +on the remote host. +.Sh SEE ALSO +.Xr kx 1 , +.Xr rxtelnet 1 , +.Xr rxterm 1 , +.Xr telnet 1 , +.Xr kxd 8 diff --git a/kerberosIV/src/appl/movemail/Makefile.am b/kerberosIV/src/appl/movemail/Makefile.am new file mode 100644 index 00000000000..bdf89057bba --- /dev/null +++ b/kerberosIV/src/appl/movemail/Makefile.am @@ -0,0 +1,17 @@ +# $KTH: Makefile.am,v 1.5 2001/08/28 08:42:58 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_hesiod) $(INCLUDE_des) + +libexec_PROGRAMS = movemail + +movemail_SOURCES = movemail.c pop.c + +man_MANS = movemail.8 + +LDADD = \ + $(top_builddir)/lib/krb/libkrb.la \ + $(LIB_des) \ + $(LIB_roken) \ + $(LIB_hesiod) diff --git a/kerberosIV/src/appl/movemail/movemail.8 b/kerberosIV/src/appl/movemail/movemail.8 new file mode 100644 index 00000000000..e0ea8c87916 --- /dev/null +++ b/kerberosIV/src/appl/movemail/movemail.8 @@ -0,0 +1,38 @@ +.\" $KTH: movemail.8,v 1.2 2001/01/11 16:16:27 assar Exp $ +.\" +.Dd November 14, 1996 +.Dt MOVEMAIL 1 +.Os KTH-KRB +.Sh NAME +.Nm movemail +.Nd +Fetch mail from a spool file or using the +KPOP +protocol +.Sh SYNPOSYS +.Nm +.Ar inbox +.Ar destfile +.Sh DESCRIPTION +The +.Nm +program fetches mail from +.Ar inbox , +which can be a file name or +po:username +meaning fetch the mails with +KPOP from the host +.Ev MAILHOST . +.Pp +This program is intended to be called from mail user agents that are +themselves not able to fetch the mail. The primary example of this is +Emacs. +.Sh ENVIRONMENT +.Bl -tag -width MAILHOST +.It Ev MAILHOST +The host from which to fetch the mail. +.El +.Sh SEE ALSO +.Xr popper 8 +.Sh HISTORY +movemail comes from Emacs 19.30 diff --git a/kerberosIV/src/appl/otp/otp.1 b/kerberosIV/src/appl/otp/otp.1 new file mode 100644 index 00000000000..c3f19fa6efa --- /dev/null +++ b/kerberosIV/src/appl/otp/otp.1 @@ -0,0 +1,60 @@ +.\" $KTH: otp.1,v 1.2 2000/11/29 18:18:22 joda Exp $ +.\" +.Dd November 17, 1996 +.Dt OTP 1 +.Os KTH-KRB +.Sh NAME +.Nm otp +.Nd +manages one-time passwords +.Sh SYNOPSIS +.Nm otp +.Op Fl dhlor +.Op Fl f Ar algorithm +.Op Fl u Ar user +.Ar sequence-number +.Ar seed +.Sh DESCRIPTION +The +.Nm +program initializes and updates your current series of one-time +passwords (OTPs). +.Pp +Use this to set a new series of one-time passwords. Only perform this +on the console or over an encrypted link as you will have to supply +your pass-phrase. The other two parameters are +.Ar sequence-number +and +.Ar seed . +.Pp +Options are: +.Bl -tag -width Ds +.It Fl d +To delete a one-time password. +.It Fl f +Choose a different +.Ar algorithm +from the default md5. Pick any of: md4, md5, and sha. +.It Fl h +For getting a help message. +.It Fl l +List the current table of one-time passwords. +.It Fl o +To open (unlock) the otp-entry for a user. +.It Fl r +To renew a one-time password series. This operation can be performed +over an potentially eavesdropped link because you do not supply the +pass-phrase. First you need to supply the current one-time password +and then the new one corresponding to the supplied +.Ar sequence-number +and +.Ar seed . +.It Fl u +To choose a different +.Ar user +to set one-time passwords for. This only works when running +.Nm +as root. +.El +.Sh SEE ALSO +.Xr otpprint 1 diff --git a/kerberosIV/src/appl/otp/otpprint.1 b/kerberosIV/src/appl/otp/otpprint.1 new file mode 100644 index 00000000000..8eb1074a8b7 --- /dev/null +++ b/kerberosIV/src/appl/otp/otpprint.1 @@ -0,0 +1,52 @@ +.\" $KTH: otpprint.1,v 1.4 2001/06/08 20:44:46 assar Exp $ +.\" +.Dd November 17, 1996 +.Dt OTP 1 +.Os KTH-KRB +.Sh NAME +.Nm otpprint +.Nd +print lists of one-time passwords +.Sh SYNOPSIS +.Nm otp +.Op Fl n Ar count +.Op Fl e +.Op Fl h +.Op Fl f Ar algorithm +.Ar sequence-number +.Ar seed +.Sh DESCRIPTION +The +.Nm +program prints lists of OTPs. +.Pp +Use this to print out a series of one-time passwords. You will have +to supply the +.Ar sequence number +and the +.Ar seed +as arguments and then the program will prompt you for your pass-phrase. +.Pp +There are several different print formats. The default is to print +each password with six short english words. +.Pp +Options are: +.Bl -tag -width Ds +.It Fl e +Print the passwords in ``extended'' format. In this format a prefix +that says ``hex:'' or ``word:'' is included. +.It Fl f +To choose a different +.Ar algorithm +from the default md5. Pick any of: md4, md5, and sha. +.It Fl h +Print the passwords in hex. +.It Fl n +Print +.Ar count +one-time passwords, starting at +.Ar sequence-number +and going backwards. The default is 10. +.El +.Sh SEE ALSO +.Xr otp 1 diff --git a/kerberosIV/src/appl/popper/pop_auth.c b/kerberosIV/src/appl/popper/pop_auth.c new file mode 100644 index 00000000000..6229dee6019 --- /dev/null +++ b/kerberosIV/src/appl/popper/pop_auth.c @@ -0,0 +1,220 @@ +/* + * Copyright (c) 1995, 1996, 1997 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the Kungliga Tekniska + * Högskolan and its contributors. + * + * 4. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include <popper.h> +#include <base64.h> +RCSID("$KTH: pop_auth.c,v 1.2 2000/04/12 15:37:45 assar Exp $"); + +#ifdef KRB4 + +enum { + NO_PROT = 1, + INT_PROT = 2, + PRIV_PROT = 4 +}; + +static int +auth_krb4(POP *p) +{ + int ret; + des_cblock key; + u_int32_t nonce, nonce_reply; + u_int32_t max_client_packet; + int protocols = NO_PROT | INT_PROT | PRIV_PROT; + char data[8]; + int len; + char *s; + char instance[INST_SZ]; + KTEXT_ST authent; + des_key_schedule schedule; + struct passwd *pw; + + /* S -> C: 32 bit nonce in MSB base64 */ + + des_new_random_key(&key); + nonce = (key[0] | (key[1] << 8) | (key[2] << 16) | (key[3] << 24) + | key[4] | (key[5] << 8) | (key[6] << 16) | (key[7] << 24)); + krb_put_int(nonce, data, 4, 8); + len = base64_encode(data, 4, &s); + + pop_msg(p, POP_CONTINUE, "%s", s); + free(s); + + /* C -> S: ticket and authenticator */ + + ret = sch_readline(p->input, &s); + if (ret <= 0 || strcmp (s, "*") == 0) + return pop_msg(p, POP_FAILURE, + "authentication aborted by client"); + len = strlen(s); + if (len > sizeof(authent.dat)) { + return pop_msg(p, POP_FAILURE, "data packet too long"); + } + + authent.length = base64_decode(s, authent.dat); + + k_getsockinst (0, instance, sizeof(instance)); + ret = krb_rd_req(&authent, "pop", instance, + p->in_addr.sin_addr.s_addr, + &p->kdata, NULL); + if (ret != 0) { + return pop_msg(p, POP_FAILURE, "rd_req: %s", + krb_get_err_text(ret)); + } + if (p->kdata.checksum != nonce) { + return pop_msg(p, POP_FAILURE, "data stream modified"); + } + + /* S -> C: nonce + 1 | bit | max segment */ + + krb_put_int(nonce + 1, data, 4, 7); + data[4] = protocols; + krb_put_int(1024, data + 5, 3, 3); /* XXX */ + des_key_sched(&p->kdata.session, schedule); + des_pcbc_encrypt((des_cblock*)data, + (des_cblock*)data, 8, + schedule, + &p->kdata.session, + DES_ENCRYPT); + len = base64_encode(data, 8, &s); + pop_msg(p, POP_CONTINUE, "%s", s); + + free(s); + + /* C -> S: nonce | bit | max segment | username */ + + ret = sch_readline(p->input, &s); + if (ret <= 0 || strcmp (s, "*") == 0) + return pop_msg(p, POP_FAILURE, + "authentication aborted"); + len = strlen(s); + if (len > sizeof(authent.dat)) { + return pop_msg(p, POP_FAILURE, "data packet too long"); + } + + authent.length = base64_decode(s, authent.dat); + + if (authent.length % 8 != 0) { + return pop_msg(p, POP_FAILURE, "reply is not a multiple of 8 bytes"); + } + + des_key_sched(&p->kdata.session, schedule); + des_pcbc_encrypt((des_cblock*)authent.dat, + (des_cblock*)authent.dat, + authent.length, + schedule, + &p->kdata.session, + DES_DECRYPT); + + krb_get_int(authent.dat, &nonce_reply, 4, 0); + if (nonce_reply != nonce) { + return pop_msg(p, POP_FAILURE, "data stream modified"); + } + protocols &= authent.dat[4]; + krb_get_int(authent.dat + 5, &max_client_packet, 3, 0); + if(authent.dat[authent.length - 1] != '\0') { + return pop_msg(p, POP_FAILURE, "bad format of username"); + } + strncpy (p->user, authent.dat + 8, sizeof(p->user)); + pw = k_getpwnam(p->user); + if (pw == NULL) { + return (pop_msg(p,POP_FAILURE, + "Password supplied for \"%s\" is incorrect.", + p->user)); + } + + if (kuserok(&p->kdata, p->user)) { + pop_log(p, POP_PRIORITY, + "%s: (%s.%s@%s) tried to retrieve mail for %s.", + p->client, p->kdata.pname, p->kdata.pinst, + p->kdata.prealm, p->user); + return(pop_msg(p,POP_FAILURE, + "Popping not authorized")); + } + pop_log(p, POP_INFO, "%s: %s.%s@%s -> %s", + p->ipaddr, + p->kdata.pname, p->kdata.pinst, p->kdata.prealm, + p->user); + ret = pop_login(p, pw); + if (protocols & PRIV_PROT) + ; + else if (protocols & INT_PROT) + ; + else + ; + + return ret; +} +#endif /* KRB4 */ + +#ifdef KRB5 +static int +auth_gssapi(POP *p) +{ + +} +#endif /* KRB5 */ + +/* + * auth: RFC1734 + */ + +static struct { + const char *name; + int (*func)(POP *); +} methods[] = { +#ifdef KRB4 + {"KERBEROS_V4", auth_krb4}, +#endif +#ifdef KRB5 + {"GSSAPI", auth_gssapi}, +#endif + {NULL, NULL} +}; + +int +pop_auth (POP *p) +{ + int i; + + for (i = 0; methods[i].name != NULL; ++i) + if (strcasecmp(p->pop_parm[1], methods[i].name) == 0) + return (*methods[i].func)(p); + return pop_msg(p, POP_FAILURE, + "Authentication method %s unknown", p->pop_parm[1]); +} diff --git a/kerberosIV/src/appl/popper/popper.8 b/kerberosIV/src/appl/popper/popper.8 new file mode 100644 index 00000000000..035f9d531aa --- /dev/null +++ b/kerberosIV/src/appl/popper/popper.8 @@ -0,0 +1,90 @@ +.\" $KTH: popper.8,v 1.6 2001/08/13 15:54:35 joda Exp $ +.\" +.Dd August 13, 2001 +.Dt POPPER 8 +.Os HEIMDAL +.Sh NAME +.Nm popper +.Nd +POP3 server +.Sh SYNOPSIS +.Nm +.Op Fl k +.Op Fl a Ar none Ns \*(Ba Ns otp +.Op Fl t Ar file +.Op Fl T Ar seconds +.Op Fl d +.Op Fl i +.Op Fl p Ar port +.Op Fl -address-log= Ns Pa file +.Sh DESCRIPTION +.Nm +serves mail via the Post Office Protocol. Supported options include: +.Bl -tag -width Ds +.It Xo +.Fl a Ar none Ns \*(Ba Ns otp Ns , +.Fl -auth-mode= Ns Ar none Ns \*(Ba Ns otp +.Xc +tells +.Nm +what authentication modes are acceptable, passing +.Ar otp +disables clear text passwords. This has only effect when not using +Kerberos authentication. +.It Xo +.Fl -address-log= Ns Pa file +.Xc +logs the addresses of all clients to the specified file +.It Xo +.Fl d Ns , +.Fl -debug +.Xc +enables more verbose log messages +.It Xo +.Fl i Ns , +.Fl -interactive +.Xc +when not started by inetd, this flag tells +.Nm +that it has to create a socket by itself +.It Xo +.Fl k Ns , +.Fl -kerberos +.Xc +tells +.Nm +to use the Kerberos for authentication. +.It Xo +.Fl p Ar port Ns , +.Fl -port= Ns Ar port +.Xc +port to listen to, in combination with +.Fl i +.It Xo +.Fl t Ar file Ns , +.Fl -trace-file= Ns Ar file +.Xc +trace all command to file +.It Xo +.Fl T Ar seconds Ns , +.Fl -timeout= Ns Ar seconds +.Xc +set timeout to something other than the default of 120 seconds +.El +.\".Sh ENVIRONMENT +.\".Sh FILES +.\".Sh EXAMPLES +.\".Sh DIAGNOSTICS +.Sh SEE ALSO +.Xr push 8 , +.Xr movemail 8 +.Sh STANDARDS +RFC1939 (Post Office Protocol - Version 3) +.\" RFC2449 (POP3 Extension Mechanism) +.\".Sh HISTORY +.Sh AUTHORS +The server was initially developed at the University of California, +Berkeley. +.Pp +Many changes has been made as part of the KTH Kerberos distributions. +.\".Sh BUGS diff --git a/kerberosIV/src/appl/push/pfrom.1 b/kerberosIV/src/appl/push/pfrom.1 new file mode 100644 index 00000000000..19c12d83aa3 --- /dev/null +++ b/kerberosIV/src/appl/push/pfrom.1 @@ -0,0 +1,24 @@ +.\" $KTH: pfrom.1,v 1.3 2001/05/02 08:59:21 assar Exp $ +.\" +.Dd Mars 4, 2000 +.Dt PFROM 1 +.Os HEIMDAL +.Sh NAME +.Nm pfrom +.Nd "fetch a list of the current mail via POP" +.Sh SYNOPSIS +.Nm +.Op Fl 4 | Fl -krb4 +.Op Fl 5 | Fl -krb5 +.Op Fl v | Fl -verbose +.Op Fl c | -count +.Op Fl -header +.Oo Fl p Ar port-spec \*(Ba Xo +.Fl -port= Ns Ar port-spec +.Xc +.Oc +.Sh DESCRIPTION +.Nm +is a script that does push --from. +.Sh SEE ALSO +.Xr push 8 diff --git a/kerberosIV/src/appl/sample/Makefile.am b/kerberosIV/src/appl/sample/Makefile.am new file mode 100644 index 00000000000..92f636678fb --- /dev/null +++ b/kerberosIV/src/appl/sample/Makefile.am @@ -0,0 +1,11 @@ +# $KTH: Makefile.am,v 1.3 2000/11/15 23:58:19 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +bin_PROGRAMS = sample_client simple_client +libexec_PROGRAMS = sample_server simple_server + +LDADD = \ + $(top_builddir)/lib/krb/libkrb.la \ + $(LIB_des) \ + $(LIB_roken) diff --git a/kerberosIV/src/appl/telnet/telnet/telnet.1 b/kerberosIV/src/appl/telnet/telnet/telnet.1 new file mode 100644 index 00000000000..0e037b7b5d8 --- /dev/null +++ b/kerberosIV/src/appl/telnet/telnet/telnet.1 @@ -0,0 +1,1369 @@ +.\" Copyright (c) 1983, 1990, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)telnet.1 8.6 (Berkeley) 6/1/94 +.\" +.Dd June 1, 1994 +.Dt TELNET 1 +.Os BSD 4.2 +.Sh NAME +.Nm telnet +.Nd user interface to the +.Tn TELNET +protocol +.Sh SYNOPSIS +.Nm telnet +.Op Fl 78EFKLacdfrx +.Op Fl S Ar tos +.Op Fl X Ar authtype +.Op Fl e Ar escapechar +.Op Fl k Ar realm +.Op Fl l Ar user +.Op Fl n Ar tracefile +.Oo +.Ar host +.Op port +.Oc +.Sh DESCRIPTION +The +.Nm telnet +command +is used to communicate with another host using the +.Tn TELNET +protocol. +If +.Nm telnet +is invoked without the +.Ar host +argument, it enters command mode, +indicated by its prompt +.Pq Nm telnet\&> . +In this mode, it accepts and executes the commands listed below. +If it is invoked with arguments, it performs an +.Ic open +command with those arguments. +.Pp +Options: +.Bl -tag -width indent +.It Fl 8 +Specifies an 8-bit data path. This causes an attempt to +negotiate the +.Dv TELNET BINARY +option on both input and output. +.It Fl 7 +Do not try to negotiate +.Dv TELNET BINARY +option. +.It Fl E +Stops any character from being recognized as an escape character. +.It Fl F +If Kerberos V5 authentication is being used, the +.Fl F +option allows the local credentials to be forwarded +to the remote system, including any credentials that +have already been forwarded into the local environment. +.It Fl K +Specifies no automatic login to the remote system. +.It Fl L +Specifies an 8-bit data path on output. This causes the +BINARY option to be negotiated on output. +.It Fl S Ar tos +Sets the IP type-of-service (TOS) option for the telnet +connection to the value +.Ar tos , +which can be a numeric TOS value +or, on systems that support it, a symbolic +TOS name found in the /etc/iptos file. +.It Fl X Ar atype +Disables the +.Ar atype +type of authentication. +.It Fl a +Attempt automatic login. +Currently, this sends the user name via the +.Ev USER +variable +of the +.Ev ENVIRON +option if supported by the remote system. +The name used is that of the current user as returned by +.Xr getlogin 2 +if it agrees with the current user ID, +otherwise it is the name associated with the user ID. +.It Fl c +Disables the reading of the user's +.Pa \&.telnetrc +file. (See the +.Ic toggle skiprc +command on this man page.) +.It Fl d +Sets the initial value of the +.Ic debug +toggle to +.Dv TRUE +.It Fl e Ar escape char +Sets the initial +.Nm +.Nm telnet +escape character to +.Ar escape char . +If +.Ar escape char +is omitted, then +there will be no escape character. +.It Fl f +If Kerberos V5 authentication is being used, the +.Fl f +option allows the local credentials to be forwarded to the remote system. +.It Fl k Ar realm +If Kerberos authentication is being used, the +.Fl k +option requests that telnet obtain tickets for the remote host in +realm realm instead of the remote host's realm, as determined +by +.Xr krb_realmofhost 3 . +.It Fl l Ar user +When connecting to the remote system, if the remote system +understands the +.Ev ENVIRON +option, then +.Ar user +will be sent to the remote system as the value for the variable USER. +This option implies the +.Fl a +option. +This option may also be used with the +.Ic open +command. +.It Fl n Ar tracefile +Opens +.Ar tracefile +for recording trace information. +See the +.Ic set tracefile +command below. +.It Fl r +Specifies a user interface similar to +.Xr rlogin 1 . +In this +mode, the escape character is set to the tilde (~) character, +unless modified by the -e option. +.It Fl x +Turn on encryption of the data stream. When this option is turned on, +.B telnet +will exit with an error if authentication cannot be negotiated or if +encryption cannot be turned on. +.It Ar host +Indicates the official name, an alias, or the Internet address +of a remote host. +.It Ar port +Indicates a port number (address of an application). If a number is +not specified, the default +.Nm telnet +port is used. +.El +.Pp +When in rlogin mode, a line of the form ~. disconnects from the +remote host; ~ is the telnet escape character. +Similarly, the line ~^Z suspends the telnet session. +The line ~^] escapes to the normal telnet escape prompt. +.Pp +Once a connection has been opened, +.Nm telnet +will attempt to enable the +.Dv TELNET LINEMODE +option. +If this fails, then +.Nm telnet +will revert to one of two input modes: +either \*(Lqcharacter at a time\*(Rq +or \*(Lqold line by line\*(Rq +depending on what the remote system supports. +.Pp +When +.Dv LINEMODE +is enabled, character processing is done on the +local system, under the control of the remote system. When input +editing or character echoing is to be disabled, the remote system +will relay that information. The remote system will also relay +changes to any special characters that happen on the remote +system, so that they can take effect on the local system. +.Pp +In \*(Lqcharacter at a time\*(Rq mode, most +text typed is immediately sent to the remote host for processing. +.Pp +In \*(Lqold line by line\*(Rq mode, all text is echoed locally, +and (normally) only completed lines are sent to the remote host. +The \*(Lqlocal echo character\*(Rq (initially \*(Lq^E\*(Rq) may be used +to turn off and on the local echo +(this would mostly be used to enter passwords +without the password being echoed). +.Pp +If the +.Dv LINEMODE +option is enabled, or if the +.Ic localchars +toggle is +.Dv TRUE +(the default for \*(Lqold line by line\*(Lq; see below), +the user's +.Ic quit , +.Ic intr , +and +.Ic flush +characters are trapped locally, and sent as +.Tn TELNET +protocol sequences to the remote side. +If +.Dv LINEMODE +has ever been enabled, then the user's +.Ic susp +and +.Ic eof +are also sent as +.Tn TELNET +protocol sequences, +and +.Ic quit +is sent as a +.Dv TELNET ABORT +instead of +.Dv BREAK +There are options (see +.Ic toggle +.Ic autoflush +and +.Ic toggle +.Ic autosynch +below) +which cause this action to flush subsequent output to the terminal +(until the remote host acknowledges the +.Tn TELNET +sequence) and flush previous terminal input +(in the case of +.Ic quit +and +.Ic intr ) . +.Pp +While connected to a remote host, +.Nm telnet +command mode may be entered by typing the +.Nm telnet +\*(Lqescape character\*(Rq (initially \*(Lq^]\*(Rq). +When in command mode, the normal terminal editing conventions are available. +.Pp +The following +.Nm telnet +commands are available. +Only enough of each command to uniquely identify it need be typed +(this is also true for arguments to the +.Ic mode , +.Ic set , +.Ic toggle , +.Ic unset , +.Ic slc , +.Ic environ , +and +.Ic display +commands). +.Pp +.Bl -tag -width "mode type" +.It Ic auth Ar argument ... +The auth command manipulates the information sent through the +.Dv TELNET AUTHENTICATE +option. Valid arguments for the +auth command are as follows: +.Bl -tag -width "disable type" +.It Ic disable Ar type +Disables the specified type of authentication. To +obtain a list of available types, use the +.Ic auth disable ?\& +command. +.It Ic enable Ar type +Enables the specified type of authentication. To +obtain a list of available types, use the +.Ic auth enable ?\& +command. +.It Ic status +Lists the current status of the various types of +authentication. +.El +.It Ic close +Close a +.Tn TELNET +session and return to command mode. +.It Ic display Ar argument ... +Displays all, or some, of the +.Ic set +and +.Ic toggle +values (see below). +.It Ic encrypt Ar argument ... +The encrypt command manipulates the information sent through the +.Dv TELNET ENCRYPT +option. +.Pp +Note: Because of export controls, the +.Dv TELNET ENCRYPT +option is not supported outside of the United States and Canada. +.Pp +Valid arguments for the encrypt command are as follows: +.Bl -tag -width Ar +.It Ic disable Ar type Xo +.Op Cm input | output +.Xc +Disables the specified type of encryption. If you +omit the input and output, both input and output +are disabled. To obtain a list of available +types, use the +.Ic encrypt disable ?\& +command. +.It Ic enable Ar type Xo +.Op Cm input | output +.Xc +Enables the specified type of encryption. If you +omit input and output, both input and output are +enabled. To obtain a list of available types, use the +.Ic encrypt enable ?\& +command. +.It Ic input +This is the same as the +.Ic encrypt start input +command. +.It Ic -input +This is the same as the +.Ic encrypt stop input +command. +.It Ic output +This is the same as the +.Ic encrypt start output +command. +.It Ic -output +This is the same as the +.Ic encrypt stop output +command. +.It Ic start Op Cm input | output +Attempts to start encryption. If you omit +.Ic input +and +.Ic output , +both input and output are enabled. To +obtain a list of available types, use the +.Ic encrypt enable ?\& +command. +.It Ic status +Lists the current status of encryption. +.It Ic stop Op Cm input | output +Stops encryption. If you omit input and output, +encryption is on both input and output. +.It Ic type Ar type +Sets the default type of encryption to be used +with later +.Ic encrypt start +or +.Ic encrypt stop +commands. +.El +.It Ic environ Ar arguments ... +The +.Ic environ +command is used to manipulate the +the variables that my be sent through the +.Dv TELNET ENVIRON +option. +The initial set of variables is taken from the users +environment, with only the +.Ev DISPLAY +and +.Ev PRINTER +variables being exported by default. +The +.Ev USER +variable is also exported if the +.Fl a +or +.Fl l +options are used. +.Pp +Valid arguments for the +.Ic environ +command are: +.Bl -tag -width Fl +.It Ic define Ar variable value +Define the variable +.Ar variable +to have a value of +.Ar value . +Any variables defined by this command are automatically exported. +The +.Ar value +may be enclosed in single or double quotes so +that tabs and spaces may be included. +.It Ic undefine Ar variable +Remove +.Ar variable +from the list of environment variables. +.It Ic export Ar variable +Mark the variable +.Ar variable +to be exported to the remote side. +.It Ic unexport Ar variable +Mark the variable +.Ar variable +to not be exported unless +explicitly asked for by the remote side. +.It Ic list +List the current set of environment variables. +Those marked with a +.Cm * +will be sent automatically, +other variables will only be sent if explicitly requested. +.It Ic ?\& +Prints out help information for the +.Ic environ +command. +.El +.It Ic logout +Sends the +.Dv TELNET LOGOUT +option to the remote side. +This command is similar to a +.Ic close +command; however, if the remote side does not support the +.Dv LOGOUT +option, nothing happens. +If, however, the remote side does support the +.Dv LOGOUT +option, this command should cause the remote side to close the +.Tn TELNET +connection. +If the remote side also supports the concept of +suspending a user's session for later reattachment, +the logout argument indicates that you +should terminate the session immediately. +.It Ic mode Ar type +.Ar Type +is one of several options, depending on the state of the +.Tn TELNET +session. +The remote host is asked for permission to go into the requested mode. +If the remote host is capable of entering that mode, the requested +mode will be entered. +.Bl -tag -width Ar +.It Ic character +Disable the +.Dv TELNET LINEMODE +option, or, if the remote side does not understand the +.Dv LINEMODE +option, then enter \*(Lqcharacter at a time\*(Lq mode. +.It Ic line +Enable the +.Dv TELNET LINEMODE +option, or, if the remote side does not understand the +.Dv LINEMODE +option, then attempt to enter \*(Lqold-line-by-line\*(Lq mode. +.It Ic isig Pq Ic \-isig +Attempt to enable (disable) the +.Dv TRAPSIG +mode of the +.Dv LINEMODE +option. +This requires that the +.Dv LINEMODE +option be enabled. +.It Ic edit Pq Ic \-edit +Attempt to enable (disable) the +.Dv EDIT +mode of the +.Dv LINEMODE +option. +This requires that the +.Dv LINEMODE +option be enabled. +.It Ic softtabs Pq Ic \-softtabs +Attempt to enable (disable) the +.Dv SOFT_TAB +mode of the +.Dv LINEMODE +option. +This requires that the +.Dv LINEMODE +option be enabled. +.It Ic litecho Pq Ic \-litecho +Attempt to enable (disable) the +.Dv LIT_ECHO +mode of the +.Dv LINEMODE +option. +This requires that the +.Dv LINEMODE +option be enabled. +.It Ic ?\& +Prints out help information for the +.Ic mode +command. +.El +.It Xo +.Ic open Ar host +.Op Fl l Ar user +.Op Oo Fl Oc Ns Ar port +.Xc +Open a connection to the named host. +If no port number +is specified, +.Nm telnet +will attempt to contact a +.Tn TELNET +server at the default port. +The host specification may be either a host name (see +.Xr hosts 5 ) +or an Internet address specified in the \*(Lqdot notation\*(Rq (see +.Xr inet 3 ) . +The +.Op Fl l +option may be used to specify the user name +to be passed to the remote system via the +.Ev ENVIRON +option. +When connecting to a non-standard port, +.Nm telnet +omits any automatic initiation of +.Tn TELNET +options. When the port number is preceded by a minus sign, +the initial option negotiation is done. +After establishing a connection, the file +.Pa \&.telnetrc +in the +users home directory is opened. Lines beginning with a # are +comment lines. Blank lines are ignored. Lines that begin +without white space are the start of a machine entry. The +first thing on the line is the name of the machine that is +being connected to. The rest of the line, and successive +lines that begin with white space are assumed to be +.Nm telnet +commands and are processed as if they had been typed +in manually to the +.Nm telnet +command prompt. +.It Ic quit +Close any open +.Tn TELNET +session and exit +.Nm telnet . +An end of file (in command mode) will also close a session and exit. +.It Ic send Ar arguments +Sends one or more special character sequences to the remote host. +The following are the arguments which may be specified +(more than one argument may be specified at a time): +.Pp +.Bl -tag -width escape +.It Ic abort +Sends the +.Dv TELNET ABORT +(Abort +processes) +sequence. +.It Ic ao +Sends the +.Dv TELNET AO +(Abort Output) sequence, which should cause the remote system to flush +all output +.Em from +the remote system +.Em to +the user's terminal. +.It Ic ayt +Sends the +.Dv TELNET AYT +(Are You There) +sequence, to which the remote system may or may not choose to respond. +.It Ic brk +Sends the +.Dv TELNET BRK +(Break) sequence, which may have significance to the remote +system. +.It Ic ec +Sends the +.Dv TELNET EC +(Erase Character) +sequence, which should cause the remote system to erase the last character +entered. +.It Ic el +Sends the +.Dv TELNET EL +(Erase Line) +sequence, which should cause the remote system to erase the line currently +being entered. +.It Ic eof +Sends the +.Dv TELNET EOF +(End Of File) +sequence. +.It Ic eor +Sends the +.Dv TELNET EOR +(End of Record) +sequence. +.It Ic escape +Sends the current +.Nm telnet +escape character (initially \*(Lq^\*(Rq). +.It Ic ga +Sends the +.Dv TELNET GA +(Go Ahead) +sequence, which likely has no significance to the remote system. +.It Ic getstatus +If the remote side supports the +.Dv TELNET STATUS +command, +.Ic getstatus +will send the subnegotiation to request that the server send +its current option status. +.It Ic ip +Sends the +.Dv TELNET IP +(Interrupt Process) sequence, which should cause the remote +system to abort the currently running process. +.It Ic nop +Sends the +.Dv TELNET NOP +(No OPeration) +sequence. +.It Ic susp +Sends the +.Dv TELNET SUSP +(SUSPend process) +sequence. +.It Ic synch +Sends the +.Dv TELNET SYNCH +sequence. +This sequence causes the remote system to discard all previously typed +(but not yet read) input. +This sequence is sent as +.Tn TCP +urgent +data (and may not work if the remote system is a +.Bx 4.2 +system -- if +it doesn't work, a lower case \*(Lqr\*(Rq may be echoed on the terminal). +.It Ic do Ar cmd +.It Ic dont Ar cmd +.It Ic will Ar cmd +.It Ic wont Ar cmd +Sends the +.Dv TELNET DO +.Ar cmd +sequence. +.Ar Cmd +can be either a decimal number between 0 and 255, +or a symbolic name for a specific +.Dv TELNET +command. +.Ar Cmd +can also be either +.Ic help +or +.Ic ?\& +to print out help information, including +a list of known symbolic names. +.It Ic ?\& +Prints out help information for the +.Ic send +command. +.El +.It Ic set Ar argument value +.It Ic unset Ar argument value +The +.Ic set +command will set any one of a number of +.Nm telnet +variables to a specific value or to +.Dv TRUE . +The special value +.Ic off +turns off the function associated with +the variable, this is equivalent to using the +.Ic unset +command. +The +.Ic unset +command will disable or set to +.Dv FALSE +any of the specified functions. +The values of variables may be interrogated with the +.Ic display +command. +The variables which may be set or unset, but not toggled, are +listed here. In addition, any of the variables for the +.Ic toggle +command may be explicitly set or unset using +the +.Ic set +and +.Ic unset +commands. +.Bl -tag -width escape +.It Ic ayt +If +.Tn TELNET +is in localchars mode, or +.Dv LINEMODE +is enabled, and the status character is typed, a +.Dv TELNET AYT +sequence (see +.Ic send ayt +preceding) is sent to the +remote host. The initial value for the "Are You There" +character is the terminal's status character. +.It Ic echo +This is the value (initially \*(Lq^E\*(Rq) which, when in +\*(Lqline by line\*(Rq mode, toggles between doing local echoing +of entered characters (for normal processing), and suppressing +echoing of entered characters (for entering, say, a password). +.It Ic eof +If +.Nm telnet +is operating in +.Dv LINEMODE +or \*(Lqold line by line\*(Rq mode, entering this character +as the first character on a line will cause this character to be +sent to the remote system. +The initial value of the eof character is taken to be the terminal's +.Ic eof +character. +.It Ic erase +If +.Nm telnet +is in +.Ic localchars +mode (see +.Ic toggle +.Ic localchars +below), +.Sy and +if +.Nm telnet +is operating in \*(Lqcharacter at a time\*(Rq mode, then when this +character is typed, a +.Dv TELNET EC +sequence (see +.Ic send +.Ic ec +above) +is sent to the remote system. +The initial value for the erase character is taken to be +the terminal's +.Ic erase +character. +.It Ic escape +This is the +.Nm telnet +escape character (initially \*(Lq^[\*(Rq) which causes entry +into +.Nm telnet +command mode (when connected to a remote system). +.It Ic flushoutput +If +.Nm telnet +is in +.Ic localchars +mode (see +.Ic toggle +.Ic localchars +below) +and the +.Ic flushoutput +character is typed, a +.Dv TELNET AO +sequence (see +.Ic send +.Ic ao +above) +is sent to the remote host. +The initial value for the flush character is taken to be +the terminal's +.Ic flush +character. +.It Ic forw1 +.It Ic forw2 +If +.Tn TELNET +is operating in +.Dv LINEMODE , +these are the +characters that, when typed, cause partial lines to be +forwarded to the remote system. The initial value for +the forwarding characters are taken from the terminal's +eol and eol2 characters. +.It Ic interrupt +If +.Nm telnet +is in +.Ic localchars +mode (see +.Ic toggle +.Ic localchars +below) +and the +.Ic interrupt +character is typed, a +.Dv TELNET IP +sequence (see +.Ic send +.Ic ip +above) +is sent to the remote host. +The initial value for the interrupt character is taken to be +the terminal's +.Ic intr +character. +.It Ic kill +If +.Nm telnet +is in +.Ic localchars +mode (see +.Ic toggle +.Ic localchars +below), +.Ic and +if +.Nm telnet +is operating in \*(Lqcharacter at a time\*(Rq mode, then when this +character is typed, a +.Dv TELNET EL +sequence (see +.Ic send +.Ic el +above) +is sent to the remote system. +The initial value for the kill character is taken to be +the terminal's +.Ic kill +character. +.It Ic lnext +If +.Nm telnet +is operating in +.Dv LINEMODE +or \*(Lqold line by line\*(Lq mode, then this character is taken to +be the terminal's +.Ic lnext +character. +The initial value for the lnext character is taken to be +the terminal's +.Ic lnext +character. +.It Ic quit +If +.Nm telnet +is in +.Ic localchars +mode (see +.Ic toggle +.Ic localchars +below) +and the +.Ic quit +character is typed, a +.Dv TELNET BRK +sequence (see +.Ic send +.Ic brk +above) +is sent to the remote host. +The initial value for the quit character is taken to be +the terminal's +.Ic quit +character. +.It Ic reprint +If +.Nm telnet +is operating in +.Dv LINEMODE +or \*(Lqold line by line\*(Lq mode, then this character is taken to +be the terminal's +.Ic reprint +character. +The initial value for the reprint character is taken to be +the terminal's +.Ic reprint +character. +.It Ic rlogin +This is the rlogin escape character. +If set, the normal +.Tn TELNET +escape character is ignored unless it is +preceded by this character at the beginning of a line. +This character, at the beginning of a line followed by +a "." closes the connection; when followed by a ^Z it +suspends the telnet command. The initial state is to +disable the rlogin escape character. +.It Ic start +If the +.Dv TELNET TOGGLE-FLOW-CONTROL +option has been enabled, +then this character is taken to +be the terminal's +.Ic start +character. +The initial value for the kill character is taken to be +the terminal's +.Ic start +character. +.It Ic stop +If the +.Dv TELNET TOGGLE-FLOW-CONTROL +option has been enabled, +then this character is taken to +be the terminal's +.Ic stop +character. +The initial value for the kill character is taken to be +the terminal's +.Ic stop +character. +.It Ic susp +If +.Nm telnet +is in +.Ic localchars +mode, or +.Dv LINEMODE +is enabled, and the +.Ic suspend +character is typed, a +.Dv TELNET SUSP +sequence (see +.Ic send +.Ic susp +above) +is sent to the remote host. +The initial value for the suspend character is taken to be +the terminal's +.Ic suspend +character. +.It Ic tracefile +This is the file to which the output, caused by +.Ic netdata +or +.Ic option +tracing being +.Dv TRUE , +will be written. If it is set to +.Dq Fl , +then tracing information will be written to standard output (the default). +.It Ic worderase +If +.Nm telnet +is operating in +.Dv LINEMODE +or \*(Lqold line by line\*(Lq mode, then this character is taken to +be the terminal's +.Ic worderase +character. +The initial value for the worderase character is taken to be +the terminal's +.Ic worderase +character. +.It Ic ?\& +Displays the legal +.Ic set +.Pq Ic unset +commands. +.El +.It Ic slc Ar state +The +.Ic slc +command (Set Local Characters) is used to set +or change the state of the the special +characters when the +.Dv TELNET LINEMODE +option has +been enabled. Special characters are characters that get +mapped to +.Tn TELNET +commands sequences (like +.Ic ip +or +.Ic quit ) +or line editing characters (like +.Ic erase +and +.Ic kill ) . +By default, the local special characters are exported. +.Bl -tag -width Fl +.It Ic check +Verify the current settings for the current special characters. +The remote side is requested to send all the current special +character settings, and if there are any discrepancies with +the local side, the local side will switch to the remote value. +.It Ic export +Switch to the local defaults for the special characters. The +local default characters are those of the local terminal at +the time when +.Nm telnet +was started. +.It Ic import +Switch to the remote defaults for the special characters. +The remote default characters are those of the remote system +at the time when the +.Tn TELNET +connection was established. +.It Ic ?\& +Prints out help information for the +.Ic slc +command. +.El +.It Ic status +Show the current status of +.Nm telnet . +This includes the peer one is connected to, as well +as the current mode. +.It Ic toggle Ar arguments ... +Toggle (between +.Dv TRUE +and +.Dv FALSE ) +various flags that control how +.Nm telnet +responds to events. +These flags may be set explicitly to +.Dv TRUE +or +.Dv FALSE +using the +.Ic set +and +.Ic unset +commands listed above. +More than one argument may be specified. +The state of these flags may be interrogated with the +.Ic display +command. +Valid arguments are: +.Bl -tag -width Ar +.It Ic authdebug +Turns on debugging information for the authentication code. +.It Ic autoflush +If +.Ic autoflush +and +.Ic localchars +are both +.Dv TRUE , +then when the +.Ic ao , +or +.Ic quit +characters are recognized (and transformed into +.Tn TELNET +sequences; see +.Ic set +above for details), +.Nm telnet +refuses to display any data on the user's terminal +until the remote system acknowledges (via a +.Dv TELNET TIMING MARK +option) +that it has processed those +.Tn TELNET +sequences. +The initial value for this toggle is +.Dv TRUE +if the terminal user had not +done an "stty noflsh", otherwise +.Dv FALSE +(see +.Xr stty 1 ) . +.It Ic autodecrypt +When the +.Dv TELNET ENCRYPT +option is negotiated, by +default the actual encryption (decryption) of the data +stream does not start automatically. The autoencrypt +(autodecrypt) command states that encryption of the +output (input) stream should be enabled as soon as +possible. +.Pp +Note: Because of export controls, the +.Dv TELNET ENCRYPT +option is not supported outside the United States and Canada. +.It Ic autologin +If the remote side supports the +.Dv TELNET AUTHENTICATION +option +.Tn TELNET +attempts to use it to perform automatic authentication. If the +.Dv AUTHENTICATION +option is not supported, the user's login +name are propagated through the +.Dv TELNET ENVIRON +option. +This command is the same as specifying +.Ar a +option on the +.Ic open +command. +.It Ic autosynch +If +.Ic autosynch +and +.Ic localchars +are both +.Dv TRUE , +then when either the +.Ic intr +or +.Ic quit +characters is typed (see +.Ic set +above for descriptions of the +.Ic intr +and +.Ic quit +characters), the resulting +.Tn TELNET +sequence sent is followed by the +.Dv TELNET SYNCH +sequence. +This procedure +.Ic should +cause the remote system to begin throwing away all previously +typed input until both of the +.Tn TELNET +sequences have been read and acted upon. +The initial value of this toggle is +.Dv FALSE . +.It Ic binary +Enable or disable the +.Dv TELNET BINARY +option on both input and output. +.It Ic inbinary +Enable or disable the +.Dv TELNET BINARY +option on input. +.It Ic outbinary +Enable or disable the +.Dv TELNET BINARY +option on output. +.It Ic crlf +If this is +.Dv TRUE , +then carriage returns will be sent as +.Li <CR><LF> . +If this is +.Dv FALSE , +then carriage returns will be send as +.Li <CR><NUL> . +The initial value for this toggle is +.Dv FALSE . +.It Ic crmod +Toggle carriage return mode. +When this mode is enabled, most carriage return characters received from +the remote host will be mapped into a carriage return followed by +a line feed. +This mode does not affect those characters typed by the user, only +those received from the remote host. +This mode is not very useful unless the remote host +only sends carriage return, but never line feed. +The initial value for this toggle is +.Dv FALSE . +.It Ic debug +Toggles socket level debugging (useful only to the +.Ic super user ) . +The initial value for this toggle is +.Dv FALSE . +.It Ic encdebug +Turns on debugging information for the encryption code. +.It Ic localchars +If this is +.Dv TRUE , +then the +.Ic flush , +.Ic interrupt , +.Ic quit , +.Ic erase , +and +.Ic kill +characters (see +.Ic set +above) are recognized locally, and transformed into (hopefully) appropriate +.Tn TELNET +control sequences +(respectively +.Ic ao , +.Ic ip , +.Ic brk , +.Ic ec , +and +.Ic el ; +see +.Ic send +above). +The initial value for this toggle is +.Dv TRUE +in \*(Lqold line by line\*(Rq mode, +and +.Dv FALSE +in \*(Lqcharacter at a time\*(Rq mode. +When the +.Dv LINEMODE +option is enabled, the value of +.Ic localchars +is ignored, and assumed to always be +.Dv TRUE . +If +.Dv LINEMODE +has ever been enabled, then +.Ic quit +is sent as +.Ic abort , +and +.Ic eof +and +.Ic suspend +are sent as +.Ic eof +and +.Ic susp , +see +.Ic send +above). +.It Ic netdata +Toggles the display of all network data (in hexadecimal format). +The initial value for this toggle is +.Dv FALSE . +.It Ic options +Toggles the display of some internal +.Nm telnet +protocol processing (having to do with +.Tn TELNET +options). +The initial value for this toggle is +.Dv FALSE . +.It Ic prettydump +When the +.Ic netdata +toggle is enabled, if +.Ic prettydump +is enabled the output from the +.Ic netdata +command will be formatted in a more user readable format. +Spaces are put between each character in the output, and the +beginning of any +.Tn TELNET +escape sequence is preceded by a '*' to aid in locating them. +.It Ic skiprc +When the skiprc toggle is +.Dv TRUE , +.Tn TELNET +skips the reading of the +.Pa \&.telnetrc +file in the users home +directory when connections are opened. The initial +value for this toggle is +.Dv FALSE . +.It Ic termdata +Toggles the display of all terminal data (in hexadecimal format). +The initial value for this toggle is +.Dv FALSE . +.It Ic verbose_encrypt +When the +.Ic verbose_encrypt +toggle is +.Dv TRUE , +.Tn TELNET +prints out a message each time encryption is enabled or +disabled. The initial value for this toggle is +.Dv FALSE . +Note: Because of export controls, data encryption +is not supported outside of the United States and Canada. +.It Ic \&? +Displays the legal +.Ic toggle +commands. +.El +.It Ic z +Suspend +.Nm telnet . +This command only works when the user is using the +.Xr csh 1 . +.It Ic \&! Op Ar command +Execute a single command in a subshell on the local +system. If +.Ic command +is omitted, then an interactive +subshell is invoked. +.It Ic ?\& Op Ar command +Get help. With no arguments, +.Nm telnet +prints a help summary. +If a command is specified, +.Nm telnet +will print the help information for just that command. +.El +.Sh ENVIRONMENT +.Nm Telnet +uses at least the +.Ev HOME , +.Ev SHELL , +.Ev DISPLAY , +and +.Ev TERM +environment variables. +Other environment variables may be propagated +to the other side via the +.Dv TELNET ENVIRON +option. +.Sh FILES +.Bl -tag -width ~/.telnetrc -compact +.It Pa ~/.telnetrc +user customized telnet startup values +.El +.Sh HISTORY +The +.Nm Telnet +command appeared in +.Bx 4.2 . +.Sh NOTES +.Pp +On some remote systems, echo has to be turned off manually when in +\*(Lqold line by line\*(Rq mode. +.Pp +In \*(Lqold line by line\*(Rq mode or +.Dv LINEMODE +the terminal's +.Ic eof +character is only recognized (and sent to the remote system) +when it is the first character on a line. diff --git a/kerberosIV/src/appl/telnet/telnetd/telnetd.8 b/kerberosIV/src/appl/telnet/telnetd/telnetd.8 new file mode 100644 index 00000000000..56b6191c727 --- /dev/null +++ b/kerberosIV/src/appl/telnet/telnetd/telnetd.8 @@ -0,0 +1,532 @@ +.\" Copyright (c) 1983, 1993 +.\" The Regents of the University of California. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by the University of +.\" California, Berkeley and its contributors. +.\" 4. Neither the name of the University nor the names of its contributors +.\" may be used to endorse or promote products derived from this software +.\" without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND +.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE +.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +.\" SUCH DAMAGE. +.\" +.\" @(#)telnetd.8 8.4 (Berkeley) 6/1/94 +.\" +.Dd June 1, 1994 +.Dt TELNETD 8 +.Os BSD 4.2 +.Sh NAME +.Nm telnetd +.Nd DARPA +.Tn TELNET +protocol server +.Sh SYNOPSIS +.Nm telnetd +.Op Fl BUhkln +.Op Fl D Ar debugmode +.Op Fl S Ar tos +.Op Fl X Ar authtype +.Op Fl a Ar authmode +.Op Fl r Ns Ar lowpty-highpty +.Op Fl u Ar len +.Op Fl debug +.Op Fl L Ar /bin/login +.Op Fl y +.Op Ar port +.Sh DESCRIPTION +The +.Nm telnetd +command is a server which supports the +.Tn DARPA +standard +.Tn TELNET +virtual terminal protocol. +.Nm Telnetd +is normally invoked by the internet server (see +.Xr inetd 8 ) +for requests to connect to the +.Tn TELNET +port as indicated by the +.Pa /etc/services +file (see +.Xr services 5 ) . +The +.Fl debug +option may be used to start up +.Nm telnetd +manually, instead of through +.Xr inetd 8 . +If started up this way, +.Ar port +may be specified to run +.Nm telnetd +on an alternate +.Tn TCP +port number. +.Pp +The +.Nm telnetd +command accepts the following options: +.Bl -tag -width "-a authmode" +.It Fl a Ar authmode +This option may be used for specifying what mode should +be used for authentication. +Note that this option is only useful if +.Nm telnetd +has been compiled with support for the +.Dv AUTHENTICATION +option. +There are several valid values for +.Ar authmode : +.Bl -tag -width debug +.It debug +Turns on authentication debugging code. +.It user +Only allow connections when the remote user +can provide valid authentication information +to identify the remote user, +and is allowed access to the specified account +without providing a password. +.It valid +Only allow connections when the remote user +can provide valid authentication information +to identify the remote user. +The +.Xr login 1 +command will provide any additional user verification +needed if the remote user is not allowed automatic +access to the specified account. +.It other +Only allow connections that supply some authentication information. +This option is currently not supported +by any of the existing authentication mechanisms, +and is thus the same as specifying +.Fl a +.Cm valid . +.It otp +Only allow authenticated connections (as with +.Fl a +.Cm user ) +and also logins with one-time passwords (OTPs). This option will call +login with an option so that only OTPs are accepted. The user can of +course still type secret information at the prompt. +.It none +This is the default state. +Authentication information is not required. +If no or insufficient authentication information +is provided, then the +.Xr login 1 +program will provide the necessary user +verification. +.It off +This disables the authentication code. +All user verification will happen through the +.Xr login 1 +program. +.El +.It Fl B +Ignored. +.It Fl D Ar debugmode +This option may be used for debugging purposes. +This allows +.Nm telnetd +to print out debugging information +to the connection, allowing the user to see what +.Nm telnetd +is doing. +There are several possible values for +.Ar debugmode : +.Bl -tag -width exercise +.It Cm options +Prints information about the negotiation of +.Tn TELNET +options. +.It Cm report +Prints the +.Cm options +information, plus some additional information +about what processing is going on. +.It Cm netdata +Displays the data stream received by +.Nm telnetd . +.It Cm ptydata +Displays data written to the pty. +.It Cm exercise +Has not been implemented yet. +.El +.It Fl h +Disables the printing of host-specific information before +login has been completed. +.It Fl k +.It Fl l +Ignored. +.It Fl n +Disable +.Dv TCP +keep-alives. Normally +.Nm telnetd +enables the +.Tn TCP +keep-alive mechanism to probe connections that +have been idle for some period of time to determine +if the client is still there, so that idle connections +from machines that have crashed or can no longer +be reached may be cleaned up. +.It Fl r Ar lowpty-highpty +This option is only enabled when +.Nm telnetd +is compiled for +.Dv UNICOS . +It specifies an inclusive range of pseudo-terminal devices to +use. If the system has sysconf variable +.Dv _SC_CRAY_NPTY +configured, the default pty search range is 0 to +.Dv _SC_CRAY_NPTY ; +otherwise, the default range is 0 to 128. Either +.Ar lowpty +or +.Ar highpty +may be omitted to allow changing +either end of the search range. If +.Ar lowpty +is omitted, the - character is still required so that +.Nm telnetd +can differentiate +.Ar highpty +from +.Ar lowpty . +.It Fl S Ar tos +.It Fl u Ar len +This option is used to specify the size of the field +in the +.Dv utmp +structure that holds the remote host name. +If the resolved host name is longer than +.Ar len , +the dotted decimal value will be used instead. +This allows hosts with very long host names that +overflow this field to still be uniquely identified. +Specifying +.Fl u0 +indicates that only dotted decimal addresses +should be put into the +.Pa utmp +file. +.It Fl U +This option causes +.Nm telnetd +to refuse connections from addresses that +cannot be mapped back into a symbolic name +via the +.Xr gethostbyaddr 3 +routine. +.It Fl X Ar authtype +This option is only valid if +.Nm telnetd +has been built with support for the authentication option. +It disables the use of +.Ar authtype +authentication, and +can be used to temporarily disable +a specific authentication type without having to recompile +.Nm telnetd . +.It Fl L Ar pathname +Specify pathname to an alternative login program. +.It Fl y +Makes +.Nm +not warn when a user is trying to login with a cleartext password. +.El +.Pp +.Nm Telnetd +operates by allocating a pseudo-terminal device (see +.Xr pty 4 ) +for a client, then creating a login process which has +the slave side of the pseudo-terminal as +.Dv stdin , +.Dv stdout +and +.Dv stderr . +.Nm Telnetd +manipulates the master side of the pseudo-terminal, +implementing the +.Tn TELNET +protocol and passing characters +between the remote client and the login process. +.Pp +When a +.Tn TELNET +session is started up, +.Nm telnetd +sends +.Tn TELNET +options to the client side indicating +a willingness to do the +following +.Tn TELNET +options, which are described in more detail below: +.Bd -literal -offset indent +DO AUTHENTICATION +WILL ENCRYPT +DO TERMINAL TYPE +DO TSPEED +DO XDISPLOC +DO NEW-ENVIRON +DO ENVIRON +WILL SUPPRESS GO AHEAD +DO ECHO +DO LINEMODE +DO NAWS +WILL STATUS +DO LFLOW +DO TIMING-MARK +.Ed +.Pp +The pseudo-terminal allocated to the client is configured +to operate in +.Dq cooked +mode, and with +.Dv XTABS and +.Dv CRMOD +enabled (see +.Xr tty 4 ) . +.Pp +.Nm Telnetd +has support for enabling locally the following +.Tn TELNET +options: +.Bl -tag -width "DO AUTHENTICATION" +.It "WILL ECHO" +When the +.Dv LINEMODE +option is enabled, a +.Dv WILL ECHO +or +.Dv WONT ECHO +will be sent to the client to indicate the +current state of terminal echoing. +When terminal echo is not desired, a +.Dv WILL ECHO +is sent to indicate that +.Tn telnetd +will take care of echoing any data that needs to be +echoed to the terminal, and then nothing is echoed. +When terminal echo is desired, a +.Dv WONT ECHO +is sent to indicate that +.Tn telnetd +will not be doing any terminal echoing, so the +client should do any terminal echoing that is needed. +.It "WILL BINARY" +Indicates that the client is willing to send a +8 bits of data, rather than the normal 7 bits +of the Network Virtual Terminal. +.It "WILL SGA" +Indicates that it will not be sending +.Dv IAC GA , +go ahead, commands. +.It "WILL STATUS" +Indicates a willingness to send the client, upon +request, of the current status of all +.Tn TELNET +options. +.It "WILL TIMING-MARK" +Whenever a +.Dv DO TIMING-MARK +command is received, it is always responded +to with a +.Dv WILL TIMING-MARK +.It "WILL LOGOUT" +When a +.Dv DO LOGOUT +is received, a +.Dv WILL LOGOUT +is sent in response, and the +.Tn TELNET +session is shut down. +.It "WILL ENCRYPT" +Only sent if +.Nm telnetd +is compiled with support for data encryption, and +indicates a willingness to decrypt +the data stream. +.El +.Pp +.Nm Telnetd +has support for enabling remotely the following +.Tn TELNET +options: +.Bl -tag -width "DO AUTHENTICATION" +.It "DO BINARY" +Sent to indicate that +.Tn telnetd +is willing to receive an 8 bit data stream. +.It "DO LFLOW" +Requests that the client handle flow control +characters remotely. +.It "DO ECHO" +This is not really supported, but is sent to identify a 4.2BSD +.Xr telnet 1 +client, which will improperly respond with +.Dv WILL ECHO . +If a +.Dv WILL ECHO +is received, a +.Dv DONT ECHO +will be sent in response. +.It "DO TERMINAL-TYPE" +Indicates a desire to be able to request the +name of the type of terminal that is attached +to the client side of the connection. +.It "DO SGA" +Indicates that it does not need to receive +.Dv IAC GA , +the go ahead command. +.It "DO NAWS" +Requests that the client inform the server when +the window (display) size changes. +.It "DO TERMINAL-SPEED" +Indicates a desire to be able to request information +about the speed of the serial line to which +the client is attached. +.It "DO XDISPLOC" +Indicates a desire to be able to request the name +of the X windows display that is associated with +the telnet client. +.It "DO NEW-ENVIRON" +Indicates a desire to be able to request environment +variable information, as described in RFC 1572. +.It "DO ENVIRON" +Indicates a desire to be able to request environment +variable information, as described in RFC 1408. +.It "DO LINEMODE" +Only sent if +.Nm telnetd +is compiled with support for linemode, and +requests that the client do line by line processing. +.It "DO TIMING-MARK" +Only sent if +.Nm telnetd +is compiled with support for both linemode and +kludge linemode, and the client responded with +.Dv WONT LINEMODE . +If the client responds with +.Dv WILL TM , +the it is assumed that the client supports +kludge linemode. +Note that the +.Op Fl k +option can be used to disable this. +.It "DO AUTHENTICATION" +Only sent if +.Nm telnetd +is compiled with support for authentication, and +indicates a willingness to receive authentication +information for automatic login. +.It "DO ENCRYPT" +Only sent if +.Nm telnetd +is compiled with support for data encryption, and +indicates a willingness to decrypt +the data stream. +.El +.Sh FILES +.Bl -tag -width /etc/services -compact +.It Pa /etc/services +.It Pa /etc/inittab +(UNICOS systems only) +.It Pa /etc/iptos +(if supported) +.El +.Sh "SEE ALSO" +.Xr telnet 1 , +.Xr login 1 +.Sh STANDARDS +.Bl -tag -compact -width RFC-1572 +.It Cm RFC-854 +.Tn TELNET +PROTOCOL SPECIFICATION +.It Cm RFC-855 +TELNET OPTION SPECIFICATIONS +.It Cm RFC-856 +TELNET BINARY TRANSMISSION +.It Cm RFC-857 +TELNET ECHO OPTION +.It Cm RFC-858 +TELNET SUPPRESS GO AHEAD OPTION +.It Cm RFC-859 +TELNET STATUS OPTION +.It Cm RFC-860 +TELNET TIMING MARK OPTION +.It Cm RFC-861 +TELNET EXTENDED OPTIONS - LIST OPTION +.It Cm RFC-885 +TELNET END OF RECORD OPTION +.It Cm RFC-1073 +Telnet Window Size Option +.It Cm RFC-1079 +Telnet Terminal Speed Option +.It Cm RFC-1091 +Telnet Terminal-Type Option +.It Cm RFC-1096 +Telnet X Display Location Option +.It Cm RFC-1123 +Requirements for Internet Hosts -- Application and Support +.It Cm RFC-1184 +Telnet Linemode Option +.It Cm RFC-1372 +Telnet Remote Flow Control Option +.It Cm RFC-1416 +Telnet Authentication Option +.It Cm RFC-1411 +Telnet Authentication: Kerberos Version 4 +.It Cm RFC-1412 +Telnet Authentication: SPX +.It Cm RFC-1571 +Telnet Environment Option Interoperability Issues +.It Cm RFC-1572 +Telnet Environment Option +.El +.Sh BUGS +Some +.Tn TELNET +commands are only partially implemented. +.Pp +Because of bugs in the original 4.2 BSD +.Xr telnet 1 , +.Nm telnetd +performs some dubious protocol exchanges to try to discover if the remote +client is, in fact, a 4.2 BSD +.Xr telnet 1 . +.Pp +Binary mode +has no common interpretation except between similar operating systems +(Unix in this case). +.Pp +The terminal type name received from the remote client is converted to +lower case. +.Pp +.Nm Telnetd +never sends +.Tn TELNET +.Dv IAC GA +(go ahead) commands. diff --git a/kerberosIV/src/appl/xnlock/xnlock.1 b/kerberosIV/src/appl/xnlock/xnlock.1 new file mode 100644 index 00000000000..c62417d0622 --- /dev/null +++ b/kerberosIV/src/appl/xnlock/xnlock.1 @@ -0,0 +1,123 @@ +.\" xnlock -- Dan Heller 1985 <argv@sun.com> +.TH XNLOCK 1L "19 April 1990" +.SH NAME +xnlock \- amusing lock screen program with message for passers-by +.SH SYNOPSIS +.B xnlock +[ +\fIoptions\fP +] +[ +\fImessage\fP +] +.SH DESCRIPTION +.I xnlock +is a program that acts as a screen saver for workstations running X11. +It also "locks" the screen such that the workstation can be left +unattended without worry that someone else will walk up to it and +mess everything up. When \fIxnlock\fP is running, a little man with +a big nose and a hat runs around spewing out messages to the screen. +By default, the messages are "humorous", but that depends on your +sense of humor. +.LP +If a key or mouse button is pressed, a prompt is printed requesting the +user's password. If a RETURN is not typed within 30 seconds, +the little man resumes running around. +.LP +Text on the command line is used as the message. For example: +.br + % xnlock I\'m out to lunch for a couple of hours. +.br +Note the need to quote shell metacharacters. +.LP +In the absence of flags or text, \fIxnlock\fP displays random fortunes. +.SH OPTIONS +Command line options override all resource specifications. +All arguments that are not associated with a command line option +is taken to be message text that the little man will "say" every +once in a while. The resource \fBxnlock.text\fP may be set to +a string. +.TP +.BI \-fn " fontname" +The default font is the first 18 point font in the \fInew century schoolbook\fP +family. While larger fonts are recokmmended over smaller ones, any font +in the server's font list will work. The resource to use for this option +is \fBxnlock.font\fP. +.TP +.BI \-filename " filename" +Take the message to be displayed from the file \fIfilename\fP. +If \fIfilename\fP is not specified, \fI$HOME/.msgfile\fP is used. +If the contents of the file are changed during runtime, the most recent text +of the file is used (allowing the displayed message to be altered remotely). +Carriage returns within the text are allowed, but tabs or other control +characters are not translated and should not be used. +The resource available for this option is \fBxnlock.file\fP. +.TP +.BI \-ar +Accept root's password to unlock screen. This option is true by +default. The reason for this is so that someone's screen may be +unlocked by autorized users in case of emergency and the person +running the program is still out to lunch. The resource available +for specifying this option is \fBxnlock.acceptRootPasswd\fP. +.TP +.BI \-noar +Don't accept root's password. This option is for paranoids who +fear their peers might breakin using root's password and remove +their files anyway. Specifying this option on the command line +overrides the \fBxnlock.acceptRootPasswd\fP if set to True. +.TP +.BI \-ip +Ignore password prompt. +The resource available for this option is \fBxnlock.ignorePasswd\fP. +.TP +.BI \-noip +Don't ignore password prompt. This is available in order to +override the resource \fBignorePasswd\fP if set to True. +.TP +.BI -fg " color" +Specifies the foreground color. The resource available for this +is \fBxnlock.foreground\fP. +.TP +.BI -bg " color" +Specifies the background color. The resource available for this +is \fBxnlock.background\fP. +.TP +.BI \-rv +Reverse the foreground and background colors. +The resource for this is \fBxvnlock.reverseVideo\fP. +.TP +.BI \-norv +Don't use reverse video. This is available to override the reverseVideo +resource if set to True. +.TP +.BI \-prog " program" +Receive message text from the running program \fIprogram\fP. If there +are arguments to \fIprogram\fP, encase them with the name of the program in +quotes (e.g. xnlock -t "fortune -o"). +The resource for this is \fBxnlock.program\fP. +.SH RESOURCES +.br +xnlock.font: fontname +.br +xnlock.foreground: color +.br +xnlock.background: color +.br +xnlock.reverseVideo: True/False +.br +xnlock.text: Some random text string +.br +xnlock.program: program [args] +.br +xnlock.ignorePasswd: True/False +.br +xnlock.acceptRootPasswd: True/False +.SH FILES +\fIxnlock\fP executable file +.br +~/.msgfile default message file +.SH AUTHOR +Dan Heller <argv@sun.com> Copyright (c) 1985, 1990. +.br +The original version of this program was written using pixrects on +a Sun 2 running SunOS 1.1. diff --git a/kerberosIV/src/cf/aix.m4 b/kerberosIV/src/cf/aix.m4 new file mode 100644 index 00000000000..e60a3794f7a --- /dev/null +++ b/kerberosIV/src/cf/aix.m4 @@ -0,0 +1,39 @@ +dnl +dnl $KTH: aix.m4,v 1.5 2000/11/05 17:15:46 joda Exp $ +dnl + +AC_DEFUN(KRB_AIX,[ +aix=no +case "$host" in +*-*-aix3*) + aix=3 + ;; +*-*-aix4*) + aix=4 + ;; +esac +AM_CONDITIONAL(AIX, test "$aix" != no)dnl +AM_CONDITIONAL(AIX4, test "$aix" = 4) +aix_dynamic_afs=yes +AM_CONDITIONAL(AIX_DYNAMIC_AFS, test "$aix_dynamic_afs" = yes)dnl + +AC_FIND_FUNC_NO_LIBS(dlopen, dl) + +if test "$aix" != no; then + if test "$aix_dynamic_afs" = yes; then + if test "$ac_cv_funclib_dlopen" = yes; then + AIX_EXTRA_KAFS= + elif test "$ac_cv_funclib_dlopen" != no; then + AIX_EXTRA_KAFS="$ac_cv_funclib_dlopen" + else + AIX_EXTRA_KAFS=-lld + fi + else + AIX_EXTRA_KAFS= + fi +fi + +AM_CONDITIONAL(HAVE_DLOPEN, test "$ac_cv_funclib_dlopen" != no)dnl +AC_SUBST(AIX_EXTRA_KAFS)dnl + +])
