sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-05 21:57:51 +03:00
Code

r10386: Merge current lorikeet-heimdal into Samba4.

Browse Source 
Andrew Bartlett
This commit is contained in:
Andrew Bartlett 2005-09-21 12:24:41 +00:00 committed by Gerald (Jerry) Carter
parent 40a8ad2d1e
commit 4d2a9a9bc4
17 changed files with 570 additions and 866 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
source/heimdal/cf/resolv.m4
View File

@ -1,10 +1,13 @@
dnl stuff used by DNS resolv code
dnl stuff used by DNS resolv code in roken
dnl
dnl $Id: resolv.m4,v 1.1 2005/09/02 10:17:38 lha Exp $
dnl
AC_DEFUN([rk_RESOLV], [
AC_DEFUN([rk_RESOLV],[
AC_CHECK_HEADERS(arpa/nameser.h)
AC_CHECK_HEADERS([arpa/nameser.h])
AC_CHECK_HEADERS(resolv.h, , , [AC_INCLUDES_DEFAULT
AC_CHECK_HEADERS(resolv.h, , , [AC_INCLUDES_DEFAULT
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
@ -16,7 +19,7 @@ AC_DEFUN([rk_RESOLV], [
#endif
])
AC_FIND_FUNC(res_search, resolv,
AC_FIND_FUNC(res_search, resolv,
[
#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H
@ -34,7 +37,7 @@ AC_DEFUN([rk_RESOLV], [
],
[0,0,0,0,0])
AC_FIND_FUNC(res_nsearch, resolv,
AC_FIND_FUNC(res_nsearch, resolv,
[
#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H
@ -52,7 +55,7 @@ AC_DEFUN([rk_RESOLV], [
],
[0,0,0,0,0,0])
AC_FIND_FUNC(res_ndestroy, resolv,
AC_FIND_FUNC(res_ndestroy, resolv,
[
#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H
@ -70,7 +73,7 @@ AC_DEFUN([rk_RESOLV], [
],
[0])
AC_FIND_FUNC(dn_expand, resolv,
AC_FIND_FUNC(dn_expand, resolv,
[
#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H
@ -88,7 +91,7 @@ AC_DEFUN([rk_RESOLV], [
],
[0,0,0,0,0])
rk_CHECK_VAR(_res,
rk_CHECK_VAR(_res,
[#include <stdio.h>
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>

24
source/heimdal/kdc/kerberos5.c
View File

@ -483,8 +483,8 @@ make_etype_info2_entry(ETYPE_INFO2_ENTRY *ent, Key *key)
ent->s2kparams = NULL;
switch (key->key.keytype) {
case KEYTYPE_AES128:
case KEYTYPE_AES256:
case ETYPE_AES128_CTS_HMAC_SHA1_96:
case ETYPE_AES256_CTS_HMAC_SHA1_96:
ALLOC(ent->s2kparams);
if (ent->s2kparams == NULL)
return ENOMEM;
@ -499,6 +499,26 @@ make_etype_info2_entry(ETYPE_INFO2_ENTRY *ent, Key *key)
_krb5_AES_string_to_default_iterator,
ent->s2kparams->length);
break;
case ETYPE_DES_CBC_CRC:
case ETYPE_DES_CBC_MD4:
case ETYPE_DES_CBC_MD5:
/* Check if this was a AFS3 salted key */
if(key->salt && key->salt->type == hdb_afs3_salt){
ALLOC(ent->s2kparams);
if (ent->s2kparams == NULL)
return ENOMEM;
ent->s2kparams->length = 1;
ent->s2kparams->data = malloc(ent->s2kparams->length);
if (ent->s2kparams->data == NULL) {
free(ent->s2kparams);
ent->s2kparams = NULL;
return ENOMEM;
}
_krb5_put_int(ent->s2kparams->data,
1,
ent->s2kparams->length);
}
break;
default:
break;
}

110
source/heimdal/kdc/pkinit.c
View File

@ -33,7 +33,7 @@
#include "kdc_locl.h"
RCSID("$Id: pkinit.c,v 1.41 2005/08/12 09:21:40 lha Exp $");
RCSID("$Id: pkinit.c,v 1.43 2005/09/21 00:40:32 lha Exp $");
#ifdef PKINIT
@ -333,16 +333,11 @@ generate_dh_keyblock(krb5_context context, pk_client_params *client_params,
goto out;
}
ret = krb5_random_to_key(context, enctype,
dh_gen_key, dh_gen_keylen, &key);
if (ret) {
krb5_set_error_string(context,
"pkinit - can't create key from DH key");
ret = KRB5KRB_ERR_GENERIC;
goto out;
}
ret = krb5_copy_keyblock_contents(context, &key, reply_key);
ret = _krb5_pk_octetstring2key(context,
enctype,
dh_gen_key, dh_gen_keylen,
NULL, NULL,
reply_key);
out:
if (dh_gen_key)
@ -768,11 +763,10 @@ _kdc_pk_rd_padata(krb5_context context,
client_params->nonce = ap.pkAuthenticator.nonce;
if (ap.clientPublicValue) {
ret = get_dh_param(context, ap.clientPublicValue, client_params);
if (ret) {
free_AuthPack_19(&ap);
goto out;
}
krb5_set_error_string(context, "PK-INIT, no support for DH");
ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP;
free_AuthPack_19(&ap);
goto out;
}
free_AuthPack_19(&ap);
} else if (pa->padata_type == KRB5_PADATA_PK_AS_REQ) {
@ -800,10 +794,11 @@ _kdc_pk_rd_padata(krb5_context context,
client_params->nonce = ap.pkAuthenticator.nonce;
if (ap.clientPublicValue) {
krb5_set_error_string(context, "PK-INIT, no support for DH");
ret = KRB5KDC_ERR_PADATA_TYPE_NOSUPP;
free_AuthPack(&ap);
goto out;
ret = get_dh_param(context, ap.clientPublicValue, client_params);
if (ret) {
free_AuthPack(&ap);
goto out;
}
}
free_AuthPack(&ap);
} else
@ -1139,16 +1134,18 @@ pk_mk_pa_reply_dh(krb5_context context,
ContentInfo *content_info)
{
ASN1_INTEGER *dh_pub_key = NULL;
ContentInfo contentinfo;
KDCDHKeyInfo dh_info;
krb5_error_code ret;
SignedData sd;
krb5_data buf, sd_buf;
krb5_data buf, signed_data;
size_t size;
memset(&contentinfo, 0, sizeof(contentinfo));
memset(&dh_info, 0, sizeof(dh_info));
memset(&sd, 0, sizeof(sd));
krb5_data_zero(&buf);
krb5_data_zero(&sd_buf);
krb5_data_zero(&signed_data);
dh_pub_key = BN_to_ASN1_INTEGER(kdc_dh->pub_key, NULL);
if (dh_pub_key == NULL) {
@ -1190,17 +1187,21 @@ pk_mk_pa_reply_dh(krb5_context context,
ret = _krb5_pk_create_sign(context,
oid_id_pkdhkeydata(),
&buf,
kdc_identity,
&sd_buf);
kdc_identity,
&signed_data);
krb5_data_free(&buf);
if (ret)
goto out;
ret = _krb5_pk_mk_ContentInfo(context, &sd_buf, oid_id_pkcs7_signedData(),
ret = _krb5_pk_mk_ContentInfo(context,
&signed_data,
oid_id_pkcs7_signedData(),
content_info);
krb5_data_free(&sd_buf);
if (ret)
goto out;
out:
krb5_data_free(&signed_data);
free_KDCDHKeyInfo(&dh_info);
return ret;
@ -1249,14 +1250,15 @@ _kdc_pk_mk_pa_reply(krb5_context context,
if (client_params->type == PKINIT_COMPAT_27) {
PA_PK_AS_REP rep;
pa_type = KRB5_PADATA_PK_AS_REP;
memset(&rep, 0, sizeof(rep));
pa_type = KRB5_PADATA_PK_AS_REP;
if (client_params->dh == NULL) {
rep.element = choice_PA_PK_AS_REP_encKeyPack;
ContentInfo info;
rep.element = choice_PA_PK_AS_REP_encKeyPack;
krb5_generate_random_keyblock(context, enctype,
&client_params->reply_key);
ret = pk_mk_pa_reply_enckey(context,
@ -1283,8 +1285,37 @@ _kdc_pk_mk_pa_reply(krb5_context context,
krb5_abortx(context, "Internal ASN.1 encoder error");
} else {
krb5_set_error_string(context, "DH -27 not implemented");
ret = KRB5KRB_ERR_GENERIC;
ContentInfo info;
rep.element = choice_PA_PK_AS_REP_dhInfo;
ret = check_dh_params(client_params->dh);
if (ret)
return ret;
ret = generate_dh_keyblock(context, client_params, enctype,
&client_params->reply_key);
if (ret)
return ret;
ret = pk_mk_pa_reply_dh(context, client_params->dh,
client_params,
&client_params->reply_key,
&info);
ASN1_MALLOC_ENCODE(ContentInfo, rep.u.dhInfo.dhSignedData.data,
rep.u.dhInfo.dhSignedData.length, &info, &size,
ret);
free_ContentInfo(&info);
if (ret) {
krb5_set_error_string(context, "encoding of Key ContentInfo "
"failed %d", ret);
free_PA_PK_AS_REP(&rep);
goto out;
}
if (rep.u.encKeyPack.length != size)
krb5_abortx(context, "Internal ASN.1 encoder error");
}
if (ret) {
free_PA_PK_AS_REP(&rep);
@ -1319,21 +1350,8 @@ _kdc_pk_mk_pa_reply(krb5_context context,
&client_params->reply_key,
&rep.u.encKeyPack);
} else {
rep.element = choice_PA_PK_AS_REP_19_dhSignedData;
ret = check_dh_params(client_params->dh);
if (ret)
return ret;
ret = generate_dh_keyblock(context, client_params, enctype,
&client_params->reply_key);
if (ret)
return ret;
ret = pk_mk_pa_reply_dh(context, client_params->dh,
client_params,
&client_params->reply_key,
&rep.u.dhSignedData);
krb5_set_error_string(context, "DH -19 not implemented");
ret = KRB5KRB_ERR_GENERIC;
}
if (ret) {
free_PA_PK_AS_REP_19(&rep);

