From cee79e98488ba138d1ebadb7488df7da54be627b Mon Sep 17 00:00:00 2001 From: Ken Raeburn Date: Sat, 11 Mar 2006 22:23:28 +0000 Subject: Instead of arbitrary division of headers into include and include/krb5, with include directives sometimes using krb5/foo.h and sometimes using foo.h, and -I options always given for both directories in both source and build trees, push include/krb5/* up a level and drop the krb5 directory (except, for the moment, the change log). Updated #include directives, -I options, and dependencies accordingly, and deleted one or two bits of old, unused code that was noticed in the process. git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@17730 dc483132-0cff-0310-8789-dd5450dbe970 --- src/include/ChangeLog | 9 + src/include/Makefile.in | 74 ++- src/include/adm.h | 217 +++++++ src/include/adm_defs.h | 209 ++++++ src/include/adm_proto.h | 132 ++++ src/include/copyright.h | 40 ++ src/include/k5-util.h | 2 +- src/include/kdb.h | 485 ++++++++++++++ src/include/kdb_dbc.h | 86 +++ src/include/kdb_kt.h | 42 ++ src/include/krb5/.Sanitize | 50 -- src/include/krb5/.rconf | 5 - src/include/krb5/ChangeLog | 1322 -------------------------------------- src/include/krb5/Makefile.in | 74 --- src/include/krb5/adm.h | 217 ------- src/include/krb5/adm_defs.h | 209 ------ src/include/krb5/adm_proto.h | 132 ---- src/include/krb5/copyright.h | 40 -- src/include/krb5/kdb.h | 485 -------------- src/include/krb5/kdb_dbc.h | 86 --- src/include/krb5/kdb_kt.h | 42 -- src/include/krb5/stock/.Sanitize | 33 - src/include/krb5/stock/ChangeLog | 196 ------ src/include/krb5/stock/osconf.h | 130 ---- src/include/port-sockets.h | 4 +- src/include/socket-utils.h | 2 +- src/include/stock/.Sanitize | 33 + src/include/stock/ChangeLog | 196 ++++++ src/include/stock/osconf.h | 130 ++++ 29 files changed, 1638 insertions(+), 3044 deletions(-) create mode 100644 src/include/adm.h create mode 100644 src/include/adm_defs.h create mode 100644 src/include/adm_proto.h create mode 100644 src/include/copyright.h create mode 100644 src/include/kdb.h create mode 100644 src/include/kdb_dbc.h create mode 100644 src/include/kdb_kt.h delete mode 100644 src/include/krb5/.Sanitize delete mode 100644 src/include/krb5/.rconf delete mode 100644 src/include/krb5/ChangeLog delete mode 100644 src/include/krb5/Makefile.in delete mode 100644 src/include/krb5/adm.h delete mode 100644 src/include/krb5/adm_defs.h delete mode 100644 src/include/krb5/adm_proto.h delete mode 100644 src/include/krb5/copyright.h delete mode 100644 src/include/krb5/kdb.h delete mode 100644 src/include/krb5/kdb_dbc.h delete mode 100644 src/include/krb5/kdb_kt.h delete mode 100644 src/include/krb5/stock/.Sanitize delete mode 100644 src/include/krb5/stock/ChangeLog delete mode 100644 src/include/krb5/stock/osconf.h create mode 100644 src/include/stock/.Sanitize create mode 100644 src/include/stock/ChangeLog create mode 100644 src/include/stock/osconf.h (limited to 'src/include') diff --git a/src/include/ChangeLog b/src/include/ChangeLog index 1a6b913060..fcb0588087 100644 --- a/src/include/ChangeLog +++ b/src/include/ChangeLog @@ -1,3 +1,12 @@ +2006-03-11 Ken Raeburn + + * adm.h, adm_defs.h, adm_proto.h, copyright.h, kdb.h, kdb_dbc.h, + kdb_kt.h, stock: Moved from krb5/ subdirectory. + * k5-util.h, port-sockets.h, socket-utils.h: Updated for + autoconf.h move from krb5/. + * Makefile.in: Merge all targets from krb5/Makefile.in; don't go + into krb5/ subdir while building. + 2006-03-10 Ken Raeburn * Makefile.in (generate-files-mac): Depend on krb5.h. diff --git a/src/include/Makefile.in b/src/include/Makefile.in index 15fe54b6a0..e13fca61f6 100644 --- a/src/include/Makefile.in +++ b/src/include/Makefile.in @@ -1,19 +1,14 @@ thisconfigdir=.. myfulldir=include mydir=include -LOCAL_SUBDIRS=krb5 @maybe_kerberosIV@ +LOCAL_SUBDIRS=@maybe_kerberosIV@ BUILDTOP=$(REL).. +KRB5RCTMPDIR= @KRB5_RCTMPDIR@ ##DOSBUILDTOP = .. NO_OUTPRE=1 all-unix:: krb5.h -all-windows:: - @echo Making in include\krb5 - cd krb5 - $(MAKE) -$(MFLAGS) - cd .. - all-unix:: maybe-make-db.h-@DB_HEADER_VERSION@ generate-files-mac: krb5.h @@ -25,18 +20,58 @@ maybe-make-db.h-sys: maybe-make-db.h-redirect: test -r db.h || echo '#include <@DB_HEADER@>' > db.h -all-recurse: krb5/autoconf.h -krb5/autoconf.h: $(srcdir)/krb5/autoconf.h.in - (cd krb5; $(MAKE) autoconf.h) -$(srcdir)/krb5/autoconf.h.in: @MAINT@ $(srcdir)/krb5/autoconf.stmp -$(srcdir)/krb5/autoconf.stmp: $(srcdir)/$(thisconfigdir)/configure.in $(SRCTOP)/aclocal.m4 +ET_HEADERS = adm_err.h asn1_err.h kdb5_err.h krb5_err.h +BUILT_HEADERS = osconf.h + +all-unix:: autoconf.h $(BUILT_HEADERS) +all-windows:: autoconf.h $(BUILT_HEADERS) + +$(srcdir)/autoconf.h.in: @MAINT@ $(srcdir)/autoconf.stmp +$(srcdir)/autoconf.stmp: $(srcdir)/$(thisconfigdir)/configure.in $(SRCTOP)/aclocal.m4 $(RM) -r $(srcdir)/$(thisconfigdir)/autom4te.cache cd $(srcdir)/$(thisconfigdir) && $(AUTOHEADER) --include=$(CONFIG_RELTOPDIR) $(AUTOHEADERFLAGS) - touch $(srcdir)/krb5/autoconf.stmp + touch $(srcdir)/autoconf.stmp $(RM) -r $(srcdir)/$(thisconfigdir)/autom4te.cache -krb5.h: krb5/autoconf.h $(srcdir)/krb5.hin krb5_err.h kdb5_err.h kv5m_err.h krb524_err.h \ - asn1_err.h +##DOS##autoconf.h: win-mac.h +##DOS## $(CP) win-mac.h $@ +##DOS##osconf.h: stock\osconf.h +##DOS## $(CP) stock\osconf.h $@ + +############################################################################### +##DOS##!if 0 +autoconf.h: autoconf.stamp +autoconf.stamp: $(srcdir)/autoconf.h.in $(thisconfigdir)/config.status + (cd $(thisconfigdir) && $(SHELL) config.status $(mydir)/autoconf.h) + touch autoconf.stamp + +SYSCONFDIR = @sysconfdir@ +LOCALSTATEDIR = @localstatedir@ +BINDIR = @bindir@ +SBINDIR = @sbindir@ +LIBDIR = @libdir@ + +PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$(KRB5RCTMPDIR)+" \ + -e "s+@PREFIX+$(INSTALL_PREFIX)+" \ + -e "s+@EXEC_PREFIX+$(INSTALL_EXEC_PREFIX)+" \ + -e "s+@BINDIR+$(BINDIR)+" \ + -e "s+@LIBDIR+$(LIBDIR)+" \ + -e "s+@SBINDIR+$(SBINDIR)+" \ + -e "s+@MODULEDIR+$(MODULE_DIR)+" \ + -e 's+@LOCALSTATEDIR+$(LOCALSTATEDIR)+' \ + -e 's+@SYSCONFDIR+$(SYSCONFDIR)+' + +OSCONFSRC = $(srcdir)/stock/osconf.h + +osconf.h: $(OSCONFSRC) Makefile + cat $(OSCONFSRC) | sed $(PROCESS_REPLACE) > osconf.new + @set -x ; if cmp -s osconf.new osconf.h ; then : osconf.h is current ; \ + else ($(RM) osconf.h ; $(CP) osconf.new osconf.h) fi + $(RM) osconf.new +##DOS##!endif +############################################################################### + +krb5.h: $(srcdir)/krb5.hin krb5_err.h kdb5_err.h kv5m_err.h krb524_err.h asn1_err.h echo "/* This file is generated, please don't edit it directly. */" > krb5.h cat $(srcdir)/krb5.hin krb5_err.h kdb5_err.h kv5m_err.h krb524_err.h \ asn1_err.h >> krb5.h @@ -62,17 +97,18 @@ krb524_err.h: $(SRCTOP)/lib/krb5/error_tables/krb524_err.et clean-unix:: $(RM) krb5.h krb5_err.h kdb5_err.h kv5m_err.h krb524_err.h \ asn1_err.h + $(RM) $(ET_HEADERS) autoconf.stamp clean-windows:: $(RM) com_err.h profile.h $(RM) gssapi\gssapi.h gssapi\gssapi_generic.h gssapi\gssapi_krb5.h gssapi\timestamp if exist gssapi\nul rmdir gssapi - cd krb5 - @echo Making clean in include\krb5 - $(MAKE) -$(MFLAGS) clean - cd .. + $(RM) osconf.h autoconf.h autoconf.stamp @echo Making clean in include +clean:: + $(RM) osconf.new $(BUILT_HEADERS) + install-headers-unix install:: krb5.h profile.h $(INSTALL_DATA) krb5.h $(DESTDIR)$(KRB5_INCDIR)$(S)krb5.h $(INSTALL_DATA) profile.h $(DESTDIR)$(KRB5_INCDIR)$(S)profile.h diff --git a/src/include/adm.h b/src/include/adm.h new file mode 100644 index 0000000000..86798a8300 --- /dev/null +++ b/src/include/adm.h @@ -0,0 +1,217 @@ +/* + * include/krb5/adm.h + * + * Copyright 1995,2001 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + */ +#ifndef KRB5_ADM_H__ +#define KRB5_ADM_H__ + +/* + * Kerberos V5 Change Password service name + */ +#define KRB5_ADM_SERVICE_NAME "kpasswd" +#define KRB5_ADM_DEFAULT_PORT 464 + +#define KRB5_ADM_SERVICE_INSTANCE "changepw" + +/* + * Maximum password length. + */ +#define KRB5_ADM_MAX_PASSWORD_LEN 512 + +/* + * Protocol command strings. + */ +#define KRB5_ADM_QUIT_CMD "QUIT" +#define KRB5_ADM_CHECKPW_CMD "CHECKPW" +#define KRB5_ADM_CHANGEPW_CMD "CHANGEPW" +#define KRB5_ADM_MOTD_CMD "MOTD" +#define KRB5_ADM_MIME_CMD "MIME" +#define KRB5_ADM_LANGUAGE_CMD "LANGUAGE" + +#define KRB5_ADM_ADD_PRINC_CMD "ADD-PRINCIPAL" +#define KRB5_ADM_DEL_PRINC_CMD "DELETE-PRINCIPAL" +#define KRB5_ADM_REN_PRINC_CMD "RENAME-PRINCIPAL" +#define KRB5_ADM_MOD_PRINC_CMD "MODIFY-PRINCIPAL" +#define KRB5_ADM_INQ_PRINC_CMD "INQUIRE-PRINCIPAL" +#define KRB5_ADM_EXT_KEY_CMD "EXTRACT-KEY" + +/* + * Protocol command strings for the current version of the admin + * server. (Chris had removed them in the version he was working + * with.) + * + * XXX I'm adding them back so the tree works. We need to take care + * of this eventually. + */ +#define KRB5_ADM_CHG_OPW_CMD "OTHER-CHANGEPW" +#define KRB5_ADM_CHG_ORPW_CMD "OTHER-RANDOM-CHANGEPW" +#define KRB5_ADM_ADD_KEY_CMD "ADD-KEY" +#define KRB5_ADM_DEL_KEY_CMD "DELETE-KEY" + +/* + * Reply status values. + */ +#define KRB5_ADM_SUCCESS 0 +#define KRB5_ADM_CMD_UNKNOWN 1 +#define KRB5_ADM_PW_UNACCEPT 2 +#define KRB5_ADM_BAD_PW 3 +#define KRB5_ADM_NOT_IN_TKT 4 +#define KRB5_ADM_CANT_CHANGE 5 +#define KRB5_ADM_LANG_NOT_SUPPORTED 6 + +#define KRB5_ADM_P_ALREADY_EXISTS 64 +#define KRB5_ADM_P_DOES_NOT_EXIST 65 +#define KRB5_ADM_NOT_AUTHORIZED 66 +#define KRB5_ADM_BAD_OPTION 67 +#define KRB5_ADM_VALUE_REQUIRED 68 +#define KRB5_ADM_SYSTEM_ERROR 69 +#define KRB5_ADM_KEY_DOES_NOT_EXIST 70 +#define KRB5_ADM_KEY_ALREADY_EXISTS 71 + +/* + * Principal flag keywords. + */ +/* Settable only */ +#define KRB5_ADM_KW_PASSWORD "PASSWORD" +#define KRB5_ADM_KW_APASSWORD "APASSWORD" +#define KRB5_ADM_KW_RANDOMKEY "RANDOMKEY" +#define KRB5_ADM_KW_ARANDOMKEY "ARANDOMKEY" +#define KRB5_ADM_KW_SETFLAGS "SETFLAGS" +#define KRB5_ADM_KW_UNSETFLAGS "UNSETFLAGS" +/* Settable and retrievable */ +#define KRB5_ADM_KW_MAXLIFE "MAXLIFE" +#define KRB5_ADM_KW_MAXRENEWLIFE "MAXRENEWLIFE" +#define KRB5_ADM_KW_EXPIRATION "EXPIRATION" +#define KRB5_ADM_KW_PWEXPIRATION "PWEXPIRATION" +#define KRB5_ADM_KW_FLAGS "FLAGS" +#define KRB5_ADM_KW_AUXDATA "AUXDATA" +#define KRB5_ADM_KW_EXTRADATA "EXTRADATA" +/* Retrievable only */ +#define KRB5_ADM_KW_LASTPWCHANGE "LASTPWCHANGE" +#define KRB5_ADM_KW_LASTSUCCESS "LASTSUCCESS" +#define KRB5_ADM_KW_LASTFAILED "LASTFAILED" +#define KRB5_ADM_KW_FAILCOUNT "FAILCOUNT" +#define KRB5_ADM_KW_KEYDATA "KEYDATA" + +/* Valid mask */ +#define KRB5_ADM_M_PASSWORD 0x00000001 +#define KRB5_ADM_M_MAXLIFE 0x00000002 +#define KRB5_ADM_M_MAXRENEWLIFE 0x00000004 +#define KRB5_ADM_M_EXPIRATION 0x00000008 +#define KRB5_ADM_M_PWEXPIRATION 0x00000010 +#define KRB5_ADM_M_RANDOMKEY 0x00000020 +#define KRB5_ADM_M_FLAGS 0x00000040 +#define KRB5_ADM_M_LASTPWCHANGE 0x00000080 +#define KRB5_ADM_M_LASTSUCCESS 0x00000100 +#define KRB5_ADM_M_LASTFAILED 0x00000200 +#define KRB5_ADM_M_FAILCOUNT 0x00000400 +#define KRB5_ADM_M_AUXDATA 0x00000800 +#define KRB5_ADM_M_KEYDATA 0x00001000 +#define KRB5_ADM_M_APASSWORD 0x00002000 +#define KRB5_ADM_M_ARANDOMKEY 0x00004000 +#define KRB5_ADM_M_UNUSED_15 0x00008000 +#define KRB5_ADM_M_UNUSED_16 0x00010000 +#define KRB5_ADM_M_UNUSED_17 0x00020000 +#define KRB5_ADM_M_UNUSED_18 0x00040000 +#define KRB5_ADM_M_UNUSED_19 0x00080000 +#define KRB5_ADM_M_UNUSED_20 0x00100000 +#define KRB5_ADM_M_UNUSED_21 0x00200000 +#define KRB5_ADM_M_UNUSED_22 0x00400000 +#define KRB5_ADM_M_UNUSED_23 0x00800000 +#define KRB5_ADM_M_UNUSED_24 0x01000000 +#define KRB5_ADM_M_UNUSED_25 0x02000000 +#define KRB5_ADM_M_UNUSED_26 0x04000000 +#define KRB5_ADM_M_UNUSED_27 0x08000000 +#define KRB5_ADM_M_UNUSED_28 0x10000000 +#define KRB5_ADM_M_UNUSED_29 0x20000000 +#define KRB5_ADM_M_GET 0x40000000 +#define KRB5_ADM_M_SET 0x80000000 + +#define KRB5_ADM_M_EXTRADATA 0x00000000 /* Hack to get */ + /* libkadm to compile */ + +#define KRB5_ADM_M_SET_VALID (KRB5_ADM_M_SET + \ + KRB5_ADM_M_PASSWORD + \ + KRB5_ADM_M_APASSWORD + \ + KRB5_ADM_M_MAXLIFE + \ + KRB5_ADM_M_MAXRENEWLIFE+ \ + KRB5_ADM_M_EXPIRATION + \ + KRB5_ADM_M_PWEXPIRATION+ \ + KRB5_ADM_M_RANDOMKEY + \ + KRB5_ADM_M_ARANDOMKEY + \ + KRB5_ADM_M_FLAGS + \ + KRB5_ADM_M_AUXDATA) +#define KRB5_ADM_M_GET_VALID (KRB5_ADM_M_GET + \ + KRB5_ADM_M_MAXLIFE + \ + KRB5_ADM_M_MAXRENEWLIFE+ \ + KRB5_ADM_M_EXPIRATION + \ + KRB5_ADM_M_PWEXPIRATION+ \ + KRB5_ADM_M_FLAGS + \ + KRB5_ADM_M_LASTPWCHANGE+ \ + KRB5_ADM_M_LASTSUCCESS + \ + KRB5_ADM_M_LASTFAILED + \ + KRB5_ADM_M_FAILCOUNT + \ + KRB5_ADM_M_AUXDATA + \ + KRB5_ADM_M_KEYDATA) + +/* + * Keytab reply components. + */ +#define KRB5_ADM_KT_PRINCIPAL 0 +#define KRB5_ADM_KT_TIMESTAMP 1 +#define KRB5_ADM_KT_VNO 2 +#define KRB5_ADM_KT_KEY_ENCTYPE 3 +#define KRB5_ADM_KT_KEY_KEY 4 +#define KRB5_ADM_KT_NCOMPS 5 + +/* + * Data structure returned by krb5_read_realm_params() + */ +typedef struct __krb5_realm_params { + char * realm_profile; + char * realm_dbname; + char * realm_mkey_name; + char * realm_stash_file; + char * realm_kdc_ports; + char * realm_kdc_tcp_ports; + char * realm_acl_file; + krb5_int32 realm_kadmind_port; + krb5_enctype realm_enctype; + krb5_deltat realm_max_life; + krb5_deltat realm_max_rlife; + krb5_timestamp realm_expiration; + krb5_flags realm_flags; + krb5_key_salt_tuple *realm_keysalts; + unsigned int realm_reject_bad_transit:1; + unsigned int realm_kadmind_port_valid:1; + unsigned int realm_enctype_valid:1; + unsigned int realm_max_life_valid:1; + unsigned int realm_max_rlife_valid:1; + unsigned int realm_expiration_valid:1; + unsigned int realm_flags_valid:1; + unsigned int realm_reject_bad_transit_valid:1; + krb5_int32 realm_num_keysalts; +} krb5_realm_params; +#endif /* KRB5_ADM_H__ */ diff --git a/src/include/adm_defs.h b/src/include/adm_defs.h new file mode 100644 index 0000000000..b2b747446e --- /dev/null +++ b/src/include/adm_defs.h @@ -0,0 +1,209 @@ +/* + * include/krb5/adm_defs.h + * + * Copyright 1990 by the Massachusetts Institute of Technology. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * <<< Description >>> + */ + + +#ifndef __ADM_DEFINES__ +#define __ADM_DEFINES__ + +#define ADM5_VERSTR "ADM5VER1" +#define ADM5_VERSIZE strlen(ADM5_VERSTR) +/* This used to be kerberos_master */ +#define ADM5_PORTNAME "kerberos-adm" +#define ADM5_DEFAULT_PORT 752 +#define ADM5_CPW_VERSION "V5CPWS01" +#define ADM5_ADM_VERSION "V5ADMS01" +#define CPWNAME "kadmin" +#define ADMINSTANCE "admin" + +#define ADM_CPW_VERSION "V5CPWS01" +#define ADM_MAX_PW_ITERATIONS 5 +#define ADM_MAX_PW_CHOICES 5 + +#ifdef MACH_PASS +#define ADM_MAX_PW_LENGTH 8 +#define ADM_MAX_PHRASE_LENGTH 101 +#else +#define ADM_MAX_PW_LENGTH 255 +#endif + +#define CPW_SNAME ADM5_PORTNAME + +#define MAXCPWBUFSIZE 4096 + +#ifdef unicos61 +#define SIZEOF_INADDR SIZEOF_in_addr +#else +#define SIZEOF_INADDR sizeof(struct in_addr) +#endif + +/* Server */ +#define KADMIND 0x01 + +/* Applications */ +#define KPASSWD 0x01 +#define KSRVUTIL 0x02 +#define KADMIN 0x03 + +/* Operations */ +#define ADDOPER 0x01 /* Add Principal */ +#define CHGOPER 0x02 /* Change Password */ +#define ADROPER 0x03 /* Add principal with random password */ +#define CHROPER 0x04 /* Change to random password */ +#define DELOPER 0x05 /* Delete Principal */ +#define MODOPER 0x06 /* Modify Principal attributes */ +#define INQOPER 0x07 /* Display Principal info */ +#define AD4OPER 0x08 /* Add Principal using v4 string-to-key */ +#define CH4OPER 0x09 /* Change password using v4 string-to-key */ +#define COMPLETE 0x0f + +/* Extra Message Types */ +#define SENDDATA1 0x00 +#define SENDDATA2 0x01 +#define SENDDATA3 0x02 + +/* Unknowns */ +#define KUNKNOWNAPPL 0xff +#define KUNKNOWNOPER 0xff +#define KUNKNOWNERR 0xff + +typedef struct { + char appl_code; + char oper_code; + char retn_code; + char *message; +} kadmin_requests; + +#if 0 +static char *oper_type[] = { + "complete", /* 0 */ + "addition", /* 1 */ + "deletion", /* 2 */ + "change", /* 3 */ + "modification", /* 4 */ + "inquiry" /* 5 */ +}; +#endif + +#define SKYCHANGED 0x00 +#define NSKYRCVD 0x01 + + +#if 0 +static char *ksrvutil_message[] = { + "Service Key Changed", /* 0 */ + "New Key and Version Received" /* 1 */ +}; +#endif + +#define KADMGOOD 0x00 +#define KADMSAG 0x01 + +#if 0 +static char *kadmind_general_response[] = { + "Success", /* 0 */ + "Service Access Granted" /* 1 */ +}; +#endif + + +#define KPASSGOOD 0x00 +#define KPASSBAD 0x01 + +#if 0 +static char *kadmind_kpasswd_response[] = { + "Password Changed", /* 0 */ + "Password NOT Changed!" /* 1 */ +}; +#endif + +#define KSRVGOOD 0x00 +#define KSRVBAD 0x01 +#define KSRVCATASTROPHE 0x02 + +#if 0 +static char *kadmind_ksrvutil_response[] = { + "Service Password Change Complete", /* 0 */ + "One or More Service Password Change(s) Failed!", /* 1 */ + "Database Update Failure - Possible Catastrophe!!" /* 2 */ +}; +#endif + +#define KADMGOOD 0x00 +#define KADMBAD 0x01 + +#if 0 +static char *kadmind_kadmin_response[] = { + "Administrative Service Completed", /* 0 */ + "Principal Unknown!", /* 1 */ + "Principal Already Exists!", /* 2 */ + "Allocation Failure!", /* 3 */ + "Password Failure!", /* 4 */ + "Protocol Failure!", /* 5 */ + "Security Failure!", /* 6 */ + "Admin Client Not in ACL List!", /* 7 */ + "Database Update Failure - Possible Catastrophe!!" /* 8 */ +}; +#endif + +#define KMODVNO 0x00 +#define KMODATTR 0x01 + +#ifdef SANDIA +#define KMODFCNT 0x02 +#endif + +#define ATTRPOST 0x00 +#define ATTRNOPOST 0x01 +#define ATTRFOR 0x02 +#define ATTRNOFOR 0x03 +#define ATTRTGT 0x04 +#define ATTRNOTGT 0x05 +#define ATTRREN 0x06 +#define ATTRNOREN 0x07 +#define ATTRPROXY 0x08 +#define ATTRNOPROXY 0x09 +#define ATTRDSKEY 0x0a +#define ATTRNODSKEY 0x0b +#define ATTRLOCK 0x0c +#define ATTRUNLOCK 0x0d + +#ifdef SANDIA +#define ATTRPRE 0x0e +#define ATTRNOPRE 0x0f +#define ATTRPWOK 0x10 +#define ATTRPWCHG 0x11 +#define ATTRSID 0x12 +#define ATTRNOSID 0x13 +#endif + +#define ATTRNOSVR 0x14 +#define ATTRSVR 0x15 + +#define BADATTR 0x3f + +#endif /* __ADM_DEFINES__ */ diff --git a/src/include/adm_proto.h b/src/include/adm_proto.h new file mode 100644 index 0000000000..65b116bc4a --- /dev/null +++ b/src/include/adm_proto.h @@ -0,0 +1,132 @@ +/* + * include/krb5/adm_proto.h + * + * Copyright 1995 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + */ +#ifndef KRB5_ADM_PROTO_H__ +#define KRB5_ADM_PROTO_H__ + +/* + * This is ugly, but avoids having to include k5-int or kdb.h for this. + */ +#ifndef KRB5_KDB5__ +struct _krb5_db_entry; +typedef struct _krb5_db_entry krb5_db_entry; +#endif /* KRB5_KDB5__ */ + +/* Ditto for adm.h */ + +/* + * XXXX krb5_realm params is defined in two header files!!!! + * This really needs to be fixed!!! + */ +#if !defined(KRB5_ADM_H__) && !defined(__KADM5_ADMIN_H__) +struct ___krb5_realm_params; +typedef struct ___krb5_realm_params krb5_realm_params; +#endif /* KRB5_ADM_H__ */ + +#ifndef KRB5_KDB5__ +struct ___krb5_key_salt_tuple; +typedef struct ___krb5_key_salt_tuple krb5_key_salt_tuple; +#endif /* KRB5_KDB5__ */ + +/* + * Function prototypes. + */ + +/* logger.c */ +krb5_error_code krb5_klog_init + (krb5_context, + char *, + char *, + krb5_boolean); +void krb5_klog_close (krb5_context); +int krb5_klog_syslog (int, const char *, ...); +void krb5_klog_reopen (krb5_context); + +/* alt_prof.c */ +krb5_error_code krb5_aprof_init + (char *, char *, krb5_pointer *); +krb5_error_code krb5_aprof_getvals + (krb5_pointer, const char **, char ***); +krb5_error_code krb5_aprof_get_deltat + (krb5_pointer, + const char **, + krb5_boolean, + krb5_deltat *); +krb5_error_code krb5_aprof_get_string + (krb5_pointer, const char **, krb5_boolean, char **); +krb5_error_code krb5_aprof_get_int32 + (krb5_pointer, + const char **, + krb5_boolean, + krb5_int32 *); +krb5_error_code krb5_aprof_finish (krb5_pointer); + +krb5_error_code krb5_read_realm_params (krb5_context, + char *, + char *, + char *, + krb5_realm_params **); +krb5_error_code krb5_free_realm_params (krb5_context, + krb5_realm_params *); + +/* str_conv.c */ +krb5_error_code +krb5_string_to_flags (char *, + const char *, + const char *, + krb5_flags *); +krb5_error_code +krb5_flags_to_string (krb5_flags, + const char *, + char *, + size_t); +krb5_error_code +krb5_input_flag_to_string (int, + char *, + size_t); + +/* keysalt.c */ +krb5_boolean +krb5_keysalt_is_present (krb5_key_salt_tuple *, + krb5_int32, + krb5_enctype, + krb5_int32); +krb5_error_code +krb5_keysalt_iterate (krb5_key_salt_tuple *, + krb5_int32, + krb5_boolean, + krb5_error_code (*) (krb5_key_salt_tuple *, + krb5_pointer), + krb5_pointer); + +krb5_error_code +krb5_string_to_keysalts (char *, + const char *, + const char *, + krb5_boolean, + krb5_key_salt_tuple **, + krb5_int32 *); +#endif /* KRB5_ADM_PROTO_H__ */ diff --git a/src/include/copyright.h b/src/include/copyright.h new file mode 100644 index 0000000000..b1740ce3ce --- /dev/null +++ b/src/include/copyright.h @@ -0,0 +1,40 @@ +/* + * Copyright (C) 1989-1994 by the Massachusetts Institute of Technology, + * Cambridge, MA, USA. All Rights Reserved. + * + * This software is being provided to you, the LICENSEE, by the + * Massachusetts Institute of Technology (M.I.T.) under the following + * license. By obtaining, using and/or copying this software, you agree + * that you have read, understood, and will comply with these terms and + * conditions: + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify and distribute + * this software and its documentation for any purpose and without fee or + * royalty is hereby granted, provided that you agree to comply with the + * following copyright notice and statements, including the disclaimer, and + * that the same appear on ALL copies of the software and documentation, + * including modifications that you make for internal use or for + * distribution: + * + * THIS SOFTWARE IS PROVIDED "AS IS", AND M.I.T. MAKES NO REPRESENTATIONS + * OR WARRANTIES, EXPRESS OR IMPLIED. By way of example, but not + * limitation, M.I.T. MAKES NO REPRESENTATIONS OR WARRANTIES OF + * MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF + * THE LICENSED SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY + * PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS. + * + * The name of the Massachusetts Institute of Technology or M.I.T. may NOT + * be used in advertising or publicity pertaining to distribution of the + * software. Title to copyright in this software and any associated + * documentation shall at all times remain with M.I.T., and USER agrees to + * preserve same. + * + * Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + */ diff --git a/src/include/k5-util.h b/src/include/k5-util.h index 4255c8f650..7bb8cfbe96 100644 --- a/src/include/k5-util.h +++ b/src/include/k5-util.h @@ -44,7 +44,7 @@ * They live in libkrb5util. */ -#include "krb5/autoconf.h" +#include "autoconf.h" #ifdef HAVE_SYS_TYPES_H #include diff --git a/src/include/kdb.h b/src/include/kdb.h new file mode 100644 index 0000000000..c8327657fc --- /dev/null +++ b/src/include/kdb.h @@ -0,0 +1,485 @@ +/* + * include/krb5/kdb.h + * + * Copyright 1990,1991 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * KDC Database interface definitions. + */ + +/* + * Copyright (C) 1998 by the FundsXpress, INC. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + +#ifndef KRB5_KDB5__ +#define KRB5_KDB5__ + +/* Salt types */ +#define KRB5_KDB_SALTTYPE_NORMAL 0 +#define KRB5_KDB_SALTTYPE_V4 1 +#define KRB5_KDB_SALTTYPE_NOREALM 2 +#define KRB5_KDB_SALTTYPE_ONLYREALM 3 +#define KRB5_KDB_SALTTYPE_SPECIAL 4 +#define KRB5_KDB_SALTTYPE_AFS3 5 + +/* Attributes */ +#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 +#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 +#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 +#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 +#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 +#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 +#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 +#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 +#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 +#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 +#define KRB5_KDB_DISALLOW_SVR 0x00001000 +#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 +#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 +#define KRB5_KDB_NEW_PRINC 0x00008000 + +/* Creation flags */ +#define KRB5_KDB_CREATE_BTREE 0x00000001 +#define KRB5_KDB_CREATE_HASH 0x00000002 + +#if !defined(_WIN32) + +/* + * Note --- these structures cannot be modified without changing the + * database version number in libkdb.a, but should be expandable by + * adding new tl_data types. + */ +typedef struct _krb5_tl_data { + struct _krb5_tl_data* tl_data_next; /* NOT saved */ + krb5_int16 tl_data_type; + krb5_ui_2 tl_data_length; + krb5_octet * tl_data_contents; +} krb5_tl_data; + +/* + * If this ever changes up the version number and make the arrays be as + * big as necessary. + * + * Currently the first type is the enctype and the second is the salt type. + */ +typedef struct _krb5_key_data { + krb5_int16 key_data_ver; /* Version */ + krb5_int16 key_data_kvno; /* Key Version */ + krb5_int16 key_data_type[2]; /* Array of types */ + krb5_ui_2 key_data_length[2]; /* Array of lengths */ + krb5_octet * key_data_contents[2]; /* Array of pointers */ +} krb5_key_data; + +#define KRB5_KDB_V1_KEY_DATA_ARRAY 2 /* # of array elements */ + +typedef struct _krb5_keysalt { + krb5_int16 type; + krb5_data data; /* Length, data */ +} krb5_keysalt; + +typedef struct _krb5_db_entry_new { + krb5_magic magic; /* NOT saved */ + krb5_ui_2 len; + krb5_flags attributes; + krb5_deltat max_life; + krb5_deltat max_renewable_life; + krb5_timestamp expiration; /* When the client expires */ + krb5_timestamp pw_expiration; /* When its passwd expires */ + krb5_timestamp last_success; /* Last successful passwd */ + krb5_timestamp last_failed; /* Last failed passwd attempt */ + krb5_kvno fail_auth_count; /* # of failed passwd attempt */ + krb5_int16 n_tl_data; + krb5_int16 n_key_data; + krb5_ui_2 e_length; /* Length of extra data */ + krb5_octet * e_data; /* Extra data to be saved */ + + krb5_principal princ; /* Length, data */ + krb5_tl_data * tl_data; /* Linked list */ + krb5_key_data * key_data; /* Array */ +} krb5_db_entry; + +typedef struct _osa_policy_ent_t { + int version; + char *name; + krb5_ui_4 pw_min_life; + krb5_ui_4 pw_max_life; + krb5_ui_4 pw_min_length; + krb5_ui_4 pw_min_classes; + krb5_ui_4 pw_history_num; + krb5_ui_4 policy_refcnt; +} osa_policy_ent_rec, *osa_policy_ent_t; + +typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t); + +typedef struct __krb5_key_salt_tuple { + krb5_enctype ks_enctype; + krb5_int32 ks_salttype; +} krb5_key_salt_tuple; + + +#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb +#define KRB5_KDB_V1_BASE_LENGTH 38 + +#define KRB5_TL_LAST_PWD_CHANGE 0x0001 +#define KRB5_TL_MOD_PRINC 0x0002 +#define KRB5_TL_KADM_DATA 0x0003 +#define KRB5_TL_KADM5_E_DATA 0x0004 +#define KRB5_TL_RB1_CHALLENGE 0x0005 +#ifdef SECURID +#define KRB5_TL_SECURID_STATE 0x0006 +#define KRB5_TL_DB_ARGS 0x7fff +#endif /* SECURID */ + +/* + * Determines the number of failed KDC requests before DISALLOW_ALL_TIX is set + * on the principal. + */ +#define KRB5_MAX_FAIL_COUNT 5 + +/* XXX depends on knowledge of krb5_parse_name() formats */ +#define KRB5_KDB_M_NAME "K/M" /* Kerberos/Master */ + +/* prompts used by default when reading the KDC password from the keyboard. */ +#define KRB5_KDC_MKEY_1 "Enter KDC database master key" +#define KRB5_KDC_MKEY_2 "Re-enter KDC database master key to verify" + + +extern char *krb5_mkey_pwd_prompt1; +extern char *krb5_mkey_pwd_prompt2; + +/* + * These macros specify the encoding of data within the database. + * + * Data encoding is little-endian. + */ +#include "k5-platform.h" +#define krb5_kdb_decode_int16(cp, i16) \ + *((krb5_int16 *) &(i16)) = load_16_le(cp) +#define krb5_kdb_decode_int32(cp, i32) \ + *((krb5_int32 *) &(i32)) = load_32_le(cp) +#define krb5_kdb_encode_int16(i16, cp) store_16_le(i16, cp) +#define krb5_kdb_encode_int32(i32, cp) store_32_le(i32, cp) + +#define KRB5_KDB_OPEN_RW 0 +#define KRB5_KDB_OPEN_RO 1 + +#define KRB5_KDB_OPT_SET_DB_NAME 0 +#define KRB5_KDB_OPT_SET_LOCK_MODE 1 + +#define KRB5_DB_LOCKMODE_SHARED 0x0001 +#define KRB5_DB_LOCKMODE_EXCLUSIVE 0x0002 +#define KRB5_DB_LOCKMODE_DONTBLOCK 0x0004 +#define KRB5_DB_LOCKMODE_PERMANENT 0x0008 + +/* libkdb.spec */ +krb5_error_code krb5_db_open( krb5_context kcontext, char **db_args, int mode ); +krb5_error_code krb5_db_init ( krb5_context kcontext ); +krb5_error_code krb5_db_create ( krb5_context kcontext, char **db_args ); +krb5_error_code krb5_db_inited ( krb5_context kcontext ); +krb5_error_code kdb5_db_create ( krb5_context kcontext, char **db_args ); +krb5_error_code krb5_db_fini ( krb5_context kcontext ); +const char * krb5_db_errcode2string ( krb5_context kcontext, long err_code ); +krb5_error_code krb5_db_destroy ( krb5_context kcontext, char **db_args ); +krb5_error_code krb5_db_get_age ( krb5_context kcontext, char *db_name, time_t *t ); +krb5_error_code krb5_db_set_option ( krb5_context kcontext, int option, void *value ); +krb5_error_code krb5_db_lock ( krb5_context kcontext, int lock_mode ); +krb5_error_code krb5_db_unlock ( krb5_context kcontext ); +krb5_error_code krb5_db_get_principal ( krb5_context kcontext, + krb5_const_principal search_for, + krb5_db_entry *entries, + int *nentries, + krb5_boolean *more ); +krb5_error_code krb5_db_free_principal ( krb5_context kcontext, + krb5_db_entry *entry, + int count ); +krb5_error_code krb5_db_put_principal ( krb5_context kcontext, + krb5_db_entry *entries, + int *nentries); +krb5_error_code krb5_db_delete_principal ( krb5_context kcontext, + krb5_principal search_for, + int *nentries ); +krb5_error_code krb5_db_iterate ( krb5_context kcontext, + char *match_entry, + int (*func) (krb5_pointer, krb5_db_entry *), + krb5_pointer func_arg ); +krb5_error_code krb5_supported_realms ( krb5_context kcontext, + char **realms ); +krb5_error_code krb5_free_supported_realms ( krb5_context kcontext, + char **realms ); +krb5_error_code krb5_db_set_master_key_ext ( krb5_context kcontext, + char *pwd, + krb5_keyblock *key ); +krb5_error_code krb5_db_set_mkey ( krb5_context context, + krb5_keyblock *key); +krb5_error_code krb5_db_get_mkey ( krb5_context kcontext, + krb5_keyblock **key ); +krb5_error_code krb5_db_free_master_key ( krb5_context kcontext, + krb5_keyblock *key ); +krb5_error_code krb5_db_store_master_key ( krb5_context kcontext, + char *db_arg, + krb5_principal mname, + krb5_keyblock *key, + char *master_pwd); +krb5_error_code krb5_db_fetch_mkey ( krb5_context context, + krb5_principal mname, + krb5_enctype etype, + krb5_boolean fromkeyboard, + krb5_boolean twice, + char *db_args, + krb5_data *salt, + krb5_keyblock *key); +krb5_error_code krb5_db_verify_master_key ( krb5_context kcontext, + krb5_principal mprinc, + krb5_keyblock *mkey ); +krb5_error_code +krb5_dbe_find_enctype( krb5_context kcontext, + krb5_db_entry *dbentp, + krb5_int32 ktype, + krb5_int32 stype, + krb5_int32 kvno, + krb5_key_data **kdatap); + + +krb5_error_code krb5_dbe_search_enctype ( krb5_context kcontext, + krb5_db_entry *dbentp, + krb5_int32 *start, + krb5_int32 ktype, + krb5_int32 stype, + krb5_int32 kvno, + krb5_key_data **kdatap); + +krb5_error_code +krb5_db_setup_mkey_name ( krb5_context context, + const char *keyname, + const char *realm, + char **fullname, + krb5_principal *principal); + +krb5_error_code +krb5_dbekd_decrypt_key_data( krb5_context context, + const krb5_keyblock * mkey, + const krb5_key_data * key_data, + krb5_keyblock * dbkey, + krb5_keysalt * keysalt); + +krb5_error_code +krb5_dbekd_encrypt_key_data( krb5_context context, + const krb5_keyblock * mkey, + const krb5_keyblock * dbkey, + const krb5_keysalt * keysalt, + int keyver, + krb5_key_data * key_data); + +krb5_error_code +krb5_dbe_lookup_mod_princ_data( krb5_context context, + krb5_db_entry * entry, + krb5_timestamp * mod_time, + krb5_principal * mod_princ); + + +krb5_error_code +krb5_dbe_update_last_pwd_change( krb5_context context, + krb5_db_entry * entry, + krb5_timestamp stamp); + +krb5_error_code +krb5_dbe_lookup_tl_data( krb5_context context, + krb5_db_entry * entry, + krb5_tl_data * ret_tl_data); + +krb5_error_code +krb5_dbe_create_key_data( krb5_context context, + krb5_db_entry * entry); + + +krb5_error_code +krb5_dbe_update_mod_princ_data( krb5_context context, + krb5_db_entry * entry, + krb5_timestamp mod_date, + krb5_const_principal mod_princ); + +krb5_error_code +krb5_dbe_update_last_pwd_change( krb5_context context, + krb5_db_entry * entry, + krb5_timestamp stamp); + +void *krb5_db_alloc( krb5_context kcontext, + void *ptr, + size_t size ); + +void krb5_db_free( krb5_context kcontext, + void *ptr); + + +krb5_error_code +krb5_dbe_lookup_last_pwd_change( krb5_context context, + krb5_db_entry * entry, + krb5_timestamp * stamp); + +krb5_error_code +krb5_dbe_update_tl_data( krb5_context context, + krb5_db_entry * entry, + krb5_tl_data * new_tl_data); + +krb5_error_code +krb5_dbe_cpw( krb5_context kcontext, + krb5_keyblock * master_key, + krb5_key_salt_tuple * ks_tuple, + int ks_tuple_count, + char * passwd, + int new_kvno, + krb5_boolean keepold, + krb5_db_entry * db_entry); + +krb5_error_code +krb5_dbe_ark( krb5_context context, + krb5_keyblock * master_key, + krb5_key_salt_tuple * ks_tuple, + int ks_tuple_count, + krb5_db_entry * db_entry); + +krb5_error_code +krb5_dbe_crk( krb5_context context, + krb5_keyblock * master_key, + krb5_key_salt_tuple * ks_tuple, + int ks_tuple_count, + krb5_boolean keepold, + krb5_db_entry * db_entry); + +krb5_error_code +krb5_dbe_apw( krb5_context context, + krb5_keyblock * master_key, + krb5_key_salt_tuple * ks_tuple, + int ks_tuple_count, + char * passwd, + krb5_db_entry * db_entry); + + +/* default functions. Should not be directly called */ +/* + * Default functions prototype + */ + +krb5_error_code +krb5_dbe_def_search_enctype( krb5_context kcontext, + krb5_db_entry *dbentp, + krb5_int32 *start, + krb5_int32 ktype, + krb5_int32 stype, + krb5_int32 kvno, + krb5_key_data **kdatap); + +krb5_error_code +krb5_def_store_mkey( krb5_context context, + char *keyfile, + krb5_principal mname, + krb5_keyblock *key, + char *master_pwd); + + +krb5_error_code +krb5_db_def_fetch_mkey( krb5_context context, + krb5_principal mname, + krb5_keyblock *key, + int *kvno, + char *db_args); + +krb5_error_code +krb5_def_verify_master_key( krb5_context context, + krb5_principal mprinc, + krb5_keyblock *mkey); + +krb5_error_code kdb_def_set_mkey ( krb5_context kcontext, + char *pwd, + krb5_keyblock *key ); + +krb5_error_code kdb_def_get_mkey ( krb5_context kcontext, + krb5_keyblock **key ); + +krb5_error_code +krb5_dbe_def_cpw( krb5_context context, + krb5_keyblock * master_key, + krb5_key_salt_tuple * ks_tuple, + int ks_tuple_count, + char * passwd, + int new_kvno, + krb5_boolean keepold, + krb5_db_entry * db_entry); + + +krb5_error_code +krb5_db_create_policy( krb5_context kcontext, + osa_policy_ent_t policy); + +krb5_error_code +krb5_db_get_policy ( krb5_context kcontext, + char *name, + osa_policy_ent_t *policy, + int *nentries); + +krb5_error_code +krb5_db_put_policy( krb5_context kcontext, + osa_policy_ent_t policy); + +krb5_error_code +krb5_db_iter_policy( krb5_context kcontext, + char *match_entry, + osa_adb_iter_policy_func func, + void *data); + +krb5_error_code +krb5_db_delete_policy( krb5_context kcontext, + char *policy); + +void +krb5_db_free_policy( krb5_context kcontext, + osa_policy_ent_t policy); + +void krb5_db_clr_error(void); + +#define KRB5_KDB_DEF_FLAGS 0 + +#endif /* !defined(_WIN32) */ +#endif /* KRB5_KDB5__ */ diff --git a/src/include/kdb_dbc.h b/src/include/kdb_dbc.h new file mode 100644 index 0000000000..e2b300288f --- /dev/null +++ b/src/include/kdb_dbc.h @@ -0,0 +1,86 @@ +/* + * include/krb5/kdb_dbc.h + * + * Copyright 1995 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * KDC Database context definitions. + */ + +/* + * Copyright (C) 1998 by the FundsXpress, INC. + * + * All rights reserved. + * + * Export of this software from the United States of America may require + * a specific license from the United States Government. It is the + * responsibility of any person or organization contemplating export to + * obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of FundsXpress. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. FundsXpress makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED + * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. + */ + + +#ifndef KRB5_KDB5_DBC__ +#define KRB5_KDB5_DBC__ + +#include "kdb.h" + +/* Per-database context. */ +typedef struct __krb5_db_context { + krb5_boolean db_inited; /* Context initialized */ + char * db_name; /* Name of database */ + DBM * db_dbm_ctx; /* DBM context for database */ + char * db_lf_name; /* Name of lock file */ + int db_lf_file; /* File descriptor of lock file */ + time_t db_lf_time; /* Time last updated */ + int db_locks_held; /* Number of times locked */ + int db_lock_mode; /* Last lock mode, e.g. greatest*/ + krb5_boolean db_nb_locks; /* [Non]Blocking lock modes */ + krb5_keyblock *db_master_key; /* Master key of database */ + kdb5_dispatch_table *db_dispatch; /* Dispatch table */ +} krb5_db_context; + +krb5_error_code krb5_ktkdb_resolve + (krb5_context, krb5_db_context *, krb5_keytab *); + +krb5_error_code krb5_dbm_db_set_mkey + (krb5_context,krb5_db_context *,krb5_encrypt_block *); + +krb5_error_code krb5_dbm_db_get_mkey + (krb5_context,krb5_db_context *,krb5_encrypt_block **); + +#endif /* KRB5_KDB5_DBM__ */ diff --git a/src/include/kdb_kt.h b/src/include/kdb_kt.h new file mode 100644 index 0000000000..1dbd7f30da --- /dev/null +++ b/src/include/kdb_kt.h @@ -0,0 +1,42 @@ +/* + * include/krb5/kdb_kt.h + * + * Copyright 1997 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * KDC keytab definitions. + */ + + +#ifndef KRB5_KDB5_KT_H +#define KRB5_KDB5_KT_H + +#include "kdb.h" + +extern struct _krb5_kt_ops krb5_kt_kdb_ops; + +krb5_error_code krb5_ktkdb_resolve (krb5_context, const char *, krb5_keytab *); + +krb5_error_code krb5_ktkdb_set_context(krb5_context); + +#endif /* KRB5_KDB5_DBM__ */ diff --git a/src/include/krb5/.Sanitize b/src/include/krb5/.Sanitize deleted file mode 100644 index 2dcb284b33..0000000000 --- a/src/include/krb5/.Sanitize +++ /dev/null @@ -1,50 +0,0 @@ -# Sanitize.in for Kerberos V5 - -# Each directory to survive it's way into a release will need a file -# like this one called "./.Sanitize". All keyword lines must exist, -# and must exist in the order specified by this file. Each directory -# in the tree will be processed, top down, in the following order. - -# Hash started lines like this one are comments and will be deleted -# before anything else is done. Blank lines will also be squashed -# out. - -# The lines between the "Do-first:" line and the "Things-to-keep:" -# line are executed as a /bin/sh shell script before anything else is -# done in this - -Do-first: - -# All files listed between the "Things-to-keep:" line and the -# "Files-to-sed:" line will be kept. All other files will be removed. -# Directories listed in this section will have their own Sanitize -# called. Directories not listed will be removed in their entirety -# with rm -rf. - -Things-to-keep: - -.cvsignore -.rconf -AddressXlation.h -ChangeLog -MacTCP.h -Makefile.in -adm.h -adm_defs.h -adm_proto.h -asn.1 -autoconf.h.in -configure -configure.in -copyright.h -kdb.h -kdb_dbc.h -kdb_dbm.h -stock -winsock.h - -Things-to-lose: - -Do-last: - -# End of file. diff --git a/src/include/krb5/.rconf b/src/include/krb5/.rconf deleted file mode 100644 index 0278bafa07..0000000000 --- a/src/include/krb5/.rconf +++ /dev/null @@ -1,5 +0,0 @@ -ignore README.encryption -copy error_tables -link stock -ignore config.h -ignore osconf.h diff --git a/src/include/krb5/ChangeLog b/src/include/krb5/ChangeLog deleted file mode 100644 index 2a7ca9a321..0000000000 --- a/src/include/krb5/ChangeLog +++ /dev/null @@ -1,1322 +0,0 @@ -2006-03-07 Ken Raeburn - - * kdb.h: Include k5-platform.h. - (krb5_kdb_decode_int16, krb5_kdb_decode_int32): Use load_*_le - helper functions. - (krb5_kdb_encode_int16, krb5_kdb_encode_int32): Use store_*_le - helper functions. - -2006-03-06 Ken Raeburn - - * Makefile.in (PROCESS_REPLACE): Use MODULE_DIR instead of - KRB5_DB_MODULE_DIR. - -2005-11-17 Ken Raeburn - - * Makefile.in (osconf.h): Always remove osconf.new. - -2005-10-06 Ken Raeburn - - * Makefile.in (autoconf.stamp): When running config.status, only - rebuild autoconf.h. - -2005-09-14 Ken Raeburn - - * adm_proto.h (krb5_adm_connect, krb5_adm_disconnect, - krb5_adm_dbent_to_proto, krb5_adm_proto_to_dbent, - krb5_adm_proto_to_ktent, krb5_adm_ktent_to_proto, - krb5_free_adm_data, krb5_send_adm_cmd, krb5_send_adm_reply, - krb5_read_adm_cmd, krb5_read_adm_reply): Delete declarations, - since none of these functions exist. - -2005-06-29 Ken Raeburn - - * Makefile.in (osconf.h): Depend on Makefile. Always display - commands executed for replace-if-newer sequence. - (PROCESS_REPLACE): Replace @MODULEDIR with $(KRB5_DB_MODULE_DIR). - -2005-06-20 Ken Raeburn - - * Makefile.in (clean-unix): Don't remove autoconf.h. - - Novell merge. - * Makefile.in (LIBDIR): New variable. - (PROCESS_REPLACE): Replace @LIBDIR. - * adm_proto.h (krb5_key_salt_tuple): Conditionalize incomplete - typedef on KRB5_KDB5__ instead of KRB5_ADM_H__ and - __KADM5_ADMIN_H__. - * adm.h (krb5_key_salt_tuple): Move type definition... - * kdb.h (krb5_key_salt_tuple): ...to here. - (krb5_dbe_apw, krb5_dbe_ark, krb5_dbe_cpw, krb5_dbe_crk): Use - krb5_key_salt_tuple instead of struct __krb5_key_salt_tuple in - prototype declarations. - (osa_policy_ent_t): Move type definition here from kadm5/adb.h. - Change element types from uint32_t to krb5_ui_4. - (osa_adb_iter_policy_func): Move type definition here from - kadm5/adb.h. - (KRB5_TL_DB_ARGS): New macro, defined only if SECURID is defined. - (KRB5_KDB_OPEN_RW, KRB5_KDB_OPEN_RO, KRB5_KDB_OPT_SET_DB_NAME, - KRB5_KDB_OPT_SET_LOCK_MODE): New macros. - (KRB5_DB_LOCKMODE_SHARED, KRB5_DB_LOCKMODE_EXCLUSIVE, - KRB5_DB_LOCKMODE_DONTBLOCK, KRB5_DB_LOCKMODE_PERMANENT): New - macros. - (kdb5_db_create, kdb_def_get_mkey, kdb_def_set_mkey, - krb5_db_alloc, krb5_db_clr_error, krb5_db_create_policy, - krb5_db_def_fetch_mkey, krb5_db_delete_policy, - krb5_db_errcode2string, krb5_db_free, krb5_db_free_master_key, - krb5_db_free_policy, krb5_db_get_policy, krb5_db_inited, - krb5_db_iter_policy, krb5_db_open, krb5_db_put_policy, - krb5_db_set_master_key_ext, krb5_db_set_option, - krb5_db_store_master_key, krb5_dbe_def_cpw, - krb5_dbe_def_search_enctype, krb5_dbe_update_last_pwd_change, - krb5_def_store_mkey, krb5_def_verify_master_key, - krb5_free_supported_realms, krb5_key_salt_tuple, - krb5_supported_realms, osa_adb_iter_policy_func, - osa_policy_ent_rec, osa_policy_ent_t): New (or moved) - declarations. - (krb5_db_close_database, krb5_db_iterate_ext, - krb5_db_open_database, krb5_db_rename, krb5_db_set_lockmode, - krb5_db_set_name, krb5_db_set_nonblocking, krb5_db_store_mkey, - krb5_dbe_free_contents, krb5_decode_princ_contents, - krb5_encode_princ_contents, krb5_encode_princ_dbkey, - krb5_free_princ_contents, krb5_free_princ_dbkey, - krb5_ser_db_context_init): Declarations deleted (or moved). - (krb5_db_create): Changed signature, just one char** arg in - addition to context. - (krb5_db_delete_principal): Changed argument 1 to non-const - principal. - (krb5_db_destroy): Changed argument 1 to char**. - (krb5_db_free_principal): Changed return type from void to - krb5_error_code. - (krb5_db_iterate): Changed signature, new char* argument, - pointed-to function returns int instead of krb5_error_code. - -2005-05-13 Ken Raeburn - - * Makefile.in (thisconfigdir, mydir): Updated for configure - change. - -2004-06-22 Ken Raeburn - - * adm_proto.h, kdb.h, kdb_dbc.h, kdb_kt.h: Don't test macintosh. - -2004-06-16 Ken Raeburn - - * Makefile.in (all-mac, clean-mac): Targets deleted. - -2004-03-08 Ken Raeburn - - * Makefile.in (MY_SUBDIRS): Deleted. - -2003-08-26 Ken Raeburn - - * k5-config.h: Unused file deleted. - -2003-05-25 Ezra Peisach - - * kdb.h: Add prototype for krb5_db_iterate_ext. - -2003-03-05 Tom Yu - - * kdb_kt.h: Add krb5_ktkdb_set_context. Update prototype of - krb5_ktdb_resolve. Add krb5_kt_kdb_ops. - -2003-03-05 Sam Hartman - - * Remove kdb_dbm.h - -2002-11-05 Tom Yu - - * kdb.h (KRB5_KDC_MKEY_1, KRB5_KDC_MKEY_2): Remove trailing colon, - as new implementation of krb5_read_password() appends it. - -2002-09-18 Ken Raeburn - - * adm.h (struct __krb5_realm_params): New field - realm_kdc_tcp_ports. - -2002-08-29 Ken Raeburn - - * Makefile.in: Revert $(S)=>/ change, for Windows support. - -2002-08-23 Ken Raeburn - - * Makefile.in: Change $(S)=>/ and $(U)=>.. globally. - -2002-06-12 Ken Raeburn - - * kwinsock.h, macsock.h: Deleted. - -2002-05-29 Ken Raeburn - - * MacTCP.h, AddressXlation.h: Deleted. - -2001-10-09 Ken Raeburn - - * macsock.h (PROTOTYPE): Don't define. - -2001-10-05 Ken Raeburn - - * adm_defs.h, kdb.h, kdb_dbc.h, kdb_dbm.h, kdb_kt.h, kwinsock.h: - Don't explicitly declare pointers or functions FAR any more. Drop - _MSDOS support. - -2001-10-03 Ken Raeburn - - * adm_proto.h: Don't use KRB5_DLLIMP. - -2001-09-25 Ken Raeburn - - * adm.h (struct __krb5_realm_params): Added fields - realm_reject_bad_transit, realm_reject_bad_transit_valid; deleted - field realm_filler. - -2001-07-25 Ezra Peisach - - * kdb.h: For structs krb5_tl_data (tl_data_length), krb5_key_data - (key-data_length), krb5_db_entry (len, e_length) change the - storage types from krb5_int16 to krb5_ui_2. This does not require - a database version change as the field sizes are the same. Remove - the code ifdefed under KRB5_OLD_AND_KRUFTY. - -2001-04-27 Ezra Peisach - - * .cvsignore: Add stamp-h.in - -2001-02-26 Ezra Peisach - - * adm_proto.h (krb5_adm_connect): Declare prompt string const char *. - -2001-01-16 Ken Raeburn - - * adm_proto.h, kdb.h, kdb_dbc.h, kdb_dbm.h, kdb_kt.h: Make all - prototypes unconditional. - -2000-05-30 Wilfredo Sanchez - - * Makefile.in, osconf.h: Use bindir and sbindir from configure - rather than building them up from EXEC_PREFIX. - -2000-5-18 Alexandra Ellwood - - * macsock.h: local_addr_fallback_kludge defined to 0 - again... fixed gethostname - -2000-5-9 Alexandra Ellwood - - * macsock.h: local_addr_fallback_kludge now defined to magic gethostaddr function - in the Sockets Library, which does exactly what we want if the search domain is not - specified. - -1998-11-22 Miro Jurisic - - * macsock.h: MacOS: only #define MACHOSTNAMELEN when not - already defined - -Wed May 19 11:35:18 1999 Danilo Almeida - - * Makefile.in: Create build rules for windows instead of blindly - copying files. Wrap Unix build rules with !if 0/!endif - that get used only in windows build. People need to - remember to keep this !if/!endif in the proper place when - they modify this file. - -Mon May 17 12:33:58 1999 Danilo Almeida - - * Makefile.in: Add NO_OUTPRE flag to prevent creation of output - directory under win32. - -Fri May 7 15:26:44 1999 Theodore Y. Ts'o - - * adm_proto.h: Fix the existing kludge to deal with the fact that - krb5_realm_params is defined in two, count them two, - header files. There's real ugliness here that needs - cleaning up eventually, but I don't have the time now to - deal with it. - -Fri Apr 16 17:07:47 1999 Theodore Y. Ts'o - - * Makefile.in (all-windows): Don't constantly recreate autoconf.h - with #include "win-mac.h" - -1999-04-09 Theodore Ts'o - - * kdb.h: Add new TL types provided by Frank Cusack's preauth patch - (PR# [krb5-kdc/662]) - -Tue Nov 17 15:39:32 1998 Tom Yu - - * kdb.h: Update dbe_crk and dbe_cpw to take a boolean to indicate - whether old keys should be retained. - - * Makefile.in (autoconf.stamp): Fix up to deal with config.status - not being in the current directory anymore. - -1998-11-13 Theodore Ts'o - - * Makefile.in: Set the myfulldir and mydir variables (which are - relative to buildtop and thisconfigdir, respectively.) - Add a MY_SUBDIRS macro set to '.' to indicate that there - are no subdirectories to be processed by the Makefile. - - * configure.in: Removed and tests moved to parent directory. - -1998-10-26 Marc Horowitz - - * kdb_dbc.h, kdb.h: update kdb api to be compatible with the new - crypto api. - -Wed Jul 8 04:30:22 1998 Geoffrey King - - * adm_proto.h: Added prototype for new function krb5_klog_reopen() - -Thu Apr 16 23:50:08 1998 Tom Yu - - * configure.in: Search for /var/tmp first when determining rcache - directory. [krb5-libs/548] - -Wed Feb 18 15:52:36 1998 Tom Yu - - * Makefile.in: Remove trailing slash from thisconfigdir. Fix up - BUILDTOP for new conventions. - -Mon Feb 2 17:02:29 1998 Theodore Ts'o - - * Makefile.in: Define BUILDTOP and thisconfigdir in the Makefile - -Tue Sep 30 17:19:16 1997 Tom Yu - - * configure.in: Remove references to dbm and ndbm. Replace - HAS_STDLIB_H and NO_STDLIB_H with something more sane. Replace - AC_TIME_WITH_SYS_TIME with more a recent form. Use AC_CHECK_TYPE - to check for time_t instead of erroneously named POSIX_TYPES. - -Thu Sep 25 21:50:44 1997 Tom Yu - - * configure.in: Replace KRB5_USE_INET, HAS_UNISTD_H, HAS_SETVBUF. - -Thu Sep 18 20:42:03 1997 Tom Yu - - * configure.in: Replace USE_STRING_H, HAS_STRDUP, HAS_LABS - -Mon Sep 15 15:01:49 1997 Ezra Peisach - - * kdb_dbm.h: Add const to argument of krb5_dbm_db_get_principal. - Add prototype for krb5_dbm_db_delete_principal. - - * kdb.h: Prototypes for krb5_db_get_principal, - krb5_db_delete_principal, krb5_dbe_update_mod_princ_data, - krb5_encode_princ_dbkey modified to use const krb5_principals. - -Fri Jul 25 15:18:25 1997 Tom Yu - - * kdb_kt.h: Move support for "kdb" keytab here. - - * kdb.h: Add support for modified kdb API; remove extra arguments - for db_set_mkey and db_get_mkey. Remove all (hopefully) mentions - of any particular backend database implementation. Add flags - argument for db_create, allowing caller to specify whether btree - or hash methods are to be used in the backend. - -Thu Nov 21 11:55:16 EST 1996 Richard Basch - - * Makefile.in: - all-windows needed :: not : - clean up various generated files on all platforms, not just unix - -Wed Oct 30 18:55:21 1996 Sam Hartman - - * Makefile.in (LOCALSTATEDIR): Add localstatedir a and sysconfidr - to substitutions [37] -for osconf.h -Mon Aug 26 17:01:11 1996 Barry Jaspan - - * kdb.h: add KRB5_TL_KADM5_E_DATA - -Fri Aug 23 16:20:54 1996 Theodore Ts'o - - * kdb.h: Remove dbm_error and dbm_clearerr from the dispatch table - (which eventually should be completely removed.) - -Wed Jun 12 00:40:29 1996 Theodore Ts'o - - * adm_proto.h: Change usage of INTERFACE to use KRB5_CALLCONV and - KRB5_DLLIMP. - -Mon Jun 10 17:31:29 1996 Theodore Ts'o - - * winsock.h: Rename to kwinsock.h. Recent versions of Microsoft - compilers include winsock.h, and the one we have collides - with NT errno definitions. Using the one provided by the - compiler is preferable. If you are using an old version - of MSVC that doesn't include winsock.h, then rename - kwinsock.h to winsock.h - - * kdb_dbm.h: Don't include kdb_dbm.h for Win-32. - - * kdb.h: Don't include most of kdb.h for Win-32. - -Mon May 20 17:57:15 1996 Theodore Ts'o - - * configure.in: Remove support for ODBM. - -Sun May 19 14:32:19 1996 Sam Hartman - - * configure.in: Check for uid_t. - -Sun May 12 00:46:05 1996 Marc Horowitz - - * kdb.h: convert to use new krb5_dbe_* tl_data functions. - - * adm.h (struct __krb5_realm_params): add realm_acl_file - -Tue Apr 30 17:15:57 1996 Ken Raeburn - - * configure.in: Invoke AC_C_CROSS before AC_TRY_RUN to pretty up - output format. - - * Makefile.in (autoconf.h): Use timestamp file to prevent repeated - rebuilding if file timestamp is out of date but contents wouldn't - change. - -Tue Apr 30 15:03:34 1996 Theodore Y. Ts'o - - * macsock.h: Added prototype for getpeername(). - -Thu Mar 28 17:57:04 1996 Theodore Y. Ts'o - - * AddressXlation.h: Updated to use latest versions from the Apple's - MacTCP Universal Interface. (For PowerPC port). - - * MacTCP.h: New header file from Apple's Universal Interface - - * GetMyIPAddr.h, MacTCPCommonTypes.h, TCPPB.h, UDPPB.h: Removed - old MacTCP header files. - -Wed Mar 13 17:43:35 1996 Ken Raeburn - - * configure.in: Use AC_HEADER_STDARG. - -Wed Jan 24 14:23:07 1996 Theodore Y. Ts'o - - * adm.h: Added lines to adm.h which Chris had removed while - working on the kadmin revisions. This allows the existing - code to compile. - -Mon Jan 22 17:36:00 1996 Ezra Peisach - - * configure.in: Use KRB5_CHECK_PROTOS instead of inlining - prototype checking. - -Wed Dec 13 03:51:53 1995 Chris Provenzano (proven@mit.edu) - - * kdb.h : Remove mkvno for krb5_db_entry - -Tue Dec 12 00:59:17 1995 Chris Provenzano (proven@mit.edu) - - * adm.h: Added principal flag keywords KRB5_ADM_KW_SETFLAGS and - KRB5_ADM_KW_UNSETFLAGS because relative flag modification - is just a good idea. - * kdb.h: typedef kdb5_dispatch_table so prototypes that need it - compile even if KDB5_DISPATCH isn't defined. - * kdb_dbc.h: The start of the database context, which should be - removed from the krb5_context. - -Sun Dec 10 11:02:35 1995 Ezra Peisach - - * adm_proto.h: Add prototype for krb5_input_flag_to_string. - -Fri Dec 1 17:16:05 1995 Theodore Y. Ts'o - - * adm.h: Added temporary definition of KRB5_ADM_M_EXTRADATA so - that we have a tree which compiles. - -Tue Nov 7 16:41:14 1995 Theodore Y. Ts'o - - * kdb.h: Added prototype for krb5_dbe_search_enctype(). Changed - prototype of krb5_dbe_find_enctype() so that ktype is of - type krb5_int32. (krb5_enctype is unsigned, so -1 doesn't - work!) - -Fri Nov 03 04:37:56 1995 Chris Provenzano (proven@mit.edu) - - * adm.h : Constant changes for the new kadmin code. - * kdb.h : Added