[Midnightbsd-cvs] src [7171] trunk/crypto/heimdal: remove unused files
laffer1 at midnightbsd.org
laffer1 at midnightbsd.org
Sun Jul 26 17:50:21 EDT 2015
Revision: 7171
http://svnweb.midnightbsd.org/src/?rev=7171
Author: laffer1
Date: 2015-07-26 17:50:20 -0400 (Sun, 26 Jul 2015)
Log Message:
-----------
remove unused files
Modified Paths:
--------------
trunk/crypto/heimdal/kadmin/rpc.c
trunk/crypto/heimdal/kcm/cache.c
trunk/crypto/heimdal/tools/krb5-config.in
Removed Paths:
-------------
trunk/crypto/heimdal/TODO
trunk/crypto/heimdal/admin/NTMakefile
trunk/crypto/heimdal/admin/ktutil-version.rc
trunk/crypto/heimdal/admin/ktutil.cat8
trunk/crypto/heimdal/appl/NTMakefile
trunk/crypto/heimdal/appl/dceutils/
trunk/crypto/heimdal/appl/otp/
trunk/crypto/heimdal/appl/popper/
trunk/crypto/heimdal/appl/xnlock/
trunk/crypto/heimdal/cf/
trunk/crypto/heimdal/configure.ac
trunk/crypto/heimdal/depcomp
trunk/crypto/heimdal/include/NTMakefile
trunk/crypto/heimdal/include/gssapi/NTMakefile
trunk/crypto/heimdal/include/hcrypto/NTMakefile
trunk/crypto/heimdal/include/kadm5/NTMakefile
trunk/crypto/heimdal/include/make_crypto.c
trunk/crypto/heimdal/kadmin/NTMakefile
trunk/crypto/heimdal/kadmin/kadmin-version.rc
trunk/crypto/heimdal/kadmin/kadmin.cat8
trunk/crypto/heimdal/kadmin/kadmind-version.rc
trunk/crypto/heimdal/kadmin/kadmind.cat8
trunk/crypto/heimdal/kcm/NTMakefile
trunk/crypto/heimdal/kcm/cursor.c
trunk/crypto/heimdal/kcm/kcm.cat8
trunk/crypto/heimdal/kcm/kcm_protos.h
trunk/crypto/heimdal/kdc/524.c
trunk/crypto/heimdal/kdc/NTMakefile
trunk/crypto/heimdal/kdc/hprop-version.rc
trunk/crypto/heimdal/kdc/hprop.cat8
trunk/crypto/heimdal/kdc/hpropd-version.rc
trunk/crypto/heimdal/kdc/hpropd.cat8
trunk/crypto/heimdal/kdc/kadb.h
trunk/crypto/heimdal/kdc/kaserver.c
trunk/crypto/heimdal/kdc/kdc-version.rc
trunk/crypto/heimdal/kdc/kdc.cat8
trunk/crypto/heimdal/kdc/kerberos4.c
trunk/crypto/heimdal/kdc/kstash-version.rc
trunk/crypto/heimdal/kdc/kstash.cat8
trunk/crypto/heimdal/kdc/libkdc-exports.def
trunk/crypto/heimdal/kdc/libkdc-version.rc
trunk/crypto/heimdal/kdc/string2key-version.rc
trunk/crypto/heimdal/kdc/string2key.cat8
trunk/crypto/heimdal/kdc/v4_dump.c
trunk/crypto/heimdal/kpasswd/NTMakefile
trunk/crypto/heimdal/kpasswd/kpasswd.cat1
trunk/crypto/heimdal/kpasswd/kpasswdd.cat8
trunk/crypto/heimdal/kuser/NTMakefile
trunk/crypto/heimdal/kuser/kcc-version.rc
trunk/crypto/heimdal/kuser/kdestroy-version.rc
trunk/crypto/heimdal/kuser/kdestroy.cat1
trunk/crypto/heimdal/kuser/kdigest-version.rc
trunk/crypto/heimdal/kuser/kdigest.cat8
trunk/crypto/heimdal/kuser/kgetcred-version.rc
trunk/crypto/heimdal/kuser/kgetcred.cat1
trunk/crypto/heimdal/kuser/kimpersonate-version.rc
trunk/crypto/heimdal/kuser/kimpersonate.cat8
trunk/crypto/heimdal/kuser/kinit-version.rc
trunk/crypto/heimdal/kuser/kinit.cat1
trunk/crypto/heimdal/kuser/klist.cat1
trunk/crypto/heimdal/kuser/kswitch.cat1
trunk/crypto/heimdal/packages/
trunk/crypto/heimdal/po/
trunk/crypto/heimdal/tests/
trunk/crypto/heimdal/tools/NTMakefile
trunk/crypto/heimdal/tools/krb5-config.cat1
trunk/crypto/heimdal/ylwrap
Deleted: trunk/crypto/heimdal/TODO
===================================================================
--- trunk/crypto/heimdal/TODO 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/TODO 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,30 +0,0 @@
--*- indented-text -*-
-
-** lib/gssapi
-
-cache delegation credentials to avoid hitting the kdc ? require time
-stampless tickets, and was supported in the recv'ing end with 0.6.1.
-
-make iov work for arcfour
-
-make iov work for ntlm
-
-interop test
-
-make TYPE_STREAM work
-
-** lib/kadm5
-
-add policies?
-
-** lib/krb5
-
-verify_user: handle non-secure verification failing because of
-host->realm mapping
-
-* windows stuff
-
--- drop all double negation #ifndef NO_
--- got though windows specific ifdefs to minimized them
--- switch to use heim-ipc for services, like the kadmin change notification socket
--- Unify lib/krb5/expand_path_w32.c
Deleted: trunk/crypto/heimdal/admin/NTMakefile
===================================================================
--- trunk/crypto/heimdal/admin/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/admin/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,74 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=admin
-cincdirs=$(cincdirs) -I$(OBJ)
-!include ../windows/NTMakefile.w32
-
-SBINPROGRAMS=$(SBINDIR)\ktutil.exe
-
-KTUTIL_OBJS= \
- $(OBJ)\add.obj \
- $(OBJ)\change.obj \
- $(OBJ)\copy.obj \
- $(OBJ)\destroy.obj \
- $(OBJ)\get.obj \
- $(OBJ)\ktutil.obj \
- $(OBJ)\ktutil-commands.obj \
- $(OBJ)\list.obj \
- $(OBJ)\purge.obj \
- $(OBJ)\remove.obj \
- $(OBJ)\rename.obj
-
-KTUTIL_LIBS= \
- $(LIBHEIMDAL) \
- $(LIBKADM5SRV) \
- $(LIBSL) \
- $(LIBROKEN) \
- $(LIBVERS)
-
-$(SBINDIR)\ktutil.exe: $(KTUTIL_OBJS) $(KTUTIL_LIBS) $(OBJ)\ktutil-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(OBJ)\ktutil-commands.c $(OBJ)\ktutil-commands.h: ktutil-commands.in
- cd $(OBJ)
- $(CP) $(SRCDIR)\ktutil-commands.in $(OBJ)
- $(BINDIR)\slc.exe ktutil-commands.in
- cd $(SRCDIR)
-
-INCFILES=\
- $(OBJ)\ktutil-commands.h
-
-all:: $(INCFILES) $(SBINPROGRAMS)
-
-clean::
- -$(RM) $(SBINPROGRAMS:.exe=.*)
Deleted: trunk/crypto/heimdal/admin/ktutil-version.rc
===================================================================
--- trunk/crypto/heimdal/admin/ktutil-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/admin/ktutil-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Kerberos Keytab Tool"
-#define RC_FILE_ORIG_0409 "ktutil.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/admin/ktutil.cat8
===================================================================
--- trunk/crypto/heimdal/admin/ktutil.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/admin/ktutil.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,71 +0,0 @@
-
-KTUTIL(8) BSD System Manager's Manual KTUTIL(8)
-
-N�NA�AM�ME�E
- k�kt�tu�ut�ti�il�l -- manage Kerberos keytabs
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kt�tu�ut�ti�il�l [-�-k�k _�k_�e_�y_�t_�a_�b | -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b] [-�-v�v | -�--�-v�ve�er�rb�bo�os�se�e] [-�--�-v�ve�er�rs�si�io�on�n]
- [-�-h�h | -�--�-h�he�el�lp�p] _�c_�o_�m_�m_�a_�n_�d [_�a_�r_�g_�s]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kt�tu�ut�ti�il�l is a program for managing keytabs. Supported options:
-
- -�-v�v, -�--�-v�ve�er�rb�bo�os�se�e
- Verbose output.
-
- _�c_�o_�m_�m_�a_�n_�d can be one of the following:
-
- add [-�-p�p _�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-V�V _�k_�v_�n_�o] [-�--�-k�kv�vn�no�o=�=_�k_�v_�n_�o] [-�-e�e
- _�e_�n_�c_�t_�y_�p_�e] [-�--�-e�en�nc�ct�ty�yp�pe�e=�=_�e_�n_�c_�t_�y_�p_�e] [-�-w�w _�p_�a_�s_�s_�w_�o_�r_�d]
- [-�--�-p�pa�as�ss�sw�wo�or�rd�d=�=_�p_�a_�s_�s_�w_�o_�r_�d] [-�-r�r] [-�--�-r�ra�an�nd�do�om�m] [-�-s�s] [-�--�-n�no�o-�-s�sa�al�lt�t] [-�-H�H]
- [-�--�-h�he�ex�x]
- Adds a key to the keytab. Options that are not specified will
- be prompted for. This requires that you know the password or
- the hex key of the principal to add; if what you really want
- is to add a new principal to the keytab, you should consider
- the _�g_�e_�t command, which talks to the kadmin server.
-
- change [-�-r�r _�r_�e_�a_�l_�m] [-�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�--�-a�a _�h_�o_�s_�t] [-�--�-a�ad�dm�mi�in�n-�-s�se�er�rv�ve�er�r=�=_�h_�o_�s_�t] [-�--�-s�s
- _�p_�o_�r_�t] [-�--�-s�se�er�rv�ve�er�r-�-p�po�or�rt�t=�=_�p_�o_�r_�t]
- Update one or several keys to new versions. By default, use
- the admin server for the realm of a keytab entry. Otherwise
- it will use the values specified by the options.
-
- If no principals are given, all the ones in the keytab are
- updated.
-
- copy _�k_�e_�y_�t_�a_�b_�-_�s_�r_�c _�k_�e_�y_�t_�a_�b_�-_�d_�e_�s_�t
- Copies all the entries from _�k_�e_�y_�t_�a_�b_�-_�s_�r_�c to _�k_�e_�y_�t_�a_�b_�-_�d_�e_�s_�t.
-
- get [-�-p�p _�a_�d_�m_�i_�n _�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�a_�d_�m_�i_�n _�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-e�e _�e_�n_�c_�t_�y_�p_�e]
- [-�--�-e�en�nc�ct�ty�yp�pe�es�s=�=_�e_�n_�c_�t_�y_�p_�e] [-�-r�r _�r_�e_�a_�l_�m] [-�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�-a�a _�a_�d_�m_�i_�n
- _�s_�e_�r_�v_�e_�r] [-�--�-a�ad�dm�mi�in�n-�-s�se�er�rv�ve�er�r=�=_�a_�d_�m_�i_�n _�s_�e_�r_�v_�e_�r] [-�-s�s _�s_�e_�r_�v_�e_�r _�p_�o_�r_�t]
- [-�--�-s�se�er�rv�ve�er�r-�-p�po�or�rt�t=�=_�s_�e_�r_�v_�e_�r _�p_�o_�r_�t] _�p_�r_�i_�n_�c_�i_�p_�a_�l _�._�._�.
- For each _�p_�r_�i_�n_�c_�i_�p_�a_�l, generate a new key for it (creating it if
- it doesn't already exist), and put that key in the keytab.
-
- If no _�r_�e_�a_�l_�m is specified, the realm to operate on is taken
- from the first principal.
-
- list [-�--�-k�ke�ey�ys�s] [-�--�-t�ti�im�me�es�st�ta�am�mp�p]
- List the keys stored in the keytab.
-
- remove [-�-p�p _�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-V�V -�-k�kv�vn�no�o] [-�--�-k�kv�vn�no�o=�=_�k_�v_�n_�o]
- [-�-e�e -�-e�en�nc�ct�ty�yp�pe�e] [-�--�-e�en�nc�ct�ty�yp�pe�e=�=_�e_�n_�c_�t_�y_�p_�e]
- Removes the specified key or keys. Not specifying a _�k_�v_�n_�o
- removes keys with any version number. Not specifying an
- _�e_�n_�c_�t_�y_�p_�e removes keys of any type.
-
- rename _�f_�r_�o_�m_�-_�p_�r_�i_�n_�c_�i_�p_�a_�l _�t_�o_�-_�p_�r_�i_�n_�c_�i_�p_�a_�l
- Renames all entries in the keytab that match the
- _�f_�r_�o_�m_�-_�p_�r_�i_�n_�c_�i_�p_�a_�l to _�t_�o_�-_�p_�r_�i_�n_�c_�i_�p_�a_�l.
-
- purge [-�--�-a�ag�ge�e=�=_�a_�g_�e]
- Removes all old versions of a key for which there is a newer
- version that is at least _�a_�g_�e (default one week) old.
-
-S�SE�EE�E A�AL�LS�SO�O
- kadmin(8)
-
-HEIMDAL April 14, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/appl/NTMakefile
===================================================================
--- trunk/crypto/heimdal/appl/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/appl/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=appl
-
-!include ../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/configure.ac
===================================================================
--- trunk/crypto/heimdal/configure.ac 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/configure.ac 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,704 +0,0 @@
-dnl Process this file with autoconf to produce a configure script.
-AC_REVISION($Revision$)
-AC_PREREQ(2.62)
-test -z "$CFLAGS" && CFLAGS="-g"
-AC_INIT([Heimdal],[1.5.2],[heimdal-bugs at h5l.org])
-AC_CONFIG_SRCDIR([kuser/kinit.c])
-AC_CONFIG_HEADERS(include/config.h)
-AC_CONFIG_MACRO_DIR([cf])
-
-AM_INIT_AUTOMAKE([foreign 1.10.3])
-AM_MAINTAINER_MODE
-
-dnl Checks for programs.
-AC_PROG_CC
-AM_PROG_CC_C_O
-AC_PROG_CPP
-AC_PROG_LIBTOOL
-
-AC_PREFIX_DEFAULT(/usr/heimdal)
-
-test "$sysconfdir" = '${prefix}/etc' && sysconfdir='/etc'
-test "$localstatedir" = '${prefix}/var' && localstatedir='/var/heimdal'
-
-AC_CANONICAL_HOST
-CANONICAL_HOST=$host
-AC_SUBST(CANONICAL_HOST)
-
-rk_SYS_LARGEFILE
-
-rk_AIX
-rk_IRIX
-rk_SUNOS
-
-dnl
-dnl this is needed to run the configure tests against glibc
-dnl
-AC_DEFINE([_GNU_SOURCE], 1,
- [Define to enable extensions on glibc-based systems such as Linux.])
-
-AC_OBJEXT
-AC_EXEEXT
-
-dnl AC_KRB_PROG_YACC
-AC_PROG_YACC
-AM_PROG_LEX
-dnl AC_PROG_RANLIB
-AC_PROG_AWK
-AC_KRB_PROG_LN_S
-
-AC_MIPS_ABI
-CC="$CC $abi"
-libdir="$libdir$abilibdirext"
-
-AC_C___ATTRIBUTE__
-
-LT_PREREQ([2.2])
-LT_INIT([shared static win32-dll])
-
-AM_CONDITIONAL(ENABLE_SHARED, test "$enable_shared" = "yes")
-rk_VERSIONSCRIPT
-
-dnl
-dnl Helper bits for cross compiling
-dnl
-
-
-
-AM_CONDITIONAL(CROSS_COMPILE, test "${cross_compiling}" = yes)
-
-AC_ARG_WITH(cross-tools,
- AS_HELP_STRING([--with-cross-tools=dir], [use cross tools in dir]),
- [if test "$withval" = "yes"; then
- AC_MSG_ERROR([Need path to cross tools])
- fi
- with_cross_tools="${with_cross_tools}/"
- ])
-
-if test "${cross_compiling}" != yes ; then
-
- ASN1_COMPILE="\$(top_builddir)/lib/asn1/asn1_compile\$(EXEEXT)"
- SLC="\$(top_builddir)/lib/sl/slc"
-
- ASN1_COMPILE_DEP="\$(ASN1_COMPILE)"
- SLC_DEP="\$(SLC)"
-else
- ASN1_COMPILE="${with_cross_tools}asn1_compile"
- SLC="${with_cross_tools}slc"
-
- ASN1_COMPILE_DEP=
- SLC_DEP=
-
- ac_cv_prog_COMPILE_ET=${with_cross_tools}compile_et
-
-fi
-
-AC_SUBST([ASN1_COMPILE])
-AC_SUBST([ASN1_COMPILE_DEP])
-AC_SUBST([SLC])
-AC_SUBST([SLC_DEP])
-
-
-dnl ---
-
-AC_DEFINE(HEIM_WEAK_CRYPTO, 1, [Define if you want support for weak crypto])
-
-rk_TEST_PACKAGE(openldap,
-[#include <lber.h>
-#include <ldap.h>],
-[-lldap -llber],,,OPENLDAP)
-
-AC_ARG_ENABLE(hdb-openldap-module,
- AS_HELP_STRING([--enable-hdb-openldap-module],
- [if you want support to build openldap hdb as shared object]))
-if test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes; then
- AC_DEFINE(OPENLDAP_MODULE, 1, [Define if you want support for hdb ldap module])
-fi
-AM_CONDITIONAL(OPENLDAP_MODULE, test "$enable_hdb_openldap_module" = yes -a "$with_openldap" = yes)
-
-dnl
-dnl Optional modules, pk-init, digest, kx509
-dnl
-
-AC_ARG_ENABLE(pk-init,
- AS_HELP_STRING([--disable-pk-init],
- [if you want disable to PK-INIT support]))
-if test "$enable_pk_init" != no ;then
- AC_DEFINE([PKINIT], 1, [Define to enable PKINIT.])
-fi
-AM_CONDITIONAL(PKINIT, test "$enable_pk_init" != no)
-
-AC_ARG_ENABLE(digest,
- AS_HELP_STRING([--disable-digest],
- [if you want disable to DIGEST support]))
-if test "$enable_digest" != no ;then
- AC_DEFINE([DIGEST], 1, [Define to enable DIGEST.])
-fi
-
-AC_ARG_ENABLE(kx509,
- AS_HELP_STRING([--disable-kx509],
- [if you want disable to kx509 support]))
-if test "$enable_kx509" != no ;then
- AC_DEFINE([KX509], 1, [Define to enable kx509.])
-fi
-
-dnl Need to test if pkg-config exists
-PKG_PROG_PKG_CONFIG
-
-dnl libcap-ng
-AC_ARG_WITH([capng],
- AC_HELP_STRING([--with-capng], [use libcap-ng to drop KDC privileges @<:@default=check@:>@]),
- [],
- [with_capng=check])
-if test "$with_capng" != "no"; then
- PKG_CHECK_MODULES([CAPNG], [libcap-ng >= 0.4.0],
- [with_capng=yes],[with_capng=no])
-fi
-if test "$with_capng" = "yes"; then
- AC_DEFINE_UNQUOTED([HAVE_CAPNG], 1, [whether capng is available for privilege reduction])
-fi
-AM_CONDITIONAL([HAVE_CAPNG], [test "$with_capng" != "no"])
-AC_SUBST([CAPNG_CFLAGS])
-AC_SUBST([CAPNG_LIBS])
-
-dnl Check for sqlite
-rk_TEST_PACKAGE(sqlite3,
-[#include <sqlite3.h>
-#ifndef SQLITE_OPEN_CREATE
-#error "old version"
-#endif],
-[-lsqlite3],,,SQLITE3)
-
-if test "X$with_sqlite3" != Xyes ; then
- INCLUDE_sqlite3="-I\$(top_srcdir)/lib/sqlite"
- LIB_sqlite3="\$(top_builddir)/lib/sqlite/libheimsqlite.la"
-fi
-AM_CONDITIONAL(SQLITE3, test "X$with_sqlite3" = Xyes)
-
-AC_DEFINE(HAVE_SQLITE3, 1, [Define if you want support for sqlite in Heimdal.])
-
-AC_ARG_ENABLE(sqlite-cache,
- AS_HELP_STRING([--disable-sqlite-cache],[if you want support for cache in sqlite]))
-if test "$enable_sqlite_cache" != no; then
- AC_DEFINE(HAVE_SCC, 1, [Define if you want support for cache in sqlite.])
-fi
-AM_CONDITIONAL(have_scc, test "$enable_sqlite_cache" != no)
-
-
-dnl check for libintl
-rk_TEST_PACKAGE(libintl,
-[#include <libintl.h>],
-[-lintl],,,LIBINTL)
-
-dnl path where the hdb directory is stored
-AC_ARG_WITH([hdbdir],
- [AS_HELP_STRING([--with-hdbdir],[Default location for KDC database @<:@default=/var/heimdal@:>@])],
- [],
- [with_hdbdir=/var/heimdal])
-DIR_hdbdir="$with_hdbdir"
-AC_SUBST([DIR_hdbdir])
-
-
-dnl no kerberos4 any more
-with_krb4=no
-AC_SUBST(INCLUDE_krb4)
-AC_SUBST(LIB_krb4)
-AM_CONDITIONAL(KRB4, false)
-
-AM_CONDITIONAL(KRB5, true)
-AM_CONDITIONAL(do_roken_rename, true)
-
-AC_DEFINE(SUPPORT_INETD, 1, [Enable use of inetd style startup.])dnl
-
-
-AC_DEFINE(KRB5, 1, [Enable Kerberos 5 support in applications.])dnl
-AC_SUBST(LIB_kdb)dnl
-
-KRB_CRYPTO
-
-KRB_PTHREADS
-
-AC_ARG_ENABLE(dce,
- AS_HELP_STRING([--enable-dce],[if you want support for DCE/DFS PAG's]))
-if test "$enable_dce" = yes; then
- AC_DEFINE(DCE, 1, [Define if you want support for DCE/DFS PAG's.])
-fi
-AM_CONDITIONAL(DCE, test "$enable_dce" = yes)
-
-## XXX quite horrible:
-if test -f /etc/ibmcxx.cfg; then
- dpagaix_ldadd=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/libraries/{;s/^[[^=]]*=\(.*\)/\1/;s/,/ /gp;}'`
- dpagaix_cflags=`sed -n '/^xlc_r4/,/^$/p' /etc/ibmcxx.cfg | sed -n -e '/options/{;s/^[[^=]]*=\(.*\)/\1/;s/-q[^,]*//;s/,/ /gp;}'`
- dpagaix_ldflags=
-else
- dpagaix_cflags="-D_THREAD_SAFE -D_AIX_PTHREADS_D7 -D_AIX32_THREADS=1 -D_AES_SOURCE -D_AIX41 -I/usr/include/dce"
- dpagaix_ldadd="-L/usr/lib/threads -ldcelibc_r -ldcepthreads -lpthreads_compat lpthreads -lc_r"
- dpagaix_ldflags="-Wl,-bI:dfspag.exp"
-fi
-AC_SUBST(dpagaix_cflags)
-AC_SUBST(dpagaix_ldadd)
-AC_SUBST(dpagaix_ldflags)
-
-AC_ARG_ENABLE([afs-support],
- AS_HELP_STRING([--disable-afs-support],[if you don't want support for AFS]))
-if test "$enable_afs_support" = no; then
- AC_DEFINE(NO_AFS, 1, [Define if you don't wan't support for AFS.])
- NO_AFS="1"
-fi
-AC_SUBST(NO_AFS)dnl
-
-rk_DB
-
-dnl AC_ROKEN(10,[/usr/heimdal /usr/athena],[lib/roken],[$(top_builddir)/lib/roken/libroken.la],[-I$(top_builddir)/lib/roken -I$(top_srcdir)/lib/roken])
-
-rk_ROKEN(lib/roken)
-LIBADD_roken="$LIB_roken"
-AC_SUBST(LIBADD_roken)dnl
-LIB_roken="\$(top_builddir)/lib/vers/libvers.la $LIB_roken"
-
-rk_OTP
-
-rk_LIBDISPATCH
-
-AC_CHECK_OSFC2
-
-AC_ARG_ENABLE(mmap,
- AS_HELP_STRING([--disable-mmap],[disable use of mmap]))
-if test "$enable_mmap" = "no"; then
- AC_DEFINE(NO_MMAP, 1, [Define if you don't want to use mmap.])
-fi
-
-AC_ARG_ENABLE(afs-string-to-key,
- AS_HELP_STRING([--disable-afs-string-to-key],
- [disable use of weak AFS string-to-key functions]),
- [], [enable_afs_string_to_key=yes])
-
-if test "$enable_afs_string_to_key" = "yes"; then
- AC_DEFINE(ENABLE_AFS_STRING_TO_KEY, 1, [Define if want to use the weak AFS string to key functions.])
-fi
-
-
-rk_CHECK_MAN
-
-rk_TEST_PACKAGE(readline,
-[#include <stdio.h>
-#if defined(HAVE_READLINE_READLINE_H)
-#include <readline/readline.h>
-#elif defined(HAVE_READLINE_H)
-#include <readline.h>
-#endif
-],-lreadline,,, READLINE,, [readline.h readline/readline.h])
-
-rk_TEST_PACKAGE(libedit,
-[#include <stdio.h>
-#if defined(HAVE_READLINE_READLINE_H)
-#include <readline/readline.h>
-#elif defined(HAVE_READLINE_H)
-#include <readline.h>
-#endif
-],-ledit,,, READLINE,, [readline.h readline/readline.h])
-
-AC_CONFIG_SUBDIRS([lib/libedit])
-
-rk_TEST_PACKAGE(hesiod,[#include <hesiod.h>],-lhesiod,,, HESIOD)
-
-KRB_C_BIGENDIAN
-AC_C_INLINE
-
-KRB_CHECK_X
-
-AM_CONDITIONAL(HAVE_X, test "$no_x" != yes)
-
-AC_CHECK_XAU
-
-dnl AM_C_PROTOTYPES
-
-dnl Checks for typedefs, structures, and compiler characteristics.
-AC_C_CONST
-AC_TYPE_OFF_T
-AC_CHECK_TYPE_EXTRA(mode_t, unsigned short, [])
-AC_CHECK_TYPE_EXTRA(sig_atomic_t, int, [#include <signal.h>])
-AC_HAVE_TYPE([long long])
-AC_HEADER_TIME
-AC_STRUCT_TM
-
-dnl Checks for header files.
-AC_HEADER_STDC
-
-AC_CHECK_HEADERS([\
- CommonCrypto/CommonDigest.h \
- CommonCrypto/CommonCryptor.h \
- arpa/ftp.h \
- arpa/telnet.h \
- bind/bitypes.h \
- bsdsetjmp.h \
- curses.h \
- dlfcn.h \
- execinfo.h \
- fnmatch.h \
- inttypes.h \
- io.h \
- libutil.h \
- limits.h \
- maillock.h \
- netgroup.h \
- netinet/in6_machtypes.h \
- pthread.h \
- pty.h \
- sac.h \
- sgtty.h \
- siad.h \
- signal.h \
- strings.h \
- stropts.h \
- sys/bitypes.h \
- sys/category.h \
- sys/file.h \
- sys/filio.h \
- sys/ioccom.h \
- sys/mman.h \
- sys/param.h \
- sys/pty.h \
- sys/ptyio.h \
- sys/select.h \
- sys/socket.h \
- sys/str_tty.h \
- sys/stream.h \
- sys/stropts.h \
- sys/syscall.h \
- sys/termio.h \
- sys/timeb.h \
- sys/times.h \
- sys/types.h \
- sys/un.h \
- locale.h \
- termcap.h \
- termio.h \
- termios.h \
- time.h \
- tmpdir.h \
- udb.h \
- util.h \
- utmp.h \
- utmpx.h \
-])
-
-dnl On Solaris 8 there's a compilation warning for term.h because
-dnl it doesn't define `bool'.
-AC_CHECK_HEADERS(term.h, , , -)
-
-dnl aix have asl.h (A/IX screen library) that we don't want
-AC_CHECK_HEADERS(asl.h, , , [
-#include <asl.h>
-#ifndef ASL_STRING_EMERG
-#error ASL_STRING_EMERG missing
-#endif])
-
-AC_CHECK_HEADERS(net/if.h, , , [AC_INCLUDES_DEFAULT
-#if HAVE_SYS_SOCKET_H
-#include <sys/socket.h>
-#endif])
-
-AC_CHECK_HEADERS(sys/ptyvar.h, , , [AC_INCLUDES_DEFAULT
-#if HAVE_SYS_TTY_H
-#include <sys/tty.h>
-#endif])
-
-AC_CHECK_HEADERS(sys/strtty.h, , , [AC_INCLUDES_DEFAULT
-#if HAVE_TERMIOS_H
-#include <termios.h>
-#endif
-#if HAVE_SYS_STREAM_H
-#include <sys/stream.h>
-#endif])
-
-AC_CHECK_HEADERS(sys/ucred.h, , , [AC_INCLUDES_DEFAULT
-#if HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#if HAVE_SYS_PARAM_H
-#include <sys/param.h>
-#endif])
-
-AC_CHECK_HEADERS(security/pam_modules.h, , , [AC_INCLUDES_DEFAULT
-#include <security/pam_appl.h>
-])
-
-dnl export symbols
-rk_WIN32_EXPORT(BUILD_KRB5_LIB, KRB5_LIB)
-rk_WIN32_EXPORT(BUILD_ROKEN_LIB, ROKEN_LIB)
-rk_WIN32_EXPORT(BUILD_GSSAPI_LIB, GSSAPI_LIB)
-
-dnl Checks for libraries.
-
-AC_FIND_FUNC_NO_LIBS(logwtmp, util,[
-#ifdef HAVE_UTIL_H
-#include <util.h>
-#endif
-],[0,0,0])
-AC_FIND_FUNC_NO_LIBS(logout, util,[
-#ifdef HAVE_UTIL_H
-#include <util.h>
-#endif
-],[0])
-AC_FIND_FUNC_NO_LIBS(openpty, util,[
-#ifdef HAVE_UTIL_H
-#include <util.h>
-#endif
-],[0,0,0,0,0])
-
-AC_FIND_FUNC_NO_LIBS(tgetent, termcap ncurses curses,[
-#ifdef HAVE_TERMCAP_H
-#include <termcap.h>
-#endif
-#ifdef HAVE_CURSES_H
-#include <curses.h>
-#endif
-],[0,0])
-
-dnl Checks for library functions.
-
-AC_CHECK_FUNCS([ \
- _getpty \
- _scrsize \
- arc4random \
- backtrace \
- fcntl \
- getpeereid \
- getpeerucred \
- grantpt \
- mktime \
- ptsname \
- rand \
- revoke \
- select \
- setitimer \
- setpcred \
- setpgid \
- setproctitle \
- setregid \
- setresgid \
- setresuid \
- setreuid \
- setsid \
- setutent \
- sigaction \
- strstr \
- ttyname \
- ttyslot \
- umask \
- unlockpt \
- vhangup \
- yp_get_default_domain \
-])
-
-AC_MSG_CHECKING([checking for __sync_add_and_fetch])
-AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include <sys/types.h>]],
- [[unsigned int foo; __sync_add_and_fetch(&foo, 1);]])],
- [ac_rk_have___sync_add_and_fetch=yes], [ac_rk_have___sync_add_and_fetch=no])
-if test "$ac_rk_have___sync_add_and_fetch" = "yes" ; then
- AC_DEFINE_UNQUOTED(HAVE___SYNC_ADD_AND_FETCH, 1, [have __sync_add_and_fetch])
-fi
-AC_MSG_RESULT($ac_rk_have___sync_add_and_fetch)
-
-AC_FUNC_MMAP
-
-KRB_CAPABILITIES
-
-AC_CHECK_GETPWNAM_R_POSIX
-
-dnl detect doors on solaris
-if test "$enable_pthread_support" != no; then
- saved_LIBS="$LIBS"
- LIBS="$LIBS $PTHREADS_LIBS"
- AC_FIND_FUNC_NO_LIBS(door_create, door)
- LIBS="$saved_LIBS"
-fi
-
-AC_ARG_ENABLE(kcm,
- AS_HELP_STRING([--enable-kcm],[enable Kerberos Credentials Manager]),
-,[enable_kcm=yes])
-
-if test "$enable_kcm" = yes ; then
- if test "$ac_cv_header_sys_un_h" != yes -a "$ac_cv_funclib_door_create" != yes ; then
- enable_kcm=no
- fi
-fi
-if test "$enable_kcm" = yes; then
- AC_DEFINE(HAVE_KCM, 1,
- [Define if you want to use the Kerberos Credentials Manager.])