\ No newline at end of file diff --git a/kerberosIV/src/cf/broken-getaddrinfo.m4 b/kerberosIV/src/cf/broken-getaddrinfo.m4 new file mode 100644 index 00000000000..6a4d96cef18 --- /dev/null +++ b/kerberosIV/src/cf/broken-getaddrinfo.m4 @@ -0,0 +1,24 @@ +dnl $KTH: broken-getaddrinfo.m4,v 1.2 2001/08/22 01:05:29 assar Exp $ +dnl +dnl test if getaddrinfo can handle numeric services + +AC_DEFUN(rk_BROKEN_GETADDRINFO,[ +AC_CACHE_CHECK([if getaddrinfo handles numeric services], ac_cv_func_getaddrinfo_numserv, +AC_TRY_RUN([[#include <stdio.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netdb.h> + +int +main(int argc, char **argv) +{ + struct addrinfo hints, *ai; + memset(&hints, 0, sizeof(hints)); + hints.ai_flags = AI_PASSIVE; + hints.ai_socktype = SOCK_STREAM; + hints.ai_family = PF_UNSPEC; + if(getaddrinfo(NULL, "17", &hints, &ai) == EAI_SERVICE) + return 1; + return 0; +} +]], ac_cv_func_getaddrinfo_numserv=yes, ac_cv_func_getaddrinfo_numserv=no))]) diff --git a/kerberosIV/src/cf/broken-getnameinfo.m4 b/kerberosIV/src/cf/broken-getnameinfo.m4 new file mode 100644 index 00000000000..46b8ac2def9 --- /dev/null +++ b/kerberosIV/src/cf/broken-getnameinfo.m4 @@ -0,0 +1,28 @@ +dnl $KTH: broken-getnameinfo.m4,v 1.2 2000/12/05 09:09:00 joda Exp $ +dnl +dnl test for broken AIX getnameinfo + +AC_DEFUN(rk_BROKEN_GETNAMEINFO,[ +AC_CACHE_CHECK([if getnameinfo is broken], ac_cv_func_getnameinfo_broken, +AC_TRY_RUN([[#include <stdio.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> +#include <netdb.h> + +int +main(int argc, char **argv) +{ + struct sockaddr_in sin; + char host[256]; + memset(&sin, 0, sizeof(sin)); +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN + sin.sin_len = sizeof(sin); +#endif + sin.sin_family = AF_INET; + sin.sin_addr.s_addr = 0xffffffff; + sin.sin_port = 0; + return getnameinfo((struct sockaddr*)&sin, sizeof(sin), host, sizeof(host), + NULL, 0, 0); +} +]], ac_cv_func_getnameinfo_broken=no, ac_cv_func_getnameinfo_broken=yes))]) diff --git a/kerberosIV/src/cf/broken-realloc.m4 b/kerberosIV/src/cf/broken-realloc.m4 new file mode 100644 index 00000000000..acac0714ec0 --- /dev/null +++ b/kerberosIV/src/cf/broken-realloc.m4 @@ -0,0 +1,26 @@ +dnl +dnl $KTH: broken-realloc.m4,v 1.1 2000/07/15 18:05:36 joda Exp $ +dnl +dnl Test for realloc that doesn't handle NULL as first parameter +dnl +AC_DEFUN(rk_BROKEN_REALLOC, [ +AC_CACHE_CHECK(if realloc if broken, ac_cv_func_realloc_broken, [ +ac_cv_func_realloc_broken=no +AC_TRY_RUN([ +#include <stddef.h> +#include <stdlib.h> + +int main() +{ + return realloc(NULL, 17) == NULL; +} +],:, ac_cv_func_realloc_broken=yes, :) +]) +if test "$ac_cv_func_realloc_broken" = yes ; then + AC_DEFINE(BROKEN_REALLOC, 1, [Define if realloc(NULL) doesn't work.]) +fi +AH_BOTTOM([#ifdef BROKEN_REALLOC +#define realloc(X, Y) isoc_realloc((X), (Y)) +#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) +#endif]) +]) diff --git a/kerberosIV/src/cf/broken2.m4 b/kerberosIV/src/cf/broken2.m4 new file mode 100644 index 00000000000..97403b75228 --- /dev/null +++ b/kerberosIV/src/cf/broken2.m4 @@ -0,0 +1,35 @@ +dnl $KTH: broken2.m4,v 1.1 2000/12/15 14:27:33 assar Exp $ +dnl +dnl AC_BROKEN but with more arguments + +dnl AC_BROKEN2(func, includes, arguments) +AC_DEFUN(AC_BROKEN2, +[for ac_func in $1 +do +AC_MSG_CHECKING([for $ac_func]) +AC_CACHE_VAL(ac_cv_func_$ac_func, +[AC_TRY_LINK([$2], +[ +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined (__stub_$1) || defined (__stub___$1) +choke me +#else +$ac_func($3) +#endif +], [eval "ac_cv_func_$ac_func=yes"], [eval "ac_cv_func_$ac_func=no"])]) +if eval "test \"\${ac_cv_func_$ac_func}\" = yes"; then + ac_tr_func=HAVE_[]upcase($ac_func) + AC_DEFINE_UNQUOTED($ac_tr_func) + AC_MSG_RESULT(yes) +else + AC_MSG_RESULT(no) + LIBOBJS[]="$LIBOBJS ${ac_func}.o" +fi +done +if false; then + AC_CHECK_FUNCS($1) +fi +AC_SUBST(LIBOBJS)dnl +]) diff --git a/kerberosIV/src/cf/check-compile-et.m4 b/kerberosIV/src/cf/check-compile-et.m4 new file mode 100644 index 00000000000..3c97d19a8cd --- /dev/null +++ b/kerberosIV/src/cf/check-compile-et.m4 @@ -0,0 +1,77 @@ +dnl $KTH: check-compile-et.m4,v 1.6 2001/09/02 17:08:48 assar Exp $ +dnl +dnl CHECK_COMPILE_ET +AC_DEFUN([CHECK_COMPILE_ET], [ + +AC_CHECK_PROG(COMPILE_ET, compile_et, [compile_et]) + +krb_cv_compile_et="no" +if test "${COMPILE_ET}" = "compile_et"; then + +dnl We have compile_et. Now let's see if it supports `prefix' and `index'. +AC_MSG_CHECKING(whether compile_et has the features we need) +cat > conftest_et.et <<'EOF' +error_table conf +prefix CONFTEST +index 1 +error_code CODE1, "CODE1" +index 128 +error_code CODE2, "CODE2" +end +EOF +if ${COMPILE_ET} conftest_et.et >/dev/null 2>&1; then + dnl XXX Some systems have <et/com_err.h>. + save_CPPFLAGS="${save_CPPFLAGS}" + if test -d "/usr/include/et"; then + CPPFLAGS="-I/usr/include/et ${CPPFLAGS}" + fi + dnl Check that the `prefix' and `index' directives were honored. + AC_TRY_RUN([ +#include <com_err.h> +#include <string.h> +#include "conftest_et.h" +int main(){return (CONFTEST_CODE2 - CONFTEST_CODE1) != 127;} + ], [krb_cv_compile_et="yes"],[CPPFLAGS="${save_CPPFLAGS}"]) +fi +AC_MSG_RESULT(${krb_cv_compile_et}) +rm -fr conftest* +fi + +if test "${krb_cv_compile_et}" = "yes"; then + dnl Since compile_et seems to work, let's check libcom_err + krb_cv_save_LIBS="${LIBS}" + LIBS="${LIBS} -lcom_err" + AC_MSG_CHECKING(for com_err) + AC_TRY_LINK([#include <com_err.h>],[ + const char *p; + p = error_message(0); + ],[krb_cv_com_err="yes"],[krb_cv_com_err="no"; CPPFLAGS="${save_CPPFLAGS}"]) + AC_MSG_RESULT(${krb_cv_com_err}) + LIBS="${krb_cv_save_LIBS}" +else + dnl Since compile_et doesn't work, forget about libcom_err + krb_cv_com_err="no" +fi + +dnl Only use the system's com_err if we found compile_et, libcom_err, and +dnl com_err.h. +if test "${krb_cv_com_err}" = "yes"; then + DIR_com_err="" + LIB_com_err="-lcom_err" + LIB_com_err_a="" + LIB_com_err_so="" + AC_MSG_NOTICE(Using the already-installed com_err) +else + COMPILE_ET="\$(top_builddir)/lib/com_err/compile_et" + DIR_com_err="com_err" + LIB_com_err="\$(top_builddir)/lib/com_err/libcom_err.la" + LIB_com_err_a="\$(top_builddir)/lib/com_err/.libs/libcom_err.a" + LIB_com_err_so="\$(top_builddir)/lib/com_err/.libs/libcom_err.so" + AC_MSG_NOTICE(Using our own com_err) +fi +AC_SUBST(DIR_com_err) +AC_SUBST(LIB_com_err) +AC_SUBST(LIB_com_err_a) +AC_SUBST(LIB_com_err_so) + +]) diff --git a/kerberosIV/src/cf/crypto.m4 b/kerberosIV/src/cf/crypto.m4 new file mode 100644 index 00000000000..a2a3670d211 --- /dev/null +++ b/kerberosIV/src/cf/crypto.m4 @@ -0,0 +1,119 @@ +dnl $KTH: crypto.m4,v 1.7 2001/08/29 17:02:48 assar Exp $ +dnl +dnl test for crypto libraries: +dnl - libcrypto (from openssl) +dnl - libdes (from krb4) +dnl - own-built libdes + +AC_DEFUN([KRB_CRYPTO],[ +crypto_lib=unknown +AC_WITH_ALL([openssl]) + +DIR_des= + +AC_MSG_CHECKING([for crypto library]) + +if test "$crypto_lib" = "unknown" -a "$with_openssl" != "no"; then + + save_CPPFLAGS="$CPPFLAGS" + save_LIBS="$LIBS" + INCLUDE_des= + LIB_des= + if test "$with_openssl_include" != ""; then + INCLUDE_des="-I${with_openssl}/include" + fi + if test "$with_openssl_lib" != ""; then + LIB_des="-L${with_openssl}/lib" + fi + CPPFLAGS="${INCLUDE_des} ${CPPFLAGS}" + LIB_des="${LIB_des} -lcrypto" + LIB_des_a="$LIB_des" + LIB_des_so="$LIB_des" + LIB_des_appl="$LIB_des" + LIBS="${LIBS} ${LIB_des}" + AC_TRY_LINK([ + #include <openssl/md4.h> + #include <openssl/md5.h> + #include <openssl/sha.h> + #include <openssl/des.h> + #include <openssl/rc4.h> + ], + [ + MD4_CTX md4; + MD5_CTX md5; + SHA_CTX sha1; + + MD4_Init(&md4); + MD5_Init(&md5); + SHA1_Init(&sha1); + + des_cbc_encrypt(0, 0, 0, 0, 0, 0); + RC4(0, 0, 0, 0); + ], [ + crypto_lib=libcrypto + AC_DEFINE([HAVE_OPENSSL], 1, [define to use openssl's libcrypto]) + AC_MSG_RESULT([libcrypto])]) + CPPFLAGS="$save_CPPFLAGS" + LIBS="$save_LIBS" +fi + +if test "$crypto_lib" = "unknown" -a "$with_krb4" != "no"; then + + save_CPPFLAGS="$CPPFLAGS" + save_LIBS="$LIBS" + INCLUDE_des="${INCLUDE_krb4}" + LIB_des= + if test "$krb4_libdir"; then + LIB_des="-L${krb4_libdir}" + fi + LIB_des="${LIB_des} -ldes" + CPPFLAGS="${CPPFLAGS} ${INCLUDE_des}" + LIBS="${LIBS} ${LIB_des}" + LIB_des_a="$LIB_des" + LIB_des_so="$LIB_des" + LIB_des_appl="$LIB_des" + LIBS="${LIBS} ${LIB_des}" + AC_TRY_LINK([ + #undef KRB5 /* makes md4.h et al unhappy */ + #define KRB4 + #include <md4.h> + #include <md5.h> + #include <sha.h> + #include <des.h> + #include <rc4.h> + ], + [ + MD4_CTX md4; + MD5_CTX md5; + SHA_CTX sha1; + + MD4_Init(&md4); + MD5_Init(&md5); + SHA1_Init(&sha1); + + des_cbc_encrypt(0, 0, 0, 0, 0, 0); + RC4(0, 0, 0, 0); + ], [crypto_lib=krb4; AC_MSG_RESULT([krb4's libdes])]) + CPPFLAGS="$save_CPPFLAGS" + LIBS="$save_LIBS" +fi + +if test "$crypto_lib" = "unknown"; then + + DIR_des='des' + LIB_des='$(top_builddir)/lib/des/libdes.la' + LIB_des_a='$(top_builddir)/lib/des/.libs/libdes.a' + LIB_des_so='$(top_builddir)/lib/des/.libs/libdes.so' + LIB_des_appl="-ldes" + + AC_MSG_RESULT([included libdes]) + +fi + +AC_SUBST(DIR_des) +AC_SUBST(INCLUDE_des) +AC_SUBST(LIB_des) +AC_SUBST(LIB_des_a) +AC_SUBST(LIB_des_so) +AC_SUBST(LIB_des_appl) +]) diff --git a/kerberosIV/src/cf/db.m4 b/kerberosIV/src/cf/db.m4 new file mode 100644 index 00000000000..ed0d320fb59 --- /dev/null +++ b/kerberosIV/src/cf/db.m4 @@ -0,0 +1,183 @@ +dnl $KTH: db.m4,v 1.5 2001/09/13 00:34:07 assar Exp $ +dnl +dnl tests for various db libraries +dnl +AC_DEFUN([rk_DB],[berkeley_db=db +AC_ARG_WITH(berkeley-db, +[ --without-berkeley-db if you don't want berkeley db],[ +if test "$withval" = no; then + berkeley_db="" +fi +]) + +have_ndbm=no +db_type=unknown + +if test "$berkeley_db"; then + + AC_CHECK_HEADERS([ \ + db.h \ + db_185.h \ + ]) + +dnl db_create is used by db3 + + AC_FIND_FUNC_NO_LIBS(db_create, $berkeley_db, [ + #include <stdio.h> + #include <db.h> + ],[NULL, NULL, 0]) + + if test "$ac_cv_func_db_create" = "yes"; then + db_type=db3 + if test "$ac_cv_funclib_db_create" != "yes"; then + DBLIB="$ac_cv_funclib_db_create" + else + DBLIB="" + fi + AC_DEFINE(HAVE_DB3, 1, [define if you have a berkeley db3 library]) + else + +dnl dbopen is used by db1/db2 + + AC_FIND_FUNC_NO_LIBS(dbopen, $berkeley_db, [ + #include <stdio.h> + #if defined(HAVE_DB_185_H) + #include <db_185.h> + #elif defined(HAVE_DB_H) + #include <db.h> + #else + #error no db.h + #endif + ],[NULL, 0, 0, 0, NULL]) + + if test "$ac_cv_func_dbopen" = "yes"; then + db_type=db1 + if test "$ac_cv_funclib_dbopen" != "yes"; then + DBLIB="$ac_cv_funclib_dbopen" + else + DBLIB="" + fi + AC_DEFINE(HAVE_DB1, 1, [define if you have a berkeley db1/2 library]) + fi + fi + +dnl test for ndbm compatability + + AC_FIND_FUNC_NO_LIBS2(dbm_firstkey, $ac_cv_funclib_dbopen $ac_cv_funclib_db_create, [ + #include <stdio.h> + #define DB_DBM_HSEARCH 1 + #include <db.h> + DBM *dbm; + ],[NULL]) + + if test "$ac_cv_func_dbm_firstkey" = "yes"; then + if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then + LIB_NDBM="$ac_cv_funclib_dbm_firstkey" + else + LIB_NDBM="" + fi + AC_DEFINE(HAVE_DB_NDBM, 1, [define if you have ndbm compat in db]) + AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files *.db)]) + else + $as_unset ac_cv_func_dbm_firstkey + $as_unset ac_cv_funclib_dbm_firstkey + fi + +fi # berkeley db + +if test "$db_type" = "unknown" -o "$ac_cv_func_dbm_firstkey" = ""; then + + AC_CHECK_HEADERS([ \ + dbm.h \ + ndbm.h \ + ]) + + AC_FIND_FUNC_NO_LIBS(dbm_firstkey, ndbm, [ + #include <stdio.h> + #if defined(HAVE_NDBM_H) + #include <ndbm.h> + #elif defined(HAVE_DBM_H) + #include <dbm.h> + #else + #error no ndbm.h + #endif + DBM *dbm; + ],[NULL]) + + if test "$ac_cv_func_dbm_firstkey" = "yes"; then + if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then + LIB_NDBM="$ac_cv_funclib_dbm_firstkey" + else + LIB_NDBM="" + fi + AC_DEFINE(HAVE_NDBM, 1, [define if you have a ndbm library])dnl + have_ndbm=yes + if test "$db_type" = "unknown"; then + db_type=ndbm + DBLIB="$LIB_NDBM" + fi + else + + $as_unset ac_cv_func_dbm_firstkey + $as_unset ac_cv_funclib_dbm_firstkey + + AC_CHECK_HEADERS([ \ + gdbm/ndbm.h \ + ]) + + AC_FIND_FUNC_NO_LIBS(dbm_firstkey, gdbm, [ + #include <stdio.h> + #include <gdbm/ndbm.h> + DBM *dbm; + ],[NULL]) + + if test "$ac_cv_func_dbm_firstkey" = "yes"; then + if test "$ac_cv_funclib_dbm_firstkey" != "yes"; then + LIB_NDBM="$ac_cv_funclib_dbm_firstkey" + else + LIB_NDBM="" + fi + AC_DEFINE(HAVE_NDBM, 1, [define if you have a ndbm library])dnl + have_ndbm=yes + if test "$db_type" = "unknown"; then + db_type=ndbm + DBLIB="$LIB_NDBM" + fi + fi + fi + +fi # unknown + +if test "$have_ndbm" = "yes"; then + AC_MSG_CHECKING([if ndbm is implemented with db]) + AC_TRY_RUN([ +#include <unistd.h> +#include <fcntl.h> +#if defined(HAVE_GDBM_NDBM_H) +#include <gdbm/ndbm.h> +#elif defined(HAVE_NDBM_H) +#include <ndbm.h> +#elif defined(HAVE_DBM_H) +#include <dbm.h> +#endif +int main() +{ + DBM *d; + + d = dbm_open("conftest", O_RDWR | O_CREAT, 0666); + if (d == NULL) + return 1; + dbm_close(d); + return 0; +}],[ + if test -f conftest.db; then + AC_MSG_RESULT([yes]) + AC_DEFINE(HAVE_NEW_DB, 1, [Define if NDBM really is DB (creates files *.db)]) + else + AC_MSG_RESULT([no]) + fi],[AC_MSG_RESULT([no])]) +fi + +AC_SUBST(DBLIB)dnl +AC_SUBST(LIB_NDBM)dnl +]) diff --git a/kerberosIV/src/cf/install-catman.sh b/kerberosIV/src/cf/install-catman.sh new file mode 100644 index 00000000000..81eb72f8669 --- /dev/null +++ b/kerberosIV/src/cf/install-catman.sh @@ -0,0 +1,53 @@ +#!/bin/sh +# +# $KTH: install-catman.sh,v 1.2.4.1 2001/10/08 23:44:32 assar Exp $ +# +# install preformatted manual pages + +INSTALL_DATA="$1"; shift +mkinstalldirs="$1"; shift +srcdir="$1"; shift +manbase="$1"; shift +suffix="$1"; shift + +for f in "$@"; do + base=`echo "$f" | sed 's/\(.*\)\.\([^.]*\)$/\1/'` + section=`echo "$f" | sed 's/\(.*\)\.\([^.]*\)$/\2/'` + mandir="$manbase/man$section" + catdir="$manbase/cat$section" + c="$base.cat$section" + + if test -f "$srcdir/$c"; then + if test \! -d "$catdir"; then + eval "$mkinstalldirs $catdir" + fi + eval "echo $INSTALL_DATA $srcdir/$c $catdir/$base.$suffix" + eval "$INSTALL_DATA $srcdir/$c $catdir/$base.$suffix" + fi + for link in `sed -n -e '/SYNOPSIS/q;/DESCRIPTION/q;s/^\.Nm \([^ ]*\).*/\1/p' $srcdir/$f`; do + if [ "$link" != "$base" ]; then + target="$mandir/$link.$section" + for cmd in "ln -f $mandir/$base.$section $target" \ + "ln -s $base.$section $target" \ + "cp -f $mandir/$base.$section $target" + do + if eval "$cmd"; then + eval echo "$cmd" + break + fi + done + if test -f "$srcdir/$c"; then + target="$catdir/$link.$suffix" + for cmd in "ln -f $catdir/$base.$suffix $target" \ + "ln -fs $base.$suffix $target" \ + "cp -f $catdir/$base.$suffix $target" + do + if eval "$cmd"; then + eval echo "$cmd" + break + fi + done + fi + fi + done +done diff --git a/kerberosIV/src/cf/krb-bigendian.m4 b/kerberosIV/src/cf/krb-bigendian.m4 new file mode 100644 index 00000000000..4890e496e4e --- /dev/null +++ b/kerberosIV/src/cf/krb-bigendian.m4 @@ -0,0 +1,53 @@ +dnl +dnl $KTH: krb-bigendian.m4,v 1.6 2000/08/19 15:37:00 assar Exp $ +dnl + +dnl check if this computer is little or big-endian +dnl if we can figure it out at compile-time then don't define the cpp symbol +dnl otherwise test for it and define it. also allow options for overriding +dnl it when cross-compiling + +AC_DEFUN(KRB_C_BIGENDIAN, [ +AC_ARG_ENABLE(bigendian, +[ --enable-bigendian the target is big endian], +krb_cv_c_bigendian=yes) +AC_ARG_ENABLE(littleendian, +[ --enable-littleendian the target is little endian], +krb_cv_c_bigendian=no) +AC_CACHE_CHECK(whether byte order is known at compile time, +krb_cv_c_bigendian_compile, +[AC_TRY_COMPILE([ +#include <sys/types.h> +#include <sys/param.h>],[ +#if !BYTE_ORDER || !BIG_ENDIAN || !LITTLE_ENDIAN + bogus endian macros +#endif], krb_cv_c_bigendian_compile=yes, krb_cv_c_bigendian_compile=no)]) +AC_CACHE_CHECK(whether byte ordering is bigendian, krb_cv_c_bigendian,[ + if test "$krb_cv_c_bigendian_compile" = "yes"; then + AC_TRY_COMPILE([ +#include <sys/types.h> +#include <sys/param.h>],[ +#if BYTE_ORDER != BIG_ENDIAN + not big endian +#endif], krb_cv_c_bigendian=yes, krb_cv_c_bigendian=no) + else + AC_TRY_RUN([main () { + /* Are we little or big endian? From Harbison&Steele. */ + union + { + long l; + char c[sizeof (long)]; + } u; + u.l = 1; + exit (u.c[sizeof (long) - 1] == 1); + }], krb_cv_c_bigendian=no, krb_cv_c_bigendian=yes, + AC_MSG_ERROR([specify either --enable-bigendian or --enable-littleendian])) + fi +]) +if test "$krb_cv_c_bigendian" = "yes"; then + AC_DEFINE(WORDS_BIGENDIAN, 1, [define if target is big endian])dnl +fi +if test "$krb_cv_c_bigendian_compile" = "yes"; then + AC_DEFINE(ENDIANESS_IN_SYS_PARAM_H, 1, [define if sys/param.h defines the endiness])dnl +fi +]) diff --git a/kerberosIV/src/cf/krb-irix.m4 b/kerberosIV/src/cf/krb-irix.m4 new file mode 100644 index 00000000000..c22d52f5a26 --- /dev/null +++ b/kerberosIV/src/cf/krb-irix.m4 @@ -0,0 +1,12 @@ +dnl +dnl $KTH: krb-irix.m4,v 1.2 2000/12/13 12:48:45 assar Exp $ +dnl + +dnl requires AC_CANONICAL_HOST +AC_DEFUN(KRB_IRIX,[ +irix=no +case "$host_os" in +irix*) irix=yes ;; +esac +AM_CONDITIONAL(IRIX, test "$irix" != no)dnl +]) diff --git a/kerberosIV/src/cf/krb-readline.m4 b/kerberosIV/src/cf/krb-readline.m4 new file mode 100644 index 00000000000..78dcef47b2e --- /dev/null +++ b/kerberosIV/src/cf/krb-readline.m4 @@ -0,0 +1,43 @@ +dnl $KTH: krb-readline.m4,v 1.2 2000/11/15 00:47:08 assar Exp $ +dnl +dnl Tests for readline functions +dnl + +dnl el_init + +AC_DEFUN(KRB_READLINE,[ +AC_FIND_FUNC_NO_LIBS(el_init, edit, [], [], [$LIB_tgetent]) +if test "$ac_cv_func_el_init" = yes ; then + AC_CACHE_CHECK(for four argument el_init, ac_cv_func_el_init_four,[ + AC_TRY_COMPILE([#include <stdio.h> + #include <histedit.h>], + [el_init("", NULL, NULL, NULL);], + ac_cv_func_el_init_four=yes, + ac_cv_func_el_init_four=no)]) + if test "$ac_cv_func_el_init_four" = yes; then + AC_DEFINE(HAVE_FOUR_VALUED_EL_INIT, 1, [Define if el_init takes four arguments.]) + fi +fi + +dnl readline + +ac_foo=no +if test "$with_readline" = yes; then + : +elif test "$ac_cv_func_readline" = yes; then + : +elif test "$ac_cv_func_el_init" = yes; then + ac_foo=yes + LIB_readline="\$(top_builddir)/lib/editline/libel_compat.la $LIB_el_init" +else + LIB_readline='$(top_builddir)/lib/editline/libeditline.la' +fi +AM_CONDITIONAL(el_compat, test "$ac_foo" = yes) +if test "$readline_libdir"; then + LIB_readline="-rpath $readline_libdir $LIB_readline" +fi +LIB_readline="$LIB_readline \$(LIB_tgetent)" +AC_DEFINE(HAVE_READLINE, 1, + [Define if you have a readline compatible library.])dnl + +])
\ No newline at end of file diff --git a/kerberosIV/src/cf/retsigtype.m4 b/kerberosIV/src/cf/retsigtype.m4 new file mode 100644 index 00000000000..cd72187f5d2 --- /dev/null +++ b/kerberosIV/src/cf/retsigtype.m4 @@ -0,0 +1,18 @@ +dnl +dnl $KTH: retsigtype.m4,v 1.1 2000/07/15 18:05:56 joda Exp $ +dnl +dnl Figure out return type of signal handlers, and define SIGRETURN macro +dnl that can be used to return from one +dnl +AC_DEFUN(rk_RETSIGTYPE,[ +AC_TYPE_SIGNAL +if test "$ac_cv_type_signal" = "void" ; then + AC_DEFINE(VOID_RETSIGTYPE, 1, [Define if signal handlers return void.]) +fi +AC_SUBST(VOID_RETSIGTYPE) +AH_BOTTOM([#ifdef VOID_RETSIGTYPE +#define SIGRETURN(x) return +#else +#define SIGRETURN(x) return (RETSIGTYPE)(x) +#endif]) +])
\ No newline at end of file diff --git a/kerberosIV/src/cf/roken-frag.m4 b/kerberosIV/src/cf/roken-frag.m4 new file mode 100644 index 00000000000..141caf4d034 --- /dev/null +++ b/kerberosIV/src/cf/roken-frag.m4 @@ -0,0 +1,626 @@ +dnl $KTH: roken-frag.m4,v 1.31.2.1 2001/10/08 23:45:38 assar Exp $ +dnl +dnl some code to get roken working +dnl +dnl rk_ROKEN(subdir) +dnl +AC_DEFUN(rk_ROKEN, [ + +AC_REQUIRE([rk_CONFIG_HEADER]) + +DIR_roken=roken +LIB_roken='$(top_builddir)/$1/libroken.la' +INCLUDES_roken='-I$(top_builddir)/$1 -I$(top_srcdir)/$1' + +dnl Checks for programs +AC_REQUIRE([AC_PROG_CC]) +AC_REQUIRE([AC_PROG_AWK]) +AC_REQUIRE([AC_OBJEXT]) +AC_REQUIRE([AC_EXEEXT]) +AC_REQUIRE([AC_PROG_LIBTOOL]) + +AC_REQUIRE([AC_MIPS_ABI]) + +dnl C characteristics + +AC_REQUIRE([AC_C___ATTRIBUTE__]) +AC_REQUIRE([AC_C_INLINE]) +AC_REQUIRE([AC_C_CONST]) +AC_WFLAGS(-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs) + +AC_REQUIRE([rk_DB]) + +dnl C types + +AC_REQUIRE([AC_TYPE_SIZE_T]) +AC_CHECK_TYPE_EXTRA(ssize_t, int, [#include <unistd.h>]) +AC_REQUIRE([AC_TYPE_PID_T]) +AC_REQUIRE([AC_TYPE_UID_T]) +AC_HAVE_TYPE([long long]) + +AC_REQUIRE([rk_RETSIGTYPE]) + +dnl Checks for header files. +AC_REQUIRE([AC_HEADER_STDC]) +AC_REQUIRE([AC_HEADER_TIME]) + +AC_CHECK_HEADERS([\ + arpa/inet.h \ + arpa/nameser.h \ + config.h \ + crypt.h \ + dirent.h \ + errno.h \ + err.h \ + fcntl.h \ + grp.h \ + ifaddrs.h \ + net/if.h \ + netdb.h \ + netinet/in.h \ + netinet/in6.h \ + netinet/in_systm.h \ + netinet6/in6.h \ + netinet6/in6_var.h \ + paths.h \ + pwd.h \ + resolv.h \ + rpcsvc/ypclnt.h \ + shadow.h \ + sys/bswap.h \ + sys/ioctl.h \ + sys/param.h \ + sys/proc.h \ + sys/resource.h \ + sys/socket.h \ + sys/sockio.h \ + sys/stat.h \ + sys/sysctl.h \ + sys/time.h \ + sys/tty.h \ + sys/types.h \ + sys/uio.h \ + sys/utsname.h \ + sys/wait.h \ + syslog.h \ + termios.h \ + unistd.h \ + userconf.h \ + usersec.h \ + util.h \ + vis.h \ +]) + +AC_REQUIRE([CHECK_NETINET_IP_AND_TCP]) + +AM_CONDITIONAL(have_err_h, test "$ac_cv_header_err_h" = yes) +AM_CONDITIONAL(have_fnmatch_h, test "$ac_cv_header_fnmatch_h" = yes) +AM_CONDITIONAL(have_ifaddrs_h, test "$ac_cv_header_ifaddrs_h" = yes) +AM_CONDITIONAL(have_vis_h, test "$ac_cv_header_vis_h" = yes) + +dnl Check for functions and libraries + +AC_KRB_IPV6 + +AC_FIND_FUNC(socket, socket) +AC_FIND_FUNC(gethostbyname, nsl) +AC_FIND_FUNC(syslog, syslog) +AC_FIND_FUNC(gethostbyname2, inet6 ip6) + +AC_FIND_FUNC(res_search, resolv, +[ +#include <stdio.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#ifdef HAVE_RESOLV_H +#include <resolv.h> +#endif +], +[0,0,0,0,0]) + +AC_FIND_FUNC(dn_expand, resolv, +[ +#include <stdio.h> +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_NAMESER_H +#include <arpa/nameser.h> +#endif +#ifdef HAVE_RESOLV_H +#include <resolv.h> +#endif +], +[0,0,0,0,0]) + +AC_BROKEN_SNPRINTF +AC_BROKEN_VSNPRINTF + +AC_BROKEN_GLOB +if test "$ac_cv_func_glob_working" != yes; then + LIBOBJS="$LIBOBJS glob.o" +fi +AM_CONDITIONAL(have_glob_h, test "$ac_cv_func_glob_working" = yes) + + +AC_CHECK_FUNCS([ \ + asnprintf \ + asprintf \ + atexit \ + cgetent \ + getconfattr \ + getprogname \ + getrlimit \ + getspnam \ + initstate \ + issetugid \ + on_exit \ + random \ + setprogname \ + setstate \ + strsvis \ + strunvis \ + strvis \ + strvisx \ + svis \ + sysconf \ + sysctl \ + uname \ + unvis \ + vasnprintf \ + vasprintf \ + vis \ +]) + +if test "$ac_cv_func_cgetent" = no; then + LIBOBJS="$LIBOBJS getcap.o" +fi + +AC_REQUIRE([AC_FUNC_GETLOGIN]) + +AC_FIND_FUNC_NO_LIBS(getsockopt,, +[#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif], +[0,0,0,0,0]) +AC_FIND_FUNC_NO_LIBS(setsockopt,, +[#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif], +[0,0,0,0,0]) + +AC_FIND_IF_NOT_BROKEN(hstrerror, resolv, +[#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif], +17) +if test "$ac_cv_func_hstrerror" = yes; then +AC_NEED_PROTO([ +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif], +hstrerror) +fi + +dnl sigh, wish this could be done in a loop +if test "$ac_cv_func_asprintf" = yes; then +AC_NEED_PROTO([ +#include <stdio.h> +#include <string.h>], +asprintf)dnl +fi +if test "$ac_cv_func_vasprintf" = yes; then +AC_NEED_PROTO([ +#include <stdio.h> +#include <string.h>], +vasprintf)dnl +fi +if test "$ac_cv_func_asnprintf" = yes; then +AC_NEED_PROTO([ +#include <stdio.h> +#include <string.h>], +asnprintf)dnl +fi +if test "$ac_cv_func_vasnprintf" = yes; then +AC_NEED_PROTO([ +#include <stdio.h> +#include <string.h>], +vasnprintf)dnl +fi + +AC_FIND_FUNC_NO_LIBS(bswap16,, +[#ifdef HAVE_SYS_BSWAP_H +#include <sys/bswap.h> +#endif],0) + +AC_FIND_FUNC_NO_LIBS(bswap32,, +[#ifdef HAVE_SYS_BSWAP_H +#include <sys/bswap.h> +#endif],0) + +AC_FIND_FUNC_NO_LIBS(pidfile,util, +[#ifdef HAVE_UTIL_H +#include <util.h> +#endif],0) + +AC_FIND_IF_NOT_BROKEN(getaddrinfo,, +[#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif],[0,0,0,0]) + +AC_FIND_IF_NOT_BROKEN(getnameinfo,, +[#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif],[0,0,0,0,0,0,0]) + +AC_FIND_IF_NOT_BROKEN(freeaddrinfo,, +[#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif],[0]) + +AC_FIND_IF_NOT_BROKEN(gai_strerror,, +[#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif],[0]) + +AC_BROKEN([ \ + chown \ + copyhostent \ + daemon \ + ecalloc \ + emalloc \ + erealloc \ + estrdup \ + err \ + errx \ + fchown \ + flock \ + fnmatch \ + freehostent \ + getcwd \ + getdtablesize \ + getegid \ + geteuid \ + getgid \ + gethostname \ + getifaddrs \ + getipnodebyaddr \ + getipnodebyname \ + getopt \ + gettimeofday \ + getuid \ + getusershell \ + initgroups \ + innetgr \ + iruserok \ + lstat \ + memmove \ + mkstemp \ + putenv \ + rcmd \ + readv \ + recvmsg \ + sendmsg \ + setegid \ + setenv \ + seteuid \ + strcasecmp \ + strdup \ + strerror \ + strftime \ + strlcat \ + strlcpy \ + strlwr \ + strncasecmp \ + strndup \ + strnlen \ + strptime \ + strsep \ + strsep_copy \ + strtok_r \ + strupr \ + swab \ + unsetenv \ + verr \ + verrx \ + vsyslog \ + vwarn \ + vwarnx \ + warn \ + warnx \ + writev \ +]) + +AC_BROKEN2(inet_aton, +[#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif], +[0,0]) + +AC_BROKEN2(inet_ntop, +[#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif], +[0, 0, 0, 0]) + +AC_BROKEN2(inet_pton, +[#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif], +[0,0,0]) + +dnl +dnl Check for sa_len in struct sockaddr, +dnl needs to come before the getnameinfo test +dnl +AC_HAVE_STRUCT_FIELD(struct sockaddr, sa_len, [#include <sys/types.h> +#include <sys/socket.h>]) + +if test "$ac_cv_func_getnameinfo" = "yes"; then + rk_BROKEN_GETNAMEINFO + if test "$ac_cv_func_getnameinfo_broken" = yes; then + LIBOBJS="$LIBOBJS getnameinfo.o" + fi +fi + +if test "$ac_cv_func_getaddrinfo" = "yes"; then + rk_BROKEN_GETADDRINFO + if test "$ac_cv_func_getaddrinfo_numserv" = no; then + LIBOBJS="$LIBOBJS getaddrinfo.o freeaddrinfo.o" + fi +fi + +AC_NEED_PROTO([#include <stdlib.h>], setenv) +AC_NEED_PROTO([#include <stdlib.h>], unsetenv) +AC_NEED_PROTO([#include <unistd.h>], gethostname) +AC_NEED_PROTO([#include <unistd.h>], mkstemp) +AC_NEED_PROTO([#include <unistd.h>], getusershell) + +AC_NEED_PROTO([ +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif], +inet_aton) + +AC_FIND_FUNC_NO_LIBS(crypt, crypt)dnl + +AC_REQUIRE([rk_BROKEN_REALLOC])dnl + +dnl AC_KRB_FUNC_GETCWD_BROKEN + +dnl +dnl Checks for prototypes and declarations +dnl + +AC_PROTO_COMPAT([ +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +], +gethostbyname, struct hostent *gethostbyname(const char *)) + +AC_PROTO_COMPAT([ +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +], +gethostbyaddr, struct hostent *gethostbyaddr(const void *, size_t, int)) + +AC_PROTO_COMPAT([ +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +#ifdef HAVE_NETINET_IN_H +#include <netinet/in.h> +#endif +#ifdef HAVE_ARPA_INET_H +#include <arpa/inet.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif +], +getservbyname, struct servent *getservbyname(const char *, const char *)) + +AC_PROTO_COMPAT([ +#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_SYS_SOCKET_H +#include <sys/socket.h> +#endif +], +getsockname, int getsockname(int, struct sockaddr*, socklen_t*)) + +AC_PROTO_COMPAT([ +#ifdef HAVE_SYSLOG_H +#include <syslog.h> +#endif +], +openlog, void openlog(const char *, int, int)) + +AC_NEED_PROTO([ +#ifdef HAVE_CRYPT_H +#include <crypt.h> +#endif +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif +], +crypt) + +AC_NEED_PROTO([ +#include <string.h> +], +strtok_r) + +AC_NEED_PROTO([ +#include <string.h> +], +strsep) + +dnl variables + +rk_CHECK_VAR(h_errno, +[#ifdef HAVE_SYS_TYPES_H +#include <sys/types.h> +#endif +#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif]) + +rk_CHECK_VAR(h_errlist, +[#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif]) + +rk_CHECK_VAR(h_nerr, +[#ifdef HAVE_NETDB_H +#include <netdb.h> +#endif]) + +rk_CHECK_VAR([__progname], +[#ifdef HAVE_ERR_H +#include <err.h> +#endif]) + +AC_CHECK_DECLARATION([#include <stdlib.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif], optarg) +AC_CHECK_DECLARATION([#include <stdlib.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif], optind) +AC_CHECK_DECLARATION([#include <stdlib.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif], opterr) +AC_CHECK_DECLARATION([#include <stdlib.h> +#ifdef HAVE_UNISTD_H +#include <unistd.h> +#endif], optopt) + +AC_CHECK_DECLARATION([#include <stdlib.h>], environ) + +dnl +dnl Check for fields in struct tm +dnl + +AC_HAVE_STRUCT_FIELD(struct tm, tm_gmtoff, [#include <time.h>]) +AC_HAVE_STRUCT_FIELD(struct tm, tm_zone, [#include <time.h>]) + +dnl +dnl or do we have a variable `timezone' ? +dnl + +rk_CHECK_VAR(timezone,[#include <time.h>]) + +AC_HAVE_TYPE([sa_family_t],[#include <sys/socket.h>]) +AC_HAVE_TYPE([socklen_t],[#include <sys/socket.h>]) +AC_HAVE_TYPE([struct sockaddr], [#include <sys/socket.h>]) +AC_HAVE_TYPE([struct sockaddr_storage], [#include <sys/socket.h>]) +AC_HAVE_TYPE([struct addrinfo], [#include <netdb.h>]) +AC_HAVE_TYPE([struct ifaddrs], [#include <ifaddrs.h>]) + +dnl +dnl Check for struct winsize +dnl + +AC_KRB_STRUCT_WINSIZE + +dnl +dnl Check for struct spwd +dnl + +AC_KRB_STRUCT_SPWD + +dnl won't work with automake +dnl moved to AC_OUTPUT in configure.in +dnl AC_CONFIG_FILES($1/Makefile) + +LIB_roken="${LIB_roken} \$(LIB_crypt) \$(LIB_dbopen)" + +AC_SUBST(DIR_roken)dnl +AC_SUBST(LIB_roken)dnl +AC_SUBST(INCLUDES_roken)dnl +]) diff --git a/kerberosIV/src/cf/roken.m4 b/kerberosIV/src/cf/roken.m4 new file mode 100644 index 00000000000..0cbb27e1cf1 --- /dev/null +++ b/kerberosIV/src/cf/roken.m4 @@ -0,0 +1,64 @@ +dnl $KTH: roken.m4,v 1.2 2000/07/08 15:50:34 assar Exp $ +dnl +dnl try to look for an installed roken library with sufficient stuff +dnl +dnl set LIB_roken to the what we should link with +dnl set DIR_roken to if the directory should be built +dnl set CPPFLAGS_roken to stuff to add to CPPFLAGS + +dnl AC_ROKEN(version,directory-to-try,roken-dir,fallback-library,fallback-cppflags) +AC_DEFUN(AC_ROKEN, [ + +AC_ARG_WITH(roken, +[ --with-roken=dir use the roken library in dir], +[if test "$withval" = "no"; then + AC_MSG_ERROR(roken is required) +fi]) + +save_CPPFLAGS="${CPPFLAGS}" + +case $with_roken in +yes|"") + dirs="$2" ;; +*) + dirs="$with_roken" ;; +esac + +roken_installed=no + +for i in $dirs; do + +AC_MSG_CHECKING(for roken in $i) + +CPPFLAGS="-I$i/include ${CPPFLAGS}" + +AC_TRY_CPP( +[#include <roken.h> +#if ROKEN_VERSION < $1 +#error old roken version, should be $1 +fail +#endif +],[roken_installed=yes; break]) + +AC_MSG_RESULT($roken_installed) + +done + +CPPFLAGS="$save_CPPFLAGS" + +if test "$roken_installed" != "yes"; then + DIR_roken="roken" + LIB_roken='$4' + CPPFLAGS_roken='$5' + AC_CONFIG_SUBDIRS(lib/roken) +else + LIB_roken="$i/lib/libroken.la" + CPPFLAGS_roken="-I$i/include" +fi + +LIB_roken="${LIB_roken} \$(LIB_crypt) \$(LIB_dbopen)" + +AC_SUBST(LIB_roken)dnl +AC_SUBST(DIR_roken)dnl +AC_SUBST(CPPFLAGS_roken)dnl +]) diff --git a/kerberosIV/src/cf/with-all.m4 b/kerberosIV/src/cf/with-all.m4 new file mode 100644 index 00000000000..29eade31a38 --- /dev/null +++ b/kerberosIV/src/cf/with-all.m4 @@ -0,0 +1,42 @@ +dnl +dnl $KTH: with-all.m4,v 1.1 2001/08/29 17:01:23 assar Exp $ +dnl + +dnl AC_WITH_ALL(name) + +AC_DEFUN([AC_WITH_ALL], [ +AC_ARG_WITH($1, + AC_HELP_STRING([--with-$1=dir], + [use $1 in dir])) + +AC_ARG_WITH($1-lib, + AC_HELP_STRING([--with-$1-lib=dir], + [use $1 libraries in dir]), +[if test "$withval" = "yes" -o "$withval" = "no"; then + AC_MSG_ERROR([No argument for --with-$1-lib]) +elif test "X$with_$1" = "X"; then + with_$1=yes +fi]) + +AC_ARG_WITH($1-include, + AC_HELP_STRING([--with-$1-include=dir], + [use $1 headers in dir]), +[if test "$withval" = "yes" -o "$withval" = "no"; then + AC_MSG_ERROR([No argument for --with-$1-include]) +elif test "X$with_$1" = "X"; then + with_$1=yes +fi]) + +case "$with_$1" in +yes) ;; +no) ;; +"") ;; +*) if test "$with_$1_include" = ""; then + with_$1_include="$with_$1/include" + fi + if test "$with_$1_lib" = ""; then + with_$1_lib="$with_$1/lib$abilibdirext" + fi + ;; +esac +])
\ No newline at end of file diff --git a/kerberosIV/src/doc/Makefile.am b/kerberosIV/src/doc/Makefile.am new file mode 100644 index 00000000000..0fa2b8a740c --- /dev/null +++ b/kerberosIV/src/doc/Makefile.am @@ -0,0 +1,17 @@ +# $KTH: Makefile.am,v 1.2 2000/11/05 17:16:32 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +AUTOMAKE_OPTIONS += no-texinfo.tex + +info_TEXINFOS = kth-krb.texi + +kth_krb_TEXINFOS = \ + ack.texi \ + index.texi \ + install.texi \ + intro.texi \ + otp.texi \ + problems.texi \ + setup.texi \ + whatis.texi diff --git a/kerberosIV/src/include/Makefile.am b/kerberosIV/src/include/Makefile.am new file mode 100644 index 00000000000..18904be01f6 --- /dev/null +++ b/kerberosIV/src/include/Makefile.am @@ -0,0 +1,57 @@ +# $KTH: Makefile.am,v 1.3 2000/12/13 14:38:59 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +SUBDIR = sys + +noinst_PROGRAMS = bits + +INCLUDES += -DHOST=\"$(CANONICAL_HOST)\" + +include_HEADERS = ktypes.h protos.h + +CLEANFILES = roken.h krb_err.h kadm_err.h + +ktypes.h: bits$(EXEEXT) + ./bits$(EXEEXT) ktypes.h + +CLEANFILES = \ + acl.h \ + base64.h \ + com_err.h \ + com_right.h \ + des.h \ + editline.h \ + err.h \ + getarg.h \ + glob.h \ + kadm.h \ + kadm_err.h \ + kafs.h \ + kdc.h \ + klog.h \ + krb-archaeology.h \ + krb-protos.h \ + krb.h \ + krb_db.h \ + krb_err.h \ + krb_log.h \ + ktypes.h \ + md4.h \ + md5.h \ + otp.h \ + parse_bytes.h \ + parse_time.h \ + parse_units.h \ + prot.h \ + protos.h \ + roken.h \ + rc4.h \ + resolve.h \ + roken-common.h \ + sha.h \ + sl.h \ + xdbm.h + +protos.h: $(srcdir)/protos.hin + $(LN_S) $(srcdir)/protos.hin protos.h diff --git a/kerberosIV/src/include/stamp-h.in b/kerberosIV/src/include/stamp-h.in new file mode 100644 index 00000000000..e69de29bb2d --- /dev/null +++ b/kerberosIV/src/include/stamp-h.in diff --git a/kerberosIV/src/include/sys/Makefile.am b/kerberosIV/src/include/sys/Makefile.am new file mode 100644 index 00000000000..d8b4b597cbd --- /dev/null +++ b/kerberosIV/src/include/sys/Makefile.am @@ -0,0 +1,8 @@ +# $KTH: Makefile.am,v 1.2 2000/11/05 17:16:33 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +if BROKEN_SOCKET_H +all: + $(LN_S) $(srcdir)/socket.x socket.h +endif diff --git a/kerberosIV/src/kadmin/Makefile.am b/kerberosIV/src/kadmin/Makefile.am new file mode 100644 index 00000000000..f4ab0217dc7 --- /dev/null +++ b/kerberosIV/src/kadmin/Makefile.am @@ -0,0 +1,41 @@ +# $KTH: Makefile.am,v 1.4 2001/08/28 08:43:00 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_des) + +bin_PROGRAMS = kadmin kpasswd +sbin_PROGRAMS = ksrvutil +libexec_PROGRAMS = kadmind + +LDADD = \ + $(top_builddir)/lib/kadm/libkadm.la \ + $(top_builddir)/lib/krb/libkrb.la \ + $(LIB_des) \ + $(top_builddir)/lib/com_err/libcom_err.la \ + $(LIB_roken) + +SOURCES = kpasswd.c kadmin.c kadm_server.c kadm_funcs.c pw_check.c \ + admin_server.c kadm_ser_wrap.c ksrvutil.c ksrvutil_get.c \ + new_pwd.c random_password.c + +kpasswd_SOURCES = kpasswd.c new_pwd.c + +kadmin_SOURCES = kadmin.c new_pwd.c random_password.c + +kadmin_LDADD = $(LDADD)\ + $(top_builddir)/lib/sl/libsl.la \ + $(LIB_readline) + +kadmind_SOURCES = kadm_server.c kadm_funcs.c admin_server.c \ + kadm_ser_wrap.c pw_check.c + +kadmind_LDADD = \ + $(top_builddir)/lib/kdb/libkdb.la \ + $(top_builddir)/lib/acl/libacl.la \ + $(LDADD) \ + $(CRACKLIB) \ + $(LIB_roken) \ + $(DBLIB) + +ksrvutil_SOURCES = ksrvutil.c ksrvutil_get.c diff --git a/kerberosIV/src/kadmin/kadmin.8 b/kerberosIV/src/kadmin/kadmin.8 new file mode 100644 index 00000000000..5b6ba2150a0 --- /dev/null +++ b/kerberosIV/src/kadmin/kadmin.8 @@ -0,0 +1,139 @@ +.\" $KTH: kadmin.8,v 1.4 2001/07/12 08:47:04 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.Dd February 3, 1998 +.Dt KADMIN 8 +.Os "KTH-KRB" +.Sh NAME +.Nm kadmin +.Nd +network utility for Kerberos database administration +.Sh SYNOPSIS +.Nm +.Op Fl p Ar principal +.Op Fl u Ar username +.Op Fl r Ar realm +.Op Fl m +.Op Fl T Ar timeout +.Op Fl t +.Op Fl -version +.Op Fl h +.Op Fl -help +.Op Ar command +.Sh DESCRIPTION +This utility provides a unified administration interface to the +Kerberos master database. Kerberos administrators use +.Nm +to register new users and services to the master database, and to +change information about existing database entries, such as changing a +user's Kerberos password. A Kerberos administrator is a user with an +.Dq admin +instance whose name appears on one of the Kerberos administration +access control lists. +.Pp +Supported options: +.Bl -tag -width Ds +.It Fl p Ar principal +This is the adminstrator principal to use when talking to the Kadmin +server. The default is taken from the users environment. +.It Fl r Ar realm +This is the default realm to use for transactions. Default is the +local realm. +.It Fl u Ar username +This is similar to +.Fl p , +but specifies a name, that gets appended with a +.Dq admin +instance. +.It Fl T Ar timeout +To prevent someone from walking up to an unguarded terminal and doing +malicious things, administrator tickets are destroyed after a period +of inactivity. This flag changes the timeout from the default of one +minute. A timeout of zero seconds disables this functionality. +.It Fl m +Historically +.Nm +destroyed tickets after every command; this flag used to stop this +behaviour (only destroying tickets upon exit). Now it's just a synonym +for +.Fl T Ar 0 . +.It Fl t +Use existing tickets (if any are available), this also disbles +timeout, and doesn't destroy any tickets upon exit. +.Pp +These tickets have to be for the changepw.kerberos service. Use +.Nm kinit -p +to acquire them. +.El +.Pp +The +.Nm +program communicates over the network with the +.Nm kadmind +program, which runs on the machine housing the Kerberos master +database, and does the actual modifications to the database. +.Pp +When you enter the +.Nm +command, the program displays a message that welcomes you and explains +how to ask for help. Then +.Nm +waits for you to enter commands (which are described below). It then +asks you for your administrator's password before accessing the +database. +.Pp +All commands can be abbreviated as long as they are unique. Some +short versions of the commands are also recognized for backwards +compatibility. +.Pp +Recognised commands: +.Bl -tag -width Ds +.It add_new_key Ar principal +Creates a new principal in the Kerberos database. You give the name of +the new principal as an argument. You will then be asked for a maximum +ticket lifetime, attributes, the expiration date of the principal, and +finally the password of the principal. +.It change_password Ar principal +Changes a principal's password. You will be prompted for the new +password. +.It change_key Ar principal +This is the same as change_password, but the password is given as a +raw DES key (for the few occations when you need this). +.It change_admin_password +Changes your own admin password. It will prompt you for you old and +new passwords. +.It del_entry Ar principal +Removes principal from the database. +.It get_entry Ar principal +Show various information for the given principal. Note that the key is +shown as zeros. +.It mod_entry Ar principal +Modifies a particular entry, for instance to change the expiration +date. +.It destroy_tickets +Destroys your admin tickets explicitly. +.It quit +Obvious. +.El +.\".Sh ENVIRONMENT +.\".Sh FILES +.\".Sh EXAMPLES +.\".Sh DIAGNOSTICS +.Sh SEE ALSO +.Xr kerberos 1 , +.Xr kinit 1 , +.Xr kpasswd 1 , +.Xr kadmind 8 , +.Xr ksrvutil 8 +.\".Sh STANDARDS +.\".Sh HISTORY +.Sh AUTHORS +Jeffrey I. Schiller, MIT Project Athena +.Pp +Emanuel Jay Berkenbilt, MIT Project Athena +.Sh BUGS +The user interface is primitive, and the command names could be +better. diff --git a/kerberosIV/src/kadmin/kadmind.8 b/kerberosIV/src/kadmin/kadmind.8 new file mode 100644 index 00000000000..d8cc5400a99 --- /dev/null +++ b/kerberosIV/src/kadmin/kadmind.8 @@ -0,0 +1,143 @@ +.\" $KTH: kadmind.8,v 1.2.2.1 2002/02/01 16:18:06 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KADMIND 8 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kadmind \- network daemon for Kerberos database administration +.SH SYNOPSIS +.B kadmind +[ +.B \-n +] [ +.B \-m +] [ +.B \-h +] [ +.B \-r realm +] [ +.B \-f filename +] [ +.B \-d dbname +] [ +.B \-a acldir +] [ +.B \-i address +] [ +.B \-p port +] +.SH DESCRIPTION +.I kadmind +is the network database server for the Kerberos password-changing and +administration tools. +.PP +Upon execution, it fetches the master key from the key cache file. +.PP +If the +.B \-m +option is specified, it instead prompts the user to enter the master +key string for the database. +.PP +The +.B \-n +option is a no-op and is left for compatibility reasons. +.PP +If the +.B \-r +.I realm +option is specified, the admin server will pretend that its +local realm is +.I realm +instead of the actual local realm of the host it is running on. +This makes it possible to run a server for a foreign kerberos +realm. +.PP +If the +.B \-f +.I filename +option is specified, then that file is used to hold the log information +instead of the default. +.PP +If the +.B \-d +.I dbname +option is specified, then that file is used as the database name instead +of the default. +.PP +If the +.B \-a +.I acldir +option is specified, then +.I acldir +is used as the directory in which to search for access control lists +instead of the default. +.PP +If the +.B \-h +option is specified, +.I kadmind +prints out a short summary of the permissible control arguments, and +then exits. +.PP +If the +.B \-i +option is specified, +.I kadmind +will only listen on that particular address and not on all configured +addresses of the host, which is the default. +.PP +With the +.B \-p +option +.I kadmind +listens to the port specified instead of the default (service +kerberos_master or port 751). +.PP +When performing requests on behalf of clients, +.I kadmind +checks access control lists (ACLs) to determine the authorization of the client +to perform the requested action. +Currently four distinct access types are supported: +.TP 1i +Addition +(.add ACL file). If a principal is on this list, it may add new +principals to the database. +.TP +Retrieval +(.get ACL file). If a principal is on this list, it may retrieve +database entries. NOTE: A principal's private key is never returned by +the get functions. +.TP +Modification +(.mod ACL file). If a principal is on this list, it may modify entries +in the database. +.TP +Deletions +(.del ACL file). If a principal is on this list, if may delete +entries from the database. +.PP +A principal is always granted authorization to change its own password. +.SH FILES +.TP 20n +/var/log/admin_server.syslog +Default log file. +.TP +/var/kerberos +Default access control list directory. +.TP +admin_acl.{add,get,mod,del} +Access control list files (within the directory) +.TP +/var/kerberos/principal.pag, /var/kerberos/principal.dir +Default DBM files containing database +.TP +/.k +Master key cache file. +.SH "SEE ALSO" +kerberos(1), kpasswd(1), kadmin(8), acl_check(3) +.SH AUTHORS +Douglas A. Church, MIT Project Athena +.br +John T. Kohl, Project Athena/Digital Equipment Corporation diff --git a/kerberosIV/src/kadmin/kpasswd.1 b/kerberosIV/src/kadmin/kpasswd.1 new file mode 100644 index 00000000000..4d005e0a88e --- /dev/null +++ b/kerberosIV/src/kadmin/kpasswd.1 @@ -0,0 +1,85 @@ +.\" $KTH: kpasswd.1,v 1.1 2000/11/08 17:34:13 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KPASSWD 1 "Kerberos Version 4.0" "MIT Project Athena" +.FM mit +.SH NAME +kpasswd \- change a user's Kerberos password +.SH SYNOPSIS +.B kpasswd +[ +.B \-h +] [ +.B \-n +.I name +] [ +.B \-i +.I instance +] [ +.B \-r +.I realm +] [ +\-u +.IR username[.instance][@realm] ] +.SH DESCRIPTION +The +.I kpasswd +command is used to change a Kerberos principal's password. +.PP +If the +.I \-h +option is specified, a brief summary of the options is printed, and +.I kpasswd +then exits. +.PP +If the +.I \-n +option is specified, +.I name +is used as the principal name rather than the username of the user +running +.IR kpasswd . +(This is determined from the ticket file if it exists; +otherwise, it is determined from the unix user id.) +.PP +If the +.I \-i +option is specified, +.I instance +is used as the instance rather than a null instance. +.PP +If the +.I \-r +option is specified, +.I realm +is used as the realm rather than the local realm. +.PP +If the +.I \-u +option is specified, a fully qualified kerberos +principal can be given. +.PP + +The utility prompts for the current Kerberos password (printing +the name of the principal for which it intends to change the password), +which is verified by the Kerberos server. If the old password is +correct, the user is prompted twice for the new password. A message is +printed indicating the success or failure of the password changing +operation. + +.SH BUGS + +.I kpasswd +does not handle names, instances, or realms with special +characters in them when the -n, -i, or -r options are used. Any +valid fullname is accepted, however, if the -u option is used. + +If the principal whose password you are trying to change does +not exist, you will not be told until after you have entered the +old password. + +.SH SEE ALSO +kerberos(1), kinit(1), passwd(1), kadmin(8) diff --git a/kerberosIV/src/kadmin/ksrvutil.8 b/kerberosIV/src/kadmin/ksrvutil.8 new file mode 100644 index 00000000000..8469d17798e --- /dev/null +++ b/kerberosIV/src/kadmin/ksrvutil.8 @@ -0,0 +1,101 @@ +.\" $KTH: ksrvutil.8,v 1.3.2.1 2001/10/30 16:15:26 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.Dd May 4, 1996 +.Dt KSRVUTIL 8 +.Os KTH-KRB +.Sh NAME +.Nm ksrvutil +host kerberos keyfile (srvtab) manipulation utility +.Sh SYNOPSIS +.Nm +.Op Fl f Pa keyfile +.Op Fl i +.Op Fl k +.Op Fl p Ar principal +.Op Fl r Ar realm +.Ar operation +.Sh DESCRIPTION +.Nm +allows a system manager to list or change keys currently in his +keyfile or to add new keys to the keyfile. +.Pp +Operation must be one of the following: +.Bl -tag -width indent +.It list +lists the keys in a keyfile showing version number and principal name. +If the +.Fl k +option is given, keys will also be shown. +.It change +changes all the keys in the keyfile by using the regular admin +protocol. If the +.Fl i +flag is given, +.Nm ksrvutil +will prompt for yes or no before changing each key. If the +.Fl k +option is used, the old and new keys will be displayed. +.It add +allows the user to add a key. +add +prompts for name, instance, realm, and key version number, asks +for confirmation, and then asks for a password. +.Nm +then converts the password to a key and appends the keyfile with the +new information. If the +.Fl k +option is used, the key is displayed. +.It get +gets a service from the Kerberos server, possibly creating the +principal. Names, instances and realms for the service keys to get are +prompted for. The default principal used in the kadmin transcation is +your root instance. This can be changed with the +.Fl p +option. +.It delete +removes a key. +.El +.Pp +In all cases, the default file used is KEY_FILE as defined in krb.h +unless this is overridden by the +.Fl f +option. +.Pp +A good use for +.Nm +would be for adding keys to a keyfile. A system manager could +ask a kerberos administrator to create a new service key with +.Xr kadmin 8 +and could supply an initial password. Then, he could use +.Nm +to add the key to the keyfile and then to change the key so that it +will be random and unknown to either the system manager or the +kerberos administrator. +.Pp +.Nm +always makes a backup copy of the keyfile before making any changes. +.Sh DIAGNOSTICS +If +.Nm +should exit on an error condition at any time during a change or add, +a copy of the original keyfile can be found in +.Pa filename Ns .old +where +.Pa filename +is the name of the keyfile, and a copy of the file with all new +keys changed or added so far can be found in +.Pa filename Ns .work. +The original keyfile is left unmodified until the program exits at +which point it is removed and replaced it with the workfile. +Appending the workfile to the backup copy and replacing the keyfile +with the result should always give a usable keyfile, although the +resulting keyfile will have some out of date keys in it. +.Sh SEE ALSO +.Xr ksrvtgt 1 , +.Xr kadmin 8 +.Sh AUTHOR +Emanuel Jay Berkenbilt, MIT Project Athena diff --git a/kerberosIV/src/kuser/Makefile.am b/kerberosIV/src/kuser/Makefile.am new file mode 100644 index 00000000000..58f29d6ee99 --- /dev/null +++ b/kerberosIV/src/kuser/Makefile.am @@ -0,0 +1,20 @@ +# $KTH: Makefile.am,v 1.4 2000/11/15 23:58:20 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +bin_PROGRAMS = kinit kdestroy klist + +man_MANS = kinit.1 kdestroy.1 klist.1 + +LDADD = \ + $(LIB_krb4) \ + $(LIB_des) \ + $(LIB_roken) + +klist_LDADD = \ + $(LIB_kafs) \ + $(LDADD) + +kdestroy_LDADD = \ + $(LIB_kafs) \ + $(LDADD) diff --git a/kerberosIV/src/kuser/kdestroy.1 b/kerberosIV/src/kuser/kdestroy.1 new file mode 100644 index 00000000000..fcdc148057a --- /dev/null +++ b/kerberosIV/src/kuser/kdestroy.1 @@ -0,0 +1,96 @@ +.\" $KTH: kdestroy.1,v 1.1 2000/11/08 17:34:14 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KDESTROY 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kdestroy \- destroy Kerberos tickets +.SH SYNOPSIS +.B kdestroy +[ +.B \-f +] +[ +.B \-q +] +[ +.B \-t +] +.SH DESCRIPTION +The +.I kdestroy +utility destroys the user's active +Kerberos +authorization tickets by writing zeros to the file that contains them. +If the ticket file does not exist, +.I kdestroy +displays a message to that effect. +.PP +After overwriting the file, +.I kdestroy +removes the file from the system. +The utility +displays a message indicating the success or failure of the +operation. +If +.I kdestroy +is unable to destroy the ticket file, +the utility will warn you by making your terminal beep. +.PP +In the Athena workstation environment, +the +.I toehold +service automatically destroys your tickets when you +end a workstation session. +If your site does not provide a similar ticket-destroying mechanism, +you can place the +.I kdestroy +command in your +.I .logout +file so that your tickets are destroyed automatically +when you logout. +.PP +The options to +.I kdestroy +are as follows: +.TP 7 +.B \-f +.I kdestroy +runs without displaying the status message. +.TP +.B \-q +.I kdestroy +will not make your terminal beep if it fails to destroy the tickets. +.TP +.B \-t +destroy tickets only and keep all AFS tokens. +.TP +.B \-u +unlog, i.e remove any AFS tokens associated with the current PAG +but leave the ticket file alone. +.PP +If neither +.B \-t +nor +.B \-u +is given, both tickets and AFS tokens are destroyed. +.SH FILES +KRBTKFILE environment variable if set, otherwise +.br +/tmp/tkt[uid] +.SH SEE ALSO +kerberos(1), kinit(1), klist(1) +.SH BUGS +.PP +Only the tickets in the user's current ticket file are destroyed. +Separate ticket files are used to hold root instance and password +changing tickets. These files should probably be destroyed too, or +all of a user's tickets kept in a single ticket file. +.SH AUTHORS +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.br +Clifford Neuman, MIT Project Athena +.br +Bill Sommerfeld, MIT Project Athena diff --git a/kerberosIV/src/kuser/kinit.1 b/kerberosIV/src/kuser/kinit.1 new file mode 100644 index 00000000000..56ac919f405 --- /dev/null +++ b/kerberosIV/src/kuser/kinit.1 @@ -0,0 +1,130 @@ +.