diff options
| author | Ken Raeburn <raeburn@mit.edu> | 2006-10-07 07:39:24 +0000 |
|---|---|---|
| committer | Ken Raeburn <raeburn@mit.edu> | 2006-10-07 07:39:24 +0000 |
| commit | 50f58269a251ef9931aab895982f8b69f4ab7780 (patch) | |
| tree | c966e8d394650564975e4a2368945321265cd35d /src/plugins | |
| parent | daeeb865c329f2eb00eadb9f6d2e344f8c2d0e57 (diff) | |
| download | krb5-50f58269a251ef9931aab895982f8b69f4ab7780.tar.gz krb5-50f58269a251ef9931aab895982f8b69f4ab7780.tar.xz krb5-50f58269a251ef9931aab895982f8b69f4ab7780.zip | |
Move ASN.1 routines for KDB LDAP plugin into main krb5 library,
accessed via krb5int_access.
git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@18666 dc483132-0cff-0310-8789-dd5450dbe970
Diffstat (limited to 'src/plugins')
| -rw-r--r-- | src/plugins/kdb/ldap/Makefile.in | 14 | ||||
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/Makefile.in | 223 | ||||
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c | 14 | ||||
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c | 41 | ||||
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.c | 463 | ||||
| -rw-r--r-- | src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.h | 9 |
6 files changed, 206 insertions, 558 deletions
diff --git a/src/plugins/kdb/ldap/Makefile.in b/src/plugins/kdb/ldap/Makefile.in index b7378bd5b..a3c483218 100644 --- a/src/plugins/kdb/ldap/Makefile.in +++ b/src/plugins/kdb/ldap/Makefile.in @@ -57,8 +57,12 @@ ldap_exp.so ldap_exp.po $(OUTPRE)ldap_exp.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h $(srcdir)/libkdb_ldap/kdb_ldap.h \ - $(srcdir)/libkdb_ldap/ldap_krbcontainer.h $(srcdir)/libkdb_ldap/ldap_principal.h \ - $(srcdir)/libkdb_ldap/ldap_pwd_policy.h $(srcdir)/libkdb_ldap/ldap_realm.h \ - $(srcdir)/libkdb_ldap/ldap_tkt_policy.h ldap_exp.c + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + $(srcdir)/libkdb_ldap/kdb_ldap.h $(srcdir)/libkdb_ldap/ldap_krbcontainer.h \ + $(srcdir)/libkdb_ldap/ldap_principal.h $(srcdir)/libkdb_ldap/ldap_pwd_policy.h \ + $(srcdir)/libkdb_ldap/ldap_realm.h $(srcdir)/libkdb_ldap/ldap_tkt_policy.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + ldap_exp.c diff --git a/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in b/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in index ca5b7851f..2cf9ae3cd 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in +++ b/src/plugins/kdb/ldap/libkdb_ldap/Makefile.in @@ -35,6 +35,9 @@ SHLIB_EXPLIBS= $(GSSRPC_LIBS) -lkrb5 -lk5crypto $(COM_ERR_LIB) $(SUPPORT_LIB) @L SHLIB_DIRS=-L$(TOPLIBD) SHLIB_RDIRS=$(KRB5_LIBDIR) +LIBINITFUNC= kldap_init_fn +LIBFINIFUNC= + SRCS= $(srcdir)/kdb_ldap.c \ $(srcdir)/kdb_ldap_conn.c \ $(srcdir)/ldap_realm.c \ @@ -52,8 +55,7 @@ SRCS= $(srcdir)/kdb_ldap.c \ $(srcdir)/ldap_fetch_mkey.c \ $(srcdir)/ldap_service_stash.c \ $(srcdir)/kdb_xdr.c \ - $(srcdir)/ldap_err.c \ - $(srcdir)/princ_key_encode_decode.c + $(srcdir)/ldap_err.c STOBJLISTS=OBJS.ST STLIBOBJS= kdb_ldap.o \ @@ -73,8 +75,7 @@ STLIBOBJS= kdb_ldap.o \ ldap_fetch_mkey.o \ ldap_service_stash.o \ kdb_xdr.o \ - ldap_err.o \ - princ_key_encode_decode.o + ldap_err.o all-unix:: all-liblinks install-unix:: install-libs @@ -95,9 +96,13 @@ kdb_ldap.so kdb_ldap.po $(OUTPRE)kdb_ldap.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.c kdb_ldap.h ldap_err.h \ - ldap_krbcontainer.h ldap_misc.h ldap_realm.h ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.c kdb_ldap.h ldap_err.h ldap_krbcontainer.h \ + ldap_misc.h ldap_realm.h ldap_services.h kdb_ldap_conn.so kdb_ldap_conn.po $(OUTPRE)kdb_ldap_conn.