diff options
Diffstat (limited to 'crypto/heimdal/lib/auth')
20 files changed, 3999 insertions, 0 deletions
diff --git a/crypto/heimdal/lib/auth/ChangeLog b/crypto/heimdal/lib/auth/ChangeLog new file mode 100644 index 000000000000..9b1ebaf33527 --- /dev/null +++ b/crypto/heimdal/lib/auth/ChangeLog @@ -0,0 +1,74 @@ +1999-12-30 Assar Westerlund <assar@sics.se> + + * sia/Makefile.am: try to link with shared libraries if we don't + find any static ones + +1999-12-20 Johan Danielsson <joda@pdc.kth.se> + + * sia/sia.c: don't use string concatenation with TKT_ROOT + +1999-11-15 Assar Westerlund <assar@sics.se> + + * */lib/Makefile.in: set LIBNAME. From Enrico Scholz + <Enrico.Scholz@informatik.tu-chemnitz.de> + +1999-10-17 Assar Westerlund <assar@sics.se> + + * afskauthlib/verify.c (verify_krb5): need realm for v5 -> v4 + +1999-10-03 Assar Westerlund <assar@sics.se> + + * afskauthlib/verify.c (verify_krb5): update to new + krb524_convert_creds_kdc + +1999-09-28 Assar Westerlund <assar@sics.se> + + * sia/sia.c (doauth): use krb5_get_local_realms and + krb5_verify_user_lrealm + + * afskauthlib/verify.c (verify_krb5): remove krb5_kuserok. use + krb5_verify_user_lrealm + +1999-08-11 Johan Danielsson <joda@pdc.kth.se> + + * afskauthlib/verify.c: make this compile w/o krb4 + +1999-08-04 Assar Westerlund <assar@sics.se> + + * afskauthlib/verify.c: incorporate patches from Miroslav Ruda + <ruda@ics.muni.cz> + +Thu Apr 8 14:35:34 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/sia.c: remove definition of KRB_VERIFY_USER (moved to + config.h) + + * sia/Makefile.am: make it build w/o krb4 + + * afskauthlib/verify.c: add krb5 support + + * afskauthlib/Makefile.am: build afskauthlib.so + +Wed Apr 7 14:06:22 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/sia.c: make it compile w/o krb4 + + * sia/Makefile.am: make it compile w/o krb4 + +Thu Apr 1 18:09:23 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/sia_locl.h: POSIX_GETPWNAM_R is defined in config.h + +Sun Mar 21 14:08:30 1999 Johan Danielsson <joda@hella.pdc.kth.se> + + * sia/Makefile.in: add posix_getpw.c + + * sia/Makefile.am: makefile for sia + + * sia/posix_getpw.c: move from sia.c + + * sia/sia_locl.h: merge with krb5 version + + * sia/sia.c: merge with krb5 version + + * sia/sia5.c: remove unused variables diff --git a/crypto/heimdal/lib/auth/Makefile.am b/crypto/heimdal/lib/auth/Makefile.am new file mode 100644 index 000000000000..0310dc36d6cc --- /dev/null +++ b/crypto/heimdal/lib/auth/Makefile.am @@ -0,0 +1,6 @@ +# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +SUBDIRS = @LIB_AUTH_SUBDIRS@ +DIST_SUBDIRS = afskauthlib pam sia diff --git a/crypto/heimdal/lib/auth/Makefile.in b/crypto/heimdal/lib/auth/Makefile.in new file mode 100644 index 000000000000..aab069e54158 --- /dev/null +++ b/crypto/heimdal/lib/auth/Makefile.in @@ -0,0 +1,599 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.2 1999/03/21 17:11:08 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +SUBDIRS = @LIB_AUTH_SUBDIRS@ +DIST_SUBDIRS = afskauthlib pam sia +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DIST_COMMON = ChangeLog Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +# This directory's subdirectories are mostly independent; you can cd +# into them and run `make' without going through this Makefile. +# To change the values of `make' variables: instead of editing Makefiles, +# (1) if the variable is set in `config.status', edit `config.status' +# (which will cause the Makefiles to be regenerated when you run `make'); +# (2) otherwise, pass the desired values on the `make' command line. + +@SET_MAKE@ + +all-recursive install-data-recursive install-exec-recursive \ +installdirs-recursive install-recursive uninstall-recursive \ +check-recursive installcheck-recursive info-recursive dvi-recursive: + @set fnord $(MAKEFLAGS); amf=$$2; \ + dot_seen=no; \ + target=`echo $@ | sed s/-recursive//`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + dot_seen=yes; \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + done; \ + if test "$$dot_seen" = "no"; then \ + $(MAKE) $(AM_MAKEFLAGS) "$$target-am" || exit 1; \ + fi; test -z "$$fail" + +mostlyclean-recursive clean-recursive distclean-recursive \ +maintainer-clean-recursive: + @set fnord $(MAKEFLAGS); amf=$$2; \ + dot_seen=no; \ + rev=''; list='$(SUBDIRS)'; for subdir in $$list; do \ + rev="$$subdir $$rev"; \ + test "$$subdir" = "." && dot_seen=yes; \ + done; \ + test "$$dot_seen" = "no" && rev=". $$rev"; \ + target=`echo $@ | sed s/-recursive//`; \ + for subdir in $$rev; do \ + echo "Making $$target in $$subdir"; \ + if test "$$subdir" = "."; then \ + local_target="$$target-am"; \ + else \ + local_target="$$target"; \ + fi; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) $$local_target) \ + || case "$$amf" in *=*) exit 1;; *k*) fail=yes;; *) exit 1;; esac; \ + done && test -z "$$fail" +tags-recursive: + list='$(SUBDIRS)'; for subdir in $$list; do \ + test "$$subdir" = . || (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) tags); \ + done + +tags: TAGS + +ID: $(HEADERS) $(SOURCES) $(LISP) + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + here=`pwd` && cd $(srcdir) \ + && mkid -f$$here/ID $$unique $(LISP) + +TAGS: tags-recursive $(HEADERS) $(SOURCES) $(TAGS_DEPENDENCIES) $(LISP) + tags=; \ + here=`pwd`; \ + list='$(SUBDIRS)'; for subdir in $$list; do \ + if test "$$subdir" = .; then :; else \ + test -f $$subdir/TAGS && tags="$$tags -i $$here/$$subdir/TAGS"; \ + fi; \ + done; \ + list='$(SOURCES) $(HEADERS)'; \ + unique=`for i in $$list; do echo $$i; done | \ + awk ' { files[$$0] = 1; } \ + END { for (i in files) print i; }'`; \ + test -z "$(ETAGS_ARGS)$$unique$(LISP)$$tags" \ + || (cd $(srcdir) && etags $(ETAGS_ARGS) $$tags $$unique $(LISP) -o $$here/TAGS) + +mostlyclean-tags: + +clean-tags: + +distclean-tags: + -rm -f TAGS ID + +maintainer-clean-tags: + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + for subdir in $(DIST_SUBDIRS); do \ + if test "$$subdir" = .; then :; else \ + test -d $(distdir)/$$subdir \ + || mkdir $(distdir)/$$subdir \ + || exit 1; \ + chmod 777 $(distdir)/$$subdir; \ + (cd $$subdir && $(MAKE) $(AM_MAKEFLAGS) top_distdir=../$(top_distdir) distdir=../$(distdir)/$$subdir distdir) \ + || exit 1; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-recursive +dvi-am: +dvi: dvi-recursive +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-recursive +installcheck-am: +installcheck: installcheck-recursive +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-recursive + +install-data-am: install-data-local +install-data: install-data-recursive + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-recursive +uninstall-am: +uninstall: uninstall-recursive +all-am: Makefile all-local +all-redirect: all-recursive +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: installdirs-recursive +installdirs-am: + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-tags mostlyclean-generic + +mostlyclean: mostlyclean-recursive + +clean-am: clean-tags clean-generic mostlyclean-am + +clean: clean-recursive + +distclean-am: distclean-tags distclean-generic clean-am + -rm -f libtool + +distclean: distclean-recursive + +maintainer-clean-am: maintainer-clean-tags maintainer-clean-generic \ + distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-recursive + +.PHONY: install-data-recursive uninstall-data-recursive \ +install-exec-recursive uninstall-exec-recursive installdirs-recursive \ +uninstalldirs-recursive all-recursive check-recursive \ +installcheck-recursive info-recursive dvi-recursive \ +mostlyclean-recursive distclean-recursive clean-recursive \ +maintainer-clean-recursive tags tags-recursive mostlyclean-tags \ +distclean-tags clean-tags maintainer-clean-tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs-am installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.am b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am new file mode 100644 index 000000000000..7dd6d5283fe9 --- /dev/null +++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.am @@ -0,0 +1,38 @@ +# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) + +DEFS = @DEFS@ + +foodir = $(libdir) +foo_DATA = afskauthlib.so + +SUFFIXES += .c .o + +SRCS = verify.c +OBJS = verify.o + +CLEANFILES = $(foo_DATA) $(OBJS) so_locations + +afskauthlib.so: $(OBJS) + $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L) + +.c.o: + $(COMPILE) -c $< + +if KRB4 +KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a +endif + +L = \ + $(KAFS) \ + $(top_builddir)/lib/krb5/.libs/libkrb5.a \ + $(top_builddir)/lib/asn1/.libs/libasn1.a \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/.libs/libdes.a \ + $(top_builddir)/lib/roken/.libs/libroken.a \ + -lc + +$(OBJS): $(top_builddir)/include/config.h diff --git a/crypto/heimdal/lib/auth/afskauthlib/Makefile.in b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in new file mode 100644 index 000000000000..d3a404172cf2 --- /dev/null +++ b/crypto/heimdal/lib/auth/afskauthlib/Makefile.in @@ -0,0 +1,538 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.3 1999/04/08 12:35:33 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +DEFS = @DEFS@ + +foodir = $(libdir) +foo_DATA = afskauthlib.so + +SRCS = verify.c +OBJS = verify.o + +CLEANFILES = $(foo_DATA) $(OBJS) so_locations + +@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a + +L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/roken/.libs/libroken.a -lc + +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DATA = $(foo_DATA) + +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .o .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/afskauthlib/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +install-fooDATA: $(foo_DATA) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(foodir) + @list='$(foo_DATA)'; for p in $$list; do \ + if test -f $(srcdir)/$$p; then \ + echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ + else if test -f $$p; then \ + echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ + fi; fi; \ + done + +uninstall-fooDATA: + @$(NORMAL_UNINSTALL) + list='$(foo_DATA)'; for p in $$list; do \ + rm -f $(DESTDIR)$(foodir)/$$p; \ + done +tags: TAGS +TAGS: + + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth/afskauthlib + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-fooDATA install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-fooDATA +uninstall: uninstall-am +all-am: Makefile $(DATA) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(foodir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: uninstall-fooDATA install-fooDATA tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +afskauthlib.so: $(OBJS) + $(LD) -shared -o $@ $(LDFLAGS) $(OBJS) $(L) + +.c.o: + $(COMPILE) -c $< + +$(OBJS): $(top_builddir)/include/config.h + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/afskauthlib/verify.c b/crypto/heimdal/lib/auth/afskauthlib/verify.c new file mode 100644 index 000000000000..1c23119f9fc7 --- /dev/null +++ b/crypto/heimdal/lib/auth/afskauthlib/verify.c @@ -0,0 +1,288 @@ +/* + * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifdef HAVE_CONFIG_H +#include <config.h> +RCSID("$Id: verify.c,v 1.20 1999/12/02 16:58:37 joda Exp $"); +#endif +#include <unistd.h> +#include <sys/types.h> +#include <pwd.h> +#ifdef KRB5 +#include <krb5.h> +#endif +#ifdef KRB4 +#include <krb.h> +#include <kafs.h> +#endif +#include <roken.h> + +#ifdef KRB5 +static char krb5ccname[128]; +#endif +#ifdef KRB4 +static char krbtkfile[128]; +#endif + +/* + In some cases is afs_gettktstring called twice (once before + afs_verify and once after afs_verify). + In some cases (rlogin with access allowed via .rhosts) + afs_verify is not called! + So we can't rely on correct value in krbtkfile in some + cases! +*/ + +static int correct_tkfilename=0; +static int pag_set=0; + +#ifdef KRB4 +static void +set_krbtkfile(uid_t uid) +{ + snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); + krb_set_tkt_string (krbtkfile); + correct_tkfilename = 1; +} +#endif + +/* XXX this has to be the default cache name, since the KRB5CCNAME + * environment variable isn't exported by login/xdm + */ + +#ifdef KRB5 +static void +set_krb5ccname(uid_t uid) +{ + snprintf (krb5ccname, sizeof(krb5ccname), "FILE:/tmp/krb5cc_%d", uid); +#ifdef KRB4 + snprintf (krbtkfile, sizeof(krbtkfile), "%s%d", TKT_ROOT, (unsigned)uid); +#endif + correct_tkfilename = 1; +} +#endif + +static void +set_spec_krbtkfile(void) +{ + int fd; +#ifdef KRB4 + snprintf (krbtkfile, sizeof(krbtkfile), "%s_XXXXXX", TKT_ROOT); + fd = mkstemp(krbtkfile); + close(fd); + unlink(krbtkfile); + krb_set_tkt_string (krbtkfile); +#endif +#ifdef KRB5 + snprintf(krb5ccname, sizeof(krb5ccname),"FILE:/tmp/krb5cc_XXXXXX"); + fd=mkstemp(krb5ccname+5); + close(fd); + unlink(krb5ccname+5); +#endif +} + +#ifdef KRB5 +static int +verify_krb5(struct passwd *pwd, + char *password, + int32_t *exp, + int quiet) +{ + krb5_context context; + krb5_error_code ret; + krb5_ccache ccache; + krb5_principal principal; + + krb5_init_context(&context); + + ret = krb5_parse_name (context, pwd->pw_name, &principal); + if (ret) { + syslog(LOG_AUTH|LOG_DEBUG, "krb5_parse_name: %s", + krb5_get_err_text(context, ret)); + goto out; + } + + set_krb5ccname(pwd->pw_uid); + ret = krb5_cc_resolve(context, krb5ccname, &ccache); + if(ret) { + syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_resolve: %s", + krb5_get_err_text(context, ret)); + goto out; + } + + ret = krb5_verify_user_lrealm(context, + principal, + ccache, + password, + TRUE, + NULL); + if(ret) { + syslog(LOG_AUTH|LOG_DEBUG, "krb5_verify_user: %s", + krb5_get_err_text(context, ret)); + goto out; + } + + if(chown(krb5_cc_get_name(context, ccache), pwd->pw_uid, pwd->pw_gid)) { + syslog(LOG_AUTH|LOG_DEBUG, "chown: %s", + krb5_get_err_text(context, errno)); + goto out; + } + +#ifdef KRB4 + if (krb5_config_get_bool(context, NULL, + "libdefaults", + "krb4_get_tickets", + NULL)) { + CREDENTIALS c; + krb5_creds mcred, cred; + krb5_realm realm; + + krb5_get_default_realm(context, &realm); + krb5_make_principal(context, &mcred.server, realm, + "krbtgt", + realm, + NULL); + free (realm); + ret = krb5_cc_retrieve_cred(context, ccache, 0, &mcred, &cred); + if(ret == 0) { + ret = krb524_convert_creds_kdc(context, ccache, &cred, &c); + if(ret) + krb5_warn(context, ret, "converting creds"); + else { + set_krbtkfile(pwd->pw_uid); + tf_setup(&c, c.pname, c.pinst); + } + memset(&c, 0, sizeof(c)); + krb5_free_creds_contents(context, &cred); + } else + syslog(LOG_AUTH|LOG_DEBUG, "krb5_cc_retrieve_cred: %s", + krb5_get_err_text(context, ret)); + + krb5_free_principal(context, mcred.server); + } + if (!pag_set && k_hasafs()) { + k_setpag(); + pag_set = 1; + krb5_afslog_uid_home(context, ccache, NULL, NULL, + pwd->pw_uid, pwd->pw_dir); + } +#endif +out: + if(ret && !quiet) + printf ("%s\n", krb5_get_err_text (context, ret)); + return ret; +} +#endif + +#ifdef KRB4 +static int +verify_krb4(struct passwd *pwd, + char *password, + int32_t *exp, + int quiet) +{ + int ret = 1; + char lrealm[REALM_SZ]; + + if (krb_get_lrealm (lrealm, 1) != KFAILURE) { + set_krbtkfile(pwd->pw_uid); + ret = krb_verify_user (pwd->pw_name, "", lrealm, password, + KRB_VERIFY_SECURE, NULL); + if (ret == KSUCCESS) { + if (!pag_set && k_hasafs()) { + k_setpag (); + pag_set = 1; + krb_afslog_uid_home (0, 0, pwd->pw_uid, pwd->pw_dir); + } + } else if (!quiet) + printf ("%s\n", krb_get_err_text (ret)); + } + return ret; +} +#endif + +int +afs_verify(char *name, + char *password, + int32_t *exp, + int quiet) +{ + int ret = 1; + struct passwd *pwd = k_getpwnam (name); + + if(pwd == NULL) + return 1; + if (ret) + ret = unix_verify_user (name, password); +#ifdef KRB5 + if (ret) + ret = verify_krb5(pwd, password, exp, quiet); +#endif +#ifdef KRB4 + if(ret) + ret = verify_krb4(pwd, password, exp, quiet); +#endif + return ret; +} + +char * +afs_gettktstring (void) +{ + char *ptr; + struct passwd *pwd; + + if (!correct_tkfilename) { + ptr = getenv("LOGNAME"); + if (ptr != NULL && ((pwd = getpwnam(ptr)) != NULL)) { + set_krb5ccname(pwd->pw_uid); +#ifdef KRB4 + set_krbtkfile(pwd->pw_uid); + if (!pag_set && k_hasafs()) { + k_setpag(); + pag_set=1; + } +#endif + } else { + set_spec_krbtkfile(); + } + } +#ifdef KRB5 + setenv("KRB5CCNAME",krb5ccname,1); +#endif +#ifdef KRB4 + setenv("KRBTKFILE",krbtkfile,1); + return krbtkfile; +#else + return ""; +#endif +} diff --git a/crypto/heimdal/lib/auth/pam/Makefile.am b/crypto/heimdal/lib/auth/pam/Makefile.am new file mode 100644 index 000000000000..abde2d9a4938 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/Makefile.am @@ -0,0 +1,3 @@ +# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $ + +include $(top_srcdir)/Makefile.am.common diff --git a/crypto/heimdal/lib/auth/pam/Makefile.in b/crypto/heimdal/lib/auth/pam/Makefile.in new file mode 100644 index 000000000000..37f8d22f1dd3 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/Makefile.in @@ -0,0 +1,491 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.2 1999/04/01 14:57:04 joda Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS = @WFLAGS@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x + +INCLUDES = -I$(top_builddir)/include + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .et .h .