12
source/heimdal/lib/asn1/gen_decode.c
View File

@ -34,7 +34,7 @@
#include "gen_locl.h"
#include "lex.h"
RCSID("$Id: gen_decode.c,v 1.28 2005/08/23 11:51:25 lha Exp $");
RCSID("$Id: gen_decode.c,v 1.29 2005/09/21 00:30:37 lha Exp $");
static void
decode_primitive (const char *typename, const char *name, const char *forwstr)
@ -396,17 +396,15 @@ decode_type (const char *name, const Type *t, int optional,
"%s_tmp = realloc((%s)->val, "
" sizeof(*((%s)->val)) * ((%s)->len + 1));\n"
"if (%s_tmp == NULL) { %s; }\n"
"(%s)->len++;\n"
"(%s)->val = %s_tmp;\n",
tmpstr, tmpstr, tmpstr,
name, name,
tmpstr, tmpstr,
name, name, name,
tmpstr,
forwstr, name, name,
tmpstr);
tmpstr, forwstr,
name, tmpstr);
asprintf (&n, "&(%s)->val[(%s)->len-1]", name, name);
asprintf (&n, "&(%s)->val[(%s)->len]", name, name);
if (n == NULL)
errx(1, "malloc");
asprintf (&sname, "%s_s_of", tmpstr);
@ -414,10 +412,12 @@ decode_type (const char *name, const Type *t, int optional,
errx(1, "malloc");
decode_type (n, t->subtype, 0, forwstr, sname);
fprintf (codefile,
"(%s)->len++;\n"
"len = %s_origlen - ret;\n"
"}\n"
"ret += %s_oldret;\n"
"}\n",
name,
tmpstr, tmpstr);
free (n);
free (sname);

254
source/heimdal/lib/asn1/lex.c
View File

@ -736,7 +736,7 @@ char *yytext;
* SUCH DAMAGE.
*/
/* $Id: lex.l,v 1.26 2005/07/12 06:27:33 lha Exp $ */
/* $Id: lex.l,v 1.27 2005/09/13 18:17:16 lha Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
@ -758,8 +758,8 @@ static unsigned lineno = 1;
#undef ECHO
static void handle_comment(int type);
static char *handle_string(void);
static void unterminated(const char *, unsigned);
#line 764 "lex.c"
/* Macros after this point can all be overridden by user definitions in
@ -1419,21 +1419,121 @@ YY_RULE_SETUP
case 85:
YY_RULE_SETUP
#line 147 "lex.l"
{ handle_comment(0); }
{
int c, start_lineno = lineno;
int f = 0;
while((c = input()) != EOF) {
if(f && c == '-')
break;
if(c == '-') {
f = 1;
continue;
}
if(c == '\n') {
lineno++;
break;
}
f = 0;
}
if(c == EOF)
unterminated("comment", start_lineno);
}
YY_BREAK
case 86:
YY_RULE_SETUP
#line 148 "lex.l"
{ handle_comment(1); }
#line 166 "lex.l"
{
int c, start_lineno = lineno;
int level = 1;
int seen_star = 0;
int seen_slash = 0;
while((c = input()) != EOF) {
if(c == '/') {
if(seen_star) {
if(--level == 0)
break;
seen_star = 0;
continue;
}
seen_slash = 1;
continue;
}
if(seen_star && c == '/') {
if(--level == 0)
break;
seen_star = 0;
continue;
}
if(c == '*') {
if(seen_slash) {
level++;
seen_star = seen_slash = 0;
continue;
}
seen_star = 1;
continue;
}
seen_star = seen_slash = 0;
if(c == '\n') {
lineno++;
continue;
}
}
if(c == EOF)
unterminated("comment", start_lineno);
}
YY_BREAK
case 87:
YY_RULE_SETUP
#line 149 "lex.l"
{ yylval.name = handle_string(); return STRING; }
#line 206 "lex.l"
{
int start_lineno = lineno;
int c;
char buf[1024];
char *p = buf;
int f = 0;
int skip_ws = 0;
while((c = input()) != EOF) {
if(isspace(c) && skip_ws) {
if(c == '\n')
lineno++;
continue;
}
skip_ws = 0;
if(c == '"') {
if(f) {
*p++ = '"';
f = 0;
} else
f = 1;
continue;
}
if(f == 1) {
unput(c);
break;
}
if(c == '\n') {
lineno++;
while(p > buf && isspace((unsigned char)p[-1]))
p--;
skip_ws = 1;
continue;
}
*p++ = c;
}
if(c == EOF)
unterminated("string", start_lineno);
*p++ = '\0';
fprintf(stderr, "string -- %s\n", buf);
yylval.name = estrdup(buf);
return STRING;
}
YY_BREAK
case 88:
YY_RULE_SETUP
#line 151 "lex.l"
#line 251 "lex.l"
{ char *e, *y = yytext;
yylval.constant = strtol((const char *)yytext,
&e, 0);
@ -1445,7 +1545,7 @@ YY_RULE_SETUP
YY_BREAK
case 89:
YY_RULE_SETUP
#line 159 "lex.l"
#line 259 "lex.l"
{
yylval.name = estrdup ((const char *)yytext);
return IDENTIFIER;
@ -1453,35 +1553,35 @@ YY_RULE_SETUP
YY_BREAK
case 90:
YY_RULE_SETUP
#line 163 "lex.l"
#line 263 "lex.l"
;
YY_BREAK
case 91:
YY_RULE_SETUP
#line 164 "lex.l"
#line 264 "lex.l"
{ ++lineno; }
YY_BREAK
case 92:
YY_RULE_SETUP
#line 165 "lex.l"
#line 265 "lex.l"
{ return ELLIPSIS; }
YY_BREAK
case 93:
YY_RULE_SETUP
#line 166 "lex.l"
#line 266 "lex.l"
{ return RANGE; }
YY_BREAK
case 94:
YY_RULE_SETUP
#line 167 "lex.l"
#line 267 "lex.l"
{ error_message("Ignoring char(%c)\n", *yytext); }
YY_BREAK
case 95:
YY_RULE_SETUP
#line 168 "lex.l"
#line 268 "lex.l"
ECHO;
YY_BREAK
#line 1485 "lex.c"
#line 1585 "lex.c"
case YY_STATE_EOF(INITIAL):
yyterminate();
@ -2363,7 +2463,7 @@ int main()
return 0;
}
#endif
#line 168 "lex.l"
#line 268 "lex.l"
#ifndef yywrap /* XXX */
@ -2377,119 +2477,17 @@ yywrap ()
void
error_message (const char *format, ...)
{
va_list args;
va_list args;
va_start (args, format);
fprintf (stderr, "%s:%d: ", get_filename(), lineno);
vfprintf (stderr, format, args);
va_end (args);
error_flag++;
va_start (args, format);
fprintf (stderr, "%s:%d: ", get_filename(), lineno);
vfprintf (stderr, format, args);
va_end (args);
error_flag++;
}
static void
handle_comment(int type)
unterminated(const char *type, unsigned start_lineno)
{
int c;
int start_lineno = lineno;
if(type == 0) {
int f = 0;
while((c = input()) != EOF) {
if(f && c == '-')
return;
if(c == '-') {
f = 1;
continue;
}
if(c == '\n') {
lineno++;
return;
}
f = 0;
}
} else {
int level = 1;
int seen_star = 0;
int seen_slash = 0;
while((c = input()) != EOF) {
if(c == '/') {
if(seen_star) {
if(--level == 0)
return;
seen_star = 0;
continue;
}
seen_slash = 1;
continue;
}
if(seen_star && c == '/') {
if(--level == 0)
return;
seen_star = 0;
continue;
}
if(c == '*') {
if(seen_slash) {
level++;
seen_star = seen_slash = 0;
continue;
}
seen_star = 1;
continue;
}
seen_star = seen_slash = 0;
if(c == '\n') {
lineno++;
continue;
}
}
}
if(c == EOF)
error_message("unterminated comment, possibly started on line %d\n", start_lineno);
error_message("unterminated %s, possibly started on line %d\n", type, start_lineno);
}
static char *
handle_string(void)
{
int start_lineno = lineno;
int c;
char buf[1024];
char *p = buf;
int f = 0;
int skip_ws = 0;
while((c = input()) != EOF) {
if(isspace(c) && skip_ws) {
if(c == '\n')
lineno++;
continue;
}
skip_ws = 0;
if(c == '"') {
if(f) {
*p++ = '"';
f = 0;
} else
f = 1;
continue;
}
if(f == 1) {
unput(c);
break;
}
if(c == '\n') {
lineno++;
while(p > buf && isspace((unsigned char)p[-1]))
p--;
skip_ws = 1;
continue;
}
*p++ = c;
}
if(c == EOF)
error_message("unterminated string, possibly started on line %d\n", start_lineno);
*p++ = '\0';
fprintf(stderr, "string -- %s\n", buf);
return estrdup(buf);
}