-fi
-AM_CONDITIONAL(KCM, test "$enable_kcm" = yes)
-
-
-
-dnl Cray stuff
-AC_CHECK_FUNCS(getudbnam setlim)
-
-dnl AC_KRB_FUNC_GETCWD_BROKEN
-
-dnl
-dnl Check for fields in struct utmp
-dnl
-
-AC_HAVE_STRUCT_FIELD(struct utmp, ut_addr, [#include <utmp.h>])
-AC_HAVE_STRUCT_FIELD(struct utmp, ut_host, [#include <utmp.h>])
-AC_HAVE_STRUCT_FIELD(struct utmp, ut_id, [#include <utmp.h>])
-AC_HAVE_STRUCT_FIELD(struct utmp, ut_pid, [#include <utmp.h>])
-AC_HAVE_STRUCT_FIELD(struct utmp, ut_type, [#include <utmp.h>])
-AC_HAVE_STRUCT_FIELD(struct utmp, ut_user, [#include <utmp.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_host, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_id, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_line, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_pid, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_tv, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_type, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_user, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_exit, [#include <utmpx.h>])
-AC_HAVE_STRUCT_FIELD(struct utmpx, ut_syslen, [#include <utmpx.h>])
-
-AC_CHECK_TYPES([int8_t, int16_t, int32_t, int64_t,
- u_int8_t, u_int16_t, u_int32_t, u_int64_t,
- uint8_t, uint16_t, uint32_t, uint64_t],,,[
-#ifdef HAVE_INTTYPES_H
-#include <inttypes.h>
-#endif
-#ifdef HAVE_SYS_TYPES_H
-#include <sys/types.h>
-#endif
-#ifdef HAVE_SYS_BITYPES_H
-#include <sys/bitypes.h>
-#endif
-#ifdef HAVE_BIND_BITYPES_H
-#include <bind/bitypes.h>
-#endif
-#ifdef HAVE_NETINET_IN6_MACHTYPES_H
-#include <netinet/in6_machtypes.h>
-#endif
-])
-
-rk_FRAMEWORK_SECURITY
-
-KRB_READLINE
-
-rk_TELNET
-
-dnl Some operating systems already have com_err and compile_et
-CHECK_COMPILE_ET
-
-rk_AUTH_MODULES([sia afskauthlib])
-
-rk_DESTDIRS
-
-rk_WFLAGS([-Wall -Wmissing-prototypes -Wpointer-arith -Wbad-function-cast -Wmissing-declarations -Wnested-externs])
-
-
-AH_BOTTOM([#ifdef __APPLE__
-#include <AvailabilityMacros.h>
-#endif])
-
-AH_BOTTOM([#ifdef ROKEN_RENAME
-#include "roken_rename.h"
-#endif])
-
-AC_ARG_ENABLE(heimdal-documentation,
- AS_HELP_STRING([--disable-heimdal-documentation],
- [if you want disable to heimdal documentation]))
-AM_CONDITIONAL(HEIMDAL_DOCUMENTATION, test "$enable_heimdal_documentation" != no)
-
-AC_CONFIG_FILES(Makefile \
- etc/Makefile \
- include/Makefile \
- include/gssapi/Makefile \
- include/hcrypto/Makefile \
- include/kadm5/Makefile \
- lib/Makefile \
- base/Makefile \
- lib/asn1/Makefile \
- lib/com_err/Makefile \
- lib/hcrypto/Makefile \
- lib/hx509/Makefile \
- lib/gssapi/Makefile \
- lib/ntlm/Makefile \
- lib/hdb/Makefile \
- lib/ipc/Makefile \
- lib/kadm5/Makefile \
- lib/kafs/Makefile \
- lib/kdfs/Makefile \
- lib/krb5/Makefile \
- lib/otp/Makefile \
- lib/roken/Makefile \
- lib/sl/Makefile \
- lib/sqlite/Makefile \
- lib/vers/Makefile \
- lib/wind/Makefile \
- po/Makefile \
- kuser/Makefile \
- kpasswd/Makefile \
- kadmin/Makefile \
- admin/Makefile \
- kcm/Makefile \
- kdc/Makefile \
- appl/Makefile \
- appl/afsutil/Makefile \
- appl/ftp/Makefile \
- appl/ftp/common/Makefile \
- appl/ftp/ftp/Makefile \
- appl/ftp/ftpd/Makefile \
- appl/gssmask/Makefile \
- appl/kx/Makefile \
- appl/login/Makefile \
- appl/otp/Makefile \
- appl/popper/Makefile \
- appl/push/Makefile \
- appl/rsh/Makefile \
- appl/rcp/Makefile \
- appl/su/Makefile \
- appl/xnlock/Makefile \
- appl/telnet/Makefile \
- appl/telnet/libtelnet/Makefile \
- appl/telnet/telnet/Makefile \
- appl/telnet/telnetd/Makefile \
- appl/test/Makefile \
- appl/kf/Makefile \
- appl/dceutils/Makefile \
- tests/Makefile \
- tests/bin/Makefile \
- tests/can/Makefile \
- tests/db/Makefile \
- tests/kdc/Makefile \
- tests/ldap/Makefile \
- tests/gss/Makefile \
- tests/java/Makefile \
- tests/plugin/Makefile \
- packages/Makefile \
- packages/mac/Makefile \
- doc/Makefile \
- tools/Makefile \
-)
-
-AC_OUTPUT
-
-dnl
-dnl This is the release version name-number[beta]
-dnl
-
-cat > include/newversion.h.in <<EOF
-#ifndef VERSION_HIDDEN
-#define VERSION_HIDDEN
-#endif
-VERSION_HIDDEN const char *heimdal_long_version = "@([#])\$Version: $PACKAGE_STRING by @USER@ on @HOST@ ($host) @DATE@ \$";
-VERSION_HIDDEN const char *heimdal_version = "AC_PACKAGE_STRING";
-EOF
-
-if test -f include/version.h && cmp -s include/newversion.h.in include/version.h.in; then
- echo "include/version.h is unchanged"
- rm -f include/newversion.h.in
-else
- echo "creating include/version.h"
- User=${USER-${LOGNAME}}
- Host=`(hostname || uname -n || echo unknown) 2>/dev/null | sed 1q`
- Date=`date`
- mv -f include/newversion.h.in include/version.h.in
- sed -e "s/@USER@/$User/" -e "s/@HOST@/$Host/" -e "s/@DATE@/$Date/" include/version.h.in > include/version.h
-fi
Deleted: trunk/crypto/heimdal/depcomp
===================================================================
--- trunk/crypto/heimdal/depcomp 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/depcomp 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,630 +0,0 @@
-#! /bin/sh
-# depcomp - compile a program generating dependencies as side-effects
-
-scriptversion=2009-04-28.21; # UTC
-
-# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006, 2007, 2009 Free
-# Software Foundation, Inc.
-
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2, or (at your option)
-# any later version.
-
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# Originally written by Alexandre Oliva <oliva at dcc.unicamp.br>.
-
-case $1 in
- '')
- echo "$0: No command. Try \`$0 --help' for more information." 1>&2
- exit 1;
- ;;
- -h | --h*)
- cat <<\EOF
-Usage: depcomp [--help] [--version] PROGRAM [ARGS]
-
-Run PROGRAMS ARGS to compile a file, generating dependencies
-as side-effects.
-
-Environment variables:
- depmode Dependency tracking mode.
- source Source file read by `PROGRAMS ARGS'.
- object Object file output by `PROGRAMS ARGS'.
- DEPDIR directory where to store dependencies.
- depfile Dependency file to output.
- tmpdepfile Temporary file to use when outputing dependencies.
- libtool Whether libtool is used (yes/no).
-
-Report bugs to <bug-automake at gnu.org>.
-EOF
- exit $?
- ;;
- -v | --v*)
- echo "depcomp $scriptversion"
- exit $?
- ;;
-esac
-
-if test -z "$depmode" || test -z "$source" || test -z "$object"; then
- echo "depcomp: Variables source, object and depmode must be set" 1>&2
- exit 1
-fi
-
-# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po.
-depfile=${depfile-`echo "$object" |
- sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`}
-tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`}
-
-rm -f "$tmpdepfile"
-
-# Some modes work just like other modes, but use different flags. We
-# parameterize here, but still list the modes in the big case below,
-# to make depend.m4 easier to write. Note that we *cannot* use a case
-# here, because this file can only contain one case statement.
-if test "$depmode" = hp; then
- # HP compiler uses -M and no extra arg.
- gccflag=-M
- depmode=gcc
-fi
-
-if test "$depmode" = dashXmstdout; then
- # This is just like dashmstdout with a different argument.
- dashmflag=-xM
- depmode=dashmstdout
-fi
-
-cygpath_u="cygpath -u -f -"
-if test "$depmode" = msvcmsys; then
- # This is just like msvisualcpp but w/o cygpath translation.
- # Just convert the backslash-escaped backslashes to single forward
- # slashes to satisfy depend.m4
- cygpath_u="sed s,\\\\\\\\,/,g"
- depmode=msvisualcpp
-fi
-
-case "$depmode" in
-gcc3)
-## gcc 3 implements dependency tracking that does exactly what
-## we want. Yay! Note: for some reason libtool 1.4 doesn't like
-## it if -MD -MP comes after the -MF stuff. Hmm.
-## Unfortunately, FreeBSD c89 acceptance of flags depends upon
-## the command line argument order; so add the flags where they
-## appear in depend2.am. Note that the slowdown incurred here
-## affects only configure: in makefiles, %FASTDEP% shortcuts this.
- for arg
- do
- case $arg in
- -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;;
- *) set fnord "$@" "$arg" ;;
- esac
- shift # fnord
- shift # $arg
- done
- "$@"
- stat=$?
- if test $stat -eq 0; then :
- else
- rm -f "$tmpdepfile"
- exit $stat
- fi
- mv "$tmpdepfile" "$depfile"
- ;;
-
-gcc)
-## There are various ways to get dependency output from gcc. Here's
-## why we pick this rather obscure method:
-## - Don't want to use -MD because we'd like the dependencies to end
-## up in a subdir. Having to rename by hand is ugly.
-## (We might end up doing this anyway to support other compilers.)
-## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like
-## -MM, not -M (despite what the docs say).
-## - Using -M directly means running the compiler twice (even worse
-## than renaming).
- if test -z "$gccflag"; then
- gccflag=-MD,
- fi
- "$@" -Wp,"$gccflag$tmpdepfile"
- stat=$?
- if test $stat -eq 0; then :
- else
- rm -f "$tmpdepfile"
- exit $stat
- fi
- rm -f "$depfile"
- echo "$object : \\" > "$depfile"
- alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz
-## The second -e expression handles DOS-style file names with drive letters.
- sed -e 's/^[^:]*: / /' \
- -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile"
-## This next piece of magic avoids the `deleted header file' problem.
-## The problem is that when a header file which appears in a .P file
-## is deleted, the dependency causes make to die (because there is
-## typically no way to rebuild the header). We avoid this by adding
-## dummy dependencies for each header file. Too bad gcc doesn't do
-## this for us directly.
- tr ' ' '
-' < "$tmpdepfile" |
-## Some versions of gcc put a space before the `:'. On the theory
-## that the space means something, we add a space to the output as
-## well.
-## Some versions of the HPUX 10.20 sed can't process this invocation
-## correctly. Breaking it into two sed invocations is a workaround.
- sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
- rm -f "$tmpdepfile"
- ;;
-
-hp)
- # This case exists only to let depend.m4 do its work. It works by
- # looking at the text of this script. This case will never be run,
- # since it is checked for above.
- exit 1
- ;;
-
-sgi)
- if test "$libtool" = yes; then
- "$@" "-Wp,-MDupdate,$tmpdepfile"
- else
- "$@" -MDupdate "$tmpdepfile"
- fi
- stat=$?
- if test $stat -eq 0; then :
- else
- rm -f "$tmpdepfile"
- exit $stat
- fi
- rm -f "$depfile"
-
- if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files
- echo "$object : \\" > "$depfile"
-
- # Clip off the initial element (the dependent). Don't try to be
- # clever and replace this with sed code, as IRIX sed won't handle
- # lines with more than a fixed number of characters (4096 in
- # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines;
- # the IRIX cc adds comments like `#:fec' to the end of the
- # dependency line.
- tr ' ' '
-' < "$tmpdepfile" \
- | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \
- tr '
-' ' ' >> "$depfile"
- echo >> "$depfile"
-
- # The second pass generates a dummy entry for each header file.
- tr ' ' '
-' < "$tmpdepfile" \
- | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \
- >> "$depfile"
- else
- # The sourcefile does not contain any dependencies, so just
- # store a dummy comment line, to avoid errors with the Makefile
- # "include basename.Plo" scheme.
- echo "#dummy" > "$depfile"
- fi
- rm -f "$tmpdepfile"
- ;;
-
-aix)
- # The C for AIX Compiler uses -M and outputs the dependencies
- # in a .u file. In older versions, this file always lives in the
- # current directory. Also, the AIX compiler puts `$object:' at the
- # start of each line; $object doesn't have directory information.
- # Version 6 uses the directory in both cases.
- dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
- test "x$dir" = "x$object" && dir=
- base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
- if test "$libtool" = yes; then
- tmpdepfile1=$dir$base.u
- tmpdepfile2=$base.u
- tmpdepfile3=$dir.libs/$base.u
- "$@" -Wc,-M
- else
- tmpdepfile1=$dir$base.u
- tmpdepfile2=$dir$base.u
- tmpdepfile3=$dir$base.u
- "$@" -M
- fi
- stat=$?
-
- if test $stat -eq 0; then :
- else
- rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
- exit $stat
- fi
-
- for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3"
- do
- test -f "$tmpdepfile" && break
- done
- if test -f "$tmpdepfile"; then
- # Each line is of the form `foo.o: dependent.h'.
- # Do two passes, one to just change these to
- # `$object: dependent.h' and one to simply `dependent.h:'.
- sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
- # That's a tab and a space in the [].
- sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
- else
- # The sourcefile does not contain any dependencies, so just
- # store a dummy comment line, to avoid errors with the Makefile
- # "include basename.Plo" scheme.
- echo "#dummy" > "$depfile"
- fi
- rm -f "$tmpdepfile"
- ;;
-
-icc)
- # Intel's C compiler understands `-MD -MF file'. However on
- # icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c
- # ICC 7.0 will fill foo.d with something like
- # foo.o: sub/foo.c
- # foo.o: sub/foo.h
- # which is wrong. We want:
- # sub/foo.o: sub/foo.c
- # sub/foo.o: sub/foo.h
- # sub/foo.c:
- # sub/foo.h:
- # ICC 7.1 will output
- # foo.o: sub/foo.c sub/foo.h
- # and will wrap long lines using \ :
- # foo.o: sub/foo.c ... \
- # sub/foo.h ... \
- # ...
-
- "$@" -MD -MF "$tmpdepfile"
- stat=$?
- if test $stat -eq 0; then :
- else
- rm -f "$tmpdepfile"
- exit $stat
- fi
- rm -f "$depfile"
- # Each line is of the form `foo.o: dependent.h',
- # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'.
- # Do two passes, one to just change these to
- # `$object: dependent.h' and one to simply `dependent.h:'.
- sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile"
- # Some versions of the HPUX 10.20 sed can't process this invocation
- # correctly. Breaking it into two sed invocations is a workaround.
- sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" |
- sed -e 's/$/ :/' >> "$depfile"
- rm -f "$tmpdepfile"
- ;;
-
-hp2)
- # The "hp" stanza above does not work with aCC (C++) and HP's ia64
- # compilers, which have integrated preprocessors. The correct option
- # to use with these is +Maked; it writes dependencies to a file named
- # 'foo.d', which lands next to the object file, wherever that
- # happens to be.
- # Much of this is similar to the tru64 case; see comments there.
- dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
- test "x$dir" = "x$object" && dir=
- base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
- if test "$libtool" = yes; then
- tmpdepfile1=$dir$base.d
- tmpdepfile2=$dir.libs/$base.d
- "$@" -Wc,+Maked
- else
- tmpdepfile1=$dir$base.d
- tmpdepfile2=$dir$base.d
- "$@" +Maked
- fi
- stat=$?
- if test $stat -eq 0; then :
- else
- rm -f "$tmpdepfile1" "$tmpdepfile2"
- exit $stat
- fi
-
- for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2"
- do
- test -f "$tmpdepfile" && break
- done
- if test -f "$tmpdepfile"; then
- sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile"
- # Add `dependent.h:' lines.
- sed -ne '2,${
- s/^ *//
- s/ \\*$//
- s/$/:/
- p
- }' "$tmpdepfile" >> "$depfile"
- else
- echo "#dummy" > "$depfile"
- fi
- rm -f "$tmpdepfile" "$tmpdepfile2"
- ;;
-
-tru64)
- # The Tru64 compiler uses -MD to generate dependencies as a side
- # effect. `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'.
- # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put
- # dependencies in `foo.d' instead, so we check for that too.
- # Subdirectories are respected.
- dir=`echo "$object" | sed -e 's|/[^/]*$|/|'`
- test "x$dir" = "x$object" && dir=
- base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'`
-
- if test "$libtool" = yes; then
- # With Tru64 cc, shared objects can also be used to make a
- # static library. This mechanism is used in libtool 1.4 series to
- # handle both shared and static libraries in a single compilation.
- # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d.
- #
- # With libtool 1.5 this exception was removed, and libtool now
- # generates 2 separate objects for the 2 libraries. These two
- # compilations output dependencies in $dir.libs/$base.o.d and
- # in $dir$base.o.d. We have to check for both files, because
- # one of the two compilations can be disabled. We should prefer
- # $dir$base.o.d over $dir.libs/$base.o.d because the latter is
- # automatically cleaned when .libs/ is deleted, while ignoring
- # the former would cause a distcleancheck panic.
- tmpdepfile1=$dir.libs/$base.lo.d # libtool 1.4
- tmpdepfile2=$dir$base.o.d # libtool 1.5
- tmpdepfile3=$dir.libs/$base.o.d # libtool 1.5
- tmpdepfile4=$dir.libs/$base.d # Compaq CCC V6.2-504
- "$@" -Wc,-MD
- else
- tmpdepfile1=$dir$base.o.d
- tmpdepfile2=$dir$base.d
- tmpdepfile3=$dir$base.d
- tmpdepfile4=$dir$base.d
- "$@" -MD
- fi
-
- stat=$?
- if test $stat -eq 0; then :
- else
- rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
- exit $stat
- fi
-
- for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4"
- do
- test -f "$tmpdepfile" && break
- done
- if test -f "$tmpdepfile"; then
- sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile"
- # That's a tab and a space in the [].
- sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile"
- else
- echo "#dummy" > "$depfile"
- fi
- rm -f "$tmpdepfile"
- ;;
-
-#nosideeffect)
- # This comment above is used by automake to tell side-effect
- # dependency tracking mechanisms from slower ones.
-
-dashmstdout)
- # Important note: in order to support this mode, a compiler *must*
- # always write the preprocessed file to stdout, regardless of -o.
- "$@" || exit $?
-
- # Remove the call to Libtool.
- if test "$libtool" = yes; then
- while test "X$1" != 'X--mode=compile'; do
- shift
- done
- shift
- fi
-
- # Remove `-o $object'.
- IFS=" "
- for arg
- do
- case $arg in
- -o)
- shift
- ;;
- $object)
- shift
- ;;
- *)
- set fnord "$@" "$arg"
- shift # fnord
- shift # $arg
- ;;
- esac
- done
-
- test -z "$dashmflag" && dashmflag=-M
- # Require at least two characters before searching for `:'
- # in the target name. This is to cope with DOS-style filenames:
- # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise.
- "$@" $dashmflag |
- sed 's:^[ ]*[^: ][^:][^:]*\:[ ]*:'"$object"'\: :' > "$tmpdepfile"
- rm -f "$depfile"
- cat < "$tmpdepfile" > "$depfile"
- tr ' ' '
-' < "$tmpdepfile" | \
-## Some versions of the HPUX 10.20 sed can't process this invocation
-## correctly. Breaking it into two sed invocations is a workaround.
- sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
- rm -f "$tmpdepfile"
- ;;
-
-dashXmstdout)
- # This case only exists to satisfy depend.m4. It is never actually
- # run, as this mode is specially recognized in the preamble.
- exit 1
- ;;
-
-makedepend)
- "$@" || exit $?
- # Remove any Libtool call
- if test "$libtool" = yes; then
- while test "X$1" != 'X--mode=compile'; do
- shift
- done
- shift
- fi
- # X makedepend
- shift
- cleared=no eat=no
- for arg
- do
- case $cleared in
- no)
- set ""; shift
- cleared=yes ;;
- esac
- if test $eat = yes; then
- eat=no
- continue
- fi
- case "$arg" in
- -D*|-I*)
- set fnord "$@" "$arg"; shift ;;
- # Strip any option that makedepend may not understand. Remove
- # the object too, otherwise makedepend will parse it as a source file.
- -arch)
- eat=yes ;;
- -*|$object)
- ;;
- *)
- set fnord "$@" "$arg"; shift ;;
- esac
- done
- obj_suffix=`echo "$object" | sed 's/^.*\././'`
- touch "$tmpdepfile"
- ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@"
- rm -f "$depfile"
- cat < "$tmpdepfile" > "$depfile"
- sed '1,2d' "$tmpdepfile" | tr ' ' '
-' | \
-## Some versions of the HPUX 10.20 sed can't process this invocation
-## correctly. Breaking it into two sed invocations is a workaround.
- sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile"
- rm -f "$tmpdepfile" "$tmpdepfile".bak
- ;;
-
-cpp)
- # Important note: in order to support this mode, a compiler *must*
- # always write the preprocessed file to stdout.
- "$@" || exit $?
-
- # Remove the call to Libtool.
- if test "$libtool" = yes; then
- while test "X$1" != 'X--mode=compile'; do
- shift
- done
- shift
- fi
-
- # Remove `-o $object'.
- IFS=" "
- for arg
- do
- case $arg in
- -o)
- shift
- ;;
- $object)
- shift
- ;;
- *)
- set fnord "$@" "$arg"
- shift # fnord
- shift # $arg
- ;;
- esac
- done
-
- "$@" -E |
- sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \
- -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' |
- sed '$ s: \\$::' > "$tmpdepfile"
- rm -f "$depfile"
- echo "$object : \\" > "$depfile"
- cat < "$tmpdepfile" >> "$depfile"
- sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile"
- rm -f "$tmpdepfile"
- ;;
-
-msvisualcpp)
- # Important note: in order to support this mode, a compiler *must*
- # always write the preprocessed file to stdout.
- "$@" || exit $?
-
- # Remove the call to Libtool.
- if test "$libtool" = yes; then
- while test "X$1" != 'X--mode=compile'; do
- shift
- done
- shift
- fi
-
- IFS=" "
- for arg
- do
- case "$arg" in
- -o)
- shift
- ;;
- $object)
- shift
- ;;
- "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI")
- set fnord "$@"
- shift
- shift
- ;;
- *)
- set fnord "$@" "$arg"
- shift
- shift
- ;;
- esac
- done
- "$@" -E 2>/dev/null |
- sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile"
- rm -f "$depfile"
- echo "$object : \\" > "$depfile"
- sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile"
- echo " " >> "$depfile"
- sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile"
- rm -f "$tmpdepfile"
- ;;
-
-msvcmsys)
- # This case exists only to let depend.m4 do its work. It works by
- # looking at the text of this script. This case will never be run,
- # since it is checked for above.
- exit 1
- ;;
-
-none)
- exec "$@"
- ;;
-
-*)
- echo "Unknown depmode $depmode" 1>&2
- exit 1
- ;;
-esac
-
-exit 0
-
-# Local Variables:
-# mode: shell-script
-# sh-indentation: 2
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-time-zone: "UTC"
-# time-stamp-end: "; # UTC"
-# End:
Deleted: trunk/crypto/heimdal/include/NTMakefile
===================================================================
--- trunk/crypto/heimdal/include/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/include/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,119 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=include
-
-SUBDIRS=kadm5 hcrypto gssapi
-
-!include ../windows/NTMakefile.w32
-!include ../windows/NTMakefile.version
-!include ../windows/NTMakefile.config
-
-INCFILES= \
- $(INCDIR)\config.h \
- $(INCDIR)\crypto-headers.h \
- $(INCDIR)\heim_threads.h \
- $(INCDIR)\krb5-types.h \
- $(INCDIR)\version.h
-
-$(INCDIR)\krb5-types.h: $(OBJ)\bits.exe
- $(OBJ)\bits.exe $(INCDIR)\krb5-types.h
-
-$(OBJ)\bits.exe: $(OBJ)\bits.obj
- $(EXECONLINK)
- $(EXEPREP_NODIST)
-
-$(INCDIR)\config.h: config.h.w32 ..\windows\NTMakefile.config ..\windows\NTMakefile.version NTMakefile
- $(PERL) << < config.h.w32 > $@
-
-while(<>) {
-
- if (m/\@FEATURE_DEFS\@/) {
-
- if ("$(KRB5)") { print "#define KRB5 1\n"; }
- if ("$(KRB4)") { print "#define KRB4 1\n"; }
- if ("$(WEAK_CRYPTO)") { print "#define HEIM_WEAK_CRYPTO 1\n"; }
- if ("$(PKINIT)") { print "#define PKINIT 1\n"; }
- if ("$(NO_AFS)") { print "#define NO_AFS 1\n"; }
- if ("$(OPENLDAP)") { print "#define OPENLDAP 1\n"; }
- if ("$(OPENLDAP_MODULE)") { print "#define OPENLDAP_MODULE 1\n"; }
- if ("$(OTP)") { print "#define OTP 1 \n"; }
- if ("$(AUTHENTICATION)") { print "#define AUTHENTICATION 1\n"; }
- if ("$(DIAGNOSTICS)") { print "#define DIAGNOSTICS 1\n"; }
- if ("$(ENCRYPTION)") { print "#define ENCRYPTION 1\n"; }
- if ("$(ENABLE_AFS_STRING_TO_KEY)") { print "#define ENABLE_AFS_STRING_TO_KEY 1\n"; }
- if ("$(ENABLE_PTHREAD_SUPPORT)") { print "#define ENABLE_PTHREAD_SUPPORT 1\n"; }
- if ("$(HAVE_PTHREAD_H)") { print "#define HAVE_PTHREAD_H 1\n"; }
- if ("$(ENV_HACK)") { print "#define ENV_HACK 1\n"; }
- if ("$(HAVE_KCM)") { print "#define HAVE_KCM 1\n"; }
- if ("$(HAVE_SCC)") { print "#define HAVE_SCC 1\n"; }
- if ("$(DIR_hdbdir)") { print "#define HDB_DB_DIR \"".'$(DIR_hdbdir)'."\"\n"; }
- if ("$(HAVE_MSLSA_CACHE)") { print "#define HAVE_MSLSA_CACHE 1\n"; }
- if ("$(NO_LOCALNAME)") { print "#define NO_LOCALNAME 1\n"; }
-
- } elsif (m/\@VERSION_OPTDEFS\@/) {
-
- if ("$(VER_PRERELEASE)") { print "#define VER_PRERELEASE 1\n"; }
- if ("$(VER_PRIVATE)") { print "#define VER_PRIVATE \"$(VER_PRIVATE)\"\n"; }
- if ("$(VER_SPECIAL)") { print "#define VER_SPECIAL \"$(VER_SPECIAL)\"\n"; }
- if ("$(BUILD)" =~ "dbg") { print "#define VER_DEBUG 1\n"; }
- print "#define HOST \"$(COMPUTERNAME)\"\n";
-
- } else {
-
- s/\@PACKAGE\@/$(VER_PACKAGE)/;
- s/\@PACKAGE_NAME\@/$(VER_PACKAGE_NAME)/;
- s/\@PACKAGE_BUGREPORT\@/$(VER_PACKAGE_BUGREPORT:@=\@)/;
- s/\@PACKAGE_VERSION\@/$(VER_PACKAGE_VERSION)/;
- s/\@PACKAGE_COPYRIGHT\@/$(VER_PACKAGE_COPYRIGHT)/;
- s/\@PACKAGE_COMPANY\@/$(VER_PACKAGE_COMPANY)/;
- s/\@MAJOR\@/$(VER_PRODUCT_MAJOR)/;
- s/\@MINOR\@/$(VER_PRODUCT_MINOR)/;
- s/\@AUX\@/$(VER_PRODUCT_AUX)/;
- s/\@PATCH\@/$(VER_PRODUCT_PATCH)/;
-
- print $_;
- }
-}
-
-<<
-
-$(INCDIR)\version.h: ..\windows\NTMakefile.version NTMakefile
- $(CP) << $@
-const char *heimdal_long_version = "@(#)$$Version: $(VER_PACKAGE_NAME) $(VER_PACKAGE_VERSION) by $(USERNAME) on $(COMPUTERNAME) ($(CPU)-pc-windows) $$";
-const char *heimdal_version = "$(VER_PACKAGE_NAME) $(VER_PACKAGE_VERSION)";
-<<
-
-all:: $(INCFILES)
-
-clean::
- -$(RM) $(INCFILES)
-
Deleted: trunk/crypto/heimdal/include/gssapi/NTMakefile
===================================================================
--- trunk/crypto/heimdal/include/gssapi/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/include/gssapi/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,34 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=include\gssapi
-
-!include ../../windows/NTMakefile.w32
Deleted: trunk/crypto/heimdal/include/hcrypto/NTMakefile
===================================================================
--- trunk/crypto/heimdal/include/hcrypto/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/include/hcrypto/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,34 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=include\hcrypto
-
-!include ../../windows/NTMakefile.w32
Deleted: trunk/crypto/heimdal/include/kadm5/NTMakefile
===================================================================
--- trunk/crypto/heimdal/include/kadm5/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/include/kadm5/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,34 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=include\kadm5
-
-!include ../../windows/NTMakefile.w32
Deleted: trunk/crypto/heimdal/include/make_crypto.c
===================================================================
--- trunk/crypto/heimdal/include/make_crypto.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/include/make_crypto.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,111 +0,0 @@
-/*
- * Copyright (c) 2002 - 2005 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#ifdef HAVE_CONFIG_H
-#include <config.h>
-RCSID("$Id: make_crypto.c,v 1.1.1.3 2012-07-21 15:09:09 laffer1 Exp $");
-#endif
-#include <stdio.h>
-#include <string.h>
-#include <stdlib.h>
-#include <ctype.h>
-
-int
-main(int argc, char **argv)
-{
- char *p;
- FILE *f;
- if(argc != 2) {
- fprintf(stderr, "Usage: make_crypto file\n");
- exit(1);
- }
- if (strcmp(argv[1], "--version") == 0) {
- printf("some version");
- return 0;
- }
- f = fopen(argv[1], "w");
- if(f == NULL) {
- perror(argv[1]);
- exit(1);
- }
- for(p = argv[1]; *p; p++)
- if(!isalnum((unsigned char)*p))
- *p = '_';
- fprintf(f, "#ifndef __%s__\n", argv[1]);
- fprintf(f, "#define __%s__\n", argv[1]);
-#ifdef HAVE_OPENSSL
- fputs("#ifndef OPENSSL_DES_LIBDES_COMPATIBILITY\n", f);
- fputs("#define OPENSSL_DES_LIBDES_COMPATIBILITY\n", f);
- fputs("#endif\n", f);
- fputs("#include <openssl/evp.h>\n", f);
- fputs("#include <openssl/des.h>\n", f);
- fputs("#include <openssl/rc4.h>\n", f);
- fputs("#include <openssl/rc2.h>\n", f);
- fputs("#include <openssl/md2.h>\n", f);
- fputs("#include <openssl/md4.h>\n", f);
- fputs("#include <openssl/md5.h>\n", f);
- fputs("#include <openssl/sha.h>\n", f);
- fputs("#include <openssl/aes.h>\n", f);
- fputs("#include <openssl/ui.h>\n", f);
- fputs("#include <openssl/rand.h>\n", f);
- fputs("#include <openssl/engine.h>\n", f);
- fputs("#include <openssl/pkcs12.h>\n", f);
- fputs("#include <openssl/pem.h>\n", f);
- fputs("#include <openssl/hmac.h>\n", f);
- fputs("#ifndef BN_is_negative\n", f);
- fputs("#define BN_set_negative(bn, flag) ((bn)->neg=(flag)?1:0)\n", f);
- fputs("#define BN_is_negative(bn) ((bn)->neg != 0)\n", f);
- fputs("#endif\n", f);
-#else
- fputs("#ifdef KRB5\n", f);
- fputs("#include <krb5-types.h>\n", f);
- fputs("#endif\n", f);
- fputs("#include <hcrypto/evp.h>\n", f);
- fputs("#include <hcrypto/des.h>\n", f);
- fputs("#include <hcrypto/md2.h>\n", f);
- fputs("#include <hcrypto/md4.h>\n", f);
- fputs("#include <hcrypto/md5.h>\n", f);
- fputs("#include <hcrypto/sha.h>\n", f);
- fputs("#include <hcrypto/rc4.h>\n", f);
- fputs("#include <hcrypto/rc2.h>\n", f);
- fputs("#include <hcrypto/aes.h>\n", f);
- fputs("#include <hcrypto/ui.h>\n", f);
- fputs("#include <hcrypto/rand.h>\n", f);
- fputs("#include <hcrypto/engine.h>\n", f);
- fputs("#include <hcrypto/pkcs12.h>\n", f);
- fputs("#include <hcrypto/hmac.h>\n", f);
-#endif
- fprintf(f, "#endif /* __%s__ */\n", argv[1]);
- fclose(f);
- exit(0);
-}
Deleted: trunk/crypto/heimdal/kadmin/NTMakefile
===================================================================
--- trunk/crypto/heimdal/kadmin/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kadmin/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,134 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=kadmin
-cincdirs=-I$(OBJ) -I$(INCDIR)\gssapi
-
-!include ../windows/NTMakefile.w32
-
-SBIN_PROGRAMS=$(SBINDIR)\kadmin.exe
-
-# Disable kadmind.exe since currently it doesn't build
-#LIBEXEC_PROGRAMS=$(LIBEXECDIR)\kadmind.exe
-#
-
-COMMON_LIBS= \
- $(LIBHDB) \
- $(LIBHEIMDAL) \
- $(LIBROKEN)
-
-KADMIN_OBJS= \
- $(OBJ)\ank.obj \
- $(OBJ)\add_enctype.obj \
- $(OBJ)\check.obj \
- $(OBJ)\cpw.obj \
- $(OBJ)\del.obj \
- $(OBJ)\del_enctype.obj \
- $(OBJ)\dump.obj \
- $(OBJ)\ext.obj \
- $(OBJ)\get.obj \
- $(OBJ)\init.obj \
- $(OBJ)\kadmin.obj \
- $(OBJ)\load.obj \
- $(OBJ)\mod.obj \
- $(OBJ)\rename.obj \
- $(OBJ)\stash.obj \
- $(OBJ)\util.obj \
- $(OBJ)\pw_quality.obj \
- $(OBJ)\random_password.obj \
- $(OBJ)\kadmin-commands.obj \
- $(OBJ)\kadmin-version.res
-
-KADMIN_LIBS= \
- $(LIBKADM5CLNT) \
- $(LIBKADM5SRV) \
- $(LIBSL) \
- $(COMMON_LIBS) \
- $(LIBVERS) \
- $(LIBCOMERR)
-
-INCFILES=$(OBJ)\kadmin-commands.h
-
-$(OBJ)\kadmin-commands.c $(OBJ)\kadmin-commands.h: kadmin-commands.in
- cd $(OBJ)
- $(CP) $(SRCDIR)\kadmin-commands.in $(OBJ)
- $(BINDIR)\slc.exe kadmin-commands.in
- cd $(SRCDIR)
-
-$(SBINDIR)\kadmin.exe: $(KADMIN_OBJS) $(KADMIN_LIBS)
- $(EXECONLINK)
- $(EXEPREP)
-
-KADMIND_OBJS= \
- $(OBJ)\rpc.obj \
- $(OBJ)\server.obj \
- $(OBJ)\kadmind.obj \
- $(OBJ)\kadm_conn.obj \
- $(OBJ)\kadmind-version.res
-
-KADMIND_LIBS=\
- $(LIBKADM5SRV) \
- $(LIBGSSAPI) \
- $(COMMON_LIBS)
-
-$(LIBEXECDIR)\kadmind.exe: $(KADMIND_OBJS) $(KADMIND_LIBS)
- $(EXECONLINK)
- $(EXEPREP)
-
-all:: $(INCFILES) $(SBIN_PROGRAMS) $(LIBEXEC_PROGRAMS)
-
-clean::
- -$(RM) $(SBIN_PROGRAMS:.exe=.*)
- -$(RM) $(LIBEXEC_PROGRAMS:.exe=.*)
-
-
-
-
-NOINST_PROGRAMS=$(OBJ)\add_random_users.exe
-
-$(OBJ)\add_random_users.exe: $(OBJ)\add_random_users.obj $(LIBKADM5SRV) $(LIBKADM5CLNT) $(COMMON_LIBS)
- $(EXECONLINK)
- $(EXEPREP_NODIST)
-
-TEST_BINARIES=$(OBJ)\test_util.exe
-
-$(OBJ)\test_util.exe: $(OBJ)\test_util.obj $(OBJ)\util.obj $(KADMIN_LIBS)
- $(EXECONLINK)
- $(EXEPREP_NODIST)
-
-test-binaries: $(TEST_BINARIES)
-
-test-run:
- cd $(OBJ)
- test_util.exe
- cd $(SRCDIR)
-
-test:: test-binaries test-run
Deleted: trunk/crypto/heimdal/kadmin/kadmin-version.rc
===================================================================
--- trunk/crypto/heimdal/kadmin/kadmin-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kadmin/kadmin-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Kerberos Administration Tool"
-#define RC_FILE_ORIG_0409 "kadmin.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kadmin/kadmin.cat8
===================================================================
--- trunk/crypto/heimdal/kadmin/kadmin.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kadmin/kadmin.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,180 +0,0 @@
-
-KADMIN(8) BSD System Manager's Manual KADMIN(8)
-
-N�NA�AM�ME�E
- k�ka�ad�dm�mi�in�n -- Kerberos administration utility
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�ka�ad�dm�mi�in�n [-�-p�p _�s_�t_�r_�i_�n_�g | -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�s_�t_�r_�i_�n_�g] [-�-K�K _�s_�t_�r_�i_�n_�g | -�--�-k�ke�ey�yt�ta�ab�b=�=_�s_�t_�r_�i_�n_�g]
- [-�-c�c _�f_�i_�l_�e | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e] [-�-k�k _�f_�i_�l_�e | -�--�-k�ke�ey�y-�-f�fi�il�le�e=�=_�f_�i_�l_�e]
- [-�-r�r _�r_�e_�a_�l_�m | -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�-a�a _�h_�o_�s_�t | -�--�-a�ad�dm�mi�in�n-�-s�se�er�rv�ve�er�r=�=_�h_�o_�s_�t]
- [-�-s�s _�p_�o_�r_�t _�n_�u_�m_�b_�e_�r | -�--�-s�se�er�rv�ve�er�r-�-p�po�or�rt�t=�=_�p_�o_�r_�t _�n_�u_�m_�b_�e_�r] [-�-l�l | -�--�-l�lo�oc�ca�al�l]
- [-�-h�h | -�--�-h�he�el�lp�p] [-�-v�v | -�--�-v�ve�er�rs�si�io�on�n] [_�c_�o_�m_�m_�a_�n_�d]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�ka�ad�dm�mi�in�n program is used to make modifications to the Kerberos data-
- base, either remotely via the kadmind(8) daemon, or locally (with the -�-l�l
- option).