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/pam/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + +tags: TAGS +TAGS: + + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth/pam + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: +uninstall: uninstall-am +all-am: Makefile all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + + +mostlyclean-generic: + +clean-generic: + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: tags distdir info-am info dvi-am dvi check-local check check-am \ +installcheck-am installcheck install-exec-am install-exec \ +install-data-local install-data-am install-data install-am install \ +uninstall-am uninstall all-local all-redirect all-am all installdirs \ +mostlyclean-generic distclean-generic clean-generic \ +maintainer-clean-generic clean mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/pam/pam.c b/crypto/heimdal/lib/auth/pam/pam.c new file mode 100644 index 000000000000..d919bf8f83b8 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/pam.c @@ -0,0 +1,243 @@ +/* + * Copyright (c) 1995, 1996, 1997, 1998, 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +/* This code is extremely ugly, and would probably be better off + beeing completely rewritten */ + + +#ifdef HAVE_CONFIG_H +#include<config.h> +RCSID("$Id: pam.c,v 1.22 1999/12/02 16:58:37 joda Exp $"); +#endif + +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <pwd.h> +#include <unistd.h> +#include <sys/types.h> + +#define PAM_SM_AUTH +#define PAM_SM_SESSION +#include <security/pam_appl.h> +#include <security/pam_modules.h> + +#include <netinet/in.h> +#include <krb.h> +#include <kafs.h> + +static int +cleanup(pam_handle_t *pamh, void *data, int error_code) +{ + if(error_code != PAM_SUCCESS) + dest_tkt(); + free(data); + return PAM_SUCCESS; +} + +static int +doit(pam_handle_t *pamh, char *name, char *inst, char *pwd, char *tkt) +{ + char realm[REALM_SZ]; + int ret; + + pam_set_data(pamh, "KRBTKFILE", strdup(tkt), cleanup); + krb_set_tkt_string(tkt); + + krb_get_lrealm(realm, 1); + ret = krb_verify_user(name, inst, realm, pwd, KRB_VERIFY_SECURE, NULL); + memset(pwd, 0, strlen(pwd)); + switch(ret){ + case KSUCCESS: + return PAM_SUCCESS; + case KDC_PR_UNKNOWN: + return PAM_USER_UNKNOWN; + case SKDC_CANT: + case SKDC_RETRY: + case RD_AP_TIME: + return PAM_AUTHINFO_UNAVAIL; + default: + return PAM_AUTH_ERR; + } +} + +static int +auth_login(pam_handle_t *pamh, int flags, char *user, struct pam_conv *conv) +{ + int ret; + struct pam_message msg, *pmsg; + struct pam_response *resp; + char prompt[128]; + + pmsg = &msg; + msg.msg_style = PAM_PROMPT_ECHO_OFF; + snprintf(prompt, sizeof(prompt), "%s's Password: ", user); + msg.msg = prompt; + + ret = conv->conv(1, (const struct pam_message**)&pmsg, + &resp, conv->appdata_ptr); + if(ret != PAM_SUCCESS) + return ret; + + { + char tkt[1024]; + struct passwd *pw = getpwnam(user); + + if(pw){ + snprintf(tkt, sizeof(tkt), + "%s%u", TKT_ROOT, (unsigned)pw->pw_uid); + ret = doit(pamh, user, "", resp->resp, tkt); + if(ret == PAM_SUCCESS) + chown(tkt, pw->pw_uid, pw->pw_gid); + }else + ret = PAM_USER_UNKNOWN; + memset(resp->resp, 0, strlen(resp->resp)); + free(resp->resp); + free(resp); + } + return ret; +} + +static int +auth_su(pam_handle_t *pamh, int flags, char *user, struct pam_conv *conv) +{ + int ret; + struct passwd *pw; + struct pam_message msg, *pmsg; + struct pam_response *resp; + char prompt[128]; + krb_principal pr; + + pr.realm[0] = 0; + ret = pam_get_user(pamh, &user, "login: "); + if(ret != PAM_SUCCESS) + return ret; + + pw = getpwuid(getuid()); + if(strcmp(user, "root") == 0){ + strlcpy(pr.name, pw->pw_name, sizeof(pr.name)); + strlcpy(pr.instance, "root", sizeof(pr.instance)); + }else{ + strlcpy(pr.name, user, sizeof(pr.name)); + pr.instance[0] = 0; + } + pmsg = &msg; + msg.msg_style = PAM_PROMPT_ECHO_OFF; + snprintf(prompt, sizeof(prompt), "%s's Password: ", krb_unparse_name(&pr)); + msg.msg = prompt; + + ret = conv->conv(1, (const struct pam_message**)&pmsg, + &resp, conv->appdata_ptr); + if(ret != PAM_SUCCESS) + return ret; + + { + char tkt[1024]; + + snprintf(tkt, sizeof(tkt),"%s_%s_to_%s", + TKT_ROOT, pw->pw_name, user); + ret = doit(pamh, pr.name, pr.instance, resp->resp, tkt); + if(ret == PAM_SUCCESS) + chown(tkt, pw->pw_uid, pw->pw_gid); + memset(resp->resp, 0, strlen(resp->resp)); + free(resp->resp); + free(resp); + } + return ret; +} + +int +pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + char *user; + int ret; + struct pam_conv *conv; + ret = pam_get_user(pamh, &user, "login: "); + if(ret != PAM_SUCCESS) + return ret; + + ret = pam_get_item(pamh, PAM_CONV, (void*)&conv); + if(ret != PAM_SUCCESS) + return ret; + + + if(getuid() != geteuid()) + return auth_su(pamh, flags, user, conv); + else + return auth_login(pamh, flags, user, conv); +} + +int +pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + return PAM_SUCCESS; +} + + +int +pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + char *tkt, *var; + void *user; + const char *homedir = NULL; + + if(pam_get_item (pamh, PAM_USER, &user) == PAM_SUCCESS) { + struct passwd *pwd; + + pwd = getpwnam ((char *)user); + if (pwd != NULL) + homedir = pwd->pw_dir; + } + + pam_get_data(pamh, "KRBTKFILE", (const void**)&tkt); + var = malloc(strlen("KRBTKFILE=") + strlen(tkt) + 1); + strcpy(var, "KRBTKFILE="); + strcat(var, tkt); + putenv(var); + pam_putenv(pamh, var); + if(k_hasafs()){ + k_setpag(); + krb_afslog_home(0, 0, homedir); + } + return PAM_SUCCESS; +} + + +int +pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + dest_tkt(); + if(k_hasafs()) + k_unlog(); + return PAM_SUCCESS; +} diff --git a/crypto/heimdal/lib/auth/pam/pam.conf.add b/crypto/heimdal/lib/auth/pam/pam.conf.add new file mode 100644 index 000000000000..42497d2b44a0 --- /dev/null +++ b/crypto/heimdal/lib/auth/pam/pam.conf.add @@ -0,0 +1,76 @@ +To enable PAM in dtlogin and /bin/login under SunOS 5.6 apply this patch: + +--- /etc/pam.conf.DIST Mon Jul 20 15:37:46 1998 ++++ /etc/pam.conf Tue Nov 30 18:47:22 1999 +@@ -4,12 +4,14 @@ + # + # Authentication management + # ++login auth sufficient /usr/athena/lib/pam_krb4.so + login auth required /usr/lib/security/pam_unix.so.1 + login auth required /usr/lib/security/pam_dial_auth.so.1 + # + rlogin auth sufficient /usr/lib/security/pam_rhosts_auth.so.1 + rlogin auth required /usr/lib/security/pam_unix.so.1 + # ++dtlogin auth sufficient /usr/athena/lib/pam_krb4.so + dtlogin auth required /usr/lib/security/pam_unix.so.1 + # + rsh auth required /usr/lib/security/pam_rhosts_auth.so.1 +@@ -24,6 +26,8 @@ + # + # Session management + # ++dtlogin session required /usr/athena/lib/pam_krb4.so ++login session required /usr/athena/lib/pam_krb4.so + other session required /usr/lib/security/pam_unix.so.1 + # + # Password management +--------------------------------------------------------------------------- +To enable PAM in /bin/login and xdm under Red Hat 6.1 apply these patches: + +--- /etc/pam.d/login~ Thu Jul 8 00:14:02 