Fix lots of things to compile on Unix. Fix some typos

By means of carrying through local addresses in many places, eliminate
or reduce sections of code depending on TARGET_OS_MAC conditionals.

Conditionalize some prototypes in krb.h with KRB_PRIVATE, to avoid
leakage on Mac.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@15173 dc483132-0cff-0310-8789-dd5450dbe970

11 files changed, 150 insertions, 56 deletions

diff --git a/src/lib/des425/ChangeLog b/src/lib/des425/ChangeLog
index 91bc5f7d3..cb2881b5e 100644
--- a/src/lib/des425/ChangeLog
+++ b/src/lib/des425/ChangeLog
@@ -1,3 +1,8 @@
+2003-02-10  Tom Yu  <tlyu@mit.edu>
+
+	* str_to_key.c (afs_string_to_key): Move out from under
+	TARGET_OS_MAC conditional.
+
 2003-01-10  Ken Raeburn  <raeburn@mit.edu>
 
 	* configure.in: Don't explicitly invoke AC_PROG_INSTALL, or check
diff --git a/src/lib/des425/str_to_key.c b/src/lib/des425/str_to_key.c
index ccbf80621..ce95a531f 100644
--- a/src/lib/des425/str_to_key.c
+++ b/src/lib/des425/str_to_key.c
@@ -150,7 +150,6 @@ des_string_to_key(str,key)
 				/* can do dumb things sometimes */
 }
 
-#if TARGET_OS_MAC
 char *mit_afs_crypt (const char *, const char *, const char *);
 
 void afs_string_to_key(char *str, char *cell, des_cblock key)
@@ -170,6 +169,7 @@ void afs_string_to_key(char *str, char *cell, des_cblock key)
     mit_afs_string_to_key(&keyblock, &str_data, &cell_data);
 }
 
+#if TARGET_OS_MAC
 char *des_crypt(const char *str, const char *salt)
 {
     char afs_buf[16];
diff --git a/src/lib/krb4/CCache-glue.c b/src/lib/krb4/CCache-glue.c
index 27204c438..1a9d7ed09 100644
--- a/src/lib/krb4/CCache-glue.c
+++ b/src/lib/krb4/CCache-glue.c
@@ -106,12 +106,28 @@ in_tkt (
         return KSUCCESS;
 }
 