-
- Supported options:
-
- -�-p�p _�s_�t_�r_�i_�n_�g, -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�s_�t_�r_�i_�n_�g
- principal to authenticate as
-
- -�-K�K _�s_�t_�r_�i_�n_�g, -�--�-k�ke�ey�yt�ta�ab�b=�=_�s_�t_�r_�i_�n_�g
- keytab for authentication principal
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- location of config file
-
- -�-k�k _�f_�i_�l_�e, -�--�-k�ke�ey�y-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- location of master key file
-
- -�-r�r _�r_�e_�a_�l_�m, -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
- realm to use
-
- -�-a�a _�h_�o_�s_�t, -�--�-a�ad�dm�mi�in�n-�-s�se�er�rv�ve�er�r=�=_�h_�o_�s_�t
- server to contact
-
- -�-s�s _�p_�o_�r_�t _�n_�u_�m_�b_�e_�r, -�--�-s�se�er�rv�ve�er�r-�-p�po�or�rt�t=�=_�p_�o_�r_�t _�n_�u_�m_�b_�e_�r
- port to use
-
- -�-l�l, -�--�-l�lo�oc�ca�al�l
- local admin mode
-
- If no _�c_�o_�m_�m_�a_�n_�d is given on the command line, k�ka�ad�dm�mi�in�n will prompt for com-
- mands to process. Some of the commands that take one or more principals
- as argument (d�de�el�le�et�te�e, e�ex�xt�t_�_k�ke�ey�yt�ta�ab�b, g�ge�et�t, m�mo�od�di�if�fy�y, and p�pa�as�ss�sw�wd�d) will accept a
- glob style wildcard, and perform the operation on all matching princi-
- pals.
-
- Commands include:
-
- a�ad�dd�d [-�-r�r | -�--�-r�ra�an�nd�do�om�m-�-k�ke�ey�y] [-�--�-r�ra�an�nd�do�om�m-�-p�pa�as�ss�sw�wo�or�rd�d] [-�-p�p _�s_�t_�r_�i_�n_�g |
- -�--�-p�pa�as�ss�sw�wo�or�rd�d=�=_�s_�t_�r_�i_�n_�g] [-�--�-k�ke�ey�y=�=_�s_�t_�r_�i_�n_�g] [-�--�-m�ma�ax�x-�-t�ti�ic�ck�ke�et�t-�-l�li�if�fe�e=�=_�l_�i_�f_�e_�t_�i_�m_�e]
- [-�--�-m�ma�ax�x-�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e=�=_�l_�i_�f_�e_�t_�i_�m_�e] [-�--�-a�at�tt�tr�ri�ib�bu�ut�te�es�s=�=_�a_�t_�t_�r_�i_�b_�u_�t_�e_�s]
- [-�--�-e�ex�xp�pi�ir�ra�at�ti�io�on�n-�-t�ti�im�me�e=�=_�t_�i_�m_�e] [-�--�-p�pw�w-�-e�ex�xp�pi�ir�ra�at�ti�io�on�n-�-t�ti�im�me�e=�=_�t_�i_�m_�e] _�p_�r_�i_�n_�c_�i_�p_�a_�l_�._�._�.
-
- Adds a new principal to the database. The options not passed on the
- command line will be promped for.
-
- a�ad�dd�d_�_e�en�nc�ct�ty�yp�pe�e [-�-r�r | -�--�-r�ra�an�nd�do�om�m-�-k�ke�ey�y] _�p_�r_�i_�n_�c_�i_�p_�a_�l _�e_�n_�c_�t_�y_�p_�e_�s_�._�._�.
-
- Adds a new encryption type to the principal, only random key are
- supported.
-
- d�de�el�le�et�te�e _�p_�r_�i_�n_�c_�i_�p_�a_�l_�._�._�.
-
- Removes a principal.
-
- d�de�el�l_�_e�en�nc�ct�ty�yp�pe�e _�p_�r_�i_�n_�c_�i_�p_�a_�l _�e_�n_�c_�t_�y_�p_�e_�s_�._�._�.
-
- Removes some enctypes from a principal; this can be useful if the
- service belonging to the principal is known to not handle certain
- enctypes.
-
- e�ex�xt�t_�_k�ke�ey�yt�ta�ab�b [-�-k�k _�s_�t_�r_�i_�n_�g | -�--�-k�ke�ey�yt�ta�ab�b=�=_�s_�t_�r_�i_�n_�g] _�p_�r_�i_�n_�c_�i_�p_�a_�l_�._�._�.
-
- Creates a keytab with the keys of the specified principals.
-
- g�ge�et�t [-�-l�l | -�--�-l�lo�on�ng�g] [-�-s�s | -�--�-s�sh�ho�or�rt�t] [-�-t�t | -�--�-t�te�er�rs�se�e] [-�-o�o _�s_�t_�r_�i_�n_�g |
- -�--�-c�co�ol�lu�um�mn�n-�-i�in�nf�fo�o=�=_�s_�t_�r_�i_�n_�g] _�p_�r_�i_�n_�c_�i_�p_�a_�l_�._�._�.
-
- Lists the matching principals, short prints the result as a table,
- while long format produces a more verbose output. Which columns to
- print can be selected with the -�-o�o option. The argument is a comma
- separated list of column names optionally appended with an equal
- sign (`=') and a column header. Which columns are printed by
- default differ slightly between short and long output.
-
- The default terse output format is similar to -�-s�s -�-o�o _�p_�r_�i_�n_�c_�i_�p_�a_�l_�=,
- just printing the names of matched principals.
-
- Possible column names include: principal, princ_expire_time,
- pw_expiration, last_pwd_change, max_life, max_rlife, mod_time,
- mod_name, attributes, kvno, mkvno, last_success, last_failed,
- fail_auth_count, policy, and keytypes.
-
- m�mo�od�di�if�fy�y [-�-a�a _�a_�t_�t_�r_�i_�b_�u_�t_�e_�s | -�--�-a�at�tt�tr�ri�ib�bu�ut�te�es�s=�=_�a_�t_�t_�r_�i_�b_�u_�t_�e_�s]
- [-�--�-m�ma�ax�x-�-t�ti�ic�ck�ke�et�t-�-l�li�if�fe�e=�=_�l_�i_�f_�e_�t_�i_�m_�e] [-�--�-m�ma�ax�x-�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e=�=_�l_�i_�f_�e_�t_�i_�m_�e]
- [-�--�-e�ex�xp�pi�ir�ra�at�ti�io�on�n-�-t�ti�im�me�e=�=_�t_�i_�m_�e] [-�--�-p�pw�w-�-e�ex�xp�pi�ir�ra�at�ti�io�on�n-�-t�ti�im�me�e=�=_�t_�i_�m_�e] [-�--�-k�kv�vn�no�o=�=_�n_�u_�m_�b_�e_�r]
- _�p_�r_�i_�n_�c_�i_�p_�a_�l_�._�._�.
-
- Modifies certain attributes of a principal. If run without command
- line options, you will be prompted. With command line options, it
- will only change the ones specified.
-
- Possible attributes are: new-princ, support-desmd5,
- pwchange-service, disallow-svr, requires-pw-change,
- requires-hw-auth, requires-pre-auth, disallow-all-tix,
- disallow-dup-skey, disallow-proxiable, disallow-renewable,
- disallow-tgt-based, disallow-forwardable, disallow-postdated
-
- Attributes may be negated with a "-", e.g.,
-
- kadmin -l modify -a -disallow-proxiable user
-
- p�pa�as�ss�sw�wd�d [-�-r�r | -�--�-r�ra�an�nd�do�om�m-�-k�ke�ey�y] [-�--�-r�ra�an�nd�do�om�m-�-p�pa�as�ss�sw�wo�or�rd�d] [-�-p�p _�s_�t_�r_�i_�n_�g |
- -�--�-p�pa�as�ss�sw�wo�or�rd�d=�=_�s_�t_�r_�i_�n_�g] [-�--�-k�ke�ey�y=�=_�s_�t_�r_�i_�n_�g] _�p_�r_�i_�n_�c_�i_�p_�a_�l_�._�._�.
-
- Changes the password of an existing principal.
-
- p�pa�as�ss�sw�wo�or�rd�d-�-q�qu�ua�al�li�it�ty�y _�p_�r_�i_�n_�c_�i_�p_�a_�l _�p_�a_�s_�s_�w_�o_�r_�d
-
- Run the password quality check function locally. You can run this
- on the host that is configured to run the kadmind process to verify
- that your configuration file is correct. The verification is done
- locally, if kadmin is run in remote mode, no rpc call is done to
- the server.
-
- p�pr�ri�iv�vi�il�le�eg�ge�es�s
-
- Lists the operations you are allowed to perform. These include add,
- add_enctype, change-password, delete, del_enctype, get, list, and
- modify.
-
- r�re�en�na�am�me�e _�f_�r_�o_�m _�t_�o
-
- Renames a principal. This is normally transparent, but since keys
- are salted with the principal name, they will have a non-standard
- salt, and clients which are unable to cope with this will fail.
- Kerberos 4 suffers from this.
-
- c�ch�he�ec�ck�k [_�r_�e_�a_�l_�m]
-
- Check database for strange configurations on important principals.
- If no realm is given, the default realm is used.
-
- When running in local mode, the following commands can also be used:
-
- d�du�um�mp�p [-�-d�d | -�--�-d�de�ec�cr�ry�yp�pt�t] [_�d_�u_�m_�p_�-_�f_�i_�l_�e]
-
- Writes the database in ``human readable'' form to the specified
- file, or standard out. If the database is encrypted, the dump will
- also have encrypted keys, unless -�--�-d�de�ec�cr�ry�yp�pt�t is used.
-
- i�in�ni�it�t [-�--�-r�re�ea�al�lm�m-�-m�ma�ax�x-�-t�ti�ic�ck�ke�et�t-�-l�li�if�fe�e=�=_�s_�t_�r_�i_�n_�g] [-�--�-r�re�ea�al�lm�m-�-m�ma�ax�x-�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e=�=_�s_�t_�r_�i_�n_�g]
- _�r_�e_�a_�l_�m
-
- Initializes the Kerberos database with entries for a new realm.
- It's possible to have more than one realm served by one server.
-
- l�lo�oa�ad�d _�f_�i_�l_�e
-
- Reads a previously dumped database, and re-creates that database
- from scratch.
-
- m�me�er�rg�ge�e _�f_�i_�l_�e
-
- Similar to l�lo�oa�ad�d but just modifies the database with the entries in
- the dump file.
-
- s�st�ta�as�sh�h [-�-e�e _�e_�n_�c_�t_�y_�p_�e | -�--�-e�en�nc�ct�ty�yp�pe�e=�=_�e_�n_�c_�t_�y_�p_�e] [-�-k�k _�k_�e_�y_�f_�i_�l_�e | -�--�-k�ke�ey�y-�-f�fi�il�le�e=�=_�k_�e_�y_�f_�i_�l_�e]
- [-�--�-c�co�on�nv�ve�er�rt�t-�-f�fi�il�le�e] [-�--�-m�ma�as�st�te�er�r-�-k�ke�ey�y-�-f�fd�d=�=_�f_�d]
-
- Writes the Kerberos master key to a file used by the KDC.
-
-S�SE�EE�E A�AL�LS�SO�O
- kadmind(8), kdc(8)
-
-HEIMDAL Feb 22, 2007 HEIMDAL
Deleted: trunk/crypto/heimdal/kadmin/kadmind-version.rc
===================================================================
--- trunk/crypto/heimdal/kadmin/kadmind-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kadmin/kadmind-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Kerberos Administration Server"
-#define RC_FILE_ORIG_0409 "kadmind.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kadmin/kadmind.cat8
===================================================================
--- trunk/crypto/heimdal/kadmin/kadmind.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kadmin/kadmind.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,87 +0,0 @@
-
-KADMIND(8) BSD System Manager's Manual KADMIND(8)
-
-N�NA�AM�ME�E
- k�ka�ad�dm�mi�in�nd�d -- server for administrative access to Kerberos database
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�ka�ad�dm�mi�in�nd�d [-�-c�c _�f_�i_�l_�e | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e] [-�-k�k _�f_�i_�l_�e | -�--�-k�ke�ey�y-�-f�fi�il�le�e=�=_�f_�i_�l_�e]
- [-�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b] [-�-r�r _�r_�e_�a_�l_�m | -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�-d�d | -�--�-d�de�eb�bu�ug�g] [-�-p�p
- _�p_�o_�r_�t | -�--�-p�po�or�rt�ts�s=�=_�p_�o_�r_�t]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�ka�ad�dm�mi�in�nd�d listens for requests for changes to the Kerberos database and
- performs these, subject to permissions. When starting, if stdin is a
- socket it assumes that it has been started by inetd(8), otherwise it
- behaves as a daemon, forking processes for each new connection. The
- -�--�-d�de�eb�bu�ug�g option causes k�ka�ad�dm�mi�in�nd�d to accept exactly one connection, which is
- useful for debugging.
-
- The kpasswdd(8) daemon is responsible for the Kerberos 5 password chang-
- ing protocol (used by kpasswd(1)).
-
- This daemon should only be run on the master server, and not on any
- slaves.
-
- Principals are always allowed to change their own password and list their
- own principal. Apart from that, doing any operation requires permission
- explicitly added in the ACL file _�/_�v_�a_�r_�/_�h_�e_�i_�m_�d_�a_�l_�/_�k_�a_�d_�m_�i_�n_�d_�._�a_�c_�l. The format of
- this file is:
-
- _�p_�r_�i_�n_�c_�i_�p_�a_�l _�r_�i_�g_�h_�t_�s [_�p_�r_�i_�n_�c_�i_�p_�a_�l_�-_�p_�a_�t_�t_�e_�r_�n]
-
- Where rights is any (comma separated) combination of:
- +�+�o�o change-password or cpw
- +�+�o�o list
- +�+�o�o delete
- +�+�o�o modify
- +�+�o�o add
- +�+�o�o get
- +�+�o�o all
-
- And the optional _�p_�r_�i_�n_�c_�i_�p_�a_�l_�-_�p_�a_�t_�t_�e_�r_�n restricts the rights to operations on
- principals that match the glob-style pattern.
-
- Supported options:
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- location of config file
-
- -�-k�k _�f_�i_�l_�e, -�--�-k�ke�ey�y-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- location of master key file
-
- -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b
- what keytab to use
-
- -�-r�r _�r_�e_�a_�l_�m, -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
- realm to use
-
- -�-d�d, -�--�-d�de�eb�bu�ug�g
- enable debugging
-
- -�-p�p _�p_�o_�r_�t, -�--�-p�po�or�rt�ts�s=�=_�p_�o_�r_�t
- ports to listen to. By default, if run as a daemon, it listens to
- port 749, but you can add any number of ports with this option.
- The port string is a whitespace separated list of port specifica-
- tions, with the special string ``+'' representing the default
- port.
-
-F�FI�IL�LE�ES�S
- _�/_�v_�a_�r_�/_�h_�e_�i_�m_�d_�a_�l_�/_�k_�a_�d_�m_�i_�n_�d_�._�a_�c_�l
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- This will cause k�ka�ad�dm�mi�in�nd�d to listen to port 4711 in addition to any com-
- piled in defaults:
-
- k�ka�ad�dm�mi�in�nd�d -�--�-p�po�or�rt�ts�s="+ 4711" &
-
- This acl file will grant Joe all rights, and allow Mallory to view and
- add host principals.
-
- joe/admin at EXAMPLE.COM all
- mallory/admin at EXAMPLE.COM add,get host/*@EXAMPLE.COM
-
-S�SE�EE�E A�AL�LS�SO�O
- kpasswd(1), kadmin(8), kdc(8), kpasswdd(8)
-
-HEIMDAL December 8, 2004 HEIMDAL
Modified: trunk/crypto/heimdal/kadmin/rpc.c
===================================================================
--- trunk/crypto/heimdal/kadmin/rpc.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kadmin/rpc.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -33,10 +33,14 @@
#include "kadmin_locl.h"
-#include <gssapi.h>
-#include <gssapi_krb5.h>
-#include <gssapi_spnego.h>
+#include <gssapi/gssapi.h>
+//#include <gssapi_krb5.h>
+//#include <gssapi_spnego.h>
+static gss_OID_desc krb5_mechanism =
+{9, (void *)(uintptr_t) "\x2a\x86\x48\x86\xf7\x12\x01\x02\x02"};
+#define GSS_KRB5_MECHANISM (&krb5_mechanism)
+
#define CHECK(x) \
do { \
int __r; \
Deleted: trunk/crypto/heimdal/kcm/NTMakefile
===================================================================
--- trunk/crypto/heimdal/kcm/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kcm/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=kcm
-
-!include ../windows/NTMakefile.w32
-
Modified: trunk/crypto/heimdal/kcm/cache.c
===================================================================
--- trunk/crypto/heimdal/kcm/cache.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kcm/cache.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -102,7 +102,7 @@
for (p = ccache_head; p != NULL; p = p->next) {
if ((p->flags & KCM_FLAGS_VALID) == 0)
continue;
- if (memcmp(p->uuid, uuid, sizeof(uuid)) == 0) {
+ if (memcmp(p->uuid, uuid, sizeof(kcmuuid_t)) == 0) {
ret = 0;
break;
}
Deleted: trunk/crypto/heimdal/kcm/cursor.c
===================================================================
--- trunk/crypto/heimdal/kcm/cursor.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kcm/cursor.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,151 +0,0 @@
-/*
- * Copyright (c) 2005, PADL Software Pty Ltd.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of PADL Software nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY PADL SOFTWARE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL PADL SOFTWARE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kcm_locl.h"
-
-RCSID("$Id: cursor.c,v 1.1.1.1 2012-07-21 15:09:06 laffer1 Exp $");
-
-krb5_error_code
-kcm_cursor_new(krb5_context context,
- pid_t pid,
- kcm_ccache ccache,
- uint32_t *cursor)
-{
- kcm_cursor **p;
- krb5_error_code ret;
-
- *cursor = 0;
-
- KCM_ASSERT_VALID(ccache);
-
- HEIMDAL_MUTEX_lock(&ccache->mutex);
- for (p = &ccache->cursors; *p != NULL; p = &(*p)->next)
- ;
-
- *p = (kcm_cursor *)malloc(sizeof(kcm_cursor));
- if (*p == NULL) {
- ret = KRB5_CC_NOMEM;
- goto out;
- }
-
- (*p)->pid = pid;
- (*p)->key = ++ccache->n_cursor;
- (*p)->credp = ccache->creds;
- (*p)->next = NULL;
-
- *cursor = (*p)->key;
-
- ret = 0;
-
-out:
- HEIMDAL_MUTEX_unlock(&ccache->mutex);
-
- return ret;
-}
-
-krb5_error_code
-kcm_cursor_find(krb5_context context,
- pid_t pid,
- kcm_ccache ccache,
- uint32_t key,
- kcm_cursor **cursor)
-{
- kcm_cursor *p;
- krb5_error_code ret;
-
- KCM_ASSERT_VALID(ccache);
-
- if (key == 0)
- return KRB5_CC_NOTFOUND;
-
- ret = KRB5_CC_END;
-
- HEIMDAL_MUTEX_lock(&ccache->mutex);
-
- for (p = ccache->cursors; p != NULL; p = p->next) {
- if (p->key == key) {
- if (p->pid != pid)
- ret = KRB5_FCC_PERM;
- else
- ret = 0;
- break;
- }
- }
-
- if (ret == 0)
- *cursor = p;
-
- HEIMDAL_MUTEX_unlock(&ccache->mutex);
-
- return ret;
-}
-
-krb5_error_code
-kcm_cursor_delete(krb5_context context,
- pid_t pid,
- kcm_ccache ccache,
- uint32_t key)
-{
- kcm_cursor **p;
- krb5_error_code ret;
-
- KCM_ASSERT_VALID(ccache);
-
- if (key == 0)
- return KRB5_CC_NOTFOUND;
-
- ret = KRB5_CC_END;
-
- HEIMDAL_MUTEX_lock(&ccache->mutex);
-
- for (p = &ccache->cursors; *p != NULL; p = &(*p)->next) {
- if ((*p)->key == key) {
- if ((*p)->pid != pid)
- ret = KRB5_FCC_PERM;
- else
- ret = 0;
- break;
- }
- }
-
- if (ret == 0) {
- kcm_cursor *x = *p;
-
- *p = x->next;
- free(x);
- }
-
- HEIMDAL_MUTEX_unlock(&ccache->mutex);
-
- return ret;
-}
-
Deleted: trunk/crypto/heimdal/kcm/kcm.cat8
===================================================================
--- trunk/crypto/heimdal/kcm/kcm.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kcm/kcm.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,92 +0,0 @@
-
-KCM(8) BSD System Manager's Manual KCM(8)
-
-N�NA�AM�ME�E
- k�kc�cm�m -- process-based credential cache for Kerberos tickets.
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kc�cm�m [-�--�-c�ca�ac�ch�he�e-�-n�na�am�me�e=�=_�c_�a_�c_�h_�e_�n_�a_�m_�e] [-�-c�c _�f_�i_�l_�e | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e] [-�-g�g _�g_�r_�o_�u_�p |
- -�--�-g�gr�ro�ou�up�p=�=_�g_�r_�o_�u_�p] [-�--�-m�ma�ax�x-�-r�re�eq�qu�ue�es�st�t=�=_�s_�i_�z_�e] [-�--�-d�di�is�sa�al�ll�lo�ow�w-�-g�ge�et�tt�ti�in�ng�g-�-k�kr�rb�bt�tg�gt�t]
- [-�--�-d�de�et�ta�ac�ch�h] [-�-h�h | -�--�-h�he�el�lp�p] [-�-k�k _�p_�r_�i_�n_�c_�i_�p_�a_�l |
- -�--�-s�sy�ys�st�te�em�m-�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-l�l _�t_�i_�m_�e | -�--�-l�li�if�fe�et�ti�im�me�e=�=_�t_�i_�m_�e] [-�-m�m _�m_�o_�d_�e |
- -�--�-m�mo�od�de�e=�=_�m_�o_�d_�e] [-�-n�n | -�--�-n�no�o-�-n�na�am�me�e-�-c�co�on�ns�st�tr�ra�ai�in�nt�ts�s] [-�-r�r _�t_�i_�m_�e |
- -�--�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e=�=_�t_�i_�m_�e] [-�-s�s _�p_�a_�t_�h | -�--�-s�so�oc�ck�ke�et�t-�-p�pa�at�th�h=�=_�p_�a_�t_�h]
- [-�--�-d�do�oo�or�r-�-p�pa�at�th�h=�=_�p_�a_�t_�h] [-�-S�S _�p_�r_�i_�n_�c_�i_�p_�a_�l | -�--�-s�se�er�rv�ve�er�r=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-t�t _�k_�e_�y_�t_�a_�b |
- -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b] [-�-u�u _�u_�s_�e_�r | -�--�-u�us�se�er�r=�=_�u_�s_�e_�r] [-�-v�v | -�--�-v�ve�er�rs�si�io�on�n]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kc�cm�m is a process based credential cache. To use it, set the KRB5CCNAME
- enviroment variable to `KCM:_�u_�i_�d' or add the stanza
-
-
- [libdefaults]
- default_cc_name = KCM:%{uid}
-
- to the _�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�c_�o_�n_�f configuration file and make sure k�kc�cm�m is started in
- the system startup files.
-
- The k�kc�cm�m daemon can hold the credentials for all users in the system.
- Access control is done with Unix-like permissions. The daemon checks the
- access on all operations based on the uid and gid of the user. The tick-
- ets are renewed as long as is permitted by the KDC's policy.
-
- The k�kc�cm�m daemon can also keep a SYSTEM credential that server processes
- can use to access services. One example of usage might be an nss_ldap
- module that quickly needs to get credentials and doesn't want to renew
- the ticket itself.
-
- Supported options:
-
- -�--�-c�ca�ac�ch�he�e-�-n�na�am�me�e=�=_�c_�a_�c_�h_�e_�n_�a_�m_�e
- system cache name
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- location of config file
-
- -�-g�g _�g_�r_�o_�u_�p, -�--�-g�gr�ro�ou�up�p=�=_�g_�r_�o_�u_�p
- system cache group
-
- -�--�-m�ma�ax�x-�-r�re�eq�qu�ue�es�st�t=�=_�s_�i_�z_�e
- max size for a kcm-request
-
- -�--�-d�di�is�sa�al�ll�lo�ow�w-�-g�ge�et�tt�ti�in�ng�g-�-k�kr�rb�bt�tg�gt�t
- disallow extracting any krbtgt from the k�kc�cm�m daemon.