1999 ++++ /etc/pam.d/login Mon Aug 30 14:33:12 1999 +@@ -1,9 +1,12 @@ + #%PAM-1.0 ++# Updated to work with kerberos ++auth sufficient /lib/security/pam_krb4.so + auth required /lib/security/pam_securetty.so + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so + password required /lib/security/pam_cracklib.so + password required /lib/security/pam_pwdb.so nullok use_authtok shadow ++session required /lib/security/pam_krb4.so + session required /lib/security/pam_pwdb.so + session optional /lib/security/pam_console.so +--- /etc/pam.d/xdm~ Mon Jun 14 17:39:05 1999 ++++ /etc/pam.d/xdm Mon Aug 30 14:54:51 1999 +@@ -1,8 +1,10 @@ + #%PAM-1.0 ++auth sufficient /lib/security/pam_krb4.so + auth required /lib/security/pam_pwdb.so shadow nullok + auth required /lib/security/pam_nologin.so + account required /lib/security/pam_pwdb.so + password required /lib/security/pam_cracklib.so + password required /lib/security/pam_pwdb.so shadow nullok use_authtok ++session required /lib/security/pam_krb4.so + session required /lib/security/pam_pwdb.so + session optional /lib/security/pam_console.so +-------------------------------------------------------------------------- + +This stuff may work under some other system. + +# To get this to work, you will have to add entries to /etc/pam.conf +# +# To make login kerberos-aware, you might change pam.conf to look +# like: + +# login authorization +login auth sufficient /lib/security/pam_krb4.so +login auth required /lib/security/pam_securetty.so +login auth required /lib/security/pam_unix_auth.so +login account required /lib/security/pam_unix_acct.so +login password required /lib/security/pam_unix_passwd.so +login session required /lib/security/pam_krb4.so +login session required /lib/security/pam_unix_session.so diff --git a/crypto/heimdal/lib/auth/sia/Makefile.am b/crypto/heimdal/lib/auth/sia/Makefile.am new file mode 100644 index 000000000000..efba5c028f7f --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/Makefile.am @@ -0,0 +1,66 @@ +# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $ + +include $(top_srcdir)/Makefile.am.common + +INCLUDES += $(INCLUDE_krb4) + +WFLAGS += $(WFLAGS_NOIMPLICITINT) + +DEFS = @DEFS@ + +## this is horribly ugly, but automake/libtool doesn't allow us to +## unconditionally build shared libraries, and it does not allow us to +## link with non-installed libraries + +if KRB4 +KAFS=$(top_builddir)/lib/kafs/.libs/libkafs.a +KAFS_S=$(top_builddir)/lib/kafs/.libs/libkafs.so +endif + +L = \ + $(KAFS) \ + $(top_builddir)/lib/krb5/.libs/libkrb5.a \ + $(top_builddir)/lib/asn1/.libs/libasn1.a \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/.libs/libdes.a \ + $(top_builddir)/lib/com_err/.libs/libcom_err.a \ + $(top_builddir)/lib/roken/.libs/libroken.a \ + $(LIB_getpwnam_r) \ + -lc + +L_shared = \ + $(KAFS_S) \ + $(top_builddir)/lib/krb5/.libs/libkrb5.so \ + $(top_builddir)/lib/asn1/.libs/libasn1.so \ + $(LIB_krb4) \ + $(top_builddir)/lib/des/.libs/libdes.so \ + $(top_builddir)/lib/com_err/.libs/libcom_err.so \ + $(top_builddir)/lib/roken/.libs/libroken.so \ + $(LIB_getpwnam_r) \ + -lc + +EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch + +foodir = $(libdir) +foo_DATA = libsia_krb5.so + +LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\* + +OBJS = sia.o posix_getpw.o + +libsia_krb5.so: $(OBJS) + if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + else \ + echo "missing libraries"; exit 1; \ + fi + ostrip -x -z $@ + +CLEANFILES = libsia_krb5.so $(OBJS) so_locations + +SUFFIXES += .c .o + +.c.o: + $(COMPILE) -c $< diff --git a/crypto/heimdal/lib/auth/sia/Makefile.in b/crypto/heimdal/lib/auth/sia/Makefile.in new file mode 100644 index 000000000000..fb36b4ec8282 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/Makefile.in @@ -0,0 +1,551 @@ +# Makefile.in generated automatically by automake 1.4 from Makefile.am + +# Copyright (C) 1994, 1995-8, 1999 Free Software Foundation, Inc. +# This Makefile.in is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY, to the extent permitted by law; without +# even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. + +# $Id: Makefile.am,v 1.5 1999/12/30 03:47:03 assar Exp $ + + +# $Id: Makefile.am.common,v 1.3 1999/04/01 14:58:43 joda Exp $ + + +# $Id: Makefile.am.common,v 1.13 1999/11/01 03:19:58 assar Exp $ + + +SHELL = @SHELL@ + +srcdir = @srcdir@ +top_srcdir = @top_srcdir@ +VPATH = @srcdir@ +prefix = @prefix@ +exec_prefix = @exec_prefix@ + +bindir = @bindir@ +sbindir = @sbindir@ +libexecdir = @libexecdir@ +datadir = @datadir@ +sysconfdir = @sysconfdir@ +sharedstatedir = @sharedstatedir@ +localstatedir = @localstatedir@ +libdir = @libdir@ +infodir = @infodir@ +mandir = @mandir@ +includedir = @includedir@ +oldincludedir = /usr/include + +DESTDIR = + +pkgdatadir = $(datadir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkgincludedir = $(includedir)/@PACKAGE@ + +top_builddir = ../../.. + +ACLOCAL = @ACLOCAL@ +AUTOCONF = @AUTOCONF@ +AUTOMAKE = @AUTOMAKE@ +AUTOHEADER = @AUTOHEADER@ + +INSTALL = @INSTALL@ +INSTALL_PROGRAM = @INSTALL_PROGRAM@ $(AM_INSTALL_PROGRAM_FLAGS) +INSTALL_DATA = @INSTALL_DATA@ +INSTALL_SCRIPT = @INSTALL_SCRIPT@ +transform = @program_transform_name@ + +NORMAL_INSTALL = : +PRE_INSTALL = : +POST_INSTALL = : +NORMAL_UNINSTALL = : +PRE_UNINSTALL = : +POST_UNINSTALL = : +host_alias = @host_alias@ +host_triplet = @host@ +AFS_EXTRA_LD = @AFS_EXTRA_LD@ +AIX_EXTRA_KAFS = @AIX_EXTRA_KAFS@ +AWK = @AWK@ +CANONICAL_HOST = @CANONICAL_HOST@ +CATMAN = @CATMAN@ +CATMANEXT = @CATMANEXT@ +CC = @CC@ +DBLIB = @DBLIB@ +EXEEXT = @EXEEXT@ +EXTRA_LIB45 = @EXTRA_LIB45@ +GROFF = @GROFF@ +INCLUDE_ = @INCLUDE_@ +LD = @LD@ +LEX = @LEX@ +LIBOBJS = @LIBOBJS@ +LIBTOOL = @LIBTOOL@ +LIB_ = @LIB_@ +LIB_AUTH_SUBDIRS = @LIB_AUTH_SUBDIRS@ +LIB_kdb = @LIB_kdb@ +LIB_otp = @LIB_otp@ +LIB_roken = @LIB_roken@ +LIB_security = @LIB_security@ +LN_S = @LN_S@ +LTLIBOBJS = @LTLIBOBJS@ +MAKEINFO = @MAKEINFO@ +MAKE_X_PROGS_BIN_PROGS = @MAKE_X_PROGS_BIN_PROGS@ +MAKE_X_PROGS_BIN_SCRPTS = @MAKE_X_PROGS_BIN_SCRPTS@ +MAKE_X_PROGS_LIBEXEC_PROGS = @MAKE_X_PROGS_LIBEXEC_PROGS@ +NEED_WRITEAUTH_FALSE = @NEED_WRITEAUTH_FALSE@ +NEED_WRITEAUTH_TRUE = @NEED_WRITEAUTH_TRUE@ +NM = @NM@ +NROFF = @NROFF@ +OBJEXT = @OBJEXT@ +PACKAGE = @PACKAGE@ +RANLIB = @RANLIB@ +VERSION = @VERSION@ +VOID_RETSIGTYPE = @VOID_RETSIGTYPE@ +WFLAGS_NOIMPLICITINT = @WFLAGS_NOIMPLICITINT@ +WFLAGS_NOUNUSED = @WFLAGS_NOUNUSED@ +YACC = @YACC@ + +AUTOMAKE_OPTIONS = foreign no-dependencies + +SUFFIXES = .et .h .1 .3 .5 .8 .cat1 .cat3 .cat5 .cat8 .x .c .o + +INCLUDES = -I$(top_builddir)/include $(INCLUDE_krb4) + +AM_CFLAGS = $(WFLAGS) + +COMPILE_ET = $(top_builddir)/lib/com_err/compile_et + +buildinclude = $(top_builddir)/include + +LIB_XauReadAuth = @LIB_XauReadAuth@ +LIB_crypt = @LIB_crypt@ +LIB_dbm_firstkey = @LIB_dbm_firstkey@ +LIB_dbopen = @LIB_dbopen@ +LIB_dlopen = @LIB_dlopen@ +LIB_dn_expand = @LIB_dn_expand@ +LIB_el_init = @LIB_el_init@ +LIB_getattr = @LIB_getattr@ +LIB_gethostbyname = @LIB_gethostbyname@ +LIB_getpwent_r = @LIB_getpwent_r@ +LIB_getpwnam_r = @LIB_getpwnam_r@ +LIB_getsockopt = @LIB_getsockopt@ +LIB_logout = @LIB_logout@ +LIB_logwtmp = @LIB_logwtmp@ +LIB_odm_initialize = @LIB_odm_initialize@ +LIB_readline = @LIB_readline@ +LIB_res_search = @LIB_res_search@ +LIB_setpcred = @LIB_setpcred@ +LIB_setsockopt = @LIB_setsockopt@ +LIB_socket = @LIB_socket@ +LIB_syslog = @LIB_syslog@ +LIB_tgetent = @LIB_tgetent@ + +HESIODLIB = @HESIODLIB@ +HESIODINCLUDE = @HESIODINCLUDE@ +INCLUDE_hesiod = @INCLUDE_hesiod@ +LIB_hesiod = @LIB_hesiod@ + +INCLUDE_krb4 = @INCLUDE_krb4@ +LIB_krb4 = @LIB_krb4@ + +INCLUDE_readline = @INCLUDE_readline@ + +LEXLIB = @LEXLIB@ + +cat1dir = $(mandir)/cat1 +cat3dir = $(mandir)/cat3 +cat5dir = $(mandir)/cat5 +cat8dir = $(mandir)/cat8 + +MANRX = \(.*\)\.