230
source/heimdal/lib/asn1/lex.l
View File

@ -32,7 +32,7 @@
* SUCH DAMAGE.
*/
/* $Id: lex.l,v 1.26 2005/07/12 06:27:33 lha Exp $ */
/* $Id: lex.l,v 1.27 2005/09/13 18:17:16 lha Exp $ */
#ifdef HAVE_CONFIG_H
#include <config.h>
@ -54,8 +54,8 @@ static unsigned lineno = 1;
#undef ECHO
static void handle_comment(int type);
static char *handle_string(void);
static void unterminated(const char *, unsigned);
%}
@ -144,9 +144,109 @@ WITH { return kw_WITH; }
"[" { return *yytext; }
"]" { return *yytext; }
::= { return EEQUAL; }
-- { handle_comment(0); }
\/\* { handle_comment(1); }
"\"" { yylval.name = handle_string(); return STRING; }
-- {
int c, start_lineno = lineno;
int f = 0;
while((c = input()) != EOF) {
if(f && c == '-')
break;
if(c == '-') {
f = 1;
continue;
}
if(c == '\n') {
lineno++;
break;
}
f = 0;
}
if(c == EOF)
unterminated("comment", start_lineno);
}
\/\* {
int c, start_lineno = lineno;
int level = 1;
int seen_star = 0;
int seen_slash = 0;
while((c = input()) != EOF) {
if(c == '/') {
if(seen_star) {
if(--level == 0)
break;
seen_star = 0;
continue;
}
seen_slash = 1;
continue;
}
if(seen_star && c == '/') {
if(--level == 0)
break;
seen_star = 0;
continue;
}
if(c == '*') {
if(seen_slash) {
level++;
seen_star = seen_slash = 0;
continue;
}
seen_star = 1;
continue;
}
seen_star = seen_slash = 0;
if(c == '\n') {
lineno++;
continue;
}
}
if(c == EOF)
unterminated("comment", start_lineno);
}
"\"" {
int start_lineno = lineno;
int c;
char buf[1024];
char *p = buf;
int f = 0;
int skip_ws = 0;
while((c = input()) != EOF) {
if(isspace(c) && skip_ws) {
if(c == '\n')
lineno++;
continue;
}
skip_ws = 0;
if(c == '"') {
if(f) {
*p++ = '"';
f = 0;
} else
f = 1;
continue;
}
if(f == 1) {
unput(c);
break;
}
if(c == '\n') {
lineno++;
while(p > buf && isspace((unsigned char)p[-1]))
p--;
skip_ws = 1;
continue;
}
*p++ = c;
}
if(c == EOF)
unterminated("string", start_lineno);
*p++ = '\0';
fprintf(stderr, "string -- %s\n", buf);
yylval.name = estrdup(buf);
return STRING;
}
-?0x[0-9A-Fa-f]+|-?[0-9]+ { char *e, *y = yytext;
yylval.constant = strtol((const char *)yytext,
@ -178,119 +278,17 @@ yywrap ()
void
error_message (const char *format, ...)
{
va_list args;
va_list args;
va_start (args, format);
fprintf (stderr, "%s:%d: ", get_filename(), lineno);
vfprintf (stderr, format, args);
va_end (args);
error_flag++;
va_start (args, format);
fprintf (stderr, "%s:%d: ", get_filename(), lineno);
vfprintf (stderr, format, args);
va_end (args);
error_flag++;
}
static void
handle_comment(int type)
unterminated(const char *type, unsigned start_lineno)
{
int c;
int start_lineno = lineno;
if(type == 0) {
int f = 0;
while((c = input()) != EOF) {
if(f && c == '-')
return;
if(c == '-') {
f = 1;
continue;
}
if(c == '\n') {
lineno++;
return;
}
f = 0;
}
} else {
int level = 1;
int seen_star = 0;
int seen_slash = 0;
while((c = input()) != EOF) {
if(c == '/') {
if(seen_star) {
if(--level == 0)
return;
seen_star = 0;
continue;
}
seen_slash = 1;
continue;
}
if(seen_star && c == '/') {
if(--level == 0)
return;
seen_star = 0;
continue;
}
if(c == '*') {
if(seen_slash) {
level++;
seen_star = seen_slash = 0;
continue;
}
seen_star = 1;
continue;
}
seen_star = seen_slash = 0;
if(c == '\n') {
lineno++;
continue;
}
}
}
if(c == EOF)
error_message("unterminated comment, possibly started on line %d\n", start_lineno);
error_message("unterminated %s, possibly started on line %d\n", type, start_lineno);
}
static char *
handle_string(void)
{
int start_lineno = lineno;
int c;
char buf[1024];
char *p = buf;
int f = 0;
int skip_ws = 0;
while((c = input()) != EOF) {
if(isspace(c) && skip_ws) {
if(c == '\n')
lineno++;
continue;
}
skip_ws = 0;
if(c == '"') {
if(f) {
*p++ = '"';
f = 0;
} else
f = 1;
continue;
}
if(f == 1) {
unput(c);
break;
}
if(c == '\n') {
lineno++;
while(p > buf && isspace((unsigned char)p[-1]))
p--;
skip_ws = 1;
continue;
}
*p++ = c;
}
if(c == EOF)
error_message("unterminated string, possibly started on line %d\n", start_lineno);
*p++ = '\0';
fprintf(stderr, "string -- %s\n", buf);
return estrdup(buf);
}