\" $KTH: kinit.1,v 1.2 2000/12/29 21:12:48 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KINIT 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kinit \- Kerberos login utility +.SH SYNOPSIS +.B kinit +[ +.B \-irvlp +] +.SH DESCRIPTION +The +.I kinit +command is used to login to the +Kerberos +authentication and authorization system. +Note that only registered +Kerberos +users can use the +Kerberos +system. +For information about registering as a +Kerberos +user, +see the +.I kerberos(1) +manual page. +.PP +If you are using a replaced +.I login +that already fetches tickets for you, you do not have to use +.I kinit. +You will need to use +.I kinit +only in those situations in which +your original tickets have expired. +(Tickets expire in about a day.) +Note as well that the modified +.I login +will automatically destroy your tickets when you logout from the workstation. +.PP +When you use +.I kinit +without options, +the utility +prompts for your username and Kerberos password, +and tries to authenticate your login with the local +Kerberos +server. +.PP +If +Kerberos +authenticates the login attempt, +.I kinit +retrieves your initial ticket and puts it in the ticket file specified by +your KRBTKFILE environment variable. +If this variable is undefined, +your ticket will be stored in the +.IR /tmp +directory, +in the file +.I tktuid , +where +.I uid +specifies your user identification number. +.PP +If you have logged in to +Kerberos +without the benefit of the modified +.I login +program, +make sure you use the +.I kdestroy +command to destroy any active tickets before you end your login session. +You may want to put the +.I kdestroy +command in your +.I \.logout +file so that your tickets will be destroyed automatically when you logout. +.PP +The options to +.I kinit +are as follows: +.TP 7 +.B \-i +.I kinit +prompts you for a +Kerberos +instance. +.TP +.B \-r +.I kinit +prompts you for a +Kerberos +realm. +This option lets you authenticate yourself with a remote +Kerberos +server. +.TP +.B \-v +Verbose mode. +.I kinit +prints the name of the ticket file used, and +a status message indicating the success or failure of +your login attempt. +.TP +.B \-l +.I kinit +prompts you for a ticket lifetime in minutes. Due to protocol +restrictions in Kerberos Version 4, this value must be between 5 and +1275 minutes. +.TP +.B \-p +.I kinit +will acquire a ticket for changepw.kerberos. +.SH SEE ALSO +.PP +kerberos(1), kdestroy(1), klist(1), login(1) +.SH BUGS +The +.B \-r +option has not been fully implemented. +.SH AUTHORS +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.br +Clifford Neuman, MIT Project Athena diff --git a/kerberosIV/src/kuser/klist.1 b/kerberosIV/src/kuser/klist.1 new file mode 100644 index 00000000000..455a845ffc7 --- /dev/null +++ b/kerberosIV/src/kuser/klist.1 @@ -0,0 +1,83 @@ +.\" $KTH: klist.1,v 1.1 2000/11/08 17:34:14 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KLIST 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +klist \- list currently held Kerberos tickets +.SH SYNOPSIS +.B klist +[ +\fB\-s \fR|\fB \-t\fR +] [ +.B \-file +name ] [ +.B \-srvtab +] +.br +.SH DESCRIPTION +.I klist +prints the name of the tickets file and the +identity of the principal the tickets are for (as listed in the +tickets file), and +lists the principal names of all Kerberos tickets currently held by +the user, along with the issue and expire time for each authenticator. +Principal names are listed in the form +.I name.instance@realm, +with the '.' omitted if the instance is null, +and the '@' omitted if the realm is null. + +If given the +.B \-s +option, +.I klist +does not print the issue and expire times, the name of the tickets file, +or the identity of the principal. + +If given the +.B \-t +option, +.B klist +checks for the existence of a non-expired ticket-granting-ticket in the +ticket file. If one is present, it exits with status 0, else it exits +with status 1. No output is generated when this option is specified. + +If given the +.B \-file +option, the following argument is used as the ticket file. +Otherwise, if the +.B KRBTKFILE +environment variable is set, it is used. +If this environment variable +is not set, the file +.B /tmp/tkt[uid] +is used, where +.B uid +is the current user-id of the user. + +If given the +.B \-srvtab +option, the file is treated as a service key file, and the names of the +keys contained therein are printed. If no file is +specified with a +.B \-file +option, the default is +.IR /etc/srvtab . +.SH FILES +.TP 2i +/etc/krb.conf +to get the name of the local realm +.TP +/tmp/tkt[uid] +as the default ticket file ([uid] is the decimal UID of the user). +.TP +/etc/srvtab +as the default service key file +.SH SEE ALSO +.PP +kerberos(1), kinit(1), kdestroy(1) +.SH BUGS +When reading a file as a service key file, very little sanity or error +checking is performed. diff --git a/kerberosIV/src/lib/acl/Makefile.am b/kerberosIV/src/lib/acl/Makefile.am new file mode 100644 index 00000000000..5b9f61cff62 --- /dev/null +++ b/kerberosIV/src/lib/acl/Makefile.am @@ -0,0 +1,23 @@ +# $KTH: Makefile.am,v 1.4 2001/09/17 05:46:59 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -DROKEN_RENAME + +include_HEADERS = acl.h + +build_HEADERZ = $(include_HEADERS) + +lib_LTLIBRARIES = libacl.la +libacl_la_LDFLAGS = -version-info 1:0:0 +libacl_la_LIBADD = ../krb/libkrb.la + +libacl_la_SOURCES = acl_files.c + +man_MANS = acl_check.3 + +$(OBJECTS): roken_rename.h + +roken_rename.h: + $(LN_S) $(srcdir)/../krb/roken_rename.h . + diff --git a/kerberosIV/src/lib/acl/acl_check.3 b/kerberosIV/src/lib/acl/acl_check.3 new file mode 100644 index 00000000000..ca4af08ba0f --- /dev/null +++ b/kerberosIV/src/lib/acl/acl_check.3 @@ -0,0 +1,182 @@ +.\" $KTH: acl_check.3,v 1.1 2000/11/08 17:34:14 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH ACL_CHECK 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +acl_canonicalize_principal, acl_check, acl_exact_match, acl_add, +acl_delete, acl_initialize \- Access control list routines +.SH SYNOPSIS +.nf +.nj +.ft B +cc <files> \-lacl \-lkrb +.PP +.ft B +#include <krb.h> +.PP +.ft B +acl_canonicalize_principal(principal, buf) +char *principal; +char *buf; +.PP +.ft B +acl_check(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_exact_match(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_add(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_delete(acl, principal) +char *acl; +char *principal; +.PP +.ft B +acl_initialize(acl_file, mode) +char *acl_file; +int mode; +.fi +.ft R +.SH DESCRIPTION +.SS Introduction +.PP +An access control list (ACL) is a list of principals, where each +principal is represented by a text string which cannot contain +whitespace. The library allows application programs to refer to named +access control lists to test membership and to atomically add and +delete principals using a natural and intuitive interface. At +present, the names of access control lists are required to be Unix +filenames, and refer to human-readable Unix files; in the future, when +a networked ACL server is implemented, the names may refer to a +different namespace specific to the ACL service. +.PP +.SS Principal Names +.PP +Principal names have the form +.nf +.in +5n +<name>[.<instance>][@<realm>] +.in -5n +e.g.: +.in +5n +asp +asp.root +asp@ATHENA.MIT.EDU +asp.@ATHENA.MIT.EDU +asp.root@ATHENA.MIT.EDU +.in -5n +.fi +It is possible for principals to be underspecified. If an instance is +missing, it is assumed to be "". If realm is missing, it is assumed +to be the local realm as determined by +.IR krb_get_lrealm (3). +The canonical form contains all of name, instance, +and realm; the acl_add and acl_delete routines will always +leave the file in that form. Note that the canonical form of +asp@ATHENA.MIT.EDU is actually asp.@ATHENA.MIT.EDU. +.SS Routines +.PP +.I acl_canonicalize_principal +stores the canonical form of +.I principal +in +.IR buf . +.I Buf +must contain enough +space to store a principal, given the limits on the sizes of name, +instance, and realm specified as ANAME_SZ, INST_SZ, and REALM_SZ, +respectively, in +.IR /usr/include/krb.h . +.PP +.I acl_check +returns nonzero if +.I principal +appears in +.IR acl . +Returns 0 if principal +does not appear in acl, or if an error occurs. Canonicalizes +principal before checking, and allows the ACL to contain wildcards. The +only supported wildcards are entries of the form +name.*@realm, *.*@realm, and *.*@*. An asterisk matches any value for the +its component field. For example, "jtkohl.*@*" would match principal +jtkohl, with any instance and any realm. +.PP +.I acl_exact_match +performs like +.IR acl_check , +but does no canonicalization or wildcard matching. +.PP +.I acl_add +atomically adds +.I principal +to +.IR acl . +Returns 0 if successful, nonzero otherwise. It is considered a failure +if +.I principal +is already in +.IR acl . +This routine will canonicalize +.IR principal , +but will treat wildcards literally. +.PP +.I acl_delete +atomically deletes +.I principal +from +.IR acl . +Returns 0 if successful, +nonzero otherwise. It is considered a failure if +.I principal +is not +already in +.IR acl . +This routine will canonicalize +.IR principal , +but will treat wildcards literally. +.PP +.I acl_initialize +initializes +.IR acl_file . +If the file +.I acl_file +does not exist, +.I acl_initialize +creates it with mode +.IR mode . +If the file +.I acl_file +exists, +.I acl_initialize +removes all members. Returns 0 if successful, +nonzero otherwise. WARNING: Mode argument is likely to change with +the eventual introduction of an ACL service. +.SH NOTES +In the presence of concurrency, there is a very small chance that +.I acl_add +or +.I acl_delete +could report success even though it would have +had no effect. This is a necessary side effect of using lock files +for concurrency control rather than flock(2), which is not supported +by NFS. +.PP +The current implementation caches ACLs in memory in a hash-table +format for increased efficiency in checking membership; one effect of +the caching scheme is that one file descriptor will be kept open for +each ACL cached, up to a maximum of 8. +.SH SEE ALSO +kerberos(3), krb_get_lrealm(3) +.SH AUTHOR +James Aspnes (MIT Project Athena) diff --git a/kerberosIV/src/lib/auth/sia/make-rpath b/kerberosIV/src/lib/auth/sia/make-rpath new file mode 100644 index 00000000000..621967f485b --- /dev/null +++ b/kerberosIV/src/lib/auth/sia/make-rpath @@ -0,0 +1,34 @@ +#!/bin/sh +# $KTH: make-rpath,v 1.1 2001/07/17 15:15:31 assar Exp $ +rlist= +rest= +while test $# -gt 0; do +case $1 in +-R|-rpath) + if test "$rlist"; then + rlist="${rlist}:$2" + else + rlist="$2" + fi + shift 2 + ;; +-R*) + d=`echo $1 | sed 's,^-R,,'` + if test "$rlist"; then + rlist="${rlist}:${d}" + else + rlist="${d}" + fi + shift + ;; +*) + rest="${rest} $1" + shift + ;; +esac +done +rpath= +if test "$rlist"; then + rpath="-rpath $rlist " +fi +echo "${rpath}${rest}" diff --git a/kerberosIV/src/lib/com_err/lex.h b/kerberosIV/src/lib/com_err/lex.h new file mode 100644 index 00000000000..2aacfb4766e --- /dev/null +++ b/kerberosIV/src/lib/com_err/lex.h @@ -0,0 +1,39 @@ +/* + * Copyright (c) 1997 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $KTH: lex.h,v 1.1 2000/06/22 00:42:52 assar Exp $ */ + +void error_message (const char *, ...) +__attribute__ ((format (printf, 1, 2))); + +int yylex(void); diff --git a/kerberosIV/src/lib/des/des.1 b/kerberosIV/src/lib/des/des.1 new file mode 100644 index 00000000000..734119906b8 --- /dev/null +++ b/kerberosIV/src/lib/des/des.1 @@ -0,0 +1,186 @@ +.TH DES 1 +.SH NAME +des - encrypt or decrypt data using Data Encryption Standard +.SH SYNOPSIS +.B des +( +.B \-e +| +.B \-E +) | ( +.B \-d +| +.B \-D +) | ( +.B \-\fR[\fPcC\fR][\fPckname\fR]\fP +) | +[ +.B \-b3hfs +] [ +.B \-k +.I key +] +] [ +.B \-u\fR[\fIuuname\fR] +[ +.I input-file +[ +.I output-file +] ] +.SH DESCRIPTION +.B des +encrypts and decrypts data using the +Data Encryption Standard algorithm. +One of +.B \-e, \-E +(for encrypt) or +.B \-d, \-D +(for decrypt) must be specified. +It is also possible to use +.B \-c +or +.B \-C +in conjunction or instead of the a encrypt/decrypt option to generate +a 16 character hexadecimal checksum, generated via the +.I des_cbc_cksum. +.LP +Two standard encryption modes are supported by the +.B des +program, Cipher Block Chaining (the default) and Electronic Code Book +(specified with +.B \-b +). +.LP +The key used for the DES +algorithm is obtained by prompting the user unless the +.B `\-k +.I key' +option is given. +If the key is an argument to the +.B des +command, it is potentially visible to users executing +.BR ps (1) +or a derivative. To minimise this possibility, +.B des +takes care to destroy the key argument immediately upon entry. +If your shell keeps a history file be careful to make sure it is not +world readable. +.LP +Since this program attempts to maintain compatability with sunOS's +des(1) command, there are 2 different methods used to convert the user +supplied key to a des key. +Whenever and one or more of +.B \-E, \-D, \-C +or +.B \-3 +options are used, the key conversion procedure will not be compatible +with the sunOS des(1) version but will use all the user supplied +character to generate the des key. +.B des +command reads from standard input unless +.I input-file +is specified and writes to standard output unless +.I output-file +is given. +.SH OPTIONS +.TP +.B \-b +Select ECB +(eight bytes at a time) encryption mode. +.TP +.B \-3 +Encrypt using triple encryption. +By default triple cbc encryption is used but if the +.B \-b +option is used then triple ecb encryption is performed. +If the key is less than 8 characters long, the flag has no effect. +.TP +.B \-e +Encrypt data using an 8 byte key in a manner compatible with sunOS +des(1). +.TP +.B \-E +Encrypt data using a key of nearly unlimited length (1024 bytes). +This will product a more secure encryption. +.TP +.B \-d +Decrypt data that was encrypted with the \-e option. +.TP +.B \-D +Decrypt data that was encrypted with the \-E option. +.TP +.B \-c +Generate a 16 character hexadecimal cbc checksum and output this to +stderr. +If a filename was specified after the +.B \-c +option, the checksum is output to that file. +The checksum is generated using a key generated in a sunOS compatible +manner. +.TP +.B \-C +A cbc checksum is generated in the same manner as described for the +.B \-c +option but the DES key is generated in the same manner as used for the +.B \-E +and +.B \-D +options +.TP +.B \-f +Does nothing - allowed for compatibility with sunOS des(1) command. +.TP +.B \-s +Does nothing - allowed for compatibility with sunOS des(1) command. +.TP +.B "\-k \fIkey\fP" +Use the encryption +.I key +specified. +.TP +.B "\-h" +The +.I key +is assumed to be a 16 character hexadecimal number. +If the +.B "\-3" +option is used the key is assumed to be a 32 character hexadecimal +number. +.TP +.B \-u +This flag is used to read and write uuencoded files. If decrypting, +the input file is assumed to contain uuencoded, DES encrypted data. +If encrypting, the characters following the -u are used as the name of +the uuencoded file to embed in the begin line of the uuencoded +output. If there is no name specified after the -u, the name text.des +will be embedded in the header. +.SH SEE ALSO +.B ps (1) +.B des_crypt(3) +.SH BUGS +.LP +The problem with using the +.B -e +option is the short key length. +It would be better to use a real 56-bit key rather than an +ASCII-based 56-bit pattern. Knowing that the key was derived from ASCII +radically reduces the time necessary for a brute-force cryptographic attack. +My attempt to remove this problem is to add an alternative text-key to +DES-key function. This alternative function (accessed via +.B -E, -D, -S +and +.B -3 +) +uses DES to help generate the key. +.LP +Be carefully when using the -u option. Doing des -ud <filename> will +not decrypt filename (the -u option will gobble the d option). +.LP +The VMS operating system operates in a world where files are always a +multiple of 512 bytes. This causes problems when encrypted data is +send from unix to VMS since a 88 byte file will suddenly be padded +with 424 null bytes. To get around this problem, use the -u option +to uuencode the data before it is send to the VMS system. +.SH AUTHOR +.LP +Eric Young (eay@mincom.oz.au or eay@psych.psy.uq.oz.au) diff --git a/kerberosIV/src/lib/des/des_crypt.3 b/kerberosIV/src/lib/des/des_crypt.3 new file mode 100644 index 00000000000..d70563266d1 --- /dev/null +++ b/kerberosIV/src/lib/des/des_crypt.3 @@ -0,0 +1,379 @@ +.\" $KTH: des_crypt.3,v 1.2 1996/06/12 21:29:09 bg Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH DES_CRYPT 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +des_read_password, des_string_to_key, des_random_key, des_set_key, +des_ecb_encrypt, des_cbc_encrypt, des_pcbc_encrypt, des_cbc_cksum, +des_quad_cksum, \- (new) DES encryption +.SH SYNOPSIS +.nf +.nj +.ft B +#include <des.h> +.PP +.ft B +.B int des_read_password(key,prompt,verify) +des_cblock *key; +char *prompt; +int verify; +.PP +.ft B +int des_string_to_key(str,key) +char *str; +des_cblock key; +.PP +.ft B +int des_random_key(key) +des_cblock *key; +.PP +.ft B +int des_set_key(key,schedule) +des_cblock *key; +des_key_schedule schedule; +.PP +.ft B +int des_ecb_encrypt(input,output,schedule,encrypt) +des_cblock *input; +des_cblock *output; +des_key_schedule schedule; +int encrypt; +.PP +.ft B +int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt) +des_cblock *input; +des_cblock *output; +long length; +des_key_schedule schedule; +des_cblock *ivec; +int encrypt; +.PP +.ft B +int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt) +des_cblock *input; +des_cblock *output; +long length; +des_key_schedule schedule; +des_cblock *ivec; +int encrypt; +.PP +.ft B +unsigned long des_cbc_cksum(input,output,length,schedule,ivec) +des_cblock *input; +des_cblock *output; +long length; +des_key_schedule schedule; +des_cblock *ivec; +.PP +.ft B +unsigned long quad_cksum(input,output,length,out_count,seed) +des_cblock *input; +des_cblock *output; +long length; +int out_count; +des_cblock *seed; +.PP +.fi +.SH DESCRIPTION +This library supports various DES encryption related operations. It differs +from the +.I crypt, setkey, and encrypt +library routines in that it provides +a true DES encryption, without modifying the algorithm, +and executes much faster. +.PP +For each key that may be simultaneously active, create a +.B des_key_schedule +struct, +defined in "des.h". Next, create key schedules (from the 8-byte keys) as +needed, via +.I des_set_key, +prior to using the encryption or checksum routines. Then +setup the input and output areas. Make sure to note the restrictions +on lengths being multiples of eight bytes. Finally, invoke the +encryption/decryption routines, +.I des_ecb_encrypt +or +.I des_cbc_encrypt +or +.I des_pcbc_encrypt, +or, to generate a cryptographic checksum, use +.I quad_cksum +(fast) or +.I des_cbc_cksum +(slow). +.PP +A +.I des_cblock +struct is an 8 byte block used as the fundamental unit for DES data and +keys, and is defined as: +.PP +.B typedef unsigned char des_cblock[8]; +.PP +and a +.I des_key_schedule, +is defined as: +.PP +.B typedef struct des_ks_struct {des_cblock _;} des_key_schedule[16]; +.PP +.I des_read_password +writes the string specified by +.I prompt +to the standard +output, turns off echo (if possible) +and reads an input string from standard input until terminated with a newline. +If +.I verify +is non-zero, it prompts and reads input again, for use +in applications such as changing a password; both +versions are compared, and the input is requested repeatedly until they +match. Then +.I des_read_password +converts the input string into a valid DES key, internally +using the +.I des_string_to_key +routine. The newly created key is copied to the +area pointed to by the +.I key +argument. +.I des_read_password +returns a zero if no errors occurred, or a -1 +indicating that an error +occurred trying to manipulate the terminal echo. +.PP +.PP +.I des_string_to_key +converts an arbitrary length null-terminated string +to an 8 byte DES key, with odd byte parity, per FIPS specification. +A one-way function is used to convert the string to a key, making it +very difficult to reconstruct the string from the key. +The +.I str +argument is a pointer to the string, and +.I key +should +point to a +.I des_cblock +supplied by the caller to receive the generated key. +No meaningful value is returned. Void is not used for compatibility with +other compilers. +.PP +.PP +.I des_random_key +generates a random DES encryption key (eight bytes), set to odd parity per +FIPS +specifications. +This routine uses the current time, process id, and a counter +as a seed for the random number generator. +The caller must supply space for the output key, pointed to +by argument +.I key, +then after calling +.I des_random_key +should +call the +.I des_set_key +routine when needed. +No meaningful value is returned. Void is not used for compatibility +with other compilers. +.PP +.PP +.I des_set_key +calculates a key schedule from all eight bytes of the input key, pointed +to by the +.I key +argument, and outputs the schedule into the +.I des_key_schedule +indicated by the +.I schedule +argument. Make sure to pass a valid eight byte +key; no padding is done. The key schedule may then be used in subsequent +encryption/decryption/checksum operations. Many key schedules may be +cached for later use. The user is responsible to clear keys and schedules +as soon as no longer needed, to prevent their disclosure. +The routine also checks the key +parity, and returns a zero if the key parity is correct (odd), a -1 +indicating a key parity error, or a -2 indicating use of an illegal +weak key. If an error is returned, the key schedule was not created. +.PP +.PP +.I des_ecb_encrypt +is the basic DES encryption routine that encrypts or decrypts a single 8-byte +block in +.B electronic code book +mode. It always transforms the input data, pointed to by +.I input, +into the output data, pointed to by the +.I output +argument. +.PP +If the +.I encrypt +argument is non-zero, the +.I input +(cleartext) is encrypted into the +.I output +(ciphertext) using the key_schedule specified by the +.I schedule +argument, previously set via +.I des_set_key +.PP +If encrypt is zero, the +.I input +(now ciphertext) is decrypted into the +.I output +(now cleartext). +.PP +Input and output may overlap. +.PP +No meaningful value is returned. Void is not used for compatibility +with other compilers. +.PP +.PP +.I des_cbc_encrypt +encrypts/decrypts using the +.B cipher-block-chaining mode of DES. +If the +.I encrypt +argument is non-zero, the routine cipher-block-chain encrypts +the cleartext data pointed to by the +.I input +argument into the ciphertext pointed to by the +.I output +argument, using the key schedule provided by the +.I schedule +argument, and initialization vector provided by the +.I ivec +argument. +If the +.I length +argument is not an integral +multiple of eight bytes, the last block is copied to a temp and zero +filled (highest addresses). The output is ALWAYS an integral multiple +of eight bytes. +.PP +If +.I encrypt +is zero, the routine cipher-block chain decrypts the (now) ciphertext +data pointed to by the +.I input +argument into (now) cleartext pointed to by the +.I output +argument using the key schedule provided by the +.I schedule +argument, and initialization vector provided by the +.I ivec +argument. Decryption ALWAYS operates on integral +multiples of 8 bytes, so it will round the +.I length +provided up to the +appropriate multiple. Consequently, it will always produce the rounded-up +number of bytes of output cleartext. The application must determine if +the output cleartext was zero-padded due to original cleartext lengths that +were not integral multiples of 8. +.PP +No errors or meaningful values are returned. Void is not used for +compatibility with other compilers. +.PP +A characteristic of cbc mode is that changing a single bit of the +cleartext, then encrypting using cbc mode, +affects ALL the subsequent ciphertext. This makes cryptanalysis +much more difficult. However, modifying a single bit of the ciphertext, +then decrypting, only affects the resulting cleartext from +the modified block and the succeeding block. Therefore, +.I des_pcbc_encrypt +is STRONGLY recommended for applications where +indefinite propagation of errors is required in order to detect modifications. +.PP +.PP +.I des_pcbc_encrypt +encrypts/decrypts using a modified block chaining mode. Its calling +sequence is identical to +.I des_cbc_encrypt. +It differs in its error propagation characteristics. +.PP +.I des_pcbc_encrypt +is highly recommended for most encryption purposes, in that +modification of a single bit of the ciphertext will affect ALL the +subsequent (decrypted) cleartext. Similarly, modifying a single bit of +the cleartext will affect ALL the subsequent (encrypted) ciphertext. +"PCBC" mode, on encryption, "xors" both the +cleartext of block N and the ciphertext resulting from block N with the +cleartext for block N+1 prior to encrypting block N+1. +.PP +.I des_cbc_cksum +produces an 8 byte cryptographic checksum by cipher-block-chain +encrypting the cleartext data pointed to by the +.I input +argument. All of the ciphertext output is discarded, except the +last 8-byte ciphertext block, which is written into the area pointed to by +the +.I output +argument. +It uses the key schedule, +provided by the +.I schedule +argument and initialization vector provided by the +.I ivec +argument. +If the +.I length +argument is not an integral +multiple of eight bytes, the last cleartext block is copied to a temp and zero +filled (highest addresses). The output is ALWAYS eight bytes. +.PP +The routine also returns an unsigned long, which is the last (highest address) +half of the 8 byte checksum computed. +.PP +.PP +.I quad_cksum +produces a checksum by chaining quadratic operations on the cleartext data +pointed to by the +.I input +argument. The +.I length +argument specifies the length of the +input -- only exactly that many bytes are included for the checksum, +without any padding. +.PP +The algorithm may be iterated over the same input data, if the +.I out_count +argument is 2, 3 or 4, and the optional +.I output +argument is a non-null pointer . +The default is one iteration, and it will not run +more than 4 times. Multiple iterations run slower, but provide +a longer checksum if desired. The +.I seed +argument provides an 8-byte seed for the first iteration. If multiple iterations are +requested, the results of one iteration are automatically used as +the seed for the next iteration. +.PP +It returns both an unsigned long checksum value, and +if the +.I output +argument is not a null pointer, up to 16 bytes of +the computed checksum are written into the output. +.PP +.PP +.SH FILES +/usr/include/des.h +.br +/usr/lib/libdes.a +.SH "SEE ALSO" +.SH DIAGNOSTICS +.SH BUGS +This software has not yet been compiled or tested on machines other than the +VAX and the IBM PC. +.SH AUTHORS +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.SH RESTRICTIONS +COPYRIGHT 1985,1986 Massachusetts Institute of Technology +.PP +This software may not be exported outside of the US without a special +license from the US Dept of Commerce. It may be replaced by any secret +key block cipher with block length and key length of 8 bytes, as long +as the interface is the same as described here. diff --git a/kerberosIV/src/lib/editline/edit_compat.h b/kerberosIV/src/lib/editline/edit_compat.h new file mode 100644 index 00000000000..55f66ff67f0 --- /dev/null +++ b/kerberosIV/src/lib/editline/edit_compat.h @@ -0,0 +1,44 @@ +/* + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $KTH: edit_compat.h,v 1.1 2001/08/29 00:24:33 assar Exp $ */ + +#ifndef _EDIT_COMPAT_H +#define _EDIT_COMPAT_H + +void rl_reset_terminal(char *p); +void rl_initialize(void); +char *readline(const char *prompt); +void add_history(char *p); + +#endif /* _EDIT_COMPAT_H */ diff --git a/kerberosIV/src/lib/kadm/Makefile.am b/kerberosIV/src/lib/kadm/Makefile.am new file mode 100644 index 00000000000..9ad64f07d7e --- /dev/null +++ b/kerberosIV/src/lib/kadm/Makefile.am @@ -0,0 +1,30 @@ +# $KTH: Makefile.am,v 1.5 2001/09/17 05:47:02 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -DROKEN_RENAME $(INCLUDE_des) + +include_HEADERS = kadm.h kadm_err.h + +build_HEADERZ = $(include_HEADERS) + +lib_LTLIBRARIES = libkadm.la +libkadm_la_LDFLAGS = -version-info 1:10:0 +libkadm_la_LIBADD = ../krb/libkrb.la $(LIB_des) $(LIB_com_err) + +libkadm_la_SOURCES = \ + kadm_cli_wrap.c \ + kadm_err.c \ + kadm_stream.c \ + kadm_supp.c \ + check_password.c + + +$(OBJECTS): kadm_err.h roken_rename.h + +roken_rename.h: + $(LN_S) $(srcdir)/../krb/roken_rename.h . + +kadm_err.h: kadm_err.et + +CLEANFILES = kadm_err.h kadm_err.c diff --git a/kerberosIV/src/lib/kafs/kafs.3 b/kerberosIV/src/lib/kafs/kafs.3 new file mode 100644 index 00000000000..ca2ab614717 --- /dev/null +++ b/kerberosIV/src/lib/kafs/kafs.3 @@ -0,0 +1,157 @@ +.\" $KTH: kafs.3,v 1.4.4.1 2002/02/06 03:36:47 assar Exp $ +.\" +.Dd May 7, 1997 +.Os KTH-KRB +.Dt KAFS 3 +.Sh NAME +.Nm k_hasafs , +.Nm k_pioctl , +.Nm k_unlog , +.Nm k_setpag , +.Nm k_afs_cell_of_file , +.Nm krb_afslog , +.Nm krb_afslog_uid +.\" .Nm krb5_afslog , +.\" .Nm krb5_afslog_uid +.Nd AFS library +.Sh SYNOPSIS +.Fd #include <kafs.h> +.Ft int +.Fn k_afs_cell_of_file "const char *path" "char *cell" "int len" +.Ft int +.Fn k_hasafs +.Ft int +.Fn k_pioctl "char *a_path" "int o_opcode" "struct ViceIoctl *a_paramsP" "int a_followSymlinks" +.Ft int +.Fn k_setpag +.Ft int +.Fn k_unlog +.Ft int +.Fn krb_afslog "char *cell" "char *realm" +.Ft int +.Fn krb_afslog_uid "char *cell" "char *realm" "uid_t uid" +.\" .Ft krb5_error_code +.\" .Fn krb5_afslog_uid "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" "uid_t uid" +.\" .Ft krb5_error_code +.\" .Fn krb5_afslog "krb5_context context" "krb5_ccache id" "const char *cell" "krb5_const_realm realm" +.Sh DESCRIPTION +.Fn k_hasafs +initializes some library internal structures, and tests for the +presence of AFS in the kernel, none of the other functions should be +called before +.Fn k_hasafs +is called, or if it fails. +.Pp +.Fn krb_afslog , +and +.Fn krb_afslog_uid +obtains new tokens (and possibly tickets) for the specified +.Fa cell +and +.Fa realm . +If +.Fa cell +is +.Dv NULL , +the local cell is used. If +.Fa realm +is +.Dv NULL , +the function tries to guess what realm to use. Unless you have some good knowledge of what cell or realm to use, you should pass +.Dv NULL . +.Fn krb_afslog +will use the real user-id for the +.Dv ViceId +field in the token, +.Fn krb_afslog_uid +will use +.Fa uid . +.Pp +.\" .Fn krb5_afslog , +.\" and +.\" .Fn krb5_afslog_uid +.\" are the Kerberos 5 equivalents of +.\" .Fn krb_afslog , +.\" and +.\" .Fn krb_afslog_uid . +.\" The extra arguments are the ubiquitous context, and the cache id where +.\" to store any obtained tickets. Since AFS servers normally can't handle +.\" Kerberos 5 tickets directly, these functions will first obtain version +.\" 5 tickets for the requested cells, and then convert them to version 4 +.\" tickets, that can be stashed in the kernel. To convert tickets the +.\" .Fn krb524_convert_creds_kdc +.\" function will be used. +.\" .Pp +.Fn k_afs_cell_of_file +will in +.Fa cell +return the cell of a specified file, no more than +.Fa len +characters is put in +.Fa cell . +.Pp +.Fn k_pioctl +does a +.Fn pioctl +syscall with the specified arguments. This function is equivalent to +.Fn lpioctl . +.Pp +.Fn k_setpag +initializes a new PAG. +.Pp +.Fn k_unlog +removes destroys all tokens in the current PAG. +.Sh ENVIRONMENT +The following environment variable affect the mode of operation of +.Nm kafs : +.Bl -tag -width AFS_SYSCALL +.It Ev AFS_SYSCALL +Normally, +.Nm kafs +will try to figure out the correct system call(s) that are used by AFS +by itself. If it does not manage to do that, or does it incorrectly, +you can set this variable to the system call number or list of system +call numbers that should be used. +.El +.Sh RETURN VALUES +.Fn k_hasafs +returns 1 if AFS is present in the kernel, 0 otherwise. +.Fn krb_afslog +and +.Fn krb_afslog_uid +returns 0 on success, or a kerberos error number on failure. +.Fn k_afs_cell_of_file , +.Fn k_pioctl , +.Fn k_setpag , +and +.Fn k_unlog +all return the value of the underlaying system call, 0 on success. +.Sh EXAMPLES +The following code from +.Nm login +will obtain a new PAG and tokens for the local cell and the cell of +the users home directory. +.Bd -literal +if (k_hasafs()) { + char cell[64]; + k_setpag(); + if(k_afs_cell_of_file(pwd->pw_dir, cell, sizeof(cell)) == 0) + krb_afslog(cell, NULL); + krb_afslog(NULL, NULL); +} +.Ed +.Sh ERRORS +If any of these functions (apart from +.Fn k_hasafs ) +is called without AFS beeing present in the kernel, the process will +usually (depending on the operating system) receive a SIGSYS signal. +.Sh SEE ALSO +.Rs +.%A Transarc Corporation +.%J AFS-3 Programmer's Reference +.%T File Server/Cache Manager Interface +.%D 1991 +.Re +.Sh BUGS +.Ev AFS_SYSCALL +has no effect under AIX. diff --git a/kerberosIV/src/lib/kafs/roken_rename.h b/kerberosIV/src/lib/kafs/roken_rename.h new file mode 100644 index 00000000000..f15943f1a1f --- /dev/null +++ b/kerberosIV/src/lib/kafs/roken_rename.h @@ -0,0 +1,55 @@ +/* + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $KTH: roken_rename.h,v 1.2.2.3 2001/11/01 22:34:07 assar Exp $ */ + +#ifndef __roken_rename_h__ +#define __roken_rename_h__ + +/* + * Libroken routines that are added libkafs + */ + +#define _resolve_debug _roken_resolve_debug + +#define dns_free_data _kafs_dns_free_data +#define dns_lookup _kafs_dns_lookup +#define dns_string_to_type _kafs_dns_string_to_type +#define dns_type_to_string _kafs_dns_type_to_string +#define dns_srv_order _kafs_dns_srv_order + +#define strtok_r _kafs_strtok_r +#define strlcpy _kafs_strlcpy +#define strsep _kafs_strsep + +#endif /* __roken_rename_h__ */ diff --git a/kerberosIV/src/lib/kdb/Makefile.am b/kerberosIV/src/lib/kdb/Makefile.am new file mode 100644 index 00000000000..bbce234c518 --- /dev/null +++ b/kerberosIV/src/lib/kdb/Makefile.am @@ -0,0 +1,26 @@ +# $KTH: Makefile.am,v 1.5 2001/09/17 05:47:02 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -DROKEN_RENAME + +include_HEADERS = krb_db.h kdc.h + +build_HEADERZ = $(include_HEADERS) + +lib_LTLIBRARIES = libkdb.la +libkdb_la_LDFLAGS = -version-info 1:10:0 +libkdb_la_LIBADD = ../krb/libkrb.la $(LIB_des) + +libkdb_la_SOURCES = \ + copykey.c \ + krb_cache.c \ + krb_dbm.c \ + krb_kdb_utils.c \ + krb_lib.c \ + print_princ.c + +$(libkdb_la_OBJECTS): ../../include/config.h roken_rename.h + +roken_rename.h: + $(LN_S) $(srcdir)/../krb/roken_rename.h . diff --git a/kerberosIV/src/lib/krb/Makefile.am b/kerberosIV/src/lib/krb/Makefile.am new file mode 100644 index 00000000000..44730a14b47 --- /dev/null +++ b/kerberosIV/src/lib/krb/Makefile.am @@ -0,0 +1,177 @@ +# $KTH: Makefile.am,v 1.6 2001/09/13 05:01:43 assar Exp $ + + + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += -DROKEN_RENAME + +incdir = $(includedir) +inc_DATA = krb_err.h +idir = $(top_builddir)/include + +include_HEADERS = klog.h krb-archaeology.h krb-protos.h \ + krb.h prot.h krb_log.h krb_err.h + +build_HEADERZ = $(include_HEADERS) + +noinst_PROGRAMS = sizetest + +man_MANS = kerberos.1 kerberos.3 krb_realmofhost.3 krb_sendauth.3 \ + krb_set_tkt_string.3 kuserok.3 tf_util.3 krb.conf.5 krb.equiv.5 \ + krb.extra.5 krb.realms.5 + + +lib_LTLIBRARIES = libkrb.la +libkrb_la_LDFLAGS = -version-info 2:0:1 + +libkrb_la_LIBADD = $(LIB_des) + +libkrb_la_SOURCES = \ + check_time.c \ + cr_err_reply.c \ + create_auth_reply.c \ + create_ciph.c \ + create_death_packet.c \ + create_ticket.c \ + debug_decl.c \ + decomp_ticket.c \ + defaults.c \ + dest_tkt.c \ + encrypt_ktext.c \ + extra.c \ + get_ad_tkt.c \ + getfile.c \ + get_cred.c \ + get_default_principal.c \ + get_host.c \ + get_in_tkt.c \ + get_krbrlm.c \ + get_svc_in_tkt.c \ + get_tf_fullname.c \ + get_tf_realm.c \ + getaddrs.c \ + getrealm.c \ + getst.c \ + k_getport.c \ + k_getsockinst.c \ + k_localtime.c \ + kdc_reply.c \ + kntoln.c \ + krb_check_auth.c \ + krb_equiv.c \ + krb_err.c \ + krb_err_txt.c \ + krb_get_in_tkt.c \ + kuserok.c \ + lifetime.c \ + logging.c \ + lsb_addr_comp.c \ + mk_auth.c \ + mk_err.c \ + mk_priv.c \ + mk_req.c \ + mk_safe.c \ + month_sname.c \ + name2name.c \ + krb_net_read.c \ + krb_net_write.c \ + one.c \ + parse_name.c \ + random_block.c \ + rd_err.c \ + rd_priv.c \ + rd_req.c \ + rd_safe.c \ + read_service_key.c \ + realm_parse.c \ + recvauth.c \ + rw.c \ + save_credentials.c \ + send_to_kdc.c \ + sendauth.c \ + solaris_compat.c \ + stime.c \ + str2key.c \ + tf_util.c \ + time.c \ + tkt_string.c \ + unparse_name.c \ + verify_user.c \ + krb_ip_realm.c \ + $(EXTRA_SOURCE) \ + $(SHLIB_EXTRA_SOURCE) + +EXTRA_SOURCE = \ + base64.c \ + concat.c \ + flock.c \ + gethostname.c \ + gettimeofday.c \ + getuid.c \ + net_read.c \ + net_write.c \ + resolve.c \ + snprintf.c \ + strcasecmp.c \ + strlcat.c \ + strlcpy.c \ + strdup.c \ + strncasecmp.c \ + strnlen.c \ + strtok_r.c \ + swab.c + +SHLIB_EXTRA_SOURCE = \ + com_err.c \ + error.c + +CLEANFILES = krb_err.c krb_err.h + +krb_err.c krb_err.h: krb_err.et + +base64.c: + $(LN_S) $(srcdir)/../roken/base64.c . +concat.c: + $(LN_S) $(srcdir)/../roken/concat.c . +flock.c: + $(LN_S) $(srcdir)/../roken/flock.c . +gethostname.c: + $(LN_S) $(srcdir)/../roken/gethostname.c . +gettimeofday.c: + $(LN_S) $(srcdir)/../roken/gettimeofday.c . +getuid.c: + $(LN_S) $(srcdir)/../roken/getuid.c . +snprintf.c: + $(LN_S) $(srcdir)/../roken/snprintf.c . +strcasecmp.c: + $(LN_S) $(srcdir)/../roken/strcasecmp.c . +strlcat.c: + $(LN_S) $(srcdir)/../roken/strlcat.c . +strlcpy.c: + $(LN_S) $(srcdir)/../roken/strlcpy.c . +strncasecmp.c: + $(LN_S) $(srcdir)/../roken/strncasecmp.c . +strnlen.c: + $(LN_S) $(srcdir)/../roken/strnlen.c . +strdup.c: + $(LN_S) $(srcdir)/../roken/strdup.c . +strtok_r.c: + $(LN_S) $(srcdir)/../roken/strtok_r.c . +swab.c: + $(LN_S) $(srcdir)/../roken/swab.c . +resolve.c: + $(LN_S) $(srcdir)/../roken/resolve.c . +net_read.c: + $(LN_S) $(srcdir)/../roken/net_read.c . +net_write.c: + $(LN_S) $(srcdir)/../roken/net_write.c . +com_err.c: + $(LN_S) $(srcdir)/../com_err/com_err.c . +error.c: + $(LN_S) $(srcdir)/../com_err/error.c . + + +$(OBJECTS): ../../include/config.h +$(OBJECTS): krb_locl.h krb.h krb_err.h +rw.o: ../../include/version.h diff --git a/kerberosIV/src/lib/krb/kerberos.1 b/kerberosIV/src/lib/krb/kerberos.1 new file mode 100644 index 00000000000..7f83f1e6f2f --- /dev/null +++ b/kerberosIV/src/lib/krb/kerberos.1 @@ -0,0 +1,258 @@ +.\" $KTH: kerberos.1,v 1.1 2000/11/08 17:34:15 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KERBEROS 1 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kerberos \- introduction to the Kerberos system + +.SH DESCRIPTION +The +Kerberos +system authenticates +individual users in a network environment. +After authenticating yourself to +Kerberos, +you can use network utilities such as +.IR rlogin , +.IR rcp , +and +.IR rsh +without +having to present passwords to remote hosts and without having to bother +with +.I \.rhosts +files. +Note that these utilities will work without passwords only if +the remote machines you deal with +support the +Kerberos +system. +All Athena timesharing machines and public workstations support +Kerberos. +.PP +Before you can use +Kerberos, +you must register as an Athena user, +and you must make sure you have been added to +the +Kerberos +database. +You can use the +.I kinit +command to find out. +This command +tries to log you into the +Kerberos +system. +.I kinit +will prompt you for a username and password. +Enter your username and password. +If the utility lets you login without giving you a message, +you have already been registered. +.PP +If you enter your username and +.I kinit +responds with this message: +.nf + +Principal unknown (kerberos) + +.fi +you haven't been registered as a +Kerberos +user. +See your system administrator. +.PP +A Kerberos name contains three parts. +The first is the +.I principal name, +which is usually a user's or service's name. +The second is the +.I instance, +which in the case of a user is usually null. +Some users may have privileged instances, however, +such as ``root'' or ``admin''. +In the case of a service, the instance is the +name of the machine on which it runs; i.e. there +can be an +.I rlogin +service running on the machine ABC, which +is different from the rlogin service running on +the machine XYZ. +The third part of a Kerberos name +is the +.I realm. +The realm corresponds to the Kerberos service providing +authentication for the principal. +For example, at MIT there is a Kerberos running at the +Laboratory for Computer Science and one running at +Project Athena. +.PP +When writing a Kerberos name, the principal name is +separated from the instance (if not null) by a period, +and the realm (if not the local realm) follows, preceded by +an ``@'' sign. +The following are examples of valid Kerberos names: +.sp +.nf +.in +8 +billb +jis.admin +srz@lcs.mit.edu +treese.root@athena.mit.edu +.in -8 +.fi +.PP +When you authenticate yourself with +Kerberos, +through either the workstation +.I toehold +system or the +.I kinit +command, +Kerberos +gives you an initial +Kerberos +.IR ticket . +(A +Kerberos +ticket +is an encrypted protocol message that provides authentication.) +Kerberos +uses this ticket for network utilities +such as +.I rlogin +and +.IR rcp . +The ticket transactions are done transparently, +so you don't have to worry about their management. +.PP +Note, however, that tickets expire. +Privileged tickets, such as root instance tickets, +expire in a few minutes, while tickets that carry more ordinary +privileges may be good for several hours or a day, depending on the +installation's policy. +If your login session extends beyond the time limit, +you will have to re-authenticate yourself to +Kerberos +to get new tickets. +Use the +.IR kinit +command to re-authenticate yourself. +.PP +If you use the +.I kinit +command to get your tickets, +make sure you use the +.I kdestroy +command +to destroy your tickets before you end your login session. +You should probably put the +.I kdestroy +command in your +.I \.logout +file so that your tickets will be destroyed automatically when you logout. +For more information about the +.I kinit +and +.I kdestroy +commands, +see the +.I kinit(1) +and +.I kdestroy(1) +manual pages. +.PP +Currently, +Kerberos +supports the following network services: +.IR rlogin , +.IR rsh , +.IR rcp , +.IR pop , +.IR ftp , +.IR telnet , +.IR AFS +and +.IR NFS. + +.SH "SEE ALSO" +kdestroy(1), kinit(1), klist(1), kpasswd(1), des_crypt(3), kerberos(3), +kadmin(8) +.SH BUGS +Kerberos +will not do authentication forwarding. +In other words, +if you use +.I rlogin +to login to a remote host, +you cannot use +Kerberos +services from that host +until you authenticate yourself explicitly on that host. +Although you may need to authenticate yourself on the remote +host, +be aware that when you do so, +.I rlogin +sends your password across the network in clear text. + +.SH AUTHORS +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.br +Clifford Neuman, MIT Project Athena + +The following people helped out on various aspects of the system: + +Jeff Schiller designed and wrote the administration server and its +user interface, kadmin. +He also wrote the dbm version of the database management system. + +Mark Colan developed the +Kerberos +versions of +.IR rlogin , +.IR rsh , +and +.IR rcp , +as well as contributing work on the servers. + +John Ostlund developed the +Kerberos +versions of +.I passwd +and +.IR userreg . + +Stan Zanarotti pioneered Kerberos in a foreign realm (LCS), +and made many contributions based on that experience. + +Many people contributed code and/or useful ideas, including +Jim Aspnes, +Bob Baldwin, +John Barba, +Richard Basch, +Jim Bloom, +Bill Bryant, +Rob French, +Dan Geer, +David Jedlinsky, +John Kohl, +John Kubiatowicz, +Bob McKie, +Brian Murphy, +Ken Raeburn, +Chris Reed, +Jon Rochlis, +Mike Shanzer, +Bill Sommerfeld, +Jennifer Steiner, +Ted Ts'o, +and +Win Treese. + +.SH RESTRICTIONS + +COPYRIGHT 1985,1986 Massachusetts Institute of Technology diff --git a/kerberosIV/src/lib/krb/kerberos.3 b/kerberosIV/src/lib/krb/kerberos.3 new file mode 100644 index 00000000000..fa2a76d0589 --- /dev/null +++ b/kerberosIV/src/lib/krb/kerberos.3 @@ -0,0 +1,460 @@ +.\" $KTH: kerberos.3,v 1.1 2000/11/08 17:34:16 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KERBEROS 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_mk_req, krb_rd_req, krb_kntoln, krb_set_key, krb_get_cred, +krb_mk_priv, krb_rd_priv, krb_mk_safe, krb_rd_safe, krb_mk_err, +krb_rd_err, krb_ck_repl \- Kerberos authentication library +.SH SYNOPSIS +.nf +.nj +.ft B +#include <des.h> +#include <krb.h> +.PP +.ft B +extern char *krb_err_txt[]; +.PP +.ft B +int krb_mk_req(authent,service,instance,realm,checksum) +KTEXT authent; +char *service; +char *instance; +char *realm; +u_long checksum; +.PP +.ft B +int krb_rd_req(authent,service,instance,from_addr,ad,fn) +KTEXT authent; +char *service; +char *instance; +u_long from_addr; +AUTH_DAT *ad; +char *fn; +.PP +.ft B +int krb_kntoln(ad,lname) +AUTH_DAT *ad; +char *lname; +.PP +.ft B +int krb_set_key(key,cvt) +char *key; +int cvt; +.PP +.ft B +int krb_get_cred(service,instance,realm,c) +char *service; +char *instance; +char *realm; +CREDENTIALS *c; +.PP +.ft B +long krb_mk_priv(in,out,in_length,schedule,key,sender,receiver) +u_char *in; +u_char *out; +u_long in_length; +des_cblock key; +des_key_schedule schedule; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +.PP +.ft B +long krb_rd_priv(in,in_length,schedule,key,sender,receiver,msg_data) +u_char *in; +u_long in_length; +Key_schedule schedule; +des_cblock key; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +MSG_DAT *msg_data; +.PP +.ft B +long krb_mk_safe(in,out,in_length,key,sender,receiver) +u_char *in; +u_char *out; +u_long in_length; +des_cblock key; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +.PP +.ft B +long krb_rd_safe(in,length,key,sender,receiver,msg_data) +u_char *in; +u_long length; +des_cblock key; +struct sockaddr_in *sender; +struct sockaddr_in *receiver; +MSG_DAT *msg_data; +.PP +.ft B +long krb_mk_err(out,code,string) +u_char *out; +long code; +char *string; +.PP +.ft B +long krb_rd_err(in,length,code,msg_data) +u_char *in; +u_long length; +long code; +MSG_DAT *msg_data; +.fi +.ft R +.SH DESCRIPTION +This library supports network authentication and various related +operations. The library contains many routines beyond those described +in this man page, but they are not intended to be used directly. +Instead, they are called by the routines that are described, the +authentication server and the login program. +.PP +.I krb_err_txt[] +contains text string descriptions of various Kerberos error codes returned +by some of the routines below. +.PP +.I krb_mk_req +takes a pointer to a text structure in which an authenticator is to be +built. It also takes the name, instance, and realm of the service to be +used and an optional checksum. It is up to the application to decide +how to generate the checksum. +.I krb_mk_req +then retrieves a ticket for the desired service and creates an +authenticator. The authenticator is built in +.I authent +and is accessible +to the calling procedure. +.PP +It is up to the application to get the authenticator to the service +where it will be read by +.I krb_rd_req. +Unless an attacker posesses the session key contained in the ticket, it +will be unable to modify the authenticator. Thus, the checksum can be +used to verify the authenticity of the other data that will pass through +a connection. +.PP +.I krb_rd_req +takes an authenticator of type +.B KTEXT, +a service name, an instance, the address of the +host originating the request, and a pointer to a structure of type +.B AUTH_DAT +which is filled in with information obtained from the authenticator. +It also optionally takes the name of the file in which it will find the +secret key(s) for the service. +If the supplied +.I instance +contains "*", then the first service key with the same service name +found in the service key file will be used, and the +.I instance +argument will be filled in with the chosen instance. This means that +the caller must provide space for such an instance name. +.PP +It is used to find out information about the principal when a request +has been made to a service. It is up to the application protocol to get +the authenticator from the client to the service. The authenticator is +then passed to +.I krb_rd_req +to extract the desired information. +.PP +.I krb_rd_req +returns zero (RD_AP_OK) upon successful authentication. If a packet was +forged, modified, or replayed, authentication will fail. If the +authentication fails, a non-zero value is returned indicating the +particular problem encountered. See +.I krb.h +for the list of error codes. +.PP +If the last argument is the null string (""), krb_rd_req will use the +file /etc/srvtab to find its keys. If the last argument is NULL, it +will assume that the key has been set by +.I krb_set_key +and will not bother looking further. +.PP +.I krb_kntoln +converts a Kerberos name to a local name. It takes a structure +of type AUTH_DAT and uses the name and instance to look in the database +/etc/aname to find the corresponding local name. The local name is +returned and can be used by an application to change uids, directories, +or other parameters. It is not an integral part of Kerberos, but is +instead provided to support the use of Kerberos in existing utilities. +.PP +.I krb_set_key +takes as an argument a des key. It then creates +a key schedule from it and saves the original key to be used as an +initialization vector. +It is used to set the server's key which +must be used to decrypt tickets. +.PP +If called with a non-zero second argument, +.I krb_set_key +will first convert the input from a string of arbitrary length to a DES +key by encrypting it with a one-way function. +.PP +In most cases it should not be necessary to call +.I krb_set_key. +The necessary keys will usually be obtained and set inside +.I krb_rd_req. krb_set_key +is provided for those applications that do not wish to place the +application keys on disk. +.PP +.I krb_get_cred +searches the caller's ticket file for a ticket for the given service, instance, +and realm; and, if a ticket is found, fills in the given CREDENTIALS structure +with the ticket information. +.PP +If the ticket was found, +.I krb_get_cred +returns GC_OK. +If the ticket file can't be found, can't be read, doesn't belong to +the user (other than root), isn't a regular file, or is in the wrong +mode, the error GC_TKFIL is returned. +.PP +.I krb_mk_priv +creates an encrypted, authenticated +message from any arbitrary application data, pointed to by +.I in +and +.I in_length +bytes long. +The private session key, pointed to by +.I key +and the key schedule, +.I schedule, +are used to encrypt the data and some header information using +.I pcbc_encrypt. +.I sender +and +.I receiver +point to the Internet address of the two parties. +In addition to providing privacy, this protocol message protects +against modifications, insertions or replays. The encapsulated message and +header are placed in the area pointed to by +.I out +and the routine returns the length of the output, or -1 indicating +an error. +.PP +.I krb_rd_priv +decrypts and authenticates a received +.I krb_mk_priv +message. +.I in +points to the beginning of the received message, whose length +is specified in +.I in_length. +The private session key, pointed to by +.I key, +and the key schedule, +.I schedule, +are used to decrypt and verify the received message. +.I msg_data +is a pointer to a +.I MSG_DAT +struct, defined in +.I krb.h. +The routine fills in the +.I app_data +field with a pointer to the decrypted application data, +.I app_length +with the length of the +.I app_data +field, +.I time_sec +and +.I time_5ms +with the timestamps in the message, and +.I swap +with a 1 if the byte order of the receiver is different than that of +the sender. (The application must still determine if it is appropriate +to byte-swap application data; the Kerberos protocol fields are already taken +care of). The +.I hash +field returns a value useful as input to the +.I krb_ck_repl +routine. + +The routine returns zero if ok, or a Kerberos error code. Modified messages +and old messages cause errors, but it is up to the caller to +check the time sequence of messages, and to check against recently replayed +messages using +.I krb_ck_repl +if so desired. +.PP +.I krb_mk_safe +creates an authenticated, but unencrypted message from any arbitrary +application data, +pointed to by +.I in +and +.I in_length +bytes long. +The private session key, pointed to by +.I key, +is used to seed the +.I quad_cksum() +checksum algorithm used as part of the authentication. +.I sender +and +.I receiver +point to the Internet address of the two parties. +This message does not provide privacy, but does protect (via detection) +against modifications, insertions or replays. The encapsulated message and +header are placed in the area pointed to by +.I out +and the routine returns the length of the output, or -1 indicating +an error. +The authentication provided by this routine is not as strong as that +provided by +.I krb_mk_priv +or by computing the checksum using +.I cbc_cksum +instead, both of which authenticate via DES. +.PP + +.I krb_rd_safe +authenticates a received +.I krb_mk_safe +message. +.I in +points to the beginning of the received message, whose length +is specified in +.I in_length. +The private session key, pointed to by +.I key, +is used to seed the quad_cksum() routine as part of the authentication. +.I msg_data +is a pointer to a +.I MSG_DAT +struct, defined in +.I krb.h . +The routine fills in these +.I MSG_DAT +fields: +the +.I app_data +field with a pointer to the application data, +.I app_length +with the length of the +.I app_data +field, +.I time_sec +and +.I time_5ms +with the timestamps in the message, and +.I swap +with a 1 if the byte order of the receiver is different than that of +the sender. +(The application must still determine if it is appropriate +to byte-swap application data; the Kerberos protocol fields are already taken +care of). The +.I hash +field returns a value useful as input to the +.I krb_ck_repl +routine. + +The routine returns zero if ok, or a Kerberos error code. Modified messages +and old messages cause errors, but it is up to the caller to +check the time sequence of messages, and to check against recently replayed +messages using +.I krb_ck_repl +if so desired. +.PP +.I krb_mk_err +constructs an application level error message that may be used along +with +.I krb_mk_priv +or +.I krb_mk_safe. +.I out +is a pointer to the output buffer, +.I code +is an application specific error code, and +.I string +is an application specific error string. + +.PP +.I krb_rd_err +unpacks a received +.I krb_mk_err +message. +.I in +points to the beginning of the received message, whose length +is specified in +.I in_length. +.I code +is a pointer to a value to be filled in with the error +value provided by the application. +.I msg_data +is a pointer to a +.I MSG_DAT +struct, defined in +.I krb.h . +The routine fills in these +.I MSG_DAT +fields: the +.I app_data +field with a pointer to the application error text, +.I app_length +with the length of the +.I app_data +field, and +.I swap +with a 1 if the byte order of the receiver is different than that of +the sender. (The application must still determine if it is appropriate +to byte-swap application data; the Kerberos protocol fields are already taken +care of). + +The routine returns zero if the error message has been successfully received, +or a Kerberos error code. +.PP +The +.I KTEXT +structure is used to pass around text of varying lengths. It consists +of a buffer for the data, and a length. krb_rd_req takes an argument of this +type containing the authenticator, and krb_mk_req returns the +authenticator in a structure of this type. KTEXT itself is really a +pointer to the structure. The actual structure is of type KTEXT_ST. +.PP +The +.I AUTH_DAT +structure is filled in by krb_rd_req. It must be allocated before +calling krb_rd_req, and a pointer to it is passed. The structure is +filled in with data obtained from Kerberos. +.I MSG_DAT +structure is filled in by either krb_rd_priv, krb_rd_safe, or +krb_rd_err. It must be allocated before the call and a pointer to it +is passed. The structure is +filled in with data obtained from Kerberos. +.PP +.SH FILES +/usr/include/krb.h +.br +/usr/lib/libkrb.a +.br +/usr/include/des.h +.br +/usr/lib/libdes.a +.br +/etc/aname +.br +/etc/srvtab +.br +/tmp/tkt[uid] +.SH "SEE ALSO" +kerberos(1), des_crypt(3) +.SH DIAGNOSTICS +.SH BUGS +The caller of +.I krb_rd_req, krb_rd_priv, and krb_rd_safe +must check time order and for replay attempts. +.I krb_ck_repl +is not implemented yet. +.SH AUTHORS +Clifford Neuman, MIT Project Athena +.br +Steve Miller, MIT Project Athena/Digital Equipment Corporation +.SH RESTRICTIONS +COPYRIGHT 1985,1986,1989 Massachusetts Institute of Technology diff --git a/kerberosIV/src/lib/krb/krb.conf.5 b/kerberosIV/src/lib/krb/krb.conf.5 new file mode 100644 index 00000000000..e3b44bb9ae3 --- /dev/null +++ b/kerberosIV/src/lib/krb/krb.conf.5 @@ -0,0 +1,51 @@ +.