\([0-9]\) +CATSUFFIX = @CATSUFFIX@ + +NROFF_MAN = groff -mandoc -Tascii + +@KRB4_TRUE@LIB_kafs = $(top_builddir)/lib/kafs/libkafs.la $(AIX_EXTRA_KAFS) + +@KRB5_TRUE@LIB_krb5 = $(top_builddir)/lib/krb5/libkrb5.la $(top_builddir)/lib/asn1/libasn1.la +@KRB5_TRUE@LIB_gssapi = $(top_builddir)/lib/gssapi/libgssapi.la + +CHECK_LOCAL = $(PROGRAMS) + +WFLAGS = @WFLAGS@ $(WFLAGS_NOIMPLICITINT) + +DEFS = @DEFS@ + +@KRB4_TRUE@KAFS = $(top_builddir)/lib/kafs/.libs/libkafs.a +@KRB4_TRUE@KAFS_S = $(top_builddir)/lib/kafs/.libs/libkafs.so + +L = $(KAFS) $(top_builddir)/lib/krb5/.libs/libkrb5.a $(top_builddir)/lib/asn1/.libs/libasn1.a $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.a $(top_builddir)/lib/com_err/.libs/libcom_err.a $(top_builddir)/lib/roken/.libs/libroken.a $(LIB_getpwnam_r) -lc + + +L_shared = $(KAFS_S) $(top_builddir)/lib/krb5/.libs/libkrb5.so $(top_builddir)/lib/asn1/.libs/libasn1.so $(LIB_krb4) $(top_builddir)/lib/des/.libs/libdes.so $(top_builddir)/lib/com_err/.libs/libcom_err.so $(top_builddir)/lib/roken/.libs/libroken.so $(LIB_getpwnam_r) -lc + + +EXTRA_DIST = sia.c krb5_matrix.conf krb5+c2_matrix.conf security.patch + +foodir = $(libdir) +foo_DATA = libsia_krb5.so + +LDFLAGS = -rpath $(libdir) -hidden -exported_symbol siad_\* + +OBJS = sia.o posix_getpw.o + +CLEANFILES = libsia_krb5.so $(OBJS) so_locations +mkinstalldirs = $(SHELL) $(top_srcdir)/mkinstalldirs +CONFIG_HEADER = ../../../include/config.h +CONFIG_CLEAN_FILES = +CFLAGS = @CFLAGS@ +COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +CCLD = $(CC) +LINK = $(LIBTOOL) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(LDFLAGS) -o $@ +DATA = $(foo_DATA) + +DIST_COMMON = Makefile.am Makefile.in + + +DISTFILES = $(DIST_COMMON) $(SOURCES) $(HEADERS) $(TEXINFOS) $(EXTRA_DIST) + +TAR = tar +GZIP_ENV = --best +all: all-redirect +.SUFFIXES: +.SUFFIXES: .1 .3 .5 .8 .c .cat1 .cat3 .cat5 .cat8 .et .h .o .x +$(srcdir)/Makefile.in: Makefile.am $(top_srcdir)/configure.in $(ACLOCAL_M4) $(top_srcdir)/Makefile.am.common $(top_srcdir)/cf/Makefile.am.common + cd $(top_srcdir) && $(AUTOMAKE) --foreign lib/auth/sia/Makefile + +Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status + cd $(top_builddir) \ + && CONFIG_FILES=$(subdir)/$@ CONFIG_HEADERS= $(SHELL) ./config.status + + +install-fooDATA: $(foo_DATA) + @$(NORMAL_INSTALL) + $(mkinstalldirs) $(DESTDIR)$(foodir) + @list='$(foo_DATA)'; for p in $$list; do \ + if test -f $(srcdir)/$$p; then \ + echo " $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $(srcdir)/$$p $(DESTDIR)$(foodir)/$$p; \ + else if test -f $$p; then \ + echo " $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p"; \ + $(INSTALL_DATA) $$p $(DESTDIR)$(foodir)/$$p; \ + fi; fi; \ + done + +uninstall-fooDATA: + @$(NORMAL_UNINSTALL) + list='$(foo_DATA)'; for p in $$list; do \ + rm -f $(DESTDIR)$(foodir)/$$p; \ + done +tags: TAGS +TAGS: + + +distdir = $(top_builddir)/$(PACKAGE)-$(VERSION)/$(subdir) + +subdir = lib/auth/sia + +distdir: $(DISTFILES) + @for file in $(DISTFILES); do \ + d=$(srcdir); \ + if test -d $$d/$$file; then \ + cp -pr $$/$$file $(distdir)/$$file; \ + else \ + test -f $(distdir)/$$file \ + || ln $$d/$$file $(distdir)/$$file 2> /dev/null \ + || cp -p $$d/$$file $(distdir)/$$file || :; \ + fi; \ + done + $(MAKE) $(AM_MAKEFLAGS) top_distdir="$(top_distdir)" distdir="$(distdir)" dist-hook +info-am: +info: info-am +dvi-am: +dvi: dvi-am +check-am: all-am + $(MAKE) $(AM_MAKEFLAGS) check-local +check: check-am +installcheck-am: +installcheck: installcheck-am +install-exec-am: + @$(NORMAL_INSTALL) + $(MAKE) $(AM_MAKEFLAGS) install-exec-hook +install-exec: install-exec-am + +install-data-am: install-fooDATA install-data-local +install-data: install-data-am + +install-am: all-am + @$(MAKE) $(AM_MAKEFLAGS) install-exec-am install-data-am +install: install-am +uninstall-am: uninstall-fooDATA +uninstall: uninstall-am +all-am: Makefile $(DATA) all-local +all-redirect: all-am +install-strip: + $(MAKE) $(AM_MAKEFLAGS) AM_INSTALL_PROGRAM_FLAGS=-s install +installdirs: + $(mkinstalldirs) $(DESTDIR)$(foodir) + + +mostlyclean-generic: + +clean-generic: + -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) + +distclean-generic: + -rm -f Makefile $(CONFIG_CLEAN_FILES) + -rm -f config.cache config.log stamp-h stamp-h[0-9]* + +maintainer-clean-generic: +mostlyclean-am: mostlyclean-generic + +mostlyclean: mostlyclean-am + +clean-am: clean-generic mostlyclean-am + +clean: clean-am + +distclean-am: distclean-generic clean-am + -rm -f libtool + +distclean: distclean-am + +maintainer-clean-am: maintainer-clean-generic distclean-am + @echo "This command is intended for maintainers to use;" + @echo "it deletes files that may require special tools to rebuild." + +maintainer-clean: maintainer-clean-am + +.PHONY: uninstall-fooDATA install-fooDATA tags distdir info-am info \ +dvi-am dvi check-local check check-am installcheck-am installcheck \ +install-exec-am install-exec install-data-local install-data-am \ +install-data install-am install uninstall-am uninstall all-local \ +all-redirect all-am all installdirs mostlyclean-generic \ +distclean-generic clean-generic maintainer-clean-generic clean \ +mostlyclean distclean maintainer-clean + + +install-suid-programs: + @foo='$(bin_SUIDS)'; \ + for file in $$foo; do \ + x=$(DESTDIR)$(bindir)/$$file; \ + if chown 0:0 $$x && chmod u+s $$x; then :; else \ + chmod 0 $$x; fi; done + +install-exec-hook: install-suid-programs + +install-build-headers:: $(include_HEADERS) $(build_HEADERZ) + @foo='$(include_HEADERS) $(build_HEADERZ)'; \ + for f in $$foo; do \ + f=`basename $$f`; \ + if test -f "$(srcdir)/$$f"; then file="$(srcdir)/$$f"; \ + else file="$$f"; fi; \ + if cmp -s $$file $(buildinclude)/$$f 2> /dev/null ; then \ + : ; else \ + echo " cp $$file $(buildinclude)/$$f"; \ + cp $$file $(buildinclude)/$$f; \ + fi ; \ + done + +all-local: install-build-headers +#NROFF_MAN = nroff -man +.1.cat1: + $(NROFF_MAN) $< > $@ +.3.cat3: + $(NROFF_MAN) $< > $@ +.5.cat5: + $(NROFF_MAN) $< > $@ +.8.cat8: + $(NROFF_MAN) $< > $@ + +dist-cat1-mans: + @foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat1/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat3-mans: + @foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat3/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat5-mans: + @foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat5/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-cat8-mans: + @foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done ;\ + for i in $$foo; do \ + x=`echo $$i | sed 's/\.[^.]*$$/.cat8/'`; \ + echo "$(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x"; \ + $(NROFF_MAN) $(srcdir)/$$i > $(distdir)/$$x; \ + done + +dist-hook: dist-cat1-mans dist-cat3-mans dist-cat5-mans dist-cat8-mans + +install-cat1-mans: + @ext=1;\ + foo='$(man1_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.1) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat1dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat1/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat1dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat3-mans: + @ext=3;\ + foo='$(man3_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.3) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat3dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat3/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat3dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat5-mans: + @ext=5;\ + foo='$(man5_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.5) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat5dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat5/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat5dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat8-mans: + @ext=8;\ + foo='$(man8_MANS)'; \ + bar='$(man_MANS)'; \ + for i in $$bar; do \ + case $$i in \ + *.8) foo="$$foo $$i";; \ + esac; done; \ + if test "$$foo"; then \ + $(mkinstalldirs) $(DESTDIR)$(cat8dir); \ + for x in $$foo; do \ + f=`echo $$x | sed 's/\.[^.]*$$/.cat8/'`; \ + if test -f "$(srcdir)/$$f"; then \ + b=`echo $$x | sed 's!$(MANRX)!\1!'`; \ + echo "$(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX)";\ + $(INSTALL_DATA) $(srcdir)/$$g $(DESTDIR)$(cat8dir)/$$b.