4
source/heimdal/lib/asn1/pkcs8.asn1
View File

@ -1,4 +1,4 @@
-- $Id: pkcs8.asn1,v 1.2 2005/07/12 06:27:36 lha Exp $ --
-- $Id: pkcs8.asn1,v 1.3 2005/09/13 19:41:29 lha Exp $ --
PKCS8 DEFINITIONS ::=
@ -17,7 +17,7 @@ PKCS8PrivateKeyInfo ::= SEQUENCE {
version INTEGER,
privateKeyAlgorithm PKCS8PrivateKeyAlgorithmIdentifier,
privateKey PKCS8PrivateKey,
attributes [0] IMPLICIT PKCS8Attributes OPTIONAL
attributes [0] IMPLICIT SET OF Attribute OPTIONAL
}
PKCS8EncryptedData ::= OCTET STRING

209
source/heimdal/lib/com_err/parse.c
View File

@ -1,7 +1,7 @@
/* A Bison parser, made by GNU Bison 1.875c. */
/* A Bison parser, made by GNU Bison 2.0. */
/* Skeleton parser for Yacc-like parsing with Bison,
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -148,7 +148,7 @@ typedef union YYSTYPE {
char *string;
int number;
} YYSTYPE;
/* Line 191 of yacc.c. */
/* Line 190 of yacc.c. */
#line 153 "$base.c"
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1
@ -160,7 +160,7 @@ typedef union YYSTYPE {
/* Copy the second part of user declarations. */
/* Line 214 of yacc.c. */
/* Line 213 of yacc.c. */
#line 165 "$base.c"
#if ! defined (yyoverflow) || YYERROR_VERBOSE
@ -176,14 +176,10 @@ typedef union YYSTYPE {
# ifdef YYSTACK_USE_ALLOCA
# if YYSTACK_USE_ALLOCA
# define YYSTACK_ALLOC alloca
# endif
# else
# if defined (alloca) || defined (_ALLOCA_H)
# define YYSTACK_ALLOC alloca
# else
# ifdef __GNUC__
# define YYSTACK_ALLOC __builtin_alloca
# else
# define YYSTACK_ALLOC alloca
# endif
# endif
# endif
@ -209,7 +205,7 @@ typedef union YYSTYPE {
/* A type that is properly aligned for any stack member. */
union yyalloc
{
short yyss;
short int yyss;
YYSTYPE yyvs;
};
@ -219,7 +215,7 @@ union yyalloc
/* The size of an array large to enough to hold all stacks, each with
N elements. */
# define YYSTACK_BYTES(N) \
((N) * (sizeof (short) + sizeof (YYSTYPE)) \
((N) * (sizeof (short int) + sizeof (YYSTYPE)) \
+ YYSTACK_GAP_MAXIMUM)
/* Copy COUNT objects from FROM to TO. The source and destination do
@ -261,7 +257,7 @@ union yyalloc
#if defined (__STDC__) || defined (__cplusplus)
typedef signed char yysigned_char;
#else
typedef short yysigned_char;
typedef short int yysigned_char;
#endif
/* YYFINAL -- State number of the termination state. */
@ -358,7 +354,7 @@ static const char *const yytname[] =
# ifdef YYPRINT
/* YYTOKNUM[YYLEX-NUM] -- Internal token number corresponding to
token YYLEX-NUM. */
static const unsigned short yytoknum[] =
static const unsigned short int yytoknum[] =
{
0, 256, 257, 258, 259, 260, 261, 262, 263, 264,
265, 44
@ -490,20 +486,53 @@ do \
} \
while (0)
#define YYTERROR 1
#define YYERRCODE 256
/* YYLLOC_DEFAULT -- Compute the default location (before the actions
are run). */
/* YYLLOC_DEFAULT -- Set CURRENT to span from RHS[1] to RHS[N].
If N is 0, then set CURRENT to the empty location which ends
the previous symbol: RHS[0] (always defined). */
#define YYRHSLOC(Rhs, K) ((Rhs)[K])
#ifndef YYLLOC_DEFAULT
# define YYLLOC_DEFAULT(Current, Rhs, N) \
((Current).first_line = (Rhs)[1].first_line, \
(Current).first_column = (Rhs)[1].first_column, \
(Current).last_line = (Rhs)[N].last_line, \
(Current).last_column = (Rhs)[N].last_column)
# define YYLLOC_DEFAULT(Current, Rhs, N) \
do \
if (N) \
{ \
(Current).first_line = YYRHSLOC (Rhs, 1).first_line; \
(Current).first_column = YYRHSLOC (Rhs, 1).first_column; \
(Current).last_line = YYRHSLOC (Rhs, N).last_line; \
(Current).last_column = YYRHSLOC (Rhs, N).last_column; \
} \
else \
{ \
(Current).first_line = (Current).last_line = \
YYRHSLOC (Rhs, 0).last_line; \
(Current).first_column = (Current).last_column = \
YYRHSLOC (Rhs, 0).last_column; \
} \
while (0)
#endif
/* YY_LOCATION_PRINT -- Print the location on the stream.
This macro was not mandated originally: define only if we know
we won't break user code: when these are the locations we know. */
#ifndef YY_LOCATION_PRINT
# if YYLTYPE_IS_TRIVIAL
# define YY_LOCATION_PRINT(File, Loc) \
fprintf (File, "%d.%d-%d.%d", \
(Loc).first_line, (Loc).first_column, \
(Loc).last_line, (Loc).last_column)
# else
# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
# endif
#endif
/* YYLEX -- calling `yylex' with the right arguments. */
#ifdef YYLEX_PARAM
@ -526,19 +555,13 @@ do { \
YYFPRINTF Args; \
} while (0)
# define YYDSYMPRINT(Args) \
do { \
if (yydebug) \
yysymprint Args; \
} while (0)
# define YYDSYMPRINTF(Title, Token, Value, Location) \
# define YY_SYMBOL_PRINT(Title, Type, Value, Location) \
do { \
if (yydebug) \
{ \
YYFPRINTF (stderr, "%s ", Title); \
yysymprint (stderr, \
Token, Value); \
Type, Value); \
YYFPRINTF (stderr, "\n"); \
} \
} while (0)
@ -550,12 +573,12 @@ do { \
#if defined (__STDC__) || defined (__cplusplus)
static void
yy_stack_print (short *bottom, short *top)
yy_stack_print (short int *bottom, short int *top)
#else
static void
yy_stack_print (bottom, top)
short *bottom;
short *top;
short int *bottom;
short int *top;
#endif
{
YYFPRINTF (stderr, "Stack now");
@ -605,8 +628,7 @@ do { \
int yydebug;
#else /* !YYDEBUG */
# define YYDPRINTF(Args)
# define YYDSYMPRINT(Args)
# define YYDSYMPRINTF(Title, Token, Value, Location)
# define YY_SYMBOL_PRINT(Title, Type, Value, Location)
# define YY_STACK_PRINT(Bottom, Top)
# define YY_REDUCE_PRINT(Rule)
#endif /* !YYDEBUG */
@ -624,10 +646,6 @@ int yydebug;
SIZE_MAX < YYSTACK_BYTES (YYMAXDEPTH)
evaluated with infinite-precision integer arithmetic. */
#if defined (YYMAXDEPTH) && YYMAXDEPTH == 0
# undef YYMAXDEPTH
#endif
#ifndef YYMAXDEPTH
# define YYMAXDEPTH 10000
#endif
@ -709,15 +727,15 @@ yysymprint (yyoutput, yytype, yyvaluep)
(void) yyvaluep;
if (yytype < YYNTOKENS)
{
YYFPRINTF (yyoutput, "token %s (", yytname[yytype]);
# ifdef YYPRINT
YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep);
# endif
}
YYFPRINTF (yyoutput, "token %s (", yytname[yytype]);
else
YYFPRINTF (yyoutput, "nterm %s (", yytname[yytype]);
# ifdef YYPRINT
if (yytype < YYNTOKENS)
YYPRINT (yyoutput, yytoknum[yytype], *yyvaluep);
# endif
switch (yytype)
{
default:
@ -733,10 +751,11 @@ yysymprint (yyoutput, yytype, yyvaluep)
#if defined (__STDC__) || defined (__cplusplus)
static void
yydestruct (int yytype, YYSTYPE *yyvaluep)
yydestruct (const char *yymsg, int yytype, YYSTYPE *yyvaluep)
#else
static void
yydestruct (yytype, yyvaluep)
yydestruct (yymsg, yytype, yyvaluep)
const char *yymsg;
int yytype;
YYSTYPE *yyvaluep;
#endif
@ -744,6 +763,10 @@ yydestruct (yytype, yyvaluep)