\" $KTH: krb.conf.5,v 1.2 2000/12/07 15:23:41 assar Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.Dd December 7, 2000 +.Dt KRB.CONF 5 +.Os KTH-KRB +.Sh NAME +/etc/krb.conf \- Kerberos configuration file +.Sh DESCRIPTION +.Pa krb.conf +contains configuration information describing the Kerberos realm(s) and the +Kerberos key distribution center (KDC) servers for known realms. +.PP +.Pa krb.conf +starts with a definition of the local realm on the first line, this is +followed by any number lines defining supplementary local realms. The +rest of the file consists of lines indicating realm/host entries. The +first token is a realm name, and the second is a server specification +of a host running a KDC for that realm. The words "admin server" +following the hostname indicate that the host also provides an +administrative database server. + +To be able to communicate with the KDC through a firewall it is +sometimes necessary to tunnel requests over HTTP or TCP. Tunnel +protocols and port numbers are specified in the server specification +using the syntax [(UDP|TCP|HTTP)/]hostname[:port]. +.Sh EXAMPLES +.nf +.in +1i +SICS.SE +NADA.KTH.SE +SICS.SE TCP/kerberos.sics.se:88 admin server +NADA.KTH.SE kerberos.nada.kth.se admin server +NADA.KTH.SE kerberos-1.nada.kth.se +NADA.KTH.SE kerberos-2.nada.kth.se +NADA.KTH.SE HTTP/kerberos-3.nada.kth.se +KTH.SE kerberos.kth.se admin server +.in -1i +.Sh ENVIRONMENT +The environment variable +.Ev KRBCONFDIR +can be used to point out the directory where the +.Pa krb.conf +file resides. +.Sh SEE ALSO +.Xr krb.realms 5 , +.Xr krb_get_krbhst 3 , +.Xr krb_get_lrealm 3 diff --git a/kerberosIV/src/lib/krb/krb.equiv.5 b/kerberosIV/src/lib/krb/krb.equiv.5 new file mode 100644 index 00000000000..140c051f1e2 --- /dev/null +++ b/kerberosIV/src/lib/krb/krb.equiv.5 @@ -0,0 +1,27 @@ +.\" $KTH: krb.equiv.5,v 1.2 2001/05/06 21:32:45 assar Exp $ +.\" +.Dd June 18, 1996 +.Dt KRB.EQUIV 5 +.Os KTH-KRB +.Sh NAME +.Nm krb.equiv +.Nd Kerberos equivalent hosts file +.Sh DESCRIPTION +.Nm +contains a list of IP addresses that is to be considered being the +same host for Kerberos purposes. Plain addresses match a single +host. Addresses followed by a slash (/) and a number is taken as a +sub-network that should be considered equal. +.Pp +Hash (#) starts a comment. Backslash (\\) is a continuation character. +.Sh EXAMPLES +.Bd -literal +# A machine with two interfaces. +130.237.232.113 130.237.221.42 # emma emma-ether +# A machine with *many* interfaces +193.10.156.0/24 193.10.157.0/24 # syk-* syk-*-hps +.Ed +.Sh SEE ALSO +.Xr krb_equiv 3 , +.Xr krb.conf 5 , +.Xr krb.realms 5 diff --git a/kerberosIV/src/lib/krb/krb.extra.5 b/kerberosIV/src/lib/krb/krb.extra.5 new file mode 100644 index 00000000000..7cd90d43d01 --- /dev/null +++ b/kerberosIV/src/lib/krb/krb.extra.5 @@ -0,0 +1,53 @@ +.\" $KTH: krb.extra.5,v 1.4 2001/08/26 01:47:33 assar Exp $ +.\" +.Dd June 24, 1999 +.Dt KRB.EXTRA 5 +.Os KTH-KRB +.Sh NAME +.Nm krb.extra +.Nd Kerberos misc configuration file +.Sh DESCRIPTION +.Nm +contains a number of settings that are used by the kerberos library, +or directly by applications. Each line in the file consists of a +variable, an equal sign, and a value. Lines beginning with hash are +ignored. +.Pp +Currently defined variables are: +.Bl -tag -width foo +.It kdc_timeout +time in seconds to wait for an answer from the KDC (default is 4 +seconds) +.It kdc_timesync +if this is enabled, the time differential between the client and the +KDC will be stored, and used later on when computing the correct time; +this is useful if the client's clock is drifting +.It firewall_address +the outside address of the firewall; this is used in some places to +compute a direction bit, and this might break if the server has a +different idea about which address to use then the client +.It krb4_proxy +address of a web-proxy to use when connecting to the KDC via HTTP +.It krb_default_tkt_root +the default prefix for ticket files. E.g, if your uid is 42 and the +prefix is /tmp/tkt then your default ticket file will be /tmp/tkt42 +.It krb_default_keyfile +the default kefile, normally /etc/srvtab +.It nat_in_use +if a Network Address Translator (NAT) is being used. +.It egd_socket +if krb4 has been built with openssl, this specifies the egd socket. +.El +.Sh EXAMPLES +.Bd -literal +# this is a comment +krb_default_tkt_root = /tkt/tkt_ +kdc_timesync = yes +firewall_address = 10.0.0.1 +krb_default_keyfile = /etc/kerberosIV/srvtab +.Ed +.Sh SEE ALSO +.Xr RAND_egd 3 , +.Xr krb.conf 5 , +.Xr krb.equiv 5 , +.Xr krb.realms 5 diff --git a/kerberosIV/src/lib/krb/krb.h.in b/kerberosIV/src/lib/krb/krb.h.in new file mode 100644 index 00000000000..2dbd842c281 --- /dev/null +++ b/kerberosIV/src/lib/krb/krb.h.in @@ -0,0 +1,359 @@ +/* -*- C -*- + * + * $KTH: krb.h.in,v 1.1 2001/08/26 01:42:29 assar Exp $ + * + * Copyright 1987, 1988 by the Massachusetts Institute of Technology. + * + * For copying and distribution information, please see the file + * <mit-copyright.h>. + * + * Include file for the Kerberos library. + */ + +#if !defined (__STDC__) && !defined(_MSC_VER) +#define const +#define signed +#endif + +#include <ktypes.h> +#include <time.h> + +#ifndef __KRB_H__ +#define __KRB_H__ + +/* XXX */ +#ifndef __BEGIN_DECLS +#if defined(__cplusplus) +#define __BEGIN_DECLS extern "C" { +#define __END_DECLS }; +#else +#define __BEGIN_DECLS +#define __END_DECLS +#endif +#endif + +#if defined (__STDC__) || defined (_MSC_VER) +#ifndef __P +#define __P(x) x +#endif +#else +#ifndef __P +#define __P(x) () +#endif +#endif + +__BEGIN_DECLS + +/* Need some defs from des.h */ +#if !defined(NOPROTO) && !defined(__STDC__) +#define NOPROTO +#endif +#include <@DES_H@> + +/* CNS compatibility ahead! */ +#ifndef KRB_INT32 +#define KRB_INT32 int32_t +#endif +#ifndef KRB_UINT32 +#define KRB_UINT32 u_int32_t +#endif + +/* Global library variables. */ +extern int krb_ignore_ip_address; /* To turn off IP address comparison */ +extern int krb_no_long_lifetimes; /* To disable AFS compatible lifetimes */ +extern int krbONE; +#define HOST_BYTE_ORDER (* (char *) &krbONE) +/* Debug variables */ +extern int krb_debug; +extern int krb_ap_req_debug; +extern int krb_dns_debug; + + +/* Text describing error codes */ +#define MAX_KRB_ERRORS 256 +extern const char *krb_err_txt[MAX_KRB_ERRORS]; + +/* General definitions */ +#define KSUCCESS 0 +#define KFAILURE 255 + +/* + * Kerberos specific definitions + * + * KRBLOG is the log file for the kerberos master server. KRB_CONF is + * the configuration file where different host machines running master + * and slave servers can be found. KRB_MASTER is the name of the + * machine with the master database. The admin_server runs on this + * machine, and all changes to the db (as opposed to read-only + * requests, which can go to slaves) must go to it. KRB_HOST is the + * default machine * when looking for a kerberos slave server. Other + * possibilities are * in the KRB_CONF file. KRB_REALM is the name of + * the realm. + */ + +/* /etc/kerberosIV is only for backwards compatibility, don't use it! */ +#ifndef KRB_CONF +#define KRB_CONF "/etc/krb.conf" +#endif +#ifndef KRB_RLM_TRANS +#define KRB_RLM_TRANS "/etc/krb.realms" +#endif +#ifndef KRB_CNF_FILES +#define KRB_CNF_FILES { KRB_CONF, "/etc/kerberosIV/krb.conf", 0} +#endif +#ifndef KRB_RLM_FILES +#define KRB_RLM_FILES { KRB_RLM_TRANS, "/etc/kerberosIV/krb.realms", 0} +#endif +#ifndef KRB_EQUIV +#define KRB_EQUIV "/etc/krb.equiv" +#endif +#define KRB_MASTER "kerberos" +#ifndef KRB_REALM +#define KRB_REALM (krb_get_default_realm()) +#endif + +/* The maximum sizes for aname, realm, sname, and instance +1 */ +#define ANAME_SZ 40 +#define REALM_SZ 40 +#define SNAME_SZ 40 +#define INST_SZ 40 +/* Leave space for quoting */ +#define MAX_K_NAME_SZ (2*ANAME_SZ + 2*INST_SZ + 2*REALM_SZ - 3) +#define KKEY_SZ 100 +#define VERSION_SZ 1 +#define MSG_TYPE_SZ 1 +#define DATE_SZ 26 /* RTI date output */ + +#define MAX_HSTNM 100 /* for compatibility */ + +typedef struct krb_principal{ + char name[ANAME_SZ]; + char instance[INST_SZ]; + char realm[REALM_SZ]; +}krb_principal; + +#ifndef DEFAULT_TKT_LIFE /* allow compile-time override */ +/* default lifetime for krb_mk_req & co., 10 hrs */ +#define DEFAULT_TKT_LIFE 120 +#endif + +#define KRB_TICKET_GRANTING_TICKET "krbtgt" + +/* Definition of text structure used to pass text around */ +#define MAX_KTXT_LEN 1250 + +struct ktext { + unsigned int length; /* Length of the text */ + unsigned char dat[MAX_KTXT_LEN]; /* The data itself */ + u_int32_t mbz; /* zero to catch runaway strings */ +}; + +typedef struct ktext *KTEXT; +typedef struct ktext KTEXT_ST; + + +/* Definitions for send_to_kdc */ +#define CLIENT_KRB_TIMEOUT 4 /* default time between retries */ +#define CLIENT_KRB_RETRY 5 /* retry this many times */ +#define CLIENT_KRB_BUFLEN 512 /* max unfragmented packet */ + +/* Definitions for ticket file utilities */ +#define R_TKT_FIL 0 +#define W_TKT_FIL 1 + +/* Parameters for rd_ap_req */ +/* Maximum alloable clock skew in seconds */ +#define CLOCK_SKEW 5*60 +/* Filename for readservkey */ +#ifndef KEYFILE +#define KEYFILE (krb_get_default_keyfile()) +#endif + +/* Structure definition for rd_ap_req */ + +struct auth_dat { + unsigned char k_flags; /* Flags from ticket */ + char pname[ANAME_SZ]; /* Principal's name */ + char pinst[INST_SZ]; /* His Instance */ + char prealm[REALM_SZ]; /* His Realm */ + u_int32_t checksum; /* Data checksum (opt) */ + des_cblock session; /* Session Key */ + int life; /* Life of ticket */ + u_int32_t time_sec; /* Time ticket issued */ + u_int32_t address; /* Address in ticket */ + KTEXT_ST reply; /* Auth reply (opt) */ +}; + +typedef struct auth_dat AUTH_DAT; + +/* Structure definition for credentials returned by get_cred */ + +struct credentials { + char service[ANAME_SZ]; /* Service name */ + char instance[INST_SZ]; /* Instance */ + char realm[REALM_SZ]; /* Auth domain */ + des_cblock session; /* Session key */ + int lifetime; /* Lifetime */ + int kvno; /* Key version number */ + KTEXT_ST ticket_st; /* The ticket itself */ + int32_t issue_date; /* The issue time */ + char pname[ANAME_SZ]; /* Principal's name */ + char pinst[INST_SZ]; /* Principal's instance */ +}; + +typedef struct credentials CREDENTIALS; + +/* Structure definition for rd_private_msg and rd_safe_msg */ + +struct msg_dat { + unsigned char *app_data; /* pointer to appl data */ + u_int32_t app_length; /* length of appl data */ + u_int32_t hash; /* hash to lookup replay */ + int swap; /* swap bytes? */ + int32_t time_sec; /* msg timestamp seconds */ + unsigned char time_5ms; /* msg timestamp 5ms units */ +}; + +typedef struct msg_dat MSG_DAT; + +struct krb_host { + char *realm; + char *host; + enum krb_host_proto { PROTO_UDP, PROTO_TCP, PROTO_HTTP } proto; + int port; + int admin; +}; + +/* Location of ticket file for save_cred and get_cred */ +#define TKT_FILE tkt_string() +#ifndef TKT_ROOT +#define TKT_ROOT (krb_get_default_tkt_root()) +#endif + +/* Error codes returned from the KDC */ +#define KDC_OK 0 /* Request OK */ +#define KDC_NAME_EXP 1 /* Principal expired */ +#define KDC_SERVICE_EXP 2 /* Service expired */ +#define KDC_AUTH_EXP 3 /* Auth expired */ +#define KDC_PKT_VER 4 /* Protocol version unknown */ +#define KDC_P_MKEY_VER 5 /* Wrong master key version */ +#define KDC_S_MKEY_VER 6 /* Wrong master key version */ +#define KDC_BYTE_ORDER 7 /* Byte order unknown */ +#define KDC_PR_UNKNOWN 8 /* Principal unknown */ +#define KDC_PR_N_UNIQUE 9 /* Principal not unique */ +#define KDC_NULL_KEY 10 /* Principal has null key */ +#define KDC_GEN_ERR 20 /* Generic error from KDC */ + + +/* Values returned by get_credentials */ +#define GC_OK 0 /* Retrieve OK */ +#define RET_OK 0 /* Retrieve OK */ +#define GC_TKFIL 21 /* Can't read ticket file */ +#define RET_TKFIL 21 /* Can't read ticket file */ +#define GC_NOTKT 22 /* Can't find ticket or TGT */ +#define RET_NOTKT 22 /* Can't find ticket or TGT */ + + +/* Values returned by mk_ap_req */ +#define MK_AP_OK 0 /* Success */ +#define MK_AP_TGTEXP 26 /* TGT Expired */ + +/* Values returned by rd_ap_req */ +#define RD_AP_OK 0 /* Request authentic */ +#define RD_AP_UNDEC 31 /* Can't decode authenticator */ +#define RD_AP_EXP 32 /* Ticket expired */ +#define RD_AP_NYV 33 /* Ticket not yet valid */ +#define RD_AP_REPEAT 34 /* Repeated request */ +#define RD_AP_NOT_US 35 /* The ticket isn't for us */ +#define RD_AP_INCON 36 /* Request is inconsistent */ +#define RD_AP_TIME 37 /* delta_t too big */ +#define RD_AP_BADD 38 /* Incorrect net address */ +#define RD_AP_VERSION 39 /* protocol version mismatch */ +#define RD_AP_MSG_TYPE 40 /* invalid msg type */ +#define RD_AP_MODIFIED 41 /* message stream modified */ +#define RD_AP_ORDER 42 /* message out of order */ +#define RD_AP_UNAUTHOR 43 /* unauthorized request */ + +/* Values returned by get_pw_tkt */ +#define GT_PW_OK 0 /* Got password changing tkt */ +#define GT_PW_NULL 51 /* Current PW is null */ +#define GT_PW_BADPW 52 /* Incorrect current password */ +#define GT_PW_PROT 53 /* Protocol Error */ +#define GT_PW_KDCERR 54 /* Error returned by KDC */ +#define GT_PW_NULLTKT 55 /* Null tkt returned by KDC */ + + +/* Values returned by send_to_kdc */ +#define SKDC_OK 0 /* Response received */ +#define SKDC_RETRY 56 /* Retry count exceeded */ +#define SKDC_CANT 57 /* Can't send request */ + +/* + * Values returned by get_intkt + * (can also return SKDC_* and KDC errors) + */ + +#define INTK_OK 0 /* Ticket obtained */ +#define INTK_W_NOTALL 61 /* Not ALL tickets returned */ +#define INTK_BADPW 62 /* Incorrect password */ +#define INTK_PROT 63 /* Protocol Error */ +#define INTK_ERR 70 /* Other error */ + +/* Values returned by get_adtkt */ +#define AD_OK 0 /* Ticket Obtained */ +#define AD_NOTGT 71 /* Don't have tgt */ +#define AD_INTR_RLM_NOTGT 72 /* Can't get inter-realm tgt */ + +/* Error codes returned by ticket file utilities */ +#define NO_TKT_FIL 76 /* No ticket file found */ +#define TKT_FIL_ACC 77 /* Couldn't access tkt file */ +#define TKT_FIL_LCK 78 /* Couldn't lock ticket file */ +#define TKT_FIL_FMT 79 /* Bad ticket file format */ +#define TKT_FIL_INI 80 /* tf_init not called first */ + +/* Error code returned by kparse_name */ +#define KNAME_FMT 81 /* Bad Kerberos name format */ + +/* Error code returned by krb_mk_safe */ +#define SAFE_PRIV_ERROR -1 /* syscall error */ + +/* Defines for krb_sendauth and krb_recvauth */ + +#define KOPT_DONT_MK_REQ 0x00000001 /* don't call krb_mk_req */ +#define KOPT_DO_MUTUAL 0x00000002 /* do mutual auth */ + +#define KOPT_DONT_CANON 0x00000004 /* + * don't canonicalize inst as + * a hostname + */ + +#define KOPT_IGNORE_PROTOCOL 0x0008 + +#define KRB_SENDAUTH_VLEN 8 /* length for version strings */ + + +/* flags for krb_verify_user() */ +#define KRB_VERIFY_NOT_SECURE 0 +#define KRB_VERIFY_SECURE 1 +#define KRB_VERIFY_SECURE_FAIL 2 + +extern const char *krb4_version, *krb4_long_version; + +typedef int (*key_proc_t) __P((const char *name, + char *instance, /* INOUT parameter */ + const char *realm, + const void *password, + des_cblock *key)); + +typedef int (*decrypt_proc_t) __P((const char *name, + const char *instance, + const char *realm, + const void *arg, + key_proc_t, + KTEXT *)); + +#include "krb-protos.h" + +__END_DECLS + +#endif /* __KRB_H__ */ diff --git a/kerberosIV/src/lib/krb/krb.realms.5 b/kerberosIV/src/lib/krb/krb.realms.5 new file mode 100644 index 00000000000..d68bf1fe268 --- /dev/null +++ b/kerberosIV/src/lib/krb/krb.realms.5 @@ -0,0 +1,38 @@ +.\" $KTH: krb.realms.5,v 1.1 2000/11/08 17:34:16 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB.REALMS 5 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +/etc/krb.realms \- host to Kerberos realm translation file +.SH DESCRIPTION +.I krb.realms +provides a translation from a hostname to the Kerberos realm name for +the services provided by that host. +.PP +Each line of the translation file is in one of the following forms +(domain_name should be of the form .XXX.YYY, e.g. .LCS.MIT.EDU): +.nf +.in +5n +host_name kerberos_realm +domain_name kerberos_realm +.in -5n +.fi +If a hostname exactly matches the +.I host_name +field in a line of the first +form, the corresponding realm is the realm of the host. +If a hostname does not match any +.I host_name +in the file, but its +domain exactly matches the +.I domain_name +field in a line of the second +form, the corresponding realm is the realm of the host. +.PP +If no translation entry applies, the host's realm is considered to be +the hostname's domain portion converted to upper case. +.SH SEE ALSO +krb_realmofhost(3) diff --git a/kerberosIV/src/lib/krb/krb_realmofhost.3 b/kerberosIV/src/lib/krb/krb_realmofhost.3 new file mode 100644 index 00000000000..f70b5910209 --- /dev/null +++ b/kerberosIV/src/lib/krb/krb_realmofhost.3 @@ -0,0 +1,160 @@ +.\" $KTH: krb_realmofhost.3,v 1.1 2000/11/08 17:34:17 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB_REALMOFHOST 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_realmofhost, krb_get_phost, krb_get_krbhst, krb_get_admhst, +krb_get_lrealm \- additional Kerberos utility routines +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +#include <des.h> +#include <netinet/in.h> +.PP +.ft B +char *krb_realmofhost(host) +char *host; +.PP +.ft B +char *krb_get_phost(alias) +char *alias; +.PP +.ft B +krb_get_krbhst(host,realm,n) +char *host; +char *realm; +int n; +.PP +.ft B +krb_get_admhst(host,realm,n) +char *host; +char *realm; +int n; +.PP +.ft B +krb_get_lrealm(realm,n) +char *realm; +int n; +.fi +.ft R +.SH DESCRIPTION +.I krb_realmofhost +returns the Kerberos realm of the host +.IR host , +as determined by the translation table +.IR /etc/krb.realms . +.I host +should be the fully-qualified domain-style primary host name of the host +in question. In order to prevent certain security attacks, this routine +must either have +.I a priori +knowledge of a host's realm, or obtain such information securely. +.PP +The format of the translation file is described by +.IR krb.realms (5). +If +.I host +exactly matches a host_name line, the corresponding realm +is returned. +Otherwise, if the domain portion of +.I host +matches a domain_name line, the corresponding realm +is returned. +If +.I host +contains a domain, but no translation is found, +.IR host 's +domain is converted to upper-case and returned. +If +.I host +contains no discernable domain, or an error occurs, +the local realm name, as supplied by +.IR krb_get_lrealm (3), +is returned. +.PP +.I krb_get_phost +converts the hostname +.I alias +(which can be either an official name or an alias) into the instance +name to be used in obtaining Kerberos tickets for most services, +including the Berkeley rcmd suite (rlogin, rcp, rsh). +.br +The current convention is to return the first segment of the official +domain-style name after conversion to lower case. +.PP +.I krb_get_krbhst +fills in +.I host +with the hostname of the +.IR n th +host running a Kerberos key distribution center (KDC) +for realm +.IR realm , +as specified in the configuration file (\fI/etc/krb.conf\fR). +The configuration file is described by +.IR krb.conf (5). +If the host is successfully filled in, the routine +returns KSUCCESS. +If the file cannot be opened, and +.I n +equals 1, then the value of KRB_HOST as defined in +.I <krb.h> +is filled in, and KSUCCESS is returned. If there are fewer than +.I n +hosts running a Kerberos KDC for the requested realm, or the +configuration file is malformed, the routine +returns KFAILURE. +.PP +.I krb_get_admhst +fills in +.I host +with the hostname of the +.IR n th +host running a Kerberos KDC database administration server +for realm +.IR realm , +as specified in the configuration file (\fI/etc/krb.conf\fR). +If the file cannot be opened or is malformed, or there are fewer than +.I n +hosts running a Kerberos KDC database administration server, +the routine returns KFAILURE. +.PP +The character arrays used as return values for +.IR krb_get_krbhst , +.IR krb_get_admhst , +should be large enough to +hold any hostname (MAXHOSTNAMELEN from <sys/param.h>). +.PP +.I krb_get_lrealm +fills in +.I realm +with the +.IR n th +realm of the local host, as specified in the configuration file. +.I realm +should be at least REALM_SZ (from +.IR <krb.h>) characters long. +.PP +.SH SEE ALSO +kerberos(3), krb.conf(5), krb.realms(5) +.SH FILES +.TP 20n +/etc/krb.realms +translation file for host-to-realm mapping. +.TP +/etc/krb.conf +local realm-name and realm/server configuration file. +.SH BUGS +The current convention for instance names is too limited; the full +domain name should be used. +.PP +.I krb_get_lrealm +currently only supports +.I n += 1. It should really consult the user's ticket cache to determine the +user's current realm, rather than consulting a file on the host. diff --git a/kerberosIV/src/lib/krb/krb_sendauth.3 b/kerberosIV/src/lib/krb/krb_sendauth.3 new file mode 100644 index 00000000000..e6b5fba1136 --- /dev/null +++ b/kerberosIV/src/lib/krb/krb_sendauth.3 @@ -0,0 +1,347 @@ +.\" $KTH: krb_sendauth.3,v 1.1 2000/11/08 17:34:17 joda Exp $ +.\" Copyright 1988 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB_SENDAUTH 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_sendauth, krb_recvauth, krb_net_write, krb_net_read \- +Kerberos routines for sending authentication via network stream sockets +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +#include <des.h> +#include <netinet/in.h> +.PP +.fi +.HP 1i +.ft B +int krb_sendauth(options, fd, ktext, service, inst, realm, checksum, +msg_data, cred, schedule, laddr, faddr, version) +.nf +.RS 0 +.ft B +long options; +int fd; +KTEXT ktext; +char *service, *inst, *realm; +u_long checksum; +MSG_DAT *msg_data; +CREDENTIALS *cred; +Key_schedule schedule; +struct sockaddr_in *laddr, *faddr; +char *version; +.PP +.fi +.HP 1i +.ft B +int krb_recvauth(options, fd, ktext, service, inst, faddr, laddr, +auth_data, filename, schedule, version) +.nf +.RS 0 +.ft B +long options; +int fd; +KTEXT ktext; +char *service, *inst; +struct sockaddr_in *faddr, *laddr; +AUTH_DAT *auth_data; +char *filename; +Key_schedule schedule; +char *version; +.PP +.ft B +int krb_net_write(fd, buf, len) +int fd; +char *buf; +int len; +.PP +.ft B +int krb_net_read(fd, buf, len) +int fd; +char *buf; +int len; +.fi +.SH DESCRIPTION +.PP +These functions, +which are built on top of the core Kerberos library, +provide a convenient means for client and server +programs to send authentication messages +to one another through network connections. +The +.I krb_sendauth +function sends an authenticated ticket from the client program to +the server program by writing the ticket to a network socket. +The +.I krb_recvauth +function receives the ticket from the client by +reading from a network socket. + +.SH KRB_SENDAUTH +.PP +This function writes the ticket to +the network socket specified by the +file descriptor +.IR fd, +returning KSUCCESS if the write proceeds successfully, +and an error code if it does not. + +The +.I ktext +argument should point to an allocated KTEXT_ST structure. +The +.IR service, +.IR inst, +and +.IR realm +arguments specify the server program's Kerberos principal name, +instance, and realm. +If you are writing a client that uses the local realm exclusively, +you can set the +.I realm +argument to NULL. + +The +.I version +argument allows the client program to pass an application-specific +version string that the server program can then match against +its own version string. +The +.I version +string can be up to KSEND_VNO_LEN (see +.IR <krb.h> ) +characters in length. + +The +.I checksum +argument can be used to pass checksum information to the +server program. +The client program is responsible for specifying this information. +This checksum information is difficult to corrupt because +.I krb_sendauth +passes it over the network in encrypted form. +The +.I checksum +argument is passed as the checksum argument to +.IR krb_mk_req . + +You can set +.IR krb_sendauth's +other arguments to NULL unless you want the +client and server programs to mutually authenticate +themselves. +In the case of mutual authentication, +the client authenticates itself to the server program, +and demands that the server in turn authenticate itself to +the client. + +.SH KRB_SENDAUTH AND MUTUAL AUTHENTICATION +.PP +If you want mutual authentication, +make sure that you read all pending data from the local socket +before calling +.IR krb_sendauth. +Set +.IR krb_sendauth's +.I options +argument to +.BR KOPT_DO_MUTUAL +(this macro is defined in the +.IR krb.h +file); +make sure that the +.I laddr +argument points to +the address of the local socket, +and that +.I faddr +points to the foreign socket's network address. + +.I Krb_sendauth +fills in the other arguments-- +.IR msg_data , +.IR cred , +and +.IR schedule --before +sending the ticket to the server program. +You must, however, allocate space for these arguments +before calling the function. + +.I Krb_sendauth +supports two other options: +.BR KOPT_DONT_MK_REQ, +and +.BR KOPT_DONT_CANON. +If called with +.I options +set as KOPT_DONT_MK_REQ, +.I krb_sendauth +will not use the +.I krb_mk_req +function to retrieve the ticket from the Kerberos server. +The +.I ktext +argument must point to an existing ticket and authenticator (such as +would be created by +.IR krb_mk_req ), +and the +.IR service, +.IR inst, +and +.IR realm +arguments can be set to NULL. + +If called with +.I options +set as KOPT_DONT_CANON, +.I krb_sendauth +will not convert the service's instance to canonical form using +.IR krb_get_phost (3). + +If you want to call +.I krb_sendauth +with a multiple +.I options +specification, +construct +.I options +as a bitwise-OR of the options you want to specify. + +.SH KRB_RECVAUTH +.PP +The +.I krb_recvauth +function +reads a ticket/authenticator pair from the socket pointed to by the +.I fd +argument. +Set the +.I options +argument +as a bitwise-OR of the options desired. +Currently only KOPT_DO_MUTUAL is useful to the receiver. + +The +.I ktext +argument +should point to an allocated KTEXT_ST structure. +.I Krb_recvauth +fills +.I ktext +with the +ticket/authenticator pair read from +.IR fd , +then passes it to +.IR krb_rd_req . + +The +.I service +and +.I inst +arguments +specify the expected service and instance for which the ticket was +generated. They are also passed to +.IR krb_rd_req. +The +.I inst +argument may be set to "*" if the caller wishes +.I krb_mk_req +to fill in the instance used (note that there must be space in the +.I inst +argument to hold a full instance name, see +.IR krb_mk_req (3)). + +The +.I faddr +argument +should point to the address of the peer which is presenting the ticket. +It is also passed to +.IR krb_rd_req . + +If the client and server plan to mutually authenticate +one another, +the +.I laddr +argument +should point to the local address of the file descriptor. +Otherwise you can set this argument to NULL. + +The +.I auth_data +argument +should point to an allocated AUTH_DAT area. +It is passed to and filled in by +.IR krb_rd_req . +The checksum passed to the corresponding +.I krb_sendauth +is available as part of the filled-in AUTH_DAT area. + +The +.I filename +argument +specifies the filename +which the service program should use to obtain its service key. +.I Krb_recvauth +passes +.I filename +to the +.I krb_rd_req +function. +If you set this argument to "", +.I krb_rd_req +looks for the service key in the file +.IR /etc/srvtab. + +If the client and server are performing mutual authenication, +the +.I schedule +argument +should point to an allocated Key_schedule. +Otherwise it is ignored and may be NULL. + +The +.I version +argument should point to a character array of at least KSEND_VNO_LEN +characters. It is filled in with the version string passed by the client to +.IR krb_sendauth. +.PP +.SH KRB_NET_WRITE AND KRB_NET_READ +.PP +The +.I krb_net_write +function +emulates the write(2) system call, but guarantees that all data +specified is written to +.I fd +before returning, unless an error condition occurs. +.PP +The +.I krb_net_read +function +emulates the read(2) system call, but guarantees that the requested +amount of data is read from +.I fd +before returning, unless an error condition occurs. +.PP +.SH BUGS +.IR krb_sendauth, +.IR krb_recvauth, +.IR krb_net_write, +and +.IR krb_net_read +will not work properly on sockets set to non-blocking I/O mode. + +.SH SEE ALSO + +krb_mk_req(3), krb_rd_req(3), krb_get_phost(3) + +.SH AUTHOR +John T. Kohl, MIT Project Athena +.SH RESTRICTIONS +Copyright 1988, Massachusetts Instititute of Technology. +For copying and distribution information, +please see the file <mit-copyright.h>. diff --git a/kerberosIV/src/lib/krb/krb_set_tkt_string.3 b/kerberosIV/src/lib/krb/krb_set_tkt_string.3 new file mode 100644 index 00000000000..7a9f65734ab --- /dev/null +++ b/kerberosIV/src/lib/krb/krb_set_tkt_string.3 @@ -0,0 +1,42 @@ +.\" $KTH: krb_set_tkt_string.3,v 1.1 2000/11/08 17:34:17 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KRB_SET_TKT_STRING 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +krb_set_tkt_string \- set Kerberos ticket cache file name +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +.PP +.ft B +void krb_set_tkt_string(filename) +char *filename; +.fi +.ft R +.SH DESCRIPTION +.I krb_set_tkt_string +sets the name of the file that holds the user's +cache of Kerberos server tickets and associated session keys. +.PP +The string +.I filename +passed in is copied into local storage. +Only MAXPATHLEN-1 (see <sys/param.h>) characters of the filename are +copied in for use as the cache file name. +.PP +This routine should be called during initialization, before other +Kerberos routines are called; otherwise the routines which fetch the +ticket cache file name may be called and return an undesired ticket file +name until this routine is called. +.SH FILES +.TP 20n +/tmp/tkt[uid] +default ticket file name, unless the environment variable KRBTKFILE is set. +[uid] denotes the user's uid, in decimal. +.SH SEE ALSO +kerberos(3), setenv(3) diff --git a/kerberosIV/src/lib/krb/kuserok.3 b/kerberosIV/src/lib/krb/kuserok.3 new file mode 100644 index 00000000000..ef237f5e78d --- /dev/null +++ b/kerberosIV/src/lib/krb/kuserok.3 @@ -0,0 +1,66 @@ +.\" $KTH: kuserok.3,v 1.1 2000/11/08 17:34:17 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH KUSEROK 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +kuserok \- Kerberos version of ruserok +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +.PP +.ft B +kuserok(kdata, localuser) +AUTH_DAT *auth_data; +char *localuser; +.fi +.ft R +.SH DESCRIPTION +.I kuserok +determines whether a Kerberos principal described by the structure +.I auth_data +is authorized to login as user +.I localuser +according to the authorization file +("~\fIlocaluser\fR/.klogin" by default). It returns 0 (zero) if authorized, +1 (one) if not authorized. +.PP +If there is no account for +.I localuser +on the local machine, authorization is not granted. +If there is no authorization file, and the Kerberos principal described +by +.I auth_data +translates to +.I localuser +(using +.IR krb_kntoln (3)), +authorization is granted. +If the authorization file +can't be accessed, or the file is not owned by +.IR localuser, +authorization is denied. Otherwise, the file is searched for +a matching principal name, instance, and realm. If a match is found, +authorization is granted, else authorization is denied. +.PP +The file entries are in the format: +.nf +.in +5n + name.instance@realm +.in -5n +.fi +with one entry per line. + +For convenience ~localuser@LOCALREALM is +always considered to be an entry in the file even when there is no +file or the file is unreadable. +.SH SEE ALSO +kerberos(3), ruserok(3), krb_kntoln(3) +.SH FILES +.TP 20n +~\fIlocaluser\fR/.klogin +authorization list diff --git a/kerberosIV/src/lib/krb/random_block.c b/kerberosIV/src/lib/krb/random_block.c new file mode 100644 index 00000000000..e80afe829b7 --- /dev/null +++ b/kerberosIV/src/lib/krb/random_block.c @@ -0,0 +1,128 @@ +/* + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "krb_locl.h" + +RCSID("$KTH: random_block.c,v 1.1 2001/08/26 01:46:51 assar Exp $"); + +#ifdef HAVE_OPENSSL +#include <openssl/rand.h> + +/* From openssl/crypto/rand/rand_lcl.h */ +#define ENTROPY_NEEDED 20 +static int +seed_something(void) +{ + int fd = -1; + char buf[1024], seedfile[256]; + + /* If there is a seed file, load it. But such a file cannot be trusted, + so use 0 for the entropy estimate */ + if (RAND_file_name(seedfile, sizeof(seedfile))) { + fd = open(seedfile, O_RDONLY); + if (fd >= 0) { + read(fd, buf, sizeof(buf)); + /* Use the full buffer anyway */ + RAND_add(buf, sizeof(buf), 0.0); + } else + seedfile[0] = '\0'; + } else + seedfile[0] = '\0'; + + /* Calling RAND_status() will try to use /dev/urandom if it exists so + we do not have to deal with it. */ + if (RAND_status() != 1) { + + const char *p; + + /* Try using egd */ + p = krb_get_config_string("egd_socket"); + if (p != NULL) + RAND_egd_bytes(p, ENTROPY_NEEDED); + } + + if (RAND_status() == 1) { + /* Update the seed file */ + if (seedfile[0]) + RAND_write_file(seedfile); + + return 0; + } else + return -1; +} + +void +krb_generate_random_block(void *buf, size_t len) +{ + static int rng_initialized = 0; + + if (!rng_initialized) { + if (seed_something()) { + fprintf(stderr, "Could not initialize openssl rng\n"); + exit(1); + } + + rng_initialized = 1; + } + RAND_bytes(buf, len); +} + +#else /* !HAVE_OPENSSL */ + +void +krb_generate_random_block(void *buf, size_t len) +{ + des_cblock key, out; + static des_cblock counter; + static des_key_schedule schedule; + int i; + static int initialized = 0; + + if(!initialized) { + des_new_random_key(&key); + des_set_key(&key, schedule); + memset(&key, 0, sizeof(key)); + des_new_random_key(&counter); + } + while(len > 0) { + des_ecb_encrypt(&counter, &out, schedule, DES_ENCRYPT); + for(i = 7; i >=0; i--) + if(counter[i]++) + break; + memcpy(buf, out, min(len, sizeof(out))); + len -= min(len, sizeof(out)); + buf = (char*)buf + sizeof(out); + } +} + +#endif /* !HAVE_OPENSSL */ diff --git a/kerberosIV/src/lib/krb/tf_util.3 b/kerberosIV/src/lib/krb/tf_util.3 new file mode 100644 index 00000000000..c75fd889050 --- /dev/null +++ b/kerberosIV/src/lib/krb/tf_util.3 @@ -0,0 +1,150 @@ +.\" $KTH: tf_util.3,v 1.1 2000/11/08 17:34:17 joda Exp $ +.\" Copyright 1989 by the Massachusetts Institute of Technology. +.\" +.\" For copying and distribution information, +.\" please see the file <mit-copyright.h>. +.\" +.TH TF_UTIL 3 "Kerberos Version 4.0" "MIT Project Athena" +.SH NAME +tf_init, tf_get_pname, tf_get_pinst, tf_get_cred, tf_close \ +\- Routines for manipulating a Kerberos ticket file +.SH SYNOPSIS +.nf +.nj +.ft B +#include <krb.h> +.PP +.ft B +extern char *krb_err_txt[]; +.PP +.ft B +tf_init(tf_name, rw) +char *tf_name; +int rw; +.PP +.ft B +tf_get_pname(pname) +char *pname; +.PP +.ft B +tf_get_pinst(pinst) +char *pinst; +.PP +.ft B +tf_get_cred(c) +CREDENTIALS *c; +.PP +.ft B +tf_close() +.PP +.fi +.SH DESCRIPTION +This group of routines are provided to manipulate the Kerberos tickets +file. A ticket file has the following format: +.nf +.in +4 +.sp +principal's name (null-terminated string) +principal's instance (null-terminated string) +CREDENTIAL_1 +CREDENTIAL_2 + ... +CREDENTIAL_n +EOF +.sp +.in -4 +.LP +Where "CREDENTIAL_x" consists of the following fixed-length +fields from the CREDENTIALS structure (defined in <krb.h>): +.nf +.sp +.in +4 + char service[ANAME_SZ] + char instance[INST_SZ] + char realm[REALM_SZ] + des_cblock session + int lifetime + int kvno + KTEXT_ST ticket_st + long issue_date +.in -4 +.sp +.fi +.PP +.I tf_init +must be called before the other ticket file +routines. +It takes the name of the ticket file to use, +and a read/write flag as arguments. +It tries to open the ticket file, checks the mode and if +everything is okay, locks the file. If it's opened for +reading, the lock is shared. If it's opened for writing, +the lock is exclusive. +KSUCCESS is returned if all went well, otherwise one of the +following: +.nf +.sp +NO_TKT_FIL - file wasn't there +TKT_FIL_ACC - file was in wrong mode, etc. +TKT_FIL_LCK - couldn't lock the file, even after a retry +.sp +.fi +.PP +The +.I tf_get_pname +reads the principal's name from a ticket file. +It should only be called after tf_init has been called. The +principal's name is filled into the +.I pname +parameter. If all goes +well, KSUCCESS is returned. +If tf_init wasn't called, TKT_FIL_INI +is returned. +If the principal's name was null, or EOF was encountered, or the +name was longer than ANAME_SZ, TKT_FIL_FMT is returned. +.PP +The +.I tf_get_pinst +reads the principal's instance from a ticket file. +It should only be called after tf_init and tf_get_pname +have been called. +The principal's instance is filled into the +.I pinst +parameter. +If all goes +well, KSUCCESS is returned. +If tf_init wasn't called, TKT_FIL_INI +is returned. +If EOF was encountered, or the +name was longer than INST_SZ, TKT_FIL_FMT is returned. +Note that, unlike the principal name, the instance name may be null. +.PP +The +.I tf_get_cred +routine reads a CREDENTIALS record from a ticket file and +fills in the given structure. +It should only be called after +tf_init, tf_get_pname, and tf_get_pinst have been called. +If all goes well, KSUCCESS is returned. Possible error codes +are: +.nf +.sp +TKT_FIL_INI - tf_init wasn't called first +TKT_FIL_FMT - bad format +EOF - end of file encountered +.sp +.fi +.PP +.I tf_close +closes the ticket file and releases the lock on it. +.SH "SEE ALSO" +krb(3) +.SH DIAGNOSTICS +.SH BUGS +The ticket file routines have to be called in a certain order. +.SH AUTHORS +Jennifer Steiner, MIT Project Athena +.br +Bill Bryant, MIT Project Athena +.SH RESTRICTIONS +Copyright 1987 Massachusetts Institute of Technology diff --git a/kerberosIV/src/lib/roken/acconfig.h b/kerberosIV/src/lib/roken/acconfig.h new file mode 100644 index 00000000000..5fbe685ce38 --- /dev/null +++ b/kerberosIV/src/lib/roken/acconfig.h @@ -0,0 +1,36 @@ +@BOTTOM@ + +#ifdef BROKEN_REALLOC +#define realloc(X, Y) isoc_realloc((X), (Y)) +#define isoc_realloc(X, Y) ((X) ? realloc((X), (Y)) : malloc(Y)) +#endif + +#ifdef VOID_RETSIGTYPE +#define SIGRETURN(x) return +#else +#define SIGRETURN(x) return (RETSIGTYPE)(x) +#endif + +#define RCSID(msg) \ +static /**/const char *const rcsid[] = { (const char *)rcsid, "\100(#)" msg } + +#undef PROTOTYPES + +/* Maximum values on all known systems */ +#define MaxHostNameLen (64+4) +#define MaxPathLen (1024+4) + +/* + * Define NDBM if you are using the 4.3 ndbm library (which is part of + * libc). If not defined, 4.2 dbm will be assumed. + */ +#if defined(HAVE_DBM_FIRSTKEY) +#define NDBM +#endif + +/* + * Defining this enables lots of useful (and used) extensions on + * glibc-based systems such as Linux + */ + +#define _GNU_SOURCE diff --git a/kerberosIV/src/lib/roken/acinclude.m4 b/kerberosIV/src/lib/roken/acinclude.m4 new file mode 100644 index 00000000000..ca41c73bad1 --- /dev/null +++ b/kerberosIV/src/lib/roken/acinclude.m4 @@ -0,0 +1,9 @@ +dnl $Id: acinclude.m4,v 1.1 2002/06/08 21:07:43 hin Exp $ +dnl +dnl Only put things that for some reason can't live in the `cf' +dnl directory in this file. +dnl + +dnl $KTH: misc.m4,v 1.1 1997/12/14 15:59:04 joda Exp $ +dnl +define(upcase,`echo $1 | tr abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ`)dnl diff --git a/kerberosIV/src/lib/roken/base64-test.c b/kerberosIV/src/lib/roken/base64-test.c new file mode 100644 index 00000000000..00e4c9e0453 --- /dev/null +++ b/kerberosIV/src/lib/roken/base64-test.c @@ -0,0 +1,99 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: base64-test.c,v 1.2 2001/05/29 13:12:21 assar Exp $"); +#endif + +#include <roken.h> +#include <base64.h> + +int +main(int argc, char **argv) +{ + int numerr = 0; + int numtest = 1; + struct test { + void *data; + size_t len; + const char *result; + } *t, tests[] = { + { "", 0 , "" }, + { "1", 1, "MQ==" }, + { "22", 2, "MjI=" }, + { "333", 3, "MzMz" }, + { "4444", 4, "NDQ0NA==" }, + { "55555", 5, "NTU1NTU=" }, + { "abc:def", 7, "YWJjOmRlZg==" }, + { NULL } + }; + for(t = tests; t->data; t++) { + char *str; + int len; + len = base64_encode(t->data, t->len, &str); + if(strcmp(str, t->result) != 0) { + fprintf(stderr, "failed test %d: %s != %s\n", numtest, + str, t->result); + numerr++; + } + free(str); + str = strdup(t->result); + len = base64_decode(t->result, str); + if(len != t->len) { + fprintf(stderr, "failed test %d: len %d != %d\n", numtest, + len, t->len); + numerr++; + } else if(memcmp(str, t->data, t->len) != 0) { + fprintf(stderr, "failed test %d: data\n", numtest); + numerr++; + } + free(str); + numtest++; + } + + { + char str[32]; + if(base64_decode("M=M=", str) != -1) { + fprintf(stderr, "failed test %d: successful decode of `M=M='\n", + numtest++); + numerr++; + } + if(base64_decode("MQ===", str) != -1) { + fprintf(stderr, "failed test %d: successful decode of `MQ==='\n", + numtest++); + numerr++; + } + } + return numerr; +} diff --git a/kerberosIV/src/lib/roken/bswap.c b/kerberosIV/src/lib/roken/bswap.c new file mode 100644 index 00000000000..e32b4c2b819 --- /dev/null +++ b/kerberosIV/src/lib/roken/bswap.c @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" + +RCSID("$KTH: bswap.c,v 1.3 2001/05/18 15:32:11 joda Exp $"); + +#ifndef HAVE_BSWAP32 + +unsigned int +bswap32 (unsigned int val) +{ + return (val & 0xff) << 24 | + (val & 0xff00) << 8 | + (val & 0xff0000) >> 8 | + (val & 0xff000000) >> 24; +} +#endif + +#ifndef HAVE_BSWAP16 + +unsigned short +bswap16 (unsigned short val) +{ + return (val & 0xff) << 8 | + (val & 0xff00) >> 8; +} +#endif diff --git a/kerberosIV/src/lib/roken/config.h.in b/kerberosIV/src/lib/roken/config.h.in new file mode 100644 index 00000000000..b3df9891214 --- /dev/null +++ b/kerberosIV/src/lib/roken/config.h.in @@ -0,0 +1 @@ +/*autoheader*/ diff --git a/kerberosIV/src/lib/roken/ecalloc.c b/kerberosIV/src/lib/roken/ecalloc.c new file mode 100644 index 00000000000..a03b8bd3edb --- /dev/null +++ b/kerberosIV/src/lib/roken/ecalloc.c @@ -0,0 +1,56 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: ecalloc.c,v 1.1 2001/06/17 12:09:37 assar Exp $"); +#endif + +#include <stdlib.h> +#include <err.h> + +#include <roken.h> + +/* + * Like calloc but never fails. + */ + +void * +ecalloc (size_t number, size_t size) +{ + void *tmp = calloc (number, size); + + if (tmp == NULL && number * size != 0) + errx (1, "calloc %lu failed", (unsigned long)number * size); + return tmp; +} diff --git a/kerberosIV/src/lib/roken/environment.c b/kerberosIV/src/lib/roken/environment.c new file mode 100644 index 00000000000..b6096f0cec2 --- /dev/null +++ b/kerberosIV/src/lib/roken/environment.c @@ -0,0 +1,103 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: environment.c,v 1.1 2000/06/21 02:05:03 assar Exp $"); +#endif + +#include <stdio.h> +#include <string.h> +#include "roken.h" + +/* + * return count of environment assignments from `file' and + * list of malloced strings in `env' + */ + +int +read_environment(const char *file, char ***env) +{ + int i, k; + FILE *F; + char **l; + char buf[BUFSIZ], *p, *r; + + if ((F = fopen(file, "r")) == NULL) { + return 0; + } + + i = 0; + if (*env) { + l = *env; + while (*l != NULL) { + i++; + l++; + } + } + l = *env; + /* This is somewhat more relaxed on what it accepts then + * Wietses sysv_environ from K4 was... + */ + while (fgets(buf, BUFSIZ, F) != NULL) { + if (buf[0] == '#') + continue; + + p = strchr(buf, '#'); + if (p != NULL) + *p = '\0'; + + p = buf; + while (*p == ' ' || *p == '\t' || *p == '\n') p++; + if (*p == '\0') + continue; + + k = strlen(p); + if (p[k-1] == '\n') + p[k-1] = '\0'; + + /* Here one should check that is is a 'valid' env string... */ + r = strchr(p, '='); + if (r == NULL) + continue; + + l = realloc(l, (i+1) * sizeof (char *)); + l[i++] = strdup(p); + } + fclose(F); + l = realloc(l, (i+1) * sizeof (char *)); + l[i] = NULL; + *env = l; + return i; +} diff --git a/kerberosIV/src/lib/roken/err.hin b/kerberosIV/src/lib/roken/err.hin new file mode 100644 index 00000000000..2cbf9405b1c --- /dev/null +++ b/kerberosIV/src/lib/roken/err.hin @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $KTH: err.hin,v 1.16 2000/12/11 04:40:59 assar Exp $ */ + +#ifndef __ERR_H__ +#define __ERR_H__ + +#include <errno.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <stdarg.h> + +extern const char *__progname; + +#if !defined(__GNUC__) && !defined(__attribute__) +#define __attribute__(x) +#endif + +void verr(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void err(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void verrx(int eval, const char *fmt, va_list ap) + __attribute__ ((noreturn, format (printf, 2, 0))); +void errx(int eval, const char *fmt, ...) + __attribute__ ((noreturn, format (printf, 2, 3))); +void vwarn(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warn(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); +void vwarnx(const char *fmt, va_list ap) + __attribute__ ((format (printf, 1, 0))); +void warnx(const char *fmt, ...) + __attribute__ ((format (printf, 1, 2))); + +#endif /* __ERR_H__ */ diff --git a/kerberosIV/src/lib/roken/esetenv.c b/kerberosIV/src/lib/roken/esetenv.c new file mode 100644 index 00000000000..9bee6d1ba20 --- /dev/null +++ b/kerberosIV/src/lib/roken/esetenv.c @@ -0,0 +1,48 @@ +/* + * Copyright (c) 2000, 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: esetenv.c,v 1.3 2001/01/27 05:28:38 assar Exp $"); +#endif + +#include "roken.h" + +#include <err.h> + +void +esetenv(const char *var, const char *val, int rewrite) +{ + if (setenv ((char *)var, (char *)val, rewrite)) + errx (1, "failed setting environment variable %s", var); +} diff --git a/kerberosIV/src/lib/roken/fnmatch.hin b/kerberosIV/src/lib/roken/fnmatch.hin new file mode 100644 index 00000000000..95c91d600b6 --- /dev/null +++ b/kerberosIV/src/lib/roken/fnmatch.hin @@ -0,0 +1,49 @@ +/* $NetBSD: fnmatch.h,v 1.5 1994/10/26 00:55:53 cgd Exp $ */ + +/*- + * Copyright (c) 1992, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)fnmatch.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _FNMATCH_H_ +#define _FNMATCH_H_ + +#define FNM_NOMATCH 1 /* Match failed. */ + +#define FNM_NOESCAPE 0x01 /* Disable backslash escaping. */ +#define FNM_PATHNAME 0x02 /* Slash must be matched by slash. */ +#define FNM_PERIOD 0x04 /* Period must be matched by period. */ + +int fnmatch (const char *, const char *, int); + +#endif /* !_FNMATCH_H_ */ diff --git a/kerberosIV/src/lib/roken/freeaddrinfo.c b/kerberosIV/src/lib/roken/freeaddrinfo.c new file mode 100644 index 00000000000..68c1faa3f18 --- /dev/null +++ b/kerberosIV/src/lib/roken/freeaddrinfo.c @@ -0,0 +1,57 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: freeaddrinfo.c,v 1.4 2001/05/11 09:10:32 joda Exp $"); +#endif + +#include "roken.h" + +/* + * free the list of `struct addrinfo' starting at `ai' + */ + +void +freeaddrinfo(struct addrinfo *ai) +{ + struct addrinfo *tofree; + + while(ai != NULL) { + free (ai->ai_canonname); + free (ai->ai_addr); + tofree = ai; + ai = ai->ai_next; + free (tofree); + } +} diff --git a/kerberosIV/src/lib/roken/gai_strerror.c b/kerberosIV/src/lib/roken/gai_strerror.c new file mode 100644 index 00000000000..82577eaf9eb --- /dev/null +++ b/kerberosIV/src/lib/roken/gai_strerror.c @@ -0,0 +1,73 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: gai_strerror.c,v 1.2 1999/12/03 04:10:06 assar Exp $"); +#endif + +#include "roken.h" + +static struct gai_error { + int code; + char *str; +} errors[] = { +{EAI_NOERROR, "no error"}, +{EAI_ADDRFAMILY, "address family for nodename not supported"}, +{EAI_AGAIN, "temporary failure in name resolution"}, +{EAI_BADFLAGS, "invalid value for ai_flags"}, +{EAI_FAIL, "non-recoverable failure in name resolution"}, +{EAI_FAMILY, "ai_family not supported"}, +{EAI_MEMORY, "memory allocation failure"}, +{EAI_NODATA, "no address associated with nodename"}, +{EAI_NONAME, "nodename nor servname provided, or not known"}, +{EAI_SERVICE, "servname not supported for ai_socktype"}, +{EAI_SOCKTYPE, "ai_socktype not supported"}, +{EAI_SYSTEM, "system error returned in errno"}, +{0, NULL}, +}; + +/* + * + */ + +char * +gai_strerror(int ecode) +{ + struct gai_error *g; + + for (g = errors; g->str != NULL; ++g) + if (g->code == ecode) + return g->str; + return "unknown error code in gai_strerror"; +} diff --git a/kerberosIV/src/lib/roken/getaddrinfo-test.c b/kerberosIV/src/lib/roken/getaddrinfo-test.c new file mode 100644 index 00000000000..51e8ff4efb9 --- /dev/null +++ b/kerberosIV/src/lib/roken/getaddrinfo-test.c @@ -0,0 +1,144 @@ +/* + * Copyright (c) 1999 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: getaddrinfo-test.c,v 1.4 2001/02/20 01:44:54 assar Exp $"); +#endif + +#include "roken.h" +#include "getarg.h" + +static int flags; +static int family; +static int socktype; + +static int version_flag; +static int help_flag; + +static struct getargs args[] = { + {"flags", 0, arg_integer, &flags, "flags", NULL}, + {"family", 0, arg_integer, &family, "family", NULL}, + {"socktype",0, arg_integer, &socktype, "socktype", NULL}, + {"version", 0, arg_flag, &version_flag, "print version",NULL}, + {"help", 0, arg_flag, &help_flag, NULL, NULL} +}; + +static void +usage(int ret) +{ + arg_printusage (args, + sizeof(args) / sizeof(args[0]), + NULL, + "[nodename servname...]"); + exit (ret); +} + +static void +doit (const char *nodename, const char *servname) +{ + struct addrinfo hints; + struct addrinfo *res, *r; + int ret; + + printf ("(%s,%s)... ", nodename ? nodename : "null", servname); + + memset (&hints, 0, sizeof(hints)); + hints.ai_flags = flags; + hints.ai_family = family; + hints.ai_socktype = socktype; + + ret = getaddrinfo (nodename, servname, &hints, &res); + if (ret) { + printf ("error: %s\n", gai_strerror(ret)); + return; + } + printf ("\n"); + + for (r = res; r != NULL; r = r->ai_next) { + char addrstr[256]; + + if (inet_ntop (r->ai_family, + socket_get_address (r->ai_addr), + addrstr, sizeof(addrstr)) == NULL) { + printf ("\tbad address?\n"); + continue; + } + printf ("\t(family = %d, socktype = %d, protocol = %d, " + "address = \"%s\", port = %d", + r->ai_family, r->ai_socktype, r->ai_protocol, + addrstr, + ntohs(socket_get_port (r->ai_addr))); + if (r->ai_canonname) + printf (", canonname = \"%s\"", r->ai_canonname); + printf ("\n"); + } + freeaddrinfo (res); +} + +int +main(int argc, char **argv) +{ + int optind = 0; + int i; + + setprogname (argv[0]); + + if (getarg (args, sizeof(args) / sizeof(args[0]), argc, argv, + &optind)) + usage (1); + + if (help_flag) + usage (0); + + if (version_flag) { + fprintf (stderr, "%s from %s-%s)\n", getprogname(), PACKAGE, VERSION); + return 0; + } + + argc -= optind; + argv += optind; + + if (argc % 2 != 0) + usage (1); + + for (i = 0; i < argc; i += 2) { + const char *nodename = argv[i]; + + if (strcmp (nodename, "null") == 0) + nodename = NULL; + + doit (nodename, argv[i+1]); + } + return 0; +} diff --git a/kerberosIV/src/lib/roken/getaddrinfo.c b/kerberosIV/src/lib/roken/getaddrinfo.c new file mode 100644 index 00000000000..1b7e97deb52 --- /dev/null +++ b/kerberosIV/src/lib/roken/getaddrinfo.c @@ -0,0 +1,417 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: getaddrinfo.c,v 1.12 2001/08/17 13:06:57 joda Exp $"); +#endif + +#include "roken.h" + +/* + * uses hints->ai_socktype and hints->ai_protocol + */ + +static int +get_port_protocol_socktype (const char *servname, + const struct addrinfo *hints, + int *port, + int *protocol, + int *socktype) +{ + struct servent *se; + const char *proto_str = NULL; + + *socktype = 0; + + if (hints != NULL && hints->ai_protocol != 0) { + struct protoent *protoent = getprotobynumber (hints->ai_protocol); + + if (protoent == NULL) + return EAI_SOCKTYPE; /* XXX */ + + proto_str = protoent->p_name; + *protocol = protoent->p_proto; + } + + if (hints != NULL) + *socktype = hints->ai_socktype; + + if (*socktype == SOCK_STREAM) { + se = getservbyname (servname, proto_str ? proto_str : "tcp"); + if (proto_str == NULL) + *protocol = IPPROTO_TCP; + } else if (*socktype == SOCK_DGRAM) { + se = getservbyname (servname, proto_str ? proto_str : "udp"); + if (proto_str == NULL) + *protocol = IPPROTO_UDP; + } else if (*socktype == 0) { + if (proto_str != NULL) { + se = getservbyname (servname, proto_str); + } else { + se = getservbyname (servname, "tcp"); + *protocol = IPPROTO_TCP; + *socktype = SOCK_STREAM; + if (se == NULL) { + se = getservbyname (servname, "udp"); + *protocol = IPPROTO_UDP; + *socktype = SOCK_DGRAM; + } + } + } else + return EAI_SOCKTYPE; + + if (se == NULL) { + char *endstr; + + *port = htons(strtol (servname, &endstr, 10)); + if (servname == endstr) + return EAI_NONAME; + } else { + *port = se->s_port; + } + return 0; +} + +static int +add_one (int port, int protocol, int socktype, + struct addrinfo ***ptr, + int (*func)(struct addrinfo *, void *data, int port), + void *data, + char *canonname) +{ + struct addrinfo *a; + int ret; + + a = malloc (sizeof (*a)); + if (a == NULL) + return EAI_MEMORY; + memset (a, 0, sizeof(*a)); + a->ai_flags = 0; + a->ai_next = NULL; + a->ai_protocol = protocol; + a->ai_socktype = socktype; + a->ai_canonname = canonname; + ret = (*func)(a, data, port); + if (ret) { + free (a); + return ret; + } + **ptr = a; + *ptr = &a->ai_next; + return 0; +} + +static int +const_v4 (struct addrinfo *a, void *data, int port) +{ + struct sockaddr_in *sin; + struct in_addr *addr = (struct in_addr *)data; + + a->ai_family = PF_INET; + a->ai_addrlen = sizeof(*sin); + a->ai_addr = malloc (sizeof(*sin)); + if (a->ai_addr == NULL) + return EAI_MEMORY; + sin = (struct sockaddr_in *)a->ai_addr; + memset (sin, 0, sizeof(*sin)); + sin->sin_family = AF_INET; + sin->sin_port = port; + sin->sin_addr = *addr; + return 0; +} + +#ifdef HAVE_IPV6 +static int +const_v6 (struct addrinfo *a, void *data, int port) +{ + struct sockaddr_in6 *sin6; + struct in6_addr *addr = (struct in6_addr *)data; + + a->ai_family = PF_INET6; + a->ai_addrlen = sizeof(*sin6); + a->ai_addr = malloc (sizeof(*sin6)); + if (a->ai_addr == NULL) + return EAI_MEMORY; + sin6 = (struct sockaddr_in6 *)a->ai_addr; + memset (sin6, 0, sizeof(*sin6)); + sin6->sin6_family = AF_INET6; + sin6->sin6_port = port; + sin6->sin6_addr = *addr; + return 0; +} +#endif + +/* this is mostly a hack for some versions of AIX that has a prototype + for in6addr_loopback but no actual symbol in libc */ +#if defined(HAVE_IPV6) && !defined(HAVE_IN6ADDR_LOOPBACK) && defined(IN6ADDR_LOOPBACK_INIT) +#define in6addr_loopback _roken_in6addr_loopback +struct in6_addr in6addr_loopback = IN6ADDR_LOOPBACK_INIT; +#endif + +static int +get_null (const struct addrinfo *hints, + int port, int protocol, int socktype, + struct addrinfo **res) +{ + struct in_addr v4_addr; +#ifdef HAVE_IPV6 + struct in6_addr v6_addr; +#endif + struct addrinfo *first = NULL; + struct addrinfo **current = &first; + int family = PF_UNSPEC; + int ret; + + if (hints != NULL) + family = hints->ai_family; + + if (hints && hints->ai_flags & AI_PASSIVE) { + v4_addr.s_addr = INADDR_ANY; +#ifdef HAVE_IPV6 + v6_addr = in6addr_any; +#endif + } else { + v4_addr.s_addr = htonl(INADDR_LOOPBACK); +#ifdef HAVE_IPV6 + v6_addr = in6addr_loopback; +#endif + } + +#ifdef HAVE_IPV6 + if (family == PF_INET6 || family == PF_UNSPEC) { + ret = add_one (port, protocol, socktype, + ¤t, const_v6, &v6_addr, NULL); + } +#endif + if (family == PF_INET || family == PF_UNSPEC) { + ret = add_one (port, protocol, socktype, + ¤t, const_v4, &v4_addr, NULL); + } + *res = first; + return 0; +} + +static int +add_hostent (int port, int protocol, int socktype, + struct addrinfo ***current, + int (*func)(struct addrinfo *, void *data, int port), + struct hostent *he, int *flags) +{ + int ret; + char *canonname = NULL; + char **h; + + if (*flags & AI_CANONNAME) { + struct hostent *he2 = NULL; + const char *tmp_canon; + + tmp_canon = hostent_find_fqdn (he); + if (strchr (tmp_canon, '.') == NULL) { + int error; + + he2 = getipnodebyaddr (he->h_addr_list[0], he->h_length, + he->h_addrtype, &error); + if (he2 != NULL) { + const char *tmp = hostent_find_fqdn (he2); + + if (strchr (tmp, '.') != NULL) + tmp_canon = tmp; + } + } + + canonname = strdup (tmp_canon); + if (he2 != NULL) + freehostent (he2); + if (canonname == NULL) + return EAI_MEMORY; + } + + for (h = he->h_addr_list; *h != NULL; ++h) { + ret = add_one (port, protocol, socktype, + current, func, *h, canonname); + if (ret) + return ret; + if (*flags & AI_CANONNAME) { + *flags &= ~AI_CANONNAME; + canonname = NULL; + } + } + return 0; +} + +static int +get_number (const char *nodename, + const struct addrinfo *hints, + int port, int protocol, int socktype, + struct addrinfo **res) +{ + struct addrinfo *first = NULL; + struct addrinfo **current = &first; + int family = PF_UNSPEC; + int ret; + + if (hints != NULL) { + family = hints->ai_family; + } + +#ifdef HAVE_IPV6 + if (family == PF_INET6 || family == PF_UNSPEC) { + struct in6_addr v6_addr; + + if (inet_pton (PF_INET6, nodename, &v6_addr) == 1) { + ret = add_one (port, protocol, socktype, + ¤t, const_v6, &v6_addr, NULL); + *res = first; + return ret; + } + } +#endif + if (family == PF_INET || family == PF_UNSPEC) { + struct in_addr v4_addr; + + if (inet_pton (PF_INET, nodename, &v4_addr) == 1) { + ret = add_one (port, protocol, socktype, + ¤t, const_v4, &v4_addr, NULL); + *res = first; + return ret; + } + } + return EAI_NONAME; +} + +static int +get_nodes (const char *nodename, + const struct addrinfo *hints, + int port, int protocol, int socktype, + struct addrinfo **res) +{ + struct addrinfo *first = NULL; + struct addrinfo **current = &first; + int family = PF_UNSPEC; + int flags = 0; + int ret = EAI_NONAME; + int error; + + if (hints != NULL) { + family = hints->ai_family; + flags = hints->ai_flags; + } + +#ifdef HAVE_IPV6 + if (family == PF_INET6 || family == PF_UNSPEC) { + struct hostent *he; + + he = getipnodebyname (nodename, PF_INET6, 0, &error); + + if (he != NULL) { + ret = add_hostent (port, protocol, socktype, + ¤t, const_v6, he, &flags); + freehostent (he); + } + } +#endif + if (family == PF_INET || family == PF_UNSPEC) { + struct hostent *he; + + he = getipnodebyname (nodename, PF_INET, 0, &error); + + if (he != NULL) { + ret = add_hostent (port, protocol, socktype, + ¤t, const_v4, he, &flags); + freehostent (he); + } + } + *res = first; + return ret; +} + +/* + * hints: + * + * struct addrinfo { + * int ai_flags; + * int ai_family; + * int ai_socktype; + * int ai_protocol; + * ... + * }; + */ + +int +getaddrinfo(const char *nodename, + const char *servname, + const struct addrinfo *hints, + struct addrinfo **res) +{ + int ret; + int port = 0; + int protocol = 0; + int socktype = 0; + + *res = NULL; + + if (servname == NULL && nodename == NULL) + return EAI_NONAME; + + if (hints != NULL + && hints->ai_family != PF_UNSPEC + && hints->ai_family != PF_INET +#ifdef HAVE_IPV6 + && hints->ai_family != PF_INET6 +#endif + ) + return EAI_FAMILY; + + if (servname != NULL) { + ret = get_port_protocol_socktype (servname, hints, + &port, &protocol, &socktype); + if (ret) + return ret; + } + if (nodename != NULL) { + ret = get_number (nodename, hints, port, protocol, socktype, res); + if (ret) { + if(hints && hints->ai_flags & AI_NUMERICHOST) + ret = EAI_NONAME; + else + ret = get_nodes (nodename, hints, port, protocol, socktype, + res); + } + } else { + ret = get_null (hints, port, protocol, socktype, res); + } + if (ret) + freeaddrinfo (*res); + return ret; +} diff --git a/kerberosIV/src/lib/roken/getaddrinfo_hostspec.c b/kerberosIV/src/lib/roken/getaddrinfo_hostspec.c new file mode 100644 index 00000000000..0bae788226c --- /dev/null +++ b/kerberosIV/src/lib/roken/getaddrinfo_hostspec.c @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: getaddrinfo_hostspec.c,v 1.3 2000/07/15 12:50:32 joda Exp $"); +#endif + +#include "roken.h" + +/* getaddrinfo via string specifying host and port */ + +int +roken_getaddrinfo_hostspec2(const char *hostspec, + int socktype, + int port, + struct addrinfo **ai) +{ + const char *p; + char portstr[NI_MAXSERV]; + char host[MAXHOSTNAMELEN]; + struct addrinfo hints; + int hostspec_len; + + struct hst { + const char *prefix; + int socktype; + int protocol; + int port; + } *hstp, hst[] = { + { "http://", SOCK_STREAM, IPPROTO_TCP, 80 }, + { "http/", SOCK_STREAM, IPPROTO_TCP, 80 }, + { "tcp/", SOCK_STREAM, IPPROTO_TCP }, + { "udp/", SOCK_DGRAM, IPPROTO_UDP }, + { NULL } + }; + + memset(&hints, 0, sizeof(hints)); + + hints.ai_socktype = socktype; + + for(hstp = hst; hstp->prefix; hstp++) { + if(strncmp(hostspec, hstp->prefix, strlen(hstp->prefix)) == 0) { + hints.ai_socktype = hstp->socktype; + hints.ai_protocol = hstp->protocol; + if(port == 0) + port = hstp->port; + hostspec += strlen(hstp->prefix); + break; + } + } + + p = strchr (hostspec, ':'); + if (p != NULL) { + char *end; + + port = strtol (p + 1, &end, 0); + hostspec_len = p - hostspec; + } else { + hostspec_len = strlen(hostspec); + } + snprintf (portstr, sizeof(portstr), "%u", port); + + snprintf (host, sizeof(host), "%.