attribute bit KRB5_KDB_NEW_PRINC. This will - allow kadmin administrators with add acls to modify a - principal until this bit is cleared. - -Fri Oct 6 21:58:05 1995 Theodore Y. Ts'o - - * Makefile.in: Remove ##DOS!include of config/windows.in. - config/windows.in is now included by wconfig. - -Thu Oct 5 21:33:27 1995 Theodore Y. Ts'o - - * adm.h: Remove pport and sport from the krb5_realm_params file, - and replace it with ports, which is a char * list of all - of the ports which should be listed to for this realm. - -Fri Sep 29 14:37:41 1995 Theodore Y. Ts'o - - * Makefile.in (clean-unix): Remove autoconf.h on make clean - -Wed Sep 27 16:00:00 1995 John Rivlin - - * adm_proto.h: Removed use of prototypes using krb5_db_entry - on the Macintosh. - -Tue Sep 26 15:36:20 1995 - - * kdb.h, kdb_dbm.h: Add #if !defined(_MSDOS) && - !defined(_MACINTOSH) to prevent these #includes from being - used by Mac and PC machines. - -Mon Sep 25 16:39:36 1995 Theodore Y. Ts'o - - * Makefile.in: Removed "foo:: foo-$(WHAT)" lines from the - Makefile. - -Thu Sep 20 12:00:00 1995 James Mattly - - * macsock.h: Changes to support TCP streams and change password. - -Thu Sep 8 12:00:00 1995 James Mattly - - * k5-config.h: defined MPW fake stat.h out for metrowerks compiler - * macsock.h: changed SOCKET definition for MACINTOSH to start support for - TCP streams - * TCPBP.h: fixed up some prototype problems with out customized tcp sockets - for macintosh - -Thu Sep 7 15:53:28 1995 Theodore Y. Ts'o - - * adm.h (KRB5_ADM_SERVICE_NAME): Use official IANA assigned name - for the port, which is kpasswd, not changepw. Add new - define, KRB5_ADM_SERVICE_INSTANCE, which defines the - instance name used for the kadmin name. - -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * adm.h, adm_proto.h kdb.h : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * adm_proto.h : Remove krb5_enctype references, and replace with - krb5_keytype where appropriate. - -Thu Aug 31 11:38:58 EDT 1995 Paul Park (pjpark@mit.edu) - * configure.in - Add checks for stddef.h and xom.h for use by GSSAPI-V2 - - -Tue Aug 29 13:28:10 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb.h - Add prototype for krb5_ser_db_context_init(). - - -Mon Aug 21 17:00:58 EDT 1995 Paul Park (pjpark@mit.edu) - * adm_proto.h - Add krb5_timestamp_to_sfstring() prototype. - - -Tue Aug 15 14:27:02 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb.h - Add prototype for krb5_dbe_find_keytype(). - - -Thu Aug 10 14:33:51 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb.h - Always define KRB5_MAX_FAIL_COUNT. - - -Mon Aug 07 11:22:57 1995 Chris Provenzano (proven@mit.edu) - - * kdb.h : Add prototypes for krb5_dbe_{en,de}code_last_pwd_change(), - krb5_dbe_{apw,cpw,ark,crk}(), - -Fri Aug 4 16:10:34 EDT 1995 Paul Park (pjpark@mit.edu) - * adm_proto.h - Add prototype definitions for new libkadm functions in - keysalt.c dealing with key/salt tuples. - * kdb.h - Add encode/decode macros for integers for use between kdb - modules. - -Thu Aug 03 12:19:52 1995 Chris Provenzano (proven@mit.edu) - - * kdb.h : Added prototype for krb5_dbe_cpw() the new dd entry - change password routine. - -Mon Jul 31 15:50:25 EDT 1995 Paul Park (pjpark@mit.edu) - * adm.h - Add new protocol definitions. Also, add krb5_key_salt_tuple - and add it to the krb5_read_realm_params structure so that - we have a list of supported key/salt pairs. Convert keytype - and enctype to be the correct datatype. - * adm_proto.h - Add string conversion prototypes. - - -Thu Jul 27 15:06:35 EDT 1995 Paul Park (pjpark@mit.edu) - * {asn1,dbm,ext-proto,k5-{config,errors,sockets},libos,los-proto, - mit-des,preauth,rsa-md5,sysincl}.h - Deleted. - * Makefile.in - Remove these headers from KRB5_HEADERS. - * configure.in - Change AC_INIT to look for kdb.h. - - -Thu Jul 27 02:59:05 1995 Chris Provenzano (proven@mit.edu) - - * kdb.h - Define new kdb format. - -Mon Jul 17 15:03:43 EDT 1995 Paul Park (pjpark@mit.edu) - * adm.h - Add per-realm parameter block data structure - (krb5_realm_params). - * adm_proto.h - Add dummy declaration for krb5_realm_params if adm.h - not included. Add prototypes for realm parameter functions. - * kdb.h - Add stash file parameter to krb5_db_fetch_mkey(). - -Sun Jul 9 21:47:49 1995 Ezra Peisach - - * los-proto.h: Add krb5_auth_con_genaddrs prototype - -Fri Jul 7 15:58:07 EDT 1995 Paul Park (pjpark@mit.edu) - * rsa-md5.h - Add RSA_MD5_DES_CONFOUND_LENGTH - the length of the - confounder for RSA_MD5_DES per RFC1510. - -Wed July 5 15:52:31 1995 James Mattly - * k5-config.h Added _MACINTOSH for macintosh build conditions - * macsock.h made definition of PROTOTYPE conditional - -Fri Jun 30 16:13:41 EDT 1995 Paul Park (pjpark@mit.edu) - * kdb.h - Add kdb dispatch table and set routine under KDB5_DISPATCH. - - -Tue Jun 27 16:12:09 EDT 1995 Paul Park (pjpark@mit.edu) - * adm_proto.h - Change second argument of aprof_get... routines to be - const char *. - * configure.in, k5-config.h - Reinstate KRB5_PROVIDE_PROTOTYPES. This - is needed for compilers which recognize prototypes but don't - set __STDC__ or _WINDOWS. - -Thu Jun 22 16:11:07 1995 Tom Yu (tlyu@dragons-lair) - - * k5-config.h: remove definition for KRB5_PROVIDE_PROTOTYPES - because we've reversed the sense - - * configure.in: KBR5_PROVIDE_PROTOTYPES -> KRB5_NO_PROTOTYPES; - NO_NESTED_PROTOTYPES -> KRB5_NO_NESTED_PROTOTYPES - - * rsa-md5.h: reverse sense of KRB5_PROVIDE_PROTOTYPES - -Thu Jun 22 11:52:07 EDT 1995 Paul Park (pjpark@mit.edu) - * adm_proto.h - Add prototypes for kadm library profile handling - routines. These are wrappers for profile routines. - * kdb.h - Remove KDB_CONVERT_KEY_{TO,OUTOF}_DB. - -Wed Jun 21 17:39:25 1995 Ezra Peisach - - * configure.in: Replace krb5_sigtype tests with KRB5_SIGTYPE which - has been moved to aclocal.m4 - -Wed Jun 21 10:44:06 1995 - - * Makefile.in: Don't remove autoconf.h when doing a make clean; - it's an autoconf generated file. - - * adm_proto.h, asn1.h, ext-proto.h, kdb.h, kdb_dbm.h, los-proto.h, - preauth.c: Change PROTOTYPE -> KRB5_PROTOTYPE - -Sat Jun 10 22:11:45 1995 Tom Yu (tlyu@dragons-lair) - - * adm_proto.h: update krb5_auth_context stuff - -Fri Jun 9 18:42:30 1995 - - * configure.in: Remove standardized set of autoconf macros, which - are now handled by CONFIG_RULES. - -Thu Jun 8 14:41:00 EDT 1995 Paul Park (pjpark@mit.edu) - * adm_proto.h - Add prototypes for logging routines. Also, if - kdb.h has not been included, add null structure for entry - data structure so that we don't strictly require kdb.h. - -Thu Jun 8 11:11:24 1995 Theodore Y. Ts'o - - * Makefile.in (install): Don't install the install/krb5 header files. - -Wed Jun 7 16:23:51 1995 - - * Makefile.in: Process osconf.h using PREFIX and EXEC_PREFIX - instead of KRB5ROOT. - - * k5-config.h: Remove old defines for krb.conf and krb.realms, - which are now obsolete. - -Mon Jun 5 13:47:30 EDT 1995 Paul Park (pjpark@mit.edu) - * adm_proto.h - Add new arguments to krb5_adm_connect() for support - of specifiable credentials caches and ticket lifetimes. - - -Thu Jun 1 14:28:40 EDT 1995 Paul Park (pjpark@mit.edu) - * adm.h: Change the default admin port to 464. - -Tue May 30 17:33:09 1995 Keith Vetter (keithv@fusion.com) - - * adm_proto.h: removed INTERFACE from 2 non-exported functions. - -Tue May 30 10:22:57 1995 Keith Vetter (keithv@fusion.com) - - * adm_proto.h: conditionally removed for Windows two prototypes - that use the database. - * k5-config.h: bumped MAXPATHLEN and removed need for the kdb.h file. - -Fri May 26 10:17:12 1995 Keith Vetter (keithv@fusion.com) - - * adm_proto.h: added more missing INTERFACE. - * los-proto.h: moved in prototype for gmt_mktime(). - -Thu May 25 19:27:45 1995 Keith Vetter (keithv@fusion.com) - - * adm_proto.h: two function's prototype were missing INTERFACE. - * k5-config.h: kadm needs the kdb.h file. - -Thu May 25 15:39:31 1995 Keith Vetter (keithv@fusion.com) - - * los-proto.h: moved in the prototype for krb5_make_fulladdr. - -Tue May 23 15:33:00 1995 Theodore Y. Ts'o (tytso@dcl) - - * k5-config.h, k5-sockets.h: Move the sockets specific setup out - of k5-config.h to k5-sockets.h, and modify k5-int to - include k5-sockets.h (if it is requested by - NEED_SOCKETS) after including krb5.h. This keeps the - gdb type numbers the same across .o files, so that - recent binuntils can compress the debugging information - in executables linked with a debugging library. - -Mon May 22 09:41:39 EDT 1995 Paul Park (pjpark@mit.edu) - * Makefile.in - (install) Always perform install actions using - $(INSTALL_DATA). - * configure.in - Locate install program. - -Sun May 21 15:25:45 1995 Ezra Peisach - - * Makefile.in (PROCESS_REPLACE): Replace the RCTMPDIR in stock.h - with a configuration determined directory - - * configure.in: Determine which directory to use for the replay - cache. (/usr/tmp does not exist on netbsd). - -Wed May 10 13:20:47 1995 Ezra Peisach - - * Makefile.in (install): Install ET_HEADERS... - -Tue May 9 15:17:00 EDT 1995 Paul Park (pjpark@mit.edu) - Add definitions and prototypes for new administrative protocol. - -Mon May 8 22:13:15 1995 Ezra Peisach - - * los-proto.h: krb5_read_password - prompt strings should be const - char *. - Remove krb5_init_os_context and krb5_free_os_context. (The - proper prototypes are already in place i.e. - krb5_os_init_context). - -Fri Apr 28 15:14:38 EDT 1995 Paul Park (pjpark@mit.edu) - Remove INTERFACE from prototype definitions in adm_proto.h - -Fri Apr 28 11:11:54 1995 Mark Eichin - - * configure.in: correct use of --with-krb4 to match top level. - -Thu Apr 27 17:39:04 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: Added MAXPATHLEN constant. - * adm_prot.h: updated prototype. - -Thu Apr 27 11:24:24 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: Changed over to the new single config file on the PC. - -Wed Apr 26 10:41:08 1995 Ezra Peisach - - * Makefile.in: Reflect current list of headers to be installed. - -Thu Apr 20 11:35:07 1995 - - * k5-config.h, configure.in: Remove support for HAS_ANSI_CONST - (that was needed only for compatibility with the old imake - build; autoconf uses -Dconst=), and HAS_ANSI_VOLATILE, - which isn't used at all. - -Wed Apr 19 13:25:56 1995 Ezra Peisach - - * func-proto.h: Remove global_context hack. Added prototype for - krb5_set_default_realm. - -Thu Apr 13 15:49:16 1995 Keith Vetter (keithv@fusion.com) - - * asn1.h, ccache.h, encryption.h, func-pro.h, hostaddr.h, keytab.h, - los-prot.h, preauth.h, rcache.h: - removed unneeded INTERFACE from non-api functions. - * adm_defs.h, ccache.h, encryption.h, hostaddr.h, k5-free.h, keytab.h, - macros.h, rcache.h: - Added FAR to pointers visible to the world. - * base-def.h, ext-prot.h, rsa-md5.h: __STDC__ condition also - checks for the _WINDOWS define. - -Wed Apr 5 16:41:41 1995 Keith Vetter (keithv@fusion.com) - - * los-proto.h, func-proto.h: moved krb5_us_timeofday and - krb5_sname_to_principal from the former to the latter. - * base-def.h: added FAR to pointer types for the PC. - * func-proto.h: added FAR to pointer types in prototypes but - only for functions which are exported. - -Fri Mar 31 19:34:47 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: defined dup to _dup for STDC stuff on Windows - -Fri Mar 31 16:12:28 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in (CONFIG_RULES): Replaced. - -Thu Mar 30 15:57:22 1995 Keith Vetter (keithv@fusion.com) - - * func-proto.h: added 2 missing prototypes dealing with auth_con. - -Tue Mar 28 19:53:09 1995 Keith Vetter (keithv@fusion.com) - - * Makefile.in: changed to reflect deletion of stock/osconf.win. - * k5-config.h: added constants for reading default values - out of Windows ini files. - * los-proto.h: added new prototype for Windows ini stuff. - -Tue Mar 28 18:02:41 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (KRB5_HEADERS, install): Account for file renames. - (all-mac): Add. - * configure.in (CONFIG_RULES): Remove. - (krb5_sigtype): Define as either void or int. - * encryption.h: Insert parentheses in macros to avoid mis-expansion. - * k5-config.h: Further parameterize socket support. - * macsock.h: Support connect(), recv(), send(), getmyipaddr(). - (WSAGetLastError): Fix typo -- there's no argument to this macro. - - * k5-errors.h: Rename errors.h (which duplicated a standard Mac - header name, causing a problem). - * AddressXlation.h, GetMyIPAddr.h, MacTCPCommonTypes.h, TCPPB.h, - UDPPB.h: Add MacTCP header files. - -Mon Mar 27 09:33:10 1995 Chris Provenzano (proven@mit.edu) - - * func-proto.h (krb5_rd_req(), krb5_rd_req_decode(), krb5_mk_rep(), - krb5_recvauth(), and krb5_compat_recvauth(). Added a - krb5_auth_context argument and eliminated many of the - other arguments because they are included in the - krb5_auth_context structure. - -Fri Mar 24 14:15:51 1995 - - * adm_defs.h (ADM5_DEFAULT_PORT): Add definition of default - administration port. - - * Makefile.in (install): Delete the destination header files - before copying in the new ones. Also install autoconf.h. - Only install header files if the header file has changed. - -Wed Mar 22 11:37:24 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: added HAVE_SYS_TYPES_H. Cleaned up the loading - of sys/types.h which john added earlier. Specifically, we always - have it and it's missing some typedefs used by this code. - -Tue Mar 21 18:42:23 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: PC: NO_PASSWORD defined and files opened in binary mode. - * func-proto.h: added new prototype for notify programs when the - ccache changes, and moved krb5_get_default_realm from los-proto.h. - * los-proto.h: moved krb5_get_default_realm into func-proto.h. - -Sun Mar 19 12:51:59 1995 John Gilmore (gnu at toad.com) - - * base-defs.h: Fix comment that referred to STDARG_PROTOTYPES. - -Fri Mar 17 19:12:13 1995 John Gilmore (gnu at toad.com) - - * k5-config.h: Move handling from ../krb5.h to - here, because we need or the u_* types to be defined - before we include the Unix socket include files a little later in - k5-config.h. We actually add this code twice, once in the MSDOS - section and once in the Unix/Mac section. - (NEED_SOCKETS): Also include , for localaddr.c. - * Makefile.in (clean-mac): Add. - -Tue Mar 14 16:50:54 1995 - - * Makefile.in: Delete definition for KRB5ROOT and KRB5_INCDIR, - since those are defined in pre/config.in. - -Thu Mar 16 20:58:22 1995 John Gilmore (gnu at toad.com) - - * configure.in: Replace nonstandard CHECK_STDARG with - AC_CHECK_HEADERS. Also check for header file macsock.h, which - is a dummy test -- it's false on Unix and PC's, but on the Mac - we hand-configure it to be true, to indicate that we want Mac - socket support rather than Unix socket support. - * base-defs.h, k5-config.h: Use HAVE_STDARG_H, not STDARG_PROTOTYPES. - * k5-config.h (NEED_SOCKETS): Add new section which brings in - socket include files for the appropriate compilation environment - (Mac or Unix; Windows already did this). - * macsock.h: New include file, derived from Cygnus Network Security - Mac K4 release, for simulating sockets under MacTCP. - -Thu Mar 16 12:12:17 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: PC change, getting sys_nerr and sys_errlist to work. - -Tue Mar 14 17:38:28 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: more PC changes, mostly dealing with chmod not - working as it should on the PC. - * func-proto.h, los-proto.h: moved prototypes for krb5_timeofday and - krb5_os_localaddr from los-proto to func-proto. They are needed by - the outside world, specifically kinit.c - -Fri Mar 10 14:23:12 1995 Theodore Y. Ts'o - - * sysincl.h: Removed definition of FD_SETSIZE, FD_SET, FD_CLR, - FD_ISSET, and FD_ZERO. Defining them in favor of using - the system include files is almost always wrong. - -Fri Mar 10 10:04:41 1995 Chris Provenzano (proven@mit.edu) - - * func-proto.h (krb5_mk_req(), krb5_mk_req_extended(), krb5_rd_rep(), - krb5_sendauth(), krb5_mk_priv(), krb5_rd_priv(), krb5_mk_safe(), - and krb5_rd_safe()). Added a krb5_auth_context argument and - eliminated many of the other arguments because they are - included in the krb5_auth_context structure. - - * fieldbits.h Added #define AP_OPTS_USE_SUBKEY 0x00000001 for a - new option to an ap req message. This is mainly a clean way - to inform krb5_mk_req() and krb5_mk_req_extended() to - create the subkey without adding an extra argument. - - * safepriv.h Replace safe/priv flags with flags for krb5_auth_context - and add krb5_replay_data structure for when the appilication - want to do it's own replay detection for safe and priv calls. - - -Thu Mar 9 18:29:24 1995 Mark Eichin - - * Makefile.in (all-windows): tabs, not spaces. - -Tue Mar 7 14:54:02 1995 Keith Vetter (keithv@fusion.com) - - * ccache.h: added windows INTERFACE keyword to all functions. - * encryption.h: more segment games for the PC--added NEAR to three - external data objects. - * wordsize.h: added constants VALID_INT_BTIS and VALID_UINT_BITS for - detecting overflow when casting a long to an int. - * k5-config.h: numerous PC changes such as adding NEED_LOWLEVEL_IO - which enables the read/write level of I/O. - * Makefile.in: osconf.h now pulled in from stock/osconf.win. - -Thu Mar 2 23:21:46 1995 John Gilmore (gnu at toad.com) - - Make include files start to work on the Macintosh. - - * configure.in: Add checks for sys/types.h and sys/stat.h. - * k5-config.h: Remove krb5/ from #include. - * sysincl.h: Avoid . Conditional-include . - -Thu Mar 2 13:30:00 1995 Keith Vetter (keithv@fusion.com) - - * k5-config.h: changed NEED_WINSOCK_H to NEED_SOCKETS - -Wed Mar 1 20:00:00 1995 Keith Vetter (keithv@fusion.com) - - * func-proto.h: fixed up a const attribute to krb5_send_tgs. - -Wed Mar 1 17:40:00 1995 Keith Vetter (keithv@fusion.com) - - * func-proto.h: added missing prototype for krb5_mk_cred. - * los-proto.h: added windows INTERFACE keyword to all functions, - plus added 2 missing prototypes: krb5_os_init_context