/* Pacify ``unused variable'' warnings. */
(void) yyvaluep;
if (!yymsg)
yymsg = "Deleting";
YY_SYMBOL_PRINT (yymsg, yytype, yyvaluep, yylocationp);
switch (yytype)
{
@ -771,10 +794,10 @@ int yyparse ();
/* The lookahead symbol. */
/* The look-ahead symbol. */
int yychar;
/* The semantic value of the lookahead symbol. */
/* The semantic value of the look-ahead symbol. */
YYSTYPE yylval;
/* Number of syntax errors so far. */
@ -810,7 +833,7 @@ yyparse ()
int yyresult;
/* Number of tokens to shift before error messages enabled. */
int yyerrstatus;
/* Lookahead token as an internal (translated) token number. */
/* Look-ahead token as an internal (translated) token number. */
int yytoken = 0;
/* Three stacks and their tools:
@ -822,9 +845,9 @@ yyparse ()
to reallocate them elsewhere. */
/* The state stack. */
short yyssa[YYINITDEPTH];
short *yyss = yyssa;
register short *yyssp;
short int yyssa[YYINITDEPTH];
short int *yyss = yyssa;
register short int *yyssp;
/* The semantic value stack. */
YYSTYPE yyvsa[YYINITDEPTH];
@ -861,6 +884,9 @@ yyparse ()
yyssp = yyss;
yyvsp = yyvs;
yyvsp[0] = yylval;
goto yysetstate;
/*------------------------------------------------------------.
@ -886,7 +912,7 @@ yyparse ()
these so that the &'s don't force the real ones into
memory. */
YYSTYPE *yyvs1 = yyvs;
short *yyss1 = yyss;
short int *yyss1 = yyss;
/* Each stack pointer address is followed by the size of the
@ -914,7 +940,7 @@ yyparse ()
yystacksize = YYMAXDEPTH;
{
short *yyss1 = yyss;
short int *yyss1 = yyss;
union yyalloc *yyptr =
(union yyalloc *) YYSTACK_ALLOC (YYSTACK_BYTES (yystacksize));
if (! yyptr)
@ -950,18 +976,18 @@ yyparse ()
yybackup:
/* Do appropriate processing given the current state. */
/* Read a lookahead token if we need one and don't already have one. */
/* Read a look-ahead token if we need one and don't already have one. */
/* yyresume: */
/* First try to decide what to do without reference to lookahead token. */
/* First try to decide what to do without reference to look-ahead token. */
yyn = yypact[yystate];
if (yyn == YYPACT_NINF)
goto yydefault;
/* Not known => get a lookahead token if don't already have one. */
/* Not known => get a look-ahead token if don't already have one. */
/* YYCHAR is either YYEMPTY or YYEOF or a valid lookahead symbol. */
/* YYCHAR is either YYEMPTY or YYEOF or a valid look-ahead symbol. */
if (yychar == YYEMPTY)
{
YYDPRINTF ((stderr, "Reading a token: "));
@ -976,7 +1002,7 @@ yybackup:
else
{
yytoken = YYTRANSLATE (yychar);
YYDSYMPRINTF ("Next token is", yytoken, &yylval, &yylloc);
YY_SYMBOL_PRINT ("Next token is", yytoken, &yylval, &yylloc);
}
/* If the proper action on seeing token YYTOKEN is to reduce or to
@ -996,8 +1022,8 @@ yybackup:
if (yyn == YYFINAL)
YYACCEPT;
/* Shift the lookahead token. */
YYDPRINTF ((stderr, "Shifting token %s, ", yytname[yytoken]));
/* Shift the look-ahead token. */
YY_SYMBOL_PRINT ("Shifting", yytoken, &yylval, &yylloc);
/* Discard the token being shifted unless it is eof. */
if (yychar != YYEOF)
@ -1049,33 +1075,33 @@ yyreduce:
case 6:
#line 73 "parse.y"
{
id_str = yyvsp[0].string;
id_str = (yyvsp[0].string);
}
break;
case 7:
#line 79 "parse.y"
{
base_id = name2number(yyvsp[0].string);
strlcpy(name, yyvsp[0].string, sizeof(name));
free(yyvsp[0].string);
base_id = name2number((yyvsp[0].string));
strlcpy(name, (yyvsp[0].string), sizeof(name));
free((yyvsp[0].string));
}
break;
case 8:
#line 85 "parse.y"
{
base_id = name2number(yyvsp[-1].string);
strlcpy(name, yyvsp[0].string, sizeof(name));
free(yyvsp[-1].string);
free(yyvsp[0].string);
base_id = name2number((yyvsp[-1].string));
strlcpy(name, (yyvsp[0].string), sizeof(name));
free((yyvsp[-1].string));
free((yyvsp[0].string));
}
break;
case 11:
#line 98 "parse.y"
{
number = yyvsp[0].number;
number = (yyvsp[0].number);
}
break;
@ -1083,10 +1109,10 @@ yyreduce:
#line 102 "parse.y"
{
free(prefix);
asprintf (&prefix, "%s_", yyvsp[0].string);
asprintf (&prefix, "%s_", (yyvsp[0].string));
if (prefix == NULL)
errx(1, "malloc");
free(yyvsp[0].string);
free((yyvsp[0].string));
}
break;
@ -1111,13 +1137,13 @@ yyreduce:
ec->next = NULL;
ec->number = number;
if(prefix && *prefix != '\0') {
asprintf (&ec->name, "%s%s", prefix, yyvsp[-2].string);
asprintf (&ec->name, "%s%s", prefix, (yyvsp[-2].string));
if (ec->name == NULL)
errx(1, "malloc");
free(yyvsp[-2].string);
free((yyvsp[-2].string));
} else
ec->name = yyvsp[-2].string;
ec->string = yyvsp[0].string;
ec->name = (yyvsp[-2].string);
ec->string = (yyvsp[0].string);
APPEND(codes, ec);
number++;
}
@ -1133,8 +1159,8 @@ yyreduce:
}
/* Line 1000 of yacc.c. */
#line 1138 "$base.c"
/* Line 1037 of yacc.c. */
#line 1164 "$base.c"
yyvsp -= yylen;
yyssp -= yylen;
@ -1234,7 +1260,7 @@ yyerrlab:
if (yyerrstatus == 3)
{
/* If just tried and failed to reuse lookahead token after an
/* If just tried and failed to reuse look-ahead token after an
error, discard it. */
if (yychar <= YYEOF)
@ -1244,23 +1270,22 @@ yyerrlab:
if (yychar == YYEOF)
for (;;)
{
YYPOPSTACK;
if (yyssp == yyss)
YYABORT;
YYDSYMPRINTF ("Error: popping", yystos[*yyssp], yyvsp, yylsp);
yydestruct (yystos[*yyssp], yyvsp);
yydestruct ("Error: popping",
yystos[*yyssp], yyvsp);
}
}
else
{
YYDSYMPRINTF ("Error: discarding", yytoken, &yylval, &yylloc);
yydestruct (yytoken, &yylval);
yydestruct ("Error: discarding", yytoken, &yylval);
yychar = YYEMPTY;
}
}
/* Else will try to reuse lookahead token after shifting the error
/* Else will try to reuse look-ahead token after shifting the error
token. */
goto yyerrlab1;
@ -1277,7 +1302,7 @@ yyerrorlab:
goto yyerrorlab;
#endif
yyvsp -= yylen;
yyvsp -= yylen;
yyssp -= yylen;
yystate = *yyssp;
goto yyerrlab1;
@ -1307,8 +1332,8 @@ yyerrlab1:
if (yyssp == yyss)
YYABORT;
YYDSYMPRINTF ("Error: popping", yystos[*yyssp], yyvsp, yylsp);
yydestruct (yystos[yystate], yyvsp);
yydestruct ("Error: popping", yystos[yystate], yyvsp);
YYPOPSTACK;
yystate = *yyssp;
YY_STACK_PRINT (yyss, yyssp);
@ -1317,11 +1342,12 @@ yyerrlab1:
if (yyn == YYFINAL)
YYACCEPT;
YYDPRINTF ((stderr, "Shifting error token, "));
*++yyvsp = yylval;
/* Shift the error token. */
YY_SYMBOL_PRINT ("Shifting", yystos[yyn], yyvsp, yylsp);
yystate = yyn;
goto yynewstate;
@ -1337,6 +1363,9 @@ yyacceptlab:
| yyabortlab -- YYABORT comes here. |
`-----------------------------------*/
yyabortlab:
yydestruct ("Error: discarding lookahead",
yytoken, &yylval);
yychar = YYEMPTY;
yyresult = 1;
goto yyreturn;