+int KRB5_CALLCONV
+krb_save_credentials(
+    char	*service,
+    char	*instance,
+    char	*realm,
+    C_Block	session,
+    int		lifetime,
+    int		kvno,
+    KTEXT	ticket,
+    long	issue_date)
+{
+    return krb4int_save_credentials_addr(service, instance, realm,
+					 session, lifetime, kvno,
+					 ticket, issue_date, 0);
+}
+
 /*
  * Store a ticket into the default credentials cache
  * cache must exist (if it didn't exist, it would have been created by in_tkt)
  */
 int
-krb_save_credentials (
+krb4int_save_credentials_addr(
 	char*			service,
 	char*			instance,
 	char*			realm,
diff --git a/src/lib/krb4/ChangeLog b/src/lib/krb4/ChangeLog
index b798a560f..fbef40e26 100644
--- a/src/lib/krb4/ChangeLog
+++ b/src/lib/krb4/ChangeLog
@@ -1,3 +1,39 @@
+2003-02-10  Tom Yu  <tlyu@mit.edu>
+
+	* CCache-glue.c (krb4int_save_credentials_addr): Renamed from
+	krb_save_credentials().
+	(krb_save_credentials): Implement in terms of
+	krb4int_save_credentials_addr().
+
+	* Makefile.in (SRCS, OBJS): Add password_to_key.
+
+	* g_ad_tkt.c (get_ad_tkt): Call krb4int_send_to_kdc_addr() instead
+	of send_to_kdc().  Call krb4int_save_credentials_addr() instead of
+	krb_save_credentials().  These changes deal with Mac-specific
+	storage of the local address without introducing more
+	conditionally compiled code.
+
+	* g_in_tkt.c: Fix to minimize Mac-specific code.  Basically, pass
+	around local address in lots of places.  There is still a
+	Mac-specific difference involving krb_get_in_tkt_creds().
+
+	* krb4int.h: Include port-sockets.h to get some socket stuff for
+	some prototypes.  Update prototype for
+	krb_get_in_tkt_preauth_creds().  Add prototypes for
+	krb4int_save_credentials_addr() and krb4int_send_to_kdc_addr().
+
+	* password_to_key.c (krb_get_keyprocs): Fix typo.
+	(mit_passwd_to_key, krb5_passwd_to_key): mit_string_to_key ->
+	des_string_to_key.
+
+	* save_creds.c (krb_save_credentials): Re-implement in terms of
+	krb4itn_save_credentials_addr(), which is what library internals
+	will call.
+	(krb4int_save_credentials_addr): Renamed from
+	krb_save_credentials.
+
+	* tkt_string.c (krb_set_tkt_string): Fix to take const char *.
+
 2003-02-10  Alexandra Ellwood <lxs@mit.edu>
     Note: these checkins are partial progress for Tom Yu.
     They probably don't build; Tom is expecting that.
diff --git a/src/lib/krb4/Makefile.in b/src/lib/krb4/Makefile.in
index c9b9ff889..c54cd02c6 100644
--- a/src/lib/krb4/Makefile.in
+++ b/src/lib/krb4/Makefile.in
@@ -56,6 +56,7 @@ OBJS	= \
 	$(OUTPRE)mk_req.$(OBJEXT) \
 	$(OUTPRE)mk_safe.$(OBJEXT) \
 	$(OUTPRE)month_sname.$(OBJEXT) \
+	$(OUTPRE)password_to_key.$(OBJEXT) \
 	$(OUTPRE)prot_client.$(OBJEXT) \
 	$(OUTPRE)prot_common.$(OBJEXT) \
 	$(OUTPRE)prot_kdc.$(OBJEXT) \
@@ -99,6 +100,7 @@ SRCS = \
 	mk_req.c \
 	mk_safe.c \
 	month_sname.c \
+	password_to_key.c \
 	pkt_cipher.c \
 	pkt_clen.c \
 	prot_client.c \
diff --git a/src/lib/krb4/g_ad_tkt.c b/src/lib/krb4/g_ad_tkt.c
index 1558b65a1..daae7515f 100644
--- a/src/lib/krb4/g_ad_tkt.c
+++ b/src/lib/krb4/g_ad_tkt.c
@@ -26,6 +26,7 @@
 
 #include "krb.h"
 #include "des.h"
+#include "krb4int.h"
 #include "prot.h"
 #include <string.h>
 
@@ -249,6 +250,8 @@ get_ad_tkt(service, sinstance, realm, lifetime)
     char rlm[REALM_SZ];
     unsigned char *ptr;
     KRB4_32 t_local;
+    struct sockaddr_in laddr;
+    socklen_t addrlen;
     unsigned KRB4_32 kdc_time;   /* KDC time */
     size_t snamelen, sinstlen;
 
@@ -331,7 +334,9 @@ get_ad_tkt(service, sinstance, realm, lifetime)
 
     /* Send the request to the local ticket-granting server */
     rpkt->length = 0;
-    kerror = send_to_kdc(pkt, rpkt, realm);
+    addrlen = sizeof(laddr);
+    kerror = krb4int_send_to_kdc_addr(pkt, rpkt, realm,
+				      (struct sockaddr *)&laddr, &addrlen);
 
     if (!kerror) {
 	/* No error; parse return packet from KDC. */
@@ -355,8 +360,10 @@ get_ad_tkt(service, sinstance, realm, lifetime)
 	return kerror;
     }
 