-
- -�--�-d�de�et�ta�ac�ch�h
- detach from console
-
- -�-h�h, -�--�-h�he�el�lp�p
-
- -�-k�k _�p_�r_�i_�n_�c_�i_�p_�a_�l, -�--�-s�sy�ys�st�te�em�m-�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l
- system principal name
-
- -�-l�l _�t_�i_�m_�e, -�--�-l�li�if�fe�et�ti�im�me�e=�=_�t_�i_�m_�e
- lifetime of system tickets
-
- -�-m�m _�m_�o_�d_�e, -�--�-m�mo�od�de�e=�=_�m_�o_�d_�e
- octal mode of system cache
-
- -�-n�n, -�--�-n�no�o-�-n�na�am�me�e-�-c�co�on�ns�st�tr�ra�ai�in�nt�ts�s
- disable credentials cache name constraints
-
- -�-r�r _�t_�i_�m_�e, -�--�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e=�=_�t_�i_�m_�e
- renewable lifetime of system tickets
-
- -�-s�s _�p_�a_�t_�h, -�--�-s�so�oc�ck�ke�et�t-�-p�pa�at�th�h=�=_�p_�a_�t_�h
- path to kcm domain socket
-
- -�--�-d�do�oo�or�r-�-p�pa�at�th�h=�=_�p_�a_�t_�h
- path to kcm door socket
-
- -�-S�S _�p_�r_�i_�n_�c_�i_�p_�a_�l, -�--�-s�se�er�rv�ve�er�r=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l
- server to get system ticket for
-
- -�-t�t _�k_�e_�y_�t_�a_�b, -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b
- system keytab name
-
- -�-u�u _�u_�s_�e_�r, -�--�-u�us�se�er�r=�=_�u_�s_�e_�r
- system cache owner
-
- -�-v�v, -�--�-v�ve�er�rs�si�io�on�n
-
-Heimdal May 29, 2005 Heimdal
Deleted: trunk/crypto/heimdal/kcm/kcm_protos.h
===================================================================
--- trunk/crypto/heimdal/kcm/kcm_protos.h 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kcm/kcm_protos.h 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,288 +0,0 @@
-/* This is a generated file */
-#ifndef __kcm_protos_h__
-#define __kcm_protos_h__
-
-#include <stdarg.h>
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-krb5_error_code
-kcm_access (
- krb5_context /*context*/,
- kcm_client */*client*/,
- kcm_operation /*opcode*/,
- kcm_ccache /*ccache*/);
-
-krb5_error_code
-kcm_ccache_acquire (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_creds **/*credp*/);
-
-krb5_error_code
-kcm_ccache_destroy (
- krb5_context /*context*/,
- const char */*name*/);
-
-krb5_error_code
-kcm_ccache_destroy_client (
- krb5_context /*context*/,
- kcm_client */*client*/,
- const char */*name*/);
-
-krb5_error_code
-kcm_ccache_destroy_if_empty (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/);
-
-krb5_error_code
-kcm_ccache_enqueue_default (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_creds */*newcred*/);
-
-krb5_error_code
-kcm_ccache_gen_new (
- krb5_context /*context*/,
- pid_t /*pid*/,
- uid_t /*uid*/,
- gid_t /*gid*/,
- kcm_ccache */*ccache*/);
-
-krb5_error_code
-kcm_ccache_new (
- krb5_context /*context*/,
- const char */*name*/,
- kcm_ccache */*ccache*/);
-
-krb5_error_code
-kcm_ccache_new_client (
- krb5_context /*context*/,
- kcm_client */*client*/,
- const char */*name*/,
- kcm_ccache */*ccache_p*/);
-
-char *kcm_ccache_nextid (
- pid_t /*pid*/,
- uid_t /*uid*/,
- gid_t /*gid*/);
-
-krb5_error_code
-kcm_ccache_refresh (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_creds **/*credp*/);
-
-krb5_error_code
-kcm_ccache_remove_cred (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_flags /*whichfields*/,
- const krb5_creds */*mcreds*/);
-
-krb5_error_code
-kcm_ccache_remove_cred_internal (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_flags /*whichfields*/,
- const krb5_creds */*mcreds*/);
-
-krb5_error_code
-kcm_ccache_remove_creds (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/);
-
-krb5_error_code
-kcm_ccache_remove_creds_internal (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/);
-
-krb5_error_code
-kcm_ccache_resolve (
- krb5_context /*context*/,
- const char */*name*/,
- kcm_ccache */*ccache*/);
-
-krb5_error_code
-kcm_ccache_resolve_client (
- krb5_context /*context*/,
- kcm_client */*client*/,
- kcm_operation /*opcode*/,
- const char */*name*/,
- kcm_ccache */*ccache*/);
-
-krb5_error_code
-kcm_ccache_retrieve_cred (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_flags /*whichfields*/,
- const krb5_creds */*mcreds*/,
- krb5_creds **/*credp*/);
-
-krb5_error_code
-kcm_ccache_retrieve_cred_internal (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_flags /*whichfields*/,
- const krb5_creds */*mcreds*/,
- krb5_creds **/*creds*/);
-
-krb5_error_code
-kcm_ccache_store_cred (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_creds */*creds*/,
- int /*copy*/);
-
-krb5_error_code
-kcm_ccache_store_cred_internal (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/,
- krb5_creds */*creds*/,
- int /*copy*/,
- krb5_creds **/*credp*/);
-
-krb5_error_code
-kcm_chmod (
- krb5_context /*context*/,
- kcm_client */*client*/,
- kcm_ccache /*ccache*/,
- uint16_t /*mode*/);
-
-krb5_error_code
-kcm_chown (
- krb5_context /*context*/,
- kcm_client */*client*/,
- kcm_ccache /*ccache*/,
- uid_t /*uid*/,
- gid_t /*gid*/);
-
-krb5_error_code
-kcm_cleanup_events (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/);
-
-void
-kcm_configure (
- int /*argc*/,
- char **/*argv*/);
-
-krb5_error_code
-kcm_cursor_delete (
- krb5_context /*context*/,
- pid_t /*pid*/,
- kcm_ccache /*ccache*/,
- uint32_t /*key*/);
-
-krb5_error_code
-kcm_cursor_find (
- krb5_context /*context*/,
- pid_t /*pid*/,
- kcm_ccache /*ccache*/,
- uint32_t /*key*/,
- kcm_cursor **/*cursor*/);
-
-krb5_error_code
-kcm_cursor_new (
- krb5_context /*context*/,
- pid_t /*pid*/,
- kcm_ccache /*ccache*/,
- uint32_t */*cursor*/);
-
-krb5_error_code
-kcm_debug_ccache (krb5_context /*context*/);
-
-krb5_error_code
-kcm_debug_events (krb5_context /*context*/);
-
-krb5_error_code
-kcm_dispatch (
- krb5_context /*context*/,
- kcm_client */*client*/,
- krb5_data */*req_data*/,
- krb5_data */*resp_data*/);
-
-krb5_error_code
-kcm_enqueue_event (
- krb5_context /*context*/,
- kcm_event */*event*/);
-
-krb5_error_code
-kcm_enqueue_event_internal (
- krb5_context /*context*/,
- kcm_event */*event*/);
-
-krb5_error_code
-kcm_enqueue_event_relative (
- krb5_context /*context*/,
- kcm_event */*event*/);
-
-krb5_error_code
-kcm_internal_ccache (
- krb5_context /*context*/,
- kcm_ccache /*c*/,
- krb5_ccache /*id*/);
-
-void
-kcm_log (
- int /*level*/,
- const char */*fmt*/,
- ...);
-
-char*
-kcm_log_msg (
- int /*level*/,
- const char */*fmt*/,
- ...);
-
-char*
-kcm_log_msg_va (
- int /*level*/,
- const char */*fmt*/,
- va_list /*ap*/);
-
-void
-kcm_loop (void);
-
-const char *kcm_op2string (kcm_operation /*opcode*/);
-
-void
-kcm_openlog (void);
-
-krb5_error_code
-kcm_release_ccache (
- krb5_context /*context*/,
- kcm_ccache */*ccache*/);
-
-krb5_error_code
-kcm_remove_event (
- krb5_context /*context*/,
- kcm_event */*event*/);
-
-krb5_error_code
-kcm_retain_ccache (
- krb5_context /*context*/,
- kcm_ccache /*ccache*/);
-
-krb5_error_code
-kcm_run_events (
- krb5_context /*context*/,
- time_t /*now*/);
-
-krb5_error_code
-kcm_zero_ccache_data (
- krb5_context /*context*/,
- kcm_ccache /*cache*/);
-
-krb5_error_code
-kcm_zero_ccache_data_internal (
- krb5_context /*context*/,
- kcm_ccache_data */*cache*/);
-
-#ifdef __cplusplus
-}
-#endif
-
-#endif /* __kcm_protos_h__ */
Deleted: trunk/crypto/heimdal/kdc/524.c
===================================================================
--- trunk/crypto/heimdal/kdc/524.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/524.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,400 +0,0 @@
-/*
- * Copyright (c) 1997-2005 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kdc_locl.h"
-
-RCSID("$Id: 524.c,v 1.1.1.3 2012-07-21 15:09:06 laffer1 Exp $");
-
-#include <krb5-v4compat.h>
-
-/*
- * fetch the server from `t', returning the name in malloced memory in
- * `spn' and the entry itself in `server'
- */
-
-static krb5_error_code
-fetch_server (krb5_context context,
- krb5_kdc_configuration *config,
- const Ticket *t,
- char **spn,
- hdb_entry_ex **server,
- const char *from)
-{
- krb5_error_code ret;
- krb5_principal sprinc;
-
- ret = _krb5_principalname2krb5_principal(context, &sprinc,
- t->sname, t->realm);
- if (ret) {
- kdc_log(context, config, 0, "_krb5_principalname2krb5_principal: %s",
- krb5_get_err_text(context, ret));
- return ret;
- }
- ret = krb5_unparse_name(context, sprinc, spn);
- if (ret) {
- krb5_free_principal(context, sprinc);
- kdc_log(context, config, 0, "krb5_unparse_name: %s",
- krb5_get_err_text(context, ret));
- return ret;
- }
- ret = _kdc_db_fetch(context, config, sprinc, HDB_F_GET_SERVER,
- NULL, server);
- krb5_free_principal(context, sprinc);
- if (ret) {
- kdc_log(context, config, 0,
- "Request to convert ticket from %s for unknown principal %s: %s",
- from, *spn, krb5_get_err_text(context, ret));
- if (ret == HDB_ERR_NOENTRY)
- ret = KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN;
- return ret;
- }
- return 0;
-}
-
-static krb5_error_code
-log_524 (krb5_context context,
- krb5_kdc_configuration *config,
- const EncTicketPart *et,
- const char *from,
- const char *spn)
-{
- krb5_principal client;
- char *cpn;
- krb5_error_code ret;
-
- ret = _krb5_principalname2krb5_principal(context, &client,
- et->cname, et->crealm);
- if (ret) {
- kdc_log(context, config, 0, "_krb5_principalname2krb5_principal: %s",
- krb5_get_err_text (context, ret));
- return ret;
- }
- ret = krb5_unparse_name(context, client, &cpn);
- if (ret) {
- krb5_free_principal(context, client);
- kdc_log(context, config, 0, "krb5_unparse_name: %s",
- krb5_get_err_text (context, ret));
- return ret;
- }
- kdc_log(context, config, 1, "524-REQ %s from %s for %s", cpn, from, spn);
- free(cpn);
- krb5_free_principal(context, client);
- return 0;
-}
-
-static krb5_error_code
-verify_flags (krb5_context context,
- krb5_kdc_configuration *config,
- const EncTicketPart *et,
- const char *spn)
-{
- if(et->endtime < kdc_time){
- kdc_log(context, config, 0, "Ticket expired (%s)", spn);
- return KRB5KRB_AP_ERR_TKT_EXPIRED;
- }
- if(et->flags.invalid){
- kdc_log(context, config, 0, "Ticket not valid (%s)", spn);
- return KRB5KRB_AP_ERR_TKT_NYV;
- }
- return 0;
-}
-
-/*
- * set the `et->caddr' to the most appropriate address to use, where
- * `addr' is the address the request was received from.
- */
-
-static krb5_error_code
-set_address (krb5_context context,
- krb5_kdc_configuration *config,
- EncTicketPart *et,
- struct sockaddr *addr,
- const char *from)
-{
- krb5_error_code ret;
- krb5_address *v4_addr;
-
- v4_addr = malloc (sizeof(*v4_addr));
- if (v4_addr == NULL)
- return ENOMEM;
-
- ret = krb5_sockaddr2address(context, addr, v4_addr);
- if(ret) {
- free (v4_addr);
- kdc_log(context, config, 0, "Failed to convert address (%s)", from);
- return ret;
- }
-
- if (et->caddr && !krb5_address_search (context, v4_addr, et->caddr)) {
- kdc_log(context, config, 0, "Incorrect network address (%s)", from);
- krb5_free_address(context, v4_addr);
- free (v4_addr);
- return KRB5KRB_AP_ERR_BADADDR;
- }
- if(v4_addr->addr_type == KRB5_ADDRESS_INET) {
- /* we need to collapse the addresses in the ticket to a
- single address; best guess is to use the address the
- connection came from */
-
- if (et->caddr != NULL) {
- free_HostAddresses(et->caddr);
- } else {
- et->caddr = malloc (sizeof (*et->caddr));
- if (et->caddr == NULL) {
- krb5_free_address(context, v4_addr);
- free(v4_addr);
- return ENOMEM;
- }
- }
- et->caddr->val = v4_addr;
- et->caddr->len = 1;
- } else {
- krb5_free_address(context, v4_addr);
- free(v4_addr);
- }
- return 0;
-}
-
-
-static krb5_error_code
-encrypt_v4_ticket(krb5_context context,
- krb5_kdc_configuration *config,
- void *buf,
- size_t len,
- krb5_keyblock *skey,
- EncryptedData *reply)
-{
- krb5_crypto crypto;
- krb5_error_code ret;
- ret = krb5_crypto_init(context, skey, ETYPE_DES_PCBC_NONE, &crypto);
- if (ret) {
- free(buf);
- kdc_log(context, config, 0, "krb5_crypto_init failed: %s",
- krb5_get_err_text(context, ret));
- return ret;
- }
-
- ret = krb5_encrypt_EncryptedData(context,
- crypto,
- KRB5_KU_TICKET,
- buf,
- len,
- 0,
- reply);
- krb5_crypto_destroy(context, crypto);
- if(ret) {
- kdc_log(context, config, 0, "Failed to encrypt data: %s",
- krb5_get_err_text(context, ret));
- return ret;
- }
- return 0;
-}
-
-static krb5_error_code
-encode_524_response(krb5_context context,
- krb5_kdc_configuration *config,
- const char *spn, const EncTicketPart et,
- const Ticket *t, hdb_entry_ex *server,
- EncryptedData *ticket, int *kvno)
-{
- krb5_error_code ret;
- int use_2b;
- size_t len;
-
- use_2b = krb5_config_get_bool(context, NULL, "kdc", "use_2b", spn, NULL);
- if(use_2b) {
- ASN1_MALLOC_ENCODE(EncryptedData,
- ticket->cipher.data, ticket->cipher.length,
- &t->enc_part, &len, ret);
-
- if (ret) {
- kdc_log(context, config, 0,
- "Failed to encode v4 (2b) ticket (%s)", spn);
- return ret;
- }
-
- ticket->etype = 0;
- ticket->kvno = NULL;
- *kvno = 213; /* 2b's use this magic kvno */
- } else {
- unsigned char buf[MAX_KTXT_LEN + 4 * 4];
- Key *skey;
-
- if (!config->enable_v4_cross_realm && strcmp (et.crealm, t->realm) != 0) {
- kdc_log(context, config, 0, "524 cross-realm %s -> %s disabled", et.crealm,
- t->realm);
- return KRB5KDC_ERR_POLICY;
- }
-
- ret = _kdc_encode_v4_ticket(context, config,
- buf + sizeof(buf) - 1, sizeof(buf),
- &et, &t->sname, &len);
- if(ret){
- kdc_log(context, config, 0,
- "Failed to encode v4 ticket (%s)", spn);
- return ret;
- }
- ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey);
- if(ret){
- kdc_log(context, config, 0,
- "no suitable DES key for server (%s)", spn);
- return ret;
- }
- ret = encrypt_v4_ticket(context, config, buf + sizeof(buf) - len, len,
- &skey->key, ticket);
- if(ret){
- kdc_log(context, config, 0,
- "Failed to encrypt v4 ticket (%s)", spn);
- return ret;
- }
- *kvno = server->entry.kvno;
- }
-
- return 0;
-}
-
-/*
- * process a 5->4 request, based on `t', and received `from, addr',
- * returning the reply in `reply'
- */
-
-krb5_error_code
-_kdc_do_524(krb5_context context,
- krb5_kdc_configuration *config,
- const Ticket *t, krb5_data *reply,
- const char *from, struct sockaddr *addr)
-{
- krb5_error_code ret = 0;
- krb5_crypto crypto;
- hdb_entry_ex *server = NULL;
- Key *skey;
- krb5_data et_data;
- EncTicketPart et;
- EncryptedData ticket;
- krb5_storage *sp;
- char *spn = NULL;
- unsigned char buf[MAX_KTXT_LEN + 4 * 4];
- size_t len;
- int kvno = 0;
-
- if(!config->enable_524) {
- ret = KRB5KDC_ERR_POLICY;
- kdc_log(context, config, 0,
- "Rejected ticket conversion request from %s", from);
- goto out;
- }
-
- ret = fetch_server (context, config, t, &spn, &server, from);
- if (ret) {
- goto out;
- }
-
- ret = hdb_enctype2key(context, &server->entry, t->enc_part.etype, &skey);
- if(ret){
- kdc_log(context, config, 0,
- "No suitable key found for server (%s) from %s", spn, from);
- goto out;
- }
- ret = krb5_crypto_init(context, &skey->key, 0, &crypto);
- if (ret) {
- kdc_log(context, config, 0, "krb5_crypto_init failed: %s",
- krb5_get_err_text(context, ret));
- goto out;
- }
- ret = krb5_decrypt_EncryptedData (context,
- crypto,
- KRB5_KU_TICKET,
- &t->enc_part,
- &et_data);
- krb5_crypto_destroy(context, crypto);
- if(ret){
- kdc_log(context, config, 0,
- "Failed to decrypt ticket from %s for %s", from, spn);
- goto out;
- }
- ret = krb5_decode_EncTicketPart(context, et_data.data, et_data.length,
- &et, &len);
- krb5_data_free(&et_data);
- if(ret){
- kdc_log(context, config, 0,
- "Failed to decode ticket from %s for %s", from, spn);
- goto out;
- }
-
- ret = log_524 (context, config, &et, from, spn);
- if (ret) {
- free_EncTicketPart(&et);
- goto out;
- }
-
- ret = verify_flags (context, config, &et, spn);
- if (ret) {
- free_EncTicketPart(&et);
- goto out;
- }
-
- ret = set_address (context, config, &et, addr, from);
- if (ret) {
- free_EncTicketPart(&et);
- goto out;
- }
-
- ret = encode_524_response(context, config, spn, et, t,
- server, &ticket, &kvno);
- free_EncTicketPart(&et);
-
- out:
- /* make reply */
- memset(buf, 0, sizeof(buf));
- sp = krb5_storage_from_mem(buf, sizeof(buf));
- if (sp) {
- krb5_store_int32(sp, ret);
- if(ret == 0){
- krb5_store_int32(sp, kvno);
- krb5_store_data(sp, ticket.cipher);
- /* Aargh! This is coded as a KTEXT_ST. */
- krb5_storage_seek(sp, MAX_KTXT_LEN - ticket.cipher.length, SEEK_CUR);
- krb5_store_int32(sp, 0); /* mbz */
- free_EncryptedData(&ticket);
- }
- ret = krb5_storage_to_data(sp, reply);
- reply->length = krb5_storage_seek(sp, 0, SEEK_CUR);
- krb5_storage_free(sp);
- } else
- krb5_data_zero(reply);
- if(spn)
- free(spn);
- if(server)
- _kdc_free_ent (context, server);
- return ret;
-}
Deleted: trunk/crypto/heimdal/kdc/NTMakefile
===================================================================
--- trunk/crypto/heimdal/kdc/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,161 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=kdc
-
-!include ../windows/NTMakefile.w32
-
-BINPROGRAMS=$(BINDIR)\string2key.exe
-
-SBINPROGRAMS=$(SBINDIR)\kstash.exe
-
-LIBEXECPROGRAMS= \
- $(LIBEXECDIR)\hprop.exe \
- $(LIBEXECDIR)\hpropd.exe \
- $(LIBEXECDIR)\kdc.exe \
-# $(LIBEXECDIR)\digest-service.exe
-
-NOINST_PROGRAMS=$(OBJ)\kdc-replay.exe
-
-INCFILES=\
- $(INCDIR)\kdc.h \
- $(INCDIR)\kdc-protos.h \
- $(INCDIR)\kdc-private.h \
- $(INCDIR)\krb5\windc_plugin.h
-
-all:: $(INCFILES) $(LIBKDC) $(BINPROGRAMS) $(SBINPROGRAMS) $(LIBEXECPROGRAMS)
-
-clean::
- -$(RM) $(LIBKDC)
- -$(RM) $(BINPROGRAMS:.exe=.*) $(SBINPROGRAMS:.exe=.*) $(LIBEXECPROGRAMS:.exe=.*)
-
-BIN_LIBS=\
- $(LIBHDB) \
- $(LIBHEIMDAL) \
- $(LIBROKEN) \
- $(LIBVERS)
-
-$(LIBEXECDIR)\hprop.exe: $(OBJ)\hprop.obj $(OBJ)\mit_dump.obj $(BIN_LIBS) $(OBJ)\hprop-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-!ifdef KRB4
-$(LIBEXECDIR)\hprop.exe: $(OBJ)\v4_dump.obj
-!endif
-
-
-$(LIBEXECDIR)\hpropd.exe: $(OBJ)\hpropd.obj $(BIN_LIBS) $(OBJ)\hpropd-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(SBINDIR)\kstash.exe: $(OBJ)\kstash.obj $(BIN_LIBS) $(OBJ)\kstash-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(BINDIR)\string2key.exe: $(OBJ)\string2key.obj $(BIN_LIBS) $(OBJ)\string2key-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(BINDIR)\digest-service.exe: $(OBJ)\digest-service.obj $(BIN_LIBS)
- $(EXECONLINK)
- $(EXEPREP)
-
-$(LIBEXECDIR)\kdc.exe: \
- $(OBJ)\connect.obj $(OBJ)\config.obj $(OBJ)\announce.obj \
- $(OBJ)\main.obj $(OBJ)\kdc-version.res \
- $(LIBKDC) $(BIN_LIBS)
- $(EXECONLINK)
- $(EXEPREP)
-
-LIBKDC_OBJS=\
- $(OBJ)\default_config.obj \
- $(OBJ)\set_dbinfo.obj \
- $(OBJ)\digest.obj \
- $(OBJ)\kerberos5.obj \
- $(OBJ)\krb5tgs.obj \
- $(OBJ)\pkinit.obj \
- $(OBJ)\log.obj \
- $(OBJ)\misc.obj \
- $(OBJ)\kx509.obj \
- $(OBJ)\process.obj \
- $(OBJ)\windc.obj
-
-!ifdef KRB4
-LIBKDC_OBJS=$(LIBKDC_OBJS) \
- $(OBJ)\524.obj \
- $(OBJ)\kerberos4.obj
-!endif
-
-LIBKDC_LIBS=\
- $(LIBHDB) \
- $(LIBHEIMDAL) \
- $(LIBHEIMNTLM) \
- $(LIBROKEN)
-
-LIBKDCRES=$(OBJ)\libkdc-version.res
-
-$(LIBEXECDIR)\libkdc.dll: $(LIBKDC_OBJS) $(LIBKDC_LIBS) $(LIBKDCRES)
- $(DLLGUILINK) -implib:$(LIBKDC) -def:libkdc-exports.def
- $(DLLPREP)
-
-$(LIBKDC): $(LIBEXECDIR)\libkdc.dll
-
-clean::
- -$(RM) $(LIBEXECDIR)\libkdc.*
-
-libkdc_la_SOURCES = \
- default_config.c \
- set_dbinfo.c \
- digest.c \
- kdc_locl.h \
- kerberos5.c \
- krb5tgs.c \
- pkinit.c \
- log.c \
- misc.c \
- kx509.c \
- process.c \
- windc.c \
- rx.h
-
-!ifdef KRB4
-libkdc_la_SOURCES=$(libkdc_la_SOURCES) \
- 524.c \
- kerberos4.c
-!endif
-
-$(OBJ)\kdc-protos.h: $(libkdc_la_SOURCES)
- $(PERL) ..\cf\make-proto.pl -q -P remove -o $@ $(libkdc_la_SOURCES) \
- || $(RM) $@
-
-$(OBJ)\kdc-private.h: $(libkdc_la_SOURCES)
- $(PERL) ..\cf\make-proto.pl -q -P remove -p $@ $(libkdc_la_SOURCES) \
- || $(RM) $@
Deleted: trunk/crypto/heimdal/kdc/hprop-version.rc
===================================================================
--- trunk/crypto/heimdal/kdc/hprop-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/hprop-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "KDC Database Propagation Tool"
-#define RC_FILE_ORIG_0409 "hprop.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kdc/hprop.cat8
===================================================================
--- trunk/crypto/heimdal/kdc/hprop.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/hprop.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,67 +0,0 @@
-
-HPROP(8) BSD System Manager's Manual HPROP(8)
-
-N�NA�AM�ME�E
- h�hp�pr�ro�op�p -- propagate the KDC database
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- h�hp�pr�ro�op�p [-�-m�m _�f_�i_�l_�e | -�--�-m�ma�as�st�te�er�r-�-k�ke�ey�y=�=_�f_�i_�l_�e] [-�-d�d _�f_�i_�l_�e | -�--�-d�da�at�ta�ab�ba�as�se�e=�=_�f_�i_�l_�e]
- [-�--�-s�so�ou�ur�rc�ce�e=�=_�h_�e_�i_�m_�d_�a_�l_�|_�m_�i_�t_�-_�d_�u_�m_�p] [-�-r�r _�s_�t_�r_�i_�n_�g | -�--�-v�v4�4-�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-c�c
- _�c_�e_�l_�l | -�--�-c�ce�el�ll�l=�=_�c_�e_�l_�l] [-�-k�k _�k_�e_�y_�t_�a_�b | -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b] [-�-R�R _�s_�t_�r_�i_�n_�g |
- -�--�-v�v5�5-�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-D�D | -�--�-d�de�ec�cr�ry�yp�pt�t] [-�-E�E | -�--�-e�en�nc�cr�ry�yp�pt�t]
- [-�-n�n | -�--�-s�st�td�do�ou�ut�t] [-�-v�v | -�--�-v�ve�er�rb�bo�os�se�e] [-�--�-v�ve�er�rs�si�io�on�n] [-�-h�h | -�--�-h�he�el�lp�p]
- [_�h_�o_�s_�t[:_�p_�o_�r_�t]] _�._�._�.
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- h�hp�pr�ro�op�p takes a principal database in a specified format and converts it
- into a stream of Heimdal database records. This stream can either be
- written to standard out, or (more commonly) be propagated to a hpropd(8)
- server running on a different machine.
-
- If propagating, it connects to all _�h_�o_�s_�t_�s specified on the command by
- opening a TCP connection to port 754 (service hprop) and sends the data-
- base in encrypted form.
-
- Supported options:
-
- -�-m�m _�f_�i_�l_�e, -�--�-m�ma�as�st�te�er�r-�-k�ke�ey�y=�=_�f_�i_�l_�e
- Where to find the master key to encrypt or decrypt keys with.
-
- -�-d�d _�f_�i_�l_�e, -�--�-d�da�at�ta�ab�ba�as�se�e=�=_�f_�i_�l_�e
- The database to be propagated.
-
- -�--�-s�so�ou�ur�rc�ce�e=�=_�h_�e_�i_�m_�d_�a_�l_�|_�m_�i_�t_�-_�d_�u_�m_�p_�|_�k_�r_�b_�4_�-_�d_�u_�m_�p_�|_�k_�a_�s_�e_�r_�v_�e_�r
- Specifies the type of the source database. Alternatives include:
-
- heimdal a Heimdal database
- mit-dump a MIT Kerberos 5 dump file
- +.It Fl k Ar keytab , Fl Fl keytab= Ns Ar keytab The keytab to
- use for fetching the key to be used for authenticating to the
- propagation daemon(s). The key _�h_�p_�r_�o_�p_�/_�h_�o_�s_�t_�n_�a_�m_�e is used from this
- keytab. The default is to fetch the key from the KDC database.
-
- -�-R�R _�s_�t_�r_�i_�n_�g, -�--�-v�v5�5-�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- Local realm override.
-
- -�-D�D, -�--�-d�de�ec�cr�ry�yp�pt�t
- The encryption keys in the database can either be in clear, or
- encrypted with a master key. This option transmits the database
- with unencrypted keys.
-
- -�-E�E, -�--�-e�en�nc�cr�ry�yp�pt�t
- This option transmits the database with encrypted keys.
-
- -�-n�n, -�--�-s�st�td�do�ou�ut�t
- Dump the database on stdout, in a format that can be fed to
- hpropd.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- The following will propagate a database to another machine (which should
- run hpropd(8)):
-
- $ hprop slave-1 slave-2
-
-S�SE�EE�E A�AL�LS�SO�O
- hpropd(8)
-
-HEIMDAL December 8, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/kdc/hpropd-version.rc
===================================================================
--- trunk/crypto/heimdal/kdc/hpropd-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/hpropd-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Propagated KDC database recipient"
-#define RC_FILE_ORIG_0409 "hpropd.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kdc/hpropd.cat8
===================================================================
--- trunk/crypto/heimdal/kdc/hpropd.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/hpropd.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,44 +0,0 @@
-
-HPROPD(8) BSD System Manager's Manual HPROPD(8)
-
-N�NA�AM�ME�E
- h�hp�pr�ro�op�pd�d -- receive a propagated database
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- h�hp�pr�ro�op�pd�d [-�-d�d _�f_�i_�l_�e | -�--�-d�da�at�ta�ab�ba�as�se�e=�=_�f_�i_�l_�e] [-�-n�n | -�--�-s�st�td�di�in�n] [-�--�-p�pr�ri�in�nt�t]
- [-�-i�i | -�--�-n�no�o-�-i�in�ne�et�td�d] [-�-k�k _�k_�e_�y_�t_�a_�b | -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b] [-�-4�4 | -�--�-v�v4�4d�du�um�mp�p]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- h�hp�pr�ro�op�pd�d receives a database sent by h�hp�pr�ro�op�p. and writes it as a local data-
- base.
-
- By default, h�hp�pr�ro�op�pd�d expects to be started from i�in�ne�et�td�d if stdin is a socket
- and expects to receive the dumped database over stdin otherwise. If the
- database is sent over the network, it is authenticated and encrypted.
- Only connections authenticated with the principal k�ka�ad�dm�mi�in�n/h�hp�pr�ro�op�p are
- accepted.