6
source/heimdal/lib/com_err/parse.h
View File

@ -1,7 +1,7 @@
/* A Bison parser, made by GNU Bison 1.875c. */
/* A Bison parser, made by GNU Bison 2.0. */
/* Skeleton parser for Yacc-like parsing with Bison,
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003 Free Software Foundation, Inc.
Copyright (C) 1984, 1989, 1990, 2000, 2001, 2002, 2003, 2004 Free Software Foundation, Inc.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
@ -57,7 +57,7 @@ typedef union YYSTYPE {
char *string;
int number;
} YYSTYPE;
/* Line 1275 of yacc.c. */
/* Line 1318 of yacc.c. */
#line 62 "parse.h"
# define yystype YYSTYPE /* obsolescent; will be withdrawn */
# define YYSTYPE_IS_DECLARED 1

2
source/heimdal/lib/gssapi/cfx.c
View File

@ -77,7 +77,7 @@ wrap_length_cfx(krb5_crypto crypto,
if (ret) {
return ret;
}
if (*padsize > 1) {
if (padsize > 1) {
/* XXX check this */
*padlength = *padsize - (input_length % *padsize);
}

359
source/heimdal/lib/hdb/hdb-protos.h
View File

@ -8,317 +8,6 @@
extern "C" {
#endif
unsigned
HDBFlags2int (HDBFlags /*f*/);
int
copy_Event (
const Event */*from*/,
Event */*to*/);
int
copy_GENERATION (
const GENERATION */*from*/,
GENERATION */*to*/);
int
copy_HDBFlags (
const HDBFlags */*from*/,
HDBFlags */*to*/);
int
copy_HDB_Ext_Aliases (
const HDB_Ext_Aliases */*from*/,
HDB_Ext_Aliases */*to*/);
int
copy_HDB_Ext_Constrained_delegation_acl (
const HDB_Ext_Constrained_delegation_acl */*from*/,
HDB_Ext_Constrained_delegation_acl */*to*/);
int
copy_HDB_Ext_Lan_Manager_OWF (
const HDB_Ext_Lan_Manager_OWF */*from*/,
HDB_Ext_Lan_Manager_OWF */*to*/);
int
copy_HDB_Ext_PKINIT_acl (
const HDB_Ext_PKINIT_acl */*from*/,
HDB_Ext_PKINIT_acl */*to*/);
int
copy_HDB_Ext_PKINIT_certificate (
const HDB_Ext_PKINIT_certificate */*from*/,
HDB_Ext_PKINIT_certificate */*to*/);
int
copy_HDB_Ext_Password (
const HDB_Ext_Password */*from*/,
HDB_Ext_Password */*to*/);
int
copy_HDB_extension (
const HDB_extension */*from*/,
HDB_extension */*to*/);
int
copy_HDB_extensions (
const HDB_extensions */*from*/,
HDB_extensions */*to*/);
int
copy_Key (
const Key */*from*/,
Key */*to*/);
int
copy_Salt (
const Salt */*from*/,
Salt */*to*/);
int
copy_hdb_entry (
const hdb_entry */*from*/,
hdb_entry */*to*/);
int
decode_Event (
const unsigned char */*p*/,
size_t /*len*/,
Event */*data*/,
size_t */*size*/);
int
decode_GENERATION (
const unsigned char */*p*/,
size_t /*len*/,
GENERATION */*data*/,
size_t */*size*/);
int
decode_HDBFlags (
const unsigned char */*p*/,
size_t /*len*/,
HDBFlags */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Aliases (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Aliases */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Constrained_delegation_acl (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Constrained_delegation_acl */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Lan_Manager_OWF (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Lan_Manager_OWF */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_PKINIT_acl (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_PKINIT_acl */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_PKINIT_certificate (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_PKINIT_certificate */*data*/,
size_t */*size*/);
int
decode_HDB_Ext_Password (
const unsigned char */*p*/,
size_t /*len*/,
HDB_Ext_Password */*data*/,
size_t */*size*/);
int
decode_HDB_extension (
const unsigned char */*p*/,
size_t /*len*/,
HDB_extension */*data*/,
size_t */*size*/);
int
decode_HDB_extensions (
const unsigned char */*p*/,
size_t /*len*/,
HDB_extensions */*data*/,
size_t */*size*/);
int
decode_Key (
const unsigned char */*p*/,
size_t /*len*/,
Key */*data*/,
size_t */*size*/);
int
decode_Salt (
const unsigned char */*p*/,
size_t /*len*/,
Salt */*data*/,
size_t */*size*/);
int
decode_hdb_entry (
const unsigned char */*p*/,
size_t /*len*/,
hdb_entry */*data*/,
size_t */*size*/);
int
encode_Event (
unsigned char */*p*/,
size_t /*len*/,
const Event */*data*/,
size_t */*size*/);
int
encode_GENERATION (
unsigned char */*p*/,
size_t /*len*/,
const GENERATION */*data*/,
size_t */*size*/);
int
encode_HDBFlags (
unsigned char */*p*/,
size_t /*len*/,
const HDBFlags */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Aliases (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Aliases */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Constrained_delegation_acl (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Constrained_delegation_acl */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Lan_Manager_OWF (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Lan_Manager_OWF */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_PKINIT_acl (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_PKINIT_acl */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_PKINIT_certificate (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_PKINIT_certificate */*data*/,
size_t */*size*/);
int
encode_HDB_Ext_Password (
unsigned char */*p*/,
size_t /*len*/,
const HDB_Ext_Password */*data*/,
size_t */*size*/);
int
encode_HDB_extension (
unsigned char */*p*/,
size_t /*len*/,
const HDB_extension */*data*/,
size_t */*size*/);
int
encode_HDB_extensions (
unsigned char */*p*/,
size_t /*len*/,
const HDB_extensions */*data*/,
size_t */*size*/);
int
encode_Key (
unsigned char */*p*/,
size_t /*len*/,
const Key */*data*/,
size_t */*size*/);
int
encode_Salt (
unsigned char */*p*/,
size_t /*len*/,
const Salt */*data*/,
size_t */*size*/);
int
encode_hdb_entry (
unsigned char */*p*/,
size_t /*len*/,
const hdb_entry */*data*/,
size_t */*size*/);
void
free_Event (Event */*data*/);
void
free_GENERATION (GENERATION */*data*/);
void
free_HDBFlags (HDBFlags */*data*/);
void
free_HDB_Ext_Aliases (HDB_Ext_Aliases */*data*/);
void
free_HDB_Ext_Constrained_delegation_acl (HDB_Ext_Constrained_delegation_acl */*data*/);
void
free_HDB_Ext_Lan_Manager_OWF (HDB_Ext_Lan_Manager_OWF */*data*/);
void
free_HDB_Ext_PKINIT_acl (HDB_Ext_PKINIT_acl */*data*/);
void
free_HDB_Ext_PKINIT_certificate (HDB_Ext_PKINIT_certificate */*data*/);
void
free_HDB_Ext_Password (HDB_Ext_Password */*data*/);
void
free_HDB_extension (HDB_extension */*data*/);
void
free_HDB_extensions (HDB_extensions */*data*/);
void
free_Key (Key */*data*/);
void
free_Salt (Salt */*data*/);
void
free_hdb_entry (hdb_entry */*data*/);
krb5_error_code
hdb_add_master_key (
krb5_context /*context*/,
@ -608,54 +297,6 @@ hdb_write_master_key (
const char */*filename*/,
hdb_master_key /*mkey*/);
void
initialize_hdb_error_table_r (struct et_list **/*list*/);
HDBFlags
int2HDBFlags (unsigned /*n*/);
size_t
length_Event (const Event */*data*/);
size_t
length_GENERATION (const GENERATION */*data*/);
size_t
length_HDBFlags (const HDBFlags */*data*/);
size_t
length_HDB_Ext_Aliases (const HDB_Ext_Aliases */*data*/);
size_t
length_HDB_Ext_Constrained_delegation_acl (const HDB_Ext_Constrained_delegation_acl */*data*/);
size_t
length_HDB_Ext_Lan_Manager_OWF (const HDB_Ext_Lan_Manager_OWF */*data*/);
size_t
length_HDB_Ext_PKINIT_acl (const HDB_Ext_PKINIT_acl */*data*/);
size_t
length_HDB_Ext_PKINIT_certificate (const HDB_Ext_PKINIT_certificate */*data*/);
size_t
length_HDB_Ext_Password (const HDB_Ext_Password */*data*/);
size_t
length_HDB_extension (const HDB_extension */*data*/);
size_t
length_HDB_extensions (const HDB_extensions */*data*/);
size_t
length_Key (const Key */*data*/);
size_t
length_Salt (const Salt */*data*/);
size_t
length_hdb_entry (const hdb_entry */*data*/);
#ifdef __cplusplus
}
#endif