$(CATSUFFIX);\ + fi; \ + done ;\ + fi + +install-cat-mans: install-cat1-mans install-cat3-mans install-cat5-mans install-cat8-mans + +install-data-local: install-cat-mans + +.et.h: + $(COMPILE_ET) $< +.et.c: + $(COMPILE_ET) $< + +.x.c: + @cmp -s $< $@ 2> /dev/null || cp $< $@ + +check-local:: + @foo='$(CHECK_LOCAL)'; \ + if test "$$foo"; then \ + failed=0; all=0; \ + for i in $$foo; do \ + all=`expr $$all + 1`; \ + if ./$$i --version > /dev/null 2>&1; then \ + echo "PASS: $$i"; \ + else \ + echo "FAIL: $$i"; \ + failed=`expr $$failed + 1`; \ + fi; \ + done; \ + if test "$$failed" -eq 0; then \ + banner="All $$all tests passed"; \ + else \ + banner="$$failed of $$all tests failed"; \ + fi; \ + dashes=`echo "$$banner" | sed s/./=/g`; \ + echo "$$dashes"; \ + echo "$$banner"; \ + echo "$$dashes"; \ + test "$$failed" -eq 0; \ + fi + +libsia_krb5.so: $(OBJS) + if test -f $(top_builddir)/lib/krb5/.libs/libkrb5.a; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L); \ + elif test -f $(top_builddir)/lib/krb5/.libs/libkrb5.so; then \ + ld -shared -o $@ $(LDFLAGS) $(OBJS) $(L_shared); \ + else \ + echo "missing libraries"; exit 1; \ + fi + ostrip -x -z $@ + +.c.o: + $(COMPILE) -c $< + +# Tell versions [3.59,3.63) of GNU make to not export all variables. +# Otherwise a system limit (for SysV at least) may be exceeded. +.NOEXPORT: diff --git a/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf b/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf new file mode 100644 index 000000000000..4b90e0264a37 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb4+c2_matrix.conf @@ -0,0 +1,58 @@ +# Copyright (c) 1998 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +# $Id: krb4+c2_matrix.conf,v 1.4 1999/12/02 16:58:37 joda Exp $ + +# sia matrix configuration file (Kerberos 4 + C2) + +siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chk_invoker=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_estab=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_finger=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_shell=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/heimdal/lib/auth/sia/krb4_matrix.conf b/crypto/heimdal/lib/auth/sia/krb4_matrix.conf new file mode 100644 index 000000000000..4f55a810ce71 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb4_matrix.conf @@ -0,0 +1,59 @@ +# Copyright (c) 1998 Kungliga Tekniska Högskolan +# (Royal Institute of Technology, Stockholm, Sweden). +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# 3. Neither the name of the Institute nor the names of its contributors +# may be used to endorse or promote products derived from this software +# without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND +# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE +# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS +# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT +# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY +# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF +# SUCH DAMAGE. + +# $Id: krb4_matrix.conf,v 1.6 1999/12/02 16:58:37 joda Exp $ + +# sia matrix configuration file (Kerberos 4 + BSD) + +siad_init=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chk_invoker=(BSD,libc.so) +siad_ses_init=(KRB4,/usr/athena/lib/libsia_krb4.so) +siad_ses_authent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_ses_estab=(BSD,libc.so) +siad_ses_launch=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_ses_suauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_ses_reauthent=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chg_finger=(BSD,libc.so) +siad_chg_password=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chg_shell=(BSD,libc.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) +siad_chk_user=(KRB4,/usr/athena/lib/libsia_krb4.so)(BSD,libc.so) + diff --git a/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf b/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf new file mode 100644 index 000000000000..c2952e2db8f6 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb5+c2_matrix.conf @@ -0,0 +1,27 @@ +# $Id: krb5+c2_matrix.conf,v 1.2 1998/11/26 20:58:18 assar Exp $ + +# sia matrix configuration file (Kerberos 5 + C2) + +siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_chk_invoker=(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_estab=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_ses_reauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_finger=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_password=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chg_shell=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) +siad_chk_user=(KRB5,/usr/athena/lib/libsia_krb5.so)(OSFC2,/usr/shlib/libsecurity.so) diff --git a/crypto/heimdal/lib/auth/sia/krb5_matrix.conf b/crypto/heimdal/lib/auth/sia/krb5_matrix.conf new file mode 100644 index 000000000000..e49366aefc67 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/krb5_matrix.conf @@ -0,0 +1,27 @@ +# $Id: krb5_matrix.conf,v 1.1 1997/05/15 18:34:18 joda Exp $ + +# sia matrix configuration file (Kerberos 5 + BSD) + +siad_init=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_chk_invoker=(BSD,libc.so) +siad_ses_init=(KRB5,/usr/athena/lib/libsia_krb5.so) +siad_ses_authent=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_ses_estab=(BSD,libc.so) +siad_ses_launch=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_ses_suauthent=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_ses_reauthent=(BSD,libc.so) +siad_chg_finger=(BSD,libc.so) +siad_chg_password=(BSD,libc.so) +siad_chg_shell=(BSD,libc.so) +siad_getpwent=(BSD,libc.so) +siad_getpwuid=(BSD,libc.so) +siad_getpwnam=(BSD,libc.so) +siad_setpwent=(BSD,libc.so) +siad_endpwent=(BSD,libc.so) +siad_getgrent=(BSD,libc.so) +siad_getgrgid=(BSD,libc.so) +siad_getgrnam=(BSD,libc.so) +siad_setgrent=(BSD,libc.so) +siad_endgrent=(BSD,libc.so) +siad_ses_release=(KRB5,/usr/athena/lib/libsia_krb5.so)(BSD,libc.so) +siad_chk_user=(BSD,libc.so) diff --git a/crypto/heimdal/lib/auth/sia/posix_getpw.c b/crypto/heimdal/lib/auth/sia/posix_getpw.c new file mode 100644 index 000000000000..c5961dcd2c5b --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/posix_getpw.c @@ -0,0 +1,78 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +#include "sia_locl.h" + +RCSID("$Id: posix_getpw.c,v 1.1 1999/03/21 17:07:02 joda Exp $"); + +#ifndef POSIX_GETPWNAM_R +/* + * These functions translate from the old Digital UNIX 3.x interface + * to POSIX.1c. + */ + +int +posix_getpwnam_r(const char *name, struct passwd *pwd, + char *buffer, int len, struct passwd **result) +{ + int ret = getpwnam_r(name, pwd, buffer, len); + if(ret == 0) + *result = pwd; + else{ + *result = NULL; + ret = _Geterrno(); + if(ret == 0){ + ret = ERANGE; + _Seterrno(ret); + } + } + return ret; +} + +int +posix_getpwuid_r(uid_t uid, struct passwd *pwd, + char *buffer, int len, struct passwd **result) +{ + int ret = getpwuid_r(uid, pwd, buffer, len); + if(ret == 0) + *result = pwd; + else{ + *result = NULL; + ret = _Geterrno(); + if(ret == 0){ + ret = ERANGE; + _Seterrno(ret); + } + } + return ret; +} +#endif /* POSIX_GETPWNAM_R */ diff --git a/crypto/heimdal/lib/auth/sia/security.patch b/crypto/heimdal/lib/auth/sia/security.patch new file mode 100644 index 000000000000..c407876d6362 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/security.patch @@ -0,0 +1,11 @@ +--- /sbin/init.d/security~ Tue Aug 20 22:44:09 1996 ++++ /sbin/init.d/security Fri Nov 1 14:52:56 1996 +@@ -49,7 +49,7 @@ + SECURITY=BASE + fi + ;; +- BASE) ++ BASE|KRB4) + ;; + *) + echo "security configuration set to default (BASE)." diff --git a/crypto/heimdal/lib/auth/sia/sia.c b/crypto/heimdal/lib/auth/sia/sia.c new file mode 100644 index 000000000000..01e2ac005037 --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/sia.c @@ -0,0 +1,672 @@ +/* + * Copyright (c) 1995-1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of the Institute nor the names of its contributors + * may be used to endorse or promote products derived from this software + * without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include "sia_locl.h" + +RCSID("$Id: sia.c,v 1.33 1999/12/20 09:46:44 joda Exp $"); + +int +siad_init(void) +{ + return SIADSUCCESS; +} + +int +siad_chk_invoker(void) +{ + SIA_DEBUG(("DEBUG", "siad_chk_invoker")); + return SIADFAIL; +} + +int +siad_ses_init(SIAENTITY *entity, int pkgind) +{ + struct state *s = malloc(sizeof(*s)); + SIA_DEBUG(("DEBUG", "siad_ses_init")); + if(s == NULL) + return SIADFAIL; + memset(s, 0, sizeof(*s)); +#ifdef SIA_KRB5 + krb5_init_context(&s->context); +#endif + entity->mech[pkgind] = (int*)s; + return SIADSUCCESS; +} + +static int +setup_name(SIAENTITY *e, prompt_t *p) +{ + SIA_DEBUG(("DEBUG", "setup_name")); + e->name = malloc(SIANAMEMIN + 1); + if(e->name == NULL){ + SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIANAMEMIN+1)); + return SIADFAIL; + } + p->prompt = (unsigned char*)"login: "; + p->result = (unsigned char*)e->name; + p->min_result_length = 1; + p->max_result_length = SIANAMEMIN; + p->control_flags = 0; + return SIADSUCCESS; +} + +static int +setup_password(SIAENTITY *e, prompt_t *p) +{ + SIA_DEBUG(("DEBUG", "setup_password")); + e->password = malloc(SIAMXPASSWORD + 1); + if(e->password == NULL){ + SIA_DEBUG(("DEBUG", "failed to malloc %u bytes", SIAMXPASSWORD+1)); + return SIADFAIL; + } + p->prompt = (unsigned char*)"Password: "; + p->result = (unsigned char*)e->password; + p->min_result_length = 0; + p->max_result_length = SIAMXPASSWORD; + p->control_flags = SIARESINVIS; + return SIADSUCCESS; +} + + +static int +doauth(SIAENTITY *entity, int pkgind, char *name) +{ + struct passwd pw, *pwd; + char pwbuf[1024]; + struct state *s = (struct state*)entity->mech[pkgind]; +#ifdef SIA_KRB5 + krb5_realm *realms, *r; + krb5_principal principal; + krb5_ccache ccache; + krb5_error_code ret; +#endif +#ifdef SIA_KRB4 + char realm[REALM_SZ]; + char *toname, *toinst; + int ret; + struct passwd fpw, *fpwd; + char fpwbuf[1024]; + int secure; +#endif + + if(getpwnam_r(name, &pw, pwbuf, sizeof(pwbuf), &pwd) != 0){ + SIA_DEBUG(("DEBUG", "failed to getpwnam(%s)", name)); + return SIADFAIL; + } + +#ifdef SIA_KRB5 + ret = krb5_get_default_realms(s->context, &realms); + + for (r = realms; *r != NULL; ++r) { + krb5_make_principal (s->context, &principal, *r, entity->name, NULL); + + if(krb5_kuserok(s->context, principal, entity->name)) + break; + } + krb5_free_host_realm (s->context, realms); + if (*r == NULL) + return SIADFAIL; + + sprintf(s->ticket, "FILE:/tmp/krb5_cc%d_%d", pwd->pw_uid, getpid()); + ret = krb5_cc_resolve(s->context, s->ticket, &ccache); + if(ret) + return SIADFAIL; +#endif + +#ifdef SIA_KRB4 + snprintf(s->ticket, sizeof(s->ticket), + "%s%u_%u", TKT_ROOT, (unsigned)pwd->pw_uid, (unsigned)getpid()); + krb_get_lrealm(realm, 1); + toname = name; + toinst = ""; + if(entity->authtype == SIA_A_SUAUTH){ + uid_t ouid; +#ifdef HAVE_SIAENTITY_OUID + ouid = entity->ouid; +#else + ouid = getuid(); +#endif + if(getpwuid_r(ouid, &fpw, fpwbuf, sizeof(fpwbuf), &fpwd) != 0){ + SIA_DEBUG(("DEBUG", "failed to getpwuid(%u)", ouid)); + return SIADFAIL; + } + snprintf(s->ticket, sizeof(s->ticket), "%s_%s_to_%s_%d", + TKT_ROOT, fpwd->pw_name, pwd->pw_name, getpid()); + if(strcmp(pwd->pw_name, "root") == 0){ + toname = fpwd->pw_name; + toinst = pwd->pw_name; + } + } + if(entity->authtype == SIA_A_REAUTH) + snprintf(s->ticket, sizeof(s->ticket), "%s", tkt_string()); + + krb_set_tkt_string(s->ticket); + + setuid(0); /* XXX fix for fix in tf_util.c */ + if(krb_kuserok(toname, toinst, realm, name)){ + SIA_DEBUG(("DEBUG", "%s.%s@%s is not allowed to login as %s", + toname, toinst, realm, name)); + return SIADFAIL; + } +#endif +#ifdef SIA_KRB5 + ret = krb5_verify_user_lrealm(s->context, principal, ccache, + entity->password, 1, NULL); + if(ret){ + /* if this is most likely a local user (such as + root), just silently return failure when the + principal doesn't exist */ + if(ret != KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN && + ret != KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN) + SIALOG("WARNING", "krb5_verify_user(%s): %s", + entity->name, error_message(ret)); + return SIADFAIL; + } +#endif +#ifdef SIA_KRB4 + if (getuid () == 0) + secure = KRB_VERIFY_SECURE; + else + secure = KRB_VERIFY_NOT_SECURE; + + ret = krb_verify_user(toname, toinst, realm, + entity->password, secure, NULL); + if(ret){ + SIA_DEBUG(("DEBUG", "krb_verify_user: %s", krb_get_err_text(ret))); + if(ret != KDC_PR_UNKNOWN) + /* since this is most likely a local user (such as + root), just silently return failure when the + principal doesn't exist */ + SIALOG("WARNING", "krb_verify_user(%s.%s): %s", + toname, toinst, krb_get_err_text(ret)); + return SIADFAIL; + } +#endif + if(sia_make_entity_pwd(pwd, entity) == SIAFAIL) + return SIADFAIL; + s->valid = 1; + return SIADSUCCESS; +} + + +static int +common_auth(sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + prompt_t prompts[2], *pr; + char *name; + + SIA_DEBUG(("DEBUG", "common_auth")); + if((siastat == SIADSUCCESS) && (geteuid() == 0)) + return SIADSUCCESS; + if(entity == NULL) { + SIA_DEBUG(("DEBUG", "entity == NULL")); + return SIADFAIL | SIADSTOP; + } + name = entity->name; + if(entity->acctname) + name = entity->acctname; + + if((collect != NULL) && entity->colinput) { + int num; + pr = prompts; + if(name == NULL){ + if(setup_name(entity, pr) != SIADSUCCESS) + return SIADFAIL; + pr++; + } + if(entity->password == NULL){ + if(setup_password(entity, pr) != SIADSUCCESS) + return SIADFAIL; + pr++; + } + num = pr - prompts; + if(num == 1){ + if((*collect)(240, SIAONELINER, (unsigned char*)"", num, + prompts) != SIACOLSUCCESS){ + SIA_DEBUG(("DEBUG", "collect failed")); + return SIADFAIL | SIADSTOP; + } + } else if(num > 0){ + if((*collect)(0, SIAFORM, (unsigned char*)"", num, + prompts) != SIACOLSUCCESS){ + SIA_DEBUG(("DEBUG", "collect failed")); + return SIADFAIL | SIADSTOP; + } + } + } + if(name == NULL) + name = entity->name; + if(name == NULL || name[0] == '\0'){ + SIA_DEBUG(("DEBUG", "name is null")); + return SIADFAIL; + } + + if(entity->password == NULL || strlen(entity->password) > SIAMXPASSWORD){ + SIA_DEBUG(("DEBUG", "entity->password is null")); + return SIADFAIL; + } + + return doauth(entity, pkgind, name); +} + + +int +siad_ses_authent(sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_authent")); + return common_auth(collect, entity, siastat, pkgind); +} + +int +siad_ses_estab(sia_collect_func_t *collect, + SIAENTITY *entity, int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_estab")); + return SIADFAIL; +} + +int +siad_ses_launch(sia_collect_func_t *collect, + SIAENTITY *entity, + int pkgind) +{ + static char env[MaxPathLen]; + struct state *s = (struct state*)entity->mech[pkgind]; + SIA_DEBUG(("DEBUG", "siad_ses_launch")); + if(s->valid){ +#ifdef SIA_KRB5 + chown(s->ticket + sizeof("FILE:") - 1, + entity->pwd->pw_uid, + entity->pwd->pw_gid); + snprintf(env, sizeof(env), "KRB5CCNAME=%s", s->ticket); +#endif +#ifdef SIA_KRB4 + chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); + snprintf(env, sizeof(env), "KRBTKFILE=%s", s->ticket); +#endif + putenv(env); + } +#ifdef KRB4 + if (k_hasafs()) { + char cell[64]; + k_setpag(); + if(k_afs_cell_of_file(entity->pwd->pw_dir, cell, sizeof(cell)) == 0) + krb_afslog(cell, 0); + krb_afslog_home(0, 0, entity->pwd->pw_dir); + } +#endif + return SIADSUCCESS; +} + +int +siad_ses_release(SIAENTITY *entity, int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_release")); + if(entity->mech[pkgind]){ +#ifdef SIA_KRB5 + struct state *s = (struct state*)entity->mech[pkgind]; + krb5_free_context(s->context); +#endif + free(entity->mech[pkgind]); + } + return SIADSUCCESS; +} + +int +siad_ses_suauthent(sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + SIA_DEBUG(("DEBUG", "siad_ses_suauth")); + if(geteuid() != 0) + return SIADFAIL; + if(entity->name == NULL) + return SIADFAIL; + if(entity->name[0] == '\0') { + free(entity->name); + entity->name = strdup("root"); + if (entity->name == NULL) + return SIADFAIL; + } + return common_auth(collect, entity, siastat, pkgind); +} + +int +siad_ses_reauthent (sia_collect_func_t *collect, + SIAENTITY *entity, + int siastat, + int pkgind) +{ + int ret; + SIA_DEBUG(("DEBUG", "siad_ses_reauthent")); + if(entity == NULL || entity->name == NULL) + return SIADFAIL; + ret = common_auth(collect, entity, siastat, pkgind); + if((ret & SIADSUCCESS)){ + /* launch isn't (always?) called when doing reauth, so we must + duplicate some code here... */ + struct state *s = (struct state*)entity->mech[pkgind]; + chown(s->ticket, entity->pwd->pw_uid, entity->pwd->pw_gid); +#ifdef KRB4 + if(k_hasafs()) { + char cell[64]; + if(k_afs_cell_of_file(entity->pwd->pw_dir, + cell, sizeof(cell)) == 0) + krb_afslog(cell, 0); + krb_afslog_home(0, 0, entity->pwd->pw_dir); + } +#endif + } + return ret; +} + +int +siad_chg_finger (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + SIA_DEBUG(("DEBUG", "siad_chg_finger")); + return SIADFAIL; +} + +#ifdef SIA_KRB5 +int +siad_chg_password (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + return SIADFAIL; +} +#endif + +#ifdef SIA_KRB4 +static void +sia_message(sia_collect_func_t *collect, int rendition, + const char *title, const char *message) +{ + prompt_t prompt; + prompt.prompt = (unsigned char*)message; + (*collect)(0, rendition, (unsigned char*)title, 1, &prompt); +} + +static int +init_change(sia_collect_func_t *collect, krb_principal *princ) +{ + prompt_t prompt; + char old_pw[MAX_KPW_LEN+1]; + char *msg; + char tktstring[128]; + int ret; + + SIA_DEBUG(("DEBUG", "init_change")); + prompt.prompt = (unsigned char*)"Old password: "; + prompt.result = (unsigned char*)old_pw; + prompt.min_result_length = 0; + prompt.max_result_length = sizeof(old_pw) - 1; + prompt.control_flags = SIARESINVIS; + asprintf(&msg, "Changing password for %s", krb_unparse_name(princ)); + if(msg == NULL){ + SIA_DEBUG(("DEBUG", "out of memory")); + return SIADFAIL; + } + ret = (*collect)(60, SIAONELINER, (unsigned char*)msg, 1, &prompt); + free(msg); + SIA_DEBUG(("DEBUG", "ret = %d", ret)); + if(ret != SIACOLSUCCESS) + return SIADFAIL; + snprintf(tktstring, sizeof(tktstring), + "%s_cpw_%u", TKT_ROOT, (unsigned)getpid()); + krb_set_tkt_string(tktstring); + + ret = krb_get_pw_in_tkt(princ->name, princ->instance, princ->realm, + PWSERV_NAME, KADM_SINST, 1, old_pw); + if (ret != KSUCCESS) { + SIA_DEBUG(("DEBUG", "krb_get_pw_in_tkt: %s", krb_get_err_text(ret))); + if (ret == INTK_BADPW) + sia_message(collect, SIAWARNING, "", "Incorrect old password."); + else + sia_message(collect, SIAWARNING, "", "Kerberos error."); + memset(old_pw, 0, sizeof(old_pw)); + return SIADFAIL; + } + if(chown(tktstring, getuid(), -1) < 0){ + dest_tkt(); + return SIADFAIL; + } + memset(old_pw, 0, sizeof(old_pw)); + return SIADSUCCESS; +} + +int +siad_chg_password (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + prompt_t prompts[2]; + krb_principal princ; + int ret; + char new_pw1[MAX_KPW_LEN+1]; + char new_pw2[MAX_KPW_LEN+1]; + static struct et_list *et_list; + + set_progname(argv[0]); + + SIA_DEBUG(("DEBUG", "siad_chg_password")); + if(collect == NULL) + return SIADFAIL; + + if(username == NULL) + username = getlogin(); + + ret = krb_parse_name(username, &princ); + if(ret) + return SIADFAIL; + if(princ.realm[0] == '\0') + krb_get_lrealm(princ.realm, 1); + + if(et_list == NULL) { + initialize_kadm_error_table_r(&et_list); + initialize_krb_error_table_r(&et_list); + } + + ret = init_change(collect, &princ); + if(ret != SIADSUCCESS) + return ret; + +again: + prompts[0].prompt = (unsigned char*)"New password: "; + prompts[0].result = (unsigned char*)new_pw1; + prompts[0].min_result_length = MIN_KPW_LEN; + prompts[0].max_result_length = sizeof(new_pw1) - 1; + prompts[0].control_flags = SIARESINVIS; + prompts[1].prompt = (unsigned char*)"Verify new password: "; + prompts[1].result = (unsigned char*)new_pw2; + prompts[1].min_result_length = MIN_KPW_LEN; + prompts[1].max_result_length = sizeof(new_pw2) - 1; + prompts[1].control_flags = SIARESINVIS; + if((*collect)(120, SIAFORM, (unsigned char*)"", 2, prompts) != + SIACOLSUCCESS) { + dest_tkt(); + return SIADFAIL; + } + if(strcmp(new_pw1, new_pw2) != 0){ + sia_message(collect, SIAWARNING, "", "Password mismatch."); + goto again; + } + ret = kadm_check_pw(new_pw1); + if(ret) { + sia_message(collect, SIAWARNING, "", com_right(et_list, ret)); + goto again; + } + + memset(new_pw2, 0, sizeof(new_pw2)); + ret = kadm_init_link (PWSERV_NAME, KRB_MASTER, princ.realm); + if (ret != KADM_SUCCESS) + sia_message(collect, SIAWARNING, "Error initing kadmin connection", + com_right(et_list, ret)); + else { + des_cblock newkey; + char *pw_msg; /* message from server */ + + des_string_to_key(new_pw1, &newkey); + ret = kadm_change_pw_plain((unsigned char*)&newkey, new_pw1, &pw_msg); + memset(newkey, 0, sizeof(newkey)); + + if (ret == KADM_INSECURE_PW) + sia_message(collect, SIAWARNING, "Insecure password", pw_msg); + else if (ret != KADM_SUCCESS) + sia_message(collect, SIAWARNING, "Error changing password", + com_right(et_list, ret)); + } + memset(new_pw1, 0, sizeof(new_pw1)); + + if (ret != KADM_SUCCESS) + sia_message(collect, SIAWARNING, "", "Password NOT changed."); + else + sia_message(collect, SIAINFO, "", "Password changed."); + + dest_tkt(); + if(ret) + return SIADFAIL; + return SIADSUCCESS; +} +#endif + +int +siad_chg_shell (sia_collect_func_t *collect, + const char *username, + int argc, + char *argv[]) +{ + return SIADFAIL; +} + +int +siad_getpwent(struct passwd *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getpwuid (uid_t uid, + struct passwd *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getpwnam (const char *name, + struct passwd *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_setpwent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_endpwent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getgrent(struct group *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getgrgid (gid_t gid, + struct group *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_getgrnam (const char *name, + struct group *result, + char *buf, + int bufsize, + struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_setgrent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_endgrent (struct sia_context *context) +{ + return SIADFAIL; +} + +int +siad_chk_user (const char *logname, int checkflag) +{ + if(checkflag != CHGPASSWD) + return SIADFAIL; + return SIADSUCCESS; +} diff --git a/crypto/heimdal/lib/auth/sia/sia_locl.h b/crypto/heimdal/lib/auth/sia/sia_locl.h new file mode 100644 index 000000000000..0f3f74d98d3b --- /dev/null +++ b/crypto/heimdal/lib/auth/sia/sia_locl.h @@ -0,0 +1,94 @@ +/* + * Copyright (c) 1999 Kungliga Tekniska Högskolan + * (Royal Institute of Technology, Stockholm, Sweden). + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * 3. Neither the name of KTH nor the names of its contributors may be + * used to endorse or promote products derived from this software without + * specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY KTH AND ITS CONTRIBUTORS ``AS IS'' AND ANY + * EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL KTH OR ITS CONTRIBUTORS BE + * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR + * BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ + +/* $Id: sia_locl.h,v 1.2 1999/04/01 16:09:22 joda Exp $ */ + +#ifndef __sia_locl_h__ +#define __sia_locl_h__ + +#ifdef HAVE_CONFIG_H +#include <config.h> +#endif +#include <ctype.h> +#include <stdio.h> +#include <string.h> +#include <siad.h> +#include <pwd.h> +#include <sys/types.h> +#include <sys/socket.h> +#include <netinet/in.h> + +#ifdef KRB5 +#define SIA_KRB5 +#elif defined(KRB4) +#define SIA_KRB4 +#endif + +#ifdef SIA_KRB5 +#include <krb5.h> +#include <com_err.h> +#endif +#ifdef SIA_KRB4 +#include <krb.h> +#include <krb_err.h> +#include <kadm.h> +#include <kadm_err.h> +#endif +#ifdef KRB4 +#include <kafs.h> +#endif + +#include <roken.h> + +#ifndef POSIX_GETPWNAM_R + +#define getpwnam_r posix_getpwnam_r +#define getpwuid_r posix_getpwuid_r + +#endif /* POSIX_GETPWNAM_R */ + +#ifndef DEBUG +#define SIA_DEBUG(X) +#else +#define SIA_DEBUG(X) SIALOG X +#endif + +struct state{ +#ifdef SIA_KRB5 + krb5_context context; + krb5_auth_context auth_context; +#endif + char ticket[MaxPathLen]; + int valid; +}; + +#endif /* __sia_locl_h__ */ |