-
- Options supported:
-
- -�-d�d _�f_�i_�l_�e, -�--�-d�da�at�ta�ab�ba�as�se�e=�=_�f_�i_�l_�e
- database
-
- -�-n�n, -�--�-s�st�td�di�in�n
- read from stdin
-
- -�--�-p�pr�ri�in�nt�t
- print dump to stdout
-
- -�-i�i, -�--�-n�no�o-�-i�in�ne�et�td�d
- not started from inetd
-
- -�-k�k _�k_�e_�y_�t_�a_�b, -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b
- keytab to use for authentication
-
- -�-4�4, -�--�-v�v4�4d�du�um�mp�p
- create v4 type DB
-
-S�SE�EE�E A�AL�LS�SO�O
- hprop(8)
-
-HEIMDAL August 27, 1997 HEIMDAL
Deleted: trunk/crypto/heimdal/kdc/kadb.h
===================================================================
--- trunk/crypto/heimdal/kdc/kadb.h 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/kadb.h 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,84 +0,0 @@
-/*
- * Copyright (c) 1998 - 2000 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-/* $Id: kadb.h,v 1.1.1.3 2012-07-21 15:09:06 laffer1 Exp $ */
-
-#ifndef __kadb_h__
-#define __kadb_h__
-
-#define HASHSIZE 8191
-
-struct ka_header {
- int32_t version1; /* file format version, should
- match version2 */
- int32_t size;
- int32_t free_ptr;
- int32_t eof_ptr;
- int32_t kvno_ptr;
- int32_t stats[8];
- int32_t admin_accounts;
- int32_t special_keys_version;
- int32_t hashsize; /* allocated size of hash */
- int32_t hash[HASHSIZE];
- int32_t version2;
-};
-
-struct ka_entry {
- int32_t flags; /* see below */
- int32_t next; /* next in hash list */
- int32_t valid_end; /* expiration date */
- int32_t mod_time; /* time last modified */
- int32_t mod_ptr; /* pointer to modifier */
- int32_t pw_change; /* last pw change */
- int32_t max_life; /* max ticket life */
- int32_t kvno;
- int32_t foo2[2]; /* huh? */
- char name[64];
- char instance[64];
- char key[8];
- u_char pw_expire; /* # days before password expires */
- u_char spare;
- u_char attempts;
- u_char locktime;
-};
-
-#define KAFNORMAL (1<<0)
-#define KAFADMIN (1<<2) /* an administrator */
-#define KAFNOTGS (1<<3) /* ! allow principal to get or use TGT */
-#define KAFNOSEAL (1<<5) /* ! allow principal as server in GetTicket */
-#define KAFNOCPW (1<<6) /* ! allow principal to change its own key */
-#define KAFSPECIAL (1<<8) /* set if special AuthServer principal */
-
-#define DEFAULT_DATABASE "/usr/afs/db/kaserver.DB0"
-
-#endif /* __kadb_h__ */
Deleted: trunk/crypto/heimdal/kdc/kaserver.c
===================================================================
--- trunk/crypto/heimdal/kdc/kaserver.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/kaserver.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,951 +0,0 @@
-/*
- * Copyright (c) 1997 - 2005 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kdc_locl.h"
-
-RCSID("$Id: kaserver.c,v 1.1.1.3 2012-07-21 15:09:06 laffer1 Exp $");
-
-#include <krb5-v4compat.h>
-#include <rx.h>
-
-#define KA_AUTHENTICATION_SERVICE 731
-#define KA_TICKET_GRANTING_SERVICE 732
-#define KA_MAINTENANCE_SERVICE 733
-
-#define AUTHENTICATE_OLD 1
-#define CHANGEPASSWORD 2
-#define GETTICKET_OLD 3
-#define SETPASSWORD 4
-#define SETFIELDS 5
-#define CREATEUSER 6
-#define DELETEUSER 7
-#define GETENTRY 8
-#define LISTENTRY 9
-#define GETSTATS 10
-#define DEBUG 11
-#define GETPASSWORD 12
-#define GETRANDOMKEY 13
-#define AUTHENTICATE 21
-#define AUTHENTICATE_V2 22
-#define GETTICKET 23
-
-/* XXX - Where do we get these? */
-
-#define RXGEN_OPCODE (-455)
-
-#define KADATABASEINCONSISTENT (180480L)
-#define KAEXIST (180481L)
-#define KAIO (180482L)
-#define KACREATEFAIL (180483L)
-#define KANOENT (180484L)
-#define KAEMPTY (180485L)
-#define KABADNAME (180486L)
-#define KABADINDEX (180487L)
-#define KANOAUTH (180488L)
-#define KAANSWERTOOLONG (180489L)
-#define KABADREQUEST (180490L)
-#define KAOLDINTERFACE (180491L)
-#define KABADARGUMENT (180492L)
-#define KABADCMD (180493L)
-#define KANOKEYS (180494L)
-#define KAREADPW (180495L)
-#define KABADKEY (180496L)
-#define KAUBIKINIT (180497L)
-#define KAUBIKCALL (180498L)
-#define KABADPROTOCOL (180499L)
-#define KANOCELLS (180500L)
-#define KANOCELL (180501L)
-#define KATOOMANYUBIKS (180502L)
-#define KATOOMANYKEYS (180503L)
-#define KABADTICKET (180504L)
-#define KAUNKNOWNKEY (180505L)
-#define KAKEYCACHEINVALID (180506L)
-#define KABADSERVER (180507L)
-#define KABADUSER (180508L)
-#define KABADCPW (180509L)
-#define KABADCREATE (180510L)
-#define KANOTICKET (180511L)
-#define KAASSOCUSER (180512L)
-#define KANOTSPECIAL (180513L)
-#define KACLOCKSKEW (180514L)
-#define KANORECURSE (180515L)
-#define KARXFAIL (180516L)
-#define KANULLPASSWORD (180517L)
-#define KAINTERNALERROR (180518L)
-#define KAPWEXPIRED (180519L)
-#define KAREUSED (180520L)
-#define KATOOSOON (180521L)
-#define KALOCKED (180522L)
-
-
-static krb5_error_code
-decode_rx_header (krb5_storage *sp,
- struct rx_header *h)
-{
- krb5_error_code ret;
-
- ret = krb5_ret_uint32(sp, &h->epoch);
- if (ret) return ret;
- ret = krb5_ret_uint32(sp, &h->connid);
- if (ret) return ret;
- ret = krb5_ret_uint32(sp, &h->callid);
- if (ret) return ret;
- ret = krb5_ret_uint32(sp, &h->seqno);
- if (ret) return ret;
- ret = krb5_ret_uint32(sp, &h->serialno);
- if (ret) return ret;
- ret = krb5_ret_uint8(sp, &h->type);
- if (ret) return ret;
- ret = krb5_ret_uint8(sp, &h->flags);
- if (ret) return ret;
- ret = krb5_ret_uint8(sp, &h->status);
- if (ret) return ret;
- ret = krb5_ret_uint8(sp, &h->secindex);
- if (ret) return ret;
- ret = krb5_ret_uint16(sp, &h->reserved);
- if (ret) return ret;
- ret = krb5_ret_uint16(sp, &h->serviceid);
- if (ret) return ret;
-
- return 0;
-}
-
-static krb5_error_code
-encode_rx_header (struct rx_header *h,
- krb5_storage *sp)
-{
- krb5_error_code ret;
-
- ret = krb5_store_uint32(sp, h->epoch);
- if (ret) return ret;
- ret = krb5_store_uint32(sp, h->connid);
- if (ret) return ret;
- ret = krb5_store_uint32(sp, h->callid);
- if (ret) return ret;
- ret = krb5_store_uint32(sp, h->seqno);
- if (ret) return ret;
- ret = krb5_store_uint32(sp, h->serialno);
- if (ret) return ret;
- ret = krb5_store_uint8(sp, h->type);
- if (ret) return ret;
- ret = krb5_store_uint8(sp, h->flags);
- if (ret) return ret;
- ret = krb5_store_uint8(sp, h->status);
- if (ret) return ret;
- ret = krb5_store_uint8(sp, h->secindex);
- if (ret) return ret;
- ret = krb5_store_uint16(sp, h->reserved);
- if (ret) return ret;
- ret = krb5_store_uint16(sp, h->serviceid);
- if (ret) return ret;
-
- return 0;
-}
-
-static void
-init_reply_header (struct rx_header *hdr,
- struct rx_header *reply_hdr,
- u_char type,
- u_char flags)
-{
- reply_hdr->epoch = hdr->epoch;
- reply_hdr->connid = hdr->connid;
- reply_hdr->callid = hdr->callid;
- reply_hdr->seqno = 1;
- reply_hdr->serialno = 1;
- reply_hdr->type = type;
- reply_hdr->flags = flags;
- reply_hdr->status = 0;
- reply_hdr->secindex = 0;
- reply_hdr->reserved = 0;
- reply_hdr->serviceid = hdr->serviceid;
-}
-
-/*
- * Create an error `reply\xB4 using for the packet `hdr' with the error
- * `error\xB4 code.
- */
-static void
-make_error_reply (struct rx_header *hdr,
- uint32_t error,
- krb5_data *reply)
-
-{
- struct rx_header reply_hdr;
- krb5_error_code ret;
- krb5_storage *sp;
-
- init_reply_header (hdr, &reply_hdr, HT_ABORT, HF_LAST);
- sp = krb5_storage_emem();
- if (sp == NULL)
- return;
- ret = encode_rx_header (&reply_hdr, sp);
- if (ret)
- return;
- krb5_store_int32(sp, error);
- krb5_storage_to_data (sp, reply);
- krb5_storage_free (sp);
-}
-
-static krb5_error_code
-krb5_ret_xdr_data(krb5_storage *sp,
- krb5_data *data)
-{
- int ret;
- int size;
- ret = krb5_ret_int32(sp, &size);
- if(ret)
- return ret;
- if(size < 0)
- return ERANGE;
- data->length = size;
- if (size) {
- u_char foo[4];
- size_t pad = (4 - size % 4) % 4;
-
- data->data = malloc(size);
- if (data->data == NULL)
- return ENOMEM;
- ret = krb5_storage_read(sp, data->data, size);
- if(ret != size)
- return (ret < 0)? errno : KRB5_CC_END;
- if (pad) {
- ret = krb5_storage_read(sp, foo, pad);
- if (ret != pad)
- return (ret < 0)? errno : KRB5_CC_END;
- }
- } else
- data->data = NULL;
- return 0;
-}
-
-static krb5_error_code
-krb5_store_xdr_data(krb5_storage *sp,
- krb5_data data)
-{
- u_char zero[4] = {0, 0, 0, 0};
- int ret;
- size_t pad;
-
- ret = krb5_store_int32(sp, data.length);
- if(ret < 0)
- return ret;
- ret = krb5_storage_write(sp, data.data, data.length);
- if(ret != data.length){
- if(ret < 0)
- return errno;
- return KRB5_CC_END;
- }
- pad = (4 - data.length % 4) % 4;
- if (pad) {
- ret = krb5_storage_write(sp, zero, pad);
- if (ret != pad) {
- if (ret < 0)
- return errno;
- return KRB5_CC_END;
- }
- }
- return 0;
-}
-
-
-static krb5_error_code
-create_reply_ticket (krb5_context context,
- struct rx_header *hdr,
- Key *skey,
- char *name, char *instance, char *realm,
- struct sockaddr_in *addr,
- int life,
- int kvno,
- int32_t max_seq_len,
- const char *sname, const char *sinstance,
- uint32_t challenge,
- const char *label,
- krb5_keyblock *key,
- krb5_data *reply)
-{
- krb5_error_code ret;
- krb5_data ticket;
- krb5_keyblock session;
- krb5_storage *sp;
- krb5_data enc_data;
- struct rx_header reply_hdr;
- char zero[8];
- size_t pad;
- unsigned fyrtiosjuelva;
-
- /* create the ticket */
-
- krb5_generate_random_keyblock(context, ETYPE_DES_PCBC_NONE, &session);
-
- _krb5_krb_create_ticket(context,
- 0,
- name,
- instance,
- realm,
- addr->sin_addr.s_addr,
- &session,
- life,
- kdc_time,
- sname,
- sinstance,
- &skey->key,
- &ticket);
-
- /* create the encrypted part of the reply */
- sp = krb5_storage_emem ();
- krb5_generate_random_block(&fyrtiosjuelva, sizeof(fyrtiosjuelva));
- fyrtiosjuelva &= 0xffffffff;
- krb5_store_int32 (sp, fyrtiosjuelva);
- krb5_store_int32 (sp, challenge);
- krb5_storage_write (sp, session.keyvalue.data, 8);
- krb5_free_keyblock_contents(context, &session);
- krb5_store_int32 (sp, kdc_time);
- krb5_store_int32 (sp, kdc_time + _krb5_krb_life_to_time (0, life));
- krb5_store_int32 (sp, kvno);
- krb5_store_int32 (sp, ticket.length);
- krb5_store_stringz (sp, name);
- krb5_store_stringz (sp, instance);
-#if 1 /* XXX - Why shouldn't the realm go here? */
- krb5_store_stringz (sp, "");
-#else
- krb5_store_stringz (sp, realm);
-#endif
- krb5_store_stringz (sp, sname);
- krb5_store_stringz (sp, sinstance);
- krb5_storage_write (sp, ticket.data, ticket.length);
- krb5_storage_write (sp, label, strlen(label));
-
- /* pad to DES block */
- memset (zero, 0, sizeof(zero));
- pad = (8 - krb5_storage_seek (sp, 0, SEEK_CUR) % 8) % 8;
- krb5_storage_write (sp, zero, pad);
-
- krb5_storage_to_data (sp, &enc_data);
- krb5_storage_free (sp);
-
- if (enc_data.length > max_seq_len) {
- krb5_data_free (&enc_data);
- make_error_reply (hdr, KAANSWERTOOLONG, reply);
- return 0;
- }
-
- /* encrypt it */
- {
- DES_key_schedule schedule;
- DES_cblock deskey;
-
- memcpy (&deskey, key->keyvalue.data, sizeof(deskey));
- DES_set_key (&deskey, &schedule);
- DES_pcbc_encrypt (enc_data.data,
- enc_data.data,
- enc_data.length,
- &schedule,
- &deskey,
- DES_ENCRYPT);
- memset (&schedule, 0, sizeof(schedule));
- memset (&deskey, 0, sizeof(deskey));
- }
-
- /* create the reply packet */
- init_reply_header (hdr, &reply_hdr, HT_DATA, HF_LAST);
- sp = krb5_storage_emem ();
- ret = encode_rx_header (&reply_hdr, sp);
- krb5_store_int32 (sp, max_seq_len);
- krb5_store_xdr_data (sp, enc_data);
- krb5_data_free (&enc_data);
- krb5_storage_to_data (sp, reply);
- krb5_storage_free (sp);
- return 0;
-}
-
-static krb5_error_code
-unparse_auth_args (krb5_storage *sp,
- char **name,
- char **instance,
- time_t *start_time,
- time_t *end_time,
- krb5_data *request,
- int32_t *max_seq_len)
-{
- krb5_data data;
- int32_t tmp;
-
- krb5_ret_xdr_data (sp, &data);
- *name = malloc(data.length + 1);
- if (*name == NULL)
- return ENOMEM;
- memcpy (*name, data.data, data.length);
- (*name)[data.length] = '\0';
- krb5_data_free (&data);
-
- krb5_ret_xdr_data (sp, &data);
- *instance = malloc(data.length + 1);
- if (*instance == NULL) {
- free (*name);
- return ENOMEM;
- }
- memcpy (*instance, data.data, data.length);
- (*instance)[data.length] = '\0';
- krb5_data_free (&data);
-
- krb5_ret_int32 (sp, &tmp);
- *start_time = tmp;
- krb5_ret_int32 (sp, &tmp);
- *end_time = tmp;
- krb5_ret_xdr_data (sp, request);
- krb5_ret_int32 (sp, max_seq_len);
- /* ignore the rest */
- return 0;
-}
-
-static void
-do_authenticate (krb5_context context,
- krb5_kdc_configuration *config,
- struct rx_header *hdr,
- krb5_storage *sp,
- struct sockaddr_in *addr,
- const char *from,
- krb5_data *reply)
-{
- krb5_error_code ret;
- char *name = NULL;
- char *instance = NULL;
- time_t start_time;
- time_t end_time;
- krb5_data request;
- int32_t max_seq_len;
- hdb_entry_ex *client_entry = NULL;
- hdb_entry_ex *server_entry = NULL;
- Key *ckey = NULL;
- Key *skey = NULL;
- krb5_storage *reply_sp;
- time_t max_life;
- uint8_t life;
- int32_t chal;
- char client_name[256];
- char server_name[256];
-
- krb5_data_zero (&request);
-
- ret = unparse_auth_args (sp, &name, &instance, &start_time, &end_time,
- &request, &max_seq_len);
- if (ret != 0 || request.length < 8) {
- make_error_reply (hdr, KABADREQUEST, reply);
- goto out;
- }
-
- snprintf (client_name, sizeof(client_name), "%s.%s@%s",
- name, instance, config->v4_realm);
- snprintf (server_name, sizeof(server_name), "%s.%s@%s",
- "krbtgt", config->v4_realm, config->v4_realm);
-
- kdc_log(context, config, 0, "AS-REQ (kaserver) %s from %s for %s",
- client_name, from, server_name);
-
- ret = _kdc_db_fetch4 (context, config, name, instance,
- config->v4_realm, HDB_F_GET_CLIENT,
- &client_entry);
- if (ret) {
- kdc_log(context, config, 0, "Client not found in database: %s: %s",
- client_name, krb5_get_err_text(context, ret));
- make_error_reply (hdr, KANOENT, reply);
- goto out;
- }
-
- ret = _kdc_db_fetch4 (context, config, "krbtgt",
- config->v4_realm, config->v4_realm,
- HDB_F_GET_KRBTGT, &server_entry);
- if (ret) {
- kdc_log(context, config, 0, "Server not found in database: %s: %s",
- server_name, krb5_get_err_text(context, ret));
- make_error_reply (hdr, KANOENT, reply);
- goto out;
- }
-
- ret = _kdc_check_flags (context, config,
- client_entry, client_name,
- server_entry, server_name,
- TRUE);
- if (ret) {
- make_error_reply (hdr, KAPWEXPIRED, reply);
- goto out;
- }
-
- /* find a DES key */
- ret = _kdc_get_des_key(context, client_entry, FALSE, TRUE, &ckey);
- if(ret){
- kdc_log(context, config, 0, "no suitable DES key for client");
- make_error_reply (hdr, KANOKEYS, reply);
- goto out;
- }
-
- /* find a DES key */
- ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey);
- if(ret){
- kdc_log(context, config, 0, "no suitable DES key for server");
- make_error_reply (hdr, KANOKEYS, reply);
- goto out;
- }
-
- {
- DES_cblock key;
- DES_key_schedule schedule;
-
- /* try to decode the `request' */
- memcpy (&key, ckey->key.keyvalue.data, sizeof(key));
- DES_set_key (&key, &schedule);
- DES_pcbc_encrypt (request.data,
- request.data,
- request.length,
- &schedule,
- &key,
- DES_DECRYPT);
- memset (&schedule, 0, sizeof(schedule));
- memset (&key, 0, sizeof(key));
- }
-
- /* check for the magic label */
- if (memcmp ((char *)request.data + 4, "gTGS", 4) != 0) {
- kdc_log(context, config, 0, "preauth failed for %s", client_name);
- make_error_reply (hdr, KABADREQUEST, reply);
- goto out;
- }
-
- reply_sp = krb5_storage_from_mem (request.data, 4);
- krb5_ret_int32 (reply_sp, &chal);
- krb5_storage_free (reply_sp);
-
- if (abs(chal - kdc_time) > context->max_skew) {
- make_error_reply (hdr, KACLOCKSKEW, reply);
- goto out;
- }
-
- /* life */
- max_life = end_time - kdc_time;
- /* end_time - kdc_time can sometimes be non-positive due to slight
- time skew between client and server. Let's make sure it is postive */
- if(max_life < 1)
- max_life = 1;
- if (client_entry->entry.max_life)
- max_life = min(max_life, *client_entry->entry.max_life);
- if (server_entry->entry.max_life)
- max_life = min(max_life, *server_entry->entry.max_life);
-
- life = krb_time_to_life(kdc_time, kdc_time + max_life);
-
- create_reply_ticket (context,
- hdr, skey,
- name, instance, config->v4_realm,
- addr, life, server_entry->entry.kvno,
- max_seq_len,
- "krbtgt", config->v4_realm,
- chal + 1, "tgsT",
- &ckey->key, reply);
-
- out:
- if (request.length) {
- memset (request.data, 0, request.length);
- krb5_data_free (&request);
- }
- if (name)
- free (name);
- if (instance)
- free (instance);
- if (client_entry)
- _kdc_free_ent (context, client_entry);
- if (server_entry)
- _kdc_free_ent (context, server_entry);
-}
-
-static krb5_error_code
-unparse_getticket_args (krb5_storage *sp,
- int *kvno,
- char **auth_domain,
- krb5_data *ticket,
- char **name,
- char **instance,
- krb5_data *times,
- int32_t *max_seq_len)
-{
- krb5_data data;
- int32_t tmp;
-
- krb5_ret_int32 (sp, &tmp);
- *kvno = tmp;
-
- krb5_ret_xdr_data (sp, &data);
- *auth_domain = malloc(data.length + 1);
- if (*auth_domain == NULL)
- return ENOMEM;
- memcpy (*auth_domain, data.data, data.length);
- (*auth_domain)[data.length] = '\0';
- krb5_data_free (&data);
-
- krb5_ret_xdr_data (sp, ticket);
-
- krb5_ret_xdr_data (sp, &data);
- *name = malloc(data.length + 1);
- if (*name == NULL) {
- free (*auth_domain);
- return ENOMEM;
- }
- memcpy (*name, data.data, data.length);
- (*name)[data.length] = '\0';
- krb5_data_free (&data);
-
- krb5_ret_xdr_data (sp, &data);
- *instance = malloc(data.length + 1);
- if (*instance == NULL) {
- free (*auth_domain);
- free (*name);
- return ENOMEM;
- }
- memcpy (*instance, data.data, data.length);
- (*instance)[data.length] = '\0';
- krb5_data_free (&data);
-
- krb5_ret_xdr_data (sp, times);
-
- krb5_ret_int32 (sp, max_seq_len);
- /* ignore the rest */
- return 0;
-}
-
-static void
-do_getticket (krb5_context context,
- krb5_kdc_configuration *config,
- struct rx_header *hdr,
- krb5_storage *sp,
- struct sockaddr_in *addr,
- const char *from,
- krb5_data *reply)
-{
- krb5_error_code ret;
- int kvno;
- char *auth_domain = NULL;
- krb5_data aticket;
- char *name = NULL;
- char *instance = NULL;
- krb5_data times;
- int32_t max_seq_len;
- hdb_entry_ex *server_entry = NULL;
- hdb_entry_ex *client_entry = NULL;
- hdb_entry_ex *krbtgt_entry = NULL;
- Key *kkey = NULL;
- Key *skey = NULL;
- DES_cblock key;
- DES_key_schedule schedule;
- DES_cblock session;
- time_t max_life;
- int8_t life;
- time_t start_time, end_time;
- char server_name[256];
- char client_name[256];
- struct _krb5_krb_auth_data ad;
-
- krb5_data_zero (&aticket);
- krb5_data_zero (×);
-
- memset(&ad, 0, sizeof(ad));
-
- unparse_getticket_args (sp, &kvno, &auth_domain, &aticket,
- &name, &instance, ×, &max_seq_len);
- if (times.length < 8) {
- make_error_reply (hdr, KABADREQUEST, reply);
- goto out;
-
- }
-
- snprintf (server_name, sizeof(server_name),
- "%s.%s@%s", name, instance, config->v4_realm);
-
- ret = _kdc_db_fetch4 (context, config, name, instance,
- config->v4_realm, HDB_F_GET_SERVER, &server_entry);
- if (ret) {
- kdc_log(context, config, 0, "Server not found in database: %s: %s",
- server_name, krb5_get_err_text(context, ret));
- make_error_reply (hdr, KANOENT, reply);
- goto out;
- }
-
- ret = _kdc_db_fetch4 (context, config, "krbtgt",
- config->v4_realm, config->v4_realm, HDB_F_GET_KRBTGT, &krbtgt_entry);
- if (ret) {
- kdc_log(context, config, 0,
- "Server not found in database: %s.%s@%s: %s",
- "krbtgt", config->v4_realm, config->v4_realm,
- krb5_get_err_text(context, ret));
- make_error_reply (hdr, KANOENT, reply);
- goto out;
- }
-
- /* find a DES key */
- ret = _kdc_get_des_key(context, krbtgt_entry, TRUE, TRUE, &kkey);
- if(ret){
- kdc_log(context, config, 0, "no suitable DES key for krbtgt");
- make_error_reply (hdr, KANOKEYS, reply);
- goto out;
- }
-
- /* find a DES key */
- ret = _kdc_get_des_key(context, server_entry, TRUE, TRUE, &skey);
- if(ret){
- kdc_log(context, config, 0, "no suitable DES key for server");
- make_error_reply (hdr, KANOKEYS, reply);
- goto out;
- }
-
- /* decrypt the incoming ticket */
- memcpy (&key, kkey->key.keyvalue.data, sizeof(key));
-
- /* unpack the ticket */
- {
- char *sname = NULL;
- char *sinstance = NULL;
-
- ret = _krb5_krb_decomp_ticket(context, &aticket, &kkey->key,
- config->v4_realm, &sname,
- &sinstance, &ad);
- if (ret) {
- kdc_log(context, config, 0,
- "kaserver: decomp failed for %s.%s with %d",
- sname, sinstance, ret);
- make_error_reply (hdr, KABADTICKET, reply);
- goto out;
- }
-
- if (strcmp (sname, "krbtgt") != 0
- || strcmp (sinstance, config->v4_realm) != 0) {
- kdc_log(context, config, 0, "no TGT: %s.%s for %s.%s@%s",
- sname, sinstance,
- ad.pname, ad.pinst, ad.prealm);
- make_error_reply (hdr, KABADTICKET, reply);
- free(sname);
- free(sinstance);
- goto out;
- }
- free(sname);
- free(sinstance);
-
- if (kdc_time > _krb5_krb_life_to_time(ad.time_sec, ad.life)) {
- kdc_log(context, config, 0, "TGT expired: %s.%s@%s",
- ad.pname, ad.pinst, ad.prealm);
- make_error_reply (hdr, KABADTICKET, reply);
- goto out;
- }
- }
-
- snprintf (client_name, sizeof(client_name),
- "%s.%s@%s", ad.pname, ad.pinst, ad.prealm);
-
- kdc_log(context, config, 0, "TGS-REQ (kaserver) %s from %s for %s",
- client_name, from, server_name);
-
- ret = _kdc_db_fetch4 (context, config,
- ad.pname, ad.pinst, ad.prealm, HDB_F_GET_CLIENT,
- &client_entry);
- if(ret && ret != HDB_ERR_NOENTRY) {
- kdc_log(context, config, 0,
- "Client not found in database: (krb4) %s: %s",
- client_name, krb5_get_err_text(context, ret));
- make_error_reply (hdr, KANOENT, reply);
- goto out;
- }
- if (client_entry == NULL && strcmp(ad.prealm, config->v4_realm) == 0) {
- kdc_log(context, config, 0,
- "Local client not found in database: (krb4) "
- "%s", client_name);
- make_error_reply (hdr, KANOENT, reply);
- goto out;
- }
-
- ret = _kdc_check_flags (context, config,
- client_entry, client_name,
- server_entry, server_name,
- FALSE);
- if (ret) {
- make_error_reply (hdr, KAPWEXPIRED, reply);
- goto out;
- }
-
- /* decrypt the times */
- memcpy(&session, ad.session.keyvalue.data, sizeof(session));
- DES_set_key (&session, &schedule);
- DES_ecb_encrypt (times.data,
- times.data,
- &schedule,
- DES_DECRYPT);
- memset (&schedule, 0, sizeof(schedule));
- memset (&session, 0, sizeof(session));
-
- /* and extract them */
- {
- krb5_storage *tsp;
- int32_t tmp;
-
- tsp = krb5_storage_from_mem (times.data, times.length);
- krb5_ret_int32 (tsp, &tmp);
- start_time = tmp;
- krb5_ret_int32 (tsp, &tmp);
- end_time = tmp;
- krb5_storage_free (tsp);
- }
-
- /* life */
- max_life = end_time - kdc_time;
- /* end_time - kdc_time can sometimes be non-positive due to slight
- time skew between client and server. Let's make sure it is postive */
- if(max_life < 1)
- max_life = 1;
- if (krbtgt_entry->entry.max_life)
- max_life = min(max_life, *krbtgt_entry->entry.max_life);
- if (server_entry->entry.max_life)
- max_life = min(max_life, *server_entry->entry.max_life);
- /* if this is a cross realm request, the client_entry will likely
- be NULL */
- if (client_entry && client_entry->entry.max_life)
- max_life = min(max_life, *client_entry->entry.max_life);
-
- life = _krb5_krb_time_to_life(kdc_time, kdc_time + max_life);
-
- create_reply_ticket (context,
- hdr, skey,
- ad.pname, ad.pinst, ad.prealm,
- addr, life, server_entry->entry.kvno,
- max_seq_len,
- name, instance,
- 0, "gtkt",
- &ad.session, reply);
-
- out:
- _krb5_krb_free_auth_data(context, &ad);
- if (aticket.length) {
- memset (aticket.data, 0, aticket.length);
- krb5_data_free (&aticket);
- }
- if (times.length) {
- memset (times.data, 0, times.length);
- krb5_data_free (×);
- }
- if (auth_domain)
- free (auth_domain);
- if (name)
- free (name);
- if (instance)
- free (instance);
- if (krbtgt_entry)
- _kdc_free_ent (context, krbtgt_entry);
- if (server_entry)
- _kdc_free_ent (context, server_entry);
-}
-
-krb5_error_code
-_kdc_do_kaserver(krb5_context context,
- krb5_kdc_configuration *config,
- unsigned char *buf,
- size_t len,
- krb5_data *reply,
- const char *from,
- struct sockaddr_in *addr)
-{
- krb5_error_code ret = 0;
- struct rx_header hdr;
- uint32_t op;
- krb5_storage *sp;
-
- if (len < RX_HEADER_SIZE)
- return -1;
- sp = krb5_storage_from_mem (buf, len);
-
- ret = decode_rx_header (sp, &hdr);
- if (ret)
- goto out;
- buf += RX_HEADER_SIZE;
- len -= RX_HEADER_SIZE;
-
- switch (hdr.type) {
- case HT_DATA :
- break;
- case HT_ACK :
- case HT_BUSY :
- case HT_ABORT :
- case HT_ACKALL :
- case HT_CHAL :
- case HT_RESP :
- case HT_DEBUG :
- default:
- /* drop */
- goto out;
- }
-
-
- if (hdr.serviceid != KA_AUTHENTICATION_SERVICE
- && hdr.serviceid != KA_TICKET_GRANTING_SERVICE) {
- ret = -1;
- goto out;
- }
-
- ret = krb5_ret_uint32(sp, &op);
- if (ret)
- goto out;
- switch (op) {
- case AUTHENTICATE :
- case AUTHENTICATE_V2 :
- do_authenticate (context, config, &hdr, sp, addr, from, reply);
- break;
- case GETTICKET :
- do_getticket (context, config, &hdr, sp, addr, from, reply);
- break;
- case AUTHENTICATE_OLD :
- case CHANGEPASSWORD :
- case GETTICKET_OLD :
- case SETPASSWORD :
- case SETFIELDS :
- case CREATEUSER :
- case DELETEUSER :
- case GETENTRY :
- case LISTENTRY :
- case GETSTATS :
- case DEBUG :
- case GETPASSWORD :
- case GETRANDOMKEY :
- default :
- make_error_reply (&hdr, RXGEN_OPCODE, reply);
- break;
- }
-
-out:
- krb5_storage_free (sp);
- return ret;
-}
Deleted: trunk/crypto/heimdal/kdc/kdc-version.rc
===================================================================
--- trunk/crypto/heimdal/kdc/kdc-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/kdc-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Heimdal Kerberos v5 Server"
-#define RC_FILE_ORIG_0409 "kdc.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kdc/kdc.cat8
===================================================================
--- trunk/crypto/heimdal/kdc/kdc.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/kdc.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,173 +0,0 @@
-
-KDC(8) BSD System Manager's Manual KDC(8)
-
-N�NA�AM�ME�E
- k�kd�dc�c -- Kerberos 5 server
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kd�dc�c [-�-c�c _�f_�i_�l_�e | -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e] [-�-p�p | -�--�-n�no�o-�-r�re�eq�qu�ui�ir�re�e-�-p�pr�re�ea�au�ut�th�h]
- [-�--�-m�ma�ax�x-�-r�re�eq�qu�ue�es�st�t=�=_�s_�i_�z_�e] [-�-H�H | -�--�-e�en�na�ab�bl�le�e-�-h�ht�tt�tp�p] [-�--�-n�no�o-�-5�52�24�4] [-�--�-k�ke�er�rb�be�er�ro�os�s4�4]
- [-�--�-k�ke�er�rb�be�er�ro�os�s4�4-�-c�cr�ro�os�ss�s-�-r�re�ea�al�lm�m] [-�-r�r _�s_�t_�r_�i_�n_�g | -�--�-v�v4�4-�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-P�P
- _�p_�o_�r_�t_�s_�p_�e_�c | -�--�-p�po�or�rt�ts�s=�=_�p_�o_�r_�t_�s_�p_�e_�c] [-�--�-d�de�et�ta�ac�ch�h] [-�--�-d�di�is�sa�ab�bl�le�e-�-d�de�es�s]
- [-�--�-a�ad�dd�dr�re�es�ss�se�es�s=�=_�l_�i_�s_�t _�o_�f _�a_�d_�d_�r_�e_�s_�s_�e_�s]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kd�dc�c serves requests for tickets. When it starts, it first checks the
- flags passed, any options that are not specified with a command line flag
- are taken from a config file, or from a default compiled-in value.
-
- Options supported:
-
- -�-c�c _�f_�i_�l_�e, -�--�-c�co�on�nf�fi�ig�g-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- Specifies the location of the config file, the default is
- _�/_�v_�a_�r_�/_�h_�e_�i_�m_�d_�a_�l_�/_�k_�d_�c_�._�c_�o_�n_�f. This is the only value that can't be
- specified in the config file.