and - krb5_os_free_context. - -Wed Mar 1 12:48:20 1995 Keith Vetter (keithv@fusion.com) - - * config.h: added defines to pull in winsock.h as needed - * rcache.h: added windows INTERFACE keyword to all functions - * winsock.h: new file--for windows socket stuff - -Wed Mar 1 17:45:13 1995 Theodore Y. Ts'o - - * configure.in, k5-config.h: Only define labs(x) -> abs(x) if - labs() is not defined elsewhere. (This really shouldn't - be here at all, but is the expedient way to deal with lack - of labs().) - - * Makefile.in: Change config.h -> k5-config.h and free.h -> - k5-free.h to reflect renamed header files for Mac/PC port. - -Mon Feb 27 23:47:58 1995 John Gilmore (gnu at toad.com) - - * Makefile.in (osconf.h): Remove temp file osconf.new. - - * krb5.h: Rename to ../krb5.h so it can be #included by end users - without the use of slashes or extra -I options. First step in - making it stand alone without a train of a dozen other include - files tagging along behind. - - * base-defs.h, dbm.h, error_def.h, sysincl.h: Avoid #include - form; use "..." form. - - * config.h: Rename to k5-config.h. This is too common a - name, now that we use -I..../include/krb5. - * free.h: Rename to k5-free.h. - - * configure.in (AC_INIT): Use another file (not krb5.h) as src test. - -Mon Feb 27 11:35:49 1995 Keith Vetter (keithv@fusion.com) - - * config.h: added windows interface keyword for varargs functions, - added defines to allows to be stdc compliant. - * func-proto.h: added windows INTERFACE_C keyword for functions - with varargs, and fixed const in prototype for krb5_send_tgs. - * preauth.h: added windows INTERFACE keyword to prototypes - -Wed Feb 22 17:39:46 1995 Chris Provenzano (proven@mit.edu) - - * func-proto.h (krb5_get_credentials(), krb5_get_cred_from_kdc(), - and krb5_sendauth()) replaced krb5_cred * IN/OUT arg with - a krb5_cred * IN and a krb5_cred ** OUT arg. - * func-proto.h (krb5_mk_req_extended()) Remove kdc_options flag arg - and krb5_ccache arg. They are no longer necessary. - -Wed Feb 22 01:45:17 1995 Keith Vetter (keithv@fusion.com) - - * keytab.h: added windows INTERFACE keyword to prototypes - -Tue Feb 21 17:31:06 1995 Keith Vetter (keithv@fusion.com) - - * config.h: added HAVE_ERRNO for the windows section - changed windows manifest constant from __windows__ - to _MSDOS so that DOS test programs will compile. - -Tue Feb 21 12:00:32 1995 Keith Vetter (keithv@fusion.com) - - * asn1.h: added windows INTERFACE keyword to all functions. - -Tue Feb 21 17:49:41 1995 Mark Eichin (eichin@cygnus.com) - - * config.h: get krb5/autoconf.h. - * Makefile.in (KRB5_HEADERS): add config.h, remove rsa-md4.h and - crc-32.h which aren't here anymore. - -Tue Feb 21 0:0:32 1995 Keith Vetter (keithv@fusion.com) - - * func-proto.h: added windows INTERFACE keyword to all functions. - * krb5.h: moved two typedefs before inclusion of func-proto.h - -Mon Feb 20 16:54:51 1995 Keith Vetter (keithv@fusion.com) - - * encryption.h, los-proto.h, rsa-md5.h: added windows - INTERFACE keyword. - * Makefile.in: removed isode cruft ala Feb 10 changes but for windows - -Mon Feb 20 12:32:34 1995 John Gilmore (gnu at toad.com) - - * configure.in: Flip again. Use AC_CHECK_HEADERS, but default the - symbol-setting. This is Modern Autoconf Style. - - * config.h: Create from stock/config.h and stock/config.win. - * Makefile.in (BUILT_HEADERS): Remove config.h. - (CONF_REPLACE, CONFSRC, config.h rule): Remove. Config.h is - a static header file, ever since imake died. Now it really is. - (clean): Don't remove config.new any more. - -Thu Feb 16 20:12:23 1995 John Gilmore (gnu at toad.com) - - * configure.in: Use AC_HAVE_HEADER rather than AC_HEADER_CHECK. - (Fixes resulting #define names to HAVE_XXX rather than HAS_XXX, - which is not only consistent but also matches what's in sysincl.h.) - -Mon Feb 6 19:42:7 1995 Keith Vetter (keithv@fusion.com) - - * configure.in: added header checks for sys/param.h and sys/file.h. - * encryption.h: added typedef prototype for sum_func function - with the windows api to make microsoft compiler happy. - * sysincl.h: conditionally include sys/file.h and sys/param.h since - windows doesn't have them. - * Makefile.in: - - changed macros with ${...} to $(...) since nmake barfs on {}. - - added windows only make preamble - - split the all target into unix and windows branches - -Fri Feb 10 14:54:26 1995 Theodore Y. Ts'o - - * asn1.h: Removed ISODE cruft -- moved included .h files into - asn1.h, to simplify the krb5 header file structure. - - * Makefile.in (ET_HEADERS): Remove isode cruft. - -Mon Feb 06 17:19:04 1995 Chris Provenzano (proven@mit.edu) - - * func-proto.h (krb5_get_in_tkt()) Changed key_proc args to be the - following (krb5_context, const krb5_keytype, krb5_data *, - krb5_const_pointer, krb5_keyblock **) - - * func-proto.h (krb5_get_in_tkt_*()) Removed krb5_keytype, changed - krb5_enctype to krb5_enctype *, changed krb5_preauthtype to - krb5_preauthtype *. - - * func-proto.h Added new routine krb5_get_in_tkt_with_keytab(). - -Fri Feb 3 07:57:31 1995 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Use politically correct name of AC_CHECK_SIZEOF - instead of AC_SIZEOF_TYPE. - - * configure.in: - * wordsize.h: Don't use BITS16, BITS32, etc. anymore. Use - autoconf's SIZEOF_INT and SIZEOF_LONG definitions to make - things work. - -Mon Jan 30 15:43:19 1995 Chris Provenzano (proven@mit.edu) - - * func-proto.h Added krb5_keytype arg to rb5_rdreq_key_proc. - - * func-proto.h (krb5_send_tgs()) Changed krb5_enctype arg to - krb5_enctype *, a NULL terminated array of encryption types. - - * func-proto.h Added prototypes for krb5_get_for_creds(), - krb5_set_default_in_tkt_etypes(), and - krb5_get_default_in_tkt_etypes(). - - * krb5.h Added fields to krb5_context to support default etypes. - -Fri Jan 27 00:56:12 1995 Chris Provenzano (proven@mit.edu) - - * func-proto.h (krb5_kt_read_service_key()) Added krb5_keytype arg. - * keytab.h (krb5_kt_get_entry()) Add krb5_keytype arg. - -Fri Jan 27 00:56:12 1995 Chris Provenzano (proven@mit.edu) - - * base-defs.h Typedef krb5_boolean, krb5_msgtype, krb5_kvno, - krb5_addrtype, krb5_keytyp, krb5_enctype, krb5_cksumtype, - and krb5_authdatatype as unsigned int. - * kdb_dbm.h krb5_dbm_db_set_lockmode(), krb5_dbm_db_set_nonblocking() - Fix prototypes to use krb5_boolean and not int. - * kdb.h krb5_db_set_lockmode(), krb5_db_set_nonblocking() - Fix prototypes to use krb5_boolean and not int. - -Wed Jan 25 19:26:57 1995 John Gilmore (gnu at toad.com) - - * crc-32.h: Move to lib/crypto/crc32; only gets local use. - * rsa-md4.h: Move to lib/crypto/md4; only gets local use. - -Wed Jan 25 20:01:36 1995 Mark Eichin (eichin@cygnus.com) - - * configure.in: rewrote remaining tests to use AC_TRY_COMPILE and - caching. Added cross-compile case for ANSI stdio test. - -Wed Jan 25 17:50:35 1995 Chris Provenzano (proven@mit.edu) - - * Removed narrow.h and widen.h - -Wed Jan 25 17:07:17 1995 Chris Provenzano (proven@mit.edu) - - * Removed all narrow types and references to wide.h and narrow.h - * base-defs.h Typedef krb5_boolean, krb5_msgtype, krb5_kvno, - krb5_addrtype, krb5_keytyp, krb5_enctype, krb5_cksumtype, - and krb5_authdatatype as int. - * kdb.h Made keytype in krb5_encrypted_keyblock explicitly short - for backwards compatibility. - -Sun Jan 22 18:17:06 1995 John Gilmore (gnu@cygnus.com) - - * preauth.h, rsa-md5.h: Protect against multiple inclusion. - -Fri Jan 13 15:23:47 1995 Chris Provenzano (proven@mit.edu) - - * Added krb5_context to all krb5_routines - - * Removed DECLARG and OLDDECLARG from base-defs.h (and any file that - was using it.) The next thing to do is make all narrow types - wide types and remove narrow.h and wide.h. - -Thu Jan 12 01:55:54 1995 Mark Eichin - - * Makefile.in (install): constructed headers come from the build - tree, not the source tree. - -Fri Dec 23 22:29:43 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5.h (krb5_cred): Add enc_part2 member which may point to the - unecrypted version, if it's available. - -Mon Dec 19 21:53:33 1994 Theodore Y. Ts'o (tytso@dcl) - - * krb5.h (krb5_context): Add new typdef for krb5_context. - - * libos.h (krb5_os_context): Add new typedef for krb5_os_context. - - * func-proto.h (krb5_init_context, krb5_free_context): Add new - declarations. - - * los-proto.h (krb5_init_os_context, krb5_free_os_context): Add new - declarations. - -Wed Nov 30 16:16:54 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Add support for --enable-athena and --with-krb4 - (to set KRB5_KRB4_COMPAT). - - * Makefile.in: Remove remnants of unifdef support for building - osconf.h and config.h, left over from the imake build system. - -Mon Nov 21 14:43:14 1994 Theodore Y. Ts'o (tytso@dcl) - - * func-proto.h (krb5_encode_kdc_rep, krb5_encrypt_tkt_part): - Change to use new function prototypes. - - * encryption.h (krb5_eblock_keytype, krb5_eblock_enctype): Define - new macros for finding the key type and encryption type of - an encrypion block. - -Fri Nov 18 17:53:38 1994 Theodore Y. Ts'o (tytso@dcl) - - * kdb.h (KRB5_KDB_SUPPORT_DESMD5): Add new attribute which defines - whether or not a server supports DES/MD5. - -Fri Nov 18 01:28:47 1994 Mark Eichin - - * Makefile.in (install): elide dependency so $(srcdir) works; use - $(INSTALL_DATA). - (ET_HEADERS): new variable for the names of the headers that - lib/krb5/error_tables builds and installs here (so that they get - pushed out to the installed include directory.) - (BUILT_HEADERS): locally built headers, for all, install, and - clean. - (clean): delete built and et headers. - -Fri Nov 18 01:15:00 1994 Mark Eichin - - * configure.in: use KRB5_POSIX_LOCKS, AC_EGREP_HEADER. (from - epeisach). - -Thu Nov 10 22:04:19 1994 Theodore Y. Ts'o (tytso@dcl) - - * hostaddr.h (krb5_address): Add magic number field. - -Tue Nov 8 17:55:47 1994 Theodore Y. Ts'o (tytso@dcl) - - * encryption.h (krb5_string_to_key, krb5_random_key): Change - internal calling signature to pass in the encryption - block, so that the encryption type in the keyblock - structure can be properly initialized. - -Thu Nov 3 16:38:44 1994 Theodore Y. Ts'o (tytso@dcl) - - * encryption.h (krb5_keyblock): Added a field to hold an - encryption type in the keyblock field --- so routines have - a hint of which encryption type they should use. - - * error_def.h: Add support for the kv5m error table. (For magic - numbers.) - -Mon Oct 31 14:43:07 1994 Theodore Y. Ts'o (tytso@dcl) - - * configure.in: Move WITH_CCOPTS and WITH_KRB5ROOT to the - beginning of the file. Otherwise the other tests won't - get the CCOPTS flags correct while doing the feature - tests. - -Tue Oct 25 23:54:25 1994 Theodore Y. Ts'o (tytso@dcl) - - * ext-proto.h (strdup): If the header files have strdup, don't try - to redefine it. - -Fri Oct 14 00:40:01 1994 Theodore Y. Ts'o (tytso@dcl) - - * mit-des.h: Add declaration for krb5_des_md5_cst_entry. - - * mit-des.h: Change name of the des_crc cryptosystem from - krb5_des_cst_entry to krb5_des_crc_cst_entry. - -Tue Oct 4 14:51:32 1994 Theodore Y. Ts'o (tytso@dcl) - - * encryption.h: Cast various potential shorts to ints. This is - not quite right either, but the whole encryption interface - needs to be fixed. - - * keytab.h (krb5_kt_ops.resolv): Resolve's first argument is a const. - - * encryption.h: Add magic number to encryption structures. - -Mon Oct 3 18:45:55 1994 Theodore Y. Ts'o (tytso@dcl) - - * kdb.h: Add magic number to _krb5_db_entry. (This among other - things will cause a backwards incompatible change to the database - format.) The previous magic number changes also force a database - format change; we will eventually need to completely redo how we - encode the database format, so that it isn't structure layout - dependent! - - * Makefile.in: Fix install to obey ${DESTDIR}, copy conf.h and - osconf.h from build tree. - - * Makefile.in: Fix "make install" to use $(srcdir) for header files. - -Thu Sep 29 15:07:30 1994 Theodore Y. Ts'o (tytso@dcl) - - * func_proto.h (krb5_realm_compare): Added prototype for functin - donated by OpenVision. (Compares two realms). - -Wed Sep 21 18:10:55 1994 Theodore Y. Ts'o (tytso@dcl) - - * func_proto.h (krb5_check_transited_list): Added prototype for - function donated by Cybersafe. - -Wed Aug 17 16:33:22 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * krb5.h (krb5_enc_kdc_rep_part): Added msg_type field. Needed - for the ASN.1 routines. - -Tue Aug 16 22:01:56 1994 Mark Eichin (eichin@cygnus.com) - - * configure.in: change test for USE_SYS_TIME_H to consistent - (autoconf style) check for HAVE_SYS_TIME_H with - TIME_WITH_SYS_TIME, and use them everywhere. - * stock/osauto.h: get rid of USE_TIME_H. - * stock/osconf.h: get rid of USE_TIME_H, rename USE_SYS_TIME_H. - -Tue Aug 9 02:17:40 1994 Tom Yu (tlyu@dragons-lair) - - * preauth.h: fix preauth function names as well (timestamp -> - unixtime) - -Mon Aug 8 22:36:24 1994 Theodore Y. Ts'o (tytso at tsx-11) - - * proto.h: Change preauthentication names to match official names - which bcn and I agreed upon. - -Tue Aug 2 03:39:14 1994 Tom Yu (tlyu@dragons-lair) - - * acconfig.h: add HAVE_SETVBUF - - * configure.in: changes to make things saner when checking for - ANSI_STDIO - -Thu Jul 14 03:31:06 1994 Tom Yu (tlyu at dragons-lair) - - * Makefile.in: some cleanup to not echo cruft - -Tue Jun 28 19:09:21 1994 Tom Yu (tlyu at dragons-lair) - - * error_def.h: folding in Harry's changes - * asn1.h: ditto - * configure.in: adding ISODE_DEFS, fixing ISODE_INCLUDE to dtrt - -Tue Jun 21 23:54:40 1994 Tom Yu (tlyu at dragons-lair) - - * pulling SEEK_SET, etc. out to avoid redef'ing in unistd.h - -Tue Jun 21 00:50:46 1994 Mark W. Eichin (eichin at mit.edu) - - * sysincl.h: SEEK_SET et. al. defined in terms of L_SET et. al. if - they don't already exist. - diff --git a/src/include/krb5/Makefile.in b/src/include/krb5/Makefile.in deleted file mode 100644 index 7ef43d413f..0000000000 --- a/src/include/krb5/Makefile.in +++ /dev/null @@ -1,74 +0,0 @@ -thisconfigdir=./../.. -myfulldir=include/krb5 -mydir=include/krb5 -BUILDTOP=$(REL)..$(S).. -KRB5RCTMPDIR= @KRB5_RCTMPDIR@ - -##DOSBUILDTOP = ..\.. -NO_OUTPRE=1 - -KRB5_HEADERS = adm.h adm_proto.h kdb.h kdb_dbm.h winsock.h - -# these are installed here for the build from lib/krb5/error_tables but -# also need to be in the installed tree -ET_HEADERS = adm_err.h asn1_err.h kdb5_err.h krb5_err.h -BUILT_HEADERS = osconf.h - -all-unix:: autoconf.h $(BUILT_HEADERS) -all-windows:: autoconf.h $(BUILT_HEADERS) - -##DOS##autoconf.h: ..\win-mac.h -##DOS## $(CP) ..\win-mac.h $@ -##DOS##osconf.h: stock\osconf.h -##DOS## $(CP) stock\osconf.h $@ - -# We need to comment out the Unix autoconf.h and osconf.h block below -# if we're building for Windows. Thus, we need to enclose them -# between the lines "##DOS##!if 0" and "##DOS##!endif". We enclosed -# the entire section between the long hashed lines to make the block -# stand out. - -############################################################################### -##DOS##!if 0 -autoconf.h: autoconf.stamp -autoconf.stamp: $(srcdir)/autoconf.h.in $(thisconfigdir)/config.status - (cd $(thisconfigdir) && $(SHELL) config.status $(mydir)/autoconf.h) - touch autoconf.stamp - -SYSCONFDIR = @sysconfdir@ -LOCALSTATEDIR = @localstatedir@ -BINDIR = @bindir@ -SBINDIR = @sbindir@ -LIBDIR = @libdir@ - -PROCESS_REPLACE = -e "s+@KRB5RCTMPDIR+$(KRB5RCTMPDIR)+" \ - -e "s+@PREFIX+$(INSTALL_PREFIX)+" \ - -e "s+@EXEC_PREFIX+$(INSTALL_EXEC_PREFIX)+" \ - -e "s+@BINDIR+$(BINDIR)+" \ - -e "s+@LIBDIR+$(LIBDIR)+" \ - -e "s+@SBINDIR+$(SBINDIR)+" \ - -e "s+@MODULEDIR+$(MODULE_DIR)+" \ - -e 's+@LOCALSTATEDIR+$(LOCALSTATEDIR)+' \ - -e 's+@SYSCONFDIR+$(SYSCONFDIR)+' - -OSCONFSRC = $(srcdir)/stock/osconf.h - -osconf.h: $(OSCONFSRC) Makefile - cat $(OSCONFSRC) | sed $(PROCESS_REPLACE) > osconf.new - @set -x ; if cmp -s osconf.new osconf.h ; then : osconf.h is current ; \ - else ($(RM) osconf.h ; $(CP) osconf.new osconf.h) fi - $(RM) osconf.new -##DOS##!endif -############################################################################### - -depend:: - -install:: - -clean:: - $(RM) osconf.new $(BUILT_HEADERS) - -clean-unix:: - $(RM) $(ET_HEADERS) autoconf.stamp -clean-windows:: - $(RM) osconf.h autoconf.h autoconf.stamp diff --git a/src/include/krb5/adm.h b/src/include/krb5/adm.h deleted file mode 100644 index 86798a8300..0000000000 --- a/src/include/krb5/adm.h +++ /dev/null @@ -1,217 +0,0 @@ -/* - * include/krb5/adm.h - * - * Copyright 1995,2001 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ -#ifndef KRB5_ADM_H__ -#define KRB5_ADM_H__ - -/* - * Kerberos V5 Change Password service name - */ -#define KRB5_ADM_SERVICE_NAME "kpasswd" -#define KRB5_ADM_DEFAULT_PORT 464 - -#define KRB5_ADM_SERVICE_INSTANCE "changepw" - -/* - * Maximum password length. - */ -#define KRB5_ADM_MAX_PASSWORD_LEN 512 - -/* - * Protocol command strings. - */ -#define KRB5_ADM_QUIT_CMD "QUIT" -#define KRB5_ADM_CHECKPW_CMD "CHECKPW" -#define KRB5_ADM_CHANGEPW_CMD "CHANGEPW" -#define KRB5_ADM_MOTD_CMD "MOTD" -#define KRB5_ADM_MIME_CMD "MIME" -#define KRB5_ADM_LANGUAGE_CMD "LANGUAGE" - -#define KRB5_ADM_ADD_PRINC_CMD "ADD-PRINCIPAL" -#define KRB5_ADM_DEL_PRINC_CMD "DELETE-PRINCIPAL" -#define KRB5_ADM_REN_PRINC_CMD "RENAME-PRINCIPAL" -#define KRB5_ADM_MOD_PRINC_CMD "MODIFY-PRINCIPAL" -#define KRB5_ADM_INQ_PRINC_CMD "INQUIRE-PRINCIPAL" -#define KRB5_ADM_EXT_KEY_CMD "EXTRACT-KEY" - -/* - * Protocol command strings for the current version of the admin - * server. (Chris had removed them in the version he was working - * with.) - * - * XXX I'm adding them back so the tree works. We need to take care - * of this eventually. - */ -#define KRB5_ADM_CHG_OPW_CMD "OTHER-CHANGEPW" -#define KRB5_ADM_CHG_ORPW_CMD "OTHER-RANDOM-CHANGEPW" -#define KRB5_ADM_ADD_KEY_CMD "ADD-KEY" -#define KRB5_ADM_DEL_KEY_CMD "DELETE-KEY" - -/* - * Reply status values. - */ -#define KRB5_ADM_SUCCESS 0 -#define KRB5_ADM_CMD_UNKNOWN 1 -#define KRB5_ADM_PW_UNACCEPT 