-    kerror = krb_save_credentials(s_name, s_instance, rlm,
-				  ses, lifetime, kvno, tkt, t_local);
+    kerror = krb4int_save_credentials_addr(s_name, s_instance, rlm,
+					   ses, lifetime, kvno, tkt,
+					   t_local,
+					   laddr.sin_addr.s_addr);
     /*
      * Unconditionally stomp on ses because we don't need it anymore.
      */
diff --git a/src/lib/krb4/g_in_tkt.c b/src/lib/krb4/g_in_tkt.c
index bebdd009c..debfee4f4 100644
--- a/src/lib/krb4/g_in_tkt.c
+++ b/src/lib/krb4/g_in_tkt.c
@@ -159,9 +159,7 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
 
     int msg_byte_order;
     int kerror;
-#if TARGET_OS_MAC
     socklen_t addrlen;
-#endif
 #if 0
     unsigned long exp_date;
 #endif
@@ -218,13 +216,10 @@ krb_mk_in_tkt_preauth(user, instance, realm, service, sinstance, life,
 
     /* SEND THE REQUEST AND RECEIVE THE RETURN PACKET */
     rpkt->length = 0;
-#if TARGET_OS_MAC
-    addrlen = sizeof(struct sockaddr_in)
+    addrlen = sizeof(struct sockaddr_in);
     kerror = krb4int_send_to_kdc_addr(pkt, rpkt, realm,
-				      local_addr, &addrlen);
-#else
-    kerror = send_to_kdc(pkt, rpkt, realm);
-#endif
+				      (struct sockaddr *)local_addr,
+				      &addrlen);
     if (kerror)
 	return kerror;
 
@@ -397,7 +392,7 @@ krb_parse_in_tkt_creds(user, instance, realm, service, sinstance, life, cip,
 int
 krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life,
 			     key_proc, decrypt_proc,
-			     arg, preauth_p, preauth_len, creds)
+			     arg, preauth_p, preauth_len, creds, laddrp)
     char *user;
     char *instance;
     char *realm;
@@ -410,6 +405,7 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life,
     char *preauth_p;
     int   preauth_len;
     CREDENTIALS *creds;
+    KRB_UINT32 *laddrp;
 {
     KTEXT_ST cip_st;
     KTEXT cip = &cip_st;	/* Returned Ciphertext */
@@ -417,21 +413,12 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life,
     int byteorder;
     key_proc_type *keyprocs = krb_get_keyprocs (key_proc);
     int i = 0;
-#if TARGET_OS_MAC
     struct sockaddr_in local_addr;
-#endif
 
-#if TARGET_OS_MAC
     kerror = krb_mk_in_tkt_preauth(user, instance, realm, 
 				   service, sinstance,
 				   life, preauth_p, preauth_len,
 				   cip, &byteorder, &local_addr);
-#else
-    kerror = krb_mk_in_tkt_preauth(user, instance, realm, 
-				   service, sinstance,
-				   life, preauth_p, preauth_len,
-				   cip, &byteorder, NULL);
-#endif
     if (kerror)
 	return kerror;
     
@@ -445,12 +432,11 @@ krb_get_in_tkt_preauth_creds(user, instance, realm, service, sinstance, life,
         }
         kerror = krb_parse_in_tkt_creds(user, instance, realm,
                     service, sinstance, life, cip, byteorder, creds);
-    } while ((keyprocs [++i] != NULL) && (kerror == INTK_BADPW))
-    
-#if TARGET_OS_MAC
-    /* Do this here to avoid OS dependency in parse_in_tkt prototype. */
-    creds->address = local_addr->sin_addr.s_addr;
-#endif
+    } while ((keyprocs [++i] != NULL) && (kerror == INTK_BADPW));
+
+    if (laddrp != NULL)
+	*laddrp = local_addr.sin_addr.s_addr;
+
     /* stomp stomp stomp */
     memset(cip->dat, 0, (size_t)cip->length);
     return kerror;
@@ -470,10 +456,17 @@ krb_get_in_tkt_creds(user, instance, realm, service, sinstance, life,
     char *arg;
     CREDENTIALS *creds;
 {
+#if TARGET_OS_MAC /* XXX */
     return krb_get_in_tkt_preauth_creds(user, instance, realm,
 					service, sinstance, life,
 					key_proc, decrypt_proc, arg,
-					NULL, 0, creds);
+					NULL, 0, creds, &creds.address);
+#else
+    return krb_get_in_tkt_preauth_creds(user, instance, realm,
+					service, sinstance, life,
+					key_proc, decrypt_proc, arg,
+					NULL, 0, creds, NULL);
+#endif
 }
 