-
- -�-p�p, -�--�-n�no�o-�-r�re�eq�qu�ui�ir�re�e-�-p�pr�re�ea�au�ut�th�h
- Turn off the requirement for pre-autentication in the initial AS-
- REQ for all principals. The use of pre-authentication makes it
- more difficult to do offline password attacks. You might want to
- turn it off if you have clients that don't support pre-authenti-
- cation. Since the version 4 protocol doesn't support any pre-
- authentication, serving version 4 clients is just about the same
- as not requiring pre-athentication. The default is to require
- pre-authentication. Adding the require-preauth per principal is
- a more flexible way of handling this.
-
- -�--�-m�ma�ax�x-�-r�re�eq�qu�ue�es�st�t=�=_�s_�i_�z_�e
- Gives an upper limit on the size of the requests that the kdc is
- willing to handle.
-
- -�-H�H, -�--�-e�en�na�ab�bl�le�e-�-h�ht�tt�tp�p
- Makes the kdc listen on port 80 and handle requests encapsulated
- in HTTP.
-
- -�--�-n�no�o-�-5�52�24�4
- don't respond to 524 requests
-
- -�--�-k�ke�er�rb�be�er�ro�os�s4�4
- respond to Kerberos 4 requests
-
- -�--�-k�ke�er�rb�be�er�ro�os�s4�4-�-c�cr�ro�os�ss�s-�-r�re�ea�al�lm�m
- respond to Kerberos 4 requests from foreign realms. This is a
- known security hole and should not be enabled unless you under-
- stand the consequences and are willing to live with them.
-
- -�-r�r _�s_�t_�r_�i_�n_�g, -�--�-v�v4�4-�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- What realm this server should act as when dealing with version 4
- requests. The database can contain any number of realms, but
- since the version 4 protocol doesn't contain a realm for the
- server, it must be explicitly specified. The default is whatever
- is returned by k�kr�rb�b_�_g�ge�et�t_�_l�lr�re�ea�al�lm�m(). This option is only available
- if the KDC has been compiled with version 4 support.
-
- -�-P�P _�p_�o_�r_�t_�s_�p_�e_�c, -�--�-p�po�or�rt�ts�s=�=_�p_�o_�r_�t_�s_�p_�e_�c
- Specifies the set of ports the KDC should listen on. It is given
- as a white-space separated list of services or port numbers.
-
- -�--�-a�ad�dd�dr�re�es�ss�se�es�s=�=_�l_�i_�s_�t _�o_�f _�a_�d_�d_�r_�e_�s_�s_�e_�s
- The list of addresses to listen for requests on. By default, the
- kdc will listen on all the locally configured addresses. If only
- a subset is desired, or the automatic detection fails, this
- option might be used.
-
- -�--�-d�de�et�ta�ac�ch�h
- detach from pty and run as a daemon.
-
- -�--�-d�di�is�sa�ab�bl�le�e-�-d�de�es�s
- disable add des encryption types, makes the kdc not use them.
-
- All activities are logged to one or more destinations, see krb5.conf(5),
- and krb5_openlog(3). The entity used for logging is k�kd�dc�c.
-
-C�CO�ON�NF�FI�IG�GU�UR�RA�AT�TI�IO�ON�N F�FI�IL�LE�E
- The configuration file has the same syntax as krb5.conf(5), but will be
- read before _�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�c_�o_�n_�f, so it may override settings found there.
- Options specific to the KDC only are found in the ``[kdc]'' section. All
- the command-line options can preferably be added in the configuration
- file. The only difference is the pre-authentication flag, which has to
- be specified as:
-
- require-preauth = no
-
- (in fact you can specify the option as -�--�-r�re�eq�qu�ui�ir�re�e-�-p�pr�re�ea�au�ut�th�h=�=n�no�o).
-
- And there are some configuration options which do not have command-line
- equivalents:
-
- enable-digest = _�b_�o_�o_�l_�e_�a_�n
- turn on support for digest processing in the KDC. The default
- is FALSE.
-
- check-ticket-addresses = _�b_�o_�o_�l_�e_�a_�n
- Check the addresses in the ticket when processing TGS
- requests. The default is TRUE.
-
- allow-null-ticket-addresses = _�b_�o_�o_�l_�e_�a_�n
- Permit tickets with no addresses. This option is only rele-
- vant when check-ticket-addresses is TRUE.
-
- allow-anonymous = _�b_�o_�o_�l_�e_�a_�n
- Permit anonymous tickets with no addresses.
-
- max-kdc-datagram-reply-length = _�n_�u_�m_�b_�e_�r
- Maximum packet size the UDP rely that the KDC will transmit,
- instead the KDC sends back a reply telling the client to use
- TCP instead.
-
- transited-policy = always-check | allow-per-principal |
- always-honour-request
- This controls how KDC requests with the
- disable-transited-check flag are handled. It can be one of:
-
- always-check
- Always check transited encoding, this is the
- default.
-
- allow-per-principal
- Currently this is identical to always-check. In a
- future release, it will be possible to mark a prin-
- cipal as able to handle unchecked requests.
-
- always-honour-request
- Always do what the client asked. In a future
- release, it will be possible to force a check per
- principal.
-
- encode_as_rep_as_tgs_rep = _�b_�o_�o_�l_�e_�a_�n
- Encode AS-Rep as TGS-Rep to be bug-compatible with old DCE
- code. The Heimdal clients allow both.
-
- kdc_warn_pwexpire = _�t_�i_�m_�e
- How long before password/principal expiration the KDC should
- start sending out warning messages.
-
- The configuration file is only read when the k�kd�dc�c is started. If changes
- made to the configuration file are to take effect, the k�kd�dc�c needs to be
- restarted.
-
- An example of a config file:
-
- [kdc]
- require-preauth = no
- v4-realm = FOO.SE
-
-B�BU�UG�GS�S
- If the machine running the KDC has new addresses added to it, the KDC
- will have to be restarted to listen to them. The reason it doesn't just
- listen to wildcarded (like INADDR_ANY) addresses, is that the replies has
- to come from the same address they were sent to, and most OS:es doesn't
- pass this information to the application. If your normal mode of opera-
- tion require that you add and remove addresses, the best option is proba-
- bly to listen to a wildcarded TCP socket, and make sure your clients use
- TCP to connect. For instance, this will listen to IPv4 TCP port 88 only:
-
- kdc --addresses=0.0.0.0 --ports="88/tcp"
-
- There should be a way to specify protocol, port, and address triplets,
- not just addresses and protocol, port tuples.
-
-S�SE�EE�E A�AL�LS�SO�O
- kinit(1), krb5.conf(5)
-
-HEIMDAL August 24, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/kdc/kerberos4.c
===================================================================
--- trunk/crypto/heimdal/kdc/kerberos4.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/kerberos4.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,805 +0,0 @@
-/*
- * Copyright (c) 1997 - 2006 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "kdc_locl.h"
-
-#include <krb5-v4compat.h>
-
-RCSID("$Id: kerberos4.c,v 1.1.1.3 2012-07-21 15:09:06 laffer1 Exp $");
-
-#ifndef swap32
-static uint32_t
-swap32(uint32_t x)
-{
- return ((x << 24) & 0xff000000) |
- ((x << 8) & 0xff0000) |
- ((x >> 8) & 0xff00) |
- ((x >> 24) & 0xff);
-}
-#endif /* swap32 */
-
-int
-_kdc_maybe_version4(unsigned char *buf, int len)
-{
- return len > 0 && *buf == 4;
-}
-
-static void
-make_err_reply(krb5_context context, krb5_data *reply,
- int code, const char *msg)
-{
- _krb5_krb_cr_err_reply(context, "", "", "",
- kdc_time, code, msg, reply);
-}
-
-struct valid_princ_ctx {
- krb5_kdc_configuration *config;
- unsigned flags;
-};
-
-static krb5_boolean
-valid_princ(krb5_context context,
- void *funcctx,
- krb5_principal princ)
-{
- struct valid_princ_ctx *ctx = funcctx;
- krb5_error_code ret;
- char *s;
- hdb_entry_ex *ent;
-
- ret = krb5_unparse_name(context, princ, &s);
- if (ret)
- return FALSE;
- ret = _kdc_db_fetch(context, ctx->config, princ, ctx->flags, NULL, &ent);
- if (ret) {
- kdc_log(context, ctx->config, 7, "Lookup %s failed: %s", s,
- krb5_get_err_text (context, ret));
- free(s);
- return FALSE;
- }
- kdc_log(context, ctx->config, 7, "Lookup %s succeeded", s);
- free(s);
- _kdc_free_ent(context, ent);
- return TRUE;
-}
-
-krb5_error_code
-_kdc_db_fetch4(krb5_context context,
- krb5_kdc_configuration *config,
- const char *name, const char *instance, const char *realm,
- unsigned flags,
- hdb_entry_ex **ent)
-{
- krb5_principal p;
- krb5_error_code ret;
- struct valid_princ_ctx ctx;
-
- ctx.config = config;
- ctx.flags = flags;
-
- ret = krb5_425_conv_principal_ext2(context, name, instance, realm,
- valid_princ, &ctx, 0, &p);
- if(ret)
- return ret;
- ret = _kdc_db_fetch(context, config, p, flags, NULL, ent);
- krb5_free_principal(context, p);
- return ret;
-}
-
-#define RCHECK(X, L) if(X){make_err_reply(context, reply, KFAILURE, "Packet too short"); goto L;}
-
-/*
- * Process the v4 request in `buf, len' (received from `addr'
- * (with string `from').
- * Return an error code and a reply in `reply'.
- */
-
-krb5_error_code
-_kdc_do_version4(krb5_context context,
- krb5_kdc_configuration *config,
- unsigned char *buf,
- size_t len,
- krb5_data *reply,
- const char *from,
- struct sockaddr_in *addr)
-{
- krb5_storage *sp;
- krb5_error_code ret;
- hdb_entry_ex *client = NULL, *server = NULL;
- Key *ckey, *skey;
- int8_t pvno;
- int8_t msg_type;
- int lsb;
- char *name = NULL, *inst = NULL, *realm = NULL;
- char *sname = NULL, *sinst = NULL;
- int32_t req_time;
- time_t max_life;
- uint8_t life;
- char client_name[256];
- char server_name[256];
-
- if(!config->enable_v4) {
- kdc_log(context, config, 0,
- "Rejected version 4 request from %s", from);
- make_err_reply(context, reply, KRB4ET_KDC_GEN_ERR,
- "Function not enabled");
- return 0;
- }
-
- sp = krb5_storage_from_mem(buf, len);
- RCHECK(krb5_ret_int8(sp, &pvno), out);
- if(pvno != 4){
- kdc_log(context, config, 0,
- "Protocol version mismatch (krb4) (%d)", pvno);
- make_err_reply(context, reply, KRB4ET_KDC_PKT_VER, "protocol mismatch");
- goto out;
- }
- RCHECK(krb5_ret_int8(sp, &msg_type), out);
- lsb = msg_type & 1;
- msg_type &= ~1;
- switch(msg_type){
- case AUTH_MSG_KDC_REQUEST: {
- krb5_data ticket, cipher;
- krb5_keyblock session;
-
- krb5_data_zero(&ticket);
- krb5_data_zero(&cipher);
-
- RCHECK(krb5_ret_stringz(sp, &name), out1);
- RCHECK(krb5_ret_stringz(sp, &inst), out1);
- RCHECK(krb5_ret_stringz(sp, &realm), out1);
- RCHECK(krb5_ret_int32(sp, &req_time), out1);
- if(lsb)
- req_time = swap32(req_time);
- RCHECK(krb5_ret_uint8(sp, &life), out1);
- RCHECK(krb5_ret_stringz(sp, &sname), out1);
- RCHECK(krb5_ret_stringz(sp, &sinst), out1);
- snprintf (client_name, sizeof(client_name),
- "%s.%s@%s", name, inst, realm);
- snprintf (server_name, sizeof(server_name),
- "%s.%s@%s", sname, sinst, config->v4_realm);
-
- kdc_log(context, config, 0, "AS-REQ (krb4) %s from %s for %s",
- client_name, from, server_name);
-
- ret = _kdc_db_fetch4(context, config, name, inst, realm,
- HDB_F_GET_CLIENT, &client);
- if(ret) {
- kdc_log(context, config, 0, "Client not found in database: %s: %s",
- client_name, krb5_get_err_text(context, ret));
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN,
- "principal unknown");
- goto out1;
- }
- ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm,
- HDB_F_GET_SERVER, &server);
- if(ret){
- kdc_log(context, config, 0, "Server not found in database: %s: %s",
- server_name, krb5_get_err_text(context, ret));
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN,
- "principal unknown");
- goto out1;
- }
-
- ret = _kdc_check_flags (context, config,
- client, client_name,
- server, server_name,
- TRUE);
- if (ret) {
- /* good error code? */
- make_err_reply(context, reply, KRB4ET_KDC_NAME_EXP,
- "operation not allowed");
- goto out1;
- }
-
- if (config->enable_v4_per_principal &&
- client->entry.flags.allow_kerberos4 == 0)
- {
- kdc_log(context, config, 0,
- "Per principal Kerberos 4 flag not turned on for %s",
- client_name);
- make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY,
- "allow kerberos4 flag required");
- goto out1;
- }
-
- /*
- * There's no way to do pre-authentication in v4 and thus no
- * good error code to return if preauthentication is required.
- */
-
- if (config->require_preauth
- || client->entry.flags.require_preauth
- || server->entry.flags.require_preauth) {
- kdc_log(context, config, 0,
- "Pre-authentication required for v4-request: "
- "%s for %s",
- client_name, server_name);
- make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY,
- "preauth required");
- goto out1;
- }
-
- ret = _kdc_get_des_key(context, client, FALSE, FALSE, &ckey);
- if(ret){
- kdc_log(context, config, 0, "no suitable DES key for client");
- make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY,
- "no suitable DES key for client");
- goto out1;
- }
-
-#if 0
- /* this is not necessary with the new code in libkrb */
- /* find a properly salted key */
- while(ckey->salt == NULL || ckey->salt->salt.length != 0)
- ret = hdb_next_keytype2key(context, &client->entry, KEYTYPE_DES, &ckey);
- if(ret){
- kdc_log(context, config, 0, "No version-4 salted key in database -- %s.%s@%s",
- name, inst, realm);
- make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY,
- "No version-4 salted key in database");
- goto out1;
- }
-#endif
-
- ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey);
- if(ret){
- kdc_log(context, config, 0, "no suitable DES key for server");
- make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY,
- "no suitable DES key for server");
- goto out1;
- }
-
- max_life = _krb5_krb_life_to_time(0, life);
- if(client->entry.max_life)
- max_life = min(max_life, *client->entry.max_life);
- if(server->entry.max_life)
- max_life = min(max_life, *server->entry.max_life);
-
- life = krb_time_to_life(kdc_time, kdc_time + max_life);
-
- ret = krb5_generate_random_keyblock(context,
- ETYPE_DES_PCBC_NONE,
- &session);
- if (ret) {
- make_err_reply(context, reply, KFAILURE,
- "Not enough random i KDC");
- goto out1;
- }
-
- ret = _krb5_krb_create_ticket(context,
- 0,
- name,
- inst,
- config->v4_realm,
- addr->sin_addr.s_addr,
- &session,
- life,
- kdc_time,
- sname,
- sinst,
- &skey->key,
- &ticket);
- if (ret) {
- krb5_free_keyblock_contents(context, &session);
- make_err_reply(context, reply, KFAILURE,
- "failed to create v4 ticket");
- goto out1;
- }
-
- ret = _krb5_krb_create_ciph(context,
- &session,
- sname,
- sinst,
- config->v4_realm,
- life,
- server->entry.kvno % 255,
- &ticket,
- kdc_time,
- &ckey->key,
- &cipher);
- krb5_free_keyblock_contents(context, &session);
- krb5_data_free(&ticket);
- if (ret) {
- make_err_reply(context, reply, KFAILURE,
- "Failed to create v4 cipher");
- goto out1;
- }
-
- ret = _krb5_krb_create_auth_reply(context,
- name,
- inst,
- realm,
- req_time,
- 0,
- client->entry.pw_end ? *client->entry.pw_end : 0,
- client->entry.kvno % 256,
- &cipher,
- reply);
- krb5_data_free(&cipher);
-
- out1:
- break;
- }
- case AUTH_MSG_APPL_REQUEST: {
- struct _krb5_krb_auth_data ad;
- int8_t kvno;
- int8_t ticket_len;
- int8_t req_len;
- krb5_data auth;
- int32_t address;
- size_t pos;
- krb5_principal tgt_princ = NULL;
- hdb_entry_ex *tgt = NULL;
- Key *tkey;
- time_t max_end, actual_end, issue_time;
-
- memset(&ad, 0, sizeof(ad));
- krb5_data_zero(&auth);
-
- RCHECK(krb5_ret_int8(sp, &kvno), out2);
- RCHECK(krb5_ret_stringz(sp, &realm), out2);
-
- ret = krb5_425_conv_principal(context, "krbtgt", realm,
- config->v4_realm,
- &tgt_princ);
- if(ret){
- kdc_log(context, config, 0,
- "Converting krbtgt principal (krb4): %s",
- krb5_get_err_text(context, ret));
- make_err_reply(context, reply, KFAILURE,
- "Failed to convert v4 principal (krbtgt)");
- goto out2;
- }
-
- ret = _kdc_db_fetch(context, config, tgt_princ,
- HDB_F_GET_KRBTGT, NULL, &tgt);
- if(ret){
- char *s;
- s = kdc_log_msg(context, config, 0, "Ticket-granting ticket not "
- "found in database (krb4): krbtgt.%s@%s: %s",
- realm, config->v4_realm,
- krb5_get_err_text(context, ret));
- make_err_reply(context, reply, KFAILURE, s);
- free(s);
- goto out2;
- }
-
- if(tgt->entry.kvno % 256 != kvno){
- kdc_log(context, config, 0,
- "tgs-req (krb4) with old kvno %d (current %d) for "
- "krbtgt.%s@%s", kvno, tgt->entry.kvno % 256,
- realm, config->v4_realm);
- make_err_reply(context, reply, KRB4ET_KDC_AUTH_EXP,
- "old krbtgt kvno used");
- goto out2;
- }
-
- ret = _kdc_get_des_key(context, tgt, TRUE, FALSE, &tkey);
- if(ret){
- kdc_log(context, config, 0,
- "no suitable DES key for krbtgt (krb4)");
- make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY,
- "no suitable DES key for krbtgt");
- goto out2;
- }
-
- RCHECK(krb5_ret_int8(sp, &ticket_len), out2);
- RCHECK(krb5_ret_int8(sp, &req_len), out2);
-
- pos = krb5_storage_seek(sp, ticket_len + req_len, SEEK_CUR);
-
- auth.data = buf;
- auth.length = pos;
-
- if (config->check_ticket_addresses)
- address = addr->sin_addr.s_addr;
- else
- address = 0;
-
- ret = _krb5_krb_rd_req(context, &auth, "krbtgt", realm,
- config->v4_realm,
- address, &tkey->key, &ad);
- if(ret){
- kdc_log(context, config, 0, "krb_rd_req: %d", ret);
- make_err_reply(context, reply, ret, "failed to parse request");
- goto out2;
- }
-
- RCHECK(krb5_ret_int32(sp, &req_time), out2);
- if(lsb)
- req_time = swap32(req_time);
- RCHECK(krb5_ret_uint8(sp, &life), out2);
- RCHECK(krb5_ret_stringz(sp, &sname), out2);
- RCHECK(krb5_ret_stringz(sp, &sinst), out2);
- snprintf (server_name, sizeof(server_name),
- "%s.%s@%s",
- sname, sinst, config->v4_realm);
- snprintf (client_name, sizeof(client_name),
- "%s.%s@%s",
- ad.pname, ad.pinst, ad.prealm);
-
- kdc_log(context, config, 0, "TGS-REQ (krb4) %s from %s for %s",
- client_name, from, server_name);
-
- if(strcmp(ad.prealm, realm)){
- kdc_log(context, config, 0,
- "Can't hop realms (krb4) %s -> %s", realm, ad.prealm);
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN,
- "Can't hop realms");
- goto out2;
- }
-
- if (!config->enable_v4_cross_realm && strcmp(realm, config->v4_realm) != 0) {
- kdc_log(context, config, 0,
- "krb4 Cross-realm %s -> %s disabled",
- realm, config->v4_realm);
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN,
- "Can't hop realms");
- goto out2;
- }
-
- if(strcmp(sname, "changepw") == 0){
- kdc_log(context, config, 0,
- "Bad request for changepw ticket (krb4)");
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN,
- "Can't authorize password change based on TGT");
- goto out2;
- }
-
- ret = _kdc_db_fetch4(context, config, ad.pname, ad.pinst, ad.prealm,
- HDB_F_GET_CLIENT, &client);
- if(ret && ret != HDB_ERR_NOENTRY) {
- char *s;
- s = kdc_log_msg(context, config, 0,
- "Client not found in database: (krb4) %s: %s",
- client_name, krb5_get_err_text(context, ret));
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s);
- free(s);
- goto out2;
- }
- if (client == NULL && strcmp(ad.prealm, config->v4_realm) == 0) {
- char *s;
- s = kdc_log_msg(context, config, 0,
- "Local client not found in database: (krb4) "
- "%s", client_name);
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s);
- free(s);
- goto out2;
- }
-
- ret = _kdc_db_fetch4(context, config, sname, sinst, config->v4_realm,
- HDB_F_GET_SERVER, &server);
- if(ret){
- char *s;
- s = kdc_log_msg(context, config, 0,
- "Server not found in database (krb4): %s: %s",
- server_name, krb5_get_err_text(context, ret));
- make_err_reply(context, reply, KRB4ET_KDC_PR_UNKNOWN, s);
- free(s);
- goto out2;
- }
-
- ret = _kdc_check_flags (context, config,
- client, client_name,
- server, server_name,
- FALSE);
- if (ret) {
- make_err_reply(context, reply, KRB4ET_KDC_NAME_EXP,
- "operation not allowed");
- goto out2;
- }
-
- ret = _kdc_get_des_key(context, server, TRUE, FALSE, &skey);
- if(ret){
- kdc_log(context, config, 0,
- "no suitable DES key for server (krb4)");
- make_err_reply(context, reply, KRB4ET_KDC_NULL_KEY,
- "no suitable DES key for server");
- goto out2;
- }
-
- max_end = _krb5_krb_life_to_time(ad.time_sec, ad.life);
- max_end = min(max_end, _krb5_krb_life_to_time(kdc_time, life));
- if(server->entry.max_life)
- max_end = min(max_end, kdc_time + *server->entry.max_life);
- if(client && client->entry.max_life)
- max_end = min(max_end, kdc_time + *client->entry.max_life);
- life = min(life, krb_time_to_life(kdc_time, max_end));
-
- issue_time = kdc_time;
- actual_end = _krb5_krb_life_to_time(issue_time, life);
- while (actual_end > max_end && life > 1) {
- /* move them into the next earlier lifetime bracket */
- life--;
- actual_end = _krb5_krb_life_to_time(issue_time, life);
- }
- if (actual_end > max_end) {
- /* if life <= 1 and it's still too long, backdate the ticket */
- issue_time -= actual_end - max_end;
- }
-
- {
- krb5_data ticket, cipher;
- krb5_keyblock session;
-
- krb5_data_zero(&ticket);
- krb5_data_zero(&cipher);
-
- ret = krb5_generate_random_keyblock(context,
- ETYPE_DES_PCBC_NONE,
- &session);
- if (ret) {
- make_err_reply(context, reply, KFAILURE,
- "Not enough random i KDC");
- goto out2;
- }
-
- ret = _krb5_krb_create_ticket(context,
- 0,
- ad.pname,
- ad.pinst,
- ad.prealm,
- addr->sin_addr.s_addr,
- &session,
- life,
- issue_time,
- sname,
- sinst,
- &skey->key,
- &ticket);
- if (ret) {
- krb5_free_keyblock_contents(context, &session);
- make_err_reply(context, reply, KFAILURE,
- "failed to create v4 ticket");
- goto out2;
- }
-
- ret = _krb5_krb_create_ciph(context,
- &session,
- sname,
- sinst,
- config->v4_realm,
- life,
- server->entry.kvno % 255,
- &ticket,
- issue_time,
- &ad.session,
- &cipher);
- krb5_free_keyblock_contents(context, &session);
- if (ret) {
- make_err_reply(context, reply, KFAILURE,
- "failed to create v4 cipher");
- goto out2;
- }
-
- ret = _krb5_krb_create_auth_reply(context,
- ad.pname,
- ad.pinst,
- ad.prealm,
- req_time,
- 0,
- 0,
- 0,
- &cipher,
- reply);
- krb5_data_free(&cipher);
- }
- out2:
- _krb5_krb_free_auth_data(context, &ad);
- if(tgt_princ)
- krb5_free_principal(context, tgt_princ);
- if(tgt)
- _kdc_free_ent(context, tgt);
- break;
- }
- case AUTH_MSG_ERR_REPLY:
- break;
- default:
- kdc_log(context, config, 0, "Unknown message type (krb4): %d from %s",
- msg_type, from);
-
- make_err_reply(context, reply, KFAILURE, "Unknown message type");
- }
- out:
- if(name)
- free(name);
- if(inst)
- free(inst);
- if(realm)
- free(realm);
- if(sname)
- free(sname);
- if(sinst)
- free(sinst);
- if(client)
- _kdc_free_ent(context, client);
- if(server)
- _kdc_free_ent(context, server);
- krb5_storage_free(sp);
- return 0;
-}
-
-krb5_error_code
-_kdc_encode_v4_ticket(krb5_context context,
- krb5_kdc_configuration *config,
- void *buf, size_t len, const EncTicketPart *et,
- const PrincipalName *service, size_t *size)
-{
- krb5_storage *sp;
- krb5_error_code ret;
- char name[40], inst[40], realm[40];
- char sname[40], sinst[40];
-
- {
- krb5_principal princ;
- _krb5_principalname2krb5_principal(context,
- &princ,
- *service,
- et->crealm);
- ret = krb5_524_conv_principal(context,
- princ,
- sname,
- sinst,
- realm);
- krb5_free_principal(context, princ);
- if(ret)
- return ret;
-
- _krb5_principalname2krb5_principal(context,
- &princ,
- et->cname,
- et->crealm);
-
- ret = krb5_524_conv_principal(context,
- princ,
- name,
- inst,
- realm);
- krb5_free_principal(context, princ);
- }
- if(ret)
- return ret;
-
- sp = krb5_storage_emem();
-
- krb5_store_int8(sp, 0); /* flags */
- krb5_store_stringz(sp, name);
- krb5_store_stringz(sp, inst);
- krb5_store_stringz(sp, realm);
- {
- unsigned char tmp[4] = { 0, 0, 0, 0 };
- int i;
- if(et->caddr){
- for(i = 0; i < et->caddr->len; i++)
- if(et->caddr->val[i].addr_type == AF_INET &&
- et->caddr->val[i].address.length == 4){
- memcpy(tmp, et->caddr->val[i].address.data, 4);
- break;
- }
- }
- krb5_storage_write(sp, tmp, sizeof(tmp));
- }
-
- if((et->key.keytype != ETYPE_DES_CBC_MD5 &&
- et->key.keytype != ETYPE_DES_CBC_MD4 &&
- et->key.keytype != ETYPE_DES_CBC_CRC) ||
- et->key.keyvalue.length != 8)
- return -1;
- krb5_storage_write(sp, et->key.keyvalue.data, 8);
-
- {
- time_t start = et->starttime ? *et->starttime : et->authtime;
- krb5_store_int8(sp, krb_time_to_life(start, et->endtime));
- krb5_store_int32(sp, start);
- }
-
- krb5_store_stringz(sp, sname);
- krb5_store_stringz(sp, sinst);
-
- {
- krb5_data data;
- krb5_storage_to_data(sp, &data);
- krb5_storage_free(sp);
- *size = (data.length + 7) & ~7; /* pad to 8 bytes */
- if(*size > len)
- return -1;
- memset((unsigned char*)buf - *size + 1, 0, *size);
- memcpy((unsigned char*)buf - *size + 1, data.data, data.length);
- krb5_data_free(&data);
- }
- return 0;
-}
-
-krb5_error_code
-_kdc_get_des_key(krb5_context context,
- hdb_entry_ex *principal, krb5_boolean is_server,
- krb5_boolean prefer_afs_key, Key **ret_key)
-{
- Key *v5_key = NULL, *v4_key = NULL, *afs_key = NULL, *server_key = NULL;
- int i;
- krb5_enctype etypes[] = { ETYPE_DES_CBC_MD5,
- ETYPE_DES_CBC_MD4,
- ETYPE_DES_CBC_CRC };
-
- for(i = 0;
- i < sizeof(etypes)/sizeof(etypes[0])
- && (v5_key == NULL || v4_key == NULL ||
- afs_key == NULL || server_key == NULL);
- ++i) {
- Key *key = NULL;
- while(hdb_next_enctype2key(context, &principal->entry, etypes[i], &key) == 0) {
- if(key->salt == NULL) {
- if(v5_key == NULL)
- v5_key = key;
- } else if(key->salt->type == hdb_pw_salt &&
- key->salt->salt.length == 0) {
- if(v4_key == NULL)
- v4_key = key;
- } else if(key->salt->type == hdb_afs3_salt) {
- if(afs_key == NULL)
- afs_key = key;
- } else if(server_key == NULL)
- server_key = key;
- }
- }
-
- if(prefer_afs_key) {
- if(afs_key)
- *ret_key = afs_key;
- else if(v4_key)
- *ret_key = v4_key;
- else if(v5_key)
- *ret_key = v5_key;
- else if(is_server && server_key)
- *ret_key = server_key;
- else
- return KRB4ET_KDC_NULL_KEY;
- } else {
- if(v4_key)
- *ret_key = v4_key;
- else if(afs_key)
- *ret_key = afs_key;
- else if(v5_key)
- *ret_key = v5_key;
- else if(is_server && server_key)
- *ret_key = server_key;
- else
- return KRB4ET_KDC_NULL_KEY;
- }
-
- if((*ret_key)->key.keyvalue.length == 0)
- return KRB4ET_KDC_NULL_KEY;
- return 0;
-}
-
Deleted: trunk/crypto/heimdal/kdc/kstash-version.rc
===================================================================
--- trunk/crypto/heimdal/kdc/kstash-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/kstash-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "KDC Master Password Stash Tool"
-#define RC_FILE_ORIG_0409 "kstash.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kdc/kstash.cat8
===================================================================
--- trunk/crypto/heimdal/kdc/kstash.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/kstash.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,43 +0,0 @@
-
-KSTASH(8) BSD System Manager's Manual KSTASH(8)
-
-N�NA�AM�ME�E
- k�ks�st�ta�as�sh�h -- store the KDC master password in a file
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�ks�st�ta�as�sh�h [-�-e�e _�s_�t_�r_�i_�n_�g | -�--�-e�en�nc�ct�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g] [-�-k�k _�f_�i_�l_�e | -�--�-k�ke�ey�y-�-f�fi�il�le�e=�=_�f_�i_�l_�e]
- [-�--�-c�co�on�nv�ve�er�rt�t-�-f�fi�il�le�e] [-�--�-r�ra�an�nd�do�om�m-�-k�ke�ey�y] [-�--�-m�ma�as�st�te�er�r-�-k�ke�ey�y-�-f�fd�d=�=_�f_�d]
- [-�--�-r�ra�an�nd�do�om�m-�-k�ke�ey�y] [-�-h�h | -�--�-h�he�el�lp�p] [-�--�-v�ve�er�rs�si�io�on�n]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�ks�st�ta�as�sh�h reads the Kerberos master key and stores it in a file that will be
- used by the KDC.
-
- Supported options:
-
- -�-e�e _�s_�t_�r_�i_�n_�g, -�--�-e�en�nc�ct�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g
- the encryption type to use, defaults to DES3-CBC-SHA1.
-
- -�-k�k _�f_�i_�l_�e, -�--�-k�ke�ey�y-�-f�fi�il�le�e=�=_�f_�i_�l_�e
- the name of the master key file.
-
- -�--�-c�co�on�nv�ve�er�rt�t-�-f�fi�il�le�e
- don't ask for a new master key, just read an old master key file,
- and write it back in the new keyfile format.
-
- -�--�-r�ra�an�nd�do�om�m-�-k�ke�ey�y
- generate a random master key.