2 -#define KRB5_ADM_BAD_PW 3 -#define KRB5_ADM_NOT_IN_TKT 4 -#define KRB5_ADM_CANT_CHANGE 5 -#define KRB5_ADM_LANG_NOT_SUPPORTED 6 - -#define KRB5_ADM_P_ALREADY_EXISTS 64 -#define KRB5_ADM_P_DOES_NOT_EXIST 65 -#define KRB5_ADM_NOT_AUTHORIZED 66 -#define KRB5_ADM_BAD_OPTION 67 -#define KRB5_ADM_VALUE_REQUIRED 68 -#define KRB5_ADM_SYSTEM_ERROR 69 -#define KRB5_ADM_KEY_DOES_NOT_EXIST 70 -#define KRB5_ADM_KEY_ALREADY_EXISTS 71 - -/* - * Principal flag keywords. - */ -/* Settable only */ -#define KRB5_ADM_KW_PASSWORD "PASSWORD" -#define KRB5_ADM_KW_APASSWORD "APASSWORD" -#define KRB5_ADM_KW_RANDOMKEY "RANDOMKEY" -#define KRB5_ADM_KW_ARANDOMKEY "ARANDOMKEY" -#define KRB5_ADM_KW_SETFLAGS "SETFLAGS" -#define KRB5_ADM_KW_UNSETFLAGS "UNSETFLAGS" -/* Settable and retrievable */ -#define KRB5_ADM_KW_MAXLIFE "MAXLIFE" -#define KRB5_ADM_KW_MAXRENEWLIFE "MAXRENEWLIFE" -#define KRB5_ADM_KW_EXPIRATION "EXPIRATION" -#define KRB5_ADM_KW_PWEXPIRATION "PWEXPIRATION" -#define KRB5_ADM_KW_FLAGS "FLAGS" -#define KRB5_ADM_KW_AUXDATA "AUXDATA" -#define KRB5_ADM_KW_EXTRADATA "EXTRADATA" -/* Retrievable only */ -#define KRB5_ADM_KW_LASTPWCHANGE "LASTPWCHANGE" -#define KRB5_ADM_KW_LASTSUCCESS "LASTSUCCESS" -#define KRB5_ADM_KW_LASTFAILED "LASTFAILED" -#define KRB5_ADM_KW_FAILCOUNT "FAILCOUNT" -#define KRB5_ADM_KW_KEYDATA "KEYDATA" - -/* Valid mask */ -#define KRB5_ADM_M_PASSWORD 0x00000001 -#define KRB5_ADM_M_MAXLIFE 0x00000002 -#define KRB5_ADM_M_MAXRENEWLIFE 0x00000004 -#define KRB5_ADM_M_EXPIRATION 0x00000008 -#define KRB5_ADM_M_PWEXPIRATION 0x00000010 -#define KRB5_ADM_M_RANDOMKEY 0x00000020 -#define KRB5_ADM_M_FLAGS 0x00000040 -#define KRB5_ADM_M_LASTPWCHANGE 0x00000080 -#define KRB5_ADM_M_LASTSUCCESS 0x00000100 -#define KRB5_ADM_M_LASTFAILED 0x00000200 -#define KRB5_ADM_M_FAILCOUNT 0x00000400 -#define KRB5_ADM_M_AUXDATA 0x00000800 -#define KRB5_ADM_M_KEYDATA 0x00001000 -#define KRB5_ADM_M_APASSWORD 0x00002000 -#define KRB5_ADM_M_ARANDOMKEY 0x00004000 -#define KRB5_ADM_M_UNUSED_15 0x00008000 -#define KRB5_ADM_M_UNUSED_16 0x00010000 -#define KRB5_ADM_M_UNUSED_17 0x00020000 -#define KRB5_ADM_M_UNUSED_18 0x00040000 -#define KRB5_ADM_M_UNUSED_19 0x00080000 -#define KRB5_ADM_M_UNUSED_20 0x00100000 -#define KRB5_ADM_M_UNUSED_21 0x00200000 -#define KRB5_ADM_M_UNUSED_22 0x00400000 -#define KRB5_ADM_M_UNUSED_23 0x00800000 -#define KRB5_ADM_M_UNUSED_24 0x01000000 -#define KRB5_ADM_M_UNUSED_25 0x02000000 -#define KRB5_ADM_M_UNUSED_26 0x04000000 -#define KRB5_ADM_M_UNUSED_27 0x08000000 -#define KRB5_ADM_M_UNUSED_28 0x10000000 -#define KRB5_ADM_M_UNUSED_29 0x20000000 -#define KRB5_ADM_M_GET 0x40000000 -#define KRB5_ADM_M_SET 0x80000000 - -#define KRB5_ADM_M_EXTRADATA 0x00000000 /* Hack to get */ - /* libkadm to compile */ - -#define KRB5_ADM_M_SET_VALID (KRB5_ADM_M_SET + \ - KRB5_ADM_M_PASSWORD + \ - KRB5_ADM_M_APASSWORD + \ - KRB5_ADM_M_MAXLIFE + \ - KRB5_ADM_M_MAXRENEWLIFE+ \ - KRB5_ADM_M_EXPIRATION + \ - KRB5_ADM_M_PWEXPIRATION+ \ - KRB5_ADM_M_RANDOMKEY + \ - KRB5_ADM_M_ARANDOMKEY + \ - KRB5_ADM_M_FLAGS + \ - KRB5_ADM_M_AUXDATA) -#define KRB5_ADM_M_GET_VALID (KRB5_ADM_M_GET + \ - KRB5_ADM_M_MAXLIFE + \ - KRB5_ADM_M_MAXRENEWLIFE+ \ - KRB5_ADM_M_EXPIRATION + \ - KRB5_ADM_M_PWEXPIRATION+ \ - KRB5_ADM_M_FLAGS + \ - KRB5_ADM_M_LASTPWCHANGE+ \ - KRB5_ADM_M_LASTSUCCESS + \ - KRB5_ADM_M_LASTFAILED + \ - KRB5_ADM_M_FAILCOUNT + \ - KRB5_ADM_M_AUXDATA + \ - KRB5_ADM_M_KEYDATA) - -/* - * Keytab reply components. - */ -#define KRB5_ADM_KT_PRINCIPAL 0 -#define KRB5_ADM_KT_TIMESTAMP 1 -#define KRB5_ADM_KT_VNO 2 -#define KRB5_ADM_KT_KEY_ENCTYPE 3 -#define KRB5_ADM_KT_KEY_KEY 4 -#define KRB5_ADM_KT_NCOMPS 5 - -/* - * Data structure returned by krb5_read_realm_params() - */ -typedef struct __krb5_realm_params { - char * realm_profile; - char * realm_dbname; - char * realm_mkey_name; - char * realm_stash_file; - char * realm_kdc_ports; - char * realm_kdc_tcp_ports; - char * realm_acl_file; - krb5_int32 realm_kadmind_port; - krb5_enctype realm_enctype; - krb5_deltat realm_max_life; - krb5_deltat realm_max_rlife; - krb5_timestamp realm_expiration; - krb5_flags realm_flags; - krb5_key_salt_tuple *realm_keysalts; - unsigned int realm_reject_bad_transit:1; - unsigned int realm_kadmind_port_valid:1; - unsigned int realm_enctype_valid:1; - unsigned int realm_max_life_valid:1; - unsigned int realm_max_rlife_valid:1; - unsigned int realm_expiration_valid:1; - unsigned int realm_flags_valid:1; - unsigned int realm_reject_bad_transit_valid:1; - krb5_int32 realm_num_keysalts; -} krb5_realm_params; -#endif /* KRB5_ADM_H__ */ diff --git a/src/include/krb5/adm_defs.h b/src/include/krb5/adm_defs.h deleted file mode 100644 index b2b747446e..0000000000 --- a/src/include/krb5/adm_defs.h +++ /dev/null @@ -1,209 +0,0 @@ -/* - * include/krb5/adm_defs.h - * - * Copyright 1990 by the Massachusetts Institute of Technology. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * <<< Description >>> - */ - - -#ifndef __ADM_DEFINES__ -#define __ADM_DEFINES__ - -#define ADM5_VERSTR "ADM5VER1" -#define ADM5_VERSIZE strlen(ADM5_VERSTR) -/* This used to be kerberos_master */ -#define ADM5_PORTNAME "kerberos-adm" -#define ADM5_DEFAULT_PORT 752 -#define ADM5_CPW_VERSION "V5CPWS01" -#define ADM5_ADM_VERSION "V5ADMS01" -#define CPWNAME "kadmin" -#define ADMINSTANCE "admin" - -#define ADM_CPW_VERSION "V5CPWS01" -#define ADM_MAX_PW_ITERATIONS 5 -#define ADM_MAX_PW_CHOICES 5 - -#ifdef MACH_PASS -#define ADM_MAX_PW_LENGTH 8 -#define ADM_MAX_PHRASE_LENGTH 101 -#else -#define ADM_MAX_PW_LENGTH 255 -#endif - -#define CPW_SNAME ADM5_PORTNAME - -#define MAXCPWBUFSIZE 4096 - -#ifdef unicos61 -#define SIZEOF_INADDR SIZEOF_in_addr -#else -#define SIZEOF_INADDR sizeof(struct in_addr) -#endif - -/* Server */ -#define KADMIND 0x01 - -/* Applications */ -#define KPASSWD 0x01 -#define KSRVUTIL 0x02 -#define KADMIN 0x03 - -/* Operations */ -#define ADDOPER 0x01 /* Add Principal */ -#define CHGOPER 0x02 /* Change Password */ -#define ADROPER 0x03 /* Add principal with random password */ -#define CHROPER 0x04 /* Change to random password */ -#define DELOPER 0x05 /* Delete Principal */ -#define MODOPER 0x06 /* Modify Principal attributes */ -#define INQOPER 0x07 /* Display Principal info */ -#define AD4OPER 0x08 /* Add Principal using v4 string-to-key */ -#define CH4OPER 0x09 /* Change password using v4 string-to-key */ -#define COMPLETE 0x0f - -/* Extra Message Types */ -#define SENDDATA1 0x00 -#define SENDDATA2 0x01 -#define SENDDATA3 0x02 - -/* Unknowns */ -#define KUNKNOWNAPPL 0xff -#define KUNKNOWNOPER 0xff -#define KUNKNOWNERR 0xff - -typedef struct { - char appl_code; - char oper_code; - char retn_code; - char *message; -} kadmin_requests; - -#if 0 -static char *oper_type[] = { - "complete", /* 0 */ - "addition", /* 1 */ - "deletion", /* 2 */ - "change", /* 3 */ - "modification", /* 4 */ - "inquiry" /* 5 */ -}; -#endif - -#define SKYCHANGED 0x00 -#define NSKYRCVD 0x01 - - -#if 0 -static char *ksrvutil_message[] = { - "Service Key Changed", /* 0 */ - "New Key and Version Received" /* 1 */ -}; -#endif - -#define KADMGOOD 0x00 -#define KADMSAG 0x01 - -#if 0 -static char *kadmind_general_response[] = { - "Success", /* 0 */ - "Service Access Granted" /* 1 */ -}; -#endif - - -#define KPASSGOOD 0x00 -#define KPASSBAD 0x01 - -#if 0 -static char *kadmind_kpasswd_response[] = { - "Password Changed", /* 0 */ - "Password NOT Changed!" /* 1 */ -}; -#endif - -#define KSRVGOOD 0x00 -#define KSRVBAD 0x01 -#define KSRVCATASTROPHE 0x02 - -#if 0 -static char *kadmind_ksrvutil_response[] = { - "Service Password Change Complete", /* 0 */ - "One or More Service Password Change(s) Failed!", /* 1 */ - "Database Update Failure - Possible Catastrophe!!" /* 2 */ -}; -#endif - -#define KADMGOOD 0x00 -#define KADMBAD 0x01 - -#if 0 -static char *kadmind_kadmin_response[] = { - "Administrative Service Completed", /* 0 */ - "Principal Unknown!", /* 1 */ - "Principal Already Exists!", /* 2 */ - "Allocation Failure!", /* 3 */ - "Password Failure!", /* 4 */ - "Protocol Failure!", /* 5 */ - "Security Failure!", /* 6 */ - "Admin Client Not in ACL List!", /* 7 */ - "Database Update Failure - Possible Catastrophe!!" /* 8 */ -}; -#endif - -#define KMODVNO 0x00 -#define KMODATTR 0x01 - -#ifdef SANDIA -#define KMODFCNT 0x02 -#endif - -#define ATTRPOST 0x00 -#define ATTRNOPOST 0x01 -#define ATTRFOR 0x02 -#define ATTRNOFOR 0x03 -#define ATTRTGT 0x04 -#define ATTRNOTGT 0x05 -#define ATTRREN 0x06 -#define ATTRNOREN 0x07 -#define ATTRPROXY 0x08 -#define ATTRNOPROXY 0x09 -#define ATTRDSKEY 0x0a -#define ATTRNODSKEY 0x0b -#define ATTRLOCK 0x0c -#define ATTRUNLOCK 0x0d - -#ifdef SANDIA -#define ATTRPRE 0x0e -#define ATTRNOPRE 0x0f -#define ATTRPWOK 0x10 -#define ATTRPWCHG 0x11 -#define ATTRSID 0x12 -#define ATTRNOSID 0x13 -#endif - -#define ATTRNOSVR 0x14 -#define ATTRSVR 0x15 - -#define BADATTR 0x3f - -#endif /* __ADM_DEFINES__ */ diff --git a/src/include/krb5/adm_proto.h b/src/include/krb5/adm_proto.h deleted file mode 100644 index 65b116bc4a..0000000000 --- a/src/include/krb5/adm_proto.h +++ /dev/null @@ -1,132 +0,0 @@ -/* - * include/krb5/adm_proto.h - * - * Copyright 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - */ -#ifndef KRB5_ADM_PROTO_H__ -#define KRB5_ADM_PROTO_H__ - -/* - * This is ugly, but avoids having to include k5-int or kdb.h for this. - */ -#ifndef KRB5_KDB5__ -struct _krb5_db_entry; -typedef struct _krb5_db_entry krb5_db_entry; -#endif /* KRB5_KDB5__ */ - -/* Ditto for adm.h */ - -/* - * XXXX krb5_realm params is defined in two header files!!!! - * This really needs to be fixed!!! - */ -#if !defined(KRB5_ADM_H__) && !defined(__KADM5_ADMIN_H__) -struct ___krb5_realm_params; -typedef struct ___krb5_realm_params krb5_realm_params; -#endif /* KRB5_ADM_H__ */ - -#ifndef KRB5_KDB5__ -struct ___krb5_key_salt_tuple; -typedef struct ___krb5_key_salt_tuple krb5_key_salt_tuple; -#endif /* KRB5_KDB5__ */ - -/* - * Function prototypes. - */ - -/* logger.c */ -krb5_error_code krb5_klog_init - (krb5_context, - char *, - char *, - krb5_boolean); -void krb5_klog_close (krb5_context); -int krb5_klog_syslog (int, const char *, ...); -void krb5_klog_reopen (krb5_context); - -/* alt_prof.c */ -krb5_error_code krb5_aprof_init - (char *, char *, krb5_pointer *); -krb5_error_code krb5_aprof_getvals - (krb5_pointer, const char **, char ***); -krb5_error_code krb5_aprof_get_deltat - (krb5_pointer, - const char **, - krb5_boolean, - krb5_deltat *); -krb5_error_code krb5_aprof_get_string - (krb5_pointer, const char **, krb5_boolean, char **); -krb5_error_code krb5_aprof_get_int32 - (krb5_pointer, - const char **, - krb5_boolean, - krb5_int32 *); -krb5_error_code krb5_aprof_finish (krb5_pointer); - -krb5_error_code krb5_read_realm_params (krb5_context, - char *, - char *, - char *, - krb5_realm_params **); -krb5_error_code krb5_free_realm_params (krb5_context, - krb5_realm_params *); - -/* str_conv.c */ -krb5_error_code -krb5_string_to_flags (char *, - const char *, - const char *, - krb5_flags *); -krb5_error_code -krb5_flags_to_string (krb5_flags, - const char *, - char *, - size_t); -krb5_error_code -krb5_input_flag_to_string (int, - char *, - size_t); - -/* keysalt.c */ -krb5_boolean -krb5_keysalt_is_present (krb5_key_salt_tuple *, - krb5_int32, - krb5_enctype, - krb5_int32); -krb5_error_code -krb5_keysalt_iterate (krb5_key_salt_tuple *, - krb5_int32, - krb5_boolean, - krb5_error_code (*) (krb5_key_salt_tuple *, - krb5_pointer), - krb5_pointer); - -krb5_error_code -krb5_string_to_keysalts (char *, - const char *, - const char *, - krb5_boolean, - krb5_key_salt_tuple **, - krb5_int32 *); -#endif /* KRB5_ADM_PROTO_H__ */ diff --git a/src/include/krb5/copyright.h b/src/include/krb5/copyright.h deleted file mode 100644 index b1740ce3ce..0000000000 --- a/src/include/krb5/copyright.h +++ /dev/null @@ -1,40 +0,0 @@ -/* - * Copyright (C) 1989-1994 by the Massachusetts Institute of Technology, - * Cambridge, MA, USA. All Rights Reserved. - * - * This software is being provided to you, the LICENSEE, by the - * Massachusetts Institute of Technology (M.I.T.) under the following - * license. By obtaining, using and/or copying this software, you agree - * that you have read, understood, and will comply with these terms and - * conditions: - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify and distribute - * this software and its documentation for any purpose and without fee or - * royalty is hereby granted, provided that you agree to comply with the - * following copyright notice and statements, including the disclaimer, and - * that the same appear on ALL copies of the software and documentation, - * including modifications that you make for internal use or for - * distribution: - * - * THIS SOFTWARE IS PROVIDED "AS IS", AND M.I.T. MAKES NO REPRESENTATIONS - * OR WARRANTIES, EXPRESS OR IMPLIED. By way of example, but not - * limitation, M.I.T. MAKES NO REPRESENTATIONS OR WARRANTIES OF - * MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF - * THE LICENSED SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY - * PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS. - * - * The name of the Massachusetts Institute of Technology or M.I.T. may NOT - * be used in advertising or publicity pertaining to distribution of the - * software. Title to copyright in this software and any associated - * documentation shall at all times remain with M.I.T., and USER agrees to - * preserve same. - * - * Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - */ diff --git a/src/include/krb5/kdb.h b/src/include/krb5/kdb.h deleted file mode 100644 index c8327657fc..0000000000 --- a/src/include/krb5/kdb.h +++ /dev/null @@ -1,485 +0,0 @@ -/* - * include/krb5/kdb.h - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * KDC Database interface definitions. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - -#ifndef KRB5_KDB5__ -#define KRB5_KDB5__ - -/* Salt types */ -#define KRB5_KDB_SALTTYPE_NORMAL 0 -#define KRB5_KDB_SALTTYPE_V4 1 -#define KRB5_KDB_SALTTYPE_NOREALM 2 -#define KRB5_KDB_SALTTYPE_ONLYREALM 3 -#define KRB5_KDB_SALTTYPE_SPECIAL 4 -#define KRB5_KDB_SALTTYPE_AFS3 5 - -/* Attributes */ -#define KRB5_KDB_DISALLOW_POSTDATED 0x00000001 -#define KRB5_KDB_DISALLOW_FORWARDABLE 0x00000002 -#define KRB5_KDB_DISALLOW_TGT_BASED 0x00000004 -#define KRB5_KDB_DISALLOW_RENEWABLE 0x00000008 -#define KRB5_KDB_DISALLOW_PROXIABLE 0x00000010 -#define KRB5_KDB_DISALLOW_DUP_SKEY 0x00000020 -#define KRB5_KDB_DISALLOW_ALL_TIX 0x00000040 -#define KRB5_KDB_REQUIRES_PRE_AUTH 0x00000080 -#define KRB5_KDB_REQUIRES_HW_AUTH 0x00000100 -#define KRB5_KDB_REQUIRES_PWCHANGE 0x00000200 -#define KRB5_KDB_DISALLOW_SVR 0x00001000 -#define KRB5_KDB_PWCHANGE_SERVICE 0x00002000 -#define KRB5_KDB_SUPPORT_DESMD5 0x00004000 -#define KRB5_KDB_NEW_PRINC 0x00008000 - -/* Creation flags */ -#define KRB5_KDB_CREATE_BTREE 0x00000001 -#define KRB5_KDB_CREATE_HASH 0x00000002 - -#if !defined(_WIN32) - -/* - * Note --- these structures cannot be modified without changing the - * database version number in libkdb.a, but should be expandable by - * adding new tl_data types. - */ -typedef struct _krb5_tl_data { - struct _krb5_tl_data* tl_data_next; /* NOT saved */ - krb5_int16 tl_data_type; - krb5_ui_2 tl_data_length; - krb5_octet * tl_data_contents; -} krb5_tl_data; - -/* - * If this ever changes up the version number and make the arrays be as - * big as necessary. - * - * Currently the first type is the enctype and the second is the salt type. - */ -typedef struct _krb5_key_data { - krb5_int16 key_data_ver; /* Version */ - krb5_int16 key_data_kvno; /* Key Version */ - krb5_int16 key_data_type[2]; /* Array of types */ - krb5_ui_2 key_data_length[2]; /* Array of lengths */ - krb5_octet * key_data_contents[2]; /* Array of pointers */ -} krb5_key_data; - -#define KRB5_KDB_V1_KEY_DATA_ARRAY 2 /* # of array elements */ - -typedef struct _krb5_keysalt { - krb5_int16 type; - krb5_data data; /* Length, data */ -} krb5_keysalt; - -typedef struct _krb5_db_entry_new { - krb5_magic magic; /* NOT saved */ - krb5_ui_2 len; - krb5_flags attributes; - krb5_deltat max_life; - krb5_deltat max_renewable_life; - krb5_timestamp expiration; /* When the client expires */ - krb5_timestamp pw_expiration; /* When its passwd expires */ - krb5_timestamp last_success; /* Last successful passwd */ - krb5_timestamp last_failed; /* Last failed passwd attempt */ - krb5_kvno fail_auth_count; /* # of failed passwd attempt */ - krb5_int16 n_tl_data; - krb5_int16 n_key_data; - krb5_ui_2 e_length; /* Length of extra data */ - krb5_octet * e_data; /* Extra data to be saved */ - - krb5_principal princ; /* Length, data */ - krb5_tl_data * tl_data; /* Linked list */ - krb5_key_data * key_data; /* Array */ -} krb5_db_entry; - -typedef struct _osa_policy_ent_t { - int version; - char *name; - krb5_ui_4 pw_min_life; - krb5_ui_4 pw_max_life; - krb5_ui_4 pw_min_length; - krb5_ui_4 pw_min_classes; - krb5_ui_4 pw_history_num; - krb5_ui_4 policy_refcnt; -} osa_policy_ent_rec, *osa_policy_ent_t; - -typedef void (*osa_adb_iter_policy_func) (void *, osa_policy_ent_t); - -typedef struct __krb5_key_salt_tuple { - krb5_enctype ks_enctype; - krb5_int32 ks_salttype; -} krb5_key_salt_tuple; - - -#define KRB5_KDB_MAGIC_NUMBER 0xdbdbdbdb -#define KRB5_KDB_V1_BASE_LENGTH 38 - -#define KRB5_TL_LAST_PWD_CHANGE 0x0001 -#define KRB5_TL_MOD_PRINC 0x0002 -#define KRB5_TL_KADM_DATA 0x0003 -#define KRB5_TL_KADM5_E_DATA 0x0004 -#define KRB5_TL_RB1_CHALLENGE 0x0005 -#ifdef SECURID -#define KRB5_TL_SECURID_STATE 0x0006 -#define KRB5_TL_DB_ARGS 0x7fff -#endif /* SECURID */ - -/* - * Determines the number of failed KDC requests before DISALLOW_ALL_TIX is set - * on the principal. - */ -#define KRB5_MAX_FAIL_COUNT 5 - -/* XXX depends on knowledge of krb5_parse_name() formats */ -#define KRB5_KDB_M_NAME "K/M" /* Kerberos/Master */ - -/* prompts used by default when reading the KDC password from the keyboard. */ -#define KRB5_KDC_MKEY_1 "Enter KDC database master key" -#define KRB5_KDC_MKEY_2 "Re-enter KDC database master key to verify" - - -extern char *krb5_mkey_pwd_prompt1; -extern char *krb5_mkey_pwd_prompt2; - -/* - * These macros specify the encoding of data within the database. - * - * Data encoding is little-endian. - */ -#include "k5-platform.h" -#define krb5_kdb_decode_int16(cp, i16) \ - *((krb5_int16 *) &(i16)) = load_16_le(cp) -#define krb5_kdb_decode_int32(cp, i32) \ - *((krb5_int32 *) &(i32)) = load_32_le(cp) -#define krb5_kdb_encode_int16(i16, cp) store_16_le(i16, cp) -#define krb5_kdb_encode_int32(i32, cp) store_32_le(i32, cp) - -#define KRB5_KDB_OPEN_RW 0 -#define KRB5_KDB_OPEN_RO 1 - -#define KRB5_KDB_OPT_SET_DB_NAME 0 -#define KRB5_KDB_OPT_SET_LOCK_MODE 1 - -#define KRB5_DB_LOCKMODE_SHARED 0x0001 -#define KRB5_DB_LOCKMODE_EXCLUSIVE 0x0002 -#define KRB5_DB_LOCKMODE_DONTBLOCK 0x0004 -#define KRB5_DB_LOCKMODE_PERMANENT 0x0008 - -/* libkdb.spec */ -krb5_error_code krb5_db_open( krb5_context kcontext, char **db_args, int mode ); -krb5_error_code krb5_db_init ( krb5_context kcontext ); -krb5_error_code krb5_db_create ( krb5_context kcontext, char **db_args ); -krb5_error_code krb5_db_inited ( krb5_context kcontext ); -krb5_error_code kdb5_db_create ( krb5_context kcontext, char **db_args ); -krb5_error_code krb5_db_fini ( krb5_context kcontext ); -const char * krb5_db_errcode2string ( krb5_context kcontext, long err_code ); -krb5_error_code krb5_db_destroy ( krb5_context kcontext, char **db_args ); -krb5_error_code krb5_db_get_age ( krb5_context kcontext, char *db_name, time_t *t ); -krb5_error_code krb5_db_set_option ( krb5_context kcontext, int option, void *value ); -krb5_error_code krb5_db_lock ( krb5_context kcontext, int lock_mode ); -krb5_error_code krb5_db_unlock ( krb5_context kcontext ); -krb5_error_code krb5_db_get_principal ( krb5_context kcontext, - krb5_const_principal search_for, - krb5_db_entry *entries, - int *nentries, - krb5_boolean *more ); -krb5_error_code krb5_db_free_principal ( krb5_context kcontext, - krb5_db_entry *entry, - int count ); -krb5_error_code krb5_db_put_principal ( krb5_context kcontext, - krb5_db_entry *entries, - int *nentries); -krb5_error_code krb5_db_delete_principal ( krb5_context kcontext, - krb5_principal search_for, - int *nentries ); -krb5_error_code krb5_db_iterate ( krb5_context kcontext, - char *match_entry, - int (*func) (krb5_pointer, krb5_db_entry *), - krb5_pointer func_arg ); -krb5_error_code krb5_supported_realms ( krb5_context kcontext, - char **realms ); -krb5_error_code krb5_free_supported_realms ( krb5_context kcontext, - char **realms ); -krb5_error_code krb5_db_set_master_key_ext ( krb5_context kcontext, - char *pwd, - krb5_keyblock *key ); -krb5_error_code krb5_db_set_mkey ( krb5_context context, - krb5_keyblock *key); -krb5_error_code krb5_db_get_mkey ( krb5_context kcontext, - krb5_keyblock **key ); -krb5_error_code krb5_db_free_master_key ( krb5_context kcontext, - krb5_keyblock *key ); -krb5_error_code krb5_db_store_master_key ( krb5_context kcontext, - char *db_arg, - krb5_principal mname, - krb5_keyblock *key, - char *master_pwd); -krb5_error_code krb5_db_fetch_mkey ( krb5_context context, - krb5_principal mname, - krb5_enctype etype, - krb5_boolean fromkeyboard, - krb5_boolean twice, - char *db_args, - krb5_data *salt, - krb5_keyblock *key); -krb5_error_code krb5_db_verify_master_key ( krb5_context kcontext, - krb5_principal mprinc, - krb5_keyblock *mkey ); -krb5_error_code -krb5_dbe_find_enctype( krb5_context kcontext, - krb5_db_entry *dbentp, - krb5_int32 ktype, - krb5_int32 stype, - krb5_int32 kvno, - krb5_key_data **kdatap); - - -krb5_error_code krb5_dbe_search_enctype ( krb5_context kcontext, - krb5_db_entry *dbentp, - krb5_int32 *start, - krb5_int32 ktype, - krb5_int32 stype, - krb5_int32 kvno, - krb5_key_data **kdatap); - -krb5_error_code -krb5_db_setup_mkey_name ( krb5_context context, - const char *keyname, - const char *realm, - char **fullname, - krb5_principal *principal); - -krb5_error_code -krb5_dbekd_decrypt_key_data( krb5_context context, - const krb5_keyblock * mkey, - const krb5_key_data * key_data, - krb5_keyblock * dbkey, - krb5_keysalt * keysalt); - -krb5_error_code -krb5_dbekd_encrypt_key_data( krb5_context context, - const krb5_keyblock * mkey, - const krb5_keyblock * dbkey, - const krb5_keysalt * keysalt, - int keyver, - krb5_key_data * key_data); - -krb5_error_code -krb5_dbe_lookup_mod_princ_data( krb5_context context, - krb5_db_entry * entry, - krb5_timestamp * mod_time, - krb5_principal * mod_princ); - - -krb5_error_code -krb5_dbe_update_last_pwd_change( krb5_context context, - krb5_db_entry * entry, - krb5_timestamp stamp); - -krb5_error_code -krb5_dbe_lookup_tl_data( krb5_context context, - krb5_db_entry * entry, - krb5_tl_data * ret_tl_data); - -krb5_error_code -krb5_dbe_create_key_data( krb5_context context, - krb5_db_entry * entry); - - -krb5_error_code -krb5_dbe_update_mod_princ_data( krb5_context context, - krb5_db_entry * entry, - krb5_timestamp mod_date, - krb5_const_principal mod_princ); - -krb5_error_code -krb5_dbe_update_last_pwd_change( krb5_context context, - krb5_db_entry * entry, - krb5_timestamp stamp); - -void *krb5_db_alloc( krb5_context kcontext, - void *ptr, - size_t size ); - -void krb5_db_free( krb5_context kcontext, - void *ptr); - - -krb5_error_code -krb5_dbe_lookup_last_pwd_change( krb5_context context, - krb5_db_entry * entry, - krb5_timestamp * stamp); - -krb5_error_code -krb5_dbe_update_tl_data( krb5_context context, - krb5_db_entry * entry, - krb5_tl_data * new_tl_data); - -krb5_error_code -krb5_dbe_cpw( krb5_context kcontext, - krb5_keyblock * master_key, - krb5_key_salt_tuple * ks_tuple, - int ks_tuple_count, - char * passwd, - int new_kvno, - krb5_boolean keepold, - krb5_db_entry * db_entry); - -krb5_error_code -krb5_dbe_ark( krb5_context context, - krb5_keyblock * master_key, - krb5_key_salt_tuple * ks_tuple, - int ks_tuple_count, - krb5_db_entry * db_entry); - -krb5_error_code -krb5_dbe_crk( krb5_context context, - krb5_keyblock * master_key, - krb5_key_salt_tuple * ks_tuple, - int ks_tuple_count, - krb5_boolean keepold, - krb5_db_entry * db_entry); - -krb5_error_code -krb5_dbe_apw( krb5_context context, - krb5_keyblock * master_key, - krb5_key_salt_tuple * ks_tuple, - int ks_tuple_count, - char * passwd, - krb5_db_entry * db_entry); - - -/* default functions. Should not be directly called */ -/* - * Default functions prototype - */ - -krb5_error_code -krb5_dbe_def_search_enctype( krb5_context kcontext, - krb5_db_entry *dbentp, - krb5_int32 *start, - krb5_int32 ktype, - krb5_int32 stype, - krb5_int32 kvno, - krb5_key_data **kdatap); - -krb5_error_code -krb5_def_store_mkey( krb5_context context, - char *keyfile, - krb5_principal mname, - krb5_keyblock *key, - char *master_pwd); - - -krb5_error_code -krb5_db_def_fetch_mkey( krb5_context context, - krb5_principal mname, - krb5_keyblock *key, - int *kvno, - char *db_args); - -krb5_error_code -krb5_def_verify_master_key( krb5_context context, - krb5_principal mprinc, - krb5_keyblock *mkey); - -krb5_error_code kdb_def_set_mkey ( krb5_context kcontext, - char *pwd, - krb5_keyblock *key ); - -krb5_error_code kdb_def_get_mkey ( krb5_context kcontext, - krb5_keyblock **key ); - -krb5_error_code -krb5_dbe_def_cpw( krb5_context context, - krb5_keyblock * master_key, - krb5_key_salt_tuple * ks_tuple, - int ks_tuple_count, - char * passwd, - int new_kvno, - krb5_boolean keepold, - krb5_db_entry * db_entry); - - -krb5_error_code -krb5_db_create_policy( krb5_context kcontext, - osa_policy_ent_t policy); - -krb5_error_code -krb5_db_get_policy ( krb5_context kcontext, - char *name, - osa_policy_ent_t *policy, - int *nentries); - -krb5_error_code -krb5_db_put_policy( krb5_context kcontext, - osa_policy_ent_t policy); - -krb5_error_code -krb5_db_iter_policy( krb5_context kcontext, - char *match_entry, - osa_adb_iter_policy_func func, - void *data); - -krb5_error_code -krb5_db_delete_policy( krb5_context kcontext, - char *policy); - -void -krb5_db_free_policy( krb5_context kcontext, - osa_policy_ent_t policy); - -void krb5_db_clr_error(void); - -#define KRB5_KDB_DEF_FLAGS 0 - -#endif /* !defined(_WIN32) */ -#endif /* KRB5_KDB5__ */ diff --git a/src/include/krb5/kdb_dbc.h b/src/include/krb5/kdb_dbc.h deleted file mode 100644 index e2b300288f..0000000000 --- a/src/include/krb5/kdb_dbc.h +++ /dev/null @@ -1,86 +0,0 @@ -/* - * include/krb5/kdb_dbc.h - * - * Copyright 1995 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * KDC Database context definitions. - */ - -/* - * Copyright (C) 1998 by the FundsXpress, INC. - * - * All rights reserved. - * - * Export of this software from the United States of America may require - * a specific license from the United States Government. It is the - * responsibility of any person or organization contemplating export to - * obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of FundsXpress. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. FundsXpress makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR - * IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED - * WARRANTIES OF MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. - */ - - -#ifndef KRB5_KDB5_DBC__ -#define KRB5_KDB5_DBC__ - -#include "kdb.h" - -/* Per-database context. */ -typedef struct __krb5_db_context { - krb5_boolean db_inited; /* Context initialized */ - char * db_name; /* Name of database */ - DBM * db_dbm_ctx; /* DBM context for database */ - char * db_lf_name; /* Name of lock file */ - int db_lf_file; /* File descriptor of lock file */ - time_t db_lf_time; /* Time last updated */ - int db_locks_held; /* Number of times locked */ - int db_lock_mode; /* Last lock mode, e.g. greatest*/ - krb5_boolean db_nb_locks; /* [Non]Blocking lock modes */ - krb5_keyblock *db_master_key; /* Master key of database */ - kdb5_dispatch_table *db_dispatch; /* Dispatch table */ -} krb5_db_context; - -krb5_error_code krb5_ktkdb_resolve - (krb5_context, krb5_db_context *, krb5_keytab *); - -krb5_error_code krb5_dbm_db_set_mkey - (krb5_context,krb5_db_context *,krb5_encrypt_block *); - -krb5_error_code krb5_dbm_db_get_mkey - (krb5_context,krb5_db_context *,krb5_encrypt_block **); - -#endif /* KRB5_KDB5_DBM__ */ diff --git a/src/include/krb5/kdb_kt.h b/src/include/krb5/kdb_kt.h deleted file mode 100644 index 1dbd7f30da..0000000000 --- a/src/include/krb5/kdb_kt.h +++ /dev/null @@ -1,42 +0,0 @@ -/* - * include/krb5/kdb_kt.h - * - * Copyright 1997 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * KDC keytab definitions. - */ - - -#ifndef KRB5_KDB5_KT_H -#define KRB5_KDB5_KT_H - -#include "kdb.h" - -extern struct _krb5_kt_ops krb5_kt_kdb_ops; - -krb5_error_code krb5_ktkdb_resolve (krb5_context, const char *, krb5_keytab *); - -krb5_error_code krb5_ktkdb_set_context(krb5_context); - -#endif /* KRB5_KDB5_DBM__ */ diff --git a/src/include/krb5/stock/.Sanitize b/src/include/krb5/stock/.Sanitize deleted file mode 100644 index 9a91ab33a8..0000000000 --- a/src/include/krb5/stock/.Sanitize +++ /dev/null @@ -1,33 +0,0 @@ -# Sanitize.in for Kerberos V5 - -# Each directory to survive it's way into a release will need a file -# like this one called "./.Sanitize". All keyword lines must exist, -# and must exist in the order specified by this file. Each directory -# in the tree will be processed, top down, in the following order. - -# Hash started lines like this one are comments and will be deleted -# before anything else is done. Blank lines will also be squashed -# out. - -# The lines between the "Do-first:" line and the "Things-to-keep:" -# line are executed as a /bin/sh shell script before anything else is -# done in this - -Do-first: - -# All files listed between the "Things-to-keep:" line and the -# "Files-to-sed:" line will be kept. All other files will be removed. -# Directories listed in this section will have their own Sanitize -# called. Directories not listed will be removed in their entirety -# with rm -rf. - -Things-to-keep: - -ChangeLog -osconf.h - -Things-to-lose: - -Do-last: - -# End of file. diff --git a/src/include/krb5/stock/ChangeLog b/src/include/krb5/stock/ChangeLog deleted file mode 100644 index c341acea63..0000000000 --- a/src/include/krb5/stock/ChangeLog +++ /dev/null @@ -1,196 +0,0 @@ -2006-03-06 Ken Raeburn - - * osconf.h (DEFAULT_KDB_LIB_PATH): Add "/kdb" on end of - MODULEDIR. - (MODULE_PATH): New macro. - -2005-06-29 Ken Raeburn - - * osconf.h (DEFAULT_KDB_LIB_PATH): Use @MODULEDIR. Don't use a - fixed global directory. - -2005-06-20 Ken Raeburn - - Novell merge. - * osconf.h (DEFAULT_KDB_LIB_PATH): Define. - -2004-07-09 Jeffrey Altman - - * osconf.h: !!define -> !define - -2003-05-29 Ken Raeburn - - * osconf.h (DEFAULT_KDC_ENCTYPE): Default to des3 now. - -2003-03-06 Alexandra Ellwood - - * osconf.h: Added DEFAULT_SECURE_PROFILE_PATH so that KfM will only - search paths that start with ~/ (homedir-based) when getting an - insecure context. This is the same as DEFAULT_PROFILE_PATH on all - other platforms, which allows us to avoid more references to - TARGET_OS_MAC in krb5 sources. - -2002-09-18 Ken Raeburn - - * osconf.h (DEFAULT_KDC_UDP_PORTLIST): Renamed from - DEFAULT_KDC_PORTLIST. - (DEFAULT_KDC_TCP_PORTLIST): New macro. - -2002-07-03 Alexandra Ellwood - - * osconf.h (DEFAULT_PROFILE_PATH): Conditionalized for Mac OS X - to look in Mac OS X Preferences file locations. - [pullup from 1-2-2-branch] - -2001-10-05 Ken Raeburn - - * osconf.h: Drop _MSDOS support. - -1999-09-20 Ken Raeburn - - * osconf.h (KPASSWD_PORTNAME): Define. - -Tue Jan 20 23:19:53 1998 Tom Yu - - * osconf.h: Add DEFAULT_KPASSWD_PORT to support Cygnus chpw. - -Wed Nov 13 23:58:30 1996 Tom Yu - - * osconf.h (DEFAULT_KEYTAB_NAME): Change DOS version of this to - FILE:%s\\krb5kt to match "krb5cc". - -Tue Nov 12 18:40:08 1996 Tom Yu - - * osconf.h: Change DEFAULT_KEYTAB_NAME to /etc/krb5.keytab under - Unix. - -Wed Oct 30 19:00:07 1996 Sam Hartman - - * osconf.h : Set up to use autoconf-style directories. [37] - -Wed Aug 28 16:13:10 1996 Barry Jaspan - - * osconf.h: add KADM5 defaults: KEYTAB, ACL_FILE, PORT - -Mon Aug 12 16:58:16 1996 Barry Jaspan - - * osconf.h: add KPROPD_DEFAULT_KDB5_UTIL - -Wed Jun 12 00:43:16 1996 Theodore Ts'o - - * osconf.h: Add #ifdef _WIN32 in places where we had #ifdef _MSDOS - -Tue Mar 5 12:27:18 1996 Richard Basch - - * osconf.h (KPROPD_DEFAULT_KDB5_EDIT): kdb5_edit is now in PREFIX/sbin - -Sat Feb 24 18:59:39 1996 Theodore Y. Ts'o - - * osconf.h (DEFAULT_KEYTAB_NAME): Under windows, let it be - %s\v5srvtab. It will be filled in by the - krb5_kt_default_name with the name of windows directory. - -Thu Oct 5 21:45:13 1995 Theodore Y. Ts'o - - * osconf.h (DEFAULT_KDC_PROFILE): Change the name of the kdc - configuration file to be kdc.conf. - Added DEFAULT_KDC_PORTLIST. - -Tue Sep 26 22:47:15 1995 Mark Eichin - - * osconf.h (DEFAULT_PROFILE_PATH): look in $(prefix)/lib/krb5.conf - if /etc/krb5.conf isn't found. - -Fri Sep 29 01:45:27 1995 Theodore Y. Ts'o - - * osconf.h: Don't include autoconf.h under Windows, since it - doesn't exist. - -Wed Sep 13 23:50:02 1995 Mark Eichin - - * osconf.h (KPROP_DEFAULT_FILE, KPROPD_DEFAULT_FILE, - KPROPD_DEFAULT_KDB5_EDIT, KPROPD_DEFAULT_KRB_DB): set defaults - correctly for kprop/kpropd in respect to prefix. - -Mon Jul 17 15:05:42 EDT 1995 Paul Park (pjpark@mit.edu) - * osconf.h - Add DEFAULT_KEYFILE_STUB which puts the stashfile in - the kdc directory instead of the root. Also, change the -Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) - - * osconf.h : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g - -Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) - - * osconf.h : Remove krb5_enctype references, and replace with - krb5_keytype where appropriate. - default ETYPE to DES_CBC_MD5 now that it works. - - -Thu Jun 22 11:53:47 EDT 1995 Paul Park (pjpark@mit.edu) - * osconf.h - Add DEFAULT_KDC_PROFILE and KDC_PROFILE_ENV for KDC - profile location. - -Thu Jun 8 14:42:56 EDT 1995 Paul Park (pjpark@mit.edu) - - * osconf.h - Restore DEFAULT_ADMIN_ACL definition to be - .../kadm_old.acl since kadmin.old needs this definition. - -Wed Jun 7 16:13:24 1995 - - * osconf.h: Use INSTALL and INSTALL_PREFIX instead of KRB5ROOT. - How the filenames are determined have been completely - revamped. - -Sun May 21 15:33:36 1995 Ezra Peisach - - * osconf.h: Setup the RCTMPDIR to be modified by configure. - -Fri Apr 21 21:00:40 1995 Theodore Y. Ts'o (tytso@dcl) - - * osconf.h: Add #define's for DEFAULT_PROFILE_FILENAME. - -Tue Mar 28 19:49:56 1995 Keith Vetter (keithv@fusion.com) - - * osconf.h: moved the differing part of osconf.win inside it. - * osconf.win: deleted. - -Tue Mar 7 15:09:44 1995 Keith Vetter (keithv@fusion.com) - - * osconf.win: new file. Windows version of osconf with valid - path names. - -Mon Feb 20 12:30:42 1995 John Gilmore (gnu at toad.com) - - * config.h, config.win: Remove; merge them both into ../config.h. - Now that we aren't using imake, this isn't a generated header file. - -Mon Feb 20 15:25:26 1995 Keith Vetter (keithv@fusion.com) - - * config.h: changed API to INTERFACE. - * config.win: changed API to INTERFACE and changed BITS16 - to SIZEOF_INT/SIZEOF_LONG to track an autoconf change. - -Mon Feb 6 20:5:58 1995 Keith Vetter (keithv@fusion.com) - - * config.win: new file--windows base template for config.h - * config.h: added API definition default of NULL - -Thu Jan 5 17:01:03 1995 Theodore Y. Ts'o (tytso@dcl) - - * Use the service names kerberos and kerberos-sec, instead of - kerberos5 and kerberos4 --- the official port name is - kerberos, after all! - -Wed Nov 30 16:18:29 1994 Theodore Y. Ts'o (tytso@dcl) - - * osconf.h, config.h: Remove remnants of unifdef support for - building osconf.h and config.h, left over from the imake - build system. - - * osconf.h: Add #ifdef for Athena configuration. - -Thu Oct 13 16:58:53 1994 Theodore Y. Ts'o (tytso@dcl) - - * config.h: Define PROVIDE_DES_CBC_MD5 so that we include this - cryptosystem. - diff --git a/src/include/krb5/stock/osconf.h b/src/include/krb5/stock/osconf.h deleted file mode 100644 index 03b2ce651d..0000000000 --- a/src/include/krb5/stock/osconf.h +++ /dev/null @@ -1,130 +0,0 @@ -/* - * include/krb5/stock/osconf.h - * - * Copyright 1990,1991 by the Massachusetts Institute of Technology. - * All Rights Reserved. - * - * Export of this software from the United States of America may - * require a specific license from the United States Government. - * It is the responsibility of any person or organization contemplating - * export to obtain such a license before exporting. - * - * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and - * distribute this software and its documentation for any purpose and - * without fee is hereby granted, provided that the above copyright - * notice appear in all copies and that both that copyright notice and - * this permission notice appear in supporting documentation, and that - * the name of M.I.T. not be used in advertising or publicity pertaining - * to distribution of the software without specific, written prior - * permission. Furthermore if you modify this software you must label - * your software as modified software and not distribute it in such a - * fashion that it might be confused with the original M.I.T. software. - * M.I.T. makes no representations about the suitability of - * this software for any purpose. It is provided "as is" without express - * or implied warranty. - * - * - * Site- and OS- dependant configuration. - */ - -#ifndef KRB5_OSCONF__ -#define KRB5_OSCONF__ - -#if !defined(_WIN32) - /* Don't try to pull in autoconf.h for Windows, since it's not used */ -#ifndef KRB5_AUTOCONF__ -#define KRB5_AUTOCONF__ -#include "autoconf.h" -#endif -#endif - -#if defined(_WIN32) -#define DEFAULT_PROFILE_FILENAME "krb5.ini" -#define DEFAULT_LNAME_FILENAME "/aname" -#define DEFAULT_KEYTAB_NAME "FILE:%s\\krb5kt" -#else /* !