*s", hostspec_len, hostspec); + return getaddrinfo (host, portstr, &hints, ai); +} + +int +roken_getaddrinfo_hostspec(const char *hostspec, + int port, + struct addrinfo **ai) +{ + return roken_getaddrinfo_hostspec2(hostspec, 0, port, ai); +} diff --git a/kerberosIV/src/lib/roken/getifaddrs.c b/kerberosIV/src/lib/roken/getifaddrs.c new file mode 100644 index 00000000000..2e547393f36 --- /dev/null +++ b/kerberosIV/src/lib/roken/getifaddrs.c @@ -0,0 +1,270 @@ +/* + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: getifaddrs.c,v 1.6 2001/07/31 01:15:41 assar Exp $"); +#endif +#include "roken.h" + +#ifdef __osf__ +/* hate */ +struct rtentry; +struct mbuf; +#endif +#ifdef HAVE_NET_IF_H +#include <net/if.h> +#endif + +#ifdef HAVE_SYS_SOCKIO_H +#include <sys/sockio.h> +#endif /* HAVE_SYS_SOCKIO_H */ + +#ifdef HAVE_NETINET_IN6_VAR_H +#include <netinet/in6_var.h> +#endif /* HAVE_NETINET_IN6_VAR_H */ + +#include <ifaddrs.h> + +static int +getifaddrs2(struct ifaddrs **ifap, + int af, int siocgifconf, int siocgifflags, + size_t ifreq_sz) +{ + int ret; + int fd; + size_t buf_size; + char *buf; + struct ifconf ifconf; + char *p; + size_t sz; + struct sockaddr sa_zero; + struct ifreq *ifr; + + struct ifaddrs *start, **end = &start; + + buf = NULL; + + memset (&sa_zero, 0, sizeof(sa_zero)); + fd = socket(af, SOCK_DGRAM, 0); + if (fd < 0) + return -1; + + buf_size = 8192; + for (;;) { + buf = calloc(1, buf_size); + if (buf == NULL) { + ret = ENOMEM; + goto error_out; + } + ifconf.ifc_len = buf_size; + ifconf.ifc_buf = buf; + + /* + * Solaris returns EINVAL when the buffer is too small. + */ + if (ioctl (fd, siocgifconf, &ifconf) < 0 && errno != EINVAL) { + ret = errno; + goto error_out; + } + /* + * Can the difference between a full and a overfull buf + * be determined? + */ + + if (ifconf.ifc_len < buf_size) + break; + free (buf); + buf_size *= 2; + } + + for (p = ifconf.ifc_buf; + p < ifconf.ifc_buf + ifconf.ifc_len; + p += sz) { + struct ifreq ifreq; + struct sockaddr *sa; + size_t salen; + + ifr = (struct ifreq *)p; + sa = &ifr->ifr_addr; + + sz = ifreq_sz; + salen = sizeof(struct sockaddr); +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN + salen = sa->sa_len; + sz = max(sz, sizeof(ifr->ifr_name) + sa->sa_len); +#endif +#ifdef SA_LEN + salen = SA_LEN(sa); + sz = max(sz, sizeof(ifr->ifr_name) + SA_LEN(sa)); +#endif + memset (&ifreq, 0, sizeof(ifreq)); + memcpy (ifreq.ifr_name, ifr->ifr_name, sizeof(ifr->ifr_name)); + + if (ioctl(fd, siocgifflags, &ifreq) < 0) { + ret = errno; + goto error_out; + } + + *end = malloc(sizeof(**end)); + + (*end)->ifa_next = NULL; + (*end)->ifa_name = strdup(ifr->ifr_name); + (*end)->ifa_flags = ifreq.ifr_flags; + (*end)->ifa_addr = malloc(salen); + memcpy((*end)->ifa_addr, sa, salen); + (*end)->ifa_netmask = NULL; + +#if 0 + /* fix these when we actually need them */ + if(ifreq.ifr_flags & IFF_BROADCAST) { + (*end)->ifa_broadaddr = malloc(sizeof(ifr->ifr_broadaddr)); + memcpy((*end)->ifa_broadaddr, &ifr->ifr_broadaddr, + sizeof(ifr->ifr_broadaddr)); + } else if(ifreq.ifr_flags & IFF_POINTOPOINT) { + (*end)->ifa_dstaddr = malloc(sizeof(ifr->ifr_dstaddr)); + memcpy((*end)->ifa_dstaddr, &ifr->ifr_dstaddr, + sizeof(ifr->ifr_dstaddr)); + } else + (*end)->ifa_dstaddr = NULL; +#else + (*end)->ifa_dstaddr = NULL; +#endif + + (*end)->ifa_data = NULL; + + end = &(*end)->ifa_next; + + } + *ifap = start; + close(fd); + free(buf); + return 0; + error_out: + close(fd); + free(buf); + errno = ret; + return -1; +} + +int +getifaddrs(struct ifaddrs **ifap) +{ + int ret = -1; + errno = ENXIO; +#if defined(AF_INET6) && defined(SIOCGIF6CONF) && defined(SIOCGIF6FLAGS) + if (ret) + ret = getifaddrs2 (ifap, AF_INET6, SIOCGIF6CONF, SIOCGIF6FLAGS, + sizeof(struct in6_ifreq)); +#endif +#if defined(HAVE_IPV6) && defined(SIOCGIFCONF) + if (ret) + ret = getifaddrs2 (ifap, AF_INET6, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); +#endif +#if defined(AF_INET) && defined(SIOCGIFCONF) && defined(SIOCGIFFLAGS) + if (ret) + ret = getifaddrs2 (ifap, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, + sizeof(struct ifreq)); +#endif + return ret; +} + +void +freeifaddrs(struct ifaddrs *ifp) +{ + struct ifaddrs *p, *q; + + for(p = ifp; p; ) { + free(p->ifa_name); + if(p->ifa_addr) + free(p->ifa_addr); + if(p->ifa_dstaddr) + free(p->ifa_dstaddr); + if(p->ifa_netmask) + free(p->ifa_netmask); + if(p->ifa_data) + free(p->ifa_data); + q = p; + p = p->ifa_next; + free(q); + } +} + +#ifdef TEST + +void +print_addr(const char *s, struct sockaddr *sa) +{ + int i; + printf(" %s=%d/", s, sa->sa_family); +#ifdef HAVE_STRUCT_SOCKADDR_SA_LEN + for(i = 0; i < sa->sa_len - ((long)sa->sa_data - (long)&sa->sa_family); i++) + printf("%02x", ((unsigned char*)sa->sa_data)[i]); +#else + for(i = 0; i < sizeof(sa->sa_data); i++) + printf("%02x", ((unsigned char*)sa->sa_data)[i]); +#endif + printf("\n"); +} + +void +print_ifaddrs(struct ifaddrs *x) +{ + struct ifaddrs *p; + + for(p = x; p; p = p->ifa_next) { + printf("%s\n", p->ifa_name); + printf(" flags=%x\n", p->ifa_flags); + if(p->ifa_addr) + print_addr("addr", p->ifa_addr); + if(p->ifa_dstaddr) + print_addr("dstaddr", p->ifa_dstaddr); + if(p->ifa_netmask) + print_addr("netmask", p->ifa_netmask); + printf(" %p\n", p->ifa_data); + } +} + +int +main() +{ + struct ifaddrs *a = NULL, *b; + getifaddrs2(&a, AF_INET, SIOCGIFCONF, SIOCGIFFLAGS, sizeof(struct ifreq)); + print_ifaddrs(a); + printf("---\n"); + getifaddrs(&b); + print_ifaddrs(b); + return 0; +} +#endif diff --git a/kerberosIV/src/lib/roken/getnameinfo.c b/kerberosIV/src/lib/roken/getnameinfo.c new file mode 100644 index 00000000000..ae92c59142c --- /dev/null +++ b/kerberosIV/src/lib/roken/getnameinfo.c @@ -0,0 +1,127 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: getnameinfo.c,v 1.4 2001/07/09 15:14:19 assar Exp $"); +#endif + +#include "roken.h" + +static int +doit (int af, + const void *addr, + size_t addrlen, + int port, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags) +{ + if (host != NULL) { + if (flags & NI_NUMERICHOST) { + if (inet_ntop (af, addr, host, hostlen) == NULL) + return EAI_SYSTEM; + } else { + struct hostent *he = gethostbyaddr (addr, + addrlen, + af); + if (he != NULL) { + strlcpy (host, hostent_find_fqdn(he), hostlen); + if (flags & NI_NOFQDN) { + char *dot = strchr (host, '.'); + if (dot != NULL) + *dot = '\0'; + } + } else if (flags & NI_NAMEREQD) { + return EAI_NONAME; + } else if (inet_ntop (af, addr, host, hostlen) == NULL) + return EAI_SYSTEM; + } + } + + if (serv != NULL) { + if (flags & NI_NUMERICSERV) { + snprintf (serv, servlen, "%u", ntohs(port)); + } else { + const char *proto = "tcp"; + struct servent *se; + + if (flags & NI_DGRAM) + proto = "udp"; + + se = getservbyport (port, proto); + if (se == NULL) { + snprintf (serv, servlen, "%u", ntohs(port)); + } else { + strlcpy (serv, se->s_name, servlen); + } + } + } + return 0; +} + +/* + * + */ + +int +getnameinfo(const struct sockaddr *sa, socklen_t salen, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags) +{ + switch (sa->sa_family) { +#ifdef HAVE_IPV6 + case AF_INET6 : { + const struct sockaddr_in6 *sin6 = (const struct sockaddr_in6 *)sa; + + return doit (AF_INET6, &sin6->sin6_addr, sizeof(sin6->sin6_addr), + sin6->sin6_port, + host, hostlen, + serv, servlen, + flags); + } +#endif + case AF_INET : { + const struct sockaddr_in *sin = (const struct sockaddr_in *)sa; + + return doit (AF_INET, &sin->sin_addr, sizeof(sin->sin_addr), + sin->sin_port, + host, hostlen, + serv, servlen, + flags); + } + default : + return EAI_FAMILY; + } +} diff --git a/kerberosIV/src/lib/roken/getnameinfo_verified.c b/kerberosIV/src/lib/roken/getnameinfo_verified.c new file mode 100644 index 00000000000..a8a3751404e --- /dev/null +++ b/kerberosIV/src/lib/roken/getnameinfo_verified.c @@ -0,0 +1,83 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: getnameinfo_verified.c,v 1.5 2001/02/12 13:55:07 assar Exp $"); +#endif + +#include "roken.h" + +int +getnameinfo_verified(const struct sockaddr *sa, socklen_t salen, + char *host, size_t hostlen, + char *serv, size_t servlen, + int flags) +{ + int ret; + struct addrinfo *ai, *a; + char servbuf[NI_MAXSERV]; + struct addrinfo hints; + + if (host == NULL) + return EAI_NONAME; + + if (serv == NULL) { + serv = servbuf; + servlen = sizeof(servbuf); + } + + ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, + flags | NI_NUMERICSERV); + if (ret) + return ret; + + memset (&hints, 0, sizeof(hints)); + hints.ai_socktype = SOCK_STREAM; + ret = getaddrinfo (host, serv, &hints, &ai); + if (ret) + return ret; + for (a = ai; a != NULL; a = a->ai_next) { + if (a->ai_addrlen == salen + && memcmp (a->ai_addr, sa, salen) == 0) { + freeaddrinfo (ai); + return 0; + } + } + freeaddrinfo (ai); + if (flags & NI_NAMEREQD) + return EAI_NONAME; + ret = getnameinfo (sa, salen, host, hostlen, serv, servlen, + flags | NI_NUMERICSERV | NI_NUMERICHOST); + return ret; +} diff --git a/kerberosIV/src/lib/roken/getprogname.c b/kerberosIV/src/lib/roken/getprogname.c new file mode 100644 index 00000000000..b48dda13e26 --- /dev/null +++ b/kerberosIV/src/lib/roken/getprogname.c @@ -0,0 +1,58 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: getprogname.c,v 1.1 2001/07/09 14:56:51 assar Exp $"); +#endif + +#include "roken.h" + +#ifndef HAVE___PROGNAME +const char *__progname; +#endif + +#ifndef HAVE_GETPROGNAME +const char * +getprogname(void) +{ + return __progname; +} +#endif /* HAVE_GETPROGNAME */ + +const char * +get_progname (void) +{ + return getprogname (); +} + diff --git a/kerberosIV/src/lib/roken/glob.hin b/kerberosIV/src/lib/roken/glob.hin new file mode 100644 index 00000000000..98d8796a0b4 --- /dev/null +++ b/kerberosIV/src/lib/roken/glob.hin @@ -0,0 +1,85 @@ +/* + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * Guido van Rossum. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)glob.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _GLOB_H_ +#define _GLOB_H_ + +struct stat; +typedef struct { + int gl_pathc; /* Count of total paths so far. */ + int gl_matchc; /* Count of paths matching pattern. */ + int gl_offs; /* Reserved at beginning of gl_pathv. */ + int gl_flags; /* Copy of flags parameter to glob. */ + char **gl_pathv; /* List of paths matching pattern. */ + /* Copy of errfunc parameter to glob. */ + int (*gl_errfunc) (const char *, int); + + /* + * Alternate filesystem access methods for glob; replacement + * versions of closedir(3), readdir(3), opendir(3), stat(2) + * and lstat(2). + */ + void (*gl_closedir) (void *); + struct dirent *(*gl_readdir) (void *); + void *(*gl_opendir) (const char *); + int (*gl_lstat) (const char *, struct stat *); + int (*gl_stat) (const char *, struct stat *); +} glob_t; + +#define GLOB_APPEND 0x0001 /* Append to output from previous call. */ +#define GLOB_DOOFFS 0x0002 /* Use gl_offs. */ +#define GLOB_ERR 0x0004 /* Return on error. */ +#define GLOB_MARK 0x0008 /* Append / to matching directories. */ +#define GLOB_NOCHECK 0x0010 /* Return pattern itself if nothing matches. */ +#define GLOB_NOSORT 0x0020 /* Don't sort. */ + +#define GLOB_ALTDIRFUNC 0x0040 /* Use alternately specified directory funcs. */ +#define GLOB_BRACE 0x0080 /* Expand braces ala csh. */ +#define GLOB_MAGCHAR 0x0100 /* Pattern had globbing characters. */ +#define GLOB_NOMAGIC 0x0200 /* GLOB_NOCHECK without magic chars (csh). */ +#define GLOB_QUOTE 0x0400 /* Quote special chars with \. */ +#define GLOB_TILDE 0x0800 /* Expand tilde names from the passwd file. */ +#define GLOB_LIMIT 0x1000 /* Limit memory used by matches to ARG_MAX */ + +#define GLOB_NOSPACE (-1) /* Malloc call failed. */ +#define GLOB_ABEND (-2) /* Unignored error. */ + +int glob (const char *, int, int (*)(const char *, int), glob_t *); +void globfree (glob_t *); + +#endif /* !_GLOB_H_ */ diff --git a/kerberosIV/src/lib/roken/h_errno.c b/kerberosIV/src/lib/roken/h_errno.c new file mode 100644 index 00000000000..eb89cb339b6 --- /dev/null +++ b/kerberosIV/src/lib/roken/h_errno.c @@ -0,0 +1,41 @@ +/* + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: h_errno.c,v 1.1 2001/08/08 03:47:23 assar Exp $"); +#endif + +#ifndef HAVE_H_ERRNO +int h_errno = -17; /* Some magic number */ +#endif diff --git a/kerberosIV/src/lib/roken/hostent_find_fqdn.c b/kerberosIV/src/lib/roken/hostent_find_fqdn.c new file mode 100644 index 00000000000..d945b2f37ea --- /dev/null +++ b/kerberosIV/src/lib/roken/hostent_find_fqdn.c @@ -0,0 +1,59 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: hostent_find_fqdn.c,v 1.2 2001/07/10 11:58:23 assar Exp $"); +#endif + +#include "roken.h" + +/* + * Try to find a fqdn (with `.') in he if possible, else return h_name + */ + +const char * +hostent_find_fqdn (const struct hostent *he) +{ + const char *ret = he->h_name; + const char **h; + + if (strchr (ret, '.') == NULL) + for (h = (const char **)he->h_aliases; *h != NULL; ++h) { + if (strchr (*h, '.') != NULL) { + ret = *h; + break; + } + } + return ret; +} diff --git a/kerberosIV/src/lib/roken/ifaddrs.hin b/kerberosIV/src/lib/roken/ifaddrs.hin new file mode 100644 index 00000000000..66a230973ff --- /dev/null +++ b/kerberosIV/src/lib/roken/ifaddrs.hin @@ -0,0 +1,64 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $KTH: ifaddrs.hin,v 1.3 2000/12/11 00:01:13 assar Exp $ */ + +#ifndef __ifaddrs_h__ +#define __ifaddrs_h__ + +/* + * the interface is defined in terms of the fields below, and this is + * sometimes #define'd, so there seems to be no simple way of solving + * this and this seemed the best. */ + +#undef ifa_dstaddr + +struct ifaddrs { + struct ifaddrs *ifa_next; + char *ifa_name; + unsigned int ifa_flags; + struct sockaddr *ifa_addr; + struct sockaddr *ifa_netmask; + struct sockaddr *ifa_dstaddr; + void *ifa_data; +}; + +#ifndef ifa_broadaddr +#define ifa_broadaddr ifa_dstaddr +#endif + +int getifaddrs(struct ifaddrs**); + +void freeifaddrs(struct ifaddrs*); + +#endif /* __ifaddrs_h__ */ diff --git a/kerberosIV/src/lib/roken/install-sh b/kerberosIV/src/lib/roken/install-sh new file mode 100644 index 00000000000..e9de23842dc --- /dev/null +++ b/kerberosIV/src/lib/roken/install-sh @@ -0,0 +1,251 @@ +#!/bin/sh +# +# install - install a program, script, or datafile +# This comes from X11R5 (mit/util/scripts/install.sh). +# +# Copyright 1991 by the Massachusetts Institute of Technology +# +# Permission to use, copy, modify, distribute, and sell this software and its +# documentation for any purpose is hereby granted without fee, provided that +# the above copyright notice appear in all copies and that both that +# copyright notice and this permission notice appear in supporting +# documentation, and that the name of M.I.T. not be used in advertising or +# publicity pertaining to distribution of the software without specific, +# written prior permission. M.I.T. makes no representations about the +# suitability of this software for any purpose. It is provided "as is" +# without express or implied warranty. +# +# Calling this script install-sh is preferred over install.sh, to prevent +# `make' implicit rules from creating a file called install from it +# when there is no Makefile. +# +# This script is compatible with the BSD install script, but was written +# from scratch. It can only install one file at a time, a restriction +# shared with many OS's install programs. + + +# set DOITPROG to echo to test this script + +# Don't use :- since 4.3BSD and earlier shells don't like it. +doit="${DOITPROG-}" + + +# put in absolute paths if you don't have them in your path; or use env. vars. + +mvprog="${MVPROG-mv}" +cpprog="${CPPROG-cp}" +chmodprog="${CHMODPROG-chmod}" +chownprog="${CHOWNPROG-chown}" +chgrpprog="${CHGRPPROG-chgrp}" +stripprog="${STRIPPROG-strip}" +rmprog="${RMPROG-rm}" +mkdirprog="${MKDIRPROG-mkdir}" + +transformbasename="" +transform_arg="" +instcmd="$mvprog" +chmodcmd="$chmodprog 0755" +chowncmd="" +chgrpcmd="" +stripcmd="" +rmcmd="$rmprog -f" +mvcmd="$mvprog" +src="" +dst="" +dir_arg="" + +while [ x"$1" != x ]; do + case $1 in + -c) instcmd="$cpprog" + shift + continue;; + + -d) dir_arg=true + shift + continue;; + + -m) chmodcmd="$chmodprog $2" + shift + shift + continue;; + + -o) chowncmd="$chownprog $2" + shift + shift + continue;; + + -g) chgrpcmd="$chgrpprog $2" + shift + shift + continue;; + + -s) stripcmd="$stripprog" + shift + continue;; + + -t=*) transformarg=`echo $1 | sed 's/-t=//'` + shift + continue;; + + -b=*) transformbasename=`echo $1 | sed 's/-b=//'` + shift + continue;; + + *) if [ x"$src" = x ] + then + src=$1 + else + # this colon is to work around a 386BSD /bin/sh bug + : + dst=$1 + fi + shift + continue;; + esac +done + +if [ x"$src" = x ] +then + echo "install: no input file specified" + exit 1 +else + true +fi + +if [ x"$dir_arg" != x ]; then + dst=$src + src="" + + if [ -d $dst ]; then + instcmd=: + chmodcmd="" + else + instcmd=mkdir + fi +else + +# Waiting for this to be detected by the "$instcmd $src $dsttmp" command +# might cause directories to be created, which would be especially bad +# if $src (and thus $dsttmp) contains '*'. + + if [ -f $src -o -d $src ] + then + true + else + echo "install: $src does not exist" + exit 1 + fi + + if [ x"$dst" = x ] + then + echo "install: no destination specified" + exit 1 + else + true + fi + +# If destination is a directory, append the input filename; if your system +# does not like double slashes in filenames, you may need to add some logic + + if [ -d $dst ] + then + dst="$dst"/`basename $src` + else + true + fi +fi + +## this sed command emulates the dirname command +dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'` + +# Make sure that the destination directory exists. +# this part is taken from Noah Friedman's mkinstalldirs script + +# Skip lots of stat calls in the usual case. +if [ ! -d "$dstdir" ]; then +defaultIFS=' +' +IFS="${IFS-${defaultIFS}}" + +oIFS="${IFS}" +# Some sh's can't handle IFS=/ for some reason. +IFS='%' +set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'` +IFS="${oIFS}" + +pathcomp='' + +while [ $# -ne 0 ] ; do + pathcomp="${pathcomp}${1}" + shift + + if [ ! -d "${pathcomp}" ] ; + then + $mkdirprog "${pathcomp}" + else + true + fi + + pathcomp="${pathcomp}/" +done +fi + +if [ x"$dir_arg" != x ] +then + $doit $instcmd $dst && + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi +else + +# If we're going to rename the final executable, determine the name now. + + if [ x"$transformarg" = x ] + then + dstfile=`basename $dst` + else + dstfile=`basename $dst $transformbasename | + sed $transformarg`$transformbasename + fi + +# don't allow the sed command to completely eliminate the filename + + if [ x"$dstfile" = x ] + then + dstfile=`basename $dst` + else + true + fi + +# Make a temp file name in the proper directory. + + dsttmp=$dstdir/#inst.$$# + +# Move or copy the file name to the temp name + + $doit $instcmd $src $dsttmp && + + trap "rm -f ${dsttmp}" 0 && + +# and set any options; do chmod last to preserve setuid bits + +# If any of these fail, we abort the whole thing. If we want to +# ignore errors from any of these, just make sure not to ignore +# errors from the above "$doit $instcmd $src $dsttmp" command. + + if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi && + if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi && + if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi && + if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi && + +# Now rename the file to the real destination. + + $doit $rmcmd -f $dstdir/$dstfile && + $doit $mvcmd $dsttmp $dstdir/$dstfile + +fi && + + +exit 0 diff --git a/kerberosIV/src/lib/roken/missing b/kerberosIV/src/lib/roken/missing new file mode 100644 index 00000000000..7789652e877 --- /dev/null +++ b/kerberosIV/src/lib/roken/missing @@ -0,0 +1,190 @@ +#! /bin/sh +# Common stub for a few missing GNU programs while installing. +# Copyright (C) 1996, 1997 Free Software Foundation, Inc. +# Franc,ois Pinard <pinard@iro.umontreal.ca>, 1996. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +# 02111-1307, USA. + +if test $# -eq 0; then + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 +fi + +case "$1" in + + -h|--h|--he|--hel|--help) + echo "\ +$0 [OPTION]... PROGRAM [ARGUMENT]... + +Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an +error status if there is no known handling for PROGRAM. + +Options: + -h, --help display this help and exit + -v, --version output version information and exit + +Supported PROGRAM values: + aclocal touch file \`aclocal.m4' + autoconf touch file \`configure' + autoheader touch file \`config.h.in' + automake touch all \`Makefile.in' files + bison create \`y.tab.[ch]', if possible, from existing .[ch] + flex create \`lex.yy.c', if possible, from existing .c + lex create \`lex.yy.c', if possible, from existing .c + makeinfo touch the output file + yacc create \`y.tab.[ch]', if possible, from existing .[ch]" + ;; + + -v|--v|--ve|--ver|--vers|--versi|--versio|--version) + echo "missing - GNU libit 0.0" + ;; + + -*) + echo 1>&2 "$0: Unknown \`$1' option" + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 + ;; + + aclocal) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`acinclude.m4' or \`configure.in'. You might want + to install the \`Automake' and \`Perl' packages. Grab them from + any GNU archive site." + touch aclocal.m4 + ;; + + autoconf) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`configure.in'. You might want to install the + \`Autoconf' and \`GNU m4' packages. Grab them from any GNU + archive site." + touch configure + ;; + + autoheader) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`acconfig.h' or \`configure.in'. You might want + to install the \`Autoconf' and \`GNU m4' packages. Grab them + from any GNU archive site." + files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' configure.in` + test -z "$files" && files="config.h" + touch_files= + for f in $files; do + case "$f" in + *:*) touch_files="$touch_files "`echo "$f" | + sed -e 's/^[^:]*://' -e 's/:.*//'`;; + *) touch_files="$touch_files $f.in";; + esac + done + touch $touch_files + ;; + + automake) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`Makefile.am', \`acinclude.m4' or \`configure.in'. + You might want to install the \`Automake' and \`Perl' packages. + Grab them from any GNU archive site." + find . -type f -name Makefile.am -print | + sed 's/\.am$/.in/' | + while read f; do touch "$f"; done + ;; + + bison|yacc) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.y' file. You may need the \`Bison' package + in order for those modifications to take effect. You can get + \`Bison' from any GNU archive site." + rm -f y.tab.c y.tab.h + if [ $# -ne 1 ]; then + eval LASTARG="\${$#}" + case "$LASTARG" in + *.y) + SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" y.tab.c + fi + SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" y.tab.h + fi + ;; + esac + fi + if [ ! -f y.tab.h ]; then + echo >y.tab.h + fi + if [ ! -f y.tab.c ]; then + echo 'main() { return 0; }' >y.tab.c + fi + ;; + + lex|flex) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.l' file. You may need the \`Flex' package + in order for those modifications to take effect. You can get + \`Flex' from any GNU archive site." + rm -f lex.yy.c + if [ $# -ne 1 ]; then + eval LASTARG="\${$#}" + case "$LASTARG" in + *.l) + SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" lex.yy.c + fi + ;; + esac + fi + if [ ! -f lex.yy.c ]; then + echo 'main() { return 0; }' >lex.yy.c + fi + ;; + + makeinfo) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.texi' or \`.texinfo' file, or any other file + indirectly affecting the aspect of the manual. The spurious + call might also be the consequence of using a buggy \`make' (AIX, + DU, IRIX). You might want to install the \`Texinfo' package or + the \`GNU make' package. Grab either from any GNU archive site." + file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'` + if test -z "$file"; then + file=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` + file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $file` + fi + touch $file + ;; + + *) + echo 1>&2 "\ +WARNING: \`$1' is needed, and you do not seem to have it handy on your + system. You might have modified some files without having the + proper tools for further handling them. Check the \`README' file, + it often tells you about the needed prerequirements for installing + this package. You may also peek at any GNU archive site, in case + some other package would contain this missing \`$1' program." + exit 1 + ;; +esac + +exit 0 diff --git a/kerberosIV/src/lib/roken/mkinstalldirs b/kerberosIV/src/lib/roken/mkinstalldirs new file mode 100644 index 00000000000..331bee4cffb --- /dev/null +++ b/kerberosIV/src/lib/roken/mkinstalldirs @@ -0,0 +1,40 @@ +#! /bin/sh +# mkinstalldirs --- make directory hierarchy +# Author: Noah Friedman <friedman@prep.ai.mit.edu> +# Created: 1993-05-16 +# Public domain + +# $Id: mkinstalldirs,v 1.1 2002/06/08 21:07:44 hin Exp $ + +errstatus=0 + +for file +do + set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'` + shift + + pathcomp= + for d + do + pathcomp="$pathcomp$d" + case "$pathcomp" in + -* ) pathcomp=./$pathcomp ;; + esac + + if test ! -d "$pathcomp"; then + echo "mkdir $pathcomp" + + mkdir "$pathcomp" || lasterr=$? + + if test ! -d "$pathcomp"; then + errstatus=$lasterr + fi + fi + + pathcomp="$pathcomp/" + done +done + +exit $errstatus + +# mkinstalldirs ends here diff --git a/kerberosIV/src/lib/roken/rtbl.c b/kerberosIV/src/lib/roken/rtbl.c new file mode 100644 index 00000000000..091e36bdcae --- /dev/null +++ b/kerberosIV/src/lib/roken/rtbl.c @@ -0,0 +1,278 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID ("$KTH: rtbl.c,v 1.3 2000/07/20 14:42:31 assar Exp $"); +#endif +#include "roken.h" +#include "rtbl.h" + +struct column_entry { + char *data; +}; + +struct column_data { + char *header; + char *prefix; + int width; + unsigned flags; + size_t num_rows; + struct column_entry *rows; +}; + +struct rtbl_data { + char *column_prefix; + size_t num_columns; + struct column_data **columns; +}; + +rtbl_t +rtbl_create (void) +{ + return calloc (1, sizeof (struct rtbl_data)); +} + +static struct column_data * +rtbl_get_column (rtbl_t table, const char *column) +{ + int i; + for(i = 0; i < table->num_columns; i++) + if(strcmp(table->columns[i]->header, column) == 0) + return table->columns[i]; + return NULL; +} + +void +rtbl_destroy (rtbl_t table) +{ + int i, j; + + for (i = 0; i < table->num_columns; i++) { + struct column_data *c = table->columns[i]; + + for (j = 0; j < c->num_rows; j++) + free (c->rows[j].data); + free (c->header); + free (c->prefix); + free (c); + } + free (table->column_prefix); + free (table->columns); +} + +int +rtbl_add_column (rtbl_t table, const char *header, unsigned int flags) +{ + struct column_data *col, **tmp; + + tmp = realloc (table->columns, (table->num_columns + 1) * sizeof (*tmp)); + if (tmp == NULL) + return ENOMEM; + table->columns = tmp; + col = malloc (sizeof (*col)); + if (col == NULL) + return ENOMEM; + col->header = strdup (header); + if (col->header == NULL) { + free (col); + return ENOMEM; + } + col->prefix = NULL; + col->width = 0; + col->flags = flags; + col->num_rows = 0; + col->rows = NULL; + table->columns[table->num_columns++] = col; + return 0; +} + +static void +column_compute_width (struct column_data *column) +{ + int i; + + column->width = strlen (column->header); + for (i = 0; i < column->num_rows; i++) + column->width = max (column->width, strlen (column->rows[i].data)); +} + +int +rtbl_set_prefix (rtbl_t table, const char *prefix) +{ + if (table->column_prefix) + free (table->column_prefix); + table->column_prefix = strdup (prefix); + if (table->column_prefix == NULL) + return ENOMEM; + return 0; +} + +int +rtbl_set_column_prefix (rtbl_t table, const char *column, + const char *prefix) +{ + struct column_data *c = rtbl_get_column (table, column); + + if (c == NULL) + return -1; + if (c->prefix) + free (c->prefix); + c->prefix = strdup (prefix); + if (c->prefix == NULL) + return ENOMEM; + return 0; +} + + +static const char * +get_column_prefix (rtbl_t table, struct column_data *c) +{ + if (c == NULL) + return ""; + if (c->prefix) + return c->prefix; + if (table->column_prefix) + return table->column_prefix; + return ""; +} + +int +rtbl_add_column_entry (rtbl_t table, const char *column, const char *data) +{ + struct column_entry row, *tmp; + + struct column_data *c = rtbl_get_column (table, column); + + if (c == NULL) + return -1; + + row.data = strdup (data); + if (row.data == NULL) + return ENOMEM; + tmp = realloc (c->rows, (c->num_rows + 1) * sizeof (*tmp)); + if (tmp == NULL) { + free (row.data); + return ENOMEM; + } + c->rows = tmp; + c->rows[c->num_rows++] = row; + return 0; +} + +int +rtbl_format (rtbl_t table, FILE * f) +{ + int i, j; + + for (i = 0; i < table->num_columns; i++) + column_compute_width (table->columns[i]); + for (i = 0; i < table->num_columns; i++) { + struct column_data *c = table->columns[i]; + + fprintf (f, "%s", get_column_prefix (table, c)); + fprintf (f, "%-*s", (int)c->width, c->header); + } + fprintf (f, "\n"); + + for (j = 0;; j++) { + int flag = 0; + + for (i = 0; flag == 0 && i < table->num_columns; ++i) { + struct column_data *c = table->columns[i]; + + if (c->num_rows > j) { + ++flag; + break; + } + } + if (flag == 0) + break; + + for (i = 0; i < table->num_columns; i++) { + int w; + struct column_data *c = table->columns[i]; + + w = c->width; + + if ((c->flags & RTBL_ALIGN_RIGHT) == 0) + w = -w; + fprintf (f, "%s", get_column_prefix (table, c)); + if (c->num_rows <= j) + fprintf (f, "%*s", w, ""); + else + fprintf (f, "%*s", w, c->rows[j].data); + } + fprintf (f, "\n"); + } + return 0; +} + +#ifdef TEST +int +main (int argc, char **argv) +{ + rtbl_t table; + unsigned int a, b, c, d; + + table = rtbl_create (); + rtbl_add_column (table, "Issued", 0, &a); + rtbl_add_column (table, "Expires", 0, &b); + rtbl_add_column (table, "Foo", RTBL_ALIGN_RIGHT, &d); + rtbl_add_column (table, "Principal", 0, &c); + + rtbl_add_column_entry (table, a, "Jul 7 21:19:29"); + rtbl_add_column_entry (table, b, "Jul 8 07:19:29"); + rtbl_add_column_entry (table, d, "73"); + rtbl_add_column_entry (table, d, "0"); + rtbl_add_column_entry (table, d, "-2000"); + rtbl_add_column_entry (table, c, "krbtgt/NADA.KTH.SE@NADA.KTH.SE"); + + rtbl_add_column_entry (table, a, "Jul 7 21:19:29"); + rtbl_add_column_entry (table, b, "Jul 8 07:19:29"); + rtbl_add_column_entry (table, c, "afs/pdc.kth.se@NADA.KTH.SE"); + + rtbl_add_column_entry (table, a, "Jul 7 21:19:29"); + rtbl_add_column_entry (table, b, "Jul 8 07:19:29"); + rtbl_add_column_entry (table, c, "afs@NADA.KTH.SE"); + + rtbl_set_prefix (table, " "); + rtbl_set_column_prefix (table, a, ""); + + rtbl_format (table, stdout); + + rtbl_destroy (table); + +} + +#endif diff --git a/kerberosIV/src/lib/roken/rtbl.h b/kerberosIV/src/lib/roken/rtbl.h new file mode 100644 index 00000000000..16496a7fd20 --- /dev/null +++ b/kerberosIV/src/lib/roken/rtbl.h @@ -0,0 +1,57 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef __rtbl_h__ +#define __rtbl_h__ + +struct rtbl_data; +typedef struct rtbl_data *rtbl_t; + +#define RTBL_ALIGN_LEFT 0 +#define RTBL_ALIGN_RIGHT 1 + +rtbl_t rtbl_create (void); + +void rtbl_destroy (rtbl_t); + +int rtbl_set_prefix (rtbl_t, const char*); + +int rtbl_set_column_prefix (rtbl_t, const char*, const char*); + +int rtbl_add_column (rtbl_t, const char*, unsigned int); + +int rtbl_add_column_entry (rtbl_t, const char*, const char*); + +int rtbl_format (rtbl_t, FILE*); + +#endif /* __rtbl_h__ */ diff --git a/kerberosIV/src/lib/roken/setprogname.c b/kerberosIV/src/lib/roken/setprogname.c new file mode 100644 index 00000000000..19b70fbed9e --- /dev/null +++ b/kerberosIV/src/lib/roken/setprogname.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 1995 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: setprogname.c,v 1.1 2001/07/09 14:56:51 assar Exp $"); +#endif + +#include "roken.h" + +#ifndef HAVE___PROGNAME +extern const char *__progname; +#endif + +#ifndef HAVE_SETPROGNAME +void +setprogname(const char *argv0) +{ +#ifndef HAVE___PROGNAME + char *p; + if(argv0 == NULL) + return; + p = strrchr(argv0, '/'); + if(p == NULL) + p = (char *)argv0; + else + p++; + __progname = p; +#endif +} +#endif /* HAVE_SETPROGNAME */ + +void +set_progname(char *argv0) +{ + setprogname ((const char *)argv0); +} diff --git a/kerberosIV/src/lib/roken/snprintf-test.c b/kerberosIV/src/lib/roken/snprintf-test.c new file mode 100644 index 00000000000..92fdf204357 --- /dev/null +++ b/kerberosIV/src/lib/roken/snprintf-test.c @@ -0,0 +1,238 @@ +/* + * Copyright (c) 2000 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include "roken.h" +#include <limits.h> + +#include "snprintf-test.h" + +RCSID("$KTH: snprintf-test.c,v 1.5 2001/09/13 01:01:16 assar Exp $"); + +static int +try (const char *format, ...) +{ + int ret; + va_list ap; + char buf1[256], buf2[256]; + + va_start (ap, format); + ret = vsnprintf (buf1, sizeof(buf1), format, ap); + if (ret >= sizeof(buf1)) + errx (1, "increase buf and try again"); + vsprintf (buf2, format, ap); + ret = strcmp (buf1, buf2); + if (ret) + printf ("failed: format = \"%s\", \"%s\" != \"%s\"\n", + format, buf1, buf2); + va_end (ap); + return ret; +} + +static int +cmp_with_sprintf_int (void) +{ + int tot = 0; + int int_values[] = {INT_MIN, -17, -1, 0, 1, 17, 4711, 65535, INT_MAX}; + int i; + + for (i = 0; i < sizeof(int_values) / sizeof(int_values[0]); ++i) { + tot += try ("%d", int_values[i]); + tot += try ("%x", int_values[i]); + tot += try ("%X", int_values[i]); + tot += try ("%o", int_values[i]); + tot += try ("%#x", int_values[i]); + tot += try ("%#X", int_values[i]); + tot += try ("%#o", int_values[i]); + tot += try ("%10d", int_values[i]); + tot += try ("%10x", int_values[i]); + tot += try ("%10X", int_values[i]); + tot += try ("%10o", int_values[i]); + tot += try ("%#10x", int_values[i]); + tot += try ("%#10X", int_values[i]); + tot += try ("%#10o", int_values[i]); + tot += try ("%-10d", int_values[i]); + tot += try ("%-10x", int_values[i]); + tot += try ("%-10X", int_values[i]); + tot += try ("%-10o", int_values[i]); + tot += try ("%-#10x", int_values[i]); + tot += try ("%-#10X", int_values[i]); + tot += try ("%-#10o", int_values[i]); + } + return tot; +} + +static int +cmp_with_sprintf_long (void) +{ + int tot = 0; + long long_values[] = {LONG_MIN, -17, -1, 0, 1, 17, 4711, 65535, LONG_MAX}; + int i; + + for (i = 0; i < sizeof(long_values) / sizeof(long_values[0]); ++i) { + tot += try ("%ld", long_values[i]); + tot += try ("%lx", long_values[i]); + tot += try ("%lX", long_values[i]); + tot += try ("%lo", long_values[i]); + tot += try ("%#lx", long_values[i]); + tot += try ("%#lX", long_values[i]); + tot += try ("%#lo", long_values[i]); + tot += try ("%10ld", long_values[i]); + tot += try ("%10lx", long_values[i]); + tot += try ("%10lX", long_values[i]); + tot += try ("%10lo", long_values[i]); + tot += try ("%#10lx", long_values[i]); + tot += try ("%#10lX", long_values[i]); + tot += try ("%#10lo", long_values[i]); + tot += try ("%-10ld", long_values[i]); + tot += try ("%-10lx", long_values[i]); + tot += try ("%-10lX", long_values[i]); + tot += try ("%-10lo", long_values[i]); + tot += try ("%-#10lx", long_values[i]); + tot += try ("%-#10lX", long_values[i]); + tot += try ("%-#10lo", long_values[i]); + } + return tot; +} + +#ifdef HAVE_LONG_LONG + +static int +cmp_with_sprintf_long_long (void) +{ + int tot = 0; + long long long_long_values[] = { + ((long long)LONG_MIN) -1, LONG_MIN, -17, -1, + 0, + 1, 17, 4711, 65535, LONG_MAX, ((long long)LONG_MAX) + 1}; + int i; + + for (i = 0; i < sizeof(long_long_values) / sizeof(long_long_values[0]); ++i) { + tot += try ("%lld", long_long_values[i]); + tot += try ("%llx", long_long_values[i]); + tot += try ("%llX", long_long_values[i]); + tot += try ("%llo", long_long_values[i]); + tot += try ("%#llx", long_long_values[i]); + tot += try ("%#llX", long_long_values[i]); + tot += try ("%#llo", long_long_values[i]); + tot += try ("%10lld", long_long_values[i]); + tot += try ("%10llx", long_long_values[i]); + tot += try ("%10llX", long_long_values[i]); + tot += try ("%10llo", long_long_values[i]); + tot += try ("%#10llx", long_long_values[i]); + tot += try ("%#10llX", long_long_values[i]); + tot += try ("%#10llo", long_long_values[i]); + tot += try ("%-10lld", long_long_values[i]); + tot += try ("%-10llx", long_long_values[i]); + tot += try ("%-10llX", long_long_values[i]); + tot += try ("%-10llo", long_long_values[i]); + tot += try ("%-#10llx", long_long_values[i]); + tot += try ("%-#10llX", long_long_values[i]); + tot += try ("%-#10llo", long_long_values[i]); + } + return tot; +} + +#endif + +#if 0 +static int +cmp_with_sprintf_float (void) +{ + int tot = 0; + double double_values[] = {-99999, -999, -17.4, -4.3, -3.0, -1.5, -1, + 0, 0.1, 0.2342374852, 0.2340007, + 3.1415926, 14.7845, 34.24758, 9999, 9999999}; + int i; + + for (i = 0; i < sizeof(double_values) / sizeof(double_values[0]); ++i) { + tot += try ("%f", double_values[i]); + tot += try ("%10f", double_values[i]); + tot += try ("%.2f", double_values[i]); + tot += try ("%7.0f", double_values[i]); + tot += try ("%5.2f", double_values[i]); + tot += try ("%0f", double_values[i]); + tot += try ("%#f", double_values[i]); + tot += try ("%e", double_values[i]); + tot += try ("%10e", double_values[i]); + tot += try ("%.2e", double_values[i]); + tot += try ("%7.0e", double_values[i]); + tot += try ("%5.2e", double_values[i]); + tot += try ("%0e", double_values[i]); + tot += try ("%#e", double_values[i]); + tot += try ("%E", double_values[i]); + tot += try ("%10E", double_values[i]); + tot += try ("%.2E", double_values[i]); + tot += try ("%7.0E", double_values[i]); + tot += try ("%5.2E", double_values[i]); + tot += try ("%0E", double_values[i]); + tot += try ("%#E", double_values[i]); + tot += try ("%g", double_values[i]); + tot += try ("%10g", double_values[i]); + tot += try ("%.2g", double_values[i]); + tot += try ("%7.0g", double_values[i]); + tot += try ("%5.2g", double_values[i]); + tot += try ("%0g", double_values[i]); + tot += try ("%#g", double_values[i]); + tot += try ("%G", double_values[i]); + tot += try ("%10G", double_values[i]); + tot += try ("%.2G", double_values[i]); + tot += try ("%7.0G", double_values[i]); + tot += try ("%5.2G", double_values[i]); + tot += try ("%0G", double_values[i]); + tot += try ("%#G", double_values[i]); + } + return tot; +} +#endif + +static int +test_null (void) +{ + return snprintf (NULL, 0, "foo") != 3; +} + +int +main (int argc, char **argv) +{ + int ret = 0; + + ret += cmp_with_sprintf_int (); + ret += cmp_with_sprintf_long (); +#ifdef HAVE_LONG_LONG + ret += cmp_with_sprintf_long_long (); +#endif + ret += test_null (); + return ret; +} diff --git a/kerberosIV/src/lib/roken/snprintf-test.h b/kerberosIV/src/lib/roken/snprintf-test.h new file mode 100644 index 00000000000..fa75691cc22 --- /dev/null +++ b/kerberosIV/src/lib/roken/snprintf-test.h @@ -0,0 +1,52 @@ +/* + * Copyright (c) 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* $KTH: snprintf-test.h,v 1.2 2001/07/19 18:39:14 assar Exp $ */ + +#ifndef __SNPRINTF_TEST_H__ +#define __SNPRINTF_TEST_H__ + +/* + * we cannot use the real names of the functions when testing, since + * they might have different prototypes as the system functions, hence + * these evil hacks + */ + +#define snprintf test_snprintf +#define asprintf test_asprintf +#define asnprintf test_asnprintf +#define vasprintf test_vasprintf +#define vasnprintf test_vasnprintf +#define vsnprintf test_vsnprintf + +#endif /* __SNPRINTF_TEST_H__ */ diff --git a/kerberosIV/src/lib/roken/strsep_copy.c b/kerberosIV/src/lib/roken/strsep_copy.c new file mode 100644 index 00000000000..31ebb245ba9 --- /dev/null +++ b/kerberosIV/src/lib/roken/strsep_copy.c @@ -0,0 +1,67 @@ +/* + * Copyright (c) 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: strsep_copy.c,v 1.3 2000/06/29 03:13:36 assar Exp $"); +#endif + +#include <string.h> + +#include "roken.h" + +#ifndef HAVE_STRSEP_COPY + +/* strsep, but with const stringp, so return string in buf */ + +ssize_t +strsep_copy(const char **stringp, const char *delim, char *buf, size_t len) +{ + const char *save = *stringp; + size_t l; + if(save == NULL) + return -1; + *stringp = *stringp + strcspn(*stringp, delim); + l = min(len, *stringp - save); + memcpy(buf, save, l); + buf[l] = '\0'; + + l = *stringp - save; + if(**stringp == '\0') + *stringp = NULL; + else + (*stringp)++; + return l; +} + +#endif diff --git a/kerberosIV/src/lib/roken/timeval.c b/kerberosIV/src/lib/roken/timeval.c new file mode 100644 index 00000000000..29f5afedf48 --- /dev/null +++ b/kerberosIV/src/lib/roken/timeval.c @@ -0,0 +1,84 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* + * Timeval stuff + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: timeval.c,v 1.1 2000/03/03 09:02:42 assar Exp $"); +#endif + +#include "roken.h" + +/* + * Make `t1' consistent. + */ + +void +timevalfix(struct timeval *t1) +{ + if (t1->tv_usec < 0) { + t1->tv_sec--; + t1->tv_usec += 1000000; + } + if (t1->tv_usec >= 1000000) { + t1->tv_sec++; + t1->tv_usec -= 1000000; + } +} + +/* + * t1 += t2 + */ + +void +timevaladd(struct timeval *t1, const struct timeval *t2) +{ + t1->tv_sec += t2->tv_sec; + t1->tv_usec += t2->tv_usec; + timevalfix(t1); +} + +/* + * t1 -= t2 + */ + +void +timevalsub(struct timeval *t1, const struct timeval *t2) +{ + t1->tv_sec -= t2->tv_sec; + t1->tv_usec -= t2->tv_usec; + timevalfix(t1); +} diff --git a/kerberosIV/src/lib/roken/unvis.c b/kerberosIV/src/lib/roken/unvis.c new file mode 100644 index 00000000000..a7dc0de5261 --- /dev/null +++ b/kerberosIV/src/lib/roken/unvis.c @@ -0,0 +1,288 @@ +/* $NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $ */ + +/*- + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#if 1 +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: unvis.c,v 1.2 2000/12/06 21:41:46 joda Exp $"); +#endif +#include <roken.h> +#ifndef _DIAGASSERT +#define _DIAGASSERT(X) +#endif +#else +#include <sys/cdefs.h> +#if defined(LIBC_SCCS) && !defined(lint) +#if 0 +static char sccsid[] = "@(#)unvis.c 8.1 (Berkeley) 6/4/93"; +#else +__RCSID("$NetBSD: unvis.c,v 1.19 2000/01/22 22:19:13 mycroft Exp $"); +#endif +#endif /* LIBC_SCCS and not lint */ + +#define __LIBC12_SOURCE__ + +#include "namespace.h" +#endif +#include <sys/types.h> + +#include <assert.h> +#include <ctype.h> +#include <stdio.h> +#include <vis.h> + +#if 0 +#ifdef __weak_alias +__weak_alias(strunvis,_strunvis) +__weak_alias(unvis,_unvis) +#endif + +__warn_references(unvis, + "warning: reference to compatibility unvis(); include <vis.h> for correct reference") +#endif + +/* + * decode driven by state machine + */ +#define S_GROUND 0 /* haven't seen escape char */ +#define S_START 1 /* start decoding special sequence */ +#define S_META 2 /* metachar started (M) */ +#define S_META1 3 /* metachar more, regular char (-) */ +#define S_CTRL 4 /* control char started (^) */ +#define S_OCTAL2 5 /* octal digit 2 */ +#define S_OCTAL3 6 /* octal digit 3 */ + +#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') + +/* + * unvis - decode characters previously encoded by vis + */ +#ifndef HAVE_UNVIS +int +unvis(char *cp, int c, int *astate, int flag) +{ + + _DIAGASSERT(cp != NULL); + _DIAGASSERT(astate != NULL); + + if (flag & UNVIS_END) { + if (*astate == S_OCTAL2 || *astate == S_OCTAL3) { + *astate = S_GROUND; + return (UNVIS_VALID); + } + return (*astate == S_GROUND ? UNVIS_NOCHAR : UNVIS_SYNBAD); + } + + switch (*astate) { + + case S_GROUND: + *cp = 0; + if (c == '\\') { + *astate = S_START; + return (0); + } + *cp = c; + return (UNVIS_VALID); + + case S_START: + switch(c) { + case '\\': + *cp = c; + *astate = S_GROUND; + return (UNVIS_VALID); + case '0': case '1': case '2': case '3': + case '4': case '5': case '6': case '7': + *cp = (c - '0'); + *astate = S_OCTAL2; + return (0); + case 'M': + *cp = (char)0200; + *astate = S_META; + return (0); + case '^': + *astate = S_CTRL; + return (0); + case 'n': + *cp = '\n'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'r': + *cp = '\r'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'b': + *cp = '\b'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'a': + *cp = '\007'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'v': + *cp = '\v'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 't': + *cp = '\t'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'f': + *cp = '\f'; + *astate = S_GROUND; + return (UNVIS_VALID); + case 's': + *cp = ' '; + *astate = S_GROUND; + return (UNVIS_VALID); + case 'E': + *cp = '\033'; + *astate = S_GROUND; + return (UNVIS_VALID); + case '\n': + /* + * hidden newline + */ + *astate = S_GROUND; + return (UNVIS_NOCHAR); + case '$': + /* + * hidden marker + */ + *astate = S_GROUND; + return (UNVIS_NOCHAR); + } + *astate = S_GROUND; + return (UNVIS_SYNBAD); + + case S_META: + if (c == '-') + *astate = S_META1; + else if (c == '^') + *astate = S_CTRL; + else { + *astate = S_GROUND; + return (UNVIS_SYNBAD); + } + return (0); + + case S_META1: + *astate = S_GROUND; + *cp |= c; + return (UNVIS_VALID); + + case S_CTRL: + if (c == '?') + *cp |= 0177; + else + *cp |= c & 037; + *astate = S_GROUND; + return (UNVIS_VALID); + + case S_OCTAL2: /* second possible octal digit */ + if (isoctal(c)) { + /* + * yes - and maybe a third + */ + *cp = (*cp << 3) + (c - '0'); + *astate = S_OCTAL3; + return (0); + } + /* + * no - done with current sequence, push back passed char + */ + *astate = S_GROUND; + return (UNVIS_VALIDPUSH); + + case S_OCTAL3: /* third possible octal digit */ + *astate = S_GROUND; + if (isoctal(c)) { + *cp = (*cp << 3) + (c - '0'); + return (UNVIS_VALID); + } + /* + * we were done, push back passed char + */ + return (UNVIS_VALIDPUSH); + + default: + /* + * decoder in unknown state - (probably uninitialized) + */ + *astate = S_GROUND; + return (UNVIS_SYNBAD); + } +} +#endif + +/* + * strunvis - decode src into dst + * + * Number of chars decoded into dst is returned, -1 on error. + * Dst is null terminated. + */ + +#ifndef HAVE_STRUNVIS +int +strunvis(char *dst, const char *src) +{ + char c; + char *start = dst; + int state = 0; + + _DIAGASSERT(src != NULL); + _DIAGASSERT(dst != NULL); + + while ((c = *src++) != '\0') { + again: + switch (unvis(dst, c, &state, 0)) { + case UNVIS_VALID: + dst++; + break; + case UNVIS_VALIDPUSH: + dst++; + goto again; + case 0: + case UNVIS_NOCHAR: + break; + default: + return (-1); + } + } + if (unvis(dst, c, &state, UNVIS_END) == UNVIS_VALID) + dst++; + *dst = '\0'; + return (dst - start); +} +#endif diff --git a/kerberosIV/src/lib/roken/vis.c b/kerberosIV/src/lib/roken/vis.c new file mode 100644 index 00000000000..58b95d56e72 --- /dev/null +++ b/kerberosIV/src/lib/roken/vis.c @@ -0,0 +1,303 @@ +/* $NetBSD: vis.c,v 1.19 2000/01/22 22:42:45 mycroft Exp $ */ + +/*- + * Copyright (c) 1999 The NetBSD Foundation, Inc. + * Copyright (c) 1989, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + + +#if 1 +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: vis.c,v 1.5 2001/09/03 05:37:23 assar Exp $"); +#endif +#include <roken.h> +#ifndef _DIAGASSERT +#define _DIAGASSERT(X) +#endif +#else +#include <sys/cdefs.h> +#if !defined(lint) +__RCSID("$NetBSD: vis.c,v 1.19 2000/01/22 22:42:45 mycroft Exp $"); +#endif /* not lint */ +#endif + +#if 0 +#include "namespace.h" +#endif +#include <sys/types.h> + +#include <assert.h> +#include <ctype.h> +#include <limits.h> +#include <stdio.h> +#include <string.h> +#include <vis.h> + +#if 0 +#ifdef __weak_alias +__weak_alias(strsvis,_strsvis) +__weak_alias(strsvisx,_strsvisx) +__weak_alias(strvis,_strvis) +__weak_alias(strvisx,_strvisx) +__weak_alias(svis,_svis) +__weak_alias(vis,_vis) +#endif +#endif + +#undef BELL +#if defined(__STDC__) +#define BELL '\a' +#else +#define BELL '\007' +#endif + +#define isoctal(c) (((u_char)(c)) >= '0' && ((u_char)(c)) <= '7') +#define iswhite(c) (c == ' ' || c == '\t' || c == '\n') +#define issafe(c) (c == '\b' || c == BELL || c == '\r') + +#define MAXEXTRAS 5 + + +#define MAKEEXTRALIST(flag, extra) \ +do { \ + char *pextra = extra; \ + if (flag & VIS_SP) *pextra++ = ' '; \ + if (flag & VIS_TAB) *pextra++ = '\t'; \ + if (flag & VIS_NL) *pextra++ = '\n'; \ + if ((flag & VIS_NOSLASH) == 0) *pextra++ = '\\'; \ + *pextra = '\0'; \ +} while (/*CONSTCOND*/0) + +/* + * This is SVIS, the central macro of vis. + * dst: Pointer to the destination buffer + * c: Character to encode + * flag: Flag word + * nextc: The character following 'c' + * extra: Pointer to the list of extra characters to be + * backslash-protected. + */ +#define SVIS(dst, c, flag, nextc, extra) \ +do { \ + int isextra, isc; \ + isextra = strchr(extra, c) != NULL; \ + if (!isextra && \ + isascii((unsigned char)c) && \ + (isgraph((unsigned char)c) || iswhite(c) || \ + ((flag & VIS_SAFE) && issafe(c)))) { \ + *dst++ = c; \ + break; \ + } \ + isc = 0; \ + if (flag & VIS_CSTYLE) { \ + switch (c) { \ + case '\n': \ + isc = 1; *dst++ = '\\'; *dst++ = 'n'; \ + break; \ + case '\r': \ + isc = 1; *dst++ = '\\'; *dst++ = 'r'; \ + break; \ + case '\b': \ + isc = 1; *dst++ = '\\'; *dst++ = 'b'; \ + break; \ + case BELL: \ + isc = 1; *dst++ = '\\'; *dst++ = 'a'; \ + break; \ + case '\v': \ + isc = 1; *dst++ = '\\'; *dst++ = 'v'; \ + break; \ + case '\t': \ + isc = 1; *dst++ = '\\'; *dst++ = 't'; \ + break; \ + case '\f': \ + isc = 1; *dst++ = '\\'; *dst++ = 'f'; \ + break; \ + case ' ': \ + isc = 1; *dst++ = '\\'; *dst++ = 's'; \ + break; \ + case '\0': \ + isc = 1; *dst++ = '\\'; *dst++ = '0'; \ + if (isoctal(nextc)) { \ + *dst++ = '0'; \ + *dst++ = '0'; \ + } \ + } \ + } \ + if (isc) break; \ + if (isextra || ((c & 0177) == ' ') || (flag & VIS_OCTAL)) { \ + *dst++ = '\\'; \ + *dst++ = (u_char)(((unsigned)(u_char)c >> 6) & 03) + '0'; \ + *dst++ = (u_char)(((unsigned)(u_char)c >> 3) & 07) + '0'; \ + *dst++ = (c & 07) + '0'; \ + } else { \ + if ((flag & VIS_NOSLASH) == 0) *dst++ = '\\'; \ + if (c & 0200) { \ + c &= 0177; *dst++ = 'M'; \ + } \ + if (iscntrl((unsigned char)c)) { \ + *dst++ = '^'; \ + if (c == 0177) \ + *dst++ = '?'; \ + else \ + *dst++ = c + '@'; \ + } else { \ + *dst++ = '-'; *dst++ = c; \ + } \ + } \ +} while (/*CONSTCOND*/0) + + +/* + * svis - visually encode characters, also encoding the characters + * pointed to by `extra' + */ +#ifndef HAVE_SVIS +char * +svis(char *dst, int c, int flag, int nextc, const char *extra) +{ + _DIAGASSERT(dst != NULL); + _DIAGASSERT(extra != NULL); + + SVIS(dst, c, flag, nextc, extra); + *dst = '\0'; + return(dst); +} +#endif + + +/* + * strsvis, strsvisx - visually encode characters from src into dst + * + * Extra is a pointer to a \0-terminated list of characters to + * be encoded, too. These functions are useful e. g. to + * encode strings in such a way so that they are not interpreted + * by a shell. + * + * Dst must be 4 times the size of src to account for possible + * expansion. The length of dst, not including the trailing NULL, + * is returned. + * + * Strsvisx encodes exactly len bytes from src into dst. + * This is useful for encoding a block of data. + */ +#ifndef HAVE_STRSVIS +int +strsvis(char *dst, const char *src, int flag, const char *extra) +{ + char c; + char *start; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + _DIAGASSERT(extra != NULL); + + for (start = dst; (c = *src++) != '\0'; /* empty */) + SVIS(dst, c, flag, *src, extra); + *dst = '\0'; + return (dst - start); +} +#endif + + +#ifndef HAVE_STRVISX +int +strsvisx(char *dst, const char *src, size_t len, int flag, const char *extra) +{ + char c; + char *start; + + _DIAGASSERT(dst != NULL); + _DIAGASSERT(src != NULL); + _DIAGASSERT(extra != NULL); + + for (start = dst; len > 0; len--) { + c = *src++; + SVIS(dst, c, flag, len ? *src : '\0', extra); + } + *dst = '\0'; + return (dst - start); +} +#endif + + +/* + * vis - visually encode characters + */ +#ifndef HAVE_VIS +char * +vis(char *dst, int c, int flag, int nextc) +{ + char extra[MAXEXTRAS]; + + _DIAGASSERT(dst != NULL); + + MAKEEXTRALIST(flag, extra); + SVIS(dst, c, flag, nextc, extra); + *dst = '\0'; + return (dst); +} +#endif + + +/* + * strvis, strvisx - visually encode characters from src into dst + * + * Dst must be 4 times the size of src to account for possible + * expansion. The length of dst, not including the trailing NULL, + * is returned. + * + * Strvisx encodes exactly len bytes from src into dst. + * This is useful for encoding a block of data. + */ +#ifndef HAVE_STRVIS +int +strvis(char *dst, const char *src, int flag) +{ + char extra[MAXEXTRAS]; + + MAKEEXTRALIST(flag, extra); + return (strsvis(dst, src, flag, extra)); +} +#endif + + +#ifndef HAVE_STRVISX +int +strvisx(char *dst, const char *src, size_t len, int flag) +{ + char extra[MAXEXTRAS]; + + MAKEEXTRALIST(flag, extra); + return (strsvisx(dst, src, len, flag, extra)); +} +#endif diff --git a/kerberosIV/src/lib/roken/vis.hin b/kerberosIV/src/lib/roken/vis.hin new file mode 100644 index 00000000000..2393ad8349a --- /dev/null +++ b/kerberosIV/src/lib/roken/vis.hin @@ -0,0 +1,86 @@ +/* $NetBSD: vis.h,v 1.11 1999/11/25 16:55:50 wennmach Exp $ */ +/* $KTH: vis.hin,v 1.1 2000/12/06 21:35:47 joda Exp $ */ + +/*- + * Copyright (c) 1990, 1993 + * The Regents of the University of California. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by the University of + * California, Berkeley and its contributors. + * 4. Neither the name of the University nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * @(#)vis.h 8.1 (Berkeley) 6/2/93 + */ + +#ifndef _VIS_H_ +#define _VIS_H_ + +/* + * to select alternate encoding format + */ +#define VIS_OCTAL 0x01 /* use octal \ddd format */ +#define VIS_CSTYLE 0x02 /* use \[nrft0..] where appropiate */ + +/* + * to alter set of characters encoded (default is to encode all + * non-graphic except space, tab, and newline). + */ +#define VIS_SP 0x04 /* also encode space */ +#define VIS_TAB 0x08 /* also encode tab */ +#define VIS_NL 0x10 /* also encode newline */ +#define VIS_WHITE (VIS_SP | VIS_TAB | VIS_NL) +#define VIS_SAFE 0x20 /* only encode "unsafe" characters */ + +/* + * other + */ +#define VIS_NOSLASH 0x40 /* inhibit printing '\' */ + +/* + * unvis return codes + */ +#define UNVIS_VALID 1 /* character valid */ +#define UNVIS_VALIDPUSH 2 /* character valid, push back passed char */ +#define UNVIS_NOCHAR 3 /* valid sequence, no character produced */ +#define UNVIS_SYNBAD -1 /* unrecognized escape sequence */ +#define UNVIS_ERROR -2 /* decoder in unknown state (unrecoverable) */ + +/* + * unvis flags + */ +#define UNVIS_END 1 /* no more characters */ + +char *vis (char *, int, int, int); +char *svis (char *, int, int, int, const char *); +int strvis (char *, const char *, int); +int strsvis (char *, const char *, int, const char *); +int strvisx (char *, const char *, size_t, int); +int strsvisx (char *, const char *, size_t, int, const char *); +int strunvis (char *, const char *); +int unvis (char *, int, int *, int); + +#endif /* !_VIS_H_ */ diff --git a/kerberosIV/src/lib/roken/write_pid.c b/kerberosIV/src/lib/roken/write_pid.c new file mode 100644 index 00000000000..cb8b7c58192 --- /dev/null +++ b/kerberosIV/src/lib/roken/write_pid.c @@ -0,0 +1,99 @@ +/* + * Copyright (c) 1999 - 2001 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: write_pid.c,v 1.6 2001/09/02 23:58:15 assar Exp $"); +#endif + +#include <stdio.h> +#include <sys/types.h> +#include <unistd.h> +#include <roken.h> + +#include "roken.h" + +char * +pid_file_write (const char *progname) +{ + FILE *fp; + char *ret; + + asprintf (&ret, "%s%s.pid", _PATH_VARRUN, progname); + if (ret == NULL) + return NULL; + fp = fopen (ret, "w"); + if (fp == NULL) { + free (ret); + return NULL; + } + fprintf (fp, "%u", (unsigned)getpid()); + fclose (fp); + return ret; +} + +void +pid_file_delete (char **filename) +{ + if (*filename != NULL) { + unlink (*filename); + free (*filename); + *filename = NULL; + } +} + +#ifndef HAVE_PIDFILE +static char *pidfile_path; + +static void +pidfile_cleanup(void) +{ + if(pidfile_path != NULL) + pid_file_delete(&pidfile_path); +} + +void +pidfile(const char *basename) +{ + if(pidfile_path != NULL) + return; + if(basename == NULL) + basename = getprogname(); + pidfile_path = pid_file_write(basename); +#if defined(HAVE_ATEXIT) + atexit(pidfile_cleanup); +#elif defined(HAVE_ON_EXIT) + on_exit(pidfile_cleanup); +#endif +} +#endif diff --git a/kerberosIV/src/lib/rxkad/Makefile.am b/kerberosIV/src/lib/rxkad/Makefile.am new file mode 100644 index 00000000000..a185ae0aac3 --- /dev/null +++ b/kerberosIV/src/lib/rxkad/Makefile.am @@ -0,0 +1,28 @@ +# $KTH: Makefile.am,v 1.2 2001/08/28 08:43:02 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_des) + +lib_LIBRARIES = librxkad.a + +noinst_PROGRAMS = fc_test + +# This should really be set from configure +AFSWS = @AFSWS@ +KRB5 = /usr/heimdal + +librxkad_a_SOURCES = rxk_locl.c rxk_clnt.c rxk_serv.c rxk_crpt.c \ + rxk_info.c osi_alloc.c compat.c + +INCLUDES += -I$(AFSWS)/include -I$(KRB5)/include + +fc_test_SOURCES = + +fc_test.o: rxk_crpt.c + $(COMPILE) -DTEST -c rxk_crpt.c + +rxincludedir = $(includedir)/rx + +rxinclude_HEADERS = rxkad.h + diff --git a/kerberosIV/src/lib/vers/ChangeLog b/kerberosIV/src/lib/vers/ChangeLog new file mode 100644 index 00000000000..93d0731b712 --- /dev/null +++ b/kerberosIV/src/lib/vers/ChangeLog @@ -0,0 +1,22 @@ +2001-08-24 Assar Westerlund <assar@sics.se> + + * Makefile.am (make_print_version_LDADD): use = instead of += (be + nice to current automake) + +2001-04-21 Johan Danielsson <joda@pdc.kth.se> + + * print_version.c: 2001 + +2001-01-31 Assar Westerlund <assar@sics.se> + + * Makefile.am: remove -static turning this into a convenience + library + +2000-11-15 Assar Westerlund <assar@sics.se> + + * Makefile.am: make the library static and don't install it + +2000-07-08 Assar Westerlund <assar@sics.se> + + * make-print-version.c (heimdal_version, krb4_version): const-ize, + based on thorpej@netbsd.org's change to NetBSD diff --git a/kerberosIV/src/lib/vers/Makefile.am b/kerberosIV/src/lib/vers/Makefile.am new file mode 100644 index 00000000000..ff572726940 --- /dev/null +++ b/kerberosIV/src/lib/vers/Makefile.am @@ -0,0 +1,28 @@ +# $KTH: Makefile.am,v 1.4 2001/08/23 22:41:03 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +CLEANFILES = print_version.h + +noinst_LTLIBRARIES = libvers.la + +build_HEADERZ = vers.h + +noinst_PROGRAMS = make-print-version + +if KRB4 +if KRB5 +## need to link with des here; otherwise, if krb4 is shared the link +## will fail with unresolved references +make_print_version_LDADD = $(LIB_krb4) -ldes +endif +endif + +libvers_la_SOURCES = print_version.c + +print_version.lo: print_version.h + +print_version.h: make-print-version$(EXEEXT) + ./make-print-version$(EXEEXT) print_version.h + +make-print-version.o: $(top_builddir)/include/version.h diff --git a/kerberosIV/src/lib/vers/Makefile.in b/kerberosIV/src/lib/vers/Makefile.in new file mode 100644 index 00000000000..f4f71a80883 --- /dev/null +++ b/kerberosIV/src/lib/vers/Makefile.in @@ -0,0 +1,595 @@ +# Makefile.in generated automatically by automake 1.4b from Makefile.am + +# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000 +# Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : + +@SET_MAKE@ +host_alias = @host_alias@ +host_triplet = @host@ +AFSWS = @AFSWS@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CRACKLIB = @CRACKLIB@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DES_H = @DES_H@ +DIR_com_err = @DIR_com_err@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +ECHO = @ECHO@ +EXEEXT = @EXEEXT@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_ = @INCLUDE_@ +INCLUDE_des = @INCLUDE_des@ +INCLUDE_krb4 = @INCLUDE_krb4@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_SUBDIRS = @LIB_SUBDIRS@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_des = @LIB_des@ +LIB_des_a = @LIB_des_a@ +LIB_des_appl = @LIB_des_appl@ +LIB_des_so = @LIB_des_so@ +LIB_krb4 = @LIB_krb4@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ +disable_cat_manpages = @disable_cat_manpages@ +install_sh = @install_sh@ +krb_cv_header_netdb_h_broken = @krb_cv_header_netdb_h_broken@ + +# $KTH: Makefile.am,v 1.4 2001/08/23 22:41:03 assar Exp $ + + +# $KTH: Makefile.am.common,v 1.1 2000/11/05 17:16:23 joda Exp $ + + +# $KTH: Makefile.am.common,v 1.31 2001/09/01 11:12:18 assar Exp $ + + +AUTOMAKE_OPTIONS = foreign no-dependencies 1.4b + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) + +AM_CFLAGS = $(WFLAGS) + +CP = cp + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_openpty = @LIB_openpty@ +LIB_pidfile = @LIB_pidfile@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +LIBS = @LIBS@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + +INCLUDE_readline = @INCLUDE_readline@ +LIB_readline = @LIB_readline@ + +LEXLIB = @LEXLIB@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la + +@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la + +CHECK_LOCAL = $(PROGRAMS) + +CLEANFILES = print_version.h + +noinst_LTLIBRARIES = libvers.la + +build_HEADERZ = vers.h + +noinst_PROGRAMS = make-print-version + +@KRB4_TRUE@@KRB5_TRUE@make_print_version_LDADD = @KRB4_TRUE@@KRB5_TRUE@$(LIB_krb4) -ldes + +libvers_la_SOURCES = print_version.c +subdir = lib/vers +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +LTLIBRARIES = $(noinst_LTLIBRARIES) + + +DEFS = @DEFS@ -I. -I$(srcdir) -I../../include +CPPFLAGS = @CPPFLAGS@ +LDFLAGS = @LDFLAGS@ +X_CFLAGS = @X_CFLAGS@ +X_LIBS = @X_LIBS@ +X_EXTRA_LIBS = @X_EXTRA_LIBS@ +X_PRE_LIBS = @X_PRE_LIBS@ +libvers_la_LDFLAGS = +libvers_la_LIBADD = +am_libvers_la_OBJECTS = print_version.lo +libvers_la_OBJECTS = $(am_libvers_la_OBJECTS) +noinst_PROGRAMS = make-print-version$(EXEEXT) +PROGRAMS = $(noinst_PROGRAMS) + +make_print_version_SOURCES = make-print-version.c +make_print_version_OBJECTS = make-print-version.$(OBJEXT) +@KRB4_TRUE@@KRB5_TRUE@make_print_version_DEPENDENCIES = +make_print_version_LDFLAGS = +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CFLAGS = @CFLAGS@ +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = $(libvers_la_SOURCES) make-print-version.c +depcomp = +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + +GZIP_ENV = --best +SOURCES = $(libvers_la_SOURCES) make-print-version.c +OBJECTS = $(am_libvers_la_OBJECTS) make-print-version.$(OBJEXT) + +all: all-redirect +.SUFFIXES: +.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .lo .o .obj +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/vers/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +mostlyclean-noinstLTLIBRARIES: + +clean-noinstLTLIBRARIES: + -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) + +distclean-noinstLTLIBRARIES: + +maintainer-clean-noinstLTLIBRARIES: + +mostlyclean-compile: + -rm -f *.o core *.core + -rm -f *.$(OBJEXT) + +clean-compile: + +distclean-compile: + -rm -f *.tab.c + +maintainer-clean-compile: + +mostlyclean-libtool: + -rm -f *.lo + +clean-libtool: + -rm -rf .libs _libs + +distclean-libtool: + +maintainer-clean-libtool: + +libvers.la: $(libvers_la_OBJECTS) $(libvers_la_DEPENDENCIES) + $(LINK) $(libvers_la_LDFLAGS) $(libvers_la_OBJECTS) $(libvers_la_LIBADD) $(LIBS) + +mostlyclean-noinstPROGRAMS: + +clean-noinstPROGRAMS: + -test -z "$(noinst_PROGRAMS)" || rm -f $(noinst_PROGRAMS) + +distclean-noinstPROGRAMS: + +maintainer-clean-noinstPROGRAMS: + +make-print-version$(EXEEXT): $(make_print_version_OBJECTS) $(make_print_version_DEPENDENCIES) + @rm -f make-print-version$(EXEEXT) + $(LINK) $(make_print_version_LDFLAGS) $(make_print_version_OBJECTS) $(make_print_version_LDADD) $(LIBS) +.c.o: + $(COMPILE) -c $< +.c.obj: + $(COMPILE) -c `cygpath -w $<` +.c.lo: + $(LTCOMPILE) -c -o $@ $< + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + mkid -fID $$unique $(LISP) + +TAGS: $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) \ + $(TAGS_FILES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SOURCES) $(HEADERS) $(TAGS_FILES)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | \ + $(AWK) ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || etags $(ETAGS_ARGS) $$tags $$unique $(LISP) + +GTAGS: + here=`CDPATH=: && cd $(top_builddir) && pwd` \ + && cd $(top_srcdir) \ + && gtags -i $$here + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: +uninstall: uninstall-am +all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +installdirs: + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -rm -f Makefile.in +mostlyclean-am: mostlyclean-noinstLTLIBRARIES mostlyclean-compile \ + mostlyclean-libtool mostlyclean-noinstPROGRAMS \ + mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-noinstLTLIBRARIES clean-compile clean-libtool \ + clean-noinstPROGRAMS clean-tags clean-generic \ + mostlyclean-am + +clean: clean-am + +distclean-am: distclean-noinstLTLIBRARIES distclean-compile \ + distclean-libtool distclean-noinstPROGRAMS \ + distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-noinstLTLIBRARIES \ + maintainer-clean-compile maintainer-clean-libtool \ + maintainer-clean-noinstPROGRAMS maintainer-clean-tags \ + maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: mostlyclean-noinstLTLIBRARIES distclean-noinstLTLIBRARIES \ +clean-noinstLTLIBRARIES maintainer-clean-noinstLTLIBRARIES \ +mostlyclean-compile distclean-compile clean-compile \ +maintainer-clean-compile mostlyclean-libtool distclean-libtool \ +clean-libtool maintainer-clean-libtool mostlyclean-noinstPROGRAMS \ +distclean-noinstPROGRAMS clean-noinstPROGRAMS \ +maintainer-clean-noinstPROGRAMS tags mostlyclean-tags distclean-tags \ +clean-tags maintainer-clean-tags distdir info-am info dvi-am dvi \ +check-local check check-am installcheck-am installcheck install-exec-am \ +install-exec install-data-local install-data-am install-data install-am \ +install uninstall-am uninstall all-local all-redirect all-am all \ +install-strip installdirs mostlyclean-generic distclean-generic \ +clean-generic maintainer-clean-generic clean mostlyclean distclean \ +maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +print_version.lo: print_version.h + +print_version.h: make-print-version$(EXEEXT) + ./make-print-version$(EXEEXT) print_version.h + +make-print-version.o: $(top_builddir)/include/version.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/kerberosIV/src/lib/vers/make-print-version.c b/kerberosIV/src/lib/vers/make-print-version.c new file mode 100644 index 00000000000..f7d12833772 --- /dev/null +++ b/kerberosIV/src/lib/vers/make-print-version.c @@ -0,0 +1,68 @@ +/* + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: make-print-version.c,v 1.2 2000/07/08 10:46:36 assar Exp $"); +#endif + +#include <stdio.h> + +#ifdef KRB5 +extern const char *heimdal_version; +#endif +#ifdef KRB4 +extern const char *krb4_version; +#endif +#include <version.h> + +int +main(int argc, char **argv) +{ + FILE *f; + if(argc != 2) + return 1; + f = fopen(argv[1], "w"); + if(f == NULL) + return 1; + fprintf(f, "#define VERSIONLIST { "); +#ifdef KRB5 + fprintf(f, "\"%s\", ", heimdal_version); +#endif +#ifdef KRB4 + fprintf(f, "\"%s\", ", krb4_version); +#endif + fprintf(f, "}\n"); + fclose(f); + return 0; +} diff --git a/kerberosIV/src/lib/vers/print_version.c b/kerberosIV/src/lib/vers/print_version.c new file mode 100644 index 00000000000..11a6934428b --- /dev/null +++ b/kerberosIV/src/lib/vers/print_version.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1998 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$KTH: print_version.c,v 1.3 2001/04/21 16:05:48 joda Exp $"); +#endif +#include "roken.h" + +#include "print_version.h" + +void +print_version(const char *progname) +{ + const char *arg[] = VERSIONLIST; + const int num_args = sizeof(arg) / sizeof(arg[0]); + char *msg; + size_t len = 0; + int i; + + if(progname == NULL) + progname = getprogname(); + + if(num_args == 0) + msg = "no version information"; + else { + for(i = 0; i < num_args; i++) { + if(i > 0) + len += 2; + len += strlen(arg[i]); + } + msg = malloc(len + 1); + if(msg == NULL) { + fprintf(stderr, "%s: out of memory\n", progname); + return; + } + msg[0] = '\0'; + for(i = 0; i < num_args; i++) { + if(i > 0) + strcat(msg, ", "); + strcat(msg, arg[i]); + } + } + fprintf(stderr, "%s (%s)\n", progname, msg); + fprintf(stderr, "Copyright (c) 1999-2001 Kungliga Tekniska Högskolan\n"); + if(num_args != 0) + free(msg); +} diff --git a/kerberosIV/src/lib/vers/vers.h b/kerberosIV/src/lib/vers/vers.h new file mode 100644 index 00000000000..5f8442ecae5 --- /dev/null +++ b/kerberosIV/src/lib/vers/vers.h @@ -0,0 +1,41 @@ +/* + * Copyright (c) 1995 - 2000 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* $KTH: vers.h,v 1.1 2000/07/01 19:47:36 assar Exp $ */ + +#ifndef __VERS_H__ +#define __VERS_H__ + +void print_version(const char *); + +#endif /* __VERS_H__ */ diff --git a/kerberosIV/src/ltmain.sh b/kerberosIV/src/ltmain.sh new file mode 100644 index 00000000000..5959c479b0e --- /dev/null +++ b/kerberosIV/src/ltmain.sh @@ -0,0 +1,4946 @@ +# ltmain.sh - Provide generalized library-building support services. +# NOTE: Changing this file will not affect anything until you rerun configure. +# +# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001 +# Free Software Foundation, Inc. +# Originally by Gordon Matzigkeit <gord@gnu.ai.mit.edu>, 1996 +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. +# +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Check that we have a working $echo. +if test "X$1" = X--no-reexec; then + # Discard the --no-reexec flag, and continue. + shift +elif test "X$1" = X--fallback-echo; then + # Avoid inline document here, it may be left over + : +elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then + # Yippee, $echo works! + : +else + # Restart under the correct shell, and then maybe $echo will work. + exec $SHELL "$0" --no-reexec ${1+"$@"} +fi + +if test "X$1" = X--fallback-echo; then + # used as fallback echo + shift + cat <<EOF +$* +EOF + exit 0 +fi + +# The name of this program. +progname=`$echo "$0" | sed 's%^.*/%%'` +modename="$progname" + +# Constants. +PROGRAM=ltmain.sh +PACKAGE=libtool +VERSION=1.4 +TIMESTAMP=" (1.920 2001/04/24 23:26:18)" + +default_mode= +help="Try \`$progname --help' for more information." +magic="%%%MAGIC variable%%%" +mkdir="mkdir" +mv="mv -f" +rm="rm -f" + +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +Xsed='sed -e 1s/^X//' +sed_quote_subst='s/\([\\`\\"$\\\\]\)/\\\1/g' +SP2NL='tr \040 \012' +NL2SP='tr \015\012 \040\040' + +# NLS nuisances. +# Only set LANG and LC_ALL to C if already set. +# These must not be set unconditionally because not all systems understand +# e.g. LANG=C (notably SCO). +# We save the old values to restore during execute mode. +if test "${LC_ALL+set}" = set; then + save_LC_ALL="$LC_ALL"; LC_ALL=C; export LC_ALL +fi +if test "${LANG+set}" = set; then + save_LANG="$LANG"; LANG=C; export LANG +fi + +if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then + echo "$modename: not configured to build any kind of library" 1>&2 + echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 + exit 1 +fi + +# Global variables. +mode=$default_mode +nonopt= +prev= +prevopt= +run= +show="$echo" +show_help= +execute_dlfiles= +lo2o="s/\\.lo\$/.${objext}/" +o2lo="s/\\.${objext}\$/.lo/" + +# Parse our command line options once, thoroughly. +while test $# -gt 0 +do + arg="$1" + shift + + case $arg in + -*=*) optarg=`$echo "X$arg" | $Xsed -e 's/[-_a-zA-Z0-9]*=//'` ;; + *) optarg= ;; + esac + + # If the previous option needs an argument, assign it. + if test -n "$prev"; then + case $prev in + execute_dlfiles) + execute_dlfiles="$execute_dlfiles $arg" + ;; + *) + eval "$prev=\$arg" + ;; + esac + + prev= + prevopt= + continue + fi + + # Have we seen a non-optional argument yet? + case $arg in + --help) + show_help=yes + ;; + + --version) + echo "$PROGRAM (GNU $PACKAGE) $VERSION$TIMESTAMP" + exit 0 + ;; + + --config) + sed -e '1,/^# ### BEGIN LIBTOOL CONFIG/d' -e '/^# ### END LIBTOOL CONFIG/,$d' $0 + exit 0 + ;; + + --debug) + echo "$progname: enabling shell trace mode" + set -x + ;; + + --dry-run | -n) + run=: + ;; + + --features) + echo "host: $host" + if test "$build_libtool_libs" = yes; then + echo "enable shared libraries" + else + echo "disable shared libraries" + fi + if test "$build_old_libs" = yes; then + echo "enable static libraries" + else + echo "disable static libraries" + fi + exit 0 + ;; + + --finish) mode="finish" ;; + + --mode) prevopt="--mode" prev=mode ;; + --mode=*) mode="$optarg" ;; + + --quiet | --silent) + show=: + ;; + + -dlopen) + prevopt="-dlopen" + prev=execute_dlfiles + ;; + + -*) + $echo "$modename: unrecognized option \`$arg'" 1>&2 + $echo "$help" 1>&2 + exit 1 + ;; + + *) + nonopt="$arg" + break + ;; + esac +done + +if test -n "$prevopt"; then + $echo "$modename: option \`$prevopt' requires an argument" 1>&2 + $echo "$help" 1>&2 + exit 1 +fi + +if test -z "$show_help"; then + + # Infer the operation mode. + if test -z "$mode"; then + case $nonopt in + *cc | *++ | gcc* | *-gcc*) + mode=link + for arg + do + case $arg in + -c) + mode=compile + break + ;; + esac + done + ;; + *db | *dbx | *strace | *truss) + mode=execute + ;; + *install*|cp|mv) + mode=install + ;; + *rm) + mode=uninstall + ;; + *) + # If we have no mode, but dlfiles were specified, then do execute mode. + test -n "$execute_dlfiles" && mode=execute + + # Just use the default operation mode. + if test -z "$mode"; then + if test -n "$nonopt"; then + $echo "$modename: warning: cannot infer operation mode from \`$nonopt'" 1>&2 + else + $echo "$modename: warning: cannot infer operation mode without MODE-ARGS" 1>&2 + fi + fi + ;; + esac + fi + + # Only execute mode is allowed to have -dlopen flags. + if test -n "$execute_dlfiles" && test "$mode" != execute; then + $echo "$modename: unrecognized option \`-dlopen'" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + # Change the help message to a mode-specific one. + generic_help="$help" + help="Try \`$modename --help --mode=$mode' for more information." + + # These modes are in order of execution frequency so that they run quickly. + case $mode in + # libtool compile mode + compile) + modename="$modename: compile" + # Get the compilation command and the source file. + base_compile= + prev= + lastarg= + srcfile="$nonopt" + suppress_output= + + user_target=no + for arg + do + case $prev in + "") ;; + xcompiler) + # Aesthetically quote the previous argument. + prev= + lastarg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` + + case $arg in + # Double-quote args containing other shell metacharacters. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + arg="\"$arg\"" + ;; + esac + + # Add the previous argument to base_compile. + if test -z "$base_compile"; then + base_compile="$lastarg" + else + base_compile="$base_compile $lastarg" + fi + continue + ;; + esac + + # Accept any command-line options. + case $arg in + -o) + if test "$user_target" != "no"; then + $echo "$modename: you cannot specify \`-o' more than once" 1>&2 + exit 1 + fi + user_target=next + ;; + + -static) + build_old_libs=yes + continue + ;; + + -prefer-pic) + pic_mode=yes + continue + ;; + + -prefer-non-pic) + pic_mode=no + continue + ;; + + -Xcompiler) + prev=xcompiler + continue + ;; + + -Wc,*) + args=`$echo "X$arg" | $Xsed -e "s/^-Wc,//"` + lastarg= + IFS="${IFS= }"; save_ifs="$IFS"; IFS=',' + for arg in $args; do + IFS="$save_ifs" + + # Double-quote args containing other shell metacharacters. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + arg="\"$arg\"" + ;; + esac + lastarg="$lastarg $arg" + done + IFS="$save_ifs" + lastarg=`$echo "X$lastarg" | $Xsed -e "s/^ //"` + + # Add the arguments to base_compile. + if test -z "$base_compile"; then + base_compile="$lastarg" + else + base_compile="$base_compile $lastarg" + fi + continue + ;; + esac + + case $user_target in + next) + # The next one is the -o target name + user_target=yes + continue + ;; + yes) + # We got the output file + user_target=set + libobj="$arg" + continue + ;; + esac + + # Accept the current argument as the source file. + lastarg="$srcfile" + srcfile="$arg" + + # Aesthetically quote the previous argument. + + # Backslashify any backslashes, double quotes, and dollar signs. + # These are the only characters that are still specially + # interpreted inside of double-quoted scrings. + lastarg=`$echo "X$lastarg" | $Xsed -e "$sed_quote_subst"` + + # Double-quote args containing other shell metacharacters. + # Many Bourne shells cannot handle close brackets correctly + # in scan sets, so we specify it separately. + case $lastarg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + lastarg="\"$lastarg\"" + ;; + esac + + # Add the previous argument to base_compile. + if test -z "$base_compile"; then + base_compile="$lastarg" + else + base_compile="$base_compile $lastarg" + fi + done + + case $user_target in + set) + ;; + no) + # Get the name of the library object. + libobj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%'` + ;; + *) + $echo "$modename: you must specify a target with \`-o'" 1>&2 + exit 1 + ;; + esac + + # Recognize several different file suffixes. + # If the user specifies -o file.o, it is replaced with file.lo + xform='[cCFSfmso]' + case $libobj in + *.ada) xform=ada ;; + *.adb) xform=adb ;; + *.ads) xform=ads ;; + *.asm) xform=asm ;; + *.c++) xform=c++ ;; + *.cc) xform=cc ;; + *.cpp) xform=cpp ;; + *.cxx) xform=cxx ;; + *.f90) xform=f90 ;; + *.for) xform=for ;; + esac + + libobj=`$echo "X$libobj" | $Xsed -e "s/\.$xform$/.lo/"` + + case $libobj in + *.lo) obj=`$echo "X$libobj" | $Xsed -e "$lo2o"` ;; + *) + $echo "$modename: cannot determine name of library object from \`$libobj'" 1>&2 + exit 1 + ;; + esac + + if test -z "$base_compile"; then + $echo "$modename: you must specify a compilation command" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + # Delete any leftover library objects. + if test "$build_old_libs" = yes; then + removelist="$obj $libobj" + else + removelist="$libobj" + fi + + $run $rm $removelist + trap "$run $rm $removelist; exit 1" 1 2 15 + + # On Cygwin there's no "real" PIC flag so we must build both object types + case $host_os in + cygwin* | mingw* | pw32* | os2*) + pic_mode=default + ;; + esac + if test $pic_mode = no && test "$deplibs_check_method" != pass_all; then + # non-PIC code in shared libraries is not supported + pic_mode=default + fi + + # Calculate the filename of the output object if compiler does + # not support -o with -c + if test "$compiler_c_o" = no; then + output_obj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\.[^.]*$%%'`.${objext} + lockfile="$output_obj.lock" + removelist="$removelist $output_obj $lockfile" + trap "$run $rm $removelist; exit 1" 1 2 15 + else + need_locks=no + lockfile= + fi + + # Lock this critical section if it is needed + # We use this script file to make the link, it avoids creating a new file + if test "$need_locks" = yes; then + until $run ln "$0" "$lockfile" 2>/dev/null; do + $show "Waiting for $lockfile to be removed" + sleep 2 + done + elif test "$need_locks" = warn; then + if test -f "$lockfile"; then + echo "\ +*** ERROR, $lockfile exists and contains: +`cat $lockfile 2>/dev/null` + +This indicates that another process is trying to use the same +temporary object file, and libtool could not work around it because +your compiler does not support \`-c' and \`-o' together. If you +repeat this compilation, it may succeed, by chance, but you had better +avoid parallel builds (make -j) in this platform, or get a better +compiler." + + $run $rm $removelist + exit 1 + fi + echo $srcfile > "$lockfile" + fi + + if test -n "$fix_srcfile_path"; then + eval srcfile=\"$fix_srcfile_path\" + fi + + # Only build a PIC object if we are building libtool libraries. + if test "$build_libtool_libs" = yes; then + # Without this assignment, base_compile gets emptied. + fbsd_hideous_sh_bug=$base_compile + + if test "$pic_mode" != no; then + # All platforms use -DPIC, to notify preprocessed assembler code. + command="$base_compile $srcfile $pic_flag -DPIC" + else + # Don't build PIC code + command="$base_compile $srcfile" + fi + if test "$build_old_libs" = yes; then + lo_libobj="$libobj" + dir=`$echo "X$libobj" | $Xsed -e 's%/[^/]*$%%'` + if test "X$dir" = "X$libobj"; then + dir="$objdir" + else + dir="$dir/$objdir" + fi + libobj="$dir/"`$echo "X$libobj" | $Xsed -e 's%^.*/%%'` + + if test -d "$dir"; then + $show "$rm $libobj" + $run $rm $libobj + else + $show "$mkdir $dir" + $run $mkdir $dir + status=$? + if test $status -ne 0 && test ! -d $dir; then + exit $status + fi + fi + fi + if test "$compiler_o_lo" = yes; then + output_obj="$libobj" + command="$command -o $output_obj" + elif test "$compiler_c_o" = yes; then + output_obj="$obj" + command="$command -o $output_obj" + fi + + $run $rm "$output_obj" + $show "$command" + if $run eval "$command"; then : + else + test -n "$output_obj" && $run $rm $removelist + exit 1 + fi + + if test "$need_locks" = warn && + test x"`cat $lockfile 2>/dev/null`" != x"$srcfile"; then + echo "\ +*** ERROR, $lockfile contains: +`cat $lockfile 2>/dev/null` + +but it should contain: +$srcfile + +This indicates that another process is trying to use the same +temporary object file, and libtool could not work around it because +your compiler does not support \`-c' and \`-o' together. If you +repeat this compilation, it may succeed, by chance, but you had better +avoid parallel builds (make -j) in this platform, or get a better +compiler." + + $run $rm $removelist + exit 1 + fi + + # Just move the object if needed, then go on to compile the next one + if test x"$output_obj" != x"$libobj"; then + $show "$mv $output_obj $libobj" + if $run $mv $output_obj $libobj; then : + else + error=$? + $run $rm $removelist + exit $error + fi + fi + + # If we have no pic_flag, then copy the object into place and finish. + if (test -z "$pic_flag" || test "$pic_mode" != default) && + test "$build_old_libs" = yes; then + # Rename the .lo from within objdir to obj + if test -f $obj; then + $show $rm $obj + $run $rm $obj + fi + + $show "$mv $libobj $obj" + if $run $mv $libobj $obj; then : + else + error=$? + $run $rm $removelist + exit $error + fi + + xdir=`$echo "X$obj" | $Xsed -e 's%/[^/]*$%%'` + if test "X$xdir" = "X$obj"; then + xdir="." + else + xdir="$xdir" + fi + baseobj=`$echo "X$obj" | $Xsed -e "s%.*/%%"` + libobj=`$echo "X$baseobj" | $Xsed -e "$o2lo"` + # Now arrange that obj and lo_libobj become the same file + $show "(cd $xdir && $LN_S $baseobj $libobj)" + if $run eval '(cd $xdir && $LN_S $baseobj $libobj)'; then + exit 0 + else + error=$? + $run $rm $removelist + exit $error + fi + fi + + # Allow error messages only from the first compilation. + suppress_output=' >/dev/null 2>&1' + fi + + # Only build a position-dependent object if we build old libraries. + if test "$build_old_libs" = yes; then + if test "$pic_mode" != yes; then + # Don't build PIC code + command="$base_compile $srcfile" + else + # All platforms use -DPIC, to notify preprocessed assembler code. + command="$base_compile $srcfile $pic_flag -DPIC" + fi + if test "$compiler_c_o" = yes; then + command="$command -o $obj" + output_obj="$obj" + fi + + # Suppress compiler output if we already did a PIC compilation. + command="$command$suppress_output" + $run $rm "$output_obj" + $show "$command" + if $run eval "$command"; then : + else + $run $rm $removelist + exit 1 + fi + + if test "$need_locks" = warn && + test x"`cat $lockfile 2>/dev/null`" != x"$srcfile"; then + echo "\ +*** ERROR, $lockfile contains: +`cat $lockfile 2>/dev/null` + +but it should contain: +$srcfile + +This indicates that another process is trying to use the same +temporary object file, and libtool could not work around it because +your compiler does not support \`-c' and \`-o' together. If you +repeat this compilation, it may succeed, by chance, but you had better +avoid parallel builds (make -j) in this platform, or get a better +compiler." + + $run $rm $removelist + exit 1 + fi + + # Just move the object if needed + if test x"$output_obj" != x"$obj"; then + $show "$mv $output_obj $obj" + if $run $mv $output_obj $obj; then : + else + error=$? + $run $rm $removelist + exit $error + fi + fi + + # Create an invalid libtool object if no PIC, so that we do not + # accidentally link it into a program. + if test "$build_libtool_libs" != yes; then + $show "echo timestamp > $libobj" + $run eval "echo timestamp > \$libobj" || exit $? + else + # Move the .lo from within objdir + $show "$mv $libobj $lo_libobj" + if $run $mv $libobj $lo_libobj; then : + else + error=$? + $run $rm $removelist + exit $error + fi + fi + fi + + # Unlock the critical section if it was locked + if test "$need_locks" != no; then + $run $rm "$lockfile" + fi + + exit 0 + ;; + + # libtool link mode + link | relink) + modename="$modename: link" + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) + # It is impossible to link a dll without this setting, and + # we shouldn't force the makefile maintainer to figure out + # which system we are compiling for in order to pass an extra + # flag for every libtool invokation. + # allow_undefined=no + + # FIXME: Unfortunately, there are problems with the above when trying + # to make a dll which has undefined symbols, in which case not + # even a static library is built. For now, we need to specify + # -no-undefined on the libtool link line when we can be certain + # that all symbols are satisfied, otherwise we get a static library. + allow_undefined=yes + ;; + *) + allow_undefined=yes + ;; + esac + libtool_args="$nonopt" + compile_command="$nonopt" + finalize_command="$nonopt" + + compile_rpath= + finalize_rpath= + compile_shlibpath= + finalize_shlibpath= + convenience= + old_convenience= + deplibs= + old_deplibs= + compiler_flags= + linker_flags= + dllsearchpath= + lib_search_path=`pwd` + + avoid_version=no + dlfiles= + dlprefiles= + dlself=no + export_dynamic=no + export_symbols= + export_symbols_regex= + generated= + libobjs= + ltlibs= + module=no + no_install=no + objs= + prefer_static_libs=no + preload=no + prev= + prevarg= + release= + rpath= + xrpath= + perm_rpath= + temp_rpath= + thread_safe=no + vinfo= + + # We need to know -static, to get the right output filenames. + for arg + do + case $arg in + -all-static | -static) + if test "X$arg" = "X-all-static"; then + if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then + $echo "$modename: warning: complete static linking is impossible in this configuration" 1>&2 + fi + if test -n "$link_static_flag"; then + dlopen_self=$dlopen_self_static + fi + else + if test -z "$pic_flag" && test -n "$link_static_flag"; then + dlopen_self=$dlopen_self_static + fi + fi + build_libtool_libs=no + build_old_libs=yes + prefer_static_libs=yes + break + ;; + esac + done + + # See if our shared archives depend on static archives. + test -n "$old_archive_from_new_cmds" && build_old_libs=yes + + # Go through the arguments, transforming them on the way. + while test $# -gt 0; do + arg="$1" + shift + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + qarg=\"`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`\" ### testsuite: skip nested quoting test + ;; + *) qarg=$arg ;; + esac + libtool_args="$libtool_args $qarg" + + # If the previous option needs an argument, assign it. + if test -n "$prev"; then + case $prev in + output) + compile_command="$compile_command @OUTPUT@" + finalize_command="$finalize_command @OUTPUT@" + ;; + esac + + case $prev in + dlfiles|dlprefiles) + if test "$preload" = no; then + # Add the symbol object into the linking commands. + compile_command="$compile_command @SYMFILE@" + finalize_command="$finalize_command @SYMFILE@" + preload=yes + fi + case $arg in + *.la | *.lo) ;; # We handle these cases below. + force) + if test "$dlself" = no; then + dlself=needless + export_dynamic=yes + fi + prev= + continue + ;; + self) + if test "$prev" = dlprefiles; then + dlself=yes + elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then + dlself=yes + else + dlself=needless + export_dynamic=yes + fi + prev= + continue + ;; + *) + if test "$prev" = dlfiles; then + dlfiles="$dlfiles $arg" + else + dlprefiles="$dlprefiles $arg" + fi + prev= + continue + ;; + esac + ;; + expsyms) + export_symbols="$arg" + if test ! -f "$arg"; then + $echo "$modename: symbol file \`$arg' does not exist" + exit 1 + fi + prev= + continue + ;; + expsyms_regex) + export_symbols_regex="$arg" + prev= + continue + ;; + release) + release="-$arg" + prev= + continue + ;; + rpath | xrpath) + # We need an absolute path. + case $arg in + [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + $echo "$modename: only absolute run-paths are allowed" 1>&2 + exit 1 + ;; + esac + if test "$prev" = rpath; then + case "$rpath " in + *" $arg "*) ;; + *) rpath="$rpath $arg" ;; + esac + else + case "$xrpath " in + *" $arg "*) ;; + *) xrpath="$xrpath $arg" ;; + esac + fi + prev= + continue + ;; + xcompiler) + compiler_flags="$compiler_flags $qarg" + prev= + compile_command="$compile_command $qarg" + finalize_command="$finalize_command $qarg" + continue + ;; + xlinker) + linker_flags="$linker_flags $qarg" + compiler_flags="$compiler_flags $wl$qarg" + prev= + compile_command="$compile_command $wl$qarg" + finalize_command="$finalize_command $wl$qarg" + continue + ;; + *) + eval "$prev=\"\$arg\"" + prev= + continue + ;; + esac + fi # test -n $prev + + prevarg="$arg" + + case $arg in + -all-static) + if test -n "$link_static_flag"; then + compile_command="$compile_command $link_static_flag" + finalize_command="$finalize_command $link_static_flag" + fi + continue + ;; + + -allow-undefined) + # FIXME: remove this flag sometime in the future. + $echo "$modename: \`-allow-undefined' is deprecated because it is the default" 1>&2 + continue + ;; + + -avoid-version) + avoid_version=yes + continue + ;; + + -dlopen) + prev=dlfiles + continue + ;; + + -dlpreopen) + prev=dlprefiles + continue + ;; + + -export-dynamic) + export_dynamic=yes + continue + ;; + + -export-symbols | -export-symbols-regex) + if test -n "$export_symbols" || test -n "$export_symbols_regex"; then + $echo "$modename: more than one -exported-symbols argument is not allowed" + exit 1 + fi + if test "X$arg" = "X-export-symbols"; then + prev=expsyms + else + prev=expsyms_regex + fi + continue + ;; + + # The native IRIX linker understands -LANG:*, -LIST:* and -LNO:* + # so, if we see these flags be careful not to treat them like -L + -L[A-Z][A-Z]*:*) + case $with_gcc/$host in + no/*-*-irix*) + compile_command="$compile_command $arg" + finalize_command="$finalize_command $arg" + ;; + esac + continue + ;; + + -L*) + dir=`$echo "X$arg" | $Xsed -e 's/^-L//'` + # We need an absolute path. + case $dir in + [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + absdir=`cd "$dir" && pwd` + if test -z "$absdir"; then + $echo "$modename: cannot determine absolute directory name of \`$dir'" 1>&2 + exit 1 + fi + dir="$absdir" + ;; + esac + case "$deplibs " in + *" -L$dir "*) ;; + *) + deplibs="$deplibs -L$dir" + lib_search_path="$lib_search_path $dir" + ;; + esac + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) + case :$dllsearchpath: in + *":$dir:"*) ;; + *) dllsearchpath="$dllsearchpath:$dir";; + esac + ;; + esac + continue + ;; + + -l*) + if test "X$arg" = "X-lc" || test "X$arg" = "X-lm"; then + case $host in + *-*-cygwin* | *-*-pw32* | *-*-beos*) + # These systems don't actually have a C or math library (as such) + continue + ;; + *-*-mingw* | *-*-os2*) + # These systems don't actually have a C library (as such) + test "X$arg" = "X-lc" && continue + ;; + esac + fi + deplibs="$deplibs $arg" + continue + ;; + + -module) + module=yes + continue + ;; + + -no-fast-install) + fast_install=no + continue + ;; + + -no-install) + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) + # The PATH hackery in wrapper scripts is required on Windows + # in order for the loader to find any dlls it needs. + $echo "$modename: warning: \`-no-install' is ignored for $host" 1>&2 + $echo "$modename: warning: assuming \`-no-fast-install' instead" 1>&2 + fast_install=no + ;; + *) no_install=yes ;; + esac + continue + ;; + + -no-undefined) + allow_undefined=no + continue + ;; + + -o) prev=output ;; + + -release) + prev=release + continue + ;; + + -rpath) + prev=rpath + continue + ;; + + -R) + prev=xrpath + continue + ;; + + -R*) + dir=`$echo "X$arg" | $Xsed -e 's/^-R//'` + # We need an absolute path. + case $dir in + [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + $echo "$modename: only absolute run-paths are allowed" 1>&2 + exit 1 + ;; + esac + case "$xrpath " in + *" $dir "*) ;; + *) xrpath="$xrpath $dir" ;; + esac + continue + ;; + + -static) + # The effects of -static are defined in a previous loop. + # We used to do the same as -all-static on platforms that + # didn't have a PIC flag, but the assumption that the effects + # would be equivalent was wrong. It would break on at least + # Digital Unix and AIX. + continue + ;; + + -thread-safe) + thread_safe=yes + continue + ;; + + -version-info) + prev=vinfo + continue + ;; + + -Wc,*) + args=`$echo "X$arg" | $Xsed -e "$sed_quote_subst" -e 's/^-Wc,//'` + arg= + IFS="${IFS= }"; save_ifs="$IFS"; IFS=',' + for flag in $args; do + IFS="$save_ifs" + case $flag in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + flag="\"$flag\"" + ;; + esac + arg="$arg $wl$flag" + compiler_flags="$compiler_flags $flag" + done + IFS="$save_ifs" + arg=`$echo "X$arg" | $Xsed -e "s/^ //"` + ;; + + -Wl,*) + args=`$echo "X$arg" | $Xsed -e "$sed_quote_subst" -e 's/^-Wl,//'` + arg= + IFS="${IFS= }"; save_ifs="$IFS"; IFS=',' + for flag in $args; do + IFS="$save_ifs" + case $flag in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + flag="\"$flag\"" + ;; + esac + arg="$arg $wl$flag" + compiler_flags="$compiler_flags $wl$flag" + linker_flags="$linker_flags $flag" + done + IFS="$save_ifs" + arg=`$echo "X$arg" | $Xsed -e "s/^ //"` + ;; + + -Xcompiler) + prev=xcompiler + continue + ;; + + -Xlinker) + prev=xlinker + continue + ;; + + # Some other compiler flag. + -* | +*) + # Unknown arguments in both finalize_command and compile_command need + # to be aesthetically quoted because they are evaled later. + arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + arg="\"$arg\"" + ;; + esac + ;; + + *.lo | *.$objext) + # A library or standard object. + if test "$prev" = dlfiles; then + # This file was specified with -dlopen. + if test "$build_libtool_libs" = yes && test "$dlopen_support" = yes; then + dlfiles="$dlfiles $arg" + prev= + continue + else + # If libtool objects are unsupported, then we need to preload. + prev=dlprefiles + fi + fi + + if test "$prev" = dlprefiles; then + # Preload the old-style object. + dlprefiles="$dlprefiles "`$echo "X$arg" | $Xsed -e "$lo2o"` + prev= + else + case $arg in + *.lo) libobjs="$libobjs $arg" ;; + *) objs="$objs $arg" ;; + esac + fi + ;; + + *.$libext) + # An archive. + deplibs="$deplibs $arg" + old_deplibs="$old_deplibs $arg" + continue + ;; + + *.la) + # A libtool-controlled library. + + if test "$prev" = dlfiles; then + # This library was specified with -dlopen. + dlfiles="$dlfiles $arg" + prev= + elif test "$prev" = dlprefiles; then + # The library was specified with -dlpreopen. + dlprefiles="$dlprefiles $arg" + prev= + else + deplibs="$deplibs $arg" + fi + continue + ;; + + # Some other compiler argument. + *) + # Unknown arguments in both finalize_command and compile_command need + # to be aesthetically quoted because they are evaled later. + arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*|"") + arg="\"$arg\"" + ;; + esac + ;; + esac # arg + + # Now actually substitute the argument into the commands. + if test -n "$arg"; then + compile_command="$compile_command $arg" + finalize_command="$finalize_command $arg" + fi + done # argument parsing loop + + if test -n "$prev"; then + $echo "$modename: the \`$prevarg' option requires an argument" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then + eval arg=\"$export_dynamic_flag_spec\" + compile_command="$compile_command $arg" + finalize_command="$finalize_command $arg" + fi + + # calculate the name of the file, without its directory + outputname=`$echo "X$output" | $Xsed -e 's%^.*/%%'` + libobjs_save="$libobjs" + + if test -n "$shlibpath_var"; then + # get the directories listed in $shlibpath_var + eval shlib_search_path=\`\$echo \"X\${$shlibpath_var}\" \| \$Xsed -e \'s/:/ /g\'\` + else + shlib_search_path= + fi + eval sys_lib_search_path=\"$sys_lib_search_path_spec\" + eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\" + + output_objdir=`$echo "X$output" | $Xsed -e 's%/[^/]*$%%'` + if test "X$output_objdir" = "X$output"; then + output_objdir="$objdir" + else + output_objdir="$output_objdir/$objdir" + fi + # Create the object directory. + if test ! -d $output_objdir; then + $show "$mkdir $output_objdir" + $run $mkdir $output_objdir + status=$? + if test $status -ne 0 && test ! -d $output_objdir; then + exit $status + fi + fi + + # Determine the type of output + case $output in + "") + $echo "$modename: you must specify an output file" 1>&2 + $echo "$help" 1>&2 + exit 1 + ;; + *.$libext) linkmode=oldlib ;; + *.lo | *.$objext) linkmode=obj ;; + *.la) linkmode=lib ;; + *) linkmode=prog ;; # Anything else should be a program. + esac + + specialdeplibs= + libs= + # Find all interdependent deplibs by searching for libraries + # that are linked more than once (e.g. -la -lb -la) + for deplib in $deplibs; do + case "$libs " in + *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; + esac + libs="$libs $deplib" + done + deplibs= + newdependency_libs= + newlib_search_path= + need_relink=no # whether we're linking any uninstalled libtool libraries + notinst_deplibs= # not-installed libtool libraries + notinst_path= # paths that contain not-installed libtool libraries + case $linkmode in + lib) + passes="conv link" + for file in $dlfiles $dlprefiles; do + case $file in + *.la) ;; + *) + $echo "$modename: libraries can \`-dlopen' only libtool libraries: $file" 1>&2 + exit 1 + ;; + esac + done + ;; + prog) + compile_deplibs= + finalize_deplibs= + alldeplibs=no + newdlfiles= + newdlprefiles= + passes="conv scan dlopen dlpreopen link" + ;; + *) passes="conv" + ;; + esac + for pass in $passes; do + if test $linkmode = prog; then + # Determine which files to process + case $pass in + dlopen) + libs="$dlfiles" + save_deplibs="$deplibs" # Collect dlpreopened libraries + deplibs= + ;; + dlpreopen) libs="$dlprefiles" ;; + link) libs="$deplibs %DEPLIBS% $dependency_libs" ;; + esac + fi + for deplib in $libs; do + lib= + found=no + case $deplib in + -l*) + if test $linkmode = oldlib && test $linkmode = obj; then + $echo "$modename: warning: \`-l' is ignored for archives/objects: $deplib" 1>&2 + continue + fi + if test $pass = conv; then + deplibs="$deplib $deplibs" + continue + fi + name=`$echo "X$deplib" | $Xsed -e 's/^-l//'` + for searchdir in $newlib_search_path $lib_search_path $sys_lib_search_path $shlib_search_path; do + # Search the libtool library + lib="$searchdir/lib${name}.la" + if test -f "$lib"; then + found=yes + break + fi + done + if test "$found" != yes; then + # deplib doesn't seem to be a libtool library + if test "$linkmode,$pass" = "prog,link"; then + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + deplibs="$deplib $deplibs" + test $linkmode = lib && newdependency_libs="$deplib $newdependency_libs" + fi + continue + fi + ;; # -l + -L*) + case $linkmode in + lib) + deplibs="$deplib $deplibs" + test $pass = conv && continue + newdependency_libs="$deplib $newdependency_libs" + newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'` + ;; + prog) + if test $pass = conv; then + deplibs="$deplib $deplibs" + continue + fi + if test $pass = scan; then + deplibs="$deplib $deplibs" + newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'` + else + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + fi + ;; + *) + $echo "$modename: warning: \`-L' is ignored for archives/objects: $deplib" 1>&2 + ;; + esac # linkmode + continue + ;; # -L + -R*) + if test $pass = link; then + dir=`$echo "X$deplib" | $Xsed -e 's/^-R//'` + # Make sure the xrpath contains only unique directories. + case "$xrpath " in + *" $dir "*) ;; + *) xrpath="$xrpath $dir" ;; + esac + fi + deplibs="$deplib $deplibs" + continue + ;; + *.la) lib="$deplib" ;; + *.$libext) + if test $pass = conv; then + deplibs="$deplib $deplibs" + continue + fi + case $linkmode in + lib) + if test "$deplibs_check_method" != pass_all; then + echo + echo "*** Warning: This library needs some functionality provided by $deplib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have." + else + echo + echo "*** Warning: Linking the shared library $output against the" + echo "*** static library $deplib is not portable!" + deplibs="$deplib $deplibs" + fi + continue + ;; + prog) + if test $pass != link; then + deplibs="$deplib $deplibs" + else + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + fi + continue + ;; + esac # linkmode + ;; # *.$libext + *.lo | *.$objext) + if test $pass = dlpreopen || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then + # If there is no dlopen support or we're linking statically, + # we need to preload. + newdlprefiles="$newdlprefiles $deplib" + compile_deplibs="$deplib $compile_deplibs" + finalize_deplibs="$deplib $finalize_deplibs" + else + newdlfiles="$newdlfiles $deplib" + fi + continue + ;; + %DEPLIBS%) + alldeplibs=yes + continue + ;; + esac # case $deplib + if test $found = yes || test -f "$lib"; then : + else + $echo "$modename: cannot find the library \`$lib'" 1>&2 + exit 1 + fi + + # Check to see that this really is a libtool archive. + if (sed -e '2q' $lib | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then : + else + $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 + exit 1 + fi + + ladir=`$echo "X$lib" | $Xsed -e 's%/[^/]*$%%'` + test "X$ladir" = "X$lib" && ladir="." + + dlname= + dlopen= + dlpreopen= + libdir= + library_names= + old_library= + # If the library was installed with an old release of libtool, + # it will not redefine variable installed. + installed=yes + + # Read the .la file + case $lib in + */* | *\\*) . $lib ;; + *) . ./$lib ;; + esac + + if test "$linkmode,$pass" = "lib,link" || + test "$linkmode,$pass" = "prog,scan" || + { test $linkmode = oldlib && test $linkmode = obj; }; then + # Add dl[pre]opened files of deplib + test -n "$dlopen" && dlfiles="$dlfiles $dlopen" + test -n "$dlpreopen" && dlprefiles="$dlprefiles $dlpreopen" + fi + + if test $pass = conv; then + # Only check for convenience libraries + deplibs="$lib $deplibs" + if test -z "$libdir"; then + if test -z "$old_library"; then + $echo "$modename: cannot find name of link library for \`$lib'" 1>&2 + exit 1 + fi + # It is a libtool convenience library, so add in its objects. + convenience="$convenience $ladir/$objdir/$old_library" + old_convenience="$old_convenience $ladir/$objdir/$old_library" + tmp_libs= + for deplib in $dependency_libs; do + deplibs="$deplib $deplibs" + case "$tmp_libs " in + *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; + esac + tmp_libs="$tmp_libs $deplib" + done + elif test $linkmode != prog && test $linkmode != lib; then + $echo "$modename: \`$lib' is not a convenience library" 1>&2 + exit 1 + fi + continue + fi # $pass = conv + + # Get the name of the library we link against. + linklib= + for l in $old_library $library_names; do + linklib="$l" + done + if test -z "$linklib"; then + $echo "$modename: cannot find name of link library for \`$lib'" 1>&2 + exit 1 + fi + + # This library was specified with -dlopen. + if test $pass = dlopen; then + if test -z "$libdir"; then + $echo "$modename: cannot -dlopen a convenience library: \`$lib'" 1>&2 + exit 1 + fi + if test -z "$dlname" || test "$dlopen_support" != yes || test "$build_libtool_libs" = no; then + # If there is no dlname, no dlopen support or we're linking + # statically, we need to preload. + dlprefiles="$dlprefiles $lib" + else + newdlfiles="$newdlfiles $lib" + fi + continue + fi # $pass = dlopen + + # We need an absolute path. + case $ladir in + [\\/]* | [A-Za-z]:[\\/]*) abs_ladir="$ladir" ;; + *) + abs_ladir=`cd "$ladir" && pwd` + if test -z "$abs_ladir"; then + $echo "$modename: warning: cannot determine absolute directory name of \`$ladir'" 1>&2 + $echo "$modename: passing it literally to the linker, although it might fail" 1>&2 + abs_ladir="$ladir" + fi + ;; + esac + laname=`$echo "X$lib" | $Xsed -e 's%^.*/%%'` + + # Find the relevant object directory and library name. + if test "X$installed" = Xyes; then + if test ! -f "$libdir/$linklib" && test -f "$abs_ladir/$linklib"; then + $echo "$modename: warning: library \`$lib' was moved." 1>&2 + dir="$ladir" + absdir="$abs_ladir" + libdir="$abs_ladir" + else + dir="$libdir" + absdir="$libdir" + fi + else + dir="$ladir/$objdir" + absdir="$abs_ladir/$objdir" + # Remove this search path later + notinst_path="$notinst_path $abs_ladir" + fi # $installed = yes + name=`$echo "X$laname" | $Xsed -e 's/\.la$//' -e 's/^lib//'` + + # This library was specified with -dlpreopen. + if test $pass = dlpreopen; then + if test -z "$libdir"; then + $echo "$modename: cannot -dlpreopen a convenience library: \`$lib'" 1>&2 + exit 1 + fi + # Prefer using a static library (so that no silly _DYNAMIC symbols + # are required to link). + if test -n "$old_library"; then + newdlprefiles="$newdlprefiles $dir/$old_library" + # Otherwise, use the dlname, so that lt_dlopen finds it. + elif test -n "$dlname"; then + newdlprefiles="$newdlprefiles $dir/$dlname" + else + newdlprefiles="$newdlprefiles $dir/$linklib" + fi + fi # $pass = dlpreopen + + if test -z "$libdir"; then + # Link the convenience library + if test $linkmode = lib; then + deplibs="$dir/$old_library $deplibs" + elif test "$linkmode,$pass" = "prog,link"; then + compile_deplibs="$dir/$old_library $compile_deplibs" + finalize_deplibs="$dir/$old_library $finalize_deplibs" + else + deplibs="$lib $deplibs" + fi + continue + fi + + if test $linkmode = prog && test $pass != link; then + newlib_search_path="$newlib_search_path $ladir" + deplibs="$lib $deplibs" + + linkalldeplibs=no + if test "$link_all_deplibs" != no || test -z "$library_names" || + test "$build_libtool_libs" = no; then + linkalldeplibs=yes + fi + + tmp_libs= + for deplib in $dependency_libs; do + case $deplib in + -L*) newlib_search_path="$newlib_search_path "`$echo "X$deplib" | $Xsed -e 's/^-L//'`;; ### testsuite: skip nested quoting test + esac + # Need to link against all dependency_libs? + if test $linkalldeplibs = yes; then + deplibs="$deplib $deplibs" + else + # Need to hardcode shared library paths + # or/and link against static libraries + newdependency_libs="$deplib $newdependency_libs" + fi + case "$tmp_libs " in + *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; + esac + tmp_libs="$tmp_libs $deplib" + done # for deplib + continue + fi # $linkmode = prog... + + link_static=no # Whether the deplib will be linked statically + if test -n "$library_names" && + { test "$prefer_static_libs" = no || test -z "$old_library"; }; then + # Link against this shared library + + if test "$linkmode,$pass" = "prog,link" || + { test $linkmode = lib && test $hardcode_into_libs = yes; }; then + # Hardcode the library path. + # Skip directories that are in the system default run-time + # search path. + case " $sys_lib_dlsearch_path " in + *" $absdir "*) ;; + *) + case "$compile_rpath " in + *" $absdir "*) ;; + *) compile_rpath="$compile_rpath $absdir" + esac + ;; + esac + case " $sys_lib_dlsearch_path " in + *" $libdir "*) ;; + *) + case "$finalize_rpath " in + *" $libdir "*) ;; + *) finalize_rpath="$finalize_rpath $libdir" + esac + ;; + esac + if test $linkmode = prog; then + # We need to hardcode the library path + if test -n "$shlibpath_var"; then + # Make sure the rpath contains only unique directories. + case "$temp_rpath " in + *" $dir "*) ;; + *" $absdir "*) ;; + *) temp_rpath="$temp_rpath $dir" ;; + esac + fi + fi + fi # $linkmode,$pass = prog,link... + + if test "$alldeplibs" = yes && + { test "$deplibs_check_method" = pass_all || + { test "$build_libtool_libs" = yes && + test -n "$library_names"; }; }; then + # We only need to search for static libraries + continue + fi + + if test "$installed" = no; then + notinst_deplibs="$notinst_deplibs $lib" + need_relink=yes + fi + + if test -n "$old_archive_from_expsyms_cmds"; then + # figure out the soname + set dummy $library_names + realname="$2" + shift; shift + libname=`eval \\$echo \"$libname_spec\"` + # use dlname if we got it. it's perfectly good, no? + if test -n "$dlname"; then + soname="$dlname" + elif test -n "$soname_spec"; then + # bleh windows + case $host in + *cygwin*) + major=`expr $current - $age` + versuffix="-$major" + ;; + esac + eval soname=\"$soname_spec\" + else + soname="$realname" + fi + + # Make a new name for the extract_expsyms_cmds to use + soroot="$soname" + soname=`echo $soroot | sed -e 's/^.