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -105,10 +110,14 @@ kdb_ldap_conn.so kdb_ldap_conn.po $(OUTPRE)kdb_ldap_conn.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h kdb_ldap_conn.c \ - ldap_handle.h ldap_krbcontainer.h ldap_main.h ldap_misc.h \ - ldap_realm.h ldap_service_stash.h ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h kdb_ldap_conn.c ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_realm.h ldap_service_stash.h \ + ldap_services.h ldap_realm.so ldap_realm.po $(OUTPRE)ldap_realm.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -116,10 +125,29 @@ ldap_realm.so ldap_realm.po $(OUTPRE)ldap_realm.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_principal.h \ - ldap_realm.c ldap_realm.h ldap_services.h ldap_tkt_policy.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_principal.h ldap_realm.c \ + ldap_realm.h ldap_services.h ldap_tkt_policy.h +ldap_create.so ldap_create.po $(OUTPRE)ldap_create.$(OBJEXT): \ + $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ + $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ + $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int.h \ + $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ + $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ + $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_create.c ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_principal.h ldap_realm.h \ + ldap_services.h ldap_tkt_policy.h ldap_krbcontainer.so ldap_krbcontainer.po $(OUTPRE)ldap_krbcontainer.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -127,10 +155,14 @@ ldap_krbcontainer.so ldap_krbcontainer.po $(OUTPRE)ldap_krbcontainer.$(OBJEXT): $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.c ldap_krbcontainer.h ldap_main.h \ - ldap_misc.h ldap_realm.h ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.c \ + ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \ + ldap_services.h ldap_principal.so ldap_principal.po $(OUTPRE)ldap_principal.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \ @@ -144,11 +176,14 @@ ldap_principal.so ldap_principal.po $(OUTPRE)ldap_principal.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_principal.c \ - ldap_principal.h ldap_realm.h ldap_services.h ldap_tkt_policy.h \ - princ_xdr.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_principal.c ldap_principal.h \ + ldap_realm.h ldap_services.h ldap_tkt_policy.h princ_xdr.h ldap_principal2.so ldap_principal2.po $(OUTPRE)ldap_principal2.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \ @@ -162,11 +197,15 @@ ldap_principal2.so ldap_principal2.po $(OUTPRE)ldap_principal2.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_principal.h \ - ldap_principal2.c ldap_pwd_policy.h ldap_realm.h ldap_services.h \ - ldap_tkt_policy.h princ_xdr.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_principal.h ldap_principal2.c \ + ldap_pwd_policy.h ldap_realm.h ldap_services.h ldap_tkt_policy.h \ + princ_xdr.h ldap_pwd_policy.so ldap_pwd_policy.po $(OUTPRE)ldap_pwd_policy.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -174,10 +213,14 @@ ldap_pwd_policy.so ldap_pwd_policy.po $(OUTPRE)ldap_pwd_policy.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_pwd_policy.c \ - ldap_pwd_policy.h ldap_realm.h ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_pwd_policy.c ldap_pwd_policy.h \ + ldap_realm.h ldap_services.h ldap_misc.so ldap_misc.po $(OUTPRE)ldap_misc.