_WINDOWS */ -#if TARGET_OS_MAC -#define DEFAULT_SECURE_PROFILE_PATH "/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:@SYSCONFDIR/krb5.conf" -#define DEFAULT_PROFILE_PATH ("~/Library/Preferences/edu.mit.Kerberos" ":" DEFAULT_SECURE_PROFILE_PATH) -#else -#define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5.conf:@SYSCONFDIR/krb5.conf" -#define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH -#endif -#define DEFAULT_KEYTAB_NAME "FILE:/etc/krb5.keytab" -#define DEFAULT_LNAME_FILENAME "@PREFIX/lib/krb5.aname" -#endif /* _WINDOWS */ - -#define DEFAULT_KDB_FILE "@LOCALSTATEDIR/krb5kdc/principal" -#define DEFAULT_KEYFILE_STUB "@LOCALSTATEDIR/krb5kdc/.k5." -#define KRB5_DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/krb5_adm.acl" -/* Used by old admin server */ -#define DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/kadm_old.acl" - -/* Location of KDC profile */ -#define DEFAULT_KDC_PROFILE "@LOCALSTATEDIR/krb5kdc/kdc.conf" -#define KDC_PROFILE_ENV "KRB5_KDC_PROFILE" - -#define DEFAULT_KDB_LIB_PATH { "@MODULEDIR/kdb", NULL } -#define MODULE_PATH "@MODULEDIR" - -#define DEFAULT_KDC_ENCTYPE ENCTYPE_DES3_CBC_SHA1 -#define KDCRCACHE "dfl:krb5kdc_rcache" - -#define KDC_PORTNAME "kerberos" /* for /etc/services or equiv. */ -#define KDC_SECONDARY_PORTNAME "kerberos-sec" /* For backwards */ - /* compatibility with */ - /* port 750 clients */ - -#define KRB5_DEFAULT_PORT 88 -#define KRB5_DEFAULT_SEC_PORT 750 - -#define DEFAULT_KPASSWD_PORT 464 -#define KPASSWD_PORTNAME "kpasswd" - -#define DEFAULT_KDC_UDP_PORTLIST "88,750" -#define DEFAULT_KDC_TCP_PORTLIST "" - -/* - * Defaults for the KADM5 admin system. - */ -#define DEFAULT_KADM5_KEYTAB "@LOCALSTATEDIR/krb5kdc/kadm5.keytab" -#define DEFAULT_KADM5_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kadm5.acl" -#define DEFAULT_KADM5_PORT 749 /* assigned by IANA */ - -#define MAX_DGRAM_SIZE 4096 -#define MAX_SKDC_TIMEOUT 30 -#define SKDC_TIMEOUT_SHIFT 2 /* left shift of timeout for backoff */ -#define SKDC_TIMEOUT_1 1 /* seconds for first timeout */ - -#define RCTMPDIR "@KRB5RCTMPDIR" /* directory to store replay caches */ - -#define KRB5_PATH_TTY "/dev/tty" -#define KRB5_PATH_LOGIN "@SBINDIR/login.krb5" -#define KRB5_PATH_RLOGIN "@BINDIR/rlogin" - -#define KRB5_ENV_CCNAME "KRB5CCNAME" - -/* - * krb4 kadmin stuff follows - */ - -/* the default syslog file */ -#define KADM_SYSLOG "@LOCALSTATEDIR/krb5kdc/admin_server.syslog" - -/* where to find the bad password table */ -#define PW_CHECK_FILE "@LOCALSTATEDIR/krb5kdc/bad_passwd" - -#define DEFAULT_ACL_DIR "@LOCALSTATEDIR/krb5kdc" - -/* - * krb5 slave support follows - */ - -#define KPROP_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/slave_datatrans" -#define KPROPD_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/from_master" -#define KPROPD_DEFAULT_KDB5_UTIL "@SBINDIR/kdb5_util" -#define KPROPD_DEFAULT_KDB5_EDIT "@SBINDIR/kdb5_edit" -#define KPROPD_DEFAULT_KRB_DB DEFAULT_KDB_FILE -#define KPROPD_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kpropd.acl" - -#endif /* KRB5_OSCONF__ */ diff --git a/src/include/port-sockets.h b/src/include/port-sockets.h index d1cf9e6f9e..35ed2b4c42 100644 --- a/src/include/port-sockets.h +++ b/src/include/port-sockets.h @@ -70,13 +70,13 @@ typedef WSABUF sg_buf; /* If this source file requires it, define struct sockaddr_in (and possibly other things related to network I/O). */ -#include "krb5/autoconf.h" +#include "autoconf.h" #include typedef int socklen_t; #else /* UNIX variants */ -#include "krb5/autoconf.h" +#include "autoconf.h" #include #include /* For struct sockaddr_in and in_addr */ diff --git a/src/include/socket-utils.h b/src/include/socket-utils.h index dcd24ebc76..070bb2ff13 100644 --- a/src/include/socket-utils.h +++ b/src/include/socket-utils.h @@ -51,7 +51,7 @@ Do NOT install this file. */ /* for HAVE_SOCKLEN_T, KRB5_USE_INET6, etc */ -#include "krb5/autoconf.h" +#include "autoconf.h" /* for sockaddr_storage */ #include "port-sockets.h" /* for "inline" if needed */ diff --git a/src/include/stock/.Sanitize b/src/include/stock/.Sanitize new file mode 100644 index 0000000000..9a91ab33a8 --- /dev/null +++ b/src/include/stock/.Sanitize @@ -0,0 +1,33 @@ +# Sanitize.in for Kerberos V5 + +# Each directory to survive it's way into a release will need a file +# like this one called "./.Sanitize". All keyword lines must exist, +# and must exist in the order specified by this file. Each directory +# in the tree will be processed, top down, in the following order. + +# Hash started lines like this one are comments and will be deleted +# before anything else is done. Blank lines will also be squashed +# out. + +# The lines between the "Do-first:" line and the "Things-to-keep:" +# line are executed as a /bin/sh shell script before anything else is +# done in this + +Do-first: + +# All files listed between the "Things-to-keep:" line and the +# "Files-to-sed:" line will be kept. All other files will be removed. +# Directories listed in this section will have their own Sanitize +# called. Directories not listed will be removed in their entirety +# with rm -rf. + +Things-to-keep: + +ChangeLog +osconf.h + +Things-to-lose: + +Do-last: + +# End of file. diff --git a/src/include/stock/ChangeLog b/src/include/stock/ChangeLog new file mode 100644 index 0000000000..c341acea63 --- /dev/null +++ b/src/include/stock/ChangeLog @@ -0,0 +1,196 @@ +2006-03-06 Ken Raeburn + + * osconf.h (DEFAULT_KDB_LIB_PATH): Add "/kdb" on end of + MODULEDIR. + (MODULE_PATH): New macro. + +2005-06-29 Ken Raeburn + + * osconf.h (DEFAULT_KDB_LIB_PATH): Use @MODULEDIR. Don't use a + fixed global directory. + +2005-06-20 Ken Raeburn + + Novell merge. + * osconf.h (DEFAULT_KDB_LIB_PATH): Define. + +2004-07-09 Jeffrey Altman + + * osconf.h: !!define -> !define + +2003-05-29 Ken Raeburn + + * osconf.h (DEFAULT_KDC_ENCTYPE): Default to des3 now. + +2003-03-06 Alexandra Ellwood + + * osconf.h: Added DEFAULT_SECURE_PROFILE_PATH so that KfM will only + search paths that start with ~/ (homedir-based) when getting an + insecure context. This is the same as DEFAULT_PROFILE_PATH on all + other platforms, which allows us to avoid more references to + TARGET_OS_MAC in krb5 sources. + +2002-09-18 Ken Raeburn + + * osconf.h (DEFAULT_KDC_UDP_PORTLIST): Renamed from + DEFAULT_KDC_PORTLIST. + (DEFAULT_KDC_TCP_PORTLIST): New macro. + +2002-07-03 Alexandra Ellwood + + * osconf.h (DEFAULT_PROFILE_PATH): Conditionalized for Mac OS X + to look in Mac OS X Preferences file locations. + [pullup from 1-2-2-branch] + +2001-10-05 Ken Raeburn + + * osconf.h: Drop _MSDOS support. + +1999-09-20 Ken Raeburn + + * osconf.h (KPASSWD_PORTNAME): Define. + +Tue Jan 20 23:19:53 1998 Tom Yu + + * osconf.h: Add DEFAULT_KPASSWD_PORT to support Cygnus chpw. + +Wed Nov 13 23:58:30 1996 Tom Yu + + * osconf.h (DEFAULT_KEYTAB_NAME): Change DOS version of this to + FILE:%s\\krb5kt to match "krb5cc". + +Tue Nov 12 18:40:08 1996 Tom Yu + + * osconf.h: Change DEFAULT_KEYTAB_NAME to /etc/krb5.keytab under + Unix. + +Wed Oct 30 19:00:07 1996 Sam Hartman + + * osconf.h : Set up to use autoconf-style directories. [37] + +Wed Aug 28 16:13:10 1996 Barry Jaspan + + * osconf.h: add KADM5 defaults: KEYTAB, ACL_FILE, PORT + +Mon Aug 12 16:58:16 1996 Barry Jaspan + + * osconf.h: add KPROPD_DEFAULT_KDB5_UTIL + +Wed Jun 12 00:43:16 1996 Theodore Ts'o + + * osconf.h: Add #ifdef _WIN32 in places where we had #ifdef _MSDOS + +Tue Mar 5 12:27:18 1996 Richard Basch + + * osconf.h (KPROPD_DEFAULT_KDB5_EDIT): kdb5_edit is now in PREFIX/sbin + +Sat Feb 24 18:59:39 1996 Theodore Y. Ts'o + + * osconf.h (DEFAULT_KEYTAB_NAME): Under windows, let it be + %s\v5srvtab. It will be filled in by the + krb5_kt_default_name with the name of windows directory. + +Thu Oct 5 21:45:13 1995 Theodore Y. Ts'o + + * osconf.h (DEFAULT_KDC_PROFILE): Change the name of the kdc + configuration file to be kdc.conf. + Added DEFAULT_KDC_PORTLIST. + +Tue Sep 26 22:47:15 1995 Mark Eichin + + * osconf.h (DEFAULT_PROFILE_PATH): look in $(prefix)/lib/krb5.conf + if /etc/krb5.conf isn't found. + +Fri Sep 29 01:45:27 1995 Theodore Y. Ts'o + + * osconf.h: Don't include autoconf.h under Windows, since it + doesn't exist. + +Wed Sep 13 23:50:02 1995 Mark Eichin + + * osconf.h (KPROP_DEFAULT_FILE, KPROPD_DEFAULT_FILE, + KPROPD_DEFAULT_KDB5_EDIT, KPROPD_DEFAULT_KRB_DB): set defaults + correctly for kprop/kpropd in respect to prefix. + +Mon Jul 17 15:05:42 EDT 1995 Paul Park (pjpark@mit.edu) + * osconf.h - Add DEFAULT_KEYFILE_STUB which puts the stashfile in + the kdc directory instead of the root. Also, change the +Wed Sep 06 14:20:57 1995 Chris Provenzano (proven@mit.edu) + + * osconf.h : s/keytype/enctype/g, s/KEYTYPE/ENCTYPE/g + +Tue Sep 05 22:10:34 1995 Chris Provenzano (proven@mit.edu) + + * osconf.h : Remove krb5_enctype references, and replace with + krb5_keytype where appropriate. + default ETYPE to DES_CBC_MD5 now that it works. + + +Thu Jun 22 11:53:47 EDT 1995 Paul Park (pjpark@mit.edu) + * osconf.h - Add DEFAULT_KDC_PROFILE and KDC_PROFILE_ENV for KDC + profile location. + +Thu Jun 8 14:42:56 EDT 1995 Paul Park (pjpark@mit.edu) + + * osconf.h - Restore DEFAULT_ADMIN_ACL definition to be + .../kadm_old.acl since kadmin.old needs this definition. + +Wed Jun 7 16:13:24 1995 + + * osconf.h: Use INSTALL and INSTALL_PREFIX instead of KRB5ROOT. + How the filenames are determined have been completely + revamped. + +Sun May 21 15:33:36 1995 Ezra Peisach + + * osconf.h: Setup the RCTMPDIR to be modified by configure. + +Fri Apr 21 21:00:40 1995 Theodore Y. Ts'o (tytso@dcl) + + * osconf.h: Add #define's for DEFAULT_PROFILE_FILENAME. + +Tue Mar 28 19:49:56 1995 Keith Vetter (keithv@fusion.com) + + * osconf.h: moved the differing part of osconf.win inside it. + * osconf.win: deleted. + +Tue Mar 7 15:09:44 1995 Keith Vetter (keithv@fusion.com) + + * osconf.win: new file. Windows version of osconf with valid + path names. + +Mon Feb 20 12:30:42 1995 John Gilmore (gnu at toad.com) + + * config.h, config.win: Remove; merge them both into ../config.h. + Now that we aren't using imake, this isn't a generated header file. + +Mon Feb 20 15:25:26 1995 Keith Vetter (keithv@fusion.com) + + * config.h: changed API to INTERFACE. + * config.win: changed API to INTERFACE and changed BITS16 + to SIZEOF_INT/SIZEOF_LONG to track an autoconf change. + +Mon Feb 6 20:5:58 1995 Keith Vetter (keithv@fusion.com) + + * config.win: new file--windows base template for config.h + * config.h: added API definition default of NULL + +Thu Jan 5 17:01:03 1995 Theodore Y. Ts'o (tytso@dcl) + + * Use the service names kerberos and kerberos-sec, instead of + kerberos5 and kerberos4 --- the official port name is + kerberos, after all! + +Wed Nov 30 16:18:29 1994 Theodore Y. Ts'o (tytso@dcl) + + * osconf.h, config.h: Remove remnants of unifdef support for + building osconf.h and config.h, left over from the imake + build system. + + * osconf.h: Add #ifdef for Athena configuration. + +Thu Oct 13 16:58:53 1994 Theodore Y. Ts'o (tytso@dcl) + + * config.h: Define PROVIDE_DES_CBC_MD5 so that we include this + cryptosystem. + diff --git a/src/include/stock/osconf.h b/src/include/stock/osconf.h new file mode 100644 index 0000000000..03b2ce651d --- /dev/null +++ b/src/include/stock/osconf.h @@ -0,0 +1,130 @@ +/* + * include/krb5/stock/osconf.h + * + * Copyright 1990,1991 by the Massachusetts Institute of Technology. + * All Rights Reserved. + * + * Export of this software from the United States of America may + * require a specific license from the United States Government. + * It is the responsibility of any person or organization contemplating + * export to obtain such a license before exporting. + * + * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and + * distribute this software and its documentation for any purpose and + * without fee is hereby granted, provided that the above copyright + * notice appear in all copies and that both that copyright notice and + * this permission notice appear in supporting documentation, and that + * the name of M.I.T. not be used in advertising or publicity pertaining + * to distribution of the software without specific, written prior + * permission. Furthermore if you modify this software you must label + * your software as modified software and not distribute it in such a + * fashion that it might be confused with the original M.I.T. software. + * M.I.T. makes no representations about the suitability of + * this software for any purpose. It is provided "as is" without express + * or implied warranty. + * + * + * Site- and OS- dependant configuration. + */ + +#ifndef KRB5_OSCONF__ +#define KRB5_OSCONF__ + +#if !defined(_WIN32) + /* Don't try to pull in autoconf.h for Windows, since it's not used */ +#ifndef KRB5_AUTOCONF__ +#define KRB5_AUTOCONF__ +#include "autoconf.h" +#endif +#endif + +#if defined(_WIN32) +#define DEFAULT_PROFILE_FILENAME "krb5.ini" +#define DEFAULT_LNAME_FILENAME "/aname" +#define DEFAULT_KEYTAB_NAME "FILE:%s\\krb5kt" +#else /* !_WINDOWS */ +#if TARGET_OS_MAC +#define DEFAULT_SECURE_PROFILE_PATH "/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:@SYSCONFDIR/krb5.conf" +#define DEFAULT_PROFILE_PATH ("~/Library/Preferences/edu.mit.Kerberos" ":" DEFAULT_SECURE_PROFILE_PATH) +#else +#define DEFAULT_SECURE_PROFILE_PATH "/etc/krb5.conf:@SYSCONFDIR/krb5.conf" +#define DEFAULT_PROFILE_PATH DEFAULT_SECURE_PROFILE_PATH +#endif +#define DEFAULT_KEYTAB_NAME "FILE:/etc/krb5.keytab" +#define DEFAULT_LNAME_FILENAME "@PREFIX/lib/krb5.aname" +#endif /* _WINDOWS */ + +#define DEFAULT_KDB_FILE "@LOCALSTATEDIR/krb5kdc/principal" +#define DEFAULT_KEYFILE_STUB "@LOCALSTATEDIR/krb5kdc/.k5." +#define KRB5_DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/krb5_adm.acl" +/* Used by old admin server */ +#define DEFAULT_ADMIN_ACL "@LOCALSTATEDIR/krb5kdc/kadm_old.acl" + +/* Location of KDC profile */ +#define DEFAULT_KDC_PROFILE "@LOCALSTATEDIR/krb5kdc/kdc.conf" +#define KDC_PROFILE_ENV "KRB5_KDC_PROFILE" + +#define DEFAULT_KDB_LIB_PATH { "@MODULEDIR/kdb", NULL } +#define MODULE_PATH "@MODULEDIR" + +#define DEFAULT_KDC_ENCTYPE ENCTYPE_DES3_CBC_SHA1 +#define KDCRCACHE "dfl:krb5kdc_rcache" + +#define KDC_PORTNAME "kerberos" /* for /etc/services or equiv. */ +#define KDC_SECONDARY_PORTNAME "kerberos-sec" /* For backwards */ + /* compatibility with */ + /* port 750 clients */ + +#define KRB5_DEFAULT_PORT 88 +#define KRB5_DEFAULT_SEC_PORT 750 + +#define DEFAULT_KPASSWD_PORT 464 +#define KPASSWD_PORTNAME "kpasswd" + +#define DEFAULT_KDC_UDP_PORTLIST "88,750" +#define DEFAULT_KDC_TCP_PORTLIST "" + +/* + * Defaults for the KADM5 admin system. + */ +#define DEFAULT_KADM5_KEYTAB "@LOCALSTATEDIR/krb5kdc/kadm5.keytab" +#define DEFAULT_KADM5_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kadm5.acl" +#define DEFAULT_KADM5_PORT 749 /* assigned by IANA */ + +#define MAX_DGRAM_SIZE 4096 +#define MAX_SKDC_TIMEOUT 30 +#define SKDC_TIMEOUT_SHIFT 2 /* left shift of timeout for backoff */ +#define SKDC_TIMEOUT_1 1 /* seconds for first timeout */ + +#define RCTMPDIR "@KRB5RCTMPDIR" /* directory to store replay caches */ + +#define KRB5_PATH_TTY "/dev/tty" +#define KRB5_PATH_LOGIN "@SBINDIR/login.krb5" +#define KRB5_PATH_RLOGIN "@BINDIR/rlogin" + +#define KRB5_ENV_CCNAME "KRB5CCNAME" + +/* + * krb4 kadmin stuff follows + */ + +/* the default syslog file */ +#define KADM_SYSLOG "@LOCALSTATEDIR/krb5kdc/admin_server.syslog" + +/* where to find the bad password table */ +#define PW_CHECK_FILE "@LOCALSTATEDIR/krb5kdc/bad_passwd" + +#define DEFAULT_ACL_DIR "@LOCALSTATEDIR/krb5kdc" + +/* + * krb5 slave support follows + */ + +#define KPROP_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/slave_datatrans" +#define KPROPD_DEFAULT_FILE "@LOCALSTATEDIR/krb5kdc/from_master" +#define KPROPD_DEFAULT_KDB5_UTIL "@SBINDIR/kdb5_util" +#define KPROPD_DEFAULT_KDB5_EDIT "@SBINDIR/kdb5_edit" +#define KPROPD_DEFAULT_KRB_DB DEFAULT_KDB_FILE +#define KPROPD_ACL_FILE "@LOCALSTATEDIR/krb5kdc/kpropd.acl" + +#endif /* KRB5_OSCONF__ */ -- cgit