*\///'` + newlib="libimp-`echo $soname | sed 's/^lib//;s/\.dll$//'`.a" + + # If the library has no export list, then create one now + if test -f "$output_objdir/$soname-def"; then : + else + $show "extracting exported symbol list from \`$soname'" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + eval cmds=\"$extract_expsyms_cmds\" + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + fi + + # Create $newlib + if test -f "$output_objdir/$newlib"; then :; else + $show "generating import library for \`$soname'" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + eval cmds=\"$old_archive_from_expsyms_cmds\" + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + fi + # make sure the library variables are pointing to the new library + dir=$output_objdir + linklib=$newlib + fi # test -n $old_archive_from_expsyms_cmds + + if test $linkmode = prog || test "$mode" != relink; then + add_shlibpath= + add_dir= + add= + lib_linked=yes + case $hardcode_action in + immediate | unsupported) + if test "$hardcode_direct" = no; then + add="$dir/$linklib" + elif test "$hardcode_minus_L" = no; then + case $host in + *-*-sunos*) add_shlibpath="$dir" ;; + esac + add_dir="-L$dir" + add="-l$name" + elif test "$hardcode_shlibpath_var" = no; then + add_shlibpath="$dir" + add="-l$name" + else + lib_linked=no + fi + ;; + relink) + if test "$hardcode_direct" = yes; then + add="$dir/$linklib" + elif test "$hardcode_minus_L" = yes; then + add_dir="-L$dir" + add="-l$name" + elif test "$hardcode_shlibpath_var" = yes; then + add_shlibpath="$dir" + add="-l$name" + else + lib_linked=no + fi + ;; + *) lib_linked=no ;; + esac + + if test "$lib_linked" != yes; then + $echo "$modename: configuration error: unsupported hardcode properties" + exit 1 + fi + + if test -n "$add_shlibpath"; then + case :$compile_shlibpath: in + *":$add_shlibpath:"*) ;; + *) compile_shlibpath="$compile_shlibpath$add_shlibpath:" ;; + esac + fi + if test $linkmode = prog; then + test -n "$add_dir" && compile_deplibs="$add_dir $compile_deplibs" + test -n "$add" && compile_deplibs="$add $compile_deplibs" + else + test -n "$add_dir" && deplibs="$add_dir $deplibs" + test -n "$add" && deplibs="$add $deplibs" + if test "$hardcode_direct" != yes && \ + test "$hardcode_minus_L" != yes && \ + test "$hardcode_shlibpath_var" = yes; then + case :$finalize_shlibpath: in + *":$libdir:"*) ;; + *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;; + esac + fi + fi + fi + + if test $linkmode = prog || test "$mode" = relink; then + add_shlibpath= + add_dir= + add= + # Finalize command for both is simple: just hardcode it. + if test "$hardcode_direct" = yes; then + add="$libdir/$linklib" + elif test "$hardcode_minus_L" = yes; then + add_dir="-L$libdir" + add="-l$name" + elif test "$hardcode_shlibpath_var" = yes; then + case :$finalize_shlibpath: in + *":$libdir:"*) ;; + *) finalize_shlibpath="$finalize_shlibpath$libdir:" ;; + esac + add="-l$name" + else + # We cannot seem to hardcode it, guess we'll fake it. + add_dir="-L$libdir" + add="-l$name" + fi + + if test $linkmode = prog; then + test -n "$add_dir" && finalize_deplibs="$add_dir $finalize_deplibs" + test -n "$add" && finalize_deplibs="$add $finalize_deplibs" + else + test -n "$add_dir" && deplibs="$add_dir $deplibs" + test -n "$add" && deplibs="$add $deplibs" + fi + fi + elif test $linkmode = prog; then + if test "$alldeplibs" = yes && + { test "$deplibs_check_method" = pass_all || + { test "$build_libtool_libs" = yes && + test -n "$library_names"; }; }; then + # We only need to search for static libraries + continue + fi + + # Try to link the static library + # Here we assume that one of hardcode_direct or hardcode_minus_L + # is not unsupported. This is valid on all known static and + # shared platforms. + if test "$hardcode_direct" != unsupported; then + test -n "$old_library" && linklib="$old_library" + compile_deplibs="$dir/$linklib $compile_deplibs" + finalize_deplibs="$dir/$linklib $finalize_deplibs" + else + compile_deplibs="-l$name -L$dir $compile_deplibs" + finalize_deplibs="-l$name -L$dir $finalize_deplibs" + fi + elif test "$build_libtool_libs" = yes; then + # Not a shared library + if test "$deplibs_check_method" != pass_all; then + # We're trying link a shared library against a static one + # but the system doesn't support it. + + # Just print a warning and add the library to dependency_libs so + # that the program can be linked against the static library. + echo + echo "*** Warning: This library needs some functionality provided by $lib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have." + if test "$module" = yes; then + echo "*** Therefore, libtool will create a static module, that should work " + echo "*** as long as the dlopening application is linked with the -dlopen flag." + if test -z "$global_symbol_pipe"; then + echo + echo "*** However, this would only work if libtool was able to extract symbol" + echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** not find such a program. So, this module is probably useless." + echo "*** \`nm' from GNU binutils and a full rebuild may help." + fi + if test "$build_old_libs" = no; then + build_libtool_libs=module + build_old_libs=yes + else + build_libtool_libs=no + fi + fi + else + convenience="$convenience $dir/$old_library" + old_convenience="$old_convenience $dir/$old_library" + deplibs="$dir/$old_library $deplibs" + link_static=yes + fi + fi # link shared/static library? + + if test $linkmode = lib; then + if test -n "$dependency_libs" && + { test $hardcode_into_libs != yes || test $build_old_libs = yes || + test $link_static = yes; }; then + # Extract -R from dependency_libs + temp_deplibs= + for libdir in $dependency_libs; do + case $libdir in + -R*) temp_xrpath=`$echo "X$libdir" | $Xsed -e 's/^-R//'` + case " $xrpath " in + *" $temp_xrpath "*) ;; + *) xrpath="$xrpath $temp_xrpath";; + esac;; + *) temp_deplibs="$temp_deplibs $libdir";; + esac + done + dependency_libs="$temp_deplibs" + fi + + newlib_search_path="$newlib_search_path $absdir" + # Link against this library + test "$link_static" = no && newdependency_libs="$abs_ladir/$laname $newdependency_libs" + # ... and its dependency_libs + tmp_libs= + for deplib in $dependency_libs; do + newdependency_libs="$deplib $newdependency_libs" + case "$tmp_libs " in + *" $deplib "*) specialdeplibs="$specialdeplibs $deplib" ;; + esac + tmp_libs="$tmp_libs $deplib" + done + + if test $link_all_deplibs != no; then + # Add the search paths of all dependency libraries + for deplib in $dependency_libs; do + case $deplib in + -L*) path="$deplib" ;; + *.la) + dir=`$echo "X$deplib" | $Xsed -e 's%/[^/]*$%%'` + test "X$dir" = "X$deplib" && dir="." + # We need an absolute path. + case $dir in + [\\/]* | [A-Za-z]:[\\/]*) absdir="$dir" ;; + *) + absdir=`cd "$dir" && pwd` + if test -z "$absdir"; then + $echo "$modename: warning: cannot determine absolute directory name of \`$dir'" 1>&2 + absdir="$dir" + fi + ;; + esac + if grep "^installed=no" $deplib > /dev/null; then + path="-L$absdir/$objdir" + else + eval libdir=`sed -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + if test -z "$libdir"; then + $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2 + exit 1 + fi + if test "$absdir" != "$libdir"; then + $echo "$modename: warning: \`$deplib' seems to be moved" 1>&2 + fi + path="-L$absdir" + fi + ;; + *) continue ;; + esac + case " $deplibs " in + *" $path "*) ;; + *) deplibs="$deplibs $path" ;; + esac + done + fi # link_all_deplibs != no + fi # linkmode = lib + done # for deplib in $libs + if test $pass = dlpreopen; then + # Link the dlpreopened libraries before other libraries + for deplib in $save_deplibs; do + deplibs="$deplib $deplibs" + done + fi + if test $pass != dlopen; then + test $pass != scan && dependency_libs="$newdependency_libs" + if test $pass != conv; then + # Make sure lib_search_path contains only unique directories. + lib_search_path= + for dir in $newlib_search_path; do + case "$lib_search_path " in + *" $dir "*) ;; + *) lib_search_path="$lib_search_path $dir" ;; + esac + done + newlib_search_path= + fi + + if test "$linkmode,$pass" != "prog,link"; then + vars="deplibs" + else + vars="compile_deplibs finalize_deplibs" + fi + for var in $vars dependency_libs; do + # Add libraries to $var in reverse order + eval tmp_libs=\"\$$var\" + new_libs= + for deplib in $tmp_libs; do + case $deplib in + -L*) new_libs="$deplib $new_libs" ;; + *) + case " $specialdeplibs " in + *" $deplib "*) new_libs="$deplib $new_libs" ;; + *) + case " $new_libs " in + *" $deplib "*) ;; + *) new_libs="$deplib $new_libs" ;; + esac + ;; + esac + ;; + esac + done + tmp_libs= + for deplib in $new_libs; do + case $deplib in + -L*) + case " $tmp_libs " in + *" $deplib "*) ;; + *) tmp_libs="$tmp_libs $deplib" ;; + esac + ;; + *) tmp_libs="$tmp_libs $deplib" ;; + esac + done + eval $var=\"$tmp_libs\" + done # for var + fi + if test "$pass" = "conv" && + { test "$linkmode" = "lib" || test "$linkmode" = "prog"; }; then + libs="$deplibs" # reset libs + deplibs= + fi + done # for pass + if test $linkmode = prog; then + dlfiles="$newdlfiles" + dlprefiles="$newdlprefiles" + fi + + case $linkmode in + oldlib) + if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + $echo "$modename: warning: \`-dlopen' is ignored for archives" 1>&2 + fi + + if test -n "$rpath"; then + $echo "$modename: warning: \`-rpath' is ignored for archives" 1>&2 + fi + + if test -n "$xrpath"; then + $echo "$modename: warning: \`-R' is ignored for archives" 1>&2 + fi + + if test -n "$vinfo"; then + $echo "$modename: warning: \`-version-info' is ignored for archives" 1>&2 + fi + + if test -n "$release"; then + $echo "$modename: warning: \`-release' is ignored for archives" 1>&2 + fi + + if test -n "$export_symbols" || test -n "$export_symbols_regex"; then + $echo "$modename: warning: \`-export-symbols' is ignored for archives" 1>&2 + fi + + # Now set the variables for building old libraries. + build_libtool_libs=no + oldlibs="$output" + objs="$objs$old_deplibs" + ;; + + lib) + # Make sure we only generate libraries of the form `libNAME.la'. + case $outputname in + lib*) + name=`$echo "X$outputname" | $Xsed -e 's/\.la$//' -e 's/^lib//'` + eval libname=\"$libname_spec\" + ;; + *) + if test "$module" = no; then + $echo "$modename: libtool library \`$output' must begin with \`lib'" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + if test "$need_lib_prefix" != no; then + # Add the "lib" prefix for modules if required + name=`$echo "X$outputname" | $Xsed -e 's/\.la$//'` + eval libname=\"$libname_spec\" + else + libname=`$echo "X$outputname" | $Xsed -e 's/\.la$//'` + fi + ;; + esac + + if test -n "$objs"; then + if test "$deplibs_check_method" != pass_all; then + $echo "$modename: cannot build libtool library \`$output' from non-libtool objects on this host:$objs" 2>&1 + exit 1 + else + echo + echo "*** Warning: Linking the shared library $output against the non-libtool" + echo "*** objects $objs is not portable!" + libobjs="$libobjs $objs" + fi + fi + + if test "$dlself" != no; then + $echo "$modename: warning: \`-dlopen self' is ignored for libtool libraries" 1>&2 + fi + + set dummy $rpath + if test $# -gt 2; then + $echo "$modename: warning: ignoring multiple \`-rpath's for a libtool library" 1>&2 + fi + install_libdir="$2" + + oldlibs= + if test -z "$rpath"; then + if test "$build_libtool_libs" = yes; then + # Building a libtool convenience library. + libext=al + oldlibs="$output_objdir/$libname.$libext $oldlibs" + build_libtool_libs=convenience + build_old_libs=yes + fi + + if test -n "$vinfo"; then + $echo "$modename: warning: \`-version-info' is ignored for convenience libraries" 1>&2 + fi + + if test -n "$release"; then + $echo "$modename: warning: \`-release' is ignored for convenience libraries" 1>&2 + fi + else + + # Parse the version information argument. + IFS="${IFS= }"; save_ifs="$IFS"; IFS=':' + set dummy $vinfo 0 0 0 + IFS="$save_ifs" + + if test -n "$8"; then + $echo "$modename: too many parameters to \`-version-info'" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + current="$2" + revision="$3" + age="$4" + + # Check that each of the things are valid numbers. + case $current in + 0 | [1-9] | [1-9][0-9] | [1-9][0-9][0-9]) ;; + *) + $echo "$modename: CURRENT \`$current' is not a nonnegative integer" 1>&2 + $echo "$modename: \`$vinfo' is not valid version information" 1>&2 + exit 1 + ;; + esac + + case $revision in + 0 | [1-9] | [1-9][0-9] | [1-9][0-9][0-9]) ;; + *) + $echo "$modename: REVISION \`$revision' is not a nonnegative integer" 1>&2 + $echo "$modename: \`$vinfo' is not valid version information" 1>&2 + exit 1 + ;; + esac + + case $age in + 0 | [1-9] | [1-9][0-9] | [1-9][0-9][0-9]) ;; + *) + $echo "$modename: AGE \`$age' is not a nonnegative integer" 1>&2 + $echo "$modename: \`$vinfo' is not valid version information" 1>&2 + exit 1 + ;; + esac + + if test $age -gt $current; then + $echo "$modename: AGE \`$age' is greater than the current interface number \`$current'" 1>&2 + $echo "$modename: \`$vinfo' is not valid version information" 1>&2 + exit 1 + fi + + # Calculate the version variables. + major= + versuffix= + verstring= + case $version_type in + none) ;; + + darwin) + # Like Linux, but with the current version available in + # verstring for coding it into the library header + major=.`expr $current - $age` + versuffix="$major.$age.$revision" + # Darwin ld doesn't like 0 for these options... + minor_current=`expr $current + 1` + verstring="-compatibility_version $minor_current -current_version $minor_current.$revision" + ;; + + freebsd-aout) + major=".$current" + versuffix=".$current.$revision"; + ;; + + freebsd-elf) + major=".$current" + versuffix=".$current"; + ;; + + irix) + major=`expr $current - $age + 1` + verstring="sgi$major.$revision" + + # Add in all the interfaces that we are compatible with. + loop=$revision + while test $loop != 0; do + iface=`expr $revision - $loop` + loop=`expr $loop - 1` + verstring="sgi$major.$iface:$verstring" + done + + # Before this point, $major must not contain `.'. + major=.$major + versuffix="$major.$revision" + ;; + + linux) + major=.`expr $current - $age` + versuffix="$major.$age.$revision" + ;; + + osf) + major=`expr $current - $age` + versuffix=".$current.$age.$revision" + verstring="$current.$age.$revision" + + # Add in all the interfaces that we are compatible with. + loop=$age + while test $loop != 0; do + iface=`expr $current - $loop` + loop=`expr $loop - 1` + verstring="$verstring:${iface}.0" + done + + # Make executables depend on our current version. + verstring="$verstring:${current}.0" + ;; + + sunos) + major=".$current" + versuffix=".$current.$revision" + ;; + + windows) + # Use '-' rather than '.', since we only want one + # extension on DOS 8.3 filesystems. + major=`expr $current - $age` + versuffix="-$major" + ;; + + *) + $echo "$modename: unknown library version type \`$version_type'" 1>&2 + echo "Fatal configuration error. See the $PACKAGE docs for more information." 1>&2 + exit 1 + ;; + esac + + # Clear the version info if we defaulted, and they specified a release. + if test -z "$vinfo" && test -n "$release"; then + major= + verstring="0.0" + if test "$need_version" = no; then + versuffix= + else + versuffix=".0.0" + fi + fi + + # Remove version info from name if versioning should be avoided + if test "$avoid_version" = yes && test "$need_version" = no; then + major= + versuffix= + verstring="" + fi + + # Check to see if the archive will have undefined symbols. + if test "$allow_undefined" = yes; then + if test "$allow_undefined_flag" = unsupported; then + $echo "$modename: warning: undefined symbols not allowed in $host shared libraries" 1>&2 + build_libtool_libs=no + build_old_libs=yes + fi + else + # Don't allow undefined symbols. + allow_undefined_flag="$no_undefined_flag" + fi + fi + + if test "$mode" != relink; then + # Remove our outputs. + $show "${rm}r $output_objdir/$outputname $output_objdir/$libname.* $output_objdir/${libname}${release}.*" + $run ${rm}r $output_objdir/$outputname $output_objdir/$libname.* $output_objdir/${libname}${release}.* + fi + + # Now set the variables for building old libraries. + if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then + oldlibs="$oldlibs $output_objdir/$libname.$libext" + + # Transform .lo files to .o files. + oldobjs="$objs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e "$lo2o" | $NL2SP` + fi + + # Eliminate all temporary directories. + for path in $notinst_path; do + lib_search_path=`echo "$lib_search_path " | sed -e 's% $path % %g'` + deplibs=`echo "$deplibs " | sed -e 's% -L$path % %g'` + dependency_libs=`echo "$dependency_libs " | sed -e 's% -L$path % %g'` + done + + if test -n "$xrpath"; then + # If the user specified any rpath flags, then add them. + temp_xrpath= + for libdir in $xrpath; do + temp_xrpath="$temp_xrpath -R$libdir" + case "$finalize_rpath " in + *" $libdir "*) ;; + *) finalize_rpath="$finalize_rpath $libdir" ;; + esac + done + if test $hardcode_into_libs != yes || test $build_old_libs = yes; then + dependency_libs="$temp_xrpath $dependency_libs" + fi + fi + + # Make sure dlfiles contains only unique files that won't be dlpreopened + old_dlfiles="$dlfiles" + dlfiles= + for lib in $old_dlfiles; do + case " $dlprefiles $dlfiles " in + *" $lib "*) ;; + *) dlfiles="$dlfiles $lib" ;; + esac + done + + # Make sure dlprefiles contains only unique files + old_dlprefiles="$dlprefiles" + dlprefiles= + for lib in $old_dlprefiles; do + case "$dlprefiles " in + *" $lib "*) ;; + *) dlprefiles="$dlprefiles $lib" ;; + esac + done + + if test "$build_libtool_libs" = yes; then + if test -n "$rpath"; then + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2* | *-*-beos*) + # these systems don't actually have a c library (as such)! + ;; + *-*-rhapsody* | *-*-darwin1.[012]) + # Rhapsody C library is in the System framework + deplibs="$deplibs -framework System" + ;; + *-*-netbsd*) + # Don't link with libc until the a.out ld.so is fixed. + ;; + *) + # Add libc to deplibs on all other systems if necessary. + if test $build_libtool_need_lc = "yes"; then + deplibs="$deplibs -lc" + fi + ;; + esac + fi + + # Transform deplibs into only deplibs that can be linked in shared. + name_save=$name + libname_save=$libname + release_save=$release + versuffix_save=$versuffix + major_save=$major + # I'm not sure if I'm treating the release correctly. I think + # release should show up in the -l (ie -lgmp5) so we don't want to + # add it in twice. Is that correct? + release="" + versuffix="" + major="" + newdeplibs= + droppeddeps=no + case $deplibs_check_method in + pass_all) + # Don't check for shared/static. Everything works. + # This might be a little naive. We might want to check + # whether the library exists or not. But this is on + # osf3 & osf4 and I'm not really sure... Just + # implementing what was already the behaviour. + newdeplibs=$deplibs + ;; + test_compile) + # This code stresses the "libraries are programs" paradigm to its + # limits. Maybe even breaks it. We compile a program, linking it + # against the deplibs as a proxy for the library. Then we can check + # whether they linked in statically or dynamically with ldd. + $rm conftest.c + cat > conftest.c <<EOF + int main() { return 0; } +EOF + $rm conftest + $CC -o conftest conftest.c $deplibs + if test $? -eq 0 ; then + ldd_output=`ldd conftest` + for i in $deplibs; do + name="`expr $i : '-l\(.*\)'`" + # If $name is empty we are operating on a -L argument. + if test -n "$name" && test "$name" != "0"; then + libname=`eval \\$echo \"$libname_spec\"` + deplib_matches=`eval \\$echo \"$library_names_spec\"` + set dummy $deplib_matches + deplib_match=$2 + if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then + newdeplibs="$newdeplibs $i" + else + droppeddeps=yes + echo + echo "*** Warning: This library needs some functionality provided by $i." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have." + fi + else + newdeplibs="$newdeplibs $i" + fi + done + else + # Error occured in the first compile. Let's try to salvage the situation: + # Compile a seperate program for each library. + for i in $deplibs; do + name="`expr $i : '-l\(.*\)'`" + # If $name is empty we are operating on a -L argument. + if test -n "$name" && test "$name" != "0"; then + $rm conftest + $CC -o conftest conftest.c $i + # Did it work? + if test $? -eq 0 ; then + ldd_output=`ldd conftest` + libname=`eval \\$echo \"$libname_spec\"` + deplib_matches=`eval \\$echo \"$library_names_spec\"` + set dummy $deplib_matches + deplib_match=$2 + if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then + newdeplibs="$newdeplibs $i" + else + droppeddeps=yes + echo + echo "*** Warning: This library needs some functionality provided by $i." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have." + fi + else + droppeddeps=yes + echo + echo "*** Warning! Library $i is needed by this library but I was not able to" + echo "*** make it link in! You will probably need to install it or some" + echo "*** library that it depends on before this library will be fully" + echo "*** functional. Installing it before continuing would be even better." + fi + else + newdeplibs="$newdeplibs $i" + fi + done + fi + ;; + file_magic*) + set dummy $deplibs_check_method + file_magic_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"` + for a_deplib in $deplibs; do + name="`expr $a_deplib : '-l\(.*\)'`" + # If $name is empty we are operating on a -L argument. + if test -n "$name" && test "$name" != "0"; then + libname=`eval \\$echo \"$libname_spec\"` + for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do + potential_libs=`ls $i/$libname[.-]* 2>/dev/null` + for potent_lib in $potential_libs; do + # Follow soft links. + if ls -lLd "$potent_lib" 2>/dev/null \ + | grep " -> " >/dev/null; then + continue + fi + # The statement above tries to avoid entering an + # endless loop below, in case of cyclic links. + # We might still enter an endless loop, since a link + # loop can be closed while we follow links, + # but so what? + potlib="$potent_lib" + while test -h "$potlib" 2>/dev/null; do + potliblink=`ls -ld $potlib | sed 's/.* -> //'` + case $potliblink in + [\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";; + *) potlib=`$echo "X$potlib" | $Xsed -e 's,[^/]*$,,'`"$potliblink";; + esac + done + if eval $file_magic_cmd \"\$potlib\" 2>/dev/null \ + | sed 10q \ + | egrep "$file_magic_regex" > /dev/null; then + newdeplibs="$newdeplibs $a_deplib" + a_deplib="" + break 2 + fi + done + done + if test -n "$a_deplib" ; then + droppeddeps=yes + echo + echo "*** Warning: This library needs some functionality provided by $a_deplib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have." + fi + else + # Add a -L argument. + newdeplibs="$newdeplibs $a_deplib" + fi + done # Gone through all deplibs. + ;; + match_pattern*) + set dummy $deplibs_check_method + match_pattern_regex=`expr "$deplibs_check_method" : "$2 \(.*\)"` + for a_deplib in $deplibs; do + name="`expr $a_deplib : '-l\(.*\)'`" + # If $name is empty we are operating on a -L argument. + if test -n "$name" && test "$name" != "0"; then + libname=`eval \\$echo \"$libname_spec\"` + for i in $lib_search_path $sys_lib_search_path $shlib_search_path; do + potential_libs=`ls $i/$libname[.-]* 2>/dev/null` + for potent_lib in $potential_libs; do + if eval echo \"$potent_lib\" 2>/dev/null \ + | sed 10q \ + | egrep "$match_pattern_regex" > /dev/null; then + newdeplibs="$newdeplibs $a_deplib" + a_deplib="" + break 2 + fi + done + done + if test -n "$a_deplib" ; then + droppeddeps=yes + echo + echo "*** Warning: This library needs some functionality provided by $a_deplib." + echo "*** I have the capability to make that library automatically link in when" + echo "*** you link to this library. But I can only do this if you have a" + echo "*** shared version of the library, which you do not appear to have." + fi + else + # Add a -L argument. + newdeplibs="$newdeplibs $a_deplib" + fi + done # Gone through all deplibs. + ;; + none | unknown | *) + newdeplibs="" + if $echo "X $deplibs" | $Xsed -e 's/ -lc$//' \ + -e 's/ -[LR][^ ]*//g' -e 's/[ ]//g' | + grep . >/dev/null; then + echo + if test "X$deplibs_check_method" = "Xnone"; then + echo "*** Warning: inter-library dependencies are not supported in this platform." + else + echo "*** Warning: inter-library dependencies are not known to be supported." + fi + echo "*** All declared inter-library dependencies are being dropped." + droppeddeps=yes + fi + ;; + esac + versuffix=$versuffix_save + major=$major_save + release=$release_save + libname=$libname_save + name=$name_save + + case $host in + *-*-rhapsody* | *-*-darwin1.[012]) + # On Rhapsody replace the C library is the System framework + newdeplibs=`$echo "X $newdeplibs" | $Xsed -e 's/ -lc / -framework System /'` + ;; + esac + + if test "$droppeddeps" = yes; then + if test "$module" = yes; then + echo + echo "*** Warning: libtool could not satisfy all declared inter-library" + echo "*** dependencies of module $libname. Therefore, libtool will create" + echo "*** a static module, that should work as long as the dlopening" + echo "*** application is linked with the -dlopen flag." + if test -z "$global_symbol_pipe"; then + echo + echo "*** However, this would only work if libtool was able to extract symbol" + echo "*** lists from a program, using \`nm' or equivalent, but libtool could" + echo "*** not find such a program. So, this module is probably useless." + echo "*** \`nm' from GNU binutils and a full rebuild may help." + fi + if test "$build_old_libs" = no; then + oldlibs="$output_objdir/$libname.$libext" + build_libtool_libs=module + build_old_libs=yes + else + build_libtool_libs=no + fi + else + echo "*** The inter-library dependencies that have been dropped here will be" + echo "*** automatically added whenever a program is linked with this library" + echo "*** or is declared to -dlopen it." + + if test $allow_undefined = no; then + echo + echo "*** Since this library must not contain undefined symbols," + echo "*** because either the platform does not support them or" + echo "*** it was explicitly requested with -no-undefined," + echo "*** libtool will only create a static version of it." + if test "$build_old_libs" = no; then + oldlibs="$output_objdir/$libname.$libext" + build_libtool_libs=module + build_old_libs=yes + else + build_libtool_libs=no + fi + fi + fi + fi + # Done checking deplibs! + deplibs=$newdeplibs + fi + + # All the library-specific variables (install_libdir is set above). + library_names= + old_library= + dlname= + + # Test again, we may have decided not to build it any more + if test "$build_libtool_libs" = yes; then + if test $hardcode_into_libs = yes; then + # Hardcode the library paths + hardcode_libdirs= + dep_rpath= + rpath="$finalize_rpath" + test "$mode" != relink && rpath="$compile_rpath$rpath" + for libdir in $rpath; do + if test -n "$hardcode_libdir_flag_spec"; then + if test -n "$hardcode_libdir_separator"; then + if test -z "$hardcode_libdirs"; then + hardcode_libdirs="$libdir" + else + # Just accumulate the unique libdirs. + case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in + *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) + ;; + *) + hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" + ;; + esac + fi + else + eval flag=\"$hardcode_libdir_flag_spec\" + dep_rpath="$dep_rpath $flag" + fi + elif test -n "$runpath_var"; then + case "$perm_rpath " in + *" $libdir "*) ;; + *) perm_rpath="$perm_rpath $libdir" ;; + esac + fi + done + # Substitute the hardcoded libdirs into the rpath. + if test -n "$hardcode_libdir_separator" && + test -n "$hardcode_libdirs"; then + libdir="$hardcode_libdirs" + eval dep_rpath=\"$hardcode_libdir_flag_spec\" + fi + if test -n "$runpath_var" && test -n "$perm_rpath"; then + # We should set the runpath_var. + rpath= + for dir in $perm_rpath; do + rpath="$rpath$dir:" + done + eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var" + fi + test -n "$dep_rpath" && deplibs="$dep_rpath $deplibs" + fi + + shlibpath="$finalize_shlibpath" + test "$mode" != relink && shlibpath="$compile_shlibpath$shlibpath" + if test -n "$shlibpath"; then + eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" + fi + + # Get the real and link names of the library. + eval library_names=\"$library_names_spec\" + set dummy $library_names + realname="$2" + shift; shift + + if test -n "$soname_spec"; then + eval soname=\"$soname_spec\" + else + soname="$realname" + fi + test -z "$dlname" && dlname=$soname + + lib="$output_objdir/$realname" + for link + do + linknames="$linknames $link" + done + + # Ensure that we have .o objects for linkers which dislike .lo + # (e.g. aix) in case we are running --disable-static + for obj in $libobjs; do + xdir=`$echo "X$obj" | $Xsed -e 's%/[^/]*$%%'` + if test "X$xdir" = "X$obj"; then + xdir="." + else + xdir="$xdir" + fi + baseobj=`$echo "X$obj" | $Xsed -e 's%^.*/%%'` + oldobj=`$echo "X$baseobj" | $Xsed -e "$lo2o"` + if test ! -f $xdir/$oldobj; then + $show "(cd $xdir && ${LN_S} $baseobj $oldobj)" + $run eval '(cd $xdir && ${LN_S} $baseobj $oldobj)' || exit $? + fi + done + + # Use standard objects if they are pic + test -z "$pic_flag" && libobjs=`$echo "X$libobjs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` + + # Prepare the list of exported symbols + if test -z "$export_symbols"; then + if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then + $show "generating symbol list for \`$libname.la'" + export_symbols="$output_objdir/$libname.exp" + $run $rm $export_symbols + eval cmds=\"$export_symbols_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + if test -n "$export_symbols_regex"; then + $show "egrep -e \"$export_symbols_regex\" \"$export_symbols\" > \"${export_symbols}T\"" + $run eval 'egrep -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"' + $show "$mv \"${export_symbols}T\" \"$export_symbols\"" + $run eval '$mv "${export_symbols}T" "$export_symbols"' + fi + fi + fi + + if test -n "$export_symbols" && test -n "$include_expsyms"; then + $run eval '$echo "X$include_expsyms" | $SP2NL >> "$export_symbols"' + fi + + if test -n "$convenience"; then + if test -n "$whole_archive_flag_spec"; then + eval libobjs=\"\$libobjs $whole_archive_flag_spec\" + else + gentop="$output_objdir/${outputname}x" + $show "${rm}r $gentop" + $run ${rm}r "$gentop" + $show "mkdir $gentop" + $run mkdir "$gentop" + status=$? + if test $status -ne 0 && test ! -d "$gentop"; then + exit $status + fi + generated="$generated $gentop" + + for xlib in $convenience; do + # Extract the objects. + case $xlib in + [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;; + *) xabs=`pwd`"/$xlib" ;; + esac + xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'` + xdir="$gentop/$xlib" + + $show "${rm}r $xdir" + $run ${rm}r "$xdir" + $show "mkdir $xdir" + $run mkdir "$xdir" + status=$? + if test $status -ne 0 && test ! -d "$xdir"; then + exit $status + fi + $show "(cd $xdir && $AR x $xabs)" + $run eval "(cd \$xdir && $AR x \$xabs)" || exit $? + + libobjs="$libobjs "`find $xdir -name \*.o -print -o -name \*.lo -print | $NL2SP` + done + fi + fi + + if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then + eval flag=\"$thread_safe_flag_spec\" + linker_flags="$linker_flags $flag" + fi + + # Make a backup of the uninstalled library when relinking + if test "$mode" = relink; then + $run eval '(cd $output_objdir && $rm ${realname}U && $mv $realname ${realname}U)' || exit $? + fi + + # Do each of the archive commands. + if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then + eval cmds=\"$archive_expsym_cmds\" + else + eval cmds=\"$archive_cmds\" + fi + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + + # Restore the uninstalled library and exit + if test "$mode" = relink; then + $run eval '(cd $output_objdir && $rm ${realname}T && $mv $realname ${realname}T && $mv "$realname"U $realname)' || exit $? + exit 0 + fi + + # Create links to the real library. + for linkname in $linknames; do + if test "$realname" != "$linkname"; then + $show "(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)" + $run eval '(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)' || exit $? + fi + done + + # If -module or -export-dynamic was specified, set the dlname. + if test "$module" = yes || test "$export_dynamic" = yes; then + # On all known operating systems, these are identical. + dlname="$soname" + fi + fi + ;; + + obj) + if test -n "$deplibs"; then + $echo "$modename: warning: \`-l' and \`-L' are ignored for objects" 1>&2 + fi + + if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + $echo "$modename: warning: \`-dlopen' is ignored for objects" 1>&2 + fi + + if test -n "$rpath"; then + $echo "$modename: warning: \`-rpath' is ignored for objects" 1>&2 + fi + + if test -n "$xrpath"; then + $echo "$modename: warning: \`-R' is ignored for objects" 1>&2 + fi + + if test -n "$vinfo"; then + $echo "$modename: warning: \`-version-info' is ignored for objects" 1>&2 + fi + + if test -n "$release"; then + $echo "$modename: warning: \`-release' is ignored for objects" 1>&2 + fi + + case $output in + *.lo) + if test -n "$objs$old_deplibs"; then + $echo "$modename: cannot build library object \`$output' from non-libtool objects" 1>&2 + exit 1 + fi + libobj="$output" + obj=`$echo "X$output" | $Xsed -e "$lo2o"` + ;; + *) + libobj= + obj="$output" + ;; + esac + + # Delete the old objects. + $run $rm $obj $libobj + + # Objects from convenience libraries. This assumes + # single-version convenience libraries. Whenever we create + # different ones for PIC/non-PIC, this we'll have to duplicate + # the extraction. + reload_conv_objs= + gentop= + # reload_cmds runs $LD directly, so let us get rid of + # -Wl from whole_archive_flag_spec + wl= + + if test -n "$convenience"; then + if test -n "$whole_archive_flag_spec"; then + eval reload_conv_objs=\"\$reload_objs $whole_archive_flag_spec\" + else + gentop="$output_objdir/${obj}x" + $show "${rm}r $gentop" + $run ${rm}r "$gentop" + $show "mkdir $gentop" + $run mkdir "$gentop" + status=$? + if test $status -ne 0 && test ! -d "$gentop"; then + exit $status + fi + generated="$generated $gentop" + + for xlib in $convenience; do + # Extract the objects. + case $xlib in + [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;; + *) xabs=`pwd`"/$xlib" ;; + esac + xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'` + xdir="$gentop/$xlib" + + $show "${rm}r $xdir" + $run ${rm}r "$xdir" + $show "mkdir $xdir" + $run mkdir "$xdir" + status=$? + if test $status -ne 0 && test ! -d "$xdir"; then + exit $status + fi + $show "(cd $xdir && $AR x $xabs)" + $run eval "(cd \$xdir && $AR x \$xabs)" || exit $? + + reload_conv_objs="$reload_objs "`find $xdir -name \*.o -print -o -name \*.lo -print | $NL2SP` + done + fi + fi + + # Create the old-style object. + reload_objs="$objs$old_deplibs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}$'/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test + + output="$obj" + eval cmds=\"$reload_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + + # Exit if we aren't doing a library object file. + if test -z "$libobj"; then + if test -n "$gentop"; then + $show "${rm}r $gentop" + $run ${rm}r $gentop + fi + + exit 0 + fi + + if test "$build_libtool_libs" != yes; then + if test -n "$gentop"; then + $show "${rm}r $gentop" + $run ${rm}r $gentop + fi + + # Create an invalid libtool object if no PIC, so that we don't + # accidentally link it into a program. + $show "echo timestamp > $libobj" + $run eval "echo timestamp > $libobj" || exit $? + exit 0 + fi + + if test -n "$pic_flag" || test "$pic_mode" != default; then + # Only do commands if we really have different PIC objects. + reload_objs="$libobjs $reload_conv_objs" + output="$libobj" + eval cmds=\"$reload_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + else + # Just create a symlink. + $show $rm $libobj + $run $rm $libobj + xdir=`$echo "X$libobj" | $Xsed -e 's%/[^/]*$%%'` + if test "X$xdir" = "X$libobj"; then + xdir="." + else + xdir="$xdir" + fi + baseobj=`$echo "X$libobj" | $Xsed -e 's%^.*/%%'` + oldobj=`$echo "X$baseobj" | $Xsed -e "$lo2o"` + $show "(cd $xdir && $LN_S $oldobj $baseobj)" + $run eval '(cd $xdir && $LN_S $oldobj $baseobj)' || exit $? + fi + + if test -n "$gentop"; then + $show "${rm}r $gentop" + $run ${rm}r $gentop + fi + + exit 0 + ;; + + prog) + case $host in + *cygwin*) output=`echo $output | sed -e 's,.exe$,,;s,$,.exe,'` ;; + esac + if test -n "$vinfo"; then + $echo "$modename: warning: \`-version-info' is ignored for programs" 1>&2 + fi + + if test -n "$release"; then + $echo "$modename: warning: \`-release' is ignored for programs" 1>&2 + fi + + if test "$preload" = yes; then + if test "$dlopen_support" = unknown && test "$dlopen_self" = unknown && + test "$dlopen_self_static" = unknown; then + $echo "$modename: warning: \`AC_LIBTOOL_DLOPEN' not used. Assuming no dlopen support." + fi + fi + + case $host in + *-*-rhapsody* | *-*-darwin1.[012]) + # On Rhapsody replace the C library is the System framework + compile_deplibs=`$echo "X $compile_deplibs" | $Xsed -e 's/ -lc / -framework System /'` + finalize_deplibs=`$echo "X $finalize_deplibs" | $Xsed -e 's/ -lc / -framework System /'` + ;; + esac + + compile_command="$compile_command $compile_deplibs" + finalize_command="$finalize_command $finalize_deplibs" + + if test -n "$rpath$xrpath"; then + # If the user specified any rpath flags, then add them. + for libdir in $rpath $xrpath; do + # This is the magic to use -rpath. + case "$finalize_rpath " in + *" $libdir "*) ;; + *) finalize_rpath="$finalize_rpath $libdir" ;; + esac + done + fi + + # Now hardcode the library paths + rpath= + hardcode_libdirs= + for libdir in $compile_rpath $finalize_rpath; do + if test -n "$hardcode_libdir_flag_spec"; then + if test -n "$hardcode_libdir_separator"; then + if test -z "$hardcode_libdirs"; then + hardcode_libdirs="$libdir" + else + # Just accumulate the unique libdirs. + case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in + *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) + ;; + *) + hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" + ;; + esac + fi + else + eval flag=\"$hardcode_libdir_flag_spec\" + rpath="$rpath $flag" + fi + elif test -n "$runpath_var"; then + case "$perm_rpath " in + *" $libdir "*) ;; + *) perm_rpath="$perm_rpath $libdir" ;; + esac + fi + case $host in + *-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-os2*) + case :$dllsearchpath: in + *":$libdir:"*) ;; + *) dllsearchpath="$dllsearchpath:$libdir";; + esac + ;; + esac + done + # Substitute the hardcoded libdirs into the rpath. + if test -n "$hardcode_libdir_separator" && + test -n "$hardcode_libdirs"; then + libdir="$hardcode_libdirs" + eval rpath=\" $hardcode_libdir_flag_spec\" + fi + compile_rpath="$rpath" + + rpath= + hardcode_libdirs= + for libdir in $finalize_rpath; do + if test -n "$hardcode_libdir_flag_spec"; then + if test -n "$hardcode_libdir_separator"; then + if test -z "$hardcode_libdirs"; then + hardcode_libdirs="$libdir" + else + # Just accumulate the unique libdirs. + case $hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator in + *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) + ;; + *) + hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" + ;; + esac + fi + else + eval flag=\"$hardcode_libdir_flag_spec\" + rpath="$rpath $flag" + fi + elif test -n "$runpath_var"; then + case "$finalize_perm_rpath " in + *" $libdir "*) ;; + *) finalize_perm_rpath="$finalize_perm_rpath $libdir" ;; + esac + fi + done + # Substitute the hardcoded libdirs into the rpath. + if test -n "$hardcode_libdir_separator" && + test -n "$hardcode_libdirs"; then + libdir="$hardcode_libdirs" + eval rpath=\" $hardcode_libdir_flag_spec\" + fi + finalize_rpath="$rpath" + + if test -n "$libobjs" && test "$build_old_libs" = yes; then + # Transform all the library objects into standard objects. + compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` + finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` + fi + + dlsyms= + if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then + if test -n "$NM" && test -n "$global_symbol_pipe"; then + dlsyms="${outputname}S.c" + else + $echo "$modename: not configured to extract global symbols from dlpreopened files" 1>&2 + fi + fi + + if test -n "$dlsyms"; then + case $dlsyms in + "") ;; + *.c) + # Discover the nlist of each of the dlfiles. + nlist="$output_objdir/${outputname}.nm" + + $show "$rm $nlist ${nlist}S ${nlist}T" + $run $rm "$nlist" "${nlist}S" "${nlist}T" + + # Parse the name list into a source file. + $show "creating $output_objdir/$dlsyms" + + test -z "$run" && $echo > "$output_objdir/$dlsyms" "\ +/* $dlsyms - symbol resolution table for \`$outputname' dlsym emulation. */ +/* Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP */ + +#ifdef __cplusplus +extern \"C\" { +#endif + +/* Prevent the only kind of declaration conflicts we can make. */ +#define lt_preloaded_symbols some_other_symbol + +/* External symbol declarations for the compiler. */\ +" + + if test "$dlself" = yes; then + $show "generating symbol list for \`$output'" + + test -z "$run" && $echo ': @PROGRAM@ ' > "$nlist" + + # Add our own program objects to the symbol list. + progfiles=`$echo "X$objs$old_deplibs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP` + for arg in $progfiles; do + $show "extracting global C symbols from \`$arg'" + $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'" + done + + if test -n "$exclude_expsyms"; then + $run eval 'egrep -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T' + $run eval '$mv "$nlist"T "$nlist"' + fi + + if test -n "$export_symbols_regex"; then + $run eval 'egrep -e "$export_symbols_regex" "$nlist" > "$nlist"T' + $run eval '$mv "$nlist"T "$nlist"' + fi + + # Prepare the list of exported symbols + if test -z "$export_symbols"; then + export_symbols="$output_objdir/$output.exp" + $run $rm $export_symbols + $run eval "sed -n -e '/^: @PROGRAM@$/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"' + else + $run eval "sed -e 's/\([][.*^$]\)/\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$output.exp"' + $run eval 'grep -f "$output_objdir/$output.exp" < "$nlist" > "$nlist"T' + $run eval 'mv "$nlist"T "$nlist"' + fi + fi + + for arg in $dlprefiles; do + $show "extracting global C symbols from \`$arg'" + name=`echo "$arg" | sed -e 's%^.*/%%'` + $run eval 'echo ": $name " >> "$nlist"' + $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'" + done + + if test -z "$run"; then + # Make sure we have at least an empty file. + test -f "$nlist" || : > "$nlist" + + if test -n "$exclude_expsyms"; then + egrep -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T + $mv "$nlist"T "$nlist" + fi + + # Try sorting and uniquifying the output. + if grep -v "^: " < "$nlist" | sort +2 | uniq > "$nlist"S; then + : + else + grep -v "^: " < "$nlist" > "$nlist"S + fi + + if test -f "$nlist"S; then + eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$dlsyms"' + else + echo '/* NONE */' >> "$output_objdir/$dlsyms" + fi + + $echo >> "$output_objdir/$dlsyms" "\ + +#undef lt_preloaded_symbols + +#if defined (__STDC__) && __STDC__ +# define lt_ptr_t void * +#else +# define lt_ptr_t char * +# define const +#endif + +/* The mapping between symbol names and symbols. */ +const struct { + const char *name; + lt_ptr_t address; +} +lt_preloaded_symbols[] = +{\ +" + + sed -n -e 's/^: \([^ ]*\) $/ {\"\1\", (lt_ptr_t) 0},/p' \ + -e 's/^. \([^ ]*\) \([^ ]*\)$/ {"\2", (lt_ptr_t) \&\2},/p' \ + < "$nlist" >> "$output_objdir/$dlsyms" + + $echo >> "$output_objdir/$dlsyms" "\ + {0, (lt_ptr_t) 0} +}; + +/* This works around a problem in FreeBSD linker */ +#ifdef FREEBSD_WORKAROUND +static const void *lt_preloaded_setup() { + return lt_preloaded_symbols; +} +#endif + +#ifdef __cplusplus +} +#endif\ +" + fi + + pic_flag_for_symtable= + case $host in + # compiling the symbol table file with pic_flag works around + # a FreeBSD bug that causes programs to crash when -lm is + # linked before any other PIC object. But we must not use + # pic_flag when linking with -static. The problem exists in + # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. + *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) + case "$compile_command " in + *" -static "*) ;; + *) pic_flag_for_symtable=" $pic_flag -DPIC -DFREEBSD_WORKAROUND";; + esac;; + *-*-hpux*) + case "$compile_command " in + *" -static "*) ;; + *) pic_flag_for_symtable=" $pic_flag -DPIC";; + esac + esac + + # Now compile the dynamic symbol file. + $show "(cd $output_objdir && $CC -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")" + $run eval '(cd $output_objdir && $CC -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $? + + # Clean up the generated files. + $show "$rm $output_objdir/$dlsyms $nlist ${nlist}S ${nlist}T" + $run $rm "$output_objdir/$dlsyms" "$nlist" "${nlist}S" "${nlist}T" + + # Transform the symbol file into the correct name. + compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"` + ;; + *) + $echo "$modename: unknown suffix for \`$dlsyms'" 1>&2 + exit 1 + ;; + esac + else + # We keep going just in case the user didn't refer to + # lt_preloaded_symbols. The linker will fail if global_symbol_pipe + # really was required. + + # Nullify the symbol file. + compile_command=`$echo "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"` + finalize_command=`$echo "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"` + fi + + if test $need_relink = no || test "$build_libtool_libs" != yes; then + # Replace the output file specification. + compile_command=`$echo "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'` + link_command="$compile_command$compile_rpath" + + # We have no uninstalled library dependencies, so finalize right now. + $show "$link_command" + $run eval "$link_command" + status=$? + + # Delete the generated files. + if test -n "$dlsyms"; then + $show "$rm $output_objdir/${outputname}S.${objext}" + $run $rm "$output_objdir/${outputname}S.${objext}" + fi + + exit $status + fi + + if test -n "$shlibpath_var"; then + # We should set the shlibpath_var + rpath= + for dir in $temp_rpath; do + case $dir in + [\\/]* | [A-Za-z]:[\\/]*) + # Absolute path. + rpath="$rpath$dir:" + ;; + *) + # Relative path: add a thisdir entry. + rpath="$rpath\$thisdir/$dir:" + ;; + esac + done + temp_rpath="$rpath" + fi + + if test -n "$compile_shlibpath$finalize_shlibpath"; then + compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command" + fi + if test -n "$finalize_shlibpath"; then + finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command" + fi + + compile_var= + finalize_var= + if test -n "$runpath_var"; then + if test -n "$perm_rpath"; then + # We should set the runpath_var. + rpath= + for dir in $perm_rpath; do + rpath="$rpath$dir:" + done + compile_var="$runpath_var=\"$rpath\$$runpath_var\" " + fi + if test -n "$finalize_perm_rpath"; then + # We should set the runpath_var. + rpath= + for dir in $finalize_perm_rpath; do + rpath="$rpath$dir:" + done + finalize_var="$runpath_var=\"$rpath\$$runpath_var\" " + fi + fi + + if test "$no_install" = yes; then + # We don't need to create a wrapper script. + link_command="$compile_var$compile_command$compile_rpath" + # Replace the output file specification. + link_command=`$echo "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'` + # Delete the old output file. + $run $rm $output + # Link the executable and exit + $show "$link_command" + $run eval "$link_command" || exit $? + exit 0 + fi + + if test "$hardcode_action" = relink; then + # Fast installation is not supported + link_command="$compile_var$compile_command$compile_rpath" + relink_command="$finalize_var$finalize_command$finalize_rpath" + + $echo "$modename: warning: this platform does not like uninstalled shared libraries" 1>&2 + $echo "$modename: \`$output' will be relinked during installation" 1>&2 + else + if test "$fast_install" != no; then + link_command="$finalize_var$compile_command$finalize_rpath" + if test "$fast_install" = yes; then + relink_command=`$echo "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'` + else + # fast_install is set to needless + relink_command= + fi + else + link_command="$compile_var$compile_command$compile_rpath" + relink_command="$finalize_var$finalize_command$finalize_rpath" + fi + fi + + # Replace the output file specification. + link_command=`$echo "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'` + + # Delete the old output files. + $run $rm $output $output_objdir/$outputname $output_objdir/lt-$outputname + + $show "$link_command" + $run eval "$link_command" || exit $? + + # Now create the wrapper script. + $show "creating $output" + + # Quote the relink command for shipping. + if test -n "$relink_command"; then + # Preserve any variables that may affect compiler behavior + for var in $variables_saved_for_relink; do + if eval test -z \"\${$var+set}\"; then + relink_command="{ test -z \"\${$var+set}\" || unset $var || { $var=; export $var; }; }; $relink_command" + elif eval var_value=\$$var; test -z "$var_value"; then + relink_command="$var=; export $var; $relink_command" + else + var_value=`$echo "X$var_value" | $Xsed -e "$sed_quote_subst"` + relink_command="$var=\"$var_value\"; export $var; $relink_command" + fi + done + relink_command="cd `pwd`; $relink_command" + relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"` + fi + + # Quote $echo for shipping. + if test "X$echo" = "X$SHELL $0 --fallback-echo"; then + case $0 in + [\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $0 --fallback-echo";; + *) qecho="$SHELL `pwd`/$0 --fallback-echo";; + esac + qecho=`$echo "X$qecho" | $Xsed -e "$sed_quote_subst"` + else + qecho=`$echo "X$echo" | $Xsed -e "$sed_quote_subst"` + fi + + # Only actually do things if our run command is non-null. + if test -z "$run"; then + # win32 will think the script is a binary if it has + # a .exe suffix, so we strip it off here. + case $output in + *.exe) output=`echo $output|sed 's,.exe$,,'` ;; + esac + # test for cygwin because mv fails w/o .exe extensions + case $host in + *cygwin*) exeext=.exe ;; + *) exeext= ;; + esac + $rm $output + trap "$rm $output; exit 1" 1 2 15 + + $echo > $output "\ +#! $SHELL + +# $output - temporary wrapper script for $objdir/$outputname +# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP +# +# The $output program cannot be directly executed until all the libtool +# libraries that it depends on are installed. +# +# This wrapper script should never be moved out of the build directory. +# If it is, it will not operate correctly. + +# Sed substitution that helps us do robust quoting. It backslashifies +# metacharacters that are still active within double-quoted strings. +Xsed='sed -e 1s/^X//' +sed_quote_subst='$sed_quote_subst' + +# The HP-UX ksh and POSIX shell print the target directory to stdout +# if CDPATH is set. +if test \"\${CDPATH+set}\" = set; then CDPATH=:; export CDPATH; fi + +relink_command=\"$relink_command\" + +# This environment variable determines our operation mode. +if test \"\$libtool_install_magic\" = \"$magic\"; then + # install mode needs the following variable: + notinst_deplibs='$notinst_deplibs' +else + # When we are sourced in execute mode, \$file and \$echo are already set. + if test \"\$libtool_execute_magic\" != \"$magic\"; then + echo=\"$qecho\" + file=\"\$0\" + # Make sure echo works. + if test \"X\$1\" = X--no-reexec; then + # Discard the --no-reexec flag, and continue. + shift + elif test \"X\`(\$echo '\t') 2>/dev/null\`\" = 'X\t'; then + # Yippee, \$echo works! + : + else + # Restart under the correct shell, and then maybe \$echo will work. + exec $SHELL \"\$0\" --no-reexec \${1+\"\$@\"} + fi + fi\ +" + $echo >> $output "\ + + # Find the directory that this script lives in. + thisdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*$%%'\` + test \"x\$thisdir\" = \"x\$file\" && thisdir=. + + # Follow symbolic links until we get to the real thisdir. + file=\`ls -ld \"\$file\" | sed -n 's/.*-> //p'\` + while test -n \"\$file\"; do + destdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*\$%%'\` + + # If there was a directory component, then change thisdir. + if test \"x\$destdir\" != \"x\$file\"; then + case \"\$destdir\" in + [\\\\/]* | [A-Za-z]:[\\\\/]*) thisdir=\"\$destdir\" ;; + *) thisdir=\"\$thisdir/\$destdir\" ;; + esac + fi + + file=\`\$echo \"X\$file\" | \$Xsed -e 's%^.*/%%'\` + file=\`ls -ld \"\$thisdir/\$file\" | sed -n 's/.*-> //p'\` + done + + # Try to get the absolute directory name. + absdir=\`cd \"\$thisdir\" && pwd\` + test -n \"\$absdir\" && thisdir=\"\$absdir\" +" + + if test "$fast_install" = yes; then + echo >> $output "\ + program=lt-'$outputname'$exeext + progdir=\"\$thisdir/$objdir\" + + if test ! -f \"\$progdir/\$program\" || \\ + { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | sed 1q\`; \\ + test \"X\$file\" != \"X\$progdir/\$program\"; }; then + + file=\"\$\$-\$program\" + + if test ! -d \"\$progdir\"; then + $mkdir \"\$progdir\" + else + $rm \"\$progdir/\$file\" + fi" + + echo >> $output "\ + + # relink executable if necessary + if test -n \"\$relink_command\"; then + if (eval \$relink_command); then : + else + $rm \"\$progdir/\$file\" + exit 1 + fi + fi + + $mv \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null || + { $rm \"\$progdir/\$program\"; + $mv \"\$progdir/\$file\" \"\$progdir/\$program\"; } + $rm \"\$progdir/\$file\" + fi" + else + echo >> $output "\ + program='$outputname' + progdir=\"\$thisdir/$objdir\" +" + fi + + echo >> $output "\ + + if test -f \"\$progdir/\$program\"; then" + + # Export our shlibpath_var if we have one. + if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then + $echo >> $output "\ + # Add our own library path to $shlibpath_var + $shlibpath_var=\"$temp_rpath\$$shlibpath_var\" + + # Some systems cannot cope with colon-terminated $shlibpath_var + # The second colon is a workaround for a bug in BeOS R4 sed + $shlibpath_var=\`\$echo \"X\$$shlibpath_var\" | \$Xsed -e 's/::*\$//'\` + + export $shlibpath_var +" + fi + + # fixup the dll searchpath if we need to. + if test -n "$dllsearchpath"; then + $echo >> $output "\ + # Add the dll search path components to the executable PATH + PATH=$dllsearchpath:\$PATH +" + fi + + $echo >> $output "\ + if test \"\$libtool_execute_magic\" != \"$magic\"; then + # Run the actual program with our arguments. +" + case $host in + # win32 systems need to use the prog path for dll + # lookup to work + *-*-cygwin* | *-*-pw32*) + $echo >> $output "\ + exec \$progdir/\$program \${1+\"\$@\"} +" + ;; + + # Backslashes separate directories on plain windows + *-*-mingw | *-*-os2*) + $echo >> $output "\ + exec \$progdir\\\\\$program \${1+\"\$@\"} +" + ;; + + *) + $echo >> $output "\ + # Export the path to the program. + PATH=\"\$progdir:\$PATH\" + export PATH + + exec \$program \${1+\"\$@\"} +" + ;; + esac + $echo >> $output "\ + \$echo \"\$0: cannot exec \$program \${1+\"\$@\"}\" + exit 1 + fi + else + # The program doesn't exist. + \$echo \"\$0: error: \$progdir/\$program does not exist\" 1>&2 + \$echo \"This script is just a wrapper for \$program.\" 1>&2 + echo \"See the $PACKAGE documentation for more information.\" 1>&2 + exit 1 + fi +fi\ +" + chmod +x $output + fi + exit 0 + ;; + esac + + # See if we need to build an old-fashioned archive. + for oldlib in $oldlibs; do + + if test "$build_libtool_libs" = convenience; then + oldobjs="$libobjs_save" + addlibs="$convenience" + build_libtool_libs=no + else + if test "$build_libtool_libs" = module; then + oldobjs="$libobjs_save" + build_libtool_libs=no + else + oldobjs="$objs$old_deplibs "`$echo "X$libobjs_save" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP` + fi + addlibs="$old_convenience" + fi + + if test -n "$addlibs"; then + gentop="$output_objdir/${outputname}x" + $show "${rm}r $gentop" + $run ${rm}r "$gentop" + $show "mkdir $gentop" + $run mkdir "$gentop" + status=$? + if test $status -ne 0 && test ! -d "$gentop"; then + exit $status + fi + generated="$generated $gentop" + + # Add in members from convenience archives. + for xlib in $addlibs; do + # Extract the objects. + case $xlib in + [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;; + *) xabs=`pwd`"/$xlib" ;; + esac + xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'` + xdir="$gentop/$xlib" + + $show "${rm}r $xdir" + $run ${rm}r "$xdir" + $show "mkdir $xdir" + $run mkdir "$xdir" + status=$? + if test $status -ne 0 && test ! -d "$xdir"; then + exit $status + fi + $show "(cd $xdir && $AR x $xabs)" + $run eval "(cd \$xdir && $AR x \$xabs)" || exit $? + + oldobjs="$oldobjs "`find $xdir -name \*.${objext} -print -o -name \*.lo -print | $NL2SP` + done + fi + + # Do each command in the archive commands. + if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then + eval cmds=\"$old_archive_from_new_cmds\" + else + # Ensure that we have .o objects in place in case we decided + # not to build a shared library, and have fallen back to building + # static libs even though --disable-static was passed! + for oldobj in $oldobjs; do + if test ! -f $oldobj; then + xdir=`$echo "X$oldobj" | $Xsed -e 's%/[^/]*$%%'` + if test "X$xdir" = "X$oldobj"; then + xdir="." + else + xdir="$xdir" + fi + baseobj=`$echo "X$oldobj" | $Xsed -e 's%^.*/%%'` + obj=`$echo "X$baseobj" | $Xsed -e "$o2lo"` + $show "(cd $xdir && ${LN_S} $obj $baseobj)" + $run eval '(cd $xdir && ${LN_S} $obj $baseobj)' || exit $? + fi + done + + eval cmds=\"$old_archive_cmds\" + fi + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + done + + if test -n "$generated"; then + $show "${rm}r$generated" + $run ${rm}r$generated + fi + + # Now create the libtool archive. + case $output in + *.la) + old_library= + test "$build_old_libs" = yes && old_library="$libname.