20
source/heimdal/lib/krb5/changepw.c
View File

@ -33,7 +33,7 @@
#include <krb5_locl.h>
RCSID("$Id: changepw.c,v 1.53 2005/05/25 05:30:42 lha Exp $");
RCSID("$Id: changepw.c,v 1.54 2005/09/08 11:38:01 lha Exp $");
static void
str2data (krb5_data *d,
@ -67,7 +67,7 @@ chgpw_send_request (krb5_context context,
krb5_principal targprinc,
int is_stream,
int sock,
char *passwd,
const char *passwd,
const char *host)
{
krb5_error_code ret;
@ -98,7 +98,7 @@ chgpw_send_request (krb5_context context,
if (ret)
return ret;
passwd_data.data = passwd;
passwd_data.data = rk_UNCONST(passwd);
passwd_data.length = strlen(passwd);
krb5_data_zero (&krb_priv_data);
@ -160,7 +160,7 @@ setpw_send_request (krb5_context context,
krb5_principal targprinc,
int is_stream,
int sock,
char *passwd,
const char *passwd,
const char *host)
{
krb5_error_code ret;
@ -186,7 +186,7 @@ setpw_send_request (krb5_context context,
return ret;
chpw.newpasswd.length = strlen(passwd);
chpw.newpasswd.data = passwd;
chpw.newpasswd.data = rk_UNCONST(passwd);
if (targprinc) {
chpw.targname = &targprinc->name;
chpw.targrealm = &targprinc->realm;
@ -456,7 +456,7 @@ typedef krb5_error_code (*kpwd_send_request) (krb5_context,
krb5_principal,
int,
int,
char *,
const char *,
const char *);
typedef krb5_error_code (*kpwd_process_reply) (krb5_context,
krb5_auth_context,
@ -509,7 +509,7 @@ static krb5_error_code
change_password_loop (krb5_context context,
krb5_creds *creds,
krb5_principal targprinc,
char *newpw,
const char *newpw,
int *result_code,
krb5_data *result_code_string,
krb5_data *result_string,
@ -663,7 +663,7 @@ change_password_loop (krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
krb5_change_password (krb5_context context,
krb5_creds *creds,
char *newpw,
const char *newpw,
int *result_code,
krb5_data *result_code_string,
krb5_data *result_string)
@ -689,7 +689,7 @@ krb5_change_password (krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
krb5_set_password(krb5_context context,
krb5_creds *creds,
char *newpw,
const char *newpw,
krb5_principal targprinc,
int *result_code,
krb5_data *result_code_string,
@ -732,7 +732,7 @@ krb5_set_password(krb5_context context,
krb5_error_code KRB5_LIB_FUNCTION
krb5_set_password_using_ccache(krb5_context context,
krb5_ccache ccache,
char *newpw,
const char *newpw,
krb5_principal targprinc,
int *result_code,
krb5_data *result_code_string,

136
source/heimdal/lib/krb5/crypto.c
View File

@ -32,7 +32,7 @@
*/
#include "krb5_locl.h"
RCSID("$Id: crypto.c,v 1.128 2005/07/20 07:22:43 lha Exp $");
RCSID("$Id: crypto.c,v 1.129 2005/09/19 22:13:54 lha Exp $");
#undef CRYPTO_DEBUG
#ifdef CRYPTO_DEBUG
@ -188,68 +188,6 @@ krb5_DES_schedule(krb5_context context,
DES_set_key(key->key->keyvalue.data, key->schedule->data);
}
static void
DES_string_to_key_int(unsigned char *data, size_t length, DES_cblock *key)
{
DES_key_schedule schedule;
int i;
int reverse = 0;
unsigned char *p;
unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe,
0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf };
memset(key, 0, 8);
p = (unsigned char*)key;
for (i = 0; i < length; i++) {
unsigned char tmp = data[i];
if (!reverse)
*p++ ^= (tmp << 1);
else
*--p ^= (swap[tmp & 0xf] << 4) | swap[(tmp & 0xf0) >> 4];
if((i % 8) == 7)
reverse = !reverse;
}
DES_set_odd_parity(key);
if(DES_is_weak_key(key))
(*key)[7] ^= 0xF0;
DES_set_key(key, &schedule);
DES_cbc_cksum((void*)data, key, length, &schedule, key);
memset(&schedule, 0, sizeof(schedule));
DES_set_odd_parity(key);
if(DES_is_weak_key(key))
(*key)[7] ^= 0xF0;
}
static krb5_error_code
krb5_DES_string_to_key(krb5_context context,
krb5_enctype enctype,
krb5_data password,
krb5_salt salt,
krb5_data opaque,
krb5_keyblock *key)
{
unsigned char *s;
size_t len;
DES_cblock tmp;
len = password.length + salt.saltvalue.length;
s = malloc(len);
if(len > 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
memcpy(s, password.data, password.length);
memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length);
DES_string_to_key_int(s, len, &tmp);
key->keytype = enctype;
krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp));
memset(&tmp, 0, sizeof(tmp));
memset(s, 0, len);
free(s);
return 0;
}
#ifdef ENABLE_AFS_STRING_TO_KEY
/* This defines the Andrew string_to_key function. It accepts a password
@ -349,6 +287,78 @@ DES_AFS3_string_to_key(krb5_context context,
}
#endif /* ENABLE_AFS_STRING_TO_KEY */
static void
DES_string_to_key_int(unsigned char *data, size_t length, DES_cblock *key)
{
DES_key_schedule schedule;
int i;
int reverse = 0;
unsigned char *p;
unsigned char swap[] = { 0x0, 0x8, 0x4, 0xc, 0x2, 0xa, 0x6, 0xe,
0x1, 0x9, 0x5, 0xd, 0x3, 0xb, 0x7, 0xf };
memset(key, 0, 8);
p = (unsigned char*)key;
for (i = 0; i < length; i++) {
unsigned char tmp = data[i];
if (!reverse)
*p++ ^= (tmp << 1);
else
*--p ^= (swap[tmp & 0xf] << 4) | swap[(tmp & 0xf0) >> 4];
if((i % 8) == 7)
reverse = !reverse;
}
DES_set_odd_parity(key);
if(DES_is_weak_key(key))
(*key)[7] ^= 0xF0;
DES_set_key(key, &schedule);
DES_cbc_cksum((void*)data, key, length, &schedule, key);
memset(&schedule, 0, sizeof(schedule));
DES_set_odd_parity(key);
if(DES_is_weak_key(key))
(*key)[7] ^= 0xF0;
}
static krb5_error_code
krb5_DES_string_to_key(krb5_context context,
krb5_enctype enctype,
krb5_data password,
krb5_salt salt,
krb5_data opaque,
krb5_keyblock *key)
{
unsigned char *s;
size_t len;
DES_cblock tmp;
#ifdef ENABLE_AFS_STRING_TO_KEY
if (opaque.length == 1) {
unsigned long v;
_krb5_get_int(opaque.data, &v, 1);
if (v == 1)
return DES_AFS3_string_to_key(context, enctype, password,
salt, opaque, key);
}
#endif
len = password.length + salt.saltvalue.length;
s = malloc(len);
if(len > 0 && s == NULL) {
krb5_set_error_string(context, "malloc: out of memory");
return ENOMEM;
}
memcpy(s, password.data, password.length);
memcpy(s + password.length, salt.saltvalue.data, salt.saltvalue.length);
DES_string_to_key_int(s, len, &tmp);
key->keytype = enctype;
krb5_data_copy(&key->keyvalue, tmp, sizeof(tmp));
memset(&tmp, 0, sizeof(tmp));
memset(s, 0, len);
free(s);
return 0;
}
static void
krb5_DES_random_to_key(krb5_context context,
krb5_keyblock *key,