 int KRB5_CALLCONV
@@ -493,6 +486,7 @@ krb_get_in_tkt_preauth(user, instance, realm, service, sinstance, life,
     int   preauth_len;
 {
     int retval;
+    KRB_UINT32 laddr;
     CREDENTIALS creds;
 
     do {
@@ -500,24 +494,17 @@ krb_get_in_tkt_preauth(user, instance, realm, service, sinstance, life,
 					      service, sinstance, life,
 					      key_proc, decrypt_proc,
 					      arg, preauth_p, preauth_len,
-					      &creds);
+					      &creds, &laddr);
 	if (retval != KSUCCESS) break;
 	if (in_tkt(user, instance) != KSUCCESS) {
 	    retval = INTK_ERR;
 	    break;
 	}
-#if TARGET_OS_MAC /* XXX */
-	retval = krb_save_credentials_addr(creds.service, creds.instance,
-					   creds.realm, creds.session,
-					   creds.lifetime, creds.kvno,
-					   &creds.ticket_st, creds.issue_date,
-					   creds.address);
-#else
-	retval = krb_save_credentials(creds.service, creds.instance,
-				      creds.realm, creds.session,
-				      creds.lifetime, creds.kvno,
-				      &creds.ticket_st, creds.issue_date);
-#endif
+	retval = krb4int_save_credentials_addr(creds.service, creds.instance,
+					       creds.realm, creds.session,
+					       creds.lifetime, creds.kvno,
+					       &creds.ticket_st,
+					       creds.issue_date, laddr);
 	if (retval != KSUCCESS) break;
     } while (0);
     memset(&creds, 0, sizeof(creds));
diff --git a/src/lib/krb4/krb4int.h b/src/lib/krb4/krb4int.h
index 0b0c19b99..0a09378cf 100644
--- a/src/lib/krb4/krb4int.h
+++ b/src/lib/krb4/krb4int.h
@@ -27,6 +27,8 @@
  * be available for self consistancy in the library.
  */
 
+#include "port-sockets.h"
+
 /* ad_print.c */
 void ad_print(AUTH_DAT *x);
 
@@ -54,7 +56,8 @@ int k_gethostname(char *, int);
 int krb_get_in_tkt_preauth_creds(char *, char *, char *,
 				 char *, char *, int,
 				 key_proc_type, decrypt_tkt_type,
-				 char *, char *, int, CREDENTIALS *);
+				 char *, char *, int, CREDENTIALS *,
+				 KRB_UINT32 *);
 
 /* klog.c */
 void kset_logfile(char *);
@@ -109,3 +112,9 @@ int krb_get_stk(KRB_UINT32 *type, char *realm);
 /* err_txt.c */
 void krb4int_et_init(void);
 void krb4int_et_fini(void);
+
+int krb4int_save_credentials_addr(
+    char *, char *, char *, C_Block, int, int, KTEXT, long, KRB_UINT32);
+
+int krb4int_send_to_kdc_addr(KTEXT, KTEXT, char *,
+			     struct sockaddr *, socklen_t *);
diff --git a/src/lib/krb4/password_to_key.c b/src/lib/krb4/password_to_key.c
index b4b4d00b3..ee040fc51 100644
--- a/src/lib/krb4/password_to_key.c
+++ b/src/lib/krb4/password_to_key.c
@@ -64,7 +64,7 @@ key_proc_type *krb_get_keyprocs (key_proc_type keyproc)
     static key_proc_type user_keyprocs[2] = { NULL, NULL };
     