$libext" + $show "creating $output" + + # Preserve any variables that may affect compiler behavior + for var in $variables_saved_for_relink; do + if eval test -z \"\${$var+set}\"; then + relink_command="{ test -z \"\${$var+set}\" || unset $var || { $var=; export $var; }; }; $relink_command" + elif eval var_value=\$$var; test -z "$var_value"; then + relink_command="$var=; export $var; $relink_command" + else + var_value=`$echo "X$var_value" | $Xsed -e "$sed_quote_subst"` + relink_command="$var=\"$var_value\"; export $var; $relink_command" + fi + done + # Quote the link command for shipping. + relink_command="cd `pwd`; $SHELL $0 --mode=relink $libtool_args" + relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"` + + # Only create the output if not a dry run. + if test -z "$run"; then + for installed in no yes; do + if test "$installed" = yes; then + if test -z "$install_libdir"; then + break + fi + output="$output_objdir/$outputname"i + # Replace all uninstalled libtool libraries with the installed ones + newdependency_libs= + for deplib in $dependency_libs; do + case $deplib in + *.la) + name=`$echo "X$deplib" | $Xsed -e 's%^.*/%%'` + eval libdir=`sed -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + if test -z "$libdir"; then + $echo "$modename: \`$deplib' is not a valid libtool archive" 1>&2 + exit 1 + fi + newdependency_libs="$newdependency_libs $libdir/$name" + ;; + *) newdependency_libs="$newdependency_libs $deplib" ;; + esac + done + dependency_libs="$newdependency_libs" + newdlfiles= + for lib in $dlfiles; do + name=`$echo "X$lib" | $Xsed -e 's%^.*/%%'` + eval libdir=`sed -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + if test -z "$libdir"; then + $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 + exit 1 + fi + newdlfiles="$newdlfiles $libdir/$name" + done + dlfiles="$newdlfiles" + newdlprefiles= + for lib in $dlprefiles; do + name=`$echo "X$lib" | $Xsed -e 's%^.*/%%'` + eval libdir=`sed -n -e 's/^libdir=\(.*\)$/\1/p' $lib` + if test -z "$libdir"; then + $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 + exit 1 + fi + newdlprefiles="$newdlprefiles $libdir/$name" + done + dlprefiles="$newdlprefiles" + fi + $rm $output + # place dlname in correct position for cygwin + tdlname=$dlname + case $host,$output,$installed,$module,$dlname in + *cygwin*,*lai,yes,no,*.dll) tdlname=../bin/$dlname ;; + esac + $echo > $output "\ +# $outputname - a libtool library file +# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP +# +# Please DO NOT delete this file! +# It is necessary for linking the library. + +# The name that we can dlopen(3). +dlname='$tdlname' + +# Names of this library. +library_names='$library_names' + +# The name of the static archive. +old_library='$old_library' + +# Libraries that this one depends upon. +dependency_libs='$dependency_libs' + +# Version information for $libname. +current=$current +age=$age +revision=$revision + +# Is this an already installed library? +installed=$installed + +# Files to dlopen/dlpreopen +dlopen='$dlfiles' +dlpreopen='$dlprefiles' + +# Directory that this library needs to be installed in: +libdir='$install_libdir'" + if test "$installed" = no && test $need_relink = yes; then + $echo >> $output "\ +relink_command=\"$relink_command\"" + fi + done + fi + + # Do a symbolic link so that the libtool archive can be found in + # LD_LIBRARY_PATH before the program is installed. + $show "(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)" + $run eval '(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)' || exit $? + ;; + esac + exit 0 + ;; + + # libtool install mode + install) + modename="$modename: install" + + # There may be an optional sh(1) argument at the beginning of + # install_prog (especially on Windows NT). + if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh || + # Allow the use of GNU shtool's install command. + $echo "X$nonopt" | $Xsed | grep shtool > /dev/null; then + # Aesthetically quote it. + arg=`$echo "X$nonopt" | $Xsed -e "$sed_quote_subst"` + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*) + arg="\"$arg\"" + ;; + esac + install_prog="$arg " + arg="$1" + shift + else + install_prog= + arg="$nonopt" + fi + + # The real first argument should be the name of the installation program. + # Aesthetically quote it. + arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*) + arg="\"$arg\"" + ;; + esac + install_prog="$install_prog$arg" + + # We need to accept at least all the BSD install flags. + dest= + files= + opts= + prev= + install_type= + isdir=no + stripme= + for arg + do + if test -n "$dest"; then + files="$files $dest" + dest="$arg" + continue + fi + + case $arg in + -d) isdir=yes ;; + -f) prev="-f" ;; + -g) prev="-g" ;; + -m) prev="-m" ;; + -o) prev="-o" ;; + -s) + stripme=" -s" + continue + ;; + -*) ;; + + *) + # If the previous option needed an argument, then skip it. + if test -n "$prev"; then + prev= + else + dest="$arg" + continue + fi + ;; + esac + + # Aesthetically quote the argument. + arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"` + case $arg in + *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \ ]*|*]*) + arg="\"$arg\"" + ;; + esac + install_prog="$install_prog $arg" + done + + if test -z "$install_prog"; then + $echo "$modename: you must specify an install program" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + if test -n "$prev"; then + $echo "$modename: the \`$prev' option requires an argument" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + if test -z "$files"; then + if test -z "$dest"; then + $echo "$modename: no file or destination specified" 1>&2 + else + $echo "$modename: you must specify a destination" 1>&2 + fi + $echo "$help" 1>&2 + exit 1 + fi + + # Strip any trailing slash from the destination. + dest=`$echo "X$dest" | $Xsed -e 's%/$%%'` + + # Check to see that the destination is a directory. + test -d "$dest" && isdir=yes + if test "$isdir" = yes; then + destdir="$dest" + destname= + else + destdir=`$echo "X$dest" | $Xsed -e 's%/[^/]*$%%'` + test "X$destdir" = "X$dest" && destdir=. + destname=`$echo "X$dest" | $Xsed -e 's%^.*/%%'` + + # Not a directory, so check to see that there is only one file specified. + set dummy $files + if test $# -gt 2; then + $echo "$modename: \`$dest' is not a directory" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + fi + case $destdir in + [\\/]* | [A-Za-z]:[\\/]*) ;; + *) + for file in $files; do + case $file in + *.lo) ;; + *) + $echo "$modename: \`$destdir' must be an absolute directory name" 1>&2 + $echo "$help" 1>&2 + exit 1 + ;; + esac + done + ;; + esac + + # This variable tells wrapper scripts just to set variables rather + # than running their programs. + libtool_install_magic="$magic" + + staticlibs= + future_libdirs= + current_libdirs= + for file in $files; do + + # Do each installation. + case $file in + *.$libext) + # Do the static libraries later. + staticlibs="$staticlibs $file" + ;; + + *.la) + # Check to see that this really is a libtool archive. + if (sed -e '2q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then : + else + $echo "$modename: \`$file' is not a valid libtool archive" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + library_names= + old_library= + relink_command= + # If there is no directory component, then add one. + case $file in + */* | *\\*) . $file ;; + *) . ./$file ;; + esac + + # Add the libdir to current_libdirs if it is the destination. + if test "X$destdir" = "X$libdir"; then + case "$current_libdirs " in + *" $libdir "*) ;; + *) current_libdirs="$current_libdirs $libdir" ;; + esac + else + # Note the libdir as a future libdir. + case "$future_libdirs " in + *" $libdir "*) ;; + *) future_libdirs="$future_libdirs $libdir" ;; + esac + fi + + dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`/ + test "X$dir" = "X$file/" && dir= + dir="$dir$objdir" + + if test -n "$relink_command"; then + $echo "$modename: warning: relinking \`$file'" 1>&2 + $show "$relink_command" + if $run eval "$relink_command"; then : + else + $echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2 + continue + fi + fi + + # See the names of the shared library. + set dummy $library_names + if test -n "$2"; then + realname="$2" + shift + shift + + srcname="$realname" + test -n "$relink_command" && srcname="$realname"T + + # Install the shared library and build the symlinks. + $show "$install_prog $dir/$srcname $destdir/$realname" + $run eval "$install_prog $dir/$srcname $destdir/$realname" || exit $? + if test -n "$stripme" && test -n "$striplib"; then + $show "$striplib $destdir/$realname" + $run eval "$striplib $destdir/$realname" || exit $? + fi + + if test $# -gt 0; then + # Delete the old symlinks, and create new ones. + for linkname + do + if test "$linkname" != "$realname"; then + $show "(cd $destdir && $rm $linkname && $LN_S $realname $linkname)" + $run eval "(cd $destdir && $rm $linkname && $LN_S $realname $linkname)" + fi + done + fi + + # Do each command in the postinstall commands. + lib="$destdir/$realname" + eval cmds=\"$postinstall_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + fi + + # Install the pseudo-library for information purposes. + name=`$echo "X$file" | $Xsed -e 's%^.*/%%'` + instname="$dir/$name"i + $show "$install_prog $instname $destdir/$name" + $run eval "$install_prog $instname $destdir/$name" || exit $? + + # Maybe install the static library, too. + test -n "$old_library" && staticlibs="$staticlibs $dir/$old_library" + ;; + + *.lo) + # Install (i.e. copy) a libtool object. + + # Figure out destination file name, if it wasn't already specified. + if test -n "$destname"; then + destfile="$destdir/$destname" + else + destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'` + destfile="$destdir/$destfile" + fi + + # Deduce the name of the destination old-style object file. + case $destfile in + *.lo) + staticdest=`$echo "X$destfile" | $Xsed -e "$lo2o"` + ;; + *.$objext) + staticdest="$destfile" + destfile= + ;; + *) + $echo "$modename: cannot copy a libtool object to \`$destfile'" 1>&2 + $echo "$help" 1>&2 + exit 1 + ;; + esac + + # Install the libtool object if requested. + if test -n "$destfile"; then + $show "$install_prog $file $destfile" + $run eval "$install_prog $file $destfile" || exit $? + fi + + # Install the old object if enabled. + if test "$build_old_libs" = yes; then + # Deduce the name of the old-style object file. + staticobj=`$echo "X$file" | $Xsed -e "$lo2o"` + + $show "$install_prog $staticobj $staticdest" + $run eval "$install_prog \$staticobj \$staticdest" || exit $? + fi + exit 0 + ;; + + *) + # Figure out destination file name, if it wasn't already specified. + if test -n "$destname"; then + destfile="$destdir/$destname" + else + destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'` + destfile="$destdir/$destfile" + fi + + # Do a test to see if this is really a libtool program. + if (sed -e '4q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then + notinst_deplibs= + relink_command= + + # If there is no directory component, then add one. + case $file in + */* | *\\*) . $file ;; + *) . ./$file ;; + esac + + # Check the variables that should have been set. + if test -z "$notinst_deplibs"; then + $echo "$modename: invalid libtool wrapper script \`$file'" 1>&2 + exit 1 + fi + + finalize=yes + for lib in $notinst_deplibs; do + # Check to see that each library is installed. + libdir= + if test -f "$lib"; then + # If there is no directory component, then add one. + case $lib in + */* | *\\*) . $lib ;; + *) . ./$lib ;; + esac + fi + libfile="$libdir/"`$echo "X$lib" | $Xsed -e 's%^.*/%%g'` ### testsuite: skip nested quoting test + if test -n "$libdir" && test ! -f "$libfile"; then + $echo "$modename: warning: \`$lib' has not been installed in \`$libdir'" 1>&2 + finalize=no + fi + done + + relink_command= + # If there is no directory component, then add one. + case $file in + */* | *\\*) . $file ;; + *) . ./$file ;; + esac + + outputname= + if test "$fast_install" = no && test -n "$relink_command"; then + if test "$finalize" = yes && test -z "$run"; then + tmpdir="/tmp" + test -n "$TMPDIR" && tmpdir="$TMPDIR" + tmpdir="$tmpdir/libtool-$$" + if $mkdir -p "$tmpdir" && chmod 700 "$tmpdir"; then : + else + $echo "$modename: error: cannot create temporary directory \`$tmpdir'" 1>&2 + continue + fi + file=`$echo "X$file" | $Xsed -e 's%^.*/%%'` + outputname="$tmpdir/$file" + # Replace the output file specification. + relink_command=`$echo "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'` + + $show "$relink_command" + if $run eval "$relink_command"; then : + else + $echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2 + ${rm}r "$tmpdir" + continue + fi + file="$outputname" + else + $echo "$modename: warning: cannot relink \`$file'" 1>&2 + fi + else + # Install the binary that we compiled earlier. + file=`$echo "X$file" | $Xsed -e "s%\([^/]*\)$%$objdir/\1%"` + fi + fi + + # remove .exe since cygwin /usr/bin/install will append another + # one anyways + case $install_prog,$host in + /usr/bin/install*,*cygwin*) + case $file:$destfile in + *.exe:*.exe) + # this is ok + ;; + *.exe:*) + destfile=$destfile.exe + ;; + *:*.exe) + destfile=`echo $destfile | sed -e 's,.exe$,,'` + ;; + esac + ;; + esac + $show "$install_prog$stripme $file $destfile" + $run eval "$install_prog\$stripme \$file \$destfile" || exit $? + test -n "$outputname" && ${rm}r "$tmpdir" + ;; + esac + done + + for file in $staticlibs; do + name=`$echo "X$file" | $Xsed -e 's%^.*/%%'` + + # Set up the ranlib parameters. + oldlib="$destdir/$name" + + $show "$install_prog $file $oldlib" + $run eval "$install_prog \$file \$oldlib" || exit $? + + if test -n "$stripme" && test -n "$striplib"; then + $show "$old_striplib $oldlib" + $run eval "$old_striplib $oldlib" || exit $? + fi + + # Do each command in the postinstall commands. + eval cmds=\"$old_postinstall_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || exit $? + done + IFS="$save_ifs" + done + + if test -n "$future_libdirs"; then + $echo "$modename: warning: remember to run \`$progname --finish$future_libdirs'" 1>&2 + fi + + if test -n "$current_libdirs"; then + # Maybe just do a dry run. + test -n "$run" && current_libdirs=" -n$current_libdirs" + exec $SHELL $0 --finish$current_libdirs + exit 1 + fi + + exit 0 + ;; + + # libtool finish mode + finish) + modename="$modename: finish" + libdirs="$nonopt" + admincmds= + + if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then + for dir + do + libdirs="$libdirs $dir" + done + + for libdir in $libdirs; do + if test -n "$finish_cmds"; then + # Do each command in the finish commands. + eval cmds=\"$finish_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" || admincmds="$admincmds + $cmd" + done + IFS="$save_ifs" + fi + if test -n "$finish_eval"; then + # Do the single finish_eval. + eval cmds=\"$finish_eval\" + $run eval "$cmds" || admincmds="$admincmds + $cmds" + fi + done + fi + + # Exit here if they wanted silent mode. + test "$show" = ":" && exit 0 + + echo "----------------------------------------------------------------------" + echo "Libraries have been installed in:" + for libdir in $libdirs; do + echo " $libdir" + done + echo + echo "If you ever happen to want to link against installed libraries" + echo "in a given directory, LIBDIR, you must either use libtool, and" + echo "specify the full pathname of the library, or use the \`-LLIBDIR'" + echo "flag during linking and do at least one of the following:" + if test -n "$shlibpath_var"; then + echo " - add LIBDIR to the \`$shlibpath_var' environment variable" + echo " during execution" + fi + if test -n "$runpath_var"; then + echo " - add LIBDIR to the \`$runpath_var' environment variable" + echo " during linking" + fi + if test -n "$hardcode_libdir_flag_spec"; then + libdir=LIBDIR + eval flag=\"$hardcode_libdir_flag_spec\" + + echo " - use the \`$flag' linker flag" + fi + if test -n "$admincmds"; then + echo " - have your system administrator run these commands:$admincmds" + fi + if test -f /etc/ld.so.conf; then + echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" + fi + echo + echo "See any operating system documentation about shared libraries for" + echo "more information, such as the ld(1) and ld.so(8) manual pages." + echo "----------------------------------------------------------------------" + exit 0 + ;; + + # libtool execute mode + execute) + modename="$modename: execute" + + # The first argument is the command name. + cmd="$nonopt" + if test -z "$cmd"; then + $echo "$modename: you must specify a COMMAND" 1>&2 + $echo "$help" + exit 1 + fi + + # Handle -dlopen flags immediately. + for file in $execute_dlfiles; do + if test ! -f "$file"; then + $echo "$modename: \`$file' is not a file" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + dir= + case $file in + *.la) + # Check to see that this really is a libtool archive. + if (sed -e '2q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then : + else + $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + # Read the libtool library. + dlname= + library_names= + + # If there is no directory component, then add one. + case $file in + */* | *\\*) . $file ;; + *) . ./$file ;; + esac + + # Skip this library if it cannot be dlopened. + if test -z "$dlname"; then + # Warn if it was a shared library. + test -n "$library_names" && $echo "$modename: warning: \`$file' was not linked with \`-export-dynamic'" + continue + fi + + dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` + test "X$dir" = "X$file" && dir=. + + if test -f "$dir/$objdir/$dlname"; then + dir="$dir/$objdir" + else + $echo "$modename: cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" 1>&2 + exit 1 + fi + ;; + + *.lo) + # Just add the directory containing the .lo file. + dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` + test "X$dir" = "X$file" && dir=. + ;; + + *) + $echo "$modename: warning \`-dlopen' is ignored for non-libtool libraries and objects" 1>&2 + continue + ;; + esac + + # Get the absolute pathname. + absdir=`cd "$dir" && pwd` + test -n "$absdir" && dir="$absdir" + + # Now add the directory to shlibpath_var. + if eval "test -z \"\$$shlibpath_var\""; then + eval "$shlibpath_var=\"\$dir\"" + else + eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\"" + fi + done + + # This variable tells wrapper scripts just to set shlibpath_var + # rather than running their programs. + libtool_execute_magic="$magic" + + # Check if any of the arguments is a wrapper script. + args= + for file + do + case $file in + -*) ;; + *) + # Do a test to see if this is really a libtool program. + if (sed -e '4q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then + # If there is no directory component, then add one. + case $file in + */* | *\\*) . $file ;; + *) . ./$file ;; + esac + + # Transform arg to wrapped name. + file="$progdir/$program" + fi + ;; + esac + # Quote arguments (to preserve shell metacharacters). + file=`$echo "X$file" | $Xsed -e "$sed_quote_subst"` + args="$args \"$file\"" + done + + if test -z "$run"; then + if test -n "$shlibpath_var"; then + # Export the shlibpath_var. + eval "export $shlibpath_var" + fi + + # Restore saved enviroment variables + if test "${save_LC_ALL+set}" = set; then + LC_ALL="$save_LC_ALL"; export LC_ALL + fi + if test "${save_LANG+set}" = set; then + LANG="$save_LANG"; export LANG + fi + + # Now actually exec the command. + eval "exec \$cmd$args" + + $echo "$modename: cannot exec \$cmd$args" + exit 1 + else + # Display what would be done. + if test -n "$shlibpath_var"; then + eval "\$echo \"\$shlibpath_var=\$$shlibpath_var\"" + $echo "export $shlibpath_var" + fi + $echo "$cmd$args" + exit 0 + fi + ;; + + # libtool clean and uninstall mode + clean | uninstall) + modename="$modename: $mode" + rm="$nonopt" + files= + rmforce= + exit_status=0 + + # This variable tells wrapper scripts just to set variables rather + # than running their programs. + libtool_install_magic="$magic" + + for arg + do + case $arg in + -f) rm="$rm $arg"; rmforce=yes ;; + -*) rm="$rm $arg" ;; + *) files="$files $arg" ;; + esac + done + + if test -z "$rm"; then + $echo "$modename: you must specify an RM program" 1>&2 + $echo "$help" 1>&2 + exit 1 + fi + + rmdirs= + + for file in $files; do + dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'` + if test "X$dir" = "X$file"; then + dir=. + objdir="$objdir" + else + objdir="$dir/$objdir" + fi + name=`$echo "X$file" | $Xsed -e 's%^.*/%%'` + test $mode = uninstall && objdir="$dir" + + # Remember objdir for removal later, being careful to avoid duplicates + if test $mode = clean; then + case " $rmdirs " in + *" $objdir "*) ;; + *) rmdirs="$rmdirs $objdir" ;; + esac + fi + + # Don't error if the file doesn't exist and rm -f was used. + if (test -L "$file") >/dev/null 2>&1 \ + || (test -h "$file") >/dev/null 2>&1 \ + || test -f "$file"; then + : + elif test -d "$file"; then + exit_status=1 + continue + elif test "$rmforce" = yes; then + continue + fi + + rmfiles="$file" + + case $name in + *.la) + # Possibly a libtool archive, so verify it. + if (sed -e '2q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then + . $dir/$name + + # Delete the libtool libraries and symlinks. + for n in $library_names; do + rmfiles="$rmfiles $objdir/$n" + done + test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library" + test $mode = clean && rmfiles="$rmfiles $objdir/$name $objdir/${name}i" + + if test $mode = uninstall; then + if test -n "$library_names"; then + # Do each command in the postuninstall commands. + eval cmds=\"$postuninstall_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" + if test $? != 0 && test "$rmforce" != yes; then + exit_status=1 + fi + done + IFS="$save_ifs" + fi + + if test -n "$old_library"; then + # Do each command in the old_postuninstall commands. + eval cmds=\"$old_postuninstall_cmds\" + IFS="${IFS= }"; save_ifs="$IFS"; IFS='~' + for cmd in $cmds; do + IFS="$save_ifs" + $show "$cmd" + $run eval "$cmd" + if test $? != 0 && test "$rmforce" != yes; then + exit_status=1 + fi + done + IFS="$save_ifs" + fi + # FIXME: should reinstall the best remaining shared library. + fi + fi + ;; + + *.lo) + if test "$build_old_libs" = yes; then + oldobj=`$echo "X$name" | $Xsed -e "$lo2o"` + rmfiles="$rmfiles $dir/$oldobj" + fi + ;; + + *) + # Do a test to see if this is a libtool program. + if test $mode = clean && + (sed -e '4q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then + relink_command= + . $dir/$file + + rmfiles="$rmfiles $objdir/$name $objdir/${name}S.${objext}" + if test "$fast_install" = yes && test -n "$relink_command"; then + rmfiles="$rmfiles $objdir/lt-$name" + fi + fi + ;; + esac + $show "$rm $rmfiles" + $run $rm $rmfiles || exit_status=1 + done + + # Try to remove the ${objdir}s in the directories where we deleted files + for dir in $rmdirs; do + if test -d "$dir"; then + $show "rmdir $dir" + $run rmdir $dir >/dev/null 2>&1 + fi + done + + exit $exit_status + ;; + + "") + $echo "$modename: you must specify a MODE" 1>&2 + $echo "$generic_help" 1>&2 + exit 1 + ;; + esac + + $echo "$modename: invalid operation mode \`$mode'" 1>&2 + $echo "$generic_help" 1>&2 + exit 1 +fi # test -z "$show_help" + +# We need to display help for each of the modes. +case $mode in +"") $echo \ +"Usage: $modename [OPTION]... [MODE-ARG]... + +Provide generalized library-building support services. + + --config show all configuration variables + --debug enable verbose shell tracing +-n, --dry-run display commands without modifying any files + --features display basic configuration information and exit + --finish same as \`--mode=finish' + --help display this help message and exit + --mode=MODE use operation mode MODE [default=inferred from MODE-ARGS] + --quiet same as \`--silent' + --silent don't print informational messages + --version print version information + +MODE must be one of the following: + + clean remove files from the build directory + compile compile a source file into a libtool object + execute automatically set library path, then run a program + finish complete the installation of libtool libraries + install install libraries or executables + link create a library or an executable + uninstall remove libraries from an installed directory + +MODE-ARGS vary depending on the MODE. Try \`$modename --help --mode=MODE' for +a more detailed description of MODE." + exit 0 + ;; + +clean) + $echo \ +"Usage: $modename [OPTION]... --mode=clean RM [RM-OPTION]... FILE... + +Remove files from the build directory. + +RM is the name of the program to use to delete files associated with each FILE +(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +to RM. + +If FILE is a libtool library, object or program, all the files associated +with it are deleted. Otherwise, only FILE itself is deleted using RM." + ;; + +compile) + $echo \ +"Usage: $modename [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE + +Compile a source file into a libtool library object. + +This mode accepts the following additional options: + + -o OUTPUT-FILE set the output file name to OUTPUT-FILE + -prefer-pic try to building PIC objects only + -prefer-non-pic try to building non-PIC objects only + -static always build a \`.o' file suitable for static linking + +COMPILE-COMMAND is a command to be used in creating a \`standard' object file +from the given SOURCEFILE. + +The output file name is determined by removing the directory component from +SOURCEFILE, then substituting the C source code suffix \`.c' with the +library object suffix, \`.lo'." + ;; + +execute) + $echo \ +"Usage: $modename [OPTION]... --mode=execute COMMAND [ARGS]... + +Automatically set library path, then run a program. + +This mode accepts the following additional options: + + -dlopen FILE add the directory containing FILE to the library path + +This mode sets the library path environment variable according to \`-dlopen' +flags. + +If any of the ARGS are libtool executable wrappers, then they are translated +into their corresponding uninstalled binary, and any of their required library +directories are added to the library path. + +Then, COMMAND is executed, with ARGS as arguments." + ;; + +finish) + $echo \ +"Usage: $modename [OPTION]... --mode=finish [LIBDIR]... + +Complete the installation of libtool libraries. + +Each LIBDIR is a directory that contains libtool libraries. + +The commands that this mode executes may require superuser privileges. Use +the \`--dry-run' option if you just want to see what would be executed." + ;; + +install) + $echo \ +"Usage: $modename [OPTION]... --mode=install INSTALL-COMMAND... + +Install executables or libraries. + +INSTALL-COMMAND is the installation command. The first component should be +either the \`install' or \`cp' program. + +The rest of the components are interpreted as arguments to that command (only +BSD-compatible install options are recognized)." + ;; + +link) + $echo \ +"Usage: $modename [OPTION]... --mode=link LINK-COMMAND... + +Link object files or libraries together to form another library, or to +create an executable program. + +LINK-COMMAND is a command using the C compiler that you would use to create +a program from several object files. + +The following components of LINK-COMMAND are treated specially: + + -all-static do not do any dynamic linking at all + -avoid-version do not add a version suffix if possible + -dlopen FILE \`-dlpreopen' FILE if it cannot be dlopened at runtime + -dlpreopen FILE link in FILE and add its symbols to lt_preloaded_symbols + -export-dynamic allow symbols from OUTPUT-FILE to be resolved with dlsym(3) + -export-symbols SYMFILE + try to export only the symbols listed in SYMFILE + -export-symbols-regex REGEX + try to export only the symbols matching REGEX + -LLIBDIR search LIBDIR for required installed libraries + -lNAME OUTPUT-FILE requires the installed library libNAME + -module build a library that can dlopened + -no-fast-install disable the fast-install mode + -no-install link a not-installable executable + -no-undefined declare that a library does not refer to external symbols + -o OUTPUT-FILE create OUTPUT-FILE from the specified objects + -release RELEASE specify package release information + -rpath LIBDIR the created library will eventually be installed in LIBDIR + -R[ ]LIBDIR add LIBDIR to the runtime path of programs and libraries + -static do not do any dynamic linking of libtool libraries + -version-info CURRENT[:REVISION[:AGE]] + specify library version info [each variable defaults to 0] + +All other options (arguments beginning with \`-') are ignored. + +Every other argument is treated as a filename. Files ending in \`.la' are +treated as uninstalled libtool libraries, other files are standard or library +object files. + +If the OUTPUT-FILE ends in \`.la', then a libtool library is created, +only library objects (\`.lo' files) may be specified, and \`-rpath' is +required, except when creating a convenience library. + +If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created +using \`ar' and \`ranlib', or on Windows using \`lib'. + +If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file +is created, otherwise an executable program is created." + ;; + +uninstall) + $echo \ +"Usage: $modename [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE... + +Remove libraries from an installation directory. + +RM is the name of the program to use to delete files associated with each FILE +(typically \`/bin/rm'). RM-OPTIONS are options (such as \`-f') to be passed +to RM. + +If FILE is a libtool library, all the files associated with it are deleted. +Otherwise, only FILE itself is deleted using RM." + ;; + +*) + $echo "$modename: invalid operation mode \`$mode'" 1>&2 + $echo "$help" 1>&2 + exit 1 + ;; +esac + +echo +$echo "Try \`$modename --help' for more information about other modes." + +exit 0 + +# Local Variables: +# mode:shell-script +# sh-indentation:2 +# End: diff --git a/kerberosIV/src/missing b/kerberosIV/src/missing new file mode 100644 index 00000000000..1570c795156 --- /dev/null +++ b/kerberosIV/src/missing @@ -0,0 +1,265 @@ +#! /bin/sh +# Common stub for a few missing GNU programs while installing. +# Copyright (C) 1996, 1997, 1999, 2000 Free Software Foundation, Inc. +# Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA +# 02111-1307, USA. + +if test $# -eq 0; then + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 +fi + +run=: + +case "$1" in +--run) + # Try to run requested program, and just exit if it succeeds. + run= + shift + "$@" && exit 0 + ;; +esac + +# If it does not exist, or fails to run (possibly an outdated version), +# try to emulate it. +case "$1" in + + -h|--h|--he|--hel|--help) + echo "\ +$0 [OPTION]... PROGRAM [ARGUMENT]... + +Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an +error status if there is no known handling for PROGRAM. + +Options: + -h, --help display this help and exit + -v, --version output version information and exit + --run try to run the given command, and emulate it if it fails + +Supported PROGRAM values: + aclocal touch file \`aclocal.m4' + autoconf touch file \`configure' + autoheader touch file \`config.h.in' + automake touch all \`Makefile.in' files + bison create \`y.tab.[ch]', if possible, from existing .[ch] + flex create \`lex.yy.c', if possible, from existing .c + help2man touch the output file + lex create \`lex.yy.c', if possible, from existing .c + makeinfo touch the output file + tar try tar, gnutar, gtar, then tar without non-portable flags + yacc create \`y.tab.[ch]', if possible, from existing .[ch]" + ;; + + -v|--v|--ve|--ver|--vers|--versi|--versio|--version) + echo "missing 0.3 - GNU automake" + ;; + + -*) + echo 1>&2 "$0: Unknown \`$1' option" + echo 1>&2 "Try \`$0 --help' for more information" + exit 1 + ;; + + aclocal) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`acinclude.m4' or \`configure.in'. You might want + to install the \`Automake' and \`Perl' packages. Grab them from + any GNU archive site." + touch aclocal.m4 + ;; + + autoconf) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`configure.in'. You might want to install the + \`Autoconf' and \`GNU m4' packages. Grab them from any GNU + archive site." + touch configure + ;; + + autoheader) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`acconfig.h' or \`configure.in'. You might want + to install the \`Autoconf' and \`GNU m4' packages. Grab them + from any GNU archive site." + files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' configure.in` + test -z "$files" && files="config.h" + touch_files= + for f in $files; do + case "$f" in + *:*) touch_files="$touch_files "`echo "$f" | + sed -e 's/^[^:]*://' -e 's/:.*//'`;; + *) touch_files="$touch_files $f.in";; + esac + done + touch $touch_files + ;; + + automake) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified \`Makefile.am', \`acinclude.m4' or \`configure.in'. + You might want to install the \`Automake' and \`Perl' packages. + Grab them from any GNU archive site." + find . -type f -name Makefile.am -print | + sed 's/\.am$/.in/' | + while read f; do touch "$f"; done + ;; + + bison|yacc) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.y' file. You may need the \`Bison' package + in order for those modifications to take effect. You can get + \`Bison' from any GNU archive site." + rm -f y.tab.c y.tab.h + if [ $# -ne 1 ]; then + eval LASTARG="\${$#}" + case "$LASTARG" in + *.y) + SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" y.tab.c + fi + SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" y.tab.h + fi + ;; + esac + fi + if [ ! -f y.tab.h ]; then + echo >y.tab.h + fi + if [ ! -f y.tab.c ]; then + echo 'main() { return 0; }' >y.tab.c + fi + ;; + + lex|flex) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.l' file. You may need the \`Flex' package + in order for those modifications to take effect. You can get + \`Flex' from any GNU archive site." + rm -f lex.yy.c + if [ $# -ne 1 ]; then + eval LASTARG="\${$#}" + case "$LASTARG" in + *.l) + SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` + if [ -f "$SRCFILE" ]; then + cp "$SRCFILE" lex.yy.c + fi + ;; + esac + fi + if [ ! -f lex.yy.c ]; then + echo 'main() { return 0; }' >lex.yy.c + fi + ;; + + help2man) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a dependency of a manual page. You may need the + \`Help2man' package in order for those modifications to take + effect. You can get \`Help2man' from any GNU archive site." + + file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'` + if test -z "$file"; then + file=`echo "$*" | sed -n 's/.*--output=\([^ ]*\).*/\1/p'` + fi + if [ -f "$file" ]; then + touch $file + else + test -z "$file" || exec >$file + echo ".ab help2man is required to generate this page" + exit 1 + fi + ;; + + makeinfo) + echo 1>&2 "\ +WARNING: \`$1' is missing on your system. You should only need it if + you modified a \`.texi' or \`.texinfo' file, or any other file + indirectly affecting the aspect of the manual. The spurious + call might also be the consequence of using a buggy \`make' (AIX, + DU, IRIX). You might want to install the \`Texinfo' package or + the \`GNU make' package. Grab either from any GNU archive site." + file=`echo "$*" | sed -n 's/.*-o \([^ ]*\).*/\1/p'` + if test -z "$file"; then + file=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` + file=`sed -n '/^@setfilename/ { s/.* \([^ ]*\) *$/\1/; p; q; }' $file` + fi + touch $file + ;; + + tar) + shift + if test -n "$run"; then + echo 1>&2 "ERROR: \`tar' requires --run" + exit 1 + fi + + # We have already tried tar in the generic part. + # Look for gnutar/gtar before invocation to avoid ugly error + # messages. + if (gnutar --version > /dev/null 2>&1); then + gnutar ${1+"$@"} && exit 0 + fi + if (gtar --version > /dev/null 2>&1); then + gtar ${1+"$@"} && exit 0 + fi + firstarg="$1" + if shift; then + case "$firstarg" in + *o*) + firstarg=`echo "$firstarg" | sed s/o//` + tar "$firstarg" ${1+"$@"} && exit 0 + ;; + esac + case "$firstarg" in + *h*) + firstarg=`echo "$firstarg" | sed s/h//` + tar "$firstarg" ${1+"$@"} && exit 0 + ;; + esac + fi + + echo 1>&2 "\ +WARNING: I can't seem to be able to run \`tar' with the given arguments. + You may want to install GNU tar or Free paxutils, or check the + command line arguments." + exit 1 + ;; + + *) + echo 1>&2 "\ +WARNING: \`$1' is needed, and you do not seem to have it handy on your + system. You might have modified some files without having the + proper tools for further handling them. Check the \`README' file, + it often tells you about the needed prerequirements for installing + this package. You may also peek at any GNU archive site, in case + some other package would contain this missing \`$1' program." + exit 1 + ;; +esac + +exit 0 diff --git a/kerberosIV/src/server/Makefile.am b/kerberosIV/src/server/Makefile.am new file mode 100644 index 00000000000..95defc8860e --- /dev/null +++ b/kerberosIV/src/server/Makefile.am @@ -0,0 +1,16 @@ +# $KTH: Makefile.am,v 1.5 2001/08/28 08:43:03 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_des) + +libexec_PROGRAMS = kerberos + +man_MANS = kerberos.8 + +LDADD = \ + $(top_builddir)/lib/kdb/libkdb.la \ + $(top_builddir)/lib/krb/libkrb.la \ + $(LIB_des) \ + $(LIB_roken) \ + $(DBLIB) diff --git a/kerberosIV/src/server/kerberos.8 b/kerberosIV/src/server/kerberos.8 new file mode 100644 index 00000000000..e65a6a2a5c7 --- /dev/null +++ b/kerberosIV/src/server/kerberos.8 @@ -0,0 +1,189 @@ +.\" $KTH: kerberos.8,v 1.3 2001/05/06 21:38:17 assar Exp $ +.\" +.Dd September 26, 1997 +.Dt KERBEROS 8 +.Os KTH-KRB +.Sh NAME +.Nm kerberos +.Nd the kerberos daemon +.Sh SYNPOSIS +.Nm +.Op Fl mns +.Op Fl a Ar max age +.Op Fl i Ar address +.Op Fl l Ar log +.Op Fl p Ar pause +.Op Fl P Ar portspec +.Op Fl r Ar realm +.Op Ar database +.Sh DESCRIPTION +This is the +.Nm +daemon. +.Pp +Options: +.Bl -tag -width -ident +.It Fl a +Set the +.Ar max age +before the database is considered stale. +.It Fl i +Only listen on +.Ar address . +Normally, the kerberos server listens on all addresses of all +interfaces. +.It Fl l +Write the log to +.Ar log +.It Fl m +Run manually and prompt for master key. +.It Fl n +Do not check max age. +.It Fl p +Pause for +.Ar pause +before dying. +.It Fl P +Listen to the ports specified by +.Ar portspec . +This should be a white-space separated list of port specificatios. A +port specification follows the format: +.Ar port Ns Op / Ns Ar protocol . +The +.Ar port +can be either a symbolic port name (from +.Pa /etc/services ) , +or a number; +.Ar protocol can be either +.Li udp , +or +.Li tcp . +If left out, the KDC will listen to both UDP and TCP sockets on the +specified port. +.br +The special string +.Li + +mean that the default set of ports (TCP and UDP on ports 88 and 750) +should be included. +.It Fl r +Run as a server for realm +.Ar realm +.It Fl s +Set slave parameters. This will enable check to see if data is +getting too stale relative to the master. +.El +.Pp +If no +.Ar database +is given a default datbase will be used, normally +.Pa /var/kerberos/principal . +.Sh DIAGNOSTICS +The server logs several messages in a log file +.Pf ( Pa /var/run/kerberos.log +by default). The logging mechanism opens and closes the log file for +each message, so you can safely rename the log file when the server is +running. +.Ss Operational messages +These are normal messages that you will see in the log. They might be +followed by some error message. +.Bl -tag -width xxxxx +.It Li Getting key for Ar REALM +The server fetched the key for +.Sq krbtgt.REALM +for the specific +realm. You will see this at startup, and for every attempt to use +cross realm authentication. +.It Xo Li Starting Kerberos for +.Ar REALM +.Li (kvno Ar kvno ) +.Xc +You will see this also if you start with +.Fl m . +.It Xo Li AS REQ +.Ar name.instance@REALM +.Li for +.Ar sname.sinstance +.Li from +.Ar ip-number +.Xc +An initial (password authenticated) request was received. +.It Xo Li APPL REQ +.Ar name.instance@REALM +.Li for +.Ar sname.sinstance +.Li from Ar ip-number +.Xc +A tgt-based request for a ticket was made. +.El +.Ss Error messages +These messages reflects misconfigured clients, invalid requests, or +possibly attepted attacks. +.Bl -tag -width xxxxx +.It Li UNKNOWN Ar name.instance +The server received a request with an unknown principal. This is most +likely because someone typed the wrong name at a login prompt. It +could also be someone trying to get a list of possible users. +.It Xo Li Unknown realm Ar REALM +.Li from Ar ip-number +.Xc +There isn't a principal for +.Sq krbtgt.REALM +in the database. +.It Xo Li Can't hop realms: Ar REALM1 +.Li -> Ar REALM2 +.Xc +There was a request for a ticket for another realm. This might be +because of a misconfigured client. +.It Li Principal not unique Ar name.instance +There is more than one entry for this principal in the database. This +is not very good. +.It Li Null key Ar name.instance +Someone tried to use a principal that for some reason doesn't have a +key. +.It Xo Li Incorrect master key version for +.Ar name.instance +.Li : Ar number +.Li (should be Ar number ) +.Xc +The principal has it's key encrypted with the wrong master key. +.It Xo Li Principal Ar name.instance +.Li expired at Ar date +.Xc +The principal's key has expired. +.It Li krb_rd_req from Ar ip-number : error-message +The message couldn't be decoded properly. The error message will give +you further hints. You will see this if someone is trying to use +expired tickets. +.It Xo Li Unknown message type: Ar number +.Li from Ar ip-number +.Xc +The message received was not one that is understood by this server. +.It Li Can't authorize password changed based on TGT +Someone tried to get a +.Sq changepw.kerberos +via a tgt exchange. This is +because of a broken client, or possibly an attack. +.It Li KRB protocol version mismatch ( Ar number ) +The server received a request with an unknown version number. +.El +.Ss Fatal error messages +The following messages indicate problems when starting the server. +.Bl -tag -width xxxxx +.It Li Database unavailable! +There was some problem reading the database. +.It Li Database currently being updated! +Someone is currently updating the database (possibly via krop). +.It Li Database out of date! +The database is older than the maximum age specified. +.It Li Couldn't get master key. +The master key file wasn't found or the file is damaged. +.It Li Can't verify master key. +The key in the keyfile doesn't match the current databse. +.It Li Ticket granting ticket service unknown +The database doesn't contain a +.Sq krbtgt.REALM +for the local realm. +.El +.Sh SEE ALSO +.Xr kprop 8 , +.Xr kpropd 8 diff --git a/kerberosIV/src/slave/Makefile.am b/kerberosIV/src/slave/Makefile.am new file mode 100644 index 00000000000..52e634d436e --- /dev/null +++ b/kerberosIV/src/slave/Makefile.am @@ -0,0 +1,14 @@ +# $KTH: Makefile.am,v 2.3 2000/11/15 23:58:21 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +libexec_PROGRAMS = kprop kpropd + +man_MANS = kprop.8 kpropd.8 + +LDADD = \ + $(top_builddir)/lib/krb/libkrb.la \ + $(LIB_des) \ + $(LIB_roken) + +INCLUDES += -DSBINDIR=\"$(sbindir)\" diff --git a/kerberosIV/src/slave/kprop.8 b/kerberosIV/src/slave/kprop.8 new file mode 100644 index 00000000000..073058dcd34 --- /dev/null +++ b/kerberosIV/src/slave/kprop.8 @@ -0,0 +1,55 @@ +.\" $KTH: kprop.8,v 2.4 2001/07/12 08:47:06 assar Exp $ +.\" +.Dd June 7, 1996 +.Dt KPROP 8 +.Os KTH-KRB +.Sh NAME +.Nm kprop +.Nd "the kerberos slave server update client" +.Sh SYNOPSIS +.Nm +.Op Fl force +.Op Fl realm Ar realm +.Op Ar dump-file +.Op Ar slave-file +.Sh DESCRIPTION +Changes to the database, such as changed passwords, are only made to +the master server through the +.Nm kadmind +service. To propagate these changes to the slave servers, +.Nm +should be run regularly on the master server. +.Pp +The following options are recognised. +.Bl -tag -width -force +.It Fl force +Propagate even if there hasn't been an update to the dump file since +last time. +.It Fl realm +Realm if other than the default. +.It dump-file +is a file created with +.Ic kdb_util slave_dump , +default is +.Pa /var/kerberos/slave_dump . +.It slave-file +Contains the names of the slave servers. Default is +.Pa /var/kerberos/slaves . +.El +.Pp +.Nm +will use the principal +.Nm rcmd.kerberos +to authenticate to the master servers. This principal has to be added +to the database, and it should also be put into the service key file +on the master server. +.Sh FILES +.Bl -tag -width indent -compact +.It Pa /var/kerberos/slave_dump +.It Pa /var/kerberos/slaves +.It Pa /etc/srvtab +.El +.Sh SEE ALSO +.Xr kadmind 8 , +.Xr kerberos 8 , +.Xr kpropd 8 diff --git a/kerberosIV/src/slave/kpropd.8 b/kerberosIV/src/slave/kpropd.8 new file mode 100644 index 00000000000..1252e1ac90e --- /dev/null +++ b/kerberosIV/src/slave/kpropd.8 @@ -0,0 +1,61 @@ +.\" $KTH: kpropd.8,v 2.4 2001/07/12 08:47:06 assar Exp $ +.\" +.Dd June 7, 1996 +.Dt KPROPD 8 +.Os KTH-KRB +.Sh NAME +.Nm kpropd +.Nd "the kerberos slave server update facility" +.Sh SYNOPSIS +.Nm +.Op Fl i +.Op Fl d Ar database +.Op Fl l Ar logfile +.Op Fl m +.Op Fl p Ar kdb_util +.Op Fl r Ar realm +.Op Fl s Ar srvtab +.Sh DESCRIPTION +The +.Nm +responds to database update requests from the +.Nm kprop +command. It can either be started from +.Nm inetd +or as an ordinary program. +.Pp +The following options are recognised: +.Bl -tag -width xxxx +.It Fl i +Run stand-alone. If this flag is not given, it is assumed to have +been started by +.Nm inetd . +.It Fl d +What database file to use, default is +.Pa /var/kerberos/principal . +.It Fl l +Logfile to use, default is +.Pa /var/log/kpropd.log . +.It Fl m +Treat data as changes to the database rather than a complete database. +.It Fl p +The path to +.Nm kdb_util , +default is +.Pa /usr/athena/sbin/kdb_util . +.It Fl r +Realm if other than the default realm. +.It Fl s +Srvtab if other than +.Pa /etc/srvtab . +.El +.Sh FILES +.Bl -tag -width indent -compact +.It Pa /var/kerberos/principal.{db,dir,pag} +.It Pa /var/log/kpropd.log +.It Pa /etc/srvtab +.El +.Sh SEE ALSO +.Xr kadmind 8 , +.Xr kerberos 8 , +.Xr kprop 8 diff --git a/kerberosIV/src/tools/Makefile.am b/kerberosIV/src/tools/Makefile.am new file mode 100644 index 00000000000..93f32614f27 --- /dev/null +++ b/kerberosIV/src/tools/Makefile.am @@ -0,0 +1,23 @@ +# $KTH: Makefile.am,v 1.2 2001/09/17 02:10:51 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +EXTRA_DIST = krb4-config.1 + +CLEANFILES = krb4-config + +bin_SCRIPTS = krb4-config + +man_MANS = krb4-config.1 + +krb4-config: krb4-config.in + sed -e "s;@PACKAGE\@;$(PACKAGE);g" \ + -e "s;@VERSION\@;$(VERSION);g" \ + -e "s;@prefix\@;$(prefix);g" \ + -e "s;@exec_prefix\@;$(exec_prefix);g" \ + -e "s;@libdir\@;$(libdir);g" \ + -e "s;@includedir\@;$(includedir);g" \ + -e "s;@LIB_des_appl\@;$(LIB_des_appl);g" \ + -e "s;@LIBS\@;$(LIBS);g" \ + $(srcdir)/krb4-config.in > $@ + chmod +x $@ diff --git a/kerberosIV/src/tools/Makefile.in b/kerberosIV/src/tools/Makefile.in new file mode 100644 index 00000000000..caa3eb0c29d --- /dev/null +++ b/kerberosIV/src/tools/Makefile.in @@ -0,0 +1,538 @@ +# Makefile.in generated automatically by automake 1.4b from Makefile.am + +# Copyright 1994, 1995, 1996, 1997, 1998, 1999, 2000 +# Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = .. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +INSTALL_STRIP_FLAG = +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : + +@SET_MAKE@ +host_alias = @host_alias@ +host_triplet = @host@ +AFSWS = @AFSWS@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AMDEP = @AMDEP@ +AMTAR = @AMTAR@ +AS = @AS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +COMPILE_ET = @COMPILE_ET@ +CPP = @CPP@ +CRACKLIB = @CRACKLIB@ +CXX = @CXX@ +CXXCPP = @CXXCPP@ +DBLIB = @DBLIB@ +DEPDIR = @DEPDIR@ +DES_H = @DES_H@ +DIR_com_err = @DIR_com_err@ +DIR_des = @DIR_des@ +DIR_roken = @DIR_roken@ +DLLTOOL = @DLLTOOL@ +ECHO = @ECHO@ +EXEEXT = @EXEEXT@ +GROFF = @GROFF@ +INCLUDES_roken = @INCLUDES_roken@ +INCLUDE_ = @INCLUDE_@ +INCLUDE_des = @INCLUDE_des@ +INCLUDE_krb4 = @INCLUDE_krb4@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_NDBM = @LIB_NDBM@ +LIB_SUBDIRS = @LIB_SUBDIRS@ +LIB_com_err = @LIB_com_err@ +LIB_com_err_a = @LIB_com_err_a@ +LIB_com_err_so = @LIB_com_err_so@ +LIB_des = @LIB_des@ +LIB_des_a = @LIB_des_a@ +LIB_des_appl = @LIB_des_appl@ +LIB_des_so = @LIB_des_so@ +LIB_krb4 = @LIB_krb4@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NROFF = @NROFF@ +OBJDUMP = @OBJDUMP@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +STRIP = @STRIP@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ +disable_cat_manpages = @disable_cat_manpages@ +install_sh = @install_sh@ +krb_cv_header_netdb_h_broken = @krb_cv_header_netdb_h_broken@ + +# $KTH: Makefile.am,v 1.2 2001/09/17 02:10:51 assar Exp $ + + +# $KTH: Makefile.am.common,v 1.1 2000/11/05 17:16:23 joda Exp $ + + +# $KTH: Makefile.am.common,v 1.31 2001/09/01 11:12:18 assar Exp $ + + +AUTOMAKE_OPTIONS = foreign no-dependencies 1.4b + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include $(INCLUDES_roken) + +AM_CFLAGS = $(WFLAGS) + +CP = cp + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_openpty = @LIB_openpty@ +LIB_pidfile = @LIB_pidfile@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +LIBS = @LIBS@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_openldap = @INCLUDE_openldap@ +LIB_openldap = @LIB_openldap@ + +INCLUDE_readline = @INCLUDE_readline@ +LIB_readline = @LIB_readline@ + +LEXLIB = @LEXLIB@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = @KRB4_TRUE@$(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = @KRB5_TRUE@$(top_builddir)/lib/krb5/libkrb5.la \ +@KRB5_TRUE@ $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = @KRB5_TRUE@$(top_builddir)/lib/gssapi/libgssapi.la + +@DCE_TRUE@LIB_kdfs = @DCE_TRUE@$(top_builddir)/lib/kdfs/libkdfs.la + +CHECK_LOCAL = $(PROGRAMS) + +EXTRA_DIST = krb4-config.1 + +CLEANFILES = krb4-config + +bin_SCRIPTS = krb4-config + +man_MANS = krb4-config.1 +subdir = tools +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../include/config.h +CONFIG_CLEAN_FILES = +SCRIPTS = $(bin_SCRIPTS) + +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ +DIST_SOURCES = +man1dir = $(mandir)/man1 +MANS = $(man_MANS) +depcomp = +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) + +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign tools/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +install-binSCRIPTS: $(bin_SCRIPTS) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(bindir) + @list='$(bin_SCRIPTS)'; for p in $$list; do \ + f="`echo $$p|sed '$(transform)'`"; \ + if test -f $$p; then \ + echo " $(INSTALL_SCRIPT) $$p $(DESTDIR)$(bindir)/$$f"; \ + $(INSTALL_SCRIPT) $$p $(DESTDIR)$(bindir)/$$f; \ + elif test -f $(srcdir)/$$p; then \ + echo " $(INSTALL_SCRIPT) $(srcdir)/$$p $(DESTDIR)$(bindir)/$$f"; \ + $(INSTALL_SCRIPT) $(srcdir)/$$p $(DESTDIR)$(bindir)/$$f; \ + else :; fi; \ + done + +uninstall-binSCRIPTS: + @$(NORMAL_UNINSTALL) + @list='$(bin_SCRIPTS)'; for p in $$list; do \ + f="`echo $$p|sed '$(transform)'`"; \ + echo " rm -f $(DESTDIR)$(bindir)/$$f"; \ + rm -f $(DESTDIR)$(bindir)/$$f; \ + done + +install-man1: + $(mkinstalldirs) $(DESTDIR)$(man1dir) + @list='$(man1_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.1*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + if test -f $(srcdir)/$$i; then file=$(srcdir)/$$i; \ + else file=$$i; fi; \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst"; \ + $(INSTALL_DATA) $$file $(DESTDIR)$(man1dir)/$$inst; \ + done + +uninstall-man1: + @list='$(man1_MANS)'; \ + l2='$(man_MANS)'; for i in $$l2; do \ + case "$$i" in \ + *.1*) list="$$list $$i" ;; \ + esac; \ + done; \ + for i in $$list; do \ + ext=`echo $$i | sed -e 's/^.*\\.//'`; \ + inst=`echo $$i | sed -e 's/\\.[0-9a-z]*$$//'`; \ + inst=`echo $$inst | sed -e 's/^.*\///'`; \ + inst=`echo $$inst | sed '$(transform)'`.$$ext; \ + echo " rm -f $(DESTDIR)$(man1dir)/$$inst"; \ + rm -f $(DESTDIR)$(man1dir)/$$inst; \ + done +install-man: $(MANS) + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-man1 +uninstall-man: + @$(NORMAL_UNINSTALL) + $(MAKE) $(AM_MAKEFLAGS) uninstall-man1 +tags: TAGS +TAGS: + + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pR $$d/$$file $(distdir) \ + || exit 1; \ + else \ + test -f $(distdir)/$$file \ + || cp -p $$d/$$file $(distdir)/$$file \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: install-binSCRIPTS + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-man install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-binSCRIPTS uninstall-man +uninstall: uninstall-am +all-am: Makefile $(SCRIPTS) $(MANS) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) INSTALL_STRIP_FLAG=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(bindir) $(DESTDIR)$(mandir)/man1 + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: + -rm -f Makefile.in +mostlyclean-am: mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: uninstall-binSCRIPTS install-binSCRIPTS install-man1 \ +uninstall-man1 install-man uninstall-man tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all install-strip installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + echo "*"; \ + echo "* Failed to install $$x setuid root"; \ + echo "*"; \ + fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " $(CP) $$file $(buildinclude)/$$f"; \ + $(CP) $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat-mans: + $(SHELL) $(top_srcdir)/cf/install-catman.sh "$(INSTALL_DATA)" "$(mkinstalldirs)" "$(srcdir)" "$(DESTDIR)$(mandir)" '$(CATMANEXT)' $(man_MANS) $(man1_MANS) $(man3_MANS) $(man5_MANS) $(man8_MANS) + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +krb4-config: krb4-config.in + sed -e "s;@PACKAGE\@;$(PACKAGE);g" \ + -e "s;@VERSION\@;$(VERSION);g" \ + -e "s;@prefix\@;$(prefix);g" \ + -e "s;@exec_prefix\@;$(exec_prefix);g" \ + -e "s;@libdir\@;$(libdir);g" \ + -e "s;@includedir\@;$(includedir);g" \ + -e "s;@LIB_des_appl\@;$(LIB_des_appl);g" \ + -e "s;@LIBS\@;$(LIBS);g" \ + $(srcdir)/krb4-config.in > $@ + chmod +x $@ + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/kerberosIV/src/tools/krb4-config.1 b/kerberosIV/src/tools/krb4-config.1 new file mode 100644 index 00000000000..569f1878311 --- /dev/null +++ b/kerberosIV/src/tools/krb4-config.1 @@ -0,0 +1,55 @@ +.\" $KTH: krb4-config.1,v 1.1 2001/09/13 00:04:01 assar Exp $ +.\" +.Dd September 11, 2001 +.Dt KRB4-CONFIG 1 +.Os KTH-KRB +.Sh NAME +.Nm krb4-config +.Nd "give information on how to link code against Kerberos v4 libraries" +.Sh SYNOPSIS +.Nm +.Op Fl -prefix Ns Op = Ns Ar dir +.Op Fl -exec-prefix Ns Op = Ns Ar dir +.Op Fl -libs +.Op Fl -cflags +.Op Ar libraries +.Sh DESCRIPTION +.Nm +tells the application programmer what special flags to use to compile +and link programs against the libraries installed by krb4. +.Pp +Options supported: +.Bl -tag -width Ds +.It Fl -prefix Ns Op = Ns Ar dir +Print the prefix if no +.Ar dir +is specified, otherwise set prefix to +.Ar dir . +.It Fl -exec-prefix Ns Op = Ns Ar dir +Print the exec-prefix if no +.Ar dir +is specified, otherwise set exec-prefix to +.Ar dir . +.It Fl -libs +Output the set of libraries that should be linked against. +.It Fl -cflags +Output the set of flags to give to the C compiler when using the +krb4 libraries. +.El +.Pp +By default +.Nm +will output the set of flags and libraries to be used by a normal +program using the krb4 API. The user can also supply a library to be +used, the supported ones are: +.Bl -tag -width Ds +.It krb4 +(the default) +.It kadm-client +use the client-side kadmin libraries +.El +.Sh SEE ALSO +.Xr cc 1 +.Sh HISTORY +.Nm +appeared in krb4 1.1 diff --git a/kerberosIV/src/tools/krb4-config.in b/kerberosIV/src/tools/krb4-config.in new file mode 100644 index 00000000000..bdbcdedbae9 --- /dev/null +++ b/kerberosIV/src/tools/krb4-config.in @@ -0,0 +1,98 @@ +#!/bin/sh +# $KTH: krb4-config.in,v 1.2 2001/09/17 01:11:55 assar Exp $ + +do_libs=no +do_cflags=no +do_usage=no +print_prefix=no +print_exec_prefix=no +library=krb4 + +if test $# -eq 0; then + do_usage=yes + usage_exit=1 +fi + +for i in $*; do + case $i in + --help) + do_usage=yes + usage_exit=0 + ;; + --version) + echo "@PACKAGE@ @VERSION@" + echo '$KTH: krb4-config.in,v 1.2 2001/09/17 01:11:55 assar Exp $' + exit 0 + ;; + --prefix=*) + prefix=`echo $i | sed 's/^--prefix=//'` + ;; + --prefix) + print_prefix=yes + ;; + --exec-prefix=*) + exec_prefix=`echo $i | sed 's/^--exec-prefix=//'` + ;; + --exec-prefix) + print_exec_prefix=yes + ;; + --libs) + do_libs=yes + ;; + --cflags) + do_cflags=yes + ;; + krb5) + library=krb5 + ;; + kadm-client) + library=kadm-client + ;; + *) + echo "unknown option: $i" + exit 1 + ;; + esac +done + +if test "$do_usage" = "yes"; then + echo "usage: $0 [options] [libraries]" + echo "options: [--prefix[=dir]] [--exec-prefix[=dir]] [--libs] [--cflags]" + echo "libraries: krb4 kadm-client" + exit $usage_exit +fi + +if test "$prefix" = ""; then + prefix=@prefix@ +fi +if test "$exec_prefix" = ""; then + exec_prefix=@exec_prefix@ +fi + +libdir=@libdir@ +includedir=@includedir@ + +if test "$print_prefix" = "yes"; then + echo $prefix +fi + +if test "$print_exec_prefix" = "yes"; then + echo $exec_prefix +fi + +if test "$do_libs" = "yes"; then + lib_flags="-L${libdir}" + case $library in + kadm-client) + lib_flags="$lib_flags -lkadm" + ;; + esac + lib_flags="$lib_flags -lkrb @LIB_des_appl@" + lib_flags="$lib_flags @LIBS@" + echo $lib_flags +fi +if test "$do_cflags" = "yes"; then + echo "-I${includedir}" +fi + +exit 0 |