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -185,9 +228,13 @@ ldap_misc.so ldap_misc.po $(OUTPRE)ldap_misc.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_krbcontainer.h \ - ldap_misc.c ldap_misc.h ldap_realm.h ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_krbcontainer.h ldap_misc.c \ + ldap_misc.h ldap_realm.h ldap_services.h ldap_handle.so ldap_handle.po $(OUTPRE)ldap_handle.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -195,10 +242,13 @@ ldap_handle.so ldap_handle.po $(OUTPRE)ldap_handle.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_handle.c ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \ - ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_handle.c ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_realm.h ldap_services.h ldap_tkt_policy.so ldap_tkt_policy.po $(OUTPRE)ldap_tkt_policy.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -206,10 +256,14 @@ ldap_tkt_policy.so ldap_tkt_policy.po $(OUTPRE)ldap_tkt_policy.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \ - ldap_services.h ldap_tkt_policy.c ldap_tkt_policy.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_realm.h ldap_services.h \ + ldap_tkt_policy.c ldap_tkt_policy.h ldap_services.so ldap_services.po $(OUTPRE)ldap_services.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -217,10 +271,14 @@ ldap_services.so ldap_services.po $(OUTPRE)ldap_services.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \ - ldap_services.c ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_realm.h ldap_services.c \ + ldap_services.h ldap_service_rights.so ldap_service_rights.po $(OUTPRE)ldap_service_rights.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -228,10 +286,14 @@ ldap_service_rights.so ldap_service_rights.po $(OUTPRE)ldap_service_rights.$(OBJ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_err.h ldap_handle.h \ - ldap_krbcontainer.h ldap_main.h ldap_misc.h ldap_realm.h \ - ldap_service_rights.c ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_err.h ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_realm.h ldap_service_rights.c \ + ldap_services.h princ_xdr.so princ_xdr.po $(OUTPRE)princ_xdr.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/gssapi/gssapi.h \ $(BUILDTOP)/include/gssrpc/types.h $(BUILDTOP)/include/krb5/krb5.h \ @@ -245,10 +307,13 @@ princ_xdr.so princ_xdr.po $(OUTPRE)princ_xdr.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_krbcontainer.h \ - ldap_principal.h ldap_realm.h ldap_tkt_policy.h princ_xdr.c \ - princ_xdr.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_krbcontainer.h ldap_principal.h ldap_realm.h \ + ldap_tkt_policy.h princ_xdr.c princ_xdr.h ldap_fetch_mkey.so ldap_fetch_mkey.po $(OUTPRE)ldap_fetch_mkey.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -256,10 +321,13 @@ ldap_fetch_mkey.so ldap_fetch_mkey.po $(OUTPRE)ldap_fetch_mkey.$(OBJEXT): \ $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_fetch_mkey.c \ - ldap_handle.h ldap_krbcontainer.h ldap_main.h ldap_misc.h \ - ldap_realm.h ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_fetch_mkey.c ldap_handle.h ldap_krbcontainer.h \ + ldap_main.h ldap_misc.h ldap_realm.h ldap_services.h ldap_service_stash.so ldap_service_stash.po $(OUTPRE)ldap_service_stash.