9
source/heimdal/lib/krb5/kcm.c
View File

@ -43,7 +43,7 @@
#include "kcm.h"
RCSID("$Id: kcm.c,v 1.7 2005/06/17 04:20:11 lha Exp $");
RCSID("$Id: kcm.c,v 1.8 2005/09/19 20:23:05 lha Exp $");
typedef struct krb5_kcmcache {
char *name;
@ -246,7 +246,8 @@ kcm_call(krb5_context context,
krb5_data *response_data_p)
{
krb5_data response_data;
krb5_error_code ret, status;
krb5_error_code ret;
int32_t status;
krb5_storage *response;
if (response_p != NULL)
@ -605,7 +606,7 @@ kcm_get_first (krb5_context context,
krb5_kcmcache *k = KCMCACHE(id);
krb5_storage *request, *response;
krb5_data response_data;
u_int32_t tmp;
int32_t tmp;
ret = kcm_storage_request(context, KCM_OP_GET_FIRST, &request);
if (ret)
@ -624,7 +625,7 @@ kcm_get_first (krb5_context context,
}
ret = krb5_ret_int32(response, &tmp);
if (ret)
if (ret || tmp < 0)
ret = KRB5_CC_IO;
krb5_storage_free(request);

8
source/heimdal/lib/krb5/krb5-private.h
View File

@ -340,14 +340,6 @@ _krb5_put_int (
unsigned long /*value*/,
size_t /*size*/);
krb5_error_code KRB5_LIB_FUNCTION
_krb5_rd_rep_type (
krb5_context /*context*/,
krb5_auth_context /*auth_context*/,
const krb5_data */*inbuf*/,
krb5_ap_rep_enc_part **/*repl*/,
krb5_boolean /*dce_style_response*/);
int
_krb5_send_and_recv_tcp (
int /*fd*/,

17
source/heimdal/lib/krb5/krb5-protos.h
View File

@ -20,15 +20,6 @@ extern "C" {
#endif
#endif
void
initialize_heim_error_table_r (struct et_list **/*list*/);
void
initialize_k524_error_table_r (struct et_list **/*list*/);
void
initialize_krb5_error_table_r (struct et_list **/*list*/);
krb5_error_code KRB5_LIB_FUNCTION
krb524_convert_creds_kdc (
krb5_context /*context*/,
@ -706,7 +697,7 @@ krb5_error_code KRB5_LIB_FUNCTION
krb5_change_password (
krb5_context /*context*/,
krb5_creds */*creds*/,
char */*newpw*/,
const char */*newpw*/,
int */*result_code*/,
krb5_data */*result_code_string*/,
krb5_data */*result_string*/);
@ -2629,7 +2620,7 @@ krb5_rd_req_return_keyblock (
krb5_keytab /*keytab*/,
krb5_flags */*ap_req_options*/,
krb5_ticket **/*ticket*/,
krb5_keyblock **/*keyblock*/);
krb5_keyblock **/*return_keyblock*/);
krb5_error_code KRB5_LIB_FUNCTION
krb5_rd_req_with_keyblock (
@ -2854,7 +2845,7 @@ krb5_error_code KRB5_LIB_FUNCTION
krb5_set_password (
krb5_context /*context*/,
krb5_creds */*creds*/,
char */*newpw*/,
const char */*newpw*/,
krb5_principal /*targprinc*/,
int */*result_code*/,
krb5_data */*result_code_string*/,
@ -2864,7 +2855,7 @@ krb5_error_code KRB5_LIB_FUNCTION
krb5_set_password_using_ccache (
krb5_context /*context*/,
krb5_ccache /*ccache*/,
char */*newpw*/,
const char */*newpw*/,
krb5_principal /*targprinc*/,
int */*result_code*/,
krb5_data */*result_code_string*/,

15
source/heimdal/lib/krb5/pkinit.c
View File

@ -33,7 +33,7 @@
#include "krb5_locl.h"
RCSID("$Id: pkinit.c,v 1.59 2005/08/12 08:53:00 lha Exp $");
RCSID("$Id: pkinit.c,v 1.62 2005/09/20 23:21:36 lha Exp $");
#ifdef PKINIT
@ -867,10 +867,11 @@ _krb5_pk_mk_padata(krb5_context context,
if (ret)
goto out;
} else {
#if 0
ret = pk_mk_padata(context, COMPAT_19, ctx, req_body, nonce, md);
if (ret)
goto out;
#endif
ret = pk_mk_padata(context, COMPAT_27, ctx, req_body, nonce, md);
if (ret)
goto out;
@ -1143,7 +1144,7 @@ _krb5_pk_verify_sign(krb5_context context,
EVP_PKEY *public_key;
krb5_error_code ret;
EVP_MD_CTX md;
X509 *cert;
X509 *cert = NULL;
SignedData sd;
size_t size;
@ -1187,7 +1188,6 @@ _krb5_pk_verify_sign(krb5_context context,
set.len = sd.certificates->len;
ret = cert_to_X509(context, &set, &certificates);
free_CertificateSet(&set);
}
if (ret) {
krb5_set_error_string(context,
@ -1860,10 +1860,13 @@ _krb5_pk_rd_pa_reply(krb5_context context,
return ret;
default:
free_PA_PK_AS_REP(&rep);
krb5_set_error_string(context, "PKINIT: -25 reply "
krb5_set_error_string(context, "PKINIT: -27 reply "
"invalid content type");
ret = EINVAL;
break;
}
if (ret == 0)
return ret;
}
/* Check for PK-INIT -19 */
@ -1911,7 +1914,7 @@ _krb5_pk_rd_pa_reply(krb5_context context,
&w2krep,
&size);
if (ret) {
krb5_set_error_string(context, "PKINIT: Failed decoding windows"
krb5_set_error_string(context, "PKINIT: Failed decoding windows "
"pkinit reply %d", ret);
return ret;
}