-
- -�--�-m�ma�as�st�te�er�r-�-k�ke�ey�y-�-f�fd�d=�=_�f_�d
- filedescriptor to read passphrase from, if not specified the
- passphrase will be read from the terminal.
-
-F�FI�IL�LE�ES�S
- _�/_�v_�a_�r_�/_�h_�e_�i_�m_�d_�a_�l_�/_�m_�-_�k_�e_�y is the default keyfile if no other keyfile is speci-
- fied. The format of a Heimdal master key is the same as a keytab, so
- k�kt�tu�ut�ti�il�l list can be used to list the content of the file.
-
-S�SE�EE�E A�AL�LS�SO�O
- kdc(8)
-
-HEIMDAL April 10, 2007 HEIMDAL
Deleted: trunk/crypto/heimdal/kdc/libkdc-exports.def
===================================================================
--- trunk/crypto/heimdal/kdc/libkdc-exports.def 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/libkdc-exports.def 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,14 +0,0 @@
-EXPORTS
- kdc_log
- kdc_log_msg
- kdc_log_msg_va
- kdc_openlog
- krb5_kdc_windc_init
- krb5_kdc_get_config
- krb5_kdc_pkinit_config
- krb5_kdc_set_dbinfo
- krb5_kdc_process_krb5_request
- krb5_kdc_process_request
- krb5_kdc_save_request
- krb5_kdc_update_time
- krb5_kdc_pk_initialize
Deleted: trunk/crypto/heimdal/kdc/libkdc-version.rc
===================================================================
--- trunk/crypto/heimdal/kdc/libkdc-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/libkdc-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_DLL
-#define RC_FILE_DESC_0409 "Heimdal KDC Library"
-#define RC_FILE_ORIG_0409 "libkdc.dll"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kdc/string2key-version.rc
===================================================================
--- trunk/crypto/heimdal/kdc/string2key-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/string2key-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Password to Key Mapper"
-#define RC_FILE_ORIG_0409 "string2key.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kdc/string2key.cat8
===================================================================
--- trunk/crypto/heimdal/kdc/string2key.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/string2key.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,43 +0,0 @@
-
-STRING2KEY(8) BSD System Manager's Manual STRING2KEY(8)
-
-N�NA�AM�ME�E
- s�st�tr�ri�in�ng�g2�2k�ke�ey�y -- map a password into a key
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- s�st�tr�ri�in�ng�g2�2k�ke�ey�y [-�-5�5 | -�--�-v�ve�er�rs�si�io�on�n5�5] [-�-4�4 | -�--�-v�ve�er�rs�si�io�on�n4�4] [-�-a�a | -�--�-a�af�fs�s] [-�-c�c _�c_�e_�l_�l |
- -�--�-c�ce�el�ll�l=�=_�c_�e_�l_�l] [-�-w�w _�p_�a_�s_�s_�w_�o_�r_�d | -�--�-p�pa�as�ss�sw�wo�or�rd�d=�=_�p_�a_�s_�s_�w_�o_�r_�d] [-�-p�p _�p_�r_�i_�n_�c_�i_�p_�a_�l
- | -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-k�k _�s_�t_�r_�i_�n_�g | -�--�-k�ke�ey�yt�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g]
- _�p_�a_�s_�s_�w_�o_�r_�d
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- s�st�tr�ri�in�ng�g2�2k�ke�ey�y performs the string-to-key function. This is useful when you
- want to handle the raw key instead of the password. Supported options:
-
- -�-5�5, -�--�-v�ve�er�rs�si�io�on�n5�5
- Output Kerberos v5 string-to-key
-
- -�-4�4, -�--�-v�ve�er�rs�si�io�on�n4�4
- Output Kerberos v4 string-to-key
-
- -�-a�a, -�--�-a�af�fs�s
- Output AFS string-to-key
-
- -�-c�c _�c_�e_�l_�l, -�--�-c�ce�el�ll�l=�=_�c_�e_�l_�l
- AFS cell to use
-
- -�-w�w _�p_�a_�s_�s_�w_�o_�r_�d, -�--�-p�pa�as�ss�sw�wo�or�rd�d=�=_�p_�a_�s_�s_�w_�o_�r_�d
- Password to use
-
- -�-p�p _�p_�r_�i_�n_�c_�i_�p_�a_�l, -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l
- Kerberos v5 principal to use
-
- -�-k�k _�s_�t_�r_�i_�n_�g, -�--�-k�ke�ey�yt�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g
- Keytype
-
- -�--�-v�ve�er�rs�si�io�on�n
- print version
-
- -�--�-h�he�el�lp�p
-
-HEIMDAL March 4, 2000 HEIMDAL
Deleted: trunk/crypto/heimdal/kdc/v4_dump.c
===================================================================
--- trunk/crypto/heimdal/kdc/v4_dump.c 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kdc/v4_dump.c 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,143 +0,0 @@
-/*
- * Copyright (c) 2000 - 2001, 2003 Kungliga Tekniska H\xF6gskolan
- * (Royal Institute of Technology, Stockholm, Sweden).
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * 1. Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * 2. Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in the
- * documentation and/or other materials provided with the distribution.
- *
- * 3. Neither the name of the Institute nor the names of its contributors
- * may be used to endorse or promote products derived from this software
- * without specific prior written permission.
- *
- * THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
- * ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
- * SUCH DAMAGE.
- */
-
-#include "hprop.h"
-
-RCSID("$Id: v4_dump.c,v 1.1.1.3 2012-07-21 15:09:06 laffer1 Exp $");
-
-static time_t
-time_parse(const char *cp)
-{
- char wbuf[5];
- struct tm tp;
- int local;
-
- memset(&tp, 0, sizeof(tp)); /* clear out the struct */
-
- /* new format is YYYYMMDDHHMM UTC,
- old format is YYMMDDHHMM local time */
- if (strlen(cp) > 10) { /* new format */
- strlcpy(wbuf, cp, sizeof(wbuf));
- tp.tm_year = atoi(wbuf) - 1900;
- cp += 4;
- local = 0;
- } else {
- wbuf[0] = *cp++;
- wbuf[1] = *cp++;
- wbuf[2] = '\0';
- tp.tm_year = atoi(wbuf);
- if(tp.tm_year < 38)
- tp.tm_year += 100;
- local = 1;
- }
-
- wbuf[0] = *cp++;
- wbuf[1] = *cp++;
- wbuf[2] = 0;
- tp.tm_mon = atoi(wbuf) - 1;
-
- wbuf[0] = *cp++;
- wbuf[1] = *cp++;
- tp.tm_mday = atoi(wbuf);
-
- wbuf[0] = *cp++;
- wbuf[1] = *cp++;
- tp.tm_hour = atoi(wbuf);
-
- wbuf[0] = *cp++;
- wbuf[1] = *cp++;
- tp.tm_min = atoi(wbuf);
-
- return(tm2time(tp, local));
-}
-
-/* convert a version 4 dump file */
-int
-v4_prop_dump(void *arg, const char *file)
-{
- char buf [1024];
- FILE *f;
- int lineno = 0;
-
- f = fopen(file, "r");
- if(f == NULL)
- return errno;
-
- while(fgets(buf, sizeof(buf), f)) {
- int ret;
- unsigned long key[2]; /* yes, long */
- char exp_date[64], mod_date[64];
- struct v4_principal pr;
- int attributes;
-
- memset(&pr, 0, sizeof(pr));
- errno = 0;
- lineno++;
- ret = sscanf(buf, "%63s %63s %d %d %d %d %lx %lx %63s %63s %63s %63s",
- pr.name, pr.instance,
- &pr.max_life, &pr.mkvno, &pr.kvno,
- &attributes,
- &key[0], &key[1],
- exp_date, mod_date,
- pr.mod_name, pr.mod_instance);
- if(ret != 12){
- warnx("Line %d malformed (ignored)", lineno);
- continue;
- }
- if(attributes != 0) {
- warnx("Line %d (%s.%s) has non-zero attributes - skipping",
- lineno, pr.name, pr.instance);
- continue;
- }
- pr.key[0] = (key[0] >> 24) & 0xff;
- pr.key[1] = (key[0] >> 16) & 0xff;
- pr.key[2] = (key[0] >> 8) & 0xff;
- pr.key[3] = (key[0] >> 0) & 0xff;
- pr.key[4] = (key[1] >> 24) & 0xff;
- pr.key[5] = (key[1] >> 16) & 0xff;
- pr.key[6] = (key[1] >> 8) & 0xff;
- pr.key[7] = (key[1] >> 0) & 0xff;
- pr.exp_date = time_parse(exp_date);
- pr.mod_date = time_parse(mod_date);
- if (pr.instance[0] == '*')
- pr.instance[0] = '\0';
- if (pr.mod_name[0] == '*')
- pr.mod_name[0] = '\0';
- if (pr.mod_instance[0] == '*')
- pr.mod_instance[0] = '\0';
- v4_prop(arg, &pr);
- memset(&pr, 0, sizeof(pr));
- }
- fclose(f);
- return 0;
-}
Deleted: trunk/crypto/heimdal/kpasswd/NTMakefile
===================================================================
--- trunk/crypto/heimdal/kpasswd/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kpasswd/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,51 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=kpasswd
-
-!include ../windows/NTMakefile.w32
-
-BINPROGRAMS=\
- $(BINDIR)\kpasswd.exe
-
-KPASSWDLIBS=\
- $(LIBROKEN) \
- $(LIBHEIMDAL) \
- $(LIBVERS)
-
-$(BINDIR)\kpasswd.exe: $(OBJ)\kpasswd.obj $(KPASSWDLIBS)
- $(EXECONLINK)
- $(EXEPREP)
-
-all:: $(BINPROGRAMS)
-
-clean::
- -$(RM) $(BINPROGRAMS)
Deleted: trunk/crypto/heimdal/kpasswd/kpasswd.cat1
===================================================================
--- trunk/crypto/heimdal/kpasswd/kpasswd.cat1 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kpasswd/kpasswd.cat1 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,32 +0,0 @@
-
-KPASSWD(1) BSD General Commands Manual KPASSWD(1)
-
-N�NA�AM�ME�E
- k�kp�pa�as�ss�sw�wd�d -- Kerberos 5 password changing program
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kp�pa�as�ss�sw�wd�d [-�--�-a�ad�dm�mi�in�n-�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-c�c _�c_�a_�c_�h_�e | -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e]
- [_�p_�r_�i_�n_�c_�i_�p_�a_�l _�._�._�.]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kp�pa�as�ss�sw�wd�d is the client for changing passwords.
-
- If administrator principal is given that principal is used to change the
- password.
-
- Multiple passwords for different users can be changed at the same time,
- then the administrator principal will be used. If the administrator
- isn't specified on the command prompt, the principal of the default cre-
- dential cache will be used.
-
- If a credential cache is given, the -�--�-a�ad�dm�mi�in�n-�-p�pr�ri�in�nc�ci�ip�pa�al�l flag is ignored and
- use the default name of the credential cache is used instead.
-
-D�DI�IA�AG�GN�NO�OS�ST�TI�IC�CS�S
- If the password quality check fails or some other error occurs, an expla-
- nation is printed.
-
-S�SE�EE�E A�AL�LS�SO�O
- kpasswdd(8)
-
-HEIMDAL January 5, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/kpasswd/kpasswdd.cat8
===================================================================
--- trunk/crypto/heimdal/kpasswd/kpasswdd.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kpasswd/kpasswdd.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,59 +0,0 @@
-
-KPASSWDD(8) BSD System Manager's Manual KPASSWDD(8)
-
-N�NA�AM�ME�E
- k�kp�pa�as�ss�sw�wd�dd�d -- Kerberos 5 password changing server
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kp�pa�as�ss�sw�wd�dd�d [-�--�-a�ad�dd�dr�re�es�ss�se�es�s=�=_�a_�d_�d_�r_�e_�s_�s] [-�--�-c�ch�he�ec�ck�k-�-l�li�ib�br�ra�ar�ry�y=�=_�l_�i_�b_�r_�a_�r_�y]
- [-�--�-c�ch�he�ec�ck�k-�-f�fu�un�nc�ct�ti�io�on�n=�=_�f_�u_�n_�c_�t_�i_�o_�n] [-�-k�k _�k_�s_�p_�e_�c | -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�s_�p_�e_�c] [-�-r�r
- _�r_�e_�a_�l_�m | -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�-p�p _�s_�t_�r_�i_�n_�g | -�--�-p�po�or�rt�t=�=_�s_�t_�r_�i_�n_�g] [-�--�-v�ve�er�rs�si�io�on�n]
- [-�--�-h�he�el�lp�p]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kp�pa�as�ss�sw�wd�dd�d serves request for password changes. It listens on UDP port 464
- (service kpasswd) and processes requests when they arrive. It changes the
- database directly and should thus only run on the master KDC.
-
- Supported options:
-
- -�--�-a�ad�dd�dr�re�es�ss�se�es�s=�=_�a_�d_�d_�r_�e_�s_�s
- For each till the argument is given, add the address to what
- kpasswdd should listen too.
-
- -�--�-c�ch�he�ec�ck�k-�-l�li�ib�br�ra�ar�ry�y=�=_�l_�i_�b_�r_�a_�r_�y
- If your system has support for dynamic loading of shared
- libraries, you can use an external function to check password
- quality. This option specifies which library to load.
-
- -�--�-c�ch�he�ec�ck�k-�-f�fu�un�nc�ct�ti�io�on�n=�=_�f_�u_�n_�c_�t_�i_�o_�n
- This is the function to call in the loaded library. The function
- should look like this:
-
- _�c_�o_�n_�s_�t _�c_�h_�a_�r _�* p�pa�as�ss�sw�wd�d_�_c�ch�he�ec�ck�k(_�k_�r_�b_�5_�__�c_�o_�n_�t_�e_�x_�t _�c_�o_�n_�t_�e_�x_�t, _�k_�r_�b_�5_�__�p_�r_�i_�n_�c_�i_�p_�a_�l
- _�p_�r_�i_�n_�c_�i_�p_�a_�l, _�k_�r_�b_�5_�__�d_�a_�t_�a _�*_�p_�a_�s_�s_�w_�o_�r_�d)
-
- _�c_�o_�n_�t_�e_�x_�t is an initialized context; _�p_�r_�i_�n_�c_�i_�p_�a_�l is the one who tries
- to change passwords, and _�p_�a_�s_�s_�w_�o_�r_�d is the new password. Note that
- the password (in _�p_�a_�s_�s_�w_�o_�r_�d_�-_�>_�d_�a_�t_�a) is not zero terminated.
-
- -�-k�k _�k_�s_�p_�e_�c, -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�s_�p_�e_�c
- Keytab to get authentication key from.
-
- -�-r�r _�r_�e_�a_�l_�m, -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
- Default realm.
-
- -�-p�p _�s_�t_�r_�i_�n_�g, -�--�-p�po�or�rt�t=�=_�s_�t_�r_�i_�n_�g
- Port to listen on (default service kpasswd - 464).
-
-D�DI�IA�AG�GN�NO�OS�ST�TI�IC�CS�S
- If an error occurs, the error message is returned to the user and/or
- logged to syslog.
-
-B�BU�UG�GS�S
- The default password quality checks are too basic.
-
-S�SE�EE�E A�AL�LS�SO�O
- kpasswd(1), kdc(8)
-
-HEIMDAL April 19, 1999 HEIMDAL
Deleted: trunk/crypto/heimdal/kuser/NTMakefile
===================================================================
--- trunk/crypto/heimdal/kuser/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,132 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=kuser
-
-intcflags=-I$(OBJ)
-
-!include ../windows/NTMakefile.w32
-
-BINPROGRAMS=\
- $(BINDIR)\kinit.exe \
- $(BINDIR)\kcc.exe \
- $(BINDIR)\kdestroy.exe \
- $(BINDIR)\kgetcred.exe \
- $(BINDIR)\kvno.exe \
- $(BINDIR)\kcpytkt.exe \
- $(BINDIR)\kdeltkt.exe
-
-LIBEXECPROGRAMS=\
- $(LIBEXECDIR)\kdigest.exe \
- $(LIBEXECDIR)\kimpersonate.exe
-
-NOINSTPROGRAMS=\
- $(OBJ)\kverify.exe \
- $(OBJ)\kdecode_ticket.exe \
- $(OBJ)\generate-requests.exe
-
-
-BINLIBS=\
- $(LIBHEIMDAL) \
- $(LIBHEIMNTLM) \
- $(LIBROKEN) \
- $(LIBVERS)
-
-all:: $(BINPROGRAMS) $(LIBEXECPROGRAMS)
-
-clean::
- -$(RM) $(BINPROGRAMS:.exe=.*) $(LIBEXECPROGRAMS:.exe=.*)
-
-
-$(BINDIR)\kinit.exe: $(OBJ)\kinit.obj $(BINLIBS) $(OBJ)\kinit-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-KCC_OBJS = \
- $(OBJ)\kcc-commands.obj \
- $(OBJ)\kcc.obj \
- $(OBJ)\kswitch.obj \
- $(OBJ)\klist.obj \
- $(OBJ)\copy_cred_cache.obj
-
-KCCLIBS=\
- $(BINLIBS) \
- $(LIBSL)
-
-$(BINDIR)\kcc.exe: $(KCC_OBJS) $(KCCLIBS) $(OBJ)\kcc-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-
-$(BINDIR)\kdestroy.exe: $(OBJ)\kdestroy.obj $(BINLIBS) $(OBJ)\kdestroy-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-
-$(BINDIR)\kgetcred.exe: $(OBJ)\kgetcred.obj $(BINLIBS) $(OBJ)\kgetcred-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-
-$(LIBEXECDIR)\kdigest.exe: $(OBJ)\kdigest-commands.obj $(OBJ)\kdigest.obj $(BINLIBS) $(LIBSL) $(OBJ)\kdigest-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(OBJ)\kdigest.obj: kdigest.c
- $(C2OBJ) -I$(OBJ)
-
-$(OBJ)\kdigest-commands.c $(OBJ)\kdigest-commands.h: kdigest-commands.in
- cd $(OBJ)
- $(CP) $(SRCDIR)\kdigest-commands.in $(OBJ)
- $(BINDIR)\slc.exe kdigest-commands.in
- cd $(SRCDIR)
-
-$(OBJ)\kcc-commands.c $(OBJ)\kcc-commands.h: kcc-commands.in
- cd $(OBJ)
- $(CP) $(SRCDIR)\kcc-commands.in $(OBJ)
- $(BINDIR)\slc.exe kcc-commands.in
- cd $(SRCDIR)
-
-$(LIBEXECDIR)\kimpersonate.exe: $(OBJ)\kimpersonate.obj $(BINLIBS) $(OBJ)\kimpersonate-version.res
- $(EXECONLINK)
- $(EXEPREP)
-
-$(BINDIR)\kvno.exe: $(OBJ)\kvno.obj $(BINLIBS)
- $(EXECONLINK)
- $(EXEPREP)
-
-$(BINDIR)\kcpytkt.exe: $(OBJ)\kcpytkt.obj $(BINLIBS)
- $(EXECONLINK)
- $(EXEPREP)
-
-$(BINDIR)\kdeltkt.exe: $(OBJ)\kdeltkt.obj $(BINLIBS)
- $(EXECONLINK)
- $(EXEPREP)
\ No newline at end of file
Deleted: trunk/crypto/heimdal/kuser/kcc-version.rc
===================================================================
--- trunk/crypto/heimdal/kuser/kcc-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kcc-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Ticket tool"
-#define RC_FILE_ORIG_0409 "kcc.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kuser/kdestroy-version.rc
===================================================================
--- trunk/crypto/heimdal/kuser/kdestroy-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kdestroy-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Destroy Kerberos Tickets"
-#define RC_FILE_ORIG_0409 "kdestroy.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kuser/kdestroy.cat1
===================================================================
--- trunk/crypto/heimdal/kuser/kdestroy.cat1 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kdestroy.cat1 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,37 +0,0 @@
-
-KDESTROY(1) BSD General Commands Manual KDESTROY(1)
-
-N�NA�AM�ME�E
- k�kd�de�es�st�tr�ro�oy�y -- remove one credential or destroy the current ticket file
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kd�de�es�st�tr�ro�oy�y [-�-c�c _�c_�a_�c_�h_�e_�f_�i_�l_�e] [-�--�-c�cr�re�ed�de�en�nt�ti�ia�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e_�f_�i_�l_�e]
- [-�-A�A | -�--�-a�al�ll�l] [-�--�-n�no�o-�-u�un�nl�lo�og�g] [-�--�-n�no�o-�-d�de�el�le�et�te�e-�-v�v4�4] [-�--�-v�ve�er�rs�si�io�on�n] [-�--�-h�he�el�lp�p]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kd�de�es�st�tr�ro�oy�y removes one credential or the current set of tickets.
-
- Supported options:
-
- -�-c�cr�re�ed�de�en�nt�ti�ia�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l
- remove _�p_�r_�i_�n_�c_�i_�p_�a_�l from the credential cache if it exists.
-
- -�-c�c _�c_�a_�c_�h_�e_�f_�i_�l_�e
-
- -�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e_�f_�i_�l_�e
- The cache file to remove.
-
- -�-A�A
-
- -�--�-a�al�ll�l remove all credential caches.
-
- -�--�-n�no�o-�-u�un�nl�lo�og�g
- Do not remove AFS tokens.
-
- -�--�-n�no�o-�-d�de�el�le�et�te�e-�-v�v4�4
- Do not remove v4 tickets.
-
-S�SE�EE�E A�AL�LS�SO�O
- kinit(1), klist(1)
-
-HEIMDAL April 27, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/kuser/kdigest-version.rc
===================================================================
--- trunk/crypto/heimdal/kuser/kdigest-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kdigest-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "KDC Digest Interface Tool"
-#define RC_FILE_ORIG_0409 "kdigest.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kuser/kdigest.cat8
===================================================================
--- trunk/crypto/heimdal/kuser/kdigest.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kdigest.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,133 +0,0 @@
-
-KDIGEST(8) BSD System Manager's Manual KDIGEST(8)
-
-N�NA�AM�ME�E
- k�kd�di�ig�ge�es�st�t -- userland tool to access digest interface in the KDC
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kd�di�ig�ge�es�st�t [-�--�-c�cc�ca�ac�ch�he�e=�=_�s_�t_�r_�i_�n_�g] [-�--�-v�ve�er�rs�si�io�on�n] [-�--�-h�he�el�lp�p] command [arguments]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Supported options:
-
- -�--�-c�cc�ca�ac�ch�he�e=�=_�s_�t_�r_�i_�n_�g
- credential cache
-
- -�--�-v�ve�er�rs�si�io�on�n
- print version
-
- -�--�-h�he�el�lp�p
-
- Available commands are:
-
- digest-probe [-�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g] [-�-h�h | -�--�-h�he�el�lp�p]
-
- -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- Kerberos realm to communicate with
-
- digest-server-init [-�--�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g] [-�--�-k�ke�er�rb�be�er�ro�os�s-�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m]
- [-�--�-d�di�ig�ge�es�st�t=�=_�d_�i_�g_�e_�s_�t_�-_�t_�y_�p_�e] [-�--�-c�cb�b-�-t�ty�yp�pe�e=�=_�t_�y_�p_�e] [-�--�-c�cb�b-�-v�va�al�lu�ue�e=�=_�v_�a_�l_�u_�e]
- [-�--�-h�ho�os�st�tn�na�am�me�e=�=_�h_�o_�s_�t_�n_�a_�m_�e] [-�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g]
-
- -�--�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g
- digest type
-
- -�--�-k�ke�er�rb�be�er�ro�os�s-�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
-
- -�--�-d�di�ig�ge�es�st�t=�=_�d_�i_�g_�e_�s_�t_�-_�t_�y_�p_�e
- digest type to use in the algorithm
-
- -�--�-c�cb�b-�-t�ty�yp�pe�e=�=_�t_�y_�p_�e
- type of channel bindings
-
- -�--�-c�cb�b-�-v�va�al�lu�ue�e=�=_�v_�a_�l_�u_�e
- value of channel bindings
-
- -�--�-h�ho�os�st�tn�na�am�me�e=�=_�h_�o_�s_�t_�n_�a_�m_�e
- hostname of the server
-
- -�--�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- Kerberos realm to communicate with
-
- digest-server-request [-�--�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g] [-�--�-k�ke�er�rb�be�er�ro�os�s-�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m]
- [-�--�-u�us�se�er�rn�na�am�me�e=�=_�n_�a_�m_�e] [-�--�-s�se�er�rv�ve�er�r-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e]
- [-�--�-s�se�er�rv�ve�er�r-�-i�id�de�en�nt�ti�if�fi�ie�er�r=�=_�n_�o_�n_�c_�e] [-�--�-c�cl�li�ie�en�nt�t-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e]
- [-�--�-c�cl�li�ie�en�nt�t-�-r�re�es�sp�po�on�ns�se�e=�=_�r_�e_�s_�p_�o_�n_�s_�e] [-�--�-o�op�pa�aq�qu�ue�e=�=_�s_�t_�r_�i_�n_�g]
- [-�--�-a�au�ut�th�he�en�nt�ti�ic�ca�at�ti�io�on�n-�-n�na�am�me�e=�=_�n_�a_�m_�e] [-�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�--�-m�me�et�th�ho�od�d=�=_�m_�e_�t_�h_�o_�d]
- [-�--�-u�ur�ri�i=�=_�u_�r_�i] [-�--�-n�no�ou�un�nc�ce�e-�-c�co�ou�un�nt�t=�=_�c_�o_�u_�n_�t] [-�--�-q�qo�op�p=�=_�q_�o_�p] [-�--�-c�cc�ca�ac�ch�he�e=�=_�c_�c_�a_�c_�h_�e]
-
- -�--�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g
- digest type
-
- -�--�-k�ke�er�rb�be�er�ro�os�s-�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
-
- -�--�-u�us�se�er�rn�na�am�me�e=�=_�n_�a_�m_�e
- digest type
-
- -�--�-s�se�er�rv�ve�er�r-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e
-
- -�--�-s�se�er�rv�ve�er�r-�-i�id�de�en�nt�ti�if�fi�ie�er�r=�=_�n_�o_�n_�c_�e
-
- -�--�-c�cl�li�ie�en�nt�t-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e
-
- -�--�-c�cl�li�ie�en�nt�t-�-r�re�es�sp�po�on�ns�se�e=�=_�r_�e_�s_�p_�o_�n_�s_�e
-
- -�--�-o�op�pa�aq�qu�ue�e=�=_�s_�t_�r_�i_�n_�g
-
- -�--�-a�au�ut�th�he�en�nt�ti�ic�ca�at�ti�io�on�n-�-n�na�am�me�e=�=_�n_�a_�m_�e
-
- -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
-
- -�--�-m�me�et�th�ho�od�d=�=_�m_�e_�t_�h_�o_�d
-
- -�--�-u�ur�ri�i=�=_�u_�r_�i
-
- -�--�-n�no�ou�un�nc�ce�e-�-c�co�ou�un�nt�t=�=_�c_�o_�u_�n_�t
-
- -�--�-q�qo�op�p=�=_�q_�o_�p
-
- -�--�-c�cc�ca�ac�ch�he�e=�=_�c_�c_�a_�c_�h_�e
- Where the the credential cache is created when the KDC
- returns tickets
-
- digest-client-request [-�--�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g] [-�--�-u�us�se�er�rn�na�am�me�e=�=_�n_�a_�m_�e]
- [-�--�-p�pa�as�ss�sw�wo�or�rd�d=�=_�p_�a_�s_�s_�w_�o_�r_�d] [-�--�-s�se�er�rv�ve�er�r-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e]
- [-�--�-s�se�er�rv�ve�er�r-�-i�id�de�en�nt�ti�if�fi�ie�er�r=�=_�n_�o_�n_�c_�e] [-�--�-c�cl�li�ie�en�nt�t-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e]
- [-�--�-o�op�pa�aq�qu�ue�e=�=_�s_�t_�r_�i_�n_�g] [-�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m] [-�--�-m�me�et�th�ho�od�d=�=_�m_�e_�t_�h_�o_�d] [-�--�-u�ur�ri�i=�=_�u_�r_�i]
- [-�--�-n�no�ou�un�nc�ce�e-�-c�co�ou�un�nt�t=�=_�c_�o_�u_�n_�t] [-�--�-q�qo�op�p=�=_�q_�o_�p]
-
- -�--�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g
- digest type
-
- -�--�-u�us�se�er�rn�na�am�me�e=�=_�n_�a_�m_�e
- digest type
-
- -�--�-p�pa�as�ss�sw�wo�or�rd�d=�=_�p_�a_�s_�s_�w_�o_�r_�d
-
- -�--�-s�se�er�rv�ve�er�r-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e
-
- -�--�-s�se�er�rv�ve�er�r-�-i�id�de�en�nt�ti�if�fi�ie�er�r=�=_�n_�o_�n_�c_�e
-
- -�--�-c�cl�li�ie�en�nt�t-�-n�no�on�nc�ce�e=�=_�n_�o_�n_�c_�e
-
- -�--�-o�op�pa�aq�qu�ue�e=�=_�s_�t_�r_�i_�n_�g
-
- -�--�-r�re�ea�al�lm�m=�=_�r_�e_�a_�l_�m
-
- -�--�-m�me�et�th�ho�od�d=�=_�m_�e_�t_�h_�o_�d
-
- -�--�-u�ur�ri�i=�=_�u_�r_�i
-
- -�--�-n�no�ou�un�nc�ce�e-�-c�co�ou�un�nt�t=�=_�c_�o_�u_�n_�t
-
- -�--�-q�qo�op�p=�=_�q_�o_�p
-
- ntlm-server-init [-�--�-v�ve�er�rs�si�io�on�n=�=_�i_�n_�t_�e_�g_�e_�r] [-�--�-k�ke�er�rb�be�er�ro�os�s-�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g]
-
- -�--�-v�ve�er�rs�si�io�on�n=�=_�i_�n_�t_�e_�g_�e_�r
- ntlm version
-
- -�--�-k�ke�er�rb�be�er�ro�os�s-�-r�re�ea�al�lm�m=�=_�s_�t_�r_�i_�n_�g
- Kerberos realm to communicate with
-
-HEIMDAL September 25, 2008 HEIMDAL
Deleted: trunk/crypto/heimdal/kuser/kgetcred-version.rc
===================================================================
--- trunk/crypto/heimdal/kuser/kgetcred-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kgetcred-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Get Kerberos Ticket For Service"
-#define RC_FILE_ORIG_0409 "kgetcred.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kuser/kgetcred.cat1
===================================================================
--- trunk/crypto/heimdal/kuser/kgetcred.cat1 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kgetcred.cat1 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,38 +0,0 @@
-
-KGETCRED(1) BSD General Commands Manual KGETCRED(1)
-
-N�NA�AM�ME�E
- k�kg�ge�et�tc�cr�re�ed�d -- get a ticket for a particular service
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kg�ge�et�tc�cr�re�ed�d [-�--�-c�ca�an�no�on�ni�ic�ca�al�li�iz�ze�e] [-�-c�c -�-c�ca�ac�ch�he�e | -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e] [-�-e�e _�e_�n_�c_�t_�y_�p_�e |
- -�--�-e�en�nc�ct�ty�yp�pe�e=�=_�e_�n_�c_�t_�y_�p_�e] [-�--�-n�no�o-�-t�tr�ra�an�ns�si�it�t-�-c�ch�he�ec�ck�k] [-�--�-v�ve�er�rs�si�io�on�n] [-�--�-h�he�el�lp�p]
- _�s_�e_�r_�v_�i_�c_�e
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kg�ge�et�tc�cr�re�ed�d obtains a ticket for a service. Usually tickets for services
- are obtained automatically when needed but sometimes for some odd reason
- you want to obtain a particular ticket or of a special type.
-
- Supported options:
-
- -�--�-c�ca�an�no�on�ni�ic�ca�al�li�iz�ze�e
- requests that the KDC canonicalize the principal.
-
- -�-c�c _�c_�a_�c_�h_�e, -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e
- the credential cache to use.
-
- -�-e�e _�e_�n_�c_�t_�y_�p_�e, -�--�-e�en�nc�ct�ty�yp�pe�e=�=_�e_�n_�c_�t_�y_�p_�e
- encryption type to use.
-
- -�--�-n�no�o-�-t�tr�ra�an�ns�si�it�t-�-c�ch�he�ec�ck�k
- requests that the KDC doesn't do transit checking.