$(OBJEXT): \ $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ @@ -267,30 +335,25 @@ ldap_service_stash.so ldap_service_stash.po $(OUTPRE)ldap_service_stash.$(OBJEXT $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/kdb/kdb5.h kdb_ldap.h ldap_handle.h ldap_krbcontainer.h \ - ldap_main.h ldap_misc.h ldap_realm.h ldap_service_stash.c \ - ldap_service_stash.h ldap_services.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h $(SRCTOP)/lib/kdb/kdb5.h \ + /var/raeburn/openldap/Install/include/lber.h /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + kdb_ldap.h ldap_handle.h ldap_krbcontainer.h ldap_main.h \ + ldap_misc.h ldap_realm.h ldap_service_stash.c ldap_service_stash.h \ + ldap_services.h kdb_xdr.so kdb_xdr.po $(OUTPRE)kdb_xdr.$(OBJEXT): $(BUILDTOP)/include/autoconf.h \ $(BUILDTOP)/include/krb5/krb5.h $(BUILDTOP)/include/osconf.h \ $(BUILDTOP)/include/profile.h $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h \ $(SRCTOP)/include/k5-int.h $(SRCTOP)/include/k5-platform.h \ $(SRCTOP)/include/k5-plugin.h $(SRCTOP)/include/k5-thread.h \ $(SRCTOP)/include/kdb.h $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - kdb_xdr.c kdb_xdr.h + $(SRCTOP)/include/krb5/preauth_plugin.h $(SRCTOP)/include/port-sockets.h \ + $(SRCTOP)/include/socket-utils.h kdb_xdr.c kdb_xdr.h ldap_err.so ldap_err.po $(OUTPRE)ldap_err.$(OBJEXT): \ - $(BUILDTOP)/include/kdb5_err.h $(COM_ERR_DEPS) ldap_err.c \ - ldap_err.h -princ_key_encode_decode.so princ_key_encode_decode.po $(OUTPRE)princ_key_encode_decode.$(OBJEXT): \ - $(BUILDTOP)/include/autoconf.h $(BUILDTOP)/include/krb5/krb5.h \ - $(BUILDTOP)/include/osconf.h $(BUILDTOP)/include/profile.h \ - $(COM_ERR_DEPS) $(SRCTOP)/include/k5-err.h $(SRCTOP)/include/k5-int.h \ - $(SRCTOP)/include/k5-platform.h $(SRCTOP)/include/k5-plugin.h \ - $(SRCTOP)/include/k5-thread.h $(SRCTOP)/include/kdb.h \ - $(SRCTOP)/include/krb5.h $(SRCTOP)/include/krb5/locate_plugin.h \ - $(SRCTOP)/include/port-sockets.h $(SRCTOP)/include/socket-utils.h \ - $(SRCTOP)/lib/krb5/asn.1/krbasn1.h $(SRCTOP)/lib/krb5/asn.1/asn1_encode.h \ - $(SRCTOP)/lib/krb5/asn.1/asn1_decode.h $(SRCTOP)/lib/krb5/asn.1/asn1_make.h \ - $(SRCTOP)/lib/krb5/asn.1/asn1_get.h \ - princ_key_encode_decode.c princ_key_encode_decode.h + $(BUILDTOP)/include/kdb5_err.h $(COM_ERR_DEPS) /var/raeburn/openldap/Install/include/lber.h \ + /var/raeburn/openldap/Install/include/lber_types.h \ + /var/raeburn/openldap/Install/include/ldap.h /var/raeburn/openldap/Install/include/ldap_cdefs.h \ + /var/raeburn/openldap/Install/include/ldap_features.h \ + ldap_err.c ldap_err.h diff --git a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c index cd4c1f070..236ff190b 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/kdb_ldap.c @@ -435,3 +435,17 @@ prepend_err_str (krb5_context ctx, const char *str, krb5_error_code err, omsg = krb5_get_error_message (ctx, err); krb5_set_error_message (ctx, err, "%s %s", str, omsg); } + +extern krb5int_access accessor; +MAKE_INIT_FUNCTION(kldap_init_fn); + +int kldap_init_fn(void) +{ + /* Global (per-module) initialization. */ + return krb5int_accessor (&accessor, KRB5INT_ACCESS_VERSION); +} + +int kldap_ensure_initialized(void) +{ + return CALL_INIT_FUNCTION (kldap_init_fn); +} diff --git a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c index 2f3987cb0..cb0d4c50f 100644 --- a/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c +++ b/src/plugins/kdb/ldap/libkdb_ldap/ldap_principal2.c @@ -36,7 +36,6 @@ #include "ldap_tkt_policy.h" #include "ldap_pwd_policy.h" #include "ldap_err.h" -#include "princ_key_encode_decode.h" extern char* principal_attributes[]; extern char* max_pwd_life_attr[]; @@ -559,6 +558,46 @@ cleanup: return st; } +krb5int_access accessor; +extern int kldap_ensure_initialized (void); + +static krb5_error_code +asn1_encode_sequence_of_keys (krb5_key_data *key_data, krb5_int16 n_key_data, + krb5_int32 mkvno, krb5_data **code) +{ + krb5_error_code err; + + /* + * This should be pushed back into other library initialization + * code. + */ + err = kldap_ensure_initialized (); + if (err) + return err; + + return accessor.asn1_ldap_encode_sequence_of_keys(key_data, n_key_data, + mkvno, code); +} + +static krb5_error_code +asn1_decode_sequence_of_keys (krb5_data *in, krb5_key_data **out, + krb5_int16 *n_key_data, int *mkvno) +{ + krb5_error_code err; + + /* + * This should be pushed back into other library initialization + * code. + */ + err = kldap_ensure_initialized (); + if (err) + return err; + + return accessor.asn1_ldap_decode_sequence_of_keys(in, out, n_key_data, + mkvno); +} + + /* Decoding ASN.1 encoded key */ static struct berval ** krb5_encode_krbsecretkey(krb5_key_data *key_data, int n_key_data) { diff --git a/src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.c b/src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.c deleted file mode 100644 index bde22e409..000000000 --- a/src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.c +++ /dev/null @@ -1,463 +0,0 @@ -/* ... copyright ... */ - -/* Novell key-format scheme: - - KrbKeySet ::= SEQUENCE { - attribute-major-vno [0] UInt16, - attribute-minor-vno [1] UInt16, - kvno [2] UInt32, - mkvno [3] UInt32 OPTIONAL, - keys [4] SEQUENCE OF KrbKey, - ... - } - - KrbKey ::= SEQUENCE { - salt [0] KrbSalt OPTIONAL, - key [1] EncryptionKey, - s2kparams [2] OCTET STRING OPTIONAL, - ... - } - - KrbSalt ::= SEQUENCE { - type [0] Int32, - salt [1] OCTET STRING OPTIONAL - } - - EncryptionKey ::= SEQUENCE { - keytype [0] Int32, - keyvalue [1] OCTET STRING - } - - */ - -#include <k5-int.h> -#include <kdb.h> - -#include "princ_key_encode_decode.h" -#include "krbasn1.h" -#include "asn1_encode.h" -#include "asn1_decode.h" -#include "asn1_make.h" -#include "asn1_get.h" - -#define cleanup(err) \ - { \ - ret = err; \ - goto last; \ - } - -#define checkerr \ - if (ret != 0) \ - goto last - -/************************************************************************/ -/* Encode the Principal's keys */ -/************************************************************************/ - -static asn1_error_code -asn1_encode_key(asn1buf *buf, - krb5_key_data key_data, - unsigned int *retlen) -{ - asn1_error_code ret = 0; - unsigned int length, sum = 0; - - /* Encode the key type and value. */ - { - unsigned int key_len = 0; - /* key value */ - ret = asn1_encode_octetstring (buf, - key_data.key_data_length[0], - key_data.key_data_contents[0], - &length); checkerr; - key_len += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length); checkerr; - key_len += length; - /* key type */ - ret = asn1_encode_integer (buf, key_data.key_data_type[0], &length); - checkerr; - key_len += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr; - key_len += length; - - ret = asn1_make_sequence(buf, key_len, &length); checkerr; - key_len += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, key_len, &length); checkerr; - key_len += length; - - sum += key_len; - } - /* Encode the salt type and value (optional) */ - if (key_data.key_data_ver > 1) { - unsigned int salt_len = 0; - /* salt value (optional) */ - if (key_data.key_data_length[1] > 0) { - ret = asn1_encode_octetstring (buf, - key_data.key_data_length[1], - key_data.key_data_contents[1], - &length); checkerr; - salt_len += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length); - checkerr; - salt_len += length; - } - /* salt type */ - ret = asn1_encode_integer (buf, key_data.key_data_type[1], &length); - checkerr; - salt_len += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr; - salt_len += length; - - ret = asn1_make_sequence(buf, salt_len, &length); checkerr; - salt_len += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, salt_len, &length); checkerr; - salt_len += length; - - sum += salt_len; - } - - ret = asn1_make_sequence(buf, sum, &length); checkerr; - sum += length; - - *retlen = sum; - -last: - return ret; -} - -/* Major version and minor version are both '1' - first version */ -/* asn1_error_code asn1_encode_sequence_of_keys (krb5_key_data *key_data, */ -krb5_error_code -asn1_encode_sequence_of_keys (krb5_key_data *key_data, - krb5_int16 n_key_data, - krb5_int32 mkvno, /* Master key version number */ - krb5_data **code) -{ - asn1_error_code ret = 0; - asn1buf *buf = NULL; - unsigned int length, sum = 0; - - *code = NULL; - - if (n_key_data == 0) cleanup (ASN1_MISSING_FIELD); - - /* Allocate the buffer */ - asn1buf_create(&buf); - - /* Sequence of keys */ - { - int i; - unsigned int seq_len = 0; - - for (i = n_key_data - 1; i >= 0; i--) { - ret = asn1_encode_key (buf, key_data[i], &length); checkerr; - seq_len += length; - } - ret = asn1_make_sequence(buf, seq_len, &length); checkerr; - seq_len += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 4, seq_len, &length); checkerr; - seq_len += length; - - sum += seq_len; - } - - /* mkvno */ - if (mkvno < 0) - cleanup (ASN1_BAD_FORMAT); - ret = asn1_encode_unsigned_integer (buf, (unsigned int)mkvno, &length); checkerr; - sum += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 3, length, &length); checkerr; - sum += length; - - /* kvno (assuming all keys in array have same version) */ - if (key_data[0].key_data_kvno < 0) - cleanup (ASN1_BAD_FORMAT); - ret = asn1_encode_unsigned_integer (buf, (unsigned int)key_data[0].key_data_kvno, &length); - checkerr; - sum += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 2, length, &length); checkerr; - sum += length; - - /* attribute-minor-vno == 1 */ - ret = asn1_encode_unsigned_integer (buf, 1, &length); checkerr; - sum += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 1, length, &length); checkerr; - sum += length; - - /* attribute-major-vno == 1 */ - ret = asn1_encode_unsigned_integer (buf, 1, &length); checkerr; - sum += length; - ret = asn1_make_etag(buf, CONTEXT_SPECIFIC, 0, length, &length); checkerr; - sum += length; - - ret = asn1_make_sequence(buf, sum, &length); checkerr; - sum += length; - - /* The reverse encoding is straightened out here */ - ret = asn12krb5_buf (buf, code); checkerr; - -last: - asn1buf_destroy (&buf); - - if (ret != 0 && *code != NULL) - free (*code); - - return ret; -} - -/************************************************************************/ -/* Decode the Principal's keys */ -/************************************************************************/ - -#define safe_syncbuf(outer,inner) \ - if (! ((inner)->next == (inner)->bound + 1 && \ - (inner)->next == (outer)->next + buflen)) \ - cleanup (ASN1_BAD_LENGTH); \ - asn1buf_sync((outer), (inner), 0, 0, 0, 0, 0); - -static asn1_error_code -decode_tagged_integer (asn1buf *buf, int expectedtag, long *val) -{ - int buflen; - asn1_error_code ret = 0; - asn1buf tmp, subbuf; - taginfo t; - - /* Work on a copy of 'buf' */ - ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr; - ret = asn1_get_tag_2(&tmp, &t); checkerr; - if (t.tagnum != expectedtag) - cleanup (ASN1_MISSING_FIELD); - - buflen = t.length; - ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr; - ret = asn1_decode_integer(&subbuf, val); checkerr; - - safe_syncbuf(&tmp, &subbuf); - *buf = tmp; - -last: - return ret; -} - -#if 0 /* not currently used */ -static asn1_error_code -decode_tagged_unsigned_integer (asn1buf *buf, int expectedtag, unsigned long *val) -{ - int buflen; - asn1_error_code ret = 0; - asn1buf tmp, subbuf; - taginfo t; - - /* Work on a copy of 'buf' */ - ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr; - ret = asn1_get_tag_2(&tmp, &t); checkerr; - if (t.tagnum != expectedtag) - cleanup (ASN1_MISSING_FIELD); - - buflen = t.length; - ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr; - ret = asn1_decode_unsigned_integer(&subbuf, val); checkerr; - - safe_syncbuf(&tmp, &subbuf); - *buf = tmp; - -last: - return ret; -} -#endif - -static asn1_error_code -decode_tagged_octetstring (asn1buf *buf, int expectedtag, int *len, - asn1_octet **val) -{ - int buflen; - asn1_error_code ret = 0; - asn1buf tmp, subbuf; - taginfo t; - - *val = NULL; - - /* Work on a copy of 'buf' */ - ret = asn1buf_imbed(&tmp, buf, 0, 1); checkerr; - ret = asn1_get_tag_2(&tmp, &t); checkerr; - if (t.tagnum != expectedtag) - cleanup (ASN1_MISSING_FIELD); - - buflen = t.length; - ret = asn1buf_imbed(&subbuf, &tmp, t.length, 0); checkerr; - ret = asn1_decode_octetstring (&subbuf, len, val); checkerr; - - safe_syncbuf(&tmp, &subbuf); - *buf = tmp; - -last: - if (ret != 0 && *val != NULL) - free (*val); - return ret; -} - -static asn1_error_code asn1_decode_key(asn1buf *buf, krb5_key_data *key) -{ - int buflen, seqindef; - unsigned int length; - asn1_error_code ret; - asn1buf subbuf; - taginfo t; - - key->key_data_contents[0] = NULL; - key->key_data_contents[1] = NULL; - - ret = asn1_get_sequence(buf, &length, &seqindef); checkerr; - buflen = length; - ret = asn1buf_imbed(&subbuf, buf, length, seqindef); checkerr; - - asn1_get_tag_2(&subbuf, &t); - /* Salt */ - if (t.tagnum == 0) { - int buflen; - asn1buf slt; - unsigned long keytype; - int keylen; - - key->key_data_ver = 2; - asn1_get_sequence(&subbuf, &length, &seqindef); - buflen = length; - asn1buf_imbed(&slt, &subbuf, length, seqindef); - - ret = decode_tagged_integer (&slt, 0, &keytype); - key->key_data_type[1] = keytype; /* XXX range check?? */ - checkerr; - - ret = decode_tagged_octetstring (&slt, 1, &keylen, - &key->key_data_contents[1]); checkerr; - safe_syncbuf (&subbuf, &slt); - key->key_data_length[1] = keylen; /* XXX range check?? */ - - ret = asn1_get_tag_2(&subbuf, &t); checkerr; - } else - key->key_data_ver = 1; - - /* Key */ - { - int buflen; - asn1buf kbuf; - long lval; - int ival; - - if (t.tagnum != 1) - cleanup (ASN1_MISSING_FIELD); - - ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr; - buflen = length; - ret = asn1buf_imbed(&kbuf, &subbuf, length, seqindef); checkerr; - - ret = decode_tagged_integer (&kbuf, 0, &lval); - checkerr; - key->key_data_type[0] = lval; /* XXX range check? */ - - ret = decode_tagged_octetstring (&kbuf, 1, &ival, - &key->key_data_contents[0]); checkerr; - key->key_data_length[0] = ival; - - safe_syncbuf (&subbuf, &kbuf); - } - - safe_syncbuf (buf, &subbuf); - -last: - if (ret != 0) { - if (key->key_data_contents[0] != NULL) { - free (key->key_data_contents[0]); - key->key_data_contents[0] = NULL; - } - if (key->key_data_contents[1] != NULL) { - free (key->key_data_contents[1]); - key->key_data_contents[1] = NULL; - } - } - return ret; -} - -/* asn1_error_code asn1_decode_sequence_of_keys (krb5_data *in, */ -krb5_error_code asn1_decode_sequence_of_keys (krb5_data *in, - krb5_key_data **out, - krb5_int16 *n_key_data, - int *mkvno) -{ - asn1_error_code ret; - asn1buf buf, subbuf; - int seqindef; - unsigned int length; - taginfo t; - int kvno, maj, min; - long lval; - - *n_key_data = 0; - *out = NULL; - - ret = asn1buf_wrap_data(&buf, in); checkerr; - - ret = asn1_get_sequence(&buf, &length, &seqindef); checkerr; - ret = asn1buf_imbed(&subbuf, &buf, length, seqindef); checkerr; - - /* attribute-major-vno */ - ret = decode_tagged_integer (&subbuf, 0, &lval); checkerr; - maj = lval; /* XXX range check? */ - - /* attribute-minor-vno */ - ret = decode_tagged_integer (&subbuf, 1, &lval); checkerr; - min = lval; /* XXX range check? */ - - if (maj != 1 || min != 1) - cleanup (ASN1_BAD_FORMAT); - - /* kvno (assuming all keys in array have same version) */ - ret = decode_tagged_integer (&subbuf, 2, &lval); checkerr; - kvno = lval; /* XXX range check? */ - - /* mkvno (optional) */ - ret = decode_tagged_integer (&subbuf, 3, &lval); checkerr; - *mkvno = lval; /* XXX range check? */ - - ret = asn1_get_tag_2(&subbuf, &t); checkerr; - - /* Sequence of keys */ - { - int i, ret1, buflen; - asn1buf keyseq; - if (t.tagnum != 4) - cleanup (ASN1_MISSING_FIELD); - ret = asn1_get_sequence(&subbuf, &length, &seqindef); checkerr; - buflen = length; - ret = asn1buf_imbed(&keyseq, &subbuf, length, seqindef); checkerr; - for (i = 1, *out = NULL; ; i++) { - krb5_key_data *tmp; - tmp = (krb5_key_data *) realloc (*out, i * sizeof (krb5_key_data)); - if (tmp == NULL) - cleanup (ENOMEM); - *out = tmp; - (*out)[i - 1].key_data_kvno = kvno; - ret1 = asn1_decode_key(&keyseq, &(*out)[i - 1]); checkerr; - (*n_key_data)++; - if (asn1buf_remains(&keyseq, 0) == 0) - break; /* Not freeing the last key structure */ - } - safe_syncbuf (&subbuf, &keyseq); - } - -last: - if (ret != 0) { - int i; - for (i = 0; i < *n_key_data; i++) { - if ((*out)[i].key_data_contents[0] != NULL) - free ((*out)[i].key_data_contents[0]); - if ((*out)[i].key_data_contents[1] != NULL) - free ((*out)[i].key_data_contents[1]); - } - free (*out); - *out = NULL; - } - - return ret; -} diff --git a/src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.h b/src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.h deleted file mode 100644 index aed83f11b..000000000 --- a/src/plugins/kdb/ldap/libkdb_ldap/princ_key_encode_decode.h +++ /dev/null @@ -1,9 +0,0 @@ -krb5_error_code asn1_encode_sequence_of_keys (krb5_key_data *key_data, - krb5_int16 n_key_data, - krb5_int32 mkvno, - krb5_data **code); - -krb5_error_code asn1_decode_sequence_of_keys (krb5_data *in, - krb5_key_data **out, - krb5_int16 *n_key_data, - int *mkvno); |