     /* generate the list of key procs */
-    if (key_proc == NULL) {
+    if (keyproc == NULL) {
         return default_keyprocs; /* use the default */
     } else {
         user_keyprocs[0] = keyproc;
@@ -80,7 +80,7 @@ int mit_passwd_to_key(char *user, char *instance, char *realm,
 #pragma unused(realm)
 
     if (passwd) {
-        mit_string_to_key(passwd, key);
+        des_string_to_key(passwd, key);
     } else {
 #if !(defined(_WIN32) || defined(USE_LOGIN_LIBRARY))
         des_read_password((des_cblock *)key, "Password: ", 0);
@@ -101,7 +101,7 @@ int krb5_passwd_to_key(char *user, char *instance, char *realm,
         if (p != NULL) {
             snprintf (p, len, "%s%s%s%s", passwd, realm, user, instance);
             p[len - 1] = '\0';
-            mit_string_to_key (p, key);
+            des_string_to_key (p, key);
             free (p);
             return 0;
         }
diff --git a/src/lib/krb4/save_creds.c b/src/lib/krb4/save_creds.c
index 67ec402f1..62961c1b5 100644
--- a/src/lib/krb4/save_creds.c
+++ b/src/lib/krb4/save_creds.c
@@ -1,14 +1,29 @@
 /*
  * save_creds.c
  *
- * Copyright 1985, 1986, 1987, 1988 by the Massachusetts Institute
- * of Technology.
+ * Copyright 1985, 1986, 1987, 1988, 2002 by the Massachusetts
+ * Institute of Technology.  All Rights Reserved.
  *
- * For copying and distribution information, please see the file
- * <mit-copyright.h>.
+ * Export of this software from the United States of America may
+ *   require a specific license from the United States Government.
+ *   It is the responsibility of any person or organization contemplating
+ *   export to obtain such a license before exporting.
+ * 
+ * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
+ * distribute this software and its documentation for any purpose and
+ * without fee is hereby granted, provided that the above copyright
+ * notice appear in all copies and that both that copyright notice and
+ * this permission notice appear in supporting documentation, and that
+ * the name of M.I.T. not be used in advertising or publicity pertaining
+ * to distribution of the software without specific, written prior
+ * permission.  Furthermore if you modify this software you must label
+ * your software as modified software and not distribute it in such a
+ * fashion that it might be confused with the original M.I.T. software.
+ * M.I.T. makes no representations about the suitability of
+ * this software for any purpose.  It is provided "as is" without express
+ * or implied warranty.
  */
 
-#include "mit-copyright.h"
 #include <stdio.h>
 #include "krb.h"
 #include "krb4int.h"
@@ -29,9 +44,9 @@
  * to avoid namespace pollution.
  */
 
-int KRB5_CALLCONV
-krb_save_credentials(service, instance, realm, session, lifetime, kvno,
-                 ticket, issue_date)
+int
+krb4int_save_credentials_addr(service, instance, realm, session, lifetime, kvno,
+                 ticket, issue_date, local_addr)
     char *service;		/* Service name */
     char *instance;		/* Instance */
     char *realm;		/* Auth domain */
@@ -40,6 +55,7 @@ krb_save_credentials(service, instance, realm, session, lifetime, kvno,
     int kvno;			/* Key version number */
     KTEXT ticket;		/* The ticket itself */
     long issue_date;		/* The issue time */
+    KRB_UINT32 local_addr;
 {
     int tf_status;   /* return values of the tf_util calls */
 
@@ -53,3 +69,19 @@ krb_save_credentials(service, instance, realm, session, lifetime, kvno,
     (void) tf_close();
     return (tf_status);
 }
+
+int KRB5_CALLCONV
+krb_save_credentials(
+    char	*service,
+    char	*instance,
+    char	*realm,
+    C_Block	session,
+    int		lifetime,
+    int		kvno,
+    KTEXT	ticket,
+    long	issue_date)
+{
+    return krb4int_save_credentials_addr(service, instance, realm,
+					 session, lifetime, kvno,
+					 ticket, issue_date, 0);
+}
diff --git a/src/lib/krb4/tkt_string.c b/src/lib/krb4/tkt_string.c
index b434845eb..70eb60e86 100644
--- a/src/lib/krb4/tkt_string.c
+++ b/src/lib/krb4/tkt_string.c
@@ -92,7 +92,7 @@ const char *tkt_string()
 
 void KRB5_CALLCONV
 krb_set_tkt_string(val)
-char *val;
+    const char *val;
 {
     (void) strncpy(krb_ticket_string, val, sizeof(krb_ticket_string)-1);
     krb_ticket_string[sizeof(krb_ticket_string)-1] = '\0';