-
- -�--�-v�ve�er�rs�si�io�on�n
-
- -�--�-h�he�el�lp�p
-
-S�SE�EE�E A�AL�LS�SO�O
- kinit(1), klist(1)
-
-HEIMDAL March 12, 2004 HEIMDAL
Deleted: trunk/crypto/heimdal/kuser/kimpersonate-version.rc
===================================================================
--- trunk/crypto/heimdal/kuser/kimpersonate-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kimpersonate-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Impersonate a Kerberos Principal"
-#define RC_FILE_ORIG_0409 "kimpersonate.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kuser/kimpersonate.cat8
===================================================================
--- trunk/crypto/heimdal/kuser/kimpersonate.cat8 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kimpersonate.cat8 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,71 +0,0 @@
-
-KIMPERSONATE(8) BSD System Manager's Manual KIMPERSONATE(8)
-
-N�NA�AM�ME�E
- k�ki�im�mp�pe�er�rs�so�on�na�at�te�e -- impersonate a user when there exist a srvtab, keyfile or
- KeyFile
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�ki�im�mp�pe�er�rs�so�on�na�at�te�e [-�-s�s _�s_�t_�r_�i_�n_�g | -�--�-s�se�er�rv�ve�er�r=�=_�s_�t_�r_�i_�n_�g] [-�-c�c _�s_�t_�r_�i_�n_�g | -�--�-c�cl�li�ie�en�nt�t=�=_�s_�t_�r_�i_�n_�g]
- [-�-k�k _�s_�t_�r_�i_�n_�g | -�--�-k�ke�ey�yt�ta�ab�b=�=_�s_�t_�r_�i_�n_�g] [-�-5�5 | -�--�-k�kr�rb�b5�5]
- [-�-e�e _�i_�n_�t_�e_�g_�e_�r | -�--�-e�ex�xp�pi�ir�re�e-�-t�ti�im�me�e=�=_�i_�n_�t_�e_�g_�e_�r]
- [-�-a�a _�s_�t_�r_�i_�n_�g | -�--�-c�cl�li�ie�en�nt�t-�-a�ad�dd�dr�re�es�ss�s=�=_�s_�t_�r_�i_�n_�g]
- [-�-t�t _�s_�t_�r_�i_�n_�g | -�--�-e�en�nc�c-�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g]
- [-�-f�f _�s_�t_�r_�i_�n_�g | -�--�-t�ti�ic�ck�ke�et�t-�-f�fl�la�ag�gs�s=�=_�s_�t_�r_�i_�n_�g] [-�--�-v�ve�er�rb�bo�os�se�e] [-�--�-v�ve�er�rs�si�io�on�n]
- [-�--�-h�he�el�lp�p]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- The k�ki�im�mp�pe�er�rs�so�on�na�at�te�e program creates a "fake" ticket using the service-key of
- the service. The service key can be read from a Kerberos 5 keytab, AFS
- KeyFile or (if compiled with support for Kerberos 4) a Kerberos 4 srvtab.
- Supported options:
-
- -�-s�s _�s_�t_�r_�i_�n_�g, -�--�-s�se�er�rv�ve�er�r=�=_�s_�t_�r_�i_�n_�g
- name of server principal
-
- -�-c�c _�s_�t_�r_�i_�n_�g, -�--�-c�cl�li�ie�en�nt�t=�=_�s_�t_�r_�i_�n_�g
- name of client principal
-
- -�-k�k _�s_�t_�r_�i_�n_�g, -�--�-k�ke�ey�yt�ta�ab�b=�=_�s_�t_�r_�i_�n_�g
- name of keytab file
-
- -�-5�5, -�--�-k�kr�rb�b5�5
- create a Kerberos 5 ticket
-
- -�-e�e _�i_�n_�t_�e_�g_�e_�r, -�--�-e�ex�xp�pi�ir�re�e-�-t�ti�im�me�e=�=_�i_�n_�t_�e_�g_�e_�r
- lifetime of ticket in seconds
-
- -�-a�a _�s_�t_�r_�i_�n_�g, -�--�-c�cl�li�ie�en�nt�t-�-a�ad�dd�dr�re�es�ss�s=�=_�s_�t_�r_�i_�n_�g
- address of client
-
- -�-t�t _�s_�t_�r_�i_�n_�g, -�--�-e�en�nc�c-�-t�ty�yp�pe�e=�=_�s_�t_�r_�i_�n_�g
- encryption type
-
- -�-f�f _�s_�t_�r_�i_�n_�g, -�--�-t�ti�ic�ck�ke�et�t-�-f�fl�la�ag�gs�s=�=_�s_�t_�r_�i_�n_�g
- ticket flags for krb5 ticket
-
- -�--�-v�ve�er�rb�bo�os�se�e
- Verbose output
-
- -�--�-v�ve�er�rs�si�io�on�n
- Print version
-
- -�--�-h�he�el�lp�p
-
-F�FI�IL�LE�ES�S
- Uses _�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�k_�e_�y_�t_�a_�b_�, _�/_�e_�t_�c_�/_�s_�r_�v_�t_�a_�b and _�/_�u_�s_�r_�/_�a_�f_�s_�/_�e_�t_�c_�/_�K_�e_�y_�F_�i_�l_�e when avail-
- able and the -�-k�k option is used with an appropriate prefix.
-
-E�EX�XA�AM�MP�PL�LE�ES�S
- k�ki�im�mp�pe�er�rs�so�on�na�at�te�e can be used in s�sa�am�mb�ba�a root preexec option or for debugging.
- k�ki�im�mp�pe�er�rs�so�on�na�at�te�e -s host/hummel.e.kth.se at E.KTH.SE -c lha at E.KTH.SE -5 will
- create a Kerberos 5 ticket for lha at E.KTH.SE for the host hummel.e.kth.se
- if there exists a keytab entry for it in _�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�k_�e_�y_�t_�a_�b.
-
-S�SE�EE�E A�AL�LS�SO�O
- kinit(1), klist(1)
-
-A�AU�UT�TH�HO�OR�RS�S
- Love Hornquist Astrand <lha at kth.se>
-
-Heimdal September 18, 2006 Heimdal
Deleted: trunk/crypto/heimdal/kuser/kinit-version.rc
===================================================================
--- trunk/crypto/heimdal/kuser/kinit-version.rc 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kinit-version.rc 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,36 +0,0 @@
-/***********************************************************************
- * Copyright (c) 2010, Secure Endpoints Inc.
- * All rights reserved.
- *
- * Redistribution and use in source and binary forms, with or without
- * modification, are permitted provided that the following conditions
- * are met:
- *
- * - Redistributions of source code must retain the above copyright
- * notice, this list of conditions and the following disclaimer.
- *
- * - Redistributions in binary form must reproduce the above copyright
- * notice, this list of conditions and the following disclaimer in
- * the documentation and/or other materials provided with the
- * distribution.
- *
- * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
- * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
- * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
- * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
- * COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
- * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
- * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
- * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
- * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
- * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
- * OF THE POSSIBILITY OF SUCH DAMAGE.
- *
- **********************************************************************/
-
-#define RC_FILE_TYPE VFT_APP
-#define RC_FILE_DESC_0409 "Acquire Initial Kerberos Tickets"
-#define RC_FILE_ORIG_0409 "kinit.exe"
-
-#include "../windows/version.rc"
Deleted: trunk/crypto/heimdal/kuser/kinit.cat1
===================================================================
--- trunk/crypto/heimdal/kuser/kinit.cat1 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kinit.cat1 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,130 +0,0 @@
-
-KINIT(1) BSD General Commands Manual KINIT(1)
-
-N�NA�AM�ME�E
- k�ki�in�ni�it�t -- acquire initial tickets
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�ki�in�ni�it�t [-�--�-a�af�fs�sl�lo�og�g] [-�-c�c _�c_�a_�c_�h_�e_�n_�a_�m_�e | -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e_�n_�a_�m_�e]
- [-�-f�f | -�--�-n�no�o-�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e] [-�-t�t _�k_�e_�y_�t_�a_�b_�n_�a_�m_�e | -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b_�n_�a_�m_�e] [-�-l�l
- _�t_�i_�m_�e | -�--�-l�li�if�fe�et�ti�im�me�e=�=_�t_�i_�m_�e] [-�-p�p | -�--�-p�pr�ro�ox�xi�ia�ab�bl�le�e] [-�-R�R | -�--�-r�re�en�ne�ew�w]
- [-�--�-r�re�en�ne�ew�wa�ab�bl�le�e] [-�-r�r _�t_�i_�m_�e | -�--�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e=�=_�t_�i_�m_�e] [-�-S�S _�p_�r_�i_�n_�c_�i_�p_�a_�l |
- -�--�-s�se�er�rv�ve�er�r=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-s�s _�t_�i_�m_�e | -�--�-s�st�ta�ar�rt�t-�-t�ti�im�me�e=�=_�t_�i_�m_�e]
- [-�-k�k | -�--�-u�us�se�e-�-k�ke�ey�yt�ta�ab�b] [-�-v�v | -�--�-v�va�al�li�id�da�at�te�e] [-�-e�e _�e_�n_�c_�t_�y_�p_�e_�s |
- -�--�-e�en�nc�ct�ty�yp�pe�es�s=�=_�e_�n_�c_�t_�y_�p_�e_�s] [-�-a�a _�a_�d_�d_�r_�e_�s_�s_�e_�s | -�--�-e�ex�xt�tr�ra�a-�-a�ad�dd�dr�re�es�ss�se�es�s=�=_�a_�d_�d_�r_�e_�s_�s_�e_�s]
- [-�--�-p�pa�as�ss�sw�wo�or�rd�d-�-f�fi�il�le�e=�=_�f_�i_�l_�e_�n_�a_�m_�e] [-�--�-f�fc�ca�ac�ch�he�e-�-v�ve�er�rs�si�io�on�n=�=_�v_�e_�r_�s_�i_�o_�n_�-_�n_�u_�m_�b_�e_�r]
- [-�-A�A | -�--�-n�no�o-�-a�ad�dd�dr�re�es�ss�se�es�s] [-�--�-a�an�no�on�ny�ym�mo�ou�us�s] [-�--�-e�en�nt�te�er�rp�pr�ri�is�se�e] [-�--�-v�ve�er�rs�si�io�on�n]
- [-�--�-h�he�el�lp�p] [_�p_�r_�i_�n_�c_�i_�p_�a_�l [_�c_�o_�m_�m_�a_�n_�d]]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�ki�in�ni�it�t is used to authenticate to the Kerberos server as _�p_�r_�i_�n_�c_�i_�p_�a_�l, or if
- none is given, a system generated default (typically your login name at
- the default realm), and acquire a ticket granting ticket that can later
- be used to obtain tickets for other services.
-
- Supported options:
-
- -�-c�c _�c_�a_�c_�h_�e_�n_�a_�m_�e -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e_�n_�a_�m_�e
- The credentials cache to put the acquired ticket in, if other
- than default.
-
- -�-f�f -�--�-n�no�o-�-f�fo�or�rw�wa�ar�rd�da�ab�bl�le�e
- Get ticket that can be forwarded to another host, or if the nega-
- tive flags use, don't get a forwardable flag.
-
- -�-t�t _�k_�e_�y_�t_�a_�b_�n_�a_�m_�e, -�--�-k�ke�ey�yt�ta�ab�b=�=_�k_�e_�y_�t_�a_�b_�n_�a_�m_�e
- Don't ask for a password, but instead get the key from the speci-
- fied keytab.
-
- -�-l�l _�t_�i_�m_�e, -�--�-l�li�if�fe�et�ti�im�me�e=�=_�t_�i_�m_�e
- Specifies the lifetime of the ticket. The argument can either be
- in seconds, or a more human readable string like `1h'.
-
- -�-p�p, -�--�-p�pr�ro�ox�xi�ia�ab�bl�le�e
- Request tickets with the proxiable flag set.
-
- -�-R�R, -�--�-r�re�en�ne�ew�w
- Try to renew ticket. The ticket must have the `renewable' flag
- set, and must not be expired.
-
- -�--�-r�re�en�ne�ew�wa�ab�bl�le�e
- The same as -�--�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e, with an infinite time.
-
- -�-r�r _�t_�i_�m_�e, -�--�-r�re�en�ne�ew�wa�ab�bl�le�e-�-l�li�if�fe�e=�=_�t_�i_�m_�e
- The max renewable ticket life.
-
- -�-S�S _�p_�r_�i_�n_�c_�i_�p_�a_�l, -�--�-s�se�er�rv�ve�er�r=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l
- Get a ticket for a service other than krbtgt/LOCAL.REALM.
-
- -�-s�s _�t_�i_�m_�e, -�--�-s�st�ta�ar�rt�t-�-t�ti�im�me�e=�=_�t_�i_�m_�e
- Obtain a ticket that starts to be valid _�t_�i_�m_�e (which can really be
- a generic time specification, like `1h') seconds into the future.
-
- -�-k�k, -�--�-u�us�se�e-�-k�ke�ey�yt�ta�ab�b
- The same as -�--�-k�ke�ey�yt�ta�ab�b, but with the default keytab name (normally
- _�F_�I_�L_�E_�:_�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�k_�e_�y_�t_�a_�b).
-
- -�-v�v, -�--�-v�va�al�li�id�da�at�te�e
- Try to validate an invalid ticket.
-
- -�-e�e, -�--�-e�en�nc�ct�ty�yp�pe�es�s=�=_�e_�n_�c_�t_�y_�p_�e_�s
- Request tickets with this particular enctype.
-
- -�--�-p�pa�as�ss�sw�wo�or�rd�d-�-f�fi�il�le�e=�=_�f_�i_�l_�e_�n_�a_�m_�e
- read the password from the first line of _�f_�i_�l_�e_�n_�a_�m_�e. If the
- _�f_�i_�l_�e_�n_�a_�m_�e is _�S_�T_�D_�I_�N, the password will be read from the standard
- input.
-
- -�--�-f�fc�ca�ac�ch�he�e-�-v�ve�er�rs�si�io�on�n=�=_�v_�e_�r_�s_�i_�o_�n_�-_�n_�u_�m_�b_�e_�r
- Create a credentials cache of version _�v_�e_�r_�s_�i_�o_�n_�-_�n_�u_�m_�b_�e_�r.
-
- -�-a�a, -�--�-e�ex�xt�tr�ra�a-�-a�ad�dd�dr�re�es�ss�se�es�s=�=_�e_�n_�c_�t_�y_�p_�e_�s
- Adds a set of addresses that will, in addition to the systems
- local addresses, be put in the ticket. This can be useful if all
- addresses a client can use can't be automatically figured out.
- One such example is if the client is behind a firewall. Also
- settable via libdefaults/extra_addresses in krb5.conf(5).
-
- -�-A�A, -�--�-n�no�o-�-a�ad�dd�dr�re�es�ss�se�es�s
- Request a ticket with no addresses.
-
- -�--�-a�an�no�on�ny�ym�mo�ou�us�s
- Request an anonymous ticket (which means that the ticket will be
- issued to an anonymous principal, typically ``anonymous at REALM'').
-
- -�--�-e�en�nt�te�er�rp�pr�ri�is�se�e
- Parse principal as a enterprise (KRB5-NT-ENTERPRISE) name. Enter-
- prise names are email like principals that are stored in the name
- part of the principal, and since there are two @ characters the
- parser needs to know that the first is not a realm. An example
- of an enterprise name is ``lha at e.kth.se@KTH.SE'', and this option
- is usually used with canonicalize so that the principal returned
- from the KDC will typically be the real principal name.
-
- -�--�-a�af�fs�sl�lo�og�g
- Gets AFS tickets, converts them to version 4 format, and stores
- them in the kernel. Only useful if you have AFS.
-
- The _�f_�o_�r_�w_�a_�r_�d_�a_�b_�l_�e, _�p_�r_�o_�x_�i_�a_�b_�l_�e, _�t_�i_�c_�k_�e_�t_�__�l_�i_�f_�e, and _�r_�e_�n_�e_�w_�a_�b_�l_�e_�__�l_�i_�f_�e options can
- be set to a default value from the appdefaults section in krb5.conf, see
- krb5_appdefault(3).
-
- If a _�c_�o_�m_�m_�a_�n_�d is given, k�ki�in�ni�it�t will set up new credentials caches, and AFS
- PAG, and then run the given command. When it finishes the credentials
- will be removed.
-
-E�EN�NV�VI�IR�RO�ON�NM�ME�EN�NT�T
- KRB5CCNAME
- Specifies the default credentials cache.
-
- KRB5_CONFIG
- The file name of _�k_�r_�b_�5_�._�c_�o_�n_�f, the default being _�/_�e_�t_�c_�/_�k_�r_�b_�5_�._�c_�o_�n_�f.
-
- KRBTKFILE
- Specifies the Kerberos 4 ticket file to store version 4 tickets
- in.
-
-S�SE�EE�E A�AL�LS�SO�O
- kdestroy(1), klist(1), krb5_appdefault(3), krb5.conf(5)
-
-HEIMDAL April 25, 2006 HEIMDAL
Deleted: trunk/crypto/heimdal/kuser/klist.cat1
===================================================================
--- trunk/crypto/heimdal/kuser/klist.cat1 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/klist.cat1 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,90 +0,0 @@
-
-KLIST(1) BSD General Commands Manual KLIST(1)
-
-N�NA�AM�ME�E
- k�kl�li�is�st�t -- list Kerberos credentials
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kl�li�is�st�t [-�-c�c _�c_�a_�c_�h_�e | -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e] [-�-s�s | -�-t�t | -�--�-t�te�es�st�t] [-�-T�T | -�--�-t�to�ok�ke�en�ns�s]
- [-�-5�5 | -�--�-v�v5�5] [-�-v�v | -�--�-v�ve�er�rb�bo�os�se�e] [-�-l�l | -�--�-l�li�is�st�t-�-c�ca�ac�ch�he�es�s] [-�-f�f] [-�--�-v�ve�er�rs�si�io�on�n]
- [-�--�-h�he�el�lp�p]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kl�li�is�st�t reads and displays the current tickets in the credential cache
- (also known as the ticket file).
-
- Options supported:
-
- -�-c�c _�c_�a_�c_�h_�e, -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e
- credential cache to list
-
- -�-s�s, -�-t�t, -�--�-t�te�es�st�t
- Test for there being an active and valid TGT for the local realm
- of the user in the credential cache.
-
- -�-T�T, -�--�-t�to�ok�ke�en�ns�s
- display AFS tokens
-
- -�-5�5, -�--�-v�v5�5
- display v5 cred cache (this is the default)
-
- -�-f�f Include ticket flags in short form, each character stands for a
- specific flag, as follows:
- F forwardable
- f forwarded
- P proxiable
- p proxied
- D postdate-able
- d postdated
- R renewable
- I initial
- i invalid
- A pre-authenticated
- H hardware authenticated
-
- This information is also output with the -�--�-v�ve�er�rb�bo�os�se�e option, but in
- a more verbose way.
-
- -�-v�v, -�--�-v�ve�er�rb�bo�os�se�e
- Verbose output. Include all possible information:
-
- Server
- the principal the ticket is for
-
- Ticket etype
- the encryption type used in the ticket, followed by
- the key version of the ticket, if it is available
-
- Session key
- the encryption type of the session key, if it's dif-
- ferent from the encryption type of the ticket
-
- Auth time
- the time the authentication exchange took place
-
- Start time
- the time that this ticket is valid from (only printed
- if it's different from the auth time)
-
- End time
- when the ticket expires, if it has already expired
- this is also noted
-
- Renew till
- the maximum possible end time of any ticket derived
- from this one
-
- Ticket flags
- the flags set on the ticket
-
- Addresses
- the set of addresses from which this ticket is valid
-
- -�-l�l, -�--�-l�li�is�st�t-�-c�ca�ac�ch�he�es�s
- List the credential caches for the current users, not all cache
- types supports listing multiple caches.
-
-S�SE�EE�E A�AL�LS�SO�O
- kdestroy(1), kinit(1)
-
-HEIMDAL October 6, 2005 HEIMDAL
Deleted: trunk/crypto/heimdal/kuser/kswitch.cat1
===================================================================
--- trunk/crypto/heimdal/kuser/kswitch.cat1 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/kuser/kswitch.cat1 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,32 +0,0 @@
-
-KSWITCH(SECTION) LOCAL KSWITCH(SECTION)
-
-N�NA�AM�ME�E
- k�ks�sw�wi�it�tc�ch�h -- switch between default credential caches
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�ks�sw�wi�it�tc�ch�h [-�-t�t _�t_�y_�p_�e | -�--�-t�ty�yp�pe�e=�=_�t_�y_�p_�e] [-�-c�c _�c_�a_�c_�h_�e | -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e] [-�-p�p _�p_�r_�i_�n_�c_�i_�p_�a_�l
- | -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l] [-�-i�i | -�--�-i�in�nt�te�er�ra�ac�ct�ti�iv�ve�e] [-�--�-v�ve�er�rs�si�io�on�n]
- [-�--�-h�he�el�lp�p]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- Supported options:
-
- -�-t�t _�t_�y_�p_�e, -�--�-t�ty�yp�pe�e=�=_�t_�y_�p_�e
- type of credential cache
-
- -�-c�c _�c_�a_�c_�h_�e, -�--�-c�ca�ac�ch�he�e=�=_�c_�a_�c_�h_�e
- name of credential cache to switch to
-
- -�-p�p _�p_�r_�i_�n_�c_�i_�p_�a_�l, -�--�-p�pr�ri�in�nc�ci�ip�pa�al�l=�=_�p_�r_�i_�n_�c_�i_�p_�a_�l
- name of principal to switch to
-
- -�-i�i, -�--�-i�in�nt�te�er�ra�ac�ct�ti�iv�ve�e
- interactive switching between credentials.
-
- -�--�-v�ve�er�rs�si�io�on�n
- print version
-
- -�--�-h�he�el�lp�p
-
-OPERATING_SYSTEM Augusti 25, 2009 OPERATING_SYSTEM
Deleted: trunk/crypto/heimdal/tools/NTMakefile
===================================================================
--- trunk/crypto/heimdal/tools/NTMakefile 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/tools/NTMakefile 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,35 +0,0 @@
-########################################################################
-#
-# Copyright (c) 2009, Secure Endpoints Inc.
-# All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-#
-# - Redistributions of source code must retain the above copyright
-# notice, this list of conditions and the following disclaimer.
-#
-# - Redistributions in binary form must reproduce the above copyright
-# notice, this list of conditions and the following disclaimer in
-# the documentation and/or other materials provided with the
-# distribution.
-#
-# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
-# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-# COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
-# INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
-# BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
-# LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
-# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
-# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
-# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-# POSSIBILITY OF SUCH DAMAGE.
-#
-
-RELDIR=tools
-
-!include ../windows/NTMakefile.w32
-
Deleted: trunk/crypto/heimdal/tools/krb5-config.cat1
===================================================================
--- trunk/crypto/heimdal/tools/krb5-config.cat1 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/tools/krb5-config.cat1 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,52 +0,0 @@
-
-KRB5-CONFIG(1) BSD General Commands Manual KRB5-CONFIG(1)
-
-N�NA�AM�ME�E
- k�kr�rb�b5�5-�-c�co�on�nf�fi�ig�g -- give information on how to link code against Heimdal
- libraries
-
-S�SY�YN�NO�OP�PS�SI�IS�S
- k�kr�rb�b5�5-�-c�co�on�nf�fi�ig�g [-�--�-p�pr�re�ef�fi�ix�x[=_�d_�i_�r]] [-�--�-e�ex�xe�ec�c-�-p�pr�re�ef�fi�ix�x[=_�d_�i_�r]] [-�--�-l�li�ib�bs�s] [-�--�-c�cf�fl�la�ag�gs�s]
- [_�l_�i_�b_�r_�a_�r_�i_�e_�s]
-
-D�DE�ES�SC�CR�RI�IP�PT�TI�IO�ON�N
- k�kr�rb�b5�5-�-c�co�on�nf�fi�ig�g tells the application programmer what special flags to use to
- compile and link programs against the libraries installed by Heimdal.
-
- Options supported:
-
- -�--�-p�pr�re�ef�fi�ix�x[=_�d_�i_�r]
- Print the prefix if no _�d_�i_�r is specified, otherwise set prefix to
- _�d_�i_�r.
-
- -�--�-e�ex�xe�ec�c-�-p�pr�re�ef�fi�ix�x[=_�d_�i_�r]
- Print the exec-prefix if no _�d_�i_�r is specified, otherwise set exec-
- prefix to _�d_�i_�r.
-
- -�--�-l�li�ib�bs�s Output the set of libraries that should be linked against.
-
- -�--�-c�cf�fl�la�ag�gs�s
- Output the set of flags to give to the C compiler when using the
- Heimdal libraries.
-
- By default k�kr�rb�b5�5-�-c�co�on�nf�fi�ig�g will output the set of flags and libraries to be
- used by a normal program using the krb5 API. The user can also supply a
- library to be used, the supported ones are:
-
- krb5 (the default)
-
- gssapi use the krb5 gssapi mechanism
-
- kadm-client
- use the client-side kadmin libraries
-
- kadm-server
- use the server-side kadmin libraries
-
-S�SE�EE�E A�AL�LS�SO�O
- cc(1)
-
-H�HI�IS�ST�TO�OR�RY�Y
- k�kr�rb�b5�5-�-c�co�on�nf�fi�ig�g appeared in Heimdal 0.3d.
-
-HEIMDAL November 30, 2000 HEIMDAL
Modified: trunk/crypto/heimdal/tools/krb5-config.in
===================================================================
--- trunk/crypto/heimdal/tools/krb5-config.in 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/tools/krb5-config.in 2015-07-26 21:50:20 UTC (rev 7171)
@@ -123,7 +123,7 @@
lib_flags="-L${libdir}"
case $library in
gssapi)
- lib_flags="$lib_flags -lgssapi -lheimntlm"
+ lib_flags="$lib_flags -lgssapi -lgssapi_krb5 -lheimntlm"
;;
kadm-client)
lib_flags="$lib_flags -lkadm5clnt"
Deleted: trunk/crypto/heimdal/ylwrap
===================================================================
--- trunk/crypto/heimdal/ylwrap 2015-07-26 19:25:24 UTC (rev 7170)
+++ trunk/crypto/heimdal/ylwrap 2015-07-26 21:50:20 UTC (rev 7171)
@@ -1,222 +0,0 @@
-#! /bin/sh
-# ylwrap - wrapper for lex/yacc invocations.
-
-scriptversion=2009-04-28.21; # UTC
-
-# Copyright (C) 1996, 1997, 1998, 1999, 2001, 2002, 2003, 2004, 2005,
-# 2007, 2009 Free Software Foundation, Inc.
-#
-# Written by Tom Tromey <tromey at cygnus.com>.
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; either version 2, or (at your option)
-# any later version.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
-
-# As a special exception to the GNU General Public License, if you
-# distribute this file as part of a program that contains a
-# configuration script generated by Autoconf, you may include it under
-# the same distribution terms that you use for the rest of that program.
-
-# This file is maintained in Automake, please report
-# bugs to <bug-automake at gnu.org> or send patches to
-# <automake-patches at gnu.org>.
-
-case "$1" in
- '')
- echo "$0: No files given. Try \`$0 --help' for more information." 1>&2
- exit 1
- ;;
- --basedir)
- basedir=$2
- shift 2
- ;;
- -h|--h*)
- cat <<\EOF
-Usage: ylwrap [--help|--version] INPUT [OUTPUT DESIRED]... -- PROGRAM [ARGS]...
-
-Wrapper for lex/yacc invocations, renaming files as desired.
-
- INPUT is the input file
- OUTPUT is one file PROG generates
- DESIRED is the file we actually want instead of OUTPUT
- PROGRAM is program to run
- ARGS are passed to PROG
-
-Any number of OUTPUT,DESIRED pairs may be used.
-
-Report bugs to <bug-automake at gnu.org>.
-EOF
- exit $?
- ;;
- -v|--v*)
- echo "ylwrap $scriptversion"
- exit $?
- ;;
-esac
-
-
-# The input.
-input="$1"
-shift
-case "$input" in
- [\\/]* | ?:[\\/]*)
- # Absolute path; do nothing.
- ;;
- *)
- # Relative path. Make it absolute.
- input="`pwd`/$input"
- ;;
-esac
-
-pairlist=
-while test "$#" -ne 0; do
- if test "$1" = "--"; then
- shift
- break
- fi
- pairlist="$pairlist $1"
- shift
-done
-
-# The program to run.
-prog="$1"
-shift
-# Make any relative path in $prog absolute.
-case "$prog" in
- [\\/]* | ?:[\\/]*) ;;
- *[\\/]*) prog="`pwd`/$prog" ;;
-esac
-
-# FIXME: add hostname here for parallel makes that run commands on
-# other machines. But that might take us over the 14-char limit.
-dirname=ylwrap$$
-trap "cd '`pwd`'; rm -rf $dirname > /dev/null 2>&1" 1 2 3 15
-mkdir $dirname || exit 1
-
-cd $dirname
-
-case $# in
- 0) "$prog" "$input" ;;
- *) "$prog" "$@" "$input" ;;
-esac
-ret=$?
-
-if test $ret -eq 0; then
- set X $pairlist
- shift
- first=yes
- # Since DOS filename conventions don't allow two dots,
- # the DOS version of Bison writes out y_tab.c instead of y.tab.c
- # and y_tab.h instead of y.tab.h. Test to see if this is the case.
- y_tab_nodot="no"
- if test -f y_tab.c || test -f y_tab.h; then
- y_tab_nodot="yes"
- fi
-
- # The directory holding the input.
- input_dir=`echo "$input" | sed -e 's,\([\\/]\)[^\\/]*$,\1,'`
- # Quote $INPUT_DIR so we can use it in a regexp.
- # FIXME: really we should care about more than `.' and `\'.
- input_rx=`echo "$input_dir" | sed 's,\\\\,\\\\\\\\,g;s,\\.,\\\\.,g'`
-
- while test "$#" -ne 0; do
- from="$1"
- # Handle y_tab.c and y_tab.h output by DOS
- if test $y_tab_nodot = "yes"; then
- if test $from = "y.tab.c"; then
- from="y_tab.c"
- else
- if test $from = "y.tab.h"; then
- from="y_tab.h"
- fi
- fi
- fi
- if test -f "$from"; then
- # If $2 is an absolute path name, then just use that,
- # otherwise prepend `../'.
- case "$2" in
- [\\/]* | ?:[\\/]*) target="$2";;
- *) target="../$2";;
- esac
-
- # We do not want to overwrite a header file if it hasn't
- # changed. This avoid useless recompilations. However the
- # parser itself (the first file) should always be updated,
- # because it is the destination of the .y.c rule in the
- # Makefile. Divert the output of all other files to a temporary
- # file so we can compare them to existing versions.
- if test $first = no; then
- realtarget="$target"
- target="tmp-`echo $target | sed s/.*[\\/]//g`"
- fi
- # Edit out `#line' or `#' directives.
- #
- # We don't want the resulting debug information to point at
- # an absolute srcdir; it is better for it to just mention the
- # .y file with no path.
- #
- # We want to use the real output file name, not yy.lex.c for
- # instance.
- #
- # We want the include guards to be adjusted too.
- FROM=`echo "$from" | sed \
- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'\
- -e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g'`
- TARGET=`echo "$2" | sed \
- -e 'y/abcdefghijklmnopqrstuvwxyz/ABCDEFGHIJKLMNOPQRSTUVWXYZ/'\
- -e 's/[^ABCDEFGHIJKLMNOPQRSTUVWXYZ]/_/g'`
-
- sed -e "/^#/!b" -e "s,$input_rx,," -e "s,$from,$2," \
- -e "s,$FROM,$TARGET," "$from" >"$target" || ret=$?
-
- # Check whether header files must be updated.
- if test $first = no; then
- if test -f "$realtarget" && cmp -s "$realtarget" "$target"; then
- echo "$2" is unchanged
- rm -f "$target"
- else
- echo updating "$2"
- mv -f "$target" "$realtarget"
- fi
- fi
- else
- # A missing file is only an error for the first file. This
- # is a blatant hack to let us support using "yacc -d". If -d
- # is not specified, we don't want an error when the header
- # file is "missing".
- if test $first = yes; then
- ret=1
- fi
- fi
- shift
- shift
- first=no
- done
-else
- ret=$?
-fi
-
-# Remove the directory.
-cd ..
-rm -rf $dirname
-
-exit $ret
-
-# Local Variables:
-# mode: shell-script
-# sh-indentation: 2
-# eval: (add-hook 'write-file-hooks 'time-stamp)
-# time-stamp-start: "scriptversion="
-# time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-time-zone: "UTC"
-# time-stamp-end: "; # UTC"
-# End:
More information